ok thk 4 the program...can we know how to retreive data and header
part from the captured packet...does it store the packet values in
buffer or sk
_buff in netfilter_drv_hook()...
On 1/31/06, Srinivas G. <srinivasg@xxxxxxxxxxxxxxxxxxxxx> wrote:
> Siva wrote:
> > hai ...
> > sory 4 the disturb but is really urgent.we have selected a
> > project for packet capturing in Kernal ... we have recompiled the
> > 2.6.10 kernal and we r successful ...but we r not able to capture a
> > packet.so plz help us or send a program to capture a packet in module
> > programming using netfilters....
> >
> Here is the sample code that captures the packets in the kernel space.
>
> #include <linux/module.h> /* for module parameters */
> #include <linux/kernel.h> /* for printk function */
> #include <linux/init.h> /* for module explicit
> definitions */
> #include <linux/netfilter.h> /* for netfilter structure */
> #include <linux/netfilter_ipv4.h> /* for IPv4 specific defines */
> #include <linux/vmalloc.h> /* for vmalloc function */
>
> #ifdef NETFILTER_DBG
> #define PRINTK(fmt,arg...) printk("NET_DBG <%s> | "
> fmt,__FUNCTION__,##arg);
> #else
> #define PRINTK(fmt,arg...) while(0)
> #endif
>
> /* define the maximum packet buffer */
> #define MAX_PACK_BUFF 2048
>
> MODULE_LICENSE("GPL");
> MODULE_AUTHOR("Srinivas G at ESN Technologies");
>
> /* define netfilter structure here */
> static struct nf_hook_ops netfilter_hook;
>
> /* pointer to a buffer */
> unsigned char *ptr_packet_buff;
>
> /* function prototype which is called when a packet arrives */
> unsigned int netfilter_drv_hook(unsigned int hooknum,
> struct sk_buff **skb,
> const struct net_device *in,
> const struct net_device *out,
> int (*okfn)(struct sk_buff *))
> {
> PRINTK("One Packet arrvied!\n");
>
> /* alocate the packet buffer */
> ptr_packet_buff = (unsigned char *)vmalloc(MAX_PACK_BUFF);
>
> /* the received packet was dropped here itself */
> return NF_QUEUE;
> }
>
>
>
> /* netfilter_init: initialization function */
> static int
> __init init_netfilter(void)
> {
> PRINTK("invoked!\n");
>
> /* assign the function pointer */
> netfilter_hook.hook = netfilter_drv_hook;
>
> /* assign the protocol family i.e. IPv4 */
> netfilter_hook.pf = PF_INET;
>
> /* assign the hook number like NF_IP_LOCAL_IN etc. */
> netfilter_hook.hooknum = NF_IP_PRE_ROUTING;
>
> /* assign the hook priority */
> netfilter_hook.priority = NF_IP_PRI_FIRST;
>
> /* register the netfilter driver with pointer to structure */
> nf_register_hook(&netfilter_hook);
>
> return 0;
> }
>
> /* netfilter_exit: cleanup function */
> static void
> __exit netfilter_exit(void)
> {
> PRINTK("invoked!\n");
>
> /* unregister the driver */
> nf_unregister_hook(&netfilter_hook);
>
> }
>
> /* explicit module definitions */
> module_init(init_netfilter);
> module_exit(netfilter_exit);
>
> Regards,
> Srinivas G
>
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
