Net Filter Reporter milk netfilter NFIPPRE ROUTING ROUTE Slides: 10 Download presentation Net. Filter簡介 Reporter: milk netfilter的架構 NF_IP_PRE_ ROUTING ROUTE NF_IP_FORWARD NF_IP_POST _ROUTING ROUTE NF_IP_LOCAL_IN NF_IP_LOCAL_OUT local process Hook點的結構 n struct nf_hook_ops { struct list_head list; nf_hookfn hook; int pf; int hooknum; int priority; }; /* 函數指標 */ /* 結構對應的協定編號 */ /* 結構對應的hook點*/ /* 結構的優先值 */ Filtering by address static struct nf_hook_ops nfho; int init_module() { nfho. hook = hook_func; nfho. hooknum = NF_IP_PRE_ROUTING; nfho. pf = PF_INET; nfho. priority = NF_IP_PRI_FIRST; nf_register_hook(&nfho); return 0; } void cleanup_module() { nf_unregister_hook(&nfho); } unsigned int hook_func(unsigned int hooknum, struct sk_buff **skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *)) { unsigned char *deny_ip = "x 7 Fx 00x 01"; /* 127. 0. 0. 1 */ if (skb->nh. iph->saddr == *(unsigned int *)deny_ip) { return NF_DROP; } return NF_ACCEPT; } Netfilter hook exampleMangle tableMark tinkaHydrologic routing and hydraulic routingClock skewRiver routing and reservoir routingAs path overrideRoute sheet in ppcA disaccharide found in milk and milk productsHuman milk vs cow milkContamination of milk and milk products