Cross Reference: /freebsd-11-stable/usr.sbin/ppp/nat

Deleted Added

sdiff udiff text old ( 49180 ) new ( 50059 )

full compact

nat_cmd.c (49180)	nat_cmd.c (50059)
1/- 2 The code in this file was written by Eivind Eklund <perhaps@yes.no>, 3 * who places it in the public domain without restriction. 4 *	1/- 2 The code in this file was written by Eivind Eklund <perhaps@yes.no>, 3 * who places it in the public domain without restriction. 4 *
5 * $Id: alias_cmd.c,v 1.28 1999/07/24 02:53:39 brian Exp $	5 * $Id: alias_cmd.c,v 1.29 1999/07/28 19:39:00 brian Exp $
6 / 7 8#include <sys/param.h> 9#include <netinet/in.h> 10#include <arpa/inet.h> 11#include <netdb.h> 12#include <netinet/in_systm.h> 13#include <netinet/in.h> --- 51 unchanged lines hidden* (view full) --- 65 66 c = b; 67 b = a; 68 a = c; 69 } 70} 71 72int	6 / 7 8#include <sys/param.h> 9#include <netinet/in.h> 10#include <arpa/inet.h> 11#include <netdb.h> 12#include <netinet/in_systm.h> 13#include <netinet/in.h> --- 51 unchanged lines hidden* (view full) --- 65 66 c = b; 67 b = a; 68 a = c; 69 } 70} 71 72int
73alias_RedirectPort(struct cmdargs const *arg)	73nat_RedirectPort(struct cmdargs const *arg)
74{	74{
75 if (!arg->bundle->AliasEnabled) {	75 if (!arg->bundle->NatEnabled) {
76 prompt_Printf(arg->prompt, "Alias not enabled\n"); 77 return 1; 78 } else if (arg->argc == arg->argn + 3 \|\| arg->argc == arg->argn + 4) { 79 char proto_constant; 80 const char proto; 81 struct in_addr localaddr; 82 u_short hlocalport, llocalport; 83 struct in_addr aliasaddr; --- 12 unchanged lines hidden* (view full) --- 96 prompt_Printf(arg->prompt, "port redirect: protocol must be" 97 " tcp or udp\n"); 98 return -1; 99 } 100 101 error = StrToAddrAndPort(arg->argv[arg->argn+1], &localaddr, &llocalport, 102 &hlocalport, proto); 103 if (error) {	76 prompt_Printf(arg->prompt, "Alias not enabled\n"); 77 return 1; 78 } else if (arg->argc == arg->argn + 3 \|\| arg->argc == arg->argn + 4) { 79 char proto_constant; 80 const char proto; 81 struct in_addr localaddr; 82 u_short hlocalport, llocalport; 83 struct in_addr aliasaddr; --- 12 unchanged lines hidden* (view full) --- 96 prompt_Printf(arg->prompt, "port redirect: protocol must be" 97 " tcp or udp\n"); 98 return -1; 99 } 100 101 error = StrToAddrAndPort(arg->argv[arg->argn+1], &localaddr, &llocalport, 102 &hlocalport, proto); 103 if (error) {
104 prompt_Printf(arg->prompt, "alias port: error reading localaddr:port\n");	104 prompt_Printf(arg->prompt, "nat port: error reading localaddr:port\n");
105 return -1; 106 } 107 108 error = StrToPortRange(arg->argv[arg->argn+2], &laliasport, &haliasport, 109 proto); 110 if (error) {	105 return -1; 106 } 107 108 error = StrToPortRange(arg->argv[arg->argn+2], &laliasport, &haliasport, 109 proto); 110 if (error) {
111 prompt_Printf(arg->prompt, "alias port: error reading alias port\n");	111 prompt_Printf(arg->prompt, "nat port: error reading alias port\n");
112 return -1; 113 } 114 aliasaddr.s_addr = INADDR_ANY; 115 116 if (arg->argc == arg->argn + 4) { 117 error = StrToAddrAndPort(arg->argv[arg->argn+3], &remoteaddr, 118 &lremoteport, &hremoteport, proto); 119 if (error) {	112 return -1; 113 } 114 aliasaddr.s_addr = INADDR_ANY; 115 116 if (arg->argc == arg->argn + 4) { 117 error = StrToAddrAndPort(arg->argv[arg->argn+3], &remoteaddr, 118 &lremoteport, &hremoteport, proto); 119 if (error) {
120 prompt_Printf(arg->prompt, "alias port: error reading "	120 prompt_Printf(arg->prompt, "nat port: error reading "
