VirtualBox

source: vbox/trunk/src/VBox/Devices/Network/slirp/udp.c@ 41967

Last change on this file since 41967 was 41856, checked in by vboxsync, 13 years ago

NAT: typo.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 18.7 KB
Line 
1/* $Id: udp.c 41856 2012-06-21 06:00:24Z vboxsync $ */
2/** @file
3 * NAT - UDP protocol.
4 */
5
6/*
7 * Copyright (C) 2006-2010 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18/*
19 * This code is based on:
20 *
21 * Copyright (c) 1982, 1986, 1988, 1990, 1993
22 * The Regents of the University of California. All rights reserved.
23 *
24 * Redistribution and use in source and binary forms, with or without
25 * modification, are permitted provided that the following conditions
26 * are met:
27 * 1. Redistributions of source code must retain the above copyright
28 * notice, this list of conditions and the following disclaimer.
29 * 2. Redistributions in binary form must reproduce the above copyright
30 * notice, this list of conditions and the following disclaimer in the
31 * documentation and/or other materials provided with the distribution.
32 * 3. All advertising materials mentioning features or use of this software
33 * must display the following acknowledgement:
34 * This product includes software developed by the University of
35 * California, Berkeley and its contributors.
36 * 4. Neither the name of the University nor the names of its contributors
37 * may be used to endorse or promote products derived from this software
38 * without specific prior written permission.
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * @(#)udp_usrreq.c 8.4 (Berkeley) 1/21/94
53 * udp_usrreq.c,v 1.4 1994/10/02 17:48:45 phk Exp
54 */
55
56/*
57 * Changes and additions relating to SLiRP
58 * Copyright (c) 1995 Danny Gasparovski.
59 *
60 * Please read the file COPYRIGHT for the
61 * terms and conditions of the copyright.
62 */
63
64#include <slirp.h>
65#include "ip_icmp.h"
66#include "ctl.h"
67
68
69/*
70 * UDP protocol implementation.
71 * Per RFC 768, August, 1980.
72 */
73#define udpcksum 1
74
75void
76udp_init(PNATState pData)
77{
78 udp_last_so = &udb;
79 udb.so_next = udb.so_prev = &udb;
80}
81
82/* m->m_data points at ip packet header
83 * m->m_len length ip packet
84 * ip->ip_len length data (IPDU)
85 */
86void
87udp_input(PNATState pData, register struct mbuf *m, int iphlen)
88{
89 register struct ip *ip;
90 register struct udphdr *uh;
91 int len;
92 struct ip save_ip;
93 struct socket *so;
94 int ret;
95 int ttl;
96
97 LogFlowFunc(("ENTER: m = %p, iphlen = %d\n", m, iphlen));
98 ip = mtod(m, struct ip *);
99 Log2(("%RTnaipv4 iphlen = %d\n", ip->ip_dst, iphlen));
100
101 udpstat.udps_ipackets++;
102
103 /*
104 * Strip IP options, if any; should skip this,
105 * make available to user, and use on returned packets,
106 * but we don't yet have a way to check the checksum
107 * with options still present.
108 */
109 if (iphlen > sizeof(struct ip))
110 {
111 ip_stripoptions(m, (struct mbuf *)0);
112 iphlen = sizeof(struct ip);
113 }
114
115 /*
116 * Get IP and UDP header together in first mbuf.
117 */
118 ip = mtod(m, struct ip *);
119 uh = (struct udphdr *)((caddr_t)ip + iphlen);
120
121 /*
122 * Make mbuf data length reflect UDP length.
123 * If not enough data to reflect UDP length, drop.
124 */
125 len = RT_N2H_U16((u_int16_t)uh->uh_ulen);
126 Assert((ip->ip_len == len));
127 Assert((ip->ip_len + iphlen == m_length(m, NULL)));
128
129 if (ip->ip_len != len)
130 {
131 if (len > ip->ip_len)
132 {
133 udpstat.udps_badlen++;
134 Log3(("NAT: IP(id: %hd) has bad size\n", ip->ip_id));
135 }
136 m_adj(m, len - ip->ip_len);
137 ip->ip_len = len;
138 }
139
140 /*
141 * Save a copy of the IP header in case we want restore it
142 * for sending an ICMP error message in response.
