anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-07 13:15:12 +02:00
Code Issues Releases Wiki Activity
770 Commits 5 Branches 85 Tags
d66d07d01df7eb975908350fed3010f8622a16fe
Commit Graph

31 Commits

Author SHA1 Message Date
Florian Westphal
d66d07d01d psd: move defines to user/kernelspace part where possible 
Some of these defines have no meaning in userspace, so there
is no need to make those available.
 2012-06-15 15:17:30 +02:00
Florian Westphal
3736a265d8 psd: reduce size of struct host 
We can use u16, saving 8 bytes total (weight cannot exceed
PSD_MAX_RATE, 10000). Also re-format comments & struct initializers.

No functional changes.
 2012-06-15 15:17:21 +02:00
Jan Engelhardt
5b2649b1a2 psd: re-format comments 2012-06-15 15:16:31 +02:00
Florian Westphal
f6b8767228 psd: add basic validation of userspace matchinfo data 
psd multiplies weight_thresh by HZ, so it could overflow.

Userspace libxt_psd refuses values exceeding PSD_MAX_RATE, so check
that on kernel side, too.

Also, setting 0 weight for both privileged and highports will cause
psd to never match at all.

Reject 0 weight threshold, too because it makes no sense (triggers
match for every initial packet).
 2012-06-15 15:11:32 +02:00
Florian Westphal
ac58f2e94b psd: rip out scanlogd leftovers 
scanlogd remembers tcp flags and uses the *_CHANGING values in its
logger function to determine the best log format to use (e.g. TTL is
not logged if HF_TTL_CHANGING was set, as TTL values were different).

As psd does not log at all, we do not need track this.

Also get rid of bogus/misleading comments.
 2012-06-15 15:09:26 +02:00
Florian Westphal
759546f8d0 xt_psd: avoid crash due to curr->next corruption 
curr->ports[] is of size SCAN_MAX_COUNT - 1, so under certain
conditions we wrote past end of array, corrupting ->next pointer
of the adjacent host entry.

Reported-and-tested-by: Serge Leschinsky <serge.leschinsky@gmail.com>
 2012-04-18 14:30:22 +02:00
Jan Engelhardt
01d864f4fc xt_psd: resolve compiler warning 
xt_psd.c: In function "xt_psd_match":
xt_psd.c:253:27: warning: "tcph" may be used uninitialized in this
function [-Wuninitialized]
 2011-08-11 15:50:08 +02:00
Jan Engelhardt
071c95b750 xt_psd: compact temporary skb buffers 2011-08-11 15:49:40 +02:00
Jan Engelhardt
a141cc311c xt_psd: support UDPLITE 2011-08-11 15:47:20 +02:00
Jan Engelhardt
7e92ce7ce6 xt_psd: move early bail-out code above skb_header_pointer 2011-08-11 15:46:53 +02:00
Jan Engelhardt
21da1dfea5 xt_psd: cleanup and reduce number of condition checks 2011-08-11 15:46:53 +02:00
Jan Engelhardt
6c17eb46b5 xt_psd: restore skb_header_pointer functionality for UDP 2011-08-11 15:46:53 +02:00
Jan Engelhardt
9a18a05d02 compat_xtables: move to 2.6.35 xt_action_param (2/3) 2010-05-13 19:45:52 +02:00
Jan Engelhardt
5b472be9bb compat_xtables: move to 2.6.35 xt_action_param (1/3) 2010-05-13 19:28:37 +02:00
Jan Engelhardt
7512101bca modules: replace AF/PF with NFPROTO 2010-03-16 23:37:05 +01:00
Florian Westphal
342ccf62b2 psd: byteswap constant value instead 
htons(CONSTANT) is computed at compile time.
reduces .text by 4 bytes on x86.

Signed-off-by: Florian Westphal <fwestphal@astaro.com>
 2009-09-11 21:38:23 +02:00
Florian Westphal
adabd647b1 psd: use skb_header_pointer 
Do not rely on tcphdr being in the linear area.

Signed-off-by: Florian Westphal <fwestphal@astaro.com>
 2009-09-11 21:38:00 +02:00
Jan Engelhardt
83e474f9ab psd: move pr_ prefix into pr_fmt 2009-08-28 12:32:23 +02:00
Jan Engelhardt
efd4c91557 psd: style: remove braces for single statements in ifs 2009-08-16 12:40:44 +02:00
Jan Engelhardt
65a257a67d psd: style: add explicit comparisons where not used in bool context 2009-08-14 20:26:37 +02:00
Jan Engelhardt
5b07e04600 psd: style: break double statements 2009-08-14 20:24:36 +02:00
Jan Engelhardt
6b175b40cb psd: jiffies is an unsigned long, fix compiler warning 
"jiffies" has always been unsigned long, not clock_t.

xt_psd.c:176:7: warning: comparison of distinct pointer types lacks a cast
 2009-08-14 20:19:13 +02:00
Jan Engelhardt
0887365f8b psd: remove whitespace at EOL 2009-08-14 20:15:00 +02:00
Mohd Nawawi Mohamad Jamili
380b1b6997 psd: fix revision mismatch 2009-08-13 13:11:18 +02:00
Jan Engelhardt
8e5219636a psd: tag match reg struct as __read_mostly 2009-08-13 01:04:26 +02:00
Jan Engelhardt
502c1c05aa psd: return correct status from init 2009-08-13 00:46:33 +02:00
Jan Engelhardt
a7ceccc0f4 psd: bss is always zero-initialized 2009-08-13 00:45:52 +02:00
Jan Engelhardt
10bd08d0f3 psd: remove empty checkentry function 2009-08-13 00:44:39 +02:00
Jan Engelhardt
1e5315d338 psd: replace open-coded access by skb handling functions 
pskb->network_header would not even compile under older kernels.

This also fixes the compile warning:
xt_psd.c:116:18: warning: cast to pointer from integer of different size
 2009-08-13 00:42:01 +02:00
Jan Engelhardt
579484ed70 psd: avoid shadowing of function 
ip_hdr and tcp_hdr are actually functions. Because we need them means
they must not be shadowed by variables.
 2009-08-13 00:38:39 +02:00
Mohd Nawawi Mohamad Jamili
2aa32d4bce psd: import 20090807 code base 2009-08-12 21:59:33 +02:00