archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
4.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/net/rras/ip/nathlp/natsvc/natio.cpp

2143 lines
49 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1998, Microsoft Corporation
  5. Module Name:
  7. natio.h
  9. Abstract:
  11. This module contains declarations for the NAT's I/O interface
  12. to the kernel-mode driver.
  14. Author:
  16. Abolade Gbadegesin (aboladeg) 10-Mar-1998
  18. Revision History:
  20. --*/
  22. #include "precomp.h"
  23. #pragma hdrstop
  24. #include <ras.h>
  25. #include <rasuip.h>
  26. #include <raserror.h>
  28. //
  29. // PRIVATE GLOBAL VARIABLES
  30. //
  32. HANDLE NatFileHandle;
  33. LIST_ENTRY NatInterfaceList;
  34. //
  35. // Controls access to 'NatFileHandle' and 'NatInterfaceList'.
  36. //
  37. CRITICAL_SECTION NatInterfaceLock;
  39. //
  40. // FORWARD DECLARATIONS
  41. //
  43. VOID
  44. NatpDisableLoadDriverPrivilege(
  45. PBOOLEAN WasEnabled
  46. );
  48. BOOLEAN
  49. NatpEnableLoadDriverPrivilege(
  50. PBOOLEAN WasEnabled
  51. );
  53. PNAT_INTERFACE
  54. NatpLookupInterface(
  55. ULONG Index,
  56. OUT PLIST_ENTRY* InsertionPoint OPTIONAL
  57. );
  60. ULONG
  61. NatBindInterface(
  62. ULONG Index,
  63. PNAT_INTERFACE Interfacep OPTIONAL,
  64. PIP_ADAPTER_BINDING_INFO BindingInfo,
  65. ULONG AdapterIndex
  66. )
  68. /*++
  70. Routine Description:
  72. This routine is invoked to bind the NAT to an interface.
  74. Arguments:
  76. Index - the interface to be bound
  78. Interfacep - optionally supplies the interface-structure to be bound
  79. (See 'NATCONN.C' which passes in a static interface-structure).
  81. BindingInfo - the interface's address-information
  83. AdapterIndex - optionally specifies the interface's TCP/IP adapter index.
  84. This is set only for home-router interfaces.
  86. Return Value:
  88. ULONG - Win32 status code.
  90. --*/
  92. {
  93. PIP_NAT_CREATE_INTERFACE CreateInterface;
  94. ULONG Error;
  95. IO_STATUS_BLOCK IoStatus;
  96. ULONG Size;
  97. NTSTATUS status;
  98. HANDLE WaitEvent;
  100. PROFILE("NatBindInterface");
  102. Error = NO_ERROR;
  104. //
  105. // Look up the interface to be bound
  106. //
  108. EnterCriticalSection(&NatInterfaceLock);
  109. if (!Interfacep && !(Interfacep = NatpLookupInterface(Index, NULL))) {
  110. LeaveCriticalSection(&NatInterfaceLock);
  111. NhTrace(
  112. TRACE_FLAG_NAT,
  113. "NatBindInterface: interface %d not found",
  114. Index
  115. );
  116. return ERROR_NO_SUCH_INTERFACE;
  117. }
  119. //
  120. // Make sure the interface isn't already bound
  121. //
  123. if (NAT_INTERFACE_BOUND(Interfacep)) {
  124. LeaveCriticalSection(&NatInterfaceLock);
  125. NhTrace(
  126. TRACE_FLAG_NAT,
  127. "NatBindInterface: interface %d is already bound",
  128. Index
  129. );
  130. return ERROR_ADDRESS_ALREADY_ASSOCIATED;
  131. }
  133. //
  134. // Allocate the bind-structure
  135. //
  137. Size =
  138. sizeof(IP_NAT_CREATE_INTERFACE) +
  139. SIZEOF_IP_BINDING(BindingInfo->AddressCount);
  141. CreateInterface = reinterpret_cast<PIP_NAT_CREATE_INTERFACE>(
  142. NH_ALLOCATE(Size));
  144. if (!CreateInterface) {
  145. LeaveCriticalSection(&NatInterfaceLock);
  146. NhTrace(
  147. TRACE_FLAG_NAT,
  148. "NatBindInterface: allocation failed for interface %d binding",
  149. Index
  150. );
  151. NhErrorLog(
  152. IP_NAT_LOG_ALLOCATION_FAILED,
  153. 0,
  154. "%d",
  155. Size
  156. );
  157. return ERROR_NOT_ENOUGH_MEMORY;
  158. }
  160. Interfacep->AdapterIndex =
  161. (AdapterIndex != (ULONG)-1)
  162. ? AdapterIndex
  163. : NhMapInterfaceToAdapter(Interfacep->Index);
  164. if (Interfacep->AdapterIndex == (ULONG)-1) {
  165. LeaveCriticalSection(&NatInterfaceLock);
  166. NhTrace(
  167. TRACE_FLAG_NAT,
  168. "NatBindInterface: NhMapInterfaceToAdapter failed for %d",
  169. Index
  170. );
  171. return ERROR_INVALID_INDEX;
  172. }
  173. CreateInterface->Index = Interfacep->AdapterIndex;
  174. CopyMemory(
  175. CreateInterface->BindingInfo,
  176. BindingInfo,
  177. SIZEOF_IP_BINDING(BindingInfo->AddressCount)
  178. );
  180. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  181. if (WaitEvent == NULL) {
  182. LeaveCriticalSection(&NatInterfaceLock);
  183. NhTrace(
  184. TRACE_FLAG_NAT,
  185. "NatBindInterface: CreateEvent failed [%d] for interface %d",
  186. GetLastError(),
  187. Index
  188. );
  189. return ERROR_NOT_ENOUGH_MEMORY;
  190. }
  192. //
  193. // Install the interface
  194. //
  196. status =
  197. NtDeviceIoControlFile(
  198. NatFileHandle,
  199. WaitEvent,
  200. NULL,
  201. NULL,
  202. &IoStatus,
  203. IOCTL_IP_NAT_CREATE_INTERFACE,
  204. (PVOID)CreateInterface,
  205. Size,
  206. NULL,
  207. 0
  208. );
  209. if (status == STATUS_PENDING) {
  210. WaitForSingleObject(WaitEvent, INFINITE);
  211. status = IoStatus.Status;
  212. }
  213. NH_FREE(CreateInterface);
  215. if (!NT_SUCCESS(status)) {
  216. CloseHandle(WaitEvent);
  217. LeaveCriticalSection(&NatInterfaceLock);
  218. NhTrace(
  219. TRACE_FLAG_NAT,
  220. "NatBindInterface: status %08x binding interface %d",
  221. status,
  222. Index
  223. );
  224. Error = RtlNtStatusToDosError(status);
  225. NhErrorLog(
  226. IP_NAT_LOG_IOCTL_FAILED,
  227. Error,
  228. ""
  229. );
  230. return Error;
  231. }
  233. //
  234. // Now set its configuration
  235. //
  237. Interfacep->Info->Index = Interfacep->AdapterIndex;
  238. Size =
  239. FIELD_OFFSET(IP_NAT_INTERFACE_INFO, Header) +
  240. Interfacep->Info->Header.Size;
  242. status =
  243. NtDeviceIoControlFile(
  244. NatFileHandle,
  245. WaitEvent,
  246. NULL,
  247. NULL,
  248. &IoStatus,
  249. IOCTL_IP_NAT_SET_INTERFACE_INFO,
  250. (PVOID)Interfacep->Info,
  251. Size,
  252. NULL,
  253. 0
  254. );
  255. if (status == STATUS_PENDING) {
  256. WaitForSingleObject(WaitEvent, INFINITE);
  257. status = IoStatus.Status;
  258. }
  260. if (!NT_SUCCESS(status)) {
  261. ULONG AdapterIndex = Interfacep->AdapterIndex;
  262. LeaveCriticalSection(&NatInterfaceLock);
  263. NhTrace(
  264. TRACE_FLAG_NAT,
  265. "NatBindInterface: status %08x setting info for interface %d (%d)",
  266. status,
  267. Index,
  268. AdapterIndex
  269. );
  270. Error = RtlNtStatusToDosError(status);
  271. NhErrorLog(
  272. IP_NAT_LOG_IOCTL_FAILED,
  273. Error,
  274. ""
  275. );
  276. status =
  277. NtDeviceIoControlFile(
  278. NatFileHandle,
  279. WaitEvent,
  280. NULL,
  281. NULL,
  282. &IoStatus,
  283. IOCTL_IP_NAT_DELETE_INTERFACE,
  284. (PVOID)&AdapterIndex,
  285. sizeof(ULONG),
  286. NULL,
  287. 0
  288. );
  289. if (status == STATUS_PENDING) {
  290. WaitForSingleObject(WaitEvent, INFINITE);
  291. status = IoStatus.Status;
  292. }
  293. CloseHandle(WaitEvent);
  294. return Error;
  295. }
  297. Interfacep->Flags |= NAT_INTERFACE_FLAG_BOUND;
  299. if (Interfacep->Type == ROUTER_IF_TYPE_DEDICATED) {
  300. NatUpdateProxyArp(Interfacep, TRUE);
  301. }
  303. CloseHandle(WaitEvent);
  305. LeaveCriticalSection(&NatInterfaceLock);
  307. return Error;
  309. } // NatBindInterface
  312. ULONG
  313. NatConfigureDriver(
  314. PIP_NAT_GLOBAL_INFO GlobalInfo
  315. )
  317. /*++
  319. Routine Description:
  321. This routine is called to update the configuration for the NAT driver.
  323. Arguments:
  325. GlobalInfo - the new configuration for the NAT.
  327. Return Value:
  329. ULONG - Win32 status code.
  331. --*/
  333. {
  334. ULONG Error = NO_ERROR;
  335. IO_STATUS_BLOCK IoStatus;
  336. NTSTATUS status;
  337. HANDLE WaitEvent;
  339. PROFILE("NatConfigureDriver");
  341. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  342. if (WaitEvent == NULL) {
  343. NhTrace(
  344. TRACE_FLAG_NAT,
  345. "NatConfigureDriver: CreateEvent failed [%d]",
  346. GetLastError()
  347. );
  348. return ERROR_NOT_ENOUGH_MEMORY;
  349. }
  351. //
  352. // Attempt to configure the driver
  353. //
  355. EnterCriticalSection(&NatInterfaceLock);
  356. status =
  357. NtDeviceIoControlFile(
  358. NatFileHandle,
  359. WaitEvent,
  360. NULL,
  361. NULL,
  362. &IoStatus,
  363. IOCTL_IP_NAT_SET_GLOBAL_INFO,
  364. (PVOID)GlobalInfo,
  365. FIELD_OFFSET(IP_NAT_GLOBAL_INFO, Header) + GlobalInfo->Header.Size,
  366. NULL,
  367. 0
  368. );
  369. if (status == STATUS_PENDING) {
  370. WaitForSingleObject(WaitEvent, INFINITE);
  371. status = IoStatus.Status;
  372. }
  373. LeaveCriticalSection(&NatInterfaceLock);
  375. if (!NT_SUCCESS(status)) {
  376. NhTrace(
  377. TRACE_FLAG_NAT,
  378. "NatConfigureDriver: status %08x setting global info",
  379. status
  380. );
  381. Error = RtlNtStatusToDosError(status);
  382. NhErrorLog(
  383. IP_NAT_LOG_IOCTL_FAILED,
  384. Error,
  385. ""
  386. );
  387. }
  389. CloseHandle(WaitEvent);
  391. return Error;
  393. } // NatConfigureDriver
  396. ULONG
  397. NatConfigureInterface(
  398. ULONG Index,
  399. PIP_NAT_INTERFACE_INFO InterfaceInfo
  400. )
  402. /*++
  404. Routine Description:
  406. This routine is invoked to set the configuration for a NAT interface.
  408. Arguments:
  410. Index - the interface to be configured
  412. InterfaceInfo - the configuration for the interface
  414. Return Value:
  416. ULONG - Win32 status code.
  418. --*/
  420. {
  421. ULONG Error;
  422. PIP_NAT_INTERFACE_INFO Info;
  423. PNAT_INTERFACE Interfacep;
  424. IO_STATUS_BLOCK IoStatus;
  425. ULONG Size;
  426. NTSTATUS status;
  428. PROFILE("NatConfigureInterface");
  430. if (!InterfaceInfo) {
  431. NhTrace(
  432. TRACE_FLAG_NAT,
  433. "NatConfigureInterface: no interface info for %d",
  434. Index
  435. );
  436. return ERROR_INVALID_PARAMETER;
  437. }
  439. //
  440. // Make a copy of the information
  441. //
  443. Size =
  444. FIELD_OFFSET(IP_NAT_INTERFACE_INFO, Header) +
  445. InterfaceInfo->Header.Size;
  447. Info = (PIP_NAT_INTERFACE_INFO)NH_ALLOCATE(Size);
  449. if (!Info) {
  450. NhTrace(
  451. TRACE_FLAG_NAT,
  452. "NatConfigureInterface: error allocating copy of configuration"
  453. );
  454. NhErrorLog(
  455. IP_NAT_LOG_ALLOCATION_FAILED,
  456. 0,
  457. "%d",
  458. Size
  459. );
  460. return ERROR_NOT_ENOUGH_MEMORY;
  461. }
  463. CopyMemory(
  464. Info,
  465. InterfaceInfo,
  466. Size
  467. );
  469. //
  470. // Look up the interface to be configured
  471. //
  473. EnterCriticalSection(&NatInterfaceLock);
  474. if (!(Interfacep = NatpLookupInterface(Index, NULL))) {
  475. LeaveCriticalSection(&NatInterfaceLock);
  476. NhTrace(
  477. TRACE_FLAG_NAT,
  478. "NatConfigureInterface: interface %d not found",
  479. Index
  480. );
  481. NH_FREE(Info);
  482. return ERROR_NO_SUCH_INTERFACE;
  483. }
  485. //
  486. // See if the configuration changed
  487. //
  489. if ((Size ==
  490. FIELD_OFFSET(IP_NAT_INTERFACE_INFO, Header) +
  491. Interfacep->Info->Header.Size) &&
  492. memcmp(InterfaceInfo, Interfacep->Info, Size) == 0
  493. ) {
  494. LeaveCriticalSection(&NatInterfaceLock);
  495. NhTrace(
  496. TRACE_FLAG_NAT,
  497. "NatConfigureInterface: no change to interface %d configuration",
  498. Index
  499. );
  500. NH_FREE(Info);
  501. return NO_ERROR;
  502. }
  505. //
  506. // See if the interface is bound;
  507. // if so we need to update the kernel-mode driver's configuration.
  508. //
  510. if (!NAT_INTERFACE_BOUND(Interfacep)) {
  511. status = STATUS_SUCCESS;
  512. } else {
  513. HANDLE WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  515. if (WaitEvent != NULL) {
  516. Info->Index = Interfacep->AdapterIndex;
  518. //
  519. // Attempt to configure the interface
  520. //
  522. status =
  523. NtDeviceIoControlFile(
  524. NatFileHandle,
  525. WaitEvent,
  526. NULL,
  527. NULL,
  528. &IoStatus,
  529. IOCTL_IP_NAT_SET_INTERFACE_INFO,
  530. (PVOID)Info,
  531. Size,
  532. NULL,
  533. 0
  534. );
  535. if (status == STATUS_PENDING) {
  536. WaitForSingleObject(WaitEvent, INFINITE);
  537. status = IoStatus.Status;
  538. }
  539. CloseHandle(WaitEvent);
  540. } else {
  541. status = STATUS_UNSUCCESSFUL;
  542. NhTrace(
  543. TRACE_FLAG_NAT,
  544. "NatConfigureInterface: CreateEvent failed [%d]",
  545. GetLastError()
  546. );
  547. }
  548. }
  550. if (!NT_SUCCESS(status)) {
  551. NH_FREE(Info);
  552. NhTrace(
  553. TRACE_FLAG_NAT,
  554. "NatConfigureInterface: status %08x setting interface info",
  555. status
  556. );
  557. Error = RtlNtStatusToDosError(status);
  558. NhErrorLog(
  559. IP_NAT_LOG_IOCTL_FAILED,
  560. Error,
  561. ""
  562. );
  563. } else {
  564. Error = NO_ERROR;
  566. //
  567. // Update proxy ARP entries for LAN interfaces
  568. //
  570. if (NAT_INTERFACE_BOUND(Interfacep) &&
  571. Interfacep->Type == ROUTER_IF_TYPE_DEDICATED
  572. ) {
  573. NatUpdateProxyArp(Interfacep, FALSE);
  574. }
  576. if (Interfacep->Info) { NH_FREE(Interfacep->Info); }
  577. Interfacep->Info = Info;
  579. if (NAT_INTERFACE_BOUND(Interfacep) &&
  580. Interfacep->Type == ROUTER_IF_TYPE_DEDICATED
  581. ) {
  582. NatUpdateProxyArp(Interfacep, TRUE);
  583. }
  584. }
  586. LeaveCriticalSection(&NatInterfaceLock);
  588. if (NT_SUCCESS(status)) {
  589. if (InterfaceInfo->Flags & IP_NAT_INTERFACE_FLAGS_BOUNDARY) {
  590. NhSignalNatInterface(
  591. Index,
  592. TRUE
  593. );
  594. } else {
  595. NhSignalNatInterface(
  596. Index,
  597. FALSE
  598. );
  599. }
  600. }
  602. return Error;
  604. } // NatConfigureInterface
  607. ULONG
  608. NatCreateInterface(
  609. ULONG Index,
  610. NET_INTERFACE_TYPE Type,
  611. PIP_NAT_INTERFACE_INFO InterfaceInfo
  612. )
  614. /*++
  616. Routine Description:
  618. This routine is invoked to create an interface with the NAT driver.
  620. Arguments:
  622. Index - the index of the new interface
  624. InterfaceInfo - the configuration for the new interface
  626. Return Value:
  628. ULONG - Win32 status code.
  630. --*/
  632. {
  633. ULONG Error;
  634. PIP_NAT_INTERFACE_INFO Info;
  635. PLIST_ENTRY InsertionPoint;
  636. PNAT_INTERFACE Interfacep;
  637. IO_STATUS_BLOCK IoStatus;
  638. ULONG Size;
  639. NTSTATUS status;
  640. ROUTER_INTERFACE_TYPE IfType;
  642. PROFILE("NatCreateInterface");
  644. if (!InterfaceInfo) {
  645. NhTrace(
  646. TRACE_FLAG_NAT,
  647. "NatCreateInterface: no interface info for %d",
  648. Index
  649. );
  650. return ERROR_INVALID_PARAMETER;
  651. }
  653. //
  654. // Check for the interface in our table
  655. //
  657. EnterCriticalSection(&NatInterfaceLock);
  658. if (NatpLookupInterface(Index, &InsertionPoint)) {
  659. LeaveCriticalSection(&NatInterfaceLock);
  660. NhTrace(
  661. TRACE_FLAG_NAT,
  662. "NatCreateInterface: interface %d already exists",
  663. Index
  664. );
  665. return ERROR_INTERFACE_ALREADY_EXISTS;
  666. }
  668. //
  669. // Allocate a new interface
  670. //
  672. Interfacep =
  673. reinterpret_cast<PNAT_INTERFACE>(NH_ALLOCATE(sizeof(NAT_INTERFACE)));
  675. if (!Interfacep) {
  676. LeaveCriticalSection(&NatInterfaceLock);
  677. NhTrace(
  678. TRACE_FLAG_NAT,
  679. "NatCreateInterface: error allocating interface"
  680. );
  681. NhErrorLog(
  682. IP_NAT_LOG_ALLOCATION_FAILED,
  683. 0,
  684. "%d",
  685. sizeof(NAT_INTERFACE)
  686. );
  687. return ERROR_NOT_ENOUGH_MEMORY;
  688. }
  690. //
  691. // Make a copy of the information
  692. //
  694. Size =
  695. FIELD_OFFSET(IP_NAT_INTERFACE_INFO, Header) +
  696. InterfaceInfo->Header.Size;
  698. Info = (PIP_NAT_INTERFACE_INFO)NH_ALLOCATE(Size);
  700. if (!Info) {
  701. LeaveCriticalSection(&NatInterfaceLock);
  702. NH_FREE(Interfacep);
  703. NhTrace(
  704. TRACE_FLAG_NAT,
  705. "NatCreateInterface: error allocating copy of configuration"
  706. );
  707. return ERROR_NOT_ENOUGH_MEMORY;
  708. }
  710. CopyMemory(
  711. Info,
  712. InterfaceInfo,
  713. Size
  714. );
  716. //
  717. // Initialize the new interface
  718. //
  720. ZeroMemory(Interfacep, sizeof(*Interfacep));
  722. Interfacep->Index = Index;
  723. Interfacep->AdapterIndex = (ULONG)-1;
  724. Interfacep->Type = IfType =
  725. ((Type == PERMANENT)
  726. ? ROUTER_IF_TYPE_DEDICATED
  727. : ROUTER_IF_TYPE_FULL_ROUTER);
  728. Interfacep->Info = Info;
  729. InsertTailList(InsertionPoint, &Interfacep->Link);
  731. LeaveCriticalSection(&NatInterfaceLock);
  733. if (InterfaceInfo->Flags & IP_NAT_INTERFACE_FLAGS_BOUNDARY) {
  734. NhSignalNatInterface(
  735. Index,
  736. TRUE
  737. );
  738. } else {
  739. NhSignalNatInterface(
  740. Index,
  741. FALSE
  742. );
  743. }
  745. return NO_ERROR;
  747. } // NatCreateInterface
  750. ULONG
  751. NatCreateTicket(
  752. ULONG InterfaceIndex,
  753. UCHAR Protocol,
  754. USHORT PublicPort,
  755. ULONG PublicAddress,
  756. USHORT PrivatePort,
  757. ULONG PrivateAddress
  758. )
  760. /*++
  762. Routine Description:
  764. This routine is invoked to add a ticket (static port mapping)
  765. to an interface.
  767. Arguments:
  769. InterfaceIndex - the interface to which to add the ticket
  771. Protocol, PublicPort, PublicAddress, PrivatePort, PrivateAddress -
  772. describes the ticket to be created
  774. Return Value:
  776. ULONG - Win32 status code.
  778. --*/
  780. {
  781. IP_NAT_CREATE_TICKET CreateTicket;
  782. ULONG Error;
  783. IO_STATUS_BLOCK IoStatus;
  784. NTSTATUS status;
  785. HANDLE WaitEvent;
  787. PROFILE("NatCreateTicket");
  789. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  790. if (WaitEvent == NULL) {
  791. NhTrace(
  792. TRACE_FLAG_NAT,
  793. "NatCreateTicket: CreateEvent failed [%d]",
  794. GetLastError()
  795. );
  796. return ERROR_NOT_ENOUGH_MEMORY;
  797. }
  799. CreateTicket.InterfaceIndex = InterfaceIndex;
  800. CreateTicket.PortMapping.Protocol = Protocol;
  801. CreateTicket.PortMapping.PublicPort = PublicPort;
  802. CreateTicket.PortMapping.PublicAddress = PublicAddress;
  803. CreateTicket.PortMapping.PrivatePort = PrivatePort;
  804. CreateTicket.PortMapping.PrivateAddress = PrivateAddress;
  806. EnterCriticalSection(&NatInterfaceLock);
  808. status =
  809. NtDeviceIoControlFile(
  810. NatFileHandle,
  811. WaitEvent,
  812. NULL,
  813. NULL,
  814. &IoStatus,
  815. IOCTL_IP_NAT_CREATE_TICKET,
  816. (PVOID)&CreateTicket,
  817. sizeof(CreateTicket),
  818. NULL,
  819. 0
  820. );
  822. LeaveCriticalSection(&NatInterfaceLock);
  824. if (status == STATUS_PENDING) {
  825. WaitForSingleObject(WaitEvent, INFINITE);
  826. status = IoStatus.Status;
  827. }
  829. if (NT_SUCCESS(status)) {
  830. Error = NO_ERROR;
  831. } else {
  832. Error = RtlNtStatusToDosError(status);
  833. NhTrace(
  834. TRACE_FLAG_NAT,
  835. "NatCreateTicket: Ioctl = %d",
  836. Error
  837. );
  838. }
  840. CloseHandle(WaitEvent);
  842. return Error;
  843. } // NatCreateTicket
  846. ULONG
  847. NatDeleteInterface(
  848. ULONG Index
  849. )
  851. /*++
  853. Routine Description:
  855. This routine is invoked to remove an interface from the NAT.
  857. Arguments:
  859. Index - the interface to be removed
  861. Return Value:
  863. ULONG - Win32 status code.
  865. --*/
  867. {
  868. ULONG Error;
  869. PNAT_INTERFACE Interfacep;
  870. IO_STATUS_BLOCK IoStatus;
  871. NTSTATUS status;
  872. HANDLE WaitEvent;
  874. PROFILE("NatDeleteInterface");
  876. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  877. if (WaitEvent == NULL) {
  878. NhTrace(
  879. TRACE_FLAG_NAT,
  880. "NatDeleteInterface: CreateEvent failed [%d]",
  881. GetLastError()
  882. );
  883. return ERROR_NOT_ENOUGH_MEMORY;
  884. }
  886. //
  887. // Retrieve the interface to be deleted.
  888. //
  890. EnterCriticalSection(&NatInterfaceLock);
  891. if (!(Interfacep = NatpLookupInterface(Index, NULL))) {
  892. LeaveCriticalSection(&NatInterfaceLock);
  893. CloseHandle(WaitEvent);
  894. NhTrace(
  895. TRACE_FLAG_NAT,
  896. "NatDeleteInterface: interface %d not found",
  897. Index
  898. );
  899. return ERROR_NO_SUCH_INTERFACE;
  900. }
  902. Error = NO_ERROR;
  903. if (NAT_INTERFACE_BOUND(Interfacep)) {
  905. //
  906. // Delete the interface from the kernel-mode driver
  907. //
  909. status =
  910. NtDeviceIoControlFile(
  911. NatFileHandle,
  912. WaitEvent,
  913. NULL,
  914. NULL,
  915. &IoStatus,
  916. IOCTL_IP_NAT_DELETE_INTERFACE,
  917. (PVOID)&Interfacep->AdapterIndex,
  918. sizeof(ULONG),
  919. NULL,
  920. 0
  921. );
  922. if (status == STATUS_PENDING) {
  923. WaitForSingleObject(WaitEvent, INFINITE);
  924. status = IoStatus.Status;
  925. }
  927. if (NT_SUCCESS(status)) {
  928. Error = NO_ERROR;
  929. } else {
  930. Error = RtlNtStatusToDosError(status);
  931. NhErrorLog(
  932. IP_NAT_LOG_IOCTL_FAILED,
  933. Error,
  934. ""
  935. );
  936. }
  937. }
  938. CloseHandle(WaitEvent);
  940. //
  941. // Remove the interface from our list
  942. //
  944. RemoveEntryList(&Interfacep->Link);
  945. if (Interfacep->Info) {
  946. NH_FREE(Interfacep->Info);
  947. }
  948. NH_FREE(Interfacep);
  950. LeaveCriticalSection(&NatInterfaceLock);
  952. NhSignalNatInterface(
  953. Index,
  954. FALSE
  955. );
  957. return Error;
  959. } // NatDeleteInterface
  962. ULONG
  963. NatDeleteTicket(
  964. ULONG InterfaceIndex,
  965. UCHAR Protocol,
  966. USHORT PublicPort,
  967. ULONG PublicAddress,
  968. USHORT PrivatePort,
  969. ULONG PrivateAddress
  970. )
  972. /*++
  974. Routine Description:
  976. This routine is invoked to remove a ticket (static port mapping)
  977. from an interface.
  979. Arguments:
  981. InterfaceIndex - the interface from which to remove the ticket
  983. Protocol, PublicPort, PublicAddress, PrivatePort, PrivateAddress -
  984. describes the ticket to be deleted
  986. Return Value:
  988. ULONG - Win32 status code.
  990. --*/
  992. {
  993. IP_NAT_CREATE_TICKET DeleteTicket;
  994. ULONG Error;
  995. IO_STATUS_BLOCK IoStatus;
  996. NTSTATUS status;
  997. HANDLE WaitEvent;
  999. PROFILE("NatDeleteTicket");
  1001. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1002. if (WaitEvent == NULL) {
  1003. NhTrace(
  1004. TRACE_FLAG_NAT,
  1005. "NatDeleteTicket: CreateEvent failed [%d]",
  1006. GetLastError()
  1007. );
  1008. return ERROR_NOT_ENOUGH_MEMORY;
  1009. }
  1011. DeleteTicket.InterfaceIndex = InterfaceIndex;
  1012. DeleteTicket.PortMapping.Protocol = Protocol;
  1013. DeleteTicket.PortMapping.PublicPort = PublicPort;
  1014. DeleteTicket.PortMapping.PublicAddress = PublicAddress;
  1015. DeleteTicket.PortMapping.PrivatePort = PrivatePort;
  1016. DeleteTicket.PortMapping.PrivateAddress = PrivateAddress;
  1018. EnterCriticalSection(&NatInterfaceLock);
  1020. status =
  1021. NtDeviceIoControlFile(
  1022. NatFileHandle,
  1023. WaitEvent,
  1024. NULL,
  1025. NULL,
  1026. &IoStatus,
  1027. IOCTL_IP_NAT_DELETE_TICKET,
  1028. (PVOID)&DeleteTicket,
  1029. sizeof(DeleteTicket),
  1030. NULL,
  1031. 0
  1032. );
  1034. LeaveCriticalSection(&NatInterfaceLock);
  1036. if (status == STATUS_PENDING) {
  1037. WaitForSingleObject(WaitEvent, INFINITE);
  1038. status = IoStatus.Status;
  1039. }
  1041. if (NT_SUCCESS(status)) {
  1042. Error = NO_ERROR;
  1043. } else {
  1044. Error = RtlNtStatusToDosError(status);
  1045. NhTrace(
  1046. TRACE_FLAG_NAT,
  1047. "NatDeleteTicket: Ioctl = %d",
  1048. Error
  1049. );
  1050. }
  1052. CloseHandle(WaitEvent);
  1054. return Error;
  1055. } // NatDeleteTicket
  1059. ULONG
  1060. NatGetInterfaceCharacteristics(
  1061. ULONG Index
  1062. )
  1064. /*++
  1066. Routine Description:
  1068. This routine is invoked to determine whether the given interface:
  1069. 1) Is a NAT boundary interface
  1070. 2) Is a NAT private interface
  1071. 3) Has the firewall enabled
  1073. Note that this routine may be invoked even when the NAT
  1074. is neither installed nor running; it operates as expected,
  1075. since the interface list and lock are always initialized in 'DllMain'.
  1077. Arguments:
  1079. Index - the interface in question
  1081. IsNatInterface - optionally set to TRUE if the given index
  1082. is at all a NAT interface.
  1084. Return Value:
  1086. BOOLEAN - TRUE if the interface is a NAT boundary interface,
  1087. FALSE otherwise.
  1089. --*/
  1091. {
  1092. ULONG Result = 0;
  1093. PNAT_INTERFACE Interfacep;
  1094. PROFILE("NatGetInterfaceCharacteristics");
  1096. EnterCriticalSection(&NatInterfaceLock);
  1098. if (!(Interfacep = NatpLookupInterface(Index, NULL))) {
  1099. LeaveCriticalSection(&NatInterfaceLock);
  1100. return Result;
  1101. }
  1103. if (Interfacep->Info &&
  1104. (Interfacep->Info->Flags & IP_NAT_INTERFACE_FLAGS_FW)) {
  1105. Result = NAT_IF_CHAR_FW;
  1106. }
  1108. if (Interfacep->Info &&
  1109. (Interfacep->Info->Flags & IP_NAT_INTERFACE_FLAGS_BOUNDARY)) {
  1111. Result |= NAT_IF_CHAR_BOUNDARY;
  1112. } else if (!NAT_IFC_FW(Result)) {
  1114. //
  1115. // As the interface isn't public and isn't firewalled, it must
  1116. // be a private interface (or we wouldn't have a record of it).
  1117. //
  1119. Result |= NAT_IF_CHAR_PRIVATE;
  1120. }
  1122. LeaveCriticalSection(&NatInterfaceLock);
  1124. return Result;
  1125. } // NatGetInterfaceCharacteristics
  1128. VOID
  1129. NatInstallApplicationSettings(
  1130. VOID
  1131. )
  1133. /*++
  1135. Routine Description:
  1137. This routine is invoked to update the application settings
  1138. (i.e., dynamic tickets) stored with the kernel-mode translation module.
  1140. Arguments:
  1142. none
  1144. Return Value:
  1146. none.
  1148. --*/
  1150. {
  1151. PNAT_APP_ENTRY pAppEntry;
  1152. ULONG Count;
  1153. PIP_NAT_CREATE_DYNAMIC_TICKET CreateTicket;
  1154. IO_STATUS_BLOCK IoStatus;
  1155. ULONG Length;
  1156. PLIST_ENTRY Link;
  1157. NTSTATUS status;
  1158. HANDLE WaitEvent;
  1160. PROFILE("NatInstallApplicationSettings");
  1162. //
  1163. // Install a dynamic ticket for each entry in the applications list
  1164. //
  1166. EnterCriticalSection(&NatInterfaceLock);
  1167. EnterCriticalSection(&NhLock);
  1169. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1170. if (WaitEvent == NULL) {
  1171. LeaveCriticalSection(&NhLock);
  1172. LeaveCriticalSection(&NatInterfaceLock);
  1173. NhTrace(
  1174. TRACE_FLAG_NAT,
  1175. "NatInstallSharedAccessSettings: CreateEvent failed [%d]",
  1176. GetLastError()
  1177. );
  1178. return;
  1179. }
  1181. for (Link = NhApplicationSettingsList.Flink;
  1182. Link != &NhApplicationSettingsList;
  1183. Link = Link->Flink)
  1184. {
  1186. //
  1187. // Each 'application' has a list of 'responses' which specify
  1188. // the ports on which response-sessions are expected.
  1189. // Enumerate the responses and allocate a ticket-structure
  1190. // large enough to hold the list as an array.
  1191. //
  1193. pAppEntry = CONTAINING_RECORD(Link, NAT_APP_ENTRY, Link);
  1195. Length =
  1196. pAppEntry->ResponseCount * sizeof(CreateTicket->ResponseArray[0]) +
  1197. FIELD_OFFSET(IP_NAT_CREATE_DYNAMIC_TICKET, ResponseArray);
  1199. if (!(CreateTicket =
  1200. reinterpret_cast<PIP_NAT_CREATE_DYNAMIC_TICKET>(
  1201. NH_ALLOCATE(Length)
  1202. )))
  1203. { break; }
  1205. //
  1206. // Fill in the ticket structure from the application entry
  1207. // and its list of response-entries.
  1208. //
  1210. CreateTicket->Protocol = pAppEntry->Protocol;
  1211. CreateTicket->Port = pAppEntry->Port;
  1212. CreateTicket->ResponseCount = pAppEntry->ResponseCount;
  1214. for (Count = 0; Count < pAppEntry->ResponseCount; Count++)
  1215. {
  1216. CreateTicket->ResponseArray[Count].Protocol =
  1217. pAppEntry->ResponseArray[Count].ucIPProtocol;
  1218. CreateTicket->ResponseArray[Count].StartPort =
  1219. pAppEntry->ResponseArray[Count].usStartPort;
  1220. CreateTicket->ResponseArray[Count].EndPort =
  1221. pAppEntry->ResponseArray[Count].usEndPort;
  1222. }
  1224. //
  1225. // Install the dynamic ticket for this application, and continue.
  1226. //
  1228. status = NtDeviceIoControlFile(
  1229. NatFileHandle,
  1230. WaitEvent,
  1231. NULL,
  1232. NULL,
  1233. &IoStatus,
  1234. IOCTL_IP_NAT_CREATE_DYNAMIC_TICKET,
  1235. (PVOID)CreateTicket,
  1236. Length,
  1237. NULL,
  1238. 0
  1239. );
  1240. if (status == STATUS_PENDING) {
  1241. WaitForSingleObject(WaitEvent, INFINITE);
  1242. status = IoStatus.Status;
  1243. }
  1244. NH_FREE(CreateTicket);
  1245. }
  1247. LeaveCriticalSection(&NhLock);
  1248. LeaveCriticalSection(&NatInterfaceLock);
  1250. CloseHandle(WaitEvent);
  1251. } // NatInstallApplicationSettings
  1254. BOOLEAN
  1255. NatIsBoundaryInterface(
  1256. ULONG Index,
  1257. PBOOLEAN IsNatInterface OPTIONAL
  1258. )
  1260. /*++
  1262. Routine Description:
  1264. This routine is invoked to determine whether the given interface
  1265. has the NAT enabled and is marked as a boundary interface.
  1266. Note that this routine may be invoked even when the NAT
  1267. is neither installed nor running; it operates as expected,
  1268. since the interface list and lock are always initialized in 'DllMain'.
  1270. Arguments:
  1272. Index - the interface in question
  1274. IsNatInterface - optionally set to TRUE if the given index
  1275. is at all a NAT interface.
  1277. Return Value:
  1279. BOOLEAN - TRUE if the interface is a NAT boundary interface,
  1280. FALSE otherwise.
  1282. --*/
  1284. {
  1285. PNAT_INTERFACE Interfacep;
  1286. PROFILE("NatIsBoundaryInterface");
  1288. EnterCriticalSection(&NatInterfaceLock);
  1289. if (!(Interfacep = NatpLookupInterface(Index, NULL))) {
  1290. LeaveCriticalSection(&NatInterfaceLock);
  1291. if (IsNatInterface) { *IsNatInterface = FALSE; }
  1292. return FALSE;
  1293. }
  1295. if (IsNatInterface) { *IsNatInterface = TRUE; }
  1297. if (Interfacep->Info &&
  1298. (Interfacep->Info->Flags & IP_NAT_INTERFACE_FLAGS_BOUNDARY)) {
  1299. LeaveCriticalSection(&NatInterfaceLock);
  1300. return TRUE;
  1301. }
  1302. LeaveCriticalSection(&NatInterfaceLock);
  1303. return FALSE;
  1305. } // NatIsBoundaryInterface
  1308. PNAT_INTERFACE
  1309. NatpLookupInterface(
  1310. ULONG Index,
  1311. OUT PLIST_ENTRY* InsertionPoint OPTIONAL
  1312. )
  1314. /*++
  1316. Routine Description:
  1318. This routine is called to retrieve an interface given its index.
  1320. Arguments:
  1322. Index - the index of the interface to be retrieved
  1324. InsertionPoint - if the interface is not found, optionally receives
  1325. the point where the interface would be inserted in the interface list
  1327. Return Value:
  1329. PNAT_INTERFACE - the interface, if found; otherwise, NULL.
  1331. Environment:
  1333. Invoked internally from an arbitrary context, with 'NatInterfaceLock'
  1334. held by caller.
  1336. --*/
  1338. {
  1339. PNAT_INTERFACE Interfacep;
  1340. PLIST_ENTRY Link;
  1342. PROFILE("NatpLookupInterface");
  1344. for (Link = NatInterfaceList.Flink; Link != &NatInterfaceList;
  1345. Link = Link->Flink) {
  1346. Interfacep = CONTAINING_RECORD(Link, NAT_INTERFACE, Link);
  1347. if (Index > Interfacep->Index) {
  1348. continue;
  1349. } else if (Index < Interfacep->Index) {
  1350. break;
  1351. }
  1352. return Interfacep;
  1353. }
  1355. if (InsertionPoint) { *InsertionPoint = Link; }
  1357. return NULL;
  1359. } // NatpLookupInterface
  1362. ULONG
  1363. NatQueryInterface(
  1364. ULONG Index,
  1365. PIP_NAT_INTERFACE_INFO InterfaceInfo,
  1366. PULONG InterfaceInfoSize
  1367. )
  1369. /*++
  1371. Routine Description:
  1373. This routine is invoked to retrieve the information for a NAT interface.
  1375. Arguments:
  1377. Index - the interface whose information is to be queried
  1379. InterfaceInfo - receives the information
  1381. InterfaceInfoSize - receives the information size
  1383. Return Value:
  1385. ULONG - Win32 status code.
  1387. --*/
  1389. {
  1390. ULONG Error;
  1391. PNAT_INTERFACE Interfacep;
  1392. ULONG Size;
  1394. PROFILE("NatQueryInterface");
  1396. //
  1397. // Look up the interface to be queried
  1398. //
  1400. EnterCriticalSection(&NatInterfaceLock);
  1401. if (!(Interfacep = NatpLookupInterface(Index, NULL))) {
  1402. LeaveCriticalSection(&NatInterfaceLock);
  1403. NhTrace(
  1404. TRACE_FLAG_NAT,
  1405. "NatQueryInterface: interface %d not found",
  1406. Index
  1407. );
  1408. return ERROR_NO_SUCH_INTERFACE;
  1409. }
  1411. //
  1412. // Compute the required size
  1413. //
  1415. Size =
  1416. FIELD_OFFSET(IP_NAT_INTERFACE_INFO, Header) +
  1417. Interfacep->Info->Header.Size;
  1419. if (Size >= *InterfaceInfoSize) {
  1420. *InterfaceInfoSize = Size;
  1421. Error = ERROR_INSUFFICIENT_BUFFER;
  1422. } else {
  1423. *InterfaceInfoSize = Size;
  1424. CopyMemory(
  1425. InterfaceInfo,
  1426. Interfacep->Info,
  1427. Size
  1428. );
  1429. Error = NO_ERROR;
  1430. }
  1432. LeaveCriticalSection(&NatInterfaceLock);
  1434. return Error;
  1436. } // NatQueryInterface
  1439. ULONG
  1440. NatQueryInterfaceMappingTable(
  1441. ULONG Index,
  1442. PIP_NAT_ENUMERATE_SESSION_MAPPINGS EnumerateTable,
  1443. PULONG EnumerateTableSize
  1444. )
  1446. /*++
  1448. Routine Description:
  1450. This routine is invoked to retrieve the session mappings for an interface.
  1452. Arguments:
  1454. EnumerateTable - receives the enumerated mappings
  1456. EnumerateTableSize - indicates the size of 'EnumerateTable'
  1458. Return Value:
  1460. ULONG - Win32 error code.
  1462. --*/
  1464. {
  1465. IP_NAT_ENUMERATE_SESSION_MAPPINGS Enumerate;
  1466. PNAT_INTERFACE Interfacep;
  1467. IO_STATUS_BLOCK IoStatus;
  1468. ULONG RequiredSize;
  1469. NTSTATUS status;
  1470. HANDLE WaitEvent;
  1472. PROFILE("NatQueryInterfaceMappingTable");
  1474. EnterCriticalSection(&NatInterfaceLock);
  1475. if (!(Interfacep = NatpLookupInterface(Index, NULL))) {
  1476. LeaveCriticalSection(&NatInterfaceLock);
  1477. NhTrace(
  1478. TRACE_FLAG_NAT,
  1479. "NatQueryInterfaceMappingTable: interface %d not found",
  1480. Index
  1481. );
  1482. return ERROR_NO_SUCH_INTERFACE;
  1483. }
  1485. if (!NAT_INTERFACE_BOUND(Interfacep)) {
  1487. //
  1488. // The interface is not bound, so there aren't any mappings.
  1489. // Indicate zero mappings in the caller's request-buffer.
  1490. //
  1492. LeaveCriticalSection(&NatInterfaceLock);
  1494. RequiredSize =
  1495. FIELD_OFFSET(IP_NAT_ENUMERATE_SESSION_MAPPINGS, EnumerateTable[0]);
  1497. if (*EnumerateTableSize < RequiredSize) {
  1498. *EnumerateTableSize = RequiredSize;
  1499. return ERROR_INSUFFICIENT_BUFFER;
  1500. }
  1502. EnumerateTable->Index = Index;
  1503. EnumerateTable->EnumerateContext[0] = 0;
  1504. EnumerateTable->EnumerateCount = 0;
  1505. *EnumerateTableSize = RequiredSize;
  1507. return NO_ERROR;
  1508. }
  1510. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1511. if (WaitEvent == NULL) {
  1512. LeaveCriticalSection(&NatInterfaceLock);
  1513. NhTrace(
  1514. TRACE_FLAG_NAT,
  1515. "NatQueryInterfaceMappingTable: CreateEvent failed [%d]",
  1516. GetLastError()
  1517. );
  1518. return ERROR_NOT_ENOUGH_MEMORY;
  1519. }
  1521. //
  1522. // Determine the amount of space required
  1523. //
  1525. Enumerate.Index = Interfacep->AdapterIndex;
  1526. Enumerate.EnumerateCount = 0;
  1527. Enumerate.EnumerateContext[0] = 0;
  1528. status =
  1529. NtDeviceIoControlFile(
  1530. NatFileHandle,
  1531. WaitEvent,
  1532. NULL,
  1533. NULL,
  1534. &IoStatus,
  1535. IOCTL_IP_NAT_GET_INTERFACE_MAPPING_TABLE,
  1536. (PVOID)&Enumerate,
  1537. sizeof(Enumerate),
  1538. (PVOID)&Enumerate,
  1539. sizeof(Enumerate)
  1540. );
  1541. if (status == STATUS_PENDING) {
  1542. WaitForSingleObject(WaitEvent, INFINITE);
  1543. status = IoStatus.Status;
  1544. }
  1545. if (!NT_SUCCESS(status)) {
  1546. CloseHandle(WaitEvent);
  1547. LeaveCriticalSection(&NatInterfaceLock);
  1548. *EnumerateTableSize = 0;
  1549. return RtlNtStatusToDosError(status);
  1550. }
  1552. RequiredSize =
  1553. FIELD_OFFSET(IP_NAT_ENUMERATE_SESSION_MAPPINGS, EnumerateTable[0]) +
  1554. Enumerate.EnumerateTotalHint * sizeof(IP_NAT_SESSION_MAPPING);
  1556. //
  1557. // If the caller doesn't have enough space for all these mappings, fail
  1558. //
  1560. if (*EnumerateTableSize < RequiredSize) {
  1561. CloseHandle(WaitEvent);
  1562. LeaveCriticalSection(&NatInterfaceLock);
  1563. *EnumerateTableSize = RequiredSize + 5 * sizeof(IP_NAT_SESSION_MAPPING);
  1564. return ERROR_INSUFFICIENT_BUFFER;
  1565. }
  1567. //
  1568. // Attempt to read the mappings
  1569. //
  1571. Enumerate.Index = Interfacep->AdapterIndex;
  1572. Enumerate.EnumerateCount = 0;
  1573. Enumerate.EnumerateContext[0] = 0;
  1574. status =
  1575. NtDeviceIoControlFile(
  1576. NatFileHandle,
  1577. WaitEvent,
  1578. NULL,
  1579. NULL,
  1580. &IoStatus,
  1581. IOCTL_IP_NAT_GET_INTERFACE_MAPPING_TABLE,
  1582. (PVOID)&Enumerate,
  1583. sizeof(Enumerate),
  1584. (PVOID)EnumerateTable,
  1585. *EnumerateTableSize
  1586. );
  1587. if (status == STATUS_PENDING) {
  1588. WaitForSingleObject(WaitEvent, INFINITE);
  1589. status = IoStatus.Status;
  1590. }
  1591. CloseHandle(WaitEvent);
  1592. LeaveCriticalSection(&NatInterfaceLock);
  1594. EnumerateTable->Index = Index;
  1595. *EnumerateTableSize =
  1596. FIELD_OFFSET(IP_NAT_ENUMERATE_SESSION_MAPPINGS, EnumerateTable[0]) +
  1597. EnumerateTable->EnumerateCount * sizeof(IP_NAT_SESSION_MAPPING);
  1599. return NT_SUCCESS(status) ? NO_ERROR : RtlNtStatusToDosError(status);
  1601. } // NatQueryInterfaceMappingTable
  1604. ULONG
  1605. NatQueryMappingTable(
  1606. PIP_NAT_ENUMERATE_SESSION_MAPPINGS EnumerateTable,
  1607. PULONG EnumerateTableSize
  1608. )
  1610. /*++
  1612. Routine Description:
  1614. This routine is invoked to retrieve the session mappings for an interface.
  1616. Arguments:
  1618. EnumerateTable - receives the enumerated mappings
  1620. EnumerateTableSize - indicates the size of 'EnumerateTable'
  1622. Return Value:
  1624. ULONG - Win32 error code.
  1626. --*/
  1628. {
  1629. IP_NAT_ENUMERATE_SESSION_MAPPINGS Enumerate;
  1630. IO_STATUS_BLOCK IoStatus;
  1631. ULONG RequiredSize;
  1632. NTSTATUS status;
  1633. HANDLE WaitEvent;
  1635. PROFILE("NatQueryMappingTable");
  1637. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1638. if (WaitEvent == NULL) {
  1639. NhTrace(
  1640. TRACE_FLAG_NAT,
  1641. "NatQueryMappingTable: CreateEvent failed [%d]",
  1642. GetLastError()
  1643. );
  1644. return ERROR_NOT_ENOUGH_MEMORY;
  1645. }
  1647. EnterCriticalSection(&NatInterfaceLock);
  1649. //
  1650. // Determine the amount of space required
  1651. //
  1652. Enumerate.EnumerateCount = 0;
  1653. Enumerate.EnumerateContext[0] = 0;
  1654. status =
  1655. NtDeviceIoControlFile(
  1656. NatFileHandle,
  1657. WaitEvent,
  1658. NULL,
  1659. NULL,
  1660. &IoStatus,
  1661. IOCTL_IP_NAT_GET_MAPPING_TABLE,
  1662. (PVOID)&Enumerate,
  1663. sizeof(Enumerate),
  1664. (PVOID)&Enumerate,
  1665. sizeof(Enumerate)
  1666. );
  1667. if (status == STATUS_PENDING) {
  1668. WaitForSingleObject(WaitEvent, INFINITE);
  1669. status = IoStatus.Status;
  1670. }
  1672. if (!NT_SUCCESS(status)) {
  1673. LeaveCriticalSection(&NatInterfaceLock);
  1674. CloseHandle(WaitEvent);
  1675. *EnumerateTableSize = 0;
  1676. return RtlNtStatusToDosError(status);
  1677. }
  1679. RequiredSize =
  1680. FIELD_OFFSET(IP_NAT_ENUMERATE_SESSION_MAPPINGS, EnumerateTable[0]) +
  1681. Enumerate.EnumerateTotalHint * sizeof(IP_NAT_SESSION_MAPPING);
  1683. //
  1684. // If the caller doesn't have enough space for all these mappings, fail
  1685. //
  1687. if (*EnumerateTableSize < RequiredSize) {
  1688. LeaveCriticalSection(&NatInterfaceLock);
  1689. CloseHandle(WaitEvent);
  1690. *EnumerateTableSize = RequiredSize + 5 * sizeof(IP_NAT_SESSION_MAPPING);
  1691. return ERROR_INSUFFICIENT_BUFFER;
  1692. }
  1694. //
  1695. // Attempt to read the mappings
  1696. //
  1698. Enumerate.EnumerateCount = 0;
  1699. Enumerate.EnumerateContext[0] = 0;
  1700. status =
  1701. NtDeviceIoControlFile(
  1702. NatFileHandle,
  1703. WaitEvent,
  1704. NULL,
  1705. NULL,
  1706. &IoStatus,
  1707. IOCTL_IP_NAT_GET_MAPPING_TABLE,
  1708. (PVOID)&Enumerate,
  1709. sizeof(Enumerate),
  1710. (PVOID)EnumerateTable,
  1711. *EnumerateTableSize
  1712. );
  1713. if (status == STATUS_PENDING) {
  1714. WaitForSingleObject(WaitEvent, INFINITE);
  1715. status = IoStatus.Status;
  1716. }
  1718. CloseHandle(WaitEvent);
  1720. LeaveCriticalSection(&NatInterfaceLock);
  1722. EnumerateTable->Index = (ULONG)-1;
  1723. *EnumerateTableSize =
  1724. FIELD_OFFSET(IP_NAT_ENUMERATE_SESSION_MAPPINGS, EnumerateTable[0]) +
  1725. EnumerateTable->EnumerateCount * sizeof(IP_NAT_SESSION_MAPPING);
  1727. return NT_SUCCESS(status) ? NO_ERROR : RtlNtStatusToDosError(status);
  1729. } // NatQueryMappingTable
  1732. ULONG
  1733. NatQueryStatisticsInterface(
  1734. ULONG Index,
  1735. PIP_NAT_INTERFACE_STATISTICS InterfaceStatistics,
  1736. PULONG InterfaceStatisticsSize
  1737. )
  1739. /*++
  1741. Routine Description:
  1743. This routine is invoked to retrieve the statistics for a NAT interface.
  1745. Arguments:
  1747. Index - the index of the interface whose statistics are to be retrieved
  1749. Return Value:
  1751. ULONG - Win32 error code.
  1753. --*/
  1755. {
  1756. PNAT_INTERFACE Interfacep;
  1757. IO_STATUS_BLOCK IoStatus;
  1758. NTSTATUS status;
  1759. HANDLE WaitEvent;
  1761. PROFILE("NatQueryStatisticsInterface");
  1763. //
  1764. // Look up the interface to be queried
  1765. //
  1767. EnterCriticalSection(&NatInterfaceLock);
  1768. if (!(Interfacep = NatpLookupInterface(Index, NULL))) {
  1769. LeaveCriticalSection(&NatInterfaceLock);
  1770. NhTrace(
  1771. TRACE_FLAG_NAT,
  1772. "NatQueryStatisticsInterface: interface %d not found",
  1773. Index
  1774. );
  1775. return ERROR_NO_SUCH_INTERFACE;
  1776. }
  1778. //
  1779. // If the interface is not bound, supply zero statistics.
  1780. //
  1782. if (!NAT_INTERFACE_BOUND(Interfacep)) {
  1784. LeaveCriticalSection(&NatInterfaceLock);
  1786. if (*InterfaceStatisticsSize < sizeof(IP_NAT_INTERFACE_STATISTICS)) {
  1787. *InterfaceStatisticsSize = sizeof(IP_NAT_INTERFACE_STATISTICS);
  1788. return ERROR_INSUFFICIENT_BUFFER;
  1789. }
  1791. *InterfaceStatisticsSize = sizeof(IP_NAT_INTERFACE_STATISTICS);
  1792. ZeroMemory(InterfaceStatistics, sizeof(IP_NAT_INTERFACE_STATISTICS));
  1794. return NO_ERROR;
  1795. }
  1797. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1798. if (WaitEvent == NULL) {
  1799. LeaveCriticalSection(&NatInterfaceLock);
  1800. NhTrace(
  1801. TRACE_FLAG_NAT,
  1802. "NatQueryStatisticsInterface: CreateEvent failed [%d]",
  1803. GetLastError()
  1804. );
  1805. return ERROR_NOT_ENOUGH_MEMORY;
  1806. }
  1808. //
  1809. // Attempt to read the statistics for the interface
  1810. //
  1812. status =
  1813. NtDeviceIoControlFile(
  1814. NatFileHandle,
  1815. WaitEvent,
  1816. NULL,
  1817. NULL,
  1818. &IoStatus,
  1819. IOCTL_IP_NAT_GET_INTERFACE_STATISTICS,
  1820. (PVOID)&Interfacep->AdapterIndex,
  1821. sizeof(ULONG),
  1822. (PVOID)InterfaceStatistics,
  1823. *InterfaceStatisticsSize
  1824. );
  1825. if (status == STATUS_PENDING) {
  1826. WaitForSingleObject(WaitEvent, INFINITE);
  1827. status = IoStatus.Status;
  1828. }
  1830. CloseHandle(WaitEvent);
  1832. LeaveCriticalSection(&NatInterfaceLock);
  1834. if (NT_SUCCESS(status) && IoStatus.Information > *InterfaceStatisticsSize) {
  1835. *InterfaceStatisticsSize = (ULONG)IoStatus.Information;
  1836. return ERROR_INSUFFICIENT_BUFFER;
  1837. }
  1839. *InterfaceStatisticsSize = (ULONG)IoStatus.Information;
  1841. return NT_SUCCESS(status) ? NO_ERROR : RtlNtStatusToDosError(status);
  1843. } // NatQueryStatisticsInterface
  1846. VOID
  1847. NatRemoveApplicationSettings(
  1848. VOID
  1849. )
  1851. /*++
  1853. Routine Description:
  1855. This routine is invoked to remove the advanced application settings (i.e.,
  1856. dynamic tickets), and supply the settings to the kernel-mode translation
  1857. module.
  1859. Arguments:
  1861. none.
  1863. Return Value:
  1865. none.
  1867. --*/
  1869. {
  1870. PNAT_APP_ENTRY pAppEntry;
  1871. IP_NAT_DELETE_DYNAMIC_TICKET DeleteTicket;
  1872. IO_STATUS_BLOCK IoStatus;
  1873. PLIST_ENTRY Link;
  1874. NTSTATUS status;
  1875. HANDLE WaitEvent;
  1877. PROFILE("NatRemoveApplicationSettings");
  1879. //
  1880. // Each 'application' entry in the shared access settings
  1881. // corresponds to a dynamic ticket for the kernel-mode translator.
  1882. // We begin by removing the dynamic tickets for the old settings, if any,
  1883. // and then we free the old settings in preparation for reloading.
  1884. //
  1886. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1887. if (WaitEvent == NULL) {
  1888. NhTrace(
  1889. TRACE_FLAG_NAT,
  1890. "NatRemoveSharedAccessSettings: CreateEvent failed [%d]",
  1891. GetLastError()
  1892. );
  1893. return;
  1894. }
  1896. EnterCriticalSection(&NatInterfaceLock);
  1897. EnterCriticalSection(&NhLock);
  1899. for (Link = NhApplicationSettingsList.Flink;
  1900. Link != &NhApplicationSettingsList;
  1901. Link = Link->Flink)
  1902. {
  1903. pAppEntry = CONTAINING_RECORD(Link, NAT_APP_ENTRY, Link);
  1904. DeleteTicket.Protocol = pAppEntry->Protocol;
  1905. DeleteTicket.Port = pAppEntry->Port;
  1906. status =
  1907. NtDeviceIoControlFile(
  1908. NatFileHandle,
  1909. WaitEvent,
  1910. NULL,
  1911. NULL,
  1912. &IoStatus,
  1913. IOCTL_IP_NAT_DELETE_DYNAMIC_TICKET,
  1914. (PVOID)&DeleteTicket,
  1915. sizeof(DeleteTicket),
  1916. NULL,
  1917. 0
  1918. );
  1919. if (status == STATUS_PENDING) {
  1920. WaitForSingleObject(WaitEvent, INFINITE);
  1921. status = IoStatus.Status;
  1922. }
  1923. }
  1925. LeaveCriticalSection(&NhLock);
  1926. LeaveCriticalSection(&NatInterfaceLock);
  1928. CloseHandle(WaitEvent);
  1929. } // NatRemoveSharedAccessSettings
  1932. ULONG
  1933. NatUnbindInterface(
  1934. ULONG Index,
  1935. PNAT_INTERFACE Interfacep
  1936. )
  1938. /*++
  1940. Routine Description:
  1942. This routine is invoked to remove a binding from the NAT.
  1944. Arguments:
  1946. Index - the interface to be unbound
  1948. Interfacep - optionally supplies the interface-structure to be unbound
  1949. (See 'NATCONN.C' which passes in a static interface-structure).
  1951. Return Value:
  1953. ULONG - Win32 status code.
  1955. --*/
  1957. {
  1958. ULONG Error;
  1959. IO_STATUS_BLOCK IoStatus;
  1960. NTSTATUS status;
  1961. HANDLE WaitEvent;
  1963. PROFILE("NatUnbindInterface");
  1965. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  1966. if (WaitEvent == NULL) {
  1967. NhTrace(
  1968. TRACE_FLAG_NAT,
  1969. "NatUnbindInterface: CreateEvent failed [%d]",
  1970. GetLastError()
  1971. );
  1972. return ERROR_NOT_ENOUGH_MEMORY;
  1973. }
  1975. //
  1976. // Retrieve the interface to be unbound.
  1977. //
  1979. EnterCriticalSection(&NatInterfaceLock);
  1980. if (!Interfacep && !(Interfacep = NatpLookupInterface(Index, NULL))) {
  1981. LeaveCriticalSection(&NatInterfaceLock);
  1982. NhTrace(
  1983. TRACE_FLAG_NAT,
  1984. "NatUnbindInterface: interface %d not found",
  1985. Index
  1986. );
  1987. return ERROR_NO_SUCH_INTERFACE;
  1988. }
  1990. //
  1991. // Make sure the interface is not already unbound
  1992. //
  1994. if (!NAT_INTERFACE_BOUND(Interfacep)) {
  1995. LeaveCriticalSection(&NatInterfaceLock);
  1996. NhTrace(
  1997. TRACE_FLAG_NAT,
  1998. "NatUnbindInterface: interface %d already unbound",
  1999. Index
  2000. );
  2001. return ERROR_ADDRESS_NOT_ASSOCIATED;
  2002. }
  2004. Interfacep->Flags &= ~NAT_INTERFACE_FLAG_BOUND;
  2006. if (Interfacep->Type == ROUTER_IF_TYPE_DEDICATED) {
  2007. NatUpdateProxyArp(Interfacep, FALSE);
  2008. }
  2010. //
  2011. // Remove the interface from the kernel-mode driver
  2012. //
  2014. status =
  2015. NtDeviceIoControlFile(
  2016. NatFileHandle,
  2017. WaitEvent,
  2018. NULL,
  2019. NULL,
  2020. &IoStatus,
  2021. IOCTL_IP_NAT_DELETE_INTERFACE,
  2022. (PVOID)&Interfacep->AdapterIndex,
  2023. sizeof(ULONG),
  2024. NULL,
  2025. 0
  2026. );
  2027. if (status == STATUS_PENDING) {
  2028. WaitForSingleObject(WaitEvent, INFINITE);
  2029. status = IoStatus.Status;
  2030. }
  2031. LeaveCriticalSection(&NatInterfaceLock);
  2032. CloseHandle(WaitEvent);
  2034. Error = NT_SUCCESS(status) ? NO_ERROR : RtlNtStatusToDosError(status);
  2036. if (Error) {
  2037. NhErrorLog(
  2038. IP_NAT_LOG_IOCTL_FAILED,
  2039. Error,
  2040. ""
  2041. );
  2042. }
  2044. return Error;
  2046. } // NatUnbindInterface
  2049. ULONG
  2050. NatLookupPortMappingAdapter(
  2051. ULONG AdapterIndex,
  2052. UCHAR Protocol,
  2053. ULONG PublicAddress,
  2054. USHORT PublicPort,
  2055. PIP_NAT_PORT_MAPPING PortMappingp
  2056. )
  2058. /*++
  2060. Routine Description:
  2062. This routine is invoked to find a mapping that matches the given adapter,
  2063. protocol, public address and public port number. The routine tries to
  2064. match both port and address mapping.
  2066. Arguments:
  2068. AdapterIndex - the adapter to be looked up
  2069. Protocol - protocol used to match a mapping
  2070. PublicAddress - public address used to match a mapping
  2071. PublicPort - public port number used to match a mapping
  2072. PortMappingp - pointer to a caller-supplied storage to save the mapping if
  2073. found
  2075. Return Value:
  2077. ULONG - Win32 status code.
  2079. --*/
  2081. {
  2082. IP_NAT_CREATE_TICKET LookupTicket;
  2083. ULONG Error;
  2084. IO_STATUS_BLOCK IoStatus;
  2085. NTSTATUS status;
  2086. HANDLE WaitEvent;
  2088. PROFILE("NatLookupPortMappingAdapter");
  2090. Error = NO_ERROR;
  2092. WaitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
  2093. if (WaitEvent == NULL) {
  2094. NhTrace(
  2095. TRACE_FLAG_NAT,
  2096. "NatLookupPortMappingAdapter:"
  2097. " CreateEvent failed [%d] for adapter %d",
  2098. GetLastError(),
  2099. AdapterIndex
  2100. );
  2101. return ERROR_NOT_ENOUGH_MEMORY;
  2102. }
  2104. LookupTicket.InterfaceIndex = AdapterIndex;
  2105. LookupTicket.PortMapping.Protocol = Protocol;
  2106. LookupTicket.PortMapping.PublicPort = PublicPort;
  2107. LookupTicket.PortMapping.PublicAddress = PublicAddress;
  2108. LookupTicket.PortMapping.PrivatePort = 0;
  2109. LookupTicket.PortMapping.PrivateAddress = 0;
  2111. status =
  2112. NtDeviceIoControlFile(
  2113. NatFileHandle,
  2114. WaitEvent,
  2115. NULL,
  2116. NULL,
  2117. &IoStatus,
  2118. IOCTL_IP_NAT_LOOKUP_TICKET,
  2119. (PVOID)&LookupTicket,
  2120. sizeof(LookupTicket),
  2121. (PVOID)PortMappingp,
  2122. sizeof(*PortMappingp)
  2123. );
  2124. if (status == STATUS_PENDING) {
  2125. WaitForSingleObject(WaitEvent, INFINITE);
  2126. status = IoStatus.Status;
  2127. }
  2129. if (!NT_SUCCESS(status)) {
  2130. NhTrace(
  2131. TRACE_FLAG_NAT,
  2132. "NatLookupPortMappingAdapter:"
  2133. " status %08x getting info for adapter %d",
  2134. status,
  2135. AdapterIndex
  2136. );
  2137. Error = RtlNtStatusToDosError(status);
  2138. }
  2140. CloseHandle(WaitEvent);
  2142. return Error;
  2143. }