Commit ffcf53fc authored by Robert Schmidt's avatar Robert Schmidt

Reintroduce the IP rule&route for OAI UE through setup_ue_ipv4_route()

These rules & route are necessary to properly send packets on oaitun_ue1
interface:

1. This forces the packets coming from a subnet different than the UE's
   subnet to go back through oaitun_ue1 rather than via what the default
   route defined on the system (e.g., important if ping from the
   internet arrives).

2. On machines setting net.ipv4.conf.oaitun_ue1.rp_filter=1 (e.g.
   RHEL), this prevents that source filtering for packets coming back is
   applied and those packets be dropped. By default, many hosts have
   rp_filter=2, so no strict source filtering is applied, and it would
   work; on others, this rule prevents source filter dropping.
parent 2da09aba
...@@ -29,6 +29,7 @@ ...@@ -29,6 +29,7 @@
#include "nas_config.h" #include "nas_config.h"
#include "common/utils/LOG/log.h" #include "common/utils/LOG/log.h"
#include "common/utils/system.h"
/* /*
* \brief set a genneric interface parameter * \brief set a genneric interface parameter
...@@ -107,3 +108,29 @@ bool nas_config(int interface_id, const char *ip, const char *ifpref) ...@@ -107,3 +108,29 @@ bool nas_config(int interface_id, const char *ip, const char *ifpref)
close(sock_fd); close(sock_fd);
return success; return success;
} }
void setup_ue_ipv4_route(int interface_id, const char *ipv4, const char *ifpref)
{
int table_id = interface_id - 1 + 10000;
char interfaceName[IFNAMSIZ];
snprintf(interfaceName, sizeof(interfaceName), "%s%d", ifpref, interface_id);
char command_line[500];
int res = sprintf(command_line,
"ip rule add from %s/32 table %d && "
"ip rule add to %s/32 table %d && "
"ip route add default dev %s table %d",
ipv4,
table_id,
ipv4,
table_id,
interfaceName,
table_id);
if (res < 0) {
LOG_E(UTIL, "Could not create ip rule/route commands string\n");
return;
}
background_system(command_line);
}
...@@ -40,4 +40,18 @@ ...@@ -40,4 +40,18 @@
*/ */
bool nas_config(int interface_id, const char *ip, const char *ifprefix); bool nas_config(int interface_id, const char *ip, const char *ifprefix);
/*!
* \brief Setup a IPv4 rule in table (interface_id - 1 + 10000) and route to
* force packets coming into interface back through it, and workaround
* net.ipv4.conf.all.rp_filter=2 (strict source filtering would filter out
* responses of packets going out through interface to another IP address not
* in same subnet).
* \param[in] interface_id number of this interface, prepended after interface
* name
* \param[in] ipv4 IPv4 address of the UE
* \param[in] ifprefix interface name prefix to which an interface number will
* be appended
*/
void setup_ue_ipv4_route(int interface_id, const char *ipv4, const char *ifpref);
#endif /*NAS_CONFIG_H_*/ #endif /*NAS_CONFIG_H_*/
...@@ -119,6 +119,7 @@ void capture_pdu_session_establishment_accept_msg(uint8_t *buffer, uint32_t msg_ ...@@ -119,6 +119,7 @@ void capture_pdu_session_establishment_accept_msg(uint8_t *buffer, uint32_t msg_
addr->pdu_addr_oct3, addr->pdu_addr_oct3,
addr->pdu_addr_oct4); addr->pdu_addr_oct4);
nas_config(1, ip, "oaitun_ue"); nas_config(1, ip, "oaitun_ue");
setup_ue_ipv4_route(1, ip, "oaitun_ue");
LOG_T(NAS, "PDU SESSION ESTABLISHMENT ACCEPT - Received UE IP: %s\n", ip); LOG_T(NAS, "PDU SESSION ESTABLISHMENT ACCEPT - Received UE IP: %s\n", ip);
} else { } else {
curPtr += psea_msg.pdu_addr_ie.pdu_length; curPtr += psea_msg.pdu_addr_ie.pdu_length;
......
...@@ -846,6 +846,7 @@ void decodeDownlinkNASTransport(as_nas_info_t *initialNasMsg, uint8_t * pdu_buff ...@@ -846,6 +846,7 @@ void decodeDownlinkNASTransport(as_nas_info_t *initialNasMsg, uint8_t * pdu_buff
sprintf(ip, "%d.%d.%d.%d", *(ip_p), *(ip_p + 1), *(ip_p + 2), *(ip_p + 3)); sprintf(ip, "%d.%d.%d.%d", *(ip_p), *(ip_p + 1), *(ip_p + 2), *(ip_p + 3));
LOG_A(NAS, "Received PDU Session Establishment Accept\n"); LOG_A(NAS, "Received PDU Session Establishment Accept\n");
nas_config(1, ip, "oaitun_ue"); nas_config(1, ip, "oaitun_ue");
setup_ue_ipv4_route(1, ip, "oaitun_ue");
} else { } else {
LOG_E(NAS, "Received unexpected message in DLinformationTransfer %d\n", msg_type); LOG_E(NAS, "Received unexpected message in DLinformationTransfer %d\n", msg_type);
} }
...@@ -1432,6 +1433,7 @@ void *nas_nrue(void *args_p) ...@@ -1432,6 +1433,7 @@ void *nas_nrue(void *args_p)
snprintf(ip, sizeof(ip), "%d.%d.%d.%d", *(ip_p), *(ip_p + 1), *(ip_p + 2), *(ip_p + 3)); snprintf(ip, sizeof(ip), "%d.%d.%d.%d", *(ip_p), *(ip_p + 1), *(ip_p + 2), *(ip_p + 3));
LOG_I(NAS, "Received PDU Session Establishment Accept, UE IP: %s\n", ip); LOG_I(NAS, "Received PDU Session Establishment Accept, UE IP: %s\n", ip);
nas_config(1, ip, "oaitun_ue"); nas_config(1, ip, "oaitun_ue");
setup_ue_ipv4_route(1, ip, "oaitun_ue");
break; break;
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment