Open D4nnyLee opened 1 year ago
Hey! Thank you for the information on tcp_flag_word()
. This is the first time I'm seeing the function.
I'm unsure if using this would simplify the checking flags process, though. Initially, I thought using bitwise operations instead of logical could increase performance, but most modern compilers optimize both operations so that they should have similar performance. We'd still have to use multiple operations when checking against the flags from what I've seen.
I haven't dug too deeply into this function. If you have any examples of how it could simplify the process, please let me know!
I tried to make a commit for this.
The checking process will become:
if (tcp_flag_word(tcph) & filter->tcpopts.enabled_flags) != filter->tcpopts.expected_flags)
{
continue;
}
Flags that the filter want to check will set the corresponding bits in enabled_flags
and expected_flags
.
Thank you for making that commit! I'm going to look further into this when I have more time.
Was the firewall and new TCP flag check method working under the commit/fork you made? If so, feel free to create a pull request so you'll get credit for this change :smile:
Hello, I noticed that while filtering the packets, the filter check all TCP flags one after another.
I think we can make use of the
tcp_flag_word()
macro andTCP_FLAG_*
defined in<linux/tcp.h>
to simplify the process of checking flags.