Linux Kernel Module program to obtain domain name from IP

shhuiw shhuiw at 163.com
Tue Jul 8 08:19:09 EDT 2014


DNS loopkup should use UDP packet, and you have to construct UDP request
based on your captured IP addresses in your module.
And you have to use DNS server fallback lists and time-out control if some DNS
server cannot work well.



--

Regards,
shhuiw




At 2014-07-08 08:01:02, "Sudip Mukherjee" <sudipm.mukherjee at gmail.com> wrote:
>On Tue, Jul 8, 2014 at 4:52 PM, shhuiw <shhuiw at 163.com> wrote:
>> Hi,
>>
>> I think you need refer to some open source DNS client utilities, e.g
>> http://en.wikipedia.org/wiki/Nslookup.
>>
>> - shhuiw
>
>just have a look at the source code of nslookup command ... it does
>the same thing as what u want ...
>
>but in many cases it will not work , as many domain names have shared
>ip address .
>
>
>>
>>
>> At 2014-07-08 06:26:23, "Hettiarachchige Hasitha Shan" <hh_shan at live.com>
>> wrote:
>>
>> I have a requirement to obtain the domain name from the destination IP from
>> an outgoing packet. I am successful in capturing and obtaining the
>> destination IP  packets using the `netfilter` hook as shown below.
>>
>>     unsigned int hook_func_out(unsigned int hooknum, struct sk_buff * skb,
>> const struct net_device *in, const struct net_device *out, int
>> (*okfn)(struct sk_buff*))
>>     {
>>
>>         ofs = 20;    // Set theoffset to skip over the IP header.
>>
>>         {
>>                 struct iphdr *ip_header = (struct iphdr
>> *)skb_network_header(skb);
>>                 struct udphdr *udp_header;
>>                 struct tcphdr * tcp_header;
>>
>>             //Ican obtain the destination IP address of the packet
>>             //like this
>>             unsigned int dest_ip = (unsigned int)ip_header->daddr;
>>
>>             //or like this
>>             char pkt_tbuf[16];
>>             snprintf(pkt_tbuf, 16, "%pI4", &ip_header->daddr);
>>
>>             //here I need to obtain the domain name of the obtained
>> destination address
>>         }
>>     }
>>
>> However, I have no idea on how to use that IP to obtain the domain name of
>> the obtained IP.
>>
>> I tried many sources
>> (https://www.google.com/search?client=ubuntu&channel=fs&q=linux+kernel+programming+domain+name+from+IP+&ie=utf-8&oe=utf-8)
>> but did find any related information on the subject and will be really
>> grateful if you experts would provide any sample code/ references to perform
>> this task :)
>>
>> Thank you very much :)
>>
>>
>>
>>
>> _______________________________________________
>> Kernelnewbies mailing list
>> Kernelnewbies at kernelnewbies.org
>> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>>
>
>_______________________________________________
>Kernelnewbies mailing list
>Kernelnewbies at kernelnewbies.org
>http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20140708/ea73b6a6/attachment.html 


More information about the Kernelnewbies mailing list