aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2006-09-20 15:07:39 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 18:20:07 -0400
commitedd5a329cf69c112882e03c8ab55e985062a5d2a (patch)
treebbaad0b5ccb74b6eff9a81ed6b6df99dfb674a0f /net
parent127f15dd659b20e722561ff8c86dc058e1a72323 (diff)
[NETFILTER]: PPTP conntrack: fix whitespace errors
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/netfilter/ip_conntrack_helper_pptp.c76
-rw-r--r--net/ipv4/netfilter/ip_conntrack_proto_gre.c28
-rw-r--r--net/ipv4/netfilter/ip_nat_helper_pptp.c92
-rw-r--r--net/ipv4/netfilter/ip_nat_proto_gre.c20
4 files changed, 108 insertions, 108 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
index b020a33e65e9..6c94dd5d476c 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
@@ -20,11 +20,11 @@
20 * - We can only support one single call within each session 20 * - We can only support one single call within each session
21 * 21 *
22 * TODO: 22 * TODO:
23 * - testing of incoming PPTP calls 23 * - testing of incoming PPTP calls
24 * 24 *
25 * Changes: 25 * Changes:
26 * 2002-02-05 - Version 1.3 26 * 2002-02-05 - Version 1.3
27 * - Call ip_conntrack_unexpect_related() from 27 * - Call ip_conntrack_unexpect_related() from
28 * pptp_destroy_siblings() to destroy expectations in case 28 * pptp_destroy_siblings() to destroy expectations in case
29 * CALL_DISCONNECT_NOTIFY or tcp fin packet was seen 29 * CALL_DISCONNECT_NOTIFY or tcp fin packet was seen
30 * (Philip Craig <philipc@snapgear.com>) 30 * (Philip Craig <philipc@snapgear.com>)
@@ -141,7 +141,7 @@ static void pptp_expectfn(struct ip_conntrack *ct,
141 invert_tuplepr(&inv_t, &exp->tuple); 141 invert_tuplepr(&inv_t, &exp->tuple);
142 DEBUGP("trying to unexpect other dir: "); 142 DEBUGP("trying to unexpect other dir: ");
143 DUMP_TUPLE(&inv_t); 143 DUMP_TUPLE(&inv_t);
144 144
145 exp_other = ip_conntrack_expect_find(&inv_t); 145 exp_other = ip_conntrack_expect_find(&inv_t);
146 if (exp_other) { 146 if (exp_other) {
147 /* delete other expectation. */ 147 /* delete other expectation. */
@@ -194,7 +194,7 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct)
194{ 194{
195 struct ip_conntrack_tuple t; 195 struct ip_conntrack_tuple t;
196 196
197 /* Since ct->sibling_list has literally rusted away in 2.6.11, 197 /* Since ct->sibling_list has literally rusted away in 2.6.11,
198 * we now need another way to find out about our sibling 198 * we now need another way to find out about our sibling
199 * contrack and expects... -HW */ 199 * contrack and expects... -HW */
200 200
@@ -264,7 +264,7 @@ exp_gre(struct ip_conntrack *master,
264 exp_orig->mask.dst.u.gre.key = htons(0xffff); 264 exp_orig->mask.dst.u.gre.key = htons(0xffff);
265 exp_orig->mask.dst.ip = 0xffffffff; 265 exp_orig->mask.dst.ip = 0xffffffff;
266 exp_orig->mask.dst.protonum = 0xff; 266 exp_orig->mask.dst.protonum = 0xff;
267 267
268 exp_orig->master = master; 268 exp_orig->master = master;
269 exp_orig->expectfn = pptp_expectfn; 269 exp_orig->expectfn = pptp_expectfn;
270 exp_orig->flags = 0; 270 exp_orig->flags = 0;
@@ -322,7 +322,7 @@ out_unexpect_orig:
322 goto out_put_both; 322 goto out_put_both;
323} 323}
324 324
325static inline int 325static inline int
326pptp_inbound_pkt(struct sk_buff **pskb, 326pptp_inbound_pkt(struct sk_buff **pskb,
327 struct tcphdr *tcph, 327 struct tcphdr *tcph,
328 unsigned int nexthdr_off, 328 unsigned int nexthdr_off,
@@ -336,7 +336,7 @@ pptp_inbound_pkt(struct sk_buff **pskb,
336 struct ip_ct_pptp_master *info = &ct->help.ct_pptp_info; 336 struct ip_ct_pptp_master *info = &ct->help.ct_pptp_info;
337 u_int16_t msg; 337 u_int16_t msg;
338 __be16 *cid, *pcid; 338 __be16 *cid, *pcid;
339 u_int32_t seq; 339 u_int32_t seq;
340 340
341 ctlh = skb_header_pointer(*pskb, nexthdr_off, sizeof(_ctlh), &_ctlh); 341 ctlh = skb_header_pointer(*pskb, nexthdr_off, sizeof(_ctlh), &_ctlh);
342 if (!ctlh) { 342 if (!ctlh) {
@@ -373,7 +373,7 @@ pptp_inbound_pkt(struct sk_buff **pskb,
373 } 373 }
374 if (pptpReq->srep.resultCode == PPTP_START_OK) 374 if (pptpReq->srep.resultCode == PPTP_START_OK)
375 info->sstate = PPTP_SESSION_CONFIRMED; 375 info->sstate = PPTP_SESSION_CONFIRMED;
376 else 376 else
377 info->sstate = PPTP_SESSION_ERROR; 377 info->sstate = PPTP_SESSION_ERROR;
378 break; 378 break;
379 379
@@ -420,22 +420,22 @@ pptp_inbound_pkt(struct sk_buff **pskb,
420 pcid = &pptpReq->ocack.peersCallID; 420 pcid = &pptpReq->ocack.peersCallID;
421 421
422 info->pac_call_id = ntohs(*cid); 422 info->pac_call_id = ntohs(*cid);
423 423
424 if (htons(info->pns_call_id) != *pcid) { 424 if (htons(info->pns_call_id) != *pcid) {
425 DEBUGP("%s for unknown callid %u\n", 425 DEBUGP("%s for unknown callid %u\n",
426 pptp_msg_name[msg], ntohs(*pcid)); 426 pptp_msg_name[msg], ntohs(*pcid));
427 break; 427 break;
428 } 428 }
429 429
430 DEBUGP("%s, CID=%X, PCID=%X\n", pptp_msg_name[msg], 430 DEBUGP("%s, CID=%X, PCID=%X\n", pptp_msg_name[msg],
431 ntohs(*cid), ntohs(*pcid)); 431 ntohs(*cid), ntohs(*pcid));
432 432
433 info->cstate = PPTP_CALL_OUT_CONF; 433 info->cstate = PPTP_CALL_OUT_CONF;
434 434
435 seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr) 435 seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr)
436 + sizeof(struct PptpControlHeader) 436 + sizeof(struct PptpControlHeader)
437 + ((void *)pcid - (void *)pptpReq); 437 + ((void *)pcid - (void *)pptpReq);
438 438
439 if (exp_gre(ct, seq, *cid, *pcid) != 0) 439 if (exp_gre(ct, seq, *cid, *pcid) != 0)
440 printk("ip_conntrack_pptp: error during exp_gre\n"); 440 printk("ip_conntrack_pptp: error during exp_gre\n");
441 break; 441 break;
@@ -479,7 +479,7 @@ pptp_inbound_pkt(struct sk_buff **pskb,
479 cid = &info->pac_call_id; 479 cid = &info->pac_call_id;
480 480
481 if (info->pns_call_id != ntohs(*pcid)) { 481 if (info->pns_call_id != ntohs(*pcid)) {
482 DEBUGP("%s for unknown CallID %u\n", 482 DEBUGP("%s for unknown CallID %u\n",
483 pptp_msg_name[msg], ntohs(*pcid)); 483 pptp_msg_name[msg], ntohs(*pcid));
484 break; 484 break;
485 } 485 }
@@ -491,7 +491,7 @@ pptp_inbound_pkt(struct sk_buff **pskb,
491 seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr) 491 seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr)
492 + sizeof(struct PptpControlHeader) 492 + sizeof(struct PptpControlHeader)
493 + ((void *)pcid - (void *)pptpReq); 493 + ((void *)pcid - (void *)pptpReq);
494 494
495 if (exp_gre(ct, seq, *cid, *pcid) != 0) 495 if (exp_gre(ct, seq, *cid, *pcid) != 0)
496 printk("ip_conntrack_pptp: error during exp_gre\n"); 496 printk("ip_conntrack_pptp: error during exp_gre\n");
497 497
@@ -554,7 +554,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
554 return NF_ACCEPT; 554 return NF_ACCEPT;
555 nexthdr_off += sizeof(_ctlh); 555 nexthdr_off += sizeof(_ctlh);
556 datalen -= sizeof(_ctlh); 556 datalen -= sizeof(_ctlh);
557 557
558 reqlen = datalen; 558 reqlen = datalen;
559 if (reqlen > sizeof(*pptpReq)) 559 if (reqlen > sizeof(*pptpReq))
560 reqlen = sizeof(*pptpReq); 560 reqlen = sizeof(*pptpReq);
@@ -606,7 +606,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
606 /* client answers incoming call */ 606 /* client answers incoming call */
607 if (info->cstate != PPTP_CALL_IN_REQ 607 if (info->cstate != PPTP_CALL_IN_REQ
608 && info->cstate != PPTP_CALL_IN_REP) { 608 && info->cstate != PPTP_CALL_IN_REP) {
609 DEBUGP("%s without incall_req\n", 609 DEBUGP("%s without incall_req\n",
610 pptp_msg_name[msg]); 610 pptp_msg_name[msg]);
611 break; 611 break;
612 } 612 }
@@ -616,7 +616,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
616 } 616 }
617 pcid = &pptpReq->icack.peersCallID; 617 pcid = &pptpReq->icack.peersCallID;
618 if (info->pac_call_id != ntohs(*pcid)) { 618 if (info->pac_call_id != ntohs(*pcid)) {
619 DEBUGP("%s for unknown call %u\n", 619 DEBUGP("%s for unknown call %u\n",
620 pptp_msg_name[msg], ntohs(*pcid)); 620 pptp_msg_name[msg], ntohs(*pcid));
621 break; 621 break;
622 } 622 }
@@ -644,12 +644,12 @@ pptp_outbound_pkt(struct sk_buff **pskb,
644 /* I don't have to explain these ;) */ 644 /* I don't have to explain these ;) */
645 break; 645 break;
646 default: 646 default:
647 DEBUGP("invalid %s (TY=%d)\n", (msg <= PPTP_MSG_MAX)? 647 DEBUGP("invalid %s (TY=%d)\n", (msg <= PPTP_MSG_MAX)?
648 pptp_msg_name[msg]:pptp_msg_name[0], msg); 648 pptp_msg_name[msg]:pptp_msg_name[0], msg);
649 /* unknown: no need to create GRE masq table entry */ 649 /* unknown: no need to create GRE masq table entry */
650 break; 650 break;
651 } 651 }
652 652
653 if (ip_nat_pptp_hook_outbound) 653 if (ip_nat_pptp_hook_outbound)
654 return ip_nat_pptp_hook_outbound(pskb, ct, ctinfo, ctlh, 654 return ip_nat_pptp_hook_outbound(pskb, ct, ctinfo, ctlh,
655 pptpReq); 655 pptpReq);
@@ -659,7 +659,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
659 659
660 660
661/* track caller id inside control connection, call expect_related */ 661/* track caller id inside control connection, call expect_related */
662static int 662static int
663conntrack_pptp_help(struct sk_buff **pskb, 663conntrack_pptp_help(struct sk_buff **pskb,
664 struct ip_conntrack *ct, enum ip_conntrack_info ctinfo) 664 struct ip_conntrack *ct, enum ip_conntrack_info ctinfo)
665 665
@@ -676,12 +676,12 @@ conntrack_pptp_help(struct sk_buff **pskb,
676 int ret; 676 int ret;
677 677
678 /* don't do any tracking before tcp handshake complete */ 678 /* don't do any tracking before tcp handshake complete */
679 if (ctinfo != IP_CT_ESTABLISHED 679 if (ctinfo != IP_CT_ESTABLISHED
680 && ctinfo != IP_CT_ESTABLISHED+IP_CT_IS_REPLY) { 680 && ctinfo != IP_CT_ESTABLISHED+IP_CT_IS_REPLY) {
681 DEBUGP("ctinfo = %u, skipping\n", ctinfo); 681 DEBUGP("ctinfo = %u, skipping\n", ctinfo);
682 return NF_ACCEPT; 682 return NF_ACCEPT;
683 } 683 }
684 684
685 nexthdr_off = (*pskb)->nh.iph->ihl*4; 685 nexthdr_off = (*pskb)->nh.iph->ihl*4;
686 tcph = skb_header_pointer(*pskb, nexthdr_off, sizeof(_tcph), &_tcph); 686 tcph = skb_header_pointer(*pskb, nexthdr_off, sizeof(_tcph), &_tcph);
687 BUG_ON(!tcph); 687 BUG_ON(!tcph);
@@ -735,28 +735,28 @@ conntrack_pptp_help(struct sk_buff **pskb,
735} 735}
736 736
737/* control protocol helper */ 737/* control protocol helper */
738static struct ip_conntrack_helper pptp = { 738static struct ip_conntrack_helper pptp = {
739 .list = { NULL, NULL }, 739 .list = { NULL, NULL },
740 .name = "pptp", 740 .name = "pptp",
741 .me = THIS_MODULE, 741 .me = THIS_MODULE,
742 .max_expected = 2, 742 .max_expected = 2,
743 .timeout = 5 * 60, 743 .timeout = 5 * 60,
744 .tuple = { .src = { .ip = 0, 744 .tuple = { .src = { .ip = 0,
745 .u = { .tcp = { .port = 745 .u = { .tcp = { .port =
746 __constant_htons(PPTP_CONTROL_PORT) } } 746 __constant_htons(PPTP_CONTROL_PORT) } }
747 }, 747 },
748 .dst = { .ip = 0, 748 .dst = { .ip = 0,
749 .u = { .all = 0 }, 749 .u = { .all = 0 },
750 .protonum = IPPROTO_TCP 750 .protonum = IPPROTO_TCP
751 } 751 }
752 }, 752 },
753 .mask = { .src = { .ip = 0, 753 .mask = { .src = { .ip = 0,
754 .u = { .tcp = { .port = __constant_htons(0xffff) } } 754 .u = { .tcp = { .port = __constant_htons(0xffff) } }
755 }, 755 },
756 .dst = { .ip = 0, 756 .dst = { .ip = 0,
757 .u = { .all = 0 }, 757 .u = { .all = 0 },
758 .protonum = 0xff 758 .protonum = 0xff
759 } 759 }
760 }, 760 },
761 .help = conntrack_pptp_help 761 .help = conntrack_pptp_help
762}; 762};
@@ -768,7 +768,7 @@ extern int __init ip_ct_proto_gre_init(void);
768static int __init ip_conntrack_helper_pptp_init(void) 768static int __init ip_conntrack_helper_pptp_init(void)
769{ 769{
770 int retcode; 770 int retcode;
771 771
772 retcode = ip_ct_proto_gre_init(); 772 retcode = ip_ct_proto_gre_init();
773 if (retcode < 0) 773 if (retcode < 0)
774 return retcode; 774 return retcode;
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_gre.c b/net/ipv4/netfilter/ip_conntrack_proto_gre.c
index 92c6d8b178c9..5fe026f467d3 100644
--- a/net/ipv4/netfilter/ip_conntrack_proto_gre.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_gre.c
@@ -1,15 +1,15 @@
1/* 1/*
2 * ip_conntrack_proto_gre.c - Version 3.0 2 * ip_conntrack_proto_gre.c - Version 3.0
3 * 3 *
4 * Connection tracking protocol helper module for GRE. 4 * Connection tracking protocol helper module for GRE.
5 * 5 *
6 * GRE is a generic encapsulation protocol, which is generally not very 6 * GRE is a generic encapsulation protocol, which is generally not very
7 * suited for NAT, as it has no protocol-specific part as port numbers. 7 * suited for NAT, as it has no protocol-specific part as port numbers.
8 * 8 *
9 * It has an optional key field, which may help us distinguishing two 9 * It has an optional key field, which may help us distinguishing two
10 * connections between the same two hosts. 10 * connections between the same two hosts.
11 * 11 *
12 * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 12 * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784
13 * 13 *
14 * PPTP is built on top of a modified version of GRE, and has a mandatory 14 * PPTP is built on top of a modified version of GRE, and has a mandatory
15 * field called "CallID", which serves us for the same purpose as the key 15 * field called "CallID", which serves us for the same purpose as the key
@@ -61,7 +61,7 @@ MODULE_DESCRIPTION("netfilter connection tracking protocol helper for GRE");
61#define DEBUGP(x, args...) 61#define DEBUGP(x, args...)
62#define DUMP_TUPLE_GRE(x) 62#define DUMP_TUPLE_GRE(x)
63#endif 63#endif
64 64
65/* GRE KEYMAP HANDLING FUNCTIONS */ 65/* GRE KEYMAP HANDLING FUNCTIONS */
66static LIST_HEAD(gre_keymap_list); 66static LIST_HEAD(gre_keymap_list);
67 67
@@ -88,7 +88,7 @@ static __be16 gre_keymap_lookup(struct ip_conntrack_tuple *t)
88 } 88 }
89 } 89 }
90 read_unlock_bh(&ip_ct_gre_lock); 90 read_unlock_bh(&ip_ct_gre_lock);
91 91
92 DEBUGP("lookup src key 0x%x up key for ", key); 92 DEBUGP("lookup src key 0x%x up key for ", key);
93 DUMP_TUPLE_GRE(t); 93 DUMP_TUPLE_GRE(t);
94 94
@@ -107,7 +107,7 @@ ip_ct_gre_keymap_add(struct ip_conntrack *ct,
107 return -1; 107 return -1;
108 } 108 }
109 109
110 if (!reply) 110 if (!reply)
111 exist_km = &ct->help.ct_pptp_info.keymap_orig; 111 exist_km = &ct->help.ct_pptp_info.keymap_orig;
112 else 112 else
113 exist_km = &ct->help.ct_pptp_info.keymap_reply; 113 exist_km = &ct->help.ct_pptp_info.keymap_reply;
@@ -118,7 +118,7 @@ ip_ct_gre_keymap_add(struct ip_conntrack *ct,
118 if (gre_key_cmpfn(km, t) && km == *exist_km) 118 if (gre_key_cmpfn(km, t) && km == *exist_km)
119 return 0; 119 return 0;
120 } 120 }
121 DEBUGP("trying to override keymap_%s for ct %p\n", 121 DEBUGP("trying to override keymap_%s for ct %p\n",
122 reply? "reply":"orig", ct); 122 reply? "reply":"orig", ct);
123 return -EEXIST; 123 return -EEXIST;
124 } 124 }
@@ -152,7 +152,7 @@ void ip_ct_gre_keymap_destroy(struct ip_conntrack *ct)
152 152
153 write_lock_bh(&ip_ct_gre_lock); 153 write_lock_bh(&ip_ct_gre_lock);
154 if (ct->help.ct_pptp_info.keymap_orig) { 154 if (ct->help.ct_pptp_info.keymap_orig) {
155 DEBUGP("removing %p from list\n", 155 DEBUGP("removing %p from list\n",
156 ct->help.ct_pptp_info.keymap_orig); 156 ct->help.ct_pptp_info.keymap_orig);
157 list_del(&ct->help.ct_pptp_info.keymap_orig->list); 157 list_del(&ct->help.ct_pptp_info.keymap_orig->list);
158 kfree(ct->help.ct_pptp_info.keymap_orig); 158 kfree(ct->help.ct_pptp_info.keymap_orig);
@@ -220,7 +220,7 @@ static int gre_pkt_to_tuple(const struct sk_buff *skb,
220static int gre_print_tuple(struct seq_file *s, 220static int gre_print_tuple(struct seq_file *s,
221 const struct ip_conntrack_tuple *tuple) 221 const struct ip_conntrack_tuple *tuple)
222{ 222{
223 return seq_printf(s, "srckey=0x%x dstkey=0x%x ", 223 return seq_printf(s, "srckey=0x%x dstkey=0x%x ",
224 ntohs(tuple->src.u.gre.key), 224 ntohs(tuple->src.u.gre.key),
225 ntohs(tuple->dst.u.gre.key)); 225 ntohs(tuple->dst.u.gre.key));
226} 226}
@@ -250,14 +250,14 @@ static int gre_packet(struct ip_conntrack *ct,
250 } else 250 } else
251 ip_ct_refresh_acct(ct, conntrackinfo, skb, 251 ip_ct_refresh_acct(ct, conntrackinfo, skb,
252 ct->proto.gre.timeout); 252 ct->proto.gre.timeout);
253 253
254 return NF_ACCEPT; 254 return NF_ACCEPT;
255} 255}
256 256
257/* Called when a new connection for this protocol found. */ 257/* Called when a new connection for this protocol found. */
258static int gre_new(struct ip_conntrack *ct, 258static int gre_new(struct ip_conntrack *ct,
259 const struct sk_buff *skb) 259 const struct sk_buff *skb)
260{ 260{
261 DEBUGP(": "); 261 DEBUGP(": ");
262 DUMP_TUPLE_GRE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); 262 DUMP_TUPLE_GRE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple);
263 263
@@ -283,9 +283,9 @@ static void gre_destroy(struct ip_conntrack *ct)
283} 283}
284 284
285/* protocol helper struct */ 285/* protocol helper struct */
286static struct ip_conntrack_protocol gre = { 286static struct ip_conntrack_protocol gre = {
287 .proto = IPPROTO_GRE, 287 .proto = IPPROTO_GRE,
288 .name = "gre", 288 .name = "gre",
289 .pkt_to_tuple = gre_pkt_to_tuple, 289 .pkt_to_tuple = gre_pkt_to_tuple,
290 .invert_tuple = gre_invert_tuple, 290 .invert_tuple = gre_invert_tuple,
291 .print_tuple = gre_print_tuple, 291 .print_tuple = gre_print_tuple,
@@ -323,7 +323,7 @@ void ip_ct_proto_gre_fini(void)
323 } 323 }
324 write_unlock_bh(&ip_ct_gre_lock); 324 write_unlock_bh(&ip_ct_gre_lock);
325 325
326 ip_conntrack_protocol_unregister(&gre); 326 ip_conntrack_protocol_unregister(&gre);
327} 327}
328 328
329EXPORT_SYMBOL(ip_ct_gre_keymap_add); 329EXPORT_SYMBOL(ip_ct_gre_keymap_add);
diff --git a/net/ipv4/netfilter/ip_nat_helper_pptp.c b/net/ipv4/netfilter/ip_nat_helper_pptp.c
index 1d149964dc38..5dde1da1c300 100644
--- a/net/ipv4/netfilter/ip_nat_helper_pptp.c
+++ b/net/ipv4/netfilter/ip_nat_helper_pptp.c
@@ -32,7 +32,7 @@
32 * 2005-06-10 - Version 3.0 32 * 2005-06-10 - Version 3.0
33 * - kernel >= 2.6.11 version, 33 * - kernel >= 2.6.11 version,
34 * funded by Oxcoda NetBox Blue (http://www.netboxblue.com/) 34 * funded by Oxcoda NetBox Blue (http://www.netboxblue.com/)
35 * 35 *
36 */ 36 */
37 37
38#include <linux/module.h> 38#include <linux/module.h>
@@ -93,10 +93,10 @@ static void pptp_nat_expected(struct ip_conntrack *ct,
93 DEBUGP("we are PAC->PNS\n"); 93 DEBUGP("we are PAC->PNS\n");
94 /* build tuple for PNS->PAC */ 94 /* build tuple for PNS->PAC */
95 t.src.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; 95 t.src.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip;
96 t.src.u.gre.key = 96 t.src.u.gre.key =
97 htons(master->nat.help.nat_pptp_info.pns_call_id); 97 htons(master->nat.help.nat_pptp_info.pns_call_id);
98 t.dst.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; 98 t.dst.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip;
99 t.dst.u.gre.key = 99 t.dst.u.gre.key =
100 htons(master->nat.help.nat_pptp_info.pac_call_id); 100 htons(master->nat.help.nat_pptp_info.pac_call_id);
101 t.dst.protonum = IPPROTO_GRE; 101 t.dst.protonum = IPPROTO_GRE;
102 } 102 }
@@ -153,47 +153,47 @@ pptp_outbound_pkt(struct sk_buff **pskb,
153 unsigned int cid_off; 153 unsigned int cid_off;
154 154
155 new_callid = htons(ct_pptp_info->pns_call_id); 155 new_callid = htons(ct_pptp_info->pns_call_id);
156 156
157 switch (msg = ntohs(ctlh->messageType)) { 157 switch (msg = ntohs(ctlh->messageType)) {
158 case PPTP_OUT_CALL_REQUEST: 158 case PPTP_OUT_CALL_REQUEST:
159 cid_off = offsetof(union pptp_ctrl_union, ocreq.callID); 159 cid_off = offsetof(union pptp_ctrl_union, ocreq.callID);
160 /* FIXME: ideally we would want to reserve a call ID 160 /* FIXME: ideally we would want to reserve a call ID
161 * here. current netfilter NAT core is not able to do 161 * here. current netfilter NAT core is not able to do
162 * this :( For now we use TCP source port. This breaks 162 * this :( For now we use TCP source port. This breaks
163 * multiple calls within one control session */ 163 * multiple calls within one control session */
164 164
165 /* save original call ID in nat_info */ 165 /* save original call ID in nat_info */
166 nat_pptp_info->pns_call_id = ct_pptp_info->pns_call_id; 166 nat_pptp_info->pns_call_id = ct_pptp_info->pns_call_id;
167 167
168 /* don't use tcph->source since we are at a DSTmanip 168 /* don't use tcph->source since we are at a DSTmanip
169 * hook (e.g. PREROUTING) and pkt is not mangled yet */ 169 * hook (e.g. PREROUTING) and pkt is not mangled yet */
170 new_callid = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.tcp.port; 170 new_callid = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.tcp.port;
171 171
172 /* save new call ID in ct info */ 172 /* save new call ID in ct info */
173 ct_pptp_info->pns_call_id = ntohs(new_callid); 173 ct_pptp_info->pns_call_id = ntohs(new_callid);
174 break; 174 break;
175 case PPTP_IN_CALL_REPLY: 175 case PPTP_IN_CALL_REPLY:
176 cid_off = offsetof(union pptp_ctrl_union, icreq.callID); 176 cid_off = offsetof(union pptp_ctrl_union, icreq.callID);
177 break; 177 break;
178 case PPTP_CALL_CLEAR_REQUEST: 178 case PPTP_CALL_CLEAR_REQUEST:
179 cid_off = offsetof(union pptp_ctrl_union, clrreq.callID); 179 cid_off = offsetof(union pptp_ctrl_union, clrreq.callID);
180 break; 180 break;
181 default: 181 default:
182 DEBUGP("unknown outbound packet 0x%04x:%s\n", msg, 182 DEBUGP("unknown outbound packet 0x%04x:%s\n", msg,
183 (msg <= PPTP_MSG_MAX)? 183 (msg <= PPTP_MSG_MAX)?
184 pptp_msg_name[msg]:pptp_msg_name[0]); 184 pptp_msg_name[msg]:pptp_msg_name[0]);
185 /* fall through */ 185 /* fall through */
186 186
187 case PPTP_SET_LINK_INFO: 187 case PPTP_SET_LINK_INFO:
188 /* only need to NAT in case PAC is behind NAT box */ 188 /* only need to NAT in case PAC is behind NAT box */
189 case PPTP_START_SESSION_REQUEST: 189 case PPTP_START_SESSION_REQUEST:
190 case PPTP_START_SESSION_REPLY: 190 case PPTP_START_SESSION_REPLY:
191 case PPTP_STOP_SESSION_REQUEST: 191 case PPTP_STOP_SESSION_REQUEST:
192 case PPTP_STOP_SESSION_REPLY: 192 case PPTP_STOP_SESSION_REPLY:
193 case PPTP_ECHO_REQUEST: 193 case PPTP_ECHO_REQUEST:
194 case PPTP_ECHO_REPLY: 194 case PPTP_ECHO_REPLY:
195 /* no need to alter packet */ 195 /* no need to alter packet */
196 return NF_ACCEPT; 196 return NF_ACCEPT;
197 } 197 }
198 198
199 /* only OUT_CALL_REQUEST, IN_CALL_REPLY, CALL_CLEAR_REQUEST pass 199 /* only OUT_CALL_REQUEST, IN_CALL_REPLY, CALL_CLEAR_REQUEST pass
@@ -216,9 +216,9 @@ static int
216pptp_exp_gre(struct ip_conntrack_expect *expect_orig, 216pptp_exp_gre(struct ip_conntrack_expect *expect_orig,
217 struct ip_conntrack_expect *expect_reply) 217 struct ip_conntrack_expect *expect_reply)
218{ 218{
219 struct ip_ct_pptp_master *ct_pptp_info = 219 struct ip_ct_pptp_master *ct_pptp_info =
220 &expect_orig->master->help.ct_pptp_info; 220 &expect_orig->master->help.ct_pptp_info;
221 struct ip_nat_pptp *nat_pptp_info = 221 struct ip_nat_pptp *nat_pptp_info =
222 &expect_orig->master->nat.help.nat_pptp_info; 222 &expect_orig->master->nat.help.nat_pptp_info;
223 223
224 struct ip_conntrack *ct = expect_orig->master; 224 struct ip_conntrack *ct = expect_orig->master;
@@ -324,7 +324,7 @@ pptp_inbound_pkt(struct sk_buff **pskb,
324 break; 324 break;
325 325
326 default: 326 default:
327 DEBUGP("unknown inbound packet %s\n", (msg <= PPTP_MSG_MAX)? 327 DEBUGP("unknown inbound packet %s\n", (msg <= PPTP_MSG_MAX)?
328 pptp_msg_name[msg]:pptp_msg_name[0]); 328 pptp_msg_name[msg]:pptp_msg_name[0]);
329 /* fall through */ 329 /* fall through */
330 330
diff --git a/net/ipv4/netfilter/ip_nat_proto_gre.c b/net/ipv4/netfilter/ip_nat_proto_gre.c
index 70a65372225a..a5226691f02c 100644
--- a/net/ipv4/netfilter/ip_nat_proto_gre.c
+++ b/net/ipv4/netfilter/ip_nat_proto_gre.c
@@ -6,10 +6,10 @@
6 * GRE is a generic encapsulation protocol, which is generally not very 6 * GRE is a generic encapsulation protocol, which is generally not very
7 * suited for NAT, as it has no protocol-specific part as port numbers. 7 * suited for NAT, as it has no protocol-specific part as port numbers.
8 * 8 *
9 * It has an optional key field, which may help us distinguishing two 9 * It has an optional key field, which may help us distinguishing two
10 * connections between the same two hosts. 10 * connections between the same two hosts.
11 * 11 *
12 * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 12 * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784
13 * 13 *
14 * PPTP is built on top of a modified version of GRE, and has a mandatory 14 * PPTP is built on top of a modified version of GRE, and has a mandatory
15 * field called "CallID", which serves us for the same purpose as the key 15 * field called "CallID", which serves us for the same purpose as the key
@@ -60,7 +60,7 @@ gre_in_range(const struct ip_conntrack_tuple *tuple,
60} 60}
61 61
62/* generate unique tuple ... */ 62/* generate unique tuple ... */
63static int 63static int
64gre_unique_tuple(struct ip_conntrack_tuple *tuple, 64gre_unique_tuple(struct ip_conntrack_tuple *tuple,
65 const struct ip_nat_range *range, 65 const struct ip_nat_range *range,
66 enum ip_nat_manip_type maniptype, 66 enum ip_nat_manip_type maniptype,
@@ -84,7 +84,7 @@ gre_unique_tuple(struct ip_conntrack_tuple *tuple,
84 range_size = ntohs(range->max.gre.key) - min + 1; 84 range_size = ntohs(range->max.gre.key) - min + 1;
85 } 85 }
86 86
87 DEBUGP("min = %u, range_size = %u\n", min, range_size); 87 DEBUGP("min = %u, range_size = %u\n", min, range_size);
88 88
89 for (i = 0; i < range_size; i++, key++) { 89 for (i = 0; i < range_size; i++, key++) {
90 *keyptr = htons(min + key % range_size); 90 *keyptr = htons(min + key % range_size);
@@ -117,7 +117,7 @@ gre_manip_pkt(struct sk_buff **pskb,
117 greh = (void *)(*pskb)->data + hdroff; 117 greh = (void *)(*pskb)->data + hdroff;
118 pgreh = (struct gre_hdr_pptp *) greh; 118 pgreh = (struct gre_hdr_pptp *) greh;
119 119
120 /* we only have destination manip of a packet, since 'source key' 120 /* we only have destination manip of a packet, since 'source key'
121 * is not present in the packet itself */ 121 * is not present in the packet itself */
122 if (maniptype == IP_NAT_MANIP_DST) { 122 if (maniptype == IP_NAT_MANIP_DST) {
123 /* key manipulation is always dest */ 123 /* key manipulation is always dest */
@@ -129,7 +129,7 @@ gre_manip_pkt(struct sk_buff **pskb,
129 } 129 }
130 if (greh->csum) { 130 if (greh->csum) {
131 /* FIXME: Never tested this code... */ 131 /* FIXME: Never tested this code... */
132 *(gre_csum(greh)) = 132 *(gre_csum(greh)) =
133 nf_proto_csum_update(*pskb, 133 nf_proto_csum_update(*pskb,
134 ~*(gre_key(greh)), 134 ~*(gre_key(greh)),
135 tuple->dst.u.gre.key, 135 tuple->dst.u.gre.key,
@@ -138,7 +138,7 @@ gre_manip_pkt(struct sk_buff **pskb,
138 *(gre_key(greh)) = tuple->dst.u.gre.key; 138 *(gre_key(greh)) = tuple->dst.u.gre.key;
139 break; 139 break;
140 case GRE_VERSION_PPTP: 140 case GRE_VERSION_PPTP:
141 DEBUGP("call_id -> 0x%04x\n", 141 DEBUGP("call_id -> 0x%04x\n",
142 ntohs(tuple->dst.u.gre.key)); 142 ntohs(tuple->dst.u.gre.key));
143 pgreh->call_id = tuple->dst.u.gre.key; 143 pgreh->call_id = tuple->dst.u.gre.key;
144 break; 144 break;
@@ -152,8 +152,8 @@ gre_manip_pkt(struct sk_buff **pskb,
152} 152}
153 153
154/* nat helper struct */ 154/* nat helper struct */
155static struct ip_nat_protocol gre = { 155static struct ip_nat_protocol gre = {
156 .name = "GRE", 156 .name = "GRE",
157 .protonum = IPPROTO_GRE, 157 .protonum = IPPROTO_GRE,
158 .manip_pkt = gre_manip_pkt, 158 .manip_pkt = gre_manip_pkt,
159 .in_range = gre_in_range, 159 .in_range = gre_in_range,
@@ -164,7 +164,7 @@ static struct ip_nat_protocol gre = {
164 .nfattr_to_range = ip_nat_port_nfattr_to_range, 164 .nfattr_to_range = ip_nat_port_nfattr_to_range,
165#endif 165#endif
166}; 166};
167 167
168int __init ip_nat_proto_gre_init(void) 168int __init ip_nat_proto_gre_init(void)
169{ 169{
170 return ip_nat_protocol_register(&gre); 170 return ip_nat_protocol_register(&gre);
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-18 07:11:08 -0500