Hi all,
I have a AIX kernel STREAMS question need your help,
I need to implement a firewall on AIX and get packet raw data then decide pass or drop it,
I've seen similiar firewall code on HP-UX,
on HP-UX, you have to implement a "dlpi STREAMS driver", and specify it as a "dlpi" driver in metadata,
then you can get the packet in your STREAMS driver's read and write callback function just like below sample driver.
I found following sample code in IBM site,
#include <errno.h>
#include <sys/stream.h>
static int passclose(), passopen
(), passrput(), passwput();
static struct module_info minfo = { 0, "pass", 0, INFPSZ, 2048, 128 };
static struct qinit rinit = { passrput, 0, passopen, passclose, 0, &minfo };
static struct qinit winit = { passwput, 0, 0, 0, 0, &minfo };
struct streamtab passinfo = { &rinit, &winit };
static int
passclose (queue_t *q)
{
return 0;
}
static int
passopen (queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
{
return 0;
}
static int
passrput (queue_t *q, mblk_t *mp)
{
putnext(q, mp);
return 0;
}
static int
passwput (queue_t *q, mblk_t *mp)
{
putnext(q, mp);
return 0;
}
But I have two question
(1) I don't know how to register this sample driver as a dlpi driver on AIX,
Do I have to specify something in struct module_info? But seems there's no module_info declaration on website, where can I get it?
or do I need specify something when call strload?
(2) Writing a dlpi STREAS driver to hook network packet on AIX is a feasible way as a firewall?
Thanks a lot for your information.
Ryan