From 9ce4f241b0e77206c65786a9c65cc42e09fea04e Mon Sep 17 00:00:00 2001 From: laforge Date: Thu, 5 Dec 2002 20:50:09 +0000 Subject: add TARPIT target (Aaron Hopkins) --- extensions/Makefile | 2 +- extensions/libipt_TARPIT.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 extensions/libipt_TARPIT.c (limited to 'extensions') diff --git a/extensions/Makefile b/extensions/Makefile index b57865a..6398039 100644 --- a/extensions/Makefile +++ b/extensions/Makefile @@ -1,6 +1,6 @@ #! /usr/bin/make -PF_EXT_SLIB:=ah conntrack dscp ecn esp helper icmp length limit mac mark multiport owner pkttype standard state tcp tcpmss tos ttl udp unclean DNAT DSCP ECN LOG MARK MASQUERADE MIRROR REDIRECT REJECT SAME SNAT TCPMSS TOS ULOG +PF_EXT_SLIB:=ah conntrack dscp ecn esp helper icmp length limit mac mark multiport owner pkttype standard state tcp tcpmss tos ttl udp unclean DNAT DSCP ECN LOG MARK MASQUERADE MIRROR REDIRECT REJECT SAME SNAT TARPIT TCPMSS TOS ULOG PF6_EXT_SLIB:=eui64 icmpv6 length limit mac mark multiport owner standard tcp udp LOG MARK # The following may not be present, but compile them anyway. diff --git a/extensions/libipt_TARPIT.c b/extensions/libipt_TARPIT.c new file mode 100644 index 0000000..643ce61 --- /dev/null +++ b/extensions/libipt_TARPIT.c @@ -0,0 +1,67 @@ +/* Shared library add-on to iptables for TARPIT support */ +#include +#include +#include + +static void +help(void) +{ + fputs( +"TARPIT takes no options\n" +"\n", stdout); +} + +static struct option opts[] = { + { 0 } +}; + +static void +init(struct ipt_entry_target *t, unsigned int *nfcache) +{ + /* Can't cache this */ + *nfcache |= NFC_UNKNOWN; +} + +static int +parse(int c, char **argv, int invert, unsigned int *flags, + const struct ipt_entry *entry, + struct ipt_entry_target **target) +{ + return 0; +} + +static void final_check(unsigned int flags) +{ +} + +static void +print(const struct ipt_ip *ip, + const struct ipt_entry_target *target, + int numeric) +{ +} + +static void save(const struct ipt_ip *ip, const struct ipt_entry_target *target) +{ +} + +static +struct iptables_target tarpit += { NULL, + "TARPIT", + IPTABLES_VERSION, + IPT_ALIGN(0), + IPT_ALIGN(0), + &help, + &init, + &parse, + &final_check, + &print, + &save, + opts +}; + +void _init(void) +{ + register_target(&tarpit); +} -- cgit v1.2.3