VirtualBox

source: vbox/trunk/src/VBox/Devices/Network/slirp/ip_output.c@ 103068

Last change on this file since 103068 was 98103, checked in by vboxsync, 20 months ago

Copyright year updates by scm.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 11.7 KB
Line 
1/* $Id: ip_output.c 98103 2023-01-17 14:15:46Z vboxsync $ */
2/** @file
3 * NAT - IP output.
4 */
5
6/*
7 * Copyright (C) 2006-2023 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * SPDX-License-Identifier: GPL-3.0-only
26 */
27
28/*
29 * This code is based on:
30 *
31 * Copyright (c) 1982, 1986, 1988, 1990, 1993
32 * The Regents of the University of California. All rights reserved.
33 *
34 * Redistribution and use in source and binary forms, with or without
35 * modification, are permitted provided that the following conditions
36 * are met:
37 * 1. Redistributions of source code must retain the above copyright
38 * notice, this list of conditions and the following disclaimer.
39 * 2. Redistributions in binary form must reproduce the above copyright
40 * notice, this list of conditions and the following disclaimer in the
41 * documentation and/or other materials provided with the distribution.
42 * 3. Neither the name of the University nor the names of its contributors
43 * may be used to endorse or promote products derived from this software
44 * without specific prior written permission.
45 *
46 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 *
58 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94
59 * ip_output.c,v 1.9 1994/11/16 10:17:10 jkh Exp
60 */
61
62/*
63 * Changes and additions relating to SLiRP are
64 * Copyright (c) 1995 Danny Gasparovski.
65 *
66 * Please read the file COPYRIGHT for the
67 * terms and conditions of the copyright.
68 */
69
70#include <slirp.h>
71#include <iprt/errcore.h>
72#include "alias.h"
73
74static const uint8_t broadcast_ethaddr[6] =
75{
76 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
77};
78
79static int rt_lookup_in_cache(PNATState pData, uint32_t dst, uint8_t *ether)
80{
81 int rc;
82 LogFlowFunc(("ENTER: dst:%RTnaipv4, ether:%RTmac\n", dst, ether));
83 if (dst == INADDR_BROADCAST)
84 {
85 memcpy(ether, broadcast_ethaddr, ETH_ALEN);
86 LogFlowFunc(("LEAVE: VINF_SUCCESS\n"));
87 return VINF_SUCCESS;
88 }
89
90 rc = slirp_arp_lookup_ether_by_ip(pData, dst, ether);
91 if (RT_SUCCESS(rc))
92 {
93 LogFlowFunc(("LEAVE: %Rrc\n", rc));
94 return rc;
95 }
96
97 rc = bootp_cache_lookup_ether_by_ip(pData, dst, ether);
98 if (RT_SUCCESS(rc))
99 {
100 LogFlowFunc(("LEAVE: %Rrc\n", rc));
101 return rc;
102 }
103 /*
104 * no chance to send this packet, sorry, we will request ether address via ARP
105 */
106 slirp_arp_who_has(pData, dst);
107 LogFlowFunc(("LEAVE: VERR_NOT_FOUND\n"));
108 return VERR_NOT_FOUND;
109}
110
111/*
112 * IP output. The packet in mbuf chain m contains a skeletal IP
113 * header (with len, off, ttl, proto, tos, src, dst).
114 * The mbuf chain containing the packet will be freed.
115 * The mbuf opt, if present, will not be freed.
116 */
117int
118ip_output(PNATState pData, struct socket *so, struct mbuf *m0)
119{
120 return ip_output0(pData, so, m0, 0);
121}
122
123/* This function will free m0! */
124int
125ip_output0(PNATState pData, struct socket *so, struct mbuf *m0, int urg)
126{
127 register struct ip *ip;
128 register struct mbuf *m = m0;
129 register int hlen = sizeof(struct ip);
130 int len, off, error = 0;
131 struct ethhdr *eh = NULL;
132 uint8_t eth_dst[ETH_ALEN];
133 int rc = 1;
134
135 STAM_PROFILE_START(&pData->StatIP_output, a);
136
137#ifdef LOG_ENABLED
138 LogFlowFunc(("ip_output: so = %R[natsock], m0 = %p\n", so, m0));
139#else
140 NOREF(so);
141#endif
142
143 M_ASSERTPKTHDR(m);
144 Assert(m->m_pkthdr.header);
145
146#if 0 /* We do no options */
147 if (opt)
148 {
149 m = ip_insertoptions(m, opt, &len);
150 hlen = len;
151 }
152#endif
153 ip = mtod(m, struct ip *);
154 LogFunc(("ip(src:%RTnaipv4, dst:%RTnaipv4)\n", ip->ip_src, ip->ip_dst));
155 /*
156 * Fill in IP header.
157 */
158 ip->ip_v = IPVERSION;
159 ip->ip_off &= IP_DF;
160 ip->ip_id = RT_H2N_U16(ip_currid);
161 ip->ip_hl = hlen >> 2;
162 ip_currid++;
163 ipstat.ips_localout++;
164
165 /* Current TCP/IP stack hasn't routing information at
166 * all so we need to calculate destination ethernet address
167 */
168 rc = rt_lookup_in_cache(pData, ip->ip_dst.s_addr, eth_dst);
169 if (RT_FAILURE(rc))
170 goto exit_drop_package;
171
172 eh = (struct ethhdr *)(m->m_data - ETH_HLEN);
173 /*
174 * If small enough for interface, can just send directly.
175 */
176 if ((u_int16_t)ip->ip_len <= if_mtu)
177 {
178 ip->ip_len = RT_H2N_U16((u_int16_t)ip->ip_len);
179 ip->ip_off = RT_H2N_U16((u_int16_t)ip->ip_off);
180 ip->ip_sum = 0;
181 ip->ip_sum = cksum(m, hlen);
182
183 if (!(m->m_flags & M_SKIP_FIREWALL)){
184 STAM_PROFILE_START(&pData->StatALIAS_output, b);
185 rc = LibAliasOut(pData->proxy_alias, mtod(m, char *), m_length(m, NULL));
186 if (rc == PKT_ALIAS_IGNORED)
187 {
188 Log(("NAT: packet was droppped\n"));
189 goto exit_drop_package;
190 }
191 STAM_PROFILE_STOP(&pData->StatALIAS_output, b);
192 }
193 else
194 m->m_flags &= ~M_SKIP_FIREWALL;
195
196 memcpy(eh->h_source, eth_dst, ETH_ALEN);
197
198 LogFlowFunc(("ip(ip_src:%RTnaipv4, ip_dst:%RTnaipv4)\n",
199 ip->ip_src, ip->ip_dst));
200 if_encap(pData, ETH_P_IP, m, urg? ETH_ENCAP_URG : 0);
201 goto done;
202 }
203
204 /*
205 * Too large for interface; fragment if possible.
206 * Must be able to put at least 8 bytes per fragment.
207 */
208 if (ip->ip_off & IP_DF)
209 {
210 error = -1;
211 ipstat.ips_cantfrag++;
212 goto exit_drop_package;
213 }
214
215 len = (if_mtu - hlen) &~ 7; /* ip databytes per packet */
216 if (len < 8)
217 {
218 error = -1;
219 goto exit_drop_package;
220 }
221
222 {
223 int mhlen, firstlen = len;
224 struct mbuf **mnext = &m->m_nextpkt;
225 char *buf; /* intermediate buffer we'll use for a copy of the original packet */
226 /*
227 * Loop through length of segment after first fragment,
228 * make new header and copy data of each part and link onto chain.
229 */
230 m0 = m;
231 mhlen = ip->ip_hl << 2;
232 Log(("NAT:ip:frag: mhlen = %d\n", mhlen));
233 for (off = hlen + len; off < (u_int16_t)ip->ip_len; off += len)
234 {
235 register struct ip *mhip;
236 m = m_getjcl(pData, M_NOWAIT, MT_HEADER , M_PKTHDR, slirp_size(pData));
237 if (m == 0)
238 {
239 error = -1;
240 ipstat.ips_odropped++;
241 goto exit_drop_package;
242 }
243 m->m_data += if_maxlinkhdr;
244 mhip = mtod(m, struct ip *);
245 *mhip = *ip;
246 m->m_pkthdr.header = mtod(m, void *);
247 /* we've calculated eth_dst for first packet */
248#if 0 /* No options */
249 if (hlen > sizeof (struct ip))
250 {
251 mhlen = ip_optcopy(ip, mhip) + sizeof (struct ip);
252 mhip->ip_hl = mhlen >> 2;
253 }
254#endif
255 m->m_len = mhlen;
256 mhip->ip_off = ((off - mhlen) >> 3) + (ip->ip_off & ~IP_MF);
257 if (ip->ip_off & IP_MF)
258 mhip->ip_off |= IP_MF;
259 if (off + len >= (u_int16_t)ip->ip_len)
260 len = (u_int16_t)ip->ip_len - off;
261 else
262 mhip->ip_off |= IP_MF;
263 mhip->ip_len = RT_H2N_U16((u_int16_t)(len + mhlen));
264
265 buf = RTMemAlloc(len);
266 Log(("NAT:ip:frag: alloc = %d\n", len));
267 m_copydata(m0, off, len, buf); /* copy to buffer */
268 Log(("NAT:ip:frag: m_copydata(m0 = %p,off = %d, len = %d,)\n", m0, off, len));
269
270 m->m_data += mhlen;
271 m->m_len -= mhlen;
272 m_copyback(pData, m, 0, len, buf); /* copy from buffer */
273 Log(("NAT:ip:frag: m_copyback(m = %p,, len = %d,)\n", m, len));
274 m->m_data -= mhlen;
275 m->m_len += mhlen;
276 RTMemFree(buf);
277 Assert((m->m_len == (mhlen + len)));
278
279 mhip->ip_off = RT_H2N_U16((u_int16_t)(mhip->ip_off));
280 mhip->ip_sum = 0;
281 mhip->ip_sum = cksum(m, mhlen);
282 *mnext = m;
283 mnext = &m->m_nextpkt;
284 ipstat.ips_ofragments++;
285 }
286 /*
287 * Update first fragment by trimming what's been copied out
288 * and updating header, then send each fragment (in order).
289 *
290 * note: m_adj do all required releases for chained mbufs.
291 */
292 m = m0;
293 m_adj(m, mhlen + firstlen - (u_int16_t)ip->ip_len);
294 Log(("NAT:ip:frag: m_adj(m(m_len:%d) = %p, len = %d)\n", m->m_len, m, mhlen + firstlen - (u_int16_t)ip->ip_len));
295 ip->ip_len = RT_H2N_U16((u_int16_t)mhlen + firstlen);
296 ip->ip_off = RT_H2N_U16((u_int16_t)(ip->ip_off | IP_MF));
297 ip->ip_sum = 0;
298 ip->ip_sum = cksum(m, mhlen);
299
300 if (!(m->m_flags & M_SKIP_FIREWALL)){
301 /** @todo We can't alias all fragments because the way libalias processing
302 * the fragments brake the sequence. libalias put alias_address to the source
303 * address of IP header of fragment, while IP header of the first packet is
304 * is unmodified. That confuses guest's TCP/IP stack and guest drop the sequence.
305 * Here we're letting libalias to process the first packet and send the rest as is,
306 * it's exactly the way in of packet are processing in proxyonly way.
307 * Here we need investigate what should be done to avoid such behavior and find right
308 * solution.
309 */
310 int rcLa;
311
312 rcLa = LibAliasOut(pData->proxy_alias, mtod(m, char *), m->m_len);
313 if (rcLa == PKT_ALIAS_IGNORED)
314 {
315 Log(("NAT: packet was droppped\n"));
316 goto exit_drop_package;
317 }
318 Log2(("NAT: LibAlias return %d\n", rcLa));
319 }
320 else
321 m->m_flags &= ~M_SKIP_FIREWALL;
322 for (m = m0; m; m = m0)
323 {
324 m0 = m->m_nextpkt;
325 m->m_nextpkt = 0;
326 if (error == 0)
327 {
328 m->m_data -= ETH_HLEN;
329 eh = mtod(m, struct ethhdr *);
330 m->m_data += ETH_HLEN;
331 memcpy(eh->h_source, eth_dst, ETH_ALEN);
332
333 Log(("NAT:ip:frag: if_encap(,,m(m_len = %d) = %p,0)\n", m->m_len, m));
334 if_encap(pData, ETH_P_IP, m, 0);
335 }
336 else
337 m_freem(pData, m);
338 }
339
340 if (error == 0)
341 ipstat.ips_fragmented++;
342 }
343
344done:
345 STAM_PROFILE_STOP(&pData->StatIP_output, a);
346 LogFlowFunc(("LEAVE: %d\n", error));
347 return error;
348
349exit_drop_package:
350 m_freem(pData, m0);
351 STAM_PROFILE_STOP(&pData->StatIP_output, a);
352 LogFlowFunc(("LEAVE: %d\n", error));
353 return error;
354}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle
ContactPrivacy/Do Not Sell My InfoTerms of Use