📄 util.c
字号:
{
*prenode=ppre;
return;
}
ppre=pnext;
pnext=ppre->next;
}
//pnext==null
*prenode=ppre;
return;
}
}
///////////////////////////////////////////////
//插入新的端口节点到端口链表末尾的函数
//
//参数
//
//返回值
//
//备注
void UTIL_InsertNewPortNode(struct KeyList *pprenode,
struct KeyList *pnewnode
)
{
if (pprenode==NULL)
{
pnewnode->next=g_Rules.global.pkeylist;
g_Rules.global.pkeylist=pnewnode;
}
else
{
pnewnode->next=pprenode->next;
pprenode->next=pnewnode;
}
}
///////////////////////////////////////////////
//插入端口节点函数
//
//参数
//
//返回值
//
//备注
void UTIL_UpdatePortNode(struct Interface_Keyword *pkeyhead,
char *key,
ULONG keylen
)
{
struct KeyList *pnode;
struct KeyList *prenode,*nextnode,*pnewport;
struct Keyword *pnewkey;
if (pnode=UTIL_FindPortNode(pkeyhead->port))
{
UTIL_InsertKeyNode(pnode,pkeyhead->id,key,keylen);
}
else
{
pnewkey=(struct Keyword *)UTIL_AllocateMemory(sizeof(struct Keyword));
pnewport=(struct KeyList *)UTIL_AllocateMemory(sizeof(struct KeyList));
pnewkey->id=pkeyhead->id;
pnewkey->keyword=key;
pnewkey->len=keylen;
pnewkey->overlap=(short *)UTIL_AllocateMemory((keylen+1)*sizeof(short));
UTIL_getnext(pnewkey->keyword,pnewkey->len ,pnewkey->overlap);
pnewkey->next=NULL;
pnewport->port=pkeyhead->port;
pnewport->pkeyword=pnewkey;
UTIL_FindRightPlace(&prenode,pnewport->port);
UTIL_InsertNewPortNode(prenode,pnewport);
}
}
///////////////////////////////////////////////
//关键字增加函数
//
//参数
//
//返回值
//
//备注
void UTIL_AddKeyword(PVOID keyword,ULONG buflen)
{
struct Interface_Keyword *pkeyhead;
char *key;
ULONG keylen;
PVOID keybuf;
keybuf=UTIL_AllocateMemory(buflen);
memcpy(keybuf,keyword,buflen);
pkeyhead=(struct Interface_Keyword *)keybuf;
key=(char *)keybuf+sizeof(struct Interface_Keyword);
keylen=buflen-sizeof(struct Interface_Keyword);
UTIL_UpdatePortNode(pkeyhead,key,keylen);
}
///////////////////////////////////////////////
//关键字删除函数
//
//参数
//
//返回值
//
//备注
void UTIL_DelKeyword(void)
{
struct KeyList *ptr_current=NULL;
struct KeyList *ptr_next=NULL;
if (g_Rules.global.pkeylist!=NULL)
{
ptr_current=g_Rules.global.pkeylist;
ptr_next=ptr_current->next;
while (ptr_current!=NULL)
{
UTIL_FreeMemory((void *)ptr_current);
ptr_current=ptr_next;
if (ptr_current!=NULL)
ptr_next=ptr_current->next;
}
g_Rules.global.pkeylist=NULL;
}
return;
}
///////////////////////////////////////////////
//数据检查函数
//
//参数
//data 被检查的数据
//datasize mean as name
//nSport 源端口
//nDport 目标端口
//
//返回值
//true ------被检查的数据中包含关键字
//false ------被检查的数据中不包含关键字
//
//备注
//检查包中的数据是否包含关键字
BOOLEAN UTIL_ExamineData(
char *data,
int datasize,
USHORT nSport,
USHORT nDport
)
{
struct Keyword *nextkey;
struct KeyList *nextkeylist;
BOOLEAN bDataContain;
//if 要检查数据包内容 并且 端口符合
if (g_Rules.global.pkeylist)
{
//调用数据检查函数UTIL_kmp(.....)
nextkeylist=g_Rules.global.pkeylist;
while (nextkeylist && (nextkeylist->port==nSport || nextkeylist->port==nDport))
{
nextkey=nextkeylist->pkeyword;
while(nextkey)
{
bDataContain=UTIL_kmp(
data,
datasize,
nextkey->keyword,
nextkey->len,
nextkey->overlap
);
//if 包含关键字 返回 TRUE
if (bDataContain)
{
return (TRUE);
}
nextkey=nextkey->next;
}
nextkeylist=nextkeylist->next;
}
//无关键字匹配
return FALSE;
}
return FALSE;
}
/*-----------------------------------------------------------
------------------------------------------------------------*/
///////////////////////////////////////////////////
// debug function
//
//
void do_nothing()
{
;
;
}
/////////////////////////////////////////////////////////////////
//
//函数UTIL_AddAllrules
//
//参数
//all_rules
//
//返回值
//是,否成功
//
//
//备注
//增加所有规则
/*
BOOLEAN UTIL_AddAllrules(struct All_Rules *pallrules)
{
int i;
struct Fw_Rule_Node *ptcprule,*pt_in,*pt_out;
struct Fw_Rule_Node *pudprule,*pu_in,*pu_out;
struct Fw_Rule_Node *picmprule,*pi_in,*pi_out;
struct Fw_Rule_Node *prestiprule,*pr_in,*pr_out;
for(i=0;i<pallrules->rules_num;i++)
{
switch (pallrules->Rules[i].proto)
{
case PT_TCP:
if (pallrules->Rules[i].direct & DT_IN)
{
ptcprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
ptcprule->action=pallrules->Rules[i].action;
ptcprule->s_port[0]=pallrules->Rules[i].s_port[0];
ptcprule->s_port[1]=pallrules->Rules[i].s_port[1];
ptcprule->d_port[0]=pallrules->Rules[i].d_port[0];
ptcprule->d_port[1]=pallrules->Rules[i].d_port[1];
ptcprule->sp_operator=pallrules->Rules[i].sp_operator;
ptcprule->dp_operator=pallrules->Rules[i].dp_operator;
ptcprule->direct=pallrules->Rules[i].direct;
ptcprule->ID=pallrules->Rules[i].id;
ptcprule->warn_enable=pallrules->Rules[i].warn_enable;
ptcprule->log_enable=pallrules->Rules[i].log_enable;
ptcprule->ip=pallrules->Rules[i].ip;
ptcprule->mask=pallrules->Rules[i].mask;
ptcprule->schedule.enable=pallrules->Rules[i].time.time_enable;
ptcprule->schedule.start_time=pallrules->Rules[i].time.start_time;
ptcprule->schedule.end_time=pallrules->Rules[i].time.end_time;
ptcprule->tcpflag=pallrules->Rules[i].tcpflag;
ptcprule->next=NULL;
if (g_Rules.tcp.pin==NULL) //头节点
{
g_Rules.tcp.pin=ptcprule;
pt_in=ptcprule;
}
else
{
pt_in->next=ptcprule;
pt_in=ptcprule;
}
}
if(pallrules->Rules[i].direct & DT_OUT)
{
ptcprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
ptcprule->action=pallrules->Rules[i].action;
ptcprule->s_port[0]=pallrules->Rules[i].s_port[0];
ptcprule->s_port[1]=pallrules->Rules[i].s_port[1];
ptcprule->d_port[0]=pallrules->Rules[i].d_port[0];
ptcprule->d_port[1]=pallrules->Rules[i].d_port[1];
ptcprule->sp_operator=pallrules->Rules[i].sp_operator;
ptcprule->dp_operator=pallrules->Rules[i].dp_operator;
ptcprule->direct=pallrules->Rules[i].direct;
ptcprule->ID=pallrules->Rules[i].id;
ptcprule->warn_enable=pallrules->Rules[i].warn_enable;
ptcprule->log_enable=pallrules->Rules[i].log_enable;
ptcprule->ip=pallrules->Rules[i].ip;
ptcprule->mask=pallrules->Rules[i].mask;
ptcprule->schedule.enable=pallrules->Rules[i].time.time_enable;
ptcprule->schedule.start_time=pallrules->Rules[i].time.start_time;
ptcprule->schedule.end_time=pallrules->Rules[i].time.end_time;
ptcprule->tcpflag=pallrules->Rules[i].tcpflag;
ptcprule->next=NULL;
if (g_Rules.tcp.pout==NULL) //头节点
{
g_Rules.tcp.pout=ptcprule;
pt_out=ptcprule;
}
else
{
pt_out->next=ptcprule;
pt_out=ptcprule;
}
}
break;
case PT_UDP:
if (pallrules->Rules[i].direct&DT_IN)
{
pudprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
pudprule->action=pallrules->Rules[i].action;
pudprule->s_port[0]=pallrules->Rules[i].s_port[0];
pudprule->s_port[1]=pallrules->Rules[i].s_port[1];
pudprule->d_port[0]=pallrules->Rules[i].d_port[0];
pudprule->d_port[1]=pallrules->Rules[i].d_port[1];
pudprule->sp_operator=pallrules->Rules[i].sp_operator;
pudprule->dp_operator=pallrules->Rules[i].dp_operator;
pudprule->direct=pallrules->Rules[i].direct;
pudprule->ID=pallrules->Rules[i].id;
pudprule->warn_enable=pallrules->Rules[i].warn_enable;
pudprule->log_enable=pallrules->Rules[i].log_enable;
pudprule->ip=pallrules->Rules[i].ip;
pudprule->mask=pallrules->Rules[i].mask;
pudprule->schedule.enable=pallrules->Rules[i].time.time_enable;
pudprule->schedule.start_time=pallrules->Rules[i].time.start_time;
pudprule->schedule.end_time=pallrules->Rules[i].time.end_time;
pudprule->next=NULL;
if (g_Rules.udp.pin==NULL) //头节点
{
g_Rules.udp.pin=pudprule;
pu_in=pudprule;
}
else
{
pu_in->next=pudprule;
pu_in=pudprule;
}
}
if (pallrules->Rules[i].direct&DT_OUT)
{
pudprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
pudprule->action=pallrules->Rules[i].action;
pudprule->s_port[0]=pallrules->Rules[i].s_port[0];
pudprule->s_port[1]=pallrules->Rules[i].s_port[1];
pudprule->d_port[0]=pallrules->Rules[i].d_port[0];
pudprule->d_port[1]=pallrules->Rules[i].d_port[1];
pudprule->sp_operator=pallrules->Rules[i].sp_operator;
pudprule->dp_operator=pallrules->Rules[i].dp_operator;
pudprule->direct=pallrules->Rules[i].direct;
pudprule->ID=pallrules->Rules[i].id;
pudprule->warn_enable=pallrules->Rules[i].warn_enable;
pudprule->log_enable=pallrules->Rules[i].log_enable;
pudprule->ip=pallrules->Rules[i].ip;
pudprule->mask=pallrules->Rules[i].mask;
pudprule->schedule.enable=pallrules->Rules[i].time.time_enable;
pudprule->schedule.start_time=pallrules->Rules[i].time.start_time;
pudprule->schedule.end_time=pallrules->Rules[i].time.end_time;
pudprule->next=NULL;
if (g_Rules.udp.pout==NULL) //头节点
{
g_Rules.udp.pout=pudprule;
pu_out=pudprule;
}
else
{
pu_out->next=pudprule;
pu_out=pudprule;
}
}
break;
case PT_ICMP:
if (pallrules->Rules[i].direct&DT_IN)
{
picmprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
picmprule->action=pallrules->Rules[i].action;
picmprule->direct=pallrules->Rules[i].direct;
picmprule->ID=pallrules->Rules[i].id;
picmprule->warn_enable=pallrules->Rules[i].warn_enable;
picmprule->log_enable=pallrules->Rules[i].log_enable;
picmprule->ip=pallrules->Rules[i].ip;
picmprule->mask=pallrules->Rules[i].mask;
picmprule->schedule.enable=pallrules->Rules[i].time.time_enable;
picmprule->schedule.start_time=pallrules->Rules[i].time.start_time;
picmprule->schedule.end_time=pallrules->Rules[i].time.end_time;
picmprule->next=NULL;
if (g_Rules.icmp.pin==NULL) //头节点
{
g_Rules.icmp.pin=picmprule;
pi_in=picmprule;
}
else
{
pi_in->next=picmprule;
pi_in=picmprule;
}
}
if (pallrules->Rules[i].direct&DT_OUT)
{
picmprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
picmprule->action=pallrules->Rules[i].action;
picmprule->direct=pallrules->Rules[i].direct;
picmprule->ID=pallrules->Rules[i].id;
picmprule->warn_enable=pallrules->Rules[i].warn_enable;
picmprule->log_enable=pallrules->Rules[i].log_enable;
picmprule->ip=pallrules->Rules[i].ip;
picmprule->mask=pallrules->Rules[i].mask;
picmprule->schedule.enable=pallrules->Rules[i].time.time_enable;
picmprule->schedule.start_time=pallrules->Rules[i].time.start_time;
picmprule->schedule.end_time=pallrules->Rules[i].time.end_time;
picmprule->next=NULL;
if (g_Rules.icmp.pout==NULL) //头节点
{
g_Rules.icmp.pout=picmprule;
pi_out=picmprule;
}
else
{
pi_out->next=picmprule;
pi_out=picmprule;
}
}
break;
case PT_RESTIP:
if (pallrules->Rules[i].direct & DT_IN)
{
prestiprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
prestiprule->action=pallrules->Rules[i].action;
prestiprule->direct=pallrules->Rules[i].direct;
prestiprule->ID=pallrules->Rules[i].id;
prestiprule->warn_enable=pallrules->Rules[i].warn_enable;
prestiprule->log_enable=pallrules->Rules[i].log_enable;
prestiprule->ip=pallrules->Rules[i].ip;
prestiprule->mask=pallrules->Rules[i].mask;
prestiprule->schedule.enable=pallrules->Rules[i].time.time_enable;
prestiprule->schedule.start_time=pallrules->Rules[i].time.start_time;
prestiprule->schedule.end_time=pallrules->Rules[i].time.end_time;
prestiprule->next=NULL;
if (g_Rules.ip.pin==NULL) //头节点
{
g_Rules.ip.pin=prestiprule;
pr_in=prestiprule;
}
else
{
pr_in->next=prestiprule;
pr_in=prestiprule;
}
}
if(pallrules->Rules[i].direct & DT_OUT)
{
prestiprule=(struct Fw_Rule_Node *)UTIL_AllocateMemory(sizeof(struct Fw_Rule_Node));
prestiprule->action=pallrules->Rules[i].action;
prestiprule->direct=pallrules->Rules[i].direct;
prestiprule->ID=pallrules->Rules[i].id;
prestiprule->warn_enable=pallrules->Rules[i].warn_enable;
prestiprule->log_enable=pallrules->Rules[i].log_enable;
prestiprule->ip=pallrules->Rules[i].ip;
prestiprule->mask=pallrules->Rules[i].mask;
prestiprule->schedule.enable=pallrules->Rules[i].time.time_enable;
prestiprule->schedule.start_time=pallrules->Rules[i].time.start_time;
prestiprule->schedule.end_time=pallrules->Rules[i].time.end_time;
prestiprule->next=NULL;
if (g_Rules.ip.pout==NULL) //头节点
{
g_Rules.ip.pout=prestiprule;
pr_out=prestiprule;
}
else
{
pr_out->next=prestiprule;
pr_out=prestiprule;
}
}
break;
default:
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -