diff --git a/Makefile b/Makefile index 7fa80d5..fbb428f 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=xmurp-ua -PKG_RELEASE:=17 +PKG_RELEASE:=22 include $(INCLUDE_DIR)/package.mk diff --git a/src/xmurp-ua.c b/src/xmurp-ua.c index b16c574..632a312 100644 --- a/src/xmurp-ua.c +++ b/src/xmurp-ua.c @@ -154,39 +154,47 @@ unsigned int hook_funcion(void *priv, struct sk_buff *skb, const struct nf_hook_ register u_int8_t jump_to_next_function = 0, ret; // 过滤发往外网的HTTP请求的包,且要求包的应用层内容不短于3字节 - debug_n++; if(skb == 0) { - if(debug_n < 10) - printk("xmurp-ua warning, something maybe wrong.\n"); +// if(debug_n < 10) +// printk("xmurp-ua warning, something maybe wrong.\n"); return NF_ACCEPT; } iph = ip_hdr(skb); if((ntohl(iph->daddr) & 0xffff0000) == 0xc0a80000) { - if(debug_n < 10) - printk("xmurp-ua bypass as dst in local net.\n"); +// if(debug_n < 10) +// printk("xmurp-ua bypass as dst in local net.\n"); return NF_ACCEPT; } if(iph->protocol != IPPROTO_TCP) { - if(debug_n < 10) - printk("xmurp-ua bypass as protocol not tcp.\n"); +// if(debug_n < 10) +// printk("xmurp-ua bypass as protocol not tcp.\n"); return NF_ACCEPT; } tcph = tcp_hdr(skb); if(ntohs(tcph->dest) != 80) { - if(debug_n < 10) - printk("xmurp-ua bypass as port %u not 80.\n", ntohs(tcph->dest)); +// if(debug_n < 10) +// printk("xmurp-ua bypass as port %u not 80.\n", ntohs(tcph->dest)); return NF_ACCEPT; } data_start = (char *)tcph + tcph->doff * 4; data_end = (char *)tcph + ntohs(iph->tot_len) - iph->ihl * 4; + debug_n++; if(data_end - data_start < 4) { if(debug_n < 10) - printk("xmurp-ua bypass as data too short.\n"); + printk("xmurp-ua bypass as data too short."); + if(debug_n < 10) + printk("xmurp-ua tcph -> doff = %x, iph -> tot_len = %x, iph -> ihl = %x.\n", tcph -> doff, iph -> tot_len, iph -> ihl); + if(debug_n < 10) + printk("xmurp-ua iph -> tot_len - iph, %x.\n", (char*)&(iph -> tot_len) - (char*)iph); + if(debug_n < 10) + printk("xmurp-ua iph -> tot_len %x.\n", *((u_int16_t*)&(iph -> tot_len))); + if(debug_n < 10) + printk("xmurp-ua iph message %x %x %x %x %x %x %x %x %x %x %x.\n", iph -> version, iph -> ihl, iph -> tos, iph -> tot_len, iph -> id, iph -> frag_off, iph -> ttl, iph -> protocol, iph -> check, iph -> saddr, iph -> daddr); return NF_ACCEPT; } if(skb->mark & 0x00000001)