summaryrefslogtreecommitdiffstats
path: root/lib/libalias
diff options
context:
space:
mode:
authordes <des@FreeBSD.org>2004-03-16 21:30:41 +0000
committerdes <des@FreeBSD.org>2004-03-16 21:30:41 +0000
commit3cb81148d8a83b1e6c1a65937f9e6310ba617894 (patch)
treeb367873b0bbb14ba0adf2f65c33ec1670b035d30 /lib/libalias
parent0354260aab76815ce0d09458a84211e4b9e58979 (diff)
downloadFreeBSD-src-3cb81148d8a83b1e6c1a65937f9e6310ba617894.zip
FreeBSD-src-3cb81148d8a83b1e6c1a65937f9e6310ba617894.tar.gz
Run through indent(1) so I can read the code without getting a headache.
The result isn't quite knf, but it's knfer than the original, and far more consistent.
Diffstat (limited to 'lib/libalias')
-rw-r--r--lib/libalias/alias.c2021
-rw-r--r--lib/libalias/alias.h126
-rw-r--r--lib/libalias/alias_cuseeme.c107
-rw-r--r--lib/libalias/alias_db.c3290
-rw-r--r--lib/libalias/alias_ftp.c902
-rw-r--r--lib/libalias/alias_irc.c546
-rw-r--r--lib/libalias/alias_local.h307
-rw-r--r--lib/libalias/alias_nbt.c672
-rw-r--r--lib/libalias/alias_old.c6
-rw-r--r--lib/libalias/alias_pptp.c480
-rw-r--r--lib/libalias/alias_proxy.c1035
-rw-r--r--lib/libalias/alias_skinny.c370
-rw-r--r--lib/libalias/alias_smedia.c538
-rw-r--r--lib/libalias/alias_util.c150
14 files changed, 5233 insertions, 5317 deletions
diff --git a/lib/libalias/alias.c b/lib/libalias/alias.c
index fab7045..19406d4 100644
--- a/lib/libalias/alias.c
+++ b/lib/libalias/alias.c
@@ -1,5 +1,3 @@
-/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- */
-
/*-
* Copyright (c) 2001 Charles Mott <cm@linktel.net>
* All rights reserved.
@@ -153,53 +151,51 @@ a timeout period.
*/
/* Local prototypes */
-static void TcpMonitorIn(struct ip *, struct alias_link *);
+static void TcpMonitorIn(struct ip *, struct alias_link *);
-static void TcpMonitorOut(struct ip *, struct alias_link *);
+static void TcpMonitorOut(struct ip *, struct alias_link *);
static void
TcpMonitorIn(struct ip *pip, struct alias_link *link)
{
- struct tcphdr *tc;
-
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
-
- switch (GetStateIn(link))
- {
- case ALIAS_TCP_STATE_NOT_CONNECTED:
- if (tc->th_flags & TH_RST)
- SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED);
- else if (tc->th_flags & TH_SYN)
- SetStateIn(link, ALIAS_TCP_STATE_CONNECTED);
- break;
- case ALIAS_TCP_STATE_CONNECTED:
- if (tc->th_flags & (TH_FIN | TH_RST))
- SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED);
- break;
- }
+ struct tcphdr *tc;
+
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+
+ switch (GetStateIn(link)) {
+ case ALIAS_TCP_STATE_NOT_CONNECTED:
+ if (tc->th_flags & TH_RST)
+ SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED);
+ else if (tc->th_flags & TH_SYN)
+ SetStateIn(link, ALIAS_TCP_STATE_CONNECTED);
+ break;
+ case ALIAS_TCP_STATE_CONNECTED:
+ if (tc->th_flags & (TH_FIN | TH_RST))
+ SetStateIn(link, ALIAS_TCP_STATE_DISCONNECTED);
+ break;
+ }
}
static void
TcpMonitorOut(struct ip *pip, struct alias_link *link)
{
- struct tcphdr *tc;
-
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
-
- switch (GetStateOut(link))
- {
- case ALIAS_TCP_STATE_NOT_CONNECTED:
- if (tc->th_flags & TH_RST)
- SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED);
- else if (tc->th_flags & TH_SYN)
- SetStateOut(link, ALIAS_TCP_STATE_CONNECTED);
- break;
- case ALIAS_TCP_STATE_CONNECTED:
- if (tc->th_flags & (TH_FIN | TH_RST))
- SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED);
- break;
- }
+ struct tcphdr *tc;
+
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+
+ switch (GetStateOut(link)) {
+ case ALIAS_TCP_STATE_NOT_CONNECTED:
+ if (tc->th_flags & TH_RST)
+ SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED);
+ else if (tc->th_flags & TH_SYN)
+ SetStateOut(link, ALIAS_TCP_STATE_CONNECTED);
+ break;
+ case ALIAS_TCP_STATE_CONNECTED:
+ if (tc->th_flags & (TH_FIN | TH_RST))
+ SetStateOut(link, ALIAS_TCP_STATE_DISCONNECTED);
+ break;
+ }
}
@@ -247,22 +243,22 @@ the gateway machine or other machines on a local area network.
/* Local prototypes */
-static int IcmpAliasIn1(struct libalias *, struct ip *);
-static int IcmpAliasIn2(struct libalias *, struct ip *);
-static int IcmpAliasIn (struct libalias *, struct ip *);
+static int IcmpAliasIn1(struct libalias *, struct ip *);
+static int IcmpAliasIn2(struct libalias *, struct ip *);
+static int IcmpAliasIn(struct libalias *, struct ip *);
-static int IcmpAliasOut1(struct libalias *, struct ip *);
-static int IcmpAliasOut2(struct libalias *, struct ip *);
-static int IcmpAliasOut (struct libalias *, struct ip *);
+static int IcmpAliasOut1(struct libalias *, struct ip *);
+static int IcmpAliasOut2(struct libalias *, struct ip *);
+static int IcmpAliasOut(struct libalias *, struct ip *);
-static int ProtoAliasIn(struct libalias *, struct ip *);
-static int ProtoAliasOut(struct libalias *, struct ip *);
+static int ProtoAliasIn(struct libalias *, struct ip *);
+static int ProtoAliasOut(struct libalias *, struct ip *);
-static int UdpAliasOut(struct libalias *, struct ip *);
-static int UdpAliasIn (struct libalias *, struct ip *);
+static int UdpAliasOut(struct libalias *, struct ip *);
+static int UdpAliasIn(struct libalias *, struct ip *);
-static int TcpAliasOut(struct libalias *, struct ip *, int);
-static int TcpAliasIn (struct libalias *, struct ip *);
+static int TcpAliasOut(struct libalias *, struct ip *, int);
+static int TcpAliasIn(struct libalias *, struct ip *);
static int
@@ -272,43 +268,42 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
De-alias incoming echo and timestamp replies.
Alias incoming echo and timestamp requests.
*/
- struct alias_link *link;
- struct icmp *ic;
+ struct alias_link *link;
+ struct icmp *ic;
- ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
+ ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2));
/* Get source address from ICMP data field and restore original data */
- link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
- if (link != NULL)
- {
- u_short original_id;
- int accumulate;
+ link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
+ if (link != NULL) {
+ u_short original_id;
+ int accumulate;
- original_id = GetOriginalPort(link);
+ original_id = GetOriginalPort(link);
/* Adjust ICMP checksum */
- accumulate = ic->icmp_id;
- accumulate -= original_id;
- ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
+ accumulate = ic->icmp_id;
+ accumulate -= original_id;
+ ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/* Put original sequence number back in */
- ic->icmp_id = original_id;
+ ic->icmp_id = original_id;
/* Put original address back into IP header */
- {
- struct in_addr original_address;
-
- original_address = GetOriginalAddress(link);
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_dst,
- 2);
- pip->ip_dst = original_address;
- }
-
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ {
+ struct in_addr original_address;
+
+ original_address = GetOriginalAddress(link);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_dst,
+ 2);
+ pip->ip_dst = original_address;
+ }
+
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
static int
@@ -318,151 +313,145 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
Alias incoming ICMP error messages containing
IP header and first 64 bits of datagram.
*/
- struct ip *ip;
- struct icmp *ic, *ic2;
- struct udphdr *ud;
- struct tcphdr *tc;
- struct alias_link *link;
-
- ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
- ip = &ic->icmp_ip;
-
- ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2));
- tc = (struct tcphdr *) ud;
- ic2 = (struct icmp *) ud;
-
- if (ip->ip_p == IPPROTO_UDP)
- link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
- ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (ip->ip_p == IPPROTO_TCP)
- link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
- tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
- else
- link = NULL;
- } else
- link = NULL;
-
- if (link != NULL)
- {
- if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP)
- {
- u_short *sptr;
- int accumulate, accumulate2;
- struct in_addr original_address;
- u_short original_port;
-
- original_address = GetOriginalAddress(link);
- original_port = GetOriginalPort(link);
+ struct ip *ip;
+ struct icmp *ic, *ic2;
+ struct udphdr *ud;
+ struct tcphdr *tc;
+ struct alias_link *link;
+
+ ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2));
+ ip = &ic->icmp_ip;
+
+ ud = (struct udphdr *)((char *)ip + (ip->ip_hl << 2));
+ tc = (struct tcphdr *)ud;
+ ic2 = (struct icmp *)ud;
+
+ if (ip->ip_p == IPPROTO_UDP)
+ link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
+ ud->uh_dport, ud->uh_sport,
+ IPPROTO_UDP, 0);
+ else if (ip->ip_p == IPPROTO_TCP)
+ link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
+ tc->th_dport, tc->th_sport,
+ IPPROTO_TCP, 0);
+ else if (ip->ip_p == IPPROTO_ICMP) {
+ if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
+ link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+ else
+ link = NULL;
+ } else
+ link = NULL;
+
+ if (link != NULL) {
+ if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) {
+ u_short *sptr;
+ int accumulate, accumulate2;
+ struct in_addr original_address;
+ u_short original_port;
+
+ original_address = GetOriginalAddress(link);
+ original_port = GetOriginalPort(link);
/* Adjust ICMP checksum */
- sptr = (u_short *) &(ip->ip_src);
- accumulate = *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &original_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- accumulate += ud->uh_sport;
- accumulate -= original_port;
- accumulate2 = accumulate;
- accumulate2 += ip->ip_sum;
- ADJUST_CHECKSUM(accumulate, ip->ip_sum);
- accumulate2 -= ip->ip_sum;
- ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
+ sptr = (u_short *) & (ip->ip_src);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & original_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ accumulate += ud->uh_sport;
+ accumulate -= original_port;
+ accumulate2 = accumulate;
+ accumulate2 += ip->ip_sum;
+ ADJUST_CHECKSUM(accumulate, ip->ip_sum);
+ accumulate2 -= ip->ip_sum;
+ ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
/* Un-alias address in IP header */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_dst,
- 2);
- pip->ip_dst = original_address;
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_dst,
+ 2);
+ pip->ip_dst = original_address;
/* Un-alias address and port number of original IP packet
fragment contained in ICMP data section */
- ip->ip_src = original_address;
- ud->uh_sport = original_port;
- }
- else if (ip->ip_p == IPPROTO_ICMP)
- {
- u_short *sptr;
- int accumulate, accumulate2;
- struct in_addr original_address;
- u_short original_id;
-
- original_address = GetOriginalAddress(link);
- original_id = GetOriginalPort(link);
+ ip->ip_src = original_address;
+ ud->uh_sport = original_port;
+ } else if (ip->ip_p == IPPROTO_ICMP) {
+ u_short *sptr;
+ int accumulate, accumulate2;
+ struct in_addr original_address;
+ u_short original_id;
+
+ original_address = GetOriginalAddress(link);
+ original_id = GetOriginalPort(link);
/* Adjust ICMP checksum */
- sptr = (u_short *) &(ip->ip_src);
- accumulate = *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &original_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- accumulate += ic2->icmp_id;
- accumulate -= original_id;
- accumulate2 = accumulate;
- accumulate2 += ip->ip_sum;
- ADJUST_CHECKSUM(accumulate, ip->ip_sum);
- accumulate2 -= ip->ip_sum;
- ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
+ sptr = (u_short *) & (ip->ip_src);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & original_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ accumulate += ic2->icmp_id;
+ accumulate -= original_id;
+ accumulate2 = accumulate;
+ accumulate2 += ip->ip_sum;
+ ADJUST_CHECKSUM(accumulate, ip->ip_sum);
+ accumulate2 -= ip->ip_sum;
+ ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
/* Un-alias address in IP header */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_dst,
- 2);
- pip->ip_dst = original_address;
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_dst,
+ 2);
+ pip->ip_dst = original_address;
/* Un-alias address of original IP packet and sequence number of
embedded ICMP datagram */
- ip->ip_src = original_address;
- ic2->icmp_id = original_id;
- }
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ ip->ip_src = original_address;
+ ic2->icmp_id = original_id;
+ }
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
static int
IcmpAliasIn(struct libalias *la, struct ip *pip)
{
- int iresult;
- struct icmp *ic;
+ int iresult;
+ struct icmp *ic;
/* Return if proxy-only mode is enabled */
- if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
- return PKT_ALIAS_OK;
-
- ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
-
- iresult = PKT_ALIAS_IGNORED;
- switch (ic->icmp_type)
- {
- case ICMP_ECHOREPLY:
- case ICMP_TSTAMPREPLY:
- if (ic->icmp_code == 0)
- {
- iresult = IcmpAliasIn1(la, pip);
- }
- break;
- case ICMP_UNREACH:
- case ICMP_SOURCEQUENCH:
- case ICMP_TIMXCEED:
- case ICMP_PARAMPROB:
- iresult = IcmpAliasIn2(la, pip);
- break;
- case ICMP_ECHO:
- case ICMP_TSTAMP:
- iresult = IcmpAliasIn1(la, pip);
- break;
- }
- return(iresult);
+ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+ return PKT_ALIAS_OK;
+
+ ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2));
+
+ iresult = PKT_ALIAS_IGNORED;
+ switch (ic->icmp_type) {
+ case ICMP_ECHOREPLY:
+ case ICMP_TSTAMPREPLY:
+ if (ic->icmp_code == 0) {
+ iresult = IcmpAliasIn1(la, pip);
+ }
+ break;
+ case ICMP_UNREACH:
+ case ICMP_SOURCEQUENCH:
+ case ICMP_TIMXCEED:
+ case ICMP_PARAMPROB:
+ iresult = IcmpAliasIn2(la, pip);
+ break;
+ case ICMP_ECHO:
+ case ICMP_TSTAMP:
+ iresult = IcmpAliasIn1(la, pip);
+ break;
+ }
+ return (iresult);
}
@@ -473,43 +462,42 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip)
Alias outgoing echo and timestamp requests.
De-alias outgoing echo and timestamp replies.
*/
- struct alias_link *link;
- struct icmp *ic;
+ struct alias_link *link;
+ struct icmp *ic;
- ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
+ ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2));
/* Save overwritten data for when echo packet returns */
- link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
- if (link != NULL)
- {
- u_short alias_id;
- int accumulate;
+ link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
+ if (link != NULL) {
+ u_short alias_id;
+ int accumulate;
- alias_id = GetAliasPort(link);
+ alias_id = GetAliasPort(link);
/* Since data field is being modified, adjust ICMP checksum */
- accumulate = ic->icmp_id;
- accumulate -= alias_id;
- ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
+ accumulate = ic->icmp_id;
+ accumulate -= alias_id;
+ ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/* Alias sequence number */
- ic->icmp_id = alias_id;
+ ic->icmp_id = alias_id;
/* Change source address */
- {
- struct in_addr alias_address;
-
- alias_address = GetAliasAddress(link);
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &alias_address,
- (u_short *) &pip->ip_src,
- 2);
- pip->ip_src = alias_address;
- }
-
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ {
+ struct in_addr alias_address;
+
+ alias_address = GetAliasAddress(link);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & alias_address,
+ (u_short *) & pip->ip_src,
+ 2);
+ pip->ip_src = alias_address;
+ }
+
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
@@ -520,152 +508,144 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip)
Alias outgoing ICMP error messages containing
IP header and first 64 bits of datagram.
*/
- struct ip *ip;
- struct icmp *ic, *ic2;
- struct udphdr *ud;
- struct tcphdr *tc;
- struct alias_link *link;
-
- ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
- ip = &ic->icmp_ip;
-
- ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2));
- tc = (struct tcphdr *) ud;
- ic2 = (struct icmp *) ud;
-
- if (ip->ip_p == IPPROTO_UDP)
- link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
- ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (ip->ip_p == IPPROTO_TCP)
- link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
- tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
- else
- link = NULL;
- } else
- link = NULL;
-
- if (link != NULL)
- {
- if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP)
- {
- u_short *sptr;
- int accumulate;
- struct in_addr alias_address;
- u_short alias_port;
-
- alias_address = GetAliasAddress(link);
- alias_port = GetAliasPort(link);
+ struct ip *ip;
+ struct icmp *ic, *ic2;
+ struct udphdr *ud;
+ struct tcphdr *tc;
+ struct alias_link *link;
+
+ ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2));
+ ip = &ic->icmp_ip;
+
+ ud = (struct udphdr *)((char *)ip + (ip->ip_hl << 2));
+ tc = (struct tcphdr *)ud;
+ ic2 = (struct icmp *)ud;
+
+ if (ip->ip_p == IPPROTO_UDP)
+ link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
+ ud->uh_dport, ud->uh_sport,
+ IPPROTO_UDP, 0);
+ else if (ip->ip_p == IPPROTO_TCP)
+ link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
+ tc->th_dport, tc->th_sport,
+ IPPROTO_TCP, 0);
+ else if (ip->ip_p == IPPROTO_ICMP) {
+ if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
+ link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+ else
+ link = NULL;
+ } else
+ link = NULL;
+
+ if (link != NULL) {
+ if (ip->ip_p == IPPROTO_UDP || ip->ip_p == IPPROTO_TCP) {
+ u_short *sptr;
+ int accumulate;
+ struct in_addr alias_address;
+ u_short alias_port;
+
+ alias_address = GetAliasAddress(link);
+ alias_port = GetAliasPort(link);
/* Adjust ICMP checksum */
- sptr = (u_short *) &(ip->ip_dst);
- accumulate = *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &alias_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- accumulate += ud->uh_dport;
- accumulate -= alias_port;
- ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
+ sptr = (u_short *) & (ip->ip_dst);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & alias_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ accumulate += ud->uh_dport;
+ accumulate -= alias_port;
+ ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/*
* Alias address in IP header if it comes from the host
* the original TCP/UDP packet was destined for.
*/
- if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &alias_address,
- (u_short *) &pip->ip_src,
- 2);
- pip->ip_src = alias_address;
- }
-
+ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & alias_address,
+ (u_short *) & pip->ip_src,
+ 2);
+ pip->ip_src = alias_address;
+ }
/* Alias address and port number of original IP packet
fragment contained in ICMP data section */
- ip->ip_dst = alias_address;
- ud->uh_dport = alias_port;
- }
- else if (ip->ip_p == IPPROTO_ICMP)
- {
- u_short *sptr;
- int accumulate;
- struct in_addr alias_address;
- u_short alias_id;
-
- alias_address = GetAliasAddress(link);
- alias_id = GetAliasPort(link);
+ ip->ip_dst = alias_address;
+ ud->uh_dport = alias_port;
+ } else if (ip->ip_p == IPPROTO_ICMP) {
+ u_short *sptr;
+ int accumulate;
+ struct in_addr alias_address;
+ u_short alias_id;
+
+ alias_address = GetAliasAddress(link);
+ alias_id = GetAliasPort(link);
/* Adjust ICMP checksum */
- sptr = (u_short *) &(ip->ip_dst);
- accumulate = *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &alias_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- accumulate += ic2->icmp_id;
- accumulate -= alias_id;
- ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
+ sptr = (u_short *) & (ip->ip_dst);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & alias_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ accumulate += ic2->icmp_id;
+ accumulate -= alias_id;
+ ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/*
* Alias address in IP header if it comes from the host
* the original ICMP message was destined for.
*/
- if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &alias_address,
- (u_short *) &pip->ip_src,
- 2);
- pip->ip_src = alias_address;
- }
-
+ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) {
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & alias_address,
+ (u_short *) & pip->ip_src,
+ 2);
+ pip->ip_src = alias_address;
+ }
/* Alias address of original IP packet and sequence number of
embedded ICMP datagram */
- ip->ip_dst = alias_address;
- ic2->icmp_id = alias_id;
- }
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ ip->ip_dst = alias_address;
+ ic2->icmp_id = alias_id;
+ }
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
static int
IcmpAliasOut(struct libalias *la, struct ip *pip)
{
- int iresult;
- struct icmp *ic;
+ int iresult;
+ struct icmp *ic;
/* Return if proxy-only mode is enabled */
- if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
- return PKT_ALIAS_OK;
-
- ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
-
- iresult = PKT_ALIAS_IGNORED;
- switch (ic->icmp_type)
- {
- case ICMP_ECHO:
- case ICMP_TSTAMP:
- if (ic->icmp_code == 0)
- {
- iresult = IcmpAliasOut1(la, pip);
- }
- break;
- case ICMP_UNREACH:
- case ICMP_SOURCEQUENCH:
- case ICMP_TIMXCEED:
- case ICMP_PARAMPROB:
- iresult = IcmpAliasOut2(la, pip);
- break;
- case ICMP_ECHOREPLY:
- case ICMP_TSTAMPREPLY:
- iresult = IcmpAliasOut1(la, pip);
- }
- return(iresult);
+ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+ return PKT_ALIAS_OK;
+
+ ic = (struct icmp *)((char *)pip + (pip->ip_hl << 2));
+
+ iresult = PKT_ALIAS_IGNORED;
+ switch (ic->icmp_type) {
+ case ICMP_ECHO:
+ case ICMP_TSTAMP:
+ if (ic->icmp_code == 0) {
+ iresult = IcmpAliasOut1(la, pip);
+ }
+ break;
+ case ICMP_UNREACH:
+ case ICMP_SOURCEQUENCH:
+ case ICMP_TIMXCEED:
+ case ICMP_PARAMPROB:
+ iresult = IcmpAliasOut2(la, pip);
+ break;
+ case ICMP_ECHOREPLY:
+ case ICMP_TSTAMPREPLY:
+ iresult = IcmpAliasOut1(la, pip);
+ }
+ return (iresult);
}
@@ -679,29 +659,28 @@ ProtoAliasIn(struct libalias *la, struct ip *pip)
the dest IP address of the packet to our inside
machine.
*/
- struct alias_link *link;
+ struct alias_link *link;
/* Return if proxy-only mode is enabled */
- if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
- return PKT_ALIAS_OK;
+ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+ return PKT_ALIAS_OK;
- link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p);
- if (link != NULL)
- {
- struct in_addr original_address;
+ link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p);
+ if (link != NULL) {
+ struct in_addr original_address;
- original_address = GetOriginalAddress(link);
+ original_address = GetOriginalAddress(link);
/* Restore original IP address */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_dst,
- 2);
- pip->ip_dst = original_address;
-
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_dst,
+ 2);
+ pip->ip_dst = original_address;
+
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
@@ -713,180 +692,173 @@ ProtoAliasOut(struct libalias *la, struct ip *pip)
only thing which is done in this case is to alias
the source IP address of the packet.
*/
- struct alias_link *link;
+ struct alias_link *link;
/* Return if proxy-only mode is enabled */
- if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
- return PKT_ALIAS_OK;
+ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+ return PKT_ALIAS_OK;
- link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p);
- if (link != NULL)
- {
- struct in_addr alias_address;
+ link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p);
+ if (link != NULL) {
+ struct in_addr alias_address;
- alias_address = GetAliasAddress(link);
+ alias_address = GetAliasAddress(link);
/* Change source address */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &alias_address,
- (u_short *) &pip->ip_src,
- 2);
- pip->ip_src = alias_address;
-
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & alias_address,
+ (u_short *) & pip->ip_src,
+ 2);
+ pip->ip_src = alias_address;
+
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
static int
UdpAliasIn(struct libalias *la, struct ip *pip)
{
- struct udphdr *ud;
- struct alias_link *link;
+ struct udphdr *ud;
+ struct alias_link *link;
/* Return if proxy-only mode is enabled */
- if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
- return PKT_ALIAS_OK;
-
- ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
-
- link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
- ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, 1);
- if (link != NULL)
- {
- struct in_addr alias_address;
- struct in_addr original_address;
- u_short alias_port;
- int accumulate;
- u_short *sptr;
- int r = 0;
-
- alias_address = GetAliasAddress(link);
- original_address = GetOriginalAddress(link);
- alias_port = ud->uh_dport;
- ud->uh_dport = GetOriginalPort(link);
+ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+ return PKT_ALIAS_OK;
+
+ ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
+
+ link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
+ ud->uh_sport, ud->uh_dport,
+ IPPROTO_UDP, 1);
+ if (link != NULL) {
+ struct in_addr alias_address;
+ struct in_addr original_address;
+ u_short alias_port;
+ int accumulate;
+ u_short *sptr;
+ int r = 0;
+
+ alias_address = GetAliasAddress(link);
+ original_address = GetOriginalAddress(link);
+ alias_port = ud->uh_dport;
+ ud->uh_dport = GetOriginalPort(link);
/* Special processing for IP encoding protocols */
- if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
- AliasHandleCUSeeMeIn(la, pip, original_address);
+ if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
+ AliasHandleCUSeeMeIn(la, pip, original_address);
/* If NETBIOS Datagram, It should be alias address in UDP Data, too */
- else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
- || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
- r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport);
- else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
- || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
- r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port,
- &original_address, &ud->uh_dport);
+ else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
+ || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
+ r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport);
+ else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
+ || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
+ r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port,
+ &original_address, &ud->uh_dport);
/* If UDP checksum is not zero, then adjust since destination port */
/* is being unaliased and destination address is being altered. */
- if (ud->uh_sum != 0)
- {
- accumulate = alias_port;
- accumulate -= ud->uh_dport;
- sptr = (u_short *) &alias_address;
- accumulate += *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &original_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- ADJUST_CHECKSUM(accumulate, ud->uh_sum);
- }
-
+ if (ud->uh_sum != 0) {
+ accumulate = alias_port;
+ accumulate -= ud->uh_dport;
+ sptr = (u_short *) & alias_address;
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & original_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ ADJUST_CHECKSUM(accumulate, ud->uh_sum);
+ }
/* Restore original IP address */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_dst,
- 2);
- pip->ip_dst = original_address;
-
- /*
- * If we cannot figure out the packet, ignore it.
- */
- if (r < 0)
- return(PKT_ALIAS_IGNORED);
- else
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_dst,
+ 2);
+ pip->ip_dst = original_address;
+
+ /*
+ * If we cannot figure out the packet, ignore it.
+ */
+ if (r < 0)
+ return (PKT_ALIAS_IGNORED);
+ else
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
static int
UdpAliasOut(struct libalias *la, struct ip *pip)
{
- struct udphdr *ud;
- struct alias_link *link;
+ struct udphdr *ud;
+ struct alias_link *link;
/* Return if proxy-only mode is enabled */
- if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
- return PKT_ALIAS_OK;
+ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+ return PKT_ALIAS_OK;
- ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
+ ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
- link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
- ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, 1);
- if (link != NULL)
- {
- u_short alias_port;
- struct in_addr alias_address;
+ link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
+ ud->uh_sport, ud->uh_dport,
+ IPPROTO_UDP, 1);
+ if (link != NULL) {
+ u_short alias_port;
+ struct in_addr alias_address;
- alias_address = GetAliasAddress(link);
- alias_port = GetAliasPort(link);
+ alias_address = GetAliasAddress(link);
+ alias_port = GetAliasPort(link);
/* Special processing for IP encoding protocols */
- if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
- AliasHandleCUSeeMeOut(la, pip, link);
+ if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
+ AliasHandleCUSeeMeOut(la, pip, link);
/* If NETBIOS Datagram, It should be alias address in UDP Data, too */
- else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
- || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
- AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port);
- else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
- || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
- AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport,
- &alias_address, &alias_port);
+ else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
+ || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
+ AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port);
+ else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
+ || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
+ AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport,
+ &alias_address, &alias_port);
/*
* We don't know in advance what TID the TFTP server will choose,
* so we create a wilcard link (destination port is unspecified)
* that will match any TID from a given destination.
*/
- else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER)
- FindRtspOut(la, pip->ip_src, pip->ip_dst,
- ud->uh_sport, alias_port, IPPROTO_UDP);
+ else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER)
+ FindRtspOut(la, pip->ip_src, pip->ip_dst,
+ ud->uh_sport, alias_port, IPPROTO_UDP);
/* If UDP checksum is not zero, adjust since source port is */
/* being aliased and source address is being altered */
- if (ud->uh_sum != 0)
- {
- int accumulate;
- u_short *sptr;
-
- accumulate = ud->uh_sport;
- accumulate -= alias_port;
- sptr = (u_short *) &(pip->ip_src);
- accumulate += *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &alias_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- ADJUST_CHECKSUM(accumulate, ud->uh_sum);
- }
-
+ if (ud->uh_sum != 0) {
+ int accumulate;
+ u_short *sptr;
+
+ accumulate = ud->uh_sport;
+ accumulate -= alias_port;
+ sptr = (u_short *) & (pip->ip_src);
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & alias_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ ADJUST_CHECKSUM(accumulate, ud->uh_sum);
+ }
/* Put alias port in UDP header */
- ud->uh_sport = alias_port;
+ ud->uh_sport = alias_port;
/* Change source address */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &alias_address,
- (u_short *) &pip->ip_src,
- 2);
- pip->ip_src = alias_address;
-
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & alias_address,
+ (u_short *) & pip->ip_src,
+ 2);
+ pip->ip_src = alias_address;
+
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
@@ -894,264 +866,248 @@ UdpAliasOut(struct libalias *la, struct ip *pip)
static int
TcpAliasIn(struct libalias *la, struct ip *pip)
{
- struct tcphdr *tc;
- struct alias_link *link;
-
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
-
- link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
- tc->th_sport, tc->th_dport,
- IPPROTO_TCP,
- !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
- if (link != NULL)
- {
- struct in_addr alias_address;
- struct in_addr original_address;
- struct in_addr proxy_address;
- u_short alias_port;
- u_short proxy_port;
- int accumulate;
- u_short *sptr;
+ struct tcphdr *tc;
+ struct alias_link *link;
+
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+
+ link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
+ tc->th_sport, tc->th_dport,
+ IPPROTO_TCP,
+ !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
+ if (link != NULL) {
+ struct in_addr alias_address;
+ struct in_addr original_address;
+ struct in_addr proxy_address;
+ u_short alias_port;
+ u_short proxy_port;
+ int accumulate;
+ u_short *sptr;
/* Special processing for IP encoding protocols */
- if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
- || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
- AliasHandlePptpIn(la, pip, link);
- else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort
- || ntohs(tc->th_sport) == la->skinnyPort))
- AliasHandleSkinny(la, pip, link);
-
- alias_address = GetAliasAddress(link);
- original_address = GetOriginalAddress(link);
- proxy_address = GetProxyAddress(link);
- alias_port = tc->th_dport;
- tc->th_dport = GetOriginalPort(link);
- proxy_port = GetProxyPort(link);
+ if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
+ || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
+ AliasHandlePptpIn(la, pip, link);
+ else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort
+ || ntohs(tc->th_sport) == la->skinnyPort))
+ AliasHandleSkinny(la, pip, link);
+
+ alias_address = GetAliasAddress(link);
+ original_address = GetOriginalAddress(link);
+ proxy_address = GetProxyAddress(link);
+ alias_port = tc->th_dport;
+ tc->th_dport = GetOriginalPort(link);
+ proxy_port = GetProxyPort(link);
/* Adjust TCP checksum since destination port is being unaliased */
/* and destination port is being altered. */
- accumulate = alias_port;
- accumulate -= tc->th_dport;
- sptr = (u_short *) &alias_address;
- accumulate += *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &original_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
+ accumulate = alias_port;
+ accumulate -= tc->th_dport;
+ sptr = (u_short *) & alias_address;
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & original_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
/* If this is a proxy, then modify the TCP source port and
checksum accumulation */
- if (proxy_port != 0)
- {
- accumulate += tc->th_sport;
- tc->th_sport = proxy_port;
- accumulate -= tc->th_sport;
-
- sptr = (u_short *) &pip->ip_src;
- accumulate += *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &proxy_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- }
-
+ if (proxy_port != 0) {
+ accumulate += tc->th_sport;
+ tc->th_sport = proxy_port;
+ accumulate -= tc->th_sport;
+
+ sptr = (u_short *) & pip->ip_src;
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & proxy_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ }
/* See if ACK number needs to be modified */
- if (GetAckModified(link) == 1)
- {
- int delta;
-
- delta = GetDeltaAckIn(pip, link);
- if (delta != 0)
- {
- sptr = (u_short *) &tc->th_ack;
- accumulate += *sptr++;
- accumulate += *sptr;
- tc->th_ack = htonl(ntohl(tc->th_ack) - delta);
- sptr = (u_short *) &tc->th_ack;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- }
- }
-
- ADJUST_CHECKSUM(accumulate, tc->th_sum);
+ if (GetAckModified(link) == 1) {
+ int delta;
+
+ delta = GetDeltaAckIn(pip, link);
+ if (delta != 0) {
+ sptr = (u_short *) & tc->th_ack;
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ tc->th_ack = htonl(ntohl(tc->th_ack) - delta);
+ sptr = (u_short *) & tc->th_ack;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ }
+ }
+ ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Restore original IP address */
- sptr = (u_short *) &pip->ip_dst;
- accumulate = *sptr++;
- accumulate += *sptr;
- pip->ip_dst = original_address;
- sptr = (u_short *) &pip->ip_dst;
- accumulate -= *sptr++;
- accumulate -= *sptr;
+ sptr = (u_short *) & pip->ip_dst;
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ pip->ip_dst = original_address;
+ sptr = (u_short *) & pip->ip_dst;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
/* If this is a transparent proxy packet, then modify the source
address */
- if (proxy_address.s_addr != 0)
- {
- sptr = (u_short *) &pip->ip_src;
- accumulate += *sptr++;
- accumulate += *sptr;
- pip->ip_src = proxy_address;
- sptr = (u_short *) &pip->ip_src;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- }
-
- ADJUST_CHECKSUM(accumulate, pip->ip_sum);
+ if (proxy_address.s_addr != 0) {
+ sptr = (u_short *) & pip->ip_src;
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ pip->ip_src = proxy_address;
+ sptr = (u_short *) & pip->ip_src;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ }
+ ADJUST_CHECKSUM(accumulate, pip->ip_sum);
/* Monitor TCP connection state */
- TcpMonitorIn(pip, link);
+ TcpMonitorIn(pip, link);
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
static int
TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize)
{
- int proxy_type;
- u_short dest_port;
- u_short proxy_server_port;
- struct in_addr dest_address;
- struct in_addr proxy_server_address;
- struct tcphdr *tc;
- struct alias_link *link;
+ int proxy_type;
+ u_short dest_port;
+ u_short proxy_server_port;
+ struct in_addr dest_address;
+ struct in_addr proxy_server_address;
+ struct tcphdr *tc;
+ struct alias_link *link;
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
- proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port);
+ proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port);
- if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
- return PKT_ALIAS_OK;
+ if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
+ return PKT_ALIAS_OK;
/* If this is a transparent proxy, save original destination,
then alter the destination and adjust checksums */
- dest_port = tc->th_dport;
- dest_address = pip->ip_dst;
- if (proxy_type != 0)
- {
- int accumulate;
- u_short *sptr;
-
- accumulate = tc->th_dport;
- tc->th_dport = proxy_server_port;
- accumulate -= tc->th_dport;
-
- sptr = (u_short *) &(pip->ip_dst);
- accumulate += *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &proxy_server_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
-
- ADJUST_CHECKSUM(accumulate, tc->th_sum);
-
- sptr = (u_short *) &(pip->ip_dst);
- accumulate = *sptr++;
- accumulate += *sptr;
- pip->ip_dst = proxy_server_address;
- sptr = (u_short *) &(pip->ip_dst);
- accumulate -= *sptr++;
- accumulate -= *sptr;
-
- ADJUST_CHECKSUM(accumulate, pip->ip_sum);
- }
-
- link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
- tc->th_sport, tc->th_dport,
- IPPROTO_TCP, 1);
- if (link !=NULL)
- {
- u_short alias_port;
- struct in_addr alias_address;
- int accumulate;
- u_short *sptr;
+ dest_port = tc->th_dport;
+ dest_address = pip->ip_dst;
+ if (proxy_type != 0) {
+ int accumulate;
+ u_short *sptr;
+
+ accumulate = tc->th_dport;
+ tc->th_dport = proxy_server_port;
+ accumulate -= tc->th_dport;
+
+ sptr = (u_short *) & (pip->ip_dst);
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & proxy_server_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+
+ ADJUST_CHECKSUM(accumulate, tc->th_sum);
+
+ sptr = (u_short *) & (pip->ip_dst);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ pip->ip_dst = proxy_server_address;
+ sptr = (u_short *) & (pip->ip_dst);
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+
+ ADJUST_CHECKSUM(accumulate, pip->ip_sum);
+ }
+ link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
+ tc->th_sport, tc->th_dport,
+ IPPROTO_TCP, 1);
+ if (link != NULL) {
+ u_short alias_port;
+ struct in_addr alias_address;
+ int accumulate;
+ u_short *sptr;
/* Save original destination address, if this is a proxy packet.
Also modify packet to include destination encoding. This may
change the size of IP header. */
- if (proxy_type != 0)
- {
- SetProxyPort(link, dest_port);
- SetProxyAddress(link, dest_address);
- ProxyModify(la, link, pip, maxpacketsize, proxy_type);
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- }
-
+ if (proxy_type != 0) {
+ SetProxyPort(link, dest_port);
+ SetProxyAddress(link, dest_address);
+ ProxyModify(la, link, pip, maxpacketsize, proxy_type);
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ }
/* Get alias address and port */
- alias_port = GetAliasPort(link);
- alias_address = GetAliasAddress(link);
+ alias_port = GetAliasPort(link);
+ alias_address = GetAliasAddress(link);
/* Monitor TCP connection state */
- TcpMonitorOut(pip, link);
+ TcpMonitorOut(pip, link);
/* Special processing for IP encoding protocols */
- if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER
- || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER)
- AliasHandleFtpOut(la, pip, link, maxpacketsize);
- else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1
- || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2)
- AliasHandleIrcOut(la, pip, link, maxpacketsize);
- else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1
- || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1
- || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2
- || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2)
- AliasHandleRtspOut(la, pip, link, maxpacketsize);
- else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
- || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
- AliasHandlePptpOut(la, pip, link);
- else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort
- || ntohs(tc->th_dport) == la->skinnyPort))
- AliasHandleSkinny(la, pip, link);
+ if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER
+ || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER)
+ AliasHandleFtpOut(la, pip, link, maxpacketsize);
+ else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1
+ || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2)
+ AliasHandleIrcOut(la, pip, link, maxpacketsize);
+ else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1
+ || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1
+ || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2
+ || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2)
+ AliasHandleRtspOut(la, pip, link, maxpacketsize);
+ else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
+ || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
+ AliasHandlePptpOut(la, pip, link);
+ else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort
+ || ntohs(tc->th_dport) == la->skinnyPort))
+ AliasHandleSkinny(la, pip, link);
/* Adjust TCP checksum since source port is being aliased */
/* and source address is being altered */
- accumulate = tc->th_sport;
- tc->th_sport = alias_port;
- accumulate -= tc->th_sport;
+ accumulate = tc->th_sport;
+ tc->th_sport = alias_port;
+ accumulate -= tc->th_sport;
- sptr = (u_short *) &(pip->ip_src);
- accumulate += *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &alias_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
+ sptr = (u_short *) & (pip->ip_src);
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & alias_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
/* Modify sequence number if necessary */
- if (GetAckModified(link) == 1)
- {
- int delta;
-
- delta = GetDeltaSeqOut(pip, link);
- if (delta != 0)
- {
- sptr = (u_short *) &tc->th_seq;
- accumulate += *sptr++;
- accumulate += *sptr;
- tc->th_seq = htonl(ntohl(tc->th_seq) + delta);
- sptr = (u_short *) &tc->th_seq;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- }
- }
-
- ADJUST_CHECKSUM(accumulate, tc->th_sum);
+ if (GetAckModified(link) == 1) {
+ int delta;
+
+ delta = GetDeltaSeqOut(pip, link);
+ if (delta != 0) {
+ sptr = (u_short *) & tc->th_seq;
+ accumulate += *sptr++;
+ accumulate += *sptr;
+ tc->th_seq = htonl(ntohl(tc->th_seq) + delta);
+ sptr = (u_short *) & tc->th_seq;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ }
+ }
+ ADJUST_CHECKSUM(accumulate, tc->th_sum);
/* Change source address */
- sptr = (u_short *) &(pip->ip_src);
- accumulate = *sptr++;
- accumulate += *sptr;
- pip->ip_src = alias_address;
- sptr = (u_short *) &(pip->ip_src);
- accumulate -= *sptr++;
- accumulate -= *sptr;
-
- ADJUST_CHECKSUM(accumulate, pip->ip_sum);
-
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_IGNORED);
+ sptr = (u_short *) & (pip->ip_src);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ pip->ip_src = alias_address;
+ sptr = (u_short *) & (pip->ip_src);
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+
+ ADJUST_CHECKSUM(accumulate, pip->ip_sum);
+
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_IGNORED);
}
@@ -1171,46 +1127,45 @@ saved and recalled when a header fragment is seen.
*/
/* Local prototypes */
-static int FragmentIn(struct libalias *, struct ip *);
-static int FragmentOut(struct libalias *, struct ip *);
+static int FragmentIn(struct libalias *, struct ip *);
+static int FragmentOut(struct libalias *, struct ip *);
static int
FragmentIn(struct libalias *la, struct ip *pip)
{
- struct alias_link *link;
-
- link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id);
- if (link != NULL)
- {
- struct in_addr original_address;
-
- GetFragmentAddr(link, &original_address);
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_dst,
- 2);
- pip->ip_dst = original_address;
-
- return(PKT_ALIAS_OK);
- }
- return(PKT_ALIAS_UNRESOLVED_FRAGMENT);
+ struct alias_link *link;
+
+ link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id);
+ if (link != NULL) {
+ struct in_addr original_address;
+
+ GetFragmentAddr(link, &original_address);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_dst,
+ 2);
+ pip->ip_dst = original_address;
+
+ return (PKT_ALIAS_OK);
+ }
+ return (PKT_ALIAS_UNRESOLVED_FRAGMENT);
}
static int
FragmentOut(struct libalias *la, struct ip *pip)
{
- struct in_addr alias_address;
+ struct in_addr alias_address;
- alias_address = FindAliasAddress(la, pip->ip_src);
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &alias_address,
- (u_short *) &pip->ip_src,
- 2);
- pip->ip_src = alias_address;
+ alias_address = FindAliasAddress(la, pip->ip_src);
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & alias_address,
+ (u_short *) & pip->ip_src,
+ 2);
+ pip->ip_src = alias_address;
- return(PKT_ALIAS_OK);
+ return (PKT_ALIAS_OK);
}
@@ -1234,139 +1189,127 @@ FragmentOut(struct libalias *la, struct ip *pip)
int
LibAliasSaveFragment(struct libalias *la, char *ptr)
{
- int iresult;
- struct alias_link *link;
- struct ip *pip;
-
- pip = (struct ip *) ptr;
- link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id);
- iresult = PKT_ALIAS_ERROR;
- if (link != NULL)
- {
- SetFragmentPtr(link, ptr);
- iresult = PKT_ALIAS_OK;
- }
- return(iresult);
+ int iresult;
+ struct alias_link *link;
+ struct ip *pip;
+
+ pip = (struct ip *)ptr;
+ link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id);
+ iresult = PKT_ALIAS_ERROR;
+ if (link != NULL) {
+ SetFragmentPtr(link, ptr);
+ iresult = PKT_ALIAS_OK;
+ }
+ return (iresult);
}
-char *
+char *
LibAliasGetFragment(struct libalias *la, char *ptr)
{
- struct alias_link *link;
- char *fptr;
- struct ip *pip;
-
- pip = (struct ip *) ptr;
- link = FindFragmentPtr(la, pip->ip_src, pip->ip_id);
- if (link != NULL)
- {
- GetFragmentPtr(link, &fptr);
- SetFragmentPtr(link, NULL);
- SetExpire(link, 0); /* Deletes link */
-
- return(fptr);
- }
- else
- {
- return(NULL);
- }
+ struct alias_link *link;
+ char *fptr;
+ struct ip *pip;
+
+ pip = (struct ip *)ptr;
+ link = FindFragmentPtr(la, pip->ip_src, pip->ip_id);
+ if (link != NULL) {
+ GetFragmentPtr(link, &fptr);
+ SetFragmentPtr(link, NULL);
+ SetExpire(link, 0); /* Deletes link */
+
+ return (fptr);
+ } else {
+ return (NULL);
+ }
}
void
-LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly de-aliased
- header fragment */
- char *ptr_fragment /* Points to fragment which must
- be de-aliased */
- )
+LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly
+ * de-aliased header
+ * fragment */
+ char *ptr_fragment /* Points to fragment which must be
+ * de-aliased */
+)
{
- struct ip *pip;
- struct ip *fpip;
+ struct ip *pip;
+ struct ip *fpip;
- pip = (struct ip *) ptr;
- fpip = (struct ip *) ptr_fragment;
+ pip = (struct ip *)ptr;
+ fpip = (struct ip *)ptr_fragment;
- DifferentialChecksum(&fpip->ip_sum,
- (u_short *) &pip->ip_dst,
- (u_short *) &fpip->ip_dst,
- 2);
- fpip->ip_dst = pip->ip_dst;
+ DifferentialChecksum(&fpip->ip_sum,
+ (u_short *) & pip->ip_dst,
+ (u_short *) & fpip->ip_dst,
+ 2);
+ fpip->ip_dst = pip->ip_dst;
}
int
LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize)
{
- struct in_addr alias_addr;
- struct ip *pip;
- int iresult;
-
- if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
- la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
- iresult = PacketAliasOut(ptr, maxpacketsize);
- la->packetAliasMode |= PKT_ALIAS_REVERSE;
- return iresult;
- }
-
- HouseKeeping(la);
- ClearCheckNewLink(la);
- pip = (struct ip *) ptr;
- alias_addr = pip->ip_dst;
-
- /* Defense against mangled packets */
- if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl<<2) > maxpacketsize)
- return PKT_ALIAS_IGNORED;
-
- iresult = PKT_ALIAS_IGNORED;
- if ( (ntohs(pip->ip_off) & IP_OFFMASK) == 0 )
- {
- switch (pip->ip_p)
- {
- case IPPROTO_ICMP:
- iresult = IcmpAliasIn(la, pip);
- break;
- case IPPROTO_UDP:
- iresult = UdpAliasIn(la, pip);
- break;
- case IPPROTO_TCP:
- iresult = TcpAliasIn(la, pip);
- break;
- case IPPROTO_GRE:
- if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
- AliasHandlePptpGreIn(la, pip) == 0)
- iresult = PKT_ALIAS_OK;
- else
- iresult = ProtoAliasIn(la, pip);
- break;
- default:
- iresult = ProtoAliasIn(la, pip);
- break;
- }
-
- if (ntohs(pip->ip_off) & IP_MF)
- {
- struct alias_link *link;
-
- link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id);
- if (link != NULL)
- {
- iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT;
- SetFragmentAddr(link, pip->ip_dst);
- }
- else
- {
- iresult = PKT_ALIAS_ERROR;
- }
- }
- }
- else
- {
- iresult = FragmentIn(la, pip);
- }
-
- return(iresult);
+ struct in_addr alias_addr;
+ struct ip *pip;
+ int iresult;
+
+ if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
+ la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
+ iresult = PacketAliasOut(ptr, maxpacketsize);
+ la->packetAliasMode |= PKT_ALIAS_REVERSE;
+ return iresult;
+ }
+ HouseKeeping(la);
+ ClearCheckNewLink(la);
+ pip = (struct ip *)ptr;
+ alias_addr = pip->ip_dst;
+
+ /* Defense against mangled packets */
+ if (ntohs(pip->ip_len) > maxpacketsize
+ || (pip->ip_hl << 2) > maxpacketsize)
+ return PKT_ALIAS_IGNORED;
+
+ iresult = PKT_ALIAS_IGNORED;
+ if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) {
+ switch (pip->ip_p) {
+ case IPPROTO_ICMP:
+ iresult = IcmpAliasIn(la, pip);
+ break;
+ case IPPROTO_UDP:
+ iresult = UdpAliasIn(la, pip);
+ break;
+ case IPPROTO_TCP:
+ iresult = TcpAliasIn(la, pip);
+ break;
+ case IPPROTO_GRE:
+ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
+ AliasHandlePptpGreIn(la, pip) == 0)
+ iresult = PKT_ALIAS_OK;
+ else
+ iresult = ProtoAliasIn(la, pip);
+ break;
+ default:
+ iresult = ProtoAliasIn(la, pip);
+ break;
+ }
+
+ if (ntohs(pip->ip_off) & IP_MF) {
+ struct alias_link *link;
+
+ link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id);
+ if (link != NULL) {
+ iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT;
+ SetFragmentAddr(link, pip->ip_dst);
+ } else {
+ iresult = PKT_ALIAS_ERROR;
+ }
+ }
+ } else {
+ iresult = FragmentIn(la, pip);
+ }
+
+ return (iresult);
}
@@ -1386,207 +1329,195 @@ LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize)
#define UNREG_ADDR_C_UPPER 0xc0a8ffff
int
-LibAliasOut(struct libalias *la, char *ptr, /* valid IP packet */
- int maxpacketsize /* How much the packet data may grow
- (FTP and IRC inline changes) */
- )
+LibAliasOut(struct libalias *la, char *ptr, /* valid IP packet */
+ int maxpacketsize /* How much the packet data may grow (FTP
+ * and IRC inline changes) */
+)
{
- int iresult;
- struct in_addr addr_save;
- struct ip *pip;
-
- if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
- la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
- iresult = PacketAliasIn(ptr, maxpacketsize);
- la->packetAliasMode |= PKT_ALIAS_REVERSE;
- return iresult;
- }
-
- HouseKeeping(la);
- ClearCheckNewLink(la);
- pip = (struct ip *) ptr;
-
- /* Defense against mangled packets */
- if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl<<2) > maxpacketsize)
- return PKT_ALIAS_IGNORED;
-
- addr_save = GetDefaultAliasAddress(la);
- if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY)
- {
- u_long addr;
- int iclass;
-
- iclass = 0;
- addr = ntohl(pip->ip_src.s_addr);
- if (addr >= UNREG_ADDR_C_LOWER && addr <= UNREG_ADDR_C_UPPER)
- iclass = 3;
- else if (addr >= UNREG_ADDR_B_LOWER && addr <= UNREG_ADDR_B_UPPER)
- iclass = 2;
- else if (addr >= UNREG_ADDR_A_LOWER && addr <= UNREG_ADDR_A_UPPER)
- iclass = 1;
-
- if (iclass == 0)
- {
- SetDefaultAliasAddress(la, pip->ip_src);
- }
- }
- else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
- {
- SetDefaultAliasAddress(la, pip->ip_src);
- }
-
- iresult = PKT_ALIAS_IGNORED;
- if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0)
- {
- switch (pip->ip_p)
- {
- case IPPROTO_ICMP:
- iresult = IcmpAliasOut(la, pip);
- break;
- case IPPROTO_UDP:
- iresult = UdpAliasOut(la, pip);
- break;
- case IPPROTO_TCP:
- iresult = TcpAliasOut(la, pip, maxpacketsize);
- break;
- case IPPROTO_GRE:
- if (AliasHandlePptpGreOut(la, pip) == 0)
- iresult = PKT_ALIAS_OK;
- else
- iresult = ProtoAliasOut(la, pip);
- break;
- default:
- iresult = ProtoAliasOut(la, pip);
- break;
- }
- }
- else
- {
- iresult = FragmentOut(la, pip);
- }
-
- SetDefaultAliasAddress(la, addr_save);
- return(iresult);
+ int iresult;
+ struct in_addr addr_save;
+ struct ip *pip;
+
+ if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
+ la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
+ iresult = PacketAliasIn(ptr, maxpacketsize);
+ la->packetAliasMode |= PKT_ALIAS_REVERSE;
+ return iresult;
+ }
+ HouseKeeping(la);
+ ClearCheckNewLink(la);
+ pip = (struct ip *)ptr;
+
+ /* Defense against mangled packets */
+ if (ntohs(pip->ip_len) > maxpacketsize
+ || (pip->ip_hl << 2) > maxpacketsize)
+ return PKT_ALIAS_IGNORED;
+
+ addr_save = GetDefaultAliasAddress(la);
+ if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY) {
+ u_long addr;
+ int iclass;
+
+ iclass = 0;
+ addr = ntohl(pip->ip_src.s_addr);
+ if (addr >= UNREG_ADDR_C_LOWER && addr <= UNREG_ADDR_C_UPPER)
+ iclass = 3;
+ else if (addr >= UNREG_ADDR_B_LOWER && addr <= UNREG_ADDR_B_UPPER)
+ iclass = 2;
+ else if (addr >= UNREG_ADDR_A_LOWER && addr <= UNREG_ADDR_A_UPPER)
+ iclass = 1;
+
+ if (iclass == 0) {
+ SetDefaultAliasAddress(la, pip->ip_src);
+ }
+ } else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) {
+ SetDefaultAliasAddress(la, pip->ip_src);
+ }
+ iresult = PKT_ALIAS_IGNORED;
+ if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) {
+ switch (pip->ip_p) {
+ case IPPROTO_ICMP:
+ iresult = IcmpAliasOut(la, pip);
+ break;
+ case IPPROTO_UDP:
+ iresult = UdpAliasOut(la, pip);
+ break;
+ case IPPROTO_TCP:
+ iresult = TcpAliasOut(la, pip, maxpacketsize);
+ break;
+ case IPPROTO_GRE:
+ if (AliasHandlePptpGreOut(la, pip) == 0)
+ iresult = PKT_ALIAS_OK;
+ else
+ iresult = ProtoAliasOut(la, pip);
+ break;
+ default:
+ iresult = ProtoAliasOut(la, pip);
+ break;
+ }
+ } else {
+ iresult = FragmentOut(la, pip);
+ }
+
+ SetDefaultAliasAddress(la, addr_save);
+ return (iresult);
}
int
-LibAliasUnaliasOut(struct libalias *la, char *ptr, /* valid IP packet */
- int maxpacketsize /* for error checking */
- )
+LibAliasUnaliasOut(struct libalias *la, char *ptr, /* valid IP packet */
+ int maxpacketsize /* for error checking */
+)
{
- struct ip *pip;
- struct icmp *ic;
- struct udphdr *ud;
- struct tcphdr *tc;
- struct alias_link *link;
- int iresult = PKT_ALIAS_IGNORED;
-
- pip = (struct ip *) ptr;
-
- /* Defense against mangled packets */
- if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl<<2) > maxpacketsize)
- return(iresult);
-
- ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
- tc = (struct tcphdr *) ud;
- ic = (struct icmp *) ud;
-
- /* Find a link */
- if (pip->ip_p == IPPROTO_UDP)
- link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
- ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (pip->ip_p == IPPROTO_TCP)
- link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
- tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (pip->ip_p == IPPROTO_ICMP)
- link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
- else
- link = NULL;
-
- /* Change it from an aliased packet to an unaliased packet */
- if (link != NULL)
- {
- if (pip->ip_p == IPPROTO_UDP || pip->ip_p == IPPROTO_TCP)
- {
- u_short *sptr;
- int accumulate;
- struct in_addr original_address;
- u_short original_port;
-
- original_address = GetOriginalAddress(link);
- original_port = GetOriginalPort(link);
-
- /* Adjust TCP/UDP checksum */
- sptr = (u_short *) &(pip->ip_src);
- accumulate = *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &original_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
-
- if (pip->ip_p == IPPROTO_UDP) {
- accumulate += ud->uh_sport;
- accumulate -= original_port;
- ADJUST_CHECKSUM(accumulate, ud->uh_sum);
- } else {
- accumulate += tc->th_sport;
- accumulate -= original_port;
- ADJUST_CHECKSUM(accumulate, tc->th_sum);
- }
-
- /* Adjust IP checksum */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_src,
- 2);
-
- /* Un-alias source address and port number */
- pip->ip_src = original_address;
- if (pip->ip_p == IPPROTO_UDP)
- ud->uh_sport = original_port;
- else
- tc->th_sport = original_port;
-
- iresult = PKT_ALIAS_OK;
-
- } else if (pip->ip_p == IPPROTO_ICMP) {
-
- u_short *sptr;
- int accumulate;
- struct in_addr original_address;
- u_short original_id;
-
- original_address = GetOriginalAddress(link);
- original_id = GetOriginalPort(link);
-
- /* Adjust ICMP checksum */
- sptr = (u_short *) &(pip->ip_src);
- accumulate = *sptr++;
- accumulate += *sptr;
- sptr = (u_short *) &original_address;
- accumulate -= *sptr++;
- accumulate -= *sptr;
- accumulate += ic->icmp_id;
- accumulate -= original_id;
- ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
-
- /* Adjust IP checksum */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *) &original_address,
- (u_short *) &pip->ip_src,
- 2);
-
- /* Un-alias source address and port number */
- pip->ip_src = original_address;
- ic->icmp_id = original_id;
-
- iresult = PKT_ALIAS_OK;
- }
- }
- return(iresult);
+ struct ip *pip;
+ struct icmp *ic;
+ struct udphdr *ud;
+ struct tcphdr *tc;
+ struct alias_link *link;
+ int iresult = PKT_ALIAS_IGNORED;
+
+ pip = (struct ip *)ptr;
+
+ /* Defense against mangled packets */
+ if (ntohs(pip->ip_len) > maxpacketsize
+ || (pip->ip_hl << 2) > maxpacketsize)
+ return (iresult);
+
+ ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
+ tc = (struct tcphdr *)ud;
+ ic = (struct icmp *)ud;
+
+ /* Find a link */
+ if (pip->ip_p == IPPROTO_UDP)
+ link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
+ ud->uh_dport, ud->uh_sport,
+ IPPROTO_UDP, 0);
+ else if (pip->ip_p == IPPROTO_TCP)
+ link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
+ tc->th_dport, tc->th_sport,
+ IPPROTO_TCP, 0);
+ else if (pip->ip_p == IPPROTO_ICMP)
+ link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
+ else
+ link = NULL;
+
+ /* Change it from an aliased packet to an unaliased packet */
+ if (link != NULL) {
+ if (pip->ip_p == IPPROTO_UDP || pip->ip_p == IPPROTO_TCP) {
+ u_short *sptr;
+ int accumulate;
+ struct in_addr original_address;
+ u_short original_port;
+
+ original_address = GetOriginalAddress(link);
+ original_port = GetOriginalPort(link);
+
+ /* Adjust TCP/UDP checksum */
+ sptr = (u_short *) & (pip->ip_src);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & original_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+
+ if (pip->ip_p == IPPROTO_UDP) {
+ accumulate += ud->uh_sport;
+ accumulate -= original_port;
+ ADJUST_CHECKSUM(accumulate, ud->uh_sum);
+ } else {
+ accumulate += tc->th_sport;
+ accumulate -= original_port;
+ ADJUST_CHECKSUM(accumulate, tc->th_sum);
+ }
+
+ /* Adjust IP checksum */
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_src,
+ 2);
+
+ /* Un-alias source address and port number */
+ pip->ip_src = original_address;
+ if (pip->ip_p == IPPROTO_UDP)
+ ud->uh_sport = original_port;
+ else
+ tc->th_sport = original_port;
+
+ iresult = PKT_ALIAS_OK;
+
+ } else if (pip->ip_p == IPPROTO_ICMP) {
+
+ u_short *sptr;
+ int accumulate;
+ struct in_addr original_address;
+ u_short original_id;
+
+ original_address = GetOriginalAddress(link);
+ original_id = GetOriginalPort(link);
+
+ /* Adjust ICMP checksum */
+ sptr = (u_short *) & (pip->ip_src);
+ accumulate = *sptr++;
+ accumulate += *sptr;
+ sptr = (u_short *) & original_address;
+ accumulate -= *sptr++;
+ accumulate -= *sptr;
+ accumulate += ic->icmp_id;
+ accumulate -= original_id;
+ ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
+
+ /* Adjust IP checksum */
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & original_address,
+ (u_short *) & pip->ip_src,
+ 2);
+
+ /* Un-alias source address and port number */
+ pip->ip_src = original_address;
+ ic->icmp_id = original_id;
+
+ iresult = PKT_ALIAS_OK;
+ }
+ }
+ return (iresult);
}
diff --git a/lib/libalias/alias.h b/lib/libalias/alias.h
index d714126..0f5ba70 100644
--- a/lib/libalias/alias.h
+++ b/lib/libalias/alias.h
@@ -47,11 +47,11 @@
* PacketAlias*() the old API which doesn't take an instance pointer
* and therefore can only have one packet engine at a time.
*
- * LibAlias*() the new API which takes as first argument a pointer to
+ * LibAlias*() the new API which takes as first argument a pointer to
* the instance of the packet aliasing engine.
*
* The functions otherwise correspond to each other one for one, except
- * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
+ * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
* were misnamed in the old API.
*/
@@ -66,107 +66,109 @@ struct libalias;
* PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
* and freed by PacketAliasRedirectDelete().
*/
-struct alias_link;
+struct alias_link;
/* OLD API */
/* Initialization and control functions. */
-void PacketAliasInit(void);
-void PacketAliasSetAddress(struct in_addr _addr);
-void PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
-void PacketAliasSetSkinnyPort(unsigned int _port);
+void PacketAliasInit(void);
+void PacketAliasSetAddress(struct in_addr _addr);
+void PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
+void PacketAliasSetSkinnyPort(unsigned int _port);
unsigned int
- PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
-void PacketAliasUninit(void);
+ PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
+void PacketAliasUninit(void);
/* Packet Handling functions. */
-int PacketAliasIn(char *_ptr, int _maxpacketsize);
-int PacketAliasOut(char *_ptr, int _maxpacketsize);
-int PacketUnaliasOut(char *_ptr, int _maxpacketsize);
+int PacketAliasIn(char *_ptr, int _maxpacketsize);
+int PacketAliasOut(char *_ptr, int _maxpacketsize);
+int PacketUnaliasOut(char *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
-int PacketAliasAddServer(struct alias_link *_link,
- struct in_addr _addr, unsigned short _port);
+int
+PacketAliasAddServer(struct alias_link *_link,
+ struct in_addr _addr, unsigned short _port);
struct alias_link *
- PacketAliasRedirectAddr(struct in_addr _src_addr,
- struct in_addr _alias_addr);
-int PacketAliasRedirectDynamic(struct alias_link *_link);
-void PacketAliasRedirectDelete(struct alias_link *_link);
+PacketAliasRedirectAddr(struct in_addr _src_addr,
+ struct in_addr _alias_addr);
+int PacketAliasRedirectDynamic(struct alias_link *_link);
+void PacketAliasRedirectDelete(struct alias_link *_link);
struct alias_link *
- PacketAliasRedirectPort(struct in_addr _src_addr,
- unsigned short _src_port, struct in_addr _dst_addr,
- unsigned short _dst_port, struct in_addr _alias_addr,
- unsigned short _alias_port, unsigned char _proto);
+PacketAliasRedirectPort(struct in_addr _src_addr,
+ unsigned short _src_port, struct in_addr _dst_addr,
+ unsigned short _dst_port, struct in_addr _alias_addr,
+ unsigned short _alias_port, unsigned char _proto);
struct alias_link *
- PacketAliasRedirectProto(struct in_addr _src_addr,
- struct in_addr _dst_addr, struct in_addr _alias_addr,
- unsigned char _proto);
+PacketAliasRedirectProto(struct in_addr _src_addr,
+ struct in_addr _dst_addr, struct in_addr _alias_addr,
+ unsigned char _proto);
/* Fragment Handling functions. */
-void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
-char *PacketAliasGetFragment(char *_ptr);
-int PacketAliasSaveFragment(char *_ptr);
+void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
+char *PacketAliasGetFragment(char *_ptr);
+int PacketAliasSaveFragment(char *_ptr);
/* Miscellaneous functions. */
-int PacketAliasCheckNewLink(void);
+int PacketAliasCheckNewLink(void);
unsigned short
- PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
-void PacketAliasSetTarget(struct in_addr _target_addr);
+ PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
+void PacketAliasSetTarget(struct in_addr _target_addr);
/* Transparent proxying routines. */
-int PacketAliasProxyRule(const char *_cmd);
+int PacketAliasProxyRule(const char *_cmd);
/* NEW API */
/* Initialization and control functions. */
-struct libalias *LibAliasInit(struct libalias *);
-void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
-void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
-void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
+struct libalias *LibAliasInit(struct libalias *);
+void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
+void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
+void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
unsigned int
- LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
-void LibAliasUninit(struct libalias *);
+ LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
+void LibAliasUninit(struct libalias *);
/* Packet Handling functions. */
-int LibAliasIn(struct libalias *, char *_ptr, int _maxpacketsize);
-int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
-int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
+int LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize);
+int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
+int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
-int LibAliasAddServer(struct libalias *, struct alias_link *_link,
- struct in_addr _addr, unsigned short _port);
+int
+LibAliasAddServer(struct libalias *, struct alias_link *_link,
+ struct in_addr _addr, unsigned short _port);
struct alias_link *
- LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
- struct in_addr _alias_addr);
-int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
-void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
+LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
+ struct in_addr _alias_addr);
+int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
+void LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
struct alias_link *
- LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
- unsigned short _src_port, struct in_addr _dst_addr,
- unsigned short _dst_port, struct in_addr _alias_addr,
- unsigned short _alias_port, unsigned char _proto);
+LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
+ unsigned short _src_port, struct in_addr _dst_addr,
+ unsigned short _dst_port, struct in_addr _alias_addr,
+ unsigned short _alias_port, unsigned char _proto);
struct alias_link *
- LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
- struct in_addr _dst_addr, struct in_addr _alias_addr,
- unsigned char _proto);
+LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
+ struct in_addr _dst_addr, struct in_addr _alias_addr,
+ unsigned char _proto);
/* Fragment Handling functions. */
-void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
-char *LibAliasGetFragment(struct libalias *, char *_ptr);
-int LibAliasSaveFragment(struct libalias *, char *_ptr);
+void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
+char *LibAliasGetFragment(struct libalias *, char *_ptr);
+int LibAliasSaveFragment(struct libalias *, char *_ptr);
/* Miscellaneous functions. */
-int LibAliasCheckNewLink(struct libalias *);
+int LibAliasCheckNewLink(struct libalias *);
unsigned short
- LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
-void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
+ LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
+void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
/* Transparent proxying routines. */
-int LibAliasProxyRule(struct libalias *, const char *_cmd);
+int LibAliasProxyRule(struct libalias *, const char *_cmd);
/*
@@ -257,6 +259,6 @@ int LibAliasProxyRule(struct libalias *, const char *_cmd);
#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3
#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4
-#endif /* !_ALIAS_H_ */
+#endif /* !_ALIAS_H_ */
/* lint -restore */
diff --git a/lib/libalias/alias_cuseeme.c b/lib/libalias/alias_cuseeme.c
index 455973f..4b0f5a5 100644
--- a/lib/libalias/alias_cuseeme.c
+++ b/lib/libalias/alias_cuseeme.c
@@ -40,83 +40,84 @@ __FBSDID("$FreeBSD$");
/* CU-SeeMe Data Header */
struct cu_header {
- u_int16_t dest_family;
- u_int16_t dest_port;
- u_int32_t dest_addr;
- int16_t family;
- u_int16_t port;
- u_int32_t addr;
- u_int32_t seq;
- u_int16_t msg;
- u_int16_t data_type;
- u_int16_t packet_len;
+ u_int16_t dest_family;
+ u_int16_t dest_port;
+ u_int32_t dest_addr;
+ int16_t family;
+ u_int16_t port;
+ u_int32_t addr;
+ u_int32_t seq;
+ u_int16_t msg;
+ u_int16_t data_type;
+ u_int16_t packet_len;
};
/* Open Continue Header */
struct oc_header {
- u_int16_t client_count; /* Number of client info structs */
- u_int32_t seq_no;
- char user_name[20];
- char reserved[4]; /* flags, version stuff, etc */
+ u_int16_t client_count; /* Number of client info structs */
+ u_int32_t seq_no;
+ char user_name [20];
+ char reserved [4]; /* flags, version stuff, etc */
};
/* client info structures */
struct client_info {
- u_int32_t address; /* Client address */
- char reserved[8]; /* Flags, pruning bitfield, packet counts etc */
+ u_int32_t address;/* Client address */
+ char reserved [8]; /* Flags, pruning bitfield, packet
+ * counts etc */
};
void
AliasHandleCUSeeMeOut(struct libalias *la, struct ip *pip, struct alias_link *link)
{
- struct udphdr *ud;
+ struct udphdr *ud;
- ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
- if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) {
- struct cu_header *cu;
- struct alias_link *cu_link;
+ ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
+ if (ntohs(ud->uh_ulen) - sizeof(struct udphdr) >= sizeof(struct cu_header)) {
+ struct cu_header *cu;
+ struct alias_link *cu_link;
- cu = (struct cu_header *)(ud + 1);
- if (cu->addr)
- cu->addr = (u_int32_t)GetAliasAddress(link).s_addr;
+ cu = (struct cu_header *)(ud + 1);
+ if (cu->addr)
+ cu->addr = (u_int32_t) GetAliasAddress(link).s_addr;
- cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
- ud->uh_dport, 0, IPPROTO_UDP, 1);
+ cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
+ ud->uh_dport, 0, IPPROTO_UDP, 1);
#ifndef NO_FW_PUNCH
- if (cu_link)
- PunchFWHole(cu_link);
+ if (cu_link)
+ PunchFWHole(cu_link);
#endif
- }
+ }
}
void
AliasHandleCUSeeMeIn(struct libalias *la, struct ip *pip, struct in_addr original_addr)
{
- struct in_addr alias_addr;
- struct udphdr *ud;
- struct cu_header *cu;
- struct oc_header *oc;
- struct client_info *ci;
- char *end;
- int i;
+ struct in_addr alias_addr;
+ struct udphdr *ud;
+ struct cu_header *cu;
+ struct oc_header *oc;
+ struct client_info *ci;
+ char *end;
+ int i;
- alias_addr.s_addr = pip->ip_dst.s_addr;
- ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
- cu = (struct cu_header *)(ud + 1);
- oc = (struct oc_header *)(cu + 1);
- ci = (struct client_info *)(oc + 1);
- end = (char *)ud + ntohs(ud->uh_ulen);
+ alias_addr.s_addr = pip->ip_dst.s_addr;
+ ud = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
+ cu = (struct cu_header *)(ud + 1);
+ oc = (struct oc_header *)(cu + 1);
+ ci = (struct client_info *)(oc + 1);
+ end = (char *)ud + ntohs(ud->uh_ulen);
- if ((char *)oc <= end) {
- if(cu->dest_addr)
- cu->dest_addr = (u_int32_t)original_addr.s_addr;
- if(ntohs(cu->data_type) == 101)
- /* Find and change our address */
- for(i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++)
- if(ci->address == (u_int32_t)alias_addr.s_addr) {
- ci->address = (u_int32_t)original_addr.s_addr;
- break;
- }
- }
+ if ((char *)oc <= end) {
+ if (cu->dest_addr)
+ cu->dest_addr = (u_int32_t) original_addr.s_addr;
+ if (ntohs(cu->data_type) == 101)
+ /* Find and change our address */
+ for (i = 0; (char *)(ci + 1) <= end && i < oc->client_count; i++, ci++)
+ if (ci->address == (u_int32_t) alias_addr.s_addr) {
+ ci->address = (u_int32_t) original_addr.s_addr;
+ break;
+ }
+ }
}
diff --git a/lib/libalias/alias_db.c b/lib/libalias/alias_db.c
index 92f8814..039db03 100644
--- a/lib/libalias/alias_db.c
+++ b/lib/libalias/alias_db.c
@@ -1,5 +1,3 @@
-/* -*- mode: c; tab-width: 8; c-basic-indent: 4; -*- */
-
/*-
* Copyright (c) 2001 Charles Mott <cm@linktel.net>
* All rights reserved.
@@ -167,7 +165,7 @@ __FBSDID("$FreeBSD$");
#include "alias_local.h"
-static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead);
+static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead);
/*
@@ -190,23 +188,23 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead);
/* When the link has been used and closed - minimal grace time to
allow ACKs and potential re-connect in FTP (XXX - is this allowed?) */
#ifndef TCP_EXPIRE_DEAD
-# define TCP_EXPIRE_DEAD 10
+#define TCP_EXPIRE_DEAD 10
#endif
/* When the link has been used and closed on one side - the other side
is allowed to still send data */
#ifndef TCP_EXPIRE_SINGLEDEAD
-# define TCP_EXPIRE_SINGLEDEAD 90
+#define TCP_EXPIRE_SINGLEDEAD 90
#endif
/* When the link isn't yet up */
#ifndef TCP_EXPIRE_INITIAL
-# define TCP_EXPIRE_INITIAL 300
+#define TCP_EXPIRE_INITIAL 300
#endif
/* When the link is up */
#ifndef TCP_EXPIRE_CONNECTED
-# define TCP_EXPIRE_CONNECTED 86400
+#define TCP_EXPIRE_CONNECTED 86400
#endif
@@ -246,53 +244,52 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead);
port and link type.
*/
-struct ack_data_record /* used to save changes to ACK/sequence numbers */
-{
- u_long ack_old;
- u_long ack_new;
- int delta;
- int active;
+struct ack_data_record { /* used to save changes to ACK/sequence
+ * numbers */
+ u_long ack_old;
+ u_long ack_new;
+ int delta;
+ int active;
};
-struct tcp_state /* Information about TCP connection */
-{
- int in; /* State for outside -> inside */
- int out; /* State for inside -> outside */
- int index; /* Index to ACK data array */
- int ack_modified; /* Indicates whether ACK and sequence numbers */
- /* been modified */
+struct tcp_state { /* Information about TCP connection */
+ int in; /* State for outside -> inside */
+ int out; /* State for inside -> outside */
+ int index; /* Index to ACK data array */
+ int ack_modified; /* Indicates whether ACK and
+ * sequence numbers */
+ /* been modified */
};
-#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes
- saved for a modified TCP stream */
-struct tcp_dat
-{
- struct tcp_state state;
- struct ack_data_record ack[N_LINK_TCP_DATA];
- int fwhole; /* Which firewall record is used for this hole? */
+#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes
+ * saved for a modified TCP stream */
+struct tcp_dat {
+ struct tcp_state state;
+ struct ack_data_record ack[N_LINK_TCP_DATA];
+ int fwhole; /* Which firewall record is used for this
+ * hole? */
};
-struct server /* LSNAT server pool (circular list) */
-{
- struct in_addr addr;
- u_short port;
- struct server *next;
+struct server { /* LSNAT server pool (circular list) */
+ struct in_addr addr;
+ u_short port;
+ struct server *next;
};
-struct alias_link /* Main data structure */
-{
- struct libalias *la;
- struct in_addr src_addr; /* Address and port information */
- struct in_addr dst_addr;
- struct in_addr alias_addr;
- struct in_addr proxy_addr;
- u_short src_port;
- u_short dst_port;
- u_short alias_port;
- u_short proxy_port;
- struct server *server;
-
- int link_type; /* Type of link: TCP, UDP, ICMP, proto, frag */
+struct alias_link { /* Main data structure */
+ struct libalias *la;
+ struct in_addr src_addr; /* Address and port information */
+ struct in_addr dst_addr;
+ struct in_addr alias_addr;
+ struct in_addr proxy_addr;
+ u_short src_port;
+ u_short dst_port;
+ u_short alias_port;
+ u_short proxy_port;
+ struct server *server;
+
+ int link_type; /* Type of link: TCP, UDP, ICMP,
+ * proto, frag */
/* values for link_type */
#define LINK_ICMP IPPROTO_ICMP
@@ -303,30 +300,31 @@ struct alias_link /* Main data structure */
#define LINK_ADDR (IPPROTO_MAX + 3)
#define LINK_PPTP (IPPROTO_MAX + 4)
- int flags; /* indicates special characteristics */
- int pflags; /* protocol-specific flags */
+ int flags; /* indicates special characteristics */
+ int pflags; /* protocol-specific flags */
/* flag bits */
#define LINK_UNKNOWN_DEST_PORT 0x01
#define LINK_UNKNOWN_DEST_ADDR 0x02
#define LINK_PERMANENT 0x04
-#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */
+#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */
#define LINK_UNFIREWALLED 0x08
- int timestamp; /* Time link was last accessed */
- int expire_time; /* Expire time for link */
+ int timestamp; /* Time link was last accessed */
+ int expire_time; /* Expire time for link */
- int sockfd; /* socket descriptor */
+ int sockfd; /* socket descriptor */
- LIST_ENTRY(alias_link) list_out; /* Linked list of pointers for */
- LIST_ENTRY(alias_link) list_in; /* input and output lookup tables */
+ LIST_ENTRY (alias_link) list_out; /* Linked list of
+ * pointers for */
+ LIST_ENTRY (alias_link) list_in; /* input and output
+ * lookup tables */
- union /* Auxiliary data */
- {
- char *frag_ptr;
- struct in_addr frag_addr;
- struct tcp_dat *tcp;
- } data;
+ union { /* Auxiliary data */
+ char *frag_ptr;
+ struct in_addr frag_addr;
+ struct tcp_dat *tcp;
+ } data;
};
/* Internal utility routines (used only in alias_db.c)
@@ -344,56 +342,58 @@ Miscellaneous:
/* Local prototypes */
-static u_int StartPointIn(struct in_addr, u_short, int);
+static u_int StartPointIn(struct in_addr, u_short, int);
-static u_int StartPointOut(struct in_addr, struct in_addr,
- u_short, u_short, int);
+static u_int
+StartPointOut(struct in_addr, struct in_addr,
+ u_short, u_short, int);
-static int SeqDiff(u_long, u_long);
+static int SeqDiff(u_long, u_long);
-static void ShowAliasStats(struct libalias *);
+static void ShowAliasStats(struct libalias *);
#ifndef NO_FW_PUNCH
/* Firewall control */
-static void InitPunchFW(struct libalias *la);
-static void UninitPunchFW(struct libalias *la);
-static void ClearFWHole(struct alias_link *link);
+static void InitPunchFW(struct libalias *la);
+static void UninitPunchFW(struct libalias *la);
+static void ClearFWHole(struct alias_link *link);
+
#endif
/* Log file control */
-static void InitPacketAliasLog(struct libalias *la);
-static void UninitPacketAliasLog(struct libalias *la);
+static void InitPacketAliasLog(struct libalias *la);
+static void UninitPacketAliasLog(struct libalias *la);
-static u_int
+static u_int
StartPointIn(struct in_addr alias_addr,
- u_short alias_port,
- int link_type)
+ u_short alias_port,
+ int link_type)
{
- u_int n;
+ u_int n;
- n = alias_addr.s_addr;
- if (link_type != LINK_PPTP)
- n += alias_port;
- n += link_type;
- return(n % LINK_TABLE_IN_SIZE);
+ n = alias_addr.s_addr;
+ if (link_type != LINK_PPTP)
+ n += alias_port;
+ n += link_type;
+ return (n % LINK_TABLE_IN_SIZE);
}
-static u_int
+static u_int
StartPointOut(struct in_addr src_addr, struct in_addr dst_addr,
- u_short src_port, u_short dst_port, int link_type)
+ u_short src_port, u_short dst_port, int link_type)
{
- u_int n;
+ u_int n;
- n = src_addr.s_addr;
- n += dst_addr.s_addr;
- if (link_type != LINK_PPTP) {
- n += src_port;
- n += dst_port;
- }
- n += link_type;
+ n = src_addr.s_addr;
+ n += dst_addr.s_addr;
+ if (link_type != LINK_PPTP) {
+ n += src_port;
+ n += dst_port;
+ }
+ n += link_type;
- return(n % LINK_TABLE_OUT_SIZE);
+ return (n % LINK_TABLE_OUT_SIZE);
}
@@ -407,7 +407,7 @@ SeqDiff(u_long x, u_long y)
arithmetic conditions that need to be considered.
*/
- return (ntohl(y) - ntohl(x));
+ return (ntohl(y) - ntohl(x));
}
@@ -416,29 +416,28 @@ ShowAliasStats(struct libalias *la)
{
/* Used for debugging */
- if (la->monitorFile)
- {
- fprintf(la->monitorFile,
- "icmp=%d, udp=%d, tcp=%d, pptp=%d, proto=%d, frag_id=%d frag_ptr=%d",
- la->icmpLinkCount,
- la->udpLinkCount,
- la->tcpLinkCount,
- la->pptpLinkCount,
- la->protoLinkCount,
- la->fragmentIdLinkCount,
- la->fragmentPtrLinkCount);
-
- fprintf(la->monitorFile, " / tot=%d (sock=%d)\n",
- la->icmpLinkCount + la->udpLinkCount
- + la->tcpLinkCount
- + la->pptpLinkCount
- + la->protoLinkCount
- + la->fragmentIdLinkCount
- + la->fragmentPtrLinkCount,
- la->sockCount);
-
- fflush(la->monitorFile);
- }
+ if (la->monitorFile) {
+ fprintf(la->monitorFile,
+ "icmp=%d, udp=%d, tcp=%d, pptp=%d, proto=%d, frag_id=%d frag_ptr=%d",
+ la->icmpLinkCount,
+ la->udpLinkCount,
+ la->tcpLinkCount,
+ la->pptpLinkCount,
+ la->protoLinkCount,
+ la->fragmentIdLinkCount,
+ la->fragmentPtrLinkCount);
+
+ fprintf(la->monitorFile, " / tot=%d (sock=%d)\n",
+ la->icmpLinkCount + la->udpLinkCount
+ + la->tcpLinkCount
+ + la->pptpLinkCount
+ + la->protoLinkCount
+ + la->fragmentIdLinkCount
+ + la->fragmentPtrLinkCount,
+ la->sockCount);
+
+ fflush(la->monitorFile);
+ }
}
@@ -467,30 +466,30 @@ Port search:
*/
/* Local prototypes */
-static int GetNewPort(struct libalias *, struct alias_link *, int);
+static int GetNewPort(struct libalias *, struct alias_link *, int);
-static u_short GetSocket(struct libalias *, u_short, int *, int);
+static u_short GetSocket(struct libalias *, u_short, int *, int);
-static void CleanupAliasData(struct libalias *);
+static void CleanupAliasData(struct libalias *);
-static void IncrementalCleanup(struct libalias *);
+static void IncrementalCleanup(struct libalias *);
-static void DeleteLink(struct alias_link *);
+static void DeleteLink(struct alias_link *);
static struct alias_link *
AddLink(struct libalias *, struct in_addr, struct in_addr, struct in_addr,
- u_short, u_short, int, int);
+ u_short, u_short, int, int);
static struct alias_link *
ReLink(struct alias_link *,
- struct in_addr, struct in_addr, struct in_addr,
- u_short, u_short, int, int);
+ struct in_addr, struct in_addr, struct in_addr,
+ u_short, u_short, int, int);
static struct alias_link *
-FindLinkOut(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int);
+ FindLinkOut (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int);
static struct alias_link *
-FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int);
+ FindLinkIn (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int);
#define ALIAS_PORT_BASE 0x08000
@@ -511,10 +510,10 @@ FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short,
static int
GetNewPort(struct libalias *la, struct alias_link *link, int alias_port_param)
{
- int i;
- int max_trials;
- u_short port_sys;
- u_short port_net;
+ int i;
+ int max_trials;
+ u_short port_sys;
+ u_short port_net;
/*
Description of alias_port_param for GetNewPort(). When
@@ -526,148 +525,126 @@ GetNewPort(struct libalias *la, struct alias_link *link, int alias_port_param)
selected port number.
*/
- if (alias_port_param == GET_ALIAS_PORT)
- {
- /*
- * The aliasing port is automatically selected
- * by one of two methods below:
- */
- max_trials = GET_NEW_PORT_MAX_ATTEMPTS;
-
- if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS)
- {
- /*
- * When the PKT_ALIAS_SAME_PORTS option is
- * chosen, the first try will be the
- * actual source port. If this is already
- * in use, the remainder of the trials
- * will be random.
- */
- port_net = link->src_port;
- port_sys = ntohs(port_net);
- }
- else
- {
- /* First trial and all subsequent are random. */
- port_sys = random() & ALIAS_PORT_MASK;
- port_sys += ALIAS_PORT_BASE;
- port_net = htons(port_sys);
- }
- }
- else if (alias_port_param >= 0 && alias_port_param < 0x10000)
- {
- link->alias_port = (u_short) alias_port_param;
- return(0);
- }
- else
- {
+ if (alias_port_param == GET_ALIAS_PORT) {
+ /*
+ * The aliasing port is automatically selected by one of
+ * two methods below:
+ */
+ max_trials = GET_NEW_PORT_MAX_ATTEMPTS;
+
+ if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) {
+ /*
+ * When the PKT_ALIAS_SAME_PORTS option is chosen,
+ * the first try will be the actual source port. If
+ * this is already in use, the remainder of the
+ * trials will be random.
+ */
+ port_net = link->src_port;
+ port_sys = ntohs(port_net);
+ } else {
+ /* First trial and all subsequent are random. */
+ port_sys = random() & ALIAS_PORT_MASK;
+ port_sys += ALIAS_PORT_BASE;
+ port_net = htons(port_sys);
+ }
+ } else if (alias_port_param >= 0 && alias_port_param < 0x10000) {
+ link->alias_port = (u_short) alias_port_param;
+ return (0);
+ } else {
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/GetNewPort(): ");
- fprintf(stderr, "input parameter error\n");
+ fprintf(stderr, "PacketAlias/GetNewPort(): ");
+ fprintf(stderr, "input parameter error\n");
#endif
- return(-1);
- }
+ return (-1);
+ }
/* Port number search */
- for (i=0; i<max_trials; i++)
- {
- int go_ahead;
- struct alias_link *search_result;
-
- search_result = FindLinkIn(la, link->dst_addr, link->alias_addr,
- link->dst_port, port_net,
- link->link_type, 0);
-
- if (search_result == NULL)
- go_ahead = 1;
- else if (!(link->flags & LINK_PARTIALLY_SPECIFIED)
- && (search_result->flags & LINK_PARTIALLY_SPECIFIED))
- go_ahead = 1;
- else
- go_ahead = 0;
-
- if (go_ahead)
- {
- if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS)
- && (link->flags & LINK_PARTIALLY_SPECIFIED)
- && ((link->link_type == LINK_TCP) ||
- (link->link_type == LINK_UDP)))
- {
- if (GetSocket(la, port_net, &link->sockfd, link->link_type))
- {
- link->alias_port = port_net;
- return(0);
- }
- }
- else
- {
- link->alias_port = port_net;
- return(0);
- }
- }
-
- port_sys = random() & ALIAS_PORT_MASK;
- port_sys += ALIAS_PORT_BASE;
- port_net = htons(port_sys);
- }
+ for (i = 0; i < max_trials; i++) {
+ int go_ahead;
+ struct alias_link *search_result;
+
+ search_result = FindLinkIn(la, link->dst_addr, link->alias_addr,
+ link->dst_port, port_net,
+ link->link_type, 0);
+
+ if (search_result == NULL)
+ go_ahead = 1;
+ else if (!(link->flags & LINK_PARTIALLY_SPECIFIED)
+ && (search_result->flags & LINK_PARTIALLY_SPECIFIED))
+ go_ahead = 1;
+ else
+ go_ahead = 0;
+
+ if (go_ahead) {
+ if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS)
+ && (link->flags & LINK_PARTIALLY_SPECIFIED)
+ && ((link->link_type == LINK_TCP) ||
+ (link->link_type == LINK_UDP))) {
+ if (GetSocket(la, port_net, &link->sockfd, link->link_type)) {
+ link->alias_port = port_net;
+ return (0);
+ }
+ } else {
+ link->alias_port = port_net;
+ return (0);
+ }
+ }
+ port_sys = random() & ALIAS_PORT_MASK;
+ port_sys += ALIAS_PORT_BASE;
+ port_net = htons(port_sys);
+ }
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/GetnewPort(): ");
- fprintf(stderr, "could not find free port\n");
+ fprintf(stderr, "PacketAlias/GetnewPort(): ");
+ fprintf(stderr, "could not find free port\n");
#endif
- return(-1);
+ return (-1);
}
-static u_short
+static u_short
GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type)
{
- int err;
- int sock;
- struct sockaddr_in sock_addr;
+ int err;
+ int sock;
+ struct sockaddr_in sock_addr;
- if (link_type == LINK_TCP)
- sock = socket(AF_INET, SOCK_STREAM, 0);
- else if (link_type == LINK_UDP)
- sock = socket(AF_INET, SOCK_DGRAM, 0);
- else
- {
+ if (link_type == LINK_TCP)
+ sock = socket(AF_INET, SOCK_STREAM, 0);
+ else if (link_type == LINK_UDP)
+ sock = socket(AF_INET, SOCK_DGRAM, 0);
+ else {
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/GetSocket(): ");
- fprintf(stderr, "incorrect link type\n");
+ fprintf(stderr, "PacketAlias/GetSocket(): ");
+ fprintf(stderr, "incorrect link type\n");
#endif
- return(0);
- }
+ return (0);
+ }
- if (sock < 0)
- {
+ if (sock < 0) {
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/GetSocket(): ");
- fprintf(stderr, "socket() error %d\n", *sockfd);
+ fprintf(stderr, "PacketAlias/GetSocket(): ");
+ fprintf(stderr, "socket() error %d\n", *sockfd);
#endif
- return(0);
- }
-
- sock_addr.sin_family = AF_INET;
- sock_addr.sin_addr.s_addr = htonl(INADDR_ANY);
- sock_addr.sin_port = port_net;
-
- err = bind(sock,
- (struct sockaddr *) &sock_addr,
- sizeof(sock_addr));
- if (err == 0)
- {
- la->sockCount++;
- *sockfd = sock;
- return(1);
- }
- else
- {
- close(sock);
- return(0);
- }
+ return (0);
+ }
+ sock_addr.sin_family = AF_INET;
+ sock_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+ sock_addr.sin_port = port_net;
+
+ err = bind(sock,
+ (struct sockaddr *)&sock_addr,
+ sizeof(sock_addr));
+ if (err == 0) {
+ la->sockCount++;
+ *sockfd = sock;
+ return (1);
+ } else {
+ close(sock);
+ return (0);
+ }
}
@@ -679,661 +656,612 @@ GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type)
int
FindNewPortGroup(struct libalias *la,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short src_port,
- u_short dst_port,
- u_short port_count,
- u_char proto,
- u_char align)
-{
- int i, j;
- int max_trials;
- u_short port_sys;
- int link_type;
-
- /*
- * Get link_type from protocol
- */
-
- switch (proto)
- {
- case IPPROTO_UDP:
- link_type = LINK_UDP;
- break;
- case IPPROTO_TCP:
- link_type = LINK_TCP;
- break;
- default:
- return (0);
- break;
- }
-
- /*
- * The aliasing port is automatically selected
- * by one of two methods below:
- */
- max_trials = GET_NEW_PORT_MAX_ATTEMPTS;
-
- if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) {
- /*
- * When the ALIAS_SAME_PORTS option is
- * chosen, the first try will be the
- * actual source port. If this is already
- * in use, the remainder of the trials
- * will be random.
