003 File Manager
Current Path:
/usr/src/usr.sbin/ppp
usr
/
src
/
usr.sbin
/
ppp
/
📁
..
📄
Makefile
(1.66 KB)
📄
Makefile.depend
(435 B)
📄
README.changes
(7.26 KB)
📄
README.nat
(14.85 KB)
📄
acf.c
(3.51 KB)
📄
acf.h
(1.5 KB)
📄
arp.c
(8.24 KB)
📄
arp.h
(1.76 KB)
📄
async.c
(5.39 KB)
📄
async.h
(1.9 KB)
📄
auth.c
(12.02 KB)
📄
auth.h
(2.69 KB)
📄
bundle.c
(56.37 KB)
📄
bundle.h
(7.7 KB)
📄
cbcp.c
(22.53 KB)
📄
cbcp.h
(2.51 KB)
📄
ccp.c
(23.33 KB)
📄
ccp.h
(5.53 KB)
📄
chap.c
(27 KB)
📄
chap.h
(2.69 KB)
📄
chap_ms.c
(12.22 KB)
📄
chap_ms.h
(2.48 KB)
📄
chat.c
(20.41 KB)
📄
chat.h
(2.92 KB)
📄
command.c
(101.76 KB)
📄
command.h
(3.02 KB)
📄
datalink.c
(42.89 KB)
📄
datalink.h
(6.11 KB)
📄
deflate.c
(15.89 KB)
📄
deflate.h
(1.52 KB)
📄
defs.c
(8.61 KB)
📄
defs.h
(5.41 KB)
📄
descriptor.h
(2.24 KB)
📄
ether.c
(20.81 KB)
📄
ether.h
(1.73 KB)
📄
exec.c
(11.47 KB)
📄
exec.h
(1.67 KB)
📄
filter.c
(15.76 KB)
📄
filter.h
(3.8 KB)
📄
fsm.c
(31.01 KB)
📄
fsm.h
(7.02 KB)
📄
hdlc.c
(15.17 KB)
📄
hdlc.h
(3.9 KB)
📄
i4b.h
(1.73 KB)
📄
id.c
(6.05 KB)
📄
id.h
(3.01 KB)
📄
iface.c
(22.41 KB)
📄
iface.h
(2.97 KB)
📄
ip.c
(30.21 KB)
📄
ip.h
(2.09 KB)
📄
ipcp.c
(42.99 KB)
📄
ipcp.h
(5.14 KB)
📄
iplist.c
(5.54 KB)
📄
iplist.h
(1.99 KB)
📄
ipv6cp.c
(21.9 KB)
📄
ipv6cp.h
(3.26 KB)
📄
layer.h
(1.97 KB)
📄
lcp.c
(39.22 KB)
📄
lcp.h
(6.3 KB)
📄
link.c
(10.36 KB)
📄
link.h
(3.42 KB)
📄
log.c
(11.33 KB)
📄
log.h
(4.14 KB)
📄
lqr.c
(17.5 KB)
📄
lqr.h
(3.31 KB)
📄
main.c
(17.93 KB)
📄
main.h
(1.6 KB)
📄
mbuf.c
(10.02 KB)
📄
mbuf.h
(4 KB)
📄
mp.c
(33.66 KB)
📄
mp.h
(4.87 KB)
📄
mppe.c
(20.27 KB)
📄
mppe.h
(1.57 KB)
📄
nat_cmd.c
(15.37 KB)
📄
nat_cmd.h
(1.88 KB)
📄
ncp.c
(13.17 KB)
📄
ncp.h
(4.36 KB)
📄
ncpaddr.c
(23.06 KB)
📄
ncpaddr.h
(4.63 KB)
📄
netgraph.c
(20.65 KB)
📄
netgraph.h
(1.72 KB)
📄
pap.c
(8.83 KB)
📄
pap.h
(1.78 KB)
📄
physical.c
(29.01 KB)
📄
physical.h
(6.5 KB)
📄
ppp.8
(149.48 KB)
📄
ppp.conf
(1.23 KB)
📄
pred.c
(8.83 KB)
📄
pred.h
(1.59 KB)
📄
probe.c
(2.29 KB)
📄
probe.h
(1.57 KB)
📄
prompt.c
(12.92 KB)
📄
prompt.h
(3.87 KB)
📄
proto.c
(3.22 KB)
📄
proto.h
(2.4 KB)
📄
radius.c
(39.38 KB)
📄
radius.h
(4.6 KB)
📄
route.c
(25.91 KB)
📄
route.h
(3.3 KB)
📄
server.c
(10.9 KB)
📄
server.h
(2.26 KB)
📄
sig.c
(3.45 KB)
📄
sig.h
(1.6 KB)
📄
slcompress.c
(17.2 KB)
📄
slcompress.h
(6.48 KB)
📄
sync.c
(2.7 KB)
📄
sync.h
(1.44 KB)
📄
systems.c
(11.45 KB)
📄
systems.h
(2.02 KB)
📄
tcp.c
(5.63 KB)
📄
tcp.h
(1.66 KB)
📄
tcpmss.c
(5.06 KB)
📄
tcpmss.h
(1.44 KB)
📄
throughput.c
(8.84 KB)
📄
throughput.h
(2.91 KB)
📄
timer.c
(8.14 KB)
📄
timer.h
(2.31 KB)
📄
tty.c
(20.63 KB)
📄
tty.h
(1.73 KB)
📄
tun.c
(3.27 KB)
📄
tun.h
(1.58 KB)
📄
ua.h
(2.98 KB)
📄
udp.c
(8.7 KB)
📄
udp.h
(1.67 KB)
📄
vjcomp.c
(5.68 KB)
📄
vjcomp.h
(1.53 KB)
Editing: nat_cmd.c
/*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2001 Charles Mott <cm@linktel.net> * Brian Somers <brian@Awfulhak.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ */ #include <sys/param.h> #include <netinet/in.h> #include <arpa/inet.h> #include <netdb.h> #include <netinet/in_systm.h> #include <netinet/ip.h> #include <sys/socket.h> #include <sys/un.h> #include <stdarg.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <termios.h> #ifdef LOCALNAT #include "alias.h" #else #include <alias.h> #endif #include "layer.h" #include "proto.h" #include "defs.h" #include "command.h" #include "log.h" #include "nat_cmd.h" #include "descriptor.h" #include "prompt.h" #include "timer.h" #include "fsm.h" #include "slcompress.h" #include "throughput.h" #include "iplist.h" #include "mbuf.h" #include "lqr.h" #include "hdlc.h" #include "ncpaddr.h" #include "ip.h" #include "ipcp.h" #include "ipv6cp.h" #include "lcp.h" #include "ccp.h" #include "link.h" #include "mp.h" #include "filter.h" #ifndef NORADIUS #include "radius.h" #endif #include "ncp.h" #include "bundle.h" #define NAT_EXTRABUF (13) static int StrToAddr(const char *, struct in_addr *); static int StrToPortRange(const char *, u_short *, u_short *, const char *); static int StrToAddrAndPort(const char *, struct in_addr *, u_short *, u_short *, const char *); extern struct libalias *la; static void lowhigh(u_short *a, u_short *b) { if (a > b) { u_short c; c = *b; *b = *a; *a = c; } } int nat_RedirectPort(struct cmdargs const *arg) { if (!arg->bundle->NatEnabled) { prompt_Printf(arg->prompt, "Alias not enabled\n"); return 1; } else if (arg->argc == arg->argn + 3 || arg->argc == arg->argn + 4) { char proto_constant; const char *proto; struct in_addr localaddr; u_short hlocalport, llocalport; struct in_addr aliasaddr; u_short haliasport, laliasport; struct in_addr remoteaddr; u_short hremoteport, lremoteport; struct alias_link *link; int error; proto = arg->argv[arg->argn]; if (strcmp(proto, "tcp") == 0) { proto_constant = IPPROTO_TCP; } else if (strcmp(proto, "udp") == 0) { proto_constant = IPPROTO_UDP; } else { prompt_Printf(arg->prompt, "port redirect: protocol must be" " tcp or udp\n"); return -1; } error = StrToAddrAndPort(arg->argv[arg->argn+1], &localaddr, &llocalport, &hlocalport, proto); if (error) { prompt_Printf(arg->prompt, "nat port: error reading localaddr:port\n"); return -1; } error = StrToPortRange(arg->argv[arg->argn+2], &laliasport, &haliasport, proto); if (error) { prompt_Printf(arg->prompt, "nat port: error reading alias port\n"); return -1; } aliasaddr.s_addr = INADDR_ANY; if (arg->argc == arg->argn + 4) { error = StrToAddrAndPort(arg->argv[arg->argn+3], &remoteaddr, &lremoteport, &hremoteport, proto); if (error) { prompt_Printf(arg->prompt, "nat port: error reading " "remoteaddr:port\n"); return -1; } } else { remoteaddr.s_addr = INADDR_ANY; lremoteport = hremoteport = 0; } lowhigh(&llocalport, &hlocalport); lowhigh(&laliasport, &haliasport); lowhigh(&lremoteport, &hremoteport); if (haliasport - laliasport != hlocalport - llocalport) { prompt_Printf(arg->prompt, "nat port: local & alias port ranges " "are not equal\n"); return -1; } if (hremoteport && hremoteport - lremoteport != hlocalport - llocalport) { prompt_Printf(arg->prompt, "nat port: local & remote port ranges " "are not equal\n"); return -1; } do { link = LibAliasRedirectPort(la, localaddr, htons(llocalport), remoteaddr, htons(lremoteport), aliasaddr, htons(laliasport), proto_constant); if (link == NULL) { prompt_Printf(arg->prompt, "nat port: %d: error %d\n", laliasport, error); return 1; } llocalport++; if (hremoteport) lremoteport++; } while (laliasport++ < haliasport); return 0; } return -1; } int nat_RedirectAddr(struct cmdargs const *arg) { if (!arg->bundle->NatEnabled) { prompt_Printf(arg->prompt, "nat not enabled\n"); return 1; } else if (arg->argc == arg->argn+2) { int error; struct in_addr localaddr, aliasaddr; struct alias_link *link; error = StrToAddr(arg->argv[arg->argn], &localaddr); if (error) { prompt_Printf(arg->prompt, "address redirect: invalid local address\n"); return 1; } error = StrToAddr(arg->argv[arg->argn+1], &aliasaddr); if (error) { prompt_Printf(arg->prompt, "address redirect: invalid alias address\n"); prompt_Printf(arg->prompt, "usage: nat %s %s\n", arg->cmd->name, arg->cmd->syntax); return 1; } link = LibAliasRedirectAddr(la, localaddr, aliasaddr); if (link == NULL) { prompt_Printf(arg->prompt, "address redirect: packet aliasing" " engine error\n"); prompt_Printf(arg->prompt, "usage: nat %s %s\n", arg->cmd->name, arg->cmd->syntax); } } else return -1; return 0; } int nat_RedirectProto(struct cmdargs const *arg) { if (!arg->bundle->NatEnabled) { prompt_Printf(arg->prompt, "nat not enabled\n"); return 1; } else if (arg->argc >= arg->argn + 2 && arg->argc <= arg->argn + 4) { struct in_addr localIP, publicIP, remoteIP; struct alias_link *link; struct protoent *pe; int error; unsigned len; len = strlen(arg->argv[arg->argn]); if (len == 0) { prompt_Printf(arg->prompt, "proto redirect: invalid protocol\n"); return 1; } if (strspn(arg->argv[arg->argn], "01234567") == len) pe = getprotobynumber(atoi(arg->argv[arg->argn])); else pe = getprotobyname(arg->argv[arg->argn]); if (pe == NULL) { prompt_Printf(arg->prompt, "proto redirect: invalid protocol\n"); return 1; } error = StrToAddr(arg->argv[arg->argn + 1], &localIP); if (error) { prompt_Printf(arg->prompt, "proto redirect: invalid src address\n"); return 1; } if (arg->argc >= arg->argn + 3) { error = StrToAddr(arg->argv[arg->argn + 2], &publicIP); if (error) { prompt_Printf(arg->prompt, "proto redirect: invalid alias address\n"); prompt_Printf(arg->prompt, "usage: nat %s %s\n", arg->cmd->name, arg->cmd->syntax); return 1; } } else publicIP.s_addr = INADDR_ANY; if (arg->argc == arg->argn + 4) { error = StrToAddr(arg->argv[arg->argn + 2], &remoteIP); if (error) { prompt_Printf(arg->prompt, "proto redirect: invalid dst address\n"); prompt_Printf(arg->prompt, "usage: nat %s %s\n", arg->cmd->name, arg->cmd->syntax); return 1; } } else remoteIP.s_addr = INADDR_ANY; link = LibAliasRedirectProto(la, localIP, remoteIP, publicIP, pe->p_proto); if (link == NULL) { prompt_Printf(arg->prompt, "proto redirect: packet aliasing" " engine error\n"); prompt_Printf(arg->prompt, "usage: nat %s %s\n", arg->cmd->name, arg->cmd->syntax); } } else return -1; return 0; } static int StrToAddr(const char *str, struct in_addr *addr) { struct hostent *hp; if (inet_aton(str, addr)) return 0; hp = gethostbyname(str); if (!hp) { log_Printf(LogWARN, "StrToAddr: Unknown host %s.\n", str); return -1; } *addr = *((struct in_addr *) hp->h_addr); return 0; } static int StrToPort(const char *str, u_short *port, const char *proto) { struct servent *sp; char *end; *port = strtol(str, &end, 10); if (*end != '\0') { sp = getservbyname(str, proto); if (sp == NULL) { log_Printf(LogWARN, "StrToAddr: Unknown port or service %s/%s.\n", str, proto); return -1; } *port = ntohs(sp->s_port); } return 0; } static int StrToPortRange(const char *str, u_short *low, u_short *high, const char *proto) { char *minus; int res; minus = strchr(str, '-'); if (minus) *minus = '\0'; /* Cheat the const-ness ! */ res = StrToPort(str, low, proto); if (minus) *minus = '-'; /* Cheat the const-ness ! */ if (res == 0) { if (minus) res = StrToPort(minus + 1, high, proto); else *high = *low; } return res; } static int StrToAddrAndPort(const char *str, struct in_addr *addr, u_short *low, u_short *high, const char *proto) { char *colon; int res; colon = strchr(str, ':'); if (!colon) { log_Printf(LogWARN, "StrToAddrAndPort: %s is missing port number.\n", str); return -1; } *colon = '\0'; /* Cheat the const-ness ! */ res = StrToAddr(str, addr); *colon = ':'; /* Cheat the const-ness ! */ if (res != 0) return -1; return StrToPortRange(colon + 1, low, high, proto); } int nat_ProxyRule(struct cmdargs const *arg) { char cmd[LINE_LEN]; int f, pos; size_t len; if (arg->argn >= arg->argc) return -1; for (f = arg->argn, pos = 0; f < arg->argc; f++) { len = strlen(arg->argv[f]); if (sizeof cmd - pos < len + (len ? 1 : 0)) break; if (len) cmd[pos++] = ' '; strcpy(cmd + pos, arg->argv[f]); pos += len; } return LibAliasProxyRule(la, cmd); } int nat_SetTarget(struct cmdargs const *arg) { struct in_addr addr; if (arg->argc == arg->argn) { addr.s_addr = INADDR_ANY; LibAliasSetTarget(la, addr); return 0; } if (arg->argc != arg->argn + 1) return -1; if (!strcasecmp(arg->argv[arg->argn], "MYADDR")) { addr.s_addr = INADDR_ANY; LibAliasSetTarget(la, addr); return 0; } addr = GetIpAddr(arg->argv[arg->argn]); if (addr.s_addr == INADDR_NONE) { log_Printf(LogWARN, "%s: invalid address\n", arg->argv[arg->argn]); return 1; } LibAliasSetTarget(la, addr); return 0; } #ifndef NO_FW_PUNCH int nat_PunchFW(struct cmdargs const *arg) { char *end; long base, count; if (arg->argc == arg->argn) { LibAliasSetMode(la, 0, PKT_ALIAS_PUNCH_FW); return 0; } if (arg->argc != arg->argn + 2) return -1; base = strtol(arg->argv[arg->argn], &end, 10); if (*end != '\0' || base < 0) return -1; count = strtol(arg->argv[arg->argn + 1], &end, 10); if (*end != '\0' || count < 0) return -1; LibAliasSetFWBase(la, base, count); LibAliasSetMode(la, PKT_ALIAS_PUNCH_FW, PKT_ALIAS_PUNCH_FW); return 0; } #endif int nat_SkinnyPort(struct cmdargs const *arg) { char *end; long port; if (arg->argc == arg->argn) { LibAliasSetSkinnyPort(la, 0); return 0; } if (arg->argc != arg->argn + 1) return -1; port = strtol(arg->argv[arg->argn], &end, 10); if (*end != '\0' || port < 0) return -1; LibAliasSetSkinnyPort(la, port); return 0; } static struct mbuf * nat_LayerPush(struct bundle *bundle, struct link *l __unused, struct mbuf *bp, int pri __unused, u_short *proto) { if (!bundle->NatEnabled || *proto != PROTO_IP) return bp; log_Printf(LogDEBUG, "nat_LayerPush: PROTO_IP -> PROTO_IP\n"); m_settype(bp, MB_NATOUT); /* Ensure there's a bit of extra buffer for the NAT code... */ bp = m_pullup(m_append(bp, NULL, NAT_EXTRABUF)); LibAliasOut(la, MBUF_CTOP(bp), bp->m_len); bp->m_len = ntohs(((struct ip *)MBUF_CTOP(bp))->ip_len); return bp; } static struct mbuf * nat_LayerPull(struct bundle *bundle, struct link *l __unused, struct mbuf *bp, u_short *proto) { static int gfrags; int ret, len, nfrags; struct mbuf **last; char *fptr; if (!bundle->NatEnabled || *proto != PROTO_IP) return bp; log_Printf(LogDEBUG, "nat_LayerPull: PROTO_IP -> PROTO_IP\n"); m_settype(bp, MB_NATIN); /* Ensure there's a bit of extra buffer for the NAT code... */ bp = m_pullup(m_append(bp, NULL, NAT_EXTRABUF)); ret = LibAliasIn(la, MBUF_CTOP(bp), bp->m_len); bp->m_len = ntohs(((struct ip *)MBUF_CTOP(bp))->ip_len); if (bp->m_len > MAX_MRU) { log_Printf(LogWARN, "nat_LayerPull: Problem with IP header length (%lu)\n", (unsigned long)bp->m_len); m_freem(bp); return NULL; } switch (ret) { case PKT_ALIAS_OK: break; case PKT_ALIAS_UNRESOLVED_FRAGMENT: /* Save the data for later */ if ((fptr = malloc(bp->m_len)) == NULL) { log_Printf(LogWARN, "nat_LayerPull: Dropped unresolved fragment -" " out of memory!\n"); m_freem(bp); bp = NULL; } else { bp = mbuf_Read(bp, fptr, bp->m_len); LibAliasSaveFragment(la, fptr); log_Printf(LogDEBUG, "Store another frag (%lu) - now %d\n", (unsigned long)((struct ip *)fptr)->ip_id, ++gfrags); } break; case PKT_ALIAS_FOUND_HEADER_FRAGMENT: /* Fetch all the saved fragments and chain them on the end of `bp' */ last = &bp->m_nextpkt; nfrags = 0; while ((fptr = LibAliasGetFragment(la, MBUF_CTOP(bp))) != NULL) { nfrags++; LibAliasFragmentIn(la, MBUF_CTOP(bp), fptr); len = ntohs(((struct ip *)fptr)->ip_len); *last = m_get(len, MB_NATIN); memcpy(MBUF_CTOP(*last), fptr, len); free(fptr); last = &(*last)->m_nextpkt; } gfrags -= nfrags; log_Printf(LogDEBUG, "Found a frag header (%lu) - plus %d more frags (no" "w %d)\n", (unsigned long)((struct ip *)MBUF_CTOP(bp))->ip_id, nfrags, gfrags); break; case PKT_ALIAS_IGNORED: if (LibAliasSetMode(la, 0, 0) & PKT_ALIAS_DENY_INCOMING) { log_Printf(LogTCPIP, "NAT engine denied data:\n"); m_freem(bp); bp = NULL; } else if (log_IsKept(LogTCPIP)) { log_Printf(LogTCPIP, "NAT engine ignored data:\n"); PacketCheck(bundle, AF_INET, MBUF_CTOP(bp), bp->m_len, NULL, NULL, NULL); } break; default: log_Printf(LogWARN, "nat_LayerPull: Dropped a packet (%d)....\n", ret); m_freem(bp); bp = NULL; break; } return bp; } struct layer natlayer = { LAYER_NAT, "nat", nat_LayerPush, nat_LayerPull };
Upload File
Create Folder