Google luky.org euqset.org
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Is my module program is giving correct output?

Hello all,
          While writing kernel module packet sniffer i
start with first accessing packets length 
and its data part.so, to start i try to access packet
data first and copy it to other variable to dump
its contents but i am facing a problem while accessing
the packet's data. As i have studied i 
found that data in packet at any layer resides in
between data and tail pointers.  So if i
have to print it or copy it in any unsigned string
then how to do that?
          I tried with following example which
receives packet and print data part at IP layer. But I
am not sure whether am i getting packet dump or
address of string packet?
Thanks in advance.
regards,
linux_lover

#define MODULE
#define __KERNEL__

#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>

#include <linux/string.h>

static struct nf_hook_ops nfho;

unsigned int hook_func(unsigned int hooknum,struct
sk_buff **skb,
                                 const struct
net_device *in,
                                 const struct
net_device *out,
                                 int (*okfn)(struct
sk_buff *))
{
  struct sk_buff *sb = *skb;
  printk(KERN_DEBUG "calling hook_func at
NF_IP_LOCAL_OUT\n");
      unsigned char *packet;
      unsigned int buflen;
      int  i=0;
      buflen=sb->len;
      packet=kmalloc(buflen,GFP_USER);
      memset(packet,'\0',buflen);
      printk(KERN_DEBUG "Length of skb->data in hook
function = %d\n", buflen);
      strncpy(packet,sb->data,buflen);
      printk(KERN_DEBUG "packet contents of sb->data
in hook function = %x\n", packet);

     return NF_ACCEPT;
}

static int __init init(void)   
  {
              nfho.hook     = hook_func;
              nfho.hooknum  = NF_IP_LOCAL_OUT;
              nfho.pf       = PF_INET;
              nfho.priority = NF_IP_PRI_FIRST;
              nf_register_hook(&nfho1);
              return 0;
          }

static void __exit fini(void)
          {
              nf_unregister_hook(&nfho1);
          }
module_init(init);
module_exit(fini);
MODULE_LICENSE("GPL");


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - 250MB free storage. Do more. Manage less. 
http://info.mail.yahoo.com/mail_250
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
$B$3$N>pJs$,$"$J$?$NC5$7$F$$?$b$N$+$I$&$+A*Br$7$F$/$@$5$!#(B
yes/$B$^$5$K$3$l$@!*(B   no/$B0c$&$J$!(B   part/$B0lIt8+$D$+$C$?(B   try/$B$3$l$G;n$7$F$_$k(B
$B$"$J$?$,C5$7$F$$?>pJs$O$I$N$h$&$J$3$H$+!"$4<+M3$K5-F~2<$5$!#FC$K!V$^$5$K$3$l$@!*!W$H8@$&>l9g$O5-F~$r$*4j$$7$^$9!#(B
$BNc(B:$B!VJ#?t$N%^%7%s$+$i(BCATV$B7PM3$G(Bipmasquerade$B$rMxMQ$7$F(BWeb$B$r;2>H$7$?$>l9g$N@_Dj$K$D$$F!W(B