111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov/* 211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * Copyright (c) 2003+ Evgeniy Polyakov <johnpol@2ka.mxt.ru> 311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * 411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * 511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * This program is free software; you can redistribute it and/or modify 611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * it under the terms of the GNU General Public License as published by 711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * the Free Software Foundation; either version 2 of the License, or 811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * (at your option) any later version. 911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * 1011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * This program is distributed in the hope that it will be useful, 1111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * but WITHOUT ANY WARRANTY; without even the implied warranty of 1211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 1311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * GNU General Public License for more details. 1411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * 1511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * You should have received a copy of the GNU General Public License 16e664eabd18c4581b21ea6f62e2e599df5a719a5bJeff Kirsher * along with this program; if not, see <http://www.gnu.org/licenses/>. 1711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov */ 1811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 1911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#ifndef _XT_OSF_H 2011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define _XT_OSF_H 2111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 228a3af79361e85db6fec4173ef1916322471c19e3Jaswinder Singh Rajput#include <linux/types.h> 238a3af79361e85db6fec4173ef1916322471c19e3Jaswinder Singh Rajput 2411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define MAXGENRELEN 32 2511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 2611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_GENRE (1<<0) 2711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_TTL (1<<1) 2811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_LOG (1<<2) 2911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_INVERT (1<<3) 3011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 3111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_LOGLEVEL_ALL 0 /* log all matched fingerprints */ 3211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_LOGLEVEL_FIRST 1 /* log only the first matced fingerprint */ 3311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_LOGLEVEL_ALL_KNOWN 2 /* do not log unknown packets */ 3411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 3511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_TTL_TRUE 0 /* True ip and fingerprint TTL comparison */ 3611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_TTL_LESS 1 /* Check if ip TTL is less than fingerprint one */ 3711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#define XT_OSF_TTL_NOCHECK 2 /* Do not compare ip and fingerprint TTL at all */ 3811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 3911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovstruct xt_osf_info { 4011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov char genre[MAXGENRELEN]; 4111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u32 len; 4211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u32 flags; 4311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u32 loglevel; 4411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u32 ttl; 4511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 4611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 4711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov/* 4811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * Wildcard MSS (kind of). 4911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * It is used to implement a state machine for the different wildcard values 5011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * of the MSS and window sizes. 5111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov */ 5211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovstruct xt_osf_wc { 5311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u32 wc; 5411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u32 val; 5511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 5611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 5711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov/* 5811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * This struct represents IANA options 5911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * http://www.iana.org/assignments/tcp-parameters 6011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov */ 6111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovstruct xt_osf_opt { 6211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u16 kind, length; 6311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov struct xt_osf_wc wc; 6411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 6511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 6611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovstruct xt_osf_user_finger { 6711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov struct xt_osf_wc wss; 6811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 6911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u8 ttl, df; 7011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u16 ss, mss; 7111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov __u16 opt_num; 7211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 7311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov char genre[MAXGENRELEN]; 7411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov char version[MAXGENRELEN]; 7511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov char subtype[MAXGENRELEN]; 7611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 7711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov /* MAX_IPOPTLEN is maximum if all options are NOPs or EOLs */ 7811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov struct xt_osf_opt opt[MAX_IPOPTLEN]; 7911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 8011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 8111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovstruct xt_osf_nlmsg { 8211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov struct xt_osf_user_finger f; 8311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov struct iphdr ip; 8411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov struct tcphdr tcp; 8511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 8611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 8711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov/* Defines for IANA option kinds */ 8811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 8911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovenum iana_options { 9011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_EOL = 0, /* End of options */ 9111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_NOP, /* NOP */ 9211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_MSS, /* Maximum segment size */ 9311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_WSO, /* Window scale option */ 9411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_SACKP, /* SACK permitted */ 9511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_SACK, /* SACK */ 9611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_ECHO, 9711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_ECHOREPLY, 9811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_TS, /* Timestamp option */ 9911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_POCP, /* Partial Order Connection Permitted */ 10011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_POSP, /* Partial Order Service Profile */ 10111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 10211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov /* Others are not used in the current OSF */ 10311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSFOPT_EMPTY = 255, 10411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 10511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 10611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov/* 10711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * Initial window size option state machine: multiple of mss, mtu or 10811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * plain numeric value. Can also be made as plain numeric value which 10911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * is not a multiple of specified value. 11011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov */ 11111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovenum xt_osf_window_size_options { 11211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_WSS_PLAIN = 0, 11311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_WSS_MSS, 11411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_WSS_MTU, 11511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_WSS_MODULO, 11611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_WSS_MAX, 11711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 11811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 11911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov/* 12011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov * Add/remove fingerprint from the kernel. 12111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov */ 12211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovenum xt_osf_msg_types { 12311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_MSG_ADD, 12411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_MSG_REMOVE, 12511eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_MSG_MAX, 12611eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 12711eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 12811eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakovenum xt_osf_attr_type { 12911eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_ATTR_UNSPEC, 13011eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_ATTR_FINGER, 13111eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov OSF_ATTR_MAX, 13211eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov}; 13311eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov 13411eeef41d5f63c7d2f7fdfcc733eb7fb137cc384Evgeniy Polyakov#endif /* _XT_OSF_H */ 135