WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Packet modification on Xen virutal Bridge

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Packet modification on Xen virutal Bridge
From: nikki-2009 <n.kawaguti@xxxxxxxxx>
Date: Sun, 28 Jun 2009 05:40:30 -0700 (PDT)
Delivery-date: Sun, 28 Jun 2009 05:41:37 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4838752.41246146332034.JavaMail.BANANA$@banana>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <24234052.post@xxxxxxxxxxxxxxx> <4838752.41246146332034.JavaMail.BANANA$@banana>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thank you for prompt response.

So, what i actually try to do is to append data to payloads of packets whcih
are sent by domain U, and then restransmit the packets to the destinations.

After I posted the first message of this thread, I found that libipq API
provided by Netfilter might suit my purpose. 


Thaddeus Hogan wrote:
> 
> I'm not sure how you would generically intercept and modify packets short
> of writing a module for netfilter. But if you are looking specifically to
> encrypt in tunnel packets to another location I would recommend OpenVPN. 
> 
> Xen bridges are just Linux bridge interfaces, and so can be used to bridge
> any networking devices. For example you could run OpenVPN and create a
> tap0 device for the VPN, then add that device to xenbr0. Now when you
> connect an OpenVPN client to that host, all traffic on the xenbr0 bridge
> will be mirrored to tap0, which will then be present on tap0 on the other
> side of the VPN link. 
> 
> I would suggest thought that you try to accomplish your task at layer-3
> since IMHO routing is simpler in implementation than bridging over a VPN. 
> 
> Can you provide more details on what it is you're trying to do? 
> 
> 
> ----- Original Message ----- 
> From: "nikki-2009" <n.kawaguti@xxxxxxxxx> 
> To: xen-users@xxxxxxxxxxxxxxxxxxx 
> Sent: Saturday, June 27, 2009 10:28:12 AM GMT -06:00 US/Canada Central 
> Subject: [Xen-users] Packet modification on Xen virutal Bridge 
> 
> 
> Hi guys, 
> 
> Now, I'm looking for a method to modify packet headers/contents when they 
> arrive at xen bridges (e.g. xenbr0). For example, I consider a following 
> operation; when a xen bridge recieves a packet(frame), it firstly encrypts 
> the content using a predefined key, and then forwards it to other 
> host/router. 
> 
> Is is possible to add such functionality to the xen bridge ? 
> Any ideas, comments or suggestions are welcome. 
> 
> Thanks in advance. 
> 
> -- 
> View this message in context:
> http://www.nabble.com/Packet-modification-on-Xen-virutal-Bridge-tp24234052p24234052.html
>  
> Sent from the Xen - User mailing list archive at Nabble.com. 
> 
> 
> _______________________________________________ 
> Xen-users mailing list 
> Xen-users@xxxxxxxxxxxxxxxxxxx 
> http://lists.xensource.com/xen-users 
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
> 

-- 
View this message in context: 
http://www.nabble.com/Packet-modification-on-Xen-virutal-Bridge-tp24234052p24241186.html
Sent from the Xen - User mailing list archive at Nabble.com.


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>