📄 match_ip_addr.c

📁 Firestorm NIDS是一个性能非常高的网络入侵检测系统 (NIDS)。目前

💻 C

字号:

#include "match_ip.h"int ipaddr_compare(void *p1, void *p2){	struct ipaddr_priv *a1=(struct ipaddr_priv *)p1;	struct ipaddr_priv *a2=(struct ipaddr_priv *)p2;	if ( a1->addr==a2->addr && a1->mask==a2->mask ) return 0;	return 1;}int parse_ipaddr(char *sstr, u_int32_t *addr, u_int32_t *mask){	char *smask;	struct in_addr tmp;	char str[64];	if ( snprintf(str, sizeof(str), "%s", sstr)<0 )		return 0;	if ( (smask=strchr(str, '/')) ) {		*smask='\0'; smask++;		if ( strchr(smask, '.') ) {			/* Dotted style mask notation (255.255.255.0) */			if ( !inet_aton(smask, &tmp) ) return 0;			*mask=tmp.s_addr;		}else{ /* CIDR notation (/24) */			unsigned int bits;			if ( strtouint(smask, &bits) ) return 0;			if ( bits > 32 || bits < 0 ) return 0;#if __BYTE_ORDER == __BIG_ENDIAN			*mask=~(0xffffffff >> bits);#elif __BYTE_ORDER == __LITTLE_ENDIAN			*mask=~(0xffffffff << bits);#else#error "What in hells name?!"#endif		}	}else{		*mask=-1;	}	if ( !inet_aton(str, &tmp) ) return 0;	*addr=tmp.s_addr;	*addr &= *mask;	return 1;}/* ip_src - Match source IP address */int ip_src_match(struct packet *p, void *priv, unsigned int l, int n){	struct ipaddr_priv *x=priv;	if ( !x ) return 0;	return n ^ ( (p->layer[l].h.ip->saddr&x->mask) == x->addr );}proc_match_match ip_src_validate(char *args, void **priv,	struct criteria *m, u_int32_t *c){	struct ipaddr_priv *p;	if ( !args )		return NULL;	if ( !(p=calloc(1, sizeof(*p))) ) {		return NULL;	}	if ( !parse_ipaddr(args, &p->addr, &p->mask) ) {		free(p);		return NULL;	}	*priv=p;	return ip_src_match;}/* sameip - Match IP packets whose saddr=daddr */int sip_compare(void *p1, void *p2){	return 0;}int sip_match(struct packet *p, void *priv, unsigned int l, int n){	return n ^ ( p->layer[l].h.ip->saddr == p->layer[l].h.ip->daddr );}proc_match_match sip_validate(char *args, void **priv,	struct criteria *m, u_int32_t *c){	*priv=NULL;	return sip_match;}/* ip_dst - Match destination IP address */int ip_dst_match(struct packet *p, void *priv, unsigned int l, int n){	struct ipaddr_priv *x=priv;	if ( !x ) return 0;	return n ^ ( (p->layer[l].h.ip->daddr&x->mask) == x->addr );}proc_match_match ip_dst_validate(char *args, void **priv,	struct criteria *m, u_int32_t *c){	struct ipaddr_priv *p;	if ( !args )		return NULL;	if ( !(p=calloc(1, sizeof(*p))) ) {		return NULL;	}	if ( !parse_ipaddr(args, &p->addr, &p->mask) ) {		free(p);		return NULL;	}	*priv=p;	return ip_dst_match;}

💿 文件大小 458 K

👤 上传用户 jessica12332145

📂 所属分类其他

🏷️ 相关标签

#NIDS #Firestorm #性能 #网络入侵

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -