nf foobar

nf_foobar.c

#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/init.h>
#include <linux/netfilter_bridge.h>
#include <linux/ip.h>
#include <net/netfilter/nf_tables_ipv4.h>
#include <net/netfilter/nf_tables.h>
#include <linux/netfilter_ipv4/ip_tables.h>

#define NF_IP_PRE_ROUTING 0
#define MANGLE_VALID_HOOKS ((1 << NF_INET_PRE_ROUTING) | \
                            (1 << NF_INET_LOCAL_IN) | \
                            (1 << NF_INET_FORWARD) | \
                            (1 << NF_INET_LOCAL_OUT) | \
                            (1 << NF_INET_POST_ROUTING))
MODULE_LICENSE("GPL");

static const struct xt_table packet_mangler = {
        .name           = "foobar",
        .valid_hooks    = MANGLE_VALID_HOOKS,
        .me             = THIS_MODULE,
        .af             = NFPROTO_IPV4,
        .priority       = NF_IP_PRI_MANGLE,
};
static int __net_init iptable_mangle_table_init(struct net *net)
{
        struct ipt_replace *repl;
        int ret;
        repl = ipt_alloc_initial_table(&packet_mangler);
        ret = ipt_register_table(net, &packet_mangler, repl);
        kfree(repl);
        return ret;
}

int init_module()
{
        printk(KERN_INFO "Creating foobar table..\n");
        struct ipt_replace *repl;
        struct net *net;
        net = &init_net;
        static struct nf_hook_ops *mangle_ops;
        iptable_mangle_table_init(net);
        return 0;
}

void cleanup_module()
{
        printk( KERN_INFO "Removing chain?");
}