Hi all, i'm a newbie of this list
i'm studying linux kernel 2.6.26.7 sourcecode for my thesis because
i've to create a kernel module that reads and writes tcp/ip packets;
for example i've to read infos from tcp and ip header and then route
to destination through an interface that i want from those that i've
installed on my pc (wireless, ethernet...) .
my work is similar to some phrack article [1]-[2] but that are for
very old kernels (2.2 or 2.4 series) so i can't use them at all.
i've found more recent document [3] that uses 2.6.22.5 kernel source
but the same functions now request another parameter that is a "struct
net * " .

i've done a simple test module that drop all packets incoming by
setting
pre_hook.hook = watch_in; // this function
will
//return NF_DROP
pre_hook.pf = PF_INET;
pre_hook.priority = NF_IP_PRI_FIRST;
pre_hook.hooknum = NF_INET_PRE_ROUTING;
but i can't make an ip address filter dropping.

now, my questions are:
- in [2] there is "dev_get" function that return a struct device from
a char* , in newer kernels i've found "dev_get_by_name" but that
function wants a "struct net *": it has to be a newly defined struct
or i've to to get existent one? if i've to to get existent one, how
can i do that ?
same question about "struct net *" for "for_each_netdev" function used
in [3]

- to use "for_each_netdev" as told above, i can't use *dev_net
function, defined in netdevice.h, to find a "struct net" from "struct
net_device" because it wants a *net_device (i'm inside a loop!).

- how can i read information in received packet ?
for example, to read the source ip address of a received packet, i've
to do only "ip_hdr(skb)->saddr" ?
can i print it on /var/log/messages ?

- if i want to write in the same field of outgoing packet can i use
"ip_hdr(skb)->saddr" again or there is a defined function to do this ?


[1] "building inte the linux kernel network driver"
[2] "hacking the linux kernel network stack"
[3] http://www.cs.usfca.edu/~cruse/cs686/netdevs.c


Thank you for your answers!