- 论坛徽章:
- 0
|
这是一个基于数据包原地址过滤的程序,但是编译时老是在
if(sb->nh.iph->saddr == *(unsigned int *)drop_ip) 这句报错
错误:
hook3.c: In function `hook_func':
hook3.c:43: dereferencing pointer to incomplete type
我把这句改成:
if(*(sb->nh.iph->saddr) == *(unsigned int *)drop_ip)
还是报一样的错误,希望高手帮我解疑惑啊!
#define __KERNEL__
#define MODULE
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netdevice.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
static struct nf_hook_ops nfho;
static unsigned char *drop_ip = "\x7f\x00\x00\x01";
unsigned int hook_func(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
struct sk_buff *sb = *skb;
if (!sb)
return NF_ACCEPT;
if (!(sb->nh.iph))
return NF_ACCEPT;
if(sb->nh.iph->saddr == *(unsigned int *)drop_ip)
{
printk("Dropped packet from ...%d.%d.%d.%d\n",*drop_ip, *(drop_ip+1),
*(drop_ip+2), *(drop_ip+3));
return NF_DROP;
}
else
{
return NF_ACCEPT;
}
int init_module()
{
nfho.hook = hook_func;
nfho.hooknum = NF_IP_PRE_ROUTING;
nfho.pf = PF_INET;
nfho.priority = NF_IP_PRI_FIRST;
nf_register_hook(&nfho);
return 0;
}
void cleanup_module()
{
nf_unregister_hook(&nfho);
} |
|
免费注册
发表于 2006-05-22 22:03
