bool CForbiddenIP::CheckIP(const char* pIP, uint8 u1ConnectType)
{
for(int i = 0; i < (int)m_VecForeverForbiddenIP.size(); i++)
{
if(m_VecForeverForbiddenIP[i].m_u1ConnectType == u1ConnectType && CompareIP(m_VecForeverForbiddenIP[i].m_szClientIP, (char* )pIP) == true)
{
return false;
}
}
for(VecForbiddenIP::iterator b = m_VecTempForbiddenIP.begin(); b != m_VecTempForbiddenIP.end(); b++)
{
if((*b).m_u1ConnectType == u1ConnectType && CompareIP((*b).m_szClientIP, (char* )pIP) == false)
{
//如果是禁止时间段内,则返回false,否则删除定时信息。
if((*b).m_tvBegin.sec() + (*b).m_u4Second > (uint32)ACE_OS::gettimeofday().sec())
{
return false;
}
else
{
m_VecTempForbiddenIP.erase(b);
return true;
}
}
}
return true;
}
INT PacketProcessor(UCHAR *packet, INT len)
{
ARP_PACKET *arp = (ARP_PACKET *)packet;
IP_PACKET *ip = (IP_PACKET *)packet;
UDP_PACKET *udp = (UDP_PACKET *)packet;
if (packet[0] == 0xFF) /* this is a broadcast packet */
{
/*
* We manage the ARP reply process here.
* In the following code, if we have received a ARP request,
* we send ARP reply immediately.
*/
if ((!CompareIP(arp->target_ip, _HostIP)) &&
(arp->protocol == NC2(PROTOCOL_ARP)) && (arp->operation == NC2(ARP_REQUEST)))
{
ARP_Reply(arp->sender_ip, arp->sender_ha);
return 0;
}
if ((ip->ippro == IP_PRO_UDP) && (udp->sport == NC2(67)))
return -1; /* DHCP packet */
return 0;
}
else /* this is a multicast or unicast packet */
{
/*
* This is a unicast packet to us. We are only interested
* in the TCP packets. If this is a TCP packet and we are
* the target host, we will pass this packet to the TCP processor.
*/
if ((ip->ippro == IP_PRO_TCP) && (!CompareIP(ip->destIP, _HostIP)))
{
TCP_Core(packet, len);
return 0;
}
/*
* Check ICMP Echo Request packet -
* if matched, we reply it right here
*/
if ((ip->ippro == IP_PRO_ICMP) && (!CompareIP(ip->destIP, _HostIP)) &&
(packet[34] == 0x08))
{
NETBUF *txbuf;
IP_PACKET *tx_ip;
if ((txbuf = NetBuf_AllocateIR()) == NULL)
return -1;
/* duplicate packet then modify it */
memcpy((CHAR *)&txbuf->packet[0], (CHAR *)&packet[0], len);
txbuf->len = len;
tx_ip = (IP_PACKET *)txbuf->packet;
memcpy((CHAR *)tx_ip->tMAC, (CHAR *)ip->sMAC, 6);
memcpy((CHAR *)tx_ip->sMAC, (CHAR *)_HostMAC, 6);
tx_ip->protocol = NC2(PROTOCOL_IP);
tx_ip->vers_hlen = 0x45; /* fixed value, do not change it */
tx_ip->stype = 0; /* no special priority */
tx_ip->tlen = NC2(60);
tx_ip->id = NC2(_IP_packet_ID);
tx_ip->ffrag = 0;
tx_ip->ttl = 64;
tx_ip->ippro = IP_PRO_ICMP;
tx_ip->hdrchksum = 0;
memcpy((CHAR *)tx_ip->srcIP, (CHAR *)_HostIP, 4);
memcpy((CHAR *)tx_ip->destIP, (CHAR *)ip->srcIP, 4);
tx_ip->hdrchksum = ~Nchksum((UINT16 *)&tx_ip->vers_hlen, 10); /* 20 bytes */
_IP_packet_ID++;
/* ICMP reply */
txbuf->packet[34] = 0;
/* ICMP checksum */
txbuf->packet[36] = 0;
txbuf->packet[37] = 0;
*(UINT16 *)&txbuf->packet[36] = ~Nchksum((UINT16 *)&txbuf->packet[34], (txbuf->len - 34) / 2);
NIC_SendPacket(txbuf);
return 0;
}
if ((ip->ippro == IP_PRO_UDP) && (udp->sport == NC2(67)))
return -1; /* DHCP packet */
if ((ip->ippro == IP_PRO_UDP) && (!CompareIP(ip->destIP, _HostIP)))
return -1; /* UDP packet for us */
}
return 0;
}