// SPDX-License-Identifier: GPL-2.0-only /* * Connection tracking support for PPTP (Point to Point Tunneling Protocol). * PPTP is a protocol for creating virtual private networks. * It is a specification defined by Microsoft and some vendors * working with Microsoft. PPTP is built on top of a modified * version of the Internet Generic Routing Encapsulation Protocol. * GRE is defined in RFC 1701 and RFC 1702. Documentation of * PPTP can be found in RFC 2637 * * (C) 2000-2005 by Harald Welte <[email protected]> * * Development of this code funded by Astaro AG (http://www.astaro.com/) * * (C) 2006-2012 Patrick McHardy <[email protected]> * * Limitations: * - We blindly assume that control connections are always * established in PNS->PAC direction. This is a violation * of RFC 2637 * - We can only support one single call within each session * TODO: * - testing of incoming PPTP calls */ #include <linux/module.h> #include <linux/skbuff.h> #include <linux/in.h> #include <linux/tcp.h> #include <net/netfilter/nf_conntrack.h> #include <net/netfilter/nf_conntrack_core.h> #include <net/netfilter/nf_conntrack_helper.h> #include <net/netfilter/nf_conntrack_zones.h> #include <linux/netfilter/nf_conntrack_proto_gre.h> #include <linux/netfilter/nf_conntrack_pptp.h> #define NF_CT_PPTP_VERSION … MODULE_LICENSE(…) …; MODULE_AUTHOR(…) …; MODULE_DESCRIPTION(…) …; MODULE_ALIAS(…) …; MODULE_ALIAS_NFCT_HELPER(…) …; static DEFINE_SPINLOCK(nf_pptp_lock); const struct nf_nat_pptp_hook __rcu *nf_nat_pptp_hook; EXPORT_SYMBOL_GPL(…); #if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG) /* PptpControlMessageType names */ static const char *const pptp_msg_name_array[PPTP_MSG_MAX + 1] = …; const char *pptp_msg_name(u_int16_t msg) { … } EXPORT_SYMBOL(…); #endif #define SECS … #define MINS … #define HOURS … #define PPTP_GRE_TIMEOUT … #define PPTP_GRE_STREAM_TIMEOUT … static void pptp_expectfn(struct nf_conn *ct, struct nf_conntrack_expect *exp) { … } static int destroy_sibling_or_exp(struct net *net, struct nf_conn *ct, const struct nf_conntrack_tuple *t) { … } /* timeout GRE data connections */ static void pptp_destroy_siblings(struct nf_conn *ct) { … } /* expect GRE connections (PNS->PAC and PAC->PNS direction) */ static int exp_gre(struct nf_conn *ct, __be16 callid, __be16 peer_callid) { … } static int pptp_inbound_pkt(struct sk_buff *skb, unsigned int protoff, struct PptpControlHeader *ctlh, union pptp_ctrl_union *pptpReq, unsigned int reqlen, struct nf_conn *ct, enum ip_conntrack_info ctinfo) { … } static int pptp_outbound_pkt(struct sk_buff *skb, unsigned int protoff, struct PptpControlHeader *ctlh, union pptp_ctrl_union *pptpReq, unsigned int reqlen, struct nf_conn *ct, enum ip_conntrack_info ctinfo) { … } static const unsigned int pptp_msg_size[] = …; /* track caller id inside control connection, call expect_related */ static int conntrack_pptp_help(struct sk_buff *skb, unsigned int protoff, struct nf_conn *ct, enum ip_conntrack_info ctinfo) { … } static const struct nf_conntrack_expect_policy pptp_exp_policy = …; /* control protocol helper */ static struct nf_conntrack_helper pptp __read_mostly = …; static int __init nf_conntrack_pptp_init(void) { … } static void __exit nf_conntrack_pptp_fini(void) { … } module_init(…) …; module_exit(nf_conntrack_pptp_fini);
Codebase Browser
linux