Netfilter 截取包的问题

static unsigned int auth_func(unsigned int hook,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
int ret = 0;
struct iphdr *iph = NULL;
struct ethhdr *eth = NULL;
unsigned char smac[ETH_ALEN];

/* wifi authentication switch */
/*
if(!wifi_auth_running)  
    return NF_ACCEPT;
*/

if(!skb)
    return NF_ACCEPT;

iph = ip_hdr(skb);
eth = eth_hdr(skb);

if(!eth || !iph)
    return NF_ACCEPT;

/* check skb length */
if(skb->len <= sizeof(struct ethhdr)+sizeof(struct iphdr))
    return NF_ACCEPT;

/* check ip protocol */
if(skb->protocol != htons(ETH_P_IP))
    return NF_ACCEPT;

/* char ip frag_off */
if((iph->frag_off & htons(0x1FFF)) != 0)
    return NF_ACCEPT;

if (iph->version != 4)
    return NF_ACCEPT;

if(iph->version*iph->ihl < 20)
    return NF_ACCEPT;

if (skb->len < ntohs(iph->tot_len))
    return NF_ACCEPT;

/* check if dip is router's ip */
if (!ip_check(in, iph->daddr))
    return NF_ACCEPT;

memcpy(smac, eth->h_source, ETH_ALEN);  
/* check if mac is auth */
if(mac_check(smac, iph->saddr) > 0)
    return NF_ACCEPT;

switch(iph->protocol) {

    /* process tcp proto */
    case IPPROTO_TCP:
        /* -1 NF_ACCEPT -2 DF_DROP */
        ret = process_tcp(skb, iph, smac);
        if(ret == -1)
            return NF_ACCEPT;
        else {
            /* drop and send rst packet */
            return NF_DROP;
        }
    /* process udp proto */
    case IPPROTO_UDP:
        ret = process_udp(skb, iph);
        if(ret == 1)
            return NF_ACCEPT;
        else 
            return NF_DROP;

    /* process other proto */ 
    default:
        return NF_ACCEPT;
}

return NF_ACCEPT;

}

static struct nf_hook_ops auth_ops =
{
.hook = auth_func,
.pf = PF_INET,
.hooknum = NF_INET_PRE_ROUTING,
.priority = NF_IP_PRI_FIRST,
};

static int __init auth_init(void)
{
if(mac_init() < 0)
return -1;

//auth_netlink_init();
auth_thread_init();
redirect_url_init();

redirect_url_setup("http://auth.ikuailian.com/portal2/portal.html?devMac=00:B0:0C:1B:FB:14&userMac=");
nf_register_hook(&auth_ops);
return 0;

}

static void __exit auth_exit(void)
{
nf_unregister_hook(&auth_ops);
//auth_netlink_exit();
auth_thread_deinit();
mac_deinit();
}

运行到 auth_fun（）函数时 发现抓不到TCP和udp的包 ，并且skb->len=0

http://blog.chinaunix.net/uid-488742-id-2113883.html 希望能帮助你。