diff options
Diffstat (limited to 'usr.sbin/ppp/filter.c')
-rw-r--r-- | usr.sbin/ppp/filter.c | 209 |
1 files changed, 87 insertions, 122 deletions
diff --git a/usr.sbin/ppp/filter.c b/usr.sbin/ppp/filter.c index 375df1d..30b13a6 100644 --- a/usr.sbin/ppp/filter.c +++ b/usr.sbin/ppp/filter.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: filter.c,v 1.11 1997/06/28 01:34:03 brian Exp $ + * $Id: filter.c,v 1.12 1997/07/27 23:26:23 brian Exp $ * * TODO: Shoud send ICMP error message when we discard packets. */ @@ -42,36 +42,35 @@ static struct filterent filterdata; static u_long netmasks[33] = { - 0x00000000, - 0x80000000, 0xC0000000, 0xE0000000, 0xF0000000, - 0xF8000000, 0xFC000000, 0xFE000000, 0xFF000000, - 0xFF800000, 0xFFC00000, 0xFFE00000, 0xFFF00000, - 0xFFF80000, 0xFFFC0000, 0xFFFE0000, 0xFFFF0000, - 0xFFFF8000, 0xFFFFC000, 0xFFFFE000, 0xFFFFF000, - 0xFFFFF800, 0xFFFFFC00, 0xFFFFFE00, 0xFFFFFF00, - 0xFFFFFF80, 0xFFFFFFC0, 0xFFFFFFE0, 0xFFFFFFF0, - 0xFFFFFFF8, 0xFFFFFFFC, 0xFFFFFFFE, 0xFFFFFFFF, + 0x00000000, + 0x80000000, 0xC0000000, 0xE0000000, 0xF0000000, + 0xF8000000, 0xFC000000, 0xFE000000, 0xFF000000, + 0xFF800000, 0xFFC00000, 0xFFE00000, 0xFFF00000, + 0xFFF80000, 0xFFFC0000, 0xFFFE0000, 0xFFFF0000, + 0xFFFF8000, 0xFFFFC000, 0xFFFFE000, 0xFFFFF000, + 0xFFFFF800, 0xFFFFFC00, 0xFFFFFE00, 0xFFFFFF00, + 0xFFFFFF80, 0xFFFFFFC0, 0xFFFFFFE0, 0xFFFFFFF0, + 0xFFFFFFF8, 0xFFFFFFFC, 0xFFFFFFFE, 0xFFFFFFFF, }; int -ParseAddr(argc, argv, paddr, pmask, pwidth) -int argc; -char **argv; -struct in_addr *paddr; -struct in_addr *pmask; -int *pwidth; +ParseAddr(int argc, + char **argv, + struct in_addr * paddr, + struct in_addr * pmask, + int *pwidth) { int bits; char *cp, *wp; if (argc < 1) { LogPrintf(LogWARN, "ParseAddr: address/mask is expected.\n"); - return(0); + return (0); } - pmask->s_addr = 0xffffffff; /* Assume 255.255.255.255 as default */ cp = index(*argv, '/'); - if (cp) *cp++ = '\0'; + if (cp) + *cp++ = '\0'; if (strcasecmp(*argv, "HISADDR") == 0) *paddr = IpcpInfo.his_ipaddr; else if (strcasecmp(*argv, "MYADDR") == 0) @@ -82,7 +81,7 @@ int *pwidth; bits = strtol(cp, &wp, 0); if (cp == wp || bits < 0 || bits > 32) { LogPrintf(LogWARN, "ParseAddr: bad mask width.\n"); - return(0); + return (0); } } else { /* if width is not given, assume whole 32 bits are meaningfull */ @@ -92,18 +91,16 @@ int *pwidth; *pwidth = bits; pmask->s_addr = htonl(netmasks[bits]); - return(1); + return (1); } static int -ParseProto(argc, argv) -int argc; -char **argv; +ParseProto(int argc, char **argv) { int proto; if (argc < 1) - return(P_NONE); + return (P_NONE); if (STREQ(*argv, "tcp")) proto = P_TCP; @@ -113,13 +110,11 @@ char **argv; proto = P_ICMP; else proto = P_NONE; - return(proto); + return (proto); } static int -ParsePort(service, proto) -char *service; -int proto; +ParsePort(char *service, int proto) { char *protocol_name, *cp; struct servent *servent; @@ -136,26 +131,24 @@ int proto; protocol_name = 0; } - servent = getservbyname (service, protocol_name); + servent = getservbyname(service, protocol_name); if (servent != 0) - return(ntohs(servent->s_port)); + return (ntohs(servent->s_port)); port = strtol(service, &cp, 0); if (cp == service) { LogPrintf(LogWARN, "ParsePort: %s is not a port name or number.\n", - service); - return(0); + service); + return (0); } - return(port); + return (port); } /* * ICMP Syntax: src eq icmp_message_type */ static int -ParseIcmp(argc, argv) -int argc; -char **argv; +ParseIcmp(int argc, char **argv) { int type; char *cp; @@ -167,25 +160,24 @@ char **argv; break; default: LogPrintf(LogWARN, "ParseIcmp: bad icmp syntax.\n"); - return(0); + return (0); case 3: if (STREQ(*argv, "src") && STREQ(argv[1], "eq")) { type = strtol(argv[2], &cp, 0); if (cp == argv[2]) { LogPrintf(LogWARN, "ParseIcmp: type is expected.\n"); - return(0); + return (0); } filterdata.opt.srcop = OP_EQ; filterdata.opt.srcport = type; } break; } - return(1); + return (1); } static int -ParseOp(cp) -char *cp; +ParseOp(char *cp) { int op = OP_NONE; @@ -195,74 +187,69 @@ char *cp; op = OP_GT; else if (STREQ(cp, "lt")) op = OP_LT; - return(op); + return (op); } /* * UDP Syntax: [src op port] [dst op port] */ static int -ParseUdpOrTcp(argc, argv, proto) -int argc; -char **argv; -int proto; +ParseUdpOrTcp(int argc, char **argv, int proto) { - if (argc == 0) { /* permit/deny all tcp traffic */ filterdata.opt.srcop = filterdata.opt.dstop = A_NONE; - return(1); + return (1); } if (argc < 3) { LogPrintf(LogWARN, "ParseUdpOrTcp: bad udp/tcp syntax.\n"); - return(0); + return (0); } if (argc >= 3 && STREQ(*argv, "src")) { filterdata.opt.srcop = ParseOp(argv[1]); if (filterdata.opt.srcop == OP_NONE) { LogPrintf(LogWARN, "ParseUdpOrTcp: bad operation\n"); - return(0); + return (0); } filterdata.opt.srcport = ParsePort(argv[2], proto); if (filterdata.opt.srcport == 0) - return(0); - argc -= 3; argv += 3; + return (0); + argc -= 3; + argv += 3; if (argc == 0) - return(1); + return (1); } if (argc >= 3 && STREQ(argv[0], "dst")) { filterdata.opt.dstop = ParseOp(argv[1]); if (filterdata.opt.dstop == OP_NONE) { LogPrintf(LogWARN, "ParseUdpOrTcp: bad operation\n"); - return(0); + return (0); } filterdata.opt.dstport = ParsePort(argv[2], proto); if (filterdata.opt.dstport == 0) - return(0); - argc -= 3; argv += 3; + return (0); + argc -= 3; + argv += 3; if (argc == 0) - return(1); + return (1); } if (argc == 1) { if (STREQ(*argv, "estab")) { filterdata.opt.estab = 1; - return(1); + return (1); } LogPrintf(LogWARN, "ParseUdpOrTcp: estab is expected: %s\n", *argv); - return(0); + return (0); } if (argc > 0) LogPrintf(LogWARN, "ParseUdpOrTcp: bad src/dst port syntax: %s\n", *argv); - return(0); + return (0); } -char *opname[] = { "none", "eq", "gt", "lt" }; +char *opname[] = {"none", "eq", "gt", "lt"}; static int -Parse(argc, argv, ofp) -int argc; -char **argv; -struct filterent *ofp; +Parse(int argc, char **argv, struct filterent * ofp) { int action, proto; int val; @@ -272,7 +259,7 @@ struct filterent *ofp; val = strtol(*argv, &wp, 0); if (*argv == wp || val > MAXFILTERS) { LogPrintf(LogWARN, "Parse: invalid filter number.\n"); - return(0); + return (0); } if (val < 0) { for (val = 0; val < MAXFILTERS; val++) { @@ -280,13 +267,13 @@ struct filterent *ofp; ofp++; } LogPrintf(LogWARN, "Parse: filter cleared.\n"); - return(1); + return (1); } ofp += val; if (--argc == 0) { LogPrintf(LogWARN, "Parse: missing action.\n"); - return(0); + return (0); } argv++; @@ -299,47 +286,54 @@ struct filterent *ofp; action = A_DENY; } else if (STREQ(*argv, "clear")) { ofp->action = A_NONE; - return(1); + return (1); } else { LogPrintf(LogWARN, "Parse: bad action: %s\n", *argv); - return(0); + return (0); } fp->action = action; - argc--; argv++; + argc--; + argv++; if (fp->action == A_DENY) { if (STREQ(*argv, "host")) { fp->action |= A_UHOST; - argc--; argv++; + argc--; + argv++; } else if (STREQ(*argv, "port")) { fp->action |= A_UPORT; - argc--; argv++; + argc--; + argv++; } } - proto = ParseProto(argc, argv); if (proto == P_NONE) { if (ParseAddr(argc, argv, &fp->saddr, &fp->smask, &fp->swidth)) { - argc--; argv++; + argc--; + argv++; proto = ParseProto(argc, argv); if (proto == P_NONE) { if (ParseAddr(argc, argv, &fp->daddr, &fp->dmask, &fp->dwidth)) { - argc--; argv++; + argc--; + argv++; } proto = ParseProto(argc, argv); if (proto) { - argc--; argv++; + argc--; + argv++; } } else { - argc--; argv++; + argc--; + argv++; } } else { LogPrintf(LogWARN, "Parse: Address/protocol expected.\n"); - return(0); + return (0); } } else { - argc--; argv++; + argc--; + argv++; } val = 1; @@ -371,62 +365,46 @@ struct filterent *ofp; if (val) *ofp = *fp; - return(val); + return (val); } int -SetIfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +SetIfilter(struct cmdtab * list, int argc, char **argv) { if (argc > 0) { (void) Parse(argc, argv, ifilters); return 0; } - return -1; } int -SetOfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +SetOfilter(struct cmdtab * list, int argc, char **argv) { if (argc > 0) { (void) Parse(argc, argv, ofilters); return 0; } - return -1; } int -SetDfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +SetDfilter(struct cmdtab * list, int argc, char **argv) { if (argc > 0) { (void) Parse(argc, argv, dfilters); return 0; } - return -1; } int -SetAfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +SetAfilter(struct cmdtab * list, int argc, char **argv) { if (argc > 0) { (void) Parse(argc, argv, afilters); return 0; } - return -1; } @@ -439,8 +417,7 @@ static char *actname[] = { }; static void -ShowFilter(fp) -struct filterent *fp; +ShowFilter(struct filterent * fp) { int n; @@ -457,10 +434,10 @@ struct filterent *fp; if (fp->opt.srcop) fprintf(VarTerm, " src %s %d", opname[fp->opt.srcop], - fp->opt.srcport); + fp->opt.srcport); if (fp->opt.dstop) fprintf(VarTerm, " dst %s %d", opname[fp->opt.dstop], - fp->opt.dstport); + fp->opt.dstport); if (fp->opt.estab) fprintf(VarTerm, " estab"); @@ -471,40 +448,28 @@ struct filterent *fp; } int -ShowIfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +ShowIfilter(struct cmdtab * list, int argc, char **argv) { ShowFilter(ifilters); return 0; } int -ShowOfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +ShowOfilter(struct cmdtab * list, int argc, char **argv) { ShowFilter(ofilters); return 0; } int -ShowDfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +ShowDfilter(struct cmdtab * list, int argc, char **argv) { ShowFilter(dfilters); return 0; } int -ShowAfilter(list, argc, argv) -struct cmdtab *list; -int argc; -char **argv; +ShowAfilter(struct cmdtab * list, int argc, char **argv) { ShowFilter(afilters); return 0; |