#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter.h>
MODULE_LICENSE("lxg BSD/GPL");
static unsigned int
example(unsigned int hooknum,struct sk_buff **skb,const struct net_device *in,const struct net_device *out,int (*okfn)(struct sk_buff*))
{
    struct iphdr *iph;
    struct tcphdr *tcph;
    struct udphdr *udph;
    __u32 sip;
    __u32 dip;
    __u16 sport;
    __u16 dport;
    iph=(*skb)->nh.iph;
    sip=iph->saddr;
    dip=iph->daddr;
  
                printk(KERN_EMERG"%d.%d.%d.%d to %d.%d.%d.%d land\n",NIPQUAD(sip),NIPQUAD(dip));
            return NF_DROP;
        }
static struct nf_hook_ops iplimitfilter={
    .hook =example,
    .owner=THIS_MODULE,
    .pf=    PF_INET,
    .hooknum=NF_IP_LOCAL_IN,
    .priority=NF_IP_PRI_FILTER-1,};

static void test_init(void)
{
     nf_register_hook(&iplimitfilter);
}
static void test_exit(void)
{
    nf_unregister_hook(&iplimitfilter);
}
module_init(test_init);
module_exit(test_exit);