Changeset View
Changeset View
Standalone View
Standalone View
head/sbin/ipfw/ipfw2.c
Show All 30 Lines | |||||
#include <ctype.h> | #include <ctype.h> | ||||
#include <err.h> | #include <err.h> | ||||
#include <errno.h> | #include <errno.h> | ||||
#include <grp.h> | #include <grp.h> | ||||
#include <netdb.h> | #include <netdb.h> | ||||
#include <pwd.h> | #include <pwd.h> | ||||
#include <stdio.h> | #include <stdio.h> | ||||
#include <stdarg.h> | #include <stdarg.h> | ||||
#include <stdint.h> | |||||
#include <stdlib.h> | #include <stdlib.h> | ||||
#include <string.h> | #include <string.h> | ||||
#include <sysexits.h> | #include <sysexits.h> | ||||
#include <time.h> /* ctime */ | #include <time.h> /* ctime */ | ||||
#include <timeconv.h> /* _long_to_time */ | #include <timeconv.h> /* _long_to_time */ | ||||
#include <unistd.h> | #include <unistd.h> | ||||
#include <fcntl.h> | #include <fcntl.h> | ||||
#include <stddef.h> /* offsetof */ | #include <stddef.h> /* offsetof */ | ||||
▲ Show 20 Lines • Show All 186 Lines • ▼ Show 20 Lines | static struct _s_x ether_types[] = { | ||||
{ "ns", 0x0600 }, | { "ns", 0x0600 }, | ||||
{ NULL, 0 } | { NULL, 0 } | ||||
}; | }; | ||||
static struct _s_x rule_eactions[] = { | static struct _s_x rule_eactions[] = { | ||||
{ "nat64lsn", TOK_NAT64LSN }, | { "nat64lsn", TOK_NAT64LSN }, | ||||
{ "nat64stl", TOK_NAT64STL }, | { "nat64stl", TOK_NAT64STL }, | ||||
{ "nptv6", TOK_NPTV6 }, | { "nptv6", TOK_NPTV6 }, | ||||
{ "tcp-setmss", TOK_TCPSETMSS }, | |||||
{ NULL, 0 } /* terminator */ | { NULL, 0 } /* terminator */ | ||||
}; | }; | ||||
static struct _s_x rule_actions[] = { | static struct _s_x rule_actions[] = { | ||||
{ "accept", TOK_ACCEPT }, | { "accept", TOK_ACCEPT }, | ||||
{ "pass", TOK_ACCEPT }, | { "pass", TOK_ACCEPT }, | ||||
{ "allow", TOK_ACCEPT }, | { "allow", TOK_ACCEPT }, | ||||
{ "permit", TOK_ACCEPT }, | { "permit", TOK_ACCEPT }, | ||||
Show All 18 Lines | static struct _s_x rule_actions[] = { | ||||
{ "//", TOK_COMMENT }, | { "//", TOK_COMMENT }, | ||||
{ "nat", TOK_NAT }, | { "nat", TOK_NAT }, | ||||
{ "reass", TOK_REASS }, | { "reass", TOK_REASS }, | ||||
{ "setfib", TOK_SETFIB }, | { "setfib", TOK_SETFIB }, | ||||
{ "setdscp", TOK_SETDSCP }, | { "setdscp", TOK_SETDSCP }, | ||||
{ "call", TOK_CALL }, | { "call", TOK_CALL }, | ||||
{ "return", TOK_RETURN }, | { "return", TOK_RETURN }, | ||||
{ "eaction", TOK_EACTION }, | { "eaction", TOK_EACTION }, | ||||
{ "tcp-setmss", TOK_TCPSETMSS }, | |||||
{ NULL, 0 } /* terminator */ | { NULL, 0 } /* terminator */ | ||||
}; | }; | ||||
static struct _s_x rule_action_params[] = { | static struct _s_x rule_action_params[] = { | ||||
{ "altq", TOK_ALTQ }, | { "altq", TOK_ALTQ }, | ||||
{ "log", TOK_LOG }, | { "log", TOK_LOG }, | ||||
{ "tag", TOK_TAG }, | { "tag", TOK_TAG }, | ||||
{ "untag", TOK_UNTAG }, | { "untag", TOK_UNTAG }, | ||||
▲ Show 20 Lines • Show All 3,718 Lines • ▼ Show 20 Lines | chkarg: | ||||
case TOK_REASS: | case TOK_REASS: | ||||
action->opcode = O_REASS; | action->opcode = O_REASS; | ||||
break; | break; | ||||
case TOK_RETURN: | case TOK_RETURN: | ||||
fill_cmd(action, O_CALLRETURN, F_NOT, 0); | fill_cmd(action, O_CALLRETURN, F_NOT, 0); | ||||
break; | break; | ||||
case TOK_TCPSETMSS: { | |||||
u_long mss; | |||||
uint16_t idx; | |||||
idx = pack_object(tstate, "tcp-setmss", IPFW_TLV_EACTION); | |||||
if (idx == 0) | |||||
errx(EX_DATAERR, "pack_object failed"); | |||||
fill_cmd(action, O_EXTERNAL_ACTION, 0, idx); | |||||
NEED1("Missing MSS value"); | |||||
action = next_cmd(action, &ablen); | |||||
action->len = 1; | |||||
CHECK_ACTLEN; | |||||
mss = strtoul(*av, NULL, 10); | |||||
if (mss == 0 || mss > UINT16_MAX) | |||||
errx(EX_USAGE, "invalid MSS value %s", *av); | |||||
fill_cmd(action, O_EXTERNAL_DATA, 0, (uint16_t)mss); | |||||
av++; | |||||
break; | |||||
} | |||||
default: | default: | ||||
av--; | av--; | ||||
if (match_token(rule_eactions, *av) == -1) | if (match_token(rule_eactions, *av) == -1) | ||||
errx(EX_DATAERR, "invalid action %s\n", *av); | errx(EX_DATAERR, "invalid action %s\n", *av); | ||||
/* | /* | ||||
* External actions support. | * External actions support. | ||||
* XXX: we support only syntax with instance name. | * XXX: we support only syntax with instance name. | ||||
▲ Show 20 Lines • Show All 1,394 Lines • Show Last 20 Lines |