#include <linux/module.h>  
#include <linux/kernel.h>  
#include <linux/init.h>  
#include <linux/types.h>  
#include <linux/netdevice.h>  
#include <linux/skbuff.h>  
#include <linux/netfilter_ipv4.h>  
#include <linux/inet.h>  
#include <linux/in.h>  
#include <linux/ip.h>
//  hook函数
static unsigned int hook_func(unsigned int hooknum, struct sk_buff * skb, const struct net_device *in, 
    const struct net_device *out, int (*okfn) (struct sk_buff *))  
{
  unsigned int ret = NF_ACCEPT;
  if(!skb)
  {
    printk(KERN_ALERT "hook_func null skb.\n");
    goto err_null_skb;
  }
  printk(KERN_ALERT "hook_func get a skb.\n");
  return ret;
err_null_skb:
  return ret;
}  

struct nf_hook_ops hook_ops = {  
  .list =  {NULL,NULL},
  .hook = hook_func,
  //hook的协议族
  .pf = PF_INET,
  //接收到的包，路由之前的hook点  
  .hooknum = NF_INET_PRE_ROUTING,  
  .priority = NF_IP_PRI_FILTER
 };  
  
static int __init hook_init(void) 
{
  nf_register_hook(&hook_ops);  
  return 0;  
}  
  
static void __exit hook_exit(void) 
{  
  nf_unregister_hook(&hook_ops); 
}  
 
 MODULE_LICENSE("GPL");  
 module_init(hook_init);  
 module_exit(hook_exit);  

Linux驱动4_NETFILTER