17b8696bfSLutz Donnerhacke /*
27b8696bfSLutz Donnerhacke * SPDX-License-Identifier: BSD-3-Clause
37b8696bfSLutz Donnerhacke *
47b8696bfSLutz Donnerhacke * Copyright 2021 Lutz Donnerhacke
57b8696bfSLutz Donnerhacke *
67b8696bfSLutz Donnerhacke * Redistribution and use in source and binary forms, with or without
77b8696bfSLutz Donnerhacke * modification, are permitted provided that the following conditions
87b8696bfSLutz Donnerhacke * are met:
97b8696bfSLutz Donnerhacke *
107b8696bfSLutz Donnerhacke * 1. Redistributions of source code must retain the above copyright
117b8696bfSLutz Donnerhacke * notice, this list of conditions and the following disclaimer.
127b8696bfSLutz Donnerhacke * 2. Redistributions in binary form must reproduce the above
137b8696bfSLutz Donnerhacke * copyright notice, this list of conditions and the following
147b8696bfSLutz Donnerhacke * disclaimer in the documentation and/or other materials provided
157b8696bfSLutz Donnerhacke * with the distribution.
167b8696bfSLutz Donnerhacke * 3. Neither the name of the copyright holder nor the names of its
177b8696bfSLutz Donnerhacke * contributors may be used to endorse or promote products derived
187b8696bfSLutz Donnerhacke * from this software without specific prior written permission.
197b8696bfSLutz Donnerhacke *
207b8696bfSLutz Donnerhacke * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
217b8696bfSLutz Donnerhacke * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
227b8696bfSLutz Donnerhacke * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
237b8696bfSLutz Donnerhacke * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
247b8696bfSLutz Donnerhacke * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS
257b8696bfSLutz Donnerhacke * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
267b8696bfSLutz Donnerhacke * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
277b8696bfSLutz Donnerhacke * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
287b8696bfSLutz Donnerhacke * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
297b8696bfSLutz Donnerhacke * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
307b8696bfSLutz Donnerhacke * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
317b8696bfSLutz Donnerhacke * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
327b8696bfSLutz Donnerhacke * SUCH DAMAGE.
337b8696bfSLutz Donnerhacke */
34c1fbb54fSLutz Donnerhacke #include <sys/types.h>
35c1fbb54fSLutz Donnerhacke
36c1fbb54fSLutz Donnerhacke #include <arpa/inet.h>
37c1fbb54fSLutz Donnerhacke #include <netinet/ip.h>
38c1fbb54fSLutz Donnerhacke #include <netinet/udp.h>
39c1fbb54fSLutz Donnerhacke
40c1fbb54fSLutz Donnerhacke #ifndef _UTIL_H
41c1fbb54fSLutz Donnerhacke #define _UTIL_H
42c1fbb54fSLutz Donnerhacke
43f1462ab0SLutz Donnerhacke /* common ip ranges */
44*61bf830cSDamjan Jovanovic extern struct in_addr masq, pub, pub2, prv1, prv2, prv3, cgn, ext, ANY_ADDR;
45f1462ab0SLutz Donnerhacke
46c1fbb54fSLutz Donnerhacke int randcmp(const void *a, const void *b);
47c1fbb54fSLutz Donnerhacke void hexdump(void *p, size_t len);
48f1462ab0SLutz Donnerhacke struct ip * ip_packet(u_char protocol, size_t len);
49c1fbb54fSLutz Donnerhacke struct udphdr * set_udp(struct ip *p, u_short sport, u_short dport);
50c1fbb54fSLutz Donnerhacke
5146aec7faSDimitry Andric static inline int
addr_eq(struct in_addr a,struct in_addr b)52c1fbb54fSLutz Donnerhacke addr_eq(struct in_addr a, struct in_addr b)
53c1fbb54fSLutz Donnerhacke {
54c1fbb54fSLutz Donnerhacke return a.s_addr == b.s_addr;
55c1fbb54fSLutz Donnerhacke }
56c1fbb54fSLutz Donnerhacke
57c1fbb54fSLutz Donnerhacke #define a2h(a) ntohl(a.s_addr)
58c1fbb54fSLutz Donnerhacke
5946aec7faSDimitry Andric static inline int
rand_range(int min,int max)60c1fbb54fSLutz Donnerhacke rand_range(int min, int max)
61c1fbb54fSLutz Donnerhacke {
62c1fbb54fSLutz Donnerhacke return min + rand()%(max - min);
63c1fbb54fSLutz Donnerhacke }
64c1fbb54fSLutz Donnerhacke
65f1462ab0SLutz Donnerhacke #define NAT_CHECK(pip, src, dst, msq) do { \
66f1462ab0SLutz Donnerhacke int res; \
