problem with netfilter hook function struct skbuff *sock is null.. Post: 302369854

Sponsored Content

Top Forums UNIX for Advanced & Expert Users problem with netfilter hook function struct skbuff *sock is null.. Post 302369854 by pavan6754 on Monday 9th of November 2009 08:53:44 PM

11-09-2009

Registered User

problem with netfilter hook function struct skbuff *sock is null..

iam trying to built a firewall.so i have used netfilter for it.
in function main_hook sock_buff is returning null and in my log file continuously "sock buff null" is printed plse help to solve this problem..
(using print_string iam printing strings on current terminal (terminal we ping))

Code:

#include <linux/ip.h>  
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netdevice.h>
#include <linux/init.h>
#include <linux/sched.h>	
#include <linux/tty.h>		
#include <linux/version.h> 
#include<linux/inet.h> 
#include<linux/skbuff.h>
#include <linux/in.h>
# define NF_IP_PRE_ROUTING 0  
static struct nf_hook_ops netfilter_ops_in; 
struct sk_buff *sock_buff;
struct iphdr *ipptr;
static void print_string(char *str)
{
	struct tty_struct *my_tty;
        my_tty = current->signal->tty;

	if (my_tty != NULL) {

		
		((my_tty->driver)->ops->write) (my_tty,str,strlen(str));	

		((my_tty->driver)->ops->write) (my_tty, "\015\012", 2);

	}
}
unsigned int main_hook(unsigned int hooknum,  
                  struct sk_buff **skb,
                  const struct net_device *in,
                  const struct net_device *out,
                  int (*okfn)(struct sk_buff*))
{
    sock_buff = *skb;
    if(!sock_buff){ printk("sock buff null\n"); return NF_ACCEPT; }
    printk(KERN_ALERT "sockbuff is not zero\n");
    ipptr=(struct iphdr *)skb_network_header(sock_buff);                   
    if(!(ipptr))
    { 
            printk(KERN_ALERT "ipptr is ZERO\n"); 
            return NF_ACCEPT; 
    }   
    if(ipptr->saddr == in_aton("10.10.30.1"))
    { 
         print_string("packet dropped(10.10.30.1)\n");             
         return NF_DROP; 
    }     
    return NF_ACCEPT;
}
int init_module()
{
        netfilter_ops_in.hook                   =       (nf_hookfn *)main_hook;
        netfilter_ops_in.pf                     =       PF_INET;
        netfilter_ops_in.hooknum                =       NF_IP_PRE_ROUTING;
        netfilter_ops_in.priority               =       NF_IP_PRI_FIRST;
        nf_register_hook(&netfilter_ops_in); 
        printk("firewall Setuped\n");
return 0;
}
void cleanup()
{
nf_unregister_hook(&netfilter_ops_in); /*unregister NF_IP_PRE_ROUTING hook*/

}

pavan6754

View Public Profile for pavan6754

Find all posts by pavan6754

10 More Discussions You Might Find Interesting

1. Programming

Problem in registering new netfilter target module

Friends I'm facing a big problem trying to extend the netfilter. Somone please help me with your quick reply (any hint) as I've to meet a deadline. My problem is that I've written a new netfilter target module and its corresponding userspace program for iptables to change the packet type of a...

2. Programming

struct tm problem

I receive an integer as argument for a function. within function definition i want it to be of type struct tm. eg.. main() { int a; ...... } function(...,..,a,..) int a; { struct tm tm; if(!a) ^ time(&a); ^ ...

3. Programming

Problem accessing struct member

I have a struct as follows... struct A { int a; ucontext_t X; //ucontext_t is another structure } How do I define a pointer to the above structure variable X of the type ucontext_t from within another function? eg. void foo() { struct A a; /////WHAT COMES IN...

4. Programming

http sock problem

hi am senthil am doing my server-client prog in C++ to send and receive sms through the API .. in which server is a webserver(remote server) and my prog act as a client.. i will form a url based on the HTTP 1.0 protocol.. and hit the server through socket send funtion.. by hitting the...

5. Shell Programming and Scripting

converting from c struct to function

Hey Guys, I need your help where I have a C structure and I want it to be converted into corresponding function. Example: typedef struct { unsigned long LineNum; //1025-4032 unsigned short KeyNum; /*tbd*/ char Key; /*between 1-3*/...

6. Programming

Problem defining a struct

I have the following code and getting the compilation errors baseLib/DynBaseObj.h:80: error: expected constructor, destructor, or type conversion before �(' token baseLib/DynBaseObj.h:89: error: expected constructor, destructor, or type conversion before �(' token baseLib/DynBaseObj.h:101:...

7. Programming

Problem with implementing the times() function in C (struct tms times return zero/negative values)

Hello, i'm trying to implement the times() function and i'm programming in C. I'm using the "struct tms" structure which consists of the fields: The tms_utime structure member is the CPU time charged for the execution of user instructions of the calling process. The tms_stime structure...

8. Programming

Storing C++-struct in file - problem when adding new item in struct

Hi, I have received an application that stores some properties in a file. The existing struct looks like this: struct TData { UINT uSizeIncludingStrings; // copy of Telnet data struct UINT uSize; // basic properties: TCHAR szHost; //defined in Sshconfig UINT iPortNr; TCHAR...

9. Programming

Implementing function outside struct

I have this code where I have declared a struct with some functions. Trying to write the function implementation outside the struct declaration and do not know how to proceed. #ifndef ParseEl_hh #define ParseEl_hh #include <iostream> #include <fstream> #include "DynBaseObj.hh"...

10. Programming

Malloc function returning NULL

Hi All, I am using malloc function for allocating dynamic memory. When I am using below code on Linux server its working fine, but When I am trying the same code on HP UNIX server its returning NULL. below is a fragment of code in which it is giving problem. tmp = (format_tree...

LEARN ABOUT SUSE

__skb_recv_datagram

__SKB_RECV_DATAGRAM(9)						 Linux Networking					    __SKB_RECV_DATAGRAM(9)

NAME

       __skb_recv_datagram - Receive a datagram skbuff

SYNOPSIS

       struct sk_buff * __skb_recv_datagram(struct sock * sk, unsigned flags, int * peeked, int * err);

ARGUMENTS

       sk
	   socket

       flags
	   MSG_ flags

       peeked
	   returns non-zero if this packet has been seen before

       err
	   error code returned

DESCRIPTION

       Get a datagram skbuff, understands the peeking, nonblocking wakeups and possible races. This replaces identical code in packet, raw and
       udp, as well as the IPX AX.25 and Appletalk. It also finally fixes the long standing peek and read race for datagram sockets. If you alter
       this routine remember it must be re-entrant.

       This function will lock the socket if a skb is returned, so the caller needs to unlock the socket in that case (usually by calling
       skb_free_datagram)

       * It does not lock socket since today. This function is * free of race conditions. This measure should/can improve * significantly datagram
       socket latencies at high loads, * when data copying to user space takes lots of time. * (BTW I've just killed the last cli in
       IP/IPv6/core/netlink/packet * 8) Great win.) * --ANK (980729)

       The order of the tests when we find no data waiting are specified quite explicitly by POSIX 1003.1g, don't change them without having the
       standard around please.

COPYRIGHT

Kernel Hackers Manual 2.6.					     July 2010						    __SKB_RECV_DATAGRAM(9)