[Javanetsim-cvs] javaNetSim/core NATEngine.java, 1.7, 1.8 NetworkLayerDevice.java, 1.23, 1.24
Status: Beta
Brought to you by:
darkkey
Menu
▾
▴
[Javanetsim-cvs] javaNetSim/core NATEngine.java, 1.7, 1.8 NetworkLayerDevice.java, 1.23, 1.24
|
From: Alexander B. <da...@us...> - 2008-10-13 21:20:33
|
Update of /cvsroot/javanetsim/javaNetSim/core In directory fdv4jf1.ch3.sourceforge.com:/tmp/cvs-serv7082/core Modified Files: NATEngine.java NetworkLayerDevice.java Log Message: NAT now works. (may be :P) Index: NetworkLayerDevice.java =================================================================== RCS file: /cvsroot/javanetsim/javaNetSim/core/NetworkLayerDevice.java,v retrieving revision 1.23 retrieving revision 1.24 diff -C2 -d -r1.23 -r1.24 *** NetworkLayerDevice.java 13 Oct 2008 20:04:25 -0000 1.23 --- NetworkLayerDevice.java 13 Oct 2008 21:20:21 -0000 1.24 *************** *** 135,142 **** if(this.getNetworkInterface(inInterface).getNAT() == NetworkInterface.INSIDE_NAT){ // mark packet ! ((IP_packet) inPacket).NatMark = true; Simulation.addLayerInfo(getClass().getName(), getName(), "IP Packet", "Network", "Marked packet as possible inside NAT candidate."); ! }else if(this.getNetworkInterface(inInterface).getNAT() == NetworkInterface.OUTSIDE_NAT){ inPacket = nat.NAT_outside((IP_packet) inPacket); } --- 135,143 ---- if(this.getNetworkInterface(inInterface).getNAT() == NetworkInterface.INSIDE_NAT){ // mark packet ! ((IP_packet) inPacket).NatInsideMark = true; Simulation.addLayerInfo(getClass().getName(), getName(), "IP Packet", "Network", "Marked packet as possible inside NAT candidate."); ! }else if(this.getNetworkInterface(inInterface).getNAT() == NetworkInterface.OUTSIDE_NAT){ ! ((IP_packet) inPacket).NatOutsideMark = true; inPacket = nat.NAT_outside((IP_packet) inPacket); } *************** *** 151,161 **** public Packet preparePacket(Packet inPacket){ if(inPacket instanceof IP_packet && !(inPacket instanceof ARP_packet)){ ! if(((IP_packet) inPacket).NatMark){ inPacket = nat.NAT_inside((IP_packet) inPacket); } - - ((IP_packet) inPacket).NatMark = false; } return inPacket; } --- 152,163 ---- public Packet preparePacket(Packet inPacket){ if(inPacket instanceof IP_packet && !(inPacket instanceof ARP_packet)){ ! if(((IP_packet) inPacket).NatInsideMark){ inPacket = nat.NAT_inside((IP_packet) inPacket); } } + ((IP_packet) inPacket).NatInsideMark = false; + ((IP_packet) inPacket).NatOutsideMark = false; + return inPacket; } Index: NATEngine.java =================================================================== RCS file: /cvsroot/javanetsim/javaNetSim/core/NATEngine.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** NATEngine.java 13 Oct 2008 20:04:25 -0000 1.7 --- NATEngine.java 13 Oct 2008 21:20:21 -0000 1.8 *************** *** 4,7 **** --- 4,8 ---- import java.util.Hashtable; import java.util.Vector; + import java.util.ArrayList; import core.protocolsuite.tcp_ip.*; *************** *** 34,37 **** --- 35,51 ---- Vector<NAT_session> sessions; + public void clearExpiredSessions(){ + ArrayList toRemove = new ArrayList(); + long time_now = System.currentTimeMillis(); + + for(int i = 0; i<sessions.size(); i++){ + if((time_now - sessions.get(i).last_time) > 360 * 1000) + toRemove.add(i); + } + + if(toRemove.size() > 0) + sessions.removeAll(toRemove); + } + public class NAT_rule{ public boolean dynamic = false; // false -- static, true -- dymanic *************** *** 58,61 **** --- 72,76 ---- Vector<NAT_rule> dynamic_rules; Hashtable<String, Pair> pools; + java.security.SecureRandom rng; public NATEngine(NetworkLayerDevice node){ *************** *** 66,69 **** --- 81,85 ---- sessions = new Vector<NAT_session>(); pools = new Hashtable<String, Pair>(); + rng = new java.security.SecureRandom(); } *************** *** 121,129 **** public IP_packet NAT_inside(IP_packet p){ IP_packet rp = p; for(int i=0; i<static_rules.size(); i++){ NAT_rule rule = static_rules.get(i); ! String NewIP = ""; ! int NewPort = 0; if(rule.in_ip.equals(p.getSourceIPAddress()) && parentNode.getACL().passACL(rule.acl, p)){ --- 137,148 ---- public IP_packet NAT_inside(IP_packet p){ IP_packet rp = p; + String NewIP = ""; + int NewPort = 0; + + clearExpiredSessions(); for(int i=0; i<static_rules.size(); i++){ NAT_rule rule = static_rules.get(i); ! if(rule.in_ip.equals(p.getSourceIPAddress()) && parentNode.getACL().passACL(rule.acl, p)){ *************** *** 143,147 **** rp.setSourceIPAddress(NewIP); ! break; }else if(rule.protocol == NAT_rule.TCP && p instanceof TCP_packet){ if(((TCP_packet)p).get_srcPort() == rule.in_port){ --- 162,166 ---- rp.setSourceIPAddress(NewIP); ! return rp; }else if(rule.protocol == NAT_rule.TCP && p instanceof TCP_packet){ if(((TCP_packet)p).get_srcPort() == rule.in_port){ *************** *** 158,162 **** ((TCP_packet)rp).setSrcPort(NewPort); rp.setSourceIPAddress(NewIP); ! } }else if(rule.protocol == NAT_rule.UDP && p instanceof UDP_packet){ if(((UDP_packet)p).get_srcPort() == rule.in_port){ --- 177,183 ---- ((TCP_packet)rp).setSrcPort(NewPort); rp.setSourceIPAddress(NewIP); ! ! return rp; ! } }else if(rule.protocol == NAT_rule.UDP && p instanceof UDP_packet){ if(((UDP_packet)p).get_srcPort() == rule.in_port){ *************** *** 173,176 **** --- 194,199 ---- ((UDP_packet)rp).setSrcPort(NewPort); rp.setSourceIPAddress(NewIP); + + return rp; } } *************** *** 178,191 **** } ! return p; } public IP_packet NAT_outside(IP_packet p){ IP_packet rp = p; for(int i=0; i<static_rules.size(); i++){ NAT_rule rule = static_rules.get(i); - String NewIP = ""; - int NewPort = 0; if(rule.out_ip.equals(p.getDestIPAddress()) && parentNode.getACL().passACL(rule.acl, p)){ --- 201,302 ---- } ! String OldIP = ""; ! int OldPort = 0; ! /*String NewIP = ""; ! int NewPort = 0;*/ ! int type = NAT_session.UNKNOWN; ! String proto = "unk"; ! int s = -1; ! ! OldIP = p.getSourceIPAddress(); ! ! if(p instanceof TCP_packet){ ! type = NAT_session.TCP; ! OldPort = ((TCP_packet)p).get_srcPort(); ! proto = "tcp"; ! }else if(p instanceof UDP_packet){ ! type = NAT_session.UDP; ! OldPort = ((UDP_packet)p).get_srcPort(); ! proto = "udp"; ! }else if(p instanceof ICMP_packet){ ! type = NAT_session.ICMP; ! OldPort = ((ICMP_packet)p).UniqueIdentfier; ! proto = "icmp"; ! } ! ! for(int i=0; i<dynamic_rules.size(); i++){ ! NAT_rule rule = dynamic_rules.get(i); ! ! if(parentNode.getACL().passACL(rule.acl, p)){ ! s = findInsideSession(type, OldIP, OldPort); ! ! if(s>=0){ ! sessions.get(s).last_time = System.currentTimeMillis(); ! ! NewPort = sessions.get(s).out_port; ! NewIP = sessions.get(s).out_ip; ! ! }else{ ! NewPort = rng.nextInt(40000) + 20000; ! if(rule.pool){ ! NewIP = (String)pools.get(rule.out_int).getFirst(); ! }else{ ! NewIP = parentNode.getIPAddress(rule.out_int); ! } ! ! NAT_session new_s = new NAT_session(); ! new_s.in_ip = OldIP; new_s.in_port = OldPort; ! new_s.protocol = type; ! new_s.out_ip = NewIP; new_s.out_port = NewPort; ! sessions.add(new_s); ! } ! ! Simulation.addLayerInfo(getClass().getName(), parentNode.getName(), "IP Packet", "Network", ! "Inside dynamic NAT(" + proto + ") for ip packet applied: changed src from " + OldIP + ":" + OldPort + " to " + NewIP + ":" + NewPort + "."); ! ! rp.setSourceIPAddress(NewIP); ! ! if(p instanceof TCP_packet){ ! ((TCP_packet)rp).setSrcPort(NewPort); ! }else if(p instanceof UDP_packet){ ! ((UDP_packet)rp).setSrcPort(NewPort); ! } ! ! return rp; ! } ! } ! ! return rp; ! } ! ! private int findInsideSession(int protocol, String ip, int port){ ! for(int i = 0; i < sessions.size(); i++){ ! NAT_session s = sessions.get(i); ! ! if(s.in_ip.equals(ip) && s.in_port == port && s.protocol == protocol) ! return i; ! } ! ! return -1; ! } ! ! private int findOutsideSession(int protocol, String ip, int port){ ! for(int i = 0; i < sessions.size(); i++){ ! NAT_session s = sessions.get(i); ! ! if(s.out_ip.equals(ip) && s.out_port == port && s.protocol == protocol) ! return i; ! } ! ! return -1; } public IP_packet NAT_outside(IP_packet p){ IP_packet rp = p; + String NewIP = ""; + int NewPort = 0; for(int i=0; i<static_rules.size(); i++){ NAT_rule rule = static_rules.get(i); if(rule.out_ip.equals(p.getDestIPAddress()) && parentNode.getACL().passACL(rule.acl, p)){ *************** *** 201,205 **** rp.setDestIPAddress(NewIP); ! break; }else if(rule.protocol == NAT_rule.TCP && p instanceof TCP_packet){ if(((TCP_packet)p).get_destPort() == rule.out_port){ --- 312,316 ---- rp.setDestIPAddress(NewIP); ! return rp; }else if(rule.protocol == NAT_rule.TCP && p instanceof TCP_packet){ if(((TCP_packet)p).get_destPort() == rule.out_port){ *************** *** 212,215 **** --- 323,328 ---- ((TCP_packet)rp).setDestPort(NewPort); rp.setDestIPAddress(NewIP); + + return rp; } }else if(rule.protocol == NAT_rule.UDP && p instanceof UDP_packet){ *************** *** 223,226 **** --- 336,341 ---- ((UDP_packet)rp).setDestPort(NewPort); rp.setDestIPAddress(NewIP); + + return rp; } } *************** *** 228,232 **** } ! return p; } --- 343,402 ---- } ! String OldIP = ""; ! int OldPort = 0; ! /*String NewIP = ""; ! int NewPort = 0;*/ ! int type = NAT_session.UNKNOWN; ! String proto = "unk"; ! int s = -1; ! ! OldIP = p.getDestIPAddress(); ! ! if(p instanceof TCP_packet){ ! type = NAT_session.TCP; ! OldPort = ((TCP_packet)p).get_destPort(); ! proto = "tcp"; ! }else if(p instanceof UDP_packet){ ! type = NAT_session.UDP; ! OldPort = ((UDP_packet)p).get_destPort(); ! proto = "udp"; ! }else if(p instanceof ICMP_packet){ ! type = NAT_session.ICMP; ! OldPort = ((ICMP_packet)p).UniqueIdentfier; ! proto = "icmp"; ! } ! ! for(int i=0; i<dynamic_rules.size(); i++){ ! NAT_rule rule = dynamic_rules.get(i); ! ! if(parentNode.getACL().passACL(rule.acl, p)){ ! s = findOutsideSession(type, OldIP, OldPort); ! ! if(s>=0){ ! sessions.get(s).last_time = System.currentTimeMillis(); ! ! NewPort = sessions.get(s).in_port; ! NewIP = sessions.get(s).in_ip; ! ! Simulation.addLayerInfo(getClass().getName(), parentNode.getName(), "IP Packet", "Network", ! "Outside dynamic NAT(" + proto + ") for ip packet applied: changed dst from " + OldIP + ":" + OldPort + " to " + NewIP + ":" + NewPort + "."); ! ! rp.setDestIPAddress(NewIP); ! ! if(p instanceof TCP_packet){ ! ((TCP_packet)rp).setDestPort(NewPort); ! }else if(p instanceof UDP_packet){ ! ((UDP_packet)rp).setDestPort(NewPort); ! } ! ! return rp; ! }else{ ! Simulation.addLayerInfo(getClass().getName(), parentNode.getName(), "IP Packet", "Network", ! "Outside dynamic NAT(" + proto + ") for ip packet failed: no session for " + OldIP + ":" + OldPort + "."); ! } ! } ! } ! ! return rp; } |
