Menu
▾
▴
[Iptables-p2p-commits] iptables-p2p/kernel match_http.c,1.2,1.3
|
From: <li...@us...> - 2003-12-15 07:23:35
|
Update of /cvsroot/iptables-p2p/iptables-p2p/kernel
In directory sc8-pr-cvs1:/tmp/cvs-serv26517
Modified Files:
match_http.c
Log Message:
New version of match_http. Several protocols added.
Index: match_http.c
===================================================================
RCS file: /cvsroot/iptables-p2p/iptables-p2p/kernel/match_http.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- match_http.c 7 Dec 2003 03:05:10 -0000 1.2
+++ match_http.c 15 Dec 2003 07:23:32 -0000 1.3
@@ -12,45 +12,63 @@
* General Public License for more details.
*/
+
+/* TODO: This module needs more testing */
+
#define __NO_VERSION__
#include <linux/config.h>
-
#include <linux/smp.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/file.h>
#include <net/sock.h>
-#define SIZE_MIN (30)
-#define SIZE_MAX (1000)
-#define HEADER_SIZE_MIN (15)
+#define SIZE_MIN 30
+#define SIZE_MAX 1000
-static const unsigned char *methods_list[] =
-{
+static const unsigned char *methods_list[] = {
"GET /get/",
"GET /uri-res/",
"GET /.hash=",
+ "GET /PoisonedDownloads/",
+ "GET /",
"HTTP/1.1",
NULL
};
-static const unsigned char *headers_list[] =
-{
+#define MM_GET_GET 0
+#define MM_GET_URIRES 1
+#define NM_GET_HASH 2
+#define MM_GET_POISONED 3
+#define MM_GET 4
+#define MM_HTTP11 5
+
+static const unsigned char *headers_list[] = {
"X-Kazaa-",
"X-Gnutella-",
+ "X-OpenftAlias:",
+ "Content-URN:",
+ "X-Queue:",
+ "X-TigerTree",
NULL
};
+#define HM_X_KAZZA 0
+#define HM_X_GNUTELLA 1
+#define HM_X_OPENFTALIAS 2
+#define HM_CONTENT_URN 3
+#define HM_X_QUEUE 4
+#define HM_X_TIGER_THREE 5
+
+#define HEADERS_COUNT (sizeof(methods_list)/sizeof(char *)) /* Not pretty: Is there a better way? */
+
static inline const unsigned char *
next_line(const unsigned char *data,
const unsigned char *end)
{
- while (data <= end)
- {
- if (*data++ == '\n')
- return data;
- }
+ while(data <= end)
+ if(*data++ == '\n') return data;
return NULL;
}
@@ -59,36 +77,68 @@
string_match(const unsigned char *data,
const unsigned char **strings)
{
- int i;
-
- for (i = 0; strings[i] != NULL; i++)
- {
- if (memcmp(data, strings[i], sizeof(strings[i]) - 1) == 0)
- return 1;
+ int i = 0;
+ while (strings[i]) {
+ if(memcmp(data, strings[i], strlen(strings[i]) - 1) == 0)
+ return i;
+ i++;
}
-
- return 0;
+ return -1;
}
int
-match_http(const unsigned char *data,
- const unsigned char *end)
+match_http( const unsigned char *data,
+ const unsigned char *end)
{
- if (end - data < SIZE_MIN || end - data > SIZE_MAX)
- return 0;
+ unsigned int method_matched; /* Methods matched */
+ unsigned char headers_matched[ HEADERS_COUNT ]; /* headers matched*/
- if (string_match(data, methods_list) == 0)
+ if (end - data < SIZE_MIN || end - data > SIZE_MAX) return 0;
+
+
+ method_matched = string_match(data, methods_list);
+
+ if(method_matched == -1)
return 0;
- while ((data = next_line(data, end)))
- {
- if (end - data < HEADER_SIZE_MIN)
- return 0;
+ memset(headers_matched, 0, sizeof(headers_matched));
- if (string_match(data, headers_list))
- return 1;
+ while ( (data = next_line(data, end)) ) {
+ int header;
+
+/* FIXME: Should check for buffer overrun here
+ * string_match should receive end - data as an argument
+ */
+ header = string_match(data, headers_list);
+ if( header != -1)
+ headers_matched[ header ] = 1;
}
+
+#define MM(x) (method_matched == x)
+#define HM(x) headers_matched[x]
+
+ /* Kazaa */
+ if( ( MM(NM_GET_HASH) || MM(MM_HTTP11) ) && HM(HM_X_KAZZA) )
+ return 1;
+
+ /* Gnutella */
+ if ( (MM(MM_GET_GET) || MM(MM_GET_URIRES) || MM(MM_HTTP11)) && HM(HM_X_GNUTELLA) )
+ return 1;
+
+ /* OpenFT */
+ if( (MM(MM_GET) || MM(MM_HTTP11)) && HM(HM_X_OPENFTALIAS) )
+ return 1;
+
+ if( MM(MM_GET_POISONED) )
+ return 1;
+
+ /* Shareazza */
+ if( (MM(MM_GET_URIRES) && (HM(HM_CONTENT_URN) || HM(HM_X_QUEUE)) ))
+ return 1;
+
+ if( MM(MM_HTTP11) && HM(HM_X_TIGER_THREE) )
+ return 1;
return 0;
}
|
