ping回覆標題

Question

我做了一個模塊使用鉤子函數。它的工作，但是當我使用ping google.com.i獲得0045作爲ICMP類型。但我認爲它應該爲0回聲答覆。我曾使用以下打印命令：

unsigned int hook_func(unsigned int hooknum, struct sk_buff *skb1, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *)) 
{ 
struct sk_buff *sock_buff; 
struct iphdr *ip1; 
struct icmphdr *icmp1; 
sock_buff = skb1; 
//printk("ihere we are::%s,%d\n",__func__,__LINE__); 
    ip1 = (struct iphdr *)skb_network_header(sock_buff); 
printk(KERN_ALERT"proto:%d\n",ip1->protocol); 
if(ip1->protocol==1) 
{ 
icmp1 = (struct icmphdr *)skb_transport_header(sock_buff); 
printk(KERN_ALERT"reply type: %04X,,seq : %04X\n",icmp1->type,icmp1->un.echo.id); 
     } 
// kfree(sock_buff); 
return NF_ACCEPT; 

    } 

icmp1-> type is __be16。

Answer 1

更換icmp1 = (struct icmphdr *)skb_transport_header(sock_buff);與

icmp1 = (struct icmphdr *)(skb_transport_header(sock_buff) + ip_hdrlen(sock_buff));

icmpheader->類型是無符號的字符，嘗試

printk(KERN_ALERT"reply type: %u,,seq : %04X\n",icmp1->type,icmp1->un.echo.id);