📄 match_tcp_flow.c
字号:
#include "match_tcp.h"int flow_match(struct packet *pkt, void *priv, unsigned int l, int n){ struct longrange *x=priv; return ( n ^ ((pkt->layer[l+1].flags&x->max)==x->min) );}proc_match_match stateless_validate(char *args, void **priv, struct criteria *m, u_int32_t *c){ struct longrange *p; /* 0/0 is what we want, no need to do anything */ if ( !(p=calloc(1, sizeof(*p))) ) return NULL; *priv=p; return flow_match;}proc_match_match flow_validate(char *args, void **priv, struct criteria *m, u_int32_t *c){ struct longrange l={FLAG_TCP_STATE,FLAG_TCP_STATE}; struct longrange *p; char *tok, *cur, end=0; if ( !args ) goto defaults; for(tok=cur=args; !end; cur++) { if ( *cur==',' || *cur==0 ) { if ( *cur==0 ) end=1; *cur=0; if ( !strcmp(tok, "to_server") || !strcmp(tok, "from_client")) { l.max|=FLAG_TCP_2SVR; l.min|=FLAG_TCP_2SVR; }else if ( !strcmp(tok, "to_client") || !strcmp(tok, "from_server") ) { l.max|=FLAG_TCP_2SVR; l.min&=~FLAG_TCP_2SVR; }else if ( !strcmp(tok, "stateless") ) { l.max&=~FLAG_TCP_STATE; l.min&=~FLAG_TCP_STATE; }else if ( !strcmp(tok, "established") ) { l.max|=FLAG_TCP_SURE; l.min|=FLAG_TCP_SURE; }else if ( !strcmp(tok, "no_stream") ) { /* Not supported yet */ }else return NULL; tok=cur+1; } }defaults: /* Oh, alright then, have some of my precious heap! */ if ( !(p=malloc(sizeof(*p))) ) return NULL; memcpy(p, &l, sizeof(*p)); *priv=p; return flow_match;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -