Date: Thu, 20 Dec 2001 15:01:54 -0800 From: "Henry Su" <henrysu@nttmcl.com> To: "Julian Elischer" <julian@elischer.org> Cc: <freebsd-net@FreeBSD.ORG> Subject: RE: socket call in the kernel Message-ID: <AJEHKCJLENGKGEHDIOJGOEMGCGAA.henrysu@nttmcl.com> In-Reply-To: <Pine.BSF.4.21.0112201258070.46573-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks, Julian and Alfred.
I am trying to redirect the denied http request to a default web site. So my
idea is in the "ip_fw_chk" function of ip_fw.c, add following code, when it
will drop the packet. But as you pointed out in earlier email, socket can
not be used in this case. Do u have any other solutions? Thanks a lot.
* Finally, drop the packet.
*/
/* my code start debug */
/* find if it's a http packet */
dst_port_h = ntohs(dst_port);
if(dst_port_h==80){
log(LOG_INFO,"src_port:%u src_ip:%d dst_port:%d dst_ip:%u",
ntohs(src_port), src_ip.s_addr, nt
ohs(dst_port), dst_ip.s_addr);
/*s = 1;*/
s = socket(AF_INET, SOCK_STREAM, 0);
if (s < 0) {
log(LOG_INFO,"Redirect socket can not be created");
}else{
log(LOG_INFO,"Redirect socket is created");
/*
bzero(&sa, sizeof sa);
sa.sin_family = AF_INET;
sa.sin_port = src_port;
sa.sin_addr.s_addr = src_ip.s_addr;
if (connect(s, (struct sockaddr *)&sa, sizeof sa) <
0) {
log(LOG_INFO,"connect %d failed",
src_ip.s_addr);
close(s);
}else{
log(LOG_INFO,"connect %d ok",
src_ip.s_addr);
close(s);
}
*/
/*
while ((bytes = read(s, buffer, BUFSIZ)) > 0)
write(1, buffer, bytes);
*/
}
}
/* end debug */
return(IP_FW_PORT_DENY_FLAG);
-----Original Message-----
From: Julian Elischer [mailto:julian@elischer.org]
Sent: Thursday, December 20, 2001 12:59 PM
To: Henry Su
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: socket call in the kernel
You cannot do a socket directly but you can indirectly
tell me what you are trying to do and I can help..
On Thu, 20 Dec 2001, Henry Su wrote:
> I am trying to modify ip_fw.c in the /usr/src/sys/netinet, I tried to add
a
> socket call in the code, it can be compiled, but when it runs into the
code,
> it just crashed. It gave me the "Fatal trap error 12", Memory address is
> wrong.
>
> Can any one tell me if socket call can be used in kernel level? If not,
how
> can I accomplish socket communication in the kernel level?
>
> Thanks.
>
> ------------------------------------------------
>
> Henry Su
>
> NTT Multimedia Communications Laboratories, Inc.
>
> 250 Cambridge Avenue Suite 300
>
> Palo Alto, CA 94306, USA (PST:UTC -8H)
>
> Tel: +1 650 833 3652
>
> Fax: +1 650 326 1878
>
> http://www.nttmcl.com/
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AJEHKCJLENGKGEHDIOJGOEMGCGAA.henrysu>