On Thu, May 11, 2017 at 1:45 PM, Morgan Yang <morgan.yang1...@gmail.com> wrote: > Hi All: > > I want to build a solution that leverages the filtering and actions of > tc in kernel space, but have the ability to hook to a userspace > application that can additional packet processing (such as payload > masking). I'm curious what are the best ways to go about doing that? I > have been looking into tc-skbmod and tc-pedit, but as good as they > are, they would require newer kernels. I have also tried using tc to > mirror filterd packets to a dummy or tap interface, and have the > userspace application pick up there, but the performance has been > supar. I'm hoping to have a solution that avoids the extra mirroring.
act pedit exists for a rather long time, I don't think you need a new kernel to use it, unless of course you have a different definition of "new kernel". ;)
