Siva wrote:
> hai ...
> sory 4 the disturb but is really urgent.we have selected a
> project for packet capturing in Kernal ... we have recompiled the
> 2.6.10 kernal and we r successful ...but we r not able to capture a
> packet.so plz help us or send a program to capture a packet in module
> programming using netfilters....
>
Here is the sample code that captures the packets in the kernel space.
#include <linux/module.h> /* for module parameters */
#include <linux/kernel.h> /* for printk function */
#include <linux/init.h> /* for module explicit
definitions */
#include <linux/netfilter.h> /* for netfilter structure */
#include <linux/netfilter_ipv4.h> /* for IPv4 specific defines */
#include <linux/vmalloc.h> /* for vmalloc function */
#ifdef NETFILTER_DBG
#define PRINTK(fmt,arg...) printk("NET_DBG <%s> | "
fmt,__FUNCTION__,##arg);
#else
#define PRINTK(fmt,arg...) while(0)
#endif
/* define the maximum packet buffer */
#define MAX_PACK_BUFF 2048
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Srinivas G at ESN Technologies");
/* define netfilter structure here */
static struct nf_hook_ops netfilter_hook;
/* pointer to a buffer */
unsigned char *ptr_packet_buff;
/* function prototype which is called when a packet arrives */
unsigned int netfilter_drv_hook(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
PRINTK("One Packet arrvied!\n");
/* alocate the packet buffer */
ptr_packet_buff = (unsigned char *)vmalloc(MAX_PACK_BUFF);
/* the received packet was dropped here itself */
return NF_QUEUE;
}
/* netfilter_init: initialization function */
static int
__init init_netfilter(void)
{
PRINTK("invoked!\n");
/* assign the function pointer */
netfilter_hook.hook = netfilter_drv_hook;
/* assign the protocol family i.e. IPv4 */
netfilter_hook.pf = PF_INET;
/* assign the hook number like NF_IP_LOCAL_IN etc. */
netfilter_hook.hooknum = NF_IP_PRE_ROUTING;
/* assign the hook priority */
netfilter_hook.priority = NF_IP_PRI_FIRST;
/* register the netfilter driver with pointer to structure */
nf_register_hook(&netfilter_hook);
return 0;
}
/* netfilter_exit: cleanup function */
static void
__exit netfilter_exit(void)
{
PRINTK("invoked!\n");
/* unregister the driver */
nf_unregister_hook(&netfilter_hook);
}
/* explicit module definitions */
module_init(init_netfilter);
module_exit(netfilter_exit);
Regards,
Srinivas G
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
