全部博文(230)
| 标题 | 阅读 | 评论 | 转发 | 发布日期 | |
|---|---|---|---|---|---|
| 【推荐】 nc 传输文件 | 4423 | 0 | 0 | 2014-05-01 | |
| CLOSE_WAIT状态的原因与解决方法 | 2636 | 0 | 0 | 2014-04-23 | |
| 远程执行 Linux 图形界面程序 | 3885 | 0 | 0 | 2014-04-15 | |
| DNS 记录类型 | 4158 | 0 | 0 | 2014-03-28 | |
| 读 SCTP 协议漏洞有感 | 3303 | 0 | 0 | 2014-03-28 | |
| SACC2013(备忘一下) | 2241 | 0 | 0 | 2014-03-14 | |
| Windows Performance Monitor: "Unable to add these counters" | 4706 | 0 | 0 | 2014-03-13 |
phoenixcsl2015-05-26 09:57
hi,platinum,请问netfilter能够过滤arp的东西吗?我写了一些代码,在NF_ARP_IN和OUT捕获一些信息,但是为什么什么都抓不到?
代码:
static unsigned int hook_func_in(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff*))
{
sb = skb;
ethh = eth_hdr(skb);
printk(" in skb ethh dest %s\n",ethh->h_dest);
printk("in skb ethh source %s\n",ethh->h_source);
return NF_ACCEPT;
}
static struct nf_hook_ops nfho_ops[]=
{
.hook = hook_func_in,
.owner = THIS_MODULE,
.pf =NF_ARP,
.hooknum = NF_ARP_IN,
.priority = NF_IP_PRI_FIRST,
}
static struct nf_hook_ops nfho_ops[]=
{
.hook = hook_func_in,
.owner = THIS_MODULE,
.pf =NF_ARP,
.hooknum = NF_ARP_IN,
.priority = NF_IP_PRI_FIRST,
}
