The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netpfil/pf/pf_osfp.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * SPDX-License-Identifier: ISC
    3  *
    4  * Copyright (c) 2003 Mike Frantzen <frantzen@w4g.org>
    5  *
    6  * Permission to use, copy, modify, and distribute this software for any
    7  * purpose with or without fee is hereby granted, provided that the above
    8  * copyright notice and this permission notice appear in all copies.
    9  *
   10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
   12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
   13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   17  *
   18  *      $OpenBSD: pf_osfp.c,v 1.14 2008/06/12 18:17:01 henning Exp $
   19  */
   20 
   21 #include <sys/cdefs.h>
   22 __FBSDID("$FreeBSD$");
   23 
   24 #include "opt_inet6.h"
   25 
   26 #include <sys/param.h>
   27 #include <sys/kernel.h>
   28 #include <sys/lock.h>
   29 #include <sys/mbuf.h>
   30 #include <sys/socket.h>
   31 
   32 #include <netinet/in.h>
   33 #include <netinet/ip.h>
   34 #include <netinet/tcp.h>
   35 
   36 #include <net/if.h>
   37 #include <net/vnet.h>
   38 #include <net/pfvar.h>
   39 
   40 #ifdef INET6
   41 #include <netinet/ip6.h>
   42 #endif
   43 
   44 static MALLOC_DEFINE(M_PFOSFP, "pf_osfp", "pf(4) operating system fingerprints");
   45 #define DPFPRINTF(format, x...)         \
   46         if (V_pf_status.debug >= PF_DEBUG_NOISY)        \
   47                 printf(format , ##x)
   48 
   49 SLIST_HEAD(pf_osfp_list, pf_os_fingerprint);
   50 VNET_DEFINE_STATIC(struct pf_osfp_list, pf_osfp_list) =
   51         SLIST_HEAD_INITIALIZER();
   52 #define V_pf_osfp_list                  VNET(pf_osfp_list)
   53 
   54 static struct pf_osfp_enlist    *pf_osfp_fingerprint_hdr(const struct ip *,
   55                                     const struct ip6_hdr *,
   56                                     const struct tcphdr *);
   57 static struct pf_os_fingerprint *pf_osfp_find(struct pf_osfp_list *,
   58                                     struct pf_os_fingerprint *, u_int8_t);
   59 static struct pf_os_fingerprint *pf_osfp_find_exact(struct pf_osfp_list *,
   60                                     struct pf_os_fingerprint *);
   61 static void                      pf_osfp_insert(struct pf_osfp_list *,
   62                                     struct pf_os_fingerprint *);
   63 #ifdef PFDEBUG
   64 static struct pf_os_fingerprint *pf_osfp_validate(void);
   65 #endif
   66 
   67 /*
   68  * Passively fingerprint the OS of the host (IPv4 TCP SYN packets only)
   69  * Returns the list of possible OSes.
   70  */
   71 struct pf_osfp_enlist *
   72 pf_osfp_fingerprint(struct pf_pdesc *pd, struct mbuf *m, int off,
   73     const struct tcphdr *tcp)
   74 {
   75         struct ip *ip;
   76         struct ip6_hdr *ip6;
   77         char hdr[60];
   78 
   79         if ((pd->af != PF_INET && pd->af != PF_INET6) ||
   80             pd->proto != IPPROTO_TCP || (tcp->th_off << 2) < sizeof(*tcp))
   81                 return (NULL);
   82 
   83         if (pd->af == PF_INET) {
   84                 ip = mtod(m, struct ip *);
   85                 ip6 = (struct ip6_hdr *)NULL;
   86         } else {
   87                 ip = (struct ip *)NULL;
   88                 ip6 = mtod(m, struct ip6_hdr *);
   89         }
   90         if (!pf_pull_hdr(m, off, hdr, tcp->th_off << 2, NULL, NULL,
   91             pd->af)) return (NULL);
   92 
   93         return (pf_osfp_fingerprint_hdr(ip, ip6, (struct tcphdr *)hdr));
   94 }
   95 
   96 static struct pf_osfp_enlist *
   97 pf_osfp_fingerprint_hdr(const struct ip *ip, const struct ip6_hdr *ip6, const struct tcphdr *tcp)
   98 {
   99         struct pf_os_fingerprint fp, *fpresult;
  100         int cnt, optlen = 0;
  101         const u_int8_t *optp;
  102 #ifdef INET6
  103         char srcname[INET6_ADDRSTRLEN];
  104 #else
  105         char srcname[INET_ADDRSTRLEN];
  106 #endif
  107 
  108         if ((tcp->th_flags & (TH_SYN|TH_ACK)) != TH_SYN)
  109                 return (NULL);
  110         if (ip) {
  111                 if ((ip->ip_off & htons(IP_OFFMASK)) != 0)
  112                         return (NULL);
  113         }
  114 
  115         memset(&fp, 0, sizeof(fp));
  116 
  117         if (ip) {
  118                 fp.fp_psize = ntohs(ip->ip_len);
  119                 fp.fp_ttl = ip->ip_ttl;
  120                 if (ip->ip_off & htons(IP_DF))
  121                         fp.fp_flags |= PF_OSFP_DF;
  122                 inet_ntoa_r(ip->ip_src, srcname);
  123         }
  124 #ifdef INET6
  125         else if (ip6) {
  126                 /* jumbo payload? */
  127                 fp.fp_psize = sizeof(struct ip6_hdr) + ntohs(ip6->ip6_plen);
  128                 fp.fp_ttl = ip6->ip6_hlim;
  129                 fp.fp_flags |= PF_OSFP_DF;
  130                 fp.fp_flags |= PF_OSFP_INET6;
  131                 ip6_sprintf(srcname, (const struct in6_addr *)&ip6->ip6_src);
  132         }
  133 #endif
  134         else
  135                 return (NULL);
  136         fp.fp_wsize = ntohs(tcp->th_win);
  137 
  138         cnt = (tcp->th_off << 2) - sizeof(*tcp);
  139         optp = (const u_int8_t *)((const char *)tcp + sizeof(*tcp));
  140         for (; cnt > 0; cnt -= optlen, optp += optlen) {
  141                 if (*optp == TCPOPT_EOL)
  142                         break;
  143 
  144                 fp.fp_optcnt++;
  145                 if (*optp == TCPOPT_NOP) {
  146                         fp.fp_tcpopts = (fp.fp_tcpopts << PF_OSFP_TCPOPT_BITS) |
  147                             PF_OSFP_TCPOPT_NOP;
  148                         optlen = 1;
  149                 } else {
  150                         if (cnt < 2)
  151                                 return (NULL);
  152                         optlen = optp[1];
  153                         if (optlen > cnt || optlen < 2)
  154                                 return (NULL);
  155                         switch (*optp) {
  156                         case TCPOPT_MAXSEG:
  157                                 if (optlen >= TCPOLEN_MAXSEG)
  158                                         memcpy(&fp.fp_mss, &optp[2],
  159                                             sizeof(fp.fp_mss));
  160                                 fp.fp_tcpopts = (fp.fp_tcpopts <<
  161                                     PF_OSFP_TCPOPT_BITS) | PF_OSFP_TCPOPT_MSS;
  162                                 NTOHS(fp.fp_mss);
  163                                 break;
  164                         case TCPOPT_WINDOW:
  165                                 if (optlen >= TCPOLEN_WINDOW)
  166                                         memcpy(&fp.fp_wscale, &optp[2],
  167                                             sizeof(fp.fp_wscale));
  168                                 NTOHS(fp.fp_wscale);
  169                                 fp.fp_tcpopts = (fp.fp_tcpopts <<
  170                                     PF_OSFP_TCPOPT_BITS) |
  171                                     PF_OSFP_TCPOPT_WSCALE;
  172                                 break;
  173                         case TCPOPT_SACK_PERMITTED:
  174                                 fp.fp_tcpopts = (fp.fp_tcpopts <<
  175                                     PF_OSFP_TCPOPT_BITS) | PF_OSFP_TCPOPT_SACK;
  176                                 break;
  177                         case TCPOPT_TIMESTAMP:
  178                                 if (optlen >= TCPOLEN_TIMESTAMP) {
  179                                         u_int32_t ts;
  180                                         memcpy(&ts, &optp[2], sizeof(ts));
  181                                         if (ts == 0)
  182                                                 fp.fp_flags |= PF_OSFP_TS0;
  183                                 }
  184                                 fp.fp_tcpopts = (fp.fp_tcpopts <<
  185                                     PF_OSFP_TCPOPT_BITS) | PF_OSFP_TCPOPT_TS;
  186                                 break;
  187                         default:
  188                                 return (NULL);
  189                         }
  190                 }
  191                 optlen = MAX(optlen, 1);        /* paranoia */
  192         }
  193 
  194         DPFPRINTF("fingerprinted %s:%d  %d:%d:%d:%d:%llx (%d) "
  195             "(TS=%s,M=%s%d,W=%s%d)\n",
  196             srcname, ntohs(tcp->th_sport),
  197             fp.fp_wsize, fp.fp_ttl, (fp.fp_flags & PF_OSFP_DF) != 0,
  198             fp.fp_psize, (long long int)fp.fp_tcpopts, fp.fp_optcnt,
  199             (fp.fp_flags & PF_OSFP_TS0) ? "" : "",
  200             (fp.fp_flags & PF_OSFP_MSS_MOD) ? "%" :
  201             (fp.fp_flags & PF_OSFP_MSS_DC) ? "*" : "",
  202             fp.fp_mss,
  203             (fp.fp_flags & PF_OSFP_WSCALE_MOD) ? "%" :
  204             (fp.fp_flags & PF_OSFP_WSCALE_DC) ? "*" : "",
  205             fp.fp_wscale);
  206 
  207         if ((fpresult = pf_osfp_find(&V_pf_osfp_list, &fp,
  208             PF_OSFP_MAXTTL_OFFSET)))
  209                 return (&fpresult->fp_oses);
  210         return (NULL);
  211 }
  212 
  213 /* Match a fingerprint ID against a list of OSes */
  214 int
  215 pf_osfp_match(struct pf_osfp_enlist *list, pf_osfp_t os)
  216 {
  217         struct pf_osfp_entry *entry;
  218         int os_class, os_version, os_subtype;
  219         int en_class, en_version, en_subtype;
  220 
  221         if (os == PF_OSFP_ANY)
  222                 return (1);
  223         if (list == NULL) {
  224                 DPFPRINTF("osfp no match against %x\n", os);
  225                 return (os == PF_OSFP_UNKNOWN);
  226         }
  227         PF_OSFP_UNPACK(os, os_class, os_version, os_subtype);
  228         SLIST_FOREACH(entry, list, fp_entry) {
  229                 PF_OSFP_UNPACK(entry->fp_os, en_class, en_version, en_subtype);
  230                 if ((os_class == PF_OSFP_ANY || en_class == os_class) &&
  231                     (os_version == PF_OSFP_ANY || en_version == os_version) &&
  232                     (os_subtype == PF_OSFP_ANY || en_subtype == os_subtype)) {
  233                         DPFPRINTF("osfp matched %s %s %s  %x==%x\n",
  234                             entry->fp_class_nm, entry->fp_version_nm,
  235                             entry->fp_subtype_nm, os, entry->fp_os);
  236                         return (1);
  237                 }
  238         }
  239         DPFPRINTF("fingerprint 0x%x didn't match\n", os);
  240         return (0);
  241 }
  242 
  243 /* Flush the fingerprint list */
  244 void
  245 pf_osfp_flush(void)
  246 {
  247         struct pf_os_fingerprint *fp;
  248         struct pf_osfp_entry *entry;
  249 
  250         while ((fp = SLIST_FIRST(&V_pf_osfp_list))) {
  251                 SLIST_REMOVE_HEAD(&V_pf_osfp_list, fp_next);
  252                 while ((entry = SLIST_FIRST(&fp->fp_oses))) {
  253                         SLIST_REMOVE_HEAD(&fp->fp_oses, fp_entry);
  254                         free(entry, M_PFOSFP);
  255                 }
  256                 free(fp, M_PFOSFP);
  257         }
  258 }
  259 
  260 /* Add a fingerprint */
  261 int
  262 pf_osfp_add(struct pf_osfp_ioctl *fpioc)
  263 {
  264         struct pf_os_fingerprint *fp, fpadd;
  265         struct pf_osfp_entry *entry;
  266 
  267         PF_RULES_WASSERT();
  268 
  269         memset(&fpadd, 0, sizeof(fpadd));
  270         fpadd.fp_tcpopts = fpioc->fp_tcpopts;
  271         fpadd.fp_wsize = fpioc->fp_wsize;
  272         fpadd.fp_psize = fpioc->fp_psize;
  273         fpadd.fp_mss = fpioc->fp_mss;
  274         fpadd.fp_flags = fpioc->fp_flags;
  275         fpadd.fp_optcnt = fpioc->fp_optcnt;
  276         fpadd.fp_wscale = fpioc->fp_wscale;
  277         fpadd.fp_ttl = fpioc->fp_ttl;
  278 
  279 #if 0   /* XXX RYAN wants to fix logging */
  280         DPFPRINTF("adding osfp %s %s %s = %s%d:%d:%d:%s%d:0x%llx %d "
  281             "(TS=%s,M=%s%d,W=%s%d) %x\n",
  282             fpioc->fp_os.fp_class_nm, fpioc->fp_os.fp_version_nm,
