[ovs.git] / lib / conntrack-icmp.c

/*
 * Copyright (c) 2015-2019 Nicira, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <config.h>

#include <errno.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netinet/icmp6.h>

#include "conntrack-private.h"
#include "conntrack-tp.h"
#include "dp-packet.h"

enum OVS_PACKED_ENUM icmp_state {
    ICMPS_FIRST,
    ICMPS_REPLY,
};

struct conn_icmp {
    struct conn up;
    enum icmp_state state; /* 'conn' lock protected. */
};

static const enum ct_timeout icmp_timeouts[] = {
    [ICMPS_FIRST] = CT_TM_ICMP_FIRST,
    [ICMPS_REPLY] = CT_TM_ICMP_REPLY,
};

static struct conn_icmp *
conn_icmp_cast(const struct conn *conn)
{
    return CONTAINER_OF(conn, struct conn_icmp, up);
}

static enum ct_update_res
icmp_conn_update(struct conntrack *ct, struct conn *conn_,
                 struct dp_packet *pkt OVS_UNUSED, bool reply, long long now)
{
    struct conn_icmp *conn = conn_icmp_cast(conn_);
    enum ct_update_res ret = CT_UPDATE_VALID;

    if (reply && conn->state == ICMPS_FIRST) {
       conn->state = ICMPS_REPLY;
    } else if (conn->state == ICMPS_FIRST) {
        ret = CT_UPDATE_VALID_NEW;
    }

    conn_update_expiration(ct, &conn->up, icmp_timeouts[conn->state], now);
    return ret;
}

static bool
icmp4_valid_new(struct dp_packet *pkt)
{
    struct icmp_header *icmp = dp_packet_l4(pkt);

    return icmp->icmp_type == ICMP4_ECHO_REQUEST
           || icmp->icmp_type == ICMP4_INFOREQUEST
           || icmp->icmp_type == ICMP4_TIMESTAMP;
}

static bool
icmp6_valid_new(struct dp_packet *pkt)
{
    struct icmp6_header *icmp6 = dp_packet_l4(pkt);

    return icmp6->icmp6_type == ICMP6_ECHO_REQUEST;
}

static struct conn *
icmp_new_conn(struct conntrack *ct, struct dp_packet *pkt OVS_UNUSED,
              long long now, uint32_t tp_id)
{
    struct conn_icmp *conn = xzalloc(sizeof *conn);
    conn->state = ICMPS_FIRST;
    conn->up.tp_id = tp_id;

    conn_init_expiration(ct, &conn->up, icmp_timeouts[conn->state], now);
    return &conn->up;
}

struct ct_l4_proto ct_proto_icmp4 = {
    .new_conn = icmp_new_conn,
    .valid_new = icmp4_valid_new,
    .conn_update = icmp_conn_update,
};

struct ct_l4_proto ct_proto_icmp6 = {
    .new_conn = icmp_new_conn,
    .valid_new = icmp6_valid_new,
    .conn_update = icmp_conn_update,
};
Commit	Line	Data
b269a122	1	/*
967bb5c5	2	* Copyright (c) 2015-2019 Nicira, Inc.
b269a122 DDP	3	*
	4	* Licensed under the Apache License, Version 2.0 (the "License");
	5	* you may not use this file except in compliance with the License.
	6	* You may obtain a copy of the License at:
	7	*
	8	* http://www.apache.org/licenses/LICENSE-2.0
	9	*
	10	* Unless required by applicable law or agreed to in writing, software
	11	* distributed under the License is distributed on an "AS IS" BASIS,
	12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	13	* See the License for the specific language governing permissions and
	14	* limitations under the License.
	15	*/
	16
	17	#include <config.h>
	18
	19	#include <errno.h>
	20	#include <sys/types.h>
	21	#include <netinet/in.h>
	22	#include <netinet/icmp6.h>
	23
	24	#include "conntrack-private.h"
2078901a	25	#include "conntrack-tp.h"
b269a122 DDP	26	#include "dp-packet.h"
b269a122 DDP	27
967bb5c5	28	enum OVS_PACKED_ENUM icmp_state {
b269a122 DDP	29	ICMPS_FIRST,
	30	ICMPS_REPLY,
	31	};
	32
	33	struct conn_icmp {
	34	struct conn up;
967bb5c5	35	enum icmp_state state; /* 'conn' lock protected. */
b269a122 DDP	36	};
	37
	38	static const enum ct_timeout icmp_timeouts[] = {
	39	[ICMPS_FIRST] = CT_TM_ICMP_FIRST,
	40	[ICMPS_REPLY] = CT_TM_ICMP_REPLY,
	41	};
	42
	43	static struct conn_icmp *
	44	conn_icmp_cast(const struct conn *conn)
	45	{
	46	return CONTAINER_OF(conn, struct conn_icmp, up);
	47	}
	48
	49	static enum ct_update_res
967bb5c5	50	icmp_conn_update(struct conntrack ct, struct conn conn_,
b269a122 DDP	51	struct dp_packet *pkt OVS_UNUSED, bool reply, long long now)
	52	{
	53	struct conn_icmp *conn = conn_icmp_cast(conn_);
08905c93	54	enum ct_update_res ret = CT_UPDATE_VALID;
b269a122	55
d93c3111 WT	56	if (reply && conn->state == ICMPS_FIRST) {
d93c3111 WT	57	conn->state = ICMPS_REPLY;
08905c93 TZ	58	} else if (conn->state == ICMPS_FIRST) {
08905c93 TZ	59	ret = CT_UPDATE_VALID_NEW;
d93c3111 WT	60	}
	61
	62	conn_update_expiration(ct, &conn->up, icmp_timeouts[conn->state], now);
08905c93	63	return ret;
b269a122 DDP	64	}
	65
	66	static bool
	67	icmp4_valid_new(struct dp_packet *pkt)
	68	{
	69	struct icmp_header *icmp = dp_packet_l4(pkt);
	70
	71	return icmp->icmp_type == ICMP4_ECHO_REQUEST
	72	\|\| icmp->icmp_type == ICMP4_INFOREQUEST
	73	\|\| icmp->icmp_type == ICMP4_TIMESTAMP;
	74	}
	75
	76	static bool
	77	icmp6_valid_new(struct dp_packet *pkt)
	78	{
	79	struct icmp6_header *icmp6 = dp_packet_l4(pkt);
	80
	81	return icmp6->icmp6_type == ICMP6_ECHO_REQUEST;
	82	}
	83
	84	static struct conn *
967bb5c5	85	icmp_new_conn(struct conntrack ct, struct dp_packet pkt OVS_UNUSED,
2078901a	86	long long now, uint32_t tp_id)
b269a122	87	{
967bb5c5	88	struct conn_icmp conn = xzalloc(sizeof conn);
b269a122	89	conn->state = ICMPS_FIRST;
2078901a	90	conn->up.tp_id = tp_id;
b269a122	91
2078901a	92	conn_init_expiration(ct, &conn->up, icmp_timeouts[conn->state], now);
b269a122 DDP	93	return &conn->up;
	94	}
	95
	96	struct ct_l4_proto ct_proto_icmp4 = {
	97	.new_conn = icmp_new_conn,
	98	.valid_new = icmp4_valid_new,
	99	.conn_update = icmp_conn_update,
	100	};
	101
	102	struct ct_l4_proto ct_proto_icmp6 = {
	103	.new_conn = icmp_new_conn,
	104	.valid_new = icmp6_valid_new,
	105	.conn_update = icmp_conn_update,
	106	};