anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-08 21:54:57 +02:00
Code Issues Releases Wiki Activity

pknock: move more kernel parts from include file to .c

Browse Source 
All of this does not seem to have a userspace part.
This commit is contained in:
Jan Engelhardt
2009-10-03 00:11:37 +02:00
parent 628d137f12
commit 4a350ddd03
2 changed files with 46 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
extensions/xt_pknock.c
View File

@@ -22,7 +22,9 @@
#include <linux/jhash.h> #include <linux/jhash.h>
#include <linux/random.h> #include <linux/random.h>
#include <linux/crypto.h> #include <linux/crypto.h>
#include <linux/proc_fs.h>
#include <linux/scatterlist.h> #include <linux/scatterlist.h>
#include <linux/spinlock.h>
#include <linux/jiffies.h> #include <linux/jiffies.h>
#include <linux/timer.h> #include <linux/timer.h>
#include <linux/seq_file.h> #include <linux/seq_file.h>
@@ -38,6 +40,50 @@
# define PK_CRYPTO 1 # define PK_CRYPTO 1
#endif #endif
enum status {
ST_INIT = 1,
ST_MATCHING,
ST_ALLOWED,
};
/**
* @login_min: the login epoch minute
*/
struct peer {
struct list_head head;
uint32_t ip;
uint8_t proto;
uint32_t id_port_knocked;
enum status status;
unsigned long timestamp;
int login_min;
};
/**
* @timer: garbage collector timer
* @max_time: max matching time between ports
*/
struct xt_pknock_rule {
struct list_head head;
char rule_name[IPT_PKNOCK_MAX_BUF_LEN + 1];
int rule_name_len;
unsigned int ref_count;
struct timer_list timer;
struct list_head *peer_head;
struct proc_dir_entry *status_proc;
unsigned long max_time;
};
/**
* @port: destination port
*/
struct transport_data {
uint8_t proto;
uint16_t port;
int payload_len;
const unsigned char *payload;
};
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_AUTHOR("J. Federico Hernandez Scarso, Luis A. Floreani"); MODULE_AUTHOR("J. Federico Hernandez Scarso, Luis A. Floreani");
MODULE_DESCRIPTION("netfilter match for Port Knocking and SPA"); MODULE_DESCRIPTION("netfilter match for Port Knocking and SPA");

37
extensions/xt_pknock.h
View File

@@ -45,41 +45,4 @@ struct xt_pknock_nl_msg {
uint32_t peer_ip; uint32_t peer_ip;
}; };
enum status {ST_INIT=1, ST_MATCHING, ST_ALLOWED};
#ifdef __KERNEL__
#include <linux/list.h>
#include <linux/spinlock.h>
struct peer {
struct list_head head;
uint32_t ip;
uint8_t proto;
uint32_t id_port_knocked;
enum status status;
unsigned long timestamp;
int login_min; /* the login epoch minute */
};
#include <linux/proc_fs.h>
struct xt_pknock_rule {
struct list_head head;
char rule_name[IPT_PKNOCK_MAX_BUF_LEN + 1];
int rule_name_len;
unsigned int ref_count;
struct timer_list timer; /* garbage collector timer */
struct list_head *peer_head;
struct proc_dir_entry *status_proc;
unsigned long max_time; /* max matching time between ports */
};
struct transport_data {
uint8_t proto;
uint16_t port; /* destination port */
int payload_len;
const unsigned char *payload;
};
#endif /* __KERNEL__ */
#endif /* _XT_PKNOCK_H */ #endif /* _XT_PKNOCK_H */