编译书本上的防火墙有错误-红联Linux系统门户

//user_firewall.c
#ifndef __KERNEL__
#define __KERNEL__
#endif
#ifndef MODULE
#define MODULE
#endif
#include
#include
#include
#include
#include
#include
#include
#include
static unsigned int user_firewall(unsigned int hooknum, struct sk_buff **skb,const struct net_device *in,
const struct net_device *out,int(*okfn)(struct sk_buff *))
{
struct iphdr *iph;
struct tcphdr *tcph;
struct udphdr *udph;

__u32 sip;
__u32 dip;
__u16 sport;
__u16 dport;

iph=(*skb)->nh.iph;
sip=iph->saddr;
dip=iph->daddr;

if(iph->ihl!=5)
{//检查校验和
printk("IP packet with packet from %d.%d.%d.%d to %d.%d.%d.%d\n",NIPQUAD(sip),NIPQUAD(dip));
}

if(iph->protocol==6)
{tcp协议
tcph=(struct tcphdr *)((__u32 *)iph+iph->ihl);
sport=tcph->source;
dport=tcph->dest;
printk("Source port:::%d\n",ntohs(tcph->source));
printk("Dest port:::%d\n",ntohs(tcph->dest));
if((tcph->syn)&&(sport==dport)&&(sip==dip))
{
printk("maybe land attack\n");
}
if(ntohs(tcph->dest)==139&&tcph->urg)
{
printk("maybe winnuke a from %d.%d.%d.%d to %d.%d.%d.%d\n",NIPQUAD(sip),NIPQUAD(dip));
}

}

else if(iph->protocol==17)
{//udp协议
udph=(struct udphdr *)((__u32 *)iph+iph->ihl);
sport=udph->source;
dport=udph->dest;
printk("Source port:::%d\n",ntohs(udph->source));
printk("Dest port:::%d\n",ntohs(udph->dest));
//........................................
}

else
{
printk("unknown protocol %d packet from %d.%d.%d.%d to %d.%d.%d.%d\n",iph->protocol,NIPQUAD(sip),NIPQUAD(dip));
}
return NF_ACCETR;
}
static struct nf_hook_ops iplimitfilter=
{
{NULL,NULL},
user_firewall,
PF_INET,
NF_IP_PRE_ROUTING,
NF_IP_PRI_FILTER-1
};
int init_module(void)
{
return nf_register_hook(&iplimitfilter);
}
void cleanup_module(void)
{
nf_unregister_hook(&iplimitfilter);
}

书上说使用：gcc -O -c -Wall user_firewall.c
但出现很多头文件的错误，我的内核版本是2.4

编译书本上的防火墙有错误

共有 0 条评论

频道文章

最新教程

随机推荐