static unsigned int auth_func(unsigned int hook,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
int ret = 0;
struct iphdr *iph = NULL;
struct ethhdr *eth = NULL;
unsigned char smac[ETH_ALEN];
/* wifi authentication switch */
/*
if(!wifi_auth_running)
return NF_ACCEPT;
*/
if(!skb)
return NF_ACCEPT;
iph = ip_hdr(skb);
eth = eth_hdr(skb);
if(!eth || !iph)
return NF_ACCEPT;
/* check skb length */
if(skb->len <= sizeof(struct ethhdr)+sizeof(struct iphdr))
return NF_ACCEPT;
/* check ip protocol */
if(skb->protocol != htons(ETH_P_IP))
return NF_ACCEPT;
/* char ip frag_off */
if((iph->frag_off & htons(0x1FFF)) != 0)
return NF_ACCEPT;
if (iph->version != 4)
return NF_ACCEPT;
if(iph->version*iph->ihl < 20)
return NF_ACCEPT;
if (skb->len < ntohs(iph->tot_len))
return NF_ACCEPT;
/* check if dip is router's ip */
if (!ip_check(in, iph->daddr))
return NF_ACCEPT;
memcpy(smac, eth->h_source, ETH_ALEN);
/* check if mac is auth */
if(mac_check(smac, iph->saddr) > 0)
return NF_ACCEPT;
switch(iph->protocol) {
/* process tcp proto */
case IPPROTO_TCP:
/* -1 NF_ACCEPT -2 DF_DROP */
ret = process_tcp(skb, iph, smac);
if(ret == -1)
return NF_ACCEPT;
else {
/* drop and send rst packet */
return NF_DROP;
}
/* process udp proto */
case IPPROTO_UDP:
ret = process_udp(skb, iph);
if(ret == 1)
return NF_ACCEPT;
else
return NF_DROP;
/* process other proto */
default:
return NF_ACCEPT;
}
return NF_ACCEPT;
}
static struct nf_hook_ops auth_ops =
{
.hook = auth_func,
.pf = PF_INET,
.hooknum = NF_INET_PRE_ROUTING,
.priority = NF_IP_PRI_FIRST,
};
static int __init auth_init(void)
{
if(mac_init() < 0)
return -1;
//auth_netlink_init();
auth_thread_init();
redirect_url_init();
redirect_url_setup("http://auth.ikuailian.com/portal2/portal.html?devMac=00:B0:0C:1B:FB:14&userMac=");
nf_register_hook(&auth_ops);
return 0;
}
static void __exit auth_exit(void)
{
nf_unregister_hook(&auth_ops);
//auth_netlink_exit();
auth_thread_deinit();
mac_deinit();
}
运行到 auth_fun()函数时 发现抓不到TCP和udp的包 ,并且skb->len=0
