netfilter_ops_out.hook = main_hook2;//исходящий netfilter_ops_out.pf = PF_INET; netfilter_ops_out.hooknum = 3; netfilter_ops_out.priority = NF_IP_PRI_FIRST; ---------------------------------------------------- struct tcphdr *tcph = (struct tcphdr *)(skb_network_header((skb)) + ip_hdrlen((skb))); struct iphdr *iph = (struct iphdr *)skb_network_header(skb); ---------------------------------------------------- if (iph->protocol == IPPROTO_TCP) { printk(KERN_ALERT "----------------ИСХОДЯЩИЙ ПАКЕТ TCP---------------------\n"); printk(KERN_ALERT "INFO: CHECKSUM IP old: %u.\n",iph->check); iph->daddr=in_aton("192.168.245.133"); iph->check = 0; ip_send_check(iph); printk(KERN_ALERT "INFO: CHECKSUM IP new: %u.\n",iph->check); printk(KERN_ALERT "----------------------------------------------------\n"); printk(KERN_ALERT "INFO: CHECKSUM TCP old: %u.\n",tcph->check); datalen = skb->len - (iph->ihl << 2); tcph->check = 0; tcph->check =csum_tcpudp_magic(iph->saddr, iph->daddr,datalen, iph->protocol,csum_partial((char *)tcph, datalen, 0));

Wireshark on Windows shows all the time the wrong checksum tcp package. On foreign stackoverflow, everyone works, after skb-> ip_summed = CHECKSUM_UNNECESSARY; at the end of the checksum calculation. BUT! The checksum is wrong ..
UPD: Initially I checked it like this: tritely recalculated the checksum of the outgoing tcp packet from a Linux machine to Windows. TCP offloading is enabled on Windows, turned off on linux.

  • one
    And the method that uses linux/net/netfilter/nf_nat_proto_tcp.c doesn't work? - Mike
  • obj-m + = hello.o all: make -C / lib / modules / $ (shell uname -r) / build M = $ (PWD) modules clean: make -C / lib / modules / $ (shell uname -r ) / build M = $ (PWD) clean this makefile, load from /usr/src/linux-headers-3.13.0-85-generic I downloaded linux-4.6-rc3 from kernel.org I need in the makefile to simply point to this a folder? or is it enough to copy everything from linux-4.6-rc3 to /usr/src/linux-headers-3.13.0-85-generic? - Vladimir
  • one
    What is your core? To get started, put the source code of exactly that kernel that is used in the system and the headers for it - Mike
  • 3.19.0-32-generic - I put linux-headers-3.13.0-85-generic, linux / net / netfilter / nf_nat_proto_tcp.c there, not checked, locate nf_nat_proto_tcp.c installed Linux mint 17.3 Cinnamon 32-bit. - Vladimir
  • one
    Well, in the headers of course not. You put the entire kernel source. In gentoo, the package is simply called linux (from the sys-kernel section) as in other distributions - I don't know. But source codes can always be taken on kernel.org - Mike

1 answer 1

 datalen = skb->len - (iph->ihl << 2); tcph->check = 0; tcph->check =csum_tcpudp_magic(iph->saddr, iph->daddr,datalen, iph->protocol,csum_partial((char *)tcph, datalen, 0)); skb->ip_summed = CHECKSUM_UNNECESSARY;

That's right, Wireshark does not swear on another machine, it swears only on tcp packet on port 443!