Cross Reference: /freebsd-10.2-release/contrib/libpcap/gencode.c

Deleted Added

sdiff udiff text old ( 162015 ) new ( 172680 )

full compact

gencode.c (162015)	gencode.c (172680)
1/#define CHASE_CHAIN/ 2/* 3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998 4 * The Regents of the University of California. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that: (1) source code distributions 8 * retain the above copyright notice and this paragraph in its entirety, (2) --- 5 unchanged lines hidden (view full) --- 14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 15 * the University nor the names of its contributors may be used to endorse 16 * or promote products derived from this software without specific prior 17 * written permission. 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 21 *	1/#define CHASE_CHAIN/ 2/* 3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998 4 * The Regents of the University of California. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that: (1) source code distributions 8 * retain the above copyright notice and this paragraph in its entirety, (2) --- 5 unchanged lines hidden (view full) --- 14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 15 * the University nor the names of its contributors may be used to endorse 16 * or promote products derived from this software without specific prior 17 * written permission. 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 21 *
22 * $FreeBSD: head/contrib/libpcap/gencode.c 162015 2006-09-04 19:54:21Z sam $	22 * $FreeBSD: head/contrib/libpcap/gencode.c 172680 2007-10-16 02:07:55Z mlaier $
23 */ 24#ifndef lint 25static const char rcsid[] _U_ =	23 */ 24#ifndef lint 25static const char rcsid[] _U_ =
26 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.221.2.34 2005/09/05 09:08:04 guy Exp $ (LBL)";	26 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.221.2.53 2007/09/12 19:17:24 guy Exp $ (LBL)";
27#endif 28 29#ifdef HAVE_CONFIG_H 30#include "config.h" 31#endif 32 33#ifdef WIN32 34#include <pcap-stdinc.h> --- 35 unchanged lines hidden (view full) --- 70#include "nlpid.h" 71#include "llc.h" 72#include "gencode.h" 73#include "atmuni31.h" 74#include "sunatmpos.h" 75#include "ppp.h" 76#include "sll.h" 77#include "arcnet.h"	27#endif 28 29#ifdef HAVE_CONFIG_H 30#include "config.h" 31#endif 32 33#ifdef WIN32 34#include <pcap-stdinc.h> --- 35 unchanged lines hidden (view full) --- 70#include "nlpid.h" 71#include "llc.h" 72#include "gencode.h" 73#include "atmuni31.h" 74#include "sunatmpos.h" 75#include "ppp.h" 76#include "sll.h" 77#include "arcnet.h"
78#include "pf.h"	78#ifdef HAVE_NET_PFVAR_H 79#include <sys/socket.h> 80#include <net/if.h> 81#include <net/pfvar.h> 82#include <net/if_pflog.h> 83#endif
79#ifndef offsetof 80#define offsetof(s, e) ((size_t)&((s )0)->e) 81#endif 82#ifdef INET6 83#ifndef WIN32 84#include <netdb.h> / for "struct addrinfo" / 85#endif / WIN32 / 86#endif /INET6/ --- 10 unchanged lines hidden* (view full) --- 97#endif 98 99#define JMP(c) ((c)\|BPF_JMP\|BPF_K) 100 101/* Locals / 102static jmp_buf top_ctx; 103static pcap_t bpf_pcap; 104	84#ifndef offsetof 85#define offsetof(s, e) ((size_t)&((s )0)->e) 86#endif 87#ifdef INET6 88#ifndef WIN32 89#include <netdb.h> / for "struct addrinfo" / 90#endif / WIN32 / 91#endif /INET6/ --- 10 unchanged lines hidden* (view full) --- 102#endif 103 104#define JMP(c) ((c)\|BPF_JMP\|BPF_K) 105 106/* Locals / 107static jmp_buf top_ctx; 108static pcap_t bpf_pcap; 109
	110#ifdef WIN32
105/* Hack for updating VLAN, MPLS, and PPPoE offsets. */	111/* Hack for updating VLAN, MPLS, and PPPoE offsets. */
	112static u_int orig_linktype = (u_int)-1, orig_nl = (u_int)-1, label_stack_depth = (u_int)-1; 113#else
106static u_int orig_linktype = -1U, orig_nl = -1U, label_stack_depth = -1U;	114static u_int orig_linktype = -1U, orig_nl = -1U, label_stack_depth = -1U;
	115#endif
107 108/* XXX / 109#ifdef PCAP_FDDIPAD 110static int pcap_fddipad; 111#endif 112* 113/* VARARGS / 114void --- 71 unchanged lines hidden* (view full) --- 186static struct slist gen_load_a(enum e_offrel, u_int, u_int); 187static struct slist gen_loadx_iphdrlen(void); 188static struct block gen_uncond(int); 189static inline struct block gen_true(void); 190static inline struct block gen_false(void); 191static struct block gen_ether_linktype(int); 192static struct block gen_linux_sll_linktype(int); 193static void insert_radiotap_load_llprefixlen(struct block );	116 117/* XXX / 118#ifdef PCAP_FDDIPAD 119static int pcap_fddipad; 120#endif 121* 122/* VARARGS / 123void --- 71 unchanged lines hidden* (view full) --- 195static struct slist gen_load_a(enum e_offrel, u_int, u_int); 196static struct slist gen_loadx_iphdrlen(void); 197static struct block gen_uncond(int); 198static inline struct block gen_true(void); 199static inline struct block gen_false(void); 200static struct block gen_ether_linktype(int); 201static struct block gen_linux_sll_linktype(int); 202static void insert_radiotap_load_llprefixlen(struct block );
	203static void insert_ppi_load_llprefixlen(struct block *);
194static void insert_load_llprefixlen(struct block ); 195static struct slist gen_llprefixlen(void); 196static struct block gen_linktype(int); 197static struct block gen_snap(bpf_u_int32, bpf_u_int32, u_int); 198static struct block gen_llc_linktype(int); 199static struct block gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int); 200#ifdef INET6 201static struct block gen_hostop6(struct in6_addr , struct in6_addr , int, int, u_int, u_int); 202#endif 203static struct block gen_ahostop(const u_char , int); 204static struct block gen_ehostop(const u_char , int); 205static struct block gen_fhostop(const u_char , int); 206static struct block gen_thostop(const u_char , int); 207static struct block gen_wlanhostop(const u_char , int); 208static struct block gen_ipfchostop(const u_char , int); 209static struct block gen_dnhostop(bpf_u_int32, int); 210static struct block *gen_mpls_linktype(int);	204static void insert_load_llprefixlen(struct block ); 205static struct slist gen_llprefixlen(void); 206static struct block gen_linktype(int); 207static struct block gen_snap(bpf_u_int32, bpf_u_int32, u_int); 208static struct block gen_llc_linktype(int); 209static struct block gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int); 210#ifdef INET6 211static struct block gen_hostop6(struct in6_addr , struct in6_addr , int, int, u_int, u_int); 212#endif 213static struct block gen_ahostop(const u_char , int); 214static struct block gen_ehostop(const u_char , int); 215static struct block gen_fhostop(const u_char , int); 216static struct block gen_thostop(const u_char , int); 217static struct block gen_wlanhostop(const u_char , int); 218static struct block gen_ipfchostop(const u_char , int); 219static struct block gen_dnhostop(bpf_u_int32, int); 220static struct block *gen_mpls_linktype(int);
211static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int);	221static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int, int);
212#ifdef INET6	222#ifdef INET6
213static struct block gen_host6(struct in6_addr , struct in6_addr *, int, int);	223static struct block gen_host6(struct in6_addr , struct in6_addr *, int, int, int);
214#endif 215#ifndef INET6 216static struct block gen_gateway(const u_char , bpf_u_int32 *, int, int); 217#endif 218static struct block gen_ipfrag(void); 219static struct block gen_portatom(int, bpf_int32); 220static struct block gen_portrangeatom(int, bpf_int32, bpf_int32); 221#ifdef INET6 --- 13 unchanged lines hidden (view full) --- 235static int lookup_proto(const char , int); 236static struct block gen_protochain(int, int, int); 237static struct block gen_proto(int, int, int); 238static struct slist xfer_to_x(struct arth ); 239static struct slist xfer_to_a(struct arth ); 240static struct block gen_mac_multicast(int); 241static struct block gen_len(int, int); 242*	224#endif 225#ifndef INET6 226static struct block gen_gateway(const u_char , bpf_u_int32 *, int, int); 227#endif 228static struct block gen_ipfrag(void); 229static struct block gen_portatom(int, bpf_int32); 230static struct block gen_portrangeatom(int, bpf_int32, bpf_int32); 231#ifdef INET6 --- 13 unchanged lines hidden (view full) --- 245static int lookup_proto(const char , int); 246static struct block gen_protochain(int, int, int); 247static struct block gen_proto(int, int, int); 248static struct slist xfer_to_x(struct arth ); 249static struct slist xfer_to_a(struct arth ); 250static struct block gen_mac_multicast(int); 251static struct block gen_len(int, int); 252*
	253static struct block *gen_ppi_dlt_check(void);
243static struct block gen_msg_abbrev(int type); 244* 245static void * 246newchunk(n) 247 u_int n; 248{ 249 struct chunk cp; 250* int k; --- 94 unchanged lines hidden (view full) --- 345} 346 347static bpf_u_int32 netmask; 348static int snaplen; 349int no_optimize; 350 351int 352pcap_compile(pcap_t p, struct bpf_program program,	254static struct block gen_msg_abbrev(int type); 255* 256static void * 257newchunk(n) 258 u_int n; 259{ 260 struct chunk cp; 261* int k; --- 94 unchanged lines hidden (view full) --- 356} 357 358static bpf_u_int32 netmask; 359static int snaplen; 360int no_optimize; 361 362int 363pcap_compile(pcap_t p, struct bpf_program program,
353 char *buf, int optimize, bpf_u_int32 mask)	364 const char *buf, int optimize, bpf_u_int32 mask)
354{ 355 extern int n_errors;	365{ 366 extern int n_errors;
	367 const char * volatile xbuf = buf;
356 int len; 357 358 no_optimize = 0; 359 n_errors = 0; 360 root = NULL; 361 bpf_pcap = p; 362 if (setjmp(top_ctx)) { 363 lex_cleanup(); --- 5 unchanged lines hidden (view full) --- 369 370 snaplen = pcap_snapshot(p); 371 if (snaplen == 0) { 372 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 373 "snaplen of 0 rejects all packets"); 374 return -1; 375 } 376	368 int len; 369 370 no_optimize = 0; 371 n_errors = 0; 372 root = NULL; 373 bpf_pcap = p; 374 if (setjmp(top_ctx)) { 375 lex_cleanup(); --- 5 unchanged lines hidden (view full) --- 381 382 snaplen = pcap_snapshot(p); 383 if (snaplen == 0) { 384 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 385 "snaplen of 0 rejects all packets"); 386 return -1; 387 } 388
377 lex_init(buf ? buf : "");	389 lex_init(xbuf ? xbuf : "");
378 init_linktype(p); 379 (void)pcap_parse(); 380 381 if (n_errors) 382 syntax(); 383 384 if (root == NULL) 385 root = gen_retblk(snaplen); --- 14 unchanged lines hidden (view full) --- 400 401/* 402 * entry point for using the compiler with no pcap open 403 * pass in all the stuff that is needed explicitly instead. 404 / 405int 406pcap_compile_nopcap(int snaplen_arg, int linktype_arg, 407* struct bpf_program *program,	390 init_linktype(p); 391 (void)pcap_parse(); 392 393 if (n_errors) 394 syntax(); 395 396 if (root == NULL) 397 root = gen_retblk(snaplen); --- 14 unchanged lines hidden (view full) --- 412 413/* 414 * entry point for using the compiler with no pcap open 415 * pass in all the stuff that is needed explicitly instead. 416 / 417int 418pcap_compile_nopcap(int snaplen_arg, int linktype_arg, 419* struct bpf_program *program,
408 char *buf, int optimize, bpf_u_int32 mask)	420 const char *buf, int optimize, bpf_u_int32 mask)
409{ 410 pcap_t p; 411* int ret; 412 413 p = pcap_open_dead(linktype_arg, snaplen_arg); 414 if (p == NULL) 415 return (-1); 416 ret = pcap_compile(p, program, buf, optimize, mask); --- 52 unchanged lines hidden (view full) --- 469 /* Find end of list. / 470* while (p) 471* p = !((p)->sense) ? &JT(p) : &JF(p); 472* 473 /* Concatenate the lists. / 474* p = b1; 475} 476*	421{ 422 pcap_t p; 423* int ret; 424 425 p = pcap_open_dead(linktype_arg, snaplen_arg); 426 if (p == NULL) 427 return (-1); 428 ret = pcap_compile(p, program, buf, optimize, mask); --- 52 unchanged lines hidden (view full) --- 481 /* Find end of list. / 482* while (p) 483* p = !((p)->sense) ? &JT(p) : &JF(p); 484* 485 /* Concatenate the lists. / 486* p = b1; 487} 488*
	489
477void 478finish_parse(p) 479 struct block p; 480*{	490void 491finish_parse(p) 492 struct block p; 493*{
	494 struct block ppi_dlt_check; 495* 496 ppi_dlt_check = gen_ppi_dlt_check(); 497 498 if (ppi_dlt_check != NULL) 499 { 500 gen_and(ppi_dlt_check, p); 501 } 502
481 backpatch(p, gen_retblk(snaplen)); 482 p->sense = !p->sense; 483 backpatch(p, gen_retblk(0)); 484 root = p->head; 485 486 /* 487 * Insert before the statements of the first (root) block any 488 * statements needed to load the lengths of any variable-length --- 4 unchanged lines hidden (view full) --- 493 * have no predecessors that use them, so that we only compute 494 * the lengths if we need them. There might be even better 495 * approaches than that. However, as we're currently only 496 * handling variable-length radiotap headers, and as all 497 * filtering expressions other than raw link[M:N] tests 498 * require the length of that header, doing more for that 499 * header length isn't really worth the effort. 500 */	503 backpatch(p, gen_retblk(snaplen)); 504 p->sense = !p->sense; 505 backpatch(p, gen_retblk(0)); 506 root = p->head; 507 508 /* 509 * Insert before the statements of the first (root) block any 510 * statements needed to load the lengths of any variable-length --- 4 unchanged lines hidden (view full) --- 515 * have no predecessors that use them, so that we only compute 516 * the lengths if we need them. There might be even better 517 * approaches than that. However, as we're currently only 518 * handling variable-length radiotap headers, and as all 519 * filtering expressions other than raw link[M:N] tests 520 * require the length of that header, doing more for that 521 * header length isn't really worth the effort. 522 */
	523
501 insert_load_llprefixlen(root); 502} 503 504void 505gen_and(b0, b1) 506 struct block b0, b1; 507{ 508 backpatch(b0, b1->head); --- 156 unchanged lines hidden (view full) --- 665 * If the link layer has variable_length headers, the offsets are offsets 666 * from the end of the link-link-layer header, and "reg_ll_size" is 667 * the register number for a register containing the length of the 668 * link-layer header. Otherwise, "reg_ll_size" is -1. 669 / 670static int reg_ll_size; 671* 672/*	524 insert_load_llprefixlen(root); 525} 526 527void 528gen_and(b0, b1) 529 struct block b0, b1; 530{ 531 backpatch(b0, b1->head); --- 156 unchanged lines hidden (view full) --- 688 * If the link layer has variable_length headers, the offsets are offsets 689 * from the end of the link-link-layer header, and "reg_ll_size" is 690 * the register number for a register containing the length of the 691 * link-layer header. Otherwise, "reg_ll_size" is -1. 692 / 693static int reg_ll_size; 694* 695/*
673 * This is the offset of the beginning of the link-layer header.	696 * This is the offset of the beginning of the link-layer header from 697 * the beginning of the raw packet data. 698 *
674 * It's usually 0, except for 802.11 with a fixed-length radio header.	699 * It's usually 0, except for 802.11 with a fixed-length radio header.
	700 * (For 802.11 with a variable-length radio header, we have to generate 701 * code to compute that offset; off_ll is 0 in that case.)
675 / 676static u_int off_ll; 677* 678/* 679 * This is the offset of the beginning of the MAC-layer header.	702 / 703static u_int off_ll; 704* 705/* 706 * This is the offset of the beginning of the MAC-layer header.
680 * It's usually 0, except for ATM LANE.	707 * It's usually 0, except for ATM LANE, where it's the offset, relative 708 * to the beginning of the raw packet data, of the Ethernet header.
681 / 682static u_int off_mac; 683* 684/* 685 * "off_linktype" is the offset to information in the link-layer header	709 / 710static u_int off_mac; 711* 712/* 713 * "off_linktype" is the offset to information in the link-layer header
686 * giving the packet type.	714 * giving the packet type. This offset is relative to the beginning 715 * of the link-layer header (i.e., it doesn't include off_ll).
687 * 688 * For Ethernet, it's the offset of the Ethernet type field. 689 * 690 * For link-layer types that always use 802.2 headers, it's the 691 * offset of the LLC header. 692 * 693 * For PPP, it's the offset of the PPP type field. 694 * --- 21 unchanged lines hidden (view full) --- 716/* 717 * These are offsets for the ATM pseudo-header. 718 / 719static u_int off_vpi; 720static u_int off_vci; 721static u_int off_proto; 722* 723/*	716 * 717 * For Ethernet, it's the offset of the Ethernet type field. 718 * 719 * For link-layer types that always use 802.2 headers, it's the 720 * offset of the LLC header. 721 * 722 * For PPP, it's the offset of the PPP type field. 723 * --- 21 unchanged lines hidden (view full) --- 745/* 746 * These are offsets for the ATM pseudo-header. 747 / 748static u_int off_vpi; 749static u_int off_vci; 750static u_int off_proto; 751* 752/*
	753 * These are offsets for the MTP2 fields. 754 / 755static u_int off_li; 756* 757/*
724 * These are offsets for the MTP3 fields. 725 / 726static u_int off_sio; 727static u_int off_opc; 728static u_int off_dpc; 729static u_int off_sls; 730* 731/* 732 * This is the offset of the first byte after the ATM pseudo_header, 733 * or -1 if there is no ATM pseudo-header. 734 / 735static u_int off_payload; 736* 737/* 738 * These are offsets to the beginning of the network-layer header.	758 * These are offsets for the MTP3 fields. 759 / 760static u_int off_sio; 761static u_int off_opc; 762static u_int off_dpc; 763static u_int off_sls; 764* 765/* 766 * This is the offset of the first byte after the ATM pseudo_header, 767 * or -1 if there is no ATM pseudo-header. 768 / 769static u_int off_payload; 770* 771/* 772 * These are offsets to the beginning of the network-layer header.
	773 * They are relative to the beginning of the link-layer header (i.e., 774 * they don't include off_ll).
