[Iptables-p2p-commits] iptables-p2p/kernel main.c,1.6,1.7

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/iptables-p2p/iptables-p2p/kernel
In directory sc8-pr-cvs1:/tmp/cvs-serv32580/kernel

Modified Files:
	main.c 
Log Message:
greatly improved inverted protocol logic by simply parsing the option differently

Index: main.c
===================================================================
RCS file: /cvsroot/iptables-p2p/iptables-p2p/kernel/main.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7

--- main.c	14 Dec 2003 16:05:07 -0000	1.6
+++ main.c	15 Dec 2003 11:04:09 -0000	1.7
@@ -27,6 +27,7 @@
 MODULE_DESCRIPTION("IP tables P2P match module");
 MODULE_LICENSE("GPL");
 
+/* WARNING: The return value differs from the rest of the match_ functions. */
 int match_http(const unsigned char *data,
                const unsigned char *end);
 
@@ -40,6 +41,39 @@
                      const unsigned char *end);
 
 static int
+match_selected(const struct ipt_p2p_info *pinfo,
+               const unsigned char *data,
+               const unsigned char *end)
+{
+	if (pinfo->proto & IPT_P2P_PROTO_KAZAA ||
+		pinfo->proto & IPT_P2P_PROTO_GNUTELLA)
+	{
+		int proto;
+
+		/* Returns the protocol that matched, or zero if none of the
+		   supported protocols were matched. */
+		proto = match_http(data, end);
+
+		if (proto != 0)
+		{
+			if ((pinfo->proto & proto) != 0)
+				return 1;
+		}
+	}
+
+	if (pinfo->proto & IPT_P2P_PROTO_EDONKEY)
+		if (match_edonkey(data, end)) return 1;
+
+	if (pinfo->proto & IPT_P2P_PROTO_BITTORRENT)
+		if (match_bittorrent(data, end)) return 1;
+
+	if (pinfo->proto & IPT_P2P_PROTO_DIRECT_CONNECT)
+		if (match_dc(data, end)) return 1;
+
+	return 0;
+}
+
+static int
 match(const struct sk_buff *skb,
       const struct net_device *in,
       const struct net_device *out,
@@ -73,40 +107,8 @@
 	data = (const unsigned char *) tcph + tcph->doff * 4;
 	end = data + datalen - tcph->doff * 4;
 
-	/* Handle the requested protocol; this code is an absolute mess and
-	   needs to be cleaned up. */
-	if (pinfo->proto_inverse)
-	{
-		if ((pinfo->proto & IPT_P2P_PROTO_KAZAA) == 0 &&
-			(pinfo->proto & IPT_P2P_PROTO_GNUTELLA) == 0)
-			if (match_http(data, end)) return 1;
-
-		if ((pinfo->proto & IPT_P2P_PROTO_EDONKEY) == 0)
-			if (match_edonkey(data, end)) return 1;
-
-		if ((pinfo->proto & IPT_P2P_PROTO_BITTORRENT) == 0)
-			if (match_bittorrent(data, end)) return 1;
-
-		if ((pinfo->proto & IPT_P2P_PROTO_DIRECT_CONNECT) == 0)
-			if (match_dc(data, end)) return 1;
-	}
-	else
-	{
-		if (pinfo->proto & IPT_P2P_PROTO_KAZAA ||
-		    pinfo->proto & IPT_P2P_PROTO_GNUTELLA)
-			if (match_http(data, end)) return 1;
-
-		if (pinfo->proto & IPT_P2P_PROTO_EDONKEY)
-			if (match_edonkey(data, end)) return 1;
-
-		if (pinfo->proto & IPT_P2P_PROTO_BITTORRENT)
-			if (match_bittorrent(data, end)) return 1;
-
-		if (pinfo->proto & IPT_P2P_PROTO_DIRECT_CONNECT)
-			if (match_dc(data, end)) return 1;
-	}
-
-	return 0;
+	/* Handle the requested protocol(s). */
+	return match_selected(pinfo, data, end);
 }
 
 static int