121 "remoteaddr:port\n"); 122 return -1; 123 } 124 } else { 125 remoteaddr.s_addr = INADDR_ANY; 126 lremoteport = hremoteport = 0; 127 } 128 129 lowhigh(&llocalport, &hlocalport); 130 lowhigh(&laliasport, &haliasport); 131 lowhigh(&lremoteport, &hremoteport); 132 133 if (haliasport - laliasport != hlocalport - llocalport) {	121 "remoteaddr:port\n"); 122 return -1; 123 } 124 } else { 125 remoteaddr.s_addr = INADDR_ANY; 126 lremoteport = hremoteport = 0; 127 } 128 129 lowhigh(&llocalport, &hlocalport); 130 lowhigh(&laliasport, &haliasport); 131 lowhigh(&lremoteport, &hremoteport); 132 133 if (haliasport - laliasport != hlocalport - llocalport) {
134 prompt_Printf(arg->prompt, "alias port: local & alias port ranges "	134 prompt_Printf(arg->prompt, "nat port: local & alias port ranges "
135 "are not equal\n"); 136 return -1; 137 } 138 139 if (hremoteport && hremoteport - lremoteport != hlocalport - llocalport) {	135 "are not equal\n"); 136 return -1; 137 } 138 139 if (hremoteport && hremoteport - lremoteport != hlocalport - llocalport) {
140 prompt_Printf(arg->prompt, "alias port: local & remote port ranges "	140 prompt_Printf(arg->prompt, "nat port: local & remote port ranges "
141 "are not equal\n"); 142 return -1; 143 } 144 145 while (laliasport <= haliasport) { 146 link = PacketAliasRedirectPort(localaddr, htons(llocalport), 147 remoteaddr, htons(lremoteport), 148 aliasaddr, htons(laliasport), 149 proto_constant); 150 151 if (link == NULL) {	141 "are not equal\n"); 142 return -1; 143 } 144 145 while (laliasport <= haliasport) { 146 link = PacketAliasRedirectPort(localaddr, htons(llocalport), 147 remoteaddr, htons(lremoteport), 148 aliasaddr, htons(laliasport), 149 proto_constant); 150 151 if (link == NULL) {
152 prompt_Printf(arg->prompt, "alias port: %d: error %d\n", laliasport,	152 prompt_Printf(arg->prompt, "nat port: %d: error %d\n", laliasport,
153 error); 154 return 1; 155 } 156 llocalport++; 157 laliasport++; 158 if (hremoteport) 159 lremoteport++; 160 } 161 162 return 0; 163 } 164 165 return -1; 166} 167 168 169int	153 error); 154 return 1; 155 } 156 llocalport++; 157 laliasport++; 158 if (hremoteport) 159 lremoteport++; 160 } 161 162 return 0; 163 } 164 165 return -1; 166} 167 168 169int
170alias_RedirectAddr(struct cmdargs const *arg)	170nat_RedirectAddr(struct cmdargs const *arg)
171{	171{
172 if (!arg->bundle->AliasEnabled) { 173 prompt_Printf(arg->prompt, "alias not enabled\n");	172 if (!arg->bundle->NatEnabled) { 173 prompt_Printf(arg->prompt, "nat not enabled\n");
174 return 1; 175 } else if (arg->argc == arg->argn+2) { 176 int error; 177 struct in_addr localaddr, aliasaddr; 178 struct alias_link link; 179* 180 error = StrToAddr(arg->argv[arg->argn], &localaddr); 181 if (error) { 182 prompt_Printf(arg->prompt, "address redirect: invalid local address\n"); 183 return 1; 184 } 185 error = StrToAddr(arg->argv[arg->argn+1], &aliasaddr); 186 if (error) { 187 prompt_Printf(arg->prompt, "address redirect: invalid alias address\n");	174 return 1; 175 } else if (arg->argc == arg->argn+2) { 176 int error; 177 struct in_addr localaddr, aliasaddr; 178 struct alias_link link; 179* 180 error = StrToAddr(arg->argv[arg->argn], &localaddr); 181 if (error) { 182 prompt_Printf(arg->prompt, "address redirect: invalid local address\n"); 183 return 1; 184 } 185 error = StrToAddr(arg->argv[arg->argn+1], &aliasaddr); 186 if (error) { 187 prompt_Printf(arg->prompt, "address redirect: invalid alias address\n");
188 prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name,	188 prompt_Printf(arg->prompt, "Usage: nat %s %s\n", arg->cmd->name,
