diff options
author | brian <brian@FreeBSD.org> | 1999-06-23 16:48:24 +0000 |
---|---|---|
committer | brian <brian@FreeBSD.org> | 1999-06-23 16:48:24 +0000 |
commit | f32906f4850984e002004d359ebc9dbf5d9d68c3 (patch) | |
tree | afdaf207c3a90a551246c2814f7618cac59b36c5 | |
parent | 5924813a9fe9b7766494b9b8baab4cb1e8e0c667 (diff) | |
download | FreeBSD-src-f32906f4850984e002004d359ebc9dbf5d9d68c3.zip FreeBSD-src-f32906f4850984e002004d359ebc9dbf5d9d68c3.tar.gz |
Support `igmp' filters.
Mostly submitted by: Timo Geusch <freebsd@sleepycat.ukpeople.net>
-rw-r--r-- | usr.sbin/ppp/command.c | 8 | ||||
-rw-r--r-- | usr.sbin/ppp/filter.c | 19 | ||||
-rw-r--r-- | usr.sbin/ppp/filter.h | 3 | ||||
-rw-r--r-- | usr.sbin/ppp/ip.c | 8 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp.8 | 5 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp.8.m4 | 5 |
6 files changed, 35 insertions, 13 deletions
diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c index dad0acb..57bea05 100644 --- a/usr.sbin/ppp/command.c +++ b/usr.sbin/ppp/command.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: command.c,v 1.201 1999/06/09 16:54:02 brian Exp $ + * $Id: command.c,v 1.202 1999/06/10 09:34:57 brian Exp $ * */ #include <sys/param.h> @@ -144,7 +144,7 @@ #define NEG_VJCOMP 53 const char Version[] = "2.22"; -const char VersionDate[] = "$Date: 1999/06/09 16:54:02 $"; +const char VersionDate[] = "$Date: 1999/06/10 09:34:57 $"; static int ShowCommand(struct cmdargs const *); static int TerminalCommand(struct cmdargs const *); @@ -1814,8 +1814,8 @@ static struct cmdtab const SetCommands[] = { "escape characters", "set escape hex-digit ..."}, {"filter", NULL, filter_Set, LOCAL_AUTH, "packet filters", "set filter alive|dial|in|out rule-no permit|deny " - "[src_addr[/width]] [dst_addr[/width]] [tcp|udp|icmp [src [lt|eq|gt port]] " - "[dst [lt|eq|gt port]] [estab] [syn] [finrst]]"}, + "[src_addr[/width]] [dst_addr[/width]] [tcp|udp|icmp|igmp " + "[src [lt|eq|gt port]] [dst [lt|eq|gt port]] [estab] [syn] [finrst]]"}, {"hangup", NULL, SetVariable, LOCAL_AUTH | LOCAL_CX, "hangup script", "set hangup chat-script", (const void *) VAR_HANGUP}, {"ifaddr", NULL, SetInterfaceAddr, LOCAL_AUTH, "destination address", diff --git a/usr.sbin/ppp/filter.c b/usr.sbin/ppp/filter.c index 3d3a3f70d..024cd91 100644 --- a/usr.sbin/ppp/filter.c +++ b/usr.sbin/ppp/filter.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: filter.c,v 1.28 1999/05/08 11:06:33 brian Exp $ + * $Id: filter.c,v 1.29 1999/05/31 23:57:36 brian Exp $ * * TODO: Shoud send ICMP error message when we discard packets. */ @@ -261,6 +261,18 @@ ParseUdpOrTcp(int argc, char const *const *argv, int proto, return 1; } +static int ParseIgmp(int argc, char const * const *argv, struct filterent *tgt) { + /* Filter currently is a catch-all. Requests are either permitted or + dropped. */ + if (argc != 0) { + log_Printf(LogWARN, "ParseIgmp: Too many parameters\n"); + return 0; + } else + tgt->opt.srcop = OP_NONE; + + return 1; +} + static unsigned addrtype(const char *addr) { @@ -396,6 +408,9 @@ Parse(struct ipcp *ipcp, int argc, char const *const *argv, case P_ICMP: val = ParseIcmp(argc, argv, &filterdata); break; + case P_IGMP: + val = ParseIgmp(argc, argv, &filterdata); + break; } log_Printf(LogDEBUG, "Parse: Src: %s\n", inet_ntoa(filterdata.src.ipaddr)); @@ -529,7 +544,7 @@ filter_Show(struct cmdargs const *arg) return 0; } -static const char *protoname[] = { "none", "tcp", "udp", "icmp" }; +static const char *protoname[] = { "none", "tcp", "udp", "icmp", "igmp" }; const char * filter_Proto2Nam(int proto) diff --git a/usr.sbin/ppp/filter.h b/usr.sbin/ppp/filter.h index 6fe7268..e830990 100644 --- a/usr.sbin/ppp/filter.h +++ b/usr.sbin/ppp/filter.h @@ -15,7 +15,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: filter.h,v 1.14 1999/01/28 01:56:31 brian Exp $ + * $Id: filter.h,v 1.15 1999/05/31 23:57:37 brian Exp $ * * TODO: */ @@ -33,6 +33,7 @@ #define P_TCP 1 #define P_UDP 2 #define P_ICMP 3 +#define P_IGMP 4 /* Operations */ #define OP_NONE 0 diff --git a/usr.sbin/ppp/ip.c b/usr.sbin/ppp/ip.c index 9336b9b..a674e43 100644 --- a/usr.sbin/ppp/ip.c +++ b/usr.sbin/ppp/ip.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: ip.c,v 1.62 1999/05/31 23:57:39 brian Exp $ + * $Id: ip.c,v 1.63 1999/06/02 15:59:00 brian Exp $ * * TODO: * o Return ICMP message for filterd packet @@ -139,8 +139,12 @@ FilterCheck(struct ip *pip, struct filter *filter) if (log_IsKept(LogDEBUG)) snprintf(dbuff, sizeof dbuff, "sport = %d", sport); break; - case IPPROTO_UDP: case IPPROTO_IGMP: + cproto = P_IGMP; + estab = syn = finrst = -1; + sport = ntohs(0); + break; + case IPPROTO_UDP: case IPPROTO_IPIP: cproto = P_UDP; uh = (struct udphdr *) ptop; diff --git a/usr.sbin/ppp/ppp.8 b/usr.sbin/ppp/ppp.8 index 21efcd9..63097a4 100644 --- a/usr.sbin/ppp/ppp.8 +++ b/usr.sbin/ppp/ppp.8 @@ -1,4 +1,4 @@ -.\" $Id: ppp.8,v 1.175 1999/06/11 11:27:18 brian Exp $ +.\" $Id: ppp.8,v 1.176 1999/06/14 10:12:41 brian Exp $ .Dd 20 September 1995 .nr XX \w'\fC00' .Os FreeBSD @@ -1466,6 +1466,7 @@ command below. .Ar Proto must be one of .Sq icmp , +.Sq igmp , .Sq udp or .Sq tcp . @@ -3831,7 +3832,7 @@ as they travel across the link. .No permit|deny .Oo Ar src_addr Ns Op / Ns Ar width .Op Ar dst_addr Ns Op / Ns Ar width -.Oc Oo tcp|udp|icmp Op src lt|eq|gt Ar port +.Oc Oo tcp|udp|igmp|icmp Op src lt|eq|gt Ar port .Op dst lt|eq|gt Ar port .Op estab .Op syn diff --git a/usr.sbin/ppp/ppp.8.m4 b/usr.sbin/ppp/ppp.8.m4 index 21efcd9..63097a4 100644 --- a/usr.sbin/ppp/ppp.8.m4 +++ b/usr.sbin/ppp/ppp.8.m4 @@ -1,4 +1,4 @@ -.\" $Id: ppp.8,v 1.175 1999/06/11 11:27:18 brian Exp $ +.\" $Id: ppp.8,v 1.176 1999/06/14 10:12:41 brian Exp $ .Dd 20 September 1995 .nr XX \w'\fC00' .Os FreeBSD @@ -1466,6 +1466,7 @@ command below. .Ar Proto must be one of .Sq icmp , +.Sq igmp , .Sq udp or .Sq tcp . @@ -3831,7 +3832,7 @@ as they travel across the link. .No permit|deny .Oo Ar src_addr Ns Op / Ns Ar width .Op Ar dst_addr Ns Op / Ns Ar width -.Oc Oo tcp|udp|icmp Op src lt|eq|gt Ar port +.Oc Oo tcp|udp|igmp|icmp Op src lt|eq|gt Ar port .Op dst lt|eq|gt Ar port .Op estab .Op syn |