- 论坛徽章:
- 0
|
I m new to kernel developement
I m trying to send ICMP_ECHOREPLY in responce to ICMP_ECHO from the
kernel itself using netfilter hooks
I m using dev_queue_xmit() to send packets where I dont get a negative
value in return
But for some reason my reply is not received by requester.
please help mehere is my code::
#define __KERNEL__
#define MODULE
#include<linux/module.h>
#include<linux/kernel.h>
#include<linux/netdevice.h>
#include<linux/netfilter.h>
#include<linux/netfilter_ipv4.h>
#include<linux/in.h>
//#include<linux/tcp.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include<linux/icmp.h>
#include<linux/if_ether.h>
#include<linux/if_packet.h>
#include<linux/if_arp.h>
#include<net/checksum.h>
/* This is the structure we shall use to register our function */
static struct nf_hook_ops nfho;
static struct nf_hook_ops nfho1;
/* Name of the interface we want to drop packets from */
struct icmphdr *icmp;
/* This is the hook function itself */
in_cksum (addr, len)
u_short *addr;
int len;
{
register int nleft = len;
register u_short *w = addr;
register int sum = 0;
u_short answer = 0;
/*
* Our algorithm is simple, using a 32 bit accumulator (sum), we add
* sequential 16 bit words to it, and at the end, fold back all the
* carry bits from the top 16 bits into the lower 16 bits.
*/
while (nleft > 1)
{
sum += *w++;
nleft -= 2;
}
/* mop up an odd byte, if necessary */
if (nleft == 1)
{
*(u_char *) (&answer) = *(u_char *) w;
sum += answer;
}
/* add back carry outs from top 16 bits to low 16 bits */
sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
sum += (sum >> 16); /* add carry */
answer = ~sum; /* truncate to 16 bits */
return (answer);
}
unsigned int hook_func(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
unsigned int temp;
int error;
struct sk_buff *sb = *skb;
struct device *ndev= NULL;
int sum;
if (sb->nh.iph->protocol == IPPROTO_ICMP)
{
/* printk("\n%d",sb->nh.iph->saddr);
printk("%d",sb->nh.iph->daddr);
printk("ICMP PACKET"); */
icmp = (struct icmphdr *)(sb->data + sb->nh.iph->ihl * 4);
//printk("\n checksum before : %x",sb->csum);
if(icmp->type == ICMP_ECHO)
{
temp=sb->nh.iph->saddr;
sb->nh.iph->saddr=sb->nh.iph->daddr;
sb->nh.iph->daddr=temp;
sb->pkt_type=PACKET_OUTGOING;
//icmp_send(sb,ICMP_ECHOREPLY,0,out);
//ip_send_check(sb->nh.iph);
//sb->pkt_type=PACKET_OUTGOING;
icmp->type=ICMP_ECHOREPLY;
icmp->code=0x0;
icmp->checksum=0;
icmp->checksum=in_cksum((unsigned short
*)icmp,(sb->len-sb->nh.iph->ihl * 4));
//printk("\nICMP ECHO RECIVED FROM %d",sb->nh.iph->saddr);
sb->pkt_type=PACKET_OUTGOING;
switch (sb->dev->type)
{
case ARPHRD_PPP:
break;
case ARPHRD_LOOPBACK:
case ARPHRD_ETHER:
{
unsigned char t_hwaddr[ETH_ALEN];
//printk("\nchnging mac");
//printk("\n%s",sb->data);
//sb->len += ETH_HLEN; //sizeof(sb->mac.ethernet);
memcpy(t_hwaddr, (sb->mac.ethernet->h_dest), ETH_ALEN);
memcpy((sb->mac.ethernet->h_dest),
(sb->mac.ethernet->h_source),ETH_ALEN);
memcpy((sb->mac.ethernet->h_source), t_hwaddr, ETH_ALEN);
break;
}
}
dev_queue_xmit(sb);
return NF_STOLEN;
}
}
return NF_ACCEPT;
}
/* Initialisation routine */
int init_module()
{
/* Fill in our hook structure */
nfho.hook = hook_func; /* Handler function */
nfho.hooknum = NF_IP_PRE_ROUTING; /* First hook for IPv4 */
nfho.pf = PF_INET;
nfho.priority = NF_IP_PRI_FIRST; /* Make our function first */
nf_register_hook(&nfho);
return 0;
}
/* Cleanup routine */
void cleanup_module()
{
nf_unregister_hook(&nfho);
} |
|
免费注册
发表于 2008-06-17 00:10
