From 7339b55944e97077e4f74c4be34cd956ae44198b Mon Sep 17 00:00:00 2001
From: rich cannings <richc@google.com>
Date: Wed, 16 Feb 2011 13:43:44 -0800
Subject: Add user mode networking restrictions: a firewall

Command line options added and code is supported for:

  QEMU_OPTION_drop_udp
  QEMU_OPTION_drop_tcp
  QEMU_OPTION_allow_tcp
  QEMU_OPTION_drop_log
  QEMU_OPTION_net_forward
  QEMU_OPTION_max_dns_conns
  QEMU_OPTION_allow_udp
  QEMU_OPTION_dns_log

Also, this change makes the default max DNS connections unlimited.

Change-Id: I887213149956dda155ef514418365bd80d8f1236
---
 slirp-android/socket.c | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'slirp-android/socket.c')

diff --git a/slirp-android/socket.c b/slirp-android/socket.c
index 44640a8..285a8ef 100644
--- a/slirp-android/socket.c
+++ b/slirp-android/socket.c
@@ -570,6 +570,26 @@ sosendto(struct socket *so, struct mbuf *m)
 
 	addr_port = so->so_faddr_port;
 
+	/*
+	 * test for generic forwarding; this function replaces the arguments
+	 * only on success
+	 */
+	unsigned long faddr = addr_ip;
+        int fport = addr_port;
+
+	if (slirp_should_net_forward(faddr, fport, &faddr, &fport)) {
+	    slirp_drop_log(
+	       "Redirected UDP: src: 0x%08lx:0x%04x org dst: 0x%08lx:0x%04x "
+	       "new dst: 0x%08lx:0x%04x\n",
+	        so->so_laddr_ip, so->so_laddr_port,
+	        addr_ip, addr_port,
+	        faddr, fport
+	    );
+	}
+	addr_ip = faddr;
+	addr_port = fport;
+
+
         sock_address_init_inet(&addr, addr_ip, addr_port);
 
 	DEBUG_MISC((dfd, " sendto()ing, addr.sin_port=%d, addr.sin_addr.s_addr=%08x\n", addr_port, addr_ip));
@@ -779,4 +799,3 @@ sofwdrain(struct socket *so)
 	else
 		sofcantsendmore(so);
 }
-
-- 
cgit v1.1