/* Add encapsulation header.
*
* The top IP header will be constructed per RFC 2401. The following fields
* in it shall be filled in by x->type->output:
* payload_len
*
* On exit, skb->h will be set to the start of the encapsulation header to be
* filled in by x->type->output and skb->nh will be set to the nextheader field
* of the extension header directly preceding the encapsulation header, or in
* its absence, that of the top IP header. The value of skb->data will always
* point to the top IP header.
*/
static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
{
struct dst_entry *dst = skb->dst;
struct ipv6hdr *iph, *top_iph;
int dsfield;
skb_push(skb, x->props.header_len);
iph = skb->nh.ipv6h;
skb->nh.raw = skb->data;
top_iph = skb->nh.ipv6h;
skb->nh.raw = &top_iph->nexthdr;
skb->h.ipv6h = top_iph + 1;
top_iph->version = 6;
top_iph->priority = iph->priority;
top_iph->flow_lbl[0] = iph->flow_lbl[0];
top_iph->flow_lbl[1] = iph->flow_lbl[1];
top_iph->flow_lbl[2] = iph->flow_lbl[2];
dsfield = ipv6_get_dsfield(top_iph);
dsfield = INET_ECN_encapsulate(dsfield, dsfield);
if (x->props.flags & XFRM_STATE_NOECN)
dsfield &= ~INET_ECN_MASK;
ipv6_change_dsfield(top_iph, 0, dsfield);
top_iph->nexthdr = IPPROTO_IPV6;
top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);
ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);
ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);
return 0;
}
static inline int ip_select_ttl(struct inet_sock *inet, struct dst_entry *dst)
{
int ttl = inet->uc_ttl;
if (ttl < 0)
ttl = dst_metric(dst, RTAX_HOPLIMIT);
return ttl;
}
static inline int ip_select_ttl(struct inet_sock *inet, struct dst_entry *dst)
{
int ttl = inet->uc_ttl;
if (ttl < 0) {
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,38))
ttl = ip4_dst_hoplimit(dst);
#else
ttl = dst_metric(dst, RTAX_HOPLIMIT);
#endif
}
return ttl;
}
/* Add encapsulation header.
*
* The top IP header will be constructed per RFC 2401. The following fields
* in it shall be filled in by x->type->output:
* tot_len
* check
*
* On exit, skb->h will be set to the start of the payload to be processed
* by x->type->output and skb->nh will be set to the top IP header.
*/
static int xfrm4_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
{
struct dst_entry *dst = skb->dst;
struct xfrm_dst *xdst = (struct xfrm_dst*)dst;
struct iphdr *iph, *top_iph;
int flags;
iph = skb->nh.iph;
skb->h.ipiph = iph;
skb->nh.raw = skb_push(skb, x->props.header_len);
top_iph = skb->nh.iph;
top_iph->ihl = 5;
top_iph->version = 4;
flags = x->props.flags;
/* DS disclosed */
if (xdst->route->ops->family == AF_INET) {
top_iph->protocol = IPPROTO_IPIP;
top_iph->tos = INET_ECN_encapsulate(iph->tos, iph->tos);
top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?
0 : (iph->frag_off & htons(IP_DF));
}
#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
else {
struct ipv6hdr *ipv6h = (struct ipv6hdr*)iph;
top_iph->protocol = IPPROTO_IPV6;
top_iph->tos = INET_ECN_encapsulate(iph->tos, ipv6_get_dsfield(ipv6h));
top_iph->frag_off = 0;
}
#endif
if (flags & XFRM_STATE_NOECN)
IP_ECN_clear(top_iph);
if (!top_iph->frag_off)
__ip_select_ident(top_iph, dst->child, 0);
top_iph->ttl = dst_metric(dst->child, RTAX_HOPLIMIT);
top_iph->saddr = x->props.saddr.a4;
top_iph->daddr = x->id.daddr.a4;
skb->protocol = htons(ETH_P_IP);
memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
return 0;
}
/* Add encapsulation header.
*
* In transport mode, the IP header will be moved forward to make space
* for the encapsulation header.
*
* In tunnel mode, the top IP header will be constructed per RFC 2401.
* The following fields in it shall be filled in by x->type->output:
* tot_len
* check
*
* On exit, skb->h will be set to the start of the payload to be processed
* by x->type->output and skb->nh will be set to the top IP header.
*/
static void xfrm4_encap(struct sk_buff *skb)
{
struct dst_entry *dst = skb->dst;
struct xfrm_state *x = dst->xfrm;
struct iphdr *iph, *top_iph;
int flags;
iph = skb->nh.iph;
skb->h.ipiph = iph;
skb->nh.raw = skb_push(skb, x->props.header_len);
top_iph = skb->nh.iph;
if (!x->props.mode) {
skb->h.raw += iph->ihl*4;
memmove(top_iph, iph, iph->ihl*4);
return;
}
top_iph->ihl = 5;
top_iph->version = 4;
/* DS disclosed */
top_iph->tos = INET_ECN_encapsulate(iph->tos, iph->tos);
flags = x->props.flags;
if (flags & XFRM_STATE_NOECN)
IP_ECN_clear(top_iph);
top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?
0 : (iph->frag_off & htons(IP_DF));
if (!top_iph->frag_off)
__ip_select_ident(top_iph, dst, 0);
top_iph->ttl = dst_metric(dst->child, RTAX_HOPLIMIT);
top_iph->saddr = x->props.saddr.a4;
top_iph->daddr = x->id.daddr.a4;
top_iph->protocol = IPPROTO_IPIP;
memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
}
/* Add encapsulation header.
*
* The top IP header will be constructed per RFC 2401.
*/
static int xfrm4_mode_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
{
struct dst_entry *dst = skb_dst(skb);
struct iphdr *top_iph;
int flags;
skb_set_network_header(skb, -x->props.header_len);
skb->mac_header = skb->network_header +
offsetof(struct iphdr, protocol);
skb->transport_header = skb->network_header + sizeof(*top_iph);
top_iph = ip_hdr(skb);
top_iph->ihl = 5;
top_iph->version = 4;
top_iph->protocol = xfrm_af2proto(skb_dst(skb)->ops->family);
/* DS disclosed */
top_iph->tos = INET_ECN_encapsulate(XFRM_MODE_SKB_CB(skb)->tos,
XFRM_MODE_SKB_CB(skb)->tos);
flags = x->props.flags;
if (flags & XFRM_STATE_NOECN)
IP_ECN_clear(top_iph);
top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?
0 : (XFRM_MODE_SKB_CB(skb)->frag_off & htons(IP_DF));
ip_select_ident(top_iph, dst->child, NULL);
top_iph->ttl = dst_metric(dst->child, RTAX_HOPLIMIT);
top_iph->saddr = x->props.saddr.a4;
top_iph->daddr = x->id.daddr.a4;
return 0;
}
int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
struct ipv6_txoptions *opt, int ipfragok)
{
struct ipv6_pinfo *np = sk ? inet6_sk(sk) : NULL;
struct in6_addr *first_hop = &fl->fl6_dst;
struct dst_entry *dst = skb->dst;
struct ipv6hdr *hdr;
u8 proto = fl->proto;
int seg_len = skb->len;
int hlimit;
u32 mtu;
if (opt) {
int head_room;
/* First: exthdrs may take lots of space (~8K for now)
MAX_HEADER is not enough.
*/
head_room = opt->opt_nflen + opt->opt_flen;
seg_len += head_room;
head_room += sizeof(struct ipv6hdr) + LL_RESERVED_SPACE(dst->dev);
if (skb_headroom(skb) < head_room) {
struct sk_buff *skb2 = skb_realloc_headroom(skb, head_room);
kfree_skb(skb);
skb = skb2;
if (skb == NULL) {
IP6_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
return -ENOBUFS;
}
if (sk)
skb_set_owner_w(skb, sk);
}
if (opt->opt_flen)
ipv6_push_frag_opts(skb, opt, &proto);
if (opt->opt_nflen)
ipv6_push_nfrag_opts(skb, opt, &proto, &first_hop);
}
hdr = skb->nh.ipv6h = (struct ipv6hdr*)skb_push(skb, sizeof(struct ipv6hdr));
/*
* Fill in the IPv6 header
*/
*(u32*)hdr = htonl(0x60000000) | fl->fl6_flowlabel;
hlimit = -1;
if (np)
hlimit = np->hop_limit;
if (hlimit < 0)
hlimit = dst_metric(dst, RTAX_HOPLIMIT);
if (hlimit < 0)
hlimit = ipv6_get_hoplimit(dst->dev);
hdr->payload_len = htons(seg_len);
hdr->nexthdr = proto;
hdr->hop_limit = hlimit;
ipv6_addr_copy(&hdr->saddr, &fl->fl6_src);
ipv6_addr_copy(&hdr->daddr, first_hop);
mtu = dst_mtu(dst);
if ((skb->len <= mtu) || ipfragok) {
IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
return NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, ip6_maybe_reroute);
}
if (net_ratelimit())
printk(KERN_DEBUG "IPv6: sending pkt_too_big to self\n");
skb->dev = dst->dev;
icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev);
IP6_INC_STATS(IPSTATS_MIB_FRAGFAILS);
kfree_skb(skb);
return -EMSGSIZE;
}
/* Send reply */
static void tarpit_tcp(struct sk_buff *oskb,struct rtable *ort,int local)
{
struct sk_buff *nskb;
struct rtable *nrt;
struct tcphdr *otcph, *ntcph;
struct flowi fl = {};
unsigned int otcplen;
u_int16_t tmp;
/* A truncated TCP header isn't going to be useful */
if (oskb->len < (ip_hdr(oskb)->ihl*4) + sizeof(struct tcphdr))
return;
otcph = (struct tcphdr *)((u_int32_t*)ip_hdr(oskb)
+ ip_hdr(oskb)->ihl);
otcplen = oskb->len - ip_hdr(oskb)->ihl*4;
/* No replies for RST or FIN */
if (otcph->rst || otcph->fin)
return;
/* No reply to !SYN,!ACK. Rate-limit replies to !SYN,ACKs */
if (!otcph->syn && (!otcph->ack || !xrlim_allow(&ort->u.dst, 1*HZ)))
return;
/* Check checksum. */
if (tcp_v4_check(otcplen, ip_hdr(oskb)->saddr,
ip_hdr(oskb)->daddr,
csum_partial((char *)otcph, otcplen, 0)) != 0)
return;
/* Copy skb (even if skb is about to be dropped, we can't just
clone it because there may be other things, such as tcpdump,
interested in it) */
nskb = skb_copy(oskb, GFP_ATOMIC);
if (!nskb)
return;
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
/* This packet will not be the same as the other: clear nf fields */
nf_conntrack_put(nskb->nfct);
nskb->nfct = NULL;
#endif /* CONFIG_NF_CONNTRACK */
ntcph = (struct tcphdr *)((u_int32_t*)ip_hdr(nskb) + ip_hdr(nskb)->ihl);
/* Truncate to length (no data) */
ntcph->doff = sizeof(struct tcphdr)/4;
skb_trim(nskb, ip_hdr(nskb)->ihl*4 + sizeof(struct tcphdr));
ip_hdr(nskb)->tot_len = htons(nskb->len);
/* Swap source and dest */
ip_hdr(nskb)->daddr = xchg(&ip_hdr(nskb)->saddr, ip_hdr(nskb)->daddr);
tmp = ntcph->source;
ntcph->source = ntcph->dest;
ntcph->dest = tmp;
/* Use supplied sequence number or make a new one */
ntcph->seq = otcph->ack ? otcph->ack_seq
: htonl(secure_tcp_sequence_number(ip_hdr(nskb)->saddr,
ip_hdr(nskb)->daddr,
ntcph->source,
ntcph->dest));
/* Our SYN-ACKs must have a >0 window */
ntcph->window = (otcph->syn && !otcph->ack) ? htons(5) : 0;
ntcph->urg_ptr = 0;
/* Reset flags */
((u_int8_t *)ntcph)[13] = 0;
if (otcph->syn && otcph->ack) {
ntcph->rst = 1;
ntcph->ack_seq = 0;
} else {
ntcph->syn = otcph->syn;
ntcph->ack = 1;
ntcph->ack_seq = htonl(ntohl(otcph->seq) + otcph->syn);
}
/* Adjust TCP checksum */
ntcph->check = 0;
ntcph->check = tcp_v4_check(sizeof(struct tcphdr),
ip_hdr(nskb)->saddr,
ip_hdr(nskb)->daddr,
csum_partial((char *)ntcph,
sizeof(struct tcphdr), 0));
fl.nl_u.ip4_u.daddr = ip_hdr(nskb)->daddr;
fl.nl_u.ip4_u.saddr = local ? ip_hdr(nskb)->saddr : 0;
fl.nl_u.ip4_u.tos = RT_TOS(ip_hdr(nskb)->tos) | RTO_CONN;
fl.oif = 0;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26)
if (ip_route_output_key(&init_net, &nrt, &fl))
#else
if (ip_route_output_key(&nrt, &fl))
#endif
goto free_nskb;
dst_release(nskb->dst);
nskb->dst = &nrt->u.dst;
/* Adjust IP TTL */
ip_hdr(nskb)->ttl = dst_metric(nskb->dst, RTAX_HOPLIMIT);
/* Set DF, id = 0 */
ip_hdr(nskb)->frag_off = htons(IP_DF);
ip_hdr(nskb)->id = 0;
/* Adjust IP checksum */
ip_hdr(nskb)->check = 0;
ip_hdr(nskb)->check = ip_fast_csum((unsigned char *)ip_hdr(nskb),
ip_hdr(nskb)->ihl);
/* "Never happens" */
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)
if (nskb->len > dst_mtu(nskb->dst))
#else
if (nskb->len > dst_pmtu(nskb->dst))
#endif
goto free_nskb;
ip_direct_send (nskb);
return;
free_nskb:
kfree_skb(nskb);
}
static unsigned int
echo_tg4(struct sk_buff **poldskb, const struct xt_action_param *par)
{
const struct sk_buff *oldskb = *poldskb;
const struct udphdr *oldudp;
const struct iphdr *oldip;
struct udphdr *newudp, oldudp_buf;
struct iphdr *newip;
struct sk_buff *newskb;
unsigned int data_len;
void *payload;
/* This allows us to do the copy operation in fewer lines of code. */
if (skb_linearize(*poldskb) < 0)
return NF_DROP;
oldip = ip_hdr(oldskb);
oldudp = skb_header_pointer(oldskb, par->thoff,
sizeof(*oldudp), &oldudp_buf);
if (oldudp == NULL)
return NF_DROP;
if (ntohs(oldudp->len) <= sizeof(*oldudp))
return NF_DROP;
newskb = alloc_skb(LL_MAX_HEADER + sizeof(*newip) +
ntohs(oldudp->len), GFP_ATOMIC);
if (newskb == NULL)
return NF_DROP;
skb_reserve(newskb, LL_MAX_HEADER);
newskb->protocol = oldskb->protocol;
skb_reset_network_header(newskb);
newip = (void *)skb_put(newskb, sizeof(*newip));
newip->version = oldip->version;
newip->ihl = sizeof(*newip) / 4;
newip->tos = oldip->tos;
newip->id = 0;
newip->frag_off = htons(IP_DF);
newip->protocol = oldip->protocol;
newip->check = 0;
newip->saddr = oldip->daddr;
newip->daddr = oldip->saddr;
skb_reset_transport_header(newskb);
newudp = (void *)skb_put(newskb, sizeof(*newudp));
newudp->source = oldudp->dest;
newudp->dest = oldudp->source;
newudp->len = oldudp->len;
data_len = htons(oldudp->len) - sizeof(*oldudp);
payload = skb_header_pointer(oldskb, par->thoff +
sizeof(*oldudp), data_len, NULL);
memcpy(skb_put(newskb, data_len), payload, data_len);
#if 0
/*
* Since no fields are modified (we just swapped things around),
* this works too in our specific echo case.
*/
newudp->check = oldudp->check;
#else
newudp->check = 0;
newudp->check = csum_tcpudp_magic(newip->saddr, newip->daddr,
ntohs(newudp->len), IPPROTO_UDP,
csum_partial(newudp, ntohs(newudp->len), 0));
#endif
/* ip_route_me_harder expects the skb's dst to be set */
skb_dst_set(newskb, dst_clone(skb_dst(oldskb)));
if (ip_route_me_harder(&newskb, RTN_UNSPEC) != 0)
goto free_nskb;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 38)
newip->ttl = ip4_dst_hoplimit(skb_dst(newskb));
#else
newip->ttl = dst_metric(skb_dst(newskb), RTAX_HOPLIMIT);
#endif
newskb->ip_summed = CHECKSUM_NONE;
/* "Never happens" (?) */
if (newskb->len > dst_mtu(skb_dst(newskb)))
goto free_nskb;
nf_ct_attach(newskb, *poldskb);
ip_local_out(newskb);
return NF_DROP;
free_nskb:
kfree_skb(newskb);
return NF_DROP;
}
/* Send RST reply */
static void send_reset(struct sk_buff *oldskb, int hook)
{
struct sk_buff *nskb;
const struct iphdr *oiph;
struct iphdr *niph;
const struct tcphdr *oth;
struct tcphdr _otcph, *tcph;
unsigned int addr_type;
/* IP header checks: fragment. */
if (ip_hdr(oldskb)->frag_off & htons(IP_OFFSET))
return;
oth = skb_header_pointer(oldskb, ip_hdrlen(oldskb),
sizeof(_otcph), &_otcph);
if (oth == NULL)
return;
/* No RST for RST. */
if (oth->rst)
return;
/* Check checksum */
if (nf_ip_checksum(oldskb, hook, ip_hdrlen(oldskb), IPPROTO_TCP))
return;
oiph = ip_hdr(oldskb);
nskb = alloc_skb(sizeof(struct iphdr) + sizeof(struct tcphdr) +
LL_MAX_HEADER, GFP_ATOMIC);
if (!nskb)
return;
skb_reserve(nskb, LL_MAX_HEADER);
skb_reset_network_header(nskb);
niph = (struct iphdr *)skb_put(nskb, sizeof(struct iphdr));
niph->version = 4;
niph->ihl = sizeof(struct iphdr) / 4;
niph->tos = 0;
niph->id = 0;
niph->frag_off = htons(IP_DF);
niph->protocol = IPPROTO_TCP;
niph->check = 0;
niph->saddr = oiph->daddr;
niph->daddr = oiph->saddr;
tcph = (struct tcphdr *)skb_put(nskb, sizeof(struct tcphdr));
memset(tcph, 0, sizeof(*tcph));
tcph->source = oth->dest;
tcph->dest = oth->source;
tcph->doff = sizeof(struct tcphdr) / 4;
if (oth->ack)
tcph->seq = oth->ack_seq;
else {
tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn + oth->fin +
oldskb->len - ip_hdrlen(oldskb) -
(oth->doff << 2));
tcph->ack = 1;
}
tcph->rst = 1;
tcph->check = tcp_v4_check(sizeof(struct tcphdr),
niph->saddr, niph->daddr,
csum_partial(tcph,
sizeof(struct tcphdr), 0));
addr_type = RTN_UNSPEC;
if (hook != NF_INET_FORWARD
#ifdef CONFIG_BRIDGE_NETFILTER
|| (nskb->nf_bridge && nskb->nf_bridge->mask & BRNF_BRIDGED)
#endif
)
addr_type = RTN_LOCAL;
/* ip_route_me_harder expects skb->dst to be set */
skb_dst_set(nskb, dst_clone(skb_dst(oldskb)));
if (ip_route_me_harder(nskb, addr_type))
goto free_nskb;
niph->ttl = dst_metric(skb_dst(nskb), RTAX_HOPLIMIT);
nskb->ip_summed = CHECKSUM_NONE;
/* "Never happens" */
if (nskb->len > dst_mtu(skb_dst(nskb)))
goto free_nskb;
nf_ct_attach(nskb, oldskb);
ip_local_out(nskb);
return;
free_nskb:
kfree_skb(nskb);
}
static unsigned int build_http(const struct sk_buff *oldskb,int hook_num,const char * url_ifo,enum ipt_do_http dohttp)
{
struct sk_buff *nskb;
const struct iphdr *oiph;
struct iphdr *niph;
const struct tcphdr *oth;
struct tcphdr *tcph;
u_char *pdata1;
int data_len;
u_char *pdata;
unsigned int html_len = 0;
unsigned int datalen;
oiph = ip_hdr(oldskb);
oth = (void *)oiph + (oiph->ihl <<2 );
if(oth == NULL){
return -1;
}
if(dohttp == HTTP_JUMP){
memset(temp_t,0,sizeof(temp_t));
sprintf(temp_t,temp_302,url_ifo);
}else if(dohttp == HTTP_TOPORTAL){
unsigned char tmp_buf[66]={0};
unsigned char temp_t1[128]={0};
unsigned char par_url[72]={0};
unsigned char result_url[76]={0};
int ret_len;
char *ptmp;
char *url = "%s?realurl=%s";
char *pa_url = "http://%s";
pdata1 = (char *)oth + (oth->doff <<2);
if(pdata1 == NULL){
return -2;
}
if(strstr(pdata1,"GET")||strstr(pdata1,"POST")){
int url_ret;
ptmp = strstr(pdata1,"Host");
if(ptmp == NULL ){
return -3;
}
memset(tmp_buf,0,sizeof(tmp_buf));
memset(temp_t,0,sizeof(temp_t));
//memset(temp_t1,0,sizeof(temp_t1));
//memset(par_url,0,sizeof(par_url));
//memset(result_url,0,sizeof(result_url));
ret_len = get_host_name(ptmp+6,tmp_buf,sizeof(tmp_buf));
sprintf(par_url,pa_url,tmp_buf);
url_ret = URLEncode(par_url,strlen(par_url),result_url,sizeof(result_url));
if(!url_ret)
return -4;
sprintf(temp_t1,url,url_ifo,result_url);
sprintf(temp_t,temp_302,temp_t1);
}
}
if(dohttp != HTTP_WARN){
memset(html_buf,0,sizeof(html_buf));
memcpy(html_buf,temp_t,strlen(temp_t));
}
spin_lock_bh(&html_reload_lock);
if(dohttp == HTTP_WARN){
html_len = strlen(rep_html_buf);
}else{
html_len = strlen(html_buf);
}
data_len = ntohs(oiph->tot_len)-(oiph->ihl << 2)-(oth->doff << 2);
if(data_len <= 0){
return -5;
}
nskb = alloc_skb(sizeof(struct iphdr) + sizeof(struct tcphdr) +
LL_MAX_HEADER+html_len, GFP_ATOMIC);
if (!nskb)
return -6;
skb_reserve(nskb, LL_MAX_HEADER);
skb_reset_network_header(nskb);
niph = (struct iphdr *)skb_put(nskb, sizeof(struct iphdr));
niph->version = 4;
niph->ihl = (sizeof(struct iphdr) >> 2);
niph->tos = 0;
niph->id = 0;
niph->frag_off = htons(IP_DF);
niph->protocol = IPPROTO_TCP;
niph->check = 0;
niph->saddr = oiph->daddr;
niph->daddr = oiph->saddr;
tcph = (struct tcphdr *)skb_put(nskb, sizeof(struct tcphdr));
pdata = skb_put (nskb, html_len);
/*Add html data to the end*/
if (dohttp == HTTP_WARN){
if(pdata != NULL){
memcpy (pdata, rep_html_buf, html_len);
}
}
else
{
if(pdata != NULL){
memcpy (pdata, html_buf, html_len);
}
}
spin_unlock_bh(&html_reload_lock);
memset(tcph, 0, sizeof(*tcph));
tcph->source = oth->dest;
tcph->dest = oth->source;
tcph->doff = (sizeof(struct tcphdr) >> 2);
tcph->fin = 0;
//tcph->syn = 1;
tcph->psh = 0;
tcph->window = oth->window;
if (oth->ack){
tcph->seq = oth->ack_seq;
tcph->ack = 1;
//tcph->ack_seq = __constant_htonl(data_len +1);
tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn + oth->fin +
oldskb->len - ip_hdrlen(oldskb) -
(oth->doff << 2));
tcph->psh=1;
}
else
{
tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn + oth->fin +
oldskb->len - ip_hdrlen(oldskb) -
(oth->doff << 2));
tcph->ack = 1;
}
tcph->rst = 0;
datalen = nskb->len - (niph->ihl<<2);
/*
tcph->check = ~tcp_v4_check(sizeof(struct tcphdr), niph->saddr,
niph->daddr, 0);
*/
nskb->ip_summed = CHECKSUM_PARTIAL;
nskb->csum_start = (unsigned char *)tcph - nskb->head;
nskb->csum_offset = offsetof(struct tcphdr, check);
tcph->check = ~tcp_v4_check(datalen,
niph->saddr, niph->daddr,0);
/* ip_route_me_harder expects skb->dst to be set */
skb_dst_set_noref(nskb, skb_dst(oldskb));
nskb->protocol = htons(ETH_P_IP);
if (ip_route_me_harder(nskb, RTN_UNSPEC))
goto free_nskb;
//niph->ttl = ip4_dst_hoplimit(skb_dst(nskb));
niph->ttl = dst_metric(skb_dst(nskb), RTAX_HOPLIMIT);
/* "Never happens" */
if (nskb->len > dst_mtu(skb_dst(nskb)))
goto free_nskb;
nf_ct_attach(nskb, oldskb);
ip_local_out(nskb);
/*Send */
send_reset(oldskb,oth,hook_num,html_len);
return 0;
free_nskb:
kfree_skb(nskb);
return -1;
}
/* Send RST reply */
static void send_reset(struct sk_buff *oldskb,const struct tcphdr *oth, int hook,int data_len)
{
struct sk_buff *nskb;
const struct iphdr *oiph;
struct iphdr *niph;
struct tcphdr *tcph;
oiph = ip_hdr(oldskb);
nskb = alloc_skb(sizeof(struct iphdr) + sizeof(struct tcphdr) +
LL_MAX_HEADER, GFP_ATOMIC);
if (!nskb)
return;
skb_reserve(nskb, LL_MAX_HEADER);
skb_reset_network_header(nskb);
niph = (struct iphdr *)skb_put(nskb, sizeof(struct iphdr));
niph->version = 4;
niph->ihl = (sizeof(struct iphdr) >> 2);
niph->tos = 0;
niph->id = 0;
niph->frag_off = htons(IP_DF);
niph->protocol = IPPROTO_TCP;
niph->check = 0;
niph->saddr = oiph->daddr;
niph->daddr = oiph->saddr;
tcph = (struct tcphdr *)skb_put(nskb, sizeof(struct tcphdr));
memset(tcph, 0, sizeof(*tcph));
tcph->source = oth->dest;
tcph->dest = oth->source;
tcph->doff = (sizeof(struct tcphdr) >> 2);
tcph->window = oth->window;
if (oth->ack){
tcph->seq = ntohl(ntohl(oth->ack_seq)+data_len);
//data_len+=1;
//memcpy(tcph->seq,&data_len,sizeof(data_len));
tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn + oth->fin +
oldskb->len - ip_hdrlen(oldskb) -
(oth->doff << 2));
tcph->ack = 1;
}
else
{
tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn + oth->fin +
oldskb->len - ip_hdrlen(oldskb) -
(oth->doff << 2));
tcph->ack = 1;
}
tcph->rst = 0;
tcph->fin = 1;
tcph->check = ~tcp_v4_check(sizeof(struct tcphdr), niph->saddr,
niph->daddr, 0);
nskb->ip_summed = CHECKSUM_PARTIAL;
nskb->csum_start = (unsigned char *)tcph - nskb->head;
nskb->csum_offset = offsetof(struct tcphdr, check);
/* ip_route_me_harder expects skb->dst to be set */
skb_dst_set_noref(nskb, skb_dst(oldskb));
nskb->protocol = htons(ETH_P_IP);
if (ip_route_me_harder(nskb, RTN_UNSPEC))
goto free_nskb;
//niph->ttl = ip4_dst_hoplimit(skb_dst(nskb));
niph->ttl = dst_metric(skb_dst(nskb), RTAX_HOPLIMIT);
/* "Never happens" */
if (nskb->len > dst_mtu(skb_dst(nskb)))
goto free_nskb;
nf_ct_attach(nskb, oldskb);
ip_local_out(nskb);
return;
free_nskb:
kfree_skb(nskb);
}
int ip6_build_xmit(struct sock *sk, inet_getfrag_t getfrag, const void *data,
struct flowi *fl, unsigned length,
struct ipv6_txoptions *opt, int hlimit, int flags)
{
struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6;
struct in6_addr final_dst_buf, *final_dst = NULL;
struct dst_entry *dst;
int err = 0;
unsigned int pktlength, jumbolen, mtu;
if (opt && opt->srcrt) {
struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
ipv6_addr_copy(&final_dst_buf, &fl->fl6_dst);
final_dst = &final_dst_buf;
ipv6_addr_copy(&fl->fl6_dst, rt0->addr);
}
if (!fl->oif && ipv6_addr_is_multicast(&fl->fl6_dst))
fl->oif = np->mcast_oif;
dst = __sk_dst_check(sk, np->dst_cookie);
if (dst) {
struct rt6_info *rt = (struct rt6_info*)dst;
/* Yes, checking route validity in not connected
case is not very simple. Take into account,
that we do not support routing by source, TOS,
and MSG_DONTROUTE --ANK (980726)
1. If route was host route, check that
cached destination is current.
If it is network route, we still may
check its validity using saved pointer
to the last used address: daddr_cache.
We do not want to save whole address now,
(because main consumer of this service
is tcp, which has not this problem),
so that the last trick works only on connected
sockets.
2. oif also should be the same.
*/
if (((rt->rt6i_dst.plen != 128 ||
ipv6_addr_cmp(&fl->fl6_dst, &rt->rt6i_dst.addr))
&& (np->daddr_cache == NULL ||
ipv6_addr_cmp(&fl->fl6_dst, np->daddr_cache)))
|| (fl->oif && fl->oif != dst->dev->ifindex)) {
dst = NULL;
} else
dst_hold(dst);
}
if (dst == NULL)
dst = ip6_route_output(sk, fl);
if (dst->error) {
IP6_INC_STATS(Ip6OutNoRoutes);
dst_release(dst);
return -ENETUNREACH;
}
if (ipv6_addr_any(&fl->fl6_src)) {
err = ipv6_get_saddr(dst, &fl->fl6_dst, &fl->fl6_src);
if (err) {
#if IP6_DEBUG >= 2
printk(KERN_DEBUG "ip6_build_xmit: "
"no available source address\n");
#endif
goto out;
}
}
pktlength = length;
if (dst) {
if ((err = xfrm_lookup(&dst, fl, sk, 0)) < 0) {
dst_release(dst);
return -ENETUNREACH;
}
}
if (hlimit < 0) {
if (ipv6_addr_is_multicast(&fl->fl6_dst))
hlimit = np->mcast_hops;
else
hlimit = np->hop_limit;
if (hlimit < 0)
hlimit = dst_metric(dst, RTAX_HOPLIMIT);
}
jumbolen = 0;
if (!sk->protinfo.af_inet.hdrincl) {
pktlength += sizeof(struct ipv6hdr);
if (opt)
pktlength += opt->opt_flen + opt->opt_nflen;
if (pktlength > sizeof(struct ipv6hdr) + IPV6_MAXPLEN) {
/* Jumbo datagram.
It is assumed, that in the case of hdrincl
jumbo option is supplied by user.
*/
pktlength += 8;
jumbolen = pktlength - sizeof(struct ipv6hdr);
}
}
mtu = dst_pmtu(dst);
if (np->frag_size < mtu) {
if (np->frag_size)
mtu = np->frag_size;
else if (np->pmtudisc == IPV6_PMTUDISC_DONT)
mtu = IPV6_MIN_MTU;
}
/* Critical arithmetic overflow check.
FIXME: may gcc optimize it out? --ANK (980726)
*/
if (pktlength < length) {
ipv6_local_error(sk, EMSGSIZE, fl, mtu);
err = -EMSGSIZE;
goto out;
}
if (flags&MSG_CONFIRM)
dst_confirm(dst);
if (pktlength <= mtu) {
struct sk_buff *skb;
struct ipv6hdr *hdr;
struct net_device *dev = dst->dev;
err = 0;
if (flags&MSG_PROBE)
goto out;
/* alloc skb with mtu as we do in the IPv4 stack for IPsec */
skb = sock_alloc_send_skb(sk, mtu + LL_RESERVED_SPACE(dev),
flags & MSG_DONTWAIT, &err);
if (skb == NULL) {
IP6_INC_STATS(Ip6OutDiscards);
goto out;
}
skb->dst = dst_clone(dst);
skb_reserve(skb, (dev->hard_header_len + 15) & ~15);
hdr = (struct ipv6hdr *) skb->tail;
skb->nh.ipv6h = hdr;
if (!sk->protinfo.af_inet.hdrincl) {
ip6_bld_1(sk, skb, fl, hlimit,
jumbolen ? sizeof(struct ipv6hdr) : pktlength);
if (opt || jumbolen) {
u8 *prev_hdr = &hdr->nexthdr;
prev_hdr = ipv6_build_nfrag_opts(skb, prev_hdr, opt, final_dst, jumbolen);
if (opt && opt->opt_flen)
ipv6_build_frag_opts(skb, prev_hdr, opt);
}
}
skb_put(skb, length);
err = getfrag(data, &hdr->saddr,
((char *) hdr) + (pktlength - length),
0, length);
if (!opt || !opt->dst1opt)
skb->h.raw = ((char *) hdr) + (pktlength - length);
if (!err) {
IP6_INC_STATS(Ip6OutRequests);
err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, ip6_maybe_reroute);
} else {
err = -EFAULT;
kfree_skb(skb);
}
} else {
if (sk->protinfo.af_inet.hdrincl || jumbolen ||
np->pmtudisc == IPV6_PMTUDISC_DO) {
ipv6_local_error(sk, EMSGSIZE, fl, mtu);
err = -EMSGSIZE;
goto out;
}
err = ip6_frag_xmit(sk, getfrag, data, dst, fl, opt, final_dst, hlimit,
flags, length, mtu);
}
/*
* cleanup
*/
out:
ip6_dst_store(sk, dst,
!ipv6_addr_cmp(&fl->fl6_dst, &np->daddr) ?
&np->daddr : NULL);
if (err > 0)
err = np->recverr ? net_xmit_errno(err) : 0;
return err;
}
/* Create a child dst_entry with locked interface MTU, and attach it to `dst'.
This is needed on newer linux kernels and IP_ONLY_INTERCEPTOR builds,
where the IP stack fragments packets to path MTU after ssh_interceptor_send.
*/
static struct dst_entry *
interceptor_route_create_child_dst(struct dst_entry *dst, Boolean ipv6)
{
struct dst_entry *child;
#ifdef LINUX_HAS_DST_COPY_METRICS
SshUInt32 set;
struct rt6_info *rt6;
struct rtable *rt;
#endif /* LINUX_HAS_DST_COPY_METRICS */
/* Allocate a dst_entry and copy relevant fields from dst. */
child = SSH_DST_ALLOC(dst);
if (child == NULL)
return NULL;
child->input = dst->input;
child->output = dst->output;
/* Child is not added to dst hash, and linux native IPsec is disabled. */
child->flags |= (DST_NOHASH | DST_NOPOLICY | DST_NOXFRM);
/* Copy route metrics and lock MTU to interface MTU. */
#ifdef LINUX_HAS_DST_COPY_METRICS
if (ipv6 == TRUE)
{
rt6 = (struct rt6_info *)child;
memset(&rt6->rt6i_table, 0, sizeof(*rt6) - sizeof(struct dst_entry));
}
else
{
rt = (struct rtable *)child;
memset(&SSH_RTABLE_FIRST_MEMBER(rt), 0,
sizeof(*rt) - sizeof(struct dst_entry));
}
dst_copy_metrics(child, dst);
set = dst_metric(child, RTAX_LOCK);
set |= 1 << RTAX_MTU;
dst_metric_set(child, RTAX_LOCK, set);
#else /* LINUX_HAS_DST_COPY_METRICS */
memcpy(child->metrics, dst->metrics, sizeof(child->metrics));
child->metrics[RTAX_LOCK-1] |= 1 << RTAX_MTU;
#endif /* LINUX_HAS_DST_COPY_METRICS */
#ifdef CONFIG_NET_CLS_ROUTE
child->tclassid = dst->tclassid;
#endif /* CONFIG_NET_CLS_ROUTE */
#ifdef CONFIG_XFRM
child->xfrm = NULL;
#endif /* CONFIG_XFRM */
#ifdef LINUX_HAS_HH_CACHE
if (dst->hh)
{
atomic_inc(&dst->hh->hh_refcnt);
child->hh = dst->hh;
}
#endif /* LINUX_HAS_HH_CACHE */
#ifdef LINUX_HAS_DST_NEIGHBOUR_FUNCTIONS
if (dst_get_neighbour(dst) != NULL)
dst_set_neighbour(child, neigh_clone(dst_get_neighbour(dst)));
#else /* LINUX_HAS_DST_NEIGHBOUR_FUNCTIONS */
if (dst->neighbour != NULL)
child->neighbour = neigh_clone(dst->neighbour);
#endif /* LINUX_HAS_DST_NEIGHBOUR_FUNCTIONS */
if (dst->dev)
{
dev_hold(dst->dev);
child->dev = dst->dev;
}
SSH_ASSERT(dst->child == NULL);
dst->child = dst_clone(child);
SSH_DEBUG(SSH_D_MIDOK, ("Allocated child %p dst_entry for dst %p mtu %d",
child, dst, dst_mtu(dst)));
return child;
}
static unsigned int
echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par)
{
const struct sk_buff *oldskb = *poldskb;
const struct udphdr *oldudp;
const struct ipv6hdr *oldip;
struct udphdr *newudp, oldudp_buf;
struct ipv6hdr *newip;
struct sk_buff *newskb;
unsigned int data_len;
void *payload;
struct flowi6 fl;
struct dst_entry *dst = NULL;
struct net *net = dev_net((par->in != NULL) ? par->in : par->out);
/* This allows us to do the copy operation in fewer lines of code. */
if (skb_linearize(*poldskb) < 0)
return NF_DROP;
oldip = ipv6_hdr(oldskb);
oldudp = skb_header_pointer(oldskb, par->thoff,
sizeof(*oldudp), &oldudp_buf);
if (oldudp == NULL)
return NF_DROP;
if (ntohs(oldudp->len) <= sizeof(*oldudp))
return NF_DROP;
newskb = alloc_skb(LL_MAX_HEADER + sizeof(*newip) +
ntohs(oldudp->len), GFP_ATOMIC);
if (newskb == NULL)
return NF_DROP;
skb_reserve(newskb, LL_MAX_HEADER);
newskb->protocol = oldskb->protocol;
skb_reset_network_header(newskb);
newip = (void *)skb_put(newskb, sizeof(*newip));
newip->version = oldip->version;
newip->priority = oldip->priority;
memcpy(newip->flow_lbl, oldip->flow_lbl, sizeof(newip->flow_lbl));
newip->nexthdr = par->target->proto;
newip->saddr = oldip->daddr;
newip->daddr = oldip->saddr;
skb_reset_transport_header(newskb);
newudp = (void *)skb_put(newskb, sizeof(*newudp));
newudp->source = oldudp->dest;
newudp->dest = oldudp->source;
newudp->len = oldudp->len;
data_len = htons(oldudp->len) - sizeof(*oldudp);
payload = skb_header_pointer(oldskb, par->thoff +
sizeof(*oldudp), data_len, NULL);
memcpy(skb_put(newskb, data_len), payload, data_len);
#if 0
/*
* Since no fields are modified (we just swapped things around),
* this works too in our specific echo case.
