Warning: This file is not a C or C++ file. It does not have highlighting.
| 1 | #ifndef _NF_OSF_H |
|---|---|
| 2 | #define _NF_OSF_H |
| 3 | |
| 4 | #include <linux/types.h> |
| 5 | #include <linux/ip.h> |
| 6 | #include <linux/tcp.h> |
| 7 | |
| 8 | #define MAXGENRELEN 32 |
| 9 | |
| 10 | #define NF_OSF_GENRE (1 << 0) |
| 11 | #define NF_OSF_TTL (1 << 1) |
| 12 | #define NF_OSF_LOG (1 << 2) |
| 13 | #define NF_OSF_INVERT (1 << 3) |
| 14 | |
| 15 | #define NF_OSF_LOGLEVEL_ALL 0 /* log all matched fingerprints */ |
| 16 | #define NF_OSF_LOGLEVEL_FIRST 1 /* log only the first matced fingerprint */ |
| 17 | #define NF_OSF_LOGLEVEL_ALL_KNOWN 2 /* do not log unknown packets */ |
| 18 | |
| 19 | #define NF_OSF_TTL_TRUE 0 /* True ip and fingerprint TTL comparison */ |
| 20 | |
| 21 | /* Check if ip TTL is less than fingerprint one */ |
| 22 | #define NF_OSF_TTL_LESS 1 |
| 23 | |
| 24 | /* Do not compare ip and fingerprint TTL at all */ |
| 25 | #define NF_OSF_TTL_NOCHECK 2 |
| 26 | |
| 27 | #define NF_OSF_FLAGMASK (NF_OSF_GENRE | NF_OSF_TTL | \ |
| 28 | NF_OSF_LOG | NF_OSF_INVERT) |
| 29 | /* Wildcard MSS (kind of). |
| 30 | * It is used to implement a state machine for the different wildcard values |
| 31 | * of the MSS and window sizes. |
| 32 | */ |
| 33 | struct nf_osf_wc { |
| 34 | __u32 wc; |
| 35 | __u32 val; |
| 36 | }; |
| 37 | |
| 38 | /* This struct represents IANA options |
| 39 | * http://www.iana.org/assignments/tcp-parameters |
| 40 | */ |
| 41 | struct nf_osf_opt { |
| 42 | __u16 kind, length; |
| 43 | struct nf_osf_wc wc; |
| 44 | }; |
| 45 | |
| 46 | struct nf_osf_info { |
| 47 | char genre[MAXGENRELEN]; |
| 48 | __u32 len; |
| 49 | __u32 flags; |
| 50 | __u32 loglevel; |
| 51 | __u32 ttl; |
| 52 | }; |
| 53 | |
| 54 | struct nf_osf_user_finger { |
| 55 | struct nf_osf_wc wss; |
| 56 | |
| 57 | __u8 ttl, df; |
| 58 | __u16 ss, mss; |
| 59 | __u16 opt_num; |
| 60 | |
| 61 | char genre[MAXGENRELEN]; |
| 62 | char version[MAXGENRELEN]; |
| 63 | char subtype[MAXGENRELEN]; |
| 64 | |
| 65 | /* MAX_IPOPTLEN is maximum if all options are NOPs or EOLs */ |
| 66 | struct nf_osf_opt opt[MAX_IPOPTLEN]; |
| 67 | }; |
| 68 | |
| 69 | struct nf_osf_nlmsg { |
| 70 | struct nf_osf_user_finger f; |
| 71 | struct iphdr ip; |
| 72 | struct tcphdr tcp; |
| 73 | }; |
| 74 | |
| 75 | /* Defines for IANA option kinds */ |
| 76 | enum iana_options { |
| 77 | OSFOPT_EOL = 0, /* End of options */ |
| 78 | OSFOPT_NOP, /* NOP */ |
| 79 | OSFOPT_MSS, /* Maximum segment size */ |
| 80 | OSFOPT_WSO, /* Window scale option */ |
| 81 | OSFOPT_SACKP, /* SACK permitted */ |
| 82 | OSFOPT_SACK, /* SACK */ |
| 83 | OSFOPT_ECHO, |
| 84 | OSFOPT_ECHOREPLY, |
| 85 | OSFOPT_TS, /* Timestamp option */ |
| 86 | OSFOPT_POCP, /* Partial Order Connection Permitted */ |
| 87 | OSFOPT_POSP, /* Partial Order Service Profile */ |
| 88 | |
| 89 | /* Others are not used in the current OSF */ |
| 90 | OSFOPT_EMPTY = 255, |
| 91 | }; |
| 92 | |
| 93 | /* Initial window size option state machine: multiple of mss, mtu or |
| 94 | * plain numeric value. Can also be made as plain numeric value which |
| 95 | * is not a multiple of specified value. |
| 96 | */ |
| 97 | enum nf_osf_window_size_options { |
| 98 | OSF_WSS_PLAIN = 0, |
| 99 | OSF_WSS_MSS, |
| 100 | OSF_WSS_MTU, |
| 101 | OSF_WSS_MODULO, |
| 102 | OSF_WSS_MAX, |
| 103 | }; |
| 104 | |
| 105 | enum nf_osf_attr_type { |
| 106 | OSF_ATTR_UNSPEC, |
| 107 | OSF_ATTR_FINGER, |
| 108 | OSF_ATTR_MAX, |
| 109 | }; |
| 110 | |
| 111 | /* |
| 112 | * Add/remove fingerprint from the kernel. |
| 113 | */ |
| 114 | enum nf_osf_msg_types { |
| 115 | OSF_MSG_ADD, |
| 116 | OSF_MSG_REMOVE, |
| 117 | OSF_MSG_MAX, |
| 118 | }; |
| 119 | |
| 120 | #endif /* _NF_OSF_H */ |
| 121 |
Warning: This file is not a C or C++ file. It does not have highlighting.