libalias: Style cleanup
libalias is a convolut of various coding styles modified by a series of different editors enforcing interesting convetions on spacing and comments. This patch is a baseline to start with a perfomance rework of libalias. Upcoming patches should be focus on the code, not on the style. That's why most annoying style errors should be fixed beforehand. Reviewed by: hselasky Discussed by: emaste MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D30259
This commit is contained in:
parent
91f251b2ab
commit
effc8e57fb
@ -146,7 +146,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include "alias_mod.h"
|
||||
#endif
|
||||
|
||||
/*
|
||||
/*
|
||||
* Define libalias SYSCTL Node
|
||||
*/
|
||||
#ifdef SYSCTL_NODE
|
||||
@ -192,7 +192,6 @@ static void TcpMonitorOut(u_char, struct alias_link *);
|
||||
static void
|
||||
TcpMonitorIn(u_char th_flags, struct alias_link *lnk)
|
||||
{
|
||||
|
||||
switch (GetStateIn(lnk)) {
|
||||
case ALIAS_TCP_STATE_NOT_CONNECTED:
|
||||
if (th_flags & TH_RST)
|
||||
@ -210,7 +209,6 @@ TcpMonitorIn(u_char th_flags, struct alias_link *lnk)
|
||||
static void
|
||||
TcpMonitorOut(u_char th_flags, struct alias_link *lnk)
|
||||
{
|
||||
|
||||
switch (GetStateOut(lnk)) {
|
||||
case ALIAS_TCP_STATE_NOT_CONNECTED:
|
||||
if (th_flags & TH_RST)
|
||||
@ -285,21 +283,20 @@ static int UdpAliasOut(struct libalias *, struct ip *, int, int create);
|
||||
static int TcpAliasIn(struct libalias *, struct ip *);
|
||||
static int TcpAliasOut(struct libalias *, struct ip *, int, int create);
|
||||
|
||||
static int
|
||||
IcmpAliasIn1(struct libalias *la, struct ip *pip)
|
||||
{
|
||||
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
/*
|
||||
De-alias incoming echo and timestamp replies.
|
||||
Alias incoming echo and timestamp requests.
|
||||
*/
|
||||
static int
|
||||
IcmpAliasIn1(struct libalias *la, struct ip *pip)
|
||||
{
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
struct alias_link *lnk;
|
||||
struct icmp *ic;
|
||||
|
||||
ic = (struct icmp *)ip_next(pip);
|
||||
|
||||
/* Get source address from ICMP data field and restore original data */
|
||||
/* Get source address from ICMP data field and restore original data */
|
||||
lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
|
||||
if (lnk != NULL) {
|
||||
u_short original_id;
|
||||
@ -307,15 +304,15 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
|
||||
|
||||
original_id = GetOriginalPort(lnk);
|
||||
|
||||
/* Adjust ICMP checksum */
|
||||
/* Adjust ICMP checksum */
|
||||
accumulate = ic->icmp_id;
|
||||
accumulate -= original_id;
|
||||
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
|
||||
|
||||
/* Put original sequence number back in */
|
||||
/* Put original sequence number back in */
|
||||
ic->icmp_id = original_id;
|
||||
|
||||
/* Put original address back into IP header */
|
||||
/* Put original address back into IP header */
|
||||
{
|
||||
struct in_addr original_address;
|
||||
|
||||
@ -330,15 +327,14 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
|
||||
return (PKT_ALIAS_IGNORED);
|
||||
}
|
||||
|
||||
static int
|
||||
IcmpAliasIn2(struct libalias *la, struct ip *pip)
|
||||
{
|
||||
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
/*
|
||||
Alias incoming ICMP error messages containing
|
||||
IP header and first 64 bits of datagram.
|
||||
*/
|
||||
static int
|
||||
IcmpAliasIn2(struct libalias *la, struct ip *pip)
|
||||
{
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
struct ip *ip;
|
||||
struct icmp *ic, *ic2;
|
||||
struct udphdr *ud;
|
||||
@ -377,7 +373,7 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
|
||||
original_address = GetOriginalAddress(lnk);
|
||||
original_port = GetOriginalPort(lnk);
|
||||
|
||||
/* Adjust ICMP checksum */
|
||||
/* Adjust ICMP checksum */
|
||||
accumulate = twowords(&ip->ip_src);
|
||||
accumulate -= twowords(&original_address);
|
||||
accumulate += ud->uh_sport;
|
||||
@ -388,13 +384,14 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
|
||||
accumulate2 -= ip->ip_sum;
|
||||
ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
|
||||
|
||||
/* Un-alias address in IP header */
|
||||
/* Un-alias address in IP header */
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&original_address, &pip->ip_dst, 2);
|
||||
pip->ip_dst = original_address;
|
||||
|
||||
/* Un-alias address and port number of original IP packet
|
||||
fragment contained in ICMP data section */
|
||||
/* Un-alias address and port number of
|
||||
* original IP packet fragment contained
|
||||
* in ICMP data section */
|
||||
ip->ip_src = original_address;
|
||||
ud->uh_sport = original_port;
|
||||
} else if (ip->ip_p == IPPROTO_ICMP) {
|
||||
@ -405,7 +402,7 @@ fragment contained in ICMP data section */
|
||||
original_address = GetOriginalAddress(lnk);
|
||||
original_id = GetOriginalPort(lnk);
|
||||
|
||||
/* Adjust ICMP checksum */
|
||||
/* Adjust ICMP checksum */
|
||||
accumulate = twowords(&ip->ip_src);
|
||||
accumulate -= twowords(&original_address);
|
||||
accumulate += ic2->icmp_id;
|
||||
@ -416,13 +413,13 @@ fragment contained in ICMP data section */
|
||||
accumulate2 -= ip->ip_sum;
|
||||
ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
|
||||
|
||||
/* Un-alias address in IP header */
|
||||
/* Un-alias address in IP header */
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&original_address, &pip->ip_dst, 2);
|
||||
pip->ip_dst = original_address;
|
||||
|
||||
/* Un-alias address of original IP packet and sequence number of
|
||||
embedded ICMP datagram */
|
||||
/* Un-alias address of original IP packet and
|
||||
* sequence number of embedded ICMP datagram */
|
||||
ip->ip_src = original_address;
|
||||
ic2->icmp_id = original_id;
|
||||
}
|
||||
@ -444,7 +441,7 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
|
||||
if (dlen < ICMP_MINLEN)
|
||||
return (PKT_ALIAS_IGNORED);
|
||||
|
||||
/* Return if proxy-only mode is enabled */
|
||||
/* Return if proxy-only mode is enabled */
|
||||
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
|
||||
return (PKT_ALIAS_OK);
|
||||
|
||||
@ -475,20 +472,20 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
|
||||
return (iresult);
|
||||
}
|
||||
|
||||
static int
|
||||
IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
|
||||
{
|
||||
/*
|
||||
Alias outgoing echo and timestamp requests.
|
||||
De-alias outgoing echo and timestamp replies.
|
||||
*/
|
||||
static int
|
||||
IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
|
||||
{
|
||||
struct alias_link *lnk;
|
||||
struct icmp *ic;
|
||||
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
ic = (struct icmp *)ip_next(pip);
|
||||
|
||||
/* Save overwritten data for when echo packet returns */
|
||||
/* Save overwritten data for when echo packet returns */
|
||||
lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create);
|
||||
if (lnk != NULL) {
|
||||
u_short alias_id;
|
||||
@ -496,15 +493,15 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
|
||||
|
||||
alias_id = GetAliasPort(lnk);
|
||||
|
||||
/* Since data field is being modified, adjust ICMP checksum */
|
||||
/* Since data field is being modified, adjust ICMP checksum */
|
||||
accumulate = ic->icmp_id;
|
||||
accumulate -= alias_id;
|
||||
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
|
||||
|
||||
/* Alias sequence number */
|
||||
/* Alias sequence number */
|
||||
ic->icmp_id = alias_id;
|
||||
|
||||
/* Change source address */
|
||||
/* Change source address */
|
||||
{
|
||||
struct in_addr alias_address;
|
||||
|
||||
@ -519,13 +516,13 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
|
||||
return (PKT_ALIAS_IGNORED);
|
||||
}
|
||||
|
||||
static int
|
||||
IcmpAliasOut2(struct libalias *la, struct ip *pip)
|
||||
{
|
||||
/*
|
||||
Alias outgoing ICMP error messages containing
|
||||
IP header and first 64 bits of datagram.
|
||||
*/
|
||||
static int
|
||||
IcmpAliasOut2(struct libalias *la, struct ip *pip)
|
||||
{
|
||||
struct ip *ip;
|
||||
struct icmp *ic, *ic2;
|
||||
struct udphdr *ud;
|
||||
@ -565,24 +562,24 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip)
|
||||
alias_address = GetAliasAddress(lnk);
|
||||
alias_port = GetAliasPort(lnk);
|
||||
|
||||
/* Adjust ICMP checksum */
|
||||
/* Adjust ICMP checksum */
|
||||
accumulate = twowords(&ip->ip_dst);
|
||||
accumulate -= twowords(&alias_address);
|
||||
accumulate += ud->uh_dport;
|
||||
accumulate -= alias_port;
|
||||
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
|
||||
|
||||
/*
|
||||
* Alias address in IP header if it comes from the host
|
||||
* the original TCP/UDP packet was destined for.
|
||||
*/
|
||||
/*
|
||||
* Alias address in IP header if it comes from the host
|
||||
* the original TCP/UDP packet was destined for.
|
||||
*/
|
||||
if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&alias_address, &pip->ip_src, 2);
|
||||
pip->ip_src = alias_address;
|
||||
}
|
||||
/* Alias address and port number of original IP packet
|
||||
fragment contained in ICMP data section */
|
||||
/* Alias address and port number of original IP packet
|
||||
* fragment contained in ICMP data section */
|
||||
ip->ip_dst = alias_address;
|
||||
ud->uh_dport = alias_port;
|
||||
} else if (ip->ip_p == IPPROTO_ICMP) {
|
||||
@ -593,24 +590,24 @@ fragment contained in ICMP data section */
|
||||
alias_address = GetAliasAddress(lnk);
|
||||
alias_id = GetAliasPort(lnk);
|
||||
|
||||
/* Adjust ICMP checksum */
|
||||
/* Adjust ICMP checksum */
|
||||
accumulate = twowords(&ip->ip_dst);
|
||||
accumulate -= twowords(&alias_address);
|
||||
accumulate += ic2->icmp_id;
|
||||
accumulate -= alias_id;
|
||||
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
|
||||
|
||||
/*
|
||||
* Alias address in IP header if it comes from the host
|
||||
* the original ICMP message was destined for.
|
||||
*/
|
||||
/*
|
||||
* Alias address in IP header if it comes from the host
|
||||
* the original ICMP message was destined for.
|
||||
*/
|
||||
if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&alias_address, &pip->ip_src, 2);
|
||||
pip->ip_src = alias_address;
|
||||
}
|
||||
/* Alias address of original IP packet and sequence number of
|
||||
embedded ICMP datagram */
|
||||
/* Alias address of original IP packet and
|
||||
* sequence number of embedded ICMP datagram */
|
||||
ip->ip_dst = alias_address;
|
||||
ic2->icmp_id = alias_id;
|
||||
}
|
||||
@ -628,7 +625,7 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create)
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
(void)create;
|
||||
|
||||
/* Return if proxy-only mode is enabled */
|
||||
/* Return if proxy-only mode is enabled */
|
||||
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
|
||||
return (PKT_ALIAS_OK);
|
||||
|
||||
@ -655,20 +652,20 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create)
|
||||
return (iresult);
|
||||
}
|
||||
|
||||
static int
|
||||
ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
|
||||
struct ip *pip, u_char ip_p, u_short *ip_sum)
|
||||
{
|
||||
/*
|
||||
Handle incoming IP packets. The
|
||||
only thing which is done in this case is to alias
|
||||
the dest IP address of the packet to our inside
|
||||
machine.
|
||||
*/
|
||||
static int
|
||||
ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
|
||||
struct ip *pip, u_char ip_p, u_short *ip_sum)
|
||||
{
|
||||
struct alias_link *lnk;
|
||||
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
/* Return if proxy-only mode is enabled */
|
||||
/* Return if proxy-only mode is enabled */
|
||||
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
|
||||
return (PKT_ALIAS_OK);
|
||||
|
||||
@ -678,7 +675,7 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
|
||||
|
||||
original_address = GetOriginalAddress(lnk);
|
||||
|
||||
/* Restore original IP address */
|
||||
/* Restore original IP address */
|
||||
DifferentialChecksum(ip_sum,
|
||||
&original_address, &pip->ip_dst, 2);
|
||||
pip->ip_dst = original_address;
|
||||
@ -688,20 +685,20 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
|
||||
return (PKT_ALIAS_IGNORED);
|
||||
}
|
||||
|
||||
static int
|
||||
ProtoAliasOut(struct libalias *la, struct ip *pip,
|
||||
struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create)
|
||||
{
|
||||
/*
|
||||
Handle outgoing IP packets. The
|
||||
only thing which is done in this case is to alias
|
||||
the source IP address of the packet.
|
||||
*/
|
||||
static int
|
||||
ProtoAliasOut(struct libalias *la, struct ip *pip,
|
||||
struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create)
|
||||
{
|
||||
struct alias_link *lnk;
|
||||
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
|
||||
/* Return if proxy-only mode is enabled */
|
||||
/* Return if proxy-only mode is enabled */
|
||||
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
|
||||
return (PKT_ALIAS_OK);
|
||||
|
||||
@ -714,7 +711,7 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
|
||||
|
||||
alias_address = GetAliasAddress(lnk);
|
||||
|
||||
/* Change source address */
|
||||
/* Change source address */
|
||||
DifferentialChecksum(ip_sum,
|
||||
&alias_address, &pip->ip_src, 2);
|
||||
pip->ip_src = alias_address;
|
||||
@ -753,8 +750,8 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
|
||||
int accumulate;
|
||||
int error;
|
||||
struct alias_data ad = {
|
||||
.lnk = lnk,
|
||||
.oaddr = &original_address,
|
||||
.lnk = lnk,
|
||||
.oaddr = &original_address,
|
||||
.aaddr = &alias_address,
|
||||
.aport = &alias_port,
|
||||
.sport = &ud->uh_sport,
|
||||
@ -769,46 +766,48 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
|
||||
ud->uh_dport = GetOriginalPort(lnk);
|
||||
proxy_port = GetProxyPort(lnk);
|
||||
|
||||
/* Walk out chain. */
|
||||
/* Walk out chain. */
|
||||
error = find_handler(IN, UDP, la, pip, &ad);
|
||||
/* If we cannot figure out the packet, ignore it. */
|
||||
if (error < 0)
|
||||
return (PKT_ALIAS_IGNORED);
|
||||
|
||||
/* If UDP checksum is not zero, then adjust since destination port */
|
||||
/* is being unaliased and destination address is being altered. */
|
||||
/* If UDP checksum is not zero, then adjust since
|
||||
* destination port is being unaliased and
|
||||
* destination address is being altered. */
|
||||
if (ud->uh_sum != 0) {
|
||||
accumulate = alias_port;
|
||||
accumulate -= ud->uh_dport;
|
||||
accumulate += twowords(&alias_address);
|
||||
accumulate -= twowords(&original_address);
|
||||
|
||||
/* If this is a proxy packet, modify checksum because of source change.*/
|
||||
if (proxy_port != 0) {
|
||||
accumulate += ud->uh_sport;
|
||||
accumulate -= proxy_port;
|
||||
}
|
||||
/* If this is a proxy packet, modify checksum
|
||||
* because of source change.*/
|
||||
if (proxy_port != 0) {
|
||||
accumulate += ud->uh_sport;
|
||||
accumulate -= proxy_port;
|
||||
}
|
||||
|
||||
if (proxy_address.s_addr != 0) {
|
||||
if (proxy_address.s_addr != 0) {
|
||||
accumulate += twowords(&pip->ip_src);
|
||||
accumulate -= twowords(&proxy_address);
|
||||
}
|
||||
}
|
||||
|
||||
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
|
||||
}
|
||||
/* XXX: Could the two if's below be concatenated to one ? */
|
||||
/* Restore source port and/or address in case of proxying*/
|
||||
|
||||
if (proxy_port != 0)
|
||||
ud->uh_sport = proxy_port;
|
||||
/* XXX: Could the two if's below be concatenated to one ? */
|
||||
/* Restore source port and/or address in case of proxying*/
|
||||
if (proxy_port != 0)
|
||||
ud->uh_sport = proxy_port;
|
||||
|
||||
if (proxy_address.s_addr != 0) {
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&proxy_address, &pip->ip_src, 2);
|
||||
pip->ip_src = proxy_address;
|
||||
}
|
||||
if (proxy_address.s_addr != 0) {
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&proxy_address, &pip->ip_src, 2);
|
||||
pip->ip_src = proxy_address;
|
||||
}
|
||||
|
||||
/* Restore original IP address */
|
||||
/* Restore original IP address */
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&original_address, &pip->ip_dst, 2);
|
||||
pip->ip_dst = original_address;
|
||||
@ -833,7 +832,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
|
||||
/* Return if proxy-only mode is enabled and not proxyrule found.*/
|
||||
/* Return if proxy-only mode is enabled and not proxyrule found.*/
|
||||
dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
|
||||
if (dlen < sizeof(struct udphdr))
|
||||
return (PKT_ALIAS_IGNORED);
|
||||
@ -842,34 +841,33 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
if (dlen < ntohs(ud->uh_ulen))
|
||||
return (PKT_ALIAS_IGNORED);
|
||||
|
||||
proxy_type = ProxyCheck(la, &proxy_server_address,
|
||||
&proxy_server_port, pip->ip_src, pip->ip_dst,
|
||||
ud->uh_dport, pip->ip_p);
|
||||
proxy_type = ProxyCheck(la, &proxy_server_address, &proxy_server_port,
|
||||
pip->ip_src, pip->ip_dst, ud->uh_dport, pip->ip_p);
|
||||
if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
|
||||
return (PKT_ALIAS_OK);
|
||||
|
||||
/* If this is a transparent proxy, save original destination,
|
||||
* then alter the destination and adjust checksums */
|
||||
/* If this is a transparent proxy, save original destination,
|
||||
* then alter the destination and adjust checksums */
|
||||
dest_port = ud->uh_dport;
|
||||
dest_address = pip->ip_dst;
|
||||
|
||||
if (proxy_type != 0) {
|
||||
int accumulate;
|
||||
int accumulate;
|
||||
|
||||
accumulate = twowords(&pip->ip_dst);
|
||||
accumulate -= twowords(&proxy_server_address);
|
||||
|
||||
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
|
||||
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
|
||||
|
||||
if (ud->uh_sum != 0) {
|
||||
accumulate = twowords(&pip->ip_dst);
|
||||
accumulate -= twowords(&proxy_server_address);
|
||||
accumulate += ud->uh_dport;
|
||||
accumulate -= proxy_server_port;
|
||||
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
|
||||
accumulate += ud->uh_dport;
|
||||
accumulate -= proxy_server_port;
|
||||
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
|
||||
}
|
||||
pip->ip_dst = proxy_server_address;
|
||||
ud->uh_dport = proxy_server_port;
|
||||
pip->ip_dst = proxy_server_address;
|
||||
ud->uh_dport = proxy_server_port;
|
||||
}
|
||||
lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
|
||||
ud->uh_sport, ud->uh_dport,
|
||||
@ -878,7 +876,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
u_short alias_port;
|
||||
struct in_addr alias_address;
|
||||
struct alias_data ad = {
|
||||
.lnk = lnk,
|
||||
.lnk = lnk,
|
||||
.oaddr = NULL,
|
||||
.aaddr = &alias_address,
|
||||
.aport = &alias_port,
|
||||
@ -887,24 +885,24 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
.maxpktsize = 0
|
||||
};
|
||||
|
||||
/* Save original destination address, if this is a proxy packet.
|
||||
* Also modify packet to include destination encoding. This may
|
||||
* change the size of IP header. */
|
||||
/* Save original destination address, if this is a proxy packet.
|
||||
* Also modify packet to include destination encoding. This may
|
||||
* change the size of IP header. */
|
||||
if (proxy_type != 0) {
|
||||
SetProxyPort(lnk, dest_port);
|
||||
SetProxyAddress(lnk, dest_address);
|
||||
ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
|
||||
ud = (struct udphdr *)ip_next(pip);
|
||||
}
|
||||
SetProxyPort(lnk, dest_port);
|
||||
SetProxyAddress(lnk, dest_address);
|
||||
ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
|
||||
ud = (struct udphdr *)ip_next(pip);
|
||||
}
|
||||
|
||||
alias_address = GetAliasAddress(lnk);
|
||||
alias_port = GetAliasPort(lnk);
|
||||
|
||||
/* Walk out chain. */
|
||||
/* Walk out chain. */
|
||||
error = find_handler(OUT, UDP, la, pip, &ad);
|
||||
|
||||
/* If UDP checksum is not zero, adjust since source port is */
|
||||
/* being aliased and source address is being altered */
|
||||
/* If UDP checksum is not zero, adjust since source port is */
|
||||
/* being aliased and source address is being altered */
|
||||
if (ud->uh_sum != 0) {
|
||||
int accumulate;
|
||||
|
||||
@ -914,10 +912,10 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
accumulate -= twowords(&alias_address);
|
||||
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
|
||||
}
|
||||
/* Put alias port in UDP header */
|
||||
/* Put alias port in UDP header */
|
||||
ud->uh_sport = alias_port;
|
||||
|
||||
/* Change source address */
|
||||
/* Change source address */
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&alias_address, &pip->ip_src, 2);
|
||||
pip->ip_src = alias_address;
|
||||
@ -953,14 +951,14 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
|
||||
u_short proxy_port;
|
||||
int accumulate, error;
|
||||
|
||||
/*
|
||||
* The init of MANY vars is a bit below, but aliashandlepptpin
|
||||
/*
|
||||
* The init of MANY vars is a bit below, but aliashandlepptpin
|
||||
* seems to need the destination port that came within the
|
||||
* packet and not the original one looks below [*].
|
||||
*/
|
||||
|
||||
struct alias_data ad = {
|
||||
.lnk = lnk,
|
||||
.lnk = lnk,
|
||||
.oaddr = NULL,
|
||||
.aaddr = NULL,
|
||||
.aport = NULL,
|
||||
@ -969,7 +967,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
|
||||
.maxpktsize = 0
|
||||
};
|
||||
|
||||
/* Walk out chain. */
|
||||
/* Walk out chain. */
|
||||
error = find_handler(IN, TCP, la, pip, &ad);
|
||||
|
||||
alias_address = GetAliasAddress(lnk);
|
||||
@ -979,8 +977,8 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
|
||||
tc->th_dport = GetOriginalPort(lnk);
|
||||
proxy_port = GetProxyPort(lnk);
|
||||
|
||||
/*
|
||||
* Look above, if anyone is going to add find_handler AFTER
|
||||
/*
|
||||
* Look above, if anyone is going to add find_handler AFTER
|
||||
* this aliashandlepptpin/point, please redo alias_data too.
|
||||
* Uncommenting the piece here below should be enough.
|
||||
*/
|
||||
@ -994,22 +992,22 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
|
||||
.dport = &ud->uh_dport,
|
||||
.maxpktsize = 0
|
||||
};
|
||||
|
||||
|
||||
/* Walk out chain. */
|
||||
error = find_handler(la, pip, &ad);
|
||||
if (error == EHDNOF)
|
||||
printf("Protocol handler not found\n");
|
||||
#endif
|
||||
|
||||
/* Adjust TCP checksum since destination port is being unaliased */
|
||||
/* and destination port is being altered. */
|
||||
/* Adjust TCP checksum since destination port is being
|
||||
* unaliased and destination port is being altered. */
|
||||
accumulate = alias_port;
|
||||
accumulate -= tc->th_dport;
|
||||
accumulate += twowords(&alias_address);
|
||||
accumulate -= twowords(&original_address);
|
||||
|
||||
/* If this is a proxy, then modify the TCP source port and
|
||||
checksum accumulation */
|
||||
/* If this is a proxy, then modify the TCP source port
|
||||
* and checksum accumulation */
|
||||
if (proxy_port != 0) {
|
||||
accumulate += tc->th_sport;
|
||||
tc->th_sport = proxy_port;
|
||||
@ -1017,7 +1015,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
|
||||
accumulate += twowords(&pip->ip_src);
|
||||
accumulate -= twowords(&proxy_address);
|
||||
}
|
||||
/* See if ACK number needs to be modified */
|
||||
/* See if ACK number needs to be modified */
|
||||
if (GetAckModified(lnk) == 1) {
|
||||
int delta;
|
||||
|
||||
@ -1031,13 +1029,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
|
||||
}
|
||||
ADJUST_CHECKSUM(accumulate, tc->th_sum);
|
||||
|
||||
/* Restore original IP address */
|
||||
/* Restore original IP address */
|
||||
accumulate = twowords(&pip->ip_dst);
|
||||
pip->ip_dst = original_address;
|
||||
accumulate -= twowords(&pip->ip_dst);
|
||||
|
||||
/* If this is a transparent proxy packet, then modify the source
|
||||
address */
|
||||
/* If this is a transparent proxy packet,
|
||||
* then modify the source address */
|
||||
if (proxy_address.s_addr != 0) {
|
||||
accumulate += twowords(&pip->ip_src);
|
||||
pip->ip_src = proxy_address;
|
||||
@ -1045,7 +1043,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
|
||||
}
|
||||
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
|
||||
|
||||
/* Monitor TCP connection state */
|
||||
/* Monitor TCP connection state */
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
TcpMonitorIn(tc->th_flags, lnk);
|
||||
|
||||
@ -1074,8 +1072,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
|
||||
if (create)
|
||||
proxy_type = ProxyCheck(la, &proxy_server_address,
|
||||
&proxy_server_port, pip->ip_src, pip->ip_dst,
|
||||
proxy_type = ProxyCheck(la, &proxy_server_address,
|
||||
&proxy_server_port, pip->ip_src, pip->ip_dst,
|
||||
tc->th_dport, pip->ip_p);
|
||||
else
|
||||
proxy_type = 0;
|
||||
@ -1083,8 +1081,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
|
||||
return (PKT_ALIAS_OK);
|
||||
|
||||
/* If this is a transparent proxy, save original destination,
|
||||
then alter the destination and adjust checksums */
|
||||
/* If this is a transparent proxy, save original destination,
|
||||
* then alter the destination and adjust checksums */
|
||||
dest_port = tc->th_dport;
|
||||
dest_address = pip->ip_dst;
|
||||
if (proxy_type != 0) {
|
||||
@ -1112,7 +1110,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
struct in_addr alias_address;
|
||||
int accumulate;
|
||||
struct alias_data ad = {
|
||||
.lnk = lnk,
|
||||
.lnk = lnk,
|
||||
.oaddr = NULL,
|
||||
.aaddr = &alias_address,
|
||||
.aport = &alias_port,
|
||||
@ -1121,38 +1119,38 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
.maxpktsize = maxpacketsize
|
||||
};
|
||||
|
||||
/* Save original destination address, if this is a proxy packet.
|
||||
Also modify packet to include destination encoding. This may
|
||||
change the size of IP header. */
|
||||
/* Save original destination address, if this is a proxy packet.
|
||||
* Also modify packet to include destination
|
||||
* encoding. This may change the size of IP header. */
|
||||
if (proxy_type != 0) {
|
||||
SetProxyPort(lnk, dest_port);
|
||||
SetProxyAddress(lnk, dest_address);
|
||||
ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
}
|
||||
/* Get alias address and port */
|
||||
/* Get alias address and port */
|
||||
alias_port = GetAliasPort(lnk);
|
||||
alias_address = GetAliasAddress(lnk);
|
||||
|
||||
/* Monitor TCP connection state */
|
||||
/* Monitor TCP connection state */
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
TcpMonitorOut(tc->th_flags, lnk);
|
||||
|
||||
/* Walk out chain. */
|
||||
|
||||
/* Walk out chain. */
|
||||
error = find_handler(OUT, TCP, la, pip, &ad);
|
||||
|
||||
/* Adjust TCP checksum since source port is being aliased */
|
||||
/* and source address is being altered */
|
||||
/* Adjust TCP checksum since source port is being aliased
|
||||
* and source address is being altered */
|
||||
accumulate = tc->th_sport;
|
||||
tc->th_sport = alias_port;
|
||||
accumulate -= tc->th_sport;
|
||||
accumulate += twowords(&pip->ip_src);
|
||||
accumulate -= twowords(&alias_address);
|
||||
|
||||
/* Modify sequence number if necessary */
|
||||
/* Modify sequence number if necessary */
|
||||
if (GetAckModified(lnk) == 1) {
|
||||
int delta;
|
||||
|
||||
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
delta = GetDeltaSeqOut(tc->th_seq, lnk);
|
||||
if (delta != 0) {
|
||||
@ -1163,7 +1161,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
|
||||
}
|
||||
ADJUST_CHECKSUM(accumulate, tc->th_sum);
|
||||
|
||||
/* Change source address */
|
||||
/* Change source address */
|
||||
accumulate = twowords(&pip->ip_src);
|
||||
pip->ip_src = alias_address;
|
||||
accumulate -= twowords(&pip->ip_src);
|
||||
@ -1259,7 +1257,7 @@ LibAliasSaveFragment(struct libalias *la, void *ptr)
|
||||
return (iresult);
|
||||
}
|
||||
|
||||
void *
|
||||
void *
|
||||
LibAliasGetFragment(struct libalias *la, void *ptr)
|
||||
{
|
||||
struct alias_link *lnk;
|
||||
@ -1273,7 +1271,7 @@ LibAliasGetFragment(struct libalias *la, void *ptr)
|
||||
GetFragmentPtr(lnk, &fptr);
|
||||
SetFragmentPtr(lnk, NULL);
|
||||
SetExpire(lnk, 0); /* Deletes link */
|
||||
} else
|
||||
} else
|
||||
fptr = NULL;
|
||||
|
||||
LIBALIAS_UNLOCK(la);
|
||||
@ -1281,11 +1279,9 @@ LibAliasGetFragment(struct libalias *la, void *ptr)
|
||||
}
|
||||
|
||||
void
|
||||
LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly
|
||||
* de-aliased header
|
||||
* fragment */
|
||||
void *ptr_fragment /* Points to fragment which must be
|
||||
* de-aliased */
|
||||
LibAliasFragmentIn(struct libalias *la,
|
||||
void *ptr, /* Points to correctly de-aliased header fragment */
|
||||
void *ptr_fragment /* fragment which must be de-aliased */
|
||||
)
|
||||
{
|
||||
struct ip *pip;
|
||||
@ -1305,10 +1301,10 @@ LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly
|
||||
/* Local prototypes */
|
||||
static int
|
||||
LibAliasOutLocked(struct libalias *la, struct ip *pip,
|
||||
int maxpacketsize, int create);
|
||||
int maxpacketsize, int create);
|
||||
static int
|
||||
LibAliasInLocked(struct libalias *la, struct ip *pip,
|
||||
int maxpacketsize);
|
||||
int maxpacketsize);
|
||||
|
||||
int
|
||||
LibAliasIn(struct libalias *la, void *ptr, int maxpacketsize)
|
||||
@ -1340,7 +1336,7 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize)
|
||||
/* Defense against mangled packets */
|
||||
if (ntohs(pip->ip_len) > maxpacketsize
|
||||
|| (pip->ip_hl << 2) > maxpacketsize) {
|
||||
iresult = PKT_ALIAS_IGNORED;
|
||||
iresult = PKT_ALIAS_IGNORED;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
@ -1358,30 +1354,30 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize)
|
||||
break;
|
||||
#ifdef _KERNEL
|
||||
case IPPROTO_SCTP:
|
||||
iresult = SctpAlias(la, pip, SN_TO_LOCAL);
|
||||
iresult = SctpAlias(la, pip, SN_TO_LOCAL);
|
||||
break;
|
||||
#endif
|
||||
case IPPROTO_GRE: {
|
||||
case IPPROTO_GRE: {
|
||||
int error;
|
||||
struct alias_data ad = {
|
||||
.lnk = NULL,
|
||||
.oaddr = NULL,
|
||||
.lnk = NULL,
|
||||
.oaddr = NULL,
|
||||
.aaddr = NULL,
|
||||
.aport = NULL,
|
||||
.sport = NULL,
|
||||
.dport = NULL,
|
||||
.maxpktsize = 0
|
||||
.maxpktsize = 0
|
||||
};
|
||||
|
||||
/* Walk out chain. */
|
||||
|
||||
/* Walk out chain. */
|
||||
error = find_handler(IN, IP, la, pip, &ad);
|
||||
if (error == 0)
|
||||
if (error == 0)
|
||||
iresult = PKT_ALIAS_OK;
|
||||
else
|
||||
iresult = ProtoAliasIn(la, pip->ip_src,
|
||||
pip, pip->ip_p, &pip->ip_sum);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
iresult = ProtoAliasIn(la, pip->ip_src, pip,
|
||||
pip->ip_p, &pip->ip_sum);
|
||||
@ -1449,10 +1445,10 @@ LibAliasOutTry(struct libalias *la, void *ptr, int maxpacketsize, int create)
|
||||
}
|
||||
|
||||
static int
|
||||
LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */
|
||||
int maxpacketsize, /* How much the packet data may grow (FTP
|
||||
* and IRC inline changes) */
|
||||
int create /* Create new entries ? */
|
||||
LibAliasOutLocked(struct libalias *la,
|
||||
struct ip *pip, /* valid IP packet */
|
||||
int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline changes) */
|
||||
int create /* Create new entries ? */
|
||||
)
|
||||
{
|
||||
int iresult;
|
||||
@ -1512,29 +1508,29 @@ LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */
|
||||
break;
|
||||
#ifdef _KERNEL
|
||||
case IPPROTO_SCTP:
|
||||
iresult = SctpAlias(la, pip, SN_TO_GLOBAL);
|
||||
iresult = SctpAlias(la, pip, SN_TO_GLOBAL);
|
||||
break;
|
||||
#endif
|
||||
case IPPROTO_GRE: {
|
||||
int error;
|
||||
struct alias_data ad = {
|
||||
.lnk = NULL,
|
||||
.oaddr = NULL,
|
||||
.lnk = NULL,
|
||||
.oaddr = NULL,
|
||||
.aaddr = NULL,
|
||||
.aport = NULL,
|
||||
.sport = NULL,
|
||||
.dport = NULL,
|
||||
.maxpktsize = 0
|
||||
.maxpktsize = 0
|
||||
};
|
||||
/* Walk out chain. */
|
||||
/* Walk out chain. */
|
||||
error = find_handler(OUT, IP, la, pip, &ad);
|
||||
if (error == 0)
|
||||
iresult = PKT_ALIAS_OK;
|
||||
else
|
||||
iresult = PKT_ALIAS_OK;
|
||||
else
|
||||
iresult = ProtoAliasOut(la, pip,
|
||||
pip->ip_dst, pip->ip_p, &pip->ip_sum, create);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
iresult = ProtoAliasOut(la, pip,
|
||||
pip->ip_dst, pip->ip_p, &pip->ip_sum, create);
|
||||
@ -1550,8 +1546,9 @@ LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */
|
||||
}
|
||||
|
||||
int
|
||||
LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */
|
||||
int maxpacketsize /* for error checking */
|
||||
LibAliasUnaliasOut(struct libalias *la,
|
||||
void *ptr, /* valid IP packet */
|
||||
int maxpacketsize /* for error checking */
|
||||
)
|
||||
{
|
||||
struct ip *pip;
|
||||
@ -1623,7 +1620,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */
|
||||
tc->th_sport = original_port;
|
||||
|
||||
iresult = PKT_ALIAS_OK;
|
||||
|
||||
} else if (pip->ip_p == IPPROTO_ICMP) {
|
||||
int accumulate;
|
||||
struct in_addr original_address;
|
||||
@ -1653,7 +1649,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */
|
||||
getout:
|
||||
LIBALIAS_UNLOCK(la);
|
||||
return (iresult);
|
||||
|
||||
}
|
||||
|
||||
#ifndef _KERNEL
|
||||
@ -1673,8 +1668,8 @@ LibAliasRefreshModules(void)
|
||||
|
||||
for (;;) {
|
||||
fgets(buf, 256, fd);
|
||||
if (feof(fd))
|
||||
break;
|
||||
if (feof(fd))
|
||||
break;
|
||||
len = strlen(buf);
|
||||
if (len > 1) {
|
||||
for (i = 0; i < len; i++)
|
||||
@ -1696,20 +1691,20 @@ LibAliasLoadModule(char *path)
|
||||
struct dll *t;
|
||||
void *handle;
|
||||
struct proto_handler *m;
|
||||
const char *error;
|
||||
const char *error;
|
||||
moduledata_t *p;
|
||||
|
||||
handle = dlopen (path, RTLD_LAZY);
|
||||
if (!handle) {
|
||||
handle = dlopen (path, RTLD_LAZY);
|
||||
if (!handle) {
|
||||
fprintf(stderr, "%s\n", dlerror());
|
||||
return (EINVAL);
|
||||
}
|
||||
}
|
||||
|
||||
p = dlsym(handle, "alias_mod");
|
||||
if ((error = dlerror()) != NULL) {
|
||||
if ((error = dlerror()) != NULL) {
|
||||
fprintf(stderr, "%s\n", dlerror());
|
||||
return (EINVAL);
|
||||
}
|
||||
}
|
||||
|
||||
t = malloc(sizeof(struct dll));
|
||||
if (t == NULL)
|
||||
@ -1722,8 +1717,8 @@ LibAliasLoadModule(char *path)
|
||||
return (EEXIST);
|
||||
}
|
||||
|
||||
m = dlsym(t->handle, "handlers");
|
||||
if ((error = dlerror()) != NULL) {
|
||||
m = dlsym(t->handle, "handlers");
|
||||
if ((error = dlerror()) != NULL) {
|
||||
fprintf(stderr, "%s\n", error);
|
||||
return (EINVAL);
|
||||
}
|
||||
@ -1739,10 +1734,10 @@ LibAliasUnLoadAllModule(void)
|
||||
struct proto_handler *p;
|
||||
|
||||
/* Unload all modules then reload everything. */
|
||||
while ((p = first_handler()) != NULL) {
|
||||
while ((p = first_handler()) != NULL) {
|
||||
LibAliasDetachHandlers(p);
|
||||
}
|
||||
while ((t = walk_dll_chain()) != NULL) {
|
||||
while ((t = walk_dll_chain()) != NULL) {
|
||||
dlclose(t->handle);
|
||||
free(t);
|
||||
}
|
||||
|
@ -46,7 +46,7 @@
|
||||
#include <netinet/ip.h>
|
||||
|
||||
#define LIBALIAS_BUF_SIZE 128
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
/*
|
||||
* The kernel version of libalias does not support these features.
|
||||
*/
|
||||
@ -89,8 +89,7 @@ void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
|
||||
void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_hi);
|
||||
void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
|
||||
void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
|
||||
unsigned int
|
||||
LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
|
||||
unsigned int LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
|
||||
void LibAliasUninit(struct libalias *);
|
||||
|
||||
/* Packet Handling functions. */
|
||||
@ -101,42 +100,37 @@ int LibAliasUnaliasOut(struct libalias *, void *_ptr, int _maxpacketsize);
|
||||
|
||||
/* Port and address redirection functions. */
|
||||
|
||||
int
|
||||
LibAliasAddServer(struct libalias *, struct alias_link *_lnk,
|
||||
struct in_addr _addr, unsigned short _port);
|
||||
struct alias_link *
|
||||
LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
|
||||
struct in_addr _alias_addr);
|
||||
int LibAliasAddServer(struct libalias *, struct alias_link *_lnk,
|
||||
struct in_addr _addr, unsigned short _port);
|
||||
struct alias_link * LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
|
||||
struct in_addr _alias_addr);
|
||||
int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk);
|
||||
void LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk);
|
||||
struct alias_link *
|
||||
LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
|
||||
unsigned short _src_port, struct in_addr _dst_addr,
|
||||
unsigned short _dst_port, struct in_addr _alias_addr,
|
||||
unsigned short _alias_port, unsigned char _proto);
|
||||
struct alias_link *
|
||||
LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
|
||||
struct in_addr _dst_addr, struct in_addr _alias_addr,
|
||||
unsigned char _proto);
|
||||
struct alias_link * LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
|
||||
unsigned short _src_port, struct in_addr _dst_addr,
|
||||
unsigned short _dst_port, struct in_addr _alias_addr,
|
||||
unsigned short _alias_port, unsigned char _proto);
|
||||
struct alias_link * LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
|
||||
struct in_addr _dst_addr, struct in_addr _alias_addr,
|
||||
unsigned char _proto);
|
||||
|
||||
/* Fragment Handling functions. */
|
||||
void LibAliasFragmentIn(struct libalias *, void *_ptr, void *_ptr_fragment);
|
||||
void *LibAliasGetFragment(struct libalias *, void *_ptr);
|
||||
void *LibAliasGetFragment(struct libalias *, void *_ptr);
|
||||
int LibAliasSaveFragment(struct libalias *, void *_ptr);
|
||||
|
||||
/* Miscellaneous functions. */
|
||||
int LibAliasCheckNewLink(struct libalias *);
|
||||
unsigned short
|
||||
LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
|
||||
unsigned short LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
|
||||
void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
|
||||
|
||||
/* Transparent proxying routines. */
|
||||
int LibAliasProxyRule(struct libalias *, const char *_cmd);
|
||||
|
||||
/* Module handling API */
|
||||
int LibAliasLoadModule(char *);
|
||||
int LibAliasUnLoadAllModule(void);
|
||||
int LibAliasRefreshModules(void);
|
||||
int LibAliasLoadModule(char *);
|
||||
int LibAliasUnLoadAllModule(void);
|
||||
int LibAliasRefreshModules(void);
|
||||
|
||||
/* Mbuf helper function. */
|
||||
struct mbuf *m_megapullup(struct mbuf *, int);
|
||||
@ -176,7 +170,7 @@ struct mbuf *m_megapullup(struct mbuf *, int);
|
||||
* require this. This bit is set after a call to PacketAliasInit(), so it is
|
||||
* a default mode of operation.
|
||||
*/
|
||||
#ifndef NO_USE_SOCKETS
|
||||
#ifndef NO_USE_SOCKETS
|
||||
#define PKT_ALIAS_USE_SOCKETS 0x08
|
||||
#endif
|
||||
/*-
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -64,22 +64,20 @@ AliasHandleDummy(struct libalias *la, struct ip *ip, struct alias_data *ah);
|
||||
static int
|
||||
fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
/*
|
||||
* Check here all the data that will be used later, if any field
|
||||
* is empy/NULL, return a -1 value.
|
||||
*/
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
|
||||
ah->maxpktsize == 0)
|
||||
ah->maxpktsize == 0)
|
||||
return (-1);
|
||||
/*
|
||||
* Fingerprint the incoming packet, if it matches any conditions
|
||||
* return an OK value.
|
||||
*/
|
||||
if (ntohs(*ah->dport) == 123
|
||||
|| ntohs(*ah->sport) == 456)
|
||||
return (0); /* I know how to handle it. */
|
||||
return (-1); /* I don't recognize this packet. */
|
||||
if (ntohs(*ah->dport) == 123 || ntohs(*ah->sport) == 456)
|
||||
return (0); /* I know how to handle it. */
|
||||
return (-1); /* I don't recognize this packet. */
|
||||
}
|
||||
|
||||
/*
|
||||
@ -90,7 +88,6 @@ fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
AliasHandleDummy(la, pip, ah);
|
||||
return (0);
|
||||
}
|
||||
@ -119,7 +116,7 @@ mod_handler(module_t mod, int type, void *data)
|
||||
{
|
||||
int error;
|
||||
|
||||
switch (type) {
|
||||
switch (type) {
|
||||
case MOD_LOAD:
|
||||
error = 0;
|
||||
LibAliasAttachHandlers(handlers);
|
||||
@ -141,7 +138,7 @@ moduledata_t alias_mod = {
|
||||
"alias_dummy", mod_handler, NULL
|
||||
};
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
DECLARE_MODULE(alias_dummy, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
|
||||
MODULE_VERSION(alias_dummy, 1);
|
||||
MODULE_DEPEND(alias_dummy, libalias, 1, 1, 1);
|
||||
|
@ -109,7 +109,6 @@ AliasHandleFtpIn(struct libalias *, struct ip *, struct alias_link *);
|
||||
static int
|
||||
fingerprint_out(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
|
||||
ah->maxpktsize == 0)
|
||||
return (-1);
|
||||
@ -122,7 +121,6 @@ fingerprint_out(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
fingerprint_in(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
|
||||
return (-1);
|
||||
if (ntohs(*ah->dport) == FTP_CONTROL_PORT_NUMBER ||
|
||||
@ -134,7 +132,6 @@ fingerprint_in(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
protohandler_out(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
AliasHandleFtpOut(la, pip, ah->lnk, ah->maxpktsize);
|
||||
return (0);
|
||||
}
|
||||
@ -142,7 +139,6 @@ protohandler_out(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
static int
|
||||
protohandler_in(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
AliasHandleFtpIn(la, pip, ah->lnk);
|
||||
return (0);
|
||||
}
|
||||
@ -170,7 +166,7 @@ mod_handler(module_t mod, int type, void *data)
|
||||
{
|
||||
int error;
|
||||
|
||||
switch (type) {
|
||||
switch (type) {
|
||||
case MOD_LOAD:
|
||||
error = 0;
|
||||
LibAliasAttachHandlers(handlers);
|
||||
@ -192,7 +188,7 @@ moduledata_t alias_mod = {
|
||||
"alias_ftp", mod_handler, NULL
|
||||
};
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
DECLARE_MODULE(alias_ftp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
|
||||
MODULE_VERSION(alias_ftp, 1);
|
||||
MODULE_DEPEND(alias_ftp, libalias, 1, 1, 1);
|
||||
@ -224,43 +220,39 @@ AliasHandleFtpOut(
|
||||
struct ip *pip, /* IP packet to examine/patch */
|
||||
struct alias_link *lnk, /* The link to go through (aliased port) */
|
||||
int maxpacketsize /* The maximum size this packet can grow to
|
||||
(including headers) */ )
|
||||
(including headers) */ )
|
||||
{
|
||||
int hlen, tlen, dlen, pflags;
|
||||
char *sptr;
|
||||
struct tcphdr *tc;
|
||||
int ftp_message_type;
|
||||
|
||||
/* Calculate data length of TCP packet */
|
||||
/* Calculate data length of TCP packet */
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
hlen = (pip->ip_hl + tc->th_off) << 2;
|
||||
tlen = ntohs(pip->ip_len);
|
||||
dlen = tlen - hlen;
|
||||
|
||||
/* Place string pointer and beginning of data */
|
||||
/* Place string pointer and beginning of data */
|
||||
sptr = (char *)pip;
|
||||
sptr += hlen;
|
||||
|
||||
/*
|
||||
* Check that data length is not too long and previous message was
|
||||
* properly terminated with CRLF.
|
||||
*/
|
||||
/*
|
||||
* Check that data length is not too long and previous message was
|
||||
* properly terminated with CRLF.
|
||||
*/
|
||||
pflags = GetProtocolFlags(lnk);
|
||||
if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
|
||||
ftp_message_type = FTP_UNKNOWN_MESSAGE;
|
||||
|
||||
if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
|
||||
/*
|
||||
* When aliasing a client, check for the PORT/EPRT command.
|
||||
*/
|
||||
/* When aliasing a client, check for the PORT/EPRT command. */
|
||||
if (ParseFtpPortCommand(la, sptr, dlen))
|
||||
ftp_message_type = FTP_PORT_COMMAND;
|
||||
else if (ParseFtpEprtCommand(la, sptr, dlen))
|
||||
ftp_message_type = FTP_EPRT_COMMAND;
|
||||
} else {
|
||||
/*
|
||||
* When aliasing a server, check for the 227/229 reply.
|
||||
*/
|
||||
/* When aliasing a server, check for the 227/229 reply. */
|
||||
if (ParseFtp227Reply(la, sptr, dlen))
|
||||
ftp_message_type = FTP_227_REPLY;
|
||||
else if (ParseFtp229Reply(la, sptr, dlen)) {
|
||||
@ -272,12 +264,11 @@ AliasHandleFtpOut(
|
||||
if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
|
||||
NewFtpMessage(la, pip, lnk, maxpacketsize, ftp_message_type);
|
||||
}
|
||||
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
|
||||
|
||||
if (dlen) { /* only if there's data */
|
||||
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
|
||||
if (dlen) { /* only if there's data */
|
||||
sptr = (char *)pip; /* start over at beginning */
|
||||
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
|
||||
* have grown */
|
||||
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */
|
||||
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
|
||||
pflags &= ~WAIT_CRLF;
|
||||
else
|
||||
@ -313,7 +304,7 @@ AliasHandleFtpIn(struct libalias *la,
|
||||
if (dlen <= MAX_MESSAGE_SIZE && (pflags & WAIT_CRLF) == 0 &&
|
||||
ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER &&
|
||||
(ParseFtpPortCommand(la, sptr, dlen) != 0 ||
|
||||
ParseFtpEprtCommand(la, sptr, dlen) != 0)) {
|
||||
ParseFtpEprtCommand(la, sptr, dlen) != 0)) {
|
||||
/*
|
||||
* Alias active mode client requesting data from server
|
||||
* behind NAT. We need to alias server->client connection
|
||||
@ -327,8 +318,7 @@ AliasHandleFtpIn(struct libalias *la,
|
||||
if (dlen) {
|
||||
sptr = (char *)pip; /* start over at beginning */
|
||||
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
|
||||
* have grown.
|
||||
*/
|
||||
* have grown. */
|
||||
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
|
||||
pflags &= ~WAIT_CRLF;
|
||||
else
|
||||
@ -650,7 +640,7 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
|
||||
{
|
||||
struct alias_link *ftp_lnk;
|
||||
|
||||
/* Security checks. */
|
||||
/* Security checks. */
|
||||
if (pip->ip_src.s_addr != la->true_addr.s_addr)
|
||||
return;
|
||||
|
||||
@ -671,13 +661,13 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
|
||||
PunchFWHole(ftp_lnk);
|
||||
#endif
|
||||
|
||||
/* Calculate data length of TCP packet */
|
||||
/* Calculate data length of TCP packet */
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
hlen = (pip->ip_hl + tc->th_off) << 2;
|
||||
tlen = ntohs(pip->ip_len);
|
||||
dlen = tlen - hlen;
|
||||
|
||||
/* Create new FTP message. */
|
||||
/* Create new FTP message. */
|
||||
{
|
||||
char stemp[MAX_MESSAGE_SIZE + 1];
|
||||
char *sptr;
|
||||
@ -686,9 +676,9 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
|
||||
int a1, a2, a3, a4, p1, p2;
|
||||
struct in_addr alias_address;
|
||||
|
||||
/* Decompose alias address into quad format */
|
||||
/* Decompose alias address into quad format */
|
||||
alias_address = GetAliasAddress(lnk);
|
||||
ptr = (u_char *) & alias_address.s_addr;
|
||||
ptr = (u_char *)&alias_address.s_addr;
|
||||
a1 = *ptr++;
|
||||
a2 = *ptr++;
|
||||
a3 = *ptr++;
|
||||
@ -696,7 +686,7 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
|
||||
|
||||
alias_port = GetAliasPort(ftp_lnk);
|
||||
|
||||
/* Prepare new command */
|
||||
/* Prepare new command */
|
||||
switch (ftp_message_type) {
|
||||
case FTP_PORT_COMMAND:
|
||||
case FTP_227_REPLY:
|
||||
@ -728,27 +718,27 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
|
||||
break;
|
||||
}
|
||||
|
||||
/* Save string length for IP header modification */
|
||||
/* Save string length for IP header modification */
|
||||
slen = strlen(stemp);
|
||||
|
||||
/* Copy modified buffer into IP packet. */
|
||||
/* Copy modified buffer into IP packet. */
|
||||
sptr = (char *)pip;
|
||||
sptr += hlen;
|
||||
strncpy(sptr, stemp, maxpacketsize - hlen);
|
||||
}
|
||||
|
||||
/* Save information regarding modified seq and ack numbers */
|
||||
/* Save information regarding modified seq and ack numbers */
|
||||
{
|
||||
int delta;
|
||||
|
||||
SetAckModified(lnk);
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
delta = GetDeltaSeqOut(tc->th_seq, lnk);
|
||||
AddSeq(lnk, delta + slen - dlen, pip->ip_hl,
|
||||
AddSeq(lnk, delta + slen - dlen, pip->ip_hl,
|
||||
pip->ip_len, tc->th_seq, tc->th_off);
|
||||
}
|
||||
|
||||
/* Revise IP header */
|
||||
/* Revise IP header */
|
||||
{
|
||||
u_short new_len;
|
||||
|
||||
@ -761,7 +751,7 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
|
||||
pip->ip_len = new_len;
|
||||
}
|
||||
|
||||
/* Compute TCP checksum for revised packet */
|
||||
/* Compute TCP checksum for revised packet */
|
||||
tc->th_sum = 0;
|
||||
#ifdef _KERNEL
|
||||
tc->th_x2 = 1;
|
||||
|
@ -91,13 +91,12 @@ char *newpacket;
|
||||
#define DBprintf(a)
|
||||
|
||||
static void
|
||||
AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *,
|
||||
int maxpacketsize);
|
||||
AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *,
|
||||
int maxpacketsize);
|
||||
|
||||
static int
|
||||
fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport == NULL || ah->lnk == NULL || ah->maxpktsize == 0)
|
||||
return (-1);
|
||||
if (ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_1
|
||||
@ -109,7 +108,6 @@ fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
newpacket = malloc(PKTSIZE);
|
||||
if (newpacket) {
|
||||
AliasHandleIrcOut(la, pip, ah->lnk, ah->maxpktsize);
|
||||
@ -157,7 +155,7 @@ moduledata_t alias_mod = {
|
||||
};
|
||||
|
||||
/* Kernel module definition. */
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
DECLARE_MODULE(alias_irc, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
|
||||
MODULE_VERSION(alias_irc, 1);
|
||||
MODULE_DEPEND(alias_irc, libalias, 1, 1, 1);
|
||||
@ -178,7 +176,7 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
struct tcphdr *tc;
|
||||
int i; /* Iterator through the source */
|
||||
|
||||
/* Calculate data length of TCP packet */
|
||||
/* Calculate data length of TCP packet */
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
hlen = (pip->ip_hl + tc->th_off) << 2;
|
||||
tlen = ntohs(pip->ip_len);
|
||||
@ -191,7 +189,7 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
if (dlen < (int)sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a") - 1)
|
||||
return;
|
||||
|
||||
/* Place string pointer at beginning of data */
|
||||
/* Place string pointer at beginning of data */
|
||||
sptr = (char *)pip;
|
||||
sptr += hlen;
|
||||
maxsize -= hlen; /* We're interested in maximum size of
|
||||
@ -204,7 +202,7 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
}
|
||||
return; /* No CTCP commands in */
|
||||
/* Handle CTCP commands - the buffer may have to be copied */
|
||||
lFOUND_CTCP:
|
||||
lFOUND_CTCP:
|
||||
{
|
||||
unsigned int copyat = i;
|
||||
unsigned int iCopy = 0; /* How much data have we written to
|
||||
@ -213,7 +211,7 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
unsigned short org_port; /* Original source port
|
||||
* address */
|
||||
|
||||
lCTCP_START:
|
||||
lCTCP_START:
|
||||
if (i >= dlen || iCopy >= PKTSIZE)
|
||||
goto lPACKET_DONE;
|
||||
newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start
|
||||
@ -413,7 +411,7 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
* has been pushed. Also used to copy the rest of a DCC,
|
||||
* after IP address and port has been handled
|
||||
*/
|
||||
lBAD_CTCP:
|
||||
lBAD_CTCP:
|
||||
for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
|
||||
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
|
||||
if (sptr[i] == '\001') {
|
||||
@ -422,7 +420,7 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
}
|
||||
goto lPACKET_DONE;
|
||||
/* Normal text */
|
||||
lNORMAL_TEXT:
|
||||
lNORMAL_TEXT:
|
||||
for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
|
||||
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
|
||||
if (sptr[i] == '\001') {
|
||||
@ -430,16 +428,16 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
}
|
||||
}
|
||||
/* Handle the end of a packet */
|
||||
lPACKET_DONE:
|
||||
lPACKET_DONE:
|
||||
iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy;
|
||||
memcpy(sptr + copyat, newpacket, iCopy);
|
||||
|
||||
/* Save information regarding modified seq and ack numbers */
|
||||
/* Save information regarding modified seq and ack numbers */
|
||||
{
|
||||
int delta;
|
||||
|
||||
SetAckModified(lnk);
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
delta = GetDeltaSeqOut(tc->th_seq, lnk);
|
||||
AddSeq(lnk, delta + copyat + iCopy - dlen, pip->ip_hl,
|
||||
pip->ip_len, tc->th_seq, tc->th_off);
|
||||
@ -469,20 +467,20 @@ AliasHandleIrcOut(struct libalias *la,
|
||||
}
|
||||
|
||||
/* Notes:
|
||||
[Note 1]
|
||||
The initial search will most often fail; it could be replaced with a 32-bit specific search.
|
||||
Such a search would be done for 32-bit unsigned value V:
|
||||
V ^= 0x01010101; (Search is for null bytes)
|
||||
if( ((V-0x01010101)^V) & 0x80808080 ) {
|
||||
[Note 1]
|
||||
The initial search will most often fail; it could be replaced with a 32-bit specific search.
|
||||
Such a search would be done for 32-bit unsigned value V:
|
||||
V ^= 0x01010101; (Search is for null bytes)
|
||||
if( ((V-0x01010101)^V) & 0x80808080 ) {
|
||||
(found a null bytes which was a 01 byte)
|
||||
}
|
||||
To assert that the processor is 32-bits, do
|
||||
}
|
||||
To assert that the processor is 32-bits, do
|
||||
extern int ircdccar[32]; (32 bits)
|
||||
extern int ircdccar[CHAR_BIT*sizeof(unsigned int)];
|
||||
which will generate a type-error on all but 32-bit machines.
|
||||
which will generate a type-error on all but 32-bit machines.
|
||||
|
||||
[Note 2] This routine really ought to be replaced with one that
|
||||
creates a transparent proxy on the aliasing host, to allow arbitrary
|
||||
changes in the TCP stream. This should not be too difficult given
|
||||
this base; I (ee) will try to do this some time later.
|
||||
*/
|
||||
[Note 2] This routine really ought to be replaced with one that
|
||||
creates a transparent proxy on the aliasing host, to allow arbitrary
|
||||
changes in the TCP stream. This should not be too difficult given
|
||||
this base; I (ee) will try to do this some time later.
|
||||
*/
|
||||
|
@ -66,8 +66,8 @@
|
||||
#endif
|
||||
|
||||
/* Sizes of input and output link tables */
|
||||
#define LINK_TABLE_OUT_SIZE 4001
|
||||
#define LINK_TABLE_IN_SIZE 4001
|
||||
#define LINK_TABLE_OUT_SIZE 4001
|
||||
#define LINK_TABLE_IN_SIZE 4001
|
||||
|
||||
#define GET_ALIAS_PORT -1
|
||||
#define GET_ALIAS_ID GET_ALIAS_PORT
|
||||
@ -82,30 +82,21 @@ struct proxy_entry;
|
||||
|
||||
struct libalias {
|
||||
LIST_ENTRY(libalias) instancelist;
|
||||
|
||||
int packetAliasMode; /* Mode flags */
|
||||
/* - documented in alias.h */
|
||||
|
||||
struct in_addr aliasAddress; /* Address written onto source */
|
||||
/* field of IP packet. */
|
||||
|
||||
struct in_addr targetAddress; /* IP address incoming packets */
|
||||
/* are sent to if no aliasing */
|
||||
/* link already exists */
|
||||
|
||||
struct in_addr nullAddress; /* Used as a dummy parameter for */
|
||||
/* some function calls */
|
||||
|
||||
LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
|
||||
/* Lookup table of pointers to */
|
||||
/* chains of link records. Each */
|
||||
|
||||
LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
|
||||
/* link record is doubly indexed */
|
||||
/* into input and output lookup */
|
||||
/* tables. */
|
||||
|
||||
/* Link statistics */
|
||||
/* Mode flags documented in alias.h */
|
||||
int packetAliasMode;
|
||||
/* Address written onto source field of IP packet. */
|
||||
struct in_addr aliasAddress;
|
||||
/* IP address incoming packets are sent to
|
||||
* if no aliasing link already exists */
|
||||
struct in_addr targetAddress;
|
||||
/* Used as a dummy parameter for some function calls */
|
||||
struct in_addr nullAddress;
|
||||
/* Lookup table of pointers to chains of link records.
|
||||
* Each link record is doubly indexed into input and
|
||||
* output lookup tables. */
|
||||
LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
|
||||
LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
|
||||
/* Link statistics */
|
||||
int icmpLinkCount;
|
||||
int udpLinkCount;
|
||||
int tcpLinkCount;
|
||||
@ -114,49 +105,41 @@ struct libalias {
|
||||
int fragmentIdLinkCount;
|
||||
int fragmentPtrLinkCount;
|
||||
int sockCount;
|
||||
|
||||
int cleanupIndex; /* Index to chain of link table */
|
||||
/* being inspected for old links */
|
||||
|
||||
int timeStamp; /* System time in seconds for */
|
||||
/* current packet */
|
||||
|
||||
int lastCleanupTime; /* Last time
|
||||
* IncrementalCleanup() */
|
||||
/* was called */
|
||||
|
||||
int deleteAllLinks; /* If equal to zero, DeleteLink() */
|
||||
/* will not remove permanent links */
|
||||
|
||||
/* log descriptor */
|
||||
#ifdef _KERNEL
|
||||
char *logDesc;
|
||||
#else
|
||||
FILE *logDesc;
|
||||
/* Index to chain of link table being inspected for old links */
|
||||
int cleanupIndex;
|
||||
/* System time in seconds for current packet */
|
||||
int timeStamp;
|
||||
/* Last time IncrementalCleanup() was called */
|
||||
int lastCleanupTime;
|
||||
/* If equal to zero, DeleteLink()
|
||||
* will not remove permanent links */
|
||||
int deleteAllLinks;
|
||||
/* log descriptor */
|
||||
#ifdef _KERNEL
|
||||
char *logDesc;
|
||||
#else
|
||||
FILE *logDesc;
|
||||
#endif
|
||||
/* statistics monitoring */
|
||||
|
||||
int newDefaultLink; /* Indicates if a new aliasing */
|
||||
/* link has been created after a */
|
||||
/* call to PacketAliasIn/Out(). */
|
||||
/* Indicates if a new aliasing link has been created
|
||||
* after a call to PacketAliasIn/Out(). */
|
||||
int newDefaultLink;
|
||||
|
||||
#ifndef NO_FW_PUNCH
|
||||
int fireWallFD; /* File descriptor to be able to */
|
||||
/* control firewall. Opened by */
|
||||
/* PacketAliasSetMode on first */
|
||||
/* setting the PKT_ALIAS_PUNCH_FW */
|
||||
/* flag. */
|
||||
int fireWallBaseNum; /* The first firewall entry
|
||||
* free for our use */
|
||||
int fireWallNumNums; /* How many entries can we
|
||||
* use? */
|
||||
int fireWallActiveNum; /* Which entry did we last
|
||||
* use? */
|
||||
char *fireWallField; /* bool array for entries */
|
||||
/* File descriptor to be able to control firewall.
|
||||
* Opened by PacketAliasSetMode on first setting
|
||||
* the PKT_ALIAS_PUNCH_FW flag. */
|
||||
int fireWallFD;
|
||||
/* The first firewall entry free for our use */
|
||||
int fireWallBaseNum;
|
||||
/* How many entries can we use? */
|
||||
int fireWallNumNums;
|
||||
/* Which entry did we last use? */
|
||||
int fireWallActiveNum;
|
||||
/* bool array for entries */
|
||||
char *fireWallField;
|
||||
#endif
|
||||
|
||||
unsigned int skinnyPort; /* TCP port used by the Skinny */
|
||||
/* protocol. */
|
||||
/* TCP port used by the Skinny protocol. */
|
||||
unsigned int skinnyPort;
|
||||
|
||||
struct proxy_entry *proxyList;
|
||||
|
||||
@ -173,25 +156,17 @@ struct libalias {
|
||||
|
||||
/* counts associations that have progressed to UP and not yet removed */
|
||||
int sctpLinkCount;
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
/* timing queue for keeping track of association timeouts */
|
||||
struct sctp_nat_timer sctpNatTimer;
|
||||
|
||||
/* size of hash table used in this instance */
|
||||
u_int sctpNatTableSize;
|
||||
|
||||
/*
|
||||
* local look up table sorted by l_vtag/l_port
|
||||
*/
|
||||
/* local look up table sorted by l_vtag/l_port */
|
||||
LIST_HEAD(sctpNatTableL, sctp_nat_assoc) *sctpTableLocal;
|
||||
/*
|
||||
* global look up table sorted by g_vtag/g_port
|
||||
*/
|
||||
/* global look up table sorted by g_vtag/g_port */
|
||||
LIST_HEAD(sctpNatTableG, sctp_nat_assoc) *sctpTableGlobal;
|
||||
|
||||
/*
|
||||
* avoid races in libalias: every public function has to use it.
|
||||
*/
|
||||
/* avoid races in libalias: every public function has to use it. */
|
||||
struct mtx mutex;
|
||||
#endif
|
||||
};
|
||||
@ -200,7 +175,7 @@ struct libalias {
|
||||
|
||||
#ifdef _KERNEL
|
||||
#define LIBALIAS_LOCK_INIT(l) \
|
||||
mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF)
|
||||
mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF)
|
||||
#define LIBALIAS_LOCK_ASSERT(l) mtx_assert(&l->mutex, MA_OWNED)
|
||||
#define LIBALIAS_LOCK(l) mtx_lock(&l->mutex)
|
||||
#define LIBALIAS_UNLOCK(l) mtx_unlock(&l->mutex)
|
||||
@ -240,7 +215,7 @@ struct libalias {
|
||||
|
||||
/*
|
||||
* SctpFunction prototypes
|
||||
*
|
||||
*
|
||||
*/
|
||||
void AliasSctpInit(struct libalias *la);
|
||||
void AliasSctpTerm(struct libalias *la);
|
||||
@ -279,9 +254,9 @@ struct alias_link *
|
||||
FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
|
||||
u_short _ip_id);
|
||||
struct alias_link *
|
||||
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
|
||||
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
|
||||
struct alias_link *
|
||||
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
|
||||
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
|
||||
struct alias_link *
|
||||
FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
|
||||
u_char _proto);
|
||||
@ -313,17 +288,17 @@ struct alias_link *
|
||||
FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
|
||||
u_short _src_port, u_short _alias_port, u_char _proto);
|
||||
struct in_addr
|
||||
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
|
||||
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
|
||||
struct in_addr
|
||||
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
|
||||
struct in_addr
|
||||
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
|
||||
struct in_addr
|
||||
FindSctpRedirectAddress(struct libalias *la, struct sctp_nat_msg *sm);
|
||||
|
||||
/* External data access/modification */
|
||||
int
|
||||
FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
|
||||
u_short _src_port, u_short _dst_port, u_short _port_count,
|
||||
u_char _proto, u_char _align);
|
||||
int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr,
|
||||
struct in_addr _alias_addr, u_short _src_port,
|
||||
u_short _dst_port, u_short _port_count, u_char _proto,
|
||||
u_char _align);
|
||||
void GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr);
|
||||
void SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr);
|
||||
void GetFragmentPtr(struct alias_link *_lnk, void **_fptr);
|
||||
@ -332,27 +307,22 @@ void SetStateIn(struct alias_link *_lnk, int _state);
|
||||
void SetStateOut(struct alias_link *_lnk, int _state);
|
||||
int GetStateIn (struct alias_link *_lnk);
|
||||
int GetStateOut(struct alias_link *_lnk);
|
||||
struct in_addr
|
||||
GetOriginalAddress(struct alias_link *_lnk);
|
||||
struct in_addr
|
||||
GetDestAddress(struct alias_link *_lnk);
|
||||
struct in_addr
|
||||
GetAliasAddress(struct alias_link *_lnk);
|
||||
struct in_addr
|
||||
GetDefaultAliasAddress(struct libalias *la);
|
||||
struct in_addr GetOriginalAddress(struct alias_link *_lnk);
|
||||
struct in_addr GetDestAddress(struct alias_link *_lnk);
|
||||
struct in_addr GetAliasAddress(struct alias_link *_lnk);
|
||||
struct in_addr GetDefaultAliasAddress(struct libalias *la);
|
||||
void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
|
||||
u_short GetOriginalPort(struct alias_link *_lnk);
|
||||
u_short GetAliasPort(struct alias_link *_lnk);
|
||||
struct in_addr
|
||||
GetProxyAddress(struct alias_link *_lnk);
|
||||
struct in_addr GetProxyAddress(struct alias_link *_lnk);
|
||||
void SetProxyAddress(struct alias_link *_lnk, struct in_addr _addr);
|
||||
u_short GetProxyPort(struct alias_link *_lnk);
|
||||
void SetProxyPort(struct alias_link *_lnk, u_short _port);
|
||||
void SetAckModified(struct alias_link *_lnk);
|
||||
int GetAckModified(struct alias_link *_lnk);
|
||||
int GetDeltaAckIn(u_long, struct alias_link *_lnk);
|
||||
int GetDeltaSeqOut(u_long, struct alias_link *lnk);
|
||||
void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl,
|
||||
int GetDeltaSeqOut(u_long, struct alias_link *lnk);
|
||||
void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl,
|
||||
u_short ip_len, u_long th_seq, u_int th_off);
|
||||
void SetExpire (struct alias_link *_lnk, int _expire);
|
||||
void ClearCheckNewLink(struct libalias *la);
|
||||
@ -368,18 +338,18 @@ void PunchFWHole(struct alias_link *_lnk);
|
||||
/* Housekeeping function */
|
||||
void HouseKeeping(struct libalias *);
|
||||
|
||||
/* Tcp specific routines */
|
||||
/* lint -save -library Suppress flexelint warnings */
|
||||
|
||||
/* Transparent proxy routines */
|
||||
int
|
||||
ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
|
||||
u_short * proxy_server_port, struct in_addr src_addr,
|
||||
u_short * proxy_server_port, struct in_addr src_addr,
|
||||
struct in_addr dst_addr, u_short dst_port, u_char ip_p);
|
||||
void
|
||||
ProxyModify(struct libalias *la, struct alias_link *_lnk, struct ip *_pip,
|
||||
int _maxpacketsize, int _proxy_type);
|
||||
|
||||
/* Tcp specific routines */
|
||||
/* lint -save -library Suppress flexelint warnings */
|
||||
|
||||
enum alias_tcp_state {
|
||||
ALIAS_TCP_STATE_NOT_CONNECTED,
|
||||
ALIAS_TCP_STATE_CONNECTED,
|
||||
|
@ -97,7 +97,6 @@ LibAliasAttachHandlers(struct proto_handler *p)
|
||||
int
|
||||
LibAliasDetachHandlers(struct proto_handler *p)
|
||||
{
|
||||
|
||||
while (p->dir != NODIR) {
|
||||
TAILQ_REMOVE(&handler_chain, p, link);
|
||||
p++;
|
||||
@ -123,7 +122,6 @@ find_handler(int8_t dir, int8_t proto, struct libalias *la, struct ip *ip,
|
||||
struct proto_handler *
|
||||
first_handler(void)
|
||||
{
|
||||
|
||||
return (TAILQ_FIRST(&handler_chain));
|
||||
}
|
||||
|
||||
|
@ -73,20 +73,19 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
static int
|
||||
AliasHandleUdpNbt(struct libalias *, struct ip *, struct alias_link *,
|
||||
struct in_addr *, u_short);
|
||||
|
||||
struct in_addr *, u_short);
|
||||
static int
|
||||
AliasHandleUdpNbtNS(struct libalias *, struct ip *, struct alias_link *,
|
||||
struct in_addr *, u_short *, struct in_addr *, u_short *);
|
||||
struct in_addr *, u_short *, struct in_addr *, u_short *);
|
||||
|
||||
static int
|
||||
fingerprint1(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
|
||||
ah->aaddr == NULL || ah->aport == NULL)
|
||||
return (-1);
|
||||
if (ntohs(*ah->dport) == NETBIOS_DGM_PORT_NUMBER
|
||||
|| ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER)
|
||||
|| ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER)
|
||||
return (0);
|
||||
return (-1);
|
||||
}
|
||||
@ -94,14 +93,12 @@ fingerprint1(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
protohandler1(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
return (AliasHandleUdpNbt(la, pip, ah->lnk, ah->aaddr, *ah->aport));
|
||||
}
|
||||
|
||||
static int
|
||||
fingerprint2(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
|
||||
ah->aaddr == NULL || ah->aport == NULL)
|
||||
return (-1);
|
||||
@ -114,18 +111,16 @@ fingerprint2(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
protohandler2in(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
AliasHandleUdpNbtNS(la, pip, ah->lnk, ah->aaddr, ah->aport,
|
||||
ah->oaddr, ah->dport);
|
||||
ah->oaddr, ah->dport);
|
||||
return (0);
|
||||
}
|
||||
|
||||
static int
|
||||
protohandler2out(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
return (AliasHandleUdpNbtNS(la, pip, ah->lnk, &pip->ip_src, ah->sport,
|
||||
ah->aaddr, ah->aport));
|
||||
ah->aaddr, ah->aport));
|
||||
}
|
||||
|
||||
/* Kernel module definition. */
|
||||
@ -174,14 +169,14 @@ mod_handler(module_t mod, int type, void *data)
|
||||
return (error);
|
||||
}
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
static
|
||||
#endif
|
||||
moduledata_t alias_mod = {
|
||||
"alias_nbt", mod_handler, NULL
|
||||
};
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
DECLARE_MODULE(alias_nbt, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
|
||||
MODULE_VERSION(alias_nbt, 1);
|
||||
MODULE_DEPEND(alias_nbt, libalias, 1, 1, 1);
|
||||
@ -192,8 +187,8 @@ typedef struct {
|
||||
u_short oldport;
|
||||
struct in_addr newaddr;
|
||||
u_short newport;
|
||||
u_short *uh_sum;
|
||||
} NBTArguments;
|
||||
u_short *uh_sum;
|
||||
} NBTArguments;
|
||||
|
||||
typedef struct {
|
||||
unsigned char type;
|
||||
@ -203,7 +198,7 @@ typedef struct {
|
||||
u_short source_port;
|
||||
u_short len;
|
||||
u_short offset;
|
||||
} NbtDataHeader;
|
||||
} NbtDataHeader;
|
||||
|
||||
#define OpQuery 0
|
||||
#define OpUnknown 4
|
||||
@ -213,12 +208,12 @@ typedef struct {
|
||||
#define OpRefresh 8
|
||||
typedef struct {
|
||||
u_short nametrid;
|
||||
u_short dir: 1, opcode:4, nmflags:7, rcode:4;
|
||||
u_short dir:1, opcode:4, nmflags:7, rcode:4;
|
||||
u_short qdcount;
|
||||
u_short ancount;
|
||||
u_short nscount;
|
||||
u_short arcount;
|
||||
} NbtNSHeader;
|
||||
} NbtNSHeader;
|
||||
|
||||
#define FMT_ERR 0x1
|
||||
#define SRV_ERR 0x2
|
||||
@ -231,9 +226,8 @@ typedef struct {
|
||||
static void
|
||||
PrintRcode(u_char rcode)
|
||||
{
|
||||
|
||||
switch (rcode) {
|
||||
case FMT_ERR:
|
||||
case FMT_ERR:
|
||||
printf("\nFormat Error.");
|
||||
case SRV_ERR:
|
||||
printf("\nSever failure.");
|
||||
@ -253,10 +247,9 @@ PrintRcode(u_char rcode)
|
||||
#endif
|
||||
|
||||
/* Handling Name field */
|
||||
static u_char *
|
||||
AliasHandleName(u_char * p, char *pmax)
|
||||
static u_char *
|
||||
AliasHandleName(u_char *p, char *pmax)
|
||||
{
|
||||
|
||||
u_char *s;
|
||||
u_char c;
|
||||
int compress;
|
||||
@ -270,7 +263,7 @@ AliasHandleName(u_char * p, char *pmax)
|
||||
p = p + 2;
|
||||
if ((char *)p > pmax)
|
||||
return (NULL);
|
||||
return ((u_char *) p);
|
||||
return ((u_char *)p);
|
||||
}
|
||||
while ((*p & 0x3f) != 0x00) {
|
||||
s = p + 1;
|
||||
@ -280,7 +273,7 @@ AliasHandleName(u_char * p, char *pmax)
|
||||
compress = 0;
|
||||
|
||||
/* Get next length field */
|
||||
p = (u_char *) (p + (*p & 0x3f) + 1);
|
||||
p = (u_char *)(p + (*p & 0x3f) + 1);
|
||||
if ((char *)p > pmax) {
|
||||
p = NULL;
|
||||
break;
|
||||
@ -316,7 +309,7 @@ AliasHandleName(u_char * p, char *pmax)
|
||||
p = NULL;
|
||||
else
|
||||
p++;
|
||||
return ((u_char *) p);
|
||||
return ((u_char *)p);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -325,19 +318,18 @@ AliasHandleName(u_char * p, char *pmax)
|
||||
#define DGM_DIRECT_UNIQ 0x10
|
||||
#define DGM_DIRECT_GROUP 0x11
|
||||
#define DGM_BROADCAST 0x12
|
||||
#define DGM_ERROR 0x13
|
||||
#define DGM_QUERY 0x14
|
||||
#define DGM_ERROR 0x13
|
||||
#define DGM_QUERY 0x14
|
||||
#define DGM_POSITIVE_RES 0x15
|
||||
#define DGM_NEGATIVE_RES 0x16
|
||||
|
||||
static int
|
||||
AliasHandleUdpNbt(
|
||||
struct libalias *la,
|
||||
struct ip *pip, /* IP packet to examine/patch */
|
||||
struct libalias *la,
|
||||
struct ip *pip, /* IP packet to examine/patch */
|
||||
struct alias_link *lnk,
|
||||
struct in_addr *alias_address,
|
||||
u_short alias_port
|
||||
)
|
||||
struct in_addr *alias_address,
|
||||
u_short alias_port)
|
||||
{
|
||||
struct udphdr *uh;
|
||||
NbtDataHeader *ndh;
|
||||
@ -364,17 +356,17 @@ AliasHandleUdpNbt(
|
||||
case DGM_DIRECT_UNIQ:
|
||||
case DGM_DIRECT_GROUP:
|
||||
case DGM_BROADCAST:
|
||||
p = (u_char *) ndh + 14;
|
||||
p = (u_char *)ndh + 14;
|
||||
p = AliasHandleName(p, pmax); /* Source Name */
|
||||
p = AliasHandleName(p, pmax); /* Destination Name */
|
||||
break;
|
||||
case DGM_ERROR:
|
||||
p = (u_char *) ndh + 11;
|
||||
p = (u_char *)ndh + 11;
|
||||
break;
|
||||
case DGM_QUERY:
|
||||
case DGM_POSITIVE_RES:
|
||||
case DGM_NEGATIVE_RES:
|
||||
p = (u_char *) ndh + 10;
|
||||
p = (u_char *)ndh + 10;
|
||||
p = AliasHandleName(p, pmax); /* Destination Name */
|
||||
break;
|
||||
}
|
||||
@ -391,10 +383,10 @@ AliasHandleUdpNbt(
|
||||
|
||||
acc = ndh->source_port;
|
||||
acc -= alias_port;
|
||||
sptr = (u_short *) & (ndh->source_ip);
|
||||
sptr = (u_short *)&(ndh->source_ip);
|
||||
acc += *sptr++;
|
||||
acc += *sptr;
|
||||
sptr = (u_short *) alias_address;
|
||||
sptr = (u_short *)alias_address;
|
||||
acc -= *sptr++;
|
||||
acc -= *sptr;
|
||||
ADJUST_CHECKSUM(acc, uh->uh_sum);
|
||||
@ -410,27 +402,26 @@ AliasHandleUdpNbt(
|
||||
}
|
||||
|
||||
/* Question Section */
|
||||
#define QS_TYPE_NB 0x0020
|
||||
#define QS_TYPE_NB 0x0020
|
||||
#define QS_TYPE_NBSTAT 0x0021
|
||||
#define QS_CLAS_IN 0x0001
|
||||
#define QS_CLAS_IN 0x0001
|
||||
typedef struct {
|
||||
u_short type; /* The type of Request */
|
||||
u_short class; /* The class of Request */
|
||||
} NBTNsQuestion;
|
||||
} NBTNsQuestion;
|
||||
|
||||
static u_char *
|
||||
static u_char *
|
||||
AliasHandleQuestion(
|
||||
u_short count,
|
||||
NBTNsQuestion * q,
|
||||
char *pmax,
|
||||
NBTArguments * nbtarg)
|
||||
{
|
||||
|
||||
(void)nbtarg;
|
||||
|
||||
while (count != 0) {
|
||||
/* Name Filed */
|
||||
q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax);
|
||||
q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax);
|
||||
|
||||
if (q == NULL || (char *)(q + 1) > pmax) {
|
||||
q = NULL;
|
||||
@ -452,35 +443,35 @@ AliasHandleQuestion(
|
||||
}
|
||||
|
||||
/* Set up to out of Question Section */
|
||||
return ((u_char *) q);
|
||||
return ((u_char *)q);
|
||||
}
|
||||
|
||||
/* Resource Record */
|
||||
#define RR_TYPE_A 0x0001
|
||||
#define RR_TYPE_NS 0x0002
|
||||
#define RR_TYPE_A 0x0001
|
||||
#define RR_TYPE_NS 0x0002
|
||||
#define RR_TYPE_NULL 0x000a
|
||||
#define RR_TYPE_NB 0x0020
|
||||
#define RR_TYPE_NB 0x0020
|
||||
#define RR_TYPE_NBSTAT 0x0021
|
||||
#define RR_CLAS_IN 0x0001
|
||||
#define RR_CLAS_IN 0x0001
|
||||
#define SizeOfNsResource 8
|
||||
typedef struct {
|
||||
u_short type;
|
||||
u_short class;
|
||||
unsigned int ttl;
|
||||
u_short rdlen;
|
||||
} NBTNsResource;
|
||||
} NBTNsResource;
|
||||
|
||||
#define SizeOfNsRNB 6
|
||||
#define SizeOfNsRNB 6
|
||||
typedef struct {
|
||||
u_short g: 1 , ont:2, resv:13;
|
||||
u_short g:1, ont:2, resv:13;
|
||||
struct in_addr addr;
|
||||
} NBTNsRNB;
|
||||
} NBTNsRNB;
|
||||
|
||||
static u_char *
|
||||
static u_char *
|
||||
AliasHandleResourceNB(
|
||||
NBTNsResource * q,
|
||||
char *pmax,
|
||||
NBTArguments * nbtarg)
|
||||
NBTNsResource *q,
|
||||
char *pmax,
|
||||
NBTArguments *nbtarg)
|
||||
{
|
||||
NBTNsRNB *nb;
|
||||
u_short bcount;
|
||||
@ -495,7 +486,7 @@ AliasHandleResourceNB(
|
||||
bcount = ntohs(q->rdlen);
|
||||
|
||||
/* Forward to Resource NB position */
|
||||
nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource);
|
||||
nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource);
|
||||
|
||||
/* Processing all in_addr array */
|
||||
#ifdef LIBALIAS_DEBUG
|
||||
@ -517,10 +508,10 @@ AliasHandleResourceNB(
|
||||
int acc;
|
||||
u_short *sptr;
|
||||
|
||||
sptr = (u_short *) & (nb->addr);
|
||||
sptr = (u_short *)&(nb->addr);
|
||||
acc = *sptr++;
|
||||
acc += *sptr;
|
||||
sptr = (u_short *) & (nbtarg->newaddr);
|
||||
sptr = (u_short *)&(nbtarg->newaddr);
|
||||
acc -= *sptr++;
|
||||
acc -= *sptr;
|
||||
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
|
||||
@ -535,25 +526,25 @@ AliasHandleResourceNB(
|
||||
printf(".");
|
||||
}
|
||||
#endif
|
||||
nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB);
|
||||
nb = (NBTNsRNB *)((u_char *)nb + SizeOfNsRNB);
|
||||
bcount -= SizeOfNsRNB;
|
||||
}
|
||||
if (nb == NULL || (char *)(nb + 1) > pmax) {
|
||||
nb = NULL;
|
||||
}
|
||||
return ((u_char *) nb);
|
||||
return ((u_char *)nb);
|
||||
}
|
||||
|
||||
#define SizeOfResourceA 6
|
||||
typedef struct {
|
||||
struct in_addr addr;
|
||||
} NBTNsResourceA;
|
||||
} NBTNsResourceA;
|
||||
|
||||
static u_char *
|
||||
static u_char *
|
||||
AliasHandleResourceA(
|
||||
NBTNsResource * q,
|
||||
char *pmax,
|
||||
NBTArguments * nbtarg)
|
||||
NBTNsResource *q,
|
||||
char *pmax,
|
||||
NBTArguments *nbtarg)
|
||||
{
|
||||
NBTNsResourceA *a;
|
||||
u_short bcount;
|
||||
@ -566,7 +557,7 @@ AliasHandleResourceA(
|
||||
return (NULL);
|
||||
|
||||
/* Forward to Resource A position */
|
||||
a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource));
|
||||
a = (NBTNsResourceA *)((u_char *)q + sizeof(NBTNsResource));
|
||||
|
||||
/* Check out of length */
|
||||
bcount = ntohs(q->rdlen);
|
||||
@ -588,10 +579,10 @@ AliasHandleResourceA(
|
||||
int acc;
|
||||
u_short *sptr;
|
||||
|
||||
sptr = (u_short *) & (a->addr); /* Old */
|
||||
sptr = (u_short *)&(a->addr); /* Old */
|
||||
acc = *sptr++;
|
||||
acc += *sptr;
|
||||
sptr = (u_short *) & nbtarg->newaddr; /* New */
|
||||
sptr = (u_short *)&nbtarg->newaddr; /* New */
|
||||
acc -= *sptr++;
|
||||
acc -= *sptr;
|
||||
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
|
||||
@ -603,18 +594,18 @@ AliasHandleResourceA(
|
||||
}
|
||||
if (a == NULL || (char *)(a + 1) > pmax)
|
||||
a = NULL;
|
||||
return ((u_char *) a);
|
||||
return ((u_char *)a);
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
u_short opcode:4, flags:8, resv:4;
|
||||
} NBTNsResourceNULL;
|
||||
} NBTNsResourceNULL;
|
||||
|
||||
static u_char *
|
||||
static u_char *
|
||||
AliasHandleResourceNULL(
|
||||
NBTNsResource * q,
|
||||
char *pmax,
|
||||
NBTArguments * nbtarg)
|
||||
NBTNsResource *q,
|
||||
char *pmax,
|
||||
NBTArguments *nbtarg)
|
||||
{
|
||||
NBTNsResourceNULL *n;
|
||||
u_short bcount;
|
||||
@ -625,7 +616,7 @@ AliasHandleResourceNULL(
|
||||
return (NULL);
|
||||
|
||||
/* Forward to Resource NULL position */
|
||||
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
|
||||
n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource));
|
||||
|
||||
/* Check out of length */
|
||||
bcount = ntohs(q->rdlen);
|
||||
@ -642,14 +633,14 @@ AliasHandleResourceNULL(
|
||||
if ((char *)(n + 1) > pmax)
|
||||
n = NULL;
|
||||
|
||||
return ((u_char *) n);
|
||||
return ((u_char *)n);
|
||||
}
|
||||
|
||||
static u_char *
|
||||
static u_char *
|
||||
AliasHandleResourceNS(
|
||||
NBTNsResource * q,
|
||||
char *pmax,
|
||||
NBTArguments * nbtarg)
|
||||
NBTNsResource *q,
|
||||
char *pmax,
|
||||
NBTArguments *nbtarg)
|
||||
{
|
||||
NBTNsResourceNULL *n;
|
||||
u_short bcount;
|
||||
@ -660,29 +651,29 @@ AliasHandleResourceNS(
|
||||
return (NULL);
|
||||
|
||||
/* Forward to Resource NULL position */
|
||||
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
|
||||
n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource));
|
||||
|
||||
/* Check out of length */
|
||||
bcount = ntohs(q->rdlen);
|
||||
|
||||
/* Resource Record Name Filed */
|
||||
q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */
|
||||
q = (NBTNsResource *)AliasHandleName((u_char *)n, pmax); /* XXX */
|
||||
|
||||
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
|
||||
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
|
||||
return (NULL);
|
||||
else
|
||||
return ((u_char *) n + bcount);
|
||||
return ((u_char *)n + bcount);
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
u_short numnames;
|
||||
} NBTNsResourceNBSTAT;
|
||||
} NBTNsResourceNBSTAT;
|
||||
|
||||
static u_char *
|
||||
static u_char *
|
||||
AliasHandleResourceNBSTAT(
|
||||
NBTNsResource * q,
|
||||
char *pmax,
|
||||
NBTArguments * nbtarg)
|
||||
NBTNsResource *q,
|
||||
char *pmax,
|
||||
NBTArguments *nbtarg)
|
||||
{
|
||||
NBTNsResourceNBSTAT *n;
|
||||
u_short bcount;
|
||||
@ -693,28 +684,27 @@ AliasHandleResourceNBSTAT(
|
||||
return (NULL);
|
||||
|
||||
/* Forward to Resource NBSTAT position */
|
||||
n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource));
|
||||
n = (NBTNsResourceNBSTAT *)((u_char *)q + sizeof(NBTNsResource));
|
||||
|
||||
/* Check out of length */
|
||||
bcount = ntohs(q->rdlen);
|
||||
|
||||
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
|
||||
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
|
||||
return (NULL);
|
||||
else
|
||||
return ((u_char *) n + bcount);
|
||||
return ((u_char *)n + bcount);
|
||||
}
|
||||
|
||||
static u_char *
|
||||
static u_char *
|
||||
AliasHandleResource(
|
||||
u_short count,
|
||||
NBTNsResource * q,
|
||||
char *pmax,
|
||||
NBTArguments
|
||||
* nbtarg)
|
||||
u_short count,
|
||||
NBTNsResource *q,
|
||||
char *pmax,
|
||||
NBTArguments *nbtarg)
|
||||
{
|
||||
while (count != 0) {
|
||||
/* Resource Record Name Filed */
|
||||
q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax);
|
||||
q = (NBTNsResource *)AliasHandleName((u_char *)q, pmax);
|
||||
|
||||
if (q == NULL || (char *)(q + 1) > pmax)
|
||||
break;
|
||||
@ -725,39 +715,24 @@ AliasHandleResource(
|
||||
/* Type and Class filed */
|
||||
switch (ntohs(q->type)) {
|
||||
case RR_TYPE_NB:
|
||||
q = (NBTNsResource *) AliasHandleResourceNB(
|
||||
q,
|
||||
pmax,
|
||||
nbtarg
|
||||
);
|
||||
q = (NBTNsResource *)AliasHandleResourceNB(
|
||||
q, pmax, nbtarg);
|
||||
break;
|
||||
case RR_TYPE_A:
|
||||
q = (NBTNsResource *) AliasHandleResourceA(
|
||||
q,
|
||||
pmax,
|
||||
nbtarg
|
||||
);
|
||||
q = (NBTNsResource *)AliasHandleResourceA(
|
||||
q, pmax, nbtarg);
|
||||
break;
|
||||
case RR_TYPE_NS:
|
||||
q = (NBTNsResource *) AliasHandleResourceNS(
|
||||
q,
|
||||
pmax,
|
||||
nbtarg
|
||||
);
|
||||
q = (NBTNsResource *)AliasHandleResourceNS(
|
||||
q, pmax, nbtarg);
|
||||
break;
|
||||
case RR_TYPE_NULL:
|
||||
q = (NBTNsResource *) AliasHandleResourceNULL(
|
||||
q,
|
||||
pmax,
|
||||
nbtarg
|
||||
);
|
||||
q = (NBTNsResource *)AliasHandleResourceNULL(
|
||||
q, pmax, nbtarg);
|
||||
break;
|
||||
case RR_TYPE_NBSTAT:
|
||||
q = (NBTNsResource *) AliasHandleResourceNBSTAT(
|
||||
q,
|
||||
pmax,
|
||||
nbtarg
|
||||
);
|
||||
q = (NBTNsResource *)AliasHandleResourceNBSTAT(
|
||||
q, pmax, nbtarg);
|
||||
break;
|
||||
default:
|
||||
#ifdef LIBALIAS_DEBUG
|
||||
@ -771,18 +746,18 @@ AliasHandleResource(
|
||||
}
|
||||
count--;
|
||||
}
|
||||
return ((u_char *) q);
|
||||
return ((u_char *)q);
|
||||
}
|
||||
|
||||
static int
|
||||
AliasHandleUdpNbtNS(
|
||||
struct libalias *la,
|
||||
struct ip *pip, /* IP packet to examine/patch */
|
||||
struct libalias *la,
|
||||
struct ip *pip, /* IP packet to examine/patch */
|
||||
struct alias_link *lnk,
|
||||
struct in_addr *alias_address,
|
||||
u_short * alias_port,
|
||||
struct in_addr *original_address,
|
||||
u_short * original_port)
|
||||
struct in_addr *alias_address,
|
||||
u_short *alias_port,
|
||||
struct in_addr *original_address,
|
||||
u_short *original_port)
|
||||
{
|
||||
struct udphdr *uh;
|
||||
NbtNSHeader *nsh;
|
||||
@ -803,7 +778,7 @@ AliasHandleUdpNbtNS(
|
||||
uh = (struct udphdr *)ip_next(pip);
|
||||
nbtarg.uh_sum = &(uh->uh_sum);
|
||||
nsh = (NbtNSHeader *)udp_next(uh);
|
||||
p = (u_char *) (nsh + 1);
|
||||
p = (u_char *)(nsh + 1);
|
||||
pmax = (char *)uh + ntohs(uh->uh_ulen);
|
||||
|
||||
if ((char *)(nsh + 1) > pmax)
|
||||
@ -821,7 +796,7 @@ AliasHandleUdpNbtNS(
|
||||
ntohs(nsh->ancount),
|
||||
ntohs(nsh->nscount),
|
||||
ntohs(nsh->arcount),
|
||||
(u_char *) p - (u_char *) nsh
|
||||
(u_char *)p - (u_char *)nsh
|
||||
);
|
||||
#endif
|
||||
|
||||
@ -829,7 +804,7 @@ AliasHandleUdpNbtNS(
|
||||
if (ntohs(nsh->qdcount) != 0) {
|
||||
p = AliasHandleQuestion(
|
||||
ntohs(nsh->qdcount),
|
||||
(NBTNsQuestion *) p,
|
||||
(NBTNsQuestion *)p,
|
||||
pmax,
|
||||
&nbtarg
|
||||
);
|
||||
@ -838,7 +813,7 @@ AliasHandleUdpNbtNS(
|
||||
if (ntohs(nsh->ancount) != 0) {
|
||||
p = AliasHandleResource(
|
||||
ntohs(nsh->ancount),
|
||||
(NBTNsResource *) p,
|
||||
(NBTNsResource *)p,
|
||||
pmax,
|
||||
&nbtarg
|
||||
);
|
||||
@ -847,7 +822,7 @@ AliasHandleUdpNbtNS(
|
||||
if (ntohs(nsh->nscount) != 0) {
|
||||
p = AliasHandleResource(
|
||||
ntohs(nsh->nscount),
|
||||
(NBTNsResource *) p,
|
||||
(NBTNsResource *)p,
|
||||
pmax,
|
||||
&nbtarg
|
||||
);
|
||||
@ -856,7 +831,7 @@ AliasHandleUdpNbtNS(
|
||||
if (ntohs(nsh->arcount) != 0) {
|
||||
p = AliasHandleResource(
|
||||
ntohs(nsh->arcount),
|
||||
(NBTNsResource *) p,
|
||||
(NBTNsResource *)p,
|
||||
pmax,
|
||||
&nbtarg
|
||||
);
|
||||
|
@ -81,7 +81,6 @@ AliasHandlePptpGreIn(struct libalias *, struct ip *);
|
||||
static int
|
||||
fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
|
||||
return (-1);
|
||||
if (ntohs(*ah->dport) == PPTP_CONTROL_PORT_NUMBER
|
||||
@ -93,14 +92,12 @@ fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
fingerprintgre(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
static int
|
||||
protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
AliasHandlePptpIn(la, pip, ah->lnk);
|
||||
return (0);
|
||||
}
|
||||
@ -108,7 +105,6 @@ protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
static int
|
||||
protohandlerout(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
AliasHandlePptpOut(la, pip, ah->lnk);
|
||||
return (0);
|
||||
}
|
||||
@ -116,7 +112,6 @@ protohandlerout(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
static int
|
||||
protohandlergrein(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
|
||||
AliasHandlePptpGreIn(la, pip) == 0)
|
||||
return (0);
|
||||
@ -126,7 +121,6 @@ protohandlergrein(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
static int
|
||||
protohandlergreout(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (AliasHandlePptpGreOut(la, pip) == 0)
|
||||
return (0);
|
||||
return (-1);
|
||||
@ -196,7 +190,7 @@ moduledata_t alias_mod = {
|
||||
"alias_pptp", mod_handler, NULL
|
||||
};
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
DECLARE_MODULE(alias_pptp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
|
||||
MODULE_VERSION(alias_pptp, 1);
|
||||
MODULE_DEPEND(alias_pptp, libalias, 1, 1, 1);
|
||||
@ -225,14 +219,13 @@ MODULE_DEPEND(alias_pptp, libalias, 1, 1, 1);
|
||||
Reference: RFC 2637
|
||||
|
||||
Initial version: May, 2000 (eds)
|
||||
|
||||
*/
|
||||
|
||||
/*
|
||||
* PPTP definitions
|
||||
*/
|
||||
|
||||
struct grehdr { /* Enhanced GRE header. */
|
||||
struct grehdr { /* Enhanced GRE header. */
|
||||
u_int16_t gh_flags; /* Flags. */
|
||||
u_int16_t gh_protocol; /* Protocol type. */
|
||||
u_int16_t gh_length; /* Payload length. */
|
||||
@ -271,7 +264,7 @@ enum {
|
||||
PPTP_SetLinkInfo = 15
|
||||
};
|
||||
|
||||
/* Message structures */
|
||||
/* Message structures */
|
||||
struct pptpMsgHead {
|
||||
u_int16_t length; /* total length */
|
||||
u_int16_t msgType;/* PPTP message type */
|
||||
@ -298,8 +291,8 @@ static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
|
||||
static void
|
||||
AliasHandlePptpOut(struct libalias *la,
|
||||
struct ip *pip, /* IP packet to examine/patch */
|
||||
struct alias_link *lnk)
|
||||
{ /* The PPTP control link */
|
||||
struct alias_link *lnk) /* The PPTP control link */
|
||||
{
|
||||
struct alias_link *pptp_lnk;
|
||||
PptpCallId cptr;
|
||||
PptpCode codes;
|
||||
@ -330,8 +323,7 @@ AliasHandlePptpOut(struct libalias *la,
|
||||
* message.
|
||||
*/
|
||||
pptp_lnk = FindPptpOutByCallId(la, GetOriginalAddress(lnk),
|
||||
GetDestAddress(lnk),
|
||||
cptr->cid1);
|
||||
GetDestAddress(lnk), cptr->cid1);
|
||||
break;
|
||||
default:
|
||||
return;
|
||||
@ -351,16 +343,17 @@ AliasHandlePptpOut(struct libalias *la,
|
||||
switch (ctl_type) {
|
||||
case PPTP_OutCallReply:
|
||||
case PPTP_InCallReply:
|
||||
codes = (PptpCode) (cptr + 1);
|
||||
if (codes->resCode == 1) /* Connection
|
||||
* established, */
|
||||
SetDestCallId(pptp_lnk, /* note the Peer's Call
|
||||
* ID. */
|
||||
cptr->cid2);
|
||||
codes = (PptpCode)(cptr + 1);
|
||||
if (codes->resCode == 1)
|
||||
/* Connection established,
|
||||
* note the Peer's Call ID. */
|
||||
SetDestCallId(pptp_lnk, cptr->cid2);
|
||||
else
|
||||
SetExpire(pptp_lnk, 0); /* Connection refused. */
|
||||
/* Connection refused. */
|
||||
SetExpire(pptp_lnk, 0);
|
||||
break;
|
||||
case PPTP_CallDiscNotify: /* Connection closed. */
|
||||
case PPTP_CallDiscNotify:
|
||||
/* Connection closed. */
|
||||
SetExpire(pptp_lnk, 0);
|
||||
break;
|
||||
}
|
||||
@ -370,8 +363,8 @@ AliasHandlePptpOut(struct libalias *la,
|
||||
static void
|
||||
AliasHandlePptpIn(struct libalias *la,
|
||||
struct ip *pip, /* IP packet to examine/patch */
|
||||
struct alias_link *lnk)
|
||||
{ /* The PPTP control link */
|
||||
struct alias_link *lnk) /* The PPTP control link */
|
||||
{
|
||||
struct alias_link *pptp_lnk;
|
||||
PptpCallId cptr;
|
||||
u_int16_t *pcall_id;
|
||||
@ -393,10 +386,10 @@ AliasHandlePptpIn(struct libalias *la,
|
||||
case PPTP_InCallReply:
|
||||
pcall_id = &cptr->cid2;
|
||||
break;
|
||||
case PPTP_CallDiscNotify: /* Connection closed. */
|
||||
case PPTP_CallDiscNotify:
|
||||
/* Connection closed. */
|
||||
pptp_lnk = FindPptpInByCallId(la, GetDestAddress(lnk),
|
||||
GetAliasAddress(lnk),
|
||||
cptr->cid1);
|
||||
GetAliasAddress(lnk), cptr->cid1);
|
||||
if (pptp_lnk != NULL)
|
||||
SetExpire(pptp_lnk, 0);
|
||||
return;
|
||||
@ -406,8 +399,7 @@ AliasHandlePptpIn(struct libalias *la,
|
||||
|
||||
/* Find PPTP link for address and Call ID found in PPTP Control Msg */
|
||||
pptp_lnk = FindPptpInByPeerCallId(la, GetDestAddress(lnk),
|
||||
GetAliasAddress(lnk),
|
||||
*pcall_id);
|
||||
GetAliasAddress(lnk), *pcall_id);
|
||||
|
||||
if (pptp_lnk != NULL) {
|
||||
int accumulate = *pcall_id;
|
||||
@ -420,22 +412,24 @@ AliasHandlePptpIn(struct libalias *la,
|
||||
accumulate -= *pcall_id;
|
||||
ADJUST_CHECKSUM(accumulate, tc->th_sum);
|
||||
|
||||
if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
|
||||
PptpCode codes = (PptpCode) (cptr + 1);
|
||||
if (ctl_type == PPTP_OutCallReply ||
|
||||
ctl_type == PPTP_InCallReply) {
|
||||
PptpCode codes = (PptpCode)(cptr + 1);
|
||||
|
||||
if (codes->resCode == 1) /* Connection
|
||||
* established, */
|
||||
SetDestCallId(pptp_lnk, /* note the Call ID. */
|
||||
cptr->cid1);
|
||||
if (codes->resCode == 1)
|
||||
/* Connection established,
|
||||
* note the Call ID. */
|
||||
SetDestCallId(pptp_lnk, cptr->cid1);
|
||||
else
|
||||
SetExpire(pptp_lnk, 0); /* Connection refused. */
|
||||
/* Connection refused. */
|
||||
SetExpire(pptp_lnk, 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static PptpCallId
|
||||
AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
|
||||
{ /* IP packet to examine/patch */
|
||||
static PptpCallId
|
||||
AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) /* IP packet to examine/patch */
|
||||
{
|
||||
int hlen, tlen, dlen;
|
||||
PptpMsgHead hptr;
|
||||
struct tcphdr *tc;
|
||||
@ -451,7 +445,7 @@ AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
|
||||
return (NULL);
|
||||
|
||||
/* Move up to PPTP message header */
|
||||
hptr = (PptpMsgHead) tcp_next(tc);
|
||||
hptr = (PptpMsgHead)tcp_next(tc);
|
||||
|
||||
/* Return the control message type */
|
||||
*ptype = ntohs(hptr->type);
|
||||
@ -467,7 +461,7 @@ AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
|
||||
sizeof(struct pptpCodes))))
|
||||
return (NULL);
|
||||
else
|
||||
return (PptpCallId) (hptr + 1);
|
||||
return ((PptpCallId)(hptr + 1));
|
||||
}
|
||||
|
||||
static int
|
||||
@ -476,10 +470,10 @@ AliasHandlePptpGreOut(struct libalias *la, struct ip *pip)
|
||||
GreHdr *gr;
|
||||
struct alias_link *lnk;
|
||||
|
||||
gr = (GreHdr *) ip_next(pip);
|
||||
gr = (GreHdr *)ip_next(pip);
|
||||
|
||||
/* Check GRE header bits. */
|
||||
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
|
||||
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
|
||||
return (-1);
|
||||
|
||||
lnk = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
|
||||
@ -500,10 +494,10 @@ AliasHandlePptpGreIn(struct libalias *la, struct ip *pip)
|
||||
GreHdr *gr;
|
||||
struct alias_link *lnk;
|
||||
|
||||
gr = (GreHdr *) ip_next(pip);
|
||||
gr = (GreHdr *)ip_next(pip);
|
||||
|
||||
/* Check GRE header bits. */
|
||||
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
|
||||
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
|
||||
return (-1);
|
||||
|
||||
lnk = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
|
||||
|
@ -76,6 +76,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <netinet/libalias/alias_mod.h>
|
||||
#else
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#include "alias.h" /* Public API functions for libalias */
|
||||
#include "alias_local.h" /* Functions used by alias*.c */
|
||||
#endif
|
||||
@ -189,7 +190,7 @@ IpPort(char *s, int proto, int *port)
|
||||
if (se == NULL)
|
||||
return (-1);
|
||||
|
||||
*port = (u_int) ntohs(se->s_port);
|
||||
*port = (u_int)ntohs(se->s_port);
|
||||
}
|
||||
#else
|
||||
return (-1);
|
||||
@ -292,20 +293,19 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
|
||||
struct tcphdr *tc;
|
||||
char addrbuf[INET_ADDRSTRLEN];
|
||||
|
||||
/* Compute pointer to tcp header */
|
||||
/* Compute pointer to tcp header */
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
|
||||
/* Don't modify if once already modified */
|
||||
|
||||
/* Don't modify if once already modified */
|
||||
if (GetAckModified(lnk))
|
||||
return;
|
||||
|
||||
/* Translate destination address and port to string form */
|
||||
/* Translate destination address and port to string form */
|
||||
snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]",
|
||||
inet_ntoa_r(GetProxyAddress(lnk), INET_NTOA_BUF(addrbuf)),
|
||||
(u_int) ntohs(GetProxyPort(lnk)));
|
||||
(u_int)ntohs(GetProxyPort(lnk)));
|
||||
|
||||
/* Pad string out to a multiple of two in length */
|
||||
/* Pad string out to a multiple of two in length */
|
||||
slen = strlen(buffer);
|
||||
switch (slen % 2) {
|
||||
case 0:
|
||||
@ -317,11 +317,11 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
|
||||
slen += 1;
|
||||
}
|
||||
|
||||
/* Check for packet overflow */
|
||||
/* Check for packet overflow */
|
||||
if ((int)(ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize)
|
||||
return;
|
||||
|
||||
/* Shift existing TCP data and insert destination string */
|
||||
/* Shift existing TCP data and insert destination string */
|
||||
{
|
||||
int dlen;
|
||||
int hlen;
|
||||
@ -330,8 +330,7 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
|
||||
hlen = (pip->ip_hl + tc->th_off) << 2;
|
||||
dlen = ntohs(pip->ip_len) - hlen;
|
||||
|
||||
/* Modify first packet that has data in it */
|
||||
|
||||
/* Modify first packet that has data in it */
|
||||
if (dlen == 0)
|
||||
return;
|
||||
|
||||
@ -342,18 +341,18 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
|
||||
memcpy(p, buffer, slen);
|
||||
}
|
||||
|
||||
/* Save information about modfied sequence number */
|
||||
/* Save information about modfied sequence number */
|
||||
{
|
||||
int delta;
|
||||
|
||||
SetAckModified(lnk);
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
delta = GetDeltaSeqOut(tc->th_seq, lnk);
|
||||
AddSeq(lnk, delta + slen, pip->ip_hl, pip->ip_len, tc->th_seq,
|
||||
tc->th_off);
|
||||
}
|
||||
|
||||
/* Update IP header packet length and checksum */
|
||||
/* Update IP header packet length and checksum */
|
||||
{
|
||||
int accumulate;
|
||||
|
||||
@ -364,8 +363,8 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
|
||||
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
|
||||
}
|
||||
|
||||
/* Update TCP checksum, Use TcpChecksum since so many things have
|
||||
already changed. */
|
||||
/* Update TCP checksum, Use TcpChecksum since so many things have
|
||||
already changed. */
|
||||
|
||||
tc->th_sum = 0;
|
||||
#ifdef _KERNEL
|
||||
@ -376,8 +375,7 @@ ProxyEncodeTcpStream(struct alias_link *lnk,
|
||||
}
|
||||
|
||||
static void
|
||||
ProxyEncodeIpHeader(struct ip *pip,
|
||||
int maxpacketsize)
|
||||
ProxyEncodeIpHeader(struct ip *pip, int maxpacketsize)
|
||||
{
|
||||
#define OPTION_LEN_BYTES 8
|
||||
#define OPTION_LEN_INT16 4
|
||||
@ -385,17 +383,17 @@ ProxyEncodeIpHeader(struct ip *pip,
|
||||
_Alignas(_Alignof(u_short)) u_char option[OPTION_LEN_BYTES];
|
||||
|
||||
#ifdef LIBALIAS_DEBUG
|
||||
fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip));
|
||||
fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip));
|
||||
fprintf(stdout, " ip cksum 1 = %x\n", (u_int)IpChecksum(pip));
|
||||
fprintf(stdout, "tcp cksum 1 = %x\n", (u_int)TcpChecksum(pip));
|
||||
#endif
|
||||
|
||||
(void)maxpacketsize;
|
||||
|
||||
/* Check to see that there is room to add an IP option */
|
||||
/* Check to see that there is room to add an IP option */
|
||||
if (pip->ip_hl > (0x0f - OPTION_LEN_INT32))
|
||||
return;
|
||||
|
||||
/* Build option and copy into packet */
|
||||
/* Build option and copy into packet */
|
||||
{
|
||||
u_char *ptr;
|
||||
struct tcphdr *tc;
|
||||
@ -407,15 +405,15 @@ ProxyEncodeIpHeader(struct ip *pip,
|
||||
option[0] = 0x64; /* class: 3 (reserved), option 4 */
|
||||
option[1] = OPTION_LEN_BYTES;
|
||||
|
||||
memcpy(&option[2], (u_char *) & pip->ip_dst, 4);
|
||||
memcpy(&option[2], (u_char *)&pip->ip_dst, 4);
|
||||
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
memcpy(&option[6], (u_char *) & tc->th_sport, 2);
|
||||
memcpy(&option[6], (u_char *)&tc->th_sport, 2);
|
||||
|
||||
memcpy(ptr, option, 8);
|
||||
}
|
||||
|
||||
/* Update checksum, header length and packet length */
|
||||
/* Update checksum, header length and packet length */
|
||||
{
|
||||
int i;
|
||||
int accumulate;
|
||||
@ -441,8 +439,8 @@ ProxyEncodeIpHeader(struct ip *pip,
|
||||
#undef OPTION_LEN_INT16
|
||||
#undef OPTION_LEN_INT32
|
||||
#ifdef LIBALIAS_DEBUG
|
||||
fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip));
|
||||
fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip));
|
||||
fprintf(stdout, " ip cksum 2 = %x\n", (u_int)IpChecksum(pip));
|
||||
fprintf(stdout, "tcp cksum 2 = %x\n", (u_int)TcpChecksum(pip));
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -457,7 +455,7 @@ ProxyEncodeIpHeader(struct ip *pip,
|
||||
|
||||
int
|
||||
ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
|
||||
u_short * proxy_server_port, struct in_addr src_addr,
|
||||
u_short * proxy_server_port, struct in_addr src_addr,
|
||||
struct in_addr dst_addr, u_short dst_port, u_char ip_p)
|
||||
{
|
||||
struct proxy_entry *ptr;
|
||||
@ -498,12 +496,11 @@ ProxyModify(struct libalias *la, struct alias_link *lnk,
|
||||
int maxpacketsize,
|
||||
int proxy_type)
|
||||
{
|
||||
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
(void)la;
|
||||
|
||||
switch (proxy_type) {
|
||||
case PROXY_TYPE_ENCODE_IPHDR:
|
||||
case PROXY_TYPE_ENCODE_IPHDR:
|
||||
ProxyEncodeIpHeader(pip, maxpacketsize);
|
||||
break;
|
||||
|
||||
@ -517,9 +514,6 @@ ProxyModify(struct libalias *la, struct alias_link *lnk,
|
||||
Public API functions
|
||||
*/
|
||||
|
||||
int
|
||||
LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
{
|
||||
/*
|
||||
* This function takes command strings of the form:
|
||||
*
|
||||
@ -541,6 +535,9 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
* then 0 is used, and group 0 rules are always checked before any
|
||||
* others.
|
||||
*/
|
||||
int
|
||||
LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
{
|
||||
int i, n, len, ret;
|
||||
int cmd_len;
|
||||
int token_count;
|
||||
@ -563,7 +560,8 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
|
||||
LIBALIAS_LOCK(la);
|
||||
ret = 0;
|
||||
/* Copy command line into a buffer */
|
||||
|
||||
/* Copy command line into a buffer */
|
||||
cmd += strspn(cmd, " \t");
|
||||
cmd_len = strlen(cmd);
|
||||
if (cmd_len > (int)(sizeof(buffer) - 1)) {
|
||||
@ -572,14 +570,14 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
}
|
||||
strcpy(buffer, cmd);
|
||||
|
||||
/* Convert to lower case */
|
||||
/* Convert to lower case */
|
||||
len = strlen(buffer);
|
||||
for (i = 0; i < len; i++)
|
||||
buffer[i] = tolower((unsigned char)buffer[i]);
|
||||
|
||||
/* Set default proxy type */
|
||||
/* Set default proxy type */
|
||||
|
||||
/* Set up default values */
|
||||
/* Set up default values */
|
||||
rule_index = 0;
|
||||
proxy_type = PROXY_TYPE_ENCODE_NONE;
|
||||
proto = IPPROTO_TCP;
|
||||
@ -594,7 +592,7 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
str_port[0] = 0;
|
||||
str_server_port[0] = 0;
|
||||
|
||||
/* Parse command string with state machine */
|
||||
/* Parse command string with state machine */
|
||||
#define STATE_READ_KEYWORD 0
|
||||
#define STATE_READ_TYPE 1
|
||||
#define STATE_READ_PORT 2
|
||||
@ -652,41 +650,40 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
state = STATE_READ_KEYWORD;
|
||||
break;
|
||||
|
||||
case STATE_READ_SERVER:
|
||||
{
|
||||
int err;
|
||||
char *p;
|
||||
char s[sizeof(buffer)];
|
||||
case STATE_READ_SERVER: {
|
||||
int err;
|
||||
char *p;
|
||||
char s[sizeof(buffer)];
|
||||
|
||||
p = token;
|
||||
while (*p != ':' && *p != 0)
|
||||
p++;
|
||||
p = token;
|
||||
while (*p != ':' && *p != 0)
|
||||
p++;
|
||||
|
||||
if (*p != ':') {
|
||||
err = IpAddr(token, &server_addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
} else {
|
||||
*p = ' ';
|
||||
if (*p != ':') {
|
||||
err = IpAddr(token, &server_addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
} else {
|
||||
*p = ' ';
|
||||
|
||||
n = sscanf(token, "%s %s", s, str_server_port);
|
||||
if (n != 2) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
n = sscanf(token, "%s %s", s, str_server_port);
|
||||
if (n != 2) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
err = IpAddr(s, &server_addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
err = IpAddr(s, &server_addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
}
|
||||
|
||||
state = STATE_READ_KEYWORD;
|
||||
break;
|
||||
|
||||
}
|
||||
case STATE_READ_RULE:
|
||||
n = sscanf(token, "%d", &rule_index);
|
||||
if (n != 1 || rule_index < 0) {
|
||||
@ -696,29 +693,28 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
state = STATE_READ_KEYWORD;
|
||||
break;
|
||||
|
||||
case STATE_READ_DELETE:
|
||||
{
|
||||
int err;
|
||||
int rule_to_delete;
|
||||
case STATE_READ_DELETE: {
|
||||
int err;
|
||||
int rule_to_delete;
|
||||
|
||||
if (token_count != 2) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
n = sscanf(token, "%d", &rule_to_delete);
|
||||
if (n != 1) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
err = RuleNumberDelete(la, rule_to_delete);
|
||||
if (err)
|
||||
ret = -1;
|
||||
else
|
||||
ret = 0;
|
||||
if (token_count != 2) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
n = sscanf(token, "%d", &rule_to_delete);
|
||||
if (n != 1) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
err = RuleNumberDelete(la, rule_to_delete);
|
||||
if (err)
|
||||
ret = -1;
|
||||
else
|
||||
ret = 0;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
case STATE_READ_PROTO:
|
||||
if (strcmp(token, "tcp") == 0)
|
||||
proto = IPPROTO_TCP;
|
||||
@ -732,58 +728,58 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
break;
|
||||
|
||||
case STATE_READ_SRC:
|
||||
case STATE_READ_DST:
|
||||
{
|
||||
int err;
|
||||
char *p;
|
||||
struct in_addr mask;
|
||||
struct in_addr addr;
|
||||
case STATE_READ_DST: {
|
||||
int err;
|
||||
char *p;
|
||||
struct in_addr mask;
|
||||
struct in_addr addr;
|
||||
|
||||
p = token;
|
||||
while (*p != '/' && *p != 0)
|
||||
p++;
|
||||
p = token;
|
||||
while (*p != '/' && *p != 0)
|
||||
p++;
|
||||
|
||||
if (*p != '/') {
|
||||
IpMask(32, &mask);
|
||||
err = IpAddr(token, &addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
} else {
|
||||
int nbits;
|
||||
char s[sizeof(buffer)];
|
||||
if (*p != '/') {
|
||||
IpMask(32, &mask);
|
||||
err = IpAddr(token, &addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
} else {
|
||||
int nbits;
|
||||
char s[sizeof(buffer)];
|
||||
|
||||
*p = ' ';
|
||||
n = sscanf(token, "%s %d", s, &nbits);
|
||||
if (n != 2) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
err = IpAddr(s, &addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
err = IpMask(nbits, &mask);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
*p = ' ';
|
||||
n = sscanf(token, "%s %d", s, &nbits);
|
||||
if (n != 2) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
if (state == STATE_READ_SRC) {
|
||||
src_addr = addr;
|
||||
src_mask = mask;
|
||||
} else {
|
||||
dst_addr = addr;
|
||||
dst_mask = mask;
|
||||
err = IpAddr(s, &addr);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
err = IpMask(nbits, &mask);
|
||||
if (err) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
}
|
||||
|
||||
if (state == STATE_READ_SRC) {
|
||||
src_addr = addr;
|
||||
src_mask = mask;
|
||||
} else {
|
||||
dst_addr = addr;
|
||||
dst_mask = mask;
|
||||
}
|
||||
|
||||
state = STATE_READ_KEYWORD;
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
ret = -1;
|
||||
@ -805,9 +801,10 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
#undef STATE_READ_SRC
|
||||
#undef STATE_READ_DST
|
||||
|
||||
/* Convert port strings to numbers. This needs to be done after
|
||||
the string is parsed, because the prototype might not be designated
|
||||
before the ports (which might be symbolic entries in /etc/services) */
|
||||
/* Convert port strings to numbers.
