Linux Kernel Module program to obtain domain name from IP

Tuesday, July 8, 2014

I have a requirement to obtain the domain name from the destination IP from an outgoing packet. I am successful in capturing and obtaining the destination IP packets using the netfolter hook as shown below.

unsigned int hook_func_out(unsigned int hooknum, struct sk_buff * skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff*))

ofs = 20; // Set theoffset to skip over the IP header.

struct iphdr *ip_header = (struct iphdr *)skb_network_header(skb);
struct udphdr *udp_header;
struct tcphdr * tcp_header;

//Ican obtain the destination IP address of the packet
//like this
unsigned int dest_ip = (unsigned int)ip_header->daddr;

//or like this
char pkt_tbuf[16];
snprintf(pkt_tbuf, 16, "%pI4", &ip_header->daddr);

//here I need to obtain the domain name of the obtained destination address

However, I have no idea on how to use that IP to obtain the domain name of the obtained IP.

I tried many sources ( but did find any related information on the subject and will be really grateful if you experts would provide any sample code/ references to perform this task :)

Thank you