alias_local.h revision 188294 
1/*-
2 * Copyright (c) 2001 Charles Mott <cm@linktel.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/netinet/libalias/alias_local.h 188294 2009-02-07 18:49:42Z piso $
27 */
28
29/*
30 * Alias_local.h contains the function prototypes for alias.c,
31 * alias_db.c, alias_util.c and alias_ftp.c, alias_irc.c (as well
32 * as any future add-ons).  It also includes macros, globals and
33 * struct definitions shared by more than one alias*.c file.
34 *
35 * This include file is intended to be used only within the aliasing
36 * software.  Outside world interfaces are defined in alias.h
37 *
38 * This software is placed into the public domain with no restrictions
39 * on its distribution.
40 *
41 * Initial version:  August, 1996  (cjm)
42 *
43 * <updated several times by original author and Eivind Eklund>
44 */
45
46#ifndef _ALIAS_LOCAL_H_
47#define	_ALIAS_LOCAL_H_
48
49#include <sys/types.h>
50#include <sys/sysctl.h>
51
52#ifdef _KERNEL
53#include <sys/malloc.h>
54#include <sys/param.h>
55#include <sys/lock.h>
56#include <sys/mutex.h>
57
58/* XXX: LibAliasSetTarget() uses this constant. */
59#define	INADDR_NONE	0xffffffff
60
61#include <netinet/libalias/alias_sctp.h>
62#else
63#include "alias_sctp.h"
64#endif
65
66/* Sizes of input and output link tables */
67#define LINK_TABLE_OUT_SIZE        4001
68#define LINK_TABLE_IN_SIZE         4001
69
70struct proxy_entry;
71
72struct libalias {
73	LIST_ENTRY(libalias) instancelist;
74
75	int		packetAliasMode;	/* Mode flags                      */
76	/* - documented in alias.h  */
77
78	struct in_addr	aliasAddress;	/* Address written onto source     */
79	/* field of IP packet.           */
80
81	struct in_addr	targetAddress;	/* IP address incoming packets     */
82	/* are sent to if no aliasing    */
83	/* link already exists           */
84
85	struct in_addr	nullAddress;	/* Used as a dummy parameter for   */
86	/* some function calls           */
87
88			LIST_HEAD     (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
89	/* Lookup table of pointers to     */
90	/* chains of link records. Each  */
91
92			LIST_HEAD     (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
93	/* link record is doubly indexed */
94	/* into input and output lookup  */
95	/* tables.                       */
96
97	/* Link statistics                 */
98	int		icmpLinkCount;
99	int		udpLinkCount;
100	int		tcpLinkCount;
101	int		pptpLinkCount;
102	int		protoLinkCount;
103	int		fragmentIdLinkCount;
104	int		fragmentPtrLinkCount;
105	int		sockCount;
106
107	int		cleanupIndex;	/* Index to chain of link table    */
108	/* being inspected for old links   */
109
110	int		timeStamp;	/* System time in seconds for      */
111	/* current packet                  */
112
113	int		lastCleanupTime;	/* Last time
114						 * IncrementalCleanup()  */
115	/* was called                      */
116
117	int		deleteAllLinks;	/* If equal to zero, DeleteLink()  */
118	/* will not remove permanent links */
119
120	/* log descriptor        */
121#ifdef  _KERNEL
122	char           *logDesc;
123#else
124	FILE           *logDesc;
125#endif
126	/* statistics monitoring */
127
128	int		newDefaultLink;	/* Indicates if a new aliasing     */
129	/* link has been created after a   */
130	/* call to PacketAliasIn/Out().    */
131
132#ifndef NO_FW_PUNCH
133	int		fireWallFD;	/* File descriptor to be able to   */
134	/* control firewall.  Opened by    */
135	/* PacketAliasSetMode on first     */
136	/* setting the PKT_ALIAS_PUNCH_FW  */
137	/* flag.                           */
138	int		fireWallBaseNum;	/* The first firewall entry
139						 * free for our use */
140	int		fireWallNumNums;	/* How many entries can we
141						 * use? */
142	int		fireWallActiveNum;	/* Which entry did we last
143						 * use? */
144	char           *fireWallField;	/* bool array for entries */
145#endif
146
147	unsigned int	skinnyPort;	/* TCP port used by the Skinny     */
148	/* protocol.                       */
149
150	struct proxy_entry *proxyList;
151
152	struct in_addr	true_addr;	/* in network byte order. */
153	u_short		true_port;	/* in host byte order. */
154
155	/*
156	 * sctp code support
157	 */
158
159	/* counts associations that have progressed to UP and not yet removed */
160	int		sctpLinkCount;
161#ifdef  _KERNEL
162	/* timing queue for keeping track of association timeouts */
163	struct sctp_nat_timer sctpNatTimer;
164
165	/* size of hash table used in this instance */
166	u_int sctpNatTableSize;
167
168/*
169 * local look up table sorted by l_vtag/l_port
170 */
171	LIST_HEAD(sctpNatTableL, sctp_nat_assoc) *sctpTableLocal;
172/*
173 * global look up table sorted by g_vtag/g_port
174 */
175	LIST_HEAD(sctpNatTableG, sctp_nat_assoc) *sctpTableGlobal;
176
177	/*
178	 * avoid races in libalias: every public function has to use it.
