diff --git a/src/driver/fortcout.c b/src/driver/fortcout.c index c4d044ad..d2ec6ce1 100644 --- a/src/driver/fortcout.c +++ b/src/driver/fortcout.c @@ -568,13 +568,6 @@ static NTSTATUS NTAPI fort_callout_notify( return STATUS_SUCCESS; } -inline static void fort_callout_flow_classify(PCFORT_CALLOUT_ARG ca, UINT32 dataSize) -{ - const UINT32 headerSize = ca->inbound ? ca->inMetaValues->transportHeaderSize : 0; - - fort_flow_classify(&fort_device()->stat, ca->flowContext, headerSize + dataSize, ca->inbound); -} - static void NTAPI fort_callout_stream_classify(const FWPS_INCOMING_VALUES0 *inFixedValues, const FWPS_INCOMING_METADATA_VALUES0 *inMetaValues, PVOID layerData, const FWPS_FILTER0 *filter, UINT64 flowContext, FWPS_CLASSIFY_OUT0 *classifyOut) @@ -589,6 +582,10 @@ static void NTAPI fort_callout_stream_classify(const FWPS_INCOMING_VALUES0 *inFi const BOOL inbound = (streamFlags & FWPS_STREAM_FLAG_RECEIVE) != 0; + const UINT32 headerSize = inMetaValues->transportHeaderSize + inMetaValues->ipHeaderSize; + + UNUSED(inFixedValues); + /* const FORT_CALLOUT_ARG ca = { .inFixedValues = inFixedValues, .inMetaValues = inMetaValues, @@ -598,45 +595,49 @@ static void NTAPI fort_callout_stream_classify(const FWPS_INCOMING_VALUES0 *inFi .classifyOut = classifyOut, .inbound = inbound, }; + */ - fort_callout_flow_classify(&ca, dataSize); + fort_flow_classify(&fort_device()->stat, flowContext, headerSize + dataSize, inbound); fort_callout_classify_permit(filter, classifyOut); } -static void fort_callout_datagram_classify(PFORT_CALLOUT_ARG ca) -{ - FORT_CHECK_STACK(FORT_CALLOUT_DATAGRAM_CLASSIFY); - - const PNET_BUFFER netBuf = NET_BUFFER_LIST_FIRST_NB(ca->netBufList); - const UINT32 dataSize = NET_BUFFER_DATA_LENGTH(netBuf); - - const FWP_DIRECTION direction = - (FWP_DIRECTION) ca->inFixedValues->incomingValue[ca->fi->direction].value.uint8; - ca->inbound = (direction == FWP_DIRECTION_INBOUND); - - fort_callout_flow_classify(ca, dataSize); - - fort_callout_classify_permit(ca->filter, ca->classifyOut); -} - inline static void fort_callout_datagram_classify_v(const FWPS_INCOMING_VALUES0 *inFixedValues, const FWPS_INCOMING_METADATA_VALUES0 *inMetaValues, PVOID layerData, const FWPS_FILTER0 *filter, UINT64 flowContext, FWPS_CLASSIFY_OUT0 *classifyOut, PCFORT_CALLOUT_FIELD_INDEX fi, BOOL isIPv6) { + FORT_CHECK_STACK(FORT_CALLOUT_DATAGRAM_CLASSIFY); + + const PNET_BUFFER_LIST netBufList = layerData; + const PNET_BUFFER netBuf = NET_BUFFER_LIST_FIRST_NB(netBufList); + const UINT32 dataSize = NET_BUFFER_DATA_LENGTH(netBuf); + + const FWP_DIRECTION direction = + (FWP_DIRECTION) inFixedValues->incomingValue[fi->direction].value.uint8; + const BOOL inbound = (direction == FWP_DIRECTION_INBOUND); + + const UINT32 headerSize = + inbound ? inMetaValues->transportHeaderSize + inMetaValues->ipHeaderSize : 0; + + UNUSED(isIPv6); + /* FORT_CALLOUT_ARG ca = { .fi = fi, .inFixedValues = inFixedValues, .inMetaValues = inMetaValues, - .netBufList = layerData, + .netBufList = netBufList, .filter = filter, .flowContext = flowContext, .classifyOut = classifyOut, + .inbound = inbound, .isIPv6 = isIPv6, }; + */ - fort_callout_datagram_classify(&ca); + fort_flow_classify(&fort_device()->stat, flowContext, headerSize + dataSize, inbound); + + fort_callout_classify_permit(filter, classifyOut); } static void NTAPI fort_callout_datagram_classify_v4(const FWPS_INCOMING_VALUES0 *inFixedValues, diff --git a/src/driver/fortpkt.c b/src/driver/fortpkt.c index d2534725..2bc1def1 100644 --- a/src/driver/fortpkt.c +++ b/src/driver/fortpkt.c @@ -99,13 +99,13 @@ inline static BOOL fort_packet_is_ipsec_tunneled(PCFORT_CALLOUT_ARG ca) inline static ULONG fort_packet_data_length(PCFORT_CALLOUT_ARG ca) { PNET_BUFFER netBuf = NET_BUFFER_LIST_FIRST_NB(ca->netBufList); - const ULONG data_length = NET_BUFFER_DATA_LENGTH(netBuf); + const ULONG dataSize = NET_BUFFER_DATA_LENGTH(netBuf); - const ULONG header_size = ca->inbound - ? 0 - : ca->inMetaValues->transportHeaderSize + ca->inMetaValues->ipHeaderSize; + const ULONG headerSize = ca->inbound + ? ca->inMetaValues->transportHeaderSize + ca->inMetaValues->ipHeaderSize + : 0; - return header_size + data_length; + return headerSize + dataSize; } inline static PFORT_FLOW_PACKET fort_shaper_packet_new(void)