snot.h

IPv4下发伪造包的程序

/* Snot header file */

#define VERSION "V0.91 (alpha)"

#include <stdio.h>

#if(WIN32)

#define _WIN32_WINNT 0x0400
#include <windows.h>
#include "getopt.h"

#else

#include <unistd.h>

#endif

#include <libnet.h>

#if(WIN32)
#define STRCASECMP _stricmp
#define STRNICMP _strnicmp
#else
#define STRCASECMP strcasecmp
#define STRNICMP strncmp
#endif

#ifndef FALSE
#define FALSE               0
#endif

#ifndef TRUE
#define TRUE                1
#endif

/* Arbitrary maximum size of a parseable rule */
#define RULE_MAX			1024

/* Protocol Types */
#define TCP		1
#define UDP		2
#define ICMP	3
/* Port Types */
#define ANY		-1
/* Option Types */
#define MSG				0
#define TTL				1
#define TOS				2
#define ID				3
#define IPOPTS			4
#define FRAGBITS		5
#define DSIZE			6
#define FLAGS			7
#define SEQ				8
#define ACK				9
#define ITYPE			10
#define ICODE			11
#define ICMP_ID			12
#define ICMP_SEQ		13
#define CONTENT			14
#define CONTENT_LIST	15
#define OFFSET			16
#define DEPTH			17
#define NOCASE			18
#define RPC				19
#define REFERENCE		20

/* How many options we allow for */
#define OPTION_MAX		21

/* IP Options */
#define RR				0
#define EOL				1
#define NOP				2
#define TS				3
#define SEC				4
#define LSRR			5
#define LSRRE			6
#define SSRR			7
#define SATID			8

#define IPOPTS_MAX		9

/* TCP Flags - Bitmask*/
#define TFIN			1
#define TSYN			2
#define TRST			4
#define TPSH			8
#define TACK			16
#define TURG			32
#define TRES2			64
#define TRES1			128
#define TPLUS			256
#define TSTAR			512
#define TMINUS			1024
#define TZERO			2048	/* Undocumented unless you read code.. yay for marty */

/* Fragmentation Flags - Bitmask */
#define FRAGR			1
#define FRAGD			2
#define FRAGM			4
#define FRAGMINUS		8
#define FRAGPLUS		16
#define FRAGSTAR		32

/* DSize options */
#define DSIZEGT			1
#define DSIZELT			2
#define DSIZEEQ			3

struct dsize
{
	int gtlt;
	int size;
};

struct content
{
	int size;
	char *pcont;
};

struct var_list
{
	char *varname;
	char *value;
	struct var_list *next;
};

struct addr_list
{
	unsigned long addr;
	unsigned long addrmask;
	int addrnot;
	struct addr_list *next;
};

/* A snort rule! */
struct rule
{
	int proto;
	struct addr_list *srcaddr;
	int srcnum;							/* Number of source addresses */
	struct addr_list *destaddr;
	int destnum;						/* Number of destination addresses */
	int srcport;
	int srcportnot;
	int bidirectional;					// direction of transmission
	int destport;
	int destportnot;
	char *optionlist[OPTION_MAX];		/* Array of arguments indexed by option code */
	struct rule *next;		/* next rule */
};


/* Extra TCP flags they missed in libnet */
#if!(WIN32)
#define TH_PSH			0x08
#endif
#define TH_RES2         0x40
#define TH_RES1         0x80

/* Externs */
extern char *option_text[OPTION_MAX];
extern char *ipopts_text[IPOPTS_MAX];
extern int total_rules;
extern char *rulefile;
extern struct rule *rulehead;
extern struct var_list *vhead;
extern unsigned long netmask[33];

/* Functions */
int parse_rules(char *msrc, char *mdst, char *rulefile);
void print_rule(struct rule *rulepnt);
void print_var(struct var_list *var);
int send_packets(int mdly, int mnum);