/*++
Copyright (c) 1997, Microsoft Corporation
Module Name:
ticket.h
Abstract:
This module contains declarations for the NAT's ticket-management.
A NAT ticket is a dynamically-created token which allows any external
endpoint to establish a session to an internal endpoint using an allocated
public address/port pair. For instance, a streaming protocol might create
a ticket for a dynamically-negotiated secondary session to be established.
Author:
Abolade Gbadegesin (t-abolag) 21-Aug-1997
Revision History:
Abolade Gbadegesin (aboladeg) 16-Apr-1998
Allow wildcard tickets to be created by specifying zero for a field.
'NatLookupAndRemoveTicket' may be used to retrieve such tickets.
Abolade Gbadegesin (aboladeg) 17-Oct-1998
Eliminated wildcard ticket support. Created dynamic ticket support.
(See 'NAT_DYNAMIC_TICKET' below.)
--*/
#ifndef _NAT_TICKET_H_
#define _NAT_TICKET_H_
//
// Structure: NAT_TICKET
//
// This structure holds all the information we need about a ticket.
// Each instance is linked into a sorted per-interface list of tickets
// which is protected by the interface's lock.
//
typedef struct _NAT_TICKET {
LIST_ENTRY Link;
ULONG64 Key;
ULONG64 RemoteKey;
PNAT_USED_ADDRESS UsedAddress;
ULONG PrivateAddress;
USHORT PrivateOrHostOrderEndPort;
ULONG Flags;
LONG64 LastAccessTime;
} NAT_TICKET, *PNAT_TICKET;
//
// Structure: NAT_DYNAMIC_TICKET
//
// This structure holds the description of a dynamic ticket.
// Such a ticket is created so that when an outbound session is translated
// with a given destination port, a ticket can be created for a corresponding
// inbound session to a predetermined port, or to one of a range of ports.
//
typedef struct _NAT_DYNAMIC_TICKET {
LIST_ENTRY Link;
ULONG Key;
ULONG ResponseCount;
struct {
UCHAR Protocol;
USHORT StartPort;
USHORT EndPort;
}* ResponseArray;
PFILE_OBJECT FileObject;
} NAT_DYNAMIC_TICKET, *PNAT_DYNAMIC_TICKET;
//
// Ticket flags
//
#define NAT_TICKET_FLAG_PERSISTENT 0x00000001
#define NAT_TICKET_PERSISTENT(t) \
((t)->Flags & NAT_TICKET_FLAG_PERSISTENT)
#define NAT_TICKET_FLAG_PORT_MAPPING 0x00000002
#define NAT_TICKET_PORT_MAPPING(t) \
((t)->Flags & NAT_TICKET_FLAG_PORT_MAPPING)
#define NAT_TICKET_FLAG_IS_RANGE 0x00000004
#define NAT_TICKET_IS_RANGE(t) \
((t)->Flags & NAT_TICKET_FLAG_IS_RANGE)
//
// Ticket-key manipulation macros
//
#define MAKE_TICKET_KEY(Protocol,Address,Port) \
((Address) | \
((ULONG64)((Port) & 0xFFFF) << 32) | \
((ULONG64)((Protocol) & 0xFF) << 48))
#define TICKET_PROTOCOL(Key) ((UCHAR)(((Key) >> 48) & 0xFF))
#define TICKET_PORT(Key) ((USHORT)(((Key) >> 32) & 0xFFFF))
#define TICKET_ADDRESS(Key) ((ULONG)(Key))
#define MAKE_DYNAMIC_TICKET_KEY(Protocol, Port) \
((ULONG)((Port) & 0xFFFF) | ((ULONG)((Protocol) & 0xFF) << 16))
#define DYNAMIC_TICKET_PROTOCOL(Key) ((UCHAR)(((Key) >> 16) & 0xFF))
#define DYNAMIC_TICKET_PORT(Key) ((USHORT)((Key) & 0xFFFF))
//
// Ticket allocation macros
//
#define ALLOCATE_TICKET_BLOCK() \
(PNAT_TICKET)ExAllocatePoolWithTag( \
NonPagedPool,sizeof(NAT_TICKET), NAT_TAG_TICKET \
)
#define FREE_TICKET_BLOCK(Block) \
ExFreePool(Block)
//
// GLOBAL DATA DECLARATIONS
//
ULONG DynamicTicketCount;
ULONG TicketCount;
�
//
// TICKET MANAGEMENT ROUTINES
//
NTSTATUS
NatCreateDynamicTicket(
PIP_NAT_CREATE_DYNAMIC_TICKET CreateTicket,
ULONG InputBufferLength,
PFILE_OBJECT FileObject
);
NTSTATUS
NatCreateTicket(
PNAT_INTERFACE Interfacep,
UCHAR Protocol,
ULONG PrivateAddress,
USHORT PrivatePort,
ULONG RemoteAddress OPTIONAL,
ULONG RemotePort OPTIONAL,
ULONG Flags,
PNAT_USED_ADDRESS AddressToUse OPTIONAL,
USHORT PortToUse OPTIONAL,
PULONG PublicAddress,
PUSHORT PublicPort
);
VOID
NatDeleteAnyAssociatedDynamicTicket(
PFILE_OBJECT FileObject
);
NTSTATUS
NatDeleteDynamicTicket(
PIP_NAT_DELETE_DYNAMIC_TICKET DeleteTicket,
PFILE_OBJECT FileObject
);
VOID
NatDeleteTicket(
PNAT_INTERFACE Interfacep,
PNAT_TICKET Ticketp
);
VOID
NatInitializeDynamicTicketManagement(
VOID
);
BOOLEAN
NatIsPortUsedByTicket(
PNAT_INTERFACE Interfacep,
UCHAR Protocol,
USHORT PublicPort
);
VOID
NatLookupAndApplyDynamicTicket(
UCHAR Protocol,
USHORT DestinationPort,
PNAT_INTERFACE Interfacep,
ULONG PublicAddress,
ULONG PrivateAddress
);
NTSTATUS
NatLookupAndDeleteTicket(
PNAT_INTERFACE Interfacep,
ULONG64 Key,
ULONG64 RemoteKey
);
NTSTATUS
NatLookupAndRemoveTicket(
PNAT_INTERFACE Interfacep,
ULONG64 Key,
ULONG64 RemoteKey,
PNAT_USED_ADDRESS* UsedAddress,
PULONG PrivateAddress,
PUSHORT PrivatePort
);
PNAT_TICKET
NatLookupFirewallTicket(
PNAT_INTERFACE Interfacep,
UCHAR Protocol,
USHORT Port
);
PNAT_TICKET
NatLookupTicket(
PNAT_INTERFACE Interfacep,
ULONG64 Key,
ULONG64 RemoteKey,
PLIST_ENTRY* InsertionPoint
);
PNAT_DYNAMIC_TICKET
NatLookupDynamicTicket(
ULONG Key,
PLIST_ENTRY* InsertionPoint
);
NTSTATUS
NatProcessCreateTicket(
PIP_NAT_CREATE_TICKET CreateTicket,
PFILE_OBJECT FileObject
);
NTSTATUS
NatProcessDeleteTicket(
PIP_NAT_CREATE_TICKET DeleteTicket,
PFILE_OBJECT FileObject
);
NTSTATUS
NatProcessLookupTicket(
PIP_NAT_CREATE_TICKET LookupTicket,
PIP_NAT_PORT_MAPPING Ticket,
PFILE_OBJECT FileObject
);
VOID
NatShutdownDynamicTicketManagement(
VOID
);
#endif // _NAT_TICKET_H_