?? myfirewall.c
字號:
#ifndef __KERNEL__
# define __KERNEL__ //按內核模塊編譯
#endif
#ifndef MODULE
# define MODULE //按設備驅動程序模塊編譯
#endif
#include <linux/module.h> //最基本的內核模塊頭文件
#include <linux/sched.h>
#include <linux/kernel.h> //最基本的內核模塊頭文件
#include <linux/netdevice.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/skbuff.h>
#include <linux/proc_fs.h>
#include <linux/if.h>
#include <linux/in.h>
#include <linux/firewall.h>
#define SOL_ICMP 1
#define PERMIT_PORT 80 //只允許訪問TCP的80端口
int zzl_input(struct firewall_ops *this,int pf,struct device *dev,
void *phdr,void *arg,struct sk_buff **pskb)
{//每當收到一個網絡報時,此函數將被內核調用
struct tcphdr *tcph; //TCP的頭指針
struct iphdr *iph; //IP頭指針
struct sk_buff *skb=*pskb;
if (skb->protocol==htons(ETH_P_ARP)){
printk("\nPermit a ARP Packet");
return FW_ACCEPT;//允許地址解析協議報
}
if(skb->protocol==htons(ETH_P_RARP)){
printk("\nPermit a RARP Packet");
return FW_ACCEPT;//允許反向地址解析協議報
}
if(skb->protocol==htons(ETH_P_IP))
{
iph=skb->nh.iph;
if (iph->protocol==SOL_ICMP)
{
printk("\nPermit a ICMP Packet");
return FW_ACCEPT;//允許網絡控制報
}
if(iph->protocol==SOL_TCP){
tcph=skb->h.th;
if(tcph->dest==PERMIT_PORT){
printk("\nPermit a valid access");
return FW_ACCEPT;//允許對TCP端口80的訪問
}
}
}
return FW_REJECT;//禁止對本計算機的所有其它訪問
}
int zzl_output(struct firewall_ops *this,int pf,struct device *dev,
void *phdr,void *arg,struct sk_buff **pskb)
{//程序編寫方法同zzl_input函數模塊
printk("\nzzl_output is called ");
return FW_SKIP;
}
int zzl_foreward(struct firewall_ops *this,int pf,struct device *dev,
void *phdr,void *arg,struct sk_buff **pskb)
{//程序編寫方法同zzl_input函數模塊
printk("\nzzl_foreward is called ");
return FW_SKIP;
}
struct firewall_ops zzl_ops=
{
NULL,
zzl_foreward,
zzl_input,
zzl_output,
PF_INET,
01
};
int init_module(void)
{
if(register_firewall(PF_INET,&zzl_ops)!=0)
{
printk("\nunable register firewall");
return -1;
}
printk("\nzzl_ops=%p",&zzl_ops);
return 0;
}
void cleanup_module(void)
{
printk("unload\n");
unregister_firewall(PF_INET,&zzl_ops);
}
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -