/*
* Entry point
* ret value:
* <0 err
* ==0 ok
* >0 ok, copy to user
*/
static int ip_masq_user_ctl(int optname, struct ip_masq_ctl *mctl, int optlen)
{
struct ip_masq_user *ums = &mctl->u.user;
int ret = EINVAL;
int arglen = optlen - IP_MASQ_CTL_BSIZE;
int cmd;
IP_MASQ_DEBUG(1-debug, "ip_masq_user_ctl(len=%d/%d|%d/%d)\n",
arglen,
sizeof (*ums),
optlen,
sizeof (*mctl));
/*
* Yes, I'm a bad guy ...
*/
if (arglen != sizeof(*ums) && optlen != sizeof(*mctl))
return EINVAL;
MOD_INC_USE_COUNT;
/*
* Don't trust the lusers - plenty of error checking!
*/
cmd = mctl->m_cmd;
IP_MASQ_DEBUG(1-debug, "ip_masq_user_ctl(cmd=%d)\n", cmd);
switch (mctl->m_cmd) {
case IP_MASQ_CMD_ADD:
case IP_MASQ_CMD_INSERT:
ret = ip_masq_user_new(ums);
break;
case IP_MASQ_CMD_DEL:
ret = ip_masq_user_del(ums);
break;
case IP_MASQ_CMD_SET:
ret = ip_masq_user_set(ums);
break;
case IP_MASQ_CMD_GET:
ret = ip_masq_user_get(ums);
break;
}
/*
* For all of the above, return masq tunnel info
*/
ret = -ret;
if (ret == 0) {
ret = sizeof (*ums) + IP_MASQ_CTL_BSIZE;
IP_MASQ_DEBUG(1-debug, "will return %d bytes to user\n", ret);
}
MOD_DEC_USE_COUNT;
return ret;
}
static int ip_masq_user_maddr(struct ip_masq_user *ums)
{
struct device *dev;
struct rtable *rt;
int ret = -EINVAL;
u32 rt_daddr, rt_saddr;
u32 tos;
/*
* Did specify masq address.
*/
if (ums->maddr)
return 0;
/*
* Select address to use for routing query
*/
rt_daddr = ums->rt_daddr? ums->rt_daddr : ums->daddr;
rt_saddr = ums->rt_saddr? ums->rt_saddr : ums->saddr;
/*
* No address for routing, cannot continue
*/
if (rt_daddr == 0) {
IP_MASQ_DEBUG(1-debug, "cannot setup maddr with daddr=%lX, rt_addr=%lX\n",
ntohl(ums->daddr), ntohl(ums->rt_daddr));
return -EINVAL;
}
/*
* Find out rt device
*/
rt_saddr = 0;
tos = RT_TOS(ums->ip_tos) | RTO_CONN;
if ((ret=ip_route_output(&rt, rt_daddr, rt_saddr, tos, 0 /* dev */))) {
IP_MASQ_DEBUG(0-debug, "could not setup maddr for routing daddr=%lX, saddr=%lX\n",
ntohl(rt_daddr), ntohl(rt_saddr));
return ret;
}
dev = rt->u.dst.dev;
ums->maddr = ip_masq_select_addr(dev, rt->rt_gateway, RT_SCOPE_UNIVERSE);
IP_MASQ_DEBUG(1-debug, "did setup maddr=%lX\n", ntohl(ums->maddr));
ip_rt_put(rt);
return 0;
}
/*
* Module control entry
*/
int ip_masq_mod_ctl(int optname, struct ip_masq_ctl *mctl, int optlen)
{
struct ip_masq_mod * mmod;
#ifdef CONFIG_KMOD
char kmod_name[IP_MASQ_TNAME_MAX+8];
#endif
/* tappo */
mctl->m_tname[IP_MASQ_TNAME_MAX-1] = 0;
mmod = ip_masq_mod_getbyname(mctl->m_tname);
if (mmod)
return mmod->mmod_ctl(optname, mctl, optlen);
#ifdef CONFIG_KMOD
sprintf(kmod_name,"ip_masq_%s", mctl->m_tname);
IP_MASQ_DEBUG(1, "About to request \"%s\" module\n", kmod_name);
/*
* Let sleep for a while ...
*/
request_module(kmod_name);
mmod = ip_masq_mod_getbyname(mctl->m_tname);
if (mmod)
return mmod->mmod_ctl(optname, mctl, optlen);
#endif
return ESRCH;
}
__initfunc(int ip_masq_irc_init(void))
{
int i, j;
for (i=0; (i<MAX_MASQ_APP_PORTS); i++) {
if (ports[i]) {
if ((masq_incarnations[i] = kmalloc(sizeof(struct ip_masq_app),
GFP_KERNEL)) == NULL)
return -ENOMEM;
memcpy(masq_incarnations[i], &ip_masq_irc, sizeof(struct ip_masq_app));
if ((j = register_ip_masq_app(masq_incarnations[i],
IPPROTO_TCP,
ports[i]))) {
return j;
}
IP_MASQ_DEBUG(1-debug,
"Irc: loaded support on port[%d] = %d\n",
i, ports[i]);
} else {
/* To be safe, force the incarnation table entry to NULL */
masq_incarnations[i] = NULL;
}
}
return 0;
}
struct ip_masq_mod * ip_masq_mod_getbyname(const char *mmod_name)
{
struct ip_masq_mod * mmod;
IP_MASQ_DEBUG(1, "searching mmod_name \"%s\"\n", mmod_name);
for (mmod=ip_masq_mod_reg_base; mmod ; mmod=mmod->next_reg) {
if (mmod->mmod_ctl && *(mmod_name)
&& (strcmp(mmod_name, mmod->mmod_name)==0)) {
/* HIT */
return mmod;
}
}
return NULL;
}
int ip_masq_ftp_done(void)
{
int i, j, k;
k=0;
for (i=0; (i<MAX_MASQ_APP_PORTS); i++) {
if (masq_incarnations[i]) {
if ((j = unregister_ip_masq_app(masq_incarnations[i]))) {
k = j;
} else {
kfree(masq_incarnations[i]);
masq_incarnations[i] = NULL;
IP_MASQ_DEBUG(1-debug, "Ftp: unloaded support on port[%d] = %d\n",
i, ports[i]);
}
}
}
return k;
}
static int ip_masq_user_info(char *buffer, char **start, off_t offset,
int length, int proto)
{
off_t pos=0, begin;
struct ip_masq *ms;
char temp[129];
int idx = 0;
int len=0;
int magic_control;
MOD_INC_USE_COUNT;
IP_MASQ_DEBUG(1-debug, "Entered user_info with proto=%d\n", proto);
if (offset < 128)
{
sprintf(temp,
"Prot SrcIP SPrt DstIP DPrt MAddr MPrt State Flgs Ref Ctl Expires (free=%d,%d,%d)",
atomic_read(ip_masq_free_ports),
atomic_read(ip_masq_free_ports+1),
atomic_read(ip_masq_free_ports+2));
len = sprintf(buffer, "%-127s\n", temp);
}
pos = 128;
for(idx = 0; idx < IP_MASQ_TAB_SIZE; idx++)
{
/*
* Lock is actually only need in next loop
* we are called from uspace: must stop bh.
*/
read_lock_bh(&__ip_masq_lock);
for(ms = ip_masq_m_tab[idx]; ms ; ms = ms->m_link)
{
if (ms->protocol != proto) {
continue;
}
pos += 128;
if (pos <= offset) {
len = 0;
continue;
}
/*
* We have locked the tables, no need to del/add timers
* nor cli() 8)
*/
magic_control = atomic_read(&ms->n_control);
if (!magic_control && ms->control) magic_control = -1;
sprintf(temp,"%-4s %08lX:%04X %08lX:%04X %08lX:%04X %-12s %3X %4d %3d %7lu",
masq_proto_name(ms->protocol),
ntohl(ms->saddr), ntohs(ms->sport),
ntohl(ms->daddr), ntohs(ms->dport),
ntohl(ms->maddr), ntohs(ms->mport),
ip_masq_state_name(ms->state),
ms->flags,
atomic_read(&ms->refcnt),
magic_control,
(ms->timer.expires-jiffies)/HZ);
len += sprintf(buffer+len, "%-127s\n", temp);
if(len >= length) {
read_unlock_bh(&__ip_masq_lock);
goto done;
}
}
read_unlock_bh(&__ip_masq_lock);
}
done:
if (len) {
begin = len - (pos - offset);
*start = buffer + begin;
len -= begin;
}
if(len>length)
len = length;
MOD_DEC_USE_COUNT;
return len;
}
int
masq_ftp_out (struct ip_masq_app *mapp, struct ip_masq *ms, struct sk_buff **skb_p, __u32 maddr)
{
struct sk_buff *skb;
struct iphdr *iph;
struct tcphdr *th;
char *p, *data, *data_limit;
unsigned char p1,p2,p3,p4,p5,p6;
__u32 from;
__u16 port;
struct ip_masq *n_ms;
char buf[24]; /* xxx.xxx.xxx.xxx,ppp,ppp\000 */
unsigned buf_len;
int diff;
skb = *skb_p;
iph = skb->nh.iph;
th = (struct tcphdr *)&(((char *)iph)[iph->ihl*4]);
data = (char *)&th[1];
data_limit = skb->h.raw + skb->len - 18;
if (skb->len >= 6 && (memcmp(data, "PASV\r\n", 6) == 0 || memcmp(data, "pasv\r\n", 6) == 0))
ms->app_data = &masq_ftp_pasv;
while (data < data_limit)
{
if (memcmp(data,"PORT ",5) && memcmp(data,"port ",5))
{
data ++;
continue;
}
p = data+5;
p1 = simple_strtoul(data+5,&data,10);
if (*data!=',')
continue;
p2 = simple_strtoul(data+1,&data,10);
if (*data!=',')
continue;
p3 = simple_strtoul(data+1,&data,10);
if (*data!=',')
continue;
p4 = simple_strtoul(data+1,&data,10);
if (*data!=',')
continue;
p5 = simple_strtoul(data+1,&data,10);
if (*data!=',')
continue;
p6 = simple_strtoul(data+1,&data,10);
if (*data!='\r' && *data!='\n')
continue;
from = (p1<<24) | (p2<<16) | (p3<<8) | p4;
port = (p5<<8) | p6;
IP_MASQ_DEBUG(1-debug, "PORT %X:%X detected\n",from,port);
/*
* Now update or create an masquerade entry for it
*/
IP_MASQ_DEBUG(1-debug, "protocol %d %lX:%X %X:%X\n", iph->protocol, htonl(from), htons(port), iph->daddr, 0);
n_ms = ip_masq_out_get(iph->protocol,
htonl(from), htons(port),
iph->daddr, 0);
if (!n_ms) {
n_ms = ip_masq_new(IPPROTO_TCP,
maddr, 0,
htonl(from), htons(port),
iph->daddr, 0,
IP_MASQ_F_NO_DPORT);
if (n_ms==NULL)
return 0;
ip_masq_control_add(n_ms, ms);
}
/*
* Replace the old PORT with the new one
*/
from = ntohl(n_ms->maddr);
port = ntohs(n_ms->mport);
sprintf(buf,"%d,%d,%d,%d,%d,%d",
from>>24&255,from>>16&255,from>>8&255,from&255,
port>>8&255,port&255);
buf_len = strlen(buf);
IP_MASQ_DEBUG(1-debug, "new PORT %X:%X\n",from,port);
/*
* Calculate required delta-offset to keep TCP happy
*/
diff = buf_len - (data-p);
/*
* No shift.
*/
if (diff==0) {
/*
* simple case, just replace the old PORT cmd
*/
memcpy(p,buf,buf_len);
} else {
*skb_p = ip_masq_skb_replace(skb, GFP_ATOMIC, p, data-p, buf, buf_len);
}
/*
* Move tunnel to listen state
*/
ip_masq_listen(n_ms);
ip_masq_put(n_ms);
return diff;
}
return 0;
}
int
masq_ftp_in (struct ip_masq_app *mapp, struct ip_masq *ms, struct sk_buff **skb_p, __u32 maddr)
{
struct sk_buff *skb;
struct iphdr *iph;
struct tcphdr *th;
char *data, *data_limit;
unsigned char p1,p2,p3,p4,p5,p6;
__u32 to;
__u16 port;
struct ip_masq *n_ms;
if (ms->app_data != &masq_ftp_pasv)
return 0; /* quick exit if no outstanding PASV */
skb = *skb_p;
iph = skb->nh.iph;
th = (struct tcphdr *)&(((char *)iph)[iph->ihl*4]);
data = (char *)&th[1];
data_limit = skb->h.raw + skb->len;
while (data < data_limit && *data != ' ')
++data;
while (data < data_limit && *data == ' ')
++data;
data += 22;
if (data >= data_limit || *data != '(')
return 0;
p1 = simple_strtoul(data+1, &data, 10);
if (data >= data_limit || *data != ',')
return 0;
p2 = simple_strtoul(data+1, &data, 10);
if (data >= data_limit || *data != ',')
return 0;
p3 = simple_strtoul(data+1, &data, 10);
if (data >= data_limit || *data != ',')
return 0;
p4 = simple_strtoul(data+1, &data, 10);
if (data >= data_limit || *data != ',')
return 0;
p5 = simple_strtoul(data+1, &data, 10);
if (data >= data_limit || *data != ',')
return 0;
p6 = simple_strtoul(data+1, &data, 10);
if (data >= data_limit || *data != ')')
return 0;
to = (p1<<24) | (p2<<16) | (p3<<8) | p4;
port = (p5<<8) | p6;
/*
* Now update or create an masquerade entry for it
*/
IP_MASQ_DEBUG(1-debug, "PASV response %lX:%X %X:%X detected\n", ntohl(ms->saddr), 0, to, port);
n_ms = ip_masq_out_get(iph->protocol,
ms->saddr, 0,
htonl(to), htons(port));
if (!n_ms) {
n_ms = ip_masq_new(IPPROTO_TCP,
maddr, 0,
ms->saddr, 0,
htonl(to), htons(port),
IP_MASQ_F_NO_SPORT);
if (n_ms==NULL)
return 0;
ip_masq_control_add(n_ms, ms);
}
#if 0 /* v0.12 state processing */
/*
* keep for a bit longer than tcp_fin, client may not issue open
* to server port before tcp_fin_timeout.
*/
n_ms->timeout = ip_masq_expire->tcp_fin_timeout*3;
#endif
ms->app_data = NULL;
ip_masq_put(n_ms);
return 0; /* no diff required for incoming packets, thank goodness */
}
int
masq_irc_out (struct ip_masq_app *mapp, struct ip_masq *ms, struct sk_buff **skb_p, __u32 maddr)
{
struct sk_buff *skb;
struct iphdr *iph;
struct tcphdr *th;
char *data, *data_limit;
__u32 s_addr;
__u16 s_port;
struct ip_masq *n_ms;
char buf[20]; /* "m_addr m_port" (dec base)*/
unsigned buf_len;
int diff;
char *dcc_p, *addr_beg_p, *addr_end_p;
skb = *skb_p;
iph = skb->nh.iph;
th = (struct tcphdr *)&(((char *)iph)[iph->ihl*4]);
data = (char *)&th[1];
/*
* Hunt irc DCC string, the _shortest_:
*
* strlen("\1DCC CHAT chat AAAAAAAA P\1\n")=27
* strlen("\1DCC SCHAT chat AAAAAAAA P\1\n")=28
* strlen("\1DCC SEND F AAAAAAAA P S\1\n")=26
* strlen("\1DCC MOVE F AAAAAAAA P S\1\n")=26
* strlen("\1DCC TSEND F AAAAAAAA P S\1\n")=27
* AAAAAAAAA: bound addr (1.0.0.0==16777216, min 8 digits)
* P: bound port (min 1 d )
* F: filename (min 1 d )
* S: size (min 1 d )
* 0x01, \n: terminators
*/
data_limit = skb->h.raw + skb->len;
while (data < (data_limit - ( 22 + MAXMATCHLEN ) ) )
{
int i;
if (memcmp(data,"\1DCC ",5)) {
data ++;
continue;
}
dcc_p = data;
data += 5; /* point to DCC cmd */
for(i=0; i<NUM_DCCPROTO; i++)
{
/*
* go through the table and hunt a match string
*/
if( memcmp(data, dccprotos[i].match, dccprotos[i].matchlen ) == 0 )
{
data += dccprotos[i].matchlen;
/*
* skip next string.
*/
while( *data++ != ' ')
/*
* must still parse, at least, "AAAAAAAA P\1\n",
* 12 bytes left.
*/
if (data > (data_limit-12)) return 0;
addr_beg_p = data;
/*
* client bound address in dec base
*/
s_addr = simple_strtoul(data,&data,10);
if (*data++ !=' ')
continue;
/*
* client bound port in dec base
*/
s_port = simple_strtoul(data,&data,10);
addr_end_p = data;
/*
* Now create an masquerade entry for it
* must set NO_DPORT and NO_DADDR because
* connection is requested by another client.
*/
n_ms = ip_masq_new(IPPROTO_TCP,
maddr, 0,
htonl(s_addr),htons(s_port),
0, 0,
IP_MASQ_F_NO_DPORT|IP_MASQ_F_NO_DADDR);
if (n_ms==NULL)
return 0;
/*
* Replace the old "address port" with the new one
*/
buf_len = sprintf(buf,"%lu %u",
ntohl(n_ms->maddr),ntohs(n_ms->mport));
/*
* Calculate required delta-offset to keep TCP happy
*/
diff = buf_len - (addr_end_p-addr_beg_p);
*addr_beg_p = '\0';
IP_MASQ_DEBUG(1-debug, "masq_irc_out(): '%s' %X:%X detected (diff=%d)\n", dcc_p, s_addr,s_port, diff);
/*
* No shift.
*/
if (diff==0) {
/*
* simple case, just copy.
*/
memcpy(addr_beg_p,buf,buf_len);
} else {
*skb_p = ip_masq_skb_replace(skb, GFP_ATOMIC,
addr_beg_p, addr_end_p-addr_beg_p,
buf, buf_len);
}
ip_masq_listen(n_ms);
ip_masq_put(n_ms);
return diff;
}
}
}
return 0;
}
