parent
e252acef88
commit
be124b6508
|
@ -1,6 +1,7 @@
|
||||||
# $Id: Makefile,v 1.4 2012/04/18 20:45:33 nanard Exp $
|
# $Id: Makefile,v 1.4 2012/04/18 20:45:33 nanard Exp $
|
||||||
# made for GNU Make (and BSD make)
|
# made for GNU Make (and BSD make)
|
||||||
CFLAGS = -Wall -g -ansi -DTEST
|
CFLAGS = -Wall -g -DTEST
|
||||||
|
CFLAGS += -Wextra
|
||||||
EXECUTABLES = testobsdrdr testpfpinhole
|
EXECUTABLES = testobsdrdr testpfpinhole
|
||||||
|
|
||||||
all: $(EXECUTABLES)
|
all: $(EXECUTABLES)
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
/* $Id: pfpinhole.c,v 1.24 2014/12/05 09:54:55 nanard Exp $ */
|
/* $Id: pfpinhole.c,v 1.24 2014/12/05 09:54:55 nanard Exp $ */
|
||||||
/* MiniUPnP project
|
/* vim: tabstop=4 shiftwidth=4 noexpandtab
|
||||||
|
* MiniUPnP project
|
||||||
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
||||||
* (c) 2012 Thomas Bernard
|
* (c) 2012-2016 Thomas Bernard
|
||||||
* This software is subject to the conditions detailed
|
* This software is subject to the conditions detailed
|
||||||
* in the LICENCE file provided within the distribution */
|
* in the LICENCE file provided within the distribution */
|
||||||
|
|
||||||
|
@ -40,7 +41,7 @@
|
||||||
* flags S/SA keep state
|
* flags S/SA keep state
|
||||||
* label "pinhole-2 ts-4321000"
|
* label "pinhole-2 ts-4321000"
|
||||||
*
|
*
|
||||||
* with the label "pinhole-$uid ts-$timestamp"
|
* with the label "pinhole-$uid ts-$timestamp: $description"
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifdef ENABLE_UPNPPINHOLE
|
#ifdef ENABLE_UPNPPINHOLE
|
||||||
|
@ -158,6 +159,68 @@ int add_pinhole(const char * ifname,
|
||||||
return uid;
|
return uid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int find_pinhole(const char * ifname,
|
||||||
|
const char * rem_host, unsigned short rem_port,
|
||||||
|
const char * int_client, unsigned short int_port,
|
||||||
|
int proto,
|
||||||
|
char *desc, int desc_len, unsigned int * timestamp)
|
||||||
|
{
|
||||||
|
int uid;
|
||||||
|
unsigned int ts;
|
||||||
|
int i, n;
|
||||||
|
struct pfioc_rule pr;
|
||||||
|
struct in6_addr saddr;
|
||||||
|
struct in6_addr daddr;
|
||||||
|
UNUSED(ifname);
|
||||||
|
|
||||||
|
if(dev<0) {
|
||||||
|
syslog(LOG_ERR, "pf device is not open");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
if(rem_host && (rem_host[0] != '\0')) {
|
||||||
|
inet_pton(AF_INET6, rem_host, &saddr);
|
||||||
|
} else {
|
||||||
|
memset(&saddr, 0, sizeof(struct in6_addr));
|
||||||
|
}
|
||||||
|
inet_pton(AF_INET6, int_client, &daddr);
|
||||||
|
memset(&pr, 0, sizeof(pr));
|
||||||
|
strlcpy(pr.anchor, anchor_name, MAXPATHLEN);
|
||||||
|
#ifndef PF_NEWSTYLE
|
||||||
|
pr.rule.action = PF_PASS;
|
||||||
|
#endif
|
||||||
|
if(ioctl(dev, DIOCGETRULES, &pr) < 0) {
|
||||||
|
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
n = pr.nr;
|
||||||
|
for(i=0; i<n; i++) {
|
||||||
|
pr.nr = i;
|
||||||
|
if(ioctl(dev, DIOCGETRULE, &pr) < 0) {
|
||||||
|
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
if((proto == pr.rule.proto) && (rem_port == ntohs(pr.rule.src.port[0]))
|
||||||
|
&& (0 == memcmp(&saddr, &pr.rule.src.addr.v.a.addr.v6, sizeof(struct in6_addr)))
|
||||||
|
&& (int_port == ntohs(pr.rule.dst.port[0])) &&
|
||||||
|
(0 == memcmp(&daddr, &pr.rule.dst.addr.v.a.addr.v6, sizeof(struct in6_addr)))) {
|
||||||
|
if(sscanf(pr.rule.label, PINEHOLE_LABEL_FORMAT_SKIPDESC, &uid, &ts) != 2) {
|
||||||
|
syslog(LOG_DEBUG, "rule with label '%s' is not a IGD pinhole", pr.rule.label);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if(timestamp) *timestamp = ts;
|
||||||
|
if(desc) {
|
||||||
|
char * p = strchr(pr.rule.label, ':');
|
||||||
|
if(p) {
|
||||||
|
p += 2;
|
||||||
|
strlcpy(desc, p, desc_len);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return uid;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return -2;
|
||||||
|
}
|
||||||
|
|
||||||
int delete_pinhole(unsigned short uid)
|
int delete_pinhole(unsigned short uid)
|
||||||
{
|
{
|
||||||
int i, n;
|
int i, n;
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/* $Id: pfpinhole.h,v 1.9 2012/05/01 22:37:53 nanard Exp $ */
|
/* $Id: pfpinhole.h,v 1.9 2012/05/01 22:37:53 nanard Exp $ */
|
||||||
/* MiniUPnP project
|
/* MiniUPnP project
|
||||||
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
||||||
* (c) 2012 Thomas Bernard
|
* (c) 2012-2016 Thomas Bernard
|
||||||
* This software is subject to the conditions detailed
|
* This software is subject to the conditions detailed
|
||||||
* in the LICENCE file provided within the distribution */
|
* in the LICENCE file provided within the distribution */
|
||||||
|
|
||||||
|
@ -10,6 +10,12 @@
|
||||||
|
|
||||||
#ifdef ENABLE_UPNPPINHOLE
|
#ifdef ENABLE_UPNPPINHOLE
|
||||||
|
|
||||||
|
int find_pinhole(const char * ifname,
|
||||||
|
const char * rem_host, unsigned short rem_port,
|
||||||
|
const char * int_client, unsigned short int_port,
|
||||||
|
int proto,
|
||||||
|
char *desc, int desc_len, unsigned int * timestamp);
|
||||||
|
|
||||||
int add_pinhole(const char * ifname,
|
int add_pinhole(const char * ifname,
|
||||||
const char * rem_host, unsigned short rem_port,
|
const char * rem_host, unsigned short rem_port,
|
||||||
const char * int_client, unsigned short int_port,
|
const char * int_client, unsigned short int_port,
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
/* $Id: testpfpinhole.c,v 1.12 2014/05/15 21:23:43 nanard Exp $ */
|
/* $Id: testpfpinhole.c,v 1.12 2014/05/15 21:23:43 nanard Exp $ */
|
||||||
/* MiniUPnP project
|
/* vim: tabstop=4 shiftwidth=4 noexpandtab
|
||||||
|
* MiniUPnP project
|
||||||
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
||||||
* (c) 2012-2014 Thomas Bernard
|
* (c) 2012-2016 Thomas Bernard
|
||||||
* This software is subject to the conditions detailed
|
* This software is subject to the conditions detailed
|
||||||
* in the LICENCE file provided within the distribution */
|
* in the LICENCE file provided within the distribution */
|
||||||
|
|
||||||
|
@ -61,7 +62,10 @@ int main(int argc, char * *argv)
|
||||||
return 1;
|
return 1;
|
||||||
#else
|
#else
|
||||||
int uid;
|
int uid;
|
||||||
|
int uid2;
|
||||||
int ret;
|
int ret;
|
||||||
|
unsigned int timestamp;
|
||||||
|
(void)argc; (void)argv;
|
||||||
|
|
||||||
openlog("testpfpinhole", LOG_PERROR, LOG_USER);
|
openlog("testpfpinhole", LOG_PERROR, LOG_USER);
|
||||||
if(init_redirect() < 0) {
|
if(init_redirect() < 0) {
|
||||||
|
@ -80,6 +84,13 @@ int main(int argc, char * *argv)
|
||||||
}
|
}
|
||||||
printf("add_pinhole() returned %d\n", uid);
|
printf("add_pinhole() returned %d\n", uid);
|
||||||
|
|
||||||
|
uid2 = find_pinhole("ep0", NULL, 0, "dead:beef::42:42", 8080, IPPROTO_UDP, NULL, 0, ×tamp);
|
||||||
|
if(uid2 < 0) {
|
||||||
|
fprintf(stderr, "find_pinhole() failed\n");
|
||||||
|
} else {
|
||||||
|
printf("find_pinhole() uid=%d timestamp=%u\n", uid2, timestamp);
|
||||||
|
}
|
||||||
|
|
||||||
print_pinhole(1);
|
print_pinhole(1);
|
||||||
print_pinhole(2);
|
print_pinhole(2);
|
||||||
clean_pinhole_list(NULL);
|
clean_pinhole_list(NULL);
|
||||||
|
|
Loading…
Reference in New Issue