Add timestamp to add_pinhole() function

Also make the code compile only when ENABLE_IPV6 is defined
2025-01-18 18:31:15 +00:00 · 2012-04-20 16:49:04 +02:00 · 2012-04-20 16:49:04 +02:00 · d5b7d70c32
commit d5b7d70c32
parent 825d3bd89f
3 changed files with 40 additions and 20 deletions
--- a/miniupnpd/pf/pfpinhole.c
+++ b/miniupnpd/pf/pfpinhole.c
@ -1,4 +1,4 @@
-/* $Id: pfpinhole.c,v 1.5 2012/04/19 22:02:12 nanard Exp $ */
+/* $Id: pfpinhole.c,v 1.7 2012/04/20 14:48:03 nanard Exp $ */
 /* MiniUPnP project
 * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
 * (c) 2006-2012 Thomas Bernard
@ -29,15 +29,26 @@
 #include "pfpinhole.h"
 #include "../upnpglobalvars.h"

+/* the pass rules created by add_pinhole() are as follow :
+ *
+ * pass in quick on ep0 inet6 proto udp
+ *   from any to dead:beef::42:42 port = 8080
+ *   flags S/SA keep state
+ *   label "pinhole-2 ts-4321000"
+ *
+ * with the label "pinhole-$uid ts-$timestamp"
+ */
+
+#ifdef ENABLE_IPV6
 /* /dev/pf when opened */
 extern int dev;

 static int uid = 1;

-int add_pinhole (const char * ifname,
-                 const char * rem_host, unsigned short rem_port,
-                 const char * int_client, unsigned short int_port,
-                 int proto)
+int add_pinhole(const char * ifname,
+                const char * rem_host, unsigned short rem_port,
+                const char * int_client, unsigned short int_port,
+                int proto, unsigned int timestamp)
 {
 	struct pfioc_rule pcr;
 #ifndef PF_NEWSTYLE
@ -88,9 +99,8 @@ int add_pinhole (const char * ifname,
 		pcr.rule.onrdomain = -1;	/* first appeared in OpenBSD 5.0 */
 #endif
 		pcr.rule.keep_state = 1;
-		/*strlcpy(pcr.rule.label, desc, PF_RULE_LABEL_SIZE);*/
 		snprintf(pcr.rule.label, PF_RULE_LABEL_SIZE,
-		         "pinhole-%d", uid);
+		         "pinhole-%d ts-%u", uid, timestamp);
 		if(queue)
 			strlcpy(pcr.rule.qname, queue, PF_QNAME_SIZE);
 		if(tag)
@ -135,17 +145,18 @@ int add_pinhole (const char * ifname,
 	return (uid++);
 }

-int delete_pinhole (unsigned short uid)
+int delete_pinhole(unsigned short uid)
 {
 	int i, n;
 	struct pfioc_rule pr;
-	char label[PF_RULE_LABEL_SIZE];
+	char label_start[PF_RULE_LABEL_SIZE];
+	char tmp_label[PF_RULE_LABEL_SIZE];

 	if(dev<0) {
 		syslog(LOG_ERR, "pf device is not open");
 		return -1;
 	}
-	snprintf(label, sizeof(label),
+	snprintf(label_start, sizeof(label_start),
 	         "pinhole-%hu", uid);
 	memset(&pr, 0, sizeof(pr));
 	strlcpy(pr.anchor, anchor_name, MAXPATHLEN);
@ -163,7 +174,9 @@ int delete_pinhole (unsigned short uid)
 			syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
 			return -1;
 		}
-		if(0 == strcmp(pr.rule.label, label)) {
+		strlcpy(tmp_label, pr.rule.label, sizeof(tmp_label));
+		strtok(tmp_label, " ");
+		if(0 == strcmp(tmp_label, label_start)) {
 			pr.action = PF_CHANGE_GET_TICKET;
 			if(ioctl(dev, DIOCCHANGERULE, &pr) < 0) {
 				syslog(LOG_ERR, "ioctl(dev, DIOCCHANGERULE, ...) PF_CHANGE_GET_TICKET: %m");
@ -182,4 +195,5 @@ int delete_pinhole (unsigned short uid)
 	return -1;
 }

+#endif /* ENABLE_IPV6 */

--- a/miniupnpd/pf/pfpinhole.h
+++ b/miniupnpd/pf/pfpinhole.h
@ -1,4 +1,4 @@
-/* $Id: pfpinhole.h,v 1.2 2012/04/19 22:02:12 nanard Exp $ */
+/* $Id: pfpinhole.h,v 1.3 2012/04/20 14:34:11 nanard Exp $ */
 /* MiniUPnP project
 * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
 * (c) 2012 Thomas Bernard
@ -8,12 +8,12 @@
 #ifndef __PFPINHOLE_H__
 #define __PFPINHOLE_H__

-int add_pinhole (const char * ifname,
-                 const char * rem_host, unsigned short rem_port,
-                 const char * int_client, unsigned short int_port,
-                 int proto);
+int add_pinhole(const char * ifname,
+                const char * rem_host, unsigned short rem_port,
+                const char * int_client, unsigned short int_port,
+                int proto, unsigned int timestamp);

-int delete_pinhole (unsigned short uid);
+int delete_pinhole(unsigned short uid);

 #endif

--- a/miniupnpd/pf/testpfpinhole.c
+++ b/miniupnpd/pf/testpfpinhole.c
@ -1,4 +1,4 @@
-/* $Id: testpfpinhole.c,v 1.3 2012/04/19 22:02:12 nanard Exp $ */
+/* $Id: testpfpinhole.c,v 1.5 2012/04/20 14:36:23 nanard Exp $ */
 /* MiniUPnP project
 * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
 * (c) 2006-2012 Thomas Bernard
@ -11,6 +11,7 @@
 #include <netinet/in.h>
 #include <syslog.h>

+#include "../config.h"
 #include "obsdrdr.h"
 #include "pfpinhole.h"

@ -22,6 +23,10 @@ const char * queue = NULL;

 int main(int argc, char * *argv)
 {
+#ifndef ENABLE_IPV6
+	fprintf(stderr,"nothing to test, ENABLE_IPV6 is not defined in config.h\n");
+	return 1;
+#else
 	int uid;
 	int ret;

@ -31,12 +36,12 @@ int main(int argc, char * *argv)
 		return 1;
 	}

-	uid = add_pinhole("ep0", "2001::1:2:3", 12345, "123::ff", 54321, IPPROTO_UDP);
+	uid = add_pinhole("ep0", "2001::1:2:3", 12345, "123::ff", 54321, IPPROTO_UDP, 424242);
 	if(uid < 0) {
 		fprintf(stderr, "add_pinhole() failed\n");
 	}
 	printf("add_pinhole() returned %d\n", uid);
-	uid = add_pinhole("ep0", NULL, 0, "dead:beef::42:42", 8080, IPPROTO_UDP);
+	uid = add_pinhole("ep0", NULL, 0, "dead:beef::42:42", 8080, IPPROTO_UDP, 4321000);
 	if(uid < 0) {
 		fprintf(stderr, "add_pinhole() failed\n");
 	}
@ -46,6 +51,7 @@ int main(int argc, char * *argv)
 	printf("delete_pinhole() returned %d\n", ret);
 	ret = delete_pinhole(2);
 	printf("delete_pinhole() returned %d\n", ret);
+#endif
 	return 0;
 }