From 19d701ddf07d855128ded0cf2b573ce468e3bdd6 Mon Sep 17 00:00:00 2001 From: Ashlee Young Date: Wed, 20 Jan 2016 01:10:01 +0000 Subject: Removing Suricata and Audit from source repo, and updated build.sh to avoid building suricata. Will re-address this in C release via tar balls. Change-Id: I3710076f8b7f3313cb3cb5260c4eb0a6834d4f6e Signed-off-by: Ashlee Young --- framework/src/suricata/src/decode-ipv4.h | 254 ------------------------------- 1 file changed, 254 deletions(-) delete mode 100644 framework/src/suricata/src/decode-ipv4.h (limited to 'framework/src/suricata/src/decode-ipv4.h') diff --git a/framework/src/suricata/src/decode-ipv4.h b/framework/src/suricata/src/decode-ipv4.h deleted file mode 100644 index be212bf2..00000000 --- a/framework/src/suricata/src/decode-ipv4.h +++ /dev/null @@ -1,254 +0,0 @@ -/* Copyright (C) 2007-2013 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** - * \file - * - * \author Victor Julien - * \author Brian Rectanus - */ - -#ifndef __DECODE_IPV4_H__ -#define __DECODE_IPV4_H__ - -#define IPV4_HEADER_LEN 20 /**< Header length */ -#define IPV4_OPTMAX 40 /**< Max options length */ -#define IPV4_MAXPACKET_LEN 65535 /**< Maximum packet size */ - -/** IP Option Types */ -#define IPV4_OPT_EOL 0x00 /**< Option: End of List */ -#define IPV4_OPT_NOP 0x01 /**< Option: No op */ -#define IPV4_OPT_RR 0x07 /**< Option: Record Route */ -#define IPV4_OPT_QS 0x19 /**< Option: Quick Start */ -#define IPV4_OPT_TS 0x44 /**< Option: Timestamp */ -#define IPV4_OPT_SEC 0x82 /**< Option: Security */ -#define IPV4_OPT_LSRR 0x83 /**< Option: Loose Source Route */ -#define IPV4_OPT_CIPSO 0x86 /**< Option: Commercial IP Security */ -#define IPV4_OPT_SID 0x88 /**< Option: Stream Identifier */ -#define IPV4_OPT_SSRR 0x89 /**< Option: Strict Source Route */ -#define IPV4_OPT_RTRALT 0x94 /**< Option: Router Alert */ - -/** IP Option Lengths (fixed) */ -#define IPV4_OPT_SEC_LEN 11 /**< SEC Option Fixed Length */ -#define IPV4_OPT_SID_LEN 4 /**< SID Option Fixed Length */ -#define IPV4_OPT_RTRALT_LEN 4 /**< RTRALT Option Fixed Length */ - -/** IP Option Lengths (variable) */ -#define IPV4_OPT_ROUTE_MIN 3 /**< RR, SRR, LTRR Option Min Length */ -#define IPV4_OPT_QS_MIN 8 /**< QS Option Min Length */ -#define IPV4_OPT_TS_MIN 5 /**< TS Option Min Length */ -#define IPV4_OPT_CIPSO_MIN 10 /**< CIPSO Option Min Length */ - -/** IP Option fields */ -#define IPV4_OPTS ip4vars.ip_opts -#define IPV4_OPTS_CNT ip4vars.ip_opt_cnt - -typedef struct IPV4Opt_ { - /** \todo We may want to break type up into its 3 fields - * as the reassembler may want to know which options - * must be copied to each fragment. - */ - uint8_t type; /**< option type */ - uint8_t len; /**< option length (type+len+data) */ - uint8_t *data; /**< option data */ -} IPV4Opt; - -typedef struct IPV4Hdr_ -{ - uint8_t ip_verhl; /**< version & header length */ - uint8_t ip_tos; /**< type of service */ - uint16_t ip_len; /**< length */ - uint16_t ip_id; /**< id */ - uint16_t ip_off; /**< frag offset */ - uint8_t ip_ttl; /**< time to live */ - uint8_t ip_proto; /**< protocol (tcp, udp, etc) */ - uint16_t ip_csum; /**< checksum */ - union { - struct { - struct in_addr ip_src;/**< source address */ - struct in_addr ip_dst;/**< destination address */ - } ip4_un1; - uint16_t ip_addrs[4]; - } ip4_hdrun1; -} __attribute__((__packed__)) IPV4Hdr; - - -#define s_ip_src ip4_hdrun1.ip4_un1.ip_src -#define s_ip_dst ip4_hdrun1.ip4_un1.ip_dst -#define s_ip_addrs ip4_hdrun1.ip_addrs - -#define IPV4_GET_RAW_VER(ip4h) (((ip4h)->ip_verhl & 0xf0) >> 4) -#define IPV4_GET_RAW_HLEN(ip4h) ((ip4h)->ip_verhl & 0x0f) -#define IPV4_GET_RAW_IPTOS(ip4h) ((ip4h)->ip_tos) -#define IPV4_GET_RAW_IPLEN(ip4h) ((ip4h)->ip_len) -#define IPV4_GET_RAW_IPID(ip4h) ((ip4h)->ip_id) -#define IPV4_GET_RAW_IPOFFSET(ip4h) ((ip4h)->ip_off) -#define IPV4_GET_RAW_IPTTL(ip4h) ((ip4h)->ip_ttl) -#define IPV4_GET_RAW_IPPROTO(ip4h) ((ip4h)->ip_proto) -#define IPV4_GET_RAW_IPSRC(ip4h) ((ip4h)->s_ip_src) -#define IPV4_GET_RAW_IPDST(ip4h) ((ip4h)->s_ip_dst) - -/** return the raw (directly from the header) src ip as uint32_t */ -#define IPV4_GET_RAW_IPSRC_U32(ip4h) (uint32_t)((ip4h)->s_ip_src.s_addr) -/** return the raw (directly from the header) dst ip as uint32_t */ -#define IPV4_GET_RAW_IPDST_U32(ip4h) (uint32_t)((ip4h)->s_ip_dst.s_addr) - -/* we need to change them as well as get them */ -#define IPV4_SET_RAW_VER(ip4h, value) ((ip4h)->ip_verhl = (((ip4h)->ip_verhl & 0x0f) | (value << 4))) -#define IPV4_SET_RAW_HLEN(ip4h, value) ((ip4h)->ip_verhl = (((ip4h)->ip_verhl & 0xf0) | (value & 0x0f))) -#define IPV4_SET_RAW_IPTOS(ip4h, value) ((ip4h)->ip_tos = value) -#define IPV4_SET_RAW_IPLEN(ip4h, value) ((ip4h)->ip_len = value) -#define IPV4_SET_RAW_IPPROTO(ip4h, value) ((ip4h)->ip_proto = value) - -/* ONLY call these functions after making sure that: - * 1. p->ip4h is set - * 2. p->ip4h is valid (len is correct) - */ -#define IPV4_GET_VER(p) \ - IPV4_GET_RAW_VER((p)->ip4h) -#define IPV4_GET_HLEN(p) \ - (IPV4_GET_RAW_HLEN((p)->ip4h) << 2) -#define IPV4_GET_IPTOS(p) \ - IPV4_GET_RAW_IPTOS((p)->ip4h) -#define IPV4_GET_IPLEN(p) \ - (ntohs(IPV4_GET_RAW_IPLEN((p)->ip4h))) -#define IPV4_GET_IPID(p) \ - (ntohs(IPV4_GET_RAW_IPID((p)->ip4h))) -/* _IPV4_GET_IPOFFSET: get the content of the offset header field in host order */ -#define _IPV4_GET_IPOFFSET(p) \ - (ntohs(IPV4_GET_RAW_IPOFFSET((p)->ip4h))) -/* IPV4_GET_IPOFFSET: get the final offset */ -#define IPV4_GET_IPOFFSET(p) \ - (_IPV4_GET_IPOFFSET(p) & 0x1fff) -/* IPV4_GET_RF: get the RF flag. Use _IPV4_GET_IPOFFSET to save a ntohs call. */ -#define IPV4_GET_RF(p) \ - (uint8_t)((_IPV4_GET_IPOFFSET((p)) & 0x8000) >> 15) -/* IPV4_GET_DF: get the DF flag. Use _IPV4_GET_IPOFFSET to save a ntohs call. */ -#define IPV4_GET_DF(p) \ - (uint8_t)((_IPV4_GET_IPOFFSET((p)) & 0x4000) >> 14) -/* IPV4_GET_MF: get the MF flag. Use _IPV4_GET_IPOFFSET to save a ntohs call. */ -#define IPV4_GET_MF(p) \ - (uint8_t)((_IPV4_GET_IPOFFSET((p)) & 0x2000) >> 13) -#define IPV4_GET_IPTTL(p) \ - IPV4_GET_RAW_IPTTL(p->ip4h) -#define IPV4_GET_IPPROTO(p) \ - IPV4_GET_RAW_IPPROTO((p)->ip4h) - -#define CLEAR_IPV4_PACKET(p) do { \ - (p)->ip4h = NULL; \ - (p)->level3_comp_csum = -1; \ - (p)->ip4vars.ip_src_u32 = 0; \ - (p)->ip4vars.ip_dst_u32 = 0; \ - (p)->ip4vars.ip_opt_cnt = 0; \ - (p)->ip4vars.o_rr = NULL; \ - (p)->ip4vars.o_qs = NULL; \ - (p)->ip4vars.o_ts = NULL; \ - (p)->ip4vars.o_sec = NULL; \ - (p)->ip4vars.o_lsrr = NULL; \ - (p)->ip4vars.o_cipso = NULL; \ - (p)->ip4vars.o_sid = NULL; \ - (p)->ip4vars.o_ssrr = NULL; \ - (p)->ip4vars.o_rtralt = NULL; \ -} while (0) - -/* helper structure with parsed ipv4 info */ -typedef struct IPV4Vars_ -{ - int32_t comp_csum; /* checksum computed over the ipv4 packet */ - uint32_t ip_src_u32; /* source IP */ - uint32_t ip_dst_u32; /* dest IP */ - - IPV4Opt ip_opts[IPV4_OPTMAX]; - uint8_t ip_opt_cnt; - - /* These are here for direct access and dup tracking */ - IPV4Opt *o_rr; - IPV4Opt *o_qs; - IPV4Opt *o_ts; - IPV4Opt *o_sec; - IPV4Opt *o_lsrr; - IPV4Opt *o_cipso; - IPV4Opt *o_sid; - IPV4Opt *o_ssrr; - IPV4Opt *o_rtralt; -} IPV4Vars; - - -void DecodeIPV4RegisterTests(void); - -/** ----- Inline functions ----- */ -static inline uint16_t IPV4CalculateChecksum(uint16_t *, uint16_t); -/** - * \brief Calculates the checksum for the IP packet - * - * \param pkt Pointer to the start of the IP packet - * \param hlen Length of the IP header - * - * \retval csum Checksum for the IP packet - */ -static inline uint16_t IPV4CalculateChecksum(uint16_t *pkt, uint16_t hlen) -{ - uint32_t csum = pkt[0]; - - csum += pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[6] + pkt[7] + pkt[8] + - pkt[9]; - - hlen -= 20; - pkt += 10; - - if (hlen == 0) { - ; - } else if (hlen == 4) { - csum += pkt[0] + pkt[1]; - } else if (hlen == 8) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3]; - } else if (hlen == 12) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5]; - } else if (hlen == 16) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5] + pkt[6] + - pkt[7]; - } else if (hlen == 20) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5] + pkt[6] + - pkt[7] + pkt[8] + pkt[9]; - } else if (hlen == 24) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5] + pkt[6] + - pkt[7] + pkt[8] + pkt[9] + pkt[10] + pkt[11]; - } else if (hlen == 28) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5] + pkt[6] + - pkt[7] + pkt[8] + pkt[9] + pkt[10] + pkt[11] + pkt[12] + pkt[13]; - } else if (hlen == 32) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5] + pkt[6] + - pkt[7] + pkt[8] + pkt[9] + pkt[10] + pkt[11] + pkt[12] + pkt[13] + - pkt[14] + pkt[15]; - } else if (hlen == 36) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5] + pkt[6] + - pkt[7] + pkt[8] + pkt[9] + pkt[10] + pkt[11] + pkt[12] + pkt[13] + - pkt[14] + pkt[15] + pkt[16] + pkt[17]; - } else if (hlen == 40) { - csum += pkt[0] + pkt[1] + pkt[2] + pkt[3] + pkt[4] + pkt[5] + pkt[6] + - pkt[7] + pkt[8] + pkt[9] + pkt[10] + pkt[11] + pkt[12] + pkt[13] + - pkt[14] + pkt[15] + pkt[16] + pkt[17] + pkt[18] + pkt[19]; - } - - csum = (csum >> 16) + (csum & 0x0000FFFF); - csum += (csum >> 16); - - return (uint16_t) ~csum; -} - -#endif /* __DECODE_IPV4_H__ */ - -- cgit 1.2.3-korg