Cross Reference: /freebsd-10.2-release/sys/netinet/libalias/alias.c

Deleted Added

sdiff udiff text old ( 61861 ) new ( 63899 )

full compact

alias.c (61861)	alias.c (63899)
1/* -- mode: c; tab-width: 8; c-basic-indent: 4; -- / 2/ 3 Alias.c provides supervisory control for the functions of the 4 packet aliasing software. It consists of routines to monitor 5 TCP connection state, protocol-specific aliasing routines, 6 fragment handling and the following outside world functional 7 interfaces: SaveFragmentPtr, GetFragmentPtr, FragmentAliasIn, 8 PacketAliasIn and PacketAliasOut. --- 62 unchanged lines hidden (view full) --- 71 - Rationalized API function names to begin 72 with "PacketAlias..." 73 - Eliminated PacketAliasIn2() and 74 PacketAliasOut2() as poorly conceived. 75 76 Version 2.3 Dec 1998 (dillon) 77 - Major bounds checking additions, see FreeBSD/CVS 78	1/* -- mode: c; tab-width: 8; c-basic-indent: 4; -- / 2/ 3 Alias.c provides supervisory control for the functions of the 4 packet aliasing software. It consists of routines to monitor 5 TCP connection state, protocol-specific aliasing routines, 6 fragment handling and the following outside world functional 7 interfaces: SaveFragmentPtr, GetFragmentPtr, FragmentAliasIn, 8 PacketAliasIn and PacketAliasOut. --- 62 unchanged lines hidden (view full) --- 71 - Rationalized API function names to begin 72 with "PacketAlias..." 73 - Eliminated PacketAliasIn2() and 74 PacketAliasOut2() as poorly conceived. 75 76 Version 2.3 Dec 1998 (dillon) 77 - Major bounds checking additions, see FreeBSD/CVS 78
79 Version 3.1 May, 2000 (eds)	79 Version 3.1 May, 2000 (salander)
80 - Added hooks to handle PPTP. 81	80 - Added hooks to handle PPTP. 81
	82 Version 3.2 July, 2000 (salander and satoh) 83 - Added PacketUnaliasOut routine. 84 - Added hooks to handle RTSP/RTP. 85
82 See HISTORY file for additional revisions. 83	86 See HISTORY file for additional revisions. 87
84 $FreeBSD: head/sys/netinet/libalias/alias.c 61861 2000-06-20 11:41:48Z ru $	88 $FreeBSD: head/sys/netinet/libalias/alias.c 63899 2000-07-26 23:15:46Z archie $
85/ 86 87#include <sys/types.h> 88 89#include <netinet/in_systm.h> 90#include <netinet/in.h> 91#include <netinet/ip.h> 92#include <netinet/ip_icmp.h> --- 4 unchanged lines hidden* (view full) --- 97#include "alias.h" 98 99#define NETBIOS_NS_PORT_NUMBER 137 100#define NETBIOS_DGM_PORT_NUMBER 138 101#define FTP_CONTROL_PORT_NUMBER 21 102#define IRC_CONTROL_PORT_NUMBER_1 6667 103#define IRC_CONTROL_PORT_NUMBER_2 6668 104#define CUSEEME_PORT_NUMBER 7648	89/ 90 91#include <sys/types.h> 92 93#include <netinet/in_systm.h> 94#include <netinet/in.h> 95#include <netinet/ip.h> 96#include <netinet/ip_icmp.h> --- 4 unchanged lines hidden* (view full) --- 101#include "alias.h" 102 103#define NETBIOS_NS_PORT_NUMBER 137 104#define NETBIOS_DGM_PORT_NUMBER 138 105#define FTP_CONTROL_PORT_NUMBER 21 106#define IRC_CONTROL_PORT_NUMBER_1 6667 107#define IRC_CONTROL_PORT_NUMBER_2 6668 108#define CUSEEME_PORT_NUMBER 7648
	109#define RTSP_CONTROL_PORT_NUMBER_1 554 110#define RTSP_CONTROL_PORT_NUMBER_2 7070
