1 /* SIP extension for IP connection tracking.
3 * (C) 2005 by Christian Hentschel <chentschel@arnet.com.ar>
4 * based on RR's ip_conntrack_ftp.c and other modules.
5 * (C) 2007 United Security Providers
6 * (C) 2007, 2008 Patrick McHardy <kaber@trash.net>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
13 #include <linux/module.h>
14 #include <linux/ctype.h>
15 #include <linux/skbuff.h>
16 #include <linux/inet.h>
18 #include <linux/udp.h>
19 #include <linux/tcp.h>
20 #include <linux/netfilter.h>
22 #include <net/netfilter/nf_conntrack.h>
23 #include <net/netfilter/nf_conntrack_core.h>
24 #include <net/netfilter/nf_conntrack_expect.h>
25 #include <net/netfilter/nf_conntrack_helper.h>
26 #include <net/netfilter/nf_conntrack_zones.h>
27 #include <linux/netfilter/nf_conntrack_sip.h>
29 MODULE_LICENSE("GPL");
30 MODULE_AUTHOR("Christian Hentschel <chentschel@arnet.com.ar>");
31 MODULE_DESCRIPTION("SIP connection tracking helper");
32 MODULE_ALIAS("ip_conntrack_sip");
33 MODULE_ALIAS_NFCT_HELPER("sip");
36 static unsigned short ports[MAX_PORTS];
37 static unsigned int ports_c;
38 module_param_array(ports, ushort, &ports_c, 0400);
39 MODULE_PARM_DESC(ports, "port numbers of SIP servers");
41 static unsigned int sip_timeout __read_mostly = SIP_TIMEOUT;
42 module_param(sip_timeout, uint, 0600);
43 MODULE_PARM_DESC(sip_timeout, "timeout for the master SIP session");
45 static int sip_direct_signalling __read_mostly = 1;
46 module_param(sip_direct_signalling, int, 0600);
47 MODULE_PARM_DESC(sip_direct_signalling, "expect incoming calls from registrar "
50 static int sip_direct_media __read_mostly = 1;
51 module_param(sip_direct_media, int, 0600);
52 MODULE_PARM_DESC(sip_direct_media, "Expect Media streams between signalling "
53 "endpoints only (default 1)");
55 unsigned int (*nf_nat_sip_hook)(struct sk_buff *skb, unsigned int dataoff,
57 unsigned int *datalen) __read_mostly;
58 EXPORT_SYMBOL_GPL(nf_nat_sip_hook);
60 void (*nf_nat_sip_seq_adjust_hook)(struct sk_buff *skb, s16 off) __read_mostly;
61 EXPORT_SYMBOL_GPL(nf_nat_sip_seq_adjust_hook);
63 unsigned int (*nf_nat_sip_expect_hook)(struct sk_buff *skb,
66 unsigned int *datalen,
67 struct nf_conntrack_expect *exp,
68 unsigned int matchoff,
69 unsigned int matchlen) __read_mostly;
70 EXPORT_SYMBOL_GPL(nf_nat_sip_expect_hook);
72 unsigned int (*nf_nat_sdp_addr_hook)(struct sk_buff *skb, unsigned int dataoff,
74 unsigned int *datalen,
76 enum sdp_header_types type,
77 enum sdp_header_types term,
78 const union nf_inet_addr *addr)
80 EXPORT_SYMBOL_GPL(nf_nat_sdp_addr_hook);
82 unsigned int (*nf_nat_sdp_port_hook)(struct sk_buff *skb, unsigned int dataoff,
84 unsigned int *datalen,
85 unsigned int matchoff,
86 unsigned int matchlen,
87 u_int16_t port) __read_mostly;
88 EXPORT_SYMBOL_GPL(nf_nat_sdp_port_hook);
90 unsigned int (*nf_nat_sdp_session_hook)(struct sk_buff *skb,
93 unsigned int *datalen,
95 const union nf_inet_addr *addr)
97 EXPORT_SYMBOL_GPL(nf_nat_sdp_session_hook);
99 unsigned int (*nf_nat_sdp_media_hook)(struct sk_buff *skb, unsigned int dataoff,
101 unsigned int *datalen,
102 struct nf_conntrack_expect *rtp_exp,
103 struct nf_conntrack_expect *rtcp_exp,
104 unsigned int mediaoff,
105 unsigned int medialen,
106 union nf_inet_addr *rtp_addr)
108 EXPORT_SYMBOL_GPL(nf_nat_sdp_media_hook);
110 static int string_len(const struct nf_conn *ct, const char *dptr,
111 const char *limit, int *shift)
115 while (dptr < limit && isalpha(*dptr)) {
122 static int digits_len(const struct nf_conn *ct, const char *dptr,
123 const char *limit, int *shift)
126 while (dptr < limit && isdigit(*dptr)) {
133 /* get media type + port length */
134 static int media_len(const struct nf_conn *ct, const char *dptr,
135 const char *limit, int *shift)
137 int len = string_len(ct, dptr, limit, shift);
140 if (dptr >= limit || *dptr != ' ')
145 return len + digits_len(ct, dptr, limit, shift);
148 static int parse_addr(const struct nf_conn *ct, const char *cp,
149 const char **endp, union nf_inet_addr *addr,
155 memset(addr, 0, sizeof(*addr));
156 switch (nf_ct_l3num(ct)) {
158 ret = in4_pton(cp, limit - cp, (u8 *)&addr->ip, -1, &end);
161 ret = in6_pton(cp, limit - cp, (u8 *)&addr->ip6, -1, &end);
167 if (ret == 0 || end == cp)
174 /* skip ip address. returns its length. */
175 static int epaddr_len(const struct nf_conn *ct, const char *dptr,
176 const char *limit, int *shift)
178 union nf_inet_addr addr;
179 const char *aux = dptr;
181 if (!parse_addr(ct, dptr, &dptr, &addr, limit)) {
182 pr_debug("ip: %s parse failed.!\n", dptr);
189 dptr += digits_len(ct, dptr, limit, shift);
194 /* get address length, skiping user info. */
195 static int skp_epaddr_len(const struct nf_conn *ct, const char *dptr,
196 const char *limit, int *shift)
198 const char *start = dptr;
201 /* Search for @, but stop at the end of the line.
