使用我的netfilter我使用以下代码更改传入数据包的数据:
unsigned int hook_func_in(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *))
{
struct iphdr *ip = 0;
struct tcphdr *tcp = 0;
unsigned char *user_data = 0;
unsigned char *tail = 0;
int datasize =0;
if ( skb )
{
ip = (struct iphdr *)skb_network_header(skb);
if (ip && ip->protocol == IPPROTO_TCP)
{
skb_set_transport_header(skb, ip->ihl * 4);
tcp = (struct tcphdr *)skb_transport_header(skb);
if ( tcp && tcp->dest == htons(63947))
{
if (tcp->syn)
{
printk ( "Connect %d\r\n", ip->saddr);
}
else if (tcp->fin || tcp->rst)
{
printk ("Disconnect %d\r\n", ip->saddr);
}
else
{
user_data = (unsigned char *)((unsigned char *)tcp + (tcp->doff * 4));
tail = skb_tail_pointer(skb);
if( user_data && tail )
{
datasize = (int)((long)tail-(long)user_data);
if( datasize > 0 )
{
ModifyData((unsigned char*)user_data, (unsigned char*)user_data, datasize);
// function above changes all data, but not resizes
}
}
}
}
}
}
return NF_ACCEPT;
}
函数ModifyData更改数据中的所有字节,但不会更改数据大小。现在我应该如何重新计算tcp校验和?我知道函数tcp_check_send,但我不确定它是否适合传入的数据包。
也许在改变数据后我也应该改变一些东西?
我需要这个,因为如果我更改数据而不重新计算相同的数据包将再次收到几次,然后连接将被终止