60#include <sys/libkern.h>
61#include <sys/limits.h>
94#define PROXY_TYPE_ENCODE_NONE 1
95#define PROXY_TYPE_ENCODE_TCPSTREAM 2
96#define PROXY_TYPE_ENCODE_IPHDR 3
139static int IpPort(
char *,
int,
int *);
152 if (nbits < 0 || nbits > 32)
156 for (i = 0; i < nbits; i++)
157 imask = (imask >> 1) + 0x80000000;
158 mask->
s_addr = htonl(imask);
177 n = sscanf(s,
"%d", port);
184 se = getservbyname(s,
"tcp");
186 se = getservbyname(s,
"udp");
193 *port = (u_int)ntohs(se->s_port);
221 while (ptr != NULL) {
223 if (ptr_last == NULL) {
230 ptr_last->
next = entry;
240 ptr_last->
next = entry;
241 entry->
last = ptr_last;
252 if (entry->
last != NULL)
257 if (entry->
next != NULL)
272 while (ptr != NULL) {
275 ptr_next = ptr->
next;
294 char addrbuf[INET_ADDRSTRLEN];
297 tc = (
struct tcphdr *)ip_next(pip);
304 snprintf(buffer,
sizeof(buffer) - 2,
"[DEST %s %d]",
309 slen = strlen(buffer);
312 strcat(buffer,
" \n");
316 strcat(buffer,
"\n");
321 if ((
int)(ntohs(pip->
ip_len) + strlen(buffer)) > maxpacketsize)
330 hlen = (pip->
ip_hl + tc->th_off) << 2;
331 dlen = ntohs(pip->
ip_len) - hlen;
340 bcopy(p, p + slen, dlen);
341 memcpy(p, buffer, slen);
349 tc = (
struct tcphdr *)ip_next(pip);
361 accumulate -= pip->
ip_len;
373 tc->th_sum = TcpChecksum(pip);
380#define OPTION_LEN_BYTES 8
381#define OPTION_LEN_INT16 4
382#define OPTION_LEN_INT32 2
386 fprintf(stdout,
" ip cksum 1 = %x\n", (u_int)IpChecksum(pip));
387 fprintf(stdout,
"tcp cksum 1 = %x\n", (u_int)TcpChecksum(pip));
401 ptr = (u_char *) pip;
408 memcpy(&option[2], (u_char *)&pip->
ip_dst, 4);
410 tc = (
struct tcphdr *)ip_next(pip);
411 memcpy(&option[6], (u_char *)&tc->th_sport, 2);
413 memcpy(ptr, option, 8);
422 sptr = (u_short *) option;
425 accumulate -= *(sptr++);
427 sptr = (u_short *) pip;
432 accumulate += pip->
ip_len;
434 accumulate -= pip->
ip_len;
438#undef OPTION_LEN_BYTES
439#undef OPTION_LEN_INT16
440#undef OPTION_LEN_INT32
442 fprintf(stdout,
" ip cksum 2 = %x\n", (u_int)IpChecksum(pip));
443 fprintf(stdout,
"tcp cksum 2 = %x\n", (u_int)TcpChecksum(pip));
458 u_short * proxy_server_port,
struct in_addr src_addr,
459 struct in_addr dst_addr, u_short dst_port, u_char
ip_p)
466 while (ptr != NULL) {
473 struct in_addr src_addr_masked;
474 struct in_addr dst_addr_masked;
482 *proxy_server_port = dst_port;
502 switch (proxy_type) {
547 char str_port[
sizeof(buffer)];
548 char str_server_port[
sizeof(buffer)];
557 struct in_addr src_addr, src_mask;
558 struct in_addr dst_addr, dst_mask;
565 cmd += strspn(cmd,
" \t");
566 cmd_len = strlen(cmd);
567 if (cmd_len > (
int)(
sizeof(buffer) - 1)) {
574 len = strlen(buffer);
575 for (i = 0; i < len; i++)
576 buffer[i] = tolower((
unsigned char)buffer[i]);
593 str_server_port[0] = 0;
596#define STATE_READ_KEYWORD 0
597#define STATE_READ_TYPE 1
598#define STATE_READ_PORT 2
599#define STATE_READ_SERVER 3
600#define STATE_READ_RULE 4
601#define STATE_READ_DELETE 5
602#define STATE_READ_PROTO 6
603#define STATE_READ_SRC 7
604#define STATE_READ_DST 8
606 token = strsep(&res,
" \t");
608 while (token != NULL) {
612 if (strcmp(token,
"type") == 0)
614 else if (strcmp(token,
"port") == 0)
616 else if (strcmp(token,
"server") == 0)
618 else if (strcmp(token,
"rule") == 0)
620 else if (strcmp(token,
"delete") == 0)
622 else if (strcmp(token,
"proto") == 0)
624 else if (strcmp(token,
"src") == 0)
626 else if (strcmp(token,
"dst") == 0)
635 if (strcmp(token,
"encode_ip_hdr") == 0)
637 else if (strcmp(token,
"encode_tcp_stream") == 0)
639 else if (strcmp(token,
"no_encode") == 0)
649 strcpy(str_port, token);
656 char s[
sizeof(buffer)];
659 while (*p !=
':' && *p != 0)
671 n = sscanf(token,
"%s %s", s, str_server_port);
700 if (token_count != 2) {
705 n = sscanf(token,
"%d", &rule_to_delete);
719 if (strcmp(token,
"tcp") == 0)
721 else if (strcmp(token,
"udp") == 0)
738 while (*p !=
'/' && *p != 0)
743 err =
IpAddr(token, &addr);
750 char s[
sizeof(buffer)];
753 n = sscanf(token,
"%s %d", s, &nbits);
765 err =
IpMask(nbits, &mask);
791 token = strsep(&res,
" \t");
792 }
while (token != NULL && !*token);
794#undef STATE_READ_KEYWORD
795#undef STATE_READ_TYPE
796#undef STATE_READ_PORT
797#undef STATE_READ_SERVER
798#undef STATE_READ_RULE
799#undef STATE_READ_DELETE
800#undef STATE_READ_PROTO
809 if (strlen(str_port) != 0) {
812 err =
IpPort(str_port, proto, &proxy_port);
821 if (strlen(str_server_port) != 0) {
824 err =
IpPort(str_server_port, proto, &server_port);
834 if (server_addr.
s_addr == 0) {
int GetAckModified(struct alias_link *lnk)
u_short GetProxyPort(struct alias_link *lnk)
struct in_addr GetProxyAddress(struct alias_link *lnk)
void SetAckModified(struct alias_link *lnk)
void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len, u_long th_seq, u_int th_off)
int GetDeltaSeqOut(u_long seq, struct alias_link *lnk)
#define LIBALIAS_LOCK_ASSERT(l)
#define INET_NTOA_BUF(buf)
#define ADJUST_CHECKSUM(acc, cksum)
#define LIBALIAS_UNLOCK(l)
#define PROXY_TYPE_ENCODE_NONE
#define PROXY_TYPE_ENCODE_TCPSTREAM
static void RuleAdd(struct libalias *la, struct proxy_entry *)
#define PROXY_TYPE_ENCODE_IPHDR
static int IpPort(char *, int, int *)
#define STATE_READ_DELETE
#define STATE_READ_KEYWORD
static void ProxyEncodeIpHeader(struct ip *, int)
static int IpMask(int, struct in_addr *)
void ProxyModify(struct libalias *la, struct alias_link *lnk, struct ip *pip, int maxpacketsize, int proxy_type)
int ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr, u_short *proxy_server_port, struct in_addr src_addr, struct in_addr dst_addr, u_short dst_port, u_char ip_p)
static int RuleNumberDelete(struct libalias *la, int)
static void RuleDelete(struct proxy_entry *)
int LibAliasProxyRule(struct libalias *la, const char *cmd)
static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int)
static int IpAddr(char *, struct in_addr *)
#define STATE_READ_SERVER
char * inet_ntoa_r(struct in_addr ina, char *buf)
int inet_aton(const char *, struct in_addr *)
struct in_addr ip_src ip_dst
struct proxy_entry * proxyList
struct proxy_entry * last
struct in_addr server_addr
struct proxy_entry * next