Page MenuHomeFreeBSD
Files F146494832

D30260.id89215.diff
No OneTemporary
Actions

D30260.id89215.diff
View Options

This file is larger than 256 KB, so syntax highlighting was skipped.
Index: sys/netinet/libalias/alias.h
===================================================================
--- sys/netinet/libalias/alias.h
+++ sys/netinet/libalias/alias.h
@@ -39,19 +39,19 @@
*/
#ifndef _ALIAS_H_
-#define _ALIAS_H_
+#define _ALIAS_H_
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#define LIBALIAS_BUF_SIZE 128
-#ifdef _KERNEL
+#ifdef _KERNEL
/*
* The kernel version of libalias does not support these features.
*/
-#define NO_FW_PUNCH
-#define NO_USE_SOCKETS
+#define NO_FW_PUNCH
+#define NO_USE_SOCKETS
#endif
/*
@@ -85,55 +85,61 @@
/* Initialization and control functions. */
struct libalias *LibAliasInit(struct libalias *);
-void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
-void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_hi);
-void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
-void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
-unsigned int LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
-void LibAliasUninit(struct libalias *);
+void LibAliasSetAddress(struct libalias *, struct in_addr _addr);
+void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low,
+ u_short port_hi);
+void LibAliasSetFWBase(struct libalias *, unsigned int _base,
+ unsigned int _num);
+void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
+unsigned int LibAliasSetMode(struct libalias *, unsigned int _flags,
+ unsigned int _mask);
+void LibAliasUninit(struct libalias *);
/* Packet Handling functions. */
-int LibAliasIn (struct libalias *, void *_ptr, int _maxpacketsize);
-int LibAliasOut(struct libalias *, void *_ptr, int _maxpacketsize);
-int LibAliasOutTry(struct libalias *, void *_ptr, int _maxpacketsize, int _create);
-int LibAliasUnaliasOut(struct libalias *, void *_ptr, int _maxpacketsize);
+int LibAliasIn(struct libalias *, void *_ptr, int _maxpacketsize);
+int LibAliasOut(struct libalias *, void *_ptr, int _maxpacketsize);
+int LibAliasOutTry(struct libalias *, void *_ptr, int _maxpacketsize,
+ int _create);
+int LibAliasUnaliasOut(struct libalias *, void *_ptr, int _maxpacketsize);
/* Port and address redirection functions. */
-int LibAliasAddServer(struct libalias *, struct alias_link *_lnk,
- struct in_addr _addr, unsigned short _port);
-struct alias_link * LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
- struct in_addr _alias_addr);
-int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk);
-void LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk);
-struct alias_link * LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
- unsigned short _src_port, struct in_addr _dst_addr,
- unsigned short _dst_port, struct in_addr _alias_addr,
- unsigned short _alias_port, unsigned char _proto);
-struct alias_link * LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
- struct in_addr _dst_addr, struct in_addr _alias_addr,
- unsigned char _proto);
+int LibAliasAddServer(struct libalias *, struct alias_link *_lnk,
+ struct in_addr _addr, unsigned short _port);
+struct alias_link *LibAliasRedirectAddr(struct libalias *,
+ struct in_addr _src_addr, struct in_addr _alias_addr);
+int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk);
+void LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk);
+struct alias_link *LibAliasRedirectPort(struct libalias *,
+ struct in_addr _src_addr, unsigned short _src_port,
+ struct in_addr _dst_addr, unsigned short _dst_port,
+ struct in_addr _alias_addr, unsigned short _alias_port,
+ unsigned char _proto);
+struct alias_link *LibAliasRedirectProto(struct libalias *,
+ struct in_addr _src_addr, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, unsigned char _proto);
/* Fragment Handling functions. */
-void LibAliasFragmentIn(struct libalias *, void *_ptr, void *_ptr_fragment);
-void *LibAliasGetFragment(struct libalias *, void *_ptr);
-int LibAliasSaveFragment(struct libalias *, void *_ptr);
+void LibAliasFragmentIn(struct libalias *, void *_ptr, void *_ptr_fragment);
+void *LibAliasGetFragment(struct libalias *, void *_ptr);
+int LibAliasSaveFragment(struct libalias *, void *_ptr);
/* Miscellaneous functions. */
-int LibAliasCheckNewLink(struct libalias *);
-unsigned short LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
-void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
+int LibAliasCheckNewLink(struct libalias *);
+unsigned short LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr,
+ int _nbytes);
+void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
/* Transparent proxying routines. */
-int LibAliasProxyRule(struct libalias *, const char *_cmd);
+int LibAliasProxyRule(struct libalias *, const char *_cmd);
/* Module handling API */
-int LibAliasLoadModule(char *);
-int LibAliasUnLoadAllModule(void);
-int LibAliasRefreshModules(void);
+int LibAliasLoadModule(char *);
+int LibAliasUnLoadAllModule(void);
+int LibAliasRefreshModules(void);
/* Mbuf helper function. */
-struct mbuf *m_megapullup(struct mbuf *, int);
+struct mbuf *m_megapullup(struct mbuf *, int);
/*
* Mode flags and other constants.
@@ -145,13 +151,13 @@
* If PKT_ALIAS_LOG is set, a message will be printed to /var/log/alias.log
* every time a link is created or deleted. This is useful for debugging.
*/
-#define PKT_ALIAS_LOG 0x01
+#define PKT_ALIAS_LOG 0x01
/*
* If PKT_ALIAS_DENY_INCOMING is set, then incoming connections (e.g. to ftp,
* telnet or web servers will be prevented by the aliasing mechanism.
*/
-#define PKT_ALIAS_DENY_INCOMING 0x02
+#define PKT_ALIAS_DENY_INCOMING 0x02
/*
* If PKT_ALIAS_SAME_PORTS is set, packets will be attempted sent from the
@@ -160,7 +166,7 @@
* at all). This mode bit is set by PacketAliasInit(), so it is a default
* mode of operation.
*/
-#define PKT_ALIAS_SAME_PORTS 0x04
+#define PKT_ALIAS_SAME_PORTS 0x04
/*
* If PKT_ALIAS_USE_SOCKETS is set, then when partially specified links (e.g.
@@ -170,8 +176,8 @@
* require this. This bit is set after a call to PacketAliasInit(), so it is
* a default mode of operation.
*/
-#ifndef NO_USE_SOCKETS
-#define PKT_ALIAS_USE_SOCKETS 0x08
+#ifndef NO_USE_SOCKETS
+#define PKT_ALIAS_USE_SOCKETS 0x08
#endif
/*-
* If PKT_ALIAS_UNREGISTERED_ONLY is set, then only packets with
@@ -182,7 +188,7 @@
* 172.16.0.0 -> 172.31.255.255
* 192.168.0.0 -> 192.168.255.255
*/
-#define PKT_ALIAS_UNREGISTERED_ONLY 0x10
+#define PKT_ALIAS_UNREGISTERED_ONLY 0x10
/*
* If PKT_ALIAS_RESET_ON_ADDR_CHANGE is set, then the table of dynamic
@@ -191,19 +197,19 @@
* unchanged by this function call, then the table of dynamic aliasing links
* will be left intact. This bit is set after a call to PacketAliasInit().
*/
-#define PKT_ALIAS_RESET_ON_ADDR_CHANGE 0x20
+#define PKT_ALIAS_RESET_ON_ADDR_CHANGE 0x20
/*
* If PKT_ALIAS_PROXY_ONLY is set, then NAT will be disabled and only
* transparent proxying is performed.
*/
-#define PKT_ALIAS_PROXY_ONLY 0x40
+#define PKT_ALIAS_PROXY_ONLY 0x40
/*
* If PKT_ALIAS_REVERSE is set, the actions of PacketAliasIn() and
* PacketAliasOut() are reversed.
*/
-#define PKT_ALIAS_REVERSE 0x80
+#define PKT_ALIAS_REVERSE 0x80
#ifndef NO_FW_PUNCH
/*
@@ -213,14 +219,14 @@
* PacketAliasSetFWBase(). The hole will be attached to that
* particular alias_link, so when the link goes away the hole is deleted.
*/
-#define PKT_ALIAS_PUNCH_FW 0x100
+#define PKT_ALIAS_PUNCH_FW 0x100
#endif
/*
* If PKT_ALIAS_SKIP_GLOBAL is set, nat instance is not checked for matching
* states in 'ipfw nat global' rule.
*/
-#define PKT_ALIAS_SKIP_GLOBAL 0x200
+#define PKT_ALIAS_SKIP_GLOBAL 0x200
/*
* Like PKT_ALIAS_UNREGISTERED_ONLY, but includes the RFC 6598
@@ -228,15 +234,15 @@
*
* 100.64.0.0 -> 100.127.255.255
*/
-#define PKT_ALIAS_UNREGISTERED_CGN 0x400
+#define PKT_ALIAS_UNREGISTERED_CGN 0x400
/* Function return codes. */
-#define PKT_ALIAS_ERROR -1
-#define PKT_ALIAS_OK 1
-#define PKT_ALIAS_IGNORED 2
-#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3
-#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4
+#define PKT_ALIAS_ERROR -1
+#define PKT_ALIAS_OK 1
+#define PKT_ALIAS_IGNORED 2
+#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3
+#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4
-#endif /* !_ALIAS_H_ */
+#endif /* !_ALIAS_H_ */
/* lint -restore */
Index: sys/netinet/libalias/alias.c
===================================================================
--- sys/netinet/libalias/alias.c
+++ sys/netinet/libalias/alias.c
@@ -120,16 +120,17 @@
#include <sys/sysctl.h>
#else
#include <sys/types.h>
-#include <stdlib.h>
-#include <stdio.h>
+
#include <ctype.h>
#include <dlfcn.h>
#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/tcp.h>
@@ -141,6 +142,7 @@
#include <netinet/libalias/alias_mod.h>
#else
#include <err.h>
+
#include "alias.h"
#include "alias_local.h"
#include "alias_mod.h"
@@ -185,9 +187,9 @@
*/
/* Local prototypes */
-static void TcpMonitorIn(u_char, struct alias_link *);
+static void TcpMonitorIn(u_char, struct alias_link *);
-static void TcpMonitorOut(u_char, struct alias_link *);
+static void TcpMonitorOut(u_char, struct alias_link *);
static void
TcpMonitorIn(u_char th_flags, struct alias_link *lnk)
@@ -263,25 +265,24 @@
*/
/* Local prototypes */
-static int IcmpAliasIn1(struct libalias *, struct ip *);
-static int IcmpAliasIn2(struct libalias *, struct ip *);
-static int IcmpAliasIn(struct libalias *, struct ip *);
+static int IcmpAliasIn1(struct libalias *, struct ip *);
+static int IcmpAliasIn2(struct libalias *, struct ip *);
+static int IcmpAliasIn(struct libalias *, struct ip *);
-static int IcmpAliasOut1(struct libalias *, struct ip *, int create);
-static int IcmpAliasOut2(struct libalias *, struct ip *);
-static int IcmpAliasOut(struct libalias *, struct ip *, int create);
+static int IcmpAliasOut1(struct libalias *, struct ip *, int create);
+static int IcmpAliasOut2(struct libalias *, struct ip *);
+static int IcmpAliasOut(struct libalias *, struct ip *, int create);
-static int ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
- struct ip *pip, u_char ip_p, u_short *ip_sum);
-static int ProtoAliasOut(struct libalias *la, struct ip *pip,
- struct in_addr ip_dst, u_char ip_p, u_short *ip_sum,
- int create);
+static int ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
+ struct ip *pip, u_char ip_p, u_short *ip_sum);
+static int ProtoAliasOut(struct libalias *la, struct ip *pip,
+ struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create);
-static int UdpAliasIn(struct libalias *, struct ip *);
-static int UdpAliasOut(struct libalias *, struct ip *, int, int create);
+static int UdpAliasIn(struct libalias *, struct ip *);
+static int UdpAliasOut(struct libalias *, struct ip *, int, int create);
-static int TcpAliasIn(struct libalias *, struct ip *);
-static int TcpAliasOut(struct libalias *, struct ip *, int, int create);
+static int TcpAliasIn(struct libalias *, struct ip *);
+static int TcpAliasOut(struct libalias *, struct ip *, int, int create);
/*
De-alias incoming echo and timestamp replies.
@@ -317,8 +318,8 @@
struct in_addr original_address;
original_address = GetOriginalAddress(lnk);
- DifferentialChecksum(&pip->ip_sum,
- &original_address, &pip->ip_dst, 2);
+ DifferentialChecksum(&pip->ip_sum, &original_address,
+ &pip->ip_dst, 2);
pip->ip_dst = original_address;
}
@@ -349,16 +350,16 @@
ic2 = (struct icmp *)ip_next(ip);
if (ip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
- ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
+ lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, ud->uh_dport,
+ ud->uh_sport, IPPROTO_UDP, 0);
else if (ip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
- tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
+ lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src, tc->th_dport,
+ tc->th_sport, IPPROTO_TCP, 0);
else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- lnk = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+ if (ic2->icmp_type == ICMP_ECHO ||
+ ic2->icmp_type == ICMP_TSTAMP)
+ lnk = FindIcmpIn(la, ip->ip_dst, ip->ip_src,
+ ic2->icmp_id, 0);
else
lnk = NULL;
} else
@@ -385,8 +386,8 @@
ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
/* Un-alias address in IP header */
- DifferentialChecksum(&pip->ip_sum,
- &original_address, &pip->ip_dst, 2);
+ DifferentialChecksum(&pip->ip_sum, &original_address,
+ &pip->ip_dst, 2);
pip->ip_dst = original_address;
/* Un-alias address and port number of
@@ -414,8 +415,8 @@
ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum);
/* Un-alias address in IP header */
- DifferentialChecksum(&pip->ip_sum,
- &original_address, &pip->ip_dst, 2);
+ DifferentialChecksum(&pip->ip_sum, &original_address,
+ &pip->ip_dst, 2);
pip->ip_dst = original_address;
/* Un-alias address of original IP packet and
@@ -459,8 +460,7 @@
case ICMP_SOURCEQUENCH:
case ICMP_TIMXCEED:
case ICMP_PARAMPROB:
- if (dlen < ICMP_ADVLENMIN ||
- dlen < (size_t)ICMP_ADVLEN(ic))
+ if (dlen < ICMP_ADVLENMIN || dlen < (size_t)ICMP_ADVLEN(ic))
return (PKT_ALIAS_IGNORED);
iresult = IcmpAliasIn2(la, pip);
break;
@@ -506,8 +506,8 @@
struct in_addr alias_address;
alias_address = GetAliasAddress(lnk);
- DifferentialChecksum(&pip->ip_sum,
- &alias_address, &pip->ip_src, 2);
+ DifferentialChecksum(&pip->ip_sum, &alias_address,
+ &pip->ip_src, 2);
pip->ip_src = alias_address;
}
@@ -538,16 +538,16 @@
ic2 = (struct icmp *)ip_next(ip);
if (ip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
- ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
+ lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, ud->uh_dport,
+ ud->uh_sport, IPPROTO_UDP, 0);
else if (ip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
- tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
+ lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src, tc->th_dport,
+ tc->th_sport, IPPROTO_TCP, 0);
else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- lnk = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+ if (ic2->icmp_type == ICMP_ECHO ||
+ ic2->icmp_type == ICMP_TSTAMP)
+ lnk = FindIcmpOut(la, ip->ip_dst, ip->ip_src,
+ ic2->icmp_id, 0);
else
lnk = NULL;
} else
@@ -659,8 +659,8 @@
machine.
*/
static int
-ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
- struct ip *pip, u_char ip_p, u_short *ip_sum)
+ProtoAliasIn(struct libalias *la, struct in_addr ip_src, struct ip *pip,
+ u_char ip_p, u_short *ip_sum)
{
struct alias_link *lnk;
@@ -676,8 +676,8 @@
original_address = GetOriginalAddress(lnk);
/* Restore original IP address */
- DifferentialChecksum(ip_sum,
- &original_address, &pip->ip_dst, 2);
+ DifferentialChecksum(ip_sum, &original_address, &pip->ip_dst,
+ 2);
pip->ip_dst = original_address;
return (PKT_ALIAS_OK);
@@ -691,8 +691,8 @@
the source IP address of the packet.
*/
static int
-ProtoAliasOut(struct libalias *la, struct ip *pip,
- struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create)
+ProtoAliasOut(struct libalias *la, struct ip *pip, struct in_addr ip_dst,
+ u_char ip_p, u_short *ip_sum, int create)
{
struct alias_link *lnk;
@@ -712,8 +712,7 @@
alias_address = GetAliasAddress(lnk);
/* Change source address */
- DifferentialChecksum(ip_sum,
- &alias_address, &pip->ip_src, 2);
+ DifferentialChecksum(ip_sum, &alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
return (PKT_ALIAS_OK);
@@ -738,9 +737,9 @@
if (dlen < ntohs(ud->uh_ulen))
return (PKT_ALIAS_IGNORED);
- lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
- ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
+ lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, ud->uh_sport,
+ ud->uh_dport, IPPROTO_UDP,
+ !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
if (lnk != NULL) {
struct in_addr alias_address;
struct in_addr original_address;
@@ -749,15 +748,13 @@
u_short proxy_port;
int accumulate;
int error;
- struct alias_data ad = {
- .lnk = lnk,
+ struct alias_data ad = { .lnk = lnk,
.oaddr = &original_address,
.aaddr = &alias_address,
.aport = &alias_port,
.sport = &ud->uh_sport,
.dport = &ud->uh_dport,
- .maxpktsize = 0
- };
+ .maxpktsize = 0 };
alias_address = GetAliasAddress(lnk);
original_address = GetOriginalAddress(lnk);
@@ -783,33 +780,33 @@
/* If this is a proxy packet, modify checksum
* because of source change.*/
- if (proxy_port != 0) {
- accumulate += ud->uh_sport;
- accumulate -= proxy_port;
- }
+ if (proxy_port != 0) {
+ accumulate += ud->uh_sport;
+ accumulate -= proxy_port;
+ }
- if (proxy_address.s_addr != 0) {
+ if (proxy_address.s_addr != 0) {
accumulate += twowords(&pip->ip_src);
accumulate -= twowords(&proxy_address);
- }
+ }
ADJUST_CHECKSUM(accumulate, ud->uh_sum);
}
/* XXX: Could the two if's below be concatenated to one ? */
/* Restore source port and/or address in case of proxying*/
- if (proxy_port != 0)
- ud->uh_sport = proxy_port;
+ if (proxy_port != 0)
+ ud->uh_sport = proxy_port;
- if (proxy_address.s_addr != 0) {
- DifferentialChecksum(&pip->ip_sum,
- &proxy_address, &pip->ip_src, 2);
- pip->ip_src = proxy_address;
- }
+ if (proxy_address.s_addr != 0) {
+ DifferentialChecksum(&pip->ip_sum, &proxy_address,
+ &pip->ip_src, 2);
+ pip->ip_src = proxy_address;
+ }
/* Restore original IP address */
- DifferentialChecksum(&pip->ip_sum,
- &original_address, &pip->ip_dst, 2);
+ DifferentialChecksum(&pip->ip_sum, &original_address,
+ &pip->ip_dst, 2);
pip->ip_dst = original_address;
return (PKT_ALIAS_OK);
@@ -841,9 +838,8 @@
if (dlen < ntohs(ud->uh_ulen))
return (PKT_ALIAS_IGNORED);
- proxy_type = ProxyCheck(la, &proxy_server_address,
- &proxy_server_port, pip->ip_src, pip->ip_dst,
- ud->uh_dport, pip->ip_p);
+ proxy_type = ProxyCheck(la, &proxy_server_address, &proxy_server_port,
+ pip->ip_src, pip->ip_dst, ud->uh_dport, pip->ip_p);
if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
return (PKT_ALIAS_OK);
@@ -853,48 +849,45 @@
dest_address = pip->ip_dst;
if (proxy_type != 0) {
- int accumulate;
+ int accumulate;
accumulate = twowords(&pip->ip_dst);
accumulate -= twowords(&proxy_server_address);
- ADJUST_CHECKSUM(accumulate, pip->ip_sum);
+ ADJUST_CHECKSUM(accumulate, pip->ip_sum);
if (ud->uh_sum != 0) {
accumulate = twowords(&pip->ip_dst);
accumulate -= twowords(&proxy_server_address);
- accumulate += ud->uh_dport;
- accumulate -= proxy_server_port;
- ADJUST_CHECKSUM(accumulate, ud->uh_sum);
+ accumulate += ud->uh_dport;
+ accumulate -= proxy_server_port;
+ ADJUST_CHECKSUM(accumulate, ud->uh_sum);
}
- pip->ip_dst = proxy_server_address;
- ud->uh_dport = proxy_server_port;
+ pip->ip_dst = proxy_server_address;
+ ud->uh_dport = proxy_server_port;
}
- lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
- ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, create);
+ lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, ud->uh_sport,
+ ud->uh_dport, IPPROTO_UDP, create);
if (lnk != NULL) {
u_short alias_port;
struct in_addr alias_address;
- struct alias_data ad = {
- .lnk = lnk,
+ struct alias_data ad = { .lnk = lnk,
.oaddr = NULL,
.aaddr = &alias_address,
.aport = &alias_port,
.sport = &ud->uh_sport,
.dport = &ud->uh_dport,
- .maxpktsize = 0
- };
+ .maxpktsize = 0 };
/* Save original destination address, if this is a proxy packet.
* Also modify packet to include destination encoding. This may
* change the size of IP header. */
if (proxy_type != 0) {
- SetProxyPort(lnk, dest_port);
- SetProxyAddress(lnk, dest_address);
- ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
- ud = (struct udphdr *)ip_next(pip);
- }
+ SetProxyPort(lnk, dest_port);
+ SetProxyAddress(lnk, dest_address);
+ ProxyModify(la, lnk, pip, maxpacketsize, proxy_type);
+ ud = (struct udphdr *)ip_next(pip);
+ }
alias_address = GetAliasAddress(lnk);
alias_port = GetAliasPort(lnk);
@@ -917,8 +910,8 @@
ud->uh_sport = alias_port;
/* Change source address */
- DifferentialChecksum(&pip->ip_sum,
- &alias_address, &pip->ip_src, 2);
+ DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src,
+ 2);
pip->ip_src = alias_address;
return (PKT_ALIAS_OK);
@@ -940,9 +933,8 @@
return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
- lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
- tc->th_sport, tc->th_dport,
- IPPROTO_TCP,
+ lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst, tc->th_sport,
+ tc->th_dport, IPPROTO_TCP,
!(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
if (lnk != NULL) {
struct in_addr alias_address;
@@ -958,15 +950,13 @@
* packet and not the original one looks below [*].
*/
- struct alias_data ad = {
- .lnk = lnk,
+ struct alias_data ad = { .lnk = lnk,
.oaddr = NULL,
.aaddr = NULL,
.aport = NULL,
.sport = &tc->th_sport,
.dport = &tc->th_dport,
- .maxpktsize = 0
- };
+ .maxpktsize = 0 };
/* Walk out chain. */
error = find_handler(IN, TCP, la, pip, &ad);
@@ -1074,8 +1064,8 @@
if (create)
proxy_type = ProxyCheck(la, &proxy_server_address,
- &proxy_server_port, pip->ip_src, pip->ip_dst,
- tc->th_dport, pip->ip_p);
+ &proxy_server_port, pip->ip_src, pip->ip_dst, tc->th_dport,
+ pip->ip_p);
else
proxy_type = 0;
@@ -1101,24 +1091,21 @@
accumulate -= twowords(&pip->ip_dst);
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
}
- lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
- tc->th_sport, tc->th_dport,
- IPPROTO_TCP, create);
+ lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, tc->th_sport,
+ tc->th_dport, IPPROTO_TCP, create);
if (lnk == NULL)
return (PKT_ALIAS_IGNORED);
if (lnk != NULL) {
u_short alias_port;
struct in_addr alias_address;
int accumulate;
- struct alias_data ad = {
- .lnk = lnk,
+ struct alias_data ad = { .lnk = lnk,
.oaddr = NULL,
.aaddr = &alias_address,
.aport = &alias_port,
.sport = &tc->th_sport,
.dport = &tc->th_dport,
- .maxpktsize = maxpacketsize
- };
+ .maxpktsize = maxpacketsize };
/* Save original destination address, if this is a proxy packet.
* Also modify packet to include destination
@@ -1187,10 +1174,9 @@
*/
/* Local prototypes */
-static int FragmentIn(struct libalias *la, struct in_addr ip_src,
- struct ip *pip, u_short ip_id, u_short *ip_sum);
-static int FragmentOut(struct libalias *, struct ip *pip,
- u_short *ip_sum);
+static int FragmentIn(struct libalias *la, struct in_addr ip_src,
+ struct ip *pip, u_short ip_id, u_short *ip_sum);
+static int FragmentOut(struct libalias *, struct ip *pip, u_short *ip_sum);
static int
FragmentIn(struct libalias *la, struct in_addr ip_src, struct ip *pip,
@@ -1204,8 +1190,8 @@
struct in_addr original_address;
GetFragmentAddr(lnk, &original_address);
- DifferentialChecksum(ip_sum,
- &original_address, &pip->ip_dst, 2);
+ DifferentialChecksum(ip_sum, &original_address, &pip->ip_dst,
+ 2);
pip->ip_dst = original_address;
return (PKT_ALIAS_OK);
@@ -1220,8 +1206,7 @@
LIBALIAS_LOCK_ASSERT(la);
alias_address = FindAliasAddress(la, pip->ip_src);
- DifferentialChecksum(ip_sum,
- &alias_address, &pip->ip_src, 2);
+ DifferentialChecksum(ip_sum, &alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
return (PKT_ALIAS_OK);
@@ -1258,7 +1243,7 @@
return (iresult);
}
-void *
+void *
LibAliasGetFragment(struct libalias *la, void *ptr)
{
struct alias_link *lnk;
@@ -1271,7 +1256,7 @@
if (lnk != NULL) {
GetFragmentPtr(lnk, &fptr);
SetFragmentPtr(lnk, NULL);
- SetExpire(lnk, 0); /* Deletes link */
+ SetExpire(lnk, 0); /* Deletes link */
} else
fptr = NULL;
@@ -1281,8 +1266,8 @@
void
LibAliasFragmentIn(struct libalias *la,
- void *ptr, /* Points to correctly de-aliased header fragment */
- void *ptr_fragment /* fragment which must be de-aliased */
+ void *ptr, /* Points to correctly de-aliased header fragment */
+ void *ptr_fragment /* fragment which must be de-aliased */
)
{
struct ip *pip;
@@ -1293,18 +1278,15 @@
pip = (struct ip *)ptr;
fpip = (struct ip *)ptr_fragment;
- DifferentialChecksum(&fpip->ip_sum,
- &pip->ip_dst, &fpip->ip_dst, 2);
+ DifferentialChecksum(&fpip->ip_sum, &pip->ip_dst, &fpip->ip_dst, 2);
fpip->ip_dst = pip->ip_dst;
LIBALIAS_UNLOCK(la);
}
/* Local prototypes */
-static int
-LibAliasOutLocked(struct libalias *la, struct ip *pip,
+static int LibAliasOutLocked(struct libalias *la, struct ip *pip,
int maxpacketsize, int create);
-static int
-LibAliasInLocked(struct libalias *la, struct ip *pip,
+static int LibAliasInLocked(struct libalias *la, struct ip *pip,
int maxpacketsize);
int
@@ -1335,8 +1317,8 @@
alias_addr = pip->ip_dst;
/* Defense against mangled packets */
- if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl << 2) > maxpacketsize) {
+ if (ntohs(pip->ip_len) > maxpacketsize ||
+ (pip->ip_hl << 2) > maxpacketsize) {
iresult = PKT_ALIAS_IGNORED;
goto getout;
}
@@ -1355,40 +1337,38 @@
break;
#ifdef _KERNEL
case IPPROTO_SCTP:
- iresult = SctpAlias(la, pip, SN_TO_LOCAL);
+ iresult = SctpAlias(la, pip, SN_TO_LOCAL);
break;
#endif
- case IPPROTO_GRE: {
+ case IPPROTO_GRE: {
int error;
- struct alias_data ad = {
- .lnk = NULL,
+ struct alias_data ad = { .lnk = NULL,
.oaddr = NULL,
.aaddr = NULL,
.aport = NULL,
.sport = NULL,
.dport = NULL,
- .maxpktsize = 0
- };
+ .maxpktsize = 0 };
/* Walk out chain. */
error = find_handler(IN, IP, la, pip, &ad);
- if (error == 0)
+ if (error == 0)
iresult = PKT_ALIAS_OK;
else
- iresult = ProtoAliasIn(la, pip->ip_src,
- pip, pip->ip_p, &pip->ip_sum);
- }
- break;
+ iresult = ProtoAliasIn(la, pip->ip_src, pip,
+ pip->ip_p, &pip->ip_sum);
+ } break;
default:
- iresult = ProtoAliasIn(la, pip->ip_src, pip,
- pip->ip_p, &pip->ip_sum);
+ iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p,
+ &pip->ip_sum);
break;
}
if (ntohs(pip->ip_off) & IP_MF) {
struct alias_link *lnk;
- lnk = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id);
+ lnk = FindFragmentIn1(la, pip->ip_src, alias_addr,
+ pip->ip_id);
if (lnk != NULL) {
iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT;
SetFragmentAddr(lnk, pip->ip_dst);
@@ -1446,10 +1426,10 @@
}
static int
-LibAliasOutLocked(struct libalias *la,
- struct ip *pip, /* valid IP packet */
- int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline changes) */
- int create /* Create new entries ? */
+LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */
+ int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline
+ changes) */
+ int create /* Create new entries ? */
)
{
int iresult;
@@ -1465,8 +1445,8 @@
ClearCheckNewLink(la);
/* Defense against mangled packets */
- if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl << 2) > maxpacketsize) {
+ if (ntohs(pip->ip_len) > maxpacketsize ||
+ (pip->ip_hl << 2) > maxpacketsize) {
iresult = PKT_ALIAS_IGNORED;
goto getout;
}
@@ -1481,11 +1461,14 @@
addr = ntohl(pip->ip_src.s_addr);
if (addr >= UNREG_ADDR_C_LOWER && addr <= UNREG_ADDR_C_UPPER)
iclass = 3;
- else if (addr >= UNREG_ADDR_B_LOWER && addr <= UNREG_ADDR_B_UPPER)
+ else if (addr >= UNREG_ADDR_B_LOWER &&
+ addr <= UNREG_ADDR_B_UPPER)
iclass = 2;
- else if (addr >= UNREG_ADDR_A_LOWER && addr <= UNREG_ADDR_A_UPPER)
+ else if (addr >= UNREG_ADDR_A_LOWER &&
+ addr <= UNREG_ADDR_A_UPPER)
iclass = 1;
- else if (addr >= UNREG_ADDR_CGN_LOWER && addr <= UNREG_ADDR_CGN_UPPER &&
+ else if (addr >= UNREG_ADDR_CGN_LOWER &&
+ addr <= UNREG_ADDR_CGN_UPPER &&
la->packetAliasMode & PKT_ALIAS_UNREGISTERED_CGN)
iclass = 4;
@@ -1509,32 +1492,29 @@
break;
#ifdef _KERNEL
case IPPROTO_SCTP:
- iresult = SctpAlias(la, pip, SN_TO_GLOBAL);
+ iresult = SctpAlias(la, pip, SN_TO_GLOBAL);
break;
#endif
case IPPROTO_GRE: {
int error;
- struct alias_data ad = {
- .lnk = NULL,
+ struct alias_data ad = { .lnk = NULL,
.oaddr = NULL,
.aaddr = NULL,
.aport = NULL,
.sport = NULL,
.dport = NULL,
- .maxpktsize = 0
- };
+ .maxpktsize = 0 };
/* Walk out chain. */
error = find_handler(OUT, IP, la, pip, &ad);
if (error == 0)
- iresult = PKT_ALIAS_OK;
- else
- iresult = ProtoAliasOut(la, pip,
- pip->ip_dst, pip->ip_p, &pip->ip_sum, create);
- }
- break;
+ iresult = PKT_ALIAS_OK;
+ else
+ iresult = ProtoAliasOut(la, pip, pip->ip_dst,
+ pip->ip_p, &pip->ip_sum, create);
+ } break;
default:
- iresult = ProtoAliasOut(la, pip,
- pip->ip_dst, pip->ip_p, &pip->ip_sum, create);
+ iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p,
+ &pip->ip_sum, create);
break;
}
} else {
@@ -1547,9 +1527,8 @@
}
int
-LibAliasUnaliasOut(struct libalias *la,
- void *ptr, /* valid IP packet */
- int maxpacketsize /* for error checking */
+LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */
+ int maxpacketsize /* for error checking */
)
{
struct ip *pip;
@@ -1563,8 +1542,8 @@
pip = (struct ip *)ptr;
/* Defense against mangled packets */
- if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl << 2) > maxpacketsize)
+ if (ntohs(pip->ip_len) > maxpacketsize ||
+ (pip->ip_hl << 2) > maxpacketsize)
goto getout;
ud = (struct udphdr *)ip_next(pip);
@@ -1573,13 +1552,11 @@
/* Find a link */
if (pip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
- ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
+ lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, ud->uh_dport,
+ ud->uh_sport, IPPROTO_UDP, 0);
else if (pip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
- tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
+ lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src, tc->th_dport,
+ tc->th_sport, IPPROTO_TCP, 0);
else if (pip->ip_p == IPPROTO_ICMP)
lnk = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
else
@@ -1610,8 +1587,8 @@
}
/* Adjust IP checksum */
- DifferentialChecksum(&pip->ip_sum,
- &original_address, &pip->ip_src, 2);
+ DifferentialChecksum(&pip->ip_sum, &original_address,
+ &pip->ip_src, 2);
/* Un-alias source address and port number */
pip->ip_src = original_address;
@@ -1638,8 +1615,8 @@
ADJUST_CHECKSUM(accumulate, ic->icmp_cksum);
/* Adjust IP checksum */
- DifferentialChecksum(&pip->ip_sum,
- &original_address, &pip->ip_src, 2);
+ DifferentialChecksum(&pip->ip_sum, &original_address,
+ &pip->ip_src, 2);
/* Un-alias source address and port number */
pip->ip_src = original_address;
@@ -1651,7 +1628,6 @@
getout:
LIBALIAS_UNLOCK(la);
return (iresult);
-
}
#ifndef _KERNEL
@@ -1672,7 +1648,7 @@
for (;;) {
fgets(buf, 256, fd);
if (feof(fd))
- break;
+ break;
len = strlen(buf);
if (len > 1) {
for (i = 0; i < len; i++)
@@ -1694,20 +1670,20 @@
struct dll *t;
void *handle;
struct proto_handler *m;
- const char *error;
+ const char *error;
moduledata_t *p;
- handle = dlopen (path, RTLD_LAZY);
- if (!handle) {
+ handle = dlopen(path, RTLD_LAZY);
+ if (!handle) {
fprintf(stderr, "%s\n", dlerror());
return (EINVAL);
- }
+ }
p = dlsym(handle, "alias_mod");
- if ((error = dlerror()) != NULL) {
+ if ((error = dlerror()) != NULL) {
fprintf(stderr, "%s\n", dlerror());
return (EINVAL);
- }
+ }
t = malloc(sizeof(struct dll));
if (t == NULL)
@@ -1720,8 +1696,8 @@
return (EEXIST);
}
- m = dlsym(t->handle, "handlers");
- if ((error = dlerror()) != NULL) {
+ m = dlsym(t->handle, "handlers");
+ if ((error = dlerror()) != NULL) {
fprintf(stderr, "%s\n", error);
return (EINVAL);
}
Index: sys/netinet/libalias/alias_db.c
===================================================================
--- sys/netinet/libalias/alias_db.c
+++ sys/netinet/libalias/alias_db.c
@@ -144,31 +144,34 @@
*/
#ifdef _KERNEL
-#include <machine/stdarg.h>
#include <sys/param.h>
-#include <sys/kernel.h>
#include <sys/systm.h>
+#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/module.h>
#include <sys/rwlock.h>
#include <sys/syslog.h>
+
+#include <machine/stdarg.h>
#else
-#include <stdarg.h>
-#include <stdlib.h>
-#include <stdio.h>
#include <sys/errno.h>
#include <sys/time.h>
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
#include <unistd.h>
#endif
#include <sys/socket.h>
+
#include <netinet/tcp.h>
#ifdef _KERNEL
+#include <net/if.h>
#include <netinet/libalias/alias.h>
#include <netinet/libalias/alias_local.h>
#include <netinet/libalias/alias_mod.h>
-#include <net/if.h>
#else
#include "alias.h"
#include "alias_local.h"
@@ -184,45 +187,45 @@
/* Parameters used for cleanup of expired links */
/* NOTE: ALIAS_CLEANUP_INTERVAL_SECS must be less then LINK_TABLE_OUT_SIZE */
-#define ALIAS_CLEANUP_INTERVAL_SECS 64
-#define ALIAS_CLEANUP_MAX_SPOKES (LINK_TABLE_OUT_SIZE/5)
+#define ALIAS_CLEANUP_INTERVAL_SECS 64
+#define ALIAS_CLEANUP_MAX_SPOKES (LINK_TABLE_OUT_SIZE / 5)
/* Timeouts (in seconds) for different link types */
-#define ICMP_EXPIRE_TIME 60
-#define UDP_EXPIRE_TIME 60
-#define PROTO_EXPIRE_TIME 60
-#define FRAGMENT_ID_EXPIRE_TIME 10
-#define FRAGMENT_PTR_EXPIRE_TIME 30
+#define ICMP_EXPIRE_TIME 60
+#define UDP_EXPIRE_TIME 60
+#define PROTO_EXPIRE_TIME 60
+#define FRAGMENT_ID_EXPIRE_TIME 10
+#define FRAGMENT_PTR_EXPIRE_TIME 30
/* TCP link expire time for different cases */
/* When the link has been used and closed - minimal grace time to
allow ACKs and potential re-connect in FTP (XXX - is this allowed?) */
#ifndef TCP_EXPIRE_DEAD
-#define TCP_EXPIRE_DEAD 10
+#define TCP_EXPIRE_DEAD 10
#endif
/* When the link has been used and closed on one side - the other side
is allowed to still send data */
#ifndef TCP_EXPIRE_SINGLEDEAD
-#define TCP_EXPIRE_SINGLEDEAD 90
+#define TCP_EXPIRE_SINGLEDEAD 90
#endif
/* When the link isn't yet up */
#ifndef TCP_EXPIRE_INITIAL
-#define TCP_EXPIRE_INITIAL 300
+#define TCP_EXPIRE_INITIAL 300
#endif
/* When the link is up */
#ifndef TCP_EXPIRE_CONNECTED
-#define TCP_EXPIRE_CONNECTED 86400
+#define TCP_EXPIRE_CONNECTED 86400
#endif
/* Dummy port number codes used for FindLinkIn/Out() and AddLink().
These constants can be anything except zero, which indicates an
unknown port number. */
-#define NO_DEST_PORT 1
-#define NO_SRC_PORT 1
+#define NO_DEST_PORT 1
+#define NO_SRC_PORT 1
/* Data Structures
@@ -253,83 +256,83 @@
/* used to save changes to ACK/sequence numbers */
struct ack_data_record {
- u_long ack_old;
- u_long ack_new;
- int delta;
- int active;
+ u_long ack_old;
+ u_long ack_new;
+ int delta;
+ int active;
};
/* Information about TCP connection */
struct tcp_state {
- int in; /* State for outside -> inside */
- int out; /* State for inside -> outside */
- int index; /* Index to ACK data array */
+ int in; /* State for outside -> inside */
+ int out; /* State for inside -> outside */
+ int index; /* Index to ACK data array */
/* Indicates whether ACK and sequence numbers been modified */
- int ack_modified;
+ int ack_modified;
};
/* Number of distinct ACK number changes
* saved for a modified TCP stream */
-#define N_LINK_TCP_DATA 3
+#define N_LINK_TCP_DATA 3
struct tcp_dat {
struct tcp_state state;
struct ack_data_record ack[N_LINK_TCP_DATA];
/* Which firewall record is used for this hole? */
- int fwhole;
+ int fwhole;
};
/* LSNAT server pool (circular list) */
struct server {
- struct in_addr addr;
- u_short port;
- struct server *next;
+ struct in_addr addr;
+ u_short port;
+ struct server *next;
};
/* Main data structure */
struct alias_link {
struct libalias *la;
/* Address and port information */
- struct in_addr src_addr;
- struct in_addr dst_addr;
- struct in_addr alias_addr;
- struct in_addr proxy_addr;
- u_short src_port;
- u_short dst_port;
- u_short alias_port;
- u_short proxy_port;
- struct server *server;
+ struct in_addr src_addr;
+ struct in_addr dst_addr;
+ struct in_addr alias_addr;
+ struct in_addr proxy_addr;
+ u_short src_port;
+ u_short dst_port;
+ u_short alias_port;
+ u_short proxy_port;
+ struct server *server;
/* Type of link: TCP, UDP, ICMP, proto, frag */
- int link_type;
+ int link_type;
/* values for link_type */
-#define LINK_ICMP IPPROTO_ICMP
-#define LINK_UDP IPPROTO_UDP
-#define LINK_TCP IPPROTO_TCP
-#define LINK_FRAGMENT_ID (IPPROTO_MAX + 1)
-#define LINK_FRAGMENT_PTR (IPPROTO_MAX + 2)
-#define LINK_ADDR (IPPROTO_MAX + 3)
-#define LINK_PPTP (IPPROTO_MAX + 4)
-
- int flags; /* indicates special characteristics */
- int pflags; /* protocol-specific flags */
+#define LINK_ICMP IPPROTO_ICMP
+#define LINK_UDP IPPROTO_UDP
+#define LINK_TCP IPPROTO_TCP
+#define LINK_FRAGMENT_ID (IPPROTO_MAX + 1)
+#define LINK_FRAGMENT_PTR (IPPROTO_MAX + 2)
+#define LINK_ADDR (IPPROTO_MAX + 3)
+#define LINK_PPTP (IPPROTO_MAX + 4)
+
+ int flags; /* indicates special characteristics */
+ int pflags; /* protocol-specific flags */
/* flag bits */
-#define LINK_UNKNOWN_DEST_PORT 0x01
-#define LINK_UNKNOWN_DEST_ADDR 0x02
-#define LINK_PERMANENT 0x04
-#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */
-#define LINK_UNFIREWALLED 0x08
-
- int timestamp; /* Time link was last accessed */
- int expire_time; /* Expire time for link */
-#ifndef NO_USE_SOCKETS
- int sockfd; /* socket descriptor */
+#define LINK_UNKNOWN_DEST_PORT 0x01
+#define LINK_UNKNOWN_DEST_ADDR 0x02
+#define LINK_PERMANENT 0x04
+#define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */
+#define LINK_UNFIREWALLED 0x08
+
+ int timestamp; /* Time link was last accessed */
+ int expire_time; /* Expire time for link */
+#ifndef NO_USE_SOCKETS
+ int sockfd; /* socket descriptor */
#endif
/* Linked list of pointers for input and output lookup tables */
- LIST_ENTRY (alias_link) list_out;
- LIST_ENTRY (alias_link) list_in;
+ LIST_ENTRY(alias_link) list_out;
+ LIST_ENTRY(alias_link) list_in;
/* Auxiliary data */
union {
- char *frag_ptr;
- struct in_addr frag_addr;
+ char *frag_ptr;
+ struct in_addr frag_addr;
struct tcp_dat *tcp;
} data;
};
@@ -338,7 +341,7 @@
static void finishoff(void);
/* Kernel module definition. */
-#ifdef _KERNEL
+#ifdef _KERNEL
MALLOC_DEFINE(M_ALIAS, "libalias", "packet aliasing");
MODULE_VERSION(libalias, 1);
@@ -349,7 +352,7 @@
switch (type) {
case MOD_QUIESCE:
case MOD_UNLOAD:
- finishoff();
+ finishoff();
case MOD_LOAD:
return (0);
default:
@@ -357,9 +360,7 @@
}
}
-static moduledata_t alias_mod = {
- "alias", alias_mod_handler, NULL
-};
+static moduledata_t alias_mod = { "alias", alias_mod_handler, NULL };
DECLARE_MODULE(alias, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
#endif
@@ -378,33 +379,30 @@
*/
/* Local prototypes */
-static u_int StartPointIn(struct in_addr, u_short, int);
+static u_int StartPointIn(struct in_addr, u_short, int);
-static u_int
-StartPointOut(struct in_addr, struct in_addr,
- u_short, u_short, int);
+static u_int StartPointOut(struct in_addr, struct in_addr, u_short, u_short,
+ int);
-static int SeqDiff(u_long, u_long);
+static int SeqDiff(u_long, u_long);
#ifndef NO_FW_PUNCH
/* Firewall control */
-static void InitPunchFW(struct libalias *);
-static void UninitPunchFW(struct libalias *);
-static void ClearFWHole(struct alias_link *);
+static void InitPunchFW(struct libalias *);
+static void UninitPunchFW(struct libalias *);
+static void ClearFWHole(struct alias_link *);
#endif
/* Log file control */
-static void ShowAliasStats(struct libalias *);
-static int InitPacketAliasLog(struct libalias *);
-static void UninitPacketAliasLog(struct libalias *);
+static void ShowAliasStats(struct libalias *);
+static int InitPacketAliasLog(struct libalias *);
+static void UninitPacketAliasLog(struct libalias *);
-void SctpShowAliasStats(struct libalias *la);
+void SctpShowAliasStats(struct libalias *la);
static u_int
-StartPointIn(struct in_addr alias_addr,
- u_short alias_port,
- int link_type)
+StartPointIn(struct in_addr alias_addr, u_short alias_port, int link_type)
{
u_int n;
@@ -435,10 +433,10 @@
static int
SeqDiff(u_long x, u_long y)
{
-/* Return the difference between two TCP sequence numbers
- * This function is encapsulated in case there are any unusual
- * arithmetic conditions that need to be considered.
- */
+ /* Return the difference between two TCP sequence numbers
+ * This function is encapsulated in case there are any unusual
+ * arithmetic conditions that need to be considered.
+ */
return (ntohl(y) - ntohl(x));
}
@@ -471,30 +469,27 @@
LIBALIAS_LOCK_ASSERT(la);
/* Used for debugging */
if (la->logDesc) {
- int tot = la->icmpLinkCount + la->udpLinkCount +
- (la->sctpLinkCount>>1) + /* sctp counts half associations */
- la->tcpLinkCount + la->pptpLinkCount +
- la->protoLinkCount + la->fragmentIdLinkCount +
- la->fragmentPtrLinkCount;
+ int tot = la->icmpLinkCount + la->udpLinkCount +
+ (la->sctpLinkCount >>
+ 1) + /* sctp counts half associations */
+ la->tcpLinkCount +
+ la->pptpLinkCount + la->protoLinkCount +
+ la->fragmentIdLinkCount + la->fragmentPtrLinkCount;
AliasLog(la->logDesc,
"icmp=%u, udp=%u, tcp=%u, sctp=%u, pptp=%u, proto=%u, frag_id=%u frag_ptr=%u / tot=%u",
- la->icmpLinkCount,
- la->udpLinkCount,
- la->tcpLinkCount,
- la->sctpLinkCount>>1, /* sctp counts half associations */
- la->pptpLinkCount,
- la->protoLinkCount,
- la->fragmentIdLinkCount,
- la->fragmentPtrLinkCount,
- tot);
+ la->icmpLinkCount, la->udpLinkCount, la->tcpLinkCount,
+ la->sctpLinkCount >> 1, /* sctp counts half associations */
+ la->pptpLinkCount, la->protoLinkCount,
+ la->fragmentIdLinkCount, la->fragmentPtrLinkCount, tot);
#ifndef _KERNEL
AliasLog(la->logDesc, " (sock=%u)\n", la->sockCount);
#endif
}
}
-void SctpShowAliasStats(struct libalias *la)
+void
+SctpShowAliasStats(struct libalias *la)
{
ShowAliasStats(la);
}
@@ -521,31 +516,29 @@
*/
/* Local prototypes */
-static int GetNewPort(struct libalias *, struct alias_link *, int);
-#ifndef NO_USE_SOCKETS
-static u_short GetSocket(struct libalias *, u_short, int *, int);
+static int GetNewPort(struct libalias *, struct alias_link *, int);
+#ifndef NO_USE_SOCKETS
+static u_short GetSocket(struct libalias *, u_short, int *, int);
#endif
-static void CleanupAliasData(struct libalias *);
-static void IncrementalCleanup(struct libalias *);
-static void DeleteLink(struct alias_link *);
+static void CleanupAliasData(struct libalias *);
+static void IncrementalCleanup(struct libalias *);
+static void DeleteLink(struct alias_link *);
-static struct alias_link *
-ReLink(struct alias_link *,
- struct in_addr, struct in_addr, struct in_addr,
- u_short, u_short, int, int);
+static struct alias_link *ReLink(struct alias_link *, struct in_addr,
+ struct in_addr, struct in_addr, u_short, u_short, int, int);
-static struct alias_link *
-FindLinkOut(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int);
+static struct alias_link *FindLinkOut(struct libalias *, struct in_addr,
+ struct in_addr, u_short, u_short, int, int);
-static struct alias_link *
-FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int);
+static struct alias_link *FindLinkIn(struct libalias *, struct in_addr,
+ struct in_addr, u_short, u_short, int, int);
-#define ALIAS_PORT_BASE 0x08000
-#define ALIAS_PORT_MASK 0x07fff
-#define ALIAS_PORT_MASK_EVEN 0x07ffe
-#define GET_NEW_PORT_MAX_ATTEMPTS 20
+#define ALIAS_PORT_BASE 0x08000
+#define ALIAS_PORT_MASK 0x07fff
+#define ALIAS_PORT_MASK_EVEN 0x07ffe
+#define GET_NEW_PORT_MAX_ATTEMPTS 20
-#define FIND_EVEN_ALIAS_BASE 1
+#define FIND_EVEN_ALIAS_BASE 1
/* GetNewPort() allocates port numbers. Note that if a port number
is already in use, that does not mean that it cannot be used by
@@ -587,7 +580,8 @@
port_net = lnk->src_port;
port_sys = ntohs(port_net);
} else if (la->aliasPortLower) {
- /* First trial is a random port in the aliasing range. */
+ /* First trial is a random port in the aliasing range.
+ */
port_sys = la->aliasPortLower +
(arc4random() % la->aliasPortLength);
port_net = htons(port_sys);
@@ -598,7 +592,7 @@
port_net = htons(port_sys);
}
} else if (alias_port_param >= 0 && alias_port_param < 0x10000) {
- lnk->alias_port = (u_short) alias_port_param;
+ lnk->alias_port = (u_short)alias_port_param;
return (0);
} else {
#ifdef LIBALIAS_DEBUG
@@ -614,24 +608,24 @@
struct alias_link *search_result;
search_result = FindLinkIn(la, lnk->dst_addr, lnk->alias_addr,
- lnk->dst_port, port_net,
- lnk->link_type, 0);
+ lnk->dst_port, port_net, lnk->link_type, 0);
if (search_result == NULL)
go_ahead = 1;
- else if (!(lnk->flags & LINK_PARTIALLY_SPECIFIED)
- && (search_result->flags & LINK_PARTIALLY_SPECIFIED))
+ else if (!(lnk->flags & LINK_PARTIALLY_SPECIFIED) &&
+ (search_result->flags & LINK_PARTIALLY_SPECIFIED))
go_ahead = 1;
else
go_ahead = 0;
if (go_ahead) {
-#ifndef NO_USE_SOCKETS
- if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS)
- && (lnk->flags & LINK_PARTIALLY_SPECIFIED)
- && ((lnk->link_type == LINK_TCP) ||
- (lnk->link_type == LINK_UDP))) {
- if (GetSocket(la, port_net, &lnk->sockfd, lnk->link_type)) {
+#ifndef NO_USE_SOCKETS
+ if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS) &&
+ (lnk->flags & LINK_PARTIALLY_SPECIFIED) &&
+ ((lnk->link_type == LINK_TCP) ||
+ (lnk->link_type == LINK_UDP))) {
+ if (GetSocket(la, port_net, &lnk->sockfd,
+ lnk->link_type)) {
lnk->alias_port = port_net;
return (0);
}
@@ -639,7 +633,7 @@
#endif
lnk->alias_port = port_net;
return (0);
-#ifndef NO_USE_SOCKETS
+#ifndef NO_USE_SOCKETS
}
#endif
}
@@ -662,8 +656,8 @@
return (-1);
}
-#ifndef NO_USE_SOCKETS
-static u_short
+#ifndef NO_USE_SOCKETS
+static u_short
GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type)
{
int err;
@@ -694,9 +688,7 @@
sock_addr.sin_addr.s_addr = htonl(INADDR_ANY);
sock_addr.sin_port = port_net;
- err = bind(sock,
- (struct sockaddr *)&sock_addr,
- sizeof(sock_addr));
+ err = bind(sock, (struct sockaddr *)&sock_addr, sizeof(sock_addr));
if (err == 0) {
la->sockCount++;
*sockfd = sock;
@@ -715,14 +707,9 @@
looks for unused triplets: (dest addr, dest port, alias port). */
int
-FindNewPortGroup(struct libalias *la,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short src_port,
- u_short dst_port,
- u_short port_count,
- u_char proto,
- u_char align)
+FindNewPortGroup(struct libalias *la, struct in_addr dst_addr,
+ struct in_addr alias_addr, u_short src_port, u_short dst_port,
+ u_short port_count, u_char proto, u_char align)
{
int i, j;
int max_trials;
@@ -776,8 +763,8 @@
for (j = 0; j < port_count; j++)
if ((search_result = FindLinkIn(la, dst_addr,
- alias_addr, dst_port, htons(port_sys + j),
- link_type, 0)) != NULL)
+ alias_addr, dst_port, htons(port_sys + j),
+ link_type, 0)) != NULL)
break;
/* Found a good range, return base */
@@ -826,8 +813,8 @@
struct alias_link *lnk, *lnk_tmp;
LIBALIAS_LOCK_ASSERT(la);
- LIST_FOREACH_SAFE(lnk, &la->linkTableOut[la->cleanupIndex++],
- list_out, lnk_tmp) {
+ LIST_FOREACH_SAFE (lnk, &la->linkTableOut[la->cleanupIndex++], list_out,
+ lnk_tmp) {
if (la->timeStamp - lnk->timestamp > lnk->expire_time)
DeleteLink(lnk);
}
@@ -866,7 +853,7 @@
/* Adjust input table pointers */
LIST_REMOVE(lnk, list_in);
-#ifndef NO_USE_SOCKETS
+#ifndef NO_USE_SOCKETS
/* Close socket, if one has been allocated */
if (lnk->sockfd != -1) {
la->sockCount--;
@@ -934,7 +921,7 @@
lnk->proxy_port = 0;
lnk->server = NULL;
lnk->link_type = link_type;
-#ifndef NO_USE_SOCKETS
+#ifndef NO_USE_SOCKETS
lnk->sockfd = -1;
#endif
lnk->flags = 0;
@@ -953,7 +940,7 @@
lnk->expire_time = TCP_EXPIRE_INITIAL;
break;
case LINK_PPTP:
- lnk->flags |= LINK_PERMANENT; /* no timeout. */
+ lnk->flags |= LINK_PERMANENT; /* no timeout. */
break;
case LINK_FRAGMENT_ID:
lnk->expire_time = FRAGMENT_ID_EXPIRE_TIME;
@@ -995,8 +982,10 @@
int i;
la->tcpLinkCount++;
- aux_tcp->state.in = ALIAS_TCP_STATE_NOT_CONNECTED;
- aux_tcp->state.out = ALIAS_TCP_STATE_NOT_CONNECTED;
+ aux_tcp->state.in =
+ ALIAS_TCP_STATE_NOT_CONNECTED;
+ aux_tcp->state.out =
+ ALIAS_TCP_STATE_NOT_CONNECTED;
aux_tcp->state.index = 0;
aux_tcp->state.ack_modified = 0;
for (i = 0; i < N_LINK_TCP_DATA; i++)
@@ -1006,7 +995,8 @@
} else {
#ifdef LIBALIAS_DEBUG
fprintf(stderr, "PacketAlias/AddLink: ");
- fprintf(stderr, " cannot allocate auxiliary TCP data\n");
+ fprintf(stderr,
+ " cannot allocate auxiliary TCP data\n");
#endif
free(lnk);
return (NULL);
@@ -1029,12 +1019,13 @@
}
/* Set up pointers for output lookup table */
- start_point = StartPointOut(src_addr, dst_addr,
- src_port, dst_port, link_type);
+ start_point = StartPointOut(src_addr, dst_addr, src_port,
+ dst_port, link_type);
LIST_INSERT_HEAD(&la->linkTableOut[start_point], lnk, list_out);
/* Set up pointers for input lookup table */
- start_point = StartPointIn(alias_addr, lnk->alias_port, link_type);
+ start_point = StartPointIn(alias_addr, lnk->alias_port,
+ link_type);
LIST_INSERT_HEAD(&la->linkTableIn[start_point], lnk, list_in);
} else {
#ifdef LIBALIAS_DEBUG
@@ -1053,25 +1044,18 @@
* chosen. If greater than zero, equal to alias port
*/
static struct alias_link *
-ReLink(struct alias_link *old_lnk,
- struct in_addr src_addr,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short src_port,
- u_short dst_port,
- int alias_port_param,
- int link_type)
+ReLink(struct alias_link *old_lnk, struct in_addr src_addr,
+ struct in_addr dst_addr, struct in_addr alias_addr, u_short src_port,
+ u_short dst_port, int alias_port_param, int link_type)
{
struct alias_link *new_lnk;
struct libalias *la = old_lnk->la;
LIBALIAS_LOCK_ASSERT(la);
- new_lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, dst_port, alias_port_param,
- link_type);
+ new_lnk = AddLink(la, src_addr, dst_addr, alias_addr, src_port,
+ dst_port, alias_port_param, link_type);
#ifndef NO_FW_PUNCH
- if (new_lnk != NULL &&
- old_lnk->link_type == LINK_TCP &&
+ if (new_lnk != NULL && old_lnk->link_type == LINK_TCP &&
old_lnk->data.tcp->fwhole > 0) {
PunchFWHole(new_lnk);
}
@@ -1082,10 +1066,7 @@
static struct alias_link *
_FindLinkOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short dst_port,
- int link_type,
+ struct in_addr dst_addr, u_short src_port, u_short dst_port, int link_type,
int replace_partial_links)
{
u_int i;
@@ -1093,13 +1074,11 @@
LIBALIAS_LOCK_ASSERT(la);
i = StartPointOut(src_addr, dst_addr, src_port, dst_port, link_type);
- LIST_FOREACH(lnk, &la->linkTableOut[i], list_out) {
+ LIST_FOREACH (lnk, &la->linkTableOut[i], list_out) {
if (lnk->dst_addr.s_addr == dst_addr.s_addr &&
lnk->src_addr.s_addr == src_addr.s_addr &&
- lnk->src_port == src_port &&
- lnk->dst_port == dst_port &&
- lnk->link_type == link_type &&
- lnk->server == NULL) {
+ lnk->src_port == src_port && lnk->dst_port == dst_port &&
+ lnk->link_type == link_type && lnk->server == NULL) {
lnk->timestamp = la->timeStamp;
break;
}
@@ -1111,19 +1090,18 @@
lnk = _FindLinkOut(la, src_addr, dst_addr, src_port, 0,
link_type, 0);
if (lnk == NULL)
- lnk = _FindLinkOut(la, src_addr, la->nullAddress, src_port,
- dst_port, link_type, 0);
+ lnk = _FindLinkOut(la, src_addr,
+ la->nullAddress, src_port, dst_port,
+ link_type, 0);
}
if (lnk == NULL &&
(dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) {
- lnk = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0,
- link_type, 0);
+ lnk = _FindLinkOut(la, src_addr, la->nullAddress,
+ src_port, 0, link_type, 0);
}
if (lnk != NULL) {
- lnk = ReLink(lnk,
- src_addr, dst_addr, lnk->alias_addr,
- src_port, dst_port, lnk->alias_port,
- link_type);
+ lnk = ReLink(lnk, src_addr, dst_addr, lnk->alias_addr,
+ src_port, dst_port, lnk->alias_port, link_type);
}
}
return (lnk);
@@ -1131,10 +1109,7 @@
static struct alias_link *
FindLinkOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short dst_port,
- int link_type,
+ struct in_addr dst_addr, u_short src_port, u_short dst_port, int link_type,
int replace_partial_links)
{
struct alias_link *lnk;
@@ -1152,8 +1127,9 @@
*/
if (la->aliasAddress.s_addr != INADDR_ANY &&
src_addr.s_addr == la->aliasAddress.s_addr) {
- lnk = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port,
- link_type, replace_partial_links);
+ lnk = _FindLinkOut(la, la->nullAddress, dst_addr,
+ src_port, dst_port, link_type,
+ replace_partial_links);
}
}
return (lnk);
@@ -1161,11 +1137,8 @@
static struct alias_link *
_FindLinkIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short dst_port,
- u_short alias_port,
- int link_type,
- int replace_partial_links)
+ struct in_addr alias_addr, u_short dst_port, u_short alias_port,
+ int link_type, int replace_partial_links)
{
int flags_in;
u_int start_point;
@@ -1192,40 +1165,40 @@
/* Search loop */
start_point = StartPointIn(alias_addr, alias_port, link_type);
- LIST_FOREACH(lnk, &la->linkTableIn[start_point], list_in) {
+ LIST_FOREACH (lnk, &la->linkTableIn[start_point], list_in) {
int flags;
flags = flags_in | lnk->flags;
if (!(flags & LINK_PARTIALLY_SPECIFIED)) {
- if (lnk->alias_addr.s_addr == alias_addr.s_addr
- && lnk->alias_port == alias_port
- && lnk->dst_addr.s_addr == dst_addr.s_addr
- && lnk->dst_port == dst_port
- && lnk->link_type == link_type) {
+ if (lnk->alias_addr.s_addr == alias_addr.s_addr &&
+ lnk->alias_port == alias_port &&
+ lnk->dst_addr.s_addr == dst_addr.s_addr &&
+ lnk->dst_port == dst_port &&
+ lnk->link_type == link_type) {
lnk_fully_specified = lnk;
break;
}
- } else if ((flags & LINK_UNKNOWN_DEST_ADDR)
- && (flags & LINK_UNKNOWN_DEST_PORT)) {
- if (lnk->alias_addr.s_addr == alias_addr.s_addr
- && lnk->alias_port == alias_port
- && lnk->link_type == link_type) {
+ } else if ((flags & LINK_UNKNOWN_DEST_ADDR) &&
+ (flags & LINK_UNKNOWN_DEST_PORT)) {
+ if (lnk->alias_addr.s_addr == alias_addr.s_addr &&
+ lnk->alias_port == alias_port &&
+ lnk->link_type == link_type) {
if (lnk_unknown_all == NULL)
lnk_unknown_all = lnk;
}
} else if (flags & LINK_UNKNOWN_DEST_ADDR) {
- if (lnk->alias_addr.s_addr == alias_addr.s_addr
- && lnk->alias_port == alias_port
- && lnk->link_type == link_type
- && lnk->dst_port == dst_port) {
+ if (lnk->alias_addr.s_addr == alias_addr.s_addr &&
+ lnk->alias_port == alias_port &&
+ lnk->link_type == link_type &&
+ lnk->dst_port == dst_port) {
if (lnk_unknown_dst_addr == NULL)
lnk_unknown_dst_addr = lnk;
}
} else if (flags & LINK_UNKNOWN_DEST_PORT) {
- if (lnk->alias_addr.s_addr == alias_addr.s_addr
- && lnk->alias_port == alias_port
- && lnk->link_type == link_type
- && lnk->dst_addr.s_addr == dst_addr.s_addr) {
+ if (lnk->alias_addr.s_addr == alias_addr.s_addr &&
+ lnk->alias_port == alias_port &&
+ lnk->link_type == link_type &&
+ lnk->dst_addr.s_addr == dst_addr.s_addr) {
if (lnk_unknown_dst_port == NULL)
lnk_unknown_dst_port = lnk;
}
@@ -1249,7 +1222,7 @@
struct in_addr src_addr;
u_short src_port;
- if (lnk->server != NULL) { /* LSNAT link */
+ if (lnk->server != NULL) { /* LSNAT link */
src_addr = lnk->server->addr;
src_port = lnk->server->port;
lnk->server = lnk->server->next;
@@ -1259,25 +1232,20 @@
}
if (link_type == LINK_SCTP) {
- lnk->src_addr = src_addr;
- lnk->src_port = src_port;
- return(lnk);
+ lnk->src_addr = src_addr;
+ lnk->src_port = src_port;
+ return (lnk);
}
- lnk = ReLink(lnk,
- src_addr, dst_addr, alias_addr,
- src_port, dst_port, alias_port,
- link_type);
+ lnk = ReLink(lnk, src_addr, dst_addr, alias_addr, src_port,
+ dst_port, alias_port, link_type);
}
return (lnk);
}
static struct alias_link *
FindLinkIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short dst_port,
- u_short alias_port,
- int link_type,
- int replace_partial_links)
+ struct in_addr alias_addr, u_short dst_port, u_short alias_port,
+ int link_type, int replace_partial_links)
{
struct alias_link *lnk;
@@ -1294,8 +1262,9 @@
*/
if (la->aliasAddress.s_addr != INADDR_ANY &&
alias_addr.s_addr == la->aliasAddress.s_addr) {
- lnk = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port,
- link_type, replace_partial_links);
+ lnk = _FindLinkIn(la, dst_addr, la->nullAddress,
+ dst_port, alias_port, link_type,
+ replace_partial_links);
}
}
return (lnk);
@@ -1319,66 +1288,56 @@
struct alias_link *
FindIcmpIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short id_alias,
- int create)
+ struct in_addr alias_addr, u_short id_alias, int create)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, id_alias,
+ lnk = FindLinkIn(la, dst_addr, alias_addr, NO_DEST_PORT, id_alias,
LINK_ICMP, 0);
- if (lnk == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
+ if (lnk == NULL && create &&
+ !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
struct in_addr target_addr;
target_addr = FindOriginalAddress(la, alias_addr);
- lnk = AddLink(la, target_addr, dst_addr, alias_addr,
- id_alias, NO_DEST_PORT, id_alias,
- LINK_ICMP);
+ lnk = AddLink(la, target_addr, dst_addr, alias_addr, id_alias,
+ NO_DEST_PORT, id_alias, LINK_ICMP);
}
return (lnk);
}
struct alias_link *
FindIcmpOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short id,
- int create)
+ struct in_addr dst_addr, u_short id, int create)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkOut(la, src_addr, dst_addr,
- id, NO_DEST_PORT,
- LINK_ICMP, 0);
+ lnk = FindLinkOut(la, src_addr, dst_addr, id, NO_DEST_PORT, LINK_ICMP,
+ 0);
if (lnk == NULL && create) {
struct in_addr alias_addr;
alias_addr = FindAliasAddress(la, src_addr);
- lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- id, NO_DEST_PORT, GET_ALIAS_ID,
- LINK_ICMP);
+ lnk = AddLink(la, src_addr, dst_addr, alias_addr, id,
+ NO_DEST_PORT, GET_ALIAS_ID, LINK_ICMP);
}
return (lnk);
}
struct alias_link *
FindFragmentIn1(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short ip_id)
+ struct in_addr alias_addr, u_short ip_id)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, ip_id,
+ lnk = FindLinkIn(la, dst_addr, alias_addr, NO_DEST_PORT, ip_id,
LINK_FRAGMENT_ID, 0);
if (lnk == NULL) {
lnk = AddLink(la, la->nullAddress, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, ip_id,
- LINK_FRAGMENT_ID);
+ NO_SRC_PORT, NO_DEST_PORT, ip_id, LINK_FRAGMENT_ID);
}
return (lnk);
}
@@ -1389,84 +1348,69 @@
struct in_addr alias_addr, u_short ip_id)
{
LIBALIAS_LOCK_ASSERT(la);
- return FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, ip_id,
+ return FindLinkIn(la, dst_addr, alias_addr, NO_DEST_PORT, ip_id,
LINK_FRAGMENT_ID, 0);
}
struct alias_link *
-AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr,
- u_short ip_id)
+AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, u_short ip_id)
{
LIBALIAS_LOCK_ASSERT(la);
return AddLink(la, la->nullAddress, dst_addr, la->nullAddress,
- NO_SRC_PORT, NO_DEST_PORT, ip_id,
- LINK_FRAGMENT_PTR);
+ NO_SRC_PORT, NO_DEST_PORT, ip_id, LINK_FRAGMENT_PTR);
}
struct alias_link *
-FindFragmentPtr(struct libalias *la, struct in_addr dst_addr,
- u_short ip_id)
+FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, u_short ip_id)
{
LIBALIAS_LOCK_ASSERT(la);
- return FindLinkIn(la, dst_addr, la->nullAddress,
- NO_DEST_PORT, ip_id,
+ return FindLinkIn(la, dst_addr, la->nullAddress, NO_DEST_PORT, ip_id,
LINK_FRAGMENT_PTR, 0);
}
struct alias_link *
FindProtoIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_char proto)
+ struct in_addr alias_addr, u_char proto)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkIn(la, dst_addr, alias_addr,
- NO_DEST_PORT, 0,
- proto, 1);
+ lnk = FindLinkIn(la, dst_addr, alias_addr, NO_DEST_PORT, 0, proto, 1);
if (lnk == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
struct in_addr target_addr;
target_addr = FindOriginalAddress(la, alias_addr);
lnk = AddLink(la, target_addr, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, 0,
- proto);
+ NO_SRC_PORT, NO_DEST_PORT, 0, proto);
}
return (lnk);
}
struct alias_link *
FindProtoOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_char proto)
+ struct in_addr dst_addr, u_char proto)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkOut(la, src_addr, dst_addr,
- NO_SRC_PORT, NO_DEST_PORT,
+ lnk = FindLinkOut(la, src_addr, dst_addr, NO_SRC_PORT, NO_DEST_PORT,
proto, 1);
if (lnk == NULL) {
struct in_addr alias_addr;
alias_addr = FindAliasAddress(la, src_addr);
- lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, 0,
- proto);
+ lnk = AddLink(la, src_addr, dst_addr, alias_addr, NO_SRC_PORT,
+ NO_DEST_PORT, 0, proto);
}
return (lnk);
}
struct alias_link *
FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_short dst_port,
- u_short alias_port,
- u_char proto,
- int create)
+ struct in_addr alias_addr, u_short dst_port, u_short alias_port,
+ u_char proto, int create)
{
int link_type;
struct alias_link *lnk;
@@ -1484,27 +1428,23 @@
break;
}
- lnk = FindLinkIn(la, dst_addr, alias_addr,
- dst_port, alias_port,
+ lnk = FindLinkIn(la, dst_addr, alias_addr, dst_port, alias_port,
link_type, create);
- if (lnk == NULL && create && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
+ if (lnk == NULL && create &&
+ !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
struct in_addr target_addr;
target_addr = FindOriginalAddress(la, alias_addr);
- lnk = AddLink(la, target_addr, dst_addr, alias_addr,
- alias_port, dst_port, alias_port,
- link_type);
+ lnk = AddLink(la, target_addr, dst_addr, alias_addr, alias_port,
+ dst_port, alias_port, link_type);
}
return (lnk);
}
struct alias_link *
FindUdpTcpOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short dst_port,
- u_char proto,
+ struct in_addr dst_addr, u_short src_port, u_short dst_port, u_char proto,
int create)
{
int link_type;
@@ -1523,105 +1463,97 @@
break;
}
- lnk = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create);
+ lnk = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type,
+ create);
if (lnk == NULL && create) {
struct in_addr alias_addr;
alias_addr = FindAliasAddress(la, src_addr);
- lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, dst_port, GET_ALIAS_PORT,
- link_type);
+ lnk = AddLink(la, src_addr, dst_addr, alias_addr, src_port,
+ dst_port, GET_ALIAS_PORT, link_type);
}
return (lnk);
}
struct alias_link *
-AddPptp(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_int16_t src_call_id)
+AddPptp(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr,
+ struct in_addr alias_addr, u_int16_t src_call_id)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- src_call_id, 0, GET_ALIAS_PORT,
- LINK_PPTP);
+ lnk = AddLink(la, src_addr, dst_addr, alias_addr, src_call_id, 0,
+ GET_ALIAS_PORT, LINK_PPTP);
return (lnk);
}
struct alias_link *
FindPptpOutByCallId(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_int16_t src_call_id)
+ struct in_addr dst_addr, u_int16_t src_call_id)
{
u_int i;
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP);
- LIST_FOREACH(lnk, &la->linkTableOut[i], list_out)
- if (lnk->link_type == LINK_PPTP &&
- lnk->src_addr.s_addr == src_addr.s_addr &&
- lnk->dst_addr.s_addr == dst_addr.s_addr &&
- lnk->src_port == src_call_id)
- break;
+ LIST_FOREACH (lnk, &la->linkTableOut[i], list_out)
+ if (lnk->link_type == LINK_PPTP &&
+ lnk->src_addr.s_addr == src_addr.s_addr &&
+ lnk->dst_addr.s_addr == dst_addr.s_addr &&
+ lnk->src_port == src_call_id)
+ break;
return (lnk);
}
struct alias_link *
FindPptpOutByPeerCallId(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_int16_t dst_call_id)
+ struct in_addr dst_addr, u_int16_t dst_call_id)
{
u_int i;
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP);
- LIST_FOREACH(lnk, &la->linkTableOut[i], list_out)
- if (lnk->link_type == LINK_PPTP &&
- lnk->src_addr.s_addr == src_addr.s_addr &&
- lnk->dst_addr.s_addr == dst_addr.s_addr &&
- lnk->dst_port == dst_call_id)
- break;
+ LIST_FOREACH (lnk, &la->linkTableOut[i], list_out)
+ if (lnk->link_type == LINK_PPTP &&
+ lnk->src_addr.s_addr == src_addr.s_addr &&
+ lnk->dst_addr.s_addr == dst_addr.s_addr &&
+ lnk->dst_port == dst_call_id)
+ break;
return (lnk);
}
struct alias_link *
FindPptpInByCallId(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_int16_t dst_call_id)
+ struct in_addr alias_addr, u_int16_t dst_call_id)
{
u_int i;
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
i = StartPointIn(alias_addr, 0, LINK_PPTP);
- LIST_FOREACH(lnk, &la->linkTableIn[i], list_in)
- if (lnk->link_type == LINK_PPTP &&
- lnk->dst_addr.s_addr == dst_addr.s_addr &&
- lnk->alias_addr.s_addr == alias_addr.s_addr &&
- lnk->dst_port == dst_call_id)
- break;
+ LIST_FOREACH (lnk, &la->linkTableIn[i], list_in)
+ if (lnk->link_type == LINK_PPTP &&
+ lnk->dst_addr.s_addr == dst_addr.s_addr &&
+ lnk->alias_addr.s_addr == alias_addr.s_addr &&
+ lnk->dst_port == dst_call_id)
+ break;
return (lnk);
}
struct alias_link *
FindPptpInByPeerCallId(struct libalias *la, struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_int16_t alias_call_id)
+ struct in_addr alias_addr, u_int16_t alias_call_id)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkIn(la, dst_addr, alias_addr,
- 0 /* any */ , alias_call_id,
+ lnk = FindLinkIn(la, dst_addr, alias_addr, 0 /* any */, alias_call_id,
LINK_PPTP, 0);
return (lnk);
@@ -1629,10 +1561,7 @@
struct alias_link *
FindRtspOut(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- u_short src_port,
- u_short alias_port,
- u_char proto)
+ struct in_addr dst_addr, u_short src_port, u_short alias_port, u_char proto)
{
int link_type;
struct alias_link *lnk;
@@ -1656,9 +1585,8 @@
struct in_addr alias_addr;
alias_addr = FindAliasAddress(la, src_addr);
- lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, 0, alias_port,
- link_type);
+ lnk = AddLink(la, src_addr, dst_addr, alias_addr, src_port, 0,
+ alias_port, link_type);
}
return (lnk);
}
@@ -1669,19 +1597,19 @@
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkIn(la, la->nullAddress, alias_addr,
- 0, 0, LINK_ADDR, 0);
+ lnk = FindLinkIn(la, la->nullAddress, alias_addr, 0, 0, LINK_ADDR, 0);
if (lnk == NULL) {
la->newDefaultLink = 1;
if (la->targetAddress.s_addr == INADDR_ANY)
return (alias_addr);
else if (la->targetAddress.s_addr == INADDR_NONE)
return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : alias_addr;
+ la->aliasAddress :
+ alias_addr;
else
return (la->targetAddress);
} else {
- if (lnk->server != NULL) { /* LSNAT link */
+ if (lnk->server != NULL) { /* LSNAT link */
struct in_addr src_addr;
src_addr = lnk->server->addr;
@@ -1689,7 +1617,8 @@
return (src_addr);
} else if (lnk->src_addr.s_addr == INADDR_ANY)
return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : alias_addr;
+ la->aliasAddress :
+ alias_addr;
else
return (lnk->src_addr);
}
@@ -1701,15 +1630,17 @@
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
- lnk = FindLinkOut(la, original_addr, la->nullAddress,
- 0, 0, LINK_ADDR, 0);
+ lnk = FindLinkOut(la, original_addr, la->nullAddress, 0, 0, LINK_ADDR,
+ 0);
if (lnk == NULL) {
return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : original_addr;
+ la->aliasAddress :
+ original_addr;
} else {
if (lnk->alias_addr.s_addr == INADDR_ANY)
return (la->aliasAddress.s_addr != INADDR_ANY) ?
- la->aliasAddress : original_addr;
+ la->aliasAddress :
+ original_addr;
else
return (lnk->alias_addr);
}
@@ -1758,7 +1689,7 @@
{
/* TCP input state */
switch (state) {
- case ALIAS_TCP_STATE_DISCONNECTED:
+ case ALIAS_TCP_STATE_DISCONNECTED:
if (lnk->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED)
lnk->expire_time = TCP_EXPIRE_DEAD;
else
@@ -1769,7 +1700,7 @@
lnk->expire_time = TCP_EXPIRE_CONNECTED;
break;
default:
-#ifdef _KERNEL
+#ifdef _KERNEL
panic("libalias:SetStateIn() unknown state");
#else
abort();
@@ -1783,7 +1714,7 @@
{
/* TCP output state */
switch (state) {
- case ALIAS_TCP_STATE_DISCONNECTED:
+ case ALIAS_TCP_STATE_DISCONNECTED:
if (lnk->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED)
lnk->expire_time = TCP_EXPIRE_DEAD;
else
@@ -1794,7 +1725,7 @@
lnk->expire_time = TCP_EXPIRE_CONNECTED;
break;
default:
-#ifdef _KERNEL
+#ifdef _KERNEL
panic("libalias:SetStateOut() unknown state");
#else
abort();
@@ -1868,7 +1799,7 @@
}
#ifndef NO_FW_PUNCH
-static u_short
+static u_short
GetDestPort(struct alias_link *lnk)
{
return (lnk->dst_port);
@@ -1879,7 +1810,7 @@
void
SetAckModified(struct alias_link *lnk)
{
-/* Indicate that ACK numbers have been modified in a TCP connection */
+ /* Indicate that ACK numbers have been modified in a TCP connection */
lnk->data.tcp->state.ack_modified = 1;
}
@@ -1910,7 +1841,7 @@
int
GetAckModified(struct alias_link *lnk)
{
-/* See if ACK numbers have been modified */
+ /* See if ACK numbers have been modified */
return (lnk->data.tcp->state.ack_modified);
}
@@ -2100,7 +2031,7 @@
HouseKeeping(struct libalias *la)
{
int i, n;
-#ifndef _KERNEL
+#ifndef _KERNEL
struct timeval tv;
#endif
@@ -2110,7 +2041,7 @@
* by other functions. This is done so as not to unnecessarily
* waste timeline by making system calls.
*/
-#ifdef _KERNEL
+#ifdef _KERNEL
la->timeStamp = time_uptime;
#else
gettimeofday(&tv, NULL);
@@ -2148,7 +2079,8 @@
;
#else
if ((la->logDesc = fopen("/var/log/alias.log", "w")))
- fprintf(la->logDesc, "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n");
+ fprintf(la->logDesc,
+ "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n");
#endif
else
return (ENOMEM); /* log initialization failed */
@@ -2195,10 +2127,9 @@
/* Redirection from a specific public addr:port to a
private addr:port */
struct alias_link *
-LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr, u_short src_port,
- struct in_addr dst_addr, u_short dst_port,
- struct in_addr alias_addr, u_short alias_port,
- u_char proto)
+LibAliasRedirectPort(struct libalias *la, struct in_addr src_addr,
+ u_short src_port, struct in_addr dst_addr, u_short dst_port,
+ struct in_addr alias_addr, u_short alias_port, u_char proto)
{
int link_type;
struct alias_link *lnk;
@@ -2223,16 +2154,16 @@
goto getout;
}
- lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- src_port, dst_port, alias_port,
- link_type);
+ lnk = AddLink(la, src_addr, dst_addr, alias_addr, src_port, dst_port,
+ alias_port, link_type);
if (lnk != NULL) {
lnk->flags |= LINK_PERMANENT;
}
#ifdef LIBALIAS_DEBUG
else {
- fprintf(stderr, "PacketAliasRedirectPort(): "
+ fprintf(stderr,
+ "PacketAliasRedirectPort(): "
"call to AddLink() failed\n");
}
#endif
@@ -2244,7 +2175,8 @@
/* Add server to the pool of servers */
int
-LibAliasAddServer(struct libalias *la, struct alias_link *lnk, struct in_addr addr, u_short port)
+LibAliasAddServer(struct libalias *la, struct alias_link *lnk,
+ struct in_addr addr, u_short port)
{
struct server *server;
int res;
@@ -2266,7 +2198,8 @@
else {
struct server *s;
- for (s = head; s->next != head; s = s->next);
+ for (s = head; s->next != head; s = s->next)
+ ;
s->next = server;
server->next = head;
}
@@ -2283,23 +2216,21 @@
public address to a private address */
struct alias_link *
LibAliasRedirectProto(struct libalias *la, struct in_addr src_addr,
- struct in_addr dst_addr,
- struct in_addr alias_addr,
- u_char proto)
+ struct in_addr dst_addr, struct in_addr alias_addr, u_char proto)
{
struct alias_link *lnk;
LIBALIAS_LOCK(la);
- lnk = AddLink(la, src_addr, dst_addr, alias_addr,
- NO_SRC_PORT, NO_DEST_PORT, 0,
- proto);
+ lnk = AddLink(la, src_addr, dst_addr, alias_addr, NO_SRC_PORT,
+ NO_DEST_PORT, 0, proto);
if (lnk != NULL) {
lnk->flags |= LINK_PERMANENT;
}
#ifdef LIBALIAS_DEBUG
else {
- fprintf(stderr, "PacketAliasRedirectProto(): "
+ fprintf(stderr,
+ "PacketAliasRedirectProto(): "
"call to AddLink() failed\n");
}
#endif
@@ -2316,8 +2247,7 @@
struct alias_link *lnk;
LIBALIAS_LOCK(la);
- lnk = AddLink(la, src_addr, la->nullAddress, alias_addr,
- 0, 0, 0,
+ lnk = AddLink(la, src_addr, la->nullAddress, alias_addr, 0, 0, 0,
LINK_ADDR);
if (lnk != NULL) {
@@ -2325,7 +2255,8 @@
}
#ifdef LIBALIAS_DEBUG
else {
- fprintf(stderr, "PacketAliasRedirectAddr(): "
+ fprintf(stderr,
+ "PacketAliasRedirectAddr(): "
"call to AddLink() failed\n");
}
#endif
@@ -2369,15 +2300,14 @@
LibAliasSetAddress(struct libalias *la, struct in_addr addr)
{
LIBALIAS_LOCK(la);
- if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE
- && la->aliasAddress.s_addr != addr.s_addr)
+ if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE &&
+ la->aliasAddress.s_addr != addr.s_addr)
CleanupAliasData(la);
la->aliasAddress = addr;
LIBALIAS_UNLOCK(la);
}
-
void
LibAliasSetAliasPortRange(struct libalias *la, u_short port_low,
u_short port_high)
@@ -2408,13 +2338,13 @@
LibAliasInit(struct libalias *la)
{
int i;
-#ifndef _KERNEL
+#ifndef _KERNEL
struct timeval tv;
#endif
if (la == NULL) {
#ifdef _KERNEL
-#undef malloc /* XXX: ugly */
+#undef malloc /* XXX: ugly */
la = malloc(sizeof *la, M_ALIAS, M_WAITOK | M_ZERO);
#else
la = calloc(sizeof *la, 1);
@@ -2422,14 +2352,14 @@
return (la);
#endif
-#ifndef _KERNEL
+#ifndef _KERNEL
/* kernel cleans up on module unload */
if (LIST_EMPTY(&instancehead))
atexit(finishoff);
#endif
LIST_INSERT_HEAD(&instancehead, la, instancelist);
-#ifdef _KERNEL
+#ifdef _KERNEL
la->timeStamp = time_uptime;
la->lastCleanupTime = time_uptime;
#else
@@ -2474,7 +2404,7 @@
la->cleanupIndex = 0;
la->packetAliasMode = PKT_ALIAS_SAME_PORTS
-#ifndef NO_USE_SOCKETS
+#ifndef NO_USE_SOCKETS
| PKT_ALIAS_USE_SOCKETS
#endif
| PKT_ALIAS_RESET_ON_ADDR_CHANGE;
@@ -2510,11 +2440,10 @@
/* Change mode for some operations */
unsigned int
-LibAliasSetMode(
- struct libalias *la,
- unsigned int flags, /* Which state to bring flags to */
- unsigned int mask /* Mask of which flags to affect (use 0 to
- * do a probe for flag values) */
+LibAliasSetMode(struct libalias *la,
+ unsigned int flags, /* Which state to bring flags to */
+ unsigned int mask /* Mask of which flags to affect (use 0 to
+ * do a probe for flag values) */
)
{
int res = -1;
@@ -2566,8 +2495,9 @@
/* Firewall include files */
#include <net/if.h>
#include <netinet/ip_fw.h>
-#include <string.h>
+
#include <err.h>
+#include <string.h>
/*
* helper function, updates the pointer to cmd with the length
@@ -2575,7 +2505,7 @@
* the new command in case it has been clobbered before.
*/
static ipfw_insn *
-next_cmd(ipfw_insn * cmd)
+next_cmd(ipfw_insn *cmd)
{
cmd += F_LEN(cmd);
bzero(cmd, sizeof(*cmd));
@@ -2587,8 +2517,8 @@
* Existing flags are preserved.
*/
static ipfw_insn *
-fill_cmd(ipfw_insn * cmd, enum ipfw_opcodes opcode, int size,
- int flags, u_int16_t arg)
+fill_cmd(ipfw_insn *cmd, enum ipfw_opcodes opcode, int size, int flags,
+ u_int16_t arg)
{
cmd->opcode = opcode;
cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | (size & F_LEN_MASK);
@@ -2597,30 +2527,29 @@
}
static ipfw_insn *
-fill_ip(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int32_t addr)
+fill_ip(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int32_t addr)
{
- ipfw_insn_ip *cmd = (ipfw_insn_ip *) cmd1;
+ ipfw_insn_ip *cmd = (ipfw_insn_ip *)cmd1;
cmd->addr.s_addr = addr;
return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0);
}
static ipfw_insn *
-fill_one_port(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int16_t port)
+fill_one_port(ipfw_insn *cmd1, enum ipfw_opcodes opcode, u_int16_t port)
{
- ipfw_insn_u16 *cmd = (ipfw_insn_u16 *) cmd1;
+ ipfw_insn_u16 *cmd = (ipfw_insn_u16 *)cmd1;
cmd->ports[0] = cmd->ports[1] = port;
return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0);
}
static int
-fill_rule(void *buf, int bufsize, int rulenum,
- enum ipfw_opcodes action, int proto,
- struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp)
+fill_rule(void *buf, int bufsize, int rulenum, enum ipfw_opcodes action,
+ int proto, struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp)
{
struct ip_fw *rule = (struct ip_fw *)buf;
- ipfw_insn *cmd = (ipfw_insn *) rule->cmd;
+ ipfw_insn *cmd = (ipfw_insn *)rule->cmd;
bzero(buf, bufsize);
rule->rulenum = rulenum;
@@ -2631,27 +2560,27 @@
cmd = fill_ip(cmd, O_IP_DST, da.s_addr);
cmd = fill_one_port(cmd, O_IP_DSTPORT, dp);
- rule->act_ofs = (u_int32_t *) cmd - (u_int32_t *) rule->cmd;
+ rule->act_ofs = (u_int32_t *)cmd - (u_int32_t *)rule->cmd;
cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0);
- rule->cmd_len = (u_int32_t *) cmd - (u_int32_t *) rule->cmd;
+ rule->cmd_len = (u_int32_t *)cmd - (u_int32_t *)rule->cmd;
return ((char *)cmd - (char *)buf);
}
-static void ClearAllFWHoles(struct libalias *la);
+static void ClearAllFWHoles(struct libalias *la);
-#define fw_setfield(la, field, num) \
-do { \
- (field)[(num) - la->fireWallBaseNum] = 1; \
-} /*lint -save -e717 */ while(0)/* lint -restore */
+#define fw_setfield(la, field, num) \
+ do { \
+ (field)[(num)-la->fireWallBaseNum] = 1; \
+ } /*lint -save -e717 */ while (0) /* lint -restore */
-#define fw_clrfield(la, field, num) \
-do { \
- (field)[(num) - la->fireWallBaseNum] = 0; \
-} /*lint -save -e717 */ while(0)/* lint -restore */
+#define fw_clrfield(la, field, num) \
+ do { \
+ (field)[(num)-la->fireWallBaseNum] = 0; \
+ } /*lint -save -e717 */ while (0) /* lint -restore */
-#define fw_tstfield(la, field, num) ((field)[(num) - la->fireWallBaseNum])
+#define fw_tstfield(la, field, num) ((field)[(num)-la->fireWallBaseNum])
static void
InitPunchFW(struct libalias *la)
@@ -2685,15 +2614,14 @@
PunchFWHole(struct alias_link *lnk)
{
struct libalias *la;
- int r; /* Result code */
- struct ip_fw rule; /* On-the-fly built rule */
- int fwhole; /* Where to punch hole */
+ int r; /* Result code */
+ struct ip_fw rule; /* On-the-fly built rule */
+ int fwhole; /* Where to punch hole */
la = lnk->la;
/* Don't do anything unless we are asked to */
- if (!(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) ||
- la->fireWallFD < 0 ||
+ if (!(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) || la->fireWallFD < 0 ||
lnk->link_type != LINK_TCP)
return;
@@ -2703,19 +2631,22 @@
/* Find empty slot */
for (fwhole = la->fireWallActiveNum;
- fwhole < la->fireWallBaseNum + la->fireWallNumNums &&
- fw_tstfield(la, la->fireWallField, fwhole);
- fwhole++);
+ fwhole < la->fireWallBaseNum + la->fireWallNumNums &&
+ fw_tstfield(la, la->fireWallField, fwhole);
+ fwhole++)
+ ;
if (fwhole == la->fireWallBaseNum + la->fireWallNumNums) {
for (fwhole = la->fireWallBaseNum;
- fwhole < la->fireWallActiveNum &&
- fw_tstfield(la, la->fireWallField, fwhole);
- fwhole++);
+ fwhole < la->fireWallActiveNum &&
+ fw_tstfield(la, la->fireWallField, fwhole);
+ fwhole++)
+ ;
if (fwhole == la->fireWallActiveNum) {
/* No rule point empty - we can't punch more holes. */
la->fireWallActiveNum = la->fireWallBaseNum;
#ifdef LIBALIAS_DEBUG
- fprintf(stderr, "libalias: Unable to create firewall hole!\n");
+ fprintf(stderr,
+ "libalias: Unable to create firewall hole!\n");
#endif
return;
}
@@ -2733,19 +2664,20 @@
u_int32_t rulebuf[255];
int i;
- i = fill_rule(rulebuf, sizeof(rulebuf), fwhole,
- O_ACCEPT, IPPROTO_TCP,
- GetOriginalAddress(lnk), ntohs(GetOriginalPort(lnk)),
- GetDestAddress(lnk), ntohs(GetDestPort(lnk)));
- r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i);
+ i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, O_ACCEPT,
+ IPPROTO_TCP, GetOriginalAddress(lnk),
+ ntohs(GetOriginalPort(lnk)), GetDestAddress(lnk),
+ ntohs(GetDestPort(lnk)));
+ r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf,
+ i);
if (r)
err(1, "alias punch inbound(1) setsockopt(IP_FW_ADD)");
- i = fill_rule(rulebuf, sizeof(rulebuf), fwhole,
- O_ACCEPT, IPPROTO_TCP,
- GetDestAddress(lnk), ntohs(GetDestPort(lnk)),
+ i = fill_rule(rulebuf, sizeof(rulebuf), fwhole, O_ACCEPT,
+ IPPROTO_TCP, GetDestAddress(lnk), ntohs(GetDestPort(lnk)),
GetOriginalAddress(lnk), ntohs(GetOriginalPort(lnk)));
- r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf, i);
+ r = setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_ADD, rulebuf,
+ i);
if (r)
err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)");
}
@@ -2764,15 +2696,17 @@
la = lnk->la;
if (lnk->link_type == LINK_TCP) {
- int fwhole = lnk->data.tcp->fwhole; /* Where is the firewall hole? */
+ int fwhole =
+ lnk->data.tcp->fwhole; /* Where is the firewall hole? */
struct ip_fw rule;
if (fwhole < 0)
return;
- memset(&rule, 0, sizeof rule); /* useless for ipfw2 */
+ memset(&rule, 0, sizeof rule); /* useless for ipfw2 */
while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL,
- &fwhole, sizeof fwhole));
+ &fwhole, sizeof fwhole))
+ ;
fw_clrfield(la, la->fireWallField, fwhole);
lnk->data.tcp->fwhole = -1;
}
@@ -2782,17 +2716,20 @@
static void
ClearAllFWHoles(struct libalias *la)
{
- struct ip_fw rule; /* On-the-fly built rule */
+ struct ip_fw rule; /* On-the-fly built rule */
int i;
if (la->fireWallFD < 0)
return;
memset(&rule, 0, sizeof rule);
- for (i = la->fireWallBaseNum; i < la->fireWallBaseNum + la->fireWallNumNums; i++) {
+ for (i = la->fireWallBaseNum;
+ i < la->fireWallBaseNum + la->fireWallNumNums; i++) {
int r = i;
- while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r, sizeof r));
+ while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL, &r,
+ sizeof r))
+ ;
}
/* XXX: third arg correct here ? /phk */
memset(la->fireWallField, 0, la->fireWallNumNums);
@@ -2823,28 +2760,28 @@
* Find the address to redirect incoming packets
*/
struct in_addr
-FindSctpRedirectAddress(struct libalias *la, struct sctp_nat_msg *sm)
+FindSctpRedirectAddress(struct libalias *la, struct sctp_nat_msg *sm)
{
struct alias_link *lnk;
struct in_addr redir;
LIBALIAS_LOCK_ASSERT(la);
lnk = FindLinkIn(la, sm->ip_hdr->ip_src, sm->ip_hdr->ip_dst,
- sm->sctp_hdr->dest_port,sm->sctp_hdr->dest_port, LINK_SCTP, 1);
+ sm->sctp_hdr->dest_port, sm->sctp_hdr->dest_port, LINK_SCTP, 1);
if (lnk != NULL)
/* port redirect */
- return(lnk->src_addr);
+ return (lnk->src_addr);
else {
- redir = FindOriginalAddress(la,sm->ip_hdr->ip_dst);
+ redir = FindOriginalAddress(la, sm->ip_hdr->ip_dst);
if (redir.s_addr == la->aliasAddress.s_addr ||
redir.s_addr == la->targetAddress.s_addr) {
/* No address found */
- lnk = FindLinkIn(la, sm->ip_hdr->ip_src, sm->ip_hdr->ip_dst,
- NO_DEST_PORT, 0, LINK_SCTP, 1);
+ lnk = FindLinkIn(la, sm->ip_hdr->ip_src,
+ sm->ip_hdr->ip_dst, NO_DEST_PORT, 0, LINK_SCTP, 1);
if (lnk != NULL)
/* redirect proto */
- return(lnk->src_addr);
+ return (lnk->src_addr);
}
- return(redir); /* address redirect */
+ return (redir); /* address redirect */
}
}
Index: sys/netinet/libalias/alias_dummy.c
===================================================================
--- sys/netinet/libalias/alias_dummy.c
+++ sys/netinet/libalias/alias_dummy.c
@@ -40,13 +40,14 @@
#include <sys/kernel.h>
#include <sys/module.h>
#else
-#include <errno.h>
#include <sys/types.h>
+
+#include <errno.h>
#include <stdio.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
@@ -58,8 +59,8 @@
#include "alias_mod.h"
#endif
-static void
-AliasHandleDummy(struct libalias *la, struct ip *ip, struct alias_data *ah);
+static void AliasHandleDummy(struct libalias *la, struct ip *ip,
+ struct alias_data *ah);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
@@ -69,16 +70,15 @@
* is empy/NULL, return a -1 value.
*/
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
- ah->maxpktsize == 0)
+ ah->maxpktsize == 0)
return (-1);
/*
* Fingerprint the incoming packet, if it matches any conditions
* return an OK value.
*/
- if (ntohs(*ah->dport) == 123
- || ntohs(*ah->sport) == 456)
+ if (ntohs(*ah->dport) == 123 || ntohs(*ah->sport) == 456)
return (0); /* I know how to handle it. */
- return (-1); /* I don't recognize this packet. */
+ return (-1); /* I don't recognize this packet. */
}
/*
@@ -101,16 +101,12 @@
* ITS EXACT NAME: handlers.
*/
-struct proto_handler handlers [] = {
- {
- .pri = 666,
- .dir = IN|OUT,
- .proto = UDP|TCP,
- .fingerprint = &fingerprint,
- .protohandler = &protohandler
- },
- { EOH }
-};
+struct proto_handler handlers[] = { { .pri = 666,
+ .dir = IN | OUT,
+ .proto = UDP | TCP,
+ .fingerprint = &fingerprint,
+ .protohandler = &protohandler },
+ { EOH } };
static int
mod_handler(module_t mod, int type, void *data)
@@ -135,11 +131,9 @@
#ifdef _KERNEL
static
#endif
-moduledata_t alias_mod = {
- "alias_dummy", mod_handler, NULL
-};
+ moduledata_t alias_mod = { "alias_dummy", mod_handler, NULL };
-#ifdef _KERNEL
+#ifdef _KERNEL
DECLARE_MODULE(alias_dummy, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_dummy, 1);
MODULE_DEPEND(alias_dummy, libalias, 1, 1, 1);
Index: sys/netinet/libalias/alias_ftp.c
===================================================================
--- sys/netinet/libalias/alias_ftp.c
+++ sys/netinet/libalias/alias_ftp.c
@@ -72,20 +72,21 @@
/* Includes */
#ifdef _KERNEL
#include <sys/param.h>
-#include <sys/ctype.h>
#include <sys/systm.h>
+#include <sys/ctype.h>
#include <sys/kernel.h>
#include <sys/module.h>
#else
+#include <sys/types.h>
+
#include <ctype.h>
#include <errno.h>
-#include <sys/types.h>
#include <stdio.h>
#include <string.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
@@ -100,11 +101,10 @@
#define FTP_CONTROL_PORT_NUMBER 21
-static void
-AliasHandleFtpOut(struct libalias *, struct ip *, struct alias_link *,
- int maxpacketsize);
-static void
-AliasHandleFtpIn(struct libalias *, struct ip *, struct alias_link *);
+static void AliasHandleFtpOut(struct libalias *, struct ip *,
+ struct alias_link *, int maxpacketsize);
+static void AliasHandleFtpIn(struct libalias *, struct ip *,
+ struct alias_link *);
static int
fingerprint_out(struct libalias *la, struct alias_data *ah)
@@ -143,23 +143,17 @@
return (0);
}
-struct proto_handler handlers[] = {
- {
- .pri = 80,
- .dir = OUT,
- .proto = TCP,
- .fingerprint = &fingerprint_out,
- .protohandler = &protohandler_out
- },
- {
- .pri = 80,
- .dir = IN,
- .proto = TCP,
- .fingerprint = &fingerprint_in,
- .protohandler = &protohandler_in
- },
- { EOH }
-};
+struct proto_handler handlers[] = { { .pri = 80,
+ .dir = OUT,
+ .proto = TCP,
+ .fingerprint = &fingerprint_out,
+ .protohandler = &protohandler_out },
+ { .pri = 80,
+ .dir = IN,
+ .proto = TCP,
+ .fingerprint = &fingerprint_in,
+ .protohandler = &protohandler_in },
+ { EOH } };
static int
mod_handler(module_t mod, int type, void *data)
@@ -184,21 +178,19 @@
#ifdef _KERNEL
static
#endif
-moduledata_t alias_mod = {
- "alias_ftp", mod_handler, NULL
-};
+ moduledata_t alias_mod = { "alias_ftp", mod_handler, NULL };
-#ifdef _KERNEL
+#ifdef _KERNEL
DECLARE_MODULE(alias_ftp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_ftp, 1);
MODULE_DEPEND(alias_ftp, libalias, 1, 1, 1);
#endif
#define FTP_CONTROL_PORT_NUMBER 21
-#define MAX_MESSAGE_SIZE 128
+#define MAX_MESSAGE_SIZE 128
/* FTP protocol flags. */
-#define WAIT_CRLF 0x01
+#define WAIT_CRLF 0x01
enum ftp_message_type {
FTP_PORT_COMMAND,
@@ -208,11 +200,12 @@
FTP_UNKNOWN_MESSAGE
};
-static int ParseFtpPortCommand(struct libalias *la, char *, int);
-static int ParseFtpEprtCommand(struct libalias *la, char *, int);
-static int ParseFtp227Reply(struct libalias *la, char *, int);
-static int ParseFtp229Reply(struct libalias *la, char *, int);
-static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
+static int ParseFtpPortCommand(struct libalias *la, char *, int);
+static int ParseFtpEprtCommand(struct libalias *la, char *, int);
+static int ParseFtp227Reply(struct libalias *la, char *, int);
+static int ParseFtp229Reply(struct libalias *la, char *, int);
+static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *,
+ int, int);
static void
AliasHandleFtpOut(
@@ -246,13 +239,15 @@
ftp_message_type = FTP_UNKNOWN_MESSAGE;
if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) {
- /* When aliasing a client, check for the PORT/EPRT command. */
+ /* When aliasing a client, check for the PORT/EPRT
+ * command. */
if (ParseFtpPortCommand(la, sptr, dlen))
ftp_message_type = FTP_PORT_COMMAND;
else if (ParseFtpEprtCommand(la, sptr, dlen))
ftp_message_type = FTP_EPRT_COMMAND;
} else {
- /* When aliasing a server, check for the 227/229 reply. */
+ /* When aliasing a server, check for the 227/229 reply.
+ */
if (ParseFtp227Reply(la, sptr, dlen))
ftp_message_type = FTP_227_REPLY;
else if (ParseFtp229Reply(la, sptr, dlen)) {
@@ -262,12 +257,13 @@
}
if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
- NewFtpMessage(la, pip, lnk, maxpacketsize, ftp_message_type);
+ NewFtpMessage(la, pip, lnk, maxpacketsize,
+ ftp_message_type);
}
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
- if (dlen) { /* only if there's data */
- sptr = (char *)pip; /* start over at beginning */
+ if (dlen) { /* only if there's data */
+ sptr = (char *)pip; /* start over at beginning */
tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
pflags &= ~WAIT_CRLF;
@@ -279,8 +275,8 @@
static void
AliasHandleFtpIn(struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *lnk) /* The link to go through (aliased port) */
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *lnk) /* The link to go through (aliased port) */
{
int hlen, tlen, dlen, pflags;
char *sptr;
@@ -304,7 +300,7 @@
if (dlen <= MAX_MESSAGE_SIZE && (pflags & WAIT_CRLF) == 0 &&
ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER &&
(ParseFtpPortCommand(la, sptr, dlen) != 0 ||
- ParseFtpEprtCommand(la, sptr, dlen) != 0)) {
+ ParseFtpEprtCommand(la, sptr, dlen) != 0)) {
/*
* Alias active mode client requesting data from server
* behind NAT. We need to alias server->client connection
@@ -316,15 +312,15 @@
}
/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
if (dlen) {
- sptr = (char *)pip; /* start over at beginning */
- tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
- * have grown. */
+ sptr = (char *)pip; /* start over at beginning */
+ tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may
+ * have grown. */
if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n')
pflags &= ~WAIT_CRLF;
else
pflags |= WAIT_CRLF;
SetProtocolFlags(lnk, pflags);
- }
+ }
}
static int
@@ -419,7 +415,7 @@
return (0);
addr = port = octet = 0;
- delim = '|'; /* XXX gcc -Wuninitialized */
+ delim = '|'; /* XXX gcc -Wuninitialized */
state = 0;
for (i = 5; i < dlen; i++) {
ch = sptr[i];
@@ -431,7 +427,7 @@
}
break;
case 1:
- if (ch == '1') /* IPv4 address */
+ if (ch == '1') /* IPv4 address */
state++;
else
return (0);
@@ -580,7 +576,7 @@
return (0);
port = 0;
- delim = '|'; /* XXX gcc -Wuninitialized */
+ delim = '|'; /* XXX gcc -Wuninitialized */
state = 0;
for (i = 4; i < dlen; i++) {
@@ -633,10 +629,8 @@
}
static void
-NewFtpMessage(struct libalias *la, struct ip *pip,
- struct alias_link *lnk,
- int maxpacketsize,
- int ftp_message_type)
+NewFtpMessage(struct libalias *la, struct ip *pip, struct alias_link *lnk,
+ int maxpacketsize, int ftp_message_type)
{
struct alias_link *ftp_lnk;
@@ -678,7 +672,7 @@
/* Decompose alias address into quad format */
alias_address = GetAliasAddress(lnk);
- ptr = (u_char *) & alias_address.s_addr;
+ ptr = (u_char *)&alias_address.s_addr;
a1 = *ptr++;
a2 = *ptr++;
a3 = *ptr++;
@@ -697,8 +691,9 @@
if (ftp_message_type == FTP_PORT_COMMAND) {
/* Generate PORT command string. */
- sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
- a1, a2, a3, a4, p1, p2);
+ sprintf(stemp,
+ "PORT %d,%d,%d,%d,%d,%d\r\n", a1,
+ a2, a3, a4, p1, p2);
} else {
/* Generate 227 reply string. */
sprintf(stemp,
@@ -713,7 +708,8 @@
break;
case FTP_229_REPLY:
/* Generate 229 reply string. */
- sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
+ sprintf(stemp,
+ "229 Entering Extended Passive Mode (|||%d|)\r\n",
ntohs(alias_port));
break;
}
@@ -742,12 +738,9 @@
{
u_short new_len;
- new_len = htons(hlen +
- MIN(slen, maxpacketsize - hlen));
- DifferentialChecksum(&pip->ip_sum,
- &new_len,
- &pip->ip_len,
- 1);
+ new_len = htons(hlen + MIN(slen, maxpacketsize - hlen));
+ DifferentialChecksum(&pip->ip_sum, &new_len,
+ &pip->ip_len, 1);
pip->ip_len = new_len;
}
Index: sys/netinet/libalias/alias_irc.c
===================================================================
--- sys/netinet/libalias/alias_irc.c
+++ sys/netinet/libalias/alias_irc.c
@@ -52,23 +52,24 @@
/* Includes */
#ifdef _KERNEL
#include <sys/param.h>
-#include <sys/ctype.h>
-#include <sys/limits.h>
#include <sys/systm.h>
+#include <sys/ctype.h>
#include <sys/kernel.h>
+#include <sys/limits.h>
#include <sys/module.h>
#else
+#include <sys/types.h>
+
#include <ctype.h>
#include <errno.h>
-#include <sys/types.h>
+#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <limits.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
@@ -90,17 +91,16 @@
/* Local defines */
#define DBprintf(a)
-static void
-AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *,
- int maxpacketsize);
+static void AliasHandleIrcOut(struct libalias *, struct ip *,
+ struct alias_link *, int maxpacketsize);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->lnk == NULL || ah->maxpktsize == 0)
return (-1);
- if (ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_1
- || ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_2)
+ if (ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_1 ||
+ ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_2)
return (0);
return (-1);
}
@@ -116,16 +116,12 @@
return (0);
}
-struct proto_handler handlers[] = {
- {
- .pri = 90,
- .dir = OUT,
- .proto = TCP,
- .fingerprint = &fingerprint,
- .protohandler = &protohandler
- },
- { EOH }
-};
+struct proto_handler handlers[] = { { .pri = 90,
+ .dir = OUT,
+ .proto = TCP,
+ .fingerprint = &fingerprint,
+ .protohandler = &protohandler },
+ { EOH } };
static int
mod_handler(module_t mod, int type, void *data)
@@ -150,12 +146,10 @@
#ifdef _KERNEL
static
#endif
-moduledata_t alias_mod = {
- "alias_irc", mod_handler, NULL
-};
+ moduledata_t alias_mod = { "alias_irc", mod_handler, NULL };
/* Kernel module definition. */
-#ifdef _KERNEL
+#ifdef _KERNEL
DECLARE_MODULE(alias_irc, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_irc, 1);
MODULE_DEPEND(alias_irc, libalias, 1, 1, 1);
@@ -163,10 +157,10 @@
static void
AliasHandleIrcOut(struct libalias *la,
- struct ip *pip, /* IP packet to examine */
- struct alias_link *lnk, /* Which link are we on? */
- int maxsize /* Maximum size of IP packet including
- * headers */
+ struct ip *pip, /* IP packet to examine */
+ struct alias_link *lnk, /* Which link are we on? */
+ int maxsize /* Maximum size of IP packet including
+ * headers */
)
{
int hlen, tlen, dlen;
@@ -174,7 +168,7 @@
u_short true_port;
char *sptr;
struct tcphdr *tc;
- int i; /* Iterator through the source */
+ int i; /* Iterator through the source */
/* Calculate data length of TCP packet */
tc = (struct tcphdr *)ip_next(pip);
@@ -192,287 +186,288 @@
/* Place string pointer at beginning of data */
sptr = (char *)pip;
sptr += hlen;
- maxsize -= hlen; /* We're interested in maximum size of
- * data, not packet */
+ maxsize -= hlen; /* We're interested in maximum size of
+ * data, not packet */
/* Search for a CTCP command [Note 1] */
for (i = 0; i < dlen; i++) {
if (sptr[i] == '\001')
goto lFOUND_CTCP;
}
- return; /* No CTCP commands in */
- /* Handle CTCP commands - the buffer may have to be copied */
- lFOUND_CTCP:
- {
- unsigned int copyat = i;
- unsigned int iCopy = 0; /* How much data have we written to
- * copy-back string? */
- unsigned long org_addr; /* Original IP address */
- unsigned short org_port; /* Original source port
- * address */
-
- lCTCP_START:
- if (i >= dlen || iCopy >= PKTSIZE)
- goto lPACKET_DONE;
- newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start
- * character */
- /* Start of a CTCP */
- if (i + 4 >= dlen) /* Too short for DCC */
- goto lBAD_CTCP;
- if (sptr[i + 0] != 'D')
- goto lBAD_CTCP;
- if (sptr[i + 1] != 'C')
- goto lBAD_CTCP;
- if (sptr[i + 2] != 'C')
- goto lBAD_CTCP;
- if (sptr[i + 3] != ' ')
- goto lBAD_CTCP;
- /* We have a DCC command - handle it! */
- i += 4; /* Skip "DCC " */
- if (iCopy + 4 > PKTSIZE)
- goto lPACKET_DONE;
- newpacket[iCopy++] = 'D';
- newpacket[iCopy++] = 'C';
- newpacket[iCopy++] = 'C';
- newpacket[iCopy++] = ' ';
+ return; /* No CTCP commands in */
+/* Handle CTCP commands - the buffer may have to be copied */
+lFOUND_CTCP : {
+ unsigned int copyat = i;
+ unsigned int iCopy = 0; /* How much data have we written to
+ * copy-back string? */
+ unsigned long org_addr; /* Original IP address */
+ unsigned short org_port; /* Original source port
+ * address */
+
+lCTCP_START:
+ if (i >= dlen || iCopy >= PKTSIZE)
+ goto lPACKET_DONE;
+ newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start
+ * character */
+ /* Start of a CTCP */
+ if (i + 4 >= dlen) /* Too short for DCC */
+ goto lBAD_CTCP;
+ if (sptr[i + 0] != 'D')
+ goto lBAD_CTCP;
+ if (sptr[i + 1] != 'C')
+ goto lBAD_CTCP;
+ if (sptr[i + 2] != 'C')
+ goto lBAD_CTCP;
+ if (sptr[i + 3] != ' ')
+ goto lBAD_CTCP;
+ /* We have a DCC command - handle it! */
+ i += 4; /* Skip "DCC " */
+ if (iCopy + 4 > PKTSIZE)
+ goto lPACKET_DONE;
+ newpacket[iCopy++] = 'D';
+ newpacket[iCopy++] = 'C';
+ newpacket[iCopy++] = 'C';
+ newpacket[iCopy++] = ' ';
- DBprintf(("Found DCC\n"));
- /*
- * Skip any extra spaces (should not occur according to
- * protocol, but DCC breaks CTCP protocol anyway
- */
- while (sptr[i] == ' ') {
- if (++i >= dlen) {
- DBprintf(("DCC packet terminated in just spaces\n"));
- goto lPACKET_DONE;
- }
+ DBprintf(("Found DCC\n"));
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf(("DCC packet terminated in just spaces\n"));
+ goto lPACKET_DONE;
}
+ }
- DBprintf(("Transferring command...\n"));
- while (sptr[i] != ' ') {
- newpacket[iCopy++] = sptr[i];
- if (++i >= dlen || iCopy >= PKTSIZE) {
- DBprintf(("DCC packet terminated during command\n"));
- goto lPACKET_DONE;
- }
+ DBprintf(("Transferring command...\n"));
+ while (sptr[i] != ' ') {
+ newpacket[iCopy++] = sptr[i];
+ if (++i >= dlen || iCopy >= PKTSIZE) {
+ DBprintf(("DCC packet terminated during command\n"));
+ goto lPACKET_DONE;
}
- /* Copy _one_ space */
- if (i + 1 < dlen && iCopy < PKTSIZE)
- newpacket[iCopy++] = sptr[i++];
+ }
+ /* Copy _one_ space */
+ if (i + 1 < dlen && iCopy < PKTSIZE)
+ newpacket[iCopy++] = sptr[i++];
- DBprintf(("Done command - removing spaces\n"));
- /*
- * Skip any extra spaces (should not occur according to
- * protocol, but DCC breaks CTCP protocol anyway
- */
- while (sptr[i] == ' ') {
- if (++i >= dlen) {
- DBprintf(("DCC packet terminated in just spaces (post-command)\n"));
- goto lPACKET_DONE;
- }
+ DBprintf(("Done command - removing spaces\n"));
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf((
+ "DCC packet terminated in just spaces (post-command)\n"));
+ goto lPACKET_DONE;
}
+ }
- DBprintf(("Transferring filename...\n"));
- while (sptr[i] != ' ') {
- newpacket[iCopy++] = sptr[i];
- if (++i >= dlen || iCopy >= PKTSIZE) {
- DBprintf(("DCC packet terminated during filename\n"));
- goto lPACKET_DONE;
- }
+ DBprintf(("Transferring filename...\n"));
+ while (sptr[i] != ' ') {
+ newpacket[iCopy++] = sptr[i];
+ if (++i >= dlen || iCopy >= PKTSIZE) {
+ DBprintf(("DCC packet terminated during filename\n"));
+ goto lPACKET_DONE;
}
- /* Copy _one_ space */
- if (i + 1 < dlen && iCopy < PKTSIZE)
- newpacket[iCopy++] = sptr[i++];
+ }
+ /* Copy _one_ space */
+ if (i + 1 < dlen && iCopy < PKTSIZE)
+ newpacket[iCopy++] = sptr[i++];
- DBprintf(("Done filename - removing spaces\n"));
- /*
- * Skip any extra spaces (should not occur according to
- * protocol, but DCC breaks CTCP protocol anyway
- */
- while (sptr[i] == ' ') {
- if (++i >= dlen) {
- DBprintf(("DCC packet terminated in just spaces (post-filename)\n"));
- goto lPACKET_DONE;
- }
+ DBprintf(("Done filename - removing spaces\n"));
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf((
+ "DCC packet terminated in just spaces (post-filename)\n"));
+ goto lPACKET_DONE;
}
+ }
- DBprintf(("Fetching IP address\n"));
- /* Fetch IP address */
- org_addr = 0;
- while (i < dlen && isdigit(sptr[i])) {
- if (org_addr > ULONG_MAX / 10UL) { /* Terminate on overflow */
- DBprintf(("DCC Address overflow (org_addr == 0x%08lx, next char %c\n", org_addr, sptr[i]));
- goto lBAD_CTCP;
- }
- org_addr *= 10;
- org_addr += sptr[i++] - '0';
- }
- DBprintf(("Skipping space\n"));
- if (i + 1 >= dlen || sptr[i] != ' ') {
- DBprintf(("Overflow (%d >= %d) or bad character (%02x) terminating IP address\n", i + 1, dlen, sptr[i]));
+ DBprintf(("Fetching IP address\n"));
+ /* Fetch IP address */
+ org_addr = 0;
+ while (i < dlen && isdigit(sptr[i])) {
+ if (org_addr > ULONG_MAX / 10UL) { /* Terminate on overflow */
+ DBprintf((
+ "DCC Address overflow (org_addr == 0x%08lx, next char %c\n",
+ org_addr, sptr[i]));
goto lBAD_CTCP;
}
- /*
- * Skip any extra spaces (should not occur according to
- * protocol, but DCC breaks CTCP protocol anyway, so we
- * might as well play it safe
- */
- while (sptr[i] == ' ') {
- if (++i >= dlen) {
- DBprintf(("Packet failure - space overflow.\n"));
- goto lPACKET_DONE;
- }
- }
- DBprintf(("Fetching port number\n"));
- /* Fetch source port */
- org_port = 0;
- while (i < dlen && isdigit(sptr[i])) {
- if (org_port > 6554) { /* Terminate on overflow
- * (65536/10 rounded up */
- DBprintf(("DCC: port number overflow\n"));
- goto lBAD_CTCP;
- }
- org_port *= 10;
- org_port += sptr[i++] - '0';
+ org_addr *= 10;
+ org_addr += sptr[i++] - '0';
+ }
+ DBprintf(("Skipping space\n"));
+ if (i + 1 >= dlen || sptr[i] != ' ') {
+ DBprintf((
+ "Overflow (%d >= %d) or bad character (%02x) terminating IP address\n",
+ i + 1, dlen, sptr[i]));
+ goto lBAD_CTCP;
+ }
+ /*
+ * Skip any extra spaces (should not occur according to
+ * protocol, but DCC breaks CTCP protocol anyway, so we
+ * might as well play it safe
+ */
+ while (sptr[i] == ' ') {
+ if (++i >= dlen) {
+ DBprintf(("Packet failure - space overflow.\n"));
+ goto lPACKET_DONE;
}
- /* Skip illegal addresses (or early termination) */
- if (i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ')) {
- DBprintf(("Bad port termination\n"));
+ }
+ DBprintf(("Fetching port number\n"));
+ /* Fetch source port */
+ org_port = 0;
+ while (i < dlen && isdigit(sptr[i])) {
+ if (org_port > 6554) { /* Terminate on overflow
+ * (65536/10 rounded up */
+ DBprintf(("DCC: port number overflow\n"));
goto lBAD_CTCP;
}
- DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
+ org_port *= 10;
+ org_port += sptr[i++] - '0';
+ }
+ /* Skip illegal addresses (or early termination) */
+ if (i >= dlen || (sptr[i] != '\001' && sptr[i] != ' ')) {
+ DBprintf(("Bad port termination\n"));
+ goto lBAD_CTCP;
+ }
+ DBprintf(("Got IP %lu and port %u\n", org_addr, (unsigned)org_port));
- /* We've got the address and port - now alias it */
- {
- struct alias_link *dcc_lnk;
- struct in_addr destaddr;
+ /* We've got the address and port - now alias it */
+ {
+ struct alias_link *dcc_lnk;
+ struct in_addr destaddr;
- true_port = htons(org_port);
- true_addr.s_addr = htonl(org_addr);
- destaddr.s_addr = 0;
+ true_port = htons(org_port);
+ true_addr.s_addr = htonl(org_addr);
+ destaddr.s_addr = 0;
- /* Sanity/Security checking */
- if (!org_addr || !org_port ||
- pip->ip_src.s_addr != true_addr.s_addr ||
- org_port < IPPORT_RESERVED)
- goto lBAD_CTCP;
+ /* Sanity/Security checking */
+ if (!org_addr || !org_port ||
+ pip->ip_src.s_addr != true_addr.s_addr ||
+ org_port < IPPORT_RESERVED)
+ goto lBAD_CTCP;
- /*
- * Steal the FTP_DATA_PORT - it doesn't really
- * matter, and this would probably allow it through
- * at least _some_ firewalls.
- */
- dcc_lnk = FindUdpTcpOut(la, true_addr, destaddr,
- true_port, 0,
- IPPROTO_TCP, 1);
- DBprintf(("Got a DCC link\n"));
- if (dcc_lnk) {
- struct in_addr alias_address; /* Address from aliasing */
- u_short alias_port; /* Port given by
- * aliasing */
- int n;
+ /*
+ * Steal the FTP_DATA_PORT - it doesn't really
+ * matter, and this would probably allow it through
+ * at least _some_ firewalls.
+ */
+ dcc_lnk = FindUdpTcpOut(la, true_addr, destaddr, true_port, 0,
+ IPPROTO_TCP, 1);
+ DBprintf(("Got a DCC link\n"));
+ if (dcc_lnk) {
+ struct in_addr
+ alias_address; /* Address from aliasing */
+ u_short alias_port; /* Port given by
+ * aliasing */
+ int n;
#ifndef NO_FW_PUNCH
- /* Generate firewall hole as appropriate */
- PunchFWHole(dcc_lnk);
+ /* Generate firewall hole as appropriate */
+ PunchFWHole(dcc_lnk);
#endif
- alias_address = GetAliasAddress(lnk);
- n = snprintf(&newpacket[iCopy],
- PKTSIZE - iCopy,
- "%lu ", (u_long) htonl(alias_address.s_addr));
- if (n < 0) {
- DBprintf(("DCC packet construct failure.\n"));
- goto lBAD_CTCP;
- }
- if ((iCopy += n) >= PKTSIZE) { /* Truncated/fit exactly
- * - bad news */
- DBprintf(("DCC constructed packet overflow.\n"));
- goto lBAD_CTCP;
- }
- alias_port = GetAliasPort(dcc_lnk);
- n = snprintf(&newpacket[iCopy],
- PKTSIZE - iCopy,
- "%u", htons(alias_port));
- if (n < 0) {
- DBprintf(("DCC packet construct failure.\n"));
- goto lBAD_CTCP;
- }
- iCopy += n;
- /*
- * Done - truncated cases will be taken
- * care of by lBAD_CTCP
- */
- DBprintf(("Aliased IP %lu and port %u\n", alias_address.s_addr, (unsigned)alias_port));
+ alias_address = GetAliasAddress(lnk);
+ n = snprintf(&newpacket[iCopy], PKTSIZE - iCopy, "%lu ",
+ (u_long)htonl(alias_address.s_addr));
+ if (n < 0) {
+ DBprintf(("DCC packet construct failure.\n"));
+ goto lBAD_CTCP;
}
- }
- /*
- * An uninteresting CTCP - state entered right after '\001'
- * has been pushed. Also used to copy the rest of a DCC,
- * after IP address and port has been handled
- */
- lBAD_CTCP:
- for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
- newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
- if (sptr[i] == '\001') {
- goto lNORMAL_TEXT;
+ if ((iCopy += n) >= PKTSIZE) { /* Truncated/fit exactly
+ * - bad news */
+ DBprintf(
+ ("DCC constructed packet overflow.\n"));
+ goto lBAD_CTCP;
}
- }
- goto lPACKET_DONE;
- /* Normal text */
- lNORMAL_TEXT:
- for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
- newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
- if (sptr[i] == '\001') {
- goto lCTCP_START;
+ alias_port = GetAliasPort(dcc_lnk);
+ n = snprintf(&newpacket[iCopy], PKTSIZE - iCopy, "%u",
+ htons(alias_port));
+ if (n < 0) {
+ DBprintf(("DCC packet construct failure.\n"));
+ goto lBAD_CTCP;
}
+ iCopy += n;
+ /*
+ * Done - truncated cases will be taken
+ * care of by lBAD_CTCP
+ */
+ DBprintf(("Aliased IP %lu and port %u\n",
+ alias_address.s_addr, (unsigned)alias_port));
}
- /* Handle the end of a packet */
- lPACKET_DONE:
- iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy;
- memcpy(sptr + copyat, newpacket, iCopy);
-
- /* Save information regarding modified seq and ack numbers */
- {
- int delta;
-
- SetAckModified(lnk);
- tc = (struct tcphdr *)ip_next(pip);
- delta = GetDeltaSeqOut(tc->th_seq, lnk);
- AddSeq(lnk, delta + copyat + iCopy - dlen, pip->ip_hl,
- pip->ip_len, tc->th_seq, tc->th_off);
+ }
+/*
+ * An uninteresting CTCP - state entered right after '\001'
+ * has been pushed. Also used to copy the rest of a DCC,
+ * after IP address and port has been handled
+ */
+lBAD_CTCP:
+ for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
+ newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
+ if (sptr[i] == '\001') {
+ goto lNORMAL_TEXT;
}
+ }
+ goto lPACKET_DONE;
+/* Normal text */
+lNORMAL_TEXT:
+ for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) {
+ newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */
+ if (sptr[i] == '\001') {
+ goto lCTCP_START;
+ }
+ }
+/* Handle the end of a packet */
+lPACKET_DONE:
+ iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy;
+ memcpy(sptr + copyat, newpacket, iCopy);
+
+ /* Save information regarding modified seq and ack numbers */
+ {
+ int delta;
- /* Revise IP header */
- {
- u_short new_len;
+ SetAckModified(lnk);
+ tc = (struct tcphdr *)ip_next(pip);
+ delta = GetDeltaSeqOut(tc->th_seq, lnk);
+ AddSeq(lnk, delta + copyat + iCopy - dlen, pip->ip_hl,
+ pip->ip_len, tc->th_seq, tc->th_off);
+ }
- new_len = htons(hlen + iCopy + copyat);
- DifferentialChecksum(&pip->ip_sum,
- &new_len,
- &pip->ip_len,
- 1);
- pip->ip_len = new_len;
- }
+ /* Revise IP header */
+ {
+ u_short new_len;
+
+ new_len = htons(hlen + iCopy + copyat);
+ DifferentialChecksum(&pip->ip_sum, &new_len, &pip->ip_len, 1);
+ pip->ip_len = new_len;
+ }
- /* Compute TCP checksum for revised packet */
- tc->th_sum = 0;
+ /* Compute TCP checksum for revised packet */
+ tc->th_sum = 0;
#ifdef _KERNEL
- tc->th_x2 = 1;
+ tc->th_x2 = 1;
#else
- tc->th_sum = TcpChecksum(pip);
+ tc->th_sum = TcpChecksum(pip);
#endif
- return;
- }
+ return;
+}
}
/* Notes:
[Note 1]
- The initial search will most often fail; it could be replaced with a 32-bit specific search.
- Such a search would be done for 32-bit unsigned value V:
- V ^= 0x01010101; (Search is for null bytes)
- if( ((V-0x01010101)^V) & 0x80808080 ) {
- (found a null bytes which was a 01 byte)
+ The initial search will most often fail; it could be replaced with a 32-bit
+ specific search. Such a search would be done for 32-bit unsigned value V: V ^=
+ 0x01010101; (Search is for null bytes) if( ((V-0x01010101)^V) &
+ 0x80808080 ) { (found a null bytes which was a 01 byte)
}
To assert that the processor is 32-bits, do
extern int ircdccar[32]; (32 bits)
Index: sys/netinet/libalias/alias_local.h
===================================================================
--- sys/netinet/libalias/alias_local.h
+++ sys/netinet/libalias/alias_local.h
@@ -46,19 +46,19 @@
*/
#ifndef _ALIAS_LOCAL_H_
-#define _ALIAS_LOCAL_H_
+#define _ALIAS_LOCAL_H_
#include <sys/types.h>
#include <sys/sysctl.h>
#ifdef _KERNEL
-#include <sys/malloc.h>
#include <sys/param.h>
#include <sys/lock.h>
+#include <sys/malloc.h>
#include <sys/mutex.h>
/* XXX: LibAliasSetTarget() uses this constant. */
-#define INADDR_NONE 0xffffffff
+#define INADDR_NONE 0xffffffff
#include <netinet/libalias/alias_sctp.h>
#else
@@ -66,11 +66,11 @@
#endif
/* Sizes of input and output link tables */
-#define LINK_TABLE_OUT_SIZE 4001
-#define LINK_TABLE_IN_SIZE 4001
+#define LINK_TABLE_OUT_SIZE 4001
+#define LINK_TABLE_IN_SIZE 4001
-#define GET_ALIAS_PORT -1
-#define GET_ALIAS_ID GET_ALIAS_PORT
+#define GET_ALIAS_PORT -1
+#define GET_ALIAS_ID GET_ALIAS_PORT
#ifdef _KERNEL
#define INET_NTOA_BUF(buf) (buf)
@@ -83,80 +83,80 @@
struct libalias {
LIST_ENTRY(libalias) instancelist;
/* Mode flags documented in alias.h */
- int packetAliasMode;
+ int packetAliasMode;
/* Address written onto source field of IP packet. */
- struct in_addr aliasAddress;
+ struct in_addr aliasAddress;
/* IP address incoming packets are sent to
* if no aliasing link already exists */
- struct in_addr targetAddress;
+ struct in_addr targetAddress;
/* Used as a dummy parameter for some function calls */
- struct in_addr nullAddress;
+ struct in_addr nullAddress;
/* Lookup table of pointers to chains of link records.
* Each link record is doubly indexed into input and
* output lookup tables. */
- LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
- LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
+ LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
+ LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
/* Link statistics */
- int icmpLinkCount;
- int udpLinkCount;
- int tcpLinkCount;
- int pptpLinkCount;
- int protoLinkCount;
- int fragmentIdLinkCount;
- int fragmentPtrLinkCount;
- int sockCount;
+ int icmpLinkCount;
+ int udpLinkCount;
+ int tcpLinkCount;
+ int pptpLinkCount;
+ int protoLinkCount;
+ int fragmentIdLinkCount;
+ int fragmentPtrLinkCount;
+ int sockCount;
/* Index to chain of link table being inspected for old links */
- int cleanupIndex;
+ int cleanupIndex;
/* System time in seconds for current packet */
- int timeStamp;
+ int timeStamp;
/* Last time IncrementalCleanup() was called */
- int lastCleanupTime;
+ int lastCleanupTime;
/* If equal to zero, DeleteLink()
* will not remove permanent links */
- int deleteAllLinks;
+ int deleteAllLinks;
/* log descriptor */
-#ifdef _KERNEL
- char *logDesc;
+#ifdef _KERNEL
+ char *logDesc;
#else
- FILE *logDesc;
+ FILE *logDesc;
#endif
/* Indicates if a new aliasing link has been created
* after a call to PacketAliasIn/Out(). */
- int newDefaultLink;
+ int newDefaultLink;
#ifndef NO_FW_PUNCH
/* File descriptor to be able to control firewall.
* Opened by PacketAliasSetMode on first setting
* the PKT_ALIAS_PUNCH_FW flag. */
- int fireWallFD;
+ int fireWallFD;
/* The first firewall entry free for our use */
- int fireWallBaseNum;
+ int fireWallBaseNum;
/* How many entries can we use? */
- int fireWallNumNums;
+ int fireWallNumNums;
/* Which entry did we last use? */
- int fireWallActiveNum;
+ int fireWallActiveNum;
/* bool array for entries */
- char *fireWallField;
+ char *fireWallField;
#endif
/* TCP port used by the Skinny protocol. */
- unsigned int skinnyPort;
+ unsigned int skinnyPort;
struct proxy_entry *proxyList;
- struct in_addr true_addr; /* in network byte order. */
- u_short true_port; /* in host byte order. */
+ struct in_addr true_addr; /* in network byte order. */
+ u_short true_port; /* in host byte order. */
/* Port ranges for aliasing. */
- u_short aliasPortLower;
- u_short aliasPortLength;
+ u_short aliasPortLower;
+ u_short aliasPortLength;
/*
* sctp code support
*/
/* counts associations that have progressed to UP and not yet removed */
- int sctpLinkCount;
-#ifdef _KERNEL
+ int sctpLinkCount;
+#ifdef _KERNEL
/* timing queue for keeping track of association timeouts */
struct sctp_nat_timer sctpNatTimer;
/* size of hash table used in this instance */
@@ -175,11 +175,11 @@
#ifdef _KERNEL
#define LIBALIAS_LOCK_INIT(l) \
- mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF)
+ mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF)
#define LIBALIAS_LOCK_ASSERT(l) mtx_assert(&l->mutex, MA_OWNED)
#define LIBALIAS_LOCK(l) mtx_lock(&l->mutex)
#define LIBALIAS_UNLOCK(l) mtx_unlock(&l->mutex)
-#define LIBALIAS_LOCK_DESTROY(l) mtx_destroy(&l->mutex)
+#define LIBALIAS_LOCK_DESTROY(l) mtx_destroy(&l->mutex)
#else
#define LIBALIAS_LOCK_INIT(l)
#define LIBALIAS_LOCK_ASSERT(l)
@@ -196,19 +196,19 @@
* subtracting out old words), and "cksum"
* is the checksum value to be updated.
*/
-#define ADJUST_CHECKSUM(acc, cksum) \
- do { \
- acc += cksum; \
- if (acc < 0) { \
- acc = -acc; \
+#define ADJUST_CHECKSUM(acc, cksum) \
+ do { \
+ acc += cksum; \
+ if (acc < 0) { \
+ acc = -acc; \
acc = (acc >> 16) + (acc & 0xffff); \
- acc += acc >> 16; \
- cksum = (u_short) ~acc; \
- } else { \
+ acc += acc >> 16; \
+ cksum = (u_short)~acc; \
+ } else { \
acc = (acc >> 16) + (acc & 0xffff); \
- acc += acc >> 16; \
- cksum = (u_short) acc; \
- } \
+ acc += acc >> 16; \
+ cksum = (u_short)acc; \
+ } \
} while (0)
/* Prototypes */
@@ -230,121 +230,108 @@
* should be used.
*/
#ifndef _KERNEL
-u_short IpChecksum(struct ip *_pip);
-u_short TcpChecksum(struct ip *_pip);
+u_short IpChecksum(struct ip *_pip);
+u_short TcpChecksum(struct ip *_pip);
#endif
-void
-DifferentialChecksum(u_short * _cksum, void * _new, void * _old, int _n);
+void DifferentialChecksum(u_short *_cksum, void *_new, void *_old, int _n);
/* Internal data access */
-struct alias_link *
-AddLink(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr,
- struct in_addr alias_addr, u_short src_port, u_short dst_port,
- int alias_param, int link_type);
-struct alias_link *
-FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _id_alias, int _create);
-struct alias_link *
-FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _id, int _create);
-struct alias_link *
-FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _ip_id);
-struct alias_link *
-FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _ip_id);
-struct alias_link *
-AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
-struct alias_link *
-FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
-struct alias_link *
-FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_char _proto);
-struct alias_link *
-FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
+struct alias_link *AddLink(struct libalias *la, struct in_addr src_addr,
+ struct in_addr dst_addr, struct in_addr alias_addr, u_short src_port,
+ u_short dst_port, int alias_param, int link_type);
+struct alias_link *FindIcmpIn(struct libalias *la, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, u_short _id_alias, int _create);
+struct alias_link *FindIcmpOut(struct libalias *la, struct in_addr _src_addr,
+ struct in_addr _dst_addr, u_short _id, int _create);
+struct alias_link *FindFragmentIn1(struct libalias *la,
+ struct in_addr _dst_addr, struct in_addr _alias_addr, u_short _ip_id);
+struct alias_link *FindFragmentIn2(struct libalias *la,
+ struct in_addr _dst_addr, struct in_addr _alias_addr, u_short _ip_id);
+struct alias_link *AddFragmentPtrLink(struct libalias *la,
+ struct in_addr _dst_addr, u_short _ip_id);
+struct alias_link *FindFragmentPtr(struct libalias *la,
+ struct in_addr _dst_addr, u_short _ip_id);
+struct alias_link *FindProtoIn(struct libalias *la, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, u_char _proto);
+struct alias_link *FindProtoOut(struct libalias *la, struct in_addr _src_addr,
+ struct in_addr _dst_addr, u_char _proto);
+struct alias_link *FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, u_short _dst_port, u_short _alias_port,
+ u_char _proto, int _create);
+struct alias_link *FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr,
+ struct in_addr _dst_addr, u_short _src_port, u_short _dst_port,
+ u_char _proto, int _create);
+struct alias_link *AddPptp(struct libalias *la, struct in_addr _src_addr,
+ struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_int16_t _src_call_id);
+struct alias_link *FindPptpOutByCallId(struct libalias *la,
+ struct in_addr _src_addr, struct in_addr _dst_addr, u_int16_t _src_call_id);
+struct alias_link *FindPptpInByCallId(struct libalias *la,
+ struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_int16_t _dst_call_id);
+struct alias_link *FindPptpOutByPeerCallId(struct libalias *la,
+ struct in_addr _src_addr, struct in_addr _dst_addr, u_int16_t _dst_call_id);
+struct alias_link *FindPptpInByPeerCallId(struct libalias *la,
+ struct in_addr _dst_addr, struct in_addr _alias_addr,
+ u_int16_t _alias_call_id);
+struct alias_link *FindRtspOut(struct libalias *la, struct in_addr _src_addr,
+ struct in_addr _dst_addr, u_short _src_port, u_short _alias_port,
u_char _proto);
-struct alias_link *
-FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
-struct alias_link *
-FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _src_port, u_short _dst_port, u_char _proto, int _create);
-struct alias_link *
-AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- struct in_addr _alias_addr, u_int16_t _src_call_id);
-struct alias_link *
-FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
- struct in_addr _dst_addr, u_int16_t _src_call_id);
-struct alias_link *
-FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
- struct in_addr _alias_addr, u_int16_t _dst_call_id);
-struct alias_link *
-FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
- struct in_addr _dst_addr, u_int16_t _dst_call_id);
-struct alias_link *
-FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
- struct in_addr _alias_addr, u_int16_t _alias_call_id);
-struct alias_link *
-FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _src_port, u_short _alias_port, u_char _proto);
-struct in_addr
-FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
-struct in_addr
-FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
-struct in_addr
-FindSctpRedirectAddress(struct libalias *la, struct sctp_nat_msg *sm);
+struct in_addr FindOriginalAddress(struct libalias *la,
+ struct in_addr _alias_addr);
+struct in_addr FindAliasAddress(struct libalias *la,
+ struct in_addr _original_addr);
+struct in_addr FindSctpRedirectAddress(struct libalias *la,
+ struct sctp_nat_msg *sm);
/* External data access/modification */
-int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr,
- struct in_addr _alias_addr, u_short _src_port,
- u_short _dst_port, u_short _port_count, u_char _proto,
- u_char _align);
-void GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr);
-void SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr);
-void GetFragmentPtr(struct alias_link *_lnk, void **_fptr);
-void SetFragmentPtr(struct alias_link *_lnk, void *fptr);
-void SetStateIn(struct alias_link *_lnk, int _state);
-void SetStateOut(struct alias_link *_lnk, int _state);
-int GetStateIn (struct alias_link *_lnk);
-int GetStateOut(struct alias_link *_lnk);
-struct in_addr GetOriginalAddress(struct alias_link *_lnk);
-struct in_addr GetDestAddress(struct alias_link *_lnk);
-struct in_addr GetAliasAddress(struct alias_link *_lnk);
-struct in_addr GetDefaultAliasAddress(struct libalias *la);
-void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
-u_short GetOriginalPort(struct alias_link *_lnk);
-u_short GetAliasPort(struct alias_link *_lnk);
-struct in_addr GetProxyAddress(struct alias_link *_lnk);
-void SetProxyAddress(struct alias_link *_lnk, struct in_addr _addr);
-u_short GetProxyPort(struct alias_link *_lnk);
-void SetProxyPort(struct alias_link *_lnk, u_short _port);
-void SetAckModified(struct alias_link *_lnk);
-int GetAckModified(struct alias_link *_lnk);
-int GetDeltaAckIn(u_long, struct alias_link *_lnk);
-int GetDeltaSeqOut(u_long, struct alias_link *lnk);
-void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl,
- u_short ip_len, u_long th_seq, u_int th_off);
-void SetExpire (struct alias_link *_lnk, int _expire);
-void ClearCheckNewLink(struct libalias *la);
-void SetProtocolFlags(struct alias_link *_lnk, int _pflags);
-int GetProtocolFlags(struct alias_link *_lnk);
-void SetDestCallId(struct alias_link *_lnk, u_int16_t _cid);
+int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr,
+ struct in_addr _alias_addr, u_short _src_port, u_short _dst_port,
+ u_short _port_count, u_char _proto, u_char _align);
+void GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr);
+void SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr);
+void GetFragmentPtr(struct alias_link *_lnk, void **_fptr);
+void SetFragmentPtr(struct alias_link *_lnk, void *fptr);
+void SetStateIn(struct alias_link *_lnk, int _state);
+void SetStateOut(struct alias_link *_lnk, int _state);
+int GetStateIn(struct alias_link *_lnk);
+int GetStateOut(struct alias_link *_lnk);
+struct in_addr GetOriginalAddress(struct alias_link *_lnk);
+struct in_addr GetDestAddress(struct alias_link *_lnk);
+struct in_addr GetAliasAddress(struct alias_link *_lnk);
+struct in_addr GetDefaultAliasAddress(struct libalias *la);
+void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
+u_short GetOriginalPort(struct alias_link *_lnk);
+u_short GetAliasPort(struct alias_link *_lnk);
+struct in_addr GetProxyAddress(struct alias_link *_lnk);
+void SetProxyAddress(struct alias_link *_lnk, struct in_addr _addr);
+u_short GetProxyPort(struct alias_link *_lnk);
+void SetProxyPort(struct alias_link *_lnk, u_short _port);
+void SetAckModified(struct alias_link *_lnk);
+int GetAckModified(struct alias_link *_lnk);
+int GetDeltaAckIn(u_long, struct alias_link *_lnk);
+int GetDeltaSeqOut(u_long, struct alias_link *lnk);
+void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len,
+ u_long th_seq, u_int th_off);
+void SetExpire(struct alias_link *_lnk, int _expire);
+void ClearCheckNewLink(struct libalias *la);
+void SetProtocolFlags(struct alias_link *_lnk, int _pflags);
+int GetProtocolFlags(struct alias_link *_lnk);
+void SetDestCallId(struct alias_link *_lnk, u_int16_t _cid);
#ifndef NO_FW_PUNCH
-void PunchFWHole(struct alias_link *_lnk);
+void PunchFWHole(struct alias_link *_lnk);
#endif
/* Housekeeping function */
-void HouseKeeping(struct libalias *);
+void HouseKeeping(struct libalias *);
/* Transparent proxy routines */
-int
-ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
- u_short * proxy_server_port, struct in_addr src_addr,
+int ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
+ u_short *proxy_server_port, struct in_addr src_addr,
struct in_addr dst_addr, u_short dst_port, u_char ip_p);
-void
-ProxyModify(struct libalias *la, struct alias_link *_lnk, struct ip *_pip,
+void ProxyModify(struct libalias *la, struct alias_link *_lnk, struct ip *_pip,
int _maxpacketsize, int _proxy_type);
/* Tcp specific routines */
@@ -382,4 +369,4 @@
}
#endif
-#endif /* !_ALIAS_LOCAL_H_ */
+#endif /* !_ALIAS_LOCAL_H_ */
Index: sys/netinet/libalias/alias_mod.h
===================================================================
--- sys/netinet/libalias/alias_mod.h
+++ sys/netinet/libalias/alias_mod.h
@@ -42,21 +42,21 @@
/* Use kernel allocator. */
#if defined(_SYS_MALLOC_H_)
#undef malloc
-#define malloc(x) malloc(x, M_ALIAS, M_NOWAIT|M_ZERO)
-#define calloc(n, x) mallocarray((n), (x), M_ALIAS, M_NOWAIT|M_ZERO)
-#define free(x) free(x, M_ALIAS)
+#define malloc(x) malloc(x, M_ALIAS, M_NOWAIT | M_ZERO)
+#define calloc(n, x) mallocarray((n), (x), M_ALIAS, M_NOWAIT | M_ZERO)
+#define free(x) free(x, M_ALIAS)
#endif
#endif
/* Packet flow direction flags. */
-#define IN 0x0001
-#define OUT 0x0002
-#define NODIR 0x4000
+#define IN 0x0001
+#define OUT 0x0002
+#define NODIR 0x4000
/* Working protocol flags. */
-#define IP 0x01
-#define TCP 0x02
-#define UDP 0x04
+#define IP 0x01
+#define TCP 0x02
+#define UDP 0x04
/*
* Data passed to protocol handler module, it must be filled
@@ -64,12 +64,12 @@
* module is elegible to be called.
*/
struct alias_data {
- struct alias_link *lnk;
- struct in_addr *oaddr; /* Original address. */
- struct in_addr *aaddr; /* Alias address. */
- uint16_t *aport; /* Alias port. */
- uint16_t *sport, *dport; /* Source & destination port */
- uint16_t maxpktsize; /* Max packet size. */
+ struct alias_link *lnk;
+ struct in_addr *oaddr; /* Original address. */
+ struct in_addr *aaddr; /* Alias address. */
+ uint16_t *aport; /* Alias port. */
+ uint16_t *sport, *dport; /* Source & destination port */
+ uint16_t maxpktsize; /* Max packet size. */
};
/*
@@ -77,19 +77,19 @@
* a protocol handler correctly work.
*/
struct proto_handler {
- u_int pri; /* Handler priority. */
- int16_t dir; /* Flow direction. */
- uint8_t proto; /* Working protocol. */
+ u_int pri; /* Handler priority. */
+ int16_t dir; /* Flow direction. */
+ uint8_t proto; /* Working protocol. */
/* Fingerprint * function. */
int (*fingerprint)(struct libalias *, struct alias_data *);
/* Aliasing * function. */
- int (*protohandler)(struct libalias *, struct ip *,
- struct alias_data *);
+ int (
+ *protohandler)(struct libalias *, struct ip *, struct alias_data *);
TAILQ_ENTRY(proto_handler) link;
};
/* End of handlers. */
-#define EOH .dir = NODIR
+#define EOH .dir = NODIR
/* Functions used with protocol handlers. */
int LibAliasAttachHandlers(struct proto_handler *);
@@ -104,16 +104,16 @@
* module loaded. In kernel land (kld mode) we don't need to care
* care about libalias modules cause it's kld to do it for us.
*/
-#define DLL_LEN 32
+#define DLL_LEN 32
struct dll {
- char name[DLL_LEN]; /* Name of module. */
- void *handle; /*
- * Ptr to shared obj obtained through
- * dlopen() - use this ptr to get access
- * to any symbols from a loaded module
- * via dlsym().
- */
- SLIST_ENTRY(dll) next;
+ char name[DLL_LEN]; /* Name of module. */
+ void *handle; /*
+ * Ptr to shared obj obtained through
+ * dlopen() - use this ptr to get access
+ * to any symbols from a loaded module
+ * via dlsym().
+ */
+ SLIST_ENTRY(dll) next;
};
/* Functions used with dll module. */
@@ -141,9 +141,9 @@
* Struct for registering modules statically via SYSINIT.
*/
typedef struct moduledata {
- const char *name; /* module name */
- modeventhand_t evhand; /* event handler */
- void *priv; /* extra data */
+ const char *name; /* module name */
+ modeventhand_t evhand; /* event handler */
+ void *priv; /* extra data */
} moduledata_t;
#endif /* !_KERNEL */
Index: sys/netinet/libalias/alias_mod.c
===================================================================
--- sys/netinet/libalias/alias_mod.c
+++ sys/netinet/libalias/alias_mod.c
@@ -30,19 +30,20 @@
__FBSDID("$FreeBSD$");
#ifdef _KERNEL
-#include <sys/libkern.h>
#include <sys/param.h>
+#include <sys/libkern.h>
#include <sys/lock.h>
#include <sys/rwlock.h>
#else
-#include <stdio.h>
-#include <string.h>
#include <sys/types.h>
+
#include <errno.h>
+#include <stdio.h>
+#include <string.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#ifdef _KERNEL
@@ -54,17 +55,16 @@
#endif
/* Protocol and userland module handlers chains. */
-static TAILQ_HEAD(handler_chain, proto_handler) handler_chain =
- TAILQ_HEAD_INITIALIZER(handler_chain);
+static TAILQ_HEAD(handler_chain,
+ proto_handler) handler_chain = TAILQ_HEAD_INITIALIZER(handler_chain);
static int
attach_handler(struct proto_handler *p)
{
struct proto_handler *b;
- TAILQ_FOREACH(b, &handler_chain, link) {
- if ((b->pri == p->pri) &&
- (b->dir == p->dir) &&
+ TAILQ_FOREACH (b, &handler_chain, link) {
+ if ((b->pri == p->pri) && (b->dir == p->dir) &&
(b->proto == p->proto))
return (EEXIST);
if (b->pri > p->pri) {
@@ -111,7 +111,7 @@
{
struct proto_handler *p;
- TAILQ_FOREACH(p, &handler_chain, link)
+ TAILQ_FOREACH (p, &handler_chain, link)
if ((p->dir & dir) && (p->proto & proto) &&
p->fingerprint(la, ad) == 0)
return (p->protohandler(la, ip, ad));
@@ -133,7 +133,7 @@
{
struct dll *b;
- SLIST_FOREACH(b, &dll_chain, next) {
+ SLIST_FOREACH (b, &dll_chain, next) {
if (!strncmp(b->name, p->name, DLL_LEN))
return (EEXIST); /* Dll name conflict. */
}
@@ -149,7 +149,7 @@
b = NULL;
error = NULL;
- SLIST_FOREACH_SAFE(b, &dll_chain, next, b_tmp)
+ SLIST_FOREACH_SAFE (b, &dll_chain, next, b_tmp)
if (!strncmp(b->name, p, DLL_LEN)) {
SLIST_REMOVE(&dll_chain, b, dll, next);
error = b;
Index: sys/netinet/libalias/alias_nbt.c
===================================================================
--- sys/netinet/libalias/alias_nbt.c
+++ sys/netinet/libalias/alias_nbt.c
@@ -49,14 +49,15 @@
#include <sys/kernel.h>
#include <sys/module.h>
#else
-#include <errno.h>
#include <sys/types.h>
+
+#include <errno.h>
#include <stdio.h>
#include <strings.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
@@ -71,12 +72,11 @@
#define NETBIOS_NS_PORT_NUMBER 137
#define NETBIOS_DGM_PORT_NUMBER 138
-static int
-AliasHandleUdpNbt(struct libalias *, struct ip *, struct alias_link *,
- struct in_addr *, u_short);
-static int
-AliasHandleUdpNbtNS(struct libalias *, struct ip *, struct alias_link *,
- struct in_addr *, u_short *, struct in_addr *, u_short *);
+static int AliasHandleUdpNbt(struct libalias *, struct ip *,
+ struct alias_link *, struct in_addr *, u_short);
+static int AliasHandleUdpNbtNS(struct libalias *, struct ip *,
+ struct alias_link *, struct in_addr *, u_short *, struct in_addr *,
+ u_short *);
static int
fingerprint1(struct libalias *la, struct alias_data *ah)
@@ -84,8 +84,8 @@
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->aaddr == NULL || ah->aport == NULL)
return (-1);
- if (ntohs(*ah->dport) == NETBIOS_DGM_PORT_NUMBER
- || ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER)
+ if (ntohs(*ah->dport) == NETBIOS_DGM_PORT_NUMBER ||
+ ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER)
return (0);
return (-1);
}
@@ -102,8 +102,8 @@
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->aaddr == NULL || ah->aport == NULL)
return (-1);
- if (ntohs(*ah->dport) == NETBIOS_NS_PORT_NUMBER
- || ntohs(*ah->sport) == NETBIOS_NS_PORT_NUMBER)
+ if (ntohs(*ah->dport) == NETBIOS_NS_PORT_NUMBER ||
+ ntohs(*ah->sport) == NETBIOS_NS_PORT_NUMBER)
return (0);
return (-1);
}
@@ -111,8 +111,8 @@
static int
protohandler2in(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
- AliasHandleUdpNbtNS(la, pip, ah->lnk, ah->aaddr, ah->aport,
- ah->oaddr, ah->dport);
+ AliasHandleUdpNbtNS(la, pip, ah->lnk, ah->aaddr, ah->aport, ah->oaddr,
+ ah->dport);
return (0);
}
@@ -120,34 +120,26 @@
protohandler2out(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
return (AliasHandleUdpNbtNS(la, pip, ah->lnk, &pip->ip_src, ah->sport,
- ah->aaddr, ah->aport));
+ ah->aaddr, ah->aport));
}
/* Kernel module definition. */
-struct proto_handler handlers[] = {
- {
- .pri = 130,
- .dir = IN|OUT,
- .proto = UDP,
- .fingerprint = &fingerprint1,
- .protohandler = &protohandler1
- },
- {
- .pri = 140,
- .dir = IN,
- .proto = UDP,
- .fingerprint = &fingerprint2,
- .protohandler = &protohandler2in
- },
- {
- .pri = 140,
- .dir = OUT,
- .proto = UDP,
- .fingerprint = &fingerprint2,
- .protohandler = &protohandler2out
- },
- { EOH }
-};
+struct proto_handler handlers[] = { { .pri = 130,
+ .dir = IN | OUT,
+ .proto = UDP,
+ .fingerprint = &fingerprint1,
+ .protohandler = &protohandler1 },
+ { .pri = 140,
+ .dir = IN,
+ .proto = UDP,
+ .fingerprint = &fingerprint2,
+ .protohandler = &protohandler2in },
+ { .pri = 140,
+ .dir = OUT,
+ .proto = UDP,
+ .fingerprint = &fingerprint2,
+ .protohandler = &protohandler2out },
+ { EOH } };
static int
mod_handler(module_t mod, int type, void *data)
@@ -169,65 +161,63 @@
return (error);
}
-#ifdef _KERNEL
+#ifdef _KERNEL
static
#endif
-moduledata_t alias_mod = {
- "alias_nbt", mod_handler, NULL
-};
+ moduledata_t alias_mod = { "alias_nbt", mod_handler, NULL };
-#ifdef _KERNEL
+#ifdef _KERNEL
DECLARE_MODULE(alias_nbt, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_nbt, 1);
MODULE_DEPEND(alias_nbt, libalias, 1, 1, 1);
#endif
typedef struct {
- struct in_addr oldaddr;
- u_short oldport;
- struct in_addr newaddr;
- u_short newport;
- u_short *uh_sum;
+ struct in_addr oldaddr;
+ u_short oldport;
+ struct in_addr newaddr;
+ u_short newport;
+ u_short *uh_sum;
} NBTArguments;
typedef struct {
- unsigned char type;
- unsigned char flags;
- u_short id;
- struct in_addr source_ip;
- u_short source_port;
- u_short len;
- u_short offset;
+ unsigned char type;
+ unsigned char flags;
+ u_short id;
+ struct in_addr source_ip;
+ u_short source_port;
+ u_short len;
+ u_short offset;
} NbtDataHeader;
-#define OpQuery 0
-#define OpUnknown 4
-#define OpRegist 5
-#define OpRelease 6
-#define OpWACK 7
-#define OpRefresh 8
+#define OpQuery 0
+#define OpUnknown 4
+#define OpRegist 5
+#define OpRelease 6
+#define OpWACK 7
+#define OpRefresh 8
typedef struct {
- u_short nametrid;
- u_short dir: 1, opcode:4, nmflags:7, rcode:4;
- u_short qdcount;
- u_short ancount;
- u_short nscount;
- u_short arcount;
+ u_short nametrid;
+ u_short dir : 1, opcode : 4, nmflags : 7, rcode : 4;
+ u_short qdcount;
+ u_short ancount;
+ u_short nscount;
+ u_short arcount;
} NbtNSHeader;
-#define FMT_ERR 0x1
-#define SRV_ERR 0x2
-#define IMP_ERR 0x4
-#define RFS_ERR 0x5
-#define ACT_ERR 0x6
-#define CFT_ERR 0x7
+#define FMT_ERR 0x1
+#define SRV_ERR 0x2
+#define IMP_ERR 0x4
+#define RFS_ERR 0x5
+#define ACT_ERR 0x6
+#define CFT_ERR 0x7
#ifdef LIBALIAS_DEBUG
static void
PrintRcode(u_char rcode)
{
switch (rcode) {
- case FMT_ERR:
+ case FMT_ERR:
printf("\nFormat Error.");
case SRV_ERR:
printf("\nSever failure.");
@@ -247,8 +237,8 @@
#endif
/* Handling Name field */
-static u_char *
-AliasHandleName(u_char * p, char *pmax)
+static u_char *
+AliasHandleName(u_char *p, char *pmax)
{
u_char *s;
u_char c;
@@ -263,7 +253,7 @@
p = p + 2;
if ((char *)p > pmax)
return (NULL);
- return ((u_char *) p);
+ return ((u_char *)p);
}
while ((*p & 0x3f) != 0x00) {
s = p + 1;
@@ -273,7 +263,7 @@
compress = 0;
/* Get next length field */
- p = (u_char *) (p + (*p & 0x3f) + 1);
+ p = (u_char *)(p + (*p & 0x3f) + 1);
if ((char *)p > pmax) {
p = NULL;
break;
@@ -283,7 +273,9 @@
#endif
while (s < p) {
if (compress == 1) {
- c = (u_char) (((((*s & 0x0f) << 4) | (*(s + 1) & 0x0f)) - 0x11));
+ c = (u_char)((
+ (((*s & 0x0f) << 4) | (*(s + 1) & 0x0f)) -
+ 0x11));
#ifdef LIBALIAS_DEBUG
if (isprint(c))
printf("%c", c);
@@ -309,27 +301,24 @@
p = NULL;
else
p++;
- return ((u_char *) p);
+ return ((u_char *)p);
}
/*
* NetBios Datagram Handler (IP/UDP)
*/
-#define DGM_DIRECT_UNIQ 0x10
-#define DGM_DIRECT_GROUP 0x11
-#define DGM_BROADCAST 0x12
-#define DGM_ERROR 0x13
-#define DGM_QUERY 0x14
-#define DGM_POSITIVE_RES 0x15
-#define DGM_NEGATIVE_RES 0x16
+#define DGM_DIRECT_UNIQ 0x10
+#define DGM_DIRECT_GROUP 0x11
+#define DGM_BROADCAST 0x12
+#define DGM_ERROR 0x13
+#define DGM_QUERY 0x14
+#define DGM_POSITIVE_RES 0x15
+#define DGM_NEGATIVE_RES 0x16
static int
-AliasHandleUdpNbt(
- struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *lnk,
- struct in_addr *alias_address,
- u_short alias_port)
+AliasHandleUdpNbt(struct libalias *la,
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *lnk, struct in_addr *alias_address, u_short alias_port)
{
struct udphdr *uh;
NbtDataHeader *ndh;
@@ -356,18 +345,18 @@
case DGM_DIRECT_UNIQ:
case DGM_DIRECT_GROUP:
case DGM_BROADCAST:
- p = (u_char *) ndh + 14;
- p = AliasHandleName(p, pmax); /* Source Name */
- p = AliasHandleName(p, pmax); /* Destination Name */
+ p = (u_char *)ndh + 14;
+ p = AliasHandleName(p, pmax); /* Source Name */
+ p = AliasHandleName(p, pmax); /* Destination Name */
break;
case DGM_ERROR:
- p = (u_char *) ndh + 11;
+ p = (u_char *)ndh + 11;
break;
case DGM_QUERY:
case DGM_POSITIVE_RES:
case DGM_NEGATIVE_RES:
- p = (u_char *) ndh + 10;
- p = AliasHandleName(p, pmax); /* Destination Name */
+ p = (u_char *)ndh + 10;
+ p = AliasHandleName(p, pmax); /* Destination Name */
break;
}
if (p == NULL || (char *)p > pmax)
@@ -383,10 +372,10 @@
acc = ndh->source_port;
acc -= alias_port;
- sptr = (u_short *) & (ndh->source_ip);
+ sptr = (u_short *)&(ndh->source_ip);
acc += *sptr++;
acc += *sptr;
- sptr = (u_short *) alias_address;
+ sptr = (u_short *)alias_address;
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, uh->uh_sum);
@@ -402,26 +391,23 @@
}
/* Question Section */
-#define QS_TYPE_NB 0x0020
-#define QS_TYPE_NBSTAT 0x0021
-#define QS_CLAS_IN 0x0001
+#define QS_TYPE_NB 0x0020
+#define QS_TYPE_NBSTAT 0x0021
+#define QS_CLAS_IN 0x0001
typedef struct {
- u_short type; /* The type of Request */
- u_short class; /* The class of Request */
+ u_short type; /* The type of Request */
+ u_short class; /* The class of Request */
} NBTNsQuestion;
-static u_char *
-AliasHandleQuestion(
- u_short count,
- NBTNsQuestion * q,
- char *pmax,
- NBTArguments * nbtarg)
+static u_char *
+AliasHandleQuestion(u_short count, NBTNsQuestion *q, char *pmax,
+ NBTArguments *nbtarg)
{
(void)nbtarg;
while (count != 0) {
/* Name Filed */
- q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax);
+ q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax);
if (q == NULL || (char *)(q + 1) > pmax) {
q = NULL;
@@ -435,7 +421,8 @@
break;
default:
#ifdef LIBALIAS_DEBUG
- printf("\nUnknown Type on Question %0x\n", ntohs(q->type));
+ printf("\nUnknown Type on Question %0x\n",
+ ntohs(q->type));
#endif
break;
}
@@ -443,35 +430,32 @@
}
/* Set up to out of Question Section */
- return ((u_char *) q);
+ return ((u_char *)q);
}
/* Resource Record */
-#define RR_TYPE_A 0x0001
-#define RR_TYPE_NS 0x0002
-#define RR_TYPE_NULL 0x000a
-#define RR_TYPE_NB 0x0020
-#define RR_TYPE_NBSTAT 0x0021
-#define RR_CLAS_IN 0x0001
-#define SizeOfNsResource 8
+#define RR_TYPE_A 0x0001
+#define RR_TYPE_NS 0x0002
+#define RR_TYPE_NULL 0x000a
+#define RR_TYPE_NB 0x0020
+#define RR_TYPE_NBSTAT 0x0021
+#define RR_CLAS_IN 0x0001
+#define SizeOfNsResource 8
typedef struct {
- u_short type;
- u_short class;
- unsigned int ttl;
- u_short rdlen;
+ u_short type;
+ u_short class;
+ unsigned int ttl;
+ u_short rdlen;
} NBTNsResource;
-#define SizeOfNsRNB 6
+#define SizeOfNsRNB 6
typedef struct {
- u_short g: 1 , ont:2, resv:13;
- struct in_addr addr;
+ u_short g : 1, ont : 2, resv : 13;
+ struct in_addr addr;
} NBTNsRNB;
-static u_char *
-AliasHandleResourceNB(
- NBTNsResource * q,
- char *pmax,
- NBTArguments * nbtarg)
+static u_char *
+AliasHandleResourceNB(NBTNsResource *q, char *pmax, NBTArguments *nbtarg)
{
NBTNsRNB *nb;
u_short bcount;
@@ -486,14 +470,13 @@
bcount = ntohs(q->rdlen);
/* Forward to Resource NB position */
- nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource);
+ nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource);
/* Processing all in_addr array */
#ifdef LIBALIAS_DEBUG
printf("NB rec[%s->%s, %dbytes] ",
inet_ntoa_r(nbtarg->oldaddr, INET_NTOA_BUF(oldbuf)),
- inet_ntoa_r(nbtarg->newaddr, INET_NTOA_BUF(newbuf)),
- bcount);
+ inet_ntoa_r(nbtarg->newaddr, INET_NTOA_BUF(newbuf)), bcount);
#endif
while (nb != NULL && bcount != 0) {
if ((char *)(nb + 1) > pmax) {
@@ -503,15 +486,16 @@
#ifdef LIBALIAS_DEBUG
printf("<%s>", inet_ntoa_r(nb->addr, INET_NTOA_BUF(newbuf)));
#endif
- if (!bcmp(&nbtarg->oldaddr, &nb->addr, sizeof(struct in_addr))) {
+ if (!bcmp(&nbtarg->oldaddr, &nb->addr,
+ sizeof(struct in_addr))) {
if (*nbtarg->uh_sum != 0) {
int acc;
u_short *sptr;
- sptr = (u_short *) & (nb->addr);
+ sptr = (u_short *)&(nb->addr);
acc = *sptr++;
acc += *sptr;
- sptr = (u_short *) & (nbtarg->newaddr);
+ sptr = (u_short *)&(nbtarg->newaddr);
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
@@ -526,25 +510,22 @@
printf(".");
}
#endif
- nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB);
+ nb = (NBTNsRNB *)((u_char *)nb + SizeOfNsRNB);
bcount -= SizeOfNsRNB;
}
if (nb == NULL || (char *)(nb + 1) > pmax) {
nb = NULL;
}
- return ((u_char *) nb);
+ return ((u_char *)nb);
}
-#define SizeOfResourceA 6
+#define SizeOfResourceA 6
typedef struct {
- struct in_addr addr;
+ struct in_addr addr;
} NBTNsResourceA;
-static u_char *
-AliasHandleResourceA(
- NBTNsResource * q,
- char *pmax,
- NBTArguments * nbtarg)
+static u_char *
+AliasHandleResourceA(NBTNsResource *q, char *pmax, NBTArguments *nbtarg)
{
NBTNsResourceA *a;
u_short bcount;
@@ -557,7 +538,7 @@
return (NULL);
/* Forward to Resource A position */
- a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource));
+ a = (NBTNsResourceA *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
@@ -579,33 +560,30 @@
int acc;
u_short *sptr;
- sptr = (u_short *) & (a->addr); /* Old */
+ sptr = (u_short *)&(a->addr); /* Old */
acc = *sptr++;
acc += *sptr;
- sptr = (u_short *) & nbtarg->newaddr; /* New */
+ sptr = (u_short *)&nbtarg->newaddr; /* New */
acc -= *sptr++;
acc -= *sptr;
ADJUST_CHECKSUM(acc, *nbtarg->uh_sum);
}
a->addr = nbtarg->newaddr;
}
- a++; /* XXXX */
+ a++; /* XXXX */
bcount -= SizeOfResourceA;
}
if (a == NULL || (char *)(a + 1) > pmax)
a = NULL;
- return ((u_char *) a);
+ return ((u_char *)a);
}
typedef struct {
- u_short opcode:4, flags:8, resv:4;
+ u_short opcode : 4, flags : 8, resv : 4;
} NBTNsResourceNULL;
-static u_char *
-AliasHandleResourceNULL(
- NBTNsResource * q,
- char *pmax,
- NBTArguments * nbtarg)
+static u_char *
+AliasHandleResourceNULL(NBTNsResource *q, char *pmax, NBTArguments *nbtarg)
{
NBTNsResourceNULL *n;
u_short bcount;
@@ -616,7 +594,7 @@
return (NULL);
/* Forward to Resource NULL position */
- n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
+ n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
@@ -633,14 +611,11 @@
if ((char *)(n + 1) > pmax)
n = NULL;
- return ((u_char *) n);
+ return ((u_char *)n);
}
-static u_char *
-AliasHandleResourceNS(
- NBTNsResource * q,
- char *pmax,
- NBTArguments * nbtarg)
+static u_char *
+AliasHandleResourceNS(NBTNsResource *q, char *pmax, NBTArguments *nbtarg)
{
NBTNsResourceNULL *n;
u_short bcount;
@@ -651,29 +626,26 @@
return (NULL);
/* Forward to Resource NULL position */
- n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource));
+ n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
/* Resource Record Name Filed */
- q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */
+ q = (NBTNsResource *)AliasHandleName((u_char *)n, pmax); /* XXX */
- if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
+ if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return (NULL);
else
- return ((u_char *) n + bcount);
+ return ((u_char *)n + bcount);
}
typedef struct {
- u_short numnames;
+ u_short numnames;
} NBTNsResourceNBSTAT;
-static u_char *
-AliasHandleResourceNBSTAT(
- NBTNsResource * q,
- char *pmax,
- NBTArguments * nbtarg)
+static u_char *
+AliasHandleResourceNBSTAT(NBTNsResource *q, char *pmax, NBTArguments *nbtarg)
{
NBTNsResourceNBSTAT *n;
u_short bcount;
@@ -684,28 +656,24 @@
return (NULL);
/* Forward to Resource NBSTAT position */
- n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource));
+ n = (NBTNsResourceNBSTAT *)((u_char *)q + sizeof(NBTNsResource));
/* Check out of length */
bcount = ntohs(q->rdlen);
- if (q == NULL || (char *)((u_char *) n + bcount) > pmax)
+ if (q == NULL || (char *)((u_char *)n + bcount) > pmax)
return (NULL);
else
- return ((u_char *) n + bcount);
+ return ((u_char *)n + bcount);
}
-static u_char *
-AliasHandleResource(
- u_short count,
- NBTNsResource * q,
- char *pmax,
- NBTArguments
- * nbtarg)
+static u_char *
+AliasHandleResource(u_short count, NBTNsResource *q, char *pmax,
+ NBTArguments *nbtarg)
{
while (count != 0) {
/* Resource Record Name Filed */
- q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax);
+ q = (NBTNsResource *)AliasHandleName((u_char *)q, pmax);
if (q == NULL || (char *)(q + 1) > pmax)
break;
@@ -716,64 +684,43 @@
/* Type and Class filed */
switch (ntohs(q->type)) {
case RR_TYPE_NB:
- q = (NBTNsResource *) AliasHandleResourceNB(
- q,
- pmax,
- nbtarg
- );
+ q = (NBTNsResource *)AliasHandleResourceNB(q, pmax,
+ nbtarg);
break;
case RR_TYPE_A:
- q = (NBTNsResource *) AliasHandleResourceA(
- q,
- pmax,
- nbtarg
- );
+ q = (NBTNsResource *)AliasHandleResourceA(q, pmax,
+ nbtarg);
break;
case RR_TYPE_NS:
- q = (NBTNsResource *) AliasHandleResourceNS(
- q,
- pmax,
- nbtarg
- );
+ q = (NBTNsResource *)AliasHandleResourceNS(q, pmax,
+ nbtarg);
break;
case RR_TYPE_NULL:
- q = (NBTNsResource *) AliasHandleResourceNULL(
- q,
- pmax,
- nbtarg
- );
+ q = (NBTNsResource *)AliasHandleResourceNULL(q, pmax,
+ nbtarg);
break;
case RR_TYPE_NBSTAT:
- q = (NBTNsResource *) AliasHandleResourceNBSTAT(
- q,
- pmax,
- nbtarg
- );
+ q = (NBTNsResource *)AliasHandleResourceNBSTAT(q, pmax,
+ nbtarg);
break;
default:
#ifdef LIBALIAS_DEBUG
- printf(
- "\nUnknown Type of Resource %0x\n",
- ntohs(q->type)
- );
+ printf("\nUnknown Type of Resource %0x\n",
+ ntohs(q->type));
fflush(stdout);
#endif
break;
}
count--;
}
- return ((u_char *) q);
+ return ((u_char *)q);
}
static int
-AliasHandleUdpNbtNS(
- struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *lnk,
- struct in_addr *alias_address,
- u_short * alias_port,
- struct in_addr *original_address,
- u_short * original_port)
+AliasHandleUdpNbtNS(struct libalias *la,
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *lnk, struct in_addr *alias_address, u_short *alias_port,
+ struct in_addr *original_address, u_short *original_port)
{
struct udphdr *uh;
NbtNSHeader *nsh;
@@ -794,7 +741,7 @@
uh = (struct udphdr *)ip_next(pip);
nbtarg.uh_sum = &(uh->uh_sum);
nsh = (NbtNSHeader *)udp_next(uh);
- p = (u_char *) (nsh + 1);
+ p = (u_char *)(nsh + 1);
pmax = (char *)uh + ntohs(uh->uh_ulen);
if ((char *)(nsh + 1) > pmax)
@@ -802,55 +749,32 @@
#ifdef LIBALIAS_DEBUG
printf(" [%s] ID=%02x, op=%01x, flag=%02x, rcode=%01x, qd=%04x"
- ", an=%04x, ns=%04x, ar=%04x, [%d]-->",
- nsh->dir ? "Response" : "Request",
- nsh->nametrid,
- nsh->opcode,
- nsh->nmflags,
- nsh->rcode,
- ntohs(nsh->qdcount),
- ntohs(nsh->ancount),
- ntohs(nsh->nscount),
- ntohs(nsh->arcount),
- (u_char *) p - (u_char *) nsh
- );
+ ", an=%04x, ns=%04x, ar=%04x, [%d]-->",
+ nsh->dir ? "Response" : "Request", nsh->nametrid, nsh->opcode,
+ nsh->nmflags, nsh->rcode, ntohs(nsh->qdcount), ntohs(nsh->ancount),
+ ntohs(nsh->nscount), ntohs(nsh->arcount),
+ (u_char *)p - (u_char *)nsh);
#endif
/* Question Entries */
if (ntohs(nsh->qdcount) != 0) {
- p = AliasHandleQuestion(
- ntohs(nsh->qdcount),
- (NBTNsQuestion *) p,
- pmax,
- &nbtarg
- );
+ p = AliasHandleQuestion(ntohs(nsh->qdcount), (NBTNsQuestion *)p,
+ pmax, &nbtarg);
}
/* Answer Resource Records */
if (ntohs(nsh->ancount) != 0) {
- p = AliasHandleResource(
- ntohs(nsh->ancount),
- (NBTNsResource *) p,
- pmax,
- &nbtarg
- );
+ p = AliasHandleResource(ntohs(nsh->ancount), (NBTNsResource *)p,
+ pmax, &nbtarg);
}
/* Authority Resource Recodrs */
if (ntohs(nsh->nscount) != 0) {
- p = AliasHandleResource(
- ntohs(nsh->nscount),
- (NBTNsResource *) p,
- pmax,
- &nbtarg
- );
+ p = AliasHandleResource(ntohs(nsh->nscount), (NBTNsResource *)p,
+ pmax, &nbtarg);
}
/* Additional Resource Recodrs */
if (ntohs(nsh->arcount) != 0) {
- p = AliasHandleResource(
- ntohs(nsh->arcount),
- (NBTNsResource *) p,
- pmax,
- &nbtarg
- );
+ p = AliasHandleResource(ntohs(nsh->arcount), (NBTNsResource *)p,
+ pmax, &nbtarg);
}
#ifdef LIBALIAS_DEBUG
PrintRcode(nsh->rcode);
Index: sys/netinet/libalias/alias_pptp.c
===================================================================
--- sys/netinet/libalias/alias_pptp.c
+++ sys/netinet/libalias/alias_pptp.c
@@ -42,13 +42,14 @@
/* Includes */
#ifdef _KERNEL
#include <sys/param.h>
-#include <sys/limits.h>
#include <sys/kernel.h>
+#include <sys/limits.h>
#include <sys/module.h>
#else
+#include <sys/types.h>
+
#include <errno.h>
#include <limits.h>
-#include <sys/types.h>
#include <stdio.h>
#endif
@@ -66,25 +67,23 @@
#define PPTP_CONTROL_PORT_NUMBER 1723
-static void
-AliasHandlePptpOut(struct libalias *, struct ip *, struct alias_link *);
+static void AliasHandlePptpOut(struct libalias *, struct ip *,
+ struct alias_link *);
-static void
-AliasHandlePptpIn(struct libalias *, struct ip *, struct alias_link *);
+static void AliasHandlePptpIn(struct libalias *, struct ip *,
+ struct alias_link *);
-static int
-AliasHandlePptpGreOut(struct libalias *, struct ip *);
+static int AliasHandlePptpGreOut(struct libalias *, struct ip *);
-static int
-AliasHandlePptpGreIn(struct libalias *, struct ip *);
+static int AliasHandlePptpGreIn(struct libalias *, struct ip *);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
return (-1);
- if (ntohs(*ah->dport) == PPTP_CONTROL_PORT_NUMBER
- || ntohs(*ah->sport) == PPTP_CONTROL_PORT_NUMBER)
+ if (ntohs(*ah->dport) == PPTP_CONTROL_PORT_NUMBER ||
+ ntohs(*ah->sport) == PPTP_CONTROL_PORT_NUMBER)
return (0);
return (-1);
}
@@ -127,42 +126,32 @@
}
/* Kernel module definition. */
-struct proto_handler handlers[] = {
- {
- .pri = 200,
- .dir = IN,
- .proto = TCP,
- .fingerprint = &fingerprint,
- .protohandler = &protohandlerin
- },
- {
- .pri = 210,
- .dir = OUT,
- .proto = TCP,
- .fingerprint = &fingerprint,
- .protohandler = &protohandlerout
- },
-/*
- * WATCH OUT!!! these 2 handlers NEED a priority of INT_MAX (highest possible)
- * cause they will ALWAYS process packets, so they must be the last one
- * in chain: look fingerprintgre() above.
- */
- {
- .pri = INT_MAX,
- .dir = IN,
- .proto = IP,
- .fingerprint = &fingerprintgre,
- .protohandler = &protohandlergrein
- },
- {
- .pri = INT_MAX,
- .dir = OUT,
- .proto = IP,
- .fingerprint = &fingerprintgre,
- .protohandler = &protohandlergreout
- },
- { EOH }
-};
+struct proto_handler handlers[] = { { .pri = 200,
+ .dir = IN,
+ .proto = TCP,
+ .fingerprint = &fingerprint,
+ .protohandler = &protohandlerin },
+ { .pri = 210,
+ .dir = OUT,
+ .proto = TCP,
+ .fingerprint = &fingerprint,
+ .protohandler = &protohandlerout },
+ /*
+ * WATCH OUT!!! these 2 handlers NEED a priority of INT_MAX (highest
+ * possible) cause they will ALWAYS process packets, so they must be the
+ * last one in chain: look fingerprintgre() above.
+ */
+ { .pri = INT_MAX,
+ .dir = IN,
+ .proto = IP,
+ .fingerprint = &fingerprintgre,
+ .protohandler = &protohandlergrein },
+ { .pri = INT_MAX,
+ .dir = OUT,
+ .proto = IP,
+ .fingerprint = &fingerprintgre,
+ .protohandler = &protohandlergreout },
+ { EOH } };
static int
mod_handler(module_t mod, int type, void *data)
{
@@ -186,11 +175,9 @@
#ifdef _KERNEL
static
#endif
-moduledata_t alias_mod = {
- "alias_pptp", mod_handler, NULL
-};
+ moduledata_t alias_mod = { "alias_pptp", mod_handler, NULL };
-#ifdef _KERNEL
+#ifdef _KERNEL
DECLARE_MODULE(alias_pptp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_pptp, 1);
MODULE_DEPEND(alias_pptp, libalias, 1, 1, 1);
@@ -225,26 +212,26 @@
* PPTP definitions
*/
-struct grehdr { /* Enhanced GRE header. */
- u_int16_t gh_flags; /* Flags. */
- u_int16_t gh_protocol; /* Protocol type. */
- u_int16_t gh_length; /* Payload length. */
- u_int16_t gh_call_id; /* Call ID. */
- u_int32_t gh_seq_no; /* Sequence number (optional). */
- u_int32_t gh_ack_no; /* Acknowledgment number
- * (optional). */
+struct grehdr { /* Enhanced GRE header. */
+ u_int16_t gh_flags; /* Flags. */
+ u_int16_t gh_protocol; /* Protocol type. */
+ u_int16_t gh_length; /* Payload length. */
+ u_int16_t gh_call_id; /* Call ID. */
+ u_int32_t gh_seq_no; /* Sequence number (optional). */
+ u_int32_t gh_ack_no; /* Acknowledgment number
+ * (optional). */
};
typedef struct grehdr GreHdr;
/* The PPTP protocol ID used in the GRE 'proto' field. */
-#define PPTP_GRE_PROTO 0x880b
+#define PPTP_GRE_PROTO 0x880b
/* Bits that must be set a certain way in all PPTP/GRE packets. */
-#define PPTP_INIT_VALUE ((0x2001 << 16) | PPTP_GRE_PROTO)
-#define PPTP_INIT_MASK 0xef7fffff
+#define PPTP_INIT_VALUE ((0x2001 << 16) | PPTP_GRE_PROTO)
+#define PPTP_INIT_MASK 0xef7fffff
-#define PPTP_MAGIC 0x1a2b3c4d
-#define PPTP_CTRL_MSG_TYPE 1
+#define PPTP_MAGIC 0x1a2b3c4d
+#define PPTP_CTRL_MSG_TYPE 1
enum {
PPTP_StartCtrlConnRequest = 1,
@@ -264,25 +251,25 @@
PPTP_SetLinkInfo = 15
};
- /* Message structures */
+/* Message structures */
struct pptpMsgHead {
- u_int16_t length; /* total length */
- u_int16_t msgType;/* PPTP message type */
- u_int32_t magic; /* magic cookie */
- u_int16_t type; /* control message type */
- u_int16_t resv0; /* reserved */
+ u_int16_t length; /* total length */
+ u_int16_t msgType; /* PPTP message type */
+ u_int32_t magic; /* magic cookie */
+ u_int16_t type; /* control message type */
+ u_int16_t resv0; /* reserved */
};
typedef struct pptpMsgHead *PptpMsgHead;
struct pptpCodes {
- u_int8_t resCode;/* Result Code */
- u_int8_t errCode;/* Error Code */
+ u_int8_t resCode; /* Result Code */
+ u_int8_t errCode; /* Error Code */
};
typedef struct pptpCodes *PptpCode;
struct pptpCallIds {
- u_int16_t cid1; /* Call ID field #1 */
- u_int16_t cid2; /* Call ID field #2 */
+ u_int16_t cid1; /* Call ID field #1 */
+ u_int16_t cid2; /* Call ID field #2 */
};
typedef struct pptpCallIds *PptpCallId;
@@ -290,13 +277,13 @@
static void
AliasHandlePptpOut(struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *lnk) /* The PPTP control link */
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *lnk) /* The PPTP control link */
{
struct alias_link *pptp_lnk;
PptpCallId cptr;
PptpCode codes;
- u_int16_t ctl_type; /* control message type */
+ u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
/* Verify valid PPTP control message */
@@ -313,8 +300,8 @@
* Establish PPTP link for address and Call ID found in
* control message.
*/
- pptp_lnk = AddPptp(la, GetOriginalAddress(lnk), GetDestAddress(lnk),
- GetAliasAddress(lnk), cptr->cid1);
+ pptp_lnk = AddPptp(la, GetOriginalAddress(lnk),
+ GetDestAddress(lnk), GetAliasAddress(lnk), cptr->cid1);
break;
case PPTP_CallClearRequest:
case PPTP_CallDiscNotify:
@@ -323,8 +310,7 @@
* message.
*/
pptp_lnk = FindPptpOutByCallId(la, GetOriginalAddress(lnk),
- GetDestAddress(lnk),
- cptr->cid1);
+ GetDestAddress(lnk), cptr->cid1);
break;
default:
return;
@@ -344,7 +330,7 @@
switch (ctl_type) {
case PPTP_OutCallReply:
case PPTP_InCallReply:
- codes = (PptpCode) (cptr + 1);
+ codes = (PptpCode)(cptr + 1);
if (codes->resCode == 1)
/* Connection established,
* note the Peer's Call ID. */
@@ -363,13 +349,13 @@
static void
AliasHandlePptpIn(struct libalias *la,
- struct ip *pip, /* IP packet to examine/patch */
- struct alias_link *lnk) /* The PPTP control link */
+ struct ip *pip, /* IP packet to examine/patch */
+ struct alias_link *lnk) /* The PPTP control link */
{
struct alias_link *pptp_lnk;
PptpCallId cptr;
u_int16_t *pcall_id;
- u_int16_t ctl_type; /* control message type */
+ u_int16_t ctl_type; /* control message type */
struct tcphdr *tc;
/* Verify valid PPTP control message */
@@ -390,8 +376,7 @@
case PPTP_CallDiscNotify:
/* Connection closed. */
pptp_lnk = FindPptpInByCallId(la, GetDestAddress(lnk),
- GetAliasAddress(lnk),
- cptr->cid1);
+ GetAliasAddress(lnk), cptr->cid1);
if (pptp_lnk != NULL)
SetExpire(pptp_lnk, 0);
return;
@@ -401,8 +386,7 @@
/* Find PPTP link for address and Call ID found in PPTP Control Msg */
pptp_lnk = FindPptpInByPeerCallId(la, GetDestAddress(lnk),
- GetAliasAddress(lnk),
- *pcall_id);
+ GetAliasAddress(lnk), *pcall_id);
if (pptp_lnk != NULL) {
int accumulate = *pcall_id;
@@ -415,8 +399,9 @@
accumulate -= *pcall_id;
ADJUST_CHECKSUM(accumulate, tc->th_sum);
- if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) {
- PptpCode codes = (PptpCode) (cptr + 1);
+ if (ctl_type == PPTP_OutCallReply ||
+ ctl_type == PPTP_InCallReply) {
+ PptpCode codes = (PptpCode)(cptr + 1);
if (codes->resCode == 1)
/* Connection established,
@@ -430,7 +415,8 @@
}
static PptpCallId
-AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) /* IP packet to examine/patch */
+AliasVerifyPptp(struct ip *pip,
+ u_int16_t *ptype) /* IP packet to examine/patch */
{
int hlen, tlen, dlen;
PptpMsgHead hptr;
@@ -443,11 +429,12 @@
dlen = tlen - hlen;
/* Verify data length */
- if (dlen < (int)(sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
+ if (dlen <
+ (int)(sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds)))
return (NULL);
/* Move up to PPTP message header */
- hptr = (PptpMsgHead) tcp_next(tc);
+ hptr = (PptpMsgHead)tcp_next(tc);
/* Return the control message type */
*ptype = ntohs(hptr->type);
@@ -459,11 +446,11 @@
/* Verify data length. */
if ((*ptype == PPTP_OutCallReply || *ptype == PPTP_InCallReply) &&
- (dlen < (int)(sizeof(struct pptpMsgHead) + sizeof(struct pptpCallIds) +
- sizeof(struct pptpCodes))))
+ (dlen < (int)(sizeof(struct pptpMsgHead) +
+ sizeof(struct pptpCallIds) + sizeof(struct pptpCodes))))
return (NULL);
else
- return (PptpCallId) (hptr + 1);
+ return (PptpCallId)(hptr + 1);
}
static int
@@ -472,19 +459,20 @@
GreHdr *gr;
struct alias_link *lnk;
- gr = (GreHdr *) ip_next(pip);
+ gr = (GreHdr *)ip_next(pip);
/* Check GRE header bits. */
- if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
+ if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
- lnk = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
+ lnk = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst,
+ gr->gh_call_id);
if (lnk != NULL) {
struct in_addr alias_addr = GetAliasAddress(lnk);
/* Change source IP address. */
- DifferentialChecksum(&pip->ip_sum,
- &alias_addr, &pip->ip_src, 2);
+ DifferentialChecksum(&pip->ip_sum, &alias_addr, &pip->ip_src,
+ 2);
pip->ip_src = alias_addr;
}
return (0);
@@ -496,13 +484,14 @@
GreHdr *gr;
struct alias_link *lnk;
- gr = (GreHdr *) ip_next(pip);
+ gr = (GreHdr *)ip_next(pip);
/* Check GRE header bits. */
- if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
+ if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
return (-1);
- lnk = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
+ lnk = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst,
+ gr->gh_call_id);
if (lnk != NULL) {
struct in_addr src_addr = GetOriginalAddress(lnk);
@@ -510,8 +499,7 @@
gr->gh_call_id = GetOriginalPort(lnk);
/* Restore original IP address. */
- DifferentialChecksum(&pip->ip_sum,
- &src_addr, &pip->ip_dst, 2);
+ DifferentialChecksum(&pip->ip_sum, &src_addr, &pip->ip_dst, 2);
pip->ip_dst = src_addr;
}
return (0);
Index: sys/netinet/libalias/alias_proxy.c
===================================================================
--- sys/netinet/libalias/alias_proxy.c
+++ sys/netinet/libalias/alias_proxy.c
@@ -61,10 +61,11 @@
#include <sys/limits.h>
#else
#include <sys/types.h>
+
#include <ctype.h>
+#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
-#include <netdb.h>
#include <string.h>
#endif
@@ -76,8 +77,9 @@
#include <netinet/libalias/alias_mod.h>
#else
#include <arpa/inet.h>
-#include "alias.h" /* Public API functions for libalias */
-#include "alias_local.h" /* Functions used by alias*.c */
+
+#include "alias.h" /* Public API functions for libalias */
+#include "alias_local.h" /* Functions used by alias*.c */
#endif
/*
@@ -90,22 +92,22 @@
*/
struct proxy_entry {
struct libalias *la;
-#define PROXY_TYPE_ENCODE_NONE 1
+#define PROXY_TYPE_ENCODE_NONE 1
#define PROXY_TYPE_ENCODE_TCPSTREAM 2
-#define PROXY_TYPE_ENCODE_IPHDR 3
- int rule_index;
- int proxy_type;
- u_char proto;
- u_short proxy_port;
- u_short server_port;
+#define PROXY_TYPE_ENCODE_IPHDR 3
+ int rule_index;
+ int proxy_type;
+ u_char proto;
+ u_short proxy_port;
+ u_short server_port;
- struct in_addr server_addr;
+ struct in_addr server_addr;
- struct in_addr src_addr;
- struct in_addr src_mask;
+ struct in_addr src_addr;
+ struct in_addr src_mask;
- struct in_addr dst_addr;
- struct in_addr dst_mask;
+ struct in_addr dst_addr;
+ struct in_addr dst_mask;
struct proxy_entry *next;
struct proxy_entry *last;
@@ -133,14 +135,14 @@
destination of a proxied IP packet
*/
-static int IpMask(int, struct in_addr *);
-static int IpAddr(char *, struct in_addr *);
-static int IpPort(char *, int, int *);
-static void RuleAdd(struct libalias *la, struct proxy_entry *);
-static void RuleDelete(struct proxy_entry *);
-static int RuleNumberDelete(struct libalias *la, int);
-static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int);
-static void ProxyEncodeIpHeader(struct ip *, int);
+static int IpMask(int, struct in_addr *);
+static int IpAddr(char *, struct in_addr *);
+static int IpPort(char *, int, int *);
+static void RuleAdd(struct libalias *la, struct proxy_entry *);
+static void RuleDelete(struct proxy_entry *);
+static int RuleNumberDelete(struct libalias *la, int);
+static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int);
+static void ProxyEncodeIpHeader(struct ip *, int);
static int
IpMask(int nbits, struct in_addr *mask)
@@ -175,7 +177,7 @@
n = sscanf(s, "%d", port);
if (n != 1)
-#ifndef _KERNEL /* XXX: we accept only numeric ports in kernel */
+#ifndef _KERNEL /* XXX: we accept only numeric ports in kernel */
{
struct servent *se;
@@ -189,7 +191,7 @@
if (se == NULL)
return (-1);
- *port = (u_int) ntohs(se->s_port);
+ *port = (u_int)ntohs(se->s_port);
}
#else
return (-1);
@@ -283,9 +285,7 @@
}
static void
-ProxyEncodeTcpStream(struct alias_link *lnk,
- struct ip *pip,
- int maxpacketsize)
+ProxyEncodeTcpStream(struct alias_link *lnk, struct ip *pip, int maxpacketsize)
{
int slen;
char buffer[40];
@@ -302,7 +302,7 @@
/* Translate destination address and port to string form */
snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]",
inet_ntoa_r(GetProxyAddress(lnk), INET_NTOA_BUF(addrbuf)),
- (u_int) ntohs(GetProxyPort(lnk)));
+ (u_int)ntohs(GetProxyPort(lnk)));
/* Pad string out to a multiple of two in length */
slen = strlen(buffer);
@@ -374,17 +374,16 @@
}
static void
-ProxyEncodeIpHeader(struct ip *pip,
- int maxpacketsize)
+ProxyEncodeIpHeader(struct ip *pip, int maxpacketsize)
{
-#define OPTION_LEN_BYTES 8
-#define OPTION_LEN_INT16 4
-#define OPTION_LEN_INT32 2
+#define OPTION_LEN_BYTES 8
+#define OPTION_LEN_INT16 4
+#define OPTION_LEN_INT32 2
_Alignas(_Alignof(u_short)) u_char option[OPTION_LEN_BYTES];
#ifdef LIBALIAS_DEBUG
- fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip));
- fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip));
+ fprintf(stdout, " ip cksum 1 = %x\n", (u_int)IpChecksum(pip));
+ fprintf(stdout, "tcp cksum 1 = %x\n", (u_int)TcpChecksum(pip));
#endif
(void)maxpacketsize;
@@ -398,17 +397,17 @@
u_char *ptr;
struct tcphdr *tc;
- ptr = (u_char *) pip;
+ ptr = (u_char *)pip;
ptr += 20;
memcpy(ptr + OPTION_LEN_BYTES, ptr, ntohs(pip->ip_len) - 20);
- option[0] = 0x64; /* class: 3 (reserved), option 4 */
+ option[0] = 0x64; /* class: 3 (reserved), option 4 */
option[1] = OPTION_LEN_BYTES;
- memcpy(&option[2], (u_char *) & pip->ip_dst, 4);
+ memcpy(&option[2], (u_char *)&pip->ip_dst, 4);
tc = (struct tcphdr *)ip_next(pip);
- memcpy(&option[6], (u_char *) & tc->th_sport, 2);
+ memcpy(&option[6], (u_char *)&tc->th_sport, 2);
memcpy(ptr, option, 8);
}
@@ -419,12 +418,12 @@
int accumulate;
u_short *sptr;
- sptr = (u_short *) option;
+ sptr = (u_short *)option;
accumulate = 0;
for (i = 0; i < OPTION_LEN_INT16; i++)
accumulate -= *(sptr++);
- sptr = (u_short *) pip;
+ sptr = (u_short *)pip;
accumulate += *sptr;
pip->ip_hl += OPTION_LEN_INT32;
accumulate -= *sptr;
@@ -439,8 +438,8 @@
#undef OPTION_LEN_INT16
#undef OPTION_LEN_INT32
#ifdef LIBALIAS_DEBUG
- fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip));
- fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip));
+ fprintf(stdout, " ip cksum 2 = %x\n", (u_int)IpChecksum(pip));
+ fprintf(stdout, "tcp cksum 2 = %x\n", (u_int)TcpChecksum(pip));
#endif
}
@@ -455,7 +454,7 @@
int
ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr,
- u_short * proxy_server_port, struct in_addr src_addr,
+ u_short *proxy_server_port, struct in_addr src_addr,
struct in_addr dst_addr, u_short dst_port, u_char ip_p)
{
struct proxy_entry *ptr;
@@ -467,18 +466,21 @@
u_short proxy_port;
proxy_port = ptr->proxy_port;
- if ((dst_port == proxy_port || proxy_port == 0)
- && ip_p == ptr->proto
- && src_addr.s_addr != ptr->server_addr.s_addr) {
+ if ((dst_port == proxy_port || proxy_port == 0) &&
+ ip_p == ptr->proto &&
+ src_addr.s_addr != ptr->server_addr.s_addr) {
struct in_addr src_addr_masked;
struct in_addr dst_addr_masked;
- src_addr_masked.s_addr = src_addr.s_addr & ptr->src_mask.s_addr;
- dst_addr_masked.s_addr = dst_addr.s_addr & ptr->dst_mask.s_addr;
+ src_addr_masked.s_addr = src_addr.s_addr &
+ ptr->src_mask.s_addr;
+ dst_addr_masked.s_addr = dst_addr.s_addr &
+ ptr->dst_mask.s_addr;
- if ((src_addr_masked.s_addr == ptr->src_addr.s_addr)
- && (dst_addr_masked.s_addr == ptr->dst_addr.s_addr)) {
- if ((*proxy_server_port = ptr->server_port) == 0)
+ if ((src_addr_masked.s_addr == ptr->src_addr.s_addr) &&
+ (dst_addr_masked.s_addr == ptr->dst_addr.s_addr)) {
+ if ((*proxy_server_port = ptr->server_port) ==
+ 0)
*proxy_server_port = dst_port;
*proxy_server_addr = ptr->server_addr;
return (ptr->proxy_type);
@@ -491,10 +493,8 @@
}
void
-ProxyModify(struct libalias *la, struct alias_link *lnk,
- struct ip *pip,
- int maxpacketsize,
- int proxy_type)
+ProxyModify(struct libalias *la, struct alias_link *lnk, struct ip *pip,
+ int maxpacketsize, int proxy_type)
{
LIBALIAS_LOCK_ASSERT(la);
(void)la;
@@ -517,27 +517,27 @@
int
LibAliasProxyRule(struct libalias *la, const char *cmd)
{
-/*
- * This function takes command strings of the form:
- *
- * server <addr>[:<port>]
- * [port <port>]
- * [rule n]
- * [proto tcp|udp]
- * [src <addr>[/n]]
- * [dst <addr>[/n]]
- * [type encode_tcp_stream|encode_ip_hdr|no_encode]
- *
- * delete <rule number>
- *
- * Subfields can be in arbitrary order. Port numbers and addresses
- * must be in either numeric or symbolic form. An optional rule number
- * is used to control the order in which rules are searched. If two
- * rules have the same number, then search order cannot be guaranteed,
- * and the rules should be disjoint. If no rule number is specified,
- * then 0 is used, and group 0 rules are always checked before any
- * others.
- */
+ /*
+ * This function takes command strings of the form:
+ *
+ * server <addr>[:<port>]
+ * [port <port>]
+ * [rule n]
+ * [proto tcp|udp]
+ * [src <addr>[/n]]
+ * [dst <addr>[/n]]
+ * [type encode_tcp_stream|encode_ip_hdr|no_encode]
+ *
+ * delete <rule number>
+ *
+ * Subfields can be in arbitrary order. Port numbers and addresses
+ * must be in either numeric or symbolic form. An optional rule number
+ * is used to control the order in which rules are searched. If two
+ * rules have the same number, then search order cannot be guaranteed,
+ * and the rules should be disjoint. If no rule number is specified,
+ * then 0 is used, and group 0 rules are always checked before any
+ * others.
+ */
int i, n, len, ret;
int cmd_len;
int token_count;
@@ -593,15 +593,15 @@
str_server_port[0] = 0;
/* Parse command string with state machine */
-#define STATE_READ_KEYWORD 0
-#define STATE_READ_TYPE 1
-#define STATE_READ_PORT 2
-#define STATE_READ_SERVER 3
-#define STATE_READ_RULE 4
-#define STATE_READ_DELETE 5
-#define STATE_READ_PROTO 6
-#define STATE_READ_SRC 7
-#define STATE_READ_DST 8
+#define STATE_READ_KEYWORD 0
+#define STATE_READ_TYPE 1
+#define STATE_READ_PORT 2
+#define STATE_READ_SERVER 3
+#define STATE_READ_RULE 4
+#define STATE_READ_DELETE 5
+#define STATE_READ_PROTO 6
+#define STATE_READ_SRC 7
+#define STATE_READ_DST 8
state = STATE_READ_KEYWORD;
token = strsep(&res, " \t");
token_count = 0;
@@ -650,38 +650,37 @@
state = STATE_READ_KEYWORD;
break;
- case STATE_READ_SERVER:
- {
- int err;
- char *p;
- char s[sizeof(buffer)];
+ case STATE_READ_SERVER: {
+ int err;
+ char *p;
+ char s[sizeof(buffer)];
+
+ p = token;
+ while (*p != ':' && *p != 0)
+ p++;
- p = token;
- while (*p != ':' && *p != 0)
- p++;
-
- if (*p != ':') {
- err = IpAddr(token, &server_addr);
- if (err) {
- ret = -1;
- goto getout;
- }
- } else {
- *p = ' ';
-
- n = sscanf(token, "%s %s", s, str_server_port);
- if (n != 2) {
- ret = -1;
- goto getout;
- }
-
- err = IpAddr(s, &server_addr);
- if (err) {
- ret = -1;
- goto getout;
- }
+ if (*p != ':') {
+ err = IpAddr(token, &server_addr);
+ if (err) {
+ ret = -1;
+ goto getout;
+ }
+ } else {
+ *p = ' ';
+
+ n = sscanf(token, "%s %s", s, str_server_port);
+ if (n != 2) {
+ ret = -1;
+ goto getout;
+ }
+
+ err = IpAddr(s, &server_addr);
+ if (err) {
+ ret = -1;
+ goto getout;
}
}
+ }
state = STATE_READ_KEYWORD;
break;
@@ -694,28 +693,27 @@
state = STATE_READ_KEYWORD;
break;
- case STATE_READ_DELETE:
- {
- int err;
- int rule_to_delete;
+ case STATE_READ_DELETE: {
+ int err;
+ int rule_to_delete;
- if (token_count != 2) {
- ret = -1;
- goto getout;
- }
+ if (token_count != 2) {
+ ret = -1;
+ goto getout;
+ }
- n = sscanf(token, "%d", &rule_to_delete);
- if (n != 1) {
- ret = -1;
- goto getout;
- }
- err = RuleNumberDelete(la, rule_to_delete);
- if (err)
- ret = -1;
- else
- ret = 0;
+ n = sscanf(token, "%d", &rule_to_delete);
+ if (n != 1) {
+ ret = -1;
goto getout;
}
+ err = RuleNumberDelete(la, rule_to_delete);
+ if (err)
+ ret = -1;
+ else
+ ret = 0;
+ goto getout;
+ }
case STATE_READ_PROTO:
if (strcmp(token, "tcp") == 0)
@@ -730,56 +728,55 @@
break;
case STATE_READ_SRC:
- case STATE_READ_DST:
- {
- int err;
- char *p;
- struct in_addr mask;
- struct in_addr addr;
-
- p = token;
- while (*p != '/' && *p != 0)
- p++;
-
- if (*p != '/') {
- IpMask(32, &mask);
- err = IpAddr(token, &addr);
- if (err) {
- ret = -1;
- goto getout;
- }
- } else {
- int nbits;
- char s[sizeof(buffer)];
-
- *p = ' ';
- n = sscanf(token, "%s %d", s, &nbits);
- if (n != 2) {
- ret = -1;
- goto getout;
- }
-
- err = IpAddr(s, &addr);
- if (err) {
- ret = -1;
- goto getout;
- }
-
- err = IpMask(nbits, &mask);
- if (err) {
- ret = -1;
- goto getout;
- }
+ case STATE_READ_DST: {
+ int err;
+ char *p;
+ struct in_addr mask;
+ struct in_addr addr;
+
+ p = token;
+ while (*p != '/' && *p != 0)
+ p++;
+
+ if (*p != '/') {
+ IpMask(32, &mask);
+ err = IpAddr(token, &addr);
+ if (err) {
+ ret = -1;
+ goto getout;
}
+ } else {
+ int nbits;
+ char s[sizeof(buffer)];
- if (state == STATE_READ_SRC) {
- src_addr = addr;
- src_mask = mask;
- } else {
- dst_addr = addr;
- dst_mask = mask;
+ *p = ' ';
+ n = sscanf(token, "%s %d", s, &nbits);
+ if (n != 2) {
+ ret = -1;
+ goto getout;
+ }
+
+ err = IpAddr(s, &addr);
+ if (err) {
+ ret = -1;
+ goto getout;
+ }
+
+ err = IpMask(nbits, &mask);
+ if (err) {
+ ret = -1;
+ goto getout;
}
}
+
+ if (state == STATE_READ_SRC) {
+ src_addr = addr;
+ src_mask = mask;
+ } else {
+ dst_addr = addr;
+ dst_mask = mask;
+ }
+ }
state = STATE_READ_KEYWORD;
break;
Index: sys/netinet/libalias/alias_sctp.h
===================================================================
--- sys/netinet/libalias/alias_sctp.h
+++ sys/netinet/libalias/alias_sctp.h
@@ -34,7 +34,8 @@
* with leadership and advice from Jason But
*
* The design is outlined in CAIA technical report number 080618A
- * (D. Hayes and J. But, "Alias_sctp Version 0.1: SCTP NAT implementation in IPFW")
+ * (D. Hayes and J. But, "Alias_sctp Version 0.1: SCTP NAT implementation in
+ * IPFW")
*
* Development is part of the CAIA SONATA project,
* proposed by Jason But and Grenville Armitage:
@@ -53,28 +54,26 @@
#define _ALIAS_SCTP_H_
#include <sys/param.h>
-#ifdef _KERNEL
+#ifdef _KERNEL
+#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/module.h>
-#include <sys/kernel.h>
#include <sys/proc.h>
-#include <sys/uio.h>
#include <sys/socketvar.h>
#include <sys/syslog.h>
+#include <sys/uio.h>
#endif // #ifdef _KERNEL
#include <sys/types.h>
-
#include <sys/queue.h>
-#include <sys/types.h>
#include <sys/time.h>
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
/**
- * These are defined in sctp_os_bsd.h, but it can't be included due to its local file
- * inclusion, so I'm defining them here.
+ * These are defined in sctp_os_bsd.h, but it can't be included due to its local
+ * file inclusion, so I'm defining them here.
*
*/
#include <machine/cpufunc.h>
@@ -91,27 +90,32 @@
#include <netinet/sctp_header.h>
#ifndef _KERNEL
-#include <stdlib.h>
#include <stdio.h>
+#include <stdlib.h>
#endif //#ifdef _KERNEL
-#define LINK_SCTP IPPROTO_SCTP
-
-#define SN_TO_LOCAL 0 /**< packet traveling from global to local */
-#define SN_TO_GLOBAL 1 /**< packet traveling from local to global */
-#define SN_TO_NODIR 99 /**< used where direction is not important */
-
-#define SN_NAT_PKT 0x0000 /**< Network Address Translate packet */
-#define SN_DROP_PKT 0x0001 /**< drop packet (don't forward it) */
-#define SN_PROCESSING_ERROR 0x0003 /**< Packet processing error */
-#define SN_REPLY_ABORT 0x0010 /**< Reply with ABORT to sender (don't forward it) */
-#define SN_SEND_ABORT 0x0020 /**< Send ABORT to destination */
-#define SN_TX_ABORT 0x0030 /**< mask for transmitting abort */
-#define SN_REFLECT_ERROR 0x0100 /**< Reply with ERROR to sender on OOTB packet Tbit set */
-#define SN_REPLY_ERROR 0x0200 /**< Reply with ERROR to sender on ASCONF clash */
-#define SN_TX_ERROR 0x0300 /**< mask for transmitting error */
-
-#define PKT_ALIAS_RESPOND 0x1000 /**< Signal to libalias that there is a response packet to send */
+#define LINK_SCTP IPPROTO_SCTP
+
+#define SN_TO_LOCAL 0 /**< packet traveling from global to local */
+#define SN_TO_GLOBAL 1 /**< packet traveling from local to global */
+#define SN_TO_NODIR 99 /**< used where direction is not important */
+
+#define SN_NAT_PKT 0x0000 /**< Network Address Translate packet */
+#define SN_DROP_PKT 0x0001 /**< drop packet (don't forward it) */
+#define SN_PROCESSING_ERROR 0x0003 /**< Packet processing error */
+#define SN_REPLY_ABORT \
+ 0x0010 /**< Reply with ABORT to sender (don't forward it) */
+#define SN_SEND_ABORT 0x0020 /**< Send ABORT to destination */
+#define SN_TX_ABORT 0x0030 /**< mask for transmitting abort */
+#define SN_REFLECT_ERROR \
+ 0x0100 /**< Reply with ERROR to sender on OOTB packet Tbit set */
+#define SN_REPLY_ERROR 0x0200 /**< Reply with ERROR to sender on ASCONF clash \
+ */
+#define SN_TX_ERROR 0x0300 /**< mask for transmitting error */
+
+#define PKT_ALIAS_RESPOND \
+ 0x1000 /**< Signal to libalias that there is a response packet to send \
+ */
/*
* Data structures
*/
@@ -124,38 +128,45 @@
* Information is stored in network byte order (as is libalias)***
*/
struct sctp_nat_assoc {
- uint32_t l_vtag; /**< local side verification tag */
- uint16_t l_port; /**< local side port number */
- uint32_t g_vtag; /**< global side verification tag */
- uint16_t g_port; /**< global side port number */
- struct in_addr l_addr; /**< local ip address */
- struct in_addr a_addr; /**< alias ip address */
- int state; /**< current state of NAT association */
- int TableRegister; /**< stores which look up tables association is registered in */
- int exp; /**< timer expiration in seconds from uptime */
- int exp_loc; /**< current location in timer_Q */
- int num_Gaddr; /**< number of global IP addresses in the list */
- LIST_HEAD(sctpGlobalAddresshead,sctp_GlobalAddress) Gaddr; /**< List of global addresses */
- LIST_ENTRY (sctp_nat_assoc) list_L; /**< Linked list of pointers for Local table*/
- LIST_ENTRY (sctp_nat_assoc) list_G; /**< Linked list of pointers for Global table */
- LIST_ENTRY (sctp_nat_assoc) timer_Q; /**< Linked list of pointers for timer Q */
- //Using libalias locking
+ uint32_t l_vtag; /**< local side verification tag */
+ uint16_t l_port; /**< local side port number */
+ uint32_t g_vtag; /**< global side verification tag */
+ uint16_t g_port; /**< global side port number */
+ struct in_addr l_addr; /**< local ip address */
+ struct in_addr a_addr; /**< alias ip address */
+ int state; /**< current state of NAT association */
+ int TableRegister; /**< stores which look up tables association is
+ registered in */
+ int exp; /**< timer expiration in seconds from uptime */
+ int exp_loc; /**< current location in timer_Q */
+ int num_Gaddr; /**< number of global IP addresses in the list */
+ LIST_HEAD(sctpGlobalAddresshead,
+ sctp_GlobalAddress) Gaddr; /**< List of global addresses */
+ LIST_ENTRY(sctp_nat_assoc)
+ list_L; /**< Linked list of pointers for Local table*/
+ LIST_ENTRY(sctp_nat_assoc)
+ list_G; /**< Linked list of pointers for Global table */
+ LIST_ENTRY(sctp_nat_assoc)
+ timer_Q; /**< Linked list of pointers for timer Q */
+ // Using libalias locking
};
struct sctp_GlobalAddress {
struct in_addr g_addr;
- LIST_ENTRY (sctp_GlobalAddress) list_Gaddr; /**< Linked list of pointers for Global table */
+ LIST_ENTRY(sctp_GlobalAddress)
+ list_Gaddr; /**< Linked list of pointers for Global table */
};
/**
* @brief SCTP chunk of interest
*
- * The only chunks whose contents are of any interest are the INIT and ASCONF_AddIP
+ * The only chunks whose contents are of any interest are the INIT and
+ * ASCONF_AddIP
*/
union sctpChunkOfInt {
- struct sctp_init *Init; /**< Pointer to Init Chunk */
- struct sctp_init_ack *InitAck; /**< Pointer to Init Chunk */
- struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */
+ struct sctp_init *Init; /**< Pointer to Init Chunk */
+ struct sctp_init_ack *InitAck; /**< Pointer to Init Chunk */
+ struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */
};
/**
@@ -164,15 +175,17 @@
* Structure containing the relevant information from the SCTP message
*/
struct sctp_nat_msg {
- uint16_t msg; /**< one of the key messages defined above */
+ uint16_t msg; /**< one of the key messages defined above */
#ifdef INET6
- // struct ip6_hdr *ip_hdr; /**< pointer to ip packet header */ /*no inet6 support yet*/
+ // struct ip6_hdr *ip_hdr; /**< pointer to ip packet header */ /*no
+ // inet6 support yet*/
#else
- struct ip *ip_hdr; /**< pointer to ip packet header */
-#endif //#ifdef INET6
- struct sctphdr *sctp_hdr; /**< pointer to sctp common header */
- union sctpChunkOfInt sctpchnk; /**< union of pointers to the chunk of interest */
- int chunk_length; /**< length of chunk of interest */
+ struct ip *ip_hdr; /**< pointer to ip packet header */
+#endif //#ifdef INET6
+ struct sctphdr *sctp_hdr; /**< pointer to sctp common header */
+ union sctpChunkOfInt
+ sctpchnk; /**< union of pointers to the chunk of interest */
+ int chunk_length; /**< length of chunk of interest */
};
/**
@@ -181,9 +194,11 @@
*/
struct sctp_nat_timer {
- int loc_time; /**< time in seconds for the current location in the queue */
- int cur_loc; /**< index of the current location in the circular queue */
- LIST_HEAD(sctpTimerQ,sctp_nat_assoc) *TimerQ; /**< List of associations at this position in the timer Q */
+ int loc_time; /**< time in seconds for the current location in the queue
+ */
+ int cur_loc; /**< index of the current location in the circular queue */
+ LIST_HEAD(sctpTimerQ, sctp_nat_assoc) *
+ TimerQ; /**< List of associations at this position in the timer Q */
};
#endif //#ifndef _ALIAS_SCTP_H
Index: sys/netinet/libalias/alias_sctp.c
===================================================================
--- sys/netinet/libalias/alias_sctp.c
+++ sys/netinet/libalias/alias_sctp.c
@@ -33,7 +33,8 @@
* This software was developed by David A. Hayes and Jason But
*
* The design is outlined in CAIA technical report number 080618A
- * (D. Hayes and J. But, "Alias_sctp Version 0.1: SCTP NAT implementation in IPFW")
+ * (D. Hayes and J. But, "Alias_sctp Version 0.1: SCTP NAT implementation in
+ * IPFW")
*
* Development is part of the CAIA SONATA project,
* proposed by Jason But and Grenville Armitage:
@@ -73,25 +74,30 @@
/* $FreeBSD$ */
#ifdef _KERNEL
-#include <machine/stdarg.h>
#include <sys/param.h>
-#include <sys/gsb_crc32.h>
#include <sys/systm.h>
+#include <sys/gsb_crc32.h>
#include <sys/kernel.h>
#include <sys/module.h>
#include <sys/syslog.h>
-#include <netinet/libalias/alias_sctp.h>
+
+#include <machine/in_cksum.h>
+#include <machine/stdarg.h>
+
#include <netinet/libalias/alias.h>
#include <netinet/libalias/alias_local.h>
+#include <netinet/libalias/alias_sctp.h>
#include <netinet/sctp_crc32.h>
-#include <machine/in_cksum.h>
#else
-#include "alias_sctp.h"
+#include <sys/libkern.h>
+
+#include <machine/in_cksum.h>
+
#include <arpa/inet.h>
+
#include "alias.h"
#include "alias_local.h"
-#include <machine/in_cksum.h>
-#include <sys/libkern.h>
+#include "alias_sctp.h"
#endif //#ifdef _KERNEL
/* ----------------------------------------------------------------------
@@ -103,55 +109,66 @@
struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc);
static int GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm,
uint32_t *l_vtag, uint32_t *g_vtag, int direction);
-static int IsASCONFack(struct libalias *la, struct sctp_nat_msg *sm, int direction);
-
-static void AddGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int direction);
-static int Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr);
-static void RmGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int direction);
-static int IsADDorDEL(struct libalias *la, struct sctp_nat_msg *sm, int direction);
+static int IsASCONFack(struct libalias *la, struct sctp_nat_msg *sm,
+ int direction);
+
+static void AddGlobalIPAddresses(struct sctp_nat_msg *sm,
+ struct sctp_nat_assoc *assoc, int direction);
+static int Add_Global_Address_to_List(struct sctp_nat_assoc *assoc,
+ struct sctp_GlobalAddress *G_addr);
+static void RmGlobalIPAddresses(struct sctp_nat_msg *sm,
+ struct sctp_nat_assoc *assoc, int direction);
+static int IsADDorDEL(struct libalias *la, struct sctp_nat_msg *sm,
+ int direction);
/* State Machine Functions */
-static int ProcessSctpMsg(struct libalias *la, int direction, \
+static int ProcessSctpMsg(struct libalias *la, int direction,
struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc);
-static int ID_process(struct libalias *la, int direction,\
+static int ID_process(struct libalias *la, int direction,
struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
-static int INi_process(struct libalias *la, int direction,\
+static int INi_process(struct libalias *la, int direction,
struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
-static int INa_process(struct libalias *la, int direction,\
+static int INa_process(struct libalias *la, int direction,
struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
-static int UP_process(struct libalias *la, int direction,\
+static int UP_process(struct libalias *la, int direction,
struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
-static int CL_process(struct libalias *la, int direction,\
+static int CL_process(struct libalias *la, int direction,
struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
-static void TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm,\
+static void TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm,
struct sctp_nat_assoc *assoc, int sndrply, int direction);
/* Hash Table Functions */
-static struct sctp_nat_assoc*
-FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port);
-static struct sctp_nat_assoc*
-FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match);
-static struct sctp_nat_assoc*
-FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc);
-static struct sctp_nat_assoc*
-FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port);
-static struct sctp_nat_assoc*
-FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port);
-
-static int AddSctpAssocLocal(struct libalias *la, struct sctp_nat_assoc *assoc, struct in_addr g_addr);
-static int AddSctpAssocGlobal(struct libalias *la, struct sctp_nat_assoc *assoc);
+static struct sctp_nat_assoc *FindSctpLocal(struct libalias *la,
+ struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag,
+ uint16_t l_port, uint16_t g_port);
+static struct sctp_nat_assoc *FindSctpGlobal(struct libalias *la,
+ struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port,
+ int *partial_match);
+static struct sctp_nat_assoc *FindSctpGlobalClash(struct libalias *la,
+ struct sctp_nat_assoc *Cassoc);
+static struct sctp_nat_assoc *FindSctpLocalT(struct libalias *la,
+ struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port);
+static struct sctp_nat_assoc *FindSctpGlobalT(struct libalias *la,
+ struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port);
+
+static int AddSctpAssocLocal(struct libalias *la, struct sctp_nat_assoc *assoc,
+ struct in_addr g_addr);
+static int AddSctpAssocGlobal(struct libalias *la,
+ struct sctp_nat_assoc *assoc);
static void RmSctpAssoc(struct libalias *la, struct sctp_nat_assoc *assoc);
static void freeGlobalAddressList(struct sctp_nat_assoc *assoc);
/* Timer Queue Functions */
static void sctp_AddTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc);
static void sctp_RmTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc);
-static void sctp_ResetTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc, int newexp);
+static void sctp_ResetTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc,
+ int newexp);
void sctp_CheckTimers(struct libalias *la);
/* Logging Functions */
-static void logsctperror(char* errormsg, uint32_t vtag, int error, int direction);
+static void logsctperror(char *errormsg, uint32_t vtag, int error,
+ int direction);
static void logsctpparse(int direction, struct sctp_nat_msg *sm);
static void logsctpassoc(struct sctp_nat_assoc *assoc, char *s);
static void logTimerQ(struct libalias *la);
@@ -181,20 +198,20 @@
*/
void SctpShowAliasStats(struct libalias *la);
-#ifdef _KERNEL
+#ifdef _KERNEL
static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs");
/* Use kernel allocator. */
#ifdef _SYS_MALLOC_H_
-#define sn_malloc(x) malloc(x, M_SCTPNAT, M_NOWAIT|M_ZERO)
-#define sn_calloc(n,x) mallocarray((n), (x), M_SCTPNAT, M_NOWAIT|M_ZERO)
-#define sn_free(x) free(x, M_SCTPNAT)
-#endif// #ifdef _SYS_MALLOC_H_
+#define sn_malloc(x) malloc(x, M_SCTPNAT, M_NOWAIT | M_ZERO)
+#define sn_calloc(n, x) mallocarray((n), (x), M_SCTPNAT, M_NOWAIT | M_ZERO)
+#define sn_free(x) free(x, M_SCTPNAT)
+#endif // #ifdef _SYS_MALLOC_H_
#else //#ifdef _KERNEL
-#define sn_malloc(x) malloc(x)
-#define sn_calloc(n, x) calloc(n, x)
-#define sn_free(x) free(x)
+#define sn_malloc(x) malloc(x)
+#define sn_calloc(n, x) calloc(n, x)
+#define sn_free(x) free(x)
#endif //#ifdef _KERNEL
@@ -206,88 +223,116 @@
* - SCTP message types for storing in the sctp_nat_msg structure @{
*/
-#define SN_SCTP_FIRSTCHUNK(sctphead) (struct sctp_chunkhdr *)(((char *)sctphead) + sizeof(struct sctphdr))
-/**< Returns a pointer to the first chunk in an SCTP packet given a pointer to the SCTP header */
+#define SN_SCTP_FIRSTCHUNK(sctphead) \
+ (struct sctp_chunkhdr *)(((char *)sctphead) + sizeof(struct sctphdr))
+/**< Returns a pointer to the first chunk in an SCTP packet given a pointer to
+ * the SCTP header */
-#define SN_SCTP_NEXTCHUNK(chunkhead) (struct sctp_chunkhdr *)(((char *)chunkhead) + SCTP_SIZE32(ntohs(chunkhead->chunk_length)))
-/**< Returns a pointer to the next chunk in an SCTP packet given a pointer to the current chunk */
+#define SN_SCTP_NEXTCHUNK(chunkhead) \
+ (struct sctp_chunkhdr *)(((char *)chunkhead) + \
+ SCTP_SIZE32(ntohs(chunkhead->chunk_length)))
+/**< Returns a pointer to the next chunk in an SCTP packet given a pointer to
+ * the current chunk */
-#define SN_SCTP_NEXTPARAM(param) (struct sctp_paramhdr *)(((char *)param) + SCTP_SIZE32(ntohs(param->param_length)))
-/**< Returns a pointer to the next parameter in an SCTP packet given a pointer to the current parameter */
+#define SN_SCTP_NEXTPARAM(param) \
+ (struct sctp_paramhdr *)(((char *)param) + \
+ SCTP_SIZE32(ntohs(param->param_length)))
+/**< Returns a pointer to the next parameter in an SCTP packet given a pointer
+ * to the current parameter */
-#define SN_MIN_CHUNK_SIZE 4 /**< Smallest possible SCTP chunk size in bytes */
-#define SN_MIN_PARAM_SIZE 4 /**< Smallest possible SCTP param size in bytes */
-#define SN_VTAG_PARAM_SIZE 12 /**< Size of SCTP ASCONF vtag param in bytes */
-#define SN_ASCONFACK_PARAM_SIZE 8 /**< Size of SCTP ASCONF ACK param in bytes */
+#define SN_MIN_CHUNK_SIZE 4 /**< Smallest possible SCTP chunk size in bytes */
+#define SN_MIN_PARAM_SIZE 4 /**< Smallest possible SCTP param size in bytes */
+#define SN_VTAG_PARAM_SIZE 12 /**< Size of SCTP ASCONF vtag param in bytes */
+#define SN_ASCONFACK_PARAM_SIZE \
+ 8 /**< Size of SCTP ASCONF ACK param in bytes */
/* Packet parsing return codes */
-#define SN_PARSE_OK 0 /**< Packet parsed for SCTP messages */
-#define SN_PARSE_ERROR_IPSHL 1 /**< Packet parsing error - IP and SCTP common header len */
-#define SN_PARSE_ERROR_AS_MALLOC 2 /**< Packet parsing error - assoc malloc */
-#define SN_PARSE_ERROR_CHHL 3 /**< Packet parsing error - Chunk header len */
-#define SN_PARSE_ERROR_DIR 4 /**< Packet parsing error - Direction */
-#define SN_PARSE_ERROR_VTAG 5 /**< Packet parsing error - Vtag */
-#define SN_PARSE_ERROR_CHUNK 6 /**< Packet parsing error - Chunk */
-#define SN_PARSE_ERROR_PORT 7 /**< Packet parsing error - Port=0 */
-#define SN_PARSE_ERROR_LOOKUP 8 /**< Packet parsing error - Lookup */
-#define SN_PARSE_ERROR_PARTIALLOOKUP 9 /**< Packet parsing error - partial lookup only found */
-#define SN_PARSE_ERROR_LOOKUP_ABORT 10 /**< Packet parsing error - Lookup - but abort packet */
+#define SN_PARSE_OK 0 /**< Packet parsed for SCTP messages */
+#define SN_PARSE_ERROR_IPSHL \
+ 1 /**< Packet parsing error - IP and SCTP common header len */
+#define SN_PARSE_ERROR_AS_MALLOC 2 /**< Packet parsing error - assoc malloc */
+#define SN_PARSE_ERROR_CHHL 3 /**< Packet parsing error - Chunk header len */
+#define SN_PARSE_ERROR_DIR 4 /**< Packet parsing error - Direction */
+#define SN_PARSE_ERROR_VTAG 5 /**< Packet parsing error - Vtag */
+#define SN_PARSE_ERROR_CHUNK 6 /**< Packet parsing error - Chunk */
+#define SN_PARSE_ERROR_PORT 7 /**< Packet parsing error - Port=0 */
+#define SN_PARSE_ERROR_LOOKUP 8 /**< Packet parsing error - Lookup */
+#define SN_PARSE_ERROR_PARTIALLOOKUP \
+ 9 /**< Packet parsing error - partial lookup only found */
+#define SN_PARSE_ERROR_LOOKUP_ABORT \
+ 10 /**< Packet parsing error - Lookup - but abort packet */
/* Alias_sctp performs its processing based on a number of key messages */
-#define SN_SCTP_ABORT 0x0000 /**< a packet containing an ABORT chunk */
-#define SN_SCTP_INIT 0x0001 /**< a packet containing an INIT chunk */
-#define SN_SCTP_INITACK 0x0002 /**< a packet containing an INIT-ACK chunk */
-#define SN_SCTP_SHUTCOMP 0x0010 /**< a packet containing a SHUTDOWN-COMPLETE chunk */
-#define SN_SCTP_SHUTACK 0x0020 /**< a packet containing a SHUTDOWN-ACK chunk */
-#define SN_SCTP_ASCONF 0x0100 /**< a packet containing an ASCONF chunk */
-#define SN_SCTP_ASCONFACK 0x0200 /**< a packet containing an ASCONF-ACK chunk */
-#define SN_SCTP_OTHER 0xFFFF /**< a packet containing a chunk that is not of interest */
+#define SN_SCTP_ABORT 0x0000 /**< a packet containing an ABORT chunk */
+#define SN_SCTP_INIT 0x0001 /**< a packet containing an INIT chunk */
+#define SN_SCTP_INITACK 0x0002 /**< a packet containing an INIT-ACK chunk */
+#define SN_SCTP_SHUTCOMP \
+ 0x0010 /**< a packet containing a SHUTDOWN-COMPLETE chunk */
+#define SN_SCTP_SHUTACK 0x0020 /**< a packet containing a SHUTDOWN-ACK chunk \
+ */
+#define SN_SCTP_ASCONF 0x0100 /**< a packet containing an ASCONF chunk */
+#define SN_SCTP_ASCONFACK 0x0200 /**< a packet containing an ASCONF-ACK chunk \
+ */
+#define SN_SCTP_OTHER \
+ 0xFFFF /**< a packet containing a chunk that is not of interest */
/** @}
* @defgroup state_machine SCTP NAT State Machine
*
* Defines the various states an association can be within the NAT @{
*/
-#define SN_ID 0x0000 /**< Idle state */
-#define SN_INi 0x0010 /**< Initialising, waiting for InitAck state */
-#define SN_INa 0x0020 /**< Initialising, waiting for AddIpAck state */
-#define SN_UP 0x0100 /**< Association in UP state */
-#define SN_CL 0x1000 /**< Closing state */
-#define SN_RM 0x2000 /**< Removing state */
+#define SN_ID 0x0000 /**< Idle state */
+#define SN_INi 0x0010 /**< Initialising, waiting for InitAck state */
+#define SN_INa 0x0020 /**< Initialising, waiting for AddIpAck state */
+#define SN_UP 0x0100 /**< Association in UP state */
+#define SN_CL 0x1000 /**< Closing state */
+#define SN_RM 0x2000 /**< Removing state */
/** @}
* @defgroup Logging Logging Functionality
*
* Define various log levels and a macro to call specified log functions only if
* the current log level (sysctl_log_level) matches the specified level @{
*/
-#define SN_LOG_LOW 0
-#define SN_LOG_EVENT 1
-#define SN_LOG_INFO 2
-#define SN_LOG_DETAIL 3
-#define SN_LOG_DEBUG 4
-#define SN_LOG_DEBUG_MAX 5
-
-#define SN_LOG(level, action) if (sysctl_log_level >= level) { action; } /**< Perform log action ONLY if the current log level meets the specified log level */
+#define SN_LOG_LOW 0
+#define SN_LOG_EVENT 1
+#define SN_LOG_INFO 2
+#define SN_LOG_DETAIL 3
+#define SN_LOG_DEBUG 4
+#define SN_LOG_DEBUG_MAX 5
+
+#define SN_LOG(level, action) \
+ if (sysctl_log_level >= level) { \
+ action; \
+ } /**< Perform log action ONLY if the current log level meets the \
+ specified log level */
/** @}
* @defgroup Hash Hash Table Macros and Functions
*
* Defines minimum/maximum/default values for the hash table size @{
*/
-#define SN_MIN_HASH_SIZE 101 /**< Minimum hash table size (set to stop users choosing stupid values) */
-#define SN_MAX_HASH_SIZE 1000001 /**< Maximum hash table size (NB must be less than max int) */
-#define SN_DEFAULT_HASH_SIZE 2003 /**< A reasonable default size for the hash tables */
-
-#define SN_LOCAL_TBL 0x01 /**< assoc in local table */
-#define SN_GLOBAL_TBL 0x02 /**< assoc in global table */
-#define SN_BOTH_TBL 0x03 /**< assoc in both tables */
-#define SN_WAIT_TOLOCAL 0x10 /**< assoc waiting for TOLOCAL asconf ACK*/
-#define SN_WAIT_TOGLOBAL 0x20 /**< assoc waiting for TOLOCAL asconf ACK*/
-#define SN_NULL_TBL 0x00 /**< assoc in No table */
-#define SN_MAX_GLOBAL_ADDRESSES 100 /**< absolute maximum global address count*/
-
-#define SN_ADD_OK 0 /**< Association added to the table */
-#define SN_ADD_CLASH 1 /**< Clash when trying to add the assoc. info to the table */
-
-#define SN_TABLE_HASH(vtag, port, size) (((u_int) vtag + (u_int) port) % (u_int) size) /**< Calculate the hash table lookup position */
+#define SN_MIN_HASH_SIZE \
+ 101 /**< Minimum hash table size (set to stop users choosing stupid \
+ values) */
+#define SN_MAX_HASH_SIZE \
+ 1000001 /**< Maximum hash table size (NB must be less than max int) */
+#define SN_DEFAULT_HASH_SIZE \
+ 2003 /**< A reasonable default size for the hash tables */
+
+#define SN_LOCAL_TBL 0x01 /**< assoc in local table */
+#define SN_GLOBAL_TBL 0x02 /**< assoc in global table */
+#define SN_BOTH_TBL 0x03 /**< assoc in both tables */
+#define SN_WAIT_TOLOCAL 0x10 /**< assoc waiting for TOLOCAL asconf ACK*/
+#define SN_WAIT_TOGLOBAL 0x20 /**< assoc waiting for TOLOCAL asconf ACK*/
+#define SN_NULL_TBL 0x00 /**< assoc in No table */
+#define SN_MAX_GLOBAL_ADDRESSES 100 /**< absolute maximum global address \
+ count*/
+
+#define SN_ADD_OK 0 /**< Association added to the table */
+#define SN_ADD_CLASH \
+ 1 /**< Clash when trying to add the assoc. info to the table */
+
+#define SN_TABLE_HASH(vtag, port, size) \
+ (((u_int)vtag + (u_int)port) % \
+ (u_int)size) /**< Calculate the hash table lookup position */
/** @}
* @defgroup Timer Timer Queue Macros and Functions
*
@@ -296,17 +341,25 @@
*/
#define SN_MIN_TIMER 1
#define SN_MAX_TIMER 600
-#define SN_TIMER_QUEUE_SIZE SN_MAX_TIMER+2
-
-#define SN_I_T(la) (la->timeStamp + sysctl_init_timer) /**< INIT State expiration time in seconds */
-#define SN_U_T(la) (la->timeStamp + sysctl_up_timer) /**< UP State expiration time in seconds */
-#define SN_C_T(la) (la->timeStamp + sysctl_shutdown_timer) /**< CL State expiration time in seconds */
-#define SN_X_T(la) (la->timeStamp + sysctl_holddown_timer) /**< Wait after a shutdown complete in seconds */
+#define SN_TIMER_QUEUE_SIZE SN_MAX_TIMER + 2
+
+#define SN_I_T(la) \
+ (la->timeStamp + \
+ sysctl_init_timer) /**< INIT State expiration time in seconds */
+#define SN_U_T(la) \
+ (la->timeStamp + \
+ sysctl_up_timer) /**< UP State expiration time in seconds */
+#define SN_C_T(la) \
+ (la->timeStamp + \
+ sysctl_shutdown_timer) /**< CL State expiration time in seconds */
+#define SN_X_T(la) \
+ (la->timeStamp + sysctl_holddown_timer) /**< Wait after a shutdown \
+ complete in seconds */
/** @}
* @defgroup sysctl SysCtl Variable and callback function declarations
*
- * Sysctl variables to modify NAT functionality in real-time along with associated functions
- * to manage modifications to the sysctl variables @{
+ * Sysctl variables to modify NAT functionality in real-time along with
+ * associated functions to manage modifications to the sysctl variables @{
*/
/* Callbacks */
@@ -324,36 +377,65 @@
/** @brief net.inet.ip.alias.sctp.log_level */
static u_int sysctl_log_level = 0; /**< Stores the current level of logging */
/** @brief net.inet.ip.alias.sctp.init_timer */
-static u_int sysctl_init_timer = 15; /**< Seconds to hold an association in the table waiting for an INIT-ACK or AddIP-ACK */
+static u_int sysctl_init_timer =
+ 15; /**< Seconds to hold an association in the table waiting for an INIT-ACK
+ or AddIP-ACK */
/** @brief net.inet.ip.alias.sctp.up_timer */
-static u_int sysctl_up_timer = 300; /**< Seconds to hold an association in the table while no packets are transmitted */
+static u_int sysctl_up_timer = 300; /**< Seconds to hold an association in the
+ table while no packets are transmitted */
/** @brief net.inet.ip.alias.sctp.shutdown_timer */
-static u_int sysctl_shutdown_timer = 15; /**< Seconds to hold an association in the table waiting for a SHUTDOWN-COMPLETE */
+static u_int sysctl_shutdown_timer =
+ 15; /**< Seconds to hold an association in the table waiting for a
+ SHUTDOWN-COMPLETE */
/** @brief net.inet.ip.alias.sctp.holddown_timer */
-static u_int sysctl_holddown_timer = 0; /**< Seconds to hold an association in the table after it has been shutdown (to allow for lost SHUTDOWN-COMPLETEs) */
+static u_int sysctl_holddown_timer =
+ 0; /**< Seconds to hold an association in the table after it has been
+ shutdown (to allow for lost SHUTDOWN-COMPLETEs) */
/** @brief net.inet.ip.alias.sctp.hashtable_size */
-static u_int sysctl_hashtable_size = SN_DEFAULT_HASH_SIZE; /**< Sets the hash table size for any NEW NAT instances (existing instances retain their existing Hash Table */
+static u_int sysctl_hashtable_size =
+ SN_DEFAULT_HASH_SIZE; /**< Sets the hash table size for any NEW NAT
+ instances (existing instances retain their existing
+ Hash Table */
/** @brief net.inet.ip.alias.sctp.error_on_ootb */
-static u_int sysctl_error_on_ootb = 1; /**< NAT response to receipt of OOTB packet
- (0 - No response, 1 - NAT will send ErrorM only to local side,
- 2 - NAT will send local ErrorM and global ErrorM if there was a partial association match
- 3 - NAT will send ErrorM to both local and global) */
+static u_int sysctl_error_on_ootb =
+ 1; /**< NAT response to receipt of OOTB packet
+ (0 - No response, 1 - NAT will send ErrorM only to local side,
+ 2 - NAT will send local ErrorM and global ErrorM if there was a
+ partial association match 3 - NAT will send ErrorM to both local and
+ global) */
/** @brief net.inet.ip.alias.sctp.accept_global_ootb_addip */
-static u_int sysctl_accept_global_ootb_addip = 0; /**<NAT responset to receipt of global OOTB AddIP (0 - No response, 1 - NAT will accept OOTB global AddIP messages for processing (Security risk)) */
+static u_int sysctl_accept_global_ootb_addip =
+ 0; /**<NAT responset to receipt of global OOTB AddIP (0 - No response, 1 -
+ NAT will accept OOTB global AddIP messages for processing (Security
+ risk)) */
/** @brief net.inet.ip.alias.sctp.initialising_chunk_proc_limit */
-static u_int sysctl_initialising_chunk_proc_limit = 2; /**< A limit on the number of chunks that should be searched if there is no matching association (DoS prevention) */
+static u_int sysctl_initialising_chunk_proc_limit =
+ 2; /**< A limit on the number of chunks that should be searched if there is
+ no matching association (DoS prevention) */
/** @brief net.inet.ip.alias.sctp.param_proc_limit */
-static u_int sysctl_chunk_proc_limit = 5; /**< A limit on the number of chunks that should be searched (DoS prevention) */
+static u_int sysctl_chunk_proc_limit =
+ 5; /**< A limit on the number of chunks that should be searched (DoS
+ prevention) */
/** @brief net.inet.ip.alias.sctp.param_proc_limit */
-static u_int sysctl_param_proc_limit = 25; /**< A limit on the number of parameters (in chunks) that should be searched (DoS prevention) */
+static u_int sysctl_param_proc_limit =
+ 25; /**< A limit on the number of parameters (in chunks) that should be
+ searched (DoS prevention) */
/** @brief net.inet.ip.alias.sctp.track_global_addresses */
-static u_int sysctl_track_global_addresses = 0; /**< Configures the global address tracking option within the NAT (0 - Global tracking is disabled, > 0 - enables tracking but limits the number of global IP addresses to this value)
- If set to >=1 the NAT will track that many global IP addresses. This may reduce look up table conflicts, but increases processing */
-
-#define SN_NO_ERROR_ON_OOTB 0 /**< Send no errorM on out of the blue packets */
-#define SN_LOCAL_ERROR_ON_OOTB 1 /**< Send only local errorM on out of the blue packets */
-#define SN_LOCALandPARTIAL_ERROR_ON_OOTB 2 /**< Send local errorM and global errorM for out of the blue packets only if partial match found */
-#define SN_ERROR_ON_OOTB 3 /**< Send errorM on out of the blue packets */
+static u_int sysctl_track_global_addresses =
+ 0; /**< Configures the global address tracking option within the NAT (0 -
+ Global tracking is disabled, > 0 - enables tracking but limits the
+ number of global IP addresses to this value) If set to >=1 the NAT
+ will track that many global IP addresses. This may reduce look up
+ table conflicts, but increases processing */
+
+#define SN_NO_ERROR_ON_OOTB 0 /**< Send no errorM on out of the blue packets \
+ */
+#define SN_LOCAL_ERROR_ON_OOTB \
+ 1 /**< Send only local errorM on out of the blue packets */
+#define SN_LOCALandPARTIAL_ERROR_ON_OOTB \
+ 2 /**< Send local errorM and global errorM for out of the blue packets \
+ only if partial match found */
+#define SN_ERROR_ON_OOTB 3 /**< Send errorM on out of the blue packets */
#ifdef SYSCTL_NODE
@@ -362,42 +444,42 @@
SYSCTL_DECL(_net_inet_ip_alias);
static SYSCTL_NODE(_net_inet_ip_alias, OID_AUTO, sctp,
- CTLFLAG_RW | CTLFLAG_MPSAFE, NULL,
- "SCTP NAT");
+ CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, "SCTP NAT");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, log_level,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_log_level, 0, sysctl_chg_loglevel, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_log_level, 0,
+ sysctl_chg_loglevel, "IU",
"Level of detail (0 - default, 1 - event, 2 - info, 3 - detail, 4 - debug, 5 - max debug)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, init_timer,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_init_timer, 0, sysctl_chg_timer, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_init_timer, 0,
+ sysctl_chg_timer, "IU",
"Timeout value (s) while waiting for (INIT-ACK|AddIP-ACK)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, up_timer,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_up_timer, 0, sysctl_chg_timer, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_up_timer, 0,
+ sysctl_chg_timer, "IU",
"Timeout value (s) to keep an association up with no traffic");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, shutdown_timer,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_shutdown_timer, 0, sysctl_chg_timer, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_shutdown_timer, 0,
+ sysctl_chg_timer, "IU",
"Timeout value (s) while waiting for SHUTDOWN-COMPLETE");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, holddown_timer,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_holddown_timer, 0, sysctl_chg_timer, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_holddown_timer, 0,
+ sysctl_chg_timer, "IU",
"Hold association in table for this many seconds after receiving a SHUTDOWN-COMPLETE");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, hashtable_size,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_hashtable_size, 0, sysctl_chg_hashtable_size, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_hashtable_size, 0,
+ sysctl_chg_hashtable_size, "IU",
"Size of hash tables used for NAT lookups (100 < prime_number > 1000001)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, error_on_ootb,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_error_on_ootb, 0, sysctl_chg_error_on_ootb, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_error_on_ootb, 0,
+ sysctl_chg_error_on_ootb, "IU",
"ErrorM sent on receipt of ootb packet:\n\t0 - none,\n"
"\t1 - to local only,\n"
"\t2 - to local and global if a partial association match,\n"
"\t3 - to local and global (DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, accept_global_ootb_addip,
CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_accept_global_ootb_addip, 0, sysctl_chg_accept_global_ootb_addip, "IU",
+ &sysctl_accept_global_ootb_addip, 0, sysctl_chg_accept_global_ootb_addip,
+ "IU",
"NAT response to receipt of global OOTB AddIP:\n"
"\t0 - No response,\n"
"\t1 - NAT will accept OOTB global AddIP messages for processing (Security risk)");
@@ -408,13 +490,13 @@
"Number of chunks that should be processed if there is no current "
"association found:\n\t > 0 (A high value is a DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, chunk_proc_limit,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_chunk_proc_limit, 0, sysctl_chg_chunk_proc_limit, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_chunk_proc_limit, 0,
+ sysctl_chg_chunk_proc_limit, "IU",
"Number of chunks that should be processed to find key chunk:\n"
"\t>= initialising_chunk_proc_limit (A high value is a DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, param_proc_limit,
- CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
- &sysctl_param_proc_limit, 0, sysctl_chg_param_proc_limit, "IU",
+ CTLTYPE_UINT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, &sysctl_param_proc_limit, 0,
+ sysctl_chg_param_proc_limit, "IU",
"Number of parameters (in a chunk) that should be processed to find key "
"parameters:\n\t> 1 (A high value is a DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, track_global_addresses,
@@ -438,7 +520,8 @@
int error;
error = sysctl_handle_int(oidp, &level, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
level = (level > SN_LOG_DEBUG_MAX) ? (SN_LOG_DEBUG_MAX) : (level);
level = (level < SN_LOG_LOW) ? (SN_LOG_LOW) : (level);
@@ -447,7 +530,8 @@
}
/** @ingroup sysctl
- * @brief sysctl callback for changing net.inet.ip.fw.sctp.(init_timer|up_timer|shutdown_timer)
+ * @brief sysctl callback for changing
+ * net.inet.ip.fw.sctp.(init_timer|up_timer|shutdown_timer)
*
* Updates the timer-based sysctl variables. The new values are sanity-checked
* to make sure that they are within the range SN_MIN_TIMER-SN_MAX_TIMER. The
@@ -459,7 +543,8 @@
int error;
error = sysctl_handle_int(oidp, &timer, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
timer = (timer > SN_MAX_TIMER) ? (SN_MAX_TIMER) : (timer);
@@ -487,13 +572,19 @@
int error;
error = sysctl_handle_int(oidp, &size, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
- size = (size < SN_MIN_HASH_SIZE) ? (SN_MIN_HASH_SIZE) : ((size > SN_MAX_HASH_SIZE) ? (SN_MAX_HASH_SIZE) : (size));
+ size = (size < SN_MIN_HASH_SIZE) ?
+ (SN_MIN_HASH_SIZE) :
+ ((size > SN_MAX_HASH_SIZE) ? (SN_MAX_HASH_SIZE) : (size));
size |= 0x00000001; /* make odd */
- for (;(((size % 3) == 0) || ((size % 5) == 0) || ((size % 7) == 0) || ((size % 11) == 0)); size+=2);
+ for (; (((size % 3) == 0) || ((size % 5) == 0) || ((size % 7) == 0) ||
+ ((size % 11) == 0));
+ size += 2)
+ ;
sysctl_hashtable_size = size;
return (0);
@@ -515,18 +606,21 @@
int error;
error = sysctl_handle_int(oidp, &flag, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
- sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag;
+ sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB :
+ flag;
return (0);
}
/** @ingroup sysctl
- * @brief sysctl callback for changing net.inet.ip.alias.sctp.accept_global_ootb_addip
+ * @brief sysctl callback for changing
+ * net.inet.ip.alias.sctp.accept_global_ootb_addip
*
- * If set to 1 the NAT will accept ootb global addip messages for processing (Security risk)
- * Default is 0, only responding to local ootb AddIP messages
+ * If set to 1 the NAT will accept ootb global addip messages for processing
+ * (Security risk) Default is 0, only responding to local ootb AddIP messages
*/
int sysctl_chg_accept_global_ootb_addip(SYSCTL_HANDLER_ARGS)
{
@@ -534,15 +628,17 @@
int error;
error = sysctl_handle_int(oidp, &flag, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
- sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0;
+ sysctl_accept_global_ootb_addip = (flag == 1) ? 1 : 0;
return (0);
}
/** @ingroup sysctl
- * @brief sysctl callback for changing net.inet.ip.alias.sctp.initialising_chunk_proc_limit
+ * @brief sysctl callback for changing
+ * net.inet.ip.alias.sctp.initialising_chunk_proc_limit
*
* Updates the initialising_chunk_proc_limit sysctl variable. Number of chunks
* that should be processed if there is no current association found: > 0 (A
@@ -554,11 +650,14 @@
int error;
error = sysctl_handle_int(oidp, &proclimit, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
- sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit;
- sysctl_chunk_proc_limit =
- (sysctl_chunk_proc_limit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : sysctl_chunk_proc_limit;
+ sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1 : proclimit;
+ sysctl_chunk_proc_limit = (sysctl_chunk_proc_limit <
+ sysctl_initialising_chunk_proc_limit) ?
+ sysctl_initialising_chunk_proc_limit :
+ sysctl_chunk_proc_limit;
return (0);
}
@@ -576,10 +675,13 @@
int error;
error = sysctl_handle_int(oidp, &proclimit, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
- sysctl_chunk_proc_limit =
- (proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit;
+ sysctl_chunk_proc_limit = (proclimit <
+ sysctl_initialising_chunk_proc_limit) ?
+ sysctl_initialising_chunk_proc_limit :
+ proclimit;
return (0);
}
@@ -597,16 +699,17 @@
int error;
error = sysctl_handle_int(oidp, &proclimit, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
- sysctl_param_proc_limit =
- (proclimit < 2) ? 2 : proclimit;
+ sysctl_param_proc_limit = (proclimit < 2) ? 2 : proclimit;
return (0);
}
/** @ingroup sysctl
- * @brief sysctl callback for changing net.inet.ip.alias.sctp.track_global_addresses
+ * @brief sysctl callback for changing
+ *net.inet.ip.alias.sctp.track_global_addresses
*
*Configures the global address tracking option within the NAT (0 - Global
*tracking is disabled, > 0 - enables tracking but limits the number of global
@@ -618,9 +721,13 @@
int error;
error = sysctl_handle_int(oidp, &num_to_track, 0, req);
- if (error) return (error);
+ if (error)
+ return (error);
- sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track;
+ sysctl_track_global_addresses = (num_to_track >
+ SN_MAX_GLOBAL_ADDRESSES) ?
+ SN_MAX_GLOBAL_ADDRESSES :
+ num_to_track;
return (0);
}
@@ -637,16 +744,22 @@
*
* @param la Pointer to the relevant libalias instance
*/
-void AliasSctpInit(struct libalias *la)
+void
+AliasSctpInit(struct libalias *la)
{
/* Initialise association tables*/
int i;
la->sctpNatTableSize = sysctl_hashtable_size;
SN_LOG(SN_LOG_EVENT,
- SctpAliasLog("Initialising SCTP NAT Instance (hash_table_size:%d)\n", la->sctpNatTableSize));
- la->sctpTableLocal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableL));
- la->sctpTableGlobal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableG));
- la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct sctpTimerQ));
+ SctpAliasLog(
+ "Initialising SCTP NAT Instance (hash_table_size:%d)\n",
+ la->sctpNatTableSize));
+ la->sctpTableLocal = sn_calloc(la->sctpNatTableSize,
+ sizeof(struct sctpNatTableL));
+ la->sctpTableGlobal = sn_calloc(la->sctpNatTableSize,
+ sizeof(struct sctpNatTableG));
+ la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE,
+ sizeof(struct sctpTimerQ));
/* Initialise hash table */
for (i = 0; i < la->sctpNatTableSize; i++) {
LIST_INIT(&la->sctpTableLocal[i]);
@@ -657,9 +770,10 @@
for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++)
LIST_INIT(&la->sctpNatTimer.TimerQ[i]);
#ifdef _KERNEL
- la->sctpNatTimer.loc_time=time_uptime; /* la->timeStamp is not set yet */
+ la->sctpNatTimer.loc_time =
+ time_uptime; /* la->timeStamp is not set yet */
#else
- la->sctpNatTimer.loc_time=la->timeStamp;
+ la->sctpNatTimer.loc_time = la->timeStamp;
#endif
la->sctpNatTimer.cur_loc = 0;
la->sctpLinkCount = 0;
@@ -677,14 +791,14 @@
*
* @param la Pointer to the relevant libalias instance
*/
-void AliasSctpTerm(struct libalias *la)
+void
+AliasSctpTerm(struct libalias *la)
{
struct sctp_nat_assoc *assoc1, *assoc2;
- int i;
+ int i;
LIBALIAS_LOCK_ASSERT(la);
- SN_LOG(SN_LOG_EVENT,
- SctpAliasLog("Removing SCTP NAT Instance\n"));
+ SN_LOG(SN_LOG_EVENT, SctpAliasLog("Removing SCTP NAT Instance\n"));
for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) {
assoc1 = LIST_FIRST(&la->sctpNatTimer.TimerQ[i]);
while (assoc1 != NULL) {
@@ -738,51 +852,54 @@
sctp_CheckTimers(la); /* Check timers */
/* Parse the packet */
- rtnval = sctp_PktParser(la, direction, pip, &msg, &assoc); //using *char (change to mbuf when get code from paolo)
+ rtnval = sctp_PktParser(la, direction, pip, &msg,
+ &assoc); // using *char (change to mbuf when get code from paolo)
switch (rtnval) {
case SN_PARSE_OK:
break;
case SN_PARSE_ERROR_CHHL:
- /* Not an error if there is a chunk length parsing error and this is a fragmented packet */
+ /* Not an error if there is a chunk length parsing error and
+ * this is a fragmented packet */
if (ntohs(pip->ip_off) & IP_MF) {
rtnval = SN_PARSE_OK;
break;
}
SN_LOG(SN_LOG_EVENT,
- logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
+ logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval,
+ direction));
return (PKT_ALIAS_ERROR);
case SN_PARSE_ERROR_PARTIALLOOKUP:
if (sysctl_error_on_ootb > SN_LOCALandPARTIAL_ERROR_ON_OOTB) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
+ logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag,
+ rtnval, direction));
return (PKT_ALIAS_ERROR);
}
case SN_PARSE_ERROR_LOOKUP:
if (sysctl_error_on_ootb == SN_ERROR_ON_OOTB ||
- (sysctl_error_on_ootb == SN_LOCALandPARTIAL_ERROR_ON_OOTB && direction == SN_TO_LOCAL) ||
- (sysctl_error_on_ootb == SN_LOCAL_ERROR_ON_OOTB && direction == SN_TO_GLOBAL)) {
- TxAbortErrorM(la, &msg, assoc, SN_REFLECT_ERROR, direction); /*NB assoc=NULL */
+ (sysctl_error_on_ootb == SN_LOCALandPARTIAL_ERROR_ON_OOTB &&
+ direction == SN_TO_LOCAL) ||
+ (sysctl_error_on_ootb == SN_LOCAL_ERROR_ON_OOTB &&
+ direction == SN_TO_GLOBAL)) {
+ TxAbortErrorM(la, &msg, assoc, SN_REFLECT_ERROR,
+ direction); /*NB assoc=NULL */
return (PKT_ALIAS_RESPOND);
}
default:
SN_LOG(SN_LOG_EVENT,
- logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
+ logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval,
+ direction));
return (PKT_ALIAS_ERROR);
}
- SN_LOG(SN_LOG_DETAIL,
- logsctpassoc(assoc, "*");
- logsctpparse(direction, &msg);
- );
+ SN_LOG(SN_LOG_DETAIL, logsctpassoc(assoc, "*");
+ logsctpparse(direction, &msg););
/* Process the SCTP message */
rtnval = ProcessSctpMsg(la, direction, &msg, assoc);
- SN_LOG(SN_LOG_DEBUG_MAX,
- logsctpassoc(assoc, "-");
- logSctpLocal(la);
- logSctpGlobal(la);
- );
+ SN_LOG(SN_LOG_DEBUG_MAX, logsctpassoc(assoc, "-"); logSctpLocal(la);
+ logSctpGlobal(la););
SN_LOG(SN_LOG_DEBUG, logTimerQ(la));
switch (rtnval) {
@@ -791,21 +908,29 @@
case SN_TO_LOCAL:
DifferentialChecksum(&(msg.ip_hdr->ip_sum),
&(assoc->l_addr), &(msg.ip_hdr->ip_dst), 2);
- msg.ip_hdr->ip_dst = assoc->l_addr; /* change dst address to local address*/
+ msg.ip_hdr->ip_dst =
+ assoc->l_addr; /* change dst address to local
+ address*/
break;
case SN_TO_GLOBAL:
DifferentialChecksum(&(msg.ip_hdr->ip_sum),
- &(assoc->a_addr), &(msg.ip_hdr->ip_src), 2);
- msg.ip_hdr->ip_src = assoc->a_addr; /* change src to alias addr*/
+ &(assoc->a_addr), &(msg.ip_hdr->ip_src), 2);
+ msg.ip_hdr->ip_src =
+ assoc->a_addr; /* change src to alias addr*/
break;
default:
- rtnval = SN_DROP_PKT; /* shouldn't get here, but if it does drop packet */
- SN_LOG(SN_LOG_LOW, logsctperror("ERROR: Invalid direction", msg.sctp_hdr->v_tag, rtnval, direction));
+ rtnval = SN_DROP_PKT; /* shouldn't get here, but if it
+ does drop packet */
+ SN_LOG(SN_LOG_LOW,
+ logsctperror("ERROR: Invalid direction",
+ msg.sctp_hdr->v_tag, rtnval, direction));
break;
}
break;
case SN_DROP_PKT:
- SN_LOG(SN_LOG_DETAIL, logsctperror("SN_DROP_PKT", msg.sctp_hdr->v_tag, rtnval, direction));
+ SN_LOG(SN_LOG_DETAIL,
+ logsctperror("SN_DROP_PKT", msg.sctp_hdr->v_tag, rtnval,
+ direction));
break;
case SN_REPLY_ABORT:
case SN_REPLY_ERROR:
@@ -813,9 +938,12 @@
TxAbortErrorM(la, &msg, assoc, rtnval, direction);
break;
default:
- // big error, remove association and go to idle and write log messages
- SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
- assoc->state=SN_RM;/* Mark for removal*/
+ // big error, remove association and go to idle and write log
+ // messages
+ SN_LOG(SN_LOG_LOW,
+ logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag,
+ rtnval, direction));
+ assoc->state = SN_RM; /* Mark for removal*/
break;
}
@@ -862,8 +990,8 @@
* up-state is a Heartbeat packet, which is big enough to be transformed to an
* ErrorM.
*
- * We create a temporary character array to store the packet as we are constructing
- * it. We then populate the array with appropriate values based on:
+ * We create a temporary character array to store the packet as we are
+ * constructing it. We then populate the array with appropriate values based on:
* - Packet type (AbortM | ErrorM)
* - Initial packet direction (SN_TO_LOCAL | SN_TO_GLOBAL)
* - NAT response (Send packet | Reply packet)
@@ -915,24 +1043,29 @@
}
static void
-TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int sndrply, int direction)
+TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm,
+ struct sctp_nat_assoc *assoc, int sndrply, int direction)
{
- int sctp_size = sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr) + sizeof(struct sctp_error_cause);
+ int sctp_size = sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr) +
+ sizeof(struct sctp_error_cause);
int ip_size = sizeof(struct ip) + sctp_size;
int include_error_cause = 1;
char tmp_ip[ip_size];
char addrbuf[INET_ADDRSTRLEN];
- if (ntohs(sm->ip_hdr->ip_len) < ip_size) { /* short packet, cannot send error cause */
+ if (ntohs(sm->ip_hdr->ip_len) <
+ ip_size) { /* short packet, cannot send error cause */
include_error_cause = 0;
- ip_size = ip_size - sizeof(struct sctp_error_cause);
- sctp_size = sctp_size - sizeof(struct sctp_error_cause);
+ ip_size = ip_size - sizeof(struct sctp_error_cause);
+ sctp_size = sctp_size - sizeof(struct sctp_error_cause);
}
/* Assign header pointers packet */
- struct ip* ip = (struct ip *) tmp_ip;
- struct sctphdr* sctp_hdr = (struct sctphdr *) ((char *) ip + sizeof(*ip));
- struct sctp_chunkhdr* chunk_hdr = (struct sctp_chunkhdr *) ((char *) sctp_hdr + sizeof(*sctp_hdr));
- struct sctp_error_cause* error_cause = (struct sctp_error_cause *) ((char *) chunk_hdr + sizeof(*chunk_hdr));
+ struct ip *ip = (struct ip *)tmp_ip;
+ struct sctphdr *sctp_hdr = (struct sctphdr *)((char *)ip + sizeof(*ip));
+ struct sctp_chunkhdr *chunk_hdr =
+ (struct sctp_chunkhdr *)((char *)sctp_hdr + sizeof(*sctp_hdr));
+ struct sctp_error_cause *error_cause =
+ (struct sctp_error_cause *)((char *)chunk_hdr + sizeof(*chunk_hdr));
/* construct ip header */
ip->ip_v = sm->ip_hdr->ip_v;
@@ -944,17 +1077,23 @@
ip->ip_ttl = 255;
ip->ip_p = IPPROTO_SCTP;
/*
- The definitions below should be removed when they make it into the SCTP stack
+ The definitions below should be removed when they make it into the
+ SCTP stack
*/
#define SCTP_MIDDLEBOX_FLAG 0x02
#define SCTP_NAT_TABLE_COLLISION 0x00b0
#define SCTP_MISSING_NAT 0x00b1
- chunk_hdr->chunk_type = (sndrply & SN_TX_ABORT) ? SCTP_ABORT_ASSOCIATION : SCTP_OPERATION_ERROR;
+ chunk_hdr->chunk_type = (sndrply & SN_TX_ABORT) ?
+ SCTP_ABORT_ASSOCIATION :
+ SCTP_OPERATION_ERROR;
chunk_hdr->chunk_flags = SCTP_MIDDLEBOX_FLAG;
if (include_error_cause) {
- error_cause->code = htons((sndrply & SN_REFLECT_ERROR) ? SCTP_MISSING_NAT : SCTP_NAT_TABLE_COLLISION);
+ error_cause->code = htons((sndrply & SN_REFLECT_ERROR) ?
+ SCTP_MISSING_NAT :
+ SCTP_NAT_TABLE_COLLISION);
error_cause->length = htons(sizeof(struct sctp_error_cause));
- chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr) + sizeof(struct sctp_error_cause));
+ chunk_hdr->chunk_length = htons(
+ sizeof(*chunk_hdr) + sizeof(struct sctp_error_cause));
} else {
chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr));
}
@@ -966,7 +1105,8 @@
sctp_hdr->v_tag = sm->sctp_hdr->v_tag;
break;
case SN_REPLY_ERROR:
- sctp_hdr->v_tag = (direction == SN_TO_LOCAL) ? assoc->g_vtag : assoc->l_vtag ;
+ sctp_hdr->v_tag = (direction == SN_TO_LOCAL) ? assoc->g_vtag :
+ assoc->l_vtag;
break;
case SN_SEND_ABORT:
sctp_hdr->v_tag = sm->sctp_hdr->v_tag;
@@ -978,8 +1118,10 @@
/* Set send/reply values */
if (sndrply == SN_SEND_ABORT) { /*pass through NAT */
- ip->ip_src = (direction == SN_TO_LOCAL) ? sm->ip_hdr->ip_src : assoc->a_addr;
- ip->ip_dst = (direction == SN_TO_LOCAL) ? assoc->l_addr : sm->ip_hdr->ip_dst;
+ ip->ip_src = (direction == SN_TO_LOCAL) ? sm->ip_hdr->ip_src :
+ assoc->a_addr;
+ ip->ip_dst = (direction == SN_TO_LOCAL) ? assoc->l_addr :
+ sm->ip_hdr->ip_dst;
sctp_hdr->src_port = sm->sctp_hdr->src_port;
sctp_hdr->dest_port = sm->sctp_hdr->dest_port;
} else { /* reply and reflect */
@@ -994,17 +1136,19 @@
/* calculate SCTP header CRC32 */
sctp_hdr->checksum = 0;
- sctp_hdr->checksum = local_sctp_finalize_crc32(calculate_crc32c(0xffffffff, (unsigned char *) sctp_hdr, sctp_size));
+ sctp_hdr->checksum = local_sctp_finalize_crc32(
+ calculate_crc32c(0xffffffff, (unsigned char *)sctp_hdr, sctp_size));
memcpy(sm->ip_hdr, ip, ip_size);
- SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n",
- ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
- ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
- (include_error_cause ? ntohs(error_cause->code) : 0),
- inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)),
- ntohs(sctp_hdr->dest_port),
- ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum)));
+ SN_LOG(SN_LOG_EVENT,
+ SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n",
+ ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
+ ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
+ (include_error_cause ? ntohs(error_cause->code) : 0),
+ inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)),
+ ntohs(sctp_hdr->dest_port), ntohl(sctp_hdr->v_tag),
+ ntohl(sctp_hdr->checksum)));
}
/* ----------------------------------------------------------------------
@@ -1035,7 +1179,8 @@
static int
sctp_PktParser(struct libalias *la, int direction, struct ip *pip,
struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc)
-//sctp_PktParser(int direction, struct mbuf *ipak, int ip_hdr_len,struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc)
+// sctp_PktParser(int direction, struct mbuf *ipak, int ip_hdr_len,struct
+// sctp_nat_msg *sm, struct sctp_nat_assoc *assoc)
{
struct sctphdr *sctp_hdr;
struct sctp_chunkhdr *chunk_hdr;
@@ -1049,7 +1194,8 @@
// int mlen;
// mlen = SCTP_HEADER_LEN(i_pak);
- // mp = SCTP_HEADER_TO_CHAIN(i_pak); /* does nothing in bsd since header and chain not separate */
+ // mp = SCTP_HEADER_TO_CHAIN(i_pak); /* does nothing in bsd since
+ // header and chain not separate */
/*
* Note, that if the VTag is zero, it must be an INIT
@@ -1067,22 +1213,27 @@
return (SN_PARSE_ERROR_IPSHL); /* packet not long enough*/
}
- sm->sctp_hdr = sctp_hdr = (struct sctphdr *) ip_next(pip);
+ sm->sctp_hdr = sctp_hdr = (struct sctphdr *)ip_next(pip);
bytes_left -= sizeof(struct sctphdr);
- /* Check for valid ports (zero valued ports would find partially initialised associations */
+ /* Check for valid ports (zero valued ports would find partially
+ * initialised associations */
if (sctp_hdr->src_port == 0 || sctp_hdr->dest_port == 0)
return (SN_PARSE_ERROR_PORT);
/* Check length of first chunk */
- if (bytes_left < SN_MIN_CHUNK_SIZE) /* malformed chunk - could cause endless loop*/
- return (SN_PARSE_ERROR_CHHL); /* packet not long enough for this chunk */
+ if (bytes_left <
+ SN_MIN_CHUNK_SIZE) /* malformed chunk - could cause endless loop*/
+ return (SN_PARSE_ERROR_CHHL); /* packet not long enough for this
+ chunk */
/* First chunk */
chunk_hdr = SN_SCTP_FIRSTCHUNK(sctp_hdr);
chunk_length = SCTP_SIZE32(ntohs(chunk_hdr->chunk_length));
- if ((chunk_length < SN_MIN_CHUNK_SIZE) || (chunk_length > bytes_left)) /* malformed chunk - could cause endless loop*/
+ if ((chunk_length < SN_MIN_CHUNK_SIZE) ||
+ (chunk_length >
+ bytes_left)) /* malformed chunk - could cause endless loop*/
return (SN_PARSE_ERROR_CHHL);
if ((chunk_hdr->chunk_flags & SCTP_HAD_NO_TCB) &&
@@ -1090,39 +1241,60 @@
(chunk_hdr->chunk_type == SCTP_SHUTDOWN_COMPLETE))) {
/* T-Bit set */
if (direction == SN_TO_LOCAL)
- *passoc = FindSctpGlobalT(la, pip->ip_src, sctp_hdr->v_tag, sctp_hdr->dest_port, sctp_hdr->src_port);
+ *passoc = FindSctpGlobalT(la, pip->ip_src,
+ sctp_hdr->v_tag, sctp_hdr->dest_port,
+ sctp_hdr->src_port);
else
- *passoc = FindSctpLocalT(la, pip->ip_dst, sctp_hdr->v_tag, sctp_hdr->dest_port, sctp_hdr->src_port);
+ *passoc = FindSctpLocalT(la, pip->ip_dst,
+ sctp_hdr->v_tag, sctp_hdr->dest_port,
+ sctp_hdr->src_port);
} else {
/* Proper v_tag settings */
if (direction == SN_TO_LOCAL)
- *passoc = FindSctpGlobal(la, pip->ip_src, sctp_hdr->v_tag, sctp_hdr->src_port, sctp_hdr->dest_port, &partial_match);
+ *passoc = FindSctpGlobal(la, pip->ip_src,
+ sctp_hdr->v_tag, sctp_hdr->src_port,
+ sctp_hdr->dest_port, &partial_match);
else
- *passoc = FindSctpLocal(la, pip->ip_src, pip->ip_dst, sctp_hdr->v_tag, sctp_hdr->src_port, sctp_hdr->dest_port);
+ *passoc = FindSctpLocal(la, pip->ip_src, pip->ip_dst,
+ sctp_hdr->v_tag, sctp_hdr->src_port,
+ sctp_hdr->dest_port);
}
chunk_count = 1;
/* Real packet parsing occurs below */
- sm->msg = SN_SCTP_OTHER;/* Initialise to largest value*/
- sm->chunk_length = 0; /* only care about length for key chunks */
+ sm->msg = SN_SCTP_OTHER; /* Initialise to largest value*/
+ sm->chunk_length = 0; /* only care about length for key chunks */
while (IS_SCTP_CONTROL(chunk_hdr)) {
switch (chunk_hdr->chunk_type) {
case SCTP_INITIATION:
- if (chunk_length < sizeof(struct sctp_init_chunk)) /* malformed chunk*/
+ if (chunk_length <
+ sizeof(struct sctp_init_chunk)) /* malformed chunk*/
return (SN_PARSE_ERROR_CHHL);
sm->msg = SN_SCTP_INIT;
- sm->sctpchnk.Init = (struct sctp_init *) ((char *) chunk_hdr + sizeof(struct sctp_chunkhdr));
+ sm->sctpchnk.Init =
+ (struct sctp_init *)((char *)chunk_hdr +
+ sizeof(struct sctp_chunkhdr));
sm->chunk_length = chunk_length;
/* if no existing association, create a new one */
if (*passoc == NULL) {
- if (sctp_hdr->v_tag == 0) { //Init requires vtag=0
- *passoc = (struct sctp_nat_assoc *) sn_malloc(sizeof(struct sctp_nat_assoc));
- if (*passoc == NULL) {/* out of resources */
- return (SN_PARSE_ERROR_AS_MALLOC);
+ if (sctp_hdr->v_tag ==
+ 0) { // Init requires vtag=0
+ *passoc = (struct sctp_nat_assoc *)
+ sn_malloc(
+ sizeof(struct sctp_nat_assoc));
+ if (*passoc ==
+ NULL) { /* out of resources */
+ return (
+ SN_PARSE_ERROR_AS_MALLOC);
}
- /* Initialize association - sn_malloc initializes memory to zeros */
+ /* Initialize association - sn_malloc
+ * initializes memory to zeros */
(*passoc)->state = SN_ID;
- LIST_INIT(&((*passoc)->Gaddr)); /* always initialise to avoid memory problems */
+ LIST_INIT(&(
+ (*passoc)
+ ->Gaddr)); /* always initialise
+ to avoid memory
+ problems */
(*passoc)->TableRegister = SN_NULL_TBL;
return (SN_PARSE_OK);
}
@@ -1130,63 +1302,133 @@
}
return (SN_PARSE_ERROR_LOOKUP);
case SCTP_INITIATION_ACK:
- if (chunk_length < sizeof(struct sctp_init_ack_chunk)) /* malformed chunk*/
+ if (chunk_length <
+ sizeof(struct sctp_init_ack_chunk)) /* malformed
+ chunk*/
return (SN_PARSE_ERROR_CHHL);
sm->msg = SN_SCTP_INITACK;
- sm->sctpchnk.InitAck = (struct sctp_init_ack *) ((char *) chunk_hdr + sizeof(struct sctp_chunkhdr));
+ sm->sctpchnk.InitAck =
+ (struct sctp_init_ack *)((char *)chunk_hdr +
+ sizeof(struct sctp_chunkhdr));
sm->chunk_length = chunk_length;
- return ((*passoc == NULL) ? (SN_PARSE_ERROR_LOOKUP) : (SN_PARSE_OK));
- case SCTP_ABORT_ASSOCIATION: /* access only minimum sized chunk */
+ return ((*passoc == NULL) ? (SN_PARSE_ERROR_LOOKUP) :
+ (SN_PARSE_OK));
+ case SCTP_ABORT_ASSOCIATION: /* access only minimum sized chunk
+ */
sm->msg = SN_SCTP_ABORT;
sm->chunk_length = chunk_length;
- return ((*passoc == NULL) ? (SN_PARSE_ERROR_LOOKUP_ABORT) : (SN_PARSE_OK));
+ return ((*passoc == NULL) ?
+ (SN_PARSE_ERROR_LOOKUP_ABORT) :
+ (SN_PARSE_OK));
case SCTP_SHUTDOWN_ACK:
- if (chunk_length < sizeof(struct sctp_shutdown_ack_chunk)) /* malformed chunk*/
+ if (chunk_length <
+ sizeof(struct sctp_shutdown_ack_chunk)) /* malformed
+ chunk*/
return (SN_PARSE_ERROR_CHHL);
if (sm->msg > SN_SCTP_SHUTACK) {
sm->msg = SN_SCTP_SHUTACK;
sm->chunk_length = chunk_length;
}
break;
- case SCTP_SHUTDOWN_COMPLETE: /* minimum sized chunk */
+ case SCTP_SHUTDOWN_COMPLETE: /* minimum sized chunk */
if (sm->msg > SN_SCTP_SHUTCOMP) {
sm->msg = SN_SCTP_SHUTCOMP;
sm->chunk_length = chunk_length;
}
- return ((*passoc == NULL) ? (SN_PARSE_ERROR_LOOKUP) : (SN_PARSE_OK));
+ return ((*passoc == NULL) ? (SN_PARSE_ERROR_LOOKUP) :
+ (SN_PARSE_OK));
case SCTP_ASCONF:
if (sm->msg > SN_SCTP_ASCONF) {
- if (chunk_length < (sizeof(struct sctp_asconf_chunk) + sizeof(struct sctp_ipv4addr_param))) /* malformed chunk*/
+ if (chunk_length <
+ (sizeof(struct sctp_asconf_chunk) +
+ sizeof(struct
+ sctp_ipv4addr_param))) /* malformed
+ chunk*/
return (SN_PARSE_ERROR_CHHL);
- //leave parameter searching to later, if required
- param_hdr = (struct sctp_paramhdr *) ((char *) chunk_hdr + sizeof(struct sctp_asconf_chunk)); /*compulsory IP parameter*/
- if (ntohs(param_hdr->param_type) == SCTP_IPV4_ADDRESS) {
- if ((*passoc == NULL) && (direction == SN_TO_LOCAL)) { /* AddIP with no association */
- /* try look up with the ASCONF packet's alternative address */
- ipv4addr.s_addr = ((struct sctp_ipv4addr_param *) param_hdr)->addr;
- *passoc = FindSctpGlobal(la, ipv4addr, sctp_hdr->v_tag, sctp_hdr->src_port, sctp_hdr->dest_port, &partial_match);
+ // leave parameter searching to later, if
+ // required
+ param_hdr =
+ (struct sctp_paramhdr *)((char *)chunk_hdr +
+ sizeof(struct
+ sctp_asconf_chunk)); /*compulsory IP
+ parameter*/
+ if (ntohs(param_hdr->param_type) ==
+ SCTP_IPV4_ADDRESS) {
+ if ((*passoc == NULL) &&
+ (direction ==
+ SN_TO_LOCAL)) { /* AddIP with no
+ association
+ */
+ /* try look up with the ASCONF
+ * packet's alternative address
+ */
+ ipv4addr.s_addr =
+ ((struct sctp_ipv4addr_param
+ *)param_hdr)
+ ->addr;
+ *passoc = FindSctpGlobal(la,
+ ipv4addr, sctp_hdr->v_tag,
+ sctp_hdr->src_port,
+ sctp_hdr->dest_port,
+ &partial_match);
}
- param_hdr = (struct sctp_paramhdr *)
- ((char *) param_hdr + sizeof(struct sctp_ipv4addr_param)); /*asconf's compulsory address parameter */
- sm->chunk_length = chunk_length - sizeof(struct sctp_asconf_chunk) - sizeof(struct sctp_ipv4addr_param); /* rest of chunk */
+ param_hdr = (struct sctp_paramhdr
+ *)((char *)param_hdr +
+ sizeof(struct
+ sctp_ipv4addr_param)); /*asconf's
+ compulsory
+ address
+ parameter
+ */
+ sm->chunk_length = chunk_length -
+ sizeof(struct sctp_asconf_chunk) -
+ sizeof(struct
+ sctp_ipv4addr_param); /* rest of
+ chunk
+ */
} else {
- if (chunk_length < (sizeof(struct sctp_asconf_chunk) + sizeof(struct sctp_ipv6addr_param))) /* malformed chunk*/
+ if (chunk_length <
+ (sizeof(struct sctp_asconf_chunk) +
+ sizeof(struct
+ sctp_ipv6addr_param))) /* malformed
+ chunk*/
return (SN_PARSE_ERROR_CHHL);
- param_hdr = (struct sctp_paramhdr *)
- ((char *) param_hdr + sizeof(struct sctp_ipv6addr_param)); /*asconf's compulsory address parameter */
- sm->chunk_length = chunk_length - sizeof(struct sctp_asconf_chunk) - sizeof(struct sctp_ipv6addr_param); /* rest of chunk */
+ param_hdr = (struct sctp_paramhdr
+ *)((char *)param_hdr +
+ sizeof(struct
+ sctp_ipv6addr_param)); /*asconf's
+ compulsory
+ address
+ parameter
+ */
+ sm->chunk_length = chunk_length -
+ sizeof(struct sctp_asconf_chunk) -
+ sizeof(struct
+ sctp_ipv6addr_param); /* rest of
+ chunk
+ */
}
sm->msg = SN_SCTP_ASCONF;
sm->sctpchnk.Asconf = param_hdr;
- if (*passoc == NULL) { /* AddIP with no association */
- *passoc = (struct sctp_nat_assoc *) sn_malloc(sizeof(struct sctp_nat_assoc));
- if (*passoc == NULL) {/* out of resources */
- return (SN_PARSE_ERROR_AS_MALLOC);
+ if (*passoc ==
+ NULL) { /* AddIP with no association */
+ *passoc = (struct sctp_nat_assoc *)
+ sn_malloc(
+ sizeof(struct sctp_nat_assoc));
+ if (*passoc ==
+ NULL) { /* out of resources */
+ return (
+ SN_PARSE_ERROR_AS_MALLOC);
}
- /* Initialize association - sn_malloc initializes memory to zeros */
+ /* Initialize association - sn_malloc
+ * initializes memory to zeros */
(*passoc)->state = SN_ID;
- LIST_INIT(&((*passoc)->Gaddr)); /* always initialise to avoid memory problems */
+ LIST_INIT(&(
+ (*passoc)
+ ->Gaddr)); /* always initialise
+ to avoid memory
+ problems */
(*passoc)->TableRegister = SN_NULL_TBL;
return (SN_PARSE_OK);
}
@@ -1194,47 +1436,61 @@
break;
case SCTP_ASCONF_ACK:
if (sm->msg > SN_SCTP_ASCONFACK) {
- if (chunk_length < sizeof(struct sctp_asconf_ack_chunk)) /* malformed chunk*/
+ if (chunk_length <
+ sizeof(struct
+ sctp_asconf_ack_chunk)) /* malformed
+ chunk*/
return (SN_PARSE_ERROR_CHHL);
- //leave parameter searching to later, if required
- param_hdr = (struct sctp_paramhdr *) ((char *) chunk_hdr
- + sizeof(struct sctp_asconf_ack_chunk));
+ // leave parameter searching to later, if
+ // required
+ param_hdr =
+ (struct sctp_paramhdr *)((char *)chunk_hdr +
+ sizeof(struct sctp_asconf_ack_chunk));
sm->msg = SN_SCTP_ASCONFACK;
sm->sctpchnk.Asconf = param_hdr;
- sm->chunk_length = chunk_length - sizeof(struct sctp_asconf_ack_chunk);
+ sm->chunk_length = chunk_length -
+ sizeof(struct sctp_asconf_ack_chunk);
}
break;
default:
break; /* do nothing*/
}
- /* if no association is found exit - we need to find an Init or AddIP within sysctl_initialising_chunk_proc_limit */
- if ((*passoc == NULL) && (chunk_count >= sysctl_initialising_chunk_proc_limit))
+ /* if no association is found exit - we need to find an Init or
+ * AddIP within sysctl_initialising_chunk_proc_limit */
+ if ((*passoc == NULL) &&
+ (chunk_count >= sysctl_initialising_chunk_proc_limit))
return (SN_PARSE_ERROR_LOOKUP);
/* finished with this chunk, on to the next chunk*/
- bytes_left-= chunk_length;
+ bytes_left -= chunk_length;
/* Is this the end of the packet ? */
if (bytes_left == 0)
- return (*passoc == NULL) ? (SN_PARSE_ERROR_LOOKUP) : (SN_PARSE_OK);
+ return (*passoc == NULL) ? (SN_PARSE_ERROR_LOOKUP) :
+ (SN_PARSE_OK);
- /* Are there enough bytes in packet to at least retrieve length of next chunk ? */
+ /* Are there enough bytes in packet to at least retrieve length
+ * of next chunk ? */
if (bytes_left < SN_MIN_CHUNK_SIZE)
return (SN_PARSE_ERROR_CHHL);
chunk_hdr = SN_SCTP_NEXTCHUNK(chunk_hdr);
- /* Is the chunk long enough to not cause endless look and are there enough bytes in packet to read the chunk ? */
+ /* Is the chunk long enough to not cause endless look and are
+ * there enough bytes in packet to read the chunk ? */
chunk_length = SCTP_SIZE32(ntohs(chunk_hdr->chunk_length));
- if ((chunk_length < SN_MIN_CHUNK_SIZE) || (chunk_length > bytes_left))
+ if ((chunk_length < SN_MIN_CHUNK_SIZE) ||
+ (chunk_length > bytes_left))
return (SN_PARSE_ERROR_CHHL);
if (++chunk_count > sysctl_chunk_proc_limit)
- return (SN_PARSE_OK); /* limit for processing chunks, take what we get */
+ return (SN_PARSE_OK); /* limit for processing chunks,
+ take what we get */
}
if (*passoc == NULL)
- return (partial_match) ? (SN_PARSE_ERROR_PARTIALLOOKUP) : (SN_PARSE_ERROR_LOOKUP);
+ return (partial_match) ? (SN_PARSE_ERROR_PARTIALLOOKUP) :
+ (SN_PARSE_ERROR_LOOKUP);
else
return (SN_PARSE_OK);
}
@@ -1250,22 +1506,25 @@
*
* @param la Pointer to the relevant libalias instance
* @param sm Pointer to sctp message information
- * @param l_vtag Pointer to the local vtag in the association this SCTP Message belongs to
- * @param g_vtag Pointer to the local vtag in the association this SCTP Message belongs to
+ * @param l_vtag Pointer to the local vtag in the association this SCTP Message
+ * belongs to
+ * @param g_vtag Pointer to the local vtag in the association this SCTP Message
+ * belongs to
* @param direction SN_TO_LOCAL | SN_TO_GLOBAL
*
* @return 1 - success | 0 - fail
*/
static int
-GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm, uint32_t *l_vtag, uint32_t *g_vtag, int direction)
+GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm, uint32_t *l_vtag,
+ uint32_t *g_vtag, int direction)
{
/* To be removed when information is in the sctp headers */
#define SCTP_VTAG_PARAM 0xC007
struct sctp_vtag_param {
- struct sctp_paramhdr ph;/* type=SCTP_VTAG_PARAM */
+ struct sctp_paramhdr ph; /* type=SCTP_VTAG_PARAM */
uint32_t local_vtag;
uint32_t remote_vtag;
- } __attribute__((packed));
+ } __attribute__((packed));
struct sctp_vtag_param *vtag_param;
struct sctp_paramhdr *param;
@@ -1278,13 +1537,15 @@
param_size = SCTP_SIZE32(ntohs(param->param_length));
bytes_left = sm->chunk_length;
/* step through Asconf parameters */
- while((bytes_left >= param_size) && (bytes_left >= SN_VTAG_PARAM_SIZE)) {
+ while (
+ (bytes_left >= param_size) && (bytes_left >= SN_VTAG_PARAM_SIZE)) {
if (ntohs(param->param_type) == SCTP_VTAG_PARAM) {
- vtag_param = (struct sctp_vtag_param *) param;
+ vtag_param = (struct sctp_vtag_param *)param;
switch (direction) {
- /* The Internet draft is a little ambigious as to order of these vtags.
- We think it is this way around. If we are wrong, the order will need
- to be changed. */
+ /* The Internet draft is a little ambigious as
+ to order of these vtags. We think it is this
+ way around. If we are wrong, the order will
+ need to be changed. */
case SN_TO_GLOBAL:
*g_vtag = vtag_param->local_vtag;
*l_vtag = vtag_param->remote_vtag;
@@ -1298,14 +1559,17 @@
}
bytes_left -= param_size;
- if (bytes_left < SN_MIN_PARAM_SIZE) return (0);
+ if (bytes_left < SN_MIN_PARAM_SIZE)
+ return (0);
param = SN_SCTP_NEXTPARAM(param);
param_size = SCTP_SIZE32(ntohs(param->param_length));
if (++param_count > sysctl_param_proc_limit) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("Parameter parse limit exceeded (GetAsconfVtags)",
- sm->sctp_hdr->v_tag, sysctl_param_proc_limit, direction));
+ logsctperror(
+ "Parameter parse limit exceeded (GetAsconfVtags)",
+ sm->sctp_hdr->v_tag, sysctl_param_proc_limit,
+ direction));
return (0); /* not found limit exceeded*/
}
}
@@ -1324,12 +1588,13 @@
*
*/
static void
-AddGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int direction)
+AddGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc,
+ int direction)
{
struct sctp_ipv4addr_param *ipv4_param;
struct sctp_paramhdr *param = NULL;
struct sctp_GlobalAddress *G_Addr;
- struct in_addr g_addr = {0};
+ struct in_addr g_addr = { 0 };
int bytes_left = 0;
int param_size;
int param_count, addr_param_count = 0;
@@ -1344,12 +1609,18 @@
param_count = 1;
switch (sm->msg) {
case SN_SCTP_INIT:
- bytes_left = sm->chunk_length - sizeof(struct sctp_init_chunk);
- param = (struct sctp_paramhdr *)((char *)sm->sctpchnk.Init + sizeof(struct sctp_init));
+ bytes_left = sm->chunk_length -
+ sizeof(struct sctp_init_chunk);
+ param =
+ (struct sctp_paramhdr *)((char *)sm->sctpchnk.Init +
+ sizeof(struct sctp_init));
break;
case SN_SCTP_INITACK:
- bytes_left = sm->chunk_length - sizeof(struct sctp_init_ack_chunk);
- param = (struct sctp_paramhdr *)((char *)sm->sctpchnk.InitAck + sizeof(struct sctp_init_ack));
+ bytes_left = sm->chunk_length -
+ sizeof(struct sctp_init_ack_chunk);
+ param = (struct sctp_paramhdr *)((char *)sm->sctpchnk
+ .InitAck +
+ sizeof(struct sctp_init_ack));
break;
case SN_SCTP_ASCONF:
bytes_left = sm->chunk_length;
@@ -1360,65 +1631,88 @@
if (bytes_left >= SN_MIN_PARAM_SIZE)
param_size = SCTP_SIZE32(ntohs(param->param_length));
else
- param_size = bytes_left+1; /* force skip loop */
-
- if ((assoc->state == SN_ID) && ((sm->msg == SN_SCTP_INIT) || (bytes_left < SN_MIN_PARAM_SIZE))) {/* add pkt address */
- G_Addr = (struct sctp_GlobalAddress *) sn_malloc(sizeof(struct sctp_GlobalAddress));
- if (G_Addr == NULL) {/* out of resources */
+ param_size = bytes_left + 1; /* force skip loop */
+
+ if ((assoc->state == SN_ID) &&
+ ((sm->msg == SN_SCTP_INIT) ||
+ (bytes_left < SN_MIN_PARAM_SIZE))) { /* add pkt address */
+ G_Addr = (struct sctp_GlobalAddress *)sn_malloc(
+ sizeof(struct sctp_GlobalAddress));
+ if (G_Addr == NULL) { /* out of resources */
SN_LOG(SN_LOG_EVENT,
- logsctperror("AddGlobalIPAddress: No resources for adding global address - revert to no tracking",
- sm->sctp_hdr->v_tag, 0, direction));
- assoc->num_Gaddr = 0; /* don't track any more for this assoc*/
- sysctl_track_global_addresses=0;
+ logsctperror(
+ "AddGlobalIPAddress: No resources for adding global address - revert to no tracking",
+ sm->sctp_hdr->v_tag, 0, direction));
+ assoc->num_Gaddr =
+ 0; /* don't track any more for this assoc*/
+ sysctl_track_global_addresses = 0;
return;
}
G_Addr->g_addr = g_addr;
if (!Add_Global_Address_to_List(assoc, G_Addr))
SN_LOG(SN_LOG_EVENT,
- logsctperror("AddGlobalIPAddress: Address already in list",
- sm->sctp_hdr->v_tag, assoc->num_Gaddr, direction));
+ logsctperror(
+ "AddGlobalIPAddress: Address already in list",
+ sm->sctp_hdr->v_tag, assoc->num_Gaddr,
+ direction));
}
/* step through parameters */
- while((bytes_left >= param_size) && (bytes_left >= sizeof(struct sctp_ipv4addr_param))) {
+ while ((bytes_left >= param_size) &&
+ (bytes_left >= sizeof(struct sctp_ipv4addr_param))) {
if (assoc->num_Gaddr >= sysctl_track_global_addresses) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("AddGlobalIPAddress: Maximum Number of addresses reached",
- sm->sctp_hdr->v_tag, sysctl_track_global_addresses, direction));
+ logsctperror(
+ "AddGlobalIPAddress: Maximum Number of addresses reached",
+ sm->sctp_hdr->v_tag,
+ sysctl_track_global_addresses, direction));
return;
}
switch (ntohs(param->param_type)) {
case SCTP_ADD_IP_ADDRESS:
- /* skip to address parameter - leave param_size so bytes left will be calculated properly*/
- param = (struct sctp_paramhdr *) &((struct sctp_asconf_addrv4_param *) param)->addrp;
+ /* skip to address parameter - leave param_size so bytes
+ * left will be calculated properly*/
+ param = (struct sctp_paramhdr *)&(
+ (struct sctp_asconf_addrv4_param *)param)
+ ->addrp;
/* FALLTHROUGH */
case SCTP_IPV4_ADDRESS:
- ipv4_param = (struct sctp_ipv4addr_param *) param;
+ ipv4_param = (struct sctp_ipv4addr_param *)param;
/* add addresses to association */
- G_Addr = (struct sctp_GlobalAddress *) sn_malloc(sizeof(struct sctp_GlobalAddress));
- if (G_Addr == NULL) {/* out of resources */
+ G_Addr = (struct sctp_GlobalAddress *)sn_malloc(
+ sizeof(struct sctp_GlobalAddress));
+ if (G_Addr == NULL) { /* out of resources */
SN_LOG(SN_LOG_EVENT,
- logsctperror("AddGlobalIPAddress: No resources for adding global address - revert to no tracking",
- sm->sctp_hdr->v_tag, 0, direction));
- assoc->num_Gaddr = 0; /* don't track any more for this assoc*/
- sysctl_track_global_addresses=0;
+ logsctperror(
+ "AddGlobalIPAddress: No resources for adding global address - revert to no tracking",
+ sm->sctp_hdr->v_tag, 0, direction));
+ assoc->num_Gaddr =
+ 0; /* don't track any more for this assoc*/
+ sysctl_track_global_addresses = 0;
return;
}
/* add address */
addr_param_count++;
- if ((sm->msg == SN_SCTP_ASCONF) && (ipv4_param->addr == INADDR_ANY)) { /* use packet address */
+ if ((sm->msg == SN_SCTP_ASCONF) &&
+ (ipv4_param->addr ==
+ INADDR_ANY)) { /* use packet address */
G_Addr->g_addr = g_addr;
if (!Add_Global_Address_to_List(assoc, G_Addr))
SN_LOG(SN_LOG_EVENT,
- logsctperror("AddGlobalIPAddress: Address already in list",
- sm->sctp_hdr->v_tag, assoc->num_Gaddr, direction));
- return; /*shouldn't be any other addresses if the zero address is given*/
+ logsctperror(
+ "AddGlobalIPAddress: Address already in list",
+ sm->sctp_hdr->v_tag,
+ assoc->num_Gaddr, direction));
+ return; /*shouldn't be any other addresses if
+ the zero address is given*/
} else {
G_Addr->g_addr.s_addr = ipv4_param->addr;
if (!Add_Global_Address_to_List(assoc, G_Addr))
SN_LOG(SN_LOG_EVENT,
- logsctperror("AddGlobalIPAddress: Address already in list",
- sm->sctp_hdr->v_tag, assoc->num_Gaddr, direction));
+ logsctperror(
+ "AddGlobalIPAddress: Address already in list",
+ sm->sctp_hdr->v_tag,
+ assoc->num_Gaddr, direction));
}
}
@@ -1430,14 +1724,17 @@
param_size = SCTP_SIZE32(ntohs(param->param_length));
if (++param_count > sysctl_param_proc_limit) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("Parameter parse limit exceeded (AddGlobalIPAddress)",
- sm->sctp_hdr->v_tag, sysctl_param_proc_limit, direction));
+ logsctperror(
+ "Parameter parse limit exceeded (AddGlobalIPAddress)",
+ sm->sctp_hdr->v_tag, sysctl_param_proc_limit,
+ direction));
break; /* limit exceeded*/
}
}
if (addr_param_count == 0) {
SN_LOG(SN_LOG_DETAIL,
- logsctperror("AddGlobalIPAddress: no address parameters to add",
+ logsctperror(
+ "AddGlobalIPAddress: no address parameters to add",
sm->sctp_hdr->v_tag, assoc->num_Gaddr, direction));
}
}
@@ -1456,18 +1753,21 @@
* @return 1 - success | 0 - fail
*/
static int
-Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr)
+Add_Global_Address_to_List(struct sctp_nat_assoc *assoc,
+ struct sctp_GlobalAddress *G_addr)
{
struct sctp_GlobalAddress *iter_G_Addr = NULL, *first_G_Addr = NULL;
first_G_Addr = LIST_FIRST(&(assoc->Gaddr));
if (first_G_Addr == NULL) {
- LIST_INSERT_HEAD(&(assoc->Gaddr), G_addr, list_Gaddr); /* add new address to beginning of list*/
+ LIST_INSERT_HEAD(&(assoc->Gaddr), G_addr,
+ list_Gaddr); /* add new address to beginning of list*/
} else {
- LIST_FOREACH(iter_G_Addr, &(assoc->Gaddr), list_Gaddr) {
+ LIST_FOREACH (iter_G_Addr, &(assoc->Gaddr), list_Gaddr) {
if (G_addr->g_addr.s_addr == iter_G_Addr->g_addr.s_addr)
return (0); /* already exists, so don't add */
}
- LIST_INSERT_AFTER(first_G_Addr, G_addr, list_Gaddr); /* add address to end of list*/
+ LIST_INSERT_AFTER(first_G_Addr, G_addr,
+ list_Gaddr); /* add address to end of list*/
}
assoc->num_Gaddr++;
return (1); /* success */
@@ -1487,7 +1787,8 @@
*
*/
static void
-RmGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int direction)
+RmGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc,
+ int direction)
{
struct sctp_asconf_addrv4_param *asconf_ipv4_param;
struct sctp_paramhdr *param;
@@ -1509,53 +1810,87 @@
param_size = SCTP_SIZE32(ntohs(param->param_length));
} else {
SN_LOG(SN_LOG_EVENT,
- logsctperror("RmGlobalIPAddress: truncated packet - cannot remove IP addresses",
- sm->sctp_hdr->v_tag, sysctl_track_global_addresses, direction));
+ logsctperror(
+ "RmGlobalIPAddress: truncated packet - cannot remove IP addresses",
+ sm->sctp_hdr->v_tag, sysctl_track_global_addresses,
+ direction));
return;
}
/* step through Asconf parameters */
- while((bytes_left >= param_size) && (bytes_left >= sizeof(struct sctp_ipv4addr_param))) {
+ while ((bytes_left >= param_size) &&
+ (bytes_left >= sizeof(struct sctp_ipv4addr_param))) {
if (ntohs(param->param_type) == SCTP_DEL_IP_ADDRESS) {
- asconf_ipv4_param = (struct sctp_asconf_addrv4_param *) param;
- if (asconf_ipv4_param->addrp.addr == INADDR_ANY) { /* remove all bar pkt address */
- LIST_FOREACH_SAFE(G_Addr, &(assoc->Gaddr), list_Gaddr, G_Addr_tmp) {
- if (G_Addr->g_addr.s_addr != sm->ip_hdr->ip_src.s_addr) {
- if (assoc->num_Gaddr > 1) { /* only delete if more than one */
- LIST_REMOVE(G_Addr, list_Gaddr);
+ asconf_ipv4_param = (struct sctp_asconf_addrv4_param *)
+ param;
+ if (asconf_ipv4_param->addrp.addr ==
+ INADDR_ANY) { /* remove all bar pkt address */
+ LIST_FOREACH_SAFE (G_Addr, &(assoc->Gaddr),
+ list_Gaddr, G_Addr_tmp) {
+ if (G_Addr->g_addr.s_addr !=
+ sm->ip_hdr->ip_src.s_addr) {
+ if (assoc->num_Gaddr >
+ 1) { /* only delete if more
+ than one */
+ LIST_REMOVE(G_Addr,
+ list_Gaddr);
sn_free(G_Addr);
assoc->num_Gaddr--;
} else {
SN_LOG(SN_LOG_EVENT,
- logsctperror("RmGlobalIPAddress: Request to remove last IP address (didn't)",
- sm->sctp_hdr->v_tag, assoc->num_Gaddr, direction));
+ logsctperror(
+ "RmGlobalIPAddress: Request to remove last IP address (didn't)",
+ sm->sctp_hdr
+ ->v_tag,
+ assoc
+ ->num_Gaddr,
+ direction));
}
}
}
- return; /*shouldn't be any other addresses if the zero address is given*/
+ return; /*shouldn't be any other addresses if
+ the zero address is given*/
} else {
- LIST_FOREACH_SAFE(G_Addr, &(assoc->Gaddr), list_Gaddr, G_Addr_tmp) {
- if (G_Addr->g_addr.s_addr == asconf_ipv4_param->addrp.addr) {
- if (assoc->num_Gaddr > 1) { /* only delete if more than one */
- LIST_REMOVE(G_Addr, list_Gaddr);
+ LIST_FOREACH_SAFE (G_Addr, &(assoc->Gaddr),
+ list_Gaddr, G_Addr_tmp) {
+ if (G_Addr->g_addr.s_addr ==
+ asconf_ipv4_param->addrp.addr) {
+ if (assoc->num_Gaddr >
+ 1) { /* only delete if more
+ than one */
+ LIST_REMOVE(G_Addr,
+ list_Gaddr);
sn_free(G_Addr);
assoc->num_Gaddr--;
- break; /* Since add only adds new addresses, there should be no double entries */
+ break; /* Since add only
+ adds new
+ addresses,
+ there should
+ be no double
+ entries */
} else {
SN_LOG(SN_LOG_EVENT,
- logsctperror("RmGlobalIPAddress: Request to remove last IP address (didn't)",
- sm->sctp_hdr->v_tag, assoc->num_Gaddr, direction));
+ logsctperror(
+ "RmGlobalIPAddress: Request to remove last IP address (didn't)",
+ sm->sctp_hdr
+ ->v_tag,
+ assoc
+ ->num_Gaddr,
+ direction));
}
}
}
}
}
bytes_left -= param_size;
- if (bytes_left == 0) return;
+ if (bytes_left == 0)
+ return;
else if (bytes_left < SN_MIN_PARAM_SIZE) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("RmGlobalIPAddress: truncated packet - may not have removed all IP addresses",
- sm->sctp_hdr->v_tag, sysctl_track_global_addresses, direction));
+ logsctperror(
+ "RmGlobalIPAddress: truncated packet - may not have removed all IP addresses",
+ sm->sctp_hdr->v_tag,
+ sysctl_track_global_addresses, direction));
return;
}
@@ -1563,8 +1898,10 @@
param_size = SCTP_SIZE32(ntohs(param->param_length));
if (++param_count > sysctl_param_proc_limit) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("Parameter parse limit exceeded (RmGlobalIPAddress)",
- sm->sctp_hdr->v_tag, sysctl_param_proc_limit, direction));
+ logsctperror(
+ "Parameter parse limit exceeded (RmGlobalIPAddress)",
+ sm->sctp_hdr->v_tag, sysctl_param_proc_limit,
+ direction));
return; /* limit exceeded*/
}
}
@@ -1610,9 +1947,10 @@
if (bytes_left < param_size)
return (0); /* not found */
/* step through Asconf parameters */
- while(bytes_left >= SN_ASCONFACK_PARAM_SIZE) {
+ while (bytes_left >= SN_ASCONFACK_PARAM_SIZE) {
if (ntohs(param->param_type) == SCTP_SUCCESS_REPORT)
- return (1); /* success - but can't match correlation IDs - should only be one */
+ return (1); /* success - but can't match correlation IDs
+ - should only be one */
/* check others just in case */
bytes_left -= param_size;
if (bytes_left >= SN_MIN_PARAM_SIZE)
@@ -1621,12 +1959,15 @@
return (0);
param_size = SCTP_SIZE32(ntohs(param->param_length));
- if (bytes_left < param_size) return (0);
+ if (bytes_left < param_size)
+ return (0);
if (++param_count > sysctl_param_proc_limit) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("Parameter parse limit exceeded (IsASCONFack)",
- sm->sctp_hdr->v_tag, sysctl_param_proc_limit, direction));
+ logsctperror(
+ "Parameter parse limit exceeded (IsASCONFack)",
+ sm->sctp_hdr->v_tag, sysctl_param_proc_limit,
+ direction));
return (0); /* not found limit exceeded*/
}
}
@@ -1661,7 +2002,7 @@
if (bytes_left < param_size)
return (0); /* not found */
/* step through Asconf parameters */
- while(bytes_left >= SN_ASCONFACK_PARAM_SIZE) {
+ while (bytes_left >= SN_ASCONFACK_PARAM_SIZE) {
if (ntohs(param->param_type) == SCTP_ADD_IP_ADDRESS)
return (SCTP_ADD_IP_ADDRESS);
else if (ntohs(param->param_type) == SCTP_DEL_IP_ADDRESS)
@@ -1674,16 +2015,19 @@
return (0); /*Neither found */
param_size = SCTP_SIZE32(ntohs(param->param_length));
- if (bytes_left < param_size) return (0);
+ if (bytes_left < param_size)
+ return (0);
if (++param_count > sysctl_param_proc_limit) {
SN_LOG(SN_LOG_EVENT,
- logsctperror("Parameter parse limit exceeded IsADDorDEL)",
- sm->sctp_hdr->v_tag, sysctl_param_proc_limit, direction));
+ logsctperror(
+ "Parameter parse limit exceeded IsADDorDEL)",
+ sm->sctp_hdr->v_tag, sysctl_param_proc_limit,
+ direction));
return (0); /* not found limit exceeded*/
}
}
- return (0); /*Neither found */
+ return (0); /*Neither found */
}
/* ----------------------------------------------------------------------
@@ -1710,10 +2054,12 @@
* @param sm Pointer to sctp message information
* @param assoc Pointer to the association this SCTP Message belongs to
*
- * @return SN_DROP_PKT | SN_NAT_PKT | SN_REPLY_ABORT | SN_REPLY_ERROR | SN_PROCESSING_ERROR
+ * @return SN_DROP_PKT | SN_NAT_PKT | SN_REPLY_ABORT | SN_REPLY_ERROR |
+ * SN_PROCESSING_ERROR
*/
static int
-ProcessSctpMsg(struct libalias *la, int direction, struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc)
+ProcessSctpMsg(struct libalias *la, int direction, struct sctp_nat_msg *sm,
+ struct sctp_nat_assoc *assoc)
{
int rtnval;
@@ -1721,16 +2067,16 @@
case SN_ID: /* Idle */
rtnval = ID_process(la, direction, assoc, sm);
if (rtnval != SN_NAT_PKT) {
- assoc->state = SN_RM;/* Mark for removal*/
+ assoc->state = SN_RM; /* Mark for removal*/
}
return (rtnval);
case SN_INi: /* Initialising - Init */
return (INi_process(la, direction, assoc, sm));
case SN_INa: /* Initialising - AddIP */
return (INa_process(la, direction, assoc, sm));
- case SN_UP: /* Association UP */
+ case SN_UP: /* Association UP */
return (UP_process(la, direction, assoc, sm));
- case SN_CL: /* Association Closing */
+ case SN_CL: /* Association Closing */
return (CL_process(la, direction, assoc, sm));
}
return (SN_PROCESSING_ERROR);
@@ -1751,17 +2097,23 @@
* @return SN_NAT_PKT | SN_DROP_PKT | SN_REPLY_ABORT | SN_REPLY_ERROR
*/
static int
-ID_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm)
+ID_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc,
+ struct sctp_nat_msg *sm)
{
switch (sm->msg) {
- case SN_SCTP_ASCONF: /* a packet containing an ASCONF chunk with ADDIP */
- if (!sysctl_accept_global_ootb_addip && (direction == SN_TO_LOCAL))
+ case SN_SCTP_ASCONF: /* a packet containing an ASCONF chunk with ADDIP
+ */
+ if (!sysctl_accept_global_ootb_addip &&
+ (direction == SN_TO_LOCAL))
return (SN_DROP_PKT);
- /* if this Asconf packet does not contain the Vtag parameters it is of no use in Idle state */
- if (!GetAsconfVtags(la, sm, &(assoc->l_vtag), &(assoc->g_vtag), direction))
+ /* if this Asconf packet does not contain the Vtag parameters it
+ * is of no use in Idle state */
+ if (!GetAsconfVtags(la, sm, &(assoc->l_vtag), &(assoc->g_vtag),
+ direction))
return (SN_DROP_PKT);
/* FALLTHROUGH */
- case SN_SCTP_INIT: /* a packet containing an INIT chunk or an ASCONF AddIP */
+ case SN_SCTP_INIT: /* a packet containing an INIT chunk or an ASCONF
+ AddIP */
if (sysctl_track_global_addresses)
AddGlobalIPAddresses(sm, assoc, direction);
switch (direction) {
@@ -1772,14 +2124,19 @@
assoc->g_port = sm->sctp_hdr->dest_port;
if (sm->msg == SN_SCTP_INIT)
assoc->g_vtag = sm->sctpchnk.Init->initiate_tag;
- if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add dst address */
- return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR);
+ if (AddSctpAssocGlobal(la,
+ assoc)) /* DB clash: need to add dst address */
+ return ((sm->msg == SN_SCTP_INIT) ?
+ SN_REPLY_ABORT :
+ SN_REPLY_ERROR);
if (sm->msg == SN_SCTP_ASCONF) {
- if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_dst)) /* DB clash */
+ if (AddSctpAssocLocal(la, assoc,
+ sm->ip_hdr->ip_dst)) /* DB clash */
return (SN_REPLY_ERROR);
- assoc->TableRegister |= SN_WAIT_TOLOCAL; /* wait for tolocal ack */
+ assoc->TableRegister |=
+ SN_WAIT_TOLOCAL; /* wait for tolocal ack */
}
- break;
+ break;
case SN_TO_LOCAL:
assoc->l_addr = FindSctpRedirectAddress(la, sm);
assoc->a_addr = sm->ip_hdr->ip_dst;
@@ -1787,23 +2144,31 @@
assoc->g_port = sm->sctp_hdr->src_port;
if (sm->msg == SN_SCTP_INIT)
assoc->l_vtag = sm->sctpchnk.Init->initiate_tag;
- if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_src)) /* DB clash */
- return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR);
+ if (AddSctpAssocLocal(la, assoc,
+ sm->ip_hdr->ip_src)) /* DB clash */
+ return ((sm->msg == SN_SCTP_INIT) ?
