Skip to content

xingnanxia/Netfilter_Kernel_Module

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
Demo
Demo
 
 
PreviousStuff
PreviousStuff
 
 
README.md
README.md
 
 

Repository files navigation

Notes that this repository stores the final version in the Demo folder.
All the previous intermediate files are stored in another repository: https://github.com/xingnanxia/ArdisNatalie_Project4.git

Netfilter Kernel Module

Introduction

This is a Linux Netfilter Kernel Module developed by Xingnan Xia (https://github.com/xingnanxia) and Ardis Choi (https://github.com/choiy5). It uses three /proc files for users to communicate with the kernel:
/proc/blockAll enables the user to block all incoming and outgoing traffic.
/proc/incoming enables the user to enter the source address for the incoming traffic to block.
/proc/outgoing enables the user to enter the destination address for the outgoing traffic to block.

This module is maded and compiled in Linux 4.4.0-21-generic and Linux 4.4.0-45-generic.

Usage

Inorder to test this kernel module, please download the Demo folder, cd to the Demo folder and enter the following into the command line:

####Building the Module:
make

####Loading the Module to the Kernel:
sudo insmod Final03.ko

####Module Usage #1: Blocking & Unblocking all Incoming & Outgoing Traffic
sudo echo "anything" >> /proc/blockAll
(the initial input, which has length greater than 0, will cause the module to block all incoming traffic. to unblock, type the above command again.)

####Module Usage #2: Blocking all Incoming Traffic with specified source IP addresses
sudo echo "some IP address" >> /proc/incoming
up to MAX_MSG IP addresses can be added to the list of source IP addresses to filter
address need to be entered into the proc file one by one
address need to be in IP format, human-readable address such as 'www.google.com' is not supported.
unblocking a source IP address is not enabled

Example: sudo echo "128.119.8.148" >> /proc/incoming
(MAX_MSG is currently set to 50. In line 28: #define MAX_MSG 50, you can change 50 to any positive number)

####Module Usage #3: Blocking all Outgoing Traffic with specified destination IP addresses
sudo echo "some IP address" >> /proc/outgoing
up to MAX_MSG IP addresses can be added to the list of destination IP addresses to filter
address need to be entered into the proc file one by one
address need to be in IP format, human-readable address such as 'www.google.com' is not supported.
unblocking a destination IP address is not enabled

Example: sudo echo "128.119.8.148" >> /proc/outgoing
(MAX_MSG is currently set to 50. In line 28: #define MAX_MSG 50, you can change 50 to any positive number)

####Injecting the Module from the Kernel:
sudo rmmod Final03

####Looking at the log file:
dmesg or dmesg | tail

####Test and Output:
See Test Cases.md in the Demo folder

Acknowledgement

We are inspired by the examples in http://www.paulkiddie.com/2009/10/creating-a-simple-hello-world-netfilter-module/ and http://www.paulkiddie.com/2009/11/creating-a-netfilter-kernel-module-which-filters-udp-packets/.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages