From f8b3dca6f542474772a61b8650794a661641e875 Mon Sep 17 00:00:00 2001
From: bol-van <none@none.none>
Date: Tue, 12 Nov 2024 10:23:42 +0300
Subject: [PATCH] nfqws: optimize code

---
 nfq/desync.c   | 57 +++++++++++++++++++++++++-------------------------
 nfq/nfqws.c    | 12 +++++------
 nfq/params.h   |  4 ++--
 nfq/protocol.c |  4 ++--
 nfq/protocol.h |  8 +++----
 5 files changed, 42 insertions(+), 43 deletions(-)

diff --git a/nfq/desync.c b/nfq/desync.c
index 1129ef9..f54d6eb 100644
--- a/nfq/desync.c
+++ b/nfq/desync.c
@@ -1118,7 +1118,7 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 			DLOG("dpi desync src=%s dst=%s\n",s1,s2);
 		}
 
-		const struct split_pos *spos;
+		const struct proto_pos *spos;
 		switch(l7proto)
 		{
 			case HTTP:
@@ -1152,6 +1152,27 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 				else
 					DLOG("all multisplit pos are outside of this packet\n");
 			}
+			if (multisplit_count)
+			{
+				int j;
+				for (i=j=0;i<multisplit_count;i++)
+				{
+					multisplit_pos[j]=pos_normalize(multisplit_pos[i],reasm_offset,dis->len_payload);
+					if (multisplit_pos[j]) j++;
+				}
+				multisplit_count=j;
+				if (params.debug)
+				{
+					if (multisplit_count)
+					{
+						DLOG("normalized multisplit pos: ");
+						for (i=0;i<multisplit_count;i++) DLOG("%zu ",multisplit_pos[i]);
+						DLOG("\n");
+					}
+					else
+						DLOG("all multisplit pos are outside of this packet\n");
+				}
+			}
 		}
 		else if (dp->desync_mode==DESYNC_SPLIT || dp->desync_mode==DESYNC_SPLIT2 || dp->desync_mode==DESYNC_DISORDER || dp->desync_mode==DESYNC_DISORDER2 ||
 			dp->desync_mode2==DESYNC_SPLIT || dp->desync_mode2==DESYNC_SPLIT2 || dp->desync_mode2==DESYNC_DISORDER || dp->desync_mode2==DESYNC_DISORDER2)
@@ -1159,6 +1180,12 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 			multisplit_count=0;
 			split_pos = ResolvePos(rdata_payload, rlen_payload, l7proto, spos);
 			DLOG("regular split pos: %zu\n",split_pos);
+			if (!split_pos || split_pos>rlen_payload) split_pos=1;
+			split_pos=pos_normalize(split_pos,reasm_offset,dis->len_payload);
+			if (split_pos)
+				DLOG("normalized regular split pos : %zu\n",split_pos);
+			else
+				DLOG("regular split pos is outside of this packet\n");
 		}
 		else
 		{
@@ -1170,34 +1197,6 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 		reasm_orig_cancel(ctrack);
 		rdata_payload=NULL;
 
-		if (!split_pos || split_pos>rlen_payload) split_pos=1;
-		split_pos=pos_normalize(split_pos,reasm_offset,dis->len_payload);
-		if (split_pos)
-			DLOG("normalized regular split pos : %zu\n",split_pos);
-		else
-			DLOG("regular split pos is outside of this packet\n");
-		if (multisplit_count)
-		{
-			int j;
-			for (i=j=0;i<multisplit_count;i++)
-			{
-				multisplit_pos[j]=pos_normalize(multisplit_pos[i],reasm_offset,dis->len_payload);
-				if (multisplit_pos[j]) j++;
-			}
-			multisplit_count=j;
-			if (params.debug)
-			{
-				if (multisplit_count)
-				{
-					DLOG("normalized multisplit pos: ");
-					for (i=0;i<multisplit_count;i++) DLOG("%zu ",multisplit_pos[i]);
-					DLOG("\n");
-				}
-				else
-					DLOG("all multisplit pos are outside of this packet\n");
-			}
-		}
-
 		uint32_t fooling_orig = FOOL_NONE;
 		bool bFake = false;
 		pkt1_len = sizeof(pkt1);
diff --git a/nfq/nfqws.c b/nfq/nfqws.c
index 317a5ad..f2dc4fc 100644
--- a/nfq/nfqws.c
+++ b/nfq/nfqws.c
@@ -726,7 +726,7 @@ static bool wf_make_l3(char *opt, bool *ipv4, bool *ipv6)
 	return true;
 }
 
-static bool parse_httpreqpos(const char *s, struct split_pos *sp)
+static bool parse_httpreqpos(const char *s, struct proto_pos *sp)
 {
 	if (!strcmp(s, "method"))
 	{
@@ -742,7 +742,7 @@ static bool parse_httpreqpos(const char *s, struct split_pos *sp)
 		return false;
 	return true;
 }
-static bool parse_tlspos(const char *s, struct split_pos *sp)
+static bool parse_tlspos(const char *s, struct proto_pos *sp)
 {
 	if (!strcmp(s, "sni"))
 	{
@@ -794,7 +794,7 @@ static bool parse_posmarker(const char *opt, uint8_t *posmarker)
 		return false;
 	return true;
 }
-static bool parse_split_pos(char *opt, struct split_pos *split)
+static bool parse_split_pos(char *opt, struct proto_pos *split)
 {
 	if (parse_int16(opt,&split->pos))
 	{
@@ -818,7 +818,7 @@ static bool parse_split_pos(char *opt, struct split_pos *split)
 	}
 	return true;
 }
-static bool parse_split_pos_list(char *opt, struct split_pos *splits, int splits_size, int *split_count)
+static bool parse_split_pos_list(char *opt, struct proto_pos *splits, int splits_size, int *split_count)
 {
 	char c,*e,*p;
 
@@ -850,7 +850,7 @@ static void split_compat(struct desync_profile *dp)
 			break;
 		}
 	}
-	if (SPLIT_POS_EMPTY(&dp->split_http))
+	if (PROTO_POS_EMPTY(&dp->split_http))
 	{
 		dp->split_http=dp->split_unknown;
 		for (i=0;i<dp->split_count;i++)
@@ -860,7 +860,7 @@ static void split_compat(struct desync_profile *dp)
 				break;
 			}
 	}
-	if (SPLIT_POS_EMPTY(&dp->split_tls))
+	if (PROTO_POS_EMPTY(&dp->split_tls))
 	{
 		dp->split_tls=dp->split_unknown;
 		for (i=0;i<dp->split_count;i++)
diff --git a/nfq/params.h b/nfq/params.h
index a224ae0..8f5151d 100644
--- a/nfq/params.h
+++ b/nfq/params.h
@@ -58,10 +58,10 @@ struct desync_profile
 	unsigned int desync_repeats,desync_seqovl,desync_ipfrag_pos_tcp,desync_ipfrag_pos_udp;
 
 	// multisplit
-	struct split_pos splits[MAX_SPLITS];
+	struct proto_pos splits[MAX_SPLITS];
 	int split_count;
 	// single split pos cache
-	struct split_pos split_http,split_tls,split_unknown;
+	struct proto_pos split_http,split_tls,split_unknown;
 
 	char desync_start_mode, desync_cutoff_mode; // n - packets, d - data packets, s - relative sequence
 	unsigned int desync_start, desync_cutoff;
diff --git a/nfq/protocol.c b/nfq/protocol.c
index 67a0ff9..fd280f4 100644
--- a/nfq/protocol.c
+++ b/nfq/protocol.c
@@ -125,7 +125,7 @@ static size_t HostPos(uint8_t posmarker, int16_t pos, const uint8_t *data, size_
 	}
 	return CheckPos(sz,offset);
 }
-size_t ResolvePos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct split_pos *sp)
+size_t ResolvePos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct proto_pos *sp)
 {
 	switch(l7proto)
 	{
@@ -137,7 +137,7 @@ size_t ResolvePos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struc
 			return AnyProtoPos(sp->marker, sp->pos, data, sz);
 	}
 }
-void ResolveMultiPos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct split_pos *splits, int split_count, size_t *pos, int *pos_count)
+void ResolveMultiPos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct proto_pos *splits, int split_count, size_t *pos, int *pos_count)
 {
 	int i,j;
 	for(i=j=0;i<split_count;i++)
diff --git a/nfq/protocol.h b/nfq/protocol.h
index f25ce04..4fdbe46 100644
--- a/nfq/protocol.h
+++ b/nfq/protocol.h
@@ -26,19 +26,19 @@ bool l7_proto_match(t_l7proto l7proto, uint32_t filter_l7);
 #define PM_HOST_ENDSLD	5
 #define PM_HTTP_METHOD	6
 #define PM_SNI_EXT	7
-struct split_pos
+struct proto_pos
 {
 	int16_t pos;
 	uint8_t marker;
 };
-#define SPLIT_POS_EMPTY(sp) ((sp)->marker==PM_ABS && (sp)->pos==0)
+#define PROTO_POS_EMPTY(sp) ((sp)->marker==PM_ABS && (sp)->pos==0)
 bool IsHostMarker(uint8_t posmarker);
 const char *posmarker_name(uint8_t posmarker);
 size_t AnyProtoPos(uint8_t posmarker, int16_t pos, const uint8_t *data, size_t sz);
 size_t HttpPos(uint8_t posmarker, int16_t pos, const uint8_t *data, size_t sz);
 size_t TLSPos(uint8_t posmarker, int16_t pos, const uint8_t *data, size_t sz);
-size_t ResolvePos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct split_pos *sp);
-void ResolveMultiPos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct split_pos *splits, int split_count, size_t *pos, int *pos_count);
+size_t ResolvePos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct proto_pos *sp);
+void ResolveMultiPos(const uint8_t *data, size_t sz, t_l7proto l7proto, const struct proto_pos *splits, int split_count, size_t *pos, int *pos_count);
 
 extern const char *http_methods[9];
 const char *HttpMethod(const uint8_t *data, size_t len);