d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Run through indent(1) so I can read the code without getting a headache.

Browse Source 
The result isn't quite knf, but it's knfer than the original, and far
more consistent.
This commit is contained in:
Dag-Erling Smørgrav 2004-03-16 21:30:41 +00:00
parent f02660b050
commit f0f93429cf
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=127094
28 changed files with 9898 additions and 10066 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1859
lib/libalias/alias.c
View File

File diff suppressed because it is too large Load Diff

126
lib/libalias/alias.h
View File

@ -47,11 +47,11 @@
* PacketAlias*() the old API which doesn't take an instance pointer
* and therefore can only have one packet engine at a time.
*
* LibAlias*() the new API which takes as first argument a pointer to
* LibAlias*() the new API which takes as first argument a pointer to
* the instance of the packet aliasing engine.
*
* The functions otherwise correspond to each other one for one, except
* for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
* for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
* were misnamed in the old API.
*/
@ -66,107 +66,109 @@ struct libalias;
* PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
* and freed by PacketAliasRedirectDelete().
*/
struct alias_link;
struct alias_link;
/* OLD API */
/* Initialization and control functions. */
void PacketAliasInit(void);
void PacketAliasSetAddress(struct in_addr _addr);
void PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
void PacketAliasSetSkinnyPort(unsigned int _port);
void PacketAliasInit(void);
void PacketAliasSetAddress(struct in_addr _addr);
void PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
void PacketAliasSetSkinnyPort(unsigned int _port);
unsigned int
PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
void PacketAliasUninit(void);
PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
void PacketAliasUninit(void);
/* Packet Handling functions. */
int PacketAliasIn(char *_ptr, int _maxpacketsize);
int PacketAliasOut(char *_ptr, int _maxpacketsize);
int PacketUnaliasOut(char *_ptr, int _maxpacketsize);
int PacketAliasIn(char *_ptr, int _maxpacketsize);
int PacketAliasOut(char *_ptr, int _maxpacketsize);
int PacketUnaliasOut(char *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
int PacketAliasAddServer(struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
int
PacketAliasAddServer(struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
struct alias_link *
PacketAliasRedirectAddr(struct in_addr _src_addr,
struct in_addr _alias_addr);
int PacketAliasRedirectDynamic(struct alias_link *_link);
void PacketAliasRedirectDelete(struct alias_link *_link);
PacketAliasRedirectAddr(struct in_addr _src_addr,
struct in_addr _alias_addr);
int PacketAliasRedirectDynamic(struct alias_link *_link);
void PacketAliasRedirectDelete(struct alias_link *_link);
struct alias_link *
PacketAliasRedirectPort(struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
PacketAliasRedirectPort(struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
struct alias_link *
PacketAliasRedirectProto(struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
PacketAliasRedirectProto(struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
/* Fragment Handling functions. */
void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
char *PacketAliasGetFragment(char *_ptr);
int PacketAliasSaveFragment(char *_ptr);
void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
char *PacketAliasGetFragment(char *_ptr);
int PacketAliasSaveFragment(char *_ptr);
/* Miscellaneous functions. */
int PacketAliasCheckNewLink(void);
int PacketAliasCheckNewLink(void);
unsigned short
PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
void PacketAliasSetTarget(struct in_addr _target_addr);
PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
void PacketAliasSetTarget(struct in_addr _target_addr);
/* Transparent proxying routines. */
int PacketAliasProxyRule(const char *_cmd);
int PacketAliasProxyRule(const char *_cmd);
/* NEW API */
/* Initialization and control functions. */
struct libalias *LibAliasInit(struct libalias *);
void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
struct libalias *LibAliasInit(struct libalias *);
void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
unsigned int
LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
void LibAliasUninit(struct libalias *);
LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
void LibAliasUninit(struct libalias *);
/* Packet Handling functions. */
int LibAliasIn(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
int LibAliasAddServer(struct libalias *, struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
int
LibAliasAddServer(struct libalias *, struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
struct alias_link *
LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
struct in_addr _alias_addr);
int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
struct in_addr _alias_addr);
int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
struct alias_link *
LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
struct alias_link *
LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
/* Fragment Handling functions. */
void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
char *LibAliasGetFragment(struct libalias *, char *_ptr);
int LibAliasSaveFragment(struct libalias *, char *_ptr);
void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
char *LibAliasGetFragment(struct libalias *, char *_ptr);
int LibAliasSaveFragment(struct libalias *, char *_ptr);
/* Miscellaneous functions. */
int LibAliasCheckNewLink(struct libalias *);
int LibAliasCheckNewLink(struct libalias *);
unsigned short
LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
/* Transparent proxying routines. */
int LibAliasProxyRule(struct libalias *, const char *_cmd);
int LibAliasProxyRule(struct libalias *, const char *_cmd);
/*
@ -257,6 +259,6 @@ int LibAliasProxyRule(struct libalias *, const char *_cmd);
#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3
#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4
#endif /* !_ALIAS_H_ */
#endif /* !_ALIAS_H_ */
/* lint -restore */

107
lib/libalias/alias_cuseeme.c
View File

@ -40,83 +40,84 @@ __FBSDID("$FreeBSD$");
/* CU-SeeMe Data Header */
struct cu_header {
u_int16_t dest_family;
u_int16_t dest_port;
u_int32_t dest_addr;
int16_t family;
u_int16_t port;
u_int32_t addr;
u_int32_t seq;
u_int16_t msg;
u_int16_t data_type;
u_int16_t packet_len;
u_int16_t dest_family;
u_int16_t dest_port;
u_int32_t dest_addr;
int16_t family;
u_int16_t port;
u_int32_t addr;
u_int32_t seq;
u_int16_t msg;
u_int16_t data_type;
u_int16_t packet_len;
};
/* Open Continue Header */
struct oc_header {
u_int16_t client_count; /* Number of client info structs */
u_int32_t seq_no;
char user_name[20];
char reserved[4]; /* flags, version stuff, etc */
u_int16_t client_count; /* Number of client info structs */
u_int32_t seq_no;
char user_name [20];
char reserved [4]; /* flags, version stuff, etc */
};
/* client info structures */
struct client_info {
u_int32_t address; /* Client address */
char reserved[8]; /* Flags, pruning bitfield, packet counts etc */
u_int32_t address;/* Client address */
char reserved [8]; /* Flags, pruning bitfield, packet
* counts etc */
};
void
AliasHandleCUSeeMeOut(struct libalias *la, struct ip *pip, struct alias_link *link)
{
struct udphdr *ud;
struct udphdr *ud;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) {
struct cu_header *cu;
struct alias_link *cu_link;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) {
struct cu_header *cu;
struct alias_link *cu_link;
cu = (struct cu_header *)(ud + 1);
if (cu->addr)
cu->addr = (u_int32_t)GetAliasAddress(link).s_addr;
cu = (struct cu_header *)(ud + 1);
if (cu->addr)
cu->addr = (u_int32_t) GetAliasAddress(link).s_addr;
cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
ud->uh_dport, 0, IPPROTO_UDP, 1);
cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
ud->uh_dport, 0, IPPROTO_UDP, 1);
#ifndef NO_FW_PUNCH
if (cu_link)
PunchFWHole(cu_link);
if (cu_link)
PunchFWHole(cu_link);
#endif
}
}
}
void
AliasHandleCUSeeMeIn(struct libalias *la, struct ip *pip, struct in_addr original_addr)
{
struct in_addr alias_addr;
struct udphdr *ud;
struct cu_header *cu;
struct oc_header *oc;
struct client_info *ci;
char *end;
int i;
struct in_addr alias_addr;
struct udphdr *ud;
struct cu_header *cu;
struct oc_header *oc;
struct client_info *ci;
char *end;
int i;
alias_addr.s_addr = pip->ip_dst.s_addr;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
cu = (struct cu_header *)(ud + 1);
oc = (struct oc_header *)(cu + 1);
ci = (struct client_info *)(oc + 1);
end = (char *)ud + ntohs(ud->uh_ulen);
alias_addr.s_addr = pip->ip_dst.s_addr;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
cu = (struct cu_header *)(ud + 1);
oc = (struct oc_header *)(cu + 1);
ci = (struct client_info *)(oc + 1);
end = (char *)ud + ntohs(ud->uh_ulen);
if ((char *)oc <= end) {
if(cu->dest_addr)
cu->dest_addr = (u_int32_t)original_addr.s_addr;
if(ntohs(cu->data_type) == 101)
/* Find and change our address */
for(i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++)
if(ci->address == (u_int32_t)alias_addr.s_addr) {
ci->address = (u_int32_t)original_addr.s_addr;
break;
}
}
if ((char *)oc <= end) {
if (cu->dest_addr)
cu->dest_addr = (u_int32_t) original_addr.s_addr;
if (ntohs(cu->data_type) == 101)
/* Find and change our address */
for (i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++)
if (ci->address == (u_int32_t) alias_addr.s_addr) {
ci->address = (u_int32_t) original_addr.s_addr;
break;
}
}
}

3118
lib/libalias/alias_db.c
View File

File diff suppressed because it is too large Load Diff

870
lib/libalias/alias_ftp.c
View File

@ -87,495 +87,589 @@ __FBSDID("$FreeBSD$");
#define WAIT_CRLF 0x01
enum ftp_message_type {
FTP_PORT_COMMAND,
FTP_EPRT_COMMAND,
FTP_227_REPLY,
FTP_229_REPLY,
FTP_UNKNOWN_MESSAGE
FTP_PORT_COMMAND,
FTP_EPRT_COMMAND,
FTP_227_REPLY,
FTP_229_REPLY,
FTP_UNKNOWN_MESSAGE
};
static int ParseFtpPortCommand(struct libalias *la, char *, int);
static int ParseFtpEprtCommand(struct libalias *la, char *, int);
static int ParseFtp227Reply(struct libalias *la, char *, int);
static int ParseFtp229Reply(struct libalias *la, char *, int);
static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
static int ParseFtpPortCommand(struct libalias *la, char *, int);
static int ParseFtpEprtCommand(struct libalias *la, char *, int);
static int ParseFtp227Reply(struct libalias *la, char *, int);
static int ParseFtp229Reply(struct libalias *la, char *, int);
static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
void
AliasHandleFtpOut(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link, /* The link to go through (aliased port) */
int maxpacketsize /* The maximum size this packet can grow to (including headers) */)
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link, /* The link to go through (aliased port) */
int maxpacketsize /* The maximum size this packet can grow to
(including headers) */ )
{
int hlen, tlen, dlen, pflags;
char *sptr;
struct tcphdr *tc;
int ftp_message_type;
int hlen, tlen, dlen, pflags;
char *sptr;
struct tcphdr *tc;
int ftp_message_type;
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Place string pointer and beginning of data */
sptr = (char *) pip;
sptr += hlen;
sptr = (char *)pip;
sptr += hlen;
/*
* Check that data length is not too long and previous message was
* properly terminated with CRLF.
*/
pflags = GetProtocolFlags(link);
if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
ftp_message_type = FTP_UNKNOWN_MESSAGE;
pflags = GetProtocolFlags(link);
if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
ftp_message_type = FTP_UNKNOWN_MESSAGE;
if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
/*
* When aliasing a client, check for the PORT/EPRT command.
*/
if (ParseFtpPortCommand(la, sptr, dlen))
ftp_message_type = FTP_PORT_COMMAND;
else if (ParseFtpEprtCommand(la, sptr, dlen))
ftp_message_type = FTP_EPRT_COMMAND;
} else {
if (ParseFtpPortCommand(la, sptr, dlen))
ftp_message_type = FTP_PORT_COMMAND;
else if (ParseFtpEprtCommand(la, sptr, dlen))
ftp_message_type = FTP_EPRT_COMMAND;
} else {
/*
* When aliasing a server, check for the 227/229 reply.
*/
if (ParseFtp227Reply(la, sptr, dlen))
ftp_message_type = FTP_227_REPLY;
else if (ParseFtp229Reply(la, sptr, dlen)) {
ftp_message_type = FTP_229_REPLY;
la->true_addr.s_addr = pip->ip_src.s_addr;
}
if (ParseFtp227Reply(la, sptr, dlen))
ftp_message_type = FTP_227_REPLY;
else if (ParseFtp229Reply(la, sptr, dlen)) {
ftp_message_type = FTP_229_REPLY;
la->true_addr.s_addr = pip->ip_src.s_addr;
}
}
if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
}
if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
}
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
if (dlen) { /* only if there's data */
sptr = (char *) pip; /* start over at beginning */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */
if (sptr[tlen-2] == '\r' && sptr[tlen-1] == '\n')
pflags &= ~WAIT_CRLF;
else
pflags |= WAIT_CRLF;
SetProtocolFlags(link, pflags);
}
if (dlen) { /* only if there's data */
sptr = (char *)pip; /* start over at beginning */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
* have grown */
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
pflags &= ~WAIT_CRLF;
else
pflags |= WAIT_CRLF;
SetProtocolFlags(link, pflags);
}
}
static int
ParseFtpPortCommand(struct libalias *la, char *sptr, int dlen)
{
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
/* Format: "PORT A,D,D,R,PO,RT". */
/* Format: "PORT A,D,D,R,PO,RT". */
/* Return if data length is too short. */
if (dlen < 18)
return 0;
addr = port = octet = 0;
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -4: if (ch == 'P') state++; else return 0; break;
case -3: if (ch == 'O') state++; else return 0; break;
case -2: if (ch == 'R') state++; else return 0; break;
case -1: if (ch == 'T') state++; else return 0; break;
case 0:
if (isspace(ch))
break;
else
state++;
case 1: case 3: case 5: case 7: case 9: case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
/* Return if data length is too short. */
if (dlen < 18)
return 0;
break;
case 2: case 4: case 6: case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10: case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || state == 12) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
addr = port = octet = 0;
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -4:
if (ch == 'P')
state++;
else
return 0;
break;
case -3:
if (ch == 'O')
state++;
else
return 0;
break;
case -2:
if (ch == 'R')
state++;
else
return 0;
break;
case -1:
if (ch == 'T')
state++;
else
return 0;
break;
case 0:
if (isspace(ch))
break;
else
state++;
case 1:
case 3:
case 5:
case 7:
case 9:
case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 2:
case 4:
case 6:
case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10:
case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || state == 12) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
}
}
}
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
}
static int
ParseFtpEprtCommand(struct libalias *la, char *sptr, int dlen)
{
char ch, delim;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
char ch, delim;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
/* Format: "EPRT |1|A.D.D.R|PORT|". */
/* Format: "EPRT |1|A.D.D.R|PORT|". */
/* Return if data length is too short. */
if (dlen < 18)
return 0;
/* Return if data length is too short. */
if (dlen < 18)
return 0;
addr = port = octet = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state)
{
case -4: if (ch == 'E') state++; else return 0; break;
case -3: if (ch == 'P') state++; else return 0; break;
case -2: if (ch == 'R') state++; else return 0; break;
case -1: if (ch == 'T') state++; else return 0; break;
addr = port = octet = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -4:
if (ch == 'E')
state++;
else
return 0;
break;
case -3:
if (ch == 'P')
state++;
else
return 0;
break;
case -2:
if (ch == 'R')
state++;
else
return 0;
break;
case -1:
if (ch == 'T')
state++;
else
return 0;
break;
case 0:
if (!isspace(ch)) {
delim = ch;
state++;
}
break;
case 1:
if (ch == '1') /* IPv4 address */
state++;
else
return 0;
break;
case 2:
if (ch == delim)
state++;
else
return 0;
break;
case 3: case 5: case 7: case 9:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 4: case 6: case 8: case 10:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == '.' || state == 10) {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 11:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 12:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
case 0:
if (!isspace(ch)) {
delim = ch;
state++;
}
break;
case 1:
if (ch == '1') /* IPv4 address */
state++;
else
return 0;
break;
case 2:
if (ch == delim)
state++;
else
return 0;
break;
case 3:
case 5:
case 7:
case 9:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 4:
case 6:
case 8:
case 10:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == '.' || state == 10) {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 11:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 12:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
}
}
}
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
}
static int
ParseFtp227Reply(struct libalias *la, char *sptr, int dlen)
{
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
/* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */
/* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */
/* Return if data length is too short. */
if (dlen < 17)
return 0;
addr = port = octet = 0;
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state)
{
case -3: if (ch == '2') state++; else return 0; break;
case -2: if (ch == '2') state++; else return 0; break;
case -1: if (ch == '7') state++; else return 0; break;
case 0:
if (ch == '(')
state++;
break;
case 1: case 3: case 5: case 7: case 9: case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
/* Return if data length is too short. */
if (dlen < 17)
return 0;
break;
case 2: case 4: case 6: case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10: case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || (state == 12 && ch == ')')) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
addr = port = octet = 0;
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -3:
if (ch == '2')
state++;
else
return 0;
break;
case -2:
if (ch == '2')
state++;
else
return 0;
break;
case -1:
if (ch == '7')
state++;
else
return 0;
break;
case 0:
if (ch == '(')
state++;
break;
case 1:
case 3:
case 5:
case 7:
case 9:
case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 2:
case 4:
case 6:
case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10:
case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || (state == 12 && ch == ')')) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
}
}
}
if (state == 13) {
la->true_port = port;
la->true_addr.s_addr = htonl(addr);
return 1;
} else
return 0;
if (state == 13) {
la->true_port = port;
la->true_addr.s_addr = htonl(addr);
return 1;
} else
return 0;
}
static int
ParseFtp229Reply(struct libalias *la, char *sptr, int dlen)
{
char ch, delim;
int i, state;
u_short port;
char ch, delim;
int i, state;
u_short port;
/* Format: "229 Entering Extended Passive Mode (|||PORT|)" */
/* Format: "229 Entering Extended Passive Mode (|||PORT|)" */
/* Return if data length is too short. */
if (dlen < 11)
return 0;
port = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state)
{
case -3: if (ch == '2') state++; else return 0; break;
case -2: if (ch == '2') state++; else return 0; break;
case -1: if (ch == '9') state++; else return 0; break;
case 0:
if (ch == '(')
state++;
break;
case 1:
delim = ch;
state++;
break;
case 2: case 3:
if (ch == delim)
state++;
else
/* Return if data length is too short. */
if (dlen < 11)
return 0;
break;
case 4:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 5:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
case 6:
if (ch == ')')
state++;
else
return 0;
break;
port = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -3:
if (ch == '2')
state++;
else
return 0;
break;
case -2:
if (ch == '2')
state++;
else
return 0;
break;
case -1:
if (ch == '9')
state++;
else
return 0;
break;
case 0:
if (ch == '(')
state++;
break;
case 1:
delim = ch;
state++;
break;
case 2:
case 3:
if (ch == delim)
state++;
else
return 0;
break;
case 4:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 5:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
case 6:
if (ch == ')')
state++;
else
return 0;
break;
}
}
}
if (state == 7) {
la->true_port = port;
return 1;
} else
return 0;
if (state == 7) {
la->true_port = port;
return 1;
} else
return 0;
}
static void
NewFtpMessage(struct libalias *la, struct ip *pip,
struct alias_link *link,
int maxpacketsize,
int ftp_message_type)
struct alias_link *link,
int maxpacketsize,
int ftp_message_type)
{
struct alias_link *ftp_link;
struct alias_link *ftp_link;
/* Security checks. */
if (pip->ip_src.s_addr != la->true_addr.s_addr)
return;
if (pip->ip_src.s_addr != la->true_addr.s_addr)
return;
if (la->true_port < IPPORT_RESERVED)
return;
if (la->true_port < IPPORT_RESERVED)
return;
/* Establish link to address and port found in FTP control message. */
ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
htons(la->true_port), 0, IPPROTO_TCP, 1);
ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
htons(la->true_port), 0, IPPROTO_TCP, 1);
if (ftp_link != NULL)
{
int slen, hlen, tlen, dlen;
struct tcphdr *tc;
if (ftp_link != NULL) {
int slen, hlen, tlen, dlen;
struct tcphdr *tc;
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */
PunchFWHole(ftp_link);
/* Punch hole in firewall */
PunchFWHole(ftp_link);
#endif
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Create new FTP message. */
{
char stemp[MAX_MESSAGE_SIZE + 1];
char *sptr;
u_short alias_port;
u_char *ptr;
int a1, a2, a3, a4, p1, p2;
struct in_addr alias_address;
{
char stemp[MAX_MESSAGE_SIZE + 1];
char *sptr;
u_short alias_port;
u_char *ptr;
int a1, a2, a3, a4, p1, p2;
struct in_addr alias_address;
/* Decompose alias address into quad format */
alias_address = GetAliasAddress(link);
ptr = (u_char *) &alias_address.s_addr;
a1 = *ptr++; a2=*ptr++; a3=*ptr++; a4=*ptr;
alias_address = GetAliasAddress(link);
ptr = (u_char *) & alias_address.s_addr;
a1 = *ptr++;
a2 = *ptr++;
a3 = *ptr++;
a4 = *ptr;
alias_port = GetAliasPort(ftp_link);
alias_port = GetAliasPort(ftp_link);
switch (ftp_message_type)
{
case FTP_PORT_COMMAND:
case FTP_227_REPLY:
/* Decompose alias port into pair format. */
ptr = (char *) &alias_port;
p1 = *ptr++; p2=*ptr;
switch (ftp_message_type) {
case FTP_PORT_COMMAND:
case FTP_227_REPLY:
/* Decompose alias port into pair format. */
ptr = (char *)&alias_port;
p1 = *ptr++;
p2 = *ptr;
if (ftp_message_type == FTP_PORT_COMMAND) {
/* Generate PORT command string. */
sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
a1,a2,a3,a4,p1,p2);
} else {
/* Generate 227 reply string. */
sprintf(stemp,
"227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n",
a1,a2,a3,a4,p1,p2);
}
break;
case FTP_EPRT_COMMAND:
/* Generate EPRT command string. */
sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
a1,a2,a3,a4,ntohs(alias_port));
break;
case FTP_229_REPLY:
/* Generate 229 reply string. */
sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
ntohs(alias_port));
break;
}
if (ftp_message_type == FTP_PORT_COMMAND) {
/* Generate PORT command string. */
sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
a1, a2, a3, a4, p1, p2);
} else {
/* Generate 227 reply string. */
sprintf(stemp,
"227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n",
a1, a2, a3, a4, p1, p2);
}
break;
case FTP_EPRT_COMMAND:
/* Generate EPRT command string. */
sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
a1, a2, a3, a4, ntohs(alias_port));
break;
case FTP_229_REPLY:
/* Generate 229 reply string. */
sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
ntohs(alias_port));
break;
}
/* Save string length for IP header modification */
slen = strlen(stemp);
slen = strlen(stemp);
/* Copy modified buffer into IP packet. */
sptr = (char *) pip; sptr += hlen;
strncpy(sptr, stemp, maxpacketsize-hlen);
}
sptr = (char *)pip;
sptr += hlen;
strncpy(sptr, stemp, maxpacketsize - hlen);
}
/* Save information regarding modified seq and ack numbers */
{
int delta;
{
int delta;
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta+slen-dlen);
}
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + slen - dlen);
}
/* Revise IP header */
{
u_short new_len;
{
u_short new_len;
new_len = htons(hlen + slen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
new_len = htons(hlen + slen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
}
else
{
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
} else {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n");
fprintf(stderr,
"PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n");
#endif
}
}
}

