Blame - extensions/libipt_SAME.c - fp2-dev/platform/external/iptables

blob: c0aef9f966206a2470f99c6c8ec5ffbfdd401314 [file] [log] [blame]

Harald Welte	18f1aff	2001-03-25 19:03:23 +0000	[diff] [blame]	1	/* Shared library add-on to iptables to add simple non load-balancing SNAT support. */
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	2	#include <stdio.h>
				3	#include <netdb.h>
				4	#include <string.h>
				5	#include <stdlib.h>
				6	#include <getopt.h>
				7	#include <iptables.h>
				8	#include <linux/netfilter_ipv4/ip_tables.h>
Patrick McHardy	40d5475	2007-04-18 07:00:36 +0000	[diff] [blame]	9	#include <linux/netfilter/nf_nat.h>
Martin Josefsson	1eb0081	2004-05-26 15:58:07 +0000	[diff] [blame]	10	/* For 64bit kernel / 32bit userspace */
Jan Engelhardt	a2a7f2b	2008-09-01 14:20:13 +0200	[diff] [blame^]	11	#include <linux/netfilter_ipv4/ipt_SAME.h>
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	12
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	13	/* Function which prints out usage message. */
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	14	static void SAME_help(void)
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	15	{
				16	printf(
Jan Engelhardt	8b7c64d	2008-04-15 11:48:25 +0200	[diff] [blame]	17	"SAME target options:\n"
Harald Welte	18f1aff	2001-03-25 19:03:23 +0000	[diff] [blame]	18	" --to <ipaddr>-<ipaddr>\n"
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	19	" Addresses to map source to.\n"
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	20	" May be specified more than\n"
				21	" once for multiple ranges.\n"
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	22	" --nodst\n"
				23	" Don't use destination-ip in\n"
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	24	" source selection\n"
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	25	" --random\n"
Jan Engelhardt	8b7c64d	2008-04-15 11:48:25 +0200	[diff] [blame]	26	" Randomize source port\n");
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	27	}
				28
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	29	static const struct option SAME_opts[] = {
Patrick McHardy	500f483	2007-09-08 15:59:04 +0000	[diff] [blame]	30	{ "to", 1, NULL, '1' },
				31	{ "nodst", 0, NULL, '2'},
				32	{ "random", 0, NULL, '3' },
Max Kellermann	9ee386a	2008-01-29 13:48:05 +0000	[diff] [blame]	33	{ .name = NULL }
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	34	};
				35
				36	/* Initialize the target. */
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	37	static void SAME_init(struct xt_entry_target *t)
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	38	{
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	39	struct ipt_same_info mr = (struct ipt_same_info )t->data;
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	40
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	41	/* Set default to 0 */
				42	mr->rangesize = 0;
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	43	mr->info = 0;
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	44	mr->ipnum = 0;
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	45
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	46	}
				47
				48	/* Parses range of IPs */
				49	static void
				50	parse_to(char arg, struct ip_nat_range range)
				51	{
				52	char *dash;
Jan Engelhardt	bd94384	2008-01-20 13:38:08 +0000	[diff] [blame]	53	const struct in_addr *ip;
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	54
				55	range->flags \|= IP_NAT_RANGE_MAP_IPS;
				56	dash = strchr(arg, '-');
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	57
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	58	if (dash)
				59	*dash = '\0';
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	60
Jan Engelhardt	bd94384	2008-01-20 13:38:08 +0000	[diff] [blame]	61	ip = numeric_to_ipaddr(arg);
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	62	if (!ip)
				63	exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
				64	arg);
				65	range->min_ip = ip->s_addr;
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	66
				67	if (dash) {
Jan Engelhardt	bd94384	2008-01-20 13:38:08 +0000	[diff] [blame]	68	ip = numeric_to_ipaddr(dash+1);
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	69	if (!ip)
				70	exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
				71	dash+1);
				72	}
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	73	range->max_ip = ip->s_addr;
