void blockTCP(void *priv, struct sk_buff *skb,
const struct nf_hook_state *state)
{ struct iphdr *iph; struct tcphdr *tcph;
u16 port = 80; char ip[16] = “192.168.1.1”; u32 ip_addr;
if (!skb) return NF_ACCEPT;
iph = ip_hdr(skb); // Convert the IPv4 address from dotted decimal to 32-bit binary in4_pton(ip, -1, (u8 *)&ip_addr, ‘\0’, NULL);
if (iph->protocol == IPPROTO_TCP) {
tcph = tcp_hdr(skb);
if (iph->daddr == ip_addr && ntohs(tcph->dest) == port){
printk(KERN_WARNING "*** Dropping %pI4 (TCP), port %d\n", &(iph->daddr), port);
return NF_DROP;
}
}
return NF_ACCEPT;
}
