Deleted Added
sdiff udiff text old ( 40561 ) new ( 43313 )
full compact
filter.c (40561) filter.c (43313)
1/*
2 * PPP Filter command Interface
3 *
4 * Written by Toshiharu OHNO (tony-o@iij.ad.jp)
5 *
6 * Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
7 *
8 * Redistribution and use in source and binary forms are permitted
9 * provided that the above copyright notice and this paragraph are
10 * duplicated in all such forms and that any documentation,
11 * advertising materials, and other materials related to such
12 * distribution and use acknowledge that the software was developed
13 * by the Internet Initiative Japan. The name of the
14 * IIJ may not be used to endorse or promote products derived
15 * from this software without specific prior written permission.
16 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
18 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19 *
1/*
2 * PPP Filter command Interface
3 *
4 * Written by Toshiharu OHNO (tony-o@iij.ad.jp)
5 *
6 * Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
7 *
8 * Redistribution and use in source and binary forms are permitted
9 * provided that the above copyright notice and this paragraph are
10 * duplicated in all such forms and that any documentation,
11 * advertising materials, and other materials related to such
12 * distribution and use acknowledge that the software was developed
13 * by the Internet Initiative Japan. The name of the
14 * IIJ may not be used to endorse or promote products derived
15 * from this software without specific prior written permission.
16 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
18 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19 *
20 * $Id: filter.c,v 1.25 1998/06/27 12:03:48 brian Exp $
20 * $Id: filter.c,v 1.26 1998/10/22 02:32:48 brian Exp $
21 *
22 * TODO: Shoud send ICMP error message when we discard packets.
23 */
24
21 *
22 * TODO: Shoud send ICMP error message when we discard packets.
23 */
24
25#include <sys/types.h>
25#include <sys/param.h>
26#include <netinet/in.h>
27#include <arpa/inet.h>
28#include <netdb.h>
29#include <netinet/in_systm.h>
30#include <netinet/ip.h>
31#include <sys/un.h>
32
33#include <stdio.h>

--- 15 unchanged lines hidden (view full) ---

49#include "ccp.h"
50#include "link.h"
51#include "slcompress.h"
52#include "ipcp.h"
53#include "filter.h"
54#include "descriptor.h"
55#include "prompt.h"
56#include "mp.h"
26#include <netinet/in.h>
27#include <arpa/inet.h>
28#include <netdb.h>
29#include <netinet/in_systm.h>
30#include <netinet/ip.h>
31#include <sys/un.h>
32
33#include <stdio.h>

--- 15 unchanged lines hidden (view full) ---

49#include "ccp.h"
50#include "link.h"
51#include "slcompress.h"
52#include "ipcp.h"
53#include "filter.h"
54#include "descriptor.h"
55#include "prompt.h"
56#include "mp.h"
57#ifndef NORADIUS
58#include "radius.h"
59#endif
57#include "bundle.h"
58
59static int filter_Nam2Proto(int, char const *const *);
60static int filter_Nam2Op(const char *);
61
62static const u_int32_t netmasks[33] = {
63 0x00000000,
64 0x80000000, 0xC0000000, 0xE0000000, 0xF0000000,
65 0xF8000000, 0xFC000000, 0xFE000000, 0xFF000000,
66 0xFF800000, 0xFFC00000, 0xFFE00000, 0xFFF00000,
67 0xFFF80000, 0xFFFC0000, 0xFFFE0000, 0xFFFF0000,
68 0xFFFF8000, 0xFFFFC000, 0xFFFFE000, 0xFFFFF000,
69 0xFFFFF800, 0xFFFFFC00, 0xFFFFFE00, 0xFFFFFF00,
70 0xFFFFFF80, 0xFFFFFFC0, 0xFFFFFFE0, 0xFFFFFFF0,
71 0xFFFFFFF8, 0xFFFFFFFC, 0xFFFFFFFE, 0xFFFFFFFF,
72};
73
60#include "bundle.h"
61
62static int filter_Nam2Proto(int, char const *const *);
63static int filter_Nam2Op(const char *);
64
65static const u_int32_t netmasks[33] = {
66 0x00000000,
67 0x80000000, 0xC0000000, 0xE0000000, 0xF0000000,
68 0xF8000000, 0xFC000000, 0xFE000000, 0xFF000000,
69 0xFF800000, 0xFFC00000, 0xFFE00000, 0xFFF00000,
70 0xFFF80000, 0xFFFC0000, 0xFFFE0000, 0xFFFF0000,
71 0xFFFF8000, 0xFFFFC000, 0xFFFFE000, 0xFFFFF000,
72 0xFFFFF800, 0xFFFFFC00, 0xFFFFFE00, 0xFFFFFF00,
73 0xFFFFFF80, 0xFFFFFFC0, 0xFFFFFFE0, 0xFFFFFFF0,
74 0xFFFFFFF8, 0xFFFFFFFC, 0xFFFFFFFE, 0xFFFFFFFF,
75};
76
77struct in_addr
78bits2mask(int bits)
79{
80 struct in_addr result;
81
82 result.s_addr = htonl(netmasks[bits]);
83 return result;
84}
85
74int
86int
75ParseAddr(struct ipcp *ipcp, int argc, char const *const *argv,
87ParseAddr(struct ipcp *ipcp, const char *data,
76 struct in_addr *paddr, struct in_addr *pmask, int *pwidth)
77{
78 int bits, len;
79 char *wp;
80 const char *cp;
81
88 struct in_addr *paddr, struct in_addr *pmask, int *pwidth)
89{
90 int bits, len;
91 char *wp;
92 const char *cp;
93
82 if (argc < 1) {
83 log_Printf(LogWARN, "ParseAddr: address/mask is expected.\n");
84 return (0);
85 }
86
87 if (pmask)
88 pmask->s_addr = INADDR_BROADCAST; /* Assume 255.255.255.255 as default */
89
94 if (pmask)
95 pmask->s_addr = INADDR_BROADCAST; /* Assume 255.255.255.255 as default */
96
90 cp = pmask || pwidth ? strchr(*argv, '/') : NULL;
91 len = cp ? cp - *argv : strlen(*argv);
97 cp = pmask || pwidth ? strchr(data, '/') : NULL;
98 len = cp ? cp - data : strlen(data);
92
99
93 if (ipcp && strncasecmp(*argv, "HISADDR", len) == 0)
100 if (ipcp && strncasecmp(data, "HISADDR", len) == 0)
94 *paddr = ipcp->peer_ip;
101 *paddr = ipcp->peer_ip;
95 else if (ipcp && strncasecmp(*argv, "MYADDR", len) == 0)
102 else if (ipcp && strncasecmp(data, "MYADDR", len) == 0)
96 *paddr = ipcp->my_ip;
97 else if (len > 15)
103 *paddr = ipcp->my_ip;
104 else if (len > 15)
98 log_Printf(LogWARN, "ParseAddr: %s: Bad address\n", *argv);
105 log_Printf(LogWARN, "ParseAddr: %s: Bad address\n", data);
99 else {
100 char s[16];
106 else {
107 char s[16];
101 strncpy(s, *argv, len);
108 strncpy(s, data, len);
102 s[len] = '\0';
103 if (inet_aton(s, paddr) == 0) {
104 log_Printf(LogWARN, "ParseAddr: %s: Bad address\n", s);
105 return (0);
106 }
107 }
108 if (cp && *++cp) {
109 bits = strtol(cp, &wp, 0);

