1145519Sdarrenr/* $FreeBSD: stable/10/contrib/ipfilter/ipsend/ip.c 342023 2018-12-13 03:12:15Z cy $ */ 2145510Sdarrenr 322514Sdarrenr/* 453024Sguido * ip.c (C) 1995-1998 Darren Reed 522514Sdarrenr * 680486Sdarrenr * See the IPFILTER.LICENCE file for details on licencing. 722514Sdarrenr */ 8145510Sdarrenr#if !defined(lint) 9145510Sdarrenrstatic const char sccsid[] = "%W% %G% (C)1995"; 10255332Scystatic const char rcsid[] = "@(#)$Id$"; 1192686Sdarrenr#endif 12145510Sdarrenr#include <sys/param.h> 1322514Sdarrenr#include <sys/types.h> 1422514Sdarrenr#include <netinet/in_systm.h> 1522514Sdarrenr#include <sys/socket.h> 1622514Sdarrenr#include <net/if.h> 1722514Sdarrenr#include <netinet/in.h> 1822514Sdarrenr#include <netinet/ip.h> 1931183Speter#include <sys/param.h> 2022514Sdarrenr#ifndef linux 21255332Scy# include <net/route.h> 2231183Speter# include <netinet/if_ether.h> 2331183Speter# include <netinet/ip_var.h> 2431183Speter# if __FreeBSD_version >= 300000 2531183Speter# include <net/if_var.h> 2631183Speter# endif 2722514Sdarrenr#endif 28145510Sdarrenr#include <errno.h> 29145510Sdarrenr#include <stdio.h> 30145510Sdarrenr#include <stdlib.h> 31145510Sdarrenr#include <unistd.h> 32145510Sdarrenr#include <string.h> 3324583Sdarrenr#include "ipsend.h" 3422514Sdarrenr 3522514Sdarrenr 3622514Sdarrenrstatic char *ipbuf = NULL, *ethbuf = NULL; 3722514Sdarrenr 3822514Sdarrenr 3922514Sdarrenru_short chksum(buf,len) 40255332Scy u_short *buf; 41255332Scy int len; 4222514Sdarrenr{ 4322514Sdarrenr u_long sum = 0; 4422514Sdarrenr int nwords = len >> 1; 4522514Sdarrenr 4622514Sdarrenr for(; nwords > 0; nwords--) 4722514Sdarrenr sum += *buf++; 4822514Sdarrenr sum = (sum>>16) + (sum & 0xffff); 4922514Sdarrenr sum += (sum >>16); 5022514Sdarrenr return (~sum); 5122514Sdarrenr} 5222514Sdarrenr 5322514Sdarrenr 5422514Sdarrenrint send_ether(nfd, buf, len, gwip) 55255332Scy int nfd, len; 56255332Scy char *buf; 57255332Scy struct in_addr gwip; 5822514Sdarrenr{ 5922514Sdarrenr static struct in_addr last_gw; 6022514Sdarrenr static char last_arp[6] = { 0, 0, 0, 0, 0, 0}; 6122514Sdarrenr ether_header_t *eh; 6222514Sdarrenr char *s; 6322514Sdarrenr int err; 6422514Sdarrenr 6522514Sdarrenr if (!ethbuf) 6622514Sdarrenr ethbuf = (char *)calloc(1, 65536+1024); 6722514Sdarrenr s = ethbuf; 6822514Sdarrenr eh = (ether_header_t *)s; 6922514Sdarrenr 7022514Sdarrenr bcopy((char *)buf, s + sizeof(*eh), len); 7122514Sdarrenr if (gwip.s_addr == last_gw.s_addr) 72145510Sdarrenr { 73342023Scy bcopy(last_arp, (char *) &eh->ether_dhost, 6); 74145510Sdarrenr } 75342023Scy else if (arp((char *)&gwip, (char *) &eh->ether_dhost) == -1) 7622514Sdarrenr { 7722514Sdarrenr perror("arp"); 7822514Sdarrenr return -2; 7922514Sdarrenr } 8031183Speter eh->ether_type = htons(ETHERTYPE_IP); 8122514Sdarrenr last_gw.s_addr = gwip.s_addr; 8222514Sdarrenr err = sendip(nfd, s, sizeof(*eh) + len); 8322514Sdarrenr return err; 8422514Sdarrenr} 8522514Sdarrenr 8622514Sdarrenr 8722514Sdarrenr/* 8822514Sdarrenr */ 8922514Sdarrenrint send_ip(nfd, mtu, ip, gwip, frag) 90255332Scy int nfd, mtu; 91255332Scy ip_t *ip; 92255332Scy struct in_addr gwip; 93255332Scy int frag; 9422514Sdarrenr{ 95145510Sdarrenr static struct in_addr last_gw, local_ip; 96145510Sdarrenr static char local_arp[6] = { 0, 0, 0, 0, 0, 0}; 9722514Sdarrenr static char last_arp[6] = { 0, 0, 0, 0, 0, 0}; 9822514Sdarrenr static u_short id = 0; 9922514Sdarrenr ether_header_t *eh; 10022514Sdarrenr ip_t ipsv; 10134739Speter int err, iplen; 10222514Sdarrenr 10322514Sdarrenr if (!ipbuf) 10472003Sdarrenr { 10522514Sdarrenr ipbuf = (char *)malloc(65536); 106145510Sdarrenr if (!ipbuf) 10772003Sdarrenr { 10872003Sdarrenr perror("malloc failed"); 10972003Sdarrenr return -2; 11072003Sdarrenr } 11172003Sdarrenr } 11272003Sdarrenr 11322514Sdarrenr eh = (ether_header_t *)ipbuf; 11422514Sdarrenr 115342023Scy bzero((char *) &eh->ether_shost, sizeof(eh->ether_shost)); 11622514Sdarrenr if (last_gw.s_addr && (gwip.s_addr == last_gw.s_addr)) 117145510Sdarrenr { 118342023Scy bcopy(last_arp, (char *) &eh->ether_dhost, 6); 119145510Sdarrenr } 120342023Scy else if (arp((char *)&gwip, (char *) &eh->ether_dhost) == -1) 12122514Sdarrenr { 12222514Sdarrenr perror("arp"); 12322514Sdarrenr return -2; 12422514Sdarrenr } 125342023Scy bcopy((char *) &eh->ether_dhost, last_arp, sizeof(last_arp)); 12631183Speter eh->ether_type = htons(ETHERTYPE_IP); 12722514Sdarrenr 12822514Sdarrenr bcopy((char *)ip, (char *)&ipsv, sizeof(*ip)); 12922514Sdarrenr last_gw.s_addr = gwip.s_addr; 13034739Speter iplen = ip->ip_len; 13134739Speter ip->ip_len = htons(iplen); 13231183Speter if (!(frag & 2)) { 133145510Sdarrenr if (!IP_V(ip)) 134145510Sdarrenr IP_V_A(ip, IPVERSION); 13531183Speter if (!ip->ip_id) 13631183Speter ip->ip_id = htons(id++); 13731183Speter if (!ip->ip_ttl) 13831183Speter ip->ip_ttl = 60; 13931183Speter } 14022514Sdarrenr 141145510Sdarrenr if (ip->ip_src.s_addr != local_ip.s_addr) { 142342023Scy (void) arp((char *)&ip->ip_src, (char *) &local_arp); 143342023Scy bcopy(local_arp, (char *) &eh->ether_shost,sizeof(last_arp)); 144145510Sdarrenr local_ip = ip->ip_src; 145145510Sdarrenr } else 146342023Scy bcopy(local_arp, (char *) &eh->ether_shost, 6); 147145510Sdarrenr 14834739Speter if (!frag || (sizeof(*eh) + iplen < mtu)) 14922514Sdarrenr { 15022514Sdarrenr ip->ip_sum = 0; 151145510Sdarrenr ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2); 15222514Sdarrenr 15334739Speter bcopy((char *)ip, ipbuf + sizeof(*eh), iplen); 15434739Speter err = sendip(nfd, ipbuf, sizeof(*eh) + iplen); 15522514Sdarrenr } 15622514Sdarrenr else 15722514Sdarrenr { 15822514Sdarrenr /* 15922514Sdarrenr * Actually, this is bogus because we're putting all IP 16022514Sdarrenr * options in every packet, which isn't always what should be 16122514Sdarrenr * done. Will do for now. 16222514Sdarrenr */ 16322514Sdarrenr ether_header_t eth; 16422514Sdarrenr char optcpy[48], ol; 16522514Sdarrenr char *s; 16634739Speter int i, sent = 0, ts, hlen, olen; 16722514Sdarrenr 168145510Sdarrenr hlen = IP_HL(ip) << 2; 16922514Sdarrenr if (mtu < (hlen + 8)) { 17022514Sdarrenr fprintf(stderr, "mtu (%d) < ip header size (%d) + 8\n", 17122514Sdarrenr mtu, hlen); 17222514Sdarrenr fprintf(stderr, "can't fragment data\n"); 17322514Sdarrenr return -2; 17422514Sdarrenr } 175145510Sdarrenr ol = (IP_HL(ip) << 2) - sizeof(*ip); 17622514Sdarrenr for (i = 0, s = (char*)(ip + 1); ol > 0; ) 17722514Sdarrenr if (*s == IPOPT_EOL) { 17822514Sdarrenr optcpy[i++] = *s; 17922514Sdarrenr break; 18022514Sdarrenr } else if (*s == IPOPT_NOP) { 18122514Sdarrenr s++; 18222514Sdarrenr ol--; 18322514Sdarrenr } else 18422514Sdarrenr { 18522514Sdarrenr olen = (int)(*(u_char *)(s + 1)); 18622514Sdarrenr ol -= olen; 18722514Sdarrenr if (IPOPT_COPIED(*s)) 18822514Sdarrenr { 18922514Sdarrenr bcopy(s, optcpy + i, olen); 19022514Sdarrenr i += olen; 19122514Sdarrenr s += olen; 19222514Sdarrenr } 19322514Sdarrenr } 19422514Sdarrenr if (i) 19522514Sdarrenr { 19622514Sdarrenr /* 19722514Sdarrenr * pad out 19822514Sdarrenr */ 19922514Sdarrenr while ((i & 3) && (i & 3) != 3) 20022514Sdarrenr optcpy[i++] = IPOPT_NOP; 20122514Sdarrenr if ((i & 3) == 3) 20222514Sdarrenr optcpy[i++] = IPOPT_EOL; 20322514Sdarrenr } 20422514Sdarrenr 20522514Sdarrenr bcopy((char *)eh, (char *)ð, sizeof(eth)); 20622514Sdarrenr s = (char *)ip + hlen; 20722514Sdarrenr iplen = ntohs(ip->ip_len) - hlen; 20822514Sdarrenr ip->ip_off |= htons(IP_MF); 20922514Sdarrenr 21022514Sdarrenr while (1) 21122514Sdarrenr { 21222514Sdarrenr if ((sent + (mtu - hlen)) >= iplen) 21322514Sdarrenr { 21422514Sdarrenr ip->ip_off ^= htons(IP_MF); 21522514Sdarrenr ts = iplen - sent; 21622514Sdarrenr } 21722514Sdarrenr else 21822514Sdarrenr ts = (mtu - hlen); 21922514Sdarrenr ip->ip_off &= htons(0xe000); 22022514Sdarrenr ip->ip_off |= htons(sent >> 3); 22122514Sdarrenr ts += hlen; 22222514Sdarrenr ip->ip_len = htons(ts); 22322514Sdarrenr ip->ip_sum = 0; 22424583Sdarrenr ip->ip_sum = chksum((u_short *)ip, hlen); 22522514Sdarrenr bcopy((char *)ip, ipbuf + sizeof(*eh), hlen); 22622514Sdarrenr bcopy(s + sent, ipbuf + sizeof(*eh) + hlen, ts - hlen); 22722514Sdarrenr err = sendip(nfd, ipbuf, sizeof(*eh) + ts); 22822514Sdarrenr 22922514Sdarrenr bcopy((char *)ð, ipbuf, sizeof(eth)); 23022514Sdarrenr sent += (ts - hlen); 23122514Sdarrenr if (!(ntohs(ip->ip_off) & IP_MF)) 23222514Sdarrenr break; 23322514Sdarrenr else if (!(ip->ip_off & htons(0x1fff))) 23422514Sdarrenr { 23522514Sdarrenr hlen = i + sizeof(*ip); 236145510Sdarrenr IP_HL_A(ip, (sizeof(*ip) + i) >> 2); 23722514Sdarrenr bcopy(optcpy, (char *)(ip + 1), i); 23822514Sdarrenr } 23922514Sdarrenr } 24022514Sdarrenr } 24122514Sdarrenr 24222514Sdarrenr bcopy((char *)&ipsv, (char *)ip, sizeof(*ip)); 24322514Sdarrenr return err; 24422514Sdarrenr} 24522514Sdarrenr 24622514Sdarrenr 24722514Sdarrenr/* 24822514Sdarrenr * send a tcp packet. 24922514Sdarrenr */ 25022514Sdarrenrint send_tcp(nfd, mtu, ip, gwip) 251255332Scy int nfd, mtu; 252255332Scy ip_t *ip; 253255332Scy struct in_addr gwip; 25422514Sdarrenr{ 25522514Sdarrenr static tcp_seq iss = 2; 256145510Sdarrenr tcphdr_t *t, *t2; 25734739Speter int thlen, i, iplen, hlen; 25834739Speter u_32_t lbuf[20]; 259145510Sdarrenr ip_t *ip2; 26022514Sdarrenr 26134739Speter iplen = ip->ip_len; 262145510Sdarrenr hlen = IP_HL(ip) << 2; 26334739Speter t = (tcphdr_t *)((char *)ip + hlen); 264145510Sdarrenr ip2 = (struct ip *)lbuf; 265145510Sdarrenr t2 = (tcphdr_t *)((char *)ip2 + hlen); 266145510Sdarrenr thlen = TCP_OFF(t) << 2; 26734739Speter if (!thlen) 26834739Speter thlen = sizeof(tcphdr_t); 269145510Sdarrenr bzero((char *)ip2, sizeof(*ip2) + sizeof(*t2)); 27022514Sdarrenr ip->ip_p = IPPROTO_TCP; 271145510Sdarrenr ip2->ip_p = ip->ip_p; 272145510Sdarrenr ip2->ip_src = ip->ip_src; 273145510Sdarrenr ip2->ip_dst = ip->ip_dst; 274145510Sdarrenr bcopy((char *)ip + hlen, (char *)t2, thlen); 27522514Sdarrenr 276145510Sdarrenr if (!t2->th_win) 277145510Sdarrenr t2->th_win = htons(4096); 27834739Speter iss += 63; 27922514Sdarrenr 28034739Speter i = sizeof(struct tcpiphdr) / sizeof(long); 28134739Speter 282145510Sdarrenr if ((t2->th_flags == TH_SYN) && !ntohs(ip->ip_off) && 28334739Speter (lbuf[i] != htonl(0x020405b4))) { 28422514Sdarrenr lbuf[i] = htonl(0x020405b4); 28534739Speter bcopy((char *)ip + hlen + thlen, (char *)ip + hlen + thlen + 4, 28634739Speter iplen - thlen - hlen); 28722514Sdarrenr thlen += 4; 28822514Sdarrenr } 289145510Sdarrenr TCP_OFF_A(t2, thlen >> 2); 290145510Sdarrenr ip2->ip_len = htons(thlen); 29134739Speter ip->ip_len = hlen + thlen; 292145510Sdarrenr t2->th_sum = 0; 293145510Sdarrenr t2->th_sum = chksum((u_short *)ip2, thlen + sizeof(ip_t)); 29422514Sdarrenr 295145510Sdarrenr bcopy((char *)t2, (char *)ip + hlen, thlen); 29622514Sdarrenr return send_ip(nfd, mtu, ip, gwip, 1); 29722514Sdarrenr} 29822514Sdarrenr 29922514Sdarrenr 30022514Sdarrenr/* 30122514Sdarrenr * send a udp packet. 30222514Sdarrenr */ 30322514Sdarrenrint send_udp(nfd, mtu, ip, gwip) 304255332Scy int nfd, mtu; 305255332Scy ip_t *ip; 306255332Scy struct in_addr gwip; 30722514Sdarrenr{ 30822514Sdarrenr struct tcpiphdr *ti; 30922514Sdarrenr int thlen; 31022514Sdarrenr u_long lbuf[20]; 31122514Sdarrenr 31222514Sdarrenr ti = (struct tcpiphdr *)lbuf; 31322514Sdarrenr bzero((char *)ti, sizeof(*ti)); 31422514Sdarrenr thlen = sizeof(udphdr_t); 31522514Sdarrenr ti->ti_pr = ip->ip_p; 31622514Sdarrenr ti->ti_src = ip->ip_src; 31722514Sdarrenr ti->ti_dst = ip->ip_dst; 318145510Sdarrenr bcopy((char *)ip + (IP_HL(ip) << 2), 31922514Sdarrenr (char *)&ti->ti_sport, sizeof(udphdr_t)); 32022514Sdarrenr 32122514Sdarrenr ti->ti_len = htons(thlen); 322145510Sdarrenr ip->ip_len = (IP_HL(ip) << 2) + thlen; 32322514Sdarrenr ti->ti_sum = 0; 32424583Sdarrenr ti->ti_sum = chksum((u_short *)ti, thlen + sizeof(ip_t)); 32522514Sdarrenr 32622514Sdarrenr bcopy((char *)&ti->ti_sport, 327145510Sdarrenr (char *)ip + (IP_HL(ip) << 2), sizeof(udphdr_t)); 32822514Sdarrenr return send_ip(nfd, mtu, ip, gwip, 1); 32922514Sdarrenr} 33022514Sdarrenr 33122514Sdarrenr 33222514Sdarrenr/* 33322514Sdarrenr * send an icmp packet. 33422514Sdarrenr */ 33522514Sdarrenrint send_icmp(nfd, mtu, ip, gwip) 336255332Scy int nfd, mtu; 337255332Scy ip_t *ip; 338255332Scy struct in_addr gwip; 33922514Sdarrenr{ 34022514Sdarrenr struct icmp *ic; 34122514Sdarrenr 342145510Sdarrenr ic = (struct icmp *)((char *)ip + (IP_HL(ip) << 2)); 34322514Sdarrenr 34422514Sdarrenr ic->icmp_cksum = 0; 34524583Sdarrenr ic->icmp_cksum = chksum((u_short *)ic, sizeof(struct icmp)); 34622514Sdarrenr 34722514Sdarrenr return send_ip(nfd, mtu, ip, gwip, 1); 34822514Sdarrenr} 34922514Sdarrenr 35022514Sdarrenr 35122514Sdarrenrint send_packet(nfd, mtu, ip, gwip) 352255332Scy int nfd, mtu; 353255332Scy ip_t *ip; 354255332Scy struct in_addr gwip; 35522514Sdarrenr{ 35622514Sdarrenr switch (ip->ip_p) 35722514Sdarrenr { 35822514Sdarrenr case IPPROTO_TCP : 35922514Sdarrenr return send_tcp(nfd, mtu, ip, gwip); 36022514Sdarrenr case IPPROTO_UDP : 36122514Sdarrenr return send_udp(nfd, mtu, ip, gwip); 36222514Sdarrenr case IPPROTO_ICMP : 36322514Sdarrenr return send_icmp(nfd, mtu, ip, gwip); 36422514Sdarrenr default : 36522514Sdarrenr return send_ip(nfd, mtu, ip, gwip, 1); 36622514Sdarrenr } 36722514Sdarrenr} 368