202 * We are inside a sip: URI, so we don't need to worry about
203 * continuation lines. */
204 while (dptr < limit &&
205 *dptr != '@' && *dptr != '\r' && *dptr != '\n') {
210 if (dptr < limit && *dptr == '@') {
218 return epaddr_len(ct, dptr, limit, shift);
221 /* Parse a SIP request line of the form:
223 * Request-Line = Method SP Request-URI SP SIP-Version CRLF
225 * and return the offset and length of the address contained in the Request-URI.
227 int ct_sip_parse_request(const struct nf_conn *ct,
228 const char *dptr, unsigned int datalen,
229 unsigned int *matchoff, unsigned int *matchlen,
230 union nf_inet_addr *addr, __be16 *port)
232 const char *start = dptr, *limit = dptr + datalen, *end;
237 /* Skip method and following whitespace */
238 mlen = string_len(ct, dptr, limit, NULL);
246 for (; dptr < limit - strlen("sip:"); dptr++) {
247 if (*dptr == '\r' || *dptr == '\n')
249 if (strnicmp(dptr, "sip:", strlen("sip:")) == 0) {
250 dptr += strlen("sip:");
254 if (!skp_epaddr_len(ct, dptr, limit, &shift))
258 if (!parse_addr(ct, dptr, &end, addr, limit))
260 if (end < limit && *end == ':') {
262 p = simple_strtoul(end, (char **)&end, 10);
263 if (p < 1024 || p > 65535)
267 *port = htons(SIP_PORT);
271 *matchoff = dptr - start;
272 *matchlen = end - dptr;
275 EXPORT_SYMBOL_GPL(ct_sip_parse_request);
277 /* SIP header parsing: SIP headers are located at the beginning of a line, but
278 * may span several lines, in which case the continuation lines begin with a
279 * whitespace character. RFC 2543 allows lines to be terminated with CR, LF or
280 * CRLF, RFC 3261 allows only CRLF, we support both.
282 * Headers are followed by (optionally) whitespace, a colon, again (optionally)
283 * whitespace and the values. Whitespace in this context means any amount of
284 * tabs, spaces and continuation lines, which are treated as a single whitespace
287 * Some headers may appear multiple times. A comma separated list of values is
288 * equivalent to multiple headers.
290 static const struct sip_header ct_sip_hdrs[] = {
291 [SIP_HDR_CSEQ] = SIP_HDR("CSeq", NULL, NULL, digits_len),
292 [SIP_HDR_FROM] = SIP_HDR("From", "f", "sip:", skp_epaddr_len),
293 [SIP_HDR_TO] = SIP_HDR("To", "t", "sip:", skp_epaddr_len),
294 [SIP_HDR_CONTACT] = SIP_HDR("Contact", "m", "sip:", skp_epaddr_len),
295 [SIP_HDR_VIA_UDP] = SIP_HDR("Via", "v", "UDP ", epaddr_len),
296 [SIP_HDR_VIA_TCP] = SIP_HDR("Via", "v", "TCP ", epaddr_len),
297 [SIP_HDR_EXPIRES] = SIP_HDR("Expires", NULL, NULL, digits_len),
298 [SIP_HDR_CONTENT_LENGTH] = SIP_HDR("Content-Length", "l", NULL, digits_len),
301 static const char *sip_follow_continuation(const char *dptr, const char *limit)
303 /* Walk past newline */
307 /* Skip '\n' in CR LF */
308 if (*(dptr - 1) == '\r' && *dptr == '\n') {
313 /* Continuation line? */
314 if (*dptr != ' ' && *dptr != '\t')
317 /* skip leading whitespace */
318 for (; dptr < limit; dptr++) {
319 if (*dptr != ' ' && *dptr != '\t')
325 static const char *sip_skip_whitespace(const char *dptr, const char *limit)
327 for (; dptr < limit; dptr++) {
330 if (*dptr != '\r' && *dptr != '\n')
332 dptr = sip_follow_continuation(dptr, limit);
339 /* Search within a SIP header value, dealing with continuation lines */
340 static const char *ct_sip_header_search(const char *dptr, const char *limit,
341 const char *needle, unsigned int len)
343 for (limit -= len; dptr < limit; dptr++) {
344 if (*dptr == '\r' || *dptr == '\n') {
345 dptr = sip_follow_continuation(dptr, limit);
351 if (strnicmp(dptr, needle, len) == 0)
357 int ct_sip_get_header(const struct nf_conn *ct, const char *dptr,
358 unsigned int dataoff, unsigned int datalen,
359 enum sip_header_types type,
360 unsigned int *matchoff, unsigned int *matchlen)
362 const struct sip_header *hdr = &ct_sip_hdrs[type];
363 const char *start = dptr, *limit = dptr + datalen;
366 for (dptr += dataoff; dptr < limit; dptr++) {
367 /* Find beginning of line */
368 if (*dptr != '\r' && *dptr != '\n')
372 if (*(dptr - 1) == '\r' && *dptr == '\n') {
377 /* Skip continuation lines */
378 if (*dptr == ' ' || *dptr == '\t')
381 /* Find header. Compact headers must be followed by a
382 * non-alphabetic character to avoid mismatches. */
383 if (limit - dptr >= hdr->len &&
384 strnicmp(dptr, hdr->name, hdr->len) == 0)
386 else if (hdr->cname && limit - dptr >= hdr->clen + 1 &&
387 strnicmp(dptr, hdr->cname, hdr->clen) == 0 &&
388 !isalpha(*(dptr + hdr->clen)))
393 /* Find and skip colon */
394 dptr = sip_skip_whitespace(dptr, limit);
397 if (*dptr != ':' || ++dptr >= limit)
400 /* Skip whitespace after colon */
401 dptr = sip_skip_whitespace(dptr, limit);
405 *matchoff = dptr - start;
407 dptr = ct_sip_header_search(dptr, limit, hdr->search,
414 *matchlen = hdr->match_len(ct, dptr, limit, &shift);
417 *matchoff = dptr - start + shift;
422 EXPORT_SYMBOL_GPL(ct_sip_get_header);
424 /* Get next header field in a list of comma separated values */
425 static int ct_sip_next_header(const struct nf_conn *ct, const char *dptr,
426 unsigned int dataoff, unsigned int datalen,
427 enum sip_header_types type,
428 unsigned int *matchoff, unsigned int *matchlen)
430 const struct sip_header *hdr = &ct_sip_hdrs[type];
431 const char *start = dptr, *limit = dptr + datalen;
436 dptr = ct_sip_header_search(dptr, limit, ",", strlen(","));
440 dptr = ct_sip_header_search(dptr, limit, hdr->search, hdr->slen);
445 *matchoff = dptr - start;
446 *matchlen = hdr->match_len(ct, dptr, limit, &shift);
453 /* Walk through headers until a parsable one is found or no header of the
454 * given type is left. */
455 static int ct_sip_walk_headers(const struct nf_conn *ct, const char *dptr,
456 unsigned int dataoff, unsigned int datalen,
457 enum sip_header_types type, int *in_header,
458 unsigned int *matchoff, unsigned int *matchlen)
462 if (in_header && *in_header) {
464 ret = ct_sip_next_header(ct, dptr, dataoff, datalen,
465 type, matchoff, matchlen);
470 dataoff += *matchoff;
476 ret = ct_sip_get_header(ct, dptr, dataoff, datalen,
477 type, matchoff, matchlen);
482 dataoff += *matchoff;
490 /* Locate a SIP header, parse the URI and return the offset and length of
491 * the address as well as the address and port themselves. A stream of
492 * headers can be parsed by handing in a non-NULL datalen and in_header
495 int ct_sip_parse_header_uri(const struct nf_conn *ct, const char *dptr,
496 unsigned int *dataoff, unsigned int datalen,
497 enum sip_header_types type, int *in_header,
498 unsigned int *matchoff, unsigned int *matchlen,
499 union nf_inet_addr *addr, __be16 *port)
501 const char *c, *limit = dptr + datalen;
505 ret = ct_sip_walk_headers(ct, dptr, dataoff ? *dataoff : 0, datalen,
506 type, in_header, matchoff, matchlen);
511 if (!parse_addr(ct, dptr + *matchoff, &c, addr, limit))
515 p = simple_strtoul(c, (char **)&c, 10);
516 if (p < 1024 || p > 65535)
520 *port = htons(SIP_PORT);
526 EXPORT_SYMBOL_GPL(ct_sip_parse_header_uri);
528 static int ct_sip_parse_param(const struct nf_conn *ct, const char *dptr,
529 unsigned int dataoff, unsigned int datalen,
531 unsigned int *matchoff, unsigned int *matchlen)
533 const char *limit = dptr + datalen;
537 limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
539 limit = dptr + datalen;
541 start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
544 start += strlen(name);
546 end = ct_sip_header_search(start, limit, ";", strlen(";"));
550 *matchoff = start - dptr;
551 *matchlen = end - start;
555 /* Parse address from header parameter and return address, offset and length */
556 int ct_sip_parse_address_param(const struct nf_conn *ct, const char *dptr,
557 unsigned int dataoff, unsigned int datalen,
559 unsigned int *matchoff, unsigned int *matchlen,
560 union nf_inet_addr *addr)
562 const char *limit = dptr + datalen;
563 const char *start, *end;
565 limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
567 limit = dptr + datalen;
569 start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
573 start += strlen(name);
574 if (!parse_addr(ct, start, &end, addr, limit))
576 *matchoff = start - dptr;
577 *matchlen = end - start;
580 EXPORT_SYMBOL_GPL(ct_sip_parse_address_param);
582 /* Parse numerical header parameter and return value, offset and length */
583 int ct_sip_parse_numerical_param(const struct nf_conn *ct, const char *dptr,
584 unsigned int dataoff, unsigned int datalen,
586 unsigned int *matchoff, unsigned int *matchlen,
589 const char *limit = dptr + datalen;
593 limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
595 limit = dptr + datalen;
597 start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
601 start += strlen(name);
602 *val = simple_strtoul(start, &end, 0);
605 if (matchoff && matchlen) {
606 *matchoff = start - dptr;
607 *matchlen = end - start;
611 EXPORT_SYMBOL_GPL(ct_sip_parse_numerical_param);
613 static int ct_sip_parse_transport(struct nf_conn *ct, const char *dptr,
614 unsigned int dataoff, unsigned int datalen,
617 unsigned int matchoff, matchlen;
619 if (ct_sip_parse_param(ct, dptr, dataoff, datalen, "transport=",
620 &matchoff, &matchlen)) {
621 if (!strnicmp(dptr + matchoff, "TCP", strlen("TCP")))
622 *proto = IPPROTO_TCP;
623 else if (!strnicmp(dptr + matchoff, "UDP", strlen("UDP")))
624 *proto = IPPROTO_UDP;
628 if (*proto != nf_ct_protonum(ct))
631 *proto = nf_ct_protonum(ct);
636 /* SDP header parsing: a SDP session description contains an ordered set of
637 * headers, starting with a section containing general session parameters,
638 * optionally followed by multiple media descriptions.
640 * SDP headers always start at the beginning of a line. According to RFC 2327:
641 * "The sequence CRLF (0x0d0a) is used to end a record, although parsers should
642 * be tolerant and also accept records terminated with a single newline
643 * character". We handle both cases.
645 static const struct sip_header ct_sdp_hdrs[] = {
646 [SDP_HDR_VERSION] = SDP_HDR("v=", NULL, digits_len),
647 [SDP_HDR_OWNER_IP4] = SDP_HDR("o=", "IN IP4 ", epaddr_len),
648 [SDP_HDR_CONNECTION_IP4] = SDP_HDR("c=", "IN IP4 ", epaddr_len),
649 [SDP_HDR_OWNER_IP6] = SDP_HDR("o=", "IN IP6 ", epaddr_len),
650 [SDP_HDR_CONNECTION_IP6] = SDP_HDR("c=", "IN IP6 ", epaddr_len),
651 [SDP_HDR_MEDIA] = SDP_HDR("m=", NULL, media_len),
654 /* Linear string search within SDP header values */
655 static const char *ct_sdp_header_search(const char *dptr, const char *limit,
656 const char *needle, unsigned int len)
658 for (limit -= len; dptr < limit; dptr++) {
659 if (*dptr == '\r' || *dptr == '\n')
661 if (strncmp(dptr, needle, len) == 0)
667 /* Locate a SDP header (optionally a substring within the header value),
668 * optionally stopping at the first occurence of the term header, parse
669 * it and return the offset and length of the data we're interested in.
671 int ct_sip_get_sdp_header(const struct nf_conn *ct, const char *dptr,
672 unsigned int dataoff, unsigned int datalen,
673 enum sdp_header_types type,
674 enum sdp_header_types term,
675 unsigned int *matchoff, unsigned int *matchlen)
677 const struct sip_header *hdr = &ct_sdp_hdrs[type];
678 const struct sip_header *thdr = &ct_sdp_hdrs[term];
679 const char *start = dptr, *limit = dptr + datalen;
682 for (dptr += dataoff; dptr < limit; dptr++) {
683 /* Find beginning of line */
684 if (*dptr != '\r' && *dptr != '\n')
688 if (*(dptr - 1) == '\r' && *dptr == '\n') {
693 if (term != SDP_HDR_UNSPEC &&
694 limit - dptr >= thdr->len &&
695 strnicmp(dptr, thdr->name, thdr->len) == 0)
697 else if (limit - dptr >= hdr->len &&
698 strnicmp(dptr, hdr->name, hdr->len) == 0)
703 *matchoff = dptr - start;
705 dptr = ct_sdp_header_search(dptr, limit, hdr->search,
712 *matchlen = hdr->match_len(ct, dptr, limit, &shift);
715 *matchoff = dptr - start + shift;
720 EXPORT_SYMBOL_GPL(ct_sip_get_sdp_header);
722 static int ct_sip_parse_sdp_addr(const struct nf_conn *ct, const char *dptr,
723 unsigned int dataoff, unsigned int datalen,
724 enum sdp_header_types type,
725 enum sdp_header_types term,
726 unsigned int *matchoff, unsigned int *matchlen,
727 union nf_inet_addr *addr)
731 ret = ct_sip_get_sdp_header(ct, dptr, dataoff, datalen, type, term,
736 if (!parse_addr(ct, dptr + *matchoff, NULL, addr,
737 dptr + *matchoff + *matchlen))
742 static int refresh_signalling_expectation(struct nf_conn *ct,
743 union nf_inet_addr *addr,
744 u8 proto, __be16 port,
745 unsigned int expires)
747 struct nf_conn_help *help = nfct_help(ct);
748 struct nf_conntrack_expect *exp;
749 struct hlist_node *n, *next;
752 spin_lock_bh(&nf_conntrack_lock);
753 hlist_for_each_entry_safe(exp, n, next, &help->expectations, lnode) {
754 if (exp->class != SIP_EXPECT_SIGNALLING ||
755 !nf_inet_addr_cmp(&exp->tuple.dst.u3, addr) ||
756 exp->tuple.dst.protonum != proto ||
757 exp->tuple.dst.u.udp.port != port)
759 if (!del_timer(&exp->timeout))
761 exp->flags &= ~NF_CT_EXPECT_INACTIVE;
762 exp->timeout.expires = jiffies + expires * HZ;
763 add_timer(&exp->timeout);
767 spin_unlock_bh(&nf_conntrack_lock);
771 static void flush_expectations(struct nf_conn *ct, bool media)
773 struct nf_conn_help *help = nfct_help(ct);
774 struct nf_conntrack_expect *exp;
775 struct hlist_node *n, *next;
777 spin_lock_bh(&nf_conntrack_lock);
778 hlist_for_each_entry_safe(exp, n, next, &help->expectations, lnode) {
779 if ((exp->class != SIP_EXPECT_SIGNALLING) ^ media)
781 if (!del_timer(&exp->timeout))
783 nf_ct_unlink_expect(exp);
784 nf_ct_expect_put(exp);
788 spin_unlock_bh(&nf_conntrack_lock);
791 static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int dataoff,
792 const char **dptr, unsigned int *datalen,
793 union nf_inet_addr *daddr, __be16 port,
794 enum sip_expectation_classes class,
795 unsigned int mediaoff, unsigned int medialen)
797 struct nf_conntrack_expect *exp, *rtp_exp, *rtcp_exp;
798 enum ip_conntrack_info ctinfo;
799 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
800 struct net *net = nf_ct_net(ct);
801 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
802 union nf_inet_addr *saddr;
803 struct nf_conntrack_tuple tuple;
804 int direct_rtp = 0, skip_expect = 0, ret = NF_DROP;
806 __be16 rtp_port, rtcp_port;
807 typeof(nf_nat_sdp_port_hook) nf_nat_sdp_port;
808 typeof(nf_nat_sdp_media_hook) nf_nat_sdp_media;
811 if (sip_direct_media) {
812 if (!nf_inet_addr_cmp(daddr, &ct->tuplehash[dir].tuple.src.u3))
814 saddr = &ct->tuplehash[!dir].tuple.src.u3;
817 /* We need to check whether the registration exists before attempting
818 * to register it since we can see the same media description multiple
819 * times on different connections in case multiple endpoints receive
822 * RTP optimization: if we find a matching media channel expectation
823 * and both the expectation and this connection are SNATed, we assume
824 * both sides can reach each other directly and use the final
825 * destination address from the expectation. We still need to keep
826 * the NATed expectations for media that might arrive from the
827 * outside, and additionally need to expect the direct RTP stream
828 * in case it passes through us even without NAT.
830 memset(&tuple, 0, sizeof(tuple));
832 tuple.src.u3 = *saddr;
833 tuple.src.l3num = nf_ct_l3num(ct);
834 tuple.dst.protonum = IPPROTO_UDP;
835 tuple.dst.u3 = *daddr;
836 tuple.dst.u.udp.port = port;
840 exp = __nf_ct_expect_find(net, nf_ct_zone(ct), &tuple);
842 if (!exp || exp->master == ct ||
843 nfct_help(exp->master)->helper != nfct_help(ct)->helper ||
846 #ifdef CONFIG_NF_NAT_NEEDED
847 if (exp->tuple.src.l3num == AF_INET && !direct_rtp &&
848 (exp->saved_ip != exp->tuple.dst.u3.ip ||
849 exp->saved_proto.udp.port != exp->tuple.dst.u.udp.port) &&
850 ct->status & IPS_NAT_MASK) {
851 daddr->ip = exp->saved_ip;
852 tuple.dst.u3.ip = exp->saved_ip;
853 tuple.dst.u.udp.port = exp->saved_proto.udp.port;
858 } while (!skip_expect);
861 base_port = ntohs(tuple.dst.u.udp.port) & ~1;
862 rtp_port = htons(base_port);
863 rtcp_port = htons(base_port + 1);
866 nf_nat_sdp_port = rcu_dereference(nf_nat_sdp_port_hook);
867 if (nf_nat_sdp_port &&
868 !nf_nat_sdp_port(skb, dataoff, dptr, datalen,
869 mediaoff, medialen, ntohs(rtp_port)))
876 rtp_exp = nf_ct_expect_alloc(ct);
879 nf_ct_expect_init(rtp_exp, class, nf_ct_l3num(ct), saddr, daddr,
880 IPPROTO_UDP, NULL, &rtp_port);
882 rtcp_exp = nf_ct_expect_alloc(ct);
883 if (rtcp_exp == NULL)
885 nf_ct_expect_init(rtcp_exp, class, nf_ct_l3num(ct), saddr, daddr,
886 IPPROTO_UDP, NULL, &rtcp_port);
888 nf_nat_sdp_media = rcu_dereference(nf_nat_sdp_media_hook);
889 if (nf_nat_sdp_media && ct->status & IPS_NAT_MASK && !direct_rtp)
890 ret = nf_nat_sdp_media(skb, dataoff, dptr, datalen,
892 mediaoff, medialen, daddr);
894 if (nf_ct_expect_related(rtp_exp) == 0) {
895 if (nf_ct_expect_related(rtcp_exp) != 0)
896 nf_ct_unexpect_related(rtp_exp);
901 nf_ct_expect_put(rtcp_exp);
903 nf_ct_expect_put(rtp_exp);
908 static const struct sdp_media_type sdp_media_types[] = {
909 SDP_MEDIA_TYPE("audio ", SIP_EXPECT_AUDIO),
910 SDP_MEDIA_TYPE("video ", SIP_EXPECT_VIDEO),
911 SDP_MEDIA_TYPE("image ", SIP_EXPECT_IMAGE),
914 static const struct sdp_media_type *sdp_media_type(const char *dptr,
915 unsigned int matchoff,
916 unsigned int matchlen)
918 const struct sdp_media_type *t;
921 for (i = 0; i < ARRAY_SIZE(sdp_media_types); i++) {
922 t = &sdp_media_types[i];
923 if (matchlen < t->len ||
924 strncmp(dptr + matchoff, t->name, t->len))
931 static int process_sdp(struct sk_buff *skb, unsigned int dataoff,
932 const char **dptr, unsigned int *datalen,
935 enum ip_conntrack_info ctinfo;
936 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
937 unsigned int matchoff, matchlen;
938 unsigned int mediaoff, medialen;
940 unsigned int caddr_len, maddr_len;
942 union nf_inet_addr caddr, maddr, rtp_addr;
944 enum sdp_header_types c_hdr;
945 const struct sdp_media_type *t;
947 typeof(nf_nat_sdp_addr_hook) nf_nat_sdp_addr;
948 typeof(nf_nat_sdp_session_hook) nf_nat_sdp_session;
950 nf_nat_sdp_addr = rcu_dereference(nf_nat_sdp_addr_hook);
951 c_hdr = nf_ct_l3num(ct) == AF_INET ? SDP_HDR_CONNECTION_IP4 :
952 SDP_HDR_CONNECTION_IP6;
954 /* Find beginning of session description */
955 if (ct_sip_get_sdp_header(ct, *dptr, 0, *datalen,
956 SDP_HDR_VERSION, SDP_HDR_UNSPEC,
957 &matchoff, &matchlen) <= 0)
961 /* The connection information is contained in the session description
962 * and/or once per media description. The first media description marks
963 * the end of the session description. */
965 if (ct_sip_parse_sdp_addr(ct, *dptr, sdpoff, *datalen,
966 c_hdr, SDP_HDR_MEDIA,
967 &matchoff, &matchlen, &caddr) > 0)
968 caddr_len = matchlen;
971 for (i = 0; i < ARRAY_SIZE(sdp_media_types); ) {
972 if (ct_sip_get_sdp_header(ct, *dptr, mediaoff, *datalen,
973 SDP_HDR_MEDIA, SDP_HDR_UNSPEC,
974 &mediaoff, &medialen) <= 0)
977 /* Get media type and port number. A media port value of zero
978 * indicates an inactive stream. */
979 t = sdp_media_type(*dptr, mediaoff, medialen);
981 mediaoff += medialen;
987 port = simple_strtoul(*dptr + mediaoff, NULL, 10);
990 if (port < 1024 || port > 65535)
993 /* The media description overrides the session description. */
995 if (ct_sip_parse_sdp_addr(ct, *dptr, mediaoff, *datalen,
996 c_hdr, SDP_HDR_MEDIA,
997 &matchoff, &matchlen, &maddr) > 0) {
998 maddr_len = matchlen;
999 memcpy(&rtp_addr, &maddr, sizeof(rtp_addr));
1000 } else if (caddr_len)
1001 memcpy(&rtp_addr, &caddr, sizeof(rtp_addr));
1005 ret = set_expected_rtp_rtcp(skb, dataoff, dptr, datalen,
1006 &rtp_addr, htons(port), t->class,
1007 mediaoff, medialen);
1008 if (ret != NF_ACCEPT)
1011 /* Update media connection address if present */
1012 if (maddr_len && nf_nat_sdp_addr && ct->status & IPS_NAT_MASK) {
1013 ret = nf_nat_sdp_addr(skb, dataoff, dptr, datalen,
1014 mediaoff, c_hdr, SDP_HDR_MEDIA,
1016 if (ret != NF_ACCEPT)
1022 /* Update session connection and owner addresses */
1023 nf_nat_sdp_session = rcu_dereference(nf_nat_sdp_session_hook);
1024 if (nf_nat_sdp_session && ct->status & IPS_NAT_MASK)
1025 ret = nf_nat_sdp_session(skb, dataoff, dptr, datalen, sdpoff,
1030 static int process_invite_response(struct sk_buff *skb, unsigned int dataoff,
1031 const char **dptr, unsigned int *datalen,
1032 unsigned int cseq, unsigned int code)
1034 enum ip_conntrack_info ctinfo;
1035 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1036 struct nf_conn_help *help = nfct_help(ct);
1038 if ((code >= 100 && code <= 199) ||
1039 (code >= 200 && code <= 299))
1040 return process_sdp(skb, dataoff, dptr, datalen, cseq);
1041 else if (help->help.ct_sip_info.invite_cseq == cseq)
1042 flush_expectations(ct, true);
1046 static int process_update_response(struct sk_buff *skb, unsigned int dataoff,
1047 const char **dptr, unsigned int *datalen,
1048 unsigned int cseq, unsigned int code)
1050 enum ip_conntrack_info ctinfo;
1051 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1052 struct nf_conn_help *help = nfct_help(ct);
1054 if ((code >= 100 && code <= 199) ||
1055 (code >= 200 && code <= 299))
1056 return process_sdp(skb, dataoff, dptr, datalen, cseq);
1057 else if (help->help.ct_sip_info.invite_cseq == cseq)
1058 flush_expectations(ct, true);
1062 static int process_prack_response(struct sk_buff *skb, unsigned int dataoff,
1063 const char **dptr, unsigned int *datalen,
1064 unsigned int cseq, unsigned int code)
1066 enum ip_conntrack_info ctinfo;
1067 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1068 struct nf_conn_help *help = nfct_help(ct);
1070 if ((code >= 100 && code <= 199) ||
1071 (code >= 200 && code <= 299))
1072 return process_sdp(skb, dataoff, dptr, datalen, cseq);
1073 else if (help->help.ct_sip_info.invite_cseq == cseq)
1074 flush_expectations(ct, true);
1078 static int process_invite_request(struct sk_buff *skb, unsigned int dataoff,
1079 const char **dptr, unsigned int *datalen,
1082 enum ip_conntrack_info ctinfo;
1083 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1084 struct nf_conn_help *help = nfct_help(ct);
1087 flush_expectations(ct, true);
1088 ret = process_sdp(skb, dataoff, dptr, datalen, cseq);
1089 if (ret == NF_ACCEPT)
1090 help->help.ct_sip_info.invite_cseq = cseq;
1094 static int process_bye_request(struct sk_buff *skb, unsigned int dataoff,
1095 const char **dptr, unsigned int *datalen,
1098 enum ip_conntrack_info ctinfo;
1099 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1101 flush_expectations(ct, true);
1105 /* Parse a REGISTER request and create a permanent expectation for incoming
1106 * signalling connections. The expectation is marked inactive and is activated
1107 * when receiving a response indicating success from the registrar.
1109 static int process_register_request(struct sk_buff *skb, unsigned int dataoff,
1110 const char **dptr, unsigned int *datalen,
1113 enum ip_conntrack_info ctinfo;
1114 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1115 struct nf_conn_help *help = nfct_help(ct);
1116 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
1117 unsigned int matchoff, matchlen;
1118 struct nf_conntrack_expect *exp;
1119 union nf_inet_addr *saddr, daddr;
1122 unsigned int expires = 0;
1124 typeof(nf_nat_sip_expect_hook) nf_nat_sip_expect;
1126 /* Expected connections can not register again. */
1127 if (ct->status & IPS_EXPECTED)
1130 /* We must check the expiration time: a value of zero signals the
1131 * registrar to release the binding. We'll remove our expectation
1132 * when receiving the new bindings in the response, but we don't
1133 * want to create new ones.
1135 * The expiration time may be contained in Expires: header, the
1136 * Contact: header parameters or the URI parameters.
1138 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_EXPIRES,
1139 &matchoff, &matchlen) > 0)
1140 expires = simple_strtoul(*dptr + matchoff, NULL, 10);
1142 ret = ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen,
1143 SIP_HDR_CONTACT, NULL,
1144 &matchoff, &matchlen, &daddr, &port);
1150 /* We don't support third-party registrations */
1151 if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3, &daddr))
1154 if (ct_sip_parse_transport(ct, *dptr, matchoff + matchlen, *datalen,
1158 if (ct_sip_parse_numerical_param(ct, *dptr,
1159 matchoff + matchlen, *datalen,
1160 "expires=", NULL, NULL, &expires) < 0)
1168 exp = nf_ct_expect_alloc(ct);
1173 if (sip_direct_signalling)
1174 saddr = &ct->tuplehash[!dir].tuple.src.u3;
1176 nf_ct_expect_init(exp, SIP_EXPECT_SIGNALLING, nf_ct_l3num(ct),
1177 saddr, &daddr, proto, NULL, &port);
1178 exp->timeout.expires = sip_timeout * HZ;
1179 exp->helper = nfct_help(ct)->helper;
1180 exp->flags = NF_CT_EXPECT_PERMANENT | NF_CT_EXPECT_INACTIVE;
1182 nf_nat_sip_expect = rcu_dereference(nf_nat_sip_expect_hook);
1183 if (nf_nat_sip_expect && ct->status & IPS_NAT_MASK)
1184 ret = nf_nat_sip_expect(skb, dataoff, dptr, datalen, exp,
1185 matchoff, matchlen);
1187 if (nf_ct_expect_related(exp) != 0)
1192 nf_ct_expect_put(exp);
1195 if (ret == NF_ACCEPT)
1196 help->help.ct_sip_info.register_cseq = cseq;
1200 static int process_register_response(struct sk_buff *skb, unsigned int dataoff,
1201 const char **dptr, unsigned int *datalen,
1202 unsigned int cseq, unsigned int code)
1204 enum ip_conntrack_info ctinfo;
1205 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1206 struct nf_conn_help *help = nfct_help(ct);
1207 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
1208 union nf_inet_addr addr;
1211 unsigned int matchoff, matchlen, coff = 0;
1212 unsigned int expires = 0;
1213 int in_contact = 0, ret;
1215 /* According to RFC 3261, "UAs MUST NOT send a new registration until
1216 * they have received a final response from the registrar for the
1217 * previous one or the previous REGISTER request has timed out".
1219 * However, some servers fail to detect retransmissions and send late
1220 * responses, so we store the sequence number of the last valid
1221 * request and compare it here.
1223 if (help->help.ct_sip_info.register_cseq != cseq)
1226 if (code >= 100 && code <= 199)
1228 if (code < 200 || code > 299)
1231 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_EXPIRES,
1232 &matchoff, &matchlen) > 0)
1233 expires = simple_strtoul(*dptr + matchoff, NULL, 10);
1236 unsigned int c_expires = expires;
1238 ret = ct_sip_parse_header_uri(ct, *dptr, &coff, *datalen,
1239 SIP_HDR_CONTACT, &in_contact,
1240 &matchoff, &matchlen,
1247 /* We don't support third-party registrations */
1248 if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3, &addr))
1251 if (ct_sip_parse_transport(ct, *dptr, matchoff + matchlen,
1252 *datalen, &proto) == 0)
1255 ret = ct_sip_parse_numerical_param(ct, *dptr,
1256 matchoff + matchlen,
1257 *datalen, "expires=",
1258 NULL, NULL, &c_expires);
1263 if (refresh_signalling_expectation(ct, &addr, proto, port,
1269 flush_expectations(ct, false);
1273 static const struct sip_handler sip_handlers[] = {
1274 SIP_HANDLER("INVITE", process_invite_request, process_invite_response),
1275 SIP_HANDLER("UPDATE", process_sdp, process_update_response),
1276 SIP_HANDLER("ACK", process_sdp, NULL),
1277 SIP_HANDLER("PRACK", process_sdp, process_prack_response),
1278 SIP_HANDLER("BYE", process_bye_request, NULL),
1279 SIP_HANDLER("REGISTER", process_register_request, process_register_response),
1282 static int process_sip_response(struct sk_buff *skb, unsigned int dataoff,
1283 const char **dptr, unsigned int *datalen)
1285 enum ip_conntrack_info ctinfo;
1286 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1287 unsigned int matchoff, matchlen, matchend;
1288 unsigned int code, cseq, i;
1290 if (*datalen < strlen("SIP/2.0 200"))
1292 code = simple_strtoul(*dptr + strlen("SIP/2.0 "), NULL, 10);
1296 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_CSEQ,
1297 &matchoff, &matchlen) <= 0)
1299 cseq = simple_strtoul(*dptr + matchoff, NULL, 10);
1302 matchend = matchoff + matchlen + 1;
1304 for (i = 0; i < ARRAY_SIZE(sip_handlers); i++) {
1305 const struct sip_handler *handler;
1307 handler = &sip_handlers[i];
1308 if (handler->response == NULL)
1310 if (*datalen < matchend + handler->len ||
1311 strnicmp(*dptr + matchend, handler->method, handler->len))
1313 return handler->response(skb, dataoff, dptr, datalen,
1319 static int process_sip_request(struct sk_buff *skb, unsigned int dataoff,
1320 const char **dptr, unsigned int *datalen)
1322 enum ip_conntrack_info ctinfo;
1323 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1324 unsigned int matchoff, matchlen;
1325 unsigned int cseq, i;
1327 for (i = 0; i < ARRAY_SIZE(sip_handlers); i++) {
1328 const struct sip_handler *handler;
1330 handler = &sip_handlers[i];
1331 if (handler->request == NULL)
1333 if (*datalen < handler->len ||
1334 strnicmp(*dptr, handler->method, handler->len))
1337 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_CSEQ,
1338 &matchoff, &matchlen) <= 0)
1340 cseq = simple_strtoul(*dptr + matchoff, NULL, 10);
1344 return handler->request(skb, dataoff, dptr, datalen, cseq);
1349 static int process_sip_msg(struct sk_buff *skb, struct nf_conn *ct,
1350 unsigned int dataoff, const char **dptr,
1351 unsigned int *datalen)
1353 typeof(nf_nat_sip_hook) nf_nat_sip;
1356 if (strnicmp(*dptr, "SIP/2.0 ", strlen("SIP/2.0 ")) != 0)
1357 ret = process_sip_request(skb, dataoff, dptr, datalen);
1359 ret = process_sip_response(skb, dataoff, dptr, datalen);
1361 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
1362 nf_nat_sip = rcu_dereference(nf_nat_sip_hook);
1363 if (nf_nat_sip && !nf_nat_sip(skb, dataoff, dptr, datalen))
1370 static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff,
1371 struct nf_conn *ct, enum ip_conntrack_info ctinfo)
1373 struct tcphdr *th, _tcph;
1374 unsigned int dataoff, datalen;
1375 unsigned int matchoff, matchlen, clen;
1376 unsigned int msglen, origlen;
1377 const char *dptr, *end;
1378 s16 diff, tdiff = 0;
1380 typeof(nf_nat_sip_seq_adjust_hook) nf_nat_sip_seq_adjust;
1382 if (ctinfo != IP_CT_ESTABLISHED &&
1383 ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY)
1387 th = skb_header_pointer(skb, protoff, sizeof(_tcph), &_tcph);
1390 dataoff = protoff + th->doff * 4;
1391 if (dataoff >= skb->len)
1394 nf_ct_refresh(ct, skb, sip_timeout * HZ);
1396 if (unlikely(skb_linearize(skb)))
1399 dptr = skb->data + dataoff;
1400 datalen = skb->len - dataoff;
1401 if (datalen < strlen("SIP/2.0 200"))
1405 if (ct_sip_get_header(ct, dptr, 0, datalen,
1406 SIP_HDR_CONTENT_LENGTH,
1407 &matchoff, &matchlen) <= 0)
1410 clen = simple_strtoul(dptr + matchoff, (char **)&end, 10);
1411 if (dptr + matchoff == end)
1414 if (end + strlen("\r\n\r\n") > dptr + datalen)
1416 if (end[0] != '\r' || end[1] != '\n' ||
1417 end[2] != '\r' || end[3] != '\n')
1419 end += strlen("\r\n\r\n") + clen;
1421 msglen = origlen = end - dptr;
1423 ret = process_sip_msg(skb, ct, dataoff, &dptr, &msglen);
1424 if (ret != NF_ACCEPT)
1426 diff = msglen - origlen;
1431 datalen = datalen + diff - msglen;
1434 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
1435 nf_nat_sip_seq_adjust = rcu_dereference(nf_nat_sip_seq_adjust_hook);
1436 if (nf_nat_sip_seq_adjust)
1437 nf_nat_sip_seq_adjust(skb, tdiff);
1443 static int sip_help_udp(struct sk_buff *skb, unsigned int protoff,
1444 struct nf_conn *ct, enum ip_conntrack_info ctinfo)
1446 unsigned int dataoff, datalen;
1450 dataoff = protoff + sizeof(struct udphdr);
1451 if (dataoff >= skb->len)
1454 nf_ct_refresh(ct, skb, sip_timeout * HZ);
1456 if (unlikely(skb_linearize(skb)))
1459 dptr = skb->data + dataoff;
1460 datalen = skb->len - dataoff;
1461 if (datalen < strlen("SIP/2.0 200"))
1464 return process_sip_msg(skb, ct, dataoff, &dptr, &datalen);
1467 static struct nf_conntrack_helper sip[MAX_PORTS][4] __read_mostly;
1468 static char sip_names[MAX_PORTS][4][sizeof("sip-65535")] __read_mostly;
1470 static const struct nf_conntrack_expect_policy sip_exp_policy[SIP_EXPECT_MAX + 1] = {
1471 [SIP_EXPECT_SIGNALLING] = {
1472 .name = "signalling",
1476 [SIP_EXPECT_AUDIO] = {
1478 .max_expected = 2 * IP_CT_DIR_MAX,
1481 [SIP_EXPECT_VIDEO] = {
1483 .max_expected = 2 * IP_CT_DIR_MAX,
1486 [SIP_EXPECT_IMAGE] = {
1488 .max_expected = IP_CT_DIR_MAX,
1493 static void nf_conntrack_sip_fini(void)
1497 for (i = 0; i < ports_c; i++) {
1498 for (j = 0; j < ARRAY_SIZE(sip[i]); j++) {
1499 if (sip[i][j].me == NULL)
1501 nf_conntrack_helper_unregister(&sip[i][j]);
1506 static int __init nf_conntrack_sip_init(void)
1512 ports[ports_c++] = SIP_PORT;
1514 for (i = 0; i < ports_c; i++) {
1515 memset(&sip[i], 0, sizeof(sip[i]));
1517 sip[i][0].tuple.src.l3num = AF_INET;
1518 sip[i][0].tuple.dst.protonum = IPPROTO_UDP;
1519 sip[i][0].help = sip_help_udp;
1520 sip[i][1].tuple.src.l3num = AF_INET;
1521 sip[i][1].tuple.dst.protonum = IPPROTO_TCP;
1522 sip[i][1].help = sip_help_tcp;
1524 sip[i][2].tuple.src.l3num = AF_INET6;
1525 sip[i][2].tuple.dst.protonum = IPPROTO_UDP;
1526 sip[i][2].help = sip_help_udp;
1527 sip[i][3].tuple.src.l3num = AF_INET6;
1528 sip[i][3].tuple.dst.protonum = IPPROTO_TCP;
1529 sip[i][3].help = sip_help_tcp;
1531 for (j = 0; j < ARRAY_SIZE(sip[i]); j++) {
1532 sip[i][j].tuple.src.u.udp.port = htons(ports[i]);
1533 sip[i][j].expect_policy = sip_exp_policy;
1534 sip[i][j].expect_class_max = SIP_EXPECT_MAX;
1535 sip[i][j].me = THIS_MODULE;
1537 tmpname = &sip_names[i][j][0];
1538 if (ports[i] == SIP_PORT)
1539 sprintf(tmpname, "sip");
1541 sprintf(tmpname, "sip-%u", i);
1542 sip[i][j].name = tmpname;
1544 pr_debug("port #%u: %u\n", i, ports[i]);
1546 ret = nf_conntrack_helper_register(&sip[i][j]);
1548 printk(KERN_ERR "nf_ct_sip: failed to register"
1549 " helper for pf: %u port: %u\n",
1550 sip[i][j].tuple.src.l3num, ports[i]);
1551 nf_conntrack_sip_fini();
1559 module_init(nf_conntrack_sip_init);
1560 module_exit(nf_conntrack_sip_fini);
git.samba.org / sfrench / cifs-2.6.git / blob