17b8696bfSLutz Donnerhacke /* 27b8696bfSLutz Donnerhacke * SPDX-License-Identifier: BSD-3-Clause 37b8696bfSLutz Donnerhacke * 47b8696bfSLutz Donnerhacke * Copyright 2021 Lutz Donnerhacke 57b8696bfSLutz Donnerhacke * 67b8696bfSLutz Donnerhacke * Redistribution and use in source and binary forms, with or without 77b8696bfSLutz Donnerhacke * modification, are permitted provided that the following conditions 87b8696bfSLutz Donnerhacke * are met: 97b8696bfSLutz Donnerhacke * 107b8696bfSLutz Donnerhacke * 1. Redistributions of source code must retain the above copyright 117b8696bfSLutz Donnerhacke * notice, this list of conditions and the following disclaimer. 127b8696bfSLutz Donnerhacke * 2. Redistributions in binary form must reproduce the above 137b8696bfSLutz Donnerhacke * copyright notice, this list of conditions and the following 147b8696bfSLutz Donnerhacke * disclaimer in the documentation and/or other materials provided 157b8696bfSLutz Donnerhacke * with the distribution. 167b8696bfSLutz Donnerhacke * 3. Neither the name of the copyright holder nor the names of its 177b8696bfSLutz Donnerhacke * contributors may be used to endorse or promote products derived 187b8696bfSLutz Donnerhacke * from this software without specific prior written permission. 197b8696bfSLutz Donnerhacke * 207b8696bfSLutz Donnerhacke * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND 217b8696bfSLutz Donnerhacke * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, 227b8696bfSLutz Donnerhacke * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 237b8696bfSLutz Donnerhacke * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 247b8696bfSLutz Donnerhacke * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS 257b8696bfSLutz Donnerhacke * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 267b8696bfSLutz Donnerhacke * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 277b8696bfSLutz Donnerhacke * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 287b8696bfSLutz Donnerhacke * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 297b8696bfSLutz Donnerhacke * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 307b8696bfSLutz Donnerhacke * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 317b8696bfSLutz Donnerhacke * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 327b8696bfSLutz Donnerhacke * SUCH DAMAGE. 337b8696bfSLutz Donnerhacke */ 34c1fbb54fSLutz Donnerhacke #include <sys/types.h> 35c1fbb54fSLutz Donnerhacke 36c1fbb54fSLutz Donnerhacke #include <arpa/inet.h> 37c1fbb54fSLutz Donnerhacke #include <netinet/ip.h> 38c1fbb54fSLutz Donnerhacke #include <netinet/udp.h> 39c1fbb54fSLutz Donnerhacke 40c1fbb54fSLutz Donnerhacke #ifndef _UTIL_H 41c1fbb54fSLutz Donnerhacke #define _UTIL_H 42c1fbb54fSLutz Donnerhacke 43*f1462ab0SLutz Donnerhacke /* common ip ranges */ 44*f1462ab0SLutz Donnerhacke extern struct in_addr masq, pub, prv1, prv2, prv3, cgn, ext, ANY_ADDR; 45*f1462ab0SLutz Donnerhacke 46c1fbb54fSLutz Donnerhacke int randcmp(const void *a, const void *b); 47c1fbb54fSLutz Donnerhacke void hexdump(void *p, size_t len); 48*f1462ab0SLutz Donnerhacke struct ip * ip_packet(u_char protocol, size_t len); 49c1fbb54fSLutz Donnerhacke struct udphdr * set_udp(struct ip *p, u_short sport, u_short dport); 50c1fbb54fSLutz Donnerhacke 51c1fbb54fSLutz Donnerhacke inline int 52c1fbb54fSLutz Donnerhacke addr_eq(struct in_addr a, struct in_addr b) 53c1fbb54fSLutz Donnerhacke { 54c1fbb54fSLutz Donnerhacke return a.s_addr == b.s_addr; 55c1fbb54fSLutz Donnerhacke } 56c1fbb54fSLutz Donnerhacke 57c1fbb54fSLutz Donnerhacke #define a2h(a) ntohl(a.s_addr) 58c1fbb54fSLutz Donnerhacke 59c1fbb54fSLutz Donnerhacke inline int 60c1fbb54fSLutz Donnerhacke rand_range(int min, int max) 61c1fbb54fSLutz Donnerhacke { 62c1fbb54fSLutz Donnerhacke return min + rand()%(max - min); 63c1fbb54fSLutz Donnerhacke } 64c1fbb54fSLutz Donnerhacke 65*f1462ab0SLutz Donnerhacke #define NAT_CHECK(pip, src, dst, msq) do { \ 66*f1462ab0SLutz Donnerhacke int res; \ 67*f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \ 68*f1462ab0SLutz Donnerhacke pip->ip_src = src; \ 69*f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \ 70*f1462ab0SLutz Donnerhacke res = LibAliasOut(la, pip, len); \ 71*f1462ab0SLutz Donnerhacke ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ 72*f1462ab0SLutz Donnerhacke ">%d< not met PKT_ALIAS_OK", res); \ 73*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(msq, pip->ip_src)); \ 74*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ 75*f1462ab0SLutz Donnerhacke } while(0) 76*f1462ab0SLutz Donnerhacke 77*f1462ab0SLutz Donnerhacke #define NAT_FAIL(pip, src, dst) do { \ 78*f1462ab0SLutz Donnerhacke int res; \ 79*f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \ 80*f1462ab0SLutz Donnerhacke pip->ip_src = src; \ 81*f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \ 82*f1462ab0SLutz Donnerhacke res = LibAliasOut(la, pip, len); \ 83*f1462ab0SLutz Donnerhacke ATF_CHECK_MSG(res != PKT_ALIAS_OK), \ 84*f1462ab0SLutz Donnerhacke ">%d< not met !PKT_ALIAS_OK", res); \ 85*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(src, pip->ip_src)); \ 86*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ 87*f1462ab0SLutz Donnerhacke } while(0) 88*f1462ab0SLutz Donnerhacke 89*f1462ab0SLutz Donnerhacke #define UNNAT_CHECK(pip, src, dst, rel) do { \ 90*f1462ab0SLutz Donnerhacke int res; \ 91*f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \ 92*f1462ab0SLutz Donnerhacke pip->ip_src = src; \ 93*f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \ 94*f1462ab0SLutz Donnerhacke res = LibAliasIn(la, pip, len); \ 95*f1462ab0SLutz Donnerhacke ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ 96*f1462ab0SLutz Donnerhacke ">%d< not met PKT_ALIAS_OK", res); \ 97*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(src, pip->ip_src)); \ 98*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(rel, pip->ip_dst)); \ 99*f1462ab0SLutz Donnerhacke } while(0) 100*f1462ab0SLutz Donnerhacke 101*f1462ab0SLutz Donnerhacke #define UNNAT_FAIL(pip, src, dst) do { \ 102*f1462ab0SLutz Donnerhacke int res; \ 103*f1462ab0SLutz Donnerhacke int len = ntohs(pip->ip_len); \ 104*f1462ab0SLutz Donnerhacke pip->ip_src = src; \ 105*f1462ab0SLutz Donnerhacke pip->ip_dst = dst; \ 106*f1462ab0SLutz Donnerhacke res = LibAliasIn(la, pip, len); \ 107*f1462ab0SLutz Donnerhacke ATF_CHECK_MSG(res != PKT_ALIAS_OK, \ 108*f1462ab0SLutz Donnerhacke ">%d< not met !PKT_ALIAS_OK", res); \ 109*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(src, pip->ip_src)); \ 110*f1462ab0SLutz Donnerhacke ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ 111*f1462ab0SLutz Donnerhacke } while(0) 112*f1462ab0SLutz Donnerhacke 113*f1462ab0SLutz Donnerhacke #define UDP_NAT_CHECK(p, u, si, sp, di, dp, mi) do { \ 114*f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (dp)); \ 115*f1462ab0SLutz Donnerhacke NAT_CHECK(p, (si), (di), (mi)); \ 116*f1462ab0SLutz Donnerhacke ATF_CHECK(u->uh_dport == htons(dp)); \ 117*f1462ab0SLutz Donnerhacke } while(0) 118*f1462ab0SLutz Donnerhacke 119*f1462ab0SLutz Donnerhacke #define UDP_NAT_FAIL(p, u, si, sp, di, dp) do { \ 120*f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (dp)); \ 121*f1462ab0SLutz Donnerhacke NAT_FAIL(p, (si), (mi)); \ 122*f1462ab0SLutz Donnerhacke } while(0) 123*f1462ab0SLutz Donnerhacke 124*f1462ab0SLutz Donnerhacke #define UDP_UNNAT_CHECK(p, u, si, sp, mi, mp, di, dp) \ 125*f1462ab0SLutz Donnerhacke do { \ 126*f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (mp)); \ 127*f1462ab0SLutz Donnerhacke UNNAT_CHECK(p, (si), (mi), (di)); \ 128*f1462ab0SLutz Donnerhacke ATF_CHECK(u->uh_sport == htons(sp)); \ 129*f1462ab0SLutz Donnerhacke ATF_CHECK(u->uh_dport == htons(dp)); \ 130*f1462ab0SLutz Donnerhacke } while(0) 131*f1462ab0SLutz Donnerhacke 132*f1462ab0SLutz Donnerhacke #define UDP_UNNAT_FAIL(p, u, si, sp, mi, mp) do { \ 133*f1462ab0SLutz Donnerhacke u = set_udp(p, (sp), (mp)); \ 134*f1462ab0SLutz Donnerhacke UNNAT_FAIL(p, (si), (mi)); \ 135*f1462ab0SLutz Donnerhacke } while(0) 136*f1462ab0SLutz Donnerhacke 137c1fbb54fSLutz Donnerhacke #endif /* _UTIL_H */ 138