ÉîÈëLinuxÄÚºËÍøÂç¶ÑÕ»

×÷Õߣºbioforge alkerr@yifan.net
Ô­Ãû£º <<Hacking the Linux Kernel Network Stack>>
·­Ò룬Ð޸ģº duanjigang <duanjigang1983@126.com>
·­Òë²Î¿¼£ºraodan (raod_at_30san.com) 2003-08-22
µÚÒ»Õ  ¼ò½é
±¾ÎĽ«ÃèÊöÈçºÎÀûÓÃLinuxÍøÂç¶ÑÕ»µÄÇÏÃÅ£¨²»Ò»¶¨¶¼ÊÇ©¶´£©À´´ïµ½Ò»Ð©Ä¿µÄ£¬»òÕßÊǶñÒâµÄ£¬»òÕßÊdzöÓÚÆäËüÒâͼµÄ¡£ÎÄÖлá¾ÍºóÃÅͨѶ¶ÔNetfilter¹³×Ó½øÐÐÌÖÂÛ£¬²¢ÔÚ±¾µØ»úÆ÷ÉÏʵÏÖ½«Õâ¸ö´«Êä´Ó»ùÓÚLibpcapµÄÐá̽Æ÷(sniffer)ÖÐÒþ²Ø¡£
    NetfilterÊÇ2.4Äں˵ÄÒ»¸ö×Óϵͳ¡£Netfilter¿ÉÒÔͨ¹ýÔÚÄں˵ÄÍøÂç´úÂëÖÐʹÓø÷ÖÖ¹³×ÓÀ´ÊµÏÖÊý¾Ý°ü¹ýÂË£¬ÍøÂçµØַת»»(NAT)ºÍÁ¬½Ó¸ú×ÙµÈÍøÂçÆÛÆ­¡£ÕâЩ¹³×Ó±»·ÅÖÃÔÚÄں˴úÂë¶Î£¬»òÕß¾²Ì¬±àÒë½øÄںˣ¬»òÕß×÷Ϊһ¸ö¿É¶¯Ì¬¼ÓÔØ/жÔصĿÉжÔØÄ£¿é£¬È»ºó¾Í¿ÉÒÔ×¢²á³Æ֮ΪÍøÂçʼþµÄº¯Êý£¨±ÈÈçÊý¾Ý°üµÄ½ÓÊÕ£©¡£
1.1 ±¾ÎÄÂÛÊöµÄÄÚÈÝ
±¾ÎĽ«½²ÊöÄÚºËÄ£¿éµÄ±àдÕßÈçºÎÀûÓÃNetfilterµÄ¹³×ÓÀ´´ïµ½ÈκÎÄ¿µÄ£¬ÒÔ¼°ÔõÑù½«ÍøÂç´«Êä´ÓÒ»¸öLibpcapµÄÓ¦ÓÃÖÐÒþ²Øµô¡£¾¡¹ÜLinux2.4Ö§³Ö¶ÔIPV4£¬IPV6ÒÔ¼°DECnetµÄ¹³×Ó,±¾ÎÄÖ»Ìá¼°IPV4µÄ¹³×Ó¡£µ«ÊÇ£¬¶ÔIPV4µÄ´ó¶àÊýÓ¦ÓÃÄÚÈÝͬÑùÒ²¿ÉÒÔÓ¦ÓÃÓÚÆäËûЭÒé¡£³öÓÚ½ÌѧĿµÄ£¬ÎÒÃÇÔÚ¸½Â¼A¸ø³öÁËÒ»¸ö¿ÉÒÔ¹¤×÷µÄÄÚºËÄ£¿é£¬ÊµÏÖ»ù±¾µÄÊý¾Ý°ü¹ýÂ˹¦ÄÜ¡£Õë¶Ô±¾ÎÄÖÐËùÁм¼ÊõµÄËùÓпª·¢ºÍÊÔÑ鶼ÔÚIntel»ú×ÓÉϵÄLinux2.4.5ϵͳÉϽøÐйý¡£¶ÔNetfilte ¹³×ÓÐÐΪµÄ²âÊÔʹÓõÄÊǻػ·É豸(Loopback device),ÒÔÌ«ÍøÉ豸ºÍÒ»¸öµã¶Ôµã½Ó¿ÚµÄµ÷Öƽâµ÷Æ÷¡£
¶ÔNetfilter½øÐÐÍêÈ«Àí½âÊÇÎÒ׫д±¾ÎĵÄÁíÒ»¸ö³õÖÔ¡£ÎÒ²»Äܱ£Ö¤ÕâƪÎÄÕÂËù¸½µÄ´úÂë100%µÄûÓвî´í£¬µ«ÊÇËùÁоٵÄËùÓдúÂëÎÒ¶¼ÊÂÏȲâÊÔ¹ýÁË¡£ÎÒÒѾ­±¥³¢ÁËÄں˴íÎó´øÀ´µÄÄ¥í£¬¶øÄãÈ´²»±ØÔÙ¾­ÊÜÕâЩ¡£Í¬Ñù£¬ÎÒ²»»áΪ°´ÕÕÕâƪÎĵµËù˵µÄÈκζ«Î÷½øÐеÄ×÷ËùËùΪ´øÀ´µÄËðʧ¶ø¸ºÔð¡£ÔĶÁ±¾ÆªÎÄÕµĶÁÕß×îºÃÊìϤC³ÌÐòÉè¼ÆÓïÑÔ£¬²¢ÇÒ¶ÔÄں˿ÉжÔØÄ£¿éÓÐÒ»¶¨µÄ¾­Ñé¡£
Èç¹ûÎÒÔÚÎÄÖз¸ÁËÈκδíÎóµÄ»°£¬Çë¸æÖªÎÒ¡£ÎÒ¶ÔÓÚÄãÃǵĽ¨ÒéºÍÕë¶Ô´ËÎĵĸĽø»òÕßÆäËüµÄNetfilterÓ¦ÓûáÇãÐĽÓÊÜ¡£
1.2 ±¾ÎIJ»»áÉæ¼°µ½µÄ·½Ãæ
±¾ÎIJ¢²»ÊÇNetfilterµÄÍêÈ«¹á´©(»òÕß½ø½ø³ö³öµÄ½²½â)¡£Ò²²»ÊÇiptablesÃüÁîµÄ½éÉÜ¡£Èç¹ûÄãÏë¸üºÃµÄѧϰiptablesµÄÃüÁ¿ÉÒÔÈ¥×ÉѯmanÊֲᡣ
ÈÃÎÒÃÇ´Ó½éÉÜNerfilterµÄʹÓÿªÊ¼°É……….
µÚ¶þÕ  ¸÷ÖÖNetFilter ¹³×Ó¼°ÆäÓ÷¨
2.1 LinuxÄں˶ÔÊý¾Ý°üµÄ´¦Àí
ÎÒ½«¾¡×î´óŬÁ¦