¡¾×ªÌûLINUX¡¿IP·ÖƬÖØ×é·ÖÎö
±¾ÎĵµµÄCopyleft¹éyfydzËùÓУ¬Ê¹ÓÃGPL·¢²¼£¬¿ÉÒÔ×ÔÓÉ¿½±´£¬×ªÔØ£¬×ªÔØʱÇë±£³ÖÎĵµµÄÍêÕûÐÔ£¬ÑϽûÓÃÓÚÈκÎÉÌÒµÓÃ;¡£
msn: yfydz_no1@hotmail.com
À´Ô´£ºhttp://yfydz.cublog.cn
1. Ç°ÑÔ
¶ÔIPËéƬµÄÖØ×éÊÇ·À»ðǽÌá¸ß°²È«ÐÔµÄÒ»¸öÖØÒªÊֶΣ¬Í¨¹ýÌáÇ°½øÐÐËéƬÖØ×飬¿ÉÒÔÓÐЧ·ÀÓù¸÷ÖÖËéƬ¹¥»÷£¬LinuxÄں˵ķÀ»ðǽnetfilter¾Í×Ô¶¯¶ÔIPËéƬ°ü½øÐÐÁËÖØ×飬±¾ÎĽéÉÜLinuxÄÚºËÖеÄIPÖØ×é¹ý³Ì£¬Äں˴úÂë°æ±¾2.4.26¡£
2. ´¦ÀíÁ÷³Ì
ʵÏÖIPÖØ×éµÄ»ù±¾º¯ÊýΪip_defrag()£¬ÔÚnet/ipv4/ip_fragment.cÖÐʵÏÖ£¬»ù±¾¹ý³ÌÊǽ¨Á¢ËéƬ´¦Àí¶ÓÁУ¬¶ÓÁÐÖÐÿ¸ö½ÚµãÊÇÒ»¸öÁ´±í£¬Õâ¸öÁ´±í±£´æͬһ¸öÁ¬½ÓµÄËéƬ£¬µ±ËéƬ¶¼µ½´ïÖ®ºó½øÐÐÊý¾Ý°üÖØ×飬»òÕßÔÚÒ»¶¨Ê±¼ä(ȱʡ30Ãë)ÄÚËùÓÐËéƬ°ü²»Äܵ½´ï¶øÊͷŵô¡£
2.1 Êý¾Ý½á¹¹
ÔÚ´¦Àí·ÖƬ°üʱ£¬½«skb°üµÄcb×ֶα£´æËéƬ¿ØÖÆÐÅÏ¢struct ipfrag_skb_cb¡£
#define FRAG_CB(skb) ((struct ipfrag_skb_cb*)((skb)->cb))
struct ipfrag_skb_cb
{
struct inet_skb_parm h;
int offset;
};
ipq¶ÓÁнڵã½á¹¹£º
/* Describe an entry in the "incomplete datagrams" queue. */
struct ipq {
// ÏÂÒ»¸ö
struct ipq *next; /* linked list pointers */
// ×îÐÂʹÓÃÁ´±í
struct list_head lru_list; /* lru list member */
// ÒÔÏÂ4ÏîÓÃÀ´Æ¥ÅäÒ»×éIP·ÖÅä
u32 saddr;
u32 daddr;
u16 id;
u8 protocol;
// ״̬±êÖ¾
u8 last_in;
#define COMPLETE 4 // Êý¾ÝÒѾÍêÕû
#define FIRST_IN 2 // µÚÒ»¸ö°üµ½´ï
#define LAST_IN 1 // ×îºóÒ»¸ö°üµ½´ï
// ½ÓÊÕµ½µÄIPËéƬÁ´±í
struct sk_buff *fragments; /* linked list of received fragments */
// lenÊǸù¾Ý×îÐÂIPËéƬÖеÄÆ«ÒÆÐÅÏ¢µÃ³öµÄÊý¾Ý×ܳ¤
int len; /* total length of original datagram */
// meatÊÇËùÓÐËéƬʵ¼Ê³¤¶ÈµÄÀÛ¼Ó
int meat;
spinlock_t lock;
atomic_t refcnt;
// ³¬Ê±
struct timer_list timer; /* when will this queue expire? */
// Ç°Ò»Ïî¶ÓÁеØÖ·
struct ipq **pprev;
// Êý¾Ý½øÈëÍø¿¨µÄË÷ÒýºÅ
&
Ïà¹ØÎĵµ£º
1. LinuxCommand
¡¡¡¡LinuxCommandÊÇÒ»¸öѧϰLinuxÃüÁîÐÐ×îºÃµÄÍøÕ¾Ö®Ò»¡£ÍøÕ¾·ÖΪ£ºÑ§Ï°Shell¡¢Ð´Shell½Å±¾¡¢½Å±¾¿â¡¢³¬¼¶MANÒ³Ãæ¡£
http://linuxcommand.org/
2. O’ReillyµÄLinuxÃüÁîÖ¸ÄÏĿ¼
¡¡¡¡O’ReillyµÄLinuxÃüÁîÖ¸ÄÏĿ¼ÊÇÒ»¸ö¼«ºÃµÄ¿ìËٲο¼Ö¸ÄÏ£¬ÁгöÁË´ó ......
4. Threads
To use the POSIX standard thread API (pthreads), link libpthread.so
to your program.
4.1. Thread Creation
Each thread in a process is identified by a thread ID,
pthread_t.
The pthread_self function returns the thread ID of the current
thread.
This thread IDs can be compared ......
2008-07-07 22:06
PREROUTING£ºip_conntrack_defrag à ip_conntrack_in
1£¬ip_conntrack_defrag:
ͨ³£µ±IP±¨Îı»ËÍÖÁL4²ã´¦Àíʱ£¬Èç¹û¸Ã±¨ÎÄÊÇ·ÖƬ±¨ÎÄ£¬ÄÇô±¨ÎľͻáÏȱ»±£´æÆðÀ´£¬Ö±µ½ËùÓзÖƬµ½´ïºóÖØ×é³ÉÒ»¸öÍêÕû±¨Îĺó£¬ÔÙ±»·Ö·¢µ½L4²ã¡£µ±Ã»ÓÐÆô¶¯conntrackʱ£¬netfilter¸÷HOOKµã¶Ô±¨ÎIJÙ×÷ʱ£¬²¢²»¼ì²é¸Ã± ......
2008-07-07 22:09
6£¬TCP filterµÄÔÀí£º
µ±filterÊÕµ½Ä³¸öÁ¬½ÓµÄµÚÒ»¸ö±¨ÎÄʱ£¬»áΪ¸ÃÁ¬½ÓÔÚÈ«¾ÖÁ¬½Ó±íÖд´½¨Ò»¸ö±íÏ²¢Óñ¨ÎÄÖÐЯ´øµÄÔ´¡¢Ä¿µÄIPºÍ¶Ë¿ÚÕâ¸öËÄÔª×é´´½¨original tupleºÍreply tuple£¬ÕâÁ½¸ötuple·Ö±ð´Ó²»Í¬·½ÏòÀ´±êʶÕâ¸öÁ¬½Ó¡£ºóÐøµÄ±¨ÎÄ»á¸ù¾ÝÆäЯ´øµÄËÄÔª×éÕÒµ½ÏàÓ¦µÄÁ¬½Ó±íÏȻºó¸ù¾Ý±íÏîËù¼Ç¼ ......
