This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Harald Welte gerrit-no-reply at lists.osmocom.orgHarald Welte has submitted this change and it was merged. Change subject: gb: optionally allow nsip packets only from a specific host ...................................................................... gb: optionally allow nsip packets only from a specific host When listening for nsip connections is enabled, then every remote host may send packets. This is useful for an SGSN that serves multiple PCUs, but contraproductive for a PCU that awaits packets from a single SGSN. Add struct members remote_ip, and remote_port to struct gprs_ns_inst, when set, then the listening end uses connect() to ensure that only the expected host may send packets. Related: OS#2401 Change-Id: Ifeb201d9006eec275a46708007ff342cdfc14e45 --- M TODO-RELEASE M include/osmocom/gprs/gprs_ns.h M src/gb/gprs_ns.c 3 files changed, 28 insertions(+), 3 deletions(-) Approvals: Harald Welte: Looks good to me, approved Jenkins Builder: Verified diff --git a/TODO-RELEASE b/TODO-RELEASE index 1964cff..e5a6f70 100644 --- a/TODO-RELEASE +++ b/TODO-RELEASE @@ -12,3 +12,4 @@ libosmogsm/oap ABI change fix AUTS length to 14, not 16 (length is implicit) osmo-auc-gen UI change fix AUTS length to 14, not 16 (length is implicit) libosmovty ABI change redefine _LAST_OSMOVTY_NODE as a high number to increase node space +libosmogb ABI change add struct members nsip.remote_ip, and nsip.remote_port to struct gprs_ns_inst \ No newline at end of file diff --git a/include/osmocom/gprs/gprs_ns.h b/include/osmocom/gprs/gprs_ns.h index 5aee755..d4aef82 100644 --- a/include/osmocom/gprs/gprs_ns.h +++ b/include/osmocom/gprs/gprs_ns.h @@ -88,6 +88,8 @@ struct osmo_fd fd; uint32_t local_ip; uint16_t local_port; + uint32_t remote_ip; + uint16_t remote_port; int dscp; } nsip; /*! NS-over-FR-over-GRE-over-IP specific bits */ diff --git a/src/gb/gprs_ns.c b/src/gb/gprs_ns.c index 7443a8b..fd465b4 100644 --- a/src/gb/gprs_ns.c +++ b/src/gb/gprs_ns.c @@ -1561,15 +1561,37 @@ int gprs_ns_nsip_listen(struct gprs_ns_inst *nsi) { struct in_addr in; + struct in_addr remote; + char remote_str[INET_ADDRSTRLEN]; int ret; in.s_addr = osmo_htonl(nsi->nsip.local_ip); + remote.s_addr = osmo_htonl(nsi->nsip.remote_ip); nsi->nsip.fd.cb = nsip_fd_cb; nsi->nsip.fd.data = nsi; - ret = osmo_sock_init_ofd(&nsi->nsip.fd, AF_INET, SOCK_DGRAM, - IPPROTO_UDP, inet_ntoa(in), - nsi->nsip.local_port, OSMO_SOCK_F_BIND); + + if (nsi->nsip.remote_ip && nsi->nsip.remote_port) { + /* connect to ensure only we only accept packets from the + * configured remote end/peer */ + snprintf(remote_str, sizeof(remote_str), "%s", inet_ntoa(remote)); + ret = + osmo_sock_init2_ofd(&nsi->nsip.fd, AF_INET, SOCK_DGRAM, + IPPROTO_UDP, inet_ntoa(in), + nsi->nsip.local_port, remote_str, + nsi->nsip.remote_port, OSMO_SOCK_F_BIND | OSMO_SOCK_F_CONNECT); + + LOGP(DNS, LOGL_NOTICE, + "Listening for nsip packets from %s:%u on %s:%u\n", + remote_str, nsi->nsip.remote_port, inet_ntoa(in), nsi->nsip.local_port); + } else { + /* Accept UDP packets from any source IP/Port */ + ret = osmo_sock_init_ofd(&nsi->nsip.fd, AF_INET, SOCK_DGRAM, + IPPROTO_UDP, inet_ntoa(in), nsi->nsip.local_port, OSMO_SOCK_F_BIND); + + LOGP(DNS, LOGL_NOTICE, "Listening for nsip packets on %s:%u\n", inet_ntoa(in), nsi->nsip.local_port); + } + if (ret < 0) return ret; -- To view, visit https://gerrit.osmocom.org/4317 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: Ifeb201d9006eec275a46708007ff342cdfc14e45 Gerrit-PatchSet: 4 Gerrit-Project: libosmocore Gerrit-Branch: master Gerrit-Owner: dexter <pmaier at sysmocom.de> Gerrit-Reviewer: Harald Welte <laforge at gnumonks.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: Max <msuraev at sysmocom.de> Gerrit-Reviewer: Neels Hofmeyr <nhofmeyr at sysmocom.de>