@ -57,8 +57,7 @@ extern int sc_set_caps;
 
		
	
		
			
				# include  <libnet.h>  
		
	
		
			
				
 
		
	
		
			
				
 
		
	
		
			
				typedef  struct  Libnet11Packet_  
		
	
		
			
				{  
		
	
		
			
				typedef  struct  Libnet11Packet_  {  
		
	
		
			
				    uint32_t  ack ,  seq ; 
 
		
	
		
			
				    uint16_t  window ,  dsize ; 
 
		
	
		
			
				    uint8_t  ttl ; 
 
		
	
	
		
			
				
					
						
						
						
							
								 
						
					 
				
			
			@ -71,7 +70,8 @@ typedef struct Libnet11Packet_
 
		
	
		
			
				    size_t  len ; 
 
		
	
		
			
				}  Libnet11Packet ;  
		
	
		
			
				
 
		
	
		
			
				int  RejectSendLibnet11L3IPv4TCP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  {  
		
	
		
			
				int  RejectSendLibnet11L3IPv4TCP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  
		
	
		
			
				{  
		
	
		
			
				
 
		
	
		
			
				    Libnet11Packet  lpacket ; 
 
		
	
		
			
				    libnet_t  * c ;  /* libnet context */ 
 
		
	
	
		
			
				
					
						
						
						
							
								 
						
					 
				
			
			@ -84,8 +84,7 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir)
 
		
	
		
			
				    lpacket . flow  =  0 ; 
 
		
	
		
			
				    lpacket . class  =  0 ; 
 
		
	
		
			
				
 
		
	
		
			
				    if  ( ( c  =  libnet_init  ( LIBNET_RAW4 ,  NULL ,  ebuf ) )  = =  NULL ) 
 
		
	
		
			
				    { 
 
		
	
		
			
				    if  ( ( c  =  libnet_init ( LIBNET_RAW4 ,  NULL ,  ebuf ) )  = =  NULL )  { 
 
		
	
		
			
				        SCLogError ( SC_ERR_LIBNET_INIT , " libnet_inint failed: %s " ,  ebuf ) ; 
 
		
	
		
			
				        return  1 ; 
 
		
	
		
			
				    } 
 
		
	
	
		
			
				
					
						
						
						
							
								 
						
					 
				
			
			@ -96,31 +95,33 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir)
 
		
	
		
			
				    /* save payload len */ 
 
		
	
		
			
				    lpacket . dsize  =  p - > payload_len ; 
 
		
	
		
			
				
 
		
	
		
			
				    if  ( dir  = =  REJECT_DIR_SRC )  { 
 
		
	
		
			
				        SCLogDebug ( " sending a tcp reset to src " ) ; 
 
		
	
		
			
				        lpacket . seq  =  TCP_GET_ACK ( p ) ; 
 
		
	
		
			
				        lpacket . ack  =  TCP_GET_SEQ ( p )  +  lpacket . dsize ; 
 
		
	
		
			
				
 
		
	
		
			
				        lpacket . sp  =  TCP_GET_DST_PORT ( p ) ; 
 
		
	
		
			
				        lpacket . dp  =  TCP_GET_SRC_PORT ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				        lpacket . src4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				        lpacket . dst4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				    } 
 
		
	
		
			
				    else  if  ( dir  = =  REJECT_DIR_DST )  { 
 
		
	
		
			
				        SCLogDebug ( " sending a tcp reset to dst " ) ; 
 
		
	
		
			
				        lpacket . seq  =  TCP_GET_SEQ ( p ) ; 
 
		
	
		
			
				        lpacket . ack  =  TCP_GET_ACK ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				        lpacket . sp  =  TCP_GET_SRC_PORT ( p ) ; 
 
		
	
		
			
				        lpacket . dp  =  TCP_GET_DST_PORT ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				        lpacket . src4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				        lpacket . dst4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				    }  else  { 
 
		
	
		
			
				        SCLogError ( SC_ERR_LIBNET_INVALID_DIR , " reset not src or dst returning " ) ; 
 
		
	
		
			
				        return  1 ; 
 
		
	
		
			
				    switch  ( dir )  { 
 
		
	
		
			
				        case  REJECT_DIR_SRC : 
 
		
	
		
			
				            SCLogDebug ( " sending a tcp reset to src " ) ; 
 
		
	
		
			
				            lpacket . seq  =  TCP_GET_ACK ( p ) ; 
 
		
	
		
			
				            lpacket . ack  =  TCP_GET_SEQ ( p )  +  lpacket . dsize ; 
 
		
	
		
			
				
 
		
	
		
			
				            lpacket . sp  =  TCP_GET_DST_PORT ( p ) ; 
 
		
	
		
			
				            lpacket . dp  =  TCP_GET_SRC_PORT ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				            lpacket . src4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            lpacket . dst4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            break ; 
 
		
	
		
			
				        case  REJECT_DIR_DST : 
 
		
	
		
			
				            SCLogDebug ( " sending a tcp reset to dst " ) ; 
 
		
	
		
			
				            lpacket . seq  =  TCP_GET_SEQ ( p ) ; 
 
		
	
		
			
				            lpacket . ack  =  TCP_GET_ACK ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				            lpacket . sp  =  TCP_GET_SRC_PORT ( p ) ; 
 
		
	
		
			
				            lpacket . dp  =  TCP_GET_DST_PORT ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				            lpacket . src4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            lpacket . dst4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            break ; 
 
		
	
		
			
				        default : 
 
		
	
		
			
				            SCLogError ( SC_ERR_LIBNET_INVALID_DIR , 
 
		
	
		
			
				                       " reset not src or dst returning " ) ; 
 
		
	
		
			
				            return  1 ; 
 
		
	
		
			
				    } 
 
		
	
		
			
				
 
		
	
		
			
				    lpacket . window  =  TCP_GET_WINDOW ( p ) ; 
 
		
	
	
		
			
				
					
						
						
						
							
								 
						
					 
				
			
			@ -130,7 +131,7 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir)
 
		
	
		
			
				    lpacket . ttl  =  64 ; 
 
		
	
		
			
				
 
		
	
		
			
				    /* build the package */ 
 
		
	
		
			
				    if  ( ( libnet_build_tcp   ( 
 
		
	
		
			
				    if  ( ( libnet_build_tcp ( 
 
		
	
		
			
				                    lpacket . sp ,             /* source port */ 
 
		
	
		
			
				                    lpacket . dp ,             /* dst port */ 
 
		
	
		
			
				                    lpacket . seq ,            /* seq number */ 
 
		
	
	
		
			
				
					
						
						
						
							
								 
						
					 
				
			
			@ -149,7 +150,7 @@ int RejectSendLibnet11L3IPv4TCP(ThreadVars *tv, Packet *p, void *data, int dir)
 
		
	
		
			
				        goto  cleanup ; 
 
		
	
		
			
				    } 
 
		
	
		
			
				
 
		
	
		
			
				    if ( ( libnet_build_ipv4 ( 
 
		
	
		
			
				    if   ( ( libnet_build_ipv4 ( 
 
		
	
		
			
				                    LIBNET_TCP_H  +  LIBNET_IPV4_H ,  /* entire packet length */ 
 
		
	
		
			
				                    0 ,                             /* tos */ 
 
		
	
		
			
				                    lpacket . id ,                    /* ID */ 
 
		
	
	
		
			
				
					
						
							
								 
						
						
							
								 
						
						
					 
				
			
			@ -179,7 +180,8 @@ cleanup:
 
		
	
		
			
				    return  0 ; 
 
		
	
		
			
				}  
		
	
		
			
				
 
		
	
		
			
				int  RejectSendLibnet11L3IPv4ICMP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  {  
		
	
		
			
				int  RejectSendLibnet11L3IPv4ICMP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  
		
	
		
			
				{  
		
	
		
			
				    //printf("going to send a ICMP host unreachable\n");
 
 
		
	
		
			
				    Libnet11Packet  lpacket ; 
 
		
	
		
			
				    libnet_t  * c ;  /* libnet context */ 
 
		
	
	
		
			
				
					
						
						
						
							
								 
						
					 
				
			
			@ -193,29 +195,31 @@ int RejectSendLibnet11L3IPv4ICMP(ThreadVars *tv, Packet *p, void *data, int dir)
 
		
	
		
			
				    lpacket . class  =  0 ; 
 
		
	
		
			
				
 
		
	
		
			
				    lpacket . len  =  ( IPV4_GET_HLEN ( p )  +  p - > payload_len ) ; 
 
		
	
		
			
				    if  ( ( c  =  libnet_init   ( LIBNET_RAW4 ,  NULL ,  ebuf ) )  = =  NULL ) { 
 
		
	
		
			
				    if  ( ( c  =  libnet_init ( LIBNET_RAW4 ,  NULL ,  ebuf ) )  = =  NULL )   { 
 
		
	
		
			
				        SCLogError ( SC_ERR_LIBNET_INIT , " libnet_inint failed: %s " ,  ebuf ) ; 
 
		
	
		
			
				        return  1 ; 
 
		
	
		
			
				    } 
 
		
	
		
			
				
 
		
	
		
			
				    if  ( dir  = =  REJECT_DIR_SRC )  { 
 
		
	
		
			
				        lpacket . src4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				        lpacket . dst4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				    } 
 
		
	
		
			
				    else  if  ( dir  = =  REJECT_DIR_DST )  { 
 
		
	
		
			
				        lpacket . src4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				        lpacket . dst4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				
 
