我要求从传出数据包中获取目标IP的域名。我使用netfilter挂钩成功捕获并获取目标IP数据包,如下所示。
unsigned int hook_func_out(unsigned int hooknum, struct sk_buff * skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff*))
{
ofs = 20; // Set theoffset to skip over the IP header.
{
struct iphdr *ip_header = (struct iphdr *)skb_network_header(skb);
struct udphdr *udp_header;
struct tcphdr * tcp_header;
//Ican obtain the destination IP address of the packet
//like this
unsigned int dest_ip = (unsigned int)ip_header->daddr;
//or like this
char pkt_tbuf[16];
snprintf(pkt_tbuf, 16, "%pI4", &ip_header->daddr);
//here I need to obtain the domain name of the obtained destination address
}
}
但是,我不知道如何使用该IP获取所获IP的域名。
我尝试了很多来源(https://www.google.com/search?client=ubuntu&channel=fs&q=linux+kernel+programming+domain+name+from+IP+&ie=utf-8&oe=utf-8),但确实找到了有关该主题的任何相关信息,如果您的专家提供任何示例代码/参考来执行此任务,我将非常感激:)
谢谢
答案 0 :(得分:1)
对于内核空间,您可以使用DNS Resolver Module从内核空间查询DNS。
查看文档here
启用并编译模块
The module should be enabled by turning on the kernel configuration options:
CONFIG_DNS_RESOLVER - tristate "DNS Resolver support"
修改/etc/request-key.conf文件,如文档
包括dns_resolver.h
#include <linux/dns_resolver.h>
使用dns_query函数进行查询。使用PTR或CNAME作为类型来执行反向DNS查找
int dns_query(const char *type, const char *name, size_t namelen,
const char *options, char **_result, time_t *_expiry);