Linux内核模块
[英]Linux Kernel MOdule
问题描述
Is possible to use netfilter to hook all ethernet packets? 
可以使用netfilter挂接所有以太网数据包吗?
I can just get packet from ipv4 or ipv6. 我可以从ipv4或ipv6中获取数据包。
EDit: 编辑:
The above code is my kernel module. 上面的代码是我的内核模块。 I want to get all packets that arrives to one ethernet interface re-direct to another interface.This module just print the name of the device where the packet arrived (just for testing). 我想将到达一个以太网接口的所有数据包重定向到另一个接口。此模块仅打印数据包到达的设备的名称(仅用于测试)。 WIth this hook i just get packets witch type is ipv4, but i want to get all types. 有了这个钩子,我刚刚得到的数据包的类型是ipv4,但是我想获得所有类型。
I searched on web but i didn't find how to configure my hook to get all the packet's that bypass the ethernet interface. 我在网上搜索,但没有找到如何配置钩子来获取绕过以太网接口的所有数据包的方法。
Best Regards 最好的祝福
static struct nf_hook_ops nfho;
int hook_func(struct sk_buff * skb)
{ struct ethhdr *eth;
printk("Device: %s\\n,skb->dev->name);
}
int init_module() {
printk("Hook Module online!\\n");nfho.hook =(nf_hookfn *)hook_func;
nfho.hooknum = NF_IP_PRE_ROUTING;
nfho.pf = PF_INET;nf_register_hook(&nfho);
return 0;
/* Cleanup routine */ void cleanup_module() {
printk("Over and Out!\\n");
1 个解决方案
解决方案1
0 2017-04-09 00:04:25
sure, if I am getting it all right, you just willing to accept all Ether validated packets and pass them to another interface. 当然,如果我没事的话,您只愿意接受所有经过Ether验证的数据包并将它们传递到另一个接口。 In the case, just include the kernel file: 在这种情况下,只需包含内核文件:
#include <linux/if_ether.h>
you get the header by: 您通过以下方式获得标题:
struct ethhdr *hdr = eth_hdr(skb);
// *skb is a ptr !!
and make sure that the ether is valid by checking some values out of the ethhdr struct. 并通过从ethhdr结构中检查一些值来确保以太币有效。 then just sent then by local host or modify the addresses if you want the other interface to accept it like it was his packets. 然后只是由本地主机发送然后修改地址,如果您希望另一个接口像他的数据包一样接受它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.