Jan Engelhardt wrote:
commit 60425bec17c83f58e5ef1e833898a65af292cf64
Author: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Date: Sun Aug 10 17:46:28 2008 -0400
[NETFILTER]: xt_length match, revision 1
Introduce xt_length match revision 1. It adds support for layer-4,
layer-5 and layer-7 length matching. It is much easier than writing
up the according xt_u32 magic.
This can be used for packet scheduling; specific example are online
games where all data is transferred over the same port, but the
regular gameplay has a characteristically lower packet size than bulk
downloads of game maps. (Tested with Unreal Tournament 99.)
I still think this is too ugly to live, additionally:
+static bool
+xtlength_layer7_sctp(unsigned int *length, const struct sk_buff *skb,
+ unsigned int offset)
+{
+ const struct sctp_chunkhdr *ch;
+ struct sctp_chunkhdr chbuf;
+ unsigned int pos;
+
+ *length = 0;
+ for (pos = sizeof(struct sctphdr); pos < skb->len;
+ pos += ntohs(ch->length)) {
Endless loop
+ ch = skb_header_pointer(skb, offset + pos,
+ sizeof(chbuf), &chbuf);
+ if (ch == NULL)
+ return false;
+ if (ch->type != SCTP_CID_DATA)
+ continue;
+ *length += ntohs(ch->length);
+ }
+ return true;
+}
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
