Kernel Module - Packet Capture/Send And Packet Creation/Send
I am currently working on a kernel module that uses a netfilter hook on out-going packets from the machine.
I can currently load the module and tail /var/log/messages and view the packets which match the packets I see using wireshark.
What I am wanting to do:
1. Hook into all out-going packets. (check)
To do this I have a hook:
which calls hook_out:
static struct nf_hook_ops hook_ops_out __read_mostly =
.pf = PF_INET,
.priority = NF_IP_PRI_FIRST,
.hooknum = NF_INET_POST_ROUTING,
.hook = hook_out,
1.1 Copy the payload of the these packets and place it into a newly created packet with a different dest addr.
static unsigned int hook_out(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff*))
/* TODO: 1.1, 1.2 */
// Print packet info to make sure it is working
return NF_ACCEPT; // This will send the original out-going packet
I need an example of how to create a packet and fill it with the correct parameters.
1.2 Send both packets.
Sending the original out-going packet is easy by returning NF_ACCEPT at the end of the hook.
Sending the created packet is difficult because I cannot find a working example of how to create and send a packet from inside the kernel code. Everything I have found locks up the machine.
Any thoughts would be greatly appreciated.