⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 ruleip.c

📁 Linux下面截获以态网数据包!是在内核态下面运行的驱动程序
💻 C
字号:
🔍 
#include <linux/module.h> 
#include <linux/config.h> 
#include <linux/init.h> 
#include <linux/netdevice.h> 		/* for dev_base */
#include <linux/fs.h>
#include <linux/slab.h>
#include <linux/sched.h>
#include <linux/file.h>
#include <linux/dnotify.h>
#include <linux/if_ether.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
#include <linux/time.h>
#include <asm/semaphore.h>
#include <asm/unistd.h>

#include "createDir.h"
#include "DomainIPHash.h"
#include "Rule.h"
#include "RuleIp.h"
#include "list.h"
#include "protocol.h"
#include "function.h"

#define GET_CURRENT_TIME_ONE_SECONDE	10000000
#define	MATCH_RULE_IP_HITED				1000000
#define RULE_IP_HASH_TIMEOUT_3M 		180 * GET_CURRENT_TIME_ONE_SECONDE
#define	TIMEOUT_NUMBER					40	//  2个小时

extern GVAR gVar;

int FlushRuleIP( void *arg )
{
	UINT			i, iHash;
	RULE_IP_HASH_BUCKET	*pHead, *pPre;	
	struct timeval	timeout;
	UINT			min_3;

	timeout.tv_sec = RULE_IP_HASH_TIMEOUT_3M;
	i = 0;
	
	min_3 = RULE_IP_HASH_TIMEOUT_3M;
	for( i = 0; i < TIMEOUT_NUMBER; i ++ )
	{
		timeout.tv_sec += min_3;
//		timeout = RtlLargeIntegerAdd( timeout, min_3 );
	}

//	CreateTestRule();

	while( !gVar.CtrlThreadCtx.bParserUnload )
	{
		schedule_timeout( 10 * HZ );
		
		if( i++ > 100 )
		{
			i = 0;
		}
		else
			continue;
		
		for( iHash = 0; iHash < _MAX_RULE_IP_HASH_BUCKET; iHash ++ )
		{
			pPre = NULL;
			pHead = gVar.ruleIPHash[iHash].pHead;
			while( pHead )
			{
				if( ( ( pHead->state & RULE_IP_HASH_BUCKET_STATE_INVALID )
					&& ( pHead->state & RULE_IP_HASH_BUCKET_STATE_DYNAMIC ) ) 
					|| ( ( gVar.gSysCurTime.tv_usec > ( pHead->time.tv_usec + timeout.tv_usec ) )
						&& ( pHead->state & RULE_IP_HASH_BUCKET_STATE_DYNAMIC ) ) )
				{
					break;
				}
				
				pPre = pHead;
				pHead = pHead->pNext;
			}

			if( pHead )
			{
				if( pPre )
					pPre->pNext = pHead->pNext;
				else
					gVar.ruleIPHash[iHash].pHead = pHead->pNext;

				kfree( pHead );
			}
		}
		
	}
	
	return 0;
}

//
//bStatic:	true:静态IP,即直接由规则设置的IP
//			false:动态IP,由其他规则中标后得到的IP
//			对于动态IP,系统会定期检查,超过一定时间和数据将删除
//
void AddRuleIP( UINT sip, UINT ruleID, char bStatic, UINT ruleType)
{
	UINT				iHash;
	RULE_IP_HASH_BUCKET	*pHead;

	iHash = sip % _MAX_RULE_IP_HASH_BUCKET;
	pHead = gVar.ruleIPHash[iHash].pHead;
	while( pHead )
	{
		if( pHead->sip == sip && pHead->ruleID == ruleID )
		{
			printk( "had ip:ruleid:%d\r\n", ruleID );		
			break;
		}

		pHead = pHead->pNext;
	}
	
	if( pHead == NULL )
	{
		//增加ip
		printk( "Add IP: ruleid:%d\r\n", ruleID );
		pHead = ( RULE_IP_HASH_BUCKET *)kmalloc( sizeof( RULE_IP_HASH_BUCKET), GFP_ATOMIC );
		InitRuleIPBucket( pHead );
		pHead->ruleType = ruleType;
		
		if( bStatic )
		{
			pHead->state = RULE_IP_HASH_BUCKET_STATE_VALID | 
				RULE_IP_HASH_BUCKET_STATE_STATIC;
		}
		else
		{
			pHead->state = RULE_IP_HASH_BUCKET_STATE_VALID | 
				RULE_IP_HASH_BUCKET_STATE_DYNAMIC;
		}

		pHead->sip = sip;
		pHead->ruleID = ruleID;
		pHead->pNext = gVar.ruleIPHash[ iHash ].pHead;
		gVar.ruleIPHash[iHash].pHead = pHead;
	}

}


void InitRuleIPBucket( RULE_IP_HASH_BUCKET *p)
{
	memset( p, 0, sizeof(RULE_IP_HASH_BUCKET) );
	p->time = gVar.gSysCurTime;
}

UINT MatchRuleIP( UINT sip )
{
	UINT		ruleID = 0;
	UINT		iHash;
	RULE_IP_HASH_BUCKET	*pHead;
	
	iHash = sip % _MAX_RULE_IP_HASH_BUCKET;
	pHead = gVar.ruleIPHash[ iHash ].pHead;
	while( pHead )
	{
		if( pHead->sip == sip && pHead->state & RULE_IP_HASH_BUCKET_STATE_VALID )
		{
			if( pHead->totalHited ++ > MATCH_RULE_IP_HITED )
			{
				//中标超过一定数量,设置为无效
				pHead->state = RULE_IP_HASH_BUCKET_STATE_INVALID;
			}
			
			ruleID = pHead->ruleID;
			if( pHead->ruleType )
				ruleID |= RULE_RULETYPE_WHITELIST;
			break;
		}
		pHead = pHead->pNext;
	}

	return ruleID;
}

void DeleteRuleIP( UINT sip)
{
	UINT						iHash;
	RULE_IP_HASH_BUCKET		*pHead, *pPre;

	iHash = sip % _MAX_RULE_IP_HASH_BUCKET;
	pPre = NULL;
	pHead = gVar.ruleIPHash[iHash].pHead;
	while( pHead )
	{
		if( pHead->sip == sip )
			break;
		pPre = pHead;
		pHead = pHead->pNext;
	}
	
	if( pHead )
	{
		if( pPre )
		{
			pPre->pNext = pHead->pNext;
		}
		else
			gVar.ruleIPHash[iHash].pHead = pHead->pNext;

		kfree( pHead );
	}
}

void DeleteRuleIPByID( UINT ruleID)
{
	UINT				iHash = 0;
	RULE_IP_HASH_BUCKET	*pHead, *pPre;

	for( iHash = 0; iHash < _MAX_RULE_IP_HASH_BUCKET; iHash++ )
	{
		pPre = NULL;
		pHead = gVar.ruleIPHash[ iHash ].pHead;

		while( pHead )
		{
			if( pHead->ruleID == ruleID )
				break;
			pPre = pHead;
			pHead = pHead->pNext;
		}

		if( pHead )
		{
			if( pPre )
			{
				pPre->pNext = pHead->pNext;
			}
			else
				gVar.ruleIPHash[iHash].pHead = pHead->pNext;
			
			printk( "free ip:%u\r\nfree id:%d", pHead->sip, pHead->ruleID );
			kfree( pHead );
			
		}
	}
}


void CreateTestRule()
{
	RULE	*pRule = NULL;
	UINT	len = 0;
	struct in_address   *pIP = NULL;
	
	pRule = ( RULE *)kmalloc( sizeof(RULE), GFP_ATOMIC );

	if( pRule == NULL )
		return;

	memset( pRule, 0, sizeof( RULE ) );
	pRule->ruleID = 1000;
	pRule->iKey = 78724584;
	pRule->protocolType = RULE_PROTOCOL_QQ;


	AddRule(pRule);

	len = (UINT)strlen("yin_ym@hotmail.com");
	pRule = ( RULE *)kmalloc( sizeof(RULE) + len + 1, GFP_ATOMIC );

	if( pRule == NULL )
		return;

	memset( pRule, 0, sizeof( RULE )+len+1 );
	pRule->ruleID = 1001;
	pRule->iKey = 0;
	pRule->keyLen = (USHORT)len;
	sprintf( pRule->key, "yin_ym@hotmail.com" ); 
	pRule->protocolType = RULE_PROTOCOL_MSN;

	AddRule(pRule);	

	len = (UINT)strlen("bswy@163.com");
	pRule = ( RULE *)kmalloc( sizeof(RULE) + len + 1, GFP_ATOMIC );

	if( pRule == NULL )
		return;


	memset( pRule, 0, sizeof( RULE )+len+1 );
	pRule->ruleID = 1002;
	pRule->iKey = 0;
	pRule->keyLen = (USHORT)len;
	sprintf( pRule->key, "bswy@163.com" ); 
	pRule->protocolType = RULE_PROTOCOL_MAIL;

	AddRule(pRule);		

	pRule = ( RULE *)kmalloc( sizeof(RULE), GFP_ATOMIC );

	if( pRule == NULL )
		return;

	memset( pRule, 0, sizeof( RULE ) );
	pRule->ruleID = 1003;
	pIP = (struct in_address *)&pRule->iKey;
	pIP->s_net = 192;
	pIP->s_host = 168;
	pIP->s_lh = 20;
	pIP->s_impno = 72;
	pRule->protocolType = RULE_PROTOCOL_IP;

	AddRule(pRule);		

	pRule = ( RULE *)kmalloc( sizeof(RULE), GFP_ATOMIC );

	if( pRule == NULL )
		return;

	memset( pRule, 0, sizeof( RULE ) );
	pRule->ruleID = 1004;
	pIP = (struct in_address *)&pRule->iKey;
	pIP->s_net = 192;
	pIP->s_host = 168;
	pIP->s_lh = 0;
	pIP->s_impno = 68;
	pRule->protocolType = RULE_PROTOCOL_IP;

	AddRule(pRule);
}


//
//
//input:	服务器IP
//return:	返回匹中的POST 规则ID,没有匹中则返回0,
//fun:	根据给定的服务器IP从规则IP HASH表中匹配。
//
//

#ifdef ADD_HTTP_POST_FUN

UINT MatchPostRuleIP( UINT dip )
{
	UINT		ruleID = 0;
	UINT		iHash;
	RULE_IP_HASH_BUCKET		*pHead;
	
	iHash = dip%_MAX_RULE_IP_HASH_BUCKET;
	pHead = gVar.ruleIPHash[iHash].pHead;
	while( pHead )
	{
		if( pHead->sip == dip && pHead->state & RULE_IP_HASH_BUCKET_STATE_VALID )
		{			
			ruleID = pHead->ruleID;
			break;
		}
		pHead = pHead->pNext;
	}
	
	return ruleID;
}

#else

UINT MatchPostRuleIP( UINT dip )
{
	return 0;
}

#endif//ADD_HTTP_POST_FUN

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -