去掉r0的hook,增加IP屏蔽记录

2023-11-17 04:06:33 +08:00
parent 49904f5cb5
commit 6bac06d28a
41 changed files with 270150 additions and 48 deletions
--- a/linux_kernel/build.sh
+++ b/linux_kernel/build.sh
@@ -3,7 +3,7 @@

 # 设定变量
 MODULE_NAME=safe_duck.ko
-TARGET_DIR="/run/user/1000/gvfs/smb-share:server=192.168.1.2,share=dev_share/safe_duck.ko"
+TARGET_DIR="/run/user/1000/gvfs/smb-share:server=192.168.1.3,share=dev_share/safe_duck.ko"

 # 编译模块
 if make; then
--- a/linux_kernel/ip_hashmap.c
+++ b/linux_kernel/ip_hashmap.c
@@ -118,8 +118,8 @@ void put_ipdata_by_hashmap(u32 ip_address_key, struct ip_hashmap_info *info) {
 // 通过关键字获取哈希表节点
 struct ip_hashmap_node_t *get_ipdata_by_hashmap(u32 ip_address_key) {
    struct ip_hash_table *table = &g_ip_hashtable;
-    printk(KERN_ERR "ip_address_key %08X table->bucket_num: %d \n",
-           ip_address_key, table->bucket_num);
+    // printk(KERN_ERR "ip_address_key %08X table->bucket_num: %d \n",
+    //        ip_address_key, table->bucket_num);
    spin_lock(&table->lock);

    // int idx = hash_32(ip_address_key, table->bucket_num);
--- a/linux_kernel/main.c
+++ b/linux_kernel/main.c
@@ -110,20 +110,23 @@ int cleanup(void) {
    }
    destory_dev();
    cleanup_msg();
-    uninstall_hooks();
+    // uninstall_hooks();
    return -1;
 }

 static int __init driver_entry(void) {
    printk(KERN_WARNING "[DebugMessage] safe duck init\n");
-    if (init_kallsyms_lookup_name() == false) {
-        printk(KERN_ERR "Failed to init kallsyms_lookup_name\n");
-        return -1;
-    }
-    if (init_hooks() == false) {
-        printk(KERN_ERR "Failed to init kallsyms_lookup_name\n");
-        return -1;
-    }
+    /*
+   if (init_kallsyms_lookup_name() == false) {
+       printk(KERN_ERR "Failed to init kallsyms_lookup_name\n");
+       return -1;
+   }
+
+   if (init_hooks() == false) {
+       printk(KERN_ERR "Failed to init kallsyms_lookup_name\n");
+       return -1;
+   }
+   */
    // Initialize list of addresses
    if (build_dev() == false) {
        printk(KERN_ERR "Failed to build device\n");
--- a/linux_kernel/network.c
+++ b/linux_kernel/network.c
@@ -121,6 +121,10 @@ bool check_ssh_brute_force_attack(struct iphdr *ip_header,
 bool check_in_packet(struct iphdr *ip_header, struct sk_buff *skb) {
    bool is_block = false;
    do {
+        // 127.0.0.1
+        if (ip_header->saddr == 0 || ip_header->saddr == 0x0100007F) {
+            break;
+        }
        if (check_is_blacklist_ip(ip_header->saddr)) {
            is_block = true;
            printk(KERN_ERR "Block ip address: %pI4\n", &ip_header->saddr);