Moves XTTARPIT_RESET into its own function.
Signed-off-by: Josh Hunt <johunt@xxxxxxxxxx>
---
extensions/xt_TARPIT.c | 21 +++++++++++++++------
1 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/extensions/xt_TARPIT.c b/extensions/xt_TARPIT.c
index 6c75184..5d8af70 100644
--- a/extensions/xt_TARPIT.c
+++ b/extensions/xt_TARPIT.c
@@ -133,6 +133,19 @@ static bool xttarpit_honeypot(struct tcphdr *oth, struct tcphdr *tcph,
return true;
}
+static bool xttarpit_reset(struct tcphdr *oth, struct tcphdr *tcph)
+{
+
+ tcph->window = 0;
+ tcph->ack = false;
+ tcph->syn = false;
+ tcph->rst = true;
+ tcph->seq = oth->ack_seq;
+ tcph->ack_seq = oth->seq;
+
+ return true;
+}
+
static void tarpit_tcp(struct sk_buff *oldskb, unsigned int hook,
unsigned int mode)
{
@@ -205,12 +218,8 @@ static void tarpit_tcp(struct sk_buff *oldskb, unsigned int hook,
if (!xttarpit_honeypot(oth, tcph, payload))
return;
} else if (mode == XTTARPIT_RESET) {
- tcph->window = 0;
- tcph->ack = false;
- tcph->syn = false;
- tcph->rst = true;
- tcph->seq = oth->ack_seq;
- tcph->ack_seq = oth->seq;
+ if (!xttarpit_reset(oth, tcph))
+ return;
}
/* Adjust TCP checksum */
--
1.7.0.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
