All geek questions in one place

Nfhook (netfilter) error: assignment from incompatible pointer type

I saw this page with a similar error message: Nf_hook_ops returns an incompatible pointer when assigning hook_func -C -Linux -Netfilter

However, he did not give a clear answer to the question of how to solve the problem. The author of this question says that he found that his netfilter.h is in a different place, which caused problems, but for me I found out that all four files are included in the correct directory (usr / src / linux-headers-4.8. 0-22 -generic / include / linux in my case).

Below is my code that should help clarify better.

#include <linux/kernel.h> #include <linux/module.h> #include <linux/netfilter.h> #include <linux/netfilter_ipv4.h> static struct nf_hook_ops nfho; unsigned int hook_func_incoming(unsigned int hooknum, struct sk_buff *sskb, const struct net_device *in, const struct net_device *out, int (*okfn) (struct sk_buff *)){ return NF_DROP; } int init_module(){ nfho.hook = hook_func_incoming; nfho.hooknum = NF_INET_PRE_ROUTING; nfho.pf = PF_INET; nfho.priority = NF_IP_PRI_FIRST; nf_register_hook(&nfho); printk(KERN_INFO "SIMPLE FIREWALL LOADED\n"); return 0; }

The exact error message is:

error: assignment from an incompatible pointer type [-Werror = incompatible-pointer types] nfho.hook = hook_func_incoming; ^ cc1: some warnings are treated as errors

Please let me know what I have to do to compile my netfilter, any help would be appreciated!

+5
source share
2 answers

In the latest (released) netfilter (IMHO) version , nf_hookfn (base type nf_hook_ops.hook ) is defined as follows:

 typedef unsigned int nf_hookfn(void *priv, struct sk_buff *skb, const struct nf_hook_state *state);

Your hook_func_incoming function hook_func_incoming not match this signature, you must accept it.

+3
source

The third parameter is the data structure. In the new definition of the hook function, they wanted to combine the old parameters into a single data structure. So, if you need a device, you can get it from this status parameter.

 struct nf_hook_state { unsigned int hook; int thresh; u_int8_t pf; struct net_device *in; struct net_device *out; struct sock *sk; struct net *net; struct nf_hook_entry __rcu *hook_entries; int (*okfn)(struct net *, struct sock *, struct sk_buff *); };

priv is a field inside the nf_hook_ops structure. You can set it to any value in your own module and access it in your hook function.

 struct nf_hook_ops { struct list_head list; /* User fills in from here down. */ nf_hookfn *hook; struct net_device *dev; void *priv; u_int8_t pf; unsigned int hooknum; /* Hooks are ordered in ascending priority. */ int priority; };
0
source

Source: https://habr.com/ru/post/1268155/

More articles:


All Articles