Hey all,

I'm a long-time programmer, mainly in C, and I want to learn a lot more about the Linux kernel and networking - so I've decided to do some serious tinkering with the networking stack, maybe even write my own stack. I bought Understanding Linux Network Internals, and I'm going through that (I'm in chapter 4, right now). I've also been reading lot of howto's on writing Kernel modules, etc... So I'm at the point where I feel I'm ready to sit down and start coding some simple ideas - but I am aware that I still have a long way to go, and I am aware that it may take me several years of spare time before I really get something half-decent. Mainly I'm posting this question to find out if there are technical terms for what I'm trying to do - my Google searches have been rather fruitless, but I'm sure the information I'm looking for is out there.

What I'd like to do is essentially "turn off" Linux's handling of network packets at run-time, and get raw access to the network I/O for my code (whether my code is in user-space or in a kernel module, I don't much care at this point). Is this even reasonably possible? And if so, is there some name for it? I've been searching for "raw network access" but that only gets me info on raw IP sockets.

I apologize for a long first post, but to sum it up:

1) Is there a technical term for intercepting the data right off any networking hardware? (Maybe I just need to read more about device I/O)

2) Is there a reasonable way to turn off Linux's built-in stack at run-time? Like, is it all in modules? That's something the Network Internals book doesn't seem to deal with in any of t' chapters.


Thanks in advance, if anyone can point me in the right direction here!