- 论坛徽章:
- 0
|
本帖最后由 humengez 于 2014-03-19 17:25 编辑
回复 8# lonelyair - #define NIPQUAD(addr)\
- ((unsigned char *)&addr)[0],\
- ((unsigned char *)&addr)[1],\
- ((unsigned char *)&addr)[2],\
- ((unsigned char *)&addr)[3]
- #include <linux/module.h>
- #include <linux/kernel.h>
- #include <linux/init.h>
- #include <linux/netfilter.h>
- #include <linux/types.h>
- #include <linux/version.h>
- #include <linux/skbuff.h>
- #include <linux/ip.h>
- #include <linux/netfilter.h>
- #include <linux/netfilter_ipv4/ip_tables.h>
- #include <linux/netdevice.h>
- #include <linux/if_ether.h>
- #include <linux/if_packet.h>
- #include <linux/inet.h>
- #include <linux/string.h>
- #include <net/tcp.h>
- #include <net/udp.h>
- #include <net/icmp.h>
- #include <linux/netfilter_ipv4.h>
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("who");
- #define IP_HDR_LEN 20
- #define UDP_HDR_LEN 8
- #define TOT_HDR_LEN 28
- #define ADDRLEN 16
- static char dstIP[ADDRLEN] = {0};
- #define SOCKET_OPT_BASE 128
- #define SOCKET_OPT_SETTARGET (SOCKET_OPT_BASE)
- #define SOCKET_OPT_GETTARGET (SOCKET_OPT_BASE)
- #define SOCKET_OPT_MAX (SOCKET_OPT_BASE+1)
- static struct nf_hook_ops send_ops;
- static struct nf_hook_ops rcv_ops;
- struct rtphdr
- {
- __u8 cc:4;
- __u8 x:1;
- __u8 p:1;
- __u8 v:2;
- __u8 pt:7;
- __u8 m:1;
- __u16 seq;
- __u16 ts;
- __u32 ssrc;
- __u32 csrc[1];
- };
- static int recv_cmd(struct sock *sk,int cmd, void __user *user,unsigned int len)
- {
- int ret = 0;
- if(cmd == SOCKET_OPT_SETTARGET)
- {
- memset(dstIP,0,ADDRLEN);
- ret = copy_from_user(dstIP,user,len);
- if(ret != 0)
- {
- printk("error: can not copy data from userspace\n");
- return -1;
- }
- printk("The target IP from User: %s \n",dstIP);
- }
- return ret;
- }
- static int send_cmd(struct sock *sk,int cmd, void __user *user,int *len)
- {
- int ret = 0;
- if(cmd == SOCKET_OPT_GETTARGET)
- {
- if(0!=(ret = copy_to_user(user,dstIP,ADDRLEN)))
- {
- printk("error: can not copy data to userspace\n");
- return -1;
- }
- printk("The target IP to User: %s \n",dstIP);
- }
- return ret;
- }
- static struct nf_sockopt_ops my_sockops = {
- .pf = PF_INET,
- .set_optmin = SOCKET_OPT_SETTARGET,
- .set_optmax = SOCKET_OPT_MAX,
- .set = recv_cmd,
- .get_optmin = SOCKET_OPT_GETTARGET,
- .get_optmax = SOCKET_OPT_MAX,
- .get = send_cmd
- };
- static int index = 1;
- static unsigned int send(unsigned int hooknum, struct sk_buff * skb,
- const struct net_device * in, const struct net_device * out,
- int (*okfn)(struct sk_buff *))
- {
- struct iphdr* iph;
- struct udphdr* udph;
- struct tcphdr* tcph;
- unsigned char *data = NULL;
- int datalen;
- int ret = 0;
- __u16 dst_port,src_port;
- __be32 myip;
- if(skb)
- {
