svn commit: r186779 - user/piso/sys/netinet/libalias
Paolo Pisati
piso at FreeBSD.org
Mon Jan 5 06:48:43 PST 2009
Author: piso
Date: Mon Jan 5 14:48:43 2009
New Revision: 186779
URL: http://svn.freebsd.org/changeset/base/186779
Log:
BSD indent a bit the code.
Modified:
user/piso/sys/netinet/libalias/alias_sctp.c
user/piso/sys/netinet/libalias/alias_sctp.h
Modified: user/piso/sys/netinet/libalias/alias_sctp.c
==============================================================================
--- user/piso/sys/netinet/libalias/alias_sctp.c Mon Jan 5 14:46:46 2009 (r186778)
+++ user/piso/sys/netinet/libalias/alias_sctp.c Mon Jan 5 14:48:43 2009 (r186779)
@@ -99,9 +99,9 @@
*/
/* Packet Parsing Functions */
static int sctp_PktParser(struct libalias *la, int direction, struct ip *pip,
- struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc);
+ struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc);
static int GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm,
- uint32_t *l_vtag, uint32_t *g_vtag, int direction);
+ uint32_t *l_vtag, uint32_t *g_vtag, int direction);
static int IsASCONFack(struct libalias *la, struct sctp_nat_msg *sm, int direction);
static void AddGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int direction);
@@ -111,20 +111,20 @@ static int IsADDorDEL(struct libalias *l
/* State Machine Functions */
static int ProcessSctpMsg(struct libalias *la, int direction, \
- struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc);
+ struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc);
static int ID_process(struct libalias *la, int direction,\
- struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
+ struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
static int INi_process(struct libalias *la, int direction,\
- struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
+ struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
static int INa_process(struct libalias *la, int direction,\
- struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
+ struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
static int UP_process(struct libalias *la, int direction,\
- struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
+ struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
static int CL_process(struct libalias *la, int direction,\
- struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
+ struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm);
static void TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm,\
- struct sctp_nat_assoc *assoc, int sndrply, int direction);
+ struct sctp_nat_assoc *assoc, int sndrply, int direction);
/* Hash Table Functions */
static struct sctp_nat_assoc*
@@ -340,9 +340,9 @@ static u_int sysctl_holddown_timer = 0;
static u_int sysctl_hashtable_size = SN_DEFAULT_HASH_SIZE; /**< Sets the hash table size for any NEW NAT instances (existing instances retain their existing Hash Table */
/** @brief net.inet.ip.alias.sctp.error_on_ootb */
static u_int sysctl_error_on_ootb = 1; /**< NAT response to receipt of OOTB packet
- (0 - No response, 1 - NAT will send ErrorM only to local side,
- 2 - NAT will send local ErrorM and global ErrorM if there was a partial association match
- 3 - NAT will send ErrorM to both local and global) */
+ (0 - No response, 1 - NAT will send ErrorM only to local side,
+ 2 - NAT will send local ErrorM and global ErrorM if there was a partial association match
+ 3 - NAT will send ErrorM to both local and global) */
/** @brief net.inet.ip.alias.sctp.accept_global_ootb_addip */
static u_int sysctl_accept_global_ootb_addip = 0; /**<NAT responset to receipt of global OOTB AddIP (0 - No response, 1 - NAT will accept OOTB global AddIP messages for processing (Security risk)) */
/** @brief net.inet.ip.alias.sctp.initialising_chunk_proc_limit */
@@ -353,7 +353,7 @@ static u_int sysctl_chunk_proc_limit = 5
static u_int sysctl_param_proc_limit = 25; /**< A limit on the number of parameters (in chunks) that should be searched (DoS prevention) */
/** @brief net.inet.ip.alias.sctp.track_global_addresses */
static u_int sysctl_track_global_addresses = 0; /**< Configures the global address tracking option within the NAT (0 - Global tracking is disabled, > 0 - enables tracking but limits the number of global IP addresses to this value)
- If set to >=1 the NAT will track that many global IP addresses. This may reduce look up table conflicts, but increases processing */
+ If set to >=1 the NAT will track that many global IP addresses. This may reduce look up table conflicts, but increases processing */
#define SN_NO_ERROR_ON_OOTB 0 /**< Send no errorM on out of the blue packets */
#define SN_LOCAL_ERROR_ON_OOTB 1 /**< Send only local errorM on out of the blue packets */
@@ -369,41 +369,41 @@ SYSCTL_DECL(_net_inet_ip_alias);
SYSCTL_NODE(_net_inet_ip_alias, OID_AUTO, sctp, CTLFLAG_RW, NULL, "SCTP NAT");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, log_level, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_log_level, 0, sysctl_chg_loglevel, "IU",
- "Level of detail (0 - default, 1 - event, 2 - info, 3 - detail, 4 - debug, 5 - max debug)");
+ &sysctl_log_level, 0, sysctl_chg_loglevel, "IU",
+ "Level of detail (0 - default, 1 - event, 2 - info, 3 - detail, 4 - debug, 5 - max debug)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, init_timer, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_init_timer, 0, sysctl_chg_timer, "IU",
- "Timeout value (s) while waiting for (INIT-ACK|AddIP-ACK)");
+ &sysctl_init_timer, 0, sysctl_chg_timer, "IU",
+ "Timeout value (s) while waiting for (INIT-ACK|AddIP-ACK)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, up_timer, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_up_timer, 0, sysctl_chg_timer, "IU",
- "Timeout value (s) to keep an association up with no traffic");
+ &sysctl_up_timer, 0, sysctl_chg_timer, "IU",
+ "Timeout value (s) to keep an association up with no traffic");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, shutdown_timer, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_shutdown_timer, 0, sysctl_chg_timer, "IU",
- "Timeout value (s) while waiting for SHUTDOWN-COMPLETE");
+ &sysctl_shutdown_timer, 0, sysctl_chg_timer, "IU",
+ "Timeout value (s) while waiting for SHUTDOWN-COMPLETE");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, holddown_timer, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_holddown_timer, 0, sysctl_chg_timer, "IU",
- "Hold association in table for this many seconds after receiving a SHUTDOWN-COMPLETE");
+ &sysctl_holddown_timer, 0, sysctl_chg_timer, "IU",
+ "Hold association in table for this many seconds after receiving a SHUTDOWN-COMPLETE");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, hashtable_size, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_hashtable_size, 0, sysctl_chg_hashtable_size, "IU",
- "Size of hash tables used for NAT lookups (100 < prime_number > 1000001)");
+ &sysctl_hashtable_size, 0, sysctl_chg_hashtable_size, "IU",
+ "Size of hash tables used for NAT lookups (100 < prime_number > 1000001)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, error_on_ootb, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_error_on_ootb, 0, sysctl_chg_error_on_ootb, "IU",
- "ErrorM sent on receipt of ootb packet:\n\t0 - none,\n\t1 - to local only,\n\t2 - to local and global if a partial association match,\n\t3 - to local and global (DoS risk)");
+ &sysctl_error_on_ootb, 0, sysctl_chg_error_on_ootb, "IU",
+ "ErrorM sent on receipt of ootb packet:\n\t0 - none,\n\t1 - to local only,\n\t2 - to local and global if a partial association match,\n\t3 - to local and global (DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, accept_global_ootb_addip, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_accept_global_ootb_addip, 0, sysctl_chg_accept_global_ootb_addip, "IU",
- "NAT response to receipt of global OOTB AddIP:\n\t0 - No response,\n\t1 - NAT will accept OOTB global AddIP messages for processing (Security risk)");
+ &sysctl_accept_global_ootb_addip, 0, sysctl_chg_accept_global_ootb_addip, "IU",
+ "NAT response to receipt of global OOTB AddIP:\n\t0 - No response,\n\t1 - NAT will accept OOTB global AddIP messages for processing (Security risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, initialising_chunk_proc_limit, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_initialising_chunk_proc_limit, 0, sysctl_chg_initialising_chunk_proc_limit, "IU",
- "Number of chunks that should be processed if there is no current association found:\n\t > 0 (A high value is a DoS risk)");
+ &sysctl_initialising_chunk_proc_limit, 0, sysctl_chg_initialising_chunk_proc_limit, "IU",
+ "Number of chunks that should be processed if there is no current association found:\n\t > 0 (A high value is a DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, chunk_proc_limit, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_chunk_proc_limit, 0, sysctl_chg_chunk_proc_limit, "IU",
- "Number of chunks that should be processed to find key chunk:\n\t>= initialising_chunk_proc_limit (A high value is a DoS risk)");
+ &sysctl_chunk_proc_limit, 0, sysctl_chg_chunk_proc_limit, "IU",
+ "Number of chunks that should be processed to find key chunk:\n\t>= initialising_chunk_proc_limit (A high value is a DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, param_proc_limit, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_param_proc_limit, 0, sysctl_chg_param_proc_limit, "IU",
- "Number of parameters (in a chunk) that should be processed to find key parameters:\n\t> 1 (A high value is a DoS risk)");
+ &sysctl_param_proc_limit, 0, sysctl_chg_param_proc_limit, "IU",
+ "Number of parameters (in a chunk) that should be processed to find key parameters:\n\t> 1 (A high value is a DoS risk)");
SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, track_global_addresses, CTLTYPE_UINT | CTLFLAG_RW,
- &sysctl_track_global_addresses, 0, sysctl_chg_track_global_addresses, "IU",
- "Configures the global address tracking option within the NAT:\n\t0 - Global tracking is disabled,\n\t> 0 - enables tracking but limits the number of global IP addresses to this value");
+ &sysctl_track_global_addresses, 0, sysctl_chg_track_global_addresses, "IU",
+ "Configures the global address tracking option within the NAT:\n\t0 - Global tracking is disabled,\n\t> 0 - enables tracking but limits the number of global IP addresses to this value");
#endif /* SYSCTL_NODE */
@@ -416,16 +416,16 @@ SYSCTL_PROC(_net_inet_ip_alias_sctp, OID
*/
int sysctl_chg_loglevel(SYSCTL_HANDLER_ARGS)
{
- u_int level = *(u_int *)arg1;
- int error;
+ u_int level = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &level, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &level, 0, req);
+ if (error) return (error);
- sysctl_log_level = (level > SN_LOG_DEBUG_MAX)?(SN_LOG_DEBUG_MAX):(level);
- sysctl_log_level = (level < SN_LOG_LOW)?(SN_LOG_LOW):(level);
+ sysctl_log_level = (level > SN_LOG_DEBUG_MAX)?(SN_LOG_DEBUG_MAX):(level);
+ sysctl_log_level = (level < SN_LOG_LOW)?(SN_LOG_LOW):(level);
- return (0);
+ return (0);
}
/** @ingroup sysctl
@@ -437,22 +437,22 @@ int sysctl_chg_loglevel(SYSCTL_HANDLER_A
*/
int sysctl_chg_timer(SYSCTL_HANDLER_ARGS)
{
- u_int timer = *(u_int *)arg1;
- int error;
+ u_int timer = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &timer, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &timer, 0, req);
+ if (error) return (error);
- timer = (timer > SN_MAX_TIMER)?(SN_MAX_TIMER):(timer);
+ timer = (timer > SN_MAX_TIMER)?(SN_MAX_TIMER):(timer);
- if (((u_int *)arg1) != &sysctl_holddown_timer)
- {
- timer = (timer < SN_MIN_TIMER)?(SN_MIN_TIMER):(timer);
- }
+ if (((u_int *)arg1) != &sysctl_holddown_timer)
+ {
+ timer = (timer < SN_MIN_TIMER)?(SN_MIN_TIMER):(timer);
+ }
- *(u_int *)arg1 = timer;
+ *(u_int *)arg1 = timer;
- return (0);
+ return (0);
}
/** @ingroup sysctl
@@ -466,20 +466,20 @@ int sysctl_chg_timer(SYSCTL_HANDLER_ARGS
*/
int sysctl_chg_hashtable_size(SYSCTL_HANDLER_ARGS)
{
- u_int size = *(u_int *)arg1;
- int error;
+ u_int size = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &size, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &size, 0, req);
+ if (error) return (error);
- size = (size < SN_MIN_HASH_SIZE)?(SN_MIN_HASH_SIZE):((size > SN_MAX_HASH_SIZE)?(SN_MAX_HASH_SIZE):(size));
+ size = (size < SN_MIN_HASH_SIZE)?(SN_MIN_HASH_SIZE):((size > SN_MAX_HASH_SIZE)?(SN_MAX_HASH_SIZE):(size));
- size |= 0x00000001; /* make odd */
+ size |= 0x00000001; /* make odd */
- for(;(((size % 3) == 0) || ((size % 5) == 0) || ((size % 7) == 0) || ((size % 11) == 0)); size+=2);
- sysctl_hashtable_size = size;
+ for(;(((size % 3) == 0) || ((size % 5) == 0) || ((size % 7) == 0) || ((size % 11) == 0)); size+=2);
+ sysctl_hashtable_size = size;
- return (0);
+ return (0);
}
/** @ingroup sysctl
@@ -494,15 +494,15 @@ int sysctl_chg_hashtable_size(SYSCTL_HAN
*/
int sysctl_chg_error_on_ootb(SYSCTL_HANDLER_ARGS)
{
- u_int flag = *(u_int *)arg1;
- int error;
+ u_int flag = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &flag, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &flag, 0, req);
+ if (error) return (error);
- sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag;
+ sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag;
- return (0);
+ return (0);
}
/** @ingroup sysctl
@@ -513,15 +513,15 @@ int sysctl_chg_error_on_ootb(SYSCTL_HAND
*/
int sysctl_chg_accept_global_ootb_addip(SYSCTL_HANDLER_ARGS)
{
- u_int flag = *(u_int *)arg1;
- int error;
+ u_int flag = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &flag, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &flag, 0, req);
+ if (error) return (error);
- sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0;
+ sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0;
- return (0);
+ return (0);
}
/** @ingroup sysctl
@@ -533,17 +533,17 @@ int sysctl_chg_accept_global_ootb_addip(
*/
int sysctl_chg_initialising_chunk_proc_limit(SYSCTL_HANDLER_ARGS)
{
- u_int proclimit = *(u_int *)arg1;
- int error;
+ u_int proclimit = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &proclimit, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &proclimit, 0, req);
+ if (error) return (error);
- sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit;
- sysctl_chunk_proc_limit =
- (sysctl_chunk_proc_limit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : sysctl_chunk_proc_limit;
+ sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit;
+ sysctl_chunk_proc_limit =
+ (sysctl_chunk_proc_limit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : sysctl_chunk_proc_limit;
- return (0);
+ return (0);
}
/** @ingroup sysctl
@@ -555,16 +555,16 @@ int sysctl_chg_initialising_chunk_proc_l
*/
int sysctl_chg_chunk_proc_limit(SYSCTL_HANDLER_ARGS)
{
- u_int proclimit = *(u_int *)arg1;
- int error;
+ u_int proclimit = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &proclimit, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &proclimit, 0, req);
+ if (error) return (error);
- sysctl_chunk_proc_limit =
- (proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit;
+ sysctl_chunk_proc_limit =
+ (proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit;
- return (0);
+ return (0);
}
@@ -577,16 +577,16 @@ int sysctl_chg_chunk_proc_limit(SYSCTL_H
*/
int sysctl_chg_param_proc_limit(SYSCTL_HANDLER_ARGS)
{
- u_int proclimit = *(u_int *)arg1;
- int error;
+ u_int proclimit = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &proclimit, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &proclimit, 0, req);
+ if (error) return (error);
- sysctl_param_proc_limit =
- (proclimit < 2) ? 2 : proclimit;
+ sysctl_param_proc_limit =
+ (proclimit < 2) ? 2 : proclimit;
- return (0);
+ return (0);
}
/** @ingroup sysctl
@@ -598,15 +598,15 @@ int sysctl_chg_param_proc_limit(SYSCTL_H
*/
int sysctl_chg_track_global_addresses(SYSCTL_HANDLER_ARGS)
{
- u_int num_to_track = *(u_int *)arg1;
- int error;
+ u_int num_to_track = *(u_int *)arg1;
+ int error;
- error = sysctl_handle_int(oidp, &num_to_track, 0, req);
- if (error) return (error);
+ error = sysctl_handle_int(oidp, &num_to_track, 0, req);
+ if (error) return (error);
- sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track;
+ sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track;
- return (0);
+ return (0);
}
@@ -624,30 +624,30 @@ int sysctl_chg_track_global_addresses(SY
*/
void AliasSctpInit(struct libalias *la)
{
- /* Initialise association tables*/
- int i;
- la->sctpNatTableSize = sysctl_hashtable_size;
- SN_LOG(SN_LOG_EVENT,
- SctpAliasLog("Initialising SCTP NAT Instance (hash_table_size:%d)\n", la->sctpNatTableSize));
- la->sctpTableLocal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableL));
- la->sctpTableGlobal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableG));
- la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct sctpTimerQ));
- /* Initialise hash table */
- for (i = 0; i < la->sctpNatTableSize; i++) {
- LIST_INIT(&la->sctpTableLocal[i]);
- LIST_INIT(&la->sctpTableGlobal[i]);
- }
-
- /* Initialise circular timer Q*/
- for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++)
- LIST_INIT(&la->sctpNatTimer.TimerQ[i]);
+ /* Initialise association tables*/
+ int i;
+ la->sctpNatTableSize = sysctl_hashtable_size;
+ SN_LOG(SN_LOG_EVENT,
+ SctpAliasLog("Initialising SCTP NAT Instance (hash_table_size:%d)\n", la->sctpNatTableSize));
+ la->sctpTableLocal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableL));
+ la->sctpTableGlobal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableG));
+ la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct sctpTimerQ));
+ /* Initialise hash table */
+ for (i = 0; i < la->sctpNatTableSize; i++) {
+ LIST_INIT(&la->sctpTableLocal[i]);
+ LIST_INIT(&la->sctpTableGlobal[i]);
+ }
+
+ /* Initialise circular timer Q*/
+ for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++)
+ LIST_INIT(&la->sctpNatTimer.TimerQ[i]);
#ifdef _KERNEL
- la->sctpNatTimer.loc_time=time_uptime; /* la->timeStamp is not set yet */
+ la->sctpNatTimer.loc_time=time_uptime; /* la->timeStamp is not set yet */
#else
- la->sctpNatTimer.loc_time=la->timeStamp;
+ la->sctpNatTimer.loc_time=la->timeStamp;
#endif
- la->sctpNatTimer.cur_loc = 0;
- la->sctpLinkCount = 0;
+ la->sctpNatTimer.cur_loc = 0;
+ la->sctpLinkCount = 0;
}
/**
@@ -664,25 +664,25 @@ void AliasSctpInit(struct libalias *la)
*/
void AliasSctpTerm(struct libalias *la)
{
- struct sctp_nat_assoc *assoc1, *assoc2;
- int i;
+ struct sctp_nat_assoc *assoc1, *assoc2;
+ int i;
+
+ LIBALIAS_LOCK_ASSERT(la);
+ SN_LOG(SN_LOG_EVENT,
+ SctpAliasLog("Removing SCTP NAT Instance\n"));
+ for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) {
+ assoc1 = LIST_FIRST(&la->sctpNatTimer.TimerQ[i]);
+ while (assoc1 != NULL) {
+ freeGlobalAddressList(assoc1);
+ assoc2 = LIST_NEXT(assoc1, timer_Q);
+ sn_free(assoc1);
+ assoc1 = assoc2;
+ }
+ }
- LIBALIAS_LOCK_ASSERT(la);
- SN_LOG(SN_LOG_EVENT,
- SctpAliasLog("Removing SCTP NAT Instance\n"));
- for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) {
- assoc1 = LIST_FIRST(&la->sctpNatTimer.TimerQ[i]);
- while (assoc1 != NULL) {
- freeGlobalAddressList(assoc1);
- assoc2 = LIST_NEXT(assoc1, timer_Q);
- sn_free(assoc1);
- assoc1 = assoc2;
- }
- }
-
- sn_free(la->sctpTableLocal);
- sn_free(la->sctpTableGlobal);
- sn_free(la->sctpNatTimer.TimerQ);
+ sn_free(la->sctpTableLocal);
+ sn_free(la->sctpTableGlobal);
+ sn_free(la->sctpNatTimer.TimerQ);
}
/**
@@ -711,122 +711,122 @@ void AliasSctpTerm(struct libalias *la)
int
SctpAlias(struct libalias *la, struct ip *pip, int direction)
{
- int rtnval;
- struct sctp_nat_msg msg;
- struct sctp_nat_assoc *assoc = NULL;
-
- if ((direction != SN_TO_LOCAL) && (direction != SN_TO_GLOBAL)) {
- SctpAliasLog("ERROR: Invalid direction\n");
- return(PKT_ALIAS_ERROR);
- }
-
- sctp_CheckTimers(la); /* Check timers */
-
- /* Parse the packet */
- rtnval = sctp_PktParser(la, direction, pip, &msg, &assoc); //using *char (change to mbuf when get code from paolo)
- switch (rtnval) {
- case SN_PARSE_OK:
- break;
- case SN_PARSE_ERROR_CHHL:
- /* Not an error if there is a chunk length parsing error and this is a fragmented packet */
- if (ntohs(pip->ip_off) & IP_MF) {
- rtnval = SN_PARSE_OK;
- break;
- }
- SN_LOG(SN_LOG_EVENT,
- logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
- return(PKT_ALIAS_ERROR);
- case SN_PARSE_ERROR_PARTIALLOOKUP:
- if (sysctl_error_on_ootb > SN_LOCALandPARTIAL_ERROR_ON_OOTB) {
- SN_LOG(SN_LOG_EVENT,
- logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
- return(PKT_ALIAS_ERROR);
- }
- case SN_PARSE_ERROR_LOOKUP:
- if (sysctl_error_on_ootb == SN_ERROR_ON_OOTB ||
- (sysctl_error_on_ootb == SN_LOCALandPARTIAL_ERROR_ON_OOTB && direction == SN_TO_LOCAL) ||
- (sysctl_error_on_ootb == SN_LOCAL_ERROR_ON_OOTB && direction == SN_TO_GLOBAL)) {
- TxAbortErrorM(la, &msg, assoc, SN_REFLECT_ERROR, direction); /*NB assoc=NULL */
- return(PKT_ALIAS_RESPOND);
- }
- default:
- SN_LOG(SN_LOG_EVENT,
- logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
- return(PKT_ALIAS_ERROR);
- }
-
- SN_LOG(SN_LOG_DETAIL,
- logsctpassoc(assoc, "*");
- logsctpparse(direction, &msg);
- );
-
- /* Process the SCTP message */
- rtnval = ProcessSctpMsg(la, direction, &msg, assoc);
-
- SN_LOG(SN_LOG_DEBUG_MAX,
- logsctpassoc(assoc, "-");
- logSctpLocal(la);
- logSctpGlobal(la);
- );
- SN_LOG(SN_LOG_DEBUG, logTimerQ(la));
-
- switch(rtnval){
- case SN_NAT_PKT:
- switch(direction) {
- case SN_TO_LOCAL:
- DifferentialChecksum(&(msg.ip_hdr->ip_sum),
- &(assoc->l_addr), &(msg.ip_hdr->ip_dst), 2);
- msg.ip_hdr->ip_dst = assoc->l_addr; /* change dst address to local address*/
- break;
- case SN_TO_GLOBAL:
- DifferentialChecksum(&(msg.ip_hdr->ip_sum),
- &(assoc->a_addr), &(msg.ip_hdr->ip_src), 2);
- msg.ip_hdr->ip_src = assoc->a_addr; /* change src to alias addr*/
- break;
- default:
- rtnval = SN_DROP_PKT; /* shouldn't get here, but if it does drop packet */
- SN_LOG(SN_LOG_LOW, logsctperror("ERROR: Invalid direction", msg.sctp_hdr->v_tag, rtnval, direction));
- break;
- }
- break;
- case SN_DROP_PKT:
- SN_LOG(SN_LOG_DETAIL, logsctperror("SN_DROP_PKT", msg.sctp_hdr->v_tag, rtnval, direction));
- break;
- case SN_REPLY_ABORT:
- case SN_REPLY_ERROR:
- case SN_SEND_ABORT:
- TxAbortErrorM(la, &msg, assoc, rtnval, direction);
- break;
- default:
- // big error, remove association and go to idle and write log messages
- SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
- assoc->state=SN_RM;/* Mark for removal*/
- break;
- }
-
- /* Remove association if tagged for removal */
- if (assoc->state == SN_RM) {
- if (assoc->TableRegister) {
- sctp_RmTimeOut(la, assoc);
- RmSctpAssoc(la, assoc);
- }
- LIBALIAS_LOCK_ASSERT(la);
- freeGlobalAddressList(assoc);
- sn_free(assoc);
- }
- switch(rtnval) {
- case SN_NAT_PKT:
- return(PKT_ALIAS_OK);
- case SN_SEND_ABORT:
- return(PKT_ALIAS_OK);
- case SN_REPLY_ABORT:
- case SN_REPLY_ERROR:
- case SN_REFLECT_ERROR:
- return(PKT_ALIAS_RESPOND);
- case SN_DROP_PKT:
- default:
- return(PKT_ALIAS_ERROR);
- }
+ int rtnval;
+ struct sctp_nat_msg msg;
+ struct sctp_nat_assoc *assoc = NULL;
+
+ if ((direction != SN_TO_LOCAL) && (direction != SN_TO_GLOBAL)) {
+ SctpAliasLog("ERROR: Invalid direction\n");
+ return(PKT_ALIAS_ERROR);
+ }
+
+ sctp_CheckTimers(la); /* Check timers */
+
+ /* Parse the packet */
+ rtnval = sctp_PktParser(la, direction, pip, &msg, &assoc); //using *char (change to mbuf when get code from paolo)
+ switch (rtnval) {
+ case SN_PARSE_OK:
+ break;
+ case SN_PARSE_ERROR_CHHL:
+ /* Not an error if there is a chunk length parsing error and this is a fragmented packet */
+ if (ntohs(pip->ip_off) & IP_MF) {
+ rtnval = SN_PARSE_OK;
+ break;
+ }
+ SN_LOG(SN_LOG_EVENT,
+ logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
+ return(PKT_ALIAS_ERROR);
+ case SN_PARSE_ERROR_PARTIALLOOKUP:
+ if (sysctl_error_on_ootb > SN_LOCALandPARTIAL_ERROR_ON_OOTB) {
+ SN_LOG(SN_LOG_EVENT,
+ logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
+ return(PKT_ALIAS_ERROR);
+ }
+ case SN_PARSE_ERROR_LOOKUP:
+ if (sysctl_error_on_ootb == SN_ERROR_ON_OOTB ||
+ (sysctl_error_on_ootb == SN_LOCALandPARTIAL_ERROR_ON_OOTB && direction == SN_TO_LOCAL) ||
+ (sysctl_error_on_ootb == SN_LOCAL_ERROR_ON_OOTB && direction == SN_TO_GLOBAL)) {
+ TxAbortErrorM(la, &msg, assoc, SN_REFLECT_ERROR, direction); /*NB assoc=NULL */
+ return(PKT_ALIAS_RESPOND);
+ }
+ default:
+ SN_LOG(SN_LOG_EVENT,
+ logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
+ return(PKT_ALIAS_ERROR);
+ }
+
+ SN_LOG(SN_LOG_DETAIL,
+ logsctpassoc(assoc, "*");
+ logsctpparse(direction, &msg);
+ );
+
+ /* Process the SCTP message */
+ rtnval = ProcessSctpMsg(la, direction, &msg, assoc);
+
+ SN_LOG(SN_LOG_DEBUG_MAX,
+ logsctpassoc(assoc, "-");
+ logSctpLocal(la);
+ logSctpGlobal(la);
+ );
+ SN_LOG(SN_LOG_DEBUG, logTimerQ(la));
+
+ switch(rtnval){
+ case SN_NAT_PKT:
+ switch(direction) {
+ case SN_TO_LOCAL:
+ DifferentialChecksum(&(msg.ip_hdr->ip_sum),
+ &(assoc->l_addr), &(msg.ip_hdr->ip_dst), 2);
+ msg.ip_hdr->ip_dst = assoc->l_addr; /* change dst address to local address*/
+ break;
+ case SN_TO_GLOBAL:
+ DifferentialChecksum(&(msg.ip_hdr->ip_sum),
+ &(assoc->a_addr), &(msg.ip_hdr->ip_src), 2);
+ msg.ip_hdr->ip_src = assoc->a_addr; /* change src to alias addr*/
+ break;
+ default:
+ rtnval = SN_DROP_PKT; /* shouldn't get here, but if it does drop packet */
+ SN_LOG(SN_LOG_LOW, logsctperror("ERROR: Invalid direction", msg.sctp_hdr->v_tag, rtnval, direction));
+ break;
+ }
+ break;
+ case SN_DROP_PKT:
+ SN_LOG(SN_LOG_DETAIL, logsctperror("SN_DROP_PKT", msg.sctp_hdr->v_tag, rtnval, direction));
+ break;
+ case SN_REPLY_ABORT:
+ case SN_REPLY_ERROR:
+ case SN_SEND_ABORT:
+ TxAbortErrorM(la, &msg, assoc, rtnval, direction);
+ break;
+ default:
+ // big error, remove association and go to idle and write log messages
+ SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction));
+ assoc->state=SN_RM;/* Mark for removal*/
+ break;
+ }
+
+ /* Remove association if tagged for removal */
+ if (assoc->state == SN_RM) {
+ if (assoc->TableRegister) {
+ sctp_RmTimeOut(la, assoc);
+ RmSctpAssoc(la, assoc);
+ }
+ LIBALIAS_LOCK_ASSERT(la);
+ freeGlobalAddressList(assoc);
+ sn_free(assoc);
+ }
+ switch(rtnval) {
+ case SN_NAT_PKT:
+ return(PKT_ALIAS_OK);
+ case SN_SEND_ABORT:
+ return(PKT_ALIAS_OK);
+ case SN_REPLY_ABORT:
+ case SN_REPLY_ERROR:
+ case SN_REFLECT_ERROR:
+ return(PKT_ALIAS_RESPOND);
+ case SN_DROP_PKT:
+ default:
+ return(PKT_ALIAS_ERROR);
+ }
}
/**
@@ -865,92 +865,92 @@ SctpAlias(struct libalias *la, struct ip
static void
TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int sndrply, int direction)
{
- int sctp_size = sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr) + sizeof(struct sctp_error_cause);
- int ip_size = sizeof(struct ip) + sctp_size;
- int include_error_cause = 1;
- char tmp_ip[ip_size];
-
- if (ntohs(sm->ip_hdr->ip_len) < ip_size) { /* short packet, cannot send error cause */
- include_error_cause = 0;
- ip_size = ip_size - sizeof(struct sctp_error_cause);
- sctp_size = sctp_size - sizeof(struct sctp_error_cause);
- }
- /* Assign header pointers packet */
- struct ip* ip = (struct ip *) tmp_ip;
- struct sctphdr* sctp_hdr = (struct sctphdr *) ((char *) ip + sizeof(*ip));
- struct sctp_chunkhdr* chunk_hdr = (struct sctp_chunkhdr *) ((char *) sctp_hdr + sizeof(*sctp_hdr));
- struct sctp_error_cause* error_cause = (struct sctp_error_cause *) ((char *) chunk_hdr + sizeof(*chunk_hdr));
-
- /* construct ip header */
- ip->ip_v = sm->ip_hdr->ip_v;
- ip->ip_hl = 5; /* 5*32 bit words */
- ip->ip_tos = 0;
- ip->ip_len = htons(ip_size);
- ip->ip_id = sm->ip_hdr->ip_id;
- ip->ip_off = 0;
- ip->ip_ttl = 255;
- ip->ip_p = IPPROTO_SCTP;
- /*
- The definitions below should be removed when they make it into the SCTP stack
- */
+ int sctp_size = sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr) + sizeof(struct sctp_error_cause);
+ int ip_size = sizeof(struct ip) + sctp_size;
+ int include_error_cause = 1;
+ char tmp_ip[ip_size];
+
+ if (ntohs(sm->ip_hdr->ip_len) < ip_size) { /* short packet, cannot send error cause */
+ include_error_cause = 0;
+ ip_size = ip_size - sizeof(struct sctp_error_cause);
+ sctp_size = sctp_size - sizeof(struct sctp_error_cause);
+ }
+ /* Assign header pointers packet */
+ struct ip* ip = (struct ip *) tmp_ip;
+ struct sctphdr* sctp_hdr = (struct sctphdr *) ((char *) ip + sizeof(*ip));
+ struct sctp_chunkhdr* chunk_hdr = (struct sctp_chunkhdr *) ((char *) sctp_hdr + sizeof(*sctp_hdr));
+ struct sctp_error_cause* error_cause = (struct sctp_error_cause *) ((char *) chunk_hdr + sizeof(*chunk_hdr));
+
+ /* construct ip header */
+ ip->ip_v = sm->ip_hdr->ip_v;
+ ip->ip_hl = 5; /* 5*32 bit words */
+ ip->ip_tos = 0;
+ ip->ip_len = htons(ip_size);
+ ip->ip_id = sm->ip_hdr->ip_id;
+ ip->ip_off = 0;
+ ip->ip_ttl = 255;
+ ip->ip_p = IPPROTO_SCTP;
+ /*
+ The definitions below should be removed when they make it into the SCTP stack
+ */
#define SCTP_MIDDLEBOX_FLAG 0x02
#define SCTP_NAT_TABLE_COLLISION 0x00b0
#define SCTP_MISSING_NAT 0x00b1
- chunk_hdr->chunk_type = (sndrply & SN_TX_ABORT) ? SCTP_ABORT_ASSOCIATION : SCTP_OPERATION_ERROR;
- chunk_hdr->chunk_flags = SCTP_MIDDLEBOX_FLAG;
- if (include_error_cause) {
- error_cause->code = htons((sndrply & SN_REFLECT_ERROR) ? SCTP_MISSING_NAT : SCTP_NAT_TABLE_COLLISION);
- error_cause->length = htons(sizeof(struct sctp_error_cause));
- chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr) + sizeof(struct sctp_error_cause));
- } else {
- chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr));
- }
-
- /* set specific values */
- switch(sndrply) {
- case SN_REFLECT_ERROR:
- chunk_hdr->chunk_flags |= SCTP_HAD_NO_TCB; /* set Tbit */
- sctp_hdr->v_tag = sm->sctp_hdr->v_tag;
- break;
- case SN_REPLY_ERROR:
- sctp_hdr->v_tag = (direction == SN_TO_LOCAL) ? assoc->g_vtag : assoc->l_vtag ;
- break;
- case SN_SEND_ABORT:
- sctp_hdr->v_tag = sm->sctp_hdr->v_tag;
- break;
- case SN_REPLY_ABORT:
- sctp_hdr->v_tag = sm->sctpchnk.Init->initiate_tag;
- break;
- }
+ chunk_hdr->chunk_type = (sndrply & SN_TX_ABORT) ? SCTP_ABORT_ASSOCIATION : SCTP_OPERATION_ERROR;
+ chunk_hdr->chunk_flags = SCTP_MIDDLEBOX_FLAG;
+ if (include_error_cause) {
+ error_cause->code = htons((sndrply & SN_REFLECT_ERROR) ? SCTP_MISSING_NAT : SCTP_NAT_TABLE_COLLISION);
+ error_cause->length = htons(sizeof(struct sctp_error_cause));
+ chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr) + sizeof(struct sctp_error_cause));
+ } else {
+ chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr));
+ }
+
+ /* set specific values */
+ switch(sndrply) {
+ case SN_REFLECT_ERROR:
+ chunk_hdr->chunk_flags |= SCTP_HAD_NO_TCB; /* set Tbit */
+ sctp_hdr->v_tag = sm->sctp_hdr->v_tag;
+ break;
+ case SN_REPLY_ERROR:
+ sctp_hdr->v_tag = (direction == SN_TO_LOCAL) ? assoc->g_vtag : assoc->l_vtag ;
+ break;
+ case SN_SEND_ABORT:
+ sctp_hdr->v_tag = sm->sctp_hdr->v_tag;
+ break;
+ case SN_REPLY_ABORT:
+ sctp_hdr->v_tag = sm->sctpchnk.Init->initiate_tag;
+ break;
+ }
- /* Set send/reply values */
- if (sndrply == SN_SEND_ABORT) { /*pass through NAT */
- ip->ip_src = (direction == SN_TO_LOCAL) ? sm->ip_hdr->ip_src : assoc->a_addr;
- ip->ip_dst = (direction == SN_TO_LOCAL) ? assoc->l_addr : sm->ip_hdr->ip_dst;
- sctp_hdr->src_port = sm->sctp_hdr->src_port;
- sctp_hdr->dest_port = sm->sctp_hdr->dest_port;
- } else { /* reply and reflect */
- ip->ip_src = sm->ip_hdr->ip_dst;
- ip->ip_dst = sm->ip_hdr->ip_src;
- sctp_hdr->src_port = sm->sctp_hdr->dest_port;
- sctp_hdr->dest_port = sm->sctp_hdr->src_port;
- }
+ /* Set send/reply values */
+ if (sndrply == SN_SEND_ABORT) { /*pass through NAT */
+ ip->ip_src = (direction == SN_TO_LOCAL) ? sm->ip_hdr->ip_src : assoc->a_addr;
+ ip->ip_dst = (direction == SN_TO_LOCAL) ? assoc->l_addr : sm->ip_hdr->ip_dst;
+ sctp_hdr->src_port = sm->sctp_hdr->src_port;
+ sctp_hdr->dest_port = sm->sctp_hdr->dest_port;
+ } else { /* reply and reflect */
+ ip->ip_src = sm->ip_hdr->ip_dst;
+ ip->ip_dst = sm->ip_hdr->ip_src;
+ sctp_hdr->src_port = sm->sctp_hdr->dest_port;
+ sctp_hdr->dest_port = sm->sctp_hdr->src_port;
+ }
- /* Calculate IP header checksum */
- ip->ip_sum = in_cksum_hdr(ip);
+ /* Calculate IP header checksum */
+ ip->ip_sum = in_cksum_hdr(ip);
- /* calculate SCTP header CRC32 */
- sctp_hdr->checksum = 0;
- sctp_hdr->checksum = sctp_csum_finalize(update_crc32(0xffffffff, (unsigned char *) sctp_hdr, sctp_size));
-
- memcpy(sm->ip_hdr, ip, ip_size);
-
- SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n",
- ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
- ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
- (include_error_cause ? ntohs(error_cause->code) : 0),
- inet_ntoa(ip->ip_dst),ntohs(sctp_hdr->dest_port),
- ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum)));
+ /* calculate SCTP header CRC32 */
+ sctp_hdr->checksum = 0;
+ sctp_hdr->checksum = sctp_csum_finalize(update_crc32(0xffffffff, (unsigned char *) sctp_hdr, sctp_size));
+
+ memcpy(sm->ip_hdr, ip, ip_size);
+
+ SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n",
+ ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"),
+ ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"),
+ (include_error_cause ? ntohs(error_cause->code) : 0),
+ inet_ntoa(ip->ip_dst),ntohs(sctp_hdr->dest_port),
+ ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum)));
}
/* ----------------------------------------------------------------------
@@ -980,209 +980,209 @@ TxAbortErrorM(struct libalias *la, struc
*/
static int
sctp_PktParser(struct libalias *la, int direction, struct ip *pip,
- struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc)
+ struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc)
//sctp_PktParser(int direction, struct mbuf *ipak, int ip_hdr_len,struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc)
{
- struct sctphdr *sctp_hdr;
- struct sctp_chunkhdr *chunk_hdr;
- struct sctp_paramhdr *param_hdr;
- struct in_addr ipv4addr;
- int bytes_left; /* bytes left in ip packet */
- int chunk_length;
- int chunk_count;
- int partial_match = 0;
- // mbuf *mp;
- // int mlen;
-
- // mlen = SCTP_HEADER_LEN(i_pak);
- // mp = SCTP_HEADER_TO_CHAIN(i_pak); /* does nothing in bsd since header and chain not separate */
-
- /*
- * Note, that if the VTag is zero, it must be an INIT
- * Also, I am only interested in the content of INIT and ADDIP chunks
- */
-
- // no mbuf stuff from Paolo yet so ...
- sm->ip_hdr = pip;
- /* remove ip header length from the bytes_left */
- bytes_left = ntohs(pip->ip_len) - (pip->ip_hl << 2);
-
- /* Check SCTP header length and move to first chunk */
- if (bytes_left < sizeof(struct sctphdr)) {
- sm->sctp_hdr = NULL;
- return(SN_PARSE_ERROR_IPSHL); /* packet not long enough*/
- }
+ struct sctphdr *sctp_hdr;
+ struct sctp_chunkhdr *chunk_hdr;
+ struct sctp_paramhdr *param_hdr;
+ struct in_addr ipv4addr;
+ int bytes_left; /* bytes left in ip packet */
+ int chunk_length;
+ int chunk_count;
+ int partial_match = 0;
+ // mbuf *mp;
+ // int mlen;
+
+ // mlen = SCTP_HEADER_LEN(i_pak);
+ // mp = SCTP_HEADER_TO_CHAIN(i_pak); /* does nothing in bsd since header and chain not separate */
+
+ /*
+ * Note, that if the VTag is zero, it must be an INIT
+ * Also, I am only interested in the content of INIT and ADDIP chunks
+ */
+
+ // no mbuf stuff from Paolo yet so ...
+ sm->ip_hdr = pip;
+ /* remove ip header length from the bytes_left */
+ bytes_left = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+
+ /* Check SCTP header length and move to first chunk */
+ if (bytes_left < sizeof(struct sctphdr)) {
+ sm->sctp_hdr = NULL;
+ return(SN_PARSE_ERROR_IPSHL); /* packet not long enough*/
+ }
- sm->sctp_hdr = sctp_hdr = (struct sctphdr *) ip_next(pip);
- bytes_left -= sizeof(struct sctphdr);
+ sm->sctp_hdr = sctp_hdr = (struct sctphdr *) ip_next(pip);
+ bytes_left -= sizeof(struct sctphdr);
- /* Check for valid ports (zero valued ports would find partially initialised associations */
- if (sctp_hdr->src_port == 0 || sctp_hdr->dest_port == 0)
- return(SN_PARSE_ERROR_PORT);
-
- /* Check length of first chunk */
- if (bytes_left < SN_MIN_CHUNK_SIZE) /* malformed chunk - could cause endless loop*/
- return(SN_PARSE_ERROR_CHHL); /* packet not long enough for this chunk */
+ /* Check for valid ports (zero valued ports would find partially initialised associations */
+ if (sctp_hdr->src_port == 0 || sctp_hdr->dest_port == 0)
+ return(SN_PARSE_ERROR_PORT);
+
+ /* Check length of first chunk */
+ if (bytes_left < SN_MIN_CHUNK_SIZE) /* malformed chunk - could cause endless loop*/
+ return(SN_PARSE_ERROR_CHHL); /* packet not long enough for this chunk */
- /* First chunk */
- chunk_hdr = SN_SCTP_FIRSTCHUNK(sctp_hdr);
+ /* First chunk */
+ chunk_hdr = SN_SCTP_FIRSTCHUNK(sctp_hdr);
- chunk_length = SCTP_SIZE32(ntohs(chunk_hdr->chunk_length));
- if ((chunk_length < SN_MIN_CHUNK_SIZE) || (chunk_length > bytes_left)) /* malformed chunk - could cause endless loop*/
- return(SN_PARSE_ERROR_CHHL);
-
- if ((chunk_hdr->chunk_flags & SCTP_HAD_NO_TCB) &&
- ((chunk_hdr->chunk_type == SCTP_ABORT_ASSOCIATION) ||
- (chunk_hdr->chunk_type == SCTP_SHUTDOWN_COMPLETE))) {
- /* T-Bit set */
- if (direction == SN_TO_LOCAL)
- *passoc = FindSctpGlobalT(la, pip->ip_src, sctp_hdr->v_tag, sctp_hdr->dest_port, sctp_hdr->src_port);
- else
- *passoc = FindSctpLocalT(la, pip->ip_dst, sctp_hdr->v_tag, sctp_hdr->dest_port, sctp_hdr->src_port);
- } else {
- /* Proper v_tag settings */
- if (direction == SN_TO_LOCAL)
- *passoc = FindSctpGlobal(la, pip->ip_src, sctp_hdr->v_tag, sctp_hdr->src_port, sctp_hdr->dest_port, &partial_match);
- else
- *passoc = FindSctpLocal(la, pip->ip_src, pip->ip_dst, sctp_hdr->v_tag, sctp_hdr->src_port, sctp_hdr->dest_port);
- }
-
- chunk_count = 1;
- /* Real packet parsing occurs below */
- sm->msg = SN_SCTP_OTHER;/* Initialise to largest value*/
- sm->chunk_length = 0; /* only care about length for key chunks */
- while (IS_SCTP_CONTROL(chunk_hdr)) {
- switch(chunk_hdr->chunk_type) {
- case SCTP_INITIATION:
- if (chunk_length < sizeof(struct sctp_init_chunk)) /* malformed chunk*/
- return(SN_PARSE_ERROR_CHHL);
- sm->msg = SN_SCTP_INIT;
- sm->sctpchnk.Init = (struct sctp_init *) ((char *) chunk_hdr + sizeof(struct sctp_chunkhdr));
- sm->chunk_length = chunk_length;
- /* if no existing association, create a new one */
- if (*passoc == NULL) {
- if (sctp_hdr->v_tag == 0){ //Init requires vtag=0
- *passoc = (struct sctp_nat_assoc *) sn_malloc(sizeof(struct sctp_nat_assoc));
- if (*passoc == NULL) {/* out of resources */
- return(SN_PARSE_ERROR_AS_MALLOC);
- }
- /* Initialise association - malloc initialises memory to zeros */
- (*passoc)->state = SN_ID;
- LIST_INIT(&((*passoc)->Gaddr)); /* always initialise to avoid memory problems */
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-user
mailing list