The following is a simple linux kernel module that demonstrates the use of netfilters .
The module code :
#include <linux/kernel.h>#include <linux/module.h>#include <linux/netfilter.h>#include <linux/netfilter_ipv4.h>static struct nf_hook_ops nfho;static int mPacketNo = 0 ;unsigned int hook_func(unsigned int hooknum, struct sk_buff **skb, const struct net_device *in,const struct net_device *out, int (*okfn)(struct sk_buff *)){mPacketNo++;printk(KERN_INFO "packet (%d) Arrived \n" , mPacketNo);return NF_ACCEPT;}int init_module(){nfho.owner = THIS_MODULE;nfho.hook = hook_func;//After promisc drops, checksum checksnfho.hooknum = 0;//IPV4 packetsnfho.pf = PF_INET;//set to highest priority over all other hook functionsnfho.priority = NF_IP_PRI_FIRST;nf_register_hook(&nfho);return 0;}void cleanup_module(){nf_unregister_hook(&nfho);}
The make file
obj-m := TestNetFilter.oKDIR := /lib/modules/$(shell uname -r)/buildPWD := $(shell pwd)default:$(MAKE) -C $(KDIR) M=$(PWD) modules
After building the module using the make command install the module using
sudo insmod TestNetFilter.ko
Surf the web
And check the log using
dmesg
The result :
.
.
.
[ 6982.485399] packet (263) Arrived
[ 6983.007097] packet (264) Arrived
[ 6983.105030] packet (265) Arrived
[ 6983.238858] packet (266) Arrived
[ 6983.306514] packet (267) Arrived
[ 6984.058800] packet (268) Arrived
.
.
.
References
http://www.paulkiddie.com/2009/10/creating-a-simple-hello-world-netfilter-module/
http://www.linuxjournal.com/article/7184
אין תגובות:
הוסף רשומת תגובה