512
lib/libalias/alias_irc.c
View File

@ -65,277 +65,305 @@ __FBSDID("$FreeBSD$");
void
AliasHandleIrcOut(struct libalias *la,
struct ip *pip, /* IP packet to examine */
struct alias_link *link, /* Which link are we on? */
int maxsize /* Maximum size of IP packet including headers */
)
AliasHandleIrcOut(struct libalias *la,
struct ip *pip, /* IP packet to examine */
struct alias_link *link, /* Which link are we on? */
int maxsize /* Maximum size of IP packet including
* headers */
)
{
int hlen, tlen, dlen;
struct in_addr true_addr;
u_short true_port;
char *sptr;
struct tcphdr *tc;
int i; /* Iterator through the source */
int hlen, tlen, dlen;
struct in_addr true_addr;
u_short true_port;
char *sptr;
struct tcphdr *tc;
int i; /* Iterator through the source */
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Return if data length is too short - assume an entire PRIVMSG in each packet. */
if (dlen<sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a")-1)
return;
/*
* Return if data length is too short - assume an entire PRIVMSG in
* each packet.
*/
if (dlen < sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a") - 1)
return;
/* Place string pointer at beginning of data */
sptr = (char *) pip;
sptr += hlen;
maxsize -= hlen; /* We're interested in maximum size of data, not packet */
sptr = (char *)pip;
sptr += hlen;
maxsize -= hlen; /* We're interested in maximum size of
* data, not packet */
/* Search for a CTCP command [Note 1] */
for( i=0; i<dlen; i++ ) {
if(sptr[i]=='\001')
goto lFOUND_CTCP;
}
return; /* No CTCP commands in */
/* Handle CTCP commands - the buffer may have to be copied */
/* Search for a CTCP command [Note 1] */
for (i = 0; i < dlen; i++) {
if (sptr[i] == '\001')
goto lFOUND_CTCP;
}
return; /* No CTCP commands in */
/* Handle CTCP commands - the buffer may have to be copied */
lFOUND_CTCP:
{
char newpacket[65536]; /* Estimate of maximum packet size :) */
int copyat = i; /* Same */
int iCopy = 0; /* How much data have we written to copy-back string? */
unsigned long org_addr; /* Original IP address */
unsigned short org_port; /* Original source port address */
lCTCP_START:
if( i >= dlen || iCopy >= sizeof(newpacket) )
goto lPACKET_DONE;
newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start character */
/* Start of a CTCP */
if( i+4 >= dlen ) /* Too short for DCC */
goto lBAD_CTCP;
if( sptr[i+0] != 'D' )
goto lBAD_CTCP;
if( sptr[i+1] != 'C' )
goto lBAD_CTCP;
if( sptr[i+2] != 'C' )
goto lBAD_CTCP;
if( sptr[i+3] != ' ' )
goto lBAD_CTCP;
/* We have a DCC command - handle it! */
i+= 4; /* Skip "DCC " */
if( iCopy+4 > sizeof(newpacket) )
goto lPACKET_DONE;
newpacket[iCopy++] = 'D';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = ' ';
{
char newpacket[65536]; /* Estimate of maximum packet size
* :) */
int copyat = i; /* Same */
int iCopy = 0; /* How much data have we written to
* copy-back string? */
unsigned long org_addr; /* Original IP address */
unsigned short org_port; /* Original source port
* address */
DBprintf(("Found DCC\n"));
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway */
while(sptr[i] == ' ') {
if( ++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces\n"));
goto lPACKET_DONE;
}
}
lCTCP_START:
if (i >= dlen || iCopy >= sizeof(newpacket))
goto lPACKET_DONE;
newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start
* character */
/* Start of a CTCP */
if (i + 4 >= dlen) /* Too short for DCC */
goto lBAD_CTCP;
if (sptr[i + 0] != 'D')
goto lBAD_CTCP;
if (sptr[i + 1] != 'C')
goto lBAD_CTCP;
if (sptr[i + 2] != 'C')
goto lBAD_CTCP;
if (sptr[i + 3] != ' ')
goto lBAD_CTCP;
/* We have a DCC command - handle it! */
i += 4; /* Skip "DCC " */
if (iCopy + 4 > sizeof(newpacket))
goto lPACKET_DONE;
newpacket[iCopy++] = 'D';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = ' ';
DBprintf(("Transferring command...\n"));
while(sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if( ++i >= dlen || iCopy >= sizeof(newpacket) ) {
DBprintf(("DCC packet terminated during command\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if( i+1 < dlen && iCopy < sizeof(newpacket) )
newpacket[iCopy++] = sptr[i++];
DBprintf(("Found DCC\n"));
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Done command - removing spaces\n"));
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway */
while(sptr[i] == ' ') {
if( ++i >= dlen ) {
DBprintf(("DCC packet terminated in just spaces (post-command)\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Transferring command...\n"));
while (sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if (++i >= dlen || iCopy >= sizeof(newpacket)) {
DBprintf(("DCC packet terminated during command\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if (i + 1 < dlen && iCopy < sizeof(newpacket))
newpacket[iCopy++] = sptr[i++];
DBprintf(("Transferring filename...\n"));
while(sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if( ++i >= dlen || iCopy >= sizeof(newpacket) ) {
DBprintf(("DCC packet terminated during filename\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if( i+1 < dlen && iCopy < sizeof(newpacket) )
newpacket[iCopy++] = sptr[i++];
DBprintf(("Done command - removing spaces\n"));
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces (post-command)\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Done filename - removing spaces\n"));
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway */
while(sptr[i] == ' ') {
if( ++i >= dlen ) {
DBprintf(("DCC packet terminated in just spaces (post-filename)\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Transferring filename...\n"));
while (sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if (++i >= dlen || iCopy >= sizeof(newpacket)) {
DBprintf(("DCC packet terminated during filename\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if (i + 1 < dlen && iCopy < sizeof(newpacket))
newpacket[iCopy++] = sptr[i++];
DBprintf(("Fetching IP address\n"));
/* Fetch IP address */
org_addr = 0;
while(i<dlen && isdigit(sptr[i])) {
if( org_addr > ULONG_MAX/10UL ) { /* Terminate on overflow */
DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i]));
goto lBAD_CTCP;
}
org_addr *= 10;
org_addr += sptr[i++]-'0';
}
DBprintf(("Skipping space\n"));
if( i+1 >= dlen || sptr[i] != ' ' ) {
DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i+1, dlen, sptr[i]));
goto lBAD_CTCP;
}
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway, so we might
as well play it safe */
while(sptr[i] == ' ') {
if( ++i >= dlen ) {
DBprintf(("Packet failure - space overflow.\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Fetching port number\n"));
/* Fetch source port */
org_port = 0;
while(i<dlen && isdigit(sptr[i])) {
if( org_port > 6554 ) { /* Terminate on overflow (65536/10 rounded up*/
DBprintf(("DCC: port number overflow\n"));
goto lBAD_CTCP;
}
org_port *= 10;
org_port += sptr[i++]-'0';
}
/* Skip illegal addresses (or early termination) */
if( i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ') ) {
DBprintf(("Bad port termination\n"));
goto lBAD_CTCP;
}
DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
DBprintf(("Done filename - removing spaces\n"));
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces (post-filename)\n"));
goto lPACKET_DONE;
}
}
/* We've got the address and port - now alias it */
{
struct alias_link *dcc_link;
struct in_addr destaddr;
DBprintf(("Fetching IP address\n"));
/* Fetch IP address */
org_addr = 0;
while (i < dlen && isdigit(sptr[i])) {
if (org_addr > ULONG_MAX / 10UL) { /* Terminate on overflow */
DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i]));
goto lBAD_CTCP;
}
org_addr *= 10;
org_addr += sptr[i++] - '0';
}
DBprintf(("Skipping space\n"));
if (i + 1 >= dlen || sptr[i] != ' ') {
DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i + 1, dlen, sptr[i]));
goto lBAD_CTCP;
}
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway, so we
* might as well play it safe
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("Packet failure - space overflow.\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Fetching port number\n"));
/* Fetch source port */
org_port = 0;
while (i < dlen && isdigit(sptr[i])) {
if (org_port > 6554) { /* Terminate on overflow
* (65536/10 rounded up */
DBprintf(("DCC: port number overflow\n"));
goto lBAD_CTCP;
}
org_port *= 10;
org_port += sptr[i++] - '0';
}
/* Skip illegal addresses (or early termination) */
if (i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ')) {
DBprintf(("Bad port termination\n"));
goto lBAD_CTCP;
}
DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
/* We've got the address and port - now alias it */
{
struct alias_link *dcc_link;
struct in_addr destaddr;
true_port = htons(org_port);
true_addr.s_addr = htonl(org_addr);
destaddr.s_addr = 0;
true_port = htons(org_port);
true_addr.s_addr = htonl(org_addr);
destaddr.s_addr = 0;
/* Sanity/Security checking */
if (!org_addr || !org_port ||
pip->ip_src.s_addr != true_addr.s_addr ||
org_port < IPPORT_RESERVED)
goto lBAD_CTCP;
/* Sanity/Security checking */
if (!org_addr || !org_port ||
pip->ip_src.s_addr != true_addr.s_addr ||
org_port < IPPORT_RESERVED)
goto lBAD_CTCP;
/* Steal the FTP_DATA_PORT - it doesn't really matter, and this
would probably allow it through at least _some_
firewalls. */
dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
true_port, 0,
IPPROTO_TCP, 1);
DBprintf(("Got a DCC link\n"));
if ( dcc_link ) {
struct in_addr alias_address; /* Address from aliasing */
u_short alias_port; /* Port given by aliasing */
int n;
/*
* Steal the FTP_DATA_PORT - it doesn't really
* matter, and this would probably allow it through
* at least _some_ firewalls.
*/
dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
true_port, 0,
IPPROTO_TCP, 1);
DBprintf(("Got a DCC link\n"));
if (dcc_link) {
struct in_addr alias_address; /* Address from aliasing */
u_short alias_port; /* Port given by
* aliasing */
int n;
#ifndef NO_FW_PUNCH
/* Generate firewall hole as appropriate */
PunchFWHole(dcc_link);
/* Generate firewall hole as appropriate */
PunchFWHole(dcc_link);
#endif
alias_address = GetAliasAddress(link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket)-iCopy,
"%lu ", (u_long)htonl(alias_address.s_addr));
if( n < 0 ) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
if( (iCopy += n) >= sizeof(newpacket) ) { /* Truncated/fit exactly - bad news */
DBprintf(("DCC constructed packet overflow.\n"));
goto lBAD_CTCP;
}
alias_port = GetAliasPort(dcc_link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket)-iCopy,
"%u", htons(alias_port) );
if( n < 0 ) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
iCopy += n;
/* Done - truncated cases will be taken care of by lBAD_CTCP */
DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port));
}
}
/* An uninteresting CTCP - state entered right after '\001' has
been pushed. Also used to copy the rest of a DCC, after IP
address and port has been handled */
lBAD_CTCP:
for(; i<dlen && iCopy<sizeof(newpacket); i++,iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if(sptr[i] == '\001') {
goto lNORMAL_TEXT;
}
}
goto lPACKET_DONE;
/* Normal text */
lNORMAL_TEXT:
for(; i<dlen && iCopy<sizeof(newpacket); i++,iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if(sptr[i] == '\001') {
goto lCTCP_START;
}
}
/* Handle the end of a packet */
lPACKET_DONE:
iCopy = iCopy > maxsize-copyat ? maxsize-copyat : iCopy;
memcpy(sptr+copyat, newpacket, iCopy);
alias_address = GetAliasAddress(link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket) - iCopy,
"%lu ", (u_long) htonl(alias_address.s_addr));
if (n < 0) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
if ((iCopy += n) >= sizeof(newpacket)) { /* Truncated/fit exactly
* - bad news */
DBprintf(("DCC constructed packet overflow.\n"));
goto lBAD_CTCP;
}
alias_port = GetAliasPort(dcc_link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket) - iCopy,
"%u", htons(alias_port));
if (n < 0) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
iCopy += n;
/*
* Done - truncated cases will be taken
* care of by lBAD_CTCP
*/
DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port));
}
}
/*
* An uninteresting CTCP - state entered right after '\001'
* has been pushed. Also used to copy the rest of a DCC,
* after IP address and port has been handled
*/
lBAD_CTCP:
for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if (sptr[i] == '\001') {
goto lNORMAL_TEXT;
}
}
goto lPACKET_DONE;
/* Normal text */
lNORMAL_TEXT:
for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if (sptr[i] == '\001') {
goto lCTCP_START;
}
}
/* Handle the end of a packet */
lPACKET_DONE:
iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy;
memcpy(sptr + copyat, newpacket, iCopy);
/* Save information regarding modified seq and ack numbers */
{
int delta;
{
int delta;
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta+copyat+iCopy-dlen);
}
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + copyat + iCopy - dlen);
}
/* Revise IP header */
{
u_short new_len;
/* Revise IP header */
{
u_short new_len;
new_len = htons(hlen + iCopy + copyat);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
new_len = htons(hlen + iCopy + copyat);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return;
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return;
}
}
/* Notes:

307
lib/libalias/alias_local.h
View File

@ -55,80 +55,84 @@
struct proxy_entry;
struct libalias {
LIST_ENTRY(libalias) instancelist;
LIST_ENTRY(libalias) instancelist;
int packetAliasMode; /* Mode flags */
/* - documented in alias.h */
int packetAliasMode; /* Mode flags */
/* - documented in alias.h */
struct in_addr aliasAddress; /* Address written onto source */
/* field of IP packet. */
struct in_addr aliasAddress; /* Address written onto source */
/* field of IP packet. */
struct in_addr targetAddress; /* IP address incoming packets */
/* are sent to if no aliasing */
/* link already exists */
struct in_addr targetAddress; /* IP address incoming packets */
/* are sent to if no aliasing */
/* link already exists */
struct in_addr nullAddress; /* Used as a dummy parameter for */
/* some function calls */
struct in_addr nullAddress; /* Used as a dummy parameter for */
/* some function calls */
LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
/* Lookup table of pointers to */
/* chains of link records. Each */
LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
/* Lookup table of pointers to */
/* chains of link records. Each */
LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
/* link record is doubly indexed */
/* into input and output lookup */
/* tables. */
LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
/* link record is doubly indexed */
/* into input and output lookup */
/* tables. */
/* Link statistics */
int icmpLinkCount;
int udpLinkCount;
int tcpLinkCount;
int pptpLinkCount;
int protoLinkCount;
int fragmentIdLinkCount;
int fragmentPtrLinkCount;
int sockCount;
/* Link statistics */
int icmpLinkCount;
int udpLinkCount;
int tcpLinkCount;
int pptpLinkCount;
int protoLinkCount;
int fragmentIdLinkCount;
int fragmentPtrLinkCount;
int sockCount;
int cleanupIndex; /* Index to chain of link table */
/* being inspected for old links */
int cleanupIndex; /* Index to chain of link table */
/* being inspected for old links */
int timeStamp; /* System time in seconds for */
/* current packet */
int timeStamp; /* System time in seconds for */
/* current packet */
int lastCleanupTime; /* Last time IncrementalCleanup() */
/* was called */
int lastCleanupTime; /* Last time
* IncrementalCleanup() */
/* was called */
int houseKeepingResidual; /* used by HouseKeeping() */
int houseKeepingResidual; /* used by HouseKeeping() */
int deleteAllLinks; /* If equal to zero, DeleteLink() */
/* will not remove permanent links */
int deleteAllLinks; /* If equal to zero, DeleteLink() */
/* will not remove permanent links */
FILE *monitorFile; /* File descriptor for link */
/* statistics monitoring file */
FILE *monitorFile; /* File descriptor for link */
/* statistics monitoring file */
int newDefaultLink; /* Indicates if a new aliasing */
/* link has been created after a */
/* call to PacketAliasIn/Out(). */
int newDefaultLink; /* Indicates if a new aliasing */
/* link has been created after a */
/* call to PacketAliasIn/Out(). */
#ifndef NO_FW_PUNCH
int fireWallFD; /* File descriptor to be able to */
/* control firewall. Opened by */
/* PacketAliasSetMode on first */
/* setting the PKT_ALIAS_PUNCH_FW */
/* flag. */
int fireWallBaseNum; /* The first firewall entry free for our use */
int fireWallNumNums; /* How many entries can we use? */
int fireWallActiveNum; /* Which entry did we last use? */
char *fireWallField; /* bool array for entries */
int fireWallFD; /* File descriptor to be able to */
/* control firewall. Opened by */
/* PacketAliasSetMode on first */
/* setting the PKT_ALIAS_PUNCH_FW */
/* flag. */
int fireWallBaseNum; /* The first firewall entry
* free for our use */
int fireWallNumNums; /* How many entries can we
* use? */
int fireWallActiveNum; /* Which entry did we last
* use? */
char *fireWallField; /* bool array for entries */
#endif
unsigned int skinnyPort; /* TCP port used by the Skinny */
/* protocol. */
unsigned int skinnyPort; /* TCP port used by the Skinny */
/* protocol. */
struct proxy_entry *proxyList;
struct in_addr true_addr; /* in network byte order. */
u_short true_port; /* in host byte order. */
struct in_addr true_addr; /* in network byte order. */
u_short true_port; /* in host byte order. */
};
@ -161,148 +165,159 @@ struct libalias {
/* Prototypes */
/* General utilities */
u_short IpChecksum(struct ip *_pip);
u_short TcpChecksum(struct ip *_pip);
void DifferentialChecksum(u_short *_cksum, u_short *_new, u_short *_old,
int _n);
u_short IpChecksum(struct ip *_pip);
u_short TcpChecksum(struct ip *_pip);
void
DifferentialChecksum(u_short * _cksum, u_short * _new, u_short * _old,
int _n);
/* Internal data access */
struct alias_link *
FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _id_alias, int _create);
FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _id_alias, int _create);
struct alias_link *
FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _id, int _create);
FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _id, int _create);
struct alias_link *
FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
struct alias_link *
FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
struct alias_link *
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_char _proto);
FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_char _proto);
struct alias_link *
FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_char _proto);
FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_char _proto);
struct alias_link *
FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
struct alias_link *
FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _dst_port, u_char _proto, int _create);
FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _dst_port, u_char _proto, int _create);
struct alias_link *
AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _src_call_id);
AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _src_call_id);
struct alias_link *
FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _src_call_id);
FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _src_call_id);
struct alias_link *
FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _dst_call_id);
FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _dst_call_id);
struct alias_link *
FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _dst_call_id);
FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _dst_call_id);
struct alias_link *
FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _alias_call_id);
FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _alias_call_id);
struct alias_link *
FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _alias_port, u_char _proto);
FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _alias_port, u_char _proto);
struct in_addr
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
struct in_addr
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
/* External data access/modification */
int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _src_port, u_short _dst_port, u_short _port_count,
u_char _proto, u_char _align);
void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr);
void GetFragmentPtr(struct alias_link *_link, char **_fptr);
void SetFragmentPtr(struct alias_link *_link, char *fptr);
void SetStateIn(struct alias_link *_link, int _state);
void SetStateOut(struct alias_link *_link, int _state);
int GetStateIn(struct alias_link *_link);
int GetStateOut(struct alias_link *_link);
int
FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _src_port, u_short _dst_port, u_short _port_count,
u_char _proto, u_char _align);
void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr);
void GetFragmentPtr(struct alias_link *_link, char **_fptr);
void SetFragmentPtr(struct alias_link *_link, char *fptr);
void SetStateIn(struct alias_link *_link, int _state);
void SetStateOut(struct alias_link *_link, int _state);
int GetStateIn (struct alias_link *_link);
int GetStateOut(struct alias_link *_link);
struct in_addr
GetOriginalAddress(struct alias_link *_link);
GetOriginalAddress(struct alias_link *_link);
struct in_addr
GetDestAddress(struct alias_link *_link);
GetDestAddress(struct alias_link *_link);
struct in_addr
GetAliasAddress(struct alias_link *_link);
GetAliasAddress(struct alias_link *_link);
struct in_addr
GetDefaultAliasAddress(struct libalias *la);
void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
u_short GetOriginalPort(struct alias_link *_link);
u_short GetAliasPort(struct alias_link *_link);
GetDefaultAliasAddress(struct libalias *la);
void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
u_short GetOriginalPort(struct alias_link *_link);
u_short GetAliasPort(struct alias_link *_link);
struct in_addr
GetProxyAddress(struct alias_link *_link);
void SetProxyAddress(struct alias_link *_link, struct in_addr _addr);
u_short GetProxyPort(struct alias_link *_link);
void SetProxyPort(struct alias_link *_link, u_short _port);
void SetAckModified(struct alias_link *_link);
int GetAckModified(struct alias_link *_link);
int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
void AddSeq(struct ip *_pip, struct alias_link *_link, int _delta);
void SetExpire(struct alias_link *_link, int _expire);
void ClearCheckNewLink(struct libalias *la);
void SetProtocolFlags(struct alias_link *_link, int _pflags);
int GetProtocolFlags(struct alias_link *_link);
void SetDestCallId(struct alias_link *_link, u_int16_t _cid);
GetProxyAddress(struct alias_link *_link);
void SetProxyAddress(struct alias_link *_link, struct in_addr _addr);
u_short GetProxyPort(struct alias_link *_link);
void SetProxyPort(struct alias_link *_link, u_short _port);
void SetAckModified(struct alias_link *_link);
int GetAckModified(struct alias_link *_link);
int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
void AddSeq (struct ip *_pip, struct alias_link *_link, int _delta);
void SetExpire (struct alias_link *_link, int _expire);
void ClearCheckNewLink(struct libalias *la);
void SetProtocolFlags(struct alias_link *_link, int _pflags);
int GetProtocolFlags(struct alias_link *_link);
void SetDestCallId(struct alias_link *_link, u_int16_t _cid);
#ifndef NO_FW_PUNCH
void PunchFWHole(struct alias_link *_link);
void PunchFWHole(struct alias_link *_link);
#endif
/* Housekeeping function */
void HouseKeeping(struct libalias *);
void HouseKeeping(struct libalias *);
/* Tcp specfic routines */
/* lint -save -library Suppress flexelint warnings */
/* FTP routines */
void AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
void
AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
/* IRC routines */
void AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxsize);
void
AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxsize);
/* RTSP routines */
void AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
void
AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
/* PPTP routines */
void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
/* NetBIOS routines */
int AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short _alias_port);
int AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short *_alias_port,
struct in_addr *_original_address, u_short *_original_port);
int
AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short _alias_port);
int
AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short * _alias_port,
struct in_addr *_original_address, u_short * _original_port);
/* CUSeeMe routines */
void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
/* Skinny routines */
void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
/* Transparent proxy routines */
int ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
u_short *_proxy_server_port);
void ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
int _maxpacketsize, int _proxy_type);
int
ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
u_short * _proxy_server_port);
void
ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
int _maxpacketsize, int _proxy_type);
enum alias_tcp_state {
ALIAS_TCP_STATE_NOT_CONNECTED,
@ -312,4 +327,4 @@ enum alias_tcp_state {
/*lint -restore */
#endif /* !_ALIAS_LOCAL_H_ */
#endif /* !_ALIAS_LOCAL_H_ */

664
lib/libalias/alias_nbt.c
View File

@ -55,22 +55,22 @@ __FBSDID("$FreeBSD$");
#include "alias_local.h"
typedef struct {
struct in_addr oldaddr;
u_short oldport;
struct in_addr newaddr;
u_short newport;
u_short *uh_sum;
} NBTArguments;
struct in_addr oldaddr;
u_short oldport;
struct in_addr newaddr;
u_short newport;
u_short *uh_sum;
} NBTArguments;
typedef struct {
unsigned char type;
unsigned char flags;
u_short id;
struct in_addr source_ip;
u_short source_port;
u_short len;
u_short offset;
} NbtDataHeader;
unsigned char type;
unsigned char flags;
u_short id;
struct in_addr source_ip;
u_short source_port;
u_short len;
u_short offset;
} NbtDataHeader;
#define OpQuery 0
#define OpUnknown 4
@ -79,13 +79,13 @@ typedef struct {
#define OpWACK 7
#define OpRefresh 8
typedef struct {
u_short nametrid;
u_short dir:1, opcode:4, nmflags:7, rcode:4;
u_short qdcount;
u_short ancount;
u_short nscount;
u_short arcount;
} NbtNSHeader;
u_short nametrid;
u_short dir: 1, opcode:4, nmflags:7, rcode:4;
u_short qdcount;
u_short ancount;
u_short nscount;
u_short arcount;
} NbtNSHeader;
#define FMT_ERR 0x1
#define SRV_ERR 0x2
@ -96,56 +96,61 @@ typedef struct {
#ifdef DEBUG
static void PrintRcode( u_char rcode ) {
static void
PrintRcode(u_char rcode)
{
switch (rcode) {
case FMT_ERR:
printf("\nFormat Error.");
case SRV_ERR:
printf("\nSever failure.");
case IMP_ERR:
printf("\nUnsupported request error.\n");
case RFS_ERR:
printf("\nRefused error.\n");
case ACT_ERR:
printf("\nActive error.\n");
case CFT_ERR:
printf("\nName in conflict error.\n");
default:
printf("\n?%c?=%0x\n", '?', rcode );
printf("\nFormat Error.");
case SRV_ERR:
printf("\nSever failure.");
case IMP_ERR:
printf("\nUnsupported request error.\n");
case RFS_ERR:
printf("\nRefused error.\n");
case ACT_ERR:
printf("\nActive error.\n");
case CFT_ERR:
printf("\nName in conflict error.\n");
default:
printf("\n?%c?=%0x\n", '?', rcode);
}
}
#endif
/* Handling Name field */
static u_char *AliasHandleName ( u_char *p, char *pmax ) {
static u_char *
AliasHandleName(u_char * p, char *pmax)
{
u_char *s;
u_char c;
int compress;
int compress;
/* Following length field */
if (p == NULL || (char *)p >= pmax)
return(NULL);
return (NULL);
if (*p & 0xc0 ) {
if (*p & 0xc0) {
p = p + 2;
if ((char *)p > pmax)
return(NULL);
return ((u_char *)p);
return (NULL);
return ((u_char *) p);
}
while ( ( *p & 0x3f) != 0x00 ) {
while ((*p & 0x3f) != 0x00) {
s = p + 1;
if ( *p == 0x20 )
if (*p == 0x20)
compress = 1;
else
compress = 0;
/* Get next length field */
p = (u_char *)(p + (*p & 0x3f) + 1);
/* Get next length field */
p = (u_char *) (p + (*p & 0x3f) + 1);
if ((char *)p > pmax) {
p = NULL;
break;
@ -154,15 +159,15 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
printf(":");
#endif
while (s < p) {
if ( compress == 1 ) {
c = (u_char )(((((*s & 0x0f) << 4) | (*(s+1) & 0x0f)) - 0x11));
if (compress == 1) {
c = (u_char) (((((*s & 0x0f) << 4) | (*(s + 1) & 0x0f)) - 0x11));
#ifdef DEBUG
if (isprint( c ) )
printf("%c", c );
if (isprint(c))
printf("%c", c);
else
printf("<0x%02x>", c );
printf("<0x%02x>", c);
#endif
s +=2;
s += 2;
} else {
#ifdef DEBUG
printf("%c", *s);
@ -174,14 +179,14 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
printf(":");
#endif
fflush(stdout);
}
}
/* Set up to out of Name field */
if (p == NULL || (char *)p >= pmax)
p = NULL;
p = NULL;
else
p++;
return ((u_char *)p);
p++;
return ((u_char *) p);
}
/*
@ -195,58 +200,61 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
#define DGM_POSITIVE_RES 0x15
#define DGM_NEGATIVE_RES 0x16
int AliasHandleUdpNbt(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short alias_port
) {
struct udphdr * uh;
NbtDataHeader *ndh;
u_char *p = NULL;
char *pmax;
int
AliasHandleUdpNbt(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short alias_port
)
{
struct udphdr *uh;
NbtDataHeader *ndh;
u_char *p = NULL;
char *pmax;
/* Calculate data length of UDP packet */
uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
pmax = (char *)uh + ntohs( uh->uh_ulen );
/* Calculate data length of UDP packet */
uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
pmax = (char *)uh + ntohs(uh->uh_ulen);
ndh = (NbtDataHeader *)((char *)uh + (sizeof (struct udphdr)));
if ((char *)(ndh + 1) > pmax)
return(-1);
ndh = (NbtDataHeader *) ((char *)uh + (sizeof(struct udphdr)));
if ((char *)(ndh + 1) > pmax)
return (-1);
#ifdef DEBUG
printf("\nType=%02x,", ndh->type );
printf("\nType=%02x,", ndh->type);
#endif
switch ( ndh->type ) {
case DGM_DIRECT_UNIQ:
case DGM_DIRECT_GROUP:
case DGM_BROADCAST:
p = (u_char *)ndh + 14;
p = AliasHandleName ( p, pmax ); /* Source Name */
p = AliasHandleName ( p, pmax ); /* Destination Name */
break;
case DGM_ERROR:
p = (u_char *)ndh + 11;
break;
case DGM_QUERY:
case DGM_POSITIVE_RES:
case DGM_NEGATIVE_RES:
p = (u_char *)ndh + 10;
p = AliasHandleName ( p, pmax ); /* Destination Name */
break;
switch (ndh->type) {
case DGM_DIRECT_UNIQ:
case DGM_DIRECT_GROUP:
case DGM_BROADCAST:
p = (u_char *) ndh + 14;
p = AliasHandleName(p, pmax); /* Source Name */
p = AliasHandleName(p, pmax); /* Destination Name */
break;
case DGM_ERROR:
p = (u_char *) ndh + 11;
break;
case DGM_QUERY:
case DGM_POSITIVE_RES:
case DGM_NEGATIVE_RES:
p = (u_char *) ndh + 10;
p = AliasHandleName(p, pmax); /* Destination Name */
break;
}
if (p == NULL || (char *)p > pmax)
p = NULL;
if (p == NULL || (char *)p > pmax)
p = NULL;
#ifdef DEBUG
printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) );
printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port));
#endif
/* Doing an IP address and Port number Translation */
if ( uh->uh_sum != 0 ) {
int acc;
u_short *sptr;
acc = ndh->source_port;
if (uh->uh_sum != 0) {
int acc;
u_short *sptr;
acc = ndh->source_port;
acc -= alias_port;
sptr = (u_short *) &(ndh->source_ip);
sptr = (u_short *) & (ndh->source_ip);
acc += *sptr++;
acc += *sptr;
sptr = (u_short *) alias_address;
@ -254,49 +262,49 @@ int AliasHandleUdpNbt(
acc -= *sptr;
ADJUST_CHECKSUM(acc, uh->uh_sum);
}
ndh->source_ip = *alias_address;
ndh->source_port = alias_port;
ndh->source_ip = *alias_address;
ndh->source_port = alias_port;
#ifdef DEBUG
printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) );
printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port));
fflush(stdout);
#endif
return((p == NULL) ? -1 : 0);
return ((p == NULL) ? -1 : 0);
}
/* Question Section */
#define QS_TYPE_NB 0x0020
#define QS_TYPE_NBSTAT 0x0021
#define QS_CLAS_IN 0x0001
typedef struct {
u_short type; /* The type of Request */
u_short class; /* The class of Request */
} NBTNsQuestion;
u_short type; /* The type of Request */
u_short class; /* The class of Request */
} NBTNsQuestion;
static u_char *
static u_char *
AliasHandleQuestion(
u_short count,
NBTNsQuestion *q,
NBTNsQuestion * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
while ( count != 0 ) {
while (count != 0) {
/* Name Filed */
q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax);
q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax);
if (q == NULL || (char *)(q + 1) > pmax) {
q = NULL;
break;
}
/* Type and Class filed */
switch ( ntohs(q->type) ) {
case QS_TYPE_NB:
case QS_TYPE_NBSTAT:
q= q+1;
switch (ntohs(q->type)) {
case QS_TYPE_NB:
case QS_TYPE_NBSTAT:
q = q + 1;
break;
default:
default:
#ifdef DEBUG
printf("\nUnknown Type on Question %0x\n", ntohs(q->type) );
printf("\nUnknown Type on Question %0x\n", ntohs(q->type));
#endif
break;
}
@ -304,7 +312,7 @@ AliasHandleQuestion(
}
/* Set up to out of Question Section */
return ((u_char *)q);
return ((u_char *) q);
}
/* Resource Record */
@ -316,101 +324,99 @@ AliasHandleQuestion(
#define RR_CLAS_IN 0x0001
#define SizeOfNsResource 8
typedef struct {
u_short type;
u_short class;
unsigned int ttl;
u_short rdlen;
} NBTNsResource;
u_short type;
u_short class;
unsigned int ttl;
u_short rdlen;
} NBTNsResource;
#define SizeOfNsRNB 6
typedef struct {
u_short g:1, ont:2, resv:13;
struct in_addr addr;
} NBTNsRNB;
u_short g: 1 , ont:2, resv:13;
struct in_addr addr;
} NBTNsRNB;
static u_char *
static u_char *
AliasHandleResourceNB(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsRNB *nb;
NBTNsRNB *nb;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Check out a length */
bcount = ntohs(q->rdlen);
/* Forward to Resource NB position */
nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource);
nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource);
/* Processing all in_addr array */
#ifdef DEBUG
printf("NB rec[%s", inet_ntoa(nbtarg->oldaddr));
printf("->%s, %dbytes] ",inet_ntoa(nbtarg->newaddr ), bcount);
printf("->%s, %dbytes] ", inet_ntoa(nbtarg->newaddr), bcount);
#endif
while ( nb != NULL && bcount != 0 ) {
while (nb != NULL && bcount != 0) {
if ((char *)(nb + 1) > pmax) {
nb = NULL;
break;
}
#ifdef DEBUG
printf("<%s>", inet_ntoa(nb->addr) );
printf("<%s>", inet_ntoa(nb->addr));
#endif
if (!bcmp(&nbtarg->oldaddr,&nb->addr, sizeof(struct in_addr) ) ) {
if ( *nbtarg->uh_sum != 0 ) {
int acc;
u_short *sptr;
if (!bcmp(&nbtarg->oldaddr, &nb->addr, sizeof(struct in_addr))) {
if (*nbtarg->uh_sum != 0) {
int acc;
u_short *sptr;
sptr = (u_short *) &(nb->addr);
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) &(nbtarg->newaddr);
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
sptr = (u_short *) & (nb->addr);
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) & (nbtarg->newaddr);
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
}
nb->addr = nbtarg->newaddr;
#ifdef DEBUG
printf("O");
#endif
}
#ifdef DEBUG
else {
else {
printf(".");
}
#endif
nb=(NBTNsRNB *)((u_char *)nb + SizeOfNsRNB);
bcount -= SizeOfNsRNB;
nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB);
bcount -= SizeOfNsRNB;
}
if (nb == NULL || (char *)(nb + 1) > pmax) {
nb = NULL;
}
return ((u_char *)nb);
return ((u_char *) nb);
}
#define SizeOfResourceA 6
typedef struct {
struct in_addr addr;
} NBTNsResourceA;
struct in_addr addr;
} NBTNsResourceA;
static u_char *
static u_char *
AliasHandleResourceA(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceA *a;
NBTNsResourceA *a;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource A position */
a = (NBTNsResourceA *)( (u_char *)q + sizeof(NBTNsResource) );
a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
@ -418,62 +424,61 @@ AliasHandleResourceA(
/* Processing all in_addr array */
#ifdef DEBUG
printf("Arec [%s", inet_ntoa(nbtarg->oldaddr));
printf("->%s]",inet_ntoa(nbtarg->newaddr ));
printf("->%s]", inet_ntoa(nbtarg->newaddr));
#endif
while ( bcount != 0 ) {
while (bcount != 0) {
if (a == NULL || (char *)(a + 1) > pmax)
return(NULL);
return (NULL);
#ifdef DEBUG
printf("..%s", inet_ntoa(a->addr) );
printf("..%s", inet_ntoa(a->addr));
#endif
if ( !bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr) ) ) {
if ( *nbtarg->uh_sum != 0 ) {
int acc;
u_short *sptr;
if (!bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr))) {
if (*nbtarg->uh_sum != 0) {
int acc;
u_short *sptr;
sptr = (u_short *) &(a->addr); /* Old */
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) &nbtarg->newaddr; /* New */
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
sptr = (u_short *) & (a->addr); /* Old */
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) & nbtarg->newaddr; /* New */
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
}
a->addr = nbtarg->newaddr;
}
a++; /*XXXX*/
a++; /* XXXX */
bcount -= SizeOfResourceA;
}
if (a == NULL || (char *)(a + 1) > pmax)
a = NULL;
return ((u_char *)a);
a = NULL;
return ((u_char *) a);
}
typedef struct {
u_short opcode:4, flags:8, resv:4;
} NBTNsResourceNULL;
u_short opcode:4, flags:8, resv:4;
} NBTNsResourceNULL;
static u_char *
static u_char *
AliasHandleResourceNULL(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceNULL *n;
NBTNsResourceNULL *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource NULL position */
n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) );
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Processing all in_addr array */
while ( bcount != 0 ) {
while (bcount != 0) {
if ((char *)(n + 1) > pmax) {
n = NULL;
break;
@ -484,223 +489,220 @@ AliasHandleResourceNULL(
if ((char *)(n + 1) > pmax)
n = NULL;
return ((u_char *)n);
return ((u_char *) n);
}
static u_char *
static u_char *
AliasHandleResourceNS(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceNULL *n;
NBTNsResourceNULL *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource NULL position */
n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) );
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Resource Record Name Filed */
q = (NBTNsResource *)AliasHandleName( (u_char *)n, pmax ); /* XXX */
q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return(NULL);
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
return (NULL);
else
return ((u_char *)n + bcount);
return ((u_char *) n + bcount);
}
typedef struct {
u_short numnames;
} NBTNsResourceNBSTAT;
u_short numnames;
} NBTNsResourceNBSTAT;
static u_char *
static u_char *
AliasHandleResourceNBSTAT(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceNBSTAT *n;
NBTNsResourceNBSTAT *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource NBSTAT position */
n = (NBTNsResourceNBSTAT *)( (u_char *)q + sizeof(NBTNsResource) );
n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return(NULL);
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
return (NULL);
else
return ((u_char *)n + bcount);
return ((u_char *) n + bcount);
}
static u_char *
static u_char *
AliasHandleResource(
u_short count,
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments
*nbtarg)
* nbtarg)
{
while ( count != 0 ) {
while (count != 0) {
/* Resource Record Name Filed */
q = (NBTNsResource *)AliasHandleName( (u_char *)q, pmax );
q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax);
if (q == NULL || (char *)(q + 1) > pmax)
break;
#ifdef DEBUG
printf("type=%02x, count=%d\n", ntohs(q->type), count );
printf("type=%02x, count=%d\n", ntohs(q->type), count);
#endif
/* Type and Class filed */
switch ( ntohs(q->type) ) {
case RR_TYPE_NB:
q = (NBTNsResource *)AliasHandleResourceNB(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_A:
q = (NBTNsResource *)AliasHandleResourceA(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NS:
q = (NBTNsResource *)AliasHandleResourceNS(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NULL:
q = (NBTNsResource *)AliasHandleResourceNULL(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NBSTAT:
q = (NBTNsResource *)AliasHandleResourceNBSTAT(
q,
pmax,
nbtarg
);
break;
default:
switch (ntohs(q->type)) {
case RR_TYPE_NB:
q = (NBTNsResource *) AliasHandleResourceNB(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_A:
q = (NBTNsResource *) AliasHandleResourceA(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NS:
q = (NBTNsResource *) AliasHandleResourceNS(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NULL:
q = (NBTNsResource *) AliasHandleResourceNULL(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NBSTAT:
q = (NBTNsResource *) AliasHandleResourceNBSTAT(
q,
pmax,
nbtarg
);
break;
default:
#ifdef DEBUG
printf(
"\nUnknown Type of Resource %0x\n",
ntohs(q->type)
);
printf(
"\nUnknown Type of Resource %0x\n",
ntohs(q->type)
);
#endif
break;
break;
}
count--;
}
fflush(stdout);
return ((u_char *)q);
return ((u_char *) q);
}
int AliasHandleUdpNbtNS(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short *alias_port,
struct in_addr *original_address,
u_short *original_port )
int
AliasHandleUdpNbtNS(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short * alias_port,
struct in_addr *original_address,
u_short * original_port)
{
struct udphdr * uh;
NbtNSHeader * nsh;
u_char * p;
char *pmax;
NBTArguments nbtarg;
struct udphdr *uh;
NbtNSHeader *nsh;
u_char *p;
char *pmax;
NBTArguments nbtarg;
/* Set up Common Parameter */
nbtarg.oldaddr = *alias_address;
nbtarg.oldport = *alias_port;
nbtarg.newaddr = *original_address;
nbtarg.newport = *original_port;
nbtarg.oldaddr = *alias_address;
nbtarg.oldport = *alias_port;
nbtarg.newaddr = *original_address;
nbtarg.newport = *original_port;
/* Calculate data length of UDP packet */
uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
nbtarg.uh_sum = &(uh->uh_sum);
nsh = (NbtNSHeader *)((char *)uh + (sizeof(struct udphdr)));
p = (u_char *)(nsh + 1);
pmax = (char *)uh + ntohs( uh->uh_ulen );
/* Calculate data length of UDP packet */
uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
nbtarg.uh_sum = &(uh->uh_sum);
nsh = (NbtNSHeader *) ((char *)uh + (sizeof(struct udphdr)));
p = (u_char *) (nsh + 1);
pmax = (char *)uh + ntohs(uh->uh_ulen);
if ((char *)(nsh + 1) > pmax)
return(-1);
if ((char *)(nsh + 1) > pmax)
return (-1);
#ifdef DEBUG
printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x"
", an=%04x, ns=%04x, ar=%04x, [%d]-->",
nsh->dir ? "Response": "Request",
nsh->nametrid,
nsh->opcode,
nsh->nmflags,
nsh->rcode,
ntohs(nsh->qdcount),
ntohs(nsh->ancount),
ntohs(nsh->nscount),
ntohs(nsh->arcount),
(u_char *)p -(u_char *)nsh
);
printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x"
", an=%04x, ns=%04x, ar=%04x, [%d]-->",
nsh->dir ? "Response" : "Request",
nsh->nametrid,
nsh->opcode,
nsh->nmflags,
nsh->rcode,
ntohs(nsh->qdcount),
ntohs(nsh->ancount),
ntohs(nsh->nscount),
ntohs(nsh->arcount),
(u_char *) p - (u_char *) nsh
);
#endif
/* Question Entries */
if (ntohs(nsh->qdcount) !=0 ) {
p = AliasHandleQuestion(
ntohs(nsh->qdcount),
(NBTNsQuestion *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->qdcount) != 0) {
p = AliasHandleQuestion(
ntohs(nsh->qdcount),
(NBTNsQuestion *) p,
pmax,
&nbtarg
);
}
/* Answer Resource Records */
if (ntohs(nsh->ancount) !=0 ) {
p = AliasHandleResource(
ntohs(nsh->ancount),
(NBTNsResource *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->ancount) != 0) {
p = AliasHandleResource(
ntohs(nsh->ancount),
(NBTNsResource *) p,
pmax,
&nbtarg
);
}
/* Authority Resource Recodrs */
if (ntohs(nsh->nscount) !=0 ) {
p = AliasHandleResource(
ntohs(nsh->nscount),
(NBTNsResource *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->nscount) != 0) {
p = AliasHandleResource(
ntohs(nsh->nscount),
(NBTNsResource *) p,
pmax,
&nbtarg
);
}
/* Additional Resource Recodrs */
if (ntohs(nsh->arcount) !=0 ) {
p = AliasHandleResource(
ntohs(nsh->arcount),
(NBTNsResource *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->arcount) != 0) {
p = AliasHandleResource(
ntohs(nsh->arcount),
(NBTNsResource *) p,
pmax,
&nbtarg
);
}
#ifdef DEBUG
PrintRcode(nsh->rcode);
PrintRcode(nsh->rcode);
#endif
return ((p == NULL) ? -1 : 0);
return ((p == NULL) ? -1 : 0);
}

6
lib/libalias/alias_old.c
View File

@ -113,7 +113,7 @@ PacketAliasAddServer(struct alias_link *_link,
struct alias_link *
PacketAliasRedirectAddr(struct in_addr _src_addr,
struct in_addr _alias_addr)
struct in_addr _alias_addr)
{
return LibAliasRedirectAddr(la, _src_addr, _alias_addr);
@ -152,7 +152,7 @@ PacketAliasRedirectProto(struct in_addr _src_addr,
{
return LibAliasRedirectProto(la, _src_addr, _dst_addr, _alias_addr,
_proto);
_proto);
}
void
@ -162,7 +162,7 @@ PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment)
LibAliasFragmentIn(la, _ptr, _ptr_fragment);
}
char *
char *
PacketAliasGetFragment(char *_ptr)
{

444
lib/libalias/alias_pptp.c
View File

@ -80,16 +80,16 @@ __FBSDID("$FreeBSD$");
* PPTP definitions
*/
struct grehdr /* Enhanced GRE header. */
{
u_int16_t gh_flags; /* Flags. */
u_int16_t gh_protocol; /* Protocol type. */
u_int16_t gh_length; /* Payload length. */
u_int16_t gh_call_id; /* Call ID. */
u_int32_t gh_seq_no; /* Sequence number (optional). */
u_int32_t gh_ack_no; /* Acknowledgment number (optional). */
struct grehdr { /* Enhanced GRE header. */
u_int16_t gh_flags; /* Flags. */
u_int16_t gh_protocol; /* Protocol type. */
u_int16_t gh_length; /* Payload length. */
u_int16_t gh_call_id; /* Call ID. */
u_int32_t gh_seq_no; /* Sequence number (optional). */
u_int32_t gh_ack_no; /* Acknowledgment number
* (optional). */
};
typedef struct grehdr GreHdr;
typedef struct grehdr GreHdr;
/* The PPTP protocol ID used in the GRE 'proto' field. */
#define PPTP_GRE_PROTO 0x880b
@ -102,270 +102,276 @@ typedef struct grehdr GreHdr;
#define PPTP_CTRL_MSG_TYPE 1
enum {
PPTP_StartCtrlConnRequest = 1,
PPTP_StartCtrlConnReply = 2,
PPTP_StopCtrlConnRequest = 3,
PPTP_StopCtrlConnReply = 4,
PPTP_EchoRequest = 5,
PPTP_EchoReply = 6,
PPTP_OutCallRequest = 7,
PPTP_OutCallReply = 8,
PPTP_InCallRequest = 9,
PPTP_InCallReply = 10,
PPTP_InCallConn = 11,
PPTP_CallClearRequest = 12,
PPTP_CallDiscNotify = 13,
PPTP_WanErrorNotify = 14,
PPTP_SetLinkInfo = 15
PPTP_StartCtrlConnRequest = 1,
PPTP_StartCtrlConnReply = 2,
PPTP_StopCtrlConnRequest = 3,
PPTP_StopCtrlConnReply = 4,
PPTP_EchoRequest = 5,
PPTP_EchoReply = 6,
PPTP_OutCallRequest = 7,
PPTP_OutCallReply = 8,
PPTP_InCallRequest = 9,
PPTP_InCallReply = 10,
PPTP_InCallConn = 11,
PPTP_CallClearRequest = 12,
PPTP_CallDiscNotify = 13,
PPTP_WanErrorNotify = 14,
PPTP_SetLinkInfo = 15
};
/* Message structures */
struct pptpMsgHead {
u_int16_t length; /* total length */
u_int16_t msgType; /* PPTP message type */
u_int32_t magic; /* magic cookie */
u_int16_t type; /* control message type */
u_int16_t resv0; /* reserved */
};
typedef struct pptpMsgHead *PptpMsgHead;
/* Message structures */
struct pptpMsgHead {
u_int16_t length; /* total length */
u_int16_t msgType;/* PPTP message type */
u_int32_t magic; /* magic cookie */
u_int16_t type; /* control message type */
u_int16_t resv0; /* reserved */
};
typedef struct pptpMsgHead *PptpMsgHead;
struct pptpCodes {
u_int8_t resCode; /* Result Code */
u_int8_t errCode; /* Error Code */
};
typedef struct pptpCodes *PptpCode;
struct pptpCodes {
u_int8_t resCode;/* Result Code */
u_int8_t errCode;/* Error Code */
};
typedef struct pptpCodes *PptpCode;
struct pptpCallIds {
u_int16_t cid1; /* Call ID field #1 */
u_int16_t cid2; /* Call ID field #2 */
};
typedef struct pptpCallIds *PptpCallId;
struct pptpCallIds {
u_int16_t cid1; /* Call ID field #1 */
u_int16_t cid2; /* Call ID field #2 */
};
typedef struct pptpCallIds *PptpCallId;
static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
void
AliasHandlePptpOut(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link) /* The PPTP control link */
{
struct alias_link *pptp_link;
PptpCallId cptr;
PptpCode codes;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link)
{ /* The PPTP control link */
struct alias_link *pptp_link;
PptpCallId cptr;
PptpCode codes;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Modify certain PPTP messages */
switch (ctl_type) {
case PPTP_OutCallRequest:
case PPTP_OutCallReply:
case PPTP_InCallRequest:
case PPTP_InCallReply:
/* Establish PPTP link for address and Call ID found in control message. */
pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
GetAliasAddress(link), cptr->cid1);
break;
case PPTP_CallClearRequest:
case PPTP_CallDiscNotify:
/* Find PPTP link for address and Call ID found in control message. */
pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
GetDestAddress(link),
cptr->cid1);
break;
default:
return;
}
if (pptp_link != NULL) {
int accumulate = cptr->cid1;
/* alias the Call Id */
cptr->cid1 = GetAliasPort(pptp_link);
/* Compute TCP checksum for revised packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
accumulate -= cptr->cid1;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Modify certain PPTP messages */
switch (ctl_type) {
case PPTP_OutCallRequest:
case PPTP_OutCallReply:
case PPTP_InCallRequest:
case PPTP_InCallReply:
codes = (PptpCode)(cptr + 1);
if (codes->resCode == 1) /* Connection established, */
SetDestCallId(pptp_link, /* note the Peer's Call ID. */
cptr->cid2);
else
SetExpire(pptp_link, 0); /* Connection refused. */
break;
case PPTP_CallDiscNotify: /* Connection closed. */
SetExpire(pptp_link, 0);
break;
/*
* Establish PPTP link for address and Call ID found in
* control message.
*/
pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
GetAliasAddress(link), cptr->cid1);
break;
case PPTP_CallClearRequest:
case PPTP_CallDiscNotify:
/*
* Find PPTP link for address and Call ID found in control
* message.
*/
pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
GetDestAddress(link),
cptr->cid1);
break;
default:
return;
}
if (pptp_link != NULL) {
int accumulate = cptr->cid1;
/* alias the Call Id */
cptr->cid1 = GetAliasPort(pptp_link);
/* Compute TCP checksum for revised packet */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
accumulate -= cptr->cid1;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
switch (ctl_type) {
case PPTP_OutCallReply:
case PPTP_InCallReply:
codes = (PptpCode) (cptr + 1);
if (codes->resCode == 1) /* Connection
* established, */
SetDestCallId(pptp_link, /* note the Peer's Call
* ID. */
cptr->cid2);
else
SetExpire(pptp_link, 0); /* Connection refused. */
break;
case PPTP_CallDiscNotify: /* Connection closed. */
SetExpire(pptp_link, 0);
break;
}
}
}
}
void
AliasHandlePptpIn(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link) /* The PPTP control link */
{
struct alias_link *pptp_link;
PptpCallId cptr;
u_int16_t *pcall_id;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
AliasHandlePptpIn(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link)
{ /* The PPTP control link */
struct alias_link *pptp_link;
PptpCallId cptr;
u_int16_t *pcall_id;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Modify certain PPTP messages */
switch (ctl_type)
{
case PPTP_InCallConn:
case PPTP_WanErrorNotify:
case PPTP_SetLinkInfo:
pcall_id = &cptr->cid1;
break;
case PPTP_OutCallReply:
case PPTP_InCallReply:
pcall_id = &cptr->cid2;
break;
case PPTP_CallDiscNotify: /* Connection closed. */
pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
GetAliasAddress(link),
cptr->cid1);
if (pptp_link != NULL)
SetExpire(pptp_link, 0);
return;
default:
return;
}
/* Modify certain PPTP messages */
switch (ctl_type) {
case PPTP_InCallConn:
case PPTP_WanErrorNotify:
case PPTP_SetLinkInfo:
pcall_id = &cptr->cid1;
break;
case PPTP_OutCallReply:
case PPTP_InCallReply:
pcall_id = &cptr->cid2;
break;
case PPTP_CallDiscNotify: /* Connection closed. */
pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
GetAliasAddress(link),
cptr->cid1);
if (pptp_link != NULL)
SetExpire(pptp_link, 0);
return;
default:
return;
}
/* Find PPTP link for address and Call ID found in PPTP Control Msg */
pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
GetAliasAddress(link),
*pcall_id);
/* Find PPTP link for address and Call ID found in PPTP Control Msg */
pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
GetAliasAddress(link),
*pcall_id);
if (pptp_link != NULL) {
int accumulate = *pcall_id;
if (pptp_link != NULL) {
int accumulate = *pcall_id;
/* De-alias the Peer's Call Id. */
*pcall_id = GetOriginalPort(pptp_link);
/* De-alias the Peer's Call Id. */
*pcall_id = GetOriginalPort(pptp_link);
/* Compute TCP checksum for modified packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
accumulate -= *pcall_id;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Compute TCP checksum for modified packet */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
accumulate -= *pcall_id;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
PptpCode codes = (PptpCode)(cptr + 1);
if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
PptpCode codes = (PptpCode) (cptr + 1);
if (codes->resCode == 1) /* Connection established, */
SetDestCallId(pptp_link, /* note the Call ID. */
cptr->cid1);
else
SetExpire(pptp_link, 0); /* Connection refused. */
}
}
if (codes->resCode == 1) /* Connection
* established, */
SetDestCallId(pptp_link, /* note the Call ID. */
cptr->cid1);
else
SetExpire(pptp_link, 0); /* Connection refused. */
}
}
}
static PptpCallId
AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch */
{
int hlen, tlen, dlen;
PptpMsgHead hptr;
struct tcphdr *tc;
static PptpCallId
AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
{ /* IP packet to examine/patch */
int hlen, tlen, dlen;
PptpMsgHead hptr;
struct tcphdr *tc;
/* Calculate some lengths */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Calculate some lengths */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Verify data length */
if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
return(NULL);
/* Verify data length */
if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
return (NULL);
/* Move up to PPTP message header */
hptr = (PptpMsgHead)(((char *) pip) + hlen);
/* Move up to PPTP message header */
hptr = (PptpMsgHead) (((char *)pip) + hlen);
/* Return the control message type */
*ptype = ntohs(hptr->type);
/* Return the control message type */
*ptype = ntohs(hptr->type);
/* Verify PPTP Control Message */
if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) ||
(ntohl(hptr->magic) != PPTP_MAGIC))
return(NULL);
/* Verify PPTP Control Message */
if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) ||
(ntohl(hptr->magic) != PPTP_MAGIC))
return (NULL);
/* Verify data length. */
if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
(dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
sizeof(struct pptpCodes)))
return (NULL);
else
return (PptpCallId)(hptr + 1);
/* Verify data length. */
if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
(dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
sizeof(struct pptpCodes)))
return (NULL);
else
return (PptpCallId) (hptr + 1);
}
int
AliasHandlePptpGreOut(struct libalias *la, struct ip *pip)
{
GreHdr *gr;
struct alias_link *link;
GreHdr *gr;
struct alias_link *link;
gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2));
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr alias_addr = GetAliasAddress(link);
link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr alias_addr = GetAliasAddress(link);
/* Change source IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *)&alias_addr,
(u_short *)&pip->ip_src,
2);
pip->ip_src = alias_addr;
}
return (0);
/* Change source IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *) & alias_addr,
(u_short *) & pip->ip_src,
2);
pip->ip_src = alias_addr;
}
return (0);
}
int
AliasHandlePptpGreIn(struct libalias *la, struct ip *pip)
{
GreHdr *gr;
struct alias_link *link;
GreHdr *gr;
struct alias_link *link;
gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2));
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr src_addr = GetOriginalAddress(link);
link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr src_addr = GetOriginalAddress(link);
/* De-alias the Peer's Call Id. */
gr->gh_call_id = GetOriginalPort(link);
/* De-alias the Peer's Call Id. */
gr->gh_call_id = GetOriginalPort(link);
/* Restore original IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *)&src_addr,
(u_short *)&pip->ip_dst,
2);
pip->ip_dst = src_addr;
}
return (0);
/* Restore original IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *) & src_addr,
(u_short *) & pip->ip_dst,
2);
pip->ip_dst = src_addr;
}
return (0);
}

939
lib/libalias/alias_proxy.c
View File

File diff suppressed because it is too large Load Diff

362
lib/libalias/alias_skinny.c
View File

@ -60,10 +60,10 @@
* has answered. The phone then sends back an Open Receive Channel
* Acknowledgement. In this packet, the phone sends its IP address again,
* and the UDP port over which the voice traffic should flow. These values
* need translation. Right after the Open Receive Channel Acknowledgement,
* need translation. Right after the Open Receive Channel Acknowledgement,
* the Call Manager sends a Start Media Transmission message indicating the
* call is connected. This message contains the IP address and UDP port
* number of the remote (called) party. Once this message is translated, the
* call is connected. This message contains the IP address and UDP port
* number of the remote (called) party. Once this message is translated, the
* call can commence. The called part sends the first UDP packet to the
* calling phone at the pre-arranged UDP port in the Open Receive Channel
* Acknowledgement.
@ -81,258 +81,258 @@
#define START_MEDIATX 0x0000008a
struct skinny_header {
u_int32_t len;
u_int32_t reserved;
u_int32_t msgId;
u_int32_t len;
u_int32_t reserved;
u_int32_t msgId;
};
struct RegisterMessage {
u_int32_t msgId;
char devName[16];
u_int32_t uid;
u_int32_t instance;
u_int32_t ipAddr;
u_char devType;
u_int32_t maxStreams;
u_int32_t msgId;
char devName [16];
u_int32_t uid;
u_int32_t instance;
u_int32_t ipAddr;
u_char devType;
u_int32_t maxStreams;
};
struct IpPortMessage {
u_int32_t msgId;
u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
* numbers */
u_int32_t msgId;
u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
* numbers */
};
struct OpenReceiveChannelAck {
u_int32_t msgId;
u_int32_t status;
u_int32_t ipAddr;
u_int32_t port;
u_int32_t passThruPartyID;
u_int32_t msgId;
u_int32_t status;
u_int32_t ipAddr;
u_int32_t port;
u_int32_t passThruPartyID;
};
struct StartMediaTransmission {
u_int32_t msgId;
u_int32_t conferenceID;
u_int32_t passThruPartyID;
u_int32_t remoteIpAddr;
u_int32_t remotePort;
u_int32_t MSPacket;
u_int32_t payloadCap;
u_int32_t precedence;
u_int32_t silenceSuppression;
u_short maxFramesPerPacket;
u_int32_t G723BitRate;
u_int32_t msgId;
u_int32_t conferenceID;
u_int32_t passThruPartyID;
u_int32_t remoteIpAddr;
u_int32_t remotePort;
u_int32_t MSPacket;
u_int32_t payloadCap;
u_int32_t precedence;
u_int32_t silenceSuppression;
u_short maxFramesPerPacket;
u_int32_t G723BitRate;
};
typedef enum {
ClientToServer = 0,
ServerToClient = 1
ClientToServer = 0,
ServerToClient = 1
} ConvDirection;
static int
alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip,
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
{
reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr;
reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr;
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
static int
alias_skinny_startmedia(struct StartMediaTransmission *start_media,
struct ip *pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t localIpAddr,
ConvDirection direction)
struct ip *pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t localIpAddr,
ConvDirection direction)
{
struct in_addr dst, src;
struct in_addr dst, src;
dst.s_addr = start_media->remoteIpAddr;
src.s_addr = localIpAddr;
dst.s_addr = start_media->remoteIpAddr;
src.s_addr = localIpAddr;
/* XXX I should probably handle in bound global translations as well. */
/*
* XXX I should probably handle in bound global translations as
* well.
*/
return 0;
return 0;
}
static int
alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
{
port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link));
port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link));
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
static int
alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack,
struct ip * pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t *localIpAddr,
ConvDirection direction)
struct ip *pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t * localIpAddr,
ConvDirection direction)
{
struct in_addr null_addr;
struct alias_link *opnrcv_link;
u_int32_t localPort;
struct in_addr null_addr;
struct alias_link *opnrcv_link;
u_int32_t localPort;
*localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
localPort = opnrcvch_ack->port;
*localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
localPort = opnrcvch_ack->port;
null_addr.s_addr = INADDR_ANY;
opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
htons((u_short) opnrcvch_ack->port), 0,
IPPROTO_UDP, 1);
opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link));
null_addr.s_addr = INADDR_ANY;
opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
htons((u_short) opnrcvch_ack->port), 0,
IPPROTO_UDP, 1);
opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link));
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
void
AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *link)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
u_int32_t msgId, len, t, lip;
struct skinny_header *sd;
int orig_len, skinny_hdr_len = sizeof(struct skinny_header);
ConvDirection direction;
int hlen, tlen, dlen;
struct tcphdr *tc;
u_int32_t msgId, len, t, lip;
struct skinny_header *sd;
int orig_len, skinny_hdr_len = sizeof(struct skinny_header);
ConvDirection direction;
tc = (struct tcphdr *) ((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
sd = (struct skinny_header *) ((char *)pip + hlen);
sd = (struct skinny_header *)((char *)pip + hlen);
/*
* XXX This direction is reserved for future use. I still need to
* handle the scenario where the call manager is on the inside, and
* the calling phone is on the global outside.
*/
if (ntohs(tc->th_dport) == la->skinnyPort) {
direction = ClientToServer;
} else if (ntohs(tc->th_sport) == la->skinnyPort) {
direction = ServerToClient;
} else {
/*
* XXX This direction is reserved for future use. I still need to
* handle the scenario where the call manager is on the inside, and
* the calling phone is on the global outside.
*/
if (ntohs(tc->th_dport) == la->skinnyPort) {
direction = ClientToServer;
} else if (ntohs(tc->th_sport) == la->skinnyPort) {
direction = ServerToClient;
} else {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");
fprintf(stderr,
"PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");
#endif
return;
}
return;
}
orig_len = dlen;
/*
* Skinny packets can contain many messages. We need to loop through
* the packet using len to determine message boundaries. This comes
* into play big time with port messages being in the same packet as
* register messages. Also, open receive channel acks are
* usually buried in a pakcet some 400 bytes long.
*/
while (dlen >= skinny_hdr_len) {
len = (sd->len);
msgId = (sd->msgId);
t = len;
orig_len = dlen;
/*
* Skinny packets can contain many messages. We need to loop
* through the packet using len to determine message boundaries.
* This comes into play big time with port messages being in the
* same packet as register messages. Also, open receive channel
* acks are usually buried in a pakcet some 400 bytes long.
*/
while (dlen >= skinny_hdr_len) {
len = (sd->len);
msgId = (sd->msgId);
t = len;
if (t < 0 || t > orig_len || t > dlen) {
if (t < 0 || t > orig_len || t > dlen) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, invalid length \n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, invalid length \n");
#endif
return;
}
switch (msgId) {
case REG_MSG:
{
struct RegisterMessage *reg_mesg;
return;
}
switch (msgId) {
case REG_MSG: {
struct RegisterMessage *reg_mesg;
if (len < sizeof(struct RegisterMessage)) {
if (len < sizeof(struct RegisterMessage)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, bad registration message\n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, bad registration message\n");
#endif
return;
}
reg_mesg = (struct RegisterMessage *) & sd->msgId;
return;
}
reg_mesg = (struct RegisterMessage *)&sd->msgId;
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received a register message");
fprintf(stderr,
"PacketAlias/Skinny: Received a register message");
#endif
alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction);
}
break;
case IP_PORT_MSG:
{
struct IpPortMessage *port_mesg;
if (len < sizeof(struct IpPortMessage)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, port message\n");
#endif
return;
}
#ifdef DEBUG
fprintf(stderr
"PacketAlias/Skinny: Received ipport message\n");
#endif
port_mesg = (struct IpPortMessage *) & sd->msgId;
alias_skinny_port_msg(port_mesg, pip, tc, link, direction);
}
break;
case OPNRCVCH_ACK:
{
struct OpenReceiveChannelAck *opnrcvchn_ack;
alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction);
break;
}
case IP_PORT_MSG: {
struct IpPortMessage *port_mesg;
if (len < sizeof(struct OpenReceiveChannelAck)) {
if (len < sizeof(struct IpPortMessage)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, port message\n");
#endif
return;
}
return;
}
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received open rcv channel msg\n");
fprintf(stderr
"PacketAlias/Skinny: Received ipport message\n");
#endif
opnrcvchn_ack = (struct OpenReceiveChannelAck *) & sd->msgId;
alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
}
break;
case START_MEDIATX:
{
struct StartMediaTransmission *startmedia_tx;
port_mesg = (struct IpPortMessage *)&sd->msgId;
alias_skinny_port_msg(port_mesg, pip, tc, link, direction);
break;
}
case OPNRCVCH_ACK: {
struct OpenReceiveChannelAck *opnrcvchn_ack;
if (len < sizeof(struct StartMediaTransmission)) {
if (len < sizeof(struct OpenReceiveChannelAck)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n");
#endif
return;
}
return;
}
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received start media trans msg\n");
fprintf(stderr,
"PacketAlias/Skinny: Received open rcv channel msg\n");
#endif
startmedia_tx = (struct StartMediaTransmission *) & sd->msgId;
alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction);
}
break;
default:
break;
}
/* Place the pointer at the next message in the packet. */
dlen -= len + (skinny_hdr_len - sizeof(msgId));
sd = (struct skinny_header *) (((char *)&sd->msgId) + len);
}
opnrcvchn_ack = (struct OpenReceiveChannelAck *)&sd->msgId;
alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
break;
}
case START_MEDIATX: {
struct StartMediaTransmission *startmedia_tx;
if (len < sizeof(struct StartMediaTransmission)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n");
#endif
return;
}
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received start media trans msg\n");
#endif
startmedia_tx = (struct StartMediaTransmission *)&sd->msgId;
alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction);
break;
}
default:
break;
}
/* Place the pointer at the next message in the packet. */
dlen -= len + (skinny_hdr_len - sizeof(msgId));
sd = (struct skinny_header *)(((char *)&sd->msgId) + len);
}
}

524
lib/libalias/alias_smedia.c
View File

@ -118,316 +118,326 @@ __FBSDID("$FreeBSD$");
static int
search_string(char *data, int dlen, const char *search_str)
{
int i, j, k;
int search_str_len;
int i, j, k;
int search_str_len;
search_str_len = strlen(search_str);
for (i = 0; i < dlen - search_str_len; i++) {
for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
if (data[j] != search_str[k] &&
data[j] != search_str[k] - ('a' - 'A')) {
break;
}
if (k == search_str_len - 1) {
return j + 1;
}
search_str_len = strlen(search_str);
for (i = 0; i < dlen - search_str_len; i++) {
for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
if (data[j] != search_str[k] &&
data[j] != search_str[k] - ('a' - 'A')) {
break;
}
if (k == search_str_len - 1) {
return j + 1;
}
}
}
}
return -1;
return -1;
}
static int
alias_rtsp_out(struct libalias *la, struct ip *pip,
struct alias_link *link,
char *data,
const char *port_str)
struct alias_link *link,
char *data,
const char *port_str)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
int i, j, pos, state, port_dlen, new_dlen, delta;
u_short p[2], new_len;
u_short sport, eport, base_port;
u_short salias = 0, ealias = 0, base_alias = 0;
const char *transport_str = "transport:";
char newdata[2048], *port_data, *port_newdata, stemp[80];
int links_created = 0, pkt_updated = 0;
struct alias_link *rtsp_link = NULL;
struct in_addr null_addr;
int hlen, tlen, dlen;
struct tcphdr *tc;
int i, j, pos, state, port_dlen, new_dlen, delta;
u_short p[2], new_len;
u_short sport, eport, base_port;
u_short salias = 0, ealias = 0, base_alias = 0;
const char *transport_str = "transport:";
char newdata[2048], *port_data, *port_newdata, stemp[80];
int links_created = 0, pkt_updated = 0;
struct alias_link *rtsp_link = NULL;
struct in_addr null_addr;
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Calculate data length of TCP packet */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Find keyword, "Transport: " */
pos = search_string(data, dlen, transport_str);
if (pos < 0) {
return -1;
}
port_data = data + pos;
port_dlen = dlen - pos;
memcpy(newdata, data, pos);
port_newdata = newdata + pos;
while (port_dlen > strlen(port_str)) {
/* Find keyword, appropriate port string */
pos = search_string(port_data, port_dlen, port_str);
/* Find keyword, "Transport: " */
pos = search_string(data, dlen, transport_str);
if (pos < 0) {
break;
return -1;
}
port_data = data + pos;
port_dlen = dlen - pos;
memcpy (port_newdata, port_data, pos + 1);
port_newdata += (pos + 1);
memcpy(newdata, data, pos);
port_newdata = newdata + pos;
p[0] = p[1] = 0;
sport = eport = 0;
state = 0;
for (i = pos; i < port_dlen; i++) {
switch(state) {
case 0:
if (port_data[i] == '=') {
state++;
while (port_dlen > strlen(port_str)) {
/* Find keyword, appropriate port string */
pos = search_string(port_data, port_dlen, port_str);
if (pos < 0) {
break;
}
break;
case 1:
if (ISDIGIT(port_data[i])) {
p[0] = p[0] * 10 + port_data[i] - '0';
} else {
if (port_data[i] == ';') {
state = 3;
}
if (port_data[i] == '-') {
state++;
}
}
break;
case 2:
if (ISDIGIT(port_data[i])) {
p[1] = p[1] * 10 + port_data[i] - '0';
} else {
state++;
}
break;
case 3:
base_port = p[0];
sport = htons(p[0]);
eport = htons(p[1]);
memcpy(port_newdata, port_data, pos + 1);
port_newdata += (pos + 1);
if (!links_created) {
p[0] = p[1] = 0;
sport = eport = 0;
state = 0;
for (i = pos; i < port_dlen; i++) {
switch (state) {
case 0:
if (port_data[i] == '=') {
state++;
}
break;
case 1:
if (ISDIGIT(port_data[i])) {
p[0] = p[0] * 10 + port_data[i] - '0';
} else {
if (port_data[i] == ';') {
state = 3;
}
if (port_data[i] == '-') {
state++;
}
}
break;
case 2:
if (ISDIGIT(port_data[i])) {
p[1] = p[1] * 10 + port_data[i] - '0';
} else {
state++;
}
break;
case 3:
base_port = p[0];
sport = htons(p[0]);
eport = htons(p[1]);
links_created = 1;
/* Find an even numbered port number base that
satisfies the contiguous number of ports we need */
null_addr.s_addr = 0;
if (0 == (salias = FindNewPortGroup(la, null_addr,
FindAliasAddress(la, pip->ip_src),
sport, 0,
RTSP_PORT_GROUP,
IPPROTO_UDP, 1))) {
if (!links_created) {
links_created = 1;
/*
* Find an even numbered port
* number base that satisfies the
* contiguous number of ports we
* need
*/
null_addr.s_addr = 0;
if (0 == (salias = FindNewPortGroup(la, null_addr,
FindAliasAddress(la, pip->ip_src),
sport, 0,
RTSP_PORT_GROUP,
IPPROTO_UDP, 1))) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n");
fprintf(stderr,
"PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n");
#endif
} else {
} else {
base_alias = ntohs(salias);
for (j = 0; j < RTSP_PORT_GROUP; j++) {
/* Establish link to port found in RTSP packet */
rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
htons(base_port + j), htons(base_alias + j),
IPPROTO_UDP);
if (rtsp_link != NULL) {
base_alias = ntohs(salias);
for (j = 0; j < RTSP_PORT_GROUP; j++) {
/*
* Establish link
* to port found in
* RTSP packet
*/
rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
htons(base_port + j), htons(base_alias + j),
IPPROTO_UDP);
if (rtsp_link != NULL) {
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */
PunchFWHole(rtsp_link);
/*
* Punch
* hole in
* firewall
*/
PunchFWHole(rtsp_link);
#endif
} else {
} else {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/RTSP: Cannot allocate RTSP data ports\n");
fprintf(stderr,
"PacketAlias/RTSP: Cannot allocate RTSP data ports\n");
#endif
break;
}
}
}
ealias = htons(base_alias + (RTSP_PORT_GROUP - 1));
break;
}
}
}
ealias = htons(base_alias + (RTSP_PORT_GROUP - 1));
}
if (salias && rtsp_link) {
pkt_updated = 1;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(salias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
if (eport != 0) {
*port_newdata = '-';
port_newdata++;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(ealias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
}
*port_newdata = ';';
port_newdata++;
}
state++;
break;
}
if (state > 3) {
break;
}
}
if (salias && rtsp_link) {
pkt_updated = 1;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(salias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
if (eport != 0) {
*port_newdata = '-';
port_newdata++;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(ealias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
}
*port_newdata = ';';
port_newdata++;
}
state++;
break;
}
if (state > 3) {
break;
}
port_data += i;
port_dlen -= i;
}
port_data += i;
port_dlen -= i;
}
if (!pkt_updated)
return -1;
if (!pkt_updated)
return -1;
memcpy (port_newdata, port_data, port_dlen);
port_newdata += port_dlen;
*port_newdata = '\0';
memcpy(port_newdata, port_data, port_dlen);
port_newdata += port_dlen;
*port_newdata = '\0';
/* Create new packet */
new_dlen = port_newdata - newdata;
memcpy (data, newdata, new_dlen);
/* Create new packet */
new_dlen = port_newdata - newdata;
memcpy(data, newdata, new_dlen);
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + new_dlen - dlen);
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + new_dlen - dlen);
new_len = htons(hlen + new_dlen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
new_len = htons(hlen + new_dlen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
/* Support the protocol used by early versions of RealPlayer */
static int
alias_pna_out(struct libalias *la, struct ip *pip,
struct alias_link *link,
char *data,
int dlen)
struct alias_link *link,
char *data,
int dlen)
{
struct alias_link *pna_links;
u_short msg_id, msg_len;
char *work;
u_short alias_port, port;
struct tcphdr *tc;
struct alias_link *pna_links;
u_short msg_id, msg_len;
char *work;
u_short alias_port, port;
struct tcphdr *tc;
work = data;
work += 5;
while (work + 4 < data + dlen) {
memcpy(&msg_id, work, 2);
work += 2;
memcpy(&msg_len, work, 2);
work += 2;
if (ntohs(msg_id) == 0) {
/* end of options */
return 0;
}
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
memcpy(&port, work, 2);
pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
port, 0, IPPROTO_UDP, 1);
if (pna_links != NULL) {
work = data;
work += 5;
while (work + 4 < data + dlen) {
memcpy(&msg_id, work, 2);
work += 2;
memcpy(&msg_len, work, 2);
work += 2;
if (ntohs(msg_id) == 0) {
/* end of options */
return 0;
}
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
memcpy(&port, work, 2);
pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
port, 0, IPPROTO_UDP, 1);
if (pna_links != NULL) {
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */
PunchFWHole(pna_links);
/* Punch hole in firewall */
PunchFWHole(pna_links);
#endif
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
alias_port = GetAliasPort(pna_links);
memcpy(work, &alias_port, 2);
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
alias_port = GetAliasPort(pna_links);
memcpy(work, &alias_port, 2);
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
}
}
work += ntohs(msg_len);
}
work += ntohs(msg_len);
}
return 0;
return 0;
}
void
AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *link, int maxpacketsize)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
char *data;
const char *setup = "SETUP", *pna = "PNA", *str200 = "200";
const char *okstr = "OK", *client_port_str = "client_port";
const char *server_port_str = "server_port";
int i, parseOk;
int hlen, tlen, dlen;
struct tcphdr *tc;
char *data;
const char *setup = "SETUP", *pna = "PNA", *str200 = "200";
const char *okstr = "OK", *client_port_str = "client_port";
const char *server_port_str = "server_port";
int i, parseOk;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
data = (char*)pip;
data += hlen;
data = (char *)pip;
data += hlen;
/* When aliasing a client, check for the SETUP request */
if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
(ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
/* When aliasing a client, check for the SETUP request */
if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
(ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
if (dlen >= strlen(setup)) {
if (memcmp(data, setup, strlen(setup)) == 0) {
alias_rtsp_out(la, pip, link, data, client_port_str);
return;
if (dlen >= strlen(setup)) {
if (memcmp(data, setup, strlen(setup)) == 0) {
alias_rtsp_out(la, pip, link, data, client_port_str);
return;
}
}
if (dlen >= strlen(pna)) {
if (memcmp(data, pna, strlen(pna)) == 0) {
alias_pna_out(la, pip, link, data, dlen);
}
}
} else {
/*
* When aliasing a server, check for the 200 reply
* Accomodate varying number of blanks between 200 & OK
*/
if (dlen >= strlen(str200)) {
for (parseOk = 0, i = 0;
i <= dlen - strlen(str200);
i++) {
if (memcmp(&data[i], str200, strlen(str200)) == 0) {
parseOk = 1;
break;
}
}
if (parseOk) {
i += strlen(str200); /* skip string found */
while (data[i] == ' ') /* skip blank(s) */
i++;
if ((dlen - i) >= strlen(okstr)) {
if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
alias_rtsp_out(la, pip, link, data, server_port_str);
}
}
}
}
}
if (dlen >= strlen(pna)) {
if (memcmp(data, pna, strlen(pna)) == 0) {
alias_pna_out(la, pip, link, data, dlen);
}
}
} else {
/* When aliasing a server, check for the 200 reply
Accomodate varying number of blanks between 200 & OK */
if (dlen >= strlen(str200)) {
for (parseOk = 0, i = 0;
i <= dlen - strlen(str200);
i++) {
if (memcmp(&data[i], str200, strlen(str200)) == 0) {
parseOk = 1;
break;
}
}
if (parseOk) {
i += strlen(str200); /* skip string found */
while(data[i] == ' ') /* skip blank(s) */
i++;
if ((dlen - i) >= strlen(okstr)) {
if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
alias_rtsp_out(la, pip, link, data, server_port_str);
}
}
}
}
}

144
lib/libalias/alias_util.c
View File

@ -61,110 +61,100 @@ purposes);
#include "alias_local.h"
u_short
LibAliasInternetChecksum(struct libalias *la, u_short *ptr, int nbytes)
LibAliasInternetChecksum(struct libalias *la, u_short * ptr, int nbytes)
{
int sum, oddbyte;
int sum, oddbyte;
sum = 0;
while (nbytes > 1)
{
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1)
{
oddbyte = 0;
((u_char *) &oddbyte)[0] = *(u_char *) ptr;
((u_char *) &oddbyte)[1] = 0;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
return(~sum);
sum = 0;
while (nbytes > 1) {
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1) {
oddbyte = 0;
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
((u_char *) & oddbyte)[1] = 0;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
return (~sum);
}
u_short
IpChecksum(struct ip *pip)
{
return( PacketAliasInternetChecksum((u_short *) pip,
(pip->ip_hl << 2)) );
return (PacketAliasInternetChecksum((u_short *) pip,
(pip->ip_hl << 2)));
}
u_short
TcpChecksum(struct ip *pip)
{
u_short *ptr;
struct tcphdr *tc;
int nhdr, ntcp, nbytes;
int sum, oddbyte;
u_short *ptr;
struct tcphdr *tc;
int nhdr, ntcp, nbytes;
int sum, oddbyte;
nhdr = pip->ip_hl << 2;
ntcp = ntohs(pip->ip_len) - nhdr;
nhdr = pip->ip_hl << 2;
ntcp = ntohs(pip->ip_len) - nhdr;
tc = (struct tcphdr *) ((char *) pip + nhdr);
ptr = (u_short *) tc;
tc = (struct tcphdr *)((char *)pip + nhdr);
ptr = (u_short *) tc;
/* Add up TCP header and data */
nbytes = ntcp;
sum = 0;
while (nbytes > 1)
{
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1)
{
oddbyte = 0;
((u_char *) &oddbyte)[0] = *(u_char *) ptr;
((u_char *) &oddbyte)[1] = 0;
sum += oddbyte;
}
nbytes = ntcp;
sum = 0;
while (nbytes > 1) {
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1) {
oddbyte = 0;
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
((u_char *) & oddbyte)[1] = 0;
sum += oddbyte;
}
/* "Pseudo-header" data */
ptr = (u_short *) &(pip->ip_dst);
sum += *ptr++;
sum += *ptr;
ptr = (u_short *) &(pip->ip_src);
sum += *ptr++;
sum += *ptr;
sum += htons((u_short) ntcp);
sum += htons((u_short) pip->ip_p);
ptr = (u_short *) & (pip->ip_dst);
sum += *ptr++;
sum += *ptr;
ptr = (u_short *) & (pip->ip_src);
sum += *ptr++;
sum += *ptr;
sum += htons((u_short) ntcp);
sum += htons((u_short) pip->ip_p);
/* Roll over carry bits */
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
/* Return checksum */
return((u_short) ~sum);
return ((u_short) ~ sum);
}
void
DifferentialChecksum(u_short *cksum, u_short *new, u_short *old, int n)
DifferentialChecksum(u_short * cksum, u_short * new, u_short * old, int n)
{
int i;
int accumulate;
int i;
int accumulate;
accumulate = *cksum;
for (i=0; i<n; i++)
{
accumulate -= *new++;
accumulate += *old++;
}
accumulate = *cksum;
for (i = 0; i < n; i++) {
accumulate -= *new++;
accumulate += *old++;
}
if (accumulate < 0)
{
accumulate = -accumulate;
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) ~accumulate;
}
else
{
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) accumulate;
}
if (accumulate < 0) {
accumulate = -accumulate;
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) ~ accumulate;
} else {
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) accumulate;
}
}

