[ovs-dev] [patch_v3 5/8] Userspace Datapath: Add TFTP support.

Darrell Ball dlu998 at gmail.com
Wed Jul 5 08:20:11 UTC 2017


Both ipv4 and ipv6 are supported. Also, NAT support is included.

Signed-off-by: Darrell Ball <dlu998 at gmail.com>
---
 include/sparse/netinet/in.h |  1 +
 lib/conntrack.c             | 45 ++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/include/sparse/netinet/in.h b/include/sparse/netinet/in.h
index 8a5b887..6dba458 100644
--- a/include/sparse/netinet/in.h
+++ b/include/sparse/netinet/in.h
@@ -75,6 +75,7 @@ struct sockaddr_in6 {
 #define IPPROTO_SCTP 132
 
 #define IPPORT_FTP 21
+#define IPPORT_TFTP 69
 
 /* All the IP options documented in Linux ip(7). */
 #define IP_ADD_MEMBERSHIP 35
diff --git a/lib/conntrack.c b/lib/conntrack.c
index e829543..1b74ef3 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -61,6 +61,7 @@ enum ftp_ctl_pkt {
 enum ct_alg_mode {
     CT_FTP_MODE_ACTIVE,
     CT_FTP_MODE_PASSIVE,
+    CT_TFTP_MODE,
 };
 
 static bool conn_key_extract(struct conntrack *, struct dp_packet *,
@@ -140,6 +141,11 @@ handle_ftp_ctl(struct conntrack *ct, const struct conn_lookup_ctx *ctx,
                const struct conn *conn_for_expectation,
                long long now, enum ftp_ctl_pkt ftp_ctl, bool nat);
 
+static void
+handle_tftp_ctl(struct conntrack *ct,
+                const struct conn *conn_for_expectation,
+                long long now);
+
 static struct ct_l4_proto *l4_protos[] = {
     [IPPROTO_TCP] = &ct_proto_tcp,
     [IPPROTO_UDP] = &ct_proto_other,
@@ -338,6 +344,28 @@ is_ftp_ctl(const struct dp_packet *pkt)
 
 }
 
+static bool
+is_tftp_ctl(const struct dp_packet *pkt)
+{
+    uint8_t ip_proto;
+    struct eth_header *l2 = dp_packet_eth(pkt);
+    if (l2->eth_type == htons(ETH_TYPE_IPV6)) {
+        struct ovs_16aligned_ip6_hdr *nh6 = dp_packet_l3(pkt);
+        ip_proto = nh6->ip6_ctlun.ip6_un1.ip6_un1_nxt;
+    } else {
+        struct ip_header *l3_hdr = dp_packet_l3(pkt);
+        ip_proto = l3_hdr->ip_proto;
+    }
+
+    struct udp_header *uh = dp_packet_l4(pkt);
+
+    /* CT_IPPORT_TFTP is used in lieu of IPPORT_TFTP to handle OSX. */
+#define CT_IPPORT_TFTP 69
+    return (ip_proto == IPPROTO_UDP &&
+            ntohs(uh->udp_dst) == CT_IPPORT_TFTP);
+
+}
+
 static void
 alg_exp_init_expiration(struct conntrack *ct,
                         struct alg_exp_node *alg_exp_node,
@@ -1033,7 +1061,7 @@ process_one(struct conntrack *ct, struct dp_packet *pkt,
     }
 
     struct conn conn_for_expectation;
-    if (conn && is_ftp_ctl(pkt)) {
+    if (conn && (is_ftp_ctl(pkt) || is_tftp_ctl(pkt))) {
         conn_for_expectation = *conn;
     }
 
@@ -1047,6 +1075,8 @@ process_one(struct conntrack *ct, struct dp_packet *pkt,
     if (OVS_UNLIKELY(conn && is_ftp_ctl(pkt))) {
         handle_ftp_ctl(ct, ctx, pkt, &conn_for_expectation,
                        now, CT_FTP_CTL_INTEREST, !!nat_action_info);
+    } else if (OVS_UNLIKELY(conn && is_tftp_ctl(pkt))) {
+        handle_tftp_ctl(ct, &conn_for_expectation, now);
     }
 }
 
@@ -2336,6 +2366,7 @@ expectation_create(struct conntrack *ct,
 
     switch (mode) {
     case CT_FTP_MODE_ACTIVE:
+    case CT_TFTP_MODE:
         src_addr = master_conn->rev_key.src.addr;
         dst_addr = master_conn->rev_key.dst.addr;
         alg_nat_repl_addr = master_conn->key.src.addr;
@@ -2624,6 +2655,7 @@ process_ftp_ctl_v4(struct conntrack *ct,
         *v4_addr_rep = conn_for_expectation->key.dst.addr.ipv4_aligned;
         conn_ipv4_addr = conn_for_expectation->rev_key.src.addr.ipv4_aligned;
         break;
+    case CT_TFTP_MODE:
     default:
         OVS_NOT_REACHED();
     }
@@ -2735,6 +2767,7 @@ process_ftp_ctl_v6(struct conntrack *ct,
     case CT_FTP_MODE_PASSIVE:
         *v6_addr_rep = conn_for_expectation->key.dst.addr;
         break;
+    case CT_TFTP_MODE:
     default:
         OVS_NOT_REACHED();
     }
@@ -2915,3 +2948,13 @@ handle_ftp_ctl(struct conntrack *ct, const struct conn_lookup_ctx *ctx,
         csum_continue(tcp_csum, th, tail - (char *) th - pad));
     return;
 }
+
+static void
+handle_tftp_ctl(struct conntrack *ct,
+                const struct conn *conn_for_expectation,
+                long long now)
+{
+    expectation_create(ct, conn_for_expectation->key.src.port, now,
+                       CT_TFTP_MODE, conn_for_expectation);
+    return;
+}
-- 
1.9.1



More information about the dev mailing list