| ipnat_y.y (153881) | ipnat_y.y (161357) |
|---|---|
| 1/* $FreeBSD: head/contrib/ipfilter/tools/ipnat_y.y 153881 2005-12-30 11:52:26Z guido $ */ | 1/* $FreeBSD: head/contrib/ipfilter/tools/ipnat_y.y 161357 2006-08-16 12:23:02Z guido $ */ |
| 2 3%{ 4#ifdef __FreeBSD__ 5# ifndef __FreeBSD_cc_version 6# include <osreldate.h> 7# else 8# if __FreeBSD_cc_version < 430000 9# include <osreldate.h> --- 39 unchanged lines hidden (view full) --- 49extern FILE *yyin; 50extern int yylineNum; 51 52static ipnat_t *nattop = NULL; 53static ipnat_t *nat = NULL; 54static int natfd = -1; 55static ioctlfunc_t natioctlfunc = NULL; 56static addfunc_t nataddfunc = NULL; | 2 3%{ 4#ifdef __FreeBSD__ 5# ifndef __FreeBSD_cc_version 6# include <osreldate.h> 7# else 8# if __FreeBSD_cc_version < 430000 9# include <osreldate.h> --- 39 unchanged lines hidden (view full) --- 49extern FILE *yyin; 50extern int yylineNum; 51 52static ipnat_t *nattop = NULL; 53static ipnat_t *nat = NULL; 54static int natfd = -1; 55static ioctlfunc_t natioctlfunc = NULL; 56static addfunc_t nataddfunc = NULL; |
| 57static int suggest_port = 0; |
|
| 57 58static void newnatrule __P((void)); 59static void setnatproto __P((int)); 60 61%} 62%union { 63 char *str; 64 u_32_t num; --- 102 unchanged lines hidden (view full) --- 167 | mapit ifnames mapfrom IPNY_TLATE rhaddr proxy mapoptions 168 { nat->in_v = 4; 169 nat->in_outip = $5.a.s_addr; 170 nat->in_outmsk = $5.m.s_addr; 171 if (nat->in_ifnames[1][0] == '\0') 172 strncpy(nat->in_ifnames[1], 173 nat->in_ifnames[0], 174 sizeof(nat->in_ifnames[0])); | 58 59static void newnatrule __P((void)); 60static void setnatproto __P((int)); 61 62%} 63%union { 64 char *str; 65 u_32_t num; --- 102 unchanged lines hidden (view full) --- 168 | mapit ifnames mapfrom IPNY_TLATE rhaddr proxy mapoptions 169 { nat->in_v = 4; 170 nat->in_outip = $5.a.s_addr; 171 nat->in_outmsk = $5.m.s_addr; 172 if (nat->in_ifnames[1][0] == '\0') 173 strncpy(nat->in_ifnames[1], 174 nat->in_ifnames[0], 175 sizeof(nat->in_ifnames[0])); |
| 176 if ((suggest_port == 1) && 177 (nat->in_flags & IPN_TCPUDP) == 0) 178 nat->in_flags |= IPN_TCPUDP; |
|
| 175 if ((nat->in_flags & IPN_TCPUDP) == 0) 176 setnatproto(nat->in_p); 177 if (((nat->in_redir & NAT_MAPBLK) != 0) || 178 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 179 nat_setgroupmap(nat); 180 } 181 | mapit ifnames mapfrom IPNY_TLATE rhaddr mapport mapoptions 182 { nat->in_v = 4; 183 nat->in_outip = $5.a.s_addr; 184 nat->in_outmsk = $5.m.s_addr; 185 if (nat->in_ifnames[1][0] == '\0') 186 strncpy(nat->in_ifnames[1], 187 nat->in_ifnames[0], 188 sizeof(nat->in_ifnames[0])); | 179 if ((nat->in_flags & IPN_TCPUDP) == 0) 180 setnatproto(nat->in_p); 181 if (((nat->in_redir & NAT_MAPBLK) != 0) || 182 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 183 nat_setgroupmap(nat); 184 } 185 | mapit ifnames mapfrom IPNY_TLATE rhaddr mapport mapoptions 186 { nat->in_v = 4; 187 nat->in_outip = $5.a.s_addr; 188 nat->in_outmsk = $5.m.s_addr; 189 if (nat->in_ifnames[1][0] == '\0') 190 strncpy(nat->in_ifnames[1], 191 nat->in_ifnames[0], 192 sizeof(nat->in_ifnames[0])); |
| 193 if ((suggest_port == 1) && 194 (nat->in_flags & IPN_TCPUDP) == 0) 195 nat->in_flags |= IPN_TCPUDP; |
|
| 189 if (((nat->in_redir & NAT_MAPBLK) != 0) || 190 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 191 nat_setgroupmap(nat); 192 } 193 ; 194 195mapblock: 196 mapblockit ifnames addr IPNY_TLATE addr ports mapoptions --- 22 unchanged lines hidden (view full) --- 219 strncpy(nat->in_ifnames[1], 220 nat->in_ifnames[0], 221 sizeof(nat->in_ifnames[0])); 222 if ((nat->in_p == 0) && 223 ((nat->in_flags & IPN_TCPUDP) == 0) && 224 (nat->in_pmin != 0 || 225 nat->in_pmax != 0 || 226 nat->in_pnext != 0)) | 196 if (((nat->in_redir & NAT_MAPBLK) != 0) || 197 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 198 nat_setgroupmap(nat); 199 } 200 ; 201 202mapblock: 203 mapblockit ifnames addr IPNY_TLATE addr ports mapoptions --- 22 unchanged lines hidden (view full) --- 226 strncpy(nat->in_ifnames[1], 227 nat->in_ifnames[0], 228 sizeof(nat->in_ifnames[0])); 229 if ((nat->in_p == 0) && 230 ((nat->in_flags & IPN_TCPUDP) == 0) && 231 (nat->in_pmin != 0 || 232 nat->in_pmax != 0 || 233 nat->in_pnext != 0)) |
| 227 setnatproto(IPPROTO_TCP); | 234 setnatproto(IPPROTO_TCP); |
| 228 } 229 | rdrit ifnames rdrfrom IPNY_TLATE dip nport setproto rdroptions 230 { nat->in_v = 4; 231 if ((nat->in_p == 0) && 232 ((nat->in_flags & IPN_TCPUDP) == 0) && 233 (nat->in_pmin != 0 || 234 nat->in_pmax != 0 || 235 nat->in_pnext != 0)) 236 setnatproto(IPPROTO_TCP); | 235 } 236 | rdrit ifnames rdrfrom IPNY_TLATE dip nport setproto rdroptions 237 { nat->in_v = 4; 238 if ((nat->in_p == 0) && 239 ((nat->in_flags & IPN_TCPUDP) == 0) && 240 (nat->in_pmin != 0 || 241 nat->in_pmax != 0 || 242 nat->in_pnext != 0)) 243 setnatproto(IPPROTO_TCP); |
| 244 if ((suggest_port == 1) && 245 (nat->in_flags & IPN_TCPUDP) == 0) 246 nat->in_flags |= IPN_TCPUDP; |
|
| 237 if (nat->in_ifnames[1][0] == '\0') 238 strncpy(nat->in_ifnames[1], 239 nat->in_ifnames[0], 240 sizeof(nat->in_ifnames[0])); 241 } 242 | rdrit ifnames addr IPNY_TLATE dip setproto rdroptions 243 { nat->in_v = 4; 244 nat->in_outip = $3.a.s_addr; 245 nat->in_outmsk = $3.m.s_addr; 246 if (nat->in_ifnames[1][0] == '\0') 247 strncpy(nat->in_ifnames[1], 248 nat->in_ifnames[0], 249 sizeof(nat->in_ifnames[0])); 250 } | 247 if (nat->in_ifnames[1][0] == '\0') 248 strncpy(nat->in_ifnames[1], 249 nat->in_ifnames[0], 250 sizeof(nat->in_ifnames[0])); 251 } 252 | rdrit ifnames addr IPNY_TLATE dip setproto rdroptions 253 { nat->in_v = 4; 254 nat->in_outip = $3.a.s_addr; 255 nat->in_outmsk = $3.m.s_addr; 256 if (nat->in_ifnames[1][0] == '\0') 257 strncpy(nat->in_ifnames[1], 258 nat->in_ifnames[0], 259 sizeof(nat->in_ifnames[0])); 260 } |
| 261 | rdrit ifnames rdrfrom IPNY_TLATE dip setproto rdroptions 262 { nat->in_v = 4; 263 if ((suggest_port == 1) && 264 (nat->in_flags & IPN_TCPUDP) == 0) 265 nat->in_flags |= IPN_TCPUDP; 266 if (nat->in_ifnames[1][0] == '\0') 267 strncpy(nat->in_ifnames[1], 268 nat->in_ifnames[0], 269 sizeof(nat->in_ifnames[0])); 270 } |
|
| 251 ; 252 | 271 ; 272 |
| 253proxy: | IPNY_PROXY IPNY_PORT portspec YY_STR '/' proto | 273proxy: | IPNY_PROXY port portspec YY_STR '/' proto |
| 254 { strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel)); 255 if (nat->in_dcmp == 0) { 256 nat->in_dport = htons($3); 257 } else if ($3 != nat->in_dport) { 258 yyerror("proxy port numbers not consistant"); 259 } 260 setnatproto($6); 261 free($4); 262 } | 274 { strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel)); 275 if (nat->in_dcmp == 0) { 276 nat->in_dport = htons($3); 277 } else if ($3 != nat->in_dport) { 278 yyerror("proxy port numbers not consistant"); 279 } 280 setnatproto($6); 281 free($4); 282 } |
| 263 | IPNY_PROXY IPNY_PORT YY_STR YY_STR '/' proto | 283 | IPNY_PROXY port YY_STR YY_STR '/' proto |
| 264 { int pnum; 265 strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel)); 266 pnum = getportproto($3, $6); 267 if (pnum == -1) 268 yyerror("invalid port number"); 269 nat->in_dport = pnum; 270 setnatproto($6); 271 free($3); --- 35 unchanged lines hidden (view full) --- 307 nat->in_inip = 0; 308 nat->in_inmsk = 0; 309 } 310 | hostname ',' hostname { nat->in_flags |= IPN_SPLIT; 311 nat->in_inip = $1.s_addr; 312 nat->in_inmsk = $3.s_addr; } 313 ; 314 | 284 { int pnum; 285 strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel)); 286 pnum = getportproto($3, $6); 287 if (pnum == -1) 288 yyerror("invalid port number"); 289 nat->in_dport = pnum; 290 setnatproto($6); 291 free($3); --- 35 unchanged lines hidden (view full) --- 327 nat->in_inip = 0; 328 nat->in_inmsk = 0; 329 } 330 | hostname ',' hostname { nat->in_flags |= IPN_SPLIT; 331 nat->in_inip = $1.s_addr; 332 nat->in_inmsk = $3.s_addr; } 333 ; 334 |
| 335port: IPNY_PORT { suggest_port = 1; } 336 ; 337 |
|
| 315portspec: 316 YY_NUMBER { if ($1 > 65535) /* Unsigned */ 317 yyerror("invalid port number"); 318 else 319 $$ = $1; 320 } 321 | YY_STR { if (getport(NULL, $1, &($$)) == -1) 322 yyerror("invalid port number"); 323 $$ = ntohs($$); 324 } 325 ; 326 | 338portspec: 339 YY_NUMBER { if ($1 > 65535) /* Unsigned */ 340 yyerror("invalid port number"); 341 else 342 $$ = $1; 343 } 344 | YY_STR { if (getport(NULL, $1, &($$)) == -1) 345 yyerror("invalid port number"); 346 $$ = ntohs($$); 347 } 348 ; 349 |
| 327dport: | IPNY_PORT portspec { nat->in_pmin = htons($2); | 350dport: | port portspec { nat->in_pmin = htons($2); |
| 328 nat->in_pmax = htons($2); } | 351 nat->in_pmax = htons($2); } |
| 329 | IPNY_PORT portspec '-' portspec { nat->in_pmin = htons($2); | 352 | port portspec '-' portspec { nat->in_pmin = htons($2); |
| 330 nat->in_pmax = htons($4); } | 353 nat->in_pmax = htons($4); } |
| 331 | IPNY_PORT portspec ':' portspec { nat->in_pmin = htons($2); | 354 | port portspec ':' portspec { nat->in_pmin = htons($2); |
| 332 nat->in_pmax = htons($4); } 333 ; 334 | 355 nat->in_pmax = htons($4); } 356 ; 357 |
| 335nport: IPNY_PORT portspec { nat->in_pnext = htons($2); } 336 | IPNY_PORT '=' portspec { nat->in_pnext = htons($3); | 358nport: port portspec { nat->in_pnext = htons($2); } 359 | port '=' portspec { nat->in_pnext = htons($3); |
| 337 nat->in_flags |= IPN_FIXEDDPORT; 338 } 339 ; 340 341ports: | IPNY_PORTS YY_NUMBER { nat->in_pmin = $2; } 342 | IPNY_PORTS IPNY_AUTO { nat->in_flags |= IPN_AUTOPORTMAP; } 343 ; 344 --- 7 unchanged lines hidden (view full) --- 352mapblockit: 353 IPNY_MAPBLOCK { nat->in_redir = NAT_MAPBLK; } 354 ; 355 356mapfrom: 357 from sobject IPNY_TO dobject 358 | from sobject '!' IPNY_TO dobject 359 { nat->in_flags |= IPN_NOTDST; } | 360 nat->in_flags |= IPN_FIXEDDPORT; 361 } 362 ; 363 364ports: | IPNY_PORTS YY_NUMBER { nat->in_pmin = $2; } 365 | IPNY_PORTS IPNY_AUTO { nat->in_flags |= IPN_AUTOPORTMAP; } 366 ; 367 --- 7 unchanged lines hidden (view full) --- 375mapblockit: 376 IPNY_MAPBLOCK { nat->in_redir = NAT_MAPBLK; } 377 ; 378 379mapfrom: 380 from sobject IPNY_TO dobject 381 | from sobject '!' IPNY_TO dobject 382 { nat->in_flags |= IPN_NOTDST; } |
| 383 | from sobject IPNY_TO '!' dobject 384 { nat->in_flags |= IPN_NOTDST; } |
|
| 360 ; 361 362rdrfrom: 363 from sobject IPNY_TO dobject 364 | '!' from sobject IPNY_TO dobject 365 { nat->in_flags |= IPN_NOTSRC; } | 385 ; 386 387rdrfrom: 388 from sobject IPNY_TO dobject 389 | '!' from sobject IPNY_TO dobject 390 { nat->in_flags |= IPN_NOTSRC; } |
| 391 | from '!' sobject IPNY_TO dobject 392 { nat->in_flags |= IPN_NOTSRC; } |
|
| 366 ; 367 368from: IPNY_FROM { nat->in_flags |= IPN_FILTER; } 369 ; 370 371ifnames: 372 ifname 373 | ifname ',' otherifname --- 36 unchanged lines hidden (view full) --- 410 nat->in_flags = IPN_ICMPQUERY; 411 nat->in_pmin = htons($3); 412 nat->in_pmax = htons($5); 413 } 414 ; 415 416sobject: 417 saddr | 393 ; 394 395from: IPNY_FROM { nat->in_flags |= IPN_FILTER; } 396 ; 397 398ifnames: 399 ifname 400 | ifname ',' otherifname --- 36 unchanged lines hidden (view full) --- 437 nat->in_flags = IPN_ICMPQUERY; 438 nat->in_pmin = htons($3); 439 nat->in_pmax = htons($5); 440 } 441 ; 442 443sobject: 444 saddr |
| 418 | saddr IPNY_PORT portstuff { nat->in_sport = $3.p1; | 445 | saddr port portstuff { nat->in_sport = $3.p1; |
| 419 nat->in_stop = $3.p2; 420 nat->in_scmp = $3.pc; } 421 ; 422 423saddr: addr { if (nat->in_redir == NAT_REDIRECT) { 424 nat->in_srcip = $1.a.s_addr; 425 nat->in_srcmsk = $1.m.s_addr; 426 } else { 427 nat->in_inip = $1.a.s_addr; 428 nat->in_inmsk = $1.m.s_addr; 429 } 430 } 431 ; 432 433dobject: 434 daddr | 446 nat->in_stop = $3.p2; 447 nat->in_scmp = $3.pc; } 448 ; 449 450saddr: addr { if (nat->in_redir == NAT_REDIRECT) { 451 nat->in_srcip = $1.a.s_addr; 452 nat->in_srcmsk = $1.m.s_addr; 453 } else { 454 nat->in_inip = $1.a.s_addr; 455 nat->in_inmsk = $1.m.s_addr; 456 } 457 } 458 ; 459 460dobject: 461 daddr |
| 435 | daddr IPNY_PORT portstuff { nat->in_dport = $3.p1; | 462 | daddr port portstuff { nat->in_dport = $3.p1; |
| 436 nat->in_dtop = $3.p2; 437 nat->in_dcmp = $3.pc; 438 if (nat->in_redir == NAT_REDIRECT) 439 nat->in_pmin = htons($3.p1); 440 } 441 ; 442 443daddr: addr { if (nat->in_redir == NAT_REDIRECT) { --- 88 unchanged lines hidden (view full) --- 532 | proxy { if (nat->in_plabel[0] != '\0') { 533 nat->in_pmin = nat->in_dport; 534 nat->in_pmax = nat->in_pmin; 535 nat->in_pnext = nat->in_pmin; 536 } 537 } 538 ; 539 | 463 nat->in_dtop = $3.p2; 464 nat->in_dcmp = $3.pc; 465 if (nat->in_redir == NAT_REDIRECT) 466 nat->in_pmin = htons($3.p1); 467 } 468 ; 469 470daddr: addr { if (nat->in_redir == NAT_REDIRECT) { --- 88 unchanged lines hidden (view full) --- 559 | proxy { if (nat->in_plabel[0] != '\0') { 560 nat->in_pmin = nat->in_dport; 561 nat->in_pmax = nat->in_pmin; 562 nat->in_pnext = nat->in_pmin; 563 } 564 } 565 ; 566 |
| 540proto: YY_NUMBER { $$ = $1; } | 567proto: YY_NUMBER { $$ = $1; 568 if ($$ != IPPROTO_TCP && 569 $$ != IPPROTO_UDP) 570 suggest_port = 0; 571 } |
| 541 | IPNY_TCP { $$ = IPPROTO_TCP; } 542 | IPNY_UDP { $$ = IPPROTO_UDP; } | 572 | IPNY_TCP { $$ = IPPROTO_TCP; } 573 | IPNY_UDP { $$ = IPPROTO_UDP; } |
| 543 | YY_STR { $$ = getproto($1); free($1); } | 574 | YY_STR { $$ = getproto($1); free($1); 575 if ($$ != IPPROTO_TCP && 576 $$ != IPPROTO_UDP) 577 suggest_port = 0; 578 } |
| 544 ; 545 546hexnumber: 547 YY_HEX { $$ = $1; } 548 ; 549 550hostname: 551 YY_STR { if (gethost($1, &$$.s_addr) == -1) --- 151 unchanged lines hidden (view full) --- 703 return; 704 705 if (nat == NULL) 706 nattop = nat = n; 707 else { 708 nat->in_next = n; 709 nat = n; 710 } | 579 ; 580 581hexnumber: 582 YY_HEX { $$ = $1; } 583 ; 584 585hostname: 586 YY_STR { if (gethost($1, &$$.s_addr) == -1) --- 151 unchanged lines hidden (view full) --- 738 return; 739 740 if (nat == NULL) 741 nattop = nat = n; 742 else { 743 nat->in_next = n; 744 nat = n; 745 } |
| 746 747 suggest_port = 0; |
|
| 711} 712 713 714static void setnatproto(p) 715int p; 716{ 717 nat->in_p = p; 718 --- 60 unchanged lines hidden (view full) --- 779 } else if (opts & OPT_INACTIVE) { 780 add = SIOCADNAT; 781 del = SIOCRMNAT; 782 } else { 783 add = SIOCADNAT; 784 del = SIOCRMNAT; 785 } 786 | 748} 749 750 751static void setnatproto(p) 752int p; 753{ 754 nat->in_p = p; 755 --- 60 unchanged lines hidden (view full) --- 816 } else if (opts & OPT_INACTIVE) { 817 add = SIOCADNAT; 818 del = SIOCRMNAT; 819 } else { 820 add = SIOCADNAT; 821 del = SIOCRMNAT; 822 } 823 |
| 787 if (ipn && (opts & OPT_VERBOSE)) | 824 if ((opts & OPT_VERBOSE) != 0) |
| 788 printnat(ipn, opts); 789 790 if (opts & OPT_DEBUG) 791 binprint(ipn, sizeof(*ipn)); 792 793 if ((opts & OPT_ZERORULEST) != 0) { 794 if ((*ioctlfunc)(fd, add, (void *)&obj) == -1) { 795 if ((opts & OPT_DONOTHING) == 0) { --- 34 unchanged lines hidden --- | 825 printnat(ipn, opts); 826 827 if (opts & OPT_DEBUG) 828 binprint(ipn, sizeof(*ipn)); 829 830 if ((opts & OPT_ZERORULEST) != 0) { 831 if ((*ioctlfunc)(fd, add, (void *)&obj) == -1) { 832 if ((opts & OPT_DONOTHING) == 0) { --- 34 unchanged lines hidden --- |