+ SN_REPLY_ABORT :
+ SN_REPLY_ERROR);
if (sm->msg == SN_SCTP_ASCONF) {
- if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add src address */
+ if (AddSctpAssocGlobal(la,
+ assoc)) /* DB clash: need to add src
+ address */
return (SN_REPLY_ERROR);
- assoc->TableRegister |= SN_WAIT_TOGLOBAL; /* wait for toglobal ack */
+ assoc->TableRegister |=
+ SN_WAIT_TOGLOBAL; /* wait for toglobal ack
+ */
}
break;
}
assoc->state = (sm->msg == SN_SCTP_INIT) ? SN_INi : SN_INa;
assoc->exp = SN_I_T(la);
- sctp_AddTimeOut(la,assoc);
+ sctp_AddTimeOut(la, assoc);
return (SN_NAT_PKT);
default: /* Any other type of SCTP message is not valid in Idle */
return (SN_DROP_PKT);
}
- return (SN_DROP_PKT);/* shouldn't get here very bad: log, drop and hope for the best */
+ return (SN_DROP_PKT); /* shouldn't get here very bad: log, drop and hope
+ for the best */
}
/** @ingroup state_machine
@@ -1820,42 +2185,47 @@
* @return SN_NAT_PKT | SN_DROP_PKT | SN_REPLY_ABORT
*/
static int
-INi_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm)
+INi_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc,
+ struct sctp_nat_msg *sm)
{
switch (sm->msg) {
- case SN_SCTP_INIT: /* a packet containing a retransmitted INIT chunk */
+ case SN_SCTP_INIT: /* a packet containing a retransmitted INIT chunk */
sctp_ResetTimeOut(la, assoc, SN_I_T(la));
return (SN_NAT_PKT);
- case SN_SCTP_INITACK: /* a packet containing an INIT-ACK chunk */
+ case SN_SCTP_INITACK: /* a packet containing an INIT-ACK chunk */
switch (direction) {
case SN_TO_LOCAL:
- if (assoc->num_Gaddr) /*If tracking global addresses for this association */
+ if (assoc->num_Gaddr) /*If tracking global addresses for
+ this association */
AddGlobalIPAddresses(sm, assoc, direction);
assoc->l_vtag = sm->sctpchnk.Init->initiate_tag;
- if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_src)) { /* DB clash */
- assoc->state = SN_RM;/* Mark for removal*/
+ if (AddSctpAssocLocal(la, assoc,
+ sm->ip_hdr->ip_src)) { /* DB clash */
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_SEND_ABORT);
}
break;
case SN_TO_GLOBAL:
- assoc->l_addr = sm->ip_hdr->ip_src; // Only if not set in Init! *
+ assoc->l_addr =
+ sm->ip_hdr->ip_src; // Only if not set in Init! *
assoc->g_vtag = sm->sctpchnk.Init->initiate_tag;
if (AddSctpAssocGlobal(la, assoc)) { /* DB clash */
- assoc->state = SN_RM;/* Mark for removal*/
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_SEND_ABORT);
}
break;
}
- assoc->state = SN_UP;/* association established for NAT */
- sctp_ResetTimeOut(la,assoc, SN_U_T(la));
+ assoc->state = SN_UP; /* association established for NAT */
+ sctp_ResetTimeOut(la, assoc, SN_U_T(la));
return (SN_NAT_PKT);
- case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
- assoc->state = SN_RM;/* Mark for removal*/
+ case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_NAT_PKT);
default:
return (SN_DROP_PKT);
}
- return (SN_DROP_PKT);/* shouldn't get here very bad: log, drop and hope for the best */
+ return (SN_DROP_PKT); /* shouldn't get here very bad: log, drop and hope
+ for the best */
}
/** @ingroup state_machine
@@ -1872,38 +2242,45 @@
* @return SN_NAT_PKT | SN_DROP_PKT
*/
static int
-INa_process(struct libalias *la, int direction,struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm)
+INa_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc,
+ struct sctp_nat_msg *sm)
{
switch (sm->msg) {
- case SN_SCTP_ASCONF: /* a packet containing an ASCONF chunk*/
- sctp_ResetTimeOut(la,assoc, SN_I_T(la));
+ case SN_SCTP_ASCONF: /* a packet containing an ASCONF chunk*/
+ sctp_ResetTimeOut(la, assoc, SN_I_T(la));
return (SN_NAT_PKT);
- case SN_SCTP_ASCONFACK: /* a packet containing an ASCONF chunk with a ADDIP-ACK */
+ case SN_SCTP_ASCONFACK: /* a packet containing an ASCONF chunk with a
+ ADDIP-ACK */
switch (direction) {
case SN_TO_LOCAL:
- if (!(assoc->TableRegister & SN_WAIT_TOLOCAL)) /* wrong direction */
+ if (!(assoc->TableRegister &
+ SN_WAIT_TOLOCAL)) /* wrong direction */
return (SN_DROP_PKT);
break;
case SN_TO_GLOBAL:
- if (!(assoc->TableRegister & SN_WAIT_TOGLOBAL)) /* wrong direction */
+ if (!(assoc->TableRegister &
+ SN_WAIT_TOGLOBAL)) /* wrong direction */
return (SN_DROP_PKT);
}
- if (IsASCONFack(la,sm,direction)) {
- assoc->TableRegister &= SN_BOTH_TBL; /* remove wait flags */
- assoc->state = SN_UP; /* association established for NAT */
- sctp_ResetTimeOut(la,assoc, SN_U_T(la));
+ if (IsASCONFack(la, sm, direction)) {
+ assoc->TableRegister &=
+ SN_BOTH_TBL; /* remove wait flags */
+ assoc->state =
+ SN_UP; /* association established for NAT */
+ sctp_ResetTimeOut(la, assoc, SN_U_T(la));
return (SN_NAT_PKT);
} else {
- assoc->state = SN_RM;/* Mark for removal*/
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_NAT_PKT);
}
- case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
- assoc->state = SN_RM;/* Mark for removal*/
+ case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_NAT_PKT);
default:
return (SN_DROP_PKT);
}
- return (SN_DROP_PKT);/* shouldn't get here very bad: log, drop and hope for the best */
+ return (SN_DROP_PKT); /* shouldn't get here very bad: log, drop and hope
+ for the best */
}
/** @ingroup state_machine
@@ -1920,19 +2297,22 @@
* @return SN_NAT_PKT | SN_DROP_PKT
*/
static int
-UP_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm)
+UP_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc,
+ struct sctp_nat_msg *sm)
{
switch (sm->msg) {
- case SN_SCTP_SHUTACK: /* a packet containing a SHUTDOWN-ACK chunk */
+ case SN_SCTP_SHUTACK: /* a packet containing a SHUTDOWN-ACK chunk */
assoc->state = SN_CL;
- sctp_ResetTimeOut(la,assoc, SN_C_T(la));
+ sctp_ResetTimeOut(la, assoc, SN_C_T(la));
return (SN_NAT_PKT);
- case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
- assoc->state = SN_RM;/* Mark for removal*/
+ case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_NAT_PKT);
- case SN_SCTP_ASCONF: /* a packet containing an ASCONF chunk*/
- if ((direction == SN_TO_LOCAL) && assoc->num_Gaddr) /*If tracking global addresses for this association & from global side */
- switch (IsADDorDEL(la,sm,direction)) {
+ case SN_SCTP_ASCONF: /* a packet containing an ASCONF chunk*/
+ if ((direction == SN_TO_LOCAL) &&
+ assoc->num_Gaddr) /*If tracking global addresses for this
+ association & from global side */
+ switch (IsADDorDEL(la, sm, direction)) {
case SCTP_ADD_IP_ADDRESS:
AddGlobalIPAddresses(sm, assoc, direction);
break;
@@ -1942,10 +2322,11 @@
}
/* fall through to default */
default:
- sctp_ResetTimeOut(la,assoc, SN_U_T(la));
- return (SN_NAT_PKT); /* forward packet */
+ sctp_ResetTimeOut(la, assoc, SN_U_T(la));
+ return (SN_NAT_PKT); /* forward packet */
}
- return (SN_DROP_PKT);/* shouldn't get here very bad: log, drop and hope for the best */
+ return (SN_DROP_PKT); /* shouldn't get here very bad: log, drop and hope
+ for the best */
}
/** @ingroup state_machine
@@ -1964,27 +2345,32 @@
* @return SN_NAT_PKT | SN_DROP_PKT
*/
static int
-CL_process(struct libalias *la, int direction,struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm)
+CL_process(struct libalias *la, int direction, struct sctp_nat_assoc *assoc,
+ struct sctp_nat_msg *sm)
{
switch (sm->msg) {
- case SN_SCTP_SHUTCOMP: /* a packet containing a SHUTDOWN-COMPLETE chunk */
- assoc->state = SN_CL; /* Stay in Close state until timeout */
+ case SN_SCTP_SHUTCOMP: /* a packet containing a SHUTDOWN-COMPLETE chunk
+ */
+ assoc->state = SN_CL; /* Stay in Close state until timeout */
if (sysctl_holddown_timer > 0)
- sctp_ResetTimeOut(la, assoc, SN_X_T(la));/* allow to stay open for Tbit packets*/
+ sctp_ResetTimeOut(la, assoc,
+ SN_X_T(
+ la)); /* allow to stay open for Tbit packets*/
else
- assoc->state = SN_RM;/* Mark for removal*/
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_NAT_PKT);
- case SN_SCTP_SHUTACK: /* a packet containing a SHUTDOWN-ACK chunk */
- assoc->state = SN_CL; /* Stay in Close state until timeout */
+ case SN_SCTP_SHUTACK: /* a packet containing a SHUTDOWN-ACK chunk */
+ assoc->state = SN_CL; /* Stay in Close state until timeout */
sctp_ResetTimeOut(la, assoc, SN_C_T(la));
return (SN_NAT_PKT);
- case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
- assoc->state = SN_RM;/* Mark for removal*/
+ case SN_SCTP_ABORT: /* a packet containing an ABORT chunk */
+ assoc->state = SN_RM; /* Mark for removal*/
return (SN_NAT_PKT);
default:
return (SN_DROP_PKT);
}
- return (SN_DROP_PKT);/* shouldn't get here very bad: log, drop and hope for the best */
+ return (SN_DROP_PKT); /* shouldn't get here very bad: log, drop and hope
+ for the best */
}
/* ----------------------------------------------------------------------
@@ -2011,8 +2397,9 @@
*
* @return pointer to association or NULL
*/
-static struct sctp_nat_assoc*
-FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port)
+static struct sctp_nat_assoc *
+FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr,
+ uint32_t l_vtag, uint16_t l_port, uint16_t g_port)
{
u_int i;
struct sctp_nat_assoc *assoc = NULL;
@@ -2020,12 +2407,16 @@
if (l_vtag != 0) { /* an init packet, vtag==0 */
i = SN_TABLE_HASH(l_vtag, l_port, la->sctpNatTableSize);
- LIST_FOREACH(assoc, &la->sctpTableLocal[i], list_L) {
- if ((assoc->l_vtag == l_vtag) && (assoc->l_port == l_port) && (assoc->g_port == g_port)\
- && (assoc->l_addr.s_addr == l_addr.s_addr)) {
+ LIST_FOREACH (assoc, &la->sctpTableLocal[i], list_L) {
+ if ((assoc->l_vtag == l_vtag) &&
+ (assoc->l_port == l_port) &&
+ (assoc->g_port == g_port) &&
+ (assoc->l_addr.s_addr == l_addr.s_addr)) {
if (assoc->num_Gaddr) {
- LIST_FOREACH(G_Addr, &(assoc->Gaddr), list_Gaddr) {
- if (G_Addr->g_addr.s_addr == g_addr.s_addr)
+ LIST_FOREACH (G_Addr, &(assoc->Gaddr),
+ list_Gaddr) {
+ if (G_Addr->g_addr.s_addr ==
+ g_addr.s_addr)
return (assoc);
}
} else {
@@ -2048,7 +2439,7 @@
*
* @return pointer to association or NULL
*/
-static struct sctp_nat_assoc*
+static struct sctp_nat_assoc *
FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc)
{
u_int i;
@@ -2057,13 +2448,22 @@
struct sctp_GlobalAddress *G_AddrC = NULL;
if (Cassoc->g_vtag != 0) { /* an init packet, vtag==0 */
- i = SN_TABLE_HASH(Cassoc->g_vtag, Cassoc->g_port, la->sctpNatTableSize);
- LIST_FOREACH(assoc, &la->sctpTableGlobal[i], list_G) {
- if ((assoc->g_vtag == Cassoc->g_vtag) && (assoc->g_port == Cassoc->g_port) && (assoc->l_port == Cassoc->l_port)) {
+ i = SN_TABLE_HASH(Cassoc->g_vtag, Cassoc->g_port,
+ la->sctpNatTableSize);
+ LIST_FOREACH (assoc, &la->sctpTableGlobal[i], list_G) {
+ if ((assoc->g_vtag == Cassoc->g_vtag) &&
+ (assoc->g_port == Cassoc->g_port) &&
+ (assoc->l_port == Cassoc->l_port)) {
if (assoc->num_Gaddr) {
- LIST_FOREACH(G_AddrC, &(Cassoc->Gaddr), list_Gaddr) {
- LIST_FOREACH(G_Addr, &(assoc->Gaddr), list_Gaddr) {
- if (G_Addr->g_addr.s_addr == G_AddrC->g_addr.s_addr)
+ LIST_FOREACH (G_AddrC, &(Cassoc->Gaddr),
+ list_Gaddr) {
+ LIST_FOREACH (G_Addr,
+ &(assoc->Gaddr),
+ list_Gaddr) {
+ if (G_Addr->g_addr
+ .s_addr ==
+ G_AddrC->g_addr
+ .s_addr)
return (assoc);
}
}
@@ -2095,8 +2495,9 @@
*
* @return pointer to association or NULL
*/
-static struct sctp_nat_assoc*
-FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match)
+static struct sctp_nat_assoc *
+FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag,
+ uint16_t g_port, uint16_t l_port, int *partial_match)
{
u_int i;
struct sctp_nat_assoc *assoc = NULL;
@@ -2105,12 +2506,16 @@
*partial_match = 0;
if (g_vtag != 0) { /* an init packet, vtag==0 */
i = SN_TABLE_HASH(g_vtag, g_port, la->sctpNatTableSize);
- LIST_FOREACH(assoc, &la->sctpTableGlobal[i], list_G) {
- if ((assoc->g_vtag == g_vtag) && (assoc->g_port == g_port) && (assoc->l_port == l_port)) {
+ LIST_FOREACH (assoc, &la->sctpTableGlobal[i], list_G) {
+ if ((assoc->g_vtag == g_vtag) &&
+ (assoc->g_port == g_port) &&
+ (assoc->l_port == l_port)) {
*partial_match = 1;
if (assoc->num_Gaddr) {
- LIST_FOREACH(G_Addr, &(assoc->Gaddr), list_Gaddr) {
- if (G_Addr->g_addr.s_addr == g_addr.s_addr)
+ LIST_FOREACH (G_Addr, &(assoc->Gaddr),
+ list_Gaddr) {
+ if (G_Addr->g_addr.s_addr ==
+ g_addr.s_addr)
return (assoc);
}
} else
@@ -2122,7 +2527,8 @@
}
/** @ingroup Hash
- * @brief Find the SCTP association for a T-Flag message (given the global port and local vtag)
+ * @brief Find the SCTP association for a T-Flag message (given the global port
+ * and local vtag)
*
* Searches the local look-up table for a unique association entry matching the
* provided global port and local vtag information
@@ -2135,8 +2541,9 @@
*
* @return pointer to association or NULL
*/
-static struct sctp_nat_assoc*
-FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port)
+static struct sctp_nat_assoc *
+FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag,
+ uint16_t g_port, uint16_t l_port)
{
u_int i;
struct sctp_nat_assoc *assoc = NULL, *lastmatch = NULL;
@@ -2145,26 +2552,35 @@
if (l_vtag != 0) { /* an init packet, vtag==0 */
i = SN_TABLE_HASH(l_vtag, g_port, la->sctpNatTableSize);
- LIST_FOREACH(assoc, &la->sctpTableGlobal[i], list_G) {
- if ((assoc->g_vtag == l_vtag) && (assoc->g_port == g_port) && (assoc->l_port == l_port)) {
+ LIST_FOREACH (assoc, &la->sctpTableGlobal[i], list_G) {
+ if ((assoc->g_vtag == l_vtag) &&
+ (assoc->g_port == g_port) &&
+ (assoc->l_port == l_port)) {
if (assoc->num_Gaddr) {
- LIST_FOREACH(G_Addr, &(assoc->Gaddr), list_Gaddr) {
- if (G_Addr->g_addr.s_addr == g_addr.s_addr)
- return (assoc); /* full match */
+ LIST_FOREACH (G_Addr, &(assoc->Gaddr),
+ list_Gaddr) {
+ if (G_Addr->g_addr.s_addr ==
+ g_addr.s_addr)
+ return (
+ assoc); /* full
+ match */
}
} else {
- if (++cnt > 1) return (NULL);
+ if (++cnt > 1)
+ return (NULL);
lastmatch = assoc;
}
}
}
}
- /* If there is more than one match we do not know which local address to send to */
+ /* If there is more than one match we do not know which local address to
+ * send to */
return (cnt ? lastmatch : NULL);
}
/** @ingroup Hash
- * @brief Find the SCTP association for a T-Flag message (given the local port and global vtag)
+ * @brief Find the SCTP association for a T-Flag message (given the local port
+ * and global vtag)
*
* Searches the global look-up table for a unique association entry matching the
* provided local port and global vtag information
@@ -2177,8 +2593,9 @@
*
* @return pointer to association or NULL
*/
-static struct sctp_nat_assoc*
-FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port)
+static struct sctp_nat_assoc *
+FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag,
+ uint16_t l_port, uint16_t g_port)
{
u_int i;
struct sctp_nat_assoc *assoc = NULL;
@@ -2186,11 +2603,15 @@
if (g_vtag != 0) { /* an init packet, vtag==0 */
i = SN_TABLE_HASH(g_vtag, l_port, la->sctpNatTableSize);
- LIST_FOREACH(assoc, &la->sctpTableLocal[i], list_L) {
- if ((assoc->l_vtag == g_vtag) && (assoc->l_port == l_port) && (assoc->g_port == g_port)) {
+ LIST_FOREACH (assoc, &la->sctpTableLocal[i], list_L) {
+ if ((assoc->l_vtag == g_vtag) &&
+ (assoc->l_port == l_port) &&
+ (assoc->g_port == g_port)) {
if (assoc->num_Gaddr) {
- LIST_FOREACH(G_Addr, &(assoc->Gaddr), list_Gaddr) {
- if (G_Addr->g_addr.s_addr == g_addr.s_addr)
+ LIST_FOREACH (G_Addr, &(assoc->Gaddr),
+ list_Gaddr) {
+ if (G_Addr->g_addr.s_addr ==
+ g_addr.s_addr)
return (assoc);
}
} else
@@ -2218,23 +2639,26 @@
* @return SN_ADD_OK | SN_ADD_CLASH
*/
static int
-AddSctpAssocLocal(struct libalias *la, struct sctp_nat_assoc *assoc, struct in_addr g_addr)
+AddSctpAssocLocal(struct libalias *la, struct sctp_nat_assoc *assoc,
+ struct in_addr g_addr)
{
struct sctp_nat_assoc *found;
LIBALIAS_LOCK_ASSERT(la);
- found = FindSctpLocal(la, assoc->l_addr, g_addr, assoc->l_vtag, assoc->l_port, assoc->g_port);
+ found = FindSctpLocal(la, assoc->l_addr, g_addr, assoc->l_vtag,
+ assoc->l_port, assoc->g_port);
/*
* Note that if a different global address initiated this Init,
* ie it wasn't resent as presumed:
- * - the local receiver if receiving it for the first time will establish
- * an association with the new global host
- * - if receiving an init from a different global address after sending a
- * lost initack it will send an initack to the new global host, the first
- * association attempt will then be blocked if retried.
+ * - the local receiver if receiving it for the first time will
+ * establish an association with the new global host
+ * - if receiving an init from a different global address after sending
+ * a lost initack it will send an initack to the new global host, the
+ * first association attempt will then be blocked if retried.
*/
if (found != NULL) {
- if ((found->TableRegister == SN_LOCAL_TBL) && (found->g_port == assoc->g_port)) { /* resent message */
+ if ((found->TableRegister == SN_LOCAL_TBL) &&
+ (found->g_port == assoc->g_port)) { /* resent message */
RmSctpAssoc(la, found);
sctp_RmTimeOut(la, found);
freeGlobalAddressList(found);
@@ -2243,10 +2667,11 @@
return (SN_ADD_CLASH);
}
- LIST_INSERT_HEAD(&la->sctpTableLocal[SN_TABLE_HASH(assoc->l_vtag, assoc->l_port, la->sctpNatTableSize)],
+ LIST_INSERT_HEAD(&la->sctpTableLocal[SN_TABLE_HASH(assoc->l_vtag,
+ assoc->l_port, la->sctpNatTableSize)],
assoc, list_L);
assoc->TableRegister |= SN_LOCAL_TBL;
- la->sctpLinkCount++; //increment link count
+ la->sctpLinkCount++; // increment link count
if (assoc->TableRegister == SN_BOTH_TBL) {
/* libalias log -- controlled by libalias */
@@ -2293,10 +2718,11 @@
return (SN_ADD_CLASH);
}
- LIST_INSERT_HEAD(&la->sctpTableGlobal[SN_TABLE_HASH(assoc->g_vtag, assoc->g_port, la->sctpNatTableSize)],
+ LIST_INSERT_HEAD(&la->sctpTableGlobal[SN_TABLE_HASH(assoc->g_vtag,
+ assoc->g_port, la->sctpNatTableSize)],
assoc, list_G);
assoc->TableRegister |= SN_GLOBAL_TBL;
- la->sctpLinkCount++; //increment link count
+ la->sctpLinkCount++; // increment link count
if (assoc->TableRegister == SN_BOTH_TBL) {
/* libalias log -- controlled by libalias */
@@ -2330,7 +2756,8 @@
if (assoc == NULL) {
/* very bad, log and die*/
SN_LOG(SN_LOG_LOW,
- logsctperror("ERROR: alias_sctp:RmSctpAssoc(NULL)\n", 0, 0, SN_TO_NODIR));
+ logsctperror("ERROR: alias_sctp:RmSctpAssoc(NULL)\n", 0, 0,
+ SN_TO_NODIR));
return;
}
/* log if association is fully up and now closing */
@@ -2340,13 +2767,13 @@
LIBALIAS_LOCK_ASSERT(la);
if (assoc->TableRegister & SN_LOCAL_TBL) {
assoc->TableRegister ^= SN_LOCAL_TBL;
- la->sctpLinkCount--; //decrement link count
+ la->sctpLinkCount--; // decrement link count
LIST_REMOVE(assoc, list_L);
}
if (assoc->TableRegister & SN_GLOBAL_TBL) {
assoc->TableRegister ^= SN_GLOBAL_TBL;
- la->sctpLinkCount--; //decrement link count
+ la->sctpLinkCount--; // decrement link count
LIST_REMOVE(assoc, list_G);
}
// sn_free(assoc); //Don't remove now, remove if needed later
@@ -2364,9 +2791,10 @@
*
* @param assoc
*/
-static void freeGlobalAddressList(struct sctp_nat_assoc *assoc)
+static void
+freeGlobalAddressList(struct sctp_nat_assoc *assoc)
{
- struct sctp_GlobalAddress *gaddr1=NULL,*gaddr2=NULL;
+ struct sctp_GlobalAddress *gaddr1 = NULL, *gaddr2 = NULL;
/*free global address list*/
gaddr1 = LIST_FIRST(&(assoc->Gaddr));
while (gaddr1 != NULL) {
@@ -2407,7 +2835,8 @@
{
int add_loc;
LIBALIAS_LOCK_ASSERT(la);
- add_loc = assoc->exp - la->sctpNatTimer.loc_time + la->sctpNatTimer.cur_loc;
+ add_loc = assoc->exp - la->sctpNatTimer.loc_time +
+ la->sctpNatTimer.cur_loc;
if (add_loc >= SN_TIMER_QUEUE_SIZE)
add_loc -= SN_TIMER_QUEUE_SIZE;
LIST_INSERT_HEAD(&la->sctpNatTimer.TimerQ[add_loc], assoc, timer_Q);
@@ -2427,7 +2856,7 @@
sctp_RmTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc)
{
LIBALIAS_LOCK_ASSERT(la);
- LIST_REMOVE(assoc, timer_Q);/* Note this is O(1) */
+ LIST_REMOVE(assoc, timer_Q); /* Note this is O(1) */
}
/** @ingroup Timer
@@ -2474,18 +2903,24 @@
struct sctp_nat_assoc *assoc;
LIBALIAS_LOCK_ASSERT(la);
- while(la->timeStamp >= la->sctpNatTimer.loc_time) {
- while (!LIST_EMPTY(&la->sctpNatTimer.TimerQ[la->sctpNatTimer.cur_loc])) {
- assoc = LIST_FIRST(&la->sctpNatTimer.TimerQ[la->sctpNatTimer.cur_loc]);
- //SLIST_REMOVE_HEAD(&la->sctpNatTimer.TimerQ[la->sctpNatTimer.cur_loc], timer_Q);
+ while (la->timeStamp >= la->sctpNatTimer.loc_time) {
+ while (!LIST_EMPTY(
+ &la->sctpNatTimer.TimerQ[la->sctpNatTimer.cur_loc])) {
+ assoc = LIST_FIRST(
+ &la->sctpNatTimer.TimerQ[la->sctpNatTimer.cur_loc]);
+ // SLIST_REMOVE_HEAD(&la->sctpNatTimer.TimerQ[la->sctpNatTimer.cur_loc],
+ // timer_Q);
LIST_REMOVE(assoc, timer_Q);
if (la->timeStamp >= assoc->exp) { /* state expired */
- SN_LOG(((assoc->state == SN_CL) ? (SN_LOG_DEBUG) : (SN_LOG_INFO)),
- logsctperror("Timer Expired", assoc->g_vtag, assoc->state, SN_TO_NODIR));
+ SN_LOG(((assoc->state == SN_CL) ?
+ (SN_LOG_DEBUG) :
+ (SN_LOG_INFO)),
+ logsctperror("Timer Expired", assoc->g_vtag,
+ assoc->state, SN_TO_NODIR));
RmSctpAssoc(la, assoc);
freeGlobalAddressList(assoc);
sn_free(assoc);
- } else {/* state not expired, reschedule timer*/
+ } else { /* state not expired, reschedule timer*/
sctp_AddTimeOut(la, assoc);
}
}
@@ -2515,7 +2950,7 @@
* @param direction Direction of packet
*/
static void
-logsctperror(char* errormsg, uint32_t vtag, int error, int direction)
+logsctperror(char *errormsg, uint32_t vtag, int error, int direction)
{
char dir;
switch (direction) {
@@ -2590,7 +3025,8 @@
* @param assoc pointer to sctp association
* @param s Character that indicates the state of processing for this packet
*/
-static void logsctpassoc(struct sctp_nat_assoc *assoc, char* s)
+static void
+logsctpassoc(struct sctp_nat_assoc *assoc, char *s)
{
struct sctp_GlobalAddress *G_Addr = NULL;
char *sp;
@@ -2619,13 +3055,13 @@
sp = "***ERROR***";
break;
}
- SctpAliasLog("%sAssoc: %s exp=%u la=%s lv=%u lp=%u gv=%u gp=%u tbl=%d\n",
- s, sp, assoc->exp, inet_ntoa_r(assoc->l_addr, addrbuf),
- ntohl(assoc->l_vtag), ntohs(assoc->l_port),
- ntohl(assoc->g_vtag), ntohs(assoc->g_port),
- assoc->TableRegister);
+ SctpAliasLog(
+ "%sAssoc: %s exp=%u la=%s lv=%u lp=%u gv=%u gp=%u tbl=%d\n", s, sp,
+ assoc->exp, inet_ntoa_r(assoc->l_addr, addrbuf),
+ ntohl(assoc->l_vtag), ntohs(assoc->l_port), ntohl(assoc->g_vtag),
+ ntohs(assoc->g_port), assoc->TableRegister);
/* list global addresses */
- LIST_FOREACH(G_Addr, &(assoc->Gaddr), list_Gaddr) {
+ LIST_FOREACH (G_Addr, &(assoc->Gaddr), list_Gaddr) {
SctpAliasLog("\t\tga=%s\n",
inet_ntoa_r(G_Addr->g_addr, addrbuf));
}
@@ -2636,14 +3072,15 @@
*
* @param la Pointer to the relevant libalias instance
*/
-static void logSctpGlobal(struct libalias *la)
+static void
+logSctpGlobal(struct libalias *la)
{
u_int i;
struct sctp_nat_assoc *assoc = NULL;
SctpAliasLog("G->\n");
- for (i=0; i < la->sctpNatTableSize; i++) {
- LIST_FOREACH(assoc, &la->sctpTableGlobal[i], list_G) {
+ for (i = 0; i < la->sctpNatTableSize; i++) {
+ LIST_FOREACH (assoc, &la->sctpTableGlobal[i], list_G) {
logsctpassoc(assoc, " ");
}
}
@@ -2654,14 +3091,15 @@
*
* @param la Pointer to the relevant libalias instance
*/
-static void logSctpLocal(struct libalias *la)
+static void
+logSctpLocal(struct libalias *la)
{
u_int i;
struct sctp_nat_assoc *assoc = NULL;
SctpAliasLog("L->\n");
- for (i=0; i < la->sctpNatTableSize; i++) {
- LIST_FOREACH(assoc, &la->sctpTableLocal[i], list_L) {
+ for (i = 0; i < la->sctpNatTableSize; i++) {
+ LIST_FOREACH (assoc, &la->sctpTableLocal[i], list_L) {
logsctpassoc(assoc, " ");
}
}
@@ -2672,17 +3110,18 @@
*
* @param la Pointer to the relevant libalias instance
*/
-static void logTimerQ(struct libalias *la)
+static void
+logTimerQ(struct libalias *la)
{
static char buf[50];
u_int i;
struct sctp_nat_assoc *assoc = NULL;
SctpAliasLog("t->\n");
- for (i=0; i < SN_TIMER_QUEUE_SIZE; i++) {
- LIST_FOREACH(assoc, &la->sctpNatTimer.TimerQ[i], timer_Q) {
- snprintf(buf, 50, " l=%u ",i);
- //SctpAliasLog(la->logDesc," l=%d ",i);
+ for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) {
+ LIST_FOREACH (assoc, &la->sctpNatTimer.TimerQ[i], timer_Q) {
+ snprintf(buf, 50, " l=%u ", i);
+ // SctpAliasLog(la->logDesc," l=%d ",i);
logsctpassoc(assoc, buf);
}
}
@@ -2705,8 +3144,7 @@
va_start(ap, format);
vsnprintf(buffer, LIBALIAS_BUF_SIZE, format, ap);
va_end(ap);
- log(LOG_SECURITY | LOG_INFO,
- "alias_sctp: %s", buffer);
+ log(LOG_SECURITY | LOG_INFO, "alias_sctp: %s", buffer);
}
#else
static void
Index: sys/netinet/libalias/alias_skinny.c
===================================================================
--- sys/netinet/libalias/alias_skinny.c
+++ sys/netinet/libalias/alias_skinny.c
@@ -42,8 +42,8 @@
#include <unistd.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
@@ -55,16 +55,17 @@
#include "alias_mod.h"
#endif
-static void
-AliasHandleSkinny(struct libalias *, struct ip *, struct alias_link *);
+static void AliasHandleSkinny(struct libalias *, struct ip *,
+ struct alias_link *);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL)
return (-1);
- if (la->skinnyPort != 0 && (ntohs(*ah->sport) == la->skinnyPort ||
- ntohs(*ah->dport) == la->skinnyPort))
+ if (la->skinnyPort != 0 &&
+ (ntohs(*ah->sport) == la->skinnyPort ||
+ ntohs(*ah->dport) == la->skinnyPort))
return (0);
return (-1);
}
@@ -72,20 +73,16 @@
static int
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
- AliasHandleSkinny(la, pip, ah->lnk);
+ AliasHandleSkinny(la, pip, ah->lnk);
return (0);
}
-struct proto_handler handlers[] = {
- {
- .pri = 110,
- .dir = IN|OUT,
- .proto = TCP,
- .fingerprint = &fingerprint,
- .protohandler = &protohandler
- },
- { EOH }
-};
+struct proto_handler handlers[] = { { .pri = 110,
+ .dir = IN | OUT,
+ .proto = TCP,
+ .fingerprint = &fingerprint,
+ .protohandler = &protohandler },
+ { EOH } };
static int
mod_handler(module_t mod, int type, void *data)
@@ -110,11 +107,9 @@
#ifdef _KERNEL
static
#endif
-moduledata_t alias_mod = {
- "alias_skinny", mod_handler, NULL
-};
+ moduledata_t alias_mod = { "alias_skinny", mod_handler, NULL };
-#ifdef _KERNEL
+#ifdef _KERNEL
DECLARE_MODULE(alias_skinny, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_skinny, 1);
MODULE_DEPEND(alias_skinny, libalias, 1, 1, 1);
@@ -146,73 +141,69 @@
*
* Skinny is a Cisco-proprietary protocol and is a trademark of Cisco Systems,
* Inc. All rights reserved.
-*/
+ */
/* #define LIBALIAS_DEBUG 1 */
/* Message types that need translating */
-#define REG_MSG 0x00000001
-#define IP_PORT_MSG 0x00000002
-#define OPNRCVCH_ACK 0x00000022
-#define START_MEDIATX 0x0000008a
+#define REG_MSG 0x00000001
+#define IP_PORT_MSG 0x00000002
+#define OPNRCVCH_ACK 0x00000022
+#define START_MEDIATX 0x0000008a
struct skinny_header {
- u_int32_t len;
- u_int32_t reserved;
- u_int32_t msgId;
+ u_int32_t len;
+ u_int32_t reserved;
+ u_int32_t msgId;
};
struct RegisterMessage {
- u_int32_t msgId;
- char devName [16];
- u_int32_t uid;
- u_int32_t instance;
- u_int32_t ipAddr;
- u_char devType;
- u_int32_t maxStreams;
+ u_int32_t msgId;
+ char devName[16];
+ u_int32_t uid;
+ u_int32_t instance;
+ u_int32_t ipAddr;
+ u_char devType;
+ u_int32_t maxStreams;
};
struct IpPortMessage {
- u_int32_t msgId;
- u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
- * numbers */
+ u_int32_t msgId;
+ u_int32_t stationIpPort; /* Note: Skinny uses 32-bit port
+ * numbers */
};
struct OpenReceiveChannelAck {
- u_int32_t msgId;
- u_int32_t status;
- u_int32_t ipAddr;
- u_int32_t port;
- u_int32_t passThruPartyID;
+ u_int32_t msgId;
+ u_int32_t status;
+ u_int32_t ipAddr;
+ u_int32_t port;
+ u_int32_t passThruPartyID;
};
struct StartMediaTransmission {
- u_int32_t msgId;
- u_int32_t conferenceID;
- u_int32_t passThruPartyID;
- u_int32_t remoteIpAddr;
- u_int32_t remotePort;
- u_int32_t MSPacket;
- u_int32_t payloadCap;
- u_int32_t precedence;
- u_int32_t silenceSuppression;
- u_short maxFramesPerPacket;
- u_int32_t G723BitRate;
+ u_int32_t msgId;
+ u_int32_t conferenceID;
+ u_int32_t passThruPartyID;
+ u_int32_t remoteIpAddr;
+ u_int32_t remotePort;
+ u_int32_t MSPacket;
+ u_int32_t payloadCap;
+ u_int32_t precedence;
+ u_int32_t silenceSuppression;
+ u_short maxFramesPerPacket;
+ u_int32_t G723BitRate;
};
-typedef enum {
- ClientToServer = 0,
- ServerToClient = 1
-} ConvDirection;
+typedef enum { ClientToServer = 0, ServerToClient = 1 } ConvDirection;
static int
alias_skinny_reg_msg(struct RegisterMessage *reg_msg, struct ip *pip,
- struct tcphdr *tc, struct alias_link *lnk,
- ConvDirection direction)
+ struct tcphdr *tc, struct alias_link *lnk, ConvDirection direction)
{
(void)direction;
- reg_msg->ipAddr = (u_int32_t) GetAliasAddress(lnk).s_addr;
+ reg_msg->ipAddr = (u_int32_t)GetAliasAddress(lnk).s_addr;
tc->th_sum = 0;
#ifdef _KERNEL
@@ -226,9 +217,8 @@
static int
alias_skinny_startmedia(struct StartMediaTransmission *start_media,
- struct ip *pip, struct tcphdr *tc,
- struct alias_link *lnk, u_int32_t localIpAddr,
- ConvDirection direction)
+ struct ip *pip, struct tcphdr *tc, struct alias_link *lnk,
+ u_int32_t localIpAddr, ConvDirection direction)
{
struct in_addr dst, src;
@@ -250,12 +240,11 @@
static int
alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
- struct tcphdr *tc, struct alias_link *lnk,
- ConvDirection direction)
+ struct tcphdr *tc, struct alias_link *lnk, ConvDirection direction)
{
(void)direction;
- port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(lnk));
+ port_msg->stationIpPort = (u_int32_t)ntohs(GetAliasPort(lnk));
tc->th_sum = 0;
#ifdef _KERNEL
@@ -267,9 +256,9 @@
}
static int
-alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack,
- struct ip *pip, struct tcphdr *tc,
- struct alias_link *lnk, u_int32_t * localIpAddr,
+alias_skinny_opnrcvch_ack(struct libalias *la,
+ struct OpenReceiveChannelAck *opnrcvch_ack, struct ip *pip,
+ struct tcphdr *tc, struct alias_link *lnk, u_int32_t *localIpAddr,
ConvDirection direction)
{
struct in_addr null_addr;
@@ -279,15 +268,14 @@
(void)lnk;
(void)direction;
- *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr;
+ *localIpAddr = (u_int32_t)opnrcvch_ack->ipAddr;
localPort = opnrcvch_ack->port;
null_addr.s_addr = INADDR_ANY;
opnrcv_lnk = FindUdpTcpOut(la, pip->ip_src, null_addr,
- htons((u_short) opnrcvch_ack->port), 0,
- IPPROTO_UDP, 1);
- opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_lnk).s_addr;
- opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_lnk));
+ htons((u_short)opnrcvch_ack->port), 0, IPPROTO_UDP, 1);
+ opnrcvch_ack->ipAddr = (u_int32_t)GetAliasAddress(opnrcv_lnk).s_addr;
+ opnrcvch_ack->port = (u_int32_t)ntohs(GetAliasPort(opnrcv_lnk));
tc->th_sum = 0;
#ifdef _KERNEL
@@ -387,7 +375,8 @@
"PacketAlias/Skinny: Received ipport message\n");
#endif
port_mesg = (struct IpPortMessage *)&sd->msgId;
- alias_skinny_port_msg(port_mesg, pip, tc, lnk, direction);
+ alias_skinny_port_msg(port_mesg, pip, tc, lnk,
+ direction);
break;
}
case OPNRCVCH_ACK: {
@@ -404,8 +393,10 @@
fprintf(stderr,
"PacketAlias/Skinny: Received open rcv channel msg\n");
#endif
- opnrcvchn_ack = (struct OpenReceiveChannelAck *)&sd->msgId;
- alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, lnk, &lip, direction);
+ opnrcvchn_ack =
+ (struct OpenReceiveChannelAck *)&sd->msgId;
+ alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc,
+ lnk, &lip, direction);
break;
}
case START_MEDIATX: {
@@ -432,8 +423,10 @@
fprintf(stderr,
"PacketAlias/Skinny: Received start media trans msg\n");
#endif
- startmedia_tx = (struct StartMediaTransmission *)&sd->msgId;
- alias_skinny_startmedia(startmedia_tx, pip, tc, lnk, lip, direction);
+ startmedia_tx =
+ (struct StartMediaTransmission *)&sd->msgId;
+ alias_skinny_startmedia(startmedia_tx, pip, tc, lnk,
+ lip, direction);
break;
}
default:
Index: sys/netinet/libalias/alias_smedia.c
===================================================================
--- sys/netinet/libalias/alias_smedia.c
+++ sys/netinet/libalias/alias_smedia.c
@@ -106,14 +106,15 @@
#include <sys/kernel.h>
#include <sys/module.h>
#else
-#include <errno.h>
#include <sys/types.h>
+
+#include <errno.h>
#include <stdio.h>
#include <string.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
@@ -130,22 +131,21 @@
#define RTSP_CONTROL_PORT_NUMBER_2 7070
#define TFTP_PORT_NUMBER 69
-static void
-AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *,
- int maxpacketsize);
+static void AliasHandleRtspOut(struct libalias *, struct ip *,
+ struct alias_link *, int maxpacketsize);
static int
fingerprint(struct libalias *la, struct alias_data *ah)
{
if (ah->dport != NULL && ah->aport != NULL && ah->sport != NULL &&
- ntohs(*ah->dport) == TFTP_PORT_NUMBER)
+ ntohs(*ah->dport) == TFTP_PORT_NUMBER)
return (0);
if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL ||
ah->maxpktsize == 0)
return (-1);
- if (ntohs(*ah->dport) == RTSP_CONTROL_PORT_NUMBER_1
- || ntohs(*ah->sport) == RTSP_CONTROL_PORT_NUMBER_1
- || ntohs(*ah->dport) == RTSP_CONTROL_PORT_NUMBER_2
- || ntohs(*ah->sport) == RTSP_CONTROL_PORT_NUMBER_2)
+ if (ntohs(*ah->dport) == RTSP_CONTROL_PORT_NUMBER_1 ||
+ ntohs(*ah->sport) == RTSP_CONTROL_PORT_NUMBER_1 ||
+ ntohs(*ah->dport) == RTSP_CONTROL_PORT_NUMBER_2 ||
+ ntohs(*ah->sport) == RTSP_CONTROL_PORT_NUMBER_2)
return (0);
return (-1);
}
@@ -154,22 +154,19 @@
protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah)
{
if (ntohs(*ah->dport) == TFTP_PORT_NUMBER)
- FindRtspOut(la, pip->ip_src, pip->ip_dst,
- *ah->sport, *ah->aport, IPPROTO_UDP);
- else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize);
+ FindRtspOut(la, pip->ip_src, pip->ip_dst, *ah->sport,
+ *ah->aport, IPPROTO_UDP);
+ else
+ AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize);
return (0);
}
-struct proto_handler handlers[] = {
- {
- .pri = 100,
- .dir = OUT,
- .proto = TCP|UDP,
- .fingerprint = &fingerprint,
- .protohandler = &protohandler
- },
- { EOH }
-};
+struct proto_handler handlers[] = { { .pri = 100,
+ .dir = OUT,
+ .proto = TCP | UDP,
+ .fingerprint = &fingerprint,
+ .protohandler = &protohandler },
+ { EOH } };
static int
mod_handler(module_t mod, int type, void *data)
@@ -194,11 +191,9 @@
#ifdef _KERNEL
static
#endif
-moduledata_t alias_mod = {
- "alias_smedia", mod_handler, NULL
-};
+ moduledata_t alias_mod = { "alias_smedia", mod_handler, NULL };
-#ifdef _KERNEL
+#ifdef _KERNEL
DECLARE_MODULE(alias_smedia, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND);
MODULE_VERSION(alias_smedia, 1);
MODULE_DEPEND(alias_smedia, libalias, 1, 1, 1);
@@ -206,7 +201,7 @@
#define RTSP_CONTROL_PORT_NUMBER_1 554
#define RTSP_CONTROL_PORT_NUMBER_2 7070
-#define RTSP_PORT_GROUP 2
+#define RTSP_PORT_GROUP 2
#define ISDIGIT(a) (((a) >= '0') && ((a) <= '9'))
@@ -230,10 +225,8 @@
}
static int
-alias_rtsp_out(struct libalias *la, struct ip *pip,
- struct alias_link *lnk,
- char *data,
- const char *port_str)
+alias_rtsp_out(struct libalias *la, struct ip *pip, struct alias_link *lnk,
+ char *data, const char *port_str)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
@@ -310,25 +303,35 @@
* need
*/
null_addr.s_addr = 0;
- if (0 == (salias = FindNewPortGroup(la, null_addr,
- FindAliasAddress(la, pip->ip_src),
- sport, 0,
- RTSP_PORT_GROUP,
- IPPROTO_UDP, 1))) {
+ if (0 ==
+ (salias = FindNewPortGroup(la,
+ null_addr,
+ FindAliasAddress(la,
+ pip->ip_src),
+ sport, 0, RTSP_PORT_GROUP,
+ IPPROTO_UDP, 1))) {
#ifdef LIBALIAS_DEBUG
fprintf(stderr,
"PacketAlias/RTSP: Cannot find contiguous RTSP data ports\n");
#endif
} else {
base_alias = ntohs(salias);
- for (j = 0; j < RTSP_PORT_GROUP; j++) {
+ for (j = 0; j < RTSP_PORT_GROUP;
+ j++) {
/*
* Establish link
* to port found in
* RTSP packet
*/
- rtsp_lnk = FindRtspOut(la, GetOriginalAddress(lnk), null_addr,
- htons(base_port + j), htons(base_alias + j),
+ rtsp_lnk = FindRtspOut(
+ la,
+ GetOriginalAddress(
+ lnk),
+ null_addr,
+ htons(
+ base_port + j),
+ htons(
+ base_alias + j),
IPPROTO_UDP);
if (rtsp_lnk != NULL) {
#ifndef NO_FW_PUNCH
@@ -337,7 +340,8 @@
* hole in
* firewall
*/
- PunchFWHole(rtsp_lnk);
+ PunchFWHole(
+ rtsp_lnk);
#endif
} else {
#ifdef LIBALIAS_DEBUG
@@ -348,14 +352,16 @@
}
}
}
- ealias = htons(base_alias + (RTSP_PORT_GROUP - 1));
+ ealias = htons(
+ base_alias + (RTSP_PORT_GROUP - 1));
}
if (salias && rtsp_lnk) {
pkt_updated = 1;
/* Copy into IP packet */
sprintf(stemp, "%d", ntohs(salias));
- memcpy(port_newdata, stemp, strlen(stemp));
+ memcpy(port_newdata, stemp,
+ strlen(stemp));
port_newdata += strlen(stemp);
if (eport != 0) {
@@ -363,8 +369,10 @@
port_newdata++;
/* Copy into IP packet */
- sprintf(stemp, "%d", ntohs(ealias));
- memcpy(port_newdata, stemp, strlen(stemp));
+ sprintf(stemp, "%d",
+ ntohs(ealias));
+ memcpy(port_newdata, stemp,
+ strlen(stemp));
port_newdata += strlen(stemp);
}
*port_newdata = ';';
@@ -399,10 +407,7 @@
tc->th_seq, tc->th_off);
new_len = htons(hlen + new_dlen);
- DifferentialChecksum(&pip->ip_sum,
- &new_len,
- &pip->ip_len,
- 1);
+ DifferentialChecksum(&pip->ip_sum, &new_len, &pip->ip_len, 1);
pip->ip_len = new_len;
tc->th_sum = 0;
@@ -417,10 +422,8 @@
/* Support the protocol used by early versions of RealPlayer */
static int
-alias_pna_out(struct libalias *la, struct ip *pip,
- struct alias_link *lnk,
- char *data,
- int dlen)
+alias_pna_out(struct libalias *la, struct ip *pip, struct alias_link *lnk,
+ char *data, int dlen)
{
struct alias_link *pna_links;
u_short msg_id, msg_len;
@@ -440,8 +443,8 @@
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
memcpy(&port, work, 2);
- pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(lnk),
- port, 0, IPPROTO_UDP, 1);
+ pna_links = FindUdpTcpOut(la, pip->ip_src,
+ GetDestAddress(lnk), port, 0, IPPROTO_UDP, 1);
if (pna_links != NULL) {
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */
@@ -467,7 +470,8 @@
}
static void
-AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *lnk, int maxpacketsize)
+AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *lnk,
+ int maxpacketsize)
{
int hlen, tlen, dlen;
struct tcphdr *tc;
@@ -507,21 +511,23 @@
if (dlen >= (int)strlen(str200)) {
for (parseOk = 0, i = 0;
- i <= dlen - (int)strlen(str200);
- i++)
- if (memcmp(&data[i], str200, strlen(str200)) == 0) {
+ i <= dlen - (int)strlen(str200); i++)
+ if (memcmp(&data[i], str200, strlen(str200)) ==
+ 0) {
parseOk = 1;
break;
}
if (parseOk) {
- i += strlen(str200); /* skip string found */
- while (data[i] == ' ') /* skip blank(s) */
+ i += strlen(str200); /* skip string found */
+ while (data[i] == ' ') /* skip blank(s) */
i++;
if ((dlen - i) >= (int)strlen(okstr))
- if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
- alias_rtsp_out(la, pip, lnk, data, server_port_str);
+ if (memcmp(&data[i], okstr,
+ strlen(okstr)) == 0)
+ alias_rtsp_out(la, pip, lnk,
+ data, server_port_str);
}
}
}
Index: sys/netinet/libalias/alias_util.c
===================================================================
--- sys/netinet/libalias/alias_util.c
+++ sys/netinet/libalias/alias_util.c
@@ -49,11 +49,12 @@
#include <sys/proc.h>
#else
#include <sys/types.h>
+
#include <stdio.h>
#endif
-#include <netinet/in_systm.h>
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
@@ -72,8 +73,7 @@
* purposes);
*/
u_short
-LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr,
- int nbytes)
+LibAliasInternetChecksum(struct libalias *la __unused, u_short *ptr, int nbytes)
{
int sum, oddbyte;
@@ -85,8 +85,8 @@
}
if (nbytes == 1) {
oddbyte = 0;
- ((u_char *) & oddbyte)[0] = *(u_char *) ptr;
- ((u_char *) & oddbyte)[1] = 0;
+ ((u_char *)&oddbyte)[0] = *(u_char *)ptr;
+ ((u_char *)&oddbyte)[1] = 0;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
@@ -95,13 +95,12 @@
return (~sum);
}
-#ifndef _KERNEL
+#ifndef _KERNEL
u_short
IpChecksum(struct ip *pip)
{
- return (LibAliasInternetChecksum(NULL, (u_short *) pip,
- (pip->ip_hl << 2)));
-
+ return (
+ LibAliasInternetChecksum(NULL, (u_short *)pip, (pip->ip_hl << 2)));
}
u_short
@@ -116,9 +115,9 @@
ntcp = ntohs(pip->ip_len) - nhdr;
tc = (struct tcphdr *)ip_next(pip);
- ptr = (u_short *) tc;
+ ptr = (u_short *)tc;
-/* Add up TCP header and data */
+ /* Add up TCP header and data */
nbytes = ntcp;
sum = 0;
while (nbytes > 1) {
@@ -127,31 +126,31 @@
}
if (nbytes == 1) {
oddbyte = 0;
- ((u_char *) & oddbyte)[0] = *(u_char *) ptr;
- ((u_char *) & oddbyte)[1] = 0;
+ ((u_char *)&oddbyte)[0] = *(u_char *)ptr;
+ ((u_char *)&oddbyte)[1] = 0;
sum += oddbyte;
}
-/* "Pseudo-header" data */
+ /* "Pseudo-header" data */
ptr = (void *)&pip->ip_dst;
sum += *ptr++;
sum += *ptr;
ptr = (void *)&pip->ip_src;
sum += *ptr++;
sum += *ptr;
- sum += htons((u_short) ntcp);
- sum += htons((u_short) pip->ip_p);
+ sum += htons((u_short)ntcp);
+ sum += htons((u_short)pip->ip_p);
-/* Roll over carry bits */
+ /* Roll over carry bits */
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
-/* Return checksum */
- return ((u_short) ~ sum);
+ /* Return checksum */
+ return ((u_short)~sum);
}
-#endif /* not _KERNEL */
+#endif /* not _KERNEL */
void
-DifferentialChecksum(u_short * cksum, void *newp, void *oldp, int n)
+DifferentialChecksum(u_short *cksum, void *newp, void *oldp, int n)
{
int i;
int accumulate;
@@ -160,7 +159,7 @@
accumulate = *cksum;
for (i = 0; i < n; i++) {
- accumulate -= *new++;
+ accumulate -= *new ++;
accumulate += *old++;
}
@@ -168,10 +167,10 @@
accumulate = -accumulate;
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
- *cksum = (u_short) ~ accumulate;
+ *cksum = (u_short)~accumulate;
} else {
accumulate = (accumulate >> 16) + (accumulate & 0xffff);
accumulate += accumulate >> 16;
- *cksum = (u_short) accumulate;
+ *cksum = (u_short)accumulate;
}
}

File Metadata

Mime Type
text/plain
Expires
Wed, Mar 4, 3:38 AM (4 h, 50 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29225169
Default Alt Text
D30260.id89215.diff (318 KB)

Event Timeline