Problems with Netfilter kernel module

[hussasad]

Hi,

I am trying to build a simple firewall using a Netfilter kernel module.

The kernel version is 2.6.24-23. I am having problems with the 'sk_buff' structure that is being accessed inside the Netfilter hook function (given below). In this function, I am trying to access the tcp header and dropping the packet of it is from a certain port. Most of the tutorials online were written for an older version of 'sk_buff', whose structure has changed. I couldn't find any tutorials that make use of the new structure of sk_buff.

When i run the module, the kernel gets stuck.


unsigned int main_hook(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff*))
{

unsigned char *port = "\x0F\xFF";
ip_header = (struct iphdr *)skb_network_header(*skb);
if(ip_header->protocol != 6){ return NF_ACCEPT; }
tcp_header = skb_transport_header(*skb);
if((tcp_header->dest) == *(unsigned short *)port){ return NF_DROP; }
return NF_ACCEPT;
}

I tried running the module with all the lines in the above function, save the first 2, commented out and I am still getting the same problem. So I guess the problem is with the line 'ip_header = (struct iphdr *)skb_network_header(*skb);'... I have no clue why this shud fail.. one reason i thot was that perhaps the current packet is not an IP packet, hence there is some problem casting the pointer to the network header as a pointer to an IP header... can some one help me out?

Thank,
Sadir