ippool_y.y (7c478bd9) | ippool_y.y (7663b816) |
---|---|
1%{ | 1%{ |
2/* 3 * Copyright (C) 2003 by Darren Reed. 4 * 5 * See the IPFILTER.LICENCE file for details on licencing. 6 * 7 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 8 * Use is subject to license terms. 9 */ 10 11#pragma ident "%Z%%M% %I% %E% SMI" 12 |
|
2#include <sys/types.h> 3#include <sys/time.h> 4#include <sys/param.h> 5#include <sys/socket.h> 6#if defined(BSD) && (BSD >= 199306) 7# include <sys/cdefs.h> 8#endif 9#include <sys/ioctl.h> --- 33 unchanged lines hidden (view full) --- 43extern int yydebug; 44extern FILE *yyin; 45 46static iphtable_t ipht; 47static iphtent_t iphte; 48static ip_pool_t iplo; 49static ioctlfunc_t poolioctl = NULL; 50static char poolname[FR_GROUPLEN]; | 13#include <sys/types.h> 14#include <sys/time.h> 15#include <sys/param.h> 16#include <sys/socket.h> 17#if defined(BSD) && (BSD >= 199306) 18# include <sys/cdefs.h> 19#endif 20#include <sys/ioctl.h> --- 33 unchanged lines hidden (view full) --- 54extern int yydebug; 55extern FILE *yyin; 56 57static iphtable_t ipht; 58static iphtent_t iphte; 59static ip_pool_t iplo; 60static ioctlfunc_t poolioctl = NULL; 61static char poolname[FR_GROUPLEN]; |
62static int set_ipv6_addr = 0; |
|
51 52%} 53 54%union { 55 char *str; 56 u_32_t num; 57 struct in_addr addr; 58 struct alist_s *alist; | 63 64%} 65 66%union { 67 char *str; 68 u_32_t num; 69 struct in_addr addr; 70 struct alist_s *alist; |
59 struct in_addr adrmsk[2]; | 71 union i6addr adrmsk[2]; |
60 iphtent_t *ipe; 61 ip_pool_node_t *ipp; 62 union i6addr ip6; 63} 64 65%token <num> YY_NUMBER YY_HEX 66%token <str> YY_STR 67%token YY_COMMENT --- 5 unchanged lines hidden (view full) --- 73%token IPT_TABLE IPT_GROUPMAP IPT_HASH 74%token IPT_ROLE IPT_TYPE IPT_TREE 75%token IPT_GROUP IPT_SIZE IPT_SEED IPT_NUM IPT_NAME 76%type <num> role table inout 77%type <ipp> ipftree range addrlist 78%type <adrmsk> addrmask 79%type <ipe> ipfgroup ipfhash hashlist hashentry 80%type <ipe> groupentry setgrouplist grouplist | 72 iphtent_t *ipe; 73 ip_pool_node_t *ipp; 74 union i6addr ip6; 75} 76 77%token <num> YY_NUMBER YY_HEX 78%token <str> YY_STR 79%token YY_COMMENT --- 5 unchanged lines hidden (view full) --- 85%token IPT_TABLE IPT_GROUPMAP IPT_HASH 86%token IPT_ROLE IPT_TYPE IPT_TREE 87%token IPT_GROUP IPT_SIZE IPT_SEED IPT_NUM IPT_NAME 88%type <num> role table inout 89%type <ipp> ipftree range addrlist 90%type <adrmsk> addrmask 91%type <ipe> ipfgroup ipfhash hashlist hashentry 92%type <ipe> groupentry setgrouplist grouplist |
81%type <addr> ipaddr mask ipv4 | 93%type <ip6> ipaddr mask ipv4 |
82%type <str> number setgroup 83 84%% 85file: line 86 | assign 87 | file line 88 | file assign 89 ; --- 57 unchanged lines hidden (view full) --- 147role: 148 IPT_ROLE '=' IPT_IPF { $$ = IPL_LOGIPF; } 149 | IPT_ROLE '=' IPT_NAT { $$ = IPL_LOGNAT; } 150 | IPT_ROLE '=' IPT_AUTH { $$ = IPL_LOGAUTH; } 151 | IPT_ROLE '=' IPT_COUNT { $$ = IPL_LOGCOUNT; } 152 ; 153 154ipftree: | 94%type <str> number setgroup 95 96%% 97file: line 98 | assign 99 | file line 100 | file assign 101 ; --- 57 unchanged lines hidden (view full) --- 159role: 160 IPT_ROLE '=' IPT_IPF { $$ = IPL_LOGIPF; } 161 | IPT_ROLE '=' IPT_NAT { $$ = IPL_LOGNAT; } 162 | IPT_ROLE '=' IPT_AUTH { $$ = IPL_LOGAUTH; } 163 | IPT_ROLE '=' IPT_COUNT { $$ = IPL_LOGCOUNT; } 164 ; 165 166ipftree: |
155 IPT_TYPE '=' IPT_TREE number '{' addrlist '}' | 167 IPT_TYPE '=' IPT_TREE number '{' { yyexpectaddr = 1; } 168 addrlist '}' |
156 { strncpy(iplo.ipo_name, $4, 157 sizeof(iplo.ipo_name)); | 169 { strncpy(iplo.ipo_name, $4, 170 sizeof(iplo.ipo_name)); |
158 $$ = $6; | 171 $$ = $7; |
159 } 160 ; 161 162ipfhash: | 172 } 173 ; 174 175ipfhash: |
163 IPT_TYPE '=' IPT_HASH number hashopts '{' hashlist '}' | 176 IPT_TYPE '=' IPT_HASH number hashopts '{' { yyexpectaddr = 1; } 177 hashlist '}' |
164 { strncpy(ipht.iph_name, $4, 165 sizeof(ipht.iph_name)); | 178 { strncpy(ipht.iph_name, $4, 179 sizeof(ipht.iph_name)); |
166 $$ = $7; | 180 $$ = $8; |
167 } 168 ; 169 170ipfgroup: 171 setgroup hashopts '{' grouplist '}' 172 { iphtent_t *e; 173 for (e = $4; e != NULL; 174 e = e->ipe_next) --- 26 unchanged lines hidden (view full) --- 201 202hashopts: 203 | size 204 | seed 205 | size seed 206 ; 207 208addrlist: | 181 } 182 ; 183 184ipfgroup: 185 setgroup hashopts '{' grouplist '}' 186 { iphtent_t *e; 187 for (e = $4; e != NULL; 188 e = e->ipe_next) --- 26 unchanged lines hidden (view full) --- 215 216hashopts: 217 | size 218 | seed 219 | size seed 220 ; 221 222addrlist: |
209 range ',' addrlist { $1->ipn_next = $3; $$ = $1; } 210 | range { $$ = $1; } | 223 range next addrlist { $1->ipn_next = $3; $$ = $1; } 224 | range next { $$ = $1; } |
211 ; 212 213grouplist: | 225 ; 226 227grouplist: |
214 groupentry ';' grouplist { $$ = $1; $1->ipe_next = $3; } 215 | addrmask ';' grouplist { $$ = calloc(1, sizeof(iphtent_t)); | 228 groupentry next grouplist { $$ = $1; $1->ipe_next = $3; } 229 | addrmask next grouplist { $$ = calloc(1, sizeof(iphtent_t)); 230 if (set_ipv6_addr) 231 $$->ipe_family = AF_INET6; 232 else 233 $$->ipe_family = AF_INET; |
216 bcopy((char *)&($1[0]), 217 (char *)&($$->ipe_addr), 218 sizeof($$->ipe_addr)); 219 bcopy((char *)&($1[1]), 220 (char *)&($$->ipe_mask), 221 sizeof($$->ipe_mask)); | 234 bcopy((char *)&($1[0]), 235 (char *)&($$->ipe_addr), 236 sizeof($$->ipe_addr)); 237 bcopy((char *)&($1[1]), 238 (char *)&($$->ipe_mask), 239 sizeof($$->ipe_mask)); |
222 $$->ipe_next = $3; 223 } 224 | groupentry ';' { $$ = $1; } 225 | addrmask ';' { $$ = calloc(1, sizeof(iphtent_t)); | 240 set_ipv6_addr = 0; 241 $$->ipe_next = $3; } 242 | groupentry next { $$ = $1; } 243 | addrmask next { $$ = calloc(1, sizeof(iphtent_t)); 244 if (set_ipv6_addr) 245 $$->ipe_family = AF_INET6; 246 else 247 $$->ipe_family = AF_INET; |
