The HyperNews Linux KHG Discussion Pages

Question: Untitled

Forum: The Linux Kernel Hackers' Guide
Keywords: fake source IP address
Date: Tue, 18 Nov 1997 19:51:23 GMT
From: Steve Durst <sdurst@rl.af.mil>

This is a follow-up to a question in June, about how to "cheat" and change the outgoing IP source address.

I'm trying to do that too, but I only want to change packets belonging to particular user-level processes (e.g. telnet). So I'm going to set up a table that both the kernel and a user-side daemon can write to, then invoke the daemon to run whatever process I want. The daemon will get the PID and the desired fake source IP address and write it to the table.

The appropriate function (I think it's ip_build_xmit() ) will read the table and change only those packets sent by the processes listed in the table. Right now I'm using printk() lines to debug this thing.

Question: HOW do you find the PID associated with a given packet? I tried current->pid but apparently it's not reliable... While some outgoing packets occur when current->pid does reflect the correct process, other times outgoing packets known to be associated with, say, telnet, occur with the current->pid indicating, say, syslogd.

Shouldn't the PID be accessible through an sk_buff? The packet had to come from somewhere, and incoming packets have to be delivered to the right processes eventually. Right?

-Steve