Changeset 87363 in vbox

Timestamp:

Jan 22, 2021 12:48:31 AM (4 years ago)

Author:

vboxsync

Message:

Main/NATNetwork: NATNetwork::setNetwork - if there are IPv4 port
forwarding rules do best-effort attempt at covnerting them to the new
prefix. Leave untouched any rules that have destination not on the
old network, and rules where the destination does not fit into the new
network when the new network is smaller than the old one. bugref:9909.

File:

• trunk/src/VBox/Main/src-server/NATNetworkImpl.cpp (modified) (7 diffs)

trunk/src/VBox/Main/src-server/NATNetworkImpl.cpp

@@ -24 +24 @@
 #include <iprt/asm.h>
 #include <iprt/cpp/utils.h>
+#include <iprt/net.h>
 #include <iprt/cidr.h>
 #include <iprt/net.h>
@@ -74 +75 @@
     uint32_t offGateway;
     uint32_t offDhcp;
+
+    void recalculatePortForwarding(const RTNETADDRIPV4 &AddrNew, const RTNETADDRIPV4 &MaskNew);
 };
 
@@ -261 +264 @@
 HRESULT NATNetwork::setNetwork(const com::Utf8Str &aIPv4NetworkCidr)
 {
-    RTNETADDRIPV4 Addr, Mask;
+    RTNETADDRIPV4 Net, Mask;
     int iPrefix;
     int rc;
 
-    rc = RTNetStrToIPv4Cidr(aIPv4NetworkCidr.c_str(), &Addr, &iPrefix);
+    rc = RTNetStrToIPv4Cidr(aIPv4NetworkCidr.c_str(), &Net, &iPrefix);
     if (RT_FAILURE(rc))
         return setError(E_FAIL, "%s is not a valid IPv4 CIDR notation",
@@ -284 +287 @@
         aIPv4NetworkCidr.c_str(), iPrefix, rc));
 
-    if ((Addr.u & ~Mask.u) != 0)
+    if ((Net.u & ~Mask.u) != 0)
         return setError(E_FAIL,
             "%s: the specified address is longer than the specified prefix",
@@ -290 +293 @@
 
     /* normalized CIDR notation */
-    com::Utf8StrFmt strCidr("%RTnaipv4/%d", Addr.u, iPrefix);
+    com::Utf8StrFmt strCidr("%RTnaipv4/%d", Net.u, iPrefix);
 
     {
@@ -298 +301 @@
             return S_OK;
 
-        /**
-         * @todo
-         * silently ignore network cidr update for now.
-         * todo: keep internally guest address of port forward rule
-         * as offset from network id.
-         */
-        if (!m->s.mapPortForwardRules4.empty())
-            return S_OK;
-
+        m->recalculatePortForwarding(Net, Mask);
 
         m->s.strIPv4NetworkCidr = strCidr;
@@ -316 +311 @@
     ComAssertComRCRetRC(hrc);
     return S_OK;
+}
+
+
+/**
+ * Do best effort attempt at converting existing port forwarding rules
+ * from the old prefix to the new one.  This might not be possible if
+ * the new prefix is longer (i.e. the network is smaller) or if a rule
+ * lists destination not from the network (though that rule wouldn't
+ * be terribly useful, at least currently).
+ */
+void NATNetwork::Data::recalculatePortForwarding(const RTNETADDRIPV4 &NetNew,
+                                                 const RTNETADDRIPV4 &MaskNew)
+{
+    RTNETADDRIPV4 NetOld, MaskOld;
+    int iPrefixOld;
+    int rc;
+
+    if (s.mapPortForwardRules4.empty())
+        return;                 /* nothing to do */
+
+    rc = RTNetStrToIPv4Cidr(s.strIPv4NetworkCidr.c_str(), &NetOld, &iPrefixOld);
+    if (RT_FAILURE(rc))
+        return;
+
+    rc = RTNetPrefixToMaskIPv4(iPrefixOld, &MaskOld);
+    if (RT_FAILURE(rc))
+        return;
+
+    for (settings::NATRulesMap::iterator it = s.mapPortForwardRules4.begin();
+         it != s.mapPortForwardRules4.end();
+         ++it)
+    {
+        settings::NATRule &rule = it->second;
+
+        /* parse the old destination address */
+        RTNETADDRIPV4 AddrOld;
+        rc = RTNetStrToIPv4Addr(rule.strGuestIP.c_str(), &AddrOld);
+        if (RT_FAILURE(rc))
+            continue;
+
+        /* is it in the old network? (likely) */
+        if ((AddrOld.u & MaskOld.u) != NetOld.u)
+            continue;
+
+        uint32_t u32Host = (AddrOld.u & ~MaskOld.u);
+
+        /* does it fit into the new network? */
+        if ((u32Host & MaskNew.u) != 0)
+            continue;
+
+        rule.strGuestIP.printf("%RTnaipv4", NetNew.u | u32Host);
+    }
 }