Changeset 48403 in vbox

Timestamp:

Sep 10, 2013 12:02:22 PM (11 years ago)

Author:

vboxsync

Message:

NAT/Lwip: bypass registered loopbacks to proxy.

Location:

trunk/src/VBox/NetworkServices/NAT

Files:

• VBoxNetLwipNAT.cpp (modified) (2 diffs)
• proxytest.c (modified) (2 diffs)
• proxytest.h (modified) (1 diff)
• pxremap.c (modified) (6 diffs)

trunk/src/VBox/NetworkServices/NAT/VBoxNetLwipNAT.cpp

@@ -138 +138 @@
     struct sockaddr_in m_src4;
     struct sockaddr_in6 m_src6;
+    /**
+     * place for registered local interfaces.
+     */
+    ip4_lomap m_lo2off[10];
+    ip4_lomap_desc m_loOptDescriptor;
 
     uint16_t m_u16Mtu;
@@ -890 +895 @@
             m_vecPortForwardRule6.push_back(Rule);
         }
+
+        com::SafeArray<BSTR> strs;
+        int count_strs;
+        hrc = net->COMGETTER(LocalMappings)(ComSafeArrayAsOutParam(strs));
+        if (   SUCCEEDED(hrc) 
+            && (count_strs = strs.size()))
+        {
+            unsigned int j = 0;
+            int i;
+
+            for (i = 0; i < count_strs && j < RT_ELEMENTS(m_lo2off); ++i)
+            {
+                char aszAddr[17];
+                RTNETADDRIPV4 ip4addr;
+                char *pszTerm;
+                uint32_t u32Off;
+                const char *pszLo2Off = com::Utf8Str(strs[i]).c_str();
+        
+                RT_ZERO(aszAddr);
+                
+                pszTerm = RTStrStr(pszLo2Off, ";");
+
+                if (   !pszTerm
+                    || (pszTerm - pszLo2Off) >= 17)
+                    continue;
+                
+                memcpy(aszAddr, pszLo2Off, (pszTerm - pszLo2Off));
+                rc = RTNetStrToIPv4Addr(aszAddr, &ip4addr);
+                if (RT_FAILURE(rc))
+                    continue;
+
+                u32Off = RTStrToUInt32(pszTerm + 1);
+                if (u32Off == 0)
+                    continue;
+
+                ip4_addr_set_u32(&m_lo2off[j].loaddr, ip4addr.u);
+                m_lo2off[j].off = u32Off;
+                ++j;
+            }
+            
+            m_loOptDescriptor.lomap = m_lo2off;
+            m_loOptDescriptor.num_lomap = j;
+            m_ProxyOptions.lomap_desc = &m_loOptDescriptor;
+        }
+
     } /* if (!fDontLoadRulesOnStartup) */
 

trunk/src/VBox/NetworkServices/NAT/proxytest.c

@@ -38 +38 @@
 static sys_thread_t pollmgr_tid;
 
-
+/* XXX: for mapping loopbacks to addresses in our network (ip4) */
+struct netif *g_proxy_netif;
 /*
  * Called on the lwip thread (aka tcpip thread) from tcpip_init() via
@@ -53 +54 @@
 
     g_proxy_options = opts;
+    g_proxy_netif = proxy_netif;
 
 #if 1

trunk/src/VBox/NetworkServices/NAT/proxytest.h

@@ -18 +18 @@
 struct sockaddr_in6;
 
+struct ip4_lomap
+{
+    ip_addr_t loaddr;
+    uint32_t off;
+};
+
+struct ip4_lomap_desc
+{
+    const struct ip4_lomap *lomap;
+    unsigned int num_lomap;
+};
+
 struct proxy_options {
     const char *tftp_root;
     const struct sockaddr_in *src4;
     const struct sockaddr_in6 *src6;
+    const struct ip4_lomap_desc *lomap_desc;
 };
+
+extern volatile const struct proxy_options *g_proxy_options;
+extern struct netif *g_proxy_netif;
 
 void proxy_init(struct netif *, const struct proxy_options *);

trunk/src/VBox/NetworkServices/NAT/pxremap.c

@@ -26 +26 @@
 
 /**
- * Check if "dst" is an IPv4 address from the network that netif is
- * on, and that it's an address that proxy remaps to host's loopback.
+ * Check if "dst" is an IPv4 address that proxy remaps to host's
+ * loopback.
  */
 static int
-proxy_ip4_is_mapped_loopback(struct netif *netif, ip_addr_t *dst)
-{
+proxy_ip4_is_mapped_loopback(struct netif *netif, const ip_addr_t *dst, ip_addr_t *lo)
+{
+    ip_addr_t net;
+    u32_t off;
+    const struct ip4_lomap *lomap;
+    size_t i;
+
+    LWIP_ASSERT1(dst != NULL);
+
+    if (g_proxy_options->lomap_desc == NULL) {
+        return 0;
+    }
+
+    if (!ip_addr_netcmp(dst, &netif->ip_addr, &netif->netmask)) {
+        return 0;
+    }
+
     /* XXX: TODO: check netif is a proxying netif! */
 
