Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-sgsn / 5a45b156d4165fed159a290c46676d1383ffcc80 / . / src / osmo-bsc_nat / bsc_nat.c
blob: e0eb635f0028da8c67191a7f44d1c8e8749e844d [file] [log] [blame]
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1/* BSC Multiplexer/NAT */
2
3/*
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]4 * (C) 2010-2011 by Holger Hans Peter Freyther <zecke@selfish.org>
5 * (C) 2010-2011 by On-Waves
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]6 * (C) 2009 by Harald Welte <laforge@gnumonks.org>
7 * All Rights Reserved
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
18 *
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 *
22 */
23#include <sys/socket.h>
24#include <netinet/in.h>
25#include <netinet/tcp.h>
26#include <arpa/inet.h>
27
28#include <errno.h>
29#include <signal.h>
30#include <stdio.h>
31#include <stdlib.h>
32#include <time.h>
33#include <unistd.h>
34
35#define _GNU_SOURCE
36#include <getopt.h>
37
38#include <openbsc/debug.h>
39#include <openbsc/bsc_msc.h>
40#include <openbsc/bsc_nat.h>
41#include <openbsc/bsc_nat_sccp.h>
42#include <openbsc/ipaccess.h>
43#include <openbsc/abis_nm.h>
44#include <openbsc/socket.h>
45#include <openbsc/vty.h>
46
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]47#include <osmocom/core/application.h>
48#include <osmocom/core/talloc.h>
49#include <osmocom/core/process.h>
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]50
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]51#include <osmocom/gsm/gsm0808.h>
52#include <osmocom/gsm/protocol/gsm_08_08.h>
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]53
54#include <osmocom/vty/telnet_interface.h>
55#include <osmocom/vty/vty.h>
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]56#include <osmocom/vty/logging.h>
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]57
58#include <osmocom/sccp/sccp.h>
59
60#include "../../bscconfig.h"
61
62#define SCCP_CLOSE_TIME 20
63#define SCCP_CLOSE_TIME_TIMEOUT 19
64
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]65static const char *config_file = "bsc-nat.cfg";
66static struct in_addr local_addr;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]67static struct osmo_fd bsc_listen;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]68static const char *msc_ip = NULL;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]69static struct osmo_timer_list sccp_close;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]70static int daemonize = 0;
71
72const char *openbsc_copyright =
73 "Copyright (C) 2010 Holger Hans Peter Freyther and On-Waves\r\n"
74 "License AGPLv3+: GNU AGPL version 3 or later <http://gnu.org/licenses/agpl-3.0.html>\r\n"
75 "This is free software: you are free to change and redistribute it.\r\n"
76 "There is NO WARRANTY, to the extent permitted by law.\r\n";
77
78static struct bsc_nat *nat;
79static void bsc_send_data(struct bsc_connection *bsc, const uint8_t *data, unsigned int length, int);
80static void msc_send_reset(struct bsc_msc_connection *con);
81static void bsc_stat_reject(int filter, struct bsc_connection *bsc, int normal);
82
83struct bsc_config *bsc_config_num(struct bsc_nat *nat, int num)
84{
85 struct bsc_config *conf;
86
87 llist_for_each_entry(conf, &nat->bsc_configs, entry)
88 if (conf->nr == num)
89 return conf;
90
91 return NULL;
92}
93
94static void queue_for_msc(struct bsc_msc_connection *con, struct msgb *msg)
95{
96 if (!con) {
97 LOGP(DINP, LOGL_ERROR, "No MSC Connection assigned. Check your code.\n");
98 msgb_free(msg);
99 return;
100 }
101
102
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]103 if (osmo_wqueue_enqueue(&con->write_queue, msg) != 0) {
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]104 LOGP(DINP, LOGL_ERROR, "Failed to enqueue the write.\n");
105 msgb_free(msg);
106 }
107}
108
109static void send_reset_ack(struct bsc_connection *bsc)
110{
111 static const uint8_t gsm_reset_ack[] = {
112 0x09, 0x00, 0x03, 0x07, 0x0b, 0x04, 0x43, 0x01,
113 0x00, 0xfe, 0x04, 0x43, 0x5c, 0x00, 0xfe, 0x03,
114 0x00, 0x01, 0x31,
115 };
116
117 bsc_send_data(bsc, gsm_reset_ack, sizeof(gsm_reset_ack), IPAC_PROTO_SCCP);
118}
119
120static void send_ping(struct bsc_connection *bsc)
121{
122 static const uint8_t id_ping[] = {
123 IPAC_MSGT_PING,
124 };
125
126 bsc_send_data(bsc, id_ping, sizeof(id_ping), IPAC_PROTO_IPACCESS);
127}
128
129static void send_pong(struct bsc_connection *bsc)
130{
131 static const uint8_t id_pong[] = {
132 IPAC_MSGT_PONG,
133 };
134
135 bsc_send_data(bsc, id_pong, sizeof(id_pong), IPAC_PROTO_IPACCESS);
136}
137
138static void bsc_pong_timeout(void *_bsc)
139{
140 struct bsc_connection *bsc = _bsc;
141
142 LOGP(DNAT, LOGL_ERROR, "BSC Nr: %d PONG timeout.\n", bsc->cfg->nr);
143 bsc_close_connection(bsc);
144}
145
146static void bsc_ping_timeout(void *_bsc)
147{
148 struct bsc_connection *bsc = _bsc;
149
150 if (bsc->nat->ping_timeout < 0)
151 return;
152
153 send_ping(bsc);
154
155 /* send another ping in 20 seconds */
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]156 osmo_timer_schedule(&bsc->ping_timeout, bsc->nat->ping_timeout, 0);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]157
158 /* also start a pong timer */
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]159 osmo_timer_schedule(&bsc->pong_timeout, bsc->nat->pong_timeout, 0);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]160}
161
162static void start_ping_pong(struct bsc_connection *bsc)
163{
164 bsc->pong_timeout.data = bsc;
165 bsc->pong_timeout.cb = bsc_pong_timeout;
166 bsc->ping_timeout.data = bsc;
167 bsc->ping_timeout.cb = bsc_ping_timeout;
168
169 bsc_ping_timeout(bsc);
170}
171
172static void send_id_ack(struct bsc_connection *bsc)
173{
174 static const uint8_t id_ack[] = {
175 IPAC_MSGT_ID_ACK
176 };
177
178 bsc_send_data(bsc, id_ack, sizeof(id_ack), IPAC_PROTO_IPACCESS);
179}
180
181static void send_id_req(struct bsc_connection *bsc)
182{
183 static const uint8_t id_req[] = {
184 IPAC_MSGT_ID_GET,
185 0x01, IPAC_IDTAG_UNIT,
186 0x01, IPAC_IDTAG_MACADDR,
187 0x01, IPAC_IDTAG_LOCATION1,
188 0x01, IPAC_IDTAG_LOCATION2,
189 0x01, IPAC_IDTAG_EQUIPVERS,
190 0x01, IPAC_IDTAG_SWVERSION,
191 0x01, IPAC_IDTAG_UNITNAME,
192 0x01, IPAC_IDTAG_SERNR,
193 };
194
195 bsc_send_data(bsc, id_req, sizeof(id_req), IPAC_PROTO_IPACCESS);
196}
197
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]198static struct msgb *nat_create_rlsd(struct sccp_connections *conn)
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]199{
200 struct sccp_connection_released *rel;
201 struct msgb *msg;
202
203 msg = msgb_alloc_headroom(4096, 128, "rlsd");
204 if (!msg) {
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]205 LOGP(DNAT, LOGL_ERROR, "Failed to allocate released.\n");
206 return NULL;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]207 }
208
209 msg->l2h = msgb_put(msg, sizeof(*rel));
210 rel = (struct sccp_connection_released *) msg->l2h;
211 rel->type = SCCP_MSG_TYPE_RLSD;
212 rel->release_cause = SCCP_RELEASE_CAUSE_SCCP_FAILURE;
213 rel->destination_local_reference = conn->remote_ref;
214 rel->source_local_reference = conn->patched_ref;
215
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]216 return msg;
217}
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]218
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]219static void nat_send_rlsd_ussd(struct bsc_nat *nat, struct sccp_connections *conn)
220{
221 struct msgb *msg;
222
223 if (!nat->ussd_con)
224 return;
225
226 msg = nat_create_rlsd(conn);
227 if (!msg)
228 return;
229
230 bsc_do_write(&nat->ussd_con->queue, msg, IPAC_PROTO_SCCP);
231}
232
233static void nat_send_rlsd_msc(struct sccp_connections *conn)
234{
235 struct msgb *msg;
236
237 msg = nat_create_rlsd(conn);
238 if (!msg)
239 return;
240
241 ipaccess_prepend_header(msg, IPAC_PROTO_SCCP);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]242 queue_for_msc(conn->msc_con, msg);
243}
244
245static void nat_send_rlsd_bsc(struct sccp_connections *conn)
246{
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]247 struct msgb *msg;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]248 struct sccp_connection_released *rel;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]249
250 msg = msgb_alloc_headroom(4096, 128, "rlsd");
251 if (!msg) {
252 LOGP(DNAT, LOGL_ERROR, "Failed to allocate clear command.\n");
253 return;
254 }
255
256 msg->l2h = msgb_put(msg, sizeof(*rel));
257 rel = (struct sccp_connection_released *) msg->l2h;
258 rel->type = SCCP_MSG_TYPE_RLSD;
259 rel->release_cause = SCCP_RELEASE_CAUSE_SCCP_FAILURE;
260 rel->destination_local_reference = conn->real_ref;
261 rel->source_local_reference = conn->remote_ref;
262
263 bsc_write(conn->bsc, msg, IPAC_PROTO_SCCP);
264}
265
266static struct msgb *nat_creat_clrc(struct sccp_connections *conn, uint8_t cause)
267{
268 struct msgb *msg;
269 struct msgb *sccp;
270
271 msg = gsm0808_create_clear_command(cause);
272 if (!msg) {
273 LOGP(DNAT, LOGL_ERROR, "Failed to allocate clear command.\n");
274 return NULL;
275 }
276
277 sccp = sccp_create_dt1(&conn->real_ref, msg->data, msg->len);
278 if (!sccp) {
279 LOGP(DNAT, LOGL_ERROR, "Failed to allocate SCCP msg.\n");
280 msgb_free(msg);
281 return NULL;
282 }
283
284 msgb_free(msg);
285 return sccp;
286}
287
288static int nat_send_clrc_bsc(struct sccp_connections *conn)
289{
290 struct msgb *sccp;
291
292 sccp = nat_creat_clrc(conn, 0x20);
293 if (!sccp)
294 return -1;
295 return bsc_write(conn->bsc, sccp, IPAC_PROTO_SCCP);
296}
297
298static void nat_send_rlc(struct bsc_msc_connection *msc_con,
299 struct sccp_source_reference *src,
300 struct sccp_source_reference *dst)
301{
302 struct sccp_connection_release_complete *rlc;
303 struct msgb *msg;
304
305 msg = msgb_alloc_headroom(4096, 128, "rlc");
306 if (!msg) {
307 LOGP(DNAT, LOGL_ERROR, "Failed to allocate clear command.\n");
308 return;
309 }
310
311 msg->l2h = msgb_put(msg, sizeof(*rlc));
312 rlc = (struct sccp_connection_release_complete *) msg->l2h;
313 rlc->type = SCCP_MSG_TYPE_RLC;
314 rlc->destination_local_reference = *dst;
315 rlc->source_local_reference = *src;
316
317 ipaccess_prepend_header(msg, IPAC_PROTO_SCCP);
318
319 queue_for_msc(msc_con, msg);
320}
321
322static void send_mgcp_reset(struct bsc_connection *bsc)
323{
324 static const uint8_t mgcp_reset[] = {
325 "RSIP 1 13@mgw MGCP 1.0\r\n"
326 };
327
328 bsc_write_mgcp(bsc, mgcp_reset, sizeof mgcp_reset - 1);
329}
330
331/*
332 * Below is the handling of messages coming
333 * from the MSC and need to be forwarded to
334 * a real BSC.
335 */
336static void initialize_msc_if_needed(struct bsc_msc_connection *msc_con)
337{
338 if (msc_con->first_contact)
339 return;
340
341 msc_con->first_contact = 1;
342 msc_send_reset(msc_con);
343}
344
345static void send_id_get_response(struct bsc_msc_connection *msc_con)
346{
347 struct msgb *msg = bsc_msc_id_get_resp(nat->token);
348 if (!msg)
349 return;
350
351 ipaccess_prepend_header(msg, IPAC_PROTO_IPACCESS);
352 queue_for_msc(msc_con, msg);
353}
354
355/*
356 * Currently we are lacking refcounting so we need to copy each message.
357 */
358static void bsc_send_data(struct bsc_connection *bsc, const uint8_t *data, unsigned int length, int proto)
359{
360 struct msgb *msg;
361
362 if (length > 4096 - 128) {
363 LOGP(DINP, LOGL_ERROR, "Can not send message of that size.\n");
364 return;
365 }
366
367 msg = msgb_alloc_headroom(4096, 128, "to-bsc");
368 if (!msg) {
369 LOGP(DINP, LOGL_ERROR, "Failed to allocate memory for BSC msg.\n");
370 return;
371 }
372
373 msg->l2h = msgb_put(msg, length);
374 memcpy(msg->data, data, length);
375
376 bsc_write(bsc, msg, proto);
377}
378
379/*
380 * Update the release statistics
381 */
382static void bsc_stat_reject(int filter, struct bsc_connection *bsc, int normal)
383{
384 if (!bsc->cfg) {
385 LOGP(DNAT, LOGL_ERROR, "BSC is not authenticated.");
386 return;
387 }
388
389 if (filter >= 0) {
390 LOGP(DNAT, LOGL_ERROR, "Connection was not rejected");
391 return;
392 }
393
394 if (filter == -1)
395 rate_ctr_inc(&bsc->cfg->stats.ctrg->ctr[BCFG_CTR_ILL_PACKET]);
396 else if (normal)
397 rate_ctr_inc(&bsc->cfg->stats.ctrg->ctr[BCFG_CTR_REJECTED_MSG]);
398 else
399 rate_ctr_inc(&bsc->cfg->stats.ctrg->ctr[BCFG_CTR_REJECTED_CR]);
400}
401
402/*
403 * Release an established connection. We will have to release it to the BSC
404 * and to the network and we do it the following way.
405 * 1.) Give up on the MSC side
406 * 1.1) Send a RLSD message, it is a bit non standard but should work, we
407 * ignore the RLC... we might complain about it. Other options would
408 * be to send a Release Request, handle the Release Complete..
409 * 1.2) Mark the data structure to be con_local and wait for 2nd
410 *
411 * 2.) Give up on the BSC side
412 * 2.1) Depending on the con type reject the service, or just close it
413 */
414static void bsc_send_con_release(struct bsc_connection *bsc, struct sccp_connections *con)
415{
416 struct msgb *rlsd;
417 /* 1. release the network */
418 rlsd = sccp_create_rlsd(&con->patched_ref, &con->remote_ref,
419 SCCP_RELEASE_CAUSE_END_USER_ORIGINATED);
420 if (!rlsd)
421 LOGP(DNAT, LOGL_ERROR, "Failed to create RLSD message.\n");
422 else {
423 ipaccess_prepend_header(rlsd, IPAC_PROTO_SCCP);
424 queue_for_msc(con->msc_con, rlsd);
425 }
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]426 con->con_local = NAT_CON_END_LOCAL;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]427 con->msc_con = NULL;
428
429 /* 2. release the BSC side */
430 if (con->con_type == NAT_CON_TYPE_LU) {
431 struct msgb *payload, *udt;
432 payload = gsm48_create_loc_upd_rej(GSM48_REJECT_PLMN_NOT_ALLOWED);
433
434 if (payload) {
435 gsm0808_prepend_dtap_header(payload, 0);
436 udt = sccp_create_dt1(&con->real_ref, payload->data, payload->len);
437 if (udt)
438 bsc_write(bsc, udt, IPAC_PROTO_SCCP);
439 else
440 LOGP(DNAT, LOGL_ERROR, "Failed to create DT1\n");
441
442 msgb_free(payload);
443 } else {
444 LOGP(DNAT, LOGL_ERROR, "Failed to allocate LU Reject.\n");
445 }
446 }
447
448 nat_send_clrc_bsc(con);
449
450 rlsd = sccp_create_rlsd(&con->remote_ref, &con->real_ref,
451 SCCP_RELEASE_CAUSE_END_USER_ORIGINATED);
452 if (!rlsd) {
453 LOGP(DNAT, LOGL_ERROR, "Failed to allocate RLSD for the BSC.\n");
454 sccp_connection_destroy(con);
455 return;
456 }
457
458 con->con_type = NAT_CON_TYPE_LOCAL_REJECT;
459 bsc_write(bsc, rlsd, IPAC_PROTO_SCCP);
460}
461
462static void bsc_send_con_refuse(struct bsc_connection *bsc,
463 struct bsc_nat_parsed *parsed, int con_type)
464{
465 struct msgb *payload;
466 struct msgb *refuse;
467
468 if (con_type == NAT_CON_TYPE_LU)
469 payload = gsm48_create_loc_upd_rej(GSM48_REJECT_PLMN_NOT_ALLOWED);
470 else if (con_type == NAT_CON_TYPE_CM_SERV_REQ)
471 payload = gsm48_create_mm_serv_rej(GSM48_REJECT_PLMN_NOT_ALLOWED);
472 else {
473 LOGP(DNAT, LOGL_ERROR, "Unknown connection type: %d\n", con_type);
474 payload = NULL;
475 }
476
477 /*
478 * Some BSCs do not handle the payload inside a SCCP CREF msg
479 * so we will need to:
480 * 1.) Allocate a local connection and mark it as local..
481 * 2.) queue data for downstream.. and the RLC should delete everything
482 */
483 if (payload) {
484 struct msgb *cc, *udt, *clear, *rlsd;
485 struct sccp_connections *con;
486 con = create_sccp_src_ref(bsc, parsed);
487 if (!con)
488 goto send_refuse;
489
490 /* declare it local and assign a unique remote_ref */
491 con->con_type = NAT_CON_TYPE_LOCAL_REJECT;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]492 con->con_local = NAT_CON_END_LOCAL;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]493 con->has_remote_ref = 1;
494 con->remote_ref = con->patched_ref;
495
496 /* 1. create a confirmation */
497 cc = sccp_create_cc(&con->remote_ref, &con->real_ref);
498 if (!cc)
499 goto send_refuse;
500
501 /* 2. create the DT1 */
502 gsm0808_prepend_dtap_header(payload, 0);
503 udt = sccp_create_dt1(&con->real_ref, payload->data, payload->len);
504 if (!udt) {
505 msgb_free(cc);
506 goto send_refuse;
507 }
508
509 /* 3. send a Clear Command */
510 clear = nat_creat_clrc(con, 0x20);
511 if (!clear) {
512 msgb_free(cc);
513 msgb_free(udt);
514 goto send_refuse;
515 }
516
517 /* 4. send a RLSD */
518 rlsd = sccp_create_rlsd(&con->remote_ref, &con->real_ref,
519 SCCP_RELEASE_CAUSE_END_USER_ORIGINATED);
520 if (!rlsd) {
521 msgb_free(cc);
522 msgb_free(udt);
523 msgb_free(clear);
524 goto send_refuse;
525 }
526
527 bsc_write(bsc, cc, IPAC_PROTO_SCCP);
528 bsc_write(bsc, udt, IPAC_PROTO_SCCP);
529 bsc_write(bsc, clear, IPAC_PROTO_SCCP);
530 bsc_write(bsc, rlsd, IPAC_PROTO_SCCP);
531 msgb_free(payload);
532 return;
533 }
534
535
536send_refuse:
537 if (payload)
538 msgb_free(payload);
539
540 refuse = sccp_create_refuse(parsed->src_local_ref,
541 SCCP_REFUSAL_SCCP_FAILURE, NULL, 0);
542 if (!refuse) {
543 LOGP(DNAT, LOGL_ERROR,
544 "Creating refuse msg failed for SCCP 0x%x on BSC Nr: %d.\n",
545 sccp_src_ref_to_int(parsed->src_local_ref), bsc->cfg->nr);
546 return;
547 }
548
549 bsc_write(bsc, refuse, IPAC_PROTO_SCCP);
550}
551
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]552static void bsc_nat_send_paging(struct bsc_connection *bsc, struct msgb *msg)
553{
554 if (bsc->cfg->forbid_paging) {
555 LOGP(DNAT, LOGL_DEBUG, "Paging forbidden for BTS: %d\n", bsc->cfg->nr);
556 return;
557 }
558
559 bsc_send_data(bsc, msg->l2h, msgb_l2len(msg), IPAC_PROTO_SCCP);
560}
561
562static void bsc_nat_handle_paging(struct bsc_nat *nat, struct msgb *msg)
563{
564 struct bsc_connection *bsc;
565 const uint8_t *paging_start;
566 int paging_length, i, ret;
567
568 ret = bsc_nat_find_paging(msg, &paging_start, &paging_length);
569 if (ret != 0) {
570 LOGP(DNAT, LOGL_ERROR, "Could not parse paging message: %d\n", ret);
571 return;
572 }
573
574 /* This is quite expensive now */
575 for (i = 0; i < paging_length; i += 2) {
576 unsigned int _lac = ntohs(*(unsigned int *) &paging_start[i]);
577 unsigned int paged = 0;
578 llist_for_each_entry(bsc, &nat->bsc_connections, list_entry) {
579 if (!bsc->cfg)
580 continue;
581 if (!bsc->authenticated)
582 continue;
583 if (!bsc_config_handles_lac(bsc->cfg, _lac))
584 continue;
585 bsc_nat_send_paging(bsc, msg);
586 paged += 1;
587 }
588
589 /* highlight a possible config issue */
590 if (paged == 0)
591 LOGP(DNAT, LOGL_ERROR, "No BSC for LAC %d/0x%d\n", _lac, _lac);
592
593 }
594}
595
596
597/*
598 * Update the auth status. This can be either a CIPHER MODE COMAMND or
599 * a CM Serivce Accept. Maybe also LU Accept or such in the future.