- */
- port_sys = ntohs(src_port);
-
- } else {
-
- /* First trial and all subsequent are random. */
- if (align == FIND_EVEN_ALIAS_BASE)
- port_sys = random() & ALIAS_PORT_MASK_EVEN;
- else
- port_sys = random() & ALIAS_PORT_MASK;
-
- port_sys += ALIAS_PORT_BASE;
- }
+ struct in_addr dst_addr,
+ struct in_addr alias_addr,
+ u_short src_port,
+ u_short dst_port,
+ u_short port_count,
+ u_char proto,
+ u_char align)
+{
+ int i, j;
+ int max_trials;
+ u_short port_sys;
+ int link_type;
+
+ /*
+ * Get link_type from protocol
+ */
+
+ switch (proto) {
+ case IPPROTO_UDP:
+ link_type = LINK_UDP;
+ break;
+ case IPPROTO_TCP:
+ link_type = LINK_TCP;
+ break;
+ default:
+ return (0);
+ break;
+ }
+
+ /*
+ * The aliasing port is automatically selected by one of two
+ * methods below:
+ */
+ max_trials = GET_NEW_PORT_MAX_ATTEMPTS;
+
+ if (la->packetAliasMode & PKT_ALIAS_SAME_PORTS) {
+ /*
+ * When the ALIAS_SAME_PORTS option is chosen, the first
+ * try will be the actual source port. If this is already
+ * in use, the remainder of the trials will be random.
+ */
+ port_sys = ntohs(src_port);
+
+ } else {
+
+ /* First trial and all subsequent are random. */
+ if (align == FIND_EVEN_ALIAS_BASE)
+ port_sys = random() & ALIAS_PORT_MASK_EVEN;
+ else
+ port_sys = random() & ALIAS_PORT_MASK;
+
+ port_sys += ALIAS_PORT_BASE;
+ }
/* Port number search */
- for (i = 0; i < max_trials; i++) {
+ for (i = 0; i < max_trials; i++) {
- struct alias_link *search_result;
+ struct alias_link *search_result;
- for (j = 0; j < port_count; j++)
- if (0 != (search_result = FindLinkIn(la, dst_addr, alias_addr,
- dst_port, htons(port_sys + j),
- link_type, 0)))
- break;
+ for (j = 0; j < port_count; j++)
+ if (0 != (search_result = FindLinkIn(la, dst_addr, alias_addr,
+ dst_port, htons(port_sys + j),
+ link_type, 0)))
+ break;
- /* Found a good range, return base */
- if (j == port_count)
- return (htons(port_sys));
+ /* Found a good range, return base */
+ if (j == port_count)
+ return (htons(port_sys));
- /* Find a new base to try */
- if (align == FIND_EVEN_ALIAS_BASE)
- port_sys = random() & ALIAS_PORT_MASK_EVEN;
- else
- port_sys = random() & ALIAS_PORT_MASK;
+ /* Find a new base to try */
+ if (align == FIND_EVEN_ALIAS_BASE)
+ port_sys = random() & ALIAS_PORT_MASK_EVEN;
+ else
+ port_sys = random() & ALIAS_PORT_MASK;
- port_sys += ALIAS_PORT_BASE;
- }
+ port_sys += ALIAS_PORT_BASE;
+ }
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/FindNewPortGroup(): ");
- fprintf(stderr, "could not find free port(s)\n");
+ fprintf(stderr, "PacketAlias/FindNewPortGroup(): ");
+ fprintf(stderr, "could not find free port(s)\n");
#endif
- return(0);
+ return (0);
}
static void
CleanupAliasData(struct libalias *la)
{
- struct alias_link *link;
- int i, icount;
+ struct alias_link *link;
+ int i, icount;
- icount = 0;
- for (i=0; i<LINK_TABLE_OUT_SIZE; i++)
- {
- link = LIST_FIRST(&la->linkTableOut[i]);
- while (link != NULL)
- {
- struct alias_link *link_next;
- link_next = LIST_NEXT(link, list_out);
- icount++;
- DeleteLink(link);
- link = link_next;
- }
- }
+ icount = 0;
+ for (i = 0; i < LINK_TABLE_OUT_SIZE; i++) {
+ link = LIST_FIRST(&la->linkTableOut[i]);
+ while (link != NULL) {
+ struct alias_link *link_next;
- la->cleanupIndex =0;
+ link_next = LIST_NEXT(link, list_out);
+ icount++;
+ DeleteLink(link);
+ link = link_next;
+ }
+ }
+
+ la->cleanupIndex = 0;
}
static void
IncrementalCleanup(struct libalias *la)
{
- int icount;
- struct alias_link *link;
-
- icount = 0;
- link = LIST_FIRST(&la->linkTableOut[la->cleanupIndex++]);
- while (link != NULL)
- {
- int idelta;
- struct alias_link *link_next;
-
- link_next = LIST_NEXT(link, list_out);
- idelta = la->timeStamp - link->timestamp;
- switch (link->link_type)
- {
- case LINK_TCP:
- if (idelta > link->expire_time)
- {
- struct tcp_dat *tcp_aux;
-
- tcp_aux = link->data.tcp;
- if (tcp_aux->state.in != ALIAS_TCP_STATE_CONNECTED
- || tcp_aux->state.out != ALIAS_TCP_STATE_CONNECTED)
- {
- DeleteLink(link);
- icount++;
- }
- }
- break;
- default:
- if (idelta > link->expire_time)
- {
- DeleteLink(link);
- icount++;
- }
- break;
- }
- link = link_next;
- }
-
- if (la->cleanupIndex == LINK_TABLE_OUT_SIZE)
- la->cleanupIndex = 0;
+ int icount;
+ struct alias_link *link;
+
+ icount = 0;
+ link = LIST_FIRST(&la->linkTableOut[la->cleanupIndex++]);
+ while (link != NULL) {
+ int idelta;
+ struct alias_link *link_next;
+
+ link_next = LIST_NEXT(link, list_out);
+ idelta = la->timeStamp - link->timestamp;
+ switch (link->link_type) {
+ case LINK_TCP:
+ if (idelta > link->expire_time) {
+ struct tcp_dat *tcp_aux;
+
+ tcp_aux = link->data.tcp;
+ if (tcp_aux->state.in != ALIAS_TCP_STATE_CONNECTED
+ || tcp_aux->state.out != ALIAS_TCP_STATE_CONNECTED) {
+ DeleteLink(link);
+ icount++;
+ }
+ }
+ break;
+ default:
+ if (idelta > link->expire_time) {
+ DeleteLink(link);
+ icount++;
+ }
+ break;
+ }
+ link = link_next;
+ }
+
+ if (la->cleanupIndex == LINK_TABLE_OUT_SIZE)
+ la->cleanupIndex = 0;
}
static void
DeleteLink(struct alias_link *link)
{
- struct libalias *la = link->la;
+ struct libalias *la = link->la;
/* Don't do anything if the link is marked permanent */
- if (la->deleteAllLinks == 0 && link->flags & LINK_PERMANENT)
- return;
+ if (la->deleteAllLinks == 0 && link->flags & LINK_PERMANENT)
+ return;
#ifndef NO_FW_PUNCH
/* Delete associated firewall hole, if any */
- ClearFWHole(link);
+ ClearFWHole(link);
#endif
/* Free memory allocated for LSNAT server pool */
- if (link->server != NULL) {
- struct server *head, *curr, *next;
-
- head = curr = link->server;
- do {
- next = curr->next;
- free(curr);
- } while ((curr = next) != head);
- }
-
+ if (link->server != NULL) {
+ struct server *head, *curr, *next;
+
+ head = curr = link->server;
+ do {
+ next = curr->next;
+ free(curr);
+ } while ((curr = next) != head);
+ }
/* Adjust output table pointers */
- LIST_REMOVE(link, list_out);
+ LIST_REMOVE(link, list_out);
/* Adjust input table pointers */
- LIST_REMOVE(link, list_in);
+ LIST_REMOVE(link, list_in);
/* Close socket, if one has been allocated */
- if (link->sockfd != -1)
- {
- la->sockCount--;
- close(link->sockfd);
- }
-
+ if (link->sockfd != -1) {
+ la->sockCount--;
+ close(link->sockfd);
+ }
/* Link-type dependent cleanup */
- switch(link->link_type)
- {
- case LINK_ICMP:
- la->icmpLinkCount--;
- break;
- case LINK_UDP:
- la->udpLinkCount--;
- break;
- case LINK_TCP:
- la->tcpLinkCount--;
- free(link->data.tcp);
- break;
- case LINK_PPTP:
- la->pptpLinkCount--;
- break;
- case LINK_FRAGMENT_ID:
- la->fragmentIdLinkCount--;
- break;
- case LINK_FRAGMENT_PTR:
- la->fragmentPtrLinkCount--;
- if (link->data.frag_ptr != NULL)
- free(link->data.frag_ptr);
- break;
+ switch (link->link_type) {
+ case LINK_ICMP:
+ la->icmpLinkCount--;
+ break;
+ case LINK_UDP:
+ la->udpLinkCount--;
+ break;
+ case LINK_TCP:
+ la->tcpLinkCount--;
+ free(link->data.tcp);
+ break;
+ case LINK_PPTP:
+ la->pptpLinkCount--;
+ break;
+ case LINK_FRAGMENT_ID:
+ la->fragmentIdLinkCount--;
+ break;
+ case LINK_FRAGMENT_PTR:
+ la->fragmentPtrLinkCount--;
+ if (link->data.frag_ptr != NULL)
+ free(link->data.frag_ptr);
+ break;
case LINK_ADDR:
- break;
- default:
- la->protoLinkCount--;
- break;
- }
+ break;
+ default:
+ la->protoLinkCount--;
+ break;
+ }
/* Free memory */
- free(link);
+ free(link);
/* Write statistics, if logging enabled */
- if (la->packetAliasMode & PKT_ALIAS_LOG)
- {
- ShowAliasStats(la);
- }
+ if (la->packetAliasMode & PKT_ALIAS_LOG) {
+ ShowAliasStats(la);
+ }
}
static struct alias_link *
-AddLink(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short src_port,
- u_short dst_port,
- int alias_port_param, /* if less than zero, alias */
- int link_type) /* port will be automatically */
-{ /* chosen. If greater than */
- u_int start_point; /* zero, equal to alias port */
- struct alias_link *link;
-
- link = malloc(sizeof(struct alias_link));
- if (link != NULL)
- {
- /* Basic initialization */
- link->la = la;
- link->src_addr = src_addr;
- link->dst_addr = dst_addr;
- link->alias_addr = alias_addr;
- link->proxy_addr.s_addr = INADDR_ANY;
- link->src_port = src_port;
- link->dst_port = dst_port;
- link->proxy_port = 0;
- link->server = NULL;
- link->link_type = link_type;
- link->sockfd = -1;
- link->flags = 0;
- link->pflags = 0;
- link->timestamp = la->timeStamp;
-
- /* Expiration time */
- switch (link_type)
- {
- case LINK_ICMP:
- link->expire_time = ICMP_EXPIRE_TIME;
- break;
- case LINK_UDP:
- link->expire_time = UDP_EXPIRE_TIME;
- break;
- case LINK_TCP:
- link->expire_time = TCP_EXPIRE_INITIAL;
- break;
- case LINK_PPTP:
- link->flags |= LINK_PERMANENT; /* no timeout. */
- break;
- case LINK_FRAGMENT_ID:
- link->expire_time = FRAGMENT_ID_EXPIRE_TIME;
- break;
- case LINK_FRAGMENT_PTR:
- link->expire_time = FRAGMENT_PTR_EXPIRE_TIME;
- break;
- case LINK_ADDR:
- break;
- default:
- link->expire_time = PROTO_EXPIRE_TIME;
- break;
- }
-
- /* Determine alias flags */
- if (dst_addr.s_addr == INADDR_ANY)
- link->flags |= LINK_UNKNOWN_DEST_ADDR;
- if (dst_port == 0)
- link->flags |= LINK_UNKNOWN_DEST_PORT;
-
- /* Determine alias port */
- if (GetNewPort(la, link, alias_port_param) != 0)
- {
- free(link);
- return(NULL);
- }
-
- /* Link-type dependent initialization */
- switch(link_type)
- {
- struct tcp_dat *aux_tcp;
-
- case LINK_ICMP:
- la->icmpLinkCount++;
- break;
- case LINK_UDP:
- la->udpLinkCount++;
- break;
- case LINK_TCP:
- aux_tcp = malloc(sizeof(struct tcp_dat));
- if (aux_tcp != NULL)
- {
- int i;
-
- la->tcpLinkCount++;
- aux_tcp->state.in = ALIAS_TCP_STATE_NOT_CONNECTED;
- aux_tcp->state.out = ALIAS_TCP_STATE_NOT_CONNECTED;
- aux_tcp->state.index = 0;
- aux_tcp->state.ack_modified = 0;
- for (i=0; i<N_LINK_TCP_DATA; i++)
- aux_tcp->ack[i].active = 0;
- aux_tcp->fwhole = -1;
- link->data.tcp = aux_tcp;
- }
- else
- {
+AddLink(struct libalias *la, struct in_addr src_addr,
+ struct in_addr dst_addr,
+ struct in_addr alias_addr,
+ u_short src_port,
+ u_short dst_port,
+ int alias_port_param, /* if less than zero, alias */
+ int link_type)
+{ /* port will be automatically *//* chosen.
+ * If greater than */
+ u_int start_point; /* zero, equal to alias port */
+ struct alias_link *link;
+
+ link = malloc(sizeof(struct alias_link));
+ if (link != NULL) {
+ /* Basic initialization */
+ link->la = la;
+ link->src_addr = src_addr;
+ link->dst_addr = dst_addr;
+ link->alias_addr = alias_addr;
+ link->proxy_addr.s_addr = INADDR_ANY;
+ link->src_port = src_port;
+ link->dst_port = dst_port;
+ link->proxy_port = 0;
+ link->server = NULL;
+ link->link_type = link_type;
+ link->sockfd = -1;
+ link->flags = 0;
+ link->pflags = 0;
+ link->timestamp = la->timeStamp;
+
+ /* Expiration time */
+ switch (link_type) {
+ case LINK_ICMP:
+ link->expire_time = ICMP_EXPIRE_TIME;
+ break;
+ case LINK_UDP:
+ link->expire_time = UDP_EXPIRE_TIME;
+ break;
+ case LINK_TCP:
+ link->expire_time = TCP_EXPIRE_INITIAL;
+ break;
+ case LINK_PPTP:
+ link->flags |= LINK_PERMANENT; /* no timeout. */
+ break;
+ case LINK_FRAGMENT_ID:
+ link->expire_time = FRAGMENT_ID_EXPIRE_TIME;
+ break;
+ case LINK_FRAGMENT_PTR:
+ link->expire_time = FRAGMENT_PTR_EXPIRE_TIME;
+ break;
+ case LINK_ADDR:
+ break;
+ default:
+ link->expire_time = PROTO_EXPIRE_TIME;
+ break;
+ }
+
+ /* Determine alias flags */
+ if (dst_addr.s_addr == INADDR_ANY)
+ link->flags |= LINK_UNKNOWN_DEST_ADDR;
+ if (dst_port == 0)
+ link->flags |= LINK_UNKNOWN_DEST_PORT;
+
+ /* Determine alias port */
+ if (GetNewPort(la, link, alias_port_param) != 0) {
+ free(link);
+ return (NULL);
+ }
+ /* Link-type dependent initialization */
+ switch (link_type) {
+ struct tcp_dat *aux_tcp;
+
+ case LINK_ICMP:
+ la->icmpLinkCount++;
+ break;
+ case LINK_UDP:
+ la->udpLinkCount++;
+ break;
+ case LINK_TCP:
+ aux_tcp = malloc(sizeof(struct tcp_dat));
+ if (aux_tcp != NULL) {
+ int i;
+
+ la->tcpLinkCount++;
+ aux_tcp->state.in = ALIAS_TCP_STATE_NOT_CONNECTED;
+ aux_tcp->state.out = ALIAS_TCP_STATE_NOT_CONNECTED;
+ aux_tcp->state.index = 0;
+ aux_tcp->state.ack_modified = 0;
+ for (i = 0; i < N_LINK_TCP_DATA; i++)
+ aux_tcp->ack[i].active = 0;
+ aux_tcp->fwhole = -1;
+ link->data.tcp = aux_tcp;
+ } else {
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/AddLink: ");
- fprintf(stderr, " cannot allocate auxiliary TCP data\n");
+ fprintf(stderr, "PacketAlias/AddLink: ");
+ fprintf(stderr, " cannot allocate auxiliary TCP data\n");
#endif
- free(link);
- return (NULL);
- }
- break;
- case LINK_PPTP:
- la->pptpLinkCount++;
- break;
- case LINK_FRAGMENT_ID:
- la->fragmentIdLinkCount++;
- break;
- case LINK_FRAGMENT_PTR:
- la->fragmentPtrLinkCount++;
- break;
- case LINK_ADDR:
- break;
- default:
- la->protoLinkCount++;
- break;
- }
-
- /* Set up pointers for output lookup table */
- start_point = StartPointOut(src_addr, dst_addr,
- src_port, dst_port, link_type);
- LIST_INSERT_HEAD(&la->linkTableOut[start_point], link, list_out);
-
- /* Set up pointers for input lookup table */
- start_point = StartPointIn(alias_addr, link->alias_port, link_type);
- LIST_INSERT_HEAD(&la->linkTableIn[start_point], link, list_in);
- }
- else
- {
+ free(link);
+ return (NULL);
+ }
+ break;
+ case LINK_PPTP:
+ la->pptpLinkCount++;
+ break;
+ case LINK_FRAGMENT_ID:
+ la->fragmentIdLinkCount++;
+ break;
+ case LINK_FRAGMENT_PTR:
+ la->fragmentPtrLinkCount++;
+ break;
+ case LINK_ADDR:
+ break;
+ default:
+ la->protoLinkCount++;
+ break;
+ }
+
+ /* Set up pointers for output lookup table */
+ start_point = StartPointOut(src_addr, dst_addr,
+ src_port, dst_port, link_type);
+ LIST_INSERT_HEAD(&la->linkTableOut[start_point], link, list_out);
+
+ /* Set up pointers for input lookup table */
+ start_point = StartPointIn(alias_addr, link->alias_port, link_type);
+ LIST_INSERT_HEAD(&la->linkTableIn[start_point], link, list_in);
+ } else {
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/AddLink(): ");
- fprintf(stderr, "malloc() call failed.\n");
+ fprintf(stderr, "PacketAlias/AddLink(): ");
+ fprintf(stderr, "malloc() call failed.\n");
#endif
- }
-
- if (la->packetAliasMode & PKT_ALIAS_LOG)
- {
- ShowAliasStats(la);
- }
+ }
- return(link);
+ if (la->packetAliasMode & PKT_ALIAS_LOG) {
+ ShowAliasStats(la);
+ }
+ return (link);
}
static struct alias_link *
ReLink(struct alias_link *old_link,
- struct in_addr src_addr,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short src_port,
- u_short dst_port,
- int alias_port_param, /* if less than zero, alias */
- int link_type) /* port will be automatically */
-{ /* chosen. If greater than */
- struct alias_link *new_link; /* zero, equal to alias port */
- struct libalias *la = old_link->la;
-
- new_link = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, dst_port, alias_port_param,
- link_type);
+ struct in_addr src_addr,
+ struct in_addr dst_addr,
+ struct in_addr alias_addr,
+ u_short src_port,
+ u_short dst_port,
+ int alias_port_param, /* if less than zero, alias */
+ int link_type)
+{ /* port will be automatically *//* chosen.
+ * If greater than */
+ struct alias_link *new_link; /* zero, equal to alias port */
+ struct libalias *la = old_link->la;
+
+ new_link = AddLink(la, src_addr, dst_addr, alias_addr,
+ src_port, dst_port, alias_port_param,
+ link_type);
#ifndef NO_FW_PUNCH
- if (new_link != NULL &&
- old_link->link_type == LINK_TCP &&
- old_link->data.tcp->fwhole > 0) {
- PunchFWHole(new_link);
- }
+ if (new_link != NULL &&
+ old_link->link_type == LINK_TCP &&
+ old_link->data.tcp->fwhole > 0) {
+ PunchFWHole(new_link);
+ }
#endif
- DeleteLink(old_link);
- return new_link;
+ DeleteLink(old_link);
+ return new_link;
}
static struct alias_link *
_FindLinkOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short dst_port,
- int link_type,
- int replace_partial_links)
-{
- u_int i;
- struct alias_link *link;
-
- i = StartPointOut(src_addr, dst_addr, src_port, dst_port, link_type);
- LIST_FOREACH(link, &la->linkTableOut[i], list_out)
- {
- if (link->src_addr.s_addr == src_addr.s_addr
- && link->server == NULL
- && link->dst_addr.s_addr == dst_addr.s_addr
- && link->dst_port == dst_port
- && link->src_port == src_port
- && link->link_type == link_type)
- {
- link->timestamp = la->timeStamp;
- break;
- }
- }
+ struct in_addr dst_addr,
+ u_short src_port,
+ u_short dst_port,
+ int link_type,
+ int replace_partial_links)
+{
+ u_int i;
+ struct alias_link *link;
+
+ i = StartPointOut(src_addr, dst_addr, src_port, dst_port, link_type);
+ LIST_FOREACH(link, &la->linkTableOut[i], list_out) {
+ if (link->src_addr.s_addr == src_addr.s_addr
+ && link->server == NULL
+ && link->dst_addr.s_addr == dst_addr.s_addr
+ && link->dst_port == dst_port
+ && link->src_port == src_port
+ && link->link_type == link_type) {
+ link->timestamp = la->timeStamp;
+ break;
+ }
+ }
/* Search for partially specified links. */
- if (link == NULL && replace_partial_links)
- {
- if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY)
- {
- link = _FindLinkOut(la, src_addr, dst_addr, src_port, 0,
- link_type, 0);
- if (link == NULL)
- link = _FindLinkOut(la, src_addr, la->nullAddress, src_port,
- dst_port, link_type, 0);
- }
- if (link == NULL &&
- (dst_port != 0 || dst_addr.s_addr != INADDR_ANY))
- {
- link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0,
- link_type, 0);
- }
- if (link != NULL)
- {
- link = ReLink(link,
- src_addr, dst_addr, link->alias_addr,
- src_port, dst_port, link->alias_port,
- link_type);
- }
- }
-
- return(link);
+ if (link == NULL && replace_partial_links) {
+ if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY) {
+ link = _FindLinkOut(la, src_addr, dst_addr, src_port, 0,
+ link_type, 0);
+ if (link == NULL)
+ link = _FindLinkOut(la, src_addr, la->nullAddress, src_port,
+ dst_port, link_type, 0);
+ }
+ if (link == NULL &&
+ (dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) {
+ link = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0,
+ link_type, 0);
+ }
+ if (link != NULL) {
+ link = ReLink(link,
+ src_addr, dst_addr, link->alias_addr,
+ src_port, dst_port, link->alias_port,
+ link_type);
+ }
+ }
+ return (link);
}
static struct alias_link *
FindLinkOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short dst_port,
- int link_type,
- int replace_partial_links)
-{
- struct alias_link *link;
-
- link = _FindLinkOut(la, src_addr, dst_addr, src_port, dst_port,
- link_type, replace_partial_links);
-
- if (link == NULL)
- {
- /* The following allows permanent links to be
- specified as using the default source address
- (i.e. device interface address) without knowing
- in advance what that address is. */
- if (la->aliasAddress.s_addr != INADDR_ANY &&
- src_addr.s_addr == la->aliasAddress.s_addr)
- {
- link = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port,
- link_type, replace_partial_links);
- }
- }
-
- return(link);
+ struct in_addr dst_addr,
+ u_short src_port,
+ u_short dst_port,
+ int link_type,
+ int replace_partial_links)
+{
+ struct alias_link *link;
+
+ link = _FindLinkOut(la, src_addr, dst_addr, src_port, dst_port,
+ link_type, replace_partial_links);
+
+ if (link == NULL) {
+ /*
+ * The following allows permanent links to be specified as
+ * using the default source address (i.e. device interface
+ * address) without knowing in advance what that address
+ * is.
+ */
+ if (la->aliasAddress.s_addr != INADDR_ANY &&
+ src_addr.s_addr == la->aliasAddress.s_addr) {
+ link = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port,
+ link_type, replace_partial_links);
+ }
+ }
+ return (link);
}
static struct alias_link *
_FindLinkIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short dst_port,
- u_short alias_port,
- int link_type,
- int replace_partial_links)
-{
- int flags_in;
- u_int start_point;
- struct alias_link *link;
- struct alias_link *link_fully_specified;
- struct alias_link *link_unknown_all;
- struct alias_link *link_unknown_dst_addr;
- struct alias_link *link_unknown_dst_port;
+ struct in_addr alias_addr,
+ u_short dst_port,
+ u_short alias_port,
+ int link_type,
+ int replace_partial_links)
+{
+ int flags_in;
+ u_int start_point;
+ struct alias_link *link;
+ struct alias_link *link_fully_specified;
+ struct alias_link *link_unknown_all;
+ struct alias_link *link_unknown_dst_addr;
+ struct alias_link *link_unknown_dst_port;
/* Initialize pointers */
- link_fully_specified = NULL;
- link_unknown_all = NULL;
- link_unknown_dst_addr = NULL;
- link_unknown_dst_port = NULL;
+ link_fully_specified = NULL;
+ link_unknown_all = NULL;
+ link_unknown_dst_addr = NULL;
+ link_unknown_dst_port = NULL;
/* If either the dest addr or port is unknown, the search
loop will have to know about this. */
- flags_in = 0;
- if (dst_addr.s_addr == INADDR_ANY)
- flags_in |= LINK_UNKNOWN_DEST_ADDR;
- if (dst_port == 0)
- flags_in |= LINK_UNKNOWN_DEST_PORT;
+ flags_in = 0;
+ if (dst_addr.s_addr == INADDR_ANY)
+ flags_in |= LINK_UNKNOWN_DEST_ADDR;
+ if (dst_port == 0)
+ flags_in |= LINK_UNKNOWN_DEST_PORT;
/* Search loop */
- start_point = StartPointIn(alias_addr, alias_port, link_type);
- LIST_FOREACH(link, &la->linkTableIn[start_point], list_in)
- {
- int flags;
-
- flags = flags_in | link->flags;
- if (!(flags & LINK_PARTIALLY_SPECIFIED))
- {
- if (link->alias_addr.s_addr == alias_addr.s_addr
- && link->alias_port == alias_port
- && link->dst_addr.s_addr == dst_addr.s_addr
- && link->dst_port == dst_port
- && link->link_type == link_type)
- {
- link_fully_specified = link;
- break;
- }
- }
- else if ((flags & LINK_UNKNOWN_DEST_ADDR)
- && (flags & LINK_UNKNOWN_DEST_PORT))
- {
- if (link->alias_addr.s_addr == alias_addr.s_addr
- && link->alias_port == alias_port
- && link->link_type == link_type)
- {
- if (link_unknown_all == NULL)
- link_unknown_all = link;
- }
- }
- else if (flags & LINK_UNKNOWN_DEST_ADDR)
- {
- if (link->alias_addr.s_addr == alias_addr.s_addr
- && link->alias_port == alias_port
- && link->link_type == link_type
- && link->dst_port == dst_port)
- {
- if (link_unknown_dst_addr == NULL)
- link_unknown_dst_addr = link;
- }
- }
- else if (flags & LINK_UNKNOWN_DEST_PORT)
- {
- if (link->alias_addr.s_addr == alias_addr.s_addr
- && link->alias_port == alias_port
- && link->link_type == link_type
- && link->dst_addr.s_addr == dst_addr.s_addr)
- {
- if (link_unknown_dst_port == NULL)
- link_unknown_dst_port = link;
- }
- }
- }
-
-
-
- if (link_fully_specified != NULL)
- {
- link_fully_specified->timestamp = la->timeStamp;
- link = link_fully_specified;
- }
- else if (link_unknown_dst_port != NULL)
- link = link_unknown_dst_port;
- else if (link_unknown_dst_addr != NULL)
- link = link_unknown_dst_addr;
- else if (link_unknown_all != NULL)
- link = link_unknown_all;
- else
- return (NULL);
-
- if (replace_partial_links &&
- (link->flags & LINK_PARTIALLY_SPECIFIED || link->server != NULL))
- {
- struct in_addr src_addr;
- u_short src_port;
-
- if (link->server != NULL) { /* LSNAT link */
- src_addr = link->server->addr;
- src_port = link->server->port;
- link->server = link->server->next;
- } else {
- src_addr = link->src_addr;
- src_port = link->src_port;
+ start_point = StartPointIn(alias_addr, alias_port, link_type);
+ LIST_FOREACH(link, &la->linkTableIn[start_point], list_in) {
+ int flags;
+
+ flags = flags_in | link->flags;
+ if (!(flags & LINK_PARTIALLY_SPECIFIED)) {
+ if (link->alias_addr.s_addr == alias_addr.s_addr
+ && link->alias_port == alias_port
+ && link->dst_addr.s_addr == dst_addr.s_addr
+ && link->dst_port == dst_port
+ && link->link_type == link_type) {
+ link_fully_specified = link;
+ break;
+ }
+ } else if ((flags & LINK_UNKNOWN_DEST_ADDR)
+ && (flags & LINK_UNKNOWN_DEST_PORT)) {
+ if (link->alias_addr.s_addr == alias_addr.s_addr
+ && link->alias_port == alias_port
+ && link->link_type == link_type) {
+ if (link_unknown_all == NULL)
+ link_unknown_all = link;
+ }
+ } else if (flags & LINK_UNKNOWN_DEST_ADDR) {
+ if (link->alias_addr.s_addr == alias_addr.s_addr
+ && link->alias_port == alias_port
+ && link->link_type == link_type
+ && link->dst_port == dst_port) {
+ if (link_unknown_dst_addr == NULL)
+ link_unknown_dst_addr = link;
+ }
+ } else if (flags & LINK_UNKNOWN_DEST_PORT) {
+ if (link->alias_addr.s_addr == alias_addr.s_addr
+ && link->alias_port == alias_port
+ && link->link_type == link_type
+ && link->dst_addr.s_addr == dst_addr.s_addr) {
+ if (link_unknown_dst_port == NULL)
+ link_unknown_dst_port = link;
+ }
+ }
}
- link = ReLink(link,
- src_addr, dst_addr, alias_addr,
- src_port, dst_port, alias_port,
- link_type);
- }
- return (link);
+
+ if (link_fully_specified != NULL) {
+ link_fully_specified->timestamp = la->timeStamp;
+ link = link_fully_specified;
+ } else if (link_unknown_dst_port != NULL)
+ link = link_unknown_dst_port;
+ else if (link_unknown_dst_addr != NULL)
+ link = link_unknown_dst_addr;
+ else if (link_unknown_all != NULL)
+ link = link_unknown_all;
+ else
+ return (NULL);
+
+ if (replace_partial_links &&
+ (link->flags & LINK_PARTIALLY_SPECIFIED || link->server != NULL)) {
+ struct in_addr src_addr;
+ u_short src_port;
+
+ if (link->server != NULL) { /* LSNAT link */
+ src_addr = link->server->addr;
+ src_port = link->server->port;
+ link->server = link->server->next;
+ } else {
+ src_addr = link->src_addr;
+ src_port = link->src_port;
+ }
+
+ link = ReLink(link,
+ src_addr, dst_addr, alias_addr,
+ src_port, dst_port, alias_port,
+ link_type);
+ }
+ return (link);
}
static struct alias_link *
FindLinkIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short dst_port,
- u_short alias_port,
- int link_type,
- int replace_partial_links)
-{
- struct alias_link *link;
-
- link = _FindLinkIn(la, dst_addr, alias_addr, dst_port, alias_port,
- link_type, replace_partial_links);
-
- if (link == NULL)
- {
- /* The following allows permanent links to be
- specified as using the default aliasing address
- (i.e. device interface address) without knowing
- in advance what that address is. */
- if (la->aliasAddress.s_addr != INADDR_ANY &&
- alias_addr.s_addr == la->aliasAddress.s_addr)
- {
- link = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port,
- link_type, replace_partial_links);
- }
- }
-
- return(link);
+ struct in_addr alias_addr,
+ u_short dst_port,
+ u_short alias_port,
+ int link_type,
+ int replace_partial_links)
+{
+ struct alias_link *link;
+
+ link = _FindLinkIn(la, dst_addr, alias_addr, dst_port, alias_port,
+ link_type, replace_partial_links);
+
+ if (link == NULL) {
+ /*
+ * The following allows permanent links to be specified as
+ * using the default aliasing address (i.e. device
+ * interface address) without knowing in advance what that
+ * address is.
+ */
+ if (la->aliasAddress.s_addr != INADDR_ANY &&
+ alias_addr.s_addr == la->aliasAddress.s_addr) {
+ link = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port,
+ link_type, replace_partial_links);
+ }
+ }
+ return (link);
}
@@ -1358,425 +1286,401 @@ FindLinkIn(struct libalias *la, struct in_addr dst_addr,
struct alias_link *
FindIcmpIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short id_alias,
- int create)
-{
- struct alias_link *link;
-
- link = FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, id_alias,
- LINK_ICMP, 0);
- if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING))
- {
- struct in_addr target_addr;
-
- target_addr = FindOriginalAddress(la, alias_addr);
- link = AddLink(la, target_addr, dst_addr, alias_addr,
- id_alias, NO_DEST_PORT, id_alias,
- LINK_ICMP);
- }
-
- return (link);
+ struct in_addr alias_addr,
+ u_short id_alias,
+ int create)
+{
+ struct alias_link *link;
+
+ link = FindLinkIn(la, dst_addr, alias_addr,
+ NO_DEST_PORT, id_alias,
+ LINK_ICMP, 0);
+ if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
+ struct in_addr target_addr;
+
+ target_addr = FindOriginalAddress(la, alias_addr);
+ link = AddLink(la, target_addr, dst_addr, alias_addr,
+ id_alias, NO_DEST_PORT, id_alias,
+ LINK_ICMP);
+ }
+ return (link);
}
struct alias_link *
FindIcmpOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short id,
- int create)
-{
- struct alias_link * link;
-
- link = FindLinkOut(la, src_addr, dst_addr,
- id, NO_DEST_PORT,
- LINK_ICMP, 0);
- if (link == NULL && create)
- {
- struct in_addr alias_addr;
-
- alias_addr = FindAliasAddress(la, src_addr);
- link = AddLink(la, src_addr, dst_addr, alias_addr,
- id, NO_DEST_PORT, GET_ALIAS_ID,
- LINK_ICMP);
- }
-
- return(link);
+ struct in_addr dst_addr,
+ u_short id,
+ int create)
+{
+ struct alias_link *link;
+
+ link = FindLinkOut(la, src_addr, dst_addr,
+ id, NO_DEST_PORT,
+ LINK_ICMP, 0);
+ if (link == NULL && create) {
+ struct in_addr alias_addr;
+
+ alias_addr = FindAliasAddress(la, src_addr);
+ link = AddLink(la, src_addr, dst_addr, alias_addr,
+ id, NO_DEST_PORT, GET_ALIAS_ID,
+ LINK_ICMP);
+ }
+ return (link);
}
struct alias_link *
FindFragmentIn1(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short ip_id)
+ struct in_addr alias_addr,
+ u_short ip_id)
{
- struct alias_link *link;
-
- link = FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, ip_id,
- LINK_FRAGMENT_ID, 0);
+ struct alias_link *link;
- if (link == NULL)
- {
- link = AddLink(la, la->nullAddress, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, ip_id,
- LINK_FRAGMENT_ID);
- }
+ link = FindLinkIn(la, dst_addr, alias_addr,
+ NO_DEST_PORT, ip_id,
+ LINK_FRAGMENT_ID, 0);
- return(link);
+ if (link == NULL) {
+ link = AddLink(la, la->nullAddress, dst_addr, alias_addr,
+ NO_SRC_PORT, NO_DEST_PORT, ip_id,
+ LINK_FRAGMENT_ID);
+ }
+ return (link);
}
struct alias_link *
-FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if one */
- struct in_addr alias_addr, /* is not found. */
- u_short ip_id)
+FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if
+ * one */
+ struct in_addr alias_addr, /* is not found. */
+ u_short ip_id)
{
- return FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, ip_id,
- LINK_FRAGMENT_ID, 0);
+ return FindLinkIn(la, dst_addr, alias_addr,
+ NO_DEST_PORT, ip_id,
+ LINK_FRAGMENT_ID, 0);
}
struct alias_link *
AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr,
- u_short ip_id)
+ u_short ip_id)
{
- return AddLink(la, la->nullAddress, dst_addr, la->nullAddress,
- NO_SRC_PORT, NO_DEST_PORT, ip_id,
- LINK_FRAGMENT_PTR);
+ return AddLink(la, la->nullAddress, dst_addr, la->nullAddress,
+ NO_SRC_PORT, NO_DEST_PORT, ip_id,
+ LINK_FRAGMENT_PTR);
}
struct alias_link *
FindFragmentPtr(struct libalias *la, struct in_addr dst_addr,
- u_short ip_id)
+ u_short ip_id)
{
- return FindLinkIn(la, dst_addr, la->nullAddress,
- NO_DEST_PORT, ip_id,
- LINK_FRAGMENT_PTR, 0);
+ return FindLinkIn(la, dst_addr, la->nullAddress,
+ NO_DEST_PORT, ip_id,
+ LINK_FRAGMENT_PTR, 0);
}
struct alias_link *
FindProtoIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_char proto)
+ struct in_addr alias_addr,
+ u_char proto)
{
- struct alias_link *link;
+ struct alias_link *link;
- link = FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, 0,
- proto, 1);
+ link = FindLinkIn(la, dst_addr, alias_addr,
+ NO_DEST_PORT, 0,
+ proto, 1);
- if (link == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING))
- {
- struct in_addr target_addr;
+ if (link == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
+ struct in_addr target_addr;
- target_addr = FindOriginalAddress(la, alias_addr);
- link = AddLink(la, target_addr, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, 0,
- proto);
- }
-
- return (link);
+ target_addr = FindOriginalAddress(la, alias_addr);
+ link = AddLink(la, target_addr, dst_addr, alias_addr,
+ NO_SRC_PORT, NO_DEST_PORT, 0,
+ proto);
+ }
+ return (link);
}
struct alias_link *
FindProtoOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_char proto)
+ struct in_addr dst_addr,
+ u_char proto)
{
- struct alias_link *link;
-
- link = FindLinkOut(la, src_addr, dst_addr,
- NO_SRC_PORT, NO_DEST_PORT,
- proto, 1);
+ struct alias_link *link;
- if (link == NULL)
- {
- struct in_addr alias_addr;
+ link = FindLinkOut(la, src_addr, dst_addr,
+ NO_SRC_PORT, NO_DEST_PORT,
+ proto, 1);
- alias_addr = FindAliasAddress(la, src_addr);
- link = AddLink(la, src_addr, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, 0,
- proto);
- }
+ if (link == NULL) {
+ struct in_addr alias_addr;
- return (link);
+ alias_addr = FindAliasAddress(la, src_addr);
+ link = AddLink(la, src_addr, dst_addr, alias_addr,
+ NO_SRC_PORT, NO_DEST_PORT, 0,
+ proto);
+ }
+ return (link);
}
struct alias_link *
FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short dst_port,
- u_short alias_port,
- u_char proto,
- int create)
-{
- int link_type;
- struct alias_link *link;
-
- switch (proto)
- {
- case IPPROTO_UDP:
- link_type = LINK_UDP;
- break;
- case IPPROTO_TCP:
- link_type = LINK_TCP;
- break;
- default:
- return NULL;
- break;
- }
-
- link = FindLinkIn(la, dst_addr, alias_addr,
- dst_port, alias_port,
- link_type, create);
-
- if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING))
- {
- struct in_addr target_addr;
-
- target_addr = FindOriginalAddress(la, alias_addr);
- link = AddLink(la, target_addr, dst_addr, alias_addr,
- alias_port, dst_port, alias_port,
- link_type);
- }
-
- return(link);
-}
+ struct in_addr alias_addr,
+ u_short dst_port,
+ u_short alias_port,
+ u_char proto,
+ int create)
+{
+ int link_type;
+ struct alias_link *link;
+
+ switch (proto) {
+ case IPPROTO_UDP:
+ link_type = LINK_UDP;
+ break;
+ case IPPROTO_TCP:
+ link_type = LINK_TCP;
+ break;
+ default:
+ return NULL;
+ break;
+ }
+ link = FindLinkIn(la, dst_addr, alias_addr,
+ dst_port, alias_port,
+ link_type, create);
-struct alias_link *
-FindUdpTcpOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short dst_port,
- u_char proto,
- int create)
-{
- int link_type;
- struct alias_link *link;
+ if (link == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
+ struct in_addr target_addr;
+
+ target_addr = FindOriginalAddress(la, alias_addr);
+ link = AddLink(la, target_addr, dst_addr, alias_addr,
+ alias_port, dst_port, alias_port,
+ link_type);
+ }
+ return (link);
+}
- switch (proto)
- {
- case IPPROTO_UDP:
- link_type = LINK_UDP;
- break;
- case IPPROTO_TCP:
- link_type = LINK_TCP;
- break;
- default:
- return NULL;
- break;
- }
- link = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create);
+struct alias_link *
+FindUdpTcpOut(struct libalias *la, struct in_addr src_addr,
+ struct in_addr dst_addr,
+ u_short src_port,
+ u_short dst_port,
+ u_char proto,
+ int create)
+{
+ int link_type;
+ struct alias_link *link;
+
+ switch (proto) {
+ case IPPROTO_UDP:
+ link_type = LINK_UDP;
+ break;
+ case IPPROTO_TCP:
+ link_type = LINK_TCP;
+ break;
+ default:
+ return NULL;
+ break;
+ }
- if (link == NULL && create)
- {
- struct in_addr alias_addr;
+ link = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create);
- alias_addr = FindAliasAddress(la, src_addr);
- link = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, dst_port, GET_ALIAS_PORT,
- link_type);
- }
+ if (link == NULL && create) {
+ struct in_addr alias_addr;
- return(link);
+ alias_addr = FindAliasAddress(la, src_addr);
+ link = AddLink(la, src_addr, dst_addr, alias_addr,
+ src_port, dst_port, GET_ALIAS_PORT,
+ link_type);
+ }
+ return (link);
}
struct alias_link *
-AddPptp(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_int16_t src_call_id)
+AddPptp(struct libalias *la, struct in_addr src_addr,
+ struct in_addr dst_addr,
+ struct in_addr alias_addr,
+ u_int16_t src_call_id)
{
- struct alias_link *link;
+ struct alias_link *link;
- link = AddLink(la, src_addr, dst_addr, alias_addr,
- src_call_id, 0, GET_ALIAS_PORT,
- LINK_PPTP);
+ link = AddLink(la, src_addr, dst_addr, alias_addr,
+ src_call_id, 0, GET_ALIAS_PORT,
+ LINK_PPTP);
- return (link);
+ return (link);
}
struct alias_link *
FindPptpOutByCallId(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_int16_t src_call_id)
+ struct in_addr dst_addr,
+ u_int16_t src_call_id)
{
- u_int i;
- struct alias_link *link;
+ u_int i;
+ struct alias_link *link;
- i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP);
- LIST_FOREACH(link, &la->linkTableOut[i], list_out)
- if (link->link_type == LINK_PPTP &&
+ i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP);
+ LIST_FOREACH(link, &la->linkTableOut[i], list_out)
+ if (link->link_type == LINK_PPTP &&
link->src_addr.s_addr == src_addr.s_addr &&
link->dst_addr.s_addr == dst_addr.s_addr &&
link->src_port == src_call_id)
break;
- return (link);
+ return (link);
}
struct alias_link *
FindPptpOutByPeerCallId(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_int16_t dst_call_id)
+ struct in_addr dst_addr,
+ u_int16_t dst_call_id)
{
- u_int i;
- struct alias_link *link;
+ u_int i;
+ struct alias_link *link;
- i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP);
- LIST_FOREACH(link, &la->linkTableOut[i], list_out)
- if (link->link_type == LINK_PPTP &&
+ i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP);
+ LIST_FOREACH(link, &la->linkTableOut[i], list_out)
+ if (link->link_type == LINK_PPTP &&
link->src_addr.s_addr == src_addr.s_addr &&
link->dst_addr.s_addr == dst_addr.s_addr &&
link->dst_port == dst_call_id)
break;
- return (link);
+ return (link);
}
struct alias_link *
FindPptpInByCallId(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_int16_t dst_call_id)
+ struct in_addr alias_addr,
+ u_int16_t dst_call_id)
{
- u_int i;
- struct alias_link *link;
+ u_int i;
+ struct alias_link *link;
- i = StartPointIn(alias_addr, 0, LINK_PPTP);
- LIST_FOREACH(link, &la->linkTableIn[i], list_in)
- if (link->link_type == LINK_PPTP &&
+ i = StartPointIn(alias_addr, 0, LINK_PPTP);
+ LIST_FOREACH(link, &la->linkTableIn[i], list_in)
+ if (link->link_type == LINK_PPTP &&
link->dst_addr.s_addr == dst_addr.s_addr &&
link->alias_addr.s_addr == alias_addr.s_addr &&
link->dst_port == dst_call_id)
break;
- return (link);
+ return (link);
}
struct alias_link *
FindPptpInByPeerCallId(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_int16_t alias_call_id)
+ struct in_addr alias_addr,
+ u_int16_t alias_call_id)
{
- struct alias_link *link;
+ struct alias_link *link;
- link = FindLinkIn(la, dst_addr, alias_addr,
- 0/* any */, alias_call_id,
- LINK_PPTP, 0);
+ link = FindLinkIn(la, dst_addr, alias_addr,
+ 0 /* any */ , alias_call_id,
+ LINK_PPTP, 0);
- return (link);
+ return (link);
}
struct alias_link *
-FindRtspOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short alias_port,
- u_char proto)
-{
- int link_type;
- struct alias_link *link;
-
- switch (proto)
- {
- case IPPROTO_UDP:
- link_type = LINK_UDP;
- break;
- case IPPROTO_TCP:
- link_type = LINK_TCP;
- break;
- default:
- return NULL;
- break;
- }
-
- link = FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 1);
+FindRtspOut(struct libalias *la, struct in_addr src_addr,
+ struct in_addr dst_addr,
+ u_short src_port,
+ u_short alias_port,
+ u_char proto)
+{
+ int link_type;
+ struct alias_link *link;
+
+ switch (proto) {
+ case IPPROTO_UDP:
+ link_type = LINK_UDP;
+ break;
+ case IPPROTO_TCP:
+ link_type = LINK_TCP;
+ break;
+ default:
+ return NULL;
+ break;
+ }
- if (link == NULL)
- {
- struct in_addr alias_addr;
+ link = FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 1);
- alias_addr = FindAliasAddress(la, src_addr);
- link = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, 0, alias_port,
- link_type);
- }
+ if (link == NULL) {
+ struct in_addr alias_addr;
- return(link);
+ alias_addr = FindAliasAddress(la, src_addr);
+ link = AddLink(la, src_addr, dst_addr, alias_addr,
+ src_port, 0, alias_port,
+ link_type);
+ }
+ return (link);
}
struct in_addr
FindOriginalAddress(struct libalias *la, struct in_addr alias_addr)
{
- struct alias_link *link;
-
- link = FindLinkIn(la, la->nullAddress, alias_addr,
- 0, 0, LINK_ADDR, 0);
- if (link == NULL)
- {
- la->newDefaultLink = 1;
- if (la->targetAddress.s_addr == INADDR_ANY)
- return alias_addr;
- else if (la->targetAddress.s_addr == INADDR_NONE)
- return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : alias_addr;
- else
- return la->targetAddress;
- }
- else
- {
- if (link->server != NULL) { /* LSNAT link */
- struct in_addr src_addr;
-
- src_addr = link->server->addr;
- link->server = link->server->next;
- return (src_addr);
- } else if (link->src_addr.s_addr == INADDR_ANY)
- return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : alias_addr;
- else
- return link->src_addr;
- }
+ struct alias_link *link;
+
+ link = FindLinkIn(la, la->nullAddress, alias_addr,
+ 0, 0, LINK_ADDR, 0);
+ if (link == NULL) {
+ la->newDefaultLink = 1;
+ if (la->targetAddress.s_addr == INADDR_ANY)
+ return alias_addr;
+ else if (la->targetAddress.s_addr == INADDR_NONE)
+ return (la->aliasAddress.s_addr != INADDR_ANY) ?
+ la->aliasAddress : alias_addr;
+ else
+ return la->targetAddress;
+ } else {
+ if (link->server != NULL) { /* LSNAT link */
+ struct in_addr src_addr;
+
+ src_addr = link->server->addr;
+ link->server = link->server->next;
+ return (src_addr);
+ } else if (link->src_addr.s_addr == INADDR_ANY)
+ return (la->aliasAddress.s_addr != INADDR_ANY) ?
+ la->aliasAddress : alias_addr;
+ else
+ return link->src_addr;
+ }
}
struct in_addr
FindAliasAddress(struct libalias *la, struct in_addr original_addr)
{
- struct alias_link *link;
+ struct alias_link *link;
- link = FindLinkOut(la, original_addr, la->nullAddress,
- 0, 0, LINK_ADDR, 0);
- if (link == NULL)
- {
- return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : original_addr;
- }
- else
- {
- if (link->alias_addr.s_addr == INADDR_ANY)
- return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : original_addr;
- else
- return link->alias_addr;
- }
+ link = FindLinkOut(la, original_addr, la->nullAddress,
+ 0, 0, LINK_ADDR, 0);
+ if (link == NULL) {
+ return (la->aliasAddress.s_addr != INADDR_ANY) ?
+ la->aliasAddress : original_addr;
+ } else {
+ if (link->alias_addr.s_addr == INADDR_ANY)
+ return (la->aliasAddress.s_addr != INADDR_ANY) ?
+ la->aliasAddress : original_addr;
+ else
+ return link->alias_addr;
+ }
}
@@ -1798,186 +1702,187 @@ FindAliasAddress(struct libalias *la, struct in_addr original_addr)
void
SetFragmentAddr(struct alias_link *link, struct in_addr src_addr)
{
- link->data.frag_addr = src_addr;
+ link->data.frag_addr = src_addr;
}
void
GetFragmentAddr(struct alias_link *link, struct in_addr *src_addr)
{
- *src_addr = link->data.frag_addr;
+ *src_addr = link->data.frag_addr;
}
void
SetFragmentPtr(struct alias_link *link, char *fptr)
{
- link->data.frag_ptr = fptr;
+ link->data.frag_ptr = fptr;
}
void
GetFragmentPtr(struct alias_link *link, char **fptr)
{
- *fptr = link->data.frag_ptr;
+ *fptr = link->data.frag_ptr;
}
void
SetStateIn(struct alias_link *link, int state)
{
- /* TCP input state */
- switch (state) {
- case ALIAS_TCP_STATE_DISCONNECTED:
- if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED)
- link->expire_time = TCP_EXPIRE_DEAD;
- else
- link->expire_time = TCP_EXPIRE_SINGLEDEAD;
- break;
- case ALIAS_TCP_STATE_CONNECTED:
- if (link->data.tcp->state.out == ALIAS_TCP_STATE_CONNECTED)
- link->expire_time = TCP_EXPIRE_CONNECTED;
- break;
- default:
- abort();
- }
- link->data.tcp->state.in = state;
+ /* TCP input state */
+ switch (state) {
+ case ALIAS_TCP_STATE_DISCONNECTED:
+ if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED)
+ link->expire_time = TCP_EXPIRE_DEAD;
+ else
+ link->expire_time = TCP_EXPIRE_SINGLEDEAD;
+ break;
+ case ALIAS_TCP_STATE_CONNECTED:
+ if (link->data.tcp->state.out == ALIAS_TCP_STATE_CONNECTED)
+ link->expire_time = TCP_EXPIRE_CONNECTED;
+ break;
+ default:
+ abort();
+ }
+ link->data.tcp->state.in = state;
}
void
SetStateOut(struct alias_link *link, int state)
{
- /* TCP output state */
- switch (state) {
- case ALIAS_TCP_STATE_DISCONNECTED:
- if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED)
- link->expire_time = TCP_EXPIRE_DEAD;
- else
- link->expire_time = TCP_EXPIRE_SINGLEDEAD;
- break;
- case ALIAS_TCP_STATE_CONNECTED:
- if (link->data.tcp->state.in == ALIAS_TCP_STATE_CONNECTED)
- link->expire_time = TCP_EXPIRE_CONNECTED;
- break;
- default:
- abort();
- }
- link->data.tcp->state.out = state;
+ /* TCP output state */
+ switch (state) {
+ case ALIAS_TCP_STATE_DISCONNECTED:
+ if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED)
+ link->expire_time = TCP_EXPIRE_DEAD;
+ else
+ link->expire_time = TCP_EXPIRE_SINGLEDEAD;
+ break;
+ case ALIAS_TCP_STATE_CONNECTED:
+ if (link->data.tcp->state.in == ALIAS_TCP_STATE_CONNECTED)
+ link->expire_time = TCP_EXPIRE_CONNECTED;
+ break;
+ default:
+ abort();
+ }
+ link->data.tcp->state.out = state;
}
int
GetStateIn(struct alias_link *link)
{
- /* TCP input state */
- return link->data.tcp->state.in;
+ /* TCP input state */
+ return link->data.tcp->state.in;
}
int
GetStateOut(struct alias_link *link)
{
- /* TCP output state */
- return link->data.tcp->state.out;
+ /* TCP output state */
+ return link->data.tcp->state.out;
}
struct in_addr
GetOriginalAddress(struct alias_link *link)
{
- if (link->src_addr.s_addr == INADDR_ANY)
- return link->la->aliasAddress;
- else
- return(link->src_addr);
+ if (link->src_addr.s_addr == INADDR_ANY)
+ return link->la->aliasAddress;
+ else
+ return (link->src_addr);
}
struct in_addr
GetDestAddress(struct alias_link *link)
{
- return(link->dst_addr);
+ return (link->dst_addr);
}
struct in_addr
GetAliasAddress(struct alias_link *link)
{
- if (link->alias_addr.s_addr == INADDR_ANY)
- return link->la->aliasAddress;
- else
- return link->alias_addr;
+ if (link->alias_addr.s_addr == INADDR_ANY)
+ return link->la->aliasAddress;
+ else
+ return link->alias_addr;
}
struct in_addr
GetDefaultAliasAddress(struct libalias *la)
{
- return la->aliasAddress;
+ return la->aliasAddress;
}
void
SetDefaultAliasAddress(struct libalias *la, struct in_addr alias_addr)
{
- la->aliasAddress = alias_addr;
+ la->aliasAddress = alias_addr;
}
u_short
GetOriginalPort(struct alias_link *link)
{
- return(link->src_port);
+ return (link->src_port);
}
u_short
GetAliasPort(struct alias_link *link)
{
- return(link->alias_port);
+ return (link->alias_port);
}
#ifndef NO_FW_PUNCH
-static u_short
+static u_short
GetDestPort(struct alias_link *link)
{
- return(link->dst_port);
+ return (link->dst_port);
}
+
#endif
void
SetAckModified(struct alias_link *link)
{
/* Indicate that ACK numbers have been modified in a TCP connection */
- link->data.tcp->state.ack_modified = 1;
+ link->data.tcp->state.ack_modified = 1;
}
struct in_addr
GetProxyAddress(struct alias_link *link)
{
- return link->proxy_addr;
+ return link->proxy_addr;
}
void
SetProxyAddress(struct alias_link *link, struct in_addr addr)
{
- link->proxy_addr = addr;
+ link->proxy_addr = addr;
}
u_short
GetProxyPort(struct alias_link *link)
{
- return link->proxy_port;
+ return link->proxy_port;
}
void
SetProxyPort(struct alias_link *link, u_short port)
{
- link->proxy_port = port;
+ link->proxy_port = port;
}
@@ -1985,7 +1890,7 @@ int
GetAckModified(struct alias_link *link)
{
/* See if ACK numbers have been modified */
- return link->data.tcp->state.ack_modified;
+ return link->data.tcp->state.ack_modified;
}
@@ -1998,45 +1903,38 @@ TCP packet. To do this, a circular list of ACK numbers where the TCP
packet size was altered is searched.
*/
- int i;
- struct tcphdr *tc;
- int delta, ack_diff_min;
- u_long ack;
-
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- ack = tc->th_ack;
-
- delta = 0;
- ack_diff_min = -1;
- for (i=0; i<N_LINK_TCP_DATA; i++)
- {
- struct ack_data_record x;
-
- x = link->data.tcp->ack[i];
- if (x.active == 1)
- {
- int ack_diff;
-
- ack_diff = SeqDiff(x.ack_new, ack);
- if (ack_diff >= 0)
- {
- if (ack_diff_min >= 0)
- {
- if (ack_diff < ack_diff_min)
- {
- delta = x.delta;
- ack_diff_min = ack_diff;
- }
- }
- else
- {
- delta = x.delta;
- ack_diff_min = ack_diff;
- }
- }
- }
- }
- return (delta);
+ int i;
+ struct tcphdr *tc;
+ int delta, ack_diff_min;
+ u_long ack;
+
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ ack = tc->th_ack;
+
+ delta = 0;
+ ack_diff_min = -1;
+ for (i = 0; i < N_LINK_TCP_DATA; i++) {
+ struct ack_data_record x;
+
+ x = link->data.tcp->ack[i];
+ if (x.active == 1) {
+ int ack_diff;
+
+ ack_diff = SeqDiff(x.ack_new, ack);
+ if (ack_diff >= 0) {
+ if (ack_diff_min >= 0) {
+ if (ack_diff < ack_diff_min) {
+ delta = x.delta;
+ ack_diff_min = ack_diff;
+ }
+ } else {
+ delta = x.delta;
+ ack_diff_min = ack_diff;
+ }
+ }
+ }
+ }
+ return (delta);
}
@@ -2049,45 +1947,38 @@ TCP packet. To do this, a circular list of ACK numbers where the TCP
packet size was altered is searched.
*/
- int i;
- struct tcphdr *tc;
- int delta, seq_diff_min;
- u_long seq;
-
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- seq = tc->th_seq;
-
- delta = 0;
- seq_diff_min = -1;
- for (i=0; i<N_LINK_TCP_DATA; i++)
- {
- struct ack_data_record x;
-
- x = link->data.tcp->ack[i];
- if (x.active == 1)
- {
- int seq_diff;
-
- seq_diff = SeqDiff(x.ack_old, seq);
- if (seq_diff >= 0)
- {
- if (seq_diff_min >= 0)
- {
- if (seq_diff < seq_diff_min)
- {
- delta = x.delta;
- seq_diff_min = seq_diff;
- }
- }
- else
- {
- delta = x.delta;
- seq_diff_min = seq_diff;
- }
- }
- }
- }
- return (delta);
+ int i;
+ struct tcphdr *tc;
+ int delta, seq_diff_min;
+ u_long seq;
+
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ seq = tc->th_seq;
+
+ delta = 0;
+ seq_diff_min = -1;
+ for (i = 0; i < N_LINK_TCP_DATA; i++) {
+ struct ack_data_record x;
+
+ x = link->data.tcp->ack[i];
+ if (x.active == 1) {
+ int seq_diff;
+
+ seq_diff = SeqDiff(x.ack_old, seq);
+ if (seq_diff >= 0) {
+ if (seq_diff_min >= 0) {
+ if (seq_diff < seq_diff_min) {
+ delta = x.delta;
+ seq_diff_min = seq_diff;
+ }
+ } else {
+ delta = x.delta;
+ seq_diff_min = seq_diff;
+ }
+ }
+ }
+ }
+ return (delta);
}
@@ -2100,86 +1991,79 @@ information in a circular list. If enough packets have
been altered, then this list will begin to overwrite itself.
*/
- struct tcphdr *tc;
- struct ack_data_record x;
- int hlen, tlen, dlen;
- int i;
+ struct tcphdr *tc;
+ struct ack_data_record x;
+ int hlen, tlen, dlen;
+ int i;
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
- x.ack_old = htonl(ntohl(tc->th_seq) + dlen);
- x.ack_new = htonl(ntohl(tc->th_seq) + dlen + delta);
- x.delta = delta;
- x.active = 1;
+ x.ack_old = htonl(ntohl(tc->th_seq) + dlen);
+ x.ack_new = htonl(ntohl(tc->th_seq) + dlen + delta);
+ x.delta = delta;
+ x.active = 1;
- i = link->data.tcp->state.index;
- link->data.tcp->ack[i] = x;
+ i = link->data.tcp->state.index;
+ link->data.tcp->ack[i] = x;
- i++;
- if (i == N_LINK_TCP_DATA)
- link->data.tcp->state.index = 0;
- else
- link->data.tcp->state.index = i;
+ i++;
+ if (i == N_LINK_TCP_DATA)
+ link->data.tcp->state.index = 0;
+ else
+ link->data.tcp->state.index = i;
}
void
SetExpire(struct alias_link *link, int expire)
{
- if (expire == 0)
- {
- link->flags &= ~LINK_PERMANENT;
- DeleteLink(link);
- }
- else if (expire == -1)
- {
- link->flags |= LINK_PERMANENT;
- }
- else if (expire > 0)
- {
- link->expire_time = expire;
- }
- else
- {
+ if (expire == 0) {
+ link->flags &= ~LINK_PERMANENT;
+ DeleteLink(link);
+ } else if (expire == -1) {
+ link->flags |= LINK_PERMANENT;
+ } else if (expire > 0) {
+ link->expire_time = expire;
+ } else {
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/SetExpire(): ");
- fprintf(stderr, "error in expire parameter\n");
+ fprintf(stderr, "PacketAlias/SetExpire(): ");
+ fprintf(stderr, "error in expire parameter\n");
#endif
- }
+ }
}
void
ClearCheckNewLink(struct libalias *la)
{
- la->newDefaultLink = 0;
+ la->newDefaultLink = 0;
}
void
SetProtocolFlags(struct alias_link *link, int pflags)
{
- link->pflags = pflags;;
+ link->pflags = pflags;;
}
int
GetProtocolFlags(struct alias_link *link)
{
- return (link->pflags);
+ return (link->pflags);
}
void
SetDestCallId(struct alias_link *link, u_int16_t cid)
{
- struct libalias *la = link->la;
+ struct libalias *la = link->la;
- la->deleteAllLinks = 1;
- link = ReLink(link, link->src_addr, link->dst_addr, link->alias_addr,
- link->src_port, cid, link->alias_port, link->link_type);
- la->deleteAllLinks = 0;
+ la->deleteAllLinks = 1;
+ link = ReLink(link, link->src_addr, link->dst_addr, link->alias_addr,
+ link->src_port, cid, link->alias_port, link->link_type);
+ la->deleteAllLinks = 0;
}
@@ -2202,52 +2086,47 @@ SetDestCallId(struct alias_link *link, u_int16_t cid)
void
HouseKeeping(struct libalias *la)
{
- int i, n, n100;
- struct timeval tv;
- struct timezone tz;
-
- /*
- * Save system time (seconds) in global variable timeStamp for
- * use by other functions. This is done so as not to unnecessarily
- * waste timeline by making system calls.
- */
- gettimeofday(&tv, &tz);
- la->timeStamp = tv.tv_sec;
-
- /* Compute number of spokes (output table link chains) to cover */
- n100 = LINK_TABLE_OUT_SIZE * 100 + la->houseKeepingResidual;
- n100 *= la->timeStamp - la->lastCleanupTime;
- n100 /= ALIAS_CLEANUP_INTERVAL_SECS;
-
- n = n100/100;
-
- /* Handle different cases */
- if (n > ALIAS_CLEANUP_MAX_SPOKES)
- {
- n = ALIAS_CLEANUP_MAX_SPOKES;
- la->lastCleanupTime = la->timeStamp;
- la->houseKeepingResidual = 0;
-
- for (i=0; i<n; i++)
- IncrementalCleanup(la);
- }
- else if (n > 0)
- {
- la->lastCleanupTime = la->timeStamp;
- la->houseKeepingResidual = n100 - 100*n;
-
- for (i=0; i<n; i++)
- IncrementalCleanup(la);
- }
- else if (n < 0)
- {
+ int i, n, n100;
+ struct timeval tv;
+ struct timezone tz;
+
+ /*
+ * Save system time (seconds) in global variable timeStamp for use
+ * by other functions. This is done so as not to unnecessarily
+ * waste timeline by making system calls.
+ */
+ gettimeofday(&tv, &tz);
+ la->timeStamp = tv.tv_sec;
+
+ /* Compute number of spokes (output table link chains) to cover */
+ n100 = LINK_TABLE_OUT_SIZE * 100 + la->houseKeepingResidual;
+ n100 *= la->timeStamp - la->lastCleanupTime;
+ n100 /= ALIAS_CLEANUP_INTERVAL_SECS;
+
+ n = n100 / 100;
+
+ /* Handle different cases */
+ if (n > ALIAS_CLEANUP_MAX_SPOKES) {
+ n = ALIAS_CLEANUP_MAX_SPOKES;
+ la->lastCleanupTime = la->timeStamp;
+ la->houseKeepingResidual = 0;
+
+ for (i = 0; i < n; i++)
+ IncrementalCleanup(la);
+ } else if (n > 0) {
+ la->lastCleanupTime = la->timeStamp;
+ la->houseKeepingResidual = n100 - 100 * n;
+
+ for (i = 0; i < n; i++)
+ IncrementalCleanup(la);
+ } else if (n < 0) {
#ifdef DEBUG
- fprintf(stderr, "PacketAlias/HouseKeeping(): ");
- fprintf(stderr, "something unexpected in time values\n");
+ fprintf(stderr, "PacketAlias/HouseKeeping(): ");
+ fprintf(stderr, "something unexpected in time values\n");
#endif
- la->lastCleanupTime = la->timeStamp;
- la->houseKeepingResidual = 0;
- }
+ la->lastCleanupTime = la->timeStamp;
+ la->houseKeepingResidual = 0;
+ }
}
@@ -2255,13 +2134,12 @@ HouseKeeping(struct libalias *la)
static void
InitPacketAliasLog(struct libalias *la)
{
- if ((~la->packetAliasMode & PKT_ALIAS_LOG)
- && (la->monitorFile = fopen("/var/log/alias.log", "w")))
- {
- la->packetAliasMode |= PKT_ALIAS_LOG;
- fprintf(la->monitorFile,
- "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n");
- }
+ if ((~la->packetAliasMode & PKT_ALIAS_LOG)
+ && (la->monitorFile = fopen("/var/log/alias.log", "w"))) {
+ la->packetAliasMode |= PKT_ALIAS_LOG;
+ fprintf(la->monitorFile,
+ "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n");
+ }
}
@@ -2269,11 +2147,11 @@ InitPacketAliasLog(struct libalias *la)
static void
UninitPacketAliasLog(struct libalias *la)
{
- if (la->monitorFile) {
- fclose(la->monitorFile);
- la->monitorFile = NULL;
- }
- la->packetAliasMode &= ~PKT_ALIAS_LOG;
+ if (la->monitorFile) {
+ fclose(la->monitorFile);
+ la->monitorFile = NULL;
+ }
+ la->packetAliasMode &= ~PKT_ALIAS_LOG;
}
@@ -2302,132 +2180,125 @@ UninitPacketAliasLog(struct libalias *la)
/* Redirection from a specific public addr:port to a
private addr:port */
struct alias_link *
-LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr, u_short src_port,
- struct in_addr dst_addr, u_short dst_port,
- struct in_addr alias_addr, u_short alias_port,
- u_char proto)
-{
- int link_type;
- struct alias_link *link;
-
- switch(proto)
- {
- case IPPROTO_UDP:
- link_type = LINK_UDP;
- break;
- case IPPROTO_TCP:
- link_type = LINK_TCP;
- break;
- default:
+LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr, u_short src_port,
+ struct in_addr dst_addr, u_short dst_port,
+ struct in_addr alias_addr, u_short alias_port,
+ u_char proto)
+{
+ int link_type;
+ struct alias_link *link;
+
+ switch (proto) {
+ case IPPROTO_UDP:
+ link_type = LINK_UDP;
+ break;
+ case IPPROTO_TCP:
+ link_type = LINK_TCP;
+ break;
+ default:
#ifdef DEBUG
- fprintf(stderr, "PacketAliasRedirectPort(): ");
- fprintf(stderr, "only TCP and UDP protocols allowed\n");
+ fprintf(stderr, "PacketAliasRedirectPort(): ");
+ fprintf(stderr, "only TCP and UDP protocols allowed\n");
#endif
- return NULL;
- }
+ return NULL;
+ }
- link = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, dst_port, alias_port,
- link_type);
+ link = AddLink(la, src_addr, dst_addr, alias_addr,
+ src_port, dst_port, alias_port,
+ link_type);
- if (link != NULL)
- {
- link->flags |= LINK_PERMANENT;
- }
+ if (link != NULL) {
+ link->flags |= LINK_PERMANENT;
+ }
#ifdef DEBUG
- else
- {
- fprintf(stderr, "PacketAliasRedirectPort(): "
- "call to AddLink() failed\n");
- }
+ else {
+ fprintf(stderr, "PacketAliasRedirectPort(): "
+ "call to AddLink() failed\n");
+ }
#endif
- return link;
+ return link;
}
/* Add server to the pool of servers */
int
LibAliasAddServer(struct libalias *la, struct alias_link *link, struct in_addr addr, u_short port)
{
- struct server *server;
+ struct server *server;
- server = malloc(sizeof(struct server));
+ server = malloc(sizeof(struct server));
- if (server != NULL) {
- struct server *head;
+ if (server != NULL) {
+ struct server *head;
- server->addr = addr;
- server->port = port;
+ server->addr = addr;
+ server->port = port;
- head = link->server;
- if (head == NULL)
- server->next = server;
- else {
- struct server *s;
+ head = link->server;
+ if (head == NULL)
+ server->next = server;
+ else {
+ struct server *s;
- for (s = head; s->next != head; s = s->next);
- s->next = server;
- server->next = head;
- }
- link->server = server;
- return (0);
- } else
- return (-1);
+ for (s = head; s->next != head; s = s->next);
+ s->next = server;
+ server->next = head;
+ }
+ link->server = server;
+ return (0);
+ } else
+ return (-1);
}
/* Redirect packets of a given IP protocol from a specific
public address to a private address */
struct alias_link *
LibAliasRedirectProto(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_char proto)
+ struct in_addr dst_addr,
+ struct in_addr alias_addr,
+ u_char proto)
{
- struct alias_link *link;
+ struct alias_link *link;
- link = AddLink(la, src_addr, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, 0,
- proto);
+ link = AddLink(la, src_addr, dst_addr, alias_addr,
+ NO_SRC_PORT, NO_DEST_PORT, 0,
+ proto);
- if (link != NULL)
- {
- link->flags |= LINK_PERMANENT;
- }
+ if (link != NULL) {
+ link->flags |= LINK_PERMANENT;
+ }
#ifdef DEBUG
- else
- {
- fprintf(stderr, "PacketAliasRedirectProto(): "
- "call to AddLink() failed\n");
- }
+ else {
+ fprintf(stderr, "PacketAliasRedirectProto(): "
+ "call to AddLink() failed\n");
+ }
#endif
- return link;
+ return link;
}
/* Static address translation */
struct alias_link *
LibAliasRedirectAddr(struct libalias *la, struct in_addr src_addr,
- struct in_addr alias_addr)
+ struct in_addr alias_addr)
{
- struct alias_link *link;
+ struct alias_link *link;
- link = AddLink(la, src_addr, la->nullAddress, alias_addr,
- 0, 0, 0,
- LINK_ADDR);
+ link = AddLink(la, src_addr, la->nullAddress, alias_addr,
+ 0, 0, 0,
+ LINK_ADDR);
- if (link != NULL)
- {
- link->flags |= LINK_PERMANENT;
- }
+ if (link != NULL) {
+ link->flags |= LINK_PERMANENT;
+ }
#ifdef DEBUG
- else
- {
- fprintf(stderr, "PacketAliasRedirectAddr(): "
- "call to AddLink() failed\n");
- }
+ else {
+ fprintf(stderr, "PacketAliasRedirectAddr(): "
+ "call to AddLink() failed\n");
+ }
#endif
- return link;
+ return link;
}
@@ -2436,12 +2307,12 @@ int
LibAliasRedirectDynamic(struct libalias *la, struct alias_link *link)
{
- if (link->flags & LINK_PARTIALLY_SPECIFIED)
- return (-1);
- else {
- link->flags &= ~LINK_PERMANENT;
- return (0);
- }
+ if (link->flags & LINK_PARTIALLY_SPECIFIED)
+ return (-1);
+ else {
+ link->flags &= ~LINK_PERMANENT;
+ return (0);
+ }
}
@@ -2451,147 +2322,143 @@ LibAliasRedirectDelete(struct libalias *la, struct alias_link *link)
/* This is a dangerous function to put in the API,
because an invalid pointer can crash the program. */
- la->deleteAllLinks = 1;
- DeleteLink(link);
- la->deleteAllLinks = 0;
+ la->deleteAllLinks = 1;
+ DeleteLink(link);
+ la->deleteAllLinks = 0;
}
void
LibAliasSetAddress(struct libalias *la, struct in_addr addr)
{
- if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE
- && la->aliasAddress.s_addr != addr.s_addr)
- CleanupAliasData(la);
+ if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE
+ && la->aliasAddress.s_addr != addr.s_addr)
+ CleanupAliasData(la);
- la->aliasAddress = addr;
+ la->aliasAddress = addr;
}
void
LibAliasSetTarget(struct libalias *la, struct in_addr target_addr)
{
- la->targetAddress = target_addr;
+ la->targetAddress = target_addr;
}
static void
finishoff(void)
{
- while(!LIST_EMPTY(&instancehead))
+ while (!LIST_EMPTY(&instancehead))
LibAliasUninit(LIST_FIRST(&instancehead));
}
struct libalias *
LibAliasInit(struct libalias *la)
{
- int i;
- struct timeval tv;
- struct timezone tz;
-
- if (la == NULL)
- {
- la = calloc(sizeof *la, 1);
- if (la == NULL)
- return (la);
- if (LIST_EMPTY(&instancehead))
- atexit(finishoff);
- LIST_INSERT_HEAD(&instancehead, la, instancelist);
-
- gettimeofday(&tv, &tz);
- la->timeStamp = tv.tv_sec;
- la->lastCleanupTime = tv.tv_sec;
- la->houseKeepingResidual = 0;
-
- for (i=0; i<LINK_TABLE_OUT_SIZE; i++)
- LIST_INIT(&la->linkTableOut[i]);
- for (i=0; i<LINK_TABLE_IN_SIZE; i++)
- LIST_INIT(&la->linkTableIn[i]);
-
- }
- else
- {
- la->deleteAllLinks = 1;
- CleanupAliasData(la);
- la->deleteAllLinks = 0;
- }
-
- la->aliasAddress.s_addr = INADDR_ANY;
- la->targetAddress.s_addr = INADDR_ANY;
-
- la->icmpLinkCount = 0;
- la->udpLinkCount = 0;
- la->tcpLinkCount = 0;
- la->pptpLinkCount = 0;
- la->protoLinkCount = 0;
- la->fragmentIdLinkCount = 0;
- la->fragmentPtrLinkCount = 0;
- la->sockCount = 0;
-
- la->cleanupIndex =0;
-
- la->packetAliasMode = PKT_ALIAS_SAME_PORTS
- | PKT_ALIAS_USE_SOCKETS
- | PKT_ALIAS_RESET_ON_ADDR_CHANGE;
+ int i;
+ struct timeval tv;
+ struct timezone tz;
+
+ if (la == NULL) {
+ la = calloc(sizeof *la, 1);
+ if (la == NULL)
+ return (la);
+ if (LIST_EMPTY(&instancehead))
+ atexit(finishoff);
+ LIST_INSERT_HEAD(&instancehead, la, instancelist);
+
+ gettimeofday(&tv, &tz);
+ la->timeStamp = tv.tv_sec;
+ la->lastCleanupTime = tv.tv_sec;
+ la->houseKeepingResidual = 0;
+
+ for (i = 0; i < LINK_TABLE_OUT_SIZE; i++)
+ LIST_INIT(&la->linkTableOut[i]);
+ for (i = 0; i < LINK_TABLE_IN_SIZE; i++)
+ LIST_INIT(&la->linkTableIn[i]);
+
+ } else {
+ la->deleteAllLinks = 1;
+ CleanupAliasData(la);
+ la->deleteAllLinks = 0;
+ }
+
+ la->aliasAddress.s_addr = INADDR_ANY;
+ la->targetAddress.s_addr = INADDR_ANY;
+
+ la->icmpLinkCount = 0;
+ la->udpLinkCount = 0;
+ la->tcpLinkCount = 0;
+ la->pptpLinkCount = 0;
+ la->protoLinkCount = 0;
+ la->fragmentIdLinkCount = 0;
+ la->fragmentPtrLinkCount = 0;
+ la->sockCount = 0;
+
+ la->cleanupIndex = 0;
+
+ la->packetAliasMode = PKT_ALIAS_SAME_PORTS
+ | PKT_ALIAS_USE_SOCKETS
+ | PKT_ALIAS_RESET_ON_ADDR_CHANGE;
#ifndef NO_FW_PUNCH
- la->fireWallFD = -1;
+ la->fireWallFD = -1;
#endif
- return (la);
+ return (la);
}
void
-LibAliasUninit(struct libalias *la) {
- la->deleteAllLinks = 1;
- CleanupAliasData(la);
- la->deleteAllLinks = 0;
- UninitPacketAliasLog(la);
+LibAliasUninit(struct libalias *la)
+{
+ la->deleteAllLinks = 1;
+ CleanupAliasData(la);
+ la->deleteAllLinks = 0;
+ UninitPacketAliasLog(la);
#ifndef NO_FW_PUNCH
- UninitPunchFW(la);
+ UninitPunchFW(la);
#endif
- LIST_REMOVE(la, instancelist);
- free(la);
+ LIST_REMOVE(la, instancelist);
+ free(la);
}
/* Change mode for some operations */
unsigned int
LibAliasSetMode(
struct libalias *la,
- unsigned int flags, /* Which state to bring flags to */
- unsigned int mask /* Mask of which flags to affect (use 0 to do a
- probe for flag values) */
+ unsigned int flags, /* Which state to bring flags to */
+ unsigned int mask /* Mask of which flags to affect (use 0 to
+ * do a probe for flag values) */
)
{
/* Enable logging? */
- if (flags & mask & PKT_ALIAS_LOG)
- {
- InitPacketAliasLog(la); /* Do the enable */
- } else
+ if (flags & mask & PKT_ALIAS_LOG) {
+ InitPacketAliasLog(la); /* Do the enable */
+ } else
/* _Disable_ logging? */
- if (~flags & mask & PKT_ALIAS_LOG) {
- UninitPacketAliasLog(la);
- }
-
+ if (~flags & mask & PKT_ALIAS_LOG) {
+ UninitPacketAliasLog(la);
+ }
#ifndef NO_FW_PUNCH
/* Start punching holes in the firewall? */
- if (flags & mask & PKT_ALIAS_PUNCH_FW) {
- InitPunchFW(la);
- } else
+ if (flags & mask & PKT_ALIAS_PUNCH_FW) {
+ InitPunchFW(la);
+ } else
/* Stop punching holes in the firewall? */
- if (~flags & mask & PKT_ALIAS_PUNCH_FW) {
- UninitPunchFW(la);
- }
+ if (~flags & mask & PKT_ALIAS_PUNCH_FW) {
+ UninitPunchFW(la);
+ }
#endif
/* Other flags can be set/cleared without special action */
- la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask);
- return la->packetAliasMode;
+ la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask);
+ return la->packetAliasMode;
}
int
LibAliasCheckNewLink(struct libalias *la)
{
- return la->newDefaultLink;
+ return la->newDefaultLink;
}
@@ -2603,7 +2470,7 @@ LibAliasCheckNewLink(struct libalias *la)
****************/
#ifndef IPFW2
-#define IPFW2 1 /* use new ipfw code */
+#define IPFW2 1 /* use new ipfw code */
#endif
/* Firewall include files */
@@ -2612,18 +2479,18 @@ LibAliasCheckNewLink(struct libalias *la)
#include <string.h>
#include <err.h>
-#if IPFW2 /* support for new firewall code */
+#if IPFW2 /* support for new firewall code */
/*
* helper function, updates the pointer to cmd with the length
* of the current command, and also cleans up the first word of
* the new command in case it has been clobbered before.
*/
static ipfw_insn *
-next_cmd(ipfw_insn *cmd)
+next_cmd(ipfw_insn * cmd)
{
- cmd += F_LEN(cmd);
- bzero(cmd, sizeof(*cmd));
- return cmd;
+ cmd += F_LEN(cmd);
+ bzero(cmd, sizeof(*cmd));
+ return cmd;
}
/*
@@ -2631,71 +2498,72 @@ next_cmd(ipfw_insn *cmd)
* Existing flags are preserved.
*/
static ipfw_insn *
-fill_cmd(ipfw_insn *cmd, enum ipfw_opcodes opcode, int size,
- int flags, u_int16_t arg)
+fill_cmd(ipfw_insn * cmd, enum ipfw_opcodes opcode, int size,
+ int flags, u_int16_t arg)
{
- cmd->opcode = opcode;
- cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | (size & F_LEN_MASK);
- cmd->arg1 = arg;
- return next_cmd(cmd);
+ cmd->opcode = opcode;
+ cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | (size & F_LEN_MASK);
+ cmd->arg1 = arg;
+ return next_cmd(cmd);
}
static ipfw_insn *
-fill_ip(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int32_t addr)
+fill_ip(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int32_t addr)
{
- ipfw_insn_ip *cmd = (ipfw_insn_ip *)cmd1;
+ ipfw_insn_ip *cmd = (ipfw_insn_ip *) cmd1;
- cmd->addr.s_addr = addr;
- return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0);
+ cmd->addr.s_addr = addr;
+ return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0);
}
static ipfw_insn *
-fill_one_port(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int16_t port)
+fill_one_port(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int16_t port)
{
- ipfw_insn_u16 *cmd = (ipfw_insn_u16 *)cmd1;
+ ipfw_insn_u16 *cmd = (ipfw_insn_u16 *) cmd1;
- cmd->ports[0] = cmd->ports[1] = port;
- return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0);
+ cmd->ports[0] = cmd->ports[1] = port;
+ return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0);
}
static int
fill_rule(void *buf, int bufsize, int rulenum,
- enum ipfw_opcodes action, int proto,
- struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp)
+ enum ipfw_opcodes action, int proto,
+ struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp)
{
- struct ip_fw *rule = (struct ip_fw *)buf;
- ipfw_insn *cmd = (ipfw_insn *)rule->cmd;
+ struct ip_fw *rule = (struct ip_fw *)buf;
+ ipfw_insn *cmd = (ipfw_insn *) rule->cmd;
- bzero(buf, bufsize);
- rule->rulenum = rulenum;
+ bzero(buf, bufsize);
+ rule->rulenum = rulenum;
- cmd = fill_cmd(cmd, O_PROTO, F_INSN_SIZE(ipfw_insn), 0, proto);
- cmd = fill_ip(cmd, O_IP_SRC, sa.s_addr);
- cmd = fill_one_port(cmd, O_IP_SRCPORT, sp);
- cmd = fill_ip(cmd, O_IP_DST, da.s_addr);
- cmd = fill_one_port(cmd, O_IP_DSTPORT, dp);
+ cmd = fill_cmd(cmd, O_PROTO, F_INSN_SIZE(ipfw_insn), 0, proto);
+ cmd = fill_ip(cmd, O_IP_SRC, sa.s_addr);
+ cmd = fill_one_port(cmd, O_IP_SRCPORT, sp);
+ cmd = fill_ip(cmd, O_IP_DST, da.s_addr);
+ cmd = fill_one_port(cmd, O_IP_DSTPORT, dp);
- rule->act_ofs = (u_int32_t *)cmd - (u_int32_t *)rule->cmd;
- cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0);
+ rule->act_ofs = (u_int32_t *) cmd - (u_int32_t *) rule->cmd;
+ cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0);
- rule->cmd_len = (u_int32_t *)cmd - (u_int32_t *)rule->cmd;
+ rule->cmd_len = (u_int32_t *) cmd - (u_int32_t *) rule->cmd;
- return ((char *)cmd - (char *)buf);
+ return ((char *)cmd - (char *)buf);
}
-#endif /* IPFW2 */
-static void ClearAllFWHoles(struct libalias *la);
+#endif /* IPFW2 */
+
+static void ClearAllFWHoles(struct libalias *la);
#define fw_setfield(la, field, num) \
do { \
(field)[(num) - la->fireWallBaseNum] = 1; \
-} /*lint -save -e717 */ while(0) /*lint -restore */
+} /*lint -save -e717 */ while(0)/* lint -restore */
#define fw_clrfield(la, field, num) \
do { \
(field)[(num) - la->fireWallBaseNum] = 0; \
-} /*lint -save -e717 */ while(0) /*lint -restore */
+} /*lint -save -e717 */ while(0)/* lint -restore */
#define fw_tstfield(la, field, num) ((field)[(num) - la->fireWallBaseNum])
@@ -2703,143 +2571,143 @@ static void
InitPunchFW(struct libalias *la)
{
- la->fireWallField = malloc(la->fireWallNumNums);
- if (la->fireWallField) {
- memset(la->fireWallField, 0, la->fireWallNumNums);
- if (la->fireWallFD < 0) {
- la->fireWallFD = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
- }
- ClearAllFWHoles(la);
- la->fireWallActiveNum = la->fireWallBaseNum;
- }
+ la->fireWallField = malloc(la->fireWallNumNums);
+ if (la->fireWallField) {
+ memset(la->fireWallField, 0, la->fireWallNumNums);
+ if (la->fireWallFD < 0) {
+ la->fireWallFD = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ }
+ ClearAllFWHoles(la);
+ la->fireWallActiveNum = la->fireWallBaseNum;
+ }
}
static void
UninitPunchFW(struct libalias *la)
{
- ClearAllFWHoles(la);
- if (la->fireWallFD >= 0)
- close(la->fireWallFD);
- la->fireWallFD = -1;
- if (la->fireWallField)
- free(la->fireWallField);
- la->fireWallField = NULL;
- la->packetAliasMode &= ~PKT_ALIAS_PUNCH_FW;
+ ClearAllFWHoles(la);
+ if (la->fireWallFD >= 0)
+ close(la->fireWallFD);
+ la->fireWallFD = -1;
+ if (la->fireWallField)
+ free(la->fireWallField);
+ la->fireWallField = NULL;
+ la->packetAliasMode &= ~PKT_ALIAS_PUNCH_FW;
}
/* Make a certain link go through the firewall */
void
PunchFWHole(struct alias_link *link)
{
- struct libalias *la;
- int r; /* Result code */
- struct ip_fw rule; /* On-the-fly built rule */
- int fwhole; /* Where to punch hole */
+ struct libalias *la;
+ int r; /* Result code */
+ struct ip_fw rule; /* On-the-fly built rule */
+ int fwhole; /* Where to punch hole */
- la = link->la;
+ la = link->la;
/* Don't do anything unless we are asked to */
- if ( !(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) ||
- la->fireWallFD < 0 ||
- link->link_type != LINK_TCP)
- return;
+ if (!(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) ||
+ la->fireWallFD < 0 ||
+ link->link_type != LINK_TCP)
+ return;
- memset(&rule, 0, sizeof rule);
+ memset(&rule, 0, sizeof rule);
/** Build rule **/
- /* Find empty slot */
- for (fwhole = la->fireWallActiveNum;
- fwhole < la->fireWallBaseNum + la->fireWallNumNums &&
- fw_tstfield(la, la->fireWallField, fwhole);
- fwhole++)
- ;
- if (fwhole == la->fireWallBaseNum + la->fireWallNumNums) {
- for (fwhole = la->fireWallBaseNum;
- fwhole < la->fireWallActiveNum &&
- fw_tstfield(la, la->fireWallField, fwhole);
- fwhole++)
- ;
- if (fwhole == la->fireWallActiveNum) {
- /* No rule point empty - we can't punch more holes. */
- la->fireWallActiveNum = la->fireWallBaseNum;
+ /* Find empty slot */
+ for (fwhole = la->fireWallActiveNum;
+ fwhole < la->fireWallBaseNum + la->fireWallNumNums &&
+ fw_tstfield(la, la->fireWallField, fwhole);
+ fwhole++);
+ if (fwhole == la->fireWallBaseNum + la->fireWallNumNums) {
+ for (fwhole = la->fireWallBaseNum;
+ fwhole < la->fireWallActiveNum &&
+ fw_tstfield(la, la->fireWallField, fwhole);
+ fwhole++);
+ if (fwhole == la->fireWallActiveNum) {
+ /* No rule point empty - we can't punch more holes. */
+ la->fireWallActiveNum = la->fireWallBaseNum;
#ifdef DEBUG
- fprintf(stderr, "libalias: Unable to create firewall hole!\n");
+ fprintf(stderr, "libalias: Unable to create firewall hole!\n");
#endif
- return;
- }
- }
- /* Start next search at next position */
- la->fireWallActiveNum = fwhole+1;
-
- /*
- * generate two rules of the form
- *
- * add fwhole accept tcp from OAddr OPort to DAddr DPort
- * add fwhole accept tcp from DAddr DPort to OAddr OPort
- */
+ return;
+ }
+ }
+ /* Start next search at next position */
+ la->fireWallActiveNum = fwhole + 1;
+
+ /*
+ * generate two rules of the form
+ *
+ * add fwhole accept tcp from OAddr OPort to DAddr DPort add fwhole
+ * accept tcp from DAddr DPort to OAddr OPort
+ */
#if IPFW2
- if (GetOriginalPort(link) != 0 && GetDestPort(link) != 0) {
- u_int32_t rulebuf[255];
- int i;
-
- i = fill_rule(rulebuf, sizeof(rulebuf), fwhole,
- O_ACCEPT, IPPROTO_TCP,
- GetOriginalAddress(link), ntohs(GetOriginalPort(link)),
- GetDestAddress(link), ntohs(GetDestPort(link)) );
- r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i);
- if (r)
- err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)");
-
- i = fill_rule(rulebuf, sizeof(rulebuf), fwhole,
- O_ACCEPT, IPPROTO_TCP,
- GetDestAddress(link), ntohs(GetDestPort(link)),
- GetOriginalAddress(link), ntohs(GetOriginalPort(link)) );
- r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i);
- if (r)
- err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)");
- }
-#else /* !IPFW2, old code to generate ipfw rule */
-
- /* Build generic part of the two rules */
- rule.fw_number = fwhole;
- IP_FW_SETNSRCP(&rule, 1); /* Number of source ports. */
- IP_FW_SETNDSTP(&rule, 1); /* Number of destination ports. */
- rule.fw_flg = IP_FW_F_ACCEPT | IP_FW_F_IN | IP_FW_F_OUT;
- rule.fw_prot = IPPROTO_TCP;
- rule.fw_smsk.s_addr = INADDR_BROADCAST;
- rule.fw_dmsk.s_addr = INADDR_BROADCAST;
-
- /* Build and apply specific part of the rules */
- rule.fw_src = GetOriginalAddress(link);
- rule.fw_dst = GetDestAddress(link);
- rule.fw_uar.fw_pts[0] = ntohs(GetOriginalPort(link));
- rule.fw_uar.fw_pts[1] = ntohs(GetDestPort(link));
-
- /* Skip non-bound links - XXX should not be strictly necessary,
- but seems to leave hole if not done. Leak of non-bound links?
- (Code should be left even if the problem is fixed - it is a
- clear optimization) */
- if (rule.fw_uar.fw_pts[0] != 0 && rule.fw_uar.fw_pts[1] != 0) {
- r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule);
+ if (GetOriginalPort(link) != 0 && GetDestPort(link) != 0) {
+ u_int32_t rulebuf[255];
+ int i;
+
+ i = fill_rule(rulebuf, sizeof(rulebuf), fwhole,
+ O_ACCEPT, IPPROTO_TCP,
+ GetOriginalAddress(link), ntohs(GetOriginalPort(link)),
+ GetDestAddress(link), ntohs(GetDestPort(link)));
+ r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i);
+ if (r)
+ err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)");
+
+ i = fill_rule(rulebuf, sizeof(rulebuf), fwhole,
+ O_ACCEPT, IPPROTO_TCP,
+ GetDestAddress(link), ntohs(GetDestPort(link)),
+ GetOriginalAddress(link), ntohs(GetOriginalPort(link)));
+ r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i);
+ if (r)
+ err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)");
+ }
+#else /* !IPFW2, old code to generate ipfw rule */
+
+ /* Build generic part of the two rules */
+ rule.fw_number = fwhole;
+ IP_FW_SETNSRCP(&rule, 1); /* Number of source ports. */
+ IP_FW_SETNDSTP(&rule, 1); /* Number of destination ports. */
+ rule.fw_flg = IP_FW_F_ACCEPT | IP_FW_F_IN | IP_FW_F_OUT;
+ rule.fw_prot = IPPROTO_TCP;
+ rule.fw_smsk.s_addr = INADDR_BROADCAST;
+ rule.fw_dmsk.s_addr = INADDR_BROADCAST;
+
+ /* Build and apply specific part of the rules */
+ rule.fw_src = GetOriginalAddress(link);
+ rule.fw_dst = GetDestAddress(link);
+ rule.fw_uar.fw_pts[0] = ntohs(GetOriginalPort(link));
+ rule.fw_uar.fw_pts[1] = ntohs(GetDestPort(link));
+
+ /*
+ * Skip non-bound links - XXX should not be strictly necessary, but
+ * seems to leave hole if not done. Leak of non-bound links? (Code
+ * should be left even if the problem is fixed - it is a clear
+ * optimization)
+ */
+ if (rule.fw_uar.fw_pts[0] != 0 && rule.fw_uar.fw_pts[1] != 0) {
+ r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule);
#ifdef DEBUG
- if (r)
- err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)");
+ if (r)
+ err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)");
#endif
- rule.fw_src = GetDestAddress(link);
- rule.fw_dst = GetOriginalAddress(link);
- rule.fw_uar.fw_pts[0] = ntohs(GetDestPort(link));
- rule.fw_uar.fw_pts[1] = ntohs(GetOriginalPort(link));
- r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule);
+ rule.fw_src = GetDestAddress(link);
+ rule.fw_dst = GetOriginalAddress(link);
+ rule.fw_uar.fw_pts[0] = ntohs(GetDestPort(link));
+ rule.fw_uar.fw_pts[1] = ntohs(GetOriginalPort(link));
+ r = setsockopt(fireWallFD, IPPROTO_IP, IP_FW_ADD, &rule, sizeof rule);
#ifdef DEBUG
- if (r)
- err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)");
+ if (r)
+ err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)");
#endif
- }
-#endif /* !IPFW2 */
+ }
+#endif /* !IPFW2 */
/* Indicate hole applied */
- link->data.tcp->fwhole = fwhole;
- fw_setfield(la, la->fireWallField, fwhole);
+ link->data.tcp->fwhole = fwhole;
+ fw_setfield(la, la->fireWallField, fwhole);
}
/* Remove a hole in a firewall associated with a particular alias
@@ -2848,67 +2716,69 @@ static void
ClearFWHole(struct alias_link *link)
{
- struct libalias *la;
+ struct libalias *la;
- la = link->la;
- if (link->link_type == LINK_TCP) {
- int fwhole = link->data.tcp->fwhole; /* Where is the firewall hole? */
- struct ip_fw rule;
+ la = link->la;
+ if (link->link_type == LINK_TCP) {
+ int fwhole = link->data.tcp->fwhole; /* Where is the firewall
+ * hole? */
+ struct ip_fw rule;
- if (fwhole < 0)
- return;
+ if (fwhole < 0)
+ return;
- memset(&rule, 0, sizeof rule); /* useless for ipfw2 */
+ memset(&rule, 0, sizeof rule); /* useless for ipfw2 */
#if IPFW2
- while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL,
- &fwhole, sizeof fwhole))
- ;
-#else /* !IPFW2 */
- rule.fw_number = fwhole;
- while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL,
- &rule, sizeof rule))
- ;
-#endif /* !IPFW2 */
- fw_clrfield(la, la->fireWallField, fwhole);
- link->data.tcp->fwhole = -1;
- }
+ while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL,
+ &fwhole, sizeof fwhole));
+#else /* !IPFW2 */
+ rule.fw_number = fwhole;
+ while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL,
+ &rule, sizeof rule));
+#endif /* !IPFW2 */
+ fw_clrfield(la, la->fireWallField, fwhole);
+ link->data.tcp->fwhole = -1;
+ }
}
/* Clear out the entire range dedicated to firewall holes. */
static void
-ClearAllFWHoles(struct libalias *la) {
- struct ip_fw rule; /* On-the-fly built rule */
- int i;
+ClearAllFWHoles(struct libalias *la)
+{
+ struct ip_fw rule; /* On-the-fly built rule */
+ int i;
- if (la->fireWallFD < 0)
- return;
+ if (la->fireWallFD < 0)
+ return;
- memset(&rule, 0, sizeof rule);
- for (i = la->fireWallBaseNum; i < la->fireWallBaseNum + la->fireWallNumNums; i++) {
+ memset(&rule, 0, sizeof rule);
+ for (i = la->fireWallBaseNum; i < la->fireWallBaseNum + la->fireWallNumNums; i++) {
#if IPFW2
- int r = i;
- while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r, sizeof r))
- ;
-#else /* !IPFW2 */
- rule.fw_number = i;
- while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule))
- ;
-#endif /* !IPFW2 */
- }
- /* XXX: third arg correct here ? /phk */
- memset(la->fireWallField, 0, la->fireWallNumNums);
+ int r = i;
+
+ while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r, sizeof r));
+#else /* !IPFW2 */
+ rule.fw_number = i;
+ while (!setsockopt(fireWallFD, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule));
+#endif /* !IPFW2 */
+ }
+ /* XXX: third arg correct here ? /phk */
+ memset(la->fireWallField, 0, la->fireWallNumNums);
}
+
#endif
void
-LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num) {
+LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num)
+{
#ifndef NO_FW_PUNCH
- la->fireWallBaseNum = base;
- la->fireWallNumNums = num;
+ la->fireWallBaseNum = base;
+ la->fireWallNumNums = num;
#endif
}
void
-LibAliasSetSkinnyPort(struct libalias *la, unsigned int port) {
- la->skinnyPort = port;
+LibAliasSetSkinnyPort(struct libalias *la, unsigned int port)
+{
+ la->skinnyPort = port;
}
diff --git a/lib/libalias/alias_ftp.c b/lib/libalias/alias_ftp.c
index 08693a7..91d4952 100644
--- a/lib/libalias/alias_ftp.c
+++ b/lib/libalias/alias_ftp.c
@@ -87,495 +87,589 @@ __FBSDID("$FreeBSD$");
#define WAIT_CRLF 0x01
enum ftp_message_type {
- FTP_PORT_COMMAND,
- FTP_EPRT_COMMAND,
- FTP_227_REPLY,
- FTP_229_REPLY,
- FTP_UNKNOWN_MESSAGE
+ FTP_PORT_COMMAND,
+ FTP_EPRT_COMMAND,
+ FTP_227_REPLY,
+ FTP_229_REPLY,
+ FTP_UNKNOWN_MESSAGE
};
-static int ParseFtpPortCommand(struct libalias *la, char *, int);
-static int ParseFtpEprtCommand(struct libalias *la, char *, int);
-static int ParseFtp227Reply(struct libalias *la, char *, int);
-static int ParseFtp229Reply(struct libalias *la, char *, int);
-static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
+static int ParseFtpPortCommand(struct libalias *la, char *, int);
+static int ParseFtpEprtCommand(struct libalias *la, char *, int);
+static int ParseFtp227Reply(struct libalias *la, char *, int);
+static int ParseFtp229Reply(struct libalias *la, char *, int);
+static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
void
AliasHandleFtpOut(
-struct libalias *la,
-struct ip *pip, /* IP packet to examine/patch */
-struct alias_link *link, /* The link to go through (aliased port) */
-int maxpacketsize /* The maximum size this packet can grow to (including headers) */)
+ struct libalias *la,
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *link, /* The link to go through (aliased port) */
+ int maxpacketsize /* The maximum size this packet can grow to
+ (including headers) */ )
{
- int hlen, tlen, dlen, pflags;
- char *sptr;
- struct tcphdr *tc;
- int ftp_message_type;
+ int hlen, tlen, dlen, pflags;
+ char *sptr;
+ struct tcphdr *tc;
+ int ftp_message_type;
/* Calculate data length of TCP packet */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
/* Place string pointer and beginning of data */
- sptr = (char *) pip;
- sptr += hlen;
+ sptr = (char *)pip;
+ sptr += hlen;
/*
* Check that data length is not too long and previous message was
* properly terminated with CRLF.
*/
- pflags = GetProtocolFlags(link);
- if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
- ftp_message_type = FTP_UNKNOWN_MESSAGE;
+ pflags = GetProtocolFlags(link);
+ if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) {
+ ftp_message_type = FTP_UNKNOWN_MESSAGE;
- if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
+ if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
/*
* When aliasing a client, check for the PORT/EPRT command.
*/
- if (ParseFtpPortCommand(la, sptr, dlen))
- ftp_message_type = FTP_PORT_COMMAND;
- else if (ParseFtpEprtCommand(la, sptr, dlen))
- ftp_message_type = FTP_EPRT_COMMAND;
- } else {
+ if (ParseFtpPortCommand(la, sptr, dlen))
+ ftp_message_type = FTP_PORT_COMMAND;
+ else if (ParseFtpEprtCommand(la, sptr, dlen))
+ ftp_message_type = FTP_EPRT_COMMAND;
+ } else {
/*
* When aliasing a server, check for the 227/229 reply.
*/
- if (ParseFtp227Reply(la, sptr, dlen))
- ftp_message_type = FTP_227_REPLY;
- else if (ParseFtp229Reply(la, sptr, dlen)) {
- ftp_message_type = FTP_229_REPLY;
- la->true_addr.s_addr = pip->ip_src.s_addr;
- }
- }
-
- if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
- NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
- }
+ if (ParseFtp227Reply(la, sptr, dlen))
+ ftp_message_type = FTP_227_REPLY;
+ else if (ParseFtp229Reply(la, sptr, dlen)) {
+ ftp_message_type = FTP_229_REPLY;
+ la->true_addr.s_addr = pip->ip_src.s_addr;
+ }
+ }
+ if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
+ NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
+ }
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
- if (dlen) { /* only if there's data */
- sptr = (char *) pip; /* start over at beginning */
- tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */
- if (sptr[tlen-2] == '\r' && sptr[tlen-1] == '\n')
- pflags &= ~WAIT_CRLF;
- else
- pflags |= WAIT_CRLF;
- SetProtocolFlags(link, pflags);
- }
+ if (dlen) { /* only if there's data */
+ sptr = (char *)pip; /* start over at beginning */
+ tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
+ * have grown */
+ if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
+ pflags &= ~WAIT_CRLF;
+ else
+ pflags |= WAIT_CRLF;
+ SetProtocolFlags(link, pflags);
+ }
}
static int
ParseFtpPortCommand(struct libalias *la, char *sptr, int dlen)
{
- char ch;
- int i, state;
- u_int32_t addr;
- u_short port;
- u_int8_t octet;
-
- /* Format: "PORT A,D,D,R,PO,RT". */
-
- /* Return if data length is too short. */
- if (dlen < 18)
- return 0;
-
- addr = port = octet = 0;
- state = -4;
- for (i = 0; i < dlen; i++) {
- ch = sptr[i];
- switch (state) {
- case -4: if (ch == 'P') state++; else return 0; break;
- case -3: if (ch == 'O') state++; else return 0; break;
- case -2: if (ch == 'R') state++; else return 0; break;
- case -1: if (ch == 'T') state++; else return 0; break;
-
- case 0:
- if (isspace(ch))
- break;
- else
- state++;
- case 1: case 3: case 5: case 7: case 9: case 11:
- if (isdigit(ch)) {
- octet = ch - '0';
- state++;
- } else
- return 0;
- break;
- case 2: case 4: case 6: case 8:
- if (isdigit(ch))
- octet = 10 * octet + ch - '0';
- else if (ch == ',') {
- addr = (addr << 8) + octet;
- state++;
- } else
- return 0;
- break;
- case 10: case 12:
- if (isdigit(ch))
- octet = 10 * octet + ch - '0';
- else if (ch == ',' || state == 12) {
- port = (port << 8) + octet;
- state++;
- } else
+ char ch;
+ int i, state;
+ u_int32_t addr;
+ u_short port;
+ u_int8_t octet;
+
+ /* Format: "PORT A,D,D,R,PO,RT". */
+
+ /* Return if data length is too short. */
+ if (dlen < 18)
return 0;
- break;
+
+ addr = port = octet = 0;
+ state = -4;
+ for (i = 0; i < dlen; i++) {
+ ch = sptr[i];
+ switch (state) {
+ case -4:
+ if (ch == 'P')
+ state++;
+ else
+ return 0;
+ break;
+ case -3:
+ if (ch == 'O')
+ state++;
+ else
+ return 0;
+ break;
+ case -2:
+ if (ch == 'R')
+ state++;
+ else
+ return 0;
+ break;
+ case -1:
+ if (ch == 'T')
+ state++;
+ else
+ return 0;
+ break;
+
+ case 0:
+ if (isspace(ch))
+ break;
+ else
+ state++;
+ case 1:
+ case 3:
+ case 5:
+ case 7:
+ case 9:
+ case 11:
+ if (isdigit(ch)) {
+ octet = ch - '0';
+ state++;
+ } else
+ return 0;
+ break;
+ case 2:
+ case 4:
+ case 6:
+ case 8:
+ if (isdigit(ch))
+ octet = 10 * octet + ch - '0';
+ else if (ch == ',') {
+ addr = (addr << 8) + octet;
+ state++;
+ } else
+ return 0;
+ break;
+ case 10:
+ case 12:
+ if (isdigit(ch))
+ octet = 10 * octet + ch - '0';
+ else if (ch == ',' || state == 12) {
+ port = (port << 8) + octet;
+ state++;
+ } else
+ return 0;
+ break;
+ }
}
- }
-
- if (state == 13) {
- la->true_addr.s_addr = htonl(addr);
- la->true_port = port;
- return 1;
- } else
- return 0;
+
+ if (state == 13) {
+ la->true_addr.s_addr = htonl(addr);
+ la->true_port = port;
+ return 1;
+ } else
+ return 0;
}
static int
ParseFtpEprtCommand(struct libalias *la, char *sptr, int dlen)
{
- char ch, delim;
- int i, state;
- u_int32_t addr;
- u_short port;
- u_int8_t octet;
-
- /* Format: "EPRT |1|A.D.D.R|PORT|". */
-
- /* Return if data length is too short. */
- if (dlen < 18)
- return 0;
-
- addr = port = octet = 0;
- delim = '|'; /* XXX gcc -Wuninitialized */
- state = -4;
- for (i = 0; i < dlen; i++) {
- ch = sptr[i];
- switch (state)
- {
- case -4: if (ch == 'E') state++; else return 0; break;
- case -3: if (ch == 'P') state++; else return 0; break;
- case -2: if (ch == 'R') state++; else return 0; break;
- case -1: if (ch == 'T') state++; else return 0; break;
-
- case 0:
- if (!isspace(ch)) {
- delim = ch;
- state++;
- }
- break;
- case 1:
- if (ch == '1') /* IPv4 address */
- state++;
- else
- return 0;
- break;
- case 2:
- if (ch == delim)
- state++;
- else
- return 0;
- break;
- case 3: case 5: case 7: case 9:
- if (isdigit(ch)) {
- octet = ch - '0';
- state++;
- } else
- return 0;
- break;
- case 4: case 6: case 8: case 10:
- if (isdigit(ch))
- octet = 10 * octet + ch - '0';
- else if (ch == '.' || state == 10) {
- addr = (addr << 8) + octet;
- state++;
- } else
- return 0;
- break;
- case 11:
- if (isdigit(ch)) {
- port = ch - '0';
- state++;
- } else
- return 0;
- break;
- case 12:
- if (isdigit(ch))
- port = 10 * port + ch - '0';
- else if (ch == delim)
- state++;
- else
+ char ch, delim;
+ int i, state;
+ u_int32_t addr;
+ u_short port;
+ u_int8_t octet;
+
+ /* Format: "EPRT |1|A.D.D.R|PORT|". */
+
+ /* Return if data length is too short. */
+ if (dlen < 18)
return 0;
- break;
+
+ addr = port = octet = 0;
+ delim = '|'; /* XXX gcc -Wuninitialized */
+ state = -4;
+ for (i = 0; i < dlen; i++) {
+ ch = sptr[i];
+ switch (state) {
+ case -4:
+ if (ch == 'E')
+ state++;
+ else
+ return 0;
+ break;
+ case -3:
+ if (ch == 'P')
+ state++;
+ else
+ return 0;
+ break;
+ case -2:
+ if (ch == 'R')
+ state++;
+ else
+ return 0;
+ break;
+ case -1:
+ if (ch == 'T')
+ state++;
+ else
+ return 0;
+ break;
+
+ case 0:
+ if (!isspace(ch)) {
+ delim = ch;
+ state++;
+ }
+ break;
+ case 1:
+ if (ch == '1') /* IPv4 address */
+ state++;
+ else
+ return 0;
+ break;
+ case 2:
+ if (ch == delim)
+ state++;
+ else
+ return 0;
+ break;
+ case 3:
+ case 5:
+ case 7:
+ case 9:
+ if (isdigit(ch)) {
+ octet = ch - '0';
+ state++;
+ } else
+ return 0;
+ break;
+ case 4:
+ case 6:
+ case 8:
+ case 10:
+ if (isdigit(ch))
+ octet = 10 * octet + ch - '0';
+ else if (ch == '.' || state == 10) {
+ addr = (addr << 8) + octet;
+ state++;
+ } else
+ return 0;
+ break;
+ case 11:
+ if (isdigit(ch)) {
+ port = ch - '0';
+ state++;
+ } else
+ return 0;
+ break;
+ case 12:
+ if (isdigit(ch))
+ port = 10 * port + ch - '0';
+ else if (ch == delim)
+ state++;
+ else
+ return 0;
+ break;
+ }
}
- }
-
- if (state == 13) {
- la->true_addr.s_addr = htonl(addr);
- la->true_port = port;
- return 1;
- } else
- return 0;
+
+ if (state == 13) {
+ la->true_addr.s_addr = htonl(addr);
+ la->true_port = port;
+ return 1;
+ } else
+ return 0;
}
static int
ParseFtp227Reply(struct libalias *la, char *sptr, int dlen)
{
- char ch;
- int i, state;
- u_int32_t addr;
- u_short port;
- u_int8_t octet;
-
- /* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */
-
- /* Return if data length is too short. */
- if (dlen < 17)
- return 0;
-
- addr = port = octet = 0;
-
- state = -3;
- for (i = 0; i < dlen; i++) {
- ch = sptr[i];
- switch (state)
- {
- case -3: if (ch == '2') state++; else return 0; break;
- case -2: if (ch == '2') state++; else return 0; break;
- case -1: if (ch == '7') state++; else return 0; break;
-
- case 0:
- if (ch == '(')
- state++;
- break;
- case 1: case 3: case 5: case 7: case 9: case 11:
- if (isdigit(ch)) {
- octet = ch - '0';
- state++;
- } else
- return 0;
- break;
- case 2: case 4: case 6: case 8:
- if (isdigit(ch))
- octet = 10 * octet + ch - '0';
- else if (ch == ',') {
- addr = (addr << 8) + octet;
- state++;
- } else
- return 0;
- break;
- case 10: case 12:
- if (isdigit(ch))
- octet = 10 * octet + ch - '0';
- else if (ch == ',' || (state == 12 && ch == ')')) {
- port = (port << 8) + octet;
- state++;
- } else
+ char ch;
+ int i, state;
+ u_int32_t addr;
+ u_short port;
+ u_int8_t octet;
+
+ /* Format: "227 Entering Passive Mode (A,D,D,R,PO,RT)" */
+
+ /* Return if data length is too short. */
+ if (dlen < 17)
return 0;
- break;
+
+ addr = port = octet = 0;
+
+ state = -3;
+ for (i = 0; i < dlen; i++) {
+ ch = sptr[i];
+ switch (state) {
+ case -3:
+ if (ch == '2')
+ state++;
+ else
+ return 0;
+ break;
+ case -2:
+ if (ch == '2')
+ state++;
+ else
+ return 0;
+ break;
+ case -1:
+ if (ch == '7')
+ state++;
+ else
+ return 0;
+ break;
+
+ case 0:
+ if (ch == '(')
+ state++;
+ break;
+ case 1:
+ case 3:
+ case 5:
+ case 7:
+ case 9:
+ case 11:
+ if (isdigit(ch)) {
+ octet = ch - '0';
+ state++;
+ } else
+ return 0;
+ break;
+ case 2:
+ case 4:
+ case 6:
+ case 8:
+ if (isdigit(ch))
+ octet = 10 * octet + ch - '0';
+ else if (ch == ',') {
+ addr = (addr << 8) + octet;
+ state++;
+ } else
+ return 0;
+ break;
+ case 10:
+ case 12:
+ if (isdigit(ch))
+ octet = 10 * octet + ch - '0';
+ else if (ch == ',' || (state == 12 && ch == ')')) {
+ port = (port << 8) + octet;
+ state++;
+ } else
+ return 0;
+ break;
+ }
}
- }
-
- if (state == 13) {
- la->true_port = port;
- la->true_addr.s_addr = htonl(addr);
- return 1;
- } else
- return 0;
+
+ if (state == 13) {
+ la->true_port = port;
+ la->true_addr.s_addr = htonl(addr);
+ return 1;
+ } else
+ return 0;
}
static int
ParseFtp229Reply(struct libalias *la, char *sptr, int dlen)
{
- char ch, delim;
- int i, state;
- u_short port;
-
- /* Format: "229 Entering Extended Passive Mode (|||PORT|)" */
-
- /* Return if data length is too short. */
- if (dlen < 11)
- return 0;
-
- port = 0;
- delim = '|'; /* XXX gcc -Wuninitialized */
-
- state = -3;
- for (i = 0; i < dlen; i++) {
- ch = sptr[i];
- switch (state)
- {
- case -3: if (ch == '2') state++; else return 0; break;
- case -2: if (ch == '2') state++; else return 0; break;
- case -1: if (ch == '9') state++; else return 0; break;
-
- case 0:
- if (ch == '(')
- state++;
- break;
- case 1:
- delim = ch;
- state++;
- break;
- case 2: case 3:
- if (ch == delim)
- state++;
- else
- return 0;
- break;
- case 4:
- if (isdigit(ch)) {
- port = ch - '0';
- state++;
- } else
- return 0;
- break;
- case 5:
- if (isdigit(ch))
- port = 10 * port + ch - '0';
- else if (ch == delim)
- state++;
- else
- return 0;
- break;
- case 6:
- if (ch == ')')
- state++;
- else
+ char ch, delim;
+ int i, state;
+ u_short port;
+
+ /* Format: "229 Entering Extended Passive Mode (|||PORT|)" */
+
+ /* Return if data length is too short. */
+ if (dlen < 11)
return 0;
- break;
+
+ port = 0;
+ delim = '|'; /* XXX gcc -Wuninitialized */
+
+ state = -3;
+ for (i = 0; i < dlen; i++) {
+ ch = sptr[i];
+ switch (state) {
+ case -3:
+ if (ch == '2')
+ state++;
+ else
+ return 0;
+ break;
+ case -2:
+ if (ch == '2')
+ state++;
+ else
+ return 0;
+ break;
+ case -1:
+ if (ch == '9')
+ state++;
+ else
+ return 0;
+ break;
+
+ case 0:
+ if (ch == '(')
+ state++;
+ break;
+ case 1:
+ delim = ch;
+ state++;
+ break;
+ case 2:
+ case 3:
+ if (ch == delim)
+ state++;
+ else
+ return 0;
+ break;
+ case 4:
+ if (isdigit(ch)) {
+ port = ch - '0';
+ state++;
+ } else
+ return 0;
+ break;
+ case 5:
+ if (isdigit(ch))
+ port = 10 * port + ch - '0';
+ else if (ch == delim)
+ state++;
+ else
+ return 0;
+ break;
+ case 6:
+ if (ch == ')')
+ state++;
+ else
+ return 0;
+ break;
+ }
}
- }
- if (state == 7) {
- la->true_port = port;
- return 1;
- } else
- return 0;
+ if (state == 7) {
+ la->true_port = port;
+ return 1;
+ } else
+ return 0;
}
static void
NewFtpMessage(struct libalias *la, struct ip *pip,
- struct alias_link *link,
- int maxpacketsize,
- int ftp_message_type)
+ struct alias_link *link,
+ int maxpacketsize,
+ int ftp_message_type)
{
- struct alias_link *ftp_link;
+ struct alias_link *ftp_link;
/* Security checks. */
- if (pip->ip_src.s_addr != la->true_addr.s_addr)
- return;
+ if (pip->ip_src.s_addr != la->true_addr.s_addr)
+ return;
- if (la->true_port < IPPORT_RESERVED)
- return;
+ if (la->true_port < IPPORT_RESERVED)
+ return;
/* Establish link to address and port found in FTP control message. */
- ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
- htons(la->true_port), 0, IPPROTO_TCP, 1);
+ ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
+ htons(la->true_port), 0, IPPROTO_TCP, 1);
- if (ftp_link != NULL)
- {
- int slen, hlen, tlen, dlen;
- struct tcphdr *tc;
+ if (ftp_link != NULL) {
+ int slen, hlen, tlen, dlen;
+ struct tcphdr *tc;
#ifndef NO_FW_PUNCH
- /* Punch hole in firewall */
- PunchFWHole(ftp_link);
+ /* Punch hole in firewall */
+ PunchFWHole(ftp_link);
#endif
/* Calculate data length of TCP packet */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
/* Create new FTP message. */
- {
- char stemp[MAX_MESSAGE_SIZE + 1];
- char *sptr;
- u_short alias_port;
- u_char *ptr;
- int a1, a2, a3, a4, p1, p2;
- struct in_addr alias_address;
+ {
+ char stemp[MAX_MESSAGE_SIZE + 1];
+ char *sptr;
+ u_short alias_port;
+ u_char *ptr;
+ int a1, a2, a3, a4, p1, p2;
+ struct in_addr alias_address;
/* Decompose alias address into quad format */
- alias_address = GetAliasAddress(link);
- ptr = (u_char *) &alias_address.s_addr;
- a1 = *ptr++; a2=*ptr++; a3=*ptr++; a4=*ptr;
-
- alias_port = GetAliasPort(ftp_link);
-
- switch (ftp_message_type)
- {
- case FTP_PORT_COMMAND:
- case FTP_227_REPLY:
- /* Decompose alias port into pair format. */
- ptr = (char *) &alias_port;
- p1 = *ptr++; p2=*ptr;
-
- if (ftp_message_type == FTP_PORT_COMMAND) {
- /* Generate PORT command string. */
- sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
- a1,a2,a3,a4,p1,p2);
- } else {
- /* Generate 227 reply string. */
- sprintf(stemp,
- "227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n",
- a1,a2,a3,a4,p1,p2);
- }
- break;
- case FTP_EPRT_COMMAND:
- /* Generate EPRT command string. */
- sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
- a1,a2,a3,a4,ntohs(alias_port));
- break;
- case FTP_229_REPLY:
- /* Generate 229 reply string. */
- sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
- ntohs(alias_port));
- break;
- }
+ alias_address = GetAliasAddress(link);
+ ptr = (u_char *) & alias_address.s_addr;
+ a1 = *ptr++;
+ a2 = *ptr++;
+ a3 = *ptr++;
+ a4 = *ptr;
+
+ alias_port = GetAliasPort(ftp_link);
+
+ switch (ftp_message_type) {
+ case FTP_PORT_COMMAND:
+ case FTP_227_REPLY:
+ /* Decompose alias port into pair format. */
+ ptr = (char *)&alias_port;
+ p1 = *ptr++;
+ p2 = *ptr;
+
+ if (ftp_message_type == FTP_PORT_COMMAND) {
+ /* Generate PORT command string. */
+ sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
+ a1, a2, a3, a4, p1, p2);
+ } else {
+ /* Generate 227 reply string. */
+ sprintf(stemp,
+ "227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n",
+ a1, a2, a3, a4, p1, p2);
+ }
+ break;
+ case FTP_EPRT_COMMAND:
+ /* Generate EPRT command string. */
+ sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
+ a1, a2, a3, a4, ntohs(alias_port));
+ break;
+ case FTP_229_REPLY:
+ /* Generate 229 reply string. */
+ sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
+ ntohs(alias_port));
+ break;
+ }
/* Save string length for IP header modification */
- slen = strlen(stemp);
+ slen = strlen(stemp);
/* Copy modified buffer into IP packet. */
- sptr = (char *) pip; sptr += hlen;
- strncpy(sptr, stemp, maxpacketsize-hlen);
- }
+ sptr = (char *)pip;
+ sptr += hlen;
+ strncpy(sptr, stemp, maxpacketsize - hlen);
+ }
/* Save information regarding modified seq and ack numbers */
- {
- int delta;
+ {
+ int delta;
- SetAckModified(link);
- delta = GetDeltaSeqOut(pip, link);
- AddSeq(pip, link, delta+slen-dlen);
- }
+ SetAckModified(link);
+ delta = GetDeltaSeqOut(pip, link);
+ AddSeq(pip, link, delta + slen - dlen);
+ }
/* Revise IP header */
- {
- u_short new_len;
-
- new_len = htons(hlen + slen);
- DifferentialChecksum(&pip->ip_sum,
- &new_len,
- &pip->ip_len,
- 1);
- pip->ip_len = new_len;
- }
+ {
+ u_short new_len;
+
+ new_len = htons(hlen + slen);
+ DifferentialChecksum(&pip->ip_sum,
+ &new_len,
+ &pip->ip_len,
+ 1);
+ pip->ip_len = new_len;
+ }
/* Compute TCP checksum for revised packet */
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum(pip);
- }
- else
- {
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
+ } else {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n");
+ fprintf(stderr,
+ "PacketAlias/HandleFtpOut: Cannot allocate FTP data port\n");
#endif
- }
+ }
}
diff --git a/lib/libalias/alias_irc.c b/lib/libalias/alias_irc.c
index 3b2ff92..5785e54 100644
--- a/lib/libalias/alias_irc.c
+++ b/lib/libalias/alias_irc.c
@@ -65,277 +65,305 @@ __FBSDID("$FreeBSD$");
void
-AliasHandleIrcOut(struct libalias *la,
- struct ip *pip, /* IP packet to examine */
- struct alias_link *link, /* Which link are we on? */
- int maxsize /* Maximum size of IP packet including headers */
- )
+AliasHandleIrcOut(struct libalias *la,
+ struct ip *pip, /* IP packet to examine */
+ struct alias_link *link, /* Which link are we on? */
+ int maxsize /* Maximum size of IP packet including
+ * headers */
+)
{
- int hlen, tlen, dlen;
- struct in_addr true_addr;
- u_short true_port;
- char *sptr;
- struct tcphdr *tc;
- int i; /* Iterator through the source */
+ int hlen, tlen, dlen;
+ struct in_addr true_addr;
+ u_short true_port;
+ char *sptr;
+ struct tcphdr *tc;
+ int i; /* Iterator through the source */
/* Calculate data length of TCP packet */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
-
- /* Return if data length is too short - assume an entire PRIVMSG in each packet. */
- if (dlen<sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a")-1)
- return;
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
+
+ /*
+ * Return if data length is too short - assume an entire PRIVMSG in
+ * each packet.
+ */
+ if (dlen < sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a") - 1)
+ return;
/* Place string pointer at beginning of data */
- sptr = (char *) pip;
- sptr += hlen;
- maxsize -= hlen; /* We're interested in maximum size of data, not packet */
-
- /* Search for a CTCP command [Note 1] */
- for( i=0; i<dlen; i++ ) {
- if(sptr[i]=='\001')
- goto lFOUND_CTCP;
- }
- return; /* No CTCP commands in */
- /* Handle CTCP commands - the buffer may have to be copied */
+ sptr = (char *)pip;
+ sptr += hlen;
+ maxsize -= hlen; /* We're interested in maximum size of
+ * data, not packet */
+
+ /* Search for a CTCP command [Note 1] */
+ for (i = 0; i < dlen; i++) {
+ if (sptr[i] == '\001')
+ goto lFOUND_CTCP;
+ }
+ return; /* No CTCP commands in */
+ /* Handle CTCP commands - the buffer may have to be copied */
lFOUND_CTCP:
- {
- char newpacket[65536]; /* Estimate of maximum packet size :) */
- int copyat = i; /* Same */
- int iCopy = 0; /* How much data have we written to copy-back string? */
- unsigned long org_addr; /* Original IP address */
- unsigned short org_port; /* Original source port address */
- lCTCP_START:
- if( i >= dlen || iCopy >= sizeof(newpacket) )
- goto lPACKET_DONE;
- newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start character */
- /* Start of a CTCP */
- if( i+4 >= dlen ) /* Too short for DCC */
- goto lBAD_CTCP;
- if( sptr[i+0] != 'D' )
- goto lBAD_CTCP;
- if( sptr[i+1] != 'C' )
- goto lBAD_CTCP;
- if( sptr[i+2] != 'C' )
- goto lBAD_CTCP;
- if( sptr[i+3] != ' ' )
- goto lBAD_CTCP;
- /* We have a DCC command - handle it! */
- i+= 4; /* Skip "DCC " */
- if( iCopy+4 > sizeof(newpacket) )
- goto lPACKET_DONE;
- newpacket[iCopy++] = 'D';
- newpacket[iCopy++] = 'C';
- newpacket[iCopy++] = 'C';
- newpacket[iCopy++] = ' ';
-
- DBprintf(("Found DCC\n"));
- /* Skip any extra spaces (should not occur according to
- protocol, but DCC breaks CTCP protocol anyway */
- while(sptr[i] == ' ') {
- if( ++i >= dlen) {
- DBprintf(("DCC packet terminated in just spaces\n"));
- goto lPACKET_DONE;
- }
- }
-
- DBprintf(("Transferring command...\n"));
- while(sptr[i] != ' ') {
- newpacket[iCopy++] = sptr[i];
- if( ++i >= dlen || iCopy >= sizeof(newpacket) ) {
- DBprintf(("DCC packet terminated during command\n"));
- goto lPACKET_DONE;
- }
- }
- /* Copy _one_ space */
- if( i+1 < dlen && iCopy < sizeof(newpacket) )
- newpacket[iCopy++] = sptr[i++];
-
- DBprintf(("Done command - removing spaces\n"));
- /* Skip any extra spaces (should not occur according to
- protocol, but DCC breaks CTCP protocol anyway */
- while(sptr[i] == ' ') {
- if( ++i >= dlen ) {
- DBprintf(("DCC packet terminated in just spaces (post-command)\n"));
- goto lPACKET_DONE;
- }
- }
-
- DBprintf(("Transferring filename...\n"));
- while(sptr[i] != ' ') {
- newpacket[iCopy++] = sptr[i];
- if( ++i >= dlen || iCopy >= sizeof(newpacket) ) {
- DBprintf(("DCC packet terminated during filename\n"));
- goto lPACKET_DONE;
- }
- }
- /* Copy _one_ space */
- if( i+1 < dlen && iCopy < sizeof(newpacket) )
- newpacket[iCopy++] = sptr[i++];
-
- DBprintf(("Done filename - removing spaces\n"));
- /* Skip any extra spaces (should not occur according to
- protocol, but DCC breaks CTCP protocol anyway */
- while(sptr[i] == ' ') {
- if( ++i >= dlen ) {
- DBprintf(("DCC packet terminated in just spaces (post-filename)\n"));
- goto lPACKET_DONE;
- }
- }
-
- DBprintf(("Fetching IP address\n"));
- /* Fetch IP address */
- org_addr = 0;
- while(i<dlen && isdigit(sptr[i])) {
- if( org_addr > ULONG_MAX/10UL ) { /* Terminate on overflow */
- DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i]));
- goto lBAD_CTCP;
- }
- org_addr *= 10;
- org_addr += sptr[i++]-'0';
- }
- DBprintf(("Skipping space\n"));
- if( i+1 >= dlen || sptr[i] != ' ' ) {
- DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i+1, dlen, sptr[i]));
- goto lBAD_CTCP;
- }
- /* Skip any extra spaces (should not occur according to
- protocol, but DCC breaks CTCP protocol anyway, so we might
- as well play it safe */
- while(sptr[i] == ' ') {
- if( ++i >= dlen ) {
- DBprintf(("Packet failure - space overflow.\n"));
- goto lPACKET_DONE;
- }
- }
- DBprintf(("Fetching port number\n"));
- /* Fetch source port */
- org_port = 0;
- while(i<dlen && isdigit(sptr[i])) {
- if( org_port > 6554 ) { /* Terminate on overflow (65536/10 rounded up*/
- DBprintf(("DCC: port number overflow\n"));
- goto lBAD_CTCP;
- }
- org_port *= 10;
- org_port += sptr[i++]-'0';
- }
- /* Skip illegal addresses (or early termination) */
- if( i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ') ) {
- DBprintf(("Bad port termination\n"));
- goto lBAD_CTCP;
- }
- DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
-
- /* We've got the address and port - now alias it */
- {
- struct alias_link *dcc_link;
- struct in_addr destaddr;
-
-
- true_port = htons(org_port);
- true_addr.s_addr = htonl(org_addr);
- destaddr.s_addr = 0;
-
- /* Sanity/Security checking */
- if (!org_addr || !org_port ||
- pip->ip_src.s_addr != true_addr.s_addr ||
- org_port < IPPORT_RESERVED)
- goto lBAD_CTCP;
-
- /* Steal the FTP_DATA_PORT - it doesn't really matter, and this
- would probably allow it through at least _some_
- firewalls. */
- dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
- true_port, 0,
- IPPROTO_TCP, 1);
- DBprintf(("Got a DCC link\n"));
- if ( dcc_link ) {
- struct in_addr alias_address; /* Address from aliasing */
- u_short alias_port; /* Port given by aliasing */
- int n;
+ {
+ char newpacket[65536]; /* Estimate of maximum packet size
+ * :) */
+ int copyat = i; /* Same */
+ int iCopy = 0; /* How much data have we written to
+ * copy-back string? */
+ unsigned long org_addr; /* Original IP address */
+ unsigned short org_port; /* Original source port
+ * address */
+
+lCTCP_START:
+ if (i >= dlen || iCopy >= sizeof(newpacket))
+ goto lPACKET_DONE;
+ newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start
+ * character */
+ /* Start of a CTCP */
+ if (i + 4 >= dlen) /* Too short for DCC */
+ goto lBAD_CTCP;
+ if (sptr[i + 0] != 'D')
+ goto lBAD_CTCP;
+ if (sptr[i + 1] != 'C')
+ goto lBAD_CTCP;
+ if (sptr[i + 2] != 'C')
+ goto lBAD_CTCP;
+ if (sptr[i + 3] != ' ')
+ goto lBAD_CTCP;
+ /* We have a DCC command - handle it! */
+ i += 4; /* Skip "DCC " */
+ if (iCopy + 4 > sizeof(newpacket))
+ goto lPACKET_DONE;
+ newpacket[iCopy++] = 'D';
+ newpacket[iCopy++] = 'C';
+ newpacket[iCopy++] = 'C';
+ newpacket[iCopy++] = ' ';
+
+ DBprintf(("Found DCC\n"));
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf(("DCC packet terminated in just spaces\n"));
+ goto lPACKET_DONE;
+ }
+ }
+
+ DBprintf(("Transferring command...\n"));
+ while (sptr[i] != ' ') {
+ newpacket[iCopy++] = sptr[i];
+ if (++i >= dlen || iCopy >= sizeof(newpacket)) {
+ DBprintf(("DCC packet terminated during command\n"));
+ goto lPACKET_DONE;
+ }
+ }
+ /* Copy _one_ space */
+ if (i + 1 < dlen && iCopy < sizeof(newpacket))
+ newpacket[iCopy++] = sptr[i++];
+
+ DBprintf(("Done command - removing spaces\n"));
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf(("DCC packet terminated in just spaces (post-command)\n"));
+ goto lPACKET_DONE;
+ }
+ }
+
+ DBprintf(("Transferring filename...\n"));
+ while (sptr[i] != ' ') {
+ newpacket[iCopy++] = sptr[i];
+ if (++i >= dlen || iCopy >= sizeof(newpacket)) {
+ DBprintf(("DCC packet terminated during filename\n"));
+ goto lPACKET_DONE;
+ }
+ }
+ /* Copy _one_ space */
+ if (i + 1 < dlen && iCopy < sizeof(newpacket))
+ newpacket[iCopy++] = sptr[i++];
+
+ DBprintf(("Done filename - removing spaces\n"));
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf(("DCC packet terminated in just spaces (post-filename)\n"));
+ goto lPACKET_DONE;
+ }
+ }
+
+ DBprintf(("Fetching IP address\n"));
+ /* Fetch IP address */
+ org_addr = 0;
+ while (i < dlen && isdigit(sptr[i])) {
+ if (org_addr > ULONG_MAX / 10UL) { /* Terminate on overflow */
+ DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i]));
+ goto lBAD_CTCP;
+ }
+ org_addr *= 10;
+ org_addr += sptr[i++] - '0';
+ }
+ DBprintf(("Skipping space\n"));
+ if (i + 1 >= dlen || sptr[i] != ' ') {
+ DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i + 1, dlen, sptr[i]));
+ goto lBAD_CTCP;
+ }
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway, so we
+ * might as well play it safe
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf(("Packet failure - space overflow.\n"));
+ goto lPACKET_DONE;
+ }
+ }
+ DBprintf(("Fetching port number\n"));
+ /* Fetch source port */
+ org_port = 0;
+ while (i < dlen && isdigit(sptr[i])) {
+ if (org_port > 6554) { /* Terminate on overflow
+ * (65536/10 rounded up */
+ DBprintf(("DCC: port number overflow\n"));
+ goto lBAD_CTCP;
+ }
+ org_port *= 10;
+ org_port += sptr[i++] - '0';
+ }
+ /* Skip illegal addresses (or early termination) */
+ if (i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ')) {
+ DBprintf(("Bad port termination\n"));
+ goto lBAD_CTCP;
+ }
+ DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
+
+ /* We've got the address and port - now alias it */
+ {
+ struct alias_link *dcc_link;
+ struct in_addr destaddr;
+
+
+ true_port = htons(org_port);
+ true_addr.s_addr = htonl(org_addr);
+ destaddr.s_addr = 0;
+
+ /* Sanity/Security checking */
+ if (!org_addr || !org_port ||
+ pip->ip_src.s_addr != true_addr.s_addr ||
+ org_port < IPPORT_RESERVED)
+ goto lBAD_CTCP;
+
+ /*
+ * Steal the FTP_DATA_PORT - it doesn't really
+ * matter, and this would probably allow it through
+ * at least _some_ firewalls.
+ */
+ dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
+ true_port, 0,
+ IPPROTO_TCP, 1);
+ DBprintf(("Got a DCC link\n"));
+ if (dcc_link) {
+ struct in_addr alias_address; /* Address from aliasing */
+ u_short alias_port; /* Port given by
+ * aliasing */
+ int n;
#ifndef NO_FW_PUNCH
- /* Generate firewall hole as appropriate */
- PunchFWHole(dcc_link);
+ /* Generate firewall hole as appropriate */
+ PunchFWHole(dcc_link);
#endif
- alias_address = GetAliasAddress(link);
- n = snprintf(&newpacket[iCopy],
- sizeof(newpacket)-iCopy,
- "%lu ", (u_long)htonl(alias_address.s_addr));
- if( n < 0 ) {
- DBprintf(("DCC packet construct failure.\n"));
- goto lBAD_CTCP;
- }
- if( (iCopy += n) >= sizeof(newpacket) ) { /* Truncated/fit exactly - bad news */
- DBprintf(("DCC constructed packet overflow.\n"));
- goto lBAD_CTCP;
- }
- alias_port = GetAliasPort(dcc_link);
- n = snprintf(&newpacket[iCopy],
- sizeof(newpacket)-iCopy,
- "%u", htons(alias_port) );
- if( n < 0 ) {
- DBprintf(("DCC packet construct failure.\n"));
- goto lBAD_CTCP;
- }
- iCopy += n;
- /* Done - truncated cases will be taken care of by lBAD_CTCP */
- DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port));
- }
- }
- /* An uninteresting CTCP - state entered right after '\001' has
- been pushed. Also used to copy the rest of a DCC, after IP
- address and port has been handled */
- lBAD_CTCP:
- for(; i<dlen && iCopy<sizeof(newpacket); i++,iCopy++) {
- newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
- if(sptr[i] == '\001') {
- goto lNORMAL_TEXT;
- }
- }
- goto lPACKET_DONE;
- /* Normal text */
- lNORMAL_TEXT:
- for(; i<dlen && iCopy<sizeof(newpacket); i++,iCopy++) {
- newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
- if(sptr[i] == '\001') {
- goto lCTCP_START;
- }
- }
- /* Handle the end of a packet */
- lPACKET_DONE:
- iCopy = iCopy > maxsize-copyat ? maxsize-copyat : iCopy;
- memcpy(sptr+copyat, newpacket, iCopy);
+ alias_address = GetAliasAddress(link);
+ n = snprintf(&newpacket[iCopy],
+ sizeof(newpacket) - iCopy,
+ "%lu ", (u_long) htonl(alias_address.s_addr));
+ if (n < 0) {
+ DBprintf(("DCC packet construct failure.\n"));
+ goto lBAD_CTCP;
+ }
+ if ((iCopy += n) >= sizeof(newpacket)) { /* Truncated/fit exactly
+ * - bad news */
+ DBprintf(("DCC constructed packet overflow.\n"));
+ goto lBAD_CTCP;
+ }
+ alias_port = GetAliasPort(dcc_link);
+ n = snprintf(&newpacket[iCopy],
+ sizeof(newpacket) - iCopy,
+ "%u", htons(alias_port));
+ if (n < 0) {
+ DBprintf(("DCC packet construct failure.\n"));
+ goto lBAD_CTCP;
+ }
+ iCopy += n;
+ /*
+ * Done - truncated cases will be taken
+ * care of by lBAD_CTCP
+ */
+ DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port));
+ }
+ }
+ /*
+ * An uninteresting CTCP - state entered right after '\001'
+ * has been pushed. Also used to copy the rest of a DCC,
+ * after IP address and port has been handled
+ */
+lBAD_CTCP:
+ for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) {
+ newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
+ if (sptr[i] == '\001') {
+ goto lNORMAL_TEXT;
+ }
+ }
+ goto lPACKET_DONE;
+ /* Normal text */
+lNORMAL_TEXT:
+ for (; i < dlen && iCopy < sizeof(newpacket); i++, iCopy++) {
+ newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
+ if (sptr[i] == '\001') {
+ goto lCTCP_START;
+ }
+ }
+ /* Handle the end of a packet */
+lPACKET_DONE:
+ iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy;
+ memcpy(sptr + copyat, newpacket, iCopy);
/* Save information regarding modified seq and ack numbers */
- {
- int delta;
-
- SetAckModified(link);
- delta = GetDeltaSeqOut(pip, link);
- AddSeq(pip, link, delta+copyat+iCopy-dlen);
- }
-
- /* Revise IP header */
- {
- u_short new_len;
-
- new_len = htons(hlen + iCopy + copyat);
- DifferentialChecksum(&pip->ip_sum,
- &new_len,
- &pip->ip_len,
- 1);
- pip->ip_len = new_len;
- }
-
- /* Compute TCP checksum for revised packet */
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum(pip);
- return;
- }
+ {
+ int delta;
+
+ SetAckModified(link);
+ delta = GetDeltaSeqOut(pip, link);
+ AddSeq(pip, link, delta + copyat + iCopy - dlen);
+ }
+
+ /* Revise IP header */
+ {
+ u_short new_len;
+
+ new_len = htons(hlen + iCopy + copyat);
+ DifferentialChecksum(&pip->ip_sum,
+ &new_len,
+ &pip->ip_len,
+ 1);
+ pip->ip_len = new_len;
+ }
+
+ /* Compute TCP checksum for revised packet */
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
+ return;
+ }
}
/* Notes:
diff --git a/lib/libalias/alias_local.h b/lib/libalias/alias_local.h
index 0ed289a..420a435 100644
--- a/lib/libalias/alias_local.h
+++ b/lib/libalias/alias_local.h
@@ -55,80 +55,84 @@
struct proxy_entry;
struct libalias {
- LIST_ENTRY(libalias) instancelist;
+ LIST_ENTRY(libalias) instancelist;
- int packetAliasMode; /* Mode flags */
- /* - documented in alias.h */
+ int packetAliasMode; /* Mode flags */
+ /* - documented in alias.h */
- struct in_addr aliasAddress; /* Address written onto source */
- /* field of IP packet. */
+ struct in_addr aliasAddress; /* Address written onto source */
+ /* field of IP packet. */
- struct in_addr targetAddress; /* IP address incoming packets */
- /* are sent to if no aliasing */
- /* link already exists */
+ struct in_addr targetAddress; /* IP address incoming packets */
+ /* are sent to if no aliasing */
+ /* link already exists */
- struct in_addr nullAddress; /* Used as a dummy parameter for */
- /* some function calls */
+ struct in_addr nullAddress; /* Used as a dummy parameter for */
+ /* some function calls */
- LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
- /* Lookup table of pointers to */
- /* chains of link records. Each */
+ LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
+ /* Lookup table of pointers to */
+ /* chains of link records. Each */
- LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
- /* link record is doubly indexed */
- /* into input and output lookup */
- /* tables. */
+ LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
+ /* link record is doubly indexed */
+ /* into input and output lookup */
+ /* tables. */
- /* Link statistics */
- int icmpLinkCount;
- int udpLinkCount;
- int tcpLinkCount;
- int pptpLinkCount;
- int protoLinkCount;
- int fragmentIdLinkCount;
- int fragmentPtrLinkCount;
- int sockCount;
+ /* Link statistics */
+ int icmpLinkCount;
+ int udpLinkCount;
+ int tcpLinkCount;
+ int pptpLinkCount;
+ int protoLinkCount;
+ int fragmentIdLinkCount;
+ int fragmentPtrLinkCount;
+ int sockCount;
- int cleanupIndex; /* Index to chain of link table */
- /* being inspected for old links */
+ int cleanupIndex; /* Index to chain of link table */
+ /* being inspected for old links */
- int timeStamp; /* System time in seconds for */
- /* current packet */
+ int timeStamp; /* System time in seconds for */
+ /* current packet */
- int lastCleanupTime; /* Last time IncrementalCleanup() */
- /* was called */
+ int lastCleanupTime; /* Last time
+ * IncrementalCleanup() */
+ /* was called */
- int houseKeepingResidual; /* used by HouseKeeping() */
+ int houseKeepingResidual; /* used by HouseKeeping() */
- int deleteAllLinks; /* If equal to zero, DeleteLink() */
- /* will not remove permanent links */
+ int deleteAllLinks; /* If equal to zero, DeleteLink() */
+ /* will not remove permanent links */
- FILE *monitorFile; /* File descriptor for link */
- /* statistics monitoring file */
+ FILE *monitorFile; /* File descriptor for link */
+ /* statistics monitoring file */
- int newDefaultLink; /* Indicates if a new aliasing */
- /* link has been created after a */
- /* call to PacketAliasIn/Out(). */
+ int newDefaultLink; /* Indicates if a new aliasing */
+ /* link has been created after a */
+ /* call to PacketAliasIn/Out(). */
#ifndef NO_FW_PUNCH
- int fireWallFD; /* File descriptor to be able to */
- /* control firewall. Opened by */
- /* PacketAliasSetMode on first */
- /* setting the PKT_ALIAS_PUNCH_FW */
- /* flag. */
- int fireWallBaseNum; /* The first firewall entry free for our use */
- int fireWallNumNums; /* How many entries can we use? */
- int fireWallActiveNum; /* Which entry did we last use? */
- char *fireWallField; /* bool array for entries */
+ int fireWallFD; /* File descriptor to be able to */
+ /* control firewall. Opened by */
+ /* PacketAliasSetMode on first */
+ /* setting the PKT_ALIAS_PUNCH_FW */
+ /* flag. */
+ int fireWallBaseNum; /* The first firewall entry
+ * free for our use */
+ int fireWallNumNums; /* How many entries can we
+ * use? */
+ int fireWallActiveNum; /* Which entry did we last
+ * use? */
+ char *fireWallField; /* bool array for entries */
#endif
- unsigned int skinnyPort; /* TCP port used by the Skinny */
- /* protocol. */
+ unsigned int skinnyPort; /* TCP port used by the Skinny */
+ /* protocol. */
struct proxy_entry *proxyList;
- struct in_addr true_addr; /* in network byte order. */
- u_short true_port; /* in host byte order. */
+ struct in_addr true_addr; /* in network byte order. */
+ u_short true_port; /* in host byte order. */
};
@@ -161,148 +165,159 @@ struct libalias {
/* Prototypes */
/* General utilities */
-u_short IpChecksum(struct ip *_pip);
-u_short TcpChecksum(struct ip *_pip);
-void DifferentialChecksum(u_short *_cksum, u_short *_new, u_short *_old,
- int _n);
+u_short IpChecksum(struct ip *_pip);
+u_short TcpChecksum(struct ip *_pip);
+void
+DifferentialChecksum(u_short * _cksum, u_short * _new, u_short * _old,
+ int _n);
/* Internal data access */
struct alias_link *
- FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _id_alias, int _create);
+FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_short _id_alias, int _create);
struct alias_link *
- FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _id, int _create);
+FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
+ u_short _id, int _create);
struct alias_link *
- FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _ip_id);
+FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_short _ip_id);
struct alias_link *
- FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _ip_id);
+FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_short _ip_id);
struct alias_link *
- AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
+ AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
- FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
+ FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
- FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_char _proto);
+FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_char _proto);
struct alias_link *
- FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_char _proto);
+FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
+ u_char _proto);
struct alias_link *
- FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
+FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
struct alias_link *
- FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _src_port, u_short _dst_port, u_char _proto, int _create);
+FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
+ u_short _src_port, u_short _dst_port, u_char _proto, int _create);
struct alias_link *
- AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- struct in_addr _alias_addr, u_int16_t _src_call_id);
+AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, u_int16_t _src_call_id);
struct alias_link *
- FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
- struct in_addr _dst_addr, u_int16_t _src_call_id);
+FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
+ struct in_addr _dst_addr, u_int16_t _src_call_id);
struct alias_link *
- FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
- struct in_addr _alias_addr, u_int16_t _dst_call_id);
+FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, u_int16_t _dst_call_id);
struct alias_link *
- FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
- struct in_addr _dst_addr, u_int16_t _dst_call_id);
+FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
+ struct in_addr _dst_addr, u_int16_t _dst_call_id);
struct alias_link *
- FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
- struct in_addr _alias_addr, u_int16_t _alias_call_id);
+FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, u_int16_t _alias_call_id);
struct alias_link *
- FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _src_port, u_short _alias_port, u_char _proto);
+FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
+ u_short _src_port, u_short _alias_port, u_char _proto);
struct in_addr
- FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
+ FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
struct in_addr
- FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
+ FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
/* External data access/modification */
-int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _src_port, u_short _dst_port, u_short _port_count,
- u_char _proto, u_char _align);
-void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
-void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr);
-void GetFragmentPtr(struct alias_link *_link, char **_fptr);
-void SetFragmentPtr(struct alias_link *_link, char *fptr);
-void SetStateIn(struct alias_link *_link, int _state);
-void SetStateOut(struct alias_link *_link, int _state);
-int GetStateIn(struct alias_link *_link);
-int GetStateOut(struct alias_link *_link);
+int
+FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_short _src_port, u_short _dst_port, u_short _port_count,
+ u_char _proto, u_char _align);
+void GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
+void SetFragmentAddr(struct alias_link *_link, struct in_addr _src_addr);
+void GetFragmentPtr(struct alias_link *_link, char **_fptr);
+void SetFragmentPtr(struct alias_link *_link, char *fptr);
+void SetStateIn(struct alias_link *_link, int _state);
+void SetStateOut(struct alias_link *_link, int _state);
+int GetStateIn (struct alias_link *_link);
+int GetStateOut(struct alias_link *_link);
struct in_addr
- GetOriginalAddress(struct alias_link *_link);
+ GetOriginalAddress(struct alias_link *_link);
struct in_addr
- GetDestAddress(struct alias_link *_link);
+ GetDestAddress(struct alias_link *_link);
struct in_addr
- GetAliasAddress(struct alias_link *_link);
+ GetAliasAddress(struct alias_link *_link);
struct in_addr
- GetDefaultAliasAddress(struct libalias *la);
-void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
-u_short GetOriginalPort(struct alias_link *_link);
-u_short GetAliasPort(struct alias_link *_link);
+ GetDefaultAliasAddress(struct libalias *la);
+void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
+u_short GetOriginalPort(struct alias_link *_link);
+u_short GetAliasPort(struct alias_link *_link);
struct in_addr
- GetProxyAddress(struct alias_link *_link);
-void SetProxyAddress(struct alias_link *_link, struct in_addr _addr);
-u_short GetProxyPort(struct alias_link *_link);
-void SetProxyPort(struct alias_link *_link, u_short _port);
-void SetAckModified(struct alias_link *_link);
-int GetAckModified(struct alias_link *_link);
-int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
-int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
-void AddSeq(struct ip *_pip, struct alias_link *_link, int _delta);
-void SetExpire(struct alias_link *_link, int _expire);
-void ClearCheckNewLink(struct libalias *la);
-void SetProtocolFlags(struct alias_link *_link, int _pflags);
-int GetProtocolFlags(struct alias_link *_link);
-void SetDestCallId(struct alias_link *_link, u_int16_t _cid);
+ GetProxyAddress(struct alias_link *_link);
+void SetProxyAddress(struct alias_link *_link, struct in_addr _addr);
+u_short GetProxyPort(struct alias_link *_link);
+void SetProxyPort(struct alias_link *_link, u_short _port);
+void SetAckModified(struct alias_link *_link);
+int GetAckModified(struct alias_link *_link);
+int GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
+int GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
+void AddSeq (struct ip *_pip, struct alias_link *_link, int _delta);
+void SetExpire (struct alias_link *_link, int _expire);
+void ClearCheckNewLink(struct libalias *la);
+void SetProtocolFlags(struct alias_link *_link, int _pflags);
+int GetProtocolFlags(struct alias_link *_link);
+void SetDestCallId(struct alias_link *_link, u_int16_t _cid);
+
#ifndef NO_FW_PUNCH
-void PunchFWHole(struct alias_link *_link);
+void PunchFWHole(struct alias_link *_link);
+
#endif
/* Housekeeping function */
-void HouseKeeping(struct libalias *);
+void HouseKeeping(struct libalias *);
/* Tcp specfic routines */
/* lint -save -library Suppress flexelint warnings */
/* FTP routines */
-void AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
- int _maxpacketsize);
+void
+AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
+ int _maxpacketsize);
/* IRC routines */
-void AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
- int _maxsize);
+void
+AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
+ int _maxsize);
/* RTSP routines */
-void AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
- int _maxpacketsize);
+void
+AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
+ int _maxpacketsize);
/* PPTP routines */
-void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
-int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
+void AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
+void AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
+int AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
+int AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
/* NetBIOS routines */
-int AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
- struct in_addr *_alias_address, u_short _alias_port);
-int AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
- struct in_addr *_alias_address, u_short *_alias_port,
- struct in_addr *_original_address, u_short *_original_port);
+int
+AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
+ struct in_addr *_alias_address, u_short _alias_port);
+int
+AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
+ struct in_addr *_alias_address, u_short * _alias_port,
+ struct in_addr *_original_address, u_short * _original_port);
/* CUSeeMe routines */
-void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
+void AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
+void AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
/* Skinny routines */
-void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
+void AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
/* Transparent proxy routines */
-int ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
- u_short *_proxy_server_port);
-void ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
- int _maxpacketsize, int _proxy_type);
+int
+ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
+ u_short * _proxy_server_port);
+void
+ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
+ int _maxpacketsize, int _proxy_type);
enum alias_tcp_state {
ALIAS_TCP_STATE_NOT_CONNECTED,
@@ -312,4 +327,4 @@ enum alias_tcp_state {
/*lint -restore */
-#endif /* !_ALIAS_LOCAL_H_ */
+#endif /* !_ALIAS_LOCAL_H_ */
diff --git a/lib/libalias/alias_nbt.c b/lib/libalias/alias_nbt.c
index 9ff9cf0..fc5fa84 100644
--- a/lib/libalias/alias_nbt.c
+++ b/lib/libalias/alias_nbt.c
@@ -55,22 +55,22 @@ __FBSDID("$FreeBSD$");
#include "alias_local.h"
typedef struct {
- struct in_addr oldaddr;
- u_short oldport;
- struct in_addr newaddr;
- u_short newport;
- u_short *uh_sum;
-} NBTArguments;
+ struct in_addr oldaddr;
+ u_short oldport;
+ struct in_addr newaddr;
+ u_short newport;
+ u_short *uh_sum;
+} NBTArguments;
typedef struct {
- unsigned char type;
- unsigned char flags;
- u_short id;
- struct in_addr source_ip;
- u_short source_port;
- u_short len;
- u_short offset;
-} NbtDataHeader;
+ unsigned char type;
+ unsigned char flags;
+ u_short id;
+ struct in_addr source_ip;
+ u_short source_port;
+ u_short len;
+ u_short offset;
+} NbtDataHeader;
#define OpQuery 0
#define OpUnknown 4
@@ -79,13 +79,13 @@ typedef struct {
#define OpWACK 7
#define OpRefresh 8
typedef struct {
- u_short nametrid;
- u_short dir:1, opcode:4, nmflags:7, rcode:4;
- u_short qdcount;
- u_short ancount;
- u_short nscount;
- u_short arcount;
-} NbtNSHeader;
+ u_short nametrid;
+ u_short dir: 1, opcode:4, nmflags:7, rcode:4;
+ u_short qdcount;
+ u_short ancount;
+ u_short nscount;
+ u_short arcount;
+} NbtNSHeader;
#define FMT_ERR 0x1
#define SRV_ERR 0x2
@@ -96,56 +96,61 @@ typedef struct {
#ifdef DEBUG
-static void PrintRcode( u_char rcode ) {
+static void
+PrintRcode(u_char rcode)
+{
switch (rcode) {
case FMT_ERR:
- printf("\nFormat Error.");
- case SRV_ERR:
- printf("\nSever failure.");
- case IMP_ERR:
- printf("\nUnsupported request error.\n");
- case RFS_ERR:
- printf("\nRefused error.\n");
- case ACT_ERR:
- printf("\nActive error.\n");
- case CFT_ERR:
- printf("\nName in conflict error.\n");
- default:
- printf("\n?%c?=%0x\n", '?', rcode );
+ printf("\nFormat Error.");
+ case SRV_ERR:
+ printf("\nSever failure.");
+ case IMP_ERR:
+ printf("\nUnsupported request error.\n");
+ case RFS_ERR:
+ printf("\nRefused error.\n");
+ case ACT_ERR:
+ printf("\nActive error.\n");
+ case CFT_ERR:
+ printf("\nName in conflict error.\n");
+ default:
+ printf("\n?%c?=%0x\n", '?', rcode);
}
}
+
#endif
/* Handling Name field */
-static u_char *AliasHandleName ( u_char *p, char *pmax ) {
+static u_char *
+AliasHandleName(u_char * p, char *pmax)
+{
u_char *s;
u_char c;
- int compress;
+ int compress;
/* Following length field */
if (p == NULL || (char *)p >= pmax)
- return(NULL);
+ return (NULL);
- if (*p & 0xc0 ) {
+ if (*p & 0xc0) {
p = p + 2;
if ((char *)p > pmax)
- return(NULL);
- return ((u_char *)p);
+ return (NULL);
+ return ((u_char *) p);
}
- while ( ( *p & 0x3f) != 0x00 ) {
+ while ((*p & 0x3f) != 0x00) {
s = p + 1;
- if ( *p == 0x20 )
+ if (*p == 0x20)
compress = 1;
else
compress = 0;
- /* Get next length field */
- p = (u_char *)(p + (*p & 0x3f) + 1);
+ /* Get next length field */
+ p = (u_char *) (p + (*p & 0x3f) + 1);
if ((char *)p > pmax) {
p = NULL;
break;
@@ -154,15 +159,15 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
printf(":");
#endif
while (s < p) {
- if ( compress == 1 ) {
- c = (u_char )(((((*s & 0x0f) << 4) | (*(s+1) & 0x0f)) - 0x11));
+ if (compress == 1) {
+ c = (u_char) (((((*s & 0x0f) << 4) | (*(s + 1) & 0x0f)) - 0x11));
#ifdef DEBUG
- if (isprint( c ) )
- printf("%c", c );
+ if (isprint(c))
+ printf("%c", c);
else
- printf("<0x%02x>", c );
+ printf("<0x%02x>", c);
#endif
- s +=2;
+ s += 2;
} else {
#ifdef DEBUG
printf("%c", *s);
@@ -174,14 +179,14 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
printf(":");
#endif
fflush(stdout);
- }
+ }
/* Set up to out of Name field */
if (p == NULL || (char *)p >= pmax)
- p = NULL;
+ p = NULL;
else
- p++;
- return ((u_char *)p);
+ p++;
+ return ((u_char *) p);
}
/*
@@ -195,58 +200,61 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
#define DGM_POSITIVE_RES 0x15
#define DGM_NEGATIVE_RES 0x16
-int AliasHandleUdpNbt(
- struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *link,
- struct in_addr *alias_address,
- u_short alias_port
-) {
- struct udphdr * uh;
- NbtDataHeader *ndh;
- u_char *p = NULL;
- char *pmax;
-
- /* Calculate data length of UDP packet */
- uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
- pmax = (char *)uh + ntohs( uh->uh_ulen );
-
- ndh = (NbtDataHeader *)((char *)uh + (sizeof (struct udphdr)));
- if ((char *)(ndh + 1) > pmax)
- return(-1);
+int
+AliasHandleUdpNbt(
+ struct libalias *la,
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *link,
+ struct in_addr *alias_address,
+ u_short alias_port
+)
+{
+ struct udphdr *uh;
+ NbtDataHeader *ndh;
+ u_char *p = NULL;
+ char *pmax;
+
+ /* Calculate data length of UDP packet */
+ uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
+ pmax = (char *)uh + ntohs(uh->uh_ulen);
+
+ ndh = (NbtDataHeader *) ((char *)uh + (sizeof(struct udphdr)));
+ if ((char *)(ndh + 1) > pmax)
+ return (-1);
#ifdef DEBUG
- printf("\nType=%02x,", ndh->type );
+ printf("\nType=%02x,", ndh->type);
#endif
- switch ( ndh->type ) {
- case DGM_DIRECT_UNIQ:
- case DGM_DIRECT_GROUP:
- case DGM_BROADCAST:
- p = (u_char *)ndh + 14;
- p = AliasHandleName ( p, pmax ); /* Source Name */
- p = AliasHandleName ( p, pmax ); /* Destination Name */
- break;
- case DGM_ERROR:
- p = (u_char *)ndh + 11;
- break;
- case DGM_QUERY:
- case DGM_POSITIVE_RES:
- case DGM_NEGATIVE_RES:
- p = (u_char *)ndh + 10;
- p = AliasHandleName ( p, pmax ); /* Destination Name */
- break;
+ switch (ndh->type) {
+ case DGM_DIRECT_UNIQ:
+ case DGM_DIRECT_GROUP:
+ case DGM_BROADCAST:
+ p = (u_char *) ndh + 14;
+ p = AliasHandleName(p, pmax); /* Source Name */
+ p = AliasHandleName(p, pmax); /* Destination Name */
+ break;
+ case DGM_ERROR:
+ p = (u_char *) ndh + 11;
+ break;
+ case DGM_QUERY:
+ case DGM_POSITIVE_RES:
+ case DGM_NEGATIVE_RES:
+ p = (u_char *) ndh + 10;
+ p = AliasHandleName(p, pmax); /* Destination Name */
+ break;
}
- if (p == NULL || (char *)p > pmax)
- p = NULL;
+ if (p == NULL || (char *)p > pmax)
+ p = NULL;
#ifdef DEBUG
- printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) );
+ printf("%s:%d-->", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port));
#endif
/* Doing an IP address and Port number Translation */
- if ( uh->uh_sum != 0 ) {
- int acc;
- u_short *sptr;
- acc = ndh->source_port;
+ if (uh->uh_sum != 0) {
+ int acc;
+ u_short *sptr;
+
+ acc = ndh->source_port;
acc -= alias_port;
- sptr = (u_short *) &(ndh->source_ip);
+ sptr = (u_short *) & (ndh->source_ip);
acc += *sptr++;
acc += *sptr;
sptr = (u_short *) alias_address;
@@ -254,49 +262,49 @@ int AliasHandleUdpNbt(
acc -= *sptr;
ADJUST_CHECKSUM(acc, uh->uh_sum);
}
- ndh->source_ip = *alias_address;
- ndh->source_port = alias_port;
+ ndh->source_ip = *alias_address;
+ ndh->source_port = alias_port;
#ifdef DEBUG
- printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port) );
+ printf("%s:%d\n", inet_ntoa(ndh->source_ip), ntohs(ndh->source_port));
fflush(stdout);
#endif
- return((p == NULL) ? -1 : 0);
+ return ((p == NULL) ? -1 : 0);
}
+
/* Question Section */
#define QS_TYPE_NB 0x0020
#define QS_TYPE_NBSTAT 0x0021
#define QS_CLAS_IN 0x0001
typedef struct {
- u_short type; /* The type of Request */
- u_short class; /* The class of Request */
-} NBTNsQuestion;
+ u_short type; /* The type of Request */
+ u_short class; /* The class of Request */
+} NBTNsQuestion;
-static u_char *
+static u_char *
AliasHandleQuestion(
u_short count,
- NBTNsQuestion *q,
+ NBTNsQuestion * q,
char *pmax,
- NBTArguments *nbtarg)
+ NBTArguments * nbtarg)
{
- while ( count != 0 ) {
+ while (count != 0) {
/* Name Filed */
- q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax);
+ q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax);
if (q == NULL || (char *)(q + 1) > pmax) {
q = NULL;
break;
}
-
/* Type and Class filed */
- switch ( ntohs(q->type) ) {
- case QS_TYPE_NB:
- case QS_TYPE_NBSTAT:
- q= q+1;
+ switch (ntohs(q->type)) {
+ case QS_TYPE_NB:
+ case QS_TYPE_NBSTAT:
+ q = q + 1;
break;
- default:
+ default:
#ifdef DEBUG
- printf("\nUnknown Type on Question %0x\n", ntohs(q->type) );
+ printf("\nUnknown Type on Question %0x\n", ntohs(q->type));
#endif
break;
}
@@ -304,7 +312,7 @@ AliasHandleQuestion(
}
/* Set up to out of Question Section */
- return ((u_char *)q);
+ return ((u_char *) q);
}
/* Resource Record */
@@ -316,101 +324,99 @@ AliasHandleQuestion(
#define RR_CLAS_IN 0x0001
#define SizeOfNsResource 8
typedef struct {
- u_short type;
- u_short class;
- unsigned int ttl;
- u_short rdlen;
-} NBTNsResource;
+ u_short type;
+ u_short class;
+ unsigned int ttl;
+ u_short rdlen;
+} NBTNsResource;
#define SizeOfNsRNB 6
typedef struct {
- u_short g:1, ont:2, resv:13;
- struct in_addr addr;
-} NBTNsRNB;
+ u_short g: 1 , ont:2, resv:13;
+ struct in_addr addr;
+} NBTNsRNB;
-static u_char *
+static u_char *
AliasHandleResourceNB(
- NBTNsResource *q,
+ NBTNsResource * q,
char *pmax,
- NBTArguments *nbtarg)
+ NBTArguments * nbtarg)
{
- NBTNsRNB *nb;
+ NBTNsRNB *nb;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
- return(NULL);
+ return (NULL);
/* Check out a length */
bcount = ntohs(q->rdlen);
/* Forward to Resource NB position */
- nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource);
+ nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource);
/* Processing all in_addr array */
#ifdef DEBUG
printf("NB rec[%s", inet_ntoa(nbtarg->oldaddr));
- printf("->%s, %dbytes] ",inet_ntoa(nbtarg->newaddr ), bcount);
+ printf("->%s, %dbytes] ", inet_ntoa(nbtarg->newaddr), bcount);
#endif
- while ( nb != NULL && bcount != 0 ) {
+ while (nb != NULL && bcount != 0) {
if ((char *)(nb + 1) > pmax) {
nb = NULL;
break;
}
#ifdef DEBUG
- printf("<%s>", inet_ntoa(nb->addr) );
+ printf("<%s>", inet_ntoa(nb->addr));
#endif
- if (!bcmp(&nbtarg->oldaddr,&nb->addr, sizeof(struct in_addr) ) ) {
- if ( *nbtarg->uh_sum != 0 ) {
- int acc;
- u_short *sptr;
-
- sptr = (u_short *) &(nb->addr);
- acc = *sptr++;
- acc += *sptr;
- sptr = (u_short *) &(nbtarg->newaddr);
- acc -= *sptr++;
- acc -= *sptr;
- ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
+ if (!bcmp(&nbtarg->oldaddr, &nb->addr, sizeof(struct in_addr))) {
+ if (*nbtarg->uh_sum != 0) {
+ int acc;
+ u_short *sptr;
+
+ sptr = (u_short *) & (nb->addr);
+ acc = *sptr++;
+ acc += *sptr;
+ sptr = (u_short *) & (nbtarg->newaddr);
+ acc -= *sptr++;
+ acc -= *sptr;
+ ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
}
-
nb->addr = nbtarg->newaddr;
#ifdef DEBUG
printf("O");
#endif
}
#ifdef DEBUG
- else {
+ else {
printf(".");
}
#endif
- nb=(NBTNsRNB *)((u_char *)nb + SizeOfNsRNB);
- bcount -= SizeOfNsRNB;
+ nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB);
+ bcount -= SizeOfNsRNB;
}
if (nb == NULL || (char *)(nb + 1) > pmax) {
nb = NULL;
}
-
- return ((u_char *)nb);
+ return ((u_char *) nb);
}
#define SizeOfResourceA 6
typedef struct {
- struct in_addr addr;
-} NBTNsResourceA;
+ struct in_addr addr;
+} NBTNsResourceA;
-static u_char *
+static u_char *
AliasHandleResourceA(
- NBTNsResource *q,
+ NBTNsResource * q,
char *pmax,
- NBTArguments *nbtarg)
+ NBTArguments * nbtarg)
{
- NBTNsResourceA *a;
+ NBTNsResourceA *a;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
- return(NULL);
+ return (NULL);
/* Forward to Resource A position */
- a = (NBTNsResourceA *)( (u_char *)q + sizeof(NBTNsResource) );
+ a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
@@ -418,62 +424,61 @@ AliasHandleResourceA(
/* Processing all in_addr array */
#ifdef DEBUG
printf("Arec [%s", inet_ntoa(nbtarg->oldaddr));
- printf("->%s]",inet_ntoa(nbtarg->newaddr ));
+ printf("->%s]", inet_ntoa(nbtarg->newaddr));
#endif
- while ( bcount != 0 ) {
+ while (bcount != 0) {
if (a == NULL || (char *)(a + 1) > pmax)
- return(NULL);
+ return (NULL);
#ifdef DEBUG
- printf("..%s", inet_ntoa(a->addr) );
+ printf("..%s", inet_ntoa(a->addr));
#endif
- if ( !bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr) ) ) {
- if ( *nbtarg->uh_sum != 0 ) {
- int acc;
- u_short *sptr;
-
- sptr = (u_short *) &(a->addr); /* Old */
- acc = *sptr++;
- acc += *sptr;
- sptr = (u_short *) &nbtarg->newaddr; /* New */
- acc -= *sptr++;
- acc -= *sptr;
- ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
+ if (!bcmp(&nbtarg->oldaddr, &a->addr, sizeof(struct in_addr))) {
+ if (*nbtarg->uh_sum != 0) {
+ int acc;
+ u_short *sptr;
+
+ sptr = (u_short *) & (a->addr); /* Old */
+ acc = *sptr++;
+ acc += *sptr;
+ sptr = (u_short *) & nbtarg->newaddr; /* New */
+ acc -= *sptr++;
+ acc -= *sptr;
+ ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
}
-
a->addr = nbtarg->newaddr;
}
- a++; /*XXXX*/
+ a++; /* XXXX */
bcount -= SizeOfResourceA;
}
if (a == NULL || (char *)(a + 1) > pmax)
- a = NULL;
- return ((u_char *)a);
+ a = NULL;
+ return ((u_char *) a);
}
typedef struct {
- u_short opcode:4, flags:8, resv:4;
-} NBTNsResourceNULL;
+ u_short opcode:4, flags:8, resv:4;
+} NBTNsResourceNULL;
-static u_char *
+static u_char *
AliasHandleResourceNULL(
- NBTNsResource *q,
+ NBTNsResource * q,
char *pmax,
- NBTArguments *nbtarg)
+ NBTArguments * nbtarg)
{
- NBTNsResourceNULL *n;
+ NBTNsResourceNULL *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
- return(NULL);
+ return (NULL);
/* Forward to Resource NULL position */
- n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) );
+ n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Processing all in_addr array */
- while ( bcount != 0 ) {
+ while (bcount != 0) {
if ((char *)(n + 1) > pmax) {
n = NULL;
break;
@@ -484,223 +489,220 @@ AliasHandleResourceNULL(
if ((char *)(n + 1) > pmax)
n = NULL;
- return ((u_char *)n);
+ return ((u_char *) n);
}
-static u_char *
+static u_char *
AliasHandleResourceNS(
- NBTNsResource *q,
+ NBTNsResource * q,
char *pmax,
- NBTArguments *nbtarg)
+ NBTArguments * nbtarg)
{
- NBTNsResourceNULL *n;
+ NBTNsResourceNULL *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
- return(NULL);
+ return (NULL);
/* Forward to Resource NULL position */
- n = (NBTNsResourceNULL *)( (u_char *)q + sizeof(NBTNsResource) );
+ n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Resource Record Name Filed */
- q = (NBTNsResource *)AliasHandleName( (u_char *)n, pmax ); /* XXX */
+ q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */
- if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
- return(NULL);
+ if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
+ return (NULL);
else
- return ((u_char *)n + bcount);
+ return ((u_char *) n + bcount);
}
typedef struct {
- u_short numnames;
-} NBTNsResourceNBSTAT;
+ u_short numnames;
+} NBTNsResourceNBSTAT;
-static u_char *
+static u_char *
AliasHandleResourceNBSTAT(
- NBTNsResource *q,
+ NBTNsResource * q,
char *pmax,
- NBTArguments *nbtarg)
+ NBTArguments * nbtarg)
{
- NBTNsResourceNBSTAT *n;
+ NBTNsResourceNBSTAT *n;
u_short bcount;
if (q == NULL || (char *)(q + 1) > pmax)
- return(NULL);
+ return (NULL);
/* Forward to Resource NBSTAT position */
- n = (NBTNsResourceNBSTAT *)( (u_char *)q + sizeof(NBTNsResource) );
+ n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
- if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
- return(NULL);
+ if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
+ return (NULL);
else
- return ((u_char *)n + bcount);
+ return ((u_char *) n + bcount);
}
-static u_char *
+static u_char *
AliasHandleResource(
u_short count,
- NBTNsResource *q,
+ NBTNsResource * q,
char *pmax,
NBTArguments
- *nbtarg)
+ * nbtarg)
{
- while ( count != 0 ) {
+ while (count != 0) {
/* Resource Record Name Filed */
- q = (NBTNsResource *)AliasHandleName( (u_char *)q, pmax );
+ q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax);
if (q == NULL || (char *)(q + 1) > pmax)
break;
#ifdef DEBUG
- printf("type=%02x, count=%d\n", ntohs(q->type), count );
+ printf("type=%02x, count=%d\n", ntohs(q->type), count);
#endif
/* Type and Class filed */
- switch ( ntohs(q->type) ) {
- case RR_TYPE_NB:
- q = (NBTNsResource *)AliasHandleResourceNB(
- q,
- pmax,
- nbtarg
- );
- break;
- case RR_TYPE_A:
- q = (NBTNsResource *)AliasHandleResourceA(
- q,
- pmax,
- nbtarg
- );
- break;
- case RR_TYPE_NS:
- q = (NBTNsResource *)AliasHandleResourceNS(
- q,
- pmax,
- nbtarg
- );
- break;
- case RR_TYPE_NULL:
- q = (NBTNsResource *)AliasHandleResourceNULL(
- q,
- pmax,
- nbtarg
- );
- break;
- case RR_TYPE_NBSTAT:
- q = (NBTNsResource *)AliasHandleResourceNBSTAT(
- q,
- pmax,
- nbtarg
- );
- break;
- default:
+ switch (ntohs(q->type)) {
+ case RR_TYPE_NB:
+ q = (NBTNsResource *) AliasHandleResourceNB(
+ q,
+ pmax,
+ nbtarg
+ );
+ break;
+ case RR_TYPE_A:
+ q = (NBTNsResource *) AliasHandleResourceA(
+ q,
+ pmax,
+ nbtarg
+ );
+ break;
+ case RR_TYPE_NS:
+ q = (NBTNsResource *) AliasHandleResourceNS(
+ q,
+ pmax,
+ nbtarg
+ );
+ break;
+ case RR_TYPE_NULL:
+ q = (NBTNsResource *) AliasHandleResourceNULL(
+ q,
+ pmax,
+ nbtarg
+ );
+ break;
+ case RR_TYPE_NBSTAT:
+ q = (NBTNsResource *) AliasHandleResourceNBSTAT(
+ q,
+ pmax,
+ nbtarg
+ );
+ break;
+ default:
#ifdef DEBUG
- printf(
- "\nUnknown Type of Resource %0x\n",
- ntohs(q->type)
- );
+ printf(
+ "\nUnknown Type of Resource %0x\n",
+ ntohs(q->type)
+ );
#endif
- break;
+ break;
}
count--;
}
fflush(stdout);
- return ((u_char *)q);
+ return ((u_char *) q);
}
-int AliasHandleUdpNbtNS(
- struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *link,
- struct in_addr *alias_address,
- u_short *alias_port,
- struct in_addr *original_address,
- u_short *original_port )
+int
+AliasHandleUdpNbtNS(
+ struct libalias *la,
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *link,
+ struct in_addr *alias_address,
+ u_short * alias_port,
+ struct in_addr *original_address,
+ u_short * original_port)
{
- struct udphdr * uh;
- NbtNSHeader * nsh;
- u_char * p;
- char *pmax;
- NBTArguments nbtarg;
+ struct udphdr *uh;
+ NbtNSHeader *nsh;
+ u_char *p;
+ char *pmax;
+ NBTArguments nbtarg;
/* Set up Common Parameter */
- nbtarg.oldaddr = *alias_address;
- nbtarg.oldport = *alias_port;
- nbtarg.newaddr = *original_address;
- nbtarg.newport = *original_port;
+ nbtarg.oldaddr = *alias_address;
+ nbtarg.oldport = *alias_port;
+ nbtarg.newaddr = *original_address;
+ nbtarg.newport = *original_port;
- /* Calculate data length of UDP packet */
- uh = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
- nbtarg.uh_sum = &(uh->uh_sum);
- nsh = (NbtNSHeader *)((char *)uh + (sizeof(struct udphdr)));
- p = (u_char *)(nsh + 1);
- pmax = (char *)uh + ntohs( uh->uh_ulen );
+ /* Calculate data length of UDP packet */
+ uh = (struct udphdr *)((char *)pip + (pip->ip_hl << 2));
+ nbtarg.uh_sum = &(uh->uh_sum);
+ nsh = (NbtNSHeader *) ((char *)uh + (sizeof(struct udphdr)));
+ p = (u_char *) (nsh + 1);
+ pmax = (char *)uh + ntohs(uh->uh_ulen);
- if ((char *)(nsh + 1) > pmax)
- return(-1);
+ if ((char *)(nsh + 1) > pmax)
+ return (-1);
#ifdef DEBUG
- printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x"
- ", an=%04x, ns=%04x, ar=%04x, [%d]-->",
- nsh->dir ? "Response": "Request",
- nsh->nametrid,
- nsh->opcode,
- nsh->nmflags,
- nsh->rcode,
- ntohs(nsh->qdcount),
- ntohs(nsh->ancount),
- ntohs(nsh->nscount),
- ntohs(nsh->arcount),
- (u_char *)p -(u_char *)nsh
- );
+ printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x"
+ ", an=%04x, ns=%04x, ar=%04x, [%d]-->",
+ nsh->dir ? "Response" : "Request",
+ nsh->nametrid,
+ nsh->opcode,
+ nsh->nmflags,
+ nsh->rcode,
+ ntohs(nsh->qdcount),
+ ntohs(nsh->ancount),
+ ntohs(nsh->nscount),
+ ntohs(nsh->arcount),
+ (u_char *) p - (u_char *) nsh
+ );
#endif
/* Question Entries */
- if (ntohs(nsh->qdcount) !=0 ) {
- p = AliasHandleQuestion(
- ntohs(nsh->qdcount),
- (NBTNsQuestion *)p,
- pmax,
- &nbtarg
- );
+ if (ntohs(nsh->qdcount) != 0) {
+ p = AliasHandleQuestion(
+ ntohs(nsh->qdcount),
+ (NBTNsQuestion *) p,
+ pmax,
+ &nbtarg
+ );
}
-
/* Answer Resource Records */
- if (ntohs(nsh->ancount) !=0 ) {
- p = AliasHandleResource(
- ntohs(nsh->ancount),
- (NBTNsResource *)p,
- pmax,
- &nbtarg
- );
+ if (ntohs(nsh->ancount) != 0) {
+ p = AliasHandleResource(
+ ntohs(nsh->ancount),
+ (NBTNsResource *) p,
+ pmax,
+ &nbtarg
+ );
}
-
/* Authority Resource Recodrs */
- if (ntohs(nsh->nscount) !=0 ) {
- p = AliasHandleResource(
- ntohs(nsh->nscount),
- (NBTNsResource *)p,
- pmax,
- &nbtarg
- );
+ if (ntohs(nsh->nscount) != 0) {
+ p = AliasHandleResource(
+ ntohs(nsh->nscount),
+ (NBTNsResource *) p,
+ pmax,
+ &nbtarg
+ );
}
-
/* Additional Resource Recodrs */
- if (ntohs(nsh->arcount) !=0 ) {
- p = AliasHandleResource(
- ntohs(nsh->arcount),
- (NBTNsResource *)p,
- pmax,
- &nbtarg
- );
+ if (ntohs(nsh->arcount) != 0) {
+ p = AliasHandleResource(
+ ntohs(nsh->arcount),
+ (NBTNsResource *) p,
+ pmax,
+ &nbtarg
+ );
}
-
#ifdef DEBUG
- PrintRcode(nsh->rcode);
+ PrintRcode(nsh->rcode);
#endif
- return ((p == NULL) ? -1 : 0);
+ return ((p == NULL) ? -1 : 0);
}
diff --git a/lib/libalias/alias_old.c b/lib/libalias/alias_old.c
index 51e6f32..5e9be07 100644
--- a/lib/libalias/alias_old.c
+++ b/lib/libalias/alias_old.c
@@ -113,7 +113,7 @@ PacketAliasAddServer(struct alias_link *_link,
struct alias_link *
PacketAliasRedirectAddr(struct in_addr _src_addr,
- struct in_addr _alias_addr)
+ struct in_addr _alias_addr)
{
return LibAliasRedirectAddr(la, _src_addr, _alias_addr);
@@ -152,7 +152,7 @@ PacketAliasRedirectProto(struct in_addr _src_addr,
{
return LibAliasRedirectProto(la, _src_addr, _dst_addr, _alias_addr,
- _proto);
+ _proto);
}
void
@@ -162,7 +162,7 @@ PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment)
LibAliasFragmentIn(la, _ptr, _ptr_fragment);
}
-char *
+char *
PacketAliasGetFragment(char *_ptr)
{
diff --git a/lib/libalias/alias_pptp.c b/lib/libalias/alias_pptp.c
index 946ae2f..5df60cb 100644
--- a/lib/libalias/alias_pptp.c
+++ b/lib/libalias/alias_pptp.c
@@ -80,16 +80,16 @@ __FBSDID("$FreeBSD$");
* PPTP definitions
*/
-struct grehdr /* Enhanced GRE header. */
-{
- u_int16_t gh_flags; /* Flags. */
- u_int16_t gh_protocol; /* Protocol type. */
- u_int16_t gh_length; /* Payload length. */
- u_int16_t gh_call_id; /* Call ID. */
- u_int32_t gh_seq_no; /* Sequence number (optional). */
- u_int32_t gh_ack_no; /* Acknowledgment number (optional). */
+struct grehdr { /* Enhanced GRE header. */
+ u_int16_t gh_flags; /* Flags. */
+ u_int16_t gh_protocol; /* Protocol type. */
+ u_int16_t gh_length; /* Payload length. */
+ u_int16_t gh_call_id; /* Call ID. */
+ u_int32_t gh_seq_no; /* Sequence number (optional). */
+ u_int32_t gh_ack_no; /* Acknowledgment number
+ * (optional). */
};
-typedef struct grehdr GreHdr;
+typedef struct grehdr GreHdr;
/* The PPTP protocol ID used in the GRE 'proto' field. */
#define PPTP_GRE_PROTO 0x880b
@@ -102,270 +102,276 @@ typedef struct grehdr GreHdr;
#define PPTP_CTRL_MSG_TYPE 1
enum {
- PPTP_StartCtrlConnRequest = 1,
- PPTP_StartCtrlConnReply = 2,
- PPTP_StopCtrlConnRequest = 3,
- PPTP_StopCtrlConnReply = 4,
- PPTP_EchoRequest = 5,
- PPTP_EchoReply = 6,
- PPTP_OutCallRequest = 7,
- PPTP_OutCallReply = 8,
- PPTP_InCallRequest = 9,
- PPTP_InCallReply = 10,
- PPTP_InCallConn = 11,
- PPTP_CallClearRequest = 12,
- PPTP_CallDiscNotify = 13,
- PPTP_WanErrorNotify = 14,
- PPTP_SetLinkInfo = 15
+ PPTP_StartCtrlConnRequest = 1,
+ PPTP_StartCtrlConnReply = 2,
+ PPTP_StopCtrlConnRequest = 3,
+ PPTP_StopCtrlConnReply = 4,
+ PPTP_EchoRequest = 5,
+ PPTP_EchoReply = 6,
+ PPTP_OutCallRequest = 7,
+ PPTP_OutCallReply = 8,
+ PPTP_InCallRequest = 9,
+ PPTP_InCallReply = 10,
+ PPTP_InCallConn = 11,
+ PPTP_CallClearRequest = 12,
+ PPTP_CallDiscNotify = 13,
+ PPTP_WanErrorNotify = 14,
+ PPTP_SetLinkInfo = 15
+};
+
+ /* Message structures */
+struct pptpMsgHead {
+ u_int16_t length; /* total length */
+ u_int16_t msgType;/* PPTP message type */
+ u_int32_t magic; /* magic cookie */
+ u_int16_t type; /* control message type */
+ u_int16_t resv0; /* reserved */
};
+typedef struct pptpMsgHead *PptpMsgHead;
- /* Message structures */
- struct pptpMsgHead {
- u_int16_t length; /* total length */
- u_int16_t msgType; /* PPTP message type */
- u_int32_t magic; /* magic cookie */
- u_int16_t type; /* control message type */
- u_int16_t resv0; /* reserved */
- };
- typedef struct pptpMsgHead *PptpMsgHead;
-
- struct pptpCodes {
- u_int8_t resCode; /* Result Code */
- u_int8_t errCode; /* Error Code */
- };
- typedef struct pptpCodes *PptpCode;
-
- struct pptpCallIds {
- u_int16_t cid1; /* Call ID field #1 */
- u_int16_t cid2; /* Call ID field #2 */
- };
- typedef struct pptpCallIds *PptpCallId;
+struct pptpCodes {
+ u_int8_t resCode;/* Result Code */
+ u_int8_t errCode;/* Error Code */
+};
+typedef struct pptpCodes *PptpCode;
+
+struct pptpCallIds {
+ u_int16_t cid1; /* Call ID field #1 */
+ u_int16_t cid2; /* Call ID field #2 */
+};
+typedef struct pptpCallIds *PptpCallId;
static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
void
AliasHandlePptpOut(struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *link) /* The PPTP control link */
-{
- struct alias_link *pptp_link;
- PptpCallId cptr;
- PptpCode codes;
- u_int16_t ctl_type; /* control message type */
- struct tcphdr *tc;
-
- /* Verify valid PPTP control message */
- if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
- return;
-
- /* Modify certain PPTP messages */
- switch (ctl_type) {
- case PPTP_OutCallRequest:
- case PPTP_OutCallReply:
- case PPTP_InCallRequest:
- case PPTP_InCallReply:
- /* Establish PPTP link for address and Call ID found in control message. */
- pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
- GetAliasAddress(link), cptr->cid1);
- break;
- case PPTP_CallClearRequest:
- case PPTP_CallDiscNotify:
- /* Find PPTP link for address and Call ID found in control message. */
- pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
- GetDestAddress(link),
- cptr->cid1);
- break;
- default:
- return;
- }
-
- if (pptp_link != NULL) {
- int accumulate = cptr->cid1;
-
- /* alias the Call Id */
- cptr->cid1 = GetAliasPort(pptp_link);
-
- /* Compute TCP checksum for revised packet */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- accumulate -= cptr->cid1;
- ADJUST_CHECKSUM(accumulate, tc->th_sum);
-
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *link)
+{ /* The PPTP control link */
+ struct alias_link *pptp_link;
+ PptpCallId cptr;
+ PptpCode codes;
+ u_int16_t ctl_type; /* control message type */
+ struct tcphdr *tc;
+
+ /* Verify valid PPTP control message */
+ if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
+ return;
+
+ /* Modify certain PPTP messages */
switch (ctl_type) {
+ case PPTP_OutCallRequest:
case PPTP_OutCallReply:
+ case PPTP_InCallRequest:
case PPTP_InCallReply:
- codes = (PptpCode)(cptr + 1);
- if (codes->resCode == 1) /* Connection established, */
- SetDestCallId(pptp_link, /* note the Peer's Call ID. */
- cptr->cid2);
- else
- SetExpire(pptp_link, 0); /* Connection refused. */
- break;
- case PPTP_CallDiscNotify: /* Connection closed. */
- SetExpire(pptp_link, 0);
- break;
+ /*
+ * Establish PPTP link for address and Call ID found in
+ * control message.
+ */
+ pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
+ GetAliasAddress(link), cptr->cid1);
+ break;
+ case PPTP_CallClearRequest:
+ case PPTP_CallDiscNotify:
+ /*
+ * Find PPTP link for address and Call ID found in control
+ * message.
+ */
+ pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
+ GetDestAddress(link),
+ cptr->cid1);
+ break;
+ default:
+ return;
+ }
+
+ if (pptp_link != NULL) {
+ int accumulate = cptr->cid1;
+
+ /* alias the Call Id */
+ cptr->cid1 = GetAliasPort(pptp_link);
+
+ /* Compute TCP checksum for revised packet */
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ accumulate -= cptr->cid1;
+ ADJUST_CHECKSUM(accumulate, tc->th_sum);
+
+ switch (ctl_type) {
+ case PPTP_OutCallReply:
+ case PPTP_InCallReply:
+ codes = (PptpCode) (cptr + 1);
+ if (codes->resCode == 1) /* Connection
+ * established, */
+ SetDestCallId(pptp_link, /* note the Peer's Call
+ * ID. */
+ cptr->cid2);
+ else
+ SetExpire(pptp_link, 0); /* Connection refused. */
+ break;
+ case PPTP_CallDiscNotify: /* Connection closed. */
+ SetExpire(pptp_link, 0);
+ break;
+ }
}
- }
}
void
-AliasHandlePptpIn(struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *link) /* The PPTP control link */
-{
- struct alias_link *pptp_link;
- PptpCallId cptr;
- u_int16_t *pcall_id;
- u_int16_t ctl_type; /* control message type */
- struct tcphdr *tc;
-
- /* Verify valid PPTP control message */
- if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
- return;
-
- /* Modify certain PPTP messages */
- switch (ctl_type)
- {
- case PPTP_InCallConn:
- case PPTP_WanErrorNotify:
- case PPTP_SetLinkInfo:
- pcall_id = &cptr->cid1;
- break;
- case PPTP_OutCallReply:
- case PPTP_InCallReply:
- pcall_id = &cptr->cid2;
- break;
- case PPTP_CallDiscNotify: /* Connection closed. */
- pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
- GetAliasAddress(link),
- cptr->cid1);
- if (pptp_link != NULL)
- SetExpire(pptp_link, 0);
- return;
- default:
- return;
- }
-
- /* Find PPTP link for address and Call ID found in PPTP Control Msg */
- pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
- GetAliasAddress(link),
- *pcall_id);
-
- if (pptp_link != NULL) {
- int accumulate = *pcall_id;
-
- /* De-alias the Peer's Call Id. */
- *pcall_id = GetOriginalPort(pptp_link);
-
- /* Compute TCP checksum for modified packet */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- accumulate -= *pcall_id;
- ADJUST_CHECKSUM(accumulate, tc->th_sum);
-
- if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
- PptpCode codes = (PptpCode)(cptr + 1);
-
- if (codes->resCode == 1) /* Connection established, */
- SetDestCallId(pptp_link, /* note the Call ID. */
- cptr->cid1);
- else
- SetExpire(pptp_link, 0); /* Connection refused. */
- }
- }
+AliasHandlePptpIn(struct libalias *la,
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *link)
+{ /* The PPTP control link */
+ struct alias_link *pptp_link;
+ PptpCallId cptr;
+ u_int16_t *pcall_id;
+ u_int16_t ctl_type; /* control message type */
+ struct tcphdr *tc;
+
+ /* Verify valid PPTP control message */
+ if ((cptr = AliasVerifyPptp(pip, &ctl_type)) == NULL)
+ return;
+
+ /* Modify certain PPTP messages */
+ switch (ctl_type) {
+ case PPTP_InCallConn:
+ case PPTP_WanErrorNotify:
+ case PPTP_SetLinkInfo:
+ pcall_id = &cptr->cid1;
+ break;
+ case PPTP_OutCallReply:
+ case PPTP_InCallReply:
+ pcall_id = &cptr->cid2;
+ break;
+ case PPTP_CallDiscNotify: /* Connection closed. */
+ pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
+ GetAliasAddress(link),
+ cptr->cid1);
+ if (pptp_link != NULL)
+ SetExpire(pptp_link, 0);
+ return;
+ default:
+ return;
+ }
+
+ /* Find PPTP link for address and Call ID found in PPTP Control Msg */
+ pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
+ GetAliasAddress(link),
+ *pcall_id);
+
+ if (pptp_link != NULL) {
+ int accumulate = *pcall_id;
+
+ /* De-alias the Peer's Call Id. */
+ *pcall_id = GetOriginalPort(pptp_link);
+
+ /* Compute TCP checksum for modified packet */
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ accumulate -= *pcall_id;
+ ADJUST_CHECKSUM(accumulate, tc->th_sum);
+
+ if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
+ PptpCode codes = (PptpCode) (cptr + 1);
+
+ if (codes->resCode == 1) /* Connection
+ * established, */
+ SetDestCallId(pptp_link, /* note the Call ID. */
+ cptr->cid1);
+ else
+ SetExpire(pptp_link, 0); /* Connection refused. */
+ }
+ }
}
-static PptpCallId
-AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch */
-{
- int hlen, tlen, dlen;
- PptpMsgHead hptr;
- struct tcphdr *tc;
-
- /* Calculate some lengths */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
-
- /* Verify data length */
- if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
- return(NULL);
-
- /* Move up to PPTP message header */
- hptr = (PptpMsgHead)(((char *) pip) + hlen);
-
- /* Return the control message type */
- *ptype = ntohs(hptr->type);
-
- /* Verify PPTP Control Message */
- if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) ||
- (ntohl(hptr->magic) != PPTP_MAGIC))
- return(NULL);
-
- /* Verify data length. */
- if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
- (dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
- sizeof(struct pptpCodes)))
- return (NULL);
- else
- return (PptpCallId)(hptr + 1);
+static PptpCallId
+AliasVerifyPptp(struct ip *pip, u_int16_t * ptype)
+{ /* IP packet to examine/patch */
+ int hlen, tlen, dlen;
+ PptpMsgHead hptr;
+ struct tcphdr *tc;
+
+ /* Calculate some lengths */
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
+
+ /* Verify data length */
+ if (dlen < (sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
+ return (NULL);
+
+ /* Move up to PPTP message header */
+ hptr = (PptpMsgHead) (((char *)pip) + hlen);
+
+ /* Return the control message type */
+ *ptype = ntohs(hptr->type);
+
+ /* Verify PPTP Control Message */
+ if ((ntohs(hptr->msgType) != PPTP_CTRL_MSG_TYPE) ||
+ (ntohl(hptr->magic) != PPTP_MAGIC))
+ return (NULL);
+
+ /* Verify data length. */
+ if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
+ (dlen < sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
+ sizeof(struct pptpCodes)))
+ return (NULL);
+ else
+ return (PptpCallId) (hptr + 1);
}
int
AliasHandlePptpGreOut(struct libalias *la, struct ip *pip)
{
- GreHdr *gr;
- struct alias_link *link;
-
- gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
+ GreHdr *gr;
+ struct alias_link *link;
- /* Check GRE header bits. */
- if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
- return (-1);
+ gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2));
- link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
- if (link != NULL) {
- struct in_addr alias_addr = GetAliasAddress(link);
+ /* Check GRE header bits. */
+ if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
+ return (-1);
- /* Change source IP address. */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *)&alias_addr,
- (u_short *)&pip->ip_src,
- 2);
- pip->ip_src = alias_addr;
- }
+ link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
+ if (link != NULL) {
+ struct in_addr alias_addr = GetAliasAddress(link);
- return (0);
+ /* Change source IP address. */
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & alias_addr,
+ (u_short *) & pip->ip_src,
+ 2);
+ pip->ip_src = alias_addr;
+ }
+ return (0);
}
int
AliasHandlePptpGreIn(struct libalias *la, struct ip *pip)
{
- GreHdr *gr;
- struct alias_link *link;
-
- gr = (GreHdr *)((char *)pip + (pip->ip_hl << 2));
+ GreHdr *gr;
+ struct alias_link *link;
- /* Check GRE header bits. */
- if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
- return (-1);
+ gr = (GreHdr *) ((char *)pip + (pip->ip_hl << 2));
- link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
- if (link != NULL) {
- struct in_addr src_addr = GetOriginalAddress(link);
+ /* Check GRE header bits. */
+ if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
+ return (-1);
- /* De-alias the Peer's Call Id. */
- gr->gh_call_id = GetOriginalPort(link);
+ link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
+ if (link != NULL) {
+ struct in_addr src_addr = GetOriginalAddress(link);
- /* Restore original IP address. */
- DifferentialChecksum(&pip->ip_sum,
- (u_short *)&src_addr,
- (u_short *)&pip->ip_dst,
- 2);
- pip->ip_dst = src_addr;
- }
+ /* De-alias the Peer's Call Id. */
+ gr->gh_call_id = GetOriginalPort(link);
- return (0);
+ /* Restore original IP address. */
+ DifferentialChecksum(&pip->ip_sum,
+ (u_short *) & src_addr,
+ (u_short *) & pip->ip_dst,
+ 2);
+ pip->ip_dst = src_addr;
+ }
+ return (0);
}
diff --git a/lib/libalias/alias_proxy.c b/lib/libalias/alias_proxy.c
index 8eb728a..cdbe32d 100644
--- a/lib/libalias/alias_proxy.c
+++ b/lib/libalias/alias_proxy.c
@@ -71,8 +71,8 @@ __FBSDID("$FreeBSD$");
#include <arpa/inet.h>
-#include "alias_local.h" /* Functions used by alias*.c */
-#include "alias.h" /* Public API functions for libalias */
+#include "alias_local.h" /* Functions used by alias*.c */
+#include "alias.h" /* Public API functions for libalias */
@@ -84,28 +84,27 @@ __FBSDID("$FreeBSD$");
* A linked list of arbitrary length, based on struct proxy_entry is
* used to store proxy rules.
*/
-struct proxy_entry
-{
- struct libalias *la;
+struct proxy_entry {
+ struct libalias *la;
#define PROXY_TYPE_ENCODE_NONE 1
#define PROXY_TYPE_ENCODE_TCPSTREAM 2
#define PROXY_TYPE_ENCODE_IPHDR 3
- int rule_index;
- int proxy_type;
- u_char proto;
- u_short proxy_port;
- u_short server_port;
+ int rule_index;
+ int proxy_type;
+ u_char proto;
+ u_short proxy_port;
+ u_short server_port;
- struct in_addr server_addr;
+ struct in_addr server_addr;
- struct in_addr src_addr;
- struct in_addr src_mask;
+ struct in_addr src_addr;
+ struct in_addr src_mask;
- struct in_addr dst_addr;
- struct in_addr dst_mask;
+ struct in_addr dst_addr;
+ struct in_addr dst_mask;
- struct proxy_entry *next;
- struct proxy_entry *last;
+ struct proxy_entry *next;
+ struct proxy_entry *last;
};
@@ -134,308 +133,297 @@ struct proxy_entry
destination of a proxied IP packet
*/
-static int IpMask(int, struct in_addr *);
-static int IpAddr(char *, struct in_addr *);
-static int IpPort(char *, int, int *);
-static void RuleAdd(struct libalias *la, struct proxy_entry *);
-static void RuleDelete(struct proxy_entry *);
-static int RuleNumberDelete(struct libalias *la, int);
-static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int);
-static void ProxyEncodeIpHeader(struct ip *, int);
+static int IpMask(int, struct in_addr *);
+static int IpAddr(char *, struct in_addr *);
+static int IpPort(char *, int, int *);
+static void RuleAdd(struct libalias *la, struct proxy_entry *);
+static void RuleDelete(struct proxy_entry *);
+static int RuleNumberDelete(struct libalias *la, int);
+static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int);
+static void ProxyEncodeIpHeader(struct ip *, int);
static int
IpMask(int nbits, struct in_addr *mask)
{
- int i;
- u_int imask;
+ int i;
+ u_int imask;
- if (nbits < 0 || nbits > 32)
- return -1;
+ if (nbits < 0 || nbits > 32)
+ return -1;
- imask = 0;
- for (i=0; i<nbits; i++)
- imask = (imask >> 1) + 0x80000000;
- mask->s_addr = htonl(imask);
+ imask = 0;
+ for (i = 0; i < nbits; i++)
+ imask = (imask >> 1) + 0x80000000;
+ mask->s_addr = htonl(imask);
- return 0;
+ return 0;
}
static int
IpAddr(char *s, struct in_addr *addr)
{
- if (inet_aton(s, addr) == 0)
- return -1;
- else
- return 0;
+ if (inet_aton(s, addr) == 0)
+ return -1;
+ else
+ return 0;
}
static int
IpPort(char *s, int proto, int *port)
{
- int n;
-
- n = sscanf(s, "%d", port);
- if (n != 1)
- {
- struct servent *se;
+ int n;
- if (proto == IPPROTO_TCP)
- se = getservbyname(s, "tcp");
- else if (proto == IPPROTO_UDP)
- se = getservbyname(s, "udp");
- else
- return -1;
+ n = sscanf(s, "%d", port);
+ if (n != 1) {
+ struct servent *se;
- if (se == NULL)
- return -1;
+ if (proto == IPPROTO_TCP)
+ se = getservbyname(s, "tcp");
+ else if (proto == IPPROTO_UDP)
+ se = getservbyname(s, "udp");
+ else
+ return -1;
- *port = (u_int) ntohs(se->s_port);
- }
+ if (se == NULL)
+ return -1;
- return 0;
+ *port = (u_int) ntohs(se->s_port);
+ }
+ return 0;
}
void
RuleAdd(struct libalias *la, struct proxy_entry *entry)
{
- int rule_index;
- struct proxy_entry *ptr;
- struct proxy_entry *ptr_last;
-
- if (la->proxyList == NULL)
- {
- la->proxyList = entry;
- entry->last = NULL;
- entry->next = NULL;
- return;
- }
- entry->la = la;
-
- rule_index = entry->rule_index;
- ptr = la->proxyList;
- ptr_last = NULL;
- while (ptr != NULL)
- {
- if (ptr->rule_index >= rule_index)
- {
- if (ptr_last == NULL)
- {
- entry->next = la->proxyList;
- entry->last = NULL;
- la->proxyList->last = entry;
- la->proxyList = entry;
- return;
- }
-
- ptr_last->next = entry;
- ptr->last = entry;
- entry->last = ptr->last;
- entry->next = ptr;
- return;
- }
- ptr_last = ptr;
- ptr = ptr->next;
- }
-
- ptr_last->next = entry;
- entry->last = ptr_last;
- entry->next = NULL;
+ int rule_index;
+ struct proxy_entry *ptr;
+ struct proxy_entry *ptr_last;
+
+ if (la->proxyList == NULL) {
+ la->proxyList = entry;
+ entry->last = NULL;
+ entry->next = NULL;
+ return;
+ }
+ entry->la = la;
+
+ rule_index = entry->rule_index;
+ ptr = la->proxyList;
+ ptr_last = NULL;
+ while (ptr != NULL) {
+ if (ptr->rule_index >= rule_index) {
+ if (ptr_last == NULL) {
+ entry->next = la->proxyList;
+ entry->last = NULL;
+ la->proxyList->last = entry;
+ la->proxyList = entry;
+ return;
+ }
+ ptr_last->next = entry;
+ ptr->last = entry;
+ entry->last = ptr->last;
+ entry->next = ptr;
+ return;
+ }
+ ptr_last = ptr;
+ ptr = ptr->next;
+ }
+
+ ptr_last->next = entry;
+ entry->last = ptr_last;
+ entry->next = NULL;
}
static void
RuleDelete(struct proxy_entry *entry)
{
- struct libalias *la;
-
- la = entry->la;
- if (entry->last != NULL)
- entry->last->next = entry->next;
- else
- la->proxyList = entry->next;
-
- if (entry->next != NULL)
- entry->next->last = entry->last;
-
- free(entry);
+ struct libalias *la;
+
+ la = entry->la;
+ if (entry->last != NULL)
+ entry->last->next = entry->next;
+ else
+ la->proxyList = entry->next;
+
+ if (entry->next != NULL)
+ entry->next->last = entry->last;
+
+ free(entry);
}
static int
RuleNumberDelete(struct libalias *la, int rule_index)
{
- int err;
- struct proxy_entry *ptr;
-
- err = -1;
- ptr = la->proxyList;
- while (ptr != NULL)
- {
- struct proxy_entry *ptr_next;
-
- ptr_next = ptr->next;
- if (ptr->rule_index == rule_index)
- {
- err = 0;
- RuleDelete(ptr);
- }
-
- ptr = ptr_next;
- }
-
- return err;
+ int err;
+ struct proxy_entry *ptr;
+
+ err = -1;
+ ptr = la->proxyList;
+ while (ptr != NULL) {
+ struct proxy_entry *ptr_next;
+
+ ptr_next = ptr->next;
+ if (ptr->rule_index == rule_index) {
+ err = 0;
+ RuleDelete(ptr);
+ }
+ ptr = ptr_next;
+ }
+
+ return err;
}
static void
ProxyEncodeTcpStream(struct alias_link *link,
- struct ip *pip,
- int maxpacketsize)
+ struct ip *pip,
+ int maxpacketsize)
{
- int slen;
- char buffer[40];
- struct tcphdr *tc;
+ int slen;
+ char buffer[40];
+ struct tcphdr *tc;
/* Compute pointer to tcp header */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
/* Don't modify if once already modified */
- if (GetAckModified (link))
- return;
+ if (GetAckModified(link))
+ return;
/* Translate destination address and port to string form */
- snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]",
- inet_ntoa(GetProxyAddress (link)), (u_int) ntohs(GetProxyPort (link)));
+ snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]",
+ inet_ntoa(GetProxyAddress(link)), (u_int) ntohs(GetProxyPort(link)));
/* Pad string out to a multiple of two in length */
- slen = strlen(buffer);
- switch (slen % 2)
- {
- case 0:
- strcat(buffer, " \n");
- slen += 2;
- break;
- case 1:
- strcat(buffer, "\n");
- slen += 1;
- }
+ slen = strlen(buffer);
+ switch (slen % 2) {
+ case 0:
+ strcat(buffer, " \n");
+ slen += 2;
+ break;
+ case 1:
+ strcat(buffer, "\n");
+ slen += 1;
+ }
/* Check for packet overflow */
- if ((ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize)
- return;
+ if ((ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize)
+ return;
/* Shift existing TCP data and insert destination string */
- {
- int dlen;
- int hlen;
- u_char *p;
+ {
+ int dlen;
+ int hlen;
+ u_char *p;
- hlen = (pip->ip_hl + tc->th_off) << 2;
- dlen = ntohs (pip->ip_len) - hlen;
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ dlen = ntohs(pip->ip_len) - hlen;
/* Modify first packet that has data in it */
- if (dlen == 0)
- return;
+ if (dlen == 0)
+ return;
- p = (char *) pip;
- p += hlen;
+ p = (char *)pip;
+ p += hlen;
- memmove(p + slen, p, dlen);
- memcpy(p, buffer, slen);
- }
+ memmove(p + slen, p, dlen);
+ memcpy(p, buffer, slen);
+ }
/* Save information about modfied sequence number */
- {
- int delta;
+ {
+ int delta;
- SetAckModified(link);
- delta = GetDeltaSeqOut(pip, link);
- AddSeq(pip, link, delta+slen);
- }
+ SetAckModified(link);
+ delta = GetDeltaSeqOut(pip, link);
+ AddSeq(pip, link, delta + slen);
+ }
/* Update IP header packet length and checksum */
- {
- int accumulate;
+ {
+ int accumulate;
- accumulate = pip->ip_len;
- pip->ip_len = htons(ntohs(pip->ip_len) + slen);
- accumulate -= pip->ip_len;
+ accumulate = pip->ip_len;
+ pip->ip_len = htons(ntohs(pip->ip_len) + slen);
+ accumulate -= pip->ip_len;
- ADJUST_CHECKSUM(accumulate, pip->ip_sum);
- }
+ ADJUST_CHECKSUM(accumulate, pip->ip_sum);
+ }
/* Update TCP checksum, Use TcpChecksum since so many things have
already changed. */
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum (pip);
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
}
static void
ProxyEncodeIpHeader(struct ip *pip,
- int maxpacketsize)
+ int maxpacketsize)
{
#define OPTION_LEN_BYTES 8
#define OPTION_LEN_INT16 4
#define OPTION_LEN_INT32 2
- u_char option[OPTION_LEN_BYTES];
+ u_char option[OPTION_LEN_BYTES];
#ifdef DEBUG
- fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip));
- fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip));
+ fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip));
+ fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip));
#endif
/* Check to see that there is room to add an IP option */
- if (pip->ip_hl > (0x0f - OPTION_LEN_INT32))
- return;
+ if (pip->ip_hl > (0x0f - OPTION_LEN_INT32))
+ return;
/* Build option and copy into packet */
- {
- u_char *ptr;
- struct tcphdr *tc;
+ {
+ u_char *ptr;
+ struct tcphdr *tc;
- ptr = (u_char *) pip;
- ptr += 20;
- memcpy(ptr + OPTION_LEN_BYTES, ptr, ntohs(pip->ip_len) - 20);
+ ptr = (u_char *) pip;
+ ptr += 20;
+ memcpy(ptr + OPTION_LEN_BYTES, ptr, ntohs(pip->ip_len) - 20);
- option[0] = 0x64; /* class: 3 (reserved), option 4 */
- option[1] = OPTION_LEN_BYTES;
+ option[0] = 0x64; /* class: 3 (reserved), option 4 */
+ option[1] = OPTION_LEN_BYTES;
- memcpy(&option[2], (u_char *) &pip->ip_dst, 4);
+ memcpy(&option[2], (u_char *) & pip->ip_dst, 4);
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- memcpy(&option[6], (u_char *) &tc->th_sport, 2);
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ memcpy(&option[6], (u_char *) & tc->th_sport, 2);
- memcpy(ptr, option, 8);
- }
+ memcpy(ptr, option, 8);
+ }
/* Update checksum, header length and packet length */
- {
- int i;
- int accumulate;
- u_short *sptr;
-
- sptr = (u_short *) option;
- accumulate = 0;
- for (i=0; i<OPTION_LEN_INT16; i++)
- accumulate -= *(sptr++);
-
- sptr = (u_short *) pip;
- accumulate += *sptr;
- pip->ip_hl += OPTION_LEN_INT32;
- accumulate -= *sptr;
-
- accumulate += pip->ip_len;
- pip->ip_len = htons(ntohs(pip->ip_len) + OPTION_LEN_BYTES);
- accumulate -= pip->ip_len;
-
- ADJUST_CHECKSUM(accumulate, pip->ip_sum);
- }
+ {
+ int i;
+ int accumulate;
+ u_short *sptr;
+
+ sptr = (u_short *) option;
+ accumulate = 0;
+ for (i = 0; i < OPTION_LEN_INT16; i++)
+ accumulate -= *(sptr++);
+
+ sptr = (u_short *) pip;
+ accumulate += *sptr;
+ pip->ip_hl += OPTION_LEN_INT32;
+ accumulate -= *sptr;
+
+ accumulate += pip->ip_len;
+ pip->ip_len = htons(ntohs(pip->ip_len) + OPTION_LEN_BYTES);
+ accumulate -= pip->ip_len;
+
+ ADJUST_CHECKSUM(accumulate, pip->ip_sum);
+ }
#undef OPTION_LEN_BYTES
#undef OPTION_LEN_INT16
#undef OPTION_LEN_INT32
#ifdef DEBUG
- fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip));
- fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip));
+ fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip));
+ fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip));
#endif
}
@@ -451,66 +439,62 @@ ProxyEncodeIpHeader(struct ip *pip,
int
ProxyCheck(struct libalias *la, struct ip *pip,
- struct in_addr *proxy_server_addr,
- u_short *proxy_server_port)
+ struct in_addr *proxy_server_addr,
+ u_short * proxy_server_port)
{
- u_short dst_port;
- struct in_addr src_addr;
- struct in_addr dst_addr;
- struct proxy_entry *ptr;
-
- src_addr = pip->ip_src;
- dst_addr = pip->ip_dst;
- dst_port = ((struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)))
- ->th_dport;
-
- ptr = la->proxyList;
- while (ptr != NULL)
- {
- u_short proxy_port;
-
- proxy_port = ptr->proxy_port;
- if ((dst_port == proxy_port || proxy_port == 0)
- && pip->ip_p == ptr->proto
- && src_addr.s_addr != ptr->server_addr.s_addr)
- {
- struct in_addr src_addr_masked;
- struct in_addr dst_addr_masked;
-
- src_addr_masked.s_addr = src_addr.s_addr & ptr->src_mask.s_addr;
- dst_addr_masked.s_addr = dst_addr.s_addr & ptr->dst_mask.s_addr;
-
- if ((src_addr_masked.s_addr == ptr->src_addr.s_addr)
- && (dst_addr_masked.s_addr == ptr->dst_addr.s_addr))
- {
- if ((*proxy_server_port = ptr->server_port) == 0)
- *proxy_server_port = dst_port;
- *proxy_server_addr = ptr->server_addr;
- return ptr->proxy_type;
- }
- }
- ptr = ptr->next;
- }
-
- return 0;
+ u_short dst_port;
+ struct in_addr src_addr;
+ struct in_addr dst_addr;
+ struct proxy_entry *ptr;
+
+ src_addr = pip->ip_src;
+ dst_addr = pip->ip_dst;
+ dst_port = ((struct tcphdr *)((char *)pip + (pip->ip_hl << 2)))
+ ->th_dport;
+
+ ptr = la->proxyList;
+ while (ptr != NULL) {
+ u_short proxy_port;
+
+ proxy_port = ptr->proxy_port;
+ if ((dst_port == proxy_port || proxy_port == 0)
+ && pip->ip_p == ptr->proto
+ && src_addr.s_addr != ptr->server_addr.s_addr) {
+ struct in_addr src_addr_masked;
+ struct in_addr dst_addr_masked;
+
+ src_addr_masked.s_addr = src_addr.s_addr & ptr->src_mask.s_addr;
+ dst_addr_masked.s_addr = dst_addr.s_addr & ptr->dst_mask.s_addr;
+
+ if ((src_addr_masked.s_addr == ptr->src_addr.s_addr)
+ && (dst_addr_masked.s_addr == ptr->dst_addr.s_addr)) {
+ if ((*proxy_server_port = ptr->server_port) == 0)
+ *proxy_server_port = dst_port;
+ *proxy_server_addr = ptr->server_addr;
+ return ptr->proxy_type;
+ }
+ }
+ ptr = ptr->next;
+ }
+
+ return 0;
}
void
ProxyModify(struct libalias *la, struct alias_link *link,
- struct ip *pip,
- int maxpacketsize,
- int proxy_type)
+ struct ip *pip,
+ int maxpacketsize,
+ int proxy_type)
{
- switch (proxy_type)
- {
- case PROXY_TYPE_ENCODE_IPHDR:
- ProxyEncodeIpHeader(pip, maxpacketsize);
- break;
-
- case PROXY_TYPE_ENCODE_TCPSTREAM:
- ProxyEncodeTcpStream(link, pip, maxpacketsize);
- break;
- }
+ switch (proxy_type) {
+ case PROXY_TYPE_ENCODE_IPHDR:
+ ProxyEncodeIpHeader(pip, maxpacketsize);
+ break;
+
+ case PROXY_TYPE_ENCODE_TCPSTREAM:
+ ProxyEncodeTcpStream(link, pip, maxpacketsize);
+ break;
+ }
}
@@ -542,54 +526,54 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
* then 0 is used, and group 0 rules are always checked before any
* others.
*/
- int i, n, len;
- int cmd_len;
- int token_count;
- int state;
- char *token;
- char buffer[256];
- char str_port[sizeof(buffer)];
- char str_server_port[sizeof(buffer)];
- char *res = buffer;
-
- int rule_index;
- int proto;
- int proxy_type;
- int proxy_port;
- int server_port;
- struct in_addr server_addr;
- struct in_addr src_addr, src_mask;
- struct in_addr dst_addr, dst_mask;
- struct proxy_entry *proxy_entry;
+ int i, n, len;
+ int cmd_len;
+ int token_count;
+ int state;
+ char *token;
+ char buffer[256];
+ char str_port[sizeof(buffer)];
+ char str_server_port[sizeof(buffer)];
+ char *res = buffer;
+
+ int rule_index;
+ int proto;
+ int proxy_type;
+ int proxy_port;
+ int server_port;
+ struct in_addr server_addr;
+ struct in_addr src_addr, src_mask;
+ struct in_addr dst_addr, dst_mask;
+ struct proxy_entry *proxy_entry;
/* Copy command line into a buffer */
- cmd += strspn(cmd, " \t");
- cmd_len = strlen(cmd);
- if (cmd_len > (sizeof(buffer) - 1))
- return -1;
- strcpy(buffer, cmd);
+ cmd += strspn(cmd, " \t");
+ cmd_len = strlen(cmd);
+ if (cmd_len > (sizeof(buffer) - 1))
+ return -1;
+ strcpy(buffer, cmd);
/* Convert to lower case */
- len = strlen(buffer);
- for (i=0; i<len; i++)
- buffer[i] = tolower((unsigned char)buffer[i]);
+ len = strlen(buffer);
+ for (i = 0; i < len; i++)
+ buffer[i] = tolower((unsigned char)buffer[i]);
/* Set default proxy type */
/* Set up default values */
- rule_index = 0;
- proxy_type = PROXY_TYPE_ENCODE_NONE;
- proto = IPPROTO_TCP;
- proxy_port = 0;
- server_addr.s_addr = 0;
- server_port = 0;
- src_addr.s_addr = 0;
- IpMask(0, &src_mask);
- dst_addr.s_addr = 0;
- IpMask(0, &dst_mask);
-
- str_port[0] = 0;
- str_server_port[0] = 0;
+ rule_index = 0;
+ proxy_type = PROXY_TYPE_ENCODE_NONE;
+ proto = IPPROTO_TCP;
+ proxy_port = 0;
+ server_addr.s_addr = 0;
+ server_port = 0;
+ src_addr.s_addr = 0;
+ IpMask(0, &src_mask);
+ dst_addr.s_addr = 0;
+ IpMask(0, &dst_mask);
+
+ str_port[0] = 0;
+ str_server_port[0] = 0;
/* Parse command string with state machine */
#define STATE_READ_KEYWORD 0
@@ -601,179 +585,168 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
#define STATE_READ_PROTO 6
#define STATE_READ_SRC 7
#define STATE_READ_DST 8
- state = STATE_READ_KEYWORD;
- token = strsep(&res, " \t");
- token_count = 0;
- while (token != NULL)
- {
- token_count++;
- switch (state)
- {
- case STATE_READ_KEYWORD:
- if (strcmp(token, "type") == 0)
- state = STATE_READ_TYPE;
- else if (strcmp(token, "port") == 0)
- state = STATE_READ_PORT;
- else if (strcmp(token, "server") == 0)
- state = STATE_READ_SERVER;
- else if (strcmp(token, "rule") == 0)
- state = STATE_READ_RULE;
- else if (strcmp(token, "delete") == 0)
- state = STATE_READ_DELETE;
- else if (strcmp(token, "proto") == 0)
- state = STATE_READ_PROTO;
- else if (strcmp(token, "src") == 0)
- state = STATE_READ_SRC;
- else if (strcmp(token, "dst") == 0)
- state = STATE_READ_DST;
- else
- return -1;
- break;
-
- case STATE_READ_TYPE:
- if (strcmp(token, "encode_ip_hdr") == 0)
- proxy_type = PROXY_TYPE_ENCODE_IPHDR;
- else if (strcmp(token, "encode_tcp_stream") == 0)
- proxy_type = PROXY_TYPE_ENCODE_TCPSTREAM;
- else if (strcmp(token, "no_encode") == 0)
- proxy_type = PROXY_TYPE_ENCODE_NONE;
- else
- return -1;
- state = STATE_READ_KEYWORD;
- break;
-
- case STATE_READ_PORT:
- strcpy(str_port, token);
- state = STATE_READ_KEYWORD;
- break;
-
- case STATE_READ_SERVER:
- {
- int err;
- char *p;
- char s[sizeof(buffer)];
-
- p = token;
- while (*p != ':' && *p != 0)
- p++;
-
- if (*p != ':')
- {
- err = IpAddr(token, &server_addr);
- if (err)
- return -1;
- }
- else
- {
- *p = ' ';
-
- n = sscanf(token, "%s %s", s, str_server_port);
- if (n != 2)
- return -1;
-
- err = IpAddr(s, &server_addr);
- if (err)
- return -1;
- }
- }
- state = STATE_READ_KEYWORD;
- break;
-
- case STATE_READ_RULE:
- n = sscanf(token, "%d", &rule_index);
- if (n != 1 || rule_index < 0)
- return -1;
- state = STATE_READ_KEYWORD;
- break;
-
- case STATE_READ_DELETE:
- {
- int err;
- int rule_to_delete;
-
- if (token_count != 2)
- return -1;
-
- n = sscanf(token, "%d", &rule_to_delete);
- if (n != 1)
- return -1;
- err = RuleNumberDelete(la, rule_to_delete);
- if (err)
- return -1;
- return 0;
- }
-
- case STATE_READ_PROTO:
- if (strcmp(token, "tcp") == 0)
- proto = IPPROTO_TCP;
- else if (strcmp(token, "udp") == 0)
- proto = IPPROTO_UDP;
- else
- return -1;
- state = STATE_READ_KEYWORD;
- break;
-
- case STATE_READ_SRC:
- case STATE_READ_DST:
- {
- int err;
- char *p;
- struct in_addr mask;
- struct in_addr addr;
-
- p = token;
- while (*p != '/' && *p != 0)
- p++;
-
- if (*p != '/')
- {
- IpMask(32, &mask);
- err = IpAddr(token, &addr);
- if (err)
- return -1;
- }
- else
- {
- int nbits;
- char s[sizeof(buffer)];
-
- *p = ' ';
- n = sscanf(token, "%s %d", s, &nbits);
- if (n != 2)
- return -1;
-
- err = IpAddr(s, &addr);
- if (err)
- return -1;
-
- err = IpMask(nbits, &mask);
- if (err)
- return -1;
- }
-
- if (state == STATE_READ_SRC)
- {
- src_addr = addr;
- src_mask = mask;
- }
- else
- {
- dst_addr = addr;
- dst_mask = mask;
- }
- }
- state = STATE_READ_KEYWORD;
- break;
-
- default:
- return -1;
- break;
- }
-
- do {
- token = strsep(&res, " \t");
- } while (token != NULL && !*token);
- }
+ state = STATE_READ_KEYWORD;
+ token = strsep(&res, " \t");
+ token_count = 0;
+ while (token != NULL) {
+ token_count++;
+ switch (state) {
+ case STATE_READ_KEYWORD:
+ if (strcmp(token, "type") == 0)
+ state = STATE_READ_TYPE;
+ else if (strcmp(token, "port") == 0)
+ state = STATE_READ_PORT;
+ else if (strcmp(token, "server") == 0)
+ state = STATE_READ_SERVER;
+ else if (strcmp(token, "rule") == 0)
+ state = STATE_READ_RULE;
+ else if (strcmp(token, "delete") == 0)
+ state = STATE_READ_DELETE;
+ else if (strcmp(token, "proto") == 0)
+ state = STATE_READ_PROTO;
+ else if (strcmp(token, "src") == 0)
+ state = STATE_READ_SRC;
+ else if (strcmp(token, "dst") == 0)
+ state = STATE_READ_DST;
+ else
+ return -1;
+ break;
+
+ case STATE_READ_TYPE:
+ if (strcmp(token, "encode_ip_hdr") == 0)
+ proxy_type = PROXY_TYPE_ENCODE_IPHDR;
+ else if (strcmp(token, "encode_tcp_stream") == 0)
+ proxy_type = PROXY_TYPE_ENCODE_TCPSTREAM;
+ else if (strcmp(token, "no_encode") == 0)
+ proxy_type = PROXY_TYPE_ENCODE_NONE;
+ else
+ return -1;
+ state = STATE_READ_KEYWORD;
+ break;
+
+ case STATE_READ_PORT:
+ strcpy(str_port, token);
+ state = STATE_READ_KEYWORD;
+ break;
+
+ case STATE_READ_SERVER:
+ {
+ int err;
+ char *p;
+ char s[sizeof(buffer)];
+
+ p = token;
+ while (*p != ':' && *p != 0)
+ p++;
+
+ if (*p != ':') {
+ err = IpAddr(token, &server_addr);
+ if (err)
+ return -1;
+ } else {
+ *p = ' ';
+
+ n = sscanf(token, "%s %s", s, str_server_port);
+ if (n != 2)
+ return -1;
+
+ err = IpAddr(s, &server_addr);
+ if (err)
+ return -1;
+ }
+ }
+ state = STATE_READ_KEYWORD;
+ break;
+
+ case STATE_READ_RULE:
+ n = sscanf(token, "%d", &rule_index);
+ if (n != 1 || rule_index < 0)
+ return -1;
+ state = STATE_READ_KEYWORD;
+ break;
+
+ case STATE_READ_DELETE:
+ {
+ int err;
+ int rule_to_delete;
+
+ if (token_count != 2)
+ return -1;
+
+ n = sscanf(token, "%d", &rule_to_delete);
+ if (n != 1)
+ return -1;
+ err = RuleNumberDelete(la, rule_to_delete);
+ if (err)
+ return -1;
+ return 0;
+ }
+
+ case STATE_READ_PROTO:
+ if (strcmp(token, "tcp") == 0)
+ proto = IPPROTO_TCP;
+ else if (strcmp(token, "udp") == 0)
+ proto = IPPROTO_UDP;
+ else
+ return -1;
+ state = STATE_READ_KEYWORD;
+ break;
+
+ case STATE_READ_SRC:
+ case STATE_READ_DST:
+ {
+ int err;
+ char *p;
+ struct in_addr mask;
+ struct in_addr addr;
+
+ p = token;
+ while (*p != '/' && *p != 0)
+ p++;
+
+ if (*p != '/') {
+ IpMask(32, &mask);
+ err = IpAddr(token, &addr);
+ if (err)
+ return -1;
+ } else {
+ int nbits;
+ char s[sizeof(buffer)];
+
+ *p = ' ';
+ n = sscanf(token, "%s %d", s, &nbits);
+ if (n != 2)
+ return -1;
+
+ err = IpAddr(s, &addr);
+ if (err)
+ return -1;
+
+ err = IpMask(nbits, &mask);
+ if (err)
+ return -1;
+ }
+
+ if (state == STATE_READ_SRC) {
+ src_addr = addr;
+ src_mask = mask;
+ } else {
+ dst_addr = addr;
+ dst_mask = mask;
+ }
+ }
+ state = STATE_READ_KEYWORD;
+ break;
+
+ default:
+ return -1;
+ break;
+ }
+
+ do {
+ token = strsep(&res, " \t");
+ } while (token != NULL && !*token);
+ }
#undef STATE_READ_KEYWORD
#undef STATE_READ_TYPE
#undef STATE_READ_PORT
@@ -788,53 +761,47 @@ LibAliasProxyRule(struct libalias *la, const char *cmd)
the string is parsed, because the prototype might not be designated
before the ports (which might be symbolic entries in /etc/services) */
- if (strlen(str_port) != 0)
- {
- int err;
-
- err = IpPort(str_port, proto, &proxy_port);
- if (err)
- return -1;
- }
- else
- {
- proxy_port = 0;
- }
-
- if (strlen(str_server_port) != 0)
- {
- int err;
-
- err = IpPort(str_server_port, proto, &server_port);
- if (err)
- return -1;
- }
- else
- {
- server_port = 0;
- }
+ if (strlen(str_port) != 0) {
+ int err;
+
+ err = IpPort(str_port, proto, &proxy_port);
+ if (err)
+ return -1;
+ } else {
+ proxy_port = 0;
+ }
+
+ if (strlen(str_server_port) != 0) {
+ int err;
+
+ err = IpPort(str_server_port, proto, &server_port);
+ if (err)
+ return -1;
+ } else {
+ server_port = 0;
+ }
/* Check that at least the server address has been defined */
- if (server_addr.s_addr == 0)
- return -1;
+ if (server_addr.s_addr == 0)
+ return -1;
/* Add to linked list */
- proxy_entry = malloc(sizeof(struct proxy_entry));
- if (proxy_entry == NULL)
- return -1;
-
- proxy_entry->proxy_type = proxy_type;
- proxy_entry->rule_index = rule_index;
- proxy_entry->proto = proto;
- proxy_entry->proxy_port = htons(proxy_port);
- proxy_entry->server_port = htons(server_port);
- proxy_entry->server_addr = server_addr;
- proxy_entry->src_addr.s_addr = src_addr.s_addr & src_mask.s_addr;
- proxy_entry->dst_addr.s_addr = dst_addr.s_addr & dst_mask.s_addr;
- proxy_entry->src_mask = src_mask;
- proxy_entry->dst_mask = dst_mask;
-
- RuleAdd(la, proxy_entry);
-
- return 0;
+ proxy_entry = malloc(sizeof(struct proxy_entry));
+ if (proxy_entry == NULL)
+ return -1;
+
+ proxy_entry->proxy_type = proxy_type;
+ proxy_entry->rule_index = rule_index;
+ proxy_entry->proto = proto;
+ proxy_entry->proxy_port = htons(proxy_port);
+ proxy_entry->server_port = htons(server_port);
+ proxy_entry->server_addr = server_addr;
+ proxy_entry->src_addr.s_addr = src_addr.s_addr & src_mask.s_addr;
+ proxy_entry->dst_addr.s_addr = dst_addr.s_addr & dst_mask.s_addr;
+ proxy_entry->src_mask = src_mask;
+ proxy_entry->dst_mask = dst_mask;
+
+ RuleAdd(la, proxy_entry);
+
+ return 0;
}
diff --git a/lib/libalias/alias_skinny.c b/lib/libalias/alias_skinny.c
index d674893..3c482b4 100644
--- a/lib/libalias/alias_skinny.c
+++ b/lib/libalias/alias_skinny.c
@@ -60,10 +60,10 @@
* has answered. The phone then sends back an Open Receive Channel
* Acknowledgement. In this packet, the phone sends its IP address again,
* and the UDP port over which the voice traffic should flow. These values
- * need translation. Right after the Open Receive Channel Acknowledgement,
+ * need translation. Right after the Open Receive Channel Acknowledgement,
* the Call Manager sends a Start Media Transmission message indicating the
- * call is connected. This message contains the IP address and UDP port
- * number of the remote (called) party. Once this message is translated, the
+ * call is connected. This message contains the IP address and UDP port
+ * number of the remote (called) party. Once this message is translated, the
* call can commence. The called part sends the first UDP packet to the
* calling phone at the pre-arranged UDP port in the Open Receive Channel
* Acknowledgement.
@@ -81,258 +81,258 @@
#define START_MEDIATX 0x0000008a
struct skinny_header {
- u_int32_t len;
- u_int32_t reserved;
- u_int32_t msgId;
+ u_int32_t len;
+ u_int32_t reserved;
+ u_int32_t msgId;
};
struct RegisterMessage {
- u_int32_t msgId;
- char devName[16];
- u_int32_t uid;
- u_int32_t instance;
- u_int32_t ipAddr;
- u_char devType;
- u_int32_t maxStreams;
+ u_int32_t msgId;
+ char devName [16];
+ u_int32_t uid;
+ u_int32_t instance;
+ u_int32_t ipAddr;
+ u_char devType;
+ u_int32_t maxStreams;
};
struct IpPortMessage {
- u_int32_t msgId;
- u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
- * numbers */
+ u_int32_t msgId;
+ u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
+ * numbers */
};
struct OpenReceiveChannelAck {
- u_int32_t msgId;
- u_int32_t status;
- u_int32_t ipAddr;
- u_int32_t port;
- u_int32_t passThruPartyID;
+ u_int32_t msgId;
+ u_int32_t status;
+ u_int32_t ipAddr;
+ u_int32_t port;
+ u_int32_t passThruPartyID;
};
struct StartMediaTransmission {
- u_int32_t msgId;
- u_int32_t conferenceID;
- u_int32_t passThruPartyID;
- u_int32_t remoteIpAddr;
- u_int32_t remotePort;
- u_int32_t MSPacket;
- u_int32_t payloadCap;
- u_int32_t precedence;
- u_int32_t silenceSuppression;
- u_short maxFramesPerPacket;
- u_int32_t G723BitRate;
+ u_int32_t msgId;
+ u_int32_t conferenceID;
+ u_int32_t passThruPartyID;
+ u_int32_t remoteIpAddr;
+ u_int32_t remotePort;
+ u_int32_t MSPacket;
+ u_int32_t payloadCap;
+ u_int32_t precedence;
+ u_int32_t silenceSuppression;
+ u_short maxFramesPerPacket;
+ u_int32_t G723BitRate;
};
typedef enum {
- ClientToServer = 0,
- ServerToClient = 1
+ ClientToServer = 0,
+ ServerToClient = 1
} ConvDirection;
static int
alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip,
- struct tcphdr *tc, struct alias_link *link,
- ConvDirection direction)
+ struct tcphdr *tc, struct alias_link *link,
+ ConvDirection direction)
{
- reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr;
+ reg_msg->ipAddr = (u_int32_t) GetAliasAddress(link).s_addr;
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum(pip);
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
- return 0;
+ return 0;
}
static int
alias_skinny_startmedia(struct StartMediaTransmission *start_media,
- struct ip *pip, struct tcphdr *tc,
- struct alias_link *link, u_int32_t localIpAddr,
- ConvDirection direction)
+ struct ip *pip, struct tcphdr *tc,
+ struct alias_link *link, u_int32_t localIpAddr,
+ ConvDirection direction)
{
- struct in_addr dst, src;
+ struct in_addr dst, src;
- dst.s_addr = start_media->remoteIpAddr;
- src.s_addr = localIpAddr;
+ dst.s_addr = start_media->remoteIpAddr;
+ src.s_addr = localIpAddr;
- /* XXX I should probably handle in bound global translations as well. */
+ /*
+ * XXX I should probably handle in bound global translations as
+ * well.
+ */
- return 0;
+ return 0;
}
static int
alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
- struct tcphdr *tc, struct alias_link *link,
- ConvDirection direction)
+ struct tcphdr *tc, struct alias_link *link,
+ ConvDirection direction)
{
- port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link));
+ port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(link));
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum(pip);
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
- return 0;
+ return 0;
}
static int
alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack,
- struct ip * pip, struct tcphdr *tc,
- struct alias_link *link, u_int32_t *localIpAddr,
- ConvDirection direction)
+ struct ip *pip, struct tcphdr *tc,
+ struct alias_link *link, u_int32_t * localIpAddr,
+ ConvDirection direction)
{
- struct in_addr null_addr;
- struct alias_link *opnrcv_link;
- u_int32_t localPort;
+ struct in_addr null_addr;
+ struct alias_link *opnrcv_link;
+ u_int32_t localPort;
- *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
- localPort = opnrcvch_ack->port;
+ *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
+ localPort = opnrcvch_ack->port;
- null_addr.s_addr = INADDR_ANY;
- opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
- htons((u_short) opnrcvch_ack->port), 0,
- IPPROTO_UDP, 1);
- opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
- opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link));
+ null_addr.s_addr = INADDR_ANY;
+ opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
+ htons((u_short) opnrcvch_ack->port), 0,
+ IPPROTO_UDP, 1);
+ opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
+ opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_link));
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum(pip);
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
- return 0;
+ return 0;
}
void
AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *link)
{
- int hlen, tlen, dlen;
- struct tcphdr *tc;
- u_int32_t msgId, len, t, lip;
- struct skinny_header *sd;
- int orig_len, skinny_hdr_len = sizeof(struct skinny_header);
- ConvDirection direction;
-
- tc = (struct tcphdr *) ((char *)pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
-
- sd = (struct skinny_header *) ((char *)pip + hlen);
-
- /*
- * XXX This direction is reserved for future use. I still need to
- * handle the scenario where the call manager is on the inside, and
- * the calling phone is on the global outside.
- */
- if (ntohs(tc->th_dport) == la->skinnyPort) {
- direction = ClientToServer;
- } else if (ntohs(tc->th_sport) == la->skinnyPort) {
- direction = ServerToClient;
- } else {
+ int hlen, tlen, dlen;
+ struct tcphdr *tc;
+ u_int32_t msgId, len, t, lip;
+ struct skinny_header *sd;
+ int orig_len, skinny_hdr_len = sizeof(struct skinny_header);
+ ConvDirection direction;
+
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
+
+ sd = (struct skinny_header *)((char *)pip + hlen);
+
+ /*
+ * XXX This direction is reserved for future use. I still need to
+ * handle the scenario where the call manager is on the inside, and
+ * the calling phone is on the global outside.
+ */
+ if (ntohs(tc->th_dport) == la->skinnyPort) {
+ direction = ClientToServer;
+ } else if (ntohs(tc->th_sport) == la->skinnyPort) {
+ direction = ServerToClient;
+ } else {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n");
#endif
- return;
- }
-
- orig_len = dlen;
- /*
- * Skinny packets can contain many messages. We need to loop through
- * the packet using len to determine message boundaries. This comes
- * into play big time with port messages being in the same packet as
- * register messages. Also, open receive channel acks are
- * usually buried in a pakcet some 400 bytes long.
- */
- while (dlen >= skinny_hdr_len) {
- len = (sd->len);
- msgId = (sd->msgId);
- t = len;
-
- if (t < 0 || t > orig_len || t > dlen) {
+ return;
+ }
+
+ orig_len = dlen;
+ /*
+ * Skinny packets can contain many messages. We need to loop
+ * through the packet using len to determine message boundaries.
+ * This comes into play big time with port messages being in the
+ * same packet as register messages. Also, open receive channel
+ * acks are usually buried in a pakcet some 400 bytes long.
+ */
+ while (dlen >= skinny_hdr_len) {
+ len = (sd->len);
+ msgId = (sd->msgId);
+ t = len;
+
+ if (t < 0 || t > orig_len || t > dlen) {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Not a skinny packet, invalid length \n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Not a skinny packet, invalid length \n");
#endif
- return;
- }
- switch (msgId) {
- case REG_MSG:
- {
- struct RegisterMessage *reg_mesg;
-
- if (len < sizeof(struct RegisterMessage)) {
+ return;
+ }
+ switch (msgId) {
+ case REG_MSG: {
+ struct RegisterMessage *reg_mesg;
+
+ if (len < sizeof(struct RegisterMessage)) {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Not a skinny packet, bad registration message\n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Not a skinny packet, bad registration message\n");
#endif
- return;
- }
- reg_mesg = (struct RegisterMessage *) & sd->msgId;
+ return;
+ }
+ reg_mesg = (struct RegisterMessage *)&sd->msgId;
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Received a register message");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Received a register message");
#endif
- alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction);
- }
- break;
- case IP_PORT_MSG:
- {
- struct IpPortMessage *port_mesg;
- if (len < sizeof(struct IpPortMessage)) {
+ alias_skinny_reg_msg(reg_mesg, pip, tc, link, direction);
+ break;
+ }
+ case IP_PORT_MSG: {
+ struct IpPortMessage *port_mesg;
+
+ if (len < sizeof(struct IpPortMessage)) {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Not a skinny packet, port message\n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Not a skinny packet, port message\n");
#endif
- return;
- }
+ return;
+ }
#ifdef DEBUG
- fprintf(stderr
- "PacketAlias/Skinny: Received ipport message\n");
+ fprintf(stderr
+ "PacketAlias/Skinny: Received ipport message\n");
#endif
- port_mesg = (struct IpPortMessage *) & sd->msgId;
- alias_skinny_port_msg(port_mesg, pip, tc, link, direction);
- }
- break;
- case OPNRCVCH_ACK:
- {
- struct OpenReceiveChannelAck *opnrcvchn_ack;
-
- if (len < sizeof(struct OpenReceiveChannelAck)) {
+ port_mesg = (struct IpPortMessage *)&sd->msgId;
+ alias_skinny_port_msg(port_mesg, pip, tc, link, direction);
+ break;
+ }
+ case OPNRCVCH_ACK: {
+ struct OpenReceiveChannelAck *opnrcvchn_ack;
+
+ if (len < sizeof(struct OpenReceiveChannelAck)) {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Not a skinny packet, packet,OpnRcvChnAckMsg\n");
#endif
- return;
- }
+ return;
+ }
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Received open rcv channel msg\n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Received open rcv channel msg\n");
#endif
- opnrcvchn_ack = (struct OpenReceiveChannelAck *) & sd->msgId;
- alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
- }
- break;
- case START_MEDIATX:
- {
- struct StartMediaTransmission *startmedia_tx;
-
- if (len < sizeof(struct StartMediaTransmission)) {
+ opnrcvchn_ack = (struct OpenReceiveChannelAck *)&sd->msgId;
+ alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
+ break;
+ }
+ case START_MEDIATX: {
+ struct StartMediaTransmission *startmedia_tx;
+
+ if (len < sizeof(struct StartMediaTransmission)) {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Not a skinny packet,StartMediaTx Message\n");
#endif
- return;
- }
+ return;
+ }
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/Skinny: Received start media trans msg\n");
+ fprintf(stderr,
+ "PacketAlias/Skinny: Received start media trans msg\n");
#endif
- startmedia_tx = (struct StartMediaTransmission *) & sd->msgId;
- alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction);
- }
- break;
- default:
- break;
- }
- /* Place the pointer at the next message in the packet. */
- dlen -= len + (skinny_hdr_len - sizeof(msgId));
- sd = (struct skinny_header *) (((char *)&sd->msgId) + len);
- }
+ startmedia_tx = (struct StartMediaTransmission *)&sd->msgId;
+ alias_skinny_startmedia(startmedia_tx, pip, tc, link, lip, direction);
+ break;
+ }
+ default:
+ break;
+ }
+ /* Place the pointer at the next message in the packet. */
+ dlen -= len + (skinny_hdr_len - sizeof(msgId));
+ sd = (struct skinny_header *)(((char *)&sd->msgId) + len);
+ }
}
diff --git a/lib/libalias/alias_smedia.c b/lib/libalias/alias_smedia.c
index 600563ce..700f409 100644
--- a/lib/libalias/alias_smedia.c
+++ b/lib/libalias/alias_smedia.c
@@ -118,316 +118,326 @@ __FBSDID("$FreeBSD$");
static int
search_string(char *data, int dlen, const char *search_str)
{
- int i, j, k;
- int search_str_len;
-
- search_str_len = strlen(search_str);
- for (i = 0; i < dlen - search_str_len; i++) {
- for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
- if (data[j] != search_str[k] &&
- data[j] != search_str[k] - ('a' - 'A')) {
- break;
- }
- if (k == search_str_len - 1) {
- return j + 1;
- }
+ int i, j, k;
+ int search_str_len;
+
+ search_str_len = strlen(search_str);
+ for (i = 0; i < dlen - search_str_len; i++) {
+ for (j = i, k = 0; j < dlen - search_str_len; j++, k++) {
+ if (data[j] != search_str[k] &&
+ data[j] != search_str[k] - ('a' - 'A')) {
+ break;
+ }
+ if (k == search_str_len - 1) {
+ return j + 1;
+ }
+ }
}
- }
- return -1;
+ return -1;
}
static int
alias_rtsp_out(struct libalias *la, struct ip *pip,
- struct alias_link *link,
- char *data,
- const char *port_str)
+ struct alias_link *link,
+ char *data,
+ const char *port_str)
{
- int hlen, tlen, dlen;
- struct tcphdr *tc;
- int i, j, pos, state, port_dlen, new_dlen, delta;
- u_short p[2], new_len;
- u_short sport, eport, base_port;
- u_short salias = 0, ealias = 0, base_alias = 0;
- const char *transport_str = "transport:";
- char newdata[2048], *port_data, *port_newdata, stemp[80];
- int links_created = 0, pkt_updated = 0;
- struct alias_link *rtsp_link = NULL;
- struct in_addr null_addr;
-
- /* Calculate data length of TCP packet */
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
-
- /* Find keyword, "Transport: " */
- pos = search_string(data, dlen, transport_str);
- if (pos < 0) {
- return -1;
- }
- port_data = data + pos;
- port_dlen = dlen - pos;
-
- memcpy(newdata, data, pos);
- port_newdata = newdata + pos;
-
- while (port_dlen > strlen(port_str)) {
- /* Find keyword, appropriate port string */
- pos = search_string(port_data, port_dlen, port_str);
+ int hlen, tlen, dlen;
+ struct tcphdr *tc;
+ int i, j, pos, state, port_dlen, new_dlen, delta;
+ u_short p[2], new_len;
+ u_short sport, eport, base_port;
+ u_short salias = 0, ealias = 0, base_alias = 0;
+ const char *transport_str = "transport:";
+ char newdata[2048], *port_data, *port_newdata, stemp[80];
+ int links_created = 0, pkt_updated = 0;
+ struct alias_link *rtsp_link = NULL;
+ struct in_addr null_addr;
+
+ /* Calculate data length of TCP packet */
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
+
+ /* Find keyword, "Transport: " */
+ pos = search_string(data, dlen, transport_str);
if (pos < 0) {
- break;
+ return -1;
}
+ port_data = data + pos;
+ port_dlen = dlen - pos;
- memcpy (port_newdata, port_data, pos + 1);
- port_newdata += (pos + 1);
-
- p[0] = p[1] = 0;
- sport = eport = 0;
- state = 0;
- for (i = pos; i < port_dlen; i++) {
- switch(state) {
- case 0:
- if (port_data[i] == '=') {
- state++;
- }
- break;
- case 1:
- if (ISDIGIT(port_data[i])) {
- p[0] = p[0] * 10 + port_data[i] - '0';
- } else {
- if (port_data[i] == ';') {
- state = 3;
- }
- if (port_data[i] == '-') {
- state++;
- }
- }
- break;
- case 2:
- if (ISDIGIT(port_data[i])) {
- p[1] = p[1] * 10 + port_data[i] - '0';
- } else {
- state++;
+ memcpy(newdata, data, pos);
+ port_newdata = newdata + pos;
+
+ while (port_dlen > strlen(port_str)) {
+ /* Find keyword, appropriate port string */
+ pos = search_string(port_data, port_dlen, port_str);
+ if (pos < 0) {
+ break;
}
- break;
- case 3:
- base_port = p[0];
- sport = htons(p[0]);
- eport = htons(p[1]);
-
- if (!links_created) {
-
- links_created = 1;
- /* Find an even numbered port number base that
- satisfies the contiguous number of ports we need */
- null_addr.s_addr = 0;
- if (0 == (salias = FindNewPortGroup(la, null_addr,
- FindAliasAddress(la, pip->ip_src),
- sport, 0,
- RTSP_PORT_GROUP,
- IPPROTO_UDP, 1))) {
+ memcpy(port_newdata, port_data, pos + 1);
+ port_newdata += (pos + 1);
+
+ p[0] = p[1] = 0;
+ sport = eport = 0;
+ state = 0;
+ for (i = pos; i < port_dlen; i++) {
+ switch (state) {
+ case 0:
+ if (port_data[i] == '=') {
+ state++;
+ }
+ break;
+ case 1:
+ if (ISDIGIT(port_data[i])) {
+ p[0] = p[0] * 10 + port_data[i] - '0';
+ } else {
+ if (port_data[i] == ';') {
+ state = 3;
+ }
+ if (port_data[i] == '-') {
+ state++;
+ }
+ }
+ break;
+ case 2:
+ if (ISDIGIT(port_data[i])) {
+ p[1] = p[1] * 10 + port_data[i] - '0';
+ } else {
+ state++;
+ }
+ break;
+ case 3:
+ base_port = p[0];
+ sport = htons(p[0]);
+ eport = htons(p[1]);
+
+ if (!links_created) {
+
+ links_created = 1;
+ /*
+ * Find an even numbered port
+ * number base that satisfies the
+ * contiguous number of ports we
+ * need
+ */
+ null_addr.s_addr = 0;
+ if (0 == (salias = FindNewPortGroup(la, null_addr,
+ FindAliasAddress(la, pip->ip_src),
+ sport, 0,
+ RTSP_PORT_GROUP,
+ IPPROTO_UDP, 1))) {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n");
+ fprintf(stderr,
+ "PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n");
#endif
- } else {
-
- base_alias = ntohs(salias);
- for (j = 0; j < RTSP_PORT_GROUP; j++) {
- /* Establish link to port found in RTSP packet */
- rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
- htons(base_port + j), htons(base_alias + j),
- IPPROTO_UDP);
- if (rtsp_link != NULL) {
+ } else {
+
+ base_alias = ntohs(salias);
+ for (j = 0; j < RTSP_PORT_GROUP; j++) {
+ /*
+ * Establish link
+ * to port found in
+ * RTSP packet
+ */
+ rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
+ htons(base_port + j), htons(base_alias + j),
+ IPPROTO_UDP);
+ if (rtsp_link != NULL) {
#ifndef NO_FW_PUNCH
- /* Punch hole in firewall */
- PunchFWHole(rtsp_link);
+ /*
+ * Punch
+ * hole in
+ * firewall
+ */
+ PunchFWHole(rtsp_link);
#endif
- } else {
+ } else {
#ifdef DEBUG
- fprintf(stderr,
- "PacketAlias/RTSP: Cannot allocate RTSP data ports\n");
+ fprintf(stderr,
+ "PacketAlias/RTSP: Cannot allocate RTSP data ports\n");
#endif
- break;
- }
- }
- }
- ealias = htons(base_alias + (RTSP_PORT_GROUP - 1));
+ break;
+ }
+ }
+ }
+ ealias = htons(base_alias + (RTSP_PORT_GROUP - 1));
+ }
+ if (salias && rtsp_link) {
+
+ pkt_updated = 1;
+
+ /* Copy into IP packet */
+ sprintf(stemp, "%d", ntohs(salias));
+ memcpy(port_newdata, stemp, strlen(stemp));
+ port_newdata += strlen(stemp);
+
+ if (eport != 0) {
+ *port_newdata = '-';
+ port_newdata++;
+
+ /* Copy into IP packet */
+ sprintf(stemp, "%d", ntohs(ealias));
+ memcpy(port_newdata, stemp, strlen(stemp));
+ port_newdata += strlen(stemp);
+ }
+ *port_newdata = ';';
+ port_newdata++;
+ }
+ state++;
+ break;
+ }
+ if (state > 3) {
+ break;
+ }
}
-
- if (salias && rtsp_link) {
-
- pkt_updated = 1;
-
- /* Copy into IP packet */
- sprintf(stemp, "%d", ntohs(salias));
- memcpy(port_newdata, stemp, strlen(stemp));
- port_newdata += strlen(stemp);
-
- if (eport != 0) {
- *port_newdata = '-';
- port_newdata++;
-
- /* Copy into IP packet */
- sprintf(stemp, "%d", ntohs(ealias));
- memcpy(port_newdata, stemp, strlen(stemp));
- port_newdata += strlen(stemp);
- }
-
- *port_newdata = ';';
- port_newdata++;
- }
- state++;
- break;
- }
- if (state > 3) {
- break;
- }
+ port_data += i;
+ port_dlen -= i;
}
- port_data += i;
- port_dlen -= i;
- }
- if (!pkt_updated)
- return -1;
+ if (!pkt_updated)
+ return -1;
- memcpy (port_newdata, port_data, port_dlen);
- port_newdata += port_dlen;
- *port_newdata = '\0';
+ memcpy(port_newdata, port_data, port_dlen);
+ port_newdata += port_dlen;
+ *port_newdata = '\0';
- /* Create new packet */
- new_dlen = port_newdata - newdata;
- memcpy (data, newdata, new_dlen);
+ /* Create new packet */
+ new_dlen = port_newdata - newdata;
+ memcpy(data, newdata, new_dlen);
- SetAckModified(link);
- delta = GetDeltaSeqOut(pip, link);
- AddSeq(pip, link, delta + new_dlen - dlen);
+ SetAckModified(link);
+ delta = GetDeltaSeqOut(pip, link);
+ AddSeq(pip, link, delta + new_dlen - dlen);
- new_len = htons(hlen + new_dlen);
- DifferentialChecksum(&pip->ip_sum,
- &new_len,
- &pip->ip_len,
- 1);
- pip->ip_len = new_len;
+ new_len = htons(hlen + new_dlen);
+ DifferentialChecksum(&pip->ip_sum,
+ &new_len,
+ &pip->ip_len,
+ 1);
+ pip->ip_len = new_len;
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum(pip);
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
- return 0;
+ return 0;
}
/* Support the protocol used by early versions of RealPlayer */
static int
alias_pna_out(struct libalias *la, struct ip *pip,
- struct alias_link *link,
- char *data,
- int dlen)
+ struct alias_link *link,
+ char *data,
+ int dlen)
{
- struct alias_link *pna_links;
- u_short msg_id, msg_len;
- char *work;
- u_short alias_port, port;
- struct tcphdr *tc;
-
- work = data;
- work += 5;
- while (work + 4 < data + dlen) {
- memcpy(&msg_id, work, 2);
- work += 2;
- memcpy(&msg_len, work, 2);
- work += 2;
- if (ntohs(msg_id) == 0) {
- /* end of options */
- return 0;
- }
- if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
- memcpy(&port, work, 2);
- pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
- port, 0, IPPROTO_UDP, 1);
- if (pna_links != NULL) {
+ struct alias_link *pna_links;
+ u_short msg_id, msg_len;
+ char *work;
+ u_short alias_port, port;
+ struct tcphdr *tc;
+
+ work = data;
+ work += 5;
+ while (work + 4 < data + dlen) {
+ memcpy(&msg_id, work, 2);
+ work += 2;
+ memcpy(&msg_len, work, 2);
+ work += 2;
+ if (ntohs(msg_id) == 0) {
+ /* end of options */
+ return 0;
+ }
+ if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
+ memcpy(&port, work, 2);
+ pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
+ port, 0, IPPROTO_UDP, 1);
+ if (pna_links != NULL) {
#ifndef NO_FW_PUNCH
- /* Punch hole in firewall */
- PunchFWHole(pna_links);
+ /* Punch hole in firewall */
+ PunchFWHole(pna_links);
#endif
- tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
- alias_port = GetAliasPort(pna_links);
- memcpy(work, &alias_port, 2);
-
- /* Compute TCP checksum for revised packet */
- tc->th_sum = 0;
- tc->th_sum = TcpChecksum(pip);
- }
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ alias_port = GetAliasPort(pna_links);
+ memcpy(work, &alias_port, 2);
+
+ /* Compute TCP checksum for revised packet */
+ tc->th_sum = 0;
+ tc->th_sum = TcpChecksum(pip);
+ }
+ }
+ work += ntohs(msg_len);
}
- work += ntohs(msg_len);
- }
- return 0;
+ return 0;
}
void
AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *link, int maxpacketsize)
{
- int hlen, tlen, dlen;
- struct tcphdr *tc;
- char *data;
- const char *setup = "SETUP", *pna = "PNA", *str200 = "200";
- const char *okstr = "OK", *client_port_str = "client_port";
- const char *server_port_str = "server_port";
- int i, parseOk;
-
- tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
- hlen = (pip->ip_hl + tc->th_off) << 2;
- tlen = ntohs(pip->ip_len);
- dlen = tlen - hlen;
-
- data = (char*)pip;
- data += hlen;
-
- /* When aliasing a client, check for the SETUP request */
- if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
- (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
-
- if (dlen >= strlen(setup)) {
- if (memcmp(data, setup, strlen(setup)) == 0) {
- alias_rtsp_out(la, pip, link, data, client_port_str);
- return;
- }
- }
- if (dlen >= strlen(pna)) {
- if (memcmp(data, pna, strlen(pna)) == 0) {
- alias_pna_out(la, pip, link, data, dlen);
- }
- }
-
- } else {
+ int hlen, tlen, dlen;
+ struct tcphdr *tc;
+ char *data;
+ const char *setup = "SETUP", *pna = "PNA", *str200 = "200";
+ const char *okstr = "OK", *client_port_str = "client_port";
+ const char *server_port_str = "server_port";
+ int i, parseOk;
+
+ tc = (struct tcphdr *)((char *)pip + (pip->ip_hl << 2));
+ hlen = (pip->ip_hl + tc->th_off) << 2;
+ tlen = ntohs(pip->ip_len);
+ dlen = tlen - hlen;
+
+ data = (char *)pip;
+ data += hlen;
+
+ /* When aliasing a client, check for the SETUP request */
+ if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) ||
+ (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) {
+
+ if (dlen >= strlen(setup)) {
+ if (memcmp(data, setup, strlen(setup)) == 0) {
+ alias_rtsp_out(la, pip, link, data, client_port_str);
+ return;
+ }
+ }
+ if (dlen >= strlen(pna)) {
+ if (memcmp(data, pna, strlen(pna)) == 0) {
+ alias_pna_out(la, pip, link, data, dlen);
+ }
+ }
+ } else {
- /* When aliasing a server, check for the 200 reply
- Accomodate varying number of blanks between 200 & OK */
+ /*
+ * When aliasing a server, check for the 200 reply
+ * Accomodate varying number of blanks between 200 & OK
+ */
- if (dlen >= strlen(str200)) {
+ if (dlen >= strlen(str200)) {
- for (parseOk = 0, i = 0;
- i <= dlen - strlen(str200);
- i++) {
- if (memcmp(&data[i], str200, strlen(str200)) == 0) {
- parseOk = 1;
- break;
- }
- }
- if (parseOk) {
+ for (parseOk = 0, i = 0;
+ i <= dlen - strlen(str200);
+ i++) {
+ if (memcmp(&data[i], str200, strlen(str200)) == 0) {
+ parseOk = 1;
+ break;
+ }
+ }
+ if (parseOk) {
- i += strlen(str200); /* skip string found */
- while(data[i] == ' ') /* skip blank(s) */
- i++;
+ i += strlen(str200); /* skip string found */
+ while (data[i] == ' ') /* skip blank(s) */
+ i++;
- if ((dlen - i) >= strlen(okstr)) {
+ if ((dlen - i) >= strlen(okstr)) {
- if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
- alias_rtsp_out(la, pip, link, data, server_port_str);
+ if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
+ alias_rtsp_out(la, pip, link, data, server_port_str);
- }
- }
- }
- }
+ }
+ }
+ }
+ }
}
diff --git a/lib/libalias/alias_util.c b/lib/libalias/alias_util.c
index 1bba075..d7d0b3f 100644
--- a/lib/libalias/alias_util.c
+++ b/lib/libalias/alias_util.c
@@ -61,110 +61,100 @@ purposes);
#include "alias_local.h"
u_short
-LibAliasInternetChecksum(struct libalias *la, u_short *ptr, int nbytes)
+LibAliasInternetChecksum(struct libalias *la, u_short * ptr, int nbytes)
{
- int sum, oddbyte;
-
- sum = 0;
- while (nbytes > 1)
- {
- sum += *ptr++;
- nbytes -= 2;
- }
- if (nbytes == 1)
- {
- oddbyte = 0;
- ((u_char *) &oddbyte)[0] = *(u_char *) ptr;
- ((u_char *) &oddbyte)[1] = 0;
- sum += oddbyte;
- }
- sum = (sum >> 16) + (sum & 0xffff);
- sum += (sum >> 16);
- return(~sum);
+ int sum, oddbyte;
+
+ sum = 0;
+ while (nbytes > 1) {
+ sum += *ptr++;
+ nbytes -= 2;
+ }
+ if (nbytes == 1) {
+ oddbyte = 0;
+ ((u_char *) & oddbyte)[0] = *(u_char *) ptr;
+ ((u_char *) & oddbyte)[1] = 0;
+ sum += oddbyte;
+ }
+ sum = (sum >> 16) + (sum & 0xffff);
+ sum += (sum >> 16);
+ return (~sum);
}
u_short
IpChecksum(struct ip *pip)
{
- return( PacketAliasInternetChecksum((u_short *) pip,
- (pip->ip_hl << 2)) );
+ return (PacketAliasInternetChecksum((u_short *) pip,
+ (pip->ip_hl << 2)));
}
u_short
TcpChecksum(struct ip *pip)
{
- u_short *ptr;
- struct tcphdr *tc;
- int nhdr, ntcp, nbytes;
- int sum, oddbyte;
+ u_short *ptr;
+ struct tcphdr *tc;
+ int nhdr, ntcp, nbytes;
+ int sum, oddbyte;
- nhdr = pip->ip_hl << 2;
- ntcp = ntohs(pip->ip_len) - nhdr;
+ nhdr = pip->ip_hl << 2;
+ ntcp = ntohs(pip->ip_len) - nhdr;
- tc = (struct tcphdr *) ((char *) pip + nhdr);
- ptr = (u_short *) tc;
+ tc = (struct tcphdr *)((char *)pip + nhdr);
+ ptr = (u_short *) tc;
/* Add up TCP header and data */
- nbytes = ntcp;
- sum = 0;
- while (nbytes > 1)
- {
- sum += *ptr++;
- nbytes -= 2;
- }
- if (nbytes == 1)
- {
- oddbyte = 0;
- ((u_char *) &oddbyte)[0] = *(u_char *) ptr;
- ((u_char *) &oddbyte)[1] = 0;
- sum += oddbyte;
- }
-
+ nbytes = ntcp;
+ sum = 0;
+ while (nbytes > 1) {
+ sum += *ptr++;
+ nbytes -= 2;
+ }
+ if (nbytes == 1) {
+ oddbyte = 0;
+ ((u_char *) & oddbyte)[0] = *(u_char *) ptr;
+ ((u_char *) & oddbyte)[1] = 0;
+ sum += oddbyte;
+ }
/* "Pseudo-header" data */
- ptr = (u_short *) &(pip->ip_dst);
- sum += *ptr++;
- sum += *ptr;
- ptr = (u_short *) &(pip->ip_src);
- sum += *ptr++;
- sum += *ptr;
- sum += htons((u_short) ntcp);
- sum += htons((u_short) pip->ip_p);
+ ptr = (u_short *) & (pip->ip_dst);
+ sum += *ptr++;
+ sum += *ptr;
+ ptr = (u_short *) & (pip->ip_src);
+ sum += *ptr++;
+ sum += *ptr;
+ sum += htons((u_short) ntcp);
+ sum += htons((u_short) pip->ip_p);
/* Roll over carry bits */
- sum = (sum >> 16) + (sum & 0xffff);
- sum += (sum >> 16);
+ sum = (sum >> 16) + (sum & 0xffff);
+ sum += (sum >> 16);
/* Return checksum */
- return((u_short) ~sum);
+ return ((u_short) ~ sum);
}
void
-DifferentialChecksum(u_short *cksum, u_short *new, u_short *old, int n)
+DifferentialChecksum(u_short * cksum, u_short * new, u_short * old, int n)
{
- int i;
- int accumulate;
-
- accumulate = *cksum;
- for (i=0; i<n; i++)
- {
- accumulate -= *new++;
- accumulate += *old++;
- }
-
- if (accumulate < 0)
- {
- accumulate = -accumulate;
- accumulate = (accumulate >> 16) + (accumulate & 0xffff);
- accumulate += accumulate >> 16;
- *cksum = (u_short) ~accumulate;
- }
- else
- {
- accumulate = (accumulate >> 16) + (accumulate & 0xffff);
- accumulate += accumulate >> 16;
- *cksum = (u_short) accumulate;
- }
+ int i;
+ int accumulate;
+
+ accumulate = *cksum;
+ for (i = 0; i < n; i++) {
+ accumulate -= *new++;
+ accumulate += *old++;
+ }
+
+ if (accumulate < 0) {
+ accumulate = -accumulate;
+ accumulate = (accumulate >> 16) + (accumulate & 0xffff);
+ accumulate += accumulate >> 16;
+ *cksum = (u_short) ~ accumulate;
+ } else {
+ accumulate = (accumulate >> 16) + (accumulate & 0xffff);
+ accumulate += accumulate >> 16;
+ *cksum = (u_short) accumulate;
+ }
}
-
OpenPOWER on IntegriCloud