Linux netfilterÔ´Âë·ÖÎö(2)
תÌù×Ôhttp://alexanderlaw.blog.hexun.com/8968771_d.html
¶þ¡¢ipt_tableÊý¾Ý½á¹¹ºÍ±íµÄ³õʼ»¯
2.1 include/linux/netfilter_ipv4/ip_tables.h struct ipt_table ±í½á¹¹
struct ipt_table
{
struct list_head list;
/* ±íÁ´ */
char name[IPT_TABLE_MAXNAMELEN];
/* ±íÃû£¬Èç"filter"¡¢"nat"µÈ£¬ÎªÁËÂú×ã×Ô¶¯Ä£¿é¼ÓÔصÄÉè¼Æ£¬°üº¬¸Ã±íµÄÄ£¿éÓ¦ÃüÃûΪiptable_'name'.o */
struct ipt_replace *table;
/* ±íÄ£×Ó£¬³õʼΪinitial_table.repl */
unsigned int valid_hooks;
/* λÏòÁ¿£¬±êʾ±¾±íËùÓ°ÏìµÄHOOK */
rwlock_t lock;
/* ¶ÁдËø£¬³õʼΪ´ò¿ª×´Ì¬ */
struct ipt_table_info *private;
/* iptableµÄÊý¾ÝÇø£¬¼ûÏ */
struct module *me;
/* ÊÇ·ñÔÚÄ£¿éÖж¨Òå */
};
2.2 struct ipt_table_infoÊÇʵ¼ÊÃèÊö±íµÄÊý¾Ý½á¹¹ ip_tables.c
struct ipt_table_info
{
unsigned int size;
/* ±í´óС */
unsigned int number;
/* ±íÖеĹæÔòÊý */
unsigned int initial_entries;
/* ³õʼµÄ¹æÔòÊý£¬ÓÃÓÚÄ£¿é¼ÆÊý */
unsigned int hook_entry[NF_IP_NUMHOOKS];
/* ¼Ç¼ËùÓ°ÏìµÄHOOKµÄ¹æÔòÈë¿ÚÏà¶ÔÓÚÏÂÃæµÄentries±äÁ¿µÄÆ«ÒÆÁ¿ */
unsigned int underflow[NF_IP_NUMHOOKS];
/* Óëhook_entryÏà¶ÔÓ¦µÄ¹æÔò±íÉÏÏÞÆ«ÒÆÁ¿£¬µ±ÎÞ¹æÔò¼Èëʱ£¬ÏàÓ¦µÄhook_entryºÍunderflow¾ùΪ0 */
char entries[0] ____cacheline_aligned;
/* ¹æÔò±íÈë¿Ú */
};
2.3 include/linux/netfilter_ipv4 ¹æÔòÓÃstruct ipt_entry½á¹¹±íʾ£¬°üº¬Æ¥ÅäÓõÄIPÍ·²¿·Ö¡¢Ò»¸öTargetºÍ0¸ö»ò¶à¸öMatch¡£ÓÉÓÚMatchÊý²»¶¨£¬ËùÒÔÒ»Ìõ¹æÔòʵ¼ÊµÄÕ¼ÓÿռäÊǿɱäµÄ¡£½á¹¹¶¨ÒåÈçÏÂ
struct ipt_entry
{
struct ipt_ip ip;
/* ËùҪƥÅäµÄ±¨ÎĵÄIPÍ·ÐÅÏ¢ */
unsigned int nfcache;
/* λÏòÁ¿£¬±êʾ±¾¹æÔò¹ØÐı¨ÎĵÄʲô²¿·Ö£¬ÔÝδʹÓà */
u_int16_t target_offset;
/* targetÇøµÄÆ«ÒÆ£¬Í¨³£targetÇøλÓÚmatchÇøÖ®ºó£¬¶ømatchÇøÔòÔÚipt_entryµÄĩβ£»
³õʼ»¯Îªsizeof(struct ipt_entry)£¬¼´¼Ù¶¨Ã»ÓÐmatch */
u_int16_t next_offset;
/* ÏÂÒ»Ìõ¹æÔòÏà¶ÔÓÚ±¾¹æÔòµÄÆ«ÒÆ£¬Ò²¼´±¾¹æÔòËùÓÿռäµÄ×ܺͣ¬
³õʼ»¯Îªsizeof(struct ipt_entry)+sizeof(struct ipt_target)£¬¼´Ã»ÓÐmatch */
unsigned int comefrom;
/* ¹æÔò·µ»Øµã£¬±ê¼Çµ÷Óñ¾¹æÔòµÄHOOKºÅ£¬¿ÉÓÃÓÚ¼ì²é¹æÔòµÄ
Ïà¹ØÎĵµ£º
£¨L2CAPÐÒé¼ò½é£¬L2CAPÔÚBlueZÖеÄʵÏÖÒÔ¼°L2CAP±à³Ì½Ó¿Ú£©
Ò»£ºL2CAPÐÒé¼ò½é£º
Logical Link Control and Adaptation Protocol(L2CAP)
Âß¼Á¬½Ó¿ØÖƺÍÊÊÅäÐÒé (L2CAP) ΪÉϲãÐÒéÌṩÃæÏòÁ¬½ÓºÍÎÞÁ¬½ÓµÄÊý¾Ý·þÎñ£¬²¢Ìṩ¶àÐÒ鹦ÄܺͷָîÖØ×é²Ù×÷¡£L2CAP ³äÐíÉϲãÐÒéºÍÓ¦ÓÃÈí¼þ´«ÊäºÍ½ÓÊÕ×î´ó³¤¶ÈΪ 64K µÄ L2CAP Ê ......
ÀýÒ»£º·¢ËÍSignaling Packet£º
Signaling CommandÊÇ2¸öBluetoothʵÌåÖ®¼äµÄL2CAP²ãÃüÁî´«Êä¡£ËùÒÔµÃSignaling CommandʹÓÃCID 0x0001.
¶à¸öCommand¿ÉÒÔÔÚÒ»¸öC-frame£¨control frame£©Öз¢ËÍ¡£
Èç¹ûÒªÖ±½Ó·¢ËÍSignaling Command.ÐèÒª½¨Á¢SOCK_RAWÀàÐ͵ÄL2CAPÁ¬½ÓSocket¡£ÕâÑù²ÅÓлú»á×Ô¼ºÌî³äCommand Code£¬Identi ......
1.¿ÉÖ´ÐгÌÐò
os.system('pgrep %s > %s' % (process, output))
pidfile = open("output", 'r')
totalpid = len(pidfile.readlines())
pidfile.close()
if totalpid == 0 :
&nbs ......
תÌù×Ô:http://alexanderlaw.blog.hexun.com/8960896_d.html
Linux netfilterÔ´Âë·ÖÎö(1)
ÄÚÈÝ»ù±¾ÉÏÀ´×ÔÁ½ÆªÎÄÕÂ:
¡¶NetfilterÔ´Âë·ÖÎö¡·—£¨¶À¹Â¾Å¼úhttp://www.skynet.org.cn/index.php£©
¡¶Linux NetfilterʵÏÖ»úÖƺÍÀ©Õ¹¼¼Êõ¡·——£¨ÑîɳÖÞ ¹ú·À¿Æ¼¼´óѧ¼ÆËã»úѧԺ£©
Ò»¡¢ IP±¨ÎÄµÄ½Ó ......
