root/include/uapi/linux/netfilter/nfnetlink_osf.h

INCLUDED FROM

   1 #ifndef _NF_OSF_H
   2 #define _NF_OSF_H
   3 
   4 #include <linux/types.h>
   5 #include <linux/ip.h>
   6 #include <linux/tcp.h>
   7 
   8 #define MAXGENRELEN     32
   9 
  10 #define NF_OSF_GENRE    (1 << 0)
  11 #define NF_OSF_TTL      (1 << 1)
  12 #define NF_OSF_LOG      (1 << 2)
  13 #define NF_OSF_INVERT   (1 << 3)
  14 
  15 #define NF_OSF_LOGLEVEL_ALL             0       /* log all matched fingerprints */
  16 #define NF_OSF_LOGLEVEL_FIRST           1       /* log only the first matced fingerprint */
  17 #define NF_OSF_LOGLEVEL_ALL_KNOWN       2       /* do not log unknown packets */
  18 
  19 #define NF_OSF_TTL_TRUE                 0       /* True ip and fingerprint TTL comparison */
  20 
  21 /* Check if ip TTL is less than fingerprint one */
  22 #define NF_OSF_TTL_LESS                 1
  23 
  24 /* Do not compare ip and fingerprint TTL at all */
  25 #define NF_OSF_TTL_NOCHECK              2
  26 
  27 #define NF_OSF_FLAGMASK         (NF_OSF_GENRE | NF_OSF_TTL | \
  28                                  NF_OSF_LOG | NF_OSF_INVERT)
  29 /* Wildcard MSS (kind of).
  30  * It is used to implement a state machine for the different wildcard values
  31  * of the MSS and window sizes.
  32  */
  33 struct nf_osf_wc {
  34         __u32   wc;
  35         __u32   val;
  36 };
  37 
  38 /* This struct represents IANA options
  39  * http://www.iana.org/assignments/tcp-parameters
  40  */
  41 struct nf_osf_opt {
  42         __u16                   kind, length;
  43         struct nf_osf_wc        wc;
  44 };
  45 
  46 struct nf_osf_info {
  47         char    genre[MAXGENRELEN];
  48         __u32   len;
  49         __u32   flags;
  50         __u32   loglevel;
  51         __u32   ttl;
  52 };
  53 
  54 struct nf_osf_user_finger {
  55         struct nf_osf_wc        wss;
  56 
  57         __u8    ttl, df;
  58         __u16   ss, mss;
  59         __u16   opt_num;
  60 
  61         char    genre[MAXGENRELEN];
  62         char    version[MAXGENRELEN];
  63         char    subtype[MAXGENRELEN];
  64 
  65         /* MAX_IPOPTLEN is maximum if all options are NOPs or EOLs */
  66         struct nf_osf_opt       opt[MAX_IPOPTLEN];
  67 };
  68 
  69 struct nf_osf_nlmsg {
  70         struct nf_osf_user_finger       f;
  71         struct iphdr                    ip;
  72         struct tcphdr                   tcp;
  73 };
  74 
  75 /* Defines for IANA option kinds */
  76 enum iana_options {
  77         OSFOPT_EOL = 0,         /* End of options */
  78         OSFOPT_NOP,             /* NOP */
  79         OSFOPT_MSS,             /* Maximum segment size */
  80         OSFOPT_WSO,             /* Window scale option */
  81         OSFOPT_SACKP,           /* SACK permitted */
  82         OSFOPT_SACK,            /* SACK */
  83         OSFOPT_ECHO,
  84         OSFOPT_ECHOREPLY,
  85         OSFOPT_TS,              /* Timestamp option */
  86         OSFOPT_POCP,            /* Partial Order Connection Permitted */
  87         OSFOPT_POSP,            /* Partial Order Service Profile */
  88 
  89         /* Others are not used in the current OSF */
  90         OSFOPT_EMPTY = 255,
  91 };
  92 
  93 /* Initial window size option state machine: multiple of mss, mtu or
  94  * plain numeric value. Can also be made as plain numeric value which
  95  * is not a multiple of specified value.
  96  */
  97 enum nf_osf_window_size_options {
  98         OSF_WSS_PLAIN   = 0,
  99         OSF_WSS_MSS,
 100         OSF_WSS_MTU,
 101         OSF_WSS_MODULO,
 102         OSF_WSS_MAX,
 103 };
 104 
 105 enum nf_osf_attr_type {
 106         OSF_ATTR_UNSPEC,
 107         OSF_ATTR_FINGER,
 108         OSF_ATTR_MAX,
 109 };
 110 
 111 /*
 112  * Add/remove fingerprint from the kernel.
 113  */
 114 enum nf_osf_msg_types {
 115         OSF_MSG_ADD,
 116         OSF_MSG_REMOVE,
 117         OSF_MSG_MAX,
 118 };
 119 
 120 #endif /* _NF_OSF_H */