📄 natmgmt.c
字号:
pNatBindEntry->natBindLeaseLeft = 0xffffffff; pNatBindEntry->natBindMaxIdle = nat.tcp_connected_timer; pNatBindEntry->natBindCurrIdle = pTcpEntry->local_connection_timer; pNatBindEntry->natBindDirection = NAT_UNIDIRECTIONAL; pNatBindEntry->natBindProto = TCP_TRANS_LIST; pNatBindEntry->natBindAction = NAT_BIND_ACTIVE; break; case UDP_TRANS_LIST: pUdpEntry = (UDP_TRANSLATION_ENTRY *) pBestEntry; pNatBindEntry->natBindStatic = (pUdpEntry->static_entry) ? STATIC_ENTRY : DYNAMIC_ENTRY; pNatBindEntry->natBindType = TRANSPORT_BINDING; pNatBindEntry->natBindLocalAddress = htonl(pUdpEntry->local_address); pNatBindEntry->natBindLocalPort = pUdpEntry->local_port; pNatBindEntry->natBindRemAddress = htonl(pUdpEntry->remote_address); pNatBindEntry->natBindRemPort = pUdpEntry->remote_port; pNatBindEntry->natBindMaxLeaseTime = 0xffffffff; pNatBindEntry->natBindLeaseLeft = 0xffffffff; pNatBindEntry->natBindMaxIdle = nat.udp_translation_entry_timer; pNatBindEntry->natBindCurrIdle = pUdpEntry->udp_translation_entry_timer; pNatBindEntry->natBindDirection = NAT_UNIDIRECTIONAL; pNatBindEntry->natBindProto = UDP_TRANS_LIST; pNatBindEntry->natBindAction = NAT_BIND_ACTIVE; break; case ICMP_TRANS_LIST: pIcmpEntry = (ICMP_TRANSLATION_ENTRY *) pBestEntry; pNatBindEntry->natBindStatic = DYNAMIC_ENTRY; pNatBindEntry->natBindType = TRANSPORT_BINDING; pNatBindEntry->natBindLocalAddress = htonl(pIcmpEntry->local_address); pNatBindEntry->natBindLocalPort = pIcmpEntry->icmp_identifier; pNatBindEntry->natBindRemAddress = htonl(icmpGlobAddr); pNatBindEntry->natBindRemPort = pIcmpEntry->spoofed_icmp_identifier; pNatBindEntry->natBindMaxLeaseTime = 0xffffffff; pNatBindEntry->natBindLeaseLeft = 0xffffffff; pNatBindEntry->natBindMaxIdle = nat.icmp_translation_entry_timer; pNatBindEntry->natBindCurrIdle = pIcmpEntry->icmp_translation_entry_timer; pNatBindEntry->natBindDirection = NAT_UNIDIRECTIONAL; pNatBindEntry->natBindProto = ICMP_TRANS_LIST; pNatBindEntry->natBindAction = NAT_BIND_ACTIVE; break; default: errnoSet(S_m2Lib_ENTRY_NOT_FOUND); return ERROR; } /* * Get the interface information for each IP address from the global * "nat" structure */ for (index = 0; index < NUMBER_OF_IP_PORTS; index++) { unsigned char * pStr; /* convert the string to all lower case letters */ pStr = (unsigned char *)nat.port[index].type_string; while (*pStr != (unsigned char)(ULONG)NULL) { *pStr = tolower(*pStr); pStr++; } if (nat.port[index].ifname) { if (strstr (nat.port[index].type_string, "global") != NULL) { bzero ((char *)pNatBindEntry->natBindExtIfName, sizeof(pNatBindEntry->natBindExtIfName)); bcopy (nat.port[index].ifname, (char *)pNatBindEntry->natBindExtIfName, sizeof (nat.port[index].ifname)); pNatBindEntry->natBindExtIfNumber = nat.port[index].ifunit->if_index; } else if (strstr (nat.port[index].type_string, "local") != NULL) { bzero ((char *)pNatBindEntry->natBindLocalIfName, sizeof(pNatBindEntry->natBindLocalIfName)); bcopy (nat.port[index].ifname, (char *)pNatBindEntry->natBindLocalIfName, sizeof (nat.port[index].ifname)); pNatBindEntry->natBindLocalIfNumber = nat.port[index].ifunit->if_index; } } } return OK; }/************************************************************************** * * m2NatSessTblEntryGet - Get/Next Routine for the session table * * This routine performs the lookup of all the objects associated with * a particular session entry, as stpecified by the loc addr, loc port, * rem addr and rem port combination. If the search type is NEXT_VALUE, * the objects that are looked up are that for the lexicographic * successor of the given combination.And you should increment the * lowest part of the index by 1 for search type NEXT_VALUE. * * Currently, the session and bind table essentialy give the same * entries as the implementation does not differentiate between them. * However, two separate routines have been provided so that at a later * time, if the implementation supports the two tables, minimum change * will be required in the MIB support. * * RETURNS: OK if a successful lookup was done, * ERROR otherwise */STATUS m2NatSessTblEntryGet ( NAT_SESSTBL_ENTRY * pNatSessEntry, /* pointer to buffer */ int searchType /* GET/NEXT */ ) { IP_TRANSLATION_ENTRY * pIpEntry = NULL; TCP_TRANSLATION_ENTRY * pTcpEntry = NULL; UDP_TRANSLATION_ENTRY * pUdpEntry = NULL; void * pBestEntry = NULL; IP_ADDRESS savLocAddr; IP_ADDRESS savRemAddr; USHORT savLocPort; USHORT savRemPort; UINT16 matchType = 0; int found = 0; UINT16 natType; USHORT basicPort = 0xffff; if (!pNatSessEntry) return ERROR; /* * Initialize the ports and the IP address of the saved entry to the * maximum possible values */ savLocAddr = 0xffffffff; savRemAddr = 0xffffffff; savLocPort = 0xffff; savRemPort = 0xffff; if (nat.single_global_address_enabled == TRUE) natType = NAT_NAPT; else natType = NAT_BASIC; /*Both NAPT and basic NAT will go through this*/ pIpEntry = (IP_TRANSLATION_ENTRY *)DLL_FIRST ((DL_LIST *)&nat.natg.ip_translation_list); while (pIpEntry && !found) { if (transListWalk ( &pIpEntry->sa_local_address, &basicPort, &pIpEntry->sa_global_address, &basicPort, &pNatSessEntry->natSessionLocalAddress, &pNatSessEntry->natSessionLocalPort, &pNatSessEntry->natSessionRemAddress, &pNatSessEntry->natSessionRemPort, &savLocAddr, &savLocPort, &savRemAddr, &savRemPort, natType, searchType ) != ERROR) { pBestEntry = pIpEntry; matchType = IP_TRANS_LIST; if (searchType == GET_VALUE) { found = 1; break; } } /* * If this is a GET_VALUE search, and we found an entry, then we are * done. If this is a NEXT_VALUE, then we execute this code in any case. */ if ( (searchType == NEXT_VALUE) || (searchType == GET_VALUE && !found) ) { /* * We now search the TCP translation list within each of these IP * translation entries */ pTcpEntry = (TCP_TRANSLATION_ENTRY *)DLL_FIRST ((DL_LIST *)&pIpEntry->tcp_translation_list); while (pTcpEntry) { if (transListWalk ( &pTcpEntry->local_address, &pTcpEntry->local_port, &pTcpEntry->remote_address, &pTcpEntry->remote_port, &pNatSessEntry->natSessionLocalAddress, &pNatSessEntry->natSessionLocalPort, &pNatSessEntry->natSessionRemAddress, &pNatSessEntry->natSessionRemPort, &savLocAddr, &savLocPort, &savRemAddr, &savRemPort, natType, searchType ) != ERROR) { pBestEntry = pTcpEntry; matchType = TCP_TRANS_LIST; if (searchType == GET_VALUE) { found = 1; break; } } pTcpEntry = (TCP_TRANSLATION_ENTRY *) DLL_NEXT ((DL_NODE *) pTcpEntry); } } /* Done with this IP entry, get the next one */ pIpEntry = (IP_TRANSLATION_ENTRY *) DLL_NEXT ((DL_NODE *) pIpEntry); } /* the following code will be only executed at NAPT mode */ if (natType == NAT_NAPT) { /* * NAPT mode : * We will have to browse through the other two lists - TCP and UDP * to figure out our best match * We will start off with the TCP list * If this is a GET_VALUE search, and we found an entry, then we are * done. If this is a NEXT_VALUE, then we execute this code in any case. */ if ( (searchType == NEXT_VALUE) || (searchType == GET_VALUE && !found) ) { pTcpEntry = (TCP_TRANSLATION_ENTRY *) DLL_FIRST ((DL_LIST *) &nat.nats.tcp_translation_list); while (pTcpEntry) { if (transListWalk ( &pTcpEntry->local_address, &pTcpEntry->local_port, &pTcpEntry->remote_address, &pTcpEntry->remote_port, &pNatSessEntry->natSessionLocalAddress, &pNatSessEntry->natSessionLocalPort, &pNatSessEntry->natSessionRemAddress, &pNatSessEntry->natSessionRemPort, &savLocAddr, &savLocPort, &savRemAddr, &savRemPort, natType, searchType ) != ERROR) { pBestEntry = pTcpEntry; matchType = TCP_TRANS_LIST; if (searchType == GET_VALUE) { found = 1; break; } } pTcpEntry = (TCP_TRANSLATION_ENTRY *) DLL_NEXT ((DL_NODE *) pTcpEntry); } } /* * If this is a GET_VALUE search, and we found an entry, then we are * done. */ if (!found) { pUdpEntry = (UDP_TRANSLATION_ENTRY *) DLL_FIRST((DL_LIST *) &nat.nats.udp_translation_list); while (pUdpEntry) { if (transListWalk ( &pUdpEntry->local_address, &pUdpEntry->local_port, &pUdpEntry->remote_address, &pUdpEntry->remote_port, &pNatSessEntry->natSessionLocalAddress, &pNatSessEntry->natSessionLocalPort, &pNatSessEntry->natSessionRemAddress, &pNatSessEntry->natSessionRemPort, &savLocAddr, &savLocPort, &savRemAddr, &savRemPort, natType, searchType ) != ERROR) { pBestEntry = pUdpEntry; matchType = UDP_TRANS_LIST; if (searchType == GET_VALUE) { found = 1; break; } } pUdpEntry = (UDP_TRANSLATION_ENTRY *) DLL_NEXT ((DL_NODE *) pUdpEntry); } } } /* pBestEntry should have the best match, so start copying the values */ switch (matchType) { case IP_TRANS_LIST: pIpEntry = (IP_TRANSLATION_ENTRY *) pBestEntry; pNatSessEntry->natSessionProto = IP_TRANS_LIST; pNatSessEntry->natSessionLocalAddress = htonl(pIpEntry->sa_local_address); pNatSessEntry->natSessionLocalPort = 0xffff; pNatSessEntry->natSessionRemAddress = htonl(pIpEntry->sa_global_address); pNatSessEntry->natSessionRemPort = 0xffff; pNatSessEntry->natXSessionLocalAddress = htonl(pIpEntry->sptr_local_address_use_entry->address); pNatSessEntry->natXSessionLocalPort = 0xffff; pNatSessEntry->natXSessionRemAddress = htonl(0xffffffff); pNatSessEntry->natXSessionRemPort = 0xffff; pNatSessEntry->natSessionEnd = NAT_END_IDLETIME; pNatSessEntry->natSessionIdleTimeLeft = pIpEntry->time_stamp; pNatSessEntry->natSessionPacketModifier = NAT_NOMODIFIER; /* Session direction info is not available for addressed based * entries. GET or GET-NEXT operation to obtain NAT session⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -