我们有2.6内核的netfilter内核模块,现在移植到4.1.23。我的钩子功能看起来很破碎我无法检索数据包标题。
这是2.6内核的代码片段。这是长期生产。
def convert(snippet, phrase):
class_names = [w.capitalize() for w in random.sample(WORDS, snippet.count("%%%"))]
other_names = random.sample(WORDS, snippet.count("***"))
class_names = [name.decode('UTF-8') for name in class_names]
other_names = [name.decode('UTF-8') for name in other_names]
检查netfilter.h并搜索Internet以获得4.1.23中的以下内容
static unsigned int main_hook(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in,const struct net_device *out, int (*okfn)(struct sk_buff*))
{
//struct sk_buff *skb = (skb_p);
struct iphdr *ih = (struct iphdr *)(skb->data);
u32 saddr = ih->saddr;
u32 daddr = ih->daddr;
注册挂钩如下。
static unsigned int main_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, const struct nf_hook_state *state)
{
//struct sk_buff *skb = (skb_p);
struct iphdr *ih = (struct iphdr *)(skb->data);
u32 saddr = ih->saddr;
u32 daddr = ih->daddr;
我没有从saddr和daddr获得源ip和目标ip。
删除了所有内容并尝试了
netfilter_ops.hook = main_hook;
netfilter_ops.pf = PF_INET;
netfilter_ops.hooknum = NF_INET_FORWARD;
netfilter_ops.priority = NF_IP_PRI_FIRST;
netfilter_ops.owner = THIS_MODULE;
nf_register_hook(&netfilter_ops);
结果如下
static unsigned int main_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, const struct nf_hook_state *state)
{
struct iphdr *ip_header = (struct iphdr *) (skb->data);
unsigned int src_ip = (unsigned int)ip_header->saddr;
unsigned int dest_ip = (unsigned int)ip_header->daddr;
printk("IP addres = %pI4 DEST = %pI4\n", &src_ip, &dest_ip);
return NF_ACCEPT;
也试过以下但是得到了垃圾
[37501.345997] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37506.337854] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37511.345295] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37516.337132] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37521.344589] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37526.336426] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37531.343866] IP addres = 0.0.0.0 DEST = 0.0.0.0
我尝试使用函数来获取数据(skb_network_header),甚至尝试编写hello world。 请帮忙。