nat_initialize.c

VXWORKS NAT 部分源代码2 有兴趣朋友可以参考下

				nat.tcp_static_entries[index].global_port_number = nat.tcp_static_entries[index].local_port_number;
			}

			/* register the static entry to the TCP translation list and bind list */
			if (registerStaticEntryToTranslationList (&(nat.tcp_static_entries[index]), IPPROTO_TCP) == ERROR)
			{
				printf("Failed to register TCP static entry\n");
				return (ERROR);
			}
		}

		for (index=0; index<sizeof(nat.udp_static_entries)/sizeof(nat.udp_static_entries[0]); index++) 
		{
			if (nat.udp_static_entries[index].local_address == 0)
			{
				continue;	/* End of list */
			}

			/* Global server port defaults to local port if not specified (0) */
			if(nat.udp_static_entries[index].global_port_number == 0)
			{
				nat.udp_static_entries[index].global_port_number = nat.udp_static_entries[index].local_port_number;
			}

			/* register the static entry to the UDP translation list and bind list */
			if (registerStaticEntryToTranslationList (&(nat.udp_static_entries[index]), IPPROTO_UDP) == ERROR)
			{
				printf("Failed to register UDP static entry\n");
				return (ERROR);
			}
		}
	}

	nat_add_local_interfaces_to_passthru_list ();

	/* start a 2 second timer */

	natTimerId = natTimerEvtCreate(2000,(FUNCPTR)nat_timer,0);

	if (natTimerId == NULL)
	{
		nat_printf(NAT_PRINTF_ERROR,"fail to create NAT timer\n");
		return ERROR;
	}

	if (natEvtActivate(natTimerId) == ERROR)
	{
		nat_printf(NAT_PRINTF_ERROR,"fail to activate NAT timer\n");
		return ERROR;
	}

	if (semGive(natInitSync) != OK)    /* let nat plugins process event */
	{
		nat_printf (NAT_PRINTF_ERROR, "Failed to give natInitSync semaphore\n");
		return (ERROR);
	}

	nat_printf (NAT_PRINTF_INIT, "NAT: Set NAT plugin event \r");






	natFtpInit(21);	
	natH323Init(1720);
	natPPTPPTInit();
	natIPSecPTInit(500);

	/* Hook NAT at IP pre_input and output */
	status = natFilterHooksAdd(natPreinputFilterHook, natOutputFilterHook);

	if (status != OK)
		return status;

	/* Hook the NAT local ICMP error message handling */

	natIcmpErrorHookAdd();

	return (status);
}
/************************************************************************/
static void initialize_global_address_pool (IP_ADDRESS address, 
	NAT_IP_ADDRESS_ENTRY *sptr_address_entry, ULONG table_size)
{
	ULONG 	index;
	ULONG	mask;

	mask = table_size - 1;

	for (index = 0; index < table_size; index++)
		{		
		sptr_address_entry[index].address = (address & (~mask)) | (index & mask);

		if (index < nat.natg.global_address_index_start)		
			{
			sptr_address_entry[index].address_in_use = TRUE;
			sptr_address_entry[index].static_entry = FALSE;
			}
		else
			{
			/* global address must not be the same as NAT's global interface address */
			if (sptr_address_entry[index].address == nat.port[nat.global_port_number].address)
				{
				sptr_address_entry[index].address_in_use = TRUE;
				sptr_address_entry[index].static_entry = FALSE;
				}
			else
				{
				sptr_address_entry[index].address_in_use = FALSE;
				sptr_address_entry[index].static_entry = FALSE;
				}
			}
		}

		sptr_address_entry[0].address_in_use = TRUE;
		sptr_address_entry[mask].address_in_use = TRUE;
}
/*************************************************************************/
static enum TEST nat_setup_static_entries (NAT_IP_STATIC_ENTRY *sptr_static_entry, 
	NAT_IP_ADDRESS_ENTRY* sptr_address_entry, 
	ULONG address_table_size,
	IP_TRANSLATION_HEADER *sptr_ip_translation_list)
{
	USHORT 	static_entry_index;
	USHORT	port_index;
	USHORT	maxStaticIpEntries;
	ULONG 	address_index;
	IP_TRANSLATION_ENTRY *sptr_ip_translation_entry;
	NAT_IP_ADDRESS_ENTRY *sptr_original_address_entry;
	
	sptr_original_address_entry = sptr_address_entry;

	if (nat.single_global_address_enabled == TRUE)
	{	/* NAPT */
		maxStaticIpEntries = MAXIMUM_NUMBER_OF_IP_STATIC_ENTRIES;
	}
	else
	{	/* Basic-NAT */
		maxStaticIpEntries = MAXIMUM_NUMBER_OF_STATIC_ENTRIES;
	}

	for (static_entry_index = 0; static_entry_index < maxStaticIpEntries; ++static_entry_index)
		{
		if ((sptr_static_entry[static_entry_index].local_address != 0x00000000L) &&
			(sptr_static_entry[static_entry_index].global_address != 0x00000000L))
			{
			sptr_address_entry = sptr_original_address_entry;
			
			for (port_index = 0; port_index < NUMBER_OF_IP_PORTS; ++port_index)
				{
				for (address_index = 0; address_index < address_table_size; ++address_index)
					{
					if (sptr_address_entry->address == sptr_static_entry[static_entry_index].global_address)
						{
						sptr_ip_translation_entry = allocate_and_initialize_ip_translation_entry (sptr_address_entry,
							sptr_static_entry[static_entry_index].local_address, sptr_static_entry[static_entry_index].global_address,
							TRUE);
						
						if (sptr_ip_translation_entry == NULL)
							{
							return (FAIL);
							}

						dllAdd ((DL_LIST *) sptr_ip_translation_list, (DL_NODE *) sptr_ip_translation_entry);
						}

					sptr_address_entry++;	/* Increments pointer instead of using address_index */
					}
				}
			}			
		}

	return (PASS);
}
/*************************************************************************/
void nat_printf (enum NAT_PRINTF_GROUPS printf_group, const char* file, int line,
					const char *cptr_format, ...)
{
	char 	output[256];
	char	type;
	bool 	log_string;
	bool 	print_string;
	int		ticks;
	int		seconds;
	int		ticks_per_second;
	ULONG	parm[6];		/* logMsg supports a maximum of 6 parameters */
	int		parm_index;

	va_list argptr;

	/* if logging and printf disabled, just return to improve NAT performance */
	if (nat.logging_enabled == false && nat.printing_enabled == false)
		{
		return;
		}

	va_start (argptr,cptr_format);

	log_string = false;
	print_string = false;
	type = '?';

	switch (printf_group)
		{
		case NAT_PRINTF_INIT_GROUP:

			log_string = nat.initialization_logging_enabled;
			print_string = nat.initialization_printing_enabled;
			type = 'i';

			break;

		case NAT_PRINTF_DATA_GROUP:

			log_string = nat.data_logging_enabled;
			print_string = nat.data_printing_enabled;
			type = 'd';

			break;

		case NAT_PRINTF_TRACE_GROUP:

			log_string = nat.trace_logging_enabled;
			print_string = nat.trace_printing_enabled;
			type = ' ';

			break;

		case NAT_PRINTF_ERROR_GROUP:

			log_string = nat.error_logging_enabled;
			print_string = nat.error_printing_enabled;
			type = '!';

			break;
		}

	if (nat.logging_enabled == true && log_string == true)
		{
		for (parm_index = 0; parm_index < sizeof(parm)/sizeof(parm[0]); parm_index++)
			{
			parm[parm_index] = va_arg (argptr, ULONG);
			}

		logMsg ((char*)cptr_format
			,parm[0]
			,parm[1]
			,parm[2]
			,parm[3]
			,parm[4]
			,parm[5]);
		}

	if (nat.printing_enabled == true && print_string == true)
		{
		ticks = tickGet();
		ticks_per_second = sysClkRateGet();
		seconds = ticks/ticks_per_second;
		if (nat.printing_debug == true)
			{
			sprintf (output,"%04d:%02d NAT%c (%s %d): %.128s", 
				seconds&0x1fff, ticks%ticks_per_second, type, file, line, cptr_format);
			}
		else
			{
			sprintf (output,"%04d:%02d NAT%c: %.128s", 
				seconds&0x1fff, ticks%ticks_per_second, type, cptr_format);
			}
		vprintf (output,argptr);
		}

	va_end (argptr);
}

/*************************************************************************/ 
void nat_add_local_interfaces_to_passthru_list (void)
{
	UINT port_number;
	NAT_PASSTHRU_PAIR *p_address_mask_pair;
	
	for (port_number = 0; port_number < NUMBER_OF_IP_PORTS; ++port_number)
		{
		if ((nat.port[port_number].type == NAT_GLOBAL_PORT) 
			|| (nat.port[port_number].address == 0))
			{
			continue;
			}
		
		p_address_mask_pair = (NAT_PASSTHRU_PAIR *) malloc (sizeof (NAT_PASSTHRU_PAIR));

		if (p_address_mask_pair == NULL)
			{
			break;
			}
		
		p_address_mask_pair->address = nat.port[port_number].address;
		p_address_mask_pair->mask = nat.port[port_number].mask;
		
		lstAdd (&nat.passthru_list, (NODE*) p_address_mask_pair);
		}
	
	return;	
}

/*******************************************************************************
*
* natFilterHooksAdd - add NAT filter hooks to receive all IP packets
*
* This routine adds NAT hooks that will be called for every IP
* packet received.
*
* The hook routine should return TRUE if it has filtered the input packet. 
* if returns TRUE, it must handle the freeing of any resources associated with 
* the packet.  For example, the filter hook routine would be responsible for 
* freeing the packet's 'mbuf' chain by calling 'm_freem(*pPtrMbuf)'. 
* 
* The filter hook routine should return FALSE if it has not handled the 
* packet.  In response to a FALSE, the network stack submits the packet 
* for normal IP processing.
*
* RETURNS: OK, always.
*/

STATUS natFilterHooksAdd
    (
    FUNCPTR natPreinputFilterHook,   	
    FUNCPTR natOutputFilterHook   	
    )
    {
    if (_func_fwPreinputHook == NULL) 
        /* 
	 * No Firewall or it hasn't been initialized, put NAT 
	 * preinput hook at IP preinput hook directly 
	 */
        _func_fwPreinputHook = natPreinputFilterHook;

    if (_func_fwOutputHook == NULL) 
        /* 
	 * No Firewall or it hasn't been initialized, put NAT 
	 * output hook at IP output hook directly 
         */
        _func_fwOutputHook = natOutputFilterHook;

#if 0
    /* Initialize NAT hook in Firewall */
    _func_fwNatPreinputHook = natPreinputFilterHook;
    _func_fwNatOutputHook = natOutputFilterHook;
    _func_fwNatHook = nat_filter_hook;
#endif

    return (OK);
    }

/*******************************************************************************
*
* natFilterHooksDelete - This routine deletes NAT filter hooks 
*
* This routine deletes NAT filter hooks.
*
* RETURNS: N/A
*/

void natFilterHooksDelete (void)
    {
    if (_func_fwPreinputHook == natPreinputFilterHook)
	/* NAT only, no firewall */
        _func_fwPreinputHook = NULL;

    if (_func_fwOutputHook == natOutputFilterHook)
	/* NAT only, no firewall */
        _func_fwOutputHook = NULL;
#if 0
    _func_fwNatPreinputHook = NULL;
    _func_fwNatOutputHook = NULL;
    _func_fwNatHook = NULL;
#endif
    }