精华区文章阅读

发信人: sino (茶水), 信区: Linux
标  题: ipt_LOG.c
发信站: 哈工大紫丁香 (2002年09月27日11:48:04 星期五), 站内信件

/*
* This is a module which is used for logging packets.
*/
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/spinlock.h>
#include <net/icmp.h>
#include <net/udp.h>
#include <net/tcp.h>
#include <linux/netfilter_ipv4/ip_tables.h>

struct in_device;
#include <net/route.h>
#include <linux/netfilter_ipv4/ipt_LOG.h>

#if 0
#define DEBUGP printk
#else
#define DEBUGP(format, args...)
#endif

struct esphdr {
    __u32   spi;
}; /* FIXME evil kludge */

/* Use lock to serialize, so printks don't overlap */
static spinlock_t log_lock = SPIN_LOCK_UNLOCKED;

/* One level of recursion won't kill us */
static void dump_packet(const struct ipt_log_info *info,
            struct iphdr *iph, unsigned int len, int recurse)
{
    printk("%u %u %u",iph->saddr, iph->daddr,ntohs(iph->tot_len));
}

static unsigned int
ipt_log_target(struct sk_buff **pskb,
           unsigned int hooknum,
           const struct net_device *in,
           const struct net_device *out,
           const void *targinfo,
           void *userinfo)
{
    struct iphdr *iph = (*pskb)->nh.iph;
    const struct ipt_log_info *loginfo = targinfo;
    char level_string[4] = "< >";

    level_string[1] = '0' + (loginfo->level % 8);
    spin_lock_bh(&log_lock);
    printk(level_string);
    printk("%s ", loginfo->prefix);
    dump_packet(loginfo, iph, (*pskb)->len, 1);
    printk("\n");
    spin_unlock_bh(&log_lock);

    return IPT_CONTINUE;
}

static int ipt_log_checkentry(const char *tablename,
                  const struct ipt_entry *e,
                  void *targinfo,
                  unsigned int targinfosize,
                  unsigned int hook_mask)
{
    const struct ipt_log_info *loginfo = targinfo;

    if (targinfosize != IPT_ALIGN(sizeof(struct ipt_log_info))) {
        DEBUGP("LOG: targinfosize %u != %u\n",
               targinfosize, IPT_ALIGN(sizeof(struct ipt_log_info)));
        return 0;
    }

    if (loginfo->level >= 8) {
        DEBUGP("LOG: level %u >= 8\n", loginfo->level);
        return 0;
    }

    if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') {
        DEBUGP("LOG: prefix term %i\n",
               loginfo->prefix[sizeof(loginfo->prefix)-1]);
        return 0;
    }

    return 1;
}

static struct ipt_target ipt_log_reg
= { { NULL, NULL }, "LOG", ipt_log_target, ipt_log_checkentry, NULL,
    THIS_MODULE };

static int __init init(void)
{
    if (ipt_register_target(&ipt_log_reg))
        return -EINVAL;

    return 0;
}

static void __exit fini(void)
{
    ipt_unregister_target(&ipt_log_reg);
}

module_init(init);
module_exit(fini);
MODULE_LICENSE("GPL");

--
FreeBSD has a large number of afficionados who are prepared  to flame
anybody who  dares  suggest that it's not better than Linux.

Linux has a large number of afficionados who  are  prepared  to flame
anybody who dares suggest that it's not better than FreeBSD.

※ 来源:·哈工大紫丁香 bbs.hit.edu.cn·[FROM: 202.118.239.220]

PersonalCorpus 版 (精华区)