Hi,i had written a kernel module with the netfilter.But i found a
problem when i judged the value of tcphdr->syn.This is the main code:
static unsigned int hook_func_in(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
struct tcphdr *tcp;
struct icmphdr *icmp;
struct udphdr *udp;
struct iphdr *ip;
char msgk_to_userspace[200];
char *pointer_mtu;
pointer_mtu = &msgk_to_userspace[0];
if(skb == NULL)
{
return NF_DROP;
}
if(ip_hdr(skb))
{
ip = ip_hdr(skb);
}
else
{
return NF_DROP;
}
if((skb->dev != NULL) && (in != NULL))
{
if(skb->dev == in)
{
if(ip->protocol == IPPROTO_TCP)
{
tcp = tcp_hdr(skb);
if(tcp->syn)
{
printk("the syn flag is 1 \n");
/*here,when i send a tcp packet from other machine which had set
the syn flag by NMAP(command:nmap -sS myIP -p 6000),and i also used
wireshark to confirm that the packet had set the syn flag,but the
program didn't print "the syn flag is 1" to
var/log/message.Otherwise,when i changed the code
to"if(!(tcp->syn))","the syn flag is 1" could be print.Yes, it's
opposite!Then i could not thought of why this happened........ */
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