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	74	if (dash)
				75	if (range->min_ip > range->max_ip)
				76	exit_error(PARAMETER_PROBLEM, "Bad IP range `%s-%s'\n",
				77	arg, dash+1);
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	78	}
				79
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	80	#define IPT_SAME_OPT_TO 0x01
				81	#define IPT_SAME_OPT_NODST 0x02
Patrick McHardy	e656e26	2007-04-18 12:56:05 +0000	[diff] [blame]	82	#define IPT_SAME_OPT_RANDOM 0x04
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	83
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	84	/* Function which parses command options; returns true if it
				85	ate an option */
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	86	static int SAME_parse(int c, char *argv, int invert, unsigned int flags,
				87	const void entry, struct xt_entry_target *target)
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	88	{
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	89	struct ipt_same_info *mr
				90	= (struct ipt_same_info )(target)->data;
Jan Engelhardt	7a236f4	2008-03-03 12:30:41 +0100	[diff] [blame]	91	unsigned int count;
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	92
				93	switch (c) {
				94	case '1':
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	95	if (mr->rangesize == IPT_SAME_MAX_RANGE)
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	96	exit_error(PARAMETER_PROBLEM,
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	97	"Too many ranges specified, maximum "
				98	"is %i ranges.\n",
				99	IPT_SAME_MAX_RANGE);
Harald Welte	b77f1da	2002-03-14 11:35:58 +0000	[diff] [blame]	100	if (check_inverse(optarg, &invert, NULL, 0))
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	101	exit_error(PARAMETER_PROBLEM,
Harald Welte	18f1aff	2001-03-25 19:03:23 +0000	[diff] [blame]	102	"Unexpected `!' after --to");
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	103
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	104	parse_to(optarg, &mr->range[mr->rangesize]);
Patrick McHardy	e656e26	2007-04-18 12:56:05 +0000	[diff] [blame]	105	/* WTF do we need this for? */
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	106	if (*flags & IPT_SAME_OPT_RANDOM)
				107	mr->range[mr->rangesize].flags
				108	\|= IP_NAT_RANGE_PROTO_RANDOM;
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	109	mr->rangesize++;
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	110	*flags \|= IPT_SAME_OPT_TO;
				111	break;
				112
				113	case '2':
				114	if (*flags & IPT_SAME_OPT_NODST)
				115	exit_error(PARAMETER_PROBLEM,
				116	"Can't specify --nodst twice");
				117
				118	mr->info \|= IPT_SAME_NODST;
				119	*flags \|= IPT_SAME_OPT_NODST;
				120	break;
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	121
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	122	case '3':
				123	*flags \|= IPT_SAME_OPT_RANDOM;
				124	for (count=0; count < mr->rangesize; count++)
				125	mr->range[count].flags \|= IP_NAT_RANGE_PROTO_RANDOM;
				126	break;
Patrick McHardy	e656e26	2007-04-18 12:56:05 +0000	[diff] [blame]	127
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	128	default:
				129	return 0;
				130	}
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	131
				132	return 1;
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	133	}
				134
Harald Welte	18f1aff	2001-03-25 19:03:23 +0000	[diff] [blame]	135	/* Final check; need --to. */
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	136	static void SAME_check(unsigned int flags)
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	137	{
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	138	if (!(flags & IPT_SAME_OPT_TO))
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	139	exit_error(PARAMETER_PROBLEM,
Harald Welte	18f1aff	2001-03-25 19:03:23 +0000	[diff] [blame]	140	"SAME needs --to");
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	141	}
				142
				143	/* Prints out the targinfo. */
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	144	static void SAME_print(const void ip, const struct xt_entry_target target,
				145	int numeric)
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	146	{
Jan Engelhardt	7a236f4	2008-03-03 12:30:41 +0100	[diff] [blame]	147	unsigned int count;
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	148	struct ipt_same_info *mr
				149	= (struct ipt_same_info *)target->data;
Jan Engelhardt	dbb7754	2008-02-11 00:33:30 +0100	[diff] [blame]	150	int random_selection = 0;
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	151
				152	printf("same:");
				153
				154	for (count = 0; count < mr->rangesize; count++) {
				155	struct ip_nat_range *r = &mr->range[count];
				156	struct in_addr a;
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	157
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	158	a.s_addr = r->min_ip;
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	159
Jan Engelhardt	08b1616	2008-01-20 13:36:08 +0000	[diff] [blame]	160	printf("%s", ipaddr_to_numeric(&a));
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	161	a.s_addr = r->max_ip;
				162
				163	if (r->min_ip == r->max_ip)
				164	printf(" ");
				165	else
Jan Engelhardt	08b1616	2008-01-20 13:36:08 +0000	[diff] [blame]	166	printf("-%s ", ipaddr_to_numeric(&a));
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	167	if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
Jan Engelhardt	dbb7754	2008-02-11 00:33:30 +0100	[diff] [blame]	168	random_selection = 1;
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	169	}
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	170
				171	if (mr->info & IPT_SAME_NODST)
				172	printf("nodst ");
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	173
Jan Engelhardt	dbb7754	2008-02-11 00:33:30 +0100	[diff] [blame]	174	if (random_selection)
Eric Leblond	ae4b0b3	2007-02-24 15:11:33 +0000	[diff] [blame]	175	printf("random ");
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	176	}
				177
				178	/* Saves the union ipt_targinfo in parsable form to stdout. */
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	179	static void SAME_save(const void ip, const struct xt_entry_target target)
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	180	{
Jan Engelhardt	7a236f4	2008-03-03 12:30:41 +0100	[diff] [blame]	181	unsigned int count;
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	182	struct ipt_same_info *mr
				183	= (struct ipt_same_info *)target->data;
Jan Engelhardt	dbb7754	2008-02-11 00:33:30 +0100	[diff] [blame]	184	int random_selection = 0;
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	185
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	186	for (count = 0; count < mr->rangesize; count++) {
				187	struct ip_nat_range *r = &mr->range[count];
				188	struct in_addr a;
				189
				190	a.s_addr = r->min_ip;
Jan Engelhardt	08b1616	2008-01-20 13:36:08 +0000	[diff] [blame]	191	printf("--to %s", ipaddr_to_numeric(&a));
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	192	a.s_addr = r->max_ip;
				193
				194	if (r->min_ip == r->max_ip)
				195	printf(" ");
				196	else
Jan Engelhardt	08b1616	2008-01-20 13:36:08 +0000	[diff] [blame]	197	printf("-%s ", ipaddr_to_numeric(&a));
Patrick McHardy	9c67def	2007-04-18 14:00:11 +0000	[diff] [blame]	198	if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
Jan Engelhardt	dbb7754	2008-02-11 00:33:30 +0100	[diff] [blame]	199	random_selection = 1;
Harald Welte	05e0b01	2001-08-26 08:18:25 +0000	[diff] [blame]	200	}
Harald Welte	cf655eb	2001-07-28 18:47:11 +0000	[diff] [blame]	201
				202	if (mr->info & IPT_SAME_NODST)
				203	printf("--nodst ");
Patrick McHardy	9c67def	2007-04-18 14:00:11 +0000	[diff] [blame]	204
Jan Engelhardt	dbb7754	2008-02-11 00:33:30 +0100	[diff] [blame]	205	if (random_selection)
Patrick McHardy	9c67def	2007-04-18 14:00:11 +0000	[diff] [blame]	206	printf("--random ");
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	207	}
				208
Jan Engelhardt	8b7c64d	2008-04-15 11:48:25 +0200	[diff] [blame]	209	static struct xtables_target same_tg_reg = {
Pablo Neira	8caee8b	2004-12-28 13:11:59 +0000	[diff] [blame]	210	.name = "SAME",
Jan Engelhardt	8b7c64d	2008-04-15 11:48:25 +0200	[diff] [blame]	211	.version = XTABLES_VERSION,
				212	.family = PF_INET,
				213	.size = XT_ALIGN(sizeof(struct ipt_same_info)),
				214	.userspacesize = XT_ALIGN(sizeof(struct ipt_same_info)),
Jan Engelhardt	1d5b63d	2007-10-04 16:29:00 +0000	[diff] [blame]	215	.help = SAME_help,
				216	.init = SAME_init,
				217	.parse = SAME_parse,
				218	.final_check = SAME_check,
				219	.print = SAME_print,
				220	.save = SAME_save,
				221	.extra_opts = SAME_opts,
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	222	};
				223
				224	void _init(void)
				225	{
Jan Engelhardt	8b7c64d	2008-04-15 11:48:25 +0200	[diff] [blame]	226	xtables_register_target(&same_tg_reg);
Martin Josefsson	f419f75	2001-02-19 21:55:27 +0000	[diff] [blame]	227	}