--- 10 unchanged lines hidden (view full) ---

120
121 if (pwidth)
122 *pwidth = bits;
123
124 if (pmask) {
125 if (paddr->s_addr == INADDR_ANY)
126 pmask->s_addr = INADDR_ANY;
127 else
109 s[len] = '\0';
110 if (inet_aton(s, paddr) == 0) {
111 log_Printf(LogWARN, "ParseAddr: %s: Bad address\n", s);
112 return (0);
113 }
114 }
115 if (cp && *++cp) {
116 bits = strtol(cp, &wp, 0);

--- 10 unchanged lines hidden (view full) ---

127
128 if (pwidth)
129 *pwidth = bits;
130
131 if (pmask) {
132 if (paddr->s_addr == INADDR_ANY)
133 pmask->s_addr = INADDR_ANY;
134 else
128 pmask->s_addr = htonl(netmasks[bits]);
135 *pmask = bits2mask(bits);
129 }
130
131 return (1);
132}
133
134static int
135ParsePort(const char *service, int proto)
136{

--- 160 unchanged lines hidden (view full) ---

297 log_Printf(LogWARN, "Parse: bad action: %s\n", *argv);
298 return (0);
299 }
300 filterdata.action = action;
301
302 argc--;
303 argv++;
304
136 }
137
138 return (1);
139}
140
141static int
142ParsePort(const char *service, int proto)
143{

--- 160 unchanged lines hidden (view full) ---

304 log_Printf(LogWARN, "Parse: bad action: %s\n", *argv);
305 return (0);
306 }
307 filterdata.action = action;
308
309 argc--;
310 argv++;
311
305 if (filterdata.action == A_DENY) {
312 if (argc && filterdata.action == A_DENY) {
306 if (!strcmp(*argv, "host")) {
307 filterdata.action |= A_UHOST;
308 argc--;
309 argv++;
310 } else if (!strcmp(*argv, "port")) {
311 filterdata.action |= A_UPORT;
312 argc--;
313 argv++;
314 }
315 }
313 if (!strcmp(*argv, "host")) {
314 filterdata.action |= A_UHOST;
315 argc--;
316 argv++;
317 } else if (!strcmp(*argv, "port")) {
318 filterdata.action |= A_UPORT;
319 argc--;
320 argv++;
321 }
322 }
323
316 proto = filter_Nam2Proto(argc, argv);
317 if (proto == P_NONE) {
324 proto = filter_Nam2Proto(argc, argv);
325 if (proto == P_NONE) {
318 if (ParseAddr(ipcp, argc, argv, &filterdata.saddr, &filterdata.smask,
319 &filterdata.swidth)) {
326 if (!argc)
327 log_Printf(LogWARN, "Parse: address/mask is expected.\n");
328 else if (ParseAddr(ipcp, *argv, &filterdata.saddr, &filterdata.smask,
329 &filterdata.swidth)) {
320 argc--;
321 argv++;
322 proto = filter_Nam2Proto(argc, argv);
330 argc--;
331 argv++;
332 proto = filter_Nam2Proto(argc, argv);
323 if (proto == P_NONE) {
324 if (ParseAddr(ipcp, argc, argv, &filterdata.daddr, &filterdata.dmask,
333 if (!argc)
334 log_Printf(LogWARN, "Parse: address/mask is expected.\n");
335 else if (proto == P_NONE) {
336 if (ParseAddr(ipcp, *argv, &filterdata.daddr, &filterdata.dmask,
325 &filterdata.dwidth)) {
326 argc--;
327 argv++;
328 }
329 proto = filter_Nam2Proto(argc, argv);
337 &filterdata.dwidth)) {
338 argc--;
339 argv++;
340 }
341 proto = filter_Nam2Proto(argc, argv);
330 if (proto != P_NONE) {
342 if (argc && proto != P_NONE) {
331 argc--;
332 argv++;
333 }
334 } else {
335 argc--;
336 argv++;
337 }
338 } else {

--- 199 unchanged lines hidden --- 		343 argc--;
344 argv++;
345 }
346 } else {
347 argc--;
348 argv++;
349 }
350 } else {

--- 199 unchanged lines hidden ---