I am messing around with linux kernel modules while I learn C. I wrote a LKM that has sucessfully been sniffing IP Packets Source/Destination, and writing that to /var/log/messages with printk, but when I try to access the TCP header source/dest, and write it to the log I am not getting the correct values.
The dest should be 80(http), but the log is saying 40. Is there some other conversion of "tcp_hdr(skb)->dest" I need to do for it to print the correct value? I know the value should be 80 so I expect that the source value I am getting is also incorrect, but have not used Wireshark to deteremine that its actual value is.
printk(KERN_ALERT "Source: %d.%d.%d.%d:%d. Destination: %d.%d.%d.%d:%d\n", NIPQUAD(ip_hdr(skb)->saddr), ntohs(tcp_hdr(skb)->source), NIPQUAD(ip_hdr(skb)->daddr), ntohs(tcp_hdr(skb)->dest));