1859
sys/netinet/libalias/alias.c
View File

File diff suppressed because it is too large Load Diff

126
sys/netinet/libalias/alias.h
View File

@ -47,11 +47,11 @@
* PacketAlias*() the old API which doesn't take an instance pointer
* and therefore can only have one packet engine at a time.
*
* LibAlias*() the new API which takes as first argument a pointer to
* LibAlias*() the new API which takes as first argument a pointer to
* the instance of the packet aliasing engine.
*
* The functions otherwise correspond to each other one for one, except
* for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
* for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
* were misnamed in the old API.
*/
@ -66,107 +66,109 @@ struct libalias;
* PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
* and freed by PacketAliasRedirectDelete().
*/
struct alias_link;
struct alias_link;
/* OLD API */
/* Initialization and control functions. */
void PacketAliasInit(void);
void PacketAliasSetAddress(struct in_addr _addr);
void PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
void PacketAliasSetSkinnyPort(unsigned int _port);
void PacketAliasInit(void);
void PacketAliasSetAddress(struct in_addr _addr);
void PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
void PacketAliasSetSkinnyPort(unsigned int _port);
unsigned int
PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
void PacketAliasUninit(void);
PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
void PacketAliasUninit(void);
/* Packet Handling functions. */
int PacketAliasIn(char *_ptr, int _maxpacketsize);
int PacketAliasOut(char *_ptr, int _maxpacketsize);
int PacketUnaliasOut(char *_ptr, int _maxpacketsize);
int PacketAliasIn(char *_ptr, int _maxpacketsize);
int PacketAliasOut(char *_ptr, int _maxpacketsize);
int PacketUnaliasOut(char *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
int PacketAliasAddServer(struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
int
PacketAliasAddServer(struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
struct alias_link *
PacketAliasRedirectAddr(struct in_addr _src_addr,
struct in_addr _alias_addr);
int PacketAliasRedirectDynamic(struct alias_link *_link);
void PacketAliasRedirectDelete(struct alias_link *_link);
PacketAliasRedirectAddr(struct in_addr _src_addr,
struct in_addr _alias_addr);
int PacketAliasRedirectDynamic(struct alias_link *_link);
void PacketAliasRedirectDelete(struct alias_link *_link);
struct alias_link *
PacketAliasRedirectPort(struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
PacketAliasRedirectPort(struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
struct alias_link *
PacketAliasRedirectProto(struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
PacketAliasRedirectProto(struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
/* Fragment Handling functions. */
void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
char *PacketAliasGetFragment(char *_ptr);
int PacketAliasSaveFragment(char *_ptr);
void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
char *PacketAliasGetFragment(char *_ptr);
int PacketAliasSaveFragment(char *_ptr);
/* Miscellaneous functions. */
int PacketAliasCheckNewLink(void);
int PacketAliasCheckNewLink(void);
unsigned short
PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
void PacketAliasSetTarget(struct in_addr _target_addr);
PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
void PacketAliasSetTarget(struct in_addr _target_addr);
/* Transparent proxying routines. */
int PacketAliasProxyRule(const char *_cmd);
int PacketAliasProxyRule(const char *_cmd);
/* NEW API */
/* Initialization and control functions. */
struct libalias *LibAliasInit(struct libalias *);
void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
struct libalias *LibAliasInit(struct libalias *);
void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
unsigned int
LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
void LibAliasUninit(struct libalias *);
LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
void LibAliasUninit(struct libalias *);
/* Packet Handling functions. */
int LibAliasIn(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
int LibAliasAddServer(struct libalias *, struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
int
LibAliasAddServer(struct libalias *, struct alias_link *_link,
struct in_addr _addr, unsigned short _port);
struct alias_link *
LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
struct in_addr _alias_addr);
int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
struct in_addr _alias_addr);
int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
struct alias_link *
LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
unsigned short _src_port, struct in_addr _dst_addr,
unsigned short _dst_port, struct in_addr _alias_addr,
unsigned short _alias_port, unsigned char _proto);
struct alias_link *
LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
struct in_addr _dst_addr, struct in_addr _alias_addr,
unsigned char _proto);
/* Fragment Handling functions. */
void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
char *LibAliasGetFragment(struct libalias *, char *_ptr);
int LibAliasSaveFragment(struct libalias *, char *_ptr);
void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
char *LibAliasGetFragment(struct libalias *, char *_ptr);
int LibAliasSaveFragment(struct libalias *, char *_ptr);
/* Miscellaneous functions. */
int LibAliasCheckNewLink(struct libalias *);
int LibAliasCheckNewLink(struct libalias *);
unsigned short
LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
/* Transparent proxying routines. */
int LibAliasProxyRule(struct libalias *, const char *_cmd);
int LibAliasProxyRule(struct libalias *, const char *_cmd);
/*
@ -257,6 +259,6 @@ int LibAliasProxyRule(struct libalias *, const char *_cmd);
#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3
#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4
#endif /* !_ALIAS_H_ */
#endif /* !_ALIAS_H_ */
/* lint -restore */

107
sys/netinet/libalias/alias_cuseeme.c
View File

@ -40,83 +40,84 @@ __FBSDID("$FreeBSD$");
/* CU-SeeMe Data Header */
struct cu_header {
u_int16_t dest_family;
u_int16_t dest_port;
u_int32_t dest_addr;
int16_t family;
u_int16_t port;
u_int32_t addr;
u_int32_t seq;
u_int16_t msg;
u_int16_t data_type;
u_int16_t packet_len;
u_int16_t dest_family;
u_int16_t dest_port;
u_int32_t dest_addr;
int16_t family;
u_int16_t port;
u_int32_t addr;
u_int32_t seq;
u_int16_t msg;
u_int16_t data_type;
u_int16_t packet_len;
};
/* Open Continue Header */
struct oc_header {
u_int16_t client_count; /* Number of client info structs */
u_int32_t seq_no;
char user_name[20];
char reserved[4]; /* flags, version stuff, etc */
u_int16_t client_count; /* Number of client info structs */
u_int32_t seq_no;
char user_name [20];
char reserved [4]; /* flags, version stuff, etc */
};
/* client info structures */
struct client_info {
u_int32_t address; /* Client address */
char reserved[8]; /* Flags, pruning bitfield, packet counts etc */
u_int32_t address;/* Client address */
char reserved [8]; /* Flags, pruning bitfield, packet
* counts etc */
};
void
AliasHandleCUSeeMeOut(struct libalias *la, struct ip *pip, struct alias_link *link)
{
struct udphdr *ud;
struct udphdr *ud;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) {
struct cu_header *cu;
struct alias_link *cu_link;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) {
struct cu_header *cu;
struct alias_link *cu_link;
cu = (struct cu_header *)(ud + 1);
if (cu->addr)
cu->addr = (u_int32_t)GetAliasAddress(link).s_addr;
cu = (struct cu_header *)(ud + 1);
if (cu->addr)
cu->addr = (u_int32_t) GetAliasAddress(link).s_addr;
cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
ud->uh_dport, 0, IPPROTO_UDP, 1);
cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
ud->uh_dport, 0, IPPROTO_UDP, 1);
#ifndef NO_FW_PUNCH
if (cu_link)
PunchFWHole(cu_link);
if (cu_link)
PunchFWHole(cu_link);
#endif
}
}
}
void
AliasHandleCUSeeMeIn(struct libalias *la, struct ip *pip, struct in_addr original_addr)
{
struct in_addr alias_addr;
struct udphdr *ud;
struct cu_header *cu;
struct oc_header *oc;
struct client_info *ci;
char *end;
int i;
struct in_addr alias_addr;
struct udphdr *ud;
struct cu_header *cu;
struct oc_header *oc;
struct client_info *ci;
char *end;
int i;
alias_addr.s_addr = pip->ip_dst.s_addr;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
cu = (struct cu_header *)(ud + 1);
oc = (struct oc_header *)(cu + 1);
ci = (struct client_info *)(oc + 1);
end = (char *)ud + ntohs(ud->uh_ulen);
alias_addr.s_addr = pip->ip_dst.s_addr;
ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
cu = (struct cu_header *)(ud + 1);
oc = (struct oc_header *)(cu + 1);
ci = (struct client_info *)(oc + 1);
end = (char *)ud + ntohs(ud->uh_ulen);
if ((char *)oc <= end) {
if(cu->dest_addr)
cu->dest_addr = (u_int32_t)original_addr.s_addr;
if(ntohs(cu->data_type) == 101)
/* Find and change our address */
for(i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++)
if(ci->address == (u_int32_t)alias_addr.s_addr) {
ci->address = (u_int32_t)original_addr.s_addr;
break;
}
}
if ((char *)oc <= end) {
if (cu->dest_addr)
cu->dest_addr = (u_int32_t) original_addr.s_addr;
if (ntohs(cu->data_type) == 101)
/* Find and change our address */
for (i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++)
if (ci->address == (u_int32_t) alias_addr.s_addr) {
ci->address = (u_int32_t) original_addr.s_addr;
break;
}
}
}

3118
sys/netinet/libalias/alias_db.c
View File

File diff suppressed because it is too large Load Diff

870
sys/netinet/libalias/alias_ftp.c
View File

@ -87,495 +87,589 @@ __FBSDID("$FreeBSD$");
#define WAIT_CRLF 0x01
enum ftp_message_type {
FTP_PORT_COMMAND,
FTP_EPRT_COMMAND,
FTP_227_REPLY,
FTP_229_REPLY,
FTP_UNKNOWN_MESSAGE
FTP_PORT_COMMAND,
FTP_EPRT_COMMAND,
FTP_227_REPLY,
FTP_229_REPLY,
FTP_UNKNOWN_MESSAGE
};
static int ParseFtpPortCommand(struct libalias *la, char *, int);
static int ParseFtpEprtCommand(struct libalias *la, char *, int);
static int ParseFtp227Reply(struct libalias *la, char *, int);
static int ParseFtp229Reply(struct libalias *la, char *, int);
static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
static int ParseFtpPortCommand(struct libalias *la, char *, int);
static int ParseFtpEprtCommand(struct libalias *la, char *, int);
static int ParseFtp227Reply(struct libalias *la, char *, int);
static int ParseFtp229Reply(struct libalias *la, char *, int);
static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
void
AliasHandleFtpOut(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link, /* The link to go through (aliased port) */
int maxpacketsize /* The maximum size this packet can grow to (including headers) */)
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link, /* The link to go through (aliased port) */
int maxpacketsize /* The maximum size this packet can grow to
(including headers) */ )
{
int hlen, tlen, dlen, pflags;
char *sptr;
struct tcphdr *tc;
int ftp_message_type;
int hlen, tlen, dlen, pflags;
char *sptr;
struct tcphdr *tc;
int ftp_message_type;
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Place string pointer and beginning of data */
sptr = (char *) pip;
sptr += hlen;
sptr = (char *)pip;
sptr += hlen;
/*
* Check that data length is not too long and previous message was
* properly terminated with CRLF.
*/
pflags = GetProtocolFlags(link);
if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
ftp_message_type = FTP_UNKNOWN_MESSAGE;
pflags = GetProtocolFlags(link);
if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
ftp_message_type = FTP_UNKNOWN_MESSAGE;
if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
/*
* When aliasing a client, check for the PORT/EPRT command.
*/
if (ParseFtpPortCommand(la, sptr, dlen))
ftp_message_type = FTP_PORT_COMMAND;
else if (ParseFtpEprtCommand(la, sptr, dlen))
ftp_message_type = FTP_EPRT_COMMAND;
} else {
if (ParseFtpPortCommand(la, sptr, dlen))
ftp_message_type = FTP_PORT_COMMAND;
else if (ParseFtpEprtCommand(la, sptr, dlen))
ftp_message_type = FTP_EPRT_COMMAND;
} else {
/*
* When aliasing a server, check for the 227/229 reply.
*/
if (ParseFtp227Reply(la, sptr, dlen))
ftp_message_type = FTP_227_REPLY;
else if (ParseFtp229Reply(la, sptr, dlen)) {
ftp_message_type = FTP_229_REPLY;
la->true_addr.s_addr = pip->ip_src.s_addr;
}
if (ParseFtp227Reply(la, sptr, dlen))
ftp_message_type = FTP_227_REPLY;
else if (ParseFtp229Reply(la, sptr, dlen)) {
ftp_message_type = FTP_229_REPLY;
la->true_addr.s_addr = pip->ip_src.s_addr;
}
}
if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
}
if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
}
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
if (dlen) { /* only if there's data */
sptr = (char *) pip; /* start over at beginning */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */
if (sptr[tlen-2] == '\r' && sptr[tlen-1] == '\n')
pflags &= ~WAIT_CRLF;
else
pflags |= WAIT_CRLF;
SetProtocolFlags(link, pflags);
}
if (dlen) { /* only if there's data */
sptr = (char *)pip; /* start over at beginning */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
* have grown */
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
pflags &= ~WAIT_CRLF;
else
pflags |= WAIT_CRLF;
SetProtocolFlags(link, pflags);
}
}
static int
ParseFtpPortCommand(struct libalias *la, char *sptr, int dlen)
{
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
/* Format: "PORT A,D,D,R,PO,RT". */
/* Format: "PORT A,D,D,R,PO,RT". */
/* Return if data length is too short. */
if (dlen < 18)
return 0;
addr = port = octet = 0;
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -4: if (ch == 'P') state++; else return 0; break;
case -3: if (ch == 'O') state++; else return 0; break;
case -2: if (ch == 'R') state++; else return 0; break;
case -1: if (ch == 'T') state++; else return 0; break;
case 0:
if (isspace(ch))
break;
else
state++;
case 1: case 3: case 5: case 7: case 9: case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
/* Return if data length is too short. */
if (dlen < 18)
return 0;
break;
case 2: case 4: case 6: case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10: case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || state == 12) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
addr = port = octet = 0;
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -4:
if (ch == 'P')
state++;
else
return 0;
break;
case -3:
if (ch == 'O')
state++;
else
return 0;
break;
case -2:
if (ch == 'R')
state++;
else
return 0;
break;
case -1:
if (ch == 'T')
state++;
else
return 0;
break;
case 0:
if (isspace(ch))
break;
else
state++;
case 1:
case 3:
case 5:
case 7:
case 9:
case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 2:
case 4:
case 6:
case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10:
case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || state == 12) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
}
}
}
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
}
static int
ParseFtpEprtCommand(struct libalias *la, char *sptr, int dlen)
{
char ch, delim;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
char ch, delim;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
/* Format: "EPRT |1|A.D.D.R|PORT|". */
/* Format: "EPRT |1|A.D.D.R|PORT|". */
/* Return if data length is too short. */
if (dlen < 18)
return 0;
/* Return if data length is too short. */
if (dlen < 18)
return 0;
addr = port = octet = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state)
{
case -4: if (ch == 'E') state++; else return 0; break;
case -3: if (ch == 'P') state++; else return 0; break;
case -2: if (ch == 'R') state++; else return 0; break;
case -1: if (ch == 'T') state++; else return 0; break;
addr = port = octet = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -4;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -4:
if (ch == 'E')
state++;
else
return 0;
break;
case -3:
if (ch == 'P')
state++;
else
return 0;
break;
case -2:
if (ch == 'R')
state++;
else
return 0;
break;
case -1:
if (ch == 'T')
state++;
else
return 0;
break;
case 0:
if (!isspace(ch)) {
delim = ch;
state++;
}
break;
case 1:
if (ch == '1') /* IPv4 address */
state++;
else
return 0;
break;
case 2:
if (ch == delim)
state++;
else
return 0;
break;
case 3: case 5: case 7: case 9:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 4: case 6: case 8: case 10:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == '.' || state == 10) {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 11:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 12:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
case 0:
if (!isspace(ch)) {
delim = ch;
state++;
}
break;
case 1:
if (ch == '1') /* IPv4 address */
state++;
else
return 0;
break;
case 2:
if (ch == delim)
state++;
else
return 0;
break;
case 3:
case 5:
case 7:
case 9:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 4:
case 6:
case 8:
case 10:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == '.' || state == 10) {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 11:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 12:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
}
}
}
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
if (state == 13) {
la->true_addr.s_addr = htonl(addr);
la->true_port = port;
return 1;
} else
return 0;
}
static int
ParseFtp227Reply(struct libalias *la, char *sptr, int dlen)
{
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
char ch;
int i, state;
u_int32_t addr;
u_short port;
u_int8_t octet;
/* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */
/* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */
/* Return if data length is too short. */
if (dlen < 17)
return 0;
addr = port = octet = 0;
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state)
{
case -3: if (ch == '2') state++; else return 0; break;
case -2: if (ch == '2') state++; else return 0; break;
case -1: if (ch == '7') state++; else return 0; break;
case 0:
if (ch == '(')
state++;
break;
case 1: case 3: case 5: case 7: case 9: case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
/* Return if data length is too short. */
if (dlen < 17)
return 0;
break;
case 2: case 4: case 6: case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10: case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || (state == 12 && ch == ')')) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
addr = port = octet = 0;
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -3:
if (ch == '2')
state++;
else
return 0;
break;
case -2:
if (ch == '2')
state++;
else
return 0;
break;
case -1:
if (ch == '7')
state++;
else
return 0;
break;
case 0:
if (ch == '(')
state++;
break;
case 1:
case 3:
case 5:
case 7:
case 9:
case 11:
if (isdigit(ch)) {
octet = ch - '0';
state++;
} else
return 0;
break;
case 2:
case 4:
case 6:
case 8:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',') {
addr = (addr << 8) + octet;
state++;
} else
return 0;
break;
case 10:
case 12:
if (isdigit(ch))
octet = 10 * octet + ch - '0';
else if (ch == ',' || (state == 12 && ch == ')')) {
port = (port << 8) + octet;
state++;
} else
return 0;
break;
}
}
}
if (state == 13) {
la->true_port = port;
la->true_addr.s_addr = htonl(addr);
return 1;
} else
return 0;
if (state == 13) {
la->true_port = port;
la->true_addr.s_addr = htonl(addr);
return 1;
} else
return 0;
}
static int
ParseFtp229Reply(struct libalias *la, char *sptr, int dlen)
{
char ch, delim;
int i, state;
u_short port;
char ch, delim;
int i, state;
u_short port;
/* Format: "229 Entering Extended Passive Mode (|||PORT|)" */
/* Format: "229 Entering Extended Passive Mode (|||PORT|)" */
/* Return if data length is too short. */
if (dlen < 11)
return 0;
port = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state)
{
case -3: if (ch == '2') state++; else return 0; break;
case -2: if (ch == '2') state++; else return 0; break;
case -1: if (ch == '9') state++; else return 0; break;
case 0:
if (ch == '(')
state++;
break;
case 1:
delim = ch;
state++;
break;
case 2: case 3:
if (ch == delim)
state++;
else
/* Return if data length is too short. */
if (dlen < 11)
return 0;
break;
case 4:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 5:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
case 6:
if (ch == ')')
state++;
else
return 0;
break;
port = 0;
delim = '|'; /* XXX gcc -Wuninitialized */
state = -3;
for (i = 0; i < dlen; i++) {
ch = sptr[i];
switch (state) {
case -3:
if (ch == '2')
state++;
else
return 0;
break;
case -2:
if (ch == '2')
state++;
else
return 0;
break;
case -1:
if (ch == '9')
state++;
else
return 0;
break;
case 0:
if (ch == '(')
state++;
break;
case 1:
delim = ch;
state++;
break;
case 2:
case 3:
if (ch == delim)
state++;
else
return 0;
break;
case 4:
if (isdigit(ch)) {
port = ch - '0';
state++;
} else
return 0;
break;
case 5:
if (isdigit(ch))
port = 10 * port + ch - '0';
else if (ch == delim)
state++;
else
return 0;
break;
case 6:
if (ch == ')')
state++;
else
return 0;
break;
}
}
}
if (state == 7) {
la->true_port = port;
return 1;
} else
return 0;
if (state == 7) {
la->true_port = port;
return 1;
} else
return 0;
}
static void
NewFtpMessage(struct libalias *la, struct ip *pip,
struct alias_link *link,
int maxpacketsize,
int ftp_message_type)
struct alias_link *link,
int maxpacketsize,
int ftp_message_type)
{
struct alias_link *ftp_link;
struct alias_link *ftp_link;
/* Security checks. */
if (pip->ip_src.s_addr != la->true_addr.s_addr)
return;
if (pip->ip_src.s_addr != la->true_addr.s_addr)
return;
if (la->true_port < IPPORT_RESERVED)
return;
if (la->true_port < IPPORT_RESERVED)
return;
/* Establish link to address and port found in FTP control message. */
ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
htons(la->true_port), 0, IPPROTO_TCP, 1);
ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
htons(la->true_port), 0, IPPROTO_TCP, 1);
if (ftp_link != NULL)
{
int slen, hlen, tlen, dlen;
struct tcphdr *tc;
if (ftp_link != NULL) {
int slen, hlen, tlen, dlen;
struct tcphdr *tc;
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */
PunchFWHole(ftp_link);
/* Punch hole in firewall */
PunchFWHole(ftp_link);
#endif
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Create new FTP message. */
{
char stemp[MAX_MESSAGE_SIZE + 1];
char *sptr;
u_short alias_port;
u_char *ptr;
int a1, a2, a3, a4, p1, p2;
struct in_addr alias_address;
{
char stemp[MAX_MESSAGE_SIZE + 1];
char *sptr;
u_short alias_port;
u_char *ptr;
int a1, a2, a3, a4, p1, p2;
struct in_addr alias_address;
/* Decompose alias address into quad format */
alias_address = GetAliasAddress(link);
ptr = (u_char *) &alias_address.s_addr;
a1 = *ptr++; a2=*ptr++; a3=*ptr++; a4=*ptr;
alias_address = GetAliasAddress(link);
ptr = (u_char *) & alias_address.s_addr;
a1 = *ptr++;
a2 = *ptr++;
a3 = *ptr++;
a4 = *ptr;
alias_port = GetAliasPort(ftp_link);
alias_port = GetAliasPort(ftp_link);
switch (ftp_message_type)
{
case FTP_PORT_COMMAND:
case FTP_227_REPLY:
/* Decompose alias port into pair format. */
ptr = (char *) &alias_port;
p1 = *ptr++; p2=*ptr;
switch (ftp_message_type) {
case FTP_PORT_COMMAND:
case FTP_227_REPLY:
/* Decompose alias port into pair format. */
ptr = (char *)&alias_port;
p1 = *ptr++;
p2 = *ptr;
if (ftp_message_type == FTP_PORT_COMMAND) {
/* Generate PORT command string. */
sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
a1,a2,a3,a4,p1,p2);
} else {
/* Generate 227 reply string. */
sprintf(stemp,
"227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n",
a1,a2,a3,a4,p1,p2);
}
break;
case FTP_EPRT_COMMAND:
/* Generate EPRT command string. */
sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
a1,a2,a3,a4,ntohs(alias_port));
break;
case FTP_229_REPLY:
/* Generate 229 reply string. */
sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
ntohs(alias_port));
break;
}
if (ftp_message_type == FTP_PORT_COMMAND) {
/* Generate PORT command string. */
sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
a1, a2, a3, a4, p1, p2);
} else {
/* Generate 227 reply string. */
sprintf(stemp,
"227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n",
a1, a2, a3, a4, p1, p2);
}
break;
case FTP_EPRT_COMMAND:
/* Generate EPRT command string. */
sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
a1, a2, a3, a4, ntohs(alias_port));
break;
case FTP_229_REPLY:
/* Generate 229 reply string. */
sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
ntohs(alias_port));
break;
}
/* Save string length for IP header modification */
slen = strlen(stemp);
slen = strlen(stemp);
/* Copy modified buffer into IP packet. */
sptr = (char *) pip; sptr += hlen;
strncpy(sptr, stemp, maxpacketsize-hlen);
}
sptr = (char *)pip;
sptr += hlen;
strncpy(sptr, stemp, maxpacketsize - hlen);
}
/* Save information regarding modified seq and ack numbers */
{
int delta;
{
int delta;
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta+slen-dlen);
}
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + slen - dlen);
}
/* Revise IP header */
{
u_short new_len;
{
u_short new_len;
new_len = htons(hlen + slen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
new_len = htons(hlen + slen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
}
else
{
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
} else {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n");
fprintf(stderr,
"PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n");
#endif
}
}
}

512
sys/netinet/libalias/alias_irc.c
View File

@ -65,277 +65,305 @@ __FBSDID("$FreeBSD$");
void
AliasHandleIrcOut(struct libalias *la,
struct ip *pip, /* IP packet to examine */
struct alias_link *link, /* Which link are we on? */
int maxsize /* Maximum size of IP packet including headers */
)
AliasHandleIrcOut(struct libalias *la,
struct ip *pip, /* IP packet to examine */
struct alias_link *link, /* Which link are we on? */
int maxsize /* Maximum size of IP packet including
* headers */
)
{
int hlen, tlen, dlen;
struct in_addr true_addr;
u_short true_port;
char *sptr;
struct tcphdr *tc;
int i; /* Iterator through the source */
int hlen, tlen, dlen;
struct in_addr true_addr;
u_short true_port;
char *sptr;
struct tcphdr *tc;
int i; /* Iterator through the source */
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Return if data length is too short - assume an entire PRIVMSG in each packet. */
if (dlen<sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a")-1)
return;
/*
* Return if data length is too short - assume an entire PRIVMSG in
* each packet.
*/
if (dlen < sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a") - 1)
return;
/* Place string pointer at beginning of data */
sptr = (char *) pip;
sptr += hlen;
maxsize -= hlen; /* We're interested in maximum size of data, not packet */
sptr = (char *)pip;
sptr += hlen;
maxsize -= hlen; /* We're interested in maximum size of
* data, not packet */
/* Search for a CTCP command [Note 1] */
for( i=0; i<dlen; i++ ) {
if(sptr[i]=='\001')
goto lFOUND_CTCP;
}
return; /* No CTCP commands in */
/* Handle CTCP commands - the buffer may have to be copied */
/* Search for a CTCP command [Note 1] */
for (i = 0; i < dlen; i++) {
if (sptr[i] == '\001')
goto lFOUND_CTCP;
}
return; /* No CTCP commands in */
/* Handle CTCP commands - the buffer may have to be copied */
lFOUND_CTCP:
{
char newpacket[65536]; /* Estimate of maximum packet size :) */
int copyat = i; /* Same */
int iCopy = 0; /* How much data have we written to copy-back string? */
unsigned long org_addr; /* Original IP address */
unsigned short org_port; /* Original source port address */
lCTCP_START:
if( i >= dlen || iCopy >= sizeof(newpacket) )
goto lPACKET_DONE;
newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start character */
/* Start of a CTCP */
if( i+4 >= dlen ) /* Too short for DCC */
goto lBAD_CTCP;
if( sptr[i+0] != 'D' )
goto lBAD_CTCP;
if( sptr[i+1] != 'C' )
goto lBAD_CTCP;
if( sptr[i+2] != 'C' )
goto lBAD_CTCP;
if( sptr[i+3] != ' ' )
goto lBAD_CTCP;
/* We have a DCC command - handle it! */
i+= 4; /* Skip "DCC " */
if( iCopy+4 > sizeof(newpacket) )
goto lPACKET_DONE;
newpacket[iCopy++] = 'D';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = ' ';
{
char newpacket[65536]; /* Estimate of maximum packet size
* :) */
int copyat = i; /* Same */
int iCopy = 0; /* How much data have we written to
* copy-back string? */
unsigned long org_addr; /* Original IP address */
unsigned short org_port; /* Original source port
* address */
DBprintf(("Found DCC\n"));
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway */
while(sptr[i] == ' ') {
if( ++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces\n"));
goto lPACKET_DONE;
}
}
lCTCP_START:
if (i >= dlen || iCopy >= sizeof(newpacket))
goto lPACKET_DONE;
newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start
* character */
/* Start of a CTCP */
if (i + 4 >= dlen) /* Too short for DCC */
goto lBAD_CTCP;
if (sptr[i + 0] != 'D')
goto lBAD_CTCP;
if (sptr[i + 1] != 'C')
goto lBAD_CTCP;
if (sptr[i + 2] != 'C')
goto lBAD_CTCP;
if (sptr[i + 3] != ' ')
goto lBAD_CTCP;
/* We have a DCC command - handle it! */
i += 4; /* Skip "DCC " */
if (iCopy + 4 > sizeof(newpacket))
goto lPACKET_DONE;
newpacket[iCopy++] = 'D';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = 'C';
newpacket[iCopy++] = ' ';
DBprintf(("Transferring command...\n"));
while(sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if( ++i >= dlen || iCopy >= sizeof(newpacket) ) {
DBprintf(("DCC packet terminated during command\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if( i+1 < dlen && iCopy < sizeof(newpacket) )
newpacket[iCopy++] = sptr[i++];
DBprintf(("Found DCC\n"));
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Done command - removing spaces\n"));
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway */
while(sptr[i] == ' ') {
if( ++i >= dlen ) {
DBprintf(("DCC packet terminated in just spaces (post-command)\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Transferring command...\n"));
while (sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if (++i >= dlen || iCopy >= sizeof(newpacket)) {
DBprintf(("DCC packet terminated during command\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if (i + 1 < dlen && iCopy < sizeof(newpacket))
newpacket[iCopy++] = sptr[i++];
DBprintf(("Transferring filename...\n"));
while(sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if( ++i >= dlen || iCopy >= sizeof(newpacket) ) {
DBprintf(("DCC packet terminated during filename\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if( i+1 < dlen && iCopy < sizeof(newpacket) )
newpacket[iCopy++] = sptr[i++];
DBprintf(("Done command - removing spaces\n"));
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces (post-command)\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Done filename - removing spaces\n"));
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway */
while(sptr[i] == ' ') {
if( ++i >= dlen ) {
DBprintf(("DCC packet terminated in just spaces (post-filename)\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Transferring filename...\n"));
while (sptr[i] != ' ') {
newpacket[iCopy++] = sptr[i];
if (++i >= dlen || iCopy >= sizeof(newpacket)) {
DBprintf(("DCC packet terminated during filename\n"));
goto lPACKET_DONE;
}
}
/* Copy _one_ space */
if (i + 1 < dlen && iCopy < sizeof(newpacket))
newpacket[iCopy++] = sptr[i++];
DBprintf(("Fetching IP address\n"));
/* Fetch IP address */
org_addr = 0;
while(i<dlen && isdigit(sptr[i])) {
if( org_addr > ULONG_MAX/10UL ) { /* Terminate on overflow */
DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i]));
goto lBAD_CTCP;
}
org_addr *= 10;
org_addr += sptr[i++]-'0';
}
DBprintf(("Skipping space\n"));
if( i+1 >= dlen || sptr[i] != ' ' ) {
DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i+1, dlen, sptr[i]));
goto lBAD_CTCP;
}
/* Skip any extra spaces (should not occur according to
protocol, but DCC breaks CTCP protocol anyway, so we might
as well play it safe */
while(sptr[i] == ' ') {
if( ++i >= dlen ) {
DBprintf(("Packet failure - space overflow.\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Fetching port number\n"));
/* Fetch source port */
org_port = 0;
while(i<dlen && isdigit(sptr[i])) {
if( org_port > 6554 ) { /* Terminate on overflow (65536/10 rounded up*/
DBprintf(("DCC: port number overflow\n"));
goto lBAD_CTCP;
}
org_port *= 10;
org_port += sptr[i++]-'0';
}
/* Skip illegal addresses (or early termination) */
if( i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ') ) {
DBprintf(("Bad port termination\n"));
goto lBAD_CTCP;
}
DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
DBprintf(("Done filename - removing spaces\n"));
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("DCC packet terminated in just spaces (post-filename)\n"));
goto lPACKET_DONE;
}
}
/* We've got the address and port - now alias it */
{
struct alias_link *dcc_link;
struct in_addr destaddr;
DBprintf(("Fetching IP address\n"));
/* Fetch IP address */
org_addr = 0;
while (i < dlen && isdigit(sptr[i])) {
if (org_addr > ULONG_MAX / 10UL) { /* Terminate on overflow */
DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i]));
goto lBAD_CTCP;
}
org_addr *= 10;
org_addr += sptr[i++] - '0';
}
DBprintf(("Skipping space\n"));
if (i + 1 >= dlen || sptr[i] != ' ') {
DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i + 1, dlen, sptr[i]));
goto lBAD_CTCP;
}
/*
* Skip any extra spaces (should not occur according to
* protocol, but DCC breaks CTCP protocol anyway, so we
* might as well play it safe
*/
while (sptr[i] == ' ') {
if (++i >= dlen) {
DBprintf(("Packet failure - space overflow.\n"));
goto lPACKET_DONE;
}
}
DBprintf(("Fetching port number\n"));
/* Fetch source port */
org_port = 0;
while (i < dlen && isdigit(sptr[i])) {
if (org_port > 6554) { /* Terminate on overflow
* (65536/10 rounded up */
DBprintf(("DCC: port number overflow\n"));
goto lBAD_CTCP;
}
org_port *= 10;
org_port += sptr[i++] - '0';
}
/* Skip illegal addresses (or early termination) */
if (i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ')) {
DBprintf(("Bad port termination\n"));
goto lBAD_CTCP;
}
DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
/* We've got the address and port - now alias it */
{
struct alias_link *dcc_link;
struct in_addr destaddr;
true_port = htons(org_port);
true_addr.s_addr = htonl(org_addr);
destaddr.s_addr = 0;
true_port = htons(org_port);
true_addr.s_addr = htonl(org_addr);
destaddr.s_addr = 0;
/* Sanity/Security checking */
if (!org_addr || !org_port ||
pip->ip_src.s_addr != true_addr.s_addr ||
org_port < IPPORT_RESERVED)
goto lBAD_CTCP;
/* Sanity/Security checking */
if (!org_addr || !org_port ||
pip->ip_src.s_addr != true_addr.s_addr ||
org_port < IPPORT_RESERVED)
goto lBAD_CTCP;
/* Steal the FTP_DATA_PORT - it doesn't really matter, and this
would probably allow it through at least _some_
firewalls. */
dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
true_port, 0,
IPPROTO_TCP, 1);
DBprintf(("Got a DCC link\n"));
if ( dcc_link ) {
struct in_addr alias_address; /* Address from aliasing */
u_short alias_port; /* Port given by aliasing */
int n;
/*
* Steal the FTP_DATA_PORT - it doesn't really
* matter, and this would probably allow it through
* at least _some_ firewalls.
*/
dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
true_port, 0,
IPPROTO_TCP, 1);
DBprintf(("Got a DCC link\n"));
if (dcc_link) {
struct in_addr alias_address; /* Address from aliasing */
u_short alias_port; /* Port given by
* aliasing */
int n;
#ifndef NO_FW_PUNCH
/* Generate firewall hole as appropriate */
PunchFWHole(dcc_link);
/* Generate firewall hole as appropriate */
PunchFWHole(dcc_link);
#endif
alias_address = GetAliasAddress(link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket)-iCopy,
"%lu ", (u_long)htonl(alias_address.s_addr));
if( n < 0 ) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
if( (iCopy += n) >= sizeof(newpacket) ) { /* Truncated/fit exactly - bad news */
DBprintf(("DCC constructed packet overflow.\n"));
goto lBAD_CTCP;
}
alias_port = GetAliasPort(dcc_link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket)-iCopy,
"%u", htons(alias_port) );
if( n < 0 ) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
iCopy += n;
/* Done - truncated cases will be taken care of by lBAD_CTCP */
DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port));
}
}
/* An uninteresting CTCP - state entered right after '\001' has
been pushed. Also used to copy the rest of a DCC, after IP
address and port has been handled */
lBAD_CTCP:
for(; i<dlen && iCopy<sizeof(newpacket); i++,iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if(sptr[i] == '\001') {
goto lNORMAL_TEXT;
}
}
goto lPACKET_DONE;
/* Normal text */
lNORMAL_TEXT:
for(; i<dlen && iCopy<sizeof(newpacket); i++,iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if(sptr[i] == '\001') {
goto lCTCP_START;
}
}
/* Handle the end of a packet */
lPACKET_DONE:
iCopy = iCopy > maxsize-copyat ? maxsize-copyat : iCopy;
memcpy(sptr+copyat, newpacket, iCopy);
alias_address = GetAliasAddress(link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket) - iCopy,
"%lu ", (u_long) htonl(alias_address.s_addr));
if (n < 0) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
if ((iCopy += n) >= sizeof(newpacket)) { /* Truncated/fit exactly
* - bad news */
DBprintf(("DCC constructed packet overflow.\n"));
goto lBAD_CTCP;
}
alias_port = GetAliasPort(dcc_link);
n = snprintf(&newpacket[iCopy],
sizeof(newpacket) - iCopy,
"%u", htons(alias_port));
if (n < 0) {
DBprintf(("DCC packet construct failure.\n"));
goto lBAD_CTCP;
}
iCopy += n;
/*
* Done - truncated cases will be taken
* care of by lBAD_CTCP
*/
DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port));
}
}
/*
* An uninteresting CTCP - state entered right after '\001'
* has been pushed. Also used to copy the rest of a DCC,
* after IP address and port has been handled
*/
lBAD_CTCP:
for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if (sptr[i] == '\001') {
goto lNORMAL_TEXT;
}
}
goto lPACKET_DONE;
/* Normal text */
lNORMAL_TEXT:
for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) {
newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
if (sptr[i] == '\001') {
goto lCTCP_START;
}
}
/* Handle the end of a packet */
lPACKET_DONE:
iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy;
memcpy(sptr + copyat, newpacket, iCopy);
/* Save information regarding modified seq and ack numbers */
{
int delta;
{
int delta;
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta+copyat+iCopy-dlen);
}
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + copyat + iCopy - dlen);
}
/* Revise IP header */
{
u_short new_len;
/* Revise IP header */
{
u_short new_len;
new_len = htons(hlen + iCopy + copyat);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
new_len = htons(hlen + iCopy + copyat);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return;
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return;
}
}
/* Notes:

307
sys/netinet/libalias/alias_local.h
View File

@ -55,80 +55,84 @@
struct proxy_entry;
struct libalias {
LIST_ENTRY(libalias) instancelist;
LIST_ENTRY(libalias) instancelist;
int packetAliasMode; /* Mode flags */
/* - documented in alias.h */
int packetAliasMode; /* Mode flags */
/* - documented in alias.h */
struct in_addr aliasAddress; /* Address written onto source */
/* field of IP packet. */
struct in_addr aliasAddress; /* Address written onto source */
/* field of IP packet. */
struct in_addr targetAddress; /* IP address incoming packets */
/* are sent to if no aliasing */
/* link already exists */
struct in_addr targetAddress; /* IP address incoming packets */
/* are sent to if no aliasing */
/* link already exists */
struct in_addr nullAddress; /* Used as a dummy parameter for */
/* some function calls */
struct in_addr nullAddress; /* Used as a dummy parameter for */
/* some function calls */
LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
/* Lookup table of pointers to */
/* chains of link records. Each */
LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
/* Lookup table of pointers to */
/* chains of link records. Each */
LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
/* link record is doubly indexed */
/* into input and output lookup */
/* tables. */
LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
/* link record is doubly indexed */
/* into input and output lookup */
/* tables. */
/* Link statistics */
int icmpLinkCount;
int udpLinkCount;
int tcpLinkCount;
int pptpLinkCount;
int protoLinkCount;
int fragmentIdLinkCount;
int fragmentPtrLinkCount;
int sockCount;
/* Link statistics */
int icmpLinkCount;
int udpLinkCount;
int tcpLinkCount;
int pptpLinkCount;
int protoLinkCount;
int fragmentIdLinkCount;
int fragmentPtrLinkCount;
int sockCount;
int cleanupIndex; /* Index to chain of link table */
/* being inspected for old links */
int cleanupIndex; /* Index to chain of link table */
/* being inspected for old links */
int timeStamp; /* System time in seconds for */
/* current packet */
int timeStamp; /* System time in seconds for */
/* current packet */
int lastCleanupTime; /* Last time IncrementalCleanup() */
/* was called */
int lastCleanupTime; /* Last time
* IncrementalCleanup() */
/* was called */
int houseKeepingResidual; /* used by HouseKeeping() */
int houseKeepingResidual; /* used by HouseKeeping() */
int deleteAllLinks; /* If equal to zero, DeleteLink() */
/* will not remove permanent links */
int deleteAllLinks; /* If equal to zero, DeleteLink() */
/* will not remove permanent links */
FILE *monitorFile; /* File descriptor for link */
/* statistics monitoring file */
FILE *monitorFile; /* File descriptor for link */
/* statistics monitoring file */
int newDefaultLink; /* Indicates if a new aliasing */
/* link has been created after a */
/* call to PacketAliasIn/Out(). */
int newDefaultLink; /* Indicates if a new aliasing */
/* link has been created after a */
/* call to PacketAliasIn/Out(). */
#ifndef NO_FW_PUNCH
int fireWallFD; /* File descriptor to be able to */
/* control firewall. Opened by */
/* PacketAliasSetMode on first */
/* setting the PKT_ALIAS_PUNCH_FW */
/* flag. */
int fireWallBaseNum; /* The first firewall entry free for our use */
int fireWallNumNums; /* How many entries can we use? */
int fireWallActiveNum; /* Which entry did we last use? */
char *fireWallField; /* bool array for entries */
int fireWallFD; /* File descriptor to be able to */
/* control firewall. Opened by */
/* PacketAliasSetMode on first */
/* setting the PKT_ALIAS_PUNCH_FW */
/* flag. */
int fireWallBaseNum; /* The first firewall entry
* free for our use */
int fireWallNumNums; /* How many entries can we
* use? */
int fireWallActiveNum; /* Which entry did we last
* use? */
char *fireWallField; /* bool array for entries */
#endif
unsigned int skinnyPort; /* TCP port used by the Skinny */
/* protocol. */
unsigned int skinnyPort; /* TCP port used by the Skinny */
/* protocol. */
struct proxy_entry *proxyList;
struct in_addr true_addr; /* in network byte order. */
u_short true_port; /* in host byte order. */
struct in_addr true_addr; /* in network byte order. */
u_short true_port; /* in host byte order. */
};
@ -161,148 +165,159 @@ struct libalias {
/* Prototypes */
/* General utilities */
u_short IpChecksum(struct ip *_pip);
u_short TcpChecksum(struct ip *_pip);
void DifferentialChecksum(u_short *_cksum, u_short *_new, u_short *_old,
int _n);
u_short IpChecksum(struct ip *_pip);
u_short TcpChecksum(struct ip *_pip);
void
DifferentialChecksum(u_short * _cksum, u_short * _new, u_short * _old,
int _n);
/* Internal data access */
struct alias_link *
FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _id_alias, int _create);
FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _id_alias, int _create);
struct alias_link *
FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _id, int _create);
FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _id, int _create);
struct alias_link *
FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
struct alias_link *
FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
struct alias_link *
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_char _proto);
FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_char _proto);
struct alias_link *
FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_char _proto);
FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_char _proto);
struct alias_link *
FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
struct alias_link *
FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _dst_port, u_char _proto, int _create);
FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _dst_port, u_char _proto, int _create);
struct alias_link *
AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _src_call_id);
AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _src_call_id);
struct alias_link *
FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _src_call_id);
FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _src_call_id);
struct alias_link *
FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _dst_call_id);
FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _dst_call_id);
struct alias_link *
FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _dst_call_id);
FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
struct in_addr _dst_addr, u_int16_t _dst_call_id);
struct alias_link *
FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _alias_call_id);
FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _alias_call_id);
struct alias_link *
FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _alias_port, u_char _proto);
FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
u_short _src_port, u_short _alias_port, u_char _proto);
struct in_addr
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
struct in_addr
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
/* External data access/modification */
int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _src_port, u_short _dst_port, u_short _port_count,
u_char _proto, u_char _align);
void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr);
void GetFragmentPtr(struct alias_link *_link, char **_fptr);
void SetFragmentPtr(struct alias_link *_link, char *fptr);
void SetStateIn(struct alias_link *_link, int _state);
void SetStateOut(struct alias_link *_link, int _state);
int GetStateIn(struct alias_link *_link);
int GetStateOut(struct alias_link *_link);
int
FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _src_port, u_short _dst_port, u_short _port_count,
u_char _proto, u_char _align);
void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr);
void GetFragmentPtr(struct alias_link *_link, char **_fptr);
void SetFragmentPtr(struct alias_link *_link, char *fptr);
void SetStateIn(struct alias_link *_link, int _state);
void SetStateOut(struct alias_link *_link, int _state);
int GetStateIn (struct alias_link *_link);
int GetStateOut(struct alias_link *_link);
struct in_addr
GetOriginalAddress(struct alias_link *_link);
GetOriginalAddress(struct alias_link *_link);
struct in_addr
GetDestAddress(struct alias_link *_link);
GetDestAddress(struct alias_link *_link);
struct in_addr
GetAliasAddress(struct alias_link *_link);
GetAliasAddress(struct alias_link *_link);
struct in_addr
GetDefaultAliasAddress(struct libalias *la);
void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
u_short GetOriginalPort(struct alias_link *_link);
u_short GetAliasPort(struct alias_link *_link);
GetDefaultAliasAddress(struct libalias *la);
void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
u_short GetOriginalPort(struct alias_link *_link);
u_short GetAliasPort(struct alias_link *_link);
struct in_addr
GetProxyAddress(struct alias_link *_link);
void SetProxyAddress(struct alias_link *_link, struct in_addr _addr);
u_short GetProxyPort(struct alias_link *_link);
void SetProxyPort(struct alias_link *_link, u_short _port);
void SetAckModified(struct alias_link *_link);
int GetAckModified(struct alias_link *_link);
int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
void AddSeq(struct ip *_pip, struct alias_link *_link, int _delta);
void SetExpire(struct alias_link *_link, int _expire);
void ClearCheckNewLink(struct libalias *la);
void SetProtocolFlags(struct alias_link *_link, int _pflags);
int GetProtocolFlags(struct alias_link *_link);
void SetDestCallId(struct alias_link *_link, u_int16_t _cid);
GetProxyAddress(struct alias_link *_link);
void SetProxyAddress(struct alias_link *_link, struct in_addr _addr);
u_short GetProxyPort(struct alias_link *_link);
void SetProxyPort(struct alias_link *_link, u_short _port);
void SetAckModified(struct alias_link *_link);
int GetAckModified(struct alias_link *_link);
int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
void AddSeq (struct ip *_pip, struct alias_link *_link, int _delta);
void SetExpire (struct alias_link *_link, int _expire);
void ClearCheckNewLink(struct libalias *la);
void SetProtocolFlags(struct alias_link *_link, int _pflags);
int GetProtocolFlags(struct alias_link *_link);
void SetDestCallId(struct alias_link *_link, u_int16_t _cid);
#ifndef NO_FW_PUNCH
void PunchFWHole(struct alias_link *_link);
void PunchFWHole(struct alias_link *_link);
#endif
/* Housekeeping function */
void HouseKeeping(struct libalias *);
void HouseKeeping(struct libalias *);
/* Tcp specfic routines */
/* lint -save -library Suppress flexelint warnings */
/* FTP routines */
void AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
void
AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
/* IRC routines */
void AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxsize);
void
AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxsize);
/* RTSP routines */
void AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
void
AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
int _maxpacketsize);
/* PPTP routines */
void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
/* NetBIOS routines */
int AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short _alias_port);
int AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short *_alias_port,
struct in_addr *_original_address, u_short *_original_port);
int
AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short _alias_port);
int
AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
struct in_addr *_alias_address, u_short * _alias_port,
struct in_addr *_original_address, u_short * _original_port);
/* CUSeeMe routines */
void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
/* Skinny routines */
void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
/* Transparent proxy routines */
int ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
u_short *_proxy_server_port);
void ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
int _maxpacketsize, int _proxy_type);
int
ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
u_short * _proxy_server_port);
void
ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
int _maxpacketsize, int _proxy_type);
enum alias_tcp_state {
ALIAS_TCP_STATE_NOT_CONNECTED,
@ -312,4 +327,4 @@ enum alias_tcp_state {
/*lint -restore */
#endif /* !_ALIAS_LOCAL_H_ */
#endif /* !_ALIAS_LOCAL_H_ */

664
sys/netinet/libalias/alias_nbt.c
View File

@ -55,22 +55,22 @@ __FBSDID("$FreeBSD$");
#include "alias_local.h"
typedef struct {
struct in_addr oldaddr;
u_short oldport;
struct in_addr newaddr;
u_short newport;
u_short *uh_sum;
} NBTArguments;
struct in_addr oldaddr;
u_short oldport;
struct in_addr newaddr;
u_short newport;
u_short *uh_sum;
} NBTArguments;
typedef struct {
unsigned char type;
unsigned char flags;
u_short id;
struct in_addr source_ip;
u_short source_port;
u_short len;
u_short offset;
} NbtDataHeader;
unsigned char type;
unsigned char flags;
u_short id;
struct in_addr source_ip;
u_short source_port;
u_short len;
u_short offset;
} NbtDataHeader;
#define OpQuery 0
#define OpUnknown 4
@ -79,13 +79,13 @@ typedef struct {
#define OpWACK 7
#define OpRefresh 8
typedef struct {
u_short nametrid;
u_short dir:1, opcode:4, nmflags:7, rcode:4;
u_short qdcount;
u_short ancount;
u_short nscount;
u_short arcount;
} NbtNSHeader;
u_short nametrid;
u_short dir: 1, opcode:4, nmflags:7, rcode:4;
u_short qdcount;
u_short ancount;
u_short nscount;
u_short arcount;
} NbtNSHeader;
#define FMT_ERR 0x1
#define SRV_ERR 0x2
@ -96,56 +96,61 @@ typedef struct {
#ifdef DEBUG
static void PrintRcode( u_char rcode ) {
static void
PrintRcode(u_char rcode)
{
switch (rcode) {
case FMT_ERR:
printf("\nFormat Error.");
case SRV_ERR:
printf("\nSever failure.");
case IMP_ERR:
printf("\nUnsupported request error.\n");
case RFS_ERR:
printf("\nRefused error.\n");
case ACT_ERR:
printf("\nActive error.\n");
case CFT_ERR:
printf("\nName in conflict error.\n");
default:
printf("\n?%c?=%0x\n", '?', rcode );
printf("\nFormat Error.");
case SRV_ERR:
printf("\nSever failure.");
case IMP_ERR:
printf("\nUnsupported request error.\n");
case RFS_ERR:
printf("\nRefused error.\n");
case ACT_ERR:
printf("\nActive error.\n");
case CFT_ERR:
printf("\nName in conflict error.\n");
default:
printf("\n?%c?=%0x\n", '?', rcode);
}
}
#endif
/* Handling Name field */
static u_char *AliasHandleName ( u_char *p, char *pmax ) {
static u_char *
AliasHandleName(u_char * p, char *pmax)
{
u_char *s;
u_char c;
int compress;
int compress;
/* Following length field */
if (p == NULL || (char *)p >= pmax)
return(NULL);
return (NULL);
if (*p & 0xc0 ) {
if (*p & 0xc0) {
p = p + 2;
if ((char *)p > pmax)
return(NULL);
return ((u_char *)p);
return (NULL);
return ((u_char *) p);
}
while ( ( *p & 0x3f) != 0x00 ) {
while ((*p & 0x3f) != 0x00) {
s = p + 1;
if ( *p == 0x20 )
if (*p == 0x20)
compress = 1;
else
compress = 0;
/* Get next length field */
p = (u_char *)(p + (*p & 0x3f) + 1);
/* Get next length field */
p = (u_char *) (p + (*p & 0x3f) + 1);
if ((char *)p > pmax) {
p = NULL;
break;
@ -154,15 +159,15 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
printf(":");
#endif
while (s < p) {
if ( compress == 1 ) {
c = (u_char )(((((*s & 0x0f) << 4) | (*(s+1) & 0x0f)) - 0x11));
if (compress == 1) {
c = (u_char) (((((*s & 0x0f) << 4) | (*(s + 1) & 0x0f)) - 0x11));
#ifdef DEBUG
if (isprint( c ) )
printf("%c", c );
if (isprint(c))
printf("%c", c);
else
printf("<0x%02x>", c );
printf("<0x%02x>", c);
#endif
s +=2;
s += 2;
} else {
#ifdef DEBUG
printf("%c", *s);
@ -174,14 +179,14 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
printf(":");
#endif
fflush(stdout);
}
}
/* Set up to out of Name field */
if (p == NULL || (char *)p >= pmax)
p = NULL;
p = NULL;
else
p++;
return ((u_char *)p);
p++;
return ((u_char *) p);
}
/*
@ -195,58 +200,61 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
#define DGM_POSITIVE_RES 0x15
#define DGM_NEGATIVE_RES 0x16
int AliasHandleUdpNbt(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short alias_port
) {
struct udphdr * uh;
NbtDataHeader *ndh;
u_char *p = NULL;
char *pmax;
int
AliasHandleUdpNbt(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short alias_port
)
{
struct udphdr *uh;
NbtDataHeader *ndh;
u_char *p = NULL;
char *pmax;
/* Calculate data length of UDP packet */
uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
pmax = (char *)uh + ntohs( uh->uh_ulen );
/* Calculate data length of UDP packet */
uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
pmax = (char *)uh + ntohs(uh->uh_ulen);
ndh = (NbtDataHeader *)((char *)uh + (sizeof (struct udphdr)));
if ((char *)(ndh + 1) > pmax)
return(-1);
ndh = (NbtDataHeader *) ((char *)uh + (sizeof(struct udphdr)));
if ((char *)(ndh + 1) > pmax)
return (-1);
#ifdef DEBUG
printf("\nType=%02x,", ndh->type );
printf("\nType=%02x,", ndh->type);
#endif
switch ( ndh->type ) {
case DGM_DIRECT_UNIQ:
case DGM_DIRECT_GROUP:
case DGM_BROADCAST:
p = (u_char *)ndh + 14;
p = AliasHandleName ( p, pmax ); /* Source Name */
p = AliasHandleName ( p, pmax ); /* Destination Name */
break;
case DGM_ERROR:
p = (u_char *)ndh + 11;
break;
case DGM_QUERY:
case DGM_POSITIVE_RES:
case DGM_NEGATIVE_RES:
p = (u_char *)ndh + 10;
p = AliasHandleName ( p, pmax ); /* Destination Name */
break;
switch (ndh->type) {
case DGM_DIRECT_UNIQ:
case DGM_DIRECT_GROUP:
case DGM_BROADCAST:
p = (u_char *) ndh + 14;
p = AliasHandleName(p, pmax); /* Source Name */
p = AliasHandleName(p, pmax); /* Destination Name */
break;
case DGM_ERROR:
p = (u_char *) ndh + 11;
break;
case DGM_QUERY:
case DGM_POSITIVE_RES:
case DGM_NEGATIVE_RES:
p = (u_char *) ndh + 10;
p = AliasHandleName(p, pmax); /* Destination Name */
break;
}
if (p == NULL || (char *)p > pmax)
p = NULL;
if (p == NULL || (char *)p > pmax)
p = NULL;
#ifdef DEBUG
printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) );
printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port));
#endif
/* Doing an IP address and Port number Translation */
if ( uh->uh_sum != 0 ) {
int acc;
u_short *sptr;
acc = ndh->source_port;
if (uh->uh_sum != 0) {
int acc;
u_short *sptr;
acc = ndh->source_port;
acc -= alias_port;
sptr = (u_short *) &(ndh->source_ip);
sptr = (u_short *) & (ndh->source_ip);
acc += *sptr++;
acc += *sptr;
sptr = (u_short *) alias_address;
@ -254,49 +262,49 @@ int AliasHandleUdpNbt(
acc -= *sptr;
ADJUST_CHECKSUM(acc, uh->uh_sum);
}
ndh->source_ip = *alias_address;
ndh->source_port = alias_port;
ndh->source_ip = *alias_address;
ndh->source_port = alias_port;
#ifdef DEBUG
printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) );
printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port));
fflush(stdout);
#endif
return((p == NULL) ? -1 : 0);
return ((p == NULL) ? -1 : 0);
}
/* Question Section */
#define QS_TYPE_NB 0x0020
#define QS_TYPE_NBSTAT 0x0021
#define QS_CLAS_IN 0x0001
typedef struct {
u_short type; /* The type of Request */
u_short class; /* The class of Request */
} NBTNsQuestion;
u_short type; /* The type of Request */
u_short class; /* The class of Request */
} NBTNsQuestion;
static u_char *
static u_char *
AliasHandleQuestion(
u_short count,
NBTNsQuestion *q,
NBTNsQuestion * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
while ( count != 0 ) {
while (count != 0) {
/* Name Filed */
q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax);
q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax);
if (q == NULL || (char *)(q + 1) > pmax) {
q = NULL;
break;
}
/* Type and Class filed */
switch ( ntohs(q->type) ) {
case QS_TYPE_NB:
case QS_TYPE_NBSTAT:
q= q+1;
switch (ntohs(q->type)) {
case QS_TYPE_NB:
case QS_TYPE_NBSTAT:
q = q + 1;
break;
default:
default:
#ifdef DEBUG
printf("\nUnknown Type on Question %0x\n", ntohs(q->type) );
printf("\nUnknown Type on Question %0x\n", ntohs(q->type));
#endif
break;
}
@ -304,7 +312,7 @@ AliasHandleQuestion(
}
/* Set up to out of Question Section */
return ((u_char *)q);
return ((u_char *) q);
}
/* Resource Record */
@ -316,101 +324,99 @@ AliasHandleQuestion(
#define RR_CLAS_IN 0x0001
#define SizeOfNsResource 8
typedef struct {
u_short type;
u_short class;
unsigned int ttl;
u_short rdlen;
} NBTNsResource;
u_short type;
u_short class;
unsigned int ttl;
u_short rdlen;
} NBTNsResource;
#define SizeOfNsRNB 6
typedef struct {
u_short g:1, ont:2, resv:13;
struct in_addr addr;
} NBTNsRNB;
u_short g: 1 , ont:2, resv:13;
struct in_addr addr;
} NBTNsRNB;
static u_char *
static u_char *
AliasHandleResourceNB(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsRNB *nb;
NBTNsRNB *nb;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Check out a length */
bcount = ntohs(q->rdlen);
/* Forward to Resource NB position */
nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource);
nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource);
/* Processing all in_addr array */
#ifdef DEBUG
printf("NB rec[%s", inet_ntoa(nbtarg->oldaddr));
printf("->%s, %dbytes] ",inet_ntoa(nbtarg->newaddr ), bcount);
printf("->%s, %dbytes] ", inet_ntoa(nbtarg->newaddr), bcount);
#endif
while ( nb != NULL && bcount != 0 ) {
while (nb != NULL && bcount != 0) {
if ((char *)(nb + 1) > pmax) {
nb = NULL;
break;
}
#ifdef DEBUG
printf("<%s>", inet_ntoa(nb->addr) );
printf("<%s>", inet_ntoa(nb->addr));
#endif
if (!bcmp(&nbtarg->oldaddr,&nb->addr, sizeof(struct in_addr) ) ) {
if ( *nbtarg->uh_sum != 0 ) {
int acc;
u_short *sptr;
if (!bcmp(&nbtarg->oldaddr, &nb->addr, sizeof(struct in_addr))) {
if (*nbtarg->uh_sum != 0) {
int acc;
u_short *sptr;
sptr = (u_short *) &(nb->addr);
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) &(nbtarg->newaddr);
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
sptr = (u_short *) & (nb->addr);
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) & (nbtarg->newaddr);
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
}
nb->addr = nbtarg->newaddr;
#ifdef DEBUG
printf("O");
#endif
}
#ifdef DEBUG
else {
else {
printf(".");
}
#endif
nb=(NBTNsRNB *)((u_char *)nb + SizeOfNsRNB);
bcount -= SizeOfNsRNB;
nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB);
bcount -= SizeOfNsRNB;
}
if (nb == NULL || (char *)(nb + 1) > pmax) {
nb = NULL;
}
return ((u_char *)nb);
return ((u_char *) nb);
}
#define SizeOfResourceA 6
typedef struct {
struct in_addr addr;
} NBTNsResourceA;
struct in_addr addr;
} NBTNsResourceA;
static u_char *
static u_char *
AliasHandleResourceA(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceA *a;
NBTNsResourceA *a;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource A position */
a = (NBTNsResourceA *)( (u_char *)q + sizeof(NBTNsResource) );
a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
@ -418,62 +424,61 @@ AliasHandleResourceA(
/* Processing all in_addr array */
#ifdef DEBUG
printf("Arec [%s", inet_ntoa(nbtarg->oldaddr));
printf("->%s]",inet_ntoa(nbtarg->newaddr ));
printf("->%s]", inet_ntoa(nbtarg->newaddr));
#endif
while ( bcount != 0 ) {
while (bcount != 0) {
if (a == NULL || (char *)(a + 1) > pmax)
return(NULL);
return (NULL);
#ifdef DEBUG
printf("..%s", inet_ntoa(a->addr) );
printf("..%s", inet_ntoa(a->addr));
#endif
if ( !bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr) ) ) {
if ( *nbtarg->uh_sum != 0 ) {
int acc;
u_short *sptr;
if (!bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr))) {
if (*nbtarg->uh_sum != 0) {
int acc;
u_short *sptr;
sptr = (u_short *) &(a->addr); /* Old */
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) &nbtarg->newaddr; /* New */
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
sptr = (u_short *) & (a->addr); /* Old */
acc = *sptr++;
acc += *sptr;
sptr = (u_short *) & nbtarg->newaddr; /* New */
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
}
a->addr = nbtarg->newaddr;
}
a++; /*XXXX*/
a++; /* XXXX */
bcount -= SizeOfResourceA;
}
if (a == NULL || (char *)(a + 1) > pmax)
a = NULL;
return ((u_char *)a);
a = NULL;
return ((u_char *) a);
}
typedef struct {
u_short opcode:4, flags:8, resv:4;
} NBTNsResourceNULL;
u_short opcode:4, flags:8, resv:4;
} NBTNsResourceNULL;
static u_char *
static u_char *
AliasHandleResourceNULL(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceNULL *n;
NBTNsResourceNULL *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource NULL position */
n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) );
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Processing all in_addr array */
while ( bcount != 0 ) {
while (bcount != 0) {
if ((char *)(n + 1) > pmax) {
n = NULL;
break;
@ -484,223 +489,220 @@ AliasHandleResourceNULL(
if ((char *)(n + 1) > pmax)
n = NULL;
return ((u_char *)n);
return ((u_char *) n);
}
static u_char *
static u_char *
AliasHandleResourceNS(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceNULL *n;
NBTNsResourceNULL *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource NULL position */
n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) );
n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Resource Record Name Filed */
q = (NBTNsResource *)AliasHandleName( (u_char *)n, pmax ); /* XXX */
q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return(NULL);
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
return (NULL);
else
return ((u_char *)n + bcount);
return ((u_char *) n + bcount);
}
typedef struct {
u_short numnames;
} NBTNsResourceNBSTAT;
u_short numnames;
} NBTNsResourceNBSTAT;
static u_char *
static u_char *
AliasHandleResourceNBSTAT(
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments *nbtarg)
NBTArguments * nbtarg)
{
NBTNsResourceNBSTAT *n;
NBTNsResourceNBSTAT *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
return(NULL);
return (NULL);
/* Forward to Resource NBSTAT position */
n = (NBTNsResourceNBSTAT *)( (u_char *)q + sizeof(NBTNsResource) );
n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return(NULL);
if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
return (NULL);
else
return ((u_char *)n + bcount);
return ((u_char *) n + bcount);
}
static u_char *
static u_char *
AliasHandleResource(
u_short count,
NBTNsResource *q,
NBTNsResource * q,
char *pmax,
NBTArguments
*nbtarg)
* nbtarg)
{
while ( count != 0 ) {
while (count != 0) {
/* Resource Record Name Filed */
q = (NBTNsResource *)AliasHandleName( (u_char *)q, pmax );
q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax);
if (q == NULL || (char *)(q + 1) > pmax)
break;
#ifdef DEBUG
printf("type=%02x, count=%d\n", ntohs(q->type), count );
printf("type=%02x, count=%d\n", ntohs(q->type), count);
#endif
/* Type and Class filed */
switch ( ntohs(q->type) ) {
case RR_TYPE_NB:
q = (NBTNsResource *)AliasHandleResourceNB(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_A:
q = (NBTNsResource *)AliasHandleResourceA(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NS:
q = (NBTNsResource *)AliasHandleResourceNS(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NULL:
q = (NBTNsResource *)AliasHandleResourceNULL(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NBSTAT:
q = (NBTNsResource *)AliasHandleResourceNBSTAT(
q,
pmax,
nbtarg
);
break;
default:
switch (ntohs(q->type)) {
case RR_TYPE_NB:
q = (NBTNsResource *) AliasHandleResourceNB(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_A:
q = (NBTNsResource *) AliasHandleResourceA(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NS:
q = (NBTNsResource *) AliasHandleResourceNS(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NULL:
q = (NBTNsResource *) AliasHandleResourceNULL(
q,
pmax,
nbtarg
);
break;
case RR_TYPE_NBSTAT:
q = (NBTNsResource *) AliasHandleResourceNBSTAT(
q,
pmax,
nbtarg
);
break;
default:
#ifdef DEBUG
printf(
"\nUnknown Type of Resource %0x\n",
ntohs(q->type)
);
printf(
"\nUnknown Type of Resource %0x\n",
ntohs(q->type)
);
#endif
break;
break;
}
count--;
}
fflush(stdout);
return ((u_char *)q);
return ((u_char *) q);
}
int AliasHandleUdpNbtNS(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short *alias_port,
struct in_addr *original_address,
u_short *original_port )
int
AliasHandleUdpNbtNS(
struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link,
struct in_addr *alias_address,
u_short * alias_port,
struct in_addr *original_address,
u_short * original_port)
{
struct udphdr * uh;
NbtNSHeader * nsh;
u_char * p;
char *pmax;
NBTArguments nbtarg;
struct udphdr *uh;
NbtNSHeader *nsh;
u_char *p;
char *pmax;
NBTArguments nbtarg;
/* Set up Common Parameter */
nbtarg.oldaddr = *alias_address;
nbtarg.oldport = *alias_port;
nbtarg.newaddr = *original_address;
nbtarg.newport = *original_port;
nbtarg.oldaddr = *alias_address;
nbtarg.oldport = *alias_port;
nbtarg.newaddr = *original_address;
nbtarg.newport = *original_port;
/* Calculate data length of UDP packet */
uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
nbtarg.uh_sum = &(uh->uh_sum);
nsh = (NbtNSHeader *)((char *)uh + (sizeof(struct udphdr)));
p = (u_char *)(nsh + 1);
pmax = (char *)uh + ntohs( uh->uh_ulen );
/* Calculate data length of UDP packet */
uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
nbtarg.uh_sum = &(uh->uh_sum);
nsh = (NbtNSHeader *) ((char *)uh + (sizeof(struct udphdr)));
p = (u_char *) (nsh + 1);
pmax = (char *)uh + ntohs(uh->uh_ulen);
if ((char *)(nsh + 1) > pmax)
return(-1);
if ((char *)(nsh + 1) > pmax)
return (-1);
#ifdef DEBUG
printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x"
", an=%04x, ns=%04x, ar=%04x, [%d]-->",
nsh->dir ? "Response": "Request",
nsh->nametrid,
nsh->opcode,
nsh->nmflags,
nsh->rcode,
ntohs(nsh->qdcount),
ntohs(nsh->ancount),
ntohs(nsh->nscount),
ntohs(nsh->arcount),
(u_char *)p -(u_char *)nsh
);
printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x"
", an=%04x, ns=%04x, ar=%04x, [%d]-->",
nsh->dir ? "Response" : "Request",
nsh->nametrid,
nsh->opcode,
nsh->nmflags,
nsh->rcode,
ntohs(nsh->qdcount),
ntohs(nsh->ancount),
ntohs(nsh->nscount),
ntohs(nsh->arcount),
(u_char *) p - (u_char *) nsh
);
#endif
/* Question Entries */
if (ntohs(nsh->qdcount) !=0 ) {
p = AliasHandleQuestion(
ntohs(nsh->qdcount),
(NBTNsQuestion *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->qdcount) != 0) {
p = AliasHandleQuestion(
ntohs(nsh->qdcount),
(NBTNsQuestion *) p,
pmax,
&nbtarg
);
}
/* Answer Resource Records */
if (ntohs(nsh->ancount) !=0 ) {
p = AliasHandleResource(
ntohs(nsh->ancount),
(NBTNsResource *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->ancount) != 0) {
p = AliasHandleResource(
ntohs(nsh->ancount),
(NBTNsResource *) p,
pmax,
&nbtarg
);
}
/* Authority Resource Recodrs */
if (ntohs(nsh->nscount) !=0 ) {
p = AliasHandleResource(
ntohs(nsh->nscount),
(NBTNsResource *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->nscount) != 0) {
p = AliasHandleResource(
ntohs(nsh->nscount),
(NBTNsResource *) p,
pmax,
&nbtarg
);
}
/* Additional Resource Recodrs */
if (ntohs(nsh->arcount) !=0 ) {
p = AliasHandleResource(
ntohs(nsh->arcount),
(NBTNsResource *)p,
pmax,
&nbtarg
);
if (ntohs(nsh->arcount) != 0) {
p = AliasHandleResource(
ntohs(nsh->arcount),
(NBTNsResource *) p,
pmax,
&nbtarg
);
}
#ifdef DEBUG
PrintRcode(nsh->rcode);
PrintRcode(nsh->rcode);
#endif
return ((p == NULL) ? -1 : 0);
return ((p == NULL) ? -1 : 0);
}

6
sys/netinet/libalias/alias_old.c
View File

@ -113,7 +113,7 @@ PacketAliasAddServer(struct alias_link *_link,
struct alias_link *
PacketAliasRedirectAddr(struct in_addr _src_addr,
struct in_addr _alias_addr)
struct in_addr _alias_addr)
{
return LibAliasRedirectAddr(la, _src_addr, _alias_addr);
@ -152,7 +152,7 @@ PacketAliasRedirectProto(struct in_addr _src_addr,
{
return LibAliasRedirectProto(la, _src_addr, _dst_addr, _alias_addr,
_proto);
_proto);
}
void
@ -162,7 +162,7 @@ PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment)
LibAliasFragmentIn(la, _ptr, _ptr_fragment);
}
char *
char *
PacketAliasGetFragment(char *_ptr)
{

444
sys/netinet/libalias/alias_pptp.c
View File

@ -80,16 +80,16 @@ __FBSDID("$FreeBSD$");
* PPTP definitions
*/
struct grehdr /* Enhanced GRE header. */
{
u_int16_t gh_flags; /* Flags. */
u_int16_t gh_protocol; /* Protocol type. */
u_int16_t gh_length; /* Payload length. */
u_int16_t gh_call_id; /* Call ID. */
u_int32_t gh_seq_no; /* Sequence number (optional). */
u_int32_t gh_ack_no; /* Acknowledgment number (optional). */
struct grehdr { /* Enhanced GRE header. */
u_int16_t gh_flags; /* Flags. */
u_int16_t gh_protocol; /* Protocol type. */
u_int16_t gh_length; /* Payload length. */
u_int16_t gh_call_id; /* Call ID. */
u_int32_t gh_seq_no; /* Sequence number (optional). */
u_int32_t gh_ack_no; /* Acknowledgment number
* (optional). */
};
typedef struct grehdr GreHdr;
typedef struct grehdr GreHdr;
/* The PPTP protocol ID used in the GRE 'proto' field. */
#define PPTP_GRE_PROTO 0x880b
@ -102,270 +102,276 @@ typedef struct grehdr GreHdr;
#define PPTP_CTRL_MSG_TYPE 1
enum {
PPTP_StartCtrlConnRequest = 1,
PPTP_StartCtrlConnReply = 2,
PPTP_StopCtrlConnRequest = 3,
PPTP_StopCtrlConnReply = 4,
PPTP_EchoRequest = 5,
PPTP_EchoReply = 6,
PPTP_OutCallRequest = 7,
PPTP_OutCallReply = 8,
PPTP_InCallRequest = 9,
PPTP_InCallReply = 10,
PPTP_InCallConn = 11,
PPTP_CallClearRequest = 12,
PPTP_CallDiscNotify = 13,
PPTP_WanErrorNotify = 14,
PPTP_SetLinkInfo = 15
PPTP_StartCtrlConnRequest = 1,
PPTP_StartCtrlConnReply = 2,
PPTP_StopCtrlConnRequest = 3,
PPTP_StopCtrlConnReply = 4,
PPTP_EchoRequest = 5,
PPTP_EchoReply = 6,
PPTP_OutCallRequest = 7,
PPTP_OutCallReply = 8,
PPTP_InCallRequest = 9,
PPTP_InCallReply = 10,
PPTP_InCallConn = 11,
PPTP_CallClearRequest = 12,
PPTP_CallDiscNotify = 13,
PPTP_WanErrorNotify = 14,
PPTP_SetLinkInfo = 15
};
/* Message structures */
struct pptpMsgHead {
u_int16_t length; /* total length */
u_int16_t msgType; /* PPTP message type */
u_int32_t magic; /* magic cookie */
u_int16_t type; /* control message type */
u_int16_t resv0; /* reserved */
};
typedef struct pptpMsgHead *PptpMsgHead;
/* Message structures */
struct pptpMsgHead {
u_int16_t length; /* total length */
u_int16_t msgType;/* PPTP message type */
u_int32_t magic; /* magic cookie */
u_int16_t type; /* control message type */
u_int16_t resv0; /* reserved */
};
typedef struct pptpMsgHead *PptpMsgHead;
struct pptpCodes {
u_int8_t resCode; /* Result Code */
u_int8_t errCode; /* Error Code */
};
typedef struct pptpCodes *PptpCode;
struct pptpCodes {
u_int8_t resCode;/* Result Code */
u_int8_t errCode;/* Error Code */
};
typedef struct pptpCodes *PptpCode;
struct pptpCallIds {
u_int16_t cid1; /* Call ID field #1 */
u_int16_t cid2; /* Call ID field #2 */
};
typedef struct pptpCallIds *PptpCallId;
struct pptpCallIds {
u_int16_t cid1; /* Call ID field #1 */
u_int16_t cid2; /* Call ID field #2 */
};
typedef struct pptpCallIds *PptpCallId;
static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
void
AliasHandlePptpOut(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link) /* The PPTP control link */
{
struct alias_link *pptp_link;
PptpCallId cptr;
PptpCode codes;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link)
{ /* The PPTP control link */
struct alias_link *pptp_link;
PptpCallId cptr;
PptpCode codes;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Modify certain PPTP messages */
switch (ctl_type) {
case PPTP_OutCallRequest:
case PPTP_OutCallReply:
case PPTP_InCallRequest:
case PPTP_InCallReply:
/* Establish PPTP link for address and Call ID found in control message. */
pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
GetAliasAddress(link), cptr->cid1);
break;
case PPTP_CallClearRequest:
case PPTP_CallDiscNotify:
/* Find PPTP link for address and Call ID found in control message. */
pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
GetDestAddress(link),
cptr->cid1);
break;
default:
return;
}
if (pptp_link != NULL) {
int accumulate = cptr->cid1;
/* alias the Call Id */
cptr->cid1 = GetAliasPort(pptp_link);
/* Compute TCP checksum for revised packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
accumulate -= cptr->cid1;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Modify certain PPTP messages */
switch (ctl_type) {
case PPTP_OutCallRequest:
case PPTP_OutCallReply:
case PPTP_InCallRequest:
case PPTP_InCallReply:
codes = (PptpCode)(cptr + 1);
if (codes->resCode == 1) /* Connection established, */
SetDestCallId(pptp_link, /* note the Peer's Call ID. */
cptr->cid2);
else
SetExpire(pptp_link, 0); /* Connection refused. */
break;
case PPTP_CallDiscNotify: /* Connection closed. */
SetExpire(pptp_link, 0);
break;
/*
* Establish PPTP link for address and Call ID found in
* control message.
*/
pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
GetAliasAddress(link), cptr->cid1);
break;
case PPTP_CallClearRequest:
case PPTP_CallDiscNotify:
/*
* Find PPTP link for address and Call ID found in control
* message.
*/
pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
GetDestAddress(link),
cptr->cid1);
break;
default:
return;
}
if (pptp_link != NULL) {
int accumulate = cptr->cid1;
/* alias the Call Id */
cptr->cid1 = GetAliasPort(pptp_link);
/* Compute TCP checksum for revised packet */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
accumulate -= cptr->cid1;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
switch (ctl_type) {
case PPTP_OutCallReply:
case PPTP_InCallReply:
codes = (PptpCode) (cptr + 1);
if (codes->resCode == 1) /* Connection
* established, */
SetDestCallId(pptp_link, /* note the Peer's Call
* ID. */
cptr->cid2);
else
SetExpire(pptp_link, 0); /* Connection refused. */
break;
case PPTP_CallDiscNotify: /* Connection closed. */
SetExpire(pptp_link, 0);
break;
}
}
}
}
void
AliasHandlePptpIn(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link) /* The PPTP control link */
{
struct alias_link *pptp_link;
PptpCallId cptr;
u_int16_t *pcall_id;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
AliasHandlePptpIn(struct libalias *la,
struct ip *pip, /* IP packet to examine/patch */
struct alias_link *link)
{ /* The PPTP control link */
struct alias_link *pptp_link;
PptpCallId cptr;
u_int16_t *pcall_id;
u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Verify valid PPTP control message */
if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
return;
/* Modify certain PPTP messages */
switch (ctl_type)
{
case PPTP_InCallConn:
case PPTP_WanErrorNotify:
case PPTP_SetLinkInfo:
pcall_id = &cptr->cid1;
break;
case PPTP_OutCallReply:
case PPTP_InCallReply:
pcall_id = &cptr->cid2;
break;
case PPTP_CallDiscNotify: /* Connection closed. */
pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
GetAliasAddress(link),
cptr->cid1);
if (pptp_link != NULL)
SetExpire(pptp_link, 0);
return;
default:
return;
}
/* Modify certain PPTP messages */
switch (ctl_type) {
case PPTP_InCallConn:
case PPTP_WanErrorNotify:
case PPTP_SetLinkInfo:
pcall_id = &cptr->cid1;
break;
case PPTP_OutCallReply:
case PPTP_InCallReply:
pcall_id = &cptr->cid2;
break;
case PPTP_CallDiscNotify: /* Connection closed. */
pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
GetAliasAddress(link),
cptr->cid1);
if (pptp_link != NULL)
SetExpire(pptp_link, 0);
return;
default:
return;
}
/* Find PPTP link for address and Call ID found in PPTP Control Msg */
pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
GetAliasAddress(link),
*pcall_id);
/* Find PPTP link for address and Call ID found in PPTP Control Msg */
pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
GetAliasAddress(link),
*pcall_id);
if (pptp_link != NULL) {
int accumulate = *pcall_id;
if (pptp_link != NULL) {
int accumulate = *pcall_id;
/* De-alias the Peer's Call Id. */
*pcall_id = GetOriginalPort(pptp_link);
/* De-alias the Peer's Call Id. */
*pcall_id = GetOriginalPort(pptp_link);
/* Compute TCP checksum for modified packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
accumulate -= *pcall_id;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Compute TCP checksum for modified packet */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
accumulate -= *pcall_id;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
PptpCode codes = (PptpCode)(cptr + 1);
if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
PptpCode codes = (PptpCode) (cptr + 1);
if (codes->resCode == 1) /* Connection established, */
SetDestCallId(pptp_link, /* note the Call ID. */
cptr->cid1);
else
SetExpire(pptp_link, 0); /* Connection refused. */
}
}
if (codes->resCode == 1) /* Connection
* established, */
SetDestCallId(pptp_link, /* note the Call ID. */
cptr->cid1);
else
SetExpire(pptp_link, 0); /* Connection refused. */
}
}
}
static PptpCallId
AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch */
{
int hlen, tlen, dlen;
PptpMsgHead hptr;
struct tcphdr *tc;
static PptpCallId
AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
{ /* IP packet to examine/patch */
int hlen, tlen, dlen;
PptpMsgHead hptr;
struct tcphdr *tc;
/* Calculate some lengths */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Calculate some lengths */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Verify data length */
if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
return(NULL);
/* Verify data length */
if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
return (NULL);
/* Move up to PPTP message header */
hptr = (PptpMsgHead)(((char *) pip) + hlen);
/* Move up to PPTP message header */
hptr = (PptpMsgHead) (((char *)pip) + hlen);
/* Return the control message type */
*ptype = ntohs(hptr->type);
/* Return the control message type */
*ptype = ntohs(hptr->type);
/* Verify PPTP Control Message */
if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) ||
(ntohl(hptr->magic) != PPTP_MAGIC))
return(NULL);
/* Verify PPTP Control Message */
if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) ||
(ntohl(hptr->magic) != PPTP_MAGIC))
return (NULL);
/* Verify data length. */
if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
(dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
sizeof(struct pptpCodes)))
return (NULL);
else
return (PptpCallId)(hptr + 1);
/* Verify data length. */
if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
(dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
sizeof(struct pptpCodes)))
return (NULL);
else
return (PptpCallId) (hptr + 1);
}
int
AliasHandlePptpGreOut(struct libalias *la, struct ip *pip)
{
GreHdr *gr;
struct alias_link *link;
GreHdr *gr;
struct alias_link *link;
gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2));
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr alias_addr = GetAliasAddress(link);
link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr alias_addr = GetAliasAddress(link);
/* Change source IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *)&alias_addr,
(u_short *)&pip->ip_src,
2);
pip->ip_src = alias_addr;
}
return (0);
/* Change source IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *) & alias_addr,
(u_short *) & pip->ip_src,
2);
pip->ip_src = alias_addr;
}
return (0);
}
int
AliasHandlePptpGreIn(struct libalias *la, struct ip *pip)
{
GreHdr *gr;
struct alias_link *link;
GreHdr *gr;
struct alias_link *link;
gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2));
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
/* Check GRE header bits. */
if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr src_addr = GetOriginalAddress(link);
link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
if (link != NULL) {
struct in_addr src_addr = GetOriginalAddress(link);
/* De-alias the Peer's Call Id. */
gr->gh_call_id = GetOriginalPort(link);
/* De-alias the Peer's Call Id. */
gr->gh_call_id = GetOriginalPort(link);
/* Restore original IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *)&src_addr,
(u_short *)&pip->ip_dst,
2);
pip->ip_dst = src_addr;
}
return (0);
/* Restore original IP address. */
DifferentialChecksum(&pip->ip_sum,
(u_short *) & src_addr,
(u_short *) & pip->ip_dst,
2);
pip->ip_dst = src_addr;
}
return (0);
}

