Chinaunix首页 | 论坛 | 博客

空灵静世jingxinjingli.blog.chinaunix.net

首页 |  博文目录 |  关于我

空灵静世

  • 博客访问: 444081
  • 博文数量: 70
  • 博客积分: 3170
  • 博客等级: 中校
  • 技术积分: 756
  • 用 户 组: 普通用户
  • 注册时间: 2007-06-06 16:47
文章分类

全部博文(70)

文章存档

2011年(22)

2010年(33)

2009年(5)

2008年(10)

我的朋友
最近访客
推荐博文
相关博文
Linux2.6内核Netfilter的简单例子、七(netMonitor)

分类: C/C++

2010-05-20 09:46:36

2010年02月26日 星期五 17时48分02秒
升级whoVisit的功能,监视5个hook点的网络信息,以便调试我的其他netfilter模块。
1、netMonitor.c
#include
#include                   /* for tcphdr */
#include
#include                     /* for csum_tcpudp_magic */
#include
#include                    /* for icmp_send */
#include                   /* for ip_route_output */
#include
#include
#include
#include
#include

#include "tools.h"

MODULE_LICENSE("GPL");
/* This is the structure we shall use to register our function */


/* This is the hook function itself */
unsigned int sahu_pre_routing(unsigned int hooknum,
                           struct sk_buff *skb,
                           const struct net_device *in,
                           const struct net_device *out,
                           int (*okfn)(struct sk_buff *))
{
  char saddr_str[16],daddr_str[16];
  struct sk_buff *sb = skb;
  struct iphdr *iph;
  if(!sb) return NF_ACCEPT;
  iph = ip_hdr(sb);
  if(!iph) return NF_ACCEPT;
 
  inet_i2str(iph->saddr,saddr_str);
  inet_i2str(iph->daddr,daddr_str);

  printk("pre_routing:\t%s->%s\n",saddr_str,daddr_str); 
  return NF_ACCEPT;
}
unsigned int sahu_post_routing(unsigned int hooknum,
                           struct sk_buff *skb,
                           const struct net_device *in,
                           const struct net_device *out,
                           int (*okfn)(struct sk_buff *))
{
  char saddr_str[16],daddr_str[16];
  struct sk_buff *sb = skb;
  struct iphdr *iph;
  if(!sb) return NF_ACCEPT;
  iph = ip_hdr(sb);
  if(!iph) return NF_ACCEPT;
 
  inet_i2str(iph->saddr,saddr_str);
  inet_i2str(iph->daddr,daddr_str);

  printk("post_routing:\t%s->%s\n",saddr_str,daddr_str); 
  return NF_ACCEPT;
}
unsigned int sahu_local_in(unsigned int hooknum,
                           struct sk_buff *skb,
                           const struct net_device *in,
                           const struct net_device *out,
                           int (*okfn)(struct sk_buff *))
{
  char saddr_str[16],daddr_str[16];
  struct sk_buff *sb = skb;
  struct iphdr *iph;
  if(!sb) return NF_ACCEPT;
  iph = ip_hdr(sb);
  if(!iph) return NF_ACCEPT;
 
  inet_i2str(iph->saddr,saddr_str);
  inet_i2str(iph->daddr,daddr_str);

  printk("local_in:\t%s->%s\n",saddr_str,daddr_str); 
  return NF_ACCEPT;
}
unsigned int sahu_local_out(unsigned int hooknum,
                           struct sk_buff *skb,
                           const struct net_device *in,
                           const struct net_device *out,
                           int (*okfn)(struct sk_buff *))
{
  char saddr_str[16],daddr_str[16];
  struct sk_buff *sb = skb;
  struct iphdr *iph;
  if(!sb) return NF_ACCEPT;
  iph = ip_hdr(sb);
  if(!iph) return NF_ACCEPT;
 
  inet_i2str(iph->saddr,saddr_str);
  inet_i2str(iph->daddr,daddr_str);

  printk("local_out:\t%s->%s\n",saddr_str,daddr_str); 
  return NF_ACCEPT;
}
unsigned int sahu_forward(unsigned int hooknum,
                           struct sk_buff *skb,
                           const struct net_device *in,
                           const struct net_device *out,
                           int (*okfn)(struct sk_buff *))
{
  char saddr_str[16],daddr_str[16];
  struct sk_buff *sb = skb;
  struct iphdr *iph;
  if(!sb) return NF_ACCEPT;
  iph = ip_hdr(sb);
  if(!iph) return NF_ACCEPT;
 
  inet_i2str(iph->saddr,saddr_str);
  inet_i2str(iph->daddr,daddr_str);

  printk("forward:\t%s->%s\n",saddr_str,daddr_str); 
  return NF_ACCEPT;
}

/* netfilter hooks in this kernel module*/
static struct nf_hook_ops sahu_ops[] __read_mostly = {

  {
    .hook = sahu_pre_routing,
    .owner = THIS_MODULE,
    .pf = PF_INET,
    .hooknum = NF_INET_PRE_ROUTING,
    .priority = NF_IP_PRI_FIRST,
  },

  {
    .hook = sahu_post_routing,
    .owner = THIS_MODULE,
    .pf = PF_INET,
    .hooknum = NF_INET_POST_ROUTING,
    .priority = NF_IP_PRI_FIRST,
  },
  {
    .hook = sahu_local_in,
    .owner = THIS_MODULE,
    .pf = PF_INET,
    .hooknum = NF_INET_LOCAL_IN,
    .priority = NF_IP_PRI_FIRST,
  },
  {
    .hook = sahu_local_out,
    .owner = THIS_MODULE,
    .pf = PF_INET,
    .hooknum = NF_INET_LOCAL_OUT,
    .priority = NF_IP_PRI_FIRST,
  },
  {
    .hook = sahu_forward,
    .owner = THIS_MODULE,
    .pf = PF_INET,
    .hooknum = NF_INET_FORWARD,
    .priority = NF_IP_PRI_FIRST,
  }

};
/* Initialisation routine */
int init_module()
{
  int ret;
  ret = nf_register_hooks(sahu_ops,ARRAY_SIZE(sahu_ops));
  if(ret<0){
    pr_info("can't install netMonitor into kernel!\n");
  }else{
    pr_info("netMonitor install into kernel!\n");
  }
  return 0;
}
/* Cleanup routine */
void cleanup_module()
{
  nf_unregister_hooks(sahu_ops,ARRAY_SIZE(sahu_ops));
  pr_info("netMonitor removed from kernel!\n");
}

2、tool.h

//extern static char * inet_i2str(__be32 addr);
int inet_i2str(unsigned int addr,char *addr_str){
  unsigned char *p;
  int i;
  p=(unsigned char *)(&addr);
  for(i=0;i<4;i++){
     addr_str[i*4+0]=*(p+i)/100+'0';
     addr_str[i*4+1]=*(p+i)/10-(*(p+i)/100)*10+'0';
     addr_str[i*4+2]=*(p+i)%10+'0';
     addr_str[i*4+3]='.';
  }
  addr_str[15]='\0';
  return 0;
}

3、Makefile

obj-m +=netMonitor.o
all:
 make -C /lib/modules/`uname -r`/build M=`pwd`
clean:
 make -C /lib/modules/`uname -r`/build M=`pwd` clean
install:
 /sbin/insmod netMonitor.ko
remove:
 /sbin/rmmod netMonitor

阅读(2477) | 评论(0) | 转发(0) |
0

上一篇:2.6.30内核Netfilter的简单例子、八(simpNat)

下一篇:16.1.4 sk_buff结构

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6