linux hook 任意内核函数,【求助】Kernel 4.8下编译编写的Netfilter Hook函数失败

最新推荐文章于 2022-10-26 16:08:25 发布

低调王子

最新推荐文章于 2022-10-26 16:08:25 发布

阅读量123

点赞数

文章标签： linux hook 任意内核函数

该楼层疑似违规已被系统折叠隐藏此楼查看此楼

#include

#include

#include

#include

#include

MODULE_LICENSE("Dual BSD/GPL");

MODULE_AUTHOR("CG");

MODULE_DESCRIPTION("FW based on Netfilter Frame");

MODULE_VERSION("1.0");

#define printk_ip(info, be32_addr)\

printk("%s %d.%d.%d.%d\n",info,\

((unsigned char *)&(be32_addr))[0],\

((unsigned char *)&(be32_addr))[1],\

((unsigned char *)&(be32_addr))[2],\

((unsigned char *)&(be32_addr))[3])

int filter_ip(__be32 addr)

{

unsigned char net_num = ((unsigned char *)&addr)[0];

unsigned char host_num = ((unsigned char *)&addr)[3];

if (net_num == 10 || host_num == 1 || host_num == 2)

return 1;

return 0;

}

int filter_src_dst_ip(__be32 s_addr, __be32 d_addr)

{

int i = filter_ip(s_addr) && filter_ip(d_addr);

return i;

}

/* NF_INET_LOCAL_IN Hook func.*/

unsigned int local_in_hook(unsigned int hooknum, struct sk_buff *skb,

const struct net_device *in,

const struct net_device *out,

int (*okfn)(struct sk_buff *))

{

struct iphdr *ip_header;

ip_header = ip_hdr(skb);

if(filter_src_dst_ip(ip_header->saddr, ip_header->daddr))

{

printk("Local_in_hook()=============================\n");

printk_ip("Src IP:", ip_header->saddr);

printk_ip("Dst IP:", ip_header->daddr);

}

return NF_ACCEPT;

}

/*We need this to register our hook func.*/

struct nf_hook_ops local_in_ops =

{

.hook= local_in_hook,//Hook func.

.pf= PF_INET,//Protocal type -> IPV4

.hooknum= NF_INET_LOCAL_IN, //Hook Point

.priority= NF_IP_PRI_FIRST

};

/* NF_INET_LOCAL_OUT Hook func.*/

unsigned int local_out_hook(unsigned int hooknum, struct sk_buff *skb,

const struct net_device *in,

const struct net_device *out,

int (*okfn)(struct sk_buff *))

{

struct iphdr *ip_header;

ip_header = ip_hdr(skb);

if (filter_src_dst_ip(ip_header->saddr, ip_header->daddr))

{

printk("Local_out_hook()===========================\n");

printk_ip("Src IP:", ip_header->saddr);

printk_ip("Dst IP:", ip_header->daddr);

}

return NF_ACCEPT;

}

/*Enum of LOCAL_OUT Hook func*/

struct nf_hook_ops local_out_ops =

{

.hook= local_out_hook,

.pf= PF_INET,//Protocal type -> IPV4

.hooknum= NF_INET_LOCAL_OUT,//Hook Point

.priority= NF_IP_PRI_FIRST

};

/*Register hook func.*/

static int hook_init(void)

{

printk("Hook_init()===================================\n");

nf_register_hook(&local_in_ops);

nf_register_hook(&local_out_ops);

return 0;

}

/*Unregister hook func.*/

static void hook_exit(void)

{

printk("Hook_exit()===================================\n");

nf_unregister_hook(&local_in_ops);

nf_unregister_hook(&local_out_ops);

}

module_init(hook_init);

module_exit(hook_exit);

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
linux hook 任意内核函数,【求助】Kernel 4.8下编译编写的Netfilter Hook函数失败

该楼层疑似违规已被系统折叠隐藏此楼查看此楼#include #include #include #include #include MODULE_LICENSE("Dual BSD/GPL");MODULE_AUTHOR("CG");MODULE_DESCRIPTION("FW based on Netfilter Frame");MODULE_VERSION("1.0");#define pr...
复制链接

扫一扫

评论

被折叠的条评论为什么被折叠?

到【灌水乐园】发言

查看更多评论

添加红包

成就一亿技术人!

hope_wisdom

发出的红包

实付元

使用余额支付

点击重新获取

扫码支付

钱包余额 0

抵扣说明：

1.余额是钱包充值的虚拟货币，按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载，可以购买VIP、付费专栏及课程。