]>
Commit | Line | Data |
---|---|---|
11eeef41 EP |
1 | /* |
2 | * Copyright (c) 2003+ Evgeniy Polyakov <johnpol@2ka.mxt.ru> | |
3 | * | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License as published by | |
7 | * the Free Software Foundation; either version 2 of the License, or | |
8 | * (at your option) any later version. | |
9 | * | |
10 | * This program is distributed in the hope that it will be useful, | |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
13 | * GNU General Public License for more details. | |
14 | * | |
15 | * You should have received a copy of the GNU General Public License | |
e664eabd | 16 | * along with this program; if not, see <http://www.gnu.org/licenses/>. |
11eeef41 EP |
17 | */ |
18 | ||
19 | #ifndef _XT_OSF_H | |
20 | #define _XT_OSF_H | |
21 | ||
8a3af793 | 22 | #include <linux/types.h> |
1ffad83d MR |
23 | #include <linux/ip.h> |
24 | #include <linux/tcp.h> | |
8a3af793 | 25 | |
11eeef41 EP |
26 | #define MAXGENRELEN 32 |
27 | ||
28 | #define XT_OSF_GENRE (1<<0) | |
29 | #define XT_OSF_TTL (1<<1) | |
30 | #define XT_OSF_LOG (1<<2) | |
31 | #define XT_OSF_INVERT (1<<3) | |
32 | ||
33 | #define XT_OSF_LOGLEVEL_ALL 0 /* log all matched fingerprints */ | |
34 | #define XT_OSF_LOGLEVEL_FIRST 1 /* log only the first matced fingerprint */ | |
35 | #define XT_OSF_LOGLEVEL_ALL_KNOWN 2 /* do not log unknown packets */ | |
36 | ||
37 | #define XT_OSF_TTL_TRUE 0 /* True ip and fingerprint TTL comparison */ | |
38 | #define XT_OSF_TTL_LESS 1 /* Check if ip TTL is less than fingerprint one */ | |
39 | #define XT_OSF_TTL_NOCHECK 2 /* Do not compare ip and fingerprint TTL at all */ | |
40 | ||
41 | struct xt_osf_info { | |
42 | char genre[MAXGENRELEN]; | |
43 | __u32 len; | |
44 | __u32 flags; | |
45 | __u32 loglevel; | |
46 | __u32 ttl; | |
47 | }; | |
48 | ||
49 | /* | |
50 | * Wildcard MSS (kind of). | |
51 | * It is used to implement a state machine for the different wildcard values | |
52 | * of the MSS and window sizes. | |
53 | */ | |
54 | struct xt_osf_wc { | |
55 | __u32 wc; | |
56 | __u32 val; | |
57 | }; | |
58 | ||
59 | /* | |
60 | * This struct represents IANA options | |
61 | * http://www.iana.org/assignments/tcp-parameters | |
62 | */ | |
63 | struct xt_osf_opt { | |
64 | __u16 kind, length; | |
65 | struct xt_osf_wc wc; | |
66 | }; | |
67 | ||
68 | struct xt_osf_user_finger { | |
69 | struct xt_osf_wc wss; | |
70 | ||
71 | __u8 ttl, df; | |
72 | __u16 ss, mss; | |
73 | __u16 opt_num; | |
74 | ||
75 | char genre[MAXGENRELEN]; | |
76 | char version[MAXGENRELEN]; | |
77 | char subtype[MAXGENRELEN]; | |
78 | ||
79 | /* MAX_IPOPTLEN is maximum if all options are NOPs or EOLs */ | |
80 | struct xt_osf_opt opt[MAX_IPOPTLEN]; | |
81 | }; | |
82 | ||
83 | struct xt_osf_nlmsg { | |
84 | struct xt_osf_user_finger f; | |
85 | struct iphdr ip; | |
86 | struct tcphdr tcp; | |
87 | }; | |
88 | ||
89 | /* Defines for IANA option kinds */ | |
90 | ||
91 | enum iana_options { | |
92 | OSFOPT_EOL = 0, /* End of options */ | |
93 | OSFOPT_NOP, /* NOP */ | |
94 | OSFOPT_MSS, /* Maximum segment size */ | |
95 | OSFOPT_WSO, /* Window scale option */ | |
96 | OSFOPT_SACKP, /* SACK permitted */ | |
97 | OSFOPT_SACK, /* SACK */ | |
98 | OSFOPT_ECHO, | |
99 | OSFOPT_ECHOREPLY, | |
100 | OSFOPT_TS, /* Timestamp option */ | |
101 | OSFOPT_POCP, /* Partial Order Connection Permitted */ | |
102 | OSFOPT_POSP, /* Partial Order Service Profile */ | |
103 | ||
104 | /* Others are not used in the current OSF */ | |
105 | OSFOPT_EMPTY = 255, | |
106 | }; | |
107 | ||
108 | /* | |
109 | * Initial window size option state machine: multiple of mss, mtu or | |
110 | * plain numeric value. Can also be made as plain numeric value which | |
111 | * is not a multiple of specified value. | |
112 | */ | |
113 | enum xt_osf_window_size_options { | |
114 | OSF_WSS_PLAIN = 0, | |
115 | OSF_WSS_MSS, | |
116 | OSF_WSS_MTU, | |
117 | OSF_WSS_MODULO, | |
118 | OSF_WSS_MAX, | |
119 | }; | |
120 | ||
121 | /* | |
122 | * Add/remove fingerprint from the kernel. | |
123 | */ | |
124 | enum xt_osf_msg_types { | |
125 | OSF_MSG_ADD, | |
126 | OSF_MSG_REMOVE, | |
127 | OSF_MSG_MAX, | |
128 | }; | |
129 | ||
130 | enum xt_osf_attr_type { | |
131 | OSF_ATTR_UNSPEC, | |
132 | OSF_ATTR_FINGER, | |
133 | OSF_ATTR_MAX, | |
134 | }; | |
135 | ||
136 | #endif /* _XT_OSF_H */ |