Changeset View
Changeset View
Standalone View
Standalone View
sbin/ipfw/tables.c
Show All 25 Lines | |||||
#include <err.h> | #include <err.h> | ||||
#include <errno.h> | #include <errno.h> | ||||
#include <netdb.h> | #include <netdb.h> | ||||
#include <stdio.h> | #include <stdio.h> | ||||
#include <stdlib.h> | #include <stdlib.h> | ||||
#include <string.h> | #include <string.h> | ||||
#include <sysexits.h> | #include <sysexits.h> | ||||
#include <net/ethernet.h> | |||||
#include <net/if.h> | #include <net/if.h> | ||||
#include <netinet/in.h> | #include <netinet/in.h> | ||||
#include <netinet/ip_fw.h> | #include <netinet/ip_fw.h> | ||||
#include <arpa/inet.h> | #include <arpa/inet.h> | ||||
#include <netdb.h> | #include <netdb.h> | ||||
#include "ipfw2.h" | #include "ipfw2.h" | ||||
Show All 30 Lines | |||||
static int tables_foreach(table_cb_t *f, void *arg, int sort); | static int tables_foreach(table_cb_t *f, void *arg, int sort); | ||||
#ifndef s6_addr32 | #ifndef s6_addr32 | ||||
#define s6_addr32 __u6_addr.__u6_addr32 | #define s6_addr32 __u6_addr.__u6_addr32 | ||||
#endif | #endif | ||||
static struct _s_x tabletypes[] = { | static struct _s_x tabletypes[] = { | ||||
{ "addr", IPFW_TABLE_ADDR }, | { "addr", IPFW_TABLE_ADDR }, | ||||
{ "mac", IPFW_TABLE_MAC }, | |||||
{ "iface", IPFW_TABLE_INTERFACE }, | { "iface", IPFW_TABLE_INTERFACE }, | ||||
{ "number", IPFW_TABLE_NUMBER }, | { "number", IPFW_TABLE_NUMBER }, | ||||
{ "flow", IPFW_TABLE_FLOW }, | { "flow", IPFW_TABLE_FLOW }, | ||||
{ NULL, 0 } | { NULL, 0 } | ||||
}; | }; | ||||
/* Default algorithms for various table types */ | /* Default algorithms for various table types */ | ||||
static struct _s_x tablealgos[] = { | static struct _s_x tablealgos[] = { | ||||
▲ Show 20 Lines • Show All 1,095 Lines • ▼ Show 20 Lines | |||||
static void | static void | ||||
tentry_fill_key_type(char *arg, ipfw_obj_tentry *tentry, uint8_t type, | tentry_fill_key_type(char *arg, ipfw_obj_tentry *tentry, uint8_t type, | ||||
uint8_t tflags) | uint8_t tflags) | ||||
{ | { | ||||
char *p, *pp; | char *p, *pp; | ||||
int mask, af; | int mask, af; | ||||
struct in6_addr *paddr, tmp; | struct in6_addr *paddr, tmp; | ||||
struct ether_addr *mac; | |||||
struct tflow_entry *tfe; | struct tflow_entry *tfe; | ||||
uint32_t key, *pkey; | uint32_t key, *pkey; | ||||
uint16_t port; | uint16_t port; | ||||
struct protoent *pent; | struct protoent *pent; | ||||
struct servent *sent; | struct servent *sent; | ||||
int masklen; | int masklen; | ||||
mask = masklen = 0; | mask = masklen = 0; | ||||
Show All 30 Lines | if (inet_pton(AF_INET, arg, paddr) == 1) { | ||||
if (lookup_host(arg, (struct in_addr *)paddr) != 0) | if (lookup_host(arg, (struct in_addr *)paddr) != 0) | ||||
errx(EX_NOHOST, "hostname ``%s'' unknown", arg); | errx(EX_NOHOST, "hostname ``%s'' unknown", arg); | ||||
masklen = 32; | masklen = 32; | ||||
type = IPFW_TABLE_ADDR; | type = IPFW_TABLE_ADDR; | ||||
af = AF_INET; | af = AF_INET; | ||||
} | } | ||||
break; | break; | ||||
case IPFW_TABLE_MAC: | |||||
/* Remove / if exists */ | |||||
if ((p = strchr(arg, '/')) != NULL) { | |||||
*p = '\0'; | |||||
mask = atoi(p + 1); | |||||
} | |||||
if (p != NULL && mask > 8 * ETHER_ADDR_LEN) | |||||
errx(EX_DATAERR, "bad MAC mask width: %s", | |||||
p + 1); | |||||
if ((mac = ether_aton(arg)) == NULL) | |||||
errx(EX_DATAERR, "Incorrect MAC address"); | |||||
memcpy(tentry->k.mac, mac->octet, ETHER_ADDR_LEN); | |||||
masklen = p ? mask : 8 * ETHER_ADDR_LEN; | |||||
af = AF_LINK; | |||||
break; | |||||
case IPFW_TABLE_INTERFACE: | case IPFW_TABLE_INTERFACE: | ||||
/* Assume interface name. Copy significant data only */ | /* Assume interface name. Copy significant data only */ | ||||
mask = MIN(strlen(arg), IF_NAMESIZE - 1); | mask = MIN(strlen(arg), IF_NAMESIZE - 1); | ||||
memcpy(paddr, arg, mask); | memcpy(paddr, arg, mask); | ||||
/* Set mask to exact match */ | /* Set mask to exact match */ | ||||
masklen = 8 * IF_NAMESIZE; | masklen = 8 * IF_NAMESIZE; | ||||
break; | break; | ||||
case IPFW_TABLE_NUMBER: | case IPFW_TABLE_NUMBER: | ||||
▲ Show 20 Lines • Show All 622 Lines • ▼ Show 20 Lines | if (sz != bufsize) | ||||
*(buf - 1) = '\0'; | *(buf - 1) = '\0'; | ||||
} | } | ||||
static void | static void | ||||
table_show_entry(ipfw_xtable_info *i, ipfw_obj_tentry *tent) | table_show_entry(ipfw_xtable_info *i, ipfw_obj_tentry *tent) | ||||
{ | { | ||||
char tbuf[128], pval[128]; | char tbuf[128], pval[128]; | ||||
const char *comma; | const char *comma; | ||||
const u_char *mac; | |||||
void *paddr; | void *paddr; | ||||
struct tflow_entry *tfe; | struct tflow_entry *tfe; | ||||
table_show_value(pval, sizeof(pval), &tent->v.value, i->vmask, | table_show_value(pval, sizeof(pval), &tent->v.value, i->vmask, | ||||
g_co.do_value_as_ip); | g_co.do_value_as_ip); | ||||
switch (i->type) { | switch (i->type) { | ||||
case IPFW_TABLE_ADDR: | case IPFW_TABLE_ADDR: | ||||
/* IPv4 or IPv6 prefixes */ | /* IPv4 or IPv6 prefixes */ | ||||
inet_ntop(tent->subtype, &tent->k, tbuf, sizeof(tbuf)); | inet_ntop(tent->subtype, &tent->k, tbuf, sizeof(tbuf)); | ||||
printf("%s/%u %s\n", tbuf, tent->masklen, pval); | printf("%s/%u %s\n", tbuf, tent->masklen, pval); | ||||
break; | |||||
case IPFW_TABLE_MAC: | |||||
/* MAC prefixes */ | |||||
mac = tent->k.mac; | |||||
printf("%02x:%02x:%02x:%02x:%02x:%02x/%u %s\n", | |||||
mac[0], mac[1], mac[2], mac[3], mac[4], mac[5], | |||||
tent->masklen, pval); | |||||
break; | break; | ||||
case IPFW_TABLE_INTERFACE: | case IPFW_TABLE_INTERFACE: | ||||
/* Interface names */ | /* Interface names */ | ||||
printf("%s %s\n", tent->k.iface, pval); | printf("%s %s\n", tent->k.iface, pval); | ||||
break; | break; | ||||
case IPFW_TABLE_NUMBER: | case IPFW_TABLE_NUMBER: | ||||
/* numbers */ | /* numbers */ | ||||
printf("%u %s\n", tent->k.key, pval); | printf("%u %s\n", tent->k.key, pval); | ||||
▲ Show 20 Lines • Show All 191 Lines • Show Last 20 Lines |