chn/xmurp-ua
1
0
Fork 0
mirror of https://github.com/CHN-beta/xmurp-ua.git synced 2026-01-11 01:09:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

增加调试信息

Browse Source
This commit is contained in:
chn
2019-09-20 10:10:37 +08:00
parent 5f330d7656
commit 00ebf8a8c9
2 changed files with 32 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=xmurp-ua PKG_NAME:=xmurp-ua
PKG_RELEASE:=15 PKG_RELEASE:=17
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
@@ -19,7 +19,7 @@ define KernelPackage/xmurp-ua
SUBMENU:=Other modules SUBMENU:=Other modules
TITLE:=xmurp-ua TITLE:=xmurp-ua
FILES:=$(PKG_BUILD_DIR)/xmurp-ua.ko FILES:=$(PKG_BUILD_DIR)/xmurp-ua.ko
AUTOLOAD:=$(call AutoLoad,99,xmurp-ua) # AUTOLOAD:=$(call AutoLoad,99,xmurp-ua)
KCONFIG:= KCONFIG:=
endef endef

30
src/xmurp-ua.c
View File

@@ -139,6 +139,8 @@ inline u_int8_t skb_scan(char *data_start, char *data_end)
// ip地址、端口号、iph->tot_len需要网络顺序到主机顺序的转换。校验和时除长度字段外不需要手动进行网络顺序和主机顺序的转换。 // ip地址、端口号、iph->tot_len需要网络顺序到主机顺序的转换。校验和时除长度字段外不需要手动进行网络顺序和主机顺序的转换。
unsigned int hook_funcion(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) unsigned int hook_funcion(void *priv, struct sk_buff *skb, const struct nf_hook_state *state)
{ {
static u_int32_t debug_n = 0;
register struct tcphdr *tcph; register struct tcphdr *tcph;
register struct iphdr *iph; register struct iphdr *iph;
register char *data_start, *data_end; register char *data_start, *data_end;
@@ -152,23 +154,51 @@ unsigned int hook_funcion(void *priv, struct sk_buff *skb, const struct nf_hook_
register u_int8_t jump_to_next_function = 0, ret; register u_int8_t jump_to_next_function = 0, ret;
// 过滤发往外网的HTTP请求的包且要求包的应用层内容不短于3字节 // 过滤发往外网的HTTP请求的包且要求包的应用层内容不短于3字节
debug_n++;
if(skb == 0) if(skb == 0)
{
if(debug_n < 10)
printk("xmurp-ua warning, something maybe wrong.\n");
return NF_ACCEPT; return NF_ACCEPT;
}
iph = ip_hdr(skb); iph = ip_hdr(skb);
if((ntohl(iph->daddr) & 0xffff0000) == 0xc0a80000) if((ntohl(iph->daddr) & 0xffff0000) == 0xc0a80000)
{
if(debug_n < 10)
printk("xmurp-ua bypass as dst in local net.\n");
return NF_ACCEPT; return NF_ACCEPT;
}
if(iph->protocol != IPPROTO_TCP) if(iph->protocol != IPPROTO_TCP)
{
if(debug_n < 10)
printk("xmurp-ua bypass as protocol not tcp.\n");
return NF_ACCEPT; return NF_ACCEPT;
}
tcph = tcp_hdr(skb); tcph = tcp_hdr(skb);
if(ntohs(tcph->dest) != 80) if(ntohs(tcph->dest) != 80)
{
if(debug_n < 10)
printk("xmurp-ua bypass as port %u not 80.\n", ntohs(tcph->dest));
return NF_ACCEPT; return NF_ACCEPT;
}
data_start = (char *)tcph + tcph->doff * 4; data_start = (char *)tcph + tcph->doff * 4;
data_end = (char *)tcph + ntohs(iph->tot_len) - iph->ihl * 4; data_end = (char *)tcph + ntohs(iph->tot_len) - iph->ihl * 4;
if(data_end - data_start < 4) if(data_end - data_start < 4)
{
if(debug_n < 10)
printk("xmurp-ua bypass as data too short.\n");
return NF_ACCEPT; return NF_ACCEPT;
}
if(skb->mark & 0x00000001) if(skb->mark & 0x00000001)
{
if(debug_n < 10)
printk("xmurp-ua bypass as mark.\n");
return NF_ACCEPT; return NF_ACCEPT;
}
if(debug_n++ < 10)
printk("xmurp-ua catch a package.\n");
// 决定是否发送到下一层 // 决定是否发送到下一层
if(catch_next_frag && iph->saddr == saddr && iph->daddr == daddr && if(catch_next_frag && iph->saddr == saddr && iph->daddr == daddr &&
tcph->seq == seq && tcph->source == sport && tcph->dest == dport) tcph->seq == seq && tcph->source == sport && tcph->dest == dport)