[netfilter-cvslog] r3790 - in branches/netfilter-ha/linux-2.6-actact: . cts_gen

laforge at netfilter.org laforge at netfilter.org
Sat Mar 12 12:16:18 CET 2005 

Author: laforge at netfilter.org
Date: 2005-03-12 12:16:17 +0100 (Sat, 12 Mar 2005)
New Revision: 3790

Added:
   branches/netfilter-ha/linux-2.6-actact/cts_gen/
   branches/netfilter-ha/linux-2.6-actact/cts_gen/cts_gen.c
Log:
add the new userspace ct_sync message generator


Added: branches/netfilter-ha/linux-2.6-actact/cts_gen/cts_gen.c
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/cts_gen/cts_gen.c	2005-03-12 09:51:38 UTC (rev 3789)
+++ branches/netfilter-ha/linux-2.6-actact/cts_gen/cts_gen.c	2005-03-12 11:16:17 UTC (rev 3790)
@@ -0,0 +1,229 @@
+/* cts_gen - ct_sync message generator for debugging
+ *
+ * (C) 2005 by Harald Welte <laforge at netfilter.org>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * version 2 * as published by the Free Software Foundation.
+ *
+ */
+
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <getopt.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
+//#include <linux/netfilter_ipv4/ct_sync.h>
+//#include <linux/netfilter_ipv4/ip_conntrack_tcp.h>
+#include "../ct_sync/ct_sync.h"
+
+struct cts_new_conntrack {
+	struct ct_sync_pkthdr pkthdr;
+	struct ct_sync_msghdr msg;
+	struct ct_sync_conntrack sct;
+};
+
+static u_int16_t pktseq = 0;
+
+static void
+pkthdr_init(struct ct_sync_pkthdr *pkth,
+	    u_int8_t type, int recover)
+{
+	memset(pkth, 0, sizeof(*pkth));
+
+	pkth->version = 2;
+	pkth->pkttype = type;
+	pkth->count = 1;
+	pkth->pktseq = pktseq++;
+	pkth->minseq = pkth->pktseq;		/* no backlog */
+	if (recover)
+		pkth->flags |= CT_SYNC_PKT_F_RECOVER;
+}
+
+static void
+msghdr_init(struct ct_sync_msghdr *msgh,
+	    u_int8_t resource, u_int8_t type, u_int16_t length, u_int8_t flags)
+{
+	memset(msgh, 0, sizeof(*msgh));
+
+	msgh->resource = resource;
+	msgh->type = type;
+	msgh->len = length;
+	msgh->flags = flags;
+}
+
+static void
+build_tuple(struct ip_conntrack_tuple *tuple,
+	    u_int32_t sip, u_int16_t spt, u_int32_t dip, u_int16_t dpt,
+	    u_int16_t protocol)
+{
+	memset(tuple, 0, sizeof(*tuple));
+
+	tuple->src.ip = htonl(sip);
+	tuple->src.u.tcp.port = htons(spt);
+	tuple->dst.ip = htonl(dip);
+	tuple->dst.u.tcp.port = htons(dpt);
+	tuple->dst.protonum = protocol;
+}
+
+static void
+inv_tuple(struct ip_conntrack_tuple *inv, 
+	  const struct ip_conntrack_tuple *orig)
+{
+	memset(inv, 0, sizeof(*inv));
+
+	inv->dst.protonum = orig->dst.protonum;
+	inv->src.ip = orig->dst.ip;
+	inv->src.u.tcp.port = orig->dst.u.tcp.port;
+	inv->dst.ip = orig->src.ip;
+	inv->dst.u.tcp.port = orig->src.u.tcp.port;
+}
+
+static void
+create_newconntrack(struct cts_new_conntrack *nct,
+		    u_int32_t sip, u_int16_t spt,
+		    u_int32_t dip, u_int16_t dpt,
+		    u_int16_t protocol,
+		    u_int32_t expires)
+{
+	struct ct_sync_conntrack *sct = &nct->sct;
+	pkthdr_init(&nct->pkthdr, CT_SYNC_PKT_SYNC, 0);
+	msghdr_init(&nct->msg, CT_SYNC_RES_CONNTRACK, CT_SYNC_MSG_UPDATE,
+		    sizeof(nct->sct), CTS_UPD_F_NEW);
+
+	memset(sct, 0, sizeof(*sct));
+	build_tuple(&sct->orig, sip, spt, dip, dpt, protocol);
+	inv_tuple(&sct->reply, &sct->orig);
+	sct->expires = expires;
+}
+
+static int
+create_socket(const char *destination)
+{
+	int fd;
+	int ret;
+	struct addrinfo hint, *ai;
+
+	memset(&hint, 0, sizeof(hint));
+	hint.ai_flags = AI_NUMERICHOST;
+	hint.ai_family = PF_UNSPEC;
+	hint.ai_socktype = SOCK_DGRAM;
+	hint.ai_protocol = IPPROTO_UDP;
+
+	ret = getaddrinfo(destination, NULL, &hint, &ai);
+	if (ret != 0) {
+		fprintf(stderr, "error: %s\n", gai_strerror(ret));
+		return -1;
+	}
+
+	fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+	if (fd < 0) {
+		freeaddrinfo(ai);
+		return fd;
+	}
+
+	ret = connect(fd, ai->ai_addr, ai->ai_addrlen);
+	if (ret < 0) {
+		freeaddrinfo(ai);
+		return ret;
+	}
+
+	freeaddrinfo(ai);
+	return fd;
+}
+
+static struct option opts[] = {
+	{ "sip-base", 1, 0, 'B' },
+	{ "sip-inc", 1, 0, 'I' },
+	{ "sip-max", 1, 0, 'M' },
+
+	{ "spt-base", 1, 0, 'b' },
+	{ "spt-inc", 1, 0, 'i' },
+	{ "spt-max", 1, 0, 'm' },
+
+	{ "help", 0, 0, 'h' },
+	{ NULL, 0, 0, 0 }
+};
+
+
+int main(int argc, char ** argv)
+{
+	int c;
+	int option_index = 0;
+
+	int fd;
+
+	u_int32_t ip_base = 0xc0a80100;
+	u_int32_t ip_inc = 1;
+	u_int32_t ip_max = 0xc0a801ff;
+
+	u_int16_t port_base = 1025;
+	u_int16_t port_inc = 1;
+	u_int16_t port_max = 65535;
+
+	u_int32_t sip;
+	u_int16_t spt;
+
+	u_int32_t dip;
+	u_int16_t dpt;
+
+	while (1) {
+		c = getopt_long(argc, argv, "B:I:M:b:i:m:h",
+				opts, &option_index);
+		if (c == -1)
+			break;
+		switch (c) {
+		case 'B':
+			inet_aton(optarg, (struct in_addr *) &ip_base);
+			ntohl(ip_base);
+			break;
+		case 'I':
+			ip_inc = atoi(optarg);
+			break;
+		case 'M':
+			inet_aton(optarg, (struct in_addr *) &ip_max);
+			ntohl(ip_max);
+			break;
+		case 'b':
+			port_base = atoi(optarg);
+			break;
+		case 'i':
+			port_inc = atoi(optarg);
+			break;
+		case 'm':
+			port_max = atoi(optarg);
+			break;
+		case 'h':
+			/* FIXME */
+			break;
+		}
+	}
+
+	if (optind >= argc) {
+		fprintf(stderr, "you have to specify a multicast address\n");
+		exit(2);
+	}
+
+	fd = create_socket(argv[optind++]);
+	if (fd < 0)
+		exit(2);
+	
+	for (dip = ip_base; dip < ip_max; dip += ip_inc) {
+		for (dpt = port_base; dpt < port_max; dpt += port_inc) {
+			struct cts_new_conntrack nct;
+			int ret;
+			create_newconntrack(&nct, sip, spt, dip, dpt, 
+					    IPPROTO_UDP, 9999);
+			ret = send(fd, &nct, sizeof(nct), 0);
+			if (ret < 0)
+				fprintf(stderr, "error during send: %s\n",
+					strerror(errno));
+		}
+	}
+	exit(0);
+}

More information about the netfilter-cvslog mailing list