~ubuntu-branches/ubuntu/precise/xtables-addons/precise-updates

Committer: Bazaar Package Importer
Author(s): Pierre Chifflier
Date: 2009-09-10 21:42:05 UTC
mfrom: (1.2.2 upstream)
Revision ID: james.westby@ubuntu.com-20090910214205-neqgwq7y5nctaty7

Tags: 1.18-1

http://bugs.debian.org/545542

http://bugs.debian.org/533653

* New Upstream Version
This version has support for 2.6.31 (Closes: #545542)
* Bump standards version (no changes)
* Depend on quilt (Closes: #533653)

files added:
doc/README.psd

extensions/libxt_ACCOUNT.c

extensions/libxt_ACCOUNT.man

extensions/libxt_psd.c

extensions/libxt_psd.man

extensions/xt_ACCOUNT.c

extensions/xt_ACCOUNT.h

extensions/xt_psd.Kconfig

extensions/xt_psd.c

extensions/xt_psd.h

files modified:
Makefile.in

aclocal.m4

compile

config.guess

config.sub

configure

configure.ac

debian/changelog

debian/control

doc/changelog.txt

extensions/GNUmakefile.in

extensions/Kbuild

extensions/Mbuild

extensions/compat_skbuff.h

extensions/ipset/ip_set.c

extensions/ipset/ip_set_iptree.c

extensions/ipset/ip_set_iptreemap.c

extensions/ipset/ip_set_malloc.h

extensions/ipset/ip_set_setlist.c

extensions/ipset/ipset.8

extensions/ipset/ipset.c

extensions/libxt_quota2.c

extensions/xt_DELUDE.c

extensions/xt_TARPIT.c

extensions/xt_TEE.c

extensions/xt_quota2.c

extensions/xt_quota2.h

ltmain.sh

m4/libtool.m4

mconfig

missing

xtables-addons.8.in

Show diffs side-by-side

added added

removed removed

extensions/xt_psd.h

#ifndef _LINUX_NETFILTER_XT_PSD_H

#define _LINUX_NETFILTER_XT_PSD_H 1

#include <linux/param.h>

#include <linux/types.h>

* High port numbers have a lower weight to reduce the frequency of false

* positives, such as from passive mode FTP transfers.

#define PORT_WEIGHT_PRIV 3

#define PORT_WEIGHT_HIGH 1

#define PSD_MAX_RATE 10000

* Port scan detection thresholds: at least COUNT ports need to be scanned

* from the same source, with no longer than DELAY ticks between ports.

#define SCAN_MIN_COUNT 7

#define SCAN_MAX_COUNT (SCAN_MIN_COUNT * PORT_WEIGHT_PRIV)

#define SCAN_WEIGHT_THRESHOLD SCAN_MAX_COUNT

#define SCAN_DELAY_THRESHOLD (300) /* old usage of HZ here was erroneously and broke under uml */

* Keep track of up to LIST_SIZE source addresses, using a hash table of

* HASH_SIZE entries for faster lookups, but limiting hash collisions to

* HASH_MAX source addresses per the same hash value.

#define LIST_SIZE 0x100

#define HASH_LOG 9

#define HASH_SIZE (1 << HASH_LOG)

#define HASH_MAX 0x10

struct xt_psd_info {

__u32 weight_threshold;

__u32 delay_threshold;

__u16 lo_ports_weight;

__u16 hi_ports_weight;

};

#endif /*_LINUX_NETFILTER_XT_PSD_H*/

Older »