739 * 740 * If the link layer never uses 802.2 LLC: 741 * 742 * "off_nl" and "off_nl_nosnap" are the same. 743 * 744 * If the link layer always uses 802.2 LLC: 745 * 746 * "off_nl" is the offset if there's a SNAP header following --- 32 unchanged lines hidden (view full) --- 779 off_vpi = -1; 780 off_vci = -1; 781 off_proto = -1; 782 off_payload = -1; 783 784 /* 785 * And assume we're not doing SS7. 786 */	775 * 776 * If the link layer never uses 802.2 LLC: 777 * 778 * "off_nl" and "off_nl_nosnap" are the same. 779 * 780 * If the link layer always uses 802.2 LLC: 781 * 782 * "off_nl" is the offset if there's a SNAP header following --- 32 unchanged lines hidden (view full) --- 815 off_vpi = -1; 816 off_vci = -1; 817 off_proto = -1; 818 off_payload = -1; 819 820 /* 821 * And assume we're not doing SS7. 822 */
	823 off_li = -1;
787 off_sio = -1; 788 off_opc = -1; 789 off_dpc = -1; 790 off_sls = -1; 791 792 /* 793 * Also assume it's not 802.11 with a fixed-length radio header. 794 / --- 158 unchanged lines hidden* (view full) --- 953 * information including radio-level information. 954 * 955 * The header is 144 bytes long. 956 * 957 * XXX - same variable-length header problem; at least 958 * the Prism header is fixed-length. 959 / 960* off_ll = 144;	824 off_sio = -1; 825 off_opc = -1; 826 off_dpc = -1; 827 off_sls = -1; 828 829 /* 830 * Also assume it's not 802.11 with a fixed-length radio header. 831 / --- 158 unchanged lines hidden* (view full) --- 990 * information including radio-level information. 991 * 992 * The header is 144 bytes long. 993 * 994 * XXX - same variable-length header problem; at least 995 * the Prism header is fixed-length. 996 / 997* off_ll = 144;
961 off_linktype = 144+24; 962 off_nl = 144+32; /* Prism+802.11+802.2+SNAP / 963* off_nl_nosnap = 144+27; /* Prism+802.11+802.2 */	998 off_linktype = 24; 999 off_nl = 32; /* Prism+802.11+802.2+SNAP / 1000* off_nl_nosnap = 27; /* Prism+802.11+802.2 */
964 return; 965 966 case DLT_IEEE802_11_RADIO_AVS: 967 /* 968 * Same as 802.11, but with an additional header before 969 * the 802.11 header, containing a bunch of additional 970 * information including radio-level information. 971 * 972 * The header is 64 bytes long, at least in its 973 * current incarnation. 974 * 975 * XXX - same variable-length header problem, only 976 * more so; this header is also variable-length, 977 * with the length being the 32-bit big-endian 978 * number at an offset of 4 from the beginning	1001 return; 1002 1003 case DLT_IEEE802_11_RADIO_AVS: 1004 /* 1005 * Same as 802.11, but with an additional header before 1006 * the 802.11 header, containing a bunch of additional 1007 * information including radio-level information. 1008 * 1009 * The header is 64 bytes long, at least in its 1010 * current incarnation. 1011 * 1012 * XXX - same variable-length header problem, only 1013 * more so; this header is also variable-length, 1014 * with the length being the 32-bit big-endian 1015 * number at an offset of 4 from the beginning
979 * of the radio header.	1016 * of the radio header. We should handle that the 1017 * same way we handle the length at the beginning 1018 * of the radiotap header. 1019 * 1020 * XXX - in Linux, do any drivers that supply an AVS 1021 * header supply a link-layer type other than 1022 * ARPHRD_IEEE80211_PRISM? If so, we should map that 1023 * to DLT_IEEE802_11_RADIO_AVS; if not, or if there are 1024 * any drivers that supply an AVS header but supply 1025 * an ARPHRD value of ARPHRD_IEEE80211_PRISM, we'll 1026 * have to check the header in the generated code to 1027 * determine whether it's Prism or AVS.
980 / 981* off_ll = 64;	1028 / 1029* off_ll = 64;
982 off_linktype = 64+24; 983 off_nl = 64+32; /* Radio+802.11+802.2+SNAP / 984* off_nl_nosnap = 64+27; /* Radio+802.11+802.2 */	1030 off_linktype = 24; 1031 off_nl = 32; /* Radio+802.11+802.2+SNAP / 1032* off_nl_nosnap = 27; /* Radio+802.11+802.2 */
985 return; 986	1033 return; 1034
	1035 1036 /* 1037 * At the moment we treat PPI as normal Radiotap encoded 1038 * packets. The difference is in the function that generates 1039 * the code at the beginning to compute the header length. 1040 * Since this code generator of PPI supports bare 802.11 1041 * encapsulation only (i.e. the encapsulated DLT should be 1042 * DLT_IEEE802_11) we generate code to check for this too. 1043 / 1044* case DLT_PPI:
987 case DLT_IEEE802_11_RADIO: 988 /* 989 * Same as 802.11, but with an additional header before 990 * the 802.11 header, containing a bunch of additional 991 * information including radio-level information. 992 * 993 * The radiotap header is variable length, and we 994 * generate code to compute its length and store it --- 83 unchanged lines hidden (view full) --- 1078 * XXX - we should set this to handle SNAP-encapsulated 1079 * frames (NLPID of 0x80). 1080 / 1081* off_linktype = -1; 1082 off_nl = 0; 1083 off_nl_nosnap = 0; /* no 802.2 LLC / 1084* return; 1085	1045 case DLT_IEEE802_11_RADIO: 1046 /* 1047 * Same as 802.11, but with an additional header before 1048 * the 802.11 header, containing a bunch of additional 1049 * information including radio-level information. 1050 * 1051 * The radiotap header is variable length, and we 1052 * generate code to compute its length and store it --- 83 unchanged lines hidden (view full) --- 1136 * XXX - we should set this to handle SNAP-encapsulated 1137 * frames (NLPID of 0x80). 1138 / 1139* off_linktype = -1; 1140 off_nl = 0; 1141 off_nl_nosnap = 0; /* no 802.2 LLC / 1142* return; 1143
	1144 /* 1145 * the only BPF-interesting FRF.16 frames are non-control frames; 1146 * Frame Relay has a variable length link-layer 1147 * so lets start with offset 4 for now and increments later on (FIXME); 1148 / 1149* case DLT_MFR: 1150 off_linktype = -1; 1151 off_nl = 4; 1152 off_nl_nosnap = 0; /* XXX - for now -> no 802.2 LLC / 1153* return; 1154
1086 case DLT_APPLE_IP_OVER_IEEE1394: 1087 off_linktype = 16; 1088 off_nl = 18; 1089 off_nl_nosnap = 18; /* no 802.2 LLC / 1090* return; 1091 1092 case DLT_LINUX_IRDA: 1093 /* --- 14 unchanged lines hidden (view full) --- 1108 return; 1109 1110 case DLT_SYMANTEC_FIREWALL: 1111 off_linktype = 6; 1112 off_nl = 44; /* Ethernet II / 1113* off_nl_nosnap = 44; /* XXX - what does it do with 802.3 packets? / 1114* return; 1115	1155 case DLT_APPLE_IP_OVER_IEEE1394: 1156 off_linktype = 16; 1157 off_nl = 18; 1158 off_nl_nosnap = 18; /* no 802.2 LLC / 1159* return; 1160 1161 case DLT_LINUX_IRDA: 1162 /* --- 14 unchanged lines hidden (view full) --- 1177 return; 1178 1179 case DLT_SYMANTEC_FIREWALL: 1180 off_linktype = 6; 1181 off_nl = 44; /* Ethernet II / 1182* off_nl_nosnap = 44; /* XXX - what does it do with 802.3 packets? / 1183* return; 1184
	1185#ifdef HAVE_NET_PFVAR_H
1116 case DLT_PFLOG: 1117 off_linktype = 0;	1186 case DLT_PFLOG: 1187 off_linktype = 0;
1118 /* XXX read this from pf.h? */
1119 off_nl = PFLOG_HDRLEN; 1120 off_nl_nosnap = PFLOG_HDRLEN; /* no 802.2 LLC / 1121* return;	1188 off_nl = PFLOG_HDRLEN; 1189 off_nl_nosnap = PFLOG_HDRLEN; /* no 802.2 LLC / 1190* return;
	1191#endif
1122 1123 case DLT_JUNIPER_MFR: 1124 case DLT_JUNIPER_MLFR: 1125 case DLT_JUNIPER_MLPPP: 1126 case DLT_JUNIPER_PPP: 1127 case DLT_JUNIPER_CHDLC: 1128 case DLT_JUNIPER_FRELAY: 1129 off_linktype = 4; --- 47 unchanged lines hidden (view full) --- 1177 return; 1178 1179 case DLT_JUNIPER_SERVICES: 1180 off_linktype = 12; 1181 off_nl = -1; /* L3 proto location dep. on cookie type / 1182* off_nl_nosnap = -1; /* no 802.2 LLC / 1183* return; 1184	1192 1193 case DLT_JUNIPER_MFR: 1194 case DLT_JUNIPER_MLFR: 1195 case DLT_JUNIPER_MLPPP: 1196 case DLT_JUNIPER_PPP: 1197 case DLT_JUNIPER_CHDLC: 1198 case DLT_JUNIPER_FRELAY: 1199 off_linktype = 4; --- 47 unchanged lines hidden (view full) --- 1247 return; 1248 1249 case DLT_JUNIPER_SERVICES: 1250 off_linktype = 12; 1251 off_nl = -1; /* L3 proto location dep. on cookie type / 1252* off_nl_nosnap = -1; /* no 802.2 LLC / 1253* return; 1254
	1255 case DLT_JUNIPER_VP: 1256 off_linktype = 18; 1257 off_nl = -1; 1258 off_nl_nosnap = -1; 1259 return; 1260
1185 case DLT_MTP2:	1261 case DLT_MTP2:
	1262 off_li = 2;
1186 off_sio = 3; 1187 off_opc = 4; 1188 off_dpc = 4; 1189 off_sls = 7; 1190 off_linktype = -1; 1191 off_nl = -1; 1192 off_nl_nosnap = -1; 1193 return; 1194	1263 off_sio = 3; 1264 off_opc = 4; 1265 off_dpc = 4; 1266 off_sls = 7; 1267 off_linktype = -1; 1268 off_nl = -1; 1269 off_nl_nosnap = -1; 1270 return; 1271
	1272 case DLT_MTP2_WITH_PHDR: 1273 off_li = 6; 1274 off_sio = 7; 1275 off_opc = 8; 1276 off_dpc = 8; 1277 off_sls = 11; 1278 off_linktype = -1; 1279 off_nl = -1; 1280 off_nl_nosnap = -1; 1281 return; 1282
1195#ifdef DLT_PFSYNC 1196 case DLT_PFSYNC: 1197 off_linktype = -1; 1198 off_nl = 4; 1199 off_nl_nosnap = 4; 1200 return; 1201#endif 1202 1203 case DLT_LINUX_LAPD: 1204 /* 1205 * Currently, only raw "link[N:M]" filtering is supported. 1206 / 1207* off_linktype = -1; 1208 off_nl = -1; 1209 off_nl_nosnap = -1; 1210 return;	1283#ifdef DLT_PFSYNC 1284 case DLT_PFSYNC: 1285 off_linktype = -1; 1286 off_nl = 4; 1287 off_nl_nosnap = 4; 1288 return; 1289#endif 1290 1291 case DLT_LINUX_LAPD: 1292 /* 1293 * Currently, only raw "link[N:M]" filtering is supported. 1294 / 1295* off_linktype = -1; 1296 off_nl = -1; 1297 off_nl_nosnap = -1; 1298 return;
	1299 1300 case DLT_USB: 1301 /* 1302 * Currently, only raw "link[N:M]" filtering is supported. 1303 / 1304* off_linktype = -1; 1305 off_nl = -1; 1306 off_nl_nosnap = -1; 1307 return; 1308 1309 case DLT_BLUETOOTH_HCI_H4: 1310 /* 1311 * Currently, only raw "link[N:M]" filtering is supported. 1312 / 1313* off_linktype = -1; 1314 off_nl = -1; 1315 off_nl_nosnap = -1; 1316 return;
1211 } 1212 bpf_error("unknown data link type %d", linktype); 1213 /* NOTREACHED / 1214} 1215* 1216/* 1217 * Load a value relative to the beginning of the link-layer header. 1218 * The link-layer header doesn't necessarily begin at the beginning --- 7 unchanged lines hidden (view full) --- 1226 struct slist s, s2; 1227 1228 s = gen_llprefixlen(); 1229 1230 /* 1231 * If "s" is non-null, it has code to arrange that the X register 1232 * contains the length of the prefix preceding the link-layer 1233 * header.	1317 } 1318 bpf_error("unknown data link type %d", linktype); 1319 /* NOTREACHED / 1320} 1321* 1322/* 1323 * Load a value relative to the beginning of the link-layer header. 1324 * The link-layer header doesn't necessarily begin at the beginning --- 7 unchanged lines hidden (view full) --- 1332 struct slist s, s2; 1333 1334 s = gen_llprefixlen(); 1335 1336 /* 1337 * If "s" is non-null, it has code to arrange that the X register 1338 * contains the length of the prefix preceding the link-layer 1339 * header.
	1340 * 1341 * Otherwise, the length of the prefix preceding the link-layer 1342 * header is "off_ll".
1234 / 1235* if (s != NULL) {	1343 / 1344* if (s != NULL) {
	1345 /* 1346 * There's a variable-length prefix preceding the 1347 * link-layer header. "s" points to a list of statements 1348 * that put the length of that prefix into the X register. 1349 * do an indirect load, to use the X register as an offset. 1350 */
1236 s2 = new_stmt(BPF_LD\|BPF_IND\|size); 1237 s2->s.k = offset; 1238 sappend(s, s2); 1239 } else {	1351 s2 = new_stmt(BPF_LD\|BPF_IND\|size); 1352 s2->s.k = offset; 1353 sappend(s, s2); 1354 } else {
	1355 /* 1356 * There is no variable-length header preceding the 1357 * link-layer header; add in off_ll, which, if there's 1358 * a fixed-length header preceding the link-layer header, 1359 * is the length of that header. 1360 */
1240 s = new_stmt(BPF_LD\|BPF_ABS\|size);	1361 s = new_stmt(BPF_LD\|BPF_ABS\|size);
1241 s->s.k = offset;	1362 s->s.k = offset + off_ll;
1242 } 1243 return s; 1244} 1245	1363 } 1364 return s; 1365} 1366
	1367
1246/* 1247 * Load a value relative to the beginning of the specified header. 1248 / 1249static struct slist 1250gen_load_a(offrel, offset, size) 1251 enum e_offrel offrel; 1252 u_int offset, size; 1253{ 1254 struct slist s, s2; 1255 1256 switch (offrel) { 1257 1258 case OR_PACKET:	1368/* 1369 * Load a value relative to the beginning of the specified header. 1370 / 1371static struct slist 1372gen_load_a(offrel, offset, size) 1373 enum e_offrel offrel; 1374 u_int offset, size; 1375{ 1376 struct slist s, s2; 1377 1378 switch (offrel) { 1379 1380 case OR_PACKET:
1259 s = gen_load_llrel(offset, size);	1381 s = new_stmt(BPF_LD\|BPF_ABS\|size); 1382 s->s.k = offset;
1260 break; 1261 1262 case OR_LINK:	1383 break; 1384 1385 case OR_LINK:
1263 s = gen_load_llrel(off_ll + offset, size);	1386 s = gen_load_llrel(offset, size);
1264 break; 1265 1266 case OR_NET: 1267 s = gen_load_llrel(off_nl + offset, size); 1268 break; 1269 1270 case OR_NET_NOSNAP: 1271 s = gen_load_llrel(off_nl_nosnap + offset, size); 1272 break; 1273 1274 case OR_TRAN_IPV4: 1275 /*	1387 break; 1388 1389 case OR_NET: 1390 s = gen_load_llrel(off_nl + offset, size); 1391 break; 1392 1393 case OR_NET_NOSNAP: 1394 s = gen_load_llrel(off_nl_nosnap + offset, size); 1395 break; 1396 1397 case OR_TRAN_IPV4: 1398 /*
1276 * Load the X register with the length of the IPv4 header, 1277 * in bytes.	1399 * Load the X register with the length of the IPv4 header 1400 * (plus the offset of the link-layer header, if it's 1401 * preceded by a variable-length header such as a radio 1402 * header), in bytes.
1278 / 1279* s = gen_loadx_iphdrlen(); 1280 1281 /*	1403 / 1404* s = gen_loadx_iphdrlen(); 1405 1406 /*
1282 * Load the item at {length of the link-layer header} + 1283 * {length of the IPv4 header} + {specified offset}.	1407 * Load the item at {offset of the link-layer header} + 1408 * {offset, relative to the start of the link-layer 1409 * header, of the IPv4 header} + {length of the IPv4 header} + 1410 * {specified offset}. 1411 * 1412 * (If the link-layer is variable-length, it's included 1413 * in the value in the X register, and off_ll is 0.)
1284 / 1285* s2 = new_stmt(BPF_LD\|BPF_IND\|size);	1414 / 1415* s2 = new_stmt(BPF_LD\|BPF_IND\|size);
1286 s2->s.k = off_nl + offset;	1416 s2->s.k = off_ll + off_nl + offset;
1287 sappend(s, s2); 1288 break; 1289 1290 case OR_TRAN_IPV6: 1291 s = gen_load_llrel(off_nl + 40 + offset, size); 1292 break; 1293 1294 default: --- 41 unchanged lines hidden (view full) --- 1336 * header, which is still in the X register, and 1337 * move the result into the X register. 1338 / 1339* sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 1340 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 1341 } else { 1342 /* 1343 * There is no variable-length header preceding the	1417 sappend(s, s2); 1418 break; 1419 1420 case OR_TRAN_IPV6: 1421 s = gen_load_llrel(off_nl + 40 + offset, size); 1422 break; 1423 1424 default: --- 41 unchanged lines hidden (view full) --- 1466 * header, which is still in the X register, and 1467 * move the result into the X register. 1468 / 1469* sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 1470 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 1471 } else { 1472 /* 1473 * There is no variable-length header preceding the
1344 * link-layer header; if there's a fixed-length 1345 * header preceding it, its length is included in 1346 * the off_ variables, so it doesn't need to be added.	1474 * link-layer header; add in off_ll, which, if there's 1475 * a fixed-length header preceding the link-layer header, 1476 * is the length of that header.
1347 / 1348* s = new_stmt(BPF_LDX\|BPF_MSH\|BPF_B);	1477 / 1478* s = new_stmt(BPF_LDX\|BPF_MSH\|BPF_B);
1349 s->s.k = off_nl;	1479 s->s.k = off_ll + off_nl;
1350 } 1351 return s; 1352} 1353 1354static struct block * 1355gen_uncond(rsense) 1356 int rsense; 1357{ --- 433 unchanged lines hidden (view full) --- 1791 * Now append all the existing statements in this 1792 * block to these statements. 1793 / 1794* sappend(s1, b->stmts); 1795 b->stmts = s1; 1796 } 1797} 1798	1480 } 1481 return s; 1482} 1483 1484static struct block * 1485gen_uncond(rsense) 1486 int rsense; 1487{ --- 433 unchanged lines hidden (view full) --- 1921 * Now append all the existing statements in this 1922 * block to these statements. 1923 / 1924* sappend(s1, b->stmts); 1925 b->stmts = s1; 1926 } 1927} 1928
	1929/* 1930 * At the moment we treat PPI as normal Radiotap encoded 1931 * packets. The difference is in the function that generates 1932 * the code at the beginning to compute the header length. 1933 * Since this code generator of PPI supports bare 802.11 1934 * encapsulation only (i.e. the encapsulated DLT should be 1935 * DLT_IEEE802_11) we generate code to check for this too. 1936 / 1937static void 1938insert_ppi_load_llprefixlen(b) 1939* struct block b; 1940{ 1941* struct slist s1, s2; 1942 1943 /* 1944 * Prepend to the statements in this block code to load the 1945 * length of the radiotap header into the register assigned 1946 * to hold that length, if one has been assigned. 1947 / 1948* if (reg_ll_size != -1) { 1949 /* 1950 * The 2 bytes at offsets of 2 and 3 from the beginning 1951 * of the radiotap header are the length of the radiotap 1952 * header; unfortunately, it's little-endian, so we have 1953 * to load it a byte at a time and construct the value. 1954 */
1799	1955
	1956 /* 1957 * Load the high-order byte, at an offset of 3, shift it 1958 * left a byte, and put the result in the X register. 1959 / 1960* s1 = new_stmt(BPF_LD\|BPF_B\|BPF_ABS); 1961 s1->s.k = 3; 1962 s2 = new_stmt(BPF_ALU\|BPF_LSH\|BPF_K); 1963 sappend(s1, s2); 1964 s2->s.k = 8; 1965 s2 = new_stmt(BPF_MISC\|BPF_TAX); 1966 sappend(s1, s2); 1967 1968 /* 1969 * Load the next byte, at an offset of 2, and OR the 1970 * value from the X register into it. 1971 / 1972* s2 = new_stmt(BPF_LD\|BPF_B\|BPF_ABS); 1973 sappend(s1, s2); 1974 s2->s.k = 2; 1975 s2 = new_stmt(BPF_ALU\|BPF_OR\|BPF_X); 1976 sappend(s1, s2); 1977 1978 /* 1979 * Now allocate a register to hold that value and store 1980 * it. 1981 / 1982* s2 = new_stmt(BPF_ST); 1983 s2->s.k = reg_ll_size; 1984 sappend(s1, s2); 1985 1986 /* 1987 * Now move it into the X register. 1988 / 1989* s2 = new_stmt(BPF_MISC\|BPF_TAX); 1990 sappend(s1, s2); 1991 1992 /* 1993 * Now append all the existing statements in this 1994 * block to these statements. 1995 / 1996* sappend(s1, b->stmts); 1997 b->stmts = s1; 1998 1999 } 2000} 2001 2002static struct block * 2003gen_ppi_dlt_check(void) 2004{ 2005 struct slist s_load_dlt; 2006* struct block b; 2007* 2008 if (linktype == DLT_PPI) 2009 { 2010 /* Create the statements that check for the DLT 2011 / 2012* s_load_dlt = new_stmt(BPF_LD\|BPF_W\|BPF_ABS); 2013 s_load_dlt->s.k = 4; 2014 2015 b = new_block(JMP(BPF_JEQ)); 2016 2017 b->stmts = s_load_dlt; 2018 b->s.k = SWAPLONG(DLT_IEEE802_11); 2019 } 2020 else 2021 { 2022 b = NULL; 2023 } 2024 2025 return b; 2026} 2027
1800static void 1801insert_load_llprefixlen(b) 1802 struct block b; 1803{ 1804* switch (linktype) { 1805	2028static void 2029insert_load_llprefixlen(b) 2030 struct block b; 2031{ 2032* switch (linktype) { 2033
	2034 /* 2035 * At the moment we treat PPI as normal Radiotap encoded 2036 * packets. The difference is in the function that generates 2037 * the code at the beginning to compute the header length. 2038 * Since this code generator of PPI supports bare 802.11 2039 * encapsulation only (i.e. the encapsulated DLT should be 2040 * DLT_IEEE802_11) we generate code to check for this too. 2041 / 2042* case DLT_PPI: 2043 insert_ppi_load_llprefixlen(b); 2044 break; 2045
1806 case DLT_IEEE802_11_RADIO: 1807 insert_radiotap_load_llprefixlen(b);	2046 case DLT_IEEE802_11_RADIO: 2047 insert_radiotap_load_llprefixlen(b);
	2048 break;
1808 } 1809} 1810 1811 1812static struct slist * 1813gen_radiotap_llprefixlen(void) 1814{ 1815 struct slist s; --- 10 unchanged lines hidden* (view full) --- 1826 * Load the register containing the radiotap length 1827 * into the X register. 1828 / 1829* s = new_stmt(BPF_LDX\|BPF_MEM); 1830 s->s.k = reg_ll_size; 1831 return s; 1832} 1833	2049 } 2050} 2051 2052 2053static struct slist * 2054gen_radiotap_llprefixlen(void) 2055{ 2056 struct slist s; --- 10 unchanged lines hidden* (view full) --- 2067 * Load the register containing the radiotap length 2068 * into the X register. 2069 / 2070* s = new_stmt(BPF_LDX\|BPF_MEM); 2071 s->s.k = reg_ll_size; 2072 return s; 2073} 2074
	2075/* 2076 * At the moment we treat PPI as normal Radiotap encoded 2077 * packets. The difference is in the function that generates 2078 * the code at the beginning to compute the header length. 2079 * Since this code generator of PPI supports bare 802.11 2080 * encapsulation only (i.e. the encapsulated DLT should be 2081 * DLT_IEEE802_11) we generate code to check for this too. 2082 / 2083static struct slist 2084gen_ppi_llprefixlen(void) 2085{ 2086 struct slist s; 2087* 2088 if (reg_ll_size == -1) { 2089 /* 2090 * We haven't yet assigned a register for the length 2091 * of the radiotap header; allocate one. 2092 / 2093* reg_ll_size = alloc_reg(); 2094 } 2095 2096 /* 2097 * Load the register containing the radiotap length 2098 * into the X register. 2099 / 2100* s = new_stmt(BPF_LDX\|BPF_MEM); 2101 s->s.k = reg_ll_size; 2102 return s; 2103} 2104 2105 2106
1834/* 1835 * Generate code to compute the link-layer header length, if necessary, 1836 * putting it into the X register, and to return either a pointer to a 1837 * "struct slist" for the list of statements in that code, or NULL if 1838 * no code is necessary. 1839 / 1840static struct slist 1841gen_llprefixlen(void) 1842{ 1843 switch (linktype) { 1844	2107/* 2108 * Generate code to compute the link-layer header length, if necessary, 2109 * putting it into the X register, and to return either a pointer to a 2110 * "struct slist" for the list of statements in that code, or NULL if 2111 * no code is necessary. 2112 / 2113static struct slist 2114gen_llprefixlen(void) 2115{ 2116 switch (linktype) { 2117
	2118 case DLT_PPI: 2119 return gen_ppi_llprefixlen(); 2120 2121
1845 case DLT_IEEE802_11_RADIO: 1846 return gen_radiotap_llprefixlen(); 1847 1848 default: 1849 return NULL; 1850 } 1851} 1852 --- 46 unchanged lines hidden (view full) --- 1899 default: 1900 return gen_cmp(OR_LINK, off_linktype, BPF_H, 1901 (bpf_int32)proto); 1902 /NOTREACHED/ 1903 break; 1904 } 1905 break; 1906	2122 case DLT_IEEE802_11_RADIO: 2123 return gen_radiotap_llprefixlen(); 2124 2125 default: 2126 return NULL; 2127 } 2128} 2129 --- 46 unchanged lines hidden (view full) --- 2176 default: 2177 return gen_cmp(OR_LINK, off_linktype, BPF_H, 2178 (bpf_int32)proto); 2179 /NOTREACHED/ 2180 break; 2181 } 2182 break; 2183
	2184 case DLT_PPI:
1907 case DLT_FDDI: 1908 case DLT_IEEE802: 1909 case DLT_IEEE802_11: 1910 case DLT_IEEE802_11_RADIO_AVS: 1911 case DLT_IEEE802_11_RADIO: 1912 case DLT_PRISM_HEADER: 1913 case DLT_ATM_RFC1483: 1914 case DLT_ATM_CLIP: --- 44 unchanged lines hidden (view full) --- 1959 /NOTREACHED/ 1960 break; 1961 1962 case DLT_SLIP: 1963 case DLT_SLIP_BSDOS: 1964 case DLT_RAW: 1965 /* 1966 * These types don't provide any type field; packets	2185 case DLT_FDDI: 2186 case DLT_IEEE802: 2187 case DLT_IEEE802_11: 2188 case DLT_IEEE802_11_RADIO_AVS: 2189 case DLT_IEEE802_11_RADIO: 2190 case DLT_PRISM_HEADER: 2191 case DLT_ATM_RFC1483: 2192 case DLT_ATM_CLIP: --- 44 unchanged lines hidden (view full) --- 2237 /NOTREACHED/ 2238 break; 2239 2240 case DLT_SLIP: 2241 case DLT_SLIP_BSDOS: 2242 case DLT_RAW: 2243 /* 2244 * These types don't provide any type field; packets
1967 * are always IP.	2245 * are always IPv4 or IPv6.
1968 * 1969 * XXX - for IPv4, check for a version number of 4, and, 1970 * for IPv6, check for a version number of 6? 1971 / 1972* switch (proto) { 1973 1974 case ETHERTYPE_IP:	2246 * 2247 * XXX - for IPv4, check for a version number of 4, and, 2248 * for IPv6, check for a version number of 6? 2249 / 2250* switch (proto) { 2251 2252 case ETHERTYPE_IP:
	2253 /* Check for a version number of 4. / 2254* return gen_mcmp(OR_LINK, 0, BPF_B, 0x40, 0xF0);
1975#ifdef INET6 1976 case ETHERTYPE_IPV6:	2255#ifdef INET6 2256 case ETHERTYPE_IPV6:
	2257 /* Check for a version number of 6. / 2258* return gen_mcmp(OR_LINK, 0, BPF_B, 0x60, 0xF0);
1977#endif	2259#endif
1978 return gen_true(); /* always true */
1979 1980 default: 1981 return gen_false(); /* always false / 1982* } 1983 /NOTREACHED/ 1984 break; 1985 1986 case DLT_PPP: --- 161 unchanged lines hidden (view full) --- 2148 / 2149* if (bpf_pcap->sf.rfile != NULL && 2150 bpf_pcap->sf.swapped) 2151 proto = SWAPLONG(proto); 2152 proto = htonl(proto); 2153 } 2154 return (gen_cmp(OR_LINK, 0, BPF_W, (bpf_int32)proto)); 2155	2260 2261 default: 2262 return gen_false(); /* always false / 2263* } 2264 /NOTREACHED/ 2265 break; 2266 2267 case DLT_PPP: --- 161 unchanged lines hidden (view full) --- 2429 / 2430* if (bpf_pcap->sf.rfile != NULL && 2431 bpf_pcap->sf.swapped) 2432 proto = SWAPLONG(proto); 2433 proto = htonl(proto); 2434 } 2435 return (gen_cmp(OR_LINK, 0, BPF_W, (bpf_int32)proto)); 2436
	2437#ifdef HAVE_NET_PFVAR_H
2156 case DLT_PFLOG: 2157 /* 2158 * af field is host byte order in contrast to the rest of 2159 * the packet. 2160 / 2161* if (proto == ETHERTYPE_IP) 2162 return (gen_cmp(OR_LINK, offsetof(struct pfloghdr, af), 2163 BPF_B, (bpf_int32)AF_INET)); 2164#ifdef INET6 2165 else if (proto == ETHERTYPE_IPV6) 2166 return (gen_cmp(OR_LINK, offsetof(struct pfloghdr, af), 2167 BPF_B, (bpf_int32)AF_INET6)); 2168#endif /* INET6 / 2169* else 2170 return gen_false(); 2171 /NOTREACHED/ 2172 break;	2438 case DLT_PFLOG: 2439 /* 2440 * af field is host byte order in contrast to the rest of 2441 * the packet. 2442 / 2443* if (proto == ETHERTYPE_IP) 2444 return (gen_cmp(OR_LINK, offsetof(struct pfloghdr, af), 2445 BPF_B, (bpf_int32)AF_INET)); 2446#ifdef INET6 2447 else if (proto == ETHERTYPE_IPV6) 2448 return (gen_cmp(OR_LINK, offsetof(struct pfloghdr, af), 2449 BPF_B, (bpf_int32)AF_INET6)); 2450#endif /* INET6 / 2451* else 2452 return gen_false(); 2453 /NOTREACHED/ 2454 break;
	2455#endif /* HAVE_NET_PFVAR_H */
2173 2174 case DLT_ARCNET: 2175 case DLT_ARCNET_LINUX: 2176 /* 2177 * XXX should we check for first fragment if the protocol 2178 * uses PHDS? 2179 / 2180* switch (proto) { --- 100 unchanged lines hidden (view full) --- 2281 case DLT_JUNIPER_GGSN: 2282 case DLT_JUNIPER_ES: 2283 case DLT_JUNIPER_MONITOR: 2284 case DLT_JUNIPER_SERVICES: 2285 case DLT_JUNIPER_ETHER: 2286 case DLT_JUNIPER_PPP: 2287 case DLT_JUNIPER_FRELAY: 2288 case DLT_JUNIPER_CHDLC:	2456 2457 case DLT_ARCNET: 2458 case DLT_ARCNET_LINUX: 2459 /* 2460 * XXX should we check for first fragment if the protocol 2461 * uses PHDS? 2462 / 2463* switch (proto) { --- 100 unchanged lines hidden (view full) --- 2564 case DLT_JUNIPER_GGSN: 2565 case DLT_JUNIPER_ES: 2566 case DLT_JUNIPER_MONITOR: 2567 case DLT_JUNIPER_SERVICES: 2568 case DLT_JUNIPER_ETHER: 2569 case DLT_JUNIPER_PPP: 2570 case DLT_JUNIPER_FRELAY: 2571 case DLT_JUNIPER_CHDLC:
	2572 case DLT_JUNIPER_VP:
2289 /* just lets verify the magic number for now - 2290 * on ATM we may have up to 6 different encapsulations on the wire 2291 * and need a lot of heuristics to figure out that the payload 2292 * might be; 2293 * 2294 * FIXME encapsulation specific BPF_ filters 2295 / 2296* return gen_mcmp(OR_LINK, 0, BPF_W, 0x4d474300, 0xffffff00); /* compare the magic number / --- 744 unchanged lines hidden* (view full) --- 3041 default: 3042 abort(); 3043 } 3044 b0 = gen_linktype(ETHERTYPE_DN); 3045 /* Check for pad = 1, long header case / 3046* tmp = gen_mcmp(OR_NET, 2, BPF_H, 3047 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF)); 3048 b1 = gen_cmp(OR_NET, 2 + 1 + offset_lh,	2573 /* just lets verify the magic number for now - 2574 * on ATM we may have up to 6 different encapsulations on the wire 2575 * and need a lot of heuristics to figure out that the payload 2576 * might be; 2577 * 2578 * FIXME encapsulation specific BPF_ filters 2579 / 2580* return gen_mcmp(OR_LINK, 0, BPF_W, 0x4d474300, 0xffffff00); /* compare the magic number / --- 744 unchanged lines hidden* (view full) --- 3325 default: 3326 abort(); 3327 } 3328 b0 = gen_linktype(ETHERTYPE_DN); 3329 /* Check for pad = 1, long header case / 3330* tmp = gen_mcmp(OR_NET, 2, BPF_H, 3331 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF)); 3332 b1 = gen_cmp(OR_NET, 2 + 1 + offset_lh,
3049 BPF_H, (bpf_int32)ntohs(addr));	3333 BPF_H, (bpf_int32)ntohs((u_short)addr));
3050 gen_and(tmp, b1); 3051 /* Check for pad = 0, long header case / 3052* tmp = gen_mcmp(OR_NET, 2, BPF_B, (bpf_int32)0x06, (bpf_int32)0x7);	3334 gen_and(tmp, b1); 3335 /* Check for pad = 0, long header case / 3336* tmp = gen_mcmp(OR_NET, 2, BPF_B, (bpf_int32)0x06, (bpf_int32)0x7);
3053 b2 = gen_cmp(OR_NET, 2 + offset_lh, BPF_H, (bpf_int32)ntohs(addr));	3337 b2 = gen_cmp(OR_NET, 2 + offset_lh, BPF_H, (bpf_int32)ntohs((u_short)addr));
3054 gen_and(tmp, b2); 3055 gen_or(b2, b1); 3056 /* Check for pad = 1, short header case / 3057* tmp = gen_mcmp(OR_NET, 2, BPF_H, 3058 (bpf_int32)ntohs(0x0281), (bpf_int32)ntohs(0x07FF));	3338 gen_and(tmp, b2); 3339 gen_or(b2, b1); 3340 /* Check for pad = 1, short header case / 3341* tmp = gen_mcmp(OR_NET, 2, BPF_H, 3342 (bpf_int32)ntohs(0x0281), (bpf_int32)ntohs(0x07FF));
3059 b2 = gen_cmp(OR_NET, 2 + 1 + offset_sh, BPF_H, (bpf_int32)ntohs(addr));	3343 b2 = gen_cmp(OR_NET, 2 + 1 + offset_sh, BPF_H, (bpf_int32)ntohs((u_short)addr));
3060 gen_and(tmp, b2); 3061 gen_or(b2, b1); 3062 /* Check for pad = 0, short header case / 3063* tmp = gen_mcmp(OR_NET, 2, BPF_B, (bpf_int32)0x02, (bpf_int32)0x7);	3344 gen_and(tmp, b2); 3345 gen_or(b2, b1); 3346 /* Check for pad = 0, short header case / 3347* tmp = gen_mcmp(OR_NET, 2, BPF_B, (bpf_int32)0x02, (bpf_int32)0x7);
3064 b2 = gen_cmp(OR_NET, 2 + offset_sh, BPF_H, (bpf_int32)ntohs(addr));	3348 b2 = gen_cmp(OR_NET, 2 + offset_sh, BPF_H, (bpf_int32)ntohs((u_short)addr));
3065 gen_and(tmp, b2); 3066 gen_or(b2, b1); 3067 3068 /* Combine with test for linktype / 3069* gen_and(b0, b1); 3070 return b1; 3071} 3072 --- 27 unchanged lines hidden (view full) --- 3100 return b1; 3101 3102 default: 3103 abort(); 3104 } 3105} 3106 3107static struct block *	3349 gen_and(tmp, b2); 3350 gen_or(b2, b1); 3351 3352 /* Combine with test for linktype / 3353* gen_and(b0, b1); 3354 return b1; 3355} 3356 --- 27 unchanged lines hidden (view full) --- 3384 return b1; 3385 3386 default: 3387 abort(); 3388 } 3389} 3390 3391static struct block *
3108gen_host(addr, mask, proto, dir)	3392gen_host(addr, mask, proto, dir, type)
3109 bpf_u_int32 addr; 3110 bpf_u_int32 mask; 3111 int proto; 3112 int dir;	3393 bpf_u_int32 addr; 3394 bpf_u_int32 mask; 3395 int proto; 3396 int dir;
	3397 int type;
3113{ 3114 struct block b0, b1;	3398{ 3399 struct block b0, b1;
	3400 const char *typestr;
3115	3401
	3402 if (type == Q_NET) 3403 typestr = "net"; 3404 else 3405 typestr = "host"; 3406
3116 switch (proto) { 3117 3118 case Q_DEFAULT:	3407 switch (proto) { 3408 3409 case Q_DEFAULT:
3119 b0 = gen_host(addr, mask, Q_IP, dir);	3410 b0 = gen_host(addr, mask, Q_IP, dir, type);
3120 /* 3121 * Only check for non-IPv4 addresses if we're not 3122 * checking MPLS-encapsulated packets. 3123 / 3124* if (label_stack_depth == 0) {	3411 /* 3412 * Only check for non-IPv4 addresses if we're not 3413 * checking MPLS-encapsulated packets. 3414 / 3415* if (label_stack_depth == 0) {
3125 b1 = gen_host(addr, mask, Q_ARP, dir);	3416 b1 = gen_host(addr, mask, Q_ARP, dir, type);
3126 gen_or(b0, b1);	3417 gen_or(b0, b1);
3127 b0 = gen_host(addr, mask, Q_RARP, dir);	3418 b0 = gen_host(addr, mask, Q_RARP, dir, type);
3128 gen_or(b1, b0); 3129 } 3130 return b0; 3131 3132 case Q_IP: 3133 return gen_hostop(addr, mask, dir, ETHERTYPE_IP, 12, 16); 3134 3135 case Q_RARP: 3136 return gen_hostop(addr, mask, dir, ETHERTYPE_REVARP, 14, 24); 3137 3138 case Q_ARP: 3139 return gen_hostop(addr, mask, dir, ETHERTYPE_ARP, 14, 24); 3140 3141 case Q_TCP:	3419 gen_or(b1, b0); 3420 } 3421 return b0; 3422 3423 case Q_IP: 3424 return gen_hostop(addr, mask, dir, ETHERTYPE_IP, 12, 16); 3425 3426 case Q_RARP: 3427 return gen_hostop(addr, mask, dir, ETHERTYPE_REVARP, 14, 24); 3428 3429 case Q_ARP: 3430 return gen_hostop(addr, mask, dir, ETHERTYPE_ARP, 14, 24); 3431 3432 case Q_TCP:
3142 bpf_error("'tcp' modifier applied to host");	3433 bpf_error("'tcp' modifier applied to %s", typestr);
3143 3144 case Q_SCTP:	3434 3435 case Q_SCTP:
3145 bpf_error("'sctp' modifier applied to host");	3436 bpf_error("'sctp' modifier applied to %s", typestr);
3146 3147 case Q_UDP:	3437 3438 case Q_UDP:
3148 bpf_error("'udp' modifier applied to host");	3439 bpf_error("'udp' modifier applied to %s", typestr);
3149 3150 case Q_ICMP:	3440 3441 case Q_ICMP:
3151 bpf_error("'icmp' modifier applied to host");	3442 bpf_error("'icmp' modifier applied to %s", typestr);
3152 3153 case Q_IGMP:	3443 3444 case Q_IGMP:
3154 bpf_error("'igmp' modifier applied to host");	3445 bpf_error("'igmp' modifier applied to %s", typestr);
3155 3156 case Q_IGRP:	3446 3447 case Q_IGRP:
3157 bpf_error("'igrp' modifier applied to host");	3448 bpf_error("'igrp' modifier applied to %s", typestr);
3158 3159 case Q_PIM:	3449 3450 case Q_PIM:
3160 bpf_error("'pim' modifier applied to host");	3451 bpf_error("'pim' modifier applied to %s", typestr);
3161 3162 case Q_VRRP:	3452 3453 case Q_VRRP:
3163 bpf_error("'vrrp' modifier applied to host");	3454 bpf_error("'vrrp' modifier applied to %s", typestr);
3164 3165 case Q_ATALK: 3166 bpf_error("ATALK host filtering not implemented"); 3167 3168 case Q_AARP: 3169 bpf_error("AARP host filtering not implemented"); 3170 3171 case Q_DECNET: --- 11 unchanged lines hidden (view full) --- 3183 case Q_MOPRC: 3184 bpf_error("MOPRC host filtering not implemented"); 3185 3186#ifdef INET6 3187 case Q_IPV6: 3188 bpf_error("'ip6' modifier applied to ip host"); 3189 3190 case Q_ICMPV6:	3455 3456 case Q_ATALK: 3457 bpf_error("ATALK host filtering not implemented"); 3458 3459 case Q_AARP: 3460 bpf_error("AARP host filtering not implemented"); 3461 3462 case Q_DECNET: --- 11 unchanged lines hidden (view full) --- 3474 case Q_MOPRC: 3475 bpf_error("MOPRC host filtering not implemented"); 3476 3477#ifdef INET6 3478 case Q_IPV6: 3479 bpf_error("'ip6' modifier applied to ip host"); 3480 3481 case Q_ICMPV6:
3191 bpf_error("'icmp6' modifier applied to host");	3482 bpf_error("'icmp6' modifier applied to %s", typestr);
3192#endif /* INET6 / 3193* 3194 case Q_AH:	3483#endif /* INET6 / 3484* 3485 case Q_AH:
3195 bpf_error("'ah' modifier applied to host");	3486 bpf_error("'ah' modifier applied to %s", typestr);
3196 3197 case Q_ESP:	3487 3488 case Q_ESP:
3198 bpf_error("'esp' modifier applied to host");	3489 bpf_error("'esp' modifier applied to %s", typestr);
3199 3200 case Q_ISO: 3201 bpf_error("ISO host filtering not implemented"); 3202 3203 case Q_ESIS:	3490 3491 case Q_ISO: 3492 bpf_error("ISO host filtering not implemented"); 3493 3494 case Q_ESIS:
3204 bpf_error("'esis' modifier applied to host");	3495 bpf_error("'esis' modifier applied to %s", typestr);
3205 3206 case Q_ISIS:	3496 3497 case Q_ISIS:
3207 bpf_error("'isis' modifier applied to host");	3498 bpf_error("'isis' modifier applied to %s", typestr);
3208 3209 case Q_CLNP:	3499 3500 case Q_CLNP:
3210 bpf_error("'clnp' modifier applied to host");	3501 bpf_error("'clnp' modifier applied to %s", typestr);
3211 3212 case Q_STP:	3502 3503 case Q_STP:
3213 bpf_error("'stp' modifier applied to host");	3504 bpf_error("'stp' modifier applied to %s", typestr);
3214 3215 case Q_IPX: 3216 bpf_error("IPX host filtering not implemented"); 3217 3218 case Q_NETBEUI:	3505 3506 case Q_IPX: 3507 bpf_error("IPX host filtering not implemented"); 3508 3509 case Q_NETBEUI:
3219 bpf_error("'netbeui' modifier applied to host");	3510 bpf_error("'netbeui' modifier applied to %s", typestr);
3220 3221 case Q_RADIO:	3511 3512 case Q_RADIO:
3222 bpf_error("'radio' modifier applied to host");	3513 bpf_error("'radio' modifier applied to %s", typestr);
3223 3224 default: 3225 abort(); 3226 } 3227 /* NOTREACHED / 3228} 3229* 3230#ifdef INET6 3231static struct block *	3514 3515 default: 3516 abort(); 3517 } 3518 /* NOTREACHED / 3519} 3520* 3521#ifdef INET6 3522static struct block *
3232gen_host6(addr, mask, proto, dir)	3523gen_host6(addr, mask, proto, dir, type)
3233 struct in6_addr addr; 3234* struct in6_addr mask; 3235* int proto; 3236 int dir;	3524 struct in6_addr addr; 3525* struct in6_addr mask; 3526* int proto; 3527 int dir;
	3528 int type;
3237{	3529{
	3530 const char typestr; 3531* 3532 if (type == Q_NET) 3533 typestr = "net"; 3534 else 3535 typestr = "host"; 3536
3238 switch (proto) { 3239 3240 case Q_DEFAULT:	3537 switch (proto) { 3538 3539 case Q_DEFAULT:
3241 return gen_host6(addr, mask, Q_IPV6, dir);	3540 return gen_host6(addr, mask, Q_IPV6, dir, type);
3242 3243 case Q_IP:	3541 3542 case Q_IP:
3244 bpf_error("'ip' modifier applied to ip6 host");	3543 bpf_error("'ip' modifier applied to ip6 %s", typestr);
3245 3246 case Q_RARP:	3544 3545 case Q_RARP:
3247 bpf_error("'rarp' modifier applied to ip6 host");	3546 bpf_error("'rarp' modifier applied to ip6 %s", typestr);
3248 3249 case Q_ARP:	3547 3548 case Q_ARP:
3250 bpf_error("'arp' modifier applied to ip6 host");	3549 bpf_error("'arp' modifier applied to ip6 %s", typestr);
3251 3252 case Q_SCTP:	3550 3551 case Q_SCTP:
3253 bpf_error("'sctp' modifier applied to host");	3552 bpf_error("'sctp' modifier applied to %s", typestr);
3254 3255 case Q_TCP:	3553 3554 case Q_TCP:
3256 bpf_error("'tcp' modifier applied to host");	3555 bpf_error("'tcp' modifier applied to %s", typestr);
3257 3258 case Q_UDP:	3556 3557 case Q_UDP:
3259 bpf_error("'udp' modifier applied to host");	3558 bpf_error("'udp' modifier applied to %s", typestr);
3260 3261 case Q_ICMP:	3559 3560 case Q_ICMP:
3262 bpf_error("'icmp' modifier applied to host");	3561 bpf_error("'icmp' modifier applied to %s", typestr);
3263 3264 case Q_IGMP:	3562 3563 case Q_IGMP:
3265 bpf_error("'igmp' modifier applied to host");	3564 bpf_error("'igmp' modifier applied to %s", typestr);
3266 3267 case Q_IGRP:	3565 3566 case Q_IGRP:
3268 bpf_error("'igrp' modifier applied to host");	3567 bpf_error("'igrp' modifier applied to %s", typestr);
3269 3270 case Q_PIM:	3568 3569 case Q_PIM:
3271 bpf_error("'pim' modifier applied to host");	3570 bpf_error("'pim' modifier applied to %s", typestr);
3272 3273 case Q_VRRP:	3571 3572 case Q_VRRP:
3274 bpf_error("'vrrp' modifier applied to host");	3573 bpf_error("'vrrp' modifier applied to %s", typestr);
3275 3276 case Q_ATALK: 3277 bpf_error("ATALK host filtering not implemented"); 3278 3279 case Q_AARP: 3280 bpf_error("AARP host filtering not implemented"); 3281 3282 case Q_DECNET:	3574 3575 case Q_ATALK: 3576 bpf_error("ATALK host filtering not implemented"); 3577 3578 case Q_AARP: 3579 bpf_error("AARP host filtering not implemented"); 3580 3581 case Q_DECNET:
3283 bpf_error("'decnet' modifier applied to ip6 host");	3582 bpf_error("'decnet' modifier applied to ip6 %s", typestr);
3284 3285 case Q_SCA: 3286 bpf_error("SCA host filtering not implemented"); 3287 3288 case Q_LAT: 3289 bpf_error("LAT host filtering not implemented"); 3290 3291 case Q_MOPDL: 3292 bpf_error("MOPDL host filtering not implemented"); 3293 3294 case Q_MOPRC: 3295 bpf_error("MOPRC host filtering not implemented"); 3296 3297 case Q_IPV6: 3298 return gen_hostop6(addr, mask, dir, ETHERTYPE_IPV6, 8, 24); 3299 3300 case Q_ICMPV6:	3583 3584 case Q_SCA: 3585 bpf_error("SCA host filtering not implemented"); 3586 3587 case Q_LAT: 3588 bpf_error("LAT host filtering not implemented"); 3589 3590 case Q_MOPDL: 3591 bpf_error("MOPDL host filtering not implemented"); 3592 3593 case Q_MOPRC: 3594 bpf_error("MOPRC host filtering not implemented"); 3595 3596 case Q_IPV6: 3597 return gen_hostop6(addr, mask, dir, ETHERTYPE_IPV6, 8, 24); 3598 3599 case Q_ICMPV6:
3301 bpf_error("'icmp6' modifier applied to host");	3600 bpf_error("'icmp6' modifier applied to %s", typestr);
3302 3303 case Q_AH:	3601 3602 case Q_AH:
3304 bpf_error("'ah' modifier applied to host");	3603 bpf_error("'ah' modifier applied to %s", typestr);
3305 3306 case Q_ESP:	3604 3605 case Q_ESP:
3307 bpf_error("'esp' modifier applied to host");	3606 bpf_error("'esp' modifier applied to %s", typestr);
3308 3309 case Q_ISO: 3310 bpf_error("ISO host filtering not implemented"); 3311 3312 case Q_ESIS:	3607 3608 case Q_ISO: 3609 bpf_error("ISO host filtering not implemented"); 3610 3611 case Q_ESIS:
3313 bpf_error("'esis' modifier applied to host");	3612 bpf_error("'esis' modifier applied to %s", typestr);
3314 3315 case Q_ISIS:	3613 3614 case Q_ISIS:
3316 bpf_error("'isis' modifier applied to host");	3615 bpf_error("'isis' modifier applied to %s", typestr);
3317 3318 case Q_CLNP:	3616 3617 case Q_CLNP:
3319 bpf_error("'clnp' modifier applied to host");	3618 bpf_error("'clnp' modifier applied to %s", typestr);
3320 3321 case Q_STP:	3619 3620 case Q_STP:
3322 bpf_error("'stp' modifier applied to host");	3621 bpf_error("'stp' modifier applied to %s", typestr);
3323 3324 case Q_IPX: 3325 bpf_error("IPX host filtering not implemented"); 3326 3327 case Q_NETBEUI:	3622 3623 case Q_IPX: 3624 bpf_error("IPX host filtering not implemented"); 3625 3626 case Q_NETBEUI:
3328 bpf_error("'netbeui' modifier applied to host");	3627 bpf_error("'netbeui' modifier applied to %s", typestr);
3329 3330 case Q_RADIO:	3628 3629 case Q_RADIO:
3331 bpf_error("'radio' modifier applied to host");	3630 bpf_error("'radio' modifier applied to %s", typestr);
3332 3333 default: 3334 abort(); 3335 } 3336 /* NOTREACHED / 3337} 3338#endif /INET6/ 3339* --- 10 unchanged lines hidden (view full) --- 3350 if (dir != 0) 3351 bpf_error("direction applied to 'gateway'"); 3352 3353 switch (proto) { 3354 case Q_DEFAULT: 3355 case Q_IP: 3356 case Q_ARP: 3357 case Q_RARP:	3631 3632 default: 3633 abort(); 3634 } 3635 /* NOTREACHED / 3636} 3637#endif /INET6/ 3638* --- 10 unchanged lines hidden (view full) --- 3649 if (dir != 0) 3650 bpf_error("direction applied to 'gateway'"); 3651 3652 switch (proto) { 3653 case Q_DEFAULT: 3654 case Q_IP: 3655 case Q_ARP: 3656 case Q_RARP:
3358 if (linktype == DLT_EN10MB) 3359 b0 = gen_ehostop(eaddr, Q_OR); 3360 else if (linktype == DLT_FDDI) 3361 b0 = gen_fhostop(eaddr, Q_OR); 3362 else if (linktype == DLT_IEEE802) 3363 b0 = gen_thostop(eaddr, Q_OR); 3364 else if (linktype == DLT_IEEE802_11 \|\| 3365 linktype == DLT_IEEE802_11_RADIO_AVS \|\| 3366 linktype == DLT_IEEE802_11_RADIO \|\| 3367 linktype == DLT_PRISM_HEADER) 3368 b0 = gen_wlanhostop(eaddr, Q_OR); 3369 else if (linktype == DLT_SUNATM && is_lane) {	3657 switch (linktype) { 3658 case DLT_EN10MB: 3659 b0 = gen_ehostop(eaddr, Q_OR); 3660 break; 3661 case DLT_FDDI: 3662 b0 = gen_fhostop(eaddr, Q_OR); 3663 break; 3664 case DLT_IEEE802: 3665 b0 = gen_thostop(eaddr, Q_OR); 3666 break; 3667 case DLT_IEEE802_11: 3668 case DLT_IEEE802_11_RADIO_AVS: 3669 case DLT_PPI: 3670 case DLT_IEEE802_11_RADIO: 3671 case DLT_PRISM_HEADER: 3672 b0 = gen_wlanhostop(eaddr, Q_OR); 3673 break; 3674 case DLT_SUNATM: 3675 if (is_lane) {
3370 /* 3371 * Check that the packet doesn't begin with an 3372 * LE Control marker. (We've already generated 3373 * a test for LANE.) 3374 / 3375* b1 = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 3376 0xFF00); 3377 gen_not(b1); 3378 3379 /* 3380 * Now check the MAC address. 3381 / 3382* b0 = gen_ehostop(eaddr, Q_OR); 3383 gen_and(b1, b0);	3676 /* 3677 * Check that the packet doesn't begin with an 3678 * LE Control marker. (We've already generated 3679 * a test for LANE.) 3680 / 3681* b1 = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 3682 0xFF00); 3683 gen_not(b1); 3684 3685 /* 3686 * Now check the MAC address. 3687 / 3688* b0 = gen_ehostop(eaddr, Q_OR); 3689 gen_and(b1, b0);
3384 } else if (linktype == DLT_IP_OVER_FC) 3385 b0 = gen_ipfchostop(eaddr, Q_OR); 3386 else 3387 bpf_error(	3690 } 3691 break; 3692 case DLT_IP_OVER_FC: 3693 b0 = gen_ipfchostop(eaddr, Q_OR); 3694 break; 3695 default: 3696 bpf_error(
3388 "'gateway' supported only on ethernet/FDDI/token ring/802.11/Fibre Channel");	3697 "'gateway' supported only on ethernet/FDDI/token ring/802.11/Fibre Channel");
3389 3390 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR);	3698 } 3699 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR, Q_HOST);
3391 while (*alist) {	3700 while (*alist) {
3392 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR);	3701 tmp = gen_host(*alist++, 0xffffffff, proto, Q_OR, 3702* Q_HOST);
3393 gen_or(b1, tmp); 3394 b1 = tmp; 3395 } 3396 gen_not(b1); 3397 gen_and(b0, b1); 3398 return b1; 3399 } 3400 bpf_error("illegal modifier of 'gateway'"); --- 756 unchanged lines hidden (view full) --- 4157 * be done in the kernel. (We already require a modified BPF 4158 * engine to do the protochain stuff, to support backward 4159 * branches, and backward branch support is unlikely to appear 4160 * in kernel BPF engines.) 4161 / 4162* if (linktype == DLT_IEEE802_11_RADIO) 4163 bpf_error("'protochain' not supported with radiotap headers"); 4164	3703 gen_or(b1, tmp); 3704 b1 = tmp; 3705 } 3706 gen_not(b1); 3707 gen_and(b0, b1); 3708 return b1; 3709 } 3710 bpf_error("illegal modifier of 'gateway'"); --- 756 unchanged lines hidden (view full) --- 4467 * be done in the kernel. (We already require a modified BPF 4468 * engine to do the protochain stuff, to support backward 4469 * branches, and backward branch support is unlikely to appear 4470 * in kernel BPF engines.) 4471 / 4472* if (linktype == DLT_IEEE802_11_RADIO) 4473 bpf_error("'protochain' not supported with radiotap headers"); 4474
	4475 if (linktype == DLT_PPI) 4476 bpf_error("'protochain' not supported with PPI headers"); 4477
4165 no_optimize = 1; /this code is not compatible with optimzer yet / 4166 4167 /* 4168 * s[0] is a dummy entry to protect other BPF insn from damage 4169 * by s[fix] = foo with uninitialized variable "fix". It is somewhat 4170 * hard to find interdependency made by jump table fixup. 4171 / 4172* i = 0; 4173 s[i] = new_stmt(0); /dummy/ 4174 i++; 4175 4176 switch (proto) { 4177 case Q_IP: 4178 b0 = gen_linktype(ETHERTYPE_IP); 4179 4180 /* A = ip->ip_p / 4181* s[i] = new_stmt(BPF_LD\|BPF_ABS\|BPF_B);	4478 no_optimize = 1; /this code is not compatible with optimzer yet / 4479 4480 /* 4481 * s[0] is a dummy entry to protect other BPF insn from damage 4482 * by s[fix] = foo with uninitialized variable "fix". It is somewhat 4483 * hard to find interdependency made by jump table fixup. 4484 / 4485* i = 0; 4486 s[i] = new_stmt(0); /dummy/ 4487 i++; 4488 4489 switch (proto) { 4490 case Q_IP: 4491 b0 = gen_linktype(ETHERTYPE_IP); 4492 4493 /* A = ip->ip_p / 4494* s[i] = new_stmt(BPF_LD\|BPF_ABS\|BPF_B);
4182 s[i]->s.k = off_nl + 9;	4495 s[i]->s.k = off_ll + off_nl + 9;
4183 i++; 4184 /* X = ip->ip_hl << 2 / 4185* s[i] = new_stmt(BPF_LDX\|BPF_MSH\|BPF_B);	4496 i++; 4497 /* X = ip->ip_hl << 2 / 4498* s[i] = new_stmt(BPF_LDX\|BPF_MSH\|BPF_B);
4186 s[i]->s.k = off_nl;	4499 s[i]->s.k = off_ll + off_nl;
4187 i++; 4188 break; 4189#ifdef INET6 4190 case Q_IPV6: 4191 b0 = gen_linktype(ETHERTYPE_IPV6); 4192 4193 /* A = ip6->ip_nxt / 4194* s[i] = new_stmt(BPF_LD\|BPF_ABS\|BPF_B);	4500 i++; 4501 break; 4502#ifdef INET6 4503 case Q_IPV6: 4504 b0 = gen_linktype(ETHERTYPE_IPV6); 4505 4506 /* A = ip6->ip_nxt / 4507* s[i] = new_stmt(BPF_LD\|BPF_ABS\|BPF_B);
4195 s[i]->s.k = off_nl + 6;	4508 s[i]->s.k = off_ll + off_nl + 6;
4196 i++; 4197 /* X = sizeof(struct ip6_hdr) / 4198* s[i] = new_stmt(BPF_LDX\|BPF_IMM); 4199 s[i]->s.k = 40; 4200 i++; 4201 break; 4202#endif 4203 default: --- 63 unchanged lines hidden (view full) --- 4267 * A = P[X]; 4268 * X = X + (P[X + 1] + 1) * 8; 4269 / 4270* /* A = X / 4271* s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4272 i++; 4273 /* A = P[X + packet head] / 4274* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);	4509 i++; 4510 /* X = sizeof(struct ip6_hdr) / 4511* s[i] = new_stmt(BPF_LDX\|BPF_IMM); 4512 s[i]->s.k = 40; 4513 i++; 4514 break; 4515#endif 4516 default: --- 63 unchanged lines hidden (view full) --- 4580 * A = P[X]; 4581 * X = X + (P[X + 1] + 1) * 8; 4582 / 4583* /* A = X / 4584* s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4585 i++; 4586 /* A = P[X + packet head] / 4587* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);
4275 s[i]->s.k = off_nl;	4588 s[i]->s.k = off_ll + off_nl;
4276 i++; 4277 /* MEM[reg2] = A / 4278* s[i] = new_stmt(BPF_ST); 4279 s[i]->s.k = reg2; 4280 i++; 4281 /* A = X / 4282* s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4283 i++; 4284 /* A += 1 / 4285* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4286 s[i]->s.k = 1; 4287 i++; 4288 /* X = A / 4289* s[i] = new_stmt(BPF_MISC\|BPF_TAX); 4290 i++; 4291 /* A = P[X + packet head]; / 4292* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);	4589 i++; 4590 /* MEM[reg2] = A / 4591* s[i] = new_stmt(BPF_ST); 4592 s[i]->s.k = reg2; 4593 i++; 4594 /* A = X / 4595* s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4596 i++; 4597 /* A += 1 / 4598* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4599 s[i]->s.k = 1; 4600 i++; 4601 /* X = A / 4602* s[i] = new_stmt(BPF_MISC\|BPF_TAX); 4603 i++; 4604 /* A = P[X + packet head]; / 4605* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);
4293 s[i]->s.k = off_nl;	4606 s[i]->s.k = off_ll + off_nl;
4294 i++; 4295 /* A += 1 / 4296* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4297 s[i]->s.k = 1; 4298 i++; 4299 /* A = 8 / 4300 s[i] = new_stmt(BPF_ALU\|BPF_MUL\|BPF_K); 4301 s[i]->s.k = 8; --- 42 unchanged lines hidden (view full) --- 4344 * A = P[X]; 4345 * X = X + (P[X + 1] + 2) * 4; 4346 / 4347* /* A = X / 4348* s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4349 i++; 4350 /* A = P[X + packet head]; / 4351* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);	4607 i++; 4608 /* A += 1 / 4609* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4610 s[i]->s.k = 1; 4611 i++; 4612 /* A = 8 / 4613 s[i] = new_stmt(BPF_ALU\|BPF_MUL\|BPF_K); 4614 s[i]->s.k = 8; --- 42 unchanged lines hidden (view full) --- 4657 * A = P[X]; 4658 * X = X + (P[X + 1] + 2) * 4; 4659 / 4660* /* A = X / 4661* s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4662 i++; 4663 /* A = P[X + packet head]; / 4664* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);
4352 s[i]->s.k = off_nl;	4665 s[i]->s.k = off_ll + off_nl;
4353 i++; 4354 /* MEM[reg2] = A / 4355* s[i] = new_stmt(BPF_ST); 4356 s[i]->s.k = reg2; 4357 i++; 4358 /* A = X / 4359* s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4360 i++; 4361 /* A += 1 / 4362* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4363 s[i]->s.k = 1; 4364 i++; 4365 /* X = A / 4366* s[i] = new_stmt(BPF_MISC\|BPF_TAX); 4367 i++; 4368 /* A = P[X + packet head] / 4369* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);	4666 i++; 4667 /* MEM[reg2] = A / 4668* s[i] = new_stmt(BPF_ST); 4669 s[i]->s.k = reg2; 4670 i++; 4671 /* A = X / 4672* s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC\|BPF_TXA); 4673 i++; 4674 /* A += 1 / 4675* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4676 s[i]->s.k = 1; 4677 i++; 4678 /* X = A / 4679* s[i] = new_stmt(BPF_MISC\|BPF_TAX); 4680 i++; 4681 /* A = P[X + packet head] / 4682* s[i] = new_stmt(BPF_LD\|BPF_IND\|BPF_B);
4370 s[i]->s.k = off_nl;	4683 s[i]->s.k = off_ll + off_nl;
4371 i++; 4372 /* A += 2 / 4373* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4374 s[i]->s.k = 2; 4375 i++; 4376 /* A = 4 / 4377 s[i] = new_stmt(BPF_ALU\|BPF_MUL\|BPF_K); 4378 s[i]->s.k = 4; --- 37 unchanged lines hidden (view full) --- 4416 4417 free_reg(reg2); 4418 4419 gen_and(b0, b); 4420 return b; 4421#endif 4422} 4423	4684 i++; 4685 /* A += 2 / 4686* s[i] = new_stmt(BPF_ALU\|BPF_ADD\|BPF_K); 4687 s[i]->s.k = 2; 4688 i++; 4689 /* A = 4 / 4690 s[i] = new_stmt(BPF_ALU\|BPF_MUL\|BPF_K); 4691 s[i]->s.k = 4; --- 37 unchanged lines hidden (view full) --- 4729 4730 free_reg(reg2); 4731 4732 gen_and(b0, b); 4733 return b; 4734#endif 4735} 4736
	4737
4424/* 4425 * Generate code that checks whether the packet is a packet for protocol 4426 * <proto> and whether the type field in that protocol's header has 4427 * the value <v>, e.g. if <proto> is Q_IP, it checks whether it's an 4428 * IP packet and checks the protocol number in the IP header against <v>. 4429 * 4430 * If <proto> is Q_DEFAULT, i.e. just "proto" was specified, it checks 4431 * against Q_IP and Q_IPV6. --- 30 unchanged lines hidden (view full) --- 4462 * with LLCSAP_IP. 4463 * 4464 * For LLC-encapsulated ATM/"Classical IP", RFC 1483 and 4465 * RFC 2225 say that SNAP encapsulation is used, not LLC 4466 * encapsulation with LLCSAP_IP. 4467 * 4468 * So we always check for ETHERTYPE_IP. 4469 */	4738/* 4739 * Generate code that checks whether the packet is a packet for protocol 4740 * <proto> and whether the type field in that protocol's header has 4741 * the value <v>, e.g. if <proto> is Q_IP, it checks whether it's an 4742 * IP packet and checks the protocol number in the IP header against <v>. 4743 * 4744 * If <proto> is Q_DEFAULT, i.e. just "proto" was specified, it checks 4745 * against Q_IP and Q_IPV6. --- 30 unchanged lines hidden (view full) --- 4776 * with LLCSAP_IP. 4777 * 4778 * For LLC-encapsulated ATM/"Classical IP", RFC 1483 and 4779 * RFC 2225 say that SNAP encapsulation is used, not LLC 4780 * encapsulation with LLCSAP_IP. 4781 * 4782 * So we always check for ETHERTYPE_IP. 4783 */
4470
4471 b0 = gen_linktype(ETHERTYPE_IP); 4472#ifndef CHASE_CHAIN 4473 b1 = gen_cmp(OR_NET, 9, BPF_B, (bpf_int32)v); 4474#else 4475 b1 = gen_protochain(v, Q_IP); 4476#endif 4477 gen_and(b0, b1); 4478 return b1; --- 168 unchanged lines hidden (view full) --- 4647 int dir = q.dir; 4648 int tproto; 4649 u_char eaddr; 4650* bpf_u_int32 mask, addr; 4651#ifndef INET6 4652 bpf_u_int32 *alist; 4653#else 4654* int tproto6;	4784 b0 = gen_linktype(ETHERTYPE_IP); 4785#ifndef CHASE_CHAIN 4786 b1 = gen_cmp(OR_NET, 9, BPF_B, (bpf_int32)v); 4787#else 4788 b1 = gen_protochain(v, Q_IP); 4789#endif 4790 gen_and(b0, b1); 4791 return b1; --- 168 unchanged lines hidden (view full) --- 4960 int dir = q.dir; 4961 int tproto; 4962 u_char eaddr; 4963* bpf_u_int32 mask, addr; 4964#ifndef INET6 4965 bpf_u_int32 *alist; 4966#else 4967* int tproto6;
4655 struct sockaddr_in *sin;	4968 struct sockaddr_in *sin4;
4656 struct sockaddr_in6 sin6; 4657* struct addrinfo res, res0; 4658 struct in6_addr mask128; 4659#endif /INET6/ 4660 struct block b, tmp; 4661 int port, real_proto; 4662 int port1, port2; 4663 --- 4 unchanged lines hidden (view full) --- 4668 if (addr == 0) 4669 bpf_error("unknown network '%s'", name); 4670 /* Left justify network addr and calculate its network mask / 4671* mask = 0xffffffff; 4672 while (addr && (addr & 0xff000000) == 0) { 4673 addr <<= 8; 4674 mask <<= 8; 4675 }	4969 struct sockaddr_in6 sin6; 4970* struct addrinfo res, res0; 4971 struct in6_addr mask128; 4972#endif /INET6/ 4973 struct block b, tmp; 4974 int port, real_proto; 4975 int port1, port2; 4976 --- 4 unchanged lines hidden (view full) --- 4981 if (addr == 0) 4982 bpf_error("unknown network '%s'", name); 4983 /* Left justify network addr and calculate its network mask / 4984* mask = 0xffffffff; 4985 while (addr && (addr & 0xff000000) == 0) { 4986 addr <<= 8; 4987 mask <<= 8; 4988 }
4676 return gen_host(addr, mask, proto, dir);	4989 return gen_host(addr, mask, proto, dir, q.addr);
4677 4678 case Q_DEFAULT: 4679 case Q_HOST: 4680 if (proto == Q_LINK) { 4681 switch (linktype) { 4682 4683 case DLT_EN10MB: 4684 eaddr = pcap_ether_hostton(name); --- 21 unchanged lines hidden (view full) --- 4706 b = gen_thostop(eaddr, dir); 4707 free(eaddr); 4708 return b; 4709 4710 case DLT_IEEE802_11: 4711 case DLT_IEEE802_11_RADIO_AVS: 4712 case DLT_IEEE802_11_RADIO: 4713 case DLT_PRISM_HEADER:	4990 4991 case Q_DEFAULT: 4992 case Q_HOST: 4993 if (proto == Q_LINK) { 4994 switch (linktype) { 4995 4996 case DLT_EN10MB: 4997 eaddr = pcap_ether_hostton(name); --- 21 unchanged lines hidden (view full) --- 5019 b = gen_thostop(eaddr, dir); 5020 free(eaddr); 5021 return b; 5022 5023 case DLT_IEEE802_11: 5024 case DLT_IEEE802_11_RADIO_AVS: 5025 case DLT_IEEE802_11_RADIO: 5026 case DLT_PRISM_HEADER:
	5027 case DLT_PPI:
4714 eaddr = pcap_ether_hostton(name); 4715 if (eaddr == NULL) 4716 bpf_error( 4717 "unknown 802.11 host '%s'", name); 4718 b = gen_wlanhostop(eaddr, dir); 4719 free(eaddr); 4720 return b; 4721 --- 31 unchanged lines hidden (view full) --- 4753 4754 bpf_error("only ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel supports link-level host name"); 4755 } else if (proto == Q_DECNET) { 4756 unsigned short dn_addr = __pcap_nametodnaddr(name); 4757 /* 4758 * I don't think DECNET hosts can be multihomed, so 4759 * there is no need to build up a list of addresses 4760 */	5028 eaddr = pcap_ether_hostton(name); 5029 if (eaddr == NULL) 5030 bpf_error( 5031 "unknown 802.11 host '%s'", name); 5032 b = gen_wlanhostop(eaddr, dir); 5033 free(eaddr); 5034 return b; 5035 --- 31 unchanged lines hidden (view full) --- 5067 5068 bpf_error("only ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel supports link-level host name"); 5069 } else if (proto == Q_DECNET) { 5070 unsigned short dn_addr = __pcap_nametodnaddr(name); 5071 /* 5072 * I don't think DECNET hosts can be multihomed, so 5073 * there is no need to build up a list of addresses 5074 */
4761 return (gen_host(dn_addr, 0, proto, dir));	5075 return (gen_host(dn_addr, 0, proto, dir, q.addr));
4762 } else { 4763#ifndef INET6 4764 alist = pcap_nametoaddr(name); 4765 if (alist == NULL \|\| alist == NULL) 4766* bpf_error("unknown host '%s'", name); 4767 tproto = proto; 4768 if (off_linktype == (u_int)-1 && tproto == Q_DEFAULT) 4769 tproto = Q_IP;	5076 } else { 5077#ifndef INET6 5078 alist = pcap_nametoaddr(name); 5079 if (alist == NULL \|\| alist == NULL) 5080* bpf_error("unknown host '%s'", name); 5081 tproto = proto; 5082 if (off_linktype == (u_int)-1 && tproto == Q_DEFAULT) 5083 tproto = Q_IP;
4770 b = gen_host(**alist++, 0xffffffff, tproto, dir);	5084 b = gen_host(**alist++, 0xffffffff, tproto, dir, q.addr);
4771 while (alist) { 4772* tmp = gen_host(**alist++, 0xffffffff,	5085 while (alist) { 5086* tmp = gen_host(**alist++, 0xffffffff,
4773 tproto, dir);	5087 tproto, dir, q.addr);
4774 gen_or(b, tmp); 4775 b = tmp; 4776 } 4777 return b; 4778#else 4779 memset(&mask128, 0xff, sizeof(mask128)); 4780 res0 = res = pcap_nametoaddrinfo(name); 4781 if (res == NULL) --- 5 unchanged lines hidden (view full) --- 4787 tproto6 = Q_IPV6; 4788 } 4789 for (res = res0; res; res = res->ai_next) { 4790 switch (res->ai_family) { 4791 case AF_INET: 4792 if (tproto == Q_IPV6) 4793 continue; 4794	5088 gen_or(b, tmp); 5089 b = tmp; 5090 } 5091 return b; 5092#else 5093 memset(&mask128, 0xff, sizeof(mask128)); 5094 res0 = res = pcap_nametoaddrinfo(name); 5095 if (res == NULL) --- 5 unchanged lines hidden (view full) --- 5101 tproto6 = Q_IPV6; 5102 } 5103 for (res = res0; res; res = res->ai_next) { 5104 switch (res->ai_family) { 5105 case AF_INET: 5106 if (tproto == Q_IPV6) 5107 continue; 5108
4795 sin = (struct sockaddr_in *)	5109 sin4 = (struct sockaddr_in *)
4796 res->ai_addr;	5110 res->ai_addr;
4797 tmp = gen_host(ntohl(sin->sin_addr.s_addr), 4798 0xffffffff, tproto, dir);	5111 tmp = gen_host(ntohl(sin4->sin_addr.s_addr), 5112 0xffffffff, tproto, dir, q.addr);
4799 break; 4800 case AF_INET6: 4801 if (tproto6 == Q_IP) 4802 continue; 4803 4804 sin6 = (struct sockaddr_in6 ) 4805* res->ai_addr; 4806 tmp = gen_host6(&sin6->sin6_addr,	5113 break; 5114 case AF_INET6: 5115 if (tproto6 == Q_IP) 5116 continue; 5117 5118 sin6 = (struct sockaddr_in6 ) 5119* res->ai_addr; 5120 tmp = gen_host6(&sin6->sin6_addr,
4807 &mask128, tproto6, dir);	5121 &mask128, tproto6, dir, q.addr);
4808 break; 4809 default: 4810 continue; 4811 } 4812 if (b) 4813 gen_or(b, tmp); 4814 b = tmp; 4815 } --- 41 unchanged lines hidden (view full) --- 4857 bpf_error("port '%s' is tcp", name); 4858 else 4859 /* override PROTO_UNDEF / 4860* real_proto = IPPROTO_SCTP; 4861 } 4862#ifndef INET6 4863 return gen_port(port, real_proto, dir); 4864#else	5122 break; 5123 default: 5124 continue; 5125 } 5126 if (b) 5127 gen_or(b, tmp); 5128 b = tmp; 5129 } --- 41 unchanged lines hidden (view full) --- 5171 bpf_error("port '%s' is tcp", name); 5172 else 5173 /* override PROTO_UNDEF / 5174* real_proto = IPPROTO_SCTP; 5175 } 5176#ifndef INET6 5177 return gen_port(port, real_proto, dir); 5178#else
4865 { 4866 struct block *b;
4867 b = gen_port(port, real_proto, dir); 4868 gen_or(gen_port6(port, real_proto, dir), b); 4869 return b;	5179 b = gen_port(port, real_proto, dir); 5180 gen_or(gen_port6(port, real_proto, dir), b); 5181 return b;
4870 }
4871#endif /* INET6 / 4872* 4873 case Q_PORTRANGE: 4874 if (proto != Q_DEFAULT && 4875 proto != Q_UDP && proto != Q_TCP && proto != Q_SCTP) 4876 bpf_error("illegal qualifier of 'portrange'"); 4877 if (pcap_nametoportrange(name, &port1, &port2, &real_proto) == 0) 4878 bpf_error("unknown port in range '%s'", name); --- 22 unchanged lines hidden (view full) --- 4901 bpf_error("port in range '%s' is tcp", name); 4902 else 4903 /* override PROTO_UNDEF / 4904* real_proto = IPPROTO_SCTP; 4905 } 4906#ifndef INET6 4907 return gen_portrange(port1, port2, real_proto, dir); 4908#else	5182#endif /* INET6 / 5183* 5184 case Q_PORTRANGE: 5185 if (proto != Q_DEFAULT && 5186 proto != Q_UDP && proto != Q_TCP && proto != Q_SCTP) 5187 bpf_error("illegal qualifier of 'portrange'"); 5188 if (pcap_nametoportrange(name, &port1, &port2, &real_proto) == 0) 5189 bpf_error("unknown port in range '%s'", name); --- 22 unchanged lines hidden (view full) --- 5212 bpf_error("port in range '%s' is tcp", name); 5213 else 5214 /* override PROTO_UNDEF / 5215* real_proto = IPPROTO_SCTP; 5216 } 5217#ifndef INET6 5218 return gen_portrange(port1, port2, real_proto, dir); 5219#else
4909 { 4910 struct block *b;
4911 b = gen_portrange(port1, port2, real_proto, dir); 4912 gen_or(gen_portrange6(port1, port2, real_proto, dir), b); 4913 return b;	5220 b = gen_portrange(port1, port2, real_proto, dir); 5221 gen_or(gen_portrange6(port1, port2, real_proto, dir), b); 5222 return b;
4914 }
4915#endif /* INET6 / 4916* 4917 case Q_GATEWAY: 4918#ifndef INET6 4919 eaddr = pcap_ether_hostton(name); 4920 if (eaddr == NULL) 4921 bpf_error("unknown ether host: %s", name); 4922 --- 49 unchanged lines hidden (view full) --- 4972 m <<= 32 - mlen; 4973 if ((n & ~m) != 0) 4974 bpf_error("non-network bits set in \"%s mask %s\"", 4975 s1, s2); 4976 } else { 4977 /* Convert mask len to mask / 4978* if (masklen > 32) 4979 bpf_error("mask length must be <= 32");	5223#endif /* INET6 / 5224* 5225 case Q_GATEWAY: 5226#ifndef INET6 5227 eaddr = pcap_ether_hostton(name); 5228 if (eaddr == NULL) 5229 bpf_error("unknown ether host: %s", name); 5230 --- 49 unchanged lines hidden (view full) --- 5280 m <<= 32 - mlen; 5281 if ((n & ~m) != 0) 5282 bpf_error("non-network bits set in \"%s mask %s\"", 5283 s1, s2); 5284 } else { 5285 /* Convert mask len to mask / 5286* if (masklen > 32) 5287 bpf_error("mask length must be <= 32");
4980 m = 0xffffffff << (32 - masklen);	5288 if (masklen == 0) { 5289 /* 5290 * X << 32 is not guaranteed by C to be 0; it's 5291 * undefined. 5292 / 5293* m = 0; 5294 } else 5295 m = 0xffffffff << (32 - masklen);
4981 if ((n & ~m) != 0) 4982 bpf_error("non-network bits set in \"%s/%d\"", 4983 s1, masklen); 4984 } 4985 4986 switch (q.addr) { 4987 4988 case Q_NET:	5296 if ((n & ~m) != 0) 5297 bpf_error("non-network bits set in \"%s/%d\"", 5298 s1, masklen); 5299 } 5300 5301 switch (q.addr) { 5302 5303 case Q_NET:
4989 return gen_host(n, m, q.proto, q.dir);	5304 return gen_host(n, m, q.proto, q.dir, q.addr);
4990 4991 default: 4992 bpf_error("Mask syntax for networks only"); 4993 /* NOTREACHED / 4994* } 4995 /* NOTREACHED */	5305 5306 default: 5307 bpf_error("Mask syntax for networks only"); 5308 /* NOTREACHED / 5309* } 5310 /* NOTREACHED */
	5311 return NULL;
4996} 4997 4998struct block * 4999gen_ncode(s, v, q) 5000 register const char s; 5001* bpf_u_int32 v; 5002 struct qual q; 5003{ --- 10 unchanged lines hidden (view full) --- 5014 vlen = __pcap_atoin(s, &v); 5015 5016 switch (q.addr) { 5017 5018 case Q_DEFAULT: 5019 case Q_HOST: 5020 case Q_NET: 5021 if (proto == Q_DECNET)	5312} 5313 5314struct block * 5315gen_ncode(s, v, q) 5316 register const char s; 5317* bpf_u_int32 v; 5318 struct qual q; 5319{ --- 10 unchanged lines hidden (view full) --- 5330 vlen = __pcap_atoin(s, &v); 5331 5332 switch (q.addr) { 5333 5334 case Q_DEFAULT: 5335 case Q_HOST: 5336 case Q_NET: 5337 if (proto == Q_DECNET)
5022 return gen_host(v, 0, proto, dir);	5338 return gen_host(v, 0, proto, dir, q.addr);
5023 else if (proto == Q_LINK) { 5024 bpf_error("illegal link layer address"); 5025 } else { 5026 mask = 0xffffffff; 5027 if (s == NULL && q.addr == Q_NET) { 5028 /* Promote short net number / 5029* while (v && (v & 0xff000000) == 0) { 5030 v <<= 8; 5031 mask <<= 8; 5032 } 5033 } else { 5034 /* Promote short ipaddr / 5035* v <<= 32 - vlen; 5036 mask <<= 32 - vlen; 5037 }	5339 else if (proto == Q_LINK) { 5340 bpf_error("illegal link layer address"); 5341 } else { 5342 mask = 0xffffffff; 5343 if (s == NULL && q.addr == Q_NET) { 5344 /* Promote short net number / 5345* while (v && (v & 0xff000000) == 0) { 5346 v <<= 8; 5347 mask <<= 8; 5348 } 5349 } else { 5350 /* Promote short ipaddr / 5351* v <<= 32 - vlen; 5352 mask <<= 32 - vlen; 5353 }
5038 return gen_host(v, mask, proto, dir);	5354 return gen_host(v, mask, proto, dir, q.addr);
5039 } 5040 5041 case Q_PORT: 5042 if (proto == Q_UDP) 5043 proto = IPPROTO_UDP; 5044 else if (proto == Q_TCP) 5045 proto = IPPROTO_TCP; 5046 else if (proto == Q_SCTP) --- 101 unchanged lines hidden (view full) --- 5148 5149 case Q_DEFAULT: 5150 case Q_HOST: 5151 if (masklen != 128) 5152 bpf_error("Mask syntax for networks only"); 5153 /* FALLTHROUGH / 5154* 5155 case Q_NET:	5355 } 5356 5357 case Q_PORT: 5358 if (proto == Q_UDP) 5359 proto = IPPROTO_UDP; 5360 else if (proto == Q_TCP) 5361 proto = IPPROTO_TCP; 5362 else if (proto == Q_SCTP) --- 101 unchanged lines hidden (view full) --- 5464 5465 case Q_DEFAULT: 5466 case Q_HOST: 5467 if (masklen != 128) 5468 bpf_error("Mask syntax for networks only"); 5469 /* FALLTHROUGH / 5470* 5471 case Q_NET:
5156 b = gen_host6(addr, &mask, q.proto, q.dir);	5472 b = gen_host6(addr, &mask, q.proto, q.dir, q.addr);
5157 freeaddrinfo(res); 5158 return b; 5159 5160 default: 5161 bpf_error("invalid qualifier against IPv6 address"); 5162 /* NOTREACHED / 5163* }	5473 freeaddrinfo(res); 5474 return b; 5475 5476 default: 5477 bpf_error("invalid qualifier against IPv6 address"); 5478 /* NOTREACHED / 5479* }
	5480 return NULL;
5164} 5165#endif /INET6/ 5166 5167struct block * 5168gen_ecode(eaddr, q) 5169 register const u_char eaddr; 5170* struct qual q; 5171{ 5172 struct block b, tmp; 5173 5174 if ((q.addr == Q_HOST \|\| q.addr == Q_DEFAULT) && q.proto == Q_LINK) {	5481} 5482#endif /INET6/ 5483 5484struct block * 5485gen_ecode(eaddr, q) 5486 register const u_char eaddr; 5487* struct qual q; 5488{ 5489 struct block b, tmp; 5490 5491 if ((q.addr == Q_HOST \|\| q.addr == Q_DEFAULT) && q.proto == Q_LINK) {
5175 if (linktype == DLT_EN10MB) 5176 return gen_ehostop(eaddr, (int)q.dir); 5177 if (linktype == DLT_FDDI) 5178 return gen_fhostop(eaddr, (int)q.dir); 5179 if (linktype == DLT_IEEE802) 5180 return gen_thostop(eaddr, (int)q.dir); 5181 if (linktype == DLT_IEEE802_11 \|\| 5182 linktype == DLT_IEEE802_11_RADIO_AVS \|\| 5183 linktype == DLT_IEEE802_11_RADIO \|\| 5184 linktype == DLT_PRISM_HEADER) 5185 return gen_wlanhostop(eaddr, (int)q.dir); 5186 if (linktype == DLT_SUNATM && is_lane) { 5187 /* 5188 * Check that the packet doesn't begin with an 5189 * LE Control marker. (We've already generated 5190 * a test for LANE.) 5191 / 5192* tmp = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 5193 0xFF00); 5194 gen_not(tmp);	5492 switch (linktype) { 5493 case DLT_EN10MB: 5494 return gen_ehostop(eaddr, (int)q.dir); 5495 case DLT_FDDI: 5496 return gen_fhostop(eaddr, (int)q.dir); 5497 case DLT_IEEE802: 5498 return gen_thostop(eaddr, (int)q.dir); 5499 case DLT_IEEE802_11: 5500 case DLT_IEEE802_11_RADIO_AVS: 5501 case DLT_IEEE802_11_RADIO: 5502 case DLT_PRISM_HEADER: 5503 case DLT_PPI: 5504 return gen_wlanhostop(eaddr, (int)q.dir); 5505 case DLT_SUNATM: 5506 if (is_lane) { 5507 /* 5508 * Check that the packet doesn't begin with an 5509 * LE Control marker. (We've already generated 5510 * a test for LANE.) 5511 / 5512* tmp = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 5513 0xFF00); 5514 gen_not(tmp);
5195	5515
5196 /* 5197 * Now check the MAC address. 5198 / 5199* b = gen_ehostop(eaddr, (int)q.dir); 5200 gen_and(tmp, b); 5201 return b; 5202 } 5203 if (linktype == DLT_IP_OVER_FC) 5204 return gen_ipfchostop(eaddr, (int)q.dir); 5205 bpf_error("ethernet addresses supported only on ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel");	5516 /* 5517 * Now check the MAC address. 5518 / 5519* b = gen_ehostop(eaddr, (int)q.dir); 5520 gen_and(tmp, b); 5521 return b; 5522 } 5523 break; 5524 case DLT_IP_OVER_FC: 5525 return gen_ipfchostop(eaddr, (int)q.dir); 5526 default: 5527 bpf_error("ethernet addresses supported only on ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel"); 5528 break; 5529 }
5206 } 5207 bpf_error("ethernet address used in non-ether expression"); 5208 /* NOTREACHED */	5530 } 5531 bpf_error("ethernet address used in non-ether expression"); 5532 /* NOTREACHED */
	5533 return NULL;
5209} 5210 5211void 5212sappend(s0, s1) 5213 struct slist s0, s1; 5214{ 5215 /* 5216 * This is definitely not the best way to do this, but the --- 29 unchanged lines hidden (view full) --- 5246/* 5247 * Modify "index" to use the value stored into its register as an 5248 * offset relative to the beginning of the header for the protocol 5249 * "proto", and allocate a register and put an item "size" bytes long 5250 * (1, 2, or 4) at that offset into that register, making it the register 5251 * for "index". 5252 / 5253struct arth	5534} 5535 5536void 5537sappend(s0, s1) 5538 struct slist s0, s1; 5539{ 5540 /* 5541 * This is definitely not the best way to do this, but the --- 29 unchanged lines hidden (view full) --- 5571/* 5572 * Modify "index" to use the value stored into its register as an 5573 * offset relative to the beginning of the header for the protocol 5574 * "proto", and allocate a register and put an item "size" bytes long 5575 * (1, 2, or 4) at that offset into that register, making it the register 5576 * for "index". 5577 / 5578struct arth
5254gen_load(proto, index, size)	5579gen_load(proto, inst, size)
5255 int proto;	5580 int proto;
5256 struct arth *index;	5581 struct arth *inst;
5257 int size; 5258{ 5259 struct slist s, tmp; 5260 struct block b; 5261* int regno = alloc_reg(); 5262	5582 int size; 5583{ 5584 struct slist s, tmp; 5585 struct block b; 5586* int regno = alloc_reg(); 5587
5263 free_reg(index->regno);	5588 free_reg(inst->regno);
5264 switch (size) { 5265 5266 default: 5267 bpf_error("data size must be 1, 2, or 4"); 5268 5269 case 1: 5270 size = BPF_B; 5271 break; --- 20 unchanged lines hidden (view full) --- 5292 linktype != DLT_IEEE802_11_RADIO && 5293 linktype != DLT_PRISM_HEADER) 5294 bpf_error("radio information not present in capture"); 5295 5296 /* 5297 * Load into the X register the offset computed into the 5298 * register specifed by "index". 5299 */	5589 switch (size) { 5590 5591 default: 5592 bpf_error("data size must be 1, 2, or 4"); 5593 5594 case 1: 5595 size = BPF_B; 5596 break; --- 20 unchanged lines hidden (view full) --- 5617 linktype != DLT_IEEE802_11_RADIO && 5618 linktype != DLT_PRISM_HEADER) 5619 bpf_error("radio information not present in capture"); 5620 5621 /* 5622 * Load into the X register the offset computed into the 5623 * register specifed by "index". 5624 */
5300 s = xfer_to_x(index);	5625 s = xfer_to_x(inst);
5301 5302 /* 5303 * Load the item at that offset. 5304 / 5305* tmp = new_stmt(BPF_LD\|BPF_IND\|size); 5306 sappend(s, tmp);	5626 5627 /* 5628 * Load the item at that offset. 5629 / 5630* tmp = new_stmt(BPF_LD\|BPF_IND\|size); 5631 sappend(s, tmp);
5307 sappend(index->s, s);	5632 sappend(inst->s, s);
5308 break; 5309 5310 case Q_LINK: 5311 /* 5312 * The offset is relative to the beginning of 5313 * the link-layer header. 5314 * 5315 * XXX - what about ATM LANE? Should the index be --- 10 unchanged lines hidden (view full) --- 5326 * X register contains the length of the prefix preceding 5327 * the link-layer header. Add to it the offset computed 5328 * into the register specified by "index", and move that 5329 * into the X register. Otherwise, just load into the X 5330 * register the offset computed into the register specifed 5331 * by "index". 5332 / 5333* if (s != NULL) {	5633 break; 5634 5635 case Q_LINK: 5636 /* 5637 * The offset is relative to the beginning of 5638 * the link-layer header. 5639 * 5640 * XXX - what about ATM LANE? Should the index be --- 10 unchanged lines hidden (view full) --- 5651 * X register contains the length of the prefix preceding 5652 * the link-layer header. Add to it the offset computed 5653 * into the register specified by "index", and move that 5654 * into the X register. Otherwise, just load into the X 5655 * register the offset computed into the register specifed 5656 * by "index". 5657 / 5658* if (s != NULL) {
5334 sappend(s, xfer_to_a(index));	5659 sappend(s, xfer_to_a(inst));
5335 sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 5336 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 5337 } else	5660 sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 5661 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 5662 } else
5338 s = xfer_to_x(index);	5663 s = xfer_to_x(inst);
5339 5340 /* 5341 * Load the item at the sum of the offset we've put in the 5342 * X register and the offset of the start of the link 5343 * layer header (which is 0 if the radio header is 5344 * variable-length; that header length is what we put 5345 * into the X register and then added to the index). 5346 / 5347* tmp = new_stmt(BPF_LD\|BPF_IND\|size); 5348 tmp->s.k = off_ll; 5349 sappend(s, tmp);	5664 5665 /* 5666 * Load the item at the sum of the offset we've put in the 5667 * X register and the offset of the start of the link 5668 * layer header (which is 0 if the radio header is 5669 * variable-length; that header length is what we put 5670 * into the X register and then added to the index). 5671 / 5672* tmp = new_stmt(BPF_LD\|BPF_IND\|size); 5673 tmp->s.k = off_ll; 5674 sappend(s, tmp);
5350 sappend(index->s, s);	5675 sappend(inst->s, s);
5351 break; 5352 5353 case Q_IP: 5354 case Q_ARP: 5355 case Q_RARP: 5356 case Q_ATALK: 5357 case Q_DECNET: 5358 case Q_SCA: --- 16 unchanged lines hidden (view full) --- 5375 * X register contains the length of the prefix preceding 5376 * the link-layer header. Add to it the offset computed 5377 * into the register specified by "index", and move that 5378 * into the X register. Otherwise, just load into the X 5379 * register the offset computed into the register specifed 5380 * by "index". 5381 / 5382* if (s != NULL) {	5676 break; 5677 5678 case Q_IP: 5679 case Q_ARP: 5680 case Q_RARP: 5681 case Q_ATALK: 5682 case Q_DECNET: 5683 case Q_SCA: --- 16 unchanged lines hidden (view full) --- 5700 * X register contains the length of the prefix preceding 5701 * the link-layer header. Add to it the offset computed 5702 * into the register specified by "index", and move that 5703 * into the X register. Otherwise, just load into the X 5704 * register the offset computed into the register specifed 5705 * by "index". 5706 / 5707* if (s != NULL) {
5383 sappend(s, xfer_to_a(index));	5708 sappend(s, xfer_to_a(inst));
5384 sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 5385 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 5386 } else	5709 sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 5710 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 5711 } else
5387 s = xfer_to_x(index);	5712 s = xfer_to_x(inst);
5388 5389 /* 5390 * Load the item at the sum of the offset we've put in the	5713 5714 /* 5715 * Load the item at the sum of the offset we've put in the
5391 * X register and the offset of the start of the network 5392 * layer header.	5716 * X register, the offset of the start of the network 5717 * layer header, and the offset of the start of the link 5718 * layer header (which is 0 if the radio header is 5719 * variable-length; that header length is what we put 5720 * into the X register and then added to the index).
5393 / 5394* tmp = new_stmt(BPF_LD\|BPF_IND\|size);	5721 / 5722* tmp = new_stmt(BPF_LD\|BPF_IND\|size);
5395 tmp->s.k = off_nl;	5723 tmp->s.k = off_ll + off_nl;
5396 sappend(s, tmp);	5724 sappend(s, tmp);
5397 sappend(index->s, s);	5725 sappend(inst->s, s);
5398 5399 /* 5400 * Do the computation only if the packet contains 5401 * the protocol in question. 5402 / 5403* b = gen_proto_abbrev(proto);	5726 5727 /* 5728 * Do the computation only if the packet contains 5729 * the protocol in question. 5730 / 5731* b = gen_proto_abbrev(proto);
5404 if (index->b) 5405 gen_and(index->b, b); 5406 index->b = b;	5732 if (inst->b) 5733 gen_and(inst->b, b); 5734 inst->b = b;
5407 break; 5408 5409 case Q_SCTP: 5410 case Q_TCP: 5411 case Q_UDP: 5412 case Q_ICMP: 5413 case Q_IGMP: 5414 case Q_IGRP: 5415 case Q_PIM: 5416 case Q_VRRP: 5417 /* 5418 * The offset is relative to the beginning of 5419 * the transport-layer header.	5735 break; 5736 5737 case Q_SCTP: 5738 case Q_TCP: 5739 case Q_UDP: 5740 case Q_ICMP: 5741 case Q_IGMP: 5742 case Q_IGRP: 5743 case Q_PIM: 5744 case Q_VRRP: 5745 /* 5746 * The offset is relative to the beginning of 5747 * the transport-layer header.
	5748 * 5749 * Load the X register with the length of the IPv4 header 5750 * (plus the offset of the link-layer header, if it's 5751 * a variable-length header), in bytes. 5752 *
5420 * XXX - are there any cases where we want 5421 * off_nl_nosnap? 5422 * XXX - we should, if we're built with 5423 * IPv6 support, generate code to load either 5424 * IPv4, IPv6, or both, as appropriate. 5425 / 5426* s = gen_loadx_iphdrlen(); 5427 5428 /*	5753 * XXX - are there any cases where we want 5754 * off_nl_nosnap? 5755 * XXX - we should, if we're built with 5756 * IPv6 support, generate code to load either 5757 * IPv4, IPv6, or both, as appropriate. 5758 / 5759* s = gen_loadx_iphdrlen(); 5760 5761 /*
5429 * The X register now contains the sum of the offset 5430 * of the beginning of the link-layer header and 5431 * the length of the network-layer header. Load 5432 * into the A register the offset relative to	5762 * The X register now contains the sum of the length 5763 * of any variable-length header preceding the link-layer 5764 * header and the length of the network-layer header. 5765 * Load into the A register the offset relative to
5433 * the beginning of the transport layer header, 5434 * add the X register to that, move that to the 5435 * X register, and load with an offset from the 5436 * X register equal to the offset of the network 5437 * layer header relative to the beginning of	5766 * the beginning of the transport layer header, 5767 * add the X register to that, move that to the 5768 * X register, and load with an offset from the 5769 * X register equal to the offset of the network 5770 * layer header relative to the beginning of
5438 * the link-layer header.	5771 * the link-layer header plus the length of any 5772 * fixed-length header preceding the link-layer 5773 * header.
5439 */	5774 */
5440 sappend(s, xfer_to_a(index));	5775 sappend(s, xfer_to_a(inst));
5441 sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 5442 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 5443 sappend(s, tmp = new_stmt(BPF_LD\|BPF_IND\|size));	5776 sappend(s, new_stmt(BPF_ALU\|BPF_ADD\|BPF_X)); 5777 sappend(s, new_stmt(BPF_MISC\|BPF_TAX)); 5778 sappend(s, tmp = new_stmt(BPF_LD\|BPF_IND\|size));
5444 tmp->s.k = off_nl; 5445 sappend(index->s, s);	5779 tmp->s.k = off_ll + off_nl; 5780 sappend(inst->s, s);
5446 5447 /* 5448 * Do the computation only if the packet contains 5449 * the protocol in question - which is true only 5450 * if this is an IP datagram and is the first or 5451 * only fragment of that datagram. 5452 / 5453* gen_and(gen_proto_abbrev(proto), b = gen_ipfrag());	5781 5782 /* 5783 * Do the computation only if the packet contains 5784 * the protocol in question - which is true only 5785 * if this is an IP datagram and is the first or 5786 * only fragment of that datagram. 5787 / 5788* gen_and(gen_proto_abbrev(proto), b = gen_ipfrag());
5454 if (index->b) 5455 gen_and(index->b, b);	5789 if (inst->b) 5790 gen_and(inst->b, b);
5456#ifdef INET6 5457 gen_and(gen_proto_abbrev(Q_IP), b); 5458#endif	5791#ifdef INET6 5792 gen_and(gen_proto_abbrev(Q_IP), b); 5793#endif
5459 index->b = b;	5794 inst->b = b;
5460 break; 5461#ifdef INET6 5462 case Q_ICMPV6: 5463 bpf_error("IPv6 upper-layer protocol is not supported by proto[x]"); 5464 /NOTREACHED/ 5465#endif 5466 }	5795 break; 5796#ifdef INET6 5797 case Q_ICMPV6: 5798 bpf_error("IPv6 upper-layer protocol is not supported by proto[x]"); 5799 /NOTREACHED/ 5800#endif 5801 }
5467 index->regno = regno;	5802 inst->regno = regno;
5468 s = new_stmt(BPF_ST); 5469 s->s.k = regno;	5803 s = new_stmt(BPF_ST); 5804 s->s.k = regno;
5470 sappend(index->s, s);	5805 sappend(inst->s, s);
5471	5806
5472 return index;	5807 return inst;
5473} 5474 5475struct block * 5476gen_relation(code, a0, a1, reversed) 5477 int code; 5478 struct arth a0, a1; 5479 int reversed; 5480{ --- 139 unchanged lines hidden (view full) --- 5620 curreg = (curreg + 1) % BPF_MEMWORDS; 5621 else { 5622 regused[curreg] = 1; 5623 return curreg; 5624 } 5625 } 5626 bpf_error("too many registers needed to evaluate expression"); 5627 /* NOTREACHED */	5808} 5809 5810struct block * 5811gen_relation(code, a0, a1, reversed) 5812 int code; 5813 struct arth a0, a1; 5814 int reversed; 5815{ --- 139 unchanged lines hidden (view full) --- 5955 curreg = (curreg + 1) % BPF_MEMWORDS; 5956 else { 5957 regused[curreg] = 1; 5958 return curreg; 5959 } 5960 } 5961 bpf_error("too many registers needed to evaluate expression"); 5962 /* NOTREACHED */
	5963 return 0;
5628} 5629 5630/* 5631 * Return a register to the table so it can 5632 * be used later. 5633 / 5634static void 5635free_reg(n) --- 96 unchanged lines hidden* (view full) --- 5732 bpf_u_int32 hostmask; 5733 struct block b0, b1, b2; 5734* static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 5735 5736 switch (proto) { 5737 5738 case Q_DEFAULT: 5739 case Q_LINK:	5964} 5965 5966/* 5967 * Return a register to the table so it can 5968 * be used later. 5969 / 5970static void 5971free_reg(n) --- 96 unchanged lines hidden* (view full) --- 6068 bpf_u_int32 hostmask; 6069 struct block b0, b1, b2; 6070* static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 6071 6072 switch (proto) { 6073 6074 case Q_DEFAULT: 6075 case Q_LINK:
5740 if (linktype == DLT_ARCNET \|\| linktype == DLT_ARCNET_LINUX) 5741 return gen_ahostop(abroadcast, Q_DST); 5742 if (linktype == DLT_EN10MB) 5743 return gen_ehostop(ebroadcast, Q_DST); 5744 if (linktype == DLT_FDDI) 5745 return gen_fhostop(ebroadcast, Q_DST); 5746 if (linktype == DLT_IEEE802) 5747 return gen_thostop(ebroadcast, Q_DST); 5748 if (linktype == DLT_IEEE802_11 \|\| 5749 linktype == DLT_IEEE802_11_RADIO_AVS \|\| 5750 linktype == DLT_IEEE802_11_RADIO \|\| 5751 linktype == DLT_PRISM_HEADER) 5752 return gen_wlanhostop(ebroadcast, Q_DST); 5753 if (linktype == DLT_IP_OVER_FC) 5754 return gen_ipfchostop(ebroadcast, Q_DST); 5755 if (linktype == DLT_SUNATM && is_lane) {	6076 switch (linktype) { 6077 case DLT_ARCNET: 6078 case DLT_ARCNET_LINUX: 6079 return gen_ahostop(abroadcast, Q_DST); 6080 case DLT_EN10MB: 6081 return gen_ehostop(ebroadcast, Q_DST); 6082 case DLT_FDDI: 6083 return gen_fhostop(ebroadcast, Q_DST); 6084 case DLT_IEEE802: 6085 return gen_thostop(ebroadcast, Q_DST); 6086 case DLT_IEEE802_11: 6087 case DLT_IEEE802_11_RADIO_AVS: 6088 case DLT_IEEE802_11_RADIO: 6089 case DLT_PPI: 6090 case DLT_PRISM_HEADER: 6091 return gen_wlanhostop(ebroadcast, Q_DST); 6092 case DLT_IP_OVER_FC: 6093 return gen_ipfchostop(ebroadcast, Q_DST); 6094 case DLT_SUNATM: 6095 if (is_lane) {
5756 /* 5757 * Check that the packet doesn't begin with an 5758 * LE Control marker. (We've already generated 5759 * a test for LANE.) 5760 / 5761* b1 = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 5762 0xFF00); 5763 gen_not(b1); 5764 5765 /* 5766 * Now check the MAC address. 5767 / 5768* b0 = gen_ehostop(ebroadcast, Q_DST); 5769 gen_and(b1, b0); 5770 return b0;	6096 /* 6097 * Check that the packet doesn't begin with an 6098 * LE Control marker. (We've already generated 6099 * a test for LANE.) 6100 / 6101* b1 = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 6102 0xFF00); 6103 gen_not(b1); 6104 6105 /* 6106 * Now check the MAC address. 6107 / 6108* b0 = gen_ehostop(ebroadcast, Q_DST); 6109 gen_and(b1, b0); 6110 return b0;
5771 } 5772 bpf_error("not a broadcast link");	6111 } 6112 break; 6113 default: 6114 bpf_error("not a broadcast link"); 6115 }
5773 break; 5774 5775 case Q_IP: 5776 b0 = gen_linktype(ETHERTYPE_IP); 5777 hostmask = ~netmask; 5778 b1 = gen_mcmp(OR_NET, 16, BPF_W, (bpf_int32)0, hostmask); 5779 b2 = gen_mcmp(OR_NET, 16, BPF_W, 5780 (bpf_int32)(~0 & hostmask), hostmask); 5781 gen_or(b1, b2); 5782 gen_and(b0, b2); 5783 return b2; 5784 } 5785 bpf_error("only link-layer/IP broadcast filters supported"); 5786 /* NOTREACHED */	6116 break; 6117 6118 case Q_IP: 6119 b0 = gen_linktype(ETHERTYPE_IP); 6120 hostmask = ~netmask; 6121 b1 = gen_mcmp(OR_NET, 16, BPF_W, (bpf_int32)0, hostmask); 6122 b2 = gen_mcmp(OR_NET, 16, BPF_W, 6123 (bpf_int32)(~0 & hostmask), hostmask); 6124 gen_or(b1, b2); 6125 gen_and(b0, b2); 6126 return b2; 6127 } 6128 bpf_error("only link-layer/IP broadcast filters supported"); 6129 /* NOTREACHED */
	6130 return NULL;
5787} 5788 5789/* 5790 * Generate code to test the low-order bit of a MAC address (that's 5791 * the bottom bit of the first byte). 5792 / 5793static struct block 5794gen_mac_multicast(offset) --- 16 unchanged lines hidden (view full) --- 5811{ 5812 register struct block b0, b1, b2; 5813* register struct slist s; 5814* 5815 switch (proto) { 5816 5817 case Q_DEFAULT: 5818 case Q_LINK:	6131} 6132 6133/* 6134 * Generate code to test the low-order bit of a MAC address (that's 6135 * the bottom bit of the first byte). 6136 / 6137static struct block 6138gen_mac_multicast(offset) --- 16 unchanged lines hidden (view full) --- 6155{ 6156 register struct block b0, b1, b2; 6157* register struct slist s; 6158* 6159 switch (proto) { 6160 6161 case Q_DEFAULT: 6162 case Q_LINK:
5819 if (linktype == DLT_ARCNET \|\| linktype == DLT_ARCNET_LINUX) 5820 /* all ARCnet multicasts use the same address / 5821* return gen_ahostop(abroadcast, Q_DST); 5822 5823 if (linktype == DLT_EN10MB) { 5824 /* ether[0] & 1 != 0 / 5825* return gen_mac_multicast(0); 5826 } 5827 5828 if (linktype == DLT_FDDI) {	6163 switch (linktype) { 6164 case DLT_ARCNET: 6165 case DLT_ARCNET_LINUX: 6166 /* all ARCnet multicasts use the same address / 6167* return gen_ahostop(abroadcast, Q_DST); 6168 case DLT_EN10MB: 6169 /* ether[0] & 1 != 0 / 6170* return gen_mac_multicast(0); 6171 case DLT_FDDI: 6172 /* 6173 * XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX 6174 * 6175 * XXX - was that referring to bit-order issues? 6176 / 6177* /* fddi[1] & 1 != 0 / 6178* return gen_mac_multicast(1); 6179 case DLT_IEEE802: 6180 /* tr[2] & 1 != 0 / 6181* return gen_mac_multicast(2); 6182 case DLT_IEEE802_11: 6183 case DLT_IEEE802_11_RADIO_AVS: 6184 case DLT_PPI: 6185 case DLT_IEEE802_11_RADIO: 6186 case DLT_PRISM_HEADER: 6187 /* 6188 * Oh, yuk. 6189 * 6190 * For control frames, there is no DA. 6191 * 6192 * For management frames, DA is at an 6193 * offset of 4 from the beginning of 6194 * the packet. 6195 * 6196 * For data frames, DA is at an offset 6197 * of 4 from the beginning of the packet 6198 * if To DS is clear and at an offset of 6199 * 16 from the beginning of the packet 6200 * if To DS is set. 6201 / 6202* 6203 /* 6204 * Generate the tests to be done for data frames. 6205 * 6206 * First, check for To DS set, i.e. "link[1] & 0x01". 6207 / 6208* s = gen_load_a(OR_LINK, 1, BPF_B); 6209 b1 = new_block(JMP(BPF_JSET)); 6210 b1->s.k = 0x01; /* To DS / 6211* b1->stmts = s; 6212 6213 /* 6214 * If To DS is set, the DA is at 16. 6215 / 6216* b0 = gen_mac_multicast(16); 6217 gen_and(b1, b0); 6218 6219 /* 6220 * Now, check for To DS not set, i.e. check 6221 * "!(link[1] & 0x01)". 6222 / 6223* s = gen_load_a(OR_LINK, 1, BPF_B); 6224 b2 = new_block(JMP(BPF_JSET)); 6225 b2->s.k = 0x01; /* To DS / 6226* b2->stmts = s; 6227 gen_not(b2); 6228 6229 /* 6230 * If To DS is not set, the DA is at 4. 6231 / 6232* b1 = gen_mac_multicast(4); 6233 gen_and(b2, b1); 6234 6235 /* 6236 * Now OR together the last two checks. That gives 6237 * the complete set of checks for data frames. 6238 / 6239* gen_or(b1, b0); 6240 6241 /* 6242 * Now check for a data frame. 6243 * I.e, check "link[0] & 0x08". 6244 / 6245* s = gen_load_a(OR_LINK, 0, BPF_B); 6246 b1 = new_block(JMP(BPF_JSET)); 6247 b1->s.k = 0x08; 6248 b1->stmts = s; 6249 6250 /* 6251 * AND that with the checks done for data frames. 6252 / 6253* gen_and(b1, b0); 6254 6255 /* 6256 * If the high-order bit of the type value is 0, this 6257 * is a management frame. 6258 * I.e, check "!(link[0] & 0x08)". 6259 / 6260* s = gen_load_a(OR_LINK, 0, BPF_B); 6261 b2 = new_block(JMP(BPF_JSET)); 6262 b2->s.k = 0x08; 6263 b2->stmts = s; 6264 gen_not(b2); 6265 6266 /* 6267 * For management frames, the DA is at 4. 6268 / 6269* b1 = gen_mac_multicast(4); 6270 gen_and(b2, b1); 6271 6272 /* 6273 * OR that with the checks done for data frames. 6274 * That gives the checks done for management and 6275 * data frames. 6276 / 6277* gen_or(b1, b0); 6278 6279 /* 6280 * If the low-order bit of the type value is 1, 6281 * this is either a control frame or a frame 6282 * with a reserved type, and thus not a 6283 * frame with an SA. 6284 * 6285 * I.e., check "!(link[0] & 0x04)". 6286 / 6287* s = gen_load_a(OR_LINK, 0, BPF_B); 6288 b1 = new_block(JMP(BPF_JSET)); 6289 b1->s.k = 0x04; 6290 b1->stmts = s; 6291 gen_not(b1); 6292 6293 /* 6294 * AND that with the checks for data and management 6295 * frames. 6296 / 6297* gen_and(b1, b0); 6298 return b0; 6299 case DLT_IP_OVER_FC: 6300 b0 = gen_mac_multicast(2); 6301 return b0; 6302 case DLT_SUNATM: 6303 if (is_lane) {
5829 /*	6304 /*
5830 * XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX 5831 * 5832 * XXX - was that referring to bit-order issues? 5833 / 5834* /* fddi[1] & 1 != 0 / 5835* return gen_mac_multicast(1); 5836 } 5837 5838 if (linktype == DLT_IEEE802) { 5839 /* tr[2] & 1 != 0 / 5840* return gen_mac_multicast(2); 5841 } 5842 5843 if (linktype == DLT_IEEE802_11 \|\| 5844 linktype == DLT_IEEE802_11_RADIO_AVS \|\| 5845 linktype == DLT_IEEE802_11_RADIO \|\| 5846 linktype == DLT_PRISM_HEADER) { 5847 /* 5848 * Oh, yuk. 5849 * 5850 * For control frames, there is no DA. 5851 * 5852 * For management frames, DA is at an 5853 * offset of 4 from the beginning of 5854 * the packet. 5855 * 5856 * For data frames, DA is at an offset 5857 * of 4 from the beginning of the packet 5858 * if To DS is clear and at an offset of 5859 * 16 from the beginning of the packet 5860 * if To DS is set. 5861 / 5862* 5863 /* 5864 * Generate the tests to be done for data frames. 5865 * 5866 * First, check for To DS set, i.e. "link[1] & 0x01". 5867 / 5868* s = gen_load_a(OR_LINK, 1, BPF_B); 5869 b1 = new_block(JMP(BPF_JSET)); 5870 b1->s.k = 0x01; /* To DS / 5871* b1->stmts = s; 5872 5873 /* 5874 * If To DS is set, the DA is at 16. 5875 / 5876* b0 = gen_mac_multicast(16); 5877 gen_and(b1, b0); 5878 5879 /* 5880 * Now, check for To DS not set, i.e. check 5881 * "!(link[1] & 0x01)". 5882 / 5883* s = gen_load_a(OR_LINK, 1, BPF_B); 5884 b2 = new_block(JMP(BPF_JSET)); 5885 b2->s.k = 0x01; /* To DS / 5886* b2->stmts = s; 5887 gen_not(b2); 5888 5889 /* 5890 * If To DS is not set, the DA is at 4. 5891 / 5892* b1 = gen_mac_multicast(4); 5893 gen_and(b2, b1); 5894 5895 /* 5896 * Now OR together the last two checks. That gives 5897 * the complete set of checks for data frames. 5898 / 5899* gen_or(b1, b0); 5900 5901 /* 5902 * Now check for a data frame. 5903 * I.e, check "link[0] & 0x08". 5904 / 5905* s = gen_load_a(OR_LINK, 0, BPF_B); 5906 b1 = new_block(JMP(BPF_JSET)); 5907 b1->s.k = 0x08; 5908 b1->stmts = s; 5909 5910 /* 5911 * AND that with the checks done for data frames. 5912 / 5913* gen_and(b1, b0); 5914 5915 /* 5916 * If the high-order bit of the type value is 0, this 5917 * is a management frame. 5918 * I.e, check "!(link[0] & 0x08)". 5919 / 5920* s = gen_load_a(OR_LINK, 0, BPF_B); 5921 b2 = new_block(JMP(BPF_JSET)); 5922 b2->s.k = 0x08; 5923 b2->stmts = s; 5924 gen_not(b2); 5925 5926 /* 5927 * For management frames, the DA is at 4. 5928 / 5929* b1 = gen_mac_multicast(4); 5930 gen_and(b2, b1); 5931 5932 /* 5933 * OR that with the checks done for data frames. 5934 * That gives the checks done for management and 5935 * data frames. 5936 / 5937* gen_or(b1, b0); 5938 5939 /* 5940 * If the low-order bit of the type value is 1, 5941 * this is either a control frame or a frame 5942 * with a reserved type, and thus not a 5943 * frame with an SA. 5944 * 5945 * I.e., check "!(link[0] & 0x04)". 5946 / 5947* s = gen_load_a(OR_LINK, 0, BPF_B); 5948 b1 = new_block(JMP(BPF_JSET)); 5949 b1->s.k = 0x04; 5950 b1->stmts = s; 5951 gen_not(b1); 5952 5953 /* 5954 * AND that with the checks for data and management 5955 * frames. 5956 / 5957* gen_and(b1, b0); 5958 return b0; 5959 } 5960 5961 if (linktype == DLT_IP_OVER_FC) { 5962 b0 = gen_mac_multicast(2); 5963 return b0; 5964 } 5965 5966 if (linktype == DLT_SUNATM && is_lane) { 5967 /*
5968 * Check that the packet doesn't begin with an 5969 * LE Control marker. (We've already generated 5970 * a test for LANE.) 5971 / 5972* b1 = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 5973 0xFF00); 5974 gen_not(b1); 5975 5976 /* ether[off_mac] & 1 != 0 / 5977* b0 = gen_mac_multicast(off_mac); 5978 gen_and(b1, b0); 5979 return b0;	6305 * Check that the packet doesn't begin with an 6306 * LE Control marker. (We've already generated 6307 * a test for LANE.) 6308 / 6309* b1 = gen_cmp(OR_LINK, SUNATM_PKT_BEGIN_POS, BPF_H, 6310 0xFF00); 6311 gen_not(b1); 6312 6313 /* ether[off_mac] & 1 != 0 / 6314* b0 = gen_mac_multicast(off_mac); 6315 gen_and(b1, b0); 6316 return b0;
5980 }	6317 } 6318 break; 6319 default: 6320 break; 6321 } 6322 /* Link not known to support multicasts / 6323* break;
5981	6324
5982 /* Link not known to support multicasts / 5983* break; 5984
5985 case Q_IP: 5986 b0 = gen_linktype(ETHERTYPE_IP); 5987 b1 = gen_cmp_ge(OR_NET, 16, BPF_B, (bpf_int32)224); 5988 gen_and(b0, b1); 5989 return b1; 5990 5991#ifdef INET6 5992 case Q_IPV6: 5993 b0 = gen_linktype(ETHERTYPE_IPV6); 5994 b1 = gen_cmp(OR_NET, 24, BPF_B, (bpf_int32)255); 5995 gen_and(b0, b1); 5996 return b1; 5997#endif /* INET6 / 5998* } 5999 bpf_error("link-layer multicast filters supported only on ethernet/FDDI/token ring/ARCNET/802.11/ATM LANE/Fibre Channel"); 6000 /* NOTREACHED */	6325 case Q_IP: 6326 b0 = gen_linktype(ETHERTYPE_IP); 6327 b1 = gen_cmp_ge(OR_NET, 16, BPF_B, (bpf_int32)224); 6328 gen_and(b0, b1); 6329 return b1; 6330 6331#ifdef INET6 6332 case Q_IPV6: 6333 b0 = gen_linktype(ETHERTYPE_IPV6); 6334 b1 = gen_cmp(OR_NET, 24, BPF_B, (bpf_int32)255); 6335 gen_and(b0, b1); 6336 return b1; 6337#endif /* INET6 / 6338* } 6339 bpf_error("link-layer multicast filters supported only on ethernet/FDDI/token ring/ARCNET/802.11/ATM LANE/Fibre Channel"); 6340 /* NOTREACHED */
	6341 return NULL;
6001} 6002 6003/* 6004 * generate command for inbound/outbound. It's here so we can 6005 * make it link-type specific. 'dir' = 0 implies "inbound", 6006 * = 1 implies "outbound". 6007 / 6008struct block --- 29 unchanged lines hidden (view full) --- 6038 * XXX - packets sent to other machines probably 6039 * shouldn't be matched, but what about broadcast 6040 * or multicast packets we received? 6041 / 6042* b0 = gen_cmp(OR_LINK, 0, BPF_H, LINUX_SLL_HOST); 6043 } 6044 break; 6045	6342} 6343 6344/* 6345 * generate command for inbound/outbound. It's here so we can 6346 * make it link-type specific. 'dir' = 0 implies "inbound", 6347 * = 1 implies "outbound". 6348 / 6349struct block --- 29 unchanged lines hidden (view full) --- 6379 * XXX - packets sent to other machines probably 6380 * shouldn't be matched, but what about broadcast 6381 * or multicast packets we received? 6382 / 6383* b0 = gen_cmp(OR_LINK, 0, BPF_H, LINUX_SLL_HOST); 6384 } 6385 break; 6386
	6387#ifdef HAVE_NET_PFVAR_H
6046 case DLT_PFLOG: 6047 b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, dir), BPF_B, 6048 (bpf_int32)((dir == 0) ? PF_IN : PF_OUT)); 6049 break;	6388 case DLT_PFLOG: 6389 b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, dir), BPF_B, 6390 (bpf_int32)((dir == 0) ? PF_IN : PF_OUT)); 6391 break;
	6392#endif
6050 6051 case DLT_PPP_PPPD: 6052 if (dir) { 6053 /* match outgoing packets / 6054* b0 = gen_cmp(OR_LINK, 0, BPF_B, PPP_PPPD_OUT); 6055 } else { 6056 /* match incoming packets / 6057* b0 = gen_cmp(OR_LINK, 0, BPF_B, PPP_PPPD_IN); --- 10 unchanged lines hidden (view full) --- 6068 case DLT_JUNIPER_GGSN: 6069 case DLT_JUNIPER_ES: 6070 case DLT_JUNIPER_MONITOR: 6071 case DLT_JUNIPER_SERVICES: 6072 case DLT_JUNIPER_ETHER: 6073 case DLT_JUNIPER_PPP: 6074 case DLT_JUNIPER_FRELAY: 6075 case DLT_JUNIPER_CHDLC:	6393 6394 case DLT_PPP_PPPD: 6395 if (dir) { 6396 /* match outgoing packets / 6397* b0 = gen_cmp(OR_LINK, 0, BPF_B, PPP_PPPD_OUT); 6398 } else { 6399 /* match incoming packets / 6400* b0 = gen_cmp(OR_LINK, 0, BPF_B, PPP_PPPD_IN); --- 10 unchanged lines hidden (view full) --- 6411 case DLT_JUNIPER_GGSN: 6412 case DLT_JUNIPER_ES: 6413 case DLT_JUNIPER_MONITOR: 6414 case DLT_JUNIPER_SERVICES: 6415 case DLT_JUNIPER_ETHER: 6416 case DLT_JUNIPER_PPP: 6417 case DLT_JUNIPER_FRELAY: 6418 case DLT_JUNIPER_CHDLC:
	6419 case DLT_JUNIPER_VP:
6076 /* juniper flags (including direction) are stored 6077 * the byte after the 3-byte magic number / 6078* if (dir) { 6079 /* match outgoing packets / 6080* b0 = gen_mcmp(OR_LINK, 3, BPF_B, 0, 0x01); 6081 } else { 6082 /* match incoming packets / 6083* b0 = gen_mcmp(OR_LINK, 3, BPF_B, 1, 0x01); --- 4 unchanged lines hidden (view full) --- 6088 bpf_error("inbound/outbound not supported on linktype %d", 6089 linktype); 6090 b0 = NULL; 6091 /* NOTREACHED / 6092* } 6093 return (b0); 6094} 6095	6420 /* juniper flags (including direction) are stored 6421 * the byte after the 3-byte magic number / 6422* if (dir) { 6423 /* match outgoing packets / 6424* b0 = gen_mcmp(OR_LINK, 3, BPF_B, 0, 0x01); 6425 } else { 6426 /* match incoming packets / 6427* b0 = gen_mcmp(OR_LINK, 3, BPF_B, 1, 0x01); --- 4 unchanged lines hidden (view full) --- 6432 bpf_error("inbound/outbound not supported on linktype %d", 6433 linktype); 6434 b0 = NULL; 6435 /* NOTREACHED / 6436* } 6437 return (b0); 6438} 6439
	6440#ifdef HAVE_NET_PFVAR_H
6096/* PF firewall log matched interface / 6097struct block 6098gen_pf_ifname(const char ifname) 6099{ 6100* struct block b0; 6101* u_int len, off; 6102 6103 if (linktype == DLT_PFLOG) { --- 93 unchanged lines hidden (view full) --- 6197 (bpf_int32)action); 6198 } else { 6199 bpf_error("action not supported on linktype 0x%x", linktype); 6200 /* NOTREACHED / 6201* } 6202 6203 return (b0); 6204}	6441/* PF firewall log matched interface / 6442struct block 6443gen_pf_ifname(const char ifname) 6444{ 6445* struct block b0; 6446* u_int len, off; 6447 6448 if (linktype == DLT_PFLOG) { --- 93 unchanged lines hidden (view full) --- 6542 (bpf_int32)action); 6543 } else { 6544 bpf_error("action not supported on linktype 0x%x", linktype); 6545 /* NOTREACHED / 6546* } 6547 6548 return (b0); 6549}
	6550#else /* !HAVE_NET_PFVAR_H / 6551struct block 6552gen_pf_ifname(const char ifname) 6553{ 6554* bpf_error("libpcap was compiled without pf support"); 6555 /* NOTREACHED / 6556* return (NULL); 6557}
6205 6206struct block *	6558 6559struct block *
	6560gen_pf_ruleset(char ruleset) 6561{ 6562* bpf_error("libpcap was compiled on a machine without pf support"); 6563 /* NOTREACHED / 6564* return (NULL); 6565} 6566 6567struct block * 6568gen_pf_rnr(int rnr) 6569{ 6570 bpf_error("libpcap was compiled on a machine without pf support"); 6571 /* NOTREACHED / 6572* return (NULL); 6573} 6574 6575struct block * 6576gen_pf_srnr(int srnr) 6577{ 6578 bpf_error("libpcap was compiled on a machine without pf support"); 6579 /* NOTREACHED / 6580* return (NULL); 6581} 6582 6583struct block * 6584gen_pf_reason(int reason) 6585{ 6586 bpf_error("libpcap was compiled on a machine without pf support"); 6587 /* NOTREACHED / 6588* return (NULL); 6589} 6590 6591struct block * 6592gen_pf_action(int action) 6593{ 6594 bpf_error("libpcap was compiled on a machine without pf support"); 6595 /* NOTREACHED / 6596* return (NULL); 6597} 6598#endif /* HAVE_NET_PFVAR_H / 6599* 6600struct block *
6207gen_acode(eaddr, q) 6208 register const u_char eaddr; 6209* struct qual q; 6210{ 6211 if ((q.addr == Q_HOST \|\| q.addr == Q_DEFAULT) && q.proto == Q_LINK) { 6212 if (linktype == DLT_ARCNET \|\| linktype == DLT_ARCNET_LINUX) 6213 return gen_ahostop(eaddr, (int)q.dir); 6214 } 6215 bpf_error("ARCnet address used in non-arc expression"); 6216 /* NOTREACHED */	6601gen_acode(eaddr, q) 6602 register const u_char eaddr; 6603* struct qual q; 6604{ 6605 if ((q.addr == Q_HOST \|\| q.addr == Q_DEFAULT) && q.proto == Q_LINK) { 6606 if (linktype == DLT_ARCNET \|\| linktype == DLT_ARCNET_LINUX) 6607 return gen_ahostop(eaddr, (int)q.dir); 6608 } 6609 bpf_error("ARCnet address used in non-arc expression"); 6610 /* NOTREACHED */
	6611 return NULL;
6217} 6218 6219static struct block * 6220gen_ahostop(eaddr, dir) 6221 register const u_char eaddr; 6222* register int dir; 6223{ 6224 register struct block b0, b1; --- 126 unchanged lines hidden (view full) --- 6351 * to make sure higher level code generators don't try to 6352 * match against IP-related protocols such as Q_ARP, Q_RARP 6353 * etc. 6354 / 6355* switch (linktype) { 6356 6357 case DLT_C_HDLC: /* fall through / 6358* case DLT_EN10MB:	6612} 6613 6614static struct block * 6615gen_ahostop(eaddr, dir) 6616 register const u_char eaddr; 6617* register int dir; 6618{ 6619 register struct block b0, b1; --- 126 unchanged lines hidden (view full) --- 6746 * to make sure higher level code generators don't try to 6747 * match against IP-related protocols such as Q_ARP, Q_RARP 6748 * etc. 6749 / 6750* switch (linktype) { 6751 6752 case DLT_C_HDLC: /* fall through / 6753* case DLT_EN10MB:
6359 b0 = gen_cmp(OR_LINK, off_linktype, BPF_H, 6360 (bpf_int32)ETHERTYPE_MPLS);	6754 b0 = gen_linktype(ETHERTYPE_MPLS);
6361 break; 6362 6363 case DLT_PPP:	6755 break; 6756 6757 case DLT_PPP:
6364 b0 = gen_cmp(OR_LINK, off_linktype, BPF_H, 6365 (bpf_int32)PPP_MPLS_UCAST);	6758 b0 = gen_linktype(PPP_MPLS_UCAST);
6366 break; 6367 6368 /* FIXME add other DLT_s ... 6369 * for Frame-Relay/and ATM this may get messy due to SNAP headers 6370 * leave it for now / 6371* 6372 default: 6373 bpf_error("no MPLS support for data link type %d", --- 245 unchanged lines hidden (view full) --- 6619 break; 6620 6621 default: 6622 abort(); 6623 } 6624 return b1; 6625} 6626	6759 break; 6760 6761 /* FIXME add other DLT_s ... 6762 * for Frame-Relay/and ATM this may get messy due to SNAP headers 6763 * leave it for now / 6764* 6765 default: 6766 bpf_error("no MPLS support for data link type %d", --- 245 unchanged lines hidden (view full) --- 7012 break; 7013 7014 default: 7015 abort(); 7016 } 7017 return b1; 7018} 7019
	7020/* 7021 * Filtering for MTP2 messages based on li value 7022 * FISU, length is null 7023 * LSSU, length is 1 or 2 7024 * MSU, length is 3 or more 7025 */
6627struct block *	7026struct block *
	7027gen_mtp2type_abbrev(type) 7028 int type; 7029{ 7030 struct block b0, b1; 7031 7032 switch (type) { 7033 7034 case M_FISU: 7035 if ( (linktype != DLT_MTP2) && 7036 (linktype != DLT_MTP2_WITH_PHDR) ) 7037 bpf_error("'fisu' supported only on MTP2"); 7038 /* gen_ncmp(offrel, offset, size, mask, jtype, reverse, value) / 7039* b0 = gen_ncmp(OR_PACKET, off_li, BPF_B, 0x3f, BPF_JEQ, 0, 0); 7040 break; 7041 7042 case M_LSSU: 7043 if ( (linktype != DLT_MTP2) && 7044 (linktype != DLT_MTP2_WITH_PHDR) ) 7045 bpf_error("'lssu' supported only on MTP2"); 7046 b0 = gen_ncmp(OR_PACKET, off_li, BPF_B, 0x3f, BPF_JGT, 1, 2); 7047 b1 = gen_ncmp(OR_PACKET, off_li, BPF_B, 0x3f, BPF_JGT, 0, 0); 7048 gen_and(b1, b0); 7049 break; 7050 7051 case M_MSU: 7052 if ( (linktype != DLT_MTP2) && 7053 (linktype != DLT_MTP2_WITH_PHDR) ) 7054 bpf_error("'msu' supported only on MTP2"); 7055 b0 = gen_ncmp(OR_PACKET, off_li, BPF_B, 0x3f, BPF_JGT, 0, 2); 7056 break; 7057 7058 default: 7059 abort(); 7060 } 7061 return b0; 7062} 7063 7064struct block *
6628gen_mtp3field_code(mtp3field, jvalue, jtype, reverse) 6629 int mtp3field; 6630 bpf_u_int32 jvalue; 6631 bpf_u_int32 jtype; 6632 int reverse; 6633{ 6634 struct block b0; 6635* bpf_u_int32 val1 , val2 , val3; --- 182 unchanged lines hidden ---	7065gen_mtp3field_code(mtp3field, jvalue, jtype, reverse) 7066 int mtp3field; 7067 bpf_u_int32 jvalue; 7068 bpf_u_int32 jtype; 7069 int reverse; 7070{ 7071 struct block b0; 7072* bpf_u_int32 val1 , val2 , val3; --- 182 unchanged lines hidden ---