On Feb 16, 6:38*pm, Ratnaraj <ratnara...@gmail.com> wrote:
> Hi,
>
> i'm trying a simple lkm tht register a hook in PF_BRIDGE protocol,
> also registers a queue_handler for the same.
> the hook function simply returns NF_QUEUE for all IP pakcets.
>
> i'm trying this out in 2.6.18-8.el5 (centos 5.0)
>
> it seems like pkts are queuing up, but the _problem_ is queue_handler
> is not getting invoked.
> plz refer to the code below.
>
> NOTE: the same program worked fine in my rh9 (ie 2.4 kernel), of
> course with minor nf API modification
> -----------------------------------------------------------------------------------------------------------------------------
> #include <linux/module.h>
> #include <linux/kernel.h>
>
> #include <linux/skbuff.h>
> #include <linux/if_ether.h>
> #include <linux/in.h>
> #include <linux/ip.h>
> #include <linux/tcp.h>
> #include <linux/list.h>
> #include <linux/netfilter.h>
> #include <linux/netfilter_bridge.h>
> #include <linux/netfilter_ipv4.h>
> #include <linux/spinlock.h>
>
> static unsigned int ebq_hook(unsigned int hook,
> * * * * struct sk_buff **pskb,
> * * * * const struct net_device *in,
> * * * * const struct net_device *out,
> * * * * int (*okfn)(struct sk_buff *))
> {
> * * if(ntohs(ETH_P_IP) != eth_hdr(*pskb)->h_proto) * * * * * * * * * //
> why to q non ip packets???
> * * {
> * * * * printk(KERN_WARNING "eb_queue: caught non-IP packet\n");
> * * * * return NF_ACCEPT;
> * * }
> * * //printk(KERN_INFO "src_ip: %d.%d.%d.%d *dst_ip: %d.%d.%d.%d\n",
> * * * * * * //NIPQUAD((*pskb)->nh.iph->saddr), NIPQUAD((*pskb)->nh.iph->daddr));
>
> * * return NF_QUEUE;
>
> }
>
> static struct nf_hook_ops ebq_ops =
> {
> * * .hook = ebq_hook,
> * * .owner = THIS_MODULE,
> * * .pf = PF_BRIDGE,
> * * .hooknum = NF_BR_FORWARD,
> * * .priority = NF_BR_PRI_FIRST
>
> };
>
> static int ebq_enqueue(struct sk_buff *skb, struct nf_info *info,
> * * * * unsigned int queuenum, void
> *data) * * * * * * * * * * * * * * * //start queueing.....
> {
> * * int status = -EINVAL;
>
> * * printk(KERN_INFO "ebq_enqueue: inside ebq_enqueue\n");
> * * printk(KERN_INFO "src_ip: %d.%d.%d.%d *dst_ip: %d.%d.%d.%d\n",
> * * * * * * NIPQUAD(skb->nh.iph->saddr), NIPQUAD(skb->nh.iph->daddr));
>
> * * nf_reinject(skb, info, NF_ACCEPT);
> * * status = 0;
>
> * * return status;
>
> }
>
> static struct nf_queue_handler ebq_handler =
> {
> * * .name = "testicles",
> * * .data = NULL,
> * * .outfn = ebq_enqueue,
>
> };
>
> int enter_da_dragon(void) * * * * * * * * * * * ** * * *//module
> loading....
> {
> * * int status = -ENOMEM;
>
> * * printk(KERN_INFO "eb_queue: registering hook handler\n");
>
> * * status = nf_register_hook(&ebq_ops);
> * * if(status < 0)
> * * {
> * * * * printk(KERN_ERR "eb_queue: failed to register hook\n");
> * * * * return -EINVAL;
> * * }
>
> * * printk(KERN_INFO "eb_queue: registering queue handler\n");
> * * status = nf_register_queue_handler(PF_BRIDGE, &ebq_handler);
> * * if(status < 0)
> * * {
> * * * * printk(KERN_ERR "eb_queue: failed to register queue handler
> \n");
> * * * * goto err_queue;
> * * }
>
> * * return status;
>
> err_queue:
> * * nf_unregister_hook(&ebq_ops);
>
> * * return status;
>
> }
>
> void exit_da_dragon(void) * * * * * * * * * * * ** * * *//module
> exitin....
> {
> * * printk(KERN_INFO "eb_queue: unregistering queue handler\n");
> * * nf_unregister_queue_handler(PF_BRIDGE);
> * * printk(KERN_INFO "eb_queue: unregistering hook handler\n");
> * * nf_unregister_hook(&ebq_ops);
>
> }
>
> module_init(enter_da_dragon);
> module_exit(exit_da_dragon);
>
> MODULE_DESCRIPTION("bridge mode hook!!!");
> MODULE_LICENSE("GPL");
> ----------------------------------------------------------------------------------------------------------------------
>
> TIA,
> Ratnaraj
afinfo needs to be registered... nf_register_afinfo
|
Similar Threads
Linear Mode
