Find the answer to your Linux question:
Results 1 to 1 of 1
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Problems with Netfilter kernel module


    I am trying to build a simple firewall using a Netfilter kernel module.

    The kernel version is 2.6.24-23. I am having problems with the 'sk_buff' structure that is being accessed inside the Netfilter hook function (given below). In this function, I am trying to access the tcp header and dropping the packet of it is from a certain port. Most of the tutorials online were written for an older version of 'sk_buff', whose structure has changed. I couldn't find any tutorials that make use of the new structure of sk_buff.

    When i run the module, the kernel gets stuck.

    unsigned int main_hook(unsigned int hooknum,
    struct sk_buff **skb,
    const struct net_device *in,
    const struct net_device *out,
    int (*okfn)(struct sk_buff*))

    unsigned char *port = "\x0F\xFF";
    ip_header = (struct iphdr *)skb_network_header(*skb);
    if(ip_header->protocol != 6){ return NF_ACCEPT; }
    tcp_header = skb_transport_header(*skb);
    if((tcp_header->dest) == *(unsigned short *)port){ return NF_DROP; }
    return NF_ACCEPT;

    I tried running the module with all the lines in the above function, save the first 2, commented out and I am still getting the same problem. So I guess the problem is with the line 'ip_header = (struct iphdr *)skb_network_header(*skb);'... I have no clue why this shud fail.. one reason i thot was that perhaps the current packet is not an IP packet, hence there is some problem casting the pointer to the network header as a pointer to an IP header... can some one help me out?

    Last edited by hussasad; 03-01-2009 at 07:21 AM. Reason: Grammatical errors

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts