I want to directly deliver some packets to the L4 layer when the packets get to the hook of NF_IP_PRE_ROUTING. I use the use ip_local_deliver() function. However, it does not work. May I know how I can make it work. Thank you!
Best Regards, Lawrence
Asked
Active
Viewed 400 times
0
-
Some of your code would be useful to potential answerers :) – orique Apr 01 '13 at 16:33
1 Answers
0
Thanks for the suggestion! My code is in the following:
const char* hooks[] = {"NF_IP_PRE_ROUTING"};
unsigned int
header(unsigned int hooknum,
struct sk_buff* skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff*))
{
struct sk_buff* nskb;
struct iphdr *iph = NULL;
nskb = skb;
if(nskb==NULL)
{
printk("%s\n", "*skb is NULL");
return NF_ACCEPT;
}
iph = ip_hdr(nskb);
if(iph == NULL)
{
printk("%s\n", "*iph is NULL");
return NF_ACCEPT;
}
if ((iph->protocol == IPPROTO_UDP) || (iph->protocol == IPPROTO_ICMP)){
ip_local_deliver(nskb);
printk("------delivered --------\n");
return NF_STOLEN;
}
return NF_ACCEPT;
}
static struct nf_hook_ops header_ops[] = {
{
{
.hook = header,
.owner = THIS_MODULE,
.pf = PF_INET,
.hooknum = 0, //NF_IP_PRE_ROUTING,
.priority = NF_IP_PRI_FIRST,
},
};
static int __init init(void)
{
int ret;
ret = nf_register_hooks(header_ops, ARRAY_SIZE(header_ops));
if (ret < 0) {
printk("http detect:can't register header_ops detect hook!\n");
return ret;
}
printk("insmod header_ops detect module\n");
return 0;
}
static void __exit fini(void)
{
nf_unregister_hooks(header_ops, ARRAY_SIZE(header_ops));
printk("remove header_ops detect module.\n");
}
module_init(init);
module_exit(fini);
ctzdev
- 646
- 2
- 9
- 24
user2232764
- 1
- 1
- 4