diff options
author | ru <ru@FreeBSD.org> | 2000-08-31 12:47:57 +0000 |
---|---|---|
committer | ru <ru@FreeBSD.org> | 2000-08-31 12:47:57 +0000 |
commit | 5feb1713feb5366d159faaad92b078dd47c87625 (patch) | |
tree | 8b7f0af19578b5952d9ee0c470211db4e3a3a198 /lib | |
parent | dd66d6917025a4223f25293d5c217e072449ee17 (diff) | |
download | FreeBSD-src-5feb1713feb5366d159faaad92b078dd47c87625.zip FreeBSD-src-5feb1713feb5366d159faaad92b078dd47c87625.tar.gz |
Create aliasing links for incoming ICMP echo/timestamp requests.
This makes outgoing ICMP echo/timestamp replies to be de-aliased
with the right source IP, not exactly the primary aliasing IP.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libalias/alias.c | 56 | ||||
-rw-r--r-- | lib/libalias/alias_db.c | 15 |
2 files changed, 24 insertions, 47 deletions
diff --git a/lib/libalias/alias.c b/lib/libalias/alias.c index d70efb8..e0e5e7c 100644 --- a/lib/libalias/alias.c +++ b/lib/libalias/alias.c @@ -180,8 +180,8 @@ TcpMonitorOut(struct ip *pip, struct alias_link *link) /* Protocol Specific Packet Aliasing Routines - IcmpAliasIn(), IcmpAliasIn1(), IcmpAliasIn2(), IcmpAliasIn3() - IcmpAliasOut(), IcmpAliasOut1(), IcmpAliasOut2(), IcmpAliasOut3() + IcmpAliasIn(), IcmpAliasIn1(), IcmpAliasIn2() + IcmpAliasOut(), IcmpAliasOut1(), IcmpAliasOut2() ProtoAliasIn(), ProtoAliasOut() UdpAliasIn(), UdpAliasOut() TcpAliasIn(), TcpAliasOut() @@ -222,12 +222,10 @@ the gateway machine or other machines on a local area network. /* Local prototypes */ static int IcmpAliasIn1(struct ip *); static int IcmpAliasIn2(struct ip *); -static int IcmpAliasIn3(struct ip *); static int IcmpAliasIn (struct ip *); static int IcmpAliasOut1(struct ip *); static int IcmpAliasOut2(struct ip *); -static int IcmpAliasOut3(struct ip *); static int IcmpAliasOut (struct ip *); static int ProtoAliasIn(struct ip *); @@ -246,7 +244,8 @@ static int IcmpAliasIn1(struct ip *pip) { /* - De-alias incoming echo and timestamp replies + De-alias incoming echo and timestamp replies. + Alias incoming echo and timestamp requests. */ struct alias_link *link; struct icmp *ic; @@ -301,7 +300,7 @@ IcmpAliasIn2(struct ip *pip) struct alias_link *link; ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); - ip = (struct ip *) ic->icmp_data; + ip = &ic->icmp_ip; ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2)); tc = (struct tcphdr *) ud; @@ -396,21 +395,6 @@ fragment contained in ICMP data section */ return(PKT_ALIAS_IGNORED); } -static int -IcmpAliasIn3(struct ip *pip) -{ - struct in_addr original_address; - - original_address = FindOriginalAddress(pip->ip_dst); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); - pip->ip_dst = original_address; - - return PKT_ALIAS_OK; -} - static int IcmpAliasIn(struct ip *pip) @@ -442,7 +426,7 @@ IcmpAliasIn(struct ip *pip) break; case ICMP_ECHO: case ICMP_TSTAMP: - iresult = IcmpAliasIn3(pip); + iresult = IcmpAliasIn1(pip); break; } return(iresult); @@ -453,7 +437,8 @@ static int IcmpAliasOut1(struct ip *pip) { /* - Alias ICMP echo and timestamp packets + Alias outgoing echo and timestamp requests. + De-alias outgoing echo and timestamp replies. */ struct alias_link *link; struct icmp *ic; @@ -509,7 +494,7 @@ IcmpAliasOut2(struct ip *pip) struct alias_link *link; ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2)); - ip = (struct ip *) ic->icmp_data; + ip = &ic->icmp_ip; ud = (struct udphdr *) ((char *) ip + (ip->ip_hl <<2)); tc = (struct tcphdr *) ud; @@ -606,27 +591,6 @@ fragment contained in ICMP data section */ static int -IcmpAliasOut3(struct ip *pip) -{ -/* - Handle outgoing echo and timestamp replies. The - only thing which is done in this case is to alias - the source IP address of the packet. -*/ - struct in_addr alias_addr; - - alias_addr = FindAliasAddress(pip->ip_src); - DifferentialChecksum(&pip->ip_sum, - (u_short *) &alias_addr, - (u_short *) &pip->ip_src, - 2); - pip->ip_src = alias_addr; - - return PKT_ALIAS_OK; -} - - -static int IcmpAliasOut(struct ip *pip) { int iresult; @@ -656,7 +620,7 @@ IcmpAliasOut(struct ip *pip) break; case ICMP_ECHOREPLY: case ICMP_TSTAMPREPLY: - iresult = IcmpAliasOut3(pip); + iresult = IcmpAliasOut1(pip); } return(iresult); } diff --git a/lib/libalias/alias_db.c b/lib/libalias/alias_db.c index f304c14..0facbaa 100644 --- a/lib/libalias/alias_db.c +++ b/lib/libalias/alias_db.c @@ -1401,9 +1401,22 @@ FindIcmpIn(struct in_addr dst_addr, struct in_addr alias_addr, u_short id_alias) { - return FindLinkIn(dst_addr, alias_addr, + struct alias_link *link; + + link = FindLinkIn(dst_addr, alias_addr, NO_DEST_PORT, id_alias, LINK_ICMP, 0); + if (link == NULL && !(packetAliasMode & PKT_ALIAS_DENY_INCOMING)) + { + struct in_addr target_addr; + + target_addr = FindOriginalAddress(alias_addr); + link = AddLink(target_addr, dst_addr, alias_addr, + id_alias, NO_DEST_PORT, id_alias, + LINK_ICMP); + } + + return (link); } |