| pfctl_parser.c (145840) | pfctl_parser.c (171172) |
|---|---|
| 1/* $OpenBSD: pfctl_parser.c,v 1.211 2004/12/07 10:33:41 dhartmei Exp $ */ | 1/* $OpenBSD: pfctl_parser.c,v 1.234 2006/10/31 23:46:24 mcbride Exp $ */ |
| 2 3/* 4 * Copyright (c) 2001 Daniel Hartmeier 5 * Copyright (c) 2002,2003 Henning Brauer 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 17 unchanged lines hidden (view full) --- 27 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 29 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 * 32 */ 33 34#include <sys/cdefs.h> | 2 3/* 4 * Copyright (c) 2001 Daniel Hartmeier 5 * Copyright (c) 2002,2003 Henning Brauer 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 17 unchanged lines hidden (view full) --- 27 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 29 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 * 32 */ 33 34#include <sys/cdefs.h> |
| 35__FBSDID("$FreeBSD: head/contrib/pf/pfctl/pfctl_parser.c 145840 2005-05-03 16:55:20Z mlaier $"); | 35__FBSDID("$FreeBSD: head/contrib/pf/pfctl/pfctl_parser.c 171172 2007-07-03 12:30:03Z mlaier $"); |
| 36 37#include <sys/types.h> 38#include <sys/ioctl.h> 39#include <sys/socket.h> 40#include <sys/param.h> 41#include <sys/proc.h> 42#include <net/if.h> 43#include <netinet/in.h> --- 9 unchanged lines hidden (view full) --- 53#include <string.h> 54#include <ctype.h> 55#include <limits.h> 56#include <netdb.h> 57#include <stdarg.h> 58#include <errno.h> 59#include <err.h> 60#include <ifaddrs.h> | 36 37#include <sys/types.h> 38#include <sys/ioctl.h> 39#include <sys/socket.h> 40#include <sys/param.h> 41#include <sys/proc.h> 42#include <net/if.h> 43#include <netinet/in.h> --- 9 unchanged lines hidden (view full) --- 53#include <string.h> 54#include <ctype.h> 55#include <limits.h> 56#include <netdb.h> 57#include <stdarg.h> 58#include <errno.h> 59#include <err.h> 60#include <ifaddrs.h> |
| 61#include <unistd.h> |
|
| 61 62#include "pfctl_parser.h" 63#include "pfctl.h" 64 65void print_op (u_int8_t, const char *, const char *); 66void print_port (u_int8_t, u_int16_t, u_int16_t, const char *); 67void print_ugid (u_int8_t, unsigned, unsigned, const char *, unsigned); 68void print_flags (u_int8_t); 69void print_fromto(struct pf_rule_addr *, pf_osfp_t, 70 struct pf_rule_addr *, u_int8_t, u_int8_t, int); 71int ifa_skip_if(const char *filter, struct node_host *p); 72 | 62 63#include "pfctl_parser.h" 64#include "pfctl.h" 65 66void print_op (u_int8_t, const char *, const char *); 67void print_port (u_int8_t, u_int16_t, u_int16_t, const char *); 68void print_ugid (u_int8_t, unsigned, unsigned, const char *, unsigned); 69void print_flags (u_int8_t); 70void print_fromto(struct pf_rule_addr *, pf_osfp_t, 71 struct pf_rule_addr *, u_int8_t, u_int8_t, int); 72int ifa_skip_if(const char *filter, struct node_host *p); 73 |
| 74struct node_host *ifa_grouplookup(const char *, int); |
|
| 73struct node_host *host_if(const char *, int); 74struct node_host *host_v4(const char *, int); 75struct node_host *host_v6(const char *, int); 76struct node_host *host_dns(const char *, int, int); 77 78const char *tcpflags = "FSRPAUEW"; 79 80static const struct icmptypeent icmp_type[] = { --- 397 unchanged lines hidden (view full) --- 478const char *pf_reasons[PFRES_MAX+1] = PFRES_NAMES; 479const char *pf_lcounters[LCNT_MAX+1] = LCNT_NAMES; 480const char *pf_fcounters[FCNT_MAX+1] = FCNT_NAMES; 481const char *pf_scounters[FCNT_MAX+1] = FCNT_NAMES; 482 483void 484print_status(struct pf_status *s, int opts) 485{ | 75struct node_host *host_if(const char *, int); 76struct node_host *host_v4(const char *, int); 77struct node_host *host_v6(const char *, int); 78struct node_host *host_dns(const char *, int, int); 79 80const char *tcpflags = "FSRPAUEW"; 81 82static const struct icmptypeent icmp_type[] = { --- 397 unchanged lines hidden (view full) --- 480const char *pf_reasons[PFRES_MAX+1] = PFRES_NAMES; 481const char *pf_lcounters[LCNT_MAX+1] = LCNT_NAMES; 482const char *pf_fcounters[FCNT_MAX+1] = FCNT_NAMES; 483const char *pf_scounters[FCNT_MAX+1] = FCNT_NAMES; 484 485void 486print_status(struct pf_status *s, int opts) 487{ |
| 486 char statline[80], *running; 487 time_t runtime; 488 int i; | 488 char statline[80], *running; 489 time_t runtime; 490 int i; 491 char buf[PF_MD5_DIGEST_LENGTH * 2 + 1]; 492 static const char hex[] = "0123456789abcdef"; |
| 489 490 runtime = time(NULL) - s->since; 491 running = s->running ? "Enabled" : "Disabled"; 492 493 if (s->since) { 494 unsigned sec, min, hrs, day = runtime; 495 496 sec = day % 60; --- 17 unchanged lines hidden (view full) --- 514 break; 515 case PF_DEBUG_MISC: 516 printf("%15s\n\n", "Debug: Misc"); 517 break; 518 case PF_DEBUG_NOISY: 519 printf("%15s\n\n", "Debug: Loud"); 520 break; 521 } | 493 494 runtime = time(NULL) - s->since; 495 running = s->running ? "Enabled" : "Disabled"; 496 497 if (s->since) { 498 unsigned sec, min, hrs, day = runtime; 499 500 sec = day % 60; --- 17 unchanged lines hidden (view full) --- 518 break; 519 case PF_DEBUG_MISC: 520 printf("%15s\n\n", "Debug: Misc"); 521 break; 522 case PF_DEBUG_NOISY: 523 printf("%15s\n\n", "Debug: Loud"); 524 break; 525 } |
| 522 printf("Hostid: 0x%08x\n\n", ntohl(s->hostid)); | 526 527 if (opts & PF_OPT_VERBOSE) { 528 printf("Hostid: 0x%08x\n", ntohl(s->hostid)); 529 530 for (i = 0; i < PF_MD5_DIGEST_LENGTH; i++) { 531 buf[i + i] = hex[s->pf_chksum[i] >> 4]; 532 buf[i + i + 1] = hex[s->pf_chksum[i] & 0x0f]; 533 } 534 buf[i + i] = '\0'; 535 printf("Checksum: 0x%s\n\n", buf); 536 } 537 |
| 523 if (s->ifname[0] != 0) { 524 printf("Interface Stats for %-16s %5s %16s\n", 525 s->ifname, "IPv4", "IPv6"); 526 printf(" %-25s %14llu %16llu\n", "Bytes In", 527 (unsigned long long)s->bcounters[0][0], 528 (unsigned long long)s->bcounters[1][0]); 529 printf(" %-25s %14llu %16llu\n", "Bytes Out", 530 (unsigned long long)s->bcounters[0][1], --- 95 unchanged lines hidden (view full) --- 626 if (sn->states == 0) { 627 sec = sn->expire % 60; 628 sn->expire /= 60; 629 min = sn->expire % 60; 630 sn->expire /= 60; 631 printf(", expires in %.2u:%.2u:%.2u", 632 sn->expire, min, sec); 633 } | 538 if (s->ifname[0] != 0) { 539 printf("Interface Stats for %-16s %5s %16s\n", 540 s->ifname, "IPv4", "IPv6"); 541 printf(" %-25s %14llu %16llu\n", "Bytes In", 542 (unsigned long long)s->bcounters[0][0], 543 (unsigned long long)s->bcounters[1][0]); 544 printf(" %-25s %14llu %16llu\n", "Bytes Out", 545 (unsigned long long)s->bcounters[0][1], --- 95 unchanged lines hidden (view full) --- 641 if (sn->states == 0) { 642 sec = sn->expire % 60; 643 sn->expire /= 60; 644 min = sn->expire % 60; 645 sn->expire /= 60; 646 printf(", expires in %.2u:%.2u:%.2u", 647 sn->expire, min, sec); 648 } |
| 634 printf(", %u pkts, %u bytes", sn->packets, sn->bytes); | 649 printf(", %llu pkts, %llu bytes", 650#ifdef __FreeBSD__ 651 (unsigned long long)(sn->packets[0] + sn->packets[1]), 652 (unsigned long long)(sn->bytes[0] + sn->bytes[1])); 653#else 654 sn->packets[0] + sn->packets[1], 655 sn->bytes[0] + sn->bytes[1]); 656#endif |
| 635 switch (sn->ruletype) { 636 case PF_NAT: 637 if (sn->rule.nr != -1) 638 printf(", nat rule %u", sn->rule.nr); 639 break; 640 case PF_RDR: 641 if (sn->rule.nr != -1) 642 printf(", rdr rule %u", sn->rule.nr); --- 16 unchanged lines hidden (view full) --- 659 "anchor", "nat-anchor", "nat-anchor", "binat-anchor", 660 "binat-anchor", "rdr-anchor", "rdr-anchor" }; 661 int i, opts; 662 663 if (verbose) 664 printf("@%d ", r->nr); 665 if (r->action > PF_NORDR) 666 printf("action(%d)", r->action); | 657 switch (sn->ruletype) { 658 case PF_NAT: 659 if (sn->rule.nr != -1) 660 printf(", nat rule %u", sn->rule.nr); 661 break; 662 case PF_RDR: 663 if (sn->rule.nr != -1) 664 printf(", rdr rule %u", sn->rule.nr); --- 16 unchanged lines hidden (view full) --- 681 "anchor", "nat-anchor", "nat-anchor", "binat-anchor", 682 "binat-anchor", "rdr-anchor", "rdr-anchor" }; 683 int i, opts; 684 685 if (verbose) 686 printf("@%d ", r->nr); 687 if (r->action > PF_NORDR) 688 printf("action(%d)", r->action); |
| 667 else if (anchor_call[0]) 668 printf("%s \"%s\"", anchortypes[r->action], 669 anchor_call); 670 else { | 689 else if (anchor_call[0]) { 690 if (anchor_call[0] == '_') { 691 printf("%s", anchortypes[r->action]); 692 } else 693 printf("%s \"%s\"", anchortypes[r->action], 694 anchor_call); 695 } else { |
| 671 printf("%s", actiontypes[r->action]); 672 if (r->natpass) 673 printf(" pass"); 674 } 675 if (r->action == PF_DROP) { 676 if (r->rule_flag & PFRULE_RETURN) 677 printf(" return"); 678 else if (r->rule_flag & PFRULE_RETURNRST) { --- 38 unchanged lines hidden (view full) --- 717 } 718 } else 719 printf(" drop"); 720 } 721 if (r->direction == PF_IN) 722 printf(" in"); 723 else if (r->direction == PF_OUT) 724 printf(" out"); | 696 printf("%s", actiontypes[r->action]); 697 if (r->natpass) 698 printf(" pass"); 699 } 700 if (r->action == PF_DROP) { 701 if (r->rule_flag & PFRULE_RETURN) 702 printf(" return"); 703 else if (r->rule_flag & PFRULE_RETURNRST) { --- 38 unchanged lines hidden (view full) --- 742 } 743 } else 744 printf(" drop"); 745 } 746 if (r->direction == PF_IN) 747 printf(" in"); 748 else if (r->direction == PF_OUT) 749 printf(" out"); |
| 725 if (r->log == 1) | 750 if (r->log) { |
| 726 printf(" log"); | 751 printf(" log"); |
| 727 else if (r->log == 2) 728 printf(" log-all"); | 752 if (r->log & ~PF_LOG || r->logif) { 753 int count = 0; 754 755 printf(" ("); 756 if (r->log & PF_LOG_ALL) 757 printf("%sall", count++ ? ", " : ""); 758 if (r->log & PF_LOG_SOCKET_LOOKUP) 759 printf("%suser", count++ ? ", " : ""); 760 if (r->logif) 761 printf("%sto pflog%u", count++ ? ", " : "", 762 r->logif); 763 printf(")"); 764 } 765 } |
| 729 if (r->quick) 730 printf(" quick"); 731 if (r->ifname[0]) { 732 if (r->ifnot) 733 printf(" on ! %s", r->ifname); 734 else 735 printf(" on %s", r->ifname); 736 } --- 33 unchanged lines hidden (view full) --- 770 if (r->gid.op) 771 print_ugid(r->gid.op, r->gid.gid[0], r->gid.gid[1], "group", 772 GID_MAX); 773 if (r->flags || r->flagset) { 774 printf(" flags "); 775 print_flags(r->flags); 776 printf("/"); 777 print_flags(r->flagset); | 766 if (r->quick) 767 printf(" quick"); 768 if (r->ifname[0]) { 769 if (r->ifnot) 770 printf(" on ! %s", r->ifname); 771 else 772 printf(" on %s", r->ifname); 773 } --- 33 unchanged lines hidden (view full) --- 807 if (r->gid.op) 808 print_ugid(r->gid.op, r->gid.gid[0], r->gid.gid[1], "group", 809 GID_MAX); 810 if (r->flags || r->flagset) { 811 printf(" flags "); 812 print_flags(r->flags); 813 printf("/"); 814 print_flags(r->flagset); |
| 778 } | 815 } else if (r->action == PF_PASS && 816 (!r->proto || r->proto == IPPROTO_TCP) && 817 !(r->rule_flag & PFRULE_FRAGMENT) && 818 !anchor_call[0] && r->keep_state) 819 printf(" flags any"); |
| 779 if (r->type) { 780 const struct icmptypeent *it; 781 782 it = geticmptypebynumber(r->type-1, r->af); 783 if (r->af != AF_INET6) 784 printf(" icmp-type"); 785 else 786 printf(" icmp6-type"); --- 8 unchanged lines hidden (view full) --- 795 if (ic != NULL) 796 printf(" code %s", ic->name); 797 else 798 printf(" code %u", r->code-1); 799 } 800 } 801 if (r->tos) 802 printf(" tos 0x%2.2x", r->tos); | 820 if (r->type) { 821 const struct icmptypeent *it; 822 823 it = geticmptypebynumber(r->type-1, r->af); 824 if (r->af != AF_INET6) 825 printf(" icmp-type"); 826 else 827 printf(" icmp6-type"); --- 8 unchanged lines hidden (view full) --- 836 if (ic != NULL) 837 printf(" code %s", ic->name); 838 else 839 printf(" code %u", r->code-1); 840 } 841 } 842 if (r->tos) 843 printf(" tos 0x%2.2x", r->tos); |
| 803 if (r->keep_state == PF_STATE_NORMAL) | 844 if (!r->keep_state && r->action == PF_PASS && !anchor_call[0]) 845 printf(" no state"); 846 else if (r->keep_state == PF_STATE_NORMAL) |
| 804 printf(" keep state"); 805 else if (r->keep_state == PF_STATE_MODULATE) 806 printf(" modulate state"); 807 else if (r->keep_state == PF_STATE_SYNPROXY) 808 printf(" synproxy state"); 809 if (r->prob) { 810 char buf[20]; 811 --- 11 unchanged lines hidden (view full) --- 823 } 824 opts = 0; 825 if (r->max_states || r->max_src_nodes || r->max_src_states) 826 opts = 1; 827 if (r->rule_flag & PFRULE_NOSYNC) 828 opts = 1; 829 if (r->rule_flag & PFRULE_SRCTRACK) 830 opts = 1; | 847 printf(" keep state"); 848 else if (r->keep_state == PF_STATE_MODULATE) 849 printf(" modulate state"); 850 else if (r->keep_state == PF_STATE_SYNPROXY) 851 printf(" synproxy state"); 852 if (r->prob) { 853 char buf[20]; 854 --- 11 unchanged lines hidden (view full) --- 866 } 867 opts = 0; 868 if (r->max_states || r->max_src_nodes || r->max_src_states) 869 opts = 1; 870 if (r->rule_flag & PFRULE_NOSYNC) 871 opts = 1; 872 if (r->rule_flag & PFRULE_SRCTRACK) 873 opts = 1; |
| 831 if (r->rule_flag & (PFRULE_IFBOUND | PFRULE_GRBOUND)) | 874 if (r->rule_flag & PFRULE_IFBOUND) |
| 832 opts = 1; 833 for (i = 0; !opts && i < PFTM_MAX; ++i) 834 if (r->timeout[i]) 835 opts = 1; 836 if (opts) { 837 printf(" ("); 838 if (r->max_states) { 839 printf("max %u", r->max_states); --- 51 unchanged lines hidden (view full) --- 891 printf(" global"); 892 } 893 if (r->rule_flag & PFRULE_IFBOUND) { 894 if (!opts) 895 printf(", "); 896 printf("if-bound"); 897 opts = 0; 898 } | 875 opts = 1; 876 for (i = 0; !opts && i < PFTM_MAX; ++i) 877 if (r->timeout[i]) 878 opts = 1; 879 if (opts) { 880 printf(" ("); 881 if (r->max_states) { 882 printf("max %u", r->max_states); --- 51 unchanged lines hidden (view full) --- 934 printf(" global"); 935 } 936 if (r->rule_flag & PFRULE_IFBOUND) { 937 if (!opts) 938 printf(", "); 939 printf("if-bound"); 940 opts = 0; 941 } |
| 899 if (r->rule_flag & PFRULE_GRBOUND) { 900 if (!opts) 901 printf(", "); 902 printf("group-bound"); 903 opts = 0; 904 } | |
| 905 for (i = 0; i < PFTM_MAX; ++i) 906 if (r->timeout[i]) { 907 int j; 908 909 if (!opts) 910 printf(", "); 911 opts = 0; | 942 for (i = 0; i < PFTM_MAX; ++i) 943 if (r->timeout[i]) { 944 int j; 945 946 if (!opts) 947 printf(", "); 948 opts = 0; |
| 912 for (j = 0; j < sizeof(pf_timeouts) / 913 sizeof(pf_timeouts[0]); ++j) | 949 for (j = 0; pf_timeouts[j].name != NULL; 950 ++j) |
| 914 if (pf_timeouts[j].timeout == i) 915 break; | 951 if (pf_timeouts[j].timeout == i) 952 break; |
| 916 printf("%s %u", j == PFTM_MAX ? "inv.timeout" : 917 pf_timeouts[j].name, r->timeout[i]); | 953 printf("%s %u", pf_timeouts[j].name == NULL ? 954 "inv.timeout" : pf_timeouts[j].name, 955 r->timeout[i]); |
| 918 } 919 printf(")"); 920 } 921 if (r->rule_flag & PFRULE_FRAGMENT) 922 printf(" fragment"); 923 if (r->rule_flag & PFRULE_NODF) 924 printf(" no-df"); 925 if (r->rule_flag & PFRULE_RANDOMID) --- 23 unchanged lines hidden (view full) --- 949 printf(" queue %s", r->qname); 950 if (r->tagname[0]) 951 printf(" tag %s", r->tagname); 952 if (r->match_tagname[0]) { 953 if (r->match_tag_not) 954 printf(" !"); 955 printf(" tagged %s", r->match_tagname); 956 } | 956 } 957 printf(")"); 958 } 959 if (r->rule_flag & PFRULE_FRAGMENT) 960 printf(" fragment"); 961 if (r->rule_flag & PFRULE_NODF) 962 printf(" no-df"); 963 if (r->rule_flag & PFRULE_RANDOMID) --- 23 unchanged lines hidden (view full) --- 987 printf(" queue %s", r->qname); 988 if (r->tagname[0]) 989 printf(" tag %s", r->tagname); 990 if (r->match_tagname[0]) { 991 if (r->match_tag_not) 992 printf(" !"); 993 printf(" tagged %s", r->match_tagname); 994 } |
| 995 if (r->rtableid != -1) 996 printf(" rtable %u", r->rtableid); |
|
| 957 if (!anchor_call[0] && (r->action == PF_NAT || 958 r->action == PF_BINAT || r->action == PF_RDR)) { 959 printf(" -> "); 960 print_pool(&r->rpool, r->rpool.proxy_port[0], 961 r->rpool.proxy_port[1], r->af, r->action); 962 } | 997 if (!anchor_call[0] && (r->action == PF_NAT || 998 r->action == PF_BINAT || r->action == PF_RDR)) { 999 printf(" -> "); 1000 print_pool(&r->rpool, r->rpool.proxy_port[0], 1001 r->rpool.proxy_port[1], r->af, r->action); 1002 } |
| 963 printf("\n"); | |
| 964} 965 966void 967print_tabledef(const char *name, int flags, int addrs, 968 struct node_tinithead *nodes) 969{ 970 struct node_tinit *ti, *nti; 971 struct node_host *h; --- 176 unchanged lines hidden (view full) --- 1148 } 1149 } 1150 1151 iftab = h; 1152 freeifaddrs(ifap); 1153} 1154 1155struct node_host * | 1003} 1004 1005void 1006print_tabledef(const char *name, int flags, int addrs, 1007 struct node_tinithead *nodes) 1008{ 1009 struct node_tinit *ti, *nti; 1010 struct node_host *h; --- 176 unchanged lines hidden (view full) --- 1187 } 1188 } 1189 1190 iftab = h; 1191 freeifaddrs(ifap); 1192} 1193 1194struct node_host * |
| 1156ifa_exists(const char *ifa_name, int group_ok) | 1195ifa_exists(const char *ifa_name) |
| 1157{ 1158 struct node_host *n; | 1196{ 1197 struct node_host *n; |
| 1198 struct ifgroupreq ifgr; 1199 int s; |
|
| 1159 1160 if (iftab == NULL) 1161 ifa_load(); 1162 | 1200 1201 if (iftab == NULL) 1202 ifa_load(); 1203 |
| 1204 /* check wether this is a group */ 1205 if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1) 1206 err(1, "socket"); 1207 bzero(&ifgr, sizeof(ifgr)); 1208 strlcpy(ifgr.ifgr_name, ifa_name, sizeof(ifgr.ifgr_name)); 1209 if (ioctl(s, SIOCGIFGMEMB, (caddr_t)&ifgr) == 0) { 1210 /* fake a node_host */ 1211 if ((n = calloc(1, sizeof(*n))) == NULL) 1212 err(1, "calloc"); 1213 if ((n->ifname = strdup(ifa_name)) == NULL) 1214 err(1, "strdup"); 1215 close(s); 1216 return (n); 1217 } 1218 close(s); 1219 |
|
| 1163 for (n = iftab; n; n = n->next) { 1164 if (n->af == AF_LINK && !strncmp(n->ifname, ifa_name, IFNAMSIZ)) 1165 return (n); 1166 } 1167 1168 return (NULL); 1169} 1170 1171struct node_host * | 1220 for (n = iftab; n; n = n->next) { 1221 if (n->af == AF_LINK && !strncmp(n->ifname, ifa_name, IFNAMSIZ)) 1222 return (n); 1223 } 1224 1225 return (NULL); 1226} 1227 1228struct node_host * |
| 1229ifa_grouplookup(const char *ifa_name, int flags) 1230{ 1231 struct ifg_req *ifg; 1232 struct ifgroupreq ifgr; 1233 int s, len; 1234 struct node_host *n, *h = NULL; 1235 1236 if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1) 1237 err(1, "socket"); 1238 bzero(&ifgr, sizeof(ifgr)); 1239 strlcpy(ifgr.ifgr_name, ifa_name, sizeof(ifgr.ifgr_name)); 1240 if (ioctl(s, SIOCGIFGMEMB, (caddr_t)&ifgr) == -1) { 1241 close(s); 1242 return (NULL); 1243 } 1244 1245 len = ifgr.ifgr_len; 1246 if ((ifgr.ifgr_groups = calloc(1, len)) == NULL) 1247 err(1, "calloc"); 1248 if (ioctl(s, SIOCGIFGMEMB, (caddr_t)&ifgr) == -1) 1249 err(1, "SIOCGIFGMEMB"); 1250 1251 for (ifg = ifgr.ifgr_groups; ifg && len >= sizeof(struct ifg_req); 1252 ifg++) { 1253 len -= sizeof(struct ifg_req); 1254 if ((n = ifa_lookup(ifg->ifgrq_member, flags)) == NULL) 1255 continue; 1256 if (h == NULL) 1257 h = n; 1258 else { 1259 h->tail->next = n; 1260 h->tail = n->tail; 1261 } 1262 } 1263 free(ifgr.ifgr_groups); 1264 close(s); 1265 1266 return (h); 1267} 1268 1269struct node_host * |
|
| 1172ifa_lookup(const char *ifa_name, int flags) 1173{ 1174 struct node_host *p = NULL, *h = NULL, *n = NULL; 1175 int got4 = 0, got6 = 0; 1176 const char *last_if = NULL; 1177 | 1270ifa_lookup(const char *ifa_name, int flags) 1271{ 1272 struct node_host *p = NULL, *h = NULL, *n = NULL; 1273 int got4 = 0, got6 = 0; 1274 const char *last_if = NULL; 1275 |
| 1276 if ((h = ifa_grouplookup(ifa_name, flags)) != NULL) 1277 return (h); 1278 |
|
| 1178 if (!strncmp(ifa_name, "self", IFNAMSIZ)) 1179 ifa_name = NULL; 1180 1181 if (iftab == NULL) 1182 ifa_load(); 1183 1184 for (p = iftab; p; p = p->next) { 1185 if (ifa_skip_if(ifa_name, p)) --- 161 unchanged lines hidden (view full) --- 1347 return (NULL); 1348 } 1349 if ((flags & (PFI_AFLAG_NETWORK|PFI_AFLAG_BROADCAST)) && mask > -1) { 1350 fprintf(stderr, "network or broadcast lookup, but " 1351 "extra netmask given\n"); 1352 free(ps); 1353 return (NULL); 1354 } | 1279 if (!strncmp(ifa_name, "self", IFNAMSIZ)) 1280 ifa_name = NULL; 1281 1282 if (iftab == NULL) 1283 ifa_load(); 1284 1285 for (p = iftab; p; p = p->next) { 1286 if (ifa_skip_if(ifa_name, p)) --- 161 unchanged lines hidden (view full) --- 1448 return (NULL); 1449 } 1450 if ((flags & (PFI_AFLAG_NETWORK|PFI_AFLAG_BROADCAST)) && mask > -1) { 1451 fprintf(stderr, "network or broadcast lookup, but " 1452 "extra netmask given\n"); 1453 free(ps); 1454 return (NULL); 1455 } |
| 1355 if (ifa_exists(ps, 1) || !strncmp(ps, "self", IFNAMSIZ)) { | 1456 if (ifa_exists(ps) || !strncmp(ps, "self", IFNAMSIZ)) { |
| 1356 /* interface with this name exists */ 1357 h = ifa_lookup(ps, flags); 1358 for (n = h; n != NULL && mask > -1; n = n->next) 1359 set_ipmask(n, mask); 1360 } 1361 1362 free(ps); 1363 return (h); --- 242 unchanged lines hidden --- | 1457 /* interface with this name exists */ 1458 h = ifa_lookup(ps, flags); 1459 for (n = h; n != NULL && mask > -1; n = n->next) 1460 set_ipmask(n, mask); 1461 } 1462 1463 free(ps); 1464 return (h); --- 242 unchanged lines hidden --- |