Network security
luoxingao
全部博文(12)
2009年(2)
2008年(10)
terryz20
flytp
admflt
cywcdwxj
分类: LINUX
2009-01-15 16:08:54
#include <linux/init.h>#include <linux/kernel.h>#include <linux/module.h>#include <linux/skbuff.h>#include <linux/netdevice.h>#include <linux/ip.h>#include <linux/tcp.h>#include <linux/udp.h>#include <linux/netfilter_ipv4.h>#include <linux/netfilter.h>MODULE_LICENSE("lxg BSD/GPL");static unsigned int example(unsigned int hooknum,struct sk_buff **skb,const struct net_device *in,const struct net_device *out,int (*okfn)(struct sk_buff*)){ struct iphdr *iph; struct tcphdr *tcph; struct udphdr *udph; __u32 sip; __u32 dip; __u16 sport; __u16 dport; iph=(*skb)->nh.iph; sip=iph->saddr; dip=iph->daddr; printk(KERN_EMERG"%d.%d.%d.%d to %d.%d.%d.%d land\n",NIPQUAD(sip),NIPQUAD(dip)); return NF_DROP; }static struct nf_hook_ops iplimitfilter={ .hook =example, .owner=THIS_MODULE, .pf= PF_INET, .hooknum=NF_IP_LOCAL_IN, .priority=NF_IP_PRI_FILTER-1,};static void test_init(void){ nf_register_hook(&iplimitfilter);}static void test_exit(void){ nf_unregister_hook(&iplimitfilter);}module_init(test_init);module_exit(test_exit);
上一篇:linux2.6下钩子函数的编写
下一篇:没有了
登录 注册