在linux模块中读取文件时出错

时间:2015-12-16 08:24:56

标签: linux-kernel makefile kernel-module netfilter insmod

编辑: 我编写了以下模块来过滤网站。我能够嗅探用户请求的DNS数据包(问题字段Domain Name)并与block[]="www.facebook.com"进行比较。如果匹配,则删除数据包。现在我插入一个读取代码(参见下面的//Read File here下面的代码)来读取文件中写入的网站列表(而不是硬编码块[] =)并将其与DNS问题进行比较。现在我能够成功编译模块,但无法正确加载它。这是因为make警告给出了下方和模块代码。(我请你仔细阅读代码,谢谢你的时间。)< / p>

#include </usr/src/kernels/2.6.32-573.8.1.el6.x86_64/include/linux/module.h>
#include </usr/src/kernels/2.6.32-573.8.1.el6.x86_64/include/linux/netfilter.h>
#include </usr/src/kernels/2.6.32-573.8.1.el6.x86_64/include/linux/netfilter_ipv4.h>
#include </usr/src/kernels/2.6.32-573.8.1.el6.x86_64/include/linux/ip.h>
#include </usr/src/kernels/2.6.32-573.8.1.el6.x86_64/include/linux/tcp.h>
#include </usr/src/kernels/2.6.32-573.8.1.el6.x86_64/include/linux/udp.h>
#include <linux/kernel.h>
#include <//linux/init.h>
#include <linux/syscalls.h>
#include <linux/fcntl.h>
#include <asm/uaccess.h>
//#define PUDP_WATCH_PORT     53  /* DNS (UDP) port */  
//char block[]="www.facebook.com";
static struct nf_hook_ops nfho;
char domain[100]={'\0'};
int Domain_Index=0;

int fd,n;
char offset=32;
unsigned short int low,mid,high;
char filename[]="/temp/websitelist.txt";
char total_wbste;
char buf[30];
unsigned char temp;

mm_segment_t old_fs;

static unsigned int ptcp_hook_func(const struct nf_hook_ops *ops,
                               struct sk_buff *skb,
                               const struct net_device *in,
                               const struct net_device *out,
                               int (*okfn)(struct sk_buff *))
{
      struct iphdr *iph;          /* IPv4 header */
      struct udphdr *udph;  /* UDP header */
       unsigned char *user_data;   /* TCP data begin pointer */
       unsigned char *tail;        /* TCP data end pointer */
       unsigned char *it;          /* TCP data iterator */

      if (!skb)          // checking for valid IP packet 
         return NF_ACCEPT;
      iph = ip_hdr(skb);          // getting  IP header 

  /* if(udph->source!=PUDP_WATCH_PORT )  // Udp and DNS port 53   destinaton/source 
  return NF_ACCEPT;*/

      if (iph->protocol != 17)   // for protocol recived IP packet. 
    return NF_ACCEPT;

      udph = udp_hdr(skb);           // getting  UDP header 
      user_data = (unsigned char *)((unsigned char *)udph + (21)); // seting  pointer to user_data=udp header+[(UDP=8byte)+12bytes DNS_fields)+1]=21
      tail = skb_tail_pointer(skb);         // setting pointer to end of the payload(data) in the DNS packet

    // Print UDP packet data (payload)      

     Domain_Index=0;
     for (it = user_data; it != tail; ++it) {
          char c = *(char *)it;
           if (c == '\0'){
               domain[Domain_Index]=c;
                break;
           }
           if((c>64 && c<91) ||(c>96 && c<123))
                  domain[Domain_Index]=c; // storing the query received by the packet
           else 
                  domain[Domain_Index]='.'; 
            Domain_Index++;
      }
      printk(KERN_INFO "\n%s",domain);  // Domain Name queried 
      printk(KERN_INFO "The value of Domain index--->\n%d",Domain_Index);
      /*
      if(strncmp(block,domain,Domain_Index-1)== 0){//compraing with      string to be block[](hardCoded as of now) 
      printk(KERN_INFO "Packet Droped\n");
      return NF_DROP;
      }*/

