2001-03-25 12:05:10 +00:00
|
|
|
/* lint -save -library Flexelint comment for external headers */
|
|
|
|
|
2001-06-04 15:09:51 +00:00
|
|
|
/*-
|
2017-11-27 15:23:17 +00:00
|
|
|
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
|
|
|
|
*
|
2001-11-03 11:34:09 +00:00
|
|
|
* Copyright (c) 2001 Charles Mott <cm@linktel.net>
|
2001-06-04 15:09:51 +00:00
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* $FreeBSD$
|
|
|
|
*/
|
|
|
|
|
Summer of Code 2005: improve libalias - part 1 of 2
With the first part of my previous Summer of Code work, we get:
-made libalias modular:
-support for 'particular' protocols (like ftp/irc/etcetc) is no more
hardcoded inside libalias, but it's available through external
modules loadable at runtime
-modules are available both in kernel (/boot/kernel/alias_*.ko) and
user land (/lib/libalias_*)
-protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp,
skinny and smedia
-added logging support for kernel side
-cleanup
After a buildworld, do a 'mergemaster -i' to install the file libalias.conf
in /etc or manually copy it.
During startup (and after every HUP signal) user land applications running
the new libalias will try to read a file in /etc called libalias.conf:
that file contains the list of modules to load.
User land applications affected by this commit are ppp and natd:
if libalias.conf is present in /etc you won't notice any difference.
The only kernel land bit affected by this commit is ng_nat:
if you are using ng_nat, and it doesn't correctly handle
ftp/irc/etcetc sessions anymore, remember to kldload
the correspondent module (i.e. kldload alias_ftp).
General information and details about the inner working are available
in the libalias man page under the section 'MODULAR ARCHITECTURE
(AND ipfw(4) SUPPORT)'.
NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat
support will be part of the next libalias-related commit.
Approved by: glebius
Reviewed by: glebius, ru
2006-09-26 23:26:53 +00:00
|
|
|
/*
|
2001-03-25 12:05:10 +00:00
|
|
|
* Alias.h defines the outside world interfaces for the packet aliasing
|
|
|
|
* software.
|
2002-07-01 11:19:40 +00:00
|
|
|
*
|
2001-03-25 12:05:10 +00:00
|
|
|
* This software is placed into the public domain with no restrictions on its
|
|
|
|
* distribution.
|
|
|
|
*/
|
1997-05-23 04:41:31 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
#ifndef _ALIAS_H_
|
|
|
|
#define _ALIAS_H_
|
1997-05-23 04:41:31 +00:00
|
|
|
|
Summer of Code 2005: improve libalias - part 1 of 2
With the first part of my previous Summer of Code work, we get:
-made libalias modular:
-support for 'particular' protocols (like ftp/irc/etcetc) is no more
hardcoded inside libalias, but it's available through external
modules loadable at runtime
-modules are available both in kernel (/boot/kernel/alias_*.ko) and
user land (/lib/libalias_*)
-protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp,
skinny and smedia
-added logging support for kernel side
-cleanup
After a buildworld, do a 'mergemaster -i' to install the file libalias.conf
in /etc or manually copy it.
During startup (and after every HUP signal) user land applications running
the new libalias will try to read a file in /etc called libalias.conf:
that file contains the list of modules to load.
User land applications affected by this commit are ppp and natd:
if libalias.conf is present in /etc you won't notice any difference.
The only kernel land bit affected by this commit is ng_nat:
if you are using ng_nat, and it doesn't correctly handle
ftp/irc/etcetc sessions anymore, remember to kldload
the correspondent module (i.e. kldload alias_ftp).
General information and details about the inner working are available
in the libalias man page under the section 'MODULAR ARCHITECTURE
(AND ipfw(4) SUPPORT)'.
NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat
support will be part of the next libalias-related commit.
Approved by: glebius
Reviewed by: glebius, ru
2006-09-26 23:26:53 +00:00
|
|
|
#include <netinet/in_systm.h>
|
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <netinet/ip.h>
|
|
|
|
|
|
|
|
#define LIBALIAS_BUF_SIZE 128
|
2005-05-05 21:53:17 +00:00
|
|
|
#ifdef _KERNEL
|
|
|
|
/*
|
|
|
|
* The kernel version of libalias does not support these features.
|
|
|
|
*/
|
|
|
|
#define NO_FW_PUNCH
|
|
|
|
#define NO_USE_SOCKETS
|
|
|
|
#endif
|
|
|
|
|
2004-01-17 10:52:21 +00:00
|
|
|
/*
|
|
|
|
* The external interface to libalias, the packet aliasing engine.
|
|
|
|
*
|
|
|
|
* There are two sets of functions:
|
|
|
|
*
|
|
|
|
* PacketAlias*() the old API which doesn't take an instance pointer
|
|
|
|
* and therefore can only have one packet engine at a time.
|
|
|
|
*
|
2004-03-16 21:30:41 +00:00
|
|
|
* LibAlias*() the new API which takes as first argument a pointer to
|
2004-01-17 10:52:21 +00:00
|
|
|
* the instance of the packet aliasing engine.
|
|
|
|
*
|
|
|
|
* The functions otherwise correspond to each other one for one, except
|
2004-03-16 21:30:41 +00:00
|
|
|
* for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
|
2004-01-17 10:52:21 +00:00
|
|
|
* were misnamed in the old API.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The instance structure
|
|
|
|
*/
|
|
|
|
struct libalias;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* An anonymous structure, a pointer to which is returned from
|
|
|
|
* PacketAliasRedirectAddr(), PacketAliasRedirectPort() or
|
|
|
|
* PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
|
|
|
|
* and freed by PacketAliasRedirectDelete().
|
|
|
|
*/
|
2004-03-16 21:30:41 +00:00
|
|
|
struct alias_link;
|
2004-01-17 10:52:21 +00:00
|
|
|
|
|
|
|
/* Initialization and control functions. */
|
2004-03-16 21:30:41 +00:00
|
|
|
struct libalias *LibAliasInit(struct libalias *);
|
|
|
|
void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
|
|
|
|
void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
|
|
|
|
void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
|
2004-01-17 10:52:21 +00:00
|
|
|
unsigned int
|
2004-03-16 21:30:41 +00:00
|
|
|
LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
|
|
|
|
void LibAliasUninit(struct libalias *);
|
2004-01-17 10:52:21 +00:00
|
|
|
|
|
|
|
/* Packet Handling functions. */
|
2004-03-16 21:30:41 +00:00
|
|
|
int LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize);
|
|
|
|
int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
|
2004-07-04 12:53:07 +00:00
|
|
|
int LibAliasOutTry(struct libalias *, char *_ptr, int _maxpacketsize, int _create);
|
2004-03-16 21:30:41 +00:00
|
|
|
int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
|
2004-01-17 10:52:21 +00:00
|
|
|
|
|
|
|
/* Port and address redirection functions. */
|
|
|
|
|
2004-03-16 21:30:41 +00:00
|
|
|
int
|
2004-07-05 11:10:57 +00:00
|
|
|
LibAliasAddServer(struct libalias *, struct alias_link *_lnk,
|
2004-03-16 21:30:41 +00:00
|
|
|
struct in_addr _addr, unsigned short _port);
|
2004-01-17 10:52:21 +00:00
|
|
|
struct alias_link *
|
2004-03-16 21:30:41 +00:00
|
|
|
LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
|
|
|
|
struct in_addr _alias_addr);
|
2004-07-05 11:10:57 +00:00
|
|
|
int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk);
|
|
|
|
void LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk);
|
2004-01-17 10:52:21 +00:00
|
|
|
struct alias_link *
|
2004-03-16 21:30:41 +00:00
|
|
|
LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
|
|
|
|
unsigned short _src_port, struct in_addr _dst_addr,
|
|
|
|
unsigned short _dst_port, struct in_addr _alias_addr,
|
|
|
|
unsigned short _alias_port, unsigned char _proto);
|
2004-01-17 10:52:21 +00:00
|
|
|
struct alias_link *
|
2004-03-16 21:30:41 +00:00
|
|
|
LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
|
|
|
|
struct in_addr _dst_addr, struct in_addr _alias_addr,
|
|
|
|
unsigned char _proto);
|
2004-01-17 10:52:21 +00:00
|
|
|
|
|
|
|
/* Fragment Handling functions. */
|
2004-03-16 21:30:41 +00:00
|
|
|
void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
|
|
|
|
char *LibAliasGetFragment(struct libalias *, char *_ptr);
|
|
|
|
int LibAliasSaveFragment(struct libalias *, char *_ptr);
|
2004-01-17 10:52:21 +00:00
|
|
|
|
|
|
|
/* Miscellaneous functions. */
|
2004-03-16 21:30:41 +00:00
|
|
|
int LibAliasCheckNewLink(struct libalias *);
|
2004-01-17 10:52:21 +00:00
|
|
|
unsigned short
|
2004-03-16 21:30:41 +00:00
|
|
|
LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
|
|
|
|
void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
|
2004-01-17 10:52:21 +00:00
|
|
|
|
|
|
|
/* Transparent proxying routines. */
|
2004-03-16 21:30:41 +00:00
|
|
|
int LibAliasProxyRule(struct libalias *, const char *_cmd);
|
2004-01-17 10:52:21 +00:00
|
|
|
|
Summer of Code 2005: improve libalias - part 1 of 2
With the first part of my previous Summer of Code work, we get:
-made libalias modular:
-support for 'particular' protocols (like ftp/irc/etcetc) is no more
hardcoded inside libalias, but it's available through external
modules loadable at runtime
-modules are available both in kernel (/boot/kernel/alias_*.ko) and
user land (/lib/libalias_*)
-protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp,
skinny and smedia
-added logging support for kernel side
-cleanup
After a buildworld, do a 'mergemaster -i' to install the file libalias.conf
in /etc or manually copy it.
During startup (and after every HUP signal) user land applications running
the new libalias will try to read a file in /etc called libalias.conf:
that file contains the list of modules to load.
User land applications affected by this commit are ppp and natd:
if libalias.conf is present in /etc you won't notice any difference.
The only kernel land bit affected by this commit is ng_nat:
if you are using ng_nat, and it doesn't correctly handle
ftp/irc/etcetc sessions anymore, remember to kldload
the correspondent module (i.e. kldload alias_ftp).
General information and details about the inner working are available
in the libalias man page under the section 'MODULAR ARCHITECTURE
(AND ipfw(4) SUPPORT)'.
NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat
support will be part of the next libalias-related commit.
Approved by: glebius
Reviewed by: glebius, ru
2006-09-26 23:26:53 +00:00
|
|
|
/* Module handling API */
|
|
|
|
int LibAliasLoadModule(char *);
|
|
|
|
int LibAliasUnLoadAllModule(void);
|
|
|
|
int LibAliasRefreshModules(void);
|
2004-01-17 10:52:21 +00:00
|
|
|
|
2006-12-01 16:27:11 +00:00
|
|
|
/* Mbuf helper function. */
|
|
|
|
struct mbuf *m_megapullup(struct mbuf *, int);
|
|
|
|
|
2004-01-17 10:52:21 +00:00
|
|
|
/*
|
|
|
|
* Mode flags and other constants.
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/* Mode flags, set using PacketAliasSetMode() */
|
1997-05-23 04:41:31 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_LOG is set, a message will be printed to /var/log/alias.log
|
|
|
|
* every time a link is created or deleted. This is useful for debugging.
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_LOG 0x01
|
1997-08-03 18:20:03 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_DENY_INCOMING is set, then incoming connections (e.g. to ftp,
|
|
|
|
* telnet or web servers will be prevented by the aliasing mechanism.
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_DENY_INCOMING 0x02
|
1997-08-03 18:20:03 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_SAME_PORTS is set, packets will be attempted sent from the
|
|
|
|
* same port as they originated on. This allows e.g. rsh to work *99% of the
|
|
|
|
* time*, but _not_ 100% (it will be slightly flakey instead of not working
|
|
|
|
* at all). This mode bit is set by PacketAliasInit(), so it is a default
|
|
|
|
* mode of operation.
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_SAME_PORTS 0x04
|
1998-01-09 21:13:35 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_USE_SOCKETS is set, then when partially specified links (e.g.
|
|
|
|
* destination port and/or address is zero), the packet aliasing engine will
|
|
|
|
* attempt to allocate a socket for the aliasing port it chooses. This will
|
|
|
|
* avoid interference with the host machine. Fully specified links do not
|
|
|
|
* require this. This bit is set after a call to PacketAliasInit(), so it is
|
|
|
|
* a default mode of operation.
|
|
|
|
*/
|
2005-05-05 20:25:12 +00:00
|
|
|
#ifndef NO_USE_SOCKETS
|
2001-03-25 12:05:10 +00:00
|
|
|
#define PKT_ALIAS_USE_SOCKETS 0x08
|
2005-05-05 20:25:12 +00:00
|
|
|
#endif
|
2001-03-25 12:05:10 +00:00
|
|
|
/*-
|
|
|
|
* If PKT_ALIAS_UNREGISTERED_ONLY is set, then only packets with
|
|
|
|
* unregistered source addresses will be aliased. Private
|
|
|
|
* addresses are those in the following ranges:
|
|
|
|
*
|
|
|
|
* 10.0.0.0 -> 10.255.255.255
|
|
|
|
* 172.16.0.0 -> 172.31.255.255
|
|
|
|
* 192.168.0.0 -> 192.168.255.255
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_UNREGISTERED_ONLY 0x10
|
1997-08-03 18:20:03 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_RESET_ON_ADDR_CHANGE is set, then the table of dynamic
|
|
|
|
* aliasing links will be reset whenever PacketAliasSetAddress() changes the
|
|
|
|
* default aliasing address. If the default aliasing address is left
|
|
|
|
* unchanged by this function call, then the table of dynamic aliasing links
|
|
|
|
* will be left intact. This bit is set after a call to PacketAliasInit().
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_RESET_ON_ADDR_CHANGE 0x20
|
1997-08-03 18:20:03 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_PROXY_ONLY is set, then NAT will be disabled and only
|
|
|
|
* transparent proxying is performed.
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_PROXY_ONLY 0x40
|
1998-01-09 21:13:35 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_REVERSE is set, the actions of PacketAliasIn() and
|
|
|
|
* PacketAliasOut() are reversed.
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_REVERSE 0x80
|
1999-02-27 02:16:01 +00:00
|
|
|
|
2011-06-14 12:06:38 +00:00
|
|
|
#ifndef NO_FW_PUNCH
|
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_PUNCH_FW is set, active FTP and IRC DCC connections will
|
|
|
|
* create a 'hole' in the firewall to allow the transfers to work. The
|
|
|
|
* ipfw rule number that the hole is created with is controlled by
|
|
|
|
* PacketAliasSetFWBase(). The hole will be attached to that
|
|
|
|
* particular alias_link, so when the link goes away the hole is deleted.
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_PUNCH_FW 0x100
|
|
|
|
#endif
|
|
|
|
|
2011-06-14 13:35:24 +00:00
|
|
|
/*
|
|
|
|
* If PKT_ALIAS_SKIP_GLOBAL is set, nat instance is not checked for matching
|
|
|
|
* states in 'ipfw nat global' rule.
|
|
|
|
*/
|
|
|
|
#define PKT_ALIAS_SKIP_GLOBAL 0x200
|
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/* Function return codes. */
|
|
|
|
#define PKT_ALIAS_ERROR -1
|
|
|
|
#define PKT_ALIAS_OK 1
|
|
|
|
#define PKT_ALIAS_IGNORED 2
|
|
|
|
#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3
|
|
|
|
#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4
|
1999-02-27 02:16:01 +00:00
|
|
|
|
2004-03-16 21:30:41 +00:00
|
|
|
#endif /* !_ALIAS_H_ */
|
1997-05-23 04:41:31 +00:00
|
|
|
|
2001-03-25 12:05:10 +00:00
|
|
|
/* lint -restore */
|