105#define PPTP_CONTROL_PORT_NUMBER 1723 106 107 108 109 110/* TCP Handling Routines 111 112 TcpMonitorIn() -- These routines monitor TCP connections, and --- 994 unchanged lines hidden (view full) --- 1107 1108/* Special processing for IP encoding protocols / 1109* if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER 1110 \|\| ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER) 1111 AliasHandleFtpOut(pip, link, maxpacketsize); 1112 else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1 1113 \|\| ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2) 1114 AliasHandleIrcOut(pip, link, maxpacketsize);	111#define PPTP_CONTROL_PORT_NUMBER 1723 112 113 114 115 116/* TCP Handling Routines 117 118 TcpMonitorIn() -- These routines monitor TCP connections, and --- 994 unchanged lines hidden (view full) --- 1113 1114/* Special processing for IP encoding protocols / 1115* if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER 1116 \|\| ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER) 1117 AliasHandleFtpOut(pip, link, maxpacketsize); 1118 else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1 1119 \|\| ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2) 1120 AliasHandleIrcOut(pip, link, maxpacketsize);
	1121 else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1 1122 \|\| ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1 1123 \|\| ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2 1124 \|\| ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2) 1125 AliasHandleRtspOut(pip, link, maxpacketsize);
1115 else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER 1116 \|\| ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) 1117 AliasHandlePptpOut(pip, link); 1118 1119/* Adjust TCP checksum since source port is being aliased / 1120/ and source address is being altered / 1121* accumulate = tc->th_sport; 1122 tc->th_sport = alias_port; --- 108 unchanged lines hidden (view full) --- 1231 1232/* Outside World Access 1233 1234 PacketAliasSaveFragment() 1235 PacketAliasGetFragment() 1236 PacketAliasFragmentIn() 1237 PacketAliasIn() 1238 PacketAliasOut()	1126 else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER 1127 \|\| ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) 1128 AliasHandlePptpOut(pip, link); 1129 1130/* Adjust TCP checksum since source port is being aliased / 1131/ and source address is being altered / 1132* accumulate = tc->th_sport; 1133 tc->th_sport = alias_port; --- 108 unchanged lines hidden (view full) --- 1242 1243/* Outside World Access 1244 1245 PacketAliasSaveFragment() 1246 PacketAliasGetFragment() 1247 PacketAliasFragmentIn() 1248 PacketAliasIn() 1249 PacketAliasOut()
	1250 PacketUnaliasOut()
1239 1240(prototypes in alias.h) 1241/ 1242* 1243 1244int 1245PacketAliasSaveFragment(char ptr) 1246{ --- 213 unchanged lines hidden* (view full) --- 1460 else 1461 { 1462 iresult = FragmentOut(pip); 1463 } 1464 1465 SetDefaultAliasAddress(addr_save); 1466 return(iresult); 1467}	1251 1252(prototypes in alias.h) 1253/ 1254* 1255 1256int 1257PacketAliasSaveFragment(char ptr) 1258{ --- 213 unchanged lines hidden* (view full) --- 1472 else 1473 { 1474 iresult = FragmentOut(pip); 1475 } 1476 1477 SetDefaultAliasAddress(addr_save); 1478 return(iresult); 1479}
