Results 1 to 1 of 1
Hi,
I am currently working on a kernel module that uses a netfilter hook on out-going packets from the machine.
I can currently load the module and tail /var/log/messages and ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 05-20-2010 #1Just Joined!
- Join Date
- May 2010
- Location
- Iowa
- Posts
- 4
Kernel Module - Packet Capture/Send And Packet Creation/Send
Hi,
I am currently working on a kernel module that uses a netfilter hook on out-going packets from the machine.
I can currently load the module and tail /var/log/messages and view the packets which match the packets I see using wireshark.
What I am wanting to do:
1. Hook into all out-going packets. (check)
To do this I have a hook:
which calls hook_out:Code:static struct nf_hook_ops hook_ops_out __read_mostly = { .pf = PF_INET, .priority = NF_IP_PRI_FIRST, .hooknum = NF_INET_POST_ROUTING, .hook = hook_out, };
1.1 Copy the payload of the these packets and place it into a newly created packet with a different dest addr.Code:static unsigned int hook_out(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff*)) { /* TODO: 1.1, 1.2 */ // Print packet info to make sure it is working return NF_ACCEPT; // This will send the original out-going packet }
I need an example of how to create a packet and fill it with the correct parameters.
1.2 Send both packets.
Sending the original out-going packet is easy by returning NF_ACCEPT at the end of the hook.
Sending the created packet is difficult because I cannot find a working example of how to create and send a packet from inside the kernel code. Everything I have found locks up the machine.
Any thoughts would be greatly appreciated.
Thanks,
tyman
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
