Clean expired IPv6 pinholes correctly. and also with linux/netfilter
This commit is contained in:
Thomas Bernard
parent
fd5c172182
commit
ff397acf8f
|
|
@ -1,4 +1,7 @@
|
|||
$Id: Changelog.txt,v 1.281 2012/05/07 15:40:03 nanard Exp $
|
||||
$Id: Changelog.txt,v 1.282 2012/05/08 20:41:44 nanard Exp $
|
||||
|
||||
2012/05/08:
|
||||
Clean expired IPv6 pinholes correctly. and also with linux/netfilter.
|
||||
|
||||
2012/05/07:
|
||||
Finalizing netfilter version of get_pinhole_info()
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: miniupnpd.c,v 1.155 2012/05/01 20:13:35 nanard Exp $ */
|
||||
/* $Id: miniupnpd.c,v 1.156 2012/05/08 20:41:45 nanard Exp $ */
|
||||
/* MiniUPnP project
|
||||
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
||||
* (c) 2006-2012 Thomas Bernard
|
||||
|
|
@ -1169,6 +1169,9 @@ main(int argc, char * * argv)
|
|||
struct rule_state * rule_list = 0;
|
||||
struct timeval checktime = {0, 0};
|
||||
struct lan_addr_s * lan_addr;
|
||||
#ifdef ENABLE_6FC_SERVICE
|
||||
unsigned int next_pinhole_ts;
|
||||
#endif
|
||||
|
||||
if(init(argc, argv, &v) != 0)
|
||||
return 1;
|
||||
|
|
@ -1424,7 +1427,13 @@ main(int argc, char * * argv)
|
|||
#endif
|
||||
#ifdef ENABLE_6FC_SERVICE
|
||||
/* Clean up expired IPv6 PinHoles */
|
||||
upnp_clean_expired_pinholes(NULL);
|
||||
next_pinhole_ts = 0;
|
||||
upnp_clean_expired_pinholes(&next_pinhole_ts);
|
||||
if(next_pinhole_ts &&
|
||||
timeout.tv_sec >= (next_pinhole_ts - timeofday.tv_sec)) {
|
||||
timeout.tv_sec = next_pinhole_ts - timeofday.tv_sec;
|
||||
timeout.tv_usec = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* select open sockets (SSDP, HTTP listen, and all HTTP soap sockets) */
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: iptpinhole.c,v 1.6 2012/05/07 15:40:04 nanard Exp $ */
|
||||
/* $Id: iptpinhole.c,v 1.7 2012/05/08 20:41:45 nanard Exp $ */
|
||||
/* MiniUPnP project
|
||||
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
||||
* (c) 2012 Thomas Bernard
|
||||
|
|
@ -28,6 +28,9 @@ static int next_uid = 1;
|
|||
|
||||
static LIST_HEAD(pinhole_list_t, pinhole_t) pinhole_list;
|
||||
|
||||
static struct pinhole_t *
|
||||
get_pinhole(unsigned short uid);
|
||||
|
||||
struct pinhole_t {
|
||||
struct in6_addr saddr;
|
||||
struct in6_addr daddr;
|
||||
|
|
@ -69,6 +72,11 @@ add_to_pinhole_list(struct in6_addr * saddr, unsigned short sport,
|
|||
p->timestamp = timestamp;
|
||||
p->proto = (unsigned char)proto;
|
||||
LIST_INSERT_HEAD(&pinhole_list, p, entries);
|
||||
while(get_pinhole(next_uid) != NULL) {
|
||||
next_uid++;
|
||||
if(next_uid > 65535)
|
||||
next_uid = 1;
|
||||
}
|
||||
p->uid = next_uid;
|
||||
next_uid++;
|
||||
if(next_uid > 65535)
|
||||
|
|
@ -369,5 +377,35 @@ get_pinhole_info(unsigned short uid,
|
|||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
clean_pinhole_list(unsigned int * next_timestamp)
|
||||
{
|
||||
unsigned int min_ts = UINT_MAX;
|
||||
struct pinhole_t * p;
|
||||
time_t current_time;
|
||||
int n = 0;
|
||||
|
||||
current_time = time(NULL);
|
||||
p = pinhole_list.lh_first;
|
||||
while(p != NULL) {
|
||||
if(p->timestamp <= (unsigned int)current_time) {
|
||||
unsigned short uid = p->uid;
|
||||
syslog(LOG_INFO, "removing expired pinhole with uid=%hu", uid);
|
||||
p = p->entries.le_next;
|
||||
if(delete_pinhole(uid) == 0)
|
||||
n++;
|
||||
else
|
||||
break;
|
||||
} else {
|
||||
if(p->timestamp < min_ts)
|
||||
min_ts = p->timestamp;
|
||||
p = p->entries.le_next;
|
||||
}
|
||||
}
|
||||
if(next_timestamp)
|
||||
*next_timestamp = min_ts;
|
||||
return n;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: iptpinhole.h,v 1.4 2012/05/01 22:37:53 nanard Exp $ */
|
||||
/* $Id: iptpinhole.h,v 1.5 2012/05/08 20:41:45 nanard Exp $ */
|
||||
/* MiniUPnP project
|
||||
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
||||
* (c) 2012 Thomas Bernard
|
||||
|
|
@ -24,6 +24,8 @@ get_pinhole_info(unsigned short uid,
|
|||
int * proto, unsigned int * timestamp,
|
||||
u_int64_t * packets, u_int64_t * bytes);
|
||||
|
||||
int clean_pinhole_list(unsigned int * next_timestamp);
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: upnppinhole.c,v 1.3 2012/05/07 15:40:04 nanard Exp $ */
|
||||
/* $Id: upnppinhole.c,v 1.4 2012/05/08 20:41:45 nanard Exp $ */
|
||||
/* MiniUPnP project
|
||||
* http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
|
||||
* (c) 2006-2012 Thomas Bernard
|
||||
|
|
@ -499,7 +499,7 @@ upnp_check_pinhole_working(const char * uid,
|
|||
int
|
||||
upnp_clean_expired_pinholes(unsigned int * next_timestamp)
|
||||
{
|
||||
#ifdef USE_PF
|
||||
#if defined(USE_PF) || defined(USE_NETFILTER)
|
||||
return clean_pinhole_list(next_timestamp);
|
||||
#else
|
||||
UNUSED(next_timestamp);
|
||||
|
|
|
|||
Loading…
Reference in New Issue