From: zhongyu <zhongyu@18mail.cn>
To: netfilter dev <netfilter-devel@lists.netfilter.org>
Subject: [MATCH] a match for qq
Date: Tue, 18 Jul 2006 06:51:44 +0800 [thread overview]
Message-ID: <1153176704.15818.1.camel@localhost.localdomain> (raw)
QQ is a very popular IM tool in Chinese. Some people may need this
match :-)
###########This is the begin of ipt_qq.c########
/***************************************************
* ipt_qq : a iptables match for qq
*
* Author : Triplex Chung <xxx.phy@gmail.com>
*
***************************************************/
#include <linux/config.h>
#include <linux/skbuff.h>
#include <linux/kmod.h>
#include <linux/vmalloc.h>
#include <linux/netdevice.h>
#include <linux/module.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
#include <linux/icmp.h>
#include <linux/types.h>
#include <linux/spinlock.h>
#include <linux/sched.h>
#include <linux/sysctl.h>
#include <linux/timer.h>
#include <net/ip.h>
#include <asm/uaccess.h>
#include <asm/semaphore.h>
MODULE_LICENSE("GPL");
static int mach_qq_bin(unsigned char *data, int dlen)
{
if(dlen < 6)
return 0;
if(data[0] != 0x2)
return 0;
if(data[3] != 0x0)
return 0;
if(data[4] != 0x16 || data[4] != 0x62)
return 0;
if(data[dlen - 1] != 0x3)
return 0;
return 1;
}
static int
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
const void *matchinfo,
int offset,
const void *hdr,
u_int16_t datalen,
int *hotdrop)
{
int dlen;
unsigned char *data;
struct iphdr *iph;
/* Must not be a fragment. */
if(offset)
return 0;
/*make sure that skb is linear*/
if(skb_is_nonlinear(skb)){
printk("QQ.match: nonlinear skb found\n");
return 0;
}
iph = skb->nh.iph;
if(iph->protocol == IPPROTO_TCP) {
struct tcphdr *th = (void *)iph + iph->ihl * 4;
if (th->fin)
return 0;
if (th->syn)
return 0;
if (th->rst)
return 0;
/*if(ntohs(th->dest) != 80) {
return 0;
}*/
dlen = ntohs(iph->tot_len) - (iph->ihl * 4) - th->doff *
4;
data = (void *)th + th->doff * 4;
return mach_qq_bin(data, dlen);
} else if (iph->protocol == IPPROTO_UDP) {
struct udphdr *uh = (void *)iph + iph->ihl * 4;
dlen = ntohs(iph->tot_len) - (iph->ihl * 4) -
sizeof(struct udphdr);
data = (void *)uh + sizeof(struct udphdr);
return mach_qq_bin(data, dlen);
}
return 0;
}
static int
checkentry(const char *tablename,
const struct ipt_ip *ip,
void *matchinfo,
unsigned int matchsize,
unsigned int hook_mask)
{
return 1;
}
static struct ipt_match qq_match = {
.name = "qq",
.match = &match,
.checkentry = &checkentry,
.me = THIS_MODULE
};
static int __init init(void)
{
return ipt_register_match(&qq_match);
}
static void __exit fini(void)
{
}
MODULE_AUTHOR("TripleX Chung <xxx.phy@gmail.com>");
MODULE_DESCRIPTION("An extension to iptables to identify QQ.");
MODULE_LICENSE("GPL");
module_init(init);
module_exit(fini);
##############this is the end of ipt_qq.c########
#############this is the begin of libipt_qq.c########
#include <stdio.h >
#include <netdb.h>
#include <string.h>
#include <stdlib.h>
#include <limits.h>
#include <getopt.h>
#include <iptables.h>
/* Function which prints out usage message. */
static void
help(void)
{
printf("no options %s", IPTABLES_VERSION);
}
static struct option opts[] = {
{0}
};
/* Initialize the target. */
static void
init(struct ipt_entry_match *m, unsigned int *nfcache)
{
}
/* Function which parses command options; returns true if it
ate an option */
static int
parse(int c, char **argv, int invert, unsigned int *flags,
const struct ipt_entry *entry,
unsigned int *nfcache,
struct ipt_entry_match **match)
{
return 1;
}
/* Final check; don't care. */
static void final_check(unsigned int flags)
{
}
/* Saves the targinfo in parsable form to stdout. */
static void
save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
{
}
static
struct iptables_match qq
= { NULL,
"qq",
IPTABLES_VERSION,
IPT_ALIGN(0),
IPT_ALIGN(0),
&help,
&init,
&parse,
&final_check,
NULL, /* print */
&save,
opts
};
void _init(void)
{
register_match(&qq);
}
###########this is the end of libipt_qq.c########
next reply other threads:[~2006-07-17 22:51 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-17 22:51 zhongyu [this message]
2006-07-20 16:26 ` [MATCH] a match for qq Patrick McHardy
2006-07-20 3:31 ` zhongyu
2006-07-20 21:47 ` Toby DiPasquale
2006-07-20 23:21 ` Patrick McHardy
2006-07-20 23:39 ` Patrick McHardy
2006-07-22 2:20 ` zhongyu
2006-07-25 1:24 ` Patrick McHardy
2006-07-24 11:06 ` zhongyu
2006-07-25 12:23 ` Samuel Jean
2006-07-25 4:10 ` zhongyu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1153176704.15818.1.camel@localhost.localdomain \
--to=zhongyu@18mail.cn \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.