-    LWIP_ASSERT1(dst != NULL);
-
-    if (ip4_addr1(dst) == ip4_addr1(&netif->ip_addr)
-        && ip4_addr2(dst) == ip4_addr2(&netif->ip_addr)
-        && ip4_addr3(dst) == ip4_addr3(&netif->ip_addr)
-        && ip4_addr4(dst) == ip4_addr4(&netif->ip_addr) + 1)
-    {
-        return 1;
-    }
-
+    off = ntohl(ip4_addr_get_u32(dst) & ~ip4_addr_get_u32(&netif->netmask));
+    lomap = g_proxy_options->lomap_desc->lomap;
+    for (i = 0; i < g_proxy_options->lomap_desc->num_lomap; ++i) {
+        if (off == lomap[i].off) {
+            if (lo != NULL) {
+                ip_addr_copy(*lo, lomap[i].loaddr);
+            }
+            return 1;
+        }
+    }
     return 0;
 }
@@ -56 +71 @@
 pxremap_proxy_arp(struct netif *netif, ip_addr_t *dst)
 {
-    return proxy_ip4_is_mapped_loopback(netif, dst);
+    return proxy_ip4_is_mapped_loopback(netif, dst, NULL);
 }
 #endif /* ARP_PROXY */
@@ -68 +83 @@
 pxremap_ip4_divert(struct netif *netif, ip_addr_t *dst)
 {
-    return proxy_ip4_is_mapped_loopback(netif, dst);
+    return proxy_ip4_is_mapped_loopback(netif, dst, NULL);
 }
 
@@ -89 +104 @@
     for (netif = netif_list; netif != NULL; netif = netif->next) {
         if (netif_is_up(netif) /* && this is a proxy netif */) {
-            if (ip4_addr1(src) == ip4_addr1(&netif->ip_addr)
-                && ip4_addr2(src) == ip4_addr2(&netif->ip_addr)
-                && ip4_addr3(src) == ip4_addr3(&netif->ip_addr))
-            {
-                if (ip4_addr4(src) == ip4_addr4(&netif->ip_addr) + 1) {
-                    ip_addr_set_loopback(dst);          /* 127.0.0.1 */
-                    return PXREMAP_MAPPED;
-                }
-#if 0 /* XXX: not yet; make this table driven... */
-                else if (ip4_addr4(src) == ip4_addr4(&netif->ip_addr) + 2) {
-                    IP4_ADDR(dst, 127, 0, 1, 1);        /* 127.0.1.1 */
-                    return PXREMAP_MAPPED;
-                }
-#endif
+            if (proxy_ip4_is_mapped_loopback(netif, src, dst)) {
+                return PXREMAP_MAPPED;
             }
         }
@@ -124 +127 @@
 pxremap_inbound_ip4(ip_addr_t *dst, ip_addr_t *src)
 {
+    struct netif *netif;
+    const struct ip4_lomap *lomap;
+    unsigned int i;
+
     if (ip4_addr1(src) != IP_LOOPBACKNET) {
         ip_addr_set(dst, src);
@@ -129 +136 @@
     }
 
-    if (ip4_addr2(src) == 0 && ip4_addr3(src) == 0 && ip4_addr4(src) == 1) {
-        struct netif *netif;
+    if (g_proxy_options->lomap_desc == NULL) {
+        return PXREMAP_FAILED;
+    }
 
 #if 0 /* ?TODO: with multiple interfaces we need to consider fwspec::dst */
-        netif = ip_route(target);
-        if (netif == NULL) {
-            return PXREMAP_FAILED;
-        }
+    netif = ip_route(target);
+    if (netif == NULL) {
+        return PXREMAP_FAILED;
+    }
 #else
-        netif = netif_list;
-        LWIP_ASSERT1(netif != NULL);
-        LWIP_ASSERT1(netif->next == NULL);
+    netif = netif_list;
+    LWIP_ASSERT1(netif != NULL);
+    LWIP_ASSERT1(netif->next == NULL);
 #endif
-        IP4_ADDR(dst,
-                 ip4_addr1(&netif->ip_addr),
-                 ip4_addr2(&netif->ip_addr),
-                 ip4_addr3(&netif->ip_addr),
-                 ip4_addr4(&netif->ip_addr) + 1);
-        return PXREMAP_MAPPED;
+
+    lomap = g_proxy_options->lomap_desc->lomap;
+    for (i = 0; i < g_proxy_options->lomap_desc->num_lomap; ++i) {
+        if (ip_addr_cmp(src, &lomap[i].loaddr)) {
+            ip_addr_t net;
+
+            ip_addr_get_network(&net, &netif->ip_addr, &netif->netmask);
+            ip4_addr_set_u32(dst,
+                             htonl(ntohl(ip4_addr_get_u32(&net))
+                                   + lomap[i].off));
+            return PXREMAP_MAPPED;
+        }
     }