diff --git a/lib/libalias/alias.c b/lib/libalias/alias.c index fab70455b3c0..19406d45bdd5 100644 --- a/lib/libalias/alias.c +++ b/lib/libalias/alias.c @@ -1,5 +1,3 @@ -/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- */ - /*- * Copyright (c) 2001 Charles Mott * All rights reserved. @@ -153,53 +151,51 @@ a timeout period. */ /* Local prototypes */ -static void TcpMonitorIn(struct ip *, struct alias_link *); +static void TcpMonitorIn(struct ip *, struct alias_link *); -static void TcpMonitorOut(struct ip *, struct alias_link *); +static void TcpMonitorOut(struct ip *, struct alias_link *); static void TcpMonitorIn(struct ip *pip, struct alias_link *link) { - struct tcphdr *tc; + struct tcphdr *tc; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - switch (GetStateIn(link)) - { - case ALIAS_TCP_STATE_NOT_CONNECTED: - if (tc->th_flags & TH_RST) - SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); - else if (tc->th_flags & TH_SYN) - SetStateIn(link, ALIAS_TCP_STATE_CONNECTED); - break; - case ALIAS_TCP_STATE_CONNECTED: - if (tc->th_flags & (TH_FIN | TH_RST)) - SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); - break; - } + switch (GetStateIn(link)) { + case ALIAS_TCP_STATE_NOT_CONNECTED: + if (tc->th_flags & TH_RST) + SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); + else if (tc->th_flags & TH_SYN) + SetStateIn(link, ALIAS_TCP_STATE_CONNECTED); + break; + case ALIAS_TCP_STATE_CONNECTED: + if (tc->th_flags & (TH_FIN | TH_RST)) + SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); + break; + } } static void TcpMonitorOut(struct ip *pip, struct alias_link *link) { - struct tcphdr *tc; + struct tcphdr *tc; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - switch (GetStateOut(link)) - { - case ALIAS_TCP_STATE_NOT_CONNECTED: - if (tc->th_flags & TH_RST) - SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); - else if (tc->th_flags & TH_SYN) - SetStateOut(link, ALIAS_TCP_STATE_CONNECTED); - break; - case ALIAS_TCP_STATE_CONNECTED: - if (tc->th_flags & (TH_FIN | TH_RST)) - SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); - break; - } + switch (GetStateOut(link)) { + case ALIAS_TCP_STATE_NOT_CONNECTED: + if (tc->th_flags & TH_RST) + SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); + else if (tc->th_flags & TH_SYN) + SetStateOut(link, ALIAS_TCP_STATE_CONNECTED); + break; + case ALIAS_TCP_STATE_CONNECTED: + if (tc->th_flags & (TH_FIN | TH_RST)) + SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); + break; + } } @@ -247,22 +243,22 @@ the gateway machine or other machines on a local area network. /* Local prototypes */ -static int IcmpAliasIn1(struct libalias *, struct ip *); -static int IcmpAliasIn2(struct libalias *, struct ip *); -static int IcmpAliasIn (struct libalias *, struct ip *); +static int IcmpAliasIn1(struct libalias *, struct ip *); +static int IcmpAliasIn2(struct libalias *, struct ip *); +static int IcmpAliasIn(struct libalias *, struct ip *); -static int IcmpAliasOut1(struct libalias *, struct ip *); -static int IcmpAliasOut2(struct libalias *, struct ip *); -static int IcmpAliasOut (struct libalias *, struct ip *); +static int IcmpAliasOut1(struct libalias *, struct ip *); +static int IcmpAliasOut2(struct libalias *, struct ip *); +static int IcmpAliasOut(struct libalias *, struct ip *); -static int ProtoAliasIn(struct libalias *, struct ip *); -static int ProtoAliasOut(struct libalias *, struct ip *); +static int ProtoAliasIn(struct libalias *, struct ip *); +static int ProtoAliasOut(struct libalias *, struct ip *); -static int UdpAliasOut(struct libalias *, struct ip *); -static int UdpAliasIn (struct libalias *, struct ip *); +static int UdpAliasOut(struct libalias *, struct ip *); +static int UdpAliasIn(struct libalias *, struct ip *); -static int TcpAliasOut(struct libalias *, struct ip *, int); -static int TcpAliasIn (struct libalias *, struct ip *); +static int TcpAliasOut(struct libalias *, struct ip *, int); +static int TcpAliasIn(struct libalias *, struct ip *); static int @@ -272,43 +268,42 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip) De-alias incoming echo and timestamp replies. Alias incoming echo and timestamp requests. */ - struct alias_link *link; - struct icmp *ic; + struct alias_link *link; + struct icmp *ic; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); /* Get source address from ICMP data field and restore original data */ - link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); - if (link != NULL) - { - u_short original_id; - int accumulate; + link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); + if (link != NULL) { + u_short original_id; + int accumulate; - original_id = GetOriginalPort(link); + original_id = GetOriginalPort(link); /* Adjust ICMP checksum */ - accumulate = ic->icmp_id; - accumulate -= original_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + accumulate = ic->icmp_id; + accumulate -= original_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* Put original sequence number back in */ - ic->icmp_id = original_id; + ic->icmp_id = original_id; /* Put original address back into IP header */ - { - struct in_addr original_address; + { + struct in_addr original_address; - original_address = GetOriginalAddress(link); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; - } + original_address = GetOriginalAddress(link); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; + } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int @@ -318,151 +313,145 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip) Alias incoming ICMP error messages containing IP header and first 64 bits of datagram. */ - struct ip *ip; - struct icmp *ic, *ic2; - struct udphdr *ud; - struct tcphdr *tc; - struct alias_link *link; + struct ip *ip; + struct icmp *ic, *ic2; + struct udphdr *ud; + struct tcphdr *tc; + struct alias_link *link; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); - ip = &ic->icmp_ip; + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); + ip = &ic->icmp_ip; - ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2)); - tc = (struct tcphdr *) ud; - ic2 = (struct icmp *) ud; + ud = (struct udphdr *)((char *)ip + (ip->ip_hl << 2)); + tc = (struct tcphdr *)ud; + ic2 = (struct icmp *)ud; - if (ip->ip_p == IPPROTO_UDP) - link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, - ud->uh_dport, ud->uh_sport, - IPPROTO_UDP, 0); - else if (ip->ip_p == IPPROTO_TCP) - link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, - tc->th_dport, tc->th_sport, - IPPROTO_TCP, 0); - else if (ip->ip_p == IPPROTO_ICMP) { - if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) - link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); - else - link = NULL; - } else - link = NULL; + if (ip->ip_p == IPPROTO_UDP) + link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, + ud->uh_dport, ud->uh_sport, + IPPROTO_UDP, 0); + else if (ip->ip_p == IPPROTO_TCP) + link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, + tc->th_dport, tc->th_sport, + IPPROTO_TCP, 0); + else if (ip->ip_p == IPPROTO_ICMP) { + if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) + link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); + else + link = NULL; + } else + link = NULL; - if (link != NULL) - { - if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) - { - u_short *sptr; - int accumulate, accumulate2; - struct in_addr original_address; - u_short original_port; + if (link != NULL) { + if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) { + u_short *sptr; + int accumulate, accumulate2; + struct in_addr original_address; + u_short original_port; - original_address = GetOriginalAddress(link); - original_port = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_port = GetOriginalPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ud->uh_sport; - accumulate -= original_port; - accumulate2 = accumulate; - accumulate2 += ip->ip_sum; - ADJUST_CHECKSUM(accumulate, ip->ip_sum); - accumulate2 -= ip->ip_sum; - ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ud->uh_sport; + accumulate -= original_port; + accumulate2 = accumulate; + accumulate2 += ip->ip_sum; + ADJUST_CHECKSUM(accumulate, ip->ip_sum); + accumulate2 -= ip->ip_sum; + ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); /* Un-alias address in IP header */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; /* Un-alias address and port number of original IP packet fragment contained in ICMP data section */ - ip->ip_src = original_address; - ud->uh_sport = original_port; - } - else if (ip->ip_p == IPPROTO_ICMP) - { - u_short *sptr; - int accumulate, accumulate2; - struct in_addr original_address; - u_short original_id; + ip->ip_src = original_address; + ud->uh_sport = original_port; + } else if (ip->ip_p == IPPROTO_ICMP) { + u_short *sptr; + int accumulate, accumulate2; + struct in_addr original_address; + u_short original_id; - original_address = GetOriginalAddress(link); - original_id = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_id = GetOriginalPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ic2->icmp_id; - accumulate -= original_id; - accumulate2 = accumulate; - accumulate2 += ip->ip_sum; - ADJUST_CHECKSUM(accumulate, ip->ip_sum); - accumulate2 -= ip->ip_sum; - ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ic2->icmp_id; + accumulate -= original_id; + accumulate2 = accumulate; + accumulate2 += ip->ip_sum; + ADJUST_CHECKSUM(accumulate, ip->ip_sum); + accumulate2 -= ip->ip_sum; + ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); /* Un-alias address in IP header */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; /* Un-alias address of original IP packet and sequence number of embedded ICMP datagram */ - ip->ip_src = original_address; - ic2->icmp_id = original_id; - } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + ip->ip_src = original_address; + ic2->icmp_id = original_id; + } + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int IcmpAliasIn(struct libalias *la, struct ip *pip) { - int iresult; - struct icmp *ic; + int iresult; + struct icmp *ic; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); - iresult = PKT_ALIAS_IGNORED; - switch (ic->icmp_type) - { - case ICMP_ECHOREPLY: - case ICMP_TSTAMPREPLY: - if (ic->icmp_code == 0) - { - iresult = IcmpAliasIn1(la, pip); - } - break; - case ICMP_UNREACH: - case ICMP_SOURCEQUENCH: - case ICMP_TIMXCEED: - case ICMP_PARAMPROB: - iresult = IcmpAliasIn2(la, pip); - break; - case ICMP_ECHO: - case ICMP_TSTAMP: - iresult = IcmpAliasIn1(la, pip); - break; - } - return(iresult); + iresult = PKT_ALIAS_IGNORED; + switch (ic->icmp_type) { + case ICMP_ECHOREPLY: + case ICMP_TSTAMPREPLY: + if (ic->icmp_code == 0) { + iresult = IcmpAliasIn1(la, pip); + } + break; + case ICMP_UNREACH: + case ICMP_SOURCEQUENCH: + case ICMP_TIMXCEED: + case ICMP_PARAMPROB: + iresult = IcmpAliasIn2(la, pip); + break; + case ICMP_ECHO: + case ICMP_TSTAMP: + iresult = IcmpAliasIn1(la, pip); + break; + } + return (iresult); } @@ -473,43 +462,42 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip) Alias outgoing echo and timestamp requests. De-alias outgoing echo and timestamp replies. */ - struct alias_link *link; - struct icmp *ic; + struct alias_link *link; + struct icmp *ic; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); /* Save overwritten data for when echo packet returns */ - link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); - if (link != NULL) - { - u_short alias_id; - int accumulate; + link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); + if (link != NULL) { + u_short alias_id; + int accumulate; - alias_id = GetAliasPort(link); + alias_id = GetAliasPort(link); /* Since data field is being modified, adjust ICMP checksum */ - accumulate = ic->icmp_id; - accumulate -= alias_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + accumulate = ic->icmp_id; + accumulate -= alias_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* Alias sequence number */ - ic->icmp_id = alias_id; + ic->icmp_id = alias_id; /* Change source address */ - { - struct in_addr alias_address; + { + struct in_addr alias_address; - alias_address = GetAliasAddress(link); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; - } + alias_address = GetAliasAddress(link); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; + } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -520,152 +508,144 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip) Alias outgoing ICMP error messages containing IP header and first 64 bits of datagram. */ - struct ip *ip; - struct icmp *ic, *ic2; - struct udphdr *ud; - struct tcphdr *tc; - struct alias_link *link; + struct ip *ip; + struct icmp *ic, *ic2; + struct udphdr *ud; + struct tcphdr *tc; + struct alias_link *link; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); - ip = &ic->icmp_ip; + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); + ip = &ic->icmp_ip; - ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2)); - tc = (struct tcphdr *) ud; - ic2 = (struct icmp *) ud; + ud = (struct udphdr *)((char *)ip + (ip->ip_hl << 2)); + tc = (struct tcphdr *)ud; + ic2 = (struct icmp *)ud; - if (ip->ip_p == IPPROTO_UDP) - link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, - ud->uh_dport, ud->uh_sport, - IPPROTO_UDP, 0); - else if (ip->ip_p == IPPROTO_TCP) - link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, - tc->th_dport, tc->th_sport, - IPPROTO_TCP, 0); - else if (ip->ip_p == IPPROTO_ICMP) { - if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) - link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); - else - link = NULL; - } else - link = NULL; + if (ip->ip_p == IPPROTO_UDP) + link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, + ud->uh_dport, ud->uh_sport, + IPPROTO_UDP, 0); + else if (ip->ip_p == IPPROTO_TCP) + link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, + tc->th_dport, tc->th_sport, + IPPROTO_TCP, 0); + else if (ip->ip_p == IPPROTO_ICMP) { + if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) + link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); + else + link = NULL; + } else + link = NULL; - if (link != NULL) - { - if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) - { - u_short *sptr; - int accumulate; - struct in_addr alias_address; - u_short alias_port; + if (link != NULL) { + if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) { + u_short *sptr; + int accumulate; + struct in_addr alias_address; + u_short alias_port; - alias_address = GetAliasAddress(link); - alias_port = GetAliasPort(link); + alias_address = GetAliasAddress(link); + alias_port = GetAliasPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_dst); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ud->uh_dport; - accumulate -= alias_port; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_dst); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ud->uh_dport; + accumulate -= alias_port; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* * Alias address in IP header if it comes from the host * the original TCP/UDP packet was destined for. */ - if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; - } - + if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; + } /* Alias address and port number of original IP packet fragment contained in ICMP data section */ - ip->ip_dst = alias_address; - ud->uh_dport = alias_port; - } - else if (ip->ip_p == IPPROTO_ICMP) - { - u_short *sptr; - int accumulate; - struct in_addr alias_address; - u_short alias_id; + ip->ip_dst = alias_address; + ud->uh_dport = alias_port; + } else if (ip->ip_p == IPPROTO_ICMP) { + u_short *sptr; + int accumulate; + struct in_addr alias_address; + u_short alias_id; - alias_address = GetAliasAddress(link); - alias_id = GetAliasPort(link); + alias_address = GetAliasAddress(link); + alias_id = GetAliasPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_dst); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ic2->icmp_id; - accumulate -= alias_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_dst); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ic2->icmp_id; + accumulate -= alias_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* * Alias address in IP header if it comes from the host * the original ICMP message was destined for. */ - if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; - } - + if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; + } /* Alias address of original IP packet and sequence number of embedded ICMP datagram */ - ip->ip_dst = alias_address; - ic2->icmp_id = alias_id; - } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + ip->ip_dst = alias_address; + ic2->icmp_id = alias_id; + } + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int IcmpAliasOut(struct libalias *la, struct ip *pip) { - int iresult; - struct icmp *ic; + int iresult; + struct icmp *ic; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); - iresult = PKT_ALIAS_IGNORED; - switch (ic->icmp_type) - { - case ICMP_ECHO: - case ICMP_TSTAMP: - if (ic->icmp_code == 0) - { - iresult = IcmpAliasOut1(la, pip); - } - break; - case ICMP_UNREACH: - case ICMP_SOURCEQUENCH: - case ICMP_TIMXCEED: - case ICMP_PARAMPROB: - iresult = IcmpAliasOut2(la, pip); - break; - case ICMP_ECHOREPLY: - case ICMP_TSTAMPREPLY: - iresult = IcmpAliasOut1(la, pip); - } - return(iresult); + iresult = PKT_ALIAS_IGNORED; + switch (ic->icmp_type) { + case ICMP_ECHO: + case ICMP_TSTAMP: + if (ic->icmp_code == 0) { + iresult = IcmpAliasOut1(la, pip); + } + break; + case ICMP_UNREACH: + case ICMP_SOURCEQUENCH: + case ICMP_TIMXCEED: + case ICMP_PARAMPROB: + iresult = IcmpAliasOut2(la, pip); + break; + case ICMP_ECHOREPLY: + case ICMP_TSTAMPREPLY: + iresult = IcmpAliasOut1(la, pip); + } + return (iresult); } @@ -679,29 +659,28 @@ ProtoAliasIn(struct libalias *la, struct ip *pip) the dest IP address of the packet to our inside machine. */ - struct alias_link *link; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p); - if (link != NULL) - { - struct in_addr original_address; + link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p); + if (link != NULL) { + struct in_addr original_address; - original_address = GetOriginalAddress(link); + original_address = GetOriginalAddress(link); /* Restore original IP address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -713,180 +692,173 @@ ProtoAliasOut(struct libalias *la, struct ip *pip) only thing which is done in this case is to alias the source IP address of the packet. */ - struct alias_link *link; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p); - if (link != NULL) - { - struct in_addr alias_address; + link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p); + if (link != NULL) { + struct in_addr alias_address; - alias_address = GetAliasAddress(link); + alias_address = GetAliasAddress(link); /* Change source address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int UdpAliasIn(struct libalias *la, struct ip *pip) { - struct udphdr *ud; - struct alias_link *link; + struct udphdr *ud; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, - ud->uh_sport, ud->uh_dport, - IPPROTO_UDP, 1); - if (link != NULL) - { - struct in_addr alias_address; - struct in_addr original_address; - u_short alias_port; - int accumulate; - u_short *sptr; - int r = 0; + link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, + ud->uh_sport, ud->uh_dport, + IPPROTO_UDP, 1); + if (link != NULL) { + struct in_addr alias_address; + struct in_addr original_address; + u_short alias_port; + int accumulate; + u_short *sptr; + int r = 0; - alias_address = GetAliasAddress(link); - original_address = GetOriginalAddress(link); - alias_port = ud->uh_dport; - ud->uh_dport = GetOriginalPort(link); + alias_address = GetAliasAddress(link); + original_address = GetOriginalAddress(link); + alias_port = ud->uh_dport; + ud->uh_dport = GetOriginalPort(link); /* Special processing for IP encoding protocols */ - if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) - AliasHandleCUSeeMeIn(la, pip, original_address); + if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) + AliasHandleCUSeeMeIn(la, pip, original_address); /* If NETBIOS Datagram, It should be alias address in UDP Data, too */ - else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) - r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport); - else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) - r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port, - &original_address, &ud->uh_dport); + else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) + r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport); + else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) + r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port, + &original_address, &ud->uh_dport); /* If UDP checksum is not zero, then adjust since destination port */ /* is being unaliased and destination address is being altered. */ - if (ud->uh_sum != 0) - { - accumulate = alias_port; - accumulate -= ud->uh_dport; - sptr = (u_short *) &alias_address; - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); - } - + if (ud->uh_sum != 0) { + accumulate = alias_port; + accumulate -= ud->uh_dport; + sptr = (u_short *) & alias_address; + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + } /* Restore original IP address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; - /* - * If we cannot figure out the packet, ignore it. - */ - if (r < 0) - return(PKT_ALIAS_IGNORED); - else - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + /* + * If we cannot figure out the packet, ignore it. + */ + if (r < 0) + return (PKT_ALIAS_IGNORED); + else + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int UdpAliasOut(struct libalias *la, struct ip *pip) { - struct udphdr *ud; - struct alias_link *link; + struct udphdr *ud; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, - ud->uh_sport, ud->uh_dport, - IPPROTO_UDP, 1); - if (link != NULL) - { - u_short alias_port; - struct in_addr alias_address; + link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, + ud->uh_sport, ud->uh_dport, + IPPROTO_UDP, 1); + if (link != NULL) { + u_short alias_port; + struct in_addr alias_address; - alias_address = GetAliasAddress(link); - alias_port = GetAliasPort(link); + alias_address = GetAliasAddress(link); + alias_port = GetAliasPort(link); /* Special processing for IP encoding protocols */ - if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) - AliasHandleCUSeeMeOut(la, pip, link); + if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) + AliasHandleCUSeeMeOut(la, pip, link); /* If NETBIOS Datagram, It should be alias address in UDP Data, too */ - else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) - AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port); - else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) - AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport, - &alias_address, &alias_port); + else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) + AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port); + else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) + AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport, + &alias_address, &alias_port); /* * We don't know in advance what TID the TFTP server will choose, * so we create a wilcard link (destination port is unspecified) * that will match any TID from a given destination. */ - else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER) - FindRtspOut(la, pip->ip_src, pip->ip_dst, - ud->uh_sport, alias_port, IPPROTO_UDP); + else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER) + FindRtspOut(la, pip->ip_src, pip->ip_dst, + ud->uh_sport, alias_port, IPPROTO_UDP); /* If UDP checksum is not zero, adjust since source port is */ /* being aliased and source address is being altered */ - if (ud->uh_sum != 0) - { - int accumulate; - u_short *sptr; - - accumulate = ud->uh_sport; - accumulate -= alias_port; - sptr = (u_short *) &(pip->ip_src); - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); - } + if (ud->uh_sum != 0) { + int accumulate; + u_short *sptr; + accumulate = ud->uh_sport; + accumulate -= alias_port; + sptr = (u_short *) & (pip->ip_src); + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + } /* Put alias port in UDP header */ - ud->uh_sport = alias_port; + ud->uh_sport = alias_port; /* Change source address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -894,264 +866,248 @@ UdpAliasOut(struct libalias *la, struct ip *pip) static int TcpAliasIn(struct libalias *la, struct ip *pip) { - struct tcphdr *tc; - struct alias_link *link; + struct tcphdr *tc; + struct alias_link *link; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, - tc->th_sport, tc->th_dport, - IPPROTO_TCP, - !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)); - if (link != NULL) - { - struct in_addr alias_address; - struct in_addr original_address; - struct in_addr proxy_address; - u_short alias_port; - u_short proxy_port; - int accumulate; - u_short *sptr; + link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, + tc->th_sport, tc->th_dport, + IPPROTO_TCP, + !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)); + if (link != NULL) { + struct in_addr alias_address; + struct in_addr original_address; + struct in_addr proxy_address; + u_short alias_port; + u_short proxy_port; + int accumulate; + u_short *sptr; /* Special processing for IP encoding protocols */ - if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER - || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) - AliasHandlePptpIn(la, pip, link); - else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort - || ntohs(tc->th_sport) == la->skinnyPort)) - AliasHandleSkinny(la, pip, link); + if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER + || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) + AliasHandlePptpIn(la, pip, link); + else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort + || ntohs(tc->th_sport) == la->skinnyPort)) + AliasHandleSkinny(la, pip, link); - alias_address = GetAliasAddress(link); - original_address = GetOriginalAddress(link); - proxy_address = GetProxyAddress(link); - alias_port = tc->th_dport; - tc->th_dport = GetOriginalPort(link); - proxy_port = GetProxyPort(link); + alias_address = GetAliasAddress(link); + original_address = GetOriginalAddress(link); + proxy_address = GetProxyAddress(link); + alias_port = tc->th_dport; + tc->th_dport = GetOriginalPort(link); + proxy_port = GetProxyPort(link); /* Adjust TCP checksum since destination port is being unaliased */ /* and destination port is being altered. */ - accumulate = alias_port; - accumulate -= tc->th_dport; - sptr = (u_short *) &alias_address; - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; + accumulate = alias_port; + accumulate -= tc->th_dport; + sptr = (u_short *) & alias_address; + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; /* If this is a proxy, then modify the TCP source port and checksum accumulation */ - if (proxy_port != 0) - { - accumulate += tc->th_sport; - tc->th_sport = proxy_port; - accumulate -= tc->th_sport; - - sptr = (u_short *) &pip->ip_src; - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &proxy_address; - accumulate -= *sptr++; - accumulate -= *sptr; - } + if (proxy_port != 0) { + accumulate += tc->th_sport; + tc->th_sport = proxy_port; + accumulate -= tc->th_sport; + sptr = (u_short *) & pip->ip_src; + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & proxy_address; + accumulate -= *sptr++; + accumulate -= *sptr; + } /* See if ACK number needs to be modified */ - if (GetAckModified(link) == 1) - { - int delta; + if (GetAckModified(link) == 1) { + int delta; - delta = GetDeltaAckIn(pip, link); - if (delta != 0) - { - sptr = (u_short *) &tc->th_ack; - accumulate += *sptr++; - accumulate += *sptr; - tc->th_ack = htonl(ntohl(tc->th_ack) - delta); - sptr = (u_short *) &tc->th_ack; - accumulate -= *sptr++; - accumulate -= *sptr; - } - } - - ADJUST_CHECKSUM(accumulate, tc->th_sum); + delta = GetDeltaAckIn(pip, link); + if (delta != 0) { + sptr = (u_short *) & tc->th_ack; + accumulate += *sptr++; + accumulate += *sptr; + tc->th_ack = htonl(ntohl(tc->th_ack) - delta); + sptr = (u_short *) & tc->th_ack; + accumulate -= *sptr++; + accumulate -= *sptr; + } + } + ADJUST_CHECKSUM(accumulate, tc->th_sum); /* Restore original IP address */ - sptr = (u_short *) &pip->ip_dst; - accumulate = *sptr++; - accumulate += *sptr; - pip->ip_dst = original_address; - sptr = (u_short *) &pip->ip_dst; - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & pip->ip_dst; + accumulate = *sptr++; + accumulate += *sptr; + pip->ip_dst = original_address; + sptr = (u_short *) & pip->ip_dst; + accumulate -= *sptr++; + accumulate -= *sptr; /* If this is a transparent proxy packet, then modify the source address */ - if (proxy_address.s_addr != 0) - { - sptr = (u_short *) &pip->ip_src; - accumulate += *sptr++; - accumulate += *sptr; - pip->ip_src = proxy_address; - sptr = (u_short *) &pip->ip_src; - accumulate -= *sptr++; - accumulate -= *sptr; - } - - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + if (proxy_address.s_addr != 0) { + sptr = (u_short *) & pip->ip_src; + accumulate += *sptr++; + accumulate += *sptr; + pip->ip_src = proxy_address; + sptr = (u_short *) & pip->ip_src; + accumulate -= *sptr++; + accumulate -= *sptr; + } + ADJUST_CHECKSUM(accumulate, pip->ip_sum); /* Monitor TCP connection state */ - TcpMonitorIn(pip, link); + TcpMonitorIn(pip, link); - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize) { - int proxy_type; - u_short dest_port; - u_short proxy_server_port; - struct in_addr dest_address; - struct in_addr proxy_server_address; - struct tcphdr *tc; - struct alias_link *link; + int proxy_type; + u_short dest_port; + u_short proxy_server_port; + struct in_addr dest_address; + struct in_addr proxy_server_address; + struct tcphdr *tc; + struct alias_link *link; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port); + proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port); - if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) - return PKT_ALIAS_OK; + if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) + return PKT_ALIAS_OK; /* If this is a transparent proxy, save original destination, then alter the destination and adjust checksums */ - dest_port = tc->th_dport; - dest_address = pip->ip_dst; - if (proxy_type != 0) - { - int accumulate; - u_short *sptr; + dest_port = tc->th_dport; + dest_address = pip->ip_dst; + if (proxy_type != 0) { + int accumulate; + u_short *sptr; - accumulate = tc->th_dport; - tc->th_dport = proxy_server_port; - accumulate -= tc->th_dport; + accumulate = tc->th_dport; + tc->th_dport = proxy_server_port; + accumulate -= tc->th_dport; - sptr = (u_short *) &(pip->ip_dst); - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &proxy_server_address; - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_dst); + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & proxy_server_address; + accumulate -= *sptr++; + accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, tc->th_sum); + ADJUST_CHECKSUM(accumulate, tc->th_sum); - sptr = (u_short *) &(pip->ip_dst); - accumulate = *sptr++; - accumulate += *sptr; - pip->ip_dst = proxy_server_address; - sptr = (u_short *) &(pip->ip_dst); - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_dst); + accumulate = *sptr++; + accumulate += *sptr; + pip->ip_dst = proxy_server_address; + sptr = (u_short *) & (pip->ip_dst); + accumulate -= *sptr++; + accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); - } - - link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, - tc->th_sport, tc->th_dport, - IPPROTO_TCP, 1); - if (link !=NULL) - { - u_short alias_port; - struct in_addr alias_address; - int accumulate; - u_short *sptr; + ADJUST_CHECKSUM(accumulate, pip->ip_sum); + } + link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, + tc->th_sport, tc->th_dport, + IPPROTO_TCP, 1); + if (link != NULL) { + u_short alias_port; + struct in_addr alias_address; + int accumulate; + u_short *sptr; /* Save original destination address, if this is a proxy packet. Also modify packet to include destination encoding. This may change the size of IP header. */ - if (proxy_type != 0) - { - SetProxyPort(link, dest_port); - SetProxyAddress(link, dest_address); - ProxyModify(la, link, pip, maxpacketsize, proxy_type); - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - } - + if (proxy_type != 0) { + SetProxyPort(link, dest_port); + SetProxyAddress(link, dest_address); + ProxyModify(la, link, pip, maxpacketsize, proxy_type); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + } /* Get alias address and port */ - alias_port = GetAliasPort(link); - alias_address = GetAliasAddress(link); + alias_port = GetAliasPort(link); + alias_address = GetAliasAddress(link); /* Monitor TCP connection state */ - TcpMonitorOut(pip, link); + TcpMonitorOut(pip, link); /* Special processing for IP encoding protocols */ - if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER - || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER) - AliasHandleFtpOut(la, pip, link, maxpacketsize); - else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1 - || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2) - AliasHandleIrcOut(la, pip, link, maxpacketsize); - else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1 - || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1 - || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2 - || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2) - AliasHandleRtspOut(la, pip, link, maxpacketsize); - else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER - || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) - AliasHandlePptpOut(la, pip, link); - else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort - || ntohs(tc->th_dport) == la->skinnyPort)) - AliasHandleSkinny(la, pip, link); + if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER + || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER) + AliasHandleFtpOut(la, pip, link, maxpacketsize); + else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2) + AliasHandleIrcOut(la, pip, link, maxpacketsize); + else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2 + || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2) + AliasHandleRtspOut(la, pip, link, maxpacketsize); + else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER + || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) + AliasHandlePptpOut(la, pip, link); + else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort + || ntohs(tc->th_dport) == la->skinnyPort)) + AliasHandleSkinny(la, pip, link); /* Adjust TCP checksum since source port is being aliased */ /* and source address is being altered */ - accumulate = tc->th_sport; - tc->th_sport = alias_port; - accumulate -= tc->th_sport; + accumulate = tc->th_sport; + tc->th_sport = alias_port; + accumulate -= tc->th_sport; - sptr = (u_short *) &(pip->ip_src); - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_src); + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; /* Modify sequence number if necessary */ - if (GetAckModified(link) == 1) - { - int delta; + if (GetAckModified(link) == 1) { + int delta; - delta = GetDeltaSeqOut(pip, link); - if (delta != 0) - { - sptr = (u_short *) &tc->th_seq; - accumulate += *sptr++; - accumulate += *sptr; - tc->th_seq = htonl(ntohl(tc->th_seq) + delta); - sptr = (u_short *) &tc->th_seq; - accumulate -= *sptr++; - accumulate -= *sptr; - } - } - - ADJUST_CHECKSUM(accumulate, tc->th_sum); + delta = GetDeltaSeqOut(pip, link); + if (delta != 0) { + sptr = (u_short *) & tc->th_seq; + accumulate += *sptr++; + accumulate += *sptr; + tc->th_seq = htonl(ntohl(tc->th_seq) + delta); + sptr = (u_short *) & tc->th_seq; + accumulate -= *sptr++; + accumulate -= *sptr; + } + } + ADJUST_CHECKSUM(accumulate, tc->th_sum); /* Change source address */ - sptr = (u_short *) &(pip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - pip->ip_src = alias_address; - sptr = (u_short *) &(pip->ip_src); - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + pip->ip_src = alias_address; + sptr = (u_short *) & (pip->ip_src); + accumulate -= *sptr++; + accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + ADJUST_CHECKSUM(accumulate, pip->ip_sum); - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -1171,46 +1127,45 @@ saved and recalled when a header fragment is seen. */ /* Local prototypes */ -static int FragmentIn(struct libalias *, struct ip *); -static int FragmentOut(struct libalias *, struct ip *); +static int FragmentIn(struct libalias *, struct ip *); +static int FragmentOut(struct libalias *, struct ip *); static int FragmentIn(struct libalias *la, struct ip *pip) { - struct alias_link *link; + struct alias_link *link; - link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id); - if (link != NULL) - { - struct in_addr original_address; + link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id); + if (link != NULL) { + struct in_addr original_address; - GetFragmentAddr(link, &original_address); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + GetFragmentAddr(link, &original_address); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_UNRESOLVED_FRAGMENT); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_UNRESOLVED_FRAGMENT); } static int FragmentOut(struct libalias *la, struct ip *pip) { - struct in_addr alias_address; + struct in_addr alias_address; - alias_address = FindAliasAddress(la, pip->ip_src); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; + alias_address = FindAliasAddress(la, pip->ip_src); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; - return(PKT_ALIAS_OK); + return (PKT_ALIAS_OK); } @@ -1234,139 +1189,127 @@ FragmentOut(struct libalias *la, struct ip *pip) int LibAliasSaveFragment(struct libalias *la, char *ptr) { - int iresult; - struct alias_link *link; - struct ip *pip; + int iresult; + struct alias_link *link; + struct ip *pip; - pip = (struct ip *) ptr; - link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id); - iresult = PKT_ALIAS_ERROR; - if (link != NULL) - { - SetFragmentPtr(link, ptr); - iresult = PKT_ALIAS_OK; - } - return(iresult); + pip = (struct ip *)ptr; + link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id); + iresult = PKT_ALIAS_ERROR; + if (link != NULL) { + SetFragmentPtr(link, ptr); + iresult = PKT_ALIAS_OK; + } + return (iresult); } -char * +char * LibAliasGetFragment(struct libalias *la, char *ptr) { - struct alias_link *link; - char *fptr; - struct ip *pip; + struct alias_link *link; + char *fptr; + struct ip *pip; - pip = (struct ip *) ptr; - link = FindFragmentPtr(la, pip->ip_src, pip->ip_id); - if (link != NULL) - { - GetFragmentPtr(link, &fptr); - SetFragmentPtr(link, NULL); - SetExpire(link, 0); /* Deletes link */ + pip = (struct ip *)ptr; + link = FindFragmentPtr(la, pip->ip_src, pip->ip_id); + if (link != NULL) { + GetFragmentPtr(link, &fptr); + SetFragmentPtr(link, NULL); + SetExpire(link, 0); /* Deletes link */ - return(fptr); - } - else - { - return(NULL); - } + return (fptr); + } else { + return (NULL); + } } void -LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly de-aliased - header fragment */ - char *ptr_fragment /* Points to fragment which must - be de-aliased */ - ) +LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly + * de-aliased header + * fragment */ + char *ptr_fragment /* Points to fragment which must be + * de-aliased */ +) { - struct ip *pip; - struct ip *fpip; + struct ip *pip; + struct ip *fpip; - pip = (struct ip *) ptr; - fpip = (struct ip *) ptr_fragment; + pip = (struct ip *)ptr; + fpip = (struct ip *)ptr_fragment; - DifferentialChecksum(&fpip->ip_sum, - (u_short *) &pip->ip_dst, - (u_short *) &fpip->ip_dst, - 2); - fpip->ip_dst = pip->ip_dst; + DifferentialChecksum(&fpip->ip_sum, + (u_short *) & pip->ip_dst, + (u_short *) & fpip->ip_dst, + 2); + fpip->ip_dst = pip->ip_dst; } int LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize) { - struct in_addr alias_addr; - struct ip *pip; - int iresult; + struct in_addr alias_addr; + struct ip *pip; + int iresult; - if (la->packetAliasMode & PKT_ALIAS_REVERSE) { - la->packetAliasMode &= ~PKT_ALIAS_REVERSE; - iresult = PacketAliasOut(ptr, maxpacketsize); - la->packetAliasMode |= PKT_ALIAS_REVERSE; - return iresult; - } + if (la->packetAliasMode & PKT_ALIAS_REVERSE) { + la->packetAliasMode &= ~PKT_ALIAS_REVERSE; + iresult = PacketAliasOut(ptr, maxpacketsize); + la->packetAliasMode |= PKT_ALIAS_REVERSE; + return iresult; + } + HouseKeeping(la); + ClearCheckNewLink(la); + pip = (struct ip *)ptr; + alias_addr = pip->ip_dst; - HouseKeeping(la); - ClearCheckNewLink(la); - pip = (struct ip *) ptr; - alias_addr = pip->ip_dst; + /* Defense against mangled packets */ + if (ntohs(pip->ip_len) > maxpacketsize + || (pip->ip_hl << 2) > maxpacketsize) + return PKT_ALIAS_IGNORED; - /* Defense against mangled packets */ - if (ntohs(pip->ip_len) > maxpacketsize - || (pip->ip_hl<<2) > maxpacketsize) - return PKT_ALIAS_IGNORED; + iresult = PKT_ALIAS_IGNORED; + if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) { + switch (pip->ip_p) { + case IPPROTO_ICMP: + iresult = IcmpAliasIn(la, pip); + break; + case IPPROTO_UDP: + iresult = UdpAliasIn(la, pip); + break; + case IPPROTO_TCP: + iresult = TcpAliasIn(la, pip); + break; + case IPPROTO_GRE: + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY || + AliasHandlePptpGreIn(la, pip) == 0) + iresult = PKT_ALIAS_OK; + else + iresult = ProtoAliasIn(la, pip); + break; + default: + iresult = ProtoAliasIn(la, pip); + break; + } - iresult = PKT_ALIAS_IGNORED; - if ( (ntohs(pip->ip_off) & IP_OFFMASK) == 0 ) - { - switch (pip->ip_p) - { - case IPPROTO_ICMP: - iresult = IcmpAliasIn(la, pip); - break; - case IPPROTO_UDP: - iresult = UdpAliasIn(la, pip); - break; - case IPPROTO_TCP: - iresult = TcpAliasIn(la, pip); - break; - case IPPROTO_GRE: - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY || - AliasHandlePptpGreIn(la, pip) == 0) - iresult = PKT_ALIAS_OK; - else - iresult = ProtoAliasIn(la, pip); - break; - default: - iresult = ProtoAliasIn(la, pip); - break; - } + if (ntohs(pip->ip_off) & IP_MF) { + struct alias_link *link; - if (ntohs(pip->ip_off) & IP_MF) - { - struct alias_link *link; + link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id); + if (link != NULL) { + iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT; + SetFragmentAddr(link, pip->ip_dst); + } else { + iresult = PKT_ALIAS_ERROR; + } + } + } else { + iresult = FragmentIn(la, pip); + } - link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id); - if (link != NULL) - { - iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT; - SetFragmentAddr(link, pip->ip_dst); - } - else - { - iresult = PKT_ALIAS_ERROR; - } - } - } - else - { - iresult = FragmentIn(la, pip); - } - - return(iresult); + return (iresult); } @@ -1386,207 +1329,195 @@ LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize) #define UNREG_ADDR_C_UPPER 0xc0a8ffff int -LibAliasOut(struct libalias *la, char *ptr, /* valid IP packet */ - int maxpacketsize /* How much the packet data may grow - (FTP and IRC inline changes) */ - ) +LibAliasOut(struct libalias *la, char *ptr, /* valid IP packet */ + int maxpacketsize /* How much the packet data may grow (FTP + * and IRC inline changes) */ +) { - int iresult; - struct in_addr addr_save; - struct ip *pip; + int iresult; + struct in_addr addr_save; + struct ip *pip; - if (la->packetAliasMode & PKT_ALIAS_REVERSE) { - la->packetAliasMode &= ~PKT_ALIAS_REVERSE; - iresult = PacketAliasIn(ptr, maxpacketsize); - la->packetAliasMode |= PKT_ALIAS_REVERSE; - return iresult; - } + if (la->packetAliasMode & PKT_ALIAS_REVERSE) { + la->packetAliasMode &= ~PKT_ALIAS_REVERSE; + iresult = PacketAliasIn(ptr, maxpacketsize); + la->packetAliasMode |= PKT_ALIAS_REVERSE; + return iresult; + } + HouseKeeping(la); + ClearCheckNewLink(la); + pip = (struct ip *)ptr; - HouseKeeping(la); - ClearCheckNewLink(la); - pip = (struct ip *) ptr; + /* Defense against mangled packets */ + if (ntohs(pip->ip_len) > maxpacketsize + || (pip->ip_hl << 2) > maxpacketsize) + return PKT_ALIAS_IGNORED; - /* Defense against mangled packets */ - if (ntohs(pip->ip_len) > maxpacketsize - || (pip->ip_hl<<2) > maxpacketsize) - return PKT_ALIAS_IGNORED; + addr_save = GetDefaultAliasAddress(la); + if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY) { + u_long addr; + int iclass; - addr_save = GetDefaultAliasAddress(la); - if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY) - { - u_long addr; - int iclass; + iclass = 0; + addr = ntohl(pip->ip_src.s_addr); + if (addr >= UNREG_ADDR_C_LOWER && addr <= UNREG_ADDR_C_UPPER) + iclass = 3; + else if (addr >= UNREG_ADDR_B_LOWER && addr <= UNREG_ADDR_B_UPPER) + iclass = 2; + else if (addr >= UNREG_ADDR_A_LOWER && addr <= UNREG_ADDR_A_UPPER) + iclass = 1; - iclass = 0; - addr = ntohl(pip->ip_src.s_addr); - if (addr >= UNREG_ADDR_C_LOWER && addr <= UNREG_ADDR_C_UPPER) - iclass = 3; - else if (addr >= UNREG_ADDR_B_LOWER && addr <= UNREG_ADDR_B_UPPER) - iclass = 2; - else if (addr >= UNREG_ADDR_A_LOWER && addr <= UNREG_ADDR_A_UPPER) - iclass = 1; + if (iclass == 0) { + SetDefaultAliasAddress(la, pip->ip_src); + } + } else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) { + SetDefaultAliasAddress(la, pip->ip_src); + } + iresult = PKT_ALIAS_IGNORED; + if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) { + switch (pip->ip_p) { + case IPPROTO_ICMP: + iresult = IcmpAliasOut(la, pip); + break; + case IPPROTO_UDP: + iresult = UdpAliasOut(la, pip); + break; + case IPPROTO_TCP: + iresult = TcpAliasOut(la, pip, maxpacketsize); + break; + case IPPROTO_GRE: + if (AliasHandlePptpGreOut(la, pip) == 0) + iresult = PKT_ALIAS_OK; + else + iresult = ProtoAliasOut(la, pip); + break; + default: + iresult = ProtoAliasOut(la, pip); + break; + } + } else { + iresult = FragmentOut(la, pip); + } - if (iclass == 0) - { - SetDefaultAliasAddress(la, pip->ip_src); - } - } - else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - { - SetDefaultAliasAddress(la, pip->ip_src); - } - - iresult = PKT_ALIAS_IGNORED; - if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) - { - switch (pip->ip_p) - { - case IPPROTO_ICMP: - iresult = IcmpAliasOut(la, pip); - break; - case IPPROTO_UDP: - iresult = UdpAliasOut(la, pip); - break; - case IPPROTO_TCP: - iresult = TcpAliasOut(la, pip, maxpacketsize); - break; - case IPPROTO_GRE: - if (AliasHandlePptpGreOut(la, pip) == 0) - iresult = PKT_ALIAS_OK; - else - iresult = ProtoAliasOut(la, pip); - break; - default: - iresult = ProtoAliasOut(la, pip); - break; - } - } - else - { - iresult = FragmentOut(la, pip); - } - - SetDefaultAliasAddress(la, addr_save); - return(iresult); + SetDefaultAliasAddress(la, addr_save); + return (iresult); } int -LibAliasUnaliasOut(struct libalias *la, char *ptr, /* valid IP packet */ - int maxpacketsize /* for error checking */ - ) +LibAliasUnaliasOut(struct libalias *la, char *ptr, /* valid IP packet */ + int maxpacketsize /* for error checking */ +) { - struct ip *pip; - struct icmp *ic; - struct udphdr *ud; - struct tcphdr *tc; - struct alias_link *link; - int iresult = PKT_ALIAS_IGNORED; + struct ip *pip; + struct icmp *ic; + struct udphdr *ud; + struct tcphdr *tc; + struct alias_link *link; + int iresult = PKT_ALIAS_IGNORED; - pip = (struct ip *) ptr; + pip = (struct ip *)ptr; - /* Defense against mangled packets */ - if (ntohs(pip->ip_len) > maxpacketsize - || (pip->ip_hl<<2) > maxpacketsize) - return(iresult); + /* Defense against mangled packets */ + if (ntohs(pip->ip_len) > maxpacketsize + || (pip->ip_hl << 2) > maxpacketsize) + return (iresult); - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); - tc = (struct tcphdr *) ud; - ic = (struct icmp *) ud; + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)ud; + ic = (struct icmp *)ud; - /* Find a link */ - if (pip->ip_p == IPPROTO_UDP) - link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, - ud->uh_dport, ud->uh_sport, - IPPROTO_UDP, 0); - else if (pip->ip_p == IPPROTO_TCP) - link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, - tc->th_dport, tc->th_sport, - IPPROTO_TCP, 0); - else if (pip->ip_p == IPPROTO_ICMP) - link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0); - else - link = NULL; + /* Find a link */ + if (pip->ip_p == IPPROTO_UDP) + link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, + ud->uh_dport, ud->uh_sport, + IPPROTO_UDP, 0); + else if (pip->ip_p == IPPROTO_TCP) + link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, + tc->th_dport, tc->th_sport, + IPPROTO_TCP, 0); + else if (pip->ip_p == IPPROTO_ICMP) + link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0); + else + link = NULL; - /* Change it from an aliased packet to an unaliased packet */ - if (link != NULL) - { - if (pip->ip_p == IPPROTO_UDP || pip->ip_p == IPPROTO_TCP) - { - u_short *sptr; - int accumulate; - struct in_addr original_address; - u_short original_port; + /* Change it from an aliased packet to an unaliased packet */ + if (link != NULL) { + if (pip->ip_p == IPPROTO_UDP || pip->ip_p == IPPROTO_TCP) { + u_short *sptr; + int accumulate; + struct in_addr original_address; + u_short original_port; - original_address = GetOriginalAddress(link); - original_port = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_port = GetOriginalPort(link); - /* Adjust TCP/UDP checksum */ - sptr = (u_short *) &(pip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; + /* Adjust TCP/UDP checksum */ + sptr = (u_short *) & (pip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; - if (pip->ip_p == IPPROTO_UDP) { - accumulate += ud->uh_sport; - accumulate -= original_port; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); - } else { - accumulate += tc->th_sport; - accumulate -= original_port; - ADJUST_CHECKSUM(accumulate, tc->th_sum); - } + if (pip->ip_p == IPPROTO_UDP) { + accumulate += ud->uh_sport; + accumulate -= original_port; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + } else { + accumulate += tc->th_sport; + accumulate -= original_port; + ADJUST_CHECKSUM(accumulate, tc->th_sum); + } - /* Adjust IP checksum */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_src, - 2); + /* Adjust IP checksum */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_src, + 2); - /* Un-alias source address and port number */ - pip->ip_src = original_address; - if (pip->ip_p == IPPROTO_UDP) - ud->uh_sport = original_port; - else - tc->th_sport = original_port; + /* Un-alias source address and port number */ + pip->ip_src = original_address; + if (pip->ip_p == IPPROTO_UDP) + ud->uh_sport = original_port; + else + tc->th_sport = original_port; - iresult = PKT_ALIAS_OK; + iresult = PKT_ALIAS_OK; - } else if (pip->ip_p == IPPROTO_ICMP) { + } else if (pip->ip_p == IPPROTO_ICMP) { - u_short *sptr; - int accumulate; - struct in_addr original_address; - u_short original_id; + u_short *sptr; + int accumulate; + struct in_addr original_address; + u_short original_id; - original_address = GetOriginalAddress(link); - original_id = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_id = GetOriginalPort(link); - /* Adjust ICMP checksum */ - sptr = (u_short *) &(pip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ic->icmp_id; - accumulate -= original_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + /* Adjust ICMP checksum */ + sptr = (u_short *) & (pip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ic->icmp_id; + accumulate -= original_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); - /* Adjust IP checksum */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_src, - 2); + /* Adjust IP checksum */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_src, + 2); - /* Un-alias source address and port number */ - pip->ip_src = original_address; - ic->icmp_id = original_id; + /* Un-alias source address and port number */ + pip->ip_src = original_address; + ic->icmp_id = original_id; - iresult = PKT_ALIAS_OK; - } - } - return(iresult); + iresult = PKT_ALIAS_OK; + } + } + return (iresult); } diff --git a/lib/libalias/alias.h b/lib/libalias/alias.h index d714126ae46c..0f5ba701565e 100644 --- a/lib/libalias/alias.h +++ b/lib/libalias/alias.h @@ -47,11 +47,11 @@ * PacketAlias*() the old API which doesn't take an instance pointer * and therefore can only have one packet engine at a time. * - * LibAlias*() the new API which takes as first argument a pointer to + * LibAlias*() the new API which takes as first argument a pointer to * the instance of the packet aliasing engine. * * The functions otherwise correspond to each other one for one, except - * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were + * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were * were misnamed in the old API. */ @@ -66,107 +66,109 @@ struct libalias; * PacketAliasRedirectProto(), passed to PacketAliasAddServer(), * and freed by PacketAliasRedirectDelete(). */ -struct alias_link; +struct alias_link; /* OLD API */ /* Initialization and control functions. */ -void PacketAliasInit(void); -void PacketAliasSetAddress(struct in_addr _addr); -void PacketAliasSetFWBase(unsigned int _base, unsigned int _num); -void PacketAliasSetSkinnyPort(unsigned int _port); +void PacketAliasInit(void); +void PacketAliasSetAddress(struct in_addr _addr); +void PacketAliasSetFWBase(unsigned int _base, unsigned int _num); +void PacketAliasSetSkinnyPort(unsigned int _port); unsigned int - PacketAliasSetMode(unsigned int _flags, unsigned int _mask); -void PacketAliasUninit(void); + PacketAliasSetMode(unsigned int _flags, unsigned int _mask); +void PacketAliasUninit(void); /* Packet Handling functions. */ -int PacketAliasIn(char *_ptr, int _maxpacketsize); -int PacketAliasOut(char *_ptr, int _maxpacketsize); -int PacketUnaliasOut(char *_ptr, int _maxpacketsize); +int PacketAliasIn(char *_ptr, int _maxpacketsize); +int PacketAliasOut(char *_ptr, int _maxpacketsize); +int PacketUnaliasOut(char *_ptr, int _maxpacketsize); /* Port and address redirection functions. */ -int PacketAliasAddServer(struct alias_link *_link, - struct in_addr _addr, unsigned short _port); +int +PacketAliasAddServer(struct alias_link *_link, + struct in_addr _addr, unsigned short _port); struct alias_link * - PacketAliasRedirectAddr(struct in_addr _src_addr, - struct in_addr _alias_addr); -int PacketAliasRedirectDynamic(struct alias_link *_link); -void PacketAliasRedirectDelete(struct alias_link *_link); +PacketAliasRedirectAddr(struct in_addr _src_addr, + struct in_addr _alias_addr); +int PacketAliasRedirectDynamic(struct alias_link *_link); +void PacketAliasRedirectDelete(struct alias_link *_link); struct alias_link * - PacketAliasRedirectPort(struct in_addr _src_addr, - unsigned short _src_port, struct in_addr _dst_addr, - unsigned short _dst_port, struct in_addr _alias_addr, - unsigned short _alias_port, unsigned char _proto); +PacketAliasRedirectPort(struct in_addr _src_addr, + unsigned short _src_port, struct in_addr _dst_addr, + unsigned short _dst_port, struct in_addr _alias_addr, + unsigned short _alias_port, unsigned char _proto); struct alias_link * - PacketAliasRedirectProto(struct in_addr _src_addr, - struct in_addr _dst_addr, struct in_addr _alias_addr, - unsigned char _proto); +PacketAliasRedirectProto(struct in_addr _src_addr, + struct in_addr _dst_addr, struct in_addr _alias_addr, + unsigned char _proto); /* Fragment Handling functions. */ -void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment); -char *PacketAliasGetFragment(char *_ptr); -int PacketAliasSaveFragment(char *_ptr); +void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment); +char *PacketAliasGetFragment(char *_ptr); +int PacketAliasSaveFragment(char *_ptr); /* Miscellaneous functions. */ -int PacketAliasCheckNewLink(void); +int PacketAliasCheckNewLink(void); unsigned short - PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes); -void PacketAliasSetTarget(struct in_addr _target_addr); + PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes); +void PacketAliasSetTarget(struct in_addr _target_addr); /* Transparent proxying routines. */ -int PacketAliasProxyRule(const char *_cmd); +int PacketAliasProxyRule(const char *_cmd); /* NEW API */ /* Initialization and control functions. */ -struct libalias *LibAliasInit(struct libalias *); -void LibAliasSetAddress(struct libalias *, struct in_addr _addr); -void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num); -void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port); +struct libalias *LibAliasInit(struct libalias *); +void LibAliasSetAddress(struct libalias *, struct in_addr _addr); +void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num); +void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port); unsigned int - LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); -void LibAliasUninit(struct libalias *); + LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); +void LibAliasUninit(struct libalias *); /* Packet Handling functions. */ -int LibAliasIn(struct libalias *, char *_ptr, int _maxpacketsize); -int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize); -int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize); +int LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize); +int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize); +int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize); /* Port and address redirection functions. */ -int LibAliasAddServer(struct libalias *, struct alias_link *_link, - struct in_addr _addr, unsigned short _port); +int +LibAliasAddServer(struct libalias *, struct alias_link *_link, + struct in_addr _addr, unsigned short _port); struct alias_link * - LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, - struct in_addr _alias_addr); -int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link); -void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link); +LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, + struct in_addr _alias_addr); +int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link); +void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link); struct alias_link * - LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, - unsigned short _src_port, struct in_addr _dst_addr, - unsigned short _dst_port, struct in_addr _alias_addr, - unsigned short _alias_port, unsigned char _proto); +LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, + unsigned short _src_port, struct in_addr _dst_addr, + unsigned short _dst_port, struct in_addr _alias_addr, + unsigned short _alias_port, unsigned char _proto); struct alias_link * - LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, - struct in_addr _dst_addr, struct in_addr _alias_addr, - unsigned char _proto); +LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, + struct in_addr _dst_addr, struct in_addr _alias_addr, + unsigned char _proto); /* Fragment Handling functions. */ -void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment); -char *LibAliasGetFragment(struct libalias *, char *_ptr); -int LibAliasSaveFragment(struct libalias *, char *_ptr); +void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment); +char *LibAliasGetFragment(struct libalias *, char *_ptr); +int LibAliasSaveFragment(struct libalias *, char *_ptr); /* Miscellaneous functions. */ -int LibAliasCheckNewLink(struct libalias *); +int LibAliasCheckNewLink(struct libalias *); unsigned short - LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); -void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr); + LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); +void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr); /* Transparent proxying routines. */ -int LibAliasProxyRule(struct libalias *, const char *_cmd); +int LibAliasProxyRule(struct libalias *, const char *_cmd); /* @@ -257,6 +259,6 @@ int LibAliasProxyRule(struct libalias *, const char *_cmd); #define PKT_ALIAS_UNRESOLVED_FRAGMENT 3 #define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4 -#endif /* !_ALIAS_H_ */ +#endif /* !_ALIAS_H_ */ /* lint -restore */ diff --git a/lib/libalias/alias_cuseeme.c b/lib/libalias/alias_cuseeme.c index 455973f56d6d..4b0f5a5ddc10 100644 --- a/lib/libalias/alias_cuseeme.c +++ b/lib/libalias/alias_cuseeme.c @@ -40,83 +40,84 @@ __FBSDID("$FreeBSD$"); /* CU-SeeMe Data Header */ struct cu_header { - u_int16_t dest_family; - u_int16_t dest_port; - u_int32_t dest_addr; - int16_t family; - u_int16_t port; - u_int32_t addr; - u_int32_t seq; - u_int16_t msg; - u_int16_t data_type; - u_int16_t packet_len; + u_int16_t dest_family; + u_int16_t dest_port; + u_int32_t dest_addr; + int16_t family; + u_int16_t port; + u_int32_t addr; + u_int32_t seq; + u_int16_t msg; + u_int16_t data_type; + u_int16_t packet_len; }; /* Open Continue Header */ struct oc_header { - u_int16_t client_count; /* Number of client info structs */ - u_int32_t seq_no; - char user_name[20]; - char reserved[4]; /* flags, version stuff, etc */ + u_int16_t client_count; /* Number of client info structs */ + u_int32_t seq_no; + char user_name [20]; + char reserved [4]; /* flags, version stuff, etc */ }; /* client info structures */ struct client_info { - u_int32_t address; /* Client address */ - char reserved[8]; /* Flags, pruning bitfield, packet counts etc */ + u_int32_t address;/* Client address */ + char reserved [8]; /* Flags, pruning bitfield, packet + * counts etc */ }; void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *pip, struct alias_link *link) { - struct udphdr *ud; + struct udphdr *ud; - ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) { - struct cu_header *cu; - struct alias_link *cu_link; + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) { + struct cu_header *cu; + struct alias_link *cu_link; - cu = (struct cu_header *)(ud + 1); - if (cu->addr) - cu->addr = (u_int32_t)GetAliasAddress(link).s_addr; + cu = (struct cu_header *)(ud + 1); + if (cu->addr) + cu->addr = (u_int32_t) GetAliasAddress(link).s_addr; - cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), - ud->uh_dport, 0, IPPROTO_UDP, 1); + cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), + ud->uh_dport, 0, IPPROTO_UDP, 1); #ifndef NO_FW_PUNCH - if (cu_link) - PunchFWHole(cu_link); + if (cu_link) + PunchFWHole(cu_link); #endif - } + } } void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *pip, struct in_addr original_addr) { - struct in_addr alias_addr; - struct udphdr *ud; - struct cu_header *cu; - struct oc_header *oc; - struct client_info *ci; - char *end; - int i; + struct in_addr alias_addr; + struct udphdr *ud; + struct cu_header *cu; + struct oc_header *oc; + struct client_info *ci; + char *end; + int i; - alias_addr.s_addr = pip->ip_dst.s_addr; - ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - cu = (struct cu_header *)(ud + 1); - oc = (struct oc_header *)(cu + 1); - ci = (struct client_info *)(oc + 1); - end = (char *)ud + ntohs(ud->uh_ulen); + alias_addr.s_addr = pip->ip_dst.s_addr; + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + cu = (struct cu_header *)(ud + 1); + oc = (struct oc_header *)(cu + 1); + ci = (struct client_info *)(oc + 1); + end = (char *)ud + ntohs(ud->uh_ulen); - if ((char *)oc <= end) { - if(cu->dest_addr) - cu->dest_addr = (u_int32_t)original_addr.s_addr; - if(ntohs(cu->data_type) == 101) - /* Find and change our address */ - for(i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++) - if(ci->address == (u_int32_t)alias_addr.s_addr) { - ci->address = (u_int32_t)original_addr.s_addr; - break; - } - } + if ((char *)oc <= end) { + if (cu->dest_addr) + cu->dest_addr = (u_int32_t) original_addr.s_addr; + if (ntohs(cu->data_type) == 101) + /* Find and change our address */ + for (i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++) + if (ci->address == (u_int32_t) alias_addr.s_addr) { + ci->address = (u_int32_t) original_addr.s_addr; + break; + } + } } diff --git a/lib/libalias/alias_db.c b/lib/libalias/alias_db.c index 92f8814bcf2e..039db039311d 100644 --- a/lib/libalias/alias_db.c +++ b/lib/libalias/alias_db.c @@ -1,5 +1,3 @@ -/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- */ - /*- * Copyright (c) 2001 Charles Mott * All rights reserved. @@ -167,7 +165,7 @@ __FBSDID("$FreeBSD$"); #include "alias_local.h" -static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); +static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); /* @@ -190,23 +188,23 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); /* When the link has been used and closed - minimal grace time to allow ACKs and potential re-connect in FTP (XXX - is this allowed?) */ #ifndef TCP_EXPIRE_DEAD -# define TCP_EXPIRE_DEAD 10 +#define TCP_EXPIRE_DEAD 10 #endif /* When the link has been used and closed on one side - the other side is allowed to still send data */ #ifndef TCP_EXPIRE_SINGLEDEAD -# define TCP_EXPIRE_SINGLEDEAD 90 +#define TCP_EXPIRE_SINGLEDEAD 90 #endif /* When the link isn't yet up */ #ifndef TCP_EXPIRE_INITIAL -# define TCP_EXPIRE_INITIAL 300 +#define TCP_EXPIRE_INITIAL 300 #endif /* When the link is up */ #ifndef TCP_EXPIRE_CONNECTED -# define TCP_EXPIRE_CONNECTED 86400 +#define TCP_EXPIRE_CONNECTED 86400 #endif @@ -246,53 +244,52 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); port and link type. */ -struct ack_data_record /* used to save changes to ACK/sequence numbers */ -{ - u_long ack_old; - u_long ack_new; - int delta; - int active; +struct ack_data_record { /* used to save changes to ACK/sequence + * numbers */ + u_long ack_old; + u_long ack_new; + int delta; + int active; }; -struct tcp_state /* Information about TCP connection */ -{ - int in; /* State for outside -> inside */ - int out; /* State for inside -> outside */ - int index; /* Index to ACK data array */ - int ack_modified; /* Indicates whether ACK and sequence numbers */ - /* been modified */ +struct tcp_state { /* Information about TCP connection */ + int in; /* State for outside -> inside */ + int out; /* State for inside -> outside */ + int index; /* Index to ACK data array */ + int ack_modified; /* Indicates whether ACK and + * sequence numbers */ + /* been modified */ }; -#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes - saved for a modified TCP stream */ -struct tcp_dat -{ - struct tcp_state state; - struct ack_data_record ack[N_LINK_TCP_DATA]; - int fwhole; /* Which firewall record is used for this hole? */ +#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes + * saved for a modified TCP stream */ +struct tcp_dat { + struct tcp_state state; + struct ack_data_record ack[N_LINK_TCP_DATA]; + int fwhole; /* Which firewall record is used for this + * hole? */ }; -struct server /* LSNAT server pool (circular list) */ -{ - struct in_addr addr; - u_short port; - struct server *next; +struct server { /* LSNAT server pool (circular list) */ + struct in_addr addr; + u_short port; + struct server *next; }; -struct alias_link /* Main data structure */ -{ - struct libalias *la; - struct in_addr src_addr; /* Address and port information */ - struct in_addr dst_addr; - struct in_addr alias_addr; - struct in_addr proxy_addr; - u_short src_port; - u_short dst_port; - u_short alias_port; - u_short proxy_port; - struct server *server; +struct alias_link { /* Main data structure */ + struct libalias *la; + struct in_addr src_addr; /* Address and port information */ + struct in_addr dst_addr; + struct in_addr alias_addr; + struct in_addr proxy_addr; + u_short src_port; + u_short dst_port; + u_short alias_port; + u_short proxy_port; + struct server *server; - int link_type; /* Type of link: TCP, UDP, ICMP, proto, frag */ + int link_type; /* Type of link: TCP, UDP, ICMP, + * proto, frag */ /* values for link_type */ #define LINK_ICMP IPPROTO_ICMP @@ -303,30 +300,31 @@ struct alias_link /* Main data structure */ #define LINK_ADDR (IPPROTO_MAX + 3) #define LINK_PPTP (IPPROTO_MAX + 4) - int flags; /* indicates special characteristics */ - int pflags; /* protocol-specific flags */ + int flags; /* indicates special characteristics */ + int pflags; /* protocol-specific flags */ /* flag bits */ #define LINK_UNKNOWN_DEST_PORT 0x01 #define LINK_UNKNOWN_DEST_ADDR 0x02 #define LINK_PERMANENT 0x04 -#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */ +#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */ #define LINK_UNFIREWALLED 0x08 - int timestamp; /* Time link was last accessed */ - int expire_time; /* Expire time for link */ + int timestamp; /* Time link was last accessed */ + int expire_time; /* Expire time for link */ - int sockfd; /* socket descriptor */ + int sockfd; /* socket descriptor */ - LIST_ENTRY(alias_link) list_out; /* Linked list of pointers for */ - LIST_ENTRY(alias_link) list_in; /* input and output lookup tables */ + LIST_ENTRY (alias_link) list_out; /* Linked list of + * pointers for */ + LIST_ENTRY (alias_link) list_in; /* input and output + * lookup tables */ - union /* Auxiliary data */ - { - char *frag_ptr; - struct in_addr frag_addr; - struct tcp_dat *tcp; - } data; + union { /* Auxiliary data */ + char *frag_ptr; + struct in_addr frag_addr; + struct tcp_dat *tcp; + } data; }; /* Internal utility routines (used only in alias_db.c) @@ -344,56 +342,58 @@ Lookup table starting points: /* Local prototypes */ -static u_int StartPointIn(struct in_addr, u_short, int); +static u_int StartPointIn(struct in_addr, u_short, int); -static u_int StartPointOut(struct in_addr, struct in_addr, - u_short, u_short, int); +static u_int +StartPointOut(struct in_addr, struct in_addr, + u_short, u_short, int); -static int SeqDiff(u_long, u_long); +static int SeqDiff(u_long, u_long); -static void ShowAliasStats(struct libalias *); +static void ShowAliasStats(struct libalias *); #ifndef NO_FW_PUNCH /* Firewall control */ -static void InitPunchFW(struct libalias *la); -static void UninitPunchFW(struct libalias *la); -static void ClearFWHole(struct alias_link *link); +static void InitPunchFW(struct libalias *la); +static void UninitPunchFW(struct libalias *la); +static void ClearFWHole(struct alias_link *link); + #endif /* Log file control */ -static void InitPacketAliasLog(struct libalias *la); -static void UninitPacketAliasLog(struct libalias *la); +static void InitPacketAliasLog(struct libalias *la); +static void UninitPacketAliasLog(struct libalias *la); -static u_int +static u_int StartPointIn(struct in_addr alias_addr, - u_short alias_port, - int link_type) + u_short alias_port, + int link_type) { - u_int n; + u_int n; - n = alias_addr.s_addr; - if (link_type != LINK_PPTP) - n += alias_port; - n += link_type; - return(n % LINK_TABLE_IN_SIZE); + n = alias_addr.s_addr; + if (link_type != LINK_PPTP) + n += alias_port; + n += link_type; + return (n % LINK_TABLE_IN_SIZE); } -static u_int +static u_int StartPointOut(struct in_addr src_addr, struct in_addr dst_addr, - u_short src_port, u_short dst_port, int link_type) + u_short src_port, u_short dst_port, int link_type) { - u_int n; + u_int n; - n = src_addr.s_addr; - n += dst_addr.s_addr; - if (link_type != LINK_PPTP) { - n += src_port; - n += dst_port; - } - n += link_type; + n = src_addr.s_addr; + n += dst_addr.s_addr; + if (link_type != LINK_PPTP) { + n += src_port; + n += dst_port; + } + n += link_type; - return(n % LINK_TABLE_OUT_SIZE); + return (n % LINK_TABLE_OUT_SIZE); } @@ -407,7 +407,7 @@ SeqDiff(u_long x, u_long y) arithmetic conditions that need to be considered. */ - return (ntohl(y) - ntohl(x)); + return (ntohl(y) - ntohl(x)); } @@ -416,29 +416,28 @@ ShowAliasStats(struct libalias *la) { /* Used for debugging */ - if (la->monitorFile) - { - fprintf(la->monitorFile, - "icmp=%d, udp=%d, tcp=%d, pptp=%d, proto=%d, frag_id=%d frag_ptr=%d", - la->icmpLinkCount, - la->udpLinkCount, - la->tcpLinkCount, - la->pptpLinkCount, - la->protoLinkCount, - la->fragmentIdLinkCount, - la->fragmentPtrLinkCount); + if (la->monitorFile) { + fprintf(la->monitorFile, + "icmp=%d, udp=%d, tcp=%d, pptp=%d, proto=%d, frag_id=%d frag_ptr=%d", + la->icmpLinkCount, + la->udpLinkCount, + la->tcpLinkCount, + la->pptpLinkCount, + la->protoLinkCount, + la->fragmentIdLinkCount, + la->fragmentPtrLinkCount); - fprintf(la->monitorFile, " / tot=%d (sock=%d)\n", - la->icmpLinkCount + la->udpLinkCount - + la->tcpLinkCount - + la->pptpLinkCount - + la->protoLinkCount - + la->fragmentIdLinkCount - + la->fragmentPtrLinkCount, - la->sockCount); + fprintf(la->monitorFile, " / tot=%d (sock=%d)\n", + la->icmpLinkCount + la->udpLinkCount + + la->tcpLinkCount + + la->pptpLinkCount + + la->protoLinkCount + + la->fragmentIdLinkCount + + la->fragmentPtrLinkCount, + la->sockCount); - fflush(la->monitorFile); - } + fflush(la->monitorFile); + } } @@ -467,30 +466,30 @@ Port search: */ /* Local prototypes */ -static int GetNewPort(struct libalias *, struct alias_link *, int); +static int GetNewPort(struct libalias *, struct alias_link *, int); -static u_short GetSocket(struct libalias *, u_short, int *, int); +static u_short GetSocket(struct libalias *, u_short, int *, int); -static void CleanupAliasData(struct libalias *); +static void CleanupAliasData(struct libalias *); -static void IncrementalCleanup(struct libalias *); +static void IncrementalCleanup(struct libalias *); -static void DeleteLink(struct alias_link *); +static void DeleteLink(struct alias_link *); static struct alias_link * AddLink(struct libalias *, struct in_addr, struct in_addr, struct in_addr, - u_short, u_short, int, int); + u_short, u_short, int, int); static struct alias_link * ReLink(struct alias_link *, - struct in_addr, struct in_addr, struct in_addr, - u_short, u_short, int, int); + struct in_addr, struct in_addr, struct in_addr, + u_short, u_short, int, int); static struct alias_link * -FindLinkOut(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); + FindLinkOut (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); static struct alias_link * -FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); + FindLinkIn (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); #define ALIAS_PORT_BASE 0x08000 @@ -511,10 +510,10 @@ FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, static int GetNewPort(struct libalias *la, struct alias_link *link, int alias_port_param) { - int i; - int max_trials; - u_short port_sys; - u_short port_net; + int i; + int max_trials; + u_short port_sys; + u_short port_net; /* Description of alias_port_param for GetNewPort(). When @@ -526,148 +525,126 @@ GetNewPort(struct libalias *la, struct alias_link *link, int alias_port_param) selected port number. */ - if (alias_port_param == GET_ALIAS_PORT) - { - /* - * The aliasing port is automatically selected - * by one of two methods below: - */ - max_trials = GET_NEW_PORT_MAX_ATTEMPTS; + if (alias_port_param == GET_ALIAS_PORT) { + /* + * The aliasing port is automatically selected by one of + * two methods below: + */ + max_trials = GET_NEW_PORT_MAX_ATTEMPTS; - if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) - { - /* - * When the PKT_ALIAS_SAME_PORTS option is - * chosen, the first try will be the - * actual source port. If this is already - * in use, the remainder of the trials - * will be random. - */ - port_net = link->src_port; - port_sys = ntohs(port_net); - } - else - { - /* First trial and all subsequent are random. */ - port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - port_net = htons(port_sys); - } - } - else if (alias_port_param >= 0 && alias_port_param < 0x10000) - { - link->alias_port = (u_short) alias_port_param; - return(0); - } - else - { + if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) { + /* + * When the PKT_ALIAS_SAME_PORTS option is chosen, + * the first try will be the actual source port. If + * this is already in use, the remainder of the + * trials will be random. + */ + port_net = link->src_port; + port_sys = ntohs(port_net); + } else { + /* First trial and all subsequent are random. */ + port_sys = random() & ALIAS_PORT_MASK; + port_sys += ALIAS_PORT_BASE; + port_net = htons(port_sys); + } + } else if (alias_port_param >= 0 && alias_port_param < 0x10000) { + link->alias_port = (u_short) alias_port_param; + return (0); + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetNewPort(): "); - fprintf(stderr, "input parameter error\n"); + fprintf(stderr, "PacketAlias/GetNewPort(): "); + fprintf(stderr, "input parameter error\n"); #endif - return(-1); - } + return (-1); + } /* Port number search */ - for (i=0; idst_addr, link->alias_addr, - link->dst_port, port_net, - link->link_type, 0); + search_result = FindLinkIn(la, link->dst_addr, link->alias_addr, + link->dst_port, port_net, + link->link_type, 0); - if (search_result == NULL) - go_ahead = 1; - else if (!