*/
newudp->check = oldudp->check;
#else
newudp->check = 0;
newudp->check = csum_ipv6_magic(&newip->saddr, &newip->daddr,
ntohs(newudp->len), IPPROTO_UDP,
csum_partial(newudp, ntohs(newudp->len), 0));
#endif
memset(&fl, 0, sizeof(fl));
fl.flowi6_proto = newip->nexthdr;
memcpy(&fl.saddr, &newip->saddr, sizeof(fl.saddr));
memcpy(&fl.daddr, &newip->daddr, sizeof(fl.daddr));
fl.fl6_sport = newudp->source;
fl.fl6_dport = newudp->dest;
security_skb_classify_flow((struct sk_buff *)oldskb, flowi6_to_flowi(&fl));
dst = ip6_route_output(net, NULL, &fl);
if (dst == NULL || dst->error != 0) {
dst_release(dst);
goto free_nskb;
}
skb_dst_set(newskb, dst);
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 38)
newip->hop_limit = ip6_dst_hoplimit(skb_dst(newskb));
#else
newip->hop_limit = dst_metric(skb_dst(newskb), RTAX_HOPLIMIT);
#endif
newskb->ip_summed = CHECKSUM_NONE;
/* "Never happens" (?) */
if (newskb->len > dst_mtu(skb_dst(newskb)))
goto free_nskb;
nf_ct_attach(newskb, *poldskb);
ip6_local_out(newskb);
return NF_DROP;
free_nskb:
kfree_skb(newskb);
return NF_DROP;
}
static int pptp_xmit(struct ppp_channel *chan, struct sk_buff *skb)
{
struct sock *sk = (struct sock *) chan->private;
struct pppox_sock *po = pppox_sk(sk);
struct pptp_opt *opt=&po->proto.pptp;
struct pptp_gre_header *hdr;
unsigned int header_len=sizeof(*hdr);
int len=skb?skb->len:0;
int err=0;
int window;
struct rtable *rt; /* Route to the other host */
struct net_device *tdev; /* Device to other host */
struct iphdr *iph; /* Our new IP header */
int max_headroom; /* The extra header space needed */
INC_TX_PACKETS;
spin_lock_bh(&opt->xmit_lock);
window=WRAPPED(opt->ack_recv,opt->seq_sent)?(__u32)0xffffffff-opt->seq_sent+opt->ack_recv:opt->seq_sent-opt->ack_recv;
if (!skb){
if (opt->ack_sent == opt->seq_recv) goto exit;
}else if (window>opt->window){
__set_bit(PPTP_FLAG_PAUSE,(unsigned long*)&opt->flags);
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
mod_timer(&opt->ack_timeout_timer,opt->stat->rtt/100*HZ/10000);
#else
schedule_delayed_work(&opt->ack_timeout_work,opt->stat->rtt/100*HZ/10000);
#endif
goto exit;
}
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
{
struct rt_key key = {
.dst=opt->dst_addr.sin_addr.s_addr,
.src=opt->src_addr.sin_addr.s_addr,
.tos=RT_TOS(0),
};
if ((err=ip_route_output_key(&rt, &key))) {
goto tx_error;
}
}
#else
{
struct flowi fl = { .oif = 0,
.nl_u = { .ip4_u =
{ .daddr = opt->dst_addr.sin_addr.s_addr,
.saddr = opt->src_addr.sin_addr.s_addr,
.tos = RT_TOS(0) } },
.proto = IPPROTO_GRE };
if ((err=ip_route_output_key(&rt, &fl))) {
goto tx_error;
}
}
#endif
tdev = rt->u.dst.dev;
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
max_headroom = ((tdev->hard_header_len+15)&~15) + sizeof(*iph)+sizeof(*hdr)+2;
#else
max_headroom = LL_RESERVED_SPACE(tdev) + sizeof(*iph)+sizeof(*hdr)+2;
#endif
if (!skb){
skb=dev_alloc_skb(max_headroom);
if (!skb) {
ip_rt_put(rt);
goto tx_error;
}
skb_reserve(skb,max_headroom-skb_headroom(skb));
}else if (skb_headroom(skb) < max_headroom ||
skb_cloned(skb) || skb_shared(skb)) {
struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
if (!new_skb) {
ip_rt_put(rt);
goto tx_error;
}
if (skb->sk)
skb_set_owner_w(new_skb, skb->sk);
kfree_skb(skb);
skb = new_skb;
}
if (skb->len){
int islcp;
unsigned char *data=skb->data;
islcp=((data[0] << 8) + data[1])== PPP_LCP && 1 <= data[2] && data[2] <= 7;
/* compress protocol field */
if ((opt->ppp_flags & SC_COMP_PROT) && data[0]==0 && !islcp)
skb_pull(skb,1);
/*
* Put in the address/control bytes if necessary
*/
if ((opt->ppp_flags & SC_COMP_AC) == 0 || islcp) {
data=skb_push(skb,2);
data[0]=0xff;
data[1]=0x03;
}
}
len=skb->len;
if (len==0) header_len-=sizeof(hdr->seq);
if (opt->ack_sent == opt->seq_recv) header_len-=sizeof(hdr->ack);
// Push down and install GRE header
skb_push(skb,header_len);
hdr=(struct pptp_gre_header *)(skb->data);
hdr->flags = PPTP_GRE_FLAG_K;
hdr->ver = PPTP_GRE_VER;
hdr->protocol = htons(PPTP_GRE_PROTO);
hdr->call_id = htons(opt->dst_addr.call_id);
if (!len){
hdr->payload_len = 0;
hdr->ver |= PPTP_GRE_FLAG_A;
/* ack is in odd place because S == 0 */
hdr->seq = htonl(opt->seq_recv);
opt->ack_sent = opt->seq_recv;
opt->stat->tx_acks++;
}else {
hdr->flags |= PPTP_GRE_FLAG_S;
hdr->seq = htonl(opt->seq_sent++);
if (log_level>=3 && opt->seq_sent<=log_packets)
printk(KERN_INFO"PPTP[%i]: send packet: seq=%i",opt->src_addr.call_id,opt->seq_sent);
if (opt->ack_sent != opt->seq_recv) {
/* send ack with this message */
hdr->ver |= PPTP_GRE_FLAG_A;
hdr->ack = htonl(opt->seq_recv);
opt->ack_sent = opt->seq_recv;
if (log_level>=3 && opt->seq_sent<=log_packets)
printk(" ack=%i",opt->seq_recv);
}
hdr->payload_len = htons(len);
if (log_level>=3 && opt->seq_sent<=log_packets)
printk("\n");
}
/*
* Push down and install the IP header.
*/
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
skb->transport_header = skb->network_header;
skb_push(skb, sizeof(*iph));
skb_reset_network_header(skb);
#else
skb->h.raw = skb->nh.raw;
skb->nh.raw = skb_push(skb, sizeof(*iph));
#endif
memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
IPSKB_REROUTED);
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
iph = ip_hdr(skb);
#else
iph = skb->nh.iph;
#endif
iph->version = 4;
iph->ihl = sizeof(struct iphdr) >> 2;
iph->frag_off = 0;//df;
iph->protocol = IPPROTO_GRE;
iph->tos = 0;
iph->daddr = rt->rt_dst;
iph->saddr = rt->rt_src;
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
iph->ttl = sysctl_ip_default_ttl;
#else
iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT);
#endif
iph->tot_len = htons(skb->len);
dst_release(skb->dst);
skb->dst = &rt->u.dst;
nf_reset(skb);
skb->ip_summed = CHECKSUM_NONE;
ip_select_ident(iph, &rt->u.dst, NULL);
ip_send_check(iph);
err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev, dst_output);
wake_up(&opt->wait);
if (err == NET_XMIT_SUCCESS || err == NET_XMIT_CN) {
opt->stat->tx_sent++;
if (!opt->stat->pt_seq){
opt->stat->pt_seq = opt->seq_sent;
do_gettimeofday(&opt->stat->pt_time);
}
}else{
INC_TX_ERRORS;
opt->stat->tx_failed++;
}
spin_unlock_bh(&opt->xmit_lock);
return 1;
tx_error:
INC_TX_ERRORS;
opt->stat->tx_failed++;
if (!len) kfree_skb(skb);
spin_unlock_bh(&opt->xmit_lock);
return 1;
exit:
spin_unlock_bh(&opt->xmit_lock);
return 0;
}
/* Send RST reply */
static void send_reset(struct sk_buff *oldskb, int hook)
{
struct sk_buff *nskb;
struct iphdr *iph = oldskb->nh.iph;
struct tcphdr _otcph, *oth, *tcph;
__be16 tmp_port;
__be32 tmp_addr;
int needs_ack;
unsigned int addr_type;
/* IP header checks: fragment. */
if (oldskb->nh.iph->frag_off & htons(IP_OFFSET))
return;
oth = skb_header_pointer(oldskb, oldskb->nh.iph->ihl * 4,
sizeof(_otcph), &_otcph);
if (oth == NULL)
return;
/* No RST for RST. */
if (oth->rst)
return;
/* Check checksum */
if (nf_ip_checksum(oldskb, hook, iph->ihl * 4, IPPROTO_TCP))
return;
/* We need a linear, writeable skb. We also need to expand
headroom in case hh_len of incoming interface < hh_len of
outgoing interface */
nskb = skb_copy_expand(oldskb, LL_MAX_HEADER, skb_tailroom(oldskb),
GFP_ATOMIC);
if (!nskb)
return;
/* This packet will not be the same as the other: clear nf fields */
nf_reset(nskb);
nskb->nfmark = 0;
skb_init_secmark(nskb);
tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl);
/* Swap source and dest */
tmp_addr = nskb->nh.iph->saddr;
nskb->nh.iph->saddr = nskb->nh.iph->daddr;
nskb->nh.iph->daddr = tmp_addr;
tmp_port = tcph->source;
tcph->source = tcph->dest;
tcph->dest = tmp_port;
/* Truncate to length (no data) */
tcph->doff = sizeof(struct tcphdr)/4;
skb_trim(nskb, nskb->nh.iph->ihl*4 + sizeof(struct tcphdr));
nskb->nh.iph->tot_len = htons(nskb->len);
if (tcph->ack) {
needs_ack = 0;
tcph->seq = oth->ack_seq;
tcph->ack_seq = 0;
} else {
needs_ack = 1;
tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn + oth->fin
+ oldskb->len - oldskb->nh.iph->ihl*4
- (oth->doff<<2));
tcph->seq = 0;
}
/* Reset flags */
((u_int8_t *)tcph)[13] = 0;
tcph->rst = 1;
tcph->ack = needs_ack;
tcph->window = 0;
tcph->urg_ptr = 0;
/* Adjust TCP checksum */
tcph->check = 0;
tcph->check = tcp_v4_check(tcph, sizeof(struct tcphdr),
nskb->nh.iph->saddr,
nskb->nh.iph->daddr,
csum_partial((char *)tcph,
sizeof(struct tcphdr), 0));
/* Set DF, id = 0 */
nskb->nh.iph->frag_off = htons(IP_DF);
nskb->nh.iph->id = 0;
addr_type = RTN_UNSPEC;
if (hook != NF_IP_FORWARD
#ifdef CONFIG_BRIDGE_NETFILTER
|| (nskb->nf_bridge && nskb->nf_bridge->mask & BRNF_BRIDGED)
#endif
)
addr_type = RTN_LOCAL;
if (ip_route_me_harder(&nskb, addr_type))
goto free_nskb;
nskb->ip_summed = CHECKSUM_NONE;
/* Adjust IP TTL */
nskb->nh.iph->ttl = dst_metric(nskb->dst, RTAX_HOPLIMIT);
/* Adjust IP checksum */
nskb->nh.iph->check = 0;
nskb->nh.iph->check = ip_fast_csum((unsigned char *)nskb->nh.iph,
nskb->nh.iph->ihl);
/* "Never happens" */
if (nskb->len > dst_mtu(nskb->dst))
goto free_nskb;
nf_ct_attach(nskb, oldskb);
NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, nskb, NULL, nskb->dst->dev,
dst_output);
return;
free_nskb:
kfree_skb(nskb);
}
/* Send RST reply */
static void send_reset(struct vrf *vrf, u32 litevrf_id, struct sk_buff *oldskb)
{
struct sk_buff *nskb;
struct tcphdr otcph, *tcph;
unsigned int otcplen, hh_len;
int tcphoff, needs_ack;
struct ipv6hdr *oip6h = oldskb->nh.ipv6h, *ip6h;
struct dst_entry *dst = NULL;
u8 proto;
struct flowi fl;
if ((!(ipv6_addr_type(&oip6h->saddr) & IPV6_ADDR_UNICAST)) ||
(!(ipv6_addr_type(&oip6h->daddr) & IPV6_ADDR_UNICAST))) {
DEBUGP("ip6t_REJECT: addr is not unicast.\n");
return;
}
proto = oip6h->nexthdr;
tcphoff = ipv6_skip_exthdr(oldskb, ((u8*)(oip6h+1) - oldskb->data), &proto);
if ((tcphoff < 0) || (tcphoff > oldskb->len)) {
DEBUGP("ip6t_REJECT: Can't get TCP header.\n");
return;
}
otcplen = oldskb->len - tcphoff;
/* IP header checks: fragment, too short. */
if ((proto != IPPROTO_TCP) || (otcplen < sizeof(struct tcphdr))) {
DEBUGP("ip6t_REJECT: proto(%d) != IPPROTO_TCP, or too short. otcplen = %d\n",
proto, otcplen);
return;
}
if (skb_copy_bits(oldskb, tcphoff, &otcph, sizeof(struct tcphdr)))
BUG();
/* No RST for RST. */
if (otcph.rst) {
DEBUGP("ip6t_REJECT: RST is set\n");
return;
}
/* Check checksum. */
if (csum_ipv6_magic(&oip6h->saddr, &oip6h->daddr, otcplen, IPPROTO_TCP,
skb_checksum(oldskb, tcphoff, otcplen, 0))) {
DEBUGP("ip6t_REJECT: TCP checksum is invalid\n");
return;
}
memset(&fl, 0, sizeof(fl));
fl.proto = IPPROTO_TCP;
ipv6_addr_copy(&fl.fl6_src, &oip6h->daddr);
ipv6_addr_copy(&fl.fl6_dst, &oip6h->saddr);
fl.fl_ip_sport = otcph.dest;
fl.fl_ip_dport = otcph.source;
security_skb_classify_flow(oldskb, &fl);
dst = ip6_route_output(vrf, litevrf_id, NULL, &fl);
if (dst == NULL)
return;
if (dst->error || xfrm_lookup(&dst, &fl, NULL, 0))
return;
hh_len = (dst->dev->hard_header_len + 15)&~15;
nskb = alloc_skb(hh_len + 15 + dst->header_len + sizeof(struct ipv6hdr)
+ sizeof(struct tcphdr) + dst->trailer_len,
GFP_ATOMIC);
if (!nskb) {
if (net_ratelimit())
printk("ip6t_REJECT: Can't alloc skb\n");
dst_release(dst);
return;
}
nskb->dst = dst;
skb_reserve(nskb, hh_len + dst->header_len);
ip6h = nskb->nh.ipv6h = (struct ipv6hdr *)
skb_put(nskb, sizeof(struct ipv6hdr));
ip6h->version = 6;
ip6h->hop_limit = dst_metric(dst, RTAX_HOPLIMIT);
ip6h->nexthdr = IPPROTO_TCP;
ip6h->payload_len = htons(sizeof(struct tcphdr));
ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr);
ipv6_addr_copy(&ip6h->daddr, &oip6h->saddr);
tcph = (struct tcphdr *)skb_put(nskb, sizeof(struct tcphdr));
/* Truncate to length (no data) */
tcph->doff = sizeof(struct tcphdr)/4;
tcph->source = otcph.dest;
tcph->dest = otcph.source;
if (otcph.ack) {
needs_ack = 0;
tcph->seq = otcph.ack_seq;
tcph->ack_seq = 0;
} else {
needs_ack = 1;
tcph->ack_seq = htonl(ntohl(otcph.seq) + otcph.syn + otcph.fin
+ otcplen - (otcph.doff<<2));
tcph->seq = 0;
}
/* Reset flags */
((u_int8_t *)tcph)[13] = 0;
tcph->rst = 1;
tcph->ack = needs_ack;
tcph->window = 0;
tcph->urg_ptr = 0;
tcph->check = 0;
/* Adjust TCP checksum */
tcph->check = csum_ipv6_magic(&nskb->nh.ipv6h->saddr,
&nskb->nh.ipv6h->daddr,
sizeof(struct tcphdr), IPPROTO_TCP,
csum_partial((char *)tcph,
sizeof(struct tcphdr), 0));
nf_ct_attach(nskb, oldskb);
NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, nskb, NULL, nskb->dst->dev,
dst_output);
}
/* Send RST reply */
static void send_reset(struct net *net, struct sk_buff *oldskb)