939
sys/netinet/libalias/alias_proxy.c
View File

File diff suppressed because it is too large Load Diff

362
sys/netinet/libalias/alias_skinny.c
View File

@ -60,10 +60,10 @@
* has answered. The phone then sends back an Open Receive Channel
* Acknowledgement. In this packet, the phone sends its IP address again,
* and the UDP port over which the voice traffic should flow. These values
* need translation. Right after the Open Receive Channel Acknowledgement,
* need translation. Right after the Open Receive Channel Acknowledgement,
* the Call Manager sends a Start Media Transmission message indicating the
* call is connected. This message contains the IP address and UDP port
* number of the remote (called) party. Once this message is translated, the
* call is connected. This message contains the IP address and UDP port
* number of the remote (called) party. Once this message is translated, the
* call can commence. The called part sends the first UDP packet to the
* calling phone at the pre-arranged UDP port in the Open Receive Channel
* Acknowledgement.
@ -81,258 +81,258 @@
#define START_MEDIATX 0x0000008a
struct skinny_header {
u_int32_t len;
u_int32_t reserved;
u_int32_t msgId;
u_int32_t len;
u_int32_t reserved;
u_int32_t msgId;
};
struct RegisterMessage {
u_int32_t msgId;
char devName[16];
u_int32_t uid;
u_int32_t instance;
u_int32_t ipAddr;
u_char devType;
u_int32_t maxStreams;
u_int32_t msgId;
char devName [16];
u_int32_t uid;
u_int32_t instance;
u_int32_t ipAddr;
u_char devType;
u_int32_t maxStreams;
};
struct IpPortMessage {
u_int32_t msgId;
u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
* numbers */
u_int32_t msgId;
u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
* numbers */
};
struct OpenReceiveChannelAck {
u_int32_t msgId;
u_int32_t status;
u_int32_t ipAddr;
u_int32_t port;
u_int32_t passThruPartyID;
u_int32_t msgId;
u_int32_t status;
u_int32_t ipAddr;
u_int32_t port;
u_int32_t passThruPartyID;
};
struct StartMediaTransmission {
u_int32_t msgId;
u_int32_t conferenceID;
u_int32_t passThruPartyID;
u_int32_t remoteIpAddr;
u_int32_t remotePort;
u_int32_t MSPacket;
u_int32_t payloadCap;
u_int32_t precedence;
u_int32_t silenceSuppression;
u_short maxFramesPerPacket;
u_int32_t G723BitRate;
u_int32_t msgId;
u_int32_t conferenceID;
u_int32_t passThruPartyID;
u_int32_t remoteIpAddr;
u_int32_t remotePort;
u_int32_t MSPacket;
u_int32_t payloadCap;
u_int32_t precedence;
u_int32_t silenceSuppression;
u_short maxFramesPerPacket;
u_int32_t G723BitRate;
};
typedef enum {
ClientToServer = 0,
ServerToClient = 1
ClientToServer = 0,
ServerToClient = 1
} ConvDirection;
static int
alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip,
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
{
reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr;
reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr;
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
static int
alias_skinny_startmedia(struct StartMediaTransmission *start_media,
struct ip *pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t localIpAddr,
ConvDirection direction)
struct ip *pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t localIpAddr,
ConvDirection direction)
{
struct in_addr dst, src;
struct in_addr dst, src;
dst.s_addr = start_media->remoteIpAddr;
src.s_addr = localIpAddr;
dst.s_addr = start_media->remoteIpAddr;
src.s_addr = localIpAddr;
/* XXX I should probably handle in bound global translations as well. */
/*
* XXX I should probably handle in bound global translations as
* well.
*/
return 0;
return 0;
}
static int
alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
struct tcphdr *tc, struct alias_link *link,
ConvDirection direction)
{
port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link));
port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link));
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
static int
alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack,
struct ip * pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t *localIpAddr,
ConvDirection direction)
struct ip *pip, struct tcphdr *tc,
struct alias_link *link, u_int32_t * localIpAddr,
ConvDirection direction)
{
struct in_addr null_addr;
struct alias_link *opnrcv_link;
u_int32_t localPort;
struct in_addr null_addr;
struct alias_link *opnrcv_link;
u_int32_t localPort;
*localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
localPort = opnrcvch_ack->port;
*localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
localPort = opnrcvch_ack->port;
null_addr.s_addr = INADDR_ANY;
opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
htons((u_short) opnrcvch_ack->port), 0,
IPPROTO_UDP, 1);
opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link));
null_addr.s_addr = INADDR_ANY;
opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
htons((u_short) opnrcvch_ack->port), 0,
IPPROTO_UDP, 1);
opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link));
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
void
AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *link)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
u_int32_t msgId, len, t, lip;
struct skinny_header *sd;
int orig_len, skinny_hdr_len = sizeof(struct skinny_header);
ConvDirection direction;
int hlen, tlen, dlen;
struct tcphdr *tc;
u_int32_t msgId, len, t, lip;
struct skinny_header *sd;
int orig_len, skinny_hdr_len = sizeof(struct skinny_header);
ConvDirection direction;
tc = (struct tcphdr *) ((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
sd = (struct skinny_header *) ((char *)pip + hlen);
sd = (struct skinny_header *)((char *)pip + hlen);
/*
* XXX This direction is reserved for future use. I still need to
* handle the scenario where the call manager is on the inside, and
* the calling phone is on the global outside.
*/
if (ntohs(tc->th_dport) == la->skinnyPort) {
direction = ClientToServer;
} else if (ntohs(tc->th_sport) == la->skinnyPort) {
direction = ServerToClient;
} else {
/*
* XXX This direction is reserved for future use. I still need to
* handle the scenario where the call manager is on the inside, and
* the calling phone is on the global outside.
*/
if (ntohs(tc->th_dport) == la->skinnyPort) {
direction = ClientToServer;
} else if (ntohs(tc->th_sport) == la->skinnyPort) {
direction = ServerToClient;
} else {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");
fprintf(stderr,
"PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");
#endif
return;
}
return;
}
orig_len = dlen;
/*
* Skinny packets can contain many messages. We need to loop through
* the packet using len to determine message boundaries. This comes
* into play big time with port messages being in the same packet as
* register messages. Also, open receive channel acks are
* usually buried in a pakcet some 400 bytes long.
*/
while (dlen >= skinny_hdr_len) {
len = (sd->len);
msgId = (sd->msgId);
t = len;
orig_len = dlen;
/*
* Skinny packets can contain many messages. We need to loop
* through the packet using len to determine message boundaries.
* This comes into play big time with port messages being in the
* same packet as register messages. Also, open receive channel
* acks are usually buried in a pakcet some 400 bytes long.
*/
while (dlen >= skinny_hdr_len) {
len = (sd->len);
msgId = (sd->msgId);
t = len;
if (t < 0 || t > orig_len || t > dlen) {
if (t < 0 || t > orig_len || t > dlen) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, invalid length \n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, invalid length \n");
#endif
return;
}
switch (msgId) {
case REG_MSG:
{
struct RegisterMessage *reg_mesg;
return;
}
switch (msgId) {
case REG_MSG: {
struct RegisterMessage *reg_mesg;
if (len < sizeof(struct RegisterMessage)) {
if (len < sizeof(struct RegisterMessage)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, bad registration message\n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, bad registration message\n");
#endif
return;
}
reg_mesg = (struct RegisterMessage *) & sd->msgId;
return;
}
reg_mesg = (struct RegisterMessage *)&sd->msgId;
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received a register message");
fprintf(stderr,
"PacketAlias/Skinny: Received a register message");
#endif
alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction);
}
break;
case IP_PORT_MSG:
{
struct IpPortMessage *port_mesg;
if (len < sizeof(struct IpPortMessage)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, port message\n");
#endif
return;
}
#ifdef DEBUG
fprintf(stderr
"PacketAlias/Skinny: Received ipport message\n");
#endif
port_mesg = (struct IpPortMessage *) & sd->msgId;
alias_skinny_port_msg(port_mesg, pip, tc, link, direction);
}
break;
case OPNRCVCH_ACK:
{
struct OpenReceiveChannelAck *opnrcvchn_ack;
alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction);
break;
}
case IP_PORT_MSG: {
struct IpPortMessage *port_mesg;
if (len < sizeof(struct OpenReceiveChannelAck)) {
if (len < sizeof(struct IpPortMessage)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, port message\n");
#endif
return;
}
return;
}
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received open rcv channel msg\n");
fprintf(stderr
"PacketAlias/Skinny: Received ipport message\n");
#endif
opnrcvchn_ack = (struct OpenReceiveChannelAck *) & sd->msgId;
alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
}
break;
case START_MEDIATX:
{
struct StartMediaTransmission *startmedia_tx;
port_mesg = (struct IpPortMessage *)&sd->msgId;
alias_skinny_port_msg(port_mesg, pip, tc, link, direction);
break;
}
case OPNRCVCH_ACK: {
struct OpenReceiveChannelAck *opnrcvchn_ack;
if (len < sizeof(struct StartMediaTransmission)) {
if (len < sizeof(struct OpenReceiveChannelAck)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n");
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n");
#endif
return;
}
return;
}
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received start media trans msg\n");
fprintf(stderr,
"PacketAlias/Skinny: Received open rcv channel msg\n");
#endif
startmedia_tx = (struct StartMediaTransmission *) & sd->msgId;
alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction);
}
break;
default:
break;
}
/* Place the pointer at the next message in the packet. */
dlen -= len + (skinny_hdr_len - sizeof(msgId));
sd = (struct skinny_header *) (((char *)&sd->msgId) + len);
}
opnrcvchn_ack = (struct OpenReceiveChannelAck *)&sd->msgId;
alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
break;
}
case START_MEDIATX: {
struct StartMediaTransmission *startmedia_tx;
if (len < sizeof(struct StartMediaTransmission)) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n");
#endif
return;
}
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/Skinny: Received start media trans msg\n");
#endif
startmedia_tx = (struct StartMediaTransmission *)&sd->msgId;
alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction);
break;
}
default:
break;
}
/* Place the pointer at the next message in the packet. */
dlen -= len + (skinny_hdr_len - sizeof(msgId));
sd = (struct skinny_header *)(((char *)&sd->msgId) + len);
}
}

524
sys/netinet/libalias/alias_smedia.c
View File

@ -118,316 +118,326 @@ __FBSDID("$FreeBSD$");
static int
search_string(char *data, int dlen, const char *search_str)
{
int i, j, k;
int search_str_len;
int i, j, k;
int search_str_len;
search_str_len = strlen(search_str);
for (i = 0; i < dlen - search_str_len; i++) {
for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
if (data[j] != search_str[k] &&
data[j] != search_str[k] - ('a' - 'A')) {
break;
}
if (k == search_str_len - 1) {
return j + 1;
}
search_str_len = strlen(search_str);
for (i = 0; i < dlen - search_str_len; i++) {
for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
if (data[j] != search_str[k] &&
data[j] != search_str[k] - ('a' - 'A')) {
break;
}
if (k == search_str_len - 1) {
return j + 1;
}
}
}
}
return -1;
return -1;
}
static int
alias_rtsp_out(struct libalias *la, struct ip *pip,
struct alias_link *link,
char *data,
const char *port_str)
struct alias_link *link,
char *data,
const char *port_str)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
int i, j, pos, state, port_dlen, new_dlen, delta;
u_short p[2], new_len;
u_short sport, eport, base_port;
u_short salias = 0, ealias = 0, base_alias = 0;
const char *transport_str = "transport:";
char newdata[2048], *port_data, *port_newdata, stemp[80];
int links_created = 0, pkt_updated = 0;
struct alias_link *rtsp_link = NULL;
struct in_addr null_addr;
int hlen, tlen, dlen;
struct tcphdr *tc;
int i, j, pos, state, port_dlen, new_dlen, delta;
u_short p[2], new_len;
u_short sport, eport, base_port;
u_short salias = 0, ealias = 0, base_alias = 0;
const char *transport_str = "transport:";
char newdata[2048], *port_data, *port_newdata, stemp[80];
int links_created = 0, pkt_updated = 0;
struct alias_link *rtsp_link = NULL;
struct in_addr null_addr;
/* Calculate data length of TCP packet */
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Calculate data length of TCP packet */
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
/* Find keyword, "Transport: " */
pos = search_string(data, dlen, transport_str);
if (pos < 0) {
return -1;
}
port_data = data + pos;
port_dlen = dlen - pos;
memcpy(newdata, data, pos);
port_newdata = newdata + pos;
while (port_dlen > strlen(port_str)) {
/* Find keyword, appropriate port string */
pos = search_string(port_data, port_dlen, port_str);
/* Find keyword, "Transport: " */
pos = search_string(data, dlen, transport_str);
if (pos < 0) {
break;
return -1;
}
port_data = data + pos;
port_dlen = dlen - pos;
memcpy (port_newdata, port_data, pos + 1);
port_newdata += (pos + 1);
memcpy(newdata, data, pos);
port_newdata = newdata + pos;
p[0] = p[1] = 0;
sport = eport = 0;
state = 0;
for (i = pos; i < port_dlen; i++) {
switch(state) {
case 0:
if (port_data[i] == '=') {
state++;
while (port_dlen > strlen(port_str)) {
/* Find keyword, appropriate port string */
pos = search_string(port_data, port_dlen, port_str);
if (pos < 0) {
break;
}
break;
case 1:
if (ISDIGIT(port_data[i])) {
p[0] = p[0] * 10 + port_data[i] - '0';
} else {
if (port_data[i] == ';') {
state = 3;
}
if (port_data[i] == '-') {
state++;
}
}
break;
case 2:
if (ISDIGIT(port_data[i])) {
p[1] = p[1] * 10 + port_data[i] - '0';
} else {
state++;
}
break;
case 3:
base_port = p[0];
sport = htons(p[0]);
eport = htons(p[1]);
memcpy(port_newdata, port_data, pos + 1);
port_newdata += (pos + 1);
if (!links_created) {
p[0] = p[1] = 0;
sport = eport = 0;
state = 0;
for (i = pos; i < port_dlen; i++) {
switch (state) {
case 0:
if (port_data[i] == '=') {
state++;
}
break;
case 1:
if (ISDIGIT(port_data[i])) {
p[0] = p[0] * 10 + port_data[i] - '0';
} else {
if (port_data[i] == ';') {
state = 3;
}
if (port_data[i] == '-') {
state++;
}
}
break;
case 2:
if (ISDIGIT(port_data[i])) {
p[1] = p[1] * 10 + port_data[i] - '0';
} else {
state++;
}
break;
case 3:
base_port = p[0];
sport = htons(p[0]);
eport = htons(p[1]);
links_created = 1;
/* Find an even numbered port number base that
satisfies the contiguous number of ports we need */
null_addr.s_addr = 0;
if (0 == (salias = FindNewPortGroup(la, null_addr,
FindAliasAddress(la, pip->ip_src),
sport, 0,
RTSP_PORT_GROUP,
IPPROTO_UDP, 1))) {
if (!links_created) {
links_created = 1;
/*
* Find an even numbered port
* number base that satisfies the
* contiguous number of ports we
* need
*/
null_addr.s_addr = 0;
if (0 == (salias = FindNewPortGroup(la, null_addr,
FindAliasAddress(la, pip->ip_src),
sport, 0,
RTSP_PORT_GROUP,
IPPROTO_UDP, 1))) {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n");
fprintf(stderr,
"PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n");
#endif
} else {
} else {
base_alias = ntohs(salias);
for (j = 0; j < RTSP_PORT_GROUP; j++) {
/* Establish link to port found in RTSP packet */
rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
htons(base_port + j), htons(base_alias + j),
IPPROTO_UDP);
if (rtsp_link != NULL) {
base_alias = ntohs(salias);
for (j = 0; j < RTSP_PORT_GROUP; j++) {
/*
* Establish link
* to port found in
* RTSP packet
*/
rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
htons(base_port + j), htons(base_alias + j),
IPPROTO_UDP);
if (rtsp_link != NULL) {
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */
PunchFWHole(rtsp_link);
/*
* Punch
* hole in
* firewall
*/
PunchFWHole(rtsp_link);
#endif
} else {
} else {
#ifdef DEBUG
fprintf(stderr,
"PacketAlias/RTSP: Cannot allocate RTSP data ports\n");
fprintf(stderr,
"PacketAlias/RTSP: Cannot allocate RTSP data ports\n");
#endif
break;
}
}
}
ealias = htons(base_alias + (RTSP_PORT_GROUP - 1));
break;
}
}
}
ealias = htons(base_alias + (RTSP_PORT_GROUP - 1));
}
if (salias && rtsp_link) {
pkt_updated = 1;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(salias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
if (eport != 0) {
*port_newdata = '-';
port_newdata++;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(ealias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
}
*port_newdata = ';';
port_newdata++;
}
state++;
break;
}
if (state > 3) {
break;
}
}
if (salias && rtsp_link) {
pkt_updated = 1;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(salias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
if (eport != 0) {
*port_newdata = '-';
port_newdata++;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(ealias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
}
*port_newdata = ';';
port_newdata++;
}
state++;
break;
}
if (state > 3) {
break;
}
port_data += i;
port_dlen -= i;
}
port_data += i;
port_dlen -= i;
}
if (!pkt_updated)
return -1;
if (!pkt_updated)
return -1;
memcpy (port_newdata, port_data, port_dlen);
port_newdata += port_dlen;
*port_newdata = '\0';
memcpy(port_newdata, port_data, port_dlen);
port_newdata += port_dlen;
*port_newdata = '\0';
/* Create new packet */
new_dlen = port_newdata - newdata;
memcpy (data, newdata, new_dlen);
/* Create new packet */
new_dlen = port_newdata - newdata;
memcpy(data, newdata, new_dlen);
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + new_dlen - dlen);
SetAckModified(link);
delta = GetDeltaSeqOut(pip, link);
AddSeq(pip, link, delta + new_dlen - dlen);
new_len = htons(hlen + new_dlen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
new_len = htons(hlen + new_dlen);
DifferentialChecksum(&pip->ip_sum,
&new_len,
&pip->ip_len,
1);
pip->ip_len = new_len;
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
return 0;
return 0;
}
/* Support the protocol used by early versions of RealPlayer */
static int
alias_pna_out(struct libalias *la, struct ip *pip,
struct alias_link *link,
char *data,
int dlen)
struct alias_link *link,
char *data,
int dlen)
{
struct alias_link *pna_links;
u_short msg_id, msg_len;
char *work;
u_short alias_port, port;
struct tcphdr *tc;
struct alias_link *pna_links;
u_short msg_id, msg_len;
char *work;
u_short alias_port, port;
struct tcphdr *tc;
work = data;
work += 5;
while (work + 4 < data + dlen) {
memcpy(&msg_id, work, 2);
work += 2;
memcpy(&msg_len, work, 2);
work += 2;
if (ntohs(msg_id) == 0) {
/* end of options */
return 0;
}
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
memcpy(&port, work, 2);
pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
port, 0, IPPROTO_UDP, 1);
if (pna_links != NULL) {
work = data;
work += 5;
while (work + 4 < data + dlen) {
memcpy(&msg_id, work, 2);
work += 2;
memcpy(&msg_len, work, 2);
work += 2;
if (ntohs(msg_id) == 0) {
/* end of options */
return 0;
}
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
memcpy(&port, work, 2);
pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
port, 0, IPPROTO_UDP, 1);
if (pna_links != NULL) {
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */
PunchFWHole(pna_links);
/* Punch hole in firewall */
PunchFWHole(pna_links);
#endif
tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
alias_port = GetAliasPort(pna_links);
memcpy(work, &alias_port, 2);
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
alias_port = GetAliasPort(pna_links);
memcpy(work, &alias_port, 2);
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
}
/* Compute TCP checksum for revised packet */
tc->th_sum = 0;
tc->th_sum = TcpChecksum(pip);
}
}
work += ntohs(msg_len);
}
work += ntohs(msg_len);
}
return 0;
return 0;
}
void
AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *link, int maxpacketsize)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
char *data;
const char *setup = "SETUP", *pna = "PNA", *str200 = "200";
const char *okstr = "OK", *client_port_str = "client_port";
const char *server_port_str = "server_port";
int i, parseOk;
int hlen, tlen, dlen;
struct tcphdr *tc;
char *data;
const char *setup = "SETUP", *pna = "PNA", *str200 = "200";
const char *okstr = "OK", *client_port_str = "client_port";
const char *server_port_str = "server_port";
int i, parseOk;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
hlen = (pip->ip_hl + tc->th_off) << 2;
tlen = ntohs(pip->ip_len);
dlen = tlen - hlen;
data = (char*)pip;
data += hlen;
data = (char *)pip;
data += hlen;
/* When aliasing a client, check for the SETUP request */
if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
(ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
/* When aliasing a client, check for the SETUP request */
if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
(ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
if (dlen >= strlen(setup)) {
if (memcmp(data, setup, strlen(setup)) == 0) {
alias_rtsp_out(la, pip, link, data, client_port_str);
return;
if (dlen >= strlen(setup)) {
if (memcmp(data, setup, strlen(setup)) == 0) {
alias_rtsp_out(la, pip, link, data, client_port_str);
return;
}
}
if (dlen >= strlen(pna)) {
if (memcmp(data, pna, strlen(pna)) == 0) {
alias_pna_out(la, pip, link, data, dlen);
}
}
} else {
/*
* When aliasing a server, check for the 200 reply
* Accomodate varying number of blanks between 200 & OK
*/
if (dlen >= strlen(str200)) {
for (parseOk = 0, i = 0;
i <= dlen - strlen(str200);
i++) {
if (memcmp(&data[i], str200, strlen(str200)) == 0) {
parseOk = 1;
break;
}
}
if (parseOk) {
i += strlen(str200); /* skip string found */
while (data[i] == ' ') /* skip blank(s) */
i++;
if ((dlen - i) >= strlen(okstr)) {
if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
alias_rtsp_out(la, pip, link, data, server_port_str);
}
}
}
}
}
if (dlen >= strlen(pna)) {
if (memcmp(data, pna, strlen(pna)) == 0) {
alias_pna_out(la, pip, link, data, dlen);
}
}
} else {
/* When aliasing a server, check for the 200 reply
Accomodate varying number of blanks between 200 & OK */
if (dlen >= strlen(str200)) {
for (parseOk = 0, i = 0;
i <= dlen - strlen(str200);
i++) {
if (memcmp(&data[i], str200, strlen(str200)) == 0) {
parseOk = 1;
break;
}
}
if (parseOk) {
i += strlen(str200); /* skip string found */
while(data[i] == ' ') /* skip blank(s) */
i++;
if ((dlen - i) >= strlen(okstr)) {
if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
alias_rtsp_out(la, pip, link, data, server_port_str);
}
}
}
}
}

144
sys/netinet/libalias/alias_util.c
View File

@ -61,110 +61,100 @@ purposes);
#include "alias_local.h"
u_short
LibAliasInternetChecksum(struct libalias *la, u_short *ptr, int nbytes)
LibAliasInternetChecksum(struct libalias *la, u_short * ptr, int nbytes)
{
int sum, oddbyte;
int sum, oddbyte;
sum = 0;
while (nbytes > 1)
{
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1)
{
oddbyte = 0;
((u_char *) &oddbyte)[0] = *(u_char *) ptr;
((u_char *) &oddbyte)[1] = 0;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
return(~sum);
sum = 0;
while (nbytes > 1) {
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1) {
oddbyte = 0;
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
((u_char *) & oddbyte)[1] = 0;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
return (~sum);
}
u_short
IpChecksum(struct ip *pip)
{
return( PacketAliasInternetChecksum((u_short *) pip,
(pip->ip_hl << 2)) );
return (PacketAliasInternetChecksum((u_short *) pip,
(pip->ip_hl << 2)));
}
u_short
TcpChecksum(struct ip *pip)
{
u_short *ptr;
struct tcphdr *tc;
int nhdr, ntcp, nbytes;
int sum, oddbyte;
u_short *ptr;
struct tcphdr *tc;
int nhdr, ntcp, nbytes;
int sum, oddbyte;
nhdr = pip->ip_hl << 2;
ntcp = ntohs(pip->ip_len) - nhdr;
nhdr = pip->ip_hl << 2;
ntcp = ntohs(pip->ip_len) - nhdr;
tc = (struct tcphdr *) ((char *) pip + nhdr);
ptr = (u_short *) tc;
tc = (struct tcphdr *)((char *)pip + nhdr);
ptr = (u_short *) tc;
/* Add up TCP header and data */
nbytes = ntcp;
sum = 0;
while (nbytes > 1)
{
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1)
{
oddbyte = 0;
((u_char *) &oddbyte)[0] = *(u_char *) ptr;
((u_char *) &oddbyte)[1] = 0;
sum += oddbyte;
}
nbytes = ntcp;
sum = 0;
while (nbytes > 1) {
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1) {
oddbyte = 0;
((u_char *) & oddbyte)[0] = *(u_char *) ptr;
((u_char *) & oddbyte)[1] = 0;
sum += oddbyte;
}
/* "Pseudo-header" data */
ptr = (u_short *) &(pip->ip_dst);
sum += *ptr++;
sum += *ptr;
ptr = (u_short *) &(pip->ip_src);
sum += *ptr++;
sum += *ptr;
sum += htons((u_short) ntcp);
sum += htons((u_short) pip->ip_p);
ptr = (u_short *) & (pip->ip_dst);
sum += *ptr++;
sum += *ptr;
ptr = (u_short *) & (pip->ip_src);
sum += *ptr++;
sum += *ptr;
sum += htons((u_short) ntcp);
sum += htons((u_short) pip->ip_p);
/* Roll over carry bits */
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
/* Return checksum */
return((u_short) ~sum);
return ((u_short) ~ sum);
}
void
DifferentialChecksum(u_short *cksum, u_short *new, u_short *old, int n)
DifferentialChecksum(u_short * cksum, u_short * new, u_short * old, int n)
{
int i;
int accumulate;
int i;
int accumulate;
accumulate = *cksum;
for (i=0; i<n; i++)
{
accumulate -= *new++;
accumulate += *old++;
}
accumulate = *cksum;
for (i = 0; i < n; i++) {
accumulate -= *new++;
accumulate += *old++;
}
if (accumulate < 0)
{
accumulate = -accumulate;
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) ~accumulate;
}
else
{
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) accumulate;
}
if (accumulate < 0) {
accumulate = -accumulate;
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) ~ accumulate;
} else {
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
*cksum = (u_short) accumulate;
}
}