(link->flags & LINK_PARTIALLY_SPECIFIED) - && (search_result->flags & LINK_PARTIALLY_SPECIFIED)) - go_ahead = 1; - else - go_ahead = 0; + if (search_result == NULL) + go_ahead = 1; + else if (!(link->flags & LINK_PARTIALLY_SPECIFIED) + && (search_result->flags & LINK_PARTIALLY_SPECIFIED)) + go_ahead = 1; + else + go_ahead = 0; - if (go_ahead) - { - if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS) - && (link->flags & LINK_PARTIALLY_SPECIFIED) - && ((link->link_type == LINK_TCP) || - (link->link_type == LINK_UDP))) - { - if (GetSocket(la, port_net, &link->sockfd, link->link_type)) - { - link->alias_port = port_net; - return(0); - } - } - else - { - link->alias_port = port_net; - return(0); - } - } - - port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - port_net = htons(port_sys); - } + if (go_ahead) { + if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS) + && (link->flags & LINK_PARTIALLY_SPECIFIED) + && ((link->link_type == LINK_TCP) || + (link->link_type == LINK_UDP))) { + if (GetSocket(la, port_net, &link->sockfd, link->link_type)) { + link->alias_port = port_net; + return (0); + } + } else { + link->alias_port = port_net; + return (0); + } + } + port_sys = random() & ALIAS_PORT_MASK; + port_sys += ALIAS_PORT_BASE; + port_net = htons(port_sys); + } #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetnewPort(): "); - fprintf(stderr, "could not find free port\n"); + fprintf(stderr, "PacketAlias/GetnewPort(): "); + fprintf(stderr, "could not find free port\n"); #endif - return(-1); + return (-1); } -static u_short +static u_short GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type) { - int err; - int sock; - struct sockaddr_in sock_addr; + int err; + int sock; + struct sockaddr_in sock_addr; - if (link_type == LINK_TCP) - sock = socket(AF_INET, SOCK_STREAM, 0); - else if (link_type == LINK_UDP) - sock = socket(AF_INET, SOCK_DGRAM, 0); - else - { + if (link_type == LINK_TCP) + sock = socket(AF_INET, SOCK_STREAM, 0); + else if (link_type == LINK_UDP) + sock = socket(AF_INET, SOCK_DGRAM, 0); + else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetSocket(): "); - fprintf(stderr, "incorrect link type\n"); + fprintf(stderr, "PacketAlias/GetSocket(): "); + fprintf(stderr, "incorrect link type\n"); #endif - return(0); - } + return (0); + } - if (sock < 0) - { + if (sock < 0) { #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetSocket(): "); - fprintf(stderr, "socket() error %d\n", *sockfd); + fprintf(stderr, "PacketAlias/GetSocket(): "); + fprintf(stderr, "socket() error %d\n", *sockfd); #endif - return(0); - } + return (0); + } + sock_addr.sin_family = AF_INET; + sock_addr.sin_addr.s_addr = htonl(INADDR_ANY); + sock_addr.sin_port = port_net; - sock_addr.sin_family = AF_INET; - sock_addr.sin_addr.s_addr = htonl(INADDR_ANY); - sock_addr.sin_port = port_net; - - err = bind(sock, - (struct sockaddr *) &sock_addr, - sizeof(sock_addr)); - if (err == 0) - { - la->sockCount++; - *sockfd = sock; - return(1); - } - else - { - close(sock); - return(0); - } + err = bind(sock, + (struct sockaddr *)&sock_addr, + sizeof(sock_addr)); + if (err == 0) { + la->sockCount++; + *sockfd = sock; + return (1); + } else { + close(sock); + return (0); + } } @@ -679,661 +656,612 @@ GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type) int FindNewPortGroup(struct libalias *la, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_short src_port, - u_short dst_port, - u_short port_count, - u_char proto, - u_char align) + struct in_addr dst_addr, + struct in_addr alias_addr, + u_short src_port, + u_short dst_port, + u_short port_count, + u_char proto, + u_char align) { - int i, j; - int max_trials; - u_short port_sys; - int link_type; + int i, j; + int max_trials; + u_short port_sys; + int link_type; - /* - * Get link_type from protocol - */ + /* + * Get link_type from protocol + */ - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return (0); - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return (0); + break; + } - /* - * The aliasing port is automatically selected - * by one of two methods below: - */ - max_trials = GET_NEW_PORT_MAX_ATTEMPTS; + /* + * The aliasing port is automatically selected by one of two + * methods below: + */ + max_trials = GET_NEW_PORT_MAX_ATTEMPTS; - if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) { - /* - * When the ALIAS_SAME_PORTS option is - * chosen, the first try will be the - * actual source port. If this is already - * in use, the remainder of the trials - * will be random. - */ - port_sys = ntohs(src_port); + if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) { + /* + * When the ALIAS_SAME_PORTS option is chosen, the first + * try will be the actual source port. If this is already + * in use, the remainder of the trials will be random. + */ + port_sys = ntohs(src_port); - } else { + } else { - /* First trial and all subsequent are random. */ - if (align == FIND_EVEN_ALIAS_BASE) - port_sys = random() & ALIAS_PORT_MASK_EVEN; - else - port_sys = random() & ALIAS_PORT_MASK; + /* First trial and all subsequent are random. */ + if (align == FIND_EVEN_ALIAS_BASE) + port_sys = random() & ALIAS_PORT_MASK_EVEN; + else + port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - } + port_sys += ALIAS_PORT_BASE; + } /* Port number search */ - for (i = 0; i < max_trials; i++) { + for (i = 0; i < max_trials; i++) { - struct alias_link *search_result; + struct alias_link *search_result; - for (j = 0; j < port_count; j++) - if (0 != (search_result = FindLinkIn(la, dst_addr, alias_addr, - dst_port, htons(port_sys + j), - link_type, 0))) - break; + for (j = 0; j < port_count; j++) + if (0 != (search_result = FindLinkIn(la, dst_addr, alias_addr, + dst_port, htons(port_sys + j), + link_type, 0))) + break; - /* Found a good range, return base */ - if (j == port_count) - return (htons(port_sys)); + /* Found a good range, return base */ + if (j == port_count) + return (htons(port_sys)); - /* Find a new base to try */ - if (align == FIND_EVEN_ALIAS_BASE) - port_sys = random() & ALIAS_PORT_MASK_EVEN; - else - port_sys = random() & ALIAS_PORT_MASK; + /* Find a new base to try */ + if (align == FIND_EVEN_ALIAS_BASE) + port_sys = random() & ALIAS_PORT_MASK_EVEN; + else + port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - } + port_sys += ALIAS_PORT_BASE; + } #ifdef DEBUG - fprintf(stderr, "PacketAlias/FindNewPortGroup(): "); - fprintf(stderr, "could not find free port(s)\n"); + fprintf(stderr, "PacketAlias/FindNewPortGroup(): "); + fprintf(stderr, "could not find free port(s)\n"); #endif - return(0); + return (0); } static void CleanupAliasData(struct libalias *la) { - struct alias_link *link; - int i, icount; + struct alias_link *link; + int i, icount; - icount = 0; - for (i=0; ilinkTableOut[i]); - while (link != NULL) - { - struct alias_link *link_next; - link_next = LIST_NEXT(link, list_out); - icount++; - DeleteLink(link); - link = link_next; - } - } + icount = 0; + for (i = 0; i < LINK_TABLE_OUT_SIZE; i++) { + link = LIST_FIRST(&la->linkTableOut[i]); + while (link != NULL) { + struct alias_link *link_next; - la->cleanupIndex =0; + link_next = LIST_NEXT(link, list_out); + icount++; + DeleteLink(link); + link = link_next; + } + } + + la->cleanupIndex = 0; } static void IncrementalCleanup(struct libalias *la) { - int icount; - struct alias_link *link; + int icount; + struct alias_link *link; - icount = 0; - link = LIST_FIRST(&la->linkTableOut[la->cleanupIndex++]); - while (link != NULL) - { - int idelta; - struct alias_link *link_next; + icount = 0; + link = LIST_FIRST(&la->linkTableOut[la->cleanupIndex++]); + while (link != NULL) { + int idelta; + struct alias_link *link_next; - link_next = LIST_NEXT(link, list_out); - idelta = la->timeStamp - link->timestamp; - switch (link->link_type) - { - case LINK_TCP: - if (idelta > link->expire_time) - { - struct tcp_dat *tcp_aux; + link_next = LIST_NEXT(link, list_out); + idelta = la->timeStamp - link->timestamp; + switch (link->link_type) { + case LINK_TCP: + if (idelta > link->expire_time) { + struct tcp_dat *tcp_aux; - tcp_aux = link->data.tcp; - if (tcp_aux->state.in != ALIAS_TCP_STATE_CONNECTED - || tcp_aux->state.out != ALIAS_TCP_STATE_CONNECTED) - { - DeleteLink(link); - icount++; - } - } - break; - default: - if (idelta > link->expire_time) - { - DeleteLink(link); - icount++; - } - break; - } - link = link_next; - } + tcp_aux = link->data.tcp; + if (tcp_aux->state.in != ALIAS_TCP_STATE_CONNECTED + || tcp_aux->state.out != ALIAS_TCP_STATE_CONNECTED) { + DeleteLink(link); + icount++; + } + } + break; + default: + if (idelta > link->expire_time) { + DeleteLink(link); + icount++; + } + break; + } + link = link_next; + } - if (la->cleanupIndex == LINK_TABLE_OUT_SIZE) - la->cleanupIndex = 0; + if (la->cleanupIndex == LINK_TABLE_OUT_SIZE) + la->cleanupIndex = 0; } static void DeleteLink(struct alias_link *link) { - struct libalias *la = link->la; + struct libalias *la = link->la; /* Don't do anything if the link is marked permanent */ - if (la->deleteAllLinks == 0 && link->flags & LINK_PERMANENT) - return; + if (la->deleteAllLinks == 0 && link->flags & LINK_PERMANENT) + return; #ifndef NO_FW_PUNCH /* Delete associated firewall hole, if any */ - ClearFWHole(link); + ClearFWHole(link); #endif /* Free memory allocated for LSNAT server pool */ - if (link->server != NULL) { - struct server *head, *curr, *next; - - head = curr = link->server; - do { - next = curr->next; - free(curr); - } while ((curr = next) != head); - } + if (link->server != NULL) { + struct server *head, *curr, *next; + head = curr = link->server; + do { + next = curr->next; + free(curr); + } while ((curr = next) != head); + } /* Adjust output table pointers */ - LIST_REMOVE(link, list_out); + LIST_REMOVE(link, list_out); /* Adjust input table pointers */ - LIST_REMOVE(link, list_in); + LIST_REMOVE(link, list_in); /* Close socket, if one has been allocated */ - if (link->sockfd != -1) - { - la->sockCount--; - close(link->sockfd); - } - + if (link->sockfd != -1) { + la->sockCount--; + close(link->sockfd); + } /* Link-type dependent cleanup */ - switch(link->link_type) - { - case LINK_ICMP: - la->icmpLinkCount--; - break; - case LINK_UDP: - la->udpLinkCount--; - break; - case LINK_TCP: - la->tcpLinkCount--; - free(link->data.tcp); - break; - case LINK_PPTP: - la->pptpLinkCount--; - break; - case LINK_FRAGMENT_ID: - la->fragmentIdLinkCount--; - break; - case LINK_FRAGMENT_PTR: - la->fragmentPtrLinkCount--; - if (link->data.frag_ptr != NULL) - free(link->data.frag_ptr); - break; + switch (link->link_type) { + case LINK_ICMP: + la->icmpLinkCount--; + break; + case LINK_UDP: + la->udpLinkCount--; + break; + case LINK_TCP: + la->tcpLinkCount--; + free(link->data.tcp); + break; + case LINK_PPTP: + la->pptpLinkCount--; + break; + case LINK_FRAGMENT_ID: + la->fragmentIdLinkCount--; + break; + case LINK_FRAGMENT_PTR: + la->fragmentPtrLinkCount--; + if (link->data.frag_ptr != NULL) + free(link->data.frag_ptr); + break; case LINK_ADDR: - break; - default: - la->protoLinkCount--; - break; - } + break; + default: + la->protoLinkCount--; + break; + } /* Free memory */ - free(link); + free(link); /* Write statistics, if logging enabled */ - if (la->packetAliasMode & PKT_ALIAS_LOG) - { - ShowAliasStats(la); - } + if (la->packetAliasMode & PKT_ALIAS_LOG) { + ShowAliasStats(la); + } } static struct alias_link * -AddLink(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_short src_port, - u_short dst_port, - int alias_port_param, /* if less than zero, alias */ - int link_type) /* port will be automatically */ -{ /* chosen. If greater than */ - u_int start_point; /* zero, equal to alias port */ - struct alias_link *link; +AddLink(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + struct in_addr alias_addr, + u_short src_port, + u_short dst_port, + int alias_port_param, /* if less than zero, alias */ + int link_type) +{ /* port will be automatically *//* chosen. + * If greater than */ + u_int start_point; /* zero, equal to alias port */ + struct alias_link *link; - link = malloc(sizeof(struct alias_link)); - if (link != NULL) - { - /* Basic initialization */ - link->la = la; - link->src_addr = src_addr; - link->dst_addr = dst_addr; - link->alias_addr = alias_addr; - link->proxy_addr.s_addr = INADDR_ANY; - link->src_port = src_port; - link->dst_port = dst_port; - link->proxy_port = 0; - link->server = NULL; - link->link_type = link_type; - link->sockfd = -1; - link->flags = 0; - link->pflags = 0; - link->timestamp = la->timeStamp; + link = malloc(sizeof(struct alias_link)); + if (link != NULL) { + /* Basic initialization */ + link->la = la; + link->src_addr = src_addr; + link->dst_addr = dst_addr; + link->alias_addr = alias_addr; + link->proxy_addr.s_addr = INADDR_ANY; + link->src_port = src_port; + link->dst_port = dst_port; + link->proxy_port = 0; + link->server = NULL; + link->link_type = link_type; + link->sockfd = -1; + link->flags = 0; + link->pflags = 0; + link->timestamp = la->timeStamp; - /* Expiration time */ - switch (link_type) - { - case LINK_ICMP: - link->expire_time = ICMP_EXPIRE_TIME; - break; - case LINK_UDP: - link->expire_time = UDP_EXPIRE_TIME; - break; - case LINK_TCP: - link->expire_time = TCP_EXPIRE_INITIAL; - break; - case LINK_PPTP: - link->flags |= LINK_PERMANENT; /* no timeout. */ - break; - case LINK_FRAGMENT_ID: - link->expire_time = FRAGMENT_ID_EXPIRE_TIME; - break; - case LINK_FRAGMENT_PTR: - link->expire_time = FRAGMENT_PTR_EXPIRE_TIME; - break; - case LINK_ADDR: - break; - default: - link->expire_time = PROTO_EXPIRE_TIME; - break; - } + /* Expiration time */ + switch (link_type) { + case LINK_ICMP: + link->expire_time = ICMP_EXPIRE_TIME; + break; + case LINK_UDP: + link->expire_time = UDP_EXPIRE_TIME; + break; + case LINK_TCP: + link->expire_time = TCP_EXPIRE_INITIAL; + break; + case LINK_PPTP: + link->flags |= LINK_PERMANENT; /* no timeout. */ + break; + case LINK_FRAGMENT_ID: + link->expire_time = FRAGMENT_ID_EXPIRE_TIME; + break; + case LINK_FRAGMENT_PTR: + link->expire_time = FRAGMENT_PTR_EXPIRE_TIME; + break; + case LINK_ADDR: + break; + default: + link->expire_time = PROTO_EXPIRE_TIME; + break; + } - /* Determine alias flags */ - if (dst_addr.s_addr == INADDR_ANY) - link->flags |= LINK_UNKNOWN_DEST_ADDR; - if (dst_port == 0) - link->flags |= LINK_UNKNOWN_DEST_PORT; + /* Determine alias flags */ + if (dst_addr.s_addr == INADDR_ANY) + link->flags |= LINK_UNKNOWN_DEST_ADDR; + if (dst_port == 0) + link->flags |= LINK_UNKNOWN_DEST_PORT; - /* Determine alias port */ - if (GetNewPort(la, link, alias_port_param) != 0) - { - free(link); - return(NULL); - } + /* Determine alias port */ + if (GetNewPort(la, link, alias_port_param) != 0) { + free(link); + return (NULL); + } + /* Link-type dependent initialization */ + switch (link_type) { + struct tcp_dat *aux_tcp; - /* Link-type dependent initialization */ - switch(link_type) - { - struct tcp_dat *aux_tcp; + case LINK_ICMP: + la->icmpLinkCount++; + break; + case LINK_UDP: + la->udpLinkCount++; + break; + case LINK_TCP: + aux_tcp = malloc(sizeof(struct tcp_dat)); + if (aux_tcp != NULL) { + int i; - case LINK_ICMP: - la->icmpLinkCount++; - break; - case LINK_UDP: - la->udpLinkCount++; - break; - case LINK_TCP: - aux_tcp = malloc(sizeof(struct tcp_dat)); - if (aux_tcp != NULL) - { - int i; - - la->tcpLinkCount++; - aux_tcp->state.in = ALIAS_TCP_STATE_NOT_CONNECTED; - aux_tcp->state.out = ALIAS_TCP_STATE_NOT_CONNECTED; - aux_tcp->state.index = 0; - aux_tcp->state.ack_modified = 0; - for (i=0; iack[i].active = 0; - aux_tcp->fwhole = -1; - link->data.tcp = aux_tcp; - } - else - { + la->tcpLinkCount++; + aux_tcp->state.in = ALIAS_TCP_STATE_NOT_CONNECTED; + aux_tcp->state.out = ALIAS_TCP_STATE_NOT_CONNECTED; + aux_tcp->state.index = 0; + aux_tcp->state.ack_modified = 0; + for (i = 0; i < N_LINK_TCP_DATA; i++) + aux_tcp->ack[i].active = 0; + aux_tcp->fwhole = -1; + link->data.tcp = aux_tcp; + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/AddLink: "); - fprintf(stderr, " cannot allocate auxiliary TCP data\n"); + fprintf(stderr, "PacketAlias/AddLink: "); + fprintf(stderr, " cannot allocate auxiliary TCP data\n"); #endif - free(link); - return (NULL); - } - break; - case LINK_PPTP: - la->pptpLinkCount++; - break; - case LINK_FRAGMENT_ID: - la->fragmentIdLinkCount++; - break; - case LINK_FRAGMENT_PTR: - la->fragmentPtrLinkCount++; - break; - case LINK_ADDR: - break; - default: - la->protoLinkCount++; - break; - } + free(link); + return (NULL); + } + break; + case LINK_PPTP: + la->pptpLinkCount++; + break; + case LINK_FRAGMENT_ID: + la->fragmentIdLinkCount++; + break; + case LINK_FRAGMENT_PTR: + la->fragmentPtrLinkCount++; + break; + case LINK_ADDR: + break; + default: + la->protoLinkCount++; + break; + } - /* Set up pointers for output lookup table */ - start_point = StartPointOut(src_addr, dst_addr, - src_port, dst_port, link_type); - LIST_INSERT_HEAD(&la->linkTableOut[start_point], link, list_out); + /* Set up pointers for output lookup table */ + start_point = StartPointOut(src_addr, dst_addr, + src_port, dst_port, link_type); + LIST_INSERT_HEAD(&la->linkTableOut[start_point], link, list_out); - /* Set up pointers for input lookup table */ - start_point = StartPointIn(alias_addr, link->alias_port, link_type); - LIST_INSERT_HEAD(&la->linkTableIn[start_point], link, list_in); - } - else - { + /* Set up pointers for input lookup table */ + start_point = StartPointIn(alias_addr, link->alias_port, link_type); + LIST_INSERT_HEAD(&la->linkTableIn[start_point], link, list_in); + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/AddLink(): "); - fprintf(stderr, "malloc() call failed.\n"); + fprintf(stderr, "PacketAlias/AddLink(): "); + fprintf(stderr, "malloc() call failed.\n"); #endif - } + } - if (la->packetAliasMode & PKT_ALIAS_LOG) - { - ShowAliasStats(la); - } - - return(link); + if (la->packetAliasMode & PKT_ALIAS_LOG) { + ShowAliasStats(la); + } + return (link); } static struct alias_link * ReLink(struct alias_link *old_link, - struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_short src_port, - u_short dst_port, - int alias_port_param, /* if less than zero, alias */ - int link_type) /* port will be automatically */ -{ /* chosen. If greater than */ - struct alias_link *new_link; /* zero, equal to alias port */ - struct libalias *la = old_link->la; + struct in_addr src_addr, + struct in_addr dst_addr, + struct in_addr alias_addr, + u_short src_port, + u_short dst_port, + int alias_port_param, /* if less than zero, alias */ + int link_type) +{ /* port will be automatically *//* chosen. + * If greater than */ + struct alias_link *new_link; /* zero, equal to alias port */ + struct libalias *la = old_link->la; - new_link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, dst_port, alias_port_param, - link_type); + new_link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, dst_port, alias_port_param, + link_type); #ifndef NO_FW_PUNCH - if (new_link != NULL && - old_link->link_type == LINK_TCP && - old_link->data.tcp->fwhole > 0) { - PunchFWHole(new_link); - } + if (new_link != NULL && + old_link->link_type == LINK_TCP && + old_link->data.tcp->fwhole > 0) { + PunchFWHole(new_link); + } #endif - DeleteLink(old_link); - return new_link; + DeleteLink(old_link); + return new_link; } static struct alias_link * _FindLinkOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short dst_port, - int link_type, - int replace_partial_links) + struct in_addr dst_addr, + u_short src_port, + u_short dst_port, + int link_type, + int replace_partial_links) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointOut(src_addr, dst_addr, src_port, dst_port, link_type); - LIST_FOREACH(link, &la->linkTableOut[i], list_out) - { - if (link->src_addr.s_addr == src_addr.s_addr - && link->server == NULL - && link->dst_addr.s_addr == dst_addr.s_addr - && link->dst_port == dst_port - && link->src_port == src_port - && link->link_type == link_type) - { - link->timestamp = la->timeStamp; - break; - } - } + i = StartPointOut(src_addr, dst_addr, src_port, dst_port, link_type); + LIST_FOREACH(link, &la->linkTableOut[i], list_out) { + if (link->src_addr.s_addr == src_addr.s_addr + && link->server == NULL + && link->dst_addr.s_addr == dst_addr.s_addr + && link->dst_port == dst_port + && link->src_port == src_port + && link->link_type == link_type) { + link->timestamp = la->timeStamp; + break; + } + } /* Search for partially specified links. */ - if (link == NULL && replace_partial_links) - { - if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY) - { - link = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, - link_type, 0); - if (link == NULL) - link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, - dst_port, link_type, 0); - } - if (link == NULL && - (dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) - { - link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0, - link_type, 0); - } - if (link != NULL) - { - link = ReLink(link, - src_addr, dst_addr, link->alias_addr, - src_port, dst_port, link->alias_port, - link_type); - } - } - - return(link); + if (link == NULL && replace_partial_links) { + if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY) { + link = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, + link_type, 0); + if (link == NULL) + link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, + dst_port, link_type, 0); + } + if (link == NULL && + (dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) { + link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0, + link_type, 0); + } + if (link != NULL) { + link = ReLink(link, + src_addr, dst_addr, link->alias_addr, + src_port, dst_port, link->alias_port, + link_type); + } + } + return (link); } static struct alias_link * FindLinkOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short dst_port, - int link_type, - int replace_partial_links) + struct in_addr dst_addr, + u_short src_port, + u_short dst_port, + int link_type, + int replace_partial_links) { - struct alias_link *link; + struct alias_link *link; - link = _FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, - link_type, replace_partial_links); + link = _FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, + link_type, replace_partial_links); - if (link == NULL) - { - /* The following allows permanent links to be - specified as using the default source address - (i.e. device interface address) without knowing - in advance what that address is. */ - if (la->aliasAddress.s_addr != INADDR_ANY && - src_addr.s_addr == la->aliasAddress.s_addr) - { - link = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port, - link_type, replace_partial_links); - } - } - - return(link); + if (link == NULL) { + /* + * The following allows permanent links to be specified as + * using the default source address (i.e. device interface + * address) without knowing in advance what that address + * is. + */ + if (la->aliasAddress.s_addr != INADDR_ANY && + src_addr.s_addr == la->aliasAddress.s_addr) { + link = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port, + link_type, replace_partial_links); + } + } + return (link); } static struct alias_link * _FindLinkIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short dst_port, - u_short alias_port, - int link_type, - int replace_partial_links) + struct in_addr alias_addr, + u_short dst_port, + u_short alias_port, + int link_type, + int replace_partial_links) { - int flags_in; - u_int start_point; - struct alias_link *link; - struct alias_link *link_fully_specified; - struct alias_link *link_unknown_all; - struct alias_link *link_unknown_dst_addr; - struct alias_link *link_unknown_dst_port; + int flags_in; + u_int start_point; + struct alias_link *link; + struct alias_link *link_fully_specified; + struct alias_link *link_unknown_all; + struct alias_link *link_unknown_dst_addr; + struct alias_link *link_unknown_dst_port; /* Initialize pointers */ - link_fully_specified = NULL; - link_unknown_all = NULL; - link_unknown_dst_addr = NULL; - link_unknown_dst_port = NULL; + link_fully_specified = NULL; + link_unknown_all = NULL; + link_unknown_dst_addr = NULL; + link_unknown_dst_port = NULL; /* If either the dest addr or port is unknown, the search loop will have to know about this. */ - flags_in = 0; - if (dst_addr.s_addr == INADDR_ANY) - flags_in |= LINK_UNKNOWN_DEST_ADDR; - if (dst_port == 0) - flags_in |= LINK_UNKNOWN_DEST_PORT; + flags_in = 0; + if (dst_addr.s_addr == INADDR_ANY) + flags_in |= LINK_UNKNOWN_DEST_ADDR; + if (dst_port == 0) + flags_in |= LINK_UNKNOWN_DEST_PORT; /* Search loop */ - start_point = StartPointIn(alias_addr, alias_port, link_type); - LIST_FOREACH(link, &la->linkTableIn[start_point], list_in) - { - int flags; + start_point = StartPointIn(alias_addr, alias_port, link_type); + LIST_FOREACH(link, &la->linkTableIn[start_point], list_in) { + int flags; - flags = flags_in | link->flags; - if (!(flags & LINK_PARTIALLY_SPECIFIED)) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->dst_addr.s_addr == dst_addr.s_addr - && link->dst_port == dst_port - && link->link_type == link_type) - { - link_fully_specified = link; - break; - } - } - else if ((flags & LINK_UNKNOWN_DEST_ADDR) - && (flags & LINK_UNKNOWN_DEST_PORT)) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->link_type == link_type) - { - if (link_unknown_all == NULL) - link_unknown_all = link; - } - } - else if (flags & LINK_UNKNOWN_DEST_ADDR) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->link_type == link_type - && link->dst_port == dst_port) - { - if (link_unknown_dst_addr == NULL) - link_unknown_dst_addr = link; - } - } - else if (flags & LINK_UNKNOWN_DEST_PORT) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->link_type == link_type - && link->dst_addr.s_addr == dst_addr.s_addr) - { - if (link_unknown_dst_port == NULL) - link_unknown_dst_port = link; - } - } - } - - - - if (link_fully_specified != NULL) - { - link_fully_specified->timestamp = la->timeStamp; - link = link_fully_specified; - } - else if (link_unknown_dst_port != NULL) - link = link_unknown_dst_port; - else if (link_unknown_dst_addr != NULL) - link = link_unknown_dst_addr; - else if (link_unknown_all != NULL) - link = link_unknown_all; - else - return (NULL); - - if (replace_partial_links && - (link->flags & LINK_PARTIALLY_SPECIFIED || link->server != NULL)) - { - struct in_addr src_addr; - u_short src_port; - - if (link->server != NULL) { /* LSNAT link */ - src_addr = link->server->addr; - src_port = link->server->port; - link->server = link->server->next; - } else { - src_addr = link->src_addr; - src_port = link->src_port; + flags = flags_in | link->flags; + if (!(flags & LINK_PARTIALLY_SPECIFIED)) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->dst_addr.s_addr == dst_addr.s_addr + && link->dst_port == dst_port + && link->link_type == link_type) { + link_fully_specified = link; + break; + } + } else if ((flags & LINK_UNKNOWN_DEST_ADDR) + && (flags & LINK_UNKNOWN_DEST_PORT)) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->link_type == link_type) { + if (link_unknown_all == NULL) + link_unknown_all = link; + } + } else if (flags & LINK_UNKNOWN_DEST_ADDR) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->link_type == link_type + && link->dst_port == dst_port) { + if (link_unknown_dst_addr == NULL) + link_unknown_dst_addr = link; + } + } else if (flags & LINK_UNKNOWN_DEST_PORT) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->link_type == link_type + && link->dst_addr.s_addr == dst_addr.s_addr) { + if (link_unknown_dst_port == NULL) + link_unknown_dst_port = link; + } + } } - link = ReLink(link, - src_addr, dst_addr, alias_addr, - src_port, dst_port, alias_port, - link_type); - } - return (link); + + if (link_fully_specified != NULL) { + link_fully_specified->timestamp = la->timeStamp; + link = link_fully_specified; + } else if (link_unknown_dst_port != NULL) + link = link_unknown_dst_port; + else if (link_unknown_dst_addr != NULL) + link = link_unknown_dst_addr; + else if (link_unknown_all != NULL) + link = link_unknown_all; + else + return (NULL); + + if (replace_partial_links && + (link->flags & LINK_PARTIALLY_SPECIFIED || link->server != NULL)) { + struct in_addr src_addr; + u_short src_port; + + if (link->server != NULL) { /* LSNAT link */ + src_addr = link->server->addr; + src_port = link->server->port; + link->server = link->server->next; + } else { + src_addr = link->src_addr; + src_port = link->src_port; + } + + link = ReLink(link, + src_addr, dst_addr, alias_addr, + src_port, dst_port, alias_port, + link_type); + } + return (link); } static struct alias_link * FindLinkIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short dst_port, - u_short alias_port, - int link_type, - int replace_partial_links) + struct in_addr alias_addr, + u_short dst_port, + u_short alias_port, + int link_type, + int replace_partial_links) { - struct alias_link *link; + struct alias_link *link; - link = _FindLinkIn(la, dst_addr, alias_addr, dst_port, alias_port, - link_type, replace_partial_links); + link = _FindLinkIn(la, dst_addr, alias_addr, dst_port, alias_port, + link_type, replace_partial_links); - if (link == NULL) - { - /* The following allows permanent links to be - specified as using the default aliasing address - (i.e. device interface address) without knowing - in advance what that address is. */ - if (la->aliasAddress.s_addr != INADDR_ANY && - alias_addr.s_addr == la->aliasAddress.s_addr) - { - link = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port, - link_type, replace_partial_links); - } - } - - return(link); + if (link == NULL) { + /* + * The following allows permanent links to be specified as + * using the default aliasing address (i.e. device + * interface address) without knowing in advance what that + * address is. + */ + if (la->aliasAddress.s_addr != INADDR_ANY && + alias_addr.s_addr == la->aliasAddress.s_addr) { + link = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port, + link_type, replace_partial_links); + } + } + return (link); } @@ -1358,425 +1286,401 @@ FindLinkIn(struct libalias *la, struct in_addr dst_addr, struct alias_link * FindIcmpIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short id_alias, - int create) + struct in_addr alias_addr, + u_short id_alias, + int create) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, id_alias, - LINK_ICMP, 0); - if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) - { - struct in_addr target_addr; + link = FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, id_alias, + LINK_ICMP, 0); + if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) { + struct in_addr target_addr; - target_addr = FindOriginalAddress(la, alias_addr); - link = AddLink(la, target_addr, dst_addr, alias_addr, - id_alias, NO_DEST_PORT, id_alias, - LINK_ICMP); - } - - return (link); + target_addr = FindOriginalAddress(la, alias_addr); + link = AddLink(la, target_addr, dst_addr, alias_addr, + id_alias, NO_DEST_PORT, id_alias, + LINK_ICMP); + } + return (link); } struct alias_link * FindIcmpOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short id, - int create) + struct in_addr dst_addr, + u_short id, + int create) { - struct alias_link * link; + struct alias_link *link; - link = FindLinkOut(la, src_addr, dst_addr, - id, NO_DEST_PORT, - LINK_ICMP, 0); - if (link == NULL && create) - { - struct in_addr alias_addr; + link = FindLinkOut(la, src_addr, dst_addr, + id, NO_DEST_PORT, + LINK_ICMP, 0); + if (link == NULL && create) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - id, NO_DEST_PORT, GET_ALIAS_ID, - LINK_ICMP); - } - - return(link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + id, NO_DEST_PORT, GET_ALIAS_ID, + LINK_ICMP); + } + return (link); } struct alias_link * FindFragmentIn1(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short ip_id) + struct in_addr alias_addr, + u_short ip_id) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, ip_id, - LINK_FRAGMENT_ID, 0); + link = FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, ip_id, + LINK_FRAGMENT_ID, 0); - if (link == NULL) - { - link = AddLink(la, la->nullAddress, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, ip_id, - LINK_FRAGMENT_ID); - } - - return(link); + if (link == NULL) { + link = AddLink(la, la->nullAddress, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, ip_id, + LINK_FRAGMENT_ID); + } + return (link); } struct alias_link * -FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if one */ - struct in_addr alias_addr, /* is not found. */ - u_short ip_id) +FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if + * one */ + struct in_addr alias_addr, /* is not found. */ + u_short ip_id) { - return FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, ip_id, - LINK_FRAGMENT_ID, 0); + return FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, ip_id, + LINK_FRAGMENT_ID, 0); } struct alias_link * AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, - u_short ip_id) + u_short ip_id) { - return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, - NO_SRC_PORT, NO_DEST_PORT, ip_id, - LINK_FRAGMENT_PTR); + return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, + NO_SRC_PORT, NO_DEST_PORT, ip_id, + LINK_FRAGMENT_PTR); } struct alias_link * FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, - u_short ip_id) + u_short ip_id) { - return FindLinkIn(la, dst_addr, la->nullAddress, - NO_DEST_PORT, ip_id, - LINK_FRAGMENT_PTR, 0); + return FindLinkIn(la, dst_addr, la->nullAddress, + NO_DEST_PORT, ip_id, + LINK_FRAGMENT_PTR, 0); } struct alias_link * FindProtoIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_char proto) + struct in_addr alias_addr, + u_char proto) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, 0, - proto, 1); + link = FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, 0, + proto, 1); - if (link == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) - { - struct in_addr target_addr; + if (link == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) { + struct in_addr target_addr; - target_addr = FindOriginalAddress(la, alias_addr); - link = AddLink(la, target_addr, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, 0, - proto); - } - - return (link); + target_addr = FindOriginalAddress(la, alias_addr); + link = AddLink(la, target_addr, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, 0, + proto); + } + return (link); } struct alias_link * FindProtoOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_char proto) + struct in_addr dst_addr, + u_char proto) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkOut(la, src_addr, dst_addr, - NO_SRC_PORT, NO_DEST_PORT, - proto, 1); + link = FindLinkOut(la, src_addr, dst_addr, + NO_SRC_PORT, NO_DEST_PORT, + proto, 1); - if (link == NULL) - { - struct in_addr alias_addr; + if (link == NULL) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, 0, - proto); - } - - return (link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, 0, + proto); + } + return (link); } struct alias_link * FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short dst_port, - u_short alias_port, - u_char proto, - int create) + struct in_addr alias_addr, + u_short dst_port, + u_short alias_port, + u_char proto, + int create) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return NULL; - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return NULL; + break; + } - link = FindLinkIn(la, dst_addr, alias_addr, - dst_port, alias_port, - link_type, create); + link = FindLinkIn(la, dst_addr, alias_addr, + dst_port, alias_port, + link_type, create); - if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) - { - struct in_addr target_addr; + if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) { + struct in_addr target_addr; - target_addr = FindOriginalAddress(la, alias_addr); - link = AddLink(la, target_addr, dst_addr, alias_addr, - alias_port, dst_port, alias_port, - link_type); - } - - return(link); + target_addr = FindOriginalAddress(la, alias_addr); + link = AddLink(la, target_addr, dst_addr, alias_addr, + alias_port, dst_port, alias_port, + link_type); + } + return (link); } struct alias_link * -FindUdpTcpOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short dst_port, - u_char proto, - int create) +FindUdpTcpOut(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + u_short src_port, + u_short dst_port, + u_char proto, + int create) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return NULL; - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return NULL; + break; + } - link = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create); + link = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create); - if (link == NULL && create) - { - struct in_addr alias_addr; + if (link == NULL && create) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, dst_port, GET_ALIAS_PORT, - link_type); - } - - return(link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, dst_port, GET_ALIAS_PORT, + link_type); + } + return (link); } struct alias_link * -AddPptp(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_int16_t src_call_id) +AddPptp(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + struct in_addr alias_addr, + u_int16_t src_call_id) { - struct alias_link *link; + struct alias_link *link; - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_call_id, 0, GET_ALIAS_PORT, - LINK_PPTP); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_call_id, 0, GET_ALIAS_PORT, + LINK_PPTP); - return (link); + return (link); } struct alias_link * FindPptpOutByCallId(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_int16_t src_call_id) + struct in_addr dst_addr, + u_int16_t src_call_id) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); - LIST_FOREACH(link, &la->linkTableOut[i], list_out) - if (link->link_type == LINK_PPTP && + i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); + LIST_FOREACH(link, &la->linkTableOut[i], list_out) + if (link->link_type == LINK_PPTP && link->src_addr.s_addr == src_addr.s_addr && link->dst_addr.s_addr == dst_addr.s_addr && link->src_port == src_call_id) break; - return (link); + return (link); } struct alias_link * FindPptpOutByPeerCallId(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_int16_t dst_call_id) + struct in_addr dst_addr, + u_int16_t dst_call_id) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); - LIST_FOREACH(link, &la->linkTableOut[i], list_out) - if (link->link_type == LINK_PPTP && + i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); + LIST_FOREACH(link, &la->linkTableOut[i], list_out) + if (link->link_type == LINK_PPTP && link->src_addr.s_addr == src_addr.s_addr && link->dst_addr.s_addr == dst_addr.s_addr && link->dst_port == dst_call_id) break; - return (link); + return (link); } struct alias_link * FindPptpInByCallId(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_int16_t dst_call_id) + struct in_addr alias_addr, + u_int16_t dst_call_id) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointIn(alias_addr, 0, LINK_PPTP); - LIST_FOREACH(link, &la->linkTableIn[i], list_in) - if (link->link_type == LINK_PPTP && + i = StartPointIn(alias_addr, 0, LINK_PPTP); + LIST_FOREACH(link, &la->linkTableIn[i], list_in) + if (link->link_type == LINK_PPTP && link->dst_addr.s_addr == dst_addr.s_addr && link->alias_addr.s_addr == alias_addr.s_addr && link->dst_port == dst_call_id) break; - return (link); + return (link); } struct alias_link * FindPptpInByPeerCallId(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_int16_t alias_call_id) + struct in_addr alias_addr, + u_int16_t alias_call_id) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - 0/* any */, alias_call_id, - LINK_PPTP, 0); + link = FindLinkIn(la, dst_addr, alias_addr, + 0 /* any */ , alias_call_id, + LINK_PPTP, 0); - return (link); + return (link); } struct alias_link * -FindRtspOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short alias_port, - u_char proto) +FindRtspOut(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + u_short src_port, + u_short alias_port, + u_char proto) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return NULL; - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return NULL; + break; + } - link = FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 1); + link = FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 1); - if (link == NULL) - { - struct in_addr alias_addr; + if (link == NULL) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, 0, alias_port, - link_type); - } - - return(link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, 0, alias_port, + link_type); + } + return (link); } struct in_addr FindOriginalAddress(struct libalias *la, struct in_addr alias_addr) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, la->nullAddress, alias_addr, - 0, 0, LINK_ADDR, 0); - if (link == NULL) - { - la->newDefaultLink = 1; - if (la->targetAddress.s_addr == INADDR_ANY) - return alias_addr; - else if (la->targetAddress.s_addr == INADDR_NONE) - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : alias_addr; - else - return la->targetAddress; - } - else - { - if (link->server != NULL) { /* LSNAT link */ - struct in_addr src_addr; + link = FindLinkIn(la, la->nullAddress, alias_addr, + 0, 0, LINK_ADDR, 0); + if (link == NULL) { + la->newDefaultLink = 1; + if (la->targetAddress.s_addr == INADDR_ANY) + return alias_addr; + else if (la->targetAddress.s_addr == INADDR_NONE) + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : alias_addr; + else + return la->targetAddress; + } else { + if (link->server != NULL) { /* LSNAT link */ + struct in_addr src_addr; - src_addr = link->server->addr; - link->server = link->server->next; - return (src_addr); - } else if (link->src_addr.s_addr == INADDR_ANY) - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : alias_addr; - else - return link->src_addr; - } + src_addr = link->server->addr; + link->server = link->server->next; + return (src_addr); + } else if (link->src_addr.s_addr == INADDR_ANY) + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : alias_addr; + else + return link->src_addr; + } } struct in_addr FindAliasAddress(struct libalias *la, struct in_addr original_addr) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkOut(la, original_addr, la->nullAddress, - 0, 0, LINK_ADDR, 0); - if (link == NULL) - { - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : original_addr; - } - else - { - if (link->alias_addr.s_addr == INADDR_ANY) - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : original_addr; - else - return link->alias_addr; - } + link = FindLinkOut(la, original_addr, la->nullAddress, + 0, 0, LINK_ADDR, 0); + if (link == NULL) { + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : original_addr; + } else { + if (link->alias_addr.s_addr == INADDR_ANY) + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : original_addr; + else + return link->alias_addr; + } } @@ -1798,186 +1702,187 @@ FindAliasAddress(struct libalias *la, struct in_addr original_addr) void SetFragmentAddr(struct alias_link *link, struct in_addr src_addr) { - link->data.frag_addr = src_addr; + link->data.frag_addr = src_addr; } void GetFragmentAddr(struct alias_link *link, struct in_addr *src_addr) { - *src_addr = link->data.frag_addr; + *src_addr = link->data.frag_addr; } void SetFragmentPtr(struct alias_link *link, char *fptr) { - link->data.frag_ptr = fptr; + link->data.frag_ptr = fptr; } void GetFragmentPtr(struct alias_link *link, char **fptr) { - *fptr = link->data.frag_ptr; + *fptr = link->data.frag_ptr; } void SetStateIn(struct alias_link *link, int state) { - /* TCP input state */ - switch (state) { - case ALIAS_TCP_STATE_DISCONNECTED: - if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_DEAD; - else - link->expire_time = TCP_EXPIRE_SINGLEDEAD; - break; - case ALIAS_TCP_STATE_CONNECTED: - if (link->data.tcp->state.out == ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_CONNECTED; - break; - default: - abort(); - } - link->data.tcp->state.in = state; + /* TCP input state */ + switch (state) { + case ALIAS_TCP_STATE_DISCONNECTED: + if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_DEAD; + else + link->expire_time = TCP_EXPIRE_SINGLEDEAD; + break; + case ALIAS_TCP_STATE_CONNECTED: + if (link->data.tcp->state.out == ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_CONNECTED; + break; + default: + abort(); + } + link->data.tcp->state.in = state; } void SetStateOut(struct alias_link *link, int state) { - /* TCP output state */ - switch (state) { - case ALIAS_TCP_STATE_DISCONNECTED: - if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_DEAD; - else - link->expire_time = TCP_EXPIRE_SINGLEDEAD; - break; - case ALIAS_TCP_STATE_CONNECTED: - if (link->data.tcp->state.in == ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_CONNECTED; - break; - default: - abort(); - } - link->data.tcp->state.out = state; + /* TCP output state */ + switch (state) { + case ALIAS_TCP_STATE_DISCONNECTED: + if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_DEAD; + else + link->expire_time = TCP_EXPIRE_SINGLEDEAD; + break; + case ALIAS_TCP_STATE_CONNECTED: + if (link->data.tcp->state.in == ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_CONNECTED; + break; + default: + abort(); + } + link->data.tcp->state.out = state; } int GetStateIn(struct alias_link *link) { - /* TCP input state */ - return link->data.tcp->state.in; + /* TCP input state */ + return link->data.tcp->state.in; } int GetStateOut(struct alias_link *link) { - /* TCP output state */ - return link->data.tcp->state.out; + /* TCP output state */ + return link->data.tcp->state.out; } struct in_addr GetOriginalAddress(struct alias_link *link) { - if (link->src_addr.s_addr == INADDR_ANY) - return link->la->aliasAddress; - else - return(link->src_addr); + if (link->src_addr.s_addr == INADDR_ANY) + return link->la->aliasAddress; + else + return (link->src_addr); } struct in_addr GetDestAddress(struct alias_link *link) { - return(link->dst_addr); + return (link->dst_addr); } struct in_addr GetAliasAddress(struct alias_link *link) { - if (link->alias_addr.s_addr == INADDR_ANY) - return link->la->aliasAddress; - else - return link->alias_addr; + if (link->alias_addr.s_addr == INADDR_ANY) + return link->la->aliasAddress; + else + return link->alias_addr; } struct in_addr GetDefaultAliasAddress(struct libalias *la) { - return la->aliasAddress; + return la->aliasAddress; } void SetDefaultAliasAddress(struct libalias *la, struct in_addr alias_addr) { - la->aliasAddress = alias_addr; + la->aliasAddress = alias_addr; } u_short GetOriginalPort(struct alias_link *link) { - return(link->src_port); + return (link->src_port); } u_short GetAliasPort(struct alias_link *link) { - return(link->alias_port); + return (link->alias_port); } #ifndef NO_FW_PUNCH -static u_short +static u_short GetDestPort(struct alias_link *link) { - return(link->dst_port); + return (link->dst_port); } + #endif void SetAckModified(struct alias_link *link) { /* Indicate that ACK numbers have been modified in a TCP connection */ - link->data.tcp->state.ack_modified = 1; + link->data.tcp->state.ack_modified = 1; } struct in_addr GetProxyAddress(struct alias_link *link) { - return link->proxy_addr; + return link->proxy_addr; } void SetProxyAddress(struct alias_link *link, struct in_addr addr) { - link->proxy_addr = addr; + link->proxy_addr = addr; } u_short GetProxyPort(struct alias_link *link) { - return link->proxy_port; + return link->proxy_port; } void SetProxyPort(struct alias_link *link, u_short port) { - link->proxy_port = port; + link->proxy_port = port; } @@ -1985,7 +1890,7 @@ int GetAckModified(struct alias_link *link) { /* See if ACK numbers have been modified */ - return link->data.tcp->state.ack_modified; + return link->data.tcp->state.ack_modified; } @@ -1998,45 +1903,38 @@ TCP packet. To do this, a circular list of ACK numbers where the TCP packet size was altered is searched. */ - int i; - struct tcphdr *tc; - int delta, ack_diff_min; - u_long ack; + int i; + struct tcphdr *tc; + int delta, ack_diff_min; + u_long ack; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - ack = tc->th_ack; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + ack = tc->th_ack; - delta = 0; - ack_diff_min = -1; - for (i=0; idata.tcp->ack[i]; - if (x.active == 1) - { - int ack_diff; + x = link->data.tcp->ack[i]; + if (x.active == 1) { + int ack_diff; - ack_diff = SeqDiff(x.ack_new, ack); - if (ack_diff >= 0) - { - if (ack_diff_min >= 0) - { - if (ack_diff < ack_diff_min) - { - delta = x.delta; - ack_diff_min = ack_diff; - } - } - else - { - delta = x.delta; - ack_diff_min = ack_diff; - } - } - } - } - return (delta); + ack_diff = SeqDiff(x.ack_new, ack); + if (ack_diff >= 0) { + if (ack_diff_min >= 0) { + if (ack_diff < ack_diff_min) { + delta = x.delta; + ack_diff_min = ack_diff; + } + } else { + delta = x.delta; + ack_diff_min = ack_diff; + } + } + } + } + return (delta); } @@ -2049,45 +1947,38 @@ TCP packet. To do this, a circular list of ACK numbers where the TCP packet size was altered is searched. */ - int i; - struct tcphdr *tc; - int delta, seq_diff_min; - u_long seq; + int i; + struct tcphdr *tc; + int delta, seq_diff_min; + u_long seq; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - seq = tc->th_seq; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + seq = tc->th_seq; - delta = 0; - seq_diff_min = -1; - for (i=0; idata.tcp->ack[i]; - if (x.active == 1) - { - int seq_diff; + x = link->data.tcp->ack[i]; + if (x.active == 1) { + int seq_diff; - seq_diff = SeqDiff(x.ack_old, seq); - if (seq_diff >= 0) - { - if (seq_diff_min >= 0) - { - if (seq_diff < seq_diff_min) - { - delta = x.delta; - seq_diff_min = seq_diff; - } - } - else - { - delta = x.delta; - seq_diff_min = seq_diff; - } - } - } - } - return (delta); + seq_diff = SeqDiff(x.ack_old, seq); + if (seq_diff >= 0) { + if (seq_diff_min >= 0) { + if (seq_diff < seq_diff_min) { + delta = x.delta; + seq_diff_min = seq_diff; + } + } else { + delta = x.delta; + seq_diff_min = seq_diff; + } + } + } + } + return (delta); } @@ -2100,86 +1991,79 @@ information in a circular list. If enough packets have been altered, then this list will begin to overwrite itself. */ - struct tcphdr *tc; - struct ack_data_record x; - int hlen, tlen, dlen; - int i; + struct tcphdr *tc; + struct ack_data_record x; + int hlen, tlen, dlen; + int i; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - x.ack_old = htonl(ntohl(tc->th_seq) + dlen); - x.ack_new = htonl(ntohl(tc->th_seq) + dlen + delta); - x.delta = delta; - x.active = 1; + x.ack_old = htonl(ntohl(tc->th_seq) + dlen); + x.ack_new = htonl(ntohl(tc->th_seq) + dlen + delta); + x.delta = delta; + x.active = 1; - i = link->data.tcp->state.index; - link->data.tcp->ack[i] = x; + i = link->data.tcp->state.index; + link->data.tcp->ack[i] = x; - i++; - if (i == N_LINK_TCP_DATA) - link->data.tcp->state.index = 0; - else - link->data.tcp->state.index = i; + i++; + if (i == N_LINK_TCP_DATA) + link->data.tcp->state.index = 0; + else + link->data.tcp->state.index = i; } void SetExpire(struct alias_link *link, int expire) { - if (expire == 0) - { - link->flags &= ~LINK_PERMANENT; - DeleteLink(link); - } - else if (expire == -1) - { - link->flags |= LINK_PERMANENT; - } - else if (expire > 0) - { - link->expire_time = expire; - } - else - { + if (expire == 0) { + link->flags &= ~LINK_PERMANENT; + DeleteLink(link); + } else if (expire == -1) { + link->flags |= LINK_PERMANENT; + } else if (expire > 0) { + link->expire_time = expire; + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/SetExpire(): "); - fprintf(stderr, "error in expire parameter\n"); + fprintf(stderr, "PacketAlias/SetExpire(): "); + fprintf(stderr, "error in expire parameter\n"); #endif - } + } } void ClearCheckNewLink(struct libalias *la) { - la->newDefaultLink = 0; + la->newDefaultLink = 0; } void SetProtocolFlags(struct alias_link *link, int pflags) { - link->pflags = pflags;; + link->pflags = pflags;; } int GetProtocolFlags(struct alias_link *link) { - return (link->pflags); + return (link->pflags); } void SetDestCallId(struct alias_link *link, u_int16_t cid) { - struct libalias *la = link->la; + struct libalias *la = link->la; - la->deleteAllLinks = 1; - link = ReLink(link, link->src_addr, link->dst_addr, link->alias_addr, - link->src_port, cid, link->alias_port, link->link_type); - la->deleteAllLinks = 0; + la->deleteAllLinks = 1; + link = ReLink(link, link->src_addr, link->dst_addr, link->alias_addr, + link->src_port, cid, link->alias_port, link->link_type); + la->deleteAllLinks = 0; } @@ -2202,52 +2086,47 @@ SetDestCallId(struct alias_link *link, u_int16_t cid) void HouseKeeping(struct libalias *la) { - int i, n, n100; - struct timeval tv; - struct timezone tz; + int i, n, n100; + struct timeval tv; + struct timezone tz; - /* - * Save system time (seconds) in global variable timeStamp for - * use by other functions. This is done so as not to unnecessarily - * waste timeline by making system calls. - */ - gettimeofday(&tv, &tz); - la->timeStamp = tv.tv_sec; + /* + * Save system time (seconds) in global variable timeStamp for use + * by other functions. This is done so as not to unnecessarily + * waste timeline by making system calls. + */ + gettimeofday(&tv, &tz); + la->timeStamp = tv.tv_sec; - /* Compute number of spokes (output table link chains) to cover */ - n100 = LINK_TABLE_OUT_SIZE * 100 + la->houseKeepingResidual; - n100 *= la->timeStamp - la->lastCleanupTime; - n100 /= ALIAS_CLEANUP_INTERVAL_SECS; + /* Compute number of spokes (output table link chains) to cover */ + n100 = LINK_TABLE_OUT_SIZE * 100 + la->houseKeepingResidual; + n100 *= la->timeStamp - la->lastCleanupTime; + n100 /= ALIAS_CLEANUP_INTERVAL_SECS; - n = n100/100; + n = n100 / 100; - /* Handle different cases */ - if (n > ALIAS_CLEANUP_MAX_SPOKES) - { - n = ALIAS_CLEANUP_MAX_SPOKES; - la->lastCleanupTime = la->timeStamp; - la->houseKeepingResidual = 0; + /* Handle different cases */ + if (n > ALIAS_CLEANUP_MAX_SPOKES) { + n = ALIAS_CLEANUP_MAX_SPOKES; + la->lastCleanupTime = la->timeStamp; + la->houseKeepingResidual = 0; - for (i=0; i 0) - { - la->lastCleanupTime = la->timeStamp; - la->houseKeepingResidual = n100 - 100*n; + for (i = 0; i < n; i++) + IncrementalCleanup(la); + } else if (n > 0) { + la->lastCleanupTime = la->timeStamp; + la->houseKeepingResidual = n100 - 100 * n; - for (i=0; ilastCleanupTime = la->timeStamp; - la->houseKeepingResidual = 0; - } + la->lastCleanupTime = la->timeStamp; + la->houseKeepingResidual = 0; + } } @@ -2255,13 +2134,12 @@ HouseKeeping(struct libalias *la) static void InitPacketAliasLog(struct libalias *la) { - if ((~la->packetAliasMode & PKT_ALIAS_LOG) - && (la->monitorFile = fopen("/var/log/alias.log", "w"))) - { - la->packetAliasMode |= PKT_ALIAS_LOG; - fprintf(la->monitorFile, - "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); - } + if ((~la->packetAliasMode & PKT_ALIAS_LOG) + && (la->monitorFile = fopen("/var/log/alias.log", "w"))) { + la->packetAliasMode |= PKT_ALIAS_LOG; + fprintf(la->monitorFile, + "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); + } } @@ -2269,11 +2147,11 @@ InitPacketAliasLog(struct libalias *la) static void UninitPacketAliasLog(struct libalias *la) { - if (la->monitorFile) { - fclose(la->monitorFile); - la->monitorFile = NULL; - } - la->packetAliasMode &= ~PKT_ALIAS_LOG; + if (la->monitorFile) { + fclose(la->monitorFile); + la->monitorFile = NULL; + } + la->packetAliasMode &= ~PKT_ALIAS_LOG; } @@ -2302,132 +2180,125 @@ UninitPacketAliasLog(struct libalias *la) /* Redirection from a specific public addr:port to a private addr:port */ struct alias_link * -LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr, u_short src_port, - struct in_addr dst_addr, u_short dst_port, - struct in_addr alias_addr, u_short alias_port, - u_char proto) +LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr, u_short src_port, + struct in_addr dst_addr, u_short dst_port, + struct in_addr alias_addr, u_short alias_port, + u_char proto) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch(proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: #ifdef DEBUG - fprintf(stderr, "PacketAliasRedirectPort(): "); - fprintf(stderr, "only TCP and UDP protocols allowed\n"); + fprintf(stderr, "PacketAliasRedirectPort(): "); + fprintf(stderr, "only TCP and UDP protocols allowed\n"); #endif - return NULL; - } + return NULL; + } - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, dst_port, alias_port, - link_type); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, dst_port, alias_port, + link_type); - if (link != NULL) - { - link->flags |= LINK_PERMANENT; - } + if (link != NULL) { + link->flags |= LINK_PERMANENT; + } #ifdef DEBUG - else - { - fprintf(stderr, "PacketAliasRedirectPort(): " - "call to AddLink() failed\n"); - } + else { + fprintf(stderr, "PacketAliasRedirectPort(): " + "call to AddLink() failed\n"); + } #endif - return link; + return link; } /* Add server to the pool of servers */ int LibAliasAddServer(struct libalias *la, struct alias_link *link, struct in_addr addr, u_short port) { - struct server *server; + struct server *server; - server = malloc(sizeof(struct server)); + server = malloc(sizeof(struct server)); - if (server != NULL) { - struct server *head; + if (server != NULL) { + struct server *head; - server->addr = addr; - server->port = port; + server->addr = addr; + server->port = port; - head = link->server; - if (head == NULL) - server->next = server; - else { - struct server *s; + head = link->server; + if (head == NULL) + server->next = server; + else { + struct server *s; - for (s = head; s->next != head; s = s->next); - s->next = server; - server->next = head; - } - link->server = server; - return (0); - } else - return (-1); + for (s = head; s->next != head; s = s->next); + s->next = server; + server->next = head; + } + link->server = server; + return (0); + } else + return (-1); } /* Redirect packets of a given IP protocol from a specific public address to a private address */ struct alias_link * LibAliasRedirectProto(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_char proto) + struct in_addr dst_addr, + struct in_addr alias_addr, + u_char proto) { - struct alias_link *link; + struct alias_link *link; - link = AddLink(la, src_addr, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, 0, - proto); + link = AddLink(la, src_addr, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, 0, + proto); - if (link != NULL) - { - link->flags |= LINK_PERMANENT; - } + if (link != NULL) { + link->flags |= LINK_PERMANENT; + } #ifdef DEBUG - else - { - fprintf(stderr, "PacketAliasRedirectProto(): " - "call to AddLink() failed\n"); - } + else { + fprintf(stderr, "PacketAliasRedirectProto(): " + "call to AddLink() failed\n"); + } #endif - return link; + return link; } /* Static address translation */ struct alias_link * LibAliasRedirectAddr(struct libalias *la, struct in_addr src_addr, - struct in_addr alias_addr) + struct in_addr alias_addr) { - struct alias_link *link; + struct alias_link *link; - link = AddLink(la, src_addr, la->nullAddress, alias_addr, - 0, 0, 0, - LINK_ADDR); + link = AddLink(la, src_addr, la->nullAddress, alias_addr, + 0, 0, 0, + LINK_ADDR); - if (link != NULL) - { - link->flags |= LINK_PERMANENT; - } + if (link != NULL) { + link->flags |= LINK_PERMANENT; + } #ifdef DEBUG - else - { - fprintf(stderr, "PacketAliasRedirectAddr(): " - "call to AddLink() failed\n"); - } + else { + fprintf(stderr, "PacketAliasRedirectAddr(): " + "call to AddLink() failed\n"); + } #endif - return link; + return link; } @@ -2436,12 +2307,12 @@ int LibAliasRedirectDynamic(struct libalias *la, struct alias_link *link) { - if (link->flags & LINK_PARTIALLY_SPECIFIED) - return (-1); - else { - link->flags &= ~LINK_PERMANENT; - return (0); - } + if (link->flags & LINK_PARTIALLY_SPECIFIED) + return (-1); + else { + link->flags &= ~LINK_PERMANENT; + return (0); + } } @@ -2451,147 +2322,143 @@ LibAliasRedirectDelete(struct libalias *la, struct alias_link *link) /* This is a dangerous function to put in the API, because an invalid pointer can crash the program. */ - la->deleteAllLinks = 1; - DeleteLink(link); - la->deleteAllLinks = 0; + la->deleteAllLinks = 1; + DeleteLink(link); + la->deleteAllLinks = 0; } void LibAliasSetAddress(struct libalias *la, struct in_addr addr) { - if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE - && la->aliasAddress.s_addr != addr.s_addr) - CleanupAliasData(la); + if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE + && la->aliasAddress.s_addr != addr.s_addr) + CleanupAliasData(la); - la->aliasAddress = addr; + la->aliasAddress = addr; } void LibAliasSetTarget(struct libalias *la, struct in_addr target_addr) { - la->targetAddress = target_addr; + la->targetAddress = target_addr; } static void finishoff(void) { - while(!LIST_EMPTY(&instancehead)) + while (!LIST_EMPTY(&instancehead)) LibAliasUninit(LIST_FIRST(&instancehead)); } struct libalias * LibAliasInit(struct libalias *la) { - int i; - struct timeval tv; - struct timezone tz; + int i; + struct timeval tv; + struct timezone tz; - if (la == NULL) - { - la = calloc(sizeof *la, 1); - if (la == NULL) - return (la); - if (LIST_EMPTY(&instancehead)) - atexit(finishoff); - LIST_INSERT_HEAD(&instancehead, la, instancelist); - - gettimeofday(&tv, &tz); - la->timeStamp = tv.tv_sec; - la->lastCleanupTime = tv.tv_sec; - la->houseKeepingResidual = 0; + if (la == NULL) { + la = calloc(sizeof *la, 1); + if (la == NULL) + return (la); + if (LIST_EMPTY(&instancehead)) + atexit(finishoff); + LIST_INSERT_HEAD(&instancehead, la, instancelist); - for (i=0; ilinkTableOut[i]); - for (i=0; ilinkTableIn[i]); + gettimeofday(&tv, &tz); + la->timeStamp = tv.tv_sec; + la->lastCleanupTime = tv.tv_sec; + la->houseKeepingResidual = 0; - } - else - { - la->deleteAllLinks = 1; - CleanupAliasData(la); - la->deleteAllLinks = 0; - } + for (i = 0; i < LINK_TABLE_OUT_SIZE; i++) + LIST_INIT(&la->linkTableOut[i]); + for (i = 0; i < LINK_TABLE_IN_SIZE; i++) + LIST_INIT(&la->linkTableIn[i]); - la->aliasAddress.s_addr = INADDR_ANY; - la->targetAddress.s_addr = INADDR_ANY; + } else { + la->deleteAllLinks = 1; + CleanupAliasData(la); + la->deleteAllLinks = 0; + } - la->icmpLinkCount = 0; - la->udpLinkCount = 0; - la->tcpLinkCount = 0; - la->pptpLinkCount = 0; - la->protoLinkCount = 0; - la->fragmentIdLinkCount = 0; - la->fragmentPtrLinkCount = 0; - la->sockCount = 0; + la->aliasAddress.s_addr = INADDR_ANY; + la->targetAddress.s_addr = INADDR_ANY; - la->cleanupIndex =0; + la->icmpLinkCount = 0; + la->udpLinkCount = 0; + la->tcpLinkCount = 0; + la->pptpLinkCount = 0; + la->protoLinkCount = 0; + la->fragmentIdLinkCount = 0; + la->fragmentPtrLinkCount = 0; + la->sockCount = 0; - la->packetAliasMode = PKT_ALIAS_SAME_PORTS - | PKT_ALIAS_USE_SOCKETS - | PKT_ALIAS_RESET_ON_ADDR_CHANGE; + la->cleanupIndex = 0; + + la->packetAliasMode = PKT_ALIAS_SAME_PORTS + | PKT_ALIAS_USE_SOCKETS + | PKT_ALIAS_RESET_ON_ADDR_CHANGE; #ifndef NO_FW_PUNCH - la->fireWallFD = -1; + la->fireWallFD = -1; #endif - return (la); + return (la); } void -LibAliasUninit(struct libalias *la) { - la->deleteAllLinks = 1; - CleanupAliasData(la); - la->deleteAllLinks = 0; - UninitPacketAliasLog(la); +LibAliasUninit(struct libalias *la) +{ + la->deleteAllLinks = 1; + CleanupAliasData(la); + la->deleteAllLinks = 0; + UninitPacketAliasLog(la); #ifndef NO_FW_PUNCH - UninitPunchFW(la); + UninitPunchFW(la); #endif - LIST_REMOVE(la, instancelist); - free(la); + LIST_REMOVE(la, instancelist); + free(la); } /* Change mode for some operations */ unsigned int LibAliasSetMode( struct libalias *la, - unsigned int flags, /* Which state to bring flags to */ - unsigned int mask /* Mask of which flags to affect (use 0 to do a - probe for flag values) */ + unsigned int flags, /* Which state to bring flags to */ + unsigned int mask /* Mask of which flags to affect (use 0 to + * do a probe for flag values) */ ) { /* Enable logging? */ - if (flags & mask & PKT_ALIAS_LOG) - { - InitPacketAliasLog(la); /* Do the enable */ - } else + if (flags & mask & PKT_ALIAS_LOG) { + InitPacketAliasLog(la); /* Do the enable */ + } else /* _Disable_ logging? */ - if (~flags & mask & PKT_ALIAS_LOG) { - UninitPacketAliasLog(la); - } - + if (~flags & mask & PKT_ALIAS_LOG) { + UninitPacketAliasLog(la); + } #ifndef NO_FW_PUNCH /* Start punching holes in the firewall? */ - if (flags & mask & PKT_ALIAS_PUNCH_FW) { - InitPunchFW(la); - } else + if (flags & mask & PKT_ALIAS_PUNCH_FW) { + InitPunchFW(la); + } else /* Stop punching holes in the firewall? */ - if (~flags & mask & PKT_ALIAS_PUNCH_FW) { - UninitPunchFW(la); - } + if (~flags & mask & PKT_ALIAS_PUNCH_FW) { + UninitPunchFW(la); + } #endif /* Other flags can be set/cleared without special action */ - la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask); - return la->packetAliasMode; + la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask); + return la->packetAliasMode; } int LibAliasCheckNewLink(struct libalias *la) { - return la->newDefaultLink; + return la->newDefaultLink; } @@ -2603,7 +2470,7 @@ LibAliasCheckNewLink(struct libalias *la) ****************/ #ifndef IPFW2 -#define IPFW2 1 /* use new ipfw code */ +#define IPFW2 1 /* use new ipfw code */ #endif /* Firewall include files */ @@ -2612,18 +2479,18 @@ LibAliasCheckNewLink(struct libalias *la) #include #include -#if IPFW2 /* support for new firewall code */ +#if IPFW2 /* support for new firewall code */ /* * helper function, updates the pointer to cmd with the length * of the current command, and also cleans up the first word of * the new command in case it has been clobbered before. */ static ipfw_insn * -next_cmd(ipfw_insn *cmd) +next_cmd(ipfw_insn * cmd) { - cmd += F_LEN(cmd); - bzero(cmd, sizeof(*cmd)); - return cmd; + cmd += F_LEN(cmd); + bzero(cmd, sizeof(*cmd)); + return cmd; } /* @@ -2631,71 +2498,72 @@ next_cmd(ipfw_insn *cmd) * Existing flags are preserved. */ static ipfw_insn * -fill_cmd(ipfw_insn *cmd, enum ipfw_opcodes opcode, int size, - int flags, u_int16_t arg) +fill_cmd(ipfw_insn * cmd, enum ipfw_opcodes opcode, int size, + int flags, u_int16_t arg) { - cmd->opcode = opcode; - cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | (size & F_LEN_MASK); - cmd->arg1 = arg; - return next_cmd(cmd); + cmd->opcode = opcode; + cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | (size & F_LEN_MASK); + cmd->arg1 = arg; + return next_cmd(cmd); } static ipfw_insn * -fill_ip(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int32_t addr) +fill_ip(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int32_t addr) { - ipfw_insn_ip *cmd = (ipfw_insn_ip *)cmd1; + ipfw_insn_ip *cmd = (ipfw_insn_ip *) cmd1; - cmd->addr.s_addr = addr; - return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0); + cmd->addr.s_addr = addr; + return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0); } static ipfw_insn * -fill_one_port(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int16_t port) +fill_one_port(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int16_t port) { - ipfw_insn_u16 *cmd = (ipfw_insn_u16 *)cmd1; + ipfw_insn_u16 *cmd = (ipfw_insn_u16 *) cmd1; - cmd->ports[0] = cmd->ports[1] = port; - return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0); + cmd->ports[0] = cmd->ports[1] = port; + return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0); } static int fill_rule(void *buf, int bufsize, int rulenum, - enum ipfw_opcodes action, int proto, - struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp) + enum ipfw_opcodes action, int proto, + struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp) { - struct ip_fw *rule = (struct ip_fw *)buf; - ipfw_insn *cmd = (ipfw_insn *)rule->cmd; + struct ip_fw *rule = (struct ip_fw *)buf; + ipfw_insn *cmd = (ipfw_insn *) rule->cmd; - bzero(buf, bufsize); - rule->rulenum = rulenum; + bzero(buf, bufsize); + rule->rulenum = rulenum; - cmd = fill_cmd(cmd, O_PROTO, F_INSN_SIZE(ipfw_insn), 0, proto); - cmd = fill_ip(cmd, O_IP_SRC, sa.s_addr); - cmd = fill_one_port(cmd, O_IP_SRCPORT, sp); - cmd = fill_ip(cmd, O_IP_DST, da.s_addr); - cmd = fill_one_port(cmd, O_IP_DSTPORT, dp); + cmd = fill_cmd(cmd, O_PROTO, F_INSN_SIZE(ipfw_insn), 0, proto); + cmd = fill_ip(cmd, O_IP_SRC, sa.s_addr); + cmd = fill_one_port(cmd, O_IP_SRCPORT, sp); + cmd = fill_ip(cmd, O_IP_DST, da.s_addr); + cmd = fill_one_port(cmd, O_IP_DSTPORT, dp); - rule->act_ofs = (u_int32_t *)cmd - (u_int32_t *)rule->cmd; - cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0); + rule->act_ofs = (u_int32_t *) cmd - (u_int32_t *) rule->cmd; + cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0); - rule->cmd_len = (u_int32_t *)cmd - (u_int32_t *)rule->cmd; + rule->cmd_len = (u_int32_t *) cmd - (u_int32_t *) rule->cmd; - return ((char *)cmd - (char *)buf); + return ((char *)cmd - (char *)buf); } -#endif /* IPFW2 */ -static void ClearAllFWHoles(struct libalias *la); +#endif /* IPFW2 */ + +static void ClearAllFWHoles(struct libalias *la); #define fw_setfield(la, field, num) \ do { \ (field)[(num) - la->fireWallBaseNum] = 1; \ -} /*lint -save -e717 */ while(0) /*lint -restore */ +} /*lint -save -e717 */ while(0)/* lint -restore */ #define fw_clrfield(la, field, num) \ do { \ (field)[(num) - la->fireWallBaseNum] = 0; \ -} /*lint -save -e717 */ while(0) /*lint -restore */ +} /*lint -save -e717 */ while(0)/* lint -restore */ #define fw_tstfield(la, field, num) ((field)[(num) - la->fireWallBaseNum]) @@ -2703,143 +2571,143 @@ static void InitPunchFW(struct libalias *la) { - la->fireWallField = malloc(la->fireWallNumNums); - if (la->fireWallField) { - memset(la->fireWallField, 0, la->fireWallNumNums); - if (la->fireWallFD < 0) { - la->fireWallFD = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); - } - ClearAllFWHoles(la); - la->fireWallActiveNum = la->fireWallBaseNum; - } + la->fireWallField = malloc(la->fireWallNumNums); + if (la->fireWallField) { + memset(la->fireWallField, 0, la->fireWallNumNums); + if (la->fireWallFD < 0) { + la->fireWallFD = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); + } + ClearAllFWHoles(la); + la->fireWallActiveNum = la->fireWallBaseNum; + } } static void UninitPunchFW(struct libalias *la) { - ClearAllFWHoles(la); - if (la->fireWallFD >= 0) - close(la->fireWallFD); - la->fireWallFD = -1; - if (la->fireWallField) - free(la->fireWallField); - la->fireWallField = NULL; - la->packetAliasMode &= ~PKT_ALIAS_PUNCH_FW; + ClearAllFWHoles(la); + if (la->fireWallFD >= 0) + close(la->fireWallFD); + la->fireWallFD = -1; + if (la->fireWallField) + free(la->fireWallField); + la->fireWallField = NULL; + la->packetAliasMode &= ~PKT_ALIAS_PUNCH_FW; } /* Make a certain link go through the firewall */ void PunchFWHole(struct alias_link *link) { - struct libalias *la; - int r; /* Result code */ - struct ip_fw rule; /* On-the-fly built rule */ - int fwhole; /* Where to punch hole */ + struct libalias *la; + int r; /* Result code */ + struct ip_fw rule; /* On-the-fly built rule */ + int fwhole; /* Where to punch hole */ - la = link->la; + la = link->la; /* Don't do anything unless we are asked to */ - if ( !(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) || - la->fireWallFD < 0 || - link->link_type != LINK_TCP) - return; + if (!(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) || + la->fireWallFD < 0 || + link->link_type != LINK_TCP) + return; - memset(&rule, 0, sizeof rule); + memset(&rule, 0, sizeof rule); /** Build rule **/ - /* Find empty slot */ - for (fwhole = la->fireWallActiveNum; - fwhole < la->fireWallBaseNum + la->fireWallNumNums && - fw_tstfield(la, la->fireWallField, fwhole); - fwhole++) - ; - if (fwhole == la->fireWallBaseNum + la->fireWallNumNums) { - for (fwhole = la->fireWallBaseNum; - fwhole < la->fireWallActiveNum && - fw_tstfield(la, la->fireWallField, fwhole); - fwhole++) - ; - if (fwhole == la->fireWallActiveNum) { - /* No rule point empty - we can't punch more holes. */ - la->fireWallActiveNum = la->fireWallBaseNum; + /* Find empty slot */ + for (fwhole = la->fireWallActiveNum; + fwhole < la->fireWallBaseNum + la->fireWallNumNums && + fw_tstfield(la, la->fireWallField, fwhole); + fwhole++); + if (fwhole == la->fireWallBaseNum + la->fireWallNumNums) { + for (fwhole = la->fireWallBaseNum; + fwhole < la->fireWallActiveNum && + fw_tstfield(la, la->fireWallField, fwhole); + fwhole++); + if (fwhole == la->fireWallActiveNum) { + /* No rule point empty - we can't punch more holes. */ + la->fireWallActiveNum = la->fireWallBaseNum; #ifdef DEBUG - fprintf(stderr, "libalias: Unable to create firewall hole!\n"); + fprintf(stderr, "libalias: Unable to create firewall hole!\n"); #endif - return; - } - } - /* Start next search at next position */ - la->fireWallActiveNum = fwhole+1; + return; + } + } + /* Start next search at next position */ + la->fireWallActiveNum = fwhole + 1; - /* - * generate two rules of the form - * - * add fwhole accept tcp from OAddr OPort to DAddr DPort - * add fwhole accept tcp from DAddr DPort to OAddr OPort - */ + /* + * generate two rules of the form + * + * add fwhole accept tcp from OAddr OPort to DAddr DPort add fwhole + * accept tcp from DAddr DPort to OAddr OPort + */ #if IPFW2 - if (GetOriginalPort(link) != 0 && GetDestPort(link) != 0) { - u_int32_t rulebuf[255]; - int i; + if (GetOriginalPort(link) != 0 && GetDestPort(link) != 0) { + u_int32_t rulebuf[255]; + int i; - i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, - O_ACCEPT, IPPROTO_TCP, - GetOriginalAddress(link), ntohs(GetOriginalPort(link)), - GetDestAddress(link), ntohs(GetDestPort(link)) ); - r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); - if (r) - err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); + i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, + O_ACCEPT, IPPROTO_TCP, + GetOriginalAddress(link), ntohs(GetOriginalPort(link)), + GetDestAddress(link), ntohs(GetDestPort(link))); + r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); + if (r) + err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); - i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, - O_ACCEPT, IPPROTO_TCP, - GetDestAddress(link), ntohs(GetDestPort(link)), - GetOriginalAddress(link), ntohs(GetOriginalPort(link)) ); - r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); - if (r) - err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); - } -#else /* !IPFW2, old code to generate ipfw rule */ + i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, + O_ACCEPT, IPPROTO_TCP, + GetDestAddress(link), ntohs(GetDestPort(link)), + GetOriginalAddress(link), ntohs(GetOriginalPort(link))); + r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); + if (r) + err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); + } +#else /* !IPFW2, old code to generate ipfw rule */ - /* Build generic part of the two rules */ - rule.fw_number = fwhole; - IP_FW_SETNSRCP(&rule, 1); /* Number of source ports. */ - IP_FW_SETNDSTP(&rule, 1); /* Number of destination ports. */ - rule.fw_flg = IP_FW_F_ACCEPT | IP_FW_F_IN | IP_FW_F_OUT; - rule.fw_prot = IPPROTO_TCP; - rule.fw_smsk.s_addr = INADDR_BROADCAST; - rule.fw_dmsk.s_addr = INADDR_BROADCAST; + /* Build generic part of the two rules */ + rule.fw_number = fwhole; + IP_FW_SETNSRCP(&rule, 1); /* Number of source ports. */ + IP_FW_SETNDSTP(&rule, 1); /* Number of destination ports. */ + rule.fw_flg = IP_FW_F_ACCEPT | IP_FW_F_IN | IP_FW_F_OUT; + rule.fw_prot = IPPROTO_TCP; + rule.fw_smsk.s_addr = INADDR_BROADCAST; + rule.fw_dmsk.s_addr = INADDR_BROADCAST; - /* Build and apply specific part of the rules */ - rule.fw_src = GetOriginalAddress(link); - rule.fw_dst = GetDestAddress(link); - rule.fw_uar.fw_pts[0] = ntohs(GetOriginalPort(link)); - rule.fw_uar.fw_pts[1] = ntohs(GetDestPort(link)); + /* Build and apply specific part of the rules */ + rule.fw_src = GetOriginalAddress(link); + rule.fw_dst = GetDestAddress(link); + rule.fw_uar.fw_pts[0] = ntohs(GetOriginalPort(link)); + rule.fw_uar.fw_pts[1] = ntohs(GetDestPort(link)); - /* Skip non-bound links - XXX should not be strictly necessary, - but seems to leave hole if not done. Leak of non-bound links? - (Code should be left even if the problem is fixed - it is a - clear optimization) */ - if (rule.fw_uar.fw_pts[0] != 0 && rule.fw_uar.fw_pts[1] != 0) { - r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); + /* + * Skip non-bound links - XXX should not be strictly necessary, but + * seems to leave hole if not done. Leak of non-bound links? (Code + * should be left even if the problem is fixed - it is a clear + * optimization) + */ + if (rule.fw_uar.fw_pts[0] != 0 && rule.fw_uar.fw_pts[1] != 0) { + r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); #ifdef DEBUG - if (r) - err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); + if (r) + err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); #endif - rule.fw_src = GetDestAddress(link); - rule.fw_dst = GetOriginalAddress(link); - rule.fw_uar.fw_pts[0] = ntohs(GetDestPort(link)); - rule.fw_uar.fw_pts[1] = ntohs(GetOriginalPort(link)); - r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); + rule.fw_src = GetDestAddress(link); + rule.fw_dst = GetOriginalAddress(link); + rule.fw_uar.fw_pts[0] = ntohs(GetDestPort(link)); + rule.fw_uar.fw_pts[1] = ntohs(GetOriginalPort(link)); + r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); #ifdef DEBUG - if (r) - err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); + if (r) + err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); #endif - } -#endif /* !IPFW2 */ + } +#endif /* !IPFW2 */ /* Indicate hole applied */ - link->data.tcp->fwhole = fwhole; - fw_setfield(la, la->fireWallField, fwhole); + link->data.tcp->fwhole = fwhole; + fw_setfield(la, la->fireWallField, fwhole); } /* Remove a hole in a firewall associated with a particular alias @@ -2848,67 +2716,69 @@ static void ClearFWHole(struct alias_link *link) { - struct libalias *la; + struct libalias *la; - la = link->la; - if (link->link_type == LINK_TCP) { - int fwhole = link->data.tcp->fwhole; /* Where is the firewall hole? */ - struct ip_fw rule; + la = link->la; + if (link->link_type == LINK_TCP) { + int fwhole = link->data.tcp->fwhole; /* Where is the firewall + * hole? */ + struct ip_fw rule; - if (fwhole < 0) - return; + if (fwhole < 0) + return; - memset(&rule, 0, sizeof rule); /* useless for ipfw2 */ + memset(&rule, 0, sizeof rule); /* useless for ipfw2 */ #if IPFW2 - while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, - &fwhole, sizeof fwhole)) - ; -#else /* !IPFW2 */ - rule.fw_number = fwhole; - while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, - &rule, sizeof rule)) - ; -#endif /* !IPFW2 */ - fw_clrfield(la, la->fireWallField, fwhole); - link->data.tcp->fwhole = -1; - } + while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, + &fwhole, sizeof fwhole)); +#else /* !IPFW2 */ + rule.fw_number = fwhole; + while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, + &rule, sizeof rule)); +#endif /* !IPFW2 */ + fw_clrfield(la, la->fireWallField, fwhole); + link->data.tcp->fwhole = -1; + } } /* Clear out the entire range dedicated to firewall holes. */ static void -ClearAllFWHoles(struct libalias *la) { - struct ip_fw rule; /* On-the-fly built rule */ - int i; +ClearAllFWHoles(struct libalias *la) +{ + struct ip_fw rule; /* On-the-fly built rule */ + int i; - if (la->fireWallFD < 0) - return; + if (la->fireWallFD < 0) + return; - memset(&rule, 0, sizeof rule); - for (i = la->fireWallBaseNum; i < la->fireWallBaseNum + la->fireWallNumNums; i++) { + memset(&rule, 0, sizeof rule); + for (i = la->fireWallBaseNum; i < la->fireWallBaseNum + la->fireWallNumNums; i++) { #if IPFW2 - int r = i; - while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r, sizeof r)) - ; -#else /* !IPFW2 */ - rule.fw_number = i; - while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule)) - ; -#endif /* !IPFW2 */ - } - /* XXX: third arg correct here ? /phk */ - memset(la->fireWallField, 0, la->fireWallNumNums); + int r = i; + + while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r, sizeof r)); +#else /* !IPFW2 */ + rule.fw_number = i; + while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule)); +#endif /* !IPFW2 */ + } + /* XXX: third arg correct here ? /phk */ + memset(la->fireWallField, 0, la->fireWallNumNums); } + #endif void -LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num) { +LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num) +{ #ifndef NO_FW_PUNCH - la->fireWallBaseNum = base; - la->fireWallNumNums = num; + la->fireWallBaseNum = base; + la->fireWallNumNums = num; #endif } void -LibAliasSetSkinnyPort(struct libalias *la, unsigned int port) { - la->skinnyPort = port; +LibAliasSetSkinnyPort(struct libalias *la, unsigned int port) +{ + la->skinnyPort = port; } diff --git a/lib/libalias/alias_ftp.c b/lib/libalias/alias_ftp.c index 08693a7d0a89..91d49525bc75 100644 --- a/lib/libalias/alias_ftp.c +++ b/lib/libalias/alias_ftp.c @@ -87,495 +87,589 @@ __FBSDID("$FreeBSD$"); #define WAIT_CRLF 0x01 enum ftp_message_type { - FTP_PORT_COMMAND, - FTP_EPRT_COMMAND, - FTP_227_REPLY, - FTP_229_REPLY, - FTP_UNKNOWN_MESSAGE + FTP_PORT_COMMAND, + FTP_EPRT_COMMAND, + FTP_227_REPLY, + FTP_229_REPLY, + FTP_UNKNOWN_MESSAGE }; -static int ParseFtpPortCommand(struct libalias *la, char *, int); -static int ParseFtpEprtCommand(struct libalias *la, char *, int); -static int ParseFtp227Reply(struct libalias *la, char *, int); -static int ParseFtp229Reply(struct libalias *la, char *, int); -static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int); +static int ParseFtpPortCommand(struct libalias *la, char *, int); +static int ParseFtpEprtCommand(struct libalias *la, char *, int); +static int ParseFtp227Reply(struct libalias *la, char *, int); +static int ParseFtp229Reply(struct libalias *la, char *, int); +static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int); void AliasHandleFtpOut( -struct libalias *la, -struct ip *pip, /* IP packet to examine/patch */ -struct alias_link *link, /* The link to go through (aliased port) */ -int maxpacketsize /* The maximum size this packet can grow to (including headers) */) + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link, /* The link to go through (aliased port) */ + int maxpacketsize /* The maximum size this packet can grow to + (including headers) */ ) { - int hlen, tlen, dlen, pflags; - char *sptr; - struct tcphdr *tc; - int ftp_message_type; + int hlen, tlen, dlen, pflags; + char *sptr; + struct tcphdr *tc; + int ftp_message_type; /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; /* Place string pointer and beginning of data */ - sptr = (char *) pip; - sptr += hlen; + sptr = (char *)pip; + sptr += hlen; /* * Check that data length is not too long and previous message was * properly terminated with CRLF. */ - pflags = GetProtocolFlags(link); - if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) { - ftp_message_type = FTP_UNKNOWN_MESSAGE; + pflags = GetProtocolFlags(link); + if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) { + ftp_message_type = FTP_UNKNOWN_MESSAGE; - if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) { + if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) { /* * When aliasing a client, check for the PORT/EPRT command. */ - if (ParseFtpPortCommand(la, sptr, dlen)) - ftp_message_type = FTP_PORT_COMMAND; - else if (ParseFtpEprtCommand(la, sptr, dlen)) - ftp_message_type = FTP_EPRT_COMMAND; - } else { + if (ParseFtpPortCommand(la, sptr, dlen)) + ftp_message_type = FTP_PORT_COMMAND; + else if (ParseFtpEprtCommand(la, sptr, dlen)) + ftp_message_type = FTP_EPRT_COMMAND; + } else { /* * When aliasing a server, check for the 227/229 reply. */ - if (ParseFtp227Reply(la, sptr, dlen)) - ftp_message_type = FTP_227_REPLY; - else if (ParseFtp229Reply(la, sptr, dlen)) { - ftp_message_type = FTP_229_REPLY; - la->true_addr.s_addr = pip->ip_src.s_addr; - } + if (ParseFtp227Reply(la, sptr, dlen)) + ftp_message_type = FTP_227_REPLY; + else if (ParseFtp229Reply(la, sptr, dlen)) { + ftp_message_type = FTP_229_REPLY; + la->true_addr.s_addr = pip->ip_src.s_addr; + } + } + + if (ftp_message_type != FTP_UNKNOWN_MESSAGE) + NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type); } - - if (ftp_message_type != FTP_UNKNOWN_MESSAGE) - NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type); - } - /* Track the msgs which are CRLF term'd for PORT/PASV FW breach */ - if (dlen) { /* only if there's data */ - sptr = (char *) pip; /* start over at beginning */ - tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */ - if (sptr[tlen-2] == '\r' && sptr[tlen-1] == '\n') - pflags &= ~WAIT_CRLF; - else - pflags |= WAIT_CRLF; - SetProtocolFlags(link, pflags); - } + if (dlen) { /* only if there's data */ + sptr = (char *)pip; /* start over at beginning */ + tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may + * have grown */ + if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n') + pflags &= ~WAIT_CRLF; + else + pflags |= WAIT_CRLF; + SetProtocolFlags(link, pflags); + } } static int ParseFtpPortCommand(struct libalias *la, char *sptr, int dlen) { - char ch; - int i, state; - u_int32_t addr; - u_short port; - u_int8_t octet; + char ch; + int i, state; + u_int32_t addr; + u_short port; + u_int8_t octet; - /* Format: "PORT A,D,D,R,PO,RT". */ + /* Format: "PORT A,D,D,R,PO,RT". */ - /* Return if data length is too short. */ - if (dlen < 18) - return 0; - - addr = port = octet = 0; - state = -4; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) { - case -4: if (ch == 'P') state++; else return 0; break; - case -3: if (ch == 'O') state++; else return 0; break; - case -2: if (ch == 'R') state++; else return 0; break; - case -1: if (ch == 'T') state++; else return 0; break; - - case 0: - if (isspace(ch)) - break; - else - state++; - case 1: case 3: case 5: case 7: case 9: case 11: - if (isdigit(ch)) { - octet = ch - '0'; - state++; - } else + /* Return if data length is too short. */ + if (dlen < 18) return 0; - break; - case 2: case 4: case 6: case 8: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',') { - addr = (addr << 8) + octet; - state++; - } else - return 0; - break; - case 10: case 12: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',' || state == 12) { - port = (port << 8) + octet; - state++; - } else - return 0; - break; + + addr = port = octet = 0; + state = -4; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -4: + if (ch == 'P') + state++; + else + return 0; + break; + case -3: + if (ch == 'O') + state++; + else + return 0; + break; + case -2: + if (ch == 'R') + state++; + else + return 0; + break; + case -1: + if (ch == 'T') + state++; + else + return 0; + break; + + case 0: + if (isspace(ch)) + break; + else + state++; + case 1: + case 3: + case 5: + case 7: + case 9: + case 11: + if (isdigit(ch)) { + octet = ch - '0'; + state++; + } else + return 0; + break; + case 2: + case 4: + case 6: + case 8: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',') { + addr = (addr << 8) + octet; + state++; + } else + return 0; + break; + case 10: + case 12: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',' || state == 12) { + port = (port << 8) + octet; + state++; + } else + return 0; + break; + } } - } - if (state == 13) { - la->true_addr.s_addr = htonl(addr); - la->true_port = port; - return 1; - } else - return 0; + if (state == 13) { + la->true_addr.s_addr = htonl(addr); + la->true_port = port; + return 1; + } else + return 0; } static int ParseFtpEprtCommand(struct libalias *la, char *sptr, int dlen) { - char ch, delim; - int i, state; - u_int32_t addr; - u_short port; - u_int8_t octet; + char ch, delim; + int i, state; + u_int32_t addr; + u_short port; + u_int8_t octet; - /* Format: "EPRT |1|A.D.D.R|PORT|". */ + /* Format: "EPRT |1|A.D.D.R|PORT|". */ - /* Return if data length is too short. */ - if (dlen < 18) - return 0; + /* Return if data length is too short. */ + if (dlen < 18) + return 0; - addr = port = octet = 0; - delim = '|'; /* XXX gcc -Wuninitialized */ - state = -4; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) - { - case -4: if (ch == 'E') state++; else return 0; break; - case -3: if (ch == 'P') state++; else return 0; break; - case -2: if (ch == 'R') state++; else return 0; break; - case -1: if (ch == 'T') state++; else return 0; break; + addr = port = octet = 0; + delim = '|'; /* XXX gcc -Wuninitialized */ + state = -4; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -4: + if (ch == 'E') + state++; + else + return 0; + break; + case -3: + if (ch == 'P') + state++; + else + return 0; + break; + case -2: + if (ch == 'R') + state++; + else + return 0; + break; + case -1: + if (ch == 'T') + state++; + else + return 0; + break; - case 0: - if (!isspace(ch)) { - delim = ch; - state++; - } - break; - case 1: - if (ch == '1') /* IPv4 address */ - state++; - else - return 0; - break; - case 2: - if (ch == delim) - state++; - else - return 0; - break; - case 3: case 5: case 7: case 9: - if (isdigit(ch)) { - octet = ch - '0'; - state++; - } else - return 0; - break; - case 4: case 6: case 8: case 10: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == '.' || state == 10) { - addr = (addr << 8) + octet; - state++; - } else - return 0; - break; - case 11: - if (isdigit(ch)) { - port = ch - '0'; - state++; - } else - return 0; - break; - case 12: - if (isdigit(ch)) - port = 10 * port + ch - '0'; - else if (ch == delim) - state++; - else - return 0; - break; + case 0: + if (!isspace(ch)) { + delim = ch; + state++; + } + break; + case 1: + if (ch == '1') /* IPv4 address */ + state++; + else + return 0; + break; + case 2: + if (ch == delim) + state++; + else + return 0; + break; + case 3: + case 5: + case 7: + case 9: + if (isdigit(ch)) { + octet = ch - '0'; + state++; + } else + return 0; + break; + case 4: + case 6: + case 8: + case 10: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == '.' || state == 10) { + addr = (addr << 8) + octet; + state++; + } else + return 0; + break; + case 11: + if (isdigit(ch)) { + port = ch - '0'; + state++; + } else + return 0; + break; + case 12: + if (isdigit(ch)) + port = 10 * port + ch - '0'; + else if (ch == delim) + state++; + else + return 0; + break; + } } - } - if (state == 13) { - la->true_addr.s_addr = htonl(addr); - la->true_port = port; - return 1; - } else - return 0; + if (state == 13) { + la->true_addr.s_addr = htonl(addr); + la->true_port = port; + return 1; + } else + return 0; } static int ParseFtp227Reply(struct libalias *la, char *sptr, int dlen) { - char ch; - int i, state; - u_int32_t addr; - u_short port; - u_int8_t octet; + char ch; + int i, state; + u_int32_t addr; + u_short port; + u_int8_t octet; - /* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */ + /* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */ - /* Return if data length is too short. */ - if (dlen < 17) - return 0; - - addr = port = octet = 0; - - state = -3; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) - { - case -3: if (ch == '2') state++; else return 0; break; - case -2: if (ch == '2') state++; else return 0; break; - case -1: if (ch == '7') state++; else return 0; break; - - case 0: - if (ch == '(') - state++; - break; - case 1: case 3: case 5: case 7: case 9: case 11: - if (isdigit(ch)) { - octet = ch - '0'; - state++; - } else + /* Return if data length is too short. */ + if (dlen < 17) return 0; - break; - case 2: case 4: case 6: case 8: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',') { - addr = (addr << 8) + octet; - state++; - } else - return 0; - break; - case 10: case 12: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',' || (state == 12 && ch == ')')) { - port = (port << 8) + octet; - state++; - } else - return 0; - break; + + addr = port = octet = 0; + + state = -3; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -3: + if (ch == '2') + state++; + else + return 0; + break; + case -2: + if (ch == '2') + state++; + else + return 0; + break; + case -1: + if (ch == '7') + state++; + else + return 0; + break; + + case 0: + if (ch == '(') + state++; + break; + case 1: + case 3: + case 5: + case 7: + case 9: + case 11: + if (isdigit(ch)) { + octet = ch - '0'; + state++; + } else + return 0; + break; + case 2: + case 4: + case 6: + case 8: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',') { + addr = (addr << 8) + octet; + state++; + } else + return 0; + break; + case 10: + case 12: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',' || (state == 12 && ch == ')')) { + port = (port << 8) + octet; + state++; + } else + return 0; + break; + } } - } - if (state == 13) { - la->true_port = port; - la->true_addr.s_addr = htonl(addr); - return 1; - } else - return 0; + if (state == 13) { + la->true_port = port; + la->true_addr.s_addr = htonl(addr); + return 1; + } else + return 0; } static int ParseFtp229Reply(struct libalias *la, char *sptr, int dlen) { - char ch, delim; - int i, state; - u_short port; + char ch, delim; + int i, state; + u_short port; - /* Format: "229 Entering Extended Passive Mode (|||PORT|)" */ + /* Format: "229 Entering Extended Passive Mode (|||PORT|)" */ - /* Return if data length is too short. */ - if (dlen < 11) - return 0; - - port = 0; - delim = '|'; /* XXX gcc -Wuninitialized */ - - state = -3; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) - { - case -3: if (ch == '2') state++; else return 0; break; - case -2: if (ch == '2') state++; else return 0; break; - case -1: if (ch == '9') state++; else return 0; break; - - case 0: - if (ch == '(') - state++; - break; - case 1: - delim = ch; - state++; - break; - case 2: case 3: - if (ch == delim) - state++; - else + /* Return if data length is too short. */ + if (dlen < 11) return 0; - break; - case 4: - if (isdigit(ch)) { - port = ch - '0'; - state++; - } else - return 0; - break; - case 5: - if (isdigit(ch)) - port = 10 * port + ch - '0'; - else if (ch == delim) - state++; - else - return 0; - break; - case 6: - if (ch == ')') - state++; - else - return 0; - break; + + port = 0; + delim = '|'; /* XXX gcc -Wuninitialized */ + + state = -3; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -3: + if (ch == '2') + state++; + else + return 0; + break; + case -2: + if (ch == '2') + state++; + else + return 0; + break; + case -1: + if (ch == '9') + state++; + else + return 0; + break; + + case 0: + if (ch == '(') + state++; + break; + case 1: + delim = ch; + state++; + break; + case 2: + case 3: + if (ch == delim) + state++; + else + return 0; + break; + case 4: + if (isdigit(ch)) { + port = ch - '0'; + state++; + } else + return 0; + break; + case 5: + if (isdigit(ch)) + port = 10 * port + ch - '0'; + else if (ch == delim) + state++; + else + return 0; + break; + case 6: + if (ch == ')') + state++; + else + return 0; + break; + } } - } - if (state == 7) { - la->true_port = port; - return 1; - } else - return 0; + if (state == 7) { + la->true_port = port; + return 1; + } else + return 0; } static void NewFtpMessage(struct libalias *la, struct ip *pip, - struct alias_link *link, - int maxpacketsize, - int ftp_message_type) + struct alias_link *link, + int maxpacketsize, + int ftp_message_type) { - struct alias_link *ftp_link; + struct alias_link *ftp_link; /* Security checks. */ - if (pip->ip_src.s_addr != la->true_addr.s_addr) - return; + if (pip->ip_src.s_addr != la->true_addr.s_addr) + return; - if (la->true_port < IPPORT_RESERVED) - return; + if (la->true_port < IPPORT_RESERVED) + return; /* Establish link to address and port found in FTP control message. */ - ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link), - htons(la->true_port), 0, IPPROTO_TCP, 1); + ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link), + htons(la->true_port), 0, IPPROTO_TCP, 1); - if (ftp_link != NULL) - { - int slen, hlen, tlen, dlen; - struct tcphdr *tc; + if (ftp_link != NULL) { + int slen, hlen, tlen, dlen; + struct tcphdr *tc; #ifndef NO_FW_PUNCH - /* Punch hole in firewall */ - PunchFWHole(ftp_link); + /* Punch hole in firewall */ + PunchFWHole(ftp_link); #endif /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; /* Create new FTP message. */ - { - char stemp[MAX_MESSAGE_SIZE + 1]; - char *sptr; - u_short alias_port; - u_char *ptr; - int a1, a2, a3, a4, p1, p2; - struct in_addr alias_address; + { + char stemp[MAX_MESSAGE_SIZE + 1]; + char *sptr; + u_short alias_port; + u_char *ptr; + int a1, a2, a3, a4, p1, p2; + struct in_addr alias_address; /* Decompose alias address into quad format */ - alias_address = GetAliasAddress(link); - ptr = (u_char *) &alias_address.s_addr; - a1 = *ptr++; a2=*ptr++; a3=*ptr++; a4=*ptr; + alias_address = GetAliasAddress(link); + ptr = (u_char *) & alias_address.s_addr; + a1 = *ptr++; + a2 = *ptr++; + a3 = *ptr++; + a4 = *ptr; - alias_port = GetAliasPort(ftp_link); + alias_port = GetAliasPort(ftp_link); - switch (ftp_message_type) - { - case FTP_PORT_COMMAND: - case FTP_227_REPLY: - /* Decompose alias port into pair format. */ - ptr = (char *) &alias_port; - p1 = *ptr++; p2=*ptr; + switch (ftp_message_type) { + case FTP_PORT_COMMAND: + case FTP_227_REPLY: + /* Decompose alias port into pair format. */ + ptr = (char *)&alias_port; + p1 = *ptr++; + p2 = *ptr; - if (ftp_message_type == FTP_PORT_COMMAND) { - /* Generate PORT command string. */ - sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n", - a1,a2,a3,a4,p1,p2); - } else { - /* Generate 227 reply string. */ - sprintf(stemp, - "227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n", - a1,a2,a3,a4,p1,p2); - } - break; - case FTP_EPRT_COMMAND: - /* Generate EPRT command string. */ - sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n", - a1,a2,a3,a4,ntohs(alias_port)); - break; - case FTP_229_REPLY: - /* Generate 229 reply string. */ - sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n", - ntohs(alias_port)); - break; - } + if (ftp_message_type == FTP_PORT_COMMAND) { + /* Generate PORT command string. */ + sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n", + a1, a2, a3, a4, p1, p2); + } else { + /* Generate 227 reply string. */ + sprintf(stemp, + "227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n", + a1, a2, a3, a4, p1, p2); + } + break; + case FTP_EPRT_COMMAND: + /* Generate EPRT command string. */ + sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n", + a1, a2, a3, a4, ntohs(alias_port)); + break; + case FTP_229_REPLY: + /* Generate 229 reply string. */ + sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n", + ntohs(alias_port)); + break; + } /* Save string length for IP header modification */ - slen = strlen(stemp); + slen = strlen(stemp); /* Copy modified buffer into IP packet. */ - sptr = (char *) pip; sptr += hlen; - strncpy(sptr, stemp, maxpacketsize-hlen); - } + sptr = (char *)pip; + sptr += hlen; + strncpy(sptr, stemp, maxpacketsize - hlen); + } /* Save information regarding modified seq and ack numbers */ - { - int delta; + { + int delta; - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta+slen-dlen); - } + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + slen - dlen); + } /* Revise IP header */ - { - u_short new_len; + { + u_short new_len; - new_len = htons(hlen + slen); - DifferentialChecksum(&pip->ip_sum, - &new_len, - &pip->ip_len, - 1); - pip->ip_len = new_len; - } + new_len = htons(hlen + slen); + DifferentialChecksum(&pip->ip_sum, + &new_len, + &pip->ip_len, + 1); + pip->ip_len = new_len; + } /* Compute TCP checksum for revised packet */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); - } - else - { + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); + } else { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n"); + fprintf(stderr, + "PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n"); #endif - } + } } diff --git a/lib/libalias/alias_irc.c b/lib/libalias/alias_irc.c index 3b2ff9229e59..5785e54a7594 100644 --- a/lib/libalias/alias_irc.c +++ b/lib/libalias/alias_irc.c @@ -65,277 +65,305 @@ __FBSDID("$FreeBSD$"); void -AliasHandleIrcOut(struct libalias *la, - struct ip *pip, /* IP packet to examine */ - struct alias_link *link, /* Which link are we on? */ - int maxsize /* Maximum size of IP packet including headers */ - ) +AliasHandleIrcOut(struct libalias *la, + struct ip *pip, /* IP packet to examine */ + struct alias_link *link, /* Which link are we on? */ + int maxsize /* Maximum size of IP packet including + * headers */ +) { - int hlen, tlen, dlen; - struct in_addr true_addr; - u_short true_port; - char *sptr; - struct tcphdr *tc; - int i; /* Iterator through the source */ + int hlen, tlen, dlen; + struct in_addr true_addr; + u_short true_port; + char *sptr; + struct tcphdr *tc; + int i; /* Iterator through the source */ /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - /* Return if data length is too short - assume an entire PRIVMSG in each packet. */ - if (dlen= dlen || iCopy >= sizeof(newpacket) ) - goto lPACKET_DONE; - newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start character */ - /* Start of a CTCP */ - if( i+4 >= dlen ) /* Too short for DCC */ - goto lBAD_CTCP; - if( sptr[i+0] != 'D' ) - goto lBAD_CTCP; - if( sptr[i+1] != 'C' ) - goto lBAD_CTCP; - if( sptr[i+2] != 'C' ) - goto lBAD_CTCP; - if( sptr[i+3] != ' ' ) - goto lBAD_CTCP; - /* We have a DCC command - handle it! */ - i+= 4; /* Skip "DCC " */ - if( iCopy+4 > sizeof(newpacket) ) - goto lPACKET_DONE; - newpacket[iCopy++] = 'D'; - newpacket[iCopy++] = 'C'; - newpacket[iCopy++] = 'C'; - newpacket[iCopy++] = ' '; + { + char newpacket[65536]; /* Estimate of maximum packet size + * :) */ + int copyat = i; /* Same */ + int iCopy = 0; /* How much data have we written to + * copy-back string? */ + unsigned long org_addr; /* Original IP address */ + unsigned short org_port; /* Original source port + * address */ - DBprintf(("Found DCC\n")); - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway */ - while(sptr[i] == ' ') { - if( ++i >= dlen) { - DBprintf(("DCC packet terminated in just spaces\n")); - goto lPACKET_DONE; - } - } +lCTCP_START: + if (i >= dlen || iCopy >= sizeof(newpacket)) + goto lPACKET_DONE; + newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start + * character */ + /* Start of a CTCP */ + if (i + 4 >= dlen) /* Too short for DCC */ + goto lBAD_CTCP; + if (sptr[i + 0] != 'D') + goto lBAD_CTCP; + if (sptr[i + 1] != 'C') + goto lBAD_CTCP; + if (sptr[i + 2] != 'C') + goto lBAD_CTCP; + if (sptr[i + 3] != ' ') + goto lBAD_CTCP; + /* We have a DCC command - handle it! */ + i += 4; /* Skip "DCC " */ + if (iCopy + 4 > sizeof(newpacket)) + goto lPACKET_DONE; + newpacket[iCopy++] = 'D'; + newpacket[iCopy++] = 'C'; + newpacket[iCopy++] = 'C'; + newpacket[iCopy++] = ' '; - DBprintf(("Transferring command...\n")); - while(sptr[i] != ' ') { - newpacket[iCopy++] = sptr[i]; - if( ++i >= dlen || iCopy >= sizeof(newpacket) ) { - DBprintf(("DCC packet terminated during command\n")); - goto lPACKET_DONE; - } - } - /* Copy _one_ space */ - if( i+1 < dlen && iCopy < sizeof(newpacket) ) - newpacket[iCopy++] = sptr[i++]; + DBprintf(("Found DCC\n")); + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("DCC packet terminated in just spaces\n")); + goto lPACKET_DONE; + } + } - DBprintf(("Done command - removing spaces\n")); - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway */ - while(sptr[i] == ' ') { - if( ++i >= dlen ) { - DBprintf(("DCC packet terminated in just spaces (post-command)\n")); - goto lPACKET_DONE; - } - } + DBprintf(("Transferring command...\n")); + while (sptr[i] != ' ') { + newpacket[iCopy++] = sptr[i]; + if (++i >= dlen || iCopy >= sizeof(newpacket)) { + DBprintf(("DCC packet terminated during command\n")); + goto lPACKET_DONE; + } + } + /* Copy _one_ space */ + if (i + 1 < dlen && iCopy < sizeof(newpacket)) + newpacket[iCopy++] = sptr[i++]; - DBprintf(("Transferring filename...\n")); - while(sptr[i] != ' ') { - newpacket[iCopy++] = sptr[i]; - if( ++i >= dlen || iCopy >= sizeof(newpacket) ) { - DBprintf(("DCC packet terminated during filename\n")); - goto lPACKET_DONE; - } - } - /* Copy _one_ space */ - if( i+1 < dlen && iCopy < sizeof(newpacket) ) - newpacket[iCopy++] = sptr[i++]; + DBprintf(("Done command - removing spaces\n")); + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("DCC packet terminated in just spaces (post-command)\n")); + goto lPACKET_DONE; + } + } - DBprintf(("Done filename - removing spaces\n")); - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway */ - while(sptr[i] == ' ') { - if( ++i >= dlen ) { - DBprintf(("DCC packet terminated in just spaces (post-filename)\n")); - goto lPACKET_DONE; - } - } + DBprintf(("Transferring filename...\n")); + while (sptr[i] != ' ') { + newpacket[iCopy++] = sptr[i]; + if (++i >= dlen || iCopy >= sizeof(newpacket)) { + DBprintf(("DCC packet terminated during filename\n")); + goto lPACKET_DONE; + } + } + /* Copy _one_ space */ + if (i + 1 < dlen && iCopy < sizeof(newpacket)) + newpacket[iCopy++] = sptr[i++]; - DBprintf(("Fetching IP address\n")); - /* Fetch IP address */ - org_addr = 0; - while(i ULONG_MAX/10UL ) { /* Terminate on overflow */ - DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i])); - goto lBAD_CTCP; - } - org_addr *= 10; - org_addr += sptr[i++]-'0'; - } - DBprintf(("Skipping space\n")); - if( i+1 >= dlen || sptr[i] != ' ' ) { - DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i+1, dlen, sptr[i])); - goto lBAD_CTCP; - } - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway, so we might - as well play it safe */ - while(sptr[i] == ' ') { - if( ++i >= dlen ) { - DBprintf(("Packet failure - space overflow.\n")); - goto lPACKET_DONE; - } - } - DBprintf(("Fetching port number\n")); - /* Fetch source port */ - org_port = 0; - while(i 6554 ) { /* Terminate on overflow (65536/10 rounded up*/ - DBprintf(("DCC: port number overflow\n")); - goto lBAD_CTCP; - } - org_port *= 10; - org_port += sptr[i++]-'0'; - } - /* Skip illegal addresses (or early termination) */ - if( i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ') ) { - DBprintf(("Bad port termination\n")); - goto lBAD_CTCP; - } - DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port)); + DBprintf(("Done filename - removing spaces\n")); + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("DCC packet terminated in just spaces (post-filename)\n")); + goto lPACKET_DONE; + } + } - /* We've got the address and port - now alias it */ - { - struct alias_link *dcc_link; - struct in_addr destaddr; + DBprintf(("Fetching IP address\n")); + /* Fetch IP address */ + org_addr = 0; + while (i < dlen && isdigit(sptr[i])) { + if (org_addr > ULONG_MAX / 10UL) { /* Terminate on overflow */ + DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i])); + goto lBAD_CTCP; + } + org_addr *= 10; + org_addr += sptr[i++] - '0'; + } + DBprintf(("Skipping space\n")); + if (i + 1 >= dlen || sptr[i] != ' ') { + DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i + 1, dlen, sptr[i])); + goto lBAD_CTCP; + } + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway, so we + * might as well play it safe + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("Packet failure - space overflow.\n")); + goto lPACKET_DONE; + } + } + DBprintf(("Fetching port number\n")); + /* Fetch source port */ + org_port = 0; + while (i < dlen && isdigit(sptr[i])) { + if (org_port > 6554) { /* Terminate on overflow + * (65536/10 rounded up */ + DBprintf(("DCC: port number overflow\n")); + goto lBAD_CTCP; + } + org_port *= 10; + org_port += sptr[i++] - '0'; + } + /* Skip illegal addresses (or early termination) */ + if (i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ')) { + DBprintf(("Bad port termination\n")); + goto lBAD_CTCP; + } + DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port)); + + /* We've got the address and port - now alias it */ + { + struct alias_link *dcc_link; + struct in_addr destaddr; - true_port = htons(org_port); - true_addr.s_addr = htonl(org_addr); - destaddr.s_addr = 0; + true_port = htons(org_port); + true_addr.s_addr = htonl(org_addr); + destaddr.s_addr = 0; - /* Sanity/Security checking */ - if (!org_addr || !org_port || - pip->ip_src.s_addr != true_addr.s_addr || - org_port < IPPORT_RESERVED) - goto lBAD_CTCP; + /* Sanity/Security checking */ + if (!org_addr || !org_port || + pip->ip_src.s_addr != true_addr.s_addr || + org_port < IPPORT_RESERVED) + goto lBAD_CTCP; - /* Steal the FTP_DATA_PORT - it doesn't really matter, and this - would probably allow it through at least _some_ - firewalls. */ - dcc_link = FindUdpTcpOut(la, true_addr, destaddr, - true_port, 0, - IPPROTO_TCP, 1); - DBprintf(("Got a DCC link\n")); - if ( dcc_link ) { - struct in_addr alias_address; /* Address from aliasing */ - u_short alias_port; /* Port given by aliasing */ - int n; + /* + * Steal the FTP_DATA_PORT - it doesn't really + * matter, and this would probably allow it through + * at least _some_ firewalls. + */ + dcc_link = FindUdpTcpOut(la, true_addr, destaddr, + true_port, 0, + IPPROTO_TCP, 1); + DBprintf(("Got a DCC link\n")); + if (dcc_link) { + struct in_addr alias_address; /* Address from aliasing */ + u_short alias_port; /* Port given by + * aliasing */ + int n; #ifndef NO_FW_PUNCH - /* Generate firewall hole as appropriate */ - PunchFWHole(dcc_link); + /* Generate firewall hole as appropriate */ + PunchFWHole(dcc_link); #endif - alias_address = GetAliasAddress(link); - n = snprintf(&newpacket[iCopy], - sizeof(newpacket)-iCopy, - "%lu ", (u_long)htonl(alias_address.s_addr)); - if( n < 0 ) { - DBprintf(("DCC packet construct failure.\n")); - goto lBAD_CTCP; - } - if( (iCopy += n) >= sizeof(newpacket) ) { /* Truncated/fit exactly - bad news */ - DBprintf(("DCC constructed packet overflow.\n")); - goto lBAD_CTCP; - } - alias_port = GetAliasPort(dcc_link); - n = snprintf(&newpacket[iCopy], - sizeof(newpacket)-iCopy, - "%u", htons(alias_port) ); - if( n < 0 ) { - DBprintf(("DCC packet construct failure.\n")); - goto lBAD_CTCP; - } - iCopy += n; - /* Done - truncated cases will be taken care of by lBAD_CTCP */ - DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port)); - } - } - /* An uninteresting CTCP - state entered right after '\001' has - been pushed. Also used to copy the rest of a DCC, after IP - address and port has been handled */ - lBAD_CTCP: - for(; i maxsize-copyat ? maxsize-copyat : iCopy; - memcpy(sptr+copyat, newpacket, iCopy); + alias_address = GetAliasAddress(link); + n = snprintf(&newpacket[iCopy], + sizeof(newpacket) - iCopy, + "%lu ", (u_long) htonl(alias_address.s_addr)); + if (n < 0) { + DBprintf(("DCC packet construct failure.\n")); + goto lBAD_CTCP; + } + if ((iCopy += n) >= sizeof(newpacket)) { /* Truncated/fit exactly + * - bad news */ + DBprintf(("DCC constructed packet overflow.\n")); + goto lBAD_CTCP; + } + alias_port = GetAliasPort(dcc_link); + n = snprintf(&newpacket[iCopy], + sizeof(newpacket) - iCopy, + "%u", htons(alias_port)); + if (n < 0) { + DBprintf(("DCC packet construct failure.\n")); + goto lBAD_CTCP; + } + iCopy += n; + /* + * Done - truncated cases will be taken + * care of by lBAD_CTCP + */ + DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port)); + } + } + /* + * An uninteresting CTCP - state entered right after '\001' + * has been pushed. Also used to copy the rest of a DCC, + * after IP address and port has been handled + */ +lBAD_CTCP: + for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) { + newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ + if (sptr[i] == '\001') { + goto lNORMAL_TEXT; + } + } + goto lPACKET_DONE; + /* Normal text */ +lNORMAL_TEXT: + for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) { + newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ + if (sptr[i] == '\001') { + goto lCTCP_START; + } + } + /* Handle the end of a packet */ +lPACKET_DONE: + iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy; + memcpy(sptr + copyat, newpacket, iCopy); /* Save information regarding modified seq and ack numbers */ - { - int delta; + { + int delta; - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta+copyat+iCopy-dlen); - } + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + copyat + iCopy - dlen); + } - /* Revise IP header */ - { - u_short new_len; + /* Revise IP header */ + { + u_short new_len; - new_len = htons(hlen + iCopy + copyat); - DifferentialChecksum(&pip->ip_sum, - &new_len, - &pip->ip_len, - 1); - pip->ip_len = new_len; - } + new_len = htons(hlen + iCopy + copyat); + DifferentialChecksum(&pip->ip_sum, + &new_len, + &pip->ip_len, + 1); + pip->ip_len = new_len; + } - /* Compute TCP checksum for revised packet */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); - return; - } + /* Compute TCP checksum for revised packet */ + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); + return; + } } /* Notes: diff --git a/lib/libalias/alias_local.h b/lib/libalias/alias_local.h index 0ed289a40c4f..420a4353d2c1 100644 --- a/lib/libalias/alias_local.h +++ b/lib/libalias/alias_local.h @@ -55,80 +55,84 @@ struct proxy_entry; struct libalias { - LIST_ENTRY(libalias) instancelist; + LIST_ENTRY(libalias) instancelist; - int packetAliasMode; /* Mode flags */ - /* - documented in alias.h */ + int packetAliasMode; /* Mode flags */ + /* - documented in alias.h */ - struct in_addr aliasAddress; /* Address written onto source */ - /* field of IP packet. */ + struct in_addr aliasAddress; /* Address written onto source */ + /* field of IP packet. */ - struct in_addr targetAddress; /* IP address incoming packets */ - /* are sent to if no aliasing */ - /* link already exists */ + struct in_addr targetAddress; /* IP address incoming packets */ + /* are sent to if no aliasing */ + /* link already exists */ - struct in_addr nullAddress; /* Used as a dummy parameter for */ - /* some function calls */ + struct in_addr nullAddress; /* Used as a dummy parameter for */ + /* some function calls */ - LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; - /* Lookup table of pointers to */ - /* chains of link records. Each */ + LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; + /* Lookup table of pointers to */ + /* chains of link records. Each */ - LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; - /* link record is doubly indexed */ - /* into input and output lookup */ - /* tables. */ + LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; + /* link record is doubly indexed */ + /* into input and output lookup */ + /* tables. */ - /* Link statistics */ - int icmpLinkCount; - int udpLinkCount; - int tcpLinkCount; - int pptpLinkCount; - int protoLinkCount; - int fragmentIdLinkCount; - int fragmentPtrLinkCount; - int sockCount; + /* Link statistics */ + int icmpLinkCount; + int udpLinkCount; + int tcpLinkCount; + int pptpLinkCount; + int protoLinkCount; + int fragmentIdLinkCount; + int fragmentPtrLinkCount; + int sockCount; - int cleanupIndex; /* Index to chain of link table */ - /* being inspected for old links */ + int cleanupIndex; /* Index to chain of link table */ + /* being inspected for old links */ - int timeStamp; /* System time in seconds for */ - /* current packet */ + int timeStamp; /* System time in seconds for */ + /* current packet */ - int lastCleanupTime; /* Last time IncrementalCleanup() */ - /* was called */ + int lastCleanupTime; /* Last time + * IncrementalCleanup() */ + /* was called */ - int houseKeepingResidual; /* used by HouseKeeping() */ + int houseKeepingResidual; /* used by HouseKeeping() */ - int deleteAllLinks; /* If equal to zero, DeleteLink() */ - /* will not remove permanent links */ + int deleteAllLinks; /* If equal to zero, DeleteLink() */ + /* will not remove permanent links */ - FILE *monitorFile; /* File descriptor for link */ - /* statistics monitoring file */ + FILE *monitorFile; /* File descriptor for link */ + /* statistics monitoring file */ - int newDefaultLink; /* Indicates if a new aliasing */ - /* link has been created after a */ - /* call to PacketAliasIn/Out(). */ + int newDefaultLink; /* Indicates if a new aliasing */ + /* link has been created after a */ + /* call to PacketAliasIn/Out(). */ #ifndef NO_FW_PUNCH - int fireWallFD; /* File descriptor to be able to */ - /* control firewall. Opened by */ - /* PacketAliasSetMode on first */ - /* setting the PKT_ALIAS_PUNCH_FW */ - /* flag. */ - int fireWallBaseNum; /* The first firewall entry free for our use */ - int fireWallNumNums; /* How many entries can we use? */ - int fireWallActiveNum; /* Which entry did we last use? */ - char *fireWallField; /* bool array for entries */ + int fireWallFD; /* File descriptor to be able to */ + /* control firewall. Opened by */ + /* PacketAliasSetMode on first */ + /* setting the PKT_ALIAS_PUNCH_FW */ + /* flag. */ + int fireWallBaseNum; /* The first firewall entry + * free for our use */ + int fireWallNumNums; /* How many entries can we + * use? */ + int fireWallActiveNum; /* Which entry did we last + * use? */ + char *fireWallField; /* bool array for entries */ #endif - unsigned int skinnyPort; /* TCP port used by the Skinny */ - /* protocol. */ + unsigned int skinnyPort; /* TCP port used by the Skinny */ + /* protocol. */ struct proxy_entry *proxyList; - struct in_addr true_addr; /* in network byte order. */ - u_short true_port; /* in host byte order. */ + struct in_addr true_addr; /* in network byte order. */ + u_short true_port; /* in host byte order. */ }; @@ -161,148 +165,159 @@ struct libalias { /* Prototypes */ /* General utilities */ -u_short IpChecksum(struct ip *_pip); -u_short TcpChecksum(struct ip *_pip); -void DifferentialChecksum(u_short *_cksum, u_short *_new, u_short *_old, - int _n); +u_short IpChecksum(struct ip *_pip); +u_short TcpChecksum(struct ip *_pip); +void +DifferentialChecksum(u_short * _cksum, u_short * _new, u_short * _old, + int _n); /* Internal data access */ struct alias_link * - FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _id_alias, int _create); +FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _id_alias, int _create); struct alias_link * - FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_short _id, int _create); +FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_short _id, int _create); struct alias_link * - FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _ip_id); +FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _ip_id); struct alias_link * - FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _ip_id); +FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _ip_id); struct alias_link * - AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); + AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * - FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); + FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * - FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_char _proto); +FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_char _proto); struct alias_link * - FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_char _proto); +FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_char _proto); struct alias_link * - FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _dst_port, u_short _alias_port, u_char _proto, int _create); +FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _dst_port, u_short _alias_port, u_char _proto, int _create); struct alias_link * - FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_short _src_port, u_short _dst_port, u_char _proto, int _create); +FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_short _src_port, u_short _dst_port, u_char _proto, int _create); struct alias_link * - AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - struct in_addr _alias_addr, u_int16_t _src_call_id); +AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_int16_t _src_call_id); struct alias_link * - FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr, - struct in_addr _dst_addr, u_int16_t _src_call_id); +FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr, + struct in_addr _dst_addr, u_int16_t _src_call_id); struct alias_link * - FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr, - struct in_addr _alias_addr, u_int16_t _dst_call_id); +FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_int16_t _dst_call_id); struct alias_link * - FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr, - struct in_addr _dst_addr, u_int16_t _dst_call_id); +FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr, + struct in_addr _dst_addr, u_int16_t _dst_call_id); struct alias_link * - FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr, - struct in_addr _alias_addr, u_int16_t _alias_call_id); +FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_int16_t _alias_call_id); struct alias_link * - FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_short _src_port, u_short _alias_port, u_char _proto); +FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_short _src_port, u_short _alias_port, u_char _proto); struct in_addr - FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); + FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); struct in_addr - FindAliasAddress(struct libalias *la, struct in_addr _original_addr); + FindAliasAddress(struct libalias *la, struct in_addr _original_addr); /* External data access/modification */ -int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _src_port, u_short _dst_port, u_short _port_count, - u_char _proto, u_char _align); -void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr); -void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr); -void GetFragmentPtr(struct alias_link *_link, char **_fptr); -void SetFragmentPtr(struct alias_link *_link, char *fptr); -void SetStateIn(struct alias_link *_link, int _state); -void SetStateOut(struct alias_link *_link, int _state); -int GetStateIn(struct alias_link *_link); -int GetStateOut(struct alias_link *_link); +int +FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _src_port, u_short _dst_port, u_short _port_count, + u_char _proto, u_char _align); +void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr); +void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr); +void GetFragmentPtr(struct alias_link *_link, char **_fptr); +void SetFragmentPtr(struct alias_link *_link, char *fptr); +void SetStateIn(struct alias_link *_link, int _state); +void SetStateOut(struct alias_link *_link, int _state); +int GetStateIn (struct alias_link *_link); +int GetStateOut(struct alias_link *_link); struct in_addr - GetOriginalAddress(struct alias_link *_link); + GetOriginalAddress(struct alias_link *_link); struct in_addr - GetDestAddress(struct alias_link *_link); + GetDestAddress(struct alias_link *_link); struct in_addr - GetAliasAddress(struct alias_link *_link); + GetAliasAddress(struct alias_link *_link); struct in_addr - GetDefaultAliasAddress(struct libalias *la); -void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr); -u_short GetOriginalPort(struct alias_link *_link); -u_short GetAliasPort(struct alias_link *_link); + GetDefaultAliasAddress(struct libalias *la); +void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr); +u_short GetOriginalPort(struct alias_link *_link); +u_short GetAliasPort(struct alias_link *_link); struct in_addr - GetProxyAddress(struct alias_link *_link); -void SetProxyAddress(struct alias_link *_link, struct in_addr _addr); -u_short GetProxyPort(struct alias_link *_link); -void SetProxyPort(struct alias_link *_link, u_short _port); -void SetAckModified(struct alias_link *_link); -int GetAckModified(struct alias_link *_link); -int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link); -int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link); -void AddSeq(struct ip *_pip, struct alias_link *_link, int _delta); -void SetExpire(struct alias_link *_link, int _expire); -void ClearCheckNewLink(struct libalias *la); -void SetProtocolFlags(struct alias_link *_link, int _pflags); -int GetProtocolFlags(struct alias_link *_link); -void SetDestCallId(struct alias_link *_link, u_int16_t _cid); + GetProxyAddress(struct alias_link *_link); +void SetProxyAddress(struct alias_link *_link, struct in_addr _addr); +u_short GetProxyPort(struct alias_link *_link); +void SetProxyPort(struct alias_link *_link, u_short _port); +void SetAckModified(struct alias_link *_link); +int GetAckModified(struct alias_link *_link); +int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link); +int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link); +void AddSeq (struct ip *_pip, struct alias_link *_link, int _delta); +void SetExpire (struct alias_link *_link, int _expire); +void ClearCheckNewLink(struct libalias *la); +void SetProtocolFlags(struct alias_link *_link, int _pflags); +int GetProtocolFlags(struct alias_link *_link); +void SetDestCallId(struct alias_link *_link, u_int16_t _cid); + #ifndef NO_FW_PUNCH -void PunchFWHole(struct alias_link *_link); +void PunchFWHole(struct alias_link *_link); + #endif /* Housekeeping function */ -void HouseKeeping(struct libalias *); +void HouseKeeping(struct libalias *); /* Tcp specfic routines */ /* lint -save -library Suppress flexelint warnings */ /* FTP routines */ -void AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, - int _maxpacketsize); +void +AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, + int _maxpacketsize); /* IRC routines */ -void AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, - int _maxsize); +void +AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, + int _maxsize); /* RTSP routines */ -void AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, - int _maxpacketsize); +void +AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, + int _maxpacketsize); /* PPTP routines */ -void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); -void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link); -int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip); -int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip); +void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); +void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link); +int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip); +int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip); /* NetBIOS routines */ -int AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link, - struct in_addr *_alias_address, u_short _alias_port); -int AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link, - struct in_addr *_alias_address, u_short *_alias_port, - struct in_addr *_original_address, u_short *_original_port); +int +AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link, + struct in_addr *_alias_address, u_short _alias_port); +int +AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link, + struct in_addr *_alias_address, u_short * _alias_port, + struct in_addr *_original_address, u_short * _original_port); /* CUSeeMe routines */ -void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); -void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr); +void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); +void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr); /* Skinny routines */ -void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link); +void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link); /* Transparent proxy routines */ -int ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr, - u_short *_proxy_server_port); -void ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip, - int _maxpacketsize, int _proxy_type); +int +ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr, + u_short * _proxy_server_port); +void +ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip, + int _maxpacketsize, int _proxy_type); enum alias_tcp_state { ALIAS_TCP_STATE_NOT_CONNECTED, @@ -312,4 +327,4 @@ enum alias_tcp_state { /*lint -restore */ -#endif /* !_ALIAS_LOCAL_H_ */ +#endif /* !_ALIAS_LOCAL_H_ */ diff --git a/lib/libalias/alias_nbt.c b/lib/libalias/alias_nbt.c index 9ff9cf0e58d1..fc5fa8422f9b 100644 --- a/lib/libalias/alias_nbt.c +++ b/lib/libalias/alias_nbt.c @@ -55,22 +55,22 @@ __FBSDID("$FreeBSD$"); #include "alias_local.h" typedef struct { - struct in_addr oldaddr; - u_short oldport; - struct in_addr newaddr; - u_short newport; - u_short *uh_sum; -} NBTArguments; + struct in_addr oldaddr; + u_short oldport; + struct in_addr newaddr; + u_short newport; + u_short *uh_sum; +} NBTArguments; typedef struct { - unsigned char type; - unsigned char flags; - u_short id; - struct in_addr source_ip; - u_short source_port; - u_short len; - u_short offset; -} NbtDataHeader; + unsigned char type; + unsigned char flags; + u_short id; + struct in_addr source_ip; + u_short source_port; + u_short len; + u_short offset; +} NbtDataHeader; #define OpQuery 0 #define OpUnknown 4 @@ -79,13 +79,13 @@ typedef struct { #define OpWACK 7 #define OpRefresh 8 typedef struct { - u_short nametrid; - u_short dir:1, opcode:4, nmflags:7, rcode:4; - u_short qdcount; - u_short ancount; - u_short nscount; - u_short arcount; -} NbtNSHeader; + u_short nametrid; + u_short dir: 1, opcode:4, nmflags:7, rcode:4; + u_short qdcount; + u_short ancount; + u_short nscount; + u_short arcount; +} NbtNSHeader; #define FMT_ERR 0x1 #define SRV_ERR 0x2 @@ -96,56 +96,61 @@ typedef struct { #ifdef DEBUG -static void PrintRcode( u_char rcode ) { +static void +PrintRcode(u_char rcode) +{ switch (rcode) { case FMT_ERR: - printf("\nFormat Error."); - case SRV_ERR: - printf("\nSever failure."); - case IMP_ERR: - printf("\nUnsupported request error.\n"); - case RFS_ERR: - printf("\nRefused error.\n"); - case ACT_ERR: - printf("\nActive error.\n"); - case CFT_ERR: - printf("\nName in conflict error.\n"); - default: - printf("\n?%c?=%0x\n", '?', rcode ); + printf("\nFormat Error."); + case SRV_ERR: + printf("\nSever failure."); + case IMP_ERR: + printf("\nUnsupported request error.\n"); + case RFS_ERR: + printf("\nRefused error.\n"); + case ACT_ERR: + printf("\nActive error.\n"); + case CFT_ERR: + printf("\nName in conflict error.\n"); + default: + printf("\n?%c?=%0x\n", '?', rcode); } } + #endif /* Handling Name field */ -static u_char *AliasHandleName ( u_char *p, char *pmax ) { +static u_char * +AliasHandleName(u_char * p, char *pmax) +{ u_char *s; u_char c; - int compress; + int compress; /* Following length field */ if (p == NULL || (char *)p >= pmax) - return(NULL); + return (NULL); - if (*p & 0xc0 ) { + if (*p & 0xc0) { p = p + 2; if ((char *)p > pmax) - return(NULL); - return ((u_char *)p); + return (NULL); + return ((u_char *) p); } - while ( ( *p & 0x3f) != 0x00 ) { + while ((*p & 0x3f) != 0x00) { s = p + 1; - if ( *p == 0x20 ) + if (*p == 0x20) compress = 1; else compress = 0; - /* Get next length field */ - p = (u_char *)(p + (*p & 0x3f) + 1); + /* Get next length field */ + p = (u_char *) (p + (*p & 0x3f) + 1); if ((char *)p > pmax) { p = NULL; break; @@ -154,15 +159,15 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) { printf(":"); #endif while (s < p) { - if ( compress == 1 ) { - c = (u_char )(((((*s & 0x0f) << 4) | (*(s+1) & 0x0f)) - 0x11)); + if (compress == 1) { + c = (u_char) (((((*s & 0x0f) << 4) | (*(s + 1) & 0x0f)) - 0x11)); #ifdef DEBUG - if (isprint( c ) ) - printf("%c", c ); + if (isprint(c)) + printf("%c", c); else - printf("<0x%02x>", c ); + printf("<0x%02x>", c); #endif - s +=2; + s += 2; } else { #ifdef DEBUG printf("%c", *s); @@ -174,14 +179,14 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) { printf(":"); #endif fflush(stdout); - } + } /* Set up to out of Name field */ if (p == NULL || (char *)p >= pmax) - p = NULL; + p = NULL; else - p++; - return ((u_char *)p); + p++; + return ((u_char *) p); } /* @@ -195,58 +200,61 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) { #define DGM_POSITIVE_RES 0x15 #define DGM_NEGATIVE_RES 0x16 -int AliasHandleUdpNbt( - struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link, - struct in_addr *alias_address, - u_short alias_port -) { - struct udphdr * uh; - NbtDataHeader *ndh; - u_char *p = NULL; - char *pmax; +int +AliasHandleUdpNbt( + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link, + struct in_addr *alias_address, + u_short alias_port +) +{ + struct udphdr *uh; + NbtDataHeader *ndh; + u_char *p = NULL; + char *pmax; - /* Calculate data length of UDP packet */ - uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); - pmax = (char *)uh + ntohs( uh->uh_ulen ); + /* Calculate data length of UDP packet */ + uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + pmax = (char *)uh + ntohs(uh->uh_ulen); - ndh = (NbtDataHeader *)((char *)uh + (sizeof (struct udphdr))); - if ((char *)(ndh + 1) > pmax) - return(-1); + ndh = (NbtDataHeader *) ((char *)uh + (sizeof(struct udphdr))); + if ((char *)(ndh + 1) > pmax) + return (-1); #ifdef DEBUG - printf("\nType=%02x,", ndh->type ); + printf("\nType=%02x,", ndh->type); #endif - switch ( ndh->type ) { - case DGM_DIRECT_UNIQ: - case DGM_DIRECT_GROUP: - case DGM_BROADCAST: - p = (u_char *)ndh + 14; - p = AliasHandleName ( p, pmax ); /* Source Name */ - p = AliasHandleName ( p, pmax ); /* Destination Name */ - break; - case DGM_ERROR: - p = (u_char *)ndh + 11; - break; - case DGM_QUERY: - case DGM_POSITIVE_RES: - case DGM_NEGATIVE_RES: - p = (u_char *)ndh + 10; - p = AliasHandleName ( p, pmax ); /* Destination Name */ - break; + switch (ndh->type) { + case DGM_DIRECT_UNIQ: + case DGM_DIRECT_GROUP: + case DGM_BROADCAST: + p = (u_char *) ndh + 14; + p = AliasHandleName(p, pmax); /* Source Name */ + p = AliasHandleName(p, pmax); /* Destination Name */ + break; + case DGM_ERROR: + p = (u_char *) ndh + 11; + break; + case DGM_QUERY: + case DGM_POSITIVE_RES: + case DGM_NEGATIVE_RES: + p = (u_char *) ndh + 10; + p = AliasHandleName(p, pmax); /* Destination Name */ + break; } - if (p == NULL || (char *)p > pmax) - p = NULL; + if (p == NULL || (char *)p > pmax) + p = NULL; #ifdef DEBUG - printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) ); + printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port)); #endif /* Doing an IP address and Port number Translation */ - if ( uh->uh_sum != 0 ) { - int acc; - u_short *sptr; - acc = ndh->source_port; + if (uh->uh_sum != 0) { + int acc; + u_short *sptr; + + acc = ndh->source_port; acc -= alias_port; - sptr = (u_short *) &(ndh->source_ip); + sptr = (u_short *) & (ndh->source_ip); acc += *sptr++; acc += *sptr; sptr = (u_short *) alias_address; @@ -254,49 +262,49 @@ int AliasHandleUdpNbt( acc -= *sptr; ADJUST_CHECKSUM(acc, uh->uh_sum); } - ndh->source_ip = *alias_address; - ndh->source_port = alias_port; + ndh->source_ip = *alias_address; + ndh->source_port = alias_port; #ifdef DEBUG - printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) ); + printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port)); fflush(stdout); #endif - return((p == NULL) ? -1 : 0); + return ((p == NULL) ? -1 : 0); } + /* Question Section */ #define QS_TYPE_NB 0x0020 #define QS_TYPE_NBSTAT 0x0021 #define QS_CLAS_IN 0x0001 typedef struct { - u_short type; /* The type of Request */ - u_short class; /* The class of Request */ -} NBTNsQuestion; + u_short type; /* The type of Request */ + u_short class; /* The class of Request */ +} NBTNsQuestion; -static u_char * +static u_char * AliasHandleQuestion( u_short count, - NBTNsQuestion *q, + NBTNsQuestion * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - while ( count != 0 ) { + while (count != 0) { /* Name Filed */ - q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax); + q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax); if (q == NULL || (char *)(q + 1) > pmax) { q = NULL; break; } - /* Type and Class filed */ - switch ( ntohs(q->type) ) { - case QS_TYPE_NB: - case QS_TYPE_NBSTAT: - q= q+1; + switch (ntohs(q->type)) { + case QS_TYPE_NB: + case QS_TYPE_NBSTAT: + q = q + 1; break; - default: + default: #ifdef DEBUG - printf("\nUnknown Type on Question %0x\n", ntohs(q->type) ); + printf("\nUnknown Type on Question %0x\n", ntohs(q->type)); #endif break; } @@ -304,7 +312,7 @@ AliasHandleQuestion( } /* Set up to out of Question Section */ - return ((u_char *)q); + return ((u_char *) q); } /* Resource Record */ @@ -316,101 +324,99 @@ AliasHandleQuestion( #define RR_CLAS_IN 0x0001 #define SizeOfNsResource 8 typedef struct { - u_short type; - u_short class; - unsigned int ttl; - u_short rdlen; -} NBTNsResource; + u_short type; + u_short class; + unsigned int ttl; + u_short rdlen; +} NBTNsResource; #define SizeOfNsRNB 6 typedef struct { - u_short g:1, ont:2, resv:13; - struct in_addr addr; -} NBTNsRNB; + u_short g: 1 , ont:2, resv:13; + struct in_addr addr; +} NBTNsRNB; -static u_char * +static u_char * AliasHandleResourceNB( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsRNB *nb; + NBTNsRNB *nb; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Check out a length */ bcount = ntohs(q->rdlen); /* Forward to Resource NB position */ - nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource); + nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource); /* Processing all in_addr array */ #ifdef DEBUG printf("NB rec[%s", inet_ntoa(nbtarg->oldaddr)); - printf("->%s, %dbytes] ",inet_ntoa(nbtarg->newaddr ), bcount); + printf("->%s, %dbytes] ", inet_ntoa(nbtarg->newaddr), bcount); #endif - while ( nb != NULL && bcount != 0 ) { + while (nb != NULL && bcount != 0) { if ((char *)(nb + 1) > pmax) { nb = NULL; break; } #ifdef DEBUG - printf("<%s>", inet_ntoa(nb->addr) ); + printf("<%s>", inet_ntoa(nb->addr)); #endif - if (!bcmp(&nbtarg->oldaddr,&nb->addr, sizeof(struct in_addr) ) ) { - if ( *nbtarg->uh_sum != 0 ) { - int acc; - u_short *sptr; + if (!bcmp(&nbtarg->oldaddr, &nb->addr, sizeof(struct in_addr))) { + if (*nbtarg->uh_sum != 0) { + int acc; + u_short *sptr; - sptr = (u_short *) &(nb->addr); - acc = *sptr++; - acc += *sptr; - sptr = (u_short *) &(nbtarg->newaddr); - acc -= *sptr++; - acc -= *sptr; - ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); + sptr = (u_short *) & (nb->addr); + acc = *sptr++; + acc += *sptr; + sptr = (u_short *) & (nbtarg->newaddr); + acc -= *sptr++; + acc -= *sptr; + ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); } - nb->addr = nbtarg->newaddr; #ifdef DEBUG printf("O"); #endif } #ifdef DEBUG - else { + else { printf("."); } #endif - nb=(NBTNsRNB *)((u_char *)nb + SizeOfNsRNB); - bcount -= SizeOfNsRNB; + nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB); + bcount -= SizeOfNsRNB; } if (nb == NULL || (char *)(nb + 1) > pmax) { nb = NULL; } - - return ((u_char *)nb); + return ((u_char *) nb); } #define SizeOfResourceA 6 typedef struct { - struct in_addr addr; -} NBTNsResourceA; + struct in_addr addr; +} NBTNsResourceA; -static u_char * +static u_char * AliasHandleResourceA( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceA *a; + NBTNsResourceA *a; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource A position */ - a = (NBTNsResourceA *)( (u_char *)q + sizeof(NBTNsResource) ); + a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); @@ -418,62 +424,61 @@ AliasHandleResourceA( /* Processing all in_addr array */ #ifdef DEBUG printf("Arec [%s", inet_ntoa(nbtarg->oldaddr)); - printf("->%s]",inet_ntoa(nbtarg->newaddr )); + printf("->%s]", inet_ntoa(nbtarg->newaddr)); #endif - while ( bcount != 0 ) { + while (bcount != 0) { if (a == NULL || (char *)(a + 1) > pmax) - return(NULL); + return (NULL); #ifdef DEBUG - printf("..%s", inet_ntoa(a->addr) ); + printf("..%s", inet_ntoa(a->addr)); #endif - if ( !bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr) ) ) { - if ( *nbtarg->uh_sum != 0 ) { - int acc; - u_short *sptr; + if (!bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr))) { + if (*nbtarg->uh_sum != 0) { + int acc; + u_short *sptr; - sptr = (u_short *) &(a->addr); /* Old */ - acc = *sptr++; - acc += *sptr; - sptr = (u_short *) &nbtarg->newaddr; /* New */ - acc -= *sptr++; - acc -= *sptr; - ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); + sptr = (u_short *) & (a->addr); /* Old */ + acc = *sptr++; + acc += *sptr; + sptr = (u_short *) & nbtarg->newaddr; /* New */ + acc -= *sptr++; + acc -= *sptr; + ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); } - a->addr = nbtarg->newaddr; } - a++; /*XXXX*/ + a++; /* XXXX */ bcount -= SizeOfResourceA; } if (a == NULL || (char *)(a + 1) > pmax) - a = NULL; - return ((u_char *)a); + a = NULL; + return ((u_char *) a); } typedef struct { - u_short opcode:4, flags:8, resv:4; -} NBTNsResourceNULL; + u_short opcode:4, flags:8, resv:4; +} NBTNsResourceNULL; -static u_char * +static u_char * AliasHandleResourceNULL( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceNULL *n; + NBTNsResourceNULL *n; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource NULL position */ - n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) ); + n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); /* Processing all in_addr array */ - while ( bcount != 0 ) { + while (bcount != 0) { if ((char *)(n + 1) > pmax) { n = NULL; break; @@ -484,223 +489,220 @@ AliasHandleResourceNULL( if ((char *)(n + 1) > pmax) n = NULL; - return ((u_char *)n); + return ((u_char *) n); } -static u_char * +static u_char * AliasHandleResourceNS( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceNULL *n; + NBTNsResourceNULL *n; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource NULL position */ - n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) ); + n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); /* Resource Record Name Filed */ - q = (NBTNsResource *)AliasHandleName( (u_char *)n, pmax ); /* XXX */ + q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */ - if (q == NULL || (char *)((u_char *)n + bcount) > pmax) - return(NULL); + if (q == NULL || (char *)((u_char *) n + bcount) > pmax) + return (NULL); else - return ((u_char *)n + bcount); + return ((u_char *) n + bcount); } typedef struct { - u_short numnames; -} NBTNsResourceNBSTAT; + u_short numnames; +} NBTNsResourceNBSTAT; -static u_char * +static u_char * AliasHandleResourceNBSTAT( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceNBSTAT *n; + NBTNsResourceNBSTAT *n; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource NBSTAT position */ - n = (NBTNsResourceNBSTAT *)( (u_char *)q + sizeof(NBTNsResource) ); + n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); - if (q == NULL || (char *)((u_char *)n + bcount) > pmax) - return(NULL); + if (q == NULL || (char *)((u_char *) n + bcount) > pmax) + return (NULL); else - return ((u_char *)n + bcount); + return ((u_char *) n + bcount); } -static u_char * +static u_char * AliasHandleResource( u_short count, - NBTNsResource *q, + NBTNsResource * q, char *pmax, NBTArguments - *nbtarg) + * nbtarg) { - while ( count != 0 ) { + while (count != 0) { /* Resource Record Name Filed */ - q = (NBTNsResource *)AliasHandleName( (u_char *)q, pmax ); + q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax); if (q == NULL || (char *)(q + 1) > pmax) break; #ifdef DEBUG - printf("type=%02x, count=%d\n", ntohs(q->type), count ); + printf("type=%02x, count=%d\n", ntohs(q->type), count); #endif /* Type and Class filed */ - switch ( ntohs(q->type) ) { - case RR_TYPE_NB: - q = (NBTNsResource *)AliasHandleResourceNB( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_A: - q = (NBTNsResource *)AliasHandleResourceA( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_NS: - q = (NBTNsResource *)AliasHandleResourceNS( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_NULL: - q = (NBTNsResource *)AliasHandleResourceNULL( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_NBSTAT: - q = (NBTNsResource *)AliasHandleResourceNBSTAT( - q, - pmax, - nbtarg - ); - break; - default: + switch (ntohs(q->type)) { + case RR_TYPE_NB: + q = (NBTNsResource *) AliasHandleResourceNB( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_A: + q = (NBTNsResource *) AliasHandleResourceA( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_NS: + q = (NBTNsResource *) AliasHandleResourceNS( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_NULL: + q = (NBTNsResource *) AliasHandleResourceNULL( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_NBSTAT: + q = (NBTNsResource *) AliasHandleResourceNBSTAT( + q, + pmax, + nbtarg + ); + break; + default: #ifdef DEBUG - printf( - "\nUnknown Type of Resource %0x\n", - ntohs(q->type) - ); + printf( + "\nUnknown Type of Resource %0x\n", + ntohs(q->type) + ); #endif - break; + break; } count--; } fflush(stdout); - return ((u_char *)q); + return ((u_char *) q); } -int AliasHandleUdpNbtNS( - struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link, - struct in_addr *alias_address, - u_short *alias_port, - struct in_addr *original_address, - u_short *original_port ) +int +AliasHandleUdpNbtNS( + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link, + struct in_addr *alias_address, + u_short * alias_port, + struct in_addr *original_address, + u_short * original_port) { - struct udphdr * uh; - NbtNSHeader * nsh; - u_char * p; - char *pmax; - NBTArguments nbtarg; + struct udphdr *uh; + NbtNSHeader *nsh; + u_char *p; + char *pmax; + NBTArguments nbtarg; /* Set up Common Parameter */ - nbtarg.oldaddr = *alias_address; - nbtarg.oldport = *alias_port; - nbtarg.newaddr = *original_address; - nbtarg.newport = *original_port; + nbtarg.oldaddr = *alias_address; + nbtarg.oldport = *alias_port; + nbtarg.newaddr = *original_address; + nbtarg.newport = *original_port; - /* Calculate data length of UDP packet */ - uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); - nbtarg.uh_sum = &(uh->uh_sum); - nsh = (NbtNSHeader *)((char *)uh + (sizeof(struct udphdr))); - p = (u_char *)(nsh + 1); - pmax = (char *)uh + ntohs( uh->uh_ulen ); + /* Calculate data length of UDP packet */ + uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + nbtarg.uh_sum = &(uh->uh_sum); + nsh = (NbtNSHeader *) ((char *)uh + (sizeof(struct udphdr))); + p = (u_char *) (nsh + 1); + pmax = (char *)uh + ntohs(uh->uh_ulen); - if ((char *)(nsh + 1) > pmax) - return(-1); + if ((char *)(nsh + 1) > pmax) + return (-1); #ifdef DEBUG - printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x" - ", an=%04x, ns=%04x, ar=%04x, [%d]-->", - nsh->dir ? "Response": "Request", - nsh->nametrid, - nsh->opcode, - nsh->nmflags, - nsh->rcode, - ntohs(nsh->qdcount), - ntohs(nsh->ancount), - ntohs(nsh->nscount), - ntohs(nsh->arcount), - (u_char *)p -(u_char *)nsh - ); + printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x" + ", an=%04x, ns=%04x, ar=%04x, [%d]-->", + nsh->dir ? "Response" : "Request", + nsh->nametrid, + nsh->opcode, + nsh->nmflags, + nsh->rcode, + ntohs(nsh->qdcount), + ntohs(nsh->ancount), + ntohs(nsh->nscount), + ntohs(nsh->arcount), + (u_char *) p - (u_char *) nsh + ); #endif /* Question Entries */ - if (ntohs(nsh->qdcount) !=0 ) { - p = AliasHandleQuestion( - ntohs(nsh->qdcount), - (NBTNsQuestion *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->qdcount) != 0) { + p = AliasHandleQuestion( + ntohs(nsh->qdcount), + (NBTNsQuestion *) p, + pmax, + &nbtarg + ); } - /* Answer Resource Records */ - if (ntohs(nsh->ancount) !=0 ) { - p = AliasHandleResource( - ntohs(nsh->ancount), - (NBTNsResource *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->ancount) != 0) { + p = AliasHandleResource( + ntohs(nsh->ancount), + (NBTNsResource *) p, + pmax, + &nbtarg + ); } - /* Authority Resource Recodrs */ - if (ntohs(nsh->nscount) !=0 ) { - p = AliasHandleResource( - ntohs(nsh->nscount), - (NBTNsResource *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->nscount) != 0) { + p = AliasHandleResource( + ntohs(nsh->nscount), + (NBTNsResource *) p, + pmax, + &nbtarg + ); } - /* Additional Resource Recodrs */ - if (ntohs(nsh->arcount) !=0 ) { - p = AliasHandleResource( - ntohs(nsh->arcount), - (NBTNsResource *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->arcount) != 0) { + p = AliasHandleResource( + ntohs(nsh->arcount), + (NBTNsResource *) p, + pmax, + &nbtarg + ); } - #ifdef DEBUG - PrintRcode(nsh->rcode); + PrintRcode(nsh->rcode); #endif - return ((p == NULL) ? -1 : 0); + return ((p == NULL) ? -1 : 0); } diff --git a/lib/libalias/alias_old.c b/lib/libalias/alias_old.c index 51e6f32dc67c..5e9be07cc849 100644 --- a/lib/libalias/alias_old.c +++ b/lib/libalias/alias_old.c @@ -113,7 +113,7 @@ PacketAliasAddServer(struct alias_link *_link, struct alias_link * PacketAliasRedirectAddr(struct in_addr _src_addr, - struct in_addr _alias_addr) + struct in_addr _alias_addr) { return LibAliasRedirectAddr(la, _src_addr, _alias_addr); @@ -152,7 +152,7 @@ PacketAliasRedirectProto(struct in_addr _src_addr, { return LibAliasRedirectProto(la, _src_addr, _dst_addr, _alias_addr, - _proto); + _proto); } void @@ -162,7 +162,7 @@ PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment) LibAliasFragmentIn(la, _ptr, _ptr_fragment); } -char * +char * PacketAliasGetFragment(char *_ptr) { diff --git a/lib/libalias/alias_pptp.c b/lib/libalias/alias_pptp.c index 946ae2fcbbcc..5df60cb2ec8c 100644 --- a/lib/libalias/alias_pptp.c +++ b/lib/libalias/alias_pptp.c @@ -80,16 +80,16 @@ __FBSDID("$FreeBSD$"); * PPTP definitions */ -struct grehdr /* Enhanced GRE header. */ -{ - u_int16_t gh_flags; /* Flags. */ - u_int16_t gh_protocol; /* Protocol type. */ - u_int16_t gh_length; /* Payload length. */ - u_int16_t gh_call_id; /* Call ID. */ - u_int32_t gh_seq_no; /* Sequence number (optional). */ - u_int32_t gh_ack_no; /* Acknowledgment number (optional). */ +struct grehdr { /* Enhanced GRE header. */ + u_int16_t gh_flags; /* Flags. */ + u_int16_t gh_protocol; /* Protocol type. */ + u_int16_t gh_length; /* Payload length. */ + u_int16_t gh_call_id; /* Call ID. */ + u_int32_t gh_seq_no; /* Sequence number (optional). */ + u_int32_t gh_ack_no; /* Acknowledgment number + * (optional). */ }; -typedef struct grehdr GreHdr; +typedef struct grehdr GreHdr; /* The PPTP protocol ID used in the GRE 'proto' field. */ #define PPTP_GRE_PROTO 0x880b @@ -102,270 +102,276 @@ typedef struct grehdr GreHdr; #define PPTP_CTRL_MSG_TYPE 1 enum { - PPTP_StartCtrlConnRequest = 1, - PPTP_StartCtrlConnReply = 2, - PPTP_StopCtrlConnRequest = 3, - PPTP_StopCtrlConnReply = 4, - PPTP_EchoRequest = 5, - PPTP_EchoReply = 6, - PPTP_OutCallRequest = 7, - PPTP_OutCallReply = 8, - PPTP_InCallRequest = 9, - PPTP_InCallReply = 10, - PPTP_InCallConn = 11, - PPTP_CallClearRequest = 12, - PPTP_CallDiscNotify = 13, - PPTP_WanErrorNotify = 14, - PPTP_SetLinkInfo = 15 + PPTP_StartCtrlConnRequest = 1, + PPTP_StartCtrlConnReply = 2, + PPTP_StopCtrlConnRequest = 3, + PPTP_StopCtrlConnReply = 4, + PPTP_EchoRequest = 5, + PPTP_EchoReply = 6, + PPTP_OutCallRequest = 7, + PPTP_OutCallReply = 8, + PPTP_InCallRequest = 9, + PPTP_InCallReply = 10, + PPTP_InCallConn = 11, + PPTP_CallClearRequest = 12, + PPTP_CallDiscNotify = 13, + PPTP_WanErrorNotify = 14, + PPTP_SetLinkInfo = 15 }; - /* Message structures */ - struct pptpMsgHead { - u_int16_t length; /* total length */ - u_int16_t msgType; /* PPTP message type */ - u_int32_t magic; /* magic cookie */ - u_int16_t type; /* control message type */ - u_int16_t resv0; /* reserved */ - }; - typedef struct pptpMsgHead *PptpMsgHead; + /* Message structures */ +struct pptpMsgHead { + u_int16_t length; /* total length */ + u_int16_t msgType;/* PPTP message type */ + u_int32_t magic; /* magic cookie */ + u_int16_t type; /* control message type */ + u_int16_t resv0; /* reserved */ +}; +typedef struct pptpMsgHead *PptpMsgHead; - struct pptpCodes { - u_int8_t resCode; /* Result Code */ - u_int8_t errCode; /* Error Code */ - }; - typedef struct pptpCodes *PptpCode; +struct pptpCodes { + u_int8_t resCode;/* Result Code */ + u_int8_t errCode;/* Error Code */ +}; +typedef struct pptpCodes *PptpCode; - struct pptpCallIds { - u_int16_t cid1; /* Call ID field #1 */ - u_int16_t cid2; /* Call ID field #2 */ - }; - typedef struct pptpCallIds *PptpCallId; +struct pptpCallIds { + u_int16_t cid1; /* Call ID field #1 */ + u_int16_t cid2; /* Call ID field #2 */ +}; +typedef struct pptpCallIds *PptpCallId; static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *); void AliasHandlePptpOut(struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link) /* The PPTP control link */ -{ - struct alias_link *pptp_link; - PptpCallId cptr; - PptpCode codes; - u_int16_t ctl_type; /* control message type */ - struct tcphdr *tc; + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link) +{ /* The PPTP control link */ + struct alias_link *pptp_link; + PptpCallId cptr; + PptpCode codes; + u_int16_t ctl_type; /* control message type */ + struct tcphdr *tc; - /* Verify valid PPTP control message */ - if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) - return; - - /* Modify certain PPTP messages */ - switch (ctl_type) { - case PPTP_OutCallRequest: - case PPTP_OutCallReply: - case PPTP_InCallRequest: - case PPTP_InCallReply: - /* Establish PPTP link for address and Call ID found in control message. */ - pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link), - GetAliasAddress(link), cptr->cid1); - break; - case PPTP_CallClearRequest: - case PPTP_CallDiscNotify: - /* Find PPTP link for address and Call ID found in control message. */ - pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link), - GetDestAddress(link), - cptr->cid1); - break; - default: - return; - } - - if (pptp_link != NULL) { - int accumulate = cptr->cid1; - - /* alias the Call Id */ - cptr->cid1 = GetAliasPort(pptp_link); - - /* Compute TCP checksum for revised packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - accumulate -= cptr->cid1; - ADJUST_CHECKSUM(accumulate, tc->th_sum); + /* Verify valid PPTP control message */ + if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) + return; + /* Modify certain PPTP messages */ switch (ctl_type) { + case PPTP_OutCallRequest: case PPTP_OutCallReply: + case PPTP_InCallRequest: case PPTP_InCallReply: - codes = (PptpCode)(cptr + 1); - if (codes->resCode == 1) /* Connection established, */ - SetDestCallId(pptp_link, /* note the Peer's Call ID. */ - cptr->cid2); - else - SetExpire(pptp_link, 0); /* Connection refused. */ - break; - case PPTP_CallDiscNotify: /* Connection closed. */ - SetExpire(pptp_link, 0); - break; + /* + * Establish PPTP link for address and Call ID found in + * control message. + */ + pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link), + GetAliasAddress(link), cptr->cid1); + break; + case PPTP_CallClearRequest: + case PPTP_CallDiscNotify: + /* + * Find PPTP link for address and Call ID found in control + * message. + */ + pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link), + GetDestAddress(link), + cptr->cid1); + break; + default: + return; + } + + if (pptp_link != NULL) { + int accumulate = cptr->cid1; + + /* alias the Call Id */ + cptr->cid1 = GetAliasPort(pptp_link); + + /* Compute TCP checksum for revised packet */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + accumulate -= cptr->cid1; + ADJUST_CHECKSUM(accumulate, tc->th_sum); + + switch (ctl_type) { + case PPTP_OutCallReply: + case PPTP_InCallReply: + codes = (PptpCode) (cptr + 1); + if (codes->resCode == 1) /* Connection + * established, */ + SetDestCallId(pptp_link, /* note the Peer's Call + * ID. */ + cptr->cid2); + else + SetExpire(pptp_link, 0); /* Connection refused. */ + break; + case PPTP_CallDiscNotify: /* Connection closed. */ + SetExpire(pptp_link, 0); + break; + } } - } } void -AliasHandlePptpIn(struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link) /* The PPTP control link */ -{ - struct alias_link *pptp_link; - PptpCallId cptr; - u_int16_t *pcall_id; - u_int16_t ctl_type; /* control message type */ - struct tcphdr *tc; +AliasHandlePptpIn(struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link) +{ /* The PPTP control link */ + struct alias_link *pptp_link; + PptpCallId cptr; + u_int16_t *pcall_id; + u_int16_t ctl_type; /* control message type */ + struct tcphdr *tc; - /* Verify valid PPTP control message */ - if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) - return; + /* Verify valid PPTP control message */ + if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) + return; - /* Modify certain PPTP messages */ - switch (ctl_type) - { - case PPTP_InCallConn: - case PPTP_WanErrorNotify: - case PPTP_SetLinkInfo: - pcall_id = &cptr->cid1; - break; - case PPTP_OutCallReply: - case PPTP_InCallReply: - pcall_id = &cptr->cid2; - break; - case PPTP_CallDiscNotify: /* Connection closed. */ - pptp_link = FindPptpInByCallId(la, GetDestAddress(link), - GetAliasAddress(link), - cptr->cid1); - if (pptp_link != NULL) - SetExpire(pptp_link, 0); - return; - default: - return; - } + /* Modify certain PPTP messages */ + switch (ctl_type) { + case PPTP_InCallConn: + case PPTP_WanErrorNotify: + case PPTP_SetLinkInfo: + pcall_id = &cptr->cid1; + break; + case PPTP_OutCallReply: + case PPTP_InCallReply: + pcall_id = &cptr->cid2; + break; + case PPTP_CallDiscNotify: /* Connection closed. */ + pptp_link = FindPptpInByCallId(la, GetDestAddress(link), + GetAliasAddress(link), + cptr->cid1); + if (pptp_link != NULL) + SetExpire(pptp_link, 0); + return; + default: + return; + } - /* Find PPTP link for address and Call ID found in PPTP Control Msg */ - pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link), - GetAliasAddress(link), - *pcall_id); + /* Find PPTP link for address and Call ID found in PPTP Control Msg */ + pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link), + GetAliasAddress(link), + *pcall_id); - if (pptp_link != NULL) { - int accumulate = *pcall_id; + if (pptp_link != NULL) { + int accumulate = *pcall_id; - /* De-alias the Peer's Call Id. */ - *pcall_id = GetOriginalPort(pptp_link); + /* De-alias the Peer's Call Id. */ + *pcall_id = GetOriginalPort(pptp_link); - /* Compute TCP checksum for modified packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - accumulate -= *pcall_id; - ADJUST_CHECKSUM(accumulate, tc->th_sum); + /* Compute TCP checksum for modified packet */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + accumulate -= *pcall_id; + ADJUST_CHECKSUM(accumulate, tc->th_sum); - if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) { - PptpCode codes = (PptpCode)(cptr + 1); + if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) { + PptpCode codes = (PptpCode) (cptr + 1); - if (codes->resCode == 1) /* Connection established, */ - SetDestCallId(pptp_link, /* note the Call ID. */ - cptr->cid1); - else - SetExpire(pptp_link, 0); /* Connection refused. */ - } - } + if (codes->resCode == 1) /* Connection + * established, */ + SetDestCallId(pptp_link, /* note the Call ID. */ + cptr->cid1); + else + SetExpire(pptp_link, 0); /* Connection refused. */ + } + } } -static PptpCallId -AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch */ -{ - int hlen, tlen, dlen; - PptpMsgHead hptr; - struct tcphdr *tc; +static PptpCallId +AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) +{ /* IP packet to examine/patch */ + int hlen, tlen, dlen; + PptpMsgHead hptr; + struct tcphdr *tc; - /* Calculate some lengths */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + /* Calculate some lengths */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - /* Verify data length */ - if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds))) - return(NULL); + /* Verify data length */ + if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds))) + return (NULL); - /* Move up to PPTP message header */ - hptr = (PptpMsgHead)(((char *) pip) + hlen); + /* Move up to PPTP message header */ + hptr = (PptpMsgHead) (((char *)pip) + hlen); - /* Return the control message type */ - *ptype = ntohs(hptr->type); + /* Return the control message type */ + *ptype = ntohs(hptr->type); - /* Verify PPTP Control Message */ - if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) || - (ntohl(hptr->magic) != PPTP_MAGIC)) - return(NULL); + /* Verify PPTP Control Message */ + if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) || + (ntohl(hptr->magic) != PPTP_MAGIC)) + return (NULL); - /* Verify data length. */ - if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) && - (dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) + - sizeof(struct pptpCodes))) - return (NULL); - else - return (PptpCallId)(hptr + 1); + /* Verify data length. */ + if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) && + (dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) + + sizeof(struct pptpCodes))) + return (NULL); + else + return (PptpCallId) (hptr + 1); } int AliasHandlePptpGreOut(struct libalias *la, struct ip *pip) { - GreHdr *gr; - struct alias_link *link; + GreHdr *gr; + struct alias_link *link; - gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2)); + gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2)); - /* Check GRE header bits. */ - if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) - return (-1); + /* Check GRE header bits. */ + if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) + return (-1); - link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); - if (link != NULL) { - struct in_addr alias_addr = GetAliasAddress(link); + link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); + if (link != NULL) { + struct in_addr alias_addr = GetAliasAddress(link); - /* Change source IP address. */ - DifferentialChecksum(&pip->ip_sum, - (u_short *)&alias_addr, - (u_short *)&pip->ip_src, - 2); - pip->ip_src = alias_addr; - } - - return (0); + /* Change source IP address. */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_addr, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_addr; + } + return (0); } int AliasHandlePptpGreIn(struct libalias *la, struct ip *pip) { - GreHdr *gr; - struct alias_link *link; + GreHdr *gr; + struct alias_link *link; - gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2)); + gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2)); - /* Check GRE header bits. */ - if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) - return (-1); + /* Check GRE header bits. */ + if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) + return (-1); - link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); - if (link != NULL) { - struct in_addr src_addr = GetOriginalAddress(link); + link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); + if (link != NULL) { + struct in_addr src_addr = GetOriginalAddress(link); - /* De-alias the Peer's Call Id. */ - gr->gh_call_id = GetOriginalPort(link); + /* De-alias the Peer's Call Id. */ + gr->gh_call_id = GetOriginalPort(link); - /* Restore original IP address. */ - DifferentialChecksum(&pip->ip_sum, - (u_short *)&src_addr, - (u_short *)&pip->ip_dst, - 2); - pip->ip_dst = src_addr; - } - - return (0); + /* Restore original IP address. */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & src_addr, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = src_addr; + } + return (0); } diff --git a/lib/libalias/alias_proxy.c b/lib/libalias/alias_proxy.c index 8eb728a71863..cdbe32d1c0aa 100644 --- a/lib/libalias/alias_proxy.c +++ b/lib/libalias/alias_proxy.c @@ -71,8 +71,8 @@ __FBSDID("$FreeBSD$"); #include -#include "alias_local.h" /* Functions used by alias*.c */ -#include "alias.h" /* Public API functions for libalias */ +#include "alias_local.h" /* Functions used by alias*.c */ +#include "alias.h" /* Public API functions for libalias */ @@ -84,28 +84,27 @@ __FBSDID("$FreeBSD$"); * A linked list of arbitrary length, based on struct proxy_entry is * used to store proxy rules. */ -struct proxy_entry -{ - struct libalias *la; +struct proxy_entry { + struct libalias *la; #define PROXY_TYPE_ENCODE_NONE 1 #define PROXY_TYPE_ENCODE_TCPSTREAM 2 #define PROXY_TYPE_ENCODE_IPHDR 3 - int rule_index; - int proxy_type; - u_char proto; - u_short proxy_port; - u_short server_port; + int rule_index; + int proxy_type; + u_char proto; + u_short proxy_port; + u_short server_port; - struct in_addr server_addr; + struct in_addr server_addr; - struct in_addr src_addr; - struct in_addr src_mask; + struct in_addr src_addr; + struct in_addr src_mask; - struct in_addr dst_addr; - struct in_addr dst_mask; + struct in_addr dst_addr; + struct in_addr dst_mask; - struct proxy_entry *next; - struct proxy_entry *last; + struct proxy_entry *next; + struct proxy_entry *last; }; @@ -134,308 +133,297 @@ struct proxy_entry destination of a proxied IP packet */ -static int IpMask(int, struct in_addr *); -static int IpAddr(char *, struct in_addr *); -static int IpPort(char *, int, int *); -static void RuleAdd(struct libalias *la, struct proxy_entry *); -static void RuleDelete(struct proxy_entry *); -static int RuleNumberDelete(struct libalias *la, int); -static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int); -static void ProxyEncodeIpHeader(struct ip *, int); +static int IpMask(int, struct in_addr *); +static int IpAddr(char *, struct in_addr *); +static int IpPort(char *, int, int *); +static void RuleAdd(struct libalias *la, struct proxy_entry *); +static void RuleDelete(struct proxy_entry *); +static int RuleNumberDelete(struct libalias *la, int); +static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int); +static void ProxyEncodeIpHeader(struct ip *, int); static int IpMask(int nbits, struct in_addr *mask) { - int i; - u_int imask; + int i; + u_int imask; - if (nbits < 0 || nbits > 32) - return -1; + if (nbits < 0 || nbits > 32) + return -1; - imask = 0; - for (i=0; i> 1) + 0x80000000; - mask->s_addr = htonl(imask); + imask = 0; + for (i = 0; i < nbits; i++) + imask = (imask >> 1) + 0x80000000; + mask->s_addr = htonl(imask); - return 0; + return 0; } static int IpAddr(char *s, struct in_addr *addr) { - if (inet_aton(s, addr) == 0) - return -1; - else - return 0; + if (inet_aton(s, addr) == 0) + return -1; + else + return 0; } static int IpPort(char *s, int proto, int *port) { - int n; + int n; - n = sscanf(s, "%d", port); - if (n != 1) - { - struct servent *se; + n = sscanf(s, "%d", port); + if (n != 1) { + struct servent *se; - if (proto == IPPROTO_TCP) - se = getservbyname(s, "tcp"); - else if (proto == IPPROTO_UDP) - se = getservbyname(s, "udp"); - else - return -1; + if (proto == IPPROTO_TCP) + se = getservbyname(s, "tcp"); + else if (proto == IPPROTO_UDP) + se = getservbyname(s, "udp"); + else + return -1; - if (se == NULL) - return -1; + if (se == NULL) + return -1; - *port = (u_int) ntohs(se->s_port); - } - - return 0; + *port = (u_int) ntohs(se->s_port); + } + return 0; } void RuleAdd(struct libalias *la, struct proxy_entry *entry) { - int rule_index; - struct proxy_entry *ptr; - struct proxy_entry *ptr_last; + int rule_index; + struct proxy_entry *ptr; + struct proxy_entry *ptr_last; - if (la->proxyList == NULL) - { - la->proxyList = entry; - entry->last = NULL; - entry->next = NULL; - return; - } - entry->la = la; + if (la->proxyList == NULL) { + la->proxyList = entry; + entry->last = NULL; + entry->next = NULL; + return; + } + entry->la = la; - rule_index = entry->rule_index; - ptr = la->proxyList; - ptr_last = NULL; - while (ptr != NULL) - { - if (ptr->rule_index >= rule_index) - { - if (ptr_last == NULL) - { - entry->next = la->proxyList; - entry->last = NULL; - la->proxyList->last = entry; - la->proxyList = entry; - return; - } + rule_index = entry->rule_index; + ptr = la->proxyList; + ptr_last = NULL; + while (ptr != NULL) { + if (ptr->rule_index >= rule_index) { + if (ptr_last == NULL) { + entry->next = la->proxyList; + entry->last = NULL; + la->proxyList->last = entry; + la->proxyList = entry; + return; + } + ptr_last->next = entry; + ptr->last = entry; + entry->last = ptr->last; + entry->next = ptr; + return; + } + ptr_last = ptr; + ptr = ptr->next; + } - ptr_last->next = entry; - ptr->last = entry; - entry->last = ptr->last; - entry->next = ptr; - return; - } - ptr_last = ptr; - ptr = ptr->next; - } - - ptr_last->next = entry; - entry->last = ptr_last; - entry->next = NULL; + ptr_last->next = entry; + entry->last = ptr_last; + entry->next = NULL; } static void RuleDelete(struct proxy_entry *entry) { - struct libalias *la; - - la = entry->la; - if (entry->last != NULL) - entry->last->next = entry->next; - else - la->proxyList = entry->next; + struct libalias *la; - if (entry->next != NULL) - entry->next->last = entry->last; + la = entry->la; + if (entry->last != NULL) + entry->last->next = entry->next; + else + la->proxyList = entry->next; - free(entry); + if (entry->next != NULL) + entry->next->last = entry->last; + + free(entry); } static int RuleNumberDelete(struct libalias *la, int rule_index) { - int err; - struct proxy_entry *ptr; + int err; + struct proxy_entry *ptr; - err = -1; - ptr = la->proxyList; - while (ptr != NULL) - { - struct proxy_entry *ptr_next; + err = -1; + ptr = la->proxyList; + while (ptr != NULL) { + struct proxy_entry *ptr_next; - ptr_next = ptr->next; - if (ptr->rule_index == rule_index) - { - err = 0; - RuleDelete(ptr); - } + ptr_next = ptr->next; + if (ptr->rule_index == rule_index) { + err = 0; + RuleDelete(ptr); + } + ptr = ptr_next; + } - ptr = ptr_next; - } - - return err; + return err; } static void ProxyEncodeTcpStream(struct alias_link *link, - struct ip *pip, - int maxpacketsize) + struct ip *pip, + int maxpacketsize) { - int slen; - char buffer[40]; - struct tcphdr *tc; + int slen; + char buffer[40]; + struct tcphdr *tc; /* Compute pointer to tcp header */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); /* Don't modify if once already modified */ - if (GetAckModified (link)) - return; + if (GetAckModified(link)) + return; /* Translate destination address and port to string form */ - snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]", - inet_ntoa(GetProxyAddress (link)), (u_int) ntohs(GetProxyPort (link))); + snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]", + inet_ntoa(GetProxyAddress(link)), (u_int) ntohs(GetProxyPort(link))); /* Pad string out to a multiple of two in length */ - slen = strlen(buffer); - switch (slen % 2) - { - case 0: - strcat(buffer, " \n"); - slen += 2; - break; - case 1: - strcat(buffer, "\n"); - slen += 1; - } + slen = strlen(buffer); + switch (slen % 2) { + case 0: + strcat(buffer, " \n"); + slen += 2; + break; + case 1: + strcat(buffer, "\n"); + slen += 1; + } /* Check for packet overflow */ - if ((ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize) - return; + if ((ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize) + return; /* Shift existing TCP data and insert destination string */ - { - int dlen; - int hlen; - u_char *p; + { + int dlen; + int hlen; + u_char *p; - hlen = (pip->ip_hl + tc->th_off) << 2; - dlen = ntohs (pip->ip_len) - hlen; + hlen = (pip->ip_hl + tc->th_off) << 2; + dlen = ntohs(pip->ip_len) - hlen; /* Modify first packet that has data in it */ - if (dlen == 0) - return; + if (dlen == 0) + return; - p = (char *) pip; - p += hlen; + p = (char *)pip; + p += hlen; - memmove(p + slen, p, dlen); - memcpy(p, buffer, slen); - } + memmove(p + slen, p, dlen); + memcpy(p, buffer, slen); + } /* Save information about modfied sequence number */ - { - int delta; + { + int delta; - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta+slen); - } + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + slen); + } /* Update IP header packet length and checksum */ - { - int accumulate; + { + int accumulate; - accumulate = pip->ip_len; - pip->ip_len = htons(ntohs(pip->ip_len) + slen); - accumulate -= pip->ip_len; + accumulate = pip->ip_len; + pip->ip_len = htons(ntohs(pip->ip_len) + slen); + accumulate -= pip->ip_len; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); - } + ADJUST_CHECKSUM(accumulate, pip->ip_sum); + } /* Update TCP checksum, Use TcpChecksum since so many things have already changed. */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum (pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); } static void ProxyEncodeIpHeader(struct ip *pip, - int maxpacketsize) + int maxpacketsize) { #define OPTION_LEN_BYTES 8 #define OPTION_LEN_INT16 4 #define OPTION_LEN_INT32 2 - u_char option[OPTION_LEN_BYTES]; + u_char option[OPTION_LEN_BYTES]; #ifdef DEBUG - fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip)); - fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip)); + fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip)); + fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip)); #endif /* Check to see that there is room to add an IP option */ - if (pip->ip_hl > (0x0f - OPTION_LEN_INT32)) - return; + if (pip->ip_hl > (0x0f - OPTION_LEN_INT32)) + return; /* Build option and copy into packet */ - { - u_char *ptr; - struct tcphdr *tc; + { + u_char *ptr; + struct tcphdr *tc; - ptr = (u_char *) pip; - ptr += 20; - memcpy(ptr + OPTION_LEN_BYTES, ptr, ntohs(pip->ip_len) - 20); + ptr = (u_char *) pip; + ptr += 20; + memcpy(ptr + OPTION_LEN_BYTES, ptr, ntohs(pip->ip_len) - 20); - option[0] = 0x64; /* class: 3 (reserved), option 4 */ - option[1] = OPTION_LEN_BYTES; + option[0] = 0x64; /* class: 3 (reserved), option 4 */ + option[1] = OPTION_LEN_BYTES; - memcpy(&option[2], (u_char *) &pip->ip_dst, 4); + memcpy(&option[2], (u_char *) & pip->ip_dst, 4); - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - memcpy(&option[6], (u_char *) &tc->th_sport, 2); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + memcpy(&option[6], (u_char *) & tc->th_sport, 2); - memcpy(ptr, option, 8); - } + memcpy(ptr, option, 8); + } /* Update checksum, header length and packet length */ - { - int i; - int accumulate; - u_short *sptr; + { + int i; + int accumulate; + u_short *sptr; - sptr = (u_short *) option; - accumulate = 0; - for (i=0; iip_hl += OPTION_LEN_INT32; - accumulate -= *sptr; + sptr = (u_short *) pip; + accumulate += *sptr; + pip->ip_hl += OPTION_LEN_INT32; + accumulate -= *sptr; - accumulate += pip->ip_len; - pip->ip_len = htons(ntohs(pip->ip_len) + OPTION_LEN_BYTES); - accumulate -= pip->ip_len; + accumulate += pip->ip_len; + pip->ip_len = htons(ntohs(pip->ip_len) + OPTION_LEN_BYTES); + accumulate -= pip->ip_len; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); - } + ADJUST_CHECKSUM(accumulate, pip->ip_sum); + } #undef OPTION_LEN_BYTES #undef OPTION_LEN_INT16 #undef OPTION_LEN_INT32 #ifdef DEBUG - fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip)); - fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip)); + fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip)); + fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip)); #endif } @@ -451,66 +439,62 @@ ProxyEncodeIpHeader(struct ip *pip, int ProxyCheck(struct libalias *la, struct ip *pip, - struct in_addr *proxy_server_addr, - u_short *proxy_server_port) + struct in_addr *proxy_server_addr, + u_short * proxy_server_port) { - u_short dst_port; - struct in_addr src_addr; - struct in_addr dst_addr; - struct proxy_entry *ptr; + u_short dst_port; + struct in_addr src_addr; + struct in_addr dst_addr; + struct proxy_entry *ptr; - src_addr = pip->ip_src; - dst_addr = pip->ip_dst; - dst_port = ((struct tcphdr *) ((char *) pip + (pip->ip_hl << 2))) - ->th_dport; + src_addr = pip->ip_src; + dst_addr = pip->ip_dst; + dst_port = ((struct tcphdr *)((char *)pip + (pip->ip_hl << 2))) + ->th_dport; - ptr = la->proxyList; - while (ptr != NULL) - { - u_short proxy_port; + ptr = la->proxyList; + while (ptr != NULL) { + u_short proxy_port; - proxy_port = ptr->proxy_port; - if ((dst_port == proxy_port || proxy_port == 0) - && pip->ip_p == ptr->proto - && src_addr.s_addr != ptr->server_addr.s_addr) - { - struct in_addr src_addr_masked; - struct in_addr dst_addr_masked; + proxy_port = ptr->proxy_port; + if ((dst_port == proxy_port || proxy_port == 0) + && pip->ip_p == ptr->proto + && src_addr.s_addr != ptr->server_addr.s_addr) { + struct in_addr src_addr_masked; + struct in_addr dst_addr_masked; - src_addr_masked.s_addr = src_addr.s_addr & ptr->src_mask.s_addr; - dst_addr_masked.s_addr = dst_addr.s_addr & ptr->dst_mask.s_addr; + src_addr_masked.s_addr = src_addr.s_addr & ptr->src_mask.s_addr; + dst_addr_masked.s_addr = dst_addr.s_addr & ptr->dst_mask.s_addr; - if ((src_addr_masked.s_addr == ptr->src_addr.s_addr) - && (dst_addr_masked.s_addr == ptr->dst_addr.s_addr)) - { - if ((*proxy_server_port = ptr->server_port) == 0) - *proxy_server_port = dst_port; - *proxy_server_addr = ptr->server_addr; - return ptr->proxy_type; - } - } - ptr = ptr->next; - } + if ((src_addr_masked.s_addr == ptr->src_addr.s_addr) + && (dst_addr_masked.s_addr == ptr->dst_addr.s_addr)) { + if ((*proxy_server_port = ptr->server_port) == 0) + *proxy_server_port = dst_port; + *proxy_server_addr = ptr->server_addr; + return ptr->proxy_type; + } + } + ptr = ptr->next; + } - return 0; + return 0; } void ProxyModify(struct libalias *la, struct alias_link *link, - struct ip *pip, - int maxpacketsize, - int proxy_type) + struct ip *pip, + int maxpacketsize, + int proxy_type) { - switch (proxy_type) - { - case PROXY_TYPE_ENCODE_IPHDR: - ProxyEncodeIpHeader(pip, maxpacketsize); - break; + switch (proxy_type) { + case PROXY_TYPE_ENCODE_IPHDR: + ProxyEncodeIpHeader(pip, maxpacketsize); + break; - case PROXY_TYPE_ENCODE_TCPSTREAM: - ProxyEncodeTcpStream(link, pip, maxpacketsize); - break; - } + case PROXY_TYPE_ENCODE_TCPSTREAM: + ProxyEncodeTcpStream(link, pip, maxpacketsize); + break; + } } @@ -542,54 +526,54 @@ LibAliasProxyRule(struct libalias *la, const char *cmd) * then 0 is used, and group 0 rules are always checked before any * others. */ - int i, n, len; - int cmd_len; - int token_count; - int state; - char *token; - char buffer[256]; - char str_port[sizeof(buffer)]; - char str_server_port[sizeof(buffer)]; - char *res = buffer; + int i, n, len; + int cmd_len; + int token_count; + int state; + char *token; + char buffer[256]; + char str_port[sizeof(buffer)]; + char str_server_port[sizeof(buffer)]; + char *res = buffer; - int rule_index; - int proto; - int proxy_type; - int proxy_port; - int server_port; - struct in_addr server_addr; - struct in_addr src_addr, src_mask; - struct in_addr dst_addr, dst_mask; - struct proxy_entry *proxy_entry; + int rule_index; + int proto; + int proxy_type; + int proxy_port; + int server_port; + struct in_addr server_addr; + struct in_addr src_addr, src_mask; + struct in_addr dst_addr, dst_mask; + struct proxy_entry *proxy_entry; /* Copy command line into a buffer */ - cmd += strspn(cmd, " \t"); - cmd_len = strlen(cmd); - if (cmd_len > (sizeof(buffer) - 1)) - return -1; - strcpy(buffer, cmd); + cmd += strspn(cmd, " \t"); + cmd_len = strlen(cmd); + if (cmd_len > (sizeof(buffer) - 1)) + return -1; + strcpy(buffer, cmd); /* Convert to lower case */ - len = strlen(buffer); - for (i=0; iproxy_type = proxy_type; - proxy_entry->rule_index = rule_index; - proxy_entry->proto = proto; - proxy_entry->proxy_port = htons(proxy_port); - proxy_entry->server_port = htons(server_port); - proxy_entry->server_addr = server_addr; - proxy_entry->src_addr.s_addr = src_addr.s_addr & src_mask.s_addr; - proxy_entry->dst_addr.s_addr = dst_addr.s_addr & dst_mask.s_addr; - proxy_entry->src_mask = src_mask; - proxy_entry->dst_mask = dst_mask; + proxy_entry->proxy_type = proxy_type; + proxy_entry->rule_index = rule_index; + proxy_entry->proto = proto; + proxy_entry->proxy_port = htons(proxy_port); + proxy_entry->server_port = htons(server_port); + proxy_entry->server_addr = server_addr; + proxy_entry->src_addr.s_addr = src_addr.s_addr & src_mask.s_addr; + proxy_entry->dst_addr.s_addr = dst_addr.s_addr & dst_mask.s_addr; + proxy_entry->src_mask = src_mask; + proxy_entry->dst_mask = dst_mask; - RuleAdd(la, proxy_entry); + RuleAdd(la, proxy_entry); - return 0; + return 0; } diff --git a/lib/libalias/alias_skinny.c b/lib/libalias/alias_skinny.c index d6748934bf0e..3c482b426770 100644 --- a/lib/libalias/alias_skinny.c +++ b/lib/libalias/alias_skinny.c @@ -60,10 +60,10 @@ * has answered. The phone then sends back an Open Receive Channel * Acknowledgement. In this packet, the phone sends its IP address again, * and the UDP port over which the voice traffic should flow. These values - * need translation. Right after the Open Receive Channel Acknowledgement, + * need translation. Right after the Open Receive Channel Acknowledgement, * the Call Manager sends a Start Media Transmission message indicating the - * call is connected. This message contains the IP address and UDP port - * number of the remote (called) party. Once this message is translated, the + * call is connected. This message contains the IP address and UDP port + * number of the remote (called) party. Once this message is translated, the * call can commence. The called part sends the first UDP packet to the * calling phone at the pre-arranged UDP port in the Open Receive Channel * Acknowledgement. @@ -81,258 +81,258 @@ #define START_MEDIATX 0x0000008a struct skinny_header { - u_int32_t len; - u_int32_t reserved; - u_int32_t msgId; + u_int32_t len; + u_int32_t reserved; + u_int32_t msgId; }; struct RegisterMessage { - u_int32_t msgId; - char devName[16]; - u_int32_t uid; - u_int32_t instance; - u_int32_t ipAddr; - u_char devType; - u_int32_t maxStreams; + u_int32_t msgId; + char devName [16]; + u_int32_t uid; + u_int32_t instance; + u_int32_t ipAddr; + u_char devType; + u_int32_t maxStreams; }; struct IpPortMessage { - u_int32_t msgId; - u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port - * numbers */ + u_int32_t msgId; + u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port + * numbers */ }; struct OpenReceiveChannelAck { - u_int32_t msgId; - u_int32_t status; - u_int32_t ipAddr; - u_int32_t port; - u_int32_t passThruPartyID; + u_int32_t msgId; + u_int32_t status; + u_int32_t ipAddr; + u_int32_t port; + u_int32_t passThruPartyID; }; struct StartMediaTransmission { - u_int32_t msgId; - u_int32_t conferenceID; - u_int32_t passThruPartyID; - u_int32_t remoteIpAddr; - u_int32_t remotePort; - u_int32_t MSPacket; - u_int32_t payloadCap; - u_int32_t precedence; - u_int32_t silenceSuppression; - u_short maxFramesPerPacket; - u_int32_t G723BitRate; + u_int32_t msgId; + u_int32_t conferenceID; + u_int32_t passThruPartyID; + u_int32_t remoteIpAddr; + u_int32_t remotePort; + u_int32_t MSPacket; + u_int32_t payloadCap; + u_int32_t precedence; + u_int32_t silenceSuppression; + u_short maxFramesPerPacket; + u_int32_t G723BitRate; }; typedef enum { - ClientToServer = 0, - ServerToClient = 1 + ClientToServer = 0, + ServerToClient = 1 } ConvDirection; static int alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip, - struct tcphdr *tc, struct alias_link *link, - ConvDirection direction) + struct tcphdr *tc, struct alias_link *link, + ConvDirection direction) { - reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr; + reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr; - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } static int alias_skinny_startmedia(struct StartMediaTransmission *start_media, - struct ip *pip, struct tcphdr *tc, - struct alias_link *link, u_int32_t localIpAddr, - ConvDirection direction) + struct ip *pip, struct tcphdr *tc, + struct alias_link *link, u_int32_t localIpAddr, + ConvDirection direction) { - struct in_addr dst, src; + struct in_addr dst, src; - dst.s_addr = start_media->remoteIpAddr; - src.s_addr = localIpAddr; + dst.s_addr = start_media->remoteIpAddr; + src.s_addr = localIpAddr; - /* XXX I should probably handle in bound global translations as well. */ + /* + * XXX I should probably handle in bound global translations as + * well. + */ - return 0; + return 0; } static int alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip, - struct tcphdr *tc, struct alias_link *link, - ConvDirection direction) + struct tcphdr *tc, struct alias_link *link, + ConvDirection direction) { - port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link)); + port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link)); - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } static int alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack, - struct ip * pip, struct tcphdr *tc, - struct alias_link *link, u_int32_t *localIpAddr, - ConvDirection direction) + struct ip *pip, struct tcphdr *tc, + struct alias_link *link, u_int32_t * localIpAddr, + ConvDirection direction) { - struct in_addr null_addr; - struct alias_link *opnrcv_link; - u_int32_t localPort; + struct in_addr null_addr; + struct alias_link *opnrcv_link; + u_int32_t localPort; - *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr; - localPort = opnrcvch_ack->port; + *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr; + localPort = opnrcvch_ack->port; - null_addr.s_addr = INADDR_ANY; - opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr, - htons((u_short) opnrcvch_ack->port), 0, - IPPROTO_UDP, 1); - opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr; - opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link)); + null_addr.s_addr = INADDR_ANY; + opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr, + htons((u_short) opnrcvch_ack->port), 0, + IPPROTO_UDP, 1); + opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr; + opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link)); - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } void AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *link) { - int hlen, tlen, dlen; - struct tcphdr *tc; - u_int32_t msgId, len, t, lip; - struct skinny_header *sd; - int orig_len, skinny_hdr_len = sizeof(struct skinny_header); - ConvDirection direction; + int hlen, tlen, dlen; + struct tcphdr *tc; + u_int32_t msgId, len, t, lip; + struct skinny_header *sd; + int orig_len, skinny_hdr_len = sizeof(struct skinny_header); + ConvDirection direction; - tc = (struct tcphdr *) ((char *)pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - sd = (struct skinny_header *) ((char *)pip + hlen); + sd = (struct skinny_header *)((char *)pip + hlen); - /* - * XXX This direction is reserved for future use. I still need to - * handle the scenario where the call manager is on the inside, and - * the calling phone is on the global outside. - */ - if (ntohs(tc->th_dport) == la->skinnyPort) { - direction = ClientToServer; - } else if (ntohs(tc->th_sport) == la->skinnyPort) { - direction = ServerToClient; - } else { + /* + * XXX This direction is reserved for future use. I still need to + * handle the scenario where the call manager is on the inside, and + * the calling phone is on the global outside. + */ + if (ntohs(tc->th_dport) == la->skinnyPort) { + direction = ClientToServer; + } else if (ntohs(tc->th_sport) == la->skinnyPort) { + direction = ServerToClient; + } else { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n"); + fprintf(stderr, + "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n"); #endif - return; - } + return; + } - orig_len = dlen; - /* - * Skinny packets can contain many messages. We need to loop through - * the packet using len to determine message boundaries. This comes - * into play big time with port messages being in the same packet as - * register messages. Also, open receive channel acks are - * usually buried in a pakcet some 400 bytes long. - */ - while (dlen >= skinny_hdr_len) { - len = (sd->len); - msgId = (sd->msgId); - t = len; + orig_len = dlen; + /* + * Skinny packets can contain many messages. We need to loop + * through the packet using len to determine message boundaries. + * This comes into play big time with port messages being in the + * same packet as register messages. Also, open receive channel + * acks are usually buried in a pakcet some 400 bytes long. + */ + while (dlen >= skinny_hdr_len) { + len = (sd->len); + msgId = (sd->msgId); + t = len; - if (t < 0 || t > orig_len || t > dlen) { + if (t < 0 || t > orig_len || t > dlen) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, invalid length \n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, invalid length \n"); #endif - return; - } - switch (msgId) { - case REG_MSG: - { - struct RegisterMessage *reg_mesg; + return; + } + switch (msgId) { + case REG_MSG: { + struct RegisterMessage *reg_mesg; - if (len < sizeof(struct RegisterMessage)) { + if (len < sizeof(struct RegisterMessage)) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, bad registration message\n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, bad registration message\n"); #endif - return; - } - reg_mesg = (struct RegisterMessage *) & sd->msgId; + return; + } + reg_mesg = (struct RegisterMessage *)&sd->msgId; #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Received a register message"); + fprintf(stderr, + "PacketAlias/Skinny: Received a register message"); #endif - alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction); - } - break; - case IP_PORT_MSG: - { - struct IpPortMessage *port_mesg; - if (len < sizeof(struct IpPortMessage)) { -#ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, port message\n"); -#endif - return; - } -#ifdef DEBUG - fprintf(stderr - "PacketAlias/Skinny: Received ipport message\n"); -#endif - port_mesg = (struct IpPortMessage *) & sd->msgId; - alias_skinny_port_msg(port_mesg, pip, tc, link, direction); - } - break; - case OPNRCVCH_ACK: - { - struct OpenReceiveChannelAck *opnrcvchn_ack; + alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction); + break; + } + case IP_PORT_MSG: { + struct IpPortMessage *port_mesg; - if (len < sizeof(struct OpenReceiveChannelAck)) { + if (len < sizeof(struct IpPortMessage)) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, port message\n"); #endif - return; - } + return; + } #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Received open rcv channel msg\n"); + fprintf(stderr + "PacketAlias/Skinny: Received ipport message\n"); #endif - opnrcvchn_ack = (struct OpenReceiveChannelAck *) & sd->msgId; - alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction); - } - break; - case START_MEDIATX: - { - struct StartMediaTransmission *startmedia_tx; + port_mesg = (struct IpPortMessage *)&sd->msgId; + alias_skinny_port_msg(port_mesg, pip, tc, link, direction); + break; + } + case OPNRCVCH_ACK: { + struct OpenReceiveChannelAck *opnrcvchn_ack; - if (len < sizeof(struct StartMediaTransmission)) { + if (len < sizeof(struct OpenReceiveChannelAck)) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n"); #endif - return; - } + return; + } #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Received start media trans msg\n"); + fprintf(stderr, + "PacketAlias/Skinny: Received open rcv channel msg\n"); #endif - startmedia_tx = (struct StartMediaTransmission *) & sd->msgId; - alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction); - } - break; - default: - break; - } - /* Place the pointer at the next message in the packet. */ - dlen -= len + (skinny_hdr_len - sizeof(msgId)); - sd = (struct skinny_header *) (((char *)&sd->msgId) + len); - } + opnrcvchn_ack = (struct OpenReceiveChannelAck *)&sd->msgId; + alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction); + break; + } + case START_MEDIATX: { + struct StartMediaTransmission *startmedia_tx; + + if (len < sizeof(struct StartMediaTransmission)) { +#ifdef DEBUG + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n"); +#endif + return; + } +#ifdef DEBUG + fprintf(stderr, + "PacketAlias/Skinny: Received start media trans msg\n"); +#endif + startmedia_tx = (struct StartMediaTransmission *)&sd->msgId; + alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction); + break; + } + default: + break; + } + /* Place the pointer at the next message in the packet. */ + dlen -= len + (skinny_hdr_len - sizeof(msgId)); + sd = (struct skinny_header *)(((char *)&sd->msgId) + len); + } } diff --git a/lib/libalias/alias_smedia.c b/lib/libalias/alias_smedia.c index 600563cef411..700f4097039c 100644 --- a/lib/libalias/alias_smedia.c +++ b/lib/libalias/alias_smedia.c @@ -118,316 +118,326 @@ __FBSDID("$FreeBSD$"); static int search_string(char *data, int dlen, const char *search_str) { - int i, j, k; - int search_str_len; + int i, j, k; + int search_str_len; - search_str_len = strlen(search_str); - for (i = 0; i < dlen - search_str_len; i++) { - for (j = i, k = 0; j < dlen - search_str_len; j++, k++) { - if (data[j] != search_str[k] && - data[j] != search_str[k] - ('a' - 'A')) { - break; - } - if (k == search_str_len - 1) { - return j + 1; - } + search_str_len = strlen(search_str); + for (i = 0; i < dlen - search_str_len; i++) { + for (j = i, k = 0; j < dlen - search_str_len; j++, k++) { + if (data[j] != search_str[k] && + data[j] != search_str[k] - ('a' - 'A')) { + break; + } + if (k == search_str_len - 1) { + return j + 1; + } + } } - } - return -1; + return -1; } static int alias_rtsp_out(struct libalias *la, struct ip *pip, - struct alias_link *link, - char *data, - const char *port_str) + struct alias_link *link, + char *data, + const char *port_str) { - int hlen, tlen, dlen; - struct tcphdr *tc; - int i, j, pos, state, port_dlen, new_dlen, delta; - u_short p[2], new_len; - u_short sport, eport, base_port; - u_short salias = 0, ealias = 0, base_alias = 0; - const char *transport_str = "transport:"; - char newdata[2048], *port_data, *port_newdata, stemp[80]; - int links_created = 0, pkt_updated = 0; - struct alias_link *rtsp_link = NULL; - struct in_addr null_addr; + int hlen, tlen, dlen; + struct tcphdr *tc; + int i, j, pos, state, port_dlen, new_dlen, delta; + u_short p[2], new_len; + u_short sport, eport, base_port; + u_short salias = 0, ealias = 0, base_alias = 0; + const char *transport_str = "transport:"; + char newdata[2048], *port_data, *port_newdata, stemp[80]; + int links_created = 0, pkt_updated = 0; + struct alias_link *rtsp_link = NULL; + struct in_addr null_addr; - /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + /* Calculate data length of TCP packet */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - /* Find keyword, "Transport: " */ - pos = search_string(data, dlen, transport_str); - if (pos < 0) { - return -1; - } - port_data = data + pos; - port_dlen = dlen - pos; - - memcpy(newdata, data, pos); - port_newdata = newdata + pos; - - while (port_dlen > strlen(port_str)) { - /* Find keyword, appropriate port string */ - pos = search_string(port_data, port_dlen, port_str); + /* Find keyword, "Transport: " */ + pos = search_string(data, dlen, transport_str); if (pos < 0) { - break; + return -1; } + port_data = data + pos; + port_dlen = dlen - pos; - memcpy (port_newdata, port_data, pos + 1); - port_newdata += (pos + 1); + memcpy(newdata, data, pos); + port_newdata = newdata + pos; - p[0] = p[1] = 0; - sport = eport = 0; - state = 0; - for (i = pos; i < port_dlen; i++) { - switch(state) { - case 0: - if (port_data[i] == '=') { - state++; + while (port_dlen > strlen(port_str)) { + /* Find keyword, appropriate port string */ + pos = search_string(port_data, port_dlen, port_str); + if (pos < 0) { + break; } - break; - case 1: - if (ISDIGIT(port_data[i])) { - p[0] = p[0] * 10 + port_data[i] - '0'; - } else { - if (port_data[i] == ';') { - state = 3; - } - if (port_data[i] == '-') { - state++; - } - } - break; - case 2: - if (ISDIGIT(port_data[i])) { - p[1] = p[1] * 10 + port_data[i] - '0'; - } else { - state++; - } - break; - case 3: - base_port = p[0]; - sport = htons(p[0]); - eport = htons(p[1]); + memcpy(port_newdata, port_data, pos + 1); + port_newdata += (pos + 1); - if (!links_created) { + p[0] = p[1] = 0; + sport = eport = 0; + state = 0; + for (i = pos; i < port_dlen; i++) { + switch (state) { + case 0: + if (port_data[i] == '=') { + state++; + } + break; + case 1: + if (ISDIGIT(port_data[i])) { + p[0] = p[0] * 10 + port_data[i] - '0'; + } else { + if (port_data[i] == ';') { + state = 3; + } + if (port_data[i] == '-') { + state++; + } + } + break; + case 2: + if (ISDIGIT(port_data[i])) { + p[1] = p[1] * 10 + port_data[i] - '0'; + } else { + state++; + } + break; + case 3: + base_port = p[0]; + sport = htons(p[0]); + eport = htons(p[1]); - links_created = 1; - /* Find an even numbered port number base that - satisfies the contiguous number of ports we need */ - null_addr.s_addr = 0; - if (0 == (salias = FindNewPortGroup(la, null_addr, - FindAliasAddress(la, pip->ip_src), - sport, 0, - RTSP_PORT_GROUP, - IPPROTO_UDP, 1))) { + if (!links_created) { + + links_created = 1; + /* + * Find an even numbered port + * number base that satisfies the + * contiguous number of ports we + * need + */ + null_addr.s_addr = 0; + if (0 == (salias = FindNewPortGroup(la, null_addr, + FindAliasAddress(la, pip->ip_src), + sport, 0, + RTSP_PORT_GROUP, + IPPROTO_UDP, 1))) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n"); + fprintf(stderr, + "PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n"); #endif - } else { + } else { - base_alias = ntohs(salias); - for (j = 0; j < RTSP_PORT_GROUP; j++) { - /* Establish link to port found in RTSP packet */ - rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr, - htons(base_port + j), htons(base_alias + j), - IPPROTO_UDP); - if (rtsp_link != NULL) { + base_alias = ntohs(salias); + for (j = 0; j < RTSP_PORT_GROUP; j++) { + /* + * Establish link + * to port found in + * RTSP packet + */ + rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr, + htons(base_port + j), htons(base_alias + j), + IPPROTO_UDP); + if (rtsp_link != NULL) { #ifndef NO_FW_PUNCH - /* Punch hole in firewall */ - PunchFWHole(rtsp_link); + /* + * Punch + * hole in + * firewall + */ + PunchFWHole(rtsp_link); #endif - } else { + } else { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/RTSP: Cannot allocate RTSP data ports\n"); + fprintf(stderr, + "PacketAlias/RTSP: Cannot allocate RTSP data ports\n"); #endif - break; - } - } - } - ealias = htons(base_alias + (RTSP_PORT_GROUP - 1)); + break; + } + } + } + ealias = htons(base_alias + (RTSP_PORT_GROUP - 1)); + } + if (salias && rtsp_link) { + + pkt_updated = 1; + + /* Copy into IP packet */ + sprintf(stemp, "%d", ntohs(salias)); + memcpy(port_newdata, stemp, strlen(stemp)); + port_newdata += strlen(stemp); + + if (eport != 0) { + *port_newdata = '-'; + port_newdata++; + + /* Copy into IP packet */ + sprintf(stemp, "%d", ntohs(ealias)); + memcpy(port_newdata, stemp, strlen(stemp)); + port_newdata += strlen(stemp); + } + *port_newdata = ';'; + port_newdata++; + } + state++; + break; + } + if (state > 3) { + break; + } } - - if (salias && rtsp_link) { - - pkt_updated = 1; - - /* Copy into IP packet */ - sprintf(stemp, "%d", ntohs(salias)); - memcpy(port_newdata, stemp, strlen(stemp)); - port_newdata += strlen(stemp); - - if (eport != 0) { - *port_newdata = '-'; - port_newdata++; - - /* Copy into IP packet */ - sprintf(stemp, "%d", ntohs(ealias)); - memcpy(port_newdata, stemp, strlen(stemp)); - port_newdata += strlen(stemp); - } - - *port_newdata = ';'; - port_newdata++; - } - state++; - break; - } - if (state > 3) { - break; - } + port_data += i; + port_dlen -= i; } - port_data += i; - port_dlen -= i; - } - if (!pkt_updated) - return -1; + if (!pkt_updated) + return -1; - memcpy (port_newdata, port_data, port_dlen); - port_newdata += port_dlen; - *port_newdata = '\0'; + memcpy(port_newdata, port_data, port_dlen); + port_newdata += port_dlen; + *port_newdata = '\0'; - /* Create new packet */ - new_dlen = port_newdata - newdata; - memcpy (data, newdata, new_dlen); + /* Create new packet */ + new_dlen = port_newdata - newdata; + memcpy(data, newdata, new_dlen); - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta + new_dlen - dlen); + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + new_dlen - dlen); - new_len = htons(hlen + new_dlen); - DifferentialChecksum(&pip->ip_sum, - &new_len, - &pip->ip_len, - 1); - pip->ip_len = new_len; + new_len = htons(hlen + new_dlen); + DifferentialChecksum(&pip->ip_sum, + &new_len, + &pip->ip_len, + 1); + pip->ip_len = new_len; - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } /* Support the protocol used by early versions of RealPlayer */ static int alias_pna_out(struct libalias *la, struct ip *pip, - struct alias_link *link, - char *data, - int dlen) + struct alias_link *link, + char *data, + int dlen) { - struct alias_link *pna_links; - u_short msg_id, msg_len; - char *work; - u_short alias_port, port; - struct tcphdr *tc; + struct alias_link *pna_links; + u_short msg_id, msg_len; + char *work; + u_short alias_port, port; + struct tcphdr *tc; - work = data; - work += 5; - while (work + 4 < data + dlen) { - memcpy(&msg_id, work, 2); - work += 2; - memcpy(&msg_len, work, 2); - work += 2; - if (ntohs(msg_id) == 0) { - /* end of options */ - return 0; - } - if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) { - memcpy(&port, work, 2); - pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), - port, 0, IPPROTO_UDP, 1); - if (pna_links != NULL) { + work = data; + work += 5; + while (work + 4 < data + dlen) { + memcpy(&msg_id, work, 2); + work += 2; + memcpy(&msg_len, work, 2); + work += 2; + if (ntohs(msg_id) == 0) { + /* end of options */ + return 0; + } + if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) { + memcpy(&port, work, 2); + pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), + port, 0, IPPROTO_UDP, 1); + if (pna_links != NULL) { #ifndef NO_FW_PUNCH - /* Punch hole in firewall */ - PunchFWHole(pna_links); + /* Punch hole in firewall */ + PunchFWHole(pna_links); #endif - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - alias_port = GetAliasPort(pna_links); - memcpy(work, &alias_port, 2); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + alias_port = GetAliasPort(pna_links); + memcpy(work, &alias_port, 2); - /* Compute TCP checksum for revised packet */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); - } + /* Compute TCP checksum for revised packet */ + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); + } + } + work += ntohs(msg_len); } - work += ntohs(msg_len); - } - return 0; + return 0; } void AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *link, int maxpacketsize) { - int hlen, tlen, dlen; - struct tcphdr *tc; - char *data; - const char *setup = "SETUP", *pna = "PNA", *str200 = "200"; - const char *okstr = "OK", *client_port_str = "client_port"; - const char *server_port_str = "server_port"; - int i, parseOk; + int hlen, tlen, dlen; + struct tcphdr *tc; + char *data; + const char *setup = "SETUP", *pna = "PNA", *str200 = "200"; + const char *okstr = "OK", *client_port_str = "client_port"; + const char *server_port_str = "server_port"; + int i, parseOk; - tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - data = (char*)pip; - data += hlen; + data = (char *)pip; + data += hlen; - /* When aliasing a client, check for the SETUP request */ - if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) || - (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) { + /* When aliasing a client, check for the SETUP request */ + if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) || + (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) { - if (dlen >= strlen(setup)) { - if (memcmp(data, setup, strlen(setup)) == 0) { - alias_rtsp_out(la, pip, link, data, client_port_str); - return; + if (dlen >= strlen(setup)) { + if (memcmp(data, setup, strlen(setup)) == 0) { + alias_rtsp_out(la, pip, link, data, client_port_str); + return; + } + } + if (dlen >= strlen(pna)) { + if (memcmp(data, pna, strlen(pna)) == 0) { + alias_pna_out(la, pip, link, data, dlen); + } + } + } else { + + /* + * When aliasing a server, check for the 200 reply + * Accomodate varying number of blanks between 200 & OK + */ + + if (dlen >= strlen(str200)) { + + for (parseOk = 0, i = 0; + i <= dlen - strlen(str200); + i++) { + if (memcmp(&data[i], str200, strlen(str200)) == 0) { + parseOk = 1; + break; + } + } + if (parseOk) { + + i += strlen(str200); /* skip string found */ + while (data[i] == ' ') /* skip blank(s) */ + i++; + + if ((dlen - i) >= strlen(okstr)) { + + if (memcmp(&data[i], okstr, strlen(okstr)) == 0) + alias_rtsp_out(la, pip, link, data, server_port_str); + + } + } + } } - } - if (dlen >= strlen(pna)) { - if (memcmp(data, pna, strlen(pna)) == 0) { - alias_pna_out(la, pip, link, data, dlen); - } - } - - } else { - - /* When aliasing a server, check for the 200 reply - Accomodate varying number of blanks between 200 & OK */ - - if (dlen >= strlen(str200)) { - - for (parseOk = 0, i = 0; - i <= dlen - strlen(str200); - i++) { - if (memcmp(&data[i], str200, strlen(str200)) == 0) { - parseOk = 1; - break; - } - } - if (parseOk) { - - i += strlen(str200); /* skip string found */ - while(data[i] == ' ') /* skip blank(s) */ - i++; - - if ((dlen - i) >= strlen(okstr)) { - - if (memcmp(&data[i], okstr, strlen(okstr)) == 0) - alias_rtsp_out(la, pip, link, data, server_port_str); - - } - } - } - } } diff --git a/lib/libalias/alias_util.c b/lib/libalias/alias_util.c index 1bba0754f287..d7d0b3fa3c04 100644 --- a/lib/libalias/alias_util.c +++ b/lib/libalias/alias_util.c @@ -61,110 +61,100 @@ purposes); #include "alias_local.h" u_short -LibAliasInternetChecksum(struct libalias *la, u_short *ptr, int nbytes) +LibAliasInternetChecksum(struct libalias *la, u_short * ptr, int nbytes) { - int sum, oddbyte; + int sum, oddbyte; - sum = 0; - while (nbytes > 1) - { - sum += *ptr++; - nbytes -= 2; - } - if (nbytes == 1) - { - oddbyte = 0; - ((u_char *) &oddbyte)[0] = *(u_char *) ptr; - ((u_char *) &oddbyte)[1] = 0; - sum += oddbyte; - } - sum = (sum >> 16) + (sum & 0xffff); - sum += (sum >> 16); - return(~sum); + sum = 0; + while (nbytes > 1) { + sum += *ptr++; + nbytes -= 2; + } + if (nbytes == 1) { + oddbyte = 0; + ((u_char *) & oddbyte)[0] = *(u_char *) ptr; + ((u_char *) & oddbyte)[1] = 0; + sum += oddbyte; + } + sum = (sum >> 16) + (sum & 0xffff); + sum += (sum >> 16); + return (~sum); } u_short IpChecksum(struct ip *pip) { - return( PacketAliasInternetChecksum((u_short *) pip, - (pip->ip_hl << 2)) ); + return (PacketAliasInternetChecksum((u_short *) pip, + (pip->ip_hl << 2))); } u_short TcpChecksum(struct ip *pip) { - u_short *ptr; - struct tcphdr *tc; - int nhdr, ntcp, nbytes; - int sum, oddbyte; + u_short *ptr; + struct tcphdr *tc; + int nhdr, ntcp, nbytes; + int sum, oddbyte; - nhdr = pip->ip_hl << 2; - ntcp = ntohs(pip->ip_len) - nhdr; + nhdr = pip->ip_hl << 2; + ntcp = ntohs(pip->ip_len) - nhdr; - tc = (struct tcphdr *) ((char *) pip + nhdr); - ptr = (u_short *) tc; + tc = (struct tcphdr *)((char *)pip + nhdr); + ptr = (u_short *) tc; /* Add up TCP header and data */ - nbytes = ntcp; - sum = 0; - while (nbytes > 1) - { - sum += *ptr++; - nbytes -= 2; - } - if (nbytes == 1) - { - oddbyte = 0; - ((u_char *) &oddbyte)[0] = *(u_char *) ptr; - ((u_char *) &oddbyte)[1] = 0; - sum += oddbyte; - } - + nbytes = ntcp; + sum = 0; + while (nbytes > 1) { + sum += *ptr++; + nbytes -= 2; + } + if (nbytes == 1) { + oddbyte = 0; + ((u_char *) & oddbyte)[0] = *(u_char *) ptr; + ((u_char *) & oddbyte)[1] = 0; + sum += oddbyte; + } /* "Pseudo-header" data */ - ptr = (u_short *) &(pip->ip_dst); - sum += *ptr++; - sum += *ptr; - ptr = (u_short *) &(pip->ip_src); - sum += *ptr++; - sum += *ptr; - sum += htons((u_short) ntcp); - sum += htons((u_short) pip->ip_p); + ptr = (u_short *) & (pip->ip_dst); + sum += *ptr++; + sum += *ptr; + ptr = (u_short *) & (pip->ip_src); + sum += *ptr++; + sum += *ptr; + sum += htons((u_short) ntcp); + sum += htons((u_short) pip->ip_p); /* Roll over carry bits */ - sum = (sum >> 16) + (sum & 0xffff); - sum += (sum >> 16); + sum = (sum >> 16) + (sum & 0xffff); + sum += (sum >> 16); /* Return checksum */ - return((u_short) ~sum); + return ((u_short) ~ sum); } void -DifferentialChecksum(u_short *cksum, u_short *new, u_short *old, int n) +DifferentialChecksum(u_short * cksum, u_short * new, u_short * old, int n) { - int i; - int accumulate; + int i; + int accumulate; - accumulate = *cksum; - for (i=0; i> 16) + (accumulate & 0xffff); - accumulate += accumulate >> 16; - *cksum = (u_short) ~accumulate; - } - else - { - accumulate = (accumulate >> 16) + (accumulate & 0xffff); - accumulate += accumulate >> 16; - *cksum = (u_short) accumulate; - } + if (accumulate < 0) { + accumulate = -accumulate; + accumulate = (accumulate >> 16) + (accumulate & 0xffff); + accumulate += accumulate >> 16; + *cksum = (u_short) ~ accumulate; + } else { + accumulate = (accumulate >> 16) + (accumulate & 0xffff); + accumulate += accumulate >> 16; + *cksum = (u_short) accumulate; + } } - diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c index fab70455b3c0..19406d45bdd5 100644 --- a/sys/netinet/libalias/alias.c +++ b/sys/netinet/libalias/alias.c @@ -1,5 +1,3 @@ -/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- */ - /*- * Copyright (c) 2001 Charles Mott * All rights reserved. @@ -153,53 +151,51 @@ a timeout period. */ /* Local prototypes */ -static void TcpMonitorIn(struct ip *, struct alias_link *); +static void TcpMonitorIn(struct ip *, struct alias_link *); -static void TcpMonitorOut(struct ip *, struct alias_link *); +static void TcpMonitorOut(struct ip *, struct alias_link *); static void TcpMonitorIn(struct ip *pip, struct alias_link *link) { - struct tcphdr *tc; + struct tcphdr *tc; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - switch (GetStateIn(link)) - { - case ALIAS_TCP_STATE_NOT_CONNECTED: - if (tc->th_flags & TH_RST) - SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); - else if (tc->th_flags & TH_SYN) - SetStateIn(link, ALIAS_TCP_STATE_CONNECTED); - break; - case ALIAS_TCP_STATE_CONNECTED: - if (tc->th_flags & (TH_FIN | TH_RST)) - SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); - break; - } + switch (GetStateIn(link)) { + case ALIAS_TCP_STATE_NOT_CONNECTED: + if (tc->th_flags & TH_RST) + SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); + else if (tc->th_flags & TH_SYN) + SetStateIn(link, ALIAS_TCP_STATE_CONNECTED); + break; + case ALIAS_TCP_STATE_CONNECTED: + if (tc->th_flags & (TH_FIN | TH_RST)) + SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED); + break; + } } static void TcpMonitorOut(struct ip *pip, struct alias_link *link) { - struct