linux-2.6.35.6内核netfilter框架,linux 2.6.32-504.23.4.el6.x86_64下的netfilter钩子

linux内核更新，sk_buff变了，博一个linux

2.6.32-504.23.4.el6.x86_64下的netfilter钩子

#include

#include

#include

#include

#include

#include

#include

#include

#include

#include

#include

#include

#include

#define NIPQUAD(addr) \

((unsigned char *)&addr)[0], \

((unsigned char *)&addr)[1], \

((unsigned char *)&addr)[2], \

((unsigned char *)&addr)[3]

MODULE_LICENSE("GPL");

MODULE_AUTHOR("FrankXiong");

static struct nf_hook_ops nfho;

unsigned int hook_func(unsigned int hooknum, struct sk_buff

*skb, const struct net_device *in, const struct net_device *out,

int (*okfn)(struct sk_buff *)) {

struct sk_buff *sb;

struct iphdr *iph;

// struct ethdhr *eth;

struct udphdr *udp;

__be32 sip,dip;

sb = skb;

iph = ip_hdr(sb);

udp = (struct udphdr*)&sb->transport_header;

sip = iph->saddr;

dip = iph->daddr;

printk("src= %d.%d.%d.%d\n",NIPQUAD(sip));

printk("dst= %d.%d.%d.%d\n",NIPQUAD(dip));

// ti qu IP tou

if(skb->pkt_type == PACKET_BROADCAST) {

return NF_ACCEPT;

}

if(skb->protocol == htons(ETH_P_IP)){

switch (iph->protocol) {

case IPPROTO_TCP: {

printk("TCP packet\n");

break;

}

case IPPROTO_ICMP: {

printk("ICMP packet\n");

break;

}

case IPPROTO_UDP: {

printk("UDP packet\n");

if (ntohs(udp->dest) == 520) {

printk("RIP packet\n");

}

break;

}

case IPPROTO_IP: {

printk("IP packet\n");

break;

}

default:

printk("other packet\n");

}

}

printk("===========\n");

return NF_ACCEPT;

}

static int kexec_test_init(void) {

printk("hook start ...\n");

nfho.hook = hook_func;

nfho.owner = NULL;

nfho.pf = PF_INET;

nfho.hooknum = NF_INET_PRE_ROUTING;

nfho.priority = NF_IP_PRI_FIRST;

nf_register_hook(&nfho);  /// 注册一个钩子函数

return 0;

}

static void kexec_test_exit(void) {

printk("hook init...\n");

nf_unregister_hook(&nfho);

}

module_init(kexec_test_init);

module_exit(kexec_test_exit);

Makefile：

obj-m := netfilter_hook.o

KERNELBUILD := /lib/modules/`uname -r`/build

default:

make -C $(KERNELBUILD) M=$(shell pwd) modules

clean:

rm -rf *.o .*.cmd *.ko *.mod.c .tmp_versions Module.symvers

*.ko.unsigned modules.order