VirtualBox

Ignore:
Timestamp:
May 18, 2018 1:20:51 PM (7 years ago)
Author:
vboxsync
svn:sync-xref-src-repo-rev:
122708
Message:

NetFlt/Win: (bugref: 8009) Introduced a registry parameter to control promiscuous mode behavior.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/VBoxNetFlt/win/drv/VBoxNetLwf-win.cpp

    r71245 r72261  
    192192    /** true if the host wants the adapter to be in promisc mode */
    193193    bool fHostPromisc;
     194    /** true if the user wants packets being sent or received by VMs to be visible to the host in promisc mode */
     195    bool fPassVmTrafficToHost;
    194196    /** Name of underlying adapter */
    195197    char szMiniportName[1];
     
    476478        for (PNET_BUFFER pBuf = NET_BUFFER_LIST_FIRST_NB(pList); pBuf; pBuf = NET_BUFFER_NEXT_NB(pBuf))
    477479        {
    478             Log6(("%s packet: cb=%d offset=%d", pszMsg, NET_BUFFER_DATA_LENGTH(pBuf), NET_BUFFER_DATA_OFFSET(pBuf)));
     480            Log6(("%s packet: src=%p cb=%d offset=%d", pszMsg, pList->SourceHandle, NET_BUFFER_DATA_LENGTH(pBuf), NET_BUFFER_DATA_OFFSET(pBuf)));
    479481            for (PMDL pMdl = NET_BUFFER_FIRST_MDL(pBuf);
    480482                 pMdl != NULL;
     
    13471349    PVBOXNETLWF_MODULE pModuleCtx = (PVBOXNETLWF_MODULE)hModuleCtx;
    13481350    vboxNetLwfWinChangeState(pModuleCtx, LwfState_Restarting, LwfState_Paused);
     1351
     1352    /* By default the packets that go between VMs and wire are invisible to the host. */
     1353    pModuleCtx->fPassVmTrafficToHost = false;
     1354
     1355    NDIS_HANDLE hConfig;
     1356    NDIS_CONFIGURATION_OBJECT cfgObj;
     1357    cfgObj.Header.Type = NDIS_OBJECT_TYPE_CONFIGURATION_OBJECT;
     1358    cfgObj.Header.Revision = NDIS_CONFIGURATION_OBJECT_REVISION_1;
     1359    cfgObj.Header.Size = sizeof(NDIS_CONFIGURATION_OBJECT);
     1360    cfgObj.NdisHandle = g_VBoxNetLwfGlobals.hFilterDriver;
     1361
     1362    NDIS_STATUS Status = NdisOpenConfigurationEx(&cfgObj, &hConfig);
     1363    if (Status == NDIS_STATUS_SUCCESS)
     1364    {
     1365        NDIS_STRING strCfgParam = NDIS_STRING_CONST("PassVmTrafficToHost");
     1366        PNDIS_CONFIGURATION_PARAMETER pParam = NULL;
     1367        NdisReadConfiguration(&Status, &pParam, hConfig, &strCfgParam, NdisParameterInteger);
     1368        if (Status != NDIS_STATUS_SUCCESS)
     1369        {
     1370            Log(("vboxNetLwfWinRestart: Failed to read 'PassVmTrafficToHost' from the registry.\n"));
     1371        }
     1372        else if (pParam->ParameterData.IntegerData != 0)
     1373        {
     1374            Log(("vboxNetLwfWinRestart: Allowing the host to see VM traffic in promisc mode by user request.\n"));
     1375            pModuleCtx->fPassVmTrafficToHost = true;
     1376        }
     1377        NdisCloseConfiguration(hConfig);
     1378    }
    13491379    vboxNetLwfWinChangeState(pModuleCtx, LwfState_Running, LwfState_Restarting);
    1350     NDIS_STATUS Status = NDIS_STATUS_SUCCESS;
    1351     LogFlow(("<==vboxNetLwfWinRestart: Status = 0x%x\n", Status));
    1352     return Status;
     1380    LogFlow(("<==vboxNetLwfWinRestart: Status = 0x%x, returning NDIS_STATUS_SUCCESS nontheless.\n", Status));
     1381    return NDIS_STATUS_SUCCESS;
    13531382}
    13541383
     
    16571686        return false;
    16581687    }
     1688    /* Some NPF protocols make NDIS to loop back packets at miniport level, we must ignore those. */
     1689    if (NdisTestNblFlag(pBufLists, NDIS_NBL_FLAGS_IS_LOOPBACK_PACKET))
     1690    {
     1691        if (pBufLists->SourceHandle == pModuleCtx->hFilter && !pModuleCtx->fPassVmTrafficToHost)
     1692        {
     1693            /* Drop the packets we've injected. */
     1694            vboxNetLwfWinDumpPackets("vboxNetLwfWinForwardToIntNet: dropping loopback", pBufLists);
     1695            return true;
     1696        }
     1697        vboxNetLwfWinDumpPackets("vboxNetLwfWinForwardToIntNet: passing through loopback", pBufLists);
     1698        return false;
     1699    }
    16591700
    16601701    AssertReturn(pModuleCtx->pNetFlt, false);
     
    16951736    }
    16961737    Log(("vboxNetLwfWinForwardToIntNet: lists=%d drop=%s don't=%s\n", nLists, fDropIt ? "true":"false", fDontDrop ? "true":"false"));
     1738
     1739    /* If the host (and the user) wants to see all packets we must not drop any. */
     1740    if (pModuleCtx->fPassVmTrafficToHost && vboxNetLwfWinIsPromiscuous(pModuleCtx))
     1741        fDropIt = false;
     1742       
    16971743    LogFlow(("<==vboxNetLwfWinForwardToIntNet: return '%s'\n",
    16981744             fDropIt ? (fDontDrop ? "do not drop (some)" : "drop it") : "do not drop (any)"));
     
    18501896    {
    18511897        /*
    1852          * The trunk is inactive, jusp pass along all packets to the next
     1898         * The trunk is inactive, just pass along all packets to the next
    18531899         * overlying driver.
    18541900         */
     
    18621908        if (NDIS_TEST_RECEIVE_CANNOT_PEND(fFlags))
    18631909        {
    1864             /* We do not own NBLs so we do not need to return them */
    1865             /* First we need to scan through the list to see if some packets must be dropped */
    1866             bool bDropIt = false;
    18671910            for (PNET_BUFFER_LIST pList = pBufLists; pList; pList = NET_BUFFER_LIST_NEXT_NBL(pList))
    18681911            {
    18691912                PNET_BUFFER_LIST pNext = NET_BUFFER_LIST_NEXT_NBL(pList);
    18701913                NET_BUFFER_LIST_NEXT_NBL(pList) = NULL; /* Unlink temporarily */
    1871                 if (vboxNetLwfWinForwardToIntNet(pModule, pList, INTNETTRUNKDIR_WIRE))
    1872                     bDropIt = true;
    1873                 NET_BUFFER_LIST_NEXT_NBL(pList) = pNext; /* Restore the link */
    1874             }
    1875             if (bDropIt)
    1876             {
    1877                 /* Some NBLs must be dropped, indicate selectively one by one */
    1878                 for (PNET_BUFFER_LIST pList = pBufLists; pList; pList = NET_BUFFER_LIST_NEXT_NBL(pList))
     1914                if (!vboxNetLwfWinForwardToIntNet(pModule, pList, INTNETTRUNKDIR_WIRE))
    18791915                {
    1880                     PNET_BUFFER_LIST pNext = NET_BUFFER_LIST_NEXT_NBL(pList);
    1881                     NET_BUFFER_LIST_NEXT_NBL(pList) = NULL; /* Unlink temporarily */
    18821916                    vboxNetLwfWinDumpPackets("vboxNetLwfWinReceiveNetBufferLists: passing up", pList);
    18831917                    NdisFIndicateReceiveNetBufferLists(pModule->hFilter, pList, nPort, nBufLists, fFlags);
    1884                     NET_BUFFER_LIST_NEXT_NBL(pList) = pNext; /* Restore the link */
    18851918                }
    1886             }
    1887             else
    1888             {
    1889                 /* All NBLs must be indicated, do it in bulk. */
    1890                 vboxNetLwfWinDumpPackets("vboxNetLwfWinReceiveNetBufferLists: passing up", pBufLists);
    1891                 NdisFIndicateReceiveNetBufferLists(pModule->hFilter, pBufLists, nPort, nBufLists, fFlags);
     1919                NET_BUFFER_LIST_NEXT_NBL(pList) = pNext; /* Restore the link */
    18921920            }
    18931921        }
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette