Re: write a new simple target for netfilter

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Would it be possible to extend your module so that it only
drops packages of a certain user or group?

2010/8/30 Nicola Padovano <nicola.padovano@xxxxxxxxx>:
> Hi all!
> I've write the following  (and dummy) module that drops all packet...
> but...now? after i write the module i can use it?
> for example: i want digit:
> iptables -A INPUT -s 127.0.0.1 -p icmp -j DROP
> but i don't know how create this new target...
> I've modified the netfilter makefile e Kbuild file (in net/netfilter),
> and then i've do 'make' 'make modules' 'make modules_install' but
> after i digit iptables i have this message
>
> "iptables v1.4.2: Couldn't load target `TAR':/lib/xtables/libipt_TAR.
> so: cannot open shared object file: No such file or directory"
>
> what's my problem?
>
>
> code:
> #include <linux/module.h>
> #include <linux/skbuff.h>
> #include <linux/netfilter_ipv4/ip_tables.h>
> #include <linux/kernel.h>
> #include <linux/netfilter.h>
> #include <linux/netfilter_ipv4.h>
> #include <linux/netfilter/x_tables.h>
>
> static unsigned int xt_tar_target(unsigned int hook,
>                                                 struct sk_buff **skb,
>                                                 const struct net_device *in,
>                                                 const struct net_device *out,
>                                                 int (*okfn)(struct sk_buff*))
> {
>    printk(KERN_INFO "ciaociao");
>    return NF_DROP;
> }
>
> static struct xt_target xt_tar_reg = {
>    .name       = "TAR",
>    .family     = AF_INET,
>    .proto      = IPPROTO_TCP,
>    .target     = xt_tar_target,
>    .me         = THIS_MODULE,
> };
>
> static int __init xt_tar_init(void)
> {
>    return xt_register_target(&xt_tar_reg);
> }
>
> static void __exit xt_tar_exit(void)
> {
>    xt_unregister_target(&xt_tar_reg);
> }
>
> module_init(xt_tar_init);
> module_exit(xt_tar_exit);
>
> MODULE_DESCRIPTION("np des");
> MODULE_LICENSE("GPL");
> MODULE_ALIAS("xt_TAR");
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux