chn/xmurp-ua
1
0
Fork 0
mirror of https://github.com/CHN-beta/xmurp-ua.git synced 2026-01-11 01:09:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
chn
2019-11-03 16:24:36 +08:00
parent 4200c12225
commit 66e01481e9
6 changed files with 120 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@@ -9,7 +9,7 @@ include $(INCLUDE_DIR)/package.mk
EXTRA_CFLAGS:= \
$(patsubst CONFIG_%, -DCONFIG_%=1, $(patsubst %=m,%,$(filter %=m,$(EXTRA_KCONFIG)))) \
$(patsubst CONFIG_%, -DCONFIG_%=1, $(patsubst %=y,%,$(filter %=y,$(EXTRA_KCONFIG)))) \
-DVERSION=$(PKG_RELEASE) --verbose
-DVERSION='"$(PKG_RELEASE)"' --verbose
MAKE_OPTS:=$(KERNEL_MAKE_FLAGS) \
SUBDIRS="$(PKG_BUILD_DIR)" \

10
src/common.h
View File

@@ -14,12 +14,12 @@
#include <asm/limits.h>
#include <linux/time.h>
const unsigned char* str_ua_start = "User-Agent: ";
const unsigned char* str_ua_end = "\r\n";
const unsigned char* str_head_end = "\r\n\r\n";
const unsigned char str_ua_rkp[7];
const static unsigned char* str_ua_begin = "User-Agent: ";
const static unsigned char* str_ua_end = "\r\n";
const static unsigned char* str_head_end = "\r\n\r\n";
static unsigned char str_ua_rkp[7];
time_t now()
time_t now(void)
{
struct timespec* ts;
getnstimeofday(ts);

9
src/rkp-ua.c
View File

@@ -47,11 +47,12 @@ static int __init hook_init(void)
#endif
printk("rkp-ua: Started, version %s\n", VERSION);
printk("rkp-ua: mode_advanced=%c, mode_winPreserve=%c, mark_capture=0x%x, "
"mark_request=0x%x, mark_first=0x%x, mark_winPreserve=0x%x.\n",
'n' + mode_advanced * ('y' - 'n'), 'n' + mode_winPreserve * ('y' - 'n'),
mark_capture, mark_request, mark_first, mark_winPreserve);
printk("rkp-ua: nf_register_hook returnd %d.\n", ret);
printk("rkp-ua: mode_advanced=%c, mark_capture=0x%x, mark_request=0x%x, mark_first=0x%x, mark_preserve=0x%x.\n",
'n' + mode_advanced * ('y' - 'n'), mark_capture, mark_request, mark_first, mark_preserve);
printk("rkp-ua: str_preserve:\n");
for(ret = 0; ret < n_str_preserve; ret++)
printk("\t%s\n", str_preserve[ret]);
return 0;
}

13
src/rkpManager.h
View File

@@ -5,13 +5,13 @@ struct rkpManager
struct rkpStream** data; // 按照首包的两端口之和的低 8 位放置
};
struct rkpManager* rkpManager_new(); // 构造函数
struct rkpManager* rkpManager_new(void); // 构造函数
void rkpManager_del(struct rkpManager*); // 析构函数
u_int8_t rkpManager_execute(struct rkpManager*, struct sk_buff*); // 处理一个数据包。返回值为 rkpStream_execute 的返回值。
void rkpManager_refresh(struct rkpManager*); // 清理过时的流
struct rkpManager* rkpManager_new()
struct rkpManager* rkpManager_new(void)
{
struct rkpManager* rkpm = kmalloc(sizeof(struct rkpManager) + sizeof(struct rkpStream*) * 256, GFP_KERNEL);
if(rkpm == 0)
@@ -41,12 +41,10 @@ void rkpManager_del(struct rkpManager* rkpm)
u_int8_t rkpManager_execute(struct rkpManager* rkpm, struct sk_buff* skb)
{
if(rkpSettings_first(skb))
// 新增加一个流或覆盖已经有的流
{
u_int8_t id = (ntohs(tcp_hdr(skb) -> sport) + ntohs(tcp_hdr(skb) -> dport)) & 0xFF;
u_int8_t id = (ntohs(tcp_hdr(skb) -> source) + ntohs(tcp_hdr(skb) -> dest)) & 0xFF;
struct rkpStream* rkps_new = rkpStream_new(skb);
struct rkpStream *rkps = rkpm -> data[id];
if(rkps_new == 0)
@@ -80,11 +78,14 @@ u_int8_t rkpManager_execute(struct rkpManager* rkpm, struct sk_buff* skb)
rkps_new -> next = rkpm -> data[id];
rkpm -> data[id] = rkps_new;
}
// 执行
return rkpStream_execute(rkps_new, skb);
}
else
// 使用已经有的流
{
u_int8_t id = (ntohs(tcp_hdr(skb) -> sport) + ntohs(tcp_hdr(skb) -> dport)) & 0xFF;
u_int8_t id = (ntohs(tcp_hdr(skb) -> source) + ntohs(tcp_hdr(skb) -> dest)) & 0xFF;
struct rkpStream *rkps = rkpm -> data[id];
while(rkps != 0)
if(rkpStream_belong(rkps, skb))

42
src/rkpSettings.h
View File

@@ -1,6 +1,6 @@
#include "common.h"
static u_int8_t mode_advanced = 0;
static bool mode_advanced = false;
module_param(mode_advanced, bool, 0);
static char* str_preserve[128];
@@ -16,48 +16,48 @@ module_param(mark_first, uint, 0);
static u_int32_t mark_preserve = 0x800;
module_param(mark_preserve, uint, 0);
static unsigned time_keepalive = 1200
static unsigned time_keepalive = 1200;
module_param(time_keepalive, uint, 0);
u_int8_t rkpSettings_capture(struct sk_buff*);
u_int8_t rkpSettings_request(struct sk_buff*);
u_int8_t rkpSettings_first(struct sk_buff*);
u_int8_t rkpSettings_preserve(struct sk_buff*);
bool rkpSettings_capture(const struct sk_buff*);
bool rkpSettings_request(const struct sk_buff*);
bool rkpSettings_first(const struct sk_buff*);
bool rkpSettings_preserve(const struct sk_buff*);
u_int8_t rkpSettings_capture(struct sk_buff* skb)
bool rkpSettings_capture(const struct sk_buff* skb)
{
if(mode_advanced)
return skb -> mark & mark_capture == mark_capture;
return (skb -> mark & mark_capture) == mark_capture;
else
{
if(ip_hdr(skb) -> protocol != IPPROTO_TCP)
return 0;
else if(tcp_hdr(skb) -> dport == 80)
return 1;
else if(tcp_hdr(skb) -> sport == 80 && tcp_hdr(skb) -> ack)
return 1;
return false;
else if(tcp_hdr(skb) -> dest == 80)
return true;
else if(tcp_hdr(skb) -> source == 80 && tcp_hdr(skb) -> ack)
return true;
else
return 0;
return false;
}
}
u_int8_t rkpSettings_request(struct sk_buff* skb)
bool rkpSettings_request(const struct sk_buff* skb)
{
if(mode_advanced)
return skb -> mark & mark_request == mark_request;
return (skb -> mark & mark_request) == mark_request;
else
return ip_hdr(skb) -> daddr == 80;
}
u_int8_t rkpSettings_first(struct sk_buff* skb)
bool rkpSettings_first(const struct sk_buff* skb)
{
if(mode_advanced)
return skb -> mark & mark_first == mark_first;
return (skb -> mark & mark_first) == mark_first;
else
return tcp_hdr(skb) -> syn && !tcp_hdr(skb) -> ack;
}
u_int8_t rkpSettings_preserve(struct sk_buff* skb)
bool rkpSettings_preserve(const struct sk_buff* skb)
{
if(mode_advanced)
return skb -> mark & mark_preserve == mark_preserve;
return (skb -> mark & mark_preserve) == mark_preserve;
else
return 1;
return true;
}

170
src/rkpStream.h
View File

@@ -2,7 +2,7 @@
struct rkpStream
{
u_int8_t enum
enum
{
rkpStream_sniffing,
rkpStream_waiting
@@ -12,59 +12,58 @@ struct rkpStream
u_int32_t ack; // 下一个服务端确认收到的字节的序列号。以后所有的相对序列号都是将这个序号视为零的相对序列号。
u_int32_t seq; // 下一个期待收到的序列号。
time_t last_active;
u_int8_t scan_matched;
u_int8_t preserve;
bool scan_matched;
bool preserve;
struct rkpStream *prev, *next;
};
struct rkpStream* rkpStream_new(struct sk_buff*); // 构造函数,得到的流的状态是捕获这个数据包之前的状态。内存不够时返回 0。
struct rkpStream* rkpStream_new(const struct sk_buff*); // 构造函数,得到的流的状态是捕获这个数据包之前的状态。内存不够时返回 0。
void rkpStream_del(struct rkpStream*); // 析构函数
u_int8_t rkpStream_belong(struct rkpStream*, struct sk_buff*); // 判断一个数据包是否属于一个流
bool rkpStream_belong(const struct rkpStream*, const struct sk_buff*); // 判断一个数据包是否属于一个流
unsigned rkpStream_execute(struct rkpStream*, struct sk_buff*); // 处理一个数据包(假定包属于这个流)
void __rkpStream_refresh_ack(struct rkpStream*, u_int32_t); // 刷新确认序列号。第二个参数就是即将设定的确认号。会自动重新计算序列号的偏移,以及释放 buff_prev 中的多余数据包
unsigned char* __rkpStream_skb_appStart(struct sk_buff*); // 返回一个包的应用层数据起始位置
u_int16_t __rkpStream_skb_appLen(struct sk_buff*); // 返回一个包的应用层数据长度
unsigned char* __rkpStream_skb_appBegin(const struct sk_buff*); // 返回一个包的应用层数据起始位置
u_int16_t __rkpStream_skb_appLen(const struct sk_buff*); // 返回一个包的应用层数据长度
int32_t __rkpStream_skb_seq(u_int32_t, u_int32_t); // 返回一个序列号的相对序列号。两个参数分别为流的确认号、包的序列号(已经转换字节序)。可以为负。
void __rkpStream_skb_send(struct sk_buff*); // 发送一个数据包
struct sk_buff* __rkpStream_skb_copy(struct sk_buff*); // 复制一个数据包
struct sk_buff* __rkpStream_skb_copy(const struct sk_buff*); // 复制一个数据包
void __rkpStream_skb_del(struct sk_buff*); // 删除一个数据包
u_int16_t __rkpStream_data_scan(unsigned char*, u_int16_t, unsigned char*, u_int8_t); // 在指定字符串中扫描子字符串。返回值最低位表示是否完整地找到,其余 15 位表示匹配的长度(如果没有完整地找到)或子串结束时相对于起始时的位置
void __rkpStream_data_replace(unsigned char*, u_int16_t, unsigned char*, u_int16_t); // 替换字符串。参数与前者类似。
u_int16_t __rkpStream_data_scan(const unsigned char*, u_int16_t, const unsigned char*, u_int8_t); // 在指定字符串中扫描子字符串。返回值最低位表示是否完整地找到,其余 15 位表示匹配的长度(如果没有完整地找到)或子串结束时相对于起始时的位置
void __rkpStream_data_replace(unsigned char*, u_int16_t, const unsigned char*, u_int16_t); // 替换字符串。参数与前者类似。
void __rkpStream_buff_retain_end(struct sk_buff**, struct sk_buff*); // 将一个数据包置入数据包链的末尾
void __rkpStream_buff_retain_auto(struct sk_buff**, struct sk_buff*); // 将一个数据包置入数据包链的合适位置
void __rkpStream_buff_rejudge(struct rkpStream*, struct sk_buff**); // 重新判定数据包链中的每个数据包
void __rkpStream_buff_del(struct sk_buff**); // 删除数据包链
struct sk_buff* __rkpStream_buff_find(struct sk_buff*, u_int32_t);
struct sk_buff* __rkpStream_buff_find(const struct sk_buff*, u_int32_t);
// 在一个已经按照序列号排序的数据包链中寻找序列号相符的包。如果没有相符的包,就返回最后一个序列号比要求的小的包。如果没有这样的包,就返回 0。第二个参数是要查找的序列号绝对值已转换字节序
void __rkpStream_buff_execute_core(struct sk_buff**, u_int16_t, u_int8_t); // 最核心的步骤,集齐头部后被调用。搜索、替换。参数分别为:数据包链表、最后一个包中 http 头结束的位置、是否保留指定 ua
void __rkpStream_buff_execute_core(struct sk_buff**, u_int16_t, bool); // 最核心的步骤,集齐头部后被调用。搜索、替换。参数分别为:数据包链表、最后一个包中 http 头结束的位置、是否保留指定 ua
struct rkpStream* rpStream_new(struct sk_buff* skb)
struct rkpStream* rpStream_new(const struct sk_buff* skb)
{
struct rkpStream* rkps = kmalloc(sizeof(struct rkpStream), GFP_KERNEL);
struct iphdr* iph = ip_hdr(skb);
struct tcphdr* tcph = tcp_hdr(skb);
const struct iphdr* iph = ip_hdr(skb);
const struct tcphdr* tcph = tcp_hdr(skb);
if(rkps == 0)
{
printk("rkp-ua::rkpStream::rkpStream_new: `kmalloc` failed, may caused by shortage of memory.\n");
return 0;
}
rkps -> status = struct rkpStream::rkpStream_sniffing;
rkps -> status = rkpStream_sniffing;
rkps -> id[0] = ntohl(iph -> saddr);
rkps -> id[1] = ntohl(iph -> daddr);
rkps -> id[2] = (((u_int32_t)ntohs(tcph -> sport)) << 16 ) + ntohs(tcph -> dport);
rkps -> id[2] = (((u_int32_t)ntohs(tcph -> source)) << 16) + ntohs(tcph -> dest);
rkps -> buff = rkps -> buff_prev = rkps -> buff_next = 0;
rkps -> ack = ntohl(tcph -> seq);
rkps -> seq = 1;
rkps -> last_active = now();
rkps -> scan_matched = 0;
rkps -> win_preserve = rkpSettings_preserve(skb);
rkps -> preserve = rkpSettings_preserve(skb);
rkps -> prev = rkps -> next = 0;
return rkps;
}
@@ -75,27 +74,27 @@ void rkpStream_del(struct rkpStream* rkps)
kfree_skb_list(rkps -> buff_next);
kfree(rkps);
}
u_int8_t rkpStream_belong(struct rkpStream* rkps, struct sk_buff* skb)
bool rkpStream_belong(const struct rkpStream* rkps, const struct sk_buff* skb)
{
if(rkpSettings_request(skb))
{
if(rkps -> id[0] != ntohl(ip_hdr(skb) -> saddr))
return 0;
return false;
if(rkps -> id[1] != ntohl(ip_hdr(skb) -> daddr))
return 0;
if(rkps -> id[2] != ntohs(tcp_hdr(skb) -> sport) << 16 + ntohs(tcp_hdr(skb) -> dport);
return 0;
return 1;
return false;
if((rkps -> id[2] != ntohs(tcp_hdr(skb) -> source) << 16) + ntohs(tcp_hdr(skb) -> dest))
return false;
return true;
}
else
{
if(rkps -> id[0] != ntohl(ip_hdr(skb) -> daddr))
return 0;
return false;
if(rkps -> id[1] != ntohl(ip_hdr(skb) -> saddr))
return 0;
if(rkps -> id[2] != ntohs(tcp_hdr(skb) -> dport) << 16 + ntohs(tcp_hdr(skb) -> sport);
return 0;
return 1;
return false;
if((rkps -> id[2] != ntohs(tcp_hdr(skb) -> dest) << 16) + ntohs(tcp_hdr(skb) -> source))
return false;
return true;
}
}
unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
@@ -123,7 +122,7 @@ unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
seq = __rkpStream_skb_seq(rkps -> ack, ntohl(tcp_hdr(skb) -> seq));
if(seq > rkps -> seq)
{
__rkpStream_buff_retain_auto(rkps -> buff_next, skb);
__rkpStream_buff_retain_auto(&(rkps -> buff_next), skb);
return NF_STOLEN;
}
@@ -137,25 +136,25 @@ unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
// 检查数据包是否是重传数据包。如果是的话,可能需要修改数据。然后,将它发出。接下来的情况,就一定是刚好是需要的序列号的情况了
if(seq < rkps -> seq)
{
struct sk_buff* skb_prev = __rkpStream_buff_find(rkps -> buff_prev, ntohl(skb -> seq));
const struct sk_buff* skb_prev = __rkpStream_buff_find(rkps -> buff_prev, ntohl(tcp_hdr(skb) -> seq));
if(skb_prev != 0 && tcp_hdr(skb_prev) -> seq == tcp_hdr(skb) -> seq)
// 存在相符的数据包。将数据拷贝过去。
{
if(skb_ensure_writable(skb, __rkpStream_skb_appStart(skb) - skb -> data + __rkpStream_skb_appLen(skb)))
if(skb_ensure_writable(skb, __rkpStream_skb_appBegin(skb) - skb -> data + __rkpStream_skb_appLen(skb)))
{
printk("rkp-ua::rkpStream::rkpStream_execute: Can not make skb writable, may caused by shortage of memory. Drop it.\n");
return NF_DROP;
}
memcpy(__rkpStream_skb_appStart(skb), __rkpStream_skb_appStart(skb_prev), __rkpStream_skb_appLen(skb_prev));
memcpy(__rkpStream_skb_appBegin(skb), __rkpStream_skb_appBegin(skb_prev), __rkpStream_skb_appLen(skb_prev));
}
return NF_ACCEPT;
}
// 如果是在 sniffing 的情况下,那一定先扫描一下再说
if(rkps -> status == struct rkpStream::rkpStream_sniffing)
if(rkps -> status == rkpStream_sniffing)
{
u_int16_t scan = __rkpStream_data_scan(__rkpStream_skb_appStart(skb), __rkpStream_skb_appLen(skb),
str_end, rkps -> scan_matched);
u_int16_t scan = __rkpStream_data_scan(__rkpStream_skb_appBegin(skb), __rkpStream_skb_appLen(skb),
str_head_end, rkps -> scan_matched);
if(scan & 0x1)
// 扫描找到了 HTTP 头的结尾,那么将这个数据包补到 buff 中,更新 seq开始查找、替换、发出然后根据情况设置状态再考虑 buff_next 中的包,最后返回 STOLEN
@@ -164,25 +163,25 @@ unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
// 追加到 buff 后面,更新 seq
__rkpStream_buff_retain_end(&(rkps -> buff), skb);
rkps -> seq = __rkpStream_skb_seq(rkps -> ack_seq, ntohl(tcp_hdr(skb) -> seq)) + __rkpStream_skb_appLen(skb);
rkps -> seq = __rkpStream_skb_seq(rkps -> ack, ntohl(tcp_hdr(skb) -> seq)) + __rkpStream_skb_appLen(skb);
// 查找、替换
__rkpStream_buff_execute_core(&(rkps -> buff), (scan >> 1) + 1);
__rkpStream_buff_execute_core(&(rkps -> buff), (scan >> 1) + 1, rkps -> preserve);
// 循环复制一份到 buff_prev 下面,同时发出
while(skbp != 0)
{
struct sk_buff* skbp2 = skbp -> next;
__rkpStream_buff_retain_end(rkps -> buff_prev, __rkpStream_skb_copy(skbp));
__rkpStream_buff_retain_end(&(rkps -> buff_prev), __rkpStream_skb_copy(skbp));
__rkpStream_skb_send(skbp);
skbp = skbp2;
}
rkps -> buff = 0;
// 清空查找情况,重新设置状态
rkps -> scan_length = 0;
rkps -> scan_matched = 0;
if(!(tcp_hdr(skb) -> psh))
rkps -> status = waiting;
rkps -> status = rkpStream_waiting;
// 考虑之前截留的数据包
__rkpStream_buff_rejudge(rkps, &(rkps -> buff_prev));
@@ -198,7 +197,7 @@ unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
printk("rkp-ua::rkpStream::rkpStream_execute: Find PSH before header ending found. Send without modification.\n");
// 更新 seq
rkps -> seq = __rkpStream_skb_seq(rkps -> ack_seq, ntohl(tcp_hdr(skb) -> seq)) + __rkpStream_skb_appLen(skb);
rkps -> seq = __rkpStream_skb_seq(rkps -> ack, ntohl(tcp_hdr(skb) -> seq)) + __rkpStream_skb_appLen(skb);
// 放行截留的包
while(skbp != 0)
@@ -210,10 +209,10 @@ unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
rkps -> buff = 0;
// 清空查找情况
rkps -> scan_length = 0;
rkps -> scan_matched = 0;
// 考虑之前截留的数据包
__rkpStream_buff_rejudge(rkps, &(skps -> buff_prev));
__rkpStream_buff_rejudge(rkps, &(rkps -> buff_prev));
return NF_ACCEPT;
}
@@ -224,11 +223,11 @@ unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
__rkpStream_buff_retain_end(&(rkps -> buff), skb);
// 更新 seq 和查找状态
rkps -> seq = __rkpStream_skb_seq(rkps -> ack_seq, ntohl(tcp_hdr(skb) -> seq)) + __rkpStream_skb_appLen(skb);
rkps -> matched_length = scan >> 1;
rkps -> seq = __rkpStream_skb_seq(rkps -> ack, ntohl(tcp_hdr(skb) -> seq)) + __rkpStream_skb_appLen(skb);
rkps -> scan_matched = scan >> 1;
// 考虑 buff_next 中的包
__rkpStream_buff_rejudge(rkps, &(skps -> buff_prev));
__rkpStream_buff_rejudge(rkps, &(rkps -> buff_prev));
return NF_STOLEN;
}
@@ -239,10 +238,10 @@ unsigned rkpStream_execute(struct rkpStream* rkps, struct sk_buff* skb)
// 设置 seq 和状态
rkps -> seq = __rkpStream_skb_seq(rkps -> ack, ntohl(tcp_hdr(skb) -> seq)) + __rkpStream_skb_appLen(skb);
if(tcp_hdr(skb) -> psh)
rkps -> status = sniffing;
rkps -> status = rkpStream_sniffing;
// 考虑 buff_next
__rkpStream_buff_rejudge(rkps, &(skps -> buff_prev));
__rkpStream_buff_rejudge(rkps, &(rkps -> buff_prev));
return NF_ACCEPT;
}
@@ -258,7 +257,7 @@ void __rkpStream_refresh_ack(struct rkpStream* rkps, u_int32_t ack)
// 丢弃 buff_prev 中已经确认收到的数据包
skbp = rkps -> buff_prev;
while(skbp != 0 && __rkpStream_skb_seq(skbp -> ack, ntohl(tcp_hdr(skbp) -> seq)) < 0)
while(skbp != 0 && __rkpStream_skb_seq(tcp_hdr(skbp) -> ack, ntohl(tcp_hdr(skbp) -> seq)) < 0)
{
struct sk_buff* skbp2 = skbp -> next;
__rkpStream_skb_del(skbp);
@@ -267,12 +266,12 @@ void __rkpStream_refresh_ack(struct rkpStream* rkps, u_int32_t ack)
rkps -> buff_prev = skbp;
}
unsigned char* __rkpStream_skb_appStart(struct sk_buff* skb)
unsigned char* __rkpStream_skb_appBegin(const struct sk_buff* skb)
{
return (unsigned char*)tcp_hdr(skb) + tcp_hdr(skb) -> doff * 4;
}
u_int16_t __rkpStream_dataLen(strct sk_buff* skb)
u_int16_t __rkpStream_dataLen(const struct sk_buff* skb)
{
return ntohs(ip_hdr(skb) -> tot_len) - ip_hdr(skb) -> ihl * 4 - tcp_hdr(skb) -> doff * 4;
}
@@ -290,7 +289,7 @@ void __rkpStream_skb_send(struct sk_buff* skb)
dev_queue_xmit(skb);
}
struct sk_buff* __rkpStream_skb_copy(struct sk_buff* skb)
struct sk_buff* __rkpStream_skb_copy(const struct sk_buff* skb)
{
return skb_copy(skb, GFP_KERNEL);
}
@@ -300,9 +299,9 @@ void __rkpStream_skb_del(struct sk_buff* skb)
kfree_skb(skb);
}
u_int16_t __rkpStream_data_scan(unsigned char* data, u_int16_t data_len, unsigned char* target, u_int8_t matched)
u_int16_t __rkpStream_data_scan(const unsigned char* data, u_int16_t data_len, const unsigned char* target, u_int8_t matched)