189 arg->cmd->syntax); 190 return 1; 191 } 192 link = PacketAliasRedirectAddr(localaddr, aliasaddr); 193 if (link == NULL) { 194 prompt_Printf(arg->prompt, "address redirect: packet aliasing" 195 " engine error\n");	189 arg->cmd->syntax); 190 return 1; 191 } 192 link = PacketAliasRedirectAddr(localaddr, aliasaddr); 193 if (link == NULL) { 194 prompt_Printf(arg->prompt, "address redirect: packet aliasing" 195 " engine error\n");
196 prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name,	196 prompt_Printf(arg->prompt, "Usage: nat %s %s\n", arg->cmd->name,
197 arg->cmd->syntax); 198 } 199 } else 200 return -1; 201 202 return 0; 203} 204 --- 79 unchanged lines hidden (view full) --- 284 colon = ':'; / Cheat the const-ness ! / 285* if (res != 0) 286 return -1; 287 288 return StrToPortRange(colon + 1, low, high, proto); 289} 290 291int	197 arg->cmd->syntax); 198 } 199 } else 200 return -1; 201 202 return 0; 203} 204 --- 79 unchanged lines hidden (view full) --- 284 colon = ':'; / Cheat the const-ness ! / 285* if (res != 0) 286 return -1; 287 288 return StrToPortRange(colon + 1, low, high, proto); 289} 290 291int
292alias_ProxyRule(struct cmdargs const *arg)	292nat_ProxyRule(struct cmdargs const *arg)
293{ 294 char cmd[LINE_LEN]; 295 int f, pos; 296 size_t len; 297 298 if (arg->argn >= arg->argc) 299 return -1; 300 --- 6 unchanged lines hidden (view full) --- 307 strcpy(cmd + pos, arg->argv[f]); 308 pos += len; 309 } 310 311 return PacketAliasProxyRule(cmd); 312} 313 314int	293{ 294 char cmd[LINE_LEN]; 295 int f, pos; 296 size_t len; 297 298 if (arg->argn >= arg->argc) 299 return -1; 300 --- 6 unchanged lines hidden (view full) --- 307 strcpy(cmd + pos, arg->argv[f]); 308 pos += len; 309 } 310 311 return PacketAliasProxyRule(cmd); 312} 313 314int
315alias_Pptp(struct cmdargs const *arg)	315nat_Pptp(struct cmdargs const *arg)
316{ 317 struct in_addr addr; 318 319 if (arg->argc == arg->argn) { 320 addr.s_addr = INADDR_NONE; 321 PacketAliasPptp(addr); 322 return 0; 323 } --- 7 unchanged lines hidden (view full) --- 331 return 1; 332 } 333 334 PacketAliasPptp(addr); 335 return 0; 336} 337 338static struct mbuf *	316{ 317 struct in_addr addr; 318 319 if (arg->argc == arg->argn) { 320 addr.s_addr = INADDR_NONE; 321 PacketAliasPptp(addr); 322 return 0; 323 } --- 7 unchanged lines hidden (view full) --- 331 return 1; 332 } 333 334 PacketAliasPptp(addr); 335 return 0; 336} 337 338static struct mbuf *
339alias_PadMbuf(struct mbuf *bp, int type)	339nat_PadMbuf(struct mbuf *bp, int type)
340{ 341 struct mbuf *last; 342* int len; 343 344 mbuf_SetType(bp, type); 345 for (last = &bp, len = 0; last != NULL; last = &(last)->next) 346 len += (last)->cnt; 347* 348 len = MAX_MRU - len; 349 last = mbuf_Alloc(len, type); 350* 351 return bp; 352} 353 354static struct mbuf *	340{ 341 struct mbuf *last; 342* int len; 343 344 mbuf_SetType(bp, type); 345 for (last = &bp, len = 0; last != NULL; last = &(last)->next) 346 len += (last)->cnt; 347* 348 len = MAX_MRU - len; 349 last = mbuf_Alloc(len, type); 350* 351 return bp; 352} 353 354static struct mbuf *
355alias_LayerPush(struct bundle bundle, struct link l, struct mbuf *bp,	355nat_LayerPush(struct bundle bundle, struct link l, struct mbuf *bp,
356 int pri, u_short proto) 357*{	356 int pri, u_short proto) 357*{
358 if (!bundle->AliasEnabled \|\| *proto != PROTO_IP)	358 if (!bundle->NatEnabled \|\| *proto != PROTO_IP)
359 return bp; 360	359 return bp; 360
361 log_Printf(LogDEBUG, "alias_LayerPush: PROTO_IP -> PROTO_IP\n"); 362 bp = mbuf_Contiguous(alias_PadMbuf(bp, MB_ALIASOUT));	361 log_Printf(LogDEBUG, "nat_LayerPush: PROTO_IP -> PROTO_IP\n"); 362 bp = mbuf_Contiguous(nat_PadMbuf(bp, MB_NATOUT));
