Linux Kernel MOdule

0
votes

Is possible to use netfilter to hook all ethernet packets?

I can just get packet from ipv4 or ipv6.

EDit:

The above code is my kernel module. I want to get all packets that arrives to one ethernet interface re-direct to another interface.This module just print the name of the device where the packet arrived (just for testing). WIth this hook i just get packets witch type is ipv4, but i want to get all types.

I searched on web but i didn't find how to configure my hook to get all the packet's that bypass the ethernet interface.

Best Regards

static struct nf_hook_ops nfho;

int hook_func(struct sk_buff * skb)

{ struct ethhdr *eth;

printk("Device: %s\n,skb->dev->name);

}

int init_module() {
printk("Hook Module online!\n");

nfho.hook =(nf_hookfn *)hook_func;

nfho.hooknum = NF_IP_PRE_ROUTING;
nfho.pf = PF_INET; nfho.priority =NF_IP_PRI_FIRST;

nf_register_hook(&nfho);

return 0; }

/* Cleanup routine */ void cleanup_module() {

printk("Over and Out!\n"); nf_unregister_hook(&nfho); }

1
linuxhooknetfilter
The short answer to the only question you asked is "yes", but if that is your whole question it is most close-worthy (wrong site and general reference). If it is not your whole question you need to be much more specific (and the question is still close-worthy until you do).dmckee --- ex-moderator kitten
I re-edit my post. If you could help me i will appreciate. Best regards!Ricardo
No, you can't use netfilter for that. You have to use bridge-netfilter.ninjalj
Humm. How can i use bridge-netfilter? I try to define the hook using a bridge to but didn't work.Ricardo

1 Answers

0
votes

sure, if I am getting it all right, you just willing to accept all Ether validated packets and pass them to another interface. In the case, just include the kernel file:

#include <linux/if_ether.h>

you get the header by:

struct ethhdr *hdr = eth_hdr(skb);
// *skb is a ptr !!

and make sure that the ether is valid by checking some values out of the ethhdr struct. then just sent then by local host or modify the addresses if you want the other interface to accept it like it was his packets.