  283             fpioc->fp_os.fp_subtype_nm,
  284             (fpadd.fp_flags & PF_OSFP_WSIZE_MOD) ? "%" :
  285             (fpadd.fp_flags & PF_OSFP_WSIZE_MSS) ? "S" :
  286             (fpadd.fp_flags & PF_OSFP_WSIZE_MTU) ? "T" :
  287             (fpadd.fp_flags & PF_OSFP_WSIZE_DC) ? "*" : "",
  288             fpadd.fp_wsize,
  289             fpadd.fp_ttl,
  290             (fpadd.fp_flags & PF_OSFP_DF) ? 1 : 0,
  291             (fpadd.fp_flags & PF_OSFP_PSIZE_MOD) ? "%" :
  292             (fpadd.fp_flags & PF_OSFP_PSIZE_DC) ? "*" : "",
  293             fpadd.fp_psize,
  294             (long long int)fpadd.fp_tcpopts, fpadd.fp_optcnt,
  295             (fpadd.fp_flags & PF_OSFP_TS0) ? "" : "",
  296             (fpadd.fp_flags & PF_OSFP_MSS_MOD) ? "%" :
  297             (fpadd.fp_flags & PF_OSFP_MSS_DC) ? "*" : "",
  298             fpadd.fp_mss,
  299             (fpadd.fp_flags & PF_OSFP_WSCALE_MOD) ? "%" :
  300             (fpadd.fp_flags & PF_OSFP_WSCALE_DC) ? "*" : "",
  301             fpadd.fp_wscale,
  302             fpioc->fp_os.fp_os);
  303 #endif
  304 
  305         if ((fp = pf_osfp_find_exact(&V_pf_osfp_list, &fpadd))) {
  306                  SLIST_FOREACH(entry, &fp->fp_oses, fp_entry) {
  307                         if (PF_OSFP_ENTRY_EQ(entry, &fpioc->fp_os))
  308                                 return (EEXIST);
  309                 }
  310                 if ((entry = malloc(sizeof(*entry), M_PFOSFP, M_NOWAIT))
  311                     == NULL)
  312                         return (ENOMEM);
  313         } else {
  314                 if ((fp = malloc(sizeof(*fp), M_PFOSFP, M_ZERO | M_NOWAIT))
  315                     == NULL)
  316                         return (ENOMEM);
  317                 fp->fp_tcpopts = fpioc->fp_tcpopts;
  318                 fp->fp_wsize = fpioc->fp_wsize;
  319                 fp->fp_psize = fpioc->fp_psize;
  320                 fp->fp_mss = fpioc->fp_mss;
  321                 fp->fp_flags = fpioc->fp_flags;
  322                 fp->fp_optcnt = fpioc->fp_optcnt;
  323                 fp->fp_wscale = fpioc->fp_wscale;
  324                 fp->fp_ttl = fpioc->fp_ttl;
  325                 SLIST_INIT(&fp->fp_oses);
  326                 if ((entry = malloc(sizeof(*entry), M_PFOSFP, M_NOWAIT))
  327                     == NULL) {
  328                         free(fp, M_PFOSFP);
  329                         return (ENOMEM);
  330                 }
  331                 pf_osfp_insert(&V_pf_osfp_list, fp);
  332         }
  333         memcpy(entry, &fpioc->fp_os, sizeof(*entry));
  334 
  335         /* Make sure the strings are NUL terminated */
  336         entry->fp_class_nm[sizeof(entry->fp_class_nm)-1] = '\0';
  337         entry->fp_version_nm[sizeof(entry->fp_version_nm)-1] = '\0';
  338         entry->fp_subtype_nm[sizeof(entry->fp_subtype_nm)-1] = '\0';
  339 
  340         SLIST_INSERT_HEAD(&fp->fp_oses, entry, fp_entry);
  341 
  342 #ifdef PFDEBUG
  343         if ((fp = pf_osfp_validate()))
  344                 printf("Invalid fingerprint list\n");
  345 #endif /* PFDEBUG */
  346         return (0);
  347 }
  348 
  349 /* Find a fingerprint in the list */
  350 static struct pf_os_fingerprint *
  351 pf_osfp_find(struct pf_osfp_list *list, struct pf_os_fingerprint *find,
  352     u_int8_t ttldiff)
  353 {
  354         struct pf_os_fingerprint *f;
  355 
  356 #define MATCH_INT(_MOD, _DC, _field)                                    \
  357         if ((f->fp_flags & _DC) == 0) {                                 \
  358                 if ((f->fp_flags & _MOD) == 0) {                        \
  359                         if (f->_field != find->_field)                  \
  360                                 continue;                               \
  361                 } else {                                                \
  362                         if (f->_field == 0 || find->_field % f->_field) \
  363                                 continue;                               \
