1 /* 2 * Copyright (c) 2003+ Evgeniy Polyakov <zbr@ioremap.net> 3 * 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 2 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, see <http://www.gnu.org/licenses/>. 17 */ 18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 19 #include <linux/module.h> 20 #include <linux/kernel.h> 21 22 #include <linux/capability.h> 23 #include <linux/if.h> 24 #include <linux/inetdevice.h> 25 #include <linux/ip.h> 26 #include <linux/list.h> 27 #include <linux/rculist.h> 28 #include <linux/skbuff.h> 29 #include <linux/slab.h> 30 #include <linux/tcp.h> 31 32 #include <net/ip.h> 33 #include <net/tcp.h> 34 35 #include <linux/netfilter/nfnetlink.h> 36 #include <linux/netfilter/x_tables.h> 37 #include <net/netfilter/nf_log.h> 38 #include <linux/netfilter/xt_osf.h> 39 40 static bool 41 xt_osf_match_packet(const struct sk_buff *skb, struct xt_action_param *p) 42 { 43 return nf_osf_match(skb, xt_family(p), xt_hooknum(p), xt_in(p), 44 xt_out(p), p->matchinfo, xt_net(p), nf_osf_fingers); 45 } 46 47 static struct xt_match xt_osf_match = { 48 .name = "osf", 49 .revision = 0, 50 .family = NFPROTO_IPV4, 51 .proto = IPPROTO_TCP, 52 .hooks = (1 << NF_INET_LOCAL_IN) | 53 (1 << NF_INET_PRE_ROUTING) | 54 (1 << NF_INET_FORWARD), 55 .match = xt_osf_match_packet, 56 .matchsize = sizeof(struct xt_osf_info), 57 .me = THIS_MODULE, 58 }; 59 60 static int __init xt_osf_init(void) 61 { 62 int err; 63 64 err = xt_register_match(&xt_osf_match); 65 if (err) { 66 pr_err("Failed to register OS fingerprint " 67 "matching module (%d)\n", err); 68 return err; 69 } 70 71 return 0; 72 } 73 74 static void __exit xt_osf_fini(void) 75 { 76 xt_unregister_match(&xt_osf_match); 77 } 78 79 module_init(xt_osf_init); 80 module_exit(xt_osf_fini); 81 82 MODULE_LICENSE("GPL"); 83 MODULE_AUTHOR("Evgeniy Polyakov <zbr@ioremap.net>"); 84 MODULE_DESCRIPTION("Passive OS fingerprint matching."); 85 MODULE_ALIAS("ipt_osf"); 86 MODULE_ALIAS("ip6t_osf"); 87 MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_OSF); 88