public
/
dhcp_protect
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 2 Wiki Activité
A userspace application that filters DHCP floods to protect a DHCP server. It uses the Netfilter userspace packet queuing API.
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
30 Révisions
1 Branche
Aborescence: 64cb08090a
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '64cb08090a'
${ noResults }
dhcp_protect/dhcp_protect.h

dhcp_protect.h 2.0KB
Brut Annotations Historique

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. 

  2. //   Copyright 2019 Pascal Gloor

  3. //

  4. //   Licensed under the Apache License, Version 2.0 (the "License");

  5. //   you may not use this file except in compliance with the License.

  6. //   You may obtain a copy of the License at

  7. //

  8. //     http://www.apache.org/licenses/LICENSE-2.0

  9. //

  10. //   Unless required by applicable law or agreed to in writing, software

  11. //   distributed under the License is distributed on an "AS IS" BASIS,

  12. //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. //   See the License for the specific language governing permissions and

  14. //   limitations under the License.

  15. 

  16. typedef struct dp_conf {

  17. 	int pktint;

  18. 	int interval;

  19. 	int debug;

  20. 	int bltime;

  21. 	int queue;

  22. 	int dryrun;

  23. } dp_conf;

  24. 

  25. typedef struct dp_accounting {

  26. 	unsigned char remoteid[256];

  27. 	int len;

  28. 	int count;

  29. 	UT_hash_handle hh;

  30. } dp_accounting;

  31. 

  32. typedef struct dp_blacklist {

  33. 	unsigned char remoteid[256];

  34. 	int len;

  35. 	time_t expire;

  36. 	UT_hash_handle hh;

  37. } dp_blacklist;

  38. 

  39. // global hash lists

  40. static dp_accounting *accountings = NULL;

  41. static dp_blacklist *blacklists = NULL;

  42. // timestamp for cleanup interval

  43. static time_t dp_accountingtime = 0;

  44. static time_t dp_cleanuptime = 0;

  45. 

  46. static int dp_callback (

  47. 	struct nfq_q_handle*,

  48. 	struct nfgenmsg*,

  49. 	struct nfq_data*,

  50. 	void*);

  51. 

  52. void       dp_usage               (char*);

  53. dp_conf   *dp_load_config         (dp_conf*, char*);

  54. void       dp_nfq_start           (dp_conf*);

  55. void       dp_accounting_add   (dp_conf*, unsigned char *, int);

  56. int        dp_accounting_check (dp_conf*, unsigned char *, int);

  57. void       dp_blacklist_add    (dp_conf*, unsigned char *, int);

  58. int        dp_blacklist_check  (dp_conf*, unsigned char *, int);

  59. void       dp_hash_cleanup     (dp_conf*);

  60. void       dp_log              (unsigned char *, int, char *, ...);

  61. int        dp_dhcp_check       (struct nfq_data*, dp_conf*);

  62. 

  63. void dp_dhcpv4_check (

  64. 	dp_conf*,

  65. 	unsigned char*,

  66. 	int,

  67. 	int,

  68. 	unsigned char**,

  69. 	int*);

  70. 

  71. void dp_dhcpv6_check (

  72. 	dp_conf*,

  73. 	unsigned char*,

  74. 	int,

  75. 	int,

  76. 	unsigned char**,

  77. 	int*);