226 bcopy((char *)&($1[0]), 227 (char *)&($$->ipe_addr), 228 sizeof($$->ipe_addr)); 229 bcopy((char *)&($1[1]), 230 (char *)&($$->ipe_mask), 231 sizeof($$->ipe_mask)); | 248 bcopy((char *)&($1[0]), 249 (char *)&($$->ipe_addr), 250 sizeof($$->ipe_addr)); 251 bcopy((char *)&($1[1]), 252 (char *)&($$->ipe_mask), 253 sizeof($$->ipe_mask)); |
254 set_ipv6_addr = 0; |
|
232 } 233 ; 234 235setgrouplist: | 255 } 256 ; 257 258setgrouplist: |
236 groupentry ';' { $$ = $1; } 237 | groupentry ';' setgrouplist { $1->ipe_next = $3; $$ = $1; } | 259 groupentry next { $$ = $1; } 260 | groupentry next setgrouplist { $1->ipe_next = $3; $$ = $1; } |
238 ; 239 240groupentry: | 261 ; 262 263groupentry: |
241 addrmask ',' setgroup { $$ = calloc(1, sizeof(iphtent_t)); 242 bcopy((char *)&($1[0]), 243 (char *)&($$->ipe_addr), 244 sizeof($$->ipe_addr)); 245 bcopy((char *)&($1[1]), 246 (char *)&($$->ipe_mask), 247 sizeof($$->ipe_mask)); 248 strncpy($$->ipe_group, $3, 249 FR_GROUPLEN); 250 free($3); 251 } | 264 addrmask ',' setgroup { $$ = calloc(1, sizeof(iphtent_t)); 265 if (set_ipv6_addr) 266 $$->ipe_family = AF_INET6; 267 else 268 $$->ipe_family = AF_INET; 269 bcopy((char *)&($1[0]), 270 (char *)&($$->ipe_addr), 271 sizeof($$->ipe_addr)); 272 bcopy((char *)&($1[1]), 273 (char *)&($$->ipe_mask), 274 sizeof($$->ipe_mask)); 275 set_ipv6_addr = 0; 276 strncpy($$->ipe_group, $3, FR_GROUPLEN); 277 free($3); } 278 |
252 ; 253 254range: addrmask { $$ = calloc(1, sizeof(*$$)); 255 $$->ipn_info = 0; | 279 ; 280 281range: addrmask { $$ = calloc(1, sizeof(*$$)); 282 $$->ipn_info = 0; |
256 $$->ipn_addr.adf_addr.in4.s_addr = $1[0].s_addr; 257 $$->ipn_mask.adf_addr.in4.s_addr = $1[1].s_addr; | 283 if (set_ipv6_addr) { 284 $$->ipn_addr.adf_family = AF_INET6; 285 $$->ipn_addr.adf_addr = $1[0]; 286 $$->ipn_mask.adf_addr = $1[1]; 287 288 } else { 289 $$->ipn_addr.adf_family = AF_INET; 290 $$->ipn_addr.adf_addr.in4.s_addr = $1[0].in4.s_addr; 291 $$->ipn_mask.adf_addr.in4.s_addr = $1[1].in4.s_addr; 292 } 293 set_ipv6_addr = 0; |
258 } 259 | '!' addrmask { $$ = calloc(1, sizeof(*$$)); 260 $$->ipn_info = 1; | 294 } 295 | '!' addrmask { $$ = calloc(1, sizeof(*$$)); 296 $$->ipn_info = 1; |
261 $$->ipn_addr.adf_addr.in4.s_addr = $2[0].s_addr; 262 $$->ipn_mask.adf_addr.in4.s_addr = $2[1].s_addr; | 297 if (set_ipv6_addr) { 298 $$->ipn_addr.adf_family = AF_INET6; 299 $$->ipn_addr.adf_addr = $2[0]; 300 $$->ipn_mask.adf_addr = $2[1]; 301 } else { 302 $$->ipn_addr.adf_family = AF_INET; 303 $$->ipn_addr.adf_addr.in4.s_addr = $2[0].in4.s_addr; 304 $$->ipn_mask.adf_addr.in4.s_addr = $2[1].in4.s_addr; 305 } 306 set_ipv6_addr = 0; |
263 } 264 265hashlist: | 307 } 308 309hashlist: |
266 hashentry ';' { $$ = $1; } 267 | hashentry ';' hashlist { $1->ipe_next = $3; $$ = $1; } | 310 hashentry next { $$ = $1; } 311 | hashentry next hashlist { $1->ipe_next = $3; $$ = $1; } |
268 ; 269 270hashentry: 271 addrmask { $$ = calloc(1, sizeof(iphtent_t)); | 312 ; 313 314hashentry: 315 addrmask { $$ = calloc(1, sizeof(iphtent_t)); |
316 if (set_ipv6_addr) 317 $$->ipe_family = AF_INET6; 318 else 319 $$->ipe_family = AF_INET; |
|
272 bcopy((char *)&($1[0]), 273 (char *)&($$->ipe_addr), 274 sizeof($$->ipe_addr)); 275 bcopy((char *)&($1[1]), 276 (char *)&($$->ipe_mask), 277 sizeof($$->ipe_mask)); | 320 bcopy((char *)&($1[0]), 321 (char *)&($$->ipe_addr), 322 sizeof($$->ipe_addr)); 323 bcopy((char *)&($1[1]), 324 (char *)&($$->ipe_mask), 325 sizeof($$->ipe_mask)); |
326 set_ipv6_addr = 0; |
|
278 } 279 ; 280 281addrmask: | 327 } 328 ; 329 330addrmask: |
282 ipaddr '/' mask { $$[0] = $1; $$[1].s_addr = $3.s_addr; } 283 | ipaddr { $$[0] = $1; $$[1].s_addr = 0xffffffff; } | 331 ipaddr '/' mask { $$[0] = $1; $$[1] = $3; } 332 | ipaddr { $$[0] = $1; 333 if (set_ipv6_addr) 334 fill6bits(128, (u_32_t *)$$[1].in6.s6_addr); 335 else 336 $$[1].in4.s_addr = 0xffffffff; } |
284 ; 285 286ipaddr: ipv4 { $$ = $1; } | 337 ; 338 339ipaddr: ipv4 { $$ = $1; } |
287 | YY_NUMBER { $$.s_addr = htonl($1); } | 340 | YY_NUMBER { $$.in4.s_addr = htonl($1); } 341 | YY_IPV6 { set_ipv6_addr = 1; 342 bcopy(&$1, &$$, sizeof($$)); 343 yyexpectaddr = 0; } |
288 ; 289 | 344 ; 345 |
290mask: YY_NUMBER { ntomask(4, $1, (u_32_t *)&$$.s_addr); } | 346mask: YY_NUMBER { if (set_ipv6_addr) 347 ntomask(6, $1, (u_32_t *)$$.in6.s6_addr); 348 else 349 ntomask(4, $1, (u_32_t *)&$$.in4.s_addr); 350 } |
291 | ipv4 { $$ = $1; } 292 ; 293 294size: IPT_SIZE '=' YY_NUMBER { ipht.iph_size = $3; } 295 ; 296 297seed: IPT_SEED '=' YY_NUMBER { ipht.iph_seed = $3; } 298 ; 299 300ipv4: YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER 301 { if ($1 > 255 || $3 > 255 || $5 > 255 || $7 > 255) { 302 yyerror("Invalid octet string for IP address"); 303 return 0; 304 } | 351 | ipv4 { $$ = $1; } 352 ; 353 354size: IPT_SIZE '=' YY_NUMBER { ipht.iph_size = $3; } 355 ; 356 357seed: IPT_SEED '=' YY_NUMBER { ipht.iph_seed = $3; } 358 ; 359 360ipv4: YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER 361 { if ($1 > 255 || $3 > 255 || $5 > 255 || $7 > 255) { 362 yyerror("Invalid octet string for IP address"); 363 return 0; 364 } |
305 $$.s_addr = ($1 << 24) | ($3 << 16) | ($5 << 8) | $7; 306 $$.s_addr = htonl($$.s_addr); | 365 $$.in4.s_addr = ($1 << 24) | ($3 << 16) | ($5 << 8) | $7; 366 $$.in4.s_addr = htonl($$.in4.s_addr); |
307 } 308 ; | 367 } 368 ; |
369 370next: ';' { yyexpectaddr = 1; } 371 ; 372 373 |
|
309%% 310static wordtab_t yywords[] = { 311 { "auth", IPT_AUTH }, 312 { "count", IPT_COUNT }, 313 { "group", IPT_GROUP }, 314 { "group-map", IPT_GROUPMAP }, 315 { "hash", IPT_HASH }, 316 { "in", IPT_IN }, --- 79 unchanged lines hidden --- | 374%% 375static wordtab_t yywords[] = { 376 { "auth", IPT_AUTH }, 377 { "count", IPT_COUNT }, 378 { "group", IPT_GROUP }, 379 { "group-map", IPT_GROUPMAP }, 380 { "hash", IPT_HASH }, 381 { "in", IPT_IN }, --- 79 unchanged lines hidden --- |