|
||||
This needs to be done after the string is parsed, because
|
||||
the prototype might not be designated before the ports
|
||||
(which might be symbolic entries in /etc/services) */
|
||||
|
||||
if (strlen(str_port) != 0) {
|
||||
int err;
|
||||
@ -833,13 +830,13 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
|
||||
server_port = 0;
|
||||
}
|
||||
|
||||
/* Check that at least the server address has been defined */
|
||||
/* Check that at least the server address has been defined */
|
||||
if (server_addr.s_addr == 0) {
|
||||
ret = -1;
|
||||
goto getout;
|
||||
}
|
||||
|
||||
/* Add to linked list */
|
||||
/* Add to linked list */
|
||||
proxy_entry = malloc(sizeof(struct proxy_entry));
|
||||
if (proxy_entry == NULL) {
|
||||
ret = -1;
|
||||
|
@ -2,7 +2,7 @@
|
||||
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
|
||||
*
|
||||
* Copyright (c) 2008
|
||||
* Swinburne University of Technology, Melbourne, Australia.
|
||||
* Swinburne University of Technology, Melbourne, Australia.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -128,15 +128,15 @@ static void TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm,\
|
||||
struct sctp_nat_assoc *assoc, int sndrply, int direction);
|
||||
|
||||
/* Hash Table Functions */
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port);
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match);
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc);
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port);
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port);
|
||||
|
||||
static int AddSctpAssocLocal(struct libalias *la, struct sctp_nat_assoc *assoc, struct in_addr g_addr);
|
||||
@ -151,7 +151,7 @@ static void sctp_ResetTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc,
|
||||
void sctp_CheckTimers(struct libalias *la);
|
||||
|
||||
/* Logging Functions */
|
||||
static void logsctperror(char* errormsg, uint32_t vtag, int error, int direction);
|
||||
static void logsctperror(char *errormsg, uint32_t vtag, int error, int direction);
|
||||
static void logsctpparse(int direction, struct sctp_nat_msg *sm);
|
||||
static void logsctpassoc(struct sctp_nat_assoc *assoc, char *s);
|
||||
static void logTimerQ(struct libalias *la);
|
||||
@ -181,7 +181,7 @@ static void SctpAliasLog(const char *format, ...);
|
||||
*/
|
||||
void SctpShowAliasStats(struct libalias *la);
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
|
||||
static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs");
|
||||
/* Use kernel allocator. */
|
||||
@ -438,7 +438,8 @@ int sysctl_chg_loglevel(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &level, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
level = (level > SN_LOG_DEBUG_MAX) ? (SN_LOG_DEBUG_MAX) : (level);
|
||||
level = (level < SN_LOG_LOW) ? (SN_LOG_LOW) : (level);
|
||||
@ -459,7 +460,8 @@ int sysctl_chg_timer(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &timer, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
timer = (timer > SN_MAX_TIMER) ? (SN_MAX_TIMER) : (timer);
|
||||
|
||||
@ -487,7 +489,8 @@ int sysctl_chg_hashtable_size(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &size, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
size = (size < SN_MIN_HASH_SIZE) ? (SN_MIN_HASH_SIZE) : ((size > SN_MAX_HASH_SIZE) ? (SN_MAX_HASH_SIZE) : (size));
|
||||
|
||||
@ -515,7 +518,8 @@ int sysctl_chg_error_on_ootb(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &flag, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag;
|
||||
|
||||
@ -534,7 +538,8 @@ int sysctl_chg_accept_global_ootb_addip(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &flag, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0;
|
||||
|
||||
@ -554,7 +559,8 @@ int sysctl_chg_initialising_chunk_proc_limit(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &proclimit, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit;
|
||||
sysctl_chunk_proc_limit =
|
||||
@ -576,7 +582,8 @@ int sysctl_chg_chunk_proc_limit(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &proclimit, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sysctl_chunk_proc_limit =
|
||||
(proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit;
|
||||
@ -597,7 +604,8 @@ int sysctl_chg_param_proc_limit(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &proclimit, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sysctl_param_proc_limit =
|
||||
(proclimit < 2) ? 2 : proclimit;
|
||||
@ -618,7 +626,8 @@ int sysctl_chg_track_global_addresses(SYSCTL_HANDLER_ARGS)
|
||||
int error;
|
||||
|
||||
error = sysctl_handle_int(oidp, &num_to_track, 0, req);
|
||||
if (error) return (error);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track;
|
||||
|
||||
@ -637,7 +646,8 @@ int sysctl_chg_track_global_addresses(SYSCTL_HANDLER_ARGS)
|
||||
*
|
||||
* @param la Pointer to the relevant libalias instance
|
||||
*/
|
||||
void AliasSctpInit(struct libalias *la)
|
||||
void
|
||||
AliasSctpInit(struct libalias *la)
|
||||
{
|
||||
/* Initialise association tables*/
|
||||
int i;
|
||||
@ -677,7 +687,8 @@ void AliasSctpInit(struct libalias *la)
|
||||
*
|
||||
* @param la Pointer to the relevant libalias instance
|
||||
*/
|
||||
void AliasSctpTerm(struct libalias *la)
|
||||
void
|
||||
AliasSctpTerm(struct libalias *la)
|
||||
{
|
||||
struct sctp_nat_assoc *assoc1, *assoc2;
|
||||
int i;
|
||||
@ -773,7 +784,7 @@ SctpAlias(struct libalias *la, struct ip *pip, int direction)
|
||||
SN_LOG(SN_LOG_DETAIL,
|
||||
logsctpassoc(assoc, "*");
|
||||
logsctpparse(direction, &msg);
|
||||
);
|
||||
);
|
||||
|
||||
/* Process the SCTP message */
|
||||
rtnval = ProcessSctpMsg(la, direction, &msg, assoc);
|
||||
@ -782,7 +793,7 @@ SctpAlias(struct libalias *la, struct ip *pip, int direction)
|
||||
logsctpassoc(assoc, "-");
|
||||
logSctpLocal(la);
|
||||
logSctpGlobal(la);
|
||||
);
|
||||
);
|
||||
SN_LOG(SN_LOG_DEBUG, logTimerQ(la));
|
||||
|
||||
switch (rtnval) {
|
||||
@ -815,7 +826,7 @@ SctpAlias(struct libalias *la, struct ip *pip, int direction)
|
||||
default:
|
||||
// big error, remove association and go to idle and write log messages
|
||||
SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
|
||||
assoc->state=SN_RM;/* Mark for removal*/
|
||||
assoc->state = SN_RM;/* Mark for removal*/
|
||||
break;
|
||||
}
|
||||
|
||||
@ -999,12 +1010,12 @@ TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm, struct sctp_nat_asso
|
||||
memcpy(sm->ip_hdr, ip, ip_size);
|
||||
|
||||
SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n",
|
||||
((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
|
||||
((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
|
||||
(include_error_cause ? ntohs(error_cause->code) : 0),
|
||||
inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)),
|
||||
ntohs(sctp_hdr->dest_port),
|
||||
ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum)));
|
||||
((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
|
||||
((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
|
||||
(include_error_cause ? ntohs(error_cause->code) : 0),
|
||||
inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)),
|
||||
ntohs(sctp_hdr->dest_port),
|
||||
ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum)));
|
||||
}
|
||||
|
||||
/* ----------------------------------------------------------------------
|
||||
@ -1265,7 +1276,7 @@ GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm, uint32_t *l_vtag, u
|
||||
struct sctp_paramhdr ph;/* type=SCTP_VTAG_PARAM */
|
||||
uint32_t local_vtag;
|
||||
uint32_t remote_vtag;
|
||||
} __attribute__((packed));
|
||||
} __attribute__((packed));
|
||||
|
||||
struct sctp_vtag_param *vtag_param;
|
||||
struct sctp_paramhdr *param;
|
||||
@ -1298,7 +1309,8 @@ GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm, uint32_t *l_vtag, u
|
||||
}
|
||||
|
||||
bytes_left -= param_size;
|
||||
if (bytes_left < SN_MIN_PARAM_SIZE) return (0);
|
||||
if (bytes_left < SN_MIN_PARAM_SIZE)
|
||||
return (0);
|
||||
|
||||
param = SN_SCTP_NEXTPARAM(param);
|
||||
param_size = SCTP_SIZE32(ntohs(param->param_length));
|
||||
@ -1455,7 +1467,8 @@ AddGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int
|
||||
*
|
||||
* @return 1 - success | 0 - fail
|
||||
*/
|
||||
static int Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr)
|
||||
static int
|
||||
Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr)
|
||||
{
|
||||
struct sctp_GlobalAddress *iter_G_Addr = NULL, *first_G_Addr = NULL;
|
||||
first_G_Addr = LIST_FIRST(&(assoc->Gaddr));
|
||||
@ -1550,7 +1563,8 @@ RmGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int d
|
||||
}
|
||||
}
|
||||
bytes_left -= param_size;
|
||||
if (bytes_left == 0) return;
|
||||
if (bytes_left == 0)
|
||||
return;
|
||||
else if (bytes_left < SN_MIN_PARAM_SIZE) {
|
||||
SN_LOG(SN_LOG_EVENT,
|
||||
logsctperror("RmGlobalIPAddress: truncated packet - may not have removed all IP addresses",
|
||||
@ -1614,13 +1628,14 @@ IsASCONFack(struct libalias *la, struct sctp_nat_msg *sm, int direction)
|
||||
return (1); /* success - but can't match correlation IDs - should only be one */
|
||||
/* check others just in case */
|
||||
bytes_left -= param_size;
|
||||
if (bytes_left >= SN_MIN_PARAM_SIZE) {
|
||||
if (bytes_left >= SN_MIN_PARAM_SIZE)
|
||||
param = SN_SCTP_NEXTPARAM(param);
|
||||
} else {
|
||||
else
|
||||
return (0);
|
||||
}
|
||||
|
||||
param_size = SCTP_SIZE32(ntohs(param->param_length));
|
||||
if (bytes_left < param_size) return (0);
|
||||
if (bytes_left < param_size)
|
||||
return (0);
|
||||
|
||||
if (++param_count > sysctl_param_proc_limit) {
|
||||
SN_LOG(SN_LOG_EVENT,
|
||||
@ -1667,13 +1682,14 @@ IsADDorDEL(struct libalias *la, struct sctp_nat_msg *sm, int direction)
|
||||
return (SCTP_DEL_IP_ADDRESS);
|
||||
/* check others just in case */
|
||||
bytes_left -= param_size;
|
||||
if (bytes_left >= SN_MIN_PARAM_SIZE) {
|
||||
if (bytes_left >= SN_MIN_PARAM_SIZE)
|
||||
param = SN_SCTP_NEXTPARAM(param);
|
||||
} else {
|
||||
else
|
||||
return (0); /*Neither found */
|
||||
}
|
||||
|
||||
param_size = SCTP_SIZE32(ntohs(param->param_length));
|
||||
if (bytes_left < param_size) return (0);
|
||||
if (bytes_left < param_size)
|
||||
return (0);
|
||||
|
||||
if (++param_count > sysctl_param_proc_limit) {
|
||||
SN_LOG(SN_LOG_EVENT,
|
||||
@ -1771,7 +1787,7 @@ ID_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, str
|
||||
assoc->g_port = sm->sctp_hdr->dest_port;
|
||||
if (sm->msg == SN_SCTP_INIT)
|
||||
assoc->g_vtag = sm->sctpchnk.Init->initiate_tag;
|
||||
if (AddSctpAssocGlobal(la, assoc)) /* DB clash *///**** need to add dst address
|
||||
if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add dst address */
|
||||
return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR);
|
||||
if (sm->msg == SN_SCTP_ASCONF) {
|
||||
if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_dst)) /* DB clash */
|
||||
@ -1789,10 +1805,10 @@ ID_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, str
|
||||
if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_src)) /* DB clash */
|
||||
return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR);
|
||||
if (sm->msg == SN_SCTP_ASCONF) {
|
||||
if (AddSctpAssocGlobal(la, assoc)) /* DB clash */ //**** need to add src address
|
||||
if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add src address */
|
||||
return (SN_REPLY_ERROR);
|
||||
assoc->TableRegister |= SN_WAIT_TOGLOBAL; /* wait for toglobal ack */
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
assoc->state = (sm->msg == SN_SCTP_INIT) ? SN_INi : SN_INa;
|
||||
@ -1938,7 +1954,8 @@ UP_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, str
|
||||
case SCTP_DEL_IP_ADDRESS:
|
||||
RmGlobalIPAddresses(sm, assoc, direction);
|
||||
break;
|
||||
} /* fall through to default */
|
||||
}
|
||||
/* fall through to default */
|
||||
default:
|
||||
sctp_ResetTimeOut(la,assoc, SN_U_T(la));
|
||||
return (SN_NAT_PKT); /* forward packet */
|
||||
@ -2009,7 +2026,7 @@ CL_process(struct libalias *la, int direction,struct sctp_nat_assoc *assoc, stru
|
||||
*
|
||||
* @return pointer to association or NULL
|
||||
*/
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port)
|
||||
{
|
||||
u_int i;
|
||||
@ -2046,8 +2063,8 @@ FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr,
|
||||
*
|
||||
* @return pointer to association or NULL
|
||||
*/
|
||||
static struct sctp_nat_assoc*
|
||||
FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc)
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc)
|
||||
{
|
||||
u_int i;
|
||||
struct sctp_nat_assoc *assoc = NULL;
|
||||
@ -2093,7 +2110,7 @@ FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc)
|
||||
*
|
||||
* @return pointer to association or NULL
|
||||
*/
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match)
|
||||
{
|
||||
u_int i;
|
||||
@ -2134,7 +2151,7 @@ FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint
|
||||
*
|
||||
* @return pointer to association or NULL
|
||||
*/
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port)
|
||||
{
|
||||
u_int i;
|
||||
@ -2152,7 +2169,8 @@ FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint
|
||||
return (assoc); /* full match */
|
||||
}
|
||||
} else {
|
||||
if (++cnt > 1) return (NULL);
|
||||
if (++cnt > 1)
|
||||
return (NULL);
|
||||
lastmatch = assoc;
|
||||
}
|
||||
}
|
||||
@ -2176,7 +2194,7 @@ FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint
|
||||
*
|
||||
* @return pointer to association or NULL
|
||||
*/
|
||||
static struct sctp_nat_assoc*
|
||||
static struct sctp_nat_assoc *
|
||||
FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port)
|
||||
{
|
||||
u_int i;
|
||||
@ -2282,8 +2300,9 @@ AddSctpAssocGlobal(struct libalias *la, struct sctp_nat_assoc *assoc)
|
||||
LIBALIAS_LOCK_ASSERT(la);
|
||||
found = FindSctpGlobalClash(la, assoc);
|
||||
if (found != NULL) {
|
||||
if ((found->TableRegister == SN_GLOBAL_TBL) && \
|
||||
(found->l_addr.s_addr == assoc->l_addr.s_addr) && (found->l_port == assoc->l_port)) { /* resent message */
|
||||
if ((found->TableRegister == SN_GLOBAL_TBL) &&
|
||||
(found->l_addr.s_addr == assoc->l_addr.s_addr) &&
|
||||
(found->l_port == assoc->l_port)) { /* resent message */
|
||||
RmSctpAssoc(la, found);
|
||||
sctp_RmTimeOut(la, found);
|
||||
freeGlobalAddressList(found);
|
||||
@ -2515,7 +2534,7 @@ sctp_CheckTimers(struct libalias *la)
|
||||
* @param direction Direction of packet
|
||||
*/
|
||||
static void
|
||||
logsctperror(char* errormsg, uint32_t vtag, int error, int direction)
|
||||
logsctperror(char *errormsg, uint32_t vtag, int error, int direction)
|
||||
{
|
||||
char dir;
|
||||
switch (direction) {
|
||||
@ -2590,7 +2609,7 @@ logsctpparse(int direction, struct sctp_nat_msg *sm)
|
||||
* @param assoc pointer to sctp association
|
||||
* @param s Character that indicates the state of processing for this packet
|
||||
*/
|
||||
static void logsctpassoc(struct sctp_nat_assoc *assoc, char* s)
|
||||
static void logsctpassoc(struct sctp_nat_assoc *assoc, char *s)
|
||||
{
|
||||
struct sctp_GlobalAddress *G_Addr = NULL;
|
||||
char *sp;
|
||||
@ -2642,7 +2661,7 @@ static void logSctpGlobal(struct libalias *la)
|
||||
struct sctp_nat_assoc *assoc = NULL;
|
||||
|
||||
SctpAliasLog("G->\n");
|
||||
for (i=0; i < la->sctpNatTableSize; i++) {
|
||||
for (i = 0; i < la->sctpNatTableSize; i++) {
|
||||
LIST_FOREACH(assoc, &la->sctpTableGlobal[i], list_G) {
|
||||
logsctpassoc(assoc, " ");
|
||||
}
|
||||
@ -2660,7 +2679,7 @@ static void logSctpLocal(struct libalias *la)
|
||||
struct sctp_nat_assoc *assoc = NULL;
|
||||
|
||||
SctpAliasLog("L->\n");
|
||||
for (i=0; i < la->sctpNatTableSize; i++) {
|
||||
for (i = 0; i < la->sctpNatTableSize; i++) {
|
||||
LIST_FOREACH(assoc, &la->sctpTableLocal[i], list_L) {
|
||||
logsctpassoc(assoc, " ");
|
||||
}
|
||||
@ -2679,7 +2698,7 @@ static void logTimerQ(struct libalias *la)
|
||||
struct sctp_nat_assoc *assoc = NULL;
|
||||
|
||||
SctpAliasLog("t->\n");
|
||||
for (i=0; i < SN_TIMER_QUEUE_SIZE; i++) {
|
||||
for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) {
|
||||
LIST_FOREACH(assoc, &la->sctpNatTimer.TimerQ[i], timer_Q) {
|
||||
snprintf(buf, 50, " l=%u ",i);
|
||||
//SctpAliasLog(la->logDesc," l=%d ",i);
|
||||
@ -2705,8 +2724,7 @@ SctpAliasLog(const char *format, ...)
|
||||
va_start(ap, format);
|
||||
vsnprintf(buffer, LIBALIAS_BUF_SIZE, format, ap);
|
||||
va_end(ap);
|
||||
log(LOG_SECURITY | LOG_INFO,
|
||||
"alias_sctp: %s", buffer);
|
||||
log(LOG_SECURITY | LOG_INFO, "alias_sctp: %s", buffer);
|
||||
}
|
||||
#else
|
||||
static void
|
||||
|
@ -27,7 +27,7 @@
|
||||
*/
|
||||
|
||||
/*
|
||||
* Alias_sctp forms part of the libalias kernel module to handle
|
||||
* Alias_sctp forms part of the libalias kernel module to handle
|
||||
* Network Address Translation (NAT) for the SCTP protocol.
