RubyGems - ruby-ipqueue - Versions diffs - 0.1.3 - Mend

ruby-ipqueue 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

data/Rakefile ADDED Viewed

@@ -0,0 +1,26 @@
+require 'rake'
+require 'rake/packagetask'
+require 'rake/gempackagetask'
+PKG_VERSION = "0.1.3"
+desc "Create gem"
+spec = Gem::Specification.new do |s|
+  s.email = 'nullguid@gmail.com'
+  s.extensions = 'ext/ipqueue/extconf.rb'
+  s.homepage = 'http://ruby-ipqueue.rubyforge.org/'
+  s.name = 'ruby-ipqueue'
+  s.require_paths << 'ext'
+  s.requirements << 'libipq'
+  s.rubyforge_project = 'ruby-ipqueue'
+  s.summary = 'Rubyish interface to libipq'
+  s.description = 'Ruby-ipqueue provides ruby-way object-oriented interface to linux libipq packet mangling library'
+  s.version = PKG_VERSION
+  s.files = FileList['**/*'].to_a.select{|v| v !~ /pkg|CVS/}
+end
+Rake::GemPackageTask.new(spec) do |p|
+  p.gem_spec = spec
+  p.need_tar_gz = false
+  p.need_zip = false
+end

data/ext/ipqueue/extconf.rb ADDED Viewed

@@ -0,0 +1,7 @@
+require 'mkmf'
+dir_config('ipqueue')
+if have_header('linux/netfilter.h') and have_header('libipq/libipq.h') and have_library('ipq', 'ipq_create_handle')
+  create_makefile('ipqueue')
+end

data/ext/ipqueue/ipqueue.c ADDED Viewed

@@ -0,0 +1,208 @@
+#include <ruby.h>
+#include <libipq/libipq.h>
+#include <linux/netfilter.h>
+/* FIXME - I don't know how to handle this */
+#define IPQ_MESSAGE_OVERHEAD 256
+static VALUE cIPQueue, cIPQueuePacket, eTimeout;
+struct ipqueue_object
+{
+  struct ipq_handle *handle;
+  size_t range;
+  unsigned char *buf;
+  size_t len;
+};
+static void fipq_destroy_ipqueue(struct ipqueue_object *ipqueue)
+{
+  if(ipq_destroy_handle(ipqueue->handle) == -1)
+    rb_raise(rb_eRuntimeError, "%s: %s", ipq_errstr(), strerror(errno));
+  xfree(ipqueue->buf);
+  xfree(ipqueue);
+}
+static VALUE fipq_create_handle(klass, flags, protocol)
+  VALUE klass, flags, protocol;
+{
+  VALUE obj;
+  struct ipq_handle *handle;
+  struct ipqueue_object *ipqueue;
+  handle = ipq_create_handle(NUM2INT(flags), NUM2INT(protocol));
+  if(!handle) {
+     rb_raise(rb_eRuntimeError, "%s: %s", ipq_errstr(), strerror(errno));
+  }
+  obj = Data_Make_Struct(klass, struct ipqueue_object, 0, fipq_destroy_ipqueue, ipqueue);
+  /* set default to copy only metainformation */
+  ipq_set_mode(handle, IPQ_COPY_META, 0);
+  ipqueue->handle = handle;
+  ipqueue->range = 0;
+  ipqueue->len = IPQ_MESSAGE_OVERHEAD;
+  ipqueue->buf = ALLOC_N(unsigned char, IPQ_MESSAGE_OVERHEAD);
+  return obj;
+}
+/* Assume IPQ_COPY_META when range is zero */
+static VALUE fipq_set_range(obj, range)
+  VALUE obj, range;
+{
+  struct ipqueue_object *ipqueue;
+  size_t c_range = NUM2INT(range);
+  if(c_range > 65535) {
+    rb_raise(rb_eArgError, "invalid range '%d', should be between 0 and 65535", c_range);
+  }
+  Data_Get_Struct(obj, struct ipqueue_object, ipqueue);
+  if(ipq_set_mode(ipqueue->handle, c_range ? IPQ_COPY_PACKET : IPQ_COPY_META, c_range) < 0)
+    rb_raise(rb_eRuntimeError, "%s: %s", ipq_errstr(), strerror(errno));
+  ipqueue->range = c_range;
+  ipqueue->len = c_range + IPQ_MESSAGE_OVERHEAD;
+  REALLOC_N(ipqueue->buf, unsigned char, ipqueue->len);
+  return Qnil;
+}
+static VALUE fipq_get_range(VALUE obj)
+{
+  struct ipqueue_object *ipqueue;
+  Data_Get_Struct(obj, struct ipqueue_object, ipqueue);
+  return INT2FIX(ipqueue->range);
+}
+static VALUE create_ipqueuepacket(ipq_packet_msg_t *packet_msg, VALUE queue)
+{
+  VALUE packet;
+  VALUE data[12];
+  /* queue, packet_id, mark, timestamp, hook, indev_name, outdev_name, hw_protocol, hw_type, hw_addr, payload */
+  data[0] = queue;
+  data[1] = INT2NUM(packet_msg->packet_id);
+  data[2] = INT2NUM(packet_msg->mark);
+  data[3] = INT2NUM(packet_msg->timestamp_sec);
+  data[4] = INT2NUM(packet_msg->timestamp_usec);
+  data[5] = INT2FIX(packet_msg->hook);
+  data[6] = rb_str_new2(packet_msg->indev_name);
+  data[7] = rb_str_new2(packet_msg->outdev_name);
+  data[8] = INT2FIX(packet_msg->hw_protocol);
+  data[9] = INT2FIX(packet_msg->hw_type);
+  data[10] = rb_str_new(packet_msg->hw_addr, packet_msg->hw_addrlen);
+  data[11] = rb_str_new(packet_msg->payload, packet_msg->data_len);
+  packet = rb_class_new_instance(12, data, cIPQueuePacket);
+  return packet;
+}
+static VALUE fipq_read(int argc, VALUE *argv, VALUE obj)
+{
+  struct ipqueue_object *ipqueue;
+  int ret;
+  ipq_packet_msg_t *packet_msg;
+  VALUE timeout, payload, packet;
+  VALUE error[2];
+  if(rb_scan_args(argc, argv, "01", &timeout) == 0)
+    timeout = INT2NUM(0);
+  Data_Get_Struct(obj, struct ipqueue_object, ipqueue);
+  ret = ipq_read(ipqueue->handle, ipqueue->buf, ipqueue->len, NUM2INT(timeout));
+  if(ret < 0)
+    rb_raise(rb_eRuntimeError, "%s: %s", ipq_errstr(), strerror(errno));
+  if(ret == 0)
+    if(errno == EINTR)
+      rb_raise(rb_eSignal, "non-blocked signal caught");
+    else
+      rb_raise(eTimeout, "timeout exceeded");
+  /* dirty hack? */
+  if(ipq_message_type(ipqueue->buf) == NLMSG_ERROR) {
+    error[0] = rb_str_new2("netlink layer");
+    error[1] = INT2FIX(ipq_get_msgerr(ipqueue->buf));
+    rb_exc_raise(rb_class_new_instance(2, error, rb_eSystemCallError));
+  }
+  /* finally, we've got it */
+  packet_msg = ipq_get_packet(ipqueue->buf);
+  return create_ipqueuepacket(packet_msg, obj);
+}
+static VALUE fipq_accept(int argc, VALUE *argv, VALUE obj)
+{
+  struct ipqueue_object *ipqueue;
+  VALUE packet_id, payload;
+  unsigned char *buf = NULL;
+  size_t data_len = 0;
+  if(rb_scan_args(argc, argv, "11", &packet_id, &payload) == 2) {
+    Check_Type(payload, T_STRING);
+    buf = RSTRING(payload)->ptr;
+    data_len = RSTRING(payload)->len;
+  }
+  Data_Get_Struct(obj, struct ipqueue_object, ipqueue);
+  if(ipq_set_verdict(ipqueue->handle, NUM2INT(packet_id), NF_ACCEPT, data_len, buf) < 0)
+    rb_raise(rb_eRuntimeError, "%s: %s", ipq_errstr(), strerror(errno));
+  return Qtrue;
+}
+static VALUE fipq_drop(obj, packet_id)
+  VALUE obj, packet_id;
+{
+  struct ipqueue_object *ipqueue;
+  Data_Get_Struct(obj, struct ipqueue_object, ipqueue);
+  if(ipq_set_verdict(ipqueue->handle, NUM2INT(packet_id), NF_DROP, 0, NULL) < 0)
+    rb_raise(rb_eRuntimeError, "%s: %s", ipq_errstr(), strerror(errno));
+  return Qtrue;
+}
+void Init_ipqueue()
+{
+  cIPQueue = rb_define_class("IPQueue", rb_cObject);
+  /* require our IPQueuePacket class */
+  rb_require("ipqueuepacket");
+  cIPQueuePacket = rb_const_get(cIPQueue, rb_intern("Packet"));
+  eTimeout = rb_define_class("Timeout", rb_eException);
+  rb_define_singleton_method(cIPQueue, "new", fipq_create_handle, 2);
+  rb_define_method(cIPQueue, "range=", fipq_set_range, 1);
+  rb_define_method(cIPQueue, "range", fipq_get_range, 0);
+  rb_define_method(cIPQueue, "read", fipq_read, -1);
+  rb_define_method(cIPQueue, "accept", fipq_accept, -1);
+  rb_define_method(cIPQueue, "drop", fipq_drop, 1);
+#define rb_define_ipq_const(var) \
+  rb_define_const(cIPQueue, #var, INT2NUM(var))
+  rb_define_ipq_const(PF_INET);
+  rb_define_ipq_const(PF_INET6);
+  rb_define_ipq_const(IPQ_COPY_META);
+  rb_define_ipq_const(IPQ_COPY_PACKET);
+}

data/lib/ipqueuepacket.rb ADDED Viewed

@@ -0,0 +1,36 @@
+class IPQueue::Packet
+  attr :packet_id
+  attr :mark
+  attr :timestamp_sec
+  attr :timestamp_usec
+  attr :indev_name
+  attr :outdev_name
+  attr :hw_protocol
+  attr :hw_type
+  attr :hw_addr
+  attr :payload
+  def initialize queue, packet_id, mark, timestamp_sec, timestamp_usec, hook, indev_name, outdev_name, hw_protocol, hw_type, hw_addr, payload
+    @queue = queue
+    @packet_id = packet_id
+    @mark = mark
+    @timestamp_sec = timestamp_sec
+    @timestamp_usec = timestamp_usec
+    @hook = hook
+    @indev_name = indev_name
+    @outdev_name = outdev_name
+    @hw_protocol = hw_protocol
+    @hw_type = hw_type
+    @hw_addr = hw_addr
+    @payload = payload
+  end
+  def accept(modify = false)
+    if modify then @queue.accept(@packet_id, @payload) else @queue.accept(@packet_id) end
+  end
+  def drop
+    @queue.drop(@packet_id)
+  end
+  def payload
+    return @payload
+  end
+end

data/test/test.rb ADDED Viewed

@@ -0,0 +1,13 @@
+#!/usr/bin/ruby
+require 'ipqueue'
+require 'ip-proto'
+queue = IPQueue.new(0, IPQueue::PF_INET)
+queue.range = 1024
+while true do
+packet = queue.read
+packet.accept true
+ippacket = IP::decode(packet.payload)
+puts ippacket.inspect_detailed
+end

data/test/test.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+iptables -t mangle -A FORWARD -j QUEUE
+./test.rb
+iptables -t mangle -D FORWARD -j QUEUE

metadata ADDED Viewed

@@ -0,0 +1,56 @@
+--- !ruby/object:Gem::Specification
+rubygems_version: 0.9.0
+specification_version: 1
+name: ruby-ipqueue
+version: !ruby/object:Gem::Version
+  version: 0.1.3
+date: 2007-01-29 00:00:00 +05:00
+summary: Rubyish interface to libipq
+require_paths:
+- lib
+- ext
+email: nullguid@gmail.com
+homepage: http://ruby-ipqueue.rubyforge.org/
+rubyforge_project: ruby-ipqueue
+description: Ruby-ipqueue provides ruby-way object-oriented interface to linux libipq packet mangling library
+autorequire:
+default_executable:
+bindir: bin
+has_rdoc: false
+required_ruby_version: !ruby/object:Gem::Version::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 0.0.0
+  version:
+platform: ruby
+signing_key:
+cert_chain:
+post_install_message:
+authors: []
+files:
+- ext
+- lib
+- test
+- Rakefile
+- ext/ipqueue
+- ext/ipqueue/extconf.rb
+- ext/ipqueue/ipqueue.c
+- lib/ipqueuepacket.rb
+- test/test.rb
+- test/test.sh
+test_files: []
+rdoc_options: []
+extra_rdoc_files: []
+executables: []
+extensions:
+- ext/ipqueue/extconf.rb
+requirements:
+- libipq
+dependencies: []