int upnp_redirect_internal(unsigned short eport, const char * iaddr, unsigned short iport, int proto, const char * desc) { /*syslog(LOG_INFO, "redirecting port %hu to %s:%hu protocol %s for: %s", eport, iaddr, iport, protocol, desc); */ if(add_redirect_rule2(ext_if_name, eport, iaddr, iport, proto, desc) < 0) { return -1; } #ifdef ENABLE_LEASEFILE lease_file_add( eport, iaddr, iport, proto, desc); #endif /* syslog(LOG_INFO, "creating pass rule to %s:%hu protocol %s for: %s", iaddr, iport, protocol, desc);*/ if(add_filter_rule2(ext_if_name, iaddr, eport, iport, proto, desc) < 0) { /* clean up the redirect rule */ #if !defined(__linux__) delete_redirect_rule(ext_if_name, eport, proto); #endif return -1; } #ifdef ENABLE_EVENTS upnp_event_var_change_notify(EWanIPC); #endif return 0; }
/* update the port mapping decription and timestamp */ int update_portmapping_desc_timestamp(const char * ifname, unsigned short eport, int proto, const char * desc, unsigned int timestamp) { unsigned short iport; in_addr_t iaddr; char iaddr_str[16]; char rhost[32]; int r; r = priv_delete_redirect_rule_check_desc(ifname, eport, proto, &iport, &iaddr, rhost, sizeof(rhost), 1, desc); if(r < 0) return -1; if(r == 1) { /* only change timestamp */ remove_timestamp_entry(eport, proto); add_timestamp_entry(eport, proto, timestamp); return 0; } if (priv_delete_filter_rule(ifname, iport, proto, iaddr) < 0) return -1; inet_ntop(AF_INET, &iaddr, iaddr_str, sizeof(iaddr_str)); if(add_redirect_rule2(ifname, rhost, eport, iaddr_str, iport, proto, desc, timestamp) < 0) return -1; if(add_filter_rule2(ifname, rhost, iaddr_str, eport, iport, proto, desc) < 0) return -1; return 0; }
/* update the port mapping internal port, decription and timestamp */ int update_portmapping(const char * ifname, unsigned short eport, int proto, unsigned short iport, const char * desc, unsigned int timestamp) { unsigned short old_iport; in_addr_t iaddr; char iaddr_str[16]; char rhost[32]; if(priv_delete_redirect_rule(ifname, eport, proto, &old_iport, &iaddr, rhost, sizeof(rhost)) < 0) return -1; if (priv_delete_filter_rule(ifname, old_iport, proto, iaddr) < 0) return -1; inet_ntop(AF_INET, &iaddr, iaddr_str, sizeof(iaddr_str)); if(add_redirect_rule2(ifname, rhost, eport, iaddr_str, iport, proto, desc, timestamp) < 0) return -1; if(add_filter_rule2(ifname, rhost, iaddr_str, eport, iport, proto, desc) < 0) return -1; return 0; }
int upnp_redirect_internal(const char * rhost, unsigned short eport, const char * iaddr, unsigned short iport, int proto, const char * desc, unsigned int timestamp) { /*syslog(LOG_INFO, "redirecting port %hu to %s:%hu protocol %s for: %s", eport, iaddr, iport, protocol, desc); */ if(add_redirect_rule2(ext_if_name, rhost, eport, iaddr, iport, proto, desc, timestamp) < 0) { return -1; } #ifdef ENABLE_LEASEFILE lease_file_add( eport, iaddr, iport, proto, desc, timestamp); #endif /* syslog(LOG_INFO, "creating pass rule to %s:%hu protocol %s for: %s", iaddr, iport, protocol, desc);*/ if(add_filter_rule2(ext_if_name, rhost, iaddr, eport, iport, proto, desc) < 0) { /* clean up the redirect rule */ #if !defined(__linux__) delete_redirect_rule(ext_if_name, eport, proto); #endif return -1; } if(timestamp > 0) { if(!nextruletoclean_timestamp || (timestamp < nextruletoclean_timestamp)) nextruletoclean_timestamp = timestamp; } #ifdef ENABLE_EVENTS /* the number of port mappings changed, we must * inform the subscribers */ upnp_event_var_change_notify(EWanIPC); #endif return 0; }
/* upnp_redirect() * calls OS/fw dependant implementation of the redirection. * protocol should be the string "TCP" or "UDP" * returns: 0 on success * -1 failed to redirect * -2 already redirected * -3 permission check failed */ int upnp_redirect(unsigned short eport, const char * iaddr, unsigned short iport, const char * protocol, const char * desc) { int proto, r; char iaddr_old[32]; unsigned short iport_old; struct in_addr address; proto = proto_atoi(protocol); if(inet_aton(iaddr, &address) < 0) { syslog(LOG_ERR, "inet_aton(%s) : %m", iaddr); return -1; } if(!check_upnp_rule_against_permissions(upnppermlist, num_upnpperm, eport, address, iport)) { syslog(LOG_INFO, "redirection permission check failed for " "%hu->%s:%hu %s", eport, iaddr, iport, protocol); return -3; } r = get_redirect_rule(ext_if_name, eport, proto, iaddr_old, sizeof(iaddr_old), &iport_old, 0, 0, 0, 0); if(r == 0) { /* if existing redirect rule matches redirect request return success * xbox 360 does not keep track of the port it redirects and will * redirect another port when receiving ConflictInMappingEntry */ if(strcmp(iaddr,iaddr_old)==0 && iport==iport_old) { syslog(LOG_INFO, "ignoring redirect request as it matches existing redirect"); } else { syslog(LOG_INFO, "port %hu protocol %s already redirected to %s:%hu", eport, protocol, iaddr_old, iport_old); return -2; } } else { syslog(LOG_INFO, "redirecting port %hu to %s:%hu protocol %s for: %s", eport, iaddr, iport, protocol, desc); return upnp_redirect_internal(eport, iaddr, iport, proto, desc); #if 0 if(add_redirect_rule2(ext_if_name, eport, iaddr, iport, proto, desc) < 0) { return -1; } syslog(LOG_INFO, "creating pass rule to %s:%hu protocol %s for: %s", iaddr, iport, protocol, desc); if(add_filter_rule2(ext_if_name, iaddr, eport, iport, proto, desc) < 0) { /* clean up the redirect rule */ #if !defined(__linux__) delete_redirect_rule(ext_if_name, eport, proto); #endif return -1; } #endif } return 0; }