source:
freewrt/package/iptables/patches/01-ipp2p-0.8.1rc1.patch@
d419478
| Last change on this file since d419478 was 475ad56, checked in by , 20 years ago | |
|---|---|
|
|
| File size: 17.6 KB | |
-
extensions/Makefile
diff -urN iptables.old/extensions/Makefile iptables.dev/extensions/Makefile
old new 8 8 PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack dscp ecn esp hashlimit helper icmp iprange length limit mac mark multiport owner physdev pkttype realm rpc sctp standard state tcp tcpmss tos ttl udp unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE NOTRACK REDIRECT REJECT SAME SNAT TARPIT TCPMSS TOS TRACE TTL ULOG 9 9 PF6_EXT_SLIB:=eui64 hl icmpv6 length limit mac mark multiport owner physdev standard tcp udp HL LOG NFQUEUE MARK TRACE 10 10 11 12 # ipp2p 13 PF_EXT_SLIB += ipp2p 14 11 15 # Optionals 12 16 PF_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T))) 13 17 PF6_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test6),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T))) -
extensions/libipt_ipp2p.c
diff -urN iptables.old/extensions/libipt_ipp2p.c iptables.dev/extensions/libipt_ipp2p.c
old new 1 2 #include <stdio.h> 3 #include <netdb.h> 4 #include <string.h> 5 #include <stdlib.h> 6 #include <getopt.h> 7 #include <ctype.h> 8 9 #include <iptables.h> 10 11 #include <linux/netfilter_ipv4/ipt_ipp2p.h> 12 13 static void 14 help(void) 15 { 16 printf( 17 "IPP2P v%s options:\n" 18 " --ipp2p Grab all known p2p packets\n" 19 " --edk [TCP&UDP] All known eDonkey/eMule/Overnet packets\n" 20 " --dc [TCP] All known Direct Connect packets\n" 21 " --kazaa [TCP&UDP] All known KaZaA packets\n" 22 " --gnu [TCP&UDP] All known Gnutella packets\n" 23 " --bit [TCP&UDP] All known BitTorrent packets\n" 24 " --apple [TCP] All known AppleJuice packets\n" 25 " --winmx [TCP] All known WinMX\n" 26 " --soul [TCP] All known SoulSeek\n" 27 " --ares [TCP] All known Ares\n\n" 28 " EXPERIMENTAL protocols (please send feedback to: ipp2p@ipp2p.org) :\n" 29 " --mute [TCP] All known Mute packets\n" 30 " --waste [TCP] All known Waste packets\n" 31 " --xdcc [TCP] All known XDCC packets (only xdcc login)\n\n" 32 " DEBUG SUPPPORT, use only if you know why\n" 33 " --debug Generate kernel debug output, THIS WILL SLOW DOWN THE FILTER\n" 34 "\nNote that the follwing options will have the same meaning:\n" 35 " '--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx --soul --ares'\n" 36 "\nIPP2P was intended for TCP only. Due to increasing usage of UDP we needed to change this.\n" 37 "You can now use -p udp to search UDP packets only or without -p switch to search UDP and TCP packets.\n" 38 "\nSee README included with this package for more details or visit http://www.ipp2p.org\n" 39 "\nExamples:\n" 40 " iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01\n" 41 " iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP\n" 42 " iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP\n\n" 43 , IPP2P_VERSION); 44 } 45 46 static struct option opts[] = { 47 { "ipp2p", 0, 0, '1' }, 48 { "edk", 0, 0, '2' }, 49 { "dc", 0, 0, '7' }, 50 { "gnu", 0, 0, '9' }, 51 { "kazaa", 0, 0, 'a' }, 52 { "bit", 0, 0, 'b' }, 53 { "apple", 0, 0, 'c' }, 54 { "soul", 0, 0, 'd' }, 55 { "winmx", 0, 0, 'e' }, 56 { "ares", 0, 0, 'f' }, 57 { "mute", 0, 0, 'g' }, 58 { "waste", 0, 0, 'h' }, 59 { "xdcc", 0, 0, 'i' }, 60 { "debug", 0, 0, 'j' }, 61 {0} 62 }; 63 64 65 66 static void 67 init(struct ipt_entry_match *m, unsigned int *nfcache) 68 { 69 struct ipt_p2p_info *info = (struct ipt_p2p_info *)m->data; 70 71 *nfcache |= NFC_UNKNOWN; 72 73 /*init the module with default values*/ 74 info->cmd = 0; 75 info->debug = 0; 76 77 } 78 79 80 static int 81 parse(int c, char **argv, int invert, unsigned int *flags, 82 const struct ipt_entry *entry, 83 unsigned int *nfcache, 84 struct ipt_entry_match **match) 85 { 86 struct ipt_p2p_info *info = (struct ipt_p2p_info *)(*match)->data; 87 88 switch (c) { 89 case '1': /*cmd: ipp2p*/ 90 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 