ip_icmp.c revision cd0a67b2dd5f66f87aca9ad79dda62a2ce142817
/* $Id$ */
/** @file
*/
/*
* Copyright (C) 2006-2012 Oracle Corporation
*
* This file is part of VirtualBox Open Source Edition (OSE), as
* available from http://www.virtualbox.org. This file is free software;
* General Public License (GPL) as published by the Free Software
* Foundation, in version 2 as it comes in the "COPYING" file of the
* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
*/
/*
* This code is based on:
*
* Copyright (c) 1982, 1986, 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)ip_icmp.c 8.2 (Berkeley) 1/4/94
* ip_icmp.c,v 1.7 1995/05/30 08:09:42 rgrimes Exp
*/
#include "slirp.h"
#include "ip_icmp.h"
/* The message sent when emulating PING */
/* Be nice and tell them it's just a psuedo-ping packet */
static const char icmp_ping_msg[] = "This is a psuedo-PING packet used by Slirp to emulate ICMP ECHO-REQUEST packets.\n";
/* list of actions for icmp_error() on RX of an icmp message */
static const int icmp_flush[19] =
{
/* ECHO REPLY (0) */ 0,
1,
1,
/* DEST UNREACH (3) */ 1,
/* SOURCE QUENCH (4)*/ 1,
/* REDIRECT (5) */ 1,
1,
1,
/* ECHO (8) */ 0,
/* ROUTERADVERT (9) */ 1,
/* ROUTERSOLICIT (10) */ 1,
/* TIME EXCEEDED (11) */ 1,
/* PARAMETER PROBLEM (12) */ 1,
/* TIMESTAMP (13) */ 0,
/* TIMESTAMP REPLY (14) */ 0,
/* INFO (15) */ 0,
/* INFO REPLY (16) */ 0,
/* ADDR MASK (17) */ 0,
/* ADDR MASK REPLY (18) */ 0
};
int
{
#ifndef RT_OS_WINDOWS
if (iIcmpCacheLimit < 0)
{
LogRel(("NAT: iIcmpCacheLimit is invalid %d, will be alter to default value 100\n", iIcmpCacheLimit));
iIcmpCacheLimit = 100;
}
# ifndef RT_OS_DARWIN
# else /* !RT_OS_DARWIN */
# endif /* RT_OS_DARWIN */
{
return 1;
}
NSOCK_INC();
#else /* RT_OS_WINDOWS */
if (icmpwin_init(pData) != 0)
return 1;
#endif /* RT_OS_WINDOWS */
return 0;
}
/**
* Cleans ICMP cache.
*/
void
{
#ifdef RT_OS_WINDOWS
#else
#endif
}
#if !defined(RT_OS_WINDOWS)
/*
* ip here is ip header + 64bytes readed from ICMP packet
*/
struct icmp_msg *
{
int found = 0;
lport = ~0;
fport = ~0;
{
case IPPROTO_ICMP:
{
{
/* try next item */
continue;
}
/*
* IP could pointer to ICMP_REPLY datagram (1)
* or pointer IP header in ICMP payload in case of
* ICMP_TIMXCEED or ICMP_UNREACH (2)
*
* if (1) and then ICMP (type should be ICMP_ECHOREPLY) and we need check that
* IP.IP_SRC == IP0.IP_DST received datagramm comes from destination.
*
* if (2) then check that payload ICMP has got type ICMP_ECHO and
* IP.IP_DST == IP0.IP_DST destination of returned datagram is the same as
* one was sent.
*/
{
found = 1;
break;
}
Log(("Have found nothing\n"));
}
break;
/*
* for TCP and UDP logic little bit reverted, we try to find the HOST socket
* from which the IP package has been sent.
*/
case IPPROTO_UDP:
head_socket = &udb;
/* fall through */
case IPPROTO_TCP:
if (head_socket == NULL)
{
}
/* check last socket first */
{
found = 1;
so = last_socket;
goto sofound;
}
{
/* Should be reaplaced by hash here */
Log(("trying:%R[natsock] against %RTnaipv4:%d lport=%d hlport=%d\n", so, &faddr, fport, lport, so->so_hlport));
{
found = 1;
break;
}
}
break;
default:
}
{
{
/* socket is shutdowning we've already sent ICMP on it.*/
Log(("NAT: Received icmp on shutdowning socket (probably corresponding ICMP socket has been already sent)\n"));
return NULL;
}
found = 1;
/*XXX: this storage not very long,
* better add flag if it should removed from lis
*/
pData->cIcmpCacheSize++;
return (icm);
}
if (found == 1)
{
return icm;
}
LogFlowFunc(("LEAVE: NULL\n"));
return NULL;
}
/**
* iEntries how many entries to leave, if iEntries < 0, clean all
*/
{
int iIcmpCount = 0;
{
return;
}
{
if ( iEntries > 0
&& iIcmpCount < iEntries)
{
iIcmpCount++;
continue;
}
{
pData->cIcmpCacheSize--;
}
}
}
static int
{
pData->cIcmpCacheSize++;
return 0;
}
#endif /* !RT_OS_WINDOWS */
/*
* Process a received ICMP message.
*/
void
{
/* int code; */
/*
* Locate icmp structure in mbuf, and check
* that its not corrupted and of at least minimum length.
*/
if (icmplen < ICMP_MINLEN)
{
/* min 8 bytes payload */
goto end_error_free_m;
}
{
goto end_error_free_m;
}
/* are we guaranteed to have ICMP header in first mbuf? be safe. */
/* icmpstat.icps_inhist[icp->icmp_type]++; */
/* code = icp->icmp_code; */
switch (icmp_type)
{
case ICMP_ECHO:
{
icmp_reflect(pData, m);
goto done;
}
#ifdef RT_OS_WINDOWS
{
break; /* free mbuf */
}
#else
{
struct sockaddr_in addr;
/* XXX: FIXME: this is bogus, see CTL_CHECKs above */
{
/* It's an alias */
{
case CTL_DNS:
case CTL_ALIAS:
default:
break;
}
}
else
if (m->m_next)
{
if (!icp_buf)
{
Log(("NAT: not enought memory to allocate the buffer\n"));
goto end_error_free_m;
}
}
else
{
static bool fIcmpSocketErrorReported;
int ttl;
int status;
if (status < 0)
Log(("NAT: Error (%s) occurred while setting TTL attribute of IP packet\n",
if (rc >= 0)
{
icmp_attach(pData, m);
/* don't let m_freem at the end free atached buffer */
goto done;
}
if (!fIcmpSocketErrorReported)
{
LogRel(("icmp_input udp sendto tx errno = %d (%s)\n",
fIcmpSocketErrorReported = true;
}
}
}
#endif /* !RT_OS_WINDOWS */
break;
case ICMP_UNREACH:
case ICMP_TIMXCEED:
/* @todo(vvl): both up cases comes from guest,
* indeed right solution would be find the socket
* corresponding to ICMP data and close it.
*/
case ICMP_PARAMPROB:
case ICMP_SOURCEQUENCH:
case ICMP_TSTAMP:
case ICMP_MASKREQ:
case ICMP_REDIRECT:
break;
default:
} /* switch */
done:
if (icp_buf)
}
/**
* Send an ICMP message in response to a situation
*
* RFC 1122: 3.2.2 MUST send at least the IP header and 8 bytes of header. MAY send more (we do).
* MUST NOT change this header information.
* MUST reply to only the first fragment.
*
* Send ICMP_UNREACH back to the source regarding msrc.
* It is reported as the bad ip packet. The header should
* be fully correct and in host byte order.
* ICMP fragmentation is illegal.
*
* @note: implementation note: MSIZE is 256 bytes (minimal buffer).
* We always truncate original payload to 8 bytes required by the RFC,
* so the largest possible datagram is 14 (ethernet) + 20 (ip) +
* 8 (icmp) + 60 (max original ip with options) + 8 (original payload)
* = 110 bytes which fits into sinlge mbuf.
*
* @note This function will free msrc!
*/
void icmp_error(PNATState pData, struct mbuf *msrc, u_char type, u_char code, int minsize, const char *message)
{
struct mbuf *m;
void *payload;
LogFlow(("icmp_error: msrc = %p, msrc_len = %d\n",
goto end_error;
if ( type != ICMP_UNREACH
&& type != ICMP_TIMXCEED
&& type != ICMP_SOURCEQUENCH)
goto end_error;
goto end_error;
goto end_error; /* Only reply to fragment 0 */
{
/*
* Assume any unknown ICMP type is an error. This isn't
* specified by the RFC, but think about it..
*/
goto end_error;
}
/* undo byte order conversions done in ip_input() */
if (RT_UNLIKELY(m == NULL))
goto end_error;
m->m_flags |= M_SKIP_FIREWALL;
m->m_data += if_maxlinkhdr;
/* fill in ip (ip_output0() does the boilerplate for us) */
/* ip->ip_len will be set later */
/* fill in icmp */
/* fill in icmp payload: original ip header plus 8 bytes of its payload */
/*
* Original code appended this message after the payload. This
* might have been a good idea for real slirp, as it provided a
* communication channel with the remote host. But 90s are over.
*/
/* hide ip header for icmp checksum calculation */
icp->icmp_cksum = 0;
/* reveal ip header */
/* clear source datagramm in positive branch */
return;
/*
* clear source datagramm in case if some of requirement haven't been met.
*/
if (msrc)
{
static bool fIcmpErrorReported;
if (!fIcmpErrorReported)
{
LogRel(("NAT: error occurred while sending ICMP error message\n"));
fIcmpErrorReported = true;
}
}
}
/*
* Reflect the ip packet back to the source
* Note: m isn't duplicated by this method and more delivered to ip_output then.
*/
void
{
LogFlowFunc(("ENTER: m:%p\n", m));
/*
* Send an icmp packet back to the ip level,
* after supplying a checksum.
*/
icp->icmp_cksum = 0;
}