📄 natmgmt.c
字号:
* direction for an address based entry will return 0 */ if(((NAT_BIND_INFO *)(pIpEntry->bind_id)) != NULL) pNatSessEntry->natSessionDirection =(int)(((NAT_BIND_INFO *) (pIpEntry->bind_id))->direction); else pNatSessEntry->natSessionDirection = 0; break; case TCP_TRANS_LIST: pTcpEntry = (TCP_TRANSLATION_ENTRY *) pBestEntry; pNatSessEntry->natSessionProto = TCP_TRANS_LIST; pNatSessEntry->natSessionLocalAddress = htonl(pTcpEntry->local_address); pNatSessEntry->natSessionLocalPort = pTcpEntry->local_port; pNatSessEntry->natSessionRemAddress = htonl(pTcpEntry->remote_address); pNatSessEntry->natSessionRemPort = pTcpEntry->remote_port; pNatSessEntry->natXSessionLocalAddress = htonl(nat.global_address); pNatSessEntry->natXSessionLocalPort = pTcpEntry->spoofed_local_port; pNatSessEntry->natXSessionRemAddress = htonl(pTcpEntry->remote_address); pNatSessEntry->natXSessionRemPort = pTcpEntry->remote_port; pNatSessEntry->natSessionEnd = NAT_END_IDLETIME; pNatSessEntry->natSessionIdleTimeLeft = pTcpEntry->local_connection_timer; pNatSessEntry->natSessionPacketModifier = NAT_NOMODIFIER; /* Session direction info is not available for addressed based * entries. GET or GET-NEXT operation to obtain NAT session * direction for an address based entry will return 0 */ if(((NAT_BIND_INFO *)(pTcpEntry->bind_id)) != NULL) pNatSessEntry->natSessionDirection =(int)(((NAT_BIND_INFO *) (pTcpEntry->bind_id))->direction); else pNatSessEntry->natSessionDirection = 0; break; case UDP_TRANS_LIST: pUdpEntry = (UDP_TRANSLATION_ENTRY *) pBestEntry; pNatSessEntry->natSessionProto = UDP_TRANS_LIST; pNatSessEntry->natSessionLocalAddress = htonl(pUdpEntry->local_address); pNatSessEntry->natSessionLocalPort = pUdpEntry->local_port; pNatSessEntry->natSessionRemAddress = htonl(pUdpEntry->remote_address); pNatSessEntry->natSessionRemPort = pUdpEntry->remote_port; pNatSessEntry->natXSessionLocalAddress = htonl(nat.global_address); pNatSessEntry->natXSessionLocalPort = pUdpEntry->spoofed_local_port; pNatSessEntry->natXSessionRemAddress = htonl(pUdpEntry->remote_address); pNatSessEntry->natXSessionRemPort = pUdpEntry->remote_port; pNatSessEntry->natSessionEnd = NAT_END_IDLETIME; pNatSessEntry->natSessionIdleTimeLeft = pUdpEntry->udp_translation_entry_timer; pNatSessEntry->natSessionPacketModifier = NAT_NOMODIFIER; /* Session direction info is not available for addressed based * entries. GET or GET-NEXT operation to obtain NAT session * direction for an address based entry will return 0 */ if(((NAT_BIND_INFO *)(pUdpEntry->bind_id)) != NULL) pNatSessEntry->natSessionDirection =(int)(((NAT_BIND_INFO *) (pUdpEntry->bind_id))->direction); else pNatSessEntry->natSessionDirection = 0; break; default: errnoSet(S_m2Lib_ENTRY_NOT_FOUND); return ERROR; } return OK; }/************************************************************************** * * transListWalk - Walk the transition list to find a match * * * * RETURNS: */LOCAL STATUS transListWalk ( IP_ADDRESS * pCurrLocAddr, /* current entry's local address */ USHORT * pCurrLocPort, /* current entry's local port */ IP_ADDRESS * pCurrRemAddr, /* current entry's remote address */ USHORT * pCurrRemPort, /* current entry's remote port */ IP_ADDRESS * pRcvdLocAddr, /* received entry's local address */ USHORT * pRcvdLocPort, /* received entry's local port */ IP_ADDRESS * pRcvdRemAddr, /* received entry's remote address */ USHORT * pRcvdRemPort, /* received entry's remote port */ IP_ADDRESS * pSavLocAddr, /* saved entry's local address */ USHORT * pSavLocPort, /* saved entry's local port */ IP_ADDRESS * pSavRemAddr, /* saved entry's remote address */ USHORT * pSavRemPort, /* saved entry's remote port */ UINT16 natType, /* NAT mode */ int searchType /* Type of search */ ) { int cmp; cmp = ipAddrAndPortCmp ( pRcvdLocAddr, pRcvdLocPort, pRcvdRemAddr, pRcvdRemPort, pCurrLocAddr, pCurrLocPort, pCurrRemAddr, pCurrRemPort, natType, searchType ); if ( (searchType == GET_VALUE) && (cmp == 1) ) { return OK; } if ( (searchType == NEXT_VALUE) && (cmp == 2) ) { /* * We come here only if searchType is for a NEXT_VALUE. * The entry we just pulled out of the list is greater than * the entry that was given to us. Compare this entry with * the saved entry to see which is the best lexicographic * successor. */ if (ipAddrAndPortCmp ( pSavLocAddr, pSavLocPort, pSavRemAddr, pSavRemPort, pCurrLocAddr, pCurrLocPort, pCurrRemAddr, pCurrRemPort, natType, searchType ) == 1) { /* * The new entry seems to be the lexicographic * successor. Get the rid of the current saved entry * and replace that with the new entry we just pulled * out of the translation list. */ *pSavLocAddr = *pCurrLocAddr; *pSavLocPort = *pCurrLocPort; *pSavRemAddr = *pCurrRemAddr; *pSavRemPort = *pCurrRemPort; return OK; } } return ERROR; }/************************************************************************** * * ipAddrAndPortCmp - Compare two translation entries, given the * local and remote transport tuples. * * This routine compares two translation entries. Based on the transport * tuples, it tries to figure out which of the two entries is larger. * Incase, of Basic NAT, the ports are not used. * * RETURNS: * if <searchType> == NEXT_VALUE * 1 if first translation entry is greater * 2 if the second translation entry is greater * 0 if they are eaqual * if <searchType> == GET_VALUE * 1 if the entries match * 2 if they do not match */LOCAL UINT16 ipAddrAndPortCmp ( IP_ADDRESS * pLocAddr1, /* first local ip address */ USHORT * pLocPort1, /* first local port */ IP_ADDRESS * pRemAddr1, /* first remote ip address */ USHORT * pRemPort1, /* first remote port */ IP_ADDRESS * pLocAddr2, /* second local ip address */ USHORT * pLocPort2, /* second local port */ IP_ADDRESS * pRemAddr2, /* second remote ip address */ USHORT * pRemPort2, /* second remote port */ UINT16 natType, /* Type of NAT mode */ int searchType /* GET/NEXT mode of search */ ) { switch (natType) { case NAT_BASIC: case NAT_NAPT: if (searchType == GET_VALUE) { /* searchType is for perfect match */ if ( (*pLocAddr1 == *pLocAddr2) && (*pLocPort1 == *pLocPort2) && (*pRemAddr1 == *pRemAddr2) && (*pRemPort1 == *pRemPort2) ) return 1; else return 2; } else { /* searchType is for a NEXT value */ if (*pLocAddr1 > *pLocAddr2) return (1); if (*pLocAddr1 < *pLocAddr2) return (2); if (*pLocPort1 > *pLocPort2) return (1); if (*pLocPort1 < *pLocPort2) return (2); if (*pRemAddr1 > *pRemAddr2) return (1); if (*pRemAddr1 < *pRemAddr2) return (2); if (*pRemPort1 > *pRemPort2) return (1); if (*pRemPort1 < *pRemPort2) return (2); } break; } /* when it's NEXT value and eaqual or natType matches other case */ return 0; }/************************************************************************** * * natRealmModify - Modify the private and external realm types * * This routine changes the value of the private and external realm types. * * RETURNS: n/a */void natRealmModify ( NAT_SCALARS * pNatScalars, /* Pointer to the NAT device */ char * pPrRealmType, /* The private realm descr */ char * pExtRealmType /* The external realm descr */ ) { if (pPrRealmType[0] != '\0') strcpy ((char *)pNatScalars->natPrRealmType, pPrRealmType); if (pExtRealmType[0] != '\0') strcpy ((char *)pNatScalars->natExtRealmType, pExtRealmType); return; }/************************************************************************* * * natBindInfoGet - Get the total bind entries in the system * * This routine parses all the translation lists and figures out the * total number of bind entries in the system. If the mode of operation * Basic NAT, then this routine traverses the natg structure. If the mode * is NAPT, then it traverses the lists in the nats structure. * * RETURNS: n/a */LOCAL void natBindInfoGet ( NAT_CLASS * pNatClass, /* Pointer to the NAT structure */ int * pIpStaticCount, /* Buffer to store no. of NAT static Ip binds */ int * pIpDynamicCount, /* Buffer to store no. of NAT dynamic Ip binds */ int * pTcpStaticCount, /* Buffer to store no. of NAT static TCP binds */ int * pTcpDynamicCount, /* Buffer to store no. of NAT dynamic TCP binds */ int * pUdpStaticCount, /* Buffer to store no. of NAT UDP dynamic binds */ int * pUdpDynamicCount, /* Buffer to store no. of NAT UDP dynamic binds */ int * pIcmpDynamicCount, /* Buffer to store no. of NAT ICMP dynamic binds */ int * pStaticCount, /* Buffer for count of all the static binds */ int * pDynamicCount /* Buffer for count of all the dynamic binds */ ) { IP_TRANSLATION_ENTRY * pIpEntry = NULL; TCP_TRANSLATION_ENTRY * pTcpEntry = NULL; UDP_TRANSLATION_ENTRY * pUdpEntry = NULL; ICMP_TRANSLATION_ENTRY * pIcmpEntry = NULL; if (nat.single_global_address_enabled) { /* * We have the NAPT case * Scan the TCP, UDP and the ICMP translation lists in nats structure * to find the number of entries. */ for ( pTcpEntry = (TCP_TRANSLATION_ENTRY *) DLL_FIRST((DL_LIST *)&pNatClass->nats.tcp_translation_list); pTcpEntry != NULL; pTcpEntry = (TCP_TRANSLATION_ENTRY *) DLL_NEXT((DL_NODE *) pTcpEntry) ) { if (pTcpEntry->static_entry == TRUE) (*pTcpStaticCount)++; else (*pTcpDynamicCount)++; } for ( pUdpEntry = (UDP_TRANSLATION_ENTRY *) DLL_FIRST ((DL_LIST *)&pNatClass->nats.udp_translation_list); pUdpEntry != NULL; pUdpEntry = (UDP_TRANSLATION_ENTRY *) DLL_NEXT((DL_NODE *) pUdpEntry) ) { if (pUdpEntry->static_entry == TRUE) (*pUdpStaticCount)++; else (*pUdpDynamicCount)++; } for ( pIcmpEntry = (ICMP_TRANSLATION_ENTRY *) DLL_FIRST ((DL_LIST *)&pNatClass->nats.icmp_translation_list); pIcmpEntry != NULL; pIcmpEntry = (ICMP_TRANSLATION_ENTRY *) DLL_NEXT((DL_NODE *) pIcmpEntry) ) { (*pIcmpDynamicCount)++; } } /* * Both Basic NAT nd NAPT will do this: * Scan the IP translation list in natg structure to find the number * entri⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -