REGISTERING with netfilter hooks - strange behaviour
Giacomo
delleceste at gmail.com
Mon Jul 30 09:52:51 CEST 2007
Good morning and thanks.
I think i solved getting the tcp/udp header in PRE/IN by means of the
p_tcphead = skb_header_pointer(skb, iph->ihl * 4,
sizeof(tcphead), &tcphead);
where iph is obtained by ip_hdr(skb);
Thank you!
Giacomo
2007/7/30, KOVACS Krisztian <hidden at sch.bme.hu>:
>
> Hi,
>
> On cs, júl 26, 2007 at 05:04:37 +0200, Giacomo wrote:
> > /* THIS IS THE CALLBACK registered by nf_register_hook() */
> > unsigned int
> > deliver_process_by_direction(unsigned int hooknum,
> > struct sk_buff **skb,
> > const struct net_device *in,
> > const struct net_device *out,
> > int (*okfn) (struct sk_buff *))
> > {
> > struct tcphdr* tcph;
> > struct iphdr *iph;
> > if(*skb != NULL)
> > {
> > iph = (struct iphdr*) skb_network_header(*skb);
> > if(iph != NULL)
> > {
> > if (iph->protocol == IPPROTO_TCP)
> > {
> > tcph = (struct tcphdr
> > *)skb_transport_header(*skb);
> > printk("SOURCE: %d - DEST: %d ",
> > ntohs(tcph->source),
> > ntohs(tcph->dest) );
> > }
> > }
> > }
> >
> >
> > /* THE printk() writes values that look like they were uninitialized */
> > THe same happens with
> >
> > ip_hdr(*skb)
> > and tcp_hdr();
> >
> > This happens in NF_PRE and NF_IN
>
> I guess the transport header pointer is not initialized properly when
> you're checking for it. I don't exactly know how it behaves after
> Arnaldo's changes, but skb->th.* used to be invalid on PREROUTING.
>
> --
> KOVACS Krisztian
>
>
--
Giacomo S.
http://www.giacomos.it
- - - - - - - - - - - - - - - - - - - - - -
IPFIREwall (http://www.giacomos.it/ipfire) viene presentato
all'Universita` degli Studi di Udine, il 28 ottobre, in occasione del
Linux Day 2006:
http://iglu.cc.uniud.it/linuxday
- - - - - - - - - - - - - - - - - - - - - -
. '' `.
: :' :
`. ` '
`- Debian GNU/Linux -- The power of freedom
http://www.debian.org
More information about the netfilter-devel
mailing list