Index: sys/netinet/libalias/alias.h =================================================================== --- sys/netinet/libalias/alias.h +++ sys/netinet/libalias/alias.h @@ -89,8 +89,7 @@ void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_hi); void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num); void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port); -unsigned int - LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); +unsigned int LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); void LibAliasUninit(struct libalias *); /* Packet Handling functions. */ @@ -101,23 +100,19 @@ /* Port and address redirection functions. */ -int -LibAliasAddServer(struct libalias *, struct alias_link *_lnk, - struct in_addr _addr, unsigned short _port); -struct alias_link * -LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, - struct in_addr _alias_addr); +int LibAliasAddServer(struct libalias *, struct alias_link *_lnk, + struct in_addr _addr, unsigned short _port); +struct alias_link * LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, + struct in_addr _alias_addr); int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk); void LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk); -struct alias_link * -LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, - unsigned short _src_port, struct in_addr _dst_addr, - unsigned short _dst_port, struct in_addr _alias_addr, - unsigned short _alias_port, unsigned char _proto); -struct alias_link * -LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, - struct in_addr _dst_addr, struct in_addr _alias_addr, - unsigned char _proto); +struct alias_link * LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, + unsigned short _src_port, struct in_addr _dst_addr, + unsigned short _dst_port, struct in_addr _alias_addr, + unsigned short _alias_port, unsigned char _proto); +struct alias_link * LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, + struct in_addr _dst_addr, struct in_addr _alias_addr, + unsigned char _proto); /* Fragment Handling functions. */ void LibAliasFragmentIn(struct libalias *, void *_ptr, void *_ptr_fragment); @@ -126,8 +121,7 @@ /* Miscellaneous functions. */ int LibAliasCheckNewLink(struct libalias *); -unsigned short - LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); +unsigned short LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr); /* Transparent proxying routines. */ Index: sys/netinet/libalias/alias.c =================================================================== --- sys/netinet/libalias/alias.c +++ sys/netinet/libalias/alias.c @@ -146,7 +146,7 @@ #include "alias_mod.h" #endif -/* +/* * Define libalias SYSCTL Node */ #ifdef SYSCTL_NODE @@ -192,7 +192,6 @@ static void TcpMonitorIn(u_char th_flags, struct alias_link *lnk) { - switch (GetStateIn(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -210,7 +209,6 @@ static void TcpMonitorOut(u_char th_flags, struct alias_link *lnk) { - switch (GetStateOut(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -285,21 +283,20 @@ static int TcpAliasIn(struct libalias *, struct ip *); static int TcpAliasOut(struct libalias *, struct ip *, int, int create); -static int -IcmpAliasIn1(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* De-alias incoming echo and timestamp replies. Alias incoming echo and timestamp requests. */ +static int +IcmpAliasIn1(struct libalias *la, struct ip *pip) +{ + LIBALIAS_LOCK_ASSERT(la); struct alias_link *lnk; struct icmp *ic; ic = (struct icmp *)ip_next(pip); -/* Get source address from ICMP data field and restore original data */ + /* Get source address from ICMP data field and restore original data */ lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); if (lnk != NULL) { u_short original_id; @@ -307,15 +304,15 @@ original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= original_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Put original sequence number back in */ + /* Put original sequence number back in */ ic->icmp_id = original_id; -/* Put original address back into IP header */ + /* Put original address back into IP header */ { struct in_addr original_address; @@ -330,15 +327,14 @@ return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasIn2(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* Alias incoming ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasIn2(struct libalias *la, struct ip *pip) +{ + LIBALIAS_LOCK_ASSERT(la); struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; @@ -377,7 +373,7 @@ original_address = GetOriginalAddress(lnk); original_port = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ud->uh_sport; @@ -388,13 +384,14 @@ accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Un-alias address and port number of + * original IP packet fragment contained + * in ICMP data section */ ip->ip_src = original_address; ud->uh_sport = original_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -405,7 +402,7 @@ original_address = GetOriginalAddress(lnk); original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ic2->icmp_id; @@ -416,13 +413,13 @@ accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Un-alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_src = original_address; ic2->icmp_id = original_id; } @@ -444,7 +441,7 @@ if (dlen < ICMP_MINLEN) return (PKT_ALIAS_IGNORED); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -475,20 +472,20 @@ return (iresult); } -static int -IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) -{ /* Alias outgoing echo and timestamp requests. De-alias outgoing echo and timestamp replies. */ +static int +IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) +{ struct alias_link *lnk; struct icmp *ic; LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); -/* Save overwritten data for when echo packet returns */ + /* Save overwritten data for when echo packet returns */ lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create); if (lnk != NULL) { u_short alias_id; @@ -496,15 +493,15 @@ alias_id = GetAliasPort(lnk); -/* Since data field is being modified, adjust ICMP checksum */ + /* Since data field is being modified, adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Alias sequence number */ + /* Alias sequence number */ ic->icmp_id = alias_id; -/* Change source address */ + /* Change source address */ { struct in_addr alias_address; @@ -519,13 +516,13 @@ return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasOut2(struct libalias *la, struct ip *pip) -{ /* Alias outgoing ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasOut2(struct libalias *la, struct ip *pip) +{ struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; @@ -565,24 +562,24 @@ alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ud->uh_dport; accumulate -= alias_port; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original TCP/UDP packet was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original TCP/UDP packet was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Alias address and port number of original IP packet + * fragment contained in ICMP data section */ ip->ip_dst = alias_address; ud->uh_dport = alias_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -593,24 +590,24 @@ alias_address = GetAliasAddress(lnk); alias_id = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ic2->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original ICMP message was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original ICMP message was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_dst = alias_address; ic2->icmp_id = alias_id; } @@ -628,7 +625,7 @@ LIBALIAS_LOCK_ASSERT(la); (void)create; -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -655,20 +652,20 @@ return (iresult); } -static int -ProtoAliasIn(struct libalias *la, struct in_addr ip_src, - struct ip *pip, u_char ip_p, u_short *ip_sum) -{ /* Handle incoming IP packets. The only thing which is done in this case is to alias the dest IP address of the packet to our inside machine. */ +static int +ProtoAliasIn(struct libalias *la, struct in_addr ip_src, + struct ip *pip, u_char ip_p, u_short *ip_sum) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -678,7 +675,7 @@ original_address = GetOriginalAddress(lnk); -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -688,20 +685,20 @@ return (PKT_ALIAS_IGNORED); } -static int -ProtoAliasOut(struct libalias *la, struct ip *pip, - struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) -{ /* Handle outgoing IP packets. The only thing which is done in this case is to alias the source IP address of the packet. */ +static int +ProtoAliasOut(struct libalias *la, struct ip *pip, + struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -714,7 +711,7 @@ alias_address = GetAliasAddress(lnk); -/* Change source address */ + /* Change source address */ DifferentialChecksum(ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -753,8 +750,8 @@ int accumulate; int error; struct alias_data ad = { - .lnk = lnk, - .oaddr = &original_address, + .lnk = lnk, + .oaddr = &original_address, .aaddr = &alias_address, .aport = &alias_port, .sport = &ud->uh_sport, @@ -769,46 +766,48 @@ ud->uh_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, UDP, la, pip, &ad); /* If we cannot figure out the packet, ignore it. */ if (error < 0) return (PKT_ALIAS_IGNORED); -/* If UDP checksum is not zero, then adjust since destination port */ -/* is being unaliased and destination address is being altered. */ + /* If UDP checksum is not zero, then adjust since + * destination port is being unaliased and + * destination address is being altered. */ if (ud->uh_sum != 0) { accumulate = alias_port; accumulate -= ud->uh_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy packet, modify checksum because of source change.*/ - if (proxy_port != 0) { - accumulate += ud->uh_sport; - accumulate -= proxy_port; - } + /* If this is a proxy packet, modify checksum + * because of source change.*/ + if (proxy_port != 0) { + accumulate += ud->uh_sport; + accumulate -= proxy_port; + } - if (proxy_address.s_addr != 0) { + if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); - } + } ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* XXX: Could the two if's below be concatenated to one ? */ -/* Restore source port and/or address in case of proxying*/ - if (proxy_port != 0) - ud->uh_sport = proxy_port; + /* XXX: Could the two if's below be concatenated to one ? */ + /* Restore source port and/or address in case of proxying*/ + if (proxy_port != 0) + ud->uh_sport = proxy_port; - if (proxy_address.s_addr != 0) { - DifferentialChecksum(&pip->ip_sum, - &proxy_address, &pip->ip_src, 2); - pip->ip_src = proxy_address; - } + if (proxy_address.s_addr != 0) { + DifferentialChecksum(&pip->ip_sum, + &proxy_address, &pip->ip_src, 2); + pip->ip_src = proxy_address; + } -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -833,7 +832,7 @@ LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled and not proxyrule found.*/ + /* Return if proxy-only mode is enabled and not proxyrule found.*/ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2); if (dlen < sizeof(struct udphdr)) return (PKT_ALIAS_IGNORED); @@ -842,31 +841,30 @@ if (dlen < ntohs(ud->uh_ulen)) return (PKT_ALIAS_IGNORED); - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, - ud->uh_dport, pip->ip_p); + proxy_type = ProxyCheck(la, &proxy_server_address, &proxy_server_port, + pip->ip_src, pip->ip_dst, ud->uh_dport, pip->ip_p); if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - * then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = ud->uh_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { - int accumulate; + int accumulate; accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + ADJUST_CHECKSUM(accumulate, pip->ip_sum); if (ud->uh_sum != 0) { accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - accumulate += ud->uh_dport; - accumulate -= proxy_server_port; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); + accumulate += ud->uh_dport; + accumulate -= proxy_server_port; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); } pip->ip_dst = proxy_server_address; ud->uh_dport = proxy_server_port; @@ -878,7 +876,7 @@ u_short alias_port; struct in_addr alias_address; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -887,24 +885,24 @@ .maxpktsize = 0 }; -/* Save original destination address, if this is a proxy packet. - * Also modify packet to include destination encoding. This may - * change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination encoding. This may + * change the size of IP header. */ if (proxy_type != 0) { - SetProxyPort(lnk, dest_port); - SetProxyAddress(lnk, dest_address); - ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); - ud = (struct udphdr *)ip_next(pip); - } + SetProxyPort(lnk, dest_port); + SetProxyAddress(lnk, dest_address); + ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); + ud = (struct udphdr *)ip_next(pip); + } alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, UDP, la, pip, &ad); -/* If UDP checksum is not zero, adjust since source port is */ -/* being aliased and source address is being altered */ + /* If UDP checksum is not zero, adjust since source port is */ + /* being aliased and source address is being altered */ if (ud->uh_sum != 0) { int accumulate; @@ -914,10 +912,10 @@ accumulate -= twowords(&alias_address); ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* Put alias port in UDP header */ + /* Put alias port in UDP header */ ud->uh_sport = alias_port; -/* Change source address */ + /* Change source address */ DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -953,14 +951,14 @@ u_short proxy_port; int accumulate, error; - /* - * The init of MANY vars is a bit below, but aliashandlepptpin + /* + * The init of MANY vars is a bit below, but aliashandlepptpin * seems to need the destination port that came within the * packet and not the original one looks below [*]. */ struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = NULL, .aport = NULL, @@ -969,7 +967,7 @@ .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, TCP, la, pip, &ad); alias_address = GetAliasAddress(lnk); @@ -979,8 +977,8 @@ tc->th_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* - * Look above, if anyone is going to add find_handler AFTER + /* + * Look above, if anyone is going to add find_handler AFTER * this aliashandlepptpin/point, please redo alias_data too. * Uncommenting the piece here below should be enough. */ @@ -994,22 +992,22 @@ .dport = &ud->uh_dport, .maxpktsize = 0 }; - + /* Walk out chain. */ error = find_handler(la, pip, &ad); if (error == EHDNOF) printf("Protocol handler not found\n"); #endif -/* Adjust TCP checksum since destination port is being unaliased */ -/* and destination port is being altered. */ + /* Adjust TCP checksum since destination port is being + * unaliased and destination port is being altered. */ accumulate = alias_port; accumulate -= tc->th_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy, then modify the TCP source port and - checksum accumulation */ + /* If this is a proxy, then modify the TCP source port + * and checksum accumulation */ if (proxy_port != 0) { accumulate += tc->th_sport; tc->th_sport = proxy_port; @@ -1017,7 +1015,7 @@ accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); } -/* See if ACK number needs to be modified */ + /* See if ACK number needs to be modified */ if (GetAckModified(lnk) == 1) { int delta; @@ -1031,13 +1029,13 @@ } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Restore original IP address */ + /* Restore original IP address */ accumulate = twowords(&pip->ip_dst); pip->ip_dst = original_address; accumulate -= twowords(&pip->ip_dst); -/* If this is a transparent proxy packet, then modify the source - address */ + /* If this is a transparent proxy packet, + * then modify the source address */ if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); pip->ip_src = proxy_address; @@ -1045,7 +1043,7 @@ } ADJUST_CHECKSUM(accumulate, pip->ip_sum); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorIn(tc->th_flags, lnk); @@ -1074,8 +1072,8 @@ tc = (struct tcphdr *)ip_next(pip); if (create) - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, + proxy_type = ProxyCheck(la, &proxy_server_address, + &proxy_server_port, pip->ip_src, pip->ip_dst, tc->th_dport, pip->ip_p); else proxy_type = 0; @@ -1083,8 +1081,8 @@ if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = tc->th_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { @@ -1112,7 +1110,7 @@ struct in_addr alias_address; int accumulate; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -1121,38 +1119,38 @@ .maxpktsize = maxpacketsize }; -/* Save original destination address, if this is a proxy packet. - Also modify packet to include destination encoding. This may - change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination + * encoding. This may change the size of IP header. */ if (proxy_type != 0) { SetProxyPort(lnk, dest_port); SetProxyAddress(lnk, dest_address); ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); tc = (struct tcphdr *)ip_next(pip); } -/* Get alias address and port */ + /* Get alias address and port */ alias_port = GetAliasPort(lnk); alias_address = GetAliasAddress(lnk); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorOut(tc->th_flags, lnk); - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(OUT, TCP, la, pip, &ad); -/* Adjust TCP checksum since source port is being aliased */ -/* and source address is being altered */ + /* Adjust TCP checksum since source port is being aliased + * and source address is being altered */ accumulate = tc->th_sport; tc->th_sport = alias_port; accumulate -= tc->th_sport; accumulate += twowords(&pip->ip_src); accumulate -= twowords(&alias_address); -/* Modify sequence number if necessary */ + /* Modify sequence number if necessary */ if (GetAckModified(lnk) == 1) { int delta; - + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); if (delta != 0) { @@ -1163,7 +1161,7 @@ } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Change source address */ + /* Change source address */ accumulate = twowords(&pip->ip_src); pip->ip_src = alias_address; accumulate -= twowords(&pip->ip_src); @@ -1259,7 +1257,7 @@ return (iresult); } -void * +void * LibAliasGetFragment(struct libalias *la, void *ptr) { struct alias_link *lnk; @@ -1273,7 +1271,7 @@ GetFragmentPtr(lnk, &fptr); SetFragmentPtr(lnk, NULL); SetExpire(lnk, 0); /* Deletes link */ - } else + } else fptr = NULL; LIBALIAS_UNLOCK(la); @@ -1281,11 +1279,9 @@ } void -LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly - * de-aliased header - * fragment */ - void *ptr_fragment /* Points to fragment which must be - * de-aliased */ +LibAliasFragmentIn(struct libalias *la, + void *ptr, /* Points to correctly de-aliased header fragment */ + void *ptr_fragment /* fragment which must be de-aliased */ ) { struct ip *pip; @@ -1305,10 +1301,10 @@ /* Local prototypes */ static int LibAliasOutLocked(struct libalias *la, struct ip *pip, - int maxpacketsize, int create); + int maxpacketsize, int create); static int LibAliasInLocked(struct libalias *la, struct ip *pip, - int maxpacketsize); + int maxpacketsize); int LibAliasIn(struct libalias *la, void *ptr, int maxpacketsize) @@ -1340,7 +1336,7 @@ /* Defense against mangled packets */ if (ntohs(pip->ip_len) > maxpacketsize || (pip->ip_hl << 2) > maxpacketsize) { - iresult = PKT_ALIAS_IGNORED; + iresult = PKT_ALIAS_IGNORED; goto getout; } @@ -1361,27 +1357,27 @@ iresult = SctpAlias(la, pip, SN_TO_LOCAL); break; #endif - case IPPROTO_GRE: { + case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(IN, IP, la, pip, &ad); if (error == 0) iresult = PKT_ALIAS_OK; else iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); + break; } - break; default: iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); @@ -1449,10 +1445,10 @@ } static int -LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */ - int maxpacketsize, /* How much the packet data may grow (FTP - * and IRC inline changes) */ - int create /* Create new entries ? */ +LibAliasOutLocked(struct libalias *la, + struct ip *pip, /* valid IP packet */ + int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline changes) */ + int create /* Create new entries ? */ ) { int iresult; @@ -1518,23 +1514,23 @@ case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, IP, la, pip, &ad); if (error == 0) - iresult = PKT_ALIAS_OK; - else + iresult = PKT_ALIAS_OK; + else iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); + break; } - break; default: iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); @@ -1550,8 +1546,9 @@ } int -LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ - int maxpacketsize /* for error checking */ +LibAliasUnaliasOut(struct libalias *la, + void *ptr, /* valid IP packet */ + int maxpacketsize /* for error checking */ ) { struct ip *pip; @@ -1673,7 +1670,7 @@ for (;;) { fgets(buf, 256, fd); - if (feof(fd)) + if (feof(fd)) break; len = strlen(buf); if (len > 1) { @@ -1739,10 +1736,10 @@ struct proto_handler *p; /* Unload all modules then reload everything. */ - while ((p = first_handler()) != NULL) { + while ((p = first_handler()) != NULL) { LibAliasDetachHandlers(p); } - while ((t = walk_dll_chain()) != NULL) { + while ((t = walk_dll_chain()) != NULL) { dlclose(t->handle); free(t); } Index: sys/netinet/libalias/alias_db.c =================================================================== --- sys/netinet/libalias/alias_db.c +++ sys/netinet/libalias/alias_db.c @@ -158,13 +158,13 @@ #include #include #include -#include +#include #endif #include #include -#ifdef _KERNEL +#ifdef _KERNEL #include #include #include @@ -175,7 +175,7 @@ #include "alias_mod.h" #endif -static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); +static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); /* Constants (note: constants are also defined @@ -251,41 +251,45 @@ port and link type. */ -struct ack_data_record { /* used to save changes to ACK/sequence - * numbers */ +/* used to save changes to ACK/sequence numbers */ +struct ack_data_record { u_long ack_old; u_long ack_new; int delta; int active; }; -struct tcp_state { /* Information about TCP connection */ - int in; /* State for outside -> inside */ - int out; /* State for inside -> outside */ - int index; /* Index to ACK data array */ - int ack_modified; /* Indicates whether ACK and - * sequence numbers */ - /* been modified */ +/* Information about TCP connection */ +struct tcp_state { + int in; /* State for outside -> inside */ + int out; /* State for inside -> outside */ + int index; /* Index to ACK data array */ + /* Indicates whether ACK and sequence numbers been modified */ + int ack_modified; }; -#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes - * saved for a modified TCP stream */ +/* Number of distinct ACK number changes + * saved for a modified TCP stream */ +#define N_LINK_TCP_DATA 3 struct tcp_dat { struct tcp_state state; struct ack_data_record ack[N_LINK_TCP_DATA]; - int fwhole; /* Which firewall record is used for this - * hole? */ + /* Which firewall record is used for this hole? */ + int fwhole; }; -struct server { /* LSNAT server pool (circular list) */ +/* LSNAT server pool (circular list) */ +struct server { struct in_addr addr; u_short port; struct server *next; }; -struct alias_link { /* Main data structure */ +/* Main data structure */ +struct alias_link { struct libalias *la; - struct in_addr src_addr; /* Address and port information */ + /* Address and port information */ + struct in_addr src_addr; struct in_addr dst_addr; struct in_addr alias_addr; struct in_addr proxy_addr; @@ -294,10 +298,8 @@ u_short alias_port; u_short proxy_port; struct server *server; - - int link_type; /* Type of link: TCP, UDP, ICMP, - * proto, frag */ - + /* Type of link: TCP, UDP, ICMP, proto, frag */ + int link_type; /* values for link_type */ #define LINK_ICMP IPPROTO_ICMP #define LINK_UDP IPPROTO_UDP @@ -307,9 +309,8 @@ #define LINK_ADDR (IPPROTO_MAX + 3) #define LINK_PPTP (IPPROTO_MAX + 4) - int flags; /* indicates special characteristics */ + int flags; /* indicates special characteristics */ int pflags; /* protocol-specific flags */ - /* flag bits */ #define LINK_UNKNOWN_DEST_PORT 0x01 #define LINK_UNKNOWN_DEST_ADDR 0x02 @@ -317,21 +318,20 @@ #define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */ #define LINK_UNFIREWALLED 0x08 - int timestamp; /* Time link was last accessed */ - int expire_time; /* Expire time for link */ + int timestamp; /* Time link was last accessed */ + int expire_time; /* Expire time for link */ #ifndef NO_USE_SOCKETS - int sockfd; /* socket descriptor */ + int sockfd; /* socket descriptor */ #endif - LIST_ENTRY (alias_link) list_out; /* Linked list of - * pointers for */ - LIST_ENTRY (alias_link) list_in; /* input and output - * lookup tables */ - - union { /* Auxiliary data */ + /* Linked list of pointers for input and output lookup tables */ + LIST_ENTRY (alias_link) list_out; + LIST_ENTRY (alias_link) list_in; + /* Auxiliary data */ + union { char *frag_ptr; struct in_addr frag_addr; struct tcp_dat *tcp; - } data; + } data; }; /* Clean up procedure. */ @@ -346,7 +346,6 @@ static int alias_mod_handler(module_t mod, int type, void *data) { - switch (type) { case MOD_QUIESCE: case MOD_UNLOAD: @@ -400,9 +399,9 @@ static int InitPacketAliasLog(struct libalias *); static void UninitPacketAliasLog(struct libalias *); -void SctpShowAliasStats(struct libalias *la); +void SctpShowAliasStats(struct libalias *la); -static u_int +static u_int StartPointIn(struct in_addr alias_addr, u_short alias_port, int link_type) @@ -416,7 +415,7 @@ return (n % LINK_TABLE_IN_SIZE); } -static u_int +static u_int StartPointOut(struct in_addr src_addr, struct in_addr dst_addr, u_short src_port, u_short dst_port, int link_type) { @@ -436,21 +435,17 @@ static int SeqDiff(u_long x, u_long y) { -/* Return the difference between two TCP sequence numbers */ - -/* - This function is encapsulated in case there are any unusual - arithmetic conditions that need to be considered. -*/ - +/* Return the difference between two TCP sequence numbers + * This function is encapsulated in case there are any unusual + * arithmetic conditions that need to be considered. + */ return (ntohl(y) - ntohl(x)); } #ifdef _KERNEL - static void AliasLog(char *str, const char *format, ...) -{ +{ va_list ap; va_start(ap, format); @@ -473,35 +468,34 @@ static void ShowAliasStats(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); -/* Used for debugging */ + /* Used for debugging */ if (la->logDesc) { - int tot = la->icmpLinkCount + la->udpLinkCount + - (la->sctpLinkCount>>1) + /* sctp counts half associations */ - la->tcpLinkCount + la->pptpLinkCount + - la->protoLinkCount + la->fragmentIdLinkCount + - la->fragmentPtrLinkCount; - + int tot = la->icmpLinkCount + la->udpLinkCount + + (la->sctpLinkCount>>1) + /* sctp counts half associations */ + la->tcpLinkCount + la->pptpLinkCount + + la->protoLinkCount + la->fragmentIdLinkCount + + la->fragmentPtrLinkCount; + AliasLog(la->logDesc, - "icmp=%u, udp=%u, tcp=%u, sctp=%u, pptp=%u, proto=%u, frag_id=%u frag_ptr=%u / tot=%u", - la->icmpLinkCount, - la->udpLinkCount, - la->tcpLinkCount, - la->sctpLinkCount>>1, /* sctp counts half associations */ - la->pptpLinkCount, - la->protoLinkCount, - la->fragmentIdLinkCount, - la->fragmentPtrLinkCount, tot); + "icmp=%u, udp=%u, tcp=%u, sctp=%u, pptp=%u, proto=%u, frag_id=%u frag_ptr=%u / tot=%u", + la->icmpLinkCount, + la->udpLinkCount, + la->tcpLinkCount, + la->sctpLinkCount>>1, /* sctp counts half associations */ + la->pptpLinkCount, + la->protoLinkCount, + la->fragmentIdLinkCount, + la->fragmentPtrLinkCount, + tot); #ifndef _KERNEL - AliasLog(la->logDesc, " (sock=%u)\n", la->sockCount); + AliasLog(la->logDesc, " (sock=%u)\n", la->sockCount); #endif } } void SctpShowAliasStats(struct libalias *la) { - ShowAliasStats(la); } @@ -532,9 +526,7 @@ static u_short GetSocket(struct libalias *, u_short, int *, int); #endif static void CleanupAliasData(struct libalias *); - static void IncrementalCleanup(struct libalias *); - static void DeleteLink(struct alias_link *); static struct alias_link * @@ -543,10 +535,10 @@ u_short, u_short, int, int); static struct alias_link * - FindLinkOut (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); +FindLinkOut(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); static struct alias_link * - FindLinkIn (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); +FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); #define ALIAS_PORT_BASE 0x08000 #define ALIAS_PORT_MASK 0x07fff @@ -569,16 +561,15 @@ u_short port_net; LIBALIAS_LOCK_ASSERT(la); -/* - Description of alias_port_param for GetNewPort(). When - this parameter is zero or positive, it precisely specifies - the port number. GetNewPort() will return this number - without check that it is in use. - - When this parameter is GET_ALIAS_PORT, it indicates to get a randomly - selected port number. -*/ + /* + * Description of alias_port_param for GetNewPort(). When + * this parameter is zero or positive, it precisely specifies + * the port number. GetNewPort() will return this number + * without check that it is in use. + * When this parameter is GET_ALIAS_PORT, it indicates to get + * a randomly selected port number. + */ if (alias_port_param == GET_ALIAS_PORT) { /* * The aliasing port is automatically selected by one of @@ -617,7 +608,7 @@ return (-1); } -/* Port number search */ + /* Port number search */ for (i = 0; i < max_trials; i++) { int go_ahead; struct alias_link *search_result; @@ -779,7 +770,7 @@ port_sys += ALIAS_PORT_BASE; } -/* Port number search */ + /* Port number search */ for (i = 0; i < max_trials; i++) { struct alias_link *search_result; @@ -851,16 +842,16 @@ struct libalias *la = lnk->la; LIBALIAS_LOCK_ASSERT(la); -/* Don't do anything if the link is marked permanent */ + /* Don't do anything if the link is marked permanent */ if (la->deleteAllLinks == 0 && lnk->flags & LINK_PERMANENT) return; #ifndef NO_FW_PUNCH -/* Delete associated firewall hole, if any */ + /* Delete associated firewall hole, if any */ ClearFWHole(lnk); #endif -/* Free memory allocated for LSNAT server pool */ + /* Free memory allocated for LSNAT server pool */ if (lnk->server != NULL) { struct server *head, *curr, *next; @@ -870,19 +861,19 @@ free(curr); } while ((curr = next) != head); } -/* Adjust output table pointers */ + /* Adjust output table pointers */ LIST_REMOVE(lnk, list_out); -/* Adjust input table pointers */ + /* Adjust input table pointers */ LIST_REMOVE(lnk, list_in); #ifndef NO_USE_SOCKETS -/* Close socket, if one has been allocated */ + /* Close socket, if one has been allocated */ if (lnk->sockfd != -1) { la->sockCount--; close(lnk->sockfd); } #endif -/* Link-type dependent cleanup */ + /* Link-type dependent cleanup */ switch (lnk->link_type) { case LINK_ICMP: la->icmpLinkCount--; @@ -912,10 +903,10 @@ break; } -/* Free memory */ + /* Free memory */ free(lnk); -/* Write statistics, if logging enabled */ + /* Write statistics, if logging enabled */ if (la->packetAliasMode & PKT_ALIAS_LOG) { ShowAliasStats(la); } @@ -1057,6 +1048,10 @@ return (lnk); } +/* + * If alias_port_param is less than zero, alias port will be automatically + * chosen. If greater than zero, equal to alias port + */ static struct alias_link * ReLink(struct alias_link *old_lnk, struct in_addr src_addr, @@ -1064,11 +1059,10 @@ struct in_addr alias_addr, u_short src_port, u_short dst_port, - int alias_port_param, /* if less than zero, alias */ + int alias_port_param, int link_type) -{ /* port will be automatically *//* chosen. - * If greater than */ - struct alias_link *new_lnk; /* zero, equal to alias port */ +{ + struct alias_link *new_lnk; struct libalias *la = old_lnk->la; LIBALIAS_LOCK_ASSERT(la); @@ -1111,7 +1105,7 @@ } } -/* Search for partially specified links. */ + /* Search for partially specified links. */ if (lnk == NULL && replace_partial_links) { if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY) { lnk = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, @@ -1182,22 +1176,21 @@ struct alias_link *lnk_unknown_dst_port; LIBALIAS_LOCK_ASSERT(la); -/* Initialize pointers */ + /* Initialize pointers */ lnk_fully_specified = NULL; lnk_unknown_all = NULL; lnk_unknown_dst_addr = NULL; lnk_unknown_dst_port = NULL; -/* If either the dest addr or port is unknown, the search - loop will have to know about this. */ - + /* If either the dest addr or port is unknown, the search + * loop will have to know about this. */ flags_in = 0; if (dst_addr.s_addr == INADDR_ANY) flags_in |= LINK_UNKNOWN_DEST_ADDR; if (dst_port == 0) flags_in |= LINK_UNKNOWN_DEST_PORT; -/* Search loop */ + /* Search loop */ start_point = StartPointIn(alias_addr, alias_port, link_type); LIST_FOREACH(lnk, &la->linkTableIn[start_point], list_in) { int flags; @@ -1390,13 +1383,11 @@ return (lnk); } +/* Doesn't add a link if one is not found. */ struct alias_link * -FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if - * one */ - struct in_addr alias_addr, /* is not found. */ - u_short ip_id) +FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, + struct in_addr alias_addr, u_short ip_id) { - LIBALIAS_LOCK_ASSERT(la); return FindLinkIn(la, dst_addr, alias_addr, NO_DEST_PORT, ip_id, @@ -1407,7 +1398,6 @@ AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { - LIBALIAS_LOCK_ASSERT(la); return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, NO_SRC_PORT, NO_DEST_PORT, ip_id, @@ -1418,7 +1408,6 @@ FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { - LIBALIAS_LOCK_ASSERT(la); return FindLinkIn(la, dst_addr, la->nullAddress, NO_DEST_PORT, ip_id, @@ -1855,7 +1844,6 @@ struct in_addr GetDefaultAliasAddress(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); return (la->aliasAddress); } @@ -1863,7 +1851,6 @@ void SetDefaultAliasAddress(struct libalias *la, struct in_addr alias_addr) { - LIBALIAS_LOCK_ASSERT(la); la->aliasAddress = alias_addr; } @@ -1927,16 +1914,15 @@ return (lnk->data.tcp->state.ack_modified); } +/* + * Find out how much the ACK number has been altered for an + * incoming TCP packet. To do this, a circular list of ACK + * numbers where the TCP packet size was altered is searched. + */ // XXX ip free int GetDeltaAckIn(u_long ack, struct alias_link *lnk) { -/* -Find out how much the ACK number has been altered for an incoming -TCP packet. To do this, a circular list of ACK numbers where the TCP -packet size was altered is searched. -*/ - int i, j; int delta, ack_diff_min; @@ -1970,16 +1956,15 @@ return (delta); } +/* + * Find out how much the sequence number has been altered for an + * outgoing TCP packet. To do this, a circular list of ACK numbers + * where the TCP packet size was altered is searched. + */ // XXX ip free int GetDeltaSeqOut(u_long seq, struct alias_link *lnk) { -/* -Find out how much the sequence number has been altered for an outgoing -TCP packet. To do this, a circular list of ACK numbers where the TCP -packet size was altered is searched. -*/ - int i, j; int delta, seq_diff_min; @@ -2013,17 +1998,16 @@ return (delta); } +/* + * When a TCP packet has been altered in length, save this + * information in a circular list. If enough packets have been + * altered, then this list will begin to overwrite itself. + */ // XXX ip free void -AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len, +AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len, u_long th_seq, u_int th_off) { -/* -When a TCP packet has been altered in length, save this -information in a circular list. If enough packets have -been altered, then this list will begin to overwrite itself. -*/ - struct ack_data_record x; int hlen, tlen, dlen; int i; @@ -2068,7 +2052,6 @@ void ClearCheckNewLink(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); la->newDefaultLink = 0; } @@ -2076,14 +2059,12 @@ void SetProtocolFlags(struct alias_link *lnk, int pflags) { - lnk->pflags = pflags; } int GetProtocolFlags(struct alias_link *lnk) { - return (lnk->pflags); } @@ -2160,17 +2141,16 @@ static int InitPacketAliasLog(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); if (~la->packetAliasMode & PKT_ALIAS_LOG) { #ifdef _KERNEL if ((la->logDesc = malloc(LIBALIAS_BUF_SIZE))) ; -#else +#else if ((la->logDesc = fopen("/var/log/alias.log", "w"))) - fprintf(la->logDesc, "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); + fprintf(la->logDesc, "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); #endif - else + else return (ENOMEM); /* log initialization failed */ la->packetAliasMode |= PKT_ALIAS_LOG; } @@ -2182,7 +2162,6 @@ static void UninitPacketAliasLog(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); if (la->logDesc) { #ifdef _KERNEL @@ -2374,12 +2353,11 @@ return (res); } +/* This is a dangerous function to put in the API, + because an invalid pointer can crash the program. */ void LibAliasRedirectDelete(struct libalias *la, struct alias_link *lnk) { -/* This is a dangerous function to put in the API, - because an invalid pointer can crash the program. */ - LIBALIAS_LOCK(la); la->deleteAllLinks = 1; DeleteLink(lnk); @@ -2390,7 +2368,6 @@ void LibAliasSetAddress(struct libalias *la, struct in_addr addr) { - LIBALIAS_LOCK(la); if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE && la->aliasAddress.s_addr != addr.s_addr) @@ -2405,7 +2382,6 @@ LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_high) { - LIBALIAS_LOCK(la); la->aliasPortLower = port_low; /* Add 1 to the aliasPortLength as modulo has range of 1 to n-1 */ @@ -2416,7 +2392,6 @@ void LibAliasSetTarget(struct libalias *la, struct in_addr target_addr) { - LIBALIAS_LOCK(la); la->targetAddress = target_addr; LIBALIAS_UNLOCK(la); @@ -2425,7 +2400,6 @@ static void finishoff(void) { - while (!LIST_EMPTY(&instancehead)) LibAliasUninit(LIST_FIRST(&instancehead)); } @@ -2448,7 +2422,8 @@ return (la); #endif -#ifndef _KERNEL /* kernel cleans up on module unload */ +#ifndef _KERNEL + /* kernel cleans up on module unload */ if (LIST_EMPTY(&instancehead)) atexit(finishoff); #endif @@ -2516,7 +2491,6 @@ void LibAliasUninit(struct libalias *la) { - LIBALIAS_LOCK(la); #ifdef _KERNEL AliasSctpTerm(la); @@ -2546,28 +2520,24 @@ int res = -1; LIBALIAS_LOCK(la); -/* Enable logging? */ if (flags & mask & PKT_ALIAS_LOG) { - /* Do the enable */ + /* Enable logging */ if (InitPacketAliasLog(la) == ENOMEM) goto getout; - } else -/* _Disable_ logging? */ - if (~flags & mask & PKT_ALIAS_LOG) { + } else if (~flags & mask & PKT_ALIAS_LOG) + /* _Disable_ logging */ UninitPacketAliasLog(la); - } + #ifndef NO_FW_PUNCH -/* Start punching holes in the firewall? */ - if (flags & mask & PKT_ALIAS_PUNCH_FW) { + if (flags & mask & PKT_ALIAS_PUNCH_FW) + /* Start punching holes in the firewall? */ InitPunchFW(la); - } else -/* Stop punching holes in the firewall? */ - if (~flags & mask & PKT_ALIAS_PUNCH_FW) { + else if (~flags & mask & PKT_ALIAS_PUNCH_FW) + /* Stop punching holes in the firewall? */ UninitPunchFW(la); - } #endif -/* Other flags can be set/cleared without special action */ + /* Other flags can be set/cleared without special action */ la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask); res = la->packetAliasMode; getout: @@ -2671,14 +2641,14 @@ static void ClearAllFWHoles(struct libalias *la); -#define fw_setfield(la, field, num) \ -do { \ - (field)[(num) - la->fireWallBaseNum] = 1; \ +#define fw_setfield(la, field, num) \ +do { \ + (field)[(num) - la->fireWallBaseNum] = 1; \ } /*lint -save -e717 */ while(0)/* lint -restore */ -#define fw_clrfield(la, field, num) \ -do { \ - (field)[(num) - la->fireWallBaseNum] = 0; \ +#define fw_clrfield(la, field, num) \ +do { \ + (field)[(num) - la->fireWallBaseNum] = 0; \ } /*lint -save -e717 */ while(0)/* lint -restore */ #define fw_tstfield(la, field, num) ((field)[(num) - la->fireWallBaseNum]) @@ -2686,7 +2656,6 @@ static void InitPunchFW(struct libalias *la) { - la->fireWallField = malloc(la->fireWallNumNums); if (la->fireWallField) { memset(la->fireWallField, 0, la->fireWallNumNums); @@ -2701,7 +2670,6 @@ static void UninitPunchFW(struct libalias *la) { - ClearAllFWHoles(la); if (la->fireWallFD >= 0) close(la->fireWallFD); @@ -2723,7 +2691,7 @@ la = lnk->la; -/* Don't do anything unless we are asked to */ + /* Don't do anything unless we are asked to */ if (!(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) || la->fireWallFD < 0 || lnk->link_type != LINK_TCP) @@ -2731,7 +2699,7 @@ memset(&rule, 0, sizeof rule); -/** Build rule **/ + /** Build rule **/ /* Find empty slot */ for (fwhole = la->fireWallActiveNum; @@ -2782,7 +2750,7 @@ err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); } -/* Indicate hole applied */ + /* Indicate hole applied */ lnk->data.tcp->fwhole = fwhole; fw_setfield(la, la->fireWallField, fwhole); } @@ -2796,8 +2764,7 @@ la = lnk->la; if (lnk->link_type == LINK_TCP) { - int fwhole = lnk->data.tcp->fwhole; /* Where is the firewall - * hole? */ + int fwhole = lnk->data.tcp->fwhole; /* Where is the firewall hole? */ struct ip_fw rule; if (fwhole < 0) @@ -2836,7 +2803,6 @@ void LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num) { - LIBALIAS_LOCK(la); #ifndef NO_FW_PUNCH la->fireWallBaseNum = base; @@ -2848,7 +2814,6 @@ void LibAliasSetSkinnyPort(struct libalias *la, unsigned int port) { - LIBALIAS_LOCK(la); la->skinnyPort = port; LIBALIAS_UNLOCK(la); @@ -2867,15 +2832,18 @@ lnk = FindLinkIn(la, sm->ip_hdr->ip_src, sm->ip_hdr->ip_dst, sm->sctp_hdr->dest_port,sm->sctp_hdr->dest_port, LINK_SCTP, 1); if (lnk != NULL) { - return(lnk->src_addr); /* port redirect */ + /* port redirect */ + return(lnk->src_addr); } else { redir = FindOriginalAddress(la,sm->ip_hdr->ip_dst); if (redir.s_addr == la->aliasAddress.s_addr || - redir.s_addr == la->targetAddress.s_addr) { /* No address found */ + redir.s_addr == la->targetAddress.s_addr) { + /* No address found */ lnk = FindLinkIn(la, sm->ip_hdr->ip_src, sm->ip_hdr->ip_dst, NO_DEST_PORT, 0, LINK_SCTP, 1); if (lnk != NULL) - return(lnk->src_addr); /* redirect proto */ + /* redirect proto */ + return(lnk->src_addr); } return(redir); /* address redirect */ } Index: sys/netinet/libalias/alias_dummy.c =================================================================== --- sys/netinet/libalias/alias_dummy.c +++ sys/netinet/libalias/alias_dummy.c @@ -64,7 +64,6 @@ static int fingerprint(struct libalias *la, struct alias_data *ah) { - /* * Check here all the data that will be used later, if any field * is empy/NULL, return a -1 value. @@ -90,7 +89,6 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleDummy(la, pip, ah); return (0); } @@ -119,7 +117,7 @@ { int error; - switch (type) { + switch (type) { case MOD_LOAD: error = 0; LibAliasAttachHandlers(handlers); Index: sys/netinet/libalias/alias_ftp.c =================================================================== --- sys/netinet/libalias/alias_ftp.c +++ sys/netinet/libalias/alias_ftp.c @@ -109,7 +109,6 @@ static int fingerprint_out(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || ah->maxpktsize == 0) return (-1); @@ -122,7 +121,6 @@ static int fingerprint_in(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL) return (-1); if (ntohs(*ah->dport) == FTP_CONTROL_PORT_NUMBER || @@ -134,7 +132,6 @@ static int protohandler_out(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleFtpOut(la, pip, ah->lnk, ah->maxpktsize); return (0); } @@ -142,7 +139,6 @@ static int protohandler_in(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleFtpIn(la, pip, ah->lnk); return (0); } @@ -170,7 +166,7 @@ { int error; - switch (type) { + switch (type) { case MOD_LOAD: error = 0; LibAliasAttachHandlers(handlers); @@ -224,43 +220,39 @@ struct ip *pip, /* IP packet to examine/patch */ struct alias_link *lnk, /* The link to go through (aliased port) */ int maxpacketsize /* The maximum size this packet can grow to - (including headers) */ ) + (including headers) */ ) { int hlen, tlen, dlen, pflags; char *sptr; struct tcphdr *tc; int ftp_message_type; -/* Calculate data length of TCP packet */ + /* Calculate data length of TCP packet */ tc = (struct tcphdr *)ip_next(pip); hlen = (pip->ip_hl + tc->th_off) << 2; tlen = ntohs(pip->ip_len); dlen = tlen - hlen; -/* Place string pointer and beginning of data */ + /* Place string pointer and beginning of data */ sptr = (char *)pip; sptr += hlen; -/* - * Check that data length is not too long and previous message was - * properly terminated with CRLF. - */ + /* + * Check that data length is not too long and previous message was + * properly terminated with CRLF. + */ pflags = GetProtocolFlags(lnk); if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) { ftp_message_type = FTP_UNKNOWN_MESSAGE; if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) { -/* - * When aliasing a client, check for the PORT/EPRT command. - */ + /* When aliasing a client, check for the PORT/EPRT command. */ if (ParseFtpPortCommand(la, sptr, dlen)) ftp_message_type = FTP_PORT_COMMAND; else if (ParseFtpEprtCommand(la, sptr, dlen)) ftp_message_type = FTP_EPRT_COMMAND; } else { -/* - * When aliasing a server, check for the 227/229 reply. - */ + /* When aliasing a server, check for the 227/229 reply. */ if (ParseFtp227Reply(la, sptr, dlen)) ftp_message_type = FTP_227_REPLY; else if (ParseFtp229Reply(la, sptr, dlen)) { @@ -272,12 +264,11 @@ if (ftp_message_type != FTP_UNKNOWN_MESSAGE) NewFtpMessage(la, pip, lnk, maxpacketsize, ftp_message_type); } -/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */ - if (dlen) { /* only if there's data */ + /* Track the msgs which are CRLF term'd for PORT/PASV FW breach */ + if (dlen) { /* only if there's data */ sptr = (char *)pip; /* start over at beginning */ - tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may - * have grown */ + tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */ if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n') pflags &= ~WAIT_CRLF; else @@ -327,8 +318,7 @@ if (dlen) { sptr = (char *)pip; /* start over at beginning */ tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may - * have grown. - */ + * have grown. */ if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n') pflags &= ~WAIT_CRLF; else @@ -650,7 +640,7 @@ { struct alias_link *ftp_lnk; -/* Security checks. */ + /* Security checks. */ if (pip->ip_src.s_addr != la->true_addr.s_addr) return; @@ -671,13 +661,13 @@ PunchFWHole(ftp_lnk); #endif -/* Calculate data length of TCP packet */ + /* Calculate data length of TCP packet */ tc = (struct tcphdr *)ip_next(pip); hlen = (pip->ip_hl + tc->th_off) << 2; tlen = ntohs(pip->ip_len); dlen = tlen - hlen; -/* Create new FTP message. */ + /* Create new FTP message. */ { char stemp[MAX_MESSAGE_SIZE + 1]; char *sptr; @@ -686,7 +676,7 @@ int a1, a2, a3, a4, p1, p2; struct in_addr alias_address; -/* Decompose alias address into quad format */ + /* Decompose alias address into quad format */ alias_address = GetAliasAddress(lnk); ptr = (u_char *) & alias_address.s_addr; a1 = *ptr++; @@ -696,7 +686,7 @@ alias_port = GetAliasPort(ftp_lnk); -/* Prepare new command */ + /* Prepare new command */ switch (ftp_message_type) { case FTP_PORT_COMMAND: case FTP_227_REPLY: @@ -728,27 +718,27 @@ break; } -/* Save string length for IP header modification */ + /* Save string length for IP header modification */ slen = strlen(stemp); -/* Copy modified buffer into IP packet. */ + /* Copy modified buffer into IP packet. */ sptr = (char *)pip; sptr += hlen; strncpy(sptr, stemp, maxpacketsize - hlen); } -/* Save information regarding modified seq and ack numbers */ + /* Save information regarding modified seq and ack numbers */ { int delta; SetAckModified(lnk); - tc = (struct tcphdr *)ip_next(pip); + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); - AddSeq(lnk, delta + slen - dlen, pip->ip_hl, + AddSeq(lnk, delta + slen - dlen, pip->ip_hl, pip->ip_len, tc->th_seq, tc->th_off); } -/* Revise IP header */ + /* Revise IP header */ { u_short new_len; @@ -761,7 +751,7 @@ pip->ip_len = new_len; } -/* Compute TCP checksum for revised packet */ + /* Compute TCP checksum for revised packet */ tc->th_sum = 0; #ifdef _KERNEL tc->th_x2 = 1; Index: sys/netinet/libalias/alias_irc.c =================================================================== --- sys/netinet/libalias/alias_irc.c +++ sys/netinet/libalias/alias_irc.c @@ -91,13 +91,12 @@ #define DBprintf(a) static void -AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *, - int maxpacketsize); +AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *, + int maxpacketsize); static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->lnk == NULL || ah->maxpktsize == 0) return (-1); if (ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_1 @@ -109,7 +108,6 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - newpacket = malloc(PKTSIZE); if (newpacket) { AliasHandleIrcOut(la, pip, ah->lnk, ah->maxpktsize); @@ -178,7 +176,7 @@ struct tcphdr *tc; int i; /* Iterator through the source */ -/* Calculate data length of TCP packet */ + /* Calculate data length of TCP packet */ tc = (struct tcphdr *)ip_next(pip); hlen = (pip->ip_hl + tc->th_off) << 2; tlen = ntohs(pip->ip_len); @@ -191,7 +189,7 @@ if (dlen < (int)sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a") - 1) return; -/* Place string pointer at beginning of data */ + /* Place string pointer at beginning of data */ sptr = (char *)pip; sptr += hlen; maxsize -= hlen; /* We're interested in maximum size of @@ -204,7 +202,7 @@ } return; /* No CTCP commands in */ /* Handle CTCP commands - the buffer may have to be copied */ -lFOUND_CTCP: + lFOUND_CTCP: { unsigned int copyat = i; unsigned int iCopy = 0; /* How much data have we written to @@ -213,7 +211,7 @@ unsigned short org_port; /* Original source port * address */ -lCTCP_START: + lCTCP_START: if (i >= dlen || iCopy >= PKTSIZE) goto lPACKET_DONE; newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start @@ -413,7 +411,7 @@ * has been pushed. Also used to copy the rest of a DCC, * after IP address and port has been handled */ -lBAD_CTCP: + lBAD_CTCP: for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) { newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ if (sptr[i] == '\001') { @@ -422,7 +420,7 @@ } goto lPACKET_DONE; /* Normal text */ -lNORMAL_TEXT: + lNORMAL_TEXT: for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) { newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ if (sptr[i] == '\001') { @@ -430,16 +428,16 @@ } } /* Handle the end of a packet */ -lPACKET_DONE: + lPACKET_DONE: iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy; memcpy(sptr + copyat, newpacket, iCopy); -/* Save information regarding modified seq and ack numbers */ + /* Save information regarding modified seq and ack numbers */ { int delta; SetAckModified(lnk); - tc = (struct tcphdr *)ip_next(pip); + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); AddSeq(lnk, delta + copyat + iCopy - dlen, pip->ip_hl, pip->ip_len, tc->th_seq, tc->th_off); @@ -469,20 +467,20 @@ } /* Notes: - [Note 1] - The initial search will most often fail; it could be replaced with a 32-bit specific search. - Such a search would be done for 32-bit unsigned value V: - V ^= 0x01010101; (Search is for null bytes) - if( ((V-0x01010101)^V) & 0x80808080 ) { + [Note 1] + The initial search will most often fail; it could be replaced with a 32-bit specific search. + Such a search would be done for 32-bit unsigned value V: + V ^= 0x01010101; (Search is for null bytes) + if( ((V-0x01010101)^V) & 0x80808080 ) { (found a null bytes which was a 01 byte) - } - To assert that the processor is 32-bits, do + } + To assert that the processor is 32-bits, do extern int ircdccar[32]; (32 bits) extern int ircdccar[CHAR_BIT*sizeof(unsigned int)]; - which will generate a type-error on all but 32-bit machines. + which will generate a type-error on all but 32-bit machines. - [Note 2] This routine really ought to be replaced with one that - creates a transparent proxy on the aliasing host, to allow arbitrary - changes in the TCP stream. This should not be too difficult given - this base; I (ee) will try to do this some time later. - */ + [Note 2] This routine really ought to be replaced with one that + creates a transparent proxy on the aliasing host, to allow arbitrary + changes in the TCP stream. This should not be too difficult given + this base; I (ee) will try to do this some time later. +*/ Index: sys/netinet/libalias/alias_local.h =================================================================== --- sys/netinet/libalias/alias_local.h +++ sys/netinet/libalias/alias_local.h @@ -66,8 +66,8 @@ #endif /* Sizes of input and output link tables */ -#define LINK_TABLE_OUT_SIZE 4001 -#define LINK_TABLE_IN_SIZE 4001 +#define LINK_TABLE_OUT_SIZE 4001 +#define LINK_TABLE_IN_SIZE 4001 #define GET_ALIAS_PORT -1 #define GET_ALIAS_ID GET_ALIAS_PORT @@ -82,30 +82,21 @@ struct libalias { LIST_ENTRY(libalias) instancelist; - - int packetAliasMode; /* Mode flags */ - /* - documented in alias.h */ - - struct in_addr aliasAddress; /* Address written onto source */ - /* field of IP packet. */ - - struct in_addr targetAddress; /* IP address incoming packets */ - /* are sent to if no aliasing */ - /* link already exists */ - - struct in_addr nullAddress; /* Used as a dummy parameter for */ - /* some function calls */ - - LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; - /* Lookup table of pointers to */ - /* chains of link records. Each */ - - LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; - /* link record is doubly indexed */ - /* into input and output lookup */ - /* tables. */ - - /* Link statistics */ + /* Mode flags documented in alias.h */ + int packetAliasMode; + /* Address written onto source field of IP packet. */ + struct in_addr aliasAddress; + /* IP address incoming packets are sent to + * if no aliasing link already exists */ + struct in_addr targetAddress; + /* Used as a dummy parameter for some function calls */ + struct in_addr nullAddress; + /* Lookup table of pointers to chains of link records. + * Each link record is doubly indexed into input and + * output lookup tables. */ + LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; + LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; + /* Link statistics */ int icmpLinkCount; int udpLinkCount; int tcpLinkCount; @@ -114,49 +105,41 @@ int fragmentIdLinkCount; int fragmentPtrLinkCount; int sockCount; - - int cleanupIndex; /* Index to chain of link table */ - /* being inspected for old links */ - - int timeStamp; /* System time in seconds for */ - /* current packet */ - - int lastCleanupTime; /* Last time - * IncrementalCleanup() */ - /* was called */ - - int deleteAllLinks; /* If equal to zero, DeleteLink() */ - /* will not remove permanent links */ - - /* log descriptor */ + /* Index to chain of link table being inspected for old links */ + int cleanupIndex; + /* System time in seconds for current packet */ + int timeStamp; + /* Last time IncrementalCleanup() was called */ + int lastCleanupTime; + /* If equal to zero, DeleteLink() + * will not remove permanent links */ + int deleteAllLinks; + /* log descriptor */ #ifdef _KERNEL - char *logDesc; -#else - FILE *logDesc; + char *logDesc; +#else + FILE *logDesc; #endif - /* statistics monitoring */ - - int newDefaultLink; /* Indicates if a new aliasing */ - /* link has been created after a */ - /* call to PacketAliasIn/Out(). */ + /* Indicates if a new aliasing link has been created + * after a call to PacketAliasIn/Out(). */ + int newDefaultLink; #ifndef NO_FW_PUNCH - int fireWallFD; /* File descriptor to be able to */ - /* control firewall. Opened by */ - /* PacketAliasSetMode on first */ - /* setting the PKT_ALIAS_PUNCH_FW */ - /* flag. */ - int fireWallBaseNum; /* The first firewall entry - * free for our use */ - int fireWallNumNums; /* How many entries can we - * use? */ - int fireWallActiveNum; /* Which entry did we last - * use? */ - char *fireWallField; /* bool array for entries */ + /* File descriptor to be able to control firewall. + * Opened by PacketAliasSetMode on first setting + * the PKT_ALIAS_PUNCH_FW flag. */ + int fireWallFD; + /* The first firewall entry free for our use */ + int fireWallBaseNum; + /* How many entries can we use? */ + int fireWallNumNums; + /* Which entry did we last use? */ + int fireWallActiveNum; + /* bool array for entries */ + char *fireWallField; #endif - - unsigned int skinnyPort; /* TCP port used by the Skinny */ - /* protocol. */ + /* TCP port used by the Skinny protocol. */ + unsigned int skinnyPort; struct proxy_entry *proxyList; @@ -176,22 +159,14 @@ #ifdef _KERNEL /* timing queue for keeping track of association timeouts */ struct sctp_nat_timer sctpNatTimer; - /* size of hash table used in this instance */ u_int sctpNatTableSize; - -/* - * local look up table sorted by l_vtag/l_port - */ + /* local look up table sorted by l_vtag/l_port */ LIST_HEAD(sctpNatTableL, sctp_nat_assoc) *sctpTableLocal; -/* - * global look up table sorted by g_vtag/g_port - */ + /* global look up table sorted by g_vtag/g_port */ LIST_HEAD(sctpNatTableG, sctp_nat_assoc) *sctpTableGlobal; - /* - * avoid races in libalias: every public function has to use it. - */ + /* avoid races in libalias: every public function has to use it. */ struct mtx mutex; #endif }; @@ -240,7 +215,7 @@ /* * SctpFunction prototypes - * + * */ void AliasSctpInit(struct libalias *la); void AliasSctpTerm(struct libalias *la); @@ -279,9 +254,9 @@ FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, u_short _ip_id); struct alias_link * - AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); +AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * - FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); +FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, u_char _proto); @@ -313,17 +288,17 @@ FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, u_short _src_port, u_short _alias_port, u_char _proto); struct in_addr - FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); +FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); +struct in_addr +FindAliasAddress(struct libalias *la, struct in_addr _original_addr); struct in_addr - FindAliasAddress(struct libalias *la, struct in_addr _original_addr); -struct in_addr FindSctpRedirectAddress(struct libalias *la, struct sctp_nat_msg *sm); /* External data access/modification */ -int -FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _src_port, u_short _dst_port, u_short _port_count, - u_char _proto, u_char _align); +int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_short _src_port, + u_short _dst_port, u_short _port_count, u_char _proto, + u_char _align); void GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr); void SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr); void GetFragmentPtr(struct alias_link *_lnk, void **_fptr); @@ -332,19 +307,14 @@ void SetStateOut(struct alias_link *_lnk, int _state); int GetStateIn (struct alias_link *_lnk); int GetStateOut(struct alias_link *_lnk); -struct in_addr - GetOriginalAddress(struct alias_link *_lnk); -struct in_addr - GetDestAddress(struct alias_link *_lnk); -struct in_addr - GetAliasAddress(struct alias_link *_lnk); -struct in_addr - GetDefaultAliasAddress(struct libalias *la); +struct in_addr GetOriginalAddress(struct alias_link *_lnk); +struct in_addr GetDestAddress(struct alias_link *_lnk); +struct in_addr GetAliasAddress(struct alias_link *_lnk); +struct in_addr GetDefaultAliasAddress(struct libalias *la); void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr); u_short GetOriginalPort(struct alias_link *_lnk); u_short GetAliasPort(struct alias_link *_lnk); -struct in_addr - GetProxyAddress(struct alias_link *_lnk); +struct in_addr GetProxyAddress(struct alias_link *_lnk); void SetProxyAddress(struct alias_link *_lnk, struct in_addr _addr); u_short GetProxyPort(struct alias_link *_lnk); void SetProxyPort(struct alias_link *_lnk, u_short _port); @@ -352,7 +322,7 @@ int GetAckModified(struct alias_link *_lnk); int GetDeltaAckIn(u_long, struct alias_link *_lnk); int GetDeltaSeqOut(u_long, struct alias_link *lnk); -void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, +void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len, u_long th_seq, u_int th_off); void SetExpire (struct alias_link *_lnk, int _expire); void ClearCheckNewLink(struct libalias *la); @@ -368,18 +338,18 @@ /* Housekeeping function */ void HouseKeeping(struct libalias *); -/* Tcp specific routines */ -/* lint -save -library Suppress flexelint warnings */ - /* Transparent proxy routines */ int ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr, - u_short * proxy_server_port, struct in_addr src_addr, + u_short * proxy_server_port, struct in_addr src_addr, struct in_addr dst_addr, u_short dst_port, u_char ip_p); void ProxyModify(struct libalias *la, struct alias_link *_lnk, struct ip *_pip, int _maxpacketsize, int _proxy_type); +/* Tcp specific routines */ +/* lint -save -library Suppress flexelint warnings */ + enum alias_tcp_state { ALIAS_TCP_STATE_NOT_CONNECTED, ALIAS_TCP_STATE_CONNECTED, Index: sys/netinet/libalias/alias_mod.c =================================================================== --- sys/netinet/libalias/alias_mod.c +++ sys/netinet/libalias/alias_mod.c @@ -97,7 +97,6 @@ int LibAliasDetachHandlers(struct proto_handler *p) { - while (p->dir != NODIR) { TAILQ_REMOVE(&handler_chain, p, link); p++; @@ -123,7 +122,6 @@ struct proto_handler * first_handler(void) { - return (TAILQ_FIRST(&handler_chain)); } Index: sys/netinet/libalias/alias_nbt.c =================================================================== --- sys/netinet/libalias/alias_nbt.c +++ sys/netinet/libalias/alias_nbt.c @@ -73,20 +73,19 @@ static int AliasHandleUdpNbt(struct libalias *, struct ip *, struct alias_link *, - struct in_addr *, u_short); - + struct in_addr *, u_short); static int AliasHandleUdpNbtNS(struct libalias *, struct ip *, struct alias_link *, - struct in_addr *, u_short *, struct in_addr *, u_short *); + struct in_addr *, u_short *, struct in_addr *, u_short *); + static int fingerprint1(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || ah->aaddr == NULL || ah->aport == NULL) return (-1); if (ntohs(*ah->dport) == NETBIOS_DGM_PORT_NUMBER - || ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER) + || ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER) return (0); return (-1); } @@ -94,14 +93,12 @@ static int protohandler1(struct libalias *la, struct ip *pip, struct alias_data *ah) { - return (AliasHandleUdpNbt(la, pip, ah->lnk, ah->aaddr, *ah->aport)); } static int fingerprint2(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || ah->aaddr == NULL || ah->aport == NULL) return (-1); @@ -114,18 +111,16 @@ static int protohandler2in(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleUdpNbtNS(la, pip, ah->lnk, ah->aaddr, ah->aport, - ah->oaddr, ah->dport); + ah->oaddr, ah->dport); return (0); } static int protohandler2out(struct libalias *la, struct ip *pip, struct alias_data *ah) { - return (AliasHandleUdpNbtNS(la, pip, ah->lnk, &pip->ip_src, ah->sport, - ah->aaddr, ah->aport)); + ah->aaddr, ah->aport)); } /* Kernel module definition. */ @@ -193,7 +188,7 @@ struct in_addr newaddr; u_short newport; u_short *uh_sum; -} NBTArguments; +} NBTArguments; typedef struct { unsigned char type; @@ -203,7 +198,7 @@ u_short source_port; u_short len; u_short offset; -} NbtDataHeader; +} NbtDataHeader; #define OpQuery 0 #define OpUnknown 4 @@ -218,7 +213,7 @@ u_short ancount; u_short nscount; u_short arcount; -} NbtNSHeader; +} NbtNSHeader; #define FMT_ERR 0x1 #define SRV_ERR 0x2 @@ -231,7 +226,6 @@ static void PrintRcode(u_char rcode) { - switch (rcode) { case FMT_ERR: printf("\nFormat Error."); @@ -256,7 +250,6 @@ static u_char * AliasHandleName(u_char * p, char *pmax) { - u_char *s; u_char c; int compress; @@ -336,8 +329,7 @@ struct ip *pip, /* IP packet to examine/patch */ struct alias_link *lnk, struct in_addr *alias_address, - u_short alias_port -) + u_short alias_port) { struct udphdr *uh; NbtDataHeader *ndh; @@ -410,13 +402,13 @@ } /* Question Section */ -#define QS_TYPE_NB 0x0020 +#define QS_TYPE_NB 0x0020 #define QS_TYPE_NBSTAT 0x0021 -#define QS_CLAS_IN 0x0001 +#define QS_CLAS_IN 0x0001 typedef struct { u_short type; /* The type of Request */ u_short class; /* The class of Request */ -} NBTNsQuestion; +} NBTNsQuestion; static u_char * AliasHandleQuestion( @@ -425,7 +417,6 @@ char *pmax, NBTArguments * nbtarg) { - (void)nbtarg; while (count != 0) { @@ -456,25 +447,25 @@ } /* Resource Record */ -#define RR_TYPE_A 0x0001 -#define RR_TYPE_NS 0x0002 +#define RR_TYPE_A 0x0001 +#define RR_TYPE_NS 0x0002 #define RR_TYPE_NULL 0x000a -#define RR_TYPE_NB 0x0020 +#define RR_TYPE_NB 0x0020 #define RR_TYPE_NBSTAT 0x0021 -#define RR_CLAS_IN 0x0001 +#define RR_CLAS_IN 0x0001 #define SizeOfNsResource 8 typedef struct { u_short type; u_short class; unsigned int ttl; u_short rdlen; -} NBTNsResource; +} NBTNsResource; #define SizeOfNsRNB 6 typedef struct { u_short g: 1 , ont:2, resv:13; struct in_addr addr; -} NBTNsRNB; +} NBTNsRNB; static u_char * AliasHandleResourceNB( @@ -547,7 +538,7 @@ #define SizeOfResourceA 6 typedef struct { struct in_addr addr; -} NBTNsResourceA; +} NBTNsResourceA; static u_char * AliasHandleResourceA( @@ -608,7 +599,7 @@ typedef struct { u_short opcode:4, flags:8, resv:4; -} NBTNsResourceNULL; +} NBTNsResourceNULL; static u_char * AliasHandleResourceNULL( @@ -676,7 +667,7 @@ typedef struct { u_short numnames; -} NBTNsResourceNBSTAT; +} NBTNsResourceNBSTAT; static u_char * AliasHandleResourceNBSTAT( Index: sys/netinet/libalias/alias_pptp.c =================================================================== --- sys/netinet/libalias/alias_pptp.c +++ sys/netinet/libalias/alias_pptp.c @@ -81,7 +81,6 @@ static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL) return (-1); if (ntohs(*ah->dport) == PPTP_CONTROL_PORT_NUMBER @@ -93,14 +92,12 @@ static int fingerprintgre(struct libalias *la, struct alias_data *ah) { - return (0); } static int protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandlePptpIn(la, pip, ah->lnk); return (0); } @@ -108,7 +105,6 @@ static int protohandlerout(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandlePptpOut(la, pip, ah->lnk); return (0); } @@ -116,7 +112,6 @@ static int protohandlergrein(struct libalias *la, struct ip *pip, struct alias_data *ah) { - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY || AliasHandlePptpGreIn(la, pip) == 0) return (0); @@ -126,7 +121,6 @@ static int protohandlergreout(struct libalias *la, struct ip *pip, struct alias_data *ah) { - if (AliasHandlePptpGreOut(la, pip) == 0) return (0); return (-1); @@ -225,14 +219,13 @@ Reference: RFC 2637 Initial version: May, 2000 (eds) - */ /* * PPTP definitions */ -struct grehdr { /* Enhanced GRE header. */ +struct grehdr { /* Enhanced GRE header. */ u_int16_t gh_flags; /* Flags. */ u_int16_t gh_protocol; /* Protocol type. */ u_int16_t gh_length; /* Payload length. */ @@ -298,8 +291,8 @@ static void AliasHandlePptpOut(struct libalias *la, struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *lnk) -{ /* The PPTP control link */ + struct alias_link *lnk) /* The PPTP control link */ +{ struct alias_link *pptp_lnk; PptpCallId cptr; PptpCode codes; @@ -352,15 +345,16 @@ case PPTP_OutCallReply: case PPTP_InCallReply: codes = (PptpCode) (cptr + 1); - if (codes->resCode == 1) /* Connection - * established, */ - SetDestCallId(pptp_lnk, /* note the Peer's Call - * ID. */ - cptr->cid2); + if (codes->resCode == 1) + /* Connection established, + * note the Peer's Call ID. */ + SetDestCallId(pptp_lnk, cptr->cid2); else - SetExpire(pptp_lnk, 0); /* Connection refused. */ + /* Connection refused. */ + SetExpire(pptp_lnk, 0); break; - case PPTP_CallDiscNotify: /* Connection closed. */ + case PPTP_CallDiscNotify: + /* Connection closed. */ SetExpire(pptp_lnk, 0); break; } @@ -370,8 +364,8 @@ static void AliasHandlePptpIn(struct libalias *la, struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *lnk) -{ /* The PPTP control link */ + struct alias_link *lnk) /* The PPTP control link */ +{ struct alias_link *pptp_lnk; PptpCallId cptr; u_int16_t *pcall_id; @@ -393,7 +387,8 @@ case PPTP_InCallReply: pcall_id = &cptr->cid2; break; - case PPTP_CallDiscNotify: /* Connection closed. */ + case PPTP_CallDiscNotify: + /* Connection closed. */ pptp_lnk = FindPptpInByCallId(la, GetDestAddress(lnk), GetAliasAddress(lnk), cptr->cid1); @@ -423,19 +418,20 @@ if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) { PptpCode codes = (PptpCode) (cptr + 1); - if (codes->resCode == 1) /* Connection - * established, */ - SetDestCallId(pptp_lnk, /* note the Call ID. */ - cptr->cid1); + if (codes->resCode == 1) + /* Connection established, + * note the Call ID. */ + SetDestCallId(pptp_lnk, cptr->cid1); else - SetExpire(pptp_lnk, 0); /* Connection refused. */ + /* Connection refused. */ + SetExpire(pptp_lnk, 0); } } } -static PptpCallId -AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) -{ /* IP packet to examine/patch */ +static PptpCallId +AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) /* IP packet to examine/patch */ +{ int hlen, tlen, dlen; PptpMsgHead hptr; struct tcphdr *tc; Index: sys/netinet/libalias/alias_proxy.c =================================================================== --- sys/netinet/libalias/alias_proxy.c +++ sys/netinet/libalias/alias_proxy.c @@ -292,20 +292,19 @@ struct tcphdr *tc; char addrbuf[INET_ADDRSTRLEN]; -/* Compute pointer to tcp header */ + /* Compute pointer to tcp header */ tc = (struct tcphdr *)ip_next(pip); -/* Don't modify if once already modified */ - + /* Don't modify if once already modified */ if (GetAckModified(lnk)) return; -/* Translate destination address and port to string form */ + /* Translate destination address and port to string form */ snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]", inet_ntoa_r(GetProxyAddress(lnk), INET_NTOA_BUF(addrbuf)), (u_int) ntohs(GetProxyPort(lnk))); -/* Pad string out to a multiple of two in length */ + /* Pad string out to a multiple of two in length */ slen = strlen(buffer); switch (slen % 2) { case 0: @@ -317,11 +316,11 @@ slen += 1; } -/* Check for packet overflow */ + /* Check for packet overflow */ if ((int)(ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize) return; -/* Shift existing TCP data and insert destination string */ + /* Shift existing TCP data and insert destination string */ { int dlen; int hlen; @@ -330,8 +329,7 @@ hlen = (pip->ip_hl + tc->th_off) << 2; dlen = ntohs(pip->ip_len) - hlen; -/* Modify first packet that has data in it */ - + /* Modify first packet that has data in it */ if (dlen == 0) return; @@ -342,18 +340,18 @@ memcpy(p, buffer, slen); } -/* Save information about modfied sequence number */ + /* Save information about modfied sequence number */ { int delta; SetAckModified(lnk); - tc = (struct tcphdr *)ip_next(pip); + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); AddSeq(lnk, delta + slen, pip->ip_hl, pip->ip_len, tc->th_seq, tc->th_off); } -/* Update IP header packet length and checksum */ + /* Update IP header packet length and checksum */ { int accumulate; @@ -364,8 +362,8 @@ ADJUST_CHECKSUM(accumulate, pip->ip_sum); } -/* Update TCP checksum, Use TcpChecksum since so many things have - already changed. */ + /* Update TCP checksum, Use TcpChecksum since so many things have + already changed. */ tc->th_sum = 0; #ifdef _KERNEL @@ -391,11 +389,11 @@ (void)maxpacketsize; -/* Check to see that there is room to add an IP option */ + /* Check to see that there is room to add an IP option */ if (pip->ip_hl > (0x0f - OPTION_LEN_INT32)) return; -/* Build option and copy into packet */ + /* Build option and copy into packet */ { u_char *ptr; struct tcphdr *tc; @@ -415,7 +413,7 @@ memcpy(ptr, option, 8); } -/* Update checksum, header length and packet length */ + /* Update checksum, header length and packet length */ { int i; int accumulate; @@ -457,7 +455,7 @@ int ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr, - u_short * proxy_server_port, struct in_addr src_addr, + u_short * proxy_server_port, struct in_addr src_addr, struct in_addr dst_addr, u_short dst_port, u_char ip_p) { struct proxy_entry *ptr; @@ -498,12 +496,11 @@ int maxpacketsize, int proxy_type) { - LIBALIAS_LOCK_ASSERT(la); (void)la; switch (proxy_type) { - case PROXY_TYPE_ENCODE_IPHDR: + case PROXY_TYPE_ENCODE_IPHDR: ProxyEncodeIpHeader(pip, maxpacketsize); break; @@ -563,7 +560,8 @@ LIBALIAS_LOCK(la); ret = 0; -/* Copy command line into a buffer */ + + /* Copy command line into a buffer */ cmd += strspn(cmd, " \t"); cmd_len = strlen(cmd); if (cmd_len > (int)(sizeof(buffer) - 1)) { @@ -572,14 +570,14 @@ } strcpy(buffer, cmd); -/* Convert to lower case */ + /* Convert to lower case */ len = strlen(buffer); for (i = 0; i < len; i++) buffer[i] = tolower((unsigned char)buffer[i]); -/* Set default proxy type */ + /* Set default proxy type */ -/* Set up default values */ + /* Set up default values */ rule_index = 0; proxy_type = PROXY_TYPE_ENCODE_NONE; proto = IPPROTO_TCP; @@ -594,7 +592,7 @@ str_port[0] = 0; str_server_port[0] = 0; -/* Parse command string with state machine */ + /* Parse command string with state machine */ #define STATE_READ_KEYWORD 0 #define STATE_READ_TYPE 1 #define STATE_READ_PORT 2 @@ -805,9 +803,10 @@ #undef STATE_READ_SRC #undef STATE_READ_DST -/* Convert port strings to numbers. This needs to be done after - the string is parsed, because the prototype might not be designated - before the ports (which might be symbolic entries in /etc/services) */ + /* Convert port strings to numbers. + This needs to be done after the string is parsed, because + the prototype might not be designated before the ports + (which might be symbolic entries in /etc/services) */ if (strlen(str_port) != 0) { int err; @@ -833,13 +832,13 @@ server_port = 0; } -/* Check that at least the server address has been defined */ + /* Check that at least the server address has been defined */ if (server_addr.s_addr == 0) { ret = -1; goto getout; } -/* Add to linked list */ + /* Add to linked list */ proxy_entry = malloc(sizeof(struct proxy_entry)); if (proxy_entry == NULL) { ret = -1; Index: sys/netinet/libalias/alias_sctp.h =================================================================== --- sys/netinet/libalias/alias_sctp.h +++ sys/netinet/libalias/alias_sctp.h @@ -27,7 +27,7 @@ */ /* - * Alias_sctp forms part of the libalias kernel module to handle + * Alias_sctp forms part of the libalias kernel module to handle * Network Address Translation (NAT) for the SCTP protocol. * * This software was developed by David A. Hayes @@ -40,7 +40,7 @@ * proposed by Jason But and Grenville Armitage: * http://caia.swin.edu.au/urp/sonata/ * - * + * * This project has been made possible in part by a grant from * the Cisco University Research Program Fund at Community * Foundation Silicon Valley. @@ -53,7 +53,7 @@ #define _ALIAS_SCTP_H_ #include -#ifdef _KERNEL +#ifdef _KERNEL #include #include #include @@ -61,7 +61,7 @@ #include #include #include -#endif // #ifdef _KERNEL +#endif // #ifdef _KERNEL #include #include @@ -75,7 +75,7 @@ /** * These are defined in sctp_os_bsd.h, but it can't be included due to its local file * inclusion, so I'm defining them here. - * + * */ #include /* The packed define for 64 bit platforms */ @@ -128,18 +128,18 @@ uint16_t l_port; /**< local side port number */ uint32_t g_vtag; /**< global side verification tag */ uint16_t g_port; /**< global side port number */ - struct in_addr l_addr; /**< local ip address */ - struct in_addr a_addr; /**< alias ip address */ + struct in_addr l_addr; /**< local ip address */ + struct in_addr a_addr; /**< alias ip address */ int state; /**< current state of NAT association */ int TableRegister; /**< stores which look up tables association is registered in */ int exp; /**< timer expiration in seconds from uptime */ int exp_loc; /**< current location in timer_Q */ - int num_Gaddr; /**< number of global IP addresses in the list */ + int num_Gaddr; /**< number of global IP addresses in the list */ LIST_HEAD(sctpGlobalAddresshead,sctp_GlobalAddress) Gaddr; /**< List of global addresses */ LIST_ENTRY (sctp_nat_assoc) list_L; /**< Linked list of pointers for Local table*/ LIST_ENTRY (sctp_nat_assoc) list_G; /**< Linked list of pointers for Global table */ LIST_ENTRY (sctp_nat_assoc) timer_Q; /**< Linked list of pointers for timer Q */ -//Using libalias locking + //Using libalias locking }; struct sctp_GlobalAddress { @@ -153,14 +153,14 @@ * The only chunks whose contents are of any interest are the INIT and ASCONF_AddIP */ union sctpChunkOfInt { - struct sctp_init *Init; /**< Pointer to Init Chunk */ + struct sctp_init *Init; /**< Pointer to Init Chunk */ struct sctp_init_ack *InitAck; /**< Pointer to Init Chunk */ - struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */ + struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */ }; /** * @brief SCTP message - * + * * Structure containing the relevant information from the SCTP message */ struct sctp_nat_msg { @@ -177,7 +177,7 @@ /** * @brief sctp nat timer queue structure - * + * */ struct sctp_nat_timer { Index: sys/netinet/libalias/alias_sctp.c =================================================================== --- sys/netinet/libalias/alias_sctp.c +++ sys/netinet/libalias/alias_sctp.c @@ -2,7 +2,7 @@ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2008 - * Swinburne University of Technology, Melbourne, Australia. + * Swinburne University of Technology, Melbourne, Australia. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -773,7 +773,7 @@ SN_LOG(SN_LOG_DETAIL, logsctpassoc(assoc, "*"); logsctpparse(direction, &msg); - ); + ); /* Process the SCTP message */ rtnval = ProcessSctpMsg(la, direction, &msg, assoc); @@ -782,7 +782,7 @@ logsctpassoc(assoc, "-"); logSctpLocal(la); logSctpGlobal(la); - ); + ); SN_LOG(SN_LOG_DEBUG, logTimerQ(la)); switch (rtnval) { @@ -999,12 +999,12 @@ memcpy(sm->ip_hdr, ip, ip_size); SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n", - ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"), - ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"), - (include_error_cause ? ntohs(error_cause->code) : 0), - inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)), - ntohs(sctp_hdr->dest_port), - ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum))); + ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"), + ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"), + (include_error_cause ? ntohs(error_cause->code) : 0), + inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)), + ntohs(sctp_hdr->dest_port), + ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum))); } /* ---------------------------------------------------------------------- @@ -1455,7 +1455,8 @@ * * @return 1 - success | 0 - fail */ -static int Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr) +static int +Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr) { struct sctp_GlobalAddress *iter_G_Addr = NULL, *first_G_Addr = NULL; first_G_Addr = LIST_FIRST(&(assoc->Gaddr)); @@ -1614,11 +1615,11 @@ return (1); /* success - but can't match correlation IDs - should only be one */ /* check others just in case */ bytes_left -= param_size; - if (bytes_left >= SN_MIN_PARAM_SIZE) { + if (bytes_left >= SN_MIN_PARAM_SIZE) param = SN_SCTP_NEXTPARAM(param); - } else { + else return (0); - } + param_size = SCTP_SIZE32(ntohs(param->param_length)); if (bytes_left < param_size) return (0); @@ -1667,11 +1668,11 @@ return (SCTP_DEL_IP_ADDRESS); /* check others just in case */ bytes_left -= param_size; - if (bytes_left >= SN_MIN_PARAM_SIZE) { + if (bytes_left >= SN_MIN_PARAM_SIZE) param = SN_SCTP_NEXTPARAM(param); - } else { + else return (0); /*Neither found */ - } + param_size = SCTP_SIZE32(ntohs(param->param_length)); if (bytes_left < param_size) return (0); @@ -1771,7 +1772,7 @@ assoc->g_port = sm->sctp_hdr->dest_port; if (sm->msg == SN_SCTP_INIT) assoc->g_vtag = sm->sctpchnk.Init->initiate_tag; - if (AddSctpAssocGlobal(la, assoc)) /* DB clash *///**** need to add dst address + if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add dst address */ return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR); if (sm->msg == SN_SCTP_ASCONF) { if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_dst)) /* DB clash */ @@ -1789,10 +1790,10 @@ if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_src)) /* DB clash */ return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR); if (sm->msg == SN_SCTP_ASCONF) { - if (AddSctpAssocGlobal(la, assoc)) /* DB clash */ //**** need to add src address + if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add src address */ return (SN_REPLY_ERROR); assoc->TableRegister |= SN_WAIT_TOGLOBAL; /* wait for toglobal ack */ - } + } break; } assoc->state = (sm->msg == SN_SCTP_INIT) ? SN_INi : SN_INa; @@ -1938,7 +1939,8 @@ case SCTP_DEL_IP_ADDRESS: RmGlobalIPAddresses(sm, assoc, direction); break; - } /* fall through to default */ + } + /* fall through to default */ default: sctp_ResetTimeOut(la,assoc, SN_U_T(la)); return (SN_NAT_PKT); /* forward packet */ @@ -2047,7 +2049,7 @@ * @return pointer to association or NULL */ static struct sctp_nat_assoc* -FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc) +FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc) { u_int i; struct sctp_nat_assoc *assoc = NULL; @@ -2282,8 +2284,9 @@ LIBALIAS_LOCK_ASSERT(la); found = FindSctpGlobalClash(la, assoc); if (found != NULL) { - if ((found->TableRegister == SN_GLOBAL_TBL) && \ - (found->l_addr.s_addr == assoc->l_addr.s_addr) && (found->l_port == assoc->l_port)) { /* resent message */ + if ((found->TableRegister == SN_GLOBAL_TBL) && + (found->l_addr.s_addr == assoc->l_addr.s_addr) && + (found->l_port == assoc->l_port)) { /* resent message */ RmSctpAssoc(la, found); sctp_RmTimeOut(la, found); freeGlobalAddressList(found); Index: sys/netinet/libalias/alias_skinny.c =================================================================== --- sys/netinet/libalias/alias_skinny.c +++ sys/netinet/libalias/alias_skinny.c @@ -61,7 +61,6 @@ static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL) return (-1); if (la->skinnyPort != 0 && (ntohs(*ah->sport) == la->skinnyPort || @@ -73,7 +72,6 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleSkinny(la, pip, ah->lnk); return (0); } @@ -323,11 +321,11 @@ * handle the scenario where the call manager is on the inside, and * the calling phone is on the global outside. */ - if (ntohs(tc->th_dport) == la->skinnyPort) { + if (ntohs(tc->th_dport) == la->skinnyPort) direction = ClientToServer; - } else if (ntohs(tc->th_sport) == la->skinnyPort) { + else if (ntohs(tc->th_sport) == la->skinnyPort) direction = ServerToClient; - } else { + else { #ifdef LIBALIAS_DEBUG fprintf(stderr, "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n"); Index: sys/netinet/libalias/alias_smedia.c =================================================================== --- sys/netinet/libalias/alias_smedia.c +++ sys/netinet/libalias/alias_smedia.c @@ -131,12 +131,11 @@ #define TFTP_PORT_NUMBER 69 static void -AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *, - int maxpacketsize); +AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *, + int maxpacketsize); static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport != NULL && ah->aport != NULL && ah->sport != NULL && ntohs(*ah->dport) == TFTP_PORT_NUMBER) return (0); @@ -154,11 +153,10 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - if (ntohs(*ah->dport) == TFTP_PORT_NUMBER) FindRtspOut(la, pip->ip_src, pip->ip_dst, - *ah->sport, *ah->aport, IPPROTO_UDP); - else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize); + *ah->sport, *ah->aport, IPPROTO_UDP); + else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize); return (0); } @@ -222,12 +220,10 @@ for (i = 0; i < dlen - search_str_len; i++) { for (j = i, k = 0; j < dlen - search_str_len; j++, k++) { if (data[j] != search_str[k] && - data[j] != search_str[k] - ('a' - 'A')) { + data[j] != search_str[k] - ('a' - 'A')) break; - } - if (k == search_str_len - 1) { + if (k == search_str_len - 1) return (j + 1); - } } } return (-1); @@ -259,9 +255,9 @@ /* Find keyword, "Transport: " */ pos = search_string(data, dlen, transport_str); - if (pos < 0) { + if (pos < 0) return (-1); - } + port_data = data + pos; port_dlen = dlen - pos; @@ -271,9 +267,9 @@ while (port_dlen > (int)strlen(port_str)) { /* Find keyword, appropriate port string */ pos = search_string(port_data, port_dlen, port_str); - if (pos < 0) { + if (pos < 0) break; - } + memcpy(port_newdata, port_data, pos + 1); port_newdata += (pos + 1); @@ -283,28 +279,22 @@ for (i = pos; i < port_dlen; i++) { switch (state) { case 0: - if (port_data[i] == '=') { + if (port_data[i] == '=') state++; - } break; case 1: - if (ISDIGIT(port_data[i])) { + if (ISDIGIT(port_data[i])) p[0] = p[0] * 10 + port_data[i] - '0'; - } else { - if (port_data[i] == ';') { - state = 3; - } - if (port_data[i] == '-') { - state++; - } - } + else if (port_data[i] == ';') + state = 3; + else if (port_data[i] == '-') + state++; break; case 2: - if (ISDIGIT(port_data[i])) { + if (ISDIGIT(port_data[i])) p[1] = p[1] * 10 + port_data[i] - '0'; - } else { + else state++; - } break; case 3: base_port = p[0]; @@ -445,10 +435,9 @@ work += 2; memcpy(&msg_len, work, 2); work += 2; - if (ntohs(msg_id) == 0) { - /* end of options */ + if (ntohs(msg_id) == 0) /* end of options */ return (0); - } + if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) { memcpy(&port, work, 2); pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(lnk), @@ -501,17 +490,15 @@ /* When aliasing a client, check for the SETUP request */ if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) || (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) { - if (dlen >= (int)strlen(setup)) { - if (memcmp(data, setup, strlen(setup)) == 0) { - alias_rtsp_out(la, pip, lnk, data, client_port_str); - return; - } - } - if (dlen >= (int)strlen(pna)) { - if (memcmp(data, pna, strlen(pna)) == 0) { - alias_pna_out(la, pip, lnk, data, dlen); - } + if (dlen >= (int)strlen(setup) && + memcmp(data, setup, strlen(setup)) == 0) { + alias_rtsp_out(la, pip, lnk, data, client_port_str); + return; } + + if (dlen >= (int)strlen(pna) && + memcmp(data, pna, strlen(pna)) == 0) + alias_pna_out(la, pip, lnk, data, dlen); } else { /* * When aliasing a server, check for the 200 reply @@ -521,21 +508,20 @@ if (dlen >= (int)strlen(str200)) { for (parseOk = 0, i = 0; i <= dlen - (int)strlen(str200); - i++) { + i++) if (memcmp(&data[i], str200, strlen(str200)) == 0) { parseOk = 1; break; } - } + if (parseOk) { i += strlen(str200); /* skip string found */ while (data[i] == ' ') /* skip blank(s) */ i++; - if ((dlen - i) >= (int)strlen(okstr)) { + if ((dlen - i) >= (int)strlen(okstr)) if (memcmp(&data[i], okstr, strlen(okstr)) == 0) alias_rtsp_out(la, pip, lnk, data, server_port_str); - } } } } Index: sys/netinet/libalias/alias_util.c =================================================================== --- sys/netinet/libalias/alias_util.c +++ sys/netinet/libalias/alias_util.c @@ -73,7 +73,7 @@ */ u_short LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr, - int nbytes) + int nbytes) { int sum, oddbyte;