d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libalias: Style cleanup

Browse Source 
libalias is a convolut of various coding styles modified by a series
of different editors enforcing interesting convetions on spacing and
comments.

This patch is a baseline to start with a perfomance rework of
libalias.  Upcoming patches should be focus on the code, not on the
style.  That's why most annoying style errors should be fixed
beforehand.

Reviewed by:	hselasky
Discussed by:	emaste
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D30259
This commit is contained in:
Lutz Donnerhacke 2021-05-14 15:08:08 +02:00
parent 91f251b2ab
commit effc8e57fb
16 changed files with 970 additions and 1095 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

379
sys/netinet/libalias/alias.c
View File

@ -146,7 +146,7 @@ __FBSDID("$FreeBSD$");
#include "alias_mod.h"
#endif
/*
/*
* Define libalias SYSCTL Node
*/
#ifdef SYSCTL_NODE
@ -192,7 +192,6 @@ static void TcpMonitorOut(u_char, struct alias_link *);
static void
TcpMonitorIn(u_char th_flags, struct alias_link *lnk)
{
switch (GetStateIn(lnk)) {
case ALIAS_TCP_STATE_NOT_CONNECTED:
if (th_flags & TH_RST)
@ -210,7 +209,6 @@ TcpMonitorIn(u_char th_flags, struct alias_link *lnk)
static void
TcpMonitorOut(u_char th_flags, struct alias_link *lnk)
{
switch (GetStateOut(lnk)) {
case ALIAS_TCP_STATE_NOT_CONNECTED:
if (th_flags & TH_RST)
@ -285,21 +283,20 @@ static int UdpAliasOut(struct libalias *, struct ip *, int, int create);
static int TcpAliasIn(struct libalias *, struct ip *);
static int TcpAliasOut(struct libalias *, struct ip *, int, int create);
static int
IcmpAliasIn1(struct libalias *la, struct ip *pip)
{
LIBALIAS_LOCK_ASSERT(la);
/*
De-alias incoming echo and timestamp replies.
Alias incoming echo and timestamp requests.
*/
static int
IcmpAliasIn1(struct libalias *la, struct ip *pip)
{
LIBALIAS_LOCK_ASSERT(la);
struct alias_link *lnk;
struct icmp *ic;
ic = (struct icmp *)ip_next(pip);
/* Get source address from ICMP data field and restore original data */
/* Get source address from ICMP data field and restore original data */
lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
if (lnk != NULL) {
u_short original_id;
@ -307,15 +304,15 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
original_id = GetOriginalPort(lnk);
/* Adjust ICMP checksum */
/* Adjust ICMP checksum */
accumulate = ic->icmp_id;
accumulate -= original_id;
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/* Put original sequence number back in */
/* Put original sequence number back in */
ic->icmp_id = original_id;
/* Put original address back into IP header */
/* Put original address back into IP header */
{
struct in_addr original_address;
@ -330,15 +327,14 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
return (PKT_ALIAS_IGNORED);
}
static int
IcmpAliasIn2(struct libalias *la, struct ip *pip)
{
LIBALIAS_LOCK_ASSERT(la);
/*
Alias incoming ICMP error messages containing
IP header and first 64 bits of datagram.
*/
static int
IcmpAliasIn2(struct libalias *la, struct ip *pip)
{
LIBALIAS_LOCK_ASSERT(la);
struct ip *ip;
struct icmp *ic, *ic2;
struct udphdr *ud;
@ -377,7 +373,7 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
original_address = GetOriginalAddress(lnk);
original_port = GetOriginalPort(lnk);
/* Adjust ICMP checksum */
/* Adjust ICMP checksum */
accumulate = twowords(&ip->ip_src);
accumulate -= twowords(&original_address);
accumulate += ud->uh_sport;
@ -388,13 +384,14 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
accumulate2 -= ip->ip_sum;
ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
/* Un-alias address in IP header */
/* Un-alias address in IP header */
DifferentialChecksum(&pip->ip_sum,
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
/* Un-alias address and port number of original IP packet
fragment contained in ICMP data section */
/* Un-alias address and port number of
* original IP packet fragment contained
* in ICMP data section */
ip->ip_src = original_address;
ud->uh_sport = original_port;
} else if (ip->ip_p == IPPROTO_ICMP) {
@ -405,7 +402,7 @@ fragment contained in ICMP data section */
original_address = GetOriginalAddress(lnk);
original_id = GetOriginalPort(lnk);
/* Adjust ICMP checksum */
/* Adjust ICMP checksum */
accumulate = twowords(&ip->ip_src);
accumulate -= twowords(&original_address);
accumulate += ic2->icmp_id;
@ -416,13 +413,13 @@ fragment contained in ICMP data section */
accumulate2 -= ip->ip_sum;
ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
/* Un-alias address in IP header */
/* Un-alias address in IP header */
DifferentialChecksum(&pip->ip_sum,
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
/* Un-alias address of original IP packet and sequence number of
embedded ICMP datagram */
/* Un-alias address of original IP packet and
* sequence number of embedded ICMP datagram */
ip->ip_src = original_address;
ic2->icmp_id = original_id;
}
@ -444,7 +441,7 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
if (dlen < ICMP_MINLEN)
return (PKT_ALIAS_IGNORED);
/* Return if proxy-only mode is enabled */
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@ -475,20 +472,20 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
return (iresult);
}
static int
IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
{
/*
Alias outgoing echo and timestamp requests.
De-alias outgoing echo and timestamp replies.
*/
static int
IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
{
struct alias_link *lnk;
struct icmp *ic;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
/* Save overwritten data for when echo packet returns */
/* Save overwritten data for when echo packet returns */
lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create);
if (lnk != NULL) {
u_short alias_id;
@ -496,15 +493,15 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
alias_id = GetAliasPort(lnk);
/* Since data field is being modified, adjust ICMP checksum */
/* Since data field is being modified, adjust ICMP checksum */
accumulate = ic->icmp_id;
accumulate -= alias_id;
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/* Alias sequence number */
/* Alias sequence number */
ic->icmp_id = alias_id;
/* Change source address */
/* Change source address */
{
struct in_addr alias_address;
@ -519,13 +516,13 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
return (PKT_ALIAS_IGNORED);
}
static int
IcmpAliasOut2(struct libalias *la, struct ip *pip)
{
/*
Alias outgoing ICMP error messages containing
IP header and first 64 bits of datagram.
*/
static int
IcmpAliasOut2(struct libalias *la, struct ip *pip)
{
struct ip *ip;
struct icmp *ic, *ic2;
struct udphdr *ud;
@ -565,24 +562,24 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip)
alias_address = GetAliasAddress(lnk);
alias_port = GetAliasPort(lnk);
/* Adjust ICMP checksum */
/* Adjust ICMP checksum */
accumulate = twowords(&ip->ip_dst);
accumulate -= twowords(&alias_address);
accumulate += ud->uh_dport;
accumulate -= alias_port;
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/*
* Alias address in IP header if it comes from the host
* the original TCP/UDP packet was destined for.
*/
/*
* Alias address in IP header if it comes from the host
* the original TCP/UDP packet was destined for.
*/
if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
DifferentialChecksum(&pip->ip_sum,
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
}
/* Alias address and port number of original IP packet
fragment contained in ICMP data section */
/* Alias address and port number of original IP packet
* fragment contained in ICMP data section */
ip->ip_dst = alias_address;
ud->uh_dport = alias_port;
} else if (ip->ip_p == IPPROTO_ICMP) {
@ -593,24 +590,24 @@ fragment contained in ICMP data section */
alias_address = GetAliasAddress(lnk);
alias_id = GetAliasPort(lnk);
/* Adjust ICMP checksum */
/* Adjust ICMP checksum */
accumulate = twowords(&ip->ip_dst);
accumulate -= twowords(&alias_address);
accumulate += ic2->icmp_id;
accumulate -= alias_id;
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/*
* Alias address in IP header if it comes from the host
* the original ICMP message was destined for.
*/
/*
* Alias address in IP header if it comes from the host
* the original ICMP message was destined for.
*/
if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
DifferentialChecksum(&pip->ip_sum,
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
}
/* Alias address of original IP packet and sequence number of
embedded ICMP datagram */
/* Alias address of original IP packet and
* sequence number of embedded ICMP datagram */
ip->ip_dst = alias_address;
ic2->icmp_id = alias_id;
}
@ -628,7 +625,7 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create)
LIBALIAS_LOCK_ASSERT(la);
(void)create;
/* Return if proxy-only mode is enabled */
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@ -655,20 +652,20 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create)
return (iresult);
}
static int
ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
struct ip *pip, u_char ip_p, u_short *ip_sum)
{
/*
Handle incoming IP packets. The
only thing which is done in this case is to alias
the dest IP address of the packet to our inside
machine.
*/
static int
ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
struct ip *pip, u_char ip_p, u_short *ip_sum)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled */
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@ -678,7 +675,7 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
original_address = GetOriginalAddress(lnk);
/* Restore original IP address */
/* Restore original IP address */
DifferentialChecksum(ip_sum,
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
@ -688,20 +685,20 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
return (PKT_ALIAS_IGNORED);
}
static int
ProtoAliasOut(struct libalias *la, struct ip *pip,
struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create)
{
/*
Handle outgoing IP packets. The
only thing which is done in this case is to alias
the source IP address of the packet.
*/
static int
ProtoAliasOut(struct libalias *la, struct ip *pip,
struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled */
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@ -714,7 +711,7 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
alias_address = GetAliasAddress(lnk);
/* Change source address */
/* Change source address */
DifferentialChecksum(ip_sum,
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
@ -753,8 +750,8 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
int accumulate;
int error;
struct alias_data ad = {
.lnk = lnk,
.oaddr = &original_address,
.lnk = lnk,
.oaddr = &original_address,
.aaddr = &alias_address,
.aport = &alias_port,
.sport = &ud->uh_sport,
@ -769,46 +766,48 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
ud->uh_dport = GetOriginalPort(lnk);
proxy_port = GetProxyPort(lnk);
/* Walk out chain. */
/* Walk out chain. */
error = find_handler(IN, UDP, la, pip, &ad);
/* If we cannot figure out the packet, ignore it. */
if (error < 0)
return (PKT_ALIAS_IGNORED);
/* If UDP checksum is not zero, then adjust since destination port */
/* is being unaliased and destination address is being altered. */
/* If UDP checksum is not zero, then adjust since
* destination port is being unaliased and
* destination address is being altered. */
if (ud->uh_sum != 0) {
accumulate = alias_port;
accumulate -= ud->uh_dport;
accumulate += twowords(&alias_address);
accumulate -= twowords(&original_address);
/* If this is a proxy packet, modify checksum because of source change.*/
if (proxy_port != 0) {
accumulate += ud->uh_sport;
accumulate -= proxy_port;
}
/* If this is a proxy packet, modify checksum
* because of source change.*/
if (proxy_port != 0) {
accumulate += ud->uh_sport;
accumulate -= proxy_port;
}
if (proxy_address.s_addr != 0) {
if (proxy_address.s_addr != 0) {
accumulate += twowords(&pip->ip_src);
accumulate -= twowords(&proxy_address);
}
}
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
}
/* XXX: Could the two if's below be concatenated to one ? */
/* Restore source port and/or address in case of proxying*/
if (proxy_port != 0)
ud->uh_sport = proxy_port;
/* XXX: Could the two if's below be concatenated to one ? */
/* Restore source port and/or address in case of proxying*/
if (proxy_port != 0)
ud->uh_sport = proxy_port;
if (proxy_address.s_addr != 0) {
DifferentialChecksum(&pip->ip_sum,
&proxy_address, &pip->ip_src, 2);
pip->ip_src = proxy_address;
}
if (proxy_address.s_addr != 0) {
DifferentialChecksum(&pip->ip_sum,
&proxy_address, &pip->ip_src, 2);
pip->ip_src = proxy_address;
}
/* Restore original IP address */
/* Restore original IP address */
DifferentialChecksum(&pip->ip_sum,
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
@ -833,7 +832,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled and not proxyrule found.*/
/* Return if proxy-only mode is enabled and not proxyrule found.*/
dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
if (dlen < sizeof(struct udphdr))
return (PKT_ALIAS_IGNORED);
@ -842,34 +841,33 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
if (dlen < ntohs(ud->uh_ulen))
return (PKT_ALIAS_IGNORED);
proxy_type = ProxyCheck(la, &proxy_server_address,
&proxy_server_port, pip->ip_src, pip->ip_dst,
ud->uh_dport, pip->ip_p);
proxy_type = ProxyCheck(la, &proxy_server_address, &proxy_server_port,
pip->ip_src, pip->ip_dst, ud->uh_dport, pip->ip_p);
if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
return (PKT_ALIAS_OK);
/* If this is a transparent proxy, save original destination,
* then alter the destination and adjust checksums */
/* If this is a transparent proxy, save original destination,
* then alter the destination and adjust checksums */
dest_port = ud->uh_dport;
dest_address = pip->ip_dst;
if (proxy_type != 0) {
int accumulate;
int accumulate;
accumulate = twowords(&pip->ip_dst);
accumulate -= twowords(&proxy_server_address);
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
if (ud->uh_sum != 0) {
accumulate = twowords(&pip->ip_dst);
accumulate -= twowords(&proxy_server_address);
accumulate += ud->uh_dport;
accumulate -= proxy_server_port;
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
accumulate += ud->uh_dport;
accumulate -= proxy_server_port;
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
}
pip->ip_dst = proxy_server_address;
ud->uh_dport = proxy_server_port;
pip->ip_dst = proxy_server_address;
ud->uh_dport = proxy_server_port;
}
lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
@ -878,7 +876,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
u_short alias_port;
struct in_addr alias_address;
struct alias_data ad = {
.lnk = lnk,
.lnk = lnk,
.oaddr = NULL,
.aaddr = &alias_address,
.aport = &alias_port,
@ -887,24 +885,24 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
.maxpktsize = 0
};
/* Save original destination address, if this is a proxy packet.
* Also modify packet to include destination encoding. This may
* change the size of IP header. */
/* Save original destination address, if this is a proxy packet.
* Also modify packet to include destination encoding. This may
* change the size of IP header. */
if (proxy_type != 0) {
SetProxyPort(lnk, dest_port);
SetProxyAddress(lnk, dest_address);
ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
ud = (struct udphdr *)ip_next(pip);
}
SetProxyPort(lnk, dest_port);
SetProxyAddress(lnk, dest_address);
ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
ud = (struct udphdr *)ip_next(pip);
}
alias_address = GetAliasAddress(lnk);
alias_port = GetAliasPort(lnk);
/* Walk out chain. */
/* Walk out chain. */
error = find_handler(OUT, UDP, la, pip, &ad);
/* If UDP checksum is not zero, adjust since source port is */
/* being aliased and source address is being altered */
/* If UDP checksum is not zero, adjust since source port is */
/* being aliased and source address is being altered */
if (ud->uh_sum != 0) {
int accumulate;
@ -914,10 +912,10 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
accumulate -= twowords(&alias_address);
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
}
/* Put alias port in UDP header */
/* Put alias port in UDP header */
ud->uh_sport = alias_port;
/* Change source address */
/* Change source address */
DifferentialChecksum(&pip->ip_sum,
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
@ -953,14 +951,14 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
u_short proxy_port;
int accumulate, error;
/*
* The init of MANY vars is a bit below, but aliashandlepptpin
/*
* The init of MANY vars is a bit below, but aliashandlepptpin
* seems to need the destination port that came within the
* packet and not the original one looks below [*].
*/
struct alias_data ad = {
.lnk = lnk,
.lnk = lnk,
.oaddr = NULL,
.aaddr = NULL,
.aport = NULL,
@ -969,7 +967,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
.maxpktsize = 0
};
/* Walk out chain. */
/* Walk out chain. */
error = find_handler(IN, TCP, la, pip, &ad);
alias_address = GetAliasAddress(lnk);
@ -979,8 +977,8 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
tc->th_dport = GetOriginalPort(lnk);
proxy_port = GetProxyPort(lnk);
/*
* Look above, if anyone is going to add find_handler AFTER
/*
* Look above, if anyone is going to add find_handler AFTER
* this aliashandlepptpin/point, please redo alias_data too.
* Uncommenting the piece here below should be enough.
*/
@ -994,22 +992,22 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
.dport = &ud->uh_dport,
.maxpktsize = 0
};
/* Walk out chain. */
error = find_handler(la, pip, &ad);
if (error == EHDNOF)
printf("Protocol handler not found\n");
#endif
/* Adjust TCP checksum since destination port is being unaliased */
/* and destination port is being altered. */
/* Adjust TCP checksum since destination port is being
* unaliased and destination port is being altered. */
accumulate = alias_port;
accumulate -= tc->th_dport;
accumulate += twowords(&alias_address);
accumulate -= twowords(&original_address);
/* If this is a proxy, then modify the TCP source port and
checksum accumulation */
/* If this is a proxy, then modify the TCP source port
* and checksum accumulation */
if (proxy_port != 0) {
accumulate += tc->th_sport;
tc->th_sport = proxy_port;
@ -1017,7 +1015,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
accumulate += twowords(&pip->ip_src);
accumulate -= twowords(&proxy_address);
}
/* See if ACK number needs to be modified */
/* See if ACK number needs to be modified */
if (GetAckModified(lnk) == 1) {
int delta;
@ -1031,13 +1029,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
}
ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Restore original IP address */
/* Restore original IP address */
accumulate = twowords(&pip->ip_dst);
pip->ip_dst = original_address;
accumulate -= twowords(&pip->ip_dst);
/* If this is a transparent proxy packet, then modify the source
address */
/* If this is a transparent proxy packet,
* then modify the source address */
if (proxy_address.s_addr != 0) {
accumulate += twowords(&pip->ip_src);
pip->ip_src = proxy_address;
@ -1045,7 +1043,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
}
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
/* Monitor TCP connection state */
/* Monitor TCP connection state */
tc = (struct tcphdr *)ip_next(pip);
TcpMonitorIn(tc->th_flags, lnk);
@ -1074,8 +1072,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
tc = (struct tcphdr *)ip_next(pip);
if (create)
proxy_type = ProxyCheck(la, &proxy_server_address,
&proxy_server_port, pip->ip_src, pip->ip_dst,
proxy_type = ProxyCheck(la, &proxy_server_address,
&proxy_server_port, pip->ip_src, pip->ip_dst,
tc->th_dport, pip->ip_p);
else
proxy_type = 0;
@ -1083,8 +1081,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
return (PKT_ALIAS_OK);
/* If this is a transparent proxy, save original destination,
then alter the destination and adjust checksums */
/* If this is a transparent proxy, save original destination,
* then alter the destination and adjust checksums */
dest_port = tc->th_dport;
dest_address = pip->ip_dst;
if (proxy_type != 0) {
@ -1112,7 +1110,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
struct in_addr alias_address;
int accumulate;
struct alias_data ad = {
.lnk = lnk,
.lnk = lnk,
.oaddr = NULL,
.aaddr = &alias_address,
.aport = &alias_port,
@ -1121,38 +1119,38 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
.maxpktsize = maxpacketsize
};
/* Save original destination address, if this is a proxy packet.
Also modify packet to include destination encoding. This may
change the size of IP header. */
/* Save original destination address, if this is a proxy packet.
* Also modify packet to include destination
* encoding. This may change the size of IP header. */
if (proxy_type != 0) {
SetProxyPort(lnk, dest_port);
SetProxyAddress(lnk, dest_address);
ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
tc = (struct tcphdr *)ip_next(pip);
}
/* Get alias address and port */
/* Get alias address and port */
alias_port = GetAliasPort(lnk);
alias_address = GetAliasAddress(lnk);
/* Monitor TCP connection state */
/* Monitor TCP connection state */
tc = (struct tcphdr *)ip_next(pip);
TcpMonitorOut(tc->th_flags, lnk);
/* Walk out chain. */
/* Walk out chain. */
error = find_handler(OUT, TCP, la, pip, &ad);
/* Adjust TCP checksum since source port is being aliased */
/* and source address is being altered */
/* Adjust TCP checksum since source port is being aliased
* and source address is being altered */
accumulate = tc->th_sport;
tc->th_sport = alias_port;
accumulate -= tc->th_sport;
accumulate += twowords(&pip->ip_src);
accumulate -= twowords(&alias_address);
/* Modify sequence number if necessary */
/* Modify sequence number if necessary */
if (GetAckModified(lnk) == 1) {
int delta;
tc = (struct tcphdr *)ip_next(pip);
delta = GetDeltaSeqOut(tc->th_seq, lnk);
if (delta != 0) {
@ -1163,7 +1161,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
}
ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Change source address */
/* Change source address */
accumulate = twowords(&pip->ip_src);
pip->ip_src = alias_address;
accumulate -= twowords(&pip->ip_src);
@ -1259,7 +1257,7 @@ LibAliasSaveFragment(struct libalias *la, void *ptr)
return (iresult);
}
void *
void *
LibAliasGetFragment(struct libalias *la, void *ptr)
{
struct alias_link *lnk;
@ -1273,7 +1271,7 @@ LibAliasGetFragment(struct libalias *la, void *ptr)
GetFragmentPtr(lnk, &fptr);
SetFragmentPtr(lnk, NULL);
SetExpire(lnk, 0); /* Deletes link */
} else
} else
fptr = NULL;
LIBALIAS_UNLOCK(la);
@ -1281,11 +1279,9 @@ LibAliasGetFragment(struct libalias *la, void *ptr)
}
void
LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly
* de-aliased header
* fragment */
void *ptr_fragment /* Points to fragment which must be
* de-aliased */
LibAliasFragmentIn(struct libalias *la,
void *ptr, /* Points to correctly de-aliased header fragment */
void *ptr_fragment /* fragment which must be de-aliased */
)
{
struct ip *pip;
@ -1305,10 +1301,10 @@ LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly
/* Local prototypes */
static int
LibAliasOutLocked(struct libalias *la, struct ip *pip,
int maxpacketsize, int create);
int maxpacketsize, int create);
static int
LibAliasInLocked(struct libalias *la, struct ip *pip,
int maxpacketsize);
int maxpacketsize);
int
LibAliasIn(struct libalias *la, void *ptr, int maxpacketsize)
@ -1340,7 +1336,7 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize)
/* Defense against mangled packets */
if (ntohs(pip->ip_len) > maxpacketsize
|| (pip->ip_hl << 2) > maxpacketsize) {
iresult = PKT_ALIAS_IGNORED;
iresult = PKT_ALIAS_IGNORED;
goto getout;
}
@ -1358,30 +1354,30 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize)
break;
#ifdef _KERNEL
case IPPROTO_SCTP:
iresult = SctpAlias(la, pip, SN_TO_LOCAL);
iresult = SctpAlias(la, pip, SN_TO_LOCAL);
break;
#endif
case IPPROTO_GRE: {
case IPPROTO_GRE: {
int error;
struct alias_data ad = {
.lnk = NULL,
.oaddr = NULL,
.lnk = NULL,
.oaddr = NULL,
.aaddr = NULL,
.aport = NULL,
.sport = NULL,
.dport = NULL,
.maxpktsize = 0
.maxpktsize = 0
};
/* Walk out chain. */
/* Walk out chain. */
error = find_handler(IN, IP, la, pip, &ad);
if (error == 0)
if (error == 0)
iresult = PKT_ALIAS_OK;
else
iresult = ProtoAliasIn(la, pip->ip_src,
pip, pip->ip_p, &pip->ip_sum);
break;
}
break;
default:
iresult = ProtoAliasIn(la, pip->ip_src, pip,
pip->ip_p, &pip->ip_sum);
@ -1449,10 +1445,10 @@ LibAliasOutTry(struct libalias *la, void *ptr, int maxpacketsize, int create)
}
static int
LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */
int maxpacketsize, /* How much the packet data may grow (FTP
* and IRC inline changes) */
int create /* Create new entries ? */
LibAliasOutLocked(struct libalias *la,
struct ip *pip, /* valid IP packet */
int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline changes) */
int create /* Create new entries ? */
)
{
int iresult;
@ -1512,29 +1508,29 @@ LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */
break;
#ifdef _KERNEL
case IPPROTO_SCTP:
iresult = SctpAlias(la, pip, SN_TO_GLOBAL);
iresult = SctpAlias(la, pip, SN_TO_GLOBAL);
break;
#endif
case IPPROTO_GRE: {
int error;
struct alias_data ad = {
.lnk = NULL,
.oaddr = NULL,
.lnk = NULL,
.oaddr = NULL,
.aaddr = NULL,
.aport = NULL,
.sport = NULL,
.dport = NULL,
.maxpktsize = 0
.maxpktsize = 0
};
/* Walk out chain. */
/* Walk out chain. */
error = find_handler(OUT, IP, la, pip, &ad);
if (error == 0)
iresult = PKT_ALIAS_OK;
else
iresult = PKT_ALIAS_OK;
else
iresult = ProtoAliasOut(la, pip,
pip->ip_dst, pip->ip_p, &pip->ip_sum, create);
break;
}
break;
default:
iresult = ProtoAliasOut(la, pip,
pip->ip_dst, pip->ip_p, &pip->ip_sum, create);
@ -1550,8 +1546,9 @@ LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */
}
int
LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */
int maxpacketsize /* for error checking */
LibAliasUnaliasOut(struct libalias *la,
void *ptr, /* valid IP packet */
int maxpacketsize /* for error checking */
)
{
struct ip *pip;
@ -1623,7 +1620,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */
tc->th_sport = original_port;
iresult = PKT_ALIAS_OK;
} else if (pip->ip_p == IPPROTO_ICMP) {
int accumulate;
struct in_addr original_address;
@ -1653,7 +1649,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */
getout:
LIBALIAS_UNLOCK(la);
return (iresult);
}
#ifndef _KERNEL
@ -1673,8 +1668,8 @@ LibAliasRefreshModules(void)
for (;;) {
fgets(buf, 256, fd);
if (feof(fd))
break;
if (feof(fd))
break;
len = strlen(buf);
if (len > 1) {
for (i = 0; i < len; i++)
@ -1696,20 +1691,20 @@ LibAliasLoadModule(char *path)
struct dll *t;
void *handle;
struct proto_handler *m;
const char *error;
const char *error;
moduledata_t *p;
handle = dlopen (path, RTLD_LAZY);
if (!handle) {
handle = dlopen (path, RTLD_LAZY);
if (!handle) {
fprintf(stderr, "%s\n", dlerror());
return (EINVAL);
}
}
p = dlsym(handle, "alias_mod");
if ((error = dlerror()) != NULL) {
if ((error = dlerror()) != NULL) {
fprintf(stderr, "%s\n", dlerror());
return (EINVAL);
}
}
t = malloc(sizeof(struct dll));
if (t == NULL)
@ -1722,8 +1717,8 @@ LibAliasLoadModule(char *path)
return (EEXIST);
}
m = dlsym(t->handle, "handlers");
if ((error = dlerror()) != NULL) {
m = dlsym(t->handle, "handlers");
if ((error = dlerror()) != NULL) {
fprintf(stderr, "%s\n", error);
return (EINVAL);
}
@ -1739,10 +1734,10 @@ LibAliasUnLoadAllModule(void)
struct proto_handler *p;
/* Unload all modules then reload everything. */
while ((p = first_handler()) != NULL) {
while ((p = first_handler()) != NULL) {
LibAliasDetachHandlers(p);
}
while ((t = walk_dll_chain()) != NULL) {
while ((t = walk_dll_chain()) != NULL) {
dlclose(t->handle);
free(t);
}

44
sys/netinet/libalias/alias.h
View File

@ -46,7 +46,7 @@
#include <netinet/ip.h>
#define LIBALIAS_BUF_SIZE 128
#ifdef _KERNEL
#ifdef _KERNEL
/*
* The kernel version of libalias does not support these features.
*/
@ -89,8 +89,7 @@ void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_hi);
void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
unsigned int
LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
unsigned int LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
void LibAliasUninit(struct libalias *);
/* Packet Handling functions. */
@ -101,42 +100,37 @@ int LibAliasUnaliasOut(struct libalias *, void *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
int
LibAliasAddServer(struct libalias *, struct alias_link *_lnk,
struct in_addr _addr, unsigned short _port);
struct alias_link *
LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
struct in_addr _alias_addr);
int LibAliasAddServer(struct libalias *, struct alias_link *_lnk,
struct in_addr _addr, unsigned short _port);
struct alias_link * LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
struct in_addr _alias_addr);
int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk);
void LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk);
struct alias_link *
LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
struct alias_link *
LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
struct alias_link * LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
struct alias_link * LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
/* Fragment Handling functions. */
void LibAliasFragmentIn(struct libalias *, void *_ptr, void *_ptr_fragment);
void *LibAliasGetFragment(struct libalias *, void *_ptr);
void *LibAliasGetFragment(struct libalias *, void *_ptr);
int LibAliasSaveFragment(struct libalias *, void *_ptr);
/* Miscellaneous functions. */
int LibAliasCheckNewLink(struct libalias *);
unsigned short
LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
unsigned short LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
/* Transparent proxying routines. */
int LibAliasProxyRule(struct libalias *, const char *_cmd);
/* Module handling API */
int LibAliasLoadModule(char *);
int LibAliasUnLoadAllModule(void);
int LibAliasRefreshModules(void);
int LibAliasLoadModule(char *);
int LibAliasUnLoadAllModule(void);
int LibAliasRefreshModules(void);
/* Mbuf helper function. */
struct mbuf *m_megapullup(struct mbuf *, int);
@ -176,7 +170,7 @@ struct mbuf *m_megapullup(struct mbuf *, int);
* require this. This bit is set after a call to PacketAliasInit(), so it is
* a default mode of operation.
*/
#ifndef NO_USE_SOCKETS
#ifndef NO_USE_SOCKETS
#define PKT_ALIAS_USE_SOCKETS 0x08
#endif
/*-

414
sys/netinet/libalias/alias_db.c
View File

File diff suppressed because it is too large Load Diff

15
sys/netinet/libalias/alias_dummy.c
View File

@ -64,22 +64,20 @@ AliasHandleDummy(struct libalias *la, struct ip *ip, struct alias_data *ah);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
/*
* Check here all the data that will be used later, if any field
* is empy/NULL, return a -1 value.
*/
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->maxpktsize == 0)
ah->maxpktsize == 0)
return (-1);
/*
* Fingerprint the incoming packet, if it matches any conditions
* return an OK value.
*/
if (ntohs(*ah->dport) == 123
|| ntohs(*ah->sport) == 456)
return (0); /* I know how to handle it. */
return (-1); /* I don't recognize this packet. */
if (ntohs(*ah->dport) == 123 || ntohs(*ah->sport) == 456)
return (0); /* I know how to handle it. */
return (-1); /* I don't recognize this packet. */
}
/*
@ -90,7 +88,6 @@ fingerprint(struct libalias *la, struct alias_data *ah)
static int
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
AliasHandleDummy(la, pip, ah);
return (0);
}
@ -119,7 +116,7 @@ mod_handler(module_t mod, int type, void *data)
{
int error;
switch (type) {
switch (type) {
case MOD_LOAD:
error = 0;
LibAliasAttachHandlers(handlers);
@ -141,7 +138,7 @@ moduledata_t alias_mod = {
"alias_dummy", mod_handler, NULL
};
#ifdef _KERNEL
#ifdef _KERNEL
DECLARE_MODULE(alias_dummy, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_dummy, 1);
MODULE_DEPEND(alias_dummy, libalias, 1, 1, 1);

68
sys/netinet/libalias/alias_ftp.c
View File

@ -109,7 +109,6 @@ AliasHandleFtpIn(struct libalias *, struct ip *, struct alias_link *);
static int
fingerprint_out(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->maxpktsize == 0)
return (-1);
@ -122,7 +121,6 @@ fingerprint_out(struct libalias *la, struct alias_data *ah)
static int
fingerprint_in(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
return (-1);
if (ntohs(*ah->dport) == FTP_CONTROL_PORT_NUMBER ||
@ -134,7 +132,6 @@ fingerprint_in(struct libalias *la, struct alias_data *ah)
static int
protohandler_out(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
AliasHandleFtpOut(la, pip, ah->lnk, ah->maxpktsize);
return (0);
}
@ -142,7 +139,6 @@ protohandler_out(struct libalias *la, struct ip *pip, struct alias_data *ah)
static int
protohandler_in(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
AliasHandleFtpIn(la, pip, ah->lnk);
return (0);
}
@ -170,7 +166,7 @@ mod_handler(module_t mod, int type, void *data)
{
int error;
switch (type) {
switch (type) {
case MOD_LOAD:
error = 0;
LibAliasAttachHandlers(handlers);
@ -192,7 +188,7 @@ moduledata_t alias_mod = {
"alias_ftp", mod_handler, NULL
};
#ifdef _KERNEL
#ifdef _KERNEL
DECLARE_MODULE(alias_ftp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_ftp, 1);
MODULE_DEPEND(alias_ftp, libalias, 1, 1, 1);
@ -224,43 +220,39 @@ AliasHandleFtpOut(
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *lnk, /* The link to go through (aliased port) */
int maxpacketsize /* The maximum size this packet can grow to
(including headers) */ )
(including headers) */ )
{
int hlen, tlen, dlen, pflags;
char *sptr;
struct tcphdr *tc;
int ftp_message_type;
/* Calculate data length of TCP packet */
/* Calculate data length of TCP packet */
tc = (struct tcphdr *)ip_next(pip);
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Place string pointer and beginning of data */
/* Place string pointer and beginning of data */
sptr = (char *)pip;
sptr += hlen;
/*
* Check that data length is not too long and previous message was
* properly terminated with CRLF.
*/
/*
* Check that data length is not too long and previous message was
* properly terminated with CRLF.
*/
pflags = GetProtocolFlags(lnk);
if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
ftp_message_type = FTP_UNKNOWN_MESSAGE;
if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
/*
* When aliasing a client, check for the PORT/EPRT command.
*/
/* When aliasing a client, check for the PORT/EPRT command. */
if (ParseFtpPortCommand(la, sptr, dlen))
ftp_message_type = FTP_PORT_COMMAND;
else if (ParseFtpEprtCommand(la, sptr, dlen))
ftp_message_type = FTP_EPRT_COMMAND;
} else {
/*
* When aliasing a server, check for the 227/229 reply.
*/
/* When aliasing a server, check for the 227/229 reply. */
if (ParseFtp227Reply(la, sptr, dlen))
ftp_message_type = FTP_227_REPLY;
else if (ParseFtp229Reply(la, sptr, dlen)) {
@ -272,12 +264,11 @@ AliasHandleFtpOut(
if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
NewFtpMessage(la, pip, lnk, maxpacketsize, ftp_message_type);
}
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
if (dlen) { /* only if there's data */
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
if (dlen) { /* only if there's data */
sptr = (char *)pip; /* start over at beginning */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
* have grown */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
pflags &= ~WAIT_CRLF;
else
@ -313,7 +304,7 @@ AliasHandleFtpIn(struct libalias *la,
if (dlen <= MAX_MESSAGE_SIZE && (pflags & WAIT_CRLF) == 0 &&
ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER &&
(ParseFtpPortCommand(la, sptr, dlen) != 0 ||
ParseFtpEprtCommand(la, sptr, dlen) != 0)) {
ParseFtpEprtCommand(la, sptr, dlen) != 0)) {
/*
* Alias active mode client requesting data from server
* behind NAT. We need to alias server->client connection
@ -327,8 +318,7 @@ AliasHandleFtpIn(struct libalias *la,
if (dlen) {
sptr = (char *)pip; /* start over at beginning */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
* have grown.
*/
* have grown. */
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
pflags &= ~WAIT_CRLF;
else
@ -650,7 +640,7 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
{
struct alias_link *ftp_lnk;
/* Security checks. */
/* Security checks. */
if (pip->ip_src.s_addr != la->true_addr.s_addr)
return;
@ -671,13 +661,13 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
PunchFWHole(ftp_lnk);
#endif
/* Calculate data length of TCP packet */
/* Calculate data length of TCP packet */
tc = (struct tcphdr *)ip_next(pip);
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Create new FTP message. */
/* Create new FTP message. */
{
char stemp[MAX_MESSAGE_SIZE + 1];
char *sptr;
@ -686,9 +676,9 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
int a1, a2, a3, a4, p1, p2;
struct in_addr alias_address;
/* Decompose alias address into quad format */
/* Decompose alias address into quad format */
alias_address = GetAliasAddress(lnk);
ptr = (u_char *) & alias_address.s_addr;
ptr = (u_char *)&alias_address.s_addr;
a1 = *ptr++;
a2 = *ptr++;
a3 = *ptr++;
@ -696,7 +686,7 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
alias_port = GetAliasPort(ftp_lnk);
/* Prepare new command */
/* Prepare new command */
switch (ftp_message_type) {
case FTP_PORT_COMMAND:
case FTP_227_REPLY:
@ -728,27 +718,27 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
break;
}
/* Save string length for IP header modification */
/* Save string length for IP header modification */
slen = strlen(stemp);
/* Copy modified buffer into IP packet. */
/* Copy modified buffer into IP packet. */
sptr = (char *)pip;
sptr += hlen;
strncpy(sptr, stemp, maxpacketsize - hlen);
}
/* Save information regarding modified seq and ack numbers */
/* Save information regarding modified seq and ack numbers */
{
int delta;
SetAckModified(lnk);
tc = (struct tcphdr *)ip_next(pip);
tc = (struct tcphdr *)ip_next(pip);
delta = GetDeltaSeqOut(tc->th_seq, lnk);
AddSeq(lnk, delta + slen - dlen, pip->ip_hl,
AddSeq(lnk, delta + slen - dlen, pip->ip_hl,
pip->ip_len, tc->th_seq, tc->th_off);
}
/* Revise IP header */
/* Revise IP header */
{
u_short new_len;
@ -761,7 +751,7 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
pip->ip_len = new_len;
}
/* Compute TCP checksum for revised packet */
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
#ifdef _KERNEL
tc->th_x2 = 1;

52
sys/netinet/libalias/alias_irc.c
View File

@ -91,13 +91,12 @@ char *newpacket;
#define DBprintf(a)
static void
AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *,
int maxpacketsize);
AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *,
int maxpacketsize);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->lnk == NULL || ah->maxpktsize == 0)
return (-1);
if (ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_1
@ -109,7 +108,6 @@ fingerprint(struct libalias *la, struct alias_data *ah)
static int
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
newpacket = malloc(PKTSIZE);
if (newpacket) {
AliasHandleIrcOut(la, pip, ah->lnk, ah->maxpktsize);
@ -157,7 +155,7 @@ moduledata_t alias_mod = {
};
/* Kernel module definition. */
#ifdef _KERNEL
#ifdef _KERNEL
DECLARE_MODULE(alias_irc, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_irc, 1);
MODULE_DEPEND(alias_irc, libalias, 1, 1, 1);
@ -178,7 +176,7 @@ AliasHandleIrcOut(struct libalias *la,
struct tcphdr *tc;
int i; /* Iterator through the source */
/* Calculate data length of TCP packet */
/* Calculate data length of TCP packet */
tc = (struct tcphdr *)ip_next(pip);
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
@ -191,7 +189,7 @@ AliasHandleIrcOut(struct libalias *la,
if (dlen < (int)sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a") - 1)
return;
/* Place string pointer at beginning of data */
/* Place string pointer at beginning of data */
sptr = (char *)pip;
sptr += hlen;
maxsize -= hlen; /* We're interested in maximum size of
@ -204,7 +202,7 @@ AliasHandleIrcOut(struct libalias *la,
}
return; /* No CTCP commands in */
/* Handle CTCP commands - the buffer may have to be copied */
lFOUND_CTCP:
lFOUND_CTCP:
{
unsigned int copyat = i;
unsigned int iCopy = 0; /* How much data have we written to
@ -213,7 +211,7 @@ AliasHandleIrcOut(struct libalias *la,
unsigned short org_port; /* Original source port
* address */
lCTCP_START:
lCTCP_START:
if (i >= dlen || iCopy >= PKTSIZE)
goto lPACKET_DONE;
newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start
@ -413,7 +411,7 @@ AliasHandleIrcOut(struct libalias *la,
* has been pushed. Also used to copy the rest of a DCC,
* after IP address and port has been handled
*/
lBAD_CTCP:
lBAD_CTCP:
for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if (sptr[i] == '\001') {
@ -422,7 +420,7 @@ AliasHandleIrcOut(struct libalias *la,
}
goto lPACKET_DONE;
/* Normal text */
lNORMAL_TEXT:
lNORMAL_TEXT:
for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if (sptr[i] == '\001') {
@ -430,16 +428,16 @@ AliasHandleIrcOut(struct libalias *la,
}
}
/* Handle the end of a packet */
lPACKET_DONE:
lPACKET_DONE:
iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy;
memcpy(sptr + copyat, newpacket, iCopy);
/* Save information regarding modified seq and ack numbers */
/* Save information regarding modified seq and ack numbers */
{
int delta;
SetAckModified(lnk);
tc = (struct tcphdr *)ip_next(pip);
tc = (struct tcphdr *)ip_next(pip);
delta = GetDeltaSeqOut(tc->th_seq, lnk);
AddSeq(lnk, delta + copyat + iCopy - dlen, pip->ip_hl,
pip->ip_len, tc->th_seq, tc->th_off);
@ -469,20 +467,20 @@ AliasHandleIrcOut(struct libalias *la,
}
/* Notes:
[Note 1]
The initial search will most often fail; it could be replaced with a 32-bit specific search.
Such a search would be done for 32-bit unsigned value V:
V ^= 0x01010101; (Search is for null bytes)
if( ((V-0x01010101)^V) & 0x80808080 ) {
[Note 1]
The initial search will most often fail; it could be replaced with a 32-bit specific search.
Such a search would be done for 32-bit unsigned value V:
V ^= 0x01010101; (Search is for null bytes)
if( ((V-0x01010101)^V) & 0x80808080 ) {
(found a null bytes which was a 01 byte)
}
To assert that the processor is 32-bits, do
}
To assert that the processor is 32-bits, do
extern int ircdccar[32]; (32 bits)
extern int ircdccar[CHAR_BIT*sizeof(unsigned int)];
which will generate a type-error on all but 32-bit machines.
which will generate a type-error on all but 32-bit machines.
[Note 2] This routine really ought to be replaced with one that
creates a transparent proxy on the aliasing host, to allow arbitrary
changes in the TCP stream. This should not be too difficult given
this base; I (ee) will try to do this some time later.
*/
[Note 2] This routine really ought to be replaced with one that
creates a transparent proxy on the aliasing host, to allow arbitrary
changes in the TCP stream. This should not be too difficult given
this base; I (ee) will try to do this some time later.
*/

178
sys/netinet/libalias/alias_local.h
View File

@ -66,8 +66,8 @@
#endif
/* Sizes of input and output link tables */
#define LINK_TABLE_OUT_SIZE 4001
#define LINK_TABLE_IN_SIZE 4001
#define LINK_TABLE_OUT_SIZE 4001
#define LINK_TABLE_IN_SIZE 4001
#define GET_ALIAS_PORT -1
#define GET_ALIAS_ID GET_ALIAS_PORT
@ -82,30 +82,21 @@ struct proxy_entry;
struct libalias {
LIST_ENTRY(libalias) instancelist;
int packetAliasMode; /* Mode flags */
/* - documented in alias.h */
struct in_addr aliasAddress; /* Address written onto source */
/* field of IP packet. */
struct in_addr targetAddress; /* IP address incoming packets */
/* are sent to if no aliasing */
/* link already exists */
struct in_addr nullAddress; /* Used as a dummy parameter for */
/* some function calls */
LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
/* Lookup table of pointers to */
/* chains of link records. Each */
LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
/* link record is doubly indexed */
/* into input and output lookup */
/* tables. */
/* Link statistics */
/* Mode flags documented in alias.h */
int packetAliasMode;
/* Address written onto source field of IP packet. */
struct in_addr aliasAddress;
/* IP address incoming packets are sent to
* if no aliasing link already exists */
struct in_addr targetAddress;
/* Used as a dummy parameter for some function calls */
struct in_addr nullAddress;
/* Lookup table of pointers to chains of link records.
* Each link record is doubly indexed into input and
* output lookup tables. */
LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
/* Link statistics */
int icmpLinkCount;
int udpLinkCount;
int tcpLinkCount;
@ -114,49 +105,41 @@ struct libalias {
int fragmentIdLinkCount;
int fragmentPtrLinkCount;
int sockCount;
int cleanupIndex; /* Index to chain of link table */
/* being inspected for old links */
int timeStamp; /* System time in seconds for */
/* current packet */
int lastCleanupTime; /* Last time
* IncrementalCleanup() */
/* was called */
int deleteAllLinks; /* If equal to zero, DeleteLink() */
/* will not remove permanent links */
/* log descriptor */
#ifdef _KERNEL
char *logDesc;
#else
FILE *logDesc;
/* Index to chain of link table being inspected for old links */
int cleanupIndex;
/* System time in seconds for current packet */
int timeStamp;
/* Last time IncrementalCleanup() was called */
int lastCleanupTime;
/* If equal to zero, DeleteLink()
* will not remove permanent links */
int deleteAllLinks;
/* log descriptor */
#ifdef _KERNEL
char *logDesc;
#else
FILE *logDesc;
#endif
/* statistics monitoring */
int newDefaultLink; /* Indicates if a new aliasing */
/* link has been created after a */
/* call to PacketAliasIn/Out(). */
/* Indicates if a new aliasing link has been created
* after a call to PacketAliasIn/Out(). */
int newDefaultLink;
#ifndef NO_FW_PUNCH
int fireWallFD; /* File descriptor to be able to */
/* control firewall. Opened by */
/* PacketAliasSetMode on first */
/* setting the PKT_ALIAS_PUNCH_FW */
/* flag. */
int fireWallBaseNum; /* The first firewall entry
* free for our use */
int fireWallNumNums; /* How many entries can we
* use? */
int fireWallActiveNum; /* Which entry did we last
* use? */
char *fireWallField; /* bool array for entries */
/* File descriptor to be able to control firewall.
* Opened by PacketAliasSetMode on first setting
* the PKT_ALIAS_PUNCH_FW flag. */
int fireWallFD;
/* The first firewall entry free for our use */
int fireWallBaseNum;
/* How many entries can we use? */
int fireWallNumNums;
/* Which entry did we last use? */
int fireWallActiveNum;
/* bool array for entries */
char *fireWallField;
#endif
unsigned int skinnyPort; /* TCP port used by the Skinny */
/* protocol. */
/* TCP port used by the Skinny protocol. */
unsigned int skinnyPort;
struct proxy_entry *proxyList;
@ -173,25 +156,17 @@ struct libalias {
/* counts associations that have progressed to UP and not yet removed */
int sctpLinkCount;
#ifdef _KERNEL
#ifdef _KERNEL
/* timing queue for keeping track of association timeouts */
struct sctp_nat_timer sctpNatTimer;
/* size of hash table used in this instance */
u_int sctpNatTableSize;
/*
* local look up table sorted by l_vtag/l_port
*/
/* local look up table sorted by l_vtag/l_port */
LIST_HEAD(sctpNatTableL, sctp_nat_assoc) *sctpTableLocal;
/*
* global look up table sorted by g_vtag/g_port
*/
/* global look up table sorted by g_vtag/g_port */
LIST_HEAD(sctpNatTableG, sctp_nat_assoc) *sctpTableGlobal;
/*
* avoid races in libalias: every public function has to use it.
*/
/* avoid races in libalias: every public function has to use it. */
struct mtx mutex;
#endif
};
@ -200,7 +175,7 @@ struct libalias {
#ifdef _KERNEL
#define LIBALIAS_LOCK_INIT(l) \
mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF)
mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF)
#define LIBALIAS_LOCK_ASSERT(l) mtx_assert(&l->mutex, MA_OWNED)
#define LIBALIAS_LOCK(l) mtx_lock(&l->mutex)
#define LIBALIAS_UNLOCK(l) mtx_unlock(&l->mutex)
@ -240,7 +215,7 @@ struct libalias {
/*
* SctpFunction prototypes
*
*
*/
void AliasSctpInit(struct libalias *la);
void AliasSctpTerm(struct libalias *la);
@ -279,9 +254,9 @@ struct alias_link *
FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
struct alias_link *
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_char _proto);
@ -313,17 +288,17 @@ struct alias_link *
FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _alias_port, u_char _proto);
struct in_addr
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
struct in_addr
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
struct in_addr
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
struct in_addr
FindSctpRedirectAddress(struct libalias *la, struct sctp_nat_msg *sm);
/* External data access/modification */
int
FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _src_port, u_short _dst_port, u_short _port_count,
u_char _proto, u_char _align);
int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_short _src_port,
u_short _dst_port, u_short _port_count, u_char _proto,
u_char _align);
void GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr);
void SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr);
void GetFragmentPtr(struct alias_link *_lnk, void **_fptr);
@ -332,27 +307,22 @@ void SetStateIn(struct alias_link *_lnk, int _state);
void SetStateOut(struct alias_link *_lnk, int _state);
int GetStateIn (struct alias_link *_lnk);
int GetStateOut(struct alias_link *_lnk);
struct in_addr
GetOriginalAddress(struct alias_link *_lnk);
struct in_addr
GetDestAddress(struct alias_link *_lnk);
struct in_addr
GetAliasAddress(struct alias_link *_lnk);
struct in_addr
GetDefaultAliasAddress(struct libalias *la);
struct in_addr GetOriginalAddress(struct alias_link *_lnk);
struct in_addr GetDestAddress(struct alias_link *_lnk);
struct in_addr GetAliasAddress(struct alias_link *_lnk);
struct in_addr GetDefaultAliasAddress(struct libalias *la);
void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
u_short GetOriginalPort(struct alias_link *_lnk);
u_short GetAliasPort(struct alias_link *_lnk);
struct in_addr
GetProxyAddress(struct alias_link *_lnk);
struct in_addr GetProxyAddress(struct alias_link *_lnk);
void SetProxyAddress(struct alias_link *_lnk, struct in_addr _addr);
u_short GetProxyPort(struct alias_link *_lnk);
void SetProxyPort(struct alias_link *_lnk, u_short _port);
void SetAckModified(struct alias_link *_lnk);
int GetAckModified(struct alias_link *_lnk);
int GetDeltaAckIn(u_long, struct alias_link *_lnk);
int GetDeltaSeqOut(u_long, struct alias_link *lnk);
void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl,
int GetDeltaSeqOut(u_long, struct alias_link *lnk);
void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl,
u_short ip_len, u_long th_seq, u_int th_off);
void SetExpire (struct alias_link *_lnk, int _expire);
void ClearCheckNewLink(struct libalias *la);
@ -368,18 +338,18 @@ void PunchFWHole(struct alias_link *_lnk);
/* Housekeeping function */
void HouseKeeping(struct libalias *);
/* Tcp specific routines */
/* lint -save -library Suppress flexelint warnings */
/* Transparent proxy routines */
int
ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
u_short * proxy_server_port, struct in_addr src_addr,
u_short * proxy_server_port, struct in_addr src_addr,
struct in_addr dst_addr, u_short dst_port, u_char ip_p);
void
ProxyModify(struct libalias *la, struct alias_link *_lnk, struct ip *_pip,
int _maxpacketsize, int _proxy_type);
/* Tcp specific routines */
/* lint -save -library Suppress flexelint warnings */
enum alias_tcp_state {
ALIAS_TCP_STATE_NOT_CONNECTED,
ALIAS_TCP_STATE_CONNECTED,

2
sys/netinet/libalias/alias_mod.c
View File

@ -97,7 +97,6 @@ LibAliasAttachHandlers(struct proto_handler *p)
int
LibAliasDetachHandlers(struct proto_handler *p)
{
while (p->dir != NODIR) {
TAILQ_REMOVE(&handler_chain, p, link);
p++;
@ -123,7 +122,6 @@ find_handler(int8_t dir, int8_t proto, struct libalias *la, struct ip *ip,
struct proto_handler *
first_handler(void)
{
return (TAILQ_FIRST(&handler_chain));
}

253
sys/netinet/libalias/alias_nbt.c
View File

@ -73,20 +73,19 @@ __FBSDID("$FreeBSD$");
static int
AliasHandleUdpNbt(struct libalias *, struct ip *, struct alias_link *,
struct in_addr *, u_short);
struct in_addr *, u_short);
static int
AliasHandleUdpNbtNS(struct libalias *, struct ip *, struct alias_link *,
struct in_addr *, u_short *, struct in_addr *, u_short *);
struct in_addr *, u_short *, struct in_addr *, u_short *);
static int
fingerprint1(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->aaddr == NULL || ah->aport == NULL)
return (-1);
if (ntohs(*ah->dport) == NETBIOS_DGM_PORT_NUMBER
|| ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER)
|| ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER)
return (0);
return (-1);
}
@ -94,14 +93,12 @@ fingerprint1(struct libalias *la, struct alias_data *ah)
static int
protohandler1(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
return (AliasHandleUdpNbt(la, pip, ah->lnk, ah->aaddr, *ah->aport));
}
static int
fingerprint2(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->aaddr == NULL || ah->aport == NULL)
return (-1);
@ -114,18 +111,16 @@ fingerprint2(struct libalias *la, struct alias_data *ah)
static int
protohandler2in(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
AliasHandleUdpNbtNS(la, pip, ah->lnk, ah->aaddr, ah->aport,
ah->oaddr, ah->dport);
ah->oaddr, ah->dport);
return (0);
}
static int
protohandler2out(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
return (AliasHandleUdpNbtNS(la, pip, ah->lnk, &pip->ip_src, ah->sport,
ah->aaddr, ah->aport));
ah->aaddr, ah->aport));
}
/* Kernel module definition. */
@ -174,14 +169,14 @@ mod_handler(module_t mod, int type, void *data)
return (error);
}
#ifdef _KERNEL
#ifdef _KERNEL
static
#endif
moduledata_t alias_mod = {
"alias_nbt", mod_handler, NULL
};
#ifdef _KERNEL
#ifdef _KERNEL
DECLARE_MODULE(alias_nbt, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_nbt, 1);
MODULE_DEPEND(alias_nbt, libalias, 1, 1, 1);
@ -192,8 +187,8 @@ typedef struct {
u_short oldport;
struct in_addr newaddr;
u_short newport;
u_short *uh_sum;
} NBTArguments;
u_short *uh_sum;
} NBTArguments;
typedef struct {
unsigned char type;
@ -203,7 +198,7 @@ typedef struct {
u_short source_port;
u_short len;
u_short offset;
} NbtDataHeader;
} NbtDataHeader;
#define OpQuery 0
#define OpUnknown 4
@ -213,12 +208,12 @@ typedef struct {
#define OpRefresh 8
typedef struct {
u_short nametrid;
u_short dir: 1, opcode:4, nmflags:7, rcode:4;
u_short dir:1, opcode:4, nmflags:7, rcode:4;
u_short qdcount;
u_short ancount;
u_short nscount;
u_short arcount;
} NbtNSHeader;
} NbtNSHeader;
#define FMT_ERR 0x1
#define SRV_ERR 0x2
@ -231,9 +226,8 @@ typedef struct {
static void
PrintRcode(u_char rcode)
{
switch (rcode) {
case FMT_ERR:
case FMT_ERR:
printf("\nFormat Error.");
case SRV_ERR:
printf("\nSever failure.");
@ -253,10 +247,9 @@ PrintRcode(u_char rcode)
#endif
/* Handling Name field */
static u_char *
AliasHandleName(u_char * p, char *pmax)
static u_char *
AliasHandleName(u_char *p, char *pmax)
{
u_char *s;
u_char c;
int compress;
@ -270,7 +263,7 @@ AliasHandleName(u_char * p, char *pmax)
p = p + 2;
if ((char *)p > pmax)
return (NULL);
return ((u_char *) p);
return ((u_char *)p);
}
while ((*p & 0x3f) != 0x00) {
s = p + 1;
@ -280,7 +273,7 @@ AliasHandleName(u_char * p, char *pmax)
compress = 0;
/* Get next length field */
p = (u_char *) (p + (*p & 0x3f) + 1);
p = (u_char *)(p + (*p & 0x3f) + 1);
if ((char *)p > pmax) {
p = NULL;
break;
@ -316,7 +309,7 @@ AliasHandleName(u_char * p, char *pmax)
p = NULL;
else
p++;
return ((u_char *) p);
return ((u_char *)p);
}
/*
@ -325,19 +318,18 @@ AliasHandleName(u_char * p, char *pmax)
#define DGM_DIRECT_UNIQ 0x10
#define DGM_DIRECT_GROUP 0x11
#define DGM_BROADCAST 0x12
#define DGM_ERROR 0x13
#define DGM_QUERY 0x14
#define DGM_ERROR 0x13
#define DGM_QUERY 0x14
#define DGM_POSITIVE_RES 0x15
#define DGM_NEGATIVE_RES 0x16
static int
AliasHandleUdpNbt(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *lnk,
struct in_addr *alias_address,
u_short alias_port
)
struct in_addr *alias_address,
u_short alias_port)
{
struct udphdr *uh;
NbtDataHeader *ndh;
@ -364,17 +356,17 @@ AliasHandleUdpNbt(
case DGM_DIRECT_UNIQ:
case DGM_DIRECT_GROUP:
case DGM_BROADCAST:
p = (u_char *) ndh + 14;
p = (u_char *)ndh + 14;
p = AliasHandleName(p, pmax); /* Source Name */
p = AliasHandleName(p, pmax); /* Destination Name */
break;
case DGM_ERROR:
p = (u_char *) ndh + 11;
p = (u_char *)ndh + 11;
break;
case DGM_QUERY:
case DGM_POSITIVE_RES:
case DGM_NEGATIVE_RES:
p = (u_char *) ndh + 10;
p = (u_char *)ndh + 10;
p = AliasHandleName(p, pmax); /* Destination Name */
break;
}
@ -391,10 +383,10 @@ AliasHandleUdpNbt(
acc = ndh->source_port;
acc -= alias_port;
sptr = (u_short *) & (ndh->source_ip);
sptr = (u_short *)&(ndh->source_ip);
acc += *sptr++;
acc += *sptr;
sptr = (u_short *) alias_address;
sptr = (u_short *)alias_address;
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, uh->uh_sum);
@ -410,27 +402,26 @@ AliasHandleUdpNbt(
}
/* Question Section */
#define QS_TYPE_NB 0x0020
#define QS_TYPE_NB 0x0020
#define QS_TYPE_NBSTAT 0x0021
#define QS_CLAS_IN 0x0001
#define QS_CLAS_IN 0x0001
typedef struct {
u_short type; /* The type of Request */
u_short class; /* The class of Request */
} NBTNsQuestion;
} NBTNsQuestion;
static u_char *
static u_char *
AliasHandleQuestion(
u_short count,
NBTNsQuestion * q,
char *pmax,
NBTArguments * nbtarg)
{
(void)nbtarg;
while (count != 0) {
/* Name Filed */
q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax);
q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax);
if (q == NULL || (char *)(q + 1) > pmax) {
q = NULL;
@ -452,35 +443,35 @@ AliasHandleQuestion(
}
/* Set up to out of Question Section */
return ((u_char *) q);
return ((u_char *)q);
}
/* Resource Record */
#define RR_TYPE_A 0x0001
#define RR_TYPE_NS 0x0002
#define RR_TYPE_A 0x0001
#define RR_TYPE_NS 0x0002
#define RR_TYPE_NULL 0x000a
#define RR_TYPE_NB 0x0020
#define RR_TYPE_NB 0x0020
#define RR_TYPE_NBSTAT 0x0021
#define RR_CLAS_IN 0x0001
#define RR_CLAS_IN 0x0001
#define SizeOfNsResource 8
typedef struct {
u_short type;
u_short class;
unsigned int ttl;
u_short rdlen;
} NBTNsResource;
} NBTNsResource;
#define SizeOfNsRNB 6
#define SizeOfNsRNB 6
typedef struct {
u_short g: 1 , ont:2, resv:13;
u_short g:1, ont:2, resv:13;
struct in_addr addr;
} NBTNsRNB;
} NBTNsRNB;
static u_char *
static u_char *
AliasHandleResourceNB(
NBTNsResource * q,
char *pmax,
NBTArguments * nbtarg)
NBTNsResource *q,
char *pmax,
NBTArguments *nbtarg)
{
NBTNsRNB *nb;
u_short bcount;
@ -495,7 +486,7 @@ AliasHandleResourceNB(
bcount = ntohs(q->rdlen);
/* Forward to Resource NB position */
nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource);
nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource);
/* Processing all in_addr array */
#ifdef LIBALIAS_DEBUG
@ -517,10 +508,10 @@ AliasHandleResourceNB(
int acc;
u_short *sptr;
sptr = (u_short *) & (nb->addr);
sptr = (u_short *)&(nb->addr);
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) & (nbtarg->newaddr);
sptr = (u_short *)&(nbtarg->newaddr);
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
@ -535,25 +526,25 @@ AliasHandleResourceNB(
printf(".");
}
#endif
nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB);
nb = (NBTNsRNB *)((u_char *)nb + SizeOfNsRNB);
bcount -= SizeOfNsRNB;
}
if (nb == NULL || (char *)(nb + 1) > pmax) {
nb = NULL;
}
return ((u_char *) nb);
return ((u_char *)nb);
}
#define SizeOfResourceA 6
typedef struct {
struct in_addr addr;
} NBTNsResourceA;
} NBTNsResourceA;
static u_char *
static u_char *
AliasHandleResourceA(
NBTNsResource * q,
char *pmax,
NBTArguments * nbtarg)
NBTNsResource *q,
char *pmax,
NBTArguments *nbtarg)
{
NBTNsResourceA *a;
u_short bcount;
@ -566,7 +557,7 @@ AliasHandleResourceA(
return (NULL);
/* Forward to Resource A position */
a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource));
a = (NBTNsResourceA *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
@ -588,10 +579,10 @@ AliasHandleResourceA(
int acc;
u_short *sptr;
sptr = (u_short *) & (a->addr); /* Old */
sptr = (u_short *)&(a->addr); /* Old */
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) & nbtarg->newaddr; /* New */
sptr = (u_short *)&nbtarg->newaddr; /* New */
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
@ -603,18 +594,18 @@ AliasHandleResourceA(
}
if (a == NULL || (char *)(a + 1) > pmax)
a = NULL;
return ((u_char *) a);
return ((u_char *)a);
}
typedef struct {
u_short opcode:4, flags:8, resv:4;
} NBTNsResourceNULL;
} NBTNsResourceNULL;
static u_char *
static u_char *
AliasHandleResourceNULL(
NBTNsResource * q,
char *pmax,
NBTArguments * nbtarg)
NBTNsResource *q,
char *pmax,
NBTArguments *nbtarg)
{
NBTNsResourceNULL *n;
u_short bcount;
@ -625,7 +616,7 @@ AliasHandleResourceNULL(
return (NULL);
/* Forward to Resource NULL position */
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
@ -642,14 +633,14 @@ AliasHandleResourceNULL(
if ((char *)(n + 1) > pmax)
n = NULL;
return ((u_char *) n);
return ((u_char *)n);
}
static u_char *
static u_char *
AliasHandleResourceNS(
NBTNsResource * q,
char *pmax,
NBTArguments * nbtarg)
NBTNsResource *q,
char *pmax,
NBTArguments *nbtarg)
{
NBTNsResourceNULL *n;
u_short bcount;
@ -660,29 +651,29 @@ AliasHandleResourceNS(
return (NULL);
/* Forward to Resource NULL position */
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Resource Record Name Filed */
q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */
q = (NBTNsResource *)AliasHandleName((u_char *)n, pmax); /* XXX */
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return (NULL);
else
return ((u_char *) n + bcount);
return ((u_char *)n + bcount);
}
typedef struct {
u_short numnames;
} NBTNsResourceNBSTAT;
} NBTNsResourceNBSTAT;
static u_char *
static u_char *
AliasHandleResourceNBSTAT(
NBTNsResource * q,
char *pmax,
NBTArguments * nbtarg)
NBTNsResource *q,
char *pmax,
NBTArguments *nbtarg)
{
NBTNsResourceNBSTAT *n;
u_short bcount;
@ -693,28 +684,27 @@ AliasHandleResourceNBSTAT(
return (NULL);
/* Forward to Resource NBSTAT position */
n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource));
n = (NBTNsResourceNBSTAT *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return (NULL);
else
return ((u_char *) n + bcount);
return ((u_char *)n + bcount);
}
static u_char *
static u_char *
AliasHandleResource(
u_short count,
NBTNsResource * q,
char *pmax,
NBTArguments
* nbtarg)
u_short count,
NBTNsResource *q,
char *pmax,
NBTArguments *nbtarg)
{
while (count != 0) {
/* Resource Record Name Filed */
q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax);
q = (NBTNsResource *)AliasHandleName((u_char *)q, pmax);
if (q == NULL || (char *)(q + 1) > pmax)
break;
@ -725,39 +715,24 @@ AliasHandleResource(
/* Type and Class filed */
switch (ntohs(q->type)) {
case RR_TYPE_NB:
q = (NBTNsResource *) AliasHandleResourceNB(
q,
pmax,
nbtarg
);
q = (NBTNsResource *)AliasHandleResourceNB(
q, pmax, nbtarg);
break;
case RR_TYPE_A:
q = (NBTNsResource *) AliasHandleResourceA(
q,
pmax,
nbtarg
);
q = (NBTNsResource *)AliasHandleResourceA(
q, pmax, nbtarg);
break;
case RR_TYPE_NS:
q = (NBTNsResource *) AliasHandleResourceNS(
q,
pmax,
nbtarg
);
q = (NBTNsResource *)AliasHandleResourceNS(
q, pmax, nbtarg);
break;
case RR_TYPE_NULL:
q = (NBTNsResource *) AliasHandleResourceNULL(
q,
pmax,
nbtarg
);
q = (NBTNsResource *)AliasHandleResourceNULL(
q, pmax, nbtarg);
break;
case RR_TYPE_NBSTAT:
q = (NBTNsResource *) AliasHandleResourceNBSTAT(
q,
pmax,
nbtarg
);
q = (NBTNsResource *)AliasHandleResourceNBSTAT(
q, pmax, nbtarg);
break;
default:
#ifdef LIBALIAS_DEBUG
@ -771,18 +746,18 @@ AliasHandleResource(
}
count--;
}
return ((u_char *) q);
return ((u_char *)q);
}
static int
AliasHandleUdpNbtNS(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *lnk,
struct in_addr *alias_address,
u_short * alias_port,
struct in_addr *original_address,
u_short * original_port)
struct in_addr *alias_address,
u_short *alias_port,
struct in_addr *original_address,
u_short *original_port)
{
struct udphdr *uh;
NbtNSHeader *nsh;
@ -803,7 +778,7 @@ AliasHandleUdpNbtNS(
uh = (struct udphdr *)ip_next(pip);
nbtarg.uh_sum = &(uh->uh_sum);
nsh = (NbtNSHeader *)udp_next(uh);
p = (u_char *) (nsh + 1);
p = (u_char *)(nsh + 1);
pmax = (char *)uh + ntohs(uh->uh_ulen);
if ((char *)(nsh + 1) > pmax)
@ -821,7 +796,7 @@ AliasHandleUdpNbtNS(
ntohs(nsh->ancount),
ntohs(nsh->nscount),
ntohs(nsh->arcount),
(u_char *) p - (u_char *) nsh
(u_char *)p - (u_char *)nsh
);
#endif
@ -829,7 +804,7 @@ AliasHandleUdpNbtNS(
if (ntohs(nsh->qdcount) != 0) {
p = AliasHandleQuestion(
ntohs(nsh->qdcount),
(NBTNsQuestion *) p,
(NBTNsQuestion *)p,
pmax,
&nbtarg
);
@ -838,7 +813,7 @@ AliasHandleUdpNbtNS(
if (ntohs(nsh->ancount) != 0) {
p = AliasHandleResource(
ntohs(nsh->ancount),
(NBTNsResource *) p,
(NBTNsResource *)p,
pmax,
&nbtarg
);
@ -847,7 +822,7 @@ AliasHandleUdpNbtNS(
if (ntohs(nsh->nscount) != 0) {
p = AliasHandleResource(
ntohs(nsh->nscount),
(NBTNsResource *) p,
(NBTNsResource *)p,
pmax,
&nbtarg
);
@ -856,7 +831,7 @@ AliasHandleUdpNbtNS(
if (ntohs(nsh->arcount) != 0) {
p = AliasHandleResource(
ntohs(nsh->arcount),
(NBTNsResource *) p,
(NBTNsResource *)p,
pmax,
&nbtarg
);

84
sys/netinet/libalias/alias_pptp.c
View File

@ -81,7 +81,6 @@ AliasHandlePptpGreIn(struct libalias *, struct ip *);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
return (-1);
if (ntohs(*ah->dport) == PPTP_CONTROL_PORT_NUMBER
@ -93,14 +92,12 @@ fingerprint(struct libalias *la, struct alias_data *ah)
static int
fingerprintgre(struct libalias *la, struct alias_data *ah)
{
return (0);
}
static int
protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
AliasHandlePptpIn(la, pip, ah->lnk);
return (0);
}
@ -108,7 +105,6 @@ protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah)
static int
protohandlerout(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
AliasHandlePptpOut(la, pip, ah->lnk);
return (0);
}
@ -116,7 +112,6 @@ protohandlerout(struct libalias *la, struct ip *pip, struct alias_data *ah)
static int
protohandlergrein(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
AliasHandlePptpGreIn(la, pip) == 0)
return (0);
@ -126,7 +121,6 @@ protohandlergrein(struct libalias *la, struct ip *pip, struct alias_data *ah)
static int
protohandlergreout(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
if (AliasHandlePptpGreOut(la, pip) == 0)
return (0);
return (-1);
@ -196,7 +190,7 @@ moduledata_t alias_mod = {
"alias_pptp", mod_handler, NULL
};
#ifdef _KERNEL
#ifdef _KERNEL
DECLARE_MODULE(alias_pptp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_pptp, 1);
MODULE_DEPEND(alias_pptp, libalias, 1, 1, 1);
@ -225,14 +219,13 @@ MODULE_DEPEND(alias_pptp, libalias, 1, 1, 1);
Reference: RFC 2637
Initial version: May, 2000 (eds)
*/
/*
* PPTP definitions
*/
struct grehdr { /* Enhanced GRE header. */
struct grehdr { /* Enhanced GRE header. */
u_int16_t gh_flags; /* Flags. */
u_int16_t gh_protocol; /* Protocol type. */
u_int16_t gh_length; /* Payload length. */
@ -271,7 +264,7 @@ enum {
PPTP_SetLinkInfo = 15
};
/* Message structures */
/* Message structures */
struct pptpMsgHead {
u_int16_t length; /* total length */
u_int16_t msgType;/* PPTP message type */
@ -298,8 +291,8 @@ static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
static void
AliasHandlePptpOut(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *lnk)
{ /* The PPTP control link */
struct alias_link *lnk) /* The PPTP control link */
{
struct alias_link *pptp_lnk;
PptpCallId cptr;
PptpCode codes;
@ -330,8 +323,7 @@ AliasHandlePptpOut(struct libalias *la,
* message.
*/
pptp_lnk = FindPptpOutByCallId(la, GetOriginalAddress(lnk),
GetDestAddress(lnk),
cptr->cid1);
GetDestAddress(lnk), cptr->cid1);
break;
default:
return;
@ -351,16 +343,17 @@ AliasHandlePptpOut(struct libalias *la,
switch (ctl_type) {
case PPTP_OutCallReply:
case PPTP_InCallReply:
codes = (PptpCode) (cptr + 1);
if (codes->resCode == 1) /* Connection
* established, */
SetDestCallId(pptp_lnk, /* note the Peer's Call
* ID. */
cptr->cid2);
codes = (PptpCode)(cptr + 1);
if (codes->resCode == 1)
/* Connection established,
* note the Peer's Call ID. */
SetDestCallId(pptp_lnk, cptr->cid2);
else
SetExpire(pptp_lnk, 0); /* Connection refused. */
/* Connection refused. */
SetExpire(pptp_lnk, 0);
break;
case PPTP_CallDiscNotify: /* Connection closed. */
case PPTP_CallDiscNotify:
/* Connection closed. */
SetExpire(pptp_lnk, 0);
break;
}
@ -370,8 +363,8 @@ AliasHandlePptpOut(struct libalias *la,
static void
AliasHandlePptpIn(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *lnk)
{ /* The PPTP control link */
struct alias_link *lnk) /* The PPTP control link */
{
struct alias_link *pptp_lnk;
PptpCallId cptr;
u_int16_t *pcall_id;
@ -393,10 +386,10 @@ AliasHandlePptpIn(struct libalias *la,
case PPTP_InCallReply:
pcall_id = &cptr->cid2;
break;
case PPTP_CallDiscNotify: /* Connection closed. */
case PPTP_CallDiscNotify:
/* Connection closed. */
pptp_lnk = FindPptpInByCallId(la, GetDestAddress(lnk),
GetAliasAddress(lnk),
cptr->cid1);
GetAliasAddress(lnk), cptr->cid1);
if (pptp_lnk != NULL)
SetExpire(pptp_lnk, 0);
return;
@ -406,8 +399,7 @@ AliasHandlePptpIn(struct libalias *la,
/* Find PPTP link for address and Call ID found in PPTP Control Msg */
pptp_lnk = FindPptpInByPeerCallId(la, GetDestAddress(lnk),
GetAliasAddress(lnk),
*pcall_id);
GetAliasAddress(lnk), *pcall_id);
if (pptp_lnk != NULL) {
int accumulate = *pcall_id;
@ -420,22 +412,24 @@ AliasHandlePptpIn(struct libalias *la,
accumulate -= *pcall_id;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
PptpCode codes = (PptpCode) (cptr + 1);
if (ctl_type == PPTP_OutCallReply ||
ctl_type == PPTP_InCallReply) {
PptpCode codes = (PptpCode)(cptr + 1);
if (codes->resCode == 1) /* Connection
* established, */
SetDestCallId(pptp_lnk, /* note the Call ID. */
cptr->cid1);
if (codes->resCode == 1)
/* Connection established,
* note the Call ID. */
SetDestCallId(pptp_lnk, cptr->cid1);
else
SetExpire(pptp_lnk, 0); /* Connection refused. */
/* Connection refused. */
SetExpire(pptp_lnk, 0);
}
}
}
static PptpCallId
AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
{ /* IP packet to examine/patch */
static PptpCallId
AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) /* IP packet to examine/patch */
{
int hlen, tlen, dlen;
PptpMsgHead hptr;
struct tcphdr *tc;
@ -451,7 +445,7 @@ AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
return (NULL);
/* Move up to PPTP message header */
hptr = (PptpMsgHead) tcp_next(tc);
hptr = (PptpMsgHead)tcp_next(tc);
/* Return the control message type */
*ptype = ntohs(hptr->type);
@ -467,7 +461,7 @@ AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
sizeof(struct pptpCodes))))
return (NULL);
else
return (PptpCallId) (hptr + 1);
return ((PptpCallId)(hptr + 1));
}
static int
@ -476,10 +470,10 @@ AliasHandlePptpGreOut(struct libalias *la, struct ip *pip)
GreHdr *gr;
struct alias_link *lnk;
gr = (GreHdr *) ip_next(pip);
gr = (GreHdr *)ip_next(pip);
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
lnk = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
@ -500,10 +494,10 @@ AliasHandlePptpGreIn(struct libalias *la, struct ip *pip)
GreHdr *gr;
struct alias_link *lnk;
gr = (GreHdr *) ip_next(pip);
gr = (GreHdr *)ip_next(pip);
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
lnk = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);

261
sys/netinet/libalias/alias_proxy.c
View File

@ -76,6 +76,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/libalias/alias_mod.h>
#else
#include <arpa/inet.h>
#include "alias.h" /* Public API functions for libalias */
#include "alias_local.h" /* Functions used by alias*.c */
#endif
@ -189,7 +190,7 @@ IpPort(char *s, int proto, int *port)
if (se == NULL)
return (-1);
*port = (u_int) ntohs(se->s_port);
*port = (u_int)ntohs(se->s_port);
}
#else
return (-1);
@ -292,20 +293,19 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
struct tcphdr *tc;
char addrbuf[INET_ADDRSTRLEN];
/* Compute pointer to tcp header */
/* Compute pointer to tcp header */
tc = (struct tcphdr *)ip_next(pip);
/* Don't modify if once already modified */
/* Don't modify if once already modified */
if (GetAckModified(lnk))
return;
/* Translate destination address and port to string form */
/* Translate destination address and port to string form */
snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]",
inet_ntoa_r(GetProxyAddress(lnk), INET_NTOA_BUF(addrbuf)),
(u_int) ntohs(GetProxyPort(lnk)));
(u_int)ntohs(GetProxyPort(lnk)));
/* Pad string out to a multiple of two in length */
/* Pad string out to a multiple of two in length */
slen = strlen(buffer);
switch (slen % 2) {
case 0:
@ -317,11 +317,11 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
slen += 1;
}
/* Check for packet overflow */
/* Check for packet overflow */
if ((int)(ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize)
return;
/* Shift existing TCP data and insert destination string */
/* Shift existing TCP data and insert destination string */
{
int dlen;
int hlen;
@ -330,8 +330,7 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
hlen = (pip->ip_hl + tc->th_off) << 2;
dlen = ntohs(pip->ip_len) - hlen;
/* Modify first packet that has data in it */
/* Modify first packet that has data in it */
if (dlen == 0)
return;
@ -342,18 +341,18 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
memcpy(p, buffer, slen);
}
/* Save information about modfied sequence number */
/* Save information about modfied sequence number */
{
int delta;
SetAckModified(lnk);
tc = (struct tcphdr *)ip_next(pip);
tc = (struct tcphdr *)ip_next(pip);
delta = GetDeltaSeqOut(tc->th_seq, lnk);
AddSeq(lnk, delta + slen, pip->ip_hl, pip->ip_len, tc->th_seq,
tc->th_off);
}
/* Update IP header packet length and checksum */
/* Update IP header packet length and checksum */
{
int accumulate;
@ -364,8 +363,8 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
}
/* Update TCP checksum, Use TcpChecksum since so many things have
already changed. */
/* Update TCP checksum, Use TcpChecksum since so many things have
already changed. */
tc->th_sum = 0;
#ifdef _KERNEL
@ -376,8 +375,7 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
}
static void
ProxyEncodeIpHeader(struct ip *pip,
int maxpacketsize)
ProxyEncodeIpHeader(struct ip *pip, int maxpacketsize)
{
#define OPTION_LEN_BYTES 8
#define OPTION_LEN_INT16 4
@ -385,17 +383,17 @@ ProxyEncodeIpHeader(struct ip *pip,
_Alignas(_Alignof(u_short)) u_char option[OPTION_LEN_BYTES];
#ifdef LIBALIAS_DEBUG
fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip));
fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip));
fprintf(stdout, " ip cksum 1 = %x\n", (u_int)IpChecksum(pip));
fprintf(stdout, "tcp cksum 1 = %x\n", (u_int)TcpChecksum(pip));
#endif
(void)maxpacketsize;
/* Check to see that there is room to add an IP option */
/* Check to see that there is room to add an IP option */
if (pip->ip_hl > (0x0f - OPTION_LEN_INT32))
return;
/* Build option and copy into packet */
/* Build option and copy into packet */
{
u_char *ptr;
struct tcphdr *tc;
@ -407,15 +405,15 @@ ProxyEncodeIpHeader(struct ip *pip,
option[0] = 0x64; /* class: 3 (reserved), option 4 */
option[1] = OPTION_LEN_BYTES;
memcpy(&option[2], (u_char *) & pip->ip_dst, 4);
memcpy(&option[2], (u_char *)&pip->ip_dst, 4);
tc = (struct tcphdr *)ip_next(pip);
memcpy(&option[6], (u_char *) & tc->th_sport, 2);
memcpy(&option[6], (u_char *)&tc->th_sport, 2);
memcpy(ptr, option, 8);
}
/* Update checksum, header length and packet length */
/* Update checksum, header length and packet length */
{
int i;
int accumulate;
@ -441,8 +439,8 @@ ProxyEncodeIpHeader(struct ip *pip,
#undef OPTION_LEN_INT16
#undef OPTION_LEN_INT32
#ifdef LIBALIAS_DEBUG
fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip));
fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip));
fprintf(stdout, " ip cksum 2 = %x\n", (u_int)IpChecksum(pip));
fprintf(stdout, "tcp cksum 2 = %x\n", (u_int)TcpChecksum(pip));
#endif
}
@ -457,7 +455,7 @@ ProxyEncodeIpHeader(struct ip *pip,
int
ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
u_short * proxy_server_port, struct in_addr src_addr,
u_short * proxy_server_port, struct in_addr src_addr,
struct in_addr dst_addr, u_short dst_port, u_char ip_p)
{
struct proxy_entry *ptr;
@ -498,12 +496,11 @@ ProxyModify(struct libalias *la, struct alias_link *lnk,
int maxpacketsize,
int proxy_type)
{
LIBALIAS_LOCK_ASSERT(la);
(void)la;
switch (proxy_type) {
case PROXY_TYPE_ENCODE_IPHDR:
case PROXY_TYPE_ENCODE_IPHDR:
ProxyEncodeIpHeader(pip, maxpacketsize);
break;
@ -517,9 +514,6 @@ ProxyModify(struct libalias *la, struct alias_link *lnk,
Public API functions
*/
int
LibAliasProxyRule(struct libalias *la, const char *cmd)
{
/*
* This function takes command strings of the form:
*
@ -541,6 +535,9 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
* then 0 is used, and group 0 rules are always checked before any
* others.
*/
int
LibAliasProxyRule(struct libalias *la, const char *cmd)
{
int i, n, len, ret;
int cmd_len;
int token_count;
@ -563,7 +560,8 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
LIBALIAS_LOCK(la);
ret = 0;
/* Copy command line into a buffer */
/* Copy command line into a buffer */
cmd += strspn(cmd, " \t");
cmd_len = strlen(cmd);
if (cmd_len > (int)(sizeof(buffer) - 1)) {
@ -572,14 +570,14 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
}
strcpy(buffer, cmd);
/* Convert to lower case */
/* Convert to lower case */
len = strlen(buffer);
for (i = 0; i < len; i++)
buffer[i] = tolower((unsigned char)buffer[i]);
/* Set default proxy type */
/* Set default proxy type */
/* Set up default values */
/* Set up default values */
rule_index = 0;
proxy_type = PROXY_TYPE_ENCODE_NONE;
proto = IPPROTO_TCP;
@ -594,7 +592,7 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
str_port[0] = 0;
str_server_port[0] = 0;
/* Parse command string with state machine */
/* Parse command string with state machine */
#define STATE_READ_KEYWORD 0
#define STATE_READ_TYPE 1
#define STATE_READ_PORT 2
@ -652,41 +650,40 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
state = STATE_READ_KEYWORD;
break;
case STATE_READ_SERVER:
{
int err;
char *p;
char s[sizeof(buffer)];
case STATE_READ_SERVER: {
int err;
char *p;
char s[sizeof(buffer)];
p = token;
while (*p != ':' && *p != 0)
p++;
p = token;
while (*p != ':' && *p != 0)
p++;
if (*p != ':') {
err = IpAddr(token, &server_addr);
if (err) {
ret = -1;
goto getout;
}
} else {
*p = ' ';
if (*p != ':') {
err = IpAddr(token, &server_addr);
if (err) {
ret = -1;
goto getout;
}
} else {
*p = ' ';
n = sscanf(token, "%s %s", s, str_server_port);
if (n != 2) {
ret = -1;
goto getout;
}
n = sscanf(token, "%s %s", s, str_server_port);
if (n != 2) {
ret = -1;
goto getout;
}
err = IpAddr(s, &server_addr);
if (err) {
ret = -1;
goto getout;
}
err = IpAddr(s, &server_addr);
if (err) {
ret = -1;
goto getout;
}
}
state = STATE_READ_KEYWORD;
break;
}
case STATE_READ_RULE:
n = sscanf(token, "%d", &rule_index);
if (n != 1 || rule_index < 0) {
@ -696,29 +693,28 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
state = STATE_READ_KEYWORD;
break;
case STATE_READ_DELETE:
{
int err;
int rule_to_delete;
case STATE_READ_DELETE: {
int err;
int rule_to_delete;
if (token_count != 2) {
ret = -1;
goto getout;
}
n = sscanf(token, "%d", &rule_to_delete);
if (n != 1) {
ret = -1;
goto getout;
}
err = RuleNumberDelete(la, rule_to_delete);
if (err)
ret = -1;
else
ret = 0;
if (token_count != 2) {
ret = -1;
goto getout;
}
n = sscanf(token, "%d", &rule_to_delete);
if (n != 1) {
ret = -1;
goto getout;
}
err = RuleNumberDelete(la, rule_to_delete);
if (err)
ret = -1;
else
ret = 0;
goto getout;
}
case STATE_READ_PROTO:
if (strcmp(token, "tcp") == 0)
proto = IPPROTO_TCP;
@ -732,58 +728,58 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
break;
case STATE_READ_SRC:
case STATE_READ_DST:
{
int err;
char *p;
struct in_addr mask;
struct in_addr addr;
case STATE_READ_DST: {
int err;
char *p;
struct in_addr mask;
struct in_addr addr;
p = token;
while (*p != '/' && *p != 0)
p++;
p = token;
while (*p != '/' && *p != 0)
p++;
if (*p != '/') {
IpMask(32, &mask);
err = IpAddr(token, &addr);
if (err) {
ret = -1;
goto getout;
}
} else {
int nbits;
char s[sizeof(buffer)];
if (*p != '/') {
IpMask(32, &mask);
err = IpAddr(token, &addr);
if (err) {
ret = -1;
goto getout;
}
} else {
int nbits;
char s[sizeof(buffer)];
*p = ' ';
n = sscanf(token, "%s %d", s, &nbits);
if (n != 2) {
ret = -1;
goto getout;
}
err = IpAddr(s, &addr);
if (err) {
ret = -1;
goto getout;
}
err = IpMask(nbits, &mask);
if (err) {
ret = -1;
goto getout;
}
*p = ' ';
n = sscanf(token, "%s %d", s, &nbits);
if (n != 2) {
ret = -1;
goto getout;
}
if (state == STATE_READ_SRC) {
src_addr = addr;
src_mask = mask;
} else {
dst_addr = addr;
dst_mask = mask;
err = IpAddr(s, &addr);
if (err) {
ret = -1;
goto getout;
}
err = IpMask(nbits, &mask);
if (err) {
ret = -1;
goto getout;
}
}
if (state == STATE_READ_SRC) {
src_addr = addr;
src_mask = mask;
} else {
dst_addr = addr;
dst_mask = mask;
}
state = STATE_READ_KEYWORD;
break;
}
default:
ret = -1;
@ -805,9 +801,10 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
#undef STATE_READ_SRC
#undef STATE_READ_DST
/* Convert port strings to numbers. This needs to be done after
the string is parsed, because the prototype might not be designated
before the ports (which might be symbolic entries in /etc/services) */
/* Convert port strings to numbers.
This needs to be done after the string is parsed, because
the prototype might not be designated before the ports
(which might be symbolic entries in /etc/services) */
if (strlen(str_port) != 0) {
int err;
@ -833,13 +830,13 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
server_port = 0;
}
/* Check that at least the server address has been defined */
/* Check that at least the server address has been defined */
if (server_addr.s_addr == 0) {
ret = -1;
goto getout;
}
/* Add to linked list */
/* Add to linked list */
proxy_entry = malloc(sizeof(struct proxy_entry));
if (proxy_entry == NULL) {
ret = -1;

138
sys/netinet/libalias/alias_sctp.c
View File

@ -2,7 +2,7 @@
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright (c) 2008
* Swinburne University of Technology, Melbourne, Australia.
* Swinburne University of Technology, Melbourne, Australia.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -128,15 +128,15 @@ static void TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm,\
struct sctp_nat_assoc *assoc, int sndrply, int direction);
/* Hash Table Functions */
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port);
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match);
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc);
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port);
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port);
static int AddSctpAssocLocal(struct libalias *la, struct sctp_nat_assoc *assoc, struct in_addr g_addr);
@ -151,7 +151,7 @@ static void sctp_ResetTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc,
void sctp_CheckTimers(struct libalias *la);
/* Logging Functions */
static void logsctperror(char* errormsg, uint32_t vtag, int error, int direction);
static void logsctperror(char *errormsg, uint32_t vtag, int error, int direction);
static void logsctpparse(int direction, struct sctp_nat_msg *sm);
static void logsctpassoc(struct sctp_nat_assoc *assoc, char *s);
static void logTimerQ(struct libalias *la);
@ -181,7 +181,7 @@ static void SctpAliasLog(const char *format, ...);
*/
void SctpShowAliasStats(struct libalias *la);
#ifdef _KERNEL
#ifdef _KERNEL
static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs");
/* Use kernel allocator. */
@ -438,7 +438,8 @@ int sysctl_chg_loglevel(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &level, 0, req);
if (error) return (error);
if (error)
return (error);
level = (level > SN_LOG_DEBUG_MAX) ? (SN_LOG_DEBUG_MAX) : (level);
level = (level < SN_LOG_LOW) ? (SN_LOG_LOW) : (level);
@ -459,7 +460,8 @@ int sysctl_chg_timer(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &timer, 0, req);
if (error) return (error);
if (error)
return (error);
timer = (timer > SN_MAX_TIMER) ? (SN_MAX_TIMER) : (timer);
@ -487,7 +489,8 @@ int sysctl_chg_hashtable_size(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &size, 0, req);
if (error) return (error);
if (error)
return (error);
size = (size < SN_MIN_HASH_SIZE) ? (SN_MIN_HASH_SIZE) : ((size > SN_MAX_HASH_SIZE) ? (SN_MAX_HASH_SIZE) : (size));
@ -515,7 +518,8 @@ int sysctl_chg_error_on_ootb(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &flag, 0, req);
if (error) return (error);
if (error)
return (error);
sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag;
@ -534,7 +538,8 @@ int sysctl_chg_accept_global_ootb_addip(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &flag, 0, req);
if (error) return (error);
if (error)
return (error);
sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0;
@ -554,7 +559,8 @@ int sysctl_chg_initialising_chunk_proc_limit(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &proclimit, 0, req);
if (error) return (error);
if (error)
return (error);
sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit;
sysctl_chunk_proc_limit =
@ -576,7 +582,8 @@ int sysctl_chg_chunk_proc_limit(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &proclimit, 0, req);
if (error) return (error);
if (error)
return (error);
sysctl_chunk_proc_limit =
(proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit;
@ -597,7 +604,8 @@ int sysctl_chg_param_proc_limit(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &proclimit, 0, req);
if (error) return (error);
if (error)
return (error);
sysctl_param_proc_limit =
(proclimit < 2) ? 2 : proclimit;
@ -618,7 +626,8 @@ int sysctl_chg_track_global_addresses(SYSCTL_HANDLER_ARGS)
int error;
error = sysctl_handle_int(oidp, &num_to_track, 0, req);
if (error) return (error);
if (error)
return (error);
sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track;
@ -637,7 +646,8 @@ int sysctl_chg_track_global_addresses(SYSCTL_HANDLER_ARGS)
*
* @param la Pointer to the relevant libalias instance
*/
void AliasSctpInit(struct libalias *la)
void
AliasSctpInit(struct libalias *la)
{
/* Initialise association tables*/
int i;
@ -677,7 +687,8 @@ void AliasSctpInit(struct libalias *la)
*
* @param la Pointer to the relevant libalias instance
*/
void AliasSctpTerm(struct libalias *la)
void
AliasSctpTerm(struct libalias *la)
{
struct sctp_nat_assoc *assoc1, *assoc2;
int i;
@ -773,7 +784,7 @@ SctpAlias(struct libalias *la, struct ip *pip, int direction)
SN_LOG(SN_LOG_DETAIL,
logsctpassoc(assoc, "*");
logsctpparse(direction, &msg);
);
);
/* Process the SCTP message */
rtnval = ProcessSctpMsg(la, direction, &msg, assoc);
@ -782,7 +793,7 @@ SctpAlias(struct libalias *la, struct ip *pip, int direction)
logsctpassoc(assoc, "-");
logSctpLocal(la);
logSctpGlobal(la);
);
);
SN_LOG(SN_LOG_DEBUG, logTimerQ(la));
switch (rtnval) {
@ -815,7 +826,7 @@ SctpAlias(struct libalias *la, struct ip *pip, int direction)
default:
// big error, remove association and go to idle and write log messages
SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
assoc->state=SN_RM;/* Mark for removal*/
assoc->state = SN_RM;/* Mark for removal*/
break;
}
@ -999,12 +1010,12 @@ TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm, struct sctp_nat_asso
memcpy(sm->ip_hdr, ip, ip_size);
SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n",
((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
(include_error_cause ? ntohs(error_cause->code) : 0),
inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)),
ntohs(sctp_hdr->dest_port),
ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum)));
((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
(include_error_cause ? ntohs(error_cause->code) : 0),
inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)),
ntohs(sctp_hdr->dest_port),
ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum)));
}
/* ----------------------------------------------------------------------
@ -1265,7 +1276,7 @@ GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm, uint32_t *l_vtag, u
struct sctp_paramhdr ph;/* type=SCTP_VTAG_PARAM */
uint32_t local_vtag;
uint32_t remote_vtag;
} __attribute__((packed));
} __attribute__((packed));
struct sctp_vtag_param *vtag_param;
struct sctp_paramhdr *param;
@ -1298,7 +1309,8 @@ GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm, uint32_t *l_vtag, u
}
bytes_left -= param_size;
if (bytes_left < SN_MIN_PARAM_SIZE) return (0);
if (bytes_left < SN_MIN_PARAM_SIZE)
return (0);
param = SN_SCTP_NEXTPARAM(param);
param_size = SCTP_SIZE32(ntohs(param->param_length));
@ -1455,7 +1467,8 @@ AddGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int
*
* @return 1 - success | 0 - fail
*/
static int Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr)
static int
Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr)
{
struct sctp_GlobalAddress *iter_G_Addr = NULL, *first_G_Addr = NULL;
first_G_Addr = LIST_FIRST(&(assoc->Gaddr));
@ -1550,7 +1563,8 @@ RmGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int d
}
}
bytes_left -= param_size;
if (bytes_left == 0) return;
if (bytes_left == 0)
return;
else if (bytes_left < SN_MIN_PARAM_SIZE) {
SN_LOG(SN_LOG_EVENT,
logsctperror("RmGlobalIPAddress: truncated packet - may not have removed all IP addresses",
@ -1614,13 +1628,14 @@ IsASCONFack(struct libalias *la, struct sctp_nat_msg *sm, int direction)
return (1); /* success - but can't match correlation IDs - should only be one */
/* check others just in case */
bytes_left -= param_size;
if (bytes_left >= SN_MIN_PARAM_SIZE) {
if (bytes_left >= SN_MIN_PARAM_SIZE)
param = SN_SCTP_NEXTPARAM(param);
} else {
else
return (0);
}
param_size = SCTP_SIZE32(ntohs(param->param_length));
if (bytes_left < param_size) return (0);
if (bytes_left < param_size)
return (0);
if (++param_count > sysctl_param_proc_limit) {
SN_LOG(SN_LOG_EVENT,
@ -1667,13 +1682,14 @@ IsADDorDEL(struct libalias *la, struct sctp_nat_msg *sm, int direction)
return (SCTP_DEL_IP_ADDRESS);
/* check others just in case */
bytes_left -= param_size;
if (bytes_left >= SN_MIN_PARAM_SIZE) {
if (bytes_left >= SN_MIN_PARAM_SIZE)
param = SN_SCTP_NEXTPARAM(param);
} else {
else
return (0); /*Neither found */
}
param_size = SCTP_SIZE32(ntohs(param->param_length));
if (bytes_left < param_size) return (0);
if (bytes_left < param_size)
return (0);
if (++param_count > sysctl_param_proc_limit) {
SN_LOG(SN_LOG_EVENT,
@ -1771,7 +1787,7 @@ ID_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, str
assoc->g_port = sm->sctp_hdr->dest_port;
if (sm->msg == SN_SCTP_INIT)
assoc->g_vtag = sm->sctpchnk.Init->initiate_tag;
if (AddSctpAssocGlobal(la, assoc)) /* DB clash *///**** need to add dst address
if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add dst address */
return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR);
if (sm->msg == SN_SCTP_ASCONF) {
if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_dst)) /* DB clash */
@ -1789,10 +1805,10 @@ ID_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, str
if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_src)) /* DB clash */
return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR);
if (sm->msg == SN_SCTP_ASCONF) {
if (AddSctpAssocGlobal(la, assoc)) /* DB clash */ //**** need to add src address
if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add src address */
return (SN_REPLY_ERROR);
assoc->TableRegister |= SN_WAIT_TOGLOBAL; /* wait for toglobal ack */
}
}
break;
}
assoc->state = (sm->msg == SN_SCTP_INIT) ? SN_INi : SN_INa;
@ -1938,7 +1954,8 @@ UP_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, str
case SCTP_DEL_IP_ADDRESS:
RmGlobalIPAddresses(sm, assoc, direction);
break;
} /* fall through to default */
}
/* fall through to default */
default:
sctp_ResetTimeOut(la,assoc, SN_U_T(la));
return (SN_NAT_PKT); /* forward packet */
@ -2009,7 +2026,7 @@ CL_process(struct libalias *la, int direction,struct sctp_nat_assoc *assoc, stru
*
* @return pointer to association or NULL
*/
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port)
{
u_int i;
@ -2046,8 +2063,8 @@ FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr,
*
* @return pointer to association or NULL
*/
static struct sctp_nat_assoc*
FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc)
static struct sctp_nat_assoc *
FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc)
{
u_int i;
struct sctp_nat_assoc *assoc = NULL;
@ -2093,7 +2110,7 @@ FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc)
*
* @return pointer to association or NULL
*/
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match)
{
u_int i;
@ -2134,7 +2151,7 @@ FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint
*
* @return pointer to association or NULL
*/
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port)
{
u_int i;
@ -2152,7 +2169,8 @@ FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint
return (assoc); /* full match */
}
} else {
if (++cnt > 1) return (NULL);
if (++cnt > 1)
return (NULL);
lastmatch = assoc;
}
}
@ -2176,7 +2194,7 @@ FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint
*
* @return pointer to association or NULL
*/
static struct sctp_nat_assoc*
static struct sctp_nat_assoc *
FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port)
{
u_int i;
@ -2282,8 +2300,9 @@ AddSctpAssocGlobal(struct libalias *la, struct sctp_nat_assoc *assoc)
LIBALIAS_LOCK_ASSERT(la);
found = FindSctpGlobalClash(la, assoc);
if (found != NULL) {
if ((found->TableRegister == SN_GLOBAL_TBL) && \
(found->l_addr.s_addr == assoc->l_addr.s_addr) && (found->l_port == assoc->l_port)) { /* resent message */
if ((found->TableRegister == SN_GLOBAL_TBL) &&
(found->l_addr.s_addr == assoc->l_addr.s_addr) &&
(found->l_port == assoc->l_port)) { /* resent message */
RmSctpAssoc(la, found);
sctp_RmTimeOut(la, found);
freeGlobalAddressList(found);
@ -2515,7 +2534,7 @@ sctp_CheckTimers(struct libalias *la)
* @param direction Direction of packet
*/
static void
logsctperror(char* errormsg, uint32_t vtag, int error, int direction)
logsctperror(char *errormsg, uint32_t vtag, int error, int direction)
{
char dir;
switch (direction) {
@ -2590,7 +2609,7 @@ logsctpparse(int direction, struct sctp_nat_msg *sm)
* @param assoc pointer to sctp association
* @param s Character that indicates the state of processing for this packet
*/
static void logsctpassoc(struct sctp_nat_assoc *assoc, char* s)
static void logsctpassoc(struct sctp_nat_assoc *assoc, char *s)
{
struct sctp_GlobalAddress *G_Addr = NULL;
char *sp;
@ -2642,7 +2661,7 @@ static void logSctpGlobal(struct libalias *la)
struct sctp_nat_assoc *assoc = NULL;
SctpAliasLog("G->\n");
for (i=0; i < la->sctpNatTableSize; i++) {
for (i = 0; i < la->sctpNatTableSize; i++) {
LIST_FOREACH(assoc, &la->sctpTableGlobal[i], list_G) {
logsctpassoc(assoc, " ");
}
@ -2660,7 +2679,7 @@ static void logSctpLocal(struct libalias *la)
struct sctp_nat_assoc *assoc = NULL;
SctpAliasLog("L->\n");
for (i=0; i < la->sctpNatTableSize; i++) {
for (i = 0; i < la->sctpNatTableSize; i++) {
LIST_FOREACH(assoc, &la->sctpTableLocal[i], list_L) {
logsctpassoc(assoc, " ");
}
@ -2679,7 +2698,7 @@ static void logTimerQ(struct libalias *la)
struct sctp_nat_assoc *assoc = NULL;
SctpAliasLog("t->\n");
for (i=0; i < SN_TIMER_QUEUE_SIZE; i++) {
for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) {
LIST_FOREACH(assoc, &la->sctpNatTimer.TimerQ[i], timer_Q) {
snprintf(buf, 50, " l=%u ",i);
//SctpAliasLog(la->logDesc," l=%d ",i);
@ -2705,8 +2724,7 @@ SctpAliasLog(const char *format, ...)
va_start(ap, format);
vsnprintf(buffer, LIBALIAS_BUF_SIZE, format, ap);
va_end(ap);
log(LOG_SECURITY | LOG_INFO,
"alias_sctp: %s", buffer);
log(LOG_SECURITY | LOG_INFO, "alias_sctp: %s", buffer);
}
#else
static void