600 */
601static void update_con_authorize(struct sccp_connections *con,
602 struct bsc_nat_parsed *parsed,
603 struct msgb *msg)
604{
605 if (!con)
606 return;
607 if (con->authorized)
608 return;
609
610 if (parsed->bssap == BSSAP_MSG_BSS_MANAGEMENT &&
611 parsed->gsm_type == BSS_MAP_MSG_CIPHER_MODE_CMD) {
612 con->authorized = 1;
613 } else if (parsed->bssap == BSSAP_MSG_DTAP) {
614 uint8_t msg_type, proto;
615 uint32_t len;
616 struct gsm48_hdr *hdr48;
617 hdr48 = bsc_unpack_dtap(parsed, msg, &len);
618 if (!hdr48)
619 return;
620
621 proto = hdr48->proto_discr & 0x0f;
622 msg_type = hdr48->msg_type & 0xbf;
623 if (proto == GSM48_PDISC_MM &&
624 msg_type == GSM48_MT_MM_CM_SERV_ACC)
625 con->authorized = 1;
626 }
627}
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]628
629static int forward_sccp_to_bts(struct bsc_msc_connection *msc_con, struct msgb *msg)
630{
631 struct sccp_connections *con = NULL;
632 struct bsc_connection *bsc;
633 struct bsc_nat_parsed *parsed;
634 int proto;
635
636 /* filter, drop, patch the message? */
637 parsed = bsc_nat_parse(msg);
638 if (!parsed) {
639 LOGP(DNAT, LOGL_ERROR, "Can not parse msg from BSC.\n");
640 return -1;
641 }
642
643 if (bsc_nat_filter_ipa(DIR_BSC, msg, parsed))
644 goto exit;
645
646 proto = parsed->ipa_proto;
647
648 /* Route and modify the SCCP packet */
649 if (proto == IPAC_PROTO_SCCP) {
650 switch (parsed->sccp_type) {
651 case SCCP_MSG_TYPE_UDT:
652 /* forward UDT messages to every BSC */
653 goto send_to_all;
654 break;
655 case SCCP_MSG_TYPE_RLSD:
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]656 if (con && con->con_local == NAT_CON_END_USSD) {
657 LOGP(DNAT, LOGL_NOTICE, "RLSD for a USSD connection. Ignoring.\n");
658 con = NULL;
659 }
660 /* fall through */
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]661 case SCCP_MSG_TYPE_CREF:
662 case SCCP_MSG_TYPE_DT1:
663 case SCCP_MSG_TYPE_IT:
664 con = patch_sccp_src_ref_to_bsc(msg, parsed, nat);
665 if (parsed->gsm_type == BSS_MAP_MSG_ASSIGMENT_RQST) {
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]666 osmo_counter_inc(nat->stats.sccp.calls);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]667
668 if (con) {
669 struct rate_ctr_group *ctrg;
670 ctrg = con->bsc->cfg->stats.ctrg;
671 rate_ctr_inc(&ctrg->ctr[BCFG_CTR_SCCP_CALLS]);
672 if (bsc_mgcp_assign_patch(con, msg) != 0)
673 LOGP(DNAT, LOGL_ERROR, "Failed to assign...\n");
674 } else
675 LOGP(DNAT, LOGL_ERROR, "Assignment command but no BSC.\n");
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]676 } else if (con && con->con_local == NAT_CON_END_USSD &&
677 parsed->gsm_type == BSS_MAP_MSG_CLEAR_CMD) {
678 LOGP(DNAT, LOGL_NOTICE, "Clear Command for USSD Connection. Ignoring.\n");
679 con = NULL;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]680 }
681 break;
682 case SCCP_MSG_TYPE_CC:
683 con = patch_sccp_src_ref_to_bsc(msg, parsed, nat);
684 if (!con || update_sccp_src_ref(con, parsed) != 0)
685 goto exit;
686 break;
687 case SCCP_MSG_TYPE_RLC:
688 LOGP(DNAT, LOGL_ERROR, "Unexpected release complete from MSC.\n");
689 goto exit;
690 break;
691 case SCCP_MSG_TYPE_CR:
692 /* MSC never opens a SCCP connection, fall through */
693 default:
694 goto exit;
695 }
696
697 if (!con && parsed->sccp_type == SCCP_MSG_TYPE_RLSD) {
698 LOGP(DNAT, LOGL_NOTICE, "Sending fake RLC on RLSD message to network.\n");
699 /* Exchange src/dest for the reply */
700 nat_send_rlc(msc_con, parsed->dest_local_ref, parsed->src_local_ref);
701 } else if (!con)
702 LOGP(DNAT, LOGL_ERROR, "Unknown connection for msg type: 0x%x from the MSC.\n", parsed->sccp_type);
703 }
704
705 talloc_free(parsed);
706 if (!con)
707 return -1;
708 if (!con->bsc->authenticated) {
709 LOGP(DNAT, LOGL_ERROR, "Selected BSC not authenticated.\n");
710 return -1;
711 }
712
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]713 update_con_authorize(con, parsed, msg);
714
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]715 bsc_send_data(con->bsc, msg->l2h, msgb_l2len(msg), proto);
716 return 0;
717
718send_to_all:
719 /*
720 * Filter Paging from the network. We do not want to send a PAGING
721 * Command to every BSC in our network. We will analys the PAGING
722 * message and then send it to the authenticated messages...
