一个Netfilter防火墙的问题

filter_prot.c如下
#ifndef __KERNEL__
#define __KERNEL__
#endif
#ifndef MODULE
#define MODULE
#endif

#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/skbuff.h>
#include <net/tcp.h>
#include <linux/netdevice.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
/*struct that is used for register hook*/
static struct nf_hook_ops nfho;


/* definition of hook function */
unsigned int hook_func(unsigned int hooknum,
  struct sk_buff **skb,
  const struct net_device *in,
  const struct net_device *out,
  int (*okfn)(struct sk_buff *))
{
  struct sk_buff *pskb=*skb;
  switch(pskb->nh.iph->protocol)
  {
case IPPROTO_ICMP:
{
printk("ICMP Packet: DROP\n");
return NF_DROP;
}
case IPPROTO_TCP:
{
printk("TCP Packet: ACCEPT\n");
return NF_ACCEPT;
}
case IPPROTO_UDP:
{
printk("UDP Packet: ACCEPT\n");
return NF_ACCEPT;
}
default:
{
printk("Unknown Packet: DROP\n");
return NF_DROP;
}
  }
}

/* module initial function */
int init_module()
{
  /* init the struct */
  nfho.hook = hook_func; /* hook function */
  nfho.hooknum = NF_IP_PRE_ROUTING; /* the hook point */
  nfho.pf = PF_INET;
  nfho.priority = NF_IP_PRI_FIRST; /* priority */

  nf_register_hook(&nfho); /* register the hook */
   
  return 0;
}
   
/* module clean function */
void cleanup_module()
{
  nf_unregister_hook(&nfho);
}
 

Makefile


obj-m := filter_prot.o
KDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
all:
$(MAKE) -C $(KDIR) SUBDIRS=$(PWD) modules
clean:
$(MAKE) -C $(KDIR) SUBDIRS=$(PWD) clean

系统版本ubuntu 10.04 ,内核2.26.32-31
make后

mannialanck@mannialanck-desktop:~/filter$ make
make -C /lib/modules/2.6.32-31-generic/build SUBDIRS=/home/mannialanck/filter modules
make[1]: 正在进入目录 `/usr/src/linux-headers-2.6.32-31-generic'
  CC [M] /home/mannialanck/filter/filter_prot.o
/home/mannialanck/filter/filter_prot.c: In function ‘hook_func’:
/home/mannialanck/filter/filter_prot.c:27: error: ‘struct sk_buff’ has no member named ‘nh’
/home/mannialanck/filter/filter_prot.c: In function ‘init_module’:
/home/mannialanck/filter/filter_prot.c:56: warning: assignment from incompatible pointer type
/home/mannialanck/filter/filter_prot.c:57: error: ‘NF_IP_PRE_ROUTING’ undeclared (first use in this function)
/home/mannialanck/filter/filter_prot.c:57: error: (Each undeclared identifier is reported only once
/home/mannialanck/filter/filter_prot.c:57: error: for each function it appears in.)
make[2]: *** [/home/mannialanck/filter/filter_prot.o] 错误 1
make[1]: *** [_module_/home/mannialanck/filter] 错误 2
make[1]:正在离开目录 `/usr/src/linux-headers-2.6.32-31-generic'
make: *** [all] 错误 2

作者: mannialanck   发布时间: 2011-05-18

你需要添加头文件路径在 makefile 里面 !!  
-I ,.....

作者: Jiura   发布时间: 2011-05-18