typedef unsigned int nf_hookfn(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn) (struct sk_buff *));
/* 处理函数返回值 */
#define NF_DROP 0 /* drop the packet, don't continue traversal */
#define NF_ACCEPT 1 /* continue traversal as normal */
#define NF_STOLEN 2 /* I've taken over the packet, don't continue traversal */
#define NF_QUEUE 3 /* queue the packet (usually for userspace handling) */
#define NF_REPEAT 4 /* call this hook again */
#define NF_STOP 5
#define NF_MAX_VERDICT NF_STOP
在使用Netfilter时,需要定义一个nf_hook_ops实例。
struct nf_hook_ops {
struct list_head list;
/* User fills in from here down. */
nf_hookfn *hook; /* 要注册的钩子函数 */
struct module *owner;
u_int8_t pf; /* 协议类型 */
unsigned int hooknum; /* 哪个钓鱼台 */
/* Hooks are ordered in asending priority. */
int priority; /* 数值越小,优先级越高 */
};
typedef __u8 u_int8_t;
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
