|
version 1.1.1.2, 2012/05/29 12:55:57
|
version 1.1.1.3, 2013/07/22 00:32:35
|
|
Line 13
|
Line 13
|
| #include <netinet/in.h> |
#include <netinet/in.h> |
| #include <arpa/inet.h> |
#include <arpa/inet.h> |
| #include <dlfcn.h> |
#include <dlfcn.h> |
| |
#include <xtables.h> |
| #include <libiptc/libiptc.h> |
#include <libiptc/libiptc.h> |
| #include <iptables.h> |
|
| |
|
| #include <linux/version.h> |
#include <linux/version.h> |
| |
|
|
Line 29
|
Line 29
|
| #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr)) |
#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr)) |
| #define LIST_POISON2 ((void *) 0x00200200 ) |
#define LIST_POISON2 ((void *) 0x00200200 ) |
| |
|
| #include <net/netfilter/nf_nat.h> | #if 0 |
| | #include <linux/netfilter/nf_nat.h> |
| | #else |
| | #include "tiny_nf_nat.h" |
| | #endif |
| #define ip_nat_multi_range nf_nat_multi_range |
#define ip_nat_multi_range nf_nat_multi_range |
| #define ip_nat_range nf_nat_range |
#define ip_nat_range nf_nat_range |
| #define IPTC_HANDLE struct iptc_handle * |
#define IPTC_HANDLE struct iptc_handle * |
|
Line 38
|
Line 42
|
| #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,22) |
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,22) |
| #include <linux/netfilter_ipv4/ip_nat.h> |
#include <linux/netfilter_ipv4/ip_nat.h> |
| #else |
#else |
| |
#if 0 |
| #include <linux/netfilter/nf_nat.h> |
#include <linux/netfilter/nf_nat.h> |
| |
#else |
| |
#include "tiny_nf_nat.h" |
| #endif |
#endif |
| |
#endif |
| #define IPTC_HANDLE iptc_handle_t |
#define IPTC_HANDLE iptc_handle_t |
| #endif |
#endif |
| |
|
|
Line 48
|
Line 56
|
| #define IPT_ALIGN XT_ALIGN |
#define IPT_ALIGN XT_ALIGN |
| #endif |
#endif |
| |
|
| |
#include "../macros.h" |
| |
#include "../config.h" |
| #include "iptcrdr.h" |
#include "iptcrdr.h" |
| #include "../upnpglobalvars.h" |
#include "../upnpglobalvars.h" |
| |
|
|
Line 196 add_redirect_rule2(const char * ifname,
|
Line 206 add_redirect_rule2(const char * ifname,
|
| const char * iaddr, unsigned short iport, int proto, |
const char * iaddr, unsigned short iport, int proto, |
| const char * desc, unsigned int timestamp) |
const char * desc, unsigned int timestamp) |
| { |
{ |
| int r = addnatrule(proto, eport, iaddr, iport, rhost); | int r; |
| | UNUSED(ifname); |
| | |
| | r = addnatrule(proto, eport, iaddr, iport, rhost); |
| if(r >= 0) |
if(r >= 0) |
| add_redirect_desc(eport, proto, desc, timestamp); |
add_redirect_desc(eport, proto, desc, timestamp); |
| return r; |
return r; |
|
Line 208 add_filter_rule2(const char * ifname,
|
Line 221 add_filter_rule2(const char * ifname,
|
| unsigned short eport, unsigned short iport, |
unsigned short eport, unsigned short iport, |
| int proto, const char * desc) |
int proto, const char * desc) |
| { |
{ |
| |
UNUSED(ifname); |
| |
UNUSED(eport); |
| |
UNUSED(desc); |
| |
|
| return add_filter_rule(proto, rhost, iaddr, iport); |
return add_filter_rule(proto, rhost, iaddr, iport); |
| } |
} |
| |
|
| /* get_redirect_rule() | /* get_redirect_rule() |
| * returns -1 if the rule is not found */ |
* returns -1 if the rule is not found */ |
| int |
int |
| get_redirect_rule(const char * ifname, unsigned short eport, int proto, |
get_redirect_rule(const char * ifname, unsigned short eport, int proto, |
|
Line 227 get_redirect_rule(const char * ifname, unsigned short
|
Line 244 get_redirect_rule(const char * ifname, unsigned short
|
| const struct ipt_entry_target * target; |
const struct ipt_entry_target * target; |
| const struct ip_nat_multi_range * mr; |
const struct ip_nat_multi_range * mr; |
| const struct ipt_entry_match *match; |
const struct ipt_entry_match *match; |
| |
UNUSED(ifname); |
| |
|
| h = iptc_init("nat"); |
h = iptc_init("nat"); |
| if(!h) |
if(!h) |
|
Line 270 get_redirect_rule(const char * ifname, unsigned short
|
Line 288 get_redirect_rule(const char * ifname, unsigned short
|
| continue; |
continue; |
| } |
} |
| target = (void *)e + e->target_offset; |
target = (void *)e + e->target_offset; |
| //target = ipt_get_target(e); | /* target = ipt_get_target(e); */ |
| mr = (const struct ip_nat_multi_range *)&target->data[0]; |
mr = (const struct ip_nat_multi_range *)&target->data[0]; |
| snprintip(iaddr, iaddrlen, ntohl(mr->range[0].min_ip)); |
snprintip(iaddr, iaddrlen, ntohl(mr->range[0].min_ip)); |
| *iport = ntohs(mr->range[0].min.all); |
*iport = ntohs(mr->range[0].min.all); |
|
Line 297 get_redirect_rule(const char * ifname, unsigned short
|
Line 315 get_redirect_rule(const char * ifname, unsigned short
|
| return r; |
return r; |
| } |
} |
| |
|
| /* get_redirect_rule_by_index() | /* get_redirect_rule_by_index() |
| * return -1 when the rule was not found */ |
* return -1 when the rule was not found */ |
| int |
int |
| get_redirect_rule_by_index(int index, |
get_redirect_rule_by_index(int index, |
|
Line 324 get_redirect_rule_by_index(int index,
|
Line 342 get_redirect_rule_by_index(int index,
|
| const struct ipt_entry_target * target; |
const struct ipt_entry_target * target; |
| const struct ip_nat_multi_range * mr; |
const struct ip_nat_multi_range * mr; |
| const struct ipt_entry_match *match; |
const struct ipt_entry_match *match; |
| |
UNUSED(ifname); |
| |
|
| h = iptc_init("nat"); |
h = iptc_init("nat"); |
| if(!h) |
if(!h) |
|
Line 569 delete_redirect_and_filter_rules(unsigned short eport,
|
Line 588 delete_redirect_and_filter_rules(unsigned short eport,
|
| } |
} |
| |
|
| /* ==================================== */ |
/* ==================================== */ |
| /* TODO : add the -m state --state NEW,ESTABLISHED,RELATED | /* TODO : add the -m state --state NEW,ESTABLISHED,RELATED |
| * only for the filter rule */ |
* only for the filter rule */ |
| static struct ipt_entry_match * |
static struct ipt_entry_match * |
| get_tcp_match(unsigned short dport) |
get_tcp_match(unsigned short dport) |
|
Line 703 iptc_init_verify_and_append(const char * table,
|
Line 722 iptc_init_verify_and_append(const char * table,
|
| return 0; |
return 0; |
| } |
} |
| |
|
| /* add nat rule | /* add nat rule |
| * iptables -t nat -A MINIUPNPD -p proto --dport eport -j DNAT --to iaddr:iport |
* iptables -t nat -A MINIUPNPD -p proto --dport eport -j DNAT --to iaddr:iport |
| * */ |
* */ |
| static int |
static int |
|
Line 745 addnatrule(int proto, unsigned short eport,
|
Line 764 addnatrule(int proto, unsigned short eport,
|
| e->ip.src.s_addr = inet_addr(rhost); |
e->ip.src.s_addr = inet_addr(rhost); |
| e->ip.smsk.s_addr = INADDR_NONE; |
e->ip.smsk.s_addr = INADDR_NONE; |
| } |
} |
| | |
| r = iptc_init_verify_and_append("nat", miniupnpd_nat_chain, e, "addnatrule()"); |
r = iptc_init_verify_and_append("nat", miniupnpd_nat_chain, e, "addnatrule()"); |
| free(target); |
free(target); |
| free(match); |
free(match); |
|
Line 808 add_filter_rule(int proto, const char * rhost,
|
Line 827 add_filter_rule(int proto, const char * rhost,
|
| e->ip.src.s_addr = inet_addr(rhost); |
e->ip.src.s_addr = inet_addr(rhost); |
| e->ip.smsk.s_addr = INADDR_NONE; |
e->ip.smsk.s_addr = INADDR_NONE; |
| } |
} |
| | |
| r = iptc_init_verify_and_append("filter", miniupnpd_forward_chain, e, "add_filter_rule()"); |
r = iptc_init_verify_and_append("filter", miniupnpd_forward_chain, e, "add_filter_rule()"); |
| free(target); |
free(target); |
| free(match); |
free(match); |
|
Line 976 list_redirect_rule(const char * ifname)
|
Line 995 list_redirect_rule(const char * ifname)
|
| const struct ip_nat_multi_range * mr; |
const struct ip_nat_multi_range * mr; |
| const char * target_str; |
const char * target_str; |
| char addr[16], mask[16]; |
char addr[16], mask[16]; |
| |
(void)ifname; |
| |
|
| h = iptc_init("nat"); |
h = iptc_init("nat"); |
| if(!h) |
if(!h) |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to iptcrdr.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / miniupnpd / netfilter