363 PacketAliasOut(MBUF_CTOP(bp), bp->cnt); 364 bp->cnt = ntohs(((struct ip )MBUF_CTOP(bp))->ip_len); 365* 366 return bp; 367} 368 369static struct mbuf *	363 PacketAliasOut(MBUF_CTOP(bp), bp->cnt); 364 bp->cnt = ntohs(((struct ip )MBUF_CTOP(bp))->ip_len); 365* 366 return bp; 367} 368 369static struct mbuf *
370alias_LayerPull(struct bundle bundle, struct link l, struct mbuf *bp,	370nat_LayerPull(struct bundle bundle, struct link l, struct mbuf *bp,
371 u_short proto) 372{ 373* struct ip pip, piip; 374 int ret, len; 375 struct mbuf *last; 376* char fptr; 377*	371 u_short proto) 372{ 373* struct ip pip, piip; 374 int ret, len; 375 struct mbuf *last; 376* char fptr; 377*
378 if (!bundle->AliasEnabled \|\| *proto != PROTO_IP)	378 if (!bundle->NatEnabled \|\| *proto != PROTO_IP)
379 return bp; 380	379 return bp; 380
381 log_Printf(LogDEBUG, "alias_LayerPull: PROTO_IP -> PROTO_IP\n"); 382 bp = mbuf_Contiguous(alias_PadMbuf(bp, MB_ALIASIN));	381 log_Printf(LogDEBUG, "nat_LayerPull: PROTO_IP -> PROTO_IP\n"); 382 bp = mbuf_Contiguous(nat_PadMbuf(bp, MB_NATIN));
383 pip = (struct ip )MBUF_CTOP(bp); 384* piip = (struct ip )((char )pip + (pip->ip_hl << 2)); 385 386 if (pip->ip_p == IPPROTO_IGMP \|\| 387 (pip->ip_p == IPPROTO_IPIP && IN_CLASSD(ntohl(piip->ip_dst.s_addr)))) 388 return bp; 389 390 ret = PacketAliasIn(MBUF_CTOP(bp), bp->cnt); 391 392 bp->cnt = ntohs(pip->ip_len); 393 if (bp->cnt > MAX_MRU) {	383 pip = (struct ip )MBUF_CTOP(bp); 384* piip = (struct ip )((char )pip + (pip->ip_hl << 2)); 385 386 if (pip->ip_p == IPPROTO_IGMP \|\| 387 (pip->ip_p == IPPROTO_IPIP && IN_CLASSD(ntohl(piip->ip_dst.s_addr)))) 388 return bp; 389 390 ret = PacketAliasIn(MBUF_CTOP(bp), bp->cnt); 391 392 bp->cnt = ntohs(pip->ip_len); 393 if (bp->cnt > MAX_MRU) {
394 log_Printf(LogWARN, "alias_LayerPull: Problem with IP header length\n");	394 log_Printf(LogWARN, "nat_LayerPull: Problem with IP header length\n");
395 mbuf_Free(bp); 396 return NULL; 397 } 398 399 switch (ret) { 400 case PKT_ALIAS_OK: 401 break; 402 --- 5 unchanged lines hidden (view full) --- 408 break; 409 410 case PKT_ALIAS_FOUND_HEADER_FRAGMENT: 411 /* Fetch all the saved fragments and chain them on the end of `bp' / 412* last = &bp->pnext; 413 while ((fptr = PacketAliasGetFragment(MBUF_CTOP(bp))) != NULL) { 414 PacketAliasFragmentIn(MBUF_CTOP(bp), fptr); 415 len = ntohs(((struct ip *)fptr)->ip_len);	395 mbuf_Free(bp); 396 return NULL; 397 } 398 399 switch (ret) { 400 case PKT_ALIAS_OK: 401 break; 402 --- 5 unchanged lines hidden (view full) --- 408 break; 409 410 case PKT_ALIAS_FOUND_HEADER_FRAGMENT: 411 /* Fetch all the saved fragments and chain them on the end of `bp' / 412* last = &bp->pnext; 413 while ((fptr = PacketAliasGetFragment(MBUF_CTOP(bp))) != NULL) { 414 PacketAliasFragmentIn(MBUF_CTOP(bp), fptr); 415 len = ntohs(((struct ip *)fptr)->ip_len);
416 *last = mbuf_Alloc(len, MB_ALIASIN);	416 *last = mbuf_Alloc(len, MB_NATIN);
417 memcpy(MBUF_CTOP(last), fptr, len); 418* free(fptr); 419 last = &(last)->pnext; 420* } 421 break; 422 423 default: 424 mbuf_Free(bp); 425 bp = NULL; 426 break; 427 } 428 429 return bp; 430} 431	417 memcpy(MBUF_CTOP(last), fptr, len); 418* free(fptr); 419 last = &(last)->pnext; 420* } 421 break; 422 423 default: 424 mbuf_Free(bp); 425 bp = NULL; 426 break; 427 } 428 429 return bp; 430} 431
432struct layer aliaslayer = 433 { LAYER_ALIAS, "alias", alias_LayerPush, alias_LayerPull };	432struct layer natlayer = 433 { LAYER_NAT, "nat", nat_LayerPush, nat_LayerPull };