From patchwork Sat Jun 17 22:53:37 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Darrell Ball <dlu998@gmail.com>
X-Patchwork-Id: 777373
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3wqsxp21Spz9s65
	for <incoming@patchwork.ozlabs.org>;
	Sun, 18 Jun 2017 08:54:38 +1000 (AEST)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="jk3O/vG+"; dkim-atps=neutral
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id 382BC89C;
	Sat, 17 Jun 2017 22:54:00 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id DC03B6C
	for <dev@openvswitch.org>; Sat, 17 Jun 2017 22:53:57 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pg0-f68.google.com (mail-pg0-f68.google.com
	[74.125.83.68])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 8F0F9139
	for <dev@openvswitch.org>; Sat, 17 Jun 2017 22:53:57 +0000 (UTC)
Received: by mail-pg0-f68.google.com with SMTP id j186so11063272pge.1
	for <dev@openvswitch.org>; Sat, 17 Jun 2017 15:53:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:subject:date:message-id:in-reply-to:references;
	bh=Sb76NHh3truI5esSIqTzPs8Yc4g0iA7AgY0VpByWbIs=;
	b=jk3O/vG+306U3DIcsgHNWmSSeP6mfXM1rDjB2kwMaRu7OJ9yVZjRTDBogSAlydLTva
	0tZvmPuqZtQ8a/lxKd9tGlxS1sQCcTYikm8DcLX6lbng3TVa36O/SXriO+MbrVWqI2we
	uZERMeKxqQU0GrVhHNlh8j9MY3uW+teo2NiZ0hYhfkmt1UA55fUPgUnxqRhzIV88d7UX
	xZ84/HJFQebXSHaBGOG08sWgcBk+owr2eY/xt7JVPTZ/6TTBIXVbm8U8Yx+yI+3RmTYx
	Pa9Kp9yy/Tje7WV575uPSLerm6sW8mQ5AwFuVB6ScGW5HeujmwLWQmjvyqv6kP8T8Lcg
	nBCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=Sb76NHh3truI5esSIqTzPs8Yc4g0iA7AgY0VpByWbIs=;
	b=h/ARU9X1IEzXxvj42FdPzZT8Bo2aIf7+M/bwXnM63hZl0nJtnxu5naif1KsGQw546g
	7LIoVZCt0+zqvOnX+TNtKipwYg4pNJ/jpM/wSv9dcYOKmq7l1gNmeshCFauAr2uL16T/
	g8zzOY8hWRx9gCrl3Gqv/ca80kB24vsg797YxhCeQFLRxuF+2VA9Ahu7T2z8drJN5o1b
	1ZtH/V3HjSP9QFmaxSZHi7hedcG/L/OVfgSzfs6wVR+eUq+JGQ2zqoHAUpq35Leetvgc
	jHQsVHskLNjXln42Jb+aqBgnZDynh0/FWGtgxf6Rc8lMhGfevk1qdWmtelcWzGkejOZ1
	Efog==
X-Gm-Message-State: AKS2vOz42Fn5991VMqDMHddNV1W+GOd57WIElTc90SSqKipp8EE7HbnO
	y39K5s0FGKHpr5Uu
X-Received: by 10.99.44.6 with SMTP id s6mr18113198pgs.261.1497740037248;
	Sat, 17 Jun 2017 15:53:57 -0700 (PDT)
Received: from localhost.localdomain (c-73-162-236-45.hsd1.ca.comcast.net.
	[73.162.236.45]) by smtp.gmail.com with ESMTPSA id
	p90sm6962439pfj.8.2017.06.17.15.53.56
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Sat, 17 Jun 2017 15:53:56 -0700 (PDT)
From: Darrell Ball <dlu998@gmail.com>
To: dlu998@gmail.com,
	dev@openvswitch.org
Date: Sat, 17 Jun 2017 15:53:37 -0700
Message-Id: <1497740019-4168-3-git-send-email-dlu998@gmail.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1497740019-4168-1-git-send-email-dlu998@gmail.com>
References: <1497740019-4168-1-git-send-email-dlu998@gmail.com>
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [ovs-dev] [patch_v2 2/4] Userspace Datapath: Add TFTP support.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

Both ipv4 and ipv6 are supported. Also, NAT support is included.

Signed-off-by: Darrell Ball <dlu998@gmail.com>
---
 include/sparse/netinet/in.h |  1 +
 lib/conntrack.c             | 42 +++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/include/sparse/netinet/in.h b/include/sparse/netinet/in.h
index 8a5b887..6dba458 100644
--- a/include/sparse/netinet/in.h
+++ b/include/sparse/netinet/in.h
@@ -75,6 +75,7 @@ struct sockaddr_in6 {
 #define IPPROTO_SCTP 132
 
 #define IPPORT_FTP 21
+#define IPPORT_TFTP 69
 
 /* All the IP options documented in Linux ip(7). */
 #define IP_ADD_MEMBERSHIP 35
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 1f54fe3..00c094e 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -63,6 +63,7 @@ enum ftp_ctl_pkt {
 enum ct_alg_mode {
     CT_FTP_MODE_ACTIVE,
     CT_FTP_MODE_PASSIVE,
+    CT_TFTP_MODE,
 };
 
 static bool conn_key_extract(struct conntrack *, struct dp_packet *,
@@ -143,6 +144,11 @@ handle_ftp_ctl(struct conntrack *ct, struct conn_lookup_ctx *ctx,
                const struct conn *conn_for_expectation,
                long long now, enum ftp_ctl_pkt ftp_ctl, bool nat);
 
+static void
+handle_tftp_ctl(struct conntrack *ct,
+                const struct conn *conn_for_expectation,
+                long long now);
+
 static struct ct_l4_proto *l4_protos[] = {
     [IPPROTO_TCP] = &ct_proto_tcp,
     [IPPROTO_UDP] = &ct_proto_other,
@@ -337,6 +343,25 @@ is_ftp_ctl(const struct dp_packet *pkt)
              ntohs(th->tcp_dst) == IPPORT_FTP));
 }
 
+static bool
+is_tftp_ctl(const struct dp_packet *pkt)
+{
+    uint8_t ip_proto;
+    struct eth_header *l2 = dp_packet_eth(pkt);
+    if (l2->eth_type == htons(ETH_TYPE_IPV6)) {
+        struct ovs_16aligned_ip6_hdr *nh6 = dp_packet_l3(pkt);
+        ip_proto = nh6->ip6_ctlun.ip6_un1.ip6_un1_nxt;
+    } else {
+        struct ip_header *l3_hdr = dp_packet_l3(pkt);
+        ip_proto = l3_hdr->ip_proto;
+    }
+
+    struct udp_header *uh = dp_packet_l4(pkt);
+
+    return (ip_proto == IPPROTO_UDP &&
+            ntohs(uh->udp_dst) == IPPORT_TFTP);
+}
+
 static void
 alg_exp_init_expiration(struct conntrack *ct,
                         struct alg_exp_node *alg_exp_node,
@@ -1008,7 +1033,7 @@ process_one(struct conntrack *ct, struct dp_packet *pkt,
     }
 
     struct conn conn_for_expectation;
-    if (conn && (is_ftp_ctl(pkt))) {
+    if (conn && (is_ftp_ctl(pkt) || is_tftp_ctl(pkt))) {
         conn_for_expectation = *conn;
     }
 
@@ -1022,6 +1047,8 @@ process_one(struct conntrack *ct, struct dp_packet *pkt,
     if (OVS_UNLIKELY(conn && is_ftp_ctl(pkt))) {
         handle_ftp_ctl(ct, ctx, pkt, &conn_for_expectation,
                        now, CT_FTP_CTL_INTEREST, !!nat_action_info);
+    } else if (OVS_UNLIKELY(conn && is_tftp_ctl(pkt))) {
+        handle_tftp_ctl(ct, &conn_for_expectation, now);
     }
 }
 
@@ -2079,6 +2106,7 @@ expectation_create(struct conntrack *ct,
 
     switch (mode) {
     case CT_FTP_MODE_ACTIVE:
+    case CT_TFTP_MODE:
         src_addr = master_conn->rev_key.src.addr;
         dst_addr = master_conn->rev_key.dst.addr;
         alg_nat_repl_addr = master_conn->key.src.addr;
@@ -2595,6 +2623,7 @@ process_ftp_ctl_v4(struct conntrack *ct,
         *v4_addr_rep = conn_for_expectation->key.dst.addr.ipv4_aligned;
         conn_ipv4_addr = conn_for_expectation->rev_key.src.addr.ipv4_aligned;
         break;
+    case CT_TFTP_MODE:
     default:
         OVS_NOT_REACHED();
     }
@@ -2707,6 +2736,7 @@ process_ftp_ctl_v6(struct conntrack *ct,
     case CT_FTP_MODE_PASSIVE:
         *v6_addr_rep = conn_for_expectation->key.dst.addr;
         break;
+    case CT_TFTP_MODE:
     default:
         OVS_NOT_REACHED();
     }
@@ -2888,3 +2918,13 @@ handle_ftp_ctl(struct conntrack *ct, struct conn_lookup_ctx *ctx,
     return;
 }
 
+static void
+handle_tftp_ctl(struct conntrack *ct,
+                const struct conn *conn_for_expectation,
+                long long now)
+{
+    expectation_create(ct, conn_for_expectation->key.src.port, now,
+                       CT_TFTP_MODE, conn_for_expectation);
+    return;
+}
+