anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-06 12:45:13 +02:00
Code Issues Releases Wiki Activity

pknock: display only pknock mode and state relevant information in procfs

Browse Source 
Signed-off-by: Jan Rafaj <jr+netfilter-devel@cedric.unob.cz>
This commit is contained in:
Jan Rafaj
2009-10-12 00:01:33 +02:00
committed by Jan Engelhardt
parent 2b2b6246f0
commit a921427746
1 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
extensions/pknock/xt_pknock.c
View File

@@ -43,6 +43,7 @@ enum status {
}; };
/** /**
* @timestamp: seconds, but not since epoch (uses jiffies/HZ)
* @login_sec: seconds at login since the epoch * @login_sec: seconds at login since the epoch
*/ */
struct peer { struct peer {
@@ -246,8 +247,6 @@ pknock_seq_show(struct seq_file *s, void *v)
const struct list_head *pos, *n; const struct list_head *pos, *n;
const struct peer *peer; const struct peer *peer;
unsigned long time; unsigned long time;
unsigned long expir_time;
const struct list_head *peer_head = v; const struct list_head *peer_head = v;
const struct proc_dir_entry *pde = s->private; const struct proc_dir_entry *pde = s->private;
@@ -255,18 +254,22 @@ pknock_seq_show(struct seq_file *s, void *v)
list_for_each_safe(pos, n, peer_head) { list_for_each_safe(pos, n, peer_head) {
peer = list_entry(pos, struct peer, head); peer = list_entry(pos, struct peer, head);
expir_time = time_before(jiffies/HZ,
peer->timestamp + rule->max_time)
? ((peer->timestamp + rule->max_time)-(jiffies/HZ)) : 0;
seq_printf(s, "src=" NIPQUAD_FMT " ", NIPQUAD(peer->ip)); seq_printf(s, "src=" NIPQUAD_FMT " ", NIPQUAD(peer->ip));
seq_printf(s, "proto=%s ", (peer->proto == IPPROTO_TCP) ? seq_printf(s, "proto=%s ", (peer->proto == IPPROTO_TCP) ?
"TCP" : "UDP"); "TCP" : "UDP");
seq_printf(s, "status=%s ", status_itoa(peer->status)); seq_printf(s, "status=%s ", status_itoa(peer->status));
seq_printf(s, "expir_time=%ld ", expir_time);
seq_printf(s, "accepted_knock_count=%lu ", seq_printf(s, "accepted_knock_count=%lu ",
(unsigned long)peer->accepted_knock_count); (unsigned long)peer->accepted_knock_count);
if (rule->autoclose_time != 0) { if (peer->status == ST_MATCHING) {
time = 0;
if (time_before(jiffies / HZ, peer->timestamp +
rule->max_time))
time = peer->timestamp + rule->max_time -
jiffies / HZ;
seq_printf(s, "expir_time=%lu [secs] ", time);
}
if (peer->status == ST_ALLOWED && rule->autoclose_time != 0) {
time = 0; time = 0;
if (time_before(get_seconds(), peer->login_sec + if (time_before(get_seconds(), peer->login_sec +
rule->autoclose_time * 60)) rule->autoclose_time * 60))