Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 22:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Update PacketFilter/Discarder code for IP version independence.

Browse source 
The signatures of script-layer functions 'discarder_check_ip',
'discarder_check_tcp', 'discarder_check_udp', and 'discarder_check_icmp'
were changed to use the more general 'pkt_hdr' type as a parameter
instead of individual header types.
This commit is contained in:
Jon Siwek 2012-03-08 13:12:04 -06:00
parent 76ef36e048
commit 0b32c980bf
13 changed files with 251 additions and 194 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/PacketFilter.cc
View file

@ -71,9 +71,7 @@ bool PacketFilter::MatchFilter(const Filter& f, const IP_Hdr& ip,
if ( ip.NextProto() == IPPROTO_TCP && f.tcp_flags )
{
// Caution! The packet sanity checks have not been performed yet
const struct ip* ip4 = ip.IP4_Hdr();
int ip_hdr_len = ip4->ip_hl * 4;
int ip_hdr_len = ip.HdrLen();
len -= ip_hdr_len; // remove IP header
caplen -= ip_hdr_len;
@ -82,8 +80,7 @@ bool PacketFilter::MatchFilter(const Filter& f, const IP_Hdr& ip,
// Packet too short, will be dropped anyway.
return false;
const struct tcphdr* tp =
(const struct tcphdr*) ((u_char*) ip4 + ip_hdr_len);
const struct tcphdr* tp = (const struct tcphdr*) ip.Payload();
if ( tp->th_flags & f.tcp_flags )
// At least one of the flags is set, so don't drop