tcphdr *tc; + struct tcphdr *tc; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - switch (GetStateOut(link)) - { - case ALIAS_TCP_STATE_NOT_CONNECTED: - if (tc->th_flags & TH_RST) - SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); - else if (tc->th_flags & TH_SYN) - SetStateOut(link, ALIAS_TCP_STATE_CONNECTED); - break; - case ALIAS_TCP_STATE_CONNECTED: - if (tc->th_flags & (TH_FIN | TH_RST)) - SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); - break; - } + switch (GetStateOut(link)) { + case ALIAS_TCP_STATE_NOT_CONNECTED: + if (tc->th_flags & TH_RST) + SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); + else if (tc->th_flags & TH_SYN) + SetStateOut(link, ALIAS_TCP_STATE_CONNECTED); + break; + case ALIAS_TCP_STATE_CONNECTED: + if (tc->th_flags & (TH_FIN | TH_RST)) + SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED); + break; + } } @@ -247,22 +243,22 @@ the gateway machine or other machines on a local area network. /* Local prototypes */ -static int IcmpAliasIn1(struct libalias *, struct ip *); -static int IcmpAliasIn2(struct libalias *, struct ip *); -static int IcmpAliasIn (struct libalias *, struct ip *); +static int IcmpAliasIn1(struct libalias *, struct ip *); +static int IcmpAliasIn2(struct libalias *, struct ip *); +static int IcmpAliasIn(struct libalias *, struct ip *); -static int IcmpAliasOut1(struct libalias *, struct ip *); -static int IcmpAliasOut2(struct libalias *, struct ip *); -static int IcmpAliasOut (struct libalias *, struct ip *); +static int IcmpAliasOut1(struct libalias *, struct ip *); +static int IcmpAliasOut2(struct libalias *, struct ip *); +static int IcmpAliasOut(struct libalias *, struct ip *); -static int ProtoAliasIn(struct libalias *, struct ip *); -static int ProtoAliasOut(struct libalias *, struct ip *); +static int ProtoAliasIn(struct libalias *, struct ip *); +static int ProtoAliasOut(struct libalias *, struct ip *); -static int UdpAliasOut(struct libalias *, struct ip *); -static int UdpAliasIn (struct libalias *, struct ip *); +static int UdpAliasOut(struct libalias *, struct ip *); +static int UdpAliasIn(struct libalias *, struct ip *); -static int TcpAliasOut(struct libalias *, struct ip *, int); -static int TcpAliasIn (struct libalias *, struct ip *); +static int TcpAliasOut(struct libalias *, struct ip *, int); +static int TcpAliasIn(struct libalias *, struct ip *); static int @@ -272,43 +268,42 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip) De-alias incoming echo and timestamp replies. Alias incoming echo and timestamp requests. */ - struct alias_link *link; - struct icmp *ic; + struct alias_link *link; + struct icmp *ic; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); /* Get source address from ICMP data field and restore original data */ - link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); - if (link != NULL) - { - u_short original_id; - int accumulate; + link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); + if (link != NULL) { + u_short original_id; + int accumulate; - original_id = GetOriginalPort(link); + original_id = GetOriginalPort(link); /* Adjust ICMP checksum */ - accumulate = ic->icmp_id; - accumulate -= original_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + accumulate = ic->icmp_id; + accumulate -= original_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* Put original sequence number back in */ - ic->icmp_id = original_id; + ic->icmp_id = original_id; /* Put original address back into IP header */ - { - struct in_addr original_address; + { + struct in_addr original_address; - original_address = GetOriginalAddress(link); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; - } + original_address = GetOriginalAddress(link); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; + } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int @@ -318,151 +313,145 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip) Alias incoming ICMP error messages containing IP header and first 64 bits of datagram. */ - struct ip *ip; - struct icmp *ic, *ic2; - struct udphdr *ud; - struct tcphdr *tc; - struct alias_link *link; + struct ip *ip; + struct icmp *ic, *ic2; + struct udphdr *ud; + struct tcphdr *tc; + struct alias_link *link; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); - ip = &ic->icmp_ip; + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); + ip = &ic->icmp_ip; - ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2)); - tc = (struct tcphdr *) ud; - ic2 = (struct icmp *) ud; + ud = (struct udphdr *)((char *)ip + (ip->ip_hl << 2)); + tc = (struct tcphdr *)ud; + ic2 = (struct icmp *)ud; - if (ip->ip_p == IPPROTO_UDP) - link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, - ud->uh_dport, ud->uh_sport, - IPPROTO_UDP, 0); - else if (ip->ip_p == IPPROTO_TCP) - link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, - tc->th_dport, tc->th_sport, - IPPROTO_TCP, 0); - else if (ip->ip_p == IPPROTO_ICMP) { - if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) - link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); - else - link = NULL; - } else - link = NULL; + if (ip->ip_p == IPPROTO_UDP) + link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, + ud->uh_dport, ud->uh_sport, + IPPROTO_UDP, 0); + else if (ip->ip_p == IPPROTO_TCP) + link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, + tc->th_dport, tc->th_sport, + IPPROTO_TCP, 0); + else if (ip->ip_p == IPPROTO_ICMP) { + if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) + link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); + else + link = NULL; + } else + link = NULL; - if (link != NULL) - { - if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) - { - u_short *sptr; - int accumulate, accumulate2; - struct in_addr original_address; - u_short original_port; + if (link != NULL) { + if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) { + u_short *sptr; + int accumulate, accumulate2; + struct in_addr original_address; + u_short original_port; - original_address = GetOriginalAddress(link); - original_port = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_port = GetOriginalPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ud->uh_sport; - accumulate -= original_port; - accumulate2 = accumulate; - accumulate2 += ip->ip_sum; - ADJUST_CHECKSUM(accumulate, ip->ip_sum); - accumulate2 -= ip->ip_sum; - ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ud->uh_sport; + accumulate -= original_port; + accumulate2 = accumulate; + accumulate2 += ip->ip_sum; + ADJUST_CHECKSUM(accumulate, ip->ip_sum); + accumulate2 -= ip->ip_sum; + ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); /* Un-alias address in IP header */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; /* Un-alias address and port number of original IP packet fragment contained in ICMP data section */ - ip->ip_src = original_address; - ud->uh_sport = original_port; - } - else if (ip->ip_p == IPPROTO_ICMP) - { - u_short *sptr; - int accumulate, accumulate2; - struct in_addr original_address; - u_short original_id; + ip->ip_src = original_address; + ud->uh_sport = original_port; + } else if (ip->ip_p == IPPROTO_ICMP) { + u_short *sptr; + int accumulate, accumulate2; + struct in_addr original_address; + u_short original_id; - original_address = GetOriginalAddress(link); - original_id = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_id = GetOriginalPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ic2->icmp_id; - accumulate -= original_id; - accumulate2 = accumulate; - accumulate2 += ip->ip_sum; - ADJUST_CHECKSUM(accumulate, ip->ip_sum); - accumulate2 -= ip->ip_sum; - ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ic2->icmp_id; + accumulate -= original_id; + accumulate2 = accumulate; + accumulate2 += ip->ip_sum; + ADJUST_CHECKSUM(accumulate, ip->ip_sum); + accumulate2 -= ip->ip_sum; + ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); /* Un-alias address in IP header */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; /* Un-alias address of original IP packet and sequence number of embedded ICMP datagram */ - ip->ip_src = original_address; - ic2->icmp_id = original_id; - } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + ip->ip_src = original_address; + ic2->icmp_id = original_id; + } + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int IcmpAliasIn(struct libalias *la, struct ip *pip) { - int iresult; - struct icmp *ic; + int iresult; + struct icmp *ic; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); - iresult = PKT_ALIAS_IGNORED; - switch (ic->icmp_type) - { - case ICMP_ECHOREPLY: - case ICMP_TSTAMPREPLY: - if (ic->icmp_code == 0) - { - iresult = IcmpAliasIn1(la, pip); - } - break; - case ICMP_UNREACH: - case ICMP_SOURCEQUENCH: - case ICMP_TIMXCEED: - case ICMP_PARAMPROB: - iresult = IcmpAliasIn2(la, pip); - break; - case ICMP_ECHO: - case ICMP_TSTAMP: - iresult = IcmpAliasIn1(la, pip); - break; - } - return(iresult); + iresult = PKT_ALIAS_IGNORED; + switch (ic->icmp_type) { + case ICMP_ECHOREPLY: + case ICMP_TSTAMPREPLY: + if (ic->icmp_code == 0) { + iresult = IcmpAliasIn1(la, pip); + } + break; + case ICMP_UNREACH: + case ICMP_SOURCEQUENCH: + case ICMP_TIMXCEED: + case ICMP_PARAMPROB: + iresult = IcmpAliasIn2(la, pip); + break; + case ICMP_ECHO: + case ICMP_TSTAMP: + iresult = IcmpAliasIn1(la, pip); + break; + } + return (iresult); } @@ -473,43 +462,42 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip) Alias outgoing echo and timestamp requests. De-alias outgoing echo and timestamp replies. */ - struct alias_link *link; - struct icmp *ic; + struct alias_link *link; + struct icmp *ic; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); /* Save overwritten data for when echo packet returns */ - link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); - if (link != NULL) - { - u_short alias_id; - int accumulate; + link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); + if (link != NULL) { + u_short alias_id; + int accumulate; - alias_id = GetAliasPort(link); + alias_id = GetAliasPort(link); /* Since data field is being modified, adjust ICMP checksum */ - accumulate = ic->icmp_id; - accumulate -= alias_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + accumulate = ic->icmp_id; + accumulate -= alias_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* Alias sequence number */ - ic->icmp_id = alias_id; + ic->icmp_id = alias_id; /* Change source address */ - { - struct in_addr alias_address; + { + struct in_addr alias_address; - alias_address = GetAliasAddress(link); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; - } + alias_address = GetAliasAddress(link); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; + } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -520,152 +508,144 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip) Alias outgoing ICMP error messages containing IP header and first 64 bits of datagram. */ - struct ip *ip; - struct icmp *ic, *ic2; - struct udphdr *ud; - struct tcphdr *tc; - struct alias_link *link; + struct ip *ip; + struct icmp *ic, *ic2; + struct udphdr *ud; + struct tcphdr *tc; + struct alias_link *link; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); - ip = &ic->icmp_ip; + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); + ip = &ic->icmp_ip; - ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2)); - tc = (struct tcphdr *) ud; - ic2 = (struct icmp *) ud; + ud = (struct udphdr *)((char *)ip + (ip->ip_hl << 2)); + tc = (struct tcphdr *)ud; + ic2 = (struct icmp *)ud; - if (ip->ip_p == IPPROTO_UDP) - link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, - ud->uh_dport, ud->uh_sport, - IPPROTO_UDP, 0); - else if (ip->ip_p == IPPROTO_TCP) - link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, - tc->th_dport, tc->th_sport, - IPPROTO_TCP, 0); - else if (ip->ip_p == IPPROTO_ICMP) { - if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) - link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); - else - link = NULL; - } else - link = NULL; + if (ip->ip_p == IPPROTO_UDP) + link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, + ud->uh_dport, ud->uh_sport, + IPPROTO_UDP, 0); + else if (ip->ip_p == IPPROTO_TCP) + link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, + tc->th_dport, tc->th_sport, + IPPROTO_TCP, 0); + else if (ip->ip_p == IPPROTO_ICMP) { + if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP) + link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0); + else + link = NULL; + } else + link = NULL; - if (link != NULL) - { - if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) - { - u_short *sptr; - int accumulate; - struct in_addr alias_address; - u_short alias_port; + if (link != NULL) { + if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) { + u_short *sptr; + int accumulate; + struct in_addr alias_address; + u_short alias_port; - alias_address = GetAliasAddress(link); - alias_port = GetAliasPort(link); + alias_address = GetAliasAddress(link); + alias_port = GetAliasPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_dst); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ud->uh_dport; - accumulate -= alias_port; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_dst); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ud->uh_dport; + accumulate -= alias_port; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* * Alias address in IP header if it comes from the host * the original TCP/UDP packet was destined for. */ - if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; - } - + if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; + } /* Alias address and port number of original IP packet fragment contained in ICMP data section */ - ip->ip_dst = alias_address; - ud->uh_dport = alias_port; - } - else if (ip->ip_p == IPPROTO_ICMP) - { - u_short *sptr; - int accumulate; - struct in_addr alias_address; - u_short alias_id; + ip->ip_dst = alias_address; + ud->uh_dport = alias_port; + } else if (ip->ip_p == IPPROTO_ICMP) { + u_short *sptr; + int accumulate; + struct in_addr alias_address; + u_short alias_id; - alias_address = GetAliasAddress(link); - alias_id = GetAliasPort(link); + alias_address = GetAliasAddress(link); + alias_id = GetAliasPort(link); /* Adjust ICMP checksum */ - sptr = (u_short *) &(ip->ip_dst); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ic2->icmp_id; - accumulate -= alias_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + sptr = (u_short *) & (ip->ip_dst); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ic2->icmp_id; + accumulate -= alias_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); /* * Alias address in IP header if it comes from the host * the original ICMP message was destined for. */ - if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; - } - + if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; + } /* Alias address of original IP packet and sequence number of embedded ICMP datagram */ - ip->ip_dst = alias_address; - ic2->icmp_id = alias_id; - } - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + ip->ip_dst = alias_address; + ic2->icmp_id = alias_id; + } + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int IcmpAliasOut(struct libalias *la, struct ip *pip) { - int iresult; - struct icmp *ic; + int iresult; + struct icmp *ic; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); + ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2)); - iresult = PKT_ALIAS_IGNORED; - switch (ic->icmp_type) - { - case ICMP_ECHO: - case ICMP_TSTAMP: - if (ic->icmp_code == 0) - { - iresult = IcmpAliasOut1(la, pip); - } - break; - case ICMP_UNREACH: - case ICMP_SOURCEQUENCH: - case ICMP_TIMXCEED: - case ICMP_PARAMPROB: - iresult = IcmpAliasOut2(la, pip); - break; - case ICMP_ECHOREPLY: - case ICMP_TSTAMPREPLY: - iresult = IcmpAliasOut1(la, pip); - } - return(iresult); + iresult = PKT_ALIAS_IGNORED; + switch (ic->icmp_type) { + case ICMP_ECHO: + case ICMP_TSTAMP: + if (ic->icmp_code == 0) { + iresult = IcmpAliasOut1(la, pip); + } + break; + case ICMP_UNREACH: + case ICMP_SOURCEQUENCH: + case ICMP_TIMXCEED: + case ICMP_PARAMPROB: + iresult = IcmpAliasOut2(la, pip); + break; + case ICMP_ECHOREPLY: + case ICMP_TSTAMPREPLY: + iresult = IcmpAliasOut1(la, pip); + } + return (iresult); } @@ -679,29 +659,28 @@ ProtoAliasIn(struct libalias *la, struct ip *pip) the dest IP address of the packet to our inside machine. */ - struct alias_link *link; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p); - if (link != NULL) - { - struct in_addr original_address; + link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p); + if (link != NULL) { + struct in_addr original_address; - original_address = GetOriginalAddress(link); + original_address = GetOriginalAddress(link); /* Restore original IP address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -713,180 +692,173 @@ ProtoAliasOut(struct libalias *la, struct ip *pip) only thing which is done in this case is to alias the source IP address of the packet. */ - struct alias_link *link; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p); - if (link != NULL) - { - struct in_addr alias_address; + link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p); + if (link != NULL) { + struct in_addr alias_address; - alias_address = GetAliasAddress(link); + alias_address = GetAliasAddress(link); /* Change source address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int UdpAliasIn(struct libalias *la, struct ip *pip) { - struct udphdr *ud; - struct alias_link *link; + struct udphdr *ud; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, - ud->uh_sport, ud->uh_dport, - IPPROTO_UDP, 1); - if (link != NULL) - { - struct in_addr alias_address; - struct in_addr original_address; - u_short alias_port; - int accumulate; - u_short *sptr; - int r = 0; + link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, + ud->uh_sport, ud->uh_dport, + IPPROTO_UDP, 1); + if (link != NULL) { + struct in_addr alias_address; + struct in_addr original_address; + u_short alias_port; + int accumulate; + u_short *sptr; + int r = 0; - alias_address = GetAliasAddress(link); - original_address = GetOriginalAddress(link); - alias_port = ud->uh_dport; - ud->uh_dport = GetOriginalPort(link); + alias_address = GetAliasAddress(link); + original_address = GetOriginalAddress(link); + alias_port = ud->uh_dport; + ud->uh_dport = GetOriginalPort(link); /* Special processing for IP encoding protocols */ - if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) - AliasHandleCUSeeMeIn(la, pip, original_address); + if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) + AliasHandleCUSeeMeIn(la, pip, original_address); /* If NETBIOS Datagram, It should be alias address in UDP Data, too */ - else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) - r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport); - else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) - r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port, - &original_address, &ud->uh_dport); + else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) + r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport); + else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) + r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port, + &original_address, &ud->uh_dport); /* If UDP checksum is not zero, then adjust since destination port */ /* is being unaliased and destination address is being altered. */ - if (ud->uh_sum != 0) - { - accumulate = alias_port; - accumulate -= ud->uh_dport; - sptr = (u_short *) &alias_address; - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); - } - + if (ud->uh_sum != 0) { + accumulate = alias_port; + accumulate -= ud->uh_dport; + sptr = (u_short *) & alias_address; + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + } /* Restore original IP address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; - /* - * If we cannot figure out the packet, ignore it. - */ - if (r < 0) - return(PKT_ALIAS_IGNORED); - else - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + /* + * If we cannot figure out the packet, ignore it. + */ + if (r < 0) + return (PKT_ALIAS_IGNORED); + else + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int UdpAliasOut(struct libalias *la, struct ip *pip) { - struct udphdr *ud; - struct alias_link *link; + struct udphdr *ud; + struct alias_link *link; /* Return if proxy-only mode is enabled */ - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) + return PKT_ALIAS_OK; - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, - ud->uh_sport, ud->uh_dport, - IPPROTO_UDP, 1); - if (link != NULL) - { - u_short alias_port; - struct in_addr alias_address; + link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, + ud->uh_sport, ud->uh_dport, + IPPROTO_UDP, 1); + if (link != NULL) { + u_short alias_port; + struct in_addr alias_address; - alias_address = GetAliasAddress(link); - alias_port = GetAliasPort(link); + alias_address = GetAliasAddress(link); + alias_port = GetAliasPort(link); /* Special processing for IP encoding protocols */ - if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) - AliasHandleCUSeeMeOut(la, pip, link); + if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) + AliasHandleCUSeeMeOut(la, pip, link); /* If NETBIOS Datagram, It should be alias address in UDP Data, too */ - else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) - AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port); - else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER - || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) - AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport, - &alias_address, &alias_port); + else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER) + AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port); + else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER + || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER) + AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport, + &alias_address, &alias_port); /* * We don't know in advance what TID the TFTP server will choose, * so we create a wilcard link (destination port is unspecified) * that will match any TID from a given destination. */ - else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER) - FindRtspOut(la, pip->ip_src, pip->ip_dst, - ud->uh_sport, alias_port, IPPROTO_UDP); + else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER) + FindRtspOut(la, pip->ip_src, pip->ip_dst, + ud->uh_sport, alias_port, IPPROTO_UDP); /* If UDP checksum is not zero, adjust since source port is */ /* being aliased and source address is being altered */ - if (ud->uh_sum != 0) - { - int accumulate; - u_short *sptr; - - accumulate = ud->uh_sport; - accumulate -= alias_port; - sptr = (u_short *) &(pip->ip_src); - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); - } + if (ud->uh_sum != 0) { + int accumulate; + u_short *sptr; + accumulate = ud->uh_sport; + accumulate -= alias_port; + sptr = (u_short *) & (pip->ip_src); + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + } /* Put alias port in UDP header */ - ud->uh_sport = alias_port; + ud->uh_sport = alias_port; /* Change source address */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -894,264 +866,248 @@ UdpAliasOut(struct libalias *la, struct ip *pip) static int TcpAliasIn(struct libalias *la, struct ip *pip) { - struct tcphdr *tc; - struct alias_link *link; + struct tcphdr *tc; + struct alias_link *link; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, - tc->th_sport, tc->th_dport, - IPPROTO_TCP, - !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)); - if (link != NULL) - { - struct in_addr alias_address; - struct in_addr original_address; - struct in_addr proxy_address; - u_short alias_port; - u_short proxy_port; - int accumulate; - u_short *sptr; + link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, + tc->th_sport, tc->th_dport, + IPPROTO_TCP, + !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)); + if (link != NULL) { + struct in_addr alias_address; + struct in_addr original_address; + struct in_addr proxy_address; + u_short alias_port; + u_short proxy_port; + int accumulate; + u_short *sptr; /* Special processing for IP encoding protocols */ - if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER - || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) - AliasHandlePptpIn(la, pip, link); - else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort - || ntohs(tc->th_sport) == la->skinnyPort)) - AliasHandleSkinny(la, pip, link); + if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER + || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) + AliasHandlePptpIn(la, pip, link); + else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort + || ntohs(tc->th_sport) == la->skinnyPort)) + AliasHandleSkinny(la, pip, link); - alias_address = GetAliasAddress(link); - original_address = GetOriginalAddress(link); - proxy_address = GetProxyAddress(link); - alias_port = tc->th_dport; - tc->th_dport = GetOriginalPort(link); - proxy_port = GetProxyPort(link); + alias_address = GetAliasAddress(link); + original_address = GetOriginalAddress(link); + proxy_address = GetProxyAddress(link); + alias_port = tc->th_dport; + tc->th_dport = GetOriginalPort(link); + proxy_port = GetProxyPort(link); /* Adjust TCP checksum since destination port is being unaliased */ /* and destination port is being altered. */ - accumulate = alias_port; - accumulate -= tc->th_dport; - sptr = (u_short *) &alias_address; - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; + accumulate = alias_port; + accumulate -= tc->th_dport; + sptr = (u_short *) & alias_address; + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; /* If this is a proxy, then modify the TCP source port and checksum accumulation */ - if (proxy_port != 0) - { - accumulate += tc->th_sport; - tc->th_sport = proxy_port; - accumulate -= tc->th_sport; - - sptr = (u_short *) &pip->ip_src; - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &proxy_address; - accumulate -= *sptr++; - accumulate -= *sptr; - } + if (proxy_port != 0) { + accumulate += tc->th_sport; + tc->th_sport = proxy_port; + accumulate -= tc->th_sport; + sptr = (u_short *) & pip->ip_src; + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & proxy_address; + accumulate -= *sptr++; + accumulate -= *sptr; + } /* See if ACK number needs to be modified */ - if (GetAckModified(link) == 1) - { - int delta; + if (GetAckModified(link) == 1) { + int delta; - delta = GetDeltaAckIn(pip, link); - if (delta != 0) - { - sptr = (u_short *) &tc->th_ack; - accumulate += *sptr++; - accumulate += *sptr; - tc->th_ack = htonl(ntohl(tc->th_ack) - delta); - sptr = (u_short *) &tc->th_ack; - accumulate -= *sptr++; - accumulate -= *sptr; - } - } - - ADJUST_CHECKSUM(accumulate, tc->th_sum); + delta = GetDeltaAckIn(pip, link); + if (delta != 0) { + sptr = (u_short *) & tc->th_ack; + accumulate += *sptr++; + accumulate += *sptr; + tc->th_ack = htonl(ntohl(tc->th_ack) - delta); + sptr = (u_short *) & tc->th_ack; + accumulate -= *sptr++; + accumulate -= *sptr; + } + } + ADJUST_CHECKSUM(accumulate, tc->th_sum); /* Restore original IP address */ - sptr = (u_short *) &pip->ip_dst; - accumulate = *sptr++; - accumulate += *sptr; - pip->ip_dst = original_address; - sptr = (u_short *) &pip->ip_dst; - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & pip->ip_dst; + accumulate = *sptr++; + accumulate += *sptr; + pip->ip_dst = original_address; + sptr = (u_short *) & pip->ip_dst; + accumulate -= *sptr++; + accumulate -= *sptr; /* If this is a transparent proxy packet, then modify the source address */ - if (proxy_address.s_addr != 0) - { - sptr = (u_short *) &pip->ip_src; - accumulate += *sptr++; - accumulate += *sptr; - pip->ip_src = proxy_address; - sptr = (u_short *) &pip->ip_src; - accumulate -= *sptr++; - accumulate -= *sptr; - } - - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + if (proxy_address.s_addr != 0) { + sptr = (u_short *) & pip->ip_src; + accumulate += *sptr++; + accumulate += *sptr; + pip->ip_src = proxy_address; + sptr = (u_short *) & pip->ip_src; + accumulate -= *sptr++; + accumulate -= *sptr; + } + ADJUST_CHECKSUM(accumulate, pip->ip_sum); /* Monitor TCP connection state */ - TcpMonitorIn(pip, link); + TcpMonitorIn(pip, link); - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } static int TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize) { - int proxy_type; - u_short dest_port; - u_short proxy_server_port; - struct in_addr dest_address; - struct in_addr proxy_server_address; - struct tcphdr *tc; - struct alias_link *link; + int proxy_type; + u_short dest_port; + u_short proxy_server_port; + struct in_addr dest_address; + struct in_addr proxy_server_address; + struct tcphdr *tc; + struct alias_link *link; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port); + proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port); - if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) - return PKT_ALIAS_OK; + if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) + return PKT_ALIAS_OK; /* If this is a transparent proxy, save original destination, then alter the destination and adjust checksums */ - dest_port = tc->th_dport; - dest_address = pip->ip_dst; - if (proxy_type != 0) - { - int accumulate; - u_short *sptr; + dest_port = tc->th_dport; + dest_address = pip->ip_dst; + if (proxy_type != 0) { + int accumulate; + u_short *sptr; - accumulate = tc->th_dport; - tc->th_dport = proxy_server_port; - accumulate -= tc->th_dport; + accumulate = tc->th_dport; + tc->th_dport = proxy_server_port; + accumulate -= tc->th_dport; - sptr = (u_short *) &(pip->ip_dst); - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &proxy_server_address; - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_dst); + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & proxy_server_address; + accumulate -= *sptr++; + accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, tc->th_sum); + ADJUST_CHECKSUM(accumulate, tc->th_sum); - sptr = (u_short *) &(pip->ip_dst); - accumulate = *sptr++; - accumulate += *sptr; - pip->ip_dst = proxy_server_address; - sptr = (u_short *) &(pip->ip_dst); - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_dst); + accumulate = *sptr++; + accumulate += *sptr; + pip->ip_dst = proxy_server_address; + sptr = (u_short *) & (pip->ip_dst); + accumulate -= *sptr++; + accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); - } - - link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, - tc->th_sport, tc->th_dport, - IPPROTO_TCP, 1); - if (link !=NULL) - { - u_short alias_port; - struct in_addr alias_address; - int accumulate; - u_short *sptr; + ADJUST_CHECKSUM(accumulate, pip->ip_sum); + } + link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, + tc->th_sport, tc->th_dport, + IPPROTO_TCP, 1); + if (link != NULL) { + u_short alias_port; + struct in_addr alias_address; + int accumulate; + u_short *sptr; /* Save original destination address, if this is a proxy packet. Also modify packet to include destination encoding. This may change the size of IP header. */ - if (proxy_type != 0) - { - SetProxyPort(link, dest_port); - SetProxyAddress(link, dest_address); - ProxyModify(la, link, pip, maxpacketsize, proxy_type); - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - } - + if (proxy_type != 0) { + SetProxyPort(link, dest_port); + SetProxyAddress(link, dest_address); + ProxyModify(la, link, pip, maxpacketsize, proxy_type); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + } /* Get alias address and port */ - alias_port = GetAliasPort(link); - alias_address = GetAliasAddress(link); + alias_port = GetAliasPort(link); + alias_address = GetAliasAddress(link); /* Monitor TCP connection state */ - TcpMonitorOut(pip, link); + TcpMonitorOut(pip, link); /* Special processing for IP encoding protocols */ - if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER - || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER) - AliasHandleFtpOut(la, pip, link, maxpacketsize); - else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1 - || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2) - AliasHandleIrcOut(la, pip, link, maxpacketsize); - else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1 - || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1 - || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2 - || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2) - AliasHandleRtspOut(la, pip, link, maxpacketsize); - else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER - || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) - AliasHandlePptpOut(la, pip, link); - else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort - || ntohs(tc->th_dport) == la->skinnyPort)) - AliasHandleSkinny(la, pip, link); + if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER + || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER) + AliasHandleFtpOut(la, pip, link, maxpacketsize); + else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2) + AliasHandleIrcOut(la, pip, link, maxpacketsize); + else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2 + || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2) + AliasHandleRtspOut(la, pip, link, maxpacketsize); + else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER + || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) + AliasHandlePptpOut(la, pip, link); + else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort + || ntohs(tc->th_dport) == la->skinnyPort)) + AliasHandleSkinny(la, pip, link); /* Adjust TCP checksum since source port is being aliased */ /* and source address is being altered */ - accumulate = tc->th_sport; - tc->th_sport = alias_port; - accumulate -= tc->th_sport; + accumulate = tc->th_sport; + tc->th_sport = alias_port; + accumulate -= tc->th_sport; - sptr = (u_short *) &(pip->ip_src); - accumulate += *sptr++; - accumulate += *sptr; - sptr = (u_short *) &alias_address; - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_src); + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) & alias_address; + accumulate -= *sptr++; + accumulate -= *sptr; /* Modify sequence number if necessary */ - if (GetAckModified(link) == 1) - { - int delta; + if (GetAckModified(link) == 1) { + int delta; - delta = GetDeltaSeqOut(pip, link); - if (delta != 0) - { - sptr = (u_short *) &tc->th_seq; - accumulate += *sptr++; - accumulate += *sptr; - tc->th_seq = htonl(ntohl(tc->th_seq) + delta); - sptr = (u_short *) &tc->th_seq; - accumulate -= *sptr++; - accumulate -= *sptr; - } - } - - ADJUST_CHECKSUM(accumulate, tc->th_sum); + delta = GetDeltaSeqOut(pip, link); + if (delta != 0) { + sptr = (u_short *) & tc->th_seq; + accumulate += *sptr++; + accumulate += *sptr; + tc->th_seq = htonl(ntohl(tc->th_seq) + delta); + sptr = (u_short *) & tc->th_seq; + accumulate -= *sptr++; + accumulate -= *sptr; + } + } + ADJUST_CHECKSUM(accumulate, tc->th_sum); /* Change source address */ - sptr = (u_short *) &(pip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - pip->ip_src = alias_address; - sptr = (u_short *) &(pip->ip_src); - accumulate -= *sptr++; - accumulate -= *sptr; + sptr = (u_short *) & (pip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + pip->ip_src = alias_address; + sptr = (u_short *) & (pip->ip_src); + accumulate -= *sptr++; + accumulate -= *sptr; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + ADJUST_CHECKSUM(accumulate, pip->ip_sum); - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_IGNORED); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_IGNORED); } @@ -1171,46 +1127,45 @@ saved and recalled when a header fragment is seen. */ /* Local prototypes */ -static int FragmentIn(struct libalias *, struct ip *); -static int FragmentOut(struct libalias *, struct ip *); +static int FragmentIn(struct libalias *, struct ip *); +static int FragmentOut(struct libalias *, struct ip *); static int FragmentIn(struct libalias *la, struct ip *pip) { - struct alias_link *link; + struct alias_link *link; - link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id); - if (link != NULL) - { - struct in_addr original_address; + link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id); + if (link != NULL) { + struct in_addr original_address; - GetFragmentAddr(link, &original_address); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; + GetFragmentAddr(link, &original_address); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = original_address; - return(PKT_ALIAS_OK); - } - return(PKT_ALIAS_UNRESOLVED_FRAGMENT); + return (PKT_ALIAS_OK); + } + return (PKT_ALIAS_UNRESOLVED_FRAGMENT); } static int FragmentOut(struct libalias *la, struct ip *pip) { - struct in_addr alias_address; + struct in_addr alias_address; - alias_address = FindAliasAddress(la, pip->ip_src); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_address, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_address; + alias_address = FindAliasAddress(la, pip->ip_src); + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_address, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_address; - return(PKT_ALIAS_OK); + return (PKT_ALIAS_OK); } @@ -1234,139 +1189,127 @@ FragmentOut(struct libalias *la, struct ip *pip) int LibAliasSaveFragment(struct libalias *la, char *ptr) { - int iresult; - struct alias_link *link; - struct ip *pip; + int iresult; + struct alias_link *link; + struct ip *pip; - pip = (struct ip *) ptr; - link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id); - iresult = PKT_ALIAS_ERROR; - if (link != NULL) - { - SetFragmentPtr(link, ptr); - iresult = PKT_ALIAS_OK; - } - return(iresult); + pip = (struct ip *)ptr; + link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id); + iresult = PKT_ALIAS_ERROR; + if (link != NULL) { + SetFragmentPtr(link, ptr); + iresult = PKT_ALIAS_OK; + } + return (iresult); } -char * +char * LibAliasGetFragment(struct libalias *la, char *ptr) { - struct alias_link *link; - char *fptr; - struct ip *pip; + struct alias_link *link; + char *fptr; + struct ip *pip; - pip = (struct ip *) ptr; - link = FindFragmentPtr(la, pip->ip_src, pip->ip_id); - if (link != NULL) - { - GetFragmentPtr(link, &fptr); - SetFragmentPtr(link, NULL); - SetExpire(link, 0); /* Deletes link */ + pip = (struct ip *)ptr; + link = FindFragmentPtr(la, pip->ip_src, pip->ip_id); + if (link != NULL) { + GetFragmentPtr(link, &fptr); + SetFragmentPtr(link, NULL); + SetExpire(link, 0); /* Deletes link */ - return(fptr); - } - else - { - return(NULL); - } + return (fptr); + } else { + return (NULL); + } } void -LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly de-aliased - header fragment */ - char *ptr_fragment /* Points to fragment which must - be de-aliased */ - ) +LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly + * de-aliased header + * fragment */ + char *ptr_fragment /* Points to fragment which must be + * de-aliased */ +) { - struct ip *pip; - struct ip *fpip; + struct ip *pip; + struct ip *fpip; - pip = (struct ip *) ptr; - fpip = (struct ip *) ptr_fragment; + pip = (struct ip *)ptr; + fpip = (struct ip *)ptr_fragment; - DifferentialChecksum(&fpip->ip_sum, - (u_short *) &pip->ip_dst, - (u_short *) &fpip->ip_dst, - 2); - fpip->ip_dst = pip->ip_dst; + DifferentialChecksum(&fpip->ip_sum, + (u_short *) & pip->ip_dst, + (u_short *) & fpip->ip_dst, + 2); + fpip->ip_dst = pip->ip_dst; } int LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize) { - struct in_addr alias_addr; - struct ip *pip; - int iresult; + struct in_addr alias_addr; + struct ip *pip; + int iresult; - if (la->packetAliasMode & PKT_ALIAS_REVERSE) { - la->packetAliasMode &= ~PKT_ALIAS_REVERSE; - iresult = PacketAliasOut(ptr, maxpacketsize); - la->packetAliasMode |= PKT_ALIAS_REVERSE; - return iresult; - } + if (la->packetAliasMode & PKT_ALIAS_REVERSE) { + la->packetAliasMode &= ~PKT_ALIAS_REVERSE; + iresult = PacketAliasOut(ptr, maxpacketsize); + la->packetAliasMode |= PKT_ALIAS_REVERSE; + return iresult; + } + HouseKeeping(la); + ClearCheckNewLink(la); + pip = (struct ip *)ptr; + alias_addr = pip->ip_dst; - HouseKeeping(la); - ClearCheckNewLink(la); - pip = (struct ip *) ptr; - alias_addr = pip->ip_dst; + /* Defense against mangled packets */ + if (ntohs(pip->ip_len) > maxpacketsize + || (pip->ip_hl << 2) > maxpacketsize) + return PKT_ALIAS_IGNORED; - /* Defense against mangled packets */ - if (ntohs(pip->ip_len) > maxpacketsize - || (pip->ip_hl<<2) > maxpacketsize) - return PKT_ALIAS_IGNORED; + iresult = PKT_ALIAS_IGNORED; + if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) { + switch (pip->ip_p) { + case IPPROTO_ICMP: + iresult = IcmpAliasIn(la, pip); + break; + case IPPROTO_UDP: + iresult = UdpAliasIn(la, pip); + break; + case IPPROTO_TCP: + iresult = TcpAliasIn(la, pip); + break; + case IPPROTO_GRE: + if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY || + AliasHandlePptpGreIn(la, pip) == 0) + iresult = PKT_ALIAS_OK; + else + iresult = ProtoAliasIn(la, pip); + break; + default: + iresult = ProtoAliasIn(la, pip); + break; + } - iresult = PKT_ALIAS_IGNORED; - if ( (ntohs(pip->ip_off) & IP_OFFMASK) == 0 ) - { - switch (pip->ip_p) - { - case IPPROTO_ICMP: - iresult = IcmpAliasIn(la, pip); - break; - case IPPROTO_UDP: - iresult = UdpAliasIn(la, pip); - break; - case IPPROTO_TCP: - iresult = TcpAliasIn(la, pip); - break; - case IPPROTO_GRE: - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY || - AliasHandlePptpGreIn(la, pip) == 0) - iresult = PKT_ALIAS_OK; - else - iresult = ProtoAliasIn(la, pip); - break; - default: - iresult = ProtoAliasIn(la, pip); - break; - } + if (ntohs(pip->ip_off) & IP_MF) { + struct alias_link *link; - if (ntohs(pip->ip_off) & IP_MF) - { - struct alias_link *link; + link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id); + if (link != NULL) { + iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT; + SetFragmentAddr(link, pip->ip_dst); + } else { + iresult = PKT_ALIAS_ERROR; + } + } + } else { + iresult = FragmentIn(la, pip); + } - link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id); - if (link != NULL) - { - iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT; - SetFragmentAddr(link, pip->ip_dst); - } - else - { - iresult = PKT_ALIAS_ERROR; - } - } - } - else - { - iresult = FragmentIn(la, pip); - } - - return(iresult); + return (iresult); } @@ -1386,207 +1329,195 @@ LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize) #define UNREG_ADDR_C_UPPER 0xc0a8ffff int -LibAliasOut(struct libalias *la, char *ptr, /* valid IP packet */ - int maxpacketsize /* How much the packet data may grow - (FTP and IRC inline changes) */ - ) +LibAliasOut(struct libalias *la, char *ptr, /* valid IP packet */ + int maxpacketsize /* How much the packet data may grow (FTP + * and IRC inline changes) */ +) { - int iresult; - struct in_addr addr_save; - struct ip *pip; + int iresult; + struct in_addr addr_save; + struct ip *pip; - if (la->packetAliasMode & PKT_ALIAS_REVERSE) { - la->packetAliasMode &= ~PKT_ALIAS_REVERSE; - iresult = PacketAliasIn(ptr, maxpacketsize); - la->packetAliasMode |= PKT_ALIAS_REVERSE; - return iresult; - } + if (la->packetAliasMode & PKT_ALIAS_REVERSE) { + la->packetAliasMode &= ~PKT_ALIAS_REVERSE; + iresult = PacketAliasIn(ptr, maxpacketsize); + la->packetAliasMode |= PKT_ALIAS_REVERSE; + return iresult; + } + HouseKeeping(la); + ClearCheckNewLink(la); + pip = (struct ip *)ptr; - HouseKeeping(la); - ClearCheckNewLink(la); - pip = (struct ip *) ptr; + /* Defense against mangled packets */ + if (ntohs(pip->ip_len) > maxpacketsize + || (pip->ip_hl << 2) > maxpacketsize) + return PKT_ALIAS_IGNORED; - /* Defense against mangled packets */ - if (ntohs(pip->ip_len) > maxpacketsize - || (pip->ip_hl<<2) > maxpacketsize) - return PKT_ALIAS_IGNORED; + addr_save = GetDefaultAliasAddress(la); + if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY) { + u_long addr; + int iclass; - addr_save = GetDefaultAliasAddress(la); - if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY) - { - u_long addr; - int iclass; + iclass = 0; + addr = ntohl(pip->ip_src.s_addr); + if (addr >= UNREG_ADDR_C_LOWER && addr <= UNREG_ADDR_C_UPPER) + iclass = 3; + else if (addr >= UNREG_ADDR_B_LOWER && addr <= UNREG_ADDR_B_UPPER) + iclass = 2; + else if (addr >= UNREG_ADDR_A_LOWER && addr <= UNREG_ADDR_A_UPPER) + iclass = 1; - iclass = 0; - addr = ntohl(pip->ip_src.s_addr); - if (addr >= UNREG_ADDR_C_LOWER && addr <= UNREG_ADDR_C_UPPER) - iclass = 3; - else if (addr >= UNREG_ADDR_B_LOWER && addr <= UNREG_ADDR_B_UPPER) - iclass = 2; - else if (addr >= UNREG_ADDR_A_LOWER && addr <= UNREG_ADDR_A_UPPER) - iclass = 1; + if (iclass == 0) { + SetDefaultAliasAddress(la, pip->ip_src); + } + } else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) { + SetDefaultAliasAddress(la, pip->ip_src); + } + iresult = PKT_ALIAS_IGNORED; + if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) { + switch (pip->ip_p) { + case IPPROTO_ICMP: + iresult = IcmpAliasOut(la, pip); + break; + case IPPROTO_UDP: + iresult = UdpAliasOut(la, pip); + break; + case IPPROTO_TCP: + iresult = TcpAliasOut(la, pip, maxpacketsize); + break; + case IPPROTO_GRE: + if (AliasHandlePptpGreOut(la, pip) == 0) + iresult = PKT_ALIAS_OK; + else + iresult = ProtoAliasOut(la, pip); + break; + default: + iresult = ProtoAliasOut(la, pip); + break; + } + } else { + iresult = FragmentOut(la, pip); + } - if (iclass == 0) - { - SetDefaultAliasAddress(la, pip->ip_src); - } - } - else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) - { - SetDefaultAliasAddress(la, pip->ip_src); - } - - iresult = PKT_ALIAS_IGNORED; - if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) - { - switch (pip->ip_p) - { - case IPPROTO_ICMP: - iresult = IcmpAliasOut(la, pip); - break; - case IPPROTO_UDP: - iresult = UdpAliasOut(la, pip); - break; - case IPPROTO_TCP: - iresult = TcpAliasOut(la, pip, maxpacketsize); - break; - case IPPROTO_GRE: - if (AliasHandlePptpGreOut(la, pip) == 0) - iresult = PKT_ALIAS_OK; - else - iresult = ProtoAliasOut(la, pip); - break; - default: - iresult = ProtoAliasOut(la, pip); - break; - } - } - else - { - iresult = FragmentOut(la, pip); - } - - SetDefaultAliasAddress(la, addr_save); - return(iresult); + SetDefaultAliasAddress(la, addr_save); + return (iresult); } int -LibAliasUnaliasOut(struct libalias *la, char *ptr, /* valid IP packet */ - int maxpacketsize /* for error checking */ - ) +LibAliasUnaliasOut(struct libalias *la, char *ptr, /* valid IP packet */ + int maxpacketsize /* for error checking */ +) { - struct ip *pip; - struct icmp *ic; - struct udphdr *ud; - struct tcphdr *tc; - struct alias_link *link; - int iresult = PKT_ALIAS_IGNORED; + struct ip *pip; + struct icmp *ic; + struct udphdr *ud; + struct tcphdr *tc; + struct alias_link *link; + int iresult = PKT_ALIAS_IGNORED; - pip = (struct ip *) ptr; + pip = (struct ip *)ptr; - /* Defense against mangled packets */ - if (ntohs(pip->ip_len) > maxpacketsize - || (pip->ip_hl<<2) > maxpacketsize) - return(iresult); + /* Defense against mangled packets */ + if (ntohs(pip->ip_len) > maxpacketsize + || (pip->ip_hl << 2) > maxpacketsize) + return (iresult); - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); - tc = (struct tcphdr *) ud; - ic = (struct icmp *) ud; + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)ud; + ic = (struct icmp *)ud; - /* Find a link */ - if (pip->ip_p == IPPROTO_UDP) - link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, - ud->uh_dport, ud->uh_sport, - IPPROTO_UDP, 0); - else if (pip->ip_p == IPPROTO_TCP) - link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, - tc->th_dport, tc->th_sport, - IPPROTO_TCP, 0); - else if (pip->ip_p == IPPROTO_ICMP) - link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0); - else - link = NULL; + /* Find a link */ + if (pip->ip_p == IPPROTO_UDP) + link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, + ud->uh_dport, ud->uh_sport, + IPPROTO_UDP, 0); + else if (pip->ip_p == IPPROTO_TCP) + link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, + tc->th_dport, tc->th_sport, + IPPROTO_TCP, 0); + else if (pip->ip_p == IPPROTO_ICMP) + link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0); + else + link = NULL; - /* Change it from an aliased packet to an unaliased packet */ - if (link != NULL) - { - if (pip->ip_p == IPPROTO_UDP || pip->ip_p == IPPROTO_TCP) - { - u_short *sptr; - int accumulate; - struct in_addr original_address; - u_short original_port; + /* Change it from an aliased packet to an unaliased packet */ + if (link != NULL) { + if (pip->ip_p == IPPROTO_UDP || pip->ip_p == IPPROTO_TCP) { + u_short *sptr; + int accumulate; + struct in_addr original_address; + u_short original_port; - original_address = GetOriginalAddress(link); - original_port = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_port = GetOriginalPort(link); - /* Adjust TCP/UDP checksum */ - sptr = (u_short *) &(pip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; + /* Adjust TCP/UDP checksum */ + sptr = (u_short *) & (pip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; - if (pip->ip_p == IPPROTO_UDP) { - accumulate += ud->uh_sport; - accumulate -= original_port; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); - } else { - accumulate += tc->th_sport; - accumulate -= original_port; - ADJUST_CHECKSUM(accumulate, tc->th_sum); - } + if (pip->ip_p == IPPROTO_UDP) { + accumulate += ud->uh_sport; + accumulate -= original_port; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + } else { + accumulate += tc->th_sport; + accumulate -= original_port; + ADJUST_CHECKSUM(accumulate, tc->th_sum); + } - /* Adjust IP checksum */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_src, - 2); + /* Adjust IP checksum */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_src, + 2); - /* Un-alias source address and port number */ - pip->ip_src = original_address; - if (pip->ip_p == IPPROTO_UDP) - ud->uh_sport = original_port; - else - tc->th_sport = original_port; + /* Un-alias source address and port number */ + pip->ip_src = original_address; + if (pip->ip_p == IPPROTO_UDP) + ud->uh_sport = original_port; + else + tc->th_sport = original_port; - iresult = PKT_ALIAS_OK; + iresult = PKT_ALIAS_OK; - } else if (pip->ip_p == IPPROTO_ICMP) { + } else if (pip->ip_p == IPPROTO_ICMP) { - u_short *sptr; - int accumulate; - struct in_addr original_address; - u_short original_id; + u_short *sptr; + int accumulate; + struct in_addr original_address; + u_short original_id; - original_address = GetOriginalAddress(link); - original_id = GetOriginalPort(link); + original_address = GetOriginalAddress(link); + original_id = GetOriginalPort(link); - /* Adjust ICMP checksum */ - sptr = (u_short *) &(pip->ip_src); - accumulate = *sptr++; - accumulate += *sptr; - sptr = (u_short *) &original_address; - accumulate -= *sptr++; - accumulate -= *sptr; - accumulate += ic->icmp_id; - accumulate -= original_id; - ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); + /* Adjust ICMP checksum */ + sptr = (u_short *) & (pip->ip_src); + accumulate = *sptr++; + accumulate += *sptr; + sptr = (u_short *) & original_address; + accumulate -= *sptr++; + accumulate -= *sptr; + accumulate += ic->icmp_id; + accumulate -= original_id; + ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); - /* Adjust IP checksum */ - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_src, - 2); + /* Adjust IP checksum */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & original_address, + (u_short *) & pip->ip_src, + 2); - /* Un-alias source address and port number */ - pip->ip_src = original_address; - ic->icmp_id = original_id; + /* Un-alias source address and port number */ + pip->ip_src = original_address; + ic->icmp_id = original_id; - iresult = PKT_ALIAS_OK; - } - } - return(iresult); + iresult = PKT_ALIAS_OK; + } + } + return (iresult); } diff --git a/sys/netinet/libalias/alias.h b/sys/netinet/libalias/alias.h index d714126ae46c..0f5ba701565e 100644 --- a/sys/netinet/libalias/alias.h +++ b/sys/netinet/libalias/alias.h @@ -47,11 +47,11 @@ * PacketAlias*() the old API which doesn't take an instance pointer * and therefore can only have one packet engine at a time. * - * LibAlias*() the new API which takes as first argument a pointer to + * LibAlias*() the new API which takes as first argument a pointer to * the instance of the packet aliasing engine. * * The functions otherwise correspond to each other one for one, except - * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were + * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were * were misnamed in the old API. */ @@ -66,107 +66,109 @@ struct libalias; * PacketAliasRedirectProto(), passed to PacketAliasAddServer(), * and freed by PacketAliasRedirectDelete(). */ -struct alias_link; +struct alias_link; /* OLD API */ /* Initialization and control functions. */ -void PacketAliasInit(void); -void PacketAliasSetAddress(struct in_addr _addr); -void PacketAliasSetFWBase(unsigned int _base, unsigned int _num); -void PacketAliasSetSkinnyPort(unsigned int _port); +void PacketAliasInit(void); +void PacketAliasSetAddress(struct in_addr _addr); +void PacketAliasSetFWBase(unsigned int _base, unsigned int _num); +void PacketAliasSetSkinnyPort(unsigned int _port); unsigned int - PacketAliasSetMode(unsigned int _flags, unsigned int _mask); -void PacketAliasUninit(void); + PacketAliasSetMode(unsigned int _flags, unsigned int _mask); +void PacketAliasUninit(void); /* Packet Handling functions. */ -int PacketAliasIn(char *_ptr, int _maxpacketsize); -int PacketAliasOut(char *_ptr, int _maxpacketsize); -int PacketUnaliasOut(char *_ptr, int _maxpacketsize); +int PacketAliasIn(char *_ptr, int _maxpacketsize); +int PacketAliasOut(char *_ptr, int _maxpacketsize); +int PacketUnaliasOut(char *_ptr, int _maxpacketsize); /* Port and address redirection functions. */ -int PacketAliasAddServer(struct alias_link *_link, - struct in_addr _addr, unsigned short _port); +int +PacketAliasAddServer(struct alias_link *_link, + struct in_addr _addr, unsigned short _port); struct alias_link * - PacketAliasRedirectAddr(struct in_addr _src_addr, - struct in_addr _alias_addr); -int PacketAliasRedirectDynamic(struct alias_link *_link); -void PacketAliasRedirectDelete(struct alias_link *_link); +PacketAliasRedirectAddr(struct in_addr _src_addr, + struct in_addr _alias_addr); +int PacketAliasRedirectDynamic(struct alias_link *_link); +void PacketAliasRedirectDelete(struct alias_link *_link); struct alias_link * - PacketAliasRedirectPort(struct in_addr _src_addr, - unsigned short _src_port, struct in_addr _dst_addr, - unsigned short _dst_port, struct in_addr _alias_addr, - unsigned short _alias_port, unsigned char _proto); +PacketAliasRedirectPort(struct in_addr _src_addr, + unsigned short _src_port, struct in_addr _dst_addr, + unsigned short _dst_port, struct in_addr _alias_addr, + unsigned short _alias_port, unsigned char _proto); struct alias_link * - PacketAliasRedirectProto(struct in_addr _src_addr, - struct in_addr _dst_addr, struct in_addr _alias_addr, - unsigned char _proto); +PacketAliasRedirectProto(struct in_addr _src_addr, + struct in_addr _dst_addr, struct in_addr _alias_addr, + unsigned char _proto); /* Fragment Handling functions. */ -void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment); -char *PacketAliasGetFragment(char *_ptr); -int PacketAliasSaveFragment(char *_ptr); +void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment); +char *PacketAliasGetFragment(char *_ptr); +int PacketAliasSaveFragment(char *_ptr); /* Miscellaneous functions. */ -int PacketAliasCheckNewLink(void); +int PacketAliasCheckNewLink(void); unsigned short - PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes); -void PacketAliasSetTarget(struct in_addr _target_addr); + PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes); +void PacketAliasSetTarget(struct in_addr _target_addr); /* Transparent proxying routines. */ -int PacketAliasProxyRule(const char *_cmd); +int PacketAliasProxyRule(const char *_cmd); /* NEW API */ /* Initialization and control functions. */ -struct libalias *LibAliasInit(struct libalias *); -void LibAliasSetAddress(struct libalias *, struct in_addr _addr); -void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num); -void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port); +struct libalias *LibAliasInit(struct libalias *); +void LibAliasSetAddress(struct libalias *, struct in_addr _addr); +void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num); +void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port); unsigned int - LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); -void LibAliasUninit(struct libalias *); + LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); +void LibAliasUninit(struct libalias *); /* Packet Handling functions. */ -int LibAliasIn(struct libalias *, char *_ptr, int _maxpacketsize); -int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize); -int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize); +int LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize); +int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize); +int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize); /* Port and address redirection functions. */ -int LibAliasAddServer(struct libalias *, struct alias_link *_link, - struct in_addr _addr, unsigned short _port); +int +LibAliasAddServer(struct libalias *, struct alias_link *_link, + struct in_addr _addr, unsigned short _port); struct alias_link * - LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, - struct in_addr _alias_addr); -int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link); -void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link); +LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, + struct in_addr _alias_addr); +int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link); +void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link); struct alias_link * - LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, - unsigned short _src_port, struct in_addr _dst_addr, - unsigned short _dst_port, struct in_addr _alias_addr, - unsigned short _alias_port, unsigned char _proto); +LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, + unsigned short _src_port, struct in_addr _dst_addr, + unsigned short _dst_port, struct in_addr _alias_addr, + unsigned short _alias_port, unsigned char _proto); struct alias_link * - LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, - struct in_addr _dst_addr, struct in_addr _alias_addr, - unsigned char _proto); +LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, + struct in_addr _dst_addr, struct in_addr _alias_addr, + unsigned char _proto); /* Fragment Handling functions. */ -void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment); -char *LibAliasGetFragment(struct libalias *, char *_ptr); -int LibAliasSaveFragment(struct libalias *, char *_ptr); +void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment); +char *LibAliasGetFragment(struct libalias *, char *_ptr); +int LibAliasSaveFragment(struct libalias *, char *_ptr); /* Miscellaneous functions. */ -int LibAliasCheckNewLink(struct libalias *); +int LibAliasCheckNewLink(struct libalias *); unsigned short - LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); -void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr); + LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); +void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr); /* Transparent proxying routines. */ -int LibAliasProxyRule(struct libalias *, const char *_cmd); +int LibAliasProxyRule(struct libalias *, const char *_cmd); /* @@ -257,6 +259,6 @@ int LibAliasProxyRule(struct libalias *, const char *_cmd); #define PKT_ALIAS_UNRESOLVED_FRAGMENT 3 #define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4 -#endif /* !_ALIAS_H_ */ +#endif /* !_ALIAS_H_ */ /* lint -restore */ diff --git a/sys/netinet/libalias/alias_cuseeme.c b/sys/netinet/libalias/alias_cuseeme.c index 455973f56d6d..4b0f5a5ddc10 100644 --- a/sys/netinet/libalias/alias_cuseeme.c +++ b/sys/netinet/libalias/alias_cuseeme.c @@ -40,83 +40,84 @@ __FBSDID("$FreeBSD$"); /* CU-SeeMe Data Header */ struct cu_header { - u_int16_t dest_family; - u_int16_t dest_port; - u_int32_t dest_addr; - int16_t family; - u_int16_t port; - u_int32_t addr; - u_int32_t seq; - u_int16_t msg; - u_int16_t data_type; - u_int16_t packet_len; + u_int16_t dest_family; + u_int16_t dest_port; + u_int32_t dest_addr; + int16_t family; + u_int16_t port; + u_int32_t addr; + u_int32_t seq; + u_int16_t msg; + u_int16_t data_type; + u_int16_t packet_len; }; /* Open Continue Header */ struct oc_header { - u_int16_t client_count; /* Number of client info structs */ - u_int32_t seq_no; - char user_name[20]; - char reserved[4]; /* flags, version stuff, etc */ + u_int16_t client_count; /* Number of client info structs */ + u_int32_t seq_no; + char user_name [20]; + char reserved [4]; /* flags, version stuff, etc */ }; /* client info structures */ struct client_info { - u_int32_t address; /* Client address */ - char reserved[8]; /* Flags, pruning bitfield, packet counts etc */ + u_int32_t address;/* Client address */ + char reserved [8]; /* Flags, pruning bitfield, packet + * counts etc */ }; void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *pip, struct alias_link *link) { - struct udphdr *ud; + struct udphdr *ud; - ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) { - struct cu_header *cu; - struct alias_link *cu_link; + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) { + struct cu_header *cu; + struct alias_link *cu_link; - cu = (struct cu_header *)(ud + 1); - if (cu->addr) - cu->addr = (u_int32_t)GetAliasAddress(link).s_addr; + cu = (struct cu_header *)(ud + 1); + if (cu->addr) + cu->addr = (u_int32_t) GetAliasAddress(link).s_addr; - cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), - ud->uh_dport, 0, IPPROTO_UDP, 1); + cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), + ud->uh_dport, 0, IPPROTO_UDP, 1); #ifndef NO_FW_PUNCH - if (cu_link) - PunchFWHole(cu_link); + if (cu_link) + PunchFWHole(cu_link); #endif - } + } } void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *pip, struct in_addr original_addr) { - struct in_addr alias_addr; - struct udphdr *ud; - struct cu_header *cu; - struct oc_header *oc; - struct client_info *ci; - char *end; - int i; + struct in_addr alias_addr; + struct udphdr *ud; + struct cu_header *cu; + struct oc_header *oc; + struct client_info *ci; + char *end; + int i; - alias_addr.s_addr = pip->ip_dst.s_addr; - ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); - cu = (struct cu_header *)(ud + 1); - oc = (struct oc_header *)(cu + 1); - ci = (struct client_info *)(oc + 1); - end = (char *)ud + ntohs(ud->uh_ulen); + alias_addr.s_addr = pip->ip_dst.s_addr; + ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + cu = (struct cu_header *)(ud + 1); + oc = (struct oc_header *)(cu + 1); + ci = (struct client_info *)(oc + 1); + end = (char *)ud + ntohs(ud->uh_ulen); - if ((char *)oc <= end) { - if(cu->dest_addr) - cu->dest_addr = (u_int32_t)original_addr.s_addr; - if(ntohs(cu->data_type) == 101) - /* Find and change our address */ - for(i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++) - if(ci->address == (u_int32_t)alias_addr.s_addr) { - ci->address = (u_int32_t)original_addr.s_addr; - break; - } - } + if ((char *)oc <= end) { + if (cu->dest_addr) + cu->dest_addr = (u_int32_t) original_addr.s_addr; + if (ntohs(cu->data_type) == 101) + /* Find and change our address */ + for (i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++) + if (ci->address == (u_int32_t) alias_addr.s_addr) { + ci->address = (u_int32_t) original_addr.s_addr; + break; + } + } } diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index 92f8814bcf2e..039db039311d 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -1,5 +1,3 @@ -/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- */ - /*- * Copyright (c) 2001 Charles Mott * All rights reserved. @@ -167,7 +165,7 @@ __FBSDID("$FreeBSD$"); #include "alias_local.h" -static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); +static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); /* @@ -190,23 +188,23 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); /* When the link has been used and closed - minimal grace time to allow ACKs and potential re-connect in FTP (XXX - is this allowed?) */ #ifndef TCP_EXPIRE_DEAD -# define TCP_EXPIRE_DEAD 10 +#define TCP_EXPIRE_DEAD 10 #endif /* When the link has been used and closed on one side - the other side is allowed to still send data */ #ifndef TCP_EXPIRE_SINGLEDEAD -# define TCP_EXPIRE_SINGLEDEAD 90 +#define TCP_EXPIRE_SINGLEDEAD 90 #endif /* When the link isn't yet up */ #ifndef TCP_EXPIRE_INITIAL -# define TCP_EXPIRE_INITIAL 300 +#define TCP_EXPIRE_INITIAL 300 #endif /* When the link is up */ #ifndef TCP_EXPIRE_CONNECTED -# define TCP_EXPIRE_CONNECTED 86400 +#define TCP_EXPIRE_CONNECTED 86400 #endif @@ -246,53 +244,52 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); port and link type. */ -struct ack_data_record /* used to save changes to ACK/sequence numbers */ -{ - u_long ack_old; - u_long ack_new; - int delta; - int active; +struct ack_data_record { /* used to save changes to ACK/sequence + * numbers */ + u_long ack_old; + u_long ack_new; + int delta; + int active; }; -struct tcp_state /* Information about TCP connection */ -{ - int in; /* State for outside -> inside */ - int out; /* State for inside -> outside */ - int index; /* Index to ACK data array */ - int ack_modified; /* Indicates whether ACK and sequence numbers */ - /* been modified */ +struct tcp_state { /* Information about TCP connection */ + int in; /* State for outside -> inside */ + int out; /* State for inside -> outside */ + int index; /* Index to ACK data array */ + int ack_modified; /* Indicates whether ACK and + * sequence numbers */ + /* been modified */ }; -#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes - saved for a modified TCP stream */ -struct tcp_dat -{ - struct tcp_state state; - struct ack_data_record ack[N_LINK_TCP_DATA]; - int fwhole; /* Which firewall record is used for this hole? */ +#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes + * saved for a modified TCP stream */ +struct tcp_dat { + struct tcp_state state; + struct ack_data_record ack[N_LINK_TCP_DATA]; + int fwhole; /* Which firewall record is used for this + * hole? */ }; -struct server /* LSNAT server pool (circular list) */ -{ - struct in_addr addr; - u_short port; - struct server *next; +struct server { /* LSNAT server pool (circular list) */ + struct in_addr addr; + u_short port; + struct server *next; }; -struct alias_link /* Main data structure */ -{ - struct libalias *la; - struct in_addr src_addr; /* Address and port information */ - struct in_addr dst_addr; - struct in_addr alias_addr; - struct in_addr proxy_addr; - u_short src_port; - u_short dst_port; - u_short alias_port; - u_short proxy_port; - struct server *server; +struct alias_link { /* Main data structure */ + struct libalias *la; + struct in_addr src_addr; /* Address and port information */ + struct in_addr dst_addr; + struct in_addr alias_addr; + struct in_addr proxy_addr; + u_short src_port; + u_short dst_port; + u_short alias_port; + u_short proxy_port; + struct server *server; - int link_type; /* Type of link: TCP, UDP, ICMP, proto, frag */ + int link_type; /* Type of link: TCP, UDP, ICMP, + * proto, frag */ /* values for link_type */ #define LINK_ICMP IPPROTO_ICMP @@ -303,30 +300,31 @@ struct alias_link /* Main data structure */ #define LINK_ADDR (IPPROTO_MAX + 3) #define LINK_PPTP (IPPROTO_MAX + 4) - int flags; /* indicates special characteristics */ - int pflags; /* protocol-specific flags */ + int flags; /* indicates special characteristics */ + int pflags; /* protocol-specific flags */ /* flag bits */ #define LINK_UNKNOWN_DEST_PORT 0x01 #define LINK_UNKNOWN_DEST_ADDR 0x02 #define LINK_PERMANENT 0x04 -#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */ +#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */ #define LINK_UNFIREWALLED 0x08 - int timestamp; /* Time link was last accessed */ - int expire_time; /* Expire time for link */ + int timestamp; /* Time link was last accessed */ + int expire_time; /* Expire time for link */ - int sockfd; /* socket descriptor */ + int sockfd; /* socket descriptor */ - LIST_ENTRY(alias_link) list_out; /* Linked list of pointers for */ - LIST_ENTRY(alias_link) list_in; /* input and output lookup tables */ + LIST_ENTRY (alias_link) list_out; /* Linked list of + * pointers for */ + LIST_ENTRY (alias_link) list_in; /* input and output + * lookup tables */ - union /* Auxiliary data */ - { - char *frag_ptr; - struct in_addr frag_addr; - struct tcp_dat *tcp; - } data; + union { /* Auxiliary data */ + char *frag_ptr; + struct in_addr frag_addr; + struct tcp_dat *tcp; + } data; }; /* Internal utility routines (used only in alias_db.c) @@ -344,56 +342,58 @@ Lookup table starting points: /* Local prototypes */ -static u_int StartPointIn(struct in_addr, u_short, int); +static u_int StartPointIn(struct in_addr, u_short, int); -static u_int StartPointOut(struct in_addr, struct in_addr, - u_short, u_short, int); +static u_int +StartPointOut(struct in_addr, struct in_addr, + u_short, u_short, int); -static int SeqDiff(u_long, u_long); +static int SeqDiff(u_long, u_long); -static void ShowAliasStats(struct libalias *); +static void ShowAliasStats(struct libalias *); #ifndef NO_FW_PUNCH /* Firewall control */ -static void InitPunchFW(struct libalias *la); -static void UninitPunchFW(struct libalias *la); -static void ClearFWHole(struct alias_link *link); +static void InitPunchFW(struct libalias *la); +static void UninitPunchFW(struct libalias *la); +static void ClearFWHole(struct alias_link *link); + #endif /* Log file control */ -static void InitPacketAliasLog(struct libalias *la); -static void UninitPacketAliasLog(struct libalias *la); +static void InitPacketAliasLog(struct libalias *la); +static void UninitPacketAliasLog(struct libalias *la); -static u_int +static u_int StartPointIn(struct in_addr alias_addr, - u_short alias_port, - int link_type) + u_short alias_port, + int link_type) { - u_int n; + u_int n; - n = alias_addr.s_addr; - if (link_type != LINK_PPTP) - n += alias_port; - n += link_type; - return(n % LINK_TABLE_IN_SIZE); + n = alias_addr.s_addr; + if (link_type != LINK_PPTP) + n += alias_port; + n += link_type; + return (n % LINK_TABLE_IN_SIZE); } -static u_int +static u_int StartPointOut(struct in_addr src_addr, struct in_addr dst_addr, - u_short src_port, u_short dst_port, int link_type) + u_short src_port, u_short dst_port, int link_type) { - u_int n; + u_int n; - n = src_addr.s_addr; - n += dst_addr.s_addr; - if (link_type != LINK_PPTP) { - n += src_port; - n += dst_port; - } - n += link_type; + n = src_addr.s_addr; + n += dst_addr.s_addr; + if (link_type != LINK_PPTP) { + n += src_port; + n += dst_port; + } + n += link_type; - return(n % LINK_TABLE_OUT_SIZE); + return (n % LINK_TABLE_OUT_SIZE); } @@ -407,7 +407,7 @@ SeqDiff(u_long x, u_long y) arithmetic conditions that need to be considered. */ - return (ntohl(y) - ntohl(x)); + return (ntohl(y) - ntohl(x)); } @@ -416,29 +416,28 @@ ShowAliasStats(struct libalias *la) { /* Used for debugging */ - if (la->monitorFile) - { - fprintf(la->monitorFile, - "icmp=%d, udp=%d, tcp=%d, pptp=%d, proto=%d, frag_id=%d frag_ptr=%d", - la->icmpLinkCount, - la->udpLinkCount, - la->tcpLinkCount, - la->pptpLinkCount, - la->protoLinkCount, - la->fragmentIdLinkCount, - la->fragmentPtrLinkCount); + if (la->monitorFile) { + fprintf(la->monitorFile, + "icmp=%d, udp=%d, tcp=%d, pptp=%d, proto=%d, frag_id=%d frag_ptr=%d", + la->icmpLinkCount, + la->udpLinkCount, + la->tcpLinkCount, + la->pptpLinkCount, + la->protoLinkCount, + la->fragmentIdLinkCount, + la->fragmentPtrLinkCount); - fprintf(la->monitorFile, " / tot=%d (sock=%d)\n", - la->icmpLinkCount + la->udpLinkCount - + la->tcpLinkCount - + la->pptpLinkCount - + la->protoLinkCount - + la->fragmentIdLinkCount - + la->fragmentPtrLinkCount, - la->sockCount); + fprintf(la->monitorFile, " / tot=%d (sock=%d)\n", + la->icmpLinkCount + la->udpLinkCount + + la->tcpLinkCount + + la->pptpLinkCount + + la->protoLinkCount + + la->fragmentIdLinkCount + + la->fragmentPtrLinkCount, + la->sockCount); - fflush(la->monitorFile); - } + fflush(la->monitorFile); + } } @@ -467,30 +466,30 @@ Port search: */ /* Local prototypes */ -static int GetNewPort(struct libalias *, struct alias_link *, int); +static int GetNewPort(struct libalias *, struct alias_link *, int); -static u_short GetSocket(struct libalias *, u_short, int *, int); +static u_short GetSocket(struct libalias *, u_short, int *, int); -static void CleanupAliasData(struct libalias *); +static void CleanupAliasData(struct libalias *); -static void IncrementalCleanup(struct libalias *); +static void IncrementalCleanup(struct libalias *); -static void DeleteLink(struct alias_link *); +static void DeleteLink(struct alias_link *); static struct alias_link * AddLink(struct libalias *, struct in_addr, struct in_addr, struct in_addr, - u_short, u_short, int, int); + u_short, u_short, int, int); static struct alias_link * ReLink(struct alias_link *, - struct in_addr, struct in_addr, struct in_addr, - u_short, u_short, int, int); + struct in_addr, struct in_addr, struct in_addr, + u_short, u_short, int, int); static struct alias_link * -FindLinkOut(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); + FindLinkOut (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); static struct alias_link * -FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); + FindLinkIn (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); #define ALIAS_PORT_BASE 0x08000 @@ -511,10 +510,10 @@ FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, static int GetNewPort(struct libalias *la, struct alias_link *link, int alias_port_param) { - int i; - int max_trials; - u_short port_sys; - u_short port_net; + int i; + int max_trials; + u_short port_sys; + u_short port_net; /* Description of alias_port_param for GetNewPort(). When @@ -526,148 +525,126 @@ GetNewPort(struct libalias *la, struct alias_link *link, int alias_port_param) selected port number. */ - if (alias_port_param == GET_ALIAS_PORT) - { - /* - * The aliasing port is automatically selected - * by one of two methods below: - */ - max_trials = GET_NEW_PORT_MAX_ATTEMPTS; + if (alias_port_param == GET_ALIAS_PORT) { + /* + * The aliasing port is automatically selected by one of + * two methods below: + */ + max_trials = GET_NEW_PORT_MAX_ATTEMPTS; - if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) - { - /* - * When the PKT_ALIAS_SAME_PORTS option is - * chosen, the first try will be the - * actual source port. If this is already - * in use, the remainder of the trials - * will be random. - */ - port_net = link->src_port; - port_sys = ntohs(port_net); - } - else - { - /* First trial and all subsequent are random. */ - port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - port_net = htons(port_sys); - } - } - else if (alias_port_param >= 0 && alias_port_param < 0x10000) - { - link->alias_port = (u_short) alias_port_param; - return(0); - } - else - { + if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) { + /* + * When the PKT_ALIAS_SAME_PORTS option is chosen, + * the first try will be the actual source port. If + * this is already in use, the remainder of the + * trials will be random. + */ + port_net = link->src_port; + port_sys = ntohs(port_net); + } else { + /* First trial and all subsequent are random. */ + port_sys = random() & ALIAS_PORT_MASK; + port_sys += ALIAS_PORT_BASE; + port_net = htons(port_sys); + } + } else if (alias_port_param >= 0 && alias_port_param < 0x10000) { + link->alias_port = (u_short) alias_port_param; + return (0); + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetNewPort(): "); - fprintf(stderr, "input parameter error\n"); + fprintf(stderr, "PacketAlias/GetNewPort(): "); + fprintf(stderr, "input parameter error\n"); #endif - return(-1); - } + return (-1); + } /* Port number search */ - for (i=0; idst_addr, link->alias_addr, - link->dst_port, port_net, - link->link_type, 0); + search_result = FindLinkIn(la, link->dst_addr, link->alias_addr, + link->dst_port, port_net, + link->link_type, 0); - if (search_result == NULL) - go_ahead = 1; - else if (!(link->flags & LINK_PARTIALLY_SPECIFIED) - && (search_result->flags & LINK_PARTIALLY_SPECIFIED)) - go_ahead = 1; - else - go_ahead = 0; + if (search_result == NULL) + go_ahead = 1; + else if (!(link->flags & LINK_PARTIALLY_SPECIFIED) + && (search_result->flags & LINK_PARTIALLY_SPECIFIED)) + go_ahead = 1; + else + go_ahead = 0; - if (go_ahead) - { - if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS) - && (link->flags & LINK_PARTIALLY_SPECIFIED) - && ((link->link_type == LINK_TCP) || - (link->link_type == LINK_UDP))) - { - if (GetSocket(la, port_net, &link->sockfd, link->link_type)) - { - link->alias_port = port_net; - return(0); - } - } - else - { - link->alias_port = port_net; - return(0); - } - } - - port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - port_net = htons(port_sys); - } + if (go_ahead) { + if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS) + && (link->flags & LINK_PARTIALLY_SPECIFIED) + && ((link->link_type == LINK_TCP) || + (link->link_type == LINK_UDP))) { + if (GetSocket(la, port_net, &link->sockfd, link->link_type)) { + link->alias_port = port_net; + return (0); + } + } else { + link->alias_port = port_net; + return (0); + } + } + port_sys = random() & ALIAS_PORT_MASK; + port_sys += ALIAS_PORT_BASE; + port_net = htons(port_sys); + } #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetnewPort(): "); - fprintf(stderr, "could not find free port\n"); + fprintf(stderr, "PacketAlias/GetnewPort(): "); + fprintf(stderr, "could not find free port\n"); #endif - return(-1); + return (-1); } -static u_short +static u_short GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type) { - int err; - int sock; - struct sockaddr_in sock_addr; + int err; + int sock; + struct sockaddr_in sock_addr; - if (link_type == LINK_TCP) - sock = socket(AF_INET, SOCK_STREAM, 0); - else if (link_type == LINK_UDP) - sock = socket(AF_INET, SOCK_DGRAM, 0); - else - { + if (link_type == LINK_TCP) + sock = socket(AF_INET, SOCK_STREAM, 0); + else if (link_type == LINK_UDP) + sock = socket(AF_INET, SOCK_DGRAM, 0); + else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetSocket(): "); - fprintf(stderr, "incorrect link type\n"); + fprintf(stderr, "PacketAlias/GetSocket(): "); + fprintf(stderr, "incorrect link type\n"); #endif - return(0); - } + return (0); + } - if (sock < 0) - { + if (sock < 0) { #ifdef DEBUG - fprintf(stderr, "PacketAlias/GetSocket(): "); - fprintf(stderr, "socket() error %d\n", *sockfd); + fprintf(stderr, "PacketAlias/GetSocket(): "); + fprintf(stderr, "socket() error %d\n", *sockfd); #endif - return(0); - } + return (0); + } + sock_addr.sin_family = AF_INET; + sock_addr.sin_addr.s_addr = htonl(INADDR_ANY); + sock_addr.sin_port = port_net; - sock_addr.sin_family = AF_INET; - sock_addr.sin_addr.s_addr = htonl(INADDR_ANY); - sock_addr.sin_port = port_net; - - err = bind(sock, - (struct sockaddr *) &sock_addr, - sizeof(sock_addr)); - if (err == 0) - { - la->sockCount++; - *sockfd = sock; - return(1); - } - else - { - close(sock); - return(0); - } + err = bind(sock, + (struct sockaddr *)&sock_addr, + sizeof(sock_addr)); + if (err == 0) { + la->sockCount++; + *sockfd = sock; + return (1); + } else { + close(sock); + return (0); + } } @@ -679,661 +656,612 @@ GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type) int FindNewPortGroup(struct libalias *la, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_short src_port, - u_short dst_port, - u_short port_count, - u_char proto, - u_char align) + struct in_addr dst_addr, + struct in_addr alias_addr, + u_short src_port, + u_short dst_port, + u_short port_count, + u_char proto, + u_char align) { - int i, j; - int max_trials; - u_short port_sys; - int link_type; + int i, j; + int max_trials; + u_short port_sys; + int link_type; - /* - * Get link_type from protocol - */ + /* + * Get link_type from protocol + */ - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return (0); - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return (0); + break; + } - /* - * The aliasing port is automatically selected - * by one of two methods below: - */ - max_trials = GET_NEW_PORT_MAX_ATTEMPTS; + /* + * The aliasing port is automatically selected by one of two + * methods below: + */ + max_trials = GET_NEW_PORT_MAX_ATTEMPTS; - if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) { - /* - * When the ALIAS_SAME_PORTS option is - * chosen, the first try will be the - * actual source port. If this is already - * in use, the remainder of the trials - * will be random. - */ - port_sys = ntohs(src_port); + if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) { + /* + * When the ALIAS_SAME_PORTS option is chosen, the first + * try will be the actual source port. If this is already + * in use, the remainder of the trials will be random. + */ + port_sys = ntohs(src_port); - } else { + } else { - /* First trial and all subsequent are random. */ - if (align == FIND_EVEN_ALIAS_BASE) - port_sys = random() & ALIAS_PORT_MASK_EVEN; - else - port_sys = random() & ALIAS_PORT_MASK; + /* First trial and all subsequent are random. */ + if (align == FIND_EVEN_ALIAS_BASE) + port_sys = random() & ALIAS_PORT_MASK_EVEN; + else + port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - } + port_sys += ALIAS_PORT_BASE; + } /* Port number search */ - for (i = 0; i < max_trials; i++) { + for (i = 0; i < max_trials; i++) { - struct alias_link *search_result; + struct alias_link *search_result; - for (j = 0; j < port_count; j++) - if (0 != (search_result = FindLinkIn(la, dst_addr, alias_addr, - dst_port, htons(port_sys + j), - link_type, 0))) - break; + for (j = 0; j < port_count; j++) + if (0 != (search_result = FindLinkIn(la, dst_addr, alias_addr, + dst_port, htons(port_sys + j), + link_type, 0))) + break; - /* Found a good range, return base */ - if (j == port_count) - return (htons(port_sys)); + /* Found a good range, return base */ + if (j == port_count) + return (htons(port_sys)); - /* Find a new base to try */ - if (align == FIND_EVEN_ALIAS_BASE) - port_sys = random() & ALIAS_PORT_MASK_EVEN; - else - port_sys = random() & ALIAS_PORT_MASK; + /* Find a new base to try */ + if (align == FIND_EVEN_ALIAS_BASE) + port_sys = random() & ALIAS_PORT_MASK_EVEN; + else + port_sys = random() & ALIAS_PORT_MASK; - port_sys += ALIAS_PORT_BASE; - } + port_sys += ALIAS_PORT_BASE; + } #ifdef DEBUG - fprintf(stderr, "PacketAlias/FindNewPortGroup(): "); - fprintf(stderr, "could not find free port(s)\n"); + fprintf(stderr, "PacketAlias/FindNewPortGroup(): "); + fprintf(stderr, "could not find free port(s)\n"); #endif - return(0); + return (0); } static void CleanupAliasData(struct libalias *la) { - struct alias_link *link; - int i, icount; + struct alias_link *link; + int i, icount; - icount = 0; - for (i=0; ilinkTableOut[i]); - while (link != NULL) - { - struct alias_link *link_next; - link_next = LIST_NEXT(link, list_out); - icount++; - DeleteLink(link); - link = link_next; - } - } + icount = 0; + for (i = 0; i < LINK_TABLE_OUT_SIZE; i++) { + link = LIST_FIRST(&la->linkTableOut[i]); + while (link != NULL) { + struct alias_link *link_next; - la->cleanupIndex =0; + link_next = LIST_NEXT(link, list_out); + icount++; + DeleteLink(link); + link = link_next; + } + } + + la->cleanupIndex = 0; } static void IncrementalCleanup(struct libalias *la) { - int icount; - struct alias_link *link; + int icount; + struct alias_link *link; - icount = 0; - link = LIST_FIRST(&la->linkTableOut[la->cleanupIndex++]); - while (link != NULL) - { - int idelta; - struct alias_link *link_next; + icount = 0; + link = LIST_FIRST(&la->linkTableOut[la->cleanupIndex++]); + while (link != NULL) { + int idelta; + struct alias_link *link_next; - link_next = LIST_NEXT(link, list_out); - idelta = la->timeStamp - link->timestamp; - switch (link->link_type) - { - case LINK_TCP: - if (idelta > link->expire_time) - { - struct tcp_dat *tcp_aux; + link_next = LIST_NEXT(link, list_out); + idelta = la->timeStamp - link->timestamp; + switch (link->link_type) { + case LINK_TCP: + if (idelta > link->expire_time) { + struct tcp_dat *tcp_aux; - tcp_aux = link->data.tcp; - if (tcp_aux->state.in != ALIAS_TCP_STATE_CONNECTED - || tcp_aux->state.out != ALIAS_TCP_STATE_CONNECTED) - { - DeleteLink(link); - icount++; - } - } - break; - default: - if (idelta > link->expire_time) - { - DeleteLink(link); - icount++; - } - break; - } - link = link_next; - } + tcp_aux = link->data.tcp; + if (tcp_aux->state.in != ALIAS_TCP_STATE_CONNECTED + || tcp_aux->state.out != ALIAS_TCP_STATE_CONNECTED) { + DeleteLink(link); + icount++; + } + } + break; + default: + if (idelta > link->expire_time) { + DeleteLink(link); + icount++; + } + break; + } + link = link_next; + } - if (la->cleanupIndex == LINK_TABLE_OUT_SIZE) - la->cleanupIndex = 0; + if (la->cleanupIndex == LINK_TABLE_OUT_SIZE) + la->cleanupIndex = 0; } static void DeleteLink(struct alias_link *link) { - struct libalias *la = link->la; + struct libalias *la = link->la; /* Don't do anything if the link is marked permanent */ - if (la->deleteAllLinks == 0 && link->flags & LINK_PERMANENT) - return; + if (la->deleteAllLinks == 0 && link->flags & LINK_PERMANENT) + return; #ifndef NO_FW_PUNCH /* Delete associated firewall hole, if any */ - ClearFWHole(link); + ClearFWHole(link); #endif /* Free memory allocated for LSNAT server pool */ - if (link->server != NULL) { - struct server *head, *curr, *next; - - head = curr = link->server; - do { - next = curr->next; - free(curr); - } while ((curr = next) != head); - } + if (link->server != NULL) { + struct server *head, *curr, *next; + head = curr = link->server; + do { + next = curr->next; + free(curr); + } while ((curr = next) != head); + } /* Adjust output table pointers */ - LIST_REMOVE(link, list_out); + LIST_REMOVE(link, list_out); /* Adjust input table pointers */ - LIST_REMOVE(link, list_in); + LIST_REMOVE(link, list_in); /* Close socket, if one has been allocated */ - if (link->sockfd != -1) - { - la->sockCount--; - close(link->sockfd); - } - + if (link->sockfd != -1) { + la->sockCount--; + close(link->sockfd); + } /* Link-type dependent cleanup */ - switch(link->link_type) - { - case LINK_ICMP: - la->icmpLinkCount--; - break; - case LINK_UDP: - la->udpLinkCount--; - break; - case LINK_TCP: - la->tcpLinkCount--; - free(link->data.tcp); - break; - case LINK_PPTP: - la->pptpLinkCount--; - break; - case LINK_FRAGMENT_ID: - la->fragmentIdLinkCount--; - break; - case LINK_FRAGMENT_PTR: - la->fragmentPtrLinkCount--; - if (link->data.frag_ptr != NULL) - free(link->data.frag_ptr); - break; + switch (link->link_type) { + case LINK_ICMP: + la->icmpLinkCount--; + break; + case LINK_UDP: + la->udpLinkCount--; + break; + case LINK_TCP: + la->tcpLinkCount--; + free(link->data.tcp); + break; + case LINK_PPTP: + la->pptpLinkCount--; + break; + case LINK_FRAGMENT_ID: + la->fragmentIdLinkCount--; + break; + case LINK_FRAGMENT_PTR: + la->fragmentPtrLinkCount--; + if (link->data.frag_ptr != NULL) + free(link->data.frag_ptr); + break; case LINK_ADDR: - break; - default: - la->protoLinkCount--; - break; - } + break; + default: + la->protoLinkCount--; + break; + } /* Free memory */ - free(link); + free(link); /* Write statistics, if logging enabled */ - if (la->packetAliasMode & PKT_ALIAS_LOG) - { - ShowAliasStats(la); - } + if (la->packetAliasMode & PKT_ALIAS_LOG) { + ShowAliasStats(la); + } } static struct alias_link * -AddLink(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_short src_port, - u_short dst_port, - int alias_port_param, /* if less than zero, alias */ - int link_type) /* port will be automatically */ -{ /* chosen. If greater than */ - u_int start_point; /* zero, equal to alias port */ - struct alias_link *link; +AddLink(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + struct in_addr alias_addr, + u_short src_port, + u_short dst_port, + int alias_port_param, /* if less than zero, alias */ + int link_type) +{ /* port will be automatically *//* chosen. + * If greater than */ + u_int start_point; /* zero, equal to alias port */ + struct alias_link *link; - link = malloc(sizeof(struct alias_link)); - if (link != NULL) - { - /* Basic initialization */ - link->la = la; - link->src_addr = src_addr; - link->dst_addr = dst_addr; - link->alias_addr = alias_addr; - link->proxy_addr.s_addr = INADDR_ANY; - link->src_port = src_port; - link->dst_port = dst_port; - link->proxy_port = 0; - link->server = NULL; - link->link_type = link_type; - link->sockfd = -1; - link->flags = 0; - link->pflags = 0; - link->timestamp = la->timeStamp; + link = malloc(sizeof(struct alias_link)); + if (link != NULL) { + /* Basic initialization */ + link->la = la; + link->src_addr = src_addr; + link->dst_addr = dst_addr; + link->alias_addr = alias_addr; + link->proxy_addr.s_addr = INADDR_ANY; + link->src_port = src_port; + link->dst_port = dst_port; + link->proxy_port = 0; + link->server = NULL; + link->link_type = link_type; + link->sockfd = -1; + link->flags = 0; + link->pflags = 0; + link->timestamp = la->timeStamp; - /* Expiration time */ - switch (link_type) - { - case LINK_ICMP: - link->expire_time = ICMP_EXPIRE_TIME; - break; - case LINK_UDP: - link->expire_time = UDP_EXPIRE_TIME; - break; - case LINK_TCP: - link->expire_time = TCP_EXPIRE_INITIAL; - break; - case LINK_PPTP: - link->flags |= LINK_PERMANENT; /* no timeout. */ - break; - case LINK_FRAGMENT_ID: - link->expire_time = FRAGMENT_ID_EXPIRE_TIME; - break; - case LINK_FRAGMENT_PTR: - link->expire_time = FRAGMENT_PTR_EXPIRE_TIME; - break; - case LINK_ADDR: - break; - default: - link->expire_time = PROTO_EXPIRE_TIME; - break; - } + /* Expiration time */ + switch (link_type) { + case LINK_ICMP: + link->expire_time = ICMP_EXPIRE_TIME; + break; + case LINK_UDP: + link->expire_time = UDP_EXPIRE_TIME; + break; + case LINK_TCP: + link->expire_time = TCP_EXPIRE_INITIAL; + break; + case LINK_PPTP: + link->flags |= LINK_PERMANENT; /* no timeout. */ + break; + case LINK_FRAGMENT_ID: + link->expire_time = FRAGMENT_ID_EXPIRE_TIME; + break; + case LINK_FRAGMENT_PTR: + link->expire_time = FRAGMENT_PTR_EXPIRE_TIME; + break; + case LINK_ADDR: + break; + default: + link->expire_time = PROTO_EXPIRE_TIME; + break; + } - /* Determine alias flags */ - if (dst_addr.s_addr == INADDR_ANY) - link->flags |= LINK_UNKNOWN_DEST_ADDR; - if (dst_port == 0) - link->flags |= LINK_UNKNOWN_DEST_PORT; + /* Determine alias flags */ + if (dst_addr.s_addr == INADDR_ANY) + link->flags |= LINK_UNKNOWN_DEST_ADDR; + if (dst_port == 0) + link->flags |= LINK_UNKNOWN_DEST_PORT; - /* Determine alias port */ - if (GetNewPort(la, link, alias_port_param) != 0) - { - free(link); - return(NULL); - } + /* Determine alias port */ + if (GetNewPort(la, link, alias_port_param) != 0) { + free(link); + return (NULL); + } + /* Link-type dependent initialization */ + switch (link_type) { + struct tcp_dat *aux_tcp; - /* Link-type dependent initialization */ - switch(link_type) - { - struct tcp_dat *aux_tcp; + case LINK_ICMP: + la->icmpLinkCount++; + break; + case LINK_UDP: + la->udpLinkCount++; + break; + case LINK_TCP: + aux_tcp = malloc(sizeof(struct tcp_dat)); + if (aux_tcp != NULL) { + int i; - case LINK_ICMP: - la->icmpLinkCount++; - break; - case LINK_UDP: - la->udpLinkCount++; - break; - case LINK_TCP: - aux_tcp = malloc(sizeof(struct tcp_dat)); - if (aux_tcp != NULL) - { - int i; - - la->tcpLinkCount++; - aux_tcp->state.in = ALIAS_TCP_STATE_NOT_CONNECTED; - aux_tcp->state.out = ALIAS_TCP_STATE_NOT_CONNECTED; - aux_tcp->state.index = 0; - aux_tcp->state.ack_modified = 0; - for (i=0; iack[i].active = 0; - aux_tcp->fwhole = -1; - link->data.tcp = aux_tcp; - } - else - { + la->tcpLinkCount++; + aux_tcp->state.in = ALIAS_TCP_STATE_NOT_CONNECTED; + aux_tcp->state.out = ALIAS_TCP_STATE_NOT_CONNECTED; + aux_tcp->state.index = 0; + aux_tcp->state.ack_modified = 0; + for (i = 0; i < N_LINK_TCP_DATA; i++) + aux_tcp->ack[i].active = 0; + aux_tcp->fwhole = -1; + link->data.tcp = aux_tcp; + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/AddLink: "); - fprintf(stderr, " cannot allocate auxiliary TCP data\n"); + fprintf(stderr, "PacketAlias/AddLink: "); + fprintf(stderr, " cannot allocate auxiliary TCP data\n"); #endif - free(link); - return (NULL); - } - break; - case LINK_PPTP: - la->pptpLinkCount++; - break; - case LINK_FRAGMENT_ID: - la->fragmentIdLinkCount++; - break; - case LINK_FRAGMENT_PTR: - la->fragmentPtrLinkCount++; - break; - case LINK_ADDR: - break; - default: - la->protoLinkCount++; - break; - } + free(link); + return (NULL); + } + break; + case LINK_PPTP: + la->pptpLinkCount++; + break; + case LINK_FRAGMENT_ID: + la->fragmentIdLinkCount++; + break; + case LINK_FRAGMENT_PTR: + la->fragmentPtrLinkCount++; + break; + case LINK_ADDR: + break; + default: + la->protoLinkCount++; + break; + } - /* Set up pointers for output lookup table */ - start_point = StartPointOut(src_addr, dst_addr, - src_port, dst_port, link_type); - LIST_INSERT_HEAD(&la->linkTableOut[start_point], link, list_out); + /* Set up pointers for output lookup table */ + start_point = StartPointOut(src_addr, dst_addr, + src_port, dst_port, link_type); + LIST_INSERT_HEAD(&la->linkTableOut[start_point], link, list_out); - /* Set up pointers for input lookup table */ - start_point = StartPointIn(alias_addr, link->alias_port, link_type); - LIST_INSERT_HEAD(&la->linkTableIn[start_point], link, list_in); - } - else - { + /* Set up pointers for input lookup table */ + start_point = StartPointIn(alias_addr, link->alias_port, link_type); + LIST_INSERT_HEAD(&la->linkTableIn[start_point], link, list_in); + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/AddLink(): "); - fprintf(stderr, "malloc() call failed.\n"); + fprintf(stderr, "PacketAlias/AddLink(): "); + fprintf(stderr, "malloc() call failed.\n"); #endif - } + } - if (la->packetAliasMode & PKT_ALIAS_LOG) - { - ShowAliasStats(la); - } - - return(link); + if (la->packetAliasMode & PKT_ALIAS_LOG) { + ShowAliasStats(la); + } + return (link); } static struct alias_link * ReLink(struct alias_link *old_link, - struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_short src_port, - u_short dst_port, - int alias_port_param, /* if less than zero, alias */ - int link_type) /* port will be automatically */ -{ /* chosen. If greater than */ - struct alias_link *new_link; /* zero, equal to alias port */ - struct libalias *la = old_link->la; + struct in_addr src_addr, + struct in_addr dst_addr, + struct in_addr alias_addr, + u_short src_port, + u_short dst_port, + int alias_port_param, /* if less than zero, alias */ + int link_type) +{ /* port will be automatically *//* chosen. + * If greater than */ + struct alias_link *new_link; /* zero, equal to alias port */ + struct libalias *la = old_link->la; - new_link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, dst_port, alias_port_param, - link_type); + new_link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, dst_port, alias_port_param, + link_type); #ifndef NO_FW_PUNCH - if (new_link != NULL && - old_link->link_type == LINK_TCP && - old_link->data.tcp->fwhole > 0) { - PunchFWHole(new_link); - } + if (new_link != NULL && + old_link->link_type == LINK_TCP && + old_link->data.tcp->fwhole > 0) { + PunchFWHole(new_link); + } #endif - DeleteLink(old_link); - return new_link; + DeleteLink(old_link); + return new_link; } static struct alias_link * _FindLinkOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short dst_port, - int link_type, - int replace_partial_links) + struct in_addr dst_addr, + u_short src_port, + u_short dst_port, + int link_type, + int replace_partial_links) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointOut(src_addr, dst_addr, src_port, dst_port, link_type); - LIST_FOREACH(link, &la->linkTableOut[i], list_out) - { - if (link->src_addr.s_addr == src_addr.s_addr - && link->server == NULL - && link->dst_addr.s_addr == dst_addr.s_addr - && link->dst_port == dst_port - && link->src_port == src_port - && link->link_type == link_type) - { - link->timestamp = la->timeStamp; - break; - } - } + i = StartPointOut(src_addr, dst_addr, src_port, dst_port, link_type); + LIST_FOREACH(link, &la->linkTableOut[i], list_out) { + if (link->src_addr.s_addr == src_addr.s_addr + && link->server == NULL + && link->dst_addr.s_addr == dst_addr.s_addr + && link->dst_port == dst_port + && link->src_port == src_port + && link->link_type == link_type) { + link->timestamp = la->timeStamp; + break; + } + } /* Search for partially specified links. */ - if (link == NULL && replace_partial_links) - { - if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY) - { - link = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, - link_type, 0); - if (link == NULL) - link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, - dst_port, link_type, 0); - } - if (link == NULL && - (dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) - { - link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0, - link_type, 0); - } - if (link != NULL) - { - link = ReLink(link, - src_addr, dst_addr, link->alias_addr, - src_port, dst_port, link->alias_port, - link_type); - } - } - - return(link); + if (link == NULL && replace_partial_links) { + if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY) { + link = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, + link_type, 0); + if (link == NULL) + link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, + dst_port, link_type, 0); + } + if (link == NULL && + (dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) { + link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0, + link_type, 0); + } + if (link != NULL) { + link = ReLink(link, + src_addr, dst_addr, link->alias_addr, + src_port, dst_port, link->alias_port, + link_type); + } + } + return (link); } static struct alias_link * FindLinkOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short dst_port, - int link_type, - int replace_partial_links) + struct in_addr dst_addr, + u_short src_port, + u_short dst_port, + int link_type, + int replace_partial_links) { - struct alias_link *link; + struct alias_link *link; - link = _FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, - link_type, replace_partial_links); + link = _FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, + link_type, replace_partial_links); - if (link == NULL) - { - /* The following allows permanent links to be - specified as using the default source address - (i.e. device interface address) without knowing - in advance what that address is. */ - if (la->aliasAddress.s_addr != INADDR_ANY && - src_addr.s_addr == la->aliasAddress.s_addr) - { - link = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port, - link_type, replace_partial_links); - } - } - - return(link); + if (link == NULL) { + /* + * The following allows permanent links to be specified as + * using the default source address (i.e. device interface + * address) without knowing in advance what that address + * is. + */ + if (la->aliasAddress.s_addr != INADDR_ANY && + src_addr.s_addr == la->aliasAddress.s_addr) { + link = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port, + link_type, replace_partial_links); + } + } + return (link); } static struct alias_link * _FindLinkIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short dst_port, - u_short alias_port, - int link_type, - int replace_partial_links) + struct in_addr alias_addr, + u_short dst_port, + u_short alias_port, + int link_type, + int replace_partial_links) { - int flags_in; - u_int start_point; - struct alias_link *link; - struct alias_link *link_fully_specified; - struct alias_link *link_unknown_all; - struct alias_link *link_unknown_dst_addr; - struct alias_link *link_unknown_dst_port; + int flags_in; + u_int start_point; + struct alias_link *link; + struct alias_link *link_fully_specified; + struct alias_link *link_unknown_all; + struct alias_link *link_unknown_dst_addr; + struct alias_link *link_unknown_dst_port; /* Initialize pointers */ - link_fully_specified = NULL; - link_unknown_all = NULL; - link_unknown_dst_addr = NULL; - link_unknown_dst_port = NULL; + link_fully_specified = NULL; + link_unknown_all = NULL; + link_unknown_dst_addr = NULL; + link_unknown_dst_port = NULL; /* If either the dest addr or port is unknown, the search loop will have to know about this. */ - flags_in = 0; - if (dst_addr.s_addr == INADDR_ANY) - flags_in |= LINK_UNKNOWN_DEST_ADDR; - if (dst_port == 0) - flags_in |= LINK_UNKNOWN_DEST_PORT; + flags_in = 0; + if (dst_addr.s_addr == INADDR_ANY) + flags_in |= LINK_UNKNOWN_DEST_ADDR; + if (dst_port == 0) + flags_in |= LINK_UNKNOWN_DEST_PORT; /* Search loop */ - start_point = StartPointIn(alias_addr, alias_port, link_type); - LIST_FOREACH(link, &la->linkTableIn[start_point], list_in) - { - int flags; + start_point = StartPointIn(alias_addr, alias_port, link_type); + LIST_FOREACH(link, &la->linkTableIn[start_point], list_in) { + int flags; - flags = flags_in | link->flags; - if (!(flags & LINK_PARTIALLY_SPECIFIED)) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->dst_addr.s_addr == dst_addr.s_addr - && link->dst_port == dst_port - && link->link_type == link_type) - { - link_fully_specified = link; - break; - } - } - else if ((flags & LINK_UNKNOWN_DEST_ADDR) - && (flags & LINK_UNKNOWN_DEST_PORT)) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->link_type == link_type) - { - if (link_unknown_all == NULL) - link_unknown_all = link; - } - } - else if (flags & LINK_UNKNOWN_DEST_ADDR) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->link_type == link_type - && link->dst_port == dst_port) - { - if (link_unknown_dst_addr == NULL) - link_unknown_dst_addr = link; - } - } - else if (flags & LINK_UNKNOWN_DEST_PORT) - { - if (link->alias_addr.s_addr == alias_addr.s_addr - && link->alias_port == alias_port - && link->link_type == link_type - && link->dst_addr.s_addr == dst_addr.s_addr) - { - if (link_unknown_dst_port == NULL) - link_unknown_dst_port = link; - } - } - } - - - - if (link_fully_specified != NULL) - { - link_fully_specified->timestamp = la->timeStamp; - link = link_fully_specified; - } - else if (link_unknown_dst_port != NULL) - link = link_unknown_dst_port; - else if (link_unknown_dst_addr != NULL) - link = link_unknown_dst_addr; - else if (link_unknown_all != NULL) - link = link_unknown_all; - else - return (NULL); - - if (replace_partial_links && - (link->flags & LINK_PARTIALLY_SPECIFIED || link->server != NULL)) - { - struct in_addr src_addr; - u_short src_port; - - if (link->server != NULL) { /* LSNAT link */ - src_addr = link->server->addr; - src_port = link->server->port; - link->server = link->server->next; - } else { - src_addr = link->src_addr; - src_port = link->src_port; + flags = flags_in | link->flags; + if (!(flags & LINK_PARTIALLY_SPECIFIED)) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->dst_addr.s_addr == dst_addr.s_addr + && link->dst_port == dst_port + && link->link_type == link_type) { + link_fully_specified = link; + break; + } + } else if ((flags & LINK_UNKNOWN_DEST_ADDR) + && (flags & LINK_UNKNOWN_DEST_PORT)) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->link_type == link_type) { + if (link_unknown_all == NULL) + link_unknown_all = link; + } + } else if (flags & LINK_UNKNOWN_DEST_ADDR) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->link_type == link_type + && link->dst_port == dst_port) { + if (link_unknown_dst_addr == NULL) + link_unknown_dst_addr = link; + } + } else if (flags & LINK_UNKNOWN_DEST_PORT) { + if (link->alias_addr.s_addr == alias_addr.s_addr + && link->alias_port == alias_port + && link->link_type == link_type + && link->dst_addr.s_addr == dst_addr.s_addr) { + if (link_unknown_dst_port == NULL) + link_unknown_dst_port = link; + } + } } - link = ReLink(link, - src_addr, dst_addr, alias_addr, - src_port, dst_port, alias_port, - link_type); - } - return (link); + + if (link_fully_specified != NULL) { + link_fully_specified->timestamp = la->timeStamp; + link = link_fully_specified; + } else if (link_unknown_dst_port != NULL) + link = link_unknown_dst_port; + else if (link_unknown_dst_addr != NULL) + link = link_unknown_dst_addr; + else if (link_unknown_all != NULL) + link = link_unknown_all; + else + return (NULL); + + if (replace_partial_links && + (link->flags & LINK_PARTIALLY_SPECIFIED || link->server != NULL)) { + struct in_addr src_addr; + u_short src_port; + + if (link->server != NULL) { /* LSNAT link */ + src_addr = link->server->addr; + src_port = link->server->port; + link->server = link->server->next; + } else { + src_addr = link->src_addr; + src_port = link->src_port; + } + + link = ReLink(link, + src_addr, dst_addr, alias_addr, + src_port, dst_port, alias_port, + link_type); + } + return (link); } static struct alias_link * FindLinkIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short dst_port, - u_short alias_port, - int link_type, - int replace_partial_links) + struct in_addr alias_addr, + u_short dst_port, + u_short alias_port, + int link_type, + int replace_partial_links) { - struct alias_link *link; + struct alias_link *link; - link = _FindLinkIn(la, dst_addr, alias_addr, dst_port, alias_port, - link_type, replace_partial_links); + link = _FindLinkIn(la, dst_addr, alias_addr, dst_port, alias_port, + link_type, replace_partial_links); - if (link == NULL) - { - /* The following allows permanent links to be - specified as using the default aliasing address - (i.e. device interface address) without knowing - in advance what that address is. */ - if (la->aliasAddress.s_addr != INADDR_ANY && - alias_addr.s_addr == la->aliasAddress.s_addr) - { - link = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port, - link_type, replace_partial_links); - } - } - - return(link); + if (link == NULL) { + /* + * The following allows permanent links to be specified as + * using the default aliasing address (i.e. device + * interface address) without knowing in advance what that + * address is. + */ + if (la->aliasAddress.s_addr != INADDR_ANY && + alias_addr.s_addr == la->aliasAddress.s_addr) { + link = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port, + link_type, replace_partial_links); + } + } + return (link); } @@ -1358,425 +1286,401 @@ FindLinkIn(struct libalias *la, struct in_addr dst_addr, struct alias_link * FindIcmpIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short id_alias, - int create) + struct in_addr alias_addr, + u_short id_alias, + int create) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, id_alias, - LINK_ICMP, 0); - if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) - { - struct in_addr target_addr; + link = FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, id_alias, + LINK_ICMP, 0); + if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) { + struct in_addr target_addr; - target_addr = FindOriginalAddress(la, alias_addr); - link = AddLink(la, target_addr, dst_addr, alias_addr, - id_alias, NO_DEST_PORT, id_alias, - LINK_ICMP); - } - - return (link); + target_addr = FindOriginalAddress(la, alias_addr); + link = AddLink(la, target_addr, dst_addr, alias_addr, + id_alias, NO_DEST_PORT, id_alias, + LINK_ICMP); + } + return (link); } struct alias_link * FindIcmpOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short id, - int create) + struct in_addr dst_addr, + u_short id, + int create) { - struct alias_link * link; + struct alias_link *link; - link = FindLinkOut(la, src_addr, dst_addr, - id, NO_DEST_PORT, - LINK_ICMP, 0); - if (link == NULL && create) - { - struct in_addr alias_addr; + link = FindLinkOut(la, src_addr, dst_addr, + id, NO_DEST_PORT, + LINK_ICMP, 0); + if (link == NULL && create) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - id, NO_DEST_PORT, GET_ALIAS_ID, - LINK_ICMP); - } - - return(link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + id, NO_DEST_PORT, GET_ALIAS_ID, + LINK_ICMP); + } + return (link); } struct alias_link * FindFragmentIn1(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short ip_id) + struct in_addr alias_addr, + u_short ip_id) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, ip_id, - LINK_FRAGMENT_ID, 0); + link = FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, ip_id, + LINK_FRAGMENT_ID, 0); - if (link == NULL) - { - link = AddLink(la, la->nullAddress, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, ip_id, - LINK_FRAGMENT_ID); - } - - return(link); + if (link == NULL) { + link = AddLink(la, la->nullAddress, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, ip_id, + LINK_FRAGMENT_ID); + } + return (link); } struct alias_link * -FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if one */ - struct in_addr alias_addr, /* is not found. */ - u_short ip_id) +FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if + * one */ + struct in_addr alias_addr, /* is not found. */ + u_short ip_id) { - return FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, ip_id, - LINK_FRAGMENT_ID, 0); + return FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, ip_id, + LINK_FRAGMENT_ID, 0); } struct alias_link * AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, - u_short ip_id) + u_short ip_id) { - return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, - NO_SRC_PORT, NO_DEST_PORT, ip_id, - LINK_FRAGMENT_PTR); + return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, + NO_SRC_PORT, NO_DEST_PORT, ip_id, + LINK_FRAGMENT_PTR); } struct alias_link * FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, - u_short ip_id) + u_short ip_id) { - return FindLinkIn(la, dst_addr, la->nullAddress, - NO_DEST_PORT, ip_id, - LINK_FRAGMENT_PTR, 0); + return FindLinkIn(la, dst_addr, la->nullAddress, + NO_DEST_PORT, ip_id, + LINK_FRAGMENT_PTR, 0); } struct alias_link * FindProtoIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_char proto) + struct in_addr alias_addr, + u_char proto) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - NO_DEST_PORT, 0, - proto, 1); + link = FindLinkIn(la, dst_addr, alias_addr, + NO_DEST_PORT, 0, + proto, 1); - if (link == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) - { - struct in_addr target_addr; + if (link == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) { + struct in_addr target_addr; - target_addr = FindOriginalAddress(la, alias_addr); - link = AddLink(la, target_addr, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, 0, - proto); - } - - return (link); + target_addr = FindOriginalAddress(la, alias_addr); + link = AddLink(la, target_addr, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, 0, + proto); + } + return (link); } struct alias_link * FindProtoOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_char proto) + struct in_addr dst_addr, + u_char proto) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkOut(la, src_addr, dst_addr, - NO_SRC_PORT, NO_DEST_PORT, - proto, 1); + link = FindLinkOut(la, src_addr, dst_addr, + NO_SRC_PORT, NO_DEST_PORT, + proto, 1); - if (link == NULL) - { - struct in_addr alias_addr; + if (link == NULL) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, 0, - proto); - } - - return (link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, 0, + proto); + } + return (link); } struct alias_link * FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_short dst_port, - u_short alias_port, - u_char proto, - int create) + struct in_addr alias_addr, + u_short dst_port, + u_short alias_port, + u_char proto, + int create) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return NULL; - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return NULL; + break; + } - link = FindLinkIn(la, dst_addr, alias_addr, - dst_port, alias_port, - link_type, create); + link = FindLinkIn(la, dst_addr, alias_addr, + dst_port, alias_port, + link_type, create); - if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) - { - struct in_addr target_addr; + if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) { + struct in_addr target_addr; - target_addr = FindOriginalAddress(la, alias_addr); - link = AddLink(la, target_addr, dst_addr, alias_addr, - alias_port, dst_port, alias_port, - link_type); - } - - return(link); + target_addr = FindOriginalAddress(la, alias_addr); + link = AddLink(la, target_addr, dst_addr, alias_addr, + alias_port, dst_port, alias_port, + link_type); + } + return (link); } struct alias_link * -FindUdpTcpOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short dst_port, - u_char proto, - int create) +FindUdpTcpOut(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + u_short src_port, + u_short dst_port, + u_char proto, + int create) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return NULL; - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return NULL; + break; + } - link = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create); + link = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create); - if (link == NULL && create) - { - struct in_addr alias_addr; + if (link == NULL && create) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, dst_port, GET_ALIAS_PORT, - link_type); - } - - return(link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, dst_port, GET_ALIAS_PORT, + link_type); + } + return (link); } struct alias_link * -AddPptp(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_int16_t src_call_id) +AddPptp(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + struct in_addr alias_addr, + u_int16_t src_call_id) { - struct alias_link *link; + struct alias_link *link; - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_call_id, 0, GET_ALIAS_PORT, - LINK_PPTP); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_call_id, 0, GET_ALIAS_PORT, + LINK_PPTP); - return (link); + return (link); } struct alias_link * FindPptpOutByCallId(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_int16_t src_call_id) + struct in_addr dst_addr, + u_int16_t src_call_id) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); - LIST_FOREACH(link, &la->linkTableOut[i], list_out) - if (link->link_type == LINK_PPTP && + i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); + LIST_FOREACH(link, &la->linkTableOut[i], list_out) + if (link->link_type == LINK_PPTP && link->src_addr.s_addr == src_addr.s_addr && link->dst_addr.s_addr == dst_addr.s_addr && link->src_port == src_call_id) break; - return (link); + return (link); } struct alias_link * FindPptpOutByPeerCallId(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_int16_t dst_call_id) + struct in_addr dst_addr, + u_int16_t dst_call_id) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); - LIST_FOREACH(link, &la->linkTableOut[i], list_out) - if (link->link_type == LINK_PPTP && + i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); + LIST_FOREACH(link, &la->linkTableOut[i], list_out) + if (link->link_type == LINK_PPTP && link->src_addr.s_addr == src_addr.s_addr && link->dst_addr.s_addr == dst_addr.s_addr && link->dst_port == dst_call_id) break; - return (link); + return (link); } struct alias_link * FindPptpInByCallId(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_int16_t dst_call_id) + struct in_addr alias_addr, + u_int16_t dst_call_id) { - u_int i; - struct alias_link *link; + u_int i; + struct alias_link *link; - i = StartPointIn(alias_addr, 0, LINK_PPTP); - LIST_FOREACH(link, &la->linkTableIn[i], list_in) - if (link->link_type == LINK_PPTP && + i = StartPointIn(alias_addr, 0, LINK_PPTP); + LIST_FOREACH(link, &la->linkTableIn[i], list_in) + if (link->link_type == LINK_PPTP && link->dst_addr.s_addr == dst_addr.s_addr && link->alias_addr.s_addr == alias_addr.s_addr && link->dst_port == dst_call_id) break; - return (link); + return (link); } struct alias_link * FindPptpInByPeerCallId(struct libalias *la, struct in_addr dst_addr, - struct in_addr alias_addr, - u_int16_t alias_call_id) + struct in_addr alias_addr, + u_int16_t alias_call_id) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, dst_addr, alias_addr, - 0/* any */, alias_call_id, - LINK_PPTP, 0); + link = FindLinkIn(la, dst_addr, alias_addr, + 0 /* any */ , alias_call_id, + LINK_PPTP, 0); - return (link); + return (link); } struct alias_link * -FindRtspOut(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - u_short src_port, - u_short alias_port, - u_char proto) +FindRtspOut(struct libalias *la, struct in_addr src_addr, + struct in_addr dst_addr, + u_short src_port, + u_short alias_port, + u_char proto) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch (proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: - return NULL; - break; - } + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: + return NULL; + break; + } - link = FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 1); + link = FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 1); - if (link == NULL) - { - struct in_addr alias_addr; + if (link == NULL) { + struct in_addr alias_addr; - alias_addr = FindAliasAddress(la, src_addr); - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, 0, alias_port, - link_type); - } - - return(link); + alias_addr = FindAliasAddress(la, src_addr); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, 0, alias_port, + link_type); + } + return (link); } struct in_addr FindOriginalAddress(struct libalias *la, struct in_addr alias_addr) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkIn(la, la->nullAddress, alias_addr, - 0, 0, LINK_ADDR, 0); - if (link == NULL) - { - la->newDefaultLink = 1; - if (la->targetAddress.s_addr == INADDR_ANY) - return alias_addr; - else if (la->targetAddress.s_addr == INADDR_NONE) - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : alias_addr; - else - return la->targetAddress; - } - else - { - if (link->server != NULL) { /* LSNAT link */ - struct in_addr src_addr; + link = FindLinkIn(la, la->nullAddress, alias_addr, + 0, 0, LINK_ADDR, 0); + if (link == NULL) { + la->newDefaultLink = 1; + if (la->targetAddress.s_addr == INADDR_ANY) + return alias_addr; + else if (la->targetAddress.s_addr == INADDR_NONE) + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : alias_addr; + else + return la->targetAddress; + } else { + if (link->server != NULL) { /* LSNAT link */ + struct in_addr src_addr; - src_addr = link->server->addr; - link->server = link->server->next; - return (src_addr); - } else if (link->src_addr.s_addr == INADDR_ANY) - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : alias_addr; - else - return link->src_addr; - } + src_addr = link->server->addr; + link->server = link->server->next; + return (src_addr); + } else if (link->src_addr.s_addr == INADDR_ANY) + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : alias_addr; + else + return link->src_addr; + } } struct in_addr FindAliasAddress(struct libalias *la, struct in_addr original_addr) { - struct alias_link *link; + struct alias_link *link; - link = FindLinkOut(la, original_addr, la->nullAddress, - 0, 0, LINK_ADDR, 0); - if (link == NULL) - { - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : original_addr; - } - else - { - if (link->alias_addr.s_addr == INADDR_ANY) - return (la->aliasAddress.s_addr != INADDR_ANY) ? - la->aliasAddress : original_addr; - else - return link->alias_addr; - } + link = FindLinkOut(la, original_addr, la->nullAddress, + 0, 0, LINK_ADDR, 0); + if (link == NULL) { + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : original_addr; + } else { + if (link->alias_addr.s_addr == INADDR_ANY) + return (la->aliasAddress.s_addr != INADDR_ANY) ? + la->aliasAddress : original_addr; + else + return link->alias_addr; + } } @@ -1798,186 +1702,187 @@ FindAliasAddress(struct libalias *la, struct in_addr original_addr) void SetFragmentAddr(struct alias_link *link, struct in_addr src_addr) { - link->data.frag_addr = src_addr; + link->data.frag_addr = src_addr; } void GetFragmentAddr(struct alias_link *link, struct in_addr *src_addr) { - *src_addr = link->data.frag_addr; + *src_addr = link->data.frag_addr; } void SetFragmentPtr(struct alias_link *link, char *fptr) { - link->data.frag_ptr = fptr; + link->data.frag_ptr = fptr; } void GetFragmentPtr(struct alias_link *link, char **fptr) { - *fptr = link->data.frag_ptr; + *fptr = link->data.frag_ptr; } void SetStateIn(struct alias_link *link, int state) { - /* TCP input state */ - switch (state) { - case ALIAS_TCP_STATE_DISCONNECTED: - if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_DEAD; - else - link->expire_time = TCP_EXPIRE_SINGLEDEAD; - break; - case ALIAS_TCP_STATE_CONNECTED: - if (link->data.tcp->state.out == ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_CONNECTED; - break; - default: - abort(); - } - link->data.tcp->state.in = state; + /* TCP input state */ + switch (state) { + case ALIAS_TCP_STATE_DISCONNECTED: + if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_DEAD; + else + link->expire_time = TCP_EXPIRE_SINGLEDEAD; + break; + case ALIAS_TCP_STATE_CONNECTED: + if (link->data.tcp->state.out == ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_CONNECTED; + break; + default: + abort(); + } + link->data.tcp->state.in = state; } void SetStateOut(struct alias_link *link, int state) { - /* TCP output state */ - switch (state) { - case ALIAS_TCP_STATE_DISCONNECTED: - if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_DEAD; - else - link->expire_time = TCP_EXPIRE_SINGLEDEAD; - break; - case ALIAS_TCP_STATE_CONNECTED: - if (link->data.tcp->state.in == ALIAS_TCP_STATE_CONNECTED) - link->expire_time = TCP_EXPIRE_CONNECTED; - break; - default: - abort(); - } - link->data.tcp->state.out = state; + /* TCP output state */ + switch (state) { + case ALIAS_TCP_STATE_DISCONNECTED: + if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_DEAD; + else + link->expire_time = TCP_EXPIRE_SINGLEDEAD; + break; + case ALIAS_TCP_STATE_CONNECTED: + if (link->data.tcp->state.in == ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_CONNECTED; + break; + default: + abort(); + } + link->data.tcp->state.out = state; } int GetStateIn(struct alias_link *link) { - /* TCP input state */ - return link->data.tcp->state.in; + /* TCP input state */ + return link->data.tcp->state.in; } int GetStateOut(struct alias_link *link) { - /* TCP output state */ - return link->data.tcp->state.out; + /* TCP output state */ + return link->data.tcp->state.out; } struct in_addr GetOriginalAddress(struct alias_link *link) { - if (link->src_addr.s_addr == INADDR_ANY) - return link->la->aliasAddress; - else - return(link->src_addr); + if (link->src_addr.s_addr == INADDR_ANY) + return link->la->aliasAddress; + else + return (link->src_addr); } struct in_addr GetDestAddress(struct alias_link *link) { - return(link->dst_addr); + return (link->dst_addr); } struct in_addr GetAliasAddress(struct alias_link *link) { - if (link->alias_addr.s_addr == INADDR_ANY) - return link->la->aliasAddress; - else - return link->alias_addr; + if (link->alias_addr.s_addr == INADDR_ANY) + return link->la->aliasAddress; + else + return link->alias_addr; } struct in_addr GetDefaultAliasAddress(struct libalias *la) { - return la->aliasAddress; + return la->aliasAddress; } void SetDefaultAliasAddress(struct libalias *la, struct in_addr alias_addr) { - la->aliasAddress = alias_addr; + la->aliasAddress = alias_addr; } u_short GetOriginalPort(struct alias_link *link) { - return(link->src_port); + return (link->src_port); } u_short GetAliasPort(struct alias_link *link) { - return(link->alias_port); + return (link->alias_port); } #ifndef NO_FW_PUNCH -static u_short +static u_short GetDestPort(struct alias_link *link) { - return(link->dst_port); + return (link->dst_port); } + #endif void SetAckModified(struct alias_link *link) { /* Indicate that ACK numbers have been modified in a TCP connection */ - link->data.tcp->state.ack_modified = 1; + link->data.tcp->state.ack_modified = 1; } struct in_addr GetProxyAddress(struct alias_link *link) { - return link->proxy_addr; + return link->proxy_addr; } void SetProxyAddress(struct alias_link *link, struct in_addr addr) { - link->proxy_addr = addr; + link->proxy_addr = addr; } u_short GetProxyPort(struct alias_link *link) { - return link->proxy_port; + return link->proxy_port; } void SetProxyPort(struct alias_link *link, u_short port) { - link->proxy_port = port; + link->proxy_port = port; } @@ -1985,7 +1890,7 @@ int GetAckModified(struct alias_link *link) { /* See if ACK numbers have been modified */ - return link->data.tcp->state.ack_modified; + return link->data.tcp->state.ack_modified; } @@ -1998,45 +1903,38 @@ TCP packet. To do this, a circular list of ACK numbers where the TCP packet size was altered is searched. */ - int i; - struct tcphdr *tc; - int delta, ack_diff_min; - u_long ack; + int i; + struct tcphdr *tc; + int delta, ack_diff_min; + u_long ack; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - ack = tc->th_ack; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + ack = tc->th_ack; - delta = 0; - ack_diff_min = -1; - for (i=0; idata.tcp->ack[i]; - if (x.active == 1) - { - int ack_diff; + x = link->data.tcp->ack[i]; + if (x.active == 1) { + int ack_diff; - ack_diff = SeqDiff(x.ack_new, ack); - if (ack_diff >= 0) - { - if (ack_diff_min >= 0) - { - if (ack_diff < ack_diff_min) - { - delta = x.delta; - ack_diff_min = ack_diff; - } - } - else - { - delta = x.delta; - ack_diff_min = ack_diff; - } - } - } - } - return (delta); + ack_diff = SeqDiff(x.ack_new, ack); + if (ack_diff >= 0) { + if (ack_diff_min >= 0) { + if (ack_diff < ack_diff_min) { + delta = x.delta; + ack_diff_min = ack_diff; + } + } else { + delta = x.delta; + ack_diff_min = ack_diff; + } + } + } + } + return (delta); } @@ -2049,45 +1947,38 @@ TCP packet. To do this, a circular list of ACK numbers where the TCP packet size was altered is searched. */ - int i; - struct tcphdr *tc; - int delta, seq_diff_min; - u_long seq; + int i; + struct tcphdr *tc; + int delta, seq_diff_min; + u_long seq; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - seq = tc->th_seq; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + seq = tc->th_seq; - delta = 0; - seq_diff_min = -1; - for (i=0; idata.tcp->ack[i]; - if (x.active == 1) - { - int seq_diff; + x = link->data.tcp->ack[i]; + if (x.active == 1) { + int seq_diff; - seq_diff = SeqDiff(x.ack_old, seq); - if (seq_diff >= 0) - { - if (seq_diff_min >= 0) - { - if (seq_diff < seq_diff_min) - { - delta = x.delta; - seq_diff_min = seq_diff; - } - } - else - { - delta = x.delta; - seq_diff_min = seq_diff; - } - } - } - } - return (delta); + seq_diff = SeqDiff(x.ack_old, seq); + if (seq_diff >= 0) { + if (seq_diff_min >= 0) { + if (seq_diff < seq_diff_min) { + delta = x.delta; + seq_diff_min = seq_diff; + } + } else { + delta = x.delta; + seq_diff_min = seq_diff; + } + } + } + } + return (delta); } @@ -2100,86 +1991,79 @@ information in a circular list. If enough packets have been altered, then this list will begin to overwrite itself. */ - struct tcphdr *tc; - struct ack_data_record x; - int hlen, tlen, dlen; - int i; + struct tcphdr *tc; + struct ack_data_record x; + int hlen, tlen, dlen; + int i; - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - x.ack_old = htonl(ntohl(tc->th_seq) + dlen); - x.ack_new = htonl(ntohl(tc->th_seq) + dlen + delta); - x.delta = delta; - x.active = 1; + x.ack_old = htonl(ntohl(tc->th_seq) + dlen); + x.ack_new = htonl(ntohl(tc->th_seq) + dlen + delta); + x.delta = delta; + x.active = 1; - i = link->data.tcp->state.index; - link->data.tcp->ack[i] = x; + i = link->data.tcp->state.index; + link->data.tcp->ack[i] = x; - i++; - if (i == N_LINK_TCP_DATA) - link->data.tcp->state.index = 0; - else - link->data.tcp->state.index = i; + i++; + if (i == N_LINK_TCP_DATA) + link->data.tcp->state.index = 0; + else + link->data.tcp->state.index = i; } void SetExpire(struct alias_link *link, int expire) { - if (expire == 0) - { - link->flags &= ~LINK_PERMANENT; - DeleteLink(link); - } - else if (expire == -1) - { - link->flags |= LINK_PERMANENT; - } - else if (expire > 0) - { - link->expire_time = expire; - } - else - { + if (expire == 0) { + link->flags &= ~LINK_PERMANENT; + DeleteLink(link); + } else if (expire == -1) { + link->flags |= LINK_PERMANENT; + } else if (expire > 0) { + link->expire_time = expire; + } else { #ifdef DEBUG - fprintf(stderr, "PacketAlias/SetExpire(): "); - fprintf(stderr, "error in expire parameter\n"); + fprintf(stderr, "PacketAlias/SetExpire(): "); + fprintf(stderr, "error in expire parameter\n"); #endif - } + } } void ClearCheckNewLink(struct libalias *la) { - la->newDefaultLink = 0; + la->newDefaultLink = 0; } void SetProtocolFlags(struct alias_link *link, int pflags) { - link->pflags = pflags;; + link->pflags = pflags;; } int GetProtocolFlags(struct alias_link *link) { - return (link->pflags); + return (link->pflags); } void SetDestCallId(struct alias_link *link, u_int16_t cid) { - struct libalias *la = link->la; + struct libalias *la = link->la; - la->deleteAllLinks = 1; - link = ReLink(link, link->src_addr, link->dst_addr, link->alias_addr, - link->src_port, cid, link->alias_port, link->link_type); - la->deleteAllLinks = 0; + la->deleteAllLinks = 1; + link = ReLink(link, link->src_addr, link->dst_addr, link->alias_addr, + link->src_port, cid, link->alias_port, link->link_type); + la->deleteAllLinks = 0; } @@ -2202,52 +2086,47 @@ SetDestCallId(struct alias_link *link, u_int16_t cid) void HouseKeeping(struct libalias *la) { - int i, n, n100; - struct timeval tv; - struct timezone tz; + int i, n, n100; + struct timeval tv; + struct timezone tz; - /* - * Save system time (seconds) in global variable timeStamp for - * use by other functions. This is done so as not to unnecessarily - * waste timeline by making system calls. - */ - gettimeofday(&tv, &tz); - la->timeStamp = tv.tv_sec; + /* + * Save system time (seconds) in global variable timeStamp for use + * by other functions. This is done so as not to unnecessarily + * waste timeline by making system calls. + */ + gettimeofday(&tv, &tz); + la->timeStamp = tv.tv_sec; - /* Compute number of spokes (output table link chains) to cover */ - n100 = LINK_TABLE_OUT_SIZE * 100 + la->houseKeepingResidual; - n100 *= la->timeStamp - la->lastCleanupTime; - n100 /= ALIAS_CLEANUP_INTERVAL_SECS; + /* Compute number of spokes (output table link chains) to cover */ + n100 = LINK_TABLE_OUT_SIZE * 100 + la->houseKeepingResidual; + n100 *= la->timeStamp - la->lastCleanupTime; + n100 /= ALIAS_CLEANUP_INTERVAL_SECS; - n = n100/100; + n = n100 / 100; - /* Handle different cases */ - if (n > ALIAS_CLEANUP_MAX_SPOKES) - { - n = ALIAS_CLEANUP_MAX_SPOKES; - la->lastCleanupTime = la->timeStamp; - la->houseKeepingResidual = 0; + /* Handle different cases */ + if (n > ALIAS_CLEANUP_MAX_SPOKES) { + n = ALIAS_CLEANUP_MAX_SPOKES; + la->lastCleanupTime = la->timeStamp; + la->houseKeepingResidual = 0; - for (i=0; i 0) - { - la->lastCleanupTime = la->timeStamp; - la->houseKeepingResidual = n100 - 100*n; + for (i = 0; i < n; i++) + IncrementalCleanup(la); + } else if (n > 0) { + la->lastCleanupTime = la->timeStamp; + la->houseKeepingResidual = n100 - 100 * n; - for (i=0; ilastCleanupTime = la->timeStamp; - la->houseKeepingResidual = 0; - } + la->lastCleanupTime = la->timeStamp; + la->houseKeepingResidual = 0; + } } @@ -2255,13 +2134,12 @@ HouseKeeping(struct libalias *la) static void InitPacketAliasLog(struct libalias *la) { - if ((~la->packetAliasMode & PKT_ALIAS_LOG) - && (la->monitorFile = fopen("/var/log/alias.log", "w"))) - { - la->packetAliasMode |= PKT_ALIAS_LOG; - fprintf(la->monitorFile, - "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); - } + if ((~la->packetAliasMode & PKT_ALIAS_LOG) + && (la->monitorFile = fopen("/var/log/alias.log", "w"))) { + la->packetAliasMode |= PKT_ALIAS_LOG; + fprintf(la->monitorFile, + "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); + } } @@ -2269,11 +2147,11 @@ InitPacketAliasLog(struct libalias *la) static void UninitPacketAliasLog(struct libalias *la) { - if (la->monitorFile) { - fclose(la->monitorFile); - la->monitorFile = NULL; - } - la->packetAliasMode &= ~PKT_ALIAS_LOG; + if (la->monitorFile) { + fclose(la->monitorFile); + la->monitorFile = NULL; + } + la->packetAliasMode &= ~PKT_ALIAS_LOG; } @@ -2302,132 +2180,125 @@ UninitPacketAliasLog(struct libalias *la) /* Redirection from a specific public addr:port to a private addr:port */ struct alias_link * -LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr, u_short src_port, - struct in_addr dst_addr, u_short dst_port, - struct in_addr alias_addr, u_short alias_port, - u_char proto) +LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr, u_short src_port, + struct in_addr dst_addr, u_short dst_port, + struct in_addr alias_addr, u_short alias_port, + u_char proto) { - int link_type; - struct alias_link *link; + int link_type; + struct alias_link *link; - switch(proto) - { - case IPPROTO_UDP: - link_type = LINK_UDP; - break; - case IPPROTO_TCP: - link_type = LINK_TCP; - break; - default: + switch (proto) { + case IPPROTO_UDP: + link_type = LINK_UDP; + break; + case IPPROTO_TCP: + link_type = LINK_TCP; + break; + default: #ifdef DEBUG - fprintf(stderr, "PacketAliasRedirectPort(): "); - fprintf(stderr, "only TCP and UDP protocols allowed\n"); + fprintf(stderr, "PacketAliasRedirectPort(): "); + fprintf(stderr, "only TCP and UDP protocols allowed\n"); #endif - return NULL; - } + return NULL; + } - link = AddLink(la, src_addr, dst_addr, alias_addr, - src_port, dst_port, alias_port, - link_type); + link = AddLink(la, src_addr, dst_addr, alias_addr, + src_port, dst_port, alias_port, + link_type); - if (link != NULL) - { - link->flags |= LINK_PERMANENT; - } + if (link != NULL) { + link->flags |= LINK_PERMANENT; + } #ifdef DEBUG - else - { - fprintf(stderr, "PacketAliasRedirectPort(): " - "call to AddLink() failed\n"); - } + else { + fprintf(stderr, "PacketAliasRedirectPort(): " + "call to AddLink() failed\n"); + } #endif - return link; + return link; } /* Add server to the pool of servers */ int LibAliasAddServer(struct libalias *la, struct alias_link *link, struct in_addr addr, u_short port) { - struct server *server; + struct server *server; - server = malloc(sizeof(struct server)); + server = malloc(sizeof(struct server)); - if (server != NULL) { - struct server *head; + if (server != NULL) { + struct server *head; - server->addr = addr; - server->port = port; + server->addr = addr; + server->port = port; - head = link->server; - if (head == NULL) - server->next = server; - else { - struct server *s; + head = link->server; + if (head == NULL) + server->next = server; + else { + struct server *s; - for (s = head; s->next != head; s = s->next); - s->next = server; - server->next = head; - } - link->server = server; - return (0); - } else - return (-1); + for (s = head; s->next != head; s = s->next); + s->next = server; + server->next = head; + } + link->server = server; + return (0); + } else + return (-1); } /* Redirect packets of a given IP protocol from a specific public address to a private address */ struct alias_link * LibAliasRedirectProto(struct libalias *la, struct in_addr src_addr, - struct in_addr dst_addr, - struct in_addr alias_addr, - u_char proto) + struct in_addr dst_addr, + struct in_addr alias_addr, + u_char proto) { - struct alias_link *link; + struct alias_link *link; - link = AddLink(la, src_addr, dst_addr, alias_addr, - NO_SRC_PORT, NO_DEST_PORT, 0, - proto); + link = AddLink(la, src_addr, dst_addr, alias_addr, + NO_SRC_PORT, NO_DEST_PORT, 0, + proto); - if (link != NULL) - { - link->flags |= LINK_PERMANENT; - } + if (link != NULL) { + link->flags |= LINK_PERMANENT; + } #ifdef DEBUG - else - { - fprintf(stderr, "PacketAliasRedirectProto(): " - "call to AddLink() failed\n"); - } + else { + fprintf(stderr, "PacketAliasRedirectProto(): " + "call to AddLink() failed\n"); + } #endif - return link; + return link; } /* Static address translation */ struct alias_link * LibAliasRedirectAddr(struct libalias *la, struct in_addr src_addr, - struct in_addr alias_addr) + struct in_addr alias_addr) { - struct alias_link *link; + struct alias_link *link; - link = AddLink(la, src_addr, la->nullAddress, alias_addr, - 0, 0, 0, - LINK_ADDR); + link = AddLink(la, src_addr, la->nullAddress, alias_addr, + 0, 0, 0, + LINK_ADDR); - if (link != NULL) - { - link->flags |= LINK_PERMANENT; - } + if (link != NULL) { + link->flags |= LINK_PERMANENT; + } #ifdef DEBUG - else - { - fprintf(stderr, "PacketAliasRedirectAddr(): " - "call to AddLink() failed\n"); - } + else { + fprintf(stderr, "PacketAliasRedirectAddr(): " + "call to AddLink() failed\n"); + } #endif - return link; + return link; } @@ -2436,12 +2307,12 @@ int LibAliasRedirectDynamic(struct libalias *la, struct alias_link *link) { - if (link->flags & LINK_PARTIALLY_SPECIFIED) - return (-1); - else { - link->flags &= ~LINK_PERMANENT; - return (0); - } + if (link->flags & LINK_PARTIALLY_SPECIFIED) + return (-1); + else { + link->flags &= ~LINK_PERMANENT; + return (0); + } } @@ -2451,147 +2322,143 @@ LibAliasRedirectDelete(struct libalias *la, struct alias_link *link) /* This is a dangerous function to put in the API, because an invalid pointer can crash the program. */ - la->deleteAllLinks = 1; - DeleteLink(link); - la->deleteAllLinks = 0; + la->deleteAllLinks = 1; + DeleteLink(link); + la->deleteAllLinks = 0; } void LibAliasSetAddress(struct libalias *la, struct in_addr addr) { - if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE - && la->aliasAddress.s_addr != addr.s_addr) - CleanupAliasData(la); + if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE + && la->aliasAddress.s_addr != addr.s_addr) + CleanupAliasData(la); - la->aliasAddress = addr; + la->aliasAddress = addr; } void LibAliasSetTarget(struct libalias *la, struct in_addr target_addr) { - la->targetAddress = target_addr; + la->targetAddress = target_addr; } static void finishoff(void) { - while(!LIST_EMPTY(&instancehead)) + while (!LIST_EMPTY(&instancehead)) LibAliasUninit(LIST_FIRST(&instancehead)); } struct libalias * LibAliasInit(struct libalias *la) { - int i; - struct timeval tv; - struct timezone tz; + int i; + struct timeval tv; + struct timezone tz; - if (la == NULL) - { - la = calloc(sizeof *la, 1); - if (la == NULL) - return (la); - if (LIST_EMPTY(&instancehead)) - atexit(finishoff); - LIST_INSERT_HEAD(&instancehead, la, instancelist); - - gettimeofday(&tv, &tz); - la->timeStamp = tv.tv_sec; - la->lastCleanupTime = tv.tv_sec; - la->houseKeepingResidual = 0; + if (la == NULL) { + la = calloc(sizeof *la, 1); + if (la == NULL) + return (la); + if (LIST_EMPTY(&instancehead)) + atexit(finishoff); + LIST_INSERT_HEAD(&instancehead, la, instancelist); - for (i=0; ilinkTableOut[i]); - for (i=0; ilinkTableIn[i]); + gettimeofday(&tv, &tz); + la->timeStamp = tv.tv_sec; + la->lastCleanupTime = tv.tv_sec; + la->houseKeepingResidual = 0; - } - else - { - la->deleteAllLinks = 1; - CleanupAliasData(la); - la->deleteAllLinks = 0; - } + for (i = 0; i < LINK_TABLE_OUT_SIZE; i++) + LIST_INIT(&la->linkTableOut[i]); + for (i = 0; i < LINK_TABLE_IN_SIZE; i++) + LIST_INIT(&la->linkTableIn[i]); - la->aliasAddress.s_addr = INADDR_ANY; - la->targetAddress.s_addr = INADDR_ANY; + } else { + la->deleteAllLinks = 1; + CleanupAliasData(la); + la->deleteAllLinks = 0; + } - la->icmpLinkCount = 0; - la->udpLinkCount = 0; - la->tcpLinkCount = 0; - la->pptpLinkCount = 0; - la->protoLinkCount = 0; - la->fragmentIdLinkCount = 0; - la->fragmentPtrLinkCount = 0; - la->sockCount = 0; + la->aliasAddress.s_addr = INADDR_ANY; + la->targetAddress.s_addr = INADDR_ANY; - la->cleanupIndex =0; + la->icmpLinkCount = 0; + la->udpLinkCount = 0; + la->tcpLinkCount = 0; + la->pptpLinkCount = 0; + la->protoLinkCount = 0; + la->fragmentIdLinkCount = 0; + la->fragmentPtrLinkCount = 0; + la->sockCount = 0; - la->packetAliasMode = PKT_ALIAS_SAME_PORTS - | PKT_ALIAS_USE_SOCKETS - | PKT_ALIAS_RESET_ON_ADDR_CHANGE; + la->cleanupIndex = 0; + + la->packetAliasMode = PKT_ALIAS_SAME_PORTS + | PKT_ALIAS_USE_SOCKETS + | PKT_ALIAS_RESET_ON_ADDR_CHANGE; #ifndef NO_FW_PUNCH - la->fireWallFD = -1; + la->fireWallFD = -1; #endif - return (la); + return (la); } void -LibAliasUninit(struct libalias *la) { - la->deleteAllLinks = 1; - CleanupAliasData(la); - la->deleteAllLinks = 0; - UninitPacketAliasLog(la); +LibAliasUninit(struct libalias *la) +{ + la->deleteAllLinks = 1; + CleanupAliasData(la); + la->deleteAllLinks = 0; + UninitPacketAliasLog(la); #ifndef NO_FW_PUNCH - UninitPunchFW(la); + UninitPunchFW(la); #endif - LIST_REMOVE(la, instancelist); - free(la); + LIST_REMOVE(la, instancelist); + free(la); } /* Change mode for some operations */ unsigned int LibAliasSetMode( struct libalias *la, - unsigned int flags, /* Which state to bring flags to */ - unsigned int mask /* Mask of which flags to affect (use 0 to do a - probe for flag values) */ + unsigned int flags, /* Which state to bring flags to */ + unsigned int mask /* Mask of which flags to affect (use 0 to + * do a probe for flag values) */ ) { /* Enable logging? */ - if (flags & mask & PKT_ALIAS_LOG) - { - InitPacketAliasLog(la); /* Do the enable */ - } else + if (flags & mask & PKT_ALIAS_LOG) { + InitPacketAliasLog(la); /* Do the enable */ + } else /* _Disable_ logging? */ - if (~flags & mask & PKT_ALIAS_LOG) { - UninitPacketAliasLog(la); - } - + if (~flags & mask & PKT_ALIAS_LOG) { + UninitPacketAliasLog(la); + } #ifndef NO_FW_PUNCH /* Start punching holes in the firewall? */ - if (flags & mask & PKT_ALIAS_PUNCH_FW) { - InitPunchFW(la); - } else + if (flags & mask & PKT_ALIAS_PUNCH_FW) { + InitPunchFW(la); + } else /* Stop punching holes in the firewall? */ - if (~flags & mask & PKT_ALIAS_PUNCH_FW) { - UninitPunchFW(la); - } + if (~flags & mask & PKT_ALIAS_PUNCH_FW) { + UninitPunchFW(la); + } #endif /* Other flags can be set/cleared without special action */ - la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask); - return la->packetAliasMode; + la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask); + return la->packetAliasMode; } int LibAliasCheckNewLink(struct libalias *la) { - return la->newDefaultLink; + return la->newDefaultLink; } @@ -2603,7 +2470,7 @@ LibAliasCheckNewLink(struct libalias *la) ****************/ #ifndef IPFW2 -#define IPFW2 1 /* use new ipfw code */ +#define IPFW2 1 /* use new ipfw code */ #endif /* Firewall include files */ @@ -2612,18 +2479,18 @@ LibAliasCheckNewLink(struct libalias *la) #include #include -#if IPFW2 /* support for new firewall code */ +#if IPFW2 /* support for new firewall code */ /* * helper function, updates the pointer to cmd with the length * of the current command, and also cleans up the first word of * the new command in case it has been clobbered before. */ static ipfw_insn * -next_cmd(ipfw_insn *cmd) +next_cmd(ipfw_insn * cmd) { - cmd += F_LEN(cmd); - bzero(cmd, sizeof(*cmd)); - return cmd; + cmd += F_LEN(cmd); + bzero(cmd, sizeof(*cmd)); + return cmd; } /* @@ -2631,71 +2498,72 @@ next_cmd(ipfw_insn *cmd) * Existing flags are preserved. */ static ipfw_insn * -fill_cmd(ipfw_insn *cmd, enum ipfw_opcodes opcode, int size, - int flags, u_int16_t arg) +fill_cmd(ipfw_insn * cmd, enum ipfw_opcodes opcode, int size, + int flags, u_int16_t arg) { - cmd->opcode = opcode; - cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | (size & F_LEN_MASK); - cmd->arg1 = arg; - return next_cmd(cmd); + cmd->opcode = opcode; + cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | (size & F_LEN_MASK); + cmd->arg1 = arg; + return next_cmd(cmd); } static ipfw_insn * -fill_ip(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int32_t addr) +fill_ip(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int32_t addr) { - ipfw_insn_ip *cmd = (ipfw_insn_ip *)cmd1; + ipfw_insn_ip *cmd = (ipfw_insn_ip *) cmd1; - cmd->addr.s_addr = addr; - return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0); + cmd->addr.s_addr = addr; + return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0); } static ipfw_insn * -fill_one_port(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int16_t port) +fill_one_port(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int16_t port) { - ipfw_insn_u16 *cmd = (ipfw_insn_u16 *)cmd1; + ipfw_insn_u16 *cmd = (ipfw_insn_u16 *) cmd1; - cmd->ports[0] = cmd->ports[1] = port; - return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0); + cmd->ports[0] = cmd->ports[1] = port; + return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0); } static int fill_rule(void *buf, int bufsize, int rulenum, - enum ipfw_opcodes action, int proto, - struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp) + enum ipfw_opcodes action, int proto, + struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp) { - struct ip_fw *rule = (struct ip_fw *)buf; - ipfw_insn *cmd = (ipfw_insn *)rule->cmd; + struct ip_fw *rule = (struct ip_fw *)buf; + ipfw_insn *cmd = (ipfw_insn *) rule->cmd; - bzero(buf, bufsize); - rule->rulenum = rulenum; + bzero(buf, bufsize); + rule->rulenum = rulenum; - cmd = fill_cmd(cmd, O_PROTO, F_INSN_SIZE(ipfw_insn), 0, proto); - cmd = fill_ip(cmd, O_IP_SRC, sa.s_addr); - cmd = fill_one_port(cmd, O_IP_SRCPORT, sp); - cmd = fill_ip(cmd, O_IP_DST, da.s_addr); - cmd = fill_one_port(cmd, O_IP_DSTPORT, dp); + cmd = fill_cmd(cmd, O_PROTO, F_INSN_SIZE(ipfw_insn), 0, proto); + cmd = fill_ip(cmd, O_IP_SRC, sa.s_addr); + cmd = fill_one_port(cmd, O_IP_SRCPORT, sp); + cmd = fill_ip(cmd, O_IP_DST, da.s_addr); + cmd = fill_one_port(cmd, O_IP_DSTPORT, dp); - rule->act_ofs = (u_int32_t *)cmd - (u_int32_t *)rule->cmd; - cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0); + rule->act_ofs = (u_int32_t *) cmd - (u_int32_t *) rule->cmd; + cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0); - rule->cmd_len = (u_int32_t *)cmd - (u_int32_t *)rule->cmd; + rule->cmd_len = (u_int32_t *) cmd - (u_int32_t *) rule->cmd; - return ((char *)cmd - (char *)buf); + return ((char *)cmd - (char *)buf); } -#endif /* IPFW2 */ -static void ClearAllFWHoles(struct libalias *la); +#endif /* IPFW2 */ + +static void ClearAllFWHoles(struct libalias *la); #define fw_setfield(la, field, num) \ do { \ (field)[(num) - la->fireWallBaseNum] = 1; \ -} /*lint -save -e717 */ while(0) /*lint -restore */ +} /*lint -save -e717 */ while(0)/* lint -restore */ #define fw_clrfield(la, field, num) \ do { \ (field)[(num) - la->fireWallBaseNum] = 0; \ -} /*lint -save -e717 */ while(0) /*lint -restore */ +} /*lint -save -e717 */ while(0)/* lint -restore */ #define fw_tstfield(la, field, num) ((field)[(num) - la->fireWallBaseNum]) @@ -2703,143 +2571,143 @@ static void InitPunchFW(struct libalias *la) { - la->fireWallField = malloc(la->fireWallNumNums); - if (la->fireWallField) { - memset(la->fireWallField, 0, la->fireWallNumNums); - if (la->fireWallFD < 0) { - la->fireWallFD = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); - } - ClearAllFWHoles(la); - la->fireWallActiveNum = la->fireWallBaseNum; - } + la->fireWallField = malloc(la->fireWallNumNums); + if (la->fireWallField) { + memset(la->fireWallField, 0, la->fireWallNumNums); + if (la->fireWallFD < 0) { + la->fireWallFD = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); + } + ClearAllFWHoles(la); + la->fireWallActiveNum = la->fireWallBaseNum; + } } static void UninitPunchFW(struct libalias *la) { - ClearAllFWHoles(la); - if (la->fireWallFD >= 0) - close(la->fireWallFD); - la->fireWallFD = -1; - if (la->fireWallField) - free(la->fireWallField); - la->fireWallField = NULL; - la->packetAliasMode &= ~PKT_ALIAS_PUNCH_FW; + ClearAllFWHoles(la); + if (la->fireWallFD >= 0) + close(la->fireWallFD); + la->fireWallFD = -1; + if (la->fireWallField) + free(la->fireWallField); + la->fireWallField = NULL; + la->packetAliasMode &= ~PKT_ALIAS_PUNCH_FW; } /* Make a certain link go through the firewall */ void PunchFWHole(struct alias_link *link) { - struct libalias *la; - int r; /* Result code */ - struct ip_fw rule; /* On-the-fly built rule */ - int fwhole; /* Where to punch hole */ + struct libalias *la; + int r; /* Result code */ + struct ip_fw rule; /* On-the-fly built rule */ + int fwhole; /* Where to punch hole */ - la = link->la; + la = link->la; /* Don't do anything unless we are asked to */ - if ( !(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) || - la->fireWallFD < 0 || - link->link_type != LINK_TCP) - return; + if (!(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) || + la->fireWallFD < 0 || + link->link_type != LINK_TCP) + return; - memset(&rule, 0, sizeof rule); + memset(&rule, 0, sizeof rule); /** Build rule **/ - /* Find empty slot */ - for (fwhole = la->fireWallActiveNum; - fwhole < la->fireWallBaseNum + la->fireWallNumNums && - fw_tstfield(la, la->fireWallField, fwhole); - fwhole++) - ; - if (fwhole == la->fireWallBaseNum + la->fireWallNumNums) { - for (fwhole = la->fireWallBaseNum; - fwhole < la->fireWallActiveNum && - fw_tstfield(la, la->fireWallField, fwhole); - fwhole++) - ; - if (fwhole == la->fireWallActiveNum) { - /* No rule point empty - we can't punch more holes. */ - la->fireWallActiveNum = la->fireWallBaseNum; + /* Find empty slot */ + for (fwhole = la->fireWallActiveNum; + fwhole < la->fireWallBaseNum + la->fireWallNumNums && + fw_tstfield(la, la->fireWallField, fwhole); + fwhole++); + if (fwhole == la->fireWallBaseNum + la->fireWallNumNums) { + for (fwhole = la->fireWallBaseNum; + fwhole < la->fireWallActiveNum && + fw_tstfield(la, la->fireWallField, fwhole); + fwhole++); + if (fwhole == la->fireWallActiveNum) { + /* No rule point empty - we can't punch more holes. */ + la->fireWallActiveNum = la->fireWallBaseNum; #ifdef DEBUG - fprintf(stderr, "libalias: Unable to create firewall hole!\n"); + fprintf(stderr, "libalias: Unable to create firewall hole!\n"); #endif - return; - } - } - /* Start next search at next position */ - la->fireWallActiveNum = fwhole+1; + return; + } + } + /* Start next search at next position */ + la->fireWallActiveNum = fwhole + 1; - /* - * generate two rules of the form - * - * add fwhole accept tcp from OAddr OPort to DAddr DPort - * add fwhole accept tcp from DAddr DPort to OAddr OPort - */ + /* + * generate two rules of the form + * + * add fwhole accept tcp from OAddr OPort to DAddr DPort add fwhole + * accept tcp from DAddr DPort to OAddr OPort + */ #if IPFW2 - if (GetOriginalPort(link) != 0 && GetDestPort(link) != 0) { - u_int32_t rulebuf[255]; - int i; + if (GetOriginalPort(link) != 0 && GetDestPort(link) != 0) { + u_int32_t rulebuf[255]; + int i; - i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, - O_ACCEPT, IPPROTO_TCP, - GetOriginalAddress(link), ntohs(GetOriginalPort(link)), - GetDestAddress(link), ntohs(GetDestPort(link)) ); - r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); - if (r) - err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); + i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, + O_ACCEPT, IPPROTO_TCP, + GetOriginalAddress(link), ntohs(GetOriginalPort(link)), + GetDestAddress(link), ntohs(GetDestPort(link))); + r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); + if (r) + err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); - i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, - O_ACCEPT, IPPROTO_TCP, - GetDestAddress(link), ntohs(GetDestPort(link)), - GetOriginalAddress(link), ntohs(GetOriginalPort(link)) ); - r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); - if (r) - err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); - } -#else /* !IPFW2, old code to generate ipfw rule */ + i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, + O_ACCEPT, IPPROTO_TCP, + GetDestAddress(link), ntohs(GetDestPort(link)), + GetOriginalAddress(link), ntohs(GetOriginalPort(link))); + r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i); + if (r) + err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); + } +#else /* !IPFW2, old code to generate ipfw rule */ - /* Build generic part of the two rules */ - rule.fw_number = fwhole; - IP_FW_SETNSRCP(&rule, 1); /* Number of source ports. */ - IP_FW_SETNDSTP(&rule, 1); /* Number of destination ports. */ - rule.fw_flg = IP_FW_F_ACCEPT | IP_FW_F_IN | IP_FW_F_OUT; - rule.fw_prot = IPPROTO_TCP; - rule.fw_smsk.s_addr = INADDR_BROADCAST; - rule.fw_dmsk.s_addr = INADDR_BROADCAST; + /* Build generic part of the two rules */ + rule.fw_number = fwhole; + IP_FW_SETNSRCP(&rule, 1); /* Number of source ports. */ + IP_FW_SETNDSTP(&rule, 1); /* Number of destination ports. */ + rule.fw_flg = IP_FW_F_ACCEPT | IP_FW_F_IN | IP_FW_F_OUT; + rule.fw_prot = IPPROTO_TCP; + rule.fw_smsk.s_addr = INADDR_BROADCAST; + rule.fw_dmsk.s_addr = INADDR_BROADCAST; - /* Build and apply specific part of the rules */ - rule.fw_src = GetOriginalAddress(link); - rule.fw_dst = GetDestAddress(link); - rule.fw_uar.fw_pts[0] = ntohs(GetOriginalPort(link)); - rule.fw_uar.fw_pts[1] = ntohs(GetDestPort(link)); + /* Build and apply specific part of the rules */ + rule.fw_src = GetOriginalAddress(link); + rule.fw_dst = GetDestAddress(link); + rule.fw_uar.fw_pts[0] = ntohs(GetOriginalPort(link)); + rule.fw_uar.fw_pts[1] = ntohs(GetDestPort(link)); - /* Skip non-bound links - XXX should not be strictly necessary, - but seems to leave hole if not done. Leak of non-bound links? - (Code should be left even if the problem is fixed - it is a - clear optimization) */ - if (rule.fw_uar.fw_pts[0] != 0 && rule.fw_uar.fw_pts[1] != 0) { - r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); + /* + * Skip non-bound links - XXX should not be strictly necessary, but + * seems to leave hole if not done. Leak of non-bound links? (Code + * should be left even if the problem is fixed - it is a clear + * optimization) + */ + if (rule.fw_uar.fw_pts[0] != 0 && rule.fw_uar.fw_pts[1] != 0) { + r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); #ifdef DEBUG - if (r) - err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); + if (r) + err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); #endif - rule.fw_src = GetDestAddress(link); - rule.fw_dst = GetOriginalAddress(link); - rule.fw_uar.fw_pts[0] = ntohs(GetDestPort(link)); - rule.fw_uar.fw_pts[1] = ntohs(GetOriginalPort(link)); - r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); + rule.fw_src = GetDestAddress(link); + rule.fw_dst = GetOriginalAddress(link); + rule.fw_uar.fw_pts[0] = ntohs(GetDestPort(link)); + rule.fw_uar.fw_pts[1] = ntohs(GetOriginalPort(link)); + r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); #ifdef DEBUG - if (r) - err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); + if (r) + err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); #endif - } -#endif /* !IPFW2 */ + } +#endif /* !IPFW2 */ /* Indicate hole applied */ - link->data.tcp->fwhole = fwhole; - fw_setfield(la, la->fireWallField, fwhole); + link->data.tcp->fwhole = fwhole; + fw_setfield(la, la->fireWallField, fwhole); } /* Remove a hole in a firewall associated with a particular alias @@ -2848,67 +2716,69 @@ static void ClearFWHole(struct alias_link *link) { - struct libalias *la; + struct libalias *la; - la = link->la; - if (link->link_type == LINK_TCP) { - int fwhole = link->data.tcp->fwhole; /* Where is the firewall hole? */ - struct ip_fw rule; + la = link->la; + if (link->link_type == LINK_TCP) { + int fwhole = link->data.tcp->fwhole; /* Where is the firewall + * hole? */ + struct ip_fw rule; - if (fwhole < 0) - return; + if (fwhole < 0) + return; - memset(&rule, 0, sizeof rule); /* useless for ipfw2 */ + memset(&rule, 0, sizeof rule); /* useless for ipfw2 */ #if IPFW2 - while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, - &fwhole, sizeof fwhole)) - ; -#else /* !IPFW2 */ - rule.fw_number = fwhole; - while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, - &rule, sizeof rule)) - ; -#endif /* !IPFW2 */ - fw_clrfield(la, la->fireWallField, fwhole); - link->data.tcp->fwhole = -1; - } + while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, + &fwhole, sizeof fwhole)); +#else /* !IPFW2 */ + rule.fw_number = fwhole; + while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, + &rule, sizeof rule)); +#endif /* !IPFW2 */ + fw_clrfield(la, la->fireWallField, fwhole); + link->data.tcp->fwhole = -1; + } } /* Clear out the entire range dedicated to firewall holes. */ static void -ClearAllFWHoles(struct libalias *la) { - struct ip_fw rule; /* On-the-fly built rule */ - int i; +ClearAllFWHoles(struct libalias *la) +{ + struct ip_fw rule; /* On-the-fly built rule */ + int i; - if (la->fireWallFD < 0) - return; + if (la->fireWallFD < 0) + return; - memset(&rule, 0, sizeof rule); - for (i = la->fireWallBaseNum; i < la->fireWallBaseNum + la->fireWallNumNums; i++) { + memset(&rule, 0, sizeof rule); + for (i = la->fireWallBaseNum; i < la->fireWallBaseNum + la->fireWallNumNums; i++) { #if IPFW2 - int r = i; - while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r, sizeof r)) - ; -#else /* !IPFW2 */ - rule.fw_number = i; - while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule)) - ; -#endif /* !IPFW2 */ - } - /* XXX: third arg correct here ? /phk */ - memset(la->fireWallField, 0, la->fireWallNumNums); + int r = i; + + while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r, sizeof r)); +#else /* !IPFW2 */ + rule.fw_number = i; + while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule)); +#endif /* !IPFW2 */ + } + /* XXX: third arg correct here ? /phk */ + memset(la->fireWallField, 0, la->fireWallNumNums); } + #endif void -LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num) { +LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num) +{ #ifndef NO_FW_PUNCH - la->fireWallBaseNum = base; - la->fireWallNumNums = num; + la->fireWallBaseNum = base; + la->fireWallNumNums = num; #endif } void -LibAliasSetSkinnyPort(struct libalias *la, unsigned int port) { - la->skinnyPort = port; +LibAliasSetSkinnyPort(struct libalias *la, unsigned int port) +{ + la->skinnyPort = port; } diff --git a/sys/netinet/libalias/alias_ftp.c b/sys/netinet/libalias/alias_ftp.c index 08693a7d0a89..91d49525bc75 100644 --- a/sys/netinet/libalias/alias_ftp.c +++ b/sys/netinet/libalias/alias_ftp.c @@ -87,495 +87,589 @@ __FBSDID("$FreeBSD$"); #define WAIT_CRLF 0x01 enum ftp_message_type { - FTP_PORT_COMMAND, - FTP_EPRT_COMMAND, - FTP_227_REPLY, - FTP_229_REPLY, - FTP_UNKNOWN_MESSAGE + FTP_PORT_COMMAND, + FTP_EPRT_COMMAND, + FTP_227_REPLY, + FTP_229_REPLY, + FTP_UNKNOWN_MESSAGE }; -static int ParseFtpPortCommand(struct libalias *la, char *, int); -static int ParseFtpEprtCommand(struct libalias *la, char *, int); -static int ParseFtp227Reply(struct libalias *la, char *, int); -static int ParseFtp229Reply(struct libalias *la, char *, int); -static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int); +static int ParseFtpPortCommand(struct libalias *la, char *, int); +static int ParseFtpEprtCommand(struct libalias *la, char *, int); +static int ParseFtp227Reply(struct libalias *la, char *, int); +static int ParseFtp229Reply(struct libalias *la, char *, int); +static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int); void AliasHandleFtpOut( -struct libalias *la, -struct ip *pip, /* IP packet to examine/patch */ -struct alias_link *link, /* The link to go through (aliased port) */ -int maxpacketsize /* The maximum size this packet can grow to (including headers) */) + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link, /* The link to go through (aliased port) */ + int maxpacketsize /* The maximum size this packet can grow to + (including headers) */ ) { - int hlen, tlen, dlen, pflags; - char *sptr; - struct tcphdr *tc; - int ftp_message_type; + int hlen, tlen, dlen, pflags; + char *sptr; + struct tcphdr *tc; + int ftp_message_type; /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; /* Place string pointer and beginning of data */ - sptr = (char *) pip; - sptr += hlen; + sptr = (char *)pip; + sptr += hlen; /* * Check that data length is not too long and previous message was * properly terminated with CRLF. */ - pflags = GetProtocolFlags(link); - if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) { - ftp_message_type = FTP_UNKNOWN_MESSAGE; + pflags = GetProtocolFlags(link); + if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) { + ftp_message_type = FTP_UNKNOWN_MESSAGE; - if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) { + if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) { /* * When aliasing a client, check for the PORT/EPRT command. */ - if (ParseFtpPortCommand(la, sptr, dlen)) - ftp_message_type = FTP_PORT_COMMAND; - else if (ParseFtpEprtCommand(la, sptr, dlen)) - ftp_message_type = FTP_EPRT_COMMAND; - } else { + if (ParseFtpPortCommand(la, sptr, dlen)) + ftp_message_type = FTP_PORT_COMMAND; + else if (ParseFtpEprtCommand(la, sptr, dlen)) + ftp_message_type = FTP_EPRT_COMMAND; + } else { /* * When aliasing a server, check for the 227/229 reply. */ - if (ParseFtp227Reply(la, sptr, dlen)) - ftp_message_type = FTP_227_REPLY; - else if (ParseFtp229Reply(la, sptr, dlen)) { - ftp_message_type = FTP_229_REPLY; - la->true_addr.s_addr = pip->ip_src.s_addr; - } + if (ParseFtp227Reply(la, sptr, dlen)) + ftp_message_type = FTP_227_REPLY; + else if (ParseFtp229Reply(la, sptr, dlen)) { + ftp_message_type = FTP_229_REPLY; + la->true_addr.s_addr = pip->ip_src.s_addr; + } + } + + if (ftp_message_type != FTP_UNKNOWN_MESSAGE) + NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type); } - - if (ftp_message_type != FTP_UNKNOWN_MESSAGE) - NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type); - } - /* Track the msgs which are CRLF term'd for PORT/PASV FW breach */ - if (dlen) { /* only if there's data */ - sptr = (char *) pip; /* start over at beginning */ - tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */ - if (sptr[tlen-2] == '\r' && sptr[tlen-1] == '\n') - pflags &= ~WAIT_CRLF; - else - pflags |= WAIT_CRLF; - SetProtocolFlags(link, pflags); - } + if (dlen) { /* only if there's data */ + sptr = (char *)pip; /* start over at beginning */ + tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may + * have grown */ + if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n') + pflags &= ~WAIT_CRLF; + else + pflags |= WAIT_CRLF; + SetProtocolFlags(link, pflags); + } } static int ParseFtpPortCommand(struct libalias *la, char *sptr, int dlen) { - char ch; - int i, state; - u_int32_t addr; - u_short port; - u_int8_t octet; + char ch; + int i, state; + u_int32_t addr; + u_short port; + u_int8_t octet; - /* Format: "PORT A,D,D,R,PO,RT". */ + /* Format: "PORT A,D,D,R,PO,RT". */ - /* Return if data length is too short. */ - if (dlen < 18) - return 0; - - addr = port = octet = 0; - state = -4; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) { - case -4: if (ch == 'P') state++; else return 0; break; - case -3: if (ch == 'O') state++; else return 0; break; - case -2: if (ch == 'R') state++; else return 0; break; - case -1: if (ch == 'T') state++; else return 0; break; - - case 0: - if (isspace(ch)) - break; - else - state++; - case 1: case 3: case 5: case 7: case 9: case 11: - if (isdigit(ch)) { - octet = ch - '0'; - state++; - } else + /* Return if data length is too short. */ + if (dlen < 18) return 0; - break; - case 2: case 4: case 6: case 8: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',') { - addr = (addr << 8) + octet; - state++; - } else - return 0; - break; - case 10: case 12: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',' || state == 12) { - port = (port << 8) + octet; - state++; - } else - return 0; - break; + + addr = port = octet = 0; + state = -4; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -4: + if (ch == 'P') + state++; + else + return 0; + break; + case -3: + if (ch == 'O') + state++; + else + return 0; + break; + case -2: + if (ch == 'R') + state++; + else + return 0; + break; + case -1: + if (ch == 'T') + state++; + else + return 0; + break; + + case 0: + if (isspace(ch)) + break; + else + state++; + case 1: + case 3: + case 5: + case 7: + case 9: + case 11: + if (isdigit(ch)) { + octet = ch - '0'; + state++; + } else + return 0; + break; + case 2: + case 4: + case 6: + case 8: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',') { + addr = (addr << 8) + octet; + state++; + } else + return 0; + break; + case 10: + case 12: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',' || state == 12) { + port = (port << 8) + octet; + state++; + } else + return 0; + break; + } } - } - if (state == 13) { - la->true_addr.s_addr = htonl(addr); - la->true_port = port; - return 1; - } else - return 0; + if (state == 13) { + la->true_addr.s_addr = htonl(addr); + la->true_port = port; + return 1; + } else + return 0; } static int ParseFtpEprtCommand(struct libalias *la, char *sptr, int dlen) { - char ch, delim; - int i, state; - u_int32_t addr; - u_short port; - u_int8_t octet; + char ch, delim; + int i, state; + u_int32_t addr; + u_short port; + u_int8_t octet; - /* Format: "EPRT |1|A.D.D.R|PORT|". */ + /* Format: "EPRT |1|A.D.D.R|PORT|". */ - /* Return if data length is too short. */ - if (dlen < 18) - return 0; + /* Return if data length is too short. */ + if (dlen < 18) + return 0; - addr = port = octet = 0; - delim = '|'; /* XXX gcc -Wuninitialized */ - state = -4; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) - { - case -4: if (ch == 'E') state++; else return 0; break; - case -3: if (ch == 'P') state++; else return 0; break; - case -2: if (ch == 'R') state++; else return 0; break; - case -1: if (ch == 'T') state++; else return 0; break; + addr = port = octet = 0; + delim = '|'; /* XXX gcc -Wuninitialized */ + state = -4; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -4: + if (ch == 'E') + state++; + else + return 0; + break; + case -3: + if (ch == 'P') + state++; + else + return 0; + break; + case -2: + if (ch == 'R') + state++; + else + return 0; + break; + case -1: + if (ch == 'T') + state++; + else + return 0; + break; - case 0: - if (!isspace(ch)) { - delim = ch; - state++; - } - break; - case 1: - if (ch == '1') /* IPv4 address */ - state++; - else - return 0; - break; - case 2: - if (ch == delim) - state++; - else - return 0; - break; - case 3: case 5: case 7: case 9: - if (isdigit(ch)) { - octet = ch - '0'; - state++; - } else - return 0; - break; - case 4: case 6: case 8: case 10: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == '.' || state == 10) { - addr = (addr << 8) + octet; - state++; - } else - return 0; - break; - case 11: - if (isdigit(ch)) { - port = ch - '0'; - state++; - } else - return 0; - break; - case 12: - if (isdigit(ch)) - port = 10 * port + ch - '0'; - else if (ch == delim) - state++; - else - return 0; - break; + case 0: + if (!isspace(ch)) { + delim = ch; + state++; + } + break; + case 1: + if (ch == '1') /* IPv4 address */ + state++; + else + return 0; + break; + case 2: + if (ch == delim) + state++; + else + return 0; + break; + case 3: + case 5: + case 7: + case 9: + if (isdigit(ch)) { + octet = ch - '0'; + state++; + } else + return 0; + break; + case 4: + case 6: + case 8: + case 10: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == '.' || state == 10) { + addr = (addr << 8) + octet; + state++; + } else + return 0; + break; + case 11: + if (isdigit(ch)) { + port = ch - '0'; + state++; + } else + return 0; + break; + case 12: + if (isdigit(ch)) + port = 10 * port + ch - '0'; + else if (ch == delim) + state++; + else + return 0; + break; + } } - } - if (state == 13) { - la->true_addr.s_addr = htonl(addr); - la->true_port = port; - return 1; - } else - return 0; + if (state == 13) { + la->true_addr.s_addr = htonl(addr); + la->true_port = port; + return 1; + } else + return 0; } static int ParseFtp227Reply(struct libalias *la, char *sptr, int dlen) { - char ch; - int i, state; - u_int32_t addr; - u_short port; - u_int8_t octet; + char ch; + int i, state; + u_int32_t addr; + u_short port; + u_int8_t octet; - /* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */ + /* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */ - /* Return if data length is too short. */ - if (dlen < 17) - return 0; - - addr = port = octet = 0; - - state = -3; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) - { - case -3: if (ch == '2') state++; else return 0; break; - case -2: if (ch == '2') state++; else return 0; break; - case -1: if (ch == '7') state++; else return 0; break; - - case 0: - if (ch == '(') - state++; - break; - case 1: case 3: case 5: case 7: case 9: case 11: - if (isdigit(ch)) { - octet = ch - '0'; - state++; - } else + /* Return if data length is too short. */ + if (dlen < 17) return 0; - break; - case 2: case 4: case 6: case 8: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',') { - addr = (addr << 8) + octet; - state++; - } else - return 0; - break; - case 10: case 12: - if (isdigit(ch)) - octet = 10 * octet + ch - '0'; - else if (ch == ',' || (state == 12 && ch == ')')) { - port = (port << 8) + octet; - state++; - } else - return 0; - break; + + addr = port = octet = 0; + + state = -3; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -3: + if (ch == '2') + state++; + else + return 0; + break; + case -2: + if (ch == '2') + state++; + else + return 0; + break; + case -1: + if (ch == '7') + state++; + else + return 0; + break; + + case 0: + if (ch == '(') + state++; + break; + case 1: + case 3: + case 5: + case 7: + case 9: + case 11: + if (isdigit(ch)) { + octet = ch - '0'; + state++; + } else + return 0; + break; + case 2: + case 4: + case 6: + case 8: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',') { + addr = (addr << 8) + octet; + state++; + } else + return 0; + break; + case 10: + case 12: + if (isdigit(ch)) + octet = 10 * octet + ch - '0'; + else if (ch == ',' || (state == 12 && ch == ')')) { + port = (port << 8) + octet; + state++; + } else + return 0; + break; + } } - } - if (state == 13) { - la->true_port = port; - la->true_addr.s_addr = htonl(addr); - return 1; - } else - return 0; + if (state == 13) { + la->true_port = port; + la->true_addr.s_addr = htonl(addr); + return 1; + } else + return 0; } static int ParseFtp229Reply(struct libalias *la, char *sptr, int dlen) { - char ch, delim; - int i, state; - u_short port; + char ch, delim; + int i, state; + u_short port; - /* Format: "229 Entering Extended Passive Mode (|||PORT|)" */ + /* Format: "229 Entering Extended Passive Mode (|||PORT|)" */ - /* Return if data length is too short. */ - if (dlen < 11) - return 0; - - port = 0; - delim = '|'; /* XXX gcc -Wuninitialized */ - - state = -3; - for (i = 0; i < dlen; i++) { - ch = sptr[i]; - switch (state) - { - case -3: if (ch == '2') state++; else return 0; break; - case -2: if (ch == '2') state++; else return 0; break; - case -1: if (ch == '9') state++; else return 0; break; - - case 0: - if (ch == '(') - state++; - break; - case 1: - delim = ch; - state++; - break; - case 2: case 3: - if (ch == delim) - state++; - else + /* Return if data length is too short. */ + if (dlen < 11) return 0; - break; - case 4: - if (isdigit(ch)) { - port = ch - '0'; - state++; - } else - return 0; - break; - case 5: - if (isdigit(ch)) - port = 10 * port + ch - '0'; - else if (ch == delim) - state++; - else - return 0; - break; - case 6: - if (ch == ')') - state++; - else - return 0; - break; + + port = 0; + delim = '|'; /* XXX gcc -Wuninitialized */ + + state = -3; + for (i = 0; i < dlen; i++) { + ch = sptr[i]; + switch (state) { + case -3: + if (ch == '2') + state++; + else + return 0; + break; + case -2: + if (ch == '2') + state++; + else + return 0; + break; + case -1: + if (ch == '9') + state++; + else + return 0; + break; + + case 0: + if (ch == '(') + state++; + break; + case 1: + delim = ch; + state++; + break; + case 2: + case 3: + if (ch == delim) + state++; + else + return 0; + break; + case 4: + if (isdigit(ch)) { + port = ch - '0'; + state++; + } else + return 0; + break; + case 5: + if (isdigit(ch)) + port = 10 * port + ch - '0'; + else if (ch == delim) + state++; + else + return 0; + break; + case 6: + if (ch == ')') + state++; + else + return 0; + break; + } } - } - if (state == 7) { - la->true_port = port; - return 1; - } else - return 0; + if (state == 7) { + la->true_port = port; + return 1; + } else + return 0; } static void NewFtpMessage(struct libalias *la, struct ip *pip, - struct alias_link *link, - int maxpacketsize, - int ftp_message_type) + struct alias_link *link, + int maxpacketsize, + int ftp_message_type) { - struct alias_link *ftp_link; + struct alias_link *ftp_link; /* Security checks. */ - if (pip->ip_src.s_addr != la->true_addr.s_addr) - return; + if (pip->ip_src.s_addr != la->true_addr.s_addr) + return; - if (la->true_port < IPPORT_RESERVED) - return; + if (la->true_port < IPPORT_RESERVED) + return; /* Establish link to address and port found in FTP control message. */ - ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link), - htons(la->true_port), 0, IPPROTO_TCP, 1); + ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link), + htons(la->true_port), 0, IPPROTO_TCP, 1); - if (ftp_link != NULL) - { - int slen, hlen, tlen, dlen; - struct tcphdr *tc; + if (ftp_link != NULL) { + int slen, hlen, tlen, dlen; + struct tcphdr *tc; #ifndef NO_FW_PUNCH - /* Punch hole in firewall */ - PunchFWHole(ftp_link); + /* Punch hole in firewall */ + PunchFWHole(ftp_link); #endif /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; /* Create new FTP message. */ - { - char stemp[MAX_MESSAGE_SIZE + 1]; - char *sptr; - u_short alias_port; - u_char *ptr; - int a1, a2, a3, a4, p1, p2; - struct in_addr alias_address; + { + char stemp[MAX_MESSAGE_SIZE + 1]; + char *sptr; + u_short alias_port; + u_char *ptr; + int a1, a2, a3, a4, p1, p2; + struct in_addr alias_address; /* Decompose alias address into quad format */ - alias_address = GetAliasAddress(link); - ptr = (u_char *) &alias_address.s_addr; - a1 = *ptr++; a2=*ptr++; a3=*ptr++; a4=*ptr; + alias_address = GetAliasAddress(link); + ptr = (u_char *) & alias_address.s_addr; + a1 = *ptr++; + a2 = *ptr++; + a3 = *ptr++; + a4 = *ptr; - alias_port = GetAliasPort(ftp_link); + alias_port = GetAliasPort(ftp_link); - switch (ftp_message_type) - { - case FTP_PORT_COMMAND: - case FTP_227_REPLY: - /* Decompose alias port into pair format. */ - ptr = (char *) &alias_port; - p1 = *ptr++; p2=*ptr; + switch (ftp_message_type) { + case FTP_PORT_COMMAND: + case FTP_227_REPLY: + /* Decompose alias port into pair format. */ + ptr = (char *)&alias_port; + p1 = *ptr++; + p2 = *ptr; - if (ftp_message_type == FTP_PORT_COMMAND) { - /* Generate PORT command string. */ - sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n", - a1,a2,a3,a4,p1,p2); - } else { - /* Generate 227 reply string. */ - sprintf(stemp, - "227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n", - a1,a2,a3,a4,p1,p2); - } - break; - case FTP_EPRT_COMMAND: - /* Generate EPRT command string. */ - sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n", - a1,a2,a3,a4,ntohs(alias_port)); - break; - case FTP_229_REPLY: - /* Generate 229 reply string. */ - sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n", - ntohs(alias_port)); - break; - } + if (ftp_message_type == FTP_PORT_COMMAND) { + /* Generate PORT command string. */ + sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n", + a1, a2, a3, a4, p1, p2); + } else { + /* Generate 227 reply string. */ + sprintf(stemp, + "227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n", + a1, a2, a3, a4, p1, p2); + } + break; + case FTP_EPRT_COMMAND: + /* Generate EPRT command string. */ + sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n", + a1, a2, a3, a4, ntohs(alias_port)); + break; + case FTP_229_REPLY: + /* Generate 229 reply string. */ + sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n", + ntohs(alias_port)); + break; + } /* Save string length for IP header modification */ - slen = strlen(stemp); + slen = strlen(stemp); /* Copy modified buffer into IP packet. */ - sptr = (char *) pip; sptr += hlen; - strncpy(sptr, stemp, maxpacketsize-hlen); - } + sptr = (char *)pip; + sptr += hlen; + strncpy(sptr, stemp, maxpacketsize - hlen); + } /* Save information regarding modified seq and ack numbers */ - { - int delta; + { + int delta; - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta+slen-dlen); - } + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + slen - dlen); + } /* Revise IP header */ - { - u_short new_len; + { + u_short new_len; - new_len = htons(hlen + slen); - DifferentialChecksum(&pip->ip_sum, - &new_len, - &pip->ip_len, - 1); - pip->ip_len = new_len; - } + new_len = htons(hlen + slen); + DifferentialChecksum(&pip->ip_sum, + &new_len, + &pip->ip_len, + 1); + pip->ip_len = new_len; + } /* Compute TCP checksum for revised packet */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); - } - else - { + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); + } else { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n"); + fprintf(stderr, + "PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n"); #endif - } + } } diff --git a/sys/netinet/libalias/alias_irc.c b/sys/netinet/libalias/alias_irc.c index 3b2ff9229e59..5785e54a7594 100644 --- a/sys/netinet/libalias/alias_irc.c +++ b/sys/netinet/libalias/alias_irc.c @@ -65,277 +65,305 @@ __FBSDID("$FreeBSD$"); void -AliasHandleIrcOut(struct libalias *la, - struct ip *pip, /* IP packet to examine */ - struct alias_link *link, /* Which link are we on? */ - int maxsize /* Maximum size of IP packet including headers */ - ) +AliasHandleIrcOut(struct libalias *la, + struct ip *pip, /* IP packet to examine */ + struct alias_link *link, /* Which link are we on? */ + int maxsize /* Maximum size of IP packet including + * headers */ +) { - int hlen, tlen, dlen; - struct in_addr true_addr; - u_short true_port; - char *sptr; - struct tcphdr *tc; - int i; /* Iterator through the source */ + int hlen, tlen, dlen; + struct in_addr true_addr; + u_short true_port; + char *sptr; + struct tcphdr *tc; + int i; /* Iterator through the source */ /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - /* Return if data length is too short - assume an entire PRIVMSG in each packet. */ - if (dlen= dlen || iCopy >= sizeof(newpacket) ) - goto lPACKET_DONE; - newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start character */ - /* Start of a CTCP */ - if( i+4 >= dlen ) /* Too short for DCC */ - goto lBAD_CTCP; - if( sptr[i+0] != 'D' ) - goto lBAD_CTCP; - if( sptr[i+1] != 'C' ) - goto lBAD_CTCP; - if( sptr[i+2] != 'C' ) - goto lBAD_CTCP; - if( sptr[i+3] != ' ' ) - goto lBAD_CTCP; - /* We have a DCC command - handle it! */ - i+= 4; /* Skip "DCC " */ - if( iCopy+4 > sizeof(newpacket) ) - goto lPACKET_DONE; - newpacket[iCopy++] = 'D'; - newpacket[iCopy++] = 'C'; - newpacket[iCopy++] = 'C'; - newpacket[iCopy++] = ' '; + { + char newpacket[65536]; /* Estimate of maximum packet size + * :) */ + int copyat = i; /* Same */ + int iCopy = 0; /* How much data have we written to + * copy-back string? */ + unsigned long org_addr; /* Original IP address */ + unsigned short org_port; /* Original source port + * address */ - DBprintf(("Found DCC\n")); - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway */ - while(sptr[i] == ' ') { - if( ++i >= dlen) { - DBprintf(("DCC packet terminated in just spaces\n")); - goto lPACKET_DONE; - } - } +lCTCP_START: + if (i >= dlen || iCopy >= sizeof(newpacket)) + goto lPACKET_DONE; + newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start + * character */ + /* Start of a CTCP */ + if (i + 4 >= dlen) /* Too short for DCC */ + goto lBAD_CTCP; + if (sptr[i + 0] != 'D') + goto lBAD_CTCP; + if (sptr[i + 1] != 'C') + goto lBAD_CTCP; + if (sptr[i + 2] != 'C') + goto lBAD_CTCP; + if (sptr[i + 3] != ' ') + goto lBAD_CTCP; + /* We have a DCC command - handle it! */ + i += 4; /* Skip "DCC " */ + if (iCopy + 4 > sizeof(newpacket)) + goto lPACKET_DONE; + newpacket[iCopy++] = 'D'; + newpacket[iCopy++] = 'C'; + newpacket[iCopy++] = 'C'; + newpacket[iCopy++] = ' '; - DBprintf(("Transferring command...\n")); - while(sptr[i] != ' ') { - newpacket[iCopy++] = sptr[i]; - if( ++i >= dlen || iCopy >= sizeof(newpacket) ) { - DBprintf(("DCC packet terminated during command\n")); - goto lPACKET_DONE; - } - } - /* Copy _one_ space */ - if( i+1 < dlen && iCopy < sizeof(newpacket) ) - newpacket[iCopy++] = sptr[i++]; + DBprintf(("Found DCC\n")); + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("DCC packet terminated in just spaces\n")); + goto lPACKET_DONE; + } + } - DBprintf(("Done command - removing spaces\n")); - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway */ - while(sptr[i] == ' ') { - if( ++i >= dlen ) { - DBprintf(("DCC packet terminated in just spaces (post-command)\n")); - goto lPACKET_DONE; - } - } + DBprintf(("Transferring command...\n")); + while (sptr[i] != ' ') { + newpacket[iCopy++] = sptr[i]; + if (++i >= dlen || iCopy >= sizeof(newpacket)) { + DBprintf(("DCC packet terminated during command\n")); + goto lPACKET_DONE; + } + } + /* Copy _one_ space */ + if (i + 1 < dlen && iCopy < sizeof(newpacket)) + newpacket[iCopy++] = sptr[i++]; - DBprintf(("Transferring filename...\n")); - while(sptr[i] != ' ') { - newpacket[iCopy++] = sptr[i]; - if( ++i >= dlen || iCopy >= sizeof(newpacket) ) { - DBprintf(("DCC packet terminated during filename\n")); - goto lPACKET_DONE; - } - } - /* Copy _one_ space */ - if( i+1 < dlen && iCopy < sizeof(newpacket) ) - newpacket[iCopy++] = sptr[i++]; + DBprintf(("Done command - removing spaces\n")); + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("DCC packet terminated in just spaces (post-command)\n")); + goto lPACKET_DONE; + } + } - DBprintf(("Done filename - removing spaces\n")); - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway */ - while(sptr[i] == ' ') { - if( ++i >= dlen ) { - DBprintf(("DCC packet terminated in just spaces (post-filename)\n")); - goto lPACKET_DONE; - } - } + DBprintf(("Transferring filename...\n")); + while (sptr[i] != ' ') { + newpacket[iCopy++] = sptr[i]; + if (++i >= dlen || iCopy >= sizeof(newpacket)) { + DBprintf(("DCC packet terminated during filename\n")); + goto lPACKET_DONE; + } + } + /* Copy _one_ space */ + if (i + 1 < dlen && iCopy < sizeof(newpacket)) + newpacket[iCopy++] = sptr[i++]; - DBprintf(("Fetching IP address\n")); - /* Fetch IP address */ - org_addr = 0; - while(i ULONG_MAX/10UL ) { /* Terminate on overflow */ - DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i])); - goto lBAD_CTCP; - } - org_addr *= 10; - org_addr += sptr[i++]-'0'; - } - DBprintf(("Skipping space\n")); - if( i+1 >= dlen || sptr[i] != ' ' ) { - DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i+1, dlen, sptr[i])); - goto lBAD_CTCP; - } - /* Skip any extra spaces (should not occur according to - protocol, but DCC breaks CTCP protocol anyway, so we might - as well play it safe */ - while(sptr[i] == ' ') { - if( ++i >= dlen ) { - DBprintf(("Packet failure - space overflow.\n")); - goto lPACKET_DONE; - } - } - DBprintf(("Fetching port number\n")); - /* Fetch source port */ - org_port = 0; - while(i 6554 ) { /* Terminate on overflow (65536/10 rounded up*/ - DBprintf(("DCC: port number overflow\n")); - goto lBAD_CTCP; - } - org_port *= 10; - org_port += sptr[i++]-'0'; - } - /* Skip illegal addresses (or early termination) */ - if( i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ') ) { - DBprintf(("Bad port termination\n")); - goto lBAD_CTCP; - } - DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port)); + DBprintf(("Done filename - removing spaces\n")); + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("DCC packet terminated in just spaces (post-filename)\n")); + goto lPACKET_DONE; + } + } - /* We've got the address and port - now alias it */ - { - struct alias_link *dcc_link; - struct in_addr destaddr; + DBprintf(("Fetching IP address\n")); + /* Fetch IP address */ + org_addr = 0; + while (i < dlen && isdigit(sptr[i])) { + if (org_addr > ULONG_MAX / 10UL) { /* Terminate on overflow */ + DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i])); + goto lBAD_CTCP; + } + org_addr *= 10; + org_addr += sptr[i++] - '0'; + } + DBprintf(("Skipping space\n")); + if (i + 1 >= dlen || sptr[i] != ' ') { + DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i + 1, dlen, sptr[i])); + goto lBAD_CTCP; + } + /* + * Skip any extra spaces (should not occur according to + * protocol, but DCC breaks CTCP protocol anyway, so we + * might as well play it safe + */ + while (sptr[i] == ' ') { + if (++i >= dlen) { + DBprintf(("Packet failure - space overflow.\n")); + goto lPACKET_DONE; + } + } + DBprintf(("Fetching port number\n")); + /* Fetch source port */ + org_port = 0; + while (i < dlen && isdigit(sptr[i])) { + if (org_port > 6554) { /* Terminate on overflow + * (65536/10 rounded up */ + DBprintf(("DCC: port number overflow\n")); + goto lBAD_CTCP; + } + org_port *= 10; + org_port += sptr[i++] - '0'; + } + /* Skip illegal addresses (or early termination) */ + if (i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ')) { + DBprintf(("Bad port termination\n")); + goto lBAD_CTCP; + } + DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port)); + + /* We've got the address and port - now alias it */ + { + struct alias_link *dcc_link; + struct in_addr destaddr; - true_port = htons(org_port); - true_addr.s_addr = htonl(org_addr); - destaddr.s_addr = 0; + true_port = htons(org_port); + true_addr.s_addr = htonl(org_addr); + destaddr.s_addr = 0; - /* Sanity/Security checking */ - if (!org_addr || !org_port || - pip->ip_src.s_addr != true_addr.s_addr || - org_port < IPPORT_RESERVED) - goto lBAD_CTCP; + /* Sanity/Security checking */ + if (!org_addr || !org_port || + pip->ip_src.s_addr != true_addr.s_addr || + org_port < IPPORT_RESERVED) + goto lBAD_CTCP; - /* Steal the FTP_DATA_PORT - it doesn't really matter, and this - would probably allow it through at least _some_ - firewalls. */ - dcc_link = FindUdpTcpOut(la, true_addr, destaddr, - true_port, 0, - IPPROTO_TCP, 1); - DBprintf(("Got a DCC link\n")); - if ( dcc_link ) { - struct in_addr alias_address; /* Address from aliasing */ - u_short alias_port; /* Port given by aliasing */ - int n; + /* + * Steal the FTP_DATA_PORT - it doesn't really + * matter, and this would probably allow it through + * at least _some_ firewalls. + */ + dcc_link = FindUdpTcpOut(la, true_addr, destaddr, + true_port, 0, + IPPROTO_TCP, 1); + DBprintf(("Got a DCC link\n")); + if (dcc_link) { + struct in_addr alias_address; /* Address from aliasing */ + u_short alias_port; /* Port given by + * aliasing */ + int n; #ifndef NO_FW_PUNCH - /* Generate firewall hole as appropriate */ - PunchFWHole(dcc_link); + /* Generate firewall hole as appropriate */ + PunchFWHole(dcc_link); #endif - alias_address = GetAliasAddress(link); - n = snprintf(&newpacket[iCopy], - sizeof(newpacket)-iCopy, - "%lu ", (u_long)htonl(alias_address.s_addr)); - if( n < 0 ) { - DBprintf(("DCC packet construct failure.\n")); - goto lBAD_CTCP; - } - if( (iCopy += n) >= sizeof(newpacket) ) { /* Truncated/fit exactly - bad news */ - DBprintf(("DCC constructed packet overflow.\n")); - goto lBAD_CTCP; - } - alias_port = GetAliasPort(dcc_link); - n = snprintf(&newpacket[iCopy], - sizeof(newpacket)-iCopy, - "%u", htons(alias_port) ); - if( n < 0 ) { - DBprintf(("DCC packet construct failure.\n")); - goto lBAD_CTCP; - } - iCopy += n; - /* Done - truncated cases will be taken care of by lBAD_CTCP */ - DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port)); - } - } - /* An uninteresting CTCP - state entered right after '\001' has - been pushed. Also used to copy the rest of a DCC, after IP - address and port has been handled */ - lBAD_CTCP: - for(; i maxsize-copyat ? maxsize-copyat : iCopy; - memcpy(sptr+copyat, newpacket, iCopy); + alias_address = GetAliasAddress(link); + n = snprintf(&newpacket[iCopy], + sizeof(newpacket) - iCopy, + "%lu ", (u_long) htonl(alias_address.s_addr)); + if (n < 0) { + DBprintf(("DCC packet construct failure.\n")); + goto lBAD_CTCP; + } + if ((iCopy += n) >= sizeof(newpacket)) { /* Truncated/fit exactly + * - bad news */ + DBprintf(("DCC constructed packet overflow.\n")); + goto lBAD_CTCP; + } + alias_port = GetAliasPort(dcc_link); + n = snprintf(&newpacket[iCopy], + sizeof(newpacket) - iCopy, + "%u", htons(alias_port)); + if (n < 0) { + DBprintf(("DCC packet construct failure.\n")); + goto lBAD_CTCP; + } + iCopy += n; + /* + * Done - truncated cases will be taken + * care of by lBAD_CTCP + */ + DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port)); + } + } + /* + * An uninteresting CTCP - state entered right after '\001' + * has been pushed. Also used to copy the rest of a DCC, + * after IP address and port has been handled + */ +lBAD_CTCP: + for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) { + newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ + if (sptr[i] == '\001') { + goto lNORMAL_TEXT; + } + } + goto lPACKET_DONE; + /* Normal text */ +lNORMAL_TEXT: + for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) { + newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ + if (sptr[i] == '\001') { + goto lCTCP_START; + } + } + /* Handle the end of a packet */ +lPACKET_DONE: + iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy; + memcpy(sptr + copyat, newpacket, iCopy); /* Save information regarding modified seq and ack numbers */ - { - int delta; + { + int delta; - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta+copyat+iCopy-dlen); - } + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + copyat + iCopy - dlen); + } - /* Revise IP header */ - { - u_short new_len; + /* Revise IP header */ + { + u_short new_len; - new_len = htons(hlen + iCopy + copyat); - DifferentialChecksum(&pip->ip_sum, - &new_len, - &pip->ip_len, - 1); - pip->ip_len = new_len; - } + new_len = htons(hlen + iCopy + copyat); + DifferentialChecksum(&pip->ip_sum, + &new_len, + &pip->ip_len, + 1); + pip->ip_len = new_len; + } - /* Compute TCP checksum for revised packet */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); - return; - } + /* Compute TCP checksum for revised packet */ + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); + return; + } } /* Notes: diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h index 0ed289a40c4f..420a4353d2c1 100644 --- a/sys/netinet/libalias/alias_local.h +++ b/sys/netinet/libalias/alias_local.h @@ -55,80 +55,84 @@ struct proxy_entry; struct libalias { - LIST_ENTRY(libalias) instancelist; + LIST_ENTRY(libalias) instancelist; - int packetAliasMode; /* Mode flags */ - /* - documented in alias.h */ + int packetAliasMode; /* Mode flags */ + /* - documented in alias.h */ - struct in_addr aliasAddress; /* Address written onto source */ - /* field of IP packet. */ + struct in_addr aliasAddress; /* Address written onto source */ + /* field of IP packet. */ - struct in_addr targetAddress; /* IP address incoming packets */ - /* are sent to if no aliasing */ - /* link already exists */ + struct in_addr targetAddress; /* IP address incoming packets */ + /* are sent to if no aliasing */ + /* link already exists */ - struct in_addr nullAddress; /* Used as a dummy parameter for */ - /* some function calls */ + struct in_addr nullAddress; /* Used as a dummy parameter for */ + /* some function calls */ - LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; - /* Lookup table of pointers to */ - /* chains of link records. Each */ + LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; + /* Lookup table of pointers to */ + /* chains of link records. Each */ - LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; - /* link record is doubly indexed */ - /* into input and output lookup */ - /* tables. */ + LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; + /* link record is doubly indexed */ + /* into input and output lookup */ + /* tables. */ - /* Link statistics */ - int icmpLinkCount; - int udpLinkCount; - int tcpLinkCount; - int pptpLinkCount; - int protoLinkCount; - int fragmentIdLinkCount; - int fragmentPtrLinkCount; - int sockCount; + /* Link statistics */ + int icmpLinkCount; + int udpLinkCount; + int tcpLinkCount; + int pptpLinkCount; + int protoLinkCount; + int fragmentIdLinkCount; + int fragmentPtrLinkCount; + int sockCount; - int cleanupIndex; /* Index to chain of link table */ - /* being inspected for old links */ + int cleanupIndex; /* Index to chain of link table */ + /* being inspected for old links */ - int timeStamp; /* System time in seconds for */ - /* current packet */ + int timeStamp; /* System time in seconds for */ + /* current packet */ - int lastCleanupTime; /* Last time IncrementalCleanup() */ - /* was called */ + int lastCleanupTime; /* Last time + * IncrementalCleanup() */ + /* was called */ - int houseKeepingResidual; /* used by HouseKeeping() */ + int houseKeepingResidual; /* used by HouseKeeping() */ - int deleteAllLinks; /* If equal to zero, DeleteLink() */ - /* will not remove permanent links */ + int deleteAllLinks; /* If equal to zero, DeleteLink() */ + /* will not remove permanent links */ - FILE *monitorFile; /* File descriptor for link */ - /* statistics monitoring file */ + FILE *monitorFile; /* File descriptor for link */ + /* statistics monitoring file */ - int newDefaultLink; /* Indicates if a new aliasing */ - /* link has been created after a */ - /* call to PacketAliasIn/Out(). */ + int newDefaultLink; /* Indicates if a new aliasing */ + /* link has been created after a */ + /* call to PacketAliasIn/Out(). */ #ifndef NO_FW_PUNCH - int fireWallFD; /* File descriptor to be able to */ - /* control firewall. Opened by */ - /* PacketAliasSetMode on first */ - /* setting the PKT_ALIAS_PUNCH_FW */ - /* flag. */ - int fireWallBaseNum; /* The first firewall entry free for our use */ - int fireWallNumNums; /* How many entries can we use? */ - int fireWallActiveNum; /* Which entry did we last use? */ - char *fireWallField; /* bool array for entries */ + int fireWallFD; /* File descriptor to be able to */ + /* control firewall. Opened by */ + /* PacketAliasSetMode on first */ + /* setting the PKT_ALIAS_PUNCH_FW */ + /* flag. */ + int fireWallBaseNum; /* The first firewall entry + * free for our use */ + int fireWallNumNums; /* How many entries can we + * use? */ + int fireWallActiveNum; /* Which entry did we last + * use? */ + char *fireWallField; /* bool array for entries */ #endif - unsigned int skinnyPort; /* TCP port used by the Skinny */ - /* protocol. */ + unsigned int skinnyPort; /* TCP port used by the Skinny */ + /* protocol. */ struct proxy_entry *proxyList; - struct in_addr true_addr; /* in network byte order. */ - u_short true_port; /* in host byte order. */ + struct in_addr true_addr; /* in network byte order. */ + u_short true_port; /* in host byte order. */ }; @@ -161,148 +165,159 @@ struct libalias { /* Prototypes */ /* General utilities */ -u_short IpChecksum(struct ip *_pip); -u_short TcpChecksum(struct ip *_pip); -void DifferentialChecksum(u_short *_cksum, u_short *_new, u_short *_old, - int _n); +u_short IpChecksum(struct ip *_pip); +u_short TcpChecksum(struct ip *_pip); +void +DifferentialChecksum(u_short * _cksum, u_short * _new, u_short * _old, + int _n); /* Internal data access */ struct alias_link * - FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _id_alias, int _create); +FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _id_alias, int _create); struct alias_link * - FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_short _id, int _create); +FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_short _id, int _create); struct alias_link * - FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _ip_id); +FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _ip_id); struct alias_link * - FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _ip_id); +FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _ip_id); struct alias_link * - AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); + AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * - FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); + FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * - FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_char _proto); +FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_char _proto); struct alias_link * - FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_char _proto); +FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_char _proto); struct alias_link * - FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _dst_port, u_short _alias_port, u_char _proto, int _create); +FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _dst_port, u_short _alias_port, u_char _proto, int _create); struct alias_link * - FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_short _src_port, u_short _dst_port, u_char _proto, int _create); +FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_short _src_port, u_short _dst_port, u_char _proto, int _create); struct alias_link * - AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - struct in_addr _alias_addr, u_int16_t _src_call_id); +AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_int16_t _src_call_id); struct alias_link * - FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr, - struct in_addr _dst_addr, u_int16_t _src_call_id); +FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr, + struct in_addr _dst_addr, u_int16_t _src_call_id); struct alias_link * - FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr, - struct in_addr _alias_addr, u_int16_t _dst_call_id); +FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_int16_t _dst_call_id); struct alias_link * - FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr, - struct in_addr _dst_addr, u_int16_t _dst_call_id); +FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr, + struct in_addr _dst_addr, u_int16_t _dst_call_id); struct alias_link * - FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr, - struct in_addr _alias_addr, u_int16_t _alias_call_id); +FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_int16_t _alias_call_id); struct alias_link * - FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, - u_short _src_port, u_short _alias_port, u_char _proto); +FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, + u_short _src_port, u_short _alias_port, u_char _proto); struct in_addr - FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); + FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); struct in_addr - FindAliasAddress(struct libalias *la, struct in_addr _original_addr); + FindAliasAddress(struct libalias *la, struct in_addr _original_addr); /* External data access/modification */ -int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _src_port, u_short _dst_port, u_short _port_count, - u_char _proto, u_char _align); -void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr); -void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr); -void GetFragmentPtr(struct alias_link *_link, char **_fptr); -void SetFragmentPtr(struct alias_link *_link, char *fptr); -void SetStateIn(struct alias_link *_link, int _state); -void SetStateOut(struct alias_link *_link, int _state); -int GetStateIn(struct alias_link *_link); -int GetStateOut(struct alias_link *_link); +int +FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, + u_short _src_port, u_short _dst_port, u_short _port_count, + u_char _proto, u_char _align); +void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr); +void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr); +void GetFragmentPtr(struct alias_link *_link, char **_fptr); +void SetFragmentPtr(struct alias_link *_link, char *fptr); +void SetStateIn(struct alias_link *_link, int _state); +void SetStateOut(struct alias_link *_link, int _state); +int GetStateIn (struct alias_link *_link); +int GetStateOut(struct alias_link *_link); struct in_addr - GetOriginalAddress(struct alias_link *_link); + GetOriginalAddress(struct alias_link *_link); struct in_addr - GetDestAddress(struct alias_link *_link); + GetDestAddress(struct alias_link *_link); struct in_addr - GetAliasAddress(struct alias_link *_link); + GetAliasAddress(struct alias_link *_link); struct in_addr - GetDefaultAliasAddress(struct libalias *la); -void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr); -u_short GetOriginalPort(struct alias_link *_link); -u_short GetAliasPort(struct alias_link *_link); + GetDefaultAliasAddress(struct libalias *la); +void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr); +u_short GetOriginalPort(struct alias_link *_link); +u_short GetAliasPort(struct alias_link *_link); struct in_addr - GetProxyAddress(struct alias_link *_link); -void SetProxyAddress(struct alias_link *_link, struct in_addr _addr); -u_short GetProxyPort(struct alias_link *_link); -void SetProxyPort(struct alias_link *_link, u_short _port); -void SetAckModified(struct alias_link *_link); -int GetAckModified(struct alias_link *_link); -int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link); -int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link); -void AddSeq(struct ip *_pip, struct alias_link *_link, int _delta); -void SetExpire(struct alias_link *_link, int _expire); -void ClearCheckNewLink(struct libalias *la); -void SetProtocolFlags(struct alias_link *_link, int _pflags); -int GetProtocolFlags(struct alias_link *_link); -void SetDestCallId(struct alias_link *_link, u_int16_t _cid); + GetProxyAddress(struct alias_link *_link); +void SetProxyAddress(struct alias_link *_link, struct in_addr _addr); +u_short GetProxyPort(struct alias_link *_link); +void SetProxyPort(struct alias_link *_link, u_short _port); +void SetAckModified(struct alias_link *_link); +int GetAckModified(struct alias_link *_link); +int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link); +int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link); +void AddSeq (struct ip *_pip, struct alias_link *_link, int _delta); +void SetExpire (struct alias_link *_link, int _expire); +void ClearCheckNewLink(struct libalias *la); +void SetProtocolFlags(struct alias_link *_link, int _pflags); +int GetProtocolFlags(struct alias_link *_link); +void SetDestCallId(struct alias_link *_link, u_int16_t _cid); + #ifndef NO_FW_PUNCH -void PunchFWHole(struct alias_link *_link); +void PunchFWHole(struct alias_link *_link); + #endif /* Housekeeping function */ -void HouseKeeping(struct libalias *); +void HouseKeeping(struct libalias *); /* Tcp specfic routines */ /* lint -save -library Suppress flexelint warnings */ /* FTP routines */ -void AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, - int _maxpacketsize); +void +AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, + int _maxpacketsize); /* IRC routines */ -void AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, - int _maxsize); +void +AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, + int _maxsize); /* RTSP routines */ -void AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, - int _maxpacketsize); +void +AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link, + int _maxpacketsize); /* PPTP routines */ -void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); -void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link); -int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip); -int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip); +void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); +void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link); +int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip); +int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip); /* NetBIOS routines */ -int AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link, - struct in_addr *_alias_address, u_short _alias_port); -int AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link, - struct in_addr *_alias_address, u_short *_alias_port, - struct in_addr *_original_address, u_short *_original_port); +int +AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link, + struct in_addr *_alias_address, u_short _alias_port); +int +AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link, + struct in_addr *_alias_address, u_short * _alias_port, + struct in_addr *_original_address, u_short * _original_port); /* CUSeeMe routines */ -void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); -void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr); +void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link); +void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr); /* Skinny routines */ -void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link); +void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link); /* Transparent proxy routines */ -int ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr, - u_short *_proxy_server_port); -void ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip, - int _maxpacketsize, int _proxy_type); +int +ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr, + u_short * _proxy_server_port); +void +ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip, + int _maxpacketsize, int _proxy_type); enum alias_tcp_state { ALIAS_TCP_STATE_NOT_CONNECTED, @@ -312,4 +327,4 @@ enum alias_tcp_state { /*lint -restore */ -#endif /* !_ALIAS_LOCAL_H_ */ +#endif /* !_ALIAS_LOCAL_H_ */ diff --git a/sys/netinet/libalias/alias_nbt.c b/sys/netinet/libalias/alias_nbt.c index 9ff9cf0e58d1..fc5fa8422f9b 100644 --- a/sys/netinet/libalias/alias_nbt.c +++ b/sys/netinet/libalias/alias_nbt.c @@ -55,22 +55,22 @@ __FBSDID("$FreeBSD$"); #include "alias_local.h" typedef struct { - struct in_addr oldaddr; - u_short oldport; - struct in_addr newaddr; - u_short newport; - u_short *uh_sum; -} NBTArguments; + struct in_addr oldaddr; + u_short oldport; + struct in_addr newaddr; + u_short newport; + u_short *uh_sum; +} NBTArguments; typedef struct { - unsigned char type; - unsigned char flags; - u_short id; - struct in_addr source_ip; - u_short source_port; - u_short len; - u_short offset; -} NbtDataHeader; + unsigned char type; + unsigned char flags; + u_short id; + struct in_addr source_ip; + u_short source_port; + u_short len; + u_short offset; +} NbtDataHeader; #define OpQuery 0 #define OpUnknown 4 @@ -79,13 +79,13 @@ typedef struct { #define OpWACK 7 #define OpRefresh 8 typedef struct { - u_short nametrid; - u_short dir:1, opcode:4, nmflags:7, rcode:4; - u_short qdcount; - u_short ancount; - u_short nscount; - u_short arcount; -} NbtNSHeader; + u_short nametrid; + u_short dir: 1, opcode:4, nmflags:7, rcode:4; + u_short qdcount; + u_short ancount; + u_short nscount; + u_short arcount; +} NbtNSHeader; #define FMT_ERR 0x1 #define SRV_ERR 0x2 @@ -96,56 +96,61 @@ typedef struct { #ifdef DEBUG -static void PrintRcode( u_char rcode ) { +static void +PrintRcode(u_char rcode) +{ switch (rcode) { case FMT_ERR: - printf("\nFormat Error."); - case SRV_ERR: - printf("\nSever failure."); - case IMP_ERR: - printf("\nUnsupported request error.\n"); - case RFS_ERR: - printf("\nRefused error.\n"); - case ACT_ERR: - printf("\nActive error.\n"); - case CFT_ERR: - printf("\nName in conflict error.\n"); - default: - printf("\n?%c?=%0x\n", '?', rcode ); + printf("\nFormat Error."); + case SRV_ERR: + printf("\nSever failure."); + case IMP_ERR: + printf("\nUnsupported request error.\n"); + case RFS_ERR: + printf("\nRefused error.\n"); + case ACT_ERR: + printf("\nActive error.\n"); + case CFT_ERR: + printf("\nName in conflict error.\n"); + default: + printf("\n?%c?=%0x\n", '?', rcode); } } + #endif /* Handling Name field */ -static u_char *AliasHandleName ( u_char *p, char *pmax ) { +static u_char * +AliasHandleName(u_char * p, char *pmax) +{ u_char *s; u_char c; - int compress; + int compress; /* Following length field */ if (p == NULL || (char *)p >= pmax) - return(NULL); + return (NULL); - if (*p & 0xc0 ) { + if (*p & 0xc0) { p = p + 2; if ((char *)p > pmax) - return(NULL); - return ((u_char *)p); + return (NULL); + return ((u_char *) p); } - while ( ( *p & 0x3f) != 0x00 ) { + while ((*p & 0x3f) != 0x00) { s = p + 1; - if ( *p == 0x20 ) + if (*p == 0x20) compress = 1; else compress = 0; - /* Get next length field */ - p = (u_char *)(p + (*p & 0x3f) + 1); + /* Get next length field */ + p = (u_char *) (p + (*p & 0x3f) + 1); if ((char *)p > pmax) { p = NULL; break; @@ -154,15 +159,15 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) { printf(":"); #endif while (s < p) { - if ( compress == 1 ) { - c = (u_char )(((((*s & 0x0f) << 4) | (*(s+1) & 0x0f)) - 0x11)); + if (compress == 1) { + c = (u_char) (((((*s & 0x0f) << 4) | (*(s + 1) & 0x0f)) - 0x11)); #ifdef DEBUG - if (isprint( c ) ) - printf("%c", c ); + if (isprint(c)) + printf("%c", c); else - printf("<0x%02x>", c ); + printf("<0x%02x>", c); #endif - s +=2; + s += 2; } else { #ifdef DEBUG printf("%c", *s); @@ -174,14 +179,14 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) { printf(":"); #endif fflush(stdout); - } + } /* Set up to out of Name field */ if (p == NULL || (char *)p >= pmax) - p = NULL; + p = NULL; else - p++; - return ((u_char *)p); + p++; + return ((u_char *) p); } /* @@ -195,58 +200,61 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) { #define DGM_POSITIVE_RES 0x15 #define DGM_NEGATIVE_RES 0x16 -int AliasHandleUdpNbt( - struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link, - struct in_addr *alias_address, - u_short alias_port -) { - struct udphdr * uh; - NbtDataHeader *ndh; - u_char *p = NULL; - char *pmax; +int +AliasHandleUdpNbt( + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link, + struct in_addr *alias_address, + u_short alias_port +) +{ + struct udphdr *uh; + NbtDataHeader *ndh; + u_char *p = NULL; + char *pmax; - /* Calculate data length of UDP packet */ - uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); - pmax = (char *)uh + ntohs( uh->uh_ulen ); + /* Calculate data length of UDP packet */ + uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + pmax = (char *)uh + ntohs(uh->uh_ulen); - ndh = (NbtDataHeader *)((char *)uh + (sizeof (struct udphdr))); - if ((char *)(ndh + 1) > pmax) - return(-1); + ndh = (NbtDataHeader *) ((char *)uh + (sizeof(struct udphdr))); + if ((char *)(ndh + 1) > pmax) + return (-1); #ifdef DEBUG - printf("\nType=%02x,", ndh->type ); + printf("\nType=%02x,", ndh->type); #endif - switch ( ndh->type ) { - case DGM_DIRECT_UNIQ: - case DGM_DIRECT_GROUP: - case DGM_BROADCAST: - p = (u_char *)ndh + 14; - p = AliasHandleName ( p, pmax ); /* Source Name */ - p = AliasHandleName ( p, pmax ); /* Destination Name */ - break; - case DGM_ERROR: - p = (u_char *)ndh + 11; - break; - case DGM_QUERY: - case DGM_POSITIVE_RES: - case DGM_NEGATIVE_RES: - p = (u_char *)ndh + 10; - p = AliasHandleName ( p, pmax ); /* Destination Name */ - break; + switch (ndh->type) { + case DGM_DIRECT_UNIQ: + case DGM_DIRECT_GROUP: + case DGM_BROADCAST: + p = (u_char *) ndh + 14; + p = AliasHandleName(p, pmax); /* Source Name */ + p = AliasHandleName(p, pmax); /* Destination Name */ + break; + case DGM_ERROR: + p = (u_char *) ndh + 11; + break; + case DGM_QUERY: + case DGM_POSITIVE_RES: + case DGM_NEGATIVE_RES: + p = (u_char *) ndh + 10; + p = AliasHandleName(p, pmax); /* Destination Name */ + break; } - if (p == NULL || (char *)p > pmax) - p = NULL; + if (p == NULL || (char *)p > pmax) + p = NULL; #ifdef DEBUG - printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) ); + printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port)); #endif /* Doing an IP address and Port number Translation */ - if ( uh->uh_sum != 0 ) { - int acc; - u_short *sptr; - acc = ndh->source_port; + if (uh->uh_sum != 0) { + int acc; + u_short *sptr; + + acc = ndh->source_port; acc -= alias_port; - sptr = (u_short *) &(ndh->source_ip); + sptr = (u_short *) & (ndh->source_ip); acc += *sptr++; acc += *sptr; sptr = (u_short *) alias_address; @@ -254,49 +262,49 @@ int AliasHandleUdpNbt( acc -= *sptr; ADJUST_CHECKSUM(acc, uh->uh_sum); } - ndh->source_ip = *alias_address; - ndh->source_port = alias_port; + ndh->source_ip = *alias_address; + ndh->source_port = alias_port; #ifdef DEBUG - printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) ); + printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port)); fflush(stdout); #endif - return((p == NULL) ? -1 : 0); + return ((p == NULL) ? -1 : 0); } + /* Question Section */ #define QS_TYPE_NB 0x0020 #define QS_TYPE_NBSTAT 0x0021 #define QS_CLAS_IN 0x0001 typedef struct { - u_short type; /* The type of Request */ - u_short class; /* The class of Request */ -} NBTNsQuestion; + u_short type; /* The type of Request */ + u_short class; /* The class of Request */ +} NBTNsQuestion; -static u_char * +static u_char * AliasHandleQuestion( u_short count, - NBTNsQuestion *q, + NBTNsQuestion * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - while ( count != 0 ) { + while (count != 0) { /* Name Filed */ - q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax); + q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax); if (q == NULL || (char *)(q + 1) > pmax) { q = NULL; break; } - /* Type and Class filed */ - switch ( ntohs(q->type) ) { - case QS_TYPE_NB: - case QS_TYPE_NBSTAT: - q= q+1; + switch (ntohs(q->type)) { + case QS_TYPE_NB: + case QS_TYPE_NBSTAT: + q = q + 1; break; - default: + default: #ifdef DEBUG - printf("\nUnknown Type on Question %0x\n", ntohs(q->type) ); + printf("\nUnknown Type on Question %0x\n", ntohs(q->type)); #endif break; } @@ -304,7 +312,7 @@ AliasHandleQuestion( } /* Set up to out of Question Section */ - return ((u_char *)q); + return ((u_char *) q); } /* Resource Record */ @@ -316,101 +324,99 @@ AliasHandleQuestion( #define RR_CLAS_IN 0x0001 #define SizeOfNsResource 8 typedef struct { - u_short type; - u_short class; - unsigned int ttl; - u_short rdlen; -} NBTNsResource; + u_short type; + u_short class; + unsigned int ttl; + u_short rdlen; +} NBTNsResource; #define SizeOfNsRNB 6 typedef struct { - u_short g:1, ont:2, resv:13; - struct in_addr addr; -} NBTNsRNB; + u_short g: 1 , ont:2, resv:13; + struct in_addr addr; +} NBTNsRNB; -static u_char * +static u_char * AliasHandleResourceNB( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsRNB *nb; + NBTNsRNB *nb; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Check out a length */ bcount = ntohs(q->rdlen); /* Forward to Resource NB position */ - nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource); + nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource); /* Processing all in_addr array */ #ifdef DEBUG printf("NB rec[%s", inet_ntoa(nbtarg->oldaddr)); - printf("->%s, %dbytes] ",inet_ntoa(nbtarg->newaddr ), bcount); + printf("->%s, %dbytes] ", inet_ntoa(nbtarg->newaddr), bcount); #endif - while ( nb != NULL && bcount != 0 ) { + while (nb != NULL && bcount != 0) { if ((char *)(nb + 1) > pmax) { nb = NULL; break; } #ifdef DEBUG - printf("<%s>", inet_ntoa(nb->addr) ); + printf("<%s>", inet_ntoa(nb->addr)); #endif - if (!bcmp(&nbtarg->oldaddr,&nb->addr, sizeof(struct in_addr) ) ) { - if ( *nbtarg->uh_sum != 0 ) { - int acc; - u_short *sptr; + if (!bcmp(&nbtarg->oldaddr, &nb->addr, sizeof(struct in_addr))) { + if (*nbtarg->uh_sum != 0) { + int acc; + u_short *sptr; - sptr = (u_short *) &(nb->addr); - acc = *sptr++; - acc += *sptr; - sptr = (u_short *) &(nbtarg->newaddr); - acc -= *sptr++; - acc -= *sptr; - ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); + sptr = (u_short *) & (nb->addr); + acc = *sptr++; + acc += *sptr; + sptr = (u_short *) & (nbtarg->newaddr); + acc -= *sptr++; + acc -= *sptr; + ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); } - nb->addr = nbtarg->newaddr; #ifdef DEBUG printf("O"); #endif } #ifdef DEBUG - else { + else { printf("."); } #endif - nb=(NBTNsRNB *)((u_char *)nb + SizeOfNsRNB); - bcount -= SizeOfNsRNB; + nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB); + bcount -= SizeOfNsRNB; } if (nb == NULL || (char *)(nb + 1) > pmax) { nb = NULL; } - - return ((u_char *)nb); + return ((u_char *) nb); } #define SizeOfResourceA 6 typedef struct { - struct in_addr addr; -} NBTNsResourceA; + struct in_addr addr; +} NBTNsResourceA; -static u_char * +static u_char * AliasHandleResourceA( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceA *a; + NBTNsResourceA *a; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource A position */ - a = (NBTNsResourceA *)( (u_char *)q + sizeof(NBTNsResource) ); + a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); @@ -418,62 +424,61 @@ AliasHandleResourceA( /* Processing all in_addr array */ #ifdef DEBUG printf("Arec [%s", inet_ntoa(nbtarg->oldaddr)); - printf("->%s]",inet_ntoa(nbtarg->newaddr )); + printf("->%s]", inet_ntoa(nbtarg->newaddr)); #endif - while ( bcount != 0 ) { + while (bcount != 0) { if (a == NULL || (char *)(a + 1) > pmax) - return(NULL); + return (NULL); #ifdef DEBUG - printf("..