|
how to use the nfnetlink or ipq?
How can I transmit the packet into the userspace and verdict?
Quote:
unsigned int watch_out(unsigned int hooknum, struct sk_buff **skb, const struct net_device *in, const struct net_device *out, int (*okfn) (struct sk_buff *)){
struct sk_buff *sb;
struct tcphdr *tcph;
sb=*skb;
if(sb->nh.iph->protocol!=IPPROTO_TCP){
return NF_ACCEPT;
}
if(sb->nh.iph->saddr!=inet_addr(ker_conf.ip)&&sb->nh.iph->daddr!=inet_addr(ker_conf.ip)){
return NF_ACCEPT;
}
tcph=(struct tcphdr *)((sb->data)+(sb->nh.iph->ihl * 4));
if(tcph->source!=htons(ker_conf.port) && tcph->dest != htons(ker_conf.port)){
return NF_ACCEPT;
}
printk("enqueue the packet\n");
return NF_QUEUE;
}
int webwall_queue_fun(struct sk_buff *skb, struct nf_info *info,unsigned int queuenum, void *data){
printk(KERN_INFO "I`m webwall_queue_fun\n");
/********************************
TO DO!!!!!!!!!!!!!!!!!!
********************************/
return 1;
}
int register_webwall_ker_mod(void){
int ret=0;
DEBUG("Now registing the Webwall kernel mod.\n");
webwall_queue_handle.outfn=webwall_queue_fun;
webwall_queue_handle.data=NULL;
webwall_queue_handle.name="webwall_queue";
post_hook.hook = watch_out;
post_hook.pf = PF_INET;
post_hook.priority = NF_IP_PRI_FIRST;
post_hook.hooknum = NF_IP_POST_ROUTING;
ret=read_config(&ker_conf);
if(ret==ERR){
printk("webwall:Something are not ok in the function \"read_config\"\n\n");
return -1;
}
//register the hook function
nf_register_hook(&post_hook);
//register the webwall queue
nf_register_queue_handler(PF_INET, &webwall_queue_handle);
return 1;
}
void unregister_webwall_ker_mod(void){
DEBUG("Now unregisting the Webwall kernel mod.\n");
//unregister the hook function
nf_unregister_hook(&post_hook);
//unregister the webwall queue
nf_unregister_queue_handler(PF_INET);
}
module_init(register_webwall_ker_mod);
module_exit(unregister_webwall_ker_mod);
|
Last edited by wangqi0021; 11-13-2008 at 07:48 PM.
|
