exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

mod_icmp.c

mod_icmp.c
Posted Nov 21, 2003
Authored by fryxar | Site geocities.com

This linux kernel module acts like an icmp proxy for echo/echo-reply packets at kernel level, preventing icmp tunnels through firewalls or directly to the server it is installed on.

tags | kernel
systems | linux
SHA-256 | 9fad32f633cbf5845c1c9aa19434551345fd747ac16e91b836ef8dfa81ef6435

mod_icmp.c

Change Mirror Download
/*
* mod_icmp module kernel
* by: Fryxar
* e-mail: fryxar@yahoo.com.ar
*
* This module acts like an icmp proxy for echo/echo-reply packets at kernel level,
* preventing icmp tunnels through firewalls or directly connections to a server.
*
* WARNNING:
* It doesn't support fragmented packet (at time...)
*
* Why do not use an userland icmp proxy?
* 1. You must disable icmp kernel handler to use it, so you need to patch the kernel anyway.
* 2. You don't need to modify ipchains and iptables politics
*
* TODO:
* Support fragmented packets
* Support another icmp messages
* Replace TRANSFORM algorithm
* Any other suggest?
*
* COMPILE & RUN:
* gcc -DMODULE -D__KERNEL__ -O -Wall -c mod_icmp.c -I/usr/src/linux/include
* insmod mod_icmp.o
*
*/

#include <linux/config.h>
#include <linux/version.h>
#include <linux/module.h>

#include <linux/skbuff.h>
#include <linux/in.h>
#include <linux/ip.h>
#include <linux/icmp.h>
#include <linux/netdevice.h>
#include <linux/kernel.h>
#include <linux/if_ether.h>
#include <linux/time.h>

#define IP_MF 0x2000
#define IP_OFFMASK 0x1fff
//#define TRANSFORM(x) (~x) // Trivial transform
#define TRANSFORM(x,b) (x^b) // Yet another trivial transform :-)

struct packet_type icmp_proto;
unsigned char seed;

unsigned short icmp_cksum(unsigned short *ptr,int nbytes)
{
register long sum;
unsigned short oddbyte;
register unsigned short anwser;

sum = 0;
while(nbytes>1)
{
sum += *ptr++;
nbytes -= 2;
}
if(nbytes==1)
{
oddbyte = 0;
*((unsigned char *) & oddbyte) = *(unsigned char *)ptr;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
anwser = ~sum;

return(anwser);
}

/* Packet Handler Function */
int icmp_func(struct sk_buff *skb, struct device *dev, struct packet_type *pt) {
int i;

if(htons(skb->mac.ethernet->h_proto) != ETH_P_IP) goto bye;

skb->h.raw = skb->nh.raw + skb->nh.iph->ihl*4;

// Fragmented packet not supported
if(htons(skb->nh.iph->frag_off)&(IP_OFFMASK|IP_MF)) goto bye;

if(skb->nh.iph->protocol != IPPROTO_ICMP) goto bye;

if(skb->h.icmph->type != ICMP_ECHO &&
skb->h.icmph->type != ICMP_ECHOREPLY) goto bye;

// Process icmp packet
skb->len = htons(skb->nh.iph->tot_len) -
sizeof(struct iphdr) - sizeof(struct icmphdr);

skb->data = (skb->h.raw) + sizeof(struct icmphdr);

for(i = 0; i < skb->len; i++)
skb->data[i] = TRANSFORM(skb->data[i], seed);

// Calculate checksums again
skb->h.icmph->checksum = 0;
skb->h.icmph->checksum = icmp_cksum(skb->h.raw, skb->len
+ sizeof(struct icmphdr));

bye:
kfree_skb(skb);

return 0;
}

int init_module(void) {

seed = (unsigned char)get_cmos_time();
icmp_proto.dev = NULL;
icmp_proto.type = htons(ETH_P_ALL);
icmp_proto.func = icmp_func;

dev_add_pack(&icmp_proto);

return(0);
}

void cleanup_module(void) {
dev_remove_pack(&icmp_proto);
}
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close