- 求职 : 通讯/电信开
- 论坛徽章:
- 2
|
- #include <linux/module.h>
- #include <linux/kernel.h>
- #include <linux/skbuff.h>
- #include <linux/ip.h>
- #include <linux/netfilter.h>
- #include <linux/netfilter_ipv4.h>
- #include <linux/if_ether.h>
- #include <linux/if_packet.h>
- #include <linux/netdevice.h>
- #include <net/tcp.h>
- #include <net/udp.h>
- #include <net/ip.h>
- extern int ip_rcv_finish(struct sk_buff *skb);
- MODULE_LICENSE("Dual BSD/GPL");
- MODULE_AUTHOR("伍鹏飞");
- MODULE_DESCRIPTION("多径路由并发模块");
- MODULE_VERSION("0.0.1");
- static unsigned char rule_ip[4] = {192,168,1,0}; // target capture ip default parameter
- static unsigned char rule_mask[4] = {255,255,255,0};//MUSTget local host ip
- static unsigned int mirule_ip;
- static unsigned int mimask;
- static unsigned int anum = 4;
-
- module_param_array(rule_ip, byte,&anum, S_IRUSR|S_IWUSR);
- module_param_array(rule_mask, byte,&anum, S_IRUSR|S_IWUSR);
-
- unsigned int nf_hook_pre(unsigned int hooknum, struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- int (*okfn)(struct sk_buff *))
- {
- struct sk_buff *skb2;
- struct iphdr *iph = ip_hdr(skb);
- struct iphdr *iph2;
- mirule_ip = *(unsigned int *)rule_ip;
- mimask = *(unsigned int *)rule_mask;
- if((iph->saddr^mirule_ip) & mimask) //如果源地址不是同一子网的,直接进行后面的处理,不进行并发
- return NF_ACCEPT;
- else
- {
- skb2 = skb_clone(skb,GFP_ATOMIC);
- iph2 = ip_hdr(skb2);
- iph2->tos = 0x04;
- iph2->check = 0;
- iph2->check = ip_fast_csum((unsigned char*)iph2, iph2->ihl);
- ip_rcv_finish(skb2);
- iph->tos = 0x08;
- iph->check = 0;
- iph->check = ip_fast_csum((unsigned char*)iph, iph->ihl);
- }
- return NF_ACCEPT;
- }
- unsigned int nf_hook_in(unsigned int hooknum, struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- int (*okfn)(struct sk_buff *))
- {
- struct iphdr *iph = ip_hdr(skb);
- if(iph->tos == 0x04)
- return NF_DROP;
- else
- return NF_ACCEPT;
- }
- static struct nf_hook_ops nf_pre =
- {
- .hook = nf_hook_pre,
- .hooknum = NF_INET_PRE_ROUTING,
- .pf = PF_INET,
- .priority = NF_IP_PRI_FIRST,
- };
- static struct nf_hook_ops nf_in =
- {
- .hook = nf_hook_in,
- .hooknum = NF_INET_LOCAL_IN,
- .pf = PF_INET,
- .priority = NF_IP_PRI_FIRST,
- };
- static int __init init(void)
- {
- nf_register_hook(&nf_pre);
- nf_register_hook(&nf_in);
- printk(KERN_ALERT "insmod mulpath successful!\n");
- return 0;
- }
- static void __exit exit(void)
- {
- nf_unregister_hook(&nf_pre);
- nf_unregister_hook(&nf_in);
- printk(KERN_ALERT "rmmod mulpath successful!\n");
- }
- module_init(init);
- module_exit(exit);
复制代码 |
|