我正在尝试创建linux内核模块,它将检查传入的数据包.目前,我正在提取数据包的TCP头并读取源和目标端口 - >但是我得到的值不正确.我有钩功能:
unsigned int hook_func(unsigned int hooknum, struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
struct iphdr *ipp = (struct iphdr *)skb_network_header(skb);
struct tcphdr *hdr;
/* Using this to filter data from another machine */
unsigned long ok_ip = 2396891328;
/* Some problem, empty network packet. Stop it now. */
if (!skb)
return NF_ACCEPT;
/* Just to track only packets coming from 1 IP */
if (ipp->saddr != ok_ip)
return NF_ACCEPT; …