- 论坛徽章:
- 0
|
自己写的,贴上来,个个提点意见了。。。。
#define __KERNEL__
#define MODULE
#include <linux/module.h>
#include <linux/kernel.h> //NIPQUAD()
#include <linux/netdevice.h> //struct net_device
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/in.h> //IPPROTO_TCP
static struct nf_hook_ops nfho;
static char *drop_if = "lo";
unsigned int hook_func(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
if (strcmp(in->name, drop_if) != 0) {
static const char nulldevname[IFNAMSIZ]={0};
struct sk_buff *sb = *skb;
static unsigned int target_ip = 0;
static unsigned short target_port = 0;
static unsigned int source_ip = 0;
static unsigned short source_port = 0;
static char *in_dev_name = "";
static char *out_dev_name = "";
struct file *filp;
struct iphdr *ip;
struct tcphdr *tcp;
ip = sb->nh.iph;
tcp = (struct tcphdr *)(sb->data + (sb->nh.iph->ihl * 4));
in_dev_name = in?in->name:nulldevname;
out_dev_name = out?out->name:nulldevname;
source_ip = ip->saddr;
target_ip = ip->daddr;
target_port = ((((tcp->dest) >> 8 ) & 0xff )|(((tcp->dest) & 0xff) << 8));
source_port = ((((tcp->source) >> 8 ) & 0xff )|(((tcp->source) & 0xff) << 8));
if ((filp = klib_fopen("/root/logfile", O_APPEND|O_WRONLY, S_IRUSR | S_IWUSR)) == NULL) {
printk("Can't open file\n");
return NF_ACCEPT;
}
if(ip->protocol == IPPROTO_TCP)
{
klib_fprintf(filp,"Accepted TCP packet in_dev_name:%s out_dev_name:%s MAC:", in_dev_name, out_dev_name);
if ((sb)->dev && (sb)->dev->hard_header_len && (sb)->mac.raw != (void*)ip) {
int i;
unsigned char *p = (sb)->mac.raw;
for (i = 0; i < (sb)->dev->hard_header_len; i++,p++)
klib_fprintf(filp,"%02x%c", *p,
i==(sb)->dev->hard_header_len - 1
? ' ':':');
} else
klib_fputc(' ', filp);
klib_fprintf(filp," source_ip:%u.%u.%u.%u target_ip:%u.%u.%u.%u source_port:%u target_port:%u\n",
NIPQUAD(source_ip), NIPQUAD(target_ip), source_port, target_port);
klib_fprintf(filp," TCP\n");
}else
klib_fprintf(filp," NOT TCP\n");
klib_fclose(filp);
}
return NF_ACCEPT;
}
static int init_func()
{
nfho.hook = hook_func;
nfho.hooknum = NF_IP_PRE_ROUTING;
nfho.pf = PF_INET;
nfho.priority = NF_IP_PRI_FIRST;
nf_register_hook(&nfho);
return 0;
}
static void cleanup_func()
{
nf_unregister_hook(&nfho);
}
module_init(init_func);
MODULE_LICENSE("GPL");
module_exit(cleanup_func); |
|