How to change, recalculate the package hash and send it to the port in the linux module?

Question

#define __KERNEL__ #define MODULE #include <linux/kernel.h> #include <linux/module.h> #include <linux/netfilter.h> #include <linux/netfilter_ipv4.h> #include <linux/skbuff.h> #include <linux/udp.h> #include <linux/ip.h> #include <net/ip.h> #include <linux/inet.h> static struct nf_hook_ops netfilter_ops_in; /* NF_IP_PRE_ROUTING */ static struct nf_hook_ops netfilter_ops_out; /* NF_IP_POST_ROUTING */ /* Function prototype in <linux/netfilter> */ unsigned int main_hook(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff*)) { struct iphdr *iph = (struct iphdr *)skb_network_header(skb); if (htonl (in_aton("192.168.0.1")) == htonl(iph->saddr)){ **printk(KERN_ALERT "поймал пакет \n");** ---- тут условие, по которому я ловлю пакеты } return NF_ACCEPT; /* Allow ALL Packets */ } int init_module() { netfilter_ops_in.hook = main_hook; netfilter_ops_in.pf = PF_INET; netfilter_ops_in.hooknum = 0; netfilter_ops_in.priority = NF_IP_PRI_FIRST; netfilter_ops_out.hook = main_hook; netfilter_ops_out.pf = PF_INET; netfilter_ops_out.hooknum = 4; netfilter_ops_out.priority = NF_IP_PRI_FIRST; nf_register_hook(&netfilter_ops_in); /* register NF_IP_PRE_ROUTING hook */ nf_register_hook(&netfilter_ops_out); /* register NF_IP_POST_ROUTING hook */ return 0; } void cleanup_module() { nf_unregister_hook(&netfilter_ops_in); /*unregister NF_IP_PRE_ROUTING hook*/ nf_unregister_hook(&netfilter_ops_out); /*unregister NF_IP_POST_ROUTING hook*/ }

Tell me, what methods do I change the destination address of the packet, recalculate the hash and send it to the port?

There is an example in the answer: stackoverflow.com/q/8237983/4827341

Community spirit ♦ one · Accepted Answer · 2016-04-14T09:37:25

 #include <linux/ip.h> #include <linux/in.h> static uint16_t csum(uint16_t* buff, int nwords) { uint32_t sum; for (sum = 0; nwords > 0; nwords--) sum += *buff++; sum = (sum >> 16) + (sum & 0xffff); sum += (sum >> 16); return ((uint16_t) ~sum); } printk(KERN_ALERT "INFO: Source IP Address: %pI4.\n",&iph->saddr); printk(KERN_ALERT "INFO: Destination IP Address: %pI4.\n",&iph->daddr); printk("src mac %pM, dst mac %pM\n", eth->h_source, eth->h_dest); printk(KERN_ALERT "INFO: CHECKSUM: %u.\n",&iph->check);//выводим хэш сумму прибившего пакета iph->check = 0;// необходимо обнулить предыдущую хэш сумму iph->daddr = in_aton("192.168.137.1"); iph->check = csum((uint16_t*) iph, (iph->ihl << 1)); //вычисляем хэш printk(KERN_ALERT "INFO: CHECKSUM: %u.\n",&iph->check); //выводим новую хэш сумму

Thanks for the link @ alexander-barakin https://ru.stackoverflow.com/users/178576/alexander-barakin

How to change, recalculate the package hash and send it to the port in the linux module?

1 answer 1

More articles: