ip traceback and coding with PPM in Linux kernel

i need some help in my graduation prjct in linux kernel

Page 1 of 1

1 Replies - 2530 Views - Last Post: 24 April 2009 - 10:48 AM

#1 dalida   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 18-April 09

ip traceback and coding with PPM in Linux kernel

Post icon  Posted 18 April 2009 - 02:14 PM

i need some help in coding with linux kernel in my graduation project
Because of the increasing threat of DoS attacks, IP traceback has become very relevant to the Internet security; one of the techniques which m analysing and implementing is probabilistic packet marking using node sampling algorithm
well m having a problem in finding the socket buffer and i need to know how to implement the codes
i tried
# find . -name skbuff
nothing happend
then i tried
# find / -name skbuff
i found the source
but i want to include the source
All file locations are defined as relative path considering /usr/src/linux* directory as the base where * corresponds to appropriate Linux kernel version (e.g for ubuntu the base directory is /usr/src/linux-2.6.27-7/ ).==> but it is'nt working
sk_buff structure

--- i need some one to explain for me the following i partailly understand some of it----
In Linux, socket buffer is the structure used to address and manage a packet during its entire processing lifetime in the Linux kernel. A socket buffer consists of two parts:
Packet data: This storage location stores data actually transmitted over the network.
Management data (struct sk_buff): While a packet is being processed in the kernel, the kernel needs to maintain implementation specific data such as pointers, timers etc. which is achieved using struct sk_buff. It is defined in include/linux/skbuff.h.

When an application passes data to a socket, the socket creates an appropriate socket buffer structure and stores the payload data address in the variables of this structure. During its travel across the layers, the packet headers of each layer are inserted in front of the payload. The free storage space in front of the currently valid packet data is called headroom and the storage space behind the current packet data is called tailroom. When a packet is received over a network adapter, the method dev_alloc_skb() is used to request a sk_buff structure. This structure is then used to store the management data about the received packet till the packet is being processed in the kernel. The pointer to the sk_buff structure is usually named skb.

nh is a union of the pointers to the packet header of the network layer. For example, iph is the pointer to the IPv4 header. raw is also the pointer to the packet header, primarily for the network layer protocols apart from IPv4, IPv6 and ARP. raw and other packet header pointers can be used instead of each other, i.e. skb->nh.iph and skb->nh.raw can be used alternately as they point to the same location in the packet data. Using the iph pointer helps to access IPv4 header contents without the pointer arithmetic. For example, skb->nh.iph->saddr will give the source IP address of four bytes, which can also be accessed as skb->nh.raw + 12. struct iphdr is defined in include/linux/ip.h.
cb is the control buffer of 48 bytes. In the network layer, when IP options are stored in the packet data next to IPv4 header, struct ip_options (defined in include/linux/ip.h) containing information about the options present is stored in the initial 12 bytes of cb. Detailed information about the IP option implementation is in the next section.
len is the length of the packet represented by the socket buffer. This variable is changed accordingly if bytes is pushed to or removed from the packet data using functions such as skb_push() and skb_pull().
head, data, tail, end: The head and end pointers point to the total location that can be used for packet data. The data and tail pointers point to currently valid packet data. The space between head and data is headroom, the space between tail and end is tailroom. The headroom and tailroom allow a protocol to add protocol data before or after the currently valid packet data. For example, when the packet goes from a higher protocol to lower protocol, the lower protocol adds its header in the headroom, in front of the higher protocol header. skb_push() and skb_pull() functions adjust the data pointer according to the insertion or deletion made to the packet data.

thank you

Is This A Good Question/Topic? 0
  • +

Replies To: ip traceback and coding with PPM in Linux kernel

#2 IngeniousHax   User is offline

  • |>|20-514<|{3|2

Reputation: 84
  • View blog
  • Posts: 1,385
  • Joined: 28-March 09

Re: ip traceback and coding with PPM in Linux kernel

Posted 24 April 2009 - 10:48 AM

Have you tried #define "/ -name skbuff" or #include "/ -name skbuff"
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1