179	 */
180	struct mtx mutex;
181#endif
182};
183
184/* Macros */
185
186#ifdef _KERNEL
187#define LIBALIAS_LOCK_INIT(l) \
188        mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF)
189#define LIBALIAS_LOCK_ASSERT(l) mtx_assert(&l->mutex, MA_OWNED)
190#define LIBALIAS_LOCK(l) mtx_lock(&l->mutex)
191#define LIBALIAS_UNLOCK(l) mtx_unlock(&l->mutex)
192#define LIBALIAS_LOCK_DESTROY(l)	mtx_destroy(&l->mutex)
193#else
194#define LIBALIAS_LOCK_INIT(l)
195#define LIBALIAS_LOCK_ASSERT(l)
196#define LIBALIAS_LOCK(l)
197#define LIBALIAS_UNLOCK(l)
198#define LIBALIAS_LOCK_DESTROY(l)
199#endif
200
201/*
202 * The following macro is used to update an
203 * internet checksum.  "delta" is a 32-bit
204 * accumulation of all the changes to the
205 * checksum (adding in new 16-bit words and
206 * subtracting out old words), and "cksum"
207 * is the checksum value to be updated.
208 */
209#define	ADJUST_CHECKSUM(acc, cksum) \
210	do { \
211		acc += cksum; \
212		if (acc < 0) { \
213			acc = -acc; \
214			acc = (acc >> 16) + (acc & 0xffff); \
215			acc += acc >> 16; \
216			cksum = (u_short) ~acc; \
217		} else { \
218			acc = (acc >> 16) + (acc & 0xffff); \
219			acc += acc >> 16; \
220			cksum = (u_short) acc; \
221		} \
222	} while (0)
223
224
225/* Prototypes */
226
227/*
228 * SctpFunction prototypes
229 *
230 */
231void AliasSctpInit(struct libalias *la);
232void AliasSctpTerm(struct libalias *la);
233int SctpAlias(struct libalias *la, struct ip *ip, int direction);
234
235/*
236 * We do not calculate TCP checksums when libalias is a kernel
237 * module, since it has no idea about checksum offloading.
238 * If TCP data has changed, then we just set checksum to zero,
239 * and caller must recalculate it himself.
240 * In case if libalias will edit UDP data, the same approach
241 * should be used.
