-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfilter.c
170 lines (138 loc) · 3.4 KB
/
filter.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
/*
* filter.c
*
* Created on: Feb 27, 2011
* Author: nuno
*/
#include <linux/debugfs.h>
#include "config.h"
#include "pcap_monitoring.h"
#include "table_port.h"
#include "debugfs_support.h"
#ifdef MY_DEBUG
#include "info_acquire.h"
struct filter_info_acquire filter_info = {
.entry = 0,
.src = 0,
.dst = 0,
.rejected = 0
};
static void *filter_seq_start(struct seq_file *p, loff_t *pos)
{
if(*pos > 0)
return NULL;
else
return &filter_info;
}
static void *filter_seq_next(struct seq_file *p, void *v, loff_t *pos)
{
return NULL;
}
static void filter_seq_stop(struct seq_file *p, void *v)
{
}
static int filter_seq_show(struct seq_file *m, void *v)
{
struct filter_info_acquire *info = NULL;
if(v != NULL)
{
info = v;
seq_printf(m,"entries %ld src %ld dst searches %ld and %ld rejected\n",
info->entry, info->src,info->dst,info->rejected);
}
return 0;
}
static const struct seq_operations filter_seq_ops = {
.start = filter_seq_start,
.next = filter_seq_next,
.stop = filter_seq_stop,
.show = filter_seq_show,
};
static int filter_open(struct inode *inode, struct file *file)
{
return seq_open(file,&filter_seq_ops);
}
/*
static int filter_release(struct inode *inode, struct file *file)
{
return 0;
}
*/
static const struct file_operations filter_fops = {
.open = filter_open,
.read = seq_read,
.llseek = seq_lseek,
//.release = filter_release,
.release = seq_release,
.owner = THIS_MODULE,
};
#endif
extern unsigned int (*portExists)(struct packetInfo *src_pi,struct packetInfo *dst_pi);
unsigned int (*Backup_portExists)(struct packetInfo *pi,struct packetInfo *dst_pi);
u64 how_many_times;
u64 search_on_src;
u64 found_on_src;
u64 search_on_dst;
u64 found_on_dst;
unsigned int my_portExists(struct packetInfo *src_pi,struct packetInfo *dst_pi)
{
int sentinel_src = -1;
int sentinel_dst = -1;
how_many_times++;
#ifdef MY_DEBUG
filter_info.entry++;
#endif
/* my_print_debug("src addr %d.%d.%d.%d port %d dst addr %d.%d.%d.%d port %d and protocol %d\n", NIPQUAD(src_pi->address),src_pi->port,NIPQUAD(dst_pi->address),dst_pi->port,src_pi->protocol); */
if(src_pi!=NULL && dst_pi!=NULL)
{
if((src_pi->protocol == UDP || src_pi->protocol == TCP)){
sentinel_src = searchPort(src_pi);
if(sentinel_src)
{
#ifdef MY_DEBUG
filter_info.src++;
#endif
return 1;
}
sentinel_dst = searchPort(dst_pi);
if(sentinel_dst)
{
#ifdef MY_DEBUG
filter_info.dst++;
#endif
return 1;
}
}
}
//my_print_debug("src addr %d.%d.%d.%d port %d dst addr %d.%d.%d.%d port %d and protocol %d\n", NIPQUAD(src_pi->address),src_pi->port,NIPQUAD(dst_pi->address),dst_pi->port,src_pi->protocol);
filter_info.rejected++;
return 0;
}
static void backupFilter(void)
{
Backup_portExists = portExists;
portExists = my_portExists;
}
static void restoreFilter(void){
portExists = Backup_portExists;
}
static const struct file_operations filter_stats_fops = {
.owner = THIS_MODULE,
//.write = pid_write,
//.read =
};
int init_Filter(void)
{
struct dentry *parent;
backupFilter();
parent = createFilterStatDir();
debugfs_create_file("stats",S_IRUSR,parent,NULL,&filter_fops);
how_many_times = 0;
register_filter_calls(&how_many_times);
register_debugfs_file("filter_stats",&filter_stats_fops);
return 0;
}
void exit_Filter(void)
{
restoreFilter();
}