| alias_db.c (32392) | alias_db.c (32396) |
|---|---|
| 1/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- 2 Alias_db.c encapsulates all data structures used for storing 3 packet aliasing data. Other parts of the aliasing software 4 access data through functions provided in this file. 5 6 Data storage is based on the notion of a "link", which is 7 established for ICMP echo/reply packets, UDP datagrams and 8 TCP stream connections. A link stores the original source --- 2155 unchanged lines hidden (view full) --- 2164 rule.fw_flg = IP_FW_F_ACCEPT; 2165 rule.fw_prot = IPPROTO_TCP; 2166 rule.fw_smsk.s_addr = INADDR_BROADCAST; 2167 rule.fw_dmsk.s_addr = INADDR_BROADCAST; 2168 2169 /* Build and apply specific part of the rules */ 2170 rule.fw_src = GetOriginalAddress(link); 2171 rule.fw_dst = GetDestAddress(link); | 1/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- 2 Alias_db.c encapsulates all data structures used for storing 3 packet aliasing data. Other parts of the aliasing software 4 access data through functions provided in this file. 5 6 Data storage is based on the notion of a "link", which is 7 established for ICMP echo/reply packets, UDP datagrams and 8 TCP stream connections. A link stores the original source --- 2155 unchanged lines hidden (view full) --- 2164 rule.fw_flg = IP_FW_F_ACCEPT; 2165 rule.fw_prot = IPPROTO_TCP; 2166 rule.fw_smsk.s_addr = INADDR_BROADCAST; 2167 rule.fw_dmsk.s_addr = INADDR_BROADCAST; 2168 2169 /* Build and apply specific part of the rules */ 2170 rule.fw_src = GetOriginalAddress(link); 2171 rule.fw_dst = GetDestAddress(link); |
| 2172 rule.fw_pts[0] = ntohs(GetOriginalPort(link)); 2173 rule.fw_pts[1] = ntohs(GetDestPort(link)); | 2172 rule.fw_uar.fw_pts[0] = ntohs(GetOriginalPort(link)); 2173 rule.fw_uar.fw_pts[1] = ntohs(GetDestPort(link)); |
| 2174 2175 /* Skip non-bound links - XXX should not be strictly necessary, 2176 but seems to leave hole if not done. Leak of non-bound links? 2177 (Code should be left even if the problem is fixed - it is a 2178 clear optimization) */ | 2174 2175 /* Skip non-bound links - XXX should not be strictly necessary, 2176 but seems to leave hole if not done. Leak of non-bound links? 2177 (Code should be left even if the problem is fixed - it is a 2178 clear optimization) */ |
| 2179 if (rule.fw_pts[0] != 0 && rule.fw_pts[1] != 0) { | 2179 if (rule.fw_uar.fw_pts[0] != 0 && rule.fw_uar.fw_pts[1] != 0) { |
| 2180 r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); 2181 if (r) 2182 err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); 2183 rule.fw_src = GetDestAddress(link); 2184 rule.fw_dst = GetOriginalAddress(link); | 2180 r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); 2181 if (r) 2182 err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)"); 2183 rule.fw_src = GetDestAddress(link); 2184 rule.fw_dst = GetOriginalAddress(link); |
| 2185 rule.fw_pts[0] = ntohs(GetDestPort(link)); 2186 rule.fw_pts[1] = ntohs(GetOriginalPort(link)); | 2185 rule.fw_uar.fw_pts[0] = ntohs(GetDestPort(link)); 2186 rule.fw_uar.fw_pts[1] = ntohs(GetOriginalPort(link)); |
| 2187 r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); 2188 if (r) 2189 err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); 2190 } 2191/* Indicate hole applied */ 2192 link->data.tcp->fwhole = fwhole; 2193 fw_setfield(fireWallField, fwhole); 2194} --- 38 unchanged lines hidden --- | 2187 r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule); 2188 if (r) 2189 err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); 2190 } 2191/* Indicate hole applied */ 2192 link->data.tcp->fwhole = fwhole; 2193 fw_setfield(fireWallField, fwhole); 2194} --- 38 unchanged lines hidden --- |