- 履歴一覧
- 差分 を表示
- 現在との差分 を表示
- ソース を表示
- へ行く。
- 1 (2005-12-07 (水) 19:36:43)
- 2 (2010-09-18 (土) 00:12:00)
†
†
†
†
†
| _init(9E) | |
| _info(9E) | |
| _fini(9E) |
|
|
+--- mod_strmodops
|
|
|
| |
| +--- fwall_rput()
| +--- fwall_open()
| +--- fwall_close()
| +--- minfo
|
|
+--- fwall_rput()
+--- minfo
| fwall_open() | |
| fwall_close() | |
| fwall_rput() | |
| fwall_wput() |
†
1 /* Simple filter
2 * /usr/local/bin/gcc -D_KERNEL fwall.c -c
3 * ld -dn -r fwall.o -o fwall
4 */
5
6 /* added headers */
7 #include <sys/modctl.h>
8
9 /* sample headers */
10 #include <sys/types.h>
11 #include <sys/param.h>
12 #include <sys/stream.h>
13 #include <sys/stropts.h>
14 #include <sys/ddi.h>
15 #include <sys/sunddi.h>
16
17 /* header's for network */
18 #include <netinet/in.h>
19 #include <sys/types.h>
20 #include <sys/socket.h>
21 #include <sys/stropts.h>
22 #include <sys/dlpi.h>
23 #include <fcntl.h>
24 #include <sys/signal.h>
25 #include <sys/stream.h>
26 #include <net/if.h>
27 #include <netinet/if_ether.h>
28 #include <netinet/in_systm.h>
29 #include <netinet/tcp.h>
30 #include <netinet/ip.h>
31
32 #define REJECTADDR 0xac1d4958 /* 172.29.73.88 */
33
34
35 static int fwall_open (queue_t*, dev_t*, int, int, cred_t*);
36 static int fwall_rput (queue_t*, mblk_t*);
37 static int fwall_wput (queue_t*, mblk_t*);
38 static int fwall_close (queue_t*, int, int, cred_t*);
39
40 static struct module_info minfo =
41 { 0xdefe, "fwall", 1, INFPSZ, 512, 128 };
42
43 static struct qinit rinit = {
44 fwall_rput, NULL, fwall_open, fwall_close, NULL, &minfo, NULL};
45
46 static struct qinit winit = {
47 fwall_wput, NULL, NULL, NULL, NULL, &minfo, NULL};
48
49 struct streamtab fwmdinfo={
50 &rinit, &winit, NULL, NULL};
51
52 static struct fmodsw fw_fmodsw ={
53 "fwall", &fwmdinfo, D_NEW | D_MP |D_MTQPAIR };
54
55 struct modlstrmod modlstrmod ={
56 &mod_strmodops, "simple module for test", &fw_fmodsw };
57
58 static struct modlinkage modlinkage ={
59 MODREV_1, (void *)&modlstrmod, NULL };
60
61 _init()
62 {
63 return (mod_install(&modlinkage));
64 }
65
66 _info(modinfop)
67 struct modinfo *modinfop;
68 {
69 return (mod_info(&modlinkage, modinfop));
70 }
71
72 _fini(void)
73 {
74 return (mod_remove(&modlinkage));
75 }
76
77
78 static int fwall_open (queue_t* q, dev_t *dev, int oflag, int sflag, cred_t *cred)
79 {
80 if (sflag != MODOPEN)
81 return EINVAL;
82 q->q_ptr = WR(q)->q_ptr = NULL;
83 qprocson(q);
84 return (0);
85 }
86
87 static int fwall_close (queue_t *q, int flag, int sflag, cred_t *cred)
88 {
89 qprocsoff(q);
90 q->q_ptr = WR(q)->q_ptr = NULL;
91 return(0);
92 }
93
94 static int
95 fwall_wput(queue_t *q, mblk_t *mp)
96 {
97 putnext(q, mp);
98 return (0);
99 }
100
101 static int
102 fwall_rput(queue_t *q, mblk_t *mp)
103 {
104 struct ip *ip;
105
106 if (mp->b_datap->db_type == M_DATA) {
107 u_char *rptr = mp->b_rptr;
108 int dlen = mp->b_wptr - mp->b_rptr;
109 char msg[100];
110
111 ip = (struct ip *)&rptr[0];
112
113 sprintf(msg, "%d.%d.%d.%d -> %d.%d.%d.%d Len:%d Protocol:%d",
114 ip->ip_src._S_un._S_un_b.s_b1, ip->ip_src._S_un._S_un_b.s_b2,
ip->ip_src._S_un._S_un_b.s_b3, ip->ip_src._S_un._S_un_b.s_b4,
115 ip->ip_dst._S_un._S_un_b.s_b1, ip->ip_dst._S_un._S_un_b.s_b2,
ip->ip_dst._S_un._S_un_b.s_b3, ip->ip_dst._S_un._S_un_b.s_b4,
116 ip->ip_len, ip->ip_p);
117 cmn_err(CE_CONT, "%s",msg);
118
119 if( ip->ip_src._S_un._S_addr == REJECTADDR){
120 freemsg(mp);
121 cmn_err(CE_CONT, "Packet Dropped");
122 return(0);
123 }
124
125 } /* if M_DATA */
126
127 putnext(q, mp);
128 return (0);
129 }
†
†
# /usr/local/bin/gcc fwall.c -D_KERNEL -c # /usr/ucb/ld -dn -r fwall.o -o fwall
# /bin/cp fwall /kernel/strmod/fwall
# /bin/cp fwall /kernel/strmod/sparcv9/fwall
†
# /usr/sbin/modload fwall
# ifconfig le0 modinsert fwall@2
# ifconfig le0 modlist 0 arp 1 ip 3 le
# ifconfig le0 modlist 0 arp 1 ip 2 le
# make # make install
# make uninstall
1 CC = /usr/local/bin/gcc
2 PRODUCTS = fwall
3 AUTOPUSH = /etc/autopush
4 ECHO = /bin/echo
5 CP = /bin/cp
6 RM = /bin/rm
7 LD = /usr/ucb/ld
8 RM = /bin/rm
9 CAT = /bin/cat
10 AWK = /bin/awk
11 MODLOAD = /usr/sbin/modload
12 MODUNLOAD = /usr/sbin/modunload
13 MODINFO = /usr/sbin/modinfo
14
15
16 all: $(PRODUCTS)
17
18 clean:
19 rm -f fwall fwall.o
20
21 fwall: fwall.c
22 $(CC) fwall.c -D_KERNEL -c
23 $(LD) -dn -r fwall.o -o fwall
24
25 install:
26 -$(CP) fwall /kernel/strmod/fwall
27 $(MODLOAD) fwall
28 ifconfig le0 modinsert fwall@2
29
30 uninstall:
31 ifconfig le0 modremove fwall@2
32 -$(MODUNLOAD) -i `$(MODINFO) | $(AWK) '/fwall/{ print $1 }'`
33 -$(RM) /kernel/strmod/fwall
32 #define REJECTADDR 0xac1d4958 /* 172.29.73.88 */
113 sprintf(msg, "%d.%d.%d.%d -> %d.%d.%d.%d Len:%d Protocol:%d", 114 ip->ip_src._S_un._S_un_b.s_b1, ip->ip_src._S_un._S_un_b.s_b2, 115 ip->ip_dst._S_un._S_un_b.s_b1, ip->ip_dst._S_un._S_un_b.s_b2, 116 ip->ip_len, ip->ip_p); 117 cmn_err(CE_CONT, "%s",msg);
