--- lljjff <[EMAIL PROTECTED]> wrote:
> Hi
> I want to write a Netfilter module which should
> interact with user space.Rusty Russell said in the
> hacking HOW-TO,this can be done by setsockopt
> mechanism.But I don't have any idea.Can you help me?
> Is there any example?
>
> 3x.
>
>
> woodhead
>
I hacked this from a more complex program, it just
takes packets into user space and then pushes them
back in the kernel. You need an object ip_queue.o
built into your kernel and I cannot remember what
package I found it in. Check out the man pages for
ipq_read etc.
#include <app.h>
int
main (int argc, char **argv)
{
int read;
ipq_packet_msg_t * stuff ;
char inbuf[2048];
v.rotate = MAX_ROTATE;
v.mcount = 0;
#ifdef POLICY
printf("POLICY \n");
v.policy = POLICY;
#else
printf ("NF_DROP \n");
v.policy = NF_DROP;
#endif /* POLICY */
#ifdef MAIL
fprintf(stderr,"mail \n");
v.mail = 0;
v.timer = Q_TIME;
v.maxq = MAX_Q;
#endif /* MAIL */
umask (0077);
fprintf(stderr,"call command line \n");
cmdline (argc, argv);
fprintf(stderr,"return from command line \n");
set_signals ();
fprintf(stderr,"return from set_signals \n");
/* if (v.daemon)
detach (); dont do this it is stupid the fork
blows up */
fprintf (stderr,"Call ipq init \n");
ipq_init ();
printf ("return from ipq init \n");
if (!open_file (v.dumpfile))
crash ("opening dump file:pdumpq");
for (;;)
{
read = ipq_read (v.h, inbuf, 2048, 0);
stuff = ipq_get_packet(inbuf);
printf("read packet length = %d , id = %d
\n",stuff->data_len,stuff->packet_id);
if
(ipq_set_verdict(v.h,stuff->packet_id,NF_ACCEPT,0,NULL)
< 1)
{
printf ("set verdict failed \n");
exit(1);
}
}
}
app.h...
/* pdumpq - Pcap Dump for Linux/Netfilter QUEUE
*
* Copyright (C) 2001 Ian Jones <[EMAIL PROTECTED]>
*
* This program is free software; you can redistribute
it and/or
* modify it under the terms of the GNU General Public
License
* as published by the Free Software Foundation;
either version 2
* of the License, or (at your option) any later
version.
*
* This program is distributed in the hope that it
will be useful,
* but WITHOUT ANY WARRANTY; without even the implied
warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General
Public License
* along with this program; if not, write to the Free
Software
* Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
#define _GNU_SOURCE
#include <linux/netfilter.h>
#include <libipq.h>
#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
#include <signal.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <time.h>
#include <syslog.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <pcap-ish.h>
#define PIDFILE "/var/run/pdumpq.pid"
#ifdef MAIL
#include <mail.h>
#endif /* MAIL */
#ifndef MAX_ROTATE
#define MAX_ROTATE 10
#endif
#ifndef VERSION
#define VERSION "unknown"
#endif
/* runtime variables */
typedef struct _V
{
unsigned int policy;
int daemon;
int rotate;
int mcount;
unsigned long *marks;
unsigned int *verdicts;
#ifdef MAIL
int mail;
char *email;
int timer;
int maxq;
#endif /* MAIL */
char *dumpfile;
struct ipq_handle *h;
struct sigaction sa;
FILE *file;
}
Values;
Values v;
void detach (void);
void ipq_init (void);
void usage (char *app);
pid_t is_running (void);
void rotate (char *fn);
void set_signals (void);
int open_file (char *fn);
void q_handler (int sig);
void crash (char *error);
int gmt2local (time_t t);
void cmdline (int argc, char **argv);
void process_pkt (ipq_packet_msg_t * m, unsigned int
verdict);
> ______________________________________
>
>
===================================================================
> 新浪免费电子邮箱 (http://mail.sina.com.cn)
> 新浪分类信息:二手市场走一走,该出手时就出手!
> (http://classad.sina.com.cn/2shou/)
>
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
