|
Packit |
c43939 |
/*
|
|
Packit |
c43939 |
* (C) 2012 by Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Packit |
c43939 |
*
|
|
Packit |
c43939 |
* This program is free software; you can redistribute it and/or modify
|
|
Packit |
c43939 |
* it under the terms of the GNU General Public License as published by
|
|
Packit |
c43939 |
* the Free Software Foundation; either version 2 of the License, or
|
|
Packit |
c43939 |
* (at your option) any later version.
|
|
Packit |
c43939 |
*
|
|
Packit |
c43939 |
* This code has been sponsored by Vyatta Inc. <http://www.vyatta.com>
|
|
Packit |
c43939 |
*/
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
#include <stdio.h>
|
|
Packit |
c43939 |
#include <stdbool.h>
|
|
Packit |
c43939 |
#include <endian.h>
|
|
Packit |
c43939 |
#include <arpa/inet.h>
|
|
Packit |
c43939 |
#include <netinet/ip.h>
|
|
Packit |
c43939 |
#include <netinet/ip6.h>
|
|
Packit |
c43939 |
#include <netinet/tcp.h>
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
#include <libnetfilter_queue/libnetfilter_queue.h>
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
#include "internal.h"
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
uint16_t nfq_checksum(uint32_t sum, uint16_t *buf, int size)
|
|
Packit |
c43939 |
{
|
|
Packit |
c43939 |
while (size > 1) {
|
|
Packit |
c43939 |
sum += *buf++;
|
|
Packit |
c43939 |
size -= sizeof(uint16_t);
|
|
Packit |
c43939 |
}
|
|
Packit |
c43939 |
if (size) {
|
|
Packit |
c43939 |
#if __BYTE_ORDER == __BIG_ENDIAN
|
|
Packit |
c43939 |
sum += (uint16_t)*(uint8_t *)buf << 8;
|
|
Packit |
c43939 |
#else
|
|
Packit |
c43939 |
sum += (uint16_t)*(uint8_t *)buf;
|
|
Packit |
c43939 |
#endif
|
|
Packit |
c43939 |
}
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
sum = (sum >> 16) + (sum & 0xffff);
|
|
Packit |
c43939 |
sum += (sum >>16);
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
return (uint16_t)(~sum);
|
|
Packit |
c43939 |
}
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph, uint16_t protonum)
|
|
Packit |
c43939 |
{
|
|
Packit |
c43939 |
uint32_t sum = 0;
|
|
Packit |
c43939 |
uint32_t iph_len = iph->ihl*4;
|
|
Packit |
c43939 |
uint32_t len = ntohs(iph->tot_len) - iph_len;
|
|
Packit |
c43939 |
uint8_t *payload = (uint8_t *)iph + iph_len;
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
sum += (iph->saddr >> 16) & 0xFFFF;
|
|
Packit |
c43939 |
sum += (iph->saddr) & 0xFFFF;
|
|
Packit |
c43939 |
sum += (iph->daddr >> 16) & 0xFFFF;
|
|
Packit |
c43939 |
sum += (iph->daddr) & 0xFFFF;
|
|
Packit |
c43939 |
sum += htons(protonum);
|
|
Packit |
c43939 |
sum += htons(len);
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
return nfq_checksum(sum, (uint16_t *)payload, len);
|
|
Packit |
c43939 |
}
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr,
|
|
Packit |
c43939 |
uint16_t protonum)
|
|
Packit |
c43939 |
{
|
|
Packit |
c43939 |
uint32_t sum = 0;
|
|
Packit |
c43939 |
uint32_t hdr_len = (uint8_t *)transport_hdr - (uint8_t *)ip6h;
|
|
Packit |
c43939 |
/* Allow for extra headers before the UDP header */
|
|
Packit |
c43939 |
/* TODO: Deal with routing headers */
|
|
Packit |
c43939 |
uint32_t len = ntohs(ip6h->ip6_plen) - (hdr_len - sizeof *ip6h);
|
|
Packit |
c43939 |
uint8_t *payload = (uint8_t *)ip6h + hdr_len;
|
|
Packit |
c43939 |
int i;
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
for (i=0; i<8; i++) {
|
|
Packit |
c43939 |
sum += (ip6h->ip6_src.s6_addr16[i]);
|
|
Packit |
c43939 |
}
|
|
Packit |
c43939 |
for (i=0; i<8; i++) {
|
|
Packit |
c43939 |
sum += (ip6h->ip6_dst.s6_addr16[i]);
|
|
Packit |
c43939 |
}
|
|
Packit |
c43939 |
sum += htons(protonum);
|
|
Packit |
c43939 |
sum += htons(len);
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
return nfq_checksum(sum, (uint16_t *)payload, len);
|
|
Packit |
c43939 |
}
|
|
Packit |
c43939 |
|
|
Packit |
c43939 |
/**
|
|
Packit |
c43939 |
* @}
|
|
Packit |
c43939 |
*/
|