  //--------------------------------------------------------------------
     //Read File  here

      old_fs = get_fs();
      set_fs(KERNEL_DS);

      fd = sys_open(filename, O_RDONLY, 0);
      if (fd >= 0) { //if fd 
             printk(KERN_DEBUG);
             sys_read(fd, buf, 2);

             low = 1;
             high = 5;
             mid = (low+high)/2;
             while (low <= high) { //while loop1

                  sys_lseek(fd, (mid*offset), SEEK_SET);
                  sys_read(fd, buf, 30);

                  temp=strncmp(buf,domain,offset-2); // comaparing read string with Domain Name 

                  if (temp==0){  // 1
                         printk(KERN_INFO "Packet Droped\n");
                         sys_close(fd);
                         set_fs(old_fs);
                         return NF_DROP; 
                   }// 1
                  else if (temp>0)
                         high=mid-1;
                  else 
                         low=mid+1;

                  mid = (low+high)/2;   

              } //while loop1

         sys_close(fd);
        }//if fd
    set_fs(old_fs);

   }
//--------------------------------------------------------------------

     return NF_ACCEPT; // not any condition met then packet is accepted and let it to pass through network device for futher process
 }

static int  __init ptcp_init(void)
{
     int res;

     nfho.hook = (nf_hookfn *)ptcp_hook_func;    /* hook function */
  // nfho.hooknum = NF_INET_PRE_ROUTING;         /* received packets  */ 
     nfho.hooknum = NF_INET_POST_ROUTING;   /*transmitted packets */
     nfho.pf = PF_INET;                          /* IPv4 */
     nfho.priority = NF_IP_PRI_FIRST;            /* max hook priority */

     res = nf_register_hook(&nfho);
     if (res < 0) {
      printk(KERN_INFO "print_udp: error in nf_register_hook()\n");
      return res;
   }

     printk(KERN_INFO "module loaded\n");
     return 0;
 }

  static void  __exit ptcp_exit(void)
{
  nf_unregister_hook(&nfho);
  printk(KERN_INFO "module  unloaded\n");
 }

 module_init(ptcp_init);
 module_exit(ptcp_exit);

 MODULE_AUTHOR("Sam Protsenko");
 MODULE_DESCRIPTION("Module for printing TCP packet data");
 MODULE_LICENSE("GPL");

但我在insmod收到错误,错误是

[root@localhost dns_sniffer]# make 
make -C /lib/modules/2.6.32-573.8.1.el6.x86_64/build M=/home/praveen/dns_sniffer modules
make[1]: Entering directory `/usr/src/kernels/2.6.32-573.8.1.el6.x86_64'
CC [M]  /home/praveen/dns_sniffer/dns_sniff.o
Building modules, stage 2.
MODPOST 1 modules
WARNING: "sys_open" [/home/praveen/dns_sniffer/dns_sniff.ko] undefined!
WARNING: "sys_read" [/home/praveen/dns_sniffer/dns_sniff.ko] undefined!
WARNING: "sys_lseek" [/home/praveen/dns_sniffer/dns_sniff.ko] undefined!
CC      /home/praveen/dns_sniffer/dns_sniff.mod.o
LD [M]  /home/praveen/dns_sniffer/dns_sniff.ko.unsigned
NO SIGN [M] /home/praveen/dns_sniffer/dns_sniff.ko
make[1]: Leaving directory `/usr/src/kernels/2.6.32-573.8.1.el6.x86_64'
[root@localhost dns_sniffer]#

[root@localhost dns_sniffer]# insmod dns_sniff.ko 
insmod: error inserting 'dns_sniff.ko': -1 Unknown symbol in module

另外,我想知道在linux-module中读取文件的安全方法。我经历了一些previous examplethis方式经常安全阅读吗?谢谢你的回复

0 个答案:

没有答案