From 43864ac6f1a042cae19f065d28fa1d559d5cc118 Mon Sep 17 00:00:00 2001 From: Tomasz Tomkowiak Date: Tue, 26 Jan 2010 06:16:00 +0300 Subject: [PATCH] ipp2p: bittorrent commands After testing I decide to write my patch to bittorrent GET commands from xt_ipp2p.c because old procedure is useless for modified and/or private trackers. BTW: info_hash may be 3rd argument, passkey (private trackers) may be 1st argument (or not) etc. so we need to search. --- doc/changelog.txt | 1 + extensions/xt_ipp2p.c | 15 +++++++-------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/doc/changelog.txt b/doc/changelog.txt index c1eda16..4761bea 100644 --- a/doc/changelog.txt +++ b/doc/changelog.txt @@ -1,6 +1,7 @@ HEAD ==== +- ipp2p: updated bittorent command recognition Xtables-addons 1.23 (February 24 2010) diff --git a/extensions/xt_ipp2p.c b/extensions/xt_ipp2p.c index 44c6573..a94c2d2 100644 --- a/extensions/xt_ipp2p.c +++ b/extensions/xt_ipp2p.c @@ -505,19 +505,18 @@ search_bittorrent(const unsigned char *payload, const unsigned int plen) if (payload[0] == 0x13) if (memcmp(payload + 1, "BitTorrent protocol", 19) == 0) return IPP2P_BIT * 100; - /* - * get tracker commandos, all starts with GET / - * then it can follow: scrape| announce - * and then ?hash_info= + * Any tracker command starts with GET / then *may be* some file on web server + * (e.g. announce.php or dupa.pl or whatever.cgi or NOTHING for tracker on root dir) + * but *must have* one (or more) of strings listed below (true for scrape and announce) */ if (memcmp(payload, "GET /", 5) == 0) { - /* message scrape */ - if (memcmp(payload + 5, "scrape?info_hash=", 17) == 0) + if (HX_memmem(payload, plen, "info_hash=", 9) != NULL) return IPP2P_BIT * 100 + 1; - /* message announce */ - if (memcmp(payload + 5, "announce?info_hash=", 19) == 0) + if (HX_memmem(payload, plen, "peer_id=", 8) != NULL) return IPP2P_BIT * 100 + 2; + if (HX_memmem(payload, plen, "passkey=", 8) != NULL) + return IPP2P_BIT * 100 + 4; } } else { /* bitcomet encryptes the first packet, so we have to detect another