26
sys/netinet/libalias/alias_sctp.h
View File

@ -27,7 +27,7 @@
*/
/*
* Alias_sctp forms part of the libalias kernel module to handle
* Alias_sctp forms part of the libalias kernel module to handle
* Network Address Translation (NAT) for the SCTP protocol.
*
* This software was developed by David A. Hayes
@ -40,7 +40,7 @@
* proposed by Jason But and Grenville Armitage:
* http://caia.swin.edu.au/urp/sonata/
*
*
*
* This project has been made possible in part by a grant from
* the Cisco University Research Program Fund at Community
* Foundation Silicon Valley.
@ -53,7 +53,7 @@
#define _ALIAS_SCTP_H_
#include <sys/param.h>
#ifdef _KERNEL
#ifdef _KERNEL
#include <sys/malloc.h>
#include <sys/module.h>
#include <sys/kernel.h>
@ -61,7 +61,7 @@
#include <sys/uio.h>
#include <sys/socketvar.h>
#include <sys/syslog.h>
#endif // #ifdef _KERNEL
#endif // #ifdef _KERNEL
#include <sys/types.h>
#include <sys/queue.h>
@ -75,7 +75,7 @@
/**
* These are defined in sctp_os_bsd.h, but it can't be included due to its local file
* inclusion, so I'm defining them here.
*
*
*/
#include <machine/cpufunc.h>
/* The packed define for 64 bit platforms */
@ -128,18 +128,18 @@ struct sctp_nat_assoc {
uint16_t l_port; /**< local side port number */
uint32_t g_vtag; /**< global side verification tag */
uint16_t g_port; /**< global side port number */
struct in_addr l_addr; /**< local ip address */
struct in_addr a_addr; /**< alias ip address */
struct in_addr l_addr; /**< local ip address */
struct in_addr a_addr; /**< alias ip address */
int state; /**< current state of NAT association */
int TableRegister; /**< stores which look up tables association is registered in */
int exp; /**< timer expiration in seconds from uptime */
int exp_loc; /**< current location in timer_Q */
int num_Gaddr; /**< number of global IP addresses in the list */
int num_Gaddr; /**< number of global IP addresses in the list */
LIST_HEAD(sctpGlobalAddresshead,sctp_GlobalAddress) Gaddr; /**< List of global addresses */
LIST_ENTRY (sctp_nat_assoc) list_L; /**< Linked list of pointers for Local table*/
LIST_ENTRY (sctp_nat_assoc) list_G; /**< Linked list of pointers for Global table */
LIST_ENTRY (sctp_nat_assoc) timer_Q; /**< Linked list of pointers for timer Q */
//Using libalias locking
//Using libalias locking
};
struct sctp_GlobalAddress {
@ -153,14 +153,14 @@ struct sctp_GlobalAddress {
* The only chunks whose contents are of any interest are the INIT and ASCONF_AddIP
*/
union sctpChunkOfInt {
struct sctp_init *Init; /**< Pointer to Init Chunk */
struct sctp_init *Init; /**< Pointer to Init Chunk */
struct sctp_init_ack *InitAck; /**< Pointer to Init Chunk */
struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */
struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */
};
/**
* @brief SCTP message
*
*
* Structure containing the relevant information from the SCTP message
*/
struct sctp_nat_msg {
@ -177,7 +177,7 @@ struct sctp_nat_msg {
/**
* @brief sctp nat timer queue structure
*
*
*/
struct sctp_nat_timer {

30
sys/netinet/libalias/alias_skinny.c
View File

@ -61,7 +61,6 @@ AliasHandleSkinny(struct libalias *, struct ip *, struct alias_link *);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
return (-1);
if (la->skinnyPort != 0 && (ntohs(*ah->sport) == la->skinnyPort ||
@ -73,8 +72,7 @@ fingerprint(struct libalias *la, struct alias_data *ah)
static int
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
AliasHandleSkinny(la, pip, ah->lnk);
AliasHandleSkinny(la, pip, ah->lnk);
return (0);
}
@ -116,7 +114,7 @@ moduledata_t alias_mod = {
"alias_skinny", mod_handler, NULL
};
#ifdef _KERNEL
#ifdef _KERNEL
DECLARE_MODULE(alias_skinny, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_skinny, 1);
MODULE_DEPEND(alias_skinny, libalias, 1, 1, 1);
@ -153,10 +151,10 @@ MODULE_DEPEND(alias_skinny, libalias, 1, 1, 1);
/* #define LIBALIAS_DEBUG 1 */
/* Message types that need translating */
#define REG_MSG 0x00000001
#define IP_PORT_MSG 0x00000002
#define OPNRCVCH_ACK 0x00000022
#define START_MEDIATX 0x0000008a
#define REG_MSG 0x00000001
#define IP_PORT_MSG 0x00000002
#define OPNRCVCH_ACK 0x00000022
#define START_MEDIATX 0x0000008a
struct skinny_header {
u_int32_t len;
@ -214,7 +212,7 @@ alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip,
{
(void)direction;
reg_msg->ipAddr = (u_int32_t) GetAliasAddress(lnk).s_addr;
reg_msg->ipAddr = (u_int32_t)GetAliasAddress(lnk).s_addr;
tc->th_sum = 0;
#ifdef _KERNEL
@ -257,7 +255,7 @@ alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
{
(void)direction;
port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(lnk));
port_msg->stationIpPort = (u_int32_t)ntohs(GetAliasPort(lnk));
tc->th_sum = 0;
#ifdef _KERNEL
@ -281,15 +279,15 @@ alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opn
(void)lnk;
(void)direction;
*localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
*localIpAddr = (u_int32_t)opnrcvch_ack->ipAddr;
localPort = opnrcvch_ack->port;
null_addr.s_addr = INADDR_ANY;
opnrcv_lnk = FindUdpTcpOut(la, pip->ip_src, null_addr,
htons((u_short) opnrcvch_ack->port), 0,
IPPROTO_UDP, 1);
opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_lnk).s_addr;
opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_lnk));
opnrcvch_ack->ipAddr = (u_int32_t)GetAliasAddress(opnrcv_lnk).s_addr;
opnrcvch_ack->port = (u_int32_t)ntohs(GetAliasPort(opnrcv_lnk));
tc->th_sum = 0;
#ifdef _KERNEL
@ -323,11 +321,11 @@ AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *lnk)
* handle the scenario where the call manager is on the inside, and
* the calling phone is on the global outside.
*/
if (ntohs(tc->th_dport) == la->skinnyPort) {
if (ntohs(tc->th_dport) == la->skinnyPort)
direction = ClientToServer;
} else if (ntohs(tc->th_sport) == la->skinnyPort) {
else if (ntohs(tc->th_sport) == la->skinnyPort)
direction = ServerToClient;
} else {
else {
#ifdef LIBALIAS_DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");

91
sys/netinet/libalias/alias_smedia.c
View File

@ -131,14 +131,13 @@ __FBSDID("$FreeBSD$");
#define TFTP_PORT_NUMBER 69
static void
AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *,
int maxpacketsize);
AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *,
int maxpacketsize);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport != NULL && ah->aport != NULL && ah->sport != NULL &&
ntohs(*ah->dport) == TFTP_PORT_NUMBER)
ntohs(*ah->dport) == TFTP_PORT_NUMBER)
return (0);
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->maxpktsize == 0)
@ -154,11 +153,10 @@ fingerprint(struct libalias *la, struct alias_data *ah)
static int
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
if (ntohs(*ah->dport) == TFTP_PORT_NUMBER)
FindRtspOut(la, pip->ip_src, pip->ip_dst,
*ah->sport, *ah->aport, IPPROTO_UDP);
else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize);
*ah->sport, *ah->aport, IPPROTO_UDP);
else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize);
return (0);
}
@ -200,15 +198,15 @@ moduledata_t alias_mod = {
"alias_smedia", mod_handler, NULL
};
#ifdef _KERNEL
#ifdef _KERNEL
DECLARE_MODULE(alias_smedia, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_smedia, 1);
MODULE_DEPEND(alias_smedia, libalias, 1, 1, 1);
#endif
#define RTSP_CONTROL_PORT_NUMBER_1 554
#define RTSP_CONTROL_PORT_NUMBER_2 7070
#define RTSP_PORT_GROUP 2
#define RTSP_CONTROL_PORT_NUMBER_1 554
#define RTSP_CONTROL_PORT_NUMBER_2 7070
#define RTSP_PORT_GROUP 2
#define ISDIGIT(a) (((a) >= '0') && ((a) <= '9'))
@ -222,12 +220,10 @@ search_string(char *data, int dlen, const char *search_str)
for (i = 0; i < dlen - search_str_len; i++) {
for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
if (data[j] != search_str[k] &&
data[j] != search_str[k] - ('a' - 'A')) {
data[j] != search_str[k] - ('a' - 'A'))
break;
}
if (k == search_str_len - 1) {
if (k == search_str_len - 1)
return (j + 1);
}
}
}
return (-1);
@ -259,9 +255,9 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
/* Find keyword, "Transport: " */
pos = search_string(data, dlen, transport_str);
if (pos < 0) {
if (pos < 0)
return (-1);
}
port_data = data + pos;
port_dlen = dlen - pos;
@ -271,9 +267,9 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
while (port_dlen > (int)strlen(port_str)) {
/* Find keyword, appropriate port string */
pos = search_string(port_data, port_dlen, port_str);
if (pos < 0) {
if (pos < 0)
break;
}
memcpy(port_newdata, port_data, pos + 1);
port_newdata += (pos + 1);
@ -283,28 +279,22 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
for (i = pos; i < port_dlen; i++) {
switch (state) {
case 0:
if (port_data[i] == '=') {
if (port_data[i] == '=')
state++;
}
break;
case 1:
if (ISDIGIT(port_data[i])) {
if (ISDIGIT(port_data[i]))
p[0] = p[0] * 10 + port_data[i] - '0';
} else {
if (port_data[i] == ';') {
state = 3;
}
if (port_data[i] == '-') {
state++;
}
}
else if (port_data[i] == ';')
state = 3;
else if (port_data[i] == '-')
state++;
break;
case 2:
if (ISDIGIT(port_data[i])) {
if (ISDIGIT(port_data[i]))
p[1] = p[1] * 10 + port_data[i] - '0';
} else {
else
state++;
}
break;
case 3:
base_port = p[0];
@ -409,10 +399,7 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
tc->th_seq, tc->th_off);
new_len = htons(hlen + new_dlen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
DifferentialChecksum(&pip->ip_sum, &new_len, &pip->ip_len, 1);
pip->ip_len = new_len;
tc->th_sum = 0;
@ -445,10 +432,9 @@ alias_pna_out(struct libalias *la, struct ip *pip,
work += 2;
memcpy(&msg_len, work, 2);
work += 2;
if (ntohs(msg_id) == 0) {
/* end of options */
if (ntohs(msg_id) == 0) /* end of options */
return (0);
}
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
memcpy(&port, work, 2);
pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(lnk),
@ -501,17 +487,15 @@ AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *lnk,
/* When aliasing a client, check for the SETUP request */
if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
(ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
if (dlen >= (int)strlen(setup)) {
if (memcmp(data, setup, strlen(setup)) == 0) {
alias_rtsp_out(la, pip, lnk, data, client_port_str);
return;
}
}
if (dlen >= (int)strlen(pna)) {
if (memcmp(data, pna, strlen(pna)) == 0) {
alias_pna_out(la, pip, lnk, data, dlen);
}
if (dlen >= (int)strlen(setup) &&
memcmp(data, setup, strlen(setup)) == 0) {
alias_rtsp_out(la, pip, lnk, data, client_port_str);
return;
}
if (dlen >= (int)strlen(pna) &&
memcmp(data, pna, strlen(pna)) == 0)
alias_pna_out(la, pip, lnk, data, dlen);
} else {
/*
* When aliasing a server, check for the 200 reply
@ -521,21 +505,20 @@ AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *lnk,
if (dlen >= (int)strlen(str200)) {
for (parseOk = 0, i = 0;
i <= dlen - (int)strlen(str200);
i++) {
i++)
if (memcmp(&data[i], str200, strlen(str200)) == 0) {
parseOk = 1;
break;
}
}
if (parseOk) {
i += strlen(str200); /* skip string found */
while (data[i] == ' ') /* skip blank(s) */
i++;
if ((dlen - i) >= (int)strlen(okstr)) {
if ((dlen - i) >= (int)strlen(okstr))
if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
alias_rtsp_out(la, pip, lnk, data, server_port_str);
}
}
}
}

30
sys/netinet/libalias/alias_util.c
View File

@ -72,8 +72,8 @@ __FBSDID("$FreeBSD$");
* purposes);
*/
u_short
LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr,
int nbytes)
LibAliasInternetChecksum(struct libalias *la __unused, u_short *ptr,
int nbytes)
{
int sum, oddbyte;
@ -85,8 +85,8 @@ LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr,
}
if (nbytes == 1) {
oddbyte = 0;
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
((u_char *) & oddbyte)[1] = 0;
((u_char *)&oddbyte)[0] = *(u_char *)ptr;
((u_char *)&oddbyte)[1] = 0;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
@ -95,11 +95,11 @@ LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr,
return (~sum);
}
#ifndef _KERNEL
#ifndef _KERNEL
u_short
IpChecksum(struct ip *pip)
{
return (LibAliasInternetChecksum(NULL, (u_short *) pip,
return (LibAliasInternetChecksum(NULL, (u_short *)pip,
(pip->ip_hl << 2)));
}
@ -116,7 +116,7 @@ TcpChecksum(struct ip *pip)
ntcp = ntohs(pip->ip_len) - nhdr;
tc = (struct tcphdr *)ip_next(pip);
ptr = (u_short *) tc;
ptr = (u_short *)tc;
/* Add up TCP header and data */
nbytes = ntcp;
@ -127,8 +127,8 @@ TcpChecksum(struct ip *pip)
}
if (nbytes == 1) {
oddbyte = 0;
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
((u_char *) & oddbyte)[1] = 0;
((u_char *)&oddbyte)[0] = *(u_char *)ptr;
((u_char *)&oddbyte)[1] = 0;
sum += oddbyte;
}
/* "Pseudo-header" data */
@ -138,20 +138,20 @@ TcpChecksum(struct ip *pip)
ptr = (void *)&pip->ip_src;
sum += *ptr++;
sum += *ptr;
sum += htons((u_short) ntcp);
sum += htons((u_short) pip->ip_p);
sum += htons((u_short)ntcp);
sum += htons((u_short)pip->ip_p);
/* Roll over carry bits */
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
/* Return checksum */
return ((u_short) ~ sum);
return ((u_short)~sum);
}
#endif /* not _KERNEL */
void
DifferentialChecksum(u_short * cksum, void *newp, void *oldp, int n)
DifferentialChecksum(u_short *cksum, void *newp, void *oldp, int n)
{
int i;
int accumulate;
@ -168,10 +168,10 @@ DifferentialChecksum(u_short * cksum, void *newp, void *oldp, int n)
accumulate = -accumulate;
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) ~ accumulate;
*cksum = (u_short)~accumulate;
} else {
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) accumulate;
*cksum = (u_short)accumulate;
}
}