windows-nt/Source/XPSP1/NT/net/rras/ip/nat/ticket.h

/*++

Copyright (c) 1997, Microsoft Corporation

Module Name:

    ticket.h

Abstract:

    This module contains declarations for the NAT's ticket-management.

    A NAT ticket is a dynamically-created token which allows any external
    endpoint to establish a session to an internal endpoint using an allocated
    public address/port pair. For instance, a streaming protocol might create
    a ticket for a dynamically-negotiated secondary session to be established.

Author:

    Abolade Gbadegesin (t-abolag)   21-Aug-1997

Revision History:

    Abolade Gbadegesin (aboladeg)   16-Apr-1998

    Allow wildcard tickets to be created by specifying zero for a field.
    'NatLookupAndRemoveTicket' may be used to retrieve such tickets.

    Abolade Gbadegesin (aboladeg)   17-Oct-1998

    Eliminated wildcard ticket support. Created dynamic ticket support.
    (See 'NAT_DYNAMIC_TICKET' below.)

--*/

#ifndef _NAT_TICKET_H_
#define _NAT_TICKET_H_


//
// Structure:   NAT_TICKET
//
// This structure holds all the information we need about a ticket.
// Each instance is linked into a sorted per-interface list of tickets
// which is protected by the interface's lock.
//

typedef struct _NAT_TICKET {
    LIST_ENTRY Link;
    ULONG64 Key;
    ULONG64 RemoteKey;
    PNAT_USED_ADDRESS UsedAddress;
    ULONG PrivateAddress;
    USHORT PrivateOrHostOrderEndPort;
    ULONG Flags;
    LONG64 LastAccessTime;
} NAT_TICKET, *PNAT_TICKET;

//
// Structure:   NAT_DYNAMIC_TICKET
//
// This structure holds the description of a dynamic ticket.
// Such a ticket is created so that when an outbound session is translated
// with a given destination port, a ticket can be created for a corresponding
// inbound session to a predetermined port, or to one of a range of ports.
//

typedef struct _NAT_DYNAMIC_TICKET {
    LIST_ENTRY Link;
    ULONG Key;
    ULONG ResponseCount;
    struct {
        UCHAR Protocol;
        USHORT StartPort;
        USHORT EndPort;
    }* ResponseArray;
    PFILE_OBJECT FileObject;
} NAT_DYNAMIC_TICKET, *PNAT_DYNAMIC_TICKET;

//
// Ticket flags
//

#define NAT_TICKET_FLAG_PERSISTENT      0x00000001
#define NAT_TICKET_PERSISTENT(t) \
    ((t)->Flags & NAT_TICKET_FLAG_PERSISTENT)

#define NAT_TICKET_FLAG_PORT_MAPPING    0x00000002
#define NAT_TICKET_PORT_MAPPING(t) \
    ((t)->Flags & NAT_TICKET_FLAG_PORT_MAPPING)

#define NAT_TICKET_FLAG_IS_RANGE        0x00000004
#define NAT_TICKET_IS_RANGE(t) \
    ((t)->Flags & NAT_TICKET_FLAG_IS_RANGE)

//
// Ticket-key manipulation macros
//

#define MAKE_TICKET_KEY(Protocol,Address,Port) \
    ((Address) | \
    ((ULONG64)((Port) & 0xFFFF) << 32) | \
    ((ULONG64)((Protocol) & 0xFF) << 48))

#define TICKET_PROTOCOL(Key)            ((UCHAR)(((Key) >> 48) & 0xFF))
#define TICKET_PORT(Key)                ((USHORT)(((Key) >> 32) & 0xFFFF))
#define TICKET_ADDRESS(Key)             ((ULONG)(Key))

#define MAKE_DYNAMIC_TICKET_KEY(Protocol, Port) \
    ((ULONG)((Port) & 0xFFFF) | ((ULONG)((Protocol) & 0xFF) << 16))

#define DYNAMIC_TICKET_PROTOCOL(Key)    ((UCHAR)(((Key) >> 16) & 0xFF))
#define DYNAMIC_TICKET_PORT(Key)        ((USHORT)((Key) & 0xFFFF))

//
// Ticket allocation macros
//

#define ALLOCATE_TICKET_BLOCK() \
    (PNAT_TICKET)ExAllocatePoolWithTag( \
        NonPagedPool,sizeof(NAT_TICKET), NAT_TAG_TICKET \
        )

#define FREE_TICKET_BLOCK(Block) \
    ExFreePool(Block)

//
// GLOBAL DATA DECLARATIONS
//

ULONG DynamicTicketCount;
ULONG TicketCount;


//
// TICKET MANAGEMENT ROUTINES
//

NTSTATUS
NatCreateDynamicTicket(
    PIP_NAT_CREATE_DYNAMIC_TICKET CreateTicket,
    ULONG InputBufferLength,
    PFILE_OBJECT FileObject
    );

NTSTATUS
NatCreateTicket(
    PNAT_INTERFACE Interfacep,
    UCHAR Protocol,
    ULONG PrivateAddress,
    USHORT PrivatePort,
    ULONG RemoteAddress OPTIONAL,
    ULONG RemotePort OPTIONAL,
    ULONG Flags,
    PNAT_USED_ADDRESS AddressToUse OPTIONAL,
    USHORT PortToUse OPTIONAL,
    PULONG PublicAddress,
    PUSHORT PublicPort
    );

VOID
NatDeleteAnyAssociatedDynamicTicket(
    PFILE_OBJECT FileObject
    );

NTSTATUS
NatDeleteDynamicTicket(
    PIP_NAT_DELETE_DYNAMIC_TICKET DeleteTicket,
    PFILE_OBJECT FileObject
    );

VOID
NatDeleteTicket(
    PNAT_INTERFACE Interfacep,
    PNAT_TICKET Ticketp
    );

VOID
NatInitializeDynamicTicketManagement(
    VOID
    );

BOOLEAN
NatIsPortUsedByTicket(
    PNAT_INTERFACE Interfacep,
    UCHAR Protocol,
    USHORT PublicPort
    );

VOID
NatLookupAndApplyDynamicTicket(
    UCHAR Protocol,
    USHORT DestinationPort,
    PNAT_INTERFACE Interfacep,
    ULONG PublicAddress,
    ULONG PrivateAddress
    );

NTSTATUS
NatLookupAndDeleteTicket(
    PNAT_INTERFACE Interfacep,
    ULONG64 Key,
    ULONG64 RemoteKey
    );

NTSTATUS
NatLookupAndRemoveTicket(
    PNAT_INTERFACE Interfacep,
    ULONG64 Key,
    ULONG64 RemoteKey,
    PNAT_USED_ADDRESS* UsedAddress,
    PULONG PrivateAddress,
    PUSHORT PrivatePort
    );

PNAT_TICKET
NatLookupFirewallTicket(
    PNAT_INTERFACE Interfacep,
    UCHAR Protocol,
    USHORT Port
    );

PNAT_TICKET
NatLookupTicket(
    PNAT_INTERFACE Interfacep,
    ULONG64 Key,
    ULONG64 RemoteKey,
    PLIST_ENTRY* InsertionPoint
    );

PNAT_DYNAMIC_TICKET
NatLookupDynamicTicket(
    ULONG Key,
    PLIST_ENTRY* InsertionPoint
    );

NTSTATUS
NatProcessCreateTicket(
    PIP_NAT_CREATE_TICKET CreateTicket,
    PFILE_OBJECT FileObject
    );

NTSTATUS
NatProcessDeleteTicket(
    PIP_NAT_CREATE_TICKET DeleteTicket,
    PFILE_OBJECT FileObject
    );

NTSTATUS
NatProcessLookupTicket(
    PIP_NAT_CREATE_TICKET LookupTicket,
    PIP_NAT_PORT_MAPPING Ticket,
    PFILE_OBJECT FileObject
    );

VOID
NatShutdownDynamicTicketManagement(
    VOID
    );

#endif // _NAT_TICKET_H_