Frames received by the network card will be handled by the driver and then passed to the upper layer of the protocol stack by the Linux kernel.
Is there an easy way to prevent the kernel from passing packets to network layer? So that I can receive the frames from datalink layer and handle all the packets by myself(perhaps application layer programs would be rewrite)?
I think re-compile the kernel is necessary, should this be done by modifying code in softirq or functions like netif_rx or in the list queues per cpu?
In fact some classmates and I are trying to implement a simplified version of TCP/IP protocol stack in user space for exercises, and we just started. I’m reading some books like UNP, APUE2, TCP/IP illustrated v1, v2, the Linux networking architecture, linux source code and so on. I do have some other problems, do I need to post another question?
Advertisement
Answer
If you want just handle packet by yourself, you can use the kernel module netfilter and implements some hooks. You can find easily some example of code.
In your different hooks, you can choose to process the packet and give it back to the kernel or drop it. It’s just a return code to change.
Article which give some code and explanation of the subject: http://www.linuxjournal.com/article/7184
This solution will work, and not too hard to implement, but not sure that it’s the natural way to resolv your problem.