in_addr_t anubis_random_ip_address(const char *expression) { //get param anubis_srand(); char *buffer = anubis_parse_param("random_ip_address", expression); if(!buffer) return 0; in_addr_t addr; if(strlen(buffer) == 0) { do { addr = (in_addr_t)random(); }//end do while(addr == INADDR_ANY || addr == INADDR_BROADCAST || IN_MULTICAST(addr) || IN_PRIVATE(addr) || IN_EXPERIMENTAL(addr) || IN_LOOPBACK(addr) || IN_ZERONET(addr) || IN_LOCAL_GROUP(addr)); return addr; }//end if else { anubis_err("random_ip_address(): \"%s\" unknown parameter\n", buffer); return 0; }//end if }//end anubis_random_ip_address
/** * Check if ip-source is a (directed) broadcast address. * Some hacker may try to create a broadcast storm. * Also check for null source address (0.0.0.0). * Broadcast destination is already filtered out by icmp_handler(). */ static BOOL icmp_check (const in_Header *ip, int type) { DWORD src, dst; BOOL bcast; src = intel (ip->source); dst = intel (ip->destination); bcast = (~src & ~sin_mask) == 0; if (bcast) { icmp_bogus (ip, type, _LANG(" (broadcast)")); return (FALSE); } if (ip->source == 0UL) { icmp_bogus (ip, type, _LANG(" (network)")); return (FALSE); } if (IN_MULTICAST(dst)) { icmp_bogus (ip, type, _LANG(" (multicast)")); return (FALSE); } if (IN_EXPERIMENTAL(dst)) { icmp_bogus (ip, type, _LANG(" (experimental)")); return (FALSE); } return (TRUE); }
static int icmp_reflect(struct nm_if *nmif, char *inbuf, int inlen) { int hlen; struct icmp *icmp; struct ip *ip; struct in_addr t; struct inet_addr *broadaddr, *src; ip = (struct ip *)inbuf; if (IN_MULTICAST(ntohl(ip->ip_src.s_addr)) || IN_EXPERIMENTAL(ntohl(ip->ip_src.s_addr)) || IN_ZERONET(ntohl(ip->ip_src.s_addr)) ) { pktcnt.icmp_badaddr++; return (0); } t = ip->ip_dst; ip->ip_dst = ip->ip_src; /* * If the incoming packet was addressed directly to one of our * own addresses, use dst as the src for the reply. */ if (inet_our_addr(&t) != NULL) ip->ip_src = t; else if ((broadaddr = inet_our_broadcast(&t)) != NULL) { /* * If the incoming packet was addressed to one of our broadcast * addresses, use the non-broadcast address. */ ip->ip_src = broadaddr->addr.sin_addr; } else { /* * Use the address from the interface where the ICMP packet * come in. */ src = inet_get_if_addr(nmif); if (src == NULL) return (-1); ip->ip_src = src->addr.sin_addr; } ip->ip_ttl = IPDEFTTL; hlen = ip->ip_hl << 2; icmp = (struct icmp *)(inbuf + hlen); icmp->icmp_cksum = 0; icmp->icmp_cksum = in_cksum(inbuf + hlen, inlen - hlen); return (ip_output(nmif, inbuf, inlen)); }
/* * Return 1 if the address is believed * for an Internet host -- THIS IS A KLUDGE. */ int inet_checkhost(struct sockaddr *sa) { struct sockaddr_in *sin=(struct sockaddr_in *)sa; u_long i = ntohl(sin->sin_addr.s_addr); if (IN_EXPERIMENTAL(i) || sin->sin_port != 0) return (0); if (i != 0 && (i & 0xff000000) == 0) return (0); for (i = 0; i < sizeof(sin->sin_zero)/sizeof(sin->sin_zero[0]); i++) if (sin->sin_zero[i]) return (0); return (1); }
static uint32_t RIP_is_valid_rte( RIP_ENTRY_PTR rte ) { /* Body */ uint32_t metric = mqx_ntohl(rte->METRIC); _ip_address netaddr = mqx_ntohl(rte->NETADDR); if (mqx_ntohs(rte->FAMILY) != RIP_AF_INET) return 0; if (metric > RIP_MAX_METRIC || metric < RIP_MIN_METRIC) return 0; if (IN_MULTICAST(netaddr) || IN_EXPERIMENTAL(netaddr)) return 0; if (IN_LOOPBACK(netaddr)) return 0; { _ip_address nexthop = mqx_ntohl(rte->NEXTHOP); if (nexthop!= 0) { if (IP_is_local(NULL, nexthop)) { return 0; } } } return 1; } /* Endbody */
/* Get the IP address from interface */ static RC_TYPE do_ip_check_interface(DYN_DNS_CLIENT *p_self) { struct ifreq ifr; in_addr_t new_ip; char *new_ip_str; int i; if (p_self == NULL) { return RC_INVALID_POINTER; } if (p_self->check_interface) { logit(LOG_INFO, MODULE_TAG "Checking for IP# change, querying interface %s", p_self->check_interface); int sd = socket(PF_INET, SOCK_DGRAM, 0); if (sd < 0) { int code = os_get_socket_error(); logit(LOG_WARNING, MODULE_TAG "Failed opening network socket: %s", strerror(code)); return RC_IP_OS_SOCKET_INIT_FAILED; } memset(&ifr, 0, sizeof(struct ifreq)); ifr.ifr_addr.sa_family = AF_INET; snprintf(ifr.ifr_name, IFNAMSIZ, p_self->check_interface); if (ioctl(sd, SIOCGIFADDR, &ifr) != -1) { new_ip = ntohl(((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr); new_ip_str = inet_ntoa(((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr); } else { int code = os_get_socket_error(); logit(LOG_ERR, MODULE_TAG "Failed reading IP address of interface %s: %s", p_self->check_interface, strerror(code)); return RC_ERROR; } close(sd); } else { return RC_ERROR; } if (IN_ZERONET(new_ip) || IN_LOOPBACK(new_ip) || IN_LINKLOCAL(new_ip) || IN_MULTICAST(new_ip) || IN_EXPERIMENTAL(new_ip)) { logit(LOG_WARNING, MODULE_TAG "Interface %s has invalid IP# %s", p_self->check_interface, new_ip_str); return RC_ERROR; } int anychange = 0; for (i = 0; i < p_self->info_count; i++) { DYNDNS_INFO_TYPE *info = &p_self->info[i]; info->my_ip_has_changed = strcmp(info->my_ip_address.name, new_ip_str) != 0; if (info->my_ip_has_changed) { anychange++; strcpy(info->my_ip_address.name, new_ip_str); } } if (!anychange) { logit(LOG_INFO, MODULE_TAG "No IP# change detected, still at %s", new_ip_str); } return RC_OK; }