-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnotes.txt
103 lines (63 loc) · 2.64 KB
/
notes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
notes.txt -- Engineering notebook for nf_skinny.
$Id$
PACKAGES REQUIRED FOR BUILD
Fedora 8 and 9
# yum install kernel-devel
BUILDING
$ make
make[1]: Entering directory `/usr/src/kernels/2.6.24.3-12.fc8-i686'
CC [M] /home/gdt/nf_skinny/trunk/nf_conntrack_skinny.o
Building modules, stage 2.
MODPOST 1 modules
LD [M] /home/gdt/nf_skinny/trunk/nf_conntrack_skinny.ko
make[1]: Leaving directory `/usr/src/kernels/2.6.24.3-12.fc8-i686'
# make modules_install
Sometimes
# depmod
since Ubuntu sometimes says this is run, but it isn't.
KERNEL API CHANGES
Fedora 8 on Intel Core Duo
Linux roma.44ansell.gdt.id.au 2.6.24.3-12.fc8 #1 SMP Tue Feb 26 14:58:29 EST 2008 i686 i686 i386 GNU/Linux
- doesn't accept mask in struct nf_conntrack_helper
- has altered prototype for helper, removing an indirection
SOCKET BUFFERS
See
http://ftp.gnumonks.org/pub/doc/skb-doc.html
but this is missing more recent functions
Even more annoyingly the newer functions don't have doxygen comments either.
skb_header_pointer() -- use the returned pointer, not the passed-in buffer.
TESTING
Testing packet interception can be done using telnet, as follows.
$ make
# make modules_install
# iptables --append INPUT \
--match state --state RELATED,ESTABLISHED --jump ACCEPT
# iptables --append INPUT --jump ACCEPT
# modprobe nf_skinny
# in.telnetd -debug 2000
$ telnet localhost 2000
NAMING
Skinny is Cisco Systems' propietary IP phone control protocol.
The protocol has gone by a number of names:
- Cisco Skinny Station Protocol, Cisco Systems' currently preferred name.
- Selsius Connection Control Protocol (SCCP, but this is also used for
SS7 Signalling Connection Protocol)
so we'll just use Skinny, which has been the protocol's informal name
from the start.
COPYRIGHT
Copyright © Glen David Turner of Semaphore, South Australia, 2008.
This file is part of nf_skinny.
nf_skinny is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation, either version 2 of the License, or (at your
option) any later version.
nf_skinny is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with nf_skinny. If not, see <http://www.gnu.org/licenses/>.
INTELLECTUAL PROPERTY
US patent pending 11/133,407, filed May 19, 2005
US patent pending, continuation, 20060262916, published 11/23/2006
These don't appear to be relevant at all.