From: Ralph Ronnquist Date: Mon, 17 Feb 2025 12:04:59 +0000 (+1100) Subject: Fix packet type access X-Git-Tag: 0.1 X-Git-Url: https://git.rrq.au/?a=commitdiff_plain;p=rrq%2Fnfblocker.git Fix packet type access --- diff --git a/src/nfblocker.c b/src/nfblocker.c index 4a5bd9b..0d551c5 100644 --- a/src/nfblocker.c +++ b/src/nfblocker.c @@ -44,9 +44,8 @@ struct ipv6_pkt { // Payload packet struct packet { union { - unsigned int packet_type:4; // 4 or 6 - struct ipv4_pkt packet4; - struct ipv6_pkt packet6; + struct ipv4_pkt pkt4; + struct ipv6_pkt pkt6; } p; //unsigned char pad[12]; // ?? }; @@ -61,13 +60,13 @@ static struct packet *get_headerP(unsigned char *data) { static const char *tell_ip(struct packet *ip) { static char THEIP[200]; - switch ( ip->p.packet_type ) { + switch ( ip->p.pkt4.first.ip_v ) { case 4: - return inet_ntop( AF_INET, &ip->p.packet4.first.ip_dst, THEIP, 200 ); + return inet_ntop( AF_INET, &ip->p.pkt4.first.ip_dst, THEIP, 200 ); case 6: - return inet_ntop( AF_INET6, &ip->p.packet6.first.ip6_dst, THEIP, 200 ); + return inet_ntop( AF_INET6, &ip->p.pkt6.first.ip6_dst, THEIP, 200 ); } - snprintf( THEIP, 200, "%d ???", ip->p.packet_type ); + snprintf( THEIP, 200, "%d ???", ip->p.pkt4.first.ip_v ); return THEIP; } @@ -79,7 +78,7 @@ static void view_payload(unsigned char *data,int length) { u_int16_t port = 0; u_int8_t syn = 0; unsigned char *body = data ;//+ sizeof( struct packet ); - switch ( header->p.packet_type ) { + switch ( header->p.pkt4.first.ip_v ) { case 4: port = ntohs( ((struct ipv4_pkt *) data )->second.th_dport ); syn = sizeof( struct ipv4_pkt ); @@ -113,7 +112,7 @@ static unsigned char buffer[1000]; static unsigned char *ssl_host(unsigned char *data,int length) { // Check that it's a "Client Hello" message unsigned char *p; - switch ( ((struct packet *) data)->p.packet_type ) { + switch ( ((struct packet *) data)->p.pkt4.first.ip_v ) { case 4: p = data + sizeof( struct ipv4_pkt ) + 12; //?? break; @@ -126,26 +125,26 @@ static unsigned char *ssl_host(unsigned char *data,int length) { if ( p[0] != 0x16 || p[1] != 0x03 || p[5] != 0x01 || p[6] != 0x00 ) { return 0; } - //fprintf( stderr, "Client Hello\n" ); + fprintf( stderr, "Client Hello\n" ); // Note minor version p[2] is not checked // record_length = 256 * p[3] + p[4] // handshake_message_length = 256 * p[7] + p[8] if ( p[9] != 0x03 || p[10] != 0x03 ) { // TLS 1.2 (?ralph?) return 0; } - //fprintf( stderr, "TLS 1.2\n" ); + fprintf( stderr, "TLS 1.2\n" ); unsigned int i = 46 + ( 256 * p[44] ) + p[45]; i += p[i] + 1; unsigned int extensions_length = ( 256 * p[i] ) + p[i+1]; i += 2; int k = 0; - //fprintf( stderr, "TLS 1.2 %d %d\n", i, extensions_length ); + fprintf( stderr, "TLS 1.2 %d %d\n", i, extensions_length ); while ( k < extensions_length ) { unsigned int type = ( 256 * p[i+k] ) + p[i+k+1]; k += 2; unsigned int length = ( 256 * p[i+k] ) + p[i+k+1]; k += 2; - //fprintf( stderr, "Extension %d %d\n", k-4, type ); + fprintf( stderr, "Extension %d %d\n", k-4, type ); if ( type == 0 ) { // Server Name if ( p[i+k+2] ) { break; // Name badness @@ -169,7 +168,7 @@ static unsigned char *ssl_host(unsigned char *data,int length) { */ static unsigned char *http_host(unsigned char *data,int length) { unsigned char *body = data + sizeof( struct packet ); - switch ( ((struct packet *) data)->p.packet_type ) { + switch ( ((struct packet *) data)->p.pkt4.first.ip_v ) { case 4: body = data + sizeof( struct ipv4_pkt ); break;