├── Makefile ├── README.md ├── docs ├── fr_ip_double_hash.png ├── fr_ip_double_hash.txt └── fr_ip_hash_api.png ├── frdev.c ├── fripadm ├── fripadm_black_in.sh ├── fripadm_black_in_exe.c ├── fripadm_white_in.sh ├── fripadm_white_in_exe.c ├── install_frdev.sh ├── uninstall_frdev.sh └── updates.txt /Makefile: -------------------------------------------------------------------------------- 1 | obj-m := frdev.o 2 | KERNELBUILD :=/lib/modules/$(shell uname -r)/build 3 | default: 4 | make -C $(KERNELBUILD) M=$(shell pwd) modules 5 | clean: 6 | rm -rf *.o *.ko *.mod.c .*.cmd *.markers *.order *.symvers .tmp_versions 7 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Name 2 | 3 | frdev - A high efficient ip black/white list firewall (work as a linux kernel module). 4 | 5 | Some details could get from [here](http://www.cnblogs.com/SwordTao/p/3824980.html). 6 | 7 | # Usage: 8 | 9 | ```bash 10 | make 11 | bash install_frdev.sh 12 | ls -hl /dev/frdev* 13 | gcc fripadm_black_in_exe.c -o fripadm_black_in_exe 14 | gcc fripadm_white_in_exe.c -o fripadm_white_in_exe 15 | 16 | ping 192.168.31.100 17 | 18 | bash fripadm_black_in.sh insert '192.168.31.100 8.8.8.8 1.100-1.*.1' 19 | bash fripadm_black_in.sh switch 20 | bash fripadm_black_in.sh dump 21 | 22 | bash fripadm_white_in.sh insert '192.168.31.100 8.8.8.8 ' 23 | bash fripadm_white_in.sh switch 24 | bash fripadm_white_in.sh dump 25 | 26 | # # do what you want now :) 27 | 28 | bash unstall_frdev.sh 29 | ``` 30 | 31 | # Notes: 32 | 33 | The little patch below will solve the compiling problem in `3.10.0-327.el7.x86_64` (because of the recently kernel updates). 34 | 35 | ``` 36 | diff --git a/frdev.c b/frdev.c 37 | index e60ea8b..0c36a3b 100644 38 | --- a/frdev.c 39 | +++ b/frdev.c 40 | @@ -8,7 +8,7 @@ 41 | #include 42 | #include 43 | #include 44 | -#include 45 | +#include 46 | #include 47 | #include 48 | #include 49 | @@ -2042,7 +2042,7 @@ static const struct file_operations fr_ip_mem_fops = 50 | .owner = THIS_MODULE, 51 | .open = fr_ip_mem_open, 52 | .release = fr_ip_mem_release, 53 | - .ioctl = fr_ip_memdev_ioctl, 54 | + .unlocked_ioctl = fr_ip_memdev_ioctl, 55 | }; 56 | ``` 57 | 58 | # License 59 | 60 | Just feel free and do anything you want with it. 61 | 62 | Good luck and Joy! 63 | -------------------------------------------------------------------------------- /docs/fr_ip_double_hash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hnes/frdev/1575eab30caf2797dc5dbd6715ecc79182442ff5/docs/fr_ip_double_hash.png -------------------------------------------------------------------------------- /docs/fr_ip_double_hash.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hnes/frdev/1575eab30caf2797dc5dbd6715ecc79182442ff5/docs/fr_ip_double_hash.txt -------------------------------------------------------------------------------- /docs/fr_ip_hash_api.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hnes/frdev/1575eab30caf2797dc5dbd6715ecc79182442ff5/docs/fr_ip_hash_api.png -------------------------------------------------------------------------------- /frdev.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | #include 16 | #include 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | 25 | /*** platform depends ***/ 26 | 27 | /** user-define random function **/ 28 | static inline unsigned int fr_random_num() { 29 | return 0; 30 | } 31 | /** user-define malloc&free inetrface */ 32 | static inline void * fr_malloc(size_t size) { 33 | /* random malloc */ 34 | return kmalloc(size,GFP_KERNEL); 35 | //return malloc(size); 36 | } 37 | static inline void fr_free(void * ptr) { 38 | /* corresponding to fr_malloc */ 39 | kfree(ptr); 40 | //free(ptr); 41 | } 42 | 43 | static struct kmem_cache * fr_ip_hash_list_node_cache=NULL; 44 | static struct kmem_cache * fr_ip_blur_list_node_cache=NULL; 45 | 46 | static inline void * fr_ip_blur_list_node_malloc(size_t size) { 47 | /* better linux slab malloc :struct fr_ip_blur_list_node */ 48 | return kmem_cache_alloc(fr_ip_blur_list_node_cache, GFP_KERNEL); 49 | //return kmalloc(size,GFP_KERNEL); 50 | //return malloc(size); 51 | } 52 | static inline void fr_ip_blur_list_node_free(void * ptr) { 53 | /* corresponding to fr_ip_blur_list_node_malloc */ 54 | //free(ptr); 55 | //kmalloc(size,GFP_KERNEL); 56 | //kfree(ptr); 57 | kmem_cache_free(fr_ip_blur_list_node_cache, ptr); 58 | } 59 | static inline void * fr_ip_hash_list_node_malloc(size_t size) { 60 | /* better linux slab malloc :struct fr_ip_hash_list_node */ 61 | //return malloc(size); 62 | //return kmalloc(size,GFP_KERNEL); 63 | //kfree(ptr); 64 | return kmem_cache_alloc(fr_ip_hash_list_node_cache, GFP_KERNEL); 65 | } 66 | static inline void fr_ip_hash_list_node_free(void * ptr) { 67 | /* corresponding to fr_ip_hash_list_node_malloc */ 68 | //free(ptr); 69 | //kmalloc(size,GFP_KERNEL); 70 | //kfree(ptr); 71 | kmem_cache_free(fr_ip_hash_list_node_cache, ptr); 72 | } 73 | 74 | /*** jhash : copy from linux kernel codes' jhash.h :-) ***/ 75 | 76 | #define fr_jhash_mix(a, b, c) \ 77 | { \ 78 | a -= b; a -= c; a ^= (c>>13); \ 79 | b -= c; b -= a; b ^= (a<<8); \ 80 | c -= a; c -= b; c ^= (b>>13); \ 81 | a -= b; a -= c; a ^= (c>>12); \ 82 | b -= c; b -= a; b ^= (a<<16); \ 83 | c -= a; c -= b; c ^= (b>>5); \ 84 | a -= b; a -= c; a ^= (c>>3); \ 85 | b -= c; b -= a; b ^= (a<<10); \ 86 | c -= a; c -= b; c ^= (b>>15); \ 87 | } 88 | 89 | /* The golden ration: an arbitrary value */ 90 | #define FR_JHASH_GOLDEN_RATIO 0x9e3779b9 91 | 92 | static inline unsigned int fr_jhash_3words(unsigned int a, unsigned int b, unsigned int c, unsigned int initval) 93 | { 94 | a += FR_JHASH_GOLDEN_RATIO; 95 | b += FR_JHASH_GOLDEN_RATIO; 96 | c += initval; 97 | 98 | fr_jhash_mix(a, b, c); 99 | 100 | return c; 101 | } 102 | 103 | static inline unsigned int fr_jhash_2words(unsigned int a, unsigned int b, unsigned int initval) 104 | { 105 | return fr_jhash_3words(a, b, 0, initval); 106 | } 107 | 108 | static inline unsigned int fr_jhash_1word(unsigned int a, unsigned int initval) 109 | { 110 | return fr_jhash_3words(a, 0, 0, initval); 111 | } 112 | 113 | /****** rwlock ******/ 114 | /* 115 | struct rwlock_t_ { 116 | unsigned int lock; 117 | unsigned int payload; 118 | }; 119 | typedef struct rwlock_t_ rwlock_t; 120 | 121 | static inline void rwlock_init( rwlock_t * ptr ) { 122 | 123 | } 124 | */ 125 | 126 | static inline void fr_read_lock( rwlock_t * ptr ) { 127 | read_lock( ptr ); 128 | } 129 | 130 | static inline void fr_read_unlock( rwlock_t * ptr ) { 131 | read_unlock( ptr ); 132 | } 133 | 134 | static inline void fr_write_lock( rwlock_t * ptr ) { 135 | write_lock( ptr ); 136 | } 137 | 138 | static inline void fr_write_unlock( rwlock_t * ptr ) { 139 | write_unlock( ptr ); 140 | } 141 | 142 | static unsigned long fr_write_lock_irq_flags; 143 | 144 | static inline void fr_write_lock_atom( rwlock_t * ptr ) { 145 | //write_lock( ptr ); 146 | write_lock_irqsave(ptr,fr_write_lock_irq_flags); 147 | } 148 | 149 | static inline void fr_write_unlock_atom( rwlock_t * ptr ) { 150 | //write_unlock( ptr ); 151 | write_unlock_irqrestore(ptr,fr_write_lock_irq_flags); 152 | } 153 | 154 | /************/ 155 | 156 | struct fr_ip_blur_list_node { //0 f 157 | struct fr_ip_blur_list_node * next; // 1.2.3.4 158 | unsigned char atom0_upper_limit; //atom0 atom1 atom2 atom3 159 | unsigned char atom0_lower_limit; 160 | unsigned char atom1_upper_limit; 161 | unsigned char atom1_lower_limit; 162 | unsigned char atom2_upper_limit; 163 | unsigned char atom2_lower_limit; 164 | unsigned char atom3_upper_limit; 165 | unsigned char atom3_lower_limit; 166 | }; 167 | 168 | struct fr_ip_hash_list_node { 169 | struct fr_ip_hash_list_node * next; // 0 f 170 | unsigned int ip_hash; //here ip == ip_hash // 1.2.3.4 171 | }; // unsigned int ip 172 | 173 | struct fr_ip_hash_array { /* core data */ 174 | unsigned int modular; 175 | unsigned int (*hash_func)(unsigned int num,unsigned int initval); 176 | unsigned int hash_rnd; 177 | unsigned int ip_counter; 178 | unsigned int blur_ip_counter; 179 | unsigned int worst_load_factor; 180 | unsigned int worst_hash_index; 181 | void ** array_ptr; 182 | struct fr_ip_blur_list_node * blur_list_headptr; 183 | struct fr_ip_blur_list_node * blur_list_tailptr; 184 | }; 185 | 186 | struct fr_ip_double_hash { 187 | struct fr_ip_hash_array * master_ptr; 188 | rwlock_t master_lock; 189 | struct fr_ip_hash_array * mirror_ptr; 190 | rwlock_t mirror_lock; 191 | }; 192 | 193 | 194 | static void * 195 | fr_ip_double_hash_malloc( 196 | unsigned int modular,unsigned int (*hash_func)(unsigned int num,unsigned int initval),unsigned int rnd); 197 | 198 | static unsigned int 199 | fr_ip_double_hash_destroy(struct fr_ip_double_hash * ptr); 200 | 201 | static unsigned int 202 | fr_ip_double_hash_mirror_insert_ip(struct fr_ip_double_hash * ptr,unsigned int ip); 203 | 204 | static unsigned int 205 | fr_ip_double_hash_mirror_insert_blurip_ptr( 206 | struct fr_ip_double_hash * ptr,struct fr_ip_blur_list_node * blurip_ptr); 207 | 208 | static unsigned int 209 | fr_ip_double_hash_mirror_insert_bystrings(struct fr_ip_double_hash * ptr,char * ip_str); 210 | 211 | static unsigned int 212 | fr_ip_double_hash_mirror_delete_ip(struct fr_ip_double_hash * ptr,unsigned int ip); 213 | 214 | static unsigned int 215 | fr_ip_double_hash_mirror_delete_blurip_ptr( 216 | struct fr_ip_double_hash * ptr,struct fr_ip_blur_list_node * blurip_ptr); 217 | 218 | static unsigned int 219 | fr_ip_double_hash_mirror_delete_bystrings(struct fr_ip_double_hash * ptr,char * ip_str); 220 | 221 | static unsigned int 222 | fr_ip_double_hash_mirror_delete_ip_randomly(struct fr_ip_double_hash * ptr,unsigned int num); 223 | 224 | static unsigned int 225 | fr_ip_double_hash_mirror_delete_all(struct fr_ip_double_hash * ptr); 226 | 227 | static unsigned int 228 | fr_ip_double_hash_switch_mirror_update(struct fr_ip_double_hash * ptr); 229 | 230 | static unsigned int 231 | fr_ip_double_hash_rebuild( 232 | struct fr_ip_double_hash * ptr,unsigned int modular, 233 | unsigned int (*hash_func)(unsigned int num,unsigned int initval),unsigned int rnd); 234 | 235 | static unsigned int 236 | fr_ip_double_hash_find_bool( 237 | struct fr_ip_double_hash * ptr,unsigned int ip); 238 | 239 | static unsigned int 240 | fr_ip_double_hash_find_bystrings_bool( 241 | struct fr_ip_double_hash * ptr,char * ip_str); 242 | 243 | static void * 244 | fr_ip_hash_array_malloc( 245 | unsigned int modular,unsigned int (*hash_func)(unsigned int num,unsigned int initval),unsigned int rnd); 246 | 247 | static unsigned int 248 | fr_ip_hash_array_destroy(struct fr_ip_hash_array * ptr); 249 | 250 | static unsigned int 251 | fr_ip_hash_array_insert_ip(struct fr_ip_hash_array * ptr,unsigned int ip); 252 | 253 | static unsigned int 254 | fr_ip_hash_array_insert_blurip_ptr( 255 | struct fr_ip_hash_array * ptr,struct fr_ip_blur_list_node * blurip_ptr); 256 | 257 | static unsigned int 258 | fr_ip_hash_array_delete_ip(struct fr_ip_hash_array * ptr,unsigned int ip); 259 | 260 | static unsigned int 261 | fr_ip_hash_array_delete_blurip_ptr( 262 | struct fr_ip_hash_array * ptr,struct fr_ip_blur_list_node * blurip_ptr); 263 | 264 | static unsigned int 265 | fr_ip_hash_array_delete_ip_randomly(struct fr_ip_hash_array * ptr,unsigned int num); 266 | 267 | static unsigned int 268 | fr_ip_hash_array_find_ip_bystrings_bool( 269 | struct fr_ip_hash_array * array_ptr,char * ip_str); 270 | 271 | static unsigned int 272 | fr_ip_hash_array_find_ip_bool( 273 | struct fr_ip_hash_array * array_ptr,unsigned int ip); 274 | 275 | static unsigned int 276 | fr_ip_hash_array_find_bool( 277 | struct fr_ip_hash_array * ptr,unsigned int ip); 278 | 279 | static void * 280 | fr_ip_hash_array_malloc( 281 | unsigned int modular,unsigned int (*hash_func)(unsigned int num,unsigned int initval),unsigned int rnd) { 282 | 283 | struct fr_ip_hash_array * ptr; 284 | unsigned int i; 285 | 286 | if(hash_func==NULL) return NULL; 287 | if(modular==0) return NULL; 288 | 289 | ptr=(struct fr_ip_hash_array *)fr_malloc(sizeof(struct fr_ip_hash_array)); 290 | if(ptr==NULL) return NULL; 291 | 292 | ptr->array_ptr=NULL; 293 | ptr->array_ptr=(void **)fr_malloc(modular*sizeof(void *)); 294 | if(ptr->array_ptr==NULL) { 295 | fr_free(ptr); 296 | return NULL; 297 | } 298 | 299 | ptr->modular=modular; 300 | ptr->hash_func=hash_func; 301 | ptr->hash_rnd=rnd; 302 | ptr->ip_counter=0; 303 | ptr->blur_ip_counter=0; 304 | ptr->worst_load_factor=0; 305 | ptr->worst_hash_index=0; 306 | //ptr->array_ptr; 307 | ptr->blur_list_headptr=NULL; 308 | ptr->blur_list_tailptr=NULL; 309 | 310 | for(i=0;iarray_ptr+i)=NULL; 312 | 313 | return ptr; 314 | 315 | } 316 | 317 | static unsigned int 318 | fr_ip_hash_array_destroy(struct fr_ip_hash_array * array_ptr) { 319 | 320 | unsigned int i; 321 | void * next; 322 | void * now; 323 | 324 | if(array_ptr==NULL) 325 | return 1; 326 | if(array_ptr->array_ptr==NULL) 327 | return 2; 328 | 329 | //free all ip_hash_list_nodes 330 | for(i=0;imodular;i++) { 331 | next=*(array_ptr->array_ptr+i); 332 | while(next!=NULL) { 333 | now=next; 334 | next=(void *)(((struct fr_ip_hash_list_node *)(next))->next); 335 | fr_ip_hash_list_node_free(now); 336 | } 337 | } 338 | 339 | //free ip_hash_array array_ptr->array_ptr=fr_malloc( sizeof(void *)*modular ); 340 | fr_free(array_ptr->array_ptr); 341 | 342 | //free all ip_blur_list_nodes 343 | next=(void *)(array_ptr->blur_list_headptr); 344 | while(next!=NULL) { 345 | now=next; 346 | next=(void *)(((struct fr_ip_blur_list_node *)(next))->next); 347 | fr_ip_blur_list_node_free(now); 348 | } 349 | 350 | //free struct fr_ip_hash_array 351 | fr_free(array_ptr); 352 | 353 | return 0; 354 | 355 | } 356 | 357 | 358 | 359 | 360 | // waiting for optimization ... if the hash effect is well,everything will be fine :) 361 | static unsigned int 362 | fr_ip_hash_array_insert_ip(struct fr_ip_hash_array * array_ptr,unsigned int ip) { 363 | 364 | void ** next; 365 | unsigned int ct; 366 | unsigned int index; 367 | 368 | if(array_ptr==NULL) 369 | return 1; 370 | if(array_ptr->array_ptr==NULL) 371 | return 2; 372 | 373 | //if the ip has been already saved in the hash-array ,just return 0 directly 374 | if(fr_ip_hash_array_find_ip_bool(array_ptr,ip)) 375 | return 0; 376 | 377 | //hash key <--> hash function 378 | index=array_ptr->hash_func(ip,array_ptr->hash_rnd)%array_ptr->modular; 379 | next=array_ptr->array_ptr+index; 380 | ct=0; 381 | while(*next!=NULL) { 382 | ct++; 383 | next=(void **)(&(((struct fr_ip_hash_list_node *)(*next))->next)); 384 | } 385 | 386 | *next=fr_ip_hash_list_node_malloc(sizeof(struct fr_ip_hash_list_node)); 387 | 388 | if(*next!=NULL) { 389 | ((struct fr_ip_hash_list_node *)(*next))->next=NULL; 390 | ((struct fr_ip_hash_list_node *)(*next))->ip_hash=ip; 391 | array_ptr->ip_counter++; 392 | ct++; 393 | if(ct>array_ptr->worst_load_factor) { 394 | array_ptr->worst_hash_index=index; 395 | array_ptr->worst_load_factor=ct; 396 | } 397 | return 0; 398 | } 399 | else { 400 | return 3; 401 | } 402 | 403 | } 404 | 405 | static unsigned int 406 | fr_ip_hash_array_insert_blurip_ptr( //just copy the data from the blur_ptr,not reference 407 | struct fr_ip_hash_array * array_ptr,struct fr_ip_blur_list_node * blur_ptr) { 408 | 409 | unsigned int ip; 410 | unsigned char * ptr; 411 | 412 | if(array_ptr==NULL||blur_ptr==NULL) 413 | return 1; 414 | if(array_ptr->array_ptr==NULL) 415 | return 2; 416 | 417 | //if the blurip has been already saved in the blurip list,just delete it directly 418 | //this codes waiting for optimization... 419 | fr_ip_hash_array_delete_blurip_ptr(array_ptr,blur_ptr); 420 | 421 | ptr=(unsigned char *)(&ip); 422 | if( 423 | (blur_ptr->atom0_lower_limit==blur_ptr->atom0_upper_limit)&& 424 | (blur_ptr->atom1_lower_limit==blur_ptr->atom1_upper_limit)&& 425 | (blur_ptr->atom2_lower_limit==blur_ptr->atom2_upper_limit)&& 426 | (blur_ptr->atom3_lower_limit==blur_ptr->atom3_upper_limit) 427 | ) { 428 | *(ptr+0)=blur_ptr->atom0_lower_limit; 429 | *(ptr+1)=blur_ptr->atom1_lower_limit; 430 | *(ptr+2)=blur_ptr->atom2_lower_limit; 431 | *(ptr+3)=blur_ptr->atom3_lower_limit; 432 | return fr_ip_hash_array_insert_ip(array_ptr,ip); 433 | } 434 | else { 435 | ptr=(unsigned char *)fr_ip_blur_list_node_malloc(sizeof(struct fr_ip_blur_list_node)); 436 | if(ptr==NULL) return 3; 437 | ((struct fr_ip_blur_list_node *)(ptr))->atom0_lower_limit=blur_ptr->atom0_lower_limit; 438 | ((struct fr_ip_blur_list_node *)(ptr))->atom0_upper_limit=blur_ptr->atom0_upper_limit; 439 | ((struct fr_ip_blur_list_node *)(ptr))->atom1_lower_limit=blur_ptr->atom1_lower_limit; 440 | ((struct fr_ip_blur_list_node *)(ptr))->atom1_upper_limit=blur_ptr->atom1_upper_limit; 441 | ((struct fr_ip_blur_list_node *)(ptr))->atom2_lower_limit=blur_ptr->atom2_lower_limit; 442 | ((struct fr_ip_blur_list_node *)(ptr))->atom2_upper_limit=blur_ptr->atom2_upper_limit; 443 | ((struct fr_ip_blur_list_node *)(ptr))->atom3_lower_limit=blur_ptr->atom3_lower_limit; 444 | ((struct fr_ip_blur_list_node *)(ptr))->atom3_upper_limit=blur_ptr->atom3_upper_limit; 445 | ((struct fr_ip_blur_list_node *)(ptr))->next=NULL; 446 | blur_ptr=((struct fr_ip_blur_list_node *)(ptr)); 447 | if(array_ptr->blur_list_tailptr==NULL) { 448 | array_ptr->blur_list_tailptr=blur_ptr; 449 | array_ptr->blur_list_headptr=blur_ptr; 450 | array_ptr->blur_ip_counter=1; 451 | } 452 | else { 453 | array_ptr->blur_list_tailptr->next=blur_ptr; 454 | array_ptr->blur_list_tailptr=blur_ptr; 455 | array_ptr->blur_ip_counter++; 456 | } 457 | } 458 | 459 | return 0; 460 | 461 | } 462 | 463 | static unsigned int 464 | fr_ip_hash_array_delete_ip(struct fr_ip_hash_array * array_ptr,unsigned int ip) { 465 | 466 | void ** next; 467 | void ** tmp; 468 | unsigned int index; 469 | 470 | if(array_ptr==NULL) 471 | return 1; 472 | if(array_ptr->array_ptr==NULL) 473 | return 2; 474 | 475 | index=array_ptr->hash_func(ip,array_ptr->hash_rnd)%array_ptr->modular; 476 | next=array_ptr->array_ptr+index; 477 | 478 | while(*next!=NULL) { 479 | if(((struct fr_ip_hash_list_node *)(*next))->ip_hash==ip) { 480 | tmp=(void **)((struct fr_ip_hash_list_node *)(*next))->next; 481 | fr_ip_hash_list_node_free(*next); 482 | *next=tmp; 483 | array_ptr->ip_counter--; 484 | if( 485 | (index==array_ptr->worst_hash_index) && 486 | (array_ptr->worst_load_factor>0) 487 | ) { 488 | array_ptr->worst_load_factor--; 489 | } 490 | return 0; 491 | } 492 | next=(void **)&(((struct fr_ip_hash_list_node *)(*next))->next); 493 | } 494 | 495 | return 3; 496 | 497 | } 498 | 499 | static unsigned int 500 | fr_ip_hash_array_delete_blurip_ptr( 501 | struct fr_ip_hash_array * array_ptr,struct fr_ip_blur_list_node * blur_ptr) { 502 | 503 | struct fr_ip_blur_list_node * pre; 504 | struct fr_ip_blur_list_node * now; 505 | struct fr_ip_blur_list_node * next; 506 | 507 | if(array_ptr==NULL||blur_ptr==NULL) { 508 | return 1; 509 | } 510 | if(array_ptr->array_ptr==NULL) 511 | return 2; 512 | 513 | pre=NULL; 514 | now=array_ptr->blur_list_headptr; 515 | 516 | while(now!=NULL) { 517 | if( 518 | (now->atom0_lower_limit==blur_ptr->atom0_lower_limit)&& 519 | (now->atom0_upper_limit==blur_ptr->atom0_upper_limit)&& 520 | (now->atom1_lower_limit==blur_ptr->atom1_lower_limit)&& 521 | (now->atom1_upper_limit==blur_ptr->atom1_upper_limit)&& 522 | (now->atom2_lower_limit==blur_ptr->atom2_lower_limit)&& 523 | (now->atom2_upper_limit==blur_ptr->atom2_upper_limit)&& 524 | (now->atom3_lower_limit==blur_ptr->atom3_lower_limit)&& 525 | (now->atom3_upper_limit==blur_ptr->atom3_upper_limit) 526 | ) { 527 | next=now->next; 528 | array_ptr->blur_ip_counter--; 529 | if(array_ptr->blur_list_headptr==array_ptr->blur_list_tailptr) { // 1 530 | fr_ip_blur_list_node_free(now); 531 | array_ptr->blur_list_headptr=NULL; 532 | array_ptr->blur_list_tailptr=NULL; 533 | return 0; 534 | } 535 | else if(array_ptr->blur_list_headptr==now) { // 1 2 ... 536 | fr_ip_blur_list_node_free(now); 537 | array_ptr->blur_list_headptr=next; 538 | return 0; 539 | } 540 | else if(array_ptr->blur_list_tailptr==now) { // 1 2 ... 541 | fr_ip_blur_list_node_free(now); 542 | array_ptr->blur_list_tailptr=pre; 543 | pre->next=NULL; 544 | return 0; 545 | } 546 | else { 547 | fr_ip_blur_list_node_free(now); // 1 2 3... 548 | pre->next=next; 549 | return 0; 550 | } 551 | } 552 | pre=now; 553 | now=now->next; 554 | } 555 | 556 | return 3; 557 | 558 | } 559 | 560 | //ret : how many ip been deleted actually 561 | static unsigned int 562 | fr_ip_hash_array_delete_ip_randomly(struct fr_ip_hash_array * array_ptr,unsigned int num) { 563 | 564 | unsigned int i; 565 | unsigned int counter; 566 | unsigned int gap; 567 | void * next; 568 | void * now; 569 | 570 | if(array_ptr==NULL) 571 | return 0; 572 | if(array_ptr->array_ptr==NULL) 573 | return 0; 574 | if(array_ptr->ip_counter==0) 575 | return 0; 576 | 577 | if(num>array_ptr->ip_counter) 578 | num=array_ptr->ip_counter; 579 | if(num==0) 580 | return 0; 581 | 582 | counter=0; 583 | gap=fr_random_num()%array_ptr->modular; 584 | 585 | for(i=gap;imodular;i++) { 586 | next=*(array_ptr->array_ptr+i); 587 | while(next!=NULL) { 588 | now=next; 589 | next=((struct fr_ip_hash_list_node *)(next))->next; 590 | fr_ip_hash_list_node_free(now); 591 | if( 592 | (i==array_ptr->worst_hash_index) && 593 | (array_ptr->worst_load_factor>0) 594 | ) { 595 | array_ptr->worst_load_factor--; 596 | } 597 | num--; 598 | counter++; 599 | if(num==0) { 600 | *(array_ptr->array_ptr+i)=next; 601 | goto END; 602 | } 603 | if(next==NULL) 604 | *(array_ptr->array_ptr+i)=NULL; 605 | } 606 | } 607 | if(num!=0) 608 | for(i=0;iarray_ptr+i); 610 | while(next!=NULL) { 611 | now=next; 612 | next=((struct fr_ip_hash_list_node *)(next))->next; 613 | fr_ip_hash_list_node_free(now); 614 | if( 615 | (i==array_ptr->worst_hash_index) && 616 | (array_ptr->worst_load_factor>0) 617 | ) { 618 | array_ptr->worst_load_factor--; 619 | } 620 | num--; 621 | counter++; 622 | if(num==0) { 623 | *(array_ptr->array_ptr+i)=next; 624 | goto END; 625 | } 626 | if(next==NULL) 627 | *(array_ptr->array_ptr+i)=NULL; 628 | } 629 | } 630 | 631 | //return counter; 632 | END: 633 | array_ptr->ip_counter=array_ptr->ip_counter-counter; 634 | return counter; 635 | 636 | } 637 | 638 | 639 | static unsigned int 640 | fr_ip_hash_array_find_ip_bool( 641 | struct fr_ip_hash_array * array_ptr,unsigned int ip) { 642 | 643 | void * next; 644 | unsigned char * iptr; 645 | 646 | if(array_ptr==NULL) 647 | return 0; 648 | if(array_ptr->array_ptr==NULL) 649 | return 0; 650 | 651 | //blur ip check 652 | /* 653 | iptr=(unsigned char *)(&ip); 654 | next=array_ptr->blur_list_headptr; 655 | while(next!=NULL) { 656 | if( (*(iptr+0)<=((struct fr_ip_blur_list_node *)next)->atom0_upper_limit) && 657 | (*(iptr+0)>=((struct fr_ip_blur_list_node *)next)->atom0_lower_limit) && 658 | (*(iptr+1)<=((struct fr_ip_blur_list_node *)next)->atom1_upper_limit) && 659 | (*(iptr+1)>=((struct fr_ip_blur_list_node *)next)->atom1_lower_limit) && 660 | (*(iptr+2)<=((struct fr_ip_blur_list_node *)next)->atom2_upper_limit) && 661 | (*(iptr+2)>=((struct fr_ip_blur_list_node *)next)->atom2_lower_limit) && 662 | (*(iptr+3)<=((struct fr_ip_blur_list_node *)next)->atom3_upper_limit) && 663 | (*(iptr+3)>=((struct fr_ip_blur_list_node *)next)->atom3_lower_limit) 664 | ) { 665 | return 1; 666 | } 667 | next=(void *)((struct fr_ip_blur_list_node *)next)->next; 668 | } 669 | */ 670 | //ip check 671 | next=*(array_ptr->array_ptr+(array_ptr->hash_func(ip,array_ptr->hash_rnd)%array_ptr->modular)); 672 | while(next!=NULL) { 673 | if(((struct fr_ip_hash_list_node *)(next))->ip_hash==ip) 674 | return 1; 675 | next=(void *)(((struct fr_ip_hash_list_node *)(next))->next); 676 | } 677 | 678 | return 0; 679 | 680 | } 681 | 682 | 683 | static unsigned int 684 | fr_ip_hash_array_find_bool( 685 | struct fr_ip_hash_array * array_ptr,unsigned int ip) { 686 | 687 | void * next; 688 | unsigned char * iptr; 689 | 690 | if(array_ptr==NULL) 691 | return 0; 692 | if(array_ptr->array_ptr==NULL) 693 | return 0; 694 | 695 | //blur ip check 696 | iptr=(unsigned char *)(&ip); 697 | next=array_ptr->blur_list_headptr; 698 | while(next!=NULL) { 699 | if( (*(iptr+0)<=((struct fr_ip_blur_list_node *)next)->atom0_upper_limit) && 700 | (*(iptr+0)>=((struct fr_ip_blur_list_node *)next)->atom0_lower_limit) && 701 | (*(iptr+1)<=((struct fr_ip_blur_list_node *)next)->atom1_upper_limit) && 702 | (*(iptr+1)>=((struct fr_ip_blur_list_node *)next)->atom1_lower_limit) && 703 | (*(iptr+2)<=((struct fr_ip_blur_list_node *)next)->atom2_upper_limit) && 704 | (*(iptr+2)>=((struct fr_ip_blur_list_node *)next)->atom2_lower_limit) && 705 | (*(iptr+3)<=((struct fr_ip_blur_list_node *)next)->atom3_upper_limit) && 706 | (*(iptr+3)>=((struct fr_ip_blur_list_node *)next)->atom3_lower_limit) 707 | ) { 708 | return 1; 709 | } 710 | next=(void *)((struct fr_ip_blur_list_node *)next)->next; 711 | } 712 | 713 | //ip check 714 | next=*(array_ptr->array_ptr+(array_ptr->hash_func(ip,array_ptr->hash_rnd)%array_ptr->modular)); 715 | while(next!=NULL) { 716 | if(((struct fr_ip_hash_list_node *)(next))->ip_hash==ip) 717 | return 1; 718 | next=(void *)(((struct fr_ip_hash_list_node *)(next))->next); 719 | } 720 | 721 | return 0; 722 | 723 | } 724 | 725 | 726 | 727 | /* blur_ip_syntax : RE 728 | digit =: [0-9] 729 | num =: (digit){1,3} 730 | atom =: num | (num'-'num) | '*' 731 | ip =: atom '.' atom '.' atom '.' atom 732 | ips =: (ip ' ')+ 733 | */ 734 | // 1-220.*.100.33 735 | 736 | static unsigned char fr_ip_blur_parse_str_head_u8(char * str) { 737 | // 012. 738 | unsigned char ch0,ch1,ch2; 739 | if(str==NULL) 740 | return 0; 741 | if((str[0]>='0')&&(str[0]<='9')) { 742 | ch0=str[0]-'0'; 743 | if((str[1]>='0')&&(str[1]<='9')) { 744 | ch1=str[1]-'0'; 745 | if((str[2]>='0')&&(str[2]<='9')) { 746 | ch2=str[2]-'0'; 747 | return (ch0*100+ch1*10+ch2); 748 | } 749 | else return (ch0*10+ch1); 750 | } 751 | else return ch0; 752 | } 753 | else return 0; 754 | } 755 | 756 | /* blur_ip_syntax : RE 757 | digit =: [0-9] 758 | num =: (digit){1,3} 759 | atom =: num | (num'-'num) | '*' 760 | ip =: atom '.' atom '.' atom '.' atom 761 | ips =: (ip ' ')+ 762 | */ 763 | static inline int fr_ip_blur_parse_char_check_bool(char ch) { 764 | if( 765 | (ch>='0' && ch<='9' ) || 766 | (ch=='-') || (ch=='.')|| 767 | (ch=='*') 768 | ) 769 | return 1; 770 | else 771 | return 0; 772 | } 773 | 774 | /* blur_ip_syntax : RE 775 | digit =: [0-9] 776 | num =: (digit){1,3} 777 | atom =: num | (num'-'num) | '*' 778 | ip =: atom '.' atom '.' atom '.' atom 779 | ips =: (ip ' ')+ 780 | */ 781 | //ret: 0 success , otherwise syntax error :( 782 | // 1-220.*.100.33 783 | static unsigned int fr_ip_blur_parse_atom 784 | (char * str,unsigned char * ip_upper,unsigned char * ip_lower) { 785 | // syntax error detection here hasn't been taken very seriously,so that our function could be faster :) 786 | // please be little careful with your input str 787 | 788 | unsigned char i; 789 | 790 | if(str==NULL||ip_upper==NULL||ip_lower==NULL) 791 | return 1; 792 | 793 | if(str[0]=='*') { 794 | *ip_upper=255; 795 | *ip_lower=0; 796 | return 0; 797 | } 798 | else if((str[0]>='0')&&(str[0]<='9')) { 799 | *ip_lower=fr_ip_blur_parse_str_head_u8(str); 800 | i=(*ip_lower>99)?(3):((*ip_lower>9)?2:1); 801 | if( str[i]=='-' ) { 802 | *ip_upper=fr_ip_blur_parse_str_head_u8(&str[i+1]); 803 | if(*ip_upper<*ip_lower) { 804 | i=*ip_upper; 805 | *ip_upper=*ip_lower; 806 | *ip_lower=i; 807 | } 808 | return 0; 809 | } 810 | else { 811 | *ip_upper=*ip_lower; 812 | return 0; 813 | } 814 | } 815 | else 816 | return 2; 817 | 818 | } 819 | 820 | /* blur_ip_syntax : RE 821 | digit =: [0-9] 822 | num =: (digit){1,3} 823 | atom =: num | (num'-'num) | '*' 824 | ip =: atom '.' atom '.' atom '.' atom 825 | ips =: (ip ' ')+ 826 | */ 827 | // ret 0 success,otherwise syntax error 828 | // "1-220.*.100.33" 829 | static unsigned int fr_ip_blur_parse_ip 830 | (char * str,struct fr_ip_blur_list_node * blur_ptr,unsigned int * lenptr) { 831 | 832 | unsigned int i; 833 | unsigned int j; 834 | char ch; 835 | char dot_ct; 836 | 837 | if(str==NULL||blur_ptr==NULL||lenptr==NULL) { 838 | return 1; 839 | } 840 | 841 | i=0; 842 | j=0; 843 | dot_ct=0; 844 | while(1) { // "1-220.*.100.33 " 845 | ch=str[i]; 846 | if(fr_ip_blur_parse_char_check_bool(ch)) { 847 | i++; 848 | if(ch=='.') { 849 | dot_ct++; 850 | if(dot_ct==1) { 851 | if( 852 | fr_ip_blur_parse_atom(&str[j], 853 | &(blur_ptr->atom0_upper_limit), 854 | &(blur_ptr->atom0_lower_limit)) 855 | ) 856 | return 2; 857 | } 858 | else if(dot_ct==2) { 859 | if( 860 | fr_ip_blur_parse_atom(&str[j], 861 | &(blur_ptr->atom1_upper_limit), 862 | &(blur_ptr->atom1_lower_limit)) 863 | ) 864 | return 3; 865 | } 866 | else if(dot_ct==3) { 867 | if( 868 | fr_ip_blur_parse_atom(&str[j], 869 | &(blur_ptr->atom2_upper_limit), 870 | &(blur_ptr->atom2_lower_limit)) 871 | ) 872 | return 4; 873 | } 874 | else return 5; 875 | j=i; 876 | } 877 | } 878 | else { 879 | if(dot_ct==3) { 880 | if( 881 | fr_ip_blur_parse_atom(&str[j], 882 | &(blur_ptr->atom3_upper_limit), 883 | &(blur_ptr->atom3_lower_limit)) 884 | ) 885 | return 4; 886 | blur_ptr->next=NULL; 887 | *lenptr=i; 888 | return 0; 889 | } 890 | else return 6; 891 | } 892 | } 893 | 894 | return 7; 895 | 896 | } 897 | 898 | /* blur_ip_syntax : RE 899 | digit =: [0-9] 900 | num =: (digit){1,3} 901 | atom =: num | (num'-'num) | '*' 902 | ip =: atom '.' atom '.' atom '.' atom 903 | ips =: (ip ' ')+ 904 | */ 905 | // ret 0 success,otherwise syntax error 906 | // "1-220.