[BACK]Return to fwsync_workers.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / fwsync / driver
File:  [ELWIX - Embedded LightWeight unIX -] / fwsync / driver / fwsync_workers.c
Revision 1.19.2.1: download - view: text, annotated - select for diffs - revision graph
Sat Aug 27 14:29:12 2022 UTC (21 months, 1 week ago) by misho
Branches: fwsync1_2
Diff to: branchpoint 1.19: preferred, unified
skip errno=13

    1: /*-
    2:  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
    3:  *
    4:  * Copyright (c) 2022 Michael Pounov <misho@elwix.org>, CloudSigma AG
    5:  *
    6:  * Redistribution and use in source and binary forms, with or without
    7:  * modification, are permitted provided that the following conditions
    8:  * are met:
    9:  * 1. Redistributions of source code must retain the above copyright
   10:  *    notice, this list of conditions and the following disclaimer.
   11:  * 2. Redistributions in binary form must reproduce the above copyright
   12:  *    notice, this list of conditions and the following disclaimer in the
   13:  *    documentation and/or other materials provided with the distribution.
   14:  *
   15:  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   16:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   17:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   18:  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   19:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   20:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   21:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   22:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   23:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   24:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   25:  * SUCH DAMAGE.
   26:  */
   27: #include "fwsync.h"
   28: 
   29: 
   30: int
   31: fwsync_add_state(const struct fws_proto *pkt)
   32: {
   33: 	struct fws_sndpkt *p;
   34: 
   35: 	DTRACE();
   36: 
   37: 	if (!pkt || pkt->fws_addrtype == 1)
   38: 		return 0;	/* skip ethernet packet */
   39: 
   40: 	p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO);
   41: 	if (!p) {
   42: 		return ENOMEM;
   43: 	} else
   44: 		memcpy(&p->sp_proto, pkt, sizeof(struct fws_proto));
   45: 
   46: 	mtx_lock(&fws_mtx_u);
   47: 	TAILQ_INSERT_TAIL(&fwsync_updpkt, p, sp_next);
   48: 	mtx_unlock(&fws_mtx_u);
   49: 	return 0;
   50: }
   51: 
   52: 
   53: int
   54: fwsync_add_alias(const struct fws_proto *pkt)
   55: {
   56: 	struct fws_sndpkt *p;
   57: 
   58: 	DTRACE();
   59: 
   60: 	if (!pkt || pkt->fws_addrtype == 1 || pkt->fws_addrtype == 6)
   61: 		return 0;	/* skip packet */
   62: 
   63: 	p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO);
   64: 	if (!p) {
   65: 		return ENOMEM;
   66: 	} else
   67: 		memcpy(&p->sp_proto, pkt, sizeof(struct fws_proto));
   68: 
   69: 	mtx_lock(&fws_mtx_n);
   70: 	TAILQ_INSERT_TAIL(&fwsync_natpkt, p, sp_next);
   71: 	mtx_unlock(&fws_mtx_n);
   72: 	return 0;
   73: }
   74: 
   75: 
   76: void
   77: fwsync_sndpkt_handler(void *context, int pending)
   78: {
   79: 	struct fws_sndpkt *pkt;
   80: 	struct mbuf *m2, *m;
   81: 	int e;
   82: 
   83: 	DTRACE();
   84: 
   85: 	do {
   86: 		mtx_lock(&fws_mtx_c);
   87: 		pkt = TAILQ_FIRST(&fwsync_sndpkt);
   88: 		if (pkt)
   89: 			TAILQ_REMOVE(&fwsync_sndpkt, pkt, sp_next);
   90: 		mtx_unlock(&fws_mtx_c);
   91: 
   92: 		if (!pkt)	/* sending queue is empty */
   93: 			break;
   94: 
   95: 		if (!(fws_cfg.cfg.on & CFG_SYNC_COLLECTOR)) {
   96: 			free(pkt, M_FWSYNC);
   97: 			continue;
   98: 		}
   99: 
  100: 		m = m_gethdr(M_NOWAIT, MT_DATA);
  101: 		if (!m) {
  102: 			free(pkt, M_FWSYNC);
  103: 			continue;
  104: 		}
  105: 
  106: 		memcpy(mtod(m, struct fws_proto *), &pkt->sp_proto, sizeof pkt->sp_proto);
  107: 		m->m_len = sizeof pkt->sp_proto;
  108: 		m_fixhdr(m);
  109: 
  110: 		if ((fws_ctx.config & (CTX_COLLECTOR_2_ONLINE | CTX_COLLECTOR_2_READY)) == 
  111: 				(CTX_COLLECTOR_2_ONLINE | CTX_COLLECTOR_2_READY)) {
  112: 			m2 = m_copypacket(m, M_NOWAIT);
  113: 			if (!m2) {
  114: 				printf("error in copypacket for second collector\n");
  115: 				goto out;
  116: 			}
  117: 			e = sosend(fws_ctx.sockz[CFG_SYNC_ADDR_COLLECTOR_2], 
  118: 					&fws_cfg.cfg_addr[CFG_SYNC_ADDR_COLLECTOR_2].addr, NULL, 
  119: 					m2, NULL, 0, curthread);
  120: 			if (e && e != EAGAIN && e != EACCES)
  121: 				printf("error in collector %d handler #%d\n", CFG_SYNC_ADDR_COLLECTOR_2, e);
  122: 		}
  123: 
  124: 		if ((fws_ctx.config & (CTX_COLLECTOR_1_ONLINE | CTX_COLLECTOR_1_READY)) == 
  125: 				(CTX_COLLECTOR_1_ONLINE | CTX_COLLECTOR_1_READY)) {
  126: 			m2 = m_copypacket(m, M_NOWAIT);
  127: 			if (!m2) {
  128: 				printf("error in copypacket for first collector\n");
  129: 				goto out;
  130: 			}
  131: 			e = sosend(fws_ctx.sockz[CFG_SYNC_ADDR_COLLECTOR_1], 
  132: 					&fws_cfg.cfg_addr[CFG_SYNC_ADDR_COLLECTOR_1].addr, NULL, 
  133: 					m2, NULL, 0, curthread);
  134: 			if (e && e != EAGAIN && e != EACCES)
  135: 				printf("error in collector %d handler #%d\n", CFG_SYNC_ADDR_COLLECTOR_1, e);
  136: 		}
  137: out:
  138: 		m_freem(m);
  139: 		free(pkt, M_FWSYNC);
  140: 	} while (--pending);
  141: }
  142: 
  143: int
  144: fwsync_state_handler(const void *arg, const void *extdata)
  145: {
  146: 	const struct ipfw_flow_id *pkt = arg;
  147: 	const struct ipfw_dyn_hook_extdata *edata = extdata;
  148: 	struct fws_proto *spkt;
  149: 	struct fws_sndpkt *p;
  150: 
  151: 	DTRACE();
  152: 
  153: 	if (!pkt || pkt->addr_type == 1)
  154: 		return 0;	/* skip ethernet packet */
  155: 
  156: 	mtx_lock(&fws_mtx_c);
  157: 
  158: 	p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO);
  159: 	if (!p) {
  160: 		mtx_unlock(&fws_mtx_c);
  161: 		return 0;
  162: 	} else
  163: 		spkt = &p->sp_proto;
  164: 
  165: 	spkt->fws_version = FWS_PKTVER_STATE;
  166: 	spkt->fws_fib = pkt->fib;
  167: 	spkt->fws_cmdtype = edata->cmdtype;
  168: 	spkt->fws_kidx = edata->kidx;
  169: 	spkt->fws_ruleid = edata->ruleid;
  170: 	spkt->fws_rulenum = edata->rulenum;
  171: 	spkt->fws_proto = pkt->proto;
  172: 	spkt->fws_addrtype = pkt->addr_type;
  173: 	spkt->fws_sport = pkt->src_port;
  174: 	spkt->fws_dport = pkt->dst_port;
  175: 
  176: 	switch (pkt->addr_type) {
  177: 		case 4:
  178: 			spkt->fws_saddr.s_addr = pkt->src_ip;
  179: 			spkt->fws_daddr.s_addr = pkt->dst_ip;
  180: 			spkt->fws_scopeid = 0;
  181: 			break;
  182: 		case 6:
  183: 			memcpy(&spkt->fws_saddr6, &pkt->src_ip6, sizeof spkt->fws_saddr6);
  184: 			memcpy(&spkt->fws_daddr6, &pkt->dst_ip6, sizeof spkt->fws_daddr6);
  185: 			spkt->fws_scopeid = pkt->flow_id6;
  186: 			break;
  187: 		default:
  188: 			free(p, M_FWSYNC);
  189: 			mtx_unlock(&fws_mtx_c);
  190: 			return EINVAL;
  191: 	}
  192: 
  193: 	TAILQ_INSERT_TAIL(&fwsync_sndpkt, p, sp_next);
  194: 
  195: 	fws_acct.states[0]++;
  196: 
  197: 	mtx_unlock(&fws_mtx_c);
  198: 
  199: 	taskqueue_enqueue(fws_tq, &fws_sndpkt_task);
  200: 	return 0;
  201: }
  202: 
  203: int
  204: fwsync_alias_handler(const void *arg, const void *extdata)
  205: {
  206: 	const struct alias_link *lnk = arg;
  207: 	struct fws_proto *spkt;
  208: 	struct fws_sndpkt *p;
  209: 
  210: 	DTRACE();
  211: 
  212: 	if (!lnk || lnk->link_type >= IPPROTO_MAX)
  213: 		return 0;
  214: 
  215: 	mtx_lock(&fws_mtx_c);
  216: 
  217: 	p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO);
  218: 	if (!p) {
  219: 		mtx_unlock(&fws_mtx_c);
  220: 		return 0;
  221: 	} else
  222: 		spkt = &p->sp_proto;
  223: 
  224: 	spkt->fws_version = FWS_PKTVER_ALIAS;
  225: 	spkt->fws_proto = lnk->link_type;
  226: 	spkt->fws_addrtype = 4;
  227: 	spkt->fws_sport = lnk->src_port;
  228: 	spkt->fws_dport = lnk->dst_port;
  229: 	spkt->fws_aport = lnk->alias_port;
  230: 	spkt->fws_pport = lnk->proxy_port;
  231: 	spkt->fws_saddr.s_addr = lnk->src_addr.s_addr;
  232: 	spkt->fws_daddr.s_addr = lnk->dst_addr.s_addr;
  233: 	spkt->fws_aaddr.s_addr = lnk->alias_addr.s_addr;
  234: 	spkt->fws_paddr.s_addr = lnk->proxy_addr.s_addr;
  235: 
  236: 	TAILQ_INSERT_TAIL(&fwsync_sndpkt, p, sp_next);
  237: 
  238: 	fws_acct.aliases[0]++;
  239: 
  240: 	mtx_unlock(&fws_mtx_c);
  241: 
  242: 	taskqueue_enqueue(fws_tq, &fws_sndpkt_task);
  243: 	return 0;
  244: }
  245: 
  246: int
  247: fwsync_state_sync(const void *arg, const void *extdata)
  248: {
  249: 	struct fws_sndpkt *pkt;
  250: 	struct ipfw_flow_id fid;
  251: 	struct ip_fw *rule;
  252: 	int f_pos;
  253: 	struct ip_fw_chain *chain = &V_layer3_chain;
  254: 
  255: 	DTRACE();
  256: 
  257: 	mtx_lock(&fws_mtx_u);
  258: 	pkt = TAILQ_FIRST(&fwsync_updpkt);
  259: 	if (pkt) {
  260: 		TAILQ_REMOVE(&fwsync_updpkt, pkt, sp_next);
  261: 		fws_acct.states[1]++;
  262: 	}
  263: 	mtx_unlock(&fws_mtx_u);
  264: 
  265: 	if (!pkt)	/* update queue is empty */
  266: 		return 0;
  267: 
  268: 	if (!(fws_cfg.cfg.on & CFG_SYNC_EDGE)) {
  269: 		free(pkt, M_FWSYNC);
  270: 		return EAGAIN;
  271: 	}
  272: 
  273: 	memset(&fid, 0, sizeof fid);
  274: 	fid.fib = pkt->sp_proto.fws_fib;
  275: 	fid.proto = pkt->sp_proto.fws_proto;
  276: 	fid.addr_type = pkt->sp_proto.fws_addrtype;
  277: 	fid.src_port = pkt->sp_proto.fws_sport;
  278: 	fid.dst_port = pkt->sp_proto.fws_dport;
  279: 	switch (pkt->sp_proto.fws_addrtype) {
  280: 		case 4:
  281: 			fid.src_ip = pkt->sp_proto.fws_saddr.s_addr;
  282: 			fid.dst_ip = pkt->sp_proto.fws_daddr.s_addr;
  283: 			break;
  284: 		case 6:
  285: 			memcpy(&fid.src_ip6, &pkt->sp_proto.fws_saddr6, sizeof fid.src_ip6);
  286: 			memcpy(&fid.dst_ip6, &pkt->sp_proto.fws_daddr6, sizeof fid.dst_ip6);
  287: 			fid.flow_id6 = pkt->sp_proto.fws_scopeid;
  288: 			break;
  289: 		default:
  290: 			free(pkt, M_FWSYNC);
  291: 			return EINVAL;
  292: 	}
  293: 
  294: 	f_pos = ipfw_find_rule(chain, pkt->sp_proto.fws_ruleid, pkt->sp_proto.fws_rulenum);
  295: 	rule = chain->map[f_pos];
  296: 	ipfw_dyn_install_sync_state(&fid, rule, 
  297: 			pkt->sp_proto.fws_ruleid, pkt->sp_proto.fws_rulenum, 
  298: 			pkt->sp_proto.fws_kidx, pkt->sp_proto.fws_cmdtype);
  299: 
  300: 	free(pkt, M_FWSYNC);
  301: 	return 0;
  302: }
  303: 
  304: int
  305: fwsync_alias_sync(const void *arg, const void *extdata)
  306: {
  307: 	struct fws_sndpkt *pkt;
  308: 	const struct cfg_nat *t = arg;
  309: 
  310: 	DTRACE();
  311: 
  312: 	mtx_lock(&fws_mtx_n);
  313: 	while ((pkt = TAILQ_FIRST(&fwsync_natpkt))) {
  314: 		TAILQ_REMOVE(&fwsync_natpkt, pkt, sp_next);
  315: 		fws_acct.aliases[1]++;
  316: 
  317: 		if (!(fws_cfg.cfg.on & CFG_SYNC_EDGE)) {
  318: 			free(pkt, M_FWSYNC);
  319: 			continue;
  320: 		}
  321: 
  322: 		if (t) {
  323: 			LIBALIAS_LOCK(t->lib);
  324: 			AddLink(t->lib, pkt->sp_proto.fws_saddr, 
  325: 					pkt->sp_proto.fws_daddr, 
  326: 					pkt->sp_proto.fws_aaddr, 
  327: 					pkt->sp_proto.fws_sport, 
  328: 					pkt->sp_proto.fws_dport, 
  329: 					pkt->sp_proto.fws_aport, 
  330: 					pkt->sp_proto.fws_linktype | LINK_SYNC_MASK);
  331: 			LIBALIAS_UNLOCK(t->lib);
  332: 		}
  333: 
  334: 		free(pkt, M_FWSYNC);
  335: 	}
  336: 	mtx_unlock(&fws_mtx_n);
  337: 
  338: 	return 0;
  339: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>