- iph = (struct iphdr *)skb_header_pointer(skb,0,0,NULL);
- if(iph)
- {
- if(strcmp(dstIP,"")!=0&&strcmp(dstIP,"0.0.0.0")!=0)
- {
- myip = in_aton(dstIP);
- if(iph->daddr == myip)
- {
- if(iph->protocol == IPPROTO_UDP)
- {
- udph = (struct udphdr *)skb_header_pointer(skb,IP_HDR_LEN,0,NULL);
- data = (char *)skb_header_pointer(nskb,TOT_HDR_LEN,0,NULL);
- datalen = ntohs(iph->tot_len)-TOT_HDR_LEN;
- }
- else if(iph->protocol == IPPROTO_TCP)
- {
- tcph = (struct tcphdr *)skb_header_pointer(skb,IP_HDR_LEN,0,NULL);
- int offlen = IP_HDR_LEN + tcph->doff*4;
- data = (char *)skb_header_pointer(skb,offlen,0,NULL);
- datalen = ntohs (iph->tot_len)-offlen;
- }
- int j;
- for(j=0; j<datalen; j++)
- {
- data[j] += 1;
- }
- printk("encrypted\n");
- iph->check = 0;
- ip_send_check(iph);
- }
- }
- }
- }
- return NF_ACCEPT;
- }
- static unsigned int rcv(unsigned int hooknum, struct sk_buff * skb,
- const struct net_device * in, const struct net_device * out,
- int (*okfn)(struct sk_buff *))
- {
- struct iphdr* iph;
- struct udphdr* udph;
- struct tcphdr* tcph;
- unsigned char *data = NULL;
- int datalen;
- struct rtphdr * rtph;
- int ret = 0;
- __u16 dst_port,src_port;
- __be32 myip;
- if(skb)
- {
- iph = (struct iphdr *)skb_header_pointer(skb,0,0,NULL);
- if(iph)
- {
- if(strcmp(dstIP,"")!=0&&strcmp(dstIP,"0.0.0.0")!=0)
- {
- myip = in_aton(dstIP);
- if(iph->saddr == myip)
- {
- if(iph->protocol == IPPROTO_UDP)
- {
- udph = (struct udphdr *)skb_header_pointer(skb,IP_HDR_LEN,0,NULL);
- data = (char *)skb_header_pointer(skb,TOT_HDR_LEN,0,NULL);
- datalen = ntohs(iph->tot_len)-TOT_HDR_LEN;
- }
- else if(iph->protocol == IPPROTO_TCP)
- {
- tcph = (struct tcphdr *)skb_header_pointer(skb,IP_HDR_LEN,0,NULL);
- int offlen = IP_HDR_LEN + tcph->doff*4;
- data = (char *)skb_header_pointer(skb,offlen,0,NULL);
- datalen = ntohs (iph->tot_len)-offlen;
- }
- int m;
- for(m = 0; m<datalen; m++)
- {
- data[m] -=1;
- }
- printk("discpered\n");
- iph->check = 0;
- ip_send_check(iph);
- }
- }
- }
- }
- return NF_ACCEPT;
- }
- static int __init init(void)
- {
- send_ops.hook = send;
- send_ops.hooknum = NF_INET_POST_ROUTING;
- send_ops.pf = PF_INET;
- send_ops.priority = NF_IP_PRI_LAST;
- rcv_ops.hook = rcv;
- rcv_ops.hooknum = NF_INET_POST_ROUTING;
- rcv_ops.pf = PF_INET;
- rcv_ops.priority = NF_IP_PRI_FIRST;
- nf_register_sockopt(&my_sockops);
- nf_register_hook(&send_ops);
- nf_register_hook(&rcv_ops);
- }
- static void __exit fini(void)
- {
- nf_unregister_hook(&send_ops);
- nf_unregister_hook(&rcv_ops);
- nf_unregister_hook(&my_sockops);
- printk("%s\n", "remove modify skb module.");
- }
- module_init(init);
- module_exit(fini);
复制代码 这是全部代码,rtphdr目前用不到,是准备以后进一步开发用的
|
|