lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20080829102813.GK7908@solarflare.com>
Date:	Fri, 29 Aug 2008 11:28:14 +0100
From:	Ben Hutchings <bhutchings@...arflare.com>
To:	James King <t.james.king@...il.com>
Cc:	Thiago Lacerda <thiagotbl@...il.com>,
	Tobias Koeck <tobias.koeck@...il.com>, netdev@...r.kernel.org
Subject: Re: Questions about Linux kernel network programming

James King wrote:
> On Thu, Aug 28, 2008 at 10:02 AM, Ben Hutchings
> <bhutchings@...arflare.com> wrote:
> > Thiago Lacerda wrote:
> >> BTW, anyone knows the right way of get a tcp port number in human readable form?
> >> I'm doing like this:
> >>
> >> struct tcphdr* tcp = tcp_hdr(my_sk_buff)
> >>
> >> unsigned short src_port = ntohs(tcp->source)
> >>
> >> And it isn't working, the numbers that I get are not right.
> >
> > Until the packet has gone through the network protocol handler (IP), the
> > transport header pointer will not be set correctly and tcp_hdr() will return
> > a pointer to the start of the packet.
> 
> Thanks for the explanation Ben, I was having the same problem with a
> toy netfilter module hooked in prerouting a while ago and never
> bothered to find out why.  Thiago, here's how I got it working:
> 
> struct tcphdr *th = NULL, _tcph;
> struct iphdr *iph = ip_hdr(skb);
> if (iph && iph->protocol == IPPROTO_TCP)
> th = (struct tcphdr *)(skb->data + (iph->ihl * 4));
> 
> Alternatively, I think this will work too:
> th = skb_header_pointer(skb, (iph->ihl * 4), sizeof(_tcph), &_tcph);

What makes you think ihl is valid?

Please read <http://www.cpni.gov.uk/Docs/InternetProtocol.pdf> before
trying to parse untrusted packets.

Ben.

-- 
Ben Hutchings, Senior Software Engineer, Solarflare Communications
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