Changeset View
Changeset View
Standalone View
Standalone View
sbin/ipfw/tables.c
Show First 20 Lines • Show All 320 Lines • ▼ Show 20 Lines | |||||
} | } | ||||
static struct _s_x tablenewcmds[] = { | static struct _s_x tablenewcmds[] = { | ||||
{ "type", TOK_TYPE }, | { "type", TOK_TYPE }, | ||||
{ "valtype", TOK_VALTYPE }, | { "valtype", TOK_VALTYPE }, | ||||
{ "algo", TOK_ALGO }, | { "algo", TOK_ALGO }, | ||||
{ "limit", TOK_LIMIT }, | { "limit", TOK_LIMIT }, | ||||
{ "locked", TOK_LOCK }, | { "locked", TOK_LOCK }, | ||||
{ "missing", TOK_MISSING }, | |||||
{ "or-flush", TOK_ORFLUSH }, | |||||
{ NULL, 0 } | { NULL, 0 } | ||||
}; | }; | ||||
static struct _s_x flowtypecmds[] = { | static struct _s_x flowtypecmds[] = { | ||||
{ "src-ip", IPFW_TFFLAG_SRCIP }, | { "src-ip", IPFW_TFFLAG_SRCIP }, | ||||
{ "proto", IPFW_TFFLAG_PROTO }, | { "proto", IPFW_TFFLAG_PROTO }, | ||||
{ "src-port", IPFW_TFFLAG_SRCPORT }, | { "src-port", IPFW_TFFLAG_SRCPORT }, | ||||
{ "dst-ip", IPFW_TFFLAG_DSTIP }, | { "dst-ip", IPFW_TFFLAG_DSTIP }, | ||||
▲ Show 20 Lines • Show All 46 Lines • ▼ Show 20 Lines | case IPFW_TABLE_FLOW: | ||||
break; | break; | ||||
} | } | ||||
} | } | ||||
/* | /* | ||||
* Creates new table | * Creates new table | ||||
* | * | ||||
* ipfw table NAME create [ type { addr | iface | number | flow } ] | * ipfw table NAME create [ type { addr | iface | number | flow } ] | ||||
* [ algo algoname ] | * [ algo algoname ] [missing] [or-flush] | ||||
*/ | */ | ||||
static void | static void | ||||
table_create(ipfw_obj_header *oh, int ac, char *av[]) | table_create(ipfw_obj_header *oh, int ac, char *av[]) | ||||
{ | { | ||||
ipfw_xtable_info xi; | ipfw_xtable_info xi, xie; | ||||
int error, tcmd, val; | int error, tcmd, val; | ||||
uint32_t fset, fclear; | uint32_t fset, fclear; | ||||
char *e, *p; | char *e, *p; | ||||
char tbuf[128]; | char tbuf[128]; | ||||
int missing = 0; | |||||
int flush = 0; | |||||
memset(&xi, 0, sizeof(xi)); | memset(&xi, 0, sizeof(xi)); | ||||
while (ac > 0) { | while (ac > 0) { | ||||
tcmd = get_token(tablenewcmds, *av, "option"); | tcmd = get_token(tablenewcmds, *av, "option"); | ||||
ac--; av++; | ac--; av++; | ||||
switch (tcmd) { | switch (tcmd) { | ||||
▲ Show 20 Lines • Show All 42 Lines • ▼ Show 20 Lines | case TOK_ALGO: | ||||
if (strlen(*av) > sizeof(xi.algoname)) | if (strlen(*av) > sizeof(xi.algoname)) | ||||
errx(EX_USAGE, "algorithm name too long"); | errx(EX_USAGE, "algorithm name too long"); | ||||
strlcpy(xi.algoname, *av, sizeof(xi.algoname)); | strlcpy(xi.algoname, *av, sizeof(xi.algoname)); | ||||
ac--; av++; | ac--; av++; | ||||
break; | break; | ||||
case TOK_LOCK: | case TOK_LOCK: | ||||
xi.flags |= IPFW_TGFLAGS_LOCKED; | xi.flags |= IPFW_TGFLAGS_LOCKED; | ||||
break; | break; | ||||
case TOK_MISSING: | |||||
missing = 1; | |||||
break; | |||||
case TOK_ORFLUSH: | |||||
missing = 1; | |||||
flush = 1; | |||||
break; | |||||
} | } | ||||
} | } | ||||
/* Set some defaults to preserve compatibility. */ | /* Set some defaults to preserve compatibility. */ | ||||
if (xi.algoname[0] == '\0' && xi.type == 0) | if (xi.algoname[0] == '\0' && xi.type == 0) | ||||
xi.type = IPFW_TABLE_ADDR; | xi.type = IPFW_TABLE_ADDR; | ||||
if (xi.vmask == 0) | if (xi.vmask == 0) | ||||
xi.vmask = IPFW_VTYPE_LEGACY; | xi.vmask = IPFW_VTYPE_LEGACY; | ||||
if ((error = table_do_create(oh, &xi)) != 0) | error = table_do_create(oh, &xi); | ||||
if (error == 0) | |||||
return; | |||||
if (errno != EEXIST || !missing) | |||||
err(EX_OSERR, "Table creation failed"); | err(EX_OSERR, "Table creation failed"); | ||||
/* Check that existing table as same we try to create */ | |||||
if (table_get_info(oh, &xie) != 0) | |||||
err(EX_OSERR, "Existing table check failed"); | |||||
if (xi.limit != xie.limit || | |||||
xi.type != xie.type || | |||||
xi.tflags != xie.tflags || | |||||
xi.vmask != xie.vmask || | |||||
(xi.algoname[0] != '\0' && strcmp(xi.algoname, xie.algoname) != 0) || | |||||
xi.flags != xie.flags) | |||||
err(EX_OSERR, "Existing table is incompatible with created one"); | |||||
/* Flush existing table if instructed so */ | |||||
if (flush != 0) | |||||
if (table_flush(oh) != 0) | |||||
err(EX_OSERR, "Table flush on creation failed"); | |||||
mizhka: double indentation. please use && to simplify code | |||||
} | } | ||||
/* | /* | ||||
* Creates new table | * Creates new table | ||||
* | * | ||||
* Request: [ ipfw_obj_header ipfw_xtable_info ] | * Request: [ ipfw_obj_header ipfw_xtable_info ] | ||||
* | * | ||||
* Returns 0 on success. | * Returns 0 on success. | ||||
▲ Show 20 Lines • Show All 1,556 Lines • Show Last 20 Lines |
double indentation. please use && to simplify code