1#ifndef APP_FILTER_H 2#define APP_FILTER_H 3 4#define AF_VERSION "5.0" 5#define AF_FEATURE_CONFIG_FILE "/tmp/feature.cfg" 6 7#define MAX_DPI_PKT_NUM 64 8#define MIN_HTTP_DATA_LEN 16 9#define MAX_APP_NAME_LEN 64 10#define MAX_FEATURE_NUM_PER_APP 16 11#define MIN_FEATURE_STR_LEN 16 12#define MAX_FEATURE_STR_LEN 128 13#define MAX_HOST_URL_LEN 128 14#define MAX_REQUEST_URL_LEN 128 15#define MAX_FEATURE_BITS 16 16#define MAX_POS_INFO_PER_FEATURE 16 17#define MAX_FEATURE_LINE_LEN 256 18#define MIN_FEATURE_LINE_LEN 16 19#define MAX_URL_MATCH_LEN 64 20#define MAX_BYPASS_DPI_PKT_LEN 600 21 22//#define CONFIG_KERNEL_FUNC_TEST 1 23 24#define HTTP_GET_METHOD_STR "GET" 25#define HTTP_POST_METHOD_STR "POST" 26#define HTTP_HEADER "HTTP" 27#define NIPQUAD(addr) \ 28 ((unsigned char *)&addr)[0], \ 29 ((unsigned char *)&addr)[1], \ 30 ((unsigned char *)&addr)[2], \ 31 ((unsigned char *)&addr)[3] 32#define NIPQUAD_FMT "%u.%u.%u.%u" 33#define MAC_ARRAY(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5] 34#define MAC_FMT "%02x:%02x:%02x:%02x:%02x:%02x" 35 36#define AF_TRUE 1 37#define AF_FALSE 0 38 39#define AF_APP_TYPE(a) (a) / 1000 40#define AF_APP_ID(a) (a) % 1000 41#define MAC_ADDR_LEN 6 42 43#define HTTPS_URL_OFFSET 9 44#define HTTPS_LEN_OFFSET 7 45 46enum AF_FEATURE_PARAM_INDEX{ 47 AF_PROTO_PARAM_INDEX, 48 AF_SRC_PORT_PARAM_INDEX, 49 AF_DST_PORT_PARAM_INDEX, 50 AF_HOST_URL_PARAM_INDEX, 51 AF_REQUEST_URL_PARAM_INDEX, 52 AF_DICT_PARAM_INDEX, 53}; 54 55 56#define OAF_NETLINK_ID 29 57#define MAX_OAF_NL_MSG_LEN 1024 58 59enum E_MSG_TYPE{ 60 AF_MSG_INIT, 61 AF_MSG_MAX 62}; 63enum AF_WORK_MODE { 64 AF_MODE_GATEWAY, 65 AF_MODE_BYPASS, 66 AF_MODE_BRIDGE, 67}; 68 69typedef struct af_msg{ 70 int action; 71 void *data; 72}af_msg_t; 73 74struct af_msg_hdr{ 75 int magic; 76 int len; 77}; 78 79enum e_http_method{ 80 HTTP_METHOD_GET = 1, 81 HTTP_METHOD_POST, 82}; 83typedef struct http_proto{ 84 int match; 85 int method; 86 char *url_pos; 87 int url_len; 88 char *host_pos; 89 int host_len; 90 char *data_pos; 91 int data_len; 92}http_proto_t; 93 94typedef struct https_proto{ 95 int match; 96 char *url_pos; 97 int url_len; 98}https_proto_t; 99 100typedef struct flow_info{ 101 struct nf_conn *ct; 102 u_int32_t src; 103 u_int32_t dst; 104 int l4_protocol; 105 u_int16_t sport; 106 u_int16_t dport; 107 unsigned char *l4_data; 108 int l4_len; 109 http_proto_t http; 110 https_proto_t https; 111 u_int32_t app_id; 112 u_int8_t app_name[MAX_APP_NAME_LEN]; 113 u_int8_t drop; 114 u_int8_t dir; 115 u_int16_t total_len; 116}flow_info_t; 117 118 119 120typedef struct af_pos_info{ 121 int pos; 122 unsigned char value; 123}af_pos_info_t; 124 125#define MAX_PORT_RANGE_NUM 5 126 127typedef struct range_value 128{ 129 int not ; 130 int start; 131 int end; 132} range_value_t; 133 134typedef struct port_info 135{ 136 u_int8_t mode; // 0: match, 1: not match 137 int num; 138 range_value_t range_list[MAX_PORT_RANGE_NUM]; 139} port_info_t; 140 141typedef struct af_feature_node{ 142 struct list_head head; 143 u_int32_t app_id; 144 char app_name[MAX_APP_NAME_LEN]; 145 char feature_str[MAX_FEATURE_NUM_PER_APP][MAX_FEATURE_STR_LEN]; 146 u_int32_t proto; 147 u_int32_t sport; 148 u_int32_t dport; 149 port_info_t dport_info; 150 char host_url[MAX_HOST_URL_LEN]; 151 char request_url[MAX_REQUEST_URL_LEN]; 152 int pos_num; 153 af_pos_info_t pos_info[MAX_POS_INFO_PER_FEATURE]; 154}af_feature_node_t; 155 156typedef struct af_mac_info { 157 struct list_head hlist; 158 unsigned char mac[MAC_ADDR_LEN]; 159}af_mac_info_t; 160 161int af_register_dev(void); 162void af_unregister_dev(void); 163void af_init_app_status(void); 164int af_get_app_status(int appid); 165int regexp_match(char *reg, char *text); 166void af_mac_list_init(void); 167void af_mac_list_clear(void); 168af_mac_info_t * find_af_mac(unsigned char *mac); 169int is_user_match_enable(void); 170extern int g_oaf_enable; 171 172#endif 173