|
||||
*
|
||||
* This software was developed by David A. Hayes
|
||||
@ -40,7 +40,7 @@
|
||||
* proposed by Jason But and Grenville Armitage:
|
||||
* http://caia.swin.edu.au/urp/sonata/
|
||||
*
|
||||
*
|
||||
*
|
||||
* This project has been made possible in part by a grant from
|
||||
* the Cisco University Research Program Fund at Community
|
||||
* Foundation Silicon Valley.
|
||||
@ -53,7 +53,7 @@
|
||||
#define _ALIAS_SCTP_H_
|
||||
|
||||
#include <sys/param.h>
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
#include <sys/malloc.h>
|
||||
#include <sys/module.h>
|
||||
#include <sys/kernel.h>
|
||||
@ -61,7 +61,7 @@
|
||||
#include <sys/uio.h>
|
||||
#include <sys/socketvar.h>
|
||||
#include <sys/syslog.h>
|
||||
#endif // #ifdef _KERNEL
|
||||
#endif // #ifdef _KERNEL
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <sys/queue.h>
|
||||
@ -75,7 +75,7 @@
|
||||
/**
|
||||
* These are defined in sctp_os_bsd.h, but it can't be included due to its local file
|
||||
* inclusion, so I'm defining them here.
|
||||
*
|
||||
*
|
||||
*/
|
||||
#include <machine/cpufunc.h>
|
||||
/* The packed define for 64 bit platforms */
|
||||
@ -128,18 +128,18 @@ struct sctp_nat_assoc {
|
||||
uint16_t l_port; /**< local side port number */
|
||||
uint32_t g_vtag; /**< global side verification tag */
|
||||
uint16_t g_port; /**< global side port number */
|
||||
struct in_addr l_addr; /**< local ip address */
|
||||
struct in_addr a_addr; /**< alias ip address */
|
||||
struct in_addr l_addr; /**< local ip address */
|
||||
struct in_addr a_addr; /**< alias ip address */
|
||||
int state; /**< current state of NAT association */
|
||||
int TableRegister; /**< stores which look up tables association is registered in */
|
||||
int exp; /**< timer expiration in seconds from uptime */
|
||||
int exp_loc; /**< current location in timer_Q */
|
||||
int num_Gaddr; /**< number of global IP addresses in the list */
|
||||
int num_Gaddr; /**< number of global IP addresses in the list */
|
||||
LIST_HEAD(sctpGlobalAddresshead,sctp_GlobalAddress) Gaddr; /**< List of global addresses */
|
||||
LIST_ENTRY (sctp_nat_assoc) list_L; /**< Linked list of pointers for Local table*/
|
||||
LIST_ENTRY (sctp_nat_assoc) list_G; /**< Linked list of pointers for Global table */
|
||||
LIST_ENTRY (sctp_nat_assoc) timer_Q; /**< Linked list of pointers for timer Q */
|
||||
//Using libalias locking
|
||||
//Using libalias locking
|
||||
};
|
||||
|
||||
struct sctp_GlobalAddress {
|
||||
@ -153,14 +153,14 @@ struct sctp_GlobalAddress {
|
||||
* The only chunks whose contents are of any interest are the INIT and ASCONF_AddIP
|
||||
*/
|
||||
union sctpChunkOfInt {
|
||||
struct sctp_init *Init; /**< Pointer to Init Chunk */
|
||||
struct sctp_init *Init; /**< Pointer to Init Chunk */
|
||||
struct sctp_init_ack *InitAck; /**< Pointer to Init Chunk */
|
||||
struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */
|
||||
struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */
|
||||
};
|
||||
|
||||
/**
|
||||
* @brief SCTP message
|
||||
*
|
||||
*
|
||||
* Structure containing the relevant information from the SCTP message
|
||||
*/
|
||||
struct sctp_nat_msg {
|
||||
@ -177,7 +177,7 @@ struct sctp_nat_msg {
|
||||
|
||||
/**
|
||||
* @brief sctp nat timer queue structure
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
struct sctp_nat_timer {
|
||||
|
@ -61,7 +61,6 @@ AliasHandleSkinny(struct libalias *, struct ip *, struct alias_link *);
|
||||
static int
|
||||
fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
|
||||
return (-1);
|
||||
if (la->skinnyPort != 0 && (ntohs(*ah->sport) == la->skinnyPort ||
|
||||
@ -73,8 +72,7 @@ fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
AliasHandleSkinny(la, pip, ah->lnk);
|
||||
AliasHandleSkinny(la, pip, ah->lnk);
|
||||
return (0);
|
||||
}
|
||||
|
||||
@ -116,7 +114,7 @@ moduledata_t alias_mod = {
|
||||
"alias_skinny", mod_handler, NULL
|
||||
};
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
DECLARE_MODULE(alias_skinny, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
|
||||
MODULE_VERSION(alias_skinny, 1);
|
||||
MODULE_DEPEND(alias_skinny, libalias, 1, 1, 1);
|
||||
@ -153,10 +151,10 @@ MODULE_DEPEND(alias_skinny, libalias, 1, 1, 1);
|
||||
/* #define LIBALIAS_DEBUG 1 */
|
||||
|
||||
/* Message types that need translating */
|
||||
#define REG_MSG 0x00000001
|
||||
#define IP_PORT_MSG 0x00000002
|
||||
#define OPNRCVCH_ACK 0x00000022
|
||||
#define START_MEDIATX 0x0000008a
|
||||
#define REG_MSG 0x00000001
|
||||
#define IP_PORT_MSG 0x00000002
|
||||
#define OPNRCVCH_ACK 0x00000022
|
||||
#define START_MEDIATX 0x0000008a
|
||||
|
||||
struct skinny_header {
|
||||
u_int32_t len;
|
||||
@ -214,7 +212,7 @@ alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip,
|
||||
{
|
||||
(void)direction;
|
||||
|
||||
reg_msg->ipAddr = (u_int32_t) GetAliasAddress(lnk).s_addr;
|
||||
reg_msg->ipAddr = (u_int32_t)GetAliasAddress(lnk).s_addr;
|
||||
|
||||
tc->th_sum = 0;
|
||||
#ifdef _KERNEL
|
||||
@ -257,7 +255,7 @@ alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
|
||||
{
|
||||
(void)direction;
|
||||
|
||||
port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(lnk));
|
||||
port_msg->stationIpPort = (u_int32_t)ntohs(GetAliasPort(lnk));
|
||||
|
||||
tc->th_sum = 0;
|
||||
#ifdef _KERNEL
|
||||
@ -281,15 +279,15 @@ alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opn
|
||||
(void)lnk;
|
||||
(void)direction;
|
||||
|
||||
*localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
|
||||
*localIpAddr = (u_int32_t)opnrcvch_ack->ipAddr;
|
||||
localPort = opnrcvch_ack->port;
|
||||
|
||||
null_addr.s_addr = INADDR_ANY;
|
||||
opnrcv_lnk = FindUdpTcpOut(la, pip->ip_src, null_addr,
|
||||
htons((u_short) opnrcvch_ack->port), 0,
|
||||
IPPROTO_UDP, 1);
|
||||
opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_lnk).s_addr;
|
||||
opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_lnk));
|
||||
opnrcvch_ack->ipAddr = (u_int32_t)GetAliasAddress(opnrcv_lnk).s_addr;
|
||||
opnrcvch_ack->port = (u_int32_t)ntohs(GetAliasPort(opnrcv_lnk));
|
||||
|
||||
tc->th_sum = 0;
|
||||
#ifdef _KERNEL
|
||||
@ -323,11 +321,11 @@ AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *lnk)
|
||||
* handle the scenario where the call manager is on the inside, and
|
||||
* the calling phone is on the global outside.
|
||||
*/
|
||||
if (ntohs(tc->th_dport) == la->skinnyPort) {
|
||||
if (ntohs(tc->th_dport) == la->skinnyPort)
|
||||
direction = ClientToServer;
|
||||
} else if (ntohs(tc->th_sport) == la->skinnyPort) {
|
||||
else if (ntohs(tc->th_sport) == la->skinnyPort)
|
||||
direction = ServerToClient;
|
||||
} else {
|
||||
else {
|
||||
#ifdef LIBALIAS_DEBUG
|
||||
fprintf(stderr,
|
||||
"PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");
|
||||
|
@ -131,14 +131,13 @@ __FBSDID("$FreeBSD$");
|
||||
#define TFTP_PORT_NUMBER 69
|
||||
|
||||
static void
|
||||
AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *,
|
||||
int maxpacketsize);
|
||||
AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *,
|
||||
int maxpacketsize);
|
||||
static int
|
||||
fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ah->dport != NULL && ah->aport != NULL && ah->sport != NULL &&
|
||||
ntohs(*ah->dport) == TFTP_PORT_NUMBER)
|
||||
ntohs(*ah->dport) == TFTP_PORT_NUMBER)
|
||||
return (0);
|
||||
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
|
||||
ah->maxpktsize == 0)
|
||||
@ -154,11 +153,10 @@ fingerprint(struct libalias *la, struct alias_data *ah)
|
||||
static int
|
||||
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
|
||||
{
|
||||
|
||||
if (ntohs(*ah->dport) == TFTP_PORT_NUMBER)
|
||||
FindRtspOut(la, pip->ip_src, pip->ip_dst,
|
||||
*ah->sport, *ah->aport, IPPROTO_UDP);
|
||||
else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize);
|
||||
*ah->sport, *ah->aport, IPPROTO_UDP);
|
||||
else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize);
|
||||
return (0);
|
||||
}
|
||||
|
||||
@ -200,15 +198,15 @@ moduledata_t alias_mod = {
|
||||
"alias_smedia", mod_handler, NULL
|
||||
};
|
||||
|
||||
#ifdef _KERNEL
|
||||
#ifdef _KERNEL
|
||||
DECLARE_MODULE(alias_smedia, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
|
||||
MODULE_VERSION(alias_smedia, 1);
|
||||
MODULE_DEPEND(alias_smedia, libalias, 1, 1, 1);
|
||||
#endif
|
||||
|
||||
#define RTSP_CONTROL_PORT_NUMBER_1 554
|
||||
#define RTSP_CONTROL_PORT_NUMBER_2 7070
|
||||
#define RTSP_PORT_GROUP 2
|
||||
#define RTSP_CONTROL_PORT_NUMBER_1 554
|
||||
#define RTSP_CONTROL_PORT_NUMBER_2 7070
|
||||
#define RTSP_PORT_GROUP 2
|
||||
|
||||
#define ISDIGIT(a) (((a) >= '0') && ((a) <= '9'))
|
||||
|
||||
@ -222,12 +220,10 @@ search_string(char *data, int dlen, const char *search_str)
|
||||
for (i = 0; i < dlen - search_str_len; i++) {
|
||||
for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
|
||||
if (data[j] != search_str[k] &&
|
||||
data[j] != search_str[k] - ('a' - 'A')) {
|
||||
data[j] != search_str[k] - ('a' - 'A'))
|
||||
break;
|
||||
}
|
||||
if (k == search_str_len - 1) {
|
||||
if (k == search_str_len - 1)
|
||||
return (j + 1);
|
||||
}
|
||||
}
|
||||
}
|
||||
return (-1);
|
||||
@ -259,9 +255,9 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
|
||||
|
||||
/* Find keyword, "Transport: " */
|
||||
pos = search_string(data, dlen, transport_str);
|
||||
if (pos < 0) {
|
||||
if (pos < 0)
|
||||
return (-1);
|
||||
}
|
||||
|
||||
port_data = data + pos;
|
||||
port_dlen = dlen - pos;
|
||||
|
||||
@ -271,9 +267,9 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
|
||||
while (port_dlen > (int)strlen(port_str)) {
|
||||
/* Find keyword, appropriate port string */
|
||||
pos = search_string(port_data, port_dlen, port_str);
|
||||
if (pos < 0) {
|
||||
if (pos < 0)
|
||||
break;
|
||||
}
|
||||
|
||||
memcpy(port_newdata, port_data, pos + 1);
|
||||
port_newdata += (pos + 1);
|
||||
|
||||
@ -283,28 +279,22 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
|
||||
for (i = pos; i < port_dlen; i++) {
|
||||
switch (state) {
|
||||
case 0:
|
||||
if (port_data[i] == '=') {
|
||||
if (port_data[i] == '=')
|
||||
state++;
|
||||
}
|
||||
break;
|
||||
case 1:
|
||||
if (ISDIGIT(port_data[i])) {
|
||||
if (ISDIGIT(port_data[i]))
|
||||
p[0] = p[0] * 10 + port_data[i] - '0';
|
||||
} else {
|
||||
if (port_data[i] == ';') {
|
||||
state = 3;
|
||||
}
|
||||
if (port_data[i] == '-') {
|
||||
state++;
|
||||
}
|
||||
}
|
||||
else if (port_data[i] == ';')
|
||||
state = 3;
|
||||
else if (port_data[i] == '-')
|
||||
state++;
|
||||
break;
|
||||
case 2:
|
||||
if (ISDIGIT(port_data[i])) {
|
||||
if (ISDIGIT(port_data[i]))
|
||||
p[1] = p[1] * 10 + port_data[i] - '0';
|
||||
} else {
|
||||
else
|
||||
state++;
|
||||
}
|
||||
break;
|
||||
case 3:
|
||||
base_port = p[0];
|
||||
@ -409,10 +399,7 @@ alias_rtsp_out(struct libalias *la, struct ip *pip,
|
||||
tc->th_seq, tc->th_off);
|
||||
|
||||
new_len = htons(hlen + new_dlen);
|
||||
DifferentialChecksum(&pip->ip_sum,
|
||||
&new_len,
|
||||
&pip->ip_len,
|
||||
1);
|
||||
DifferentialChecksum(&pip->ip_sum, &new_len, &pip->ip_len, 1);
|
||||
pip->ip_len = new_len;
|
||||
|
||||
tc->th_sum = 0;
|
||||
@ -445,10 +432,9 @@ alias_pna_out(struct libalias *la, struct ip *pip,
|
||||
work += 2;
|
||||
memcpy(&msg_len, work, 2);
|
||||
work += 2;
|
||||
if (ntohs(msg_id) == 0) {
|
||||
/* end of options */
|
||||
if (ntohs(msg_id) == 0) /* end of options */
|
||||
return (0);
|
||||
}
|
||||
|
||||
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
|
||||
memcpy(&port, work, 2);
|
||||
pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(lnk),
|
||||
@ -501,17 +487,15 @@ AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *lnk,
|
||||
/* When aliasing a client, check for the SETUP request */
|
||||
if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
|
||||
(ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
|
||||
if (dlen >= (int)strlen(setup)) {
|
||||
if (memcmp(data, setup, strlen(setup)) == 0) {
|
||||
alias_rtsp_out(la, pip, lnk, data, client_port_str);
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (dlen >= (int)strlen(pna)) {
|
||||
if (memcmp(data, pna, strlen(pna)) == 0) {
|
||||
alias_pna_out(la, pip, lnk, data, dlen);
|
||||
}
|
||||
if (dlen >= (int)strlen(setup) &&
|
||||
memcmp(data, setup, strlen(setup)) == 0) {
|
||||
alias_rtsp_out(la, pip, lnk, data, client_port_str);
|
||||
return;
|
||||
}
|
||||
|
||||
if (dlen >= (int)strlen(pna) &&
|
||||
memcmp(data, pna, strlen(pna)) == 0)
|
||||
alias_pna_out(la, pip, lnk, data, dlen);
|
||||
} else {
|
||||
/*
|
||||
* When aliasing a server, check for the 200 reply
|
||||
@ -521,21 +505,20 @@ AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *lnk,
|
||||
if (dlen >= (int)strlen(str200)) {
|
||||
for (parseOk = 0, i = 0;
|
||||
i <= dlen - (int)strlen(str200);
|
||||
i++) {
|
||||
i++)
|
||||
if (memcmp(&data[i], str200, strlen(str200)) == 0) {
|
||||
parseOk = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (parseOk) {
|
||||
i += strlen(str200); /* skip string found */
|
||||
while (data[i] == ' ') /* skip blank(s) */
|
||||
i++;
|
||||
|
||||
if ((dlen - i) >= (int)strlen(okstr)) {
|
||||
if ((dlen - i) >= (int)strlen(okstr))
|
||||
if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
|
||||
alias_rtsp_out(la, pip, lnk, data, server_port_str);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -72,8 +72,8 @@ __FBSDID("$FreeBSD$");
|
||||
* purposes);
|
||||
*/
|
||||
u_short
|
||||
LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr,
|
||||
int nbytes)
|
||||
LibAliasInternetChecksum(struct libalias *la __unused, u_short *ptr,
|
||||
int nbytes)
|
||||
{
|
||||
int sum, oddbyte;
|
||||
|
||||
@ -85,8 +85,8 @@ LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr,
|
||||
}
|
||||
if (nbytes == 1) {
|
||||
oddbyte = 0;
|
||||
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
|
||||
((u_char *) & oddbyte)[1] = 0;
|
||||
((u_char *)&oddbyte)[0] = *(u_char *)ptr;
|
||||
((u_char *)&oddbyte)[1] = 0;
|
||||
sum += oddbyte;
|
||||
}
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
@ -95,11 +95,11 @@ LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr,
|
||||
return (~sum);
|
||||
}
|
||||
|
||||
#ifndef _KERNEL
|
||||
#ifndef _KERNEL
|
||||
u_short
|
||||
IpChecksum(struct ip *pip)
|
||||
{
|
||||
return (LibAliasInternetChecksum(NULL, (u_short *) pip,
|
||||
return (LibAliasInternetChecksum(NULL, (u_short *)pip,
|
||||
(pip->ip_hl << 2)));
|
||||
|
||||
}
|
||||
@ -116,7 +116,7 @@ TcpChecksum(struct ip *pip)
|
||||
ntcp = ntohs(pip->ip_len) - nhdr;
|
||||
|
||||
tc = (struct tcphdr *)ip_next(pip);
|
||||
ptr = (u_short *) tc;
|
||||
ptr = (u_short *)tc;
|
||||
|
||||
/* Add up TCP header and data */
|
||||
nbytes = ntcp;
|
||||
@ -127,8 +127,8 @@ TcpChecksum(struct ip *pip)
|
||||
}
|
||||
if (nbytes == 1) {
|
||||
oddbyte = 0;
|
||||
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
|
||||
((u_char *) & oddbyte)[1] = 0;
|
||||
((u_char *)&oddbyte)[0] = *(u_char *)ptr;
|
||||
((u_char *)&oddbyte)[1] = 0;
|
||||
sum += oddbyte;
|
||||
}
|
||||
/* "Pseudo-header" data */
|
||||
@ -138,20 +138,20 @@ TcpChecksum(struct ip *pip)
|
||||
ptr = (void *)&pip->ip_src;
|
||||
sum += *ptr++;
|
||||
sum += *ptr;
|
||||
sum += htons((u_short) ntcp);
|
||||
sum += htons((u_short) pip->ip_p);
|
||||
sum += htons((u_short)ntcp);
|
||||
sum += htons((u_short)pip->ip_p);
|
||||
|
||||
/* Roll over carry bits */
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
|
||||
/* Return checksum */
|
||||
return ((u_short) ~ sum);
|
||||
return ((u_short)~sum);
|
||||
}
|
||||
#endif /* not _KERNEL */
|
||||
|
||||
void
|
||||
DifferentialChecksum(u_short * cksum, void *newp, void *oldp, int n)
|
||||
DifferentialChecksum(u_short *cksum, void *newp, void *oldp, int n)
|
||||
{
|
||||
int i;
|
||||
int accumulate;
|
||||
@ -168,10 +168,10 @@ DifferentialChecksum(u_short * cksum, void *newp, void *oldp, int n)
|
||||
accumulate = -accumulate;
|
||||
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
|
||||
accumulate += accumulate >> 16;
|
||||
*cksum = (u_short) ~ accumulate;
|
||||
*cksum = (u_short)~accumulate;
|
||||
} else {
|
||||
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
|
||||
accumulate += accumulate >> 16;
|
||||
*cksum = (u_short) accumulate;
|
||||
*cksum = (u_short)accumulate;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user