打印netfilter hook点挂载函数信息
#include <linux/init.h> /* __init and __exit macroses */ #include <linux/kernel.h> /* KERN_INFO macros */ #include <linux/module.h> /* required for all kernel modules */ #include <linux/moduleparam.h> /* module_param() and MODULE_PARM_DESC() */ #include <linux/kallsyms.h> /* sprint_symbol */ #include <linux/netfilter.h> #include <linux/netfilter_ipv4.h> /* NF_IP_PRI_FIRST */ MODULE_LICENSE("GPL"); MODULE_AUTHOR("yilipika"); MODULE_DESCRIPTION("List netfilter hooks"); /* enum nf_inet_hooks { NF_INET_PRE_ROUTING, NF_INET_LOCAL_IN, NF_INET_FORWARD, NF_INET_LOCAL_OUT, NF_INET_POST_ROUTING, NF_INET_NUMHOOKS }; enum { NFPROTO_UNSPEC = 0, NFPROTO_IPV4 = 2, NFPROTO_ARP = 3, NFPROTO_BRIDGE = 7, NFPROTO_IPV6 = 10, NFPROTO_DECNET = 12, NFPROTO_NUMPROTO, }; */ char *hooks[] = { "NF_INET_PRE_ROUTING", "NF_INET_LOCAL_IN", "NF_INET_FORWARD", "NF_INET_LOCAL_OUT", "NF_INET_POST_ROUTING", }; static unsigned int test_pre_routing(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *)) { return NF_ACCEPT; } static unsigned int test_local_in(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *)) { return NF_ACCEPT; } static unsigned int test_forward(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *)) { return NF_ACCEPT; } static unsigned int test_local_out(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *)) { return NF_ACCEPT; } static unsigned int test_post_routing(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *)) { return NF_ACCEPT; } static struct nf_hook_ops nf_test_ops[] __read_mostly = { { .hook = test_pre_routing, .owner = THIS_MODULE, .pf = NFPROTO_IPV4, .hooknum = NF_INET_PRE_ROUTING, .priority = NF_IP_PRI_FIRST, }, { .hook = test_local_in, .owner = THIS_MODULE, .pf = NFPROTO_IPV4, .hooknum = NF_INET_LOCAL_IN, .priority = NF_IP_PRI_FIRST, }, { .hook = test_forward, .owner = THIS_MODULE, .pf = NFPROTO_IPV4, .hooknum = NF_INET_FORWARD, .priority = NF_IP_PRI_FIRST, }, { .hook = test_local_out, .owner = THIS_MODULE, .pf = NFPROTO_IPV4, .hooknum = NF_INET_LOCAL_OUT, .priority = NF_IP_PRI_FIRST, }, { .hook = test_post_routing, .owner = THIS_MODULE, .pf = NFPROTO_IPV4, .hooknum = NF_INET_POST_ROUTING, .priority = NF_IP_PRI_FIRST, }, }; static void list_netfilter_hooks(u8 nf_proto) { int i; struct nf_hook_ops *elem; char hook_name[128]; unsigned long addr; for (i = 0; i < NF_INET_NUMHOOKS; i++) { printk("\n>>>hook_num:%s<<<\n", hooks[i]); list_for_each_entry(elem, &nf_hooks[nf_proto][i], list) { memset(hook_name, 0, sizeof(hook_name)); addr = (unsigned long)elem->hook; sprint_symbol(hook_name, addr); printk("%s\n", hook_name); } printk("\n\n"); } } static int __init list_netfilter_hooks_init(void) { printk("list_netfilter_hooks install\n"); if (nf_register_hooks(nf_test_ops, ARRAY_SIZE(nf_test_ops)) < 0) { printk("nf_register_hooks failed\n"); } printk("NFPROTO_IPV4\n"); list_netfilter_hooks(NFPROTO_IPV4); return 0; } static void __exit list_netfilter_hooks_exit(void) { nf_unregister_hooks(nf_test_ops, ARRAY_SIZE(nf_test_ops)); printk("list_netfilter_hooks uninstall\n"); } module_init(list_netfilter_hooks_init); module_exit(list_netfilter_hooks_exit);