nat_icmp_transaction.c

vxworks下ppp的实现源码

/* nat_icmp_transaction.c */

/* Copyright 2000-2003  Wind River Systems, Inc. */

/* @format.tab-size 4, @format.use-tabs true, @format.new-line lf */

/*
modification history
--------------------
01b,24apr03,zhu  updated copyright
01a,21apr03,myz  replaced swap(_long) with the ntohs(l) and htons(l) macros,
                 replaced RWOS list functions with ones in dllLib.c.
040803  vks  	updated Copyright info 
040303  vks  	replacing table_malloc with calloc
050701  tk		Fix problem with ICMP time-exceeded message.  The ICMP time-exceeded message
				is handled as a datagram and is therefore moved to nat_icmp_datagram.c.
				Add comment in the code.
*/

#include "nat.h"
/************************************************************************/
static enum TEST handle_icmp_translation_global_rx_transaction_nats (ICMP_PACKET *sptr_icmp_packet);
static enum TEST handle_icmp_translation_global_rx_transaction_natg (ICMP_PACKET *sptr_icmp_packet);
static enum TEST handle_icmp_translation_local_rx_transaction_nats (ICMP_PACKET *sptr_icmp_packet);
static enum TEST handle_icmp_translation_local_rx_transaction_natg (ICMP_PACKET *sptr_icmp_packet);
static ICMP_TRANSLATION_ENTRY *new_icmp_translation_entry (ICMP_PACKET *sptr_icmp_packet, ICMP_TRANSLATION_HEADER *sptr_icmp_translation_list);
static ICMP_TRANSLATION_ENTRY *find_icmp_entry (ICMP_PACKET *sptr_icmp_packet);
/************************************************************************/
enum TEST handle_icmp_translation_global_rx_transaction (ICMP_PACKET *sptr_icmp_packet)
{
	enum TEST pass_or_fail;

	if (nat.single_global_address_enabled == TRUE)
		{
		pass_or_fail = handle_icmp_translation_global_rx_transaction_nats (sptr_icmp_packet);
		}
	else
		{
		pass_or_fail = handle_icmp_translation_global_rx_transaction_natg (sptr_icmp_packet);
		}

	return (pass_or_fail);				
}
/***************************************************************************/
enum TEST handle_icmp_translation_local_rx_transaction (ICMP_PACKET *sptr_icmp_packet)
{
	enum TEST pass_or_fail;

	if (nat.single_global_address_enabled == TRUE)
		{
		pass_or_fail = handle_icmp_translation_local_rx_transaction_nats (sptr_icmp_packet);
		}
	else
		{
		pass_or_fail = handle_icmp_translation_local_rx_transaction_natg (sptr_icmp_packet);
		}

	return (pass_or_fail);				
}

/*********************************************************************************************
Description:
	This function handles translation of ICMP transactions received from global NAPT port.
	If a match of the ICMP identifier is not found, it goes to the default ICMP address if
	configured in natcfg.c and perform the translation and checksum adjustment.  If the
	ICMP address is not configured, it passes the ICMP packet to the higher layer.
**********************************************************************************************/
static enum TEST handle_icmp_translation_global_rx_transaction_nats (ICMP_PACKET *sptr_icmp_packet)
{
	ICMP_TRANSLATION_ENTRY *sptr_icmp_translation_entry;
	USHORT icmp_identifier;
	USHORT spoofed_icmp_identifier;
	IP_ADDRESS address;
	USHORT checksum;
	ICMP_PACKET *sptr_icmp_embedded_packet;

	spoofed_icmp_identifier = ntohs (sptr_icmp_packet->header.option.echo_message.identifier);
	sptr_icmp_embedded_packet = NULL;

	sptr_icmp_translation_entry = match_spoofed_identifier_with_icmp_entry (spoofed_icmp_identifier, &nat.nats.icmp_translation_list);

	if (sptr_icmp_translation_entry == NULL)
		{
		sptr_icmp_translation_entry = &nat.nats.icmp_default_entry;
		}

	if (sptr_icmp_translation_entry->icmp_identifier != 0x0000)
		{
		icmp_identifier = htons (sptr_icmp_translation_entry->icmp_identifier);

		checksum = sptr_icmp_packet->header.checksum;

		checksum_fixup ((BYTE *) &checksum,
						(BYTE *) &sptr_icmp_packet->header.option.echo_message.identifier, sizeof (USHORT),
						(BYTE *) &icmp_identifier, sizeof (USHORT));		

		sptr_icmp_packet->header.option.echo_message.identifier = icmp_identifier;
		sptr_icmp_packet->header.checksum = checksum;
		}

	else if (sptr_icmp_translation_entry->local_address == 0)
		{
		return (PASS);
		}	

	address = htonl (sptr_icmp_translation_entry->local_address);

	checksum = sptr_icmp_packet->ip_header.header_checksum;

	checksum_fixup ((BYTE *) &checksum,
						(BYTE *) &sptr_icmp_packet->ip_header.destination_address, sizeof (IP_ADDRESS),
						(BYTE *) &address, sizeof (IP_ADDRESS));

	sptr_icmp_packet->ip_header.destination_address = address;
	sptr_icmp_packet->ip_header.header_checksum = checksum;

	return (PASS);
}
/***************************************************************************/
static enum TEST handle_icmp_translation_global_rx_transaction_natg (ICMP_PACKET *sptr_icmp_packet)
{
	if (sptr_icmp_packet->ip_header.destination_address == nat.global_address)
		{
		return (PASS);
		}

	if (handle_ip_translation_global_rx_natg ((IP_PACKET *) sptr_icmp_packet) == NULL)
		{
		return (FAIL);
		}
	
	return (PASS);	
}
/***************************************************************************/
static enum TEST handle_icmp_translation_local_rx_transaction_natg (ICMP_PACKET *sptr_icmp_packet)
{
	if (handle_ip_translation_local_rx_natg ((IP_PACKET *) sptr_icmp_packet) == NULL)
		{
		return (FAIL);
		}

	return (PASS);	
}
/***************************************************************************/
static ICMP_TRANSLATION_ENTRY *find_icmp_entry (ICMP_PACKET *sptr_icmp_packet)
{
	ICMP_TRANSLATION_ENTRY *sptr_icmp_translation_entry;
	for (sptr_icmp_translation_entry = (ICMP_TRANSLATION_ENTRY *) DLL_FIRST ((DL_LIST *) &nat.nats.icmp_translation_list);
		sptr_icmp_translation_entry != NULL;
		sptr_icmp_translation_entry = (ICMP_TRANSLATION_ENTRY *) DLL_NEXT ((DL_NODE *) sptr_icmp_translation_entry))
		{
		if (sptr_icmp_translation_entry->local_address == ntohl(sptr_icmp_packet->ip_header.source_address)
			&&(sptr_icmp_translation_entry->icmp_identifier == ntohs(sptr_icmp_packet->header.option.echo_message.identifier)))
			{
			return (sptr_icmp_translation_entry);
			}
		}
	return (NULL);
}
/***************************************************************************/
static enum TEST handle_icmp_translation_local_rx_transaction_nats (ICMP_PACKET *sptr_icmp_packet)
{
	ICMP_TRANSLATION_ENTRY *sptr_icmp_translation_entry;
	USHORT checksum;
	IP_ADDRESS address;
	USHORT spoofed_icmp_identifier;

	sptr_icmp_translation_entry = NULL;

	if (sptr_icmp_packet->ip_header.source_address == htonl (nat.nats.icmp_default_entry.local_address))
		{
		sptr_icmp_translation_entry = &nat.nats.icmp_default_entry;
		}
	else 
		{
		sptr_icmp_translation_entry = find_icmp_entry (sptr_icmp_packet);
		}

	if (sptr_icmp_translation_entry == NULL)
		{
		sptr_icmp_translation_entry = new_icmp_translation_entry (sptr_icmp_packet, &nat.nats.icmp_translation_list);
		}

	if (sptr_icmp_translation_entry == NULL)
		{
		return (FAIL);
		}

	if (sptr_icmp_translation_entry->spoofed_icmp_identifier != 0x0000)
		{
		spoofed_icmp_identifier = htons (sptr_icmp_translation_entry->spoofed_icmp_identifier);

		checksum = sptr_icmp_packet->header.checksum;

		checksum_fixup ((BYTE *) &checksum,
							(BYTE *) &sptr_icmp_packet->header.option.echo_message.identifier, sizeof (USHORT),
							(BYTE *) &spoofed_icmp_identifier, sizeof (USHORT));

		sptr_icmp_packet->header.checksum = checksum;
		sptr_icmp_packet->header.option.echo_message.identifier = spoofed_icmp_identifier;
		}

	address = htonl (nat.global_address);
	
	checksum = sptr_icmp_packet->ip_header.header_checksum;
		
	checksum_fixup ((BYTE *) &checksum,
						(BYTE *) &sptr_icmp_packet->ip_header.source_address, sizeof (IP_ADDRESS),
						(BYTE *)	&address, sizeof (IP_ADDRESS));

	sptr_icmp_packet->ip_header.source_address = address;
	sptr_icmp_packet->ip_header.header_checksum = checksum;
						
	return (PASS);		
}
/***************************************************************************/
static ICMP_TRANSLATION_ENTRY *new_icmp_translation_entry (ICMP_PACKET *sptr_icmp_packet, ICMP_TRANSLATION_HEADER *sptr_icmp_translation_list)
{
	ICMP_TRANSLATION_ENTRY *sptr_icmp_translation_entry;

	if (increment_nat_port_spoofing_number (&nat.current_port_spoofing_number) == FAIL)
		{
		return (NULL);
		}

	sptr_icmp_translation_entry = (ICMP_TRANSLATION_ENTRY *) calloc (1, sizeof (ICMP_TRANSLATION_ENTRY));

	if (sptr_icmp_translation_entry == NULL)
		{
		return (NULL);
		}

	sptr_icmp_translation_entry->icmp_identifier = ntohs (sptr_icmp_packet->header.option.timestamp_message.identifier);
	sptr_icmp_translation_entry->spoofed_icmp_identifier = nat.current_port_spoofing_number;
	sptr_icmp_translation_entry->local_address = ntohl (sptr_icmp_packet->ip_header.source_address);
	sptr_icmp_translation_entry->icmp_translation_entry_timer = nat.icmp_translation_entry_timer;

	dllAdd ((DL_LIST *) sptr_icmp_translation_list, (DL_NODE *) sptr_icmp_translation_entry);

	return (sptr_icmp_translation_entry);
}