int
upnp_redirect_internal(unsigned short eport,
const char * iaddr, unsigned short iport,
int proto, const char * desc)
{
/*syslog(LOG_INFO, "redirecting port %hu to %s:%hu protocol %s for: %s",
eport, iaddr, iport, protocol, desc); */
if(add_redirect_rule2(ext_if_name, eport, iaddr, iport, proto, desc) < 0)
{
return -1;
}
#ifdef ENABLE_LEASEFILE
lease_file_add( eport, iaddr, iport, proto, desc);
#endif
/* syslog(LOG_INFO, "creating pass rule to %s:%hu protocol %s for: %s",
iaddr, iport, protocol, desc);*/
if(add_filter_rule2(ext_if_name, iaddr, eport, iport, proto, desc) < 0)
{
/* clean up the redirect rule */
#if !defined(__linux__)
delete_redirect_rule(ext_if_name, eport, proto);
#endif
return -1;
}
#ifdef ENABLE_EVENTS
upnp_event_var_change_notify(EWanIPC);
#endif
return 0;
}
/* update the port mapping decription and timestamp */
int
update_portmapping_desc_timestamp(const char * ifname,
unsigned short eport, int proto,
const char * desc, unsigned int timestamp)
{
unsigned short iport;
in_addr_t iaddr;
char iaddr_str[16];
char rhost[32];
int r;
r = priv_delete_redirect_rule_check_desc(ifname, eport, proto, &iport, &iaddr, rhost, sizeof(rhost), 1, desc);
if(r < 0)
return -1;
if(r == 1) {
/* only change timestamp */
remove_timestamp_entry(eport, proto);
add_timestamp_entry(eport, proto, timestamp);
return 0;
}
if (priv_delete_filter_rule(ifname, iport, proto, iaddr) < 0)
return -1;
inet_ntop(AF_INET, &iaddr, iaddr_str, sizeof(iaddr_str));
if(add_redirect_rule2(ifname, rhost, eport, iaddr_str, iport, proto,
desc, timestamp) < 0)
return -1;
if(add_filter_rule2(ifname, rhost, iaddr_str, eport, iport, proto, desc) < 0)
return -1;
return 0;
}
/* update the port mapping internal port, decription and timestamp */
int
update_portmapping(const char * ifname, unsigned short eport, int proto,
unsigned short iport, const char * desc,
unsigned int timestamp)
{
unsigned short old_iport;
in_addr_t iaddr;
char iaddr_str[16];
char rhost[32];
if(priv_delete_redirect_rule(ifname, eport, proto, &old_iport, &iaddr, rhost, sizeof(rhost)) < 0)
return -1;
if (priv_delete_filter_rule(ifname, old_iport, proto, iaddr) < 0)
return -1;
inet_ntop(AF_INET, &iaddr, iaddr_str, sizeof(iaddr_str));
if(add_redirect_rule2(ifname, rhost, eport, iaddr_str, iport, proto,
desc, timestamp) < 0)
return -1;
if(add_filter_rule2(ifname, rhost, iaddr_str, eport, iport, proto, desc) < 0)
return -1;
return 0;
}
int
upnp_redirect_internal(const char * rhost, unsigned short eport,
const char * iaddr, unsigned short iport,
int proto, const char * desc,
unsigned int timestamp)
{
/*syslog(LOG_INFO, "redirecting port %hu to %s:%hu protocol %s for: %s",
eport, iaddr, iport, protocol, desc); */
if(add_redirect_rule2(ext_if_name, rhost, eport, iaddr, iport, proto,
desc, timestamp) < 0) {
return -1;
}
#ifdef ENABLE_LEASEFILE
lease_file_add( eport, iaddr, iport, proto, desc, timestamp);
#endif
/* syslog(LOG_INFO, "creating pass rule to %s:%hu protocol %s for: %s",
iaddr, iport, protocol, desc);*/
if(add_filter_rule2(ext_if_name, rhost, iaddr, eport, iport, proto, desc) < 0) {
/* clean up the redirect rule */
#if !defined(__linux__)
delete_redirect_rule(ext_if_name, eport, proto);
#endif
return -1;
}
if(timestamp > 0) {
if(!nextruletoclean_timestamp || (timestamp < nextruletoclean_timestamp))
nextruletoclean_timestamp = timestamp;
}
#ifdef ENABLE_EVENTS
/* the number of port mappings changed, we must
* inform the subscribers */
upnp_event_var_change_notify(EWanIPC);
#endif
return 0;
}
/* upnp_redirect()
* calls OS/fw dependant implementation of the redirection.
* protocol should be the string "TCP" or "UDP"
* returns: 0 on success
* -1 failed to redirect
* -2 already redirected
* -3 permission check failed
*/
int
upnp_redirect(unsigned short eport,
const char * iaddr, unsigned short iport,
const char * protocol, const char * desc)
{
int proto, r;
char iaddr_old[32];
unsigned short iport_old;
struct in_addr address;
proto = proto_atoi(protocol);
if(inet_aton(iaddr, &address) < 0)
{
syslog(LOG_ERR, "inet_aton(%s) : %m", iaddr);
return -1;
}
if(!check_upnp_rule_against_permissions(upnppermlist, num_upnpperm,
eport, address, iport))
{
syslog(LOG_INFO, "redirection permission check failed for "
"%hu->%s:%hu %s", eport, iaddr, iport, protocol);
return -3;
}
r = get_redirect_rule(ext_if_name, eport, proto,
iaddr_old, sizeof(iaddr_old), &iport_old, 0, 0, 0, 0);
if(r == 0)
{
/* if existing redirect rule matches redirect request return success
* xbox 360 does not keep track of the port it redirects and will
* redirect another port when receiving ConflictInMappingEntry */
if(strcmp(iaddr,iaddr_old)==0 && iport==iport_old)
{
syslog(LOG_INFO, "ignoring redirect request as it matches existing redirect");
}
else
{
syslog(LOG_INFO, "port %hu protocol %s already redirected to %s:%hu",
eport, protocol, iaddr_old, iport_old);
return -2;
}
}
else
{
syslog(LOG_INFO, "redirecting port %hu to %s:%hu protocol %s for: %s",
eport, iaddr, iport, protocol, desc);
return upnp_redirect_internal(eport, iaddr, iport, proto, desc);
#if 0
if(add_redirect_rule2(ext_if_name, eport, iaddr, iport, proto, desc) < 0)
{
return -1;
}
syslog(LOG_INFO, "creating pass rule to %s:%hu protocol %s for: %s",
iaddr, iport, protocol, desc);
if(add_filter_rule2(ext_if_name, iaddr, eport, iport, proto, desc) < 0)
{
/* clean up the redirect rule */
#if !defined(__linux__)
delete_redirect_rule(ext_if_name, eport, proto);
#endif
return -1;
}
#endif
}
return 0;
}