*.100.33 1-220.*.100.33 1-220.*.100.33" 907 | static unsigned int fr_ip_blur_parse_ips 908 | (char * str,struct fr_ip_blur_list_node * blur_ptr) { 909 | 910 | unsigned int len; 911 | 912 | if(str==NULL||blur_ptr==NULL) { 913 | return 1; 914 | } 915 | 916 | len=0; 917 | while(1) { 918 | if(fr_ip_blur_parse_ip(str=str+len,blur_ptr,&len)) {//fail 919 | return 1; 920 | } 921 | /* for debug 922 | printf("next:%d\n",blur_ptr->next); 923 | printf("len:%d\n",len); 924 | printf("atom0_lower_limit:%d\n",blur_ptr->atom0_lower_limit); 925 | printf("atom0_upper_limit:%d\n",blur_ptr->atom0_upper_limit); 926 | printf("atom1_lower_limit:%d\n",blur_ptr->atom1_lower_limit); 927 | printf("atom1_upper_limit:%d\n",blur_ptr->atom1_upper_limit); 928 | printf("atom2_lower_limit:%d\n",blur_ptr->atom2_lower_limit); 929 | printf("atom2_upper_limit:%d\n",blur_ptr->atom2_upper_limit); 930 | printf("atom3_lower_limit:%d\n",blur_ptr->atom3_lower_limit); 931 | printf("atom3_upper_limit:%d\n",blur_ptr->atom3_upper_limit); 932 | */ 933 | if(str[len]==NULL) { 934 | return 0; 935 | } 936 | len++; 937 | if(str[len]==NULL) { 938 | return 0; 939 | } 940 | } 941 | 942 | } 943 | 944 | static unsigned int fr_ip_hash_array_insert_ip_bystrings( 945 | struct fr_ip_hash_array * array_ptr,char * ip_str) { ///* ip string like:'12.*.2-200.32 1.23.4.5 '*/ 946 | 947 | struct fr_ip_blur_list_node * blur_ptr; 948 | unsigned int ip; 949 | unsigned char * ptr; 950 | unsigned int len; 951 | 952 | if(array_ptr==NULL||ip_str==NULL) 953 | return 1; 954 | if(array_ptr->array_ptr==NULL) 955 | return 2; 956 | 957 | ptr=(unsigned char *)(&ip); 958 | len=0; 959 | blur_ptr=NULL; 960 | while(1) { 961 | if(blur_ptr==NULL) 962 | blur_ptr= (struct fr_ip_blur_list_node * ) 963 | fr_ip_blur_list_node_malloc( sizeof(struct fr_ip_blur_list_node ) ); 964 | if(blur_ptr==NULL) 965 | return 3; 966 | if(ip_str[len]==NULL) { 967 | fr_ip_blur_list_node_free(blur_ptr); 968 | return 0; 969 | } 970 | if(fr_ip_blur_parse_ip(ip_str=ip_str+len,blur_ptr,&len)) {//fail 971 | fr_ip_blur_list_node_free(blur_ptr); 972 | return 4; 973 | } 974 | //refresh ip_hash table 975 | if( 976 | (blur_ptr->atom0_lower_limit==blur_ptr->atom0_upper_limit)&& 977 | (blur_ptr->atom1_lower_limit==blur_ptr->atom1_upper_limit)&& 978 | (blur_ptr->atom2_lower_limit==blur_ptr->atom2_upper_limit)&& 979 | (blur_ptr->atom3_lower_limit==blur_ptr->atom3_upper_limit) 980 | ) { 981 | *(ptr+0)=blur_ptr->atom0_lower_limit; 982 | *(ptr+1)=blur_ptr->atom1_lower_limit; 983 | *(ptr+2)=blur_ptr->atom2_lower_limit; 984 | *(ptr+3)=blur_ptr->atom3_lower_limit; 985 | if(fr_ip_hash_array_insert_ip(array_ptr,ip)) {//fail 986 | fr_ip_blur_list_node_free(blur_ptr); 987 | return 5; 988 | } 989 | } 990 | else { 991 | fr_ip_hash_array_delete_blurip_ptr(array_ptr,blur_ptr); 992 | if(array_ptr->blur_list_tailptr==NULL) { 993 | blur_ptr->next=NULL; 994 | array_ptr->blur_list_tailptr=blur_ptr; 995 | array_ptr->blur_list_headptr=blur_ptr; 996 | array_ptr->blur_ip_counter=1; 997 | blur_ptr=NULL; 998 | } 999 | else { 1000 | blur_ptr->next=NULL; 1001 | array_ptr->blur_list_tailptr->next=blur_ptr; 1002 | array_ptr->blur_list_tailptr=blur_ptr; 1003 | array_ptr->blur_ip_counter++; 1004 | blur_ptr=NULL; 1005 | } 1006 | } 1007 | 1008 | if(ip_str[len]==NULL) { 1009 | if(blur_ptr) fr_ip_blur_list_node_free(blur_ptr); 1010 | return 0; 1011 | } 1012 | len++; 1013 | if(ip_str[len]==NULL) { 1014 | if(blur_ptr) fr_ip_blur_list_node_free(blur_ptr); 1015 | return 0; 1016 | } 1017 | } 1018 | 1019 | return 7; 1020 | } 1021 | 1022 | static unsigned int fr_ip_hash_array_delete_ip_bystrings( 1023 | struct fr_ip_hash_array * array_ptr,char * ip_str) { 1024 | 1025 | struct fr_ip_blur_list_node * blur_ptr; 1026 | unsigned int ip; 1027 | unsigned char * ptr; 1028 | unsigned int len; 1029 | 1030 | if(array_ptr==NULL||ip_str==NULL) 1031 | return 1; 1032 | if(array_ptr->array_ptr==NULL) 1033 | return 2; 1034 | 1035 | ptr=(unsigned char *)&ip; 1036 | len=0; 1037 | blur_ptr=NULL; 1038 | while(1) { 1039 | if(blur_ptr==NULL) 1040 | blur_ptr= (struct fr_ip_blur_list_node * ) 1041 | fr_ip_blur_list_node_malloc( sizeof(struct fr_ip_blur_list_node ) ); 1042 | if(blur_ptr==NULL) 1043 | return 3; 1044 | if(ip_str[len]==NULL) { 1045 | fr_ip_blur_list_node_free(blur_ptr); 1046 | return 0; 1047 | } 1048 | if(fr_ip_blur_parse_ip(ip_str=ip_str+len,blur_ptr,&len)) {//fail 1049 | fr_ip_blur_list_node_free(blur_ptr); 1050 | return 4; 1051 | } 1052 | //refresh ip_hash table 1053 | if( 1054 | (blur_ptr->atom0_lower_limit==blur_ptr->atom0_upper_limit)&& 1055 | (blur_ptr->atom1_lower_limit==blur_ptr->atom1_upper_limit)&& 1056 | (blur_ptr->atom2_lower_limit==blur_ptr->atom2_upper_limit)&& 1057 | (blur_ptr->atom3_lower_limit==blur_ptr->atom3_upper_limit) 1058 | ) { 1059 | *(ptr+0)=blur_ptr->atom0_lower_limit; 1060 | *(ptr+1)=blur_ptr->atom1_lower_limit; 1061 | *(ptr+2)=blur_ptr->atom2_lower_limit; 1062 | *(ptr+3)=blur_ptr->atom3_lower_limit; 1063 | fr_ip_hash_array_delete_ip(array_ptr,ip); 1064 | } 1065 | else { 1066 | fr_ip_hash_array_delete_blurip_ptr(array_ptr,blur_ptr); 1067 | } 1068 | 1069 | if(ip_str[len]==NULL) { 1070 | fr_ip_blur_list_node_free(blur_ptr); 1071 | return 0; 1072 | } 1073 | len++; 1074 | if(ip_str[len]==NULL) { 1075 | fr_ip_blur_list_node_free(blur_ptr); 1076 | return 0; 1077 | } 1078 | } 1079 | 1080 | return 7; 1081 | 1082 | } 1083 | 1084 | 1085 | static unsigned int fr_ip_hash_array_find_ip_bystrings_bool( 1086 | struct fr_ip_hash_array * array_ptr,char * ip_str) { ///* ip string like:'1.23.4.5 ' */ 1087 | 1088 | struct fr_ip_blur_list_node * blur_ptr; 1089 | unsigned int ip; 1090 | unsigned char * ptr; 1091 | unsigned int len; 1092 | 1093 | if(array_ptr==NULL||ip_str==NULL) 1094 | return 0; 1095 | if(array_ptr->array_ptr==NULL) 1096 | return 0; 1097 | 1098 | ptr=(unsigned char *)(&ip); 1099 | len=0; 1100 | blur_ptr=NULL; 1101 | while(1) { 1102 | if(blur_ptr==NULL) 1103 | blur_ptr= (struct fr_ip_blur_list_node * ) 1104 | fr_ip_blur_list_node_malloc( sizeof(struct fr_ip_blur_list_node ) ); 1105 | if(blur_ptr==NULL) 1106 | return 0; 1107 | if(ip_str[len]==NULL) { 1108 | fr_ip_blur_list_node_free(blur_ptr); 1109 | return 0; 1110 | } 1111 | if(fr_ip_blur_parse_ip(ip_str=ip_str+len,blur_ptr,&len)) {//fail 1112 | fr_ip_blur_list_node_free(blur_ptr); 1113 | return 0; 1114 | } 1115 | if( 1116 | (blur_ptr->atom0_lower_limit==blur_ptr->atom0_upper_limit)&& 1117 | (blur_ptr->atom1_lower_limit==blur_ptr->atom1_upper_limit)&& 1118 | (blur_ptr->atom2_lower_limit==blur_ptr->atom2_upper_limit)&& 1119 | (blur_ptr->atom3_lower_limit==blur_ptr->atom3_upper_limit) 1120 | ) { 1121 | *(ptr+0)=blur_ptr->atom0_lower_limit; 1122 | *(ptr+1)=blur_ptr->atom1_lower_limit; 1123 | *(ptr+2)=blur_ptr->atom2_lower_limit; 1124 | *(ptr+3)=blur_ptr->atom3_lower_limit; 1125 | // :) 1126 | fr_ip_blur_list_node_free(blur_ptr); 1127 | return fr_ip_hash_array_find_bool(array_ptr,ip); 1128 | } 1129 | else { 1130 | fr_ip_blur_list_node_free(blur_ptr); 1131 | return 0; 1132 | } 1133 | } 1134 | 1135 | return 0; 1136 | } 1137 | 1138 | 1139 | 1140 | static void * 1141 | fr_ip_double_hash_malloc( 1142 | unsigned int modular,unsigned int (*hash_func)(unsigned int num,unsigned int initval),unsigned int rnd) { 1143 | 1144 | struct fr_ip_double_hash * dhptr; 1145 | 1146 | if(hash_func==NULL) return NULL; 1147 | if(modular==0) return NULL; 1148 | 1149 | dhptr=(struct fr_ip_double_hash *)fr_malloc(sizeof(struct fr_ip_double_hash)); 1150 | if(dhptr==NULL) return NULL; 1151 | dhptr->master_ptr=NULL; 1152 | dhptr->mirror_ptr=NULL; 1153 | 1154 | dhptr->master_ptr=(struct fr_ip_hash_array *)fr_ip_hash_array_malloc(modular,hash_func,rnd); 1155 | if(dhptr->master_ptr==NULL) { 1156 | fr_free(dhptr); 1157 | return NULL; 1158 | } 1159 | 1160 | dhptr->mirror_ptr=(struct fr_ip_hash_array *)fr_ip_hash_array_malloc(modular,hash_func,rnd); 1161 | if(dhptr->mirror_ptr==NULL) { 1162 | fr_ip_hash_array_destroy(dhptr->master_ptr); 1163 | fr_free(dhptr); 1164 | return NULL; 1165 | } 1166 | 1167 | if(dhptr) { 1168 | rwlock_init(&dhptr->master_lock); 1169 | rwlock_init(&dhptr->mirror_lock); 1170 | } 1171 | 1172 | return dhptr; 1173 | 1174 | } 1175 | 1176 | //ret 0 :) 1177 | //else :( 1178 | // not lock yet 1179 | //asume that nobody is accessing the ptr->struct 1180 | static unsigned int 1181 | fr_ip_double_hash_destroy(struct fr_ip_double_hash * ptr) { 1182 | 1183 | if(ptr==NULL) return 1; 1184 | 1185 | if(ptr->master_ptr!=NULL) 1186 | fr_ip_hash_array_destroy(ptr->master_ptr); 1187 | if(ptr->mirror_ptr!=NULL) 1188 | fr_ip_hash_array_destroy(ptr->mirror_ptr); 1189 | 1190 | fr_free(ptr); 1191 | 1192 | return 0; 1193 | 1194 | } 1195 | 1196 | static unsigned int 1197 | fr_ip_double_hash_mirror_insert_ip(struct fr_ip_double_hash * ptr,unsigned int ip) { 1198 | 1199 | unsigned int ret; 1200 | 1201 | if(ptr==NULL) return 1; 1202 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1203 | 1204 | fr_write_lock(&ptr->mirror_lock); 1205 | ret=fr_ip_hash_array_insert_ip(ptr->mirror_ptr,ip); 1206 | fr_write_unlock(&ptr->mirror_lock); 1207 | 1208 | return ret; 1209 | } 1210 | 1211 | static unsigned int 1212 | fr_ip_double_hash_mirror_insert_blurip_ptr( 1213 | struct fr_ip_double_hash * ptr,struct fr_ip_blur_list_node * blurip_ptr) { 1214 | 1215 | unsigned int ret; 1216 | 1217 | if(ptr==NULL||blurip_ptr==NULL) return 1; 1218 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1219 | 1220 | fr_write_lock(&ptr->mirror_lock); 1221 | ret=fr_ip_hash_array_insert_blurip_ptr(ptr->mirror_ptr,blurip_ptr); 1222 | fr_write_unlock(&ptr->mirror_lock); 1223 | 1224 | return ret; 1225 | } 1226 | 1227 | static unsigned int 1228 | fr_ip_double_hash_mirror_insert_bystrings(struct fr_ip_double_hash * ptr,char * ip_str) { 1229 | 1230 | unsigned int ret; 1231 | 1232 | if(ptr==NULL||ip_str==NULL) return 1; 1233 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1234 | 1235 | fr_write_lock(&ptr->mirror_lock); 1236 | ret=fr_ip_hash_array_insert_ip_bystrings(ptr->mirror_ptr,ip_str); 1237 | fr_write_unlock(&ptr->mirror_lock); 1238 | 1239 | return ret; 1240 | } 1241 | 1242 | 1243 | static unsigned int 1244 | fr_ip_double_hash_mirror_delete_ip(struct fr_ip_double_hash * ptr,unsigned int ip) { 1245 | 1246 | unsigned int ret; 1247 | 1248 | if(ptr==NULL) return 1; 1249 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1250 | 1251 | fr_write_lock(&ptr->mirror_lock); 1252 | ret=fr_ip_hash_array_delete_ip(ptr->mirror_ptr,ip); 1253 | fr_write_unlock(&ptr->mirror_lock); 1254 | 1255 | return ret; 1256 | } 1257 | 1258 | static unsigned int 1259 | fr_ip_double_hash_mirror_delete_blurip_ptr( 1260 | struct fr_ip_double_hash * ptr,struct fr_ip_blur_list_node * blurip_ptr) { 1261 | 1262 | unsigned int ret; 1263 | 1264 | if(ptr==NULL||blurip_ptr==NULL) return 1; 1265 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1266 | 1267 | fr_write_lock(&ptr->mirror_lock); 1268 | ret=fr_ip_hash_array_delete_blurip_ptr(ptr->mirror_ptr,blurip_ptr); 1269 | fr_write_unlock(&ptr->mirror_lock); 1270 | 1271 | return ret; 1272 | } 1273 | 1274 | static unsigned int 1275 | fr_ip_double_hash_mirror_delete_bystrings(struct fr_ip_double_hash * ptr,char * ip_str) { 1276 | 1277 | unsigned int ret; 1278 | 1279 | if(ptr==NULL||ip_str==NULL) return 1; 1280 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1281 | 1282 | fr_write_lock(&ptr->mirror_lock); 1283 | ret=fr_ip_hash_array_delete_ip_bystrings(ptr->mirror_ptr,ip_str); 1284 | fr_write_unlock(&ptr->mirror_lock); 1285 | 1286 | return ret; 1287 | } 1288 | 1289 | 1290 | //ret : how many ip deleted actually 1291 | static unsigned int 1292 | fr_ip_double_hash_mirror_delete_ip_randomly(struct fr_ip_double_hash * ptr,unsigned int num) { 1293 | 1294 | unsigned int ret; 1295 | 1296 | if(ptr==NULL) return 0; 1297 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 0; 1298 | 1299 | 1300 | fr_write_lock(&ptr->mirror_lock); 1301 | ret=fr_ip_hash_array_delete_ip_randomly(ptr->mirror_ptr,num); 1302 | fr_write_unlock(&ptr->mirror_lock); 1303 | 1304 | return ret; 1305 | } 1306 | 1307 | static unsigned int 1308 | fr_ip_double_hash_mirror_delete_all(struct fr_ip_double_hash * ptr) { 1309 | 1310 | void * haptr; 1311 | struct fr_ip_hash_list_node * next; 1312 | unsigned int i; 1313 | 1314 | if(ptr==NULL) return 1; 1315 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1316 | 1317 | fr_write_lock(&ptr->mirror_lock); // --> 1318 | // if(ptr->mirror_ptr==NULL) return 2; 1319 | ptr->mirror_ptr->ip_counter=0; 1320 | ptr->mirror_ptr->worst_hash_index=0; 1321 | ptr->mirror_ptr->worst_load_factor=0; 1322 | for(i=0;imirror_ptr->modular;i++) { 1323 | //release all mirror's nodes in this bucket 1324 | haptr=*(ptr->mirror_ptr->array_ptr+i); 1325 | while(haptr) { 1326 | next=((struct fr_ip_hash_list_node *)haptr)->next; 1327 | fr_ip_hash_list_node_free(haptr); 1328 | haptr=(void *)next; 1329 | } 1330 | *(ptr->mirror_ptr->array_ptr+i)=NULL; 1331 | } 1332 | //release all mirror's blurip nodes 1333 | haptr=(void *)(ptr->mirror_ptr->blur_list_headptr); 1334 | while(haptr) { 1335 | next=(struct fr_ip_hash_list_node * )(((struct fr_ip_blur_list_node *)(haptr))->next); 1336 | fr_ip_blur_list_node_free(haptr); 1337 | haptr=(void *)next; 1338 | } 1339 | ptr->mirror_ptr->blur_list_headptr=NULL; 1340 | ptr->mirror_ptr->blur_list_tailptr=NULL; 1341 | ptr->mirror_ptr->blur_ip_counter=0; 1342 | fr_write_unlock(&ptr->mirror_lock); // --> 1343 | 1344 | return 0; 1345 | } 1346 | 1347 | static unsigned int 1348 | fr_ip_double_hash_switch_mirror_update(struct fr_ip_double_hash * ptr) { 1349 | 1350 | void * haptr; 1351 | struct fr_ip_hash_list_node * next; 1352 | unsigned int i; 1353 | unsigned int ret; 1354 | 1355 | if(ptr==NULL) return 1; 1356 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1357 | //if(ptr->master_ptr->array_ptr==NULL||ptr->mirror_ptr->array_ptr==NULL) return 3; 1358 | 1359 | //switch 1360 | //get write lock 1361 | fr_write_lock(&ptr->mirror_lock); 1362 | fr_write_lock_atom(&ptr->master_lock); 1363 | haptr= (void *) ptr->master_ptr; 1364 | ptr->master_ptr=ptr->mirror_ptr; 1365 | ptr->mirror_ptr= (struct fr_ip_hash_array *) haptr; 1366 | fr_write_unlock_atom(&ptr->master_lock); 1367 | //release write lock 1368 | 1369 | //update mirror 1370 | //get read lock 1371 | fr_read_lock(&ptr->master_lock); 1372 | ptr->mirror_ptr->ip_counter=0; 1373 | ptr->mirror_ptr->worst_hash_index=0; 1374 | ptr->mirror_ptr->worst_load_factor=0; 1375 | for(i=0;imaster_ptr->modular;i++) { 1376 | if( *(ptr->master_ptr->array_ptr+i) ) { 1377 | //release all mirror's nodes in this bucket 1378 | haptr=*(ptr->mirror_ptr->array_ptr+i); 1379 | while(haptr) { 1380 | next=((struct fr_ip_hash_list_node *)haptr)->next; 1381 | fr_ip_hash_list_node_free(haptr); 1382 | haptr=(void *)next; 1383 | } 1384 | *(ptr->mirror_ptr->array_ptr+i)=NULL; 1385 | //copy master's nodes to mirror 1386 | haptr=*(ptr->master_ptr->array_ptr+i); 1387 | while(haptr) { 1388 | ret=fr_ip_hash_array_insert_ip(ptr->mirror_ptr,((struct fr_ip_hash_list_node *)haptr)->ip_hash); 1389 | if(ret) return ret+5; 1390 | haptr=((struct fr_ip_hash_list_node *)haptr)->next; 1391 | } 1392 | } 1393 | else { 1394 | //release all mirror's nodes in this bucket 1395 | haptr=*(ptr->mirror_ptr->array_ptr+i); 1396 | while(haptr) { 1397 | next=((struct fr_ip_hash_list_node *)haptr)->next; 1398 | fr_ip_hash_list_node_free(haptr); 1399 | haptr=(void *)next; 1400 | } 1401 | *(ptr->mirror_ptr->array_ptr+i)=NULL; 1402 | } 1403 | } 1404 | //release all mirror's blurip nodes 1405 | haptr=(void *)(ptr->mirror_ptr->blur_list_headptr); 1406 | while(haptr) { 1407 | next=(struct fr_ip_hash_list_node * )(((struct fr_ip_blur_list_node *)(haptr))->next); 1408 | fr_ip_blur_list_node_free(haptr); 1409 | haptr=(void *)next; 1410 | } 1411 | ptr->mirror_ptr->blur_list_headptr=NULL; 1412 | ptr->mirror_ptr->blur_list_tailptr=NULL; 1413 | ptr->mirror_ptr->blur_ip_counter=0; 1414 | //copy master's nodes to mirror 1415 | haptr=(void *)(ptr->master_ptr->blur_list_headptr); 1416 | while(haptr) { 1417 | ret=fr_ip_hash_array_insert_blurip_ptr(ptr->mirror_ptr,(struct fr_ip_blur_list_node *)haptr); 1418 | if(ret) return ret+10; 1419 | haptr=(void *)(((struct fr_ip_blur_list_node *)(haptr))->next); 1420 | } 1421 | //release read lock 1422 | fr_read_unlock(&ptr->master_lock); 1423 | fr_write_unlock(&ptr->mirror_lock); 1424 | return 0; 1425 | } 1426 | 1427 | static unsigned int 1428 | fr_ip_double_hash_rebuild( 1429 | struct fr_ip_double_hash * ptr,unsigned int modular, 1430 | unsigned int (*hash_func)(unsigned int num,unsigned int initval),unsigned int rnd) { 1431 | 1432 | void * haptr; 1433 | unsigned int i; 1434 | unsigned int ret; 1435 | 1436 | if(ptr==NULL||hash_func==NULL) return 1; 1437 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 2; 1438 | if(modular==0) return 3; 1439 | 1440 | //update new mirror from master hash 1441 | haptr=fr_ip_hash_array_malloc(modular,hash_func,rnd); 1442 | if(haptr==NULL) return 1; 1443 | fr_write_lock(&ptr->mirror_lock); //--> 1444 | fr_read_lock(&ptr->master_lock); // --> 1445 | fr_ip_hash_array_destroy(ptr->mirror_ptr); 1446 | ptr->mirror_ptr=(struct fr_ip_hash_array *)haptr; 1447 | //copy master's nodes to mirror 1448 | for(i=0;imaster_ptr->modular;i++) { 1449 | haptr=*(ptr->master_ptr->array_ptr+i); 1450 | while(haptr) { 1451 | ret=fr_ip_hash_array_insert_ip(ptr->mirror_ptr,((struct fr_ip_hash_list_node *)haptr)->ip_hash); 1452 | if(ret) return ret+5; 1453 | haptr=((struct fr_ip_hash_list_node *)haptr)->next; 1454 | } 1455 | } 1456 | haptr=(void *)(ptr->master_ptr->blur_list_headptr); 1457 | while(haptr) { 1458 | ret=fr_ip_hash_array_insert_blurip_ptr(ptr->mirror_ptr,(struct fr_ip_blur_list_node *)haptr); 1459 | if(ret) return ret+10; 1460 | haptr=(void *)(((struct fr_ip_blur_list_node *)(haptr))->next); 1461 | } 1462 | fr_read_unlock(&ptr->master_lock); // --> 1463 | //switch 1464 | //get write lock 1465 | fr_write_lock_atom(&ptr->master_lock); //--> 1466 | haptr= (void *) ptr->master_ptr; 1467 | ptr->master_ptr=ptr->mirror_ptr; 1468 | ptr->mirror_ptr= (struct fr_ip_hash_array *) haptr; 1469 | fr_write_unlock_atom(&ptr->master_lock); //--> 1470 | //release write lock 1471 | 1472 | //update mirror from master 1473 | haptr=fr_ip_hash_array_malloc(modular,hash_func,rnd); 1474 | if(haptr==NULL) return 2; 1475 | fr_ip_hash_array_destroy(ptr->mirror_ptr); 1476 | ptr->mirror_ptr=(struct fr_ip_hash_array *)haptr; 1477 | fr_read_lock(&ptr->master_lock); // --> 1478 | for(i=0;imaster_ptr->modular;i++) { 1479 | //copy master's nodes to mirror 1480 | haptr=*(ptr->master_ptr->array_ptr+i); 1481 | while(haptr) { 1482 | ret=fr_ip_hash_array_insert_ip(ptr->mirror_ptr,((struct fr_ip_hash_list_node *)haptr)->ip_hash); 1483 | if(ret) return ret+15; 1484 | haptr=((struct fr_ip_hash_list_node *)haptr)->next; 1485 | } 1486 | } 1487 | haptr=(void *)(ptr->master_ptr->blur_list_headptr); 1488 | while(haptr) { 1489 | ret=fr_ip_hash_array_insert_blurip_ptr(ptr->mirror_ptr,(struct fr_ip_blur_list_node *)haptr); 1490 | if(ret) return ret+20; 1491 | haptr=(void *)(((struct fr_ip_blur_list_node *)(haptr))->next); 1492 | } 1493 | fr_read_unlock(&ptr->master_lock); // --> 1494 | fr_write_unlock(&ptr->mirror_lock); // --> 1495 | return 0; 1496 | 1497 | } 1498 | 1499 | static unsigned int 1500 | fr_ip_double_hash_find_bool( 1501 | struct fr_ip_double_hash * ptr,unsigned int ip) { 1502 | 1503 | unsigned int ret; 1504 | 1505 | if(ptr==NULL) return 0; 1506 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 0; 1507 | 1508 | fr_read_lock(&ptr->master_lock); // --> 1509 | ret=fr_ip_hash_array_find_bool(ptr->master_ptr,ip); 1510 | fr_read_unlock(&ptr->master_lock); // --> 1511 | 1512 | return ret; 1513 | } 1514 | 1515 | static unsigned int 1516 | fr_ip_double_hash_find_bystrings_bool( 1517 | struct fr_ip_double_hash * ptr,char * ip_str) { 1518 | 1519 | unsigned int ret; 1520 | 1521 | if(ptr==NULL) return 0; 1522 | //if(ptr->master_ptr==NULL||ptr->mirror_ptr==NULL) return 0; 1523 | 1524 | fr_read_lock(&ptr->master_lock); // --> 1525 | ret=fr_ip_hash_array_find_ip_bystrings_bool(ptr->master_ptr,ip_str); 1526 | fr_read_unlock(&ptr->master_lock); // --> 1527 | 1528 | return ret; 1529 | } 1530 | 1531 | 1532 | /********/ 1533 | #ifndef FR_IP_MEMDEV_MAJOR 1534 | #define FR_IP_MEMDEV_MAJOR 0 1535 | #endif 1536 | #ifndef FR_IP_MEMDEV_NR_DEVS 1537 | #define FR_IP_MEMDEV_NR_DEVS 2 1538 | #endif 1539 | #ifndef FR_IP_MEMDEV_SIZE 1540 | #define FR_IP_MEMDEV_SIZE 4096 1541 | #endif 1542 | 1543 | /* for fr_ip_ioctl_para_t's type */ 1544 | /* in-black ip */ 1545 | #define FR_IP_IOCTL_TYPE_FIND 1 1546 | #define FR_IP_IOCTL_TYPE_FIND_BYSTRINGS 2 // * :) 1547 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP 3 1548 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_BYSTRINGS 4 // * :) 1549 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP 5 // * :) 1550 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_RANDOMLY 6 //* :) 1551 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_BYSTRINGS 7 // * :) 1552 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_ALL 8 //* :) 1553 | #define FR_IP_IOCTL_TYPE_SWITCH_MIRROR_UPDATE 9 // * :) 1554 | #define FR_IP_IOCTL_TYPE_REBUILD 10 // * :) 1555 | #define FR_IP_IOCTL_TYPE_COPY_HASH_STRUCT 11 // * 1556 | #define FR_IP_IOCTL_TYPE_DUMP 12 //* :) 1557 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP_BINS 13 //* :) 1558 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_BINS 14 //* :) 1559 | /* in-white ip */ 1560 | #define FR_IP_IOCTL_TYPE_WHITE_FIND 101 1561 | #define FR_IP_IOCTL_TYPE_WHITE_FIND_BYSTRINGS 102 // * :) 1562 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP 103 1563 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_BYSTRINGS 104 // * :) 1564 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP 105 1565 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_RANDOMLY 106 // * :) 1566 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_BYSTRINGS 107 // * :) 1567 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_ALL 108 //* :) 1568 | #define FR_IP_IOCTL_TYPE_WHITE_SWITCH_MIRROR_UPDATE 109 // * :) 1569 | #define FR_IP_IOCTL_TYPE_WHITE_REBUILD 110 // * :) 1570 | #define FR_IP_IOCTL_TYPE_WHITE_COPY_HASH_STRUCT 111 // * 1571 | #define FR_IP_IOCTL_TYPE_WHITE_DUMP 112 //* :) 1572 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP_BINS 113 //* :) 1573 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_BINS 114 //* :) 1574 | 1575 | 1576 | struct fr_ip_mem_dev 1577 | { 1578 | char *data; 1579 | unsigned long size; 1580 | }; 1581 | 1582 | struct fr_ip_ioctl_para_t { 1583 | void * ptr; 1584 | unsigned int size; 1585 | unsigned int type; 1586 | unsigned int ret; 1587 | }; 1588 | 1589 | #define FR_IP_MEMDEV_IOC_MAGIC 'k' 1590 | #define FR_IP_MEMDEV_IOCPRINT _IO(FR_IP_MEMDEV_IOC_MAGIC, 1) 1591 | #define FR_IP_MEMDEV_IOCGETDATA _IOR(FR_IP_MEMDEV_IOC_MAGIC, 2, int) 1592 | #define FR_IP_MEMDEV_IOCSETDATA _IOW(FR_IP_MEMDEV_IOC_MAGIC, 3, int) 1593 | #define FR_IP_MEMDEV_IOC_MAXNR 3 1594 | 1595 | /********/ 1596 | 1597 | static int fr_ip_mem_major = FR_IP_MEMDEV_MAJOR; 1598 | static int fr_ip_mem_share; 1599 | static struct fr_ip_mem_dev *fr_ip_mem_devp; 1600 | static struct cdev fr_ip_cdev; 1601 | static struct fr_ip_ioctl_para_t fr_ip_ioctl_para; 1602 | 1603 | static struct fr_ip_double_hash * double_hash_ptr=NULL; 1604 | static struct fr_ip_double_hash * double_hash_white_ptr=NULL; 1605 | static spinlock_t frdev_ioctl_spinlock; 1606 | 1607 | void fr_ip_print_blurip_ptr(struct fr_ip_blur_list_node * blptr) { 1608 | 1609 | if(blptr==NULL) { 1610 | printk("print_blurip_ptr error: input is null\n"); 1611 | } 1612 | 1613 | if(blptr->atom0_lower_limit==blptr->atom0_upper_limit) 1614 | printk("%d",blptr->atom0_lower_limit); 1615 | else if((blptr->atom0_lower_limit==0)&&(blptr->atom0_upper_limit==255)) 1616 | printk("*"); 1617 | else if((blptr->atom0_lower_limit==255)&&(blptr->atom0_upper_limit==0)) 1618 | printk("*"); 1619 | else if(blptr->atom0_lower_limitatom0_upper_limit) 1620 | printk("%d-%d",blptr->atom0_lower_limit,blptr->atom0_upper_limit); 1621 | else 1622 | printk("%d-%d",blptr->atom0_upper_limit,blptr->atom0_lower_limit); 1623 | 1624 | printk("."); 1625 | 1626 | if(blptr->atom1_lower_limit==blptr->atom1_upper_limit) 1627 | printk("%d",blptr->atom1_lower_limit); 1628 | else if((blptr->atom1_lower_limit==0)&&(blptr->atom1_upper_limit==255)) 1629 | printk("*"); 1630 | else if((blptr->atom1_lower_limit==255)&&(blptr->atom1_upper_limit==0)) 1631 | printk("*"); 1632 | else if(blptr->atom1_lower_limitatom1_upper_limit) 1633 | printk("%d-%d",blptr->atom1_lower_limit,blptr->atom1_upper_limit); 1634 | else 1635 | printk("%d-%d",blptr->atom1_upper_limit,blptr->atom1_lower_limit); 1636 | 1637 | printk("."); 1638 | 1639 | if(blptr->atom2_lower_limit==blptr->atom2_upper_limit) 1640 | printk("%d",blptr->atom2_lower_limit); 1641 | else if((blptr->atom2_lower_limit==0)&&(blptr->atom2_upper_limit==255)) 1642 | printk("*"); 1643 | else if((blptr->atom2_lower_limit==255)&&(blptr->atom2_upper_limit==0)) 1644 | printk("*"); 1645 | else if(blptr->atom2_lower_limitatom2_upper_limit) 1646 | printk("%d-%d",blptr->atom2_lower_limit,blptr->atom2_upper_limit); 1647 | else 1648 | printk("%d-%d",blptr->atom2_upper_limit,blptr->atom2_lower_limit); 1649 | 1650 | printk("."); 1651 | 1652 | if(blptr->atom3_lower_limit==blptr->atom3_upper_limit) 1653 | printk("%d",blptr->atom3_lower_limit); 1654 | else if((blptr->atom3_lower_limit==0)&&(blptr->atom3_upper_limit==255)) 1655 | printk("*"); 1656 | else if((blptr->atom3_lower_limit==255)&&(blptr->atom3_upper_limit==0)) 1657 | printk("*"); 1658 | else if(blptr->atom3_lower_limitatom3_upper_limit) 1659 | printk("%d-%d",blptr->atom3_lower_limit,blptr->atom3_upper_limit); 1660 | else 1661 | printk("%d-%d",blptr->atom3_upper_limit,blptr->atom3_lower_limit); 1662 | } 1663 | 1664 | void fr_ip_print_ip(unsigned int ip) { 1665 | unsigned char * ptr; 1666 | ptr=(unsigned char *) &ip; 1667 | printk("%d.%d.%d.%d",*(ptr+0),*(ptr+1),*(ptr+2),*(ptr+3)); 1668 | } 1669 | 1670 | void fr_ip_double_hash_dump( struct fr_ip_double_hash * double_hash_ptr) { 1671 | 1672 | struct fr_ip_hash_list_node * hlptr; 1673 | struct fr_ip_blur_list_node * blptr; 1674 | unsigned int i; 1675 | unsigned int j; 1676 | unsigned int sum; 1677 | unsigned int sum0; 1678 | 1679 | if(double_hash_ptr==NULL) return ; 1680 | 1681 | fr_read_lock(&double_hash_ptr->mirror_lock); // --> 1682 | fr_read_lock(&double_hash_ptr->master_lock); // --> 1683 | 1684 | printk("frdev_dump_struct:ptr-> %x $",double_hash_ptr); 1685 | printk(" master mirror$"); 1686 | printk("ptr: 0x%-6x 0x%-6x $",double_hash_ptr->master_ptr,double_hash_ptr->mirror_ptr); 1687 | printk("mod: %-6d %-6d $",double_hash_ptr->master_ptr->modular,double_hash_ptr->mirror_ptr->modular); 1688 | printk("haf: 0x%-6x 0x%-6x $",double_hash_ptr->master_ptr->hash_func,double_hash_ptr->mirror_ptr->hash_func); 1689 | printk("rnd: %-6d %-6d $",double_hash_ptr->master_ptr->hash_rnd,double_hash_ptr->mirror_ptr->hash_rnd); 1690 | printk("ipc: %-6d %-6d $",double_hash_ptr->master_ptr->ip_counter,double_hash_ptr->mirror_ptr->ip_counter); 1691 | printk("bip: %-6d %-6d $",double_hash_ptr->master_ptr->blur_ip_counter,double_hash_ptr->mirror_ptr->blur_ip_counter); 1692 | printk("wlf: %-6d %-6d $",double_hash_ptr->master_ptr->worst_load_factor,double_hash_ptr->mirror_ptr->worst_load_factor); 1693 | printk("whi: %-6d %-6d $",double_hash_ptr->master_ptr->worst_hash_index,double_hash_ptr->mirror_ptr->worst_hash_index); 1694 | printk("apt: 0x%-6x 0x%-6x $",double_hash_ptr->master_ptr->array_ptr,double_hash_ptr->mirror_ptr->array_ptr); 1695 | printk("blh: 0x%-6x 0x%-6x $",double_hash_ptr->master_ptr->blur_list_headptr,double_hash_ptr->mirror_ptr->blur_list_headptr); 1696 | printk("blt: 0x%-6x 0x%-6x \n",double_hash_ptr->master_ptr->blur_list_tailptr,double_hash_ptr->mirror_ptr->blur_list_tailptr); 1697 | 1698 | printk("frdev_dump_numbers:ptr-> %x $",double_hash_ptr); 1699 | 1700 | fr_read_unlock(&double_hash_ptr->mirror_lock); // --> 1701 | 1702 | sum=0; 1703 | sum0=0; 1704 | for(j=0;jmaster_ptr->modular;j++) { 1705 | hlptr=(struct fr_ip_hash_list_node *)(*(double_hash_ptr->master_ptr->array_ptr+j)); 1706 | i=0; 1707 | while(hlptr) { 1708 | i++; 1709 | hlptr=hlptr->next; 1710 | } 1711 | printk("%-3d $",i); 1712 | sum=sum+i; 1713 | if(i==0) 1714 | sum0++; 1715 | } 1716 | printk("$ sum:%d on sum0:%d \n",sum,double_hash_ptr->master_ptr->modular-sum0); 1717 | 1718 | printk("frdev_dump_ip:ptr-> %x $",double_hash_ptr); 1719 | blptr=double_hash_ptr->master_ptr->blur_list_headptr; 1720 | while(blptr) { 1721 | fr_ip_print_blurip_ptr(blptr); 1722 | printk(" $"); 1723 | blptr=blptr->next; 1724 | } 1725 | for(j=0;jmaster_ptr->modular;j++) { 1726 | hlptr=(struct fr_ip_hash_list_node *)(*(double_hash_ptr->master_ptr->array_ptr+j)); 1727 | while(hlptr) { 1728 | fr_ip_print_ip(hlptr->ip_hash); 1729 | printk(" $"); 1730 | hlptr=hlptr->next; 1731 | } 1732 | } 1733 | printk(" \n"); 1734 | 1735 | fr_read_unlock(&double_hash_ptr->master_lock); // --> 1736 | 1737 | } 1738 | 1739 | static void fr_ip_dev_ioctl_routine(unsigned long arg) { 1740 | 1741 | unsigned int ret; 1742 | unsigned int modular; 1743 | unsigned int rnd; 1744 | unsigned int size; 1745 | char * str; 1746 | 1747 | /* ret status code through the input ptr :) */ 1748 | printk("FR_IP_MEMDEV_IOCSETDATA: \n fr_ip_ioctl_para.type:%d\n fr_ip_ioctl_para.ptr:%d \n fr_ip_ioctl_para.size:%d \n fr_ip_ioctl_para.ret:%d \n ", 1749 | fr_ip_ioctl_para.type,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size,fr_ip_ioctl_para.ret); 1750 | 1751 | if(fr_ip_ioctl_para.typemaster_ptr->hash_func,rnd); 1798 | goto RET; 1799 | }//FR_IP_IOCTL_TYPE_DUMP 1800 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_DUMP) { 1801 | fr_ip_double_hash_dump(double_hash_ptr); 1802 | ret=0; 1803 | goto RET; 1804 | } 1805 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP_BINS) { 1806 | str=fr_malloc(fr_ip_ioctl_para.size); 1807 | if(str==NULL) { 1808 | ret=3; 1809 | goto RET; 1810 | } 1811 | copy_from_user(str,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size); 1812 | size=fr_ip_ioctl_para.size/sizeof(unsigned int); 1813 | while(size&&(ret==0)) { 1814 | size--; 1815 | ret=fr_ip_double_hash_mirror_insert_ip(double_hash_ptr,*((unsigned int *)str+size)); 1816 | } 1817 | if(ret) 1818 | ret=size+1; 1819 | fr_free(str); 1820 | goto RET; 1821 | } 1822 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_BINS) { 1823 | str=fr_malloc(fr_ip_ioctl_para.size); 1824 | if(str==NULL) { 1825 | ret=3; 1826 | goto RET; 1827 | } 1828 | copy_from_user(str,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size); 1829 | size=fr_ip_ioctl_para.size/sizeof(unsigned int); 1830 | while(size&&(ret==0)) { 1831 | size--; 1832 | ret=fr_ip_double_hash_mirror_delete_ip(double_hash_ptr,*((unsigned int *)str+size)); 1833 | } 1834 | if(ret) 1835 | ret=size+1; 1836 | fr_free(str); 1837 | goto RET; 1838 | } 1839 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_RANDOMLY) { 1840 | ret=fr_ip_double_hash_mirror_delete_ip_randomly(double_hash_ptr,fr_ip_ioctl_para.size); 1841 | goto RET; 1842 | } 1843 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP) { 1844 | ret=fr_ip_double_hash_mirror_delete_ip(double_hash_ptr,fr_ip_ioctl_para.size); 1845 | goto RET; 1846 | } 1847 | else { 1848 | ret=3198; 1849 | goto RET; 1850 | } 1851 | } 1852 | else { 1853 | if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_BYSTRINGS) { 1854 | str=fr_malloc(fr_ip_ioctl_para.size); 1855 | if(str==NULL) { 1856 | ret=1; 1857 | goto RET; 1858 | } 1859 | copy_from_user(str,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size); 1860 | ret=fr_ip_double_hash_mirror_insert_bystrings(double_hash_white_ptr,str); 1861 | fr_free(str); 1862 | goto RET; 1863 | } 1864 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_SWITCH_MIRROR_UPDATE) { 1865 | ret=fr_ip_double_hash_switch_mirror_update(double_hash_white_ptr); 1866 | goto RET; 1867 | } 1868 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_FIND_BYSTRINGS) { 1869 | str=fr_malloc(fr_ip_ioctl_para.size); 1870 | if(str==NULL) { 1871 | ret=3; 1872 | goto RET; 1873 | } 1874 | copy_from_user(str,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size); 1875 | ret=fr_ip_double_hash_find_bystrings_bool(double_hash_white_ptr,str); 1876 | fr_free(str); 1877 | goto RET; 1878 | } 1879 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_BYSTRINGS) { 1880 | str=fr_malloc(fr_ip_ioctl_para.size); 1881 | if(str==NULL) { 1882 | ret=3; 1883 | goto RET; 1884 | } 1885 | copy_from_user(str,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size); 1886 | ret=fr_ip_double_hash_mirror_delete_bystrings(double_hash_white_ptr,str); 1887 | fr_free(str); 1888 | goto RET; 1889 | } 1890 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_ALL) { 1891 | ret=fr_ip_double_hash_mirror_delete_all(double_hash_white_ptr); 1892 | goto RET; 1893 | } 1894 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_REBUILD) { 1895 | // modular rnd 1896 | copy_from_user(&modular,(unsigned int *)(fr_ip_ioctl_para.ptr),sizeof(unsigned int)); 1897 | copy_from_user(&rnd,(unsigned int *)(fr_ip_ioctl_para.ptr)+1,sizeof(unsigned int)); 1898 | ret=fr_ip_double_hash_rebuild(double_hash_white_ptr,modular,double_hash_white_ptr->master_ptr->hash_func,rnd); 1899 | goto RET; 1900 | }//FR_IP_IOCTL_TYPE_WHITE_DUMP 1901 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_DUMP) { 1902 | fr_ip_double_hash_dump(double_hash_white_ptr); 1903 | ret=0; 1904 | goto RET; 1905 | } 1906 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP_BINS) { 1907 | str=fr_malloc(fr_ip_ioctl_para.size); 1908 | if(str==NULL) { 1909 | ret=3; 1910 | goto RET; 1911 | } 1912 | copy_from_user(str,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size); 1913 | size=fr_ip_ioctl_para.size/sizeof(unsigned int); 1914 | while(size&&(ret==0)) { 1915 | size--; 1916 | ret=fr_ip_double_hash_mirror_insert_ip(double_hash_white_ptr,*((unsigned int *)str+size)); 1917 | } 1918 | if(ret) 1919 | ret=size+1; 1920 | fr_free(str); 1921 | goto RET; 1922 | } 1923 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_BINS) { 1924 | str=fr_malloc(fr_ip_ioctl_para.size); 1925 | if(str==NULL) { 1926 | ret=3; 1927 | goto RET; 1928 | } 1929 | copy_from_user(str,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size); 1930 | size=fr_ip_ioctl_para.size/sizeof(unsigned int); 1931 | while(size&&(ret==0)) { 1932 | size--; 1933 | ret=fr_ip_double_hash_mirror_delete_ip(double_hash_white_ptr,*((unsigned int *)str+size)); 1934 | } 1935 | if(ret) 1936 | ret=size+1; 1937 | fr_free(str); 1938 | goto RET; 1939 | } 1940 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_RANDOMLY) { 1941 | ret=fr_ip_double_hash_mirror_delete_ip_randomly(double_hash_white_ptr,fr_ip_ioctl_para.size); 1942 | goto RET; 1943 | } 1944 | else if(fr_ip_ioctl_para.type==FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP) { 1945 | ret=fr_ip_double_hash_mirror_delete_ip(double_hash_white_ptr,fr_ip_ioctl_para.size); 1946 | goto RET; 1947 | } 1948 | else { 1949 | ret=3198; 1950 | goto RET; 1951 | } 1952 | } 1953 | 1954 | RET: 1955 | copy_to_user(&(((struct fr_ip_ioctl_para_t *)arg)->ret),&ret,sizeof(unsigned int)); 1956 | 1957 | } 1958 | 1959 | static int fr_ip_mem_open(struct inode *inode, struct file *filp) 1960 | { 1961 | struct fr_ip_mem_dev *dev; 1962 | int num = MINOR(inode->i_rdev); 1963 | 1964 | if (num >= FR_IP_MEMDEV_NR_DEVS) 1965 | return -ENODEV; 1966 | dev = &fr_ip_mem_devp[num]; 1967 | filp->private_data = dev; 1968 | 1969 | return 0; 1970 | } 1971 | 1972 | static int fr_ip_mem_release(struct inode *inode, struct file *filp) 1973 | { 1974 | return 0; 1975 | } 1976 | 1977 | static int fr_ip_memdev_ioctl(struct inode *inode, struct file *filp, 1978 | unsigned int cmd, unsigned long arg) 1979 | { 1980 | int err = 0; 1981 | int ret = 0; 1982 | int ioarg = 0; 1983 | unsigned char rand; 1984 | 1985 | ret=0; 1986 | while(1) { 1987 | if(spin_trylock(&frdev_ioctl_spinlock)) { 1988 | ret=0; 1989 | break; 1990 | } 1991 | else { 1992 | ret++; 1993 | if(ret>=10) { 1994 | printk("frdev_dump_ioctl_get_spinlock_fail :( \n"); 1995 | return 3; 1996 | } 1997 | get_random_bytes(&rand,1); 1998 | set_current_state(TASK_INTERRUPTIBLE); 1999 | schedule_timeout(rand%11+10); 2000 | } 2001 | } 2002 | 2003 | if (_IOC_TYPE(cmd) != FR_IP_MEMDEV_IOC_MAGIC) 2004 | {ret= -EINVAL;goto END;} 2005 | if (_IOC_NR(cmd) > FR_IP_MEMDEV_IOC_MAXNR) 2006 | {ret= -EINVAL;goto END;} 2007 | 2008 | if (_IOC_DIR(cmd) & _IOC_READ) 2009 | err = !access_ok(VERIFY_WRITE, (void *)arg, _IOC_SIZE(cmd)); 2010 | else if (_IOC_DIR(cmd) & _IOC_WRITE) 2011 | err = !access_ok(VERIFY_READ, (void *)arg, _IOC_SIZE(cmd)); 2012 | 2013 | if (err) 2014 | {ret= -EFAULT;goto END;} 2015 | 2016 | switch(cmd) { 2017 | case FR_IP_MEMDEV_IOCPRINT: 2018 | break; 2019 | case FR_IP_MEMDEV_IOCGETDATA: 2020 | ioarg = 1101; 2021 | ret = __put_user(fr_ip_mem_share, (int *)arg); 2022 | break; 2023 | case FR_IP_MEMDEV_IOCSETDATA: 2024 | copy_from_user(&fr_ip_ioctl_para,arg,sizeof(struct fr_ip_ioctl_para_t)); 2025 | /*copy_from_user(buf,fr_ip_ioctl_para.ptr,fr_ip_ioctl_para.size);*/ 2026 | fr_ip_dev_ioctl_routine(arg); 2027 | printk("<--- In Kernel FR_IP_MEMDEV_IOCSETDATA para.type:%d --->\n\n",fr_ip_ioctl_para.type); 2028 | break; 2029 | default: 2030 | {ret= -EINVAL;goto END;} 2031 | } 2032 | 2033 | END: 2034 | spin_unlock(&frdev_ioctl_spinlock); 2035 | return ret; 2036 | 2037 | } 2038 | 2039 | 2040 | static const struct file_operations fr_ip_mem_fops = 2041 | { 2042 | .owner = THIS_MODULE, 2043 | .open = fr_ip_mem_open, 2044 | .release = fr_ip_mem_release, 2045 | .ioctl = fr_ip_memdev_ioctl, 2046 | }; 2047 | 2048 | static unsigned int double_hash_modular=1024; 2049 | static unsigned int double_hash_rnd=3198; 2050 | module_param(double_hash_modular, uint, 0600); 2051 | module_param(double_hash_rnd, uint, 0600); 2052 | 2053 | static unsigned int double_hash_white_modular=1024; 2054 | static unsigned int double_hash_white_rnd=3198; 2055 | module_param(double_hash_white_modular, uint, 0600); 2056 | module_param(double_hash_white_rnd, uint, 0600); 2057 | 2058 | 2059 | #define NIPQUAD(addr) \ 2060 | ((unsigned char *)&addr)[0], \ 2061 | ((unsigned char *)&addr)[1], \ 2062 | ((unsigned char *)&addr)[2], \ 2063 | ((unsigned char *)&addr)[3] 2064 | 2065 | static int fr_ip_counter=0; 2066 | 2067 | static unsigned int fr_nf_hook_sample( 2068 | unsigned int hooknum,struct sk_buff * skb,const struct net_device *in, 2069 | const struct net_device *out,int (*okfn) (struct sk_buff *)) 2070 | { 2071 | __be32 sip,dip; 2072 | 2073 | if(skb){ 2074 | struct sk_buff *sb = NULL; 2075 | sb = skb; 2076 | struct iphdr *iph; 2077 | iph = ip_hdr(sb); 2078 | sip = iph->saddr; 2079 | dip = iph->daddr; 2080 | printk("frip:packet sip: %d.%d.%d.%d dst: %d.%d.%d.%d ", NIPQUAD(sip), NIPQUAD(dip)); 2081 | } 2082 | fr_ip_counter++; 2083 | 2084 | printk("counter:%d ,jiffies:%d \n",fr_ip_counter,jiffies); 2085 | 2086 | if(fr_ip_double_hash_find_bool(double_hash_white_ptr,sip)) return NF_ACCEPT; 2087 | else if(fr_ip_double_hash_find_bool(double_hash_ptr,sip)) return NF_DROP; 2088 | else return NF_ACCEPT; 2089 | 2090 | } 2091 | 2092 | struct nf_hook_ops fr_nf_hook_sample_ops = { 2093 | .list = {NULL,NULL}, 2094 | .hook = fr_nf_hook_sample, 2095 | .pf = PF_INET, 2096 | .hooknum = NF_INET_PRE_ROUTING, 2097 | .priority = NF_IP_PRI_FILTER+2 2098 | }; 2099 | 2100 | 2101 | static int fr_ip_dev_init(void) 2102 | { 2103 | int result; 2104 | int i; 2105 | dev_t devno = MKDEV(fr_ip_mem_major, 0); 2106 | 2107 | spin_lock_init(&frdev_ioctl_spinlock); 2108 | printk("frdev: double_hash_modular:%d double_hash_rnd:%d \n",double_hash_modular,double_hash_rnd); 2109 | 2110 | fr_ip_blur_list_node_cache = kmem_cache_create("frdev_blur_ip", sizeof(struct fr_ip_blur_list_node), 2111 | 0, SLAB_HWCACHE_ALIGN, NULL); /* no ctor/dtor */ 2112 | fr_ip_hash_list_node_cache = kmem_cache_create("frdev_ip", sizeof(struct fr_ip_hash_list_node), 2113 | 0, SLAB_HWCACHE_ALIGN, NULL); /* no ctor/dtor */ 2114 | double_hash_ptr =fr_ip_double_hash_malloc(double_hash_modular,fr_jhash_1word,double_hash_rnd); 2115 | double_hash_white_ptr=fr_ip_double_hash_malloc(double_hash_white_modular,fr_jhash_1word,double_hash_white_rnd); 2116 | 2117 | if((fr_ip_blur_list_node_cache==NULL)||(fr_ip_hash_list_node_cache==NULL)|| 2118 | (double_hash_ptr==NULL)||(double_hash_white_ptr==NULL) ) { 2119 | if(fr_ip_blur_list_node_cache) { 2120 | kmem_cache_destroy(fr_ip_blur_list_node_cache); 2121 | fr_ip_blur_list_node_cache=NULL; 2122 | } 2123 | if(fr_ip_hash_list_node_cache) { 2124 | kmem_cache_destroy(fr_ip_hash_list_node_cache); 2125 | fr_ip_hash_list_node_cache=NULL; 2126 | } 2127 | if(double_hash_ptr) { 2128 | fr_ip_double_hash_destroy(double_hash_ptr); 2129 | double_hash_ptr=NULL; 2130 | } 2131 | if(double_hash_white_ptr) { 2132 | fr_ip_double_hash_destroy(double_hash_white_ptr); 2133 | double_hash_white_ptr=NULL; 2134 | } 2135 | printk("frdev:double hash table init failed\n"); 2136 | return -1; 2137 | } 2138 | 2139 | if (fr_ip_mem_major) 2140 | result = register_chrdev_region(devno, 2, "frdev"); 2141 | else { 2142 | result = alloc_chrdev_region(&devno, 0, 2, "frdev"); 2143 | fr_ip_mem_major = MAJOR(devno); 2144 | } 2145 | if (result < 0) { 2146 | if(fr_ip_blur_list_node_cache) { 2147 | kmem_cache_destroy(fr_ip_blur_list_node_cache); 2148 | fr_ip_blur_list_node_cache=NULL; 2149 | } 2150 | if(fr_ip_hash_list_node_cache) { 2151 | kmem_cache_destroy(fr_ip_hash_list_node_cache); 2152 | fr_ip_hash_list_node_cache=NULL; 2153 | } 2154 | if(double_hash_ptr) { 2155 | fr_ip_double_hash_destroy(double_hash_ptr); 2156 | double_hash_ptr=NULL; 2157 | } 2158 | if(double_hash_white_ptr) { 2159 | fr_ip_double_hash_destroy(double_hash_white_ptr); 2160 | double_hash_white_ptr=NULL; 2161 | } 2162 | printk("frdev:kernel device init failed\n"); 2163 | return result; 2164 | } 2165 | cdev_init(&fr_ip_cdev, &fr_ip_mem_fops); 2166 | fr_ip_cdev.owner = THIS_MODULE; 2167 | fr_ip_cdev.ops = &fr_ip_mem_fops; 2168 | 2169 | cdev_add(&fr_ip_cdev, MKDEV(fr_ip_mem_major, 0), FR_IP_MEMDEV_NR_DEVS); 2170 | fr_ip_mem_devp = kmalloc(FR_IP_MEMDEV_NR_DEVS * sizeof(struct fr_ip_mem_dev), GFP_KERNEL); 2171 | if (!fr_ip_mem_devp) 2172 | { 2173 | result = - ENOMEM; 2174 | goto fail_malloc; 2175 | } 2176 | memset(fr_ip_mem_devp, 0, sizeof(struct fr_ip_mem_dev)); 2177 | 2178 | for (i=0; i < FR_IP_MEMDEV_NR_DEVS; i++) 2179 | { 2180 | fr_ip_mem_devp[i].size = FR_IP_MEMDEV_SIZE; 2181 | fr_ip_mem_devp[i].data = kmalloc(FR_IP_MEMDEV_SIZE, GFP_KERNEL); 2182 | memset(fr_ip_mem_devp[i].data, 0, FR_IP_MEMDEV_SIZE); 2183 | } 2184 | nf_register_hook(&fr_nf_hook_sample_ops); 2185 | return 0; 2186 | fail_malloc: 2187 | if(fr_ip_blur_list_node_cache) { 2188 | kmem_cache_destroy(fr_ip_blur_list_node_cache); 2189 | fr_ip_blur_list_node_cache=NULL; 2190 | } 2191 | if(fr_ip_hash_list_node_cache) { 2192 | kmem_cache_destroy(fr_ip_hash_list_node_cache); 2193 | fr_ip_hash_list_node_cache=NULL; 2194 | } 2195 | if(double_hash_ptr) { 2196 | fr_ip_double_hash_destroy(double_hash_ptr); 2197 | double_hash_ptr=NULL; 2198 | } 2199 | if(double_hash_white_ptr) { 2200 | fr_ip_double_hash_destroy(double_hash_white_ptr); 2201 | double_hash_white_ptr=NULL; 2202 | } 2203 | unregister_chrdev_region(devno, 1); 2204 | printk("frdev:devmem malloc failed\n"); 2205 | return result; 2206 | } 2207 | 2208 | static void fr_ip_dev_exit(void) 2209 | { 2210 | nf_unregister_hook(&fr_nf_hook_sample_ops); 2211 | cdev_del(&fr_ip_cdev); 2212 | kfree(fr_ip_mem_devp); 2213 | unregister_chrdev_region(MKDEV(fr_ip_mem_major, 0), 2); 2214 | 2215 | if(double_hash_ptr) { 2216 | fr_ip_double_hash_destroy(double_hash_ptr); 2217 | double_hash_ptr=NULL; 2218 | } 2219 | if(double_hash_white_ptr) { 2220 | fr_ip_double_hash_destroy(double_hash_white_ptr); 2221 | double_hash_white_ptr=NULL; 2222 | } 2223 | if(fr_ip_blur_list_node_cache) { 2224 | kmem_cache_destroy(fr_ip_blur_list_node_cache); 2225 | fr_ip_blur_list_node_cache=NULL; 2226 | } 2227 | if(fr_ip_hash_list_node_cache) { 2228 | kmem_cache_destroy(fr_ip_hash_list_node_cache); 2229 | fr_ip_hash_list_node_cache=NULL; 2230 | } 2231 | 2232 | 2233 | } 2234 | 2235 | module_init(fr_ip_dev_init); 2236 | module_exit(fr_ip_dev_exit); 2237 | 2238 | -------------------------------------------------------------------------------- /fripadm: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | function print_usage() { 4 | echo " fripadm version 0.82 by yunthanatos@163.com" 5 | echo " fripadm usage: fripadm:find/insert/delete/delete all/switch/rebuild/dump" 6 | echo 7 | echo "#fripadm insert '192.168.31.98 127.*.*.* 255.*.*.1-100'" 8 | echo "#fripadm switch" 9 | echo "#fripadm find 127.3.4.7 " 10 | echo "#fripadm delete 127.0-255.*.*" 11 | echo "#fripadm switch" 12 | echo "#fripadm find 127.3.4.7 " 13 | echo "#fripadm rebuild 1025 3199" 14 | echo "#fripadm find 192.168.31.98 " 15 | echo "#fripadm dump " 16 | echo "#fripadm dump ip" 17 | echo "#fripadm dump struct" 18 | echo "#fripadm dump numbers" 19 | } 20 | 21 | if [ "$#" -eq 0 ] 22 | then 23 | print_usage &>/proc/self/fd/2 24 | exit 1 25 | fi 26 | 27 | if [ "$1" = "find" ] 28 | then 29 | ./fripadm_exe 2 "$2" 30 | elif [ "$1" = "insert" ] 31 | then 32 | ./fripadm_exe 4 "$2" 33 | elif [ "$1" = "delete" ] 34 | then 35 | ./fripadm_exe 7 "$2" 36 | elif [ "$1" = "delete all" ] 37 | then 38 | ./fripadm_exe 8 39 | elif [ "$1" = "switch" ] 40 | then 41 | ./fripadm_exe 9 42 | elif [ "$1" = "rebuild" ] 43 | then 44 | ./fripadm_exe 10 "$2" "$3" 45 | elif [ "$1" = "dump" ] 46 | then 47 | ./fripadm_exe 12 48 | if [ "$2" = "" ] 49 | then 50 | dmesg | grep frdev_dump_struct | tail -1 | tr $ '\n' 51 | dmesg | grep frdev_dump_ip | tail -1 | tr $ '\n' 52 | elif [ "$2" = "ip" ] 53 | then 54 | dmesg | grep frdev_dump_ip | tail -1 | tr $ '\n' 55 | elif [ "$2" = "struct" ] 56 | then 57 | dmesg | grep frdev_dump_struct | tail -1 | tr $ '\n' 58 | elif [ "$2" = "numbers" ] 59 | then 60 | dmesg | grep frdev_dump_numbers | tail -1 | tr $ ' ' 61 | else 62 | print_usage &>/proc/self/fd/2 63 | exit 1 64 | fi 65 | else 66 | print_usage &>/proc/self/fd/2 67 | exit 1 68 | fi 69 | 70 | exit $? 71 | -------------------------------------------------------------------------------- /fripadm_black_in.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | function print_usage() { 4 | echo " fripadm version 1.10 by yunthanatos@163.com" 5 | echo " fripadm usage: fripadm:find/insert/delete/delete all/switch/rebuild/dump" 6 | echo " fripadm_black_in" 7 | echo "#fripadm insert '192.168.31.98 127.*.*.* 255.*.*.1-100'" 8 | echo "#fripadm switch" 9 | echo "#fripadm find 127.3.4.7 " 10 | echo "#fripadm delete 127.0-255.*.*" 11 | echo "#fripadm switch" 12 | echo "#fripadm find 127.3.4.7 " 13 | echo "#fripadm rebuild 1025 3199" 14 | echo "#fripadm find 192.168.31.98 " 15 | echo "#fripadm dump " 16 | echo "#fripadm dump ip" 17 | echo "#fripadm dump struct" 18 | echo "#fripadm dump numbers" 19 | } 20 | 21 | if [ "$#" -eq 0 ] 22 | then 23 | print_usage &>/proc/self/fd/2 24 | exit 1 25 | fi 26 | 27 | if [ "$1" = "find" ] 28 | then 29 | ./fripadm_black_in_exe 2 "$2" 30 | elif [ "$1" = "insert" ] 31 | then 32 | ./fripadm_black_in_exe 4 "$2" 33 | elif [ "$1" = "delete" ] 34 | then 35 | ./fripadm_black_in_exe 7 "$2" 36 | elif [ "$1" = "delete all" ] 37 | then 38 | ./fripadm_black_in_exe 8 39 | elif [ "$1" = "switch" ] 40 | then 41 | ./fripadm_black_in_exe 9 42 | elif [ "$1" = "rebuild" ] 43 | then 44 | ./fripadm_black_in_exe 10 "$2" "$3" 45 | elif [ "$1" = "dump" ] 46 | then 47 | ./fripadm_black_in_exe 12 48 | if [ "$2" = "" ] 49 | then 50 | dmesg | grep frdev_dump_struct | tail -1 | tr $ '\n' 51 | dmesg | grep frdev_dump_ip | tail -1 | tr $ '\n' 52 | elif [ "$2" = "ip" ] 53 | then 54 | dmesg | grep frdev_dump_ip | tail -1 | tr $ '\n' 55 | elif [ "$2" = "struct" ] 56 | then 57 | dmesg | grep frdev_dump_struct | tail -1 | tr $ '\n' 58 | elif [ "$2" = "numbers" ] 59 | then 60 | dmesg | grep frdev_dump_numbers | tail -1 | tr $ ' ' 61 | else 62 | print_usage &>/proc/self/fd/2 63 | exit 1 64 | fi 65 | else 66 | print_usage &>/proc/self/fd/2 67 | exit 1 68 | fi 69 | 70 | exit $? 71 | -------------------------------------------------------------------------------- /fripadm_black_in_exe.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | 9 | /********/ 10 | #ifndef FR_IP_MEMDEV_MAJOR 11 | #define FR_IP_MEMDEV_MAJOR 0 12 | #endif 13 | #ifndef FR_IP_MEMDEV_NR_DEVS 14 | #define FR_IP_MEMDEV_NR_DEVS 2 15 | #endif 16 | #ifndef FR_IP_MEMDEV_SIZE 17 | #define FR_IP_MEMDEV_SIZE 4096 18 | #endif 19 | 20 | /* for fr_ip_ioctl_para_t's type */ 21 | /* in-black ip */ 22 | #define FR_IP_IOCTL_TYPE_FIND 1 23 | #define FR_IP_IOCTL_TYPE_FIND_BYSTRINGS 2 // * :) 24 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP 3 25 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_BYSTRINGS 4 // * :) 26 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP 5 // * :) 27 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_RANDOMLY 6 //* :) 28 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_BYSTRINGS 7 // * :) 29 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_ALL 8 //* :) 30 | #define FR_IP_IOCTL_TYPE_SWITCH_MIRROR_UPDATE 9 // * :) 31 | #define FR_IP_IOCTL_TYPE_REBUILD 10 // * :) 32 | #define FR_IP_IOCTL_TYPE_COPY_HASH_STRUCT 11 // * 33 | #define FR_IP_IOCTL_TYPE_DUMP 12 //* :) 34 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP_BINS 13 //* :) 35 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_BINS 14 //* :) 36 | /* in-white ip */ 37 | #define FR_IP_IOCTL_TYPE_WHITE_FIND 101 38 | #define FR_IP_IOCTL_TYPE_WHITE_FIND_BYSTRINGS 102 // * :) 39 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP 103 40 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_BYSTRINGS 104 // * :) 41 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP 105 42 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_RANDOMLY 106 // * :) 43 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_BYSTRINGS 107 // * :) 44 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_ALL 108 //* :) 45 | #define FR_IP_IOCTL_TYPE_WHITE_SWITCH_MIRROR_UPDATE 109 // * :) 46 | #define FR_IP_IOCTL_TYPE_WHITE_REBUILD 110 // * :) 47 | #define FR_IP_IOCTL_TYPE_WHITE_COPY_HASH_STRUCT 111 // * 48 | #define FR_IP_IOCTL_TYPE_WHITE_DUMP 112 //* :) 49 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP_BINS 113 //* :) 50 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_BINS 114 //* :) 51 | 52 | struct fr_ip_mem_dev 53 | { 54 | char *data; 55 | unsigned long size; 56 | }; 57 | 58 | struct fr_ip_ioctl_para_t { 59 | void * ptr; 60 | unsigned int size; 61 | unsigned int type; 62 | unsigned int ret; 63 | }; 64 | 65 | #define FR_IP_MEMDEV_IOC_MAGIC 'k' 66 | #define FR_IP_MEMDEV_IOCPRINT _IO(FR_IP_MEMDEV_IOC_MAGIC, 1) 67 | #define FR_IP_MEMDEV_IOCGETDATA _IOR(FR_IP_MEMDEV_IOC_MAGIC, 2, int) 68 | #define FR_IP_MEMDEV_IOCSETDATA _IOW(FR_IP_MEMDEV_IOC_MAGIC, 3, int) 69 | #define FR_IP_MEMDEV_IOC_MAXNR 3 70 | 71 | /********/ 72 | 73 | struct fr_ip_ioctl_para_t gl_para; 74 | 75 | static unsigned int double_hash_find_bystrings(int fd,char * str, unsigned int size) { 76 | 77 | if ( (fd<0)||(str==NULL)||(size==0) ){ 78 | fprintf(stderr,"double_hash_find_bystrings input invalid!\n"); 79 | return 3; 80 | } 81 | 82 | gl_para.ptr=str; 83 | gl_para.size=size; 84 | gl_para.type=FR_IP_IOCTL_TYPE_FIND_BYSTRINGS; 85 | 86 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 87 | { 88 | fprintf(stderr,"double_hash_find_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 89 | return 4; 90 | } 91 | 92 | return gl_para.ret; 93 | } 94 | 95 | static unsigned int double_hash_mirror_insert_bystrings(int fd,char * str, unsigned int size) { 96 | 97 | if ( (fd<0)||(str==NULL)||(size==0) ){ 98 | fprintf(stderr,"double_hash_mirror_insert_bystrings input invalid!\n"); 99 | return 3; 100 | } 101 | 102 | gl_para.ptr=str; 103 | gl_para.size=size; 104 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_INSERT_BYSTRINGS; 105 | 106 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 107 | { 108 | fprintf(stderr,"double_hash_mirror_insert_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 109 | return 4; 110 | } 111 | 112 | return gl_para.ret; 113 | } 114 | 115 | static unsigned int double_hash_mirror_insert_bins(int fd,char * str, unsigned int size) { 116 | 117 | if ( (fd<0)||(str==NULL)||(size==0) ){ 118 | fprintf(stderr,"double_hash_mirror_insert_bins input invalid!\n"); 119 | return 3; 120 | } 121 | 122 | gl_para.ptr=str; 123 | gl_para.size=size; 124 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP_BINS; 125 | 126 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 127 | { 128 | fprintf(stderr,"double_hash_mirror_insert_bins cmd MEMDEV_IOCSETDATA fail\n"); 129 | return 4; 130 | } 131 | 132 | return gl_para.ret; 133 | } 134 | 135 | static unsigned int double_hash_mirror_delete_bystrings(int fd,char * str, unsigned int size) { 136 | 137 | if ( (fd<0)||(str==NULL)||(size==0) ){ 138 | fprintf(stderr,"double_hash_mirror_delete_bystrings input invalid!\n"); 139 | return 3; 140 | } 141 | 142 | gl_para.ptr=str; 143 | gl_para.size=size; 144 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_BYSTRINGS; 145 | 146 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 147 | { 148 | fprintf(stderr,"double_hash_mirror_delete_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 149 | return 4; 150 | } 151 | 152 | return gl_para.ret; 153 | } 154 | 155 | static unsigned int double_hash_mirror_delete_bins(int fd,char * str, unsigned int size) { 156 | 157 | if ( (fd<0)||(str==NULL)||(size==0) ){ 158 | fprintf(stderr,"double_hash_mirror_delete_bins input invalid!\n"); 159 | return 3; 160 | } 161 | 162 | gl_para.ptr=str; 163 | gl_para.size=size; 164 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_BINS; 165 | 166 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 167 | { 168 | fprintf(stderr,"double_hash_mirror_delete_bins cmd MEMDEV_IOCSETDATA fail\n"); 169 | return 4; 170 | } 171 | 172 | return gl_para.ret; 173 | } 174 | 175 | static unsigned int double_hash_mirror_delete_ip_randomly(int fd,unsigned int size) { 176 | 177 | if ( (fd<0)||(size==0) ){ 178 | fprintf(stderr,"double_hash_mirror_delete_ip_randomly input invalid!\n"); 179 | return 3; 180 | } 181 | 182 | gl_para.size=size; 183 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_RANDOMLY; 184 | 185 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 186 | { 187 | fprintf(stderr,"double_hash_mirror_delete_ip_randomly cmd MEMDEV_IOCSETDATA fail\n"); 188 | return 4; 189 | } 190 | 191 | return gl_para.ret; 192 | } 193 | 194 | 195 | static unsigned int double_hash_mirror_delete_all(int fd) { 196 | 197 | if ( (fd<0) ){ 198 | fprintf(stderr,"double_hash_mirror_delete_all input invalid!\n"); 199 | return 3; 200 | } 201 | 202 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_ALL; 203 | 204 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 205 | { 206 | fprintf(stderr,"double_hash_mirror_delete_all cmd MEMDEV_IOCSETDATA fail\n"); 207 | return 4; 208 | } 209 | 210 | return gl_para.ret; 211 | } 212 | 213 | static unsigned int double_hash_switch_mirror_update(int fd) { 214 | 215 | if ( (fd<0) ){ 216 | fprintf(stderr,"double_hash_switch_mirror_update input invalid!\n"); 217 | return 3; 218 | } 219 | 220 | gl_para.type=FR_IP_IOCTL_TYPE_SWITCH_MIRROR_UPDATE; 221 | 222 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 223 | { 224 | fprintf(stderr,"double_hash_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 225 | return 4; 226 | } 227 | 228 | return gl_para.ret; 229 | } 230 | 231 | 232 | static unsigned int double_hash_rebuild(int fd,unsigned int modular, unsigned int rnd) { 233 | 234 | unsigned int in[2]; 235 | 236 | if ( (fd<0)||(modular==0) ){ 237 | fprintf(stderr,"double_hash_rebuild input invalid!\n"); 238 | return 3; 239 | } 240 | 241 | in[0]=modular; 242 | in[1]=rnd; 243 | gl_para.ptr=in; 244 | gl_para.size=sizeof(unsigned int)*2; 245 | gl_para.type=FR_IP_IOCTL_TYPE_REBUILD; 246 | 247 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 248 | { 249 | fprintf(stderr,"double_hash_rebuild cmd MEMDEV_IOCSETDATA fail\n"); 250 | return 4; 251 | } 252 | 253 | return gl_para.ret; 254 | } 255 | 256 | static unsigned int double_hash_dump(int fd) { 257 | 258 | if ( (fd<0) ){ 259 | fprintf(stderr,"double_hash_dump input invalid!\n"); 260 | return 3; 261 | } 262 | 263 | gl_para.type=FR_IP_IOCTL_TYPE_DUMP; 264 | 265 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 266 | { 267 | fprintf(stderr,"double_hash_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 268 | return 4; 269 | } 270 | 271 | return gl_para.ret; 272 | } 273 | 274 | static unsigned int double_hash_white_find_bystrings(int fd,char * str, unsigned int size) { 275 | 276 | if ( (fd<0)||(str==NULL)||(size==0) ){ 277 | fprintf(stderr,"double_hash_white_find_bystrings input invalid!\n"); 278 | return 3; 279 | } 280 | 281 | gl_para.ptr=str; 282 | gl_para.size=size; 283 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_FIND_BYSTRINGS; 284 | 285 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 286 | { 287 | fprintf(stderr,"double_hash_white_find_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 288 | return 4; 289 | } 290 | 291 | return gl_para.ret; 292 | } 293 | 294 | static unsigned int double_hash_white_mirror_insert_bystrings(int fd,char * str, unsigned int size) { 295 | 296 | if ( (fd<0)||(str==NULL)||(size==0) ){ 297 | fprintf(stderr,"double_hash_white_mirror_insert_bystrings input invalid!\n"); 298 | return 3; 299 | } 300 | 301 | gl_para.ptr=str; 302 | gl_para.size=size; 303 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_BYSTRINGS; 304 | 305 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 306 | { 307 | fprintf(stderr,"double_hash_white_mirror_insert_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 308 | return 4; 309 | } 310 | 311 | return gl_para.ret; 312 | } 313 | 314 | static unsigned int double_hash_white_mirror_insert_bins(int fd,char * str, unsigned int size) { 315 | 316 | if ( (fd<0)||(str==NULL)||(size==0) ){ 317 | fprintf(stderr,"double_hash_white_mirror_insert_bins input invalid!\n"); 318 | return 3; 319 | } 320 | 321 | gl_para.ptr=str; 322 | gl_para.size=size; 323 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP_BINS; 324 | 325 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 326 | { 327 | fprintf(stderr,"double_hash_white_mirror_insert_bins cmd MEMDEV_IOCSETDATA fail\n"); 328 | return 4; 329 | } 330 | 331 | return gl_para.ret; 332 | } 333 | 334 | static unsigned int double_hash_white_mirror_delete_bystrings(int fd,char * str, unsigned int size) { 335 | 336 | if ( (fd<0)||(str==NULL)||(size==0) ){ 337 | fprintf(stderr,"double_hash_white_mirror_delete_bystrings input invalid!\n"); 338 | return 3; 339 | } 340 | 341 | gl_para.ptr=str; 342 | gl_para.size=size; 343 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_BYSTRINGS; 344 | 345 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 346 | { 347 | fprintf(stderr,"double_hash_white_mirror_delete_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 348 | return 4; 349 | } 350 | 351 | return gl_para.ret; 352 | } 353 | 354 | static unsigned int double_hash_white_mirror_delete_bins(int fd,char * str, unsigned int size) { 355 | 356 | if ( (fd<0)||(str==NULL)||(size==0) ){ 357 | fprintf(stderr,"double_hash_white_mirror_delete_bins input invalid!\n"); 358 | return 3; 359 | } 360 | 361 | gl_para.ptr=str; 362 | gl_para.size=size; 363 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_BINS; 364 | 365 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 366 | { 367 | fprintf(stderr,"double_hash_white_mirror_delete_bins cmd MEMDEV_IOCSETDATA fail\n"); 368 | return 4; 369 | } 370 | 371 | return gl_para.ret; 372 | } 373 | 374 | static unsigned int double_hash_white_mirror_delete_ip_randomly(int fd,unsigned int size) { 375 | 376 | if ( (fd<0)||(size==0) ){ 377 | fprintf(stderr,"double_hash_white_mirror_delete_ip_randomly input invalid!\n"); 378 | return 3; 379 | } 380 | 381 | gl_para.size=size; 382 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_RANDOMLY; 383 | 384 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 385 | { 386 | fprintf(stderr,"double_hash_white_mirror_delete_ip_randomly cmd MEMDEV_IOCSETDATA fail\n"); 387 | return 4; 388 | } 389 | 390 | return gl_para.ret; 391 | } 392 | 393 | 394 | static unsigned int double_hash_white_mirror_delete_all(int fd) { 395 | 396 | if ( (fd<0) ){ 397 | fprintf(stderr,"double_hash_white_mirror_delete_all input invalid!\n"); 398 | return 3; 399 | } 400 | 401 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_ALL; 402 | 403 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 404 | { 405 | fprintf(stderr,"double_hash_white_mirror_delete_all cmd MEMDEV_IOCSETDATA fail\n"); 406 | return 4; 407 | } 408 | 409 | return gl_para.ret; 410 | } 411 | 412 | static unsigned int double_hash_white_switch_mirror_update(int fd) { 413 | 414 | if ( (fd<0) ){ 415 | fprintf(stderr,"double_hash_white_switch_mirror_update input invalid!\n"); 416 | return 3; 417 | } 418 | 419 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_SWITCH_MIRROR_UPDATE; 420 | 421 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 422 | { 423 | fprintf(stderr,"double_hash_white_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 424 | return 4; 425 | } 426 | 427 | return gl_para.ret; 428 | } 429 | 430 | 431 | static unsigned int double_hash_white_rebuild(int fd,unsigned int modular, unsigned int rnd) { 432 | 433 | unsigned int in[2]; 434 | 435 | if ( (fd<0)||(modular==0) ){ 436 | fprintf(stderr,"double_hash_white_rebuild input invalid!\n"); 437 | return 3; 438 | } 439 | 440 | in[0]=modular; 441 | in[1]=rnd; 442 | gl_para.ptr=in; 443 | gl_para.size=sizeof(unsigned int)*2; 444 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_REBUILD; 445 | 446 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 447 | { 448 | fprintf(stderr,"double_hash_white_rebuild cmd MEMDEV_IOCSETDATA fail\n"); 449 | return 4; 450 | } 451 | 452 | return gl_para.ret; 453 | } 454 | 455 | static unsigned int double_hash_white_dump(int fd) { 456 | 457 | if ( (fd<0) ){ 458 | fprintf(stderr,"double_hash_white_dump input invalid!\n"); 459 | return 3; 460 | } 461 | 462 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_DUMP; 463 | 464 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 465 | { 466 | fprintf(stderr,"double_hash_white_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 467 | return 4; 468 | } 469 | 470 | return gl_para.ret; 471 | } 472 | 473 | int main(int argc, char *argv[]) 474 | { 475 | int fd = 0; 476 | int type; 477 | unsigned int ret; 478 | 479 | fd = open("/dev/frdev0",O_RDWR); 480 | if (fd < 0) 481 | { 482 | fprintf(stderr,"Open Dev Mem0 Error!\n"); 483 | return -1; 484 | } 485 | 486 | if(argc<=1) { 487 | fprintf(stderr,"%s usage: ... \n",argv[0]); 488 | ret=-1; 489 | goto end; 490 | } 491 | // fripadm 2 "192.168.31.98 " 492 | type=atoi(argv[1]); 493 | if(type==FR_IP_IOCTL_TYPE_FIND_BYSTRINGS) { 494 | if(argc==3) { 495 | ret=double_hash_find_bystrings(fd,argv[2],strlen(argv[2])); 496 | if(ret==1) { 497 | printf("%s is in the double_hash_table\n",argv[2]); 498 | ret=0; 499 | goto end; 500 | } 501 | } 502 | else { 503 | fprintf(stderr,"%s usage: ... \n",argv[0]); 504 | ret=-1; 505 | goto end; 506 | } 507 | } 508 | else if(type==FR_IP_IOCTL_TYPE_MIRROR_INSERT_BYSTRINGS) { 509 | if(argc==3) { 510 | ret=double_hash_mirror_insert_bystrings(fd,argv[2],strlen(argv[2])); 511 | goto end; 512 | } 513 | else { 514 | fprintf(stderr,"%s usage: ... \n",argv[0]); 515 | ret=-1; 516 | goto end; 517 | } 518 | } 519 | else if(type==FR_IP_IOCTL_TYPE_MIRROR_DELETE_BYSTRINGS) { 520 | if(argc==3) { 521 | ret=double_hash_mirror_delete_bystrings(fd,argv[2],strlen(argv[2])); 522 | goto end; 523 | } 524 | else { 525 | fprintf(stderr,"%s usage: ... \n",argv[0]); 526 | ret=-1; 527 | goto end; 528 | } 529 | } 530 | else if(type==FR_IP_IOCTL_TYPE_MIRROR_DELETE_ALL) { 531 | if(argc==2) { 532 | ret=double_hash_mirror_delete_all(fd); 533 | goto end; 534 | } 535 | else { 536 | fprintf(stderr,"%s usage: ... \n",argv[0]); 537 | ret=-1; 538 | goto end; 539 | } 540 | } 541 | else if(type==FR_IP_IOCTL_TYPE_SWITCH_MIRROR_UPDATE) { 542 | if(argc==2) { 543 | ret=double_hash_switch_mirror_update(fd); 544 | goto end; 545 | } 546 | else { 547 | fprintf(stderr,"%s usage: ... \n",argv[0]); 548 | ret=-1; 549 | goto end; 550 | } 551 | } 552 | else if(type==FR_IP_IOCTL_TYPE_REBUILD) { 553 | if(argc==4) { 554 | ret=double_hash_rebuild(fd,(unsigned int)atoi(argv[2]),(unsigned int)atoi(argv[3])); 555 | goto end; 556 | } 557 | else { 558 | fprintf(stderr,"%s usage: ... \n",argv[0]); 559 | ret=-1; 560 | goto end; 561 | } 562 | } 563 | else if(type==FR_IP_IOCTL_TYPE_DUMP) { 564 | if(argc==2) { 565 | ret=double_hash_dump(fd); 566 | goto end; 567 | } 568 | else { 569 | fprintf(stderr,"%s usage: ... \n",argv[0]); 570 | ret=-1; 571 | goto end; 572 | } 573 | } 574 | else { 575 | fprintf(stderr,"%s %d error: unknown type :( \n",argv[0],type); 576 | ret=-1; 577 | goto end; 578 | } 579 | end: 580 | close(fd); 581 | return ret; 582 | } 583 | 584 | 585 | -------------------------------------------------------------------------------- /fripadm_white_in.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | function print_usage() { 4 | echo " fripadm version 1.10 by yunthanatos@163.com" 5 | echo " fripadm usage: fripadm:find/insert/delete/delete all/switch/rebuild/dump" 6 | echo " fripadm_white_in" 7 | echo "#fripadm insert '192.168.31.98 127.*.*.* 255.*.*.1-100'" 8 | echo "#fripadm switch" 9 | echo "#fripadm find 127.3.4.7 " 10 | echo "#fripadm delete 127.0-255.*.*" 11 | echo "#fripadm switch" 12 | echo "#fripadm find 127.3.4.7 " 13 | echo "#fripadm rebuild 1025 3199" 14 | echo "#fripadm find 192.168.31.98 " 15 | echo "#fripadm dump " 16 | echo "#fripadm dump ip" 17 | echo "#fripadm dump struct" 18 | echo "#fripadm dump numbers" 19 | } 20 | 21 | if [ "$#" -eq 0 ] 22 | then 23 | print_usage &>/proc/self/fd/2 24 | exit 1 25 | fi 26 | 27 | if [ "$1" = "find" ] 28 | then 29 | ./fripadm_white_in_exe 2 "$2" 30 | elif [ "$1" = "insert" ] 31 | then 32 | ./fripadm_white_in_exe 4 "$2" 33 | elif [ "$1" = "delete" ] 34 | then 35 | ./fripadm_white_in_exe 7 "$2" 36 | elif [ "$1" = "delete all" ] 37 | then 38 | ./fripadm_white_in_exe 8 39 | elif [ "$1" = "switch" ] 40 | then 41 | ./fripadm_white_in_exe 9 42 | elif [ "$1" = "rebuild" ] 43 | then 44 | ./fripadm_white_in_exe 10 "$2" "$3" 45 | elif [ "$1" = "dump" ] 46 | then 47 | ./fripadm_white_in_exe 12 48 | if [ "$2" = "" ] 49 | then 50 | dmesg | grep frdev_dump_struct | tail -1 | tr $ '\n' 51 | dmesg | grep frdev_dump_ip | tail -1 | tr $ '\n' 52 | elif [ "$2" = "ip" ] 53 | then 54 | dmesg | grep frdev_dump_ip | tail -1 | tr $ '\n' 55 | elif [ "$2" = "struct" ] 56 | then 57 | dmesg | grep frdev_dump_struct | tail -1 | tr $ '\n' 58 | elif [ "$2" = "numbers" ] 59 | then 60 | dmesg | grep frdev_dump_numbers | tail -1 | tr $ ' ' 61 | else 62 | print_usage &>/proc/self/fd/2 63 | exit 1 64 | fi 65 | else 66 | print_usage &>/proc/self/fd/2 67 | exit 1 68 | fi 69 | 70 | exit $? 71 | -------------------------------------------------------------------------------- /fripadm_white_in_exe.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | 9 | /********/ 10 | #ifndef FR_IP_MEMDEV_MAJOR 11 | #define FR_IP_MEMDEV_MAJOR 0 12 | #endif 13 | #ifndef FR_IP_MEMDEV_NR_DEVS 14 | #define FR_IP_MEMDEV_NR_DEVS 2 15 | #endif 16 | #ifndef FR_IP_MEMDEV_SIZE 17 | #define FR_IP_MEMDEV_SIZE 4096 18 | #endif 19 | 20 | /* for fr_ip_ioctl_para_t's type */ 21 | /* in-black ip */ 22 | #define FR_IP_IOCTL_TYPE_FIND 1 23 | #define FR_IP_IOCTL_TYPE_FIND_BYSTRINGS 2 // * :) 24 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP 3 25 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_BYSTRINGS 4 // * :) 26 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP 5 // * :) 27 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_RANDOMLY 6 //* :) 28 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_BYSTRINGS 7 // * :) 29 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_ALL 8 //* :) 30 | #define FR_IP_IOCTL_TYPE_SWITCH_MIRROR_UPDATE 9 // * :) 31 | #define FR_IP_IOCTL_TYPE_REBUILD 10 // * :) 32 | #define FR_IP_IOCTL_TYPE_COPY_HASH_STRUCT 11 // * 33 | #define FR_IP_IOCTL_TYPE_DUMP 12 //* :) 34 | #define FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP_BINS 13 //* :) 35 | #define FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_BINS 14 //* :) 36 | /* in-white ip */ 37 | #define FR_IP_IOCTL_TYPE_WHITE_FIND 101 38 | #define FR_IP_IOCTL_TYPE_WHITE_FIND_BYSTRINGS 102 // * :) 39 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP 103 40 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_BYSTRINGS 104 // * :) 41 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP 105 42 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_RANDOMLY 106 // * :) 43 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_BYSTRINGS 107 // * :) 44 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_ALL 108 //* :) 45 | #define FR_IP_IOCTL_TYPE_WHITE_SWITCH_MIRROR_UPDATE 109 // * :) 46 | #define FR_IP_IOCTL_TYPE_WHITE_REBUILD 110 // * :) 47 | #define FR_IP_IOCTL_TYPE_WHITE_COPY_HASH_STRUCT 111 // * 48 | #define FR_IP_IOCTL_TYPE_WHITE_DUMP 112 //* :) 49 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP_BINS 113 //* :) 50 | #define FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_BINS 114 //* :) 51 | 52 | struct fr_ip_mem_dev 53 | { 54 | char *data; 55 | unsigned long size; 56 | }; 57 | 58 | struct fr_ip_ioctl_para_t { 59 | void * ptr; 60 | unsigned int size; 61 | unsigned int type; 62 | unsigned int ret; 63 | }; 64 | 65 | #define FR_IP_MEMDEV_IOC_MAGIC 'k' 66 | #define FR_IP_MEMDEV_IOCPRINT _IO(FR_IP_MEMDEV_IOC_MAGIC, 1) 67 | #define FR_IP_MEMDEV_IOCGETDATA _IOR(FR_IP_MEMDEV_IOC_MAGIC, 2, int) 68 | #define FR_IP_MEMDEV_IOCSETDATA _IOW(FR_IP_MEMDEV_IOC_MAGIC, 3, int) 69 | #define FR_IP_MEMDEV_IOC_MAXNR 3 70 | 71 | /********/ 72 | 73 | struct fr_ip_ioctl_para_t gl_para; 74 | 75 | static unsigned int double_hash_find_bystrings(int fd,char * str, unsigned int size) { 76 | 77 | if ( (fd<0)||(str==NULL)||(size==0) ){ 78 | fprintf(stderr,"double_hash_find_bystrings input invalid!\n"); 79 | return 3; 80 | } 81 | 82 | gl_para.ptr=str; 83 | gl_para.size=size; 84 | gl_para.type=FR_IP_IOCTL_TYPE_FIND_BYSTRINGS; 85 | 86 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 87 | { 88 | fprintf(stderr,"double_hash_find_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 89 | return 4; 90 | } 91 | 92 | return gl_para.ret; 93 | } 94 | 95 | static unsigned int double_hash_mirror_insert_bystrings(int fd,char * str, unsigned int size) { 96 | 97 | if ( (fd<0)||(str==NULL)||(size==0) ){ 98 | fprintf(stderr,"double_hash_mirror_insert_bystrings input invalid!\n"); 99 | return 3; 100 | } 101 | 102 | gl_para.ptr=str; 103 | gl_para.size=size; 104 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_INSERT_BYSTRINGS; 105 | 106 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 107 | { 108 | fprintf(stderr,"double_hash_mirror_insert_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 109 | return 4; 110 | } 111 | 112 | return gl_para.ret; 113 | } 114 | 115 | static unsigned int double_hash_mirror_insert_bins(int fd,char * str, unsigned int size) { 116 | 117 | if ( (fd<0)||(str==NULL)||(size==0) ){ 118 | fprintf(stderr,"double_hash_mirror_insert_bins input invalid!