723 */
724 if (parsed->ipa_proto == IPAC_PROTO_SCCP && parsed->gsm_type == BSS_MAP_MSG_PAGING) {
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]725 bsc_nat_handle_paging(nat, msg);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]726 goto exit;
727 }
728 /* currently send this to every BSC connected */
729 llist_for_each_entry(bsc, &nat->bsc_connections, list_entry) {
730 if (!bsc->authenticated)
731 continue;
732
733 bsc_send_data(bsc, msg->l2h, msgb_l2len(msg), parsed->ipa_proto);
734 }
735
736exit:
737 talloc_free(parsed);
738 return 0;
739}
740
741static void msc_connection_was_lost(struct bsc_msc_connection *con)
742{
743 struct bsc_connection *bsc, *tmp;
744
745 LOGP(DMSC, LOGL_ERROR, "Closing all connections downstream.\n");
746 llist_for_each_entry_safe(bsc, tmp, &nat->bsc_connections, list_entry)
747 bsc_close_connection(bsc);
748
749 bsc_mgcp_free_endpoints(nat);
750 bsc_msc_schedule_connect(con);
751}
752
753static void msc_connection_connected(struct bsc_msc_connection *con)
754{
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]755 osmo_counter_inc(nat->stats.msc.reconn);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]756}
757
758static void msc_send_reset(struct bsc_msc_connection *msc_con)
759{
760 static const uint8_t reset[] = {
761 0x00, 0x12, 0xfd,
762 0x09, 0x00, 0x03, 0x05, 0x07, 0x02, 0x42, 0xfe,
763 0x02, 0x42, 0xfe, 0x06, 0x00, 0x04, 0x30, 0x04,
764 0x01, 0x20
765 };
766
767 struct msgb *msg;
768
769 msg = msgb_alloc_headroom(4096, 128, "08.08 reset");
770 if (!msg) {
771 LOGP(DMSC, LOGL_ERROR, "Failed to allocate reset msg.\n");
772 return;
773 }
774
775 msg->l2h = msgb_put(msg, sizeof(reset));
776 memcpy(msg->l2h, reset, msgb_l2len(msg));
777
778 queue_for_msc(msc_con, msg);
779
780 LOGP(DMSC, LOGL_NOTICE, "Scheduled GSM0808 reset msg for the MSC.\n");
781}
782
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]783static int ipaccess_msc_read_cb(struct osmo_fd *bfd)
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]784{
785 int error;
786 struct bsc_msc_connection *msc_con;
787 struct msgb *msg = ipaccess_read_msg(bfd, &error);
788 struct ipaccess_head *hh;
789
790 msc_con = (struct bsc_msc_connection *) bfd->data;
791
792 if (!msg) {
793 if (error == 0)
794 LOGP(DNAT, LOGL_FATAL, "The connection the MSC was lost, exiting\n");
795 else
796 LOGP(DNAT, LOGL_ERROR, "Failed to parse ip access message: %d\n", error);
797
798 bsc_msc_lost(msc_con);
799 return -1;
800 }
801
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]802 LOGP(DNAT, LOGL_DEBUG, "MSG from MSC: %s proto: %d\n", osmo_hexdump(msg->data, msg->len), msg->l2h[0]);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]803
804 /* handle base message handling */
805 hh = (struct ipaccess_head *) msg->data;
806 ipaccess_rcvmsg_base(msg, bfd);
807
808 /* initialize the networking. This includes sending a GSM08.08 message */
809 if (hh->proto == IPAC_PROTO_IPACCESS) {
810 if (msg->l2h[0] == IPAC_MSGT_ID_ACK)
811 initialize_msc_if_needed(msc_con);
812 else if (msg->l2h[0] == IPAC_MSGT_ID_GET)
813 send_id_get_response(msc_con);
814 } else if (hh->proto == IPAC_PROTO_SCCP)
815 forward_sccp_to_bts(msc_con, msg);
816
817 msgb_free(msg);
818 return 0;
819}
820
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]821static int ipaccess_msc_write_cb(struct osmo_fd *bfd, struct msgb *msg)
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]822{
823 int rc;
824 rc = write(bfd->fd, msg->data, msg->len);
825
826 if (rc != msg->len) {
827 LOGP(DNAT, LOGL_ERROR, "Failed to write MSG to MSC.\n");
828 return -1;
829 }
830
831 return rc;
832}
833
834/*
835 * Below is the handling of messages coming
836 * from the BSC and need to be forwarded to
837 * a real BSC.
838 */
839
840/*
841 * Remove the connection from the connections list,
842 * remove it from the patching of SCCP header lists
843 * as well. Maybe in the future even close connection..
844 */
845void bsc_close_connection(struct bsc_connection *connection)
846{
847 struct sccp_connections *sccp_patch, *tmp;
848 struct rate_ctr *ctr = NULL;
849
850 /* stop the timeout timer */
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]851 osmo_timer_del(&connection->id_timeout);
852 osmo_timer_del(&connection->ping_timeout);
853 osmo_timer_del(&connection->pong_timeout);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]854
855 if (connection->cfg)
856 ctr = &connection->cfg->stats.ctrg->ctr[BCFG_CTR_DROPPED_SCCP];
857
858 /* remove all SCCP connections */
859 llist_for_each_entry_safe(sccp_patch, tmp, &nat->sccp_connections, list_entry) {
860 if (sccp_patch->bsc != connection)
861 continue;
862
863 if (ctr)
864 rate_ctr_inc(ctr);
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]865 if (sccp_patch->has_remote_ref) {
866 if (sccp_patch->con_local == NAT_CON_END_MSC)
867 nat_send_rlsd_msc(sccp_patch);
868 else if (sccp_patch->con_local == NAT_CON_END_USSD)
869 nat_send_rlsd_ussd(nat, sccp_patch);
870 }
871
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]872 sccp_connection_destroy(sccp_patch);
873 }
874
875 /* close endpoints allocated by this BSC */
876 bsc_mgcp_clear_endpoints_for(connection);
877
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]878 osmo_fd_unregister(&connection->write_queue.bfd);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]879 close(connection->write_queue.bfd.fd);
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]880 osmo_wqueue_clear(&connection->write_queue);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]881 llist_del(&connection->list_entry);
882
883 talloc_free(connection);
884}
885
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]886static void bsc_maybe_close(struct bsc_connection *bsc)
887{
888 struct sccp_connections *sccp;
889 if (!bsc->nat->blocked)
890 return;
891
892 /* are there any connections left */
893 llist_for_each_entry(sccp, &bsc->nat->sccp_connections, list_entry)
894 if (sccp->bsc == bsc)
895 return;
896
897 /* nothing left, close the BSC */
898 LOGP(DNAT, LOGL_NOTICE, "Cleaning up BSC %d in blocking mode.\n",
899 bsc->cfg ? bsc->cfg->nr : -1);
900 bsc_close_connection(bsc);
901}
902
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]903static void ipaccess_close_bsc(void *data)
904{
905 struct sockaddr_in sock;
906 socklen_t len = sizeof(sock);
907 struct bsc_connection *conn = data;
908
909
910 getpeername(conn->write_queue.bfd.fd, (struct sockaddr *) &sock, &len);
911 LOGP(DNAT, LOGL_ERROR, "BSC on %s didn't respond to identity request. Closing.\n",
912 inet_ntoa(sock.sin_addr));
913 bsc_close_connection(conn);
914}
915
916static void ipaccess_auth_bsc(struct tlv_parsed *tvp, struct bsc_connection *bsc)
917{
918 struct bsc_config *conf;
919 const char *token = (const char *) TLVP_VAL(tvp, IPAC_IDTAG_UNITNAME);
920 const int len = TLVP_LEN(tvp, IPAC_IDTAG_UNITNAME);
921
922 if (bsc->cfg) {
923 LOGP(DNAT, LOGL_ERROR, "Reauth on fd %d bsc nr %d\n",
924 bsc->write_queue.bfd.fd, bsc->cfg->nr);
925 return;
926 }
927
928 llist_for_each_entry(conf, &bsc->nat->bsc_configs, entry) {
929 if (strncmp(conf->token, token, len) == 0) {
930 rate_ctr_inc(&conf->stats.ctrg->ctr[BCFG_CTR_NET_RECONN]);
931 bsc->authenticated = 1;
932 bsc->cfg = conf;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]933 osmo_timer_del(&bsc->id_timeout);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]934 LOGP(DNAT, LOGL_NOTICE, "Authenticated bsc nr: %d on fd %d\n",
935 conf->nr, bsc->write_queue.bfd.fd);
936 start_ping_pong(bsc);
937 return;
938 }
939 }
940
941 LOGP(DNAT, LOGL_ERROR, "No bsc found for token %s on fd: %d.\n", token,
942 bsc->write_queue.bfd.fd);
943}
944
945static void handle_con_stats(struct sccp_connections *con)
946{
947 struct rate_ctr_group *ctrg;
948 int id = bsc_conn_type_to_ctr(con);
949
950 if (id == -1)
951 return;
952
953 if (!con->bsc || !con->bsc->cfg)
954 return;
955
956 ctrg = con->bsc->cfg->stats.ctrg;
957 rate_ctr_inc(&ctrg->ctr[id]);
958}
959
960static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg)
961{
962 int con_filter = 0;
963 char *imsi = NULL;
964 struct bsc_msc_connection *con_msc = NULL;
965 struct bsc_connection *con_bsc = NULL;
966 int con_type;
967 struct bsc_nat_parsed *parsed;
968
969 /* Parse and filter messages */
970 parsed = bsc_nat_parse(msg);
971 if (!parsed) {
972 LOGP(DNAT, LOGL_ERROR, "Can not parse msg from BSC.\n");
973 msgb_free(msg);
974 return -1;
975 }
976
977 if (bsc_nat_filter_ipa(DIR_MSC, msg, parsed))
978 goto exit;
979
980 /*
981 * check authentication after filtering to not reject auth
982 * responses coming from the BSC. We have to make sure that
983 * nothing from the exit path will forward things to the MSC
984 */
985 if (!bsc->authenticated) {
986 LOGP(DNAT, LOGL_ERROR, "BSC is not authenticated.\n");
987 msgb_free(msg);
988 return -1;
989 }
990
991
992 /* modify the SCCP entries */
993 if (parsed->ipa_proto == IPAC_PROTO_SCCP) {
994 int filter;
995 struct sccp_connections *con;
996 switch (parsed->sccp_type) {
997 case SCCP_MSG_TYPE_CR:
998 filter = bsc_nat_filter_sccp_cr(bsc, msg, parsed, &con_type, &imsi);
999 if (filter < 0) {
1000 bsc_stat_reject(filter, bsc, 0);
1001 goto exit3;
1002 }
1003
1004 if (!create_sccp_src_ref(bsc, parsed))
1005 goto exit2;
1006 con = patch_sccp_src_ref_to_msc(msg, parsed, bsc);
1007 con->msc_con = bsc->nat->msc_con;
1008 con_msc = con->msc_con;
1009 con->con_type = con_type;
1010 con->imsi_checked = filter;
1011 if (imsi)
1012 con->imsi = talloc_steal(con, imsi);
1013 imsi = NULL;
1014 con_bsc = con->bsc;
1015 handle_con_stats(con);
1016 break;
1017 case SCCP_MSG_TYPE_RLSD:
1018 case SCCP_MSG_TYPE_CREF:
1019 case SCCP_MSG_TYPE_DT1:
1020 case SCCP_MSG_TYPE_CC:
1021 case SCCP_MSG_TYPE_IT:
1022 con = patch_sccp_src_ref_to_msc(msg, parsed, bsc);
1023 if (con) {
1024 /* only filter non local connections */
1025 if (!con->con_local) {
1026 filter = bsc_nat_filter_dt(bsc, msg, con, parsed);
1027 if (filter < 0) {
1028 bsc_stat_reject(filter, bsc, 1);
1029 bsc_send_con_release(bsc, con);
1030 con = NULL;
1031 goto exit2;
1032 }
1033
1034 /* hand data to a side channel */
1035 if (bsc_check_ussd(con, parsed, msg) == 1)
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1036 con->con_local = NAT_CON_END_USSD;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1037
1038 /*
1039 * Optionally rewrite setup message. This can
1040 * replace the msg and the parsed structure becomes
1041 * invalid.
1042 */
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1043 msg = bsc_nat_rewrite_msg(bsc->nat, msg, parsed, con->imsi);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1044 talloc_free(parsed);
1045 parsed = NULL;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1046 } else if (con->con_local == NAT_CON_END_USSD) {
1047 bsc_check_ussd(con, parsed, msg);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1048 }
1049
1050 con_bsc = con->bsc;
1051 con_msc = con->msc_con;
1052 con_filter = con->con_local;
1053 }
1054
1055 break;
1056 case SCCP_MSG_TYPE_RLC:
1057 con = patch_sccp_src_ref_to_msc(msg, parsed, bsc);
1058 if (con) {
1059 con_bsc = con->bsc;
1060 con_msc = con->msc_con;
1061 con_filter = con->con_local;
1062 }
1063 remove_sccp_src_ref(bsc, msg, parsed);
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1064 bsc_maybe_close(bsc);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1065 break;
1066 case SCCP_MSG_TYPE_UDT:
1067 /* simply forward everything */
1068 con = NULL;
1069 break;
1070 default:
1071 LOGP(DNAT, LOGL_ERROR, "Not forwarding to msc sccp type: 0x%x\n", parsed->sccp_type);
1072 con = NULL;
1073 goto exit2;
1074 break;
1075 }
1076 } else if (parsed->ipa_proto == IPAC_PROTO_MGCP_OLD) {
1077 bsc_mgcp_forward(bsc, msg);
1078 goto exit2;
1079 } else {
1080 LOGP(DNAT, LOGL_ERROR, "Not forwarding unknown stream id: 0x%x\n", parsed->ipa_proto);
1081 goto exit2;
1082 }
1083
1084 if (con_msc && con_bsc != bsc) {
1085 LOGP(DNAT, LOGL_ERROR, "The connection belongs to a different BTS: input: %d con: %d\n",
1086 bsc->cfg->nr, con_bsc->cfg->nr);
1087 goto exit2;
1088 }
1089
1090 /* do not forward messages to the MSC */
1091 if (con_filter)
1092 goto exit2;
1093
1094 if (!con_msc) {
1095 LOGP(DNAT, LOGL_ERROR, "Not forwarding data bsc_nr: %d ipa: %d type: 0x%x\n",
1096 bsc->cfg->nr,
1097 parsed ? parsed->ipa_proto : -1,
1098 parsed ? parsed->sccp_type : -1);
1099 goto exit2;
1100 }
1101
1102 /* send the non-filtered but maybe modified msg */
1103 queue_for_msc(con_msc, msg);
1104 if (parsed)
1105 talloc_free(parsed);
1106 return 0;
1107
1108exit:
1109 /* if we filter out the reset send an ack to the BSC */
1110 if (parsed->bssap == 0 && parsed->gsm_type == BSS_MAP_MSG_RESET) {
1111 send_reset_ack(bsc);
1112 send_reset_ack(bsc);
1113 } else if (parsed->ipa_proto == IPAC_PROTO_IPACCESS) {
1114 /* do we know who is handling this? */
1115 if (msg->l2h[0] == IPAC_MSGT_ID_RESP) {
1116 struct tlv_parsed tvp;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1117 int ret;
1118 ret = ipaccess_idtag_parse(&tvp,
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1119 (unsigned char *) msg->l2h + 2,
1120 msgb_l2len(msg) - 2);
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1121 if (ret < 0) {
1122 LOGP(DNAT, LOGL_ERROR, "ignoring IPA response "
1123 "message with malformed TLVs\n");
1124 return ret;
1125 }
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1126 if (TLVP_PRESENT(&tvp, IPAC_IDTAG_UNITNAME))
1127 ipaccess_auth_bsc(&tvp, bsc);
1128 }
1129
1130 goto exit2;
1131 }
1132
1133exit2:
1134 if (imsi)
1135 talloc_free(imsi);
1136 talloc_free(parsed);
1137 msgb_free(msg);
1138 return -1;
1139
1140exit3:
1141 /* send a SCCP Connection Refused */
1142 if (imsi)
1143 talloc_free(imsi);
1144 bsc_send_con_refuse(bsc, parsed, con_type);
1145 talloc_free(parsed);
1146 msgb_free(msg);
1147 return -1;
1148}
1149
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1150static int ipaccess_bsc_read_cb(struct osmo_fd *bfd)
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1151{
1152 int error;
1153 struct bsc_connection *bsc = bfd->data;
1154 struct msgb *msg = ipaccess_read_msg(bfd, &error);
1155 struct ipaccess_head *hh;
1156
1157 if (!msg) {
1158 if (error == 0)
1159 LOGP(DNAT, LOGL_ERROR,
1160 "The connection to the BSC Nr: %d was lost. Cleaning it\n",
1161 bsc->cfg ? bsc->cfg->nr : -1);
1162 else
1163 LOGP(DNAT, LOGL_ERROR,
1164 "Stream error on BSC Nr: %d. Failed to parse ip access message: %d\n",
1165 bsc->cfg ? bsc->cfg->nr : -1, error);
1166
1167 bsc_close_connection(bsc);
1168 return -1;
1169 }
1170
1171
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1172 LOGP(DNAT, LOGL_DEBUG, "MSG from BSC: %s proto: %d\n", osmo_hexdump(msg->data, msg->len), msg->l2h[0]);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1173
1174 /* Handle messages from the BSC */
1175 hh = (struct ipaccess_head *) msg->data;
1176
1177 /* stop the pong timeout */
1178 if (hh->proto == IPAC_PROTO_IPACCESS) {
1179 if (msg->l2h[0] == IPAC_MSGT_PONG) {
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1180 osmo_timer_del(&bsc->pong_timeout);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1181 msgb_free(msg);
1182 return 0;
1183 } else if (msg->l2h[0] == IPAC_MSGT_PING) {
1184 send_pong(bsc);
1185 msgb_free(msg);
1186 return 0;
1187 }
1188 }
1189
1190 /* FIXME: Currently no PONG is sent to the BSC */
1191 /* FIXME: Currently no ID ACK is sent to the BSC */
1192 forward_sccp_to_msc(bsc, msg);
1193
1194 return 0;
1195}
1196
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1197static int ipaccess_listen_bsc_cb(struct osmo_fd *bfd, unsigned int what)
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1198{
1199 struct bsc_connection *bsc;
1200 int fd, rc, on;
1201 struct sockaddr_in sa;
1202 socklen_t sa_len = sizeof(sa);
1203
1204 if (!(what & BSC_FD_READ))
1205 return 0;
1206
1207 fd = accept(bfd->fd, (struct sockaddr *) &sa, &sa_len);
1208 if (fd < 0) {
1209 perror("accept");
1210 return fd;
1211 }
1212
1213 /* count the reconnect */
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1214 osmo_counter_inc(nat->stats.bsc.reconn);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1215
1216 /*
1217 * if we are not connected to a msc... just close the socket
1218 */
1219 if (!bsc_nat_msc_is_connected(nat)) {
1220 LOGP(DNAT, LOGL_NOTICE, "Disconnecting BSC due lack of MSC connection.\n");
1221 close(fd);
1222 return 0;
1223 }
1224
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1225 if (nat->blocked) {
1226 LOGP(DNAT, LOGL_NOTICE, "Disconnecting BSC due NAT being blocked.\n");
1227 close(fd);
1228 return 0;
1229 }
1230
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1231 on = 1;
1232 rc = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on));
1233 if (rc != 0)
1234 LOGP(DNAT, LOGL_ERROR, "Failed to set TCP_NODELAY: %s\n", strerror(errno));
1235
1236 rc = setsockopt(fd, IPPROTO_IP, IP_TOS,
1237 &nat->bsc_ip_dscp, sizeof(nat->bsc_ip_dscp));
1238 if (rc != 0)
1239 LOGP(DNAT, LOGL_ERROR, "Failed to set IP_TOS: %s\n", strerror(errno));
1240
1241 /* todo... do something with the connection */
1242 /* todo... use GNUtls to see if we want to trust this as a BTS */
1243
1244 /*
1245 *
1246 */
1247 bsc = bsc_connection_alloc(nat);
1248 if (!bsc) {
1249 LOGP(DNAT, LOGL_ERROR, "Failed to allocate BSC struct.\n");
1250 close(fd);
1251 return -1;
1252 }
1253
1254 bsc->write_queue.bfd.data = bsc;
1255 bsc->write_queue.bfd.fd = fd;
1256 bsc->write_queue.read_cb = ipaccess_bsc_read_cb;
1257 bsc->write_queue.write_cb = bsc_write_cb;
1258 bsc->write_queue.bfd.when = BSC_FD_READ;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1259 if (osmo_fd_register(&bsc->write_queue.bfd) < 0) {
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1260 LOGP(DNAT, LOGL_ERROR, "Failed to register BSC fd.\n");
1261 close(fd);
1262 talloc_free(bsc);
1263 return -2;
1264 }
1265
1266 LOGP(DNAT, LOGL_NOTICE, "BSC connection on %d with IP: %s\n",
1267 fd, inet_ntoa(sa.sin_addr));
1268 llist_add(&bsc->list_entry, &nat->bsc_connections);
1269 send_id_ack(bsc);
1270 send_id_req(bsc);
1271 send_mgcp_reset(bsc);
1272
1273 /*
1274 * start the hangup timer
1275 */
1276 bsc->id_timeout.data = bsc;
1277 bsc->id_timeout.cb = ipaccess_close_bsc;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1278 osmo_timer_schedule(&bsc->id_timeout, nat->auth_timeout, 0);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1279 return 0;
1280}
1281
1282static void print_usage()
1283{
1284 printf("Usage: bsc_nat\n");
1285}
1286
1287static void print_help()
1288{
1289 printf(" Some useful help...\n");
1290 printf(" -h --help this text\n");
1291 printf(" -d option --debug=DRLL:DCC:DMM:DRR:DRSL:DNM enable debugging\n");
1292 printf(" -D --daemonize Fork the process into a background daemon\n");
1293 printf(" -s --disable-color\n");
1294 printf(" -c --config-file filename The config file to use.\n");
1295 printf(" -m --msc=IP. The address of the MSC.\n");
1296 printf(" -l --local=IP. The local address of this BSC.\n");
1297}
1298
1299static void handle_options(int argc, char **argv)
1300{
1301 while (1) {
1302 int option_index = 0, c;
1303 static struct option long_options[] = {
1304 {"help", 0, 0, 'h'},
1305 {"debug", 1, 0, 'd'},
1306 {"config-file", 1, 0, 'c'},
1307 {"disable-color", 0, 0, 's'},
1308 {"timestamp", 0, 0, 'T'},
1309 {"msc", 1, 0, 'm'},
1310 {"local", 1, 0, 'l'},
1311 {0, 0, 0, 0}
1312 };
1313
1314 c = getopt_long(argc, argv, "hd:sTPc:m:l:",
1315 long_options, &option_index);
1316 if (c == -1)
1317 break;
1318
1319 switch (c) {
1320 case 'h':
1321 print_usage();
1322 print_help();
1323 exit(0);
1324 case 's':
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1325 log_set_use_color(osmo_stderr_target, 0);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1326 break;
1327 case 'd':
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1328 log_parse_category_mask(osmo_stderr_target, optarg);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1329 break;
1330 case 'c':
1331 config_file = strdup(optarg);
1332 break;
1333 case 'T':
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1334 log_set_print_timestamp(osmo_stderr_target, 1);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1335 break;
1336 case 'm':
1337 msc_ip = optarg;
1338 break;
1339 case 'l':
1340 inet_aton(optarg, &local_addr);
1341 break;
1342 default:
1343 /* ignore */
1344 break;
1345 }
1346 }
1347}
1348
1349static void signal_handler(int signal)
1350{
1351 switch (signal) {
1352 case SIGABRT:
1353 /* in case of abort, we want to obtain a talloc report
1354 * and then return to the caller, who will abort the process */
1355 case SIGUSR1:
1356 talloc_report_full(tall_bsc_ctx, stderr);
1357 break;
1358 default:
1359 break;
1360 }
1361}
1362
1363static void sccp_close_unconfirmed(void *_data)
1364{
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1365 int destroyed = 0;
1366 struct bsc_connection *bsc, *bsc_tmp;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1367 struct sccp_connections *conn, *tmp1;
1368 struct timespec now;
1369 clock_gettime(CLOCK_MONOTONIC, &now);
1370
1371 llist_for_each_entry_safe(conn, tmp1, &nat->sccp_connections, list_entry) {
1372 if (conn->has_remote_ref)
1373 continue;
1374
1375 int diff = (now.tv_sec - conn->creation_time.tv_sec) / 60;
1376 if (diff < SCCP_CLOSE_TIME_TIMEOUT)
1377 continue;
1378
1379 LOGP(DNAT, LOGL_ERROR, "SCCP connection 0x%x/0x%x was never confirmed.\n",
1380 sccp_src_ref_to_int(&conn->real_ref),
1381 sccp_src_ref_to_int(&conn->patched_ref));
1382 sccp_connection_destroy(conn);
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1383 destroyed = 1;
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1384 }
1385
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1386 if (!destroyed)
1387 goto out;
1388
1389 /* now close out any BSC */
1390 llist_for_each_entry_safe(bsc, bsc_tmp, &nat->bsc_connections, list_entry)
1391 bsc_maybe_close(bsc);
1392
1393out:
1394 osmo_timer_schedule(&sccp_close, SCCP_CLOSE_TIME, 0);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1395}
1396
1397extern void *tall_msgb_ctx;
1398extern void *tall_ctr_ctx;
1399static void talloc_init_ctx()
1400{
1401 tall_bsc_ctx = talloc_named_const(NULL, 0, "nat");
1402 tall_msgb_ctx = talloc_named_const(tall_bsc_ctx, 0, "msgb");
1403 tall_ctr_ctx = talloc_named_const(tall_bsc_ctx, 0, "counter");
1404}
1405
1406extern enum node_type bsc_vty_go_parent(struct vty *vty);
1407
1408static struct vty_app_info vty_info = {
1409 .name = "OsmoBSCNAT",
1410 .version = PACKAGE_VERSION,
1411 .go_parent_cb = bsc_vty_go_parent,
1412 .is_config_node = bsc_vty_is_config_node,
1413};
1414
1415int main(int argc, char **argv)
1416{
1417 int rc;
1418
1419 talloc_init_ctx();
1420
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1421 osmo_init_logging(&log_info);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1422
1423 nat = bsc_nat_alloc();
1424 if (!nat) {
1425 fprintf(stderr, "Failed to allocate the BSC nat.\n");
1426 return -4;
1427 }
1428
1429 nat->mgcp_cfg = mgcp_config_alloc();
1430 if (!nat->mgcp_cfg) {
1431 fprintf(stderr, "Failed to allocate MGCP cfg.\n");
1432 return -5;
1433 }
1434
1435 vty_info.copyright = openbsc_copyright;
1436 vty_init(&vty_info);
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1437 logging_vty_add_cmds(&log_info);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1438 bsc_nat_vty_init(nat);
1439
1440
1441 /* parse options */
1442 local_addr.s_addr = INADDR_ANY;
1443 handle_options(argc, argv);
1444
1445 rate_ctr_init(tall_bsc_ctx);
1446
1447 /* init vty and parse */
1448 telnet_init(tall_bsc_ctx, NULL, 4244);
1449 if (mgcp_parse_config(config_file, nat->mgcp_cfg) < 0) {
1450 fprintf(stderr, "Failed to parse the config file: '%s'\n", config_file);
1451 return -3;
1452 }
1453
1454 /* over rule the VTY config */
1455 if (msc_ip)
1456 bsc_nat_set_msc_ip(nat, msc_ip);
1457
1458 /* seed the PRNG */
1459 srand(time(NULL));
1460
1461 /*
1462 * Setup the MGCP code..
1463 */
1464 if (bsc_mgcp_nat_init(nat) != 0)
1465 return -4;
1466
1467 /* connect to the MSC */
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1468 nat->msc_con = bsc_msc_create(nat, &nat->dests);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1469 if (!nat->msc_con) {
1470 fprintf(stderr, "Creating a bsc_msc_connection failed.\n");
1471 exit(1);
1472 }
1473
1474 nat->msc_con->connection_loss = msc_connection_was_lost;
1475 nat->msc_con->connected = msc_connection_connected;
1476 nat->msc_con->write_queue.read_cb = ipaccess_msc_read_cb;
1477 nat->msc_con->write_queue.write_cb = ipaccess_msc_write_cb;;
1478 nat->msc_con->write_queue.bfd.data = nat->msc_con;
1479 bsc_msc_connect(nat->msc_con);
1480
1481 /* wait for the BSC */
1482 rc = make_sock(&bsc_listen, IPPROTO_TCP, ntohl(local_addr.s_addr),
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1483 5000, 0, ipaccess_listen_bsc_cb, nat);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1484 if (rc != 0) {
1485 fprintf(stderr, "Failed to listen for BSC.\n");
1486 exit(1);
1487 }
1488
1489 rc = bsc_ussd_init(nat);
1490 if (rc != 0) {
1491 LOGP(DNAT, LOGL_ERROR, "Failed to bind the USSD socket.\n");
1492 exit(1);
1493 }
1494
1495 signal(SIGABRT, &signal_handler);
1496 signal(SIGUSR1, &signal_handler);
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1497 osmo_init_ignore_signals();
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1498
1499 if (daemonize) {
1500 rc = osmo_daemonize();
1501 if (rc < 0) {
1502 perror("Error during daemonize");
1503 exit(1);
1504 }
1505 }
1506
1507 /* recycle timer */
1508 sccp_set_log_area(DSCCP);
1509 sccp_close.cb = sccp_close_unconfirmed;
1510 sccp_close.data = NULL;
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1511 osmo_timer_schedule(&sccp_close, SCCP_CLOSE_TIME, 0);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1512
1513 while (1) {
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1514 osmo_select_main(0);
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1515 }
1516
1517 return 0;
1518}
1519
1520/* Close all connections handed out to the USSD module */
1521int bsc_close_ussd_connections(struct bsc_nat *nat)
1522{
1523 struct sccp_connections *con;
1524 llist_for_each_entry(con, &nat->sccp_connections, list_entry) {
Jonathan Santos5a45b152011-08-17 15:33:57 -0400[diff] [blame^]1525 if (con->con_local != NAT_CON_END_USSD)
Jonathan Santos03fd8d02011-05-25 13:54:02 -0400[diff] [blame]1526 continue;
1527 if (!con->bsc)
1528 continue;
1529
1530 nat_send_clrc_bsc(con);
1531 nat_send_rlsd_bsc(con);
1532 }
1533
1534 return 0;
1535}