06-13-2011
help implementing an ip filter in linux/net/socket.c (kernel programming)
hi there
so, i was given an assignment: implement a linux system call that blocks all packets that are sent to a given IP (i have to do it without using iptables)
i'm really new to kernel programming btw (and i'm enjoying it a lot)
so, my syscall is called ip_block() and receives a regular IP string as it's only argument - eg: ip_block("200.225.123.34")
so what i did was: i implemented the ip_block syscall in "net/socket.c", and this syscall pretty much stores the IP passed as argument, the one i want to block packets i send to, for later use
then, i modified the already implemented syscall sendto(), as we know, the syscall that's called everytime a packet is sent.
this syscall receives as an argument a sockaddr struct, which stores the packet's socket address; it's fields are sa_family (a flag so we know which kind of address it stores) and an array of chars called sa_data, which is the address itself.
so, what I did was: everytime sendto() was called, i would check the packet's address, and if it matched the IP i had passed to my own syscall, it would just ignore the packet.
but what i have noticed is that all packet's sent from my computer are not IPv4 nor IPv6 packet's -- as I "debugged" the syscall sendto() and made it print on the screen all sent packet's sa_family field, I realized all packet's addresses "sa_family" flag were, instead of AF_INET or AF_INET6 (IPv4 and IPv6) were actually from family AF_NETLINK or AF_PACKET - which I can't extract the IP from, meaning i can't block them since i don't know if they're the ones i want to block!
I have done the same modification in syscall connect(), and it worked: most of the connections made through connect() were given a sockaddr struct as argument and it's sa_family flag were either AF_INET or AF_INET6, which I could easily extract the IP from and compare it with the one I had in my own structure - the one I wanted to block.
So, do you have any ideas of what i should do? as I've done some research I realized AF_NETLINK and AF_PACKET means the packet's are only exchanging data between userspace and kernelspace only, but clearly TCP/IP packets are being sent from my machine as well - where can I get their IP addresses?
Since it's an assignment, I can't just implement a syscall that goes like:
syscall ip_block(){ system("iptables etc. DROP"); }
since i was asked to filter these ip's using kernel programming...
any thoughts or ideas?
thanks in advance, and sorry if there are any language mistakes above - english is not my native language (brazilian here)
10 More Discussions You Might Find Interesting
1. Programming
Hello,
I actually try to make client-server program.
I'm using SCO OpenServer Release 5.0.0 and when I try to compile my code (by TELNET) I've got this error :
I'm just using this simple code :
and I get the same error if I use :
If someone can help me,
Thanks (2 Replies)
Discussion started by: soshell
2 Replies
2. Linux
Hi Everyone!
How can we make a socket() system call from a linux module executing in kernel space?
If any one knows, kindly tell me. It will be great.
I want to use the socket interface in linux kernel space for sending raw packets over the network.
Hamayun (0 Replies)
Discussion started by: mian_m_hamayun
0 Replies
3. IP Networking
my system is a stand alone system... i want to try doing socket porgramming..ihave heard that this is usually done during testing...
how can i do that....? (6 Replies)
Discussion started by: damn_bkb
6 Replies
4. Programming
Hi ,
I'm facing the following problem in socket programming.
My structure is
struct {
int i;
char *str;
}samp;
I'm creating the pointer to this structure and assigning the value to the structure members and send via the socket to the another process.
The receiver process when... (7 Replies)
Discussion started by: arunviswanath
7 Replies
5. Programming
Hello!:)
I'm trying to do some socket programming based on the following situation:
I have a directory service named Casino that will hold all the information regarding the gamers that will try to connect to it in order to play a game(for example (Blackjack).Once they make the login they are... (4 Replies)
Discussion started by: maracumbigo
4 Replies
6. Programming
Good evening everyone! :)
I'm doing a small client / server application for sharing files in C, and I am trying to implement the following:
The client of my application sends to the address 255.255.255.255 a message requesting a particular file.In the network there is only one server,... (1 Reply)
Discussion started by: esmeco
1 Replies
7. UNIX for Advanced & Expert Users
I write kernel module with kernel threads using
linux/kthread.h on 2.6.* kernel
I tried to passing data between two kernel threads
with data argument of kthread_run( fun, data , NAME );
but this is not work I dont know why. I tried many possibility
and nothing works.
So I thought that... (0 Replies)
Discussion started by: marcintom
0 Replies
8. Fedora
Hi Friends,
This is my first ever post on this forum. I am a new user in the Linux field. Although, I have been working for sometime with CentOS at my work, I would consider myself an amateur only in this field. :D
The way file system works in linux and the reason its open-source, has really... (7 Replies)
Discussion started by: rohitrajjain
7 Replies
9. UNIX for Dummies Questions & Answers
in c socket programming, how can I send and received on the same port? (7 Replies)
Discussion started by: Peevish
7 Replies
10. Programming
i'm doing a simple program in socket programming on c i have server that can handle 2clients in a single machine i'm running ubuntu linux so i got it work but the probelm when clients send a message the server will echo it but i cant distinguish which client send the message client 1 or client... (7 Replies)
Discussion started by: kedah160
7 Replies