67f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \
68f1462ab0SLutz Donnerhacke pip->ip_src = src; \
69f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \
70f1462ab0SLutz Donnerhacke res = LibAliasOut(la, pip, len); \
71f1462ab0SLutz Donnerhacke ATF_CHECK_MSG(res == PKT_ALIAS_OK, \
72f1462ab0SLutz Donnerhacke ">%d< not met PKT_ALIAS_OK", res); \
73f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(msq, pip->ip_src)); \
74f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(dst, pip->ip_dst)); \
75f1462ab0SLutz Donnerhacke } while(0)
76f1462ab0SLutz Donnerhacke
77f1462ab0SLutz Donnerhacke #define NAT_FAIL(pip, src, dst) do { \
78f1462ab0SLutz Donnerhacke int res; \
79f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \
80f1462ab0SLutz Donnerhacke pip->ip_src = src; \
81f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \
82f1462ab0SLutz Donnerhacke res = LibAliasOut(la, pip, len); \
832c733b50SLutz Donnerhacke ATF_CHECK_MSG(res != PKT_ALIAS_OK, \
84f1462ab0SLutz Donnerhacke ">%d< not met !PKT_ALIAS_OK", res); \
85f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(src, pip->ip_src)); \
86f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(dst, pip->ip_dst)); \
87f1462ab0SLutz Donnerhacke } while(0)
88f1462ab0SLutz Donnerhacke
89f1462ab0SLutz Donnerhacke #define UNNAT_CHECK(pip, src, dst, rel) do { \
90f1462ab0SLutz Donnerhacke int res; \
91f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \
92f1462ab0SLutz Donnerhacke pip->ip_src = src; \
93f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \
94f1462ab0SLutz Donnerhacke res = LibAliasIn(la, pip, len); \
95f1462ab0SLutz Donnerhacke ATF_CHECK_MSG(res == PKT_ALIAS_OK, \
96f1462ab0SLutz Donnerhacke ">%d< not met PKT_ALIAS_OK", res); \
97f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(src, pip->ip_src)); \
98f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(rel, pip->ip_dst)); \
99f1462ab0SLutz Donnerhacke } while(0)
100f1462ab0SLutz Donnerhacke
101f1462ab0SLutz Donnerhacke #define UNNAT_FAIL(pip, src, dst) do { \
102f1462ab0SLutz Donnerhacke int res; \
103f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \
104f1462ab0SLutz Donnerhacke pip->ip_src = src; \
105f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \
106f1462ab0SLutz Donnerhacke res = LibAliasIn(la, pip, len); \
107f1462ab0SLutz Donnerhacke ATF_CHECK_MSG(res != PKT_ALIAS_OK, \
108f1462ab0SLutz Donnerhacke ">%d< not met !PKT_ALIAS_OK", res); \
109f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(src, pip->ip_src)); \
110f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(dst, pip->ip_dst)); \
111f1462ab0SLutz Donnerhacke } while(0)
112f1462ab0SLutz Donnerhacke
113f1462ab0SLutz Donnerhacke #define UDP_NAT_CHECK(p, u, si, sp, di, dp, mi) do { \
114f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (dp)); \
115f1462ab0SLutz Donnerhacke NAT_CHECK(p, (si), (di), (mi)); \
116f1462ab0SLutz Donnerhacke ATF_CHECK(u->uh_dport == htons(dp)); \
117f1462ab0SLutz Donnerhacke } while(0)
118f1462ab0SLutz Donnerhacke
119f1462ab0SLutz Donnerhacke #define UDP_NAT_FAIL(p, u, si, sp, di, dp) do { \
120f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (dp)); \
1212c733b50SLutz Donnerhacke NAT_FAIL(p, (si), (di)); \
122f1462ab0SLutz Donnerhacke } while(0)
123f1462ab0SLutz Donnerhacke
124f1462ab0SLutz Donnerhacke #define UDP_UNNAT_CHECK(p, u, si, sp, mi, mp, di, dp) \
125f1462ab0SLutz Donnerhacke do { \
126f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (mp)); \
127f1462ab0SLutz Donnerhacke UNNAT_CHECK(p, (si), (mi), (di)); \
128f1462ab0SLutz Donnerhacke ATF_CHECK(u->uh_sport == htons(sp)); \
129f1462ab0SLutz Donnerhacke ATF_CHECK(u->uh_dport == htons(dp)); \
130f1462ab0SLutz Donnerhacke } while(0)
131f1462ab0SLutz Donnerhacke
132f1462ab0SLutz Donnerhacke #define UDP_UNNAT_FAIL(p, u, si, sp, mi, mp) do { \
133f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (mp)); \
134f1462ab0SLutz Donnerhacke UNNAT_FAIL(p, (si), (mi)); \
135f1462ab0SLutz Donnerhacke } while(0)
136f1462ab0SLutz Donnerhacke
137c1fbb54fSLutz Donnerhacke #endif /* _UTIL_H */
138