summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbrian <brian@FreeBSD.org>1999-08-02 11:53:16 +0000
committerbrian <brian@FreeBSD.org>1999-08-02 11:53:16 +0000
commit5b5828498ce7d177092ce4cab703281dbce9c563 (patch)
tree286e715bb495cf12ce3d6a2f222e318b996048fa
parentede804a7142c392ebacfd6ddedb78a29727a8ca8 (diff)
downloadFreeBSD-src-5b5828498ce7d177092ce4cab703281dbce9c563.zip
FreeBSD-src-5b5828498ce7d177092ce4cab703281dbce9c563.tar.gz
Filter ospf and igmp separately.
Kind-of submitted by: phk
-rw-r--r--usr.sbin/ppp/filter.c34
-rw-r--r--usr.sbin/ppp/filter.h5
-rw-r--r--usr.sbin/ppp/ip.c19
3 files changed, 50 insertions, 8 deletions
diff --git a/usr.sbin/ppp/filter.c b/usr.sbin/ppp/filter.c
index b9e129e..3287ca5 100644
--- a/usr.sbin/ppp/filter.c
+++ b/usr.sbin/ppp/filter.c
@@ -17,7 +17,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * $Id: filter.c,v 1.32 1999/07/27 23:43:58 brian Exp $
+ * $Id: filter.c,v 1.33 1999/07/28 03:01:51 brian Exp $
*
* TODO: Shoud send ICMP error message when we discard packets.
*/
@@ -261,10 +261,13 @@ ParseUdpOrTcp(int argc, char const *const *argv, int proto,
return 1;
}
-static int ParseIgmp(int argc, char const * const *argv, struct filterent *tgt)
+static int
+ParseIgmp(int argc, char const * const *argv, struct filterent *tgt)
{
- /* Filter currently is a catch-all. Requests are either permitted or
- dropped. */
+ /*
+ * Filter currently is a catch-all. Requests are either permitted or
+ * dropped.
+ */
if (argc != 0) {
log_Printf(LogWARN, "ParseIgmp: Too many parameters\n");
return 0;
@@ -274,6 +277,22 @@ static int ParseIgmp(int argc, char const * const *argv, struct filterent *tgt)
return 1;
}
+static int
+ParseOspf(int argc, char const * const *argv, struct filterent *tgt)
+{
+ /*
+ * Filter currently is a catch-all. Requests are either permitted or
+ * dropped.
+ */
+ if (argc != 0) {
+ log_Printf(LogWARN, "ParseOspf: Too many parameters\n");
+ return 0;
+ } else
+ tgt->f_srcop = OP_NONE;
+
+ return 1;
+}
+
static unsigned
addrtype(const char *addr)
{
@@ -432,6 +451,9 @@ Parse(struct ipcp *ipcp, int argc, char const *const *argv,
case P_IGMP:
val = ParseIgmp(argc, argv, &filterdata);
break;
+ case P_OSPF:
+ val = ParseOspf(argc, argv, &filterdata);
+ break;
}
log_Printf(LogDEBUG, "Parse: Src: %s\n", inet_ntoa(filterdata.f_src.ipaddr));
@@ -569,7 +591,9 @@ filter_Show(struct cmdargs const *arg)
return 0;
}
-static const char *protoname[] = { "none", "tcp", "udp", "icmp", "igmp" };
+static const char *protoname[] = {
+ "none", "tcp", "udp", "icmp", "ospf", "igmp"
+};
const char *
filter_Proto2Nam(int proto)
diff --git a/usr.sbin/ppp/filter.h b/usr.sbin/ppp/filter.h
index 16c15f7..0f35ae2 100644
--- a/usr.sbin/ppp/filter.h
+++ b/usr.sbin/ppp/filter.h
@@ -15,7 +15,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * $Id: filter.h,v 1.16 1999/06/23 16:48:22 brian Exp $
+ * $Id: filter.h,v 1.17 1999/07/27 23:43:59 brian Exp $
*
* TODO:
*/
@@ -25,7 +25,8 @@
#define P_TCP 1
#define P_UDP 2
#define P_ICMP 3
-#define P_IGMP 4
+#define P_OSPF 4
+#define P_IGMP 5
/* Operations - f_srcop, f_dstop */
#define OP_NONE 0
diff --git a/usr.sbin/ppp/ip.c b/usr.sbin/ppp/ip.c
index 8ea2e73..3ad2de6 100644
--- a/usr.sbin/ppp/ip.c
+++ b/usr.sbin/ppp/ip.c
@@ -17,7 +17,7 @@
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * $Id: ip.c,v 1.64 1999/06/23 16:48:23 brian Exp $
+ * $Id: ip.c,v 1.65 1999/07/27 23:43:59 brian Exp $
*
* TODO:
* o Return ICMP message for filterd packet
@@ -179,6 +179,13 @@ FilterCheck(const struct ip *pip, const struct filter *filter)
estab = syn = finrst = -1;
sport = ntohs(0);
break;
+ case IPPROTO_OSPFIGP:
+ cproto = P_OSPF;
+ if (datalen < 8) /* IGMP uses 8-octet messages */
+ return (1);
+ estab = syn = finrst = -1;
+ sport = ntohs(0);
+ break;
case IPPROTO_UDP:
case IPPROTO_IPIP:
cproto = P_UDP;
@@ -350,6 +357,16 @@ PacketCheck(struct bundle *bundle, char *cp, int nb, struct filter *filter)
loglen += strlen(logbuf + loglen);
}
break;
+ case IPPROTO_OSPFIGP:
+ if (logit && loglen < sizeof logbuf) {
+ snprintf(logbuf + loglen, sizeof logbuf - loglen,
+ "OSPF: %s ---> ", inet_ntoa(pip->ip_src));
+ loglen += strlen(logbuf + loglen);
+ snprintf(logbuf + loglen, sizeof logbuf - loglen,
+ "%s", inet_ntoa(pip->ip_dst));
+ loglen += strlen(logbuf + loglen);
+ }
+ break;
case IPPROTO_IPIP:
if (logit && loglen < sizeof logbuf) {
uh = (struct udphdr *) ptop;
OpenPOWER on IntegriCloud