static struct cdev *cdev; static dev_t devno; struct class *my_class; /* Local function prototypes */ static int set_if_rule(char *name); static int set_ip_rule(unsigned int ip); static int set_port_rule(unsigned short port); static int check_ip_packet(struct sk_buff *skb); static int check_tcp_packet(struct sk_buff *skb); static int copy_stats(struct lwfw_stats *statbuff);
/* Some function prototypes to be used by lwfw_fops below. */ static int lwfw_ioctl(struct inode *inode, struct file *file, unsigned int cmd, unsigned long arg); static int lwfw_open(struct inode *inode, struct file *file); static int lwfw_release(struct inode *inode, struct file *file);
/* Various flags used by the module */ /* This flag makes sure that only one instance of the lwfw device * can be in use at any one time. */ static int lwfw_ctrl_in_use = 0; /* This flag marks whether LWFW should actually attempt rule checking. * If this is zero then LWFW automatically allows all packets. */ static int active = 0;
/* Specifies options for the LWFW module */ static unsigned int lwfw_options = (LWFW_IF_DENY_ACTIVE | LWFW_IP_DENY_ACTIVE | LWFW_PORT_DENY_ACTIVE);
/* This struct will describe our hook procedure. */ struct nf_hook_ops nfkiller;
/* Actual rule 'definitions'. */ /* TODO: One day LWFW might actually support many simultaneous rules. * Just as soon as I figure out the list_head mechanism... */ static char *deny_if = NULL; /* Interface to deny */ static unsigned int deny_ip = 0x00000000; /* IP address to deny */ static unsigned short deny_port = 0x0000; /* TCP port to deny */
/* * This is the interface device's file_operations structure */ struct file_operations lwfw_fops = {
.ioctl=lwfw_ioctl,
.open=lwfw_open,
.release=lwfw_release,
};
/* * This is the function that will be called by the hook */ unsigned int lwfw_hookfn(unsigned int hooknum,
最低0.47元/天 解锁文章
扫一扫
695
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
