Code a simple blackhole
Published in
1 min readFeb 11, 2019
Source Code:
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/skbuff.h>
#include <linux/tcp.h>
#include <linux/udp.h>
#include <linux/ip.h>
static struct nf_hook_ops nfho;
struct tcphdr *tcp_header;
struct iphdr *ip_header;
unsigned int hook_func(
const struct nf_hook_ops *ops,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *)) {
ip_header = (struct iphdr *)skb_network_header(skb);
if (ip_header->protocol == /* TCP */ 6) {
tcp_header = tcp_hdr(skb);
u32 saddr, daddr;
u16 sport, dport;
saddr = ntohl(ip_header->saddr);
daddr = ntohl(ip_header->daddr);
sport = ntohs(tcp_header->source);
dport = ntohs(tcp_header->dest);// if packet from local port 7000, drop it.
if (sport == 7000) {
printk(KERN_INFO "got tcp packet at 7000 port.\n");
return NF_DROP;
}
}
return NF_ACCEPT;
}
int init_module() {
nfho.hook = hook_func;
nfho.hooknum = NF_INET_LOCAL_OUT;
nfho.pf = PF_INET;
nfho.priority = NF_IP_PRI_FIRST;
nf_register_hook(&nfho);
return 0;
}
void cleanup_module() {
nf_unregister_hook(&nfho);
}
