diff options
author | Skylar Chang <chiaweic@codeaurora.org> | 2015-06-17 19:13:49 -0700 |
---|---|---|
committer | Skylar Chang <chiaweic@codeaurora.org> | 2015-06-17 19:13:49 -0700 |
commit | b989026d34a5b85dc4bce7ea1e75b8805494769b (patch) | |
tree | 1ec77e9f63b67b228bf6535c77ed2758d913f5e8 /ipacm/src/IPACM_Wlan.cpp | |
parent | 1b7a7a836d257db021ada32211da089b240c31ad (diff) | |
download | ipacfg-mgr-b989026d34a5b85dc4bce7ea1e75b8805494769b.tar.gz |
IPACM: add TCP SYN/FIN/RST flt rules
Add TCP SYN/FIN/RST filtering rules on both UL and DL pipes.
Change-Id: I0498c76c02d54f91f8e4bd2c0ca5e4d45977a5fa
Diffstat (limited to 'ipacm/src/IPACM_Wlan.cpp')
-rw-r--r-- | ipacm/src/IPACM_Wlan.cpp | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/ipacm/src/IPACM_Wlan.cpp b/ipacm/src/IPACM_Wlan.cpp index e58345a..2c4d1e2 100644 --- a/ipacm/src/IPACM_Wlan.cpp +++ b/ipacm/src/IPACM_Wlan.cpp @@ -1129,6 +1129,54 @@ int IPACM_Wlan::init_fl_rule(ipa_ip_type iptype) flt_rule.rule_hdl = IPACM_Wlan::dummy_flt_rule_hdl_v6[offset+2]; memcpy(&(pFilteringTable->rules[2]), &flt_rule, sizeof(struct ipa_flt_rule_mdfy)); +#ifdef FEATURE_IPA_ANDROID + memset(&flt_rule, 0, sizeof(struct ipa_flt_rule_mdfy)); + + flt_rule.status = -1; + + flt_rule.rule.retain_hdr = 1; + flt_rule.rule.to_uc = 0; + flt_rule.rule.action = IPA_PASS_TO_EXCEPTION; + flt_rule.rule.eq_attrib_type = 1; + + flt_rule.rule.eq_attrib.rule_eq_bitmap = 0; + + if(rx_prop->rx[0].attrib.attrib_mask & IPA_FLT_META_DATA) + { + flt_rule.rule.eq_attrib.rule_eq_bitmap |= (1<<14); + flt_rule.rule.eq_attrib.metadata_meq32_present = 1; + flt_rule.rule.eq_attrib.metadata_meq32.offset = 0; + flt_rule.rule.eq_attrib.metadata_meq32.value = rx_prop->rx[0].attrib.meta_data; + flt_rule.rule.eq_attrib.metadata_meq32.mask = rx_prop->rx[0].attrib.meta_data_mask; + } + + flt_rule.rule.eq_attrib.rule_eq_bitmap |= (1<<1); + flt_rule.rule.eq_attrib.protocol_eq_present = 1; + flt_rule.rule.eq_attrib.protocol_eq = IPACM_FIREWALL_IPPROTO_TCP; + + flt_rule.rule.eq_attrib.rule_eq_bitmap |= (1<<8); + flt_rule.rule.eq_attrib.num_ihl_offset_meq_32 = 1; + flt_rule.rule.eq_attrib.ihl_offset_meq_32[0].offset = 12; + + /* add TCP FIN rule*/ + flt_rule.rule.eq_attrib.ihl_offset_meq_32[0].value = (((uint32_t)1)<<TCP_FIN_SHIFT); + flt_rule.rule.eq_attrib.ihl_offset_meq_32[0].mask = (((uint32_t)1)<<TCP_FIN_SHIFT); + flt_rule.rule_hdl = IPACM_Wlan::dummy_flt_rule_hdl_v6[offset+3]; + memcpy(&(pFilteringTable->rules[3]), &flt_rule, sizeof(struct ipa_flt_rule_mdfy)); + + /* add TCP SYN rule*/ + flt_rule.rule.eq_attrib.ihl_offset_meq_32[0].value = (((uint32_t)1)<<TCP_SYN_SHIFT); + flt_rule.rule.eq_attrib.ihl_offset_meq_32[0].mask = (((uint32_t)1)<<TCP_SYN_SHIFT); + flt_rule.rule_hdl = IPACM_Wlan::dummy_flt_rule_hdl_v6[offset+4]; + memcpy(&(pFilteringTable->rules[4]), &flt_rule, sizeof(struct ipa_flt_rule_mdfy)); + + /* add TCP RST rule*/ + flt_rule.rule.eq_attrib.ihl_offset_meq_32[0].value = (((uint32_t)1)<<TCP_RST_SHIFT); + flt_rule.rule.eq_attrib.ihl_offset_meq_32[0].mask = (((uint32_t)1)<<TCP_RST_SHIFT); + flt_rule.rule_hdl = IPACM_Wlan::dummy_flt_rule_hdl_v6[offset+5]; + memcpy(&(pFilteringTable->rules[5]), &flt_rule, sizeof(struct ipa_flt_rule_mdfy)); +#endif + if (m_filtering.ModifyFilteringRule(pFilteringTable) == false) { IPACMERR("Failed to modify default ipv6 filtering rules.\n"); |