ip_tftp_pxy.c revision 1.1
1 /* $NetBSD: ip_tftp_pxy.c,v 1.1 2012/03/23 20:37:04 christos Exp $ */ 2 3 /* 4 * Copyright (C) 2010 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * Id: ip_tftp_pxy.c,v 1.1.2.4 2012/01/26 05:44:25 darren_r Exp 9 */ 10 11 #define IPF_TFTP_PROXY 12 13 void ipf_p_tftp_main_load __P((void)); 14 void ipf_p_tftp_main_unload __P((void)); 15 int ipf_p_tftp_new __P((void *, fr_info_t *, ap_session_t *, nat_t *)); 16 int ipf_p_tftp_out __P((void *, fr_info_t *, ap_session_t *, nat_t *)); 17 int ipf_p_tftp_in __P((void *, fr_info_t *, ap_session_t *, nat_t *)); 18 int ipf_p_tftp_client __P((fr_info_t *, ap_session_t *, nat_t *)); 19 int ipf_p_tftp_server __P((fr_info_t *, ap_session_t *, nat_t *)); 20 int ipf_p_tftp_backchannel __P((fr_info_t *, ap_session_t *, nat_t *)); 21 22 static frentry_t tftpfr; 23 24 int tftp_proxy_init = 0; 25 26 typedef struct tftpinfo { 27 nat_t *ti_datanat; 28 ipstate_t *ti_datastate; 29 int ti_lastcmd; 30 int ti_nextblk; 31 int ti_lastblk; 32 int ti_lasterror; 33 char ti_filename[80]; 34 } tftpinfo_t; 35 36 #define TFTP_CMD_READ 1 37 #define TFTP_CMD_WRITE 2 38 #define TFTP_CMD_DATA 3 39 #define TFTP_CMD_ACK 4 40 #define TFTP_CMD_ERROR 5 41 42 43 /* 44 * TFTP application proxy initialization. 45 */ 46 void 47 ipf_p_tftp_main_load() 48 { 49 50 bzero((char *)&tftpfr, sizeof(tftpfr)); 51 tftpfr.fr_ref = 1; 52 tftpfr.fr_flags = FR_INQUE|FR_PASS|FR_QUICK|FR_KEEPSTATE; 53 MUTEX_INIT(&tftpfr.fr_lock, "TFTP proxy rule lock"); 54 tftp_proxy_init = 1; 55 } 56 57 58 void 59 ipf_p_tftp_main_unload() 60 { 61 62 if (tftp_proxy_init == 1) { 63 MUTEX_DESTROY(&tftpfr.fr_lock); 64 tftp_proxy_init = 0; 65 } 66 } 67 68 69 int 70 ipf_p_tftp_out(arg, fin, aps, nat) 71 void *arg; 72 fr_info_t *fin; 73 ap_session_t *aps; 74 nat_t *nat; 75 { 76 77 if (nat->nat_dir == NAT_OUTBOUND) 78 return ipf_p_tftp_client(fin, aps, nat); 79 return ipf_p_tftp_server(fin, aps, nat); 80 } 81 82 83 int 84 ipf_p_tftp_in(arg, fin, aps, nat) 85 void *arg; 86 fr_info_t *fin; 87 ap_session_t *aps; 88 nat_t *nat; 89 { 90 91 if (nat->nat_dir == NAT_INBOUND) 92 return ipf_p_tftp_client(fin, aps, nat); 93 return ipf_p_tftp_server(fin, aps, nat); 94 } 95 96 97 int 98 ipf_p_tftp_new(arg, fin, aps, nat) 99 void *arg; 100 fr_info_t *fin; 101 ap_session_t *aps; 102 nat_t *nat; 103 { 104 udphdr_t *udp; 105 tftpinfo_t *ti; 106 107 KMALLOC(ti, tftpinfo_t *); 108 if (ti == NULL) 109 return -1; 110 111 aps->aps_data = ti; 112 aps->aps_psiz = sizeof(*ti); 113 ti->ti_lastcmd = 0; 114 115 nat = nat; /* LINT */ 116 fin = fin; /* LINT */ 117 118 udp = (udphdr_t *)fin->fin_dp; 119 aps->aps_sport = udp->uh_sport; 120 aps->aps_dport = udp->uh_dport; 121 return 0; 122 } 123 124 125 /* 126 * Setup for a new TFTP proxy. 127 */ 128 int 129 ipf_p_tftp_backchannel(fin, aps, nat) 130 fr_info_t *fin; 131 ap_session_t *aps; 132 nat_t *nat; 133 { 134 ipf_main_softc_t *softc = fin->fin_main_soft; 135 #ifdef USE_MUTEXES 136 ipf_nat_softc_t *softn = softc->ipf_nat_soft; 137 #endif 138 struct in_addr swip,swip2; 139 tftpinfo_t *ti; 140 udphdr_t *udp; 141 fr_info_t fi; 142 nat_t *nat2; 143 144 ti = aps->aps_data; 145 udp = (udphdr_t *)fin->fin_dp; 146 /* 147 * Add skeleton NAT entry for connection which will come back the 148 * other way. 149 */ 150 bcopy((char *)fin, (char *)&fi, sizeof(fi)); 151 fi.fin_flx |= FI_IGNORE; 152 fi.fin_data[1] = 0; 153 if (nat->nat_dir == NAT_OUTBOUND) 154 nat2 = ipf_nat_outlookup(&fi, NAT_SEARCH|IPN_UDP, 155 nat->nat_pr[0], nat->nat_osrcip, 156 nat->nat_odstip); 157 else 158 nat2 = ipf_nat_inlookup(&fi, NAT_SEARCH|IPN_UDP, 159 nat->nat_pr[0], nat->nat_nsrcip, 160 nat->nat_odstip); 161 if (nat2 == NULL) { 162 u_short slen; 163 int nflags; 164 ip_t *ip; 165 166 ip = fin->fin_ip; 167 slen = ip->ip_len; 168 ip->ip_len = htons(fin->fin_hlen + sizeof(*udp)); 169 bzero((char *)udp, sizeof(*udp)); 170 udp->uh_sport = htons(fi.fin_data[0]); 171 udp->uh_dport = 0; /* XXX - don't specify remote port */ 172 udp->uh_ulen = 0; 173 udp->uh_sum = 0; 174 fi.fin_dp = (char *)udp; 175 fi.fin_fr = &tftpfr; 176 fi.fin_dlen = sizeof(*udp); 177 fi.fin_plen = fi.fin_hlen + sizeof(*udp); 178 fi.fin_flx &= FI_LOWTTL|FI_FRAG|FI_TCPUDP|FI_OPTIONS|FI_IGNORE; 179 nflags = NAT_SLAVE|IPN_UDP|SI_W_DPORT; 180 181 swip = ip->ip_src; 182 swip2 = ip->ip_dst; 183 fi.fin_fi.fi_saddr = nat->nat_osrcaddr; 184 ip->ip_src = nat->nat_osrcip; 185 fi.fin_fi.fi_daddr = nat->nat_odstaddr; 186 ip->ip_dst = nat->nat_odstip; 187 188 if (nat->nat_dir == NAT_INBOUND) 189 nflags |= NAT_NOTRULEPORT; 190 191 MUTEX_ENTER(&softn->ipf_nat_new); 192 nat2 = ipf_nat_add(&fi, nat->nat_ptr, &ti->ti_datanat, 193 nflags, nat->nat_dir); 194 MUTEX_EXIT(&softn->ipf_nat_new); 195 if (nat2 != NULL) { 196 (void) ipf_nat_proto(&fi, nat2, IPN_UDP); 197 ipf_nat_update(&fi, nat2); 198 fi.fin_ifp = NULL; 199 if (ipf_state_add(softc, &fi, &ti->ti_datastate, 200 SI_W_DPORT) != 0) { 201 ipf_nat_setpending(softc, nat2); 202 } 203 } 204 ip->ip_len = slen; 205 ip->ip_src = swip; 206 ip->ip_dst = swip2; 207 return 0; 208 } 209 return -1; 210 } 211 212 213 int 214 ipf_p_tftp_client(fin, aps, nat) 215 fr_info_t *fin; 216 ap_session_t *aps; 217 nat_t *nat; 218 { 219 u_char *msg, *s, *t; 220 tftpinfo_t *ti; 221 u_short opcode; 222 udphdr_t *udp; 223 int len; 224 225 if (fin->fin_dlen < 4) 226 return 0; 227 228 ti = aps->aps_data; 229 msg = fin->fin_dp; 230 msg += sizeof(udphdr_t); 231 opcode = (msg[0] << 8) | msg[1]; 232 233 switch (opcode) 234 { 235 case TFTP_CMD_READ : 236 case TFTP_CMD_WRITE : 237 if (fin->fin_out != 0) 238 return -1; 239 len = fin->fin_dlen - sizeof(*udp) - 2; 240 if (len > sizeof(ti->ti_filename) - 1) 241 len = sizeof(ti->ti_filename) - 1; 242 s = msg + 2; 243 for (t = (u_char *)ti->ti_filename; (len > 0); len--, s++) { 244 *t++ = *s; 245 if (*s == '\0') 246 break; 247 } 248 break; 249 default : 250 return -1; 251 } 252 253 ti = aps->aps_data; 254 ti->ti_lastcmd = opcode; 255 return 0; 256 } 257 258 259 int 260 ipf_p_tftp_server(fin, aps, nat) 261 fr_info_t *fin; 262 ap_session_t *aps; 263 nat_t *nat; 264 { 265 tftpinfo_t *ti; 266 u_short opcode; 267 u_short arg; 268 u_char *msg; 269 270 if (fin->fin_dlen < 4) 271 return 0; 272 273 ti = aps->aps_data; 274 msg = fin->fin_dp; 275 msg += sizeof(udphdr_t); 276 arg = (msg[2] << 8) | msg[3]; 277 opcode = (msg[0] << 8) | msg[1]; 278 279 switch (opcode) 280 { 281 case TFTP_CMD_ACK : 282 /* This proxy should not see any ACKS for DATA blocks */ 283 if (fin->fin_out != 1) 284 return -1; 285 if ((arg == 0) && 286 (ti->ti_lastcmd == TFTP_CMD_READ || 287 ti->ti_lastcmd == TFTP_CMD_WRITE)) 288 ipf_p_tftp_backchannel(fin, aps, nat); 289 ti->ti_lastblk = arg; 290 break; 291 case TFTP_CMD_ERROR : 292 if (fin->fin_out != 1) 293 return -1; 294 ti->ti_lasterror = arg; 295 break; 296 default : 297 return -1; 298 } 299 300 ti->ti_lastcmd = opcode; 301 return 0; 302 } 303
Indexes created Sat Sep 27 22:09:54 GMT 2025