remove remaining bits of osmo-bsc_nat

osmo-bsc_nat is too heavily tied into legacy SCCPlite code, as it
is not using libosmo-sigtran/osmo_ss7 so far.  It's also full of
customer-specific code and it's shared use of some libbsc code here
has been complicating osmo-bsc development.

The current plan is to continue to use osmo-bsc_nat from openbsc.git
for those legacy users that need it, and not use osmo-bsc_nat in
new 3GPP AoIP setups.  Should we ever get a strong demand for an AoIP
based bsc_nat, we can still revisit this later.

Change-Id: Ia05dc76336a64a7f08962843b9a7cc19f2c83387
changes/39/9339/3
Harald Welte 5 years ago
parent 7b897dfea5
commit 1c9b8b1917
  1. 6
      configure.ac
  2. 1
      debian/control
  3. 1
      doc/examples/osmo-bsc_nat/black-list.cfg
  4. 13
      doc/examples/osmo-bsc_nat/bscs.cfg
  5. 66
      doc/examples/osmo-bsc_nat/osmo-bsc_nat.cfg
  6. 4
      include/osmocom/bsc/Makefile.am
  7. 469
      include/osmocom/bsc/bsc_nat.h
  8. 55
      include/osmocom/bsc/bsc_nat_callstats.h
  9. 105
      include/osmocom/bsc/bsc_nat_sccp.h
  10. 47
      include/osmocom/bsc/nat_rewrite_trie.h
  11. 3
      src/libfilter/bsc_msg_acc.c
  12. 1
      src/libfilter/bsc_msg_filter.c
  13. 1
      src/osmo-bsc/osmo_bsc_msc.c
  14. 51
      src/osmo-bsc_nat/Makefile.am
  15. 220
      src/osmo-bsc_nat/bsc_filter.c
  16. 1162
      src/osmo-bsc_nat/bsc_mgcp_utils.c
  17. 1819
      src/osmo-bsc_nat/bsc_nat.c
  18. 531
      src/osmo-bsc_nat/bsc_nat_ctrl.c
  19. 119
      src/osmo-bsc_nat/bsc_nat_filter.c
  20. 730
      src/osmo-bsc_nat/bsc_nat_rewrite.c
  21. 259
      src/osmo-bsc_nat/bsc_nat_rewrite_trie.c
  22. 535
      src/osmo-bsc_nat/bsc_nat_utils.c
  23. 1408
      src/osmo-bsc_nat/bsc_nat_vty.c
  24. 247
      src/osmo-bsc_nat/bsc_sccp.c
  25. 452
      src/osmo-bsc_nat/bsc_ussd.c
  26. 2
      tests/Makefile.am
  27. 19
      tests/bsc-nat-trie/Makefile.am
  28. 95
      tests/bsc-nat-trie/bsc_nat_trie_test.c
  29. 20
      tests/bsc-nat-trie/bsc_nat_trie_test.ok
  30. 25
      tests/bsc-nat-trie/prefixes.csv
  31. 58
      tests/bsc-nat/Makefile.am
  32. 12
      tests/bsc-nat/barr.cfg
  33. 2
      tests/bsc-nat/barr_dup.cfg
  34. 275
      tests/bsc-nat/bsc_data.c
  35. 1595
      tests/bsc-nat/bsc_nat_test.c
  36. 39
      tests/bsc-nat/bsc_nat_test.ok
  37. 2
      tests/bsc-nat/prefixes.csv
  38. 7
      tests/testsuite.at
  39. 352
      tests/vty_test_runner.py

@ -49,10 +49,6 @@ PKG_CHECK_MODULES(LIBOSMOSIGTRAN, libosmo-sigtran >= 0.9.0)
PKG_CHECK_MODULES(LIBOSMOSCCP, libosmo-sccp >= 0.9.0)
PKG_CHECK_MODULES(LIBOSMOMGCPCLIENT, libosmo-mgcp-client >= 1.3.0)
#NOTE: osmo-bsc does not depend on libosmo-legacy-mgcp anymore, but we still
# need the dependancy for osmo-bsc-nat, which still uses the old API.
PKG_CHECK_MODULES(LIBOSMOLEGACYMGCP, libosmo-legacy-mgcp >= 1.3.0)
dnl checks for header files
AC_HEADER_STDC
@ -182,8 +178,6 @@ AC_OUTPUT(
tests/gsm0408/Makefile
tests/channel/Makefile
tests/bsc/Makefile
tests/bsc-nat/Makefile
tests/bsc-nat-trie/Makefile
tests/abis/Makefile
tests/subscr/Makefile
tests/nanobts_omlattr/Makefile

1
debian/control vendored

@ -16,7 +16,6 @@ Build-Depends: debhelper (>=9),
libosmo-sigtran-dev (>= 0.8.0),
libosmo-abis-dev (>= 0.3.2),
libosmo-netif-dev (>= 0.1.0),
libosmo-legacy-mgcp-dev (>= 1.0.0),
libosmo-mgcp-client-dev (>= 1.2.0)
Standards-Version: 3.9.8
Vcs-Git: git://git.osmocom.org/osmo-bsc.git

@ -1,13 +0,0 @@
nat
bsc 0
token lol
location_area_code 1234
description bsc
max-endpoints 32
paging forbidden 0
bsc 1
token wat
location_area_code 5678
description bsc
max-endpoints 32
paging forbidden 0

@ -1,66 +0,0 @@
!
! OsmoBSCNAT (0.12.0.266-2daa9) configuration saved from vty
!!
!
log stderr
logging filter all 1
logging color 1
logging timestamp 0
logging level all debug
logging level rll notice
logging level cc notice
logging level mm notice
logging level rr notice
logging level rsl notice
logging level nm info
logging level mncc notice
logging level pag notice
logging level meas notice
logging level sccp notice
logging level msc notice
logging level mgcp notice
logging level ho notice
logging level db notice
logging level ref notice
logging level gprs debug
logging level ns info
logging level bssgp debug
logging level llc debug
logging level sndcp debug
logging level nat notice
logging level ctrl notice
logging level smpp debug
logging level lglobal notice
logging level llapd notice
logging level linp notice
logging level lmux notice
logging level lmi notice
logging level lmib notice
logging level lsms notice
!
line vty
no login
!
mgcp
bind ip 0.0.0.0
bind port 2427
rtp bts-base 4000
rtp net-base 16000
rtp ip-dscp 0
no rtcp-omit
sdp audio-payload number 126
sdp audio-payload name AMR/8000
loop 0
number endpoints 1
call-agent ip 127.0.0.1
rtp transcoder-base 0
transcoder-remote-base 4000
nat
msc ip 127.0.0.1
msc port 5000
timeout auth 2
timeout ping 20
timeout pong 5
ip-dscp 0
bscs-config-file bscs.cfg
access-list bla imsi-allow ^11$

@ -7,9 +7,6 @@ noinst_HEADERS = \
arfcn_range_encode.h \
bsc_msc.h \
bsc_msg_filter.h \
bsc_nat.h \
bsc_nat_callstats.h \
bsc_nat_sccp.h \
bsc_rll.h \
bsc_subscriber.h \
bsc_subscr_conn_fsm.h \
@ -32,7 +29,6 @@ noinst_HEADERS = \
meas_feed.h \
meas_rep.h \
misdn.h \
nat_rewrite_trie.h \
network_listen.h \
openbscdefines.h \
osmo_bsc.h \

@ -1,469 +0,0 @@
/*
* (C) 2010-2012 by Holger Hans Peter Freyther <zecke@selfish.org>
* (C) 2010-2012 by On-Waves
* All Rights Reserved
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef BSC_NAT_H
#define BSC_NAT_H
#include <osmocom/legacy_mgcp/mgcp.h>
#include "bsc_msg_filter.h"
#include <osmocom/core/select.h>
#include <osmocom/core/msgb.h>
#include <osmocom/core/msgfile.h>
#include <osmocom/core/timer.h>
#include <osmocom/core/write_queue.h>
#include <osmocom/core/rate_ctr.h>
#include <osmocom/core/statistics.h>
#include <osmocom/gsm/protocol/gsm_04_08.h>
#include <regex.h>
#include <stdbool.h>
#define DIR_BSC 1
#define DIR_MSC 2
#define PAGIN_GROUP_UNASSIGNED -1
struct sccp_source_reference;
struct nat_sccp_connection;
struct bsc_nat_parsed;
struct bsc_nat;
struct bsc_nat_ussd_con;
struct nat_rewrite_rule;
/*
* Is this terminated to the MSC, to the local machine (release
* handling for IMSI filtering) or to a USSD provider?
*/
enum {
NAT_CON_END_MSC,
NAT_CON_END_LOCAL,
NAT_CON_END_USSD,
};
/*
* Pending command entry
*/
struct bsc_cmd_list {
struct llist_head list_entry;
struct osmo_timer_list timeout;
/* The NATed ID used on the bsc_con*/
int nat_id;
/* The command from the control connection */
struct ctrl_cmd *cmd;
};
/*
* Per BSC data structure
*/
struct bsc_connection {
struct llist_head list_entry;
/* do we know anything about this BSC? */
int authenticated;
uint8_t last_rand[16];
/* the fd we use to communicate */
struct osmo_wqueue write_queue;
/* incoming message buffer */
struct msgb *pending_msg;
/* the BSS associated */
struct bsc_config *cfg;
/* a timeout node */
struct osmo_timer_list id_timeout;
/* pong timeout */
struct osmo_timer_list ping_timeout;
struct osmo_timer_list pong_timeout;
/* mgcp related code */
char *_endpoint_status;
int number_multiplexes;
int max_endpoints;
int last_endpoint;
int next_transaction;
uint32_t pending_dlcx_count;
struct llist_head pending_dlcx;
/* track the pending commands for this BSC */
struct llist_head cmd_pending;
int last_id;
/* a back pointer */
struct bsc_nat *nat;
};
/**
* Stats per BSC
*/
struct bsc_config_stats {
struct rate_ctr_group *ctrg;
};
enum bsc_cfg_ctr {
BCFG_CTR_SCCP_CONN,
BCFG_CTR_SCCP_CALLS,
BCFG_CTR_NET_RECONN,
BCFG_CTR_DROPPED_SCCP,
BCFG_CTR_DROPPED_CALLS,
BCFG_CTR_REJECTED_CR,
BCFG_CTR_REJECTED_MSG,
BCFG_CTR_ILL_PACKET,
BCFG_CTR_CON_TYPE_LU,
BCFG_CTR_CON_CMSERV_RQ,
BCFG_CTR_CON_PAG_RESP,
BCFG_CTR_CON_SSA,
BCFG_CTR_CON_OTHER,
};
/**
* One BSC entry in the config
*/
struct bsc_config {
struct llist_head entry;
uint8_t key[16];
uint8_t key_present;
char *token;
int nr;
char *description;
/* imsi white and blacklist */
char *acc_lst_name;
int forbid_paging;
int paging_group;
/* audio handling */
int max_endpoints;
/* used internally for reload handling */
bool remove;
bool token_updated;
/* backpointer */
struct bsc_nat *nat;
struct bsc_config_stats stats;
struct llist_head lac_list;
/* Osmux is enabled/disabled per BSC */
int osmux;
/* Use a jitterbuffer on the bts-side receiver */
bool bts_use_jibuf;
/* Minimum and maximum buffer size for the jitter buffer, in ms */
uint32_t bts_jitter_delay_min;
uint32_t bts_jitter_delay_max;
/* Enabled if explicitly configured through VTY: */
bool bts_use_jibuf_override;
bool bts_jitter_delay_min_override;
bool bts_jitter_delay_max_override;
};
struct bsc_lac_entry {
struct llist_head entry;
uint16_t lac;
};
struct bsc_nat_paging_group {
struct llist_head entry;
/* list of lac entries */
struct llist_head lists;
int nr;
};
/**
* BSCs point of view of endpoints
*/
struct bsc_endpoint {
/* the operation that is carried out */
int transaction_state;
/* the pending transaction id */
char *transaction_id;
/* the bsc we are talking to */
struct bsc_connection *bsc;
};
/**
* Statistic for the nat.
*/
struct bsc_nat_statistics {
struct {
struct osmo_counter *conn;
struct osmo_counter *calls;
} sccp;
struct {
struct osmo_counter *reconn;
struct osmo_counter *auth_fail;
} bsc;
struct {
struct osmo_counter *reconn;
} msc;
struct {
struct osmo_counter *reconn;
} ussd;
};
/**
* the structure of the "nat" network
*/
struct bsc_nat {
/* active SCCP connections that need patching */
struct llist_head sccp_connections;
/* active BSC connections that need patching */
struct llist_head bsc_connections;
/* access lists */
struct llist_head access_lists;
/* paging groups */
struct llist_head paging_groups;
/* known BSC's */
struct llist_head bsc_configs;
int num_bsc;
int bsc_ip_dscp;
/* MGCP config */
struct mgcp_config *mgcp_cfg;
uint8_t mgcp_msg[4096];
int mgcp_length;
int mgcp_ipa;
int sdp_ensure_amr_mode_set;
/* msc things */
struct llist_head dests;
struct bsc_msc_dest *main_dest;
struct bsc_msc_connection *msc_con;
char *token;
/* timeouts */
int auth_timeout;
int ping_timeout;
int pong_timeout;
struct bsc_endpoint *bsc_endpoints;
/* path to file with BSC config */
char *include_file;
char *include_base;
char *resolved_path;
/* filter */
char *acc_lst_name;
/* Barring of subscribers with a rb tree */
struct rb_root imsi_black_list;
char *imsi_black_list_fn;
/* number rewriting */
char *num_rewr_name;
struct llist_head num_rewr;
char *num_rewr_post_name;
struct llist_head num_rewr_post;
char *smsc_rewr_name;
struct llist_head smsc_rewr;
char *tpdest_match_name;
struct llist_head tpdest_match;
char *sms_clear_tp_srr_name;
struct llist_head sms_clear_tp_srr;
char *sms_num_rewr_name;
struct llist_head sms_num_rewr;
/* more rewriting */
char *num_rewr_trie_name;
struct nat_rewrite *num_rewr_trie;
/* USSD messages we want to match */
char *ussd_lst_name;
char *ussd_query;
regex_t ussd_query_re;
char *ussd_token;
char *ussd_local;
struct osmo_fd ussd_listen;
struct bsc_nat_ussd_con *ussd_con;
/* for maintainenance */
int blocked;
/* statistics */
struct bsc_nat_statistics stats;
/* control interface */
struct ctrl_handle *ctrl;
};
struct bsc_nat_ussd_con {
struct osmo_wqueue queue;
struct bsc_nat *nat;
int authorized;
struct msgb *pending_msg;
struct osmo_timer_list auth_timeout;
};
/* create and init the structures */
struct bsc_config *bsc_config_alloc(struct bsc_nat *nat, const char *token,
unsigned int number);
struct bsc_config *bsc_config_num(struct bsc_nat *nat, int num);
struct bsc_config *bsc_config_by_token(struct bsc_nat *nat, const char *token, int len);
void bsc_config_free(struct bsc_config *);
void bsc_config_add_lac(struct bsc_config *cfg, int lac);
void bsc_config_del_lac(struct bsc_config *cfg, int lac);
int bsc_config_handles_lac(struct bsc_config *cfg, int lac);
struct bsc_nat *bsc_nat_alloc(void);
struct bsc_connection *bsc_connection_alloc(struct bsc_nat *nat);
void bsc_nat_set_msc_ip(struct bsc_nat *bsc, const char *ip);
void sccp_connection_destroy(struct nat_sccp_connection *);
void bsc_close_connection(struct bsc_connection *);
const char *bsc_con_type_to_string(int type);
/**
* parse the given message into the above structure
*/
struct bsc_nat_parsed *bsc_nat_parse(struct msgb *msg);
/**
* filter based on IP Access header in both directions
*/
int bsc_nat_filter_ipa(int direction, struct msgb *msg, struct bsc_nat_parsed *parsed);
int bsc_nat_vty_init(struct bsc_nat *nat);
int bsc_nat_find_paging(struct msgb *msg, const uint8_t **,int *len);
/**
* SCCP patching and handling
*/
struct nat_sccp_connection *create_sccp_src_ref(struct bsc_connection *bsc, struct bsc_nat_parsed *parsed);
int update_sccp_src_ref(struct nat_sccp_connection *sccp, struct bsc_nat_parsed *parsed);
void remove_sccp_src_ref(struct bsc_connection *bsc, struct msgb *msg, struct bsc_nat_parsed *parsed);
struct nat_sccp_connection *patch_sccp_src_ref_to_bsc(struct msgb *, struct bsc_nat_parsed *, struct bsc_nat *);
struct nat_sccp_connection *patch_sccp_src_ref_to_msc(struct msgb *, struct bsc_nat_parsed *, struct bsc_connection *);
struct nat_sccp_connection *bsc_nat_find_con_by_bsc(struct bsc_nat *, struct sccp_source_reference *);
/**
* MGCP/Audio handling
*/
int bsc_mgcp_nr_multiplexes(int max_endpoints);
int bsc_write_mgcp(struct bsc_connection *bsc, const uint8_t *data, unsigned int length);
int bsc_mgcp_assign_patch(struct nat_sccp_connection *, struct msgb *msg);
void bsc_mgcp_init(struct nat_sccp_connection *);
void bsc_mgcp_dlcx(struct nat_sccp_connection *);
void bsc_mgcp_free_endpoints(struct bsc_nat *nat);
int bsc_mgcp_nat_init(struct bsc_nat *nat);
struct nat_sccp_connection *bsc_mgcp_find_con(struct bsc_nat *, int endpoint_number);
struct msgb *bsc_mgcp_rewrite(char *input, int length, int endp, const char *ip,
int port, int osmux, int *first_payload_type, int mode_set);
void bsc_mgcp_forward(struct bsc_connection *bsc, struct msgb *msg);
void bsc_mgcp_clear_endpoints_for(struct bsc_connection *bsc);
int bsc_mgcp_parse_response(const char *str, int *code, char transaction[60]);
uint32_t bsc_mgcp_extract_ci(const char *resp);
int bsc_write(struct bsc_connection *bsc, struct msgb *msg, int id);
int bsc_do_write(struct osmo_wqueue *queue, struct msgb *msg, int id);
int bsc_write_msg(struct osmo_wqueue *queue, struct msgb *msg);
int bsc_write_cb(struct osmo_fd *bfd, struct msgb *msg);
int bsc_nat_msc_is_connected(struct bsc_nat *nat);
int bsc_conn_type_to_ctr(struct nat_sccp_connection *conn);
struct gsm48_hdr *bsc_unpack_dtap(struct bsc_nat_parsed *parsed, struct msgb *msg, uint32_t *len);
/** USSD filtering */
int bsc_ussd_init(struct bsc_nat *nat);
int bsc_ussd_check(struct nat_sccp_connection *con, struct bsc_nat_parsed *parsed, struct msgb *msg);
int bsc_ussd_close_connections(struct bsc_nat *nat);
struct msgb *bsc_nat_rewrite_msg(struct bsc_nat *nat, struct msgb *msg, struct bsc_nat_parsed *, const char *imsi);
/** paging group handling */
struct bsc_nat_paging_group *bsc_nat_paging_group_num(struct bsc_nat *nat, int group);
struct bsc_nat_paging_group *bsc_nat_paging_group_create(struct bsc_nat *nat, int group);
void bsc_nat_paging_group_delete(struct bsc_nat_paging_group *);
void bsc_nat_paging_group_add_lac(struct bsc_nat_paging_group *grp, int lac);
void bsc_nat_paging_group_del_lac(struct bsc_nat_paging_group *grp, int lac);
/**
* Number rewriting support below
*/
struct bsc_nat_num_rewr_entry {
struct llist_head list;
regex_t msisdn_reg;
regex_t num_reg;
char *replace;
uint8_t is_prefix_lookup;
};
void bsc_nat_num_rewr_entry_adapt(void *ctx, struct llist_head *head, const struct osmo_config_list *);
void bsc_nat_send_mgcp_to_msc(struct bsc_nat *bsc_nat, struct msgb *msg);
void bsc_nat_handle_mgcp(struct bsc_nat *bsc, struct msgb *msg);
struct ctrl_handle *bsc_nat_controlif_setup(struct bsc_nat *nat,
const char *bind_addr, int port);
void bsc_nat_ctrl_del_pending(struct bsc_cmd_list *pending);
int bsc_nat_handle_ctrlif_msg(struct bsc_connection *bsc, struct msgb *msg);
int bsc_nat_extract_lac(struct bsc_connection *bsc, struct nat_sccp_connection *con,
struct bsc_nat_parsed *parsed, struct msgb *msg);
int bsc_nat_filter_sccp_cr(struct bsc_connection *bsc, struct msgb *msg,
struct bsc_nat_parsed *, int *con_type, char **imsi,
struct bsc_filter_reject_cause *cause);
int bsc_nat_filter_dt(struct bsc_connection *bsc, struct msgb *msg,
struct nat_sccp_connection *con, struct bsc_nat_parsed *parsed,
struct bsc_filter_reject_cause *cause);
/**
* CTRL interface helper
*/
void bsc_nat_inform_reject(struct bsc_connection *bsc, const char *imsi);
/*
* Use for testing
*/
void bsc_nat_free(struct bsc_nat *nat);
#endif

@ -1,55 +0,0 @@
/*
* (C) 2010-2012 by Holger Hans Peter Freyther <zecke@selfish.org>
* (C) 2010-2012 by On-Waves
* All Rights Reserved
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef BSC_NAT_CALLSTATS_H
#define BSC_NAT_CALLSTATS_H
#include <osmocom/core/linuxlist.h>
#include <osmocom/sccp/sccp_types.h>
struct bsc_nat_call_stats {
struct llist_head entry;
struct sccp_source_reference remote_ref;
struct sccp_source_reference src_ref; /* as seen by the MSC */
/* mgcp options */
uint32_t ci;
int bts_rtp_port;
int net_rtp_port;
struct in_addr bts_addr;
struct in_addr net_addr;
/* as witnessed by the NAT */
uint32_t net_ps;
uint32_t net_os;
uint32_t bts_pr;
uint32_t bts_or;
uint32_t bts_expected;
uint32_t bts_jitter;
int bts_loss;
uint32_t trans_id;
int msc_endpoint;
};
#endif

@ -1,105 +0,0 @@
/* NAT utilities using SCCP types */
/*
* (C) 2010 by Holger Hans Peter Freyther <zecke@selfish.org>
* (C) 2010 by On-Waves
* All Rights Reserved
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef BSC_NAT_SCCP_H
#define BSC_NAT_SCCP_H
#include "bsc_msg_filter.h"
#include <osmocom/sccp/sccp_types.h>
/*
* For the NAT we will need to analyze and later patch
* the received message. This would require us to parse
* the IPA and SCCP header twice. Instead of doing this
* we will have one analyze structure and have the patching
* and filter operate on the same structure.
*/
struct bsc_nat_parsed {
/* ip access prototype */
int ipa_proto;
/* source local reference */
struct sccp_source_reference *src_local_ref;
/* destination local reference */
struct sccp_source_reference *dest_local_ref;
/* original value */
struct sccp_source_reference original_dest_ref;
/* called ssn number */
int called_ssn;
/* calling ssn number */
int calling_ssn;
/* sccp message type */
int sccp_type;
/* bssap type, e.g. 0 for BSS Management */
int bssap;
/* the gsm0808 message type */
int gsm_type;
};
/*
* Per SCCP source local reference patch table. It needs to
* be updated on new SCCP connections, connection confirm and reject,
* and on the loss of the BSC connection.
*/
struct nat_sccp_connection {
struct llist_head list_entry;
struct bsc_connection *bsc;
struct bsc_msc_connection *msc_con;
struct sccp_source_reference real_ref;
struct sccp_source_reference patched_ref;
struct sccp_source_reference remote_ref;
int has_remote_ref;
/* status */
int con_local;
int authorized;
struct bsc_filter_state filter_state;
uint16_t lac;
uint16_t ci;
/* remember which Transactions we run over the bypass */
char ussd_ti[8];
/*
* audio handling. Remember if we have ever send a CRCX,
* remember the endpoint used by the MSC and BSC.
*/
int msc_endp;
int bsc_endp;
/* timeout handling */
struct timespec creation_time;
};
#endif

@ -1,47 +0,0 @@
/*
* (C) 2013 by On-Waves
* (C) 2013 by Holger Hans Peter Freyther <zecke@selfish.org>
* All Rights Reserved
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef NAT_REWRITE_FILE_H
#define NAT_REWRITE_FILE_H
#include <osmocom/core/linuxrbtree.h>
struct vty;
struct nat_rewrite_rule {
/* For digits 0-9 and + */
struct nat_rewrite_rule *rules[11];
char empty;
char prefix[14];
char rewrite[6];
};
struct nat_rewrite {
struct nat_rewrite_rule rule;
size_t prefixes;
};
struct nat_rewrite *nat_rewrite_parse(void *ctx, const char *filename);
struct nat_rewrite_rule *nat_rewrite_lookup(struct nat_rewrite *, const char *prefix);
void nat_rewrite_dump(struct nat_rewrite *rewr);
void nat_rewrite_dump_vty(struct vty *vty, struct nat_rewrite *rewr);
#endif

@ -19,9 +19,10 @@
*/
#include <osmocom/bsc/bsc_msg_filter.h>
#include <osmocom/bsc/bsc_nat.h>
#include <osmocom/bsc/debug.h>
#include <osmocom/gsm/protocol/gsm_04_08.h>
#include <osmocom/core/rate_ctr.h>
#include <osmocom/core/stats.h>

@ -23,7 +23,6 @@
#include <osmocom/bsc/bsc_msg_filter.h>
#include <osmocom/bsc/bsc_nat.h>
#include <osmocom/bsc/bsc_msc.h>
#include <osmocom/bsc/gsm_data.h>
#include <osmocom/bsc/debug.h>

@ -20,7 +20,6 @@
*
*/
#include <osmocom/bsc/bsc_nat.h>
#include <osmocom/ctrl/control_cmd.h>
#include <osmocom/ctrl/control_if.h>
#include <osmocom/crypt/auth.h>

@ -1,51 +0,0 @@
AM_CPPFLAGS = \
$(all_includes) \
-I$(top_srcdir)/include \
-I$(top_builddir) \
$(NULL)
AM_CFLAGS = \
-Wall \
$(LIBOSMOCORE_CFLAGS) \
$(LIBOSMOGSM_CFLAGS) \
$(LIBOSMOVTY_CFLAGS) \
$(LIBOSMOCTRL_CFLAGS) \
$(LIBOSMOSCCP_CFLAGS) \
$(LIBOSMOLEGACYMGCP_CFLAGS) \
$(COVERAGE_CFLAGS) \
$(NULL)
AM_LDFLAGS = \
$(COVERAGE_LDFLAGS) \
$(NULL)
bin_PROGRAMS = \
osmo-bsc_nat \
$(NULL)
osmo_bsc_nat_SOURCES = \
bsc_filter.c \
bsc_mgcp_utils.c \
bsc_nat.c \
bsc_nat_utils.c \
bsc_nat_vty.c \
bsc_sccp.c \
bsc_ussd.c \
bsc_nat_ctrl.c \
bsc_nat_rewrite.c \
bsc_nat_rewrite_trie.c \
bsc_nat_filter.c \
$(NULL)
osmo_bsc_nat_LDADD = \
$(top_builddir)/src/libfilter/libfilter.a \
$(top_builddir)/src/libbsc/libbsc.a \
$(LIBOSMOSCCP_LIBS) \
$(LIBOSMOCORE_LIBS) \
$(LIBOSMOGSM_LIBS) \
$(LIBOSMOVTY_LIBS) \
$(LIBOSMOCTRL_LIBS) \
$(LIBOSMOSIGTRAN_LIBS) \
$(LIBRARY_GSM) \
-lrt \
$(NULL)

@ -1,220 +0,0 @@
/* BSC Multiplexer/NAT */
/*
* (C) 2010 by Holger Hans Peter Freyther <zecke@selfish.org>
* (C) 2010 by On-Waves
* All Rights Reserved
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#include <string.h>
#include <osmocom/bsc/bsc_nat.h>
#include <osmocom/bsc/bsc_nat_sccp.h>
#include <osmocom/bsc/ipaccess.h>
#include <osmocom/bsc/debug.h>
#include <osmocom/core/talloc.h>
#include <osmocom/gsm/protocol/gsm_08_08.h>
#include <osmocom/sccp/sccp.h>
/*
* The idea is to have a simple struct describing a IPA packet with
* SCCP SSN and the GSM 08.08 payload and decide. We will both have
* a white and a blacklist of packets we want to handle.
*
* TODO: Implement a "NOT" in the filter language.
*/
#define ALLOW_ANY -1
#define FILTER_TO_BSC 1
#define FILTER_TO_MSC 2
#define FILTER_TO_BOTH 3
struct bsc_pkt_filter {
int ipa_proto;
int dest_ssn;
int bssap;
int gsm;
int filter_dir;
};
static struct bsc_pkt_filter black_list[] = {
/* filter reset messages to the MSC */
{ IPAC_PROTO_SCCP, SCCP_SSN_BSSAP, 0, BSS_MAP_MSG_RESET, FILTER_TO_MSC },
/* filter reset ack messages to the BSC */
{ IPAC_PROTO_SCCP, SCCP_SSN_BSSAP, 0, BSS_MAP_MSG_RESET_ACKNOWLEDGE, FILTER_TO_BSC },
/* filter ip access */
{ IPAC_PROTO_IPACCESS, ALLOW_ANY, ALLOW_ANY, ALLOW_ANY, FILTER_TO_MSC },
};
static struct bsc_pkt_filter white_list[] = {
/* allow IPAC_PROTO_SCCP messages to both sides */
{ IPAC_PROTO_SCCP, ALLOW_ANY, ALLOW_ANY, ALLOW_ANY, FILTER_TO_BOTH },
/* allow MGCP messages to both sides */
{ IPAC_PROTO_MGCP_OLD, ALLOW_ANY, ALLOW_ANY, ALLOW_ANY, FILTER_TO_BOTH },
};
struct bsc_nat_parsed *bsc_nat_parse(struct msgb *msg)
{
struct sccp_parse_result result;
struct bsc_nat_parsed *parsed;
struct ipaccess_head *hh;
/* quick fail */
if (msg->len < 4)
return NULL;
parsed = talloc_zero(msg, struct bsc_nat_parsed);
if (!parsed)
return NULL;
/* more init */
parsed->ipa_proto = parsed->called_ssn = parsed->calling_ssn = -1;
parsed->sccp_type = parsed->bssap = parsed->gsm_type = -1;
/* start parsing */
hh = (struct ipaccess_head *) msg->data;
parsed->ipa_proto = hh->proto;
msg->l2h = &hh->data[0];
/* do a size check on the input */
if (ntohs(hh->len) != msgb_l2len(msg)) {
LOGP(DLINP, LOGL_ERROR, "Wrong input length?\n");
talloc_free(parsed);
return NULL;
}
/* analyze sccp down here */
if (parsed->ipa_proto == IPAC_PROTO_SCCP) {
memset(&result, 0, sizeof(result));
if (sccp_parse_header(msg, &result) != 0) {
talloc_free(parsed);
return 0;
}
if (msg->l3h && msgb_l3len(msg) < 3) {
LOGP(DNAT, LOGL_ERROR, "Not enough space or GSM payload\n");
talloc_free(parsed);
return 0;
}
parsed->sccp_type = sccp_determine_msg_type(msg);
parsed->src_local_ref = result.source_local_reference;
parsed->dest_local_ref = result.destination_local_reference;
if (parsed->dest_local_ref)
parsed->original_dest_ref = *parsed->dest_local_ref;
parsed->called_ssn = result.called.ssn;
parsed->calling_ssn = result.calling.ssn;
/* in case of connection confirm we have no payload */
if (msg->l3h) {
parsed->bssap = msg->l3h[0];
parsed->gsm_type = msg->l3h[2];
}
}
return parsed;
}
int bsc_nat_filter_ipa(int dir, struct msgb *msg, struct bsc_nat_parsed *parsed)
{
int i;
/* go through the blacklist now */
for (i = 0; i < ARRAY_SIZE(black_list); ++i) {
/* ignore the rule? */
if (black_list[i].filter_dir != FILTER_TO_BOTH
&& black_list[i].filter_dir != dir)
continue;
/* the proto is not blacklisted */
if (black_list[i].ipa_proto != ALLOW_ANY
&& black_list[i].ipa_proto != parsed->ipa_proto)
continue;
if (parsed->ipa_proto == IPAC_PROTO_SCCP) {
/* the SSN is not blacklisted */
if (black_list[i].dest_ssn != ALLOW_ANY
&& black_list[i].dest_ssn != parsed->called_ssn)
continue;
/* bssap */
if (black_list[i].bssap != ALLOW_ANY
&& black_list[i].bssap != parsed->bssap)
continue;
/* gsm */
if (black_list[i].gsm != ALLOW_ANY
&& black_list[i].gsm != parsed->gsm_type)
continue;
/* blacklisted */
LOGP(DNAT, LOGL_INFO, "Blacklisted with rule %d\n", i);
return 1;
} else {
/* blacklisted, we have no content sniffing yet */
LOGP(DNAT, LOGL_INFO, "Blacklisted with rule %d\n", i);
return 1;
}
}
/* go through the whitelust now */
for (i = 0; i < ARRAY_SIZE(white_list); ++i) {
/* ignore the rule? */
if (white_list[i].filter_dir != FILTER_TO_BOTH
&& white_list[i].filter_dir != dir)
continue;
/* the proto is not whitelisted */
if (white_list[i].ipa_proto != ALLOW_ANY
&& white_list[i].ipa_proto != parsed->ipa_proto)
continue;
if (parsed->ipa_proto == IPAC_PROTO_SCCP) {
/* the SSN is not whitelisted */
if (white_list[i].dest_ssn != ALLOW_ANY
&& white_list[i].dest_ssn != parsed->called_ssn)
continue;
/* bssap */
if (white_list[i].bssap != ALLOW_ANY
&& white_list[i].bssap != parsed->bssap)
continue;
/* gsm */
if (white_list[i].gsm != ALLOW_ANY
&& white_list[i].gsm != parsed->gsm_type)
continue;
/* whitelisted */
LOGP(DNAT, LOGL_INFO, "Whitelisted with rule %d\n", i);
return 0;
} else {
/* whitelisted */
return 0;
}
}
return 1;
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

@ -1,531 +0,0 @@
/*
* (C) 2011-2012 by Holger Hans Peter Freyther
* (C) 2011-2012 by On-Waves
* (C) 2011 by Daniel Willmann
* All Rights Reserved
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#include <osmocom/core/talloc.h>
#include <osmocom/ctrl/control_cmd.h>
#include <osmocom/ctrl/control_if.h>
#include <osmocom/ctrl/ports.h>
#include <osmocom/vty/misc.h>
#include <osmocom/bsc/ctrl.h>
#include <osmocom/bsc/bsc_nat.h>
#include <osmocom/bsc/bsc_msg_filter.h>
#include <osmocom/bsc/vty.h>
#include <osmocom/bsc/gsm_data.h>
#include <osmocom/bsc/debug.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#define NAT_MAX_CTRL_ID 65535
static struct bsc_nat *g_nat;
static int bsc_id_unused(int id, struct bsc_connection *bsc)
{
struct bsc_cmd_list *pending;
llist_for_each_entry(pending, &bsc->cmd_pending, list_entry) {
if (pending->nat_id == id)
return 0;
}
return 1;
}
static int get_next_free_bsc_id(struct bsc_connection *bsc)
{
int new_id, overflow = 0;
new_id = bsc->last_id;
do {
new_id++;
if (new_id == NAT_MAX_CTRL_ID) {
new_id = 1;
overflow++;
}
if (bsc_id_unused(new_id, bsc)) {
bsc->last_id = new_id;
return new_id;
}
} while (overflow != 2);
return -1;
}
void bsc_nat_ctrl_del_pending(struct bsc_cmd_list *pending)
{
llist_del(&pending->list_entry);
osmo_timer_del(&pending->timeout);
talloc_free(pending);
}
static struct bsc_cmd_list *bsc_get_pending(struct bsc_connection *bsc, char *id_str)
{
struct bsc_cmd_list *cmd_entry;
int id = atoi(id_str);
if (id == 0)
return NULL;
llist_for_each_entry(cmd_entry, &bsc->cmd_pending, list_entry) {
if (cmd_entry->nat_id == id) {
return cmd_entry;
}
}
return NULL;
}
int bsc_nat_handle_ctrlif_msg(struct bsc_connection *bsc, struct msgb *msg)
{
struct ctrl_cmd *cmd;
struct bsc_cmd_list *pending;
char *var;
cmd = ctrl_cmd_parse(bsc, msg);
msgb_free(msg);
if (!cmd) {
cmd = talloc_zero(bsc, struct ctrl_cmd);
if (!cmd) {
LOGP(DNAT, LOGL_ERROR, "OOM!\n");
return -ENOMEM;
}
cmd->type = CTRL_TYPE_ERROR;
cmd->id = "err";
cmd->reply = "Failed to parse command.";
goto err;
}
if (bsc->cfg && !llist_empty(&bsc->cfg->lac_list)) {
if (cmd->variable) {
var = talloc_asprintf(cmd, "net.0.bsc.%i.%s", bsc->cfg->nr,
cmd->variable);
if (!var) {
cmd->type = CTRL_TYPE_ERROR;
cmd->reply = "OOM";
goto err;
}
talloc_free(cmd->variable);
cmd->variable = var;
}
/* We have to handle TRAPs before matching pending */
if (cmd->type == CTRL_TYPE_TRAP) {
ctrl_cmd_send_to_all(bsc->nat->ctrl, cmd);
talloc_free(cmd);
return 0;
}
/* Find the pending command */
pending = bsc_get_pending(bsc, cmd->id);
if (pending) {
osmo_talloc_replace_string(cmd, &cmd->id, pending->cmd->id);
if (!cmd->id) {
cmd->type = CTRL_TYPE_ERROR;
cmd->reply = "OOM";
goto err;
}
ctrl_cmd_send(&pending->cmd->ccon->write_queue, cmd);
bsc_nat_ctrl_del_pending(pending);
} else {
/* We need to handle TRAPS here */
if ((cmd->type != CTRL_TYPE_ERROR) &&
(cmd->type != CTRL_TYPE_TRAP)) {
LOGP(DNAT, LOGL_NOTICE, "Got control message "
"from BSC without pending entry\n");
cmd->type = CTRL_TYPE_ERROR;
cmd->reply = "No request outstanding";
goto err;
}
}
}
talloc_free(cmd);
return 0;
err:
ctrl_cmd_send(&bsc->write_queue, cmd);
talloc_free(cmd);
return 0;
}
static void pending_timeout_cb(void *data)
{
struct bsc_cmd_list *pending = data;
LOGP(DNAT, LOGL_ERROR, "Command timed out\n");
pending->cmd->type = CTRL_TYPE_ERROR;
pending->cmd->reply = "Command timed out";
ctrl_cmd_send(&pending->cmd->ccon->write_queue, pending->cmd);
bsc_nat_ctrl_del_pending(pending);
}
static void ctrl_conn_closed_cb(struct ctrl_connection *connection)
{
struct bsc_connection *bsc;
struct bsc_cmd_list *pending, *tmp;
llist_for_each_entry(bsc, &g_nat->bsc_connections, list_entry) {
llist_for_each_entry_safe(pending, tmp, &bsc->cmd_pending, list_entry) {
if (pending->cmd->ccon == connection)
bsc_nat_ctrl_del_pending(pending);
}
}
}
static int extract_bsc_nr_variable(char *variable, unsigned int *nr, char **bsc_variable)
{
char *nr_str, *tmp, *saveptr = NULL;
tmp = strtok_r(variable, ".", &saveptr);
tmp = strtok_r(NULL, ".", &saveptr);
tmp = strtok_r(NULL, ".", &saveptr);
nr_str = strtok_r(NULL, ".", &saveptr);
if (!nr_str)
return 0;
*nr = atoi(nr_str);
tmp = strtok_r(NULL, "\0", &saveptr);
if (!tmp)
return 0;
*bsc_variable = tmp;
return 1;
}
static int forward_to_bsc(struct ctrl_cmd *cmd)
{
int ret = CTRL_CMD_HANDLED;
struct ctrl_cmd *bsc_cmd = NULL;
struct bsc_connection *bsc;
struct bsc_cmd_list *pending = NULL;
unsigned int nr;
char *bsc_variable;
/* Skip over the beginning (bsc.) */
if (!extract_bsc_nr_variable(cmd->variable, &nr, &bsc_variable)) {
cmd->reply = "command incomplete";
goto err;
}
llist_for_each_entry(bsc, &g_nat->bsc_connections, list_entry) {
if (!bsc->cfg)
continue;
if (!bsc->authenticated)
continue;
if (bsc->cfg->nr != nr)
continue;
/* Add pending command to list */
pending = talloc_zero(bsc, struct bsc_cmd_list);
if (!pending) {
cmd->reply = "OOM";
goto err;
}
pending->nat_id = get_next_free_bsc_id(bsc);
if (pending->nat_id < 0) {
cmd->reply = "No free ID found";
goto err;
}
bsc_cmd = ctrl_cmd_cpy(bsc, cmd);
if (!bsc_cmd) {
cmd->reply = "Could not forward command";
goto err;
}
talloc_free(bsc_cmd->id);
bsc_cmd->id = talloc_asprintf(bsc_cmd, "%i", pending->nat_id);
if (!bsc_cmd->id) {
cmd->reply = "OOM";
goto err;
}
talloc_free(bsc_cmd->variable);
bsc_cmd->variable = talloc_strdup(bsc_cmd, bsc_variable);