xref: /illumos-gate/usr/src/cmd/ipf/tools/ippool_y.y (revision 9b4c7145)
17c478bd9Sstevel@tonic-gate %{
27663b816Sml /*
37663b816Sml  * Copyright (C) 2003 by Darren Reed.
47663b816Sml  *
57663b816Sml  * See the IPFILTER.LICENCE file for details on licencing.
67663b816Sml  *
7ab25eeb5Syz  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
87663b816Sml  * Use is subject to license terms.
97663b816Sml  */
107663b816Sml 
117663b816Sml #pragma ident	"%Z%%M%	%I%	%E% SMI"
127663b816Sml 
137c478bd9Sstevel@tonic-gate #include <sys/types.h>
147c478bd9Sstevel@tonic-gate #include <sys/time.h>
157c478bd9Sstevel@tonic-gate #include <sys/param.h>
167c478bd9Sstevel@tonic-gate #include <sys/socket.h>
177c478bd9Sstevel@tonic-gate #if defined(BSD) && (BSD >= 199306)
187c478bd9Sstevel@tonic-gate # include <sys/cdefs.h>
197c478bd9Sstevel@tonic-gate #endif
207c478bd9Sstevel@tonic-gate #include <sys/ioctl.h>
217c478bd9Sstevel@tonic-gate 
227c478bd9Sstevel@tonic-gate #include <net/if.h>
237c478bd9Sstevel@tonic-gate #if __FreeBSD_version >= 300000
247c478bd9Sstevel@tonic-gate # include <net/if_var.h>
257c478bd9Sstevel@tonic-gate #endif
267c478bd9Sstevel@tonic-gate #include <netinet/in.h>
277c478bd9Sstevel@tonic-gate 
287c478bd9Sstevel@tonic-gate #include <arpa/inet.h>
297c478bd9Sstevel@tonic-gate 
307c478bd9Sstevel@tonic-gate #include <stdio.h>
317c478bd9Sstevel@tonic-gate #include <fcntl.h>
327c478bd9Sstevel@tonic-gate #include <stdlib.h>
337c478bd9Sstevel@tonic-gate #include <string.h>
347c478bd9Sstevel@tonic-gate #include <netdb.h>
357c478bd9Sstevel@tonic-gate #include <ctype.h>
367c478bd9Sstevel@tonic-gate #include <unistd.h>
377c478bd9Sstevel@tonic-gate 
387c478bd9Sstevel@tonic-gate #include "ipf.h"
397c478bd9Sstevel@tonic-gate #include "netinet/ip_lookup.h"
407c478bd9Sstevel@tonic-gate #include "netinet/ip_pool.h"
417c478bd9Sstevel@tonic-gate #include "netinet/ip_htable.h"
427c478bd9Sstevel@tonic-gate #include "ippool_l.h"
437c478bd9Sstevel@tonic-gate #include "kmem.h"
447c478bd9Sstevel@tonic-gate 
457c478bd9Sstevel@tonic-gate #define	YYDEBUG	1
467c478bd9Sstevel@tonic-gate 
477c478bd9Sstevel@tonic-gate extern	int	yyparse __P((void));
487c478bd9Sstevel@tonic-gate extern	int	yydebug;
497c478bd9Sstevel@tonic-gate extern	FILE	*yyin;
507c478bd9Sstevel@tonic-gate 
517c478bd9Sstevel@tonic-gate static	iphtable_t	ipht;
527c478bd9Sstevel@tonic-gate static	iphtent_t	iphte;
537c478bd9Sstevel@tonic-gate static	ip_pool_t	iplo;
547c478bd9Sstevel@tonic-gate static	ioctlfunc_t	poolioctl = NULL;
557c478bd9Sstevel@tonic-gate static	char		poolname[FR_GROUPLEN];
567663b816Sml static	int		set_ipv6_addr = 0;
577c478bd9Sstevel@tonic-gate 
587c478bd9Sstevel@tonic-gate %}
597c478bd9Sstevel@tonic-gate 
607c478bd9Sstevel@tonic-gate %union	{
617c478bd9Sstevel@tonic-gate 	char	*str;
627c478bd9Sstevel@tonic-gate 	u_32_t	num;
637c478bd9Sstevel@tonic-gate 	struct	in_addr	addr;