{
unsigned char* p = data;
const unsigned char* p = data;
while(p - data != data_len)
{
if(*p == target[matched])
@@ -316,7 +315,7 @@ u_int16_t __rkpStream_data_scan(unsigned char* data, u_int16_t data_len, unsigne
}
return matched << 1;
}
void __rkpStream_data_replace(unsigned char* data, u_int16_t data_len, unsigned char* target, u_int16_t modified)
void __rkpStream_data_replace(unsigned char* data, u_int16_t data_len, const unsigned char* target, u_int16_t modified)
{
while(modified < strlen(target) && data_len > 0)
{
@@ -350,7 +349,7 @@ void __rkpStream_buff_retain_auto(struct sk_buff** buff, struct sk_buff* skb)
if(p == 0)
{
skb -> prev = 0;
skb -> last = *buff;
skb -> next = *buff;
*buff = skb;
}
else if(ntohl(tcp_hdr(p) -> seq) == ntohl(tcp_hdr(p) -> seq))
@@ -385,7 +384,8 @@ void __rkpStream_buff_rejudge(struct rkpStream* rkps, struct sk_buff** buff)
// 找到了一个可用的 skb将它应用同时在节点中删除它
if(__rkpStream_skb_seq(rkps -> ack, ntohl(tcp_hdr(p) -> seq)) == rkps -> seq)
{
found = 1
unsigned rtn;
found = 1;
// 将它从链表中取出
if(p -> prev != 0)
@@ -396,7 +396,7 @@ void __rkpStream_buff_rejudge(struct rkpStream* rkps, struct sk_buff** buff)
*buff = p -> next;
// 执行之
unsigned rtn = rkpStream_execute(rkps, p);
rtn = rkpStream_execute(rkps, p);
if(rtn == NF_ACCEPT)
__rkpStream_skb_send(p);
else if(rtn == NF_DROP)
@@ -406,19 +406,19 @@ void __rkpStream_buff_rejudge(struct rkpStream* rkps, struct sk_buff** buff)
}
} while (found);
}
struct sk_buff* __rkpStream_buff_find(struct sk_buff* skb, u_int32_t seq)
struct sk_buff* __rkpStream_buff_find(const struct sk_buff* skb, u_int32_t seq)
{
if(skb == 0)
return 0;
else
{
while(skb -> next != 0 && __rkpStream_skb_seq(seq, ntohl(tcp_hdr(skb -> next) -> seq)) <= 0)
skb = skb -> next;
return skb;
skb = (const struct sk_buff*)skb -> next;
return (struct sk_buff*)skb;
}
}
void __rkpStream_buff_execute_core(struct sk_buff** buff, u_int16_t last_len, u_int8_t preserve)
void __rkpStream_buff_execute_core(struct sk_buff** buff, u_int16_t last_len, bool preserve)
// 扫描是否有 ua然后扫描 ua 中是否有匹配的字符串,并且进行修改
{
u_int16_t rtn;
@@ -432,17 +432,17 @@ void __rkpStream_buff_execute_core(struct sk_buff** buff, u_int16_t last_len, u_
for(p = *buff, rtn = 0; p != 0; p = p -> next)
{
if(p -> next == 0)
rtn = __rkpStream_data_scan(__rkpStream_skb_appStart(p), last_len, str_ua, rtn >> 1);
rtn = __rkpStream_data_scan(__rkpStream_skb_appBegin(p), last_len, str_ua_begin, rtn >> 1);
else
rtn = __rkpStream_data_scan(__rkpStream_skb_appStart(p), __rkpStream_skb_appLen(skb), str_ua_start, rtn >> 1);
rtn = __rkpStream_data_scan(__rkpStream_skb_appBegin(p), __rkpStream_skb_appLen(p), str_ua_begin, rtn >> 1);
if(rtn & 0x1)
break;
}
if(rtn & 0x1)
// 找到了
{
skb_ua_start = p;
pos_ua_start = rtn >> 1;
skb_ua_begin = p;
pos_ua_begin = rtn >> 1;
}
else
// 没找到
@@ -451,18 +451,10 @@ void __rkpStream_buff_execute_core(struct sk_buff** buff, u_int16_t last_len, u_
// 寻找 ua 结束的位置
for(rtn = 0; p != 0; p = p -> next)
{
const char* scan_start;
u_int16_t scan_len;
if(p == skb_ua_start)
scan_start = __rkpStream_skb_appStart(p) + pos_ua_start;
if(p == skb_ua_begin)
rtn = __rkpStream_data_scan(__rkpStream_skb_appBegin(p) + pos_ua_begin, __rkpStream_skb_appLen(p) - pos_ua_begin, str_ua_end, rtn >> 1);
else
scan_start = __rkpStream_skb_appStart(p);
if(p == skb_ua_start)
rtn = __rkpStream_data_scan(__rkpStream_skb_appStart(p) + pos_ua_start, __rkpStream_skb_appLen(p) - pos_ua_start, str_ua_end, rtn >> 1);
else
rtn = __rkpStream_data_scan(__rkpStream_skb_appStart(p), __rkpStream_skb_appLen(p), str_ua_end, rtn >> 1);
rtn = __rkpStream_data_scan(__rkpStream_skb_appBegin(p), __rkpStream_skb_appLen(p), str_ua_end, rtn >> 1);
if(rtn & 0x1)
break;
}
@@ -485,16 +477,16 @@ void __rkpStream_buff_execute_core(struct sk_buff** buff, u_int16_t last_len, u_
{
for(p = skb_ua_begin, rtn = 0;;p = p -> next)
{
const char* scan_begin;
const unsigned char* scan_begin;
u_int16_t scan_len;
if(p == skb_ua_begin)
scan_begin = __rkpStream_skb_appStart(p) + pos_ua_begin;
scan_begin = __rkpStream_skb_appBegin(p) + pos_ua_begin;
else
scan_begin = __rkpStream_skb_appStart(p);
scan_begin = __rkpStream_skb_appBegin(p);
if(p == skb_ua_end)
scan_len = __rkpStream_skb_appStart(p) + pos_ua_end + 1 - scan_begin;
scan_len = __rkpStream_skb_appBegin(p) + pos_ua_end + 1 - scan_begin;
else
scan_len = __rkpStream_skb_appStart(p) + __rkpStream_skb_appLen(p) - scan_begin;
scan_len = __rkpStream_skb_appBegin(p) + __rkpStream_skb_appLen(p) - scan_begin;
rtn = __rkpStream_data_scan(scan_begin, scan_len, str_preserve[i], rtn >> 1);
if(rtn & 0x1)
return;
@@ -506,7 +498,7 @@ void __rkpStream_buff_execute_core(struct sk_buff** buff, u_int16_t last_len, u_
// 替换 ua
for(p = skb_ua_begin, rtn = 0;;p = p -> next)
{
const char* replace_begin;
unsigned char* replace_begin;
u_int16_t replace_len;
if(skb_ensure_writable(p, replace_begin + replace_len - p -> data) != 0)
{
@@ -514,13 +506,13 @@ void __rkpStream_buff_execute_core(struct sk_buff** buff, u_int16_t last_len, u_
return;
}
if(p == skb_ua_begin)
replace_begin = __rkpStream_skb_appStart(p) + pos_ua_begin;
replace_begin = __rkpStream_skb_appBegin(p) + pos_ua_begin;
else
replace_begin = __rkpStream_skb_appStart(p);
replace_begin = __rkpStream_skb_appBegin(p);
if(p == skb_ua_end)
replace_len = __rkpStream_skb_appStart(p) + pos_ua_end + 1 - replace_begin;
replace_len = __rkpStream_skb_appBegin(p) + pos_ua_end + 1 - replace_begin;
else
replace_len = __rkpStream_skb_appStart(p) + __rkpStream_skb_appLen(p) - replace_begin;
replace_len = __rkpStream_skb_appBegin(p) + __rkpStream_skb_appLen(p) - replace_begin;
__rkpStream_data_replace(replace_begin, replace_len, str_ua_rkp, rtn);
rtn += replace_len;
if(p == skb_ua_end)