- 论坛徽章:
- 0
|
本帖最后由 newand 于 2012-11-29 19:34 编辑
现在程序中使用skb_copy_expand步骤是这样的
1. 调用skb_copy_expand多增加一块内容,返回new_skb。
2. 使用skb_put将tail指针下移,增加skb的len。
3. 用memcpy将skb中前40个字节的IP header复制到new_skb中。
4. 用memcpy将skb中40字节往后的内容复制到new_skb的第40+extend header地址处。
5. 设置extend header的值。
但是运行的结果是,每次抓包,报文的长度不会改变,只是因为第5步改变的内容导致报文出错。- /*
- * this programe is working as plugin of netfilter which will pin a timestamp to
- * the destination header of ipv6 packet every x seconds when the packet is
- * the object multicast packet.
- */
- #include <linux/netfilter.h>
- #include <linux/netfilter_ipv6.h>
- #include <linux/netfilter_ipv6/ip6_tables.h>
- #include <linux/module.h>
- #include <linux/moduleparam.h>
- #include <linux/kernel.h>
- #include <linux/inet.h>
- #include <linux/ip.h>
- #include <linux/udp.h>
- #include <net/checksum.h>
- #include <net/udp.h>
- #include <net/ipv6.h>
- #include <linux/time.h>
- #include <asm/byteorder.h>
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("qj");
- MODULE_DESCRIPTION("Change the header of ipv6 packet");
- #define PRINT(fmt,args...) printk("INFO: " fmt, ##args)
- /* IP6 Hooks */
- /* After promisc drops#include <asm/byteorder.h>
- , checksum checks. */
- #define NF_IP6_PRE_ROUTING 0
- /* If the packet is destined for this box. */
- #define NF_IP6_LOCAL_IN 1
- /* If the packet is destined for another interface. */
- #define NF_IP6_FORWARD 2
- /* Packets coming from a local process. */
- #define NF_IP6_LOCAL_OUT 3
- /* Packets about to hit the wire. */
- #define NF_IP6_POST_ROUTING 4
- /*sequence of measeure#include <asm/byteorder.h>
- sample packet*/
- static int sample_seq = 0;
- /*Next header destination header*/
- struct ip6_dst_hdr
- {
- uint8_t ip6d_nxt;
- uint8_t ip6d_len;
- uint8_t ip6d_opt_type;
- uint8_t ip6d_opt_len;
- uint32_t ip6d_ssn;
- uint32_t ip6d_sec;
- uint32_t ip6d_usec;
- };
- inline
- void print_6addr(const struct in6_addr *addr)
- {
- PRINT("%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n",
- (int)addr->s6_addr[0], (int)addr->s6_addr[1],
- (int)addr->s6_addr[2], (int)addr->s6_addr[3],
- (int)addr->s6_addr[4], (int)addr->s6_addr[5],
- (int)addr->s6_addr[6], (int)addr->s6_addr[7],
- (int)addr->s6_addr[8], (int)addr->s6_addr[9],
- (int)addr->s6_addr[10], (int)addr->s6_addr[11],
- (int)addr->s6_addr[12], (int)addr->s6_addr[13],
- (int)addr->s6_addr[14], (int)addr->s6_addr[15]);
- }
- char *in_ntoa(__u32 in)
- {
- static char buff[18];
- char *p;
-
- p = (char *) ∈
- sprintf(buff, "%d.%d.%d.%d",
- (p[0] & 255), (p[1] & 255), (p[2] & 255), (p[3] & 255));
- return(buff);
- }
- struct sk_buff *
- ip6_reconstruct_pkt(struct sk_buff *skb)
- {
- struct sk_buff *new_skb, *temp_skb;
- struct ipv6hdr * ip6_hdr = ipv6_hdr(skb);
- struct ip6_dst_hdr *ip6_dst;
- struct timeval tv;//get time
- ip6_hdr->nexthdr = 0x60;
- //copy from the *skb to new_skb
- new_skb = skb_copy_expand(skb, skb_headroom(skb),
- skb_tailroom(skb) + sizeof(struct ip6_dst_hdr),
- GFP_ATOMIC);
- if(new_skb == NULL)
- {
- PRINT("Allocate new sk_buffer error!\n");
- return NULL;
- }
- //set the new_skb
- if(skb->sk != NULL)
- skb_set_owner_w(new_skb, skb->sk);
- //move tail to tail + sizeof(ip6_dst_hdr)
- skb_put(new_skb,sizeof(struct ip6_dst_hdr));
-
- //insert a ip6_dst_hdr between the memory
- memcpy (new_skb->data, skb->data, 40);//the ip header has 40 bytes
- memcpy (new_skb->data + 40 + sizeof (struct ip6_dst_hdr),
- skb->data + 40, skb->len - 40);
- skb = new_skb;//skb pointer to new_skb
- //turn the space to ip6_dst struct
- ip6_dst = (struct ip6_dst_hdr *)(new_skb->data + 40);
- memset(ip6_dst,0,sizeof(struct ip6_dst_hdr));
- //add ipv6 destination header
- ip6_dst->ip6d_nxt = htonl(0x17);
- ip6_dst->ip6d_len = htonl(0x15);
- ip6_dst->ip6d_opt_type = htonl(0x00);// type of option
- ip6_dst->ip6d_opt_len = htonl(0x0C);
-
- do_gettimeofday(&tv);
- ip6_dst->ip6d_sec = htonl(tv.tv_sec);
- ip6_dst->ip6d_usec = htonl(tv.tv_usec);
- sample_seq++;
- if(sample_seq==0xffffffff)//if overflow ,reset
- {
- sample_seq=0;
- }
- ip6_dst->ip6d_ssn = htonl(sample_seq);
- return skb;
- }
- /*Hook which will call the encapsulate func when condition satisfied
- *condition1: IPv6 Multicast packets
- *condition2: every 20ms
- */
- static unsigned int
- ip6_multi_modify(unsigned int hooknum,
- struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- int (*okfn)(struct sk_buff*))
- {
- struct sk_buff *sk = skb;
- struct ipv6hdr *ip6_hdr = ipv6_hdr(skb);//header
- //because nh only supportted in kernels below 2.6
- //after 2.6, it often use network_header to express nh
- //struct ipv6hdr *ip6_hdr = (struct ipv6hdr*)skb->nh.ipv6h;
- if(ip6_hdr->version == 6)
- {
- struct in6_addr destip = ip6_hdr->daddr;//destination ip
- //TODO:use module_para or /proc to replace here
- if(destip.s6_addr[0] == 0xff && destip.s6_addr[1] == 0x15)
- {
- if(skb_tailroom(sk) >= 40)
- {
- PRINT("tailroom is enough\n");
- }
- else
- {
- PRINT("not enough\n");
- }
- skb = ip6_reconstruct_pkt(skb);
- if(skb == NULL)
- {
- return NF_STOLEN;
- }
- ip6_hdr= ipv6_hdr(skb);
- if(!skb)
- return NF_STOLEN;
- }
- }
- return NF_ACCEPT;
- }
- /*Initialize the hook*/
- static struct nf_hook_ops nf_out_modify =
- {
- .hook = ip6_multi_modify,
- .hooknum = NF_IP6_PRE_ROUTING,//Check all the forwarded packets
- .pf = PF_INET6,
- .priority = NF_IP6_PRI_FIRST,
- };
- /*Initialize the module*/
- static int __init ip6_multi_init(void)
- {
- int ret;
- ret = nf_register_hook(&nf_out_modify);
- PRINT("IPV6 multicast packet modify module init.\n");
- return 0; //success
- }
- /*Clear the module*/
- static void __exit ip6_multi_exit(void)
- {
- nf_unregister_hook(&nf_out_modify);
- PRINT("IPV6 multicast packet modify module exit.\n");
- }
- module_init(ip6_multi_init);
- module_exit(ip6_multi_exit);
|
|
免费注册
发表于 2012-11-29 19:21
