#ifndef __KERNEL__
#define __KERNEL__
#endif
#ifndef MODULE
#define MODULE
#endif
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/init.h>
#include <linux/skbuff.h>
#include <linux/netfilter.h>
#include <linux/netfilter_arp.h>
#include <linux/if_arp.h>
#define NF_ARP_PRI 0
static struct nf_hook_ops sArpHookOps;
int arp_request_defend(arg1,...)
{
//arp请求攻击的防范
}
int arp_reply_defend(arg1,...)
{
//arp应答攻击的防范
}
unsigned int arp_in(unsigned int hooknum,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
struct arphdr *psArpHead = arp_hdr(skb);
if(psArpHead->ar_op == htons(ARPOP_REQUEST))
{
printk("Receive ARP REQUEST\n"); //just for test
arp_request_defend();
}
else if(psArpHead->ar_op == htons(ARPOP_REPLY))
{
printk("Receive ARP REPLY\n"); //just for test
arp_reply_defend();
}
else
{
printk("Not an ARP packet!\n");
}
//return NF_ACCEPT;
}
int __init ArpDefendInit(void)
{
int ret;
sArpHookOps.hook = arp_in;
sArpHookOps.hooknum = NF_ARP_IN;
sArpHookOps.pf = NF_ARP;
sArpHookOps.priority = NF_ARP_PRI;
ret = nf_register_hook(&sArpHookOps);
if( ret != 0)
{
printk("arp hook register fail!\n"); //just for test
}
return ret;
}
void __exit ArpDefendExit(void)
{
int ret;
ret = nf_unregister_hook(&sArpHookOps);
if( ret != 0)
{
printk("arp hook unregister fail!\n");
}
return ret;
}
module_init(ArpDefendInit);
module_exit(ArpDefendExit);
MODULE_LICENSE("GPL");
