how to use sk_run_filter() in the kernel?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, all:
   I want to use the sk_run_filter() in the bridge module, and if the
skb meet the filter the skb will be forward to a specify port. I do it
like this:

1) use the libpcap create pcap, compile rule, and attach the filter

int compile_rule(const char *expr)
{
        struct bpf_program fp;
        pcap_t *pcap;
        static char errbuf[1024];

        pcap = pcap_open_live("eth0", 65535, 1, 1000, errbuf);
        //pcap = pcap_open_dead(DLT_EN10MB, 2600);
        if(NULL == pcap) {
                fprintf(stdout, "create pcap failure! %s\n", errbuf);
                return -1;
        }

        if (0 != pcap_compile(pcap, &fp, expr, 0, 0xFFFFFF00)) {
                fprintf(stdout, "compile pcap failure!\n");
                return -1;
        }

        if (0 != pcap_setfilter(pcap, &fp)) {
                fprintf(stdout, "setfilter failure!\n");
                return -1;
        }

        return 0;
}


2) change the sk_attach_filter() routine which will call my_sk_attach_filter()

struct bnf_ether
{
        struct sk_filter *filter;
        struct net_bridge_port *dst;
};

struct bnf_ether *ether;

unsigned int fsize = sizeof(struct sock_filter) * fprog->len;
fp = kmalloc(fsize + sizeof(*fp), GFP_KERNEL);
copy_from_user(fp->insns, fprog->filter, fsize);
atomic_set(&fp->refcnt, 1);
fp->len = fprog->len;
....
rcu_assign_pointer(ether->filter, fp);
ether->port = dst_port;
....

3) When the packet arrivied, calling my_get_port_dst(struct sk_buff
skb) to search  target port.

filter = rcu_dereference_bh(ether->filter);
res = sk_run_filter(skb, filter->insns, filter->len);

if (res) {
    return ether-> port;
}


But i find sk_run_filter returns 0 all the time. I think something
wrong in my code. How i fix it? And i find the  pcap_setfilter() will
call sk_attach_filter() twice, why?

Best Regards

Bai Shuwei

-- 
------------------------

Thinking before action, but you are wasting time if you don't do action.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux