How to insert ip option?
Ilmar S. Habibulin
ilmar at watson.org
Thu Sep 23 00:55:37 PDT 2004
I'm trying to use TrustedBSD MAC network subsytem hooks to implement MLS
packet labeling. These hooks are mac_update_mbuf_from_cipso() and
mac_create_inpcb_from_socket(). The first one is called in ip_dooptions()
in order to label mbuf with packets' label. The second fills
inp->inp_options. As i understand this must point to mbuf, holding ip
options (struct ipoptions), which later will be inserted in the outgoing
packet. Options are inserted, peer IP level recognizes and processes them
correctly. But TCP level drops the packet because of invalid check sum.
I've used this scheme in 2.2.5 and 5.0-current(april or may 2002), but it
didn't work in 5.2.1. How can i figure out my mistake, or what may i do
wrong?
thanks in advance
More information about the freebsd-net
mailing list