diff options
| author | yar <yar@FreeBSD.org> | 2001-12-21 18:43:37 +0000 |
|---|---|---|
| committer | yar <yar@FreeBSD.org> | 2001-12-21 18:43:37 +0000 |
| commit | 7ee7696269e25ee988354fd96bde6b69a11bddc5 (patch) | |
| tree | 4ec7d8e79b2f7c30fb4aee41fc5de2b16c23d5fd /sbin/ipfw | |
| parent | ca1cc6602bf2df156dc2bc753ae9a312fbd4afd6 (diff) | |
| download | FreeBSD-src-7ee7696269e25ee988354fd96bde6b69a11bddc5.zip FreeBSD-src-7ee7696269e25ee988354fd96bde6b69a11bddc5.tar.gz | |
Implement matching IP precedence in ipfw(4).
Submitted by: Igor Timkin <ivt@gamma.ru>
Diffstat (limited to 'sbin/ipfw')
| -rw-r--r-- | sbin/ipfw/ipfw.8 | 3 | ||||
| -rw-r--r-- | sbin/ipfw/ipfw.c | 21 |
2 files changed, 24 insertions, 0 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index f58851e..92c1e98 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -662,6 +662,9 @@ of bandwidth, queue occupation, and also counters. .It Cm ipversion Ar ver Match if the IP header version is .Ar ver . +.It Cm ipprecedence Ar precedence +Match if the numeric value of IP datagram's precedence is equal to +.Ar precedence . .It Cm iptos Ar spec Match if the IP header contains the comma separated list of service types specified in diff --git a/sbin/ipfw/ipfw.c b/sbin/ipfw/ipfw.c index b6a21c9..f936a66 100644 --- a/sbin/ipfw/ipfw.c +++ b/sbin/ipfw/ipfw.c @@ -458,6 +458,8 @@ show_ipfw(struct ip_fw *chain) printf(" iplen %u", chain->fw_iplen); if (chain->fw_ipflg & IP_FW_IF_IPID) printf(" ipid %#x", chain->fw_ipid); + if (chain->fw_ipflg & IP_FW_IF_IPPRE) + printf(" ipprecedence %u", (chain->fw_iptos & 0xe0) >> 5); if (chain->fw_ipflg & IP_FW_IF_IPTOS) { int _opt_printed = 0; @@ -930,6 +932,7 @@ show_usage(void) " ipoptions [!]{ssrr|lsrr|rr|ts}, ...\n" " iplen {length}\n" " ipid {identification number}\n" +" ipprecedence {precedence}\n" " iptos [!]{lowdelay|throughput|reliability|mincost|congestion}, ...\n" " ipttl {time to live}\n" " ipversion {version number}\n" @@ -2120,6 +2123,24 @@ badviacombo: rule.fw_ipflg |= IP_FW_IF_IPID; rule.fw_ipid = (u_short)ipid; av++; ac--; + } else if (!strncmp(*av, "ipprecedence", strlen(*av))) { + u_long ippre; + char *c; + + av++; ac--; + if (!ac) + errx(EX_USAGE, "missing argument" + " for ``ipprecedence''"); + ippre = strtoul(*av, &c, 0); + if (*c != '\0') + errx(EX_DATAERR, "argument to ipprecedence" + " must be numeric"); + if (ippre > 7) + errx(EX_DATAERR, "argument to ipprecedence" + " out of range"); + rule.fw_ipflg |= IP_FW_IF_IPPRE; + rule.fw_iptos |= (u_short)(ippre << 5); + av++; ac--; } else if (!strncmp(*av, "iptos", strlen(*av))) { av++; ac--; if (!ac) |
