Skip to content

Fixed NAT service and modified utils function #238

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
frisso merged 4 commits into from
Nov 25, 2019
Merged

Fixed NAT service and modified utils function #238

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
77003ff
Fixed NAT service and modified utils function. We need to investigate…
DavideAG Nov 20, 2019
90fb0de
Fixed IP header lenght in Nat_dp.c
DavideAG Nov 21, 2019
9c7e6ad
Fixed test_tcp_masq.sh
DavideAG Nov 21, 2019
a318faa
Merge branch 'master' into packetcapture_service
frisso Nov 24, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions src/libs/polycube/include/polycube/services/utils.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,12 @@ namespace polycube {
namespace service {
namespace utils {

/* ip (a.b.c.d) to string and viceversa
/* IP string (a.b.c.d) or IP prefix (a.b.c.d/m) to nbo uint. If (a.b.c.d/m) only IP will be processed
* Number is in network byte order (nbo), i.e., big endian */
uint32_t ip_string_to_nbo_uint(const std::string &ip);

/* IP (a.b.c.d) to string
* Number is in network byte order (nbo), i.e., big endian */
std::string nbo_uint_to_ip_string(uint32_t ip);

/* mac (aa:bb:cc:dd:ee:ff) to string and vicersa
Expand All @@ -54,7 +57,7 @@ uint64_t hex_string_to_uint(const std::string &str);
std::string get_random_mac();

/* Take in ingress a string like 192.168.0.1/24 and return only the ip
* 192.168.0.1 */
* 192.168.0.1 . If no prefix it will return the same input string*/
std::string get_ip_from_string(const std::string &ipv_net);

/* Take in ingress a string like 192.168.0.1/24 and return only the "prefix
Expand Down
9 changes: 6 additions & 3 deletions src/libs/polycube/src/utils.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,12 +34,15 @@ namespace service {
namespace utils {

// new set of functions

uint32_t ip_string_to_nbo_uint(const std::string &ip) {
unsigned char a[4];
int last = -1;
int rc = std::sscanf(ip.c_str(), "%hhu.%hhu.%hhu.%hhu%n", a + 0, a + 1, a + 2,
std::string IP_address = get_ip_from_string(ip);

int rc = std::sscanf(IP_address.c_str(), "%hhu.%hhu.%hhu.%hhu%n", a + 0, a + 1, a + 2,
a + 3, &last);
if (rc != 4 || ip.size() != last)
if (rc != 4 || IP_address.size() != last)
throw std::runtime_error("Not an ipv4 address " + ip);

return uint32_t(a[3]) << 24 | uint32_t(a[2]) << 16 | uint32_t(a[1]) << 8 |
Expand Down Expand Up @@ -230,7 +233,7 @@ uint64_t hex_string_to_uint(const std::string &str) {
std::string get_ip_from_string(const std::string &ipv_net) {
size_t pos = ipv_net.find("/");
if (pos == std::string::npos) {
return std::string(); // throw?
return ipv_net;
}
return ipv_net.substr(0, pos);
}
Expand Down
4 changes: 2 additions & 2 deletions src/services/pcn-nat/src/Nat.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ Nat::Nat(const std::string name, const NatJsonObject &conf)
//addNattingTableList(conf.getNattingTable());

ParameterEventCallback cb = [&](const std::string &parameter, const std::string &value) {
logger()->debug("parent IP has been updated to {}", value);
external_ip_ = value;
external_ip_ = utils::get_ip_from_string(value);
logger()->debug("parent IP has been updated to {}", external_ip_);
if (rule_->getMasquerade()->getEnabled()) {
rule_->getMasquerade()->inject(utils::ip_string_to_nbo_uint(external_ip_));
}
Expand Down
34 changes: 20 additions & 14 deletions src/services/pcn-nat/src/Nat_dp.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
void *data_end = (void *)(long)ctx->data_end;

struct eth_hdr *eth = data;
if (data + sizeof(*eth) > data_end)
if ( (void *)eth + sizeof(*eth) > data_end )
goto DROP;

pcn_log(
Expand Down Expand Up @@ -49,7 +49,7 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
uint8_t update_session_table = 1;

struct iphdr *ip = data + sizeof(*eth);
if (data + sizeof(*eth) + sizeof(*ip) > data_end)
if ( (void *)ip + sizeof(*ip) > data_end )
goto DROP;

pcn_log(ctx, LOG_TRACE, "Processing IP packet: src %I, dst: %I", ip->saddr,
Expand All @@ -61,8 +61,9 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {

switch (ip->protocol) {
case IPPROTO_TCP: {
struct tcphdr *tcp = data + sizeof(*eth) + sizeof(*ip);
if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*tcp) > data_end)
uint8_t header_len = 4 * ip->ihl;
struct tcphdr *tcp = data + sizeof(*eth) + header_len;
if ( (void *)tcp + sizeof(*tcp) > data_end )
goto DROP;

pcn_log(ctx, LOG_TRACE, "Packet is TCP: src_port %P, dst_port %P",
Expand All @@ -72,8 +73,9 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
break;
}
case IPPROTO_UDP: {
struct udphdr *udp = data + sizeof(*eth) + sizeof(*ip);
if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp) > data_end)
uint8_t header_len = 4 * ip->ihl;
struct udphdr *udp = data + sizeof(*eth) + header_len;
if ( (void *)udp + sizeof(*udp) > data_end )
goto DROP;
pcn_log(ctx, LOG_TRACE, "Packet is UDP: src_port %P, dst_port %P",
udp->source, udp->dest);
Expand All @@ -82,8 +84,9 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
break;
}
case IPPROTO_ICMP: {
struct icmphdr *icmp = data + sizeof(*eth) + sizeof(*ip);
if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*icmp) > data_end)
uint8_t header_len = 4 * ip->ihl;
struct icmphdr *icmp = data + sizeof(*eth) + header_len;
if ( (void *)icmp + sizeof(*icmp) > data_end )
goto DROP;
pcn_log(ctx, LOG_TRACE, "Packet is ICMP: type %d, id %d", icmp->type,
icmp->un.echo.id);
Expand Down Expand Up @@ -302,8 +305,9 @@ apply_nat:;
uint32_t l4sum = pcn_csum_diff(&old_port, 4, &new_port, 4, 0);
switch (proto) {
case IPPROTO_TCP: {
struct tcphdr *tcp = data + sizeof(*eth) + sizeof(*ip);
if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*tcp) > data_end)
uint8_t header_len = 4 * ip->ihl;
struct tcphdr *tcp = data + sizeof(*eth) + header_len;
if ( (void *)tcp + sizeof(*tcp) > data_end )
goto DROP;

if (rule_type == NAT_SRC || rule_type == NAT_MSQ) {
Expand All @@ -326,8 +330,9 @@ apply_nat:;
goto proceed;
}
case IPPROTO_UDP: {
struct udphdr *udp = data + sizeof(*eth) + sizeof(*ip);
if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp) > data_end)
uint8_t header_len = 4 * ip->ihl;
struct udphdr *udp = data + sizeof(*eth) + header_len;
if ( (void *)udp + sizeof(*udp) > data_end )
goto DROP;
if (rule_type == NAT_SRC || rule_type == NAT_MSQ) {
ip->saddr = new_ip;
Expand All @@ -349,8 +354,9 @@ apply_nat:;
goto proceed;
}
case IPPROTO_ICMP: {
struct icmphdr *icmp = data + sizeof(*eth) + sizeof(*ip);
if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*icmp) > data_end)
uint8_t header_len = 4 * ip->ihl;
struct icmphdr *icmp = data + sizeof(*eth) + header_len;
if ( (void *)icmp + sizeof(*icmp) > data_end )
goto DROP;
if (rule_type == NAT_SRC || rule_type == NAT_MSQ) {
ip->saddr = new_ip;
Expand Down
4 changes: 3 additions & 1 deletion src/services/pcn-nat/test/test_tcp_masq.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,9 @@
source "${BASH_SOURCE%/*}/helpers.bash"

function test_tcp {
sudo ip netns exec ns2 netcat -l -w 5 $tcp_port&
sudo ip netns exec ns2 netcat -l -w 5 $tcp_port&
sleep 2
sudo ip netns exec ns1 ping $veth2_ip -c 1
sleep 2
sudo ip netns exec ns1 netcat -w 5 -nvz $veth2_ip $tcp_port
sleep 4
Expand Down