protocol.c

Linux下面截获以态网数据包！是在内核态下面运行的驱动程序

	if( sniffer_dev )
	{
		dev_flags = 1;
		dev_set_promiscuity( sniffer_dev, 1 );
		dev_put( sniffer_dev );
		sniffer_dev = NULL;

		//初始化数据结构
		if( !InitGVar() )
			return -1;
		
		//启动控制线程
		init_completion( &gThread.thread_exited );
		gThread.thread_pid = kernel_thread( CtrlThread, &gThread, CLONE_KERNEL | SIGCHLD );
		
		//注册抓表函数
		dev_add_pack( &pt_packet_type );
		
		//注册设备
		register_chrdev( PROTOCOL_MAJOR, "PROTOCOL_CARD", &protocol_fops );

		return 1;
	}
	else
		return -1;
}

void __exit protocol_module_cleanup(void)
{
	//注销抓包函数
	dev_remove_pack( &pt_packet_type );

	sniffer_dev = dev_get_by_name( "eth1" );
	if( sniffer_dev )
	{
		dev_flags = 0;
		dev_set_promiscuity( sniffer_dev, -1 ); /*注意此处的第二个参数*/
		dev_put( sniffer_dev );
		sniffer_dev = NULL;

		//停止控制线程
		kill_proc( gThread.thread_pid, SIGTERM, 1 );
		wait_for_completion( &gThread.thread_exited );
		
		//释放相关数据结构
		FreeGVar();
		
		//销毁设备
		unregister_chrdev( PROTOCOL_MAJOR, "PROTOCOL_CARD" );
	}
}

module_init(protocol_module_init);
module_exit(protocol_module_cleanup);
MODULE_LICENSE("GPL");
MODULE_AUTHOR("wangfeng"); 
MODULE_DESCRIPTION("Get ip data!");

int protocol_open( struct inode *node, struct file *fop )
{

//	MOD_INC_USE_COUNT;
	
	return 0;
}

int protocol_release( struct inode *node, struct file *fop )
{
	
//	MOD_DEC_USE_COUNT;
	
	return 0;
}

ssize_t protocol_read( struct file *filep, char *buff, size_t count, loff_t *ppos )
{
	return 0;	
}

int protocol_ctl_ioctl( struct inode *node , struct file *fop ,
		unsigned int cmd , unsigned long arg )
{
	int ret = 0;
			
	return ret;	
}

void inline WriteArrayPacket( struct sk_buff *skb, PCYC_ARRAY_HEAD pCycArrayHead,
			PIP_HASH_BUCKET pIPHashBucket, UINT	AppType, UINT ruleID )
{
	UINT			iWrite;
	int				len;
	struct iphdr*	iph = (struct iphdr *)skb->data;

	len	= ntohs( iph->tot_len );
	if( skb->len < len )
		return;

	if( ( pCycArrayHead->iRead.counter + _MAX_CYC_ARRAY_DEPTH ) - pCycArrayHead->iWrite.counter 
		< _MAX_CYC_SAFE_NUMBER && len > _MAX_PACKET_LEN )
	{
		return;
	}

	iWrite = atomic64_read( &pCycArrayHead->iWrite );
	atomic64_inc( &pCycArrayHead->iWrite );
	
	iWrite = iWrite % _MAX_CYC_ARRAY_DEPTH;
	memcpy( pCycArrayHead->PacketArray[ iWrite ]->buf, skb->data, len );
	if( pIPHashBucket )
	{
		pCycArrayHead->PacketArray[ iWrite ]->IPType = pIPHashBucket->type;
		pCycArrayHead->PacketArray[ iWrite ]->pConfig = pIPHashBucket->pConfig;
	}
	else
	{
		pCycArrayHead->PacketArray[ iWrite ]->IPType = 0;
		pCycArrayHead->PacketArray[ iWrite ]->pConfig = NULL;		
	}	
	
	pCycArrayHead->PacketArray[ iWrite ]->len		= len;
	pCycArrayHead->PacketArray[ iWrite ]->AppType	= AppType;
	pCycArrayHead->PacketArray[ iWrite ]->ruleID	= ruleID;

	kfree_skb( skb );
	
	return;
}

void InitStatInfo( PTRAFFIC_STAT_INFO pInfo)
{
	pInfo->TotalNumber = 0;
	pInfo->TotalBytes = 0;
	pInfo->MailTotalBytes = 0;
	pInfo->AverageBytesPerPacket = 0;
	pInfo->MaxLength = 0;
	pInfo->MinLength = 1514;
	pInfo->Lower500 = 0;
	pInfo->Len500 = 0;
	pInfo->In500_1000 = 0;
	pInfo->Len500_1000 = 0;
	pInfo->Greater1000 = 0;
	pInfo->Len1000 = 0;
	
	pInfo->MailShort = 0;
	pInfo->MailLong = 0;
	
	pInfo->MaxTraffic = 0;
	pInfo->MaxMailTraffic = 0;
}

inline char * kstristr( const char * str1, const char * str2, int len )
{
	char *cp = (char *) str1;
	char *s1, *s2;

	if ( !str2 || !*str2 )
		return(NULL);

	while (*cp && len--)
	{
		s1 = cp;
		s2 = (char *) str2;
	
		while ( *s1 && *s2 && !(*s1-*s2) )
			s1++, s2++;
	
		if (!*s2)
			return(cp);
	
		cp++;
	}

	return(NULL);
}

inline long atoi(register char *p)
{
	register long n;
	register int c, neg = 0;
	
	if (p == NULL)
		return 0;
	
	if( !isdigit(c = *p) )
	{
		while (isspace(c))
			c = *++p;
		switch (c)
		{
		case '-':
			neg++;
		case '+':
			c = *++p;
		}
		
		if( !isdigit(c) )
			return (0);
	}
	
	if (c == '0' && *(p + 1) == 'x')
	{
		p += 2;
		c = *p;
		n = xtod(c);
		while( ( c = *++p ) && isxdigit( c ) )
		{
			n *= 16;
			n += xtod(c);
		}
	}
	else
	{
		n = '0' - c;
		while( ( c = *++p ) && isdigit(c) )
		{
			n *= 10;
			n += '0' - c;
		}
	}
	
	return (neg ? n : -n);
}

inline struct dentry *lookup_create(struct nameidata *nd, int is_dir)
{
	struct dentry *dentry;

	down(&nd->dentry->d_inode->i_sem);
	dentry = ERR_PTR(-EEXIST);
	if (nd->last_type != LAST_NORM)
		goto fail;
	nd->flags &= ~LOOKUP_PARENT;
	dentry = lookup_hash(&nd->last, nd->dentry);
	if (IS_ERR(dentry))
		goto fail;
	if (!is_dir && nd->last.name[nd->last.len] && !dentry->d_inode)
		goto enoent;
	return dentry;
enoent:
	dput(dentry);
	dentry = ERR_PTR(-ENOENT);
fail:
	return dentry;
}

inline long mkdir( const char * pathname, int mode )
{
	int error;
	struct dentry *dentry;
	struct nameidata nd;

	error = 0;
	error = path_lookup(pathname, LOOKUP_PARENT, &nd);
	if( error )
		goto out;
		
	dentry = lookup_create(&nd, 1);
	error = PTR_ERR(dentry);
	if (!IS_ERR(dentry))
	{
		if (!IS_POSIXACL(nd.dentry->d_inode))
			mode &= ~current->fs->umask;
		error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
		dput(dentry);
	}
	up(&nd.dentry->d_inode->i_sem);
	path_release(&nd);

out:
	return error;
}

inline long rmdir(const char * pathname)
{
	int error = 0;
	struct dentry *dentry;
	struct nameidata nd;

	error = path_lookup( pathname, LOOKUP_PARENT, &nd );
	if( error )
		goto exit;

	switch(nd.last_type)
	{
	case LAST_DOTDOT:
		error = -ENOTEMPTY;
		goto exit1;
	case LAST_DOT:
		error = -EINVAL;
		goto exit1;
	case LAST_ROOT:
		error = -EBUSY;
		goto exit1;
	}

	down( &nd.dentry->d_inode->i_sem );
	dentry = lookup_hash( &nd.last, nd.dentry );
	error = PTR_ERR(dentry);
	if (!IS_ERR(dentry))
	{
		error = vfs_rmdir( nd.dentry->d_inode, dentry );
		dput(dentry);
	}
	up(&nd.dentry->d_inode->i_sem);
exit1:
	path_release(&nd);
exit:
	return error;
}

inline long unlink(const char * pathname)
{
	int error = 0;
	struct dentry *dentry;
	struct nameidata nd;
	struct inode *inode = NULL;
	
	error = path_lookup(pathname, LOOKUP_PARENT, &nd);
	if (error)
		goto exit;
	error = -EISDIR;
	if (nd.last_type != LAST_NORM)
		goto exit1;
	down(&nd.dentry->d_inode->i_sem);
	dentry = lookup_hash(&nd.last, nd.dentry);
	error = PTR_ERR(dentry);
	if (!IS_ERR(dentry))
	{
		if (nd.last.name[nd.last.len])
			goto slashes;
		inode = dentry->d_inode;
		if (inode)
			atomic_inc(&inode->i_count);
		error = vfs_unlink(nd.dentry->d_inode, dentry);
exit2:
		dput(dentry);
	}
	up(&nd.dentry->d_inode->i_sem);
	if (inode)
	{
		iput(inode);
	}

exit1:
	path_release(&nd);

exit:
	return error;
	
slashes:
	error = !dentry->d_inode ? -ENOENT :
	S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR;
	goto exit2;
}