Netfilter 内核模块迁移到 4.1.23 - 无法检索 ip header
Netfilter kernel module migrating to 4.1.23 - cannot retrieve ip header
我们有一个来自 2.6 内核的 netfilter 内核模块,现在正在移植到 4.1.23。我的钩子函数看起来坏了。我无法检索数据包 header。
这是 2.6 内核的代码片段。这已经投入生产很长时间了。
static unsigned int main_hook(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in,const struct net_device *out, int (*okfn)(struct sk_buff*))
{
//struct sk_buff *skb = (skb_p);
struct iphdr *ih = (struct iphdr *)(skb->data);
u32 saddr = ih->saddr;
u32 daddr = ih->daddr;
在 4.1.23netfilter.h 和搜索互联网得到以下结果
static unsigned int main_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, const struct nf_hook_state *state)
{
//struct sk_buff *skb = (skb_p);
struct iphdr *ih = (struct iphdr *)(skb->data);
u32 saddr = ih->saddr;
u32 daddr = ih->daddr;
注册钩子如下
netfilter_ops.hook = main_hook;
netfilter_ops.pf = PF_INET;
netfilter_ops.hooknum = NF_INET_FORWARD;
netfilter_ops.priority = NF_IP_PRI_FIRST;
netfilter_ops.owner = THIS_MODULE;
nf_register_hook(&netfilter_ops);
我没有从 saddr 和 daddr 获取源 ip 和目标 ip。
删除所有内容并尝试关注
static unsigned int main_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, const struct nf_hook_state *state)
{
struct iphdr *ip_header = (struct iphdr *) (skb->data);
unsigned int src_ip = (unsigned int)ip_header->saddr;
unsigned int dest_ip = (unsigned int)ip_header->daddr;
printk("IP addres = %pI4 DEST = %pI4\n", &src_ip, &dest_ip);
return NF_ACCEPT;
这是结果
[37501.345997] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37506.337854] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37511.345295] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37516.337132] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37521.344589] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37526.336426] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37531.343866] IP addres = 0.0.0.0 DEST = 0.0.0.0
也试过关注但是越来越垃圾
buff = (unsigned char *) skb->data;
for (i=0;i<60;i++) printk("%d.", buff[i]);
printk("\n");
我尝试使用函数来获取数据 (skb_network_header),甚至尝试编写 hello world。
请帮忙。
尝试以这种方式提取:
struct iphdr *ip_hdr = (struct iphdr *)skb_network_header(skb);
并以这种方式访问:
printk("IP addres = %u DEST = %u\n", ip_hdr->saddr, ip_hdr->daddr);
我们有一个来自 2.6 内核的 netfilter 内核模块,现在正在移植到 4.1.23。我的钩子函数看起来坏了。我无法检索数据包 header。
这是 2.6 内核的代码片段。这已经投入生产很长时间了。
static unsigned int main_hook(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in,const struct net_device *out, int (*okfn)(struct sk_buff*))
{
//struct sk_buff *skb = (skb_p);
struct iphdr *ih = (struct iphdr *)(skb->data);
u32 saddr = ih->saddr;
u32 daddr = ih->daddr;
在 4.1.23netfilter.h 和搜索互联网得到以下结果
static unsigned int main_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, const struct nf_hook_state *state)
{
//struct sk_buff *skb = (skb_p);
struct iphdr *ih = (struct iphdr *)(skb->data);
u32 saddr = ih->saddr;
u32 daddr = ih->daddr;
注册钩子如下
netfilter_ops.hook = main_hook;
netfilter_ops.pf = PF_INET;
netfilter_ops.hooknum = NF_INET_FORWARD;
netfilter_ops.priority = NF_IP_PRI_FIRST;
netfilter_ops.owner = THIS_MODULE;
nf_register_hook(&netfilter_ops);
我没有从 saddr 和 daddr 获取源 ip 和目标 ip。
删除所有内容并尝试关注
static unsigned int main_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, const struct nf_hook_state *state)
{
struct iphdr *ip_header = (struct iphdr *) (skb->data);
unsigned int src_ip = (unsigned int)ip_header->saddr;
unsigned int dest_ip = (unsigned int)ip_header->daddr;
printk("IP addres = %pI4 DEST = %pI4\n", &src_ip, &dest_ip);
return NF_ACCEPT;
这是结果
[37501.345997] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37506.337854] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37511.345295] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37516.337132] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37521.344589] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37526.336426] IP addres = 0.0.0.0 DEST = 0.0.0.0
[37531.343866] IP addres = 0.0.0.0 DEST = 0.0.0.0
也试过关注但是越来越垃圾
buff = (unsigned char *) skb->data;
for (i=0;i<60;i++) printk("%d.", buff[i]);
printk("\n");
我尝试使用函数来获取数据 (skb_network_header),甚至尝试编写 hello world。 请帮忙。
尝试以这种方式提取:
struct iphdr *ip_hdr = (struct iphdr *)skb_network_header(skb);
并以这种方式访问:
printk("IP addres = %u DEST = %u\n", ip_hdr->saddr, ip_hdr->daddr);