PFIL: how to get tcp/ip fields from mbuf
Robert Watson
rwatson at FreeBSD.org
Mon Feb 1 13:26:10 UTC 2010
On Mon, 1 Feb 2010, Lukasz Jaroszewski wrote:
> I am wondering about most elegant and proper way to get IP header fields
> from mbuf, using PFILs. I have read Murat Balaban paper on PFIL_HOOKS where
> I found some example function. Question is how can I access IP header field
> in such manner.
The best reference here is probably firewall source code that already exists
in the tree. For IP-layer hooks, you'll need to use the m_pullup() call to
ensure the bytes you want are contiguously stored, and then mtod() to cast the
mbuf pointer appropriately. Although I notice ipfw, at least, doesn't call
m_pullup() for the base header, as it assumes the calling context will already
have arranged for it to be contiguous:
static int
ipfw_check_hook(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
struct inpcb *inp)
{
...
if (mtod(*m0, struct ip *)->ip_v == 4)
ret = ip_dn_io_ptr(m0, dir, &args);
...
Robert
>
> static int
> hisar_chkinput(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
> struct inpcb *inp)
> {
> in_bytes += (*m)->m_len;
> return 0;
> }
> Regards
> LVJ.
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
>
More information about the freebsd-hackers
mailing list