mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-06 20:55:13 +02:00
25 lines
682 B
C
25 lines
682 B
C
#pragma once
|
|
#include <linux/param.h>
|
|
#include <linux/types.h>
|
|
|
|
/*
|
|
* High port numbers have a lower weight to reduce the frequency of false
|
|
* positives, such as from passive mode FTP transfers.
|
|
*/
|
|
#define PORT_WEIGHT_PRIV 3
|
|
#define PORT_WEIGHT_HIGH 1
|
|
#define PSD_MAX_RATE 10000
|
|
|
|
/*
|
|
* Port scan detection thresholds: at least COUNT ports need to be scanned
|
|
* from the same source, with no longer than DELAY ticks between ports.
|
|
*/
|
|
#define SCAN_MIN_COUNT 7
|
|
#define SCAN_MAX_COUNT (SCAN_MIN_COUNT * PORT_WEIGHT_PRIV)
|
|
#define SCAN_WEIGHT_THRESHOLD SCAN_MAX_COUNT
|
|
|
|
struct xt_psd_info {
|
|
__u32 weight_threshold, delay_threshold;
|
|
__u16 lo_ports_weight, hi_ports_weight;
|
|
};
|