archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/net/rras/ip/nat/mapping.h

512 lines
14 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1997 Microsoft Corporation
  5. Module Name:
  7. mapping.h
  9. Abstract:
  11. This file contains declarations for the management of dynamic mappings.
  12. This includes the relevant data structures as well as the routines for
  13. manipulating the structures.
  15. Author:
  17. Abolade Gbadegesin (t-abolag) 11-July-1997
  19. Revision History:
  21. --*/
  23. #ifndef _NAT_MAPPING_H_
  24. #define _NAT_MAPPING_H_
  26. //
  27. // Forward declaration of structure defined elsewhere
  28. //
  30. struct _NAT_INTERFACE;
  31. #define PNAT_INTERFACE struct _NAT_INTERFACE*
  33. typedef enum _NAT_SESSION_MAPPING_INFORMATION_CLASS {
  34. NatKeySessionMappingInformation,
  35. NatStatisticsSessionMappingInformation,
  36. #if _WIN32_WINNT > 0x0500
  37. NatKeySessionMappingExInformation,
  38. #endif
  39. NatMaximumSessionMappingInformation
  40. } NAT_SESSION_MAPPING_INFORMATION_CLASS,
  41. *PNAT_SESSION_MAPPING_INFORMATION_CLASS;
  44. //
  45. // Structure: NAT_DYNAMIC_MAPPING
  46. //
  47. // This structure holds information about a specific active session.
  48. // Each instance is held on the global mapping-list as well as
  49. // on the global mapping-trees for forward and reverse access.
  50. //
  51. // Each mapping stores four keys which are address/protocol/port combinations:
  52. // forward source and destination keys (the original session-endpoints),
  53. // and reverse source and destination keys (the translated endpoints).
  54. //
  55. // Each time a packet is translated using a mapping, the 'LastAccessTime'
  56. // is set to the number of ticks since system-start (KeQueryTickCount).
  57. // This value is used by our timer routine to eliminate expired mappings.
  58. //
  59. // Synchronization of access to mappings is similar to that of interfaces,
  60. // editors, and directors:
  61. //
  62. // We use a reference count to ensure the existence of a mapping,
  63. // and a spin-lock to ensure its consistency.
  64. //
  65. // The fields of a mapping are only consistent while the spinlock is held
  66. // (with the exception of fields such as 'PrivateKey' which are read-only)
  67. //
  68. // The spinlock can only be acquired if
  69. // (a) the reference-count has been incremented, or
  70. // (b) the mapping-list lock is already held.
  71. //
  72. // If the mapping is for an edited, directed, or interface's session,
  73. // it also lives on its editor's, director's or interface's list of mappings.
  74. // The following holds true of all three lists (i.e. for 'Editor' write
  75. // 'Director' or 'Interface' as appropriate):
  76. //
  77. // As described in 'EDITOR.H', the cached fields 'Editor*' are protected
  78. // by the global 'EditorMappingLock'. Hence,
  79. //
  80. // (a) to read the 'Editor' or 'EditorContext' for a mapping,
  81. // or to traverse the 'EditorLink' field, 'EditorLock' must be held
  82. // and the editor referenced. Note that the attempt to reference
  83. // the editor will fail if the editor has been marked for deletion.
  84. //
  85. // (b) to modify the 'Editor' or 'EditorContext' or to add or
  86. // remove a mapping from its editor's list of mappings by changing
  87. // the 'EditorLink' field, both 'EditorLock' and 'EditorMappingLock'
  88. // must be acquired, in that order.
  89. //
  90. // Acquisition of 'EditorLock' ensures that the cached editor will not be
  91. // deleted while being referenced, and acquisition of 'EditorMappingLock'
  92. // ensures that no changes are being made to the list.
  93. //
  94. // N.B. On the rare occasions when 'MappingLock' must be held at the same time
  95. // as one of 'InterfaceLock', 'EditorLock', and 'DirectorLock', 'MappingLock'
  96. // must always be acquired first.
  97. //
  99. typedef struct _NAT_DYNAMIC_MAPPING {
  101. LIST_ENTRY Link;
  102. RTL_SPLAY_LINKS SLink[NatMaximumPath];
  103. ULONG64 DestinationKey[NatMaximumPath]; // read-only
  104. ULONG64 SourceKey[NatMaximumPath]; // read-only
  105. LONG64 LastAccessTime;
  107. KSPIN_LOCK Lock;
  108. ULONG ReferenceCount;
  110. ULONG AccessCount[NatMaximumPath]; // interlocked-access only
  111. PNAT_TRANSLATE_ROUTINE TranslateRoutine[NatMaximumPath]; // read-only
  113. PNAT_INTERFACE Interfacep;
  114. PVOID InterfaceContext;
  115. LIST_ENTRY InterfaceLink;
  117. PNAT_EDITOR Editor;
  118. PVOID EditorContext;
  119. LIST_ENTRY EditorLink;
  121. PNAT_DIRECTOR Director;
  122. PVOID DirectorContext;
  123. LIST_ENTRY DirectorLink;
  125. ULONG Flags;
  126. ULONG IpChecksumDelta[NatMaximumPath];
  127. ULONG ProtocolChecksumDelta[NatMaximumPath];
  128. ULONG TcpSeqNumExpected[NatMaximumPath];
  129. ULONG TcpSeqNumBase[NatMaximumPath];
  130. LONG TcpSeqNumDelta[NatMaximumPath];
  132. // Maxmimum MSS value. Set to 0 if MSS adjustment is unnecessary.
  133. USHORT MaxMSS;
  135. IP_NAT_SESSION_MAPPING_STATISTICS Statistics;
  136. ULONG BytesForward; // interlocked-access only
  137. ULONG BytesReverse; // interlocked-access only
  138. ULONG PacketsForward; // interlocked-access only
  139. ULONG PacketsReverse; // interlocked-access only
  140. ULONG RejectsForward; // interlocked-access only
  141. ULONG RejectsReverse; // interlocked-access only
  143. } NAT_DYNAMIC_MAPPING, *PNAT_DYNAMIC_MAPPING;
  146. //
  147. // Definition of flags for NAT_DYNAMIC_MAPPING.Flags
  148. //
  149. // Set after a mapping has been deleted; when the last reference is released,
  150. // the mapping will be freed.
  151. //
  152. #define NAT_MAPPING_FLAG_DELETED 0x80000000
  153. #define NAT_MAPPING_DELETED(m) \
  154. ((m)->Flags & NAT_MAPPING_FLAG_DELETED)
  155. //
  156. // Set when an editor expires a mapping using 'NatEditorTimeoutSession'.
  157. //
  158. #define NAT_MAPPING_FLAG_EXPIRED 0x00000001
  159. #define NAT_MAPPING_EXPIRED(m) \
  160. ((m)->Flags & NAT_MAPPING_FLAG_EXPIRED)
  161. //
  162. // Set when the forward/reverse SYN for a TCP session is seen, respectively
  163. //
  164. #define NAT_MAPPING_FLAG_FWD_SYN 0x00000002
  165. #define NAT_MAPPING_FLAG_REV_SYN 0x00000004
  166. //
  167. // Set when the forward/reverse FIN for a TCP session is seen, respectively
  168. //
  169. #define NAT_MAPPING_FLAG_FWD_FIN 0x00000008
  170. #define NAT_MAPPING_FLAG_REV_FIN 0x00000010
  171. #define NAT_MAPPING_FIN(m) \
  172. (((m)->Flags & NAT_MAPPING_FLAG_FWD_FIN) && \
  173. ((m)->Flags & NAT_MAPPING_FLAG_REV_FIN))
  174. //
  175. // Set when an inbound mapping is created using a static address or port,
  176. // or because of a director or ticket.
  177. //
  178. #define NAT_MAPPING_FLAG_INBOUND 0x00000020
  179. #define NAT_MAPPING_INBOUND(m) \
  180. ((m)->Flags & NAT_MAPPING_FLAG_INBOUND)
  181. //
  182. // Set when a mapping is created by a director and is not subject to expiration.