647c478bd9Sstevel@tonic-gate 	struct	alist_s	*alist;
657663b816Sml 	union   i6addr	adrmsk[2];
667c478bd9Sstevel@tonic-gate 	iphtent_t	*ipe;
677c478bd9Sstevel@tonic-gate 	ip_pool_node_t	*ipp;
687c478bd9Sstevel@tonic-gate 	union	i6addr	ip6;
697c478bd9Sstevel@tonic-gate }
707c478bd9Sstevel@tonic-gate 
717c478bd9Sstevel@tonic-gate %token  <num>   YY_NUMBER YY_HEX
727c478bd9Sstevel@tonic-gate %token  <str>   YY_STR
737c478bd9Sstevel@tonic-gate %token	  YY_COMMENT
747c478bd9Sstevel@tonic-gate %token	  YY_CMP_EQ YY_CMP_NE YY_CMP_LE YY_CMP_GE YY_CMP_LT YY_CMP_GT
757c478bd9Sstevel@tonic-gate %token	  YY_RANGE_OUT YY_RANGE_IN
767c478bd9Sstevel@tonic-gate %token  <ip6>   YY_IPV6
777c478bd9Sstevel@tonic-gate 
787c478bd9Sstevel@tonic-gate %token	IPT_IPF IPT_NAT IPT_COUNT IPT_AUTH IPT_IN IPT_OUT
797c478bd9Sstevel@tonic-gate %token	IPT_TABLE IPT_GROUPMAP IPT_HASH
807c478bd9Sstevel@tonic-gate %token	IPT_ROLE IPT_TYPE IPT_TREE
817c478bd9Sstevel@tonic-gate %token	IPT_GROUP IPT_SIZE IPT_SEED IPT_NUM IPT_NAME
827c478bd9Sstevel@tonic-gate %type	<num> role table inout
837c478bd9Sstevel@tonic-gate %type	<ipp> ipftree range addrlist
847c478bd9Sstevel@tonic-gate %type	<adrmsk> addrmask
857c478bd9Sstevel@tonic-gate %type	<ipe> ipfgroup ipfhash hashlist hashentry
867c478bd9Sstevel@tonic-gate %type	<ipe> groupentry setgrouplist grouplist
877663b816Sml %type	<ip6> ipaddr mask ipv4
887c478bd9Sstevel@tonic-gate %type	<str> number setgroup
897c478bd9Sstevel@tonic-gate 
907c478bd9Sstevel@tonic-gate %%
917c478bd9Sstevel@tonic-gate file:	line
927c478bd9Sstevel@tonic-gate 	| assign
937c478bd9Sstevel@tonic-gate 	| file line
947c478bd9Sstevel@tonic-gate 	| file assign
957c478bd9Sstevel@tonic-gate 	;
967c478bd9Sstevel@tonic-gate 
977c478bd9Sstevel@tonic-gate line:	table role ipftree eol		{ iplo.ipo_unit = $2;
987c478bd9Sstevel@tonic-gate 					  iplo.ipo_list = $3;
997c478bd9Sstevel@tonic-gate 					  load_pool(&iplo, poolioctl);
1007c478bd9Sstevel@tonic-gate 					  resetlexer();
1017c478bd9Sstevel@tonic-gate 					}
1027c478bd9Sstevel@tonic-gate 	| table role ipfhash eol	{ ipht.iph_unit = $2;
1037c478bd9Sstevel@tonic-gate 					  ipht.iph_type = IPHASH_LOOKUP;
1047c478bd9Sstevel@tonic-gate 					  load_hash(&ipht, $3, poolioctl);
1057c478bd9Sstevel@tonic-gate 					  resetlexer();
1067c478bd9Sstevel@tonic-gate 					}
1077c478bd9Sstevel@tonic-gate 	| groupmap role number ipfgroup eol
1087c478bd9Sstevel@tonic-gate 					{ ipht.iph_unit = $2;
1097c478bd9Sstevel@tonic-gate 					  strncpy(ipht.iph_name, $3,
1107c478bd9Sstevel@tonic-gate 						  sizeof(ipht.iph_name));
1117c478bd9Sstevel@tonic-gate 					  ipht.iph_type = IPHASH_GROUPMAP;
1127c478bd9Sstevel@tonic-gate 					  load_hash(&ipht, $4, poolioctl);
1137c478bd9Sstevel@tonic-gate 					  resetlexer();
1147c478bd9Sstevel@tonic-gate 					}
1157c478bd9Sstevel@tonic-gate 	| YY_COMMENT
1167c478bd9Sstevel@tonic-gate 	;
1177c478bd9Sstevel@tonic-gate 
1187c478bd9Sstevel@tonic-gate eol:	';'
