r4sas
/
ts3init_linux_netfilter_module
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
A Linux netfilter module to aid in (d)dos protection
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
124 Commits
1 Branch
0 Tags
165 KiB
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ts3init_linux_netfilter_module/src/ts3init_cache.c

120 lines
3.1 KiB
Raw Permalink Blame History

/*
* "ts3init" extension for Xtables
*
* Description: A module to aid in ts3 spoof protection
* This is the "caching of cookies" related code
*
* Authors:
* Niels Werensteijn <niels werensteijn [at] teampseak com>, 2016-10-03
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License; either version 2
* or 3 of the License, as published by the Free Software Foundation.
*/
#include <linux/kernel.h>
#include <linux/skbuff.h>
#include <linux/netfilter/x_tables.h>
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <linux/udp.h>
#include <linux/time.h>
#include <linux/jiffies.h>
#include <linux/percpu.h>
#include "ts3init_cookie.h"
#include "ts3init_cache.h"
struct ts3init_cache_t
{
unsigned long saved_jiffies;
time_t unix_time;
struct xt_ts3init_cookie_cache cookie_cache;
};
DEFINE_PER_CPU(struct ts3init_cache_t, ts3init_cache);
static inline void update_cache_time(unsigned long jifs,
struct ts3init_cache_t* cache)
{
if (((long)jifs - (long)cache->saved_jiffies) >= HZ)
{
/* it's been 1 second sinds last time update.
* Get the new unix time and cache it*/
struct timeval tv;
cache->saved_jiffies = jifs;
do_gettimeofday(&tv);
cache->unix_time = tv.tv_sec;
}
}
time_t ts3init_get_cached_unix_time(void)
{
struct ts3init_cache_t* cache;
unsigned long jifs;
time_t current_unix_time;
jifs = jiffies;
cache = &get_cpu_var(ts3init_cache);
update_cache_time(jifs, cache);
current_unix_time = cache->unix_time;
put_cpu_var(ts3init_cache);
return current_unix_time;
}
bool ts3init_get_cookie_seed_for_packet_index(u8 packet_index, const u8* random_seed, u64 (*cookie)[2])
{
struct ts3init_cache_t* cache;
u64* result;
unsigned long jifs;
time_t current_unix_time;
jifs = jiffies;
cache = &get_cpu_var(ts3init_cache);
update_cache_time(jifs, cache);
current_unix_time = cache->unix_time;
result = ts3init_get_cookie_seed(current_unix_time,
packet_index, &cache->cookie_cache, random_seed);
if (result)
{
(*cookie)[0] = result[0];
(*cookie)[1] = result[1];
}
put_cpu_var(ts3init_cache);
return result != NULL;
}
bool ts3init_get_current_cookie_seed(const u8* random_seed, u64 (*cookie)[2], u8 *packet_index)
{
struct ts3init_cache_t* cache;
u64* result;
unsigned long jifs;
time_t current_unix_time;
jifs = jiffies;
cache = &get_cpu_var(ts3init_cache);
update_cache_time(jifs, cache);
current_unix_time = cache->unix_time;
*packet_index = current_unix_time % 8;
result = ts3init_get_cookie_seed(current_unix_time,
*packet_index, &cache->cookie_cache, random_seed);
if (result)
{
(*cookie)[0] = result[0];
(*cookie)[1] = result[1];
}
put_cpu_var(ts3init_cache);
return result != NULL;
}