Date: Fri, 12 Dec 2003 11:07:27 -0700 From: Shawn Webb <shawnwebb@softhome.net> To: freebsd-hackers@freebsd.org Subject: recvfrom trouble Message-ID: <200312121107.27387.shawnwebb@softhome.net>
next in thread | raw e-mail | index | archive | help
I'm intercepting recvfrom() so that I can make an IPS (Itrusion Prevention
System). What it does (or will do) is check all incoming packets against a
database (linked-list), and if it matches the database, disconnect the user
and discard the packet.
Here's what I have so far:
static int hacked_recvfrom(struct proc *p, struct recvfrom_args *uap)
{
int retval;
struct sockaddr_in client;
caddr_t orig = NULL;
int clisize;
if (uap->from != NULL) orig = uap->from;
uap->from = (caddr_t)&client;
retval = recvfrom(p, uap);
if (orig != NULL) copyout(&client, orig, sizeof(client));
if (orig != NULL) uap->from = orig;
else uap->from = NULL;
return retval;
}
// end of source snip
it doesn't work with non-TCP sockets (where uap->from == NULL), when I try to
ping google with the module loaded, I get:
-su-2.05b# ping google.com
ping: cannot resolve google.com: Host name lookup failure
Why doesn't this code work?
Thanks,
Shawn Webb
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312121107.27387.shawnwebb>