tcp_Info_Manager * create_tcp_Info_Manager(void)
{
tcp_Info_Manager *result = NULL;
result = (tcp_Info_Manager *)SEC_MALLOC(sizeof(tcp_Info_Manager));
if (result != NULL)
{
result->tcp_info_lock = __SPIN_LOCK_UNLOCKED(getting_TrackInfo.tcp_info_lock);
}
return result;
}
tcp_TrackInfo * make_tcp_TrackInfo ( struct sk_buff *skb)
{
tcp_TrackInfo *result = NULL;
struct iphdr *iph = (struct iphdr*) ip_hdr(skb);
struct tcphdr *tcph = (struct tcphdr *)skb_transport_header(skb);
result = SEC_MALLOC(sizeof(tcp_TrackInfo));
if (result != NULL)
{ struct sock *pSk = skb->sk;
result->destIP = iph->daddr;
result->srcIP = iph->saddr;
result->destPort = tcph->dest;
result->srcPort = tcph->source;
result->status = NOTSET;
result->id = notifyID++;
result->uid = 0;
if (pSk != NULL)
{
struct socket *pSk_socket = pSk->sk_socket;
if (pSk_socket != NULL)
{
struct file *pFile = pSk_socket->file;
if (pFile != NULL)
{
const struct cred *pCred = pFile->f_cred;
if (pCred != NULL)
{
result->uid = (unsigned int)pCred->fsuid;
}
}
}
}
result->buffered = 0;
}
return result;
}
// sec_filter driver write function
ssize_t sec_url_filter_write( struct file *filp, const char *buf, size_t count, loff_t *f_pos)
{
int result = -EIO;
if ((buf != NULL) && (count >4))
{
short version = *(short *)buf;
int cmd = *(int *)(buf+sizeof(short));
char *data = (char *)(buf+sizeof(short)+sizeof(int));
{
if (version == 0)
{
switch(cmd)
{
case SET_FILTER_MODE: // Turn On and Off filtering.
{
filterMode = *(int *)data;
result = count;
if (filterMode == FILTER_MODE_OFF)
{
wake_up_interruptible(&user_noti_Q);
clean_tcp_TrackInfos(getting_TrackInfo);
clean_tcp_TrackInfos(rejected_TrackInfo);
clean_tcp_TrackInfos(notifying_TrackInfo);
clean_tcp_TrackInfos(notified_TrackInfo);
SEC_FREE(exceptionURL);
SEC_FREE(errorMsg);
}
printk(KERN_INFO "SEC URL Filter Mode : %d\n", filterMode);
}
break;
case SET_USER_SELECT: //version 2, id 4, choice 2
{
tcp_TrackInfo *selectInfo = NULL;
int id = *((int *)(data));
int choice = *((int *)(data+sizeof(unsigned int)));
unsigned int verdict = NF_DROP;
struct nf_queue_entry *entry= NULL;
selectInfo = find_tcp_TrackInfo_withID(notified_TrackInfo, id, 1);
if (selectInfo != NULL)
{
result = count;
entry = (struct nf_queue_entry *)selectInfo->q_entry;
selectInfo->q_entry = NULL;
selectInfo->status = choice;
if (choice == ALLOW || ((filterMode == FILTER_MODE_ON_RESPONSE)||(filterMode == FILTER_MODE_ON_RESPONSE_REFER)))
{
verdict = NF_ACCEPT; //Response case should send packet
}
if (choice == BLOCK)
{
add_tcp_TrackInfo(rejected_TrackInfo, selectInfo); // Add this node to Rejected List.
}
else
{
free_tcp_TrackInfo(selectInfo);
}
nf_reinject(entry, verdict); // Reinject packet with the verdict
}
else
{
printk("SEC_FILTER_URL : NO SUCH ID\n");
}
}
break;
case SET_EXCEPTION_URL:
{
int urlLen = *((int *)(data));
SEC_FREE(exceptionURL);
exceptionURL = SEC_MALLOC(urlLen+1);
if (exceptionURL != NULL)
{
memcpy(exceptionURL, (data+sizeof(int)), urlLen);
result = count;
}
}
break;
case SET_ERROR_MSG:
{
int msgLen = *((int *)(data));
SEC_FREE(errorMsg);
errMsgSize = 0;
errorMsg = SEC_MALLOC(msgLen+1);
if (errorMsg != NULL)
{
memcpy(errorMsg, (data+sizeof(int)), msgLen);
errMsgSize = msgLen;
result = count;
}
}
break;
}
}
}
}
return result;
}