archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/net/rras/ip/nat/timer.c

525 lines
13 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1997 Microsoft Corporation
  5. Module:
  7. timer.c
  9. Abstract:
  11. Contains code for the NAT's periodic-timer routine.
  13. Author:
  15. Abolade Gbadegesin (t-abolag) 22-July-1997
  17. Revision History:
  19. --*/
  21. #include "precomp.h"
  22. #pragma hdrstop
  24. //
  25. // Defines the interval at which the timer fires, in 100-nanosecond intervals
  26. //
  28. #define TIMER_INTERVAL (60 * 1000 * 1000 * 10)
  30. //
  31. // DPC object for stress-triggered invocations of NatTimerRoutine
  32. //
  34. KDPC CleanupDpcObject;
  36. //
  37. // Flag indicating whether stress-triggered cleanup has been scheduled.
  38. //
  40. ULONG CleanupDpcPending;
  42. //
  43. // Return-value of KeQueryTimeIncrement, used for normalizing tick-counts
  44. //
  46. ULONG TimeIncrement;
  48. //
  49. // DPC object for NatTimerRoutine
  50. //
  52. KDPC TimerDpcObject;
  54. //
  55. // Timer object for NatTimerRoutine
  56. //
  58. KTIMER TimerObject;
  60. //
  61. // FORWARD DECLARATIONS
  62. //
  64. VOID
  65. NatCleanupDpcRoutine(
  66. PKDPC Dpc,
  67. PVOID DeferredContext,
  68. PVOID SystemArgument1,
  69. PVOID SystemArgument2
  70. );
  72. VOID
  73. NatTimerRoutine(
  74. PKDPC Dpc,
  75. PVOID DeferredContext,
  76. PVOID SystemArgument1,
  77. PVOID SystemArgument2
  78. );
  81. VOID
  82. NatCleanupDpcRoutine(
  83. PKDPC Dpc,
  84. PVOID DeferredContext,
  85. PVOID SystemArgument1,
  86. PVOID SystemArgument2
  87. )
  88. {
  89. KIRQL Irql;
  90. PLIST_ENTRY Link;
  91. PNAT_DYNAMIC_MAPPING Mapping;
  93. KeAcquireSpinLock(&MappingLock, &Irql);
  94. for (Link = MappingList.Flink; Link != &MappingList; Link = Link->Flink) {
  95. Mapping = CONTAINING_RECORD(Link, NAT_DYNAMIC_MAPPING, Link);
  96. if (NAT_MAPPING_EXPIRED(Mapping)) {
  97. Link = Link->Blink;
  98. NatDeleteMapping(Mapping);
  99. }
  100. }
  101. KeReleaseSpinLock(&MappingLock, Irql);
  103. InterlockedExchange(&CleanupDpcPending, FALSE);
  104. }
  107. VOID
  108. NatInitializeTimerManagement(
  109. VOID
  110. )
  112. /*++
  114. Routine Description:
  116. This routine is called to initialize the timer-management module,
  117. in preparation for active operation.
  119. Arguments:
  121. none.
  123. Return Value:
  125. none.
  127. --*/
  129. {
  130. CALLTRACE(("NatInitializeTimerManagement\n"));
  131. TimeIncrement = KeQueryTimeIncrement();
  132. KeInitializeDpc(&TimerDpcObject, NatTimerRoutine, NULL);
  133. KeInitializeTimer(&TimerObject);
  134. CleanupDpcPending = FALSE;
  135. KeInitializeDpc(&CleanupDpcObject, NatCleanupDpcRoutine, NULL);
  136. } // NatInitializeTimerManagement
  139. VOID
  140. NatShutdownTimerManagement(
  141. VOID
  142. )
  144. /*++
  146. Routine Description:
  148. This routine is called to shutdown the timer management module.
  150. Arguments:
  152. none.
  154. Return Value:
  156. none.
  158. --*/
  160. {
  161. CALLTRACE(("NatShutdownTimerManagement\n"));
  162. NatStopTimer();
  163. } // NatShutdownTimerManagement
  166. VOID
  167. NatStartTimer(
  168. VOID
  169. )
  171. /*++
  173. Routine Description:
  175. This routine is invoked to start the periodic timer.
  177. Arguments:
  179. none.
  181. Return Value:
  183. none.
  185. --*/
  187. {
  188. LARGE_INTEGER DueTime;
  190. //
  191. // Launch the periodic timer
  192. //
  194. DueTime.LowPart = TIMER_INTERVAL;
  195. DueTime.HighPart = 0;
  196. DueTime = RtlLargeIntegerNegate(DueTime);
  197. KeSetTimerEx(
  198. &TimerObject,
  199. DueTime,
  200. TIMER_INTERVAL / 10000,
  201. &TimerDpcObject
  202. );
  203. }
  206. VOID
  207. NatStopTimer(
  208. VOID
  209. )
  211. /*++
  213. Routine Description:
  215. This routine is invoked to stop the periodic timer.
  217. Arguments:
  219. none.
  221. Return Value:
  223. none.
  225. --*/
  227. {
  228. KeCancelTimer(&TimerObject);
  229. }
  232. VOID
  233. NatTimerRoutine(
  234. PKDPC Dpc,
  235. PVOID DeferredContext,
  236. PVOID SystemArgument1,
  237. PVOID SystemArgument2
  238. )
  240. /*++
  242. Routine Description:
  244. This routine is invoked periodically to garbage-collect expired mappings.
  246. Arguments:
  248. Dpc - associated DPC object
  250. DeferredContext - unused.
  252. SystemArgument1 - unused.
  254. SystemArgument2 - unused.
  256. Return Value:
  258. none.
  260. --*/
  262. {
  263. LONG64 CurrentTime;
  264. PNAT_EDITOR Editor;
  265. PNAT_ICMP_MAPPING IcmpMapping;
  266. PNAT_INTERFACE Interfacep;
  267. PNAT_IP_MAPPING IpMapping;
  268. KIRQL Irql;
  269. PLIST_ENTRY Link;
  270. PNAT_DYNAMIC_MAPPING Mapping;
  271. PNAT_PPTP_MAPPING PptpMapping;
  272. UCHAR Protocol;
  273. PRTL_SPLAY_LINKS SLink;
  274. PNAT_TICKET Ticketp;
  275. LONG64 Timeout;
  276. LONG64 TcpMinAccessTime;
  277. LONG64 UdpMinAccessTime;
  279. CALLTRACE(("NatTimerRoutine\n"));
  281. //
  282. // Compute the minimum values allowed in TCP/UDP 'LastAccessTime' fields;
  283. // any mappings last accessed before these thresholds will be eliminated.
  284. //
  286. KeQueryTickCount((PLARGE_INTEGER)&CurrentTime);
  287. TcpMinAccessTime = CurrentTime - SECONDS_TO_TICKS(TcpTimeoutSeconds);
  288. UdpMinAccessTime = CurrentTime - SECONDS_TO_TICKS(UdpTimeoutSeconds);
  290. //
  291. // Update mapping statistics and clean out expired mappings,
  292. // using the above precomputed minimum access times
  293. //
  295. KeAcquireSpinLock(&MappingLock, &Irql);
  296. for (Link = MappingList.Flink; Link != &MappingList; Link = Link->Flink) {
  298. Mapping = CONTAINING_RECORD(Link, NAT_DYNAMIC_MAPPING, Link);
  299. NatUpdateStatisticsMapping(Mapping);
  301. //
  302. // Don't check for expiration if the mapping is marked no-timeout;
  303. // however, if it is detached from its director, then go ahead
  304. // with the expiration-check.
  305. //
  307. if (!NAT_MAPPING_EXPIRED(Mapping) && NAT_MAPPING_NO_TIMEOUT(Mapping) &&
  308. Mapping->Director) {
  309. continue;
  310. }
  312. //
  313. // See if the mapping has expired
  314. //
  316. KeAcquireSpinLockAtDpcLevel(&Mapping->Lock);
  317. Protocol = MAPPING_PROTOCOL(Mapping->SourceKey[NatForwardPath]);
  318. if (!NAT_MAPPING_EXPIRED(Mapping)) {
  319. //
  320. // The mapping is not explicitly marked for expiration;
  321. // see if its last access time is too long ago
  322. //
  323. if (Protocol == NAT_PROTOCOL_TCP) {
  324. if (!NAT_MAPPING_INBOUND(Mapping)) {
  325. if ((Mapping->Flags & NAT_MAPPING_FLAG_FWD_SYN)
  326. && !(Mapping->Flags & NAT_MAPPING_FLAG_REV_SYN)) {
  328. //
  329. // This is an outbound connection for which we've seen
  330. // the outbound SYN (which means we've been tracking
  331. // it from the beginning), but not an inbound SYN. We
  332. // want to use a smaller timeout here so that we may
  333. // reclaim memory for mappings created for connection
  334. // attempts to non-existant servers. (A large number
  335. // of these types of mappings would exist if a machine
  336. // on the private network is performing some sort of a
  337. // network scan; e.g., a machine infected w/ nimda.)
  338. //
  340. if (Mapping->LastAccessTime >= UdpMinAccessTime) {
  341. KeReleaseSpinLockFromDpcLevel(&Mapping->Lock);
  342. continue;
  343. }
  344. }
  345. else if (Mapping->LastAccessTime >= TcpMinAccessTime) {
  346. KeReleaseSpinLockFromDpcLevel(&Mapping->Lock);
  347. continue;
  348. }
  349. } else if (!NAT_MAPPING_TCP_OPEN(Mapping)) {
  351. //
  352. // This is an inbound connection for which we have not
  353. // yet completed the 3-way handshake. We want to use
  354. // a shorter timeout here to reduce memory consumption
  355. // in those cases where someone is performing a synflood
  356. // against us.
  357. //
  359. if (Mapping->LastAccessTime >= UdpMinAccessTime) {
  360. KeReleaseSpinLockFromDpcLevel(&Mapping->Lock);
  361. continue;
  362. }
  363. } else if (Mapping->LastAccessTime >= TcpMinAccessTime) {
  364. KeReleaseSpinLockFromDpcLevel(&Mapping->Lock);
  365. continue;
  366. }
  367. }
  368. else
  369. if (Mapping->LastAccessTime >= UdpMinAccessTime) {
  370. KeReleaseSpinLockFromDpcLevel(&Mapping->Lock);
  371. continue;
  372. }
  373. }
  374. KeReleaseSpinLockFromDpcLevel(&Mapping->Lock);
  376. //
  377. // The mapping has expired; remove it
  378. //
  380. TRACE(
  381. MAPPING, (
  382. "NatTimerRoutine: >Source,Destination=%016I64X:%016I64X\n",
  383. Mapping->SourceKey[NatForwardPath],
  384. Mapping->DestinationKey[NatForwardPath]
  385. ));
  386. TRACE(
  387. MAPPING, (
  388. "NatTimerRoutine: <Source,Destination=%016I64X:%016I64X\n",
  389. Mapping->SourceKey[NatReversePath],
  390. Mapping->DestinationKey[NatReversePath]
  391. ));
  393. Link = Link->Blink;
  394. NatDeleteMapping(Mapping);
  395. }
  396. KeReleaseSpinLockFromDpcLevel(&MappingLock);
  398. //
  399. // Traverse the PPTP-mapping list and remove all expired entries.
  400. //
  402. KeAcquireSpinLockAtDpcLevel(&PptpMappingLock);
  403. for (Link = PptpMappingList[NatInboundDirection].Flink;
  404. Link != &PptpMappingList[NatInboundDirection]; Link = Link->Flink) {
  405. PptpMapping =
  406. CONTAINING_RECORD(
  407. Link, NAT_PPTP_MAPPING, Link[NatInboundDirection]
  408. );
  409. if (!NAT_PPTP_DISCONNECTED(PptpMapping) ||
  410. PptpMapping->LastAccessTime >= UdpMinAccessTime) {
  411. continue;
  412. }
  413. Link = Link->Blink;
  414. RemoveEntryList(&PptpMapping->Link[NatInboundDirection]);
  415. RemoveEntryList(&PptpMapping->Link[NatOutboundDirection]);
  416. TRACE(
  417. MAPPING, ("NatTimerRoutine: Pptp=%016I64X:%016I64X:%d:%d:%d\n",
  418. PptpMapping->PrivateKey,
  419. PptpMapping->PublicKey,
  420. PptpMapping->PrivateCallId,
  421. PptpMapping->PublicCallId,
  422. PptpMapping->RemoteCallId
  423. ));
  424. FREE_PPTP_BLOCK(PptpMapping);
  425. }
  426. KeReleaseSpinLockFromDpcLevel(&PptpMappingLock);
  428. //
  429. // Traverse the ICMP-mapping list and remove each expired entry.
  430. //
  432. KeAcquireSpinLockAtDpcLevel(&IcmpMappingLock);
  433. for (Link = IcmpMappingList[NatInboundDirection].Flink;
  434. Link != &IcmpMappingList[NatInboundDirection]; Link = Link->Flink) {
  435. IcmpMapping =
  436. CONTAINING_RECORD(
  437. Link, NAT_ICMP_MAPPING, Link[NatInboundDirection]
  438. );
  439. if (IcmpMapping->LastAccessTime >= UdpMinAccessTime) { continue; }
  440. Link = Link->Blink;
  441. RemoveEntryList(&IcmpMapping->Link[NatInboundDirection]);
  442. RemoveEntryList(&IcmpMapping->Link[NatOutboundDirection]);
  443. TRACE(
  444. MAPPING,
  445. ("NatTimerRoutine: Icmp=%016I64X:%04X::%016I64X:%04X\n",
  446. IcmpMapping->PrivateKey, IcmpMapping->PrivateId,
  447. IcmpMapping->PublicKey, IcmpMapping->PublicId
  448. ));
  449. FREE_ICMP_BLOCK(IcmpMapping);
  450. }
  451. KeReleaseSpinLockFromDpcLevel(&IcmpMappingLock);
  453. //
  454. // Traverse the interface's IP-mapping list
  455. // and remove each expired entry.
  456. //
  458. KeAcquireSpinLockAtDpcLevel(&IpMappingLock);
  459. for (Link = IpMappingList[NatInboundDirection].Flink;
  460. Link != &IpMappingList[NatInboundDirection]; Link = Link->Flink) {
  461. IpMapping =
  462. CONTAINING_RECORD(
  463. Link, NAT_IP_MAPPING, Link[NatInboundDirection]
  464. );
  465. if (IpMapping->LastAccessTime >= UdpMinAccessTime) { continue; }
  466. Link = Link->Blink;
  467. RemoveEntryList(&IpMapping->Link[NatInboundDirection]);
  468. RemoveEntryList(&IpMapping->Link[NatOutboundDirection]);
  469. TRACE(
  470. MAPPING, (
  471. "NatTimerRoutine: Ip=%d:%016I64X:%016I64X\n",
  472. IpMapping->Protocol, IpMapping->PrivateKey, IpMapping->PublicKey
  473. ));
  474. FREE_IP_BLOCK(IpMapping);
  475. }
  476. KeReleaseSpinLockFromDpcLevel(&IpMappingLock);
  478. //
  479. // Garbage collect all interfaces' structures
  480. //
  482. KeAcquireSpinLockAtDpcLevel(&InterfaceLock);
  484. for (Link = InterfaceList.Flink; Link != &InterfaceList;
  485. Link = Link->Flink) {
  487. Interfacep = CONTAINING_RECORD(Link, NAT_INTERFACE, Link);
  489. //
  490. // Traverse the interface's ticket list
  491. //
  493. KeAcquireSpinLockAtDpcLevel(&Interfacep->Lock);
  494. for (Link = Interfacep->TicketList.Flink;
  495. Link != &Interfacep->TicketList; Link = Link->Flink) {
  496. Ticketp = CONTAINING_RECORD(Link, NAT_TICKET, Link);
  497. if (NAT_TICKET_PERSISTENT(Ticketp)) { continue; }
  498. if (Ticketp->LastAccessTime >= UdpMinAccessTime) { continue; }
  499. Link = Link->Blink;
  500. NatDeleteTicket(Interfacep, Ticketp);
  501. }
  502. KeReleaseSpinLockFromDpcLevel(&Interfacep->Lock);
  503. Link = &Interfacep->Link;
  504. }
  505. KeReleaseSpinLock(&InterfaceLock, Irql);
  506. return;
  508. } // NatTimerRoutine
  511. VOID
  512. NatTriggerTimer(
  513. VOID
  514. )
  515. {
  516. if (!InterlockedCompareExchange(&CleanupDpcPending, TRUE, FALSE)) {
  517. #if DBG
  518. DbgPrint("NatTriggerTimer: scheduling DPC\n");
  519. #endif
  520. KeInsertQueueDpc(&CleanupDpcObject, NULL, NULL);
  521. }
  522. }