blob: 42389aa025855576b4a40c83f5c7dbedf3abd45a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
/*
* (C) 2012 by Pablo Neira Ayuso <pablo@netfilter.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This code has been sponsored by Vyatta Inc. <http://www.vyatta.com>
*/
#include <stdio.h>
#include <stdbool.h>
#include <endian.h>
#include <arpa/inet.h>
#include <netinet/ip.h>
#include <netinet/ip6.h>
#include <netinet/tcp.h>
#include <libnetfilter_queue/libnetfilter_queue.h>
#include "internal.h"
uint16_t nfq_checksum(uint32_t sum, uint16_t *buf, int size)
{
while (size > 1) {
sum += *buf++;
size -= sizeof(uint16_t);
}
if (size) {
#if __BYTE_ORDER == __BIG_ENDIAN
sum += (uint16_t)*(uint8_t *)buf << 8;
#else
sum += (uint16_t)*(uint8_t *)buf;
#endif
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >>16);
return (uint16_t)(~sum);
}
uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph, uint16_t protonum)
{
uint32_t sum = 0;
uint32_t iph_len = iph->ihl*4;
uint32_t len = ntohs(iph->tot_len) - iph_len;
uint8_t *payload = (uint8_t *)iph + iph_len;
sum += (iph->saddr >> 16) & 0xFFFF;
sum += (iph->saddr) & 0xFFFF;
sum += (iph->daddr >> 16) & 0xFFFF;
sum += (iph->daddr) & 0xFFFF;
sum += htons(protonum);
sum += htons(len);
return nfq_checksum(sum, (uint16_t *)payload, len);
}
uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr,
uint16_t protonum)
{
uint32_t sum = 0;
uint32_t hdr_len = (uint32_t *)transport_hdr - (uint32_t *)ip6h;
uint32_t len = ip6h->ip6_plen - hdr_len;
uint8_t *payload = (uint8_t *)ip6h + hdr_len;
int i;
for (i=0; i<8; i++) {
sum += (ip6h->ip6_src.s6_addr16[i] >> 16) & 0xFFFF;
sum += (ip6h->ip6_src.s6_addr16[i]) & 0xFFFF;
}
for (i=0; i<8; i++) {
sum += (ip6h->ip6_dst.s6_addr16[i] >> 16) & 0xFFFF;
sum += (ip6h->ip6_dst.s6_addr16[i]) & 0xFFFF;
}
sum += htons(protonum);
sum += htons(ip6h->ip6_plen);
return nfq_checksum(sum, (uint16_t *)payload, len);
}
/**
* @}
*/
|