From: dawid <dawidwys@gmail.com>
To: netfilter-devel@vger.kernel.org
Subject: Using netfilter Api within OpenWRT
Date: Mon, 12 Nov 2012 20:40:55 +0100 [thread overview]
Message-ID: <50A150C7.1030205@gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 441 bytes --]
Hi I am writing some netfilter kernel module for my OpenWRT Backfire rev
28680 build for Dir-300(AR23xx).
I have written some hook_function but unfortunatly any sk_buff i get in
it is corrupted. There is only trash in it and as a
Could some of u tell me what am i doing wrong? The skb_network_header
function always returns NULL.
I have included example of my code.
I would be extremely grateful for any sort of help.
Regards
Dawid
[-- Attachment #2: module.c --]
[-- Type: text/plain, Size: 2362 bytes --]
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netfilter.h>
#undef __KERNEL__
#include <linux/netfilter_ipv4.h>
#define __KERNEL__
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <net/ip.h>
#include <net/tcp.h>
struct nf_hook_ops nfho; //net filter hook option struct
struct sk_buff *sock_buff;
struct tcphdr *tcp_header; // TCP header struct
struct iphdr *ip_header; // IP header struct
unsigned int hook_func(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
sock_buff = skb;
if (!sock_buff)
{
printk(KERN_INFO "NULL sock buff header\n");
return NF_ACCEPT;
}
printk(KERN_INFO "IP_PROTO %d\n", sock_buff->protocol);
ip_header = (struct iphdr *)skb_network_header(sock_buff);
if (!ip_header)
{
printk(KERN_INFO "NULL ip header\n");
return NF_ACCEPT;
}
printk(KERN_INFO "SRC: (%u.%u.%u.%u) --> DST: (%u.%u.%u.%u)\n",NIPQUAD(ip_header->saddr),NIPQUAD(ip_header->daddr));
if(ip_header->protocol == IPPROTO_TCP){
printk(KERN_INFO "tcp packet received\n");
}
if(ip_header->protocol == IPPROTO_UDP){
printk(KERN_INFO "udp packet received\n");
}
if(ip_header->protocol == IPPROTO_ICMP){
printk(KERN_INFO "icmp packet received\n");
}
printk(KERN_INFO "packet received\n");
return NF_ACCEPT;
}
static int __init custom_init_module(void)
{
nfho.hook = hook_func; //function to call when conditions below met
nfho.hooknum = NF_IP_PRE_ROUTING; //called right after packet recieved, first hook in Netfilter
nfho.pf = PF_INET; //IPV4 packets
nfho.priority = NF_IP_PRI_FIRST; //set to highest priority over all other hook functions
nf_register_hook(&nfho); //register hook
printk(KERN_INFO "init_module() called\n");
return 0;
}
static void __exit custom_cleanup_module(void)
{
printk(KERN_INFO "cleanup_module() called\n");
nf_unregister_hook(&nfho); //cleanup – unregister hook
}
module_init(custom_init_module);
module_exit(custom_cleanup_module);
reply other threads:[~2012-11-12 19:41 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50A150C7.1030205@gmail.com \
--to=dawidwys@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).