Linux netfilterÔ´Âë·ÖÎö(6)
תÌù×Ô£ºhttp://alexanderlaw.blog.hexun.com/8968944_d.html
Áù¡¢ À©Õ¹µÄmatch
6.1 do_matchº¯Êý ip_tables.c
do_matchͨ¹ýIPT_MATCH_ITERATEºêÀ´µ÷ÓÃ,
IPT_MATCH_ITERATEÊÇÔÚipt_do_tableº¯ÊýÖе÷Óõĺê
IPT_MATCH_ITERATE(e, do_match,
*pskb, in, out,
offset, &hotdrop)
¶¨ÒåÈçÏ£º
#define IPT_MATCH_ITERATE(e, fn, args...) \
({ \
unsigned int __i; \
int __ret = 0; \
struct ipt_entry_match *__match; \
\
for (__i = sizeof(struct ipt_entry); \
__i < (e)->target_offset; \
__i += __match->u.match_size) { \
__match = (void *)(e) + __i; \
&
Ïà¹ØÎĵµ£º
¡¡¡¡¡¡¡¡¡¡Ð´¸øLinuxÄÚºËÐÂÊÖ-¹ØÓÚLinuxÄÚºËѧϰµÄÎóÇø
-----¸Ð¾õÕâƪÎÄÕ²»´í£¬Óзdz£¶à½è¼øµÄµØ·½,soתÔعýÀ´ÁË
¡¡¡¡ÏÈ˵¾äÕý¾µÄ£ºÆäʵÎÒû×ʸñдÕâƪÎÄÕ£¬ÒòΪ×Ô¼ºÒ²¾ÍÒ»Á½¸öÔÂÒÔÀ´²Å¿ªÊ¼ÓÐËùÁìÎòµÄ¡£Òò´Ë£¬ÕâÀïºÍÆä˵ÊǹØÓÚLinuxÄÚºËѧϰµÄ¾Ñ飬²»Èç˵ÊÇ×Ô¼ºµÄ½Ìѵ°É£¬Ï£Íû²»ÒªÈÓ¼¦µ°ÔÒÎÒ^_^
¡¡¡¡¡¡³£³£ÓÐÈËÎÊ£ºÎ ......
ÄÚÈÝÌáÒª
¡¡¡¡±¾ÎÄÒÔRedHat9.0ºÍi386ƽ̨ΪÀý£¬ÆÊÎöÁË´ÓÓû§´ò¿ªµçÔ´Ö±µ½ÆÁÄ»³öÏÖÃüÁîÐÐÌáʾ·ûµÄÕû¸öLinuxÆô¶¯¹ý³Ì¡£²¢ÇÒ½éÉÜÁËÆô¶¯ÖÐÉæ¼°µ½µÄ¸÷ÖÖÎļþ¡£
¡¡¡¡ÔĶÁLinuxÔ´´úÂ룬ÎÞÒÉÊÇÉîÈëѧϰLinuxµÄ×îºÃ·½·¨¡£ÔÚ±¾ÎĶÔLinuxÆô¶¯¹ý³ÌµÄ½éÉÜÖУ¬ÎÒÃÇÒ²³¢ÊÔ´ÓÔ´´úÂëµÄÊÓ½ÇÀ´¸üÉîÈëµÄÆÊÎöLinuxµÄÆô¶¯¹ý³Ì£¬ËùÒÔÆäÖÐÒ²¼òµ¥Éæ ......
תÔØ×Ôhttp://www.examda.com/linux/fudao/20070919/112113103.html
ѧϰӦ¸ÃÊÇÒ»¸öÏÈ°ÑÎÊÌâ¼òµ¥»¯£¬ÔÚ°ÑÎÊÌ⸴ÔÓ»¯µÄ¹ý³Ì¡£Ò»¿ªÊ¼¾Í×ÅÊÖ´¦Àí¸´ÔÓµÄÎÊÌ⣬ÄÑÃâÈà ÈËÓÐÐľªµ¨²ü£¬×½½ó¼ûÖâµÄ¸Ð¾õ¡£¶ÁLinuxÍø¿¨Çý¶¯Ò²ÊÇÒ»Ñù¡£Ädz¤³¤µÄÔ´Âë¼ÐÔÓ×ÅÄÇЩÎÒÃÇÄ°ÉúµÄ±äÁ¿ºÍ·ûºÅ£¬Íû¶øÉúη±ãÊ ......
Îå¡¢ ipt_do_table()º¯Êý£¬Êý¾Ý°üµÄ¹ýÂË
5.1 ipt_entry Ïà¹Ø½á¹¹ ip_tables.h
ipt_entry½á¹¹Ç°ÃæÓйýÁË£¬ÔÙ¿´Ò»±é
struct ipt_entry
{
struct ipt_ip ip;
/* ËùҪƥÅäµÄ±¨ÎĵÄIPÍ·ÐÅÏ¢ */
unsigned int nfcache;
/* λÏòÁ¿£¬±êʾ±¾¹æÔò¹ØÐÄ ......
