Merge pull request #238 from DavideAG/packetcapture_service

frisso · web-flow · commit 4bf7d94eb46d · 2019-11-25T20:11:49.000+01:00
Fixed NAT service and modified utils function
diff --git a/src/libs/polycube/include/polycube/services/utils.h b/src/libs/polycube/include/polycube/services/utils.h
@@ -28,9 +28,12 @@ namespace polycube {
 namespace service {
 namespace utils {
 
-/* ip (a.b.c.d) to string and viceversa
+/* IP string (a.b.c.d) or IP prefix (a.b.c.d/m) to nbo uint. If (a.b.c.d/m) only IP will be processed
  * Number is in network byte order (nbo), i.e., big endian */
 uint32_t ip_string_to_nbo_uint(const std::string &ip);
+
+/* IP (a.b.c.d) to string 
+ * Number is in network byte order (nbo), i.e., big endian */
 std::string nbo_uint_to_ip_string(uint32_t ip);
 
 /* mac (aa:bb:cc:dd:ee:ff) to string and vicersa
@@ -54,7 +57,7 @@ uint64_t hex_string_to_uint(const std::string &str);
 std::string get_random_mac();
 
 /* Take in ingress a string like 192.168.0.1/24 and return only the ip
- * 192.168.0.1 */
+ * 192.168.0.1 . If no prefix it will return the same input string*/
 std::string get_ip_from_string(const std::string &ipv_net);
 
 /* Take in ingress a string like 192.168.0.1/24 and return only the "prefix
diff --git a/src/libs/polycube/src/utils.cpp b/src/libs/polycube/src/utils.cpp
@@ -34,12 +34,15 @@ namespace service {
 namespace utils {
 
 // new set of functions
+
 uint32_t ip_string_to_nbo_uint(const std::string &ip) {
   unsigned char a[4];
   int last = -1;
-  int rc = std::sscanf(ip.c_str(), "%hhu.%hhu.%hhu.%hhu%n", a + 0, a + 1, a + 2,
+  std::string IP_address = get_ip_from_string(ip);
+
+  int rc = std::sscanf(IP_address.c_str(), "%hhu.%hhu.%hhu.%hhu%n", a + 0, a + 1, a + 2,
                        a + 3, &last);
-  if (rc != 4 || ip.size() != last)
+  if (rc != 4 || IP_address.size() != last)
     throw std::runtime_error("Not an ipv4 address " + ip);
 
   return uint32_t(a[3]) << 24 | uint32_t(a[2]) << 16 | uint32_t(a[1]) << 8 |
@@ -230,7 +233,7 @@ uint64_t hex_string_to_uint(const std::string &str) {
 std::string get_ip_from_string(const std::string &ipv_net) {
   size_t pos = ipv_net.find("/");
   if (pos == std::string::npos) {
-    return std::string();  // throw?
+    return ipv_net;
   }
   return ipv_net.substr(0, pos);
 }
diff --git a/src/services/pcn-nat/src/Nat.cpp b/src/services/pcn-nat/src/Nat.cpp
@@ -34,8 +34,8 @@ Nat::Nat(const std::string name, const NatJsonObject &conf)
   //addNattingTableList(conf.getNattingTable());
 
   ParameterEventCallback cb = [&](const std::string &parameter, const std::string &value) {
-    logger()->debug("parent IP has been updated to {}", value);
-    external_ip_ = value;
+    external_ip_ = utils::get_ip_from_string(value);
+    logger()->debug("parent IP has been updated to {}", external_ip_);
     if (rule_->getMasquerade()->getEnabled()) {
       rule_->getMasquerade()->inject(utils::ip_string_to_nbo_uint(external_ip_));
     }
diff --git a/src/services/pcn-nat/src/Nat_dp.c b/src/services/pcn-nat/src/Nat_dp.c
@@ -10,7 +10,7 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
   void *data_end = (void *)(long)ctx->data_end;
 
   struct eth_hdr *eth = data;
-  if (data + sizeof(*eth) > data_end)
+  if ( (void *)eth + sizeof(*eth) > data_end )
     goto DROP;
 
   pcn_log(
@@ -49,7 +49,7 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
   uint8_t update_session_table = 1;
 
   struct iphdr *ip = data + sizeof(*eth);
-  if (data + sizeof(*eth) + sizeof(*ip) > data_end)
+  if ( (void *)ip + sizeof(*ip) > data_end )
     goto DROP;
 
   pcn_log(ctx, LOG_TRACE, "Processing IP packet: src %I, dst: %I", ip->saddr,
@@ -61,8 +61,9 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
 
   switch (ip->protocol) {
   case IPPROTO_TCP: {
-    struct tcphdr *tcp = data + sizeof(*eth) + sizeof(*ip);
-    if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*tcp) > data_end)
+    uint8_t header_len = 4 * ip->ihl;
+    struct tcphdr *tcp = data + sizeof(*eth) + header_len;
+    if ( (void *)tcp + sizeof(*tcp) > data_end )
       goto DROP;
 
     pcn_log(ctx, LOG_TRACE, "Packet is TCP: src_port %P, dst_port %P",
@@ -72,8 +73,9 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
     break;
   }
   case IPPROTO_UDP: {
-    struct udphdr *udp = data + sizeof(*eth) + sizeof(*ip);
-    if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp) > data_end)
+    uint8_t header_len = 4 * ip->ihl;
+    struct udphdr *udp = data + sizeof(*eth) + header_len;
+    if ( (void *)udp + sizeof(*udp) > data_end )
       goto DROP;
     pcn_log(ctx, LOG_TRACE, "Packet is UDP: src_port %P, dst_port %P",
             udp->source, udp->dest);
@@ -82,8 +84,9 @@ static int handle_rx(struct CTXTYPE *ctx, struct pkt_metadata *md) {
     break;
   }
   case IPPROTO_ICMP: {
-    struct icmphdr *icmp = data + sizeof(*eth) + sizeof(*ip);
-    if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*icmp) > data_end)
+    uint8_t header_len = 4 * ip->ihl;
+    struct icmphdr *icmp = data + sizeof(*eth) + header_len;
+    if ( (void *)icmp + sizeof(*icmp) > data_end )
       goto DROP;
     pcn_log(ctx, LOG_TRACE, "Packet is ICMP: type %d, id %d", icmp->type,
             icmp->un.echo.id);
@@ -302,8 +305,9 @@ apply_nat:;
   uint32_t l4sum = pcn_csum_diff(&old_port, 4, &new_port, 4, 0);
   switch (proto) {
   case IPPROTO_TCP: {
-    struct tcphdr *tcp = data + sizeof(*eth) + sizeof(*ip);
-    if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*tcp) > data_end)
+    uint8_t header_len = 4 * ip->ihl;
+    struct tcphdr *tcp = data + sizeof(*eth) + header_len;
+    if ( (void *)tcp + sizeof(*tcp) > data_end )
       goto DROP;
 
     if (rule_type == NAT_SRC || rule_type == NAT_MSQ) {
@@ -326,8 +330,9 @@ apply_nat:;
     goto proceed;
   }
   case IPPROTO_UDP: {
-    struct udphdr *udp = data + sizeof(*eth) + sizeof(*ip);
-    if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp) > data_end)
+    uint8_t header_len = 4 * ip->ihl;
+    struct udphdr *udp = data + sizeof(*eth) + header_len;
+    if ( (void *)udp + sizeof(*udp) > data_end )
       goto DROP;
     if (rule_type == NAT_SRC || rule_type == NAT_MSQ) {
       ip->saddr = new_ip;
@@ -349,8 +354,9 @@ apply_nat:;
     goto proceed;
   }
   case IPPROTO_ICMP: {
-    struct icmphdr *icmp = data + sizeof(*eth) + sizeof(*ip);
-    if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*icmp) > data_end)
+    uint8_t header_len = 4 * ip->ihl;
+    struct icmphdr *icmp = data + sizeof(*eth) + header_len;
+    if ( (void *)icmp + sizeof(*icmp) > data_end )
       goto DROP;
     if (rule_type == NAT_SRC || rule_type == NAT_MSQ) {
       ip->saddr = new_ip;
diff --git a/src/services/pcn-nat/test/test_tcp_masq.sh b/src/services/pcn-nat/test/test_tcp_masq.sh
@@ -15,7 +15,9 @@
 source "${BASH_SOURCE%/*}/helpers.bash"
 
 function test_tcp {
-    sudo ip netns exec ns2 netcat -l -w 5 $tcp_port&
+	sudo ip netns exec ns2 netcat -l -w 5 $tcp_port&
+	sleep 2
+	sudo ip netns exec ns1 ping $veth2_ip -c 1
 	sleep 2
 	sudo ip netns exec ns1 netcat -w 5 -nvz $veth2_ip $tcp_port
 	sleep 4
