gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TCP协议SNAT和DNAT测试完成。通过在网关192.168.10.5捕包确认;DNAT在虚拟服务器上捕包确认;

Browse Source
This commit is contained in:
liuyang
2018-12-17 10:26:39 +08:00
parent dba56c9e4b
commit 2a477df49f
3 changed files with 193 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
kni_redirect.c
View File

@@ -40,6 +40,7 @@ int redirect_search_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,
struct ip* ipv4_hdr = NULL;
struct kni_ipv6_hdr* ipv6_hdr = NULL;
struct kni_tcp_hdr* tcphdr=NULL;
struct kni_udp_hdr* udphdr=NULL;
long result = 0;
struct stream_tuple4_v4 htable_key_v4;
@@ -48,24 +49,54 @@ int redirect_search_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,
if(addr_type==ADDR_TYPE_IPV4)
{
ipv4_hdr = (struct ip*)a_packet;
tcphdr=(struct kni_tcp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v4.saddr=(ipv4_hdr->ip_src).s_addr;
htable_key_v4.daddr=(ipv4_hdr->ip_dst).s_addr;
htable_key_v4.source=tcphdr->th_sport;
htable_key_v4.dest=tcphdr->th_dport;
if(protocol==PROTO_TYPE_TCP)
{
tcphdr=(struct kni_tcp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v4.source=tcphdr->th_sport;
htable_key_v4.dest=tcphdr->th_dport;
}
else if(protocol == PROTO_TYPE_UDP)
{
udphdr=(struct kni_udp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v4.source=udphdr->uh_sport;
htable_key_v4.dest=udphdr->uh_dport;
}
else
{
htable_key_v4.source=0;
htable_key_v4.dest=0;
}
MESA_htable_search_cb(g_kni_structinfo.htable_redirect,(unsigned char*)&htable_key_v4,sizeof(htable_key_v4),redirect_htable_search_cb,(void*)&(pmeinfo->redirect_info),&result);
}
else if(addr_type==ADDR_TYPE_IPV6)
{
ipv6_hdr = (struct kni_ipv6_hdr*)a_packet;
tcphdr =(struct kni_tcp_hdr*)( (unsigned char*)a_packet + sizeof(struct kni_ipv6_hdr));
memcpy(htable_key_v6.saddr,&(ipv6_hdr->ip6_src),sizeof(htable_key_v6.saddr));
memcpy(htable_key_v6.daddr,&(ipv6_hdr->ip6_dst),sizeof(htable_key_v6.daddr));
htable_key_v6.source=tcphdr->th_sport;
htable_key_v6.dest=tcphdr->th_dport;
if(protocol==PROTO_TYPE_TCP)
{
tcphdr=(struct kni_tcp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v6.source=tcphdr->th_sport;
htable_key_v6.dest=tcphdr->th_dport;
}
else if(protocol == PROTO_TYPE_UDP)
{
udphdr=(struct kni_udp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v6.source=udphdr->uh_sport;
htable_key_v6.dest=udphdr->uh_dport;
}
else
{
htable_key_v6.source=0;
htable_key_v6.dest=0;
}
MESA_htable_search_cb(g_kni_structinfo.htable_redirect,(unsigned char*)&htable_key_v6,sizeof(htable_key_v6),redirect_htable_search_cb,(void*)&(pmeinfo->redirect_info),&result);
}
@@ -90,6 +121,7 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
struct ip* ipv4_hdr = NULL;
struct kni_ipv6_hdr* ipv6_hdr = NULL;
struct kni_tcp_hdr* tcphdr=NULL;
struct kni_udp_hdr* udphdr=NULL;
struct stream_tuple4_v4 htable_key_v4;
struct stream_tuple4_v6 htable_key_v6;
@@ -102,7 +134,6 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
if(addr_type==4)
{
ipv4_hdr = (struct ip*)a_packet;
tcphdr=(struct kni_tcp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
if(pmeinfo->redirect_info.nat_type == REDIRECT_SNAT_TYPE)
{
@@ -111,8 +142,6 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
htable_key_v4.saddr=(ipv4_hdr->ip_dst).s_addr;
htable_key_v4.daddr=pmeinfo->redirect_info.ipv4;
htable_key_v4.source=tcphdr->th_dport;
htable_key_v4.dest=tcphdr->th_sport;
}
else if(pmeinfo->redirect_info.nat_type == REDIRECT_DNAT_TYPE)
{
@@ -121,8 +150,6 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
htable_key_v4.saddr=pmeinfo->redirect_info.ipv4;
htable_key_v4.daddr=(ipv4_hdr->ip_src).s_addr;
htable_key_v4.source=tcphdr->th_dport;
htable_key_v4.dest=tcphdr->th_sport;
}
else
{
@@ -130,6 +157,25 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
return -1;
}
if(protocol==PROTO_TYPE_TCP)
{
tcphdr=(struct kni_tcp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v4.source=tcphdr->th_dport;
htable_key_v4.dest=tcphdr->th_sport;
}
else if(protocol == PROTO_TYPE_UDP)
{
udphdr=(struct kni_udp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v4.source=udphdr->uh_dport;
htable_key_v4.dest=udphdr->uh_sport;
}
else
{
htable_key_v4.source=0;
htable_key_v4.dest=0;
}
pmeinfo->redirect_key_len=sizeof(htable_key_v4);
pmeinfo->redirect_htable_key=(char*)malloc(pmeinfo->redirect_key_len);
memcpy(pmeinfo->redirect_htable_key,&htable_key_v4,pmeinfo->redirect_key_len);
@@ -141,7 +187,6 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
else if(addr_type==6)
{
ipv6_hdr = (struct kni_ipv6_hdr*)a_packet;
tcphdr =(struct kni_tcp_hdr*)( (unsigned char*)a_packet + sizeof(struct kni_ipv6_hdr));
if(pmeinfo->redirect_info.nat_type == REDIRECT_SNAT_TYPE)
@@ -152,8 +197,6 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
memcpy(htable_key_v6.saddr,&(ipv6_hdr->ip6_dst),sizeof(htable_key_v6.saddr));
memcpy(htable_key_v6.daddr,pmeinfo->redirect_info.ipv6,sizeof(htable_key_v6.daddr));
htable_key_v6.source=tcphdr->th_dport;
htable_key_v6.dest=tcphdr->th_sport;
}
else if(pmeinfo->redirect_info.nat_type == REDIRECT_DNAT_TYPE)
{
@@ -163,11 +206,6 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
memcpy(htable_key_v6.saddr,pmeinfo->redirect_info.ipv6,sizeof(htable_key_v6.saddr));
memcpy(htable_key_v6.daddr,&(ipv6_hdr->ip6_src),sizeof(htable_key_v6.daddr));
htable_key_v6.source=tcphdr->th_dport;
htable_key_v6.dest=tcphdr->th_sport;
htable_key_v4.saddr=pmeinfo->redirect_info.ipv4;
htable_key_v4.daddr=(ipv4_hdr->ip_src).s_addr;
}
else
{
@@ -176,6 +214,24 @@ int redirect_add_htable(unsigned char addr_type,struct kni_pme_info* pmeinfo,int
}
if(protocol==PROTO_TYPE_TCP)
{
tcphdr=(struct kni_tcp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v6.source=tcphdr->th_dport;
htable_key_v6.dest=tcphdr->th_sport;
}
else if(protocol == PROTO_TYPE_UDP)
{
udphdr=(struct kni_udp_hdr*)((char*)ipv4_hdr+4*(ipv4_hdr->ip_hl));
htable_key_v6.source=udphdr->uh_dport;
htable_key_v6.dest=udphdr->uh_sport;
}
else
{
htable_key_v6.source=0;
htable_key_v6.dest=0;
}
pmeinfo->redirect_key_len=sizeof(htable_key_v6);
pmeinfo->redirect_htable_key=(char*)malloc(pmeinfo->redirect_key_len);
memcpy(pmeinfo->redirect_htable_key,&htable_key_v6,pmeinfo->redirect_key_len);