		
	
		
			
				    }  else  { 
 
		
	
		
			
				        SCLogError ( SC_ERR_LIBNET_INVALID_DIR , " reset not src or dst returning " ) ; 
 
		
	
		
			
				        return  1 ; 
 
		
	
		
			
				    switch  ( dir )  { 
 
		
	
		
			
				        case  REJECT_DIR_SRC : 
 
		
	
		
			
				            lpacket . src4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            lpacket . dst4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            break ; 
 
		
	
		
			
				        case  REJECT_DIR_DST : 
 
		
	
		
			
				            lpacket . src4  =  GET_IPV4_SRC_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            lpacket . dst4  =  GET_IPV4_DST_ADDR_U32 ( p ) ; 
 
		
	
		
			
				            break ; 
 
		
	
		
			
				        default : 
 
		
	
		
			
				            SCLogError ( SC_ERR_LIBNET_INVALID_DIR , 
 
		
	
		
			
				                       " reset not src or dst returning " ) ; 
 
		
	
		
			
				            return  1 ; 
 
		
	
		
			
				    } 
 
		
	
		
			
				
 
		
	
		
			
				    /* TODO come up with ttl calc function */ 
 
		
	
		
			
				    lpacket . ttl  =  64 ; 
 
		
	
		
			
				
 
		
	
		
			
				    /* build the package */ 
 
		
	
		
			
				    if  ( ( libnet_build_icmpv4_unreach   ( 
 
		
	
		
			
				    if  ( ( libnet_build_icmpv4_unreach ( 
 
		
	
		
			
				                    ICMP_DEST_UNREACH ,         /* type */ 
 
		
	
		
			
				                    ICMP_HOST_ANO ,             /* code */ 
 
		
	
		
			
				                    0 ,                         /* checksum */ 
 
		
	
	
		
			
				
					
						
						
						
							
								 
						
					 
				
			
			@ -228,7 +232,7 @@ int RejectSendLibnet11L3IPv4ICMP(ThreadVars *tv, Packet *p, void *data, int dir)
 
		
	
		
			
				        goto  cleanup ; 
 
		
	
		
			
				    } 
 
		
	
		
			
				
 
		
	
		
			
				    if ( ( libnet_build_ipv4 ( 
 
		
	
		
			
				    if   ( ( libnet_build_ipv4 ( 
 
		
	
		
			
				                    LIBNET_ICMPV4_H  +  LIBNET_IPV4_H  + 
 
		
	
		
			
				                    lpacket . len ,                     /* entire packet length */ 
 
		
	
		
			
				                    0 ,                               /* tos */ 
 
		
	
	
		
			
				
					
						
							
								 
						
						
							
								 
						
						
					 
				
			
			@ -261,14 +265,20 @@ cleanup:
 
		
	
		
			
				
 
		
	
		
			
				# else  
		
	
		
			
				
 
		
	
		
			
				int  RejectSendLibnet11L3IPv4TCP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  {  
		
	
		
			
					SCLogError ( SC_ERR_LIBNET_NOT_ENABLED , " Libnet based rejects are disabled. Usually this means that you don't have libnet installed, or configure couldn't find it. " ) ; 
 
		
	
		
			
					return  0 ; 
 
		
	
		
			
				int  RejectSendLibnet11L3IPv4TCP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  
		
	
		
			
				{  
		
	
		
			
				    SCLogError ( SC_ERR_LIBNET_NOT_ENABLED ,  " Libnet based rejects are disabled. " 
 
		
	
		
			
				                " Usually this means that you don't have libnet installed, " 
 
		
	
		
			
				                "  or configure couldn't find it. " ) ; 
 
		
	
		
			
				    return  0 ; 
 
		
	
		
			
				}  
		
	
		
			
				
 
		
	
		
			
				int  RejectSendLibnet11L3IPv4ICMP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  {  
		
	
		
			
				    SCLogError ( SC_ERR_LIBNET_NOT_ENABLED , " Libnet based rejects are disabled. Usually this means that you don't have libnet installed, or configure couldn't find it. " ) ; 
 
		
	
		
			
					return  0 ; 
 
		
	
		
			
				int  RejectSendLibnet11L3IPv4ICMP ( ThreadVars  * tv ,  Packet  * p ,  void  * data ,  int  dir )  
		
	
		
			
				{  
		
	
		
			
				    SCLogError ( SC_ERR_LIBNET_NOT_ENABLED ,  " Libnet based rejects are disabled. " 
 
		
	
		
			
				                " Usually this means that you don't have libnet installed, " 
 
		
	
		
			
				                "  or configure couldn't find it. " ) ; 
 
		
	
		
			
				    return  0 ; 
 
		
	
		
			
				}  
		
	
		
			
				
 
		
	
		
			
				# endif  /* HAVE_LIBNET11 */