17c478bd9Sstevel@tonic-gate %{ 27663b816Sml /* 37663b816Sml * Copyright (C) 2003 by Darren Reed. 47663b816Sml * 57663b816Sml * See the IPFILTER.LICENCE file for details on licencing. 67663b816Sml * 77663b816Sml * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 87663b816Sml * Use is subject to license terms. 97663b816Sml */ 107663b816Sml 117663b816Sml #pragma ident "%Z%%M% %I% %E% SMI" 127663b816Sml 137c478bd9Sstevel@tonic-gate #include <sys/types.h> 147c478bd9Sstevel@tonic-gate #include <sys/time.h> 157c478bd9Sstevel@tonic-gate #include <sys/param.h> 167c478bd9Sstevel@tonic-gate #include <sys/socket.h> 177c478bd9Sstevel@tonic-gate #if defined(BSD) && (BSD >= 199306) 187c478bd9Sstevel@tonic-gate # include <sys/cdefs.h> 197c478bd9Sstevel@tonic-gate #endif 207c478bd9Sstevel@tonic-gate #include <sys/ioctl.h> 217c478bd9Sstevel@tonic-gate 227c478bd9Sstevel@tonic-gate #include <net/if.h> 237c478bd9Sstevel@tonic-gate #if __FreeBSD_version >= 300000 247c478bd9Sstevel@tonic-gate # include <net/if_var.h> 257c478bd9Sstevel@tonic-gate #endif 267c478bd9Sstevel@tonic-gate #include <netinet/in.h> 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #include <stdio.h> 317c478bd9Sstevel@tonic-gate #include <fcntl.h> 327c478bd9Sstevel@tonic-gate #include <stdlib.h> 337c478bd9Sstevel@tonic-gate #include <string.h> 347c478bd9Sstevel@tonic-gate #include <netdb.h> 357c478bd9Sstevel@tonic-gate #include <ctype.h> 367c478bd9Sstevel@tonic-gate #include <unistd.h> 377c478bd9Sstevel@tonic-gate 387c478bd9Sstevel@tonic-gate #include "ipf.h" 397c478bd9Sstevel@tonic-gate #if SOLARIS2 >= 10 407c478bd9Sstevel@tonic-gate #include "ip_lookup.h" 417c478bd9Sstevel@tonic-gate #include "ip_pool.h" 427c478bd9Sstevel@tonic-gate #include "ip_htable.h" 437c478bd9Sstevel@tonic-gate #else 447c478bd9Sstevel@tonic-gate #include "netinet/ip_lookup.h" 457c478bd9Sstevel@tonic-gate #include "netinet/ip_pool.h" 467c478bd9Sstevel@tonic-gate #include "netinet/ip_htable.h" 477c478bd9Sstevel@tonic-gate #endif 487c478bd9Sstevel@tonic-gate #include "ippool_l.h" 497c478bd9Sstevel@tonic-gate #include "kmem.h" 507c478bd9Sstevel@tonic-gate 517c478bd9Sstevel@tonic-gate #define YYDEBUG 1 527c478bd9Sstevel@tonic-gate 537c478bd9Sstevel@tonic-gate extern int yyparse __P((void)); 547c478bd9Sstevel@tonic-gate extern int yydebug; 557c478bd9Sstevel@tonic-gate extern FILE *yyin; 567c478bd9Sstevel@tonic-gate 577c478bd9Sstevel@tonic-gate static iphtable_t ipht; 587c478bd9Sstevel@tonic-gate static iphtent_t iphte; 597c478bd9Sstevel@tonic-gate static ip_pool_t iplo; 607c478bd9Sstevel@tonic-gate static ioctlfunc_t poolioctl = NULL; 617c478bd9Sstevel@tonic-gate static char poolname[FR_GROUPLEN]; 627663b816Sml static int set_ipv6_addr = 0; 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate %} 657c478bd9Sstevel@tonic-gate 667c478bd9Sstevel@tonic-gate %union { 677c478bd9Sstevel@tonic-gate char *str; 687c478bd9Sstevel@tonic-gate u_32_t num; 697c478bd9Sstevel@tonic-gate struct in_addr addr; 707c478bd9Sstevel@tonic-gate struct alist_s *alist; 717663b816Sml union i6addr adrmsk[2]; 727c478bd9Sstevel@tonic-gate iphtent_t *ipe; 737c478bd9Sstevel@tonic-gate ip_pool_node_t *ipp; 747c478bd9Sstevel@tonic-gate union i6addr ip6; 757c478bd9Sstevel@tonic-gate } 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate %token <num> YY_NUMBER YY_HEX 787c478bd9Sstevel@tonic-gate %token <str> YY_STR 797c478bd9Sstevel@tonic-gate %token YY_COMMENT 807c478bd9Sstevel@tonic-gate %token YY_CMP_EQ YY_CMP_NE YY_CMP_LE YY_CMP_GE YY_CMP_LT YY_CMP_GT 817c478bd9Sstevel@tonic-gate %token YY_RANGE_OUT YY_RANGE_IN 827c478bd9Sstevel@tonic-gate %token <ip6> YY_IPV6 837c478bd9Sstevel@tonic-gate 847c478bd9Sstevel@tonic-gate %token IPT_IPF IPT_NAT IPT_COUNT IPT_AUTH IPT_IN IPT_OUT 857c478bd9Sstevel@tonic-gate %token IPT_TABLE IPT_GROUPMAP IPT_HASH 867c478bd9Sstevel@tonic-gate %token IPT_ROLE IPT_TYPE IPT_TREE 877c478bd9Sstevel@tonic-gate %token IPT_GROUP IPT_SIZE IPT_SEED IPT_NUM IPT_NAME 887c478bd9Sstevel@tonic-gate %type <num> role table inout 897c478bd9Sstevel@tonic-gate %type <ipp> ipftree range addrlist 907c478bd9Sstevel@tonic-gate %type <adrmsk> addrmask 917c478bd9Sstevel@tonic-gate %type <ipe> ipfgroup ipfhash hashlist hashentry 927c478bd9Sstevel@tonic-gate %type <ipe> groupentry setgrouplist grouplist 937663b816Sml %type <ip6> ipaddr mask ipv4 947c478bd9Sstevel@tonic-gate %type <str> number setgroup 957c478bd9Sstevel@tonic-gate 967c478bd9Sstevel@tonic-gate %% 977c478bd9Sstevel@tonic-gate file: line 987c478bd9Sstevel@tonic-gate | assign 997c478bd9Sstevel@tonic-gate | file line 1007c478bd9Sstevel@tonic-gate | file assign 1017c478bd9Sstevel@tonic-gate ; 1027c478bd9Sstevel@tonic-gate 1037c478bd9Sstevel@tonic-gate line: table role ipftree eol { iplo.ipo_unit = $2; 1047c478bd9Sstevel@tonic-gate iplo.ipo_list = $3; 1057c478bd9Sstevel@tonic-gate load_pool(&iplo, poolioctl); 1067c478bd9Sstevel@tonic-gate resetlexer(); 1077c478bd9Sstevel@tonic-gate } 1087c478bd9Sstevel@tonic-gate | table role ipfhash eol { ipht.iph_unit = $2; 1097c478bd9Sstevel@tonic-gate ipht.iph_type = IPHASH_LOOKUP; 1107c478bd9Sstevel@tonic-gate load_hash(&ipht, $3, poolioctl); 1117c478bd9Sstevel@tonic-gate resetlexer(); 1127c478bd9Sstevel@tonic-gate } 1137c478bd9Sstevel@tonic-gate | groupmap role number ipfgroup eol 1147c478bd9Sstevel@tonic-gate { ipht.iph_unit = $2; 1157c478bd9Sstevel@tonic-gate strncpy(ipht.iph_name, $3, 1167c478bd9Sstevel@tonic-gate sizeof(ipht.iph_name)); 1177c478bd9Sstevel@tonic-gate ipht.iph_type = IPHASH_GROUPMAP; 1187c478bd9Sstevel@tonic-gate load_hash(&ipht, $4, poolioctl); 1197c478bd9Sstevel@tonic-gate resetlexer(); 1207c478bd9Sstevel@tonic-gate } 1217c478bd9Sstevel@tonic-gate | YY_COMMENT 1227c478bd9Sstevel@tonic-gate ; 1237c478bd9Sstevel@tonic-gate 1247c478bd9Sstevel@tonic-gate eol: ';' 1257c478bd9Sstevel@tonic-gate ; 1267c478bd9Sstevel@tonic-gate 1277c478bd9Sstevel@tonic-gate assign: YY_STR assigning YY_STR ';' { set_variable($1, $3); 1287c478bd9Sstevel@tonic-gate resetlexer(); 1297c478bd9Sstevel@tonic-gate free($1); 1307c478bd9Sstevel@tonic-gate free($3); 1317c478bd9Sstevel@tonic-gate } 1327c478bd9Sstevel@tonic-gate ; 1337c478bd9Sstevel@tonic-gate 1347c478bd9Sstevel@tonic-gate assigning: 1357c478bd9Sstevel@tonic-gate '=' { yyvarnext = 1; } 1367c478bd9Sstevel@tonic-gate ; 1377c478bd9Sstevel@tonic-gate 1387c478bd9Sstevel@tonic-gate table: IPT_TABLE { bzero((char *)&ipht, sizeof(ipht)); 1397c478bd9Sstevel@tonic-gate bzero((char *)&iphte, sizeof(iphte)); 1407c478bd9Sstevel@tonic-gate bzero((char *)&iplo, sizeof(iplo)); 1417c478bd9Sstevel@tonic-gate *ipht.iph_name = '\0'; 1427c478bd9Sstevel@tonic-gate iplo.ipo_flags = IPHASH_ANON; 1437c478bd9Sstevel@tonic-gate iplo.ipo_name[0] = '\0'; 1447c478bd9Sstevel@tonic-gate } 1457c478bd9Sstevel@tonic-gate ; 1467c478bd9Sstevel@tonic-gate 1477c478bd9Sstevel@tonic-gate groupmap: 1487c478bd9Sstevel@tonic-gate IPT_GROUPMAP inout { bzero((char *)&ipht, sizeof(ipht)); 1497c478bd9Sstevel@tonic-gate bzero((char *)&iphte, sizeof(iphte)); 1507c478bd9Sstevel@tonic-gate *ipht.iph_name = '\0'; 1517c478bd9Sstevel@tonic-gate ipht.iph_unit = IPHASH_GROUPMAP; 1527c478bd9Sstevel@tonic-gate ipht.iph_flags = $2; 1537c478bd9Sstevel@tonic-gate } 1547c478bd9Sstevel@tonic-gate ; 1557c478bd9Sstevel@tonic-gate 1567c478bd9Sstevel@tonic-gate inout: IPT_IN { $$ = FR_INQUE; } 1577c478bd9Sstevel@tonic-gate | IPT_OUT { $$ = FR_OUTQUE; } 1587c478bd9Sstevel@tonic-gate ; 1597c478bd9Sstevel@tonic-gate role: 1607c478bd9Sstevel@tonic-gate IPT_ROLE '=' IPT_IPF { $$ = IPL_LOGIPF; } 1617c478bd9Sstevel@tonic-gate | IPT_ROLE '=' IPT_NAT { $$ = IPL_LOGNAT; } 1627c478bd9Sstevel@tonic-gate | IPT_ROLE '=' IPT_AUTH { $$ = IPL_LOGAUTH; } 1637c478bd9Sstevel@tonic-gate | IPT_ROLE '=' IPT_COUNT { $$ = IPL_LOGCOUNT; } 1647c478bd9Sstevel@tonic-gate ; 1657c478bd9Sstevel@tonic-gate 1667c478bd9Sstevel@tonic-gate ipftree: 1677663b816Sml IPT_TYPE '=' IPT_TREE number '{' { yyexpectaddr = 1; } 1687663b816Sml addrlist '}' 1697c478bd9Sstevel@tonic-gate { strncpy(iplo.ipo_name, $4, 1707c478bd9Sstevel@tonic-gate sizeof(iplo.ipo_name)); 1717663b816Sml $$ = $7; 1727c478bd9Sstevel@tonic-gate } 1737c478bd9Sstevel@tonic-gate ; 1747c478bd9Sstevel@tonic-gate 1757c478bd9Sstevel@tonic-gate ipfhash: 1767663b816Sml IPT_TYPE '=' IPT_HASH number hashopts '{' { yyexpectaddr = 1; } 1777663b816Sml hashlist '}' 1787c478bd9Sstevel@tonic-gate { strncpy(ipht.iph_name, $4, 1797c478bd9Sstevel@tonic-gate sizeof(ipht.iph_name)); 1807663b816Sml $$ = $8; 1817c478bd9Sstevel@tonic-gate } 1827c478bd9Sstevel@tonic-gate ; 1837c478bd9Sstevel@tonic-gate 1847c478bd9Sstevel@tonic-gate ipfgroup: 1857c478bd9Sstevel@tonic-gate setgroup hashopts '{' grouplist '}' 1867c478bd9Sstevel@tonic-gate { iphtent_t *e; 1877c478bd9Sstevel@tonic-gate for (e = $4; e != NULL; 1887c478bd9Sstevel@tonic-gate e = e->ipe_next) 1897c478bd9Sstevel@tonic-gate if (e->ipe_group[0] == '\0') 1907c478bd9Sstevel@tonic-gate strncpy(e->ipe_group, 1917c478bd9Sstevel@tonic-gate $1, 1927c478bd9Sstevel@tonic-gate FR_GROUPLEN); 1937c478bd9Sstevel@tonic-gate $$ = $4; 1947c478bd9Sstevel@tonic-gate } 1957c478bd9Sstevel@tonic-gate | hashopts '{' setgrouplist '}' { $$ = $3; } 1967c478bd9Sstevel@tonic-gate ; 1977c478bd9Sstevel@tonic-gate 1987c478bd9Sstevel@tonic-gate number: IPT_NUM '=' YY_NUMBER { sprintf(poolname, "%u", $3); 1997c478bd9Sstevel@tonic-gate $$ = poolname; 2007c478bd9Sstevel@tonic-gate } 2017c478bd9Sstevel@tonic-gate | IPT_NAME '=' YY_STR { $$ = $3; } 2027c478bd9Sstevel@tonic-gate | { $$ = ""; } 2037c478bd9Sstevel@tonic-gate ; 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate setgroup: 2067c478bd9Sstevel@tonic-gate IPT_GROUP '=' YY_STR { char tmp[FR_GROUPLEN+1]; 2077c478bd9Sstevel@tonic-gate strncpy(tmp, $3, FR_GROUPLEN); 2087c478bd9Sstevel@tonic-gate $$ = strdup(tmp); 2097c478bd9Sstevel@tonic-gate } 2107c478bd9Sstevel@tonic-gate | IPT_GROUP '=' YY_NUMBER { char tmp[FR_GROUPLEN+1]; 2117c478bd9Sstevel@tonic-gate sprintf(tmp, "%u", $3); 2127c478bd9Sstevel@tonic-gate $$ = strdup(tmp); 2137c478bd9Sstevel@tonic-gate } 2147c478bd9Sstevel@tonic-gate ; 2157c478bd9Sstevel@tonic-gate 2167c478bd9Sstevel@tonic-gate hashopts: 2177c478bd9Sstevel@tonic-gate | size 2187c478bd9Sstevel@tonic-gate | seed 2197c478bd9Sstevel@tonic-gate | size seed 2207c478bd9Sstevel@tonic-gate ; 2217c478bd9Sstevel@tonic-gate 2227c478bd9Sstevel@tonic-gate addrlist: 223f30f5fa1Sjojemann next { $$ = NULL; } 224f30f5fa1Sjojemann | range next addrlist { $1->ipn_next = $3; $$ = $1; } 225*19adb7feSjojemann | range next { $$ = $1; } 226*19adb7feSjojemann | range { $$ = $1; } 2277c478bd9Sstevel@tonic-gate ; 2287c478bd9Sstevel@tonic-gate 2297c478bd9Sstevel@tonic-gate grouplist: 2307663b816Sml groupentry next grouplist { $$ = $1; $1->ipe_next = $3; } 2317663b816Sml | addrmask next grouplist { $$ = calloc(1, sizeof(iphtent_t)); 2327663b816Sml if (set_ipv6_addr) 2337663b816Sml $$->ipe_family = AF_INET6; 2347663b816Sml else 2357663b816Sml $$->ipe_family = AF_INET; 2367c478bd9Sstevel@tonic-gate bcopy((char *)&($1[0]), 2377c478bd9Sstevel@tonic-gate (char *)&($$->ipe_addr), 2387c478bd9Sstevel@tonic-gate sizeof($$->ipe_addr)); 2397c478bd9Sstevel@tonic-gate bcopy((char *)&($1[1]), 2407c478bd9Sstevel@tonic-gate (char *)&($$->ipe_mask), 2417c478bd9Sstevel@tonic-gate sizeof($$->ipe_mask)); 2427663b816Sml set_ipv6_addr = 0; 2437663b816Sml $$->ipe_next = $3; } 2447663b816Sml | groupentry next { $$ = $1; } 2457663b816Sml | addrmask next { $$ = calloc(1, sizeof(iphtent_t)); 2467663b816Sml if (set_ipv6_addr) 2477663b816Sml $$->ipe_family = AF_INET6; 2487663b816Sml else 2497663b816Sml $$->ipe_family = AF_INET; 2507c478bd9Sstevel@tonic-gate bcopy((char *)&($1[0]), 2517c478bd9Sstevel@tonic-gate (char *)&($$->ipe_addr), 2527c478bd9Sstevel@tonic-gate sizeof($$->ipe_addr)); 2537c478bd9Sstevel@tonic-gate bcopy((char *)&($1[1]), 2547c478bd9Sstevel@tonic-gate (char *)&($$->ipe_mask), 2557c478bd9Sstevel@tonic-gate sizeof($$->ipe_mask)); 2567663b816Sml set_ipv6_addr = 0; 2577c478bd9Sstevel@tonic-gate } 2587c478bd9Sstevel@tonic-gate ; 2597c478bd9Sstevel@tonic-gate 2607c478bd9Sstevel@tonic-gate setgrouplist: 2617663b816Sml groupentry next { $$ = $1; } 2627663b816Sml | groupentry next setgrouplist { $1->ipe_next = $3; $$ = $1; } 2637c478bd9Sstevel@tonic-gate ; 2647c478bd9Sstevel@tonic-gate 2657c478bd9Sstevel@tonic-gate groupentry: 2667663b816Sml addrmask ',' setgroup { $$ = calloc(1, sizeof(iphtent_t)); 2677663b816Sml if (set_ipv6_addr) 2687663b816Sml $$->ipe_family = AF_INET6; 2697663b816Sml else 2707663b816Sml $$->ipe_family = AF_INET; 2717663b816Sml bcopy((char *)&($1[0]), 2727663b816Sml (char *)&($$->ipe_addr), 2737663b816Sml sizeof($$->ipe_addr)); 2747663b816Sml bcopy((char *)&($1[1]), 2757663b816Sml (char *)&($$->ipe_mask), 2767663b816Sml sizeof($$->ipe_mask)); 2777663b816Sml set_ipv6_addr = 0; 2787663b816Sml strncpy($$->ipe_group, $3, FR_GROUPLEN); 2797663b816Sml free($3); } 2807663b816Sml 2817c478bd9Sstevel@tonic-gate ; 2827c478bd9Sstevel@tonic-gate 2837c478bd9Sstevel@tonic-gate range: addrmask { $$ = calloc(1, sizeof(*$$)); 2847c478bd9Sstevel@tonic-gate $$->ipn_info = 0; 2857663b816Sml if (set_ipv6_addr) { 2867663b816Sml $$->ipn_addr.adf_family = AF_INET6; 2877663b816Sml $$->ipn_addr.adf_addr = $1[0]; 2887663b816Sml $$->ipn_mask.adf_addr = $1[1]; 2897663b816Sml 2907663b816Sml } else { 2917663b816Sml $$->ipn_addr.adf_family = AF_INET; 2927663b816Sml $$->ipn_addr.adf_addr.in4.s_addr = $1[0].in4.s_addr; 2937663b816Sml $$->ipn_mask.adf_addr.in4.s_addr = $1[1].in4.s_addr; 2947663b816Sml } 2957663b816Sml set_ipv6_addr = 0; 2967c478bd9Sstevel@tonic-gate } 2977c478bd9Sstevel@tonic-gate | '!' addrmask { $$ = calloc(1, sizeof(*$$)); 2987c478bd9Sstevel@tonic-gate $$->ipn_info = 1; 2997663b816Sml if (set_ipv6_addr) { 3007663b816Sml $$->ipn_addr.adf_family = AF_INET6; 3017663b816Sml $$->ipn_addr.adf_addr = $2[0]; 3027663b816Sml $$->ipn_mask.adf_addr = $2[1]; 3037663b816Sml } else { 3047663b816Sml $$->ipn_addr.adf_family = AF_INET; 3057663b816Sml $$->ipn_addr.adf_addr.in4.s_addr = $2[0].in4.s_addr; 3067663b816Sml $$->ipn_mask.adf_addr.in4.s_addr = $2[1].in4.s_addr; 3077663b816Sml } 3087663b816Sml set_ipv6_addr = 0; 3097c478bd9Sstevel@tonic-gate } 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate hashlist: 3127663b816Sml hashentry next { $$ = $1; } 3137663b816Sml | hashentry next hashlist { $1->ipe_next = $3; $$ = $1; } 3147c478bd9Sstevel@tonic-gate ; 3157c478bd9Sstevel@tonic-gate 3167c478bd9Sstevel@tonic-gate hashentry: 3177c478bd9Sstevel@tonic-gate addrmask { $$ = calloc(1, sizeof(iphtent_t)); 3187663b816Sml if (set_ipv6_addr) 3197663b816Sml $$->ipe_family = AF_INET6; 3207663b816Sml else 3217663b816Sml $$->ipe_family = AF_INET; 3227c478bd9Sstevel@tonic-gate bcopy((char *)&($1[0]), 3237c478bd9Sstevel@tonic-gate (char *)&($$->ipe_addr), 3247c478bd9Sstevel@tonic-gate sizeof($$->ipe_addr)); 3257c478bd9Sstevel@tonic-gate bcopy((char *)&($1[1]), 3267c478bd9Sstevel@tonic-gate (char *)&($$->ipe_mask), 3277c478bd9Sstevel@tonic-gate sizeof($$->ipe_mask)); 3287663b816Sml set_ipv6_addr = 0; 3297c478bd9Sstevel@tonic-gate } 3307c478bd9Sstevel@tonic-gate ; 3317c478bd9Sstevel@tonic-gate 3327c478bd9Sstevel@tonic-gate addrmask: 3337663b816Sml ipaddr '/' mask { $$[0] = $1; $$[1] = $3; } 3347663b816Sml | ipaddr { $$[0] = $1; 3357663b816Sml if (set_ipv6_addr) 3367663b816Sml fill6bits(128, (u_32_t *)$$[1].in6.s6_addr); 3377663b816Sml else 3387663b816Sml $$[1].in4.s_addr = 0xffffffff; } 3397c478bd9Sstevel@tonic-gate ; 3407c478bd9Sstevel@tonic-gate 3417c478bd9Sstevel@tonic-gate ipaddr: ipv4 { $$ = $1; } 3427663b816Sml | YY_NUMBER { $$.in4.s_addr = htonl($1); } 3437663b816Sml | YY_IPV6 { set_ipv6_addr = 1; 3447663b816Sml bcopy(&$1, &$$, sizeof($$)); 3457663b816Sml yyexpectaddr = 0; } 3467c478bd9Sstevel@tonic-gate ; 3477c478bd9Sstevel@tonic-gate 3487663b816Sml mask: YY_NUMBER { if (set_ipv6_addr) 3497663b816Sml ntomask(6, $1, (u_32_t *)$$.in6.s6_addr); 3507663b816Sml else 3517663b816Sml ntomask(4, $1, (u_32_t *)&$$.in4.s_addr); 3527663b816Sml } 3537c478bd9Sstevel@tonic-gate | ipv4 { $$ = $1; } 3547c478bd9Sstevel@tonic-gate ; 3557c478bd9Sstevel@tonic-gate 3567c478bd9Sstevel@tonic-gate size: IPT_SIZE '=' YY_NUMBER { ipht.iph_size = $3; } 3577c478bd9Sstevel@tonic-gate ; 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate seed: IPT_SEED '=' YY_NUMBER { ipht.iph_seed = $3; } 3607c478bd9Sstevel@tonic-gate ; 3617c478bd9Sstevel@tonic-gate 3627c478bd9Sstevel@tonic-gate ipv4: YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER 3637c478bd9Sstevel@tonic-gate { if ($1 > 255 || $3 > 255 || $5 > 255 || $7 > 255) { 3647c478bd9Sstevel@tonic-gate yyerror("Invalid octet string for IP address"); 3657c478bd9Sstevel@tonic-gate return 0; 3667c478bd9Sstevel@tonic-gate } 3677663b816Sml $$.in4.s_addr = ($1 << 24) | ($3 << 16) | ($5 << 8) | $7; 3687663b816Sml $$.in4.s_addr = htonl($$.in4.s_addr); 3697c478bd9Sstevel@tonic-gate } 3707c478bd9Sstevel@tonic-gate ; 3717663b816Sml 3727663b816Sml next: ';' { yyexpectaddr = 1; } 373*19adb7feSjojemann | ',' { yyexpectaddr = 1; } 3747663b816Sml ; 3757663b816Sml 3767663b816Sml 3777c478bd9Sstevel@tonic-gate %% 3787c478bd9Sstevel@tonic-gate static wordtab_t yywords[] = { 3797c478bd9Sstevel@tonic-gate { "auth", IPT_AUTH }, 3807c478bd9Sstevel@tonic-gate { "count", IPT_COUNT }, 3817c478bd9Sstevel@tonic-gate { "group", IPT_GROUP }, 3827c478bd9Sstevel@tonic-gate { "group-map", IPT_GROUPMAP }, 3837c478bd9Sstevel@tonic-gate { "hash", IPT_HASH }, 3847c478bd9Sstevel@tonic-gate { "in", IPT_IN }, 3857c478bd9Sstevel@tonic-gate { "ipf", IPT_IPF }, 3867c478bd9Sstevel@tonic-gate { "name", IPT_NAME }, 3877c478bd9Sstevel@tonic-gate { "nat", IPT_NAT }, 3887c478bd9Sstevel@tonic-gate { "number", IPT_NUM }, 3897c478bd9Sstevel@tonic-gate { "out", IPT_OUT }, 3907c478bd9Sstevel@tonic-gate { "role", IPT_ROLE }, 3917c478bd9Sstevel@tonic-gate { "seed", IPT_SEED }, 3927c478bd9Sstevel@tonic-gate { "size", IPT_SIZE }, 3937c478bd9Sstevel@tonic-gate { "table", IPT_TABLE }, 3947c478bd9Sstevel@tonic-gate { "tree", IPT_TREE }, 3957c478bd9Sstevel@tonic-gate { "type", IPT_TYPE }, 3967c478bd9Sstevel@tonic-gate { NULL, 0 } 3977c478bd9Sstevel@tonic-gate }; 3987c478bd9Sstevel@tonic-gate 3997c478bd9Sstevel@tonic-gate 4007c478bd9Sstevel@tonic-gate int ippool_parsefile(fd, filename, iocfunc) 4017c478bd9Sstevel@tonic-gate int fd; 4027c478bd9Sstevel@tonic-gate char *filename; 4037c478bd9Sstevel@tonic-gate ioctlfunc_t iocfunc; 4047c478bd9Sstevel@tonic-gate { 4057c478bd9Sstevel@tonic-gate FILE *fp = NULL; 4067c478bd9Sstevel@tonic-gate char *s; 4077c478bd9Sstevel@tonic-gate 4087c478bd9Sstevel@tonic-gate yylineNum = 1; 4097c478bd9Sstevel@tonic-gate (void) yysettab(yywords); 4107c478bd9Sstevel@tonic-gate 4117c478bd9Sstevel@tonic-gate s = getenv("YYDEBUG"); 4127c478bd9Sstevel@tonic-gate if (s) 4137c478bd9Sstevel@tonic-gate yydebug = atoi(s); 4147c478bd9Sstevel@tonic-gate else 4157c478bd9Sstevel@tonic-gate yydebug = 0; 4167c478bd9Sstevel@tonic-gate 4177c478bd9Sstevel@tonic-gate if (strcmp(filename, "-")) { 4187c478bd9Sstevel@tonic-gate fp = fopen(filename, "r"); 4197c478bd9Sstevel@tonic-gate if (!fp) { 4207c478bd9Sstevel@tonic-gate fprintf(stderr, "fopen(%s) failed: %s\n", filename, 4217c478bd9Sstevel@tonic-gate STRERROR(errno)); 4227c478bd9Sstevel@tonic-gate return -1; 4237c478bd9Sstevel@tonic-gate } 4247c478bd9Sstevel@tonic-gate } else 4257c478bd9Sstevel@tonic-gate fp = stdin; 4267c478bd9Sstevel@tonic-gate 4277c478bd9Sstevel@tonic-gate while (ippool_parsesome(fd, fp, iocfunc) == 1) 4287c478bd9Sstevel@tonic-gate ; 4297c478bd9Sstevel@tonic-gate if (fp != NULL) 4307c478bd9Sstevel@tonic-gate fclose(fp); 4317c478bd9Sstevel@tonic-gate return 0; 4327c478bd9Sstevel@tonic-gate } 4337c478bd9Sstevel@tonic-gate 4347c478bd9Sstevel@tonic-gate 4357c478bd9Sstevel@tonic-gate int ippool_parsesome(fd, fp, iocfunc) 4367c478bd9Sstevel@tonic-gate int fd; 4377c478bd9Sstevel@tonic-gate FILE *fp; 4387c478bd9Sstevel@tonic-gate ioctlfunc_t iocfunc; 4397c478bd9Sstevel@tonic-gate { 4407c478bd9Sstevel@tonic-gate char *s; 4417c478bd9Sstevel@tonic-gate int i; 4427c478bd9Sstevel@tonic-gate 4437c478bd9Sstevel@tonic-gate poolioctl = iocfunc; 4447c478bd9Sstevel@tonic-gate 4457c478bd9Sstevel@tonic-gate if (feof(fp)) 4467c478bd9Sstevel@tonic-gate return 0; 4477c478bd9Sstevel@tonic-gate i = fgetc(fp); 4487c478bd9Sstevel@tonic-gate if (i == EOF) 4497c478bd9Sstevel@tonic-gate return 0; 4507c478bd9Sstevel@tonic-gate if (ungetc(i, fp) == EOF) 4517c478bd9Sstevel@tonic-gate return 0; 4527c478bd9Sstevel@tonic-gate if (feof(fp)) 4537c478bd9Sstevel@tonic-gate return 0; 4547c478bd9Sstevel@tonic-gate s = getenv("YYDEBUG"); 4557c478bd9Sstevel@tonic-gate if (s) 4567c478bd9Sstevel@tonic-gate yydebug = atoi(s); 4577c478bd9Sstevel@tonic-gate else 4587c478bd9Sstevel@tonic-gate yydebug = 0; 4597c478bd9Sstevel@tonic-gate 4607c478bd9Sstevel@tonic-gate yyin = fp; 4617c478bd9Sstevel@tonic-gate yyparse(); 4627c478bd9Sstevel@tonic-gate return 1; 4637c478bd9Sstevel@tonic-gate } 464