From: linux lover <linux_lover2004@yahoo.com>
To: netdev@oss.sgi.com
Subject: how to access packet's data part in skbuff?
Date: Thu, 30 Dec 2004 03:54:01 -0800 (PST) [thread overview]
Message-ID: <20041230115401.6906.qmail@web52202.mail.yahoo.com> (raw)
Hello all,
While writing kernel module packet sniffer
at IP layer,i start with first accessing packets
length
and its data part.so, to start i try to access packet
data first and copy it to other variable to dump
its contents but i am facing a problem while accessing
the packet's data. As i have studied i
found that data in packet at any layer resides in
between data and tail pointers. So if i
have to print it or copy it in any unsigned string
then how to do that?
I tried with following example which
receives only loopback packet and print data part at
IP layer. But it does not print also why am i getting
sb->len as 1 not actual size of packet at IP layer?
regards,
linux_lover
#define MODULE
#define __KERNEL__
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/myh.h>
#include <linux/string.h>
static struct nf_hook_ops nfho;
unsigned int cap_packet(unsigned int hooknum,struct
sk_buff **skb,const struct net_device *in,
const struct
net_device *out,int (*okfn)(struct sk_buff *))
{
struct sk_buff *sb = *skb;
unsigned char *packet;
int buflen=0,i=0;
buflen=sb->len;
packet=kmalloc(buflen,GFP_USER);
memset(packet,'\0',buflen);
printk(KERN_DEBUG "Length of sb->data in hook
function = %d\n", buflen);
while(buflen>=0)
{
packet[i]=sb->data[i];
i++;
buflen--;
}
packet[i]='\0';
strcpy(packet,sb->data);
printk(KERN_DEBUG "packet contents of sb->data
in hook function = %s\n", packet);
return NF_ACCEPT;
}
static int __init init(void)
{
nfho.hook = cap_packet;
nfho.hooknum = NF_IP_LOCAL_OUT;
nfho.pf = PF_INET;
nfho.priority = NF_IP_PRI_FIRST;
nf_register_hook(&nfho);
return 0;
}
static void __exit fini(void)
{
nf_unregister_hook(&nfho);
}
module_init(init);
module_exit(fini);
MODULE_LICENSE("GPL");
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - What will yours do?
http://my.yahoo.com
reply other threads:[~2004-12-30 11:54 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20041230115401.6906.qmail@web52202.mail.yahoo.com \
--to=linux_lover2004@yahoo.com \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).