\n"); 119 | return 3; 120 | } 121 | 122 | gl_para.ptr=str; 123 | gl_para.size=size; 124 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_INSERT_IP_BINS; 125 | 126 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 127 | { 128 | fprintf(stderr,"double_hash_mirror_insert_bins cmd MEMDEV_IOCSETDATA fail\n"); 129 | return 4; 130 | } 131 | 132 | return gl_para.ret; 133 | } 134 | 135 | static unsigned int double_hash_mirror_delete_bystrings(int fd,char * str, unsigned int size) { 136 | 137 | if ( (fd<0)||(str==NULL)||(size==0) ){ 138 | fprintf(stderr,"double_hash_mirror_delete_bystrings input invalid!\n"); 139 | return 3; 140 | } 141 | 142 | gl_para.ptr=str; 143 | gl_para.size=size; 144 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_BYSTRINGS; 145 | 146 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 147 | { 148 | fprintf(stderr,"double_hash_mirror_delete_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 149 | return 4; 150 | } 151 | 152 | return gl_para.ret; 153 | } 154 | 155 | static unsigned int double_hash_mirror_delete_bins(int fd,char * str, unsigned int size) { 156 | 157 | if ( (fd<0)||(str==NULL)||(size==0) ){ 158 | fprintf(stderr,"double_hash_mirror_delete_bins input invalid!\n"); 159 | return 3; 160 | } 161 | 162 | gl_para.ptr=str; 163 | gl_para.size=size; 164 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_BINS; 165 | 166 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 167 | { 168 | fprintf(stderr,"double_hash_mirror_delete_bins cmd MEMDEV_IOCSETDATA fail\n"); 169 | return 4; 170 | } 171 | 172 | return gl_para.ret; 173 | } 174 | 175 | static unsigned int double_hash_mirror_delete_ip_randomly(int fd,unsigned int size) { 176 | 177 | if ( (fd<0)||(size==0) ){ 178 | fprintf(stderr,"double_hash_mirror_delete_ip_randomly input invalid!\n"); 179 | return 3; 180 | } 181 | 182 | gl_para.size=size; 183 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_IP_RANDOMLY; 184 | 185 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 186 | { 187 | fprintf(stderr,"double_hash_mirror_delete_ip_randomly cmd MEMDEV_IOCSETDATA fail\n"); 188 | return 4; 189 | } 190 | 191 | return gl_para.ret; 192 | } 193 | 194 | 195 | static unsigned int double_hash_mirror_delete_all(int fd) { 196 | 197 | if ( (fd<0) ){ 198 | fprintf(stderr,"double_hash_mirror_delete_all input invalid!\n"); 199 | return 3; 200 | } 201 | 202 | gl_para.type=FR_IP_IOCTL_TYPE_MIRROR_DELETE_ALL; 203 | 204 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 205 | { 206 | fprintf(stderr,"double_hash_mirror_delete_all cmd MEMDEV_IOCSETDATA fail\n"); 207 | return 4; 208 | } 209 | 210 | return gl_para.ret; 211 | } 212 | 213 | static unsigned int double_hash_switch_mirror_update(int fd) { 214 | 215 | if ( (fd<0) ){ 216 | fprintf(stderr,"double_hash_switch_mirror_update input invalid!\n"); 217 | return 3; 218 | } 219 | 220 | gl_para.type=FR_IP_IOCTL_TYPE_SWITCH_MIRROR_UPDATE; 221 | 222 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 223 | { 224 | fprintf(stderr,"double_hash_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 225 | return 4; 226 | } 227 | 228 | return gl_para.ret; 229 | } 230 | 231 | 232 | static unsigned int double_hash_rebuild(int fd,unsigned int modular, unsigned int rnd) { 233 | 234 | unsigned int in[2]; 235 | 236 | if ( (fd<0)||(modular==0) ){ 237 | fprintf(stderr,"double_hash_rebuild input invalid!\n"); 238 | return 3; 239 | } 240 | 241 | in[0]=modular; 242 | in[1]=rnd; 243 | gl_para.ptr=in; 244 | gl_para.size=sizeof(unsigned int)*2; 245 | gl_para.type=FR_IP_IOCTL_TYPE_REBUILD; 246 | 247 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 248 | { 249 | fprintf(stderr,"double_hash_rebuild cmd MEMDEV_IOCSETDATA fail\n"); 250 | return 4; 251 | } 252 | 253 | return gl_para.ret; 254 | } 255 | 256 | static unsigned int double_hash_dump(int fd) { 257 | 258 | if ( (fd<0) ){ 259 | fprintf(stderr,"double_hash_dump input invalid!\n"); 260 | return 3; 261 | } 262 | 263 | gl_para.type=FR_IP_IOCTL_TYPE_DUMP; 264 | 265 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 266 | { 267 | fprintf(stderr,"double_hash_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 268 | return 4; 269 | } 270 | 271 | return gl_para.ret; 272 | } 273 | 274 | static unsigned int double_hash_white_find_bystrings(int fd,char * str, unsigned int size) { 275 | 276 | if ( (fd<0)||(str==NULL)||(size==0) ){ 277 | fprintf(stderr,"double_hash_white_find_bystrings input invalid!\n"); 278 | return 3; 279 | } 280 | 281 | gl_para.ptr=str; 282 | gl_para.size=size; 283 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_FIND_BYSTRINGS; 284 | 285 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 286 | { 287 | fprintf(stderr,"double_hash_white_find_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 288 | return 4; 289 | } 290 | 291 | return gl_para.ret; 292 | } 293 | 294 | static unsigned int double_hash_white_mirror_insert_bystrings(int fd,char * str, unsigned int size) { 295 | 296 | if ( (fd<0)||(str==NULL)||(size==0) ){ 297 | fprintf(stderr,"double_hash_white_mirror_insert_bystrings input invalid!\n"); 298 | return 3; 299 | } 300 | 301 | gl_para.ptr=str; 302 | gl_para.size=size; 303 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_BYSTRINGS; 304 | 305 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 306 | { 307 | fprintf(stderr,"double_hash_white_mirror_insert_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 308 | return 4; 309 | } 310 | 311 | return gl_para.ret; 312 | } 313 | 314 | static unsigned int double_hash_white_mirror_insert_bins(int fd,char * str, unsigned int size) { 315 | 316 | if ( (fd<0)||(str==NULL)||(size==0) ){ 317 | fprintf(stderr,"double_hash_white_mirror_insert_bins input invalid!\n"); 318 | return 3; 319 | } 320 | 321 | gl_para.ptr=str; 322 | gl_para.size=size; 323 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_INSERT_IP_BINS; 324 | 325 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 326 | { 327 | fprintf(stderr,"double_hash_white_mirror_insert_bins cmd MEMDEV_IOCSETDATA fail\n"); 328 | return 4; 329 | } 330 | 331 | return gl_para.ret; 332 | } 333 | 334 | static unsigned int double_hash_white_mirror_delete_bystrings(int fd,char * str, unsigned int size) { 335 | 336 | if ( (fd<0)||(str==NULL)||(size==0) ){ 337 | fprintf(stderr,"double_hash_white_mirror_delete_bystrings input invalid!\n"); 338 | return 3; 339 | } 340 | 341 | gl_para.ptr=str; 342 | gl_para.size=size; 343 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_BYSTRINGS; 344 | 345 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 346 | { 347 | fprintf(stderr,"double_hash_white_mirror_delete_bystrings cmd MEMDEV_IOCSETDATA fail\n"); 348 | return 4; 349 | } 350 | 351 | return gl_para.ret; 352 | } 353 | 354 | static unsigned int double_hash_white_mirror_delete_bins(int fd,char * str, unsigned int size) { 355 | 356 | if ( (fd<0)||(str==NULL)||(size==0) ){ 357 | fprintf(stderr,"double_hash_white_mirror_delete_bins input invalid!\n"); 358 | return 3; 359 | } 360 | 361 | gl_para.ptr=str; 362 | gl_para.size=size; 363 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_BINS; 364 | 365 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 366 | { 367 | fprintf(stderr,"double_hash_white_mirror_delete_bins cmd MEMDEV_IOCSETDATA fail\n"); 368 | return 4; 369 | } 370 | 371 | return gl_para.ret; 372 | } 373 | 374 | static unsigned int double_hash_white_mirror_delete_ip_randomly(int fd,unsigned int size) { 375 | 376 | if ( (fd<0)||(size==0) ){ 377 | fprintf(stderr,"double_hash_white_mirror_delete_ip_randomly input invalid!\n"); 378 | return 3; 379 | } 380 | 381 | gl_para.size=size; 382 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_IP_RANDOMLY; 383 | 384 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 385 | { 386 | fprintf(stderr,"double_hash_white_mirror_delete_ip_randomly cmd MEMDEV_IOCSETDATA fail\n"); 387 | return 4; 388 | } 389 | 390 | return gl_para.ret; 391 | } 392 | 393 | 394 | static unsigned int double_hash_white_mirror_delete_all(int fd) { 395 | 396 | if ( (fd<0) ){ 397 | fprintf(stderr,"double_hash_white_mirror_delete_all input invalid!\n"); 398 | return 3; 399 | } 400 | 401 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_MIRROR_DELETE_ALL; 402 | 403 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 404 | { 405 | fprintf(stderr,"double_hash_white_mirror_delete_all cmd MEMDEV_IOCSETDATA fail\n"); 406 | return 4; 407 | } 408 | 409 | return gl_para.ret; 410 | } 411 | 412 | static unsigned int double_hash_white_switch_mirror_update(int fd) { 413 | 414 | if ( (fd<0) ){ 415 | fprintf(stderr,"double_hash_white_switch_mirror_update input invalid!\n"); 416 | return 3; 417 | } 418 | 419 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_SWITCH_MIRROR_UPDATE; 420 | 421 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 422 | { 423 | fprintf(stderr,"double_hash_white_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 424 | return 4; 425 | } 426 | 427 | return gl_para.ret; 428 | } 429 | 430 | 431 | static unsigned int double_hash_white_rebuild(int fd,unsigned int modular, unsigned int rnd) { 432 | 433 | unsigned int in[2]; 434 | 435 | if ( (fd<0)||(modular==0) ){ 436 | fprintf(stderr,"double_hash_white_rebuild input invalid!\n"); 437 | return 3; 438 | } 439 | 440 | in[0]=modular; 441 | in[1]=rnd; 442 | gl_para.ptr=in; 443 | gl_para.size=sizeof(unsigned int)*2; 444 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_REBUILD; 445 | 446 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 447 | { 448 | fprintf(stderr,"double_hash_white_rebuild cmd MEMDEV_IOCSETDATA fail\n"); 449 | return 4; 450 | } 451 | 452 | return gl_para.ret; 453 | } 454 | 455 | static unsigned int double_hash_white_dump(int fd) { 456 | 457 | if ( (fd<0) ){ 458 | fprintf(stderr,"double_hash_white_dump input invalid!\n"); 459 | return 3; 460 | } 461 | 462 | gl_para.type=FR_IP_IOCTL_TYPE_WHITE_DUMP; 463 | 464 | if (ioctl(fd, FR_IP_MEMDEV_IOCSETDATA, &gl_para) < 0) 465 | { 466 | fprintf(stderr,"double_hash_white_switch_mirror_update cmd MEMDEV_IOCSETDATA fail\n"); 467 | return 4; 468 | } 469 | 470 | return gl_para.ret; 471 | } 472 | 473 | 474 | int main(int argc, char *argv[]) 475 | { 476 | int fd = 0; 477 | int type; 478 | unsigned int ret; 479 | 480 | fd = open("/dev/frdev0",O_RDWR); 481 | if (fd < 0) 482 | { 483 | fprintf(stderr,"Open Dev Mem0 Error!\n"); 484 | return -1; 485 | } 486 | 487 | if(argc<=1) { 488 | fprintf(stderr,"%s usage: ... \n",argv[0]); 489 | ret=-1; 490 | goto end; 491 | } 492 | // fripadm 2 "192.168.31.98 " 493 | type=atoi(argv[1]); 494 | if(type==FR_IP_IOCTL_TYPE_FIND_BYSTRINGS) { 495 | if(argc==3) { 496 | ret=double_hash_white_find_bystrings(fd,argv[2],strlen(argv[2])); 497 | if(ret==1) { 498 | printf("%s is in the double_hash_white_table\n",argv[2]); 499 | ret=0; 500 | goto end; 501 | } 502 | } 503 | else { 504 | fprintf(stderr,"%s usage: ... \n",argv[0]); 505 | ret=-1; 506 | goto end; 507 | } 508 | } 509 | else if(type==FR_IP_IOCTL_TYPE_MIRROR_INSERT_BYSTRINGS) { 510 | if(argc==3) { 511 | ret=double_hash_white_mirror_insert_bystrings(fd,argv[2],strlen(argv[2])); 512 | goto end; 513 | } 514 | else { 515 | fprintf(stderr,"%s usage: ... \n",argv[0]); 516 | ret=-1; 517 | goto end; 518 | } 519 | } 520 | else if(type==FR_IP_IOCTL_TYPE_MIRROR_DELETE_BYSTRINGS) { 521 | if(argc==3) { 522 | ret=double_hash_white_mirror_delete_bystrings(fd,argv[2],strlen(argv[2])); 523 | goto end; 524 | } 525 | else { 526 | fprintf(stderr,"%s usage: ... \n",argv[0]); 527 | ret=-1; 528 | goto end; 529 | } 530 | } 531 | else if(type==FR_IP_IOCTL_TYPE_MIRROR_DELETE_ALL) { 532 | if(argc==2) { 533 | ret=double_hash_white_mirror_delete_all(fd); 534 | goto end; 535 | } 536 | else { 537 | fprintf(stderr,"%s usage: ... \n",argv[0]); 538 | ret=-1; 539 | goto end; 540 | } 541 | } 542 | else if(type==FR_IP_IOCTL_TYPE_SWITCH_MIRROR_UPDATE) { 543 | if(argc==2) { 544 | ret=double_hash_white_switch_mirror_update(fd); 545 | goto end; 546 | } 547 | else { 548 | fprintf(stderr,"%s usage: ... \n",argv[0]); 549 | ret=-1; 550 | goto end; 551 | } 552 | } 553 | else if(type==FR_IP_IOCTL_TYPE_REBUILD) { 554 | if(argc==4) { 555 | ret=double_hash_white_rebuild(fd,(unsigned int)atoi(argv[2]),(unsigned int)atoi(argv[3])); 556 | goto end; 557 | } 558 | else { 559 | fprintf(stderr,"%s usage: ... \n",argv[0]); 560 | ret=-1; 561 | goto end; 562 | } 563 | } 564 | else if(type==FR_IP_IOCTL_TYPE_DUMP) { 565 | if(argc==2) { 566 | ret=double_hash_white_dump(fd); 567 | goto end; 568 | } 569 | else { 570 | fprintf(stderr,"%s usage: ... \n",argv[0]); 571 | ret=-1; 572 | goto end; 573 | } 574 | } 575 | else { 576 | fprintf(stderr,"%s %d error: unknown type :( \n",argv[0],type); 577 | ret=-1; 578 | goto end; 579 | } 580 | end: 581 | close(fd); 582 | return ret; 583 | } 584 | 585 | 586 | 587 | -------------------------------------------------------------------------------- /install_frdev.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | module="frdev" 3 | device="frdev" 4 | mode="664" 5 | 6 | # Group: since distributions do it differently, look for wheel or use staff 7 | if grep '^staff:' /etc/group > /dev/null; then 8 | group="staff" 9 | else 10 | group="wheel" 11 | fi 12 | 13 | # remove stale nodes 14 | rm -f /dev/${device}? 15 | 16 | # invoke insmod with all arguments we got 17 | # and use a pathname, as newer modutils don't look in . by default 18 | /sbin/insmod -f ./$module.ko $* || exit 1 19 | 20 | major=`cat /proc/devices | awk "\\$2==\"$module\" {print \\$1}"` 21 | 22 | mknod /dev/${device}0 c $major 0 23 | mknod /dev/${device}1 c $major 1 24 | ln -sf ${device}0 /dev/${device} 25 | 26 | # give appropriate group/permissions 27 | chgrp $group /dev/${device}[0-1] 28 | chmod $mode /dev/${device}[0-1] 29 | 30 | -------------------------------------------------------------------------------- /uninstall_frdev.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | module="frdev" 3 | device="frdev" 4 | 5 | # invoke rmmod with all arguments we got 6 | /sbin/rmmod $module $* || exit 1 7 | 8 | # remove nodes 9 | rm -f /dev/${device}[0-1] /dev/${device} 10 | 11 | exit 0 12 | 13 | -------------------------------------------------------------------------------- /updates.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hnes/frdev/1575eab30caf2797dc5dbd6715ecc79182442ff5/updates.txt --------------------------------------------------------------------------------