Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

132 lines (125 sloc) 3.49 kb
--- libipt_string.c Wed May 29 09:08:16 2002
+++ libipt_string.c.new Fri Apr 18 20:38:55 2003
@@ -13,6 +13,7 @@
#include <string.h>
#include <stdlib.h>
#include <getopt.h>
+#include <ctype.h>
#include <iptables.h>
#include <linux/netfilter_ipv4/ipt_string.h>
@@ -23,7 +24,8 @@
{
printf(
"STRING match v%s options:\n"
-"--string [!] string Match a string in a packet\n",
+"--string [!] string Match a string in a packet\n"
+"--hex-string [!] string Match a hex string in a packet\n",
IPTABLES_VERSION);
fputc('\n', stdout);
@@ -31,6 +33,7 @@
static struct option opts[] = {
{ "string", 1, 0, '1' },
+ { "hex-string", 1, 0, '2' },
{0}
};
@@ -44,10 +47,84 @@
static void
parse_string(const unsigned char *s, struct ipt_string_info *info)
{
- if (strlen(s) <= BM_MAX_NLEN) strcpy(info->string, s);
+ if (strlen(s) <= BM_MAX_NLEN) strcpy(info->string, s);
else exit_error(PARAMETER_PROBLEM, "STRING too long `%s'", s);
}
+static void
+parse_hex_string(const unsigned char *s, struct ipt_string_info *info)
+{
+ int i=0, slen, sindex=0, schar;
+ short hex_f = 0, literal_f = 0;
+ char hextmp[3];
+
+ slen = strlen(s);
+
+ if (slen == 0) {
+ exit_error(PARAMETER_PROBLEM,
+ "STRING must contain at least one char");
+ }
+
+ while (i < slen) {
+ if (s[i] == '\\' && !hex_f) {
+ literal_f = 1;
+ } else if (s[i] == '\\') {
+ exit_error(PARAMETER_PROBLEM,
+ "Cannot include literals in hex data");
+ } else if (s[i] == '|') {
+ if (hex_f)
+ hex_f = 0;
+ else
+ hex_f = 1;
+ if (i+1 >= slen)
+ break;
+ else
+ i++; /* advance to the next character */
+ }
+
+ if (literal_f) {
+ if (i+1 >= slen) {
+ exit_error(PARAMETER_PROBLEM,
+ "Bad literal placement at end of string");
+ }
+ info->string[sindex] = s[i+1];
+ i += 2; /* skip over literal char */
+ literal_f = 0;
+ } else if (hex_f) {
+ if (i+1 >= slen) {
+ exit_error(PARAMETER_PROBLEM,
+ "Odd number of hex digits");
+ }
+ if (i+2 >= slen) {
+ /* must end with a "|" */
+ exit_error(PARAMETER_PROBLEM, "Invalid hex block");
+ }
+ if (! isxdigit(s[i])) /* check for valid hex char */
+ exit_error(PARAMETER_PROBLEM, "Invalid hex char `%c'", s[i]);
+ if (! isxdigit(s[i+1])) /* check for valid hex char */
+ exit_error(PARAMETER_PROBLEM, "Invalid hex char `%c'", s[i+1]);
+ hextmp[0] = s[i];
+ hextmp[1] = s[i+1];
+ hextmp[2] = '\0';
+ if (! sscanf(hextmp, "%x", &schar))
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid hex char `%c'", s[i]);
+ info->string[sindex] = (char) schar;
+ if (s[i+2] == ' ')
+ i += 3; /* spaces included in the hex block */
+ else
+ i += 2;
+ } else { /* the char is not part of hex data, so just copy */
+ info->string[sindex] = s[i];
+ i++;
+ }
+ if (sindex > BM_MAX_NLEN)
+ exit_error(PARAMETER_PROBLEM, "STRING too long `%s'", s);
+ sindex++;
+ }
+ info->len = sindex;
+}
+
/* Function which parses command options; returns true if it
ate an option */
static int
@@ -64,7 +141,15 @@
parse_string(argv[optind-1], stringinfo);
if (invert)
stringinfo->invert = 1;
- stringinfo->len=strlen((char *)&stringinfo->string);
+ stringinfo->len=strlen((char *)&stringinfo->string);
+ *flags = 1;
+ break;
+
+ case '2':
+ check_inverse(optarg, &invert, &optind, 0);
+ parse_hex_string(argv[optind-1], stringinfo); /* sets length */
+ if (invert)
+ stringinfo->invert = 1;
*flags = 1;
break;
Jump to Line
Something went wrong with that request. Please try again.