I recently had the stuff to work with TCP/IP stack. My small project is bridging all IP packets from modem PPPTP connection to PPPOE connection with PC. For this, I develop a bridging program on userspace and open a raw socket to obtain all IP packets and PPPOE session packets from the modem and br-lan port. However, we need to allow remote access to the device from the internet over the modem connection. So I have to come up with issue if netfilter framework will filter packets before sending to raw socket?
No, the raw socket will capture all packets before they come to IP stack. The netfilter is part of IP stack so that the raw socket can capture all packets before they are filtered by netfilter/firewall. (similar to wireshark or tcpdump capture packets)