guillaumerose · April 7, 2011 10:23
diff --git a/filtre.c b/filtre.c
 #include <linux/module.h>   //these are for every module
 #include <linux/kernel.h>

 #include <linux/types.h>        //u_int && co
 #include <linux/skbuff.h>       //struct sk_buff
 #include <linux/in.h>           //basic internet shiat
 #include <linux/ip.h>           //protocol headers
 #include <linux/tcp.h>
 #include <linux/netfilter.h>        //need this for register_
 #include <linux/netfilter_ipv4.h>   //..
 #include <linux/netdevice.h>        //struct net_device

 static struct nf_hook_ops my_netfilter_ops;

 unsigned int my_hook(unsigned int hooknum, struct sk_buff  *skb, const struct net_device *in, 
                        const struct net_device *out, int (*okfn)(struct sk_buff*)) { 

        struct iphdr _iph, *ih;
        ih = skb_header_pointer(skb, 0, sizeof(_iph), &_iph);

        if (ih == NULL) {
                return NF_DROP;
        }

        if (ih->protocol == IPPROTO_TCP) {
                struct tcphdr _tcph, *th;
                th = skb_header_pointer(skb, ih->ihl * 4,
                                        sizeof(_tcph), &_tcph);
                if (th == NULL) {
                        return NF_DROP;
                }

                printk("SPT=%u DPT=%u \n", ntohs(th->source), ntohs(th->dest));
        }

        return NF_DROP; /* Drop ALL Packets */ 
 }
 static int __init init(void) { 
        my_netfilter_ops.hook = my_hook; 
        my_netfilter_ops.pf = PF_INET; 
        my_netfilter_ops.hooknum = NF_INET_PRE_ROUTING; 
        my_netfilter_ops.priority = NF_IP_PRI_FIRST;
        return nf_register_hook(&my_netfilter_ops); 
 }
 static void __exit fini(void) { 
        nf_unregister_hook(&my_netfilter_ops); 
 } 
 module_init(init); 
 module_exit(fini);
	#include <linux/module.h> //these are for every module
	#include <linux/kernel.h>

	#include <linux/types.h> //u_int && co
	#include <linux/skbuff.h> //struct sk_buff
	#include <linux/in.h> //basic internet shiat
	#include <linux/ip.h> //protocol headers
	#include <linux/tcp.h>
	#include <linux/netfilter.h> //need this for register_
	#include <linux/netfilter_ipv4.h> //..
	#include <linux/netdevice.h> //struct net_device

	static struct nf_hook_ops my_netfilter_ops;

	unsigned int my_hook(unsigned int hooknum, struct sk_buff skb, const struct net_device in,
	const struct net_device out, int (okfn)(struct sk_buff*)) {

	struct iphdr _iph, *ih;
	ih = skb_header_pointer(skb, 0, sizeof(_iph), &_iph);

	if (ih == NULL) {
	return NF_DROP;
	}

	if (ih->protocol == IPPROTO_TCP) {
	struct tcphdr _tcph, *th;
	th = skb_header_pointer(skb, ih->ihl * 4,
	sizeof(_tcph), &_tcph);
	if (th == NULL) {
	return NF_DROP;
	}

	printk("SPT=%u DPT=%u \n", ntohs(th->source), ntohs(th->dest));
	}

	return NF_DROP; /* Drop ALL Packets */
	}
	static int __init init(void) {
	my_netfilter_ops.hook = my_hook;
	my_netfilter_ops.pf = PF_INET;
	my_netfilter_ops.hooknum = NF_INET_PRE_ROUTING;
	my_netfilter_ops.priority = NF_IP_PRI_FIRST;
	return nf_register_hook(&my_netfilter_ops);
	}
	static void __exit fini(void) {
	nf_unregister_hook(&my_netfilter_ops);
	}
	module_init(init);
	module_exit(fini);