Linux 如何在ubuntu 18.04中安装我的netfilter模块
我尝试编写一个基于netfilter挂钩的简单linux模块。我的代码(pcap.c)如下所示:Linux 如何在ubuntu 18.04中安装我的netfilter模块,linux,module,Linux,Module,我尝试编写一个基于netfilter挂钩的简单linux模块。我的代码(pcap.c)如下所示: #include <linux/time.h> #include <linux/init.h> #include <linux/netfilter.h> #include <linux/module.h> #include <linux/skbuff.h> #include <linux/netdevice.h> #i
#include <linux/time.h>
#include <linux/init.h>
#include <linux/netfilter.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/netfilter_ipv4.h>
#include <linux/net.h>
#include <net/ip.h>
#include <linux/if_ether.h>
#include <net/protocol.h>
#include <net/icmp.h>
#include <net/tcp.h>
#include <linux/if_vlan.h>
struct net *net;
static unsigned int pcap_func (void *priv, struct sk_buff *skb, const struct nf_hook_state *state)
{
printk(KERN_INFO "hook\n");
return NF_DROP;
}
static struct nf_hook_ops nfho = {
.hook = pcap_func,
.hooknum = 1,
.pf = PF_INET,
.priority = NF_IP_PRI_FIRST,
};
static int __init pcap_init(void)
{
if (nf_register_net_hook(net, &nfho)) {
printk(KERN_ERR "nf_register_hook() failed\n");
return -1;
}
return 0;
}
static void __exit pcap_exit(void)
{
printk(KERN_INFO "unregister pcap module.\n");
nf_unregister_net_hook(net, &nfho);
}
module_init(pcap_init);
module_exit(pcap_exit);
MODULE_LICENSE("GPL");
obj-m := pcap.o
KERNELDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
modules:
$(MAKE) -C $(KERNELDIR) M=$(PWD) modules
modules_install:
$(MAKE) -C $(KERNELDIR) M=$(PWD) modules_install
install:
insmod pcap.ko
uninstall:
-rmmod pcap.ko
rm -rf *.o *.ko *.mod.o *.mod.c *.symvers *.order *.mod
nf_register_net_hook(&init_net, &nfho);
nf_unregister_net_hook(&init_net, &nfho);
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/ip.h>
#include <net/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
static struct nf_hook_ops *nfho = NULL;
unsigned int hook_func(void *priv, struct sk_buff *skb, const struct nf_hook_state *state)
{
printk(KERN_INFO "hook\n");
return NF_DROP;
}
static int __init pcap_init(void)
{
nfho = (struct nf_hook_ops*) kcalloc(1, sizeof(struct nf_hook_ops), GFP_KERNEL);
nfho->hook = (nf_hookfn*) hook_func;
nfho->hooknum = NF_INET_PRE_ROUTING;
nfho->pf = PF_INET;
nfho->priority = NF_IP_PRI_FIRST;
nf_register_net_hook(&init_net, nfho);
return 0;
}
static void __exit pcap_exit(void)
{
nf_unregister_net_hook(&init_net, nfho);
kfree(nfho);
}
module_init(pcap_init);
module_exit(pcap_exit);
我无法解决这个问题。请帮帮我。非常感谢。我解决了这个问题。该问题是由网络设备的名称空间引起的。首先,我们应该删除以下代码:
struct net *net;
#include <linux/time.h>
#include <linux/init.h>
#include <linux/netfilter.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/netfilter_ipv4.h>
#include <linux/net.h>
#include <net/ip.h>
#include <linux/if_ether.h>
#include <net/protocol.h>
#include <net/icmp.h>
#include <net/tcp.h>
#include <linux/if_vlan.h>
struct net *net;
static unsigned int pcap_func (void *priv, struct sk_buff *skb, const struct nf_hook_state *state)
{
printk(KERN_INFO "hook\n");
return NF_DROP;
}
static struct nf_hook_ops nfho = {
.hook = pcap_func,
.hooknum = 1,
.pf = PF_INET,
.priority = NF_IP_PRI_FIRST,
};
static int __init pcap_init(void)
{
if (nf_register_net_hook(net, &nfho)) {
printk(KERN_ERR "nf_register_hook() failed\n");
return -1;
}
return 0;
}
static void __exit pcap_exit(void)
{
printk(KERN_INFO "unregister pcap module.\n");
nf_unregister_net_hook(net, &nfho);
}
module_init(pcap_init);
module_exit(pcap_exit);
MODULE_LICENSE("GPL");
obj-m := pcap.o
KERNELDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
modules:
$(MAKE) -C $(KERNELDIR) M=$(PWD) modules
modules_install:
$(MAKE) -C $(KERNELDIR) M=$(PWD) modules_install
install:
insmod pcap.ko
uninstall:
-rmmod pcap.ko
rm -rf *.o *.ko *.mod.o *.mod.c *.symvers *.order *.mod
nf_register_net_hook(&init_net, &nfho);
nf_unregister_net_hook(&init_net, &nfho);
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/ip.h>
#include <net/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
static struct nf_hook_ops *nfho = NULL;
unsigned int hook_func(void *priv, struct sk_buff *skb, const struct nf_hook_state *state)
{
printk(KERN_INFO "hook\n");
return NF_DROP;
}
static int __init pcap_init(void)
{
nfho = (struct nf_hook_ops*) kcalloc(1, sizeof(struct nf_hook_ops), GFP_KERNEL);
nfho->hook = (nf_hookfn*) hook_func;
nfho->hooknum = NF_INET_PRE_ROUTING;
nfho->pf = PF_INET;
nfho->priority = NF_IP_PRI_FIRST;
nf_register_net_hook(&init_net, nfho);
return 0;
}
static void __exit pcap_exit(void)
{
nf_unregister_net_hook(&init_net, nfho);
kfree(nfho);
}
module_init(pcap_init);
module_exit(pcap_exit);
#include <linux/time.h>
#include <linux/init.h>
#include <linux/netfilter.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/netdevice.h>
#include <linux/netfilter_ipv4.h>
#include <linux/net.h>
#include <net/ip.h>
#include <linux/if_ether.h>
#include <net/protocol.h>
#include <net/icmp.h>
#include <net/tcp.h>
#include <linux/if_vlan.h>
struct net *net;
static unsigned int pcap_func (void *priv, struct sk_buff *skb, const struct nf_hook_state *state)
{
printk(KERN_INFO "hook\n");
return NF_DROP;
}
static struct nf_hook_ops nfho = {
.hook = pcap_func,
.hooknum = 1,
.pf = PF_INET,
.priority = NF_IP_PRI_FIRST,
};
static int __init pcap_init(void)
{
if (nf_register_net_hook(net, &nfho)) {
printk(KERN_ERR "nf_register_hook() failed\n");
return -1;
}
return 0;
}
static void __exit pcap_exit(void)
{
printk(KERN_INFO "unregister pcap module.\n");
nf_unregister_net_hook(net, &nfho);
}
module_init(pcap_init);
module_exit(pcap_exit);
MODULE_LICENSE("GPL");
obj-m := pcap.o
KERNELDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
modules:
$(MAKE) -C $(KERNELDIR) M=$(PWD) modules
modules_install:
$(MAKE) -C $(KERNELDIR) M=$(PWD) modules_install
install:
insmod pcap.ko
uninstall:
-rmmod pcap.ko
rm -rf *.o *.ko *.mod.o *.mod.c *.symvers *.order *.mod
nf_register_net_hook(&init_net, &nfho);
nf_unregister_net_hook(&init_net, &nfho);
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/ip.h>
#include <net/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
static struct nf_hook_ops *nfho = NULL;
unsigned int hook_func(void *priv, struct sk_buff *skb, const struct nf_hook_state *state)
{
printk(KERN_INFO "hook\n");
return NF_DROP;
}
static int __init pcap_init(void)
{
nfho = (struct nf_hook_ops*) kcalloc(1, sizeof(struct nf_hook_ops), GFP_KERNEL);
nfho->hook = (nf_hookfn*) hook_func;
nfho->hooknum = NF_INET_PRE_ROUTING;
nfho->pf = PF_INET;
nfho->priority = NF_IP_PRI_FIRST;
nf_register_net_hook(&init_net, nfho);
return 0;
}
static void __exit pcap_exit(void)
{
nf_unregister_net_hook(&init_net, nfho);
kfree(nfho);
}
module_init(pcap_init);
module_exit(pcap_exit);
#包括
#包括
#包括
#包括
#包括
#包括
#包括
#包括
#包括
静态结构nf_hook_ops*nfho=NULL;
unsigned int hook_func(void*priv,struct sk_buff*skb,const struct nf_hook_state*state)
{
printk(KERN_INFO“hook\n”);
返回NF_滴;
}
静态整数初始化pcap初始化(无效)
{
nfho=(结构nf_钩子操作*)kcaloc(1,sizeof(结构nf_钩子操作),GFP_内核);
nfho->hook=(nf_hookfn*)hook_func;
nfho->hooknum=NF\u INET\u PRE\u路由;
nfho->pf=pf\u INET;
nfho->priority=NF\u IP\u PRI\u FIRST;
nf\u寄存器\u网络\u钩子(&init\u网络,nfho);
返回0;
}
静态无效\uuu退出pcap\u退出(无效)
{
nf_注销网络钩子(初始化网络,nfho);
kfree(nfho);
}
模块初始化(pcap初始化);
模块退出(pcap退出);
linux:how-insmod my moduleinsmod