143 */
144 save_ip = *ip;
145 save_ip.ip_len+= iphlen; /* tcp_input subtracts this */
146
147 /*
148 * Checksum extended UDP header and data.
149 */
150 if (udpcksum && uh->uh_sum)
151 {
152 memset(((struct ipovly *)ip)->ih_x1, 0, 9);
153 ((struct ipovly *)ip)->ih_len = uh->uh_ulen;
154#if 0
155 /* keep uh_sum for ICMP reply */
156 uh->uh_sum = cksum(m, len + sizeof (struct ip));
157 if (uh->uh_sum)
158 {
159
160#endif
161 if (cksum(m, len + iphlen))
162 {
163 udpstat.udps_badsum++;
164 Log3(("NAT: IP(id: %hd) has bad (udp) cksum\n", ip->ip_id));
165 goto bad_free_mbuf;
166 }
167 }
168#if 0
169 }
170#endif
171
172 /*
173 * handle DHCP/BOOTP
174 */
175 if (uh->uh_dport == RT_H2N_U16_C(BOOTP_SERVER))
176 {
177 bootp_input(pData, m);
178 goto done_free_mbuf;
179 }
180
181 LogFunc(("uh src: %RTnaipv4:%d, dst: %RTnaipv4:%d\n", ip->ip_src, RT_H2N_U16_C(uh->uh_sport), ip->ip_dst, RT_H2N_U16_C(uh->uh_dport)));
182 if ( pData->fUseHostResolver
183 && uh->uh_dport == RT_H2N_U16_C(53)
184 && CTL_CHECK(ip->ip_dst.s_addr, CTL_DNS))
185 {
186 struct sockaddr_in dst, src;
187 src.sin_addr.s_addr = ip->ip_dst.s_addr;
188 src.sin_port = uh->uh_dport;
189 dst.sin_addr.s_addr = ip->ip_src.s_addr;
190 dst.sin_port = uh->uh_sport;
191
192 slirpMbufTagService(pData, m, CTL_DNS);
193 /* udp_output2() expects a pointer to the body of UDP packet. */
194 m->m_data += sizeof(struct udpiphdr);
195 m->m_len -= sizeof(struct udpiphdr);
196 udp_output2(pData, NULL, m, &src, &dst, IPTOS_LOWDELAY);
197 LogFlowFuncLeave();
198 return;
199 }
200 /*
201 * handle TFTP
202 */
203 if ( uh->uh_dport == RT_H2N_U16_C(TFTP_SERVER)
204 && CTL_CHECK(ip->ip_dst.s_addr, CTL_TFTP))
205 {
206 tftp_input(pData, m);
207 goto done_free_mbuf;
208 }
209
210 /*
211 * Locate pcb for datagram.
212 */
213 so = udp_last_so;
214 if ( so->so_lport != uh->uh_sport
215 || so->so_laddr.s_addr != ip->ip_src.s_addr)
216 {
217 struct socket *tmp;
218
219 for (tmp = udb.so_next; tmp != &udb; tmp = tmp->so_next)
220 {
221 if ( tmp->so_lport == uh->uh_sport
222 && tmp->so_laddr.s_addr == ip->ip_src.s_addr)
223 {
224 so = tmp;
225 break;
226 }
227 }
228 if (tmp == &udb)
229 so = NULL;
230 else
231 {
232 udpstat.udpps_pcbcachemiss++;
233 udp_last_so = so;
234 }
235 }
236
237 if (so == NULL)
238 {
239 /*
240 * If there's no socket for this packet,
241 * create one
242 */
243 if ((so = socreate()) == NULL)
244 {
245 Log2(("NAT: IP(id: %hd) failed to create socket\n", ip->ip_id));
246 goto bad_free_mbuf;
247 }
248 if (udp_attach(pData, so) <= 0)
249 {
250 Log2(("NAT: IP(id: %hd) udp_attach errno = %d (%s)\n",
251 ip->ip_id, errno, strerror(errno)));
252 sofree(pData, so);
253 goto bad_free_mbuf;
254 }
255
256 /*
257 * Setup fields
258 */
259 /* udp_last_so = so; */
260 so->so_laddr = ip->ip_src;
261 so->so_lport = uh->uh_sport;
262
263 so->so_iptos = ip->ip_tos;
264
265 /*
266 * XXXXX Here, check if it's in udpexec_list,
267 * and if it is, do the fork_exec() etc.
268 */
269 }
270
271 so->so_faddr = ip->ip_dst; /* XXX */
272 so->so_fport = uh->uh_dport; /* XXX */
273 Assert(so->so_type == IPPROTO_UDP);
274
275 /*
276 * DNS proxy
277 */
278 if ( pData->fUseDnsProxy
279 && (ip->ip_dst.s_addr == RT_H2N_U32(RT_N2H_U32(pData->special_addr.s_addr) | CTL_DNS))
280 && (uh->uh_dport == RT_H2N_U16_C(53)))
281 {
282 dnsproxy_query(pData, so, m, iphlen);
283 goto done_free_mbuf;
284 }
285
286 iphlen += sizeof(struct udphdr);
287 m->m_len -= iphlen;
288 m->m_data += iphlen;
289
290 ttl = ip->ip_ttl = save_ip.ip_ttl;
291 ret = setsockopt(so->s, IPPROTO_IP, IP_TTL, (const char*)&ttl, sizeof(ttl));
292 if (ret < 0)
293 LogRel(("NAT: Error (%s) occurred while setting TTL(%d) attribute "
294 "of IP packet to socket %R[natsock]\n", strerror(errno), ip->ip_ttl, so));
295
296 if ( sosendto(pData, so, m) == -1
297 && ( !soIgnorableErrorCode(errno)
298 && errno != ENOTCONN))
299 {
300 m->m_len += iphlen;
301 m->m_data -= iphlen;
302 *ip = save_ip;
303 Log2(("NAT: UDP tx errno = %d (%s) on sent to %RTnaipv4\n",
304 errno, strerror(errno), ip->ip_dst));
305#if 0
306 /* ICMP_SOURCEQUENCH haven't got any effect, the idea here
307 * inform guest about the exosting NAT resources with assumption that
308 * that guest reduce traffic. But it doesn't work
309 */
310 if( errno == EAGAIN
311 || errno == EWOULDBLOCK
312 || errno == EINPROGRESS
313 || errno == ENOTCONN)
314 icmp_error(pData, m, ICMP_SOURCEQUENCH, 0, 1, strerror(errno));
315 else
316#endif
317 icmp_error(pData, m, ICMP_UNREACH, ICMP_UNREACH_NET, 0, strerror(errno));
318 so->so_m = NULL;
319 LogFlowFuncLeave();
320 return;
321 }
322
323 if (so->so_m)
324 m_freem(pData, so->so_m); /* used for ICMP if error on sorecvfrom */
325
326 /* restore the orig mbuf packet */
327 m->m_len += iphlen;
328 m->m_data -= iphlen;
329 *ip = save_ip;
330 so->so_m = m; /* ICMP backup */
331 LogFlowFuncLeave();
332 return;
333
334bad_free_mbuf:
335 Log2(("NAT: UDP(id: %hd) datagram to %RTnaipv4 with size(%d) claimed as bad\n",
336 ip->ip_id, &ip->ip_dst, ip->ip_len));
337
338done_free_mbuf:
339 /* some services like bootp(built-in), dns(buildt-in) and dhcp don't need sockets
340 * and create new m'buffers to send them to guest, so we'll free their incomming
341 * buffers here.
342 */
343 m_freem(pData, m);
344 LogFlowFuncLeave();
345 return;
346}
347
348/**
349 * Output a UDP packet.
350 *
351 * @note This function will finally free m!
352 */
353int udp_output2(PNATState pData, struct socket *so, struct mbuf *m,
354 struct sockaddr_in *saddr, struct sockaddr_in *daddr,
355 int iptos)
356{
357 register struct udpiphdr *ui;
358 int error;
359 int mlen = 0;
360
361 LogFlowFunc(("ENTER: so = %R[natsock], m = %p, saddr = %RTnaipv4, daddr = %RTnaipv4\n",
362 so, m, saddr->sin_addr.s_addr, daddr->sin_addr.s_addr));
363
364 /* in case of built-in service so might be NULL */
365 if (so) Assert(so->so_type == IPPROTO_UDP);
366
367 /*
368 * Adjust for header
369 */
370 m->m_data -= sizeof(struct udpiphdr);
371 m->m_len += sizeof(struct udpiphdr);
372 mlen = m_length(m, NULL);
373
374 /*
375 * Fill in mbuf with extended UDP header
376 * and addresses and length put into network format.
377 */
378 ui = mtod(m, struct udpiphdr *);
379 memset(ui->ui_x1, 0, 9);
380 ui->ui_pr = IPPROTO_UDP;
381 ui->ui_len = RT_H2N_U16(mlen - sizeof(struct ip));
382 /* XXXXX Check for from-one-location sockets, or from-any-location sockets */
383 ui->ui_src = saddr->sin_addr;
384 ui->ui_dst = daddr->sin_addr;
385 ui->ui_sport = saddr->sin_port;
386 ui->ui_dport = daddr->sin_port;
387 ui->ui_ulen = ui->ui_len;
388
389 /*
390 * Stuff checksum and output datagram.
391 */
392 ui->ui_sum = 0;
393 if (udpcksum)
394 {
395 if ((ui->ui_sum = cksum(m, /* sizeof (struct udpiphdr) + */ mlen)) == 0)
396 ui->ui_sum = 0xffff;
397 }
398 ((struct ip *)ui)->ip_len = mlen;
399 ((struct ip *)ui)->ip_ttl = ip_defttl;
400 ((struct ip *)ui)->ip_tos = iptos;
401
402 udpstat.udps_opackets++;
403
404 error = ip_output(pData, so, m);
405
406 return error;
407}
408
409/**
410 * @note This function will free m!
411 */
412int udp_output(PNATState pData, struct socket *so, struct mbuf *m,
413 struct sockaddr_in *addr)
414{
415 struct sockaddr_in saddr, daddr;
416#ifdef VBOX_WITH_NAT_UDP_SOCKET_CLONE
417 struct socket *pSocketClone = NULL;
418#endif
419 Assert(so->so_type == IPPROTO_UDP);
420 LogFlowFunc(("ENTER: so = %R[natsock], m = %p, saddr = %RTnaipv4\n",
421 so, (long)m, addr->sin_addr.s_addr));
422
423 saddr = *addr;
424 if ((so->so_faddr.s_addr & RT_H2N_U32(pData->netmask)) == pData->special_addr.s_addr)
425 {
426 saddr.sin_addr.s_addr = so->so_faddr.s_addr;
427 if (slirpIsWideCasting(pData, so->so_faddr.s_addr))
428 {
429 /**
430 * We haven't got real firewall but have got its submodule libalias.
431 */
432 m->m_flags |= M_SKIP_FIREWALL;
433 /**
434 * udp/137 port is Name Service in NetBIOS protocol. for some reasons Windows guest rejects
435 * accept data from non-aliased server.
436 */
437 if ( (so->so_fport == so->so_lport)
438 && (so->so_fport == RT_H2N_U16(137)))
439 saddr.sin_addr.s_addr = alias_addr.s_addr;
440 else
441 saddr.sin_addr.s_addr = addr->sin_addr.s_addr;
442 /* we shouldn't override initial socket */
443#ifdef VBOX_WITH_NAT_UDP_SOCKET_CLONE
444 if (so->so_cCloneCounter)
445 pSocketClone = soLookUpClonedUDPSocket(pData, so, addr->sin_addr.s_addr);
446 if (!pSocketClone)
447 pSocketClone = soCloneUDPSocketWithForegnAddr(pData, false, so, addr->sin_addr.s_addr);
448 Assert((pSocketClone));
449 so = pSocketClone;
450#else
451 so->so_faddr.s_addr = addr->sin_addr.s_addr;
452#endif
453 }
454 }
455
456 /* Any UDP packet to the loopback address must be translated to be from
457 * the forwarding address, i.e. 10.0.2.2. */
458 if ( (saddr.sin_addr.s_addr & RT_H2N_U32_C(IN_CLASSA_NET))
459 == RT_H2N_U32_C(INADDR_LOOPBACK & IN_CLASSA_NET))
460 saddr.sin_addr.s_addr = alias_addr.s_addr;
461
462 daddr.sin_addr = so->so_laddr;
463 daddr.sin_port = so->so_lport;
464
465 return udp_output2(pData, so, m, &saddr, &daddr, so->so_iptos);
466}
467
468int
469udp_attach(PNATState pData, struct socket *so)
470{
471 struct sockaddr_in *addr;
472 struct sockaddr sa_addr;
473 socklen_t socklen = sizeof(struct sockaddr);
474 int status;
475 int opt = 1;
476
477 /* We attaching some olready attched socket ??? */
478 Assert(so->so_type == 0);
479 if ((so->s = socket(AF_INET, SOCK_DGRAM, 0)) == -1)
480 goto error;
481 /*
482 * Here, we bind() the socket. Although not really needed
483 * (sendto() on an unbound socket will bind it), it's done
484 * here so that emulation of ytalk etc. don't have to do it
485 */
486 memset(&sa_addr, 0, sizeof(struct sockaddr));
487 addr = (struct sockaddr_in *)&sa_addr;
488#ifdef RT_OS_DARWIN
489 addr->sin_len = sizeof(struct sockaddr_in);
490#endif
491 addr->sin_family = AF_INET;
492 addr->sin_addr.s_addr = pData->bindIP.s_addr;
493 fd_nonblock(so->s);
494 if (bind(so->s, &sa_addr, sizeof(struct sockaddr_in)) < 0)
495 {
496 int lasterrno = errno;
497 closesocket(so->s);
498 so->s = -1;
499#ifdef RT_OS_WINDOWS
500 WSASetLastError(lasterrno);
501#else
502 errno = lasterrno;
503#endif
504 goto error;
505 }
506 /* success, insert in queue */
507 so->so_expire = curtime + SO_EXPIRE;
508 /* enable broadcast for later use */
509 setsockopt(so->s, SOL_SOCKET, SO_BROADCAST, (const char *)&opt, sizeof(opt));
510 status = getsockname(so->s, &sa_addr, &socklen);
511 Assert(status == 0 && sa_addr.sa_family == AF_INET);
512 so->so_hlport = ((struct sockaddr_in *)&sa_addr)->sin_port;
513 so->so_hladdr.s_addr = ((struct sockaddr_in *)&sa_addr)->sin_addr.s_addr;
514
515 SOCKET_LOCK_CREATE(so);
516 QSOCKET_LOCK(udb);
517 insque(pData, so, &udb);
518 NSOCK_INC();
519 QSOCKET_UNLOCK(udb);
520 so->so_type = IPPROTO_UDP;
521 return so->s;
522error:
523 Log2(("NAT: can't create datagramm socket\n"));
524 return -1;
525}
526
527void
528udp_detach(PNATState pData, struct socket *so)
529{
530 if (so != &pData->icmp_socket)
531 {
532 Assert(so->so_type == IPPROTO_UDP);
533 QSOCKET_LOCK(udb);
534 SOCKET_LOCK(so);
535 QSOCKET_UNLOCK(udb);
536#ifdef VBOX_WITH_NAT_UDP_SOCKET_CLONE
537 if (so->so_cloneOf)
538 so->so_cloneOf->so_cCloneCounter--;
539 else if (so->so_cCloneCounter > 0)
540 {
541 /* we can't close socket yet */
542 SOCKET_UNLOCK(so);
543 return;
544 }
545#endif
546 closesocket(so->s);
547 sofree(pData, so);
548 SOCKET_UNLOCK(so);
549 }
550}
551
552struct socket *
553udp_listen(PNATState pData, u_int32_t bind_addr, u_int port, u_int32_t laddr, u_int lport, int flags)
554{
555 struct sockaddr_in addr;
556 struct socket *so;
557 socklen_t addrlen = sizeof(struct sockaddr_in);
558 int opt = 1;
559 LogFlowFunc(("ENTER: bind_addr:%RTnaipv4, port:%d, laddr:%RTnaipv4, lport:%d, flags:%x\n",
560 bind_addr, RT_N2H_U16(port), laddr, RT_N2H_U16(lport), flags));
561
562 if ((so = socreate()) == NULL)
563 {
564 LogFlowFunc(("LEAVE: NULL\n"));
565 return NULL;
566 }
567
568 so->s = socket(AF_INET, SOCK_DGRAM, 0);
569 if (so->s == -1)
570 {
571 LogRel(("NAT: can't create datagram socket\n"));
572 RTMemFree(so);
573 LogFlowFunc(("LEAVE: NULL\n"));
574 return NULL;
575 }
576 so->so_expire = curtime + SO_EXPIRE;
577 so->so_type = IPPROTO_UDP;
578 fd_nonblock(so->s);
579 SOCKET_LOCK_CREATE(so);
580 QSOCKET_LOCK(udb);
581 insque(pData, so, &udb);
582 NSOCK_INC();
583 QSOCKET_UNLOCK(udb);
584
585 memset(&addr, 0, sizeof(addr));
586#ifdef RT_OS_DARWIN
587 addr.sin_len = sizeof(addr);
588#endif
589 addr.sin_family = AF_INET;
590 addr.sin_addr.s_addr = bind_addr;
591 addr.sin_port = port;
592
593 if (bind(so->s,(struct sockaddr *)&addr, addrlen) < 0)
594 {
595 LogRel(("NAT: bind to %RTnaipv4 has been failed\n", addr.sin_addr));
596 udp_detach(pData, so);
597 LogFlowFunc(("LEAVE: NULL\n"));
598 return NULL;
599 }
600 setsockopt(so->s, SOL_SOCKET, SO_REUSEADDR,(char *)&opt, sizeof(int));
601/* setsockopt(so->s, SOL_SOCKET, SO_OOBINLINE,(char *)&opt, sizeof(int)); */
602
603 getsockname(so->s,(struct sockaddr *)&addr,&addrlen);
604 so->so_fport = addr.sin_port;
605 /* The original check was completely broken, as the commented out
606 * if statement was always true (INADDR_ANY=0). */
607 /* if (addr.sin_addr.s_addr == 0 || addr.sin_addr.s_addr == loopback_addr.s_addr) */
608 /* @todo: vvl - alias_addr should be set (if required)
609 * later by liabalias module.
610 */
611 if (1 == 0) /* always use the else part */
612 so->so_faddr = alias_addr;
613 else
614 so->so_faddr = addr.sin_addr;
615
616 so->so_lport = lport;
617 so->so_laddr.s_addr = laddr;
618 if (flags != SS_FACCEPTONCE)
619 so->so_expire = 0;
620
621 so->so_state = SS_ISFCONNECTED;
622
623 LogFlowFunc(("LEAVE: %R[natsock]\n", so));
624 return so;
625}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette