archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/net/rras/ip/nat/mapping.h

532 lines
14 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1997 Microsoft Corporation
  5. Module Name:
  7. mapping.h
  9. Abstract:
  11. This file contains declarations for the management of dynamic mappings.
  12. This includes the relevant data structures as well as the routines for
  13. manipulating the structures.
  15. Author:
  17. Abolade Gbadegesin (t-abolag) 11-July-1997
  19. Revision History:
  21. --*/
  23. #ifndef _NAT_MAPPING_H_
  24. #define _NAT_MAPPING_H_
  26. //
  27. // Forward declaration of structure defined elsewhere
  28. //
  30. struct _NAT_INTERFACE;
  31. #define PNAT_INTERFACE struct _NAT_INTERFACE*
  33. typedef enum _NAT_SESSION_MAPPING_INFORMATION_CLASS {
  34. NatKeySessionMappingInformation,
  35. NatStatisticsSessionMappingInformation,
  36. #if _WIN32_WINNT > 0x0500
  37. NatKeySessionMappingExInformation,
  38. #endif
  39. NatMaximumSessionMappingInformation
  40. } NAT_SESSION_MAPPING_INFORMATION_CLASS,
  41. *PNAT_SESSION_MAPPING_INFORMATION_CLASS;
  44. //
  45. // Structure: NAT_DYNAMIC_MAPPING
  46. //
  47. // This structure holds information about a specific active session.
  48. // Each instance is held on the global mapping-list as well as
  49. // on the global mapping-trees for forward and reverse access.
  50. //
  51. // Each mapping stores four keys which are address/protocol/port combinations:
  52. // forward source and destination keys (the original session-endpoints),
  53. // and reverse source and destination keys (the translated endpoints).
  54. //
  55. // Each time a packet is translated using a mapping, the 'LastAccessTime'
  56. // is set to the number of ticks since system-start (KeQueryTickCount).
  57. // This value is used by our timer routine to eliminate expired mappings.
  58. //
  59. // Synchronization of access to mappings is similar to that of interfaces,
  60. // editors, and directors:
  61. //
  62. // We use a reference count to ensure the existence of a mapping,
  63. // and a spin-lock to ensure its consistency.
  64. //
  65. // The fields of a mapping are only consistent while the spinlock is held
  66. // (with the exception of fields such as 'PrivateKey' which are read-only)
  67. //
  68. // The spinlock can only be acquired if
  69. // (a) the reference-count has been incremented, or
  70. // (b) the mapping-list lock is already held.
  71. //
  72. // If the mapping is for an edited, directed, or interface's session,
  73. // it also lives on its editor's, director's or interface's list of mappings.
  74. // The following holds true of all three lists (i.e. for 'Editor' write
  75. // 'Director' or 'Interface' as appropriate):
  76. //
  77. // As described in 'EDITOR.H', the cached fields 'Editor*' are protected
  78. // by the global 'EditorMappingLock'. Hence,
  79. //
  80. // (a) to read the 'Editor' or 'EditorContext' for a mapping,
  81. // or to traverse the 'EditorLink' field, 'EditorLock' must be held
  82. // and the editor referenced. Note that the attempt to reference
  83. // the editor will fail if the editor has been marked for deletion.
  84. //
  85. // (b) to modify the 'Editor' or 'EditorContext' or to add or
  86. // remove a mapping from its editor's list of mappings by changing
  87. // the 'EditorLink' field, both 'EditorLock' and 'EditorMappingLock'
  88. // must be acquired, in that order.
  89. //
  90. // Acquisition of 'EditorLock' ensures that the cached editor will not be
  91. // deleted while being referenced, and acquisition of 'EditorMappingLock'
  92. // ensures that no changes are being made to the list.
  93. //
  94. // N.B. On the rare occasions when 'MappingLock' must be held at the same time
  95. // as one of 'InterfaceLock', 'EditorLock', and 'DirectorLock', 'MappingLock'
  96. // must always be acquired first.
  97. //
  99. typedef struct _NAT_DYNAMIC_MAPPING {
  101. LIST_ENTRY Link;
  102. RTL_SPLAY_LINKS SLink[NatMaximumPath];
  103. ULONG64 DestinationKey[NatMaximumPath]; // read-only
  104. ULONG64 SourceKey[NatMaximumPath]; // read-only
  105. LONG64 LastAccessTime;
  107. KSPIN_LOCK Lock;
  108. ULONG ReferenceCount;
  110. ULONG AccessCount[NatMaximumPath]; // interlocked-access only
  111. PNAT_TRANSLATE_ROUTINE TranslateRoutine[NatMaximumPath]; // read-only
  113. PNAT_INTERFACE Interfacep;
  114. PVOID InterfaceContext;
  115. LIST_ENTRY InterfaceLink;
  117. PNAT_EDITOR Editor;
  118. PVOID EditorContext;
  119. LIST_ENTRY EditorLink;
  121. PNAT_DIRECTOR Director;
  122. PVOID DirectorContext;
  123. LIST_ENTRY DirectorLink;
  125. ULONG Flags;
  126. ULONG IpChecksumDelta[NatMaximumPath];
  127. ULONG ProtocolChecksumDelta[NatMaximumPath];
  129. union {
  130. struct {
  131. ULONG Expected[NatMaximumPath];
  132. ULONG Base[NatMaximumPath];
  133. LONG Delta[NatMaximumPath];
  134. } TcpSeqNum;
  135. RTL_SPLAY_LINKS SourceSLink[NatMaximumPath];
  136. } u;
  138. // Maxmimum MSS value. Set to 0 if MSS adjustment is unnecessary.
  139. USHORT MaxMSS;
  141. IP_NAT_SESSION_MAPPING_STATISTICS Statistics;
  142. ULONG BytesForward; // interlocked-access only
  143. ULONG BytesReverse; // interlocked-access only
  144. ULONG PacketsForward; // interlocked-access only
  145. ULONG PacketsReverse; // interlocked-access only
  146. ULONG RejectsForward; // interlocked-access only
  147. ULONG RejectsReverse; // interlocked-access only
  149. } NAT_DYNAMIC_MAPPING, *PNAT_DYNAMIC_MAPPING;
  152. //
  153. // Definition of flags for NAT_DYNAMIC_MAPPING.Flags
  154. //
  155. // Set after a mapping has been deleted; when the last reference is released,
  156. // the mapping will be freed.
  157. //
  158. #define NAT_MAPPING_FLAG_DELETED 0x80000000
  159. #define NAT_MAPPING_DELETED(m) \
  160. ((m)->Flags & NAT_MAPPING_FLAG_DELETED)
  161. //
  162. // Set when an editor expires a mapping using 'NatEditorTimeoutSession'.
  163. //
  164. #define NAT_MAPPING_FLAG_EXPIRED 0x00000001
  165. #define NAT_MAPPING_EXPIRED(m) \
  166. ((m)->Flags & NAT_MAPPING_FLAG_EXPIRED)
  167. //
  168. // Set when the forward/reverse SYN for a TCP session is seen, respectively
  169. //
  170. #define NAT_MAPPING_FLAG_FWD_SYN 0x00000002
  171. #define NAT_MAPPING_FLAG_REV_SYN 0x00000004
  172. //
  173. // Set when the forward/reverse FIN for a TCP session is seen, respectively
  174. //
  175. #define NAT_MAPPING_FLAG_FWD_FIN 0x00000008
  176. #define NAT_MAPPING_FLAG_REV_FIN 0x00000010
  177. #define NAT_MAPPING_FIN(m) \
  178. (((m)->Flags & NAT_MAPPING_FLAG_FWD_FIN) && \
  179. ((m)->Flags & NAT_MAPPING_FLAG_REV_FIN))
  180. //
  181. // Set when an inbound mapping is created using a static address or port,
  182. // or because of a director or ticket.
  183. //
  184. #define NAT_MAPPING_FLAG_INBOUND 0x00000020
  185. #define NAT_MAPPING_INBOUND(m) \
  186. ((m)->Flags & NAT_MAPPING_FLAG_INBOUND)
  187. //
  188. // Set when a mapping is created by a director and is not subject to expiration.
  189. //
  190. #define NAT_MAPPING_FLAG_NO_TIMEOUT 0x00000040
  191. #define NAT_MAPPING_NO_TIMEOUT(m) \
  192. ((m)->Flags & NAT_MAPPING_FLAG_NO_TIMEOUT)
  193. //
  194. // Set when only forward packets are to be translated
  195. //
  196. #define NAT_MAPPING_FLAG_UNIDIRECTIONAL 0x00000080
  197. #define NAT_MAPPING_UNIDIRECTIONAL(m) \
  198. ((m)->Flags & NAT_MAPPING_FLAG_UNIDIRECTIONAL)
  200. //
  201. // Set when director-initiated dissociation should trigger deletion
  202. //
  203. #define NAT_MAPPING_FLAG_DELETE_ON_DISSOCIATE_DIRECTOR 0x00000100
  204. #define NAT_MAPPING_DELETE_ON_DISSOCIATE_DIRECTOR(m) \
  205. ((m)->Flags & NAT_MAPPING_FLAG_DELETE_ON_DISSOCIATE_DIRECTOR)
  207. //
  208. // Set on TCP mappings when the three-way handshake is complete
  209. //
  210. #define NAT_MAPPING_FLAG_TCP_OPEN 0x00000200
  211. #define NAT_MAPPING_TCP_OPEN(m) \
  212. ((m)->Flags & NAT_MAPPING_FLAG_TCP_OPEN)
  213. //
  214. // Set if the creation or deletion of this mapping should not
  215. // be logged
  216. //
  217. #define NAT_MAPPING_FLAG_DO_NOT_LOG 0x00000400
  218. #define NAT_MAPPING_DO_NOT_LOG(m) \
  219. ((m)->Flags & NAT_MAPPING_FLAG_DO_NOT_LOG)
  220. //
  221. // Set if the DF bit must be cleared for all packets that belong
  222. // to this mapping.
  223. //
  224. #define NAT_MAPPING_FLAG_CLEAR_DF_BIT 0x00000800
  225. #define NAT_MAPPING_CLEAR_DF_BIT(m) \
  226. ((m)->Flags & NAT_MAPPING_FLAG_CLEAR_DF_BIT)
  228. //
  229. // Mapping-key manipulation macros
  230. //
  232. #define MAKE_MAPPING_KEY(Key,Protocol,Address,Port) \
  233. ((Key) = \
  234. (Address) | \
  235. ((ULONG64)((Port) & 0xFFFF) << 32) | \
  236. ((ULONG64)((Protocol) & 0xFF) << 48))
  238. #define MAPPING_PROTOCOL(Key) ((UCHAR)(((Key) >> 48) & 0xFF))
  239. #define MAPPING_PORT(Key) ((USHORT)(((Key) >> 32) & 0xFFFF))
  240. #define MAPPING_ADDRESS(Key) ((ULONG)(Key))
  242. //
  243. // Resplay threshold; the mapping is resplayed every time its access-count
  244. // passes this value.
  245. //
  247. #define NAT_MAPPING_RESPLAY_THRESHOLD 5
  249. //
  250. // Defines the depth of the lookaside list for allocating dynamic mappings
  251. //
  253. #define MAPPING_LOOKASIDE_DEPTH 20
  255. //
  256. // Defines the threshold at which ad-hoc cleanup of expired mappings begins.
  257. //
  259. #define MAPPING_CLEANUP_THRESHOLD 1000
  261. //
  262. // Mapping allocation macros
  263. //
  265. #define ALLOCATE_MAPPING_BLOCK() \
  266. ExAllocateFromNPagedLookasideList(&MappingLookasideList)
  268. #define FREE_MAPPING_BLOCK(Block) \
  269. ExFreeToNPagedLookasideList(&MappingLookasideList,(Block))
  271. //
  272. // GLOBAL VARIABLE DECLARATIONS
  273. //
  275. extern ULONG ExpiredMappingCount;
  276. extern CACHE_ENTRY MappingCache[NatMaximumPath][CACHE_SIZE];
  277. extern ULONG MappingCount;
  278. extern LIST_ENTRY MappingList;
  279. extern KSPIN_LOCK MappingLock;
  280. extern NPAGED_LOOKASIDE_LIST MappingLookasideList;
  281. extern PNAT_DYNAMIC_MAPPING MappingTree[NatMaximumPath];
  284. //
  285. // MAPPING MANAGEMENT ROUTINES
  286. //
  288. PVOID
  289. NatAllocateFunction(
  290. POOL_TYPE PoolType,
  291. SIZE_T NumberOfBytes,
  292. ULONG Tag
  293. );
  295. VOID
  296. NatCleanupMapping(
  297. PNAT_DYNAMIC_MAPPING Mapping
  298. );
  300. NTSTATUS
  301. NatCreateMapping(
  302. ULONG Flags,
  303. ULONG64 DestinationKey[],
  304. ULONG64 SourceKey[],
  305. PNAT_INTERFACE Interfacep,
  306. PVOID InterfaceContext,
  307. USHORT MaxMSS,
  308. PNAT_DIRECTOR Director,
  309. PVOID DirectorContext,
  310. PNAT_DYNAMIC_MAPPING* InboundInsertionPoint,
  311. PNAT_DYNAMIC_MAPPING* OutboundInsertionPoint,
  312. PNAT_DYNAMIC_MAPPING* MappingCreated
  313. );
  315. NTSTATUS
  316. NatDeleteMapping(
  317. PNAT_DYNAMIC_MAPPING Mapping
  318. );
  320. //
  321. // BOOLEAN
  322. // NatDereferenceMapping(
  323. // PNAT_DYNAMIC_MAPPING Mapping
  324. // );
  325. //
  327. #define \
  328. NatDereferenceMapping( \
  329. _Mapping \
  330. ) \
  331. (InterlockedDecrement(&(_Mapping)->ReferenceCount) \
  332. ? TRUE \
  333. : (NatCleanupMapping(_Mapping), FALSE))
  335. //
  336. // VOID
  337. // NatExpireMapping(
  338. // PNAT_DYNAMIC_MAPPING Mapping
  339. // );
  340. //
  342. PNAT_DYNAMIC_MAPPING
  343. NatDestinationLookupForwardMapping(
  344. ULONG64 DestinationKey
  345. );
  347. PNAT_DYNAMIC_MAPPING
  348. NatDestinationLookupReverseMapping(
  349. ULONG64 DestinationKey
  350. );
  352. #define \
  353. NatExpireMapping( \
  354. _Mapping \
  355. ) \
  356. if (!NAT_MAPPING_EXPIRED(_Mapping)) { \
  357. (_Mapping)->Flags |= NAT_MAPPING_FLAG_EXPIRED; \
  358. InterlockedIncrement(&ExpiredMappingCount); \
  359. if (MappingCount > MAPPING_CLEANUP_THRESHOLD && \
  360. ExpiredMappingCount >= (MappingCount >> 2)) { \
  361. NatTriggerTimer(); \
  362. } \
  363. }
  366. VOID
  367. NatInitializeMappingManagement(
  368. VOID
  369. );
  371. PNAT_DYNAMIC_MAPPING
  372. NatInsertForwardMapping(
  373. PNAT_DYNAMIC_MAPPING Parent,
  374. PNAT_DYNAMIC_MAPPING Mapping
  375. );
  377. PNAT_DYNAMIC_MAPPING
  378. NatInsertReverseMapping(
  379. PNAT_DYNAMIC_MAPPING Parent,
  380. PNAT_DYNAMIC_MAPPING Mapping
  381. );
  383. PNAT_DYNAMIC_MAPPING
  384. NatSourceInsertForwardMapping(
  385. PNAT_DYNAMIC_MAPPING Parent,
  386. PNAT_DYNAMIC_MAPPING Mapping
  387. );
  389. PNAT_DYNAMIC_MAPPING
  390. NatSourceInsertReverseMapping(
  391. PNAT_DYNAMIC_MAPPING Parent,
  392. PNAT_DYNAMIC_MAPPING Mapping
  393. );
  395. NTSTATUS
  396. NatLookupAndQueryInformationMapping(
  397. UCHAR Protocol,
  398. ULONG DestinationAddress,
  399. USHORT DestinationPort,
  400. ULONG SourceAddress,
  401. USHORT SourcePort,
  402. OUT PVOID Information,
  403. ULONG InformationLength,
  404. NAT_SESSION_MAPPING_INFORMATION_CLASS InformationClass
  405. );
  407. PNAT_DYNAMIC_MAPPING
  408. NatLookupForwardMapping(
  409. ULONG64 DestinationKey,
  410. ULONG64 SourceKey,
  411. PNAT_DYNAMIC_MAPPING* InsertionPoint
  412. );
  414. PNAT_DYNAMIC_MAPPING
  415. NatLookupReverseMapping(
  416. ULONG64 DestinationKey,
  417. ULONG64 SourceKey,
  418. PNAT_DYNAMIC_MAPPING* InsertionPoint
  419. );
  421. VOID
  422. NatQueryInformationMapping(
  423. IN PNAT_DYNAMIC_MAPPING Mapping,
  424. OUT PUCHAR Protocol OPTIONAL,
  425. OUT PULONG PrivateAddress OPTIONAL,
  426. OUT PUSHORT PrivatePort OPTIONAL,
  427. OUT PULONG RemoteAddress OPTIONAL,
  428. OUT PUSHORT RemotePort OPTIONAL,
  429. OUT PULONG PublicAddress OPTIONAL,
  430. OUT PUSHORT PublicPort OPTIONAL,
  431. OUT PIP_NAT_SESSION_MAPPING_STATISTICS Statistics OPTIONAL
  432. );
  434. NTSTATUS
  435. NatQueryInterfaceMappingTable(
  436. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS InputBuffer,
  437. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS OutputBuffer,
  438. IN PULONG OutputBufferLength
  439. );
  441. NTSTATUS
  442. NatQueryMappingTable(
  443. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS InputBuffer,
  444. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS OutputBuffer,
  445. IN PULONG OutputBufferLength
  446. );
  448. //
  449. // BOOLEAN
  450. // NatReferenceMapping(
  451. // PNAT_DYNAMIC_MAPPING Mapping
  452. // );
  453. //
  455. #define \
  456. NatReferenceMapping( \
  457. _Mapping \
  458. ) \
  459. (NAT_MAPPING_DELETED(_Mapping) \
  460. ? FALSE \
  461. : (InterlockedIncrement(&(_Mapping)->ReferenceCount), TRUE))
  463. //
  464. // VOID
  465. // NatResplayMapping(
  466. // PNAT_DYNAMIC_MAPPING Mapping,
  467. // IP_NAT_PATH Path
  468. // );
  469. //
  471. #define \
  472. NatResplayMapping( \
  473. _Mapping, \
  474. _Path \
  475. ) \
  476. { \
  477. PRTL_SPLAY_LINKS _SLink; \
  478. KeAcquireSpinLockAtDpcLevel(&MappingLock); \
  479. if (!NAT_MAPPING_DELETED(_Mapping)) { \
  480. _SLink = RtlSplay(&(_Mapping)->SLink[_Path]); \
  481. MappingTree[_Path] = \
  482. CONTAINING_RECORD(_SLink, NAT_DYNAMIC_MAPPING, SLink[_Path]); \
  483. } \
  484. KeReleaseSpinLockFromDpcLevel(&MappingLock); \
  485. }
  487. VOID
  488. NatShutdownMappingManagement(
  489. VOID
  490. );
  492. PNAT_DYNAMIC_MAPPING
  493. NatSourceLookupForwardMapping(
  494. ULONG64 SourceKey,
  495. PNAT_DYNAMIC_MAPPING* InsertionPoint
  496. );
  498. PNAT_DYNAMIC_MAPPING
  499. NatSourceLookupReverseMapping(
  500. ULONG64 SourceKey,
  501. PNAT_DYNAMIC_MAPPING* InsertionPoint
  502. );
  504. //
  505. // VOID
  506. // NatTryToResplayMapping(
  507. // PNAT_DYNAMIC_MAPPING Mapping,
  508. // IP_NAT_PATH Path
  509. // );
  510. //
  512. #define \
  513. NatTryToResplayMapping( \
  514. _Mapping, \
  515. _Path \
  516. ) \
  517. if (InterlockedDecrement(&(_Mapping)->AccessCount[(_Path)]) == 0) { \
  518. NatResplayMapping((_Mapping), (_Path)); \
  519. InterlockedExchangeAdd( \
  520. &(_Mapping)->AccessCount[(_Path)], \
  521. NAT_MAPPING_RESPLAY_THRESHOLD \
  522. ); \
  523. }
  525. VOID
  526. NatUpdateStatisticsMapping(
  527. PNAT_DYNAMIC_MAPPING Mapping
  528. );
  530. #undef PNAT_INTERFACE
  532. #endif // _NAT_MAPPING_H_