From e8c0b55fc1aac2238419cf6119930559d5c3119b Mon Sep 17 00:00:00 2001
From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter
 Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org"
 </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org>
Date: Fri, 24 Jun 2005 16:28:24 +0000
Subject: o Fixed syntax error (tab/space issue) in help message o Fixed getopt
 handling on big endian machines o Fixed possible future
 read-over-end-of-array in TCP extension o Add manpage o Add missing space at
 output of libct_proto_icmp.c o Add status bits that were introduced in 2.6.11
 o Add SCTP extension o Add support for expect creation o Bump version number
 to 0.63

---
 extensions/libct_proto_sctp.c | 160 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 160 insertions(+)
 create mode 100644 extensions/libct_proto_sctp.c

(limited to 'extensions/libct_proto_sctp.c')

diff --git a/extensions/libct_proto_sctp.c b/extensions/libct_proto_sctp.c
new file mode 100644
index 0000000..b84c2ba
--- /dev/null
+++ b/extensions/libct_proto_sctp.c
@@ -0,0 +1,160 @@
+/*
+ * (C) 2005 by Harald Welte <lafoorge@netfilter.org>
+ *
+ *      This program is free software; you can redistribute it and/or modify
+ *      it under the terms of the GNU General Public License Version 2 as
+ *      published by the Free Software Foundation
+ *
+ */
+#include <stdio.h>
+#include <getopt.h>
+#include <stdlib.h>
+#include <string.h>
+#include <netinet/in.h> /* For htons */
+#include <linux/netfilter_ipv4/ip_conntrack_tuple.h>
+#include <linux/netfilter_ipv4/ip_conntrack.h>
+#include "libct_proto.h"
+
+static struct option opts[] = {
+	{"orig-port-src", 1, 0, '1'},
+	{"orig-port-dst", 1, 0, '2'},
+	{"reply-port-src", 1, 0, '3'},
+	{"reply-port-dst", 1, 0, '4'},
+	{"state", 1, 0, '5'},
+	{0, 0, 0, 0}
+};
+
+enum sctp_param_flags {
+	ORIG_SPORT_BIT = 0,
+	ORIG_SPORT = (1 << ORIG_SPORT_BIT),
+
+	ORIG_DPORT_BIT = 1,
+	ORIG_DPORT = (1 << ORIG_DPORT_BIT),
+
+	REPL_SPORT_BIT = 2,
+	REPL_SPORT = (1 << REPL_SPORT_BIT),
+
+	REPL_DPORT_BIT = 3,
+	REPL_DPORT = (1 << REPL_DPORT_BIT),
+
+	STATE_BIT = 4,
+	STATE = (1 << STATE_BIT)
+};
+
+static const char *states[] = {
+	"NONE",
+	"CLOSED",
+	"COOKIE_WAIT",
+	"COOKIE_ECHOED",
+	"ESTABLISHED",
+	"SHUTDOWN_SENT",
+	"SHUTDOWN_RECV",
+	"SHUTDOWN_ACK_SENT",
+};
+
+static void help()
+{
+	fprintf(stdout, "--orig-port-src        original source port\n");
+	fprintf(stdout, "--orig-port-dst        original destination port\n");
+	fprintf(stdout, "--reply-port-src       reply source port\n");
+	fprintf(stdout, "--reply-port-dst       reply destination port\n");
+	fprintf(stdout, "--state                SCTP state, eg. ESTABLISHED\n");
+}
+
+static int parse(char c, char *argv[], 
+	   struct ip_conntrack_tuple *orig,
+	   struct ip_conntrack_tuple *reply,
+	   union ip_conntrack_proto *proto,
+	   unsigned int *flags)
+{
+	switch(c) {
+		case '1':
+			if (optarg) {
+				orig->src.u.sctp.port = htons(atoi(optarg));
+				*flags |= ORIG_SPORT;
+			}
+			break;
+		case '2':
+			if (optarg) {
+				orig->dst.u.sctp.port = htons(atoi(optarg));
+				*flags |= ORIG_DPORT;
+			}
+			break;
+		case '3':
+			if (optarg) {
+				reply->src.u.sctp.port = htons(atoi(optarg));
+				*flags |= REPL_SPORT;
+			}
+			break;
+		case '4':
+			if (optarg) {
+				reply->dst.u.sctp.port = htons(atoi(optarg));
+				*flags |= REPL_DPORT;
+			}
+			break;
+		case '5':
+			if (optarg) {
+				int i;
+				for (i=0; i<10; i++) {
+					if (strcmp(optarg, states[i]) == 0) {
+						proto->sctp.state = i;
+						break;
+					}
+				}
+				if (i == 10) {
+					printf("doh?\n");
+					return 0;
+				}
+			}
+			break;
+	}
+	return 1;
+}
+
+static int final_check(unsigned int flags)
+{
+	if ((flags & ORIG_SPORT) && (flags & ORIG_DPORT))
+		return 1;
+	else if ((flags & REPL_SPORT) && (flags & REPL_DPORT))
+		return 1;
+
+	return 0;
+}
+
+static void print_tuple(struct ip_conntrack_tuple *t)
+{
+	fprintf(stdout, "sport=%d dport=%d ", ntohs(t->src.u.sctp.port), 
+				             ntohs(t->dst.u.sctp.port));
+}
+
+static void print_proto(union ip_conntrack_proto *proto)
+{
+	if (proto->sctp.state > sizeof(states)/sizeof(char *))
+		fprintf(stdout, "[%u] ", proto->sctp.state);
+	else
+		fprintf(stdout, "[%s] ", states[proto->sctp.state]);
+}
+
+static struct ctproto_handler sctp = {
+	.name 		= "sctp",
+	.protonum	= 132,
+	.parse		= parse,
+	.print_tuple	= print_tuple,
+	.print_proto	= print_proto,
+	.final_check	= final_check,
+	.help		= help,
+	.opts		= opts,
+};
+
+void __attribute__ ((constructor)) init(void);
+void __attribute__ ((destructor)) fini(void);
+
+void init(void)
+{
+	register_proto(&sctp);
+}
+
+void fini(void)
+{
+	unregister_proto(&sctp);
+}
-- 
cgit v1.2.3