Browse files

initial import

  • Loading branch information...
0 parents commit 9176be1a755eb457a09c1e664ddad4c72dabdd7d Andre Graf committed Mar 20, 2011
Showing with 18,118 additions and 0 deletions.
  1. +55 −0 LUA/Kbuild
  2. +389 −0 LUA/Makefile
  3. +1 −0 LUA/Makefile.am
  4. +389 −0 LUA/Makefile.in
  5. +3 −0 LUA/Mbuild
  6. +145 −0 LUA/byte_array.c
  7. +604 −0 LUA/controller.c
  8. +264 −0 LUA/controller.h
  9. +191 −0 LUA/libxt_LUA.c
  10. +1 −0 LUA/libxt_LUA.man
  11. 0 LUA/lua/include/assert.h
  12. +11 −0 LUA/lua/include/ctype.h
  13. +1 −0 LUA/lua/include/errno.h
  14. 0 LUA/lua/include/limits.h
  15. +5 −0 LUA/lua/include/locale.h
  16. 0 LUA/lua/include/math.h
  17. +26 −0 LUA/lua/include/setjmp.h
  18. +1 −0 LUA/lua/include/stdio.h
  19. +7 −0 LUA/lua/include/stdlib.h
  20. +1 −0 LUA/lua/include/string.h
  21. +1,086 −0 LUA/lua/lapi.c
  22. +16 −0 LUA/lua/lapi.h
  23. +674 −0 LUA/lua/lauxlib.c
  24. +184 −0 LUA/lua/lauxlib.h
  25. +647 −0 LUA/lua/lbaselib.c
  26. +838 −0 LUA/lua/lcode.c
  27. +76 −0 LUA/lua/lcode.h
  28. +637 −0 LUA/lua/ldebug.c
  29. +33 −0 LUA/lua/ldebug.h
  30. +515 −0 LUA/lua/ldo.c
  31. +57 −0 LUA/lua/ldo.h
  32. +164 −0 LUA/lua/ldump.c
  33. +174 −0 LUA/lua/lfunc.c
  34. +34 −0 LUA/lua/lfunc.h
  35. +711 −0 LUA/lua/lgc.c
  36. +110 −0 LUA/lua/lgc.h
  37. +460 −0 LUA/lua/llex.c
  38. +81 −0 LUA/lua/llex.h
  39. +125 −0 LUA/lua/llimits.h
  40. +86 −0 LUA/lua/lmem.c
  41. +49 −0 LUA/lua/lmem.h
  42. +215 −0 LUA/lua/lobject.c
  43. +381 −0 LUA/lua/lobject.h
  44. +102 −0 LUA/lua/lopcodes.c
  45. +268 −0 LUA/lua/lopcodes.h
  46. +1,339 −0 LUA/lua/lparser.c
  47. +82 −0 LUA/lua/lparser.h
  48. +214 −0 LUA/lua/lstate.c
  49. +169 −0 LUA/lua/lstate.h
  50. +110 −0 LUA/lua/lstring.c
  51. +31 −0 LUA/lua/lstring.h
  52. +883 −0 LUA/lua/lstrlib.c
  53. +588 −0 LUA/lua/ltable.c
  54. +40 −0 LUA/lua/ltable.h
  55. +288 −0 LUA/lua/ltablib.c
  56. +74 −0 LUA/lua/ltm.c
  57. +54 −0 LUA/lua/ltm.h
  58. +387 −0 LUA/lua/lua.h
  59. +797 −0 LUA/lua/luaconf.h
  60. +55 −0 LUA/lua/lualib.h
  61. +227 −0 LUA/lua/lundump.c
  62. +36 −0 LUA/lua/lundump.h
  63. +762 −0 LUA/lua/lvm.c
  64. +36 −0 LUA/lua/lvm.h
  65. +81 −0 LUA/lua/lzio.c
  66. +67 −0 LUA/lua/lzio.h
  67. +60 −0 LUA/lua/setjmp.S
  68. +61 −0 LUA/lua/setjmp_64.S
  69. +64 −0 LUA/nf_lua.c
  70. +486 −0 LUA/prot_buf_dynamic.c
  71. +60 −0 LUA/prot_buf_ethernet.c
  72. +216 −0 LUA/prot_buf_helpers.c
  73. +49 −0 LUA/prot_buf_icmp.c
  74. +209 −0 LUA/prot_buf_ip.c
  75. +43 −0 LUA/prot_buf_raw.c
  76. +188 −0 LUA/prot_buf_tcp.c
  77. +87 −0 LUA/prot_buf_tftp.c
  78. +53 −0 LUA/prot_buf_udp.c
  79. +36 −0 LUA/xt_LUA.h
  80. +69 −0 LUA/xt_LUA.mod.c
  81. +286 −0 LUA/xt_LUA_target.c
  82. +14 −0 README
55 LUA/Kbuild
@@ -0,0 +1,55 @@
+# -*- Makefile -*-
+
+# Adding debug options
+EXTRA_CFLAGS += -DDEBUG
+
+obj-m += xt_LUA.o
+
+EXTRA_CFLAGS += -I$(src)/prot_buf_new
+xt_LUA-y += xt_LUA_target.o \
+
+xt_LUA-y += nf_lua.o \
+ prot_buf_helpers.o \
+ byte_array.o \
+ controller.o \
+ prot_buf_ethernet.o \
+ prot_buf_icmp.o \
+ prot_buf_ip.o \
+ prot_buf_raw.o \
+ prot_buf_tcp.o \
+ prot_buf_udp.o \
+ prot_buf_tftp.o \
+ prot_buf_dynamic.o \
+
+
+# Adding Lua Support
+EXTRA_CFLAGS += -I$(src)/lua -I$(src)/lua/include
+xt_LUA-y += lua/lapi.o \
+ lua/lbaselib.o \
+ lua/lcode.o \
+ lua/ldebug.o \
+ lua/ldo.o \
+ lua/ldump.o \
+ lua/lfunc.o \
+ lua/lgc.o \
+ lua/llex.o \
+ lua/lmem.o \
+ lua/lobject.o \
+ lua/lopcodes.o \
+ lua/lparser.o \
+ lua/lstate.o \
+ lua/lstring.o \
+ lua/lstrlib.o \
+ lua/ltable.o \
+ lua/ltablib.o \
+ lua/ltm.o \
+ lua/lundump.o \
+ lua/lvm.o \
+ lua/lzio.o \
+ lua/lauxlib.o \
+
+# Lua exception handling
+xt_LUA-y += lua/setjmp.o
+
+# on 64bit machine
+# xt_LUA-y += lua/setjmp_64.o
389 LUA/Makefile
@@ -0,0 +1,389 @@
+# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# extensions/LUA/Makefile. Generated from Makefile.in by configure.
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
+# Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+
+
+# -*- Makefile -*-
+# AUTOMAKE
+
+pkgdatadir = $(datadir)/xtables-addons
+pkgincludedir = $(includedir)/xtables-addons
+pkglibdir = $(libdir)/xtables-addons
+pkglibexecdir = $(libexecdir)/xtables-addons
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = i686-pc-linux-gnu
+host_triplet = i686-pc-linux-gnu
+DIST_COMMON = $(srcdir)/../../Makefile.extra $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+subdir = extensions/LUA
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+SOURCES =
+DIST_SOURCES =
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = ${SHELL} /home/andre/Dropbox/xtables-addons/missing --run aclocal-1.11
+AMTAR = ${SHELL} /home/andre/Dropbox/xtables-addons/missing --run tar
+AR = ar
+AUTOCONF = ${SHELL} /home/andre/Dropbox/xtables-addons/missing --run autoconf
+AUTOHEADER = ${SHELL} /home/andre/Dropbox/xtables-addons/missing --run autoheader
+AUTOMAKE = ${SHELL} /home/andre/Dropbox/xtables-addons/missing --run automake-1.11
+AWK = mawk
+CC = gcc
+CCDEPMODE = depmode=gcc3
+CFLAGS = -g -O2
+CPP = gcc -E
+CPPFLAGS =
+CYGPATH_W = echo
+DEFS = -DHAVE_CONFIG_H
+DEPDIR = .deps
+DSYMUTIL =
+DUMPBIN =
+ECHO_C =
+ECHO_N = -n
+ECHO_T =
+EGREP = /bin/grep -E
+EXEEXT =
+FGREP = /bin/grep -F
+GREP = /bin/grep
+INSTALL = /usr/bin/install -c
+INSTALL_DATA = ${INSTALL} -m 644
+INSTALL_PROGRAM = ${INSTALL}
+INSTALL_SCRIPT = ${INSTALL}
+INSTALL_STRIP_PROGRAM = $(install_sh) -c -s
+LD = /usr/bin/ld
+LDFLAGS =
+LIBOBJS =
+LIBS =
+LIBTOOL = $(SHELL) $(top_builddir)/libtool
+LIPO =
+LN_S = ln -s
+LTLIBOBJS =
+MAKEINFO = ${SHELL} /home/andre/Dropbox/xtables-addons/missing --run makeinfo
+MKDIR_P = /bin/mkdir -p
+NM = /usr/bin/nm -B
+NMEDIT =
+OBJDUMP = objdump
+OBJEXT = o
+OTOOL =
+OTOOL64 =
+PACKAGE = xtables-addons
+PACKAGE_BUGREPORT =
+PACKAGE_NAME = xtables-addons
+PACKAGE_STRING = xtables-addons 1.21
+PACKAGE_TARNAME = xtables-addons
+PACKAGE_URL =
+PACKAGE_VERSION = 1.21
+PATH_SEPARATOR = :
+PKG_CONFIG = /usr/bin/pkg-config
+RANLIB = ranlib
+SED = /bin/sed
+SET_MAKE =
+SHELL = /bin/bash
+STRIP = strip
+VERSION = 1.21
+abs_builddir = /home/andre/Dropbox/xtables-addons/extensions/LUA
+abs_srcdir = /home/andre/Dropbox/xtables-addons/extensions/LUA
+abs_top_builddir = /home/andre/Dropbox/xtables-addons
+abs_top_srcdir = /home/andre/Dropbox/xtables-addons
+ac_ct_CC = gcc
+ac_ct_DUMPBIN =
+am__include = include
+am__leading_dot = .
+am__quote =
+am__tar = ${AMTAR} chof - "$$tardir"
+am__untar = ${AMTAR} xf -
+bindir = ${exec_prefix}/bin
+build = i686-pc-linux-gnu
+build_alias =
+build_cpu = i686
+build_os = linux-gnu
+build_vendor = pc
+builddir = .
+datadir = ${datarootdir}
+datarootdir = ${prefix}/share
+docdir = ${datarootdir}/doc/${PACKAGE_TARNAME}
+dvidir = ${docdir}
+exec_prefix = ${prefix}
+host = i686-pc-linux-gnu
+host_alias =
+host_cpu = i686
+host_os = linux-gnu
+host_vendor = pc
+htmldir = ${docdir}
+includedir = ${prefix}/include
+infodir = ${datarootdir}/info
+install_sh = ${SHELL} /home/andre/Dropbox/xtables-addons/install-sh
+kbuilddir = /lib/modules/2.6.33-020633-generic/build
+kinclude_CFLAGS = -I /lib/modules/2.6.33-020633-generic/build/include
+ksourcedir =
+libdir = ${exec_prefix}/lib
+libexecdir = ${exec_prefix}/libexec
+libxtables_CFLAGS =
+libxtables_LIBS = -L/lib -lxtables
+localedir = ${datarootdir}/locale
+localstatedir = ${prefix}/var
+lt_ECHO = echo
+mandir = ${datarootdir}/man
+mkdir_p = /bin/mkdir -p
+oldincludedir = /usr/include
+pdfdir = ${docdir}
+prefix = /usr/local
+program_transform_name = s,x,x,
+psdir = ${docdir}
+regular_CFLAGS = -D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64 -D_REENTRANT -Wall -Waggregate-return -Wmissing-declarations -Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes -Winline -pipe -DXTABLES_LIBDIR=\"${xtlibdir}\"
+sbindir = ${exec_prefix}/sbin
+sharedstatedir = ${prefix}/com
+srcdir = .
+sysconfdir = ${prefix}/etc
+target_alias =
+top_build_prefix = ../../
+top_builddir = ../..
+top_srcdir = ../..
+xtlibdir = ${libexecdir}/xtables
+XA_SRCDIR = ${srcdir}
+XA_TOPSRCDIR = ${top_srcdir}
+XA_ABSTOPSRCDIR = ${abs_top_srcdir}
+_mcall = -f ${top_builddir}/Makefile.iptrules
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(srcdir)/../../Makefile.extra $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign extensions/LUA/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign extensions/LUA/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+tags: TAGS
+TAGS:
+
+ctags: CTAGS
+CTAGS:
+
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile all-local
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-local mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-exec-local
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am all-local check check-am clean clean-generic \
+ clean-libtool clean-local distclean distclean-generic \
+ distclean-libtool distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-exec-local \
+ install-html install-html-am install-info install-info-am \
+ install-man install-pdf install-pdf-am install-ps \
+ install-ps-am install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am uninstall uninstall-am
+
+export XA_SRCDIR
+export XA_TOPSRCDIR
+export XA_ABSTOPSRCDIR
+
+all-local: user-all-local
+
+install-exec-local: user-install-local
+
+clean-local: user-clean-local
+
+user-all-local:
+ ${MAKE} ${_mcall} all;
+
+# Have no user-install-data-local ATM
+user-install-local: user-install-exec-local
+
+user-install-exec-local:
+ ${MAKE} ${_mcall} install;
+
+user-clean-local:
+ ${MAKE} ${_mcall} clean;
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+
1 LUA/Makefile.am
@@ -0,0 +1 @@
+include ../../Makefile.extra
389 LUA/Makefile.in
@@ -0,0 +1,389 @@
+# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
+# Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# -*- Makefile -*-
+# AUTOMAKE
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+DIST_COMMON = $(srcdir)/../../Makefile.extra $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
+subdir = extensions/LUA
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+SOURCES =
+DIST_SOURCES =
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKG_CONFIG = @PKG_CONFIG@
+RANLIB = @RANLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+VERSION = @VERSION@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+kbuilddir = @kbuilddir@
+kinclude_CFLAGS = @kinclude_CFLAGS@
+ksourcedir = @ksourcedir@
+libdir = @libdir@
+libexecdir = @libexecdir@
+libxtables_CFLAGS = @libxtables_CFLAGS@
+libxtables_LIBS = @libxtables_LIBS@
+localedir = @localedir@
+localstatedir = @localstatedir@
+lt_ECHO = @lt_ECHO@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+regular_CFLAGS = @regular_CFLAGS@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+xtlibdir = @xtlibdir@
+XA_SRCDIR = ${srcdir}
+XA_TOPSRCDIR = ${top_srcdir}
+XA_ABSTOPSRCDIR = ${abs_top_srcdir}
+_mcall = -f ${top_builddir}/Makefile.iptrules
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(srcdir)/../../Makefile.extra $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign extensions/LUA/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign extensions/LUA/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+tags: TAGS
+TAGS:
+
+ctags: CTAGS
+CTAGS:
+
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile all-local
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-local mostlyclean-am
+
+distclean: distclean-am
+ -rm -f Makefile
+distclean-am: clean-am distclean-generic
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-exec-local
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am all-local check check-am clean clean-generic \
+ clean-libtool clean-local distclean distclean-generic \
+ distclean-libtool distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-exec-local \
+ install-html install-html-am install-info install-info-am \
+ install-man install-pdf install-pdf-am install-ps \
+ install-ps-am install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am uninstall uninstall-am
+
+export XA_SRCDIR
+export XA_TOPSRCDIR
+export XA_ABSTOPSRCDIR
+
+all-local: user-all-local
+
+install-exec-local: user-install-local
+
+clean-local: user-clean-local
+
+user-all-local:
+ ${MAKE} ${_mcall} all;
+
+# Have no user-install-data-local ATM
+user-install-local: user-install-exec-local
+
+user-install-exec-local:
+ ${MAKE} ${_mcall} install;
+
+user-clean-local:
+ ${MAKE} ${_mcall} clean;
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
+
3 LUA/Mbuild
@@ -0,0 +1,3 @@
+# -*- Makefile -*-
+
+obj-${build_LUA} += libxt_LUA.so
145 LUA/byte_array.c
@@ -0,0 +1,145 @@
+/*
+ * Copyright (C) 2010 University of Basel <http://cn.cs.unibas.ch/>
+ * by Andre Graf <andre@dergraf.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+#include "controller.h"
+
+/* Initialization helper function. This function should be used whenever
+ * a new byte array need to be initialized. Depending on the arguments it
+ * initializes the array in a different way. Have a look at the inline
+ * comments */
+lua_packet_segment * init_byte_array(lua_State *L, unsigned char * start, int length, int do_copy)
+{
+ lua_packet_segment *array;
+
+ if (length < 0)
+ luaL_error(L, "init_byte_array, requested size < 0");
+
+ if (start && do_copy) {
+ /* we have a start address where we copy from */
+ array = lua_newuserdata(L, sizeof(lua_packet_segment) + length);
+ array->start = (unsigned char *)array + sizeof(lua_packet_segment); /* aligning pointer */
+ memcpy(array->start, start, length);
+ }else if (start && !do_copy) {
+ /* just link the start pointer, in this case you have to free the memory yourself */
+ array = lua_newuserdata(L, sizeof(lua_packet_segment));
+ array->start = start;
+ }else{
+ /* create an empty array, fully managed by Lua */
+ array = lua_newuserdata(L, sizeof(lua_packet_segment) + length);
+ array->start = (unsigned char *)array + sizeof(lua_packet_segment); /* aligning pointer */
+ memset(array->start, 0, length);
+ }
+
+ array->length = length;
+ array->offset = 0;
+ array->changes = NULL;
+
+ luaL_getmetatable(L, LUA_BYTE_ARRAY);
+ lua_setmetatable(L, -2);
+
+ return array;
+}
+
+
+
+/* LUA_API: get one byte of the given byte array
+ * access-pattern: array[<index>] */
+static int32_t get_byte_array(lua_State *L)
+{
+ lua_packet_segment * array = checkbytearray(L, 1);
+ int32_t index = luaL_checkinteger(L, 2); /* array starts with index 0 (not 1 as usual in Lua) */
+
+ luaL_argcheck(L, 0 <= index && index < array->length, 1, "index out of range");
+ lua_pushinteger(L, (array->start + array->offset)[index]);
+
+ return 1;
+}
+
+/* LUA_API: set one byte of the given byte array
+ * access-pattern: array[<index>]= 0xFF */
+static int32_t set_byte_array(lua_State *L)
+{
+ lua_packet_segment * array = checkbytearray(L, 1);
+ uint8_t byte;
+ int32_t index = luaL_checkinteger(L, 2); /* array starts with index 0 (not 1 as usual in Lua) */
+ int32_t val = luaL_checkinteger(L, 3);
+ uint32_t nob = 1 << CHAR_BIT; /* we should use something like 1 << CHAR_BIT */
+
+ luaL_argcheck(L, 0 <= index && index < array->length, 1, "index out of range");
+ luaL_argcheck(L, 0 <= val && val < nob, 2, "cannot cast value to char");
+
+ byte = (uint8_t)val;
+
+ (array->start + array->offset)[index] = byte;
+
+ return 0;
+}
+
+/* LUA_API: get size of the given byte array
+ * access-pattern: #array (__length meta-method) */
+static int32_t get_byte_array_size(lua_State *L)
+{
+ lua_packet_segment * array = checkbytearray(L, 1);
+
+ lua_pushnumber(L, array->length);
+
+ return 1;
+}
+
+
+/* LUA_API: converts a given byte array to a string.
+ * access-pattern: implicit through functions calling the
+ * __to_string() metamethod , e.g. print32_t */
+static int32_t byte_array_to_string(lua_State *L)
+{
+ lua_packet_segment * array = checkbytearray(L, 1);
+ uint8_t buf[(array->length * 3) + 255];
+ uint8_t hexval[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+ char res[255 + (array->length * 3)]; /* make sure the buffer is big enough*/
+ int32_t i, n;
+ uint8_t *ptr = array->start + array->offset;
+
+ for (i = 0; i < array->length; i++) {
+ buf[i * 3] = hexval[(ptr[i] >> 4) & 0xF];
+ buf[(i * 3) + 1] = hexval[ptr[i] & 0x0F];
+ buf[(i * 3) + 2] = ' '; /* seperator */
+ }
+
+ buf[array->length * 3] = '\0';
+ n = sprintf(res, "byte_array: length: %d value: %s", array->length, buf);
+
+ lua_pushlstring(L, res, n);
+
+ return 1;
+}
+
+static const struct luaL_Reg bytearray_lib_m [] = {
+ { "__len", get_byte_array_size },
+ { "__newindex", set_byte_array },
+ { "__index", get_byte_array },
+ { "__tostring", byte_array_to_string },
+ { NULL, NULL }
+};
+
+void luaopen_bytearraylib(lua_State *L)
+{
+ luaL_newmetatable(L, LUA_BYTE_ARRAY);
+ luaL_register(L, NULL, bytearray_lib_m);
+ lua_pop(L, 1);
+}
+
+
604 LUA/controller.c
@@ -0,0 +1,604 @@
+/*
+ * Copyright (C) 2010 University of Basel <http://cn.cs.unibas.ch/>
+ * by Andre Graf <andre@dergraf.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#if defined(__KERNEL__)
+ #include <linux/mm.h>
+#endif
+#include "controller.h"
+
+/* the array 'supported_protocols' holds all pointers to the
+ * static and dynamic protocol buffers. It is filled by the
+ * call to register_protbuf */
+static struct protocol_buf * supported_protocols[MAX_NR_OF_PROTOCOLS];
+
+/* C_API: the function 'get_protocol_buf' returns the pointer
+ * to the protocol buffer of a given protocol id. */
+struct protocol_buf * get_protocol_buf(uint32_t protocol_id)
+{
+ return (struct protocol_buf *)supported_protocols[protocol_id];
+}
+
+
+/* LUA_INT: the function 'gc_packet_segment' is triggered by the
+ * garbage collector whenever a userdata annotated with one of
+ * the protocol buffer metatable should be collected. */
+static int32_t gc_packet_segment(lua_State *L)
+{
+ lua_packet_segment * seg = (lua_packet_segment *)lua_touserdata(L, 1);
+ if (seg && seg->changes) {
+ seg->changes->ref_count--;
+ if (seg->changes->ref_count <= 0) {
+ kfree(seg->changes->field_length_changes);
+ kfree(seg->changes->field_offset_changes);
+ kfree(seg->changes);
+ seg->changes = NULL;
+ }
+ }
+ return 0;
+}
+
+
+/* LUA_API: the function 'set_raw' is used to set the bytes of a segment
+ * in 'raw' mode. The function is per default available in each protocol
+ * buffer until it gets overridden by a specific setter function inside
+ * a protocol buffer.
+ *
+ * Parameters:
+ * 1. lua_packet_segment (implicit)
+ * 2. int32_t byte_value
+ *
+ * Upvalues:
+ * 1. struct protocol_buf*
+ * 2. int32_t field index, not used in this function
+ *
+ * Return: void
+ */
+static int32_t set_raw(lua_State *L)
+{
+ int32_t i;
+ uint32_t nob;
+ uint8_t byte;
+ uint8_t *ptr;
+ struct protocol_buf * prot_buf = (struct protocol_buf *)lua_topointer(L, lua_upvalueindex(1));
+ lua_packet_segment * seg = checkpacketseg(L, 1, prot_buf->name);
+
+ int32_t val = luaL_checkinteger(L, 2);
+
+ nob = 1 << CHAR_BIT;
+
+ luaL_argcheck(L, 0 <= val && val < nob, 2, "cannot cast value to char");
+
+ byte = (uint8_t)val;
+ ptr = seg->start + seg->offset;
+
+ for (i = 0; i < seg->length; i++)
+ ptr[i] = byte;
+
+ return 0;
+}
+
+/* LUA_API: the function 'get_raw' is used to get the bytes of a segment
+ * in 'raw' mode. The function is per default available in each protocol
+ * buffer until it gets overridden by a specific getter function inside
+ * a protocol buffer.
+ *
+ * Parameters:
+ * 1. lua_packet_segment (implicit)
+ * 2. uint32_t offset
+ * 3. uint32_t length
+ *
+ * Upvalues:
+ * 1. struct protocol_buf*
+ * 2. int32_t field index, not used in this function
+ *
+ * Return:
+ * the byte array representing the given array
+ */
+static int32_t get_raw(lua_State *L)
+{
+ struct protocol_buf * prot_buf = (struct protocol_buf *)lua_topointer(L, lua_upvalueindex(1));
+ lua_packet_segment * seg = checkpacketseg(L, 1, prot_buf->name);
+
+ init_byte_array(L, seg->start + seg->offset, seg->length, 1);
+
+ return 1;
+}
+/* LUA_API: The function 'get_segment' is used to get a new segment in 'raw' mode.
+ * Typically this function is applied on another raw segment in order
+ * to extract a part of the segment as new segment.
+ *
+ * Parameters:
+ * 1. lua_packet_segment, implicit through object oriented access seg:raw(..)
+ * 2. uint32_t offset, this indicates where to start the new segment, see e.g below.
+ * 3. uint32_t length, this indicates the size of the new segment
+ *
+ * Upvalues:
+ * 1. struct protocol_buf*
+ * 2. int32_t field index, not used in this function
+ *
+ * Return:
+ * 1. A lua_packet_segment annotated with the according metatable or False in
+ * case the input data is not valid
+ *
+ * Example:
+ *
+ * +------------------------+---------------------------------------+
+ * | function call | resulting lua_packet_segment |
+ * +========================+===+===+===+===+===+===+===+===+===+===+
+ * | seg = packet:raw(0,10) | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |
+ * +------------------------+---+---+---+---+---+---+---+---+---+---+
+ * | 1st_half = seg:raw(0,5)| 0 | 1 | 2 | 3 | 4 | |
+ * +------------------------+---+---+---+---+---+---+---+---+---+---+
+ * | 2nd_half = seg:raw(5,5)| | 5 | 6 | 7 | 8 | 9 |
+ * +------------------------+-------------------+---+---+---+---+---+
+ */
+static int32_t get_segment(lua_State *L)
+{
+ struct protocol_buf * prot_buf = (struct protocol_buf *)lua_topointer(L, lua_upvalueindex(1));
+ lua_packet_segment * seg = checkpacketseg(L, 1, prot_buf->name);
+ uint32_t offset = luaL_checkinteger(L, 2);
+ uint32_t length = luaL_checkinteger(L, 3);
+ lua_packet_segment * new = (lua_packet_segment *)lua_newuserdata(L, sizeof(lua_packet_segment));
+
+ new->start = seg->start;
+ new->offset = seg->offset + offset;
+ new->changes = NULL;
+ /* we allow a seg->length == 0 , this enables processing packets where the packetsize is not fixed (0 = not fixed)*/
+ if (seg->length != 0 && length > seg->length) {
+ lua_pushboolean(L, 0);
+ return 1;
+ }
+
+ new->length = length;
+ luaL_getmetatable(L, prot_buf->name);
+ lua_setmetatable(L, -2);
+
+ return 1;
+}
+
+/* LUA_API: the function 'get_segment_size' is used to get the size of a segment.
+ *
+ * Parameters:
+ * 1. lua_packet_segment, implicit through object oriented access seg:raw(..)
+ *
+ * Upvalues:
+ * 1. struct protocol_buf*
+ * 2. int32_t field index, not used in this function
+ *
+ * Return:
+ * 1. Size as lua_Number
+ */
+static int32_t get_segment_size(lua_State *L)
+{
+ struct protocol_buf * prot_buf = (struct protocol_buf *)lua_topointer(L, lua_upvalueindex(1));
+ lua_packet_segment * seg = checkpacketseg(L, 1, prot_buf->name);
+
+ lua_pushnumber(L, seg->length);
+ return 1;
+}
+
+/* LUA_API: the function 'get_segment_offset' is used to get the real offset
+ * of a segment. This function returns the offset of the segment to the start
+ * of the buffer. This means the following
+ * seg1 = packet:raw(2,10)
+ * seg2 = seg1:raw(3,5)
+ * offset = seg2:get_offset()
+ *
+ * will give an offset of 5, since the seg1 starts at offset 2, and seg2 starts
+ * at offset (seg1:get_offset() + 3).
+ *
+ * Parameters:
+ * 1. lua_packet_segment, implicit through object oriented access seg:raw(..)
+ *
+ * Upvalues:
+ * 1. struct protocol_buf*
+ * 2. int32_t field index, not used in this function
+ *
+ * Return:
+ * 1. Offset as lua_Number
+ */
+static int32_t get_segment_offset(lua_State *L)
+{
+ struct protocol_buf * prot_buf = (struct protocol_buf *)lua_topointer(L, lua_upvalueindex(1));
+ lua_packet_segment * seg = checkpacketseg(L, 1, prot_buf->name);
+
+ lua_pushnumber(L, seg->offset);
+ return 1;
+}
+
+/* LUA_API: overwrites the __tostring function of a lua_packet_segment.
+ * this will print32_t a nicely formated string, including length,
+ * offset and name of the protocol buffer.
+ *
+ * Parameters:
+ * 1. lua_packet_segment (implicit)
+ *
+ * Returns:
+ * 1. the representing string
+ */
+static int32_t packet_segment_tostring(lua_State *L)
+{
+ struct protocol_buf * prot_buf = (struct protocol_buf *)lua_topointer(L, lua_upvalueindex(1));
+ lua_packet_segment * seg = checkpacketseg(L, 1, prot_buf->name);
+ int32_t n;
+ char buf[128];
+
+ n = sprintf(buf, "type: %s, offset: %d, length: %d", prot_buf->name, seg->offset, seg->length);
+ lua_pushlstring(L, buf, n);
+
+ return 1;
+}
+
+
+static const struct luaL_Reg seg_access_functions [] = {
+ { "set", set_raw },
+ { "get", get_raw },
+ { "raw", get_segment },
+ { "get_offset", get_segment_offset },
+ { "get_size", get_segment_size },
+ { "to_bytes", get_raw },
+ { "__tostring", packet_segment_tostring },
+ { "__gc", gc_packet_segment },
+ { NULL, NULL }
+};
+
+/* C_API: the function 'get_metatable_from_protocol_type' is a helper
+ * used in controller.c as well as it may find usage in the static
+ * protocol buffers and byte array implementation. */
+void get_metatable_from_protocol_type(lua_State *L, int32_t type)
+{
+ char * table;
+ lua_getglobal(L, SUPPORTED_PROTOCOL_TABLE);
+ lua_rawgeti(L, -1, type);
+ table = (char *)luaL_checkstring(L, -1);
+ lua_pop(L, 2); /* pop the table SUPPORTED_PROTOCOL_TABLE and the string pushed by lua_gettable */
+ luaL_getmetatable(L, table);
+ return;
+}
+
+/* C_INT: the function 'payload_contains_protocol' is used internally.
+ * Depending if static or dynamic protocol buffer it calls the right
+ * validation function. */
+static int32_t payload_contains_protocol(lua_State *L, struct protocol_buf *prot_buf, lua_packet_segment *seg, uint32_t prot_type)
+{
+ if (prot_buf->is_dynamic)
+ return has_protocol_dynamic(L, prot_buf, seg, prot_type);
+ else
+ return prot_buf->has_protocol(L, prot_buf, seg, prot_type);
+}
+
+/* C_INT: the function 'protocol_get_field_changes' is used interally.
+ * It requests the field_changes struct calling the protocol buffers
+ * 'get_field_changes' function. This funciton is called, whenever
+ * the payload field with a given protocol type is requested inside
+ * the function 'get_protocol_field' */
+static struct field_changes * protocol_get_field_changes(lua_State *L, struct protocol_buf *prot_buf, lua_packet_segment * seg)
+{
+ struct field_changes * changes = NULL;
+
+ if (prot_buf->get_field_changes) {
+ if (prot_buf->is_dynamic)
+ changes = get_field_changes_dynamic(L, prot_buf, seg);
+ else
+ changes = prot_buf->get_field_changes(L, seg);
+ /* is already 1 when set by helper 'get_allocated_field_changes,
+ * since not every prot_buf may use this function we enforce it. */
+ changes->ref_count = 1;
+ }
+ return changes;
+}
+
+/* C_INT: the function 'get_field_offset_in_bytes' wrapps the logic of
+ * calculating the new length with considering the optional field_changes. */
+static int32_t get_field_offset_in_bytes(struct protocol_field * field, lua_packet_segment * seg, int32_t field_index)
+{
+ uint32_t nr_of_bits, nr_of_bytes, field_offset;
+
+ field_offset = field->offset;
+ /* do we need to manipulate the default values stored inside the protocol buffer ?? */
+ if (seg->changes)
+ field_offset += seg->changes->field_offset_changes[field_index];
+ /* how many bits remain */
+ nr_of_bits = field_offset & (CHAR_BIT - 1);
+ /* assuming CHAR_BIT == 2 ^ 3 */
+ nr_of_bytes = (field_offset - nr_of_bits) >> 3;
+
+ return seg->offset + nr_of_bytes;
+}
+
+/* C_INT: the function 'get_field_length_in_bytes' wrapps the logic of
+ * calculating the new offset with considering the optional field_changes. */
+static int32_t get_field_length_in_bytes(struct protocol_field * field, lua_packet_segment * seg, int32_t field_index)
+{
+ uint32_t nr_of_bits, nr_of_bytes, field_length;
+
+ field_length = field->length;
+ /* if the field length is smaller than 1 byte, we take the size of one byte
+ * we treat the case where field_length == 0 in a special way ...*/
+ if (field_length < CHAR_BIT && field_length > 0)
+ field_length = CHAR_BIT;
+
+ /* do we need to manipulate the default values stored inside the protocol buffer ?? */
+ if (seg->changes)
+ field_length += seg->changes->field_length_changes[field_index];
+ /* how many bits remain */
+ nr_of_bits = field_length & (CHAR_BIT - 1);
+ /* assuming CHAR_BIT == 2 ^ 3 */
+ nr_of_bytes = (field_length - nr_of_bits) >> 3;
+ return nr_of_bytes;
+}
+
+/* C_INT: the function 'initialize_field_getter_and_setter' initializes
+ * the setter and getter function of the field, considering the optional
+ * field manipulator functions defined inside the protocol buffers. */
+static void initialize_field_getter_and_setter(lua_State *L, struct protocol_buf *prot_buf, int32_t field_index)
+{
+ /* lets check if there is a metatable on top of the stack */
+ struct protocol_field * f = (struct protocol_field *)&prot_buf->protocol_fields[field_index];
+
+ if (!lua_istable(L, -1)) luaL_error(L, "cannot initialize getter and setter for field %s->%s, "
+ "not a table on top of the stack, is '%s'", prot_buf->name, f->name, lua_typename(L, lua_type(L, -1)));
+
+ /* is there a 'getter' to initialize ? */
+ lua_pushlightuserdata(L, prot_buf); /* push upvalue 1 */
+ lua_pushinteger(L, field_index); /* push upvalue 2 */
+ if (f->get) {
+ if (prot_buf->is_dynamic)
+ lua_pushcclosure(L, field_dynamic_getter, 2);
+ else
+ lua_pushcclosure(L, f->get, 2);
+ }else
+ /* there is no specific getter defined - fall back to 'get_raw' */
+ lua_pushcclosure(L, get_raw, 2);
+ /* set the metatable field 'get' */
+ lua_setfield(L, -2, "get");
+
+ /* is there a 'setter' to initialize ? */
+ lua_pushlightuserdata(L, prot_buf); /* push upvalue 1 */
+ lua_pushinteger(L, field_index); /* push upvalue 2 */
+ if (f->set) {
+ if (prot_buf->is_dynamic)
+ lua_pushcclosure(L, field_dynamic_setter, 2);
+ else
+ lua_pushcclosure(L, f->set, 2);
+ }else
+ /* there is no specific setter defined - fall back to 'set_raw' */
+ lua_pushcclosure(L, set_raw, 2);
+ /* set the metatable field 'set' */
+ lua_setfield(L, -2, "set");
+}
+
+/* LUA_API: 'get_protocol_field' is used in Lua as a closure for each field of a protocol
+ * buffer. E.g a call to ip = packet:data(packet_ip) will go to this function,
+ * and trigger the conversion of the raw packet to a ip packet. Each call
+ * to a field function of an IP packet, like ip:daddr() uses this function
+ * to to return the right data. In each case you will end up either with a
+ * new packet segment (annotated with the proper metatable) or a boolean
+ * value (False) if something went wrong. In the case everything went fine,
+ * the newly created lua_packet_segment is annotated with the proper
+ * metatable where the fields get and set also contain the specific getter
+ * and setter functions given by the protocol buffer. E.g. the function call
+ * ip:daddr():get() or ip:daddr():set(...) will call the proper function
+ * defined inside the corresponding field definition.
+ *
+ * Parameters:
+ * 1. lua_packet_segment, implicit through object oriented access seg:raw(..)
+ * 2. type of the protocol buffer, optional, and only used if the accessed
+ * field is the payload field. If a type is provided for the access of the
+ * payload field, the function tries to convert the data pointed to by the
+ * payload field to the given type. To check if such a conversion is
+ * possible, it calls the function pointed to by the protocol buffer member
+ * has_protocol. If this function returns True, the conversion takes place.
+ *
+ * Upvalues:
+ * 1. struct protocol_buf*
+ * 2. int32_t field index
+ *
+ * Return:
+ * 1. A lua_packet_segment annotated with the according metatable or False in
+ * case the input data is not valid
+ */
+static int32_t get_protocol_field(lua_State *L)
+{
+ int32_t prot_type;
+ lua_packet_segment * seg, *new;
+ struct protocol_buf * prot_buf = (struct protocol_buf *)lua_topointer(L, lua_upvalueindex(1));
+ int32_t field_index = lua_tointeger(L, lua_upvalueindex(2));
+ struct protocol_field * field = &prot_buf->protocol_fields[field_index];
+
+ /* get the current packet segment */
+ seg = checkpacketseg(L, 1, prot_buf->name);
+
+ /* initialize the new packet segment */
+ new = (lua_packet_segment *)lua_newuserdata(L, sizeof(lua_packet_segment));
+ new->start = seg->start; /* the start is unchanged */
+ new->offset = get_field_offset_in_bytes(field, seg, field_index);
+ new->length = get_field_length_in_bytes(field, seg, field_index);
+
+ /* if new->length == 0 then no configuration was done, we guess the size by subtracting the
+ * new offset from the packet length. since the old length is getting initialized by the
+ * netfilter extension this assumption holds for the very last field of the protocol.
+ * this 'feature' should be used by protocol buffers containing a payload, whereas the
+ * payload field is the last field of the buffer. However, at compile-time unknown field
+ * sizes (and offsets) of fields not being placed at the end of the protocol should be
+ * initialized using the 'get_field_changes' hook system. */
+ if (new->length == 0)
+ new->length = (seg->length + seg->offset) - (new->offset);
+ /*
+ printf("%s->%s:: seg->offset %i, seg->length %i, new->offset %i, new->length %i\n",
+ prot_buf->name, field->name, seg->offset, seg->length, new->offset, new->length);
+ */
+ /* special care for packet payload requests */
+ if (prot_buf->payload_field != NULL && strcmp(prot_buf->payload_field, field->name) == 0) {
+ /* we know the payload field is requested */
+ /* the requested payload can be delivered either as a common segment or as
+ * an other packet type, such a conversion needs an extra protocol parameter
+ * ... so lets check */
+
+ if (lua_isnumber(L, 2)) {
+ /* we have an extra parameter, ... lets see if it is a valid protocol
+ * the parameter is the index of the 'supported_protocols'-array member */
+ prot_type = lua_tointeger(L, 2);
+ if (prot_type >= 0 && prot_type < PACKET_SENTINEL) {
+ /* we are sure the purpose of the request is to get the payload data,
+ * converted to the given protocol. lets check if the payload contains
+ * data of the given protocol */
+ if (payload_contains_protocol(L, prot_buf, seg, prot_type)) {
+ /* success, we can push the metatable for the given protocol */
+ get_metatable_from_protocol_type(L, prot_type);
+ if (!lua_isnil(L, -1)) /* check if the metatable was found */
+ /* perhaps the field offsets and lengths of the containing protocol
+ * are not set correctly. request the optional 'field_changes' structure
+ * holding the changes for lengths and offsets. */
+ new->changes = protocol_get_field_changes(L, get_protocol_buf(prot_type), new);
+ else{
+ /* failed, the requested protocol is not available
+ * we push false and return */
+ lua_pop(L, 1); /* pop the userdata */
+ lua_pushboolean(L, 0);
+ return 1;
+ }
+ }else{
+ /* payload does not carry the provided protocol */
+ /* we push false and return */
+ lua_pop(L, 1); /* pop the userdata */
+ lua_pushboolean(L, 0);
+ return 1;
+ }
+ }else{
+ /* unknown protocol */
+ lua_pop(L, 1); /* pop the userdata */
+ luaL_error(L, "provided protocol is unknown");
+ }
+ }
+ }
+
+ /* if there is still the 'new' userdata on the top, we push our own metatable */
+ if (lua_isuserdata(L, -1)) {
+ luaL_getmetatable(L, prot_buf->name);
+ new->changes = seg->changes;
+ if (seg->changes)
+ new->changes->ref_count++;
+ }
+
+ /* a new packet segment is at index -2 , and the proper metatable at index -1 of the stack
+ * lets set the propper setter and getter function for the requested field */
+ initialize_field_getter_and_setter(L, prot_buf, field_index);
+
+ lua_setmetatable(L, -2);
+ return 1;
+}
+
+/* C_API: 'register_protbuf' is only used internally. This function takes a
+ * pointer to a fully initialized protocol buffer struct and registers it
+ * inside the Lua state. Registering means:
+ *
+ * 1. it creates a new metatable with the name of the protocol buffer.
+ * 2. it registers the default functions which are stored in the luaL_Reg
+ * array seg_access_functions.
+ * 3. it loops over the protocol fields stored at prot_buf->protocol_fields
+ * and registers a new function (using the field name) inside the
+ * metatable. Each field points to the function 'get_protocol_field'
+ * which acts as a closure taking a pointer to the protocol buffer as
+ * well as the index of the field as upvalues.
+ * 4. The protocol index, serves as numerical identifier of this protocol
+ * buffer or even of the protocol itself. This index is stored as a
+ * global value inside the Lua state as well as inside the Lua table
+ * 'supported_protocols'. Assuming the name of a procotol buffer is
+ * "packet_ip" the following statements are true:
+ *
+ * supported_protocols[protocol_index] == "packet_ip"
+ * packet_ip == protocol_index
+ *
+ * This allows you to get all registered protocols from within Lua. This
+ * is especially usefull for the dynamic protocol buffers where you have
+ * to provide your own "has_protocol"-function, which probably needs the
+ * information on which protocols it is able to contain.
+ */
+void register_protbuf(lua_State *L, struct protocol_buf * prot_buf, uint32_t protocol_index)
+{
+ int32_t field_index;
+ luaL_Reg *reg = (struct luaL_Reg *)seg_access_functions;
+ struct protocol_field * field = prot_buf->protocol_fields;
+
+ luaL_newmetatable(L, prot_buf->name);
+
+ /* metatable.__index = metatable */
+ lua_pushvalue(L, -1); /* duplicates the metatable */
+ lua_setfield(L, -2, "__index");
+
+ /* pushing default functions */
+ for (; reg->name; reg++) {
+ lua_pushlightuserdata(L, (void *)prot_buf);
+ lua_pushcclosure(L, reg->func, 1);
+ lua_setfield(L, -2, reg->name);
+ }
+
+ /* pushing functions specific to the protocol buffer */
+ for (field_index = 0; field->name; field++, field_index++) {
+ lua_pushlightuserdata(L, (void *)prot_buf); /* upvalue: prot_buf */
+ lua_pushinteger(L, field_index); /* upvalue: index of protocol field */
+ lua_pushcclosure(L, get_protocol_field, 2);
+ lua_setfield(L, -2, field->name);
+ }
+ /* pop the metatable */
+ lua_pop(L, 1);
+
+ /* registering the array-index as the protocol_id*/
+ lua_getglobal(L, "_G");
+ lua_pushinteger(L, protocol_index);
+ lua_setfield(L, -2, prot_buf->name);
+ lua_pop(L, 1); /* pop _G */
+
+ lua_getglobal(L, SUPPORTED_PROTOCOL_TABLE);
+ lua_pushstring(L, prot_buf->name);
+ lua_rawseti(L, -2, protocol_index);
+
+ lua_pop(L, 1); /* pop SUPPORTED_PROTOCOL_TABLE */
+
+ supported_protocols[protocol_index] = prot_buf;
+}
+
+void luaopen_controller(lua_State *L)
+{
+ /* registering a table inside the _G with table[protocol_index] = prot_buf->name */
+ lua_getglobal(L, "_G");
+ lua_newtable(L);
+ lua_setfield(L, -2, SUPPORTED_PROTOCOL_TABLE);
+ lua_pop(L, 1); /* pop _G */
+
+ luaopen_protbuf_raw(L);
+ luaopen_protbuf_eth(L);
+ luaopen_protbuf_ip(L);
+ luaopen_protbuf_icmp(L);
+ luaopen_protbuf_tcp(L);
+ luaopen_protbuf_tcp_options(L);
+ luaopen_protbuf_udp(L);
+ luaopen_protbuf_tftp(L);
+ luaopen_protbuf_dynamic(L);
+ /* should follow all other static buffers */
+#if defined(__KERNEL__)
+ luaopen_nflib(L);
+#endif
+
+ luaopen_bytearraylib(L);
+}
+
+
+
+
264 LUA/controller.h
@@ -0,0 +1,264 @@
+/*
+ * Copyright (C) 2010 University of Basel <http://cn.cs.unibas.ch/>
+ * by Andre Graf <andre@dergraf.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef CONTROLLER_H_
+#define CONTROLLER_H_
+
+#include "stdlib.h" /* wrapper */
+#include "string.h" /* wrapper */
+#include "lua.h"
+#include "lualib.h"
+#include "lauxlib.h"
+
+#if defined(__KERNEL__)
+#include <linux/skbuff.h>
+#include <linux/slab.h>
+#include <linux/vmalloc.h>
+#endif
+
+
+/* to compile the stuff in userspace (for testing)*/
+#if !defined(__KERNEL__)
+#include <stdint.h>
+#define pr_debug printf;
+
+#define kmalloc(size, type) malloc(size)
+#define kfree(ptr) free(ptr)
+
+#endif
+
+
+/**********************************************************************/
+/* nf Lua configuration */
+/**********************************************************************/
+#define MAX_NR_OF_PROTOCOLS 16
+#define SUPPORTED_PROTOCOL_TABLE "supported_protocols"
+
+#define MAX_NR_OF_FIELDS_IN_DYN_PROT_BUF 32
+
+
+/**********************************************************************/
+/* Static Protocol Buffer configuration */
+/**********************************************************************/
+
+/* the definitions of the stringified expression of the prot_bufs...
+ * make sure all static prot_bufs are listed and are unique */
+#define LUA_PACKET_SEG_RAW "packet_raw"
+#define LUA_PACKET_SEG_ETH "packet_eth"
+#define LUA_PACKET_SEG_ICMP "packet_icmp"
+#define LUA_PACKET_SEG_IP "packet_ip"
+#define LUA_PACKET_SEG_TCP "packet_tcp"
+#define LUA_PACKET_SEG_TCP_OPT "packet_tcp_opt"
+#define LUA_PACKET_SEG_UDP "packet_udp"
+#define LUA_PACKET_SEG_TFTP "packet_tftp"
+
+/* the enum holding all static prot_bufs... make sure it contains all
+ * static prot_bufs */
+enum PROT_BUF {
+ PACKET_RAW,
+ PACKET_ETH,
+ PACKET_IP,
+ PACKET_ICMP,
+ PACKET_TCP,
+ PACKET_TCP_OPTIONS,
+ PACKET_UDP,
+ PACKET_TFTP,
+ PACKET_DYNAMIC,
+ PACKET_SENTINEL
+};
+
+/* the luaopen-function of the prot_bufs... make sure it is called
+ * inside luaopen_controller */
+void luaopen_protbuf_raw(lua_State *L);
+void luaopen_protbuf_eth(lua_State *L);
+void luaopen_protbuf_ip(lua_State *L);
+void luaopen_protbuf_icmp(lua_State *L);
+void luaopen_protbuf_tcp(lua_State *L);
+void luaopen_protbuf_tcp_options(lua_State *L);
+void luaopen_protbuf_udp(lua_State *L);
+void luaopen_protbuf_tftp(lua_State *L);
+void luaopen_protbuf_dynamic(lua_State *L);
+
+/**********************************************************************/
+/* field changes */
+/**********************************************************************/
+struct field_changes {
+ int ref_count;
+ int *field_length_changes;
+ int *field_offset_changes;
+};
+
+/**********************************************************************/
+/* lua packet segment */
+/* ------------------ */
+/* The struct lua_packet_segment is the integral part of a Lua packet.*/
+/* At the very beginning, when a new packet arrives in `lua_tg`_ such */
+/* a struct is initialized. The field start then points to the lowest */
+/* available header inside the sk_buff structure. During packet */
+/* processing the start pointer remains the same, only the offset and */
+/* length value change. */
+/**********************************************************************/
+#define checkpacketseg(L, i, seg_type) \
+ (lua_packet_segment *)luaL_checkudata(L, i, seg_type)
+
+typedef struct lua_packet_segment {
+ unsigned int offset;
+ unsigned int length;
+ struct field_changes * changes;
+ unsigned char * start; /* need to be at the end because of the memory alignment */
+} lua_packet_segment;
+
+/**********************************************************************/
+/* protocol field */
+/* -------------- */
+/* This structure is a container for the field definitions used by the*/
+/* protocol buffer. Each protocol field is expressed using this struct*/
+/* Have a look at the protocol buffers to see how the struct gets */
+/* initialized. */
+/* */
+/* name: */
+/* This member expresses the name of the field, ending */
+/* in its own Lua function to access the field. */
+/* offset / length: */
+/* These members do specify the position inside the protocol header */
+/* in bits (not bytes!). */
+/* get / set: */
+/* The get and set functions take a function pointer pointing to the*/
+/* specific getter and setter function for this field. */
+/**********************************************************************/
+struct protocol_field {
+ const char * name;
+ uint32_t offset;
+ uint32_t length;
+ lua_CFunction get;
+ lua_CFunction set;
+};
+#define PROT_FIELD_SENTINEL { NULL, 0, 0, NULL, NULL }
+
+
+/**********************************************************************/
+/* protocol_buf */
+/**********************************************************************/
+/* This structure is a container for all the information needed for a
+ * protocol buffer. It gets initialized in each protocol buffer header
+ * file or for the dynamic protocol buffers on runtime using the
+ * 'register_dynamic_protocol_buffer' function.
+ *
+ * name:
+ * This member is used throughout the system. It is also exported
+ * to Lua as a variable name holding the index of the 'supported_protocols'
+ * array. The name is also used as the name of the generated Lua
+ * metatable, that is why inside the macro checkpacketseg_ it
+ * is always the name of a protocol buffer that is passed as the
+ * second parameter.
+ * payload_field:
+ * This member holds the string of the field responsible for payload
+ * data. The payload field of a protocol has an extra property, since
+ * it can be used to invoke another protocol buffer that is applied to
+ * the payload content.
+ * has_protocol:
+ * This member is used together with the payload_field. Since we must
+ * be sure that the payload content does really contain a protocol
+ * of type X. The function pointed to by has_protocol checks if the
+ * protocol buffer X can be applied on the payload_data.
+ * protocol_fields:
+ * This member points to the array of 'protocol_field' structures
+ * get_field_changes:
+ * This member is optional. It is used to return a pointer to an initialized
+ * field_changes struct. The function is called, whenever the payload field
+ * is requested with a given protocol type. Usually this function will
+ * initialize the field_changes struct depending on the content of the
+ * payload data. e.g.
+ * tcp = ip:data(packet_tcp)
+ * such a request will call the 'get_field_changes' function of the tcp
+ * protocol buffer. This enables, that the tcp options field have the proper
+ * length as well as the tcp data start at the right offset.
+ */
+struct protocol_buf {
+ int is_dynamic;
+ const char * name;
+ char * payload_field;
+ int (*has_protocol)(lua_State *L, struct protocol_buf *prot_buf, lua_packet_segment * seg, int type);
+ struct protocol_field * protocol_fields;
+ struct field_changes * (*get_field_changes)(lua_State *L, lua_packet_segment * seg);
+};
+
+/**********************************************************************/
+/* lua byte array library */
+/**********************************************************************/
+#define LUA_BYTE_ARRAY "byte_array"
+#define checkbytearray(L, i) \
+ (lua_packet_segment *)luaL_checkudata(L, i, LUA_BYTE_ARRAY)
+lua_packet_segment * init_byte_array(lua_State *L, unsigned char * start, int length, int do_copy);
+void luaopen_bytearraylib(lua_State *L);
+
+
+/**********************************************************************/
+/* lua netfilter environment library */
+/**********************************************************************/
+#define NETFILTER_LIB "nf"
+#if defined(__KERNEL__)
+ struct lua_env {
+ lua_State *L;
+ /* perhaps more to come here (e.g. a state per CPU) */
+ };
+ #define LUA_ENV "lua_env"
+ #define checkluaenv(L, i) \
+ (struct lua_env *)luaL_checkudata(L, i, LUA_ENV)
+
+ void luaopen_nflib(lua_State *L);
+#endif
+
+void cleanup_dynamic_prot_bufs(void); /* freeing all dynamic prot bufs */
+/**********************************************************************/
+/* lua protbuf helpers */
+/**********************************************************************/
+int get_1_bit_generic(lua_State *L);
+int set_1_bit_generic(lua_State *L);
+int get_lower_4_bit_generic(lua_State *L);
+int set_lower_4_bit_generic(lua_State *L);
+int get_upper_4_bit_generic(lua_State *L);
+int set_upper_4_bit_generic(lua_State *L);
+int get_8_bit_generic(lua_State *L);
+int set_8_bit_generic(lua_State *L);
+int get_16_bit_generic(lua_State *L);
+int set_16_bit_generic(lua_State *L);
+int get_32_bit_generic(lua_State *L);
+int set_32_bit_generic(lua_State *L);
+int set_data_generic(lua_State *L);
+int get_string_generic(lua_State *L);
+int get_byte_generic_str(lua_State *L);
+struct field_changes * get_allocated_field_changes(lua_State *L, int nr_of_fields);
+
+/* only used by the dynamic prot buf subsystem */
+#define MAX_NR_OF_DYN_PROT_BUFS 16
+int field_dynamic_setter(lua_State *L);
+int field_dynamic_getter(lua_State *L);
+int has_protocol_dynamic(lua_State *L, struct protocol_buf * prot_buf, lua_packet_segment * seg, int type);
+struct field_changes * get_field_changes_dynamic(lua_State *L, struct protocol_buf *prot_buf, lua_packet_segment * seg);
+
+/**********************************************************************/
+/* lua controller API */
+/**********************************************************************/
+void luaopen_controller(lua_State *L);
+struct protocol_buf * get_protocol_buf(unsigned int protocol_id);
+void get_metatable_from_protocol_type(lua_State *L, int type);
+void register_protbuf(lua_State *L, struct protocol_buf * prot_buf, unsigned int protocol_index);
+
+
+#endif /* CONTROLLER_H_ */
191 LUA/libxt_LUA.c
@@ -0,0 +1,191 @@
+/*
+ * Copyright (C) 2010 University of Basel <http://cn.cs.unibas.ch/>
+ * by Andre Graf <andre@dergraf.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <getopt.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <string.h>
+#include <xtables.h>
+#include <linux/netfilter.h>
+#include <linux/netfilter/x_tables.h>
+#include "xt_LUA.h"
+
+enum {
+ FLAG_SCRIPT = 1 << 0,
+ FLAG_STATE = 1 << 1,
+ FLAG_FUNCTION = 1 << 2,
+};
+
+static const struct option lua_tg_opts[] = {
+ { .name = "script", .has_arg = true, .val = 's' },
+ { .name = "state", .has_arg = true, .val = 'l' },
+ { .name = "function", .has_arg = true, .val = 'f' },
+ { NULL },
+};
+
+
+static void lua_tg_help(void)
+{
+ printf(
+ "LUA target options:\n"
+ " --script SCRIPT Process packet with the Lua script given by SCRIPT\n"
+ " \n"
+ " --state ID Process packet within the Lua state given by ID.\n"
+ " Omitting --state infers the ID 0, which can be\n"
+ " refered to the 'global' state.\n"
+ " \n"
+ " --function FUNCTION Name of the function that processes the Lua packet\n"
+ "\n");
+}
+
+static void
+lua_tg_init(struct xt_entry_target *target)
+{
+ struct xt_lua_tginfo *info = (void *)target->data;
+
+ info->state_id = 0;
+ strncpy(info->function, "process_packet\0", sizeof("process_packet\0"));
+}
+
+static int
+lua_tg_parse(int32_t c, char **argv, int32_t invert, uint32_t *flags,
+ const void *entry, struct xt_entry_target **target)
+{
+ struct xt_lua_tginfo *info = (void *)(*target)->data;
+ char buf[MAX_SCRIPT_SIZE];
+ long script_size;
+ uint32_t state_id;
+ FILE *file;
+
+ switch (c) {
+ case 's':
+ if (*flags & FLAG_SCRIPT)
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Cannot specify --script more than once");
+
+ if (strlen(optarg) > sizeof(info->filename))
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Maximum script length is %zu",
+ sizeof(info->filename));
+
+ if (strchr(optarg, '\n'))
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Newlines not allowed in script name");
+ file = fopen(optarg, "rb");
+ if (file != NULL) {
+ fseek(file, 0, SEEK_END);
+ script_size = ftell(file);
+ if (script_size > MAX_SCRIPT_SIZE)
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: The size of the script is too big");
+
+ fseek(file, 0, SEEK_SET);
+ fread(buf, script_size, 1, file);
+ fclose(file);
+ } else
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Cannot open script %s", optarg);
+
+ strncpy(info->filename, optarg, sizeof(info->filename));
+ strncpy(info->buf, buf, sizeof(info->buf));
+ info->script_size = script_size;
+
+ *flags |= FLAG_SCRIPT;
+ return true;
+
+ case 'l':
+ if (*flags & FLAG_STATE)
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Cannot specify --state more than once");
+
+ if (!xtables_strtoui(optarg, NULL, &state_id, 0, 8))
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Invalid --state %s", optarg);
+
+ info->state_id = state_id;
+ *flags |= FLAG_STATE;
+ return true;
+
+ case 'f':
+ if (*flags & FLAG_FUNCTION)
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Cannot specify --function more than once");
+ if (strlen(optarg) > sizeof(info->function))
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Maximum function length is %zu",
+ sizeof(info->function));
+
+ if (strchr(optarg, '\n'))
+ xtables_error(PARAMETER_PROBLEM,
+ "LUA: Newlines not allowed in function name");
+
+ strncpy(info->function, optarg, sizeof(info->function));
+
+ *flags |= FLAG_FUNCTION;
+ return true;
+ }
+
+ return false;
+}
+
+static void
+lua_tg_check(uint32_t flags)
+{
+ if (flags == 0)
+ xtables_error(PARAMETER_PROBLEM, "LUA: --script parameter required");
+}
+
+static void
+lua_tg_print(const void *entry, const struct xt_entry_target *target,
+ int32_t numeric)
+{
+ const struct xt_lua_tginfo *info = (const void *)target->data;
+
+ printf("LUA script: %s ", info->filename);
+}
+
+static void
+lua_tg_save(const void *entry, const struct xt_entry_target *target)
+{
+ const struct xt_lua_tginfo *info = (const void *)target->data;
+
+ printf("--script %s ", info->filename);
+}
+
+static struct xtables_target lua_tg_reg = {
+ .name = "LUA",
+ .version = XTABLES_VERSION,
+ .revision = 0,
+ .family = NFPROTO_UNSPEC,
+ .size = XT_ALIGN(sizeof(struct xt_lua_tginfo)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_lua_tginfo)),
+ .help = lua_tg_help,
+ .init = lua_tg_init,
+ .parse = lua_tg_parse,
+ .final_check = lua_tg_check,
+ .print = lua_tg_print,
+ .save = lua_tg_save,
+ .extra_opts = lua_tg_opts,
+};
+
+static __attribute__((constructor)) void lua_tg_ldr(void)
+{
+ xtables_register_target(&lua_tg_reg);
+}
+
1 LUA/libxt_LUA.man
@@ -0,0 +1 @@
+Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
0 LUA/lua/include/assert.h
No changes.
11 LUA/lua/include/ctype.h
@@ -0,0 +1,11 @@
+#include <linux/ctype.h>
+#undef isalnum
+#define isalnum(c) (((__ismask(c)&(_U|_L|_D)) != 0) && (c > 0))
+#undef isalpha
+#define isalpha(c) (((__ismask(c)&(_U|_L)) != 0) && (c > 0))
+#undef iscntrl
+#define iscntrl(c) (((__ismask(c)&(_C)) != 0) && (c > 0))
+#undef isdigit
+#define isdigit(c) (((__ismask(c)&(_D)) != 0) && (c > 0))
+#undef isspace
+#define isspace(c) (((__ismask(c)&(_S)) != 0) && (c > 0))
1 LUA/lua/include/errno.h
@@ -0,0 +1 @@
+#include <linux/errno.h>
0 LUA/lua/include/limits.h
No changes.
5 LUA/lua/include/locale.h
@@ -0,0 +1,5 @@
+struct lconv {
+ char * decimal_point ;
+} ;
+
+#define localeconv() NULL
0 LUA/lua/include/math.h
No changes.
26 LUA/lua/include/setjmp.h
@@ -0,0 +1,26 @@
+/*
+ * arch/um/include/sysdep-i386/archsetjmp.h
+ */
+
+#ifndef _KLIBC_ARCHSETJMP_H
+#define _KLIBC_ARCHSETJMP_H
+
+struct __jmp_buf {
+ unsigned int __ebx;
+ unsigned int __esp;
+ unsigned int __ebp;
+ unsigned int __esi;
+ unsigned int __edi;
+ unsigned int __eip;
+};
+
+typedef struct __jmp_buf jmp_buf[1];
+
+#define JB_IP __eip
+#define JB_SP __esp
+
+int setjmp(jmp_buf);
+void longjmp(jmp_buf, int);
+
+#endif /* _SETJMP_H */
+
1 LUA/lua/include/stdio.h
@@ -0,0 +1 @@
+#include <linux/kernel.h>
7 LUA/lua/include/stdlib.h
@@ -0,0 +1,7 @@
+#include <linux/kernel.h>
+
+#define exit(E) return
+#define strtoul simple_strtoul
+#define strcoll strcmp
+
+#define CHAR_BIT 8
1 LUA/lua/include/string.h
@@ -0,0 +1 @@
+#include <linux/string.h>
1,086 LUA/lua/lapi.c
@@ -0,0 +1,1086 @@
+/*
+** $Id: lapi.c,v 2.55.1.5 2008/07/04 18:41:18 roberto Exp $
+** Lua API
+** See Copyright Notice in lua.h
+*/
+
+#include <stdarg.h>
+#include <math.h>
+#include <assert.h>
+#include <string.h>
+
+#define lapi_c
+#define LUA_CORE
+
+#include "lua.h"
+
+#include "lapi.h"
+#include "ldebug.h"
+#include "ldo.h"
+#include "lfunc.h"
+#include "lgc.h"
+#include "lmem.h"
+#include "lobject.h"
+#include "lstate.h"
+#include "lstring.h"
+#include "ltable.h"
+#include "ltm.h"
+#include "lundump.h"
+#include "lvm.h"
+
+
+
+const char lua_ident[] =
+ "$Lua: " LUA_RELEASE " " LUA_COPYRIGHT " $\n"
+ "$Authors: " LUA_AUTHORS " $\n"
+ "$URL: www.lua.org $\n";
+
+
+
+#define api_checknelems(L, n) api_check(L, (n) <= (L->top - L->base))
+
+#define api_checkvalidindex(L, i) api_check(L, (i) != luaO_nilobject)
+
+#define api_incr_top(L) {api_check(L, L->top < L->ci->top); L->top++;}
+
+
+
+static TValue *index2adr (lua_State *L, int idx) {
+ if (idx > 0) {
+ TValue *o = L->base + (idx - 1);
+ api_check(L, idx <= L->ci->top - L->base);
+ if (o >= L->top) return cast(TValue *, luaO_nilobject);
+ else return o;
+ }
+ else if (idx > LUA_REGISTRYINDEX) {
+ api_check(L, idx != 0 && -idx <= L->top - L->base);
+ return L->top + idx;
+ }
+ else switch (idx) { /* pseudo-indices */
+ case LUA_REGISTRYINDEX: return registry(L);
+ case LUA_ENVIRONINDEX: {
+ Closure *func = curr_func(L);
+ sethvalue(L, &L->env, func->c.env);
+ return &L->env;
+ }
+ case LUA_GLOBALSINDEX: return gt(L);
+ default: {
+ Closure *func = curr_func(L);
+ idx = LUA_GLOBALSINDEX - idx;
+ return (idx <= func->c.nupvalues)
+ ? &func->c.upvalue[idx-1]
+ : cast(TValue *, luaO_nilobject);
+ }
+ }
+}
+
+
+static Table *getcurrenv (lua_State *L) {
+ if (L->ci == L->base_ci) /* no enclosing function? */
+ return hvalue(gt(L)); /* use global table as environment */
+ else {
+ Closure *func = curr_func(L);
+ return func->c.env;
+ }
+}
+
+
+void luaA_pushobject (lua_State *L, const TValue *o) {
+ setobj2s(L, L->top, o);
+ api_incr_top(L);
+}
+
+
+LUA_API int lua_checkstack (lua_State *L, int size) {
+ int res = 1;
+ lua_lock(L);
+ if (size > LUAI_MAXCSTACK || (L->top - L->base + size) > LUAI_MAXCSTACK)
+ res = 0; /* stack overflow */
+ else if (size > 0) {
+ luaD_checkstack(L, size);
+ if (L->ci->top < L->top + size)
+ L->ci->top = L->top + size;
+ }
+ lua_unlock(L);
+ return res;
+}
+
+
+LUA_API void lua_xmove (lua_State *from, lua_State *to, int n) {
+ int i;
+ if (from == to) return;
+ lua_lock(to);
+ api_checknelems(from, n);
+ api_check(from, G(from) == G(to));
+ api_check(from, to->ci->top - to->top >= n);
+ from->top -= n;
+ for (i = 0; i < n; i++) {
+ setobj2s(to, to->top++, from->top + i);
+ }
+ lua_unlock(to);
+}
+
+
+LUA_API void lua_setlevel (lua_State *from, lua_State *to) {
+ to->nCcalls = from->nCcalls;
+}
+
+
+LUA_API lua_CFunction lua_atpanic (lua_State *L, lua_CFunction panicf) {
+ lua_CFunction old;
+ lua_lock(L);
+ old = G(L)->panic;
+ G(L)->panic = panicf;
+ lua_unlock(L);
+ return old;
+}
+
+
+LUA_API lua_State *lua_newthread (lua_State *L) {
+ lua_State *L1;
+ lua_lock(L);
+ luaC_checkGC(L);
+ L1 = luaE_newthread(L);
+ setthvalue(L, L->top, L1);
+ api_incr_top(L);
+ lua_unlock(L);
+ luai_userstatethread(L, L1);
+ return L1;
+}
+
+
+
+/*
+** basic stack manipulation
+*/
+
+
+LUA_API int lua_gettop (lua_State *L) {
+ return cast_int(L->top - L->base);
+}
+
+
+LUA_API void lua_settop (lua_State *L, int idx) {
+ lua_lock(L);
+ if (idx >= 0) {
+ api_check(L, idx <= L->stack_last - L->base);
+ while (L->top < L->base + idx)
+ setnilvalue(L->top++);
+ L->top = L->base + idx;
+ }
+ else {
+ api_check(L, -(idx+1) <= (L->top - L->base));
+ L->top += idx+1; /* `subtract' index (index is negative) */
+ }
+ lua_unlock(L);
+}
+
+
+LUA_API void lua_remove (lua_State *L, int idx) {
+ StkId p;
+ lua_lock(L);
+ p = index2adr(L, idx);