	1480 1481int 1482PacketUnaliasOut(char ptr, / valid IP packet / 1483* int maxpacketsize /* for error checking / 1484* ) 1485{ 1486 struct ip pip; 1487* struct icmp ic; 1488* struct udphdr ud; 1489* struct tcphdr tc; 1490* struct alias_link link; 1491* int iresult = PKT_ALIAS_IGNORED; 1492 1493 pip = (struct ip ) ptr; 1494* 1495 /* Defense against mangled packets / 1496* if (ntohs(pip->ip_len) > maxpacketsize 1497 \|\| (pip->ip_hl<<2) > maxpacketsize) 1498 return(iresult); 1499 1500 ud = (struct udphdr ) ((char ) pip + (pip->ip_hl << 2)); 1501 tc = (struct tcphdr ) ud; 1502* ic = (struct icmp ) ud; 1503* 1504 /* Find a link / 1505* if (pip->ip_p == IPPROTO_UDP) 1506 link = QueryUdpTcpIn(pip->ip_dst, pip->ip_src, 1507 ud->uh_dport, ud->uh_sport, 1508 IPPROTO_UDP); 1509 else if (pip->ip_p == IPPROTO_TCP) 1510 link = QueryUdpTcpIn(pip->ip_dst, pip->ip_src, 1511 tc->th_dport, tc->th_sport, 1512 IPPROTO_TCP); 1513 else if (pip->ip_p == IPPROTO_ICMP) 1514 link = FindIcmpIn(pip->ip_dst, pip->ip_src, ic->icmp_id); 1515 else 1516 link = NULL; 1517 1518 /* Change it from an aliased packet to an unaliased packet / 1519* if (link != NULL) 1520 { 1521 if (pip->ip_p == IPPROTO_UDP \|\| pip->ip_p == IPPROTO_TCP) 1522 { 1523 u_short sptr; 1524* int accumulate; 1525 struct in_addr original_address; 1526 u_short original_port; 1527 1528 original_address = GetOriginalAddress(link); 1529 original_port = GetOriginalPort(link); 1530 1531 /* Adjust TCP/UDP checksum / 1532* sptr = (u_short ) &(pip->ip_src); 1533* accumulate = sptr++; 1534* accumulate += sptr; 1535* sptr = (u_short ) &original_address; 1536* accumulate -= sptr++; 1537* accumulate -= sptr; 1538* 1539 if (pip->ip_p == IPPROTO_UDP) { 1540 accumulate += ud->uh_sport; 1541 accumulate -= original_port; 1542 ADJUST_CHECKSUM(accumulate, ud->uh_sum) 1543 } else { 1544 accumulate += tc->th_sport; 1545 accumulate -= original_port; 1546 ADJUST_CHECKSUM(accumulate, tc->th_sum) 1547 } 1548 1549 /* Adjust IP checksum / 1550* DifferentialChecksum(&pip->ip_sum, 1551 (u_short ) &original_address, 1552* (u_short ) &pip->ip_src, 1553* 2); 1554 1555 /* Un-alias source address and port number / 1556* pip->ip_src = original_address; 1557 if (pip->ip_p == IPPROTO_UDP) 1558 ud->uh_sport = original_port; 1559 else 1560 tc->th_sport = original_port; 1561 1562 iresult = PKT_ALIAS_OK; 1563 1564 } else if (pip->ip_p == IPPROTO_ICMP) { 1565 1566 u_short sptr; 1567* int accumulate; 1568 struct in_addr original_address; 1569 u_short original_id; 1570 1571 original_address = GetOriginalAddress(link); 1572 original_id = GetOriginalPort(link); 1573 1574 /* Adjust ICMP checksum / 1575* sptr = (u_short ) &(pip->ip_src); 1576* accumulate = sptr++; 1577* accumulate += sptr; 1578* sptr = (u_short ) &original_address; 1579* accumulate -= sptr++; 1580* accumulate -= sptr; 1581* accumulate += ic->icmp_id; 1582 accumulate -= original_id; 1583 ADJUST_CHECKSUM(accumulate, ic->icmp_cksum) 1584 1585 /* Adjust IP checksum / 1586* DifferentialChecksum(&pip->ip_sum, 1587 (u_short ) &original_address, 1588* (u_short ) &pip->ip_src, 1589* 2); 1590 1591 /* Un-alias source address and port number / 1592* pip->ip_src = original_address; 1593 ic->icmp_id = original_id; 1594 1595 iresult = PKT_ALIAS_OK; 1596 } 1597 } 1598 return(iresult); 1599 1600}