当前位置: 技术问答>linux和unix
请教:2.6编译netfilter后运行死机
来源: 互联网 发布时间:2016-01-24
本文导语: 请教下:运行到ip_nat_setup_info的时候就死机了,那位兄弟知道什么原因阿,谢谢 static unsigned int trigger_dnat(struct sk_buff **pskb, unsigned int hooknum, const struct net_device *in, const struct net_device *out, const void *targinfo...
请教下:运行到ip_nat_setup_info的时候就死机了,那位兄弟知道什么原因阿,谢谢
static unsigned int
trigger_dnat(struct sk_buff **pskb,
unsigned int hooknum,
const struct net_device *in,
const struct net_device *out,
const void *targinfo,
void *userinfo)
{
struct ipt_trigger *found;
const struct iphdr *iph = (*pskb)->nh.iph;
struct tcphdr *tcph = (void *)iph + iph->ihl*4; /* Might be TCP, UDP */
struct ip_conntrack *ct;
enum ip_conntrack_info ctinfo;
struct ip_nat_multi_range newrange;
int ret;
IP_NF_ASSERT(hooknum == NF_IP_PRE_ROUTING);
/* Check if the trigger-ed range has already existed in 'trigger_list'. */
found = LIST_FIND(&trigger_list, trigger_in_matched,
struct ipt_trigger *, iph->protocol, ntohs(tcph->dest));
printk("ntohs:%dn",ntohs(tcph->dest));
if (!found || !found->srcip)
{
printk("no match in the listn");
return IPT_CONTINUE; /* We don't block any packet. */
}
printk("############# %s ############n", __FUNCTION__);
printk("ip:%un",found->srcip);
found->reply = 1; /* Confirm there has been a reply connection. */
ct = ip_conntrack_get(*pskb, &ctinfo);
IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW));
printk("%s: got ", __FUNCTION__);
DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple);
/* Alter the destination of imcoming packet. */
printk("Alter the destination of imcoming packetn");
newrange = ((struct ip_nat_multi_range)
{ 1, { { IP_NAT_RANGE_MAP_IPS,
found->srcip, found->srcip,
{0} , {0}
} } });
/* Hand modified range to generic setup. */
printk("Hand modified range to generic setup");
ret = ip_nat_setup_info(ct, &newrange, hooknum);
printk("ret:%dn",ret);
return ret;
}
static unsigned int
trigger_dnat(struct sk_buff **pskb,
unsigned int hooknum,
const struct net_device *in,
const struct net_device *out,
const void *targinfo,
void *userinfo)
{
struct ipt_trigger *found;
const struct iphdr *iph = (*pskb)->nh.iph;
struct tcphdr *tcph = (void *)iph + iph->ihl*4; /* Might be TCP, UDP */
struct ip_conntrack *ct;
enum ip_conntrack_info ctinfo;
struct ip_nat_multi_range newrange;
int ret;
IP_NF_ASSERT(hooknum == NF_IP_PRE_ROUTING);
/* Check if the trigger-ed range has already existed in 'trigger_list'. */
found = LIST_FIND(&trigger_list, trigger_in_matched,
struct ipt_trigger *, iph->protocol, ntohs(tcph->dest));
printk("ntohs:%dn",ntohs(tcph->dest));
if (!found || !found->srcip)
{
printk("no match in the listn");
return IPT_CONTINUE; /* We don't block any packet. */
}
printk("############# %s ############n", __FUNCTION__);
printk("ip:%un",found->srcip);
found->reply = 1; /* Confirm there has been a reply connection. */
ct = ip_conntrack_get(*pskb, &ctinfo);
IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW));
printk("%s: got ", __FUNCTION__);
DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple);
/* Alter the destination of imcoming packet. */
printk("Alter the destination of imcoming packetn");
newrange = ((struct ip_nat_multi_range)
{ 1, { { IP_NAT_RANGE_MAP_IPS,
found->srcip, found->srcip,
{0} , {0}
} } });
/* Hand modified range to generic setup. */
printk("Hand modified range to generic setup");
ret = ip_nat_setup_info(ct, &newrange, hooknum);
printk("ret:%dn",ret);
return ret;
}
|
const struct iphdr *iph = (*pskb)->nh.iph;
iph后来有被读过没??
应该是指针的问题...
iph后来有被读过没??
应该是指针的问题...
|
肯定是指针的问题,这几天我也在做这方面的东西,就是因为指针的问题!楼主我建议你不要直接操作传过来的skb,我用的时候就出错了!因为在sk_buff结构中有些成员是只读的(如数据区),你可以这样在程序中这样做
struct sk_buff *skb = NULL;
skb = skb_copy(pskb);
然后你再对skb进行措作就比较安全了!
不知道有没有帮助!
struct sk_buff *skb = NULL;
skb = skb_copy(pskb);
然后你再对skb进行措作就比较安全了!
不知道有没有帮助!
您可能感兴趣的文章:
本站(WWW.)旨在分享和传播互联网科技相关的资讯和技术,将尽最大努力为读者提供更好的信息聚合和浏览方式。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。