void Active_SendUnreach(Packet* p, EncodeType type)
{
uint32_t len;
const uint8_t* rej;
uint32_t flags = GetFlags();
PROTO_ID proto;
if ( !s_attempts )
return;
// do not send ICMP responses to ICMP packets
proto = GetInnerProto(p);
if (
(proto == PROTO_ICMP4)
#ifdef SUP_IP6
|| (proto == PROTO_ICMP6)
#endif
) {
ErrorMessage(
"Active_SendUnreach: ignoring UNR for ICMP packet.\n");
return;
}
rej = Encode_Reject(type, flags, p, &len);
if ( !rej ) return;
s_send(p->pkth, 1, rej, len);
}
int Active_IsUNRCandidate(const Packet* p)
{
switch ( GetInnerProto(p) ) {
case PROTO_UDP:
case PROTO_TCP:
return 1;
default:
break;
}
return 0;
}
int Active_IsUNRCandidate(const Packet* p)
{
// FIXTHIS allow unr to tcp/udp/icmp4/icmp6 only or for all
switch ( GetInnerProto(p) ) {
case PROTO_UDP:
case PROTO_TCP:
case PROTO_ICMP4:
case PROTO_ICMP6:
return 1;
default:
break;
}
return 0;
}
int Active_IsRSTCandidate(const Packet* p)
{
if ( GetInnerProto(p) != PROTO_TCP )
return 0;
if ( !p->tcph )
return 0;
/*
** This ensures that we don't reset packets that we just
** spoofed ourselves, thus inflicting a self-induced DOS
** attack.
*/
return ( !(p->tcph->th_flags & TH_RST) );
}
