From c4e63048c43912fd016fe95b41e1bc37838c2fa5 Mon Sep 17 00:00:00 2001 From: Thomas Bernard Date: Thu, 13 Mar 2014 14:48:52 +0100 Subject: [PATCH] miniupnpd: add CHECK_PORTINUSE to enable/disable port_in_use() --- miniupnpd/genconfig.sh | 12 +++++++++++- miniupnpd/natpmp.c | 2 ++ miniupnpd/portinuse.c | 16 ++++++++++++---- miniupnpd/portinuse.h | 13 ++++++++----- miniupnpd/upnpredirect.c | 5 +++-- 5 files changed, 36 insertions(+), 12 deletions(-) diff --git a/miniupnpd/genconfig.sh b/miniupnpd/genconfig.sh index 13a54e6..1089876 100755 --- a/miniupnpd/genconfig.sh +++ b/miniupnpd/genconfig.sh @@ -14,6 +14,7 @@ case "$argv" in --leasefile) LEASEFILE=1 ;; --vendorcfg) VENDORCFG=1 ;; --pcp-peer) PCP_PEER=1 ;; + --portinuse) PORTINUSE=1 ;; --help|-h) echo "Usage : $0 [options]" echo " --ipv6 enable IPv6" @@ -22,6 +23,7 @@ case "$argv" in echo " --leasefile enable lease file" echo " --vendorcfg enable configuration of manufacturer info" echo " --pcp-peer enable PCP PEER operation" + echo " --portinuse enable port in use check" exit 1 ;; *) @@ -395,6 +397,14 @@ else fi echo "" >> ${CONFIGFILE} +echo "/* Uncomment the following line to enable port in use check */" >> ${CONFIGFILE} +if [ -n "$PORTINUSE" ]; then + echo "#define CHECK_PORTINUSE" >> ${CONFIGFILE} +else + echo "/*#define CHECK_PORTINUSE*/" >> ${CONFIGFILE} +fi +echo "" >> ${CONFIGFILE} + echo "/* Define one or none of the two following macros in order to make some" >> ${CONFIGFILE} echo " * clients happy. It will change the XML Root Description of the IGD." >> ${CONFIGFILE} echo " * Enabling the Layer3Forwarding Service seems to be the more compatible" >> ${CONFIGFILE} @@ -497,7 +507,7 @@ else fi echo "" >> ${CONFIGFILE} -echo "#endif" >> ${CONFIGFILE} +echo "#endif /* ${CONFIGMACRO} */" >> ${CONFIGFILE} ${MV} ${CONFIGFILE} ${CONFIGFILE_FINAL} diff --git a/miniupnpd/natpmp.c b/miniupnpd/natpmp.c index b98a5c2..2bacb8f 100644 --- a/miniupnpd/natpmp.c +++ b/miniupnpd/natpmp.c @@ -292,12 +292,14 @@ void ProcessIncomingNATPMPPacket(int s, unsigned char *msg_buff, int len, continue; } any_eport_allowed = 1; /* at lease one eport is allowed */ +#ifdef CHECK_PORTINUSE if (port_in_use(ext_if_name, eport, proto, senderaddrstr, iport)) { syslog(LOG_INFO, "port %hu protocol %s already in use", eport, (proto==IPPROTO_TCP)?"tcp":"udp"); eport++; if(eport == 0) eport++; /* skip port zero */ continue; } +#endif r = get_redirect_rule(ext_if_name, eport, proto, iaddr_old, sizeof(iaddr_old), &iport_old, 0, 0, 0, 0, diff --git a/miniupnpd/portinuse.c b/miniupnpd/portinuse.c index a4a1fed..d62a9a2 100644 --- a/miniupnpd/portinuse.c +++ b/miniupnpd/portinuse.c @@ -1,6 +1,6 @@ -/* */ +/* $Id $ */ /* MiniUPnP project - * (c) 2007-2013 Thomas Bernard + * (c) 2007-2014 Thomas Bernard * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/ * This software is subject to the conditions detailed * in the LICENCE file provided within the distribution */ @@ -21,10 +21,16 @@ #include "getifaddr.h" #include "portinuse.h" +#if defined(USE_NETFILTER) #include "netfilter/iptcrdr.h" +#endif +#ifdef CHECK_PORTINUSE + +#if defined(USE_NETFILTER) /* Hardcoded for now. Ideally would come from .conf file */ char *chains_to_check[] = { "PREROUTING" , 0 }; +#endif int port_in_use(const char *if_name, unsigned eport, int proto, const char *iaddr, unsigned iport) { @@ -72,13 +78,14 @@ int port_in_use(const char *if_name, unsigned eport, int proto, const char *iadd } fclose(f); +#if defined(USE_NETFILTER) if (!found) { char iaddr_old[16]; unsigned short iport_old; int i = 0; while (chains_to_check[i]) { if (get_nat_redirect_rule(chains_to_check[i], if_name, eport, proto, - iaddr_old, sizeof(iaddr_old),&iport_old, + iaddr_old, sizeof(iaddr_old), &iport_old, 0, 0, 0, 0, 0, 0, 0) == 0) { syslog(LOG_DEBUG, "port_in_use check port %d on nat chain %s redirected to %s port %d", eport, @@ -92,6 +99,7 @@ int port_in_use(const char *if_name, unsigned eport, int proto, const char *iadd i++; } } +#endif /* USE_NETFILTER */ return found; } - +#endif /* CHECK_PORTINUSE */ diff --git a/miniupnpd/portinuse.h b/miniupnpd/portinuse.h index 8029008..fddc7c8 100644 --- a/miniupnpd/portinuse.h +++ b/miniupnpd/portinuse.h @@ -1,19 +1,22 @@ -/* */ +/* $Id $ */ /* MiniUPnP project * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/ - * (c) 2006-2011 Thomas Bernard + * (c) 2006-2014 Thomas Bernard * This software is subject to the conditions detailed * in the LICENCE file provided within the distribution */ #ifndef __PORTINUSE_H__ #define __PORTINUSE_H__ +#ifdef CHECK_PORTINUSE /* portinuse() - * determine wither a port is already in use + * determine wether a port is already in use * on a given interface. * returns: 0 not in use, 1 in use */ int -port_in_use(const char *if_name, unsigned port, int proto, const char *iaddr, unsigned iport); +port_in_use(const char *if_name, + unsigned port, int proto, + const char *iaddr, unsigned iport); +#endif /* CHECK_PORTINUSE */ #endif - diff --git a/miniupnpd/upnpredirect.c b/miniupnpd/upnpredirect.c index 8306ce6..0139a7d 100644 --- a/miniupnpd/upnpredirect.c +++ b/miniupnpd/upnpredirect.c @@ -295,10 +295,11 @@ upnp_redirect(const char * rhost, unsigned short eport, eport, protocol, iaddr_old, iport_old); return -2; } - } - else if (port_in_use(ext_if_name, eport, proto, iaddr, iport)) { +#ifdef CHECK_PORTINUSE + } else if (port_in_use(ext_if_name, eport, proto, iaddr, iport)) { syslog(LOG_INFO, "port %hu protocol %s already in use", eport, protocol); return -2; +#endif /* CHECK_PORTINUSE */ } else { timestamp = (leaseduration > 0) ? time(NULL) + leaseduration : 0; syslog(LOG_INFO, "redirecting port %hu to %s:%hu protocol %s for: %s",