src - FreeBSD source tree

diff options


context:
space:
mode:

author	Neel Chauhan <nc@FreeBSD.org>	2021-02-02 21:24:17 +0000
committer	Neel Chauhan <nc@FreeBSD.org>	2021-02-02 21:24:17 +0000
commit	a08cdb6cfb1c84b80b5337d46c574b55d0e15c63 (patch)
tree	c6042776db6bd1f7737238559cb96f22beaa1045 /sys/netinet/libalias
parent	064e52c2d874abc83dd2af61644d14dc90e26ec3 (diff)
download	src-a08cdb6cfb1c84b80b5337d46c574b55d0e15c63.tar.gz src-a08cdb6cfb1c84b80b5337d46c574b55d0e15c63.zip

Diffstat (limited to 'sys/netinet/libalias')

-rw-r--r--

sys/netinet/libalias/alias.h

-rw-r--r--

sys/netinet/libalias/alias_db.c

-rw-r--r--

sys/netinet/libalias/alias_local.h

3 files changed, 32 insertions, 3 deletions

diff --git a/sys/netinet/libalias/alias.h b/sys/netinet/libalias/alias.h
index 671241212799..91351a9eb8b9 100644
--- a/sys/netinet/libalias/alias.h
+++ b/sys/netinet/libalias/alias.h

@@ -86,6 +86,7 @@ struct alias_link;

/* Initialization and control functions. */

struct libalias *LibAliasInit(struct libalias *);

void LibAliasSetAddress(struct libalias *, struct in_addr _addr);

+void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_hi);

void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);

void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);

unsigned int

diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c
index 8da9a7fe683a..1f85a606b2d5 100644
--- a/sys/netinet/libalias/alias_db.c
+++ b/sys/netinet/libalias/alias_db.c

@@ -595,6 +595,11 @@ GetNewPort(struct libalias *la, struct alias_link *lnk, int alias_port_param)

port_net = lnk->src_port;

port_sys = ntohs(port_net);

+ } else if (la->aliasPortLower) {

+ /* First trial is a random port in the aliasing range. */

+ port_sys = la->aliasPortLower +

+ (arc4random() % la->aliasPortLength);

+ port_net = htons(port_sys);

} else {

/* First trial and all subsequent are random. */

port_sys = arc4random() & ALIAS_PORT_MASK;

@@ -647,9 +652,15 @@ GetNewPort(struct libalias *la, struct alias_link *lnk, int alias_port_param)

}

#endif

}

- port_sys = arc4random() & ALIAS_PORT_MASK;

- port_sys += ALIAS_PORT_BASE;

- port_net = htons(port_sys);

+ if (la->aliasPortLower) {

+ port_sys = la->aliasPortLower +

+ (arc4random() % la->aliasPortLength);

+ port_net = htons(port_sys);

+ } else {

+ port_sys = arc4random() & ALIAS_PORT_MASK;

+ port_sys += ALIAS_PORT_BASE;

+ port_net = htons(port_sys);

+ }

}

#ifdef LIBALIAS_DEBUG

@@ -2381,6 +2392,19 @@ LibAliasSetAddress(struct libalias *la, struct in_addr addr)

LIBALIAS_UNLOCK(la);

}

+void

+LibAliasSetAliasPortRange(struct libalias *la, u_short port_low,

+ u_short port_high)

+ LIBALIAS_LOCK(la);

+ la->aliasPortLower = port_low;

+ /* Add 1 to the aliasPortLength as modulo has range of 1 to n-1 */

+ la->aliasPortLength = port_high - port_low + 1;

+ LIBALIAS_UNLOCK(la);

void

LibAliasSetTarget(struct libalias *la, struct in_addr target_addr)

{

diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h
index 5919851a4019..ba128638c1fe 100644
--- a/sys/netinet/libalias/alias_local.h
+++ b/sys/netinet/libalias/alias_local.h

@@ -163,6 +163,10 @@ struct libalias {

struct in_addr true_addr; /* in network byte order. */

u_short true_port; /* in host byte order. */

+ /* Port ranges for aliasing. */

+ u_short aliasPortLower;

+ u_short aliasPortLength;

* sctp code support