netfilter hook function called at NF_IP_PRE_ROUTING:
unsigned int in_hook(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
struct iphdr *my_ipheader;
struct tcphdr *my_tcpheader;
struct udphdr *my_udpheader;
unsigned char *my_ip1;
unsigned char *my_ip2;
unsigned char *my_ip3;
unsigned char *my_ip4;
my_ip1 = "SOMETHING_IN_HEX"; //
my_ip2 = "SOMETHING_IN_HEX"; //
my_ip3 = "SOMETHING_IN_HEX"; //
my_ip4 = "SOMETHING_IN_HEX"; //
if (out)
{
if(out->name)
{
// We do NOT want to handle a "weird" null packet
if(skb == NULL)
{
print_string("NULL skb!!!");
return NF_ACCEPT;
}
my_ipheader = (struct iphdr*)((*skb)->nh.iph);
if (my_ipheader->protocol == IPPROTO_TCP)
{
print_string("This is a tcp packet");
if (my_ipheader->saddr == *(unsigned int *)my_ip3)
{
print_string("with source IP xxx.xxx.xxx.xxx");
((struct iphdr*)((*skb)->nh.iph))->saddr = my_ip2;
((struct sk_buff*)(*skb))->proto_csum_blank = 1;
return NF_ACCEPT;
}
}
}
else
{
print_string("out is null");
}
}
print_string("packet is being accepted!");
return NF_ACCEPT;
}
Apparently, these two steps are not sufficient to change the source
address of an skb:
((struct iphdr*)((*skb)->nh.iph))->saddr = my_ip2;
((struct sk_buff*)(*skb))->proto_csum_blank = 1;
All packets that are treated by these are actually dropped.
What *IS* required so that the source address of the skb is changed to
another that is on another interface of the machine?
J