  364                 }                                                       \
  365         }
  366 
  367         SLIST_FOREACH(f, list, fp_next) {
  368                 if (f->fp_tcpopts != find->fp_tcpopts ||
  369                     f->fp_optcnt != find->fp_optcnt ||
  370                     f->fp_ttl < find->fp_ttl ||
  371                     f->fp_ttl - find->fp_ttl > ttldiff ||
  372                     (f->fp_flags & (PF_OSFP_DF|PF_OSFP_TS0)) !=
  373                     (find->fp_flags & (PF_OSFP_DF|PF_OSFP_TS0)))
  374                         continue;
  375 
  376                 MATCH_INT(PF_OSFP_PSIZE_MOD, PF_OSFP_PSIZE_DC, fp_psize)
  377                 MATCH_INT(PF_OSFP_MSS_MOD, PF_OSFP_MSS_DC, fp_mss)
  378                 MATCH_INT(PF_OSFP_WSCALE_MOD, PF_OSFP_WSCALE_DC, fp_wscale)
  379                 if ((f->fp_flags & PF_OSFP_WSIZE_DC) == 0) {
  380                         if (f->fp_flags & PF_OSFP_WSIZE_MSS) {
  381                                 if (find->fp_mss == 0)
  382                                         continue;
  383 
  384 /*
  385  * Some "smart" NAT devices and DSL routers will tweak the MSS size and
  386  * will set it to whatever is suitable for the link type.
  387  */
  388 #define SMART_MSS       1460
  389                                 if ((find->fp_wsize % find->fp_mss ||
  390                                     find->fp_wsize / find->fp_mss !=
  391                                     f->fp_wsize) &&
  392                                     (find->fp_wsize % SMART_MSS ||
  393                                     find->fp_wsize / SMART_MSS !=
  394                                     f->fp_wsize))
  395                                         continue;
  396                         } else if (f->fp_flags & PF_OSFP_WSIZE_MTU) {
  397                                 if (find->fp_mss == 0)
  398                                         continue;
  399 
  400 #define MTUOFF          (sizeof(struct ip) + sizeof(struct tcphdr))
  401 #define SMART_MTU       (SMART_MSS + MTUOFF)
  402                                 if ((find->fp_wsize % (find->fp_mss + MTUOFF) ||
  403                                     find->fp_wsize / (find->fp_mss + MTUOFF) !=
  404                                     f->fp_wsize) &&
  405                                     (find->fp_wsize % SMART_MTU ||
  406                                     find->fp_wsize / SMART_MTU !=
  407                                     f->fp_wsize))
  408                                         continue;
  409                         } else if (f->fp_flags & PF_OSFP_WSIZE_MOD) {
  410                                 if (f->fp_wsize == 0 || find->fp_wsize %
  411                                     f->fp_wsize)
  412                                         continue;
  413                         } else {
  414                                 if (f->fp_wsize != find->fp_wsize)
  415                                         continue;
  416                         }
  417                 }
  418                 return (f);
  419         }
  420 
  421         return (NULL);
  422 }
  423 
  424 /* Find an exact fingerprint in the list */
  425 static struct pf_os_fingerprint *
  426 pf_osfp_find_exact(struct pf_osfp_list *list, struct pf_os_fingerprint *find)
  427 {
  428         struct pf_os_fingerprint *f;
  429 
  430         SLIST_FOREACH(f, list, fp_next) {
  431                 if (f->fp_tcpopts == find->fp_tcpopts &&
  432                     f->fp_wsize == find->fp_wsize &&
  433                     f->fp_psize == find->fp_psize &&
  434                     f->fp_mss == find->fp_mss &&
  435                     f->fp_flags == find->fp_flags &&
  436                     f->fp_optcnt == find->fp_optcnt &&
  437                     f->fp_wscale == find->fp_wscale &&
  438                     f->fp_ttl == find->fp_ttl)
  439                         return (f);
  440         }
  441 
  442         return (NULL);
  443 }
  444 
  445 /* Insert a fingerprint into the list */
  446 static void
  447 pf_osfp_insert(struct pf_osfp_list *list, struct pf_os_fingerprint *ins)
  448 {
  449         struct pf_os_fingerprint *f, *prev = NULL;
  450 
  451         /* XXX need to go semi tree based.  can key on tcp options */
  452 
  453         SLIST_FOREACH(f, list, fp_next)
  454                 prev = f;
  455         if (prev)
  456                 SLIST_INSERT_AFTER(prev, ins, fp_next);
  457         else
  458                 SLIST_INSERT_HEAD(list, ins, fp_next);
  459 }
  460 
  461 /* Fill a fingerprint by its number (from an ioctl) */
  462 int
  463 pf_osfp_get(struct pf_osfp_ioctl *fpioc)
  464 {
  465         struct pf_os_fingerprint *fp;
  466         struct pf_osfp_entry *entry;
  467         int num = fpioc->fp_getnum;
  468         int i = 0;
  469 
  470         memset(fpioc, 0, sizeof(*fpioc));
  471         SLIST_FOREACH(fp, &V_pf_osfp_list, fp_next) {
  472                 SLIST_FOREACH(entry, &fp->fp_oses, fp_entry) {
  473                         if (i++ == num) {
  474                                 fpioc->fp_mss = fp->fp_mss;
  475                                 fpioc->fp_wsize = fp->fp_wsize;
  476                                 fpioc->fp_flags = fp->fp_flags;
  477                                 fpioc->fp_psize = fp->fp_psize;
  478                                 fpioc->fp_ttl = fp->fp_ttl;
  479                                 fpioc->fp_wscale = fp->fp_wscale;
  480                                 fpioc->fp_getnum = num;
  481                                 memcpy(&fpioc->fp_os, entry,
  482                                     sizeof(fpioc->fp_os));
  483                                 return (0);
  484                         }
  485                 }
  486         }
  487 
  488         return (EBUSY);
  489 }
  490 
  491 #ifdef PFDEBUG
  492 /* Validate that each signature is reachable */
  493 static struct pf_os_fingerprint *
  494 pf_osfp_validate(void)
  495 {
  496         struct pf_os_fingerprint *f, *f2, find;
  497 
  498         SLIST_FOREACH(f, &V_pf_osfp_list, fp_next) {
  499                 memcpy(&find, f, sizeof(find));
  500 
  501                 /* We do a few MSS/th_win percolations to make things unique */
  502                 if (find.fp_mss == 0)
  503                         find.fp_mss = 128;
  504                 if (f->fp_flags & PF_OSFP_WSIZE_MSS)
  505                         find.fp_wsize *= find.fp_mss;
  506                 else if (f->fp_flags & PF_OSFP_WSIZE_MTU)
  507                         find.fp_wsize *= (find.fp_mss + 40);
  508                 else if (f->fp_flags & PF_OSFP_WSIZE_MOD)
  509                         find.fp_wsize *= 2;
  510                 if (f != (f2 = pf_osfp_find(&V_pf_osfp_list, &find, 0))) {
  511                         if (f2)
  512                                 printf("Found \"%s %s %s\" instead of "
  513                                     "\"%s %s %s\"\n",
  514                                     SLIST_FIRST(&f2->fp_oses)->fp_class_nm,
  515                                     SLIST_FIRST(&f2->fp_oses)->fp_version_nm,
  516                                     SLIST_FIRST(&f2->fp_oses)->fp_subtype_nm,
  517                                     SLIST_FIRST(&f->fp_oses)->fp_class_nm,
  518                                     SLIST_FIRST(&f->fp_oses)->fp_version_nm,
  519                                     SLIST_FIRST(&f->fp_oses)->fp_subtype_nm);
  520                         else
  521                                 printf("Couldn't find \"%s %s %s\"\n",
  522                                     SLIST_FIRST(&f->fp_oses)->fp_class_nm,
  523                                     SLIST_FIRST(&f->fp_oses)->fp_version_nm,
  524                                     SLIST_FIRST(&f->fp_oses)->fp_subtype_nm);
  525                         return (f);
  526                 }
  527         }
  528         return (NULL);
  529 }
  530 #endif /* PFDEBUG */

Cache object: 1611b625d3628bb7170c0d936bcbcddf


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.