aboutsummaryrefslogtreecommitdiff
path: root/sys/netinet/libalias/alias.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netinet/libalias/alias.c')
-rw-r--r--sys/netinet/libalias/alias.c164
1 files changed, 95 insertions, 69 deletions
diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c
index 7858e4d2b9f3..6758813f6a21 100644
--- a/sys/netinet/libalias/alias.c
+++ b/sys/netinet/libalias/alias.c
@@ -290,13 +290,14 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
{
struct alias_link *lnk;
struct icmp *ic;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
/* Get source address from ICMP data field and restore original data */
- lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
- if (lnk != NULL) {
+ ret = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1, &lnk);
+ if (ret == PKT_ALIAS_OK) {
u_short original_id;
int accumulate;
@@ -319,10 +320,8 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
}
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
/*
@@ -337,6 +336,7 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
struct udphdr *ud;
struct tcphdr *tc;
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
@@ -346,18 +346,26 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
tc = (struct tcphdr *)ip_next(ip);
ic2 = (struct icmp *)ip_next(ip);
- if (ip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
+ if (ip->ip_p == IPPROTO_UDP) {
+ ret = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (ip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
+ IPPROTO_UDP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_TCP) {
+ ret = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- lnk = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
- else
+ IPPROTO_TCP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_ICMP) {
+ if (ic2->icmp_type == ICMP_ECHO ||
+ ic2->icmp_type == ICMP_TSTAMP) {
+ ret = FindIcmpIn(la, ip->ip_dst, ip->ip_src,
+ ic2->icmp_id, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else
lnk = NULL;
} else
lnk = NULL;
@@ -479,13 +487,15 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
{
struct alias_link *lnk;
struct icmp *ic;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
/* Save overwritten data for when echo packet returns */
- lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create);
- if (lnk != NULL) {
+ ret = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create,
+ &lnk);
+ if (ret == PKT_ALIAS_OK) {
u_short alias_id;
int accumulate;
@@ -508,10 +518,8 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
}
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
/*
@@ -526,6 +534,7 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip)
struct udphdr *ud;
struct tcphdr *tc;
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
@@ -535,18 +544,26 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip)
tc = (struct tcphdr *)ip_next(ip);
ic2 = (struct icmp *)ip_next(ip);
- if (ip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
+ if (ip->ip_p == IPPROTO_UDP) {
+ ret = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (ip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
+ IPPROTO_UDP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_TCP) {
+ ret = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- lnk = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
- else
+ IPPROTO_TCP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_ICMP) {
+ if (ic2->icmp_type == ICMP_ECHO ||
+ ic2->icmp_type == ICMP_TSTAMP) {
+ ret = FindIcmpOut(la, ip->ip_dst, ip->ip_src,
+ ic2->icmp_id, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else
lnk = NULL;
} else
lnk = NULL;
@@ -661,14 +678,15 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
struct ip *pip, u_char ip_p, u_short *ip_sum)
{
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
- lnk = FindProtoIn(la, ip_src, pip->ip_dst, ip_p);
- if (lnk != NULL) {
+ ret = FindProtoIn(la, ip_src, pip->ip_dst, ip_p, &lnk);
+ if (ret == PKT_ALIAS_OK) {
struct in_addr original_address;
original_address = GetOriginalAddress(lnk);
@@ -677,10 +695,8 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
DifferentialChecksum(ip_sum,
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
/*
@@ -693,6 +709,7 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create)
{
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -703,8 +720,8 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
if (!create)
return (PKT_ALIAS_IGNORED);
- lnk = FindProtoOut(la, pip->ip_src, ip_dst, ip_p);
- if (lnk != NULL) {
+ ret = FindProtoOut(la, pip->ip_src, ip_dst, ip_p, &lnk);
+ if (ret == PKT_ALIAS_OK) {
struct in_addr alias_address;
alias_address = GetAliasAddress(lnk);
@@ -713,10 +730,8 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
DifferentialChecksum(ip_sum,
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
#define MF_ISSET(_pip) (ntohs((_pip)->ip_off) & IP_MF)
@@ -745,6 +760,7 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
{
struct udphdr *ud;
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -752,10 +768,12 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
if (ud == NULL)
return (PKT_ALIAS_IGNORED);
- lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
- if (lnk != NULL) {
+ IPPROTO_UDP, !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY), &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ {
struct in_addr alias_address;
struct in_addr original_address;
struct in_addr proxy_address;
@@ -828,7 +846,6 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
}
static int
@@ -840,7 +857,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
struct in_addr proxy_server_address;
u_short dest_port;
u_short proxy_server_port;
- int proxy_type;
+ int proxy_type, ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -877,10 +894,12 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
pip->ip_dst = proxy_server_address;
ud->uh_dport = proxy_server_port;
}
- lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, create);
- if (lnk != NULL) {
+ IPPROTO_UDP, create, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ {
u_short alias_port;
struct in_addr alias_address;
struct alias_data ad = {
@@ -930,7 +949,6 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
}
static int
@@ -939,6 +957,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
struct tcphdr *tc;
struct alias_link *lnk;
size_t dlen;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -947,11 +966,12 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
- lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
tc->th_sport, tc->th_dport,
IPPROTO_TCP,
- !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
- if (lnk != NULL) {
+ !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY),
+ &lnk);
+ if (ret == PKT_ALIAS_OK) {
struct in_addr alias_address;
struct in_addr original_address;
struct in_addr proxy_address;
@@ -1057,13 +1077,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
static int
TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
{
- int proxy_type;
+ int proxy_type, ret;
u_short dest_port;
u_short proxy_server_port;
size_t dlen;
@@ -1108,12 +1128,12 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
accumulate -= twowords(&pip->ip_dst);
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
}
- lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
tc->th_sport, tc->th_dport,
- IPPROTO_TCP, create);
- if (lnk == NULL)
- return (PKT_ALIAS_IGNORED);
- if (lnk != NULL) {
+ IPPROTO_TCP, create, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ {
u_short alias_port;
struct in_addr alias_address;
int accumulate;
@@ -1177,7 +1197,6 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
}
/* Fragment Handling
@@ -1581,17 +1600,24 @@ LibAliasUnaliasOut(struct libalias *la,
ic = (struct icmp *)ip_next(pip);
/* Find a link */
- if (pip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
+ if (pip->ip_p == IPPROTO_UDP) {
+ iresult = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (pip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
+ IPPROTO_UDP, 0, &lnk);
+ if (iresult != PKT_ALIAS_OK)
+ goto getout;
+ } else if (pip->ip_p == IPPROTO_TCP) {
+ iresult = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (pip->ip_p == IPPROTO_ICMP)
- lnk = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
- else
+ IPPROTO_TCP, 0, &lnk);
+ if (iresult != PKT_ALIAS_OK)
+ goto getout;
+ } else if (pip->ip_p == IPPROTO_ICMP) {
+ iresult = FindIcmpIn(la, pip->ip_dst, pip->ip_src,
+ ic->icmp_id, 0, &lnk);
+ if (iresult != PKT_ALIAS_OK)
+ goto getout;
+ } else
lnk = NULL;
/* Change it from an aliased packet to an unaliased packet */
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 23:55:02 +0000