[tproxy] sctp for tproxy
Balazs Scheidler
bazsi at balabit.hu
Sun Mar 20 21:29:22 CET 2011
Hi,
Could you perhaps send a diff instead? it is very difficult to read and
comment this way.
Thanks.
On Fri, 2011-03-18 at 16:45 +0530, maria isabel wrote:
> Hello All,
> I have attached the code snippet for extending tproxy to support
> sctp functionality.
>
> For the socket lookup I use:
>
> struct sock *nf_tproxy_get_sock_sctp4(const struct sk_buff *skb){
>
> struct sctp_association *asoc;
> union sctp_addr *saddr , *daddr;
> struct sctp_transport **transport;
> struct sctphdr *sh;
> struct sock *sk;
>
> void *temp;
> void *temp1;
>
> memset(saddr,0,sizeof(saddr));
> memset(daddr,0,sizeof(daddr));
>
> saddr->v4.sin_family = AF_INET;
> daddr->v4.sin_family = AF_INET;
>
> sh = sctp_hdr(skb);
>
> temp=&ip_hdr(skb)->saddr;
> temp1=&ip_hdr(skb)->daddr;
>
> memcpy(&saddr->v4.sin_addr.s_addr,temp, sizeof(struct in_addr));
> memcpy(&daddr->v4.sin_addr.s_addr,temp1, sizeof(struct in_addr));
>
>
> asoc = __sctp_get_association(saddr, daddr, transport);
> if (!asoc)
> sk=NULL;
> sk = asoc->base.sk;
>
> return sk;
> }
>
> This function I plan to invoke from both xt_TPROXY.c and xt_socket.c
> for sctp instead of the existing function for tcp and udp.
>
> if(iph->protocol == IPPROTO_TCP || iph->protocol == IPPROTO_UDP){
> sk = nf_tproxy_get_sock_v4(dev_net(skb->dev), iph->protocol,
> iph->saddr, tgi->laddr ?
> tgi->laddr : iph->daddr,
> hp->source, tgi->lport ?
> tgi->lport : hp->dest,
> par->in, true);
> }
>
> else
> if(iph->protocol == IPPROTO_SCTP){
> sk = nf_tproxy_get_sock_sctp4(skb);
> }
>
> Have I missed out any condition during the socket lookup ?
> What about the icmp support?Can I just reuse the existing
> functionality by adding sctp to the list of protocols?
--
Bazsi
More information about the tproxy
mailing list