📄 sp_react.c
字号:
FatalError( "ERROR => ParseReact() html_resp_buf malloc filed!\n");
}
bzero((char *)idx->html_resp_buf, buf_size);
tok = strcat(idx->html_resp_buf, tmp_buf1);
tok = strcat(idx->html_resp_buf, VERSION);
tok = strcat(idx->html_resp_buf, tmp_buf2);
if(idx->html_resp_size == 1)
{
tok = strcat(idx->html_resp_buf, otn->message);
}
tok = strcat(idx->html_resp_buf, tmp_buf3);
}
}
else if(idx->reaction_flag == REACT_WARN)
{
/* count the respond buf size (max TCP_DATA_BUF) */
buf_size = strlen(tmp_buf4) + strlen(tmp_buf5) + strlen(tmp_buf6)
+ strlen(VERSION);
if(buf_size > TCP_DATA_BUF)
{
FatalError("ERROR %s (%d): invalid html response buffer size: %d\n", file_name, file_line, buf_size);
}
else
{
/* msg included */
if((idx->html_resp_size == 1) && (buf_size + strlen(otn->message) < TCP_DATA_BUF))
{
buf_size += strlen(otn->message);
}
/* create html response buffer */
if((idx->html_resp_buf=(char *)malloc(sizeof(char)*buf_size))==NULL)
{
FatalError( "ERROR => ParseReact() html_resp_buf malloc filed!\n");
}
bzero((char *)idx->html_resp_buf, buf_size);
tok = strcat(idx->html_resp_buf, tmp_buf4);
tok = strcat(idx->html_resp_buf, VERSION);
tok = strcat(idx->html_resp_buf, tmp_buf5);
if(idx->html_resp_size == 1)
{
tok = strcat(idx->html_resp_buf, otn->message);
}
tok = strcat(idx->html_resp_buf, tmp_buf6);
}
}
/* set the html response buffer size */
idx->html_resp_size = buf_size;
}
return;
}
/****************************************************************************
*
* Function: React(Packet *p, OptTreeNode *otn_tmp)
*
* Purpose: React to hostile connection attempts according to reaction_flag
*
* Arguments: p => pointer to the current packet
* otn => pointer to the current rule option list node
*
* Returns: Always calls the next function (this one doesn't test the data,
* it just closes the connection...)
*
***************************************************************************/
int React(Packet *p, RspFpList *fp_list)
{
ReactData *idx;
int i;
#ifdef DEBUG
printf("In React()\n");
#endif
idx = (ReactData *)fp_list->params;
if(idx == NULL)
{
#ifdef DEBUG
printf("Nothing to do ... leaving");
#endif
return 1;
}
/* check the reaction flag */
if(idx->reaction_flag == REACT_BLOCK)
{
/* send HTML page buffer to a rude browser user and close the connection */
/* incoming */
if((ntohs(p->tcph->th_sport)) == 80 || (ntohs(p->tcph->th_sport)) == idx->proxy_port_nr)
{
for(i = 0; i < 5; i++)
{
SendTCP(p->iph->ip_src.s_addr, p->iph->ip_dst.s_addr,
p->tcph->th_sport, p->tcph->th_dport,
p->tcph->th_seq, p->tcph->th_ack + i,
TH_FIN, idx->html_resp_buf, idx->html_resp_size);
}
for(i = 0; i < 5; i++)
{
SendTCP(p->iph->ip_dst.s_addr, p->iph->ip_src.s_addr,
p->tcph->th_dport, p->tcph->th_sport,
p->tcph->th_ack, p->tcph->th_seq + i,
TH_RST, idx->html_resp_buf, 0);
}
}
/* outgoing */
else if(ntohs(p->tcph->th_dport) == 80 || (ntohs(p->tcph->th_dport)) == idx->proxy_port_nr)
{
for(i = 0; i < 5; i++)
{
SendTCP(p->iph->ip_dst.s_addr, p->iph->ip_src.s_addr,
p->tcph->th_dport, p->tcph->th_sport,
p->tcph->th_ack, p->tcph->th_seq + i,
TH_FIN, idx->html_resp_buf, idx->html_resp_size);
SendTCP(p->iph->ip_src.s_addr, p->iph->ip_dst.s_addr,
p->tcph->th_sport, p->tcph->th_dport,
p->tcph->th_seq, p->tcph->th_ack + i,
TH_RST, idx->html_resp_buf, 0);
}
}
else
/* reset the connection */
{
for(i = 0; i < 5; i++)
{
SendTCP(p->iph->ip_dst.s_addr, p->iph->ip_src.s_addr,
p->tcph->th_dport, p->tcph->th_sport,
p->tcph->th_ack, p->tcph->th_seq + i,
TH_RST, idx->html_resp_buf, 0);
SendTCP(p->iph->ip_src.s_addr, p->iph->ip_dst.s_addr,
p->tcph->th_sport, p->tcph->th_dport,
p->tcph->th_seq, p->tcph->th_ack + i,
TH_RST, idx->html_resp_buf, 0);
}
}
}
else if(idx->reaction_flag == REACT_WARN)
{
/* send HTML warning page buffer to a rude browser user */
/* incoming */
if((ntohs(p->tcph->th_sport)) == 80 || (ntohs(p->tcph->th_sport)) == idx->proxy_port_nr)
{
for(i = 0; i < 5; i++)
{
SendTCP(p->iph->ip_src.s_addr, p->iph->ip_dst.s_addr,
p->tcph->th_sport, p->tcph->th_dport,
p->tcph->th_seq, p->tcph->th_ack + i,
TH_URG, idx->html_resp_buf, idx->html_resp_size);
}
}
/* outgoing */
else if(ntohs(p->tcph->th_dport) == 80 || (ntohs(p->tcph->th_dport)) == idx->proxy_port_nr)
{
for(i = 0; i < 5; i++)
{
SendTCP(p->iph->ip_dst.s_addr, p->iph->ip_src.s_addr,
p->tcph->th_dport, p->tcph->th_sport,
p->tcph->th_ack, p->tcph->th_seq + i,
TH_URG, idx->html_resp_buf, idx->html_resp_size);
}
}
}
return 1;
}
int SendTCP(u_long saddr, u_long daddr, u_short sport, u_short dport, int seq,
int ack, u_char bits, const u_char *data_buf, int data_size)
{
u_char *buf;
int sz = data_size + IP_H + TCP_H;
#ifdef DEBUG
printf("In SendTCP()\n");
#endif
if((buf = malloc(sz)) == NULL)
{
perror("SendTCPRST: malloc");
return -1;
}
memset(buf, 0, sz);
libnet_build_ip(TCP_H,
0xF4,
(unsigned short)libnet_get_prand(PRu16) /* IP ID */,
0 /* fragmentation */,
64 /* TTL */,
IPPROTO_TCP,
saddr,
daddr,
NULL,
0,
(unsigned char *)buf);
libnet_build_tcp(ntohs(sport),
ntohs(dport),
ntohl(seq),
ntohl(ack),
bits,
1024,
0,
data_buf,
data_size,
buf + IP_H);
libnet_do_checksum(buf, IPPROTO_TCP, sz - IP_H);
if(libnet_write_ip(nd, buf, sz) < sz)
{
libnet_error(LIBNET_ERR_CRITICAL, "SendTCP: libnet_write_ip");
return -1;
}
libnet_destroy_packet(&buf);
return 0;
}
#endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -