On Mon, 1 Feb 2010, Lukasz Jaroszewski wrote:
I am wondering about most elegant and proper way to get IP header fields
from mbuf, using PFILs. I have read Murat Balaban paper on PFIL_HOOKS where
I found some example function. Question is how can I access IP header field
in such manner.
The best reference here is probably firewall source code that already exists
in the tree. For IP-layer hooks, you'll need to use the m_pullup() call to
ensure the bytes you want are contiguously stored, and then mtod() to cast the
mbuf pointer appropriately. Although I notice ipfw, at least, doesn't call
m_pullup() for the base header, as it assumes the calling context will already
have arranged for it to be contiguous:
static int
ipfw_check_hook(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
struct inpcb *inp)
{
...
if (mtod(*m0, struct ip *)->ip_v == 4)
ret = ip_dn_io_ptr(m0, dir, &args);
...
Robert
static int
hisar_chkinput(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
struct inpcb *inp)
{
in_bytes += (*m)->m_len;
return 0;
}
Regards
LVJ.
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