%s", inet_ntoa(a->addr) ); + printf("..%s", inet_ntoa(a->addr)); #endif - if ( !bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr) ) ) { - if ( *nbtarg->uh_sum != 0 ) { - int acc; - u_short *sptr; + if (!bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr))) { + if (*nbtarg->uh_sum != 0) { + int acc; + u_short *sptr; - sptr = (u_short *) &(a->addr); /* Old */ - acc = *sptr++; - acc += *sptr; - sptr = (u_short *) &nbtarg->newaddr; /* New */ - acc -= *sptr++; - acc -= *sptr; - ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); + sptr = (u_short *) & (a->addr); /* Old */ + acc = *sptr++; + acc += *sptr; + sptr = (u_short *) & nbtarg->newaddr; /* New */ + acc -= *sptr++; + acc -= *sptr; + ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); } - a->addr = nbtarg->newaddr; } - a++; /*XXXX*/ + a++; /* XXXX */ bcount -= SizeOfResourceA; } if (a == NULL || (char *)(a + 1) > pmax) - a = NULL; - return ((u_char *)a); + a = NULL; + return ((u_char *) a); } typedef struct { - u_short opcode:4, flags:8, resv:4; -} NBTNsResourceNULL; + u_short opcode:4, flags:8, resv:4; +} NBTNsResourceNULL; -static u_char * +static u_char * AliasHandleResourceNULL( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceNULL *n; + NBTNsResourceNULL *n; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource NULL position */ - n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) ); + n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); /* Processing all in_addr array */ - while ( bcount != 0 ) { + while (bcount != 0) { if ((char *)(n + 1) > pmax) { n = NULL; break; @@ -484,223 +489,220 @@ AliasHandleResourceNULL( if ((char *)(n + 1) > pmax) n = NULL; - return ((u_char *)n); + return ((u_char *) n); } -static u_char * +static u_char * AliasHandleResourceNS( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceNULL *n; + NBTNsResourceNULL *n; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource NULL position */ - n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) ); + n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); /* Resource Record Name Filed */ - q = (NBTNsResource *)AliasHandleName( (u_char *)n, pmax ); /* XXX */ + q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */ - if (q == NULL || (char *)((u_char *)n + bcount) > pmax) - return(NULL); + if (q == NULL || (char *)((u_char *) n + bcount) > pmax) + return (NULL); else - return ((u_char *)n + bcount); + return ((u_char *) n + bcount); } typedef struct { - u_short numnames; -} NBTNsResourceNBSTAT; + u_short numnames; +} NBTNsResourceNBSTAT; -static u_char * +static u_char * AliasHandleResourceNBSTAT( - NBTNsResource *q, + NBTNsResource * q, char *pmax, - NBTArguments *nbtarg) + NBTArguments * nbtarg) { - NBTNsResourceNBSTAT *n; + NBTNsResourceNBSTAT *n; u_short bcount; if (q == NULL || (char *)(q + 1) > pmax) - return(NULL); + return (NULL); /* Forward to Resource NBSTAT position */ - n = (NBTNsResourceNBSTAT *)( (u_char *)q + sizeof(NBTNsResource) ); + n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); - if (q == NULL || (char *)((u_char *)n + bcount) > pmax) - return(NULL); + if (q == NULL || (char *)((u_char *) n + bcount) > pmax) + return (NULL); else - return ((u_char *)n + bcount); + return ((u_char *) n + bcount); } -static u_char * +static u_char * AliasHandleResource( u_short count, - NBTNsResource *q, + NBTNsResource * q, char *pmax, NBTArguments - *nbtarg) + * nbtarg) { - while ( count != 0 ) { + while (count != 0) { /* Resource Record Name Filed */ - q = (NBTNsResource *)AliasHandleName( (u_char *)q, pmax ); + q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax); if (q == NULL || (char *)(q + 1) > pmax) break; #ifdef DEBUG - printf("type=%02x, count=%d\n", ntohs(q->type), count ); + printf("type=%02x, count=%d\n", ntohs(q->type), count); #endif /* Type and Class filed */ - switch ( ntohs(q->type) ) { - case RR_TYPE_NB: - q = (NBTNsResource *)AliasHandleResourceNB( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_A: - q = (NBTNsResource *)AliasHandleResourceA( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_NS: - q = (NBTNsResource *)AliasHandleResourceNS( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_NULL: - q = (NBTNsResource *)AliasHandleResourceNULL( - q, - pmax, - nbtarg - ); - break; - case RR_TYPE_NBSTAT: - q = (NBTNsResource *)AliasHandleResourceNBSTAT( - q, - pmax, - nbtarg - ); - break; - default: + switch (ntohs(q->type)) { + case RR_TYPE_NB: + q = (NBTNsResource *) AliasHandleResourceNB( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_A: + q = (NBTNsResource *) AliasHandleResourceA( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_NS: + q = (NBTNsResource *) AliasHandleResourceNS( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_NULL: + q = (NBTNsResource *) AliasHandleResourceNULL( + q, + pmax, + nbtarg + ); + break; + case RR_TYPE_NBSTAT: + q = (NBTNsResource *) AliasHandleResourceNBSTAT( + q, + pmax, + nbtarg + ); + break; + default: #ifdef DEBUG - printf( - "\nUnknown Type of Resource %0x\n", - ntohs(q->type) - ); + printf( + "\nUnknown Type of Resource %0x\n", + ntohs(q->type) + ); #endif - break; + break; } count--; } fflush(stdout); - return ((u_char *)q); + return ((u_char *) q); } -int AliasHandleUdpNbtNS( - struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link, - struct in_addr *alias_address, - u_short *alias_port, - struct in_addr *original_address, - u_short *original_port ) +int +AliasHandleUdpNbtNS( + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link, + struct in_addr *alias_address, + u_short * alias_port, + struct in_addr *original_address, + u_short * original_port) { - struct udphdr * uh; - NbtNSHeader * nsh; - u_char * p; - char *pmax; - NBTArguments nbtarg; + struct udphdr *uh; + NbtNSHeader *nsh; + u_char *p; + char *pmax; + NBTArguments nbtarg; /* Set up Common Parameter */ - nbtarg.oldaddr = *alias_address; - nbtarg.oldport = *alias_port; - nbtarg.newaddr = *original_address; - nbtarg.newport = *original_port; + nbtarg.oldaddr = *alias_address; + nbtarg.oldport = *alias_port; + nbtarg.newaddr = *original_address; + nbtarg.newport = *original_port; - /* Calculate data length of UDP packet */ - uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); - nbtarg.uh_sum = &(uh->uh_sum); - nsh = (NbtNSHeader *)((char *)uh + (sizeof(struct udphdr))); - p = (u_char *)(nsh + 1); - pmax = (char *)uh + ntohs( uh->uh_ulen ); + /* Calculate data length of UDP packet */ + uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2)); + nbtarg.uh_sum = &(uh->uh_sum); + nsh = (NbtNSHeader *) ((char *)uh + (sizeof(struct udphdr))); + p = (u_char *) (nsh + 1); + pmax = (char *)uh + ntohs(uh->uh_ulen); - if ((char *)(nsh + 1) > pmax) - return(-1); + if ((char *)(nsh + 1) > pmax) + return (-1); #ifdef DEBUG - printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x" - ", an=%04x, ns=%04x, ar=%04x, [%d]-->", - nsh->dir ? "Response": "Request", - nsh->nametrid, - nsh->opcode, - nsh->nmflags, - nsh->rcode, - ntohs(nsh->qdcount), - ntohs(nsh->ancount), - ntohs(nsh->nscount), - ntohs(nsh->arcount), - (u_char *)p -(u_char *)nsh - ); + printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x" + ", an=%04x, ns=%04x, ar=%04x, [%d]-->", + nsh->dir ? "Response" : "Request", + nsh->nametrid, + nsh->opcode, + nsh->nmflags, + nsh->rcode, + ntohs(nsh->qdcount), + ntohs(nsh->ancount), + ntohs(nsh->nscount), + ntohs(nsh->arcount), + (u_char *) p - (u_char *) nsh + ); #endif /* Question Entries */ - if (ntohs(nsh->qdcount) !=0 ) { - p = AliasHandleQuestion( - ntohs(nsh->qdcount), - (NBTNsQuestion *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->qdcount) != 0) { + p = AliasHandleQuestion( + ntohs(nsh->qdcount), + (NBTNsQuestion *) p, + pmax, + &nbtarg + ); } - /* Answer Resource Records */ - if (ntohs(nsh->ancount) !=0 ) { - p = AliasHandleResource( - ntohs(nsh->ancount), - (NBTNsResource *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->ancount) != 0) { + p = AliasHandleResource( + ntohs(nsh->ancount), + (NBTNsResource *) p, + pmax, + &nbtarg + ); } - /* Authority Resource Recodrs */ - if (ntohs(nsh->nscount) !=0 ) { - p = AliasHandleResource( - ntohs(nsh->nscount), - (NBTNsResource *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->nscount) != 0) { + p = AliasHandleResource( + ntohs(nsh->nscount), + (NBTNsResource *) p, + pmax, + &nbtarg + ); } - /* Additional Resource Recodrs */ - if (ntohs(nsh->arcount) !=0 ) { - p = AliasHandleResource( - ntohs(nsh->arcount), - (NBTNsResource *)p, - pmax, - &nbtarg - ); + if (ntohs(nsh->arcount) != 0) { + p = AliasHandleResource( + ntohs(nsh->arcount), + (NBTNsResource *) p, + pmax, + &nbtarg + ); } - #ifdef DEBUG - PrintRcode(nsh->rcode); + PrintRcode(nsh->rcode); #endif - return ((p == NULL) ? -1 : 0); + return ((p == NULL) ? -1 : 0); } diff --git a/sys/netinet/libalias/alias_old.c b/sys/netinet/libalias/alias_old.c index 51e6f32dc67c..5e9be07cc849 100644 --- a/sys/netinet/libalias/alias_old.c +++ b/sys/netinet/libalias/alias_old.c @@ -113,7 +113,7 @@ PacketAliasAddServer(struct alias_link *_link, struct alias_link * PacketAliasRedirectAddr(struct in_addr _src_addr, - struct in_addr _alias_addr) + struct in_addr _alias_addr) { return LibAliasRedirectAddr(la, _src_addr, _alias_addr); @@ -152,7 +152,7 @@ PacketAliasRedirectProto(struct in_addr _src_addr, { return LibAliasRedirectProto(la, _src_addr, _dst_addr, _alias_addr, - _proto); + _proto); } void @@ -162,7 +162,7 @@ PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment) LibAliasFragmentIn(la, _ptr, _ptr_fragment); } -char * +char * PacketAliasGetFragment(char *_ptr) { diff --git a/sys/netinet/libalias/alias_pptp.c b/sys/netinet/libalias/alias_pptp.c index 946ae2fcbbcc..5df60cb2ec8c 100644 --- a/sys/netinet/libalias/alias_pptp.c +++ b/sys/netinet/libalias/alias_pptp.c @@ -80,16 +80,16 @@ __FBSDID("$FreeBSD$"); * PPTP definitions */ -struct grehdr /* Enhanced GRE header. */ -{ - u_int16_t gh_flags; /* Flags. */ - u_int16_t gh_protocol; /* Protocol type. */ - u_int16_t gh_length; /* Payload length. */ - u_int16_t gh_call_id; /* Call ID. */ - u_int32_t gh_seq_no; /* Sequence number (optional). */ - u_int32_t gh_ack_no; /* Acknowledgment number (optional). */ +struct grehdr { /* Enhanced GRE header. */ + u_int16_t gh_flags; /* Flags. */ + u_int16_t gh_protocol; /* Protocol type. */ + u_int16_t gh_length; /* Payload length. */ + u_int16_t gh_call_id; /* Call ID. */ + u_int32_t gh_seq_no; /* Sequence number (optional). */ + u_int32_t gh_ack_no; /* Acknowledgment number + * (optional). */ }; -typedef struct grehdr GreHdr; +typedef struct grehdr GreHdr; /* The PPTP protocol ID used in the GRE 'proto' field. */ #define PPTP_GRE_PROTO 0x880b @@ -102,270 +102,276 @@ typedef struct grehdr GreHdr; #define PPTP_CTRL_MSG_TYPE 1 enum { - PPTP_StartCtrlConnRequest = 1, - PPTP_StartCtrlConnReply = 2, - PPTP_StopCtrlConnRequest = 3, - PPTP_StopCtrlConnReply = 4, - PPTP_EchoRequest = 5, - PPTP_EchoReply = 6, - PPTP_OutCallRequest = 7, - PPTP_OutCallReply = 8, - PPTP_InCallRequest = 9, - PPTP_InCallReply = 10, - PPTP_InCallConn = 11, - PPTP_CallClearRequest = 12, - PPTP_CallDiscNotify = 13, - PPTP_WanErrorNotify = 14, - PPTP_SetLinkInfo = 15 + PPTP_StartCtrlConnRequest = 1, + PPTP_StartCtrlConnReply = 2, + PPTP_StopCtrlConnRequest = 3, + PPTP_StopCtrlConnReply = 4, + PPTP_EchoRequest = 5, + PPTP_EchoReply = 6, + PPTP_OutCallRequest = 7, + PPTP_OutCallReply = 8, + PPTP_InCallRequest = 9, + PPTP_InCallReply = 10, + PPTP_InCallConn = 11, + PPTP_CallClearRequest = 12, + PPTP_CallDiscNotify = 13, + PPTP_WanErrorNotify = 14, + PPTP_SetLinkInfo = 15 }; - /* Message structures */ - struct pptpMsgHead { - u_int16_t length; /* total length */ - u_int16_t msgType; /* PPTP message type */ - u_int32_t magic; /* magic cookie */ - u_int16_t type; /* control message type */ - u_int16_t resv0; /* reserved */ - }; - typedef struct pptpMsgHead *PptpMsgHead; + /* Message structures */ +struct pptpMsgHead { + u_int16_t length; /* total length */ + u_int16_t msgType;/* PPTP message type */ + u_int32_t magic; /* magic cookie */ + u_int16_t type; /* control message type */ + u_int16_t resv0; /* reserved */ +}; +typedef struct pptpMsgHead *PptpMsgHead; - struct pptpCodes { - u_int8_t resCode; /* Result Code */ - u_int8_t errCode; /* Error Code */ - }; - typedef struct pptpCodes *PptpCode; +struct pptpCodes { + u_int8_t resCode;/* Result Code */ + u_int8_t errCode;/* Error Code */ +}; +typedef struct pptpCodes *PptpCode; - struct pptpCallIds { - u_int16_t cid1; /* Call ID field #1 */ - u_int16_t cid2; /* Call ID field #2 */ - }; - typedef struct pptpCallIds *PptpCallId; +struct pptpCallIds { + u_int16_t cid1; /* Call ID field #1 */ + u_int16_t cid2; /* Call ID field #2 */ +}; +typedef struct pptpCallIds *PptpCallId; static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *); void AliasHandlePptpOut(struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link) /* The PPTP control link */ -{ - struct alias_link *pptp_link; - PptpCallId cptr; - PptpCode codes; - u_int16_t ctl_type; /* control message type */ - struct tcphdr *tc; + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link) +{ /* The PPTP control link */ + struct alias_link *pptp_link; + PptpCallId cptr; + PptpCode codes; + u_int16_t ctl_type; /* control message type */ + struct tcphdr *tc; - /* Verify valid PPTP control message */ - if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) - return; - - /* Modify certain PPTP messages */ - switch (ctl_type) { - case PPTP_OutCallRequest: - case PPTP_OutCallReply: - case PPTP_InCallRequest: - case PPTP_InCallReply: - /* Establish PPTP link for address and Call ID found in control message. */ - pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link), - GetAliasAddress(link), cptr->cid1); - break; - case PPTP_CallClearRequest: - case PPTP_CallDiscNotify: - /* Find PPTP link for address and Call ID found in control message. */ - pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link), - GetDestAddress(link), - cptr->cid1); - break; - default: - return; - } - - if (pptp_link != NULL) { - int accumulate = cptr->cid1; - - /* alias the Call Id */ - cptr->cid1 = GetAliasPort(pptp_link); - - /* Compute TCP checksum for revised packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - accumulate -= cptr->cid1; - ADJUST_CHECKSUM(accumulate, tc->th_sum); + /* Verify valid PPTP control message */ + if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) + return; + /* Modify certain PPTP messages */ switch (ctl_type) { + case PPTP_OutCallRequest: case PPTP_OutCallReply: + case PPTP_InCallRequest: case PPTP_InCallReply: - codes = (PptpCode)(cptr + 1); - if (codes->resCode == 1) /* Connection established, */ - SetDestCallId(pptp_link, /* note the Peer's Call ID. */ - cptr->cid2); - else - SetExpire(pptp_link, 0); /* Connection refused. */ - break; - case PPTP_CallDiscNotify: /* Connection closed. */ - SetExpire(pptp_link, 0); - break; + /* + * Establish PPTP link for address and Call ID found in + * control message. + */ + pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link), + GetAliasAddress(link), cptr->cid1); + break; + case PPTP_CallClearRequest: + case PPTP_CallDiscNotify: + /* + * Find PPTP link for address and Call ID found in control + * message. + */ + pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link), + GetDestAddress(link), + cptr->cid1); + break; + default: + return; + } + + if (pptp_link != NULL) { + int accumulate = cptr->cid1; + + /* alias the Call Id */ + cptr->cid1 = GetAliasPort(pptp_link); + + /* Compute TCP checksum for revised packet */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + accumulate -= cptr->cid1; + ADJUST_CHECKSUM(accumulate, tc->th_sum); + + switch (ctl_type) { + case PPTP_OutCallReply: + case PPTP_InCallReply: + codes = (PptpCode) (cptr + 1); + if (codes->resCode == 1) /* Connection + * established, */ + SetDestCallId(pptp_link, /* note the Peer's Call + * ID. */ + cptr->cid2); + else + SetExpire(pptp_link, 0); /* Connection refused. */ + break; + case PPTP_CallDiscNotify: /* Connection closed. */ + SetExpire(pptp_link, 0); + break; + } } - } } void -AliasHandlePptpIn(struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *link) /* The PPTP control link */ -{ - struct alias_link *pptp_link; - PptpCallId cptr; - u_int16_t *pcall_id; - u_int16_t ctl_type; /* control message type */ - struct tcphdr *tc; +AliasHandlePptpIn(struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ + struct alias_link *link) +{ /* The PPTP control link */ + struct alias_link *pptp_link; + PptpCallId cptr; + u_int16_t *pcall_id; + u_int16_t ctl_type; /* control message type */ + struct tcphdr *tc; - /* Verify valid PPTP control message */ - if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) - return; + /* Verify valid PPTP control message */ + if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL) + return; - /* Modify certain PPTP messages */ - switch (ctl_type) - { - case PPTP_InCallConn: - case PPTP_WanErrorNotify: - case PPTP_SetLinkInfo: - pcall_id = &cptr->cid1; - break; - case PPTP_OutCallReply: - case PPTP_InCallReply: - pcall_id = &cptr->cid2; - break; - case PPTP_CallDiscNotify: /* Connection closed. */ - pptp_link = FindPptpInByCallId(la, GetDestAddress(link), - GetAliasAddress(link), - cptr->cid1); - if (pptp_link != NULL) - SetExpire(pptp_link, 0); - return; - default: - return; - } + /* Modify certain PPTP messages */ + switch (ctl_type) { + case PPTP_InCallConn: + case PPTP_WanErrorNotify: + case PPTP_SetLinkInfo: + pcall_id = &cptr->cid1; + break; + case PPTP_OutCallReply: + case PPTP_InCallReply: + pcall_id = &cptr->cid2; + break; + case PPTP_CallDiscNotify: /* Connection closed. */ + pptp_link = FindPptpInByCallId(la, GetDestAddress(link), + GetAliasAddress(link), + cptr->cid1); + if (pptp_link != NULL) + SetExpire(pptp_link, 0); + return; + default: + return; + } - /* Find PPTP link for address and Call ID found in PPTP Control Msg */ - pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link), - GetAliasAddress(link), - *pcall_id); + /* Find PPTP link for address and Call ID found in PPTP Control Msg */ + pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link), + GetAliasAddress(link), + *pcall_id); - if (pptp_link != NULL) { - int accumulate = *pcall_id; + if (pptp_link != NULL) { + int accumulate = *pcall_id; - /* De-alias the Peer's Call Id. */ - *pcall_id = GetOriginalPort(pptp_link); + /* De-alias the Peer's Call Id. */ + *pcall_id = GetOriginalPort(pptp_link); - /* Compute TCP checksum for modified packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - accumulate -= *pcall_id; - ADJUST_CHECKSUM(accumulate, tc->th_sum); + /* Compute TCP checksum for modified packet */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + accumulate -= *pcall_id; + ADJUST_CHECKSUM(accumulate, tc->th_sum); - if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) { - PptpCode codes = (PptpCode)(cptr + 1); + if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) { + PptpCode codes = (PptpCode) (cptr + 1); - if (codes->resCode == 1) /* Connection established, */ - SetDestCallId(pptp_link, /* note the Call ID. */ - cptr->cid1); - else - SetExpire(pptp_link, 0); /* Connection refused. */ - } - } + if (codes->resCode == 1) /* Connection + * established, */ + SetDestCallId(pptp_link, /* note the Call ID. */ + cptr->cid1); + else + SetExpire(pptp_link, 0); /* Connection refused. */ + } + } } -static PptpCallId -AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch */ -{ - int hlen, tlen, dlen; - PptpMsgHead hptr; - struct tcphdr *tc; +static PptpCallId +AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) +{ /* IP packet to examine/patch */ + int hlen, tlen, dlen; + PptpMsgHead hptr; + struct tcphdr *tc; - /* Calculate some lengths */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + /* Calculate some lengths */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - /* Verify data length */ - if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds))) - return(NULL); + /* Verify data length */ + if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds))) + return (NULL); - /* Move up to PPTP message header */ - hptr = (PptpMsgHead)(((char *) pip) + hlen); + /* Move up to PPTP message header */ + hptr = (PptpMsgHead) (((char *)pip) + hlen); - /* Return the control message type */ - *ptype = ntohs(hptr->type); + /* Return the control message type */ + *ptype = ntohs(hptr->type); - /* Verify PPTP Control Message */ - if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) || - (ntohl(hptr->magic) != PPTP_MAGIC)) - return(NULL); + /* Verify PPTP Control Message */ + if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) || + (ntohl(hptr->magic) != PPTP_MAGIC)) + return (NULL); - /* Verify data length. */ - if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) && - (dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) + - sizeof(struct pptpCodes))) - return (NULL); - else - return (PptpCallId)(hptr + 1); + /* Verify data length. */ + if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) && + (dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) + + sizeof(struct pptpCodes))) + return (NULL); + else + return (PptpCallId) (hptr + 1); } int AliasHandlePptpGreOut(struct libalias *la, struct ip *pip) { - GreHdr *gr; - struct alias_link *link; + GreHdr *gr; + struct alias_link *link; - gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2)); + gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2)); - /* Check GRE header bits. */ - if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) - return (-1); + /* Check GRE header bits. */ + if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) + return (-1); - link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); - if (link != NULL) { - struct in_addr alias_addr = GetAliasAddress(link); + link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); + if (link != NULL) { + struct in_addr alias_addr = GetAliasAddress(link); - /* Change source IP address. */ - DifferentialChecksum(&pip->ip_sum, - (u_short *)&alias_addr, - (u_short *)&pip->ip_src, - 2); - pip->ip_src = alias_addr; - } - - return (0); + /* Change source IP address. */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & alias_addr, + (u_short *) & pip->ip_src, + 2); + pip->ip_src = alias_addr; + } + return (0); } int AliasHandlePptpGreIn(struct libalias *la, struct ip *pip) { - GreHdr *gr; - struct alias_link *link; + GreHdr *gr; + struct alias_link *link; - gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2)); + gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2)); - /* Check GRE header bits. */ - if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) - return (-1); + /* Check GRE header bits. */ + if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) + return (-1); - link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); - if (link != NULL) { - struct in_addr src_addr = GetOriginalAddress(link); + link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); + if (link != NULL) { + struct in_addr src_addr = GetOriginalAddress(link); - /* De-alias the Peer's Call Id. */ - gr->gh_call_id = GetOriginalPort(link); + /* De-alias the Peer's Call Id. */ + gr->gh_call_id = GetOriginalPort(link); - /* Restore original IP address. */ - DifferentialChecksum(&pip->ip_sum, - (u_short *)&src_addr, - (u_short *)&pip->ip_dst, - 2); - pip->ip_dst = src_addr; - } - - return (0); + /* Restore original IP address. */ + DifferentialChecksum(&pip->ip_sum, + (u_short *) & src_addr, + (u_short *) & pip->ip_dst, + 2); + pip->ip_dst = src_addr; + } + return (0); } diff --git a/sys/netinet/libalias/alias_proxy.c b/sys/netinet/libalias/alias_proxy.c index 8eb728a71863..cdbe32d1c0aa 100644 --- a/sys/netinet/libalias/alias_proxy.c +++ b/sys/netinet/libalias/alias_proxy.c @@ -71,8 +71,8 @@ __FBSDID("$FreeBSD$"); #include -#include "alias_local.h" /* Functions used by alias*.c */ -#include "alias.h" /* Public API functions for libalias */ +#include "alias_local.h" /* Functions used by alias*.c */ +#include "alias.h" /* Public API functions for libalias */ @@ -84,28 +84,27 @@ __FBSDID("$FreeBSD$"); * A linked list of arbitrary length, based on struct proxy_entry is * used to store proxy rules. */ -struct proxy_entry -{ - struct libalias *la; +struct proxy_entry { + struct libalias *la; #define PROXY_TYPE_ENCODE_NONE 1 #define PROXY_TYPE_ENCODE_TCPSTREAM 2 #define PROXY_TYPE_ENCODE_IPHDR 3 - int rule_index; - int proxy_type; - u_char proto; - u_short proxy_port; - u_short server_port; + int rule_index; + int proxy_type; + u_char proto; + u_short proxy_port; + u_short server_port; - struct in_addr server_addr; + struct in_addr server_addr; - struct in_addr src_addr; - struct in_addr src_mask; + struct in_addr src_addr; + struct in_addr src_mask; - struct in_addr dst_addr; - struct in_addr dst_mask; + struct in_addr dst_addr; + struct in_addr dst_mask; - struct proxy_entry *next; - struct proxy_entry *last; + struct proxy_entry *next; + struct proxy_entry *last; }; @@ -134,308 +133,297 @@ struct proxy_entry destination of a proxied IP packet */ -static int IpMask(int, struct in_addr *); -static int IpAddr(char *, struct in_addr *); -static int IpPort(char *, int, int *); -static void RuleAdd(struct libalias *la, struct proxy_entry *); -static void RuleDelete(struct proxy_entry *); -static int RuleNumberDelete(struct libalias *la, int); -static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int); -static void ProxyEncodeIpHeader(struct ip *, int); +static int IpMask(int, struct in_addr *); +static int IpAddr(char *, struct in_addr *); +static int IpPort(char *, int, int *); +static void RuleAdd(struct libalias *la, struct proxy_entry *); +static void RuleDelete(struct proxy_entry *); +static int RuleNumberDelete(struct libalias *la, int); +static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int); +static void ProxyEncodeIpHeader(struct ip *, int); static int IpMask(int nbits, struct in_addr *mask) { - int i; - u_int imask; + int i; + u_int imask; - if (nbits < 0 || nbits > 32) - return -1; + if (nbits < 0 || nbits > 32) + return -1; - imask = 0; - for (i=0; i> 1) + 0x80000000; - mask->s_addr = htonl(imask); + imask = 0; + for (i = 0; i < nbits; i++) + imask = (imask >> 1) + 0x80000000; + mask->s_addr = htonl(imask); - return 0; + return 0; } static int IpAddr(char *s, struct in_addr *addr) { - if (inet_aton(s, addr) == 0) - return -1; - else - return 0; + if (inet_aton(s, addr) == 0) + return -1; + else + return 0; } static int IpPort(char *s, int proto, int *port) { - int n; + int n; - n = sscanf(s, "%d", port); - if (n != 1) - { - struct servent *se; + n = sscanf(s, "%d", port); + if (n != 1) { + struct servent *se; - if (proto == IPPROTO_TCP) - se = getservbyname(s, "tcp"); - else if (proto == IPPROTO_UDP) - se = getservbyname(s, "udp"); - else - return -1; + if (proto == IPPROTO_TCP) + se = getservbyname(s, "tcp"); + else if (proto == IPPROTO_UDP) + se = getservbyname(s, "udp"); + else + return -1; - if (se == NULL) - return -1; + if (se == NULL) + return -1; - *port = (u_int) ntohs(se->s_port); - } - - return 0; + *port = (u_int) ntohs(se->s_port); + } + return 0; } void RuleAdd(struct libalias *la, struct proxy_entry *entry) { - int rule_index; - struct proxy_entry *ptr; - struct proxy_entry *ptr_last; + int rule_index; + struct proxy_entry *ptr; + struct proxy_entry *ptr_last; - if (la->proxyList == NULL) - { - la->proxyList = entry; - entry->last = NULL; - entry->next = NULL; - return; - } - entry->la = la; + if (la->proxyList == NULL) { + la->proxyList = entry; + entry->last = NULL; + entry->next = NULL; + return; + } + entry->la = la; - rule_index = entry->rule_index; - ptr = la->proxyList; - ptr_last = NULL; - while (ptr != NULL) - { - if (ptr->rule_index >= rule_index) - { - if (ptr_last == NULL) - { - entry->next = la->proxyList; - entry->last = NULL; - la->proxyList->last = entry; - la->proxyList = entry; - return; - } + rule_index = entry->rule_index; + ptr = la->proxyList; + ptr_last = NULL; + while (ptr != NULL) { + if (ptr->rule_index >= rule_index) { + if (ptr_last == NULL) { + entry->next = la->proxyList; + entry->last = NULL; + la->proxyList->last = entry; + la->proxyList = entry; + return; + } + ptr_last->next = entry; + ptr->last = entry; + entry->last = ptr->last; + entry->next = ptr; + return; + } + ptr_last = ptr; + ptr = ptr->next; + } - ptr_last->next = entry; - ptr->last = entry; - entry->last = ptr->last; - entry->next = ptr; - return; - } - ptr_last = ptr; - ptr = ptr->next; - } - - ptr_last->next = entry; - entry->last = ptr_last; - entry->next = NULL; + ptr_last->next = entry; + entry->last = ptr_last; + entry->next = NULL; } static void RuleDelete(struct proxy_entry *entry) { - struct libalias *la; - - la = entry->la; - if (entry->last != NULL) - entry->last->next = entry->next; - else - la->proxyList = entry->next; + struct libalias *la; - if (entry->next != NULL) - entry->next->last = entry->last; + la = entry->la; + if (entry->last != NULL) + entry->last->next = entry->next; + else + la->proxyList = entry->next; - free(entry); + if (entry->next != NULL) + entry->next->last = entry->last; + + free(entry); } static int RuleNumberDelete(struct libalias *la, int rule_index) { - int err; - struct proxy_entry *ptr; + int err; + struct proxy_entry *ptr; - err = -1; - ptr = la->proxyList; - while (ptr != NULL) - { - struct proxy_entry *ptr_next; + err = -1; + ptr = la->proxyList; + while (ptr != NULL) { + struct proxy_entry *ptr_next; - ptr_next = ptr->next; - if (ptr->rule_index == rule_index) - { - err = 0; - RuleDelete(ptr); - } + ptr_next = ptr->next; + if (ptr->rule_index == rule_index) { + err = 0; + RuleDelete(ptr); + } + ptr = ptr_next; + } - ptr = ptr_next; - } - - return err; + return err; } static void ProxyEncodeTcpStream(struct alias_link *link, - struct ip *pip, - int maxpacketsize) + struct ip *pip, + int maxpacketsize) { - int slen; - char buffer[40]; - struct tcphdr *tc; + int slen; + char buffer[40]; + struct tcphdr *tc; /* Compute pointer to tcp header */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); /* Don't modify if once already modified */ - if (GetAckModified (link)) - return; + if (GetAckModified(link)) + return; /* Translate destination address and port to string form */ - snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]", - inet_ntoa(GetProxyAddress (link)), (u_int) ntohs(GetProxyPort (link))); + snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]", + inet_ntoa(GetProxyAddress(link)), (u_int) ntohs(GetProxyPort(link))); /* Pad string out to a multiple of two in length */ - slen = strlen(buffer); - switch (slen % 2) - { - case 0: - strcat(buffer, " \n"); - slen += 2; - break; - case 1: - strcat(buffer, "\n"); - slen += 1; - } + slen = strlen(buffer); + switch (slen % 2) { + case 0: + strcat(buffer, " \n"); + slen += 2; + break; + case 1: + strcat(buffer, "\n"); + slen += 1; + } /* Check for packet overflow */ - if ((ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize) - return; + if ((ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize) + return; /* Shift existing TCP data and insert destination string */ - { - int dlen; - int hlen; - u_char *p; + { + int dlen; + int hlen; + u_char *p; - hlen = (pip->ip_hl + tc->th_off) << 2; - dlen = ntohs (pip->ip_len) - hlen; + hlen = (pip->ip_hl + tc->th_off) << 2; + dlen = ntohs(pip->ip_len) - hlen; /* Modify first packet that has data in it */ - if (dlen == 0) - return; + if (dlen == 0) + return; - p = (char *) pip; - p += hlen; + p = (char *)pip; + p += hlen; - memmove(p + slen, p, dlen); - memcpy(p, buffer, slen); - } + memmove(p + slen, p, dlen); + memcpy(p, buffer, slen); + } /* Save information about modfied sequence number */ - { - int delta; + { + int delta; - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta+slen); - } + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + slen); + } /* Update IP header packet length and checksum */ - { - int accumulate; + { + int accumulate; - accumulate = pip->ip_len; - pip->ip_len = htons(ntohs(pip->ip_len) + slen); - accumulate -= pip->ip_len; + accumulate = pip->ip_len; + pip->ip_len = htons(ntohs(pip->ip_len) + slen); + accumulate -= pip->ip_len; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); - } + ADJUST_CHECKSUM(accumulate, pip->ip_sum); + } /* Update TCP checksum, Use TcpChecksum since so many things have already changed. */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum (pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); } static void ProxyEncodeIpHeader(struct ip *pip, - int maxpacketsize) + int maxpacketsize) { #define OPTION_LEN_BYTES 8 #define OPTION_LEN_INT16 4 #define OPTION_LEN_INT32 2 - u_char option[OPTION_LEN_BYTES]; + u_char option[OPTION_LEN_BYTES]; #ifdef DEBUG - fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip)); - fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip)); + fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip)); + fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip)); #endif /* Check to see that there is room to add an IP option */ - if (pip->ip_hl > (0x0f - OPTION_LEN_INT32)) - return; + if (pip->ip_hl > (0x0f - OPTION_LEN_INT32)) + return; /* Build option and copy into packet */ - { - u_char *ptr; - struct tcphdr *tc; + { + u_char *ptr; + struct tcphdr *tc; - ptr = (u_char *) pip; - ptr += 20; - memcpy(ptr + OPTION_LEN_BYTES, ptr, ntohs(pip->ip_len) - 20); + ptr = (u_char *) pip; + ptr += 20; + memcpy(ptr + OPTION_LEN_BYTES, ptr, ntohs(pip->ip_len) - 20); - option[0] = 0x64; /* class: 3 (reserved), option 4 */ - option[1] = OPTION_LEN_BYTES; + option[0] = 0x64; /* class: 3 (reserved), option 4 */ + option[1] = OPTION_LEN_BYTES; - memcpy(&option[2], (u_char *) &pip->ip_dst, 4); + memcpy(&option[2], (u_char *) & pip->ip_dst, 4); - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - memcpy(&option[6], (u_char *) &tc->th_sport, 2); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + memcpy(&option[6], (u_char *) & tc->th_sport, 2); - memcpy(ptr, option, 8); - } + memcpy(ptr, option, 8); + } /* Update checksum, header length and packet length */ - { - int i; - int accumulate; - u_short *sptr; + { + int i; + int accumulate; + u_short *sptr; - sptr = (u_short *) option; - accumulate = 0; - for (i=0; iip_hl += OPTION_LEN_INT32; - accumulate -= *sptr; + sptr = (u_short *) pip; + accumulate += *sptr; + pip->ip_hl += OPTION_LEN_INT32; + accumulate -= *sptr; - accumulate += pip->ip_len; - pip->ip_len = htons(ntohs(pip->ip_len) + OPTION_LEN_BYTES); - accumulate -= pip->ip_len; + accumulate += pip->ip_len; + pip->ip_len = htons(ntohs(pip->ip_len) + OPTION_LEN_BYTES); + accumulate -= pip->ip_len; - ADJUST_CHECKSUM(accumulate, pip->ip_sum); - } + ADJUST_CHECKSUM(accumulate, pip->ip_sum); + } #undef OPTION_LEN_BYTES #undef OPTION_LEN_INT16 #undef OPTION_LEN_INT32 #ifdef DEBUG - fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip)); - fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip)); + fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip)); + fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip)); #endif } @@ -451,66 +439,62 @@ ProxyEncodeIpHeader(struct ip *pip, int ProxyCheck(struct libalias *la, struct ip *pip, - struct in_addr *proxy_server_addr, - u_short *proxy_server_port) + struct in_addr *proxy_server_addr, + u_short * proxy_server_port) { - u_short dst_port; - struct in_addr src_addr; - struct in_addr dst_addr; - struct proxy_entry *ptr; + u_short dst_port; + struct in_addr src_addr; + struct in_addr dst_addr; + struct proxy_entry *ptr; - src_addr = pip->ip_src; - dst_addr = pip->ip_dst; - dst_port = ((struct tcphdr *) ((char *) pip + (pip->ip_hl << 2))) - ->th_dport; + src_addr = pip->ip_src; + dst_addr = pip->ip_dst; + dst_port = ((struct tcphdr *)((char *)pip + (pip->ip_hl << 2))) + ->th_dport; - ptr = la->proxyList; - while (ptr != NULL) - { - u_short proxy_port; + ptr = la->proxyList; + while (ptr != NULL) { + u_short proxy_port; - proxy_port = ptr->proxy_port; - if ((dst_port == proxy_port || proxy_port == 0) - && pip->ip_p == ptr->proto - && src_addr.s_addr != ptr->server_addr.s_addr) - { - struct in_addr src_addr_masked; - struct in_addr dst_addr_masked; + proxy_port = ptr->proxy_port; + if ((dst_port == proxy_port || proxy_port == 0) + && pip->ip_p == ptr->proto + && src_addr.s_addr != ptr->server_addr.s_addr) { + struct in_addr src_addr_masked; + struct in_addr dst_addr_masked; - src_addr_masked.s_addr = src_addr.s_addr & ptr->src_mask.s_addr; - dst_addr_masked.s_addr = dst_addr.s_addr & ptr->dst_mask.s_addr; + src_addr_masked.s_addr = src_addr.s_addr & ptr->src_mask.s_addr; + dst_addr_masked.s_addr = dst_addr.s_addr & ptr->dst_mask.s_addr; - if ((src_addr_masked.s_addr == ptr->src_addr.s_addr) - && (dst_addr_masked.s_addr == ptr->dst_addr.s_addr)) - { - if ((*proxy_server_port = ptr->server_port) == 0) - *proxy_server_port = dst_port; - *proxy_server_addr = ptr->server_addr; - return ptr->proxy_type; - } - } - ptr = ptr->next; - } + if ((src_addr_masked.s_addr == ptr->src_addr.s_addr) + && (dst_addr_masked.s_addr == ptr->dst_addr.s_addr)) { + if ((*proxy_server_port = ptr->server_port) == 0) + *proxy_server_port = dst_port; + *proxy_server_addr = ptr->server_addr; + return ptr->proxy_type; + } + } + ptr = ptr->next; + } - return 0; + return 0; } void ProxyModify(struct libalias *la, struct alias_link *link, - struct ip *pip, - int maxpacketsize, - int proxy_type) + struct ip *pip, + int maxpacketsize, + int proxy_type) { - switch (proxy_type) - { - case PROXY_TYPE_ENCODE_IPHDR: - ProxyEncodeIpHeader(pip, maxpacketsize); - break; + switch (proxy_type) { + case PROXY_TYPE_ENCODE_IPHDR: + ProxyEncodeIpHeader(pip, maxpacketsize); + break; - case PROXY_TYPE_ENCODE_TCPSTREAM: - ProxyEncodeTcpStream(link, pip, maxpacketsize); - break; - } + case PROXY_TYPE_ENCODE_TCPSTREAM: + ProxyEncodeTcpStream(link, pip, maxpacketsize); + break; + } } @@ -542,54 +526,54 @@ LibAliasProxyRule(struct libalias *la, const char *cmd) * then 0 is used, and group 0 rules are always checked before any * others. */ - int i, n, len; - int cmd_len; - int token_count; - int state; - char *token; - char buffer[256]; - char str_port[sizeof(buffer)]; - char str_server_port[sizeof(buffer)]; - char *res = buffer; + int i, n, len; + int cmd_len; + int token_count; + int state; + char *token; + char buffer[256]; + char str_port[sizeof(buffer)]; + char str_server_port[sizeof(buffer)]; + char *res = buffer; - int rule_index; - int proto; - int proxy_type; - int proxy_port; - int server_port; - struct in_addr server_addr; - struct in_addr src_addr, src_mask; - struct in_addr dst_addr, dst_mask; - struct proxy_entry *proxy_entry; + int rule_index; + int proto; + int proxy_type; + int proxy_port; + int server_port; + struct in_addr server_addr; + struct in_addr src_addr, src_mask; + struct in_addr dst_addr, dst_mask; + struct proxy_entry *proxy_entry; /* Copy command line into a buffer */ - cmd += strspn(cmd, " \t"); - cmd_len = strlen(cmd); - if (cmd_len > (sizeof(buffer) - 1)) - return -1; - strcpy(buffer, cmd); + cmd += strspn(cmd, " \t"); + cmd_len = strlen(cmd); + if (cmd_len > (sizeof(buffer) - 1)) + return -1; + strcpy(buffer, cmd); /* Convert to lower case */ - len = strlen(buffer); - for (i=0; iproxy_type = proxy_type; - proxy_entry->rule_index = rule_index; - proxy_entry->proto = proto; - proxy_entry->proxy_port = htons(proxy_port); - proxy_entry->server_port = htons(server_port); - proxy_entry->server_addr = server_addr; - proxy_entry->src_addr.s_addr = src_addr.s_addr & src_mask.s_addr; - proxy_entry->dst_addr.s_addr = dst_addr.s_addr & dst_mask.s_addr; - proxy_entry->src_mask = src_mask; - proxy_entry->dst_mask = dst_mask; + proxy_entry->proxy_type = proxy_type; + proxy_entry->rule_index = rule_index; + proxy_entry->proto = proto; + proxy_entry->proxy_port = htons(proxy_port); + proxy_entry->server_port = htons(server_port); + proxy_entry->server_addr = server_addr; + proxy_entry->src_addr.s_addr = src_addr.s_addr & src_mask.s_addr; + proxy_entry->dst_addr.s_addr = dst_addr.s_addr & dst_mask.s_addr; + proxy_entry->src_mask = src_mask; + proxy_entry->dst_mask = dst_mask; - RuleAdd(la, proxy_entry); + RuleAdd(la, proxy_entry); - return 0; + return 0; } diff --git a/sys/netinet/libalias/alias_skinny.c b/sys/netinet/libalias/alias_skinny.c index d6748934bf0e..3c482b426770 100644 --- a/sys/netinet/libalias/alias_skinny.c +++ b/sys/netinet/libalias/alias_skinny.c @@ -60,10 +60,10 @@ * has answered. The phone then sends back an Open Receive Channel * Acknowledgement. In this packet, the phone sends its IP address again, * and the UDP port over which the voice traffic should flow. These values - * need translation. Right after the Open Receive Channel Acknowledgement, + * need translation. Right after the Open Receive Channel Acknowledgement, * the Call Manager sends a Start Media Transmission message indicating the - * call is connected. This message contains the IP address and UDP port - * number of the remote (called) party. Once this message is translated, the + * call is connected. This message contains the IP address and UDP port + * number of the remote (called) party. Once this message is translated, the * call can commence. The called part sends the first UDP packet to the * calling phone at the pre-arranged UDP port in the Open Receive Channel * Acknowledgement. @@ -81,258 +81,258 @@ #define START_MEDIATX 0x0000008a struct skinny_header { - u_int32_t len; - u_int32_t reserved; - u_int32_t msgId; + u_int32_t len; + u_int32_t reserved; + u_int32_t msgId; }; struct RegisterMessage { - u_int32_t msgId; - char devName[16]; - u_int32_t uid; - u_int32_t instance; - u_int32_t ipAddr; - u_char devType; - u_int32_t maxStreams; + u_int32_t msgId; + char devName [16]; + u_int32_t uid; + u_int32_t instance; + u_int32_t ipAddr; + u_char devType; + u_int32_t maxStreams; }; struct IpPortMessage { - u_int32_t msgId; - u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port - * numbers */ + u_int32_t msgId; + u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port + * numbers */ }; struct OpenReceiveChannelAck { - u_int32_t msgId; - u_int32_t status; - u_int32_t ipAddr; - u_int32_t port; - u_int32_t passThruPartyID; + u_int32_t msgId; + u_int32_t status; + u_int32_t ipAddr; + u_int32_t port; + u_int32_t passThruPartyID; }; struct StartMediaTransmission { - u_int32_t msgId; - u_int32_t conferenceID; - u_int32_t passThruPartyID; - u_int32_t remoteIpAddr; - u_int32_t remotePort; - u_int32_t MSPacket; - u_int32_t payloadCap; - u_int32_t precedence; - u_int32_t silenceSuppression; - u_short maxFramesPerPacket; - u_int32_t G723BitRate; + u_int32_t msgId; + u_int32_t conferenceID; + u_int32_t passThruPartyID; + u_int32_t remoteIpAddr; + u_int32_t remotePort; + u_int32_t MSPacket; + u_int32_t payloadCap; + u_int32_t precedence; + u_int32_t silenceSuppression; + u_short maxFramesPerPacket; + u_int32_t G723BitRate; }; typedef enum { - ClientToServer = 0, - ServerToClient = 1 + ClientToServer = 0, + ServerToClient = 1 } ConvDirection; static int alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip, - struct tcphdr *tc, struct alias_link *link, - ConvDirection direction) + struct tcphdr *tc, struct alias_link *link, + ConvDirection direction) { - reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr; + reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr; - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } static int alias_skinny_startmedia(struct StartMediaTransmission *start_media, - struct ip *pip, struct tcphdr *tc, - struct alias_link *link, u_int32_t localIpAddr, - ConvDirection direction) + struct ip *pip, struct tcphdr *tc, + struct alias_link *link, u_int32_t localIpAddr, + ConvDirection direction) { - struct in_addr dst, src; + struct in_addr dst, src; - dst.s_addr = start_media->remoteIpAddr; - src.s_addr = localIpAddr; + dst.s_addr = start_media->remoteIpAddr; + src.s_addr = localIpAddr; - /* XXX I should probably handle in bound global translations as well. */ + /* + * XXX I should probably handle in bound global translations as + * well. + */ - return 0; + return 0; } static int alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip, - struct tcphdr *tc, struct alias_link *link, - ConvDirection direction) + struct tcphdr *tc, struct alias_link *link, + ConvDirection direction) { - port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link)); + port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link)); - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } static int alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack, - struct ip * pip, struct tcphdr *tc, - struct alias_link *link, u_int32_t *localIpAddr, - ConvDirection direction) + struct ip *pip, struct tcphdr *tc, + struct alias_link *link, u_int32_t * localIpAddr, + ConvDirection direction) { - struct in_addr null_addr; - struct alias_link *opnrcv_link; - u_int32_t localPort; + struct in_addr null_addr; + struct alias_link *opnrcv_link; + u_int32_t localPort; - *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr; - localPort = opnrcvch_ack->port; + *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr; + localPort = opnrcvch_ack->port; - null_addr.s_addr = INADDR_ANY; - opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr, - htons((u_short) opnrcvch_ack->port), 0, - IPPROTO_UDP, 1); - opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr; - opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link)); + null_addr.s_addr = INADDR_ANY; + opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr, + htons((u_short) opnrcvch_ack->port), 0, + IPPROTO_UDP, 1); + opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr; + opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link)); - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } void AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *link) { - int hlen, tlen, dlen; - struct tcphdr *tc; - u_int32_t msgId, len, t, lip; - struct skinny_header *sd; - int orig_len, skinny_hdr_len = sizeof(struct skinny_header); - ConvDirection direction; + int hlen, tlen, dlen; + struct tcphdr *tc; + u_int32_t msgId, len, t, lip; + struct skinny_header *sd; + int orig_len, skinny_hdr_len = sizeof(struct skinny_header); + ConvDirection direction; - tc = (struct tcphdr *) ((char *)pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - sd = (struct skinny_header *) ((char *)pip + hlen); + sd = (struct skinny_header *)((char *)pip + hlen); - /* - * XXX This direction is reserved for future use. I still need to - * handle the scenario where the call manager is on the inside, and - * the calling phone is on the global outside. - */ - if (ntohs(tc->th_dport) == la->skinnyPort) { - direction = ClientToServer; - } else if (ntohs(tc->th_sport) == la->skinnyPort) { - direction = ServerToClient; - } else { + /* + * XXX This direction is reserved for future use. I still need to + * handle the scenario where the call manager is on the inside, and + * the calling phone is on the global outside. + */ + if (ntohs(tc->th_dport) == la->skinnyPort) { + direction = ClientToServer; + } else if (ntohs(tc->th_sport) == la->skinnyPort) { + direction = ServerToClient; + } else { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n"); + fprintf(stderr, + "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n"); #endif - return; - } + return; + } - orig_len = dlen; - /* - * Skinny packets can contain many messages. We need to loop through - * the packet using len to determine message boundaries. This comes - * into play big time with port messages being in the same packet as - * register messages. Also, open receive channel acks are - * usually buried in a pakcet some 400 bytes long. - */ - while (dlen >= skinny_hdr_len) { - len = (sd->len); - msgId = (sd->msgId); - t = len; + orig_len = dlen; + /* + * Skinny packets can contain many messages. We need to loop + * through the packet using len to determine message boundaries. + * This comes into play big time with port messages being in the + * same packet as register messages. Also, open receive channel + * acks are usually buried in a pakcet some 400 bytes long. + */ + while (dlen >= skinny_hdr_len) { + len = (sd->len); + msgId = (sd->msgId); + t = len; - if (t < 0 || t > orig_len || t > dlen) { + if (t < 0 || t > orig_len || t > dlen) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, invalid length \n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, invalid length \n"); #endif - return; - } - switch (msgId) { - case REG_MSG: - { - struct RegisterMessage *reg_mesg; + return; + } + switch (msgId) { + case REG_MSG: { + struct RegisterMessage *reg_mesg; - if (len < sizeof(struct RegisterMessage)) { + if (len < sizeof(struct RegisterMessage)) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, bad registration message\n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, bad registration message\n"); #endif - return; - } - reg_mesg = (struct RegisterMessage *) & sd->msgId; + return; + } + reg_mesg = (struct RegisterMessage *)&sd->msgId; #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Received a register message"); + fprintf(stderr, + "PacketAlias/Skinny: Received a register message"); #endif - alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction); - } - break; - case IP_PORT_MSG: - { - struct IpPortMessage *port_mesg; - if (len < sizeof(struct IpPortMessage)) { -#ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, port message\n"); -#endif - return; - } -#ifdef DEBUG - fprintf(stderr - "PacketAlias/Skinny: Received ipport message\n"); -#endif - port_mesg = (struct IpPortMessage *) & sd->msgId; - alias_skinny_port_msg(port_mesg, pip, tc, link, direction); - } - break; - case OPNRCVCH_ACK: - { - struct OpenReceiveChannelAck *opnrcvchn_ack; + alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction); + break; + } + case IP_PORT_MSG: { + struct IpPortMessage *port_mesg; - if (len < sizeof(struct OpenReceiveChannelAck)) { + if (len < sizeof(struct IpPortMessage)) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, port message\n"); #endif - return; - } + return; + } #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Received open rcv channel msg\n"); + fprintf(stderr + "PacketAlias/Skinny: Received ipport message\n"); #endif - opnrcvchn_ack = (struct OpenReceiveChannelAck *) & sd->msgId; - alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction); - } - break; - case START_MEDIATX: - { - struct StartMediaTransmission *startmedia_tx; + port_mesg = (struct IpPortMessage *)&sd->msgId; + alias_skinny_port_msg(port_mesg, pip, tc, link, direction); + break; + } + case OPNRCVCH_ACK: { + struct OpenReceiveChannelAck *opnrcvchn_ack; - if (len < sizeof(struct StartMediaTransmission)) { + if (len < sizeof(struct OpenReceiveChannelAck)) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n"); + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n"); #endif - return; - } + return; + } #ifdef DEBUG - fprintf(stderr, - "PacketAlias/Skinny: Received start media trans msg\n"); + fprintf(stderr, + "PacketAlias/Skinny: Received open rcv channel msg\n"); #endif - startmedia_tx = (struct StartMediaTransmission *) & sd->msgId; - alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction); - } - break; - default: - break; - } - /* Place the pointer at the next message in the packet. */ - dlen -= len + (skinny_hdr_len - sizeof(msgId)); - sd = (struct skinny_header *) (((char *)&sd->msgId) + len); - } + opnrcvchn_ack = (struct OpenReceiveChannelAck *)&sd->msgId; + alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction); + break; + } + case START_MEDIATX: { + struct StartMediaTransmission *startmedia_tx; + + if (len < sizeof(struct StartMediaTransmission)) { +#ifdef DEBUG + fprintf(stderr, + "PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n"); +#endif + return; + } +#ifdef DEBUG + fprintf(stderr, + "PacketAlias/Skinny: Received start media trans msg\n"); +#endif + startmedia_tx = (struct StartMediaTransmission *)&sd->msgId; + alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction); + break; + } + default: + break; + } + /* Place the pointer at the next message in the packet. */ + dlen -= len + (skinny_hdr_len - sizeof(msgId)); + sd = (struct skinny_header *)(((char *)&sd->msgId) + len); + } } diff --git a/sys/netinet/libalias/alias_smedia.c b/sys/netinet/libalias/alias_smedia.c index 600563cef411..700f4097039c 100644 --- a/sys/netinet/libalias/alias_smedia.c +++ b/sys/netinet/libalias/alias_smedia.c @@ -118,316 +118,326 @@ __FBSDID("$FreeBSD$"); static int search_string(char *data, int dlen, const char *search_str) { - int i, j, k; - int search_str_len; + int i, j, k; + int search_str_len; - search_str_len = strlen(search_str); - for (i = 0; i < dlen - search_str_len; i++) { - for (j = i, k = 0; j < dlen - search_str_len; j++, k++) { - if (data[j] != search_str[k] && - data[j] != search_str[k] - ('a' - 'A')) { - break; - } - if (k == search_str_len - 1) { - return j + 1; - } + search_str_len = strlen(search_str); + for (i = 0; i < dlen - search_str_len; i++) { + for (j = i, k = 0; j < dlen - search_str_len; j++, k++) { + if (data[j] != search_str[k] && + data[j] != search_str[k] - ('a' - 'A')) { + break; + } + if (k == search_str_len - 1) { + return j + 1; + } + } } - } - return -1; + return -1; } static int alias_rtsp_out(struct libalias *la, struct ip *pip, - struct alias_link *link, - char *data, - const char *port_str) + struct alias_link *link, + char *data, + const char *port_str) { - int hlen, tlen, dlen; - struct tcphdr *tc; - int i, j, pos, state, port_dlen, new_dlen, delta; - u_short p[2], new_len; - u_short sport, eport, base_port; - u_short salias = 0, ealias = 0, base_alias = 0; - const char *transport_str = "transport:"; - char newdata[2048], *port_data, *port_newdata, stemp[80]; - int links_created = 0, pkt_updated = 0; - struct alias_link *rtsp_link = NULL; - struct in_addr null_addr; + int hlen, tlen, dlen; + struct tcphdr *tc; + int i, j, pos, state, port_dlen, new_dlen, delta; + u_short p[2], new_len; + u_short sport, eport, base_port; + u_short salias = 0, ealias = 0, base_alias = 0; + const char *transport_str = "transport:"; + char newdata[2048], *port_data, *port_newdata, stemp[80]; + int links_created = 0, pkt_updated = 0; + struct alias_link *rtsp_link = NULL; + struct in_addr null_addr; - /* Calculate data length of TCP packet */ - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + /* Calculate data length of TCP packet */ + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - /* Find keyword, "Transport: " */ - pos = search_string(data, dlen, transport_str); - if (pos < 0) { - return -1; - } - port_data = data + pos; - port_dlen = dlen - pos; - - memcpy(newdata, data, pos); - port_newdata = newdata + pos; - - while (port_dlen > strlen(port_str)) { - /* Find keyword, appropriate port string */ - pos = search_string(port_data, port_dlen, port_str); + /* Find keyword, "Transport: " */ + pos = search_string(data, dlen, transport_str); if (pos < 0) { - break; + return -1; } + port_data = data + pos; + port_dlen = dlen - pos; - memcpy (port_newdata, port_data, pos + 1); - port_newdata += (pos + 1); + memcpy(newdata, data, pos); + port_newdata = newdata + pos; - p[0] = p[1] = 0; - sport = eport = 0; - state = 0; - for (i = pos; i < port_dlen; i++) { - switch(state) { - case 0: - if (port_data[i] == '=') { - state++; + while (port_dlen > strlen(port_str)) { + /* Find keyword, appropriate port string */ + pos = search_string(port_data, port_dlen, port_str); + if (pos < 0) { + break; } - break; - case 1: - if (ISDIGIT(port_data[i])) { - p[0] = p[0] * 10 + port_data[i] - '0'; - } else { - if (port_data[i] == ';') { - state = 3; - } - if (port_data[i] == '-') { - state++; - } - } - break; - case 2: - if (ISDIGIT(port_data[i])) { - p[1] = p[1] * 10 + port_data[i] - '0'; - } else { - state++; - } - break; - case 3: - base_port = p[0]; - sport = htons(p[0]); - eport = htons(p[1]); + memcpy(port_newdata, port_data, pos + 1); + port_newdata += (pos + 1); - if (!links_created) { + p[0] = p[1] = 0; + sport = eport = 0; + state = 0; + for (i = pos; i < port_dlen; i++) { + switch (state) { + case 0: + if (port_data[i] == '=') { + state++; + } + break; + case 1: + if (ISDIGIT(port_data[i])) { + p[0] = p[0] * 10 + port_data[i] - '0'; + } else { + if (port_data[i] == ';') { + state = 3; + } + if (port_data[i] == '-') { + state++; + } + } + break; + case 2: + if (ISDIGIT(port_data[i])) { + p[1] = p[1] * 10 + port_data[i] - '0'; + } else { + state++; + } + break; + case 3: + base_port = p[0]; + sport = htons(p[0]); + eport = htons(p[1]); - links_created = 1; - /* Find an even numbered port number base that - satisfies the contiguous number of ports we need */ - null_addr.s_addr = 0; - if (0 == (salias = FindNewPortGroup(la, null_addr, - FindAliasAddress(la, pip->ip_src), - sport, 0, - RTSP_PORT_GROUP, - IPPROTO_UDP, 1))) { + if (!links_created) { + + links_created = 1; + /* + * Find an even numbered port + * number base that satisfies the + * contiguous number of ports we + * need + */ + null_addr.s_addr = 0; + if (0 == (salias = FindNewPortGroup(la, null_addr, + FindAliasAddress(la, pip->ip_src), + sport, 0, + RTSP_PORT_GROUP, + IPPROTO_UDP, 1))) { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n"); + fprintf(stderr, + "PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n"); #endif - } else { + } else { - base_alias = ntohs(salias); - for (j = 0; j < RTSP_PORT_GROUP; j++) { - /* Establish link to port found in RTSP packet */ - rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr, - htons(base_port + j), htons(base_alias + j), - IPPROTO_UDP); - if (rtsp_link != NULL) { + base_alias = ntohs(salias); + for (j = 0; j < RTSP_PORT_GROUP; j++) { + /* + * Establish link + * to port found in + * RTSP packet + */ + rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr, + htons(base_port + j), htons(base_alias + j), + IPPROTO_UDP); + if (rtsp_link != NULL) { #ifndef NO_FW_PUNCH - /* Punch hole in firewall */ - PunchFWHole(rtsp_link); + /* + * Punch + * hole in + * firewall + */ + PunchFWHole(rtsp_link); #endif - } else { + } else { #ifdef DEBUG - fprintf(stderr, - "PacketAlias/RTSP: Cannot allocate RTSP data ports\n"); + fprintf(stderr, + "PacketAlias/RTSP: Cannot allocate RTSP data ports\n"); #endif - break; - } - } - } - ealias = htons(base_alias + (RTSP_PORT_GROUP - 1)); + break; + } + } + } + ealias = htons(base_alias + (RTSP_PORT_GROUP - 1)); + } + if (salias && rtsp_link) { + + pkt_updated = 1; + + /* Copy into IP packet */ + sprintf(stemp, "%d", ntohs(salias)); + memcpy(port_newdata, stemp, strlen(stemp)); + port_newdata += strlen(stemp); + + if (eport != 0) { + *port_newdata = '-'; + port_newdata++; + + /* Copy into IP packet */ + sprintf(stemp, "%d", ntohs(ealias)); + memcpy(port_newdata, stemp, strlen(stemp)); + port_newdata += strlen(stemp); + } + *port_newdata = ';'; + port_newdata++; + } + state++; + break; + } + if (state > 3) { + break; + } } - - if (salias && rtsp_link) { - - pkt_updated = 1; - - /* Copy into IP packet */ - sprintf(stemp, "%d", ntohs(salias)); - memcpy(port_newdata, stemp, strlen(stemp)); - port_newdata += strlen(stemp); - - if (eport != 0) { - *port_newdata = '-'; - port_newdata++; - - /* Copy into IP packet */ - sprintf(stemp, "%d", ntohs(ealias)); - memcpy(port_newdata, stemp, strlen(stemp)); - port_newdata += strlen(stemp); - } - - *port_newdata = ';'; - port_newdata++; - } - state++; - break; - } - if (state > 3) { - break; - } + port_data += i; + port_dlen -= i; } - port_data += i; - port_dlen -= i; - } - if (!pkt_updated) - return -1; + if (!pkt_updated) + return -1; - memcpy (port_newdata, port_data, port_dlen); - port_newdata += port_dlen; - *port_newdata = '\0'; + memcpy(port_newdata, port_data, port_dlen); + port_newdata += port_dlen; + *port_newdata = '\0'; - /* Create new packet */ - new_dlen = port_newdata - newdata; - memcpy (data, newdata, new_dlen); + /* Create new packet */ + new_dlen = port_newdata - newdata; + memcpy(data, newdata, new_dlen); - SetAckModified(link); - delta = GetDeltaSeqOut(pip, link); - AddSeq(pip, link, delta + new_dlen - dlen); + SetAckModified(link); + delta = GetDeltaSeqOut(pip, link); + AddSeq(pip, link, delta + new_dlen - dlen); - new_len = htons(hlen + new_dlen); - DifferentialChecksum(&pip->ip_sum, - &new_len, - &pip->ip_len, - 1); - pip->ip_len = new_len; + new_len = htons(hlen + new_dlen); + DifferentialChecksum(&pip->ip_sum, + &new_len, + &pip->ip_len, + 1); + pip->ip_len = new_len; - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); - return 0; + return 0; } /* Support the protocol used by early versions of RealPlayer */ static int alias_pna_out(struct libalias *la, struct ip *pip, - struct alias_link *link, - char *data, - int dlen) + struct alias_link *link, + char *data, + int dlen) { - struct alias_link *pna_links; - u_short msg_id, msg_len; - char *work; - u_short alias_port, port; - struct tcphdr *tc; + struct alias_link *pna_links; + u_short msg_id, msg_len; + char *work; + u_short alias_port, port; + struct tcphdr *tc; - work = data; - work += 5; - while (work + 4 < data + dlen) { - memcpy(&msg_id, work, 2); - work += 2; - memcpy(&msg_len, work, 2); - work += 2; - if (ntohs(msg_id) == 0) { - /* end of options */ - return 0; - } - if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) { - memcpy(&port, work, 2); - pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), - port, 0, IPPROTO_UDP, 1); - if (pna_links != NULL) { + work = data; + work += 5; + while (work + 4 < data + dlen) { + memcpy(&msg_id, work, 2); + work += 2; + memcpy(&msg_len, work, 2); + work += 2; + if (ntohs(msg_id) == 0) { + /* end of options */ + return 0; + } + if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) { + memcpy(&port, work, 2); + pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link), + port, 0, IPPROTO_UDP, 1); + if (pna_links != NULL) { #ifndef NO_FW_PUNCH - /* Punch hole in firewall */ - PunchFWHole(pna_links); + /* Punch hole in firewall */ + PunchFWHole(pna_links); #endif - tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)); - alias_port = GetAliasPort(pna_links); - memcpy(work, &alias_port, 2); + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + alias_port = GetAliasPort(pna_links); + memcpy(work, &alias_port, 2); - /* Compute TCP checksum for revised packet */ - tc->th_sum = 0; - tc->th_sum = TcpChecksum(pip); - } + /* Compute TCP checksum for revised packet */ + tc->th_sum = 0; + tc->th_sum = TcpChecksum(pip); + } + } + work += ntohs(msg_len); } - work += ntohs(msg_len); - } - return 0; + return 0; } void AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *link, int maxpacketsize) { - int hlen, tlen, dlen; - struct tcphdr *tc; - char *data; - const char *setup = "SETUP", *pna = "PNA", *str200 = "200"; - const char *okstr = "OK", *client_port_str = "client_port"; - const char *server_port_str = "server_port"; - int i, parseOk; + int hlen, tlen, dlen; + struct tcphdr *tc; + char *data; + const char *setup = "SETUP", *pna = "PNA", *str200 = "200"; + const char *okstr = "OK", *client_port_str = "client_port"; + const char *server_port_str = "server_port"; + int i, parseOk; - tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); - hlen = (pip->ip_hl + tc->th_off) << 2; - tlen = ntohs(pip->ip_len); - dlen = tlen - hlen; + tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2)); + hlen = (pip->ip_hl + tc->th_off) << 2; + tlen = ntohs(pip->ip_len); + dlen = tlen - hlen; - data = (char*)pip; - data += hlen; + data = (char *)pip; + data += hlen; - /* When aliasing a client, check for the SETUP request */ - if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) || - (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) { + /* When aliasing a client, check for the SETUP request */ + if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) || + (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) { - if (dlen >= strlen(setup)) { - if (memcmp(data, setup, strlen(setup)) == 0) { - alias_rtsp_out(la, pip, link, data, client_port_str); - return; + if (dlen >= strlen(setup)) { + if (memcmp(data, setup, strlen(setup)) == 0) { + alias_rtsp_out(la, pip, link, data, client_port_str); + return; + } + } + if (dlen >= strlen(pna)) { + if (memcmp(data, pna, strlen(pna)) == 0) { + alias_pna_out(la, pip, link, data, dlen); + } + } + } else { + + /* + * When aliasing a server, check for the 200 reply + * Accomodate varying number of blanks between 200 & OK + */ + + if (dlen >= strlen(str200)) { + + for (parseOk = 0, i = 0; + i <= dlen - strlen(str200); + i++) { + if (memcmp(&data[i], str200, strlen(str200)) == 0) { + parseOk = 1; + break; + } + } + if (parseOk) { + + i += strlen(str200); /* skip string found */ + while (data[i] == ' ') /* skip blank(s) */ + i++; + + if ((dlen - i) >= strlen(okstr)) { + + if (memcmp(&data[i], okstr, strlen(okstr)) == 0) + alias_rtsp_out(la, pip, link, data, server_port_str); + + } + } + } } - } - if (dlen >= strlen(pna)) { - if (memcmp(data, pna, strlen(pna)) == 0) { - alias_pna_out(la, pip, link, data, dlen); - } - } - - } else { - - /* When aliasing a server, check for the 200 reply - Accomodate varying number of blanks between 200 & OK */ - - if (dlen >= strlen(str200)) { - - for (parseOk = 0, i = 0; - i <= dlen - strlen(str200); - i++) { - if (memcmp(&data[i], str200, strlen(str200)) == 0) { - parseOk = 1; - break; - } - } - if (parseOk) { - - i += strlen(str200); /* skip string found */ - while(data[i] == ' ') /* skip blank(s) */ - i++; - - if ((dlen - i) >= strlen(okstr)) { - - if (memcmp(&data[i], okstr, strlen(okstr)) == 0) - alias_rtsp_out(la, pip, link, data, server_port_str); - - } - } - } - } } diff --git a/sys/netinet/libalias/alias_util.c b/sys/netinet/libalias/alias_util.c index 1bba0754f287..d7d0b3fa3c04 100644 --- a/sys/netinet/libalias/alias_util.c +++ b/sys/netinet/libalias/alias_util.c @@ -61,110 +61,100 @@ purposes); #include "alias_local.h" u_short -LibAliasInternetChecksum(struct libalias *la, u_short *ptr, int nbytes) +LibAliasInternetChecksum(struct libalias *la, u_short * ptr, int nbytes) { - int sum, oddbyte; + int sum, oddbyte; - sum = 0; - while (nbytes > 1) - { - sum += *ptr++; - nbytes -= 2; - } - if (nbytes == 1) - { - oddbyte = 0; - ((u_char *) &oddbyte)[0] = *(u_char *) ptr; - ((u_char *) &oddbyte)[1] = 0; - sum += oddbyte; - } - sum = (sum >> 16) + (sum & 0xffff); - sum += (sum >> 16); - return(~sum); + sum = 0; + while (nbytes > 1) { + sum += *ptr++; + nbytes -= 2; + } + if (nbytes == 1) { + oddbyte = 0; + ((u_char *) & oddbyte)[0] = *(u_char *) ptr; + ((u_char *) & oddbyte)[1] = 0; + sum += oddbyte; + } + sum = (sum >> 16) + (sum & 0xffff); + sum += (sum >> 16); + return (~sum); } u_short IpChecksum(struct ip *pip) { - return( PacketAliasInternetChecksum((u_short *) pip, - (pip->ip_hl << 2)) ); + return (PacketAliasInternetChecksum((u_short *) pip, + (pip->ip_hl << 2))); } u_short TcpChecksum(struct ip *pip) { - u_short *ptr; - struct tcphdr *tc; - int nhdr, ntcp, nbytes; - int sum, oddbyte; + u_short *ptr; + struct tcphdr *tc; + int nhdr, ntcp, nbytes; + int sum, oddbyte; - nhdr = pip->ip_hl << 2; - ntcp = ntohs(pip->ip_len) - nhdr; + nhdr = pip->ip_hl << 2; + ntcp = ntohs(pip->ip_len) - nhdr; - tc = (struct tcphdr *) ((char *) pip + nhdr); - ptr = (u_short *) tc; + tc = (struct tcphdr *)((char *)pip + nhdr); + ptr = (u_short *) tc; /* Add up TCP header and data */ - nbytes = ntcp; - sum = 0; - while (nbytes > 1) - { - sum += *ptr++; - nbytes -= 2; - } - if (nbytes == 1) - { - oddbyte = 0; - ((u_char *) &oddbyte)[0] = *(u_char *) ptr; - ((u_char *) &oddbyte)[1] = 0; - sum += oddbyte; - } - + nbytes = ntcp; + sum = 0; + while (nbytes > 1) { + sum += *ptr++; + nbytes -= 2; + } + if (nbytes == 1) { + oddbyte = 0; + ((u_char *) & oddbyte)[0] = *(u_char *) ptr; + ((u_char *) & oddbyte)[1] = 0; + sum += oddbyte; + } /* "Pseudo-header" data */ - ptr = (u_short *) &(pip->ip_dst); - sum += *ptr++; - sum += *ptr; - ptr = (u_short *) &(pip->ip_src); - sum += *ptr++; - sum += *ptr; - sum += htons((u_short) ntcp); - sum += htons((u_short) pip->ip_p); + ptr = (u_short *) & (pip->ip_dst); + sum += *ptr++; + sum += *ptr; + ptr = (u_short *) & (pip->ip_src); + sum += *ptr++; + sum += *ptr; + sum += htons((u_short) ntcp); + sum += htons((u_short) pip->ip_p); /* Roll over carry bits */ - sum = (sum >> 16) + (sum & 0xffff); - sum += (sum >> 16); + sum = (sum >> 16) + (sum & 0xffff); + sum += (sum >> 16); /* Return checksum */ - return((u_short) ~sum); + return ((u_short) ~ sum); } void -DifferentialChecksum(u_short *cksum, u_short *new, u_short *old, int n) +DifferentialChecksum(u_short * cksum, u_short * new, u_short * old, int n) { - int i; - int accumulate; + int i; + int accumulate; - accumulate = *cksum; - for (i=0; i> 16) + (accumulate & 0xffff); - accumulate += accumulate >> 16; - *cksum = (u_short) ~accumulate; - } - else - { - accumulate = (accumulate >> 16) + (accumulate & 0xffff); - accumulate += accumulate >> 16; - *cksum = (u_short) accumulate; - } + if (accumulate < 0) { + accumulate = -accumulate; + accumulate = (accumulate >> 16) + (accumulate & 0xffff); + accumulate += accumulate >> 16; + *cksum = (u_short) ~ accumulate; + } else { + accumulate = (accumulate >> 16) + (accumulate & 0xffff); + accumulate += accumulate >> 16; + *cksum = (u_short) accumulate; + } } -