* netfilter hook function error...
@ 2005-09-21 0:13 JC
2005-09-21 1:14 ` JC
2005-09-21 5:51 ` Patrick Schaaf
0 siblings, 2 replies; 5+ messages in thread
From: JC @ 2005-09-21 0:13 UTC (permalink / raw)
To: netfilter-devel, netfilter
my hook function code, called at :
unsigned int in_hook(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
print_string("Packet reached IN_HOOK.");
struct iphdr *my_ipheader;
//u32 this_address;
if (out)
{
if(out->name)
{
print_string("out is: ");
print_string(out->name);
// compare the out device with the list of rules
// TODO: replace by matches_rule()
if (strcmp(out->name, "eth1") == 0)
{
print_string("packet matches rule");
if(skb == NULL)
{
return -1;
}
my_ipheader = skb->nh->iph;
print_string("printk-ing saddr...");
//this_address = *my_ipheader->saddr;
//printk("the ip is : %d.%d.%d.%d\n",NIPQUAD(*my_ipheader->saddr));
}
}
else
{
print_string("out is null");
}
}
return NF_QUEUE; /* Drop ALL packets */
}
line 150 is my_ipheader = skb->nh->iph;
on compile, I get this error:
[root@whatever spider]# make -C /usr/src/kernels/`uname -r`-i686
SUBDIRS=$PWD modules
make: Entering directory `/usr/src/kernels/2.6.12-1.1447_FC4-i686'
CC [M] /home/jc/code/spider/spider.o
/home/jc/code/spider/spider.c: In function 'in_hook':
/home/jc/code/spider/spider.c:126: warning: ISO C90 forbids mixed
declarations and code
/home/jc/code/spider/spider.c:134: warning: passing argument 1 of
'print_string' discards qualifiers from pointer target type
/home/jc/code/spider/spider.c:150: error: request for member 'nh' in
something not a structure or union
I've seen that statement being made more than a number of times, so
what am I doing wrong??
I need to change the saddr (source address) in that if to another one
(basicly, NATing it). How will I commit that change to the skb and
then send it back into the stack?
thanx in advance...
John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: netfilter hook function error...
2005-09-21 0:13 netfilter hook function error JC
@ 2005-09-21 1:14 ` JC
2005-09-21 5:51 ` Patrick Schaaf
1 sibling, 0 replies; 5+ messages in thread
From: JC @ 2005-09-21 1:14 UTC (permalink / raw)
To: netfilter-devel, netfilter
correct my_ipheader = skb->nh->iph;
with my_ipheader = skb->nh.iph;
and it does NOT work.
includes:
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/init.h>
#include <linux/sched.h>
#include <linux/tty.h>
#include <linux/version.h>
#include <linux/netdevice.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/udp.h>
#include <linux/tcp.h>
J
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: netfilter hook function error...
[not found] <4330b900.50a87b17.7179.ffffad17SMTPIN_ADDED@mx.gmail.com>
@ 2005-09-21 1:49 ` JC
0 siblings, 0 replies; 5+ messages in thread
From: JC @ 2005-09-21 1:49 UTC (permalink / raw)
To: wei shuxi; +Cc: netfilter-devel, netfilter
On 21/09/05, wei shuxi <shuxi_w@seu.edu.cn> wrote:
> Hi,
>
> try my_ipheader = (struct iphdr *)((*skb)->nh->iph);
>
both
my_ipheader = (struct iphdr *)((*skb)->nh->iph);
and
my_ipheader = (struct iphdr *)((*skb).nh->iph);
don't work either...
J
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: netfilter hook function error...
2005-09-21 0:13 netfilter hook function error JC
2005-09-21 1:14 ` JC
@ 2005-09-21 5:51 ` Patrick Schaaf
2005-09-21 6:09 ` JC
1 sibling, 1 reply; 5+ messages in thread
From: Patrick Schaaf @ 2005-09-21 5:51 UTC (permalink / raw)
To: JC; +Cc: netfilter-devel, netfilter
Hi JC,
welcome to "introduction to C". This is NOT a usual service of
this mailing list. Anyway...