  183. //
  184. #define NAT_MAPPING_FLAG_NO_TIMEOUT 0x00000040
  185. #define NAT_MAPPING_NO_TIMEOUT(m) \
  186. ((m)->Flags & NAT_MAPPING_FLAG_NO_TIMEOUT)
  187. //
  188. // Set when only forward packets are to be translated
  189. //
  190. #define NAT_MAPPING_FLAG_UNIDIRECTIONAL 0x00000080
  191. #define NAT_MAPPING_UNIDIRECTIONAL(m) \
  192. ((m)->Flags & NAT_MAPPING_FLAG_UNIDIRECTIONAL)
  194. //
  195. // Set when director-initiated dissociation should trigger deletion
  196. //
  197. #define NAT_MAPPING_FLAG_DELETE_ON_DISSOCIATE_DIRECTOR 0x00000100
  198. #define NAT_MAPPING_DELETE_ON_DISSOCIATE_DIRECTOR(m) \
  199. ((m)->Flags & NAT_MAPPING_FLAG_DELETE_ON_DISSOCIATE_DIRECTOR)
  201. //
  202. // Set on TCP mappings when the three-way handshake is complete
  203. //
  204. #define NAT_MAPPING_FLAG_TCP_OPEN 0x00000200
  205. #define NAT_MAPPING_TCP_OPEN(m) \
  206. ((m)->Flags & NAT_MAPPING_FLAG_TCP_OPEN)
  207. //
  208. // Set if the creation or deletion of this mapping should not
  209. // be logged
  210. //
  211. #define NAT_MAPPING_FLAG_DO_NOT_LOG 0x00000400
  212. #define NAT_MAPPING_DO_NOT_LOG(m) \
  213. ((m)->Flags & NAT_MAPPING_FLAG_DO_NOT_LOG)
  214. //
  215. // Set if the DF bit must be cleared for all packets that belong
  216. // to this mapping.
  217. //
  218. #define NAT_MAPPING_FLAG_CLEAR_DF_BIT 0x00000800
  219. #define NAT_MAPPING_CLEAR_DF_BIT(m) \
  220. ((m)->Flags & NAT_MAPPING_FLAG_CLEAR_DF_BIT)
  222. //
  223. // Mapping-key manipulation macros
  224. //
  226. #define MAKE_MAPPING_KEY(Key,Protocol,Address,Port) \
  227. ((Key) = \
  228. (Address) | \
  229. ((ULONG64)((Port) & 0xFFFF) << 32) | \
  230. ((ULONG64)((Protocol) & 0xFF) << 48))
  232. #define MAPPING_PROTOCOL(Key) ((UCHAR)(((Key) >> 48) & 0xFF))
  233. #define MAPPING_PORT(Key) ((USHORT)(((Key) >> 32) & 0xFFFF))
  234. #define MAPPING_ADDRESS(Key) ((ULONG)(Key))
  236. //
  237. // Resplay threshold; the mapping is resplayed every time its access-count
  238. // passes this value.
  239. //
  241. #define NAT_MAPPING_RESPLAY_THRESHOLD 5
  243. //
  244. // Defines the depth of the lookaside list for allocating dynamic mappings
  245. //
  247. #define MAPPING_LOOKASIDE_DEPTH 20
  249. //
  250. // Defines the threshold at which ad-hoc cleanup of expired mappings begins.
  251. //
  253. #define MAPPING_CLEANUP_THRESHOLD 1000
  255. //
  256. // Mapping allocation macros
  257. //
  259. #define ALLOCATE_MAPPING_BLOCK() \
  260. ExAllocateFromNPagedLookasideList(&MappingLookasideList)
  262. #define FREE_MAPPING_BLOCK(Block) \
  263. ExFreeToNPagedLookasideList(&MappingLookasideList,(Block))
  265. //
  266. // GLOBAL VARIABLE DECLARATIONS
  267. //
  269. extern ULONG ExpiredMappingCount;
  270. extern CACHE_ENTRY MappingCache[NatMaximumPath][CACHE_SIZE];
  271. extern ULONG MappingCount;
  272. extern LIST_ENTRY MappingList;
  273. extern KSPIN_LOCK MappingLock;
  274. extern NPAGED_LOOKASIDE_LIST MappingLookasideList;
  275. extern PNAT_DYNAMIC_MAPPING MappingTree[NatMaximumPath];
  278. //
  279. // MAPPING MANAGEMENT ROUTINES
  280. //
  282. PVOID
  283. NatAllocateFunction(
  284. POOL_TYPE PoolType,
  285. SIZE_T NumberOfBytes,
  286. ULONG Tag
  287. );
  289. VOID
  290. NatCleanupMapping(
  291. PNAT_DYNAMIC_MAPPING Mapping
  292. );
  294. NTSTATUS
  295. NatCreateMapping(
  296. ULONG Flags,
  297. ULONG64 DestinationKey[],
  298. ULONG64 SourceKey[],
  299. PNAT_INTERFACE Interfacep,
  300. PVOID InterfaceContext,
  301. USHORT MaxMSS,
  302. PNAT_DIRECTOR Director,
  303. PVOID DirectorContext,
  304. PNAT_DYNAMIC_MAPPING* InboundInsertionPoint,
  305. PNAT_DYNAMIC_MAPPING* OutboundInsertionPoint,
  306. PNAT_DYNAMIC_MAPPING* MappingCreated
  307. );
  309. NTSTATUS
  310. NatDeleteMapping(
  311. PNAT_DYNAMIC_MAPPING Mapping
  312. );
  314. //
  315. // BOOLEAN
  316. // NatDereferenceMapping(
  317. // PNAT_DYNAMIC_MAPPING Mapping
  318. // );
  319. //
  321. #define \
  322. NatDereferenceMapping( \
  323. _Mapping \
  324. ) \
  325. (InterlockedDecrement(&(_Mapping)->ReferenceCount) \
  326. ? TRUE \
  327. : (NatCleanupMapping(_Mapping), FALSE))
  329. //
  330. // VOID
  331. // NatExpireMapping(
  332. // PNAT_DYNAMIC_MAPPING Mapping
  333. // );
  334. //
  336. PNAT_DYNAMIC_MAPPING
  337. NatDestinationLookupForwardMapping(
  338. ULONG64 DestinationKey
  339. );
  341. PNAT_DYNAMIC_MAPPING
  342. NatDestinationLookupReverseMapping(
  343. ULONG64 DestinationKey
  344. );
  346. #define \
  347. NatExpireMapping( \
  348. _Mapping \
  349. ) \
  350. if (!NAT_MAPPING_EXPIRED(_Mapping)) { \
  351. (_Mapping)->Flags |= NAT_MAPPING_FLAG_EXPIRED; \
  352. InterlockedIncrement(&ExpiredMappingCount); \
  353. if (MappingCount > MAPPING_CLEANUP_THRESHOLD && \
  354. ExpiredMappingCount >= (MappingCount >> 2)) { \
  355. NatTriggerTimer(); \
  356. } \
  357. }
  360. VOID
  361. NatInitializeMappingManagement(
  362. VOID
  363. );
  365. PNAT_DYNAMIC_MAPPING
  366. NatInsertForwardMapping(
  367. PNAT_DYNAMIC_MAPPING Parent,
  368. PNAT_DYNAMIC_MAPPING Mapping
  369. );
  371. PNAT_DYNAMIC_MAPPING
  372. NatInsertReverseMapping(
  373. PNAT_DYNAMIC_MAPPING Parent,
  374. PNAT_DYNAMIC_MAPPING Mapping
  375. );
  377. NTSTATUS
  378. NatLookupAndQueryInformationMapping(
  379. UCHAR Protocol,
  380. ULONG DestinationAddress,
  381. USHORT DestinationPort,
  382. ULONG SourceAddress,
  383. USHORT SourcePort,
  384. OUT PVOID Information,
  385. ULONG InformationLength,
  386. NAT_SESSION_MAPPING_INFORMATION_CLASS InformationClass
  387. );
  389. PNAT_DYNAMIC_MAPPING
  390. NatLookupForwardMapping(
  391. ULONG64 DestinationKey,
  392. ULONG64 SourceKey,
  393. PNAT_DYNAMIC_MAPPING* InsertionPoint
  394. );
  396. PNAT_DYNAMIC_MAPPING
  397. NatLookupReverseMapping(
  398. ULONG64 DestinationKey,
  399. ULONG64 SourceKey,
  400. PNAT_DYNAMIC_MAPPING* InsertionPoint
  401. );
  403. VOID
  404. NatQueryInformationMapping(
  405. IN PNAT_DYNAMIC_MAPPING Mapping,
  406. OUT PUCHAR Protocol OPTIONAL,
  407. OUT PULONG PrivateAddress OPTIONAL,
  408. OUT PUSHORT PrivatePort OPTIONAL,
  409. OUT PULONG RemoteAddress OPTIONAL,
  410. OUT PUSHORT RemotePort OPTIONAL,
  411. OUT PULONG PublicAddress OPTIONAL,
  412. OUT PUSHORT PublicPort OPTIONAL,
  413. OUT PIP_NAT_SESSION_MAPPING_STATISTICS Statistics OPTIONAL
  414. );
  416. NTSTATUS
  417. NatQueryInterfaceMappingTable(
  418. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS InputBuffer,
  419. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS OutputBuffer,
  420. IN PULONG OutputBufferLength
  421. );
  423. NTSTATUS
  424. NatQueryMappingTable(
  425. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS InputBuffer,
  426. IN PIP_NAT_ENUMERATE_SESSION_MAPPINGS OutputBuffer,
  427. IN PULONG OutputBufferLength
  428. );
  430. //
  431. // BOOLEAN
  432. // NatReferenceMapping(
  433. // PNAT_DYNAMIC_MAPPING Mapping
  434. // );
  435. //
  437. #define \
  438. NatReferenceMapping( \
  439. _Mapping \
  440. ) \
  441. (NAT_MAPPING_DELETED(_Mapping) \
  442. ? FALSE \
  443. : (InterlockedIncrement(&(_Mapping)->ReferenceCount), TRUE))
  445. //
  446. // VOID
  447. // NatResplayMapping(
  448. // PNAT_DYNAMIC_MAPPING Mapping,
  449. // IP_NAT_PATH Path
  450. // );
  451. //
  453. #define \
  454. NatResplayMapping( \
  455. _Mapping, \
  456. _Path \
  457. ) \
  458. { \
  459. PRTL_SPLAY_LINKS _SLink; \
  460. KeAcquireSpinLockAtDpcLevel(&MappingLock); \
  461. if (!NAT_MAPPING_DELETED(_Mapping)) { \
  462. _SLink = RtlSplay(&(_Mapping)->SLink[_Path]); \
  463. MappingTree[_Path] = \
  464. CONTAINING_RECORD(_SLink, NAT_DYNAMIC_MAPPING, SLink[_Path]); \
  465. } \
  466. KeReleaseSpinLockFromDpcLevel(&MappingLock); \
  467. }
  469. VOID
  470. NatShutdownMappingManagement(
  471. VOID
  472. );
  474. PNAT_DYNAMIC_MAPPING
  475. NatSourceLookupForwardMapping(
  476. ULONG64 SourceKey
  477. );
  479. PNAT_DYNAMIC_MAPPING
  480. NatSourceLookupReverseMapping(
  481. ULONG64 SourceKey
  482. );
  484. //
  485. // VOID
  486. // NatTryToResplayMapping(
  487. // PNAT_DYNAMIC_MAPPING Mapping,
  488. // IP_NAT_PATH Path
  489. // );
  490. //
  492. #define \
  493. NatTryToResplayMapping( \
  494. _Mapping, \
  495. _Path \
  496. ) \
  497. if (InterlockedDecrement(&(_Mapping)->AccessCount[(_Path)]) == 0) { \
  498. NatResplayMapping((_Mapping), (_Path)); \
  499. InterlockedExchangeAdd( \
  500. &(_Mapping)->AccessCount[(_Path)], \
  501. NAT_MAPPING_RESPLAY_THRESHOLD \
  502. ); \
  503. }
  505. VOID
  506. NatUpdateStatisticsMapping(
  507. PNAT_DYNAMIC_MAPPING Mapping
  508. );
  510. #undef PNAT_INTERFACE
  512. #endif // _NAT_MAPPING_H_