int main( int argc, char* argv[] ) { struct buffer* buf = buffer_new(); buffer_insert_from_array( buf, 0, "Hello World!", 0, 12 ); printf( "%s\n", buffer_pointer( buf ) ); buffer_insert( buf, buffer_length( buf ), '\n' ); buffer_insert_from_array( buf, buffer_length( buf ), "Hello World!", 0, 12 ); printf( "%s\n", buffer_pointer( buf ) ); buffer_del( &buf ); return 0; }
void* main_rules(void *arg) { uint32_t idx = 0; struct timeval tv; BufEcode ecode = 0; struct buffer__ data_arg; struct mq_attr mqattr; mqd_t msqid; uint8_t ret = 0; uint8_t *payload_data = NULL; uint16_t payload_len = 0; struct iphdr *ip_header = NULL; union { struct tcphdr *tcp_header; struct udphdr *udp_header; } u; memset(&tv, 0, sizeof(tv)); memset(&mqattr, 0, sizeof(mqattr)); mqattr.mq_flags |= O_NONBLOCK; mqattr.mq_maxmsg = 512; mqattr.mq_msgsize = sizeof(struct msgbuf); msqid = mq_open("/sialan_firewall", O_WRONLY | O_CREAT, 0644, &mqattr); while (!stop) { if (disable) { tv.tv_sec = 1; tv.tv_usec = 0; select (0, NULL, NULL, NULL, &tv); continue; } memset(&data_arg, 0, sizeof(data_arg)); ecode = buffer_get(&data_arg, idx); if (ecode == BUF_CONTINUE) { tv.tv_sec = 0; tv.tv_usec = 10000; select (0, NULL, NULL, NULL, &tv); continue; } ip_header = (struct iphdr *) data_arg.packet; if (ip_header->protocol == IPPROTO_TCP) { u.tcp_header = (struct tcphdr *) (data_arg.packet + (ip_header->ihl << 2)); payload_data = (uint8_t *) (data_arg.packet + (ip_header->ihl << 2 ) + (u.tcp_header->th_off << 2)); payload_len = htons(ip_header->tot_len) - ((ip_header->ihl << 2) + (u.tcp_header->th_off << 2)); //-------- tcp rules ------------------ ret = is_http_blacklist(payload_data, payload_len, data_arg.ip_db, data_arg.domain_db); if (ret == 1) sendto_error_queue(ip_header, u.tcp_header, NULL, NULL, payload_len, msqid, data_arg.in_device); } else if (ip_header->protocol == IPPROTO_UDP) { u.udp_header = (struct udphdr *) (data_arg.packet + (ip_header->ihl << 2)); payload_data = (uint8_t *) (data_arg.packet + (ip_header->ihl << 2 ) + sizeof(struct udphdr)); payload_len = ntohs(u.udp_header->uh_ulen) - sizeof(struct udphdr); //-------- udp rules -------------------- ret = is_dns_blacklist(payload_data, payload_len, data_arg.domain_db); if (ret == 1) sendto_error_queue(ip_header, NULL, u.udp_header, payload_data, payload_len, msqid, data_arg.in_device); } if ((ret == 2) || (ret == 1)) verdict(data_arg.id, data_arg.qh, NF_DROP); else verdict(data_arg.id, data_arg.qh, NF_ACCEPT); pthread_mutex_lock(&mutex); buffer_del(idx); pthread_mutex_unlock(&mutex); idx++; if (idx >= buffer_get_size()) idx = 0; } mq_close(msqid); mq_unlink("/sialan_firewall"); pthread_exit(NULL); }