Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
d12e5047
Commit
d12e5047
authored
Sep 27, 2004
by
Patrick McHardy
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[NETFILTER]: Convert sctp match to skb_header_pointer
Signed-off-by:
Patrick McHardy
<
kaber@trash.net
>
parent
d8676c77
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
18 additions
and
16 deletions
+18
-16
net/ipv4/netfilter/ipt_sctp.c
net/ipv4/netfilter/ipt_sctp.c
+18
-16
No files found.
net/ipv4/netfilter/ipt_sctp.c
View file @
d12e5047
...
...
@@ -42,7 +42,7 @@ match_packet(const struct sk_buff *skb,
{
int
offset
;
u_int32_t
chunkmapcopy
[
256
/
sizeof
(
u_int32_t
)];
sctp_chunkhdr_t
sch
;
sctp_chunkhdr_t
_sch
,
*
sch
;
#ifdef DEBUG_SCTP
int
i
=
0
;
...
...
@@ -54,38 +54,39 @@ match_packet(const struct sk_buff *skb,
offset
=
skb
->
nh
.
iph
->
ihl
*
4
+
sizeof
(
sctp_sctphdr_t
);
do
{
if
(
skb_copy_bits
(
skb
,
offset
,
&
sch
,
sizeof
(
sch
))
<
0
)
{
sch
=
skb_header_pointer
(
skb
,
offset
,
sizeof
(
_sch
),
&
_sch
);
if
(
sch
==
NULL
)
{
duprintf
(
"Dropping invalid SCTP packet.
\n
"
);
*
hotdrop
=
1
;
return
0
;
}
duprintf
(
"Chunk num: %d
\t
offset: %d
\t
type: %d
\t
length: %d
\t
flags: %x
\n
"
,
++
i
,
offset
,
sch
.
type
,
htons
(
sch
.
length
),
sch
.
flags
);
++
i
,
offset
,
sch
->
type
,
htons
(
sch
->
length
),
sch
->
flags
);
offset
+=
(
htons
(
sch
.
length
)
+
3
)
&
~
3
;
offset
+=
(
htons
(
sch
->
length
)
+
3
)
&
~
3
;
duprintf
(
"skb->len: %d
\t
offset: %d
\n
"
,
skb
->
len
,
offset
);
if
(
SCTP_CHUNKMAP_IS_SET
(
chunkmap
,
sch
.
type
))
{
if
(
SCTP_CHUNKMAP_IS_SET
(
chunkmap
,
sch
->
type
))
{
switch
(
chunk_match_type
)
{
case
SCTP_CHUNK_MATCH_ANY
:
if
(
match_flags
(
flag_info
,
flag_count
,
sch
.
type
,
sch
.
flags
))
{
sch
->
type
,
sch
->
flags
))
{
return
1
;
}
break
;
case
SCTP_CHUNK_MATCH_ALL
:
if
(
match_flags
(
flag_info
,
flag_count
,
sch
.
type
,
sch
.
flags
))
{
SCTP_CHUNKMAP_CLEAR
(
chunkmapcopy
,
sch
.
type
);
sch
->
type
,
sch
->
flags
))
{
SCTP_CHUNKMAP_CLEAR
(
chunkmapcopy
,
sch
->
type
);
}
break
;
case
SCTP_CHUNK_MATCH_ONLY
:
if
(
!
match_flags
(
flag_info
,
flag_count
,
sch
.
type
,
sch
.
flags
))
{
sch
->
type
,
sch
->
flags
))
{
return
0
;
}
break
;
...
...
@@ -120,7 +121,7 @@ match(const struct sk_buff *skb,
int
*
hotdrop
)
{
const
struct
ipt_sctp_info
*
info
;
sctp_sctphdr_t
sh
;
sctp_sctphdr_t
_sh
,
*
sh
;
info
=
(
const
struct
ipt_sctp_info
*
)
matchinfo
;
...
...
@@ -129,18 +130,19 @@ match(const struct sk_buff *skb,
return
0
;
}
if
(
skb_copy_bits
(
skb
,
skb
->
nh
.
iph
->
ihl
*
4
,
&
sh
,
sizeof
(
sh
))
<
0
)
{
sh
=
skb_header_pointer
(
skb
,
skb
->
nh
.
iph
->
ihl
*
4
,
sizeof
(
_sh
),
&
_sh
);
if
(
sh
==
NULL
)
{
duprintf
(
"Dropping evil TCP offset=0 tinygram.
\n
"
);
*
hotdrop
=
1
;
return
0
;
}
duprintf
(
"spt: %d
\t
dpt: %d
\n
"
,
ntohs
(
sh
.
source
),
ntohs
(
sh
.
dest
));
duprintf
(
"spt: %d
\t
dpt: %d
\n
"
,
ntohs
(
sh
->
source
),
ntohs
(
sh
->
dest
));
return
SCCHECK
(((
ntohs
(
sh
.
source
)
>=
info
->
spts
[
0
])
&&
(
ntohs
(
sh
.
source
)
<=
info
->
spts
[
1
])),
return
SCCHECK
(((
ntohs
(
sh
->
source
)
>=
info
->
spts
[
0
])
&&
(
ntohs
(
sh
->
source
)
<=
info
->
spts
[
1
])),
IPT_SCTP_SRC_PORTS
,
info
->
flags
,
info
->
invflags
)
&&
SCCHECK
(((
ntohs
(
sh
.
dest
)
>=
info
->
dpts
[
0
])
&&
(
ntohs
(
sh
.
dest
)
<=
info
->
dpts
[
1
])),
&&
SCCHECK
(((
ntohs
(
sh
->
dest
)
>=
info
->
dpts
[
0
])
&&
(
ntohs
(
sh
->
dest
)
<=
info
->
dpts
[
1
])),
IPT_SCTP_DEST_PORTS
,
info
->
flags
,
info
->
invflags
)
&&
SCCHECK
(
match_packet
(
skb
,
info
->
chunkmap
,
info
->
chunk_match_type
,
info
->
flag_info
,
info
->
flag_count
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment