我使用钩子函数制作了一个模块。它的工作,但当我使用ping google.com.i我得到0045作为icmp类型。但我认为它应该是0回声回复。我使用了以下打印命令:
unsigned int hook_func(unsigned int hooknum, struct sk_buff *skb1, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *))
{
struct sk_buff *sock_buff;
struct iphdr *ip1;
struct icmphdr *icmp1;
sock_buff = skb1;
//printk("ihere we are::%s,%d\n",__func__,__LINE__);
ip1 = (struct iphdr *)skb_network_header(sock_buff);
printk(KERN_ALERT"proto:%d\n",ip1->protocol);
if(ip1->protocol==1)
{
icmp1 = (struct icmphdr *)skb_transport_header(sock_buff);
printk(KERN_ALERT"reply type: %04X,,seq : %04X\n",icmp1->type,icmp1->un.echo.id);
}
// kfree(sock_buff);
return NF_ACCEPT;
}
icmp1->类型是__be16。
答案 0 :(得分:0)
将icmp1 = (struct icmphdr *)skb_transport_header(sock_buff);替换为
icmp1 = (struct icmphdr *)(skb_transport_header(sock_buff) + ip_hdrlen(sock_buff));
icmpheader-> type是unsigned char,请尝试
printk(KERN_ALERT"reply type: %u,,seq : %04X\n",icmp1->type,icmp1->un.echo.id);