{
struct sk_buff *nskb;
struct tcphdr otcph, *tcph;
unsigned int otcplen, hh_len;
int tcphoff, needs_ack;
const struct ipv6hdr *oip6h = ipv6_hdr(oldskb);
struct ipv6hdr *ip6h;
#define DEFAULT_TOS_VALUE 0x0U
const __u8 tclass = DEFAULT_TOS_VALUE;
struct dst_entry *dst = NULL;
u8 proto;
struct flowi fl;
if ((!(ipv6_addr_type(&oip6h->saddr) & IPV6_ADDR_UNICAST)) ||
(!(ipv6_addr_type(&oip6h->daddr) & IPV6_ADDR_UNICAST))) {
pr_debug("addr is not unicast.\n");
return;
}
proto = oip6h->nexthdr;
tcphoff = ipv6_skip_exthdr(oldskb, ((u8*)(oip6h+1) - oldskb->data), &proto);
if ((tcphoff < 0) || (tcphoff > oldskb->len)) {
pr_debug("Cannot get TCP header.\n");
return;
}
otcplen = oldskb->len - tcphoff;
/* IP header checks: fragment, too short. */
if (proto != IPPROTO_TCP || otcplen < sizeof(struct tcphdr)) {
pr_debug("proto(%d) != IPPROTO_TCP, "
"or too short. otcplen = %d\n",
proto, otcplen);
return;
}
if (skb_copy_bits(oldskb, tcphoff, &otcph, sizeof(struct tcphdr)))
BUG();
/* No RST for RST. */
if (otcph.rst) {
pr_debug("RST is set\n");
return;
}
/* Check checksum. */
if (csum_ipv6_magic(&oip6h->saddr, &oip6h->daddr, otcplen, IPPROTO_TCP,
skb_checksum(oldskb, tcphoff, otcplen, 0))) {
pr_debug("TCP checksum is invalid\n");
return;
}
memset(&fl, 0, sizeof(fl));
fl.proto = IPPROTO_TCP;
ipv6_addr_copy(&fl.fl6_src, &oip6h->daddr);
ipv6_addr_copy(&fl.fl6_dst, &oip6h->saddr);
fl.fl_ip_sport = otcph.dest;
fl.fl_ip_dport = otcph.source;
security_skb_classify_flow(oldskb, &fl);
dst = ip6_route_output(net, NULL, &fl);
if (dst == NULL || dst->error) {
dst_release(dst);
return;
}
if (xfrm_lookup(net, &dst, &fl, NULL, 0))
return;
hh_len = (dst->dev->hard_header_len + 15)&~15;
nskb = alloc_skb(hh_len + 15 + dst->header_len + sizeof(struct ipv6hdr)
+ sizeof(struct tcphdr) + dst->trailer_len,
GFP_ATOMIC);
if (!nskb) {
if (net_ratelimit())
pr_debug("cannot alloc skb\n");
dst_release(dst);
return;
}
skb_dst_set(nskb, dst);
skb_reserve(nskb, hh_len + dst->header_len);
skb_put(nskb, sizeof(struct ipv6hdr));
skb_reset_network_header(nskb);
ip6h = ipv6_hdr(nskb);
*(__be32 *)ip6h = htonl(0x60000000 | (tclass << 20));
ip6h->hop_limit = dst_metric(dst, RTAX_HOPLIMIT);
ip6h->nexthdr = IPPROTO_TCP;
ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr);
ipv6_addr_copy(&ip6h->daddr, &oip6h->saddr);
tcph = (struct tcphdr *)skb_put(nskb, sizeof(struct tcphdr));
/* Truncate to length (no data) */
tcph->doff = sizeof(struct tcphdr)/4;
tcph->source = otcph.dest;
tcph->dest = otcph.source;
if (otcph.ack) {
needs_ack = 0;
tcph->seq = otcph.ack_seq;
tcph->ack_seq = 0;
} else {
needs_ack = 1;
tcph->ack_seq = htonl(ntohl(otcph.seq) + otcph.syn + otcph.fin
+ otcplen - (otcph.doff<<2));
tcph->seq = 0;
}
/* Reset flags */
((u_int8_t *)tcph)[13] = 0;
tcph->rst = 1;
tcph->ack = needs_ack;
tcph->window = 0;
tcph->urg_ptr = 0;
tcph->check = 0;
/* Adjust TCP checksum */
tcph->check = csum_ipv6_magic(&ipv6_hdr(nskb)->saddr,
&ipv6_hdr(nskb)->daddr,
sizeof(struct tcphdr), IPPROTO_TCP,
csum_partial(tcph,
sizeof(struct tcphdr), 0));
nf_ct_attach(nskb, oldskb);
ip6_local_out(nskb);
}
/* Send RST reply */
static void send_reset(struct sk_buff *oldskb, int hook)
{
struct sk_buff *nskb;
struct iphdr *iph = oldskb->nh.iph;
struct tcphdr _otcph, *oth, *tcph;
struct rtable *rt;
u_int16_t tmp_port;
u_int32_t tmp_addr;
unsigned int tcplen;
int needs_ack;
int hh_len;
/* IP header checks: fragment. */
if (oldskb->nh.iph->frag_off & htons(IP_OFFSET))
return;
oth = skb_header_pointer(oldskb, oldskb->nh.iph->ihl * 4,
sizeof(_otcph), &_otcph);
if (oth == NULL)
return;
/* No RST for RST. */
if (oth->rst)
return;
/* Check checksum */
tcplen = oldskb->len - iph->ihl * 4;
if (((hook != NF_IP_LOCAL_IN && oldskb->ip_summed != CHECKSUM_HW) ||
(hook == NF_IP_LOCAL_IN &&
oldskb->ip_summed != CHECKSUM_UNNECESSARY)) &&
csum_tcpudp_magic(iph->saddr, iph->daddr, tcplen, IPPROTO_TCP,
oldskb->ip_summed == CHECKSUM_HW ? oldskb->csum :
skb_checksum(oldskb, iph->ihl * 4, tcplen, 0)))
return;
if ((rt = route_reverse(oldskb, oth, hook)) == NULL)
return;
hh_len = LL_RESERVED_SPACE(rt->u.dst.dev);
/* We need a linear, writeable skb. We also need to expand
headroom in case hh_len of incoming interface < hh_len of
outgoing interface */
nskb = skb_copy_expand(oldskb, hh_len, skb_tailroom(oldskb),
GFP_ATOMIC);
if (!nskb) {
dst_release(&rt->u.dst);
return;
}
dst_release(nskb->dst);
nskb->dst = &rt->u.dst;
/* This packet will not be the same as the other: clear nf fields */
nf_reset(nskb);
nskb->nfmark = 0;
#ifdef CONFIG_BRIDGE_NETFILTER
nf_bridge_put(nskb->nf_bridge);
nskb->nf_bridge = NULL;
#endif
tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl);
/* Swap source and dest */
tmp_addr = nskb->nh.iph->saddr;
nskb->nh.iph->saddr = nskb->nh.iph->daddr;
nskb->nh.iph->daddr = tmp_addr;
tmp_port = tcph->source;
tcph->source = tcph->dest;
tcph->dest = tmp_port;
/* Truncate to length (no data) */
tcph->doff = sizeof(struct tcphdr)/4;
skb_trim(nskb, nskb->nh.iph->ihl*4 + sizeof(struct tcphdr));
nskb->nh.iph->tot_len = htons(nskb->len);
if (tcph->ack) {
needs_ack = 0;
tcph->seq = oth->ack_seq;
tcph->ack_seq = 0;
} else {
needs_ack = 1;
tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn + oth->fin
+ oldskb->len - oldskb->nh.iph->ihl*4
- (oth->doff<<2));
tcph->seq = 0;
}
/* Reset flags */
((u_int8_t *)tcph)[13] = 0;
tcph->rst = 1;
tcph->ack = needs_ack;
tcph->window = 0;
tcph->urg_ptr = 0;
/* Adjust TCP checksum */
tcph->check = 0;
tcph->check = tcp_v4_check(tcph, sizeof(struct tcphdr),
nskb->nh.iph->saddr,
nskb->nh.iph->daddr,
csum_partial((char *)tcph,
sizeof(struct tcphdr), 0));
/* Adjust IP TTL, DF */
nskb->nh.iph->ttl = dst_metric(nskb->dst, RTAX_HOPLIMIT);
/* Set DF, id = 0 */
nskb->nh.iph->frag_off = htons(IP_DF);
nskb->nh.iph->id = 0;
/* Adjust IP checksum */
nskb->nh.iph->check = 0;
nskb->nh.iph->check = ip_fast_csum((unsigned char *)nskb->nh.iph,
nskb->nh.iph->ihl);
/* "Never happens" */
if (nskb->len > dst_mtu(nskb->dst))
goto free_nskb;
nf_ct_attach(nskb, oldskb);
NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, nskb, NULL, nskb->dst->dev,
dst_output);
return;
free_nskb:
kfree_skb(nskb);
}