1197c478bd9Sstevel@tonic-gate 	;
1207c478bd9Sstevel@tonic-gate 
1217c478bd9Sstevel@tonic-gate assign:	YY_STR assigning YY_STR ';'	{ set_variable($1, $3);
1227c478bd9Sstevel@tonic-gate 					  resetlexer();
1237c478bd9Sstevel@tonic-gate 					  free($1);
1247c478bd9Sstevel@tonic-gate 					  free($3);
1257c478bd9Sstevel@tonic-gate 					}
1267c478bd9Sstevel@tonic-gate 	;
1277c478bd9Sstevel@tonic-gate 
1287c478bd9Sstevel@tonic-gate assigning:
1297c478bd9Sstevel@tonic-gate 	'='				{ yyvarnext = 1; }
1307c478bd9Sstevel@tonic-gate 	;
1317c478bd9Sstevel@tonic-gate 
1327c478bd9Sstevel@tonic-gate table:	IPT_TABLE		{ bzero((char *)&ipht, sizeof(ipht));
1337c478bd9Sstevel@tonic-gate 				  bzero((char *)&iphte, sizeof(iphte));
1347c478bd9Sstevel@tonic-gate 				  bzero((char *)&iplo, sizeof(iplo));
1357c478bd9Sstevel@tonic-gate 				  *ipht.iph_name = '\0';
1367c478bd9Sstevel@tonic-gate 				  iplo.ipo_flags = IPHASH_ANON;
1377c478bd9Sstevel@tonic-gate 				  iplo.ipo_name[0] = '\0';
1387c478bd9Sstevel@tonic-gate 				}
1397c478bd9Sstevel@tonic-gate 	;
1407c478bd9Sstevel@tonic-gate 
1417c478bd9Sstevel@tonic-gate groupmap:
1427c478bd9Sstevel@tonic-gate 	IPT_GROUPMAP inout	{ bzero((char *)&ipht, sizeof(ipht));
1437c478bd9Sstevel@tonic-gate 				  bzero((char *)&iphte, sizeof(iphte));
1447c478bd9Sstevel@tonic-gate 				  *ipht.iph_name = '\0';
1457c478bd9Sstevel@tonic-gate 				  ipht.iph_unit = IPHASH_GROUPMAP;
1467c478bd9Sstevel@tonic-gate 				  ipht.iph_flags = $2;
1477c478bd9Sstevel@tonic-gate 				}
1487c478bd9Sstevel@tonic-gate 	;
1497c478bd9Sstevel@tonic-gate 
1507c478bd9Sstevel@tonic-gate inout:	IPT_IN				{ $$ = FR_INQUE; }
1517c478bd9Sstevel@tonic-gate 	| IPT_OUT			{ $$ = FR_OUTQUE; }
1527c478bd9Sstevel@tonic-gate 	;
1537c478bd9Sstevel@tonic-gate role:
1547c478bd9Sstevel@tonic-gate 	IPT_ROLE '=' IPT_IPF		{ $$ = IPL_LOGIPF; }
1557c478bd9Sstevel@tonic-gate 	| IPT_ROLE '=' IPT_NAT		{ $$ = IPL_LOGNAT; }
1567c478bd9Sstevel@tonic-gate 	| IPT_ROLE '=' IPT_AUTH		{ $$ = IPL_LOGAUTH; }
1577c478bd9Sstevel@tonic-gate 	| IPT_ROLE '=' IPT_COUNT	{ $$ = IPL_LOGCOUNT; }
1587c478bd9Sstevel@tonic-gate 	;
1597c478bd9Sstevel@tonic-gate 
1607c478bd9Sstevel@tonic-gate ipftree:
161ab25eeb5Syz 	IPT_TYPE '=' IPT_TREE number start addrlist end
1627c478bd9Sstevel@tonic-gate 					{ strncpy(iplo.ipo_name, $4,
1637c478bd9Sstevel@tonic-gate 						  sizeof(iplo.ipo_name));
164ab25eeb5Syz 					  $$ = $6;
1657c478bd9Sstevel@tonic-gate 					}
1667c478bd9Sstevel@tonic-gate 	;
1677c478bd9Sstevel@tonic-gate 
1687c478bd9Sstevel@tonic-gate ipfhash:
169ab25eeb5Syz 	IPT_TYPE '=' IPT_HASH number hashopts start hashlist end
1707c478bd9Sstevel@tonic-gate 					{ strncpy(ipht.iph_name, $4,
1717c478bd9Sstevel@tonic-gate 						  sizeof(ipht.iph_name));
172ab25eeb5Syz 					  $$ = $7;
1737c478bd9Sstevel@tonic-gate 					}
1747c478bd9Sstevel@tonic-gate 	;
1757c478bd9Sstevel@tonic-gate 
1767c478bd9Sstevel@tonic-gate ipfgroup:
177ab25eeb5Syz 	setgroup hashopts start grouplist end
1787c478bd9Sstevel@tonic-gate 					{ iphtent_t *e;
1797c478bd9Sstevel@tonic-gate 					  for (e = $4; e != NULL;
1807c478bd9Sstevel@tonic-gate 					       e = e->ipe_next)
1817c478bd9Sstevel@tonic-gate 						if (e->ipe_group[0] == '\0')
1827c478bd9Sstevel@tonic-gate 							strncpy(e->ipe_group,
1837c478bd9Sstevel@tonic-gate 								$1,
1847c478bd9Sstevel@tonic-gate 								FR_GROUPLEN);
1857c478bd9Sstevel@tonic-gate 					  $$ = $4;
1867c478bd9Sstevel@tonic-gate 					}
187ab25eeb5Syz 	| hashopts start setgrouplist end		{ $$ = $3; }
1887c478bd9Sstevel@tonic-gate 	;
1897c478bd9Sstevel@tonic-gate 
190ab25eeb5Syz number:	IPT_NUM '=' YY_NUMBER			{ snprintf(poolname, FR_GROUPLEN, "%u", $3);
1917c478bd9Sstevel@tonic-gate 						  $$ = poolname;
1927c478bd9Sstevel@tonic-gate 						}
1937c478bd9Sstevel@tonic-gate 	| IPT_NAME '=' YY_STR			{ $$ = $3; }
1947c478bd9Sstevel@tonic-gate 	|					{ $$ = ""; }
1957c478bd9Sstevel@tonic-gate 	;
1967c478bd9Sstevel@tonic-gate 
1977c478bd9Sstevel@tonic-gate setgroup:
1987c478bd9Sstevel@tonic-gate 	IPT_GROUP '=' YY_STR		{ char tmp[FR_GROUPLEN+1];
1997c478bd9Sstevel@tonic-gate 					  strncpy(tmp, $3, FR_GROUPLEN);
2007c478bd9Sstevel@tonic-gate 					  $$ = strdup(tmp);
2017c478bd9Sstevel@tonic-gate 					}
2027c478bd9Sstevel@tonic-gate 	| IPT_GROUP '=' YY_NUMBER	{ char tmp[FR_GROUPLEN+1];
203ab25eeb5Syz 					  snprintf(tmp, FR_GROUPLEN, "%u", $3);
2047c478bd9Sstevel@tonic-gate 					  $$ = strdup(tmp);
2057c478bd9Sstevel@tonic-gate 					}
2067c478bd9Sstevel@tonic-gate 	;
2077c478bd9Sstevel@tonic-gate 
2087c478bd9Sstevel@tonic-gate hashopts:
2097c478bd9Sstevel@tonic-gate 	| size
2107c478bd9Sstevel@tonic-gate 	| seed
2117c478bd9Sstevel@tonic-gate 	| size seed
2127c478bd9Sstevel@tonic-gate 	;
2137c478bd9Sstevel@tonic-gate 
2147c478bd9Sstevel@tonic-gate addrlist:
215ab25eeb5Syz 	';'				{ $$ = NULL; }
216f30f5fa1Sjojemann 	| range next addrlist		{ $1->ipn_next = $3; $$ = $1; }
21719adb7feSjojemann 	| range next			{ $$ = $1; }
218ab25eeb5Syz 	| range
2197c478bd9Sstevel@tonic-gate 	;
2207c478bd9Sstevel@tonic-gate 
2217c478bd9Sstevel@tonic-gate grouplist:
222ab25eeb5Syz 	';'				{ $$ = NULL; }
223ab25eeb5Syz 	| groupentry next grouplist	{ $$ = $1; $1->ipe_next = $3; }
2247663b816Sml 	| addrmask next grouplist	{ $$ = calloc(1, sizeof(iphtent_t));
2255e985db5Sschuster 					  if ($$ == NULL)
2265e985db5Sschuster 						yyerror("sorry, out of memory");
2277663b816Sml 					  if  (set_ipv6_addr)
2287663b816Sml 					  	$$->ipe_family = AF_INET6;
2297663b816Sml 					  else
2307663b816Sml 						$$->ipe_family = AF_INET;
2317c478bd9Sstevel@tonic-gate 					  bcopy((char *)&($1[0]),
2327c478bd9Sstevel@tonic-gate 						(char *)&($$->ipe_addr),
2337c478bd9Sstevel@tonic-gate 						sizeof($$->ipe_addr));
2347c478bd9Sstevel@tonic-gate 					  bcopy((char *)&($1[1]),
2357c478bd9Sstevel@tonic-gate 						(char *)&($$->ipe_mask),
2367c478bd9Sstevel@tonic-gate 						sizeof($$->ipe_mask));
2377663b816Sml 					  set_ipv6_addr = 0;
238ab25eeb5Syz 					  $$->ipe_next = $3;
239ab25eeb5Syz 					}
2407663b816Sml 	| groupentry next		{ $$ = $1; }
2417663b816Sml 	| addrmask next			{ $$ = calloc(1, sizeof(iphtent_t));
2425e985db5Sschuster 					  if ($$ == NULL)
2435e985db5Sschuster 						yyerror("sorry, out of memory");
2447663b816Sml 					  if  (set_ipv6_addr)
2457663b816Sml 					  	$$->ipe_family = AF_INET6;
2467663b816Sml 					  else
2477663b816Sml 						$$->ipe_family = AF_INET;
2487c478bd9Sstevel@tonic-gate 					  bcopy((char *)&($1[0]),
2497c478bd9Sstevel@tonic-gate 						(char *)&($$->ipe_addr),
2507c478bd9Sstevel@tonic-gate 						sizeof($$->ipe_addr));
2517c478bd9Sstevel@tonic-gate 					  bcopy((char *)&($1[1]),
2527c478bd9Sstevel@tonic-gate 						(char *)&($$->ipe_mask),
2537c478bd9Sstevel@tonic-gate 						sizeof($$->ipe_mask));
2547663b816Sml 					  set_ipv6_addr = 0;
2557c478bd9Sstevel@tonic-gate 					}
2567c478bd9Sstevel@tonic-gate 	;
2577c478bd9Sstevel@tonic-gate 
2587c478bd9Sstevel@tonic-gate setgrouplist:
259ab25eeb5Syz 	';'				{ $$ = NULL; }
260ab25eeb5Syz 	| groupentry next		{ $$ = $1; }
2617663b816Sml 	| groupentry next setgrouplist	{ $1->ipe_next = $3; $$ = $1; }
2627c478bd9Sstevel@tonic-gate 	;
2637c478bd9Sstevel@tonic-gate 
2647c478bd9Sstevel@tonic-gate groupentry:
265ab25eeb5Syz 	addrmask ',' setgroup		{ $$ = calloc(1, sizeof(iphtent_t));
266ab25eeb5Syz 					  if ($$ == NULL)
267ab25eeb5Syz 						yyerror("sorry, out of memory");
268ab25eeb5Syz 					  if  (set_ipv6_addr)
269ab25eeb5Syz 					  	$$->ipe_family = AF_INET6;
270ab25eeb5Syz 					  else
271ab25eeb5Syz 						$$->ipe_family = AF_INET;
272ab25eeb5Syz 					  bcopy((char *)&($1[0]),
273ab25eeb5Syz 						(char *)&($$->ipe_addr),
274ab25eeb5Syz 						sizeof($$->ipe_addr));
275ab25eeb5Syz 					  bcopy((char *)&($1[1]),
276ab25eeb5Syz 						(char *)&($$->ipe_mask),
277ab25eeb5Syz 						sizeof($$->ipe_mask));
278ab25eeb5Syz 					  set_ipv6_addr = 0;
279ab25eeb5Syz 					  strncpy($$->ipe_group, $3,
280ab25eeb5Syz 						  FR_GROUPLEN);
281ab25eeb5Syz 					  free($3);
282ab25eeb5Syz 					}
2837c478bd9Sstevel@tonic-gate 	;
2847c478bd9Sstevel@tonic-gate 
2857c478bd9Sstevel@tonic-gate range:	addrmask	{ $$ = calloc(1, sizeof(*$$));
2865e985db5Sschuster 			  if ($$ == NULL)
2875e985db5Sschuster 				yyerror("sorry, out of memory");
2887c478bd9Sstevel@tonic-gate 			  $$->ipn_info = 0;
289ab25eeb5Syz 			  $$->ipn_addr.adf_len = sizeof($$->ipn_addr);
290ab25eeb5Syz 			  $$->ipn_mask.adf_len = sizeof($$->ipn_mask);
2917663b816Sml 			  if (set_ipv6_addr) {
2927663b816Sml 				  $$->ipn_addr.adf_family = AF_INET6;
2937663b816Sml 				  $$->ipn_addr.adf_addr = $1[0];
2947663b816Sml 				  $$->ipn_mask.adf_addr = $1[1];
2957663b816Sml 
2967663b816Sml 			  } else {
2977663b816Sml 				  $$->ipn_addr.adf_family = AF_INET;
2987663b816Sml 				  $$->ipn_addr.adf_addr.in4.s_addr = $1[0].in4.s_addr;
2997663b816Sml 				  $$->ipn_mask.adf_addr.in4.s_addr = $1[1].in4.s_addr;
3007663b816Sml 			  }
3017663b816Sml 			  set_ipv6_addr = 0;
3027c478bd9Sstevel@tonic-gate 			}
3037c478bd9Sstevel@tonic-gate 	| '!' addrmask	{ $$ = calloc(1, sizeof(*$$));
3045e985db5Sschuster 			  if ($$ == NULL)
3055e985db5Sschuster 				yyerror("sorry, out of memory");
3067c478bd9Sstevel@tonic-gate 			  $$->ipn_info = 1;
307ab25eeb5Syz 			  $$->ipn_addr.adf_len = sizeof($$->ipn_addr);
308ab25eeb5Syz 			  $$->ipn_mask.adf_len = sizeof($$->ipn_mask);
3097663b816Sml 			  if (set_ipv6_addr) {
3107663b816Sml 				  $$->ipn_addr.adf_family = AF_INET6;
3117663b816Sml 				  $$->ipn_addr.adf_addr = $2[0];
3127663b816Sml 				  $$->ipn_mask.adf_addr = $2[1];
3137663b816Sml 			  } else {
3147663b816Sml 				  $$->ipn_addr.adf_family = AF_INET;
3157663b816Sml 				  $$->ipn_addr.adf_addr.in4.s_addr = $2[0].in4.s_addr;
3167663b816Sml 				  $$->ipn_mask.adf_addr.in4.s_addr = $2[1].in4.s_addr;
3177663b816Sml 			  }
3187663b816Sml 			  set_ipv6_addr = 0;
3197c478bd9Sstevel@tonic-gate 			}
3207c478bd9Sstevel@tonic-gate 
3217c478bd9Sstevel@tonic-gate hashlist:
322ab25eeb5Syz 	';'				{ $$ = NULL; }
323ab25eeb5Syz 	| hashentry next		{ $$ = $1; }
3247663b816Sml 	| hashentry next hashlist	{ $1->ipe_next = $3; $$ = $1; }
3257c478bd9Sstevel@tonic-gate 	;
3267c478bd9Sstevel@tonic-gate 
3277c478bd9Sstevel@tonic-gate hashentry:
328ab25eeb5Syz 	addrmask			{ $$ = calloc(1, sizeof(iphtent_t));
3295e985db5Sschuster 					  if ($$ == NULL)
3305e985db5Sschuster 						yyerror("sorry, out of memory");
3317663b816Sml 					  if  (set_ipv6_addr)
3327663b816Sml 					  	$$->ipe_family = AF_INET6;
3337663b816Sml 					  else
3347663b816Sml 						$$->ipe_family = AF_INET;
3357c478bd9Sstevel@tonic-gate 					  bcopy((char *)&($1[0]),
3367c478bd9Sstevel@tonic-gate 						(char *)&($$->ipe_addr),
3377c478bd9Sstevel@tonic-gate 						sizeof($$->ipe_addr));
3387c478bd9Sstevel@tonic-gate 					  bcopy((char *)&($1[1]),
3397c478bd9Sstevel@tonic-gate 						(char *)&($$->ipe_mask),
3407c478bd9Sstevel@tonic-gate 						sizeof($$->ipe_mask));
3417c478bd9Sstevel@tonic-gate 					}
3427c478bd9Sstevel@tonic-gate 	;
3437c478bd9Sstevel@tonic-gate 
3447c478bd9Sstevel@tonic-gate addrmask:
345ab25eeb5Syz 	ipaddr '/' mask		{ $$[0] = $1; $$[1] = $3;
346ab25eeb5Syz 				  yyexpectaddr = 0;
347ab25eeb5Syz 				}
348ab25eeb5Syz 	| ipaddr		{ $$[0] = $1;
349ab25eeb5Syz 				  yyexpectaddr = 0;
3507663b816Sml 				  if (set_ipv6_addr)
3517663b816Sml 				  	fill6bits(128, (u_32_t *)$$[1].in6.s6_addr);
3527663b816Sml 				  else
353ab25eeb5Syz 				  	$$[1].in4.s_addr = 0xffffffff;
354ab25eeb5Syz 				}
3557c478bd9Sstevel@tonic-gate 	;
3567c478bd9Sstevel@tonic-gate 
3577c478bd9Sstevel@tonic-gate ipaddr:	ipv4			{ $$ = $1; }
3587663b816Sml 	| YY_NUMBER		{ $$.in4.s_addr = htonl($1); }
359ab25eeb5Syz 	| YY_IPV6		{ set_ipv6_addr = 1;
3607663b816Sml 				  bcopy(&$1, &$$, sizeof($$));
3617663b816Sml 				  yyexpectaddr = 0; }
362*9b4c7145Sjojemann 	| YY_STR		{ if (gethost($1, &$$, 0) == -1)
363ab25eeb5Syz 					yyerror("Unknown hostname");
364ab25eeb5Syz 				}
3657c478bd9Sstevel@tonic-gate 	;
3667c478bd9Sstevel@tonic-gate 
3677663b816Sml mask:	YY_NUMBER		{ if (set_ipv6_addr)
368ab25eeb5Syz 					ntomask(6, $1, (u_32_t *)$$.in6.s6_addr);
3697663b816Sml 				  else
370ab25eeb5Syz 				  	ntomask(4, $1, (u_32_t *)&$$.in4.s_addr); }
3717c478bd9Sstevel@tonic-gate 	| ipv4			{ $$ = $1; }
3727c478bd9Sstevel@tonic-gate 	;
3737c478bd9Sstevel@tonic-gate 
374ab25eeb5Syz start:	'{'			{ yyexpectaddr = 1; }
375ab25eeb5Syz 	;
376ab25eeb5Syz 
377ab25eeb5Syz end:	'}'			{ yyexpectaddr = 0; }
378ab25eeb5Syz 	;
379ab25eeb5Syz 
380ab25eeb5Syz next:	','			{ yyexpectaddr = 1; }
381ab25eeb5Syz 	| ';'			{ yyexpectaddr = 1; }
382ab25eeb5Syz 	;
383ab25eeb5Syz 
3847c478bd9Sstevel@tonic-gate size:	IPT_SIZE '=' YY_NUMBER	{ ipht.iph_size = $3; }
3857c478bd9Sstevel@tonic-gate 	;
3867c478bd9Sstevel@tonic-gate 
3877c478bd9Sstevel@tonic-gate seed:	IPT_SEED '=' YY_NUMBER	{ ipht.iph_seed = $3; }
3887c478bd9Sstevel@tonic-gate 	;
3897c478bd9Sstevel@tonic-gate 
3907c478bd9Sstevel@tonic-gate ipv4:	YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER
3917c478bd9Sstevel@tonic-gate 		{ if ($1 > 255 || $3 > 255 || $5 > 255 || $7 > 255) {
3927c478bd9Sstevel@tonic-gate 			yyerror("Invalid octet string for IP address");
3937c478bd9Sstevel@tonic-gate 			return 0;
3947c478bd9Sstevel@tonic-gate 		  }
3957663b816Sml 		  $$.in4.s_addr = ($1 << 24) | ($3 << 16) | ($5 << 8) | $7;
3967663b816Sml 		  $$.in4.s_addr = htonl($$.in4.s_addr);
3977c478bd9Sstevel@tonic-gate 		}
3987c478bd9Sstevel@tonic-gate 	;
3997c478bd9Sstevel@tonic-gate %%
4007c478bd9Sstevel@tonic-gate static	wordtab_t	yywords[] = {
4017c478bd9Sstevel@tonic-gate 	{ "auth",	IPT_AUTH },
4027c478bd9Sstevel@tonic-gate 	{ "count",	IPT_COUNT },
4037c478bd9Sstevel@tonic-gate 	{ "group",	IPT_GROUP },
4047c478bd9Sstevel@tonic-gate 	{ "group-map",	IPT_GROUPMAP },
4057c478bd9Sstevel@tonic-gate 	{ "hash",	IPT_HASH },
4067c478bd9Sstevel@tonic-gate 	{ "in",		IPT_IN },
4077c478bd9Sstevel@tonic-gate 	{ "ipf",	IPT_IPF },
4087c478bd9Sstevel@tonic-gate 	{ "name",	IPT_NAME },
4097c478bd9Sstevel@tonic-gate 	{ "nat",	IPT_NAT },
4107c478bd9Sstevel@tonic-gate 	{ "number",	IPT_NUM },
4117c478bd9Sstevel@tonic-gate 	{ "out",	IPT_OUT },
4127c478bd9Sstevel@tonic-gate 	{ "role",	IPT_ROLE },
4137c478bd9Sstevel@tonic-gate 	{ "seed",	IPT_SEED },
4147c478bd9Sstevel@tonic-gate 	{ "size",	IPT_SIZE },
4157c478bd9Sstevel@tonic-gate 	{ "table",	IPT_TABLE },
4167c478bd9Sstevel@tonic-gate 	{ "tree",	IPT_TREE },
4177c478bd9Sstevel@tonic-gate 	{ "type",	IPT_TYPE },
4187c478bd9Sstevel@tonic-gate 	{ NULL,		0 }
4197c478bd9Sstevel@tonic-gate };
4207c478bd9Sstevel@tonic-gate 
4217c478bd9Sstevel@tonic-gate 
ippool_parsefile(fd,filename,iocfunc)4227c478bd9Sstevel@tonic-gate int ippool_parsefile(fd, filename, iocfunc)
4237c478bd9Sstevel@tonic-gate int fd;
4247c478bd9Sstevel@tonic-gate char *filename;
4257c478bd9Sstevel@tonic-gate ioctlfunc_t iocfunc;
4267c478bd9Sstevel@tonic-gate {
4277c478bd9Sstevel@tonic-gate 	FILE *fp = NULL;
4287c478bd9Sstevel@tonic-gate 	char *s;
4297c478bd9Sstevel@tonic-gate 
4307c478bd9Sstevel@tonic-gate 	yylineNum = 1;
4317c478bd9Sstevel@tonic-gate 	(void) yysettab(yywords);
4327c478bd9Sstevel@tonic-gate 
4337c478bd9Sstevel@tonic-gate 	s = getenv("YYDEBUG");
4347c478bd9Sstevel@tonic-gate 	if (s)
4357c478bd9Sstevel@tonic-gate 		yydebug = atoi(s);
4367c478bd9Sstevel@tonic-gate 	else
4377c478bd9Sstevel@tonic-gate 		yydebug = 0;
4387c478bd9Sstevel@tonic-gate 
4397c478bd9Sstevel@tonic-gate 	if (strcmp(filename, "-")) {
4407c478bd9Sstevel@tonic-gate 		fp = fopen(filename, "r");
4417c478bd9Sstevel@tonic-gate 		if (!fp) {
4427c478bd9Sstevel@tonic-gate 			fprintf(stderr, "fopen(%s) failed: %s\n", filename,
4437c478bd9Sstevel@tonic-gate 				STRERROR(errno));
4447c478bd9Sstevel@tonic-gate 			return -1;
4457c478bd9Sstevel@tonic-gate 		}
4467c478bd9Sstevel@tonic-gate 	} else
4477c478bd9Sstevel@tonic-gate 		fp = stdin;
4487c478bd9Sstevel@tonic-gate 
4497c478bd9Sstevel@tonic-gate 	while (ippool_parsesome(fd, fp, iocfunc) == 1)
4507c478bd9Sstevel@tonic-gate 		;
4517c478bd9Sstevel@tonic-gate 	if (fp != NULL)
4527c478bd9Sstevel@tonic-gate 		fclose(fp);
4537c478bd9Sstevel@tonic-gate 	return 0;
4547c478bd9Sstevel@tonic-gate }
4557c478bd9Sstevel@tonic-gate 
4567c478bd9Sstevel@tonic-gate 
ippool_parsesome(fd,fp,iocfunc)4577c478bd9Sstevel@tonic-gate int ippool_parsesome(fd, fp, iocfunc)
4587c478bd9Sstevel@tonic-gate int fd;
4597c478bd9Sstevel@tonic-gate FILE *fp;
4607c478bd9Sstevel@tonic-gate ioctlfunc_t iocfunc;
4617c478bd9Sstevel@tonic-gate {
4627c478bd9Sstevel@tonic-gate 	char *s;
4637c478bd9Sstevel@tonic-gate 	int i;
4647c478bd9Sstevel@tonic-gate 
4657c478bd9Sstevel@tonic-gate 	poolioctl = iocfunc;
4667c478bd9Sstevel@tonic-gate 
4677c478bd9Sstevel@tonic-gate 	if (feof(fp))
4687c478bd9Sstevel@tonic-gate 		return 0;
4697c478bd9Sstevel@tonic-gate 	i = fgetc(fp);
4707c478bd9Sstevel@tonic-gate 	if (i == EOF)
4717c478bd9Sstevel@tonic-gate 		return 0;
4727c478bd9Sstevel@tonic-gate 	if (ungetc(i, fp) == EOF)
4737c478bd9Sstevel@tonic-gate 		return 0;
4747c478bd9Sstevel@tonic-gate 	if (feof(fp))
4757c478bd9Sstevel@tonic-gate 		return 0;
4767c478bd9Sstevel@tonic-gate 	s = getenv("YYDEBUG");
4777c478bd9Sstevel@tonic-gate 	if (s)
4787c478bd9Sstevel@tonic-gate 		yydebug = atoi(s);
4797c478bd9Sstevel@tonic-gate 	else
4807c478bd9Sstevel@tonic-gate 		yydebug = 0;
4817c478bd9Sstevel@tonic-gate 
4827c478bd9Sstevel@tonic-gate 	yyin = fp;
4837c478bd9Sstevel@tonic-gate 	yyparse();
4847c478bd9Sstevel@tonic-gate 	return 1;
4857c478bd9Sstevel@tonic-gate }
486