aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Style cleanups for resets.

Browse Source
remotes/origin/master-1.0.x
Victor Julien 17 years ago
parent 45f83f7636
commit 3446566e44
2 changed files with 88 additions and 71 deletions
Show Stats Download Patch File Download Diff File

69
src/respond-reject-libnet11.c
Unescape Escape View File

@ -1,5 +1,9 @@
/* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */
/* Authors: William Metcalf and Victor Julien
*
*/
/* RespondRejectLibnet11 used to send out libnet based
* TCP resets and ICMP unreachables.
*/
@ -36,7 +40,7 @@ typedef struct _Libnet11Packet
u_int16_t sp, dp;
} Libnet11Packet;
int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir){
int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir) {
Libnet11Packet lpacket;
@ -67,7 +71,7 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir){
/* save payload len */
lpacket.dsize = p->tcp_payload_len;
if(dir == REJECT_DIR_SRC){
if (dir == REJECT_DIR_SRC) {
printf ("sending a tcp reset to src\n");
lpacket.seq = TCP_GET_ACK(p);
lpacket.ack = TCP_GET_SEQ(p) + lpacket.dsize;
@ -78,7 +82,7 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir){
lpacket.src4 = GET_IPV4_DST_ADDR_U32(p);
lpacket.dst4 = GET_IPV4_SRC_ADDR_U32(p);
}
else if(dir == REJECT_DIR_DST){
else if (dir == REJECT_DIR_DST) {
printf ("sending a tcp reset to dst\n");
lpacket.seq = TCP_GET_SEQ(p);
lpacket.ack = TCP_GET_ACK(p);
@ -90,8 +94,8 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir){
lpacket.dst4 = GET_IPV4_DST_ADDR_U32(p);
} else {
printf ("reset not src or dst returning\n");
return 1;
printf ("reset not src or dst returning\n");
return 1;
}
lpacket.window = TCP_GET_WINDOW(p);
@ -101,38 +105,38 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir){
lpacket.ttl = 64;
/* build the package */
if ((t = libnet_build_tcp (lpacket.sp, /* source port */
lpacket.dp, /* dst port */
lpacket.seq, /* seq number */
lpacket.ack, /* ack number */
TH_RST|TH_ACK, /* flags */
lpacket.window, /* window size */
0, /* checksum */
0, /* urgent flag */
LIBNET_TCP_H, /* header length */
NULL, /* payload */
0, /* payload length */
c, /* libnet context */
0)) < 0) /* libnet ptag */
if ((t = libnet_build_tcp (lpacket.sp, /* source port */
lpacket.dp, /* dst port */
lpacket.seq, /* seq number */
lpacket.ack, /* ack number */
TH_RST|TH_ACK, /* flags */
lpacket.window, /* window size */
0, /* checksum */
0, /* urgent flag */
LIBNET_TCP_H, /* header length */
NULL, /* payload */
0, /* payload length */
c, /* libnet context */
0)) < 0) /* libnet ptag */
{
printf("RejectSendLibnet11IPv4TCP libnet_build_tcp %s\n", libnet_geterror(c));
goto cleanup;
}
if((t = libnet_build_ipv4(
LIBNET_TCP_H + LIBNET_IPV4_H, /* entire packet length */
0, /* tos */
lpacket.id, /* ID */
0, /* fragmentation flags and offset */
lpacket.ttl, /* TTL */
IPPROTO_TCP, /* protocol */
0, /* checksum */
LIBNET_TCP_H + LIBNET_IPV4_H, /* entire packet length */
0, /* tos */
lpacket.id, /* ID */
0, /* fragmentation flags and offset */
lpacket.ttl, /* TTL */
IPPROTO_TCP, /* protocol */
0, /* checksum */
lpacket.src4, /* source address */
lpacket.dst4, /* destination address */
NULL, /* pointer to packet data (or NULL) */
0, /* payload length */
c, /* libnet context pointer */
0)) < 0) /* packet id */
NULL, /* pointer to packet data (or NULL) */
0, /* payload length */
c, /* libnet context pointer */
0)) < 0) /* packet id */
{
printf("RejectSendLibnet11IPv4TCP libnet_build_ipv4 %s\n", libnet_geterror(c));
goto cleanup;
@ -144,7 +148,8 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir){
goto cleanup;
}
cleanup:
libnet_destroy (c);
return 0;
cleanup:
libnet_destroy (c);
return 0;
}

90
src/respond-reject.c
Unescape Escape View File

@ -1,7 +1,14 @@
/* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */
/* Author: William Metcalf
*
*/
/* RespondReject is a threaded wrapper for sending Rejects
*
* TODO
* - RespondRejectFunc returns 1 on error, 0 on ok... why? For now it should
* just return 0 always, error handling is a TODO in the threading model (VJ)
*/
#include <pthread.h>
@ -16,6 +23,7 @@
#include "tm-queuehandlers.h"
#include "tm-modules.h"
#include "action-globals.h"
#include "respond-reject.h"
#include "respond-reject-libnet11.h"
@ -36,57 +44,61 @@ void TmModuleRespondRejectRegister (void) {
int RespondRejectFunc(ThreadVars *tv, Packet *p, void *data) {
/* ACTION_REJECT defaults to rejecting the SRC */
if(p->action != ACTION_REJECT && p->action != ACTION_REJECT_DST &&
p->action != ACTION_REJECT_BOTH) {
if (p->action != ACTION_REJECT && p->action != ACTION_REJECT_DST &&
p->action != ACTION_REJECT_BOTH) {
return 0;
}
}
if(PKT_IS_IPV4(p)){
if(PKT_IS_TCP(p)){
return RejectSendIPv4TCP(tv, p, data);
} else if(PKT_IS_UDP(p)){
return RejectSendIPv4ICMP(tv, p, data);
} else{
return 0;
}
} else if (PKT_IS_IPV6(p)) {
if(PKT_IS_TCP(p)){
return RejectSendIPv6TCP(tv, p, data);
} else if(PKT_IS_UDP(p)){
return RejectSendIPv6ICMP(tv, p, data);
} else{
return 0;
}
} else{
printf ("wtf? packet is not ipv4 or ipv6 returning\n");
return 0;
}
if (PKT_IS_IPV4(p)) {
if (PKT_IS_TCP(p)) {
return RejectSendIPv4TCP(tv, p, data);
} else if(PKT_IS_UDP(p)) {
return RejectSendIPv4ICMP(tv, p, data);
} else {
return 0;
}
} else if (PKT_IS_IPV6(p)) {
if (PKT_IS_TCP(p)) {
return RejectSendIPv6TCP(tv, p, data);
} else if(PKT_IS_UDP(p)){
return RejectSendIPv6ICMP(tv, p, data);
} else {
return 0;
}
} else {
/* we're only supporting IPv4 and IPv6 */
return 0;
}
}
int RejectSendIPv4TCP(ThreadVars *tv, Packet *p, void *data){
if(p->action == ACTION_REJECT){
int RejectSendIPv4TCP(ThreadVars *tv, Packet *p, void *data) {
if (p->action == ACTION_REJECT) {
return RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_SRC);
} else if(p->action == ACTION_REJECT_DST){
return RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_DST);
} else if(p->action == ACTION_REJECT_BOTH){
if(RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_SRC) == 0 &&
RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_DST) == 0){
return 0;
} else {
return 1;
}
}
return 0;
} else if (p->action == ACTION_REJECT_DST) {
return RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_DST);
} else if(p->action == ACTION_REJECT_BOTH) {
if (RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_SRC) == 0 &&
RejectSendLibnet11L3IPv4TCP(tv, p, data, REJECT_DIR_DST) == 0) {
return 0;
} else {
return 1;
}
}
return 0;
}
int RejectSendIPv4ICMP(ThreadVars *tv, Packet *p, void *data){
/* XXX VJ implement this when we have UDP decoding implemented */
int RejectSendIPv4ICMP(ThreadVars *tv, Packet *p, void *data) {
printf ("we would send a ipv4 icmp reset here\n");
return 1;
}
int RejectSendIPv6TCP(ThreadVars *tv, Packet *p, void *data){
int RejectSendIPv6TCP(ThreadVars *tv, Packet *p, void *data) {
printf ("we would send a ipv6 tcp reset here\n");
return 1;
}
int RejectSendIPv6ICMP(ThreadVars *tv, Packet *p, void *data){
int RejectSendIPv6ICMP(ThreadVars *tv, Packet *p, void *data) {
printf ("we would send a ipv6 icmp reset here\n");
return 1;
}

Write Preview
Loading…
Cancel
Save