> /home/jc/code/spider/spider.c:126: warning: ISO C90 forbids mixed
> declarations and code
> print_string("Packet reached IN_HOOK.");
> struct iphdr *my_ipheader;
In traditional C, a variable declaration (like your my_ipheader)
MUST COME BEFORE ANY OTHER CODE IN A FUNCTION (like your print_string
call)
> /home/jc/code/spider/spider.c:134: warning: passing argument 1 of
> 'print_string' discards qualifiers from pointer target type
> print_string(out->name);
Not that I really know, because you have not shown your print_string()
function prototype, but I bet that you made its first argument be
a 'const char *', and out->name is a 'char *' without the 'const'.
> /home/jc/code/spider/spider.c:150: error: request for member 'nh' in
> something not a structure or union
> my_ipheader = skb->nh->iph;
The compiler complains that the skb thing is not pointer to a structure.
Which is correct. It is a pointer to a pointer to a structure. So you
need to dereference it once, like '(*skb)->nh->iph'. However, I'm
not sure that nh->iph is valid in all cases. Look at other hook
functions which need the IP header.
best regards
Patrick
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: netfilter hook function error...
2005-09-21 5:51 ` Patrick Schaaf
@ 2005-09-21 6:09 ` JC
0 siblings, 0 replies; 5+ messages in thread
From: JC @ 2005-09-21 6:09 UTC (permalink / raw)
To: Patrick Schaaf; +Cc: netfilter-devel, netfilter
Dear Patrick,
thank you kindly for the "Introduction to C" session. Your pointers
were of most use. However, I must note that failing to know the
purpose of print_string() calls in my code, in both occasions that
they appear in the code I posted, you failed slightly to understand
the severity of the warnings that the compiler "screamed in terror"
about. In both points, they are merely there for logging to the
current tty, as an alternative to printk. As a concequence of that,
they are being commented in and out of the running code, as debugging
requires at that particular moment.
The last point, and of interest to me at that moment, was solved by
Wei and this code seems to work:
my_ipheader = (struct iphdr *)((*skb)->nh.iph);
as I was quick to post back in the thread, for the reference of others.
Please feel free to correct my code in the other thread, with subject
"How to change the source address of a tcp packet", with the same
enthusiasm. I would be, again, most thankful.
kind regards,
JC
- Hide quoted text -
> > /home/jc/code/spider/spider.c:126: warning: ISO C90 forbids mixed
> > declarations and code
> > print_string("Packet reached IN_HOOK.");
> > struct iphdr *my_ipheader;
>
> In traditional C, a variable declaration (like your my_ipheader)
> MUST COME BEFORE ANY OTHER CODE IN A FUNCTION (like your print_string
> call)
>
> > /home/jc/code/spider/spider.c:134: warning: passing argument 1 of
> > 'print_string' discards qualifiers from pointer target type
> > print_string(out->name);
>
> Not that I really know, because you have not shown your print_string()
> function prototype, but I bet that you made its first argument be
> a 'const char *', and out->name is a 'char *' without the 'const'.
>
> > /home/jc/code/spider/spider.c:150: error: request for member 'nh' in
> > something not a structure or union
> > my_ipheader = skb->nh->iph;
>
> The compiler complains that the skb thing is not pointer to a structure.
> Which is correct. It is a pointer to a pointer to a structure. So you
> need to dereference it once, like '(*skb)->nh->iph'. However, I'm
> not sure that nh->iph is valid in all cases. Look at other hook
> functions which need the IP header.
>
> best regards
> Patrick
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-09-21 6:09 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-09-21 0:13 netfilter hook function error JC
2005-09-21 1:14 ` JC
2005-09-21 5:51 ` Patrick Schaaf
2005-09-21 6:09 ` JC
[not found] <4330b900.50a87b17.7179.ffffad17SMTPIN_ADDED@mx.gmail.com>
2005-09-21 1:49 ` JC
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.