Skip to content

Commit b7d9822

Browse files
PhirePhlyPhirePhly
committed
Log outer packet for Third Party messages
APRX previously only logged the inner payload of third party traffic, which usually gets discarded on I-gate since it's got TCPIP in the via path. This is a little confusing since it doesn't log the outer packet carrying the third party payload. This change adds logging of the full received packet, which gets discarded because it's third party, before it restarts parsing the inner packet and possibly discarding it as well if it came from the Internet.
1 parent 095a2cd commit b7d9822

File tree

1 file changed

+38
-50
lines changed

1 file changed

+38
-50
lines changed

igate.c

Lines changed: 38 additions & 50 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@
1313
#include "aprx.h"
1414

1515

16+
// Verify the sanity of a TNC2 formatted call,
17+
// and return a pointer to after the callsign
1618
const char *tnc2_verify_callsign_format(const char *t, int starok, int strictax25, const char *e)
1719
{
1820
const char *s = t;
@@ -157,8 +159,15 @@ void verblog(const char *portname, int istx, const char *tnc2buf, int tnc2len) {
157159
* It does presume that the record is in a buffer that can be written on!
158160
*/
159161

160-
void igate_to_aprsis(const char *portname, const int tncid, const char *tnc2buf, int tnc2addrlen, int tnc2len, const int discard0, const int strictax25_)
161-
{
162+
void igate_to_aprsis(
163+
const char *portname,
164+
const int tncid,
165+
const char *tnc2buf,
166+
int tnc2addrlen,
167+
int tnc2len,
168+
const int discard0,
169+
const int strictax25_) {
170+
162171
const char *tp, *t, *t0;
163172
const char *s;
164173
const char *ae;
@@ -170,26 +179,20 @@ void igate_to_aprsis(const char *portname, const int tncid, const char *tnc2buf,
170179
ae = tp + tnc2addrlen; // 3rd-party recursion moves ae
171180
e = tp + tnc2len; // stays the same all the time
172181

173-
redo_frame_filter:;
182+
redo_frame_filter:;
174183

175184
t = tp;
176185
t0 = NULL;
177186

178187
/* t == beginning of the TNC2 format packet */
179188

180-
/*
181-
* If any of following matches, discard the packet!
182-
* next if ($axpath =~ m/^WIDE/io); # Begins with = is sourced by..
183-
* next if ($axpath =~ m/^RELAY/io);
184-
* next if ($axpath =~ m/^TRACE/io);
185-
*/
189+
// Check the source callsign to see if it's an invalid source
186190
s = tnc2_forbidden_source_stationid(t, strictax25, e);
187191
if (s)
188192
t = (char *) s;
189193
else {
190194
/* Forbidden in source fields.. */
191-
if (debug)
192-
printf("TNC2 forbidden source stationid: '%.20s'\n", t);
195+
if (debug) printf("TNC2 forbidden source stationid: '%.20s'\n", t);
193196
goto discard;
194197
}
195198

@@ -198,81 +201,67 @@ void igate_to_aprsis(const char *portname, const int tncid, const char *tnc2buf,
198201
if (*t == '>') {
199202
++t;
200203
} else {
201-
if (debug)
202-
printf("TNC2 bad address format, expected '>', got: '%.20s'\n", t);
204+
if (debug) printf("TNC2 bad address format, expected '>', got: '%.20s'\n", t);
203205
goto discard;
204206
}
205207

206208
s = tnc2_forbidden_destination_stationid(t, strictax25, e);
207209
if (s)
208210
t = (char *) s;
209211
else {
210-
if (debug)
211-
printf("TNC2 forbidden (by REGEX) destination stationid: '%.20s'\n", t);
212+
if (debug) printf("TNC2 forbidden (by REGEX) destination stationid: '%.20s'\n", t);
212213
goto discard;
213214
}
214215

215216
while (*t && t < ae) {
216217
if (*t == ',') {
217218
++t;
218219
} else {
219-
if (debug)
220-
printf("TNC2 via address syntax bug, wanted ',' or ':', got: '%.20s'\n", t);
220+
if (debug) printf("TNC2 via address syntax bug, wanted ',' or ':', got: '%.20s'\n", t);
221221
goto discard;
222222
}
223223

224-
/*
225-
* next if ($axpath =~ m/RFONLY/io); # Has any of these in via fields..
226-
* next if ($axpath =~ m/TCPIP/io);
227-
* next if ($axpath =~ m/TCPXX/io);
228-
* next if ($axpath =~ m/NOGATE/io); # .. drop it.
229-
*/
224+
// Sanity check the via hops to make sure we don't have a TCP/IP via
225+
// or a NOGATE via so we shouldn't gateway this to the Internet
230226

231227
s = tnc2_forbidden_via_stationid(t, strictax25, e);
232228
if (!s) {
233229
/* Forbidden in via fields.. */
234-
if (debug)
235-
printf("TNC2 forbidden VIA stationid, got: '%.20s'\n", t);
230+
if (debug) printf("TNC2 forbidden VIA stationid, got: '%.20s'\n", t);
236231
goto discard;
237232
} else
238233
t = (char *) s;
239234

240-
241235
}
242-
/* Now we have processed the address, this should be ABORT time if
243-
the current character is not ':' ! */
236+
237+
// We've now parsed the whole header. The next character REALLY needs to be
238+
// a colon, or something is terribly wrong.
244239
if (*t == ':') {
245-
/* Don't zero! */
246-
++t;
240+
/* Don't zero! */
241+
++t;
247242
} else {
248-
if (debug)
249-
printf("TNC2 address parsing did not find ':': '%.20s'\n",t);
243+
if (debug) printf("TNC2 address parsing did not find ':': '%.20s'\n",t);
250244
goto discard;
251245
}
252246
t0 = t; // Start of payload
253247

254248
/* Now 't' points to data.. */
255249

256250

257-
/*
258-
if (tnc2_forbidden_data(t)) {
259-
if (debug)
260-
printf("Forbidden data in TNC2 packet - REGEX match");
261-
goto discard;
262-
}
263-
*/
264-
265-
/* Will not relay messages that begin with '?' char: */
251+
// DON'T I-gate ? APRS query packets, since that can cause bad things
266252
if (*t == '?') {
267-
if (debug)
268-
printf("Will not relay packets where payload begins with '?'\n");
253+
if (debug) printf("Will not I-gate packets where payload begins with '?'\n");
269254
goto discard;
270255
}
271256

272257
/* Messages begining with '}' char are 3rd-party frames.. */
273258
if (*t == '}') {
274259
/* DEBUG OUTPUT TO STDOUT ! */
275260
verblog(portname, 0, tp, tnc2len);
261+
// Let's log the whole packet which we received
262+
// But we're definitely discarding the outer packet because it's
263+
// Third party
264+
rflog(portname, 'd', discard, tp, tnc2len);
276265

277266
strictax25 = 0;
278267
/* Copy the 3rd-party message content into begining of the buffer... */
@@ -283,8 +272,8 @@ void igate_to_aprsis(const char *portname, const int tncid, const char *tnc2buf,
283272
// Address end must be searched again
284273
ae = memchr(tp, ':', tnc2len);
285274
if (ae == NULL) {
286-
// Bad 3rd-party frame
287-
goto discard;
275+
// Bad 3rd-party frame
276+
goto discard;
288277
}
289278
tnc2addrlen = (int)(ae - tp);
290279

@@ -303,24 +292,23 @@ void igate_to_aprsis(const char *portname, const int tncid, const char *tnc2buf,
303292
* future packet formats, experiments and improvements. The
304293
* packet's sender and recipient should agree on the format only.
305294
*/
306-
295+
307296
/* _NO_ ending CRLF, the APRSIS subsystem adds it. */
308297

309298
discard = aprsis_queue(tp, tnc2addrlen, qTYPE_IGATED, portname, t0, e - t0); /* Send it.. */
310299
/* DEBUG OUTPUT TO STDOUT ! */
311300
verblog(portname, 0, tp, tnc2len);
312301

313302
if (0) {
314-
discard:;
315-
303+
discard:;
316304
discard = -1;
317305
}
318306

319307
if (discard) {
320308
erlang_add(portname, ERLANG_DROP, tnc2len, 1);
321-
rflog(portname, 'd', discard, tp, tnc2len);
309+
rflog(portname, 'd', discard, tp, tnc2len);
322310
} else {
323-
rflog(portname, 'R', discard, tp, tnc2len);
311+
rflog(portname, 'R', discard, tp, tnc2len);
324312
}
325313
}
326314

0 commit comments

Comments
 (0)