242 */
243#ifndef _KERNEL
244u_short		IpChecksum(struct ip *_pip);
245u_short		TcpChecksum(struct ip *_pip);
246#endif
247void
248DifferentialChecksum(u_short * _cksum, void * _new, void * _old, int _n);
249
250/* Internal data access */
251struct alias_link *
252FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
253    u_short _id_alias, int _create);
254struct alias_link *
255FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
256    u_short _id, int _create);
257struct alias_link *
258FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
259    u_short _ip_id);
260struct alias_link *
261FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
262    u_short _ip_id);
263struct alias_link *
264		AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
265struct alias_link *
266		FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
267struct alias_link *
268FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
269    u_char _proto);
270struct alias_link *
271FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
272    u_char _proto);
273struct alias_link *
274FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
275    u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
276struct alias_link *
277FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
278    u_short _src_port, u_short _dst_port, u_char _proto, int _create);
279struct alias_link *
280AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
281    struct in_addr _alias_addr, u_int16_t _src_call_id);
282struct alias_link *
283FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
284    struct in_addr _dst_addr, u_int16_t _src_call_id);
285struct alias_link *
286FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
287    struct in_addr _alias_addr, u_int16_t _dst_call_id);
288struct alias_link *
289FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
290    struct in_addr _dst_addr, u_int16_t _dst_call_id);
291struct alias_link *
292FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
293    struct in_addr _alias_addr, u_int16_t _alias_call_id);
294struct alias_link *
295FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
296    u_short _src_port, u_short _alias_port, u_char _proto);
297struct in_addr
298		FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
299struct in_addr
300		FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
301struct in_addr
302FindSctpRedirectAddress(struct libalias *la,  struct sctp_nat_msg *sm);
303
304/* External data access/modification */
305int
306FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
307    u_short _src_port, u_short _dst_port, u_short _port_count,
308    u_char _proto, u_char _align);
309void		GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr);
310void		SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr);
311void		GetFragmentPtr(struct alias_link *_lnk, char **_fptr);
312void		SetFragmentPtr(struct alias_link *_lnk, char *fptr);
313void		SetStateIn(struct alias_link *_lnk, int _state);
314void		SetStateOut(struct alias_link *_lnk, int _state);
315int		GetStateIn (struct alias_link *_lnk);
316int		GetStateOut(struct alias_link *_lnk);
317struct in_addr
318		GetOriginalAddress(struct alias_link *_lnk);
319struct in_addr
320		GetDestAddress(struct alias_link *_lnk);
321struct in_addr
322		GetAliasAddress(struct alias_link *_lnk);
323struct in_addr
324		GetDefaultAliasAddress(struct libalias *la);
325void		SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
326u_short		GetOriginalPort(struct alias_link *_lnk);
327u_short		GetAliasPort(struct alias_link *_lnk);
328struct in_addr
329		GetProxyAddress(struct alias_link *_lnk);
330void		SetProxyAddress(struct alias_link *_lnk, struct in_addr _addr);
331u_short		GetProxyPort(struct alias_link *_lnk);
332void		SetProxyPort(struct alias_link *_lnk, u_short _port);
333void		SetAckModified(struct alias_link *_lnk);
334int		GetAckModified(struct alias_link *_lnk);
335int		GetDeltaAckIn(u_long, struct alias_link *_lnk);
336int             GetDeltaSeqOut(u_long, struct alias_link *lnk);
337void            AddSeq(struct alias_link *lnk, int delta, u_int ip_hl,
338		    u_short ip_len, u_long th_seq, u_int th_off);
339void		SetExpire (struct alias_link *_lnk, int _expire);
340void		ClearCheckNewLink(struct libalias *la);
341void		SetProtocolFlags(struct alias_link *_lnk, int _pflags);
342int		GetProtocolFlags(struct alias_link *_lnk);
343void		SetDestCallId(struct alias_link *_lnk, u_int16_t _cid);
344
345#ifndef NO_FW_PUNCH
346void		PunchFWHole(struct alias_link *_lnk);
347
348#endif
349
350/* Housekeeping function */
351void		HouseKeeping(struct libalias *);
352
353/* Tcp specfic routines */
354/* lint -save -library Suppress flexelint warnings */
355
356/* Transparent proxy routines */
357int
358ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
359    u_short * proxy_server_port, struct in_addr src_addr,
360    struct in_addr dst_addr, u_short dst_port, u_char ip_p);
361void
362ProxyModify(struct libalias *la, struct alias_link *_lnk, struct ip *_pip,
363    int _maxpacketsize, int _proxy_type);
364
365enum alias_tcp_state {
366	ALIAS_TCP_STATE_NOT_CONNECTED,
367	ALIAS_TCP_STATE_CONNECTED,
368	ALIAS_TCP_STATE_DISCONNECTED
369};
370
371#if defined(_NETINET_IP_H_)
372static __inline void *
373ip_next(struct ip *iphdr)
374{
375	char *p = (char *)iphdr;
376	return (&p[iphdr->ip_hl * 4]);
377}
378#endif
379
380#if defined(_NETINET_TCP_H_)
381static __inline void *
382tcp_next(struct tcphdr *tcphdr)
383{
384	char *p = (char *)tcphdr;
385	return (&p[tcphdr->th_off * 4]);
386}
387#endif
388
389#if defined(_NETINET_UDP_H_)
390static __inline void *
391udp_next(struct udphdr *udphdr)
392{
393	return ((void *)(udphdr + 1));
394}
395#endif
396
397#endif				/* !_ALIAS_LOCAL_H_ */
398