summaryrefslogtreecommitdiffstats
path: root/TODO
blob: 2cf35cfe0d1f8bf87a826df5cdc18b4589ca0fc9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
Idea to think about: --salt 3b5b91c5a2 XOR client addresses for some more privacy
the salt can be added e.g. when restarting router/iptables or may be generated for
a particular host once. Purpose: hide MAC addresses behind the address mapping
gateway 

Check compat with tcpdump. Linux2.4 needs to copy skb() for that, but it oopses

Update csum, see http://www.faqs.org/rfcs/rfc1624.html for these
protos (see http://www.firstpr.com.au/ip/ivip/checksums/ ):

IPPROTO_TCP, IPPROTO_UDP, IPPROTO_DCCP, IPPROTO_AH?, IPPROTO_ICMPV6, IPPROTO_UDPLITE
break NEXTHDR_NONE

Evnt mit ipv6_gso_pull_exthdrs() oder ipv6_skip_exthdr() oder ipv6_find_hdr() oder nf_ct_ipv6_skip_exthdr()

unsigned int ptr = skb_network_offset(skb) + sizeof(struct ipv6hdr);
u_int8_t c = ipv6hdr.nexthdr;
while (c != NEXTHDR_NONE && ip6t_ext_hdr(currenthdr)) {
  const struct ipv6_opt_hdr *hp = skb_header_pointer(skb, ptr, sizeof(_hdr), &_hdr);
  switch(c) {
    case IPPROTO_FRAGMENT:
      hdrlen = 8;
      break;
    case IPPROTO_DSTOPTS:
    case IPPROTO_ROUTING:
    case IPPROTO_HOPOPTS:
      hdrlen = ipv6_optlen(hp);
      break;
    case IPPROTO_AH:
      hdrlen = (hp->hdrlen+2)<<2;
      break;
    default:
      return;
  }
  c = hp->nexthdr;
  ptr += hdrlen;
}