91 exit_error(PARAMETER_PROBLEM, 92 "ipp2p: `--ipp2p' may only be " 93 "specified once!"); 94 /* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) 95 exit_error(PARAMETER_PROBLEM, 96 "ipp2p: `--ipp2p-data' may only be " 97 "specified alone!");*/ 98 if ((*flags) != 0) 99 exit_error(PARAMETER_PROBLEM, 100 "ipp2p: `--ipp2p' may only be " 101 "specified alone!"); 102 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 103 *flags += SHORT_HAND_IPP2P; 104 info->cmd = *flags; 105 break; 106 107 case '2': /*cmd: edk*/ 108 if ((*flags & IPP2P_EDK) == IPP2P_EDK) 109 exit_error(PARAMETER_PROBLEM, 110 "ipp2p: `--edk' may only be " 111 "specified once"); 112 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 113 exit_error(PARAMETER_PROBLEM, 114 "ipp2p: `--ipp2p' may only be " 115 "specified alone!"); 116 /* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) 117 exit_error(PARAMETER_PROBLEM, 118 "ipp2p: `--ipp2p-data' may only be " 119 "specified alone!");*/ 120 if ((*flags & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) 121 exit_error(PARAMETER_PROBLEM, 122 "ipp2p: use `--edk' OR `--edk-data' but not both of them!"); 123 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 124 *flags += IPP2P_EDK; 125 info->cmd = *flags; 126 break; 127 128 129 case '7': /*cmd: dc*/ 130 if ((*flags & IPP2P_DC) == IPP2P_DC) 131 exit_error(PARAMETER_PROBLEM, 132 "ipp2p: `--dc' may only be " 133 "specified once!"); 134 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 135 exit_error(PARAMETER_PROBLEM, 136 "ipp2p: `--ipp2p' may only be " 137 "specified alone!"); 138 /* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) 139 exit_error(PARAMETER_PROBLEM, 140 "ipp2p: `--ipp2p-data' may only be " 141 "specified alone!");*/ 142 if ((*flags & IPP2P_DATA_DC) == IPP2P_DATA_DC) 143 exit_error(PARAMETER_PROBLEM, 144 "ipp2p: use `--dc' OR `--dc-data' but not both of them!"); 145 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 146 *flags += IPP2P_DC; 147 info->cmd = *flags; 148 break; 149 150 151 case '9': /*cmd: gnu*/ 152 if ((*flags & IPP2P_GNU) == IPP2P_GNU) 153 exit_error(PARAMETER_PROBLEM, 154 "ipp2p: `--gnu' may only be " 155 "specified once!"); 156 /* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) 157 exit_error(PARAMETER_PROBLEM, 158 "ipp2p: `--ipp2p-data' may only be " 159 "specified alone!");*/ 160 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 161 exit_error(PARAMETER_PROBLEM, 162 "ipp2p: `--ipp2p' may only be " 163 "specified alone!"); 164 if ((*flags & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) 165 exit_error(PARAMETER_PROBLEM, 166 "ipp2p: use `--gnu' OR `--gnu-data' but not both of them!"); 167 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 168 *flags += IPP2P_GNU; 169 info->cmd = *flags; 170 break; 171 172 case 'a': /*cmd: kazaa*/ 173 if ((*flags & IPP2P_KAZAA) == IPP2P_KAZAA) 174 exit_error(PARAMETER_PROBLEM, 175 "ipp2p: `--kazaa' may only be " 176 "specified once!"); 177 /* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) 178 exit_error(PARAMETER_PROBLEM, 179 "ipp2p: `--ipp2p-data' may only be " 180 "specified alone!");*/ 181 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 182 exit_error(PARAMETER_PROBLEM, 183 "ipp2p: `--ipp2p' may only be " 184 "specified alone!"); 185 if ((*flags & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) 186 exit_error(PARAMETER_PROBLEM, 187 "ipp2p: use `--kazaa' OR `--kazaa-data' but not both of them!"); 188 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 189 *flags += IPP2P_KAZAA; 190 info->cmd = *flags; 191 break; 192 193 case 'b': /*cmd: bit*/ 194 if ((*flags & IPP2P_BIT) == IPP2P_BIT) 195 exit_error(PARAMETER_PROBLEM, 196 "ipp2p: `--bit' may only be " 197 "specified once!"); 198 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 199 exit_error(PARAMETER_PROBLEM, 200 "ipp2p: `--ipp2p' may only be " 201 "specified alone!"); 202 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 203 *flags += IPP2P_BIT; 204 info->cmd = *flags; 205 break; 206 207 case 'c': /*cmd: apple*/ 208 if ((*flags & IPP2P_APPLE) == IPP2P_APPLE) 209 exit_error(PARAMETER_PROBLEM, 210 "ipp2p: `--apple' may only be " 211 "specified once!"); 212 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 213 exit_error(PARAMETER_PROBLEM, 214 "ipp2p: `--ipp2p' may only be " 215 "specified alone!"); 216 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 217 *flags += IPP2P_APPLE; 218 info->cmd = *flags; 219 break; 220 221 222 case 'd': /*cmd: soul*/ 223 if ((*flags & IPP2P_SOUL) == IPP2P_SOUL) 224 exit_error(PARAMETER_PROBLEM, 225 "ipp2p: `--soul' may only be " 226 "specified once!"); 227 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 228 exit_error(PARAMETER_PROBLEM, 229 "ipp2p: `--ipp2p' may only be " 230 "specified alone!"); 231 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 232 *flags += IPP2P_SOUL; 233 info->cmd = *flags; 234 break; 235 236 237 case 'e': /*cmd: winmx*/ 238 if ((*flags & IPP2P_WINMX) == IPP2P_WINMX) 239 exit_error(PARAMETER_PROBLEM, 240 "ipp2p: `--winmx' may only be " 241 "specified once!"); 242 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 243 exit_error(PARAMETER_PROBLEM, 244 "ipp2p: `--ipp2p' may only be " 245 "specified alone!"); 246 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 247 *flags += IPP2P_WINMX; 248 info->cmd = *flags; 249 break; 250 251 case 'f': /*cmd: ares*/ 252 if ((*flags & IPP2P_ARES) == IPP2P_ARES) 253 exit_error(PARAMETER_PROBLEM, 254 "ipp2p: `--ares' may only be " 255 "specified once!"); 256 if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) 257 exit_error(PARAMETER_PROBLEM, 258 "ipp2p: `--ipp2p' may only be " 259 "specified alone!"); 260 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 261 *flags += IPP2P_ARES; 262 info->cmd = *flags; 263 break; 264 265 case 'g': /*cmd: mute*/ 266 if ((*flags & IPP2P_MUTE) == IPP2P_MUTE) 267 exit_error(PARAMETER_PROBLEM, 268 "ipp2p: `--mute' may only be " 269 "specified once!"); 270 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 271 *flags += IPP2P_MUTE; 272 info->cmd = *flags; 273 break; 274 case 'h': /*cmd: waste*/ 275 if ((*flags & IPP2P_WASTE) == IPP2P_WASTE) 276 exit_error(PARAMETER_PROBLEM, 277 "ipp2p: `--waste' may only be " 278 "specified once!"); 279 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 280 *flags += IPP2P_WASTE; 281 info->cmd = *flags; 282 break; 283 case 'i': /*cmd: xdcc*/ 284 if ((*flags & IPP2P_XDCC) == IPP2P_XDCC) 285 exit_error(PARAMETER_PROBLEM, 286 "ipp2p: `--ares' may only be " 287 "specified once!"); 288 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 289 *flags += IPP2P_XDCC; 290 info->cmd = *flags; 291 break; 292 293 case 'j': /*cmd: debug*/ 294 if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); 295 info->debug = 1; 296 break; 297 298 default: 299 // exit_error(PARAMETER_PROBLEM, 300 // "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); 301 return 0; 302 } 303 return 1; 304 } 305 306 307 static void 308 final_check(unsigned int flags) 309 { 310 if (!flags) 311 exit_error(PARAMETER_PROBLEM, 312 "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); 313 } 314 315 316 317 static void 318 print(const struct ipt_ip *ip, 319 const struct ipt_entry_match *match, 320 int numeric) 321 { 322 struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data; 323 324 printf("ipp2p v%s", IPP2P_VERSION); 325 if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf(" --ipp2p"); 326 // if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf(" --ipp2p-data"); 327 if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf(" --kazaa"); 328 // if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf(" --kazaa-data"); 329 // if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf(" --gnu-data"); 330 if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf(" --gnu"); 331 if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf(" --edk"); 332 // if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf(" --edk-data"); 333 // if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf(" --dc-data"); 334 if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf(" --dc"); 335 if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf(" --bit"); 336 if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf(" --apple"); 337 if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf(" --soul"); 338 if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf(" --winmx"); 339 if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf(" --ares"); 340 if ((info->cmd & IPP2P_MUTE) == IPP2P_MUTE) printf(" --mute"); 341 if ((info->cmd & IPP2P_WASTE) == IPP2P_WASTE) printf(" --waste"); 342 if ((info->cmd & IPP2P_XDCC) == IPP2P_XDCC) printf(" --xdcc"); 343 if (info->debug != 0) printf(" --debug"); 344 printf(" "); 345 } 346 347 348 349 static void 350 save(const struct ipt_ip *ip, const struct ipt_entry_match *match) 351 { 352 struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data; 353 354 if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf("--ipp2p "); 355 // if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf("--ipp2p-data "); 356 if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf("--kazaa "); 357 // if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf("--kazaa-data "); 358 // if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf("--gnu-data "); 359 if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf("--gnu "); 360 if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf("--edk "); 361 // if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf("--edk-data "); 362 // if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf("--dc-data "); 363 if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf("--dc "); 364 if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf("--bit "); 365 if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf("--apple "); 366 if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf("--soul "); 367 if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf("--winmx "); 368 if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf("--ares "); 369 if ((info->cmd & IPP2P_MUTE) == IPP2P_MUTE) printf(" --mute"); 370 if ((info->cmd & IPP2P_WASTE) == IPP2P_WASTE) printf(" --waste"); 371 if ((info->cmd & IPP2P_XDCC) == IPP2P_XDCC) printf(" --xdcc"); 372 if (info->debug != 0) printf("--debug "); 373 } 374 375 376 377 378 static 379 struct iptables_match ipp2p= 380 { 381 .next = NULL, 382 .name = "ipp2p", 383 .version = IPTABLES_VERSION, 384 .size = IPT_ALIGN(sizeof(struct ipt_p2p_info)), 385 .userspacesize = IPT_ALIGN(sizeof(struct ipt_p2p_info)), 386 .help = &help, 387 .init = &init, 388 .parse = &parse, 389 .final_check = &final_check, 390 .print = &print, 391 .save = &save, 392 .extra_opts = opts 393 }; 394 395 396 397 void _init(void) 398 { 399 register_match(&ipp2p); 400 } 401 -
include/linux/netfilter_ipv4/ipt_ipp2p.h
diff -urN iptables.old/include/linux/netfilter_ipv4/ipt_ipp2p.h iptables.dev/include/linux/netfilter_ipv4/ipt_ipp2p.h
old new 1 #ifndef __IPT_IPP2P_H 2 #define __IPT_IPP2P_H 3 #define IPP2P_VERSION "0.8.1_rc1" 4 5 struct ipt_p2p_info { 6 int cmd; 7 int debug; 8 }; 9 10 #endif //__IPT_IPP2P_H 11 12 #define SHORT_HAND_IPP2P 1 /* --ipp2p switch*/ 13 //#define SHORT_HAND_DATA 4 /* --ipp2p-data switch*/ 14 #define SHORT_HAND_NONE 5 /* no short hand*/ 15 16 #define IPP2P_EDK (1 << 1) 17 #define IPP2P_DATA_KAZAA (1 << 2) 18 #define IPP2P_DATA_EDK (1 << 3) 19 #define IPP2P_DATA_DC (1 << 4) 20 #define IPP2P_DC (1 << 5) 21 #define IPP2P_DATA_GNU (1 << 6) 22 #define IPP2P_GNU (1 << 7) 23 #define IPP2P_KAZAA (1 << 8) 24 #define IPP2P_BIT (1 << 9) 25 #define IPP2P_APPLE (1 << 10) 26 #define IPP2P_SOUL (1 << 11) 27 #define IPP2P_WINMX (1 << 12) 28 #define IPP2P_ARES (1 << 13) 29 #define IPP2P_MUTE (1 << 14) 30 #define IPP2P_WASTE (1 << 15) 31 #define IPP2P_XDCC (1 << 16)
Note:
See TracBrowser
for help on using the repository browser.
