NuFW: src/nufw/packetsrv.c File Reference

packetsrv() is a thread which read packet from netfilter queue. If packet content match to IPv4 TCP/UDP, add it to the packet list (packets_list) and ask NuAuth an authentication or control using auth_request_send().

When using NetFilter queue, treat_packet() is used as callback to parse new packets. Function look_for_tcp_flags() is a tool to check TCP flags in a IPv4 packet.

Function Documentation

int auth_request_send	(	uint8_t	type,
		struct queued_pckt *	pckt_datas
	)

Send an authentication request to NuAuth. May restart TLS session and/or open TLS connection (if closed).

Create the thread authsrv() when opening a new session.

Packet maximum size is 512 bytes, and it's structure is nufw_to_nuauth_auth_message_t.

Parameters:

	type	Type of request (AUTH_REQUEST, AUTH_CONTROL, ...)
	pckt_datas	A pointer to a queued_pckt:: holding packet information

Returns:: If an error occurs returns 0, else return 1.

Definition at line 639 of file packetsrv.c.

Referenced by packetsrv_ipq_process().

Here is the call graph for this function:

int look_for_tcp_flags	(	unsigned char *	dgram,
		unsigned int	datalen
	)

Parse an packet and check if it's TCP in IPv4 packet with TCP flag ACK, FIN or RST set.

Parameters:

	dgram	Pointer to data to parse
	datalen	Length of the data

Returns:: If the TCP if the packet matchs, returns 1. Else, returns 0.

Definition at line 51 of file packetsrv.c.

References DEBUG_AREA_PACKET, DEBUG_LEVEL_VERBOSE_DEBUG, log_area_printf(), and RETURN_NO_LOG.

Referenced by packetsrv_ipq_process().

Here is the call graph for this function:

void* packetsrv ( void * void_arg )

Packet server thread function.

Connect to netfilter to ask a netlink. Read packet on this link. Check if packet useful for NuFW. If yes, add it to packet list and/or send it to NuAuth.

When using NetFilter queue, it uses treat_packet() as callback. In ipq mode it uses an internal packet parser and process mechanism.

Returns:: NULL

Definition at line 376 of file packetsrv.c.

References DEBUG_AREA_MAIN, DEBUG_AREA_PACKET, DEBUG_LEVEL_CRITICAL, DEBUG_LEVEL_DEBUG, DEBUG_LEVEL_FATAL, DEBUG_LEVEL_MESSAGE, DEBUG_LEVEL_SERIOUS_MESSAGE, DEBUG_LEVEL_SERIOUS_WARNING, DEBUG_LEVEL_WARNING, err, hndl, log_area_printf(), packetsrv_ipq_process(), nufw_threadargument::parent_pid, pckt_rx, and nufw_threadargument::thread.

Referenced by create_thread().

Here is the call graph for this function:

void packetsrv_ipq_process ( unsigned char * buffer )

Process an IP message received from IPQ

Returns:: Returns 1 if it's ok, 0 otherwise.

Definition at line 296 of file packetsrv.c.

References AUTH_CONTROL, AUTH_REQUEST, auth_request_send(), DEBUG_AREA_MAIN, DEBUG_AREA_PACKET, DEBUG_LEVEL_SERIOUS_WARNING, DEBUG_LEVEL_VERBOSE_DEBUG, DEBUG_LEVEL_WARNING, Packet_Ids::id, IPQ_SET_VERDICT, log_area_printf(), look_for_tcp_flags(), packets_list_t::mutex, queued_pckt::packet_id, packets_list, padd(), queued_pckt::payload, queued_pckt::payload_len, pckt_rx, psearch_and_destroy(), RETURN_NO_LOG, and Packet_Ids::timestamp.

Referenced by packetsrv().

Here is the call graph for this function:

void shutdown_tls ( )

Halt TLS threads and close socket

Definition at line 609 of file packetsrv.c.

References nuauth_conn::auth_server, nuauth_conn::auth_server_running, close_tls_session(), DEBUG_AREA_GW, DEBUG_LEVEL_CRITICAL, log_area_printf(), and tls.

Referenced by auth_request_send(), and process_hup().

Here is the call graph for this function:

packetsrv.c File Reference

Functions

Detailed Description

Function Documentation


Functions
int	look_for_tcp_flags (unsigned char *dgram, unsigned int datalen)
void	packetsrv_ipq_process (unsigned char *buffer)
void *	packetsrv (void *void_arg)
	Packet server thread function.
void	shutdown_tls ()
int	auth_request_send (uint8_t type, struct queued_pckt *pckt_datas)