Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: help implementing an ip filter in linux/net/socket.c (kernel programming)
Special Forums IP Networking help implementing an ip filter in linux/net/socket.c (kernel programming) Post 302530085 by lgfaria on Sunday 12th of June 2011 11:42:18 PM
Old 06-13-2011
help implementing an ip filter in linux/net/socket.c (kernel programming)
hi there

so, i was given an assignment: implement a linux system call that blocks all packets that are sent to a given IP (i have to do it without using iptables)

i'm really new to kernel programming btw (and i'm enjoying it a lot)

so, my syscall is called ip_block() and receives a regular IP string as it's only argument - eg: ip_block("200.225.123.34")

so what i did was: i implemented the ip_block syscall in "net/socket.c", and this syscall pretty much stores the IP passed as argument, the one i want to block packets i send to, for later use

then, i modified the already implemented syscall sendto(), as we know, the syscall that's called everytime a packet is sent.

this syscall receives as an argument a sockaddr struct, which stores the packet's socket address; it's fields are sa_family (a flag so we know which kind of address it stores) and an array of chars called sa_data, which is the address itself.

so, what I did was: everytime sendto() was called, i would check the packet's address, and if it matched the IP i had passed to my own syscall, it would just ignore the packet.

but what i have noticed is that all packet's sent from my computer are not IPv4 nor IPv6 packet's -- as I "debugged" the syscall sendto() and made it print on the screen all sent packet's sa_family field, I realized all packet's addresses "sa_family" flag were, instead of AF_INET or AF_INET6 (IPv4 and IPv6) were actually from family AF_NETLINK or AF_PACKET - which I can't extract the IP from, meaning i can't block them since i don't know if they're the ones i want to block!

I have done the same modification in syscall connect(), and it worked: most of the connections made through connect() were given a sockaddr struct as argument and it's sa_family flag were either AF_INET or AF_INET6, which I could easily extract the IP from and compare it with the one I had in my own structure - the one I wanted to block.

So, do you have any ideas of what i should do? as I've done some research I realized AF_NETLINK and AF_PACKET means the packet's are only exchanging data between userspace and kernelspace only, but clearly TCP/IP packets are being sent from my machine as well - where can I get their IP addresses?

Since it's an assignment, I can't just implement a syscall that goes like:

syscall ip_block(){ system("iptables etc. DROP"); }

since i was asked to filter these ip's using kernel programming...

any thoughts or ideas?

thanks in advance, and sorry if there are any language mistakes above - english is not my native language (brazilian here)
 

10 More Discussions You Might Find Interesting

1. Programming

Socket Programming socket

Hello, I actually try to make client-server program. I'm using SCO OpenServer Release 5.0.0 and when I try to compile my code (by TELNET) I've got this error : I'm just using this simple code : and I get the same error if I use : If someone can help me, Thanks (2 Replies)
Discussion started by: soshell
2 Replies

2. Linux

Making Socket System Call From Linux Kernel Module?

Hi Everyone! How can we make a socket() system call from a linux module executing in kernel space? If any one knows, kindly tell me. It will be great. I want to use the socket interface in linux kernel space for sending raw packets over the network. Hamayun (0 Replies)
Discussion started by: mian_m_hamayun
0 Replies

3. IP Networking

socket programming

my system is a stand alone system... i want to try doing socket porgramming..ihave heard that this is usually done during testing... how can i do that....? (6 Replies)
Discussion started by: damn_bkb
6 Replies

4. Programming

Socket Programming

Hi , I'm facing the following problem in socket programming. My structure is struct { int i; char *str; }samp; I'm creating the pointer to this structure and assigning the value to the structure members and send via the socket to the another process. The receiver process when... (7 Replies)
Discussion started by: arunviswanath
7 Replies

5. Programming

Socket programming

Hello!:) I'm trying to do some socket programming based on the following situation: I have a directory service named Casino that will hold all the information regarding the gamers that will try to connect to it in order to play a game(for example (Blackjack).Once they make the login they are... (4 Replies)
Discussion started by: maracumbigo
4 Replies

6. Programming

Help needed linux socket programming in c

Good evening everyone! :) I'm doing a small client / server application for sharing files in C, and I am trying to implement the following: The client of my application sends to the address 255.255.255.255 a message requesting a particular file.In the network there is only one server,... (1 Reply)
Discussion started by: esmeco
1 Replies

7. UNIX for Advanced & Expert Users

Passing socket struct between kernel threads - module programming

I write kernel module with kernel threads using linux/kthread.h on 2.6.* kernel I tried to passing data between two kernel threads with data argument of kthread_run( fun, data , NAME ); but this is not work I dont know why. I tried many possibility and nothing works. So I thought that... (0 Replies)
Discussion started by: marcintom
0 Replies

8. Fedora

Newbie at Linux Kernel programming!

Hi Friends, This is my first ever post on this forum. I am a new user in the Linux field. Although, I have been working for sometime with CentOS at my work, I would consider myself an amateur only in this field. :D The way file system works in linux and the reason its open-source, has really... (7 Replies)
Discussion started by: rohitrajjain
7 Replies

9. UNIX for Dummies Questions & Answers

Socket programming

in c socket programming, how can I send and received on the same port? (7 Replies)
Discussion started by: Peevish
7 Replies

10. Programming

help with socket programming in c

i'm doing a simple program in socket programming on c i have server that can handle 2clients in a single machine i'm running ubuntu linux so i got it work but the probelm when clients send a message the server will echo it but i cant distinguish which client send the message client 1 or client... (7 Replies)
Discussion started by: kedah160
7 Replies

LEARN ABOUT FREEBSD

linux

LINUX(4)						   BSD Kernel Interfaces Manual 						  LINUX(4)

NAME

     linux -- Linux ABI support

SYNOPSIS

     To compile support for this ABI into an i386 kernel place the following line in your kernel configuration file:

	   options COMPAT_LINUX

     for an amd64 kernel use:

	   options COMPAT_LINUX32

     Alternatively, to load the ABI as a module at boot time, place the following line in loader.conf(5):

	   linux_load="YES"

DESCRIPTION

     The linux module provides limited Linux ABI (application binary interface) compatibility for userland applications.  The module provides the
     following significant facilities:

     o	 An image activator for correctly branded elf(5) executable images

     o	 Special signal handling for activated images

     o	 Linux to native system call translation

     It is important to note that the Linux ABI support it not provided through an emulator.  Rather, a true (albeit limited) ABI implementation
     is provided.

     The following sysctl(8) tunable variables are available:

     compat.linux.osname       Linux kernel operating system name.

     compat.linux.osrelease    Linux kernel operating system release.  Changing this to something else is discouraged on non-development systems,
			       because it may change the way Linux programs work.  Recent versions of GNU libc are known to use different syscalls
			       depending on the value of this sysctl.

     compat.linux.oss_version  Linux Open Sound System version.

     The linux module can be linked into the kernel statically with the COMPAT_LINUX kernel configuration option or loaded as required.  The fol-
     lowing command will load the module if it is neither linked into the kernel nor already loaded as a module:

	   if ! kldstat -v | grep -E 'linux(aout|elf)' > /dev/null; then
		   kldload linux > /dev/null 2>&1
	   fi

     Note that dynamically linked Linux executables will require a suitable environment in /compat/linux.  Specifically, the Linux run-time
     linker's hints files should be correctly initialized.  For this reason, it is common to execute the following commands to prepare the system
     to correctly run Linux executables:

	   if [ -x /compat/linux/sbin/ldconfig ]; then
		   /compat/linux/sbin/ldconfig -r /compat/linux
	   fi

     For information on loading the linux kernel loadable module automatically on system startup, see rc.conf(5).  This information applies
     regardless of whether the linux module is statically linked into the kernel or loaded as a module.

FILES

     /compat/linux	 minimal Linux run-time environment
     /compat/linux/proc  limited Linux process file system
     /compat/linux/sys	 limited Linux system file system

SEE ALSO

     brandelf(1), elf(5), linprocfs(5), linsysfs(5)

HISTORY

     Linux ABI support first appeared in FreeBSD 2.1.

BSD
								 February 8, 2010							       BSD
All times are GMT -4. The time now is 05:03 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy