#include <linux/init.h> /* __init and __exit macroses */
#include <linux/kernel.h> /* KERN_INFO macros */
#include <linux/module.h> /* required for all kernel modules */
#include <linux/moduleparam.h> /* module_param() and MODULE_PARM_DESC() */
#include <linux/kallsyms.h> /* sprint_symbol */
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h> /* NF_IP_PRI_FIRST */
MODULE_LICENSE("GPL");
MODULE_AUTHOR("yilipika");
MODULE_DESCRIPTION("List netfilter hooks");
/*
enum nf_inet_hooks {
NF_INET_PRE_ROUTING,
NF_INET_LOCAL_IN,
NF_INET_FORWARD,
NF_INET_LOCAL_OUT,
NF_INET_POST_ROUTING,
NF_INET_NUMHOOKS
};
enum {
NFPROTO_UNSPEC = 0,
NFPROTO_IPV4 = 2,
NFPROTO_ARP = 3,
NFPROTO_BRIDGE = 7,
NFPROTO_IPV6 = 10,
NFPROTO_DECNET = 12,
NFPROTO_NUMPROTO,
};
*/
char *hooks[] = {
"NF_INET_PRE_ROUTING",
"NF_INET_LOCAL_IN",
"NF_INET_FORWARD",
"NF_INET_LOCAL_OUT",
"NF_INET_POST_ROUTING",
};
static unsigned int test_pre_routing(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
return NF_ACCEPT;
}
static unsigned int test_local_in(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
return NF_ACCEPT;
}
static unsigned int test_forward(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
return NF_ACCEPT;
}
static unsigned int test_local_out(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
return NF_ACCEPT;
}
static unsigned int test_post_routing(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
return NF_ACCEPT;
}
static struct nf_hook_ops nf_test_ops[] __read_mostly = {
{
.hook = test_pre_routing,
.owner = THIS_MODULE,
.pf = NFPROTO_IPV4,
.hooknum = NF_INET_PRE_ROUTING,
.priority = NF_IP_PRI_FIRST,
},
{
.hook = test_local_in,
.owner = THIS_MODULE,
.pf = NFPROTO_IPV4,
.hooknum = NF_INET_LOCAL_IN,
.priority = NF_IP_PRI_FIRST,
},
{
.hook = test_forward,
.owner = THIS_MODULE,
.pf = NFPROTO_IPV4,
.hooknum = NF_INET_FORWARD,
.priority = NF_IP_PRI_FIRST,
},
{
.hook = test_local_out,
.owner = THIS_MODULE,
.pf = NFPROTO_IPV4,
.hooknum = NF_INET_LOCAL_OUT,
.priority = NF_IP_PRI_FIRST,
},
{
.hook = test_post_routing,
.owner = THIS_MODULE,
.pf = NFPROTO_IPV4,
.hooknum = NF_INET_POST_ROUTING,
.priority = NF_IP_PRI_FIRST,
},
};
static void list_netfilter_hooks(u8 nf_proto)
{
int i;
struct nf_hook_ops *elem;
char hook_name[128];
unsigned long addr;
for (i = 0; i < NF_INET_NUMHOOKS; i++) {
printk("\n>>>hook_num:%s<<<\n", hooks[i]);
list_for_each_entry(elem, &nf_hooks[nf_proto][i], list) {
memset(hook_name, 0, sizeof(hook_name));
addr = (unsigned long)elem->hook;
sprint_symbol(hook_name, addr);
printk("%s\n", hook_name);
}
printk("\n\n");
}
}
static int __init list_netfilter_hooks_init(void)
{
printk("list_netfilter_hooks install\n");
if (nf_register_hooks(nf_test_ops, ARRAY_SIZE(nf_test_ops)) < 0) {
printk("nf_register_hooks failed\n");
}
printk("NFPROTO_IPV4\n");
list_netfilter_hooks(NFPROTO_IPV4);
return 0;
}
static void __exit list_netfilter_hooks_exit(void)
{
nf_unregister_hooks(nf_test_ops, ARRAY_SIZE(nf_test_ops));
printk("list_netfilter_hooks uninstall\n");
}
module_init(list_netfilter_hooks_init);
module_exit(list_netfilter_hooks_exit);
浙公网安备 33010602011771号