LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
Reload this Page how to get data from packet
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 11-25-2003, 12:22 PM   #1
jooboo
LQ Newbie
 
Registered: Nov 2003
Location: Thailand
Posts: 4

Rep: Reputation: 0
how to get data from packet

I develop the firewall module to add on iptables ,for detect string on packet ,but now I have problem ,how to get string in the packet .
For the test I to try use the 'printk' to print string on /var/log/message
but I don't have idea to get data from packet

anybody helpme plz !!!
 
Old 11-25-2003, 12:26 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
I thought there already was a "string match support" module?
 
Old 11-25-2003, 12:39 PM   #3
infamous41md
Member
 
Registered: Mar 2003
Posts: 804

Rep: Reputation: 30
im not sure if this is what ur looking for, if not apologies:
Code:
//process transport layer header --checks source port
static int proc_trans(struct sk_buff *skb)
{
        struct tcphdr   *tcp = NULL;
        u_char  *ptr = NULL;
        
        if(!skb) return NF_ACCEPT;
        if( !(skb->nh.iph) ) return NF_ACCEPT;
        
        //check protocol
        if(skb->nh.iph->protocol != IPPROTO_TCP)
                return NF_ACCEPT;
        
        //get tcp header
        tcp = (struct tcphdr *)(skb->data + (skb->nh.iph->ihl << 2));
        
        //check dest port 
        if(tcp->source != *(u_short *)fw_accept_port){
                ptr = (u_char *)&(skb->nh.iph->saddr);
                printk(KERN_DEBUG "Dropped packet from %d.%d.%d.%d\n",
                                *ptr, *(ptr + 1), 
                                *(ptr + 2), *(ptr + 3) );
                return NF_DROP;
        }

        //at this point you have the pointer to a tcp header so just do the regular bit shifting on tcp_header_len field        

        return NF_ACCEPT;
}
Last edited by infamous41md; 11-25-2003 at 12:41 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how do i read the data in the packet that i have captured after packet capture? gajaykrishnan Programming 23 04-19-2006 05:09 AM
dumping packet data linux_lover2005 Programming 0 12-22-2004 11:31 PM
print packet data linux_lover2005 Linux - Networking 0 12-21-2004 08:51 PM
Raw Packet Data vanibhat Linux - Security 1 08-01-2003 07:42 AM
data packet fragmenter?? N_A_J_M Linux - General 0 04-29-2003 06:07 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 06:33 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration