Lines Matching refs:av
84 if (!av[0]) \
86 if (_substrcmp(*av, "tablearg") == 0) { \
95 _xval = strtol(*av, &end, 10); \
97 if (!isdigit(**av) || *end != '\0' || (_xval == 0 && errno == EINVAL)) \
99 match_value(s_x, tok), *av); \
103 match_value(s_x, tok), min, max, *av); \
107 match_value(s_x, tok), *av); \
699 fill_newports(ipfw_insn_u16 *cmd, char *av, int proto, int cblen)
703 char *s = av;
706 a = strtoport(av, &s, 0, proto);
707 if (s == av) /* empty or invalid argument */
714 av = s + 1;
715 b = strtoport(av, &s, 0, proto);
717 if (s == av || (*s != ',' && *s != '\0'))
728 *s, av);
734 av = s + 1;
748 fill_dscp(ipfw_insn *cmd, char *av, int cblen)
751 char *s = av, *a;
1009 fill_icmptypes(ipfw_insn_u32 *cmd, char *av)
1014 while (*av) {
1015 if (*av == ',')
1016 av++;
1018 type = strtoul(av, &av, 0);
1020 if (*av != ',' && *av != '\0')
1845 ipfw_sets_handler(char *av[])
1852 av++;
1854 if (av[0] == NULL)
1856 if (_substrcmp(*av, "show") == 0) {
1887 } else if (_substrcmp(*av, "swap") == 0) {
1888 av++;
1889 if ( av[0] == NULL || av[1] == NULL )
1891 rulenum = atoi(av[0]);
1892 new_set = atoi(av[1]);
1893 if (!isdigit(*(av[0])) || rulenum > RESVD_SET)
1894 errx(EX_DATAERR, "invalid set number %s\n", av[0]);
1895 if (!isdigit(*(av[1])) || new_set > RESVD_SET)
1896 errx(EX_DATAERR, "invalid set number %s\n", av[1]);
1899 } else if (_substrcmp(*av, "move") == 0) {
1900 av++;
1901 if (av[0] && _substrcmp(*av, "rule") == 0) {
1903 av++;
1906 if (av[0] == NULL || av[1] == NULL || av[2] == NULL ||
1907 av[3] != NULL || _substrcmp(av[1], "to") != 0)
1909 rulenum = atoi(av[0]);
1910 new_set = atoi(av[2]);
1911 if (!isdigit(*(av[0])) || (cmd == 3 && rulenum > RESVD_SET) ||
1913 errx(EX_DATAERR, "invalid source number %s\n", av[0]);
1914 if (!isdigit(*(av[2])) || new_set > RESVD_SET)
1915 errx(EX_DATAERR, "invalid dest. set %s\n", av[1]);
1918 } else if (_substrcmp(*av, "disable") == 0 ||
1919 _substrcmp(*av, "enable") == 0 ) {
1920 int which = _substrcmp(*av, "enable") == 0 ? 1 : 0;
1922 av++;
1925 while (av[0]) {
1926 if (isdigit(**av)) {
1927 i = atoi(*av);
1932 } else if (_substrcmp(*av, "disable") == 0)
1934 else if (_substrcmp(*av, "enable") == 0)
1938 "invalid set command %s\n", *av);
1939 av++;
1949 errx(EX_USAGE, "invalid set command %s\n", *av);
1953 ipfw_sysctl_handler(char *av[], int which)
1955 av++;
1957 if (av[0] == NULL) {
1959 } else if (_substrcmp(*av, "firewall") == 0) {
1964 } else if (_substrcmp(*av, "one_pass") == 0) {
1967 } else if (_substrcmp(*av, "debug") == 0) {
1970 } else if (_substrcmp(*av, "verbose") == 0) {
1973 } else if (_substrcmp(*av, "dyn_keepalive") == 0) {
1977 } else if (_substrcmp(*av, "altq") == 0) {
1981 warnx("unrecognize enable/disable keyword: %s\n", *av);
1986 ipfw_list(int ac, char *av[], int show_counters)
2013 dummynet_list(ac, av, show_counters);
2018 av++;
2112 for (lac = ac, lav = av; lac != 0; lac--) {
2142 for (lac = ac, lav = av; lac != 0; lac--) {
2191 * fills the addr and mask fields in the instruction as appropriate from av.
2202 fill_ip(ipfw_insn_ip *cmd, char *av, int cblen)
2209 if (_substrcmp(av, "any") == 0)
2212 if (_substrcmp(av, "me") == 0) {
2217 if (strncmp(av, "table(", 6) == 0) {
2218 char *p = strchr(av + 6, ',');
2223 cmd->o.arg1 = strtoul(av + 6, NULL, 0);
2232 while (av) {
2238 char *t = NULL, *p = strpbrk(av, "/:,{");
2254 if (lookup_host(av, (struct in_addr *)&d[0]) != 0)
2255 errx(EX_NOHOST, "hostname ``%s'' unknown", av);
2313 av = p + 1;
2322 while (isdigit(*av)) {
2324 int a = strtol(av, &s, 0);
2326 if (s == av) { /* no parameter */
2327 if (*av != '}')
2353 av = s+1;
2357 av = p;
2358 if (av) /* then *av must be a ',' */
2359 av++;
2370 if (av == NULL && len == 0) /* only this entry */
2377 if (d[1] == (uint32_t)~0 && av == NULL && len == 0) {
2445 ipfw_delete(char *av[])
2452 av++;
2454 if ( *av && _substrcmp(*av, "set") == 0) {
2461 av++;
2465 while (*av && isdigit(**av)) {
2466 i = atoi(*av); av++;
2592 fill_comment(ipfw_insn *cmd, char **av, int cblen)
2601 for (i = 0, l = 0; av[i] != NULL; i++)
2602 l += strlen(av[i]) + 1;
2612 for (i = 0; av[i] != NULL; i++) {
2613 strcpy(p, av[i]);
2614 p += strlen(av[i]);
2637 add_mac(ipfw_insn *cmd, char *av[], int cblen)
2641 if ( ( av[0] == NULL ) || ( av[1] == NULL ) )
2649 get_mac_addr_mask(av[0], mac->addr, mac->mask); /* dst */
2650 get_mac_addr_mask(av[1], &(mac->addr[ETHER_ADDR_LEN]),
2656 add_mactype(ipfw_insn *cmd, char *av, int cblen)
2658 if (!av)
2660 if (strcmp(av, "any") != 0) { /* we have a non-null type */
2661 fill_newports((ipfw_insn_u16 *)cmd, av, IPPROTO_ETHERTYPE,
2670 add_proto0(ipfw_insn *cmd, char *av, u_char *protop)
2676 proto = strtol(av, &ep, 10);
2678 if ((pe = getprotobyname(av)) == NULL)
2689 add_proto(ipfw_insn *cmd, char *av, u_char *protop)
2693 if (_substrcmp(av, "all") == 0 || strcmp(av, "ip") == 0)
2695 else if (strcmp(av, "ip4") == 0)
2698 else if (strcmp(av, "ip6") == 0) {
2703 return add_proto0(cmd, av, protop);
2710 add_proto_compat(ipfw_insn *cmd, char *av, u_char *protop)
2714 if (_substrcmp(av, "all") == 0 || strcmp(av, "ip") == 0)
2716 else if (strcmp(av, "ipv4") == 0 || strcmp(av, "ip4") == 0)
2719 else if (strcmp(av, "ipv6") == 0 || strcmp(av, "ip6") == 0) {
2724 return add_proto0(cmd, av, protop);
2731 add_srcip(ipfw_insn *cmd, char *av, int cblen)
2733 fill_ip((ipfw_insn_ip *)cmd, av, cblen);
2748 add_dstip(ipfw_insn *cmd, char *av, int cblen)
2750 fill_ip((ipfw_insn_ip *)cmd, av, cblen);
2765 add_ports(ipfw_insn *cmd, char *av, u_char proto, int opcode, int cblen)
2768 if (_substrcmp(av, "any") == 0) {
2770 } else if (fill_newports((ipfw_insn_u16 *)cmd, av, proto, cblen)) {
2779 add_src(ipfw_insn *cmd, char *av, u_char proto, int cblen)
2787 if ((ch = strpbrk(av, "/,")) != NULL) {
2788 len = ch - av;
2789 strlcpy(buf, av, sizeof(buf));
2794 host = av;
2796 if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
2798 ret = add_srcip6(cmd, av, cblen);
2800 if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
2802 ret = add_srcip(cmd, av, cblen);
2803 if (ret == NULL && strcmp(av, "any") != 0)
2810 add_dst(ipfw_insn *cmd, char *av, u_char proto, int cblen)
2818 if ((ch = strpbrk(av, "/,")) != NULL) {
2819 len = ch - av;
2820 strlcpy(buf, av, sizeof(buf));
2825 host = av;
2827 if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
2829 ret = add_dstip6(cmd, av, cblen);
2831 if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
2833 ret = add_dstip(cmd, av, cblen);
2834 if (ret == NULL && strcmp(av, "any") != 0)
2853 ipfw_add(char *av[])
2902 av++;
2905 if (av[0] && isdigit(**av)) {
2906 rule->rulenum = atoi(*av);
2907 av++;
2911 if (av[0] && av[1] && _substrcmp(*av, "set") == 0) {
2912 int set = strtoul(av[1], NULL, 10);
2914 errx(EX_DATAERR, "illegal set %s", av[1]);
2916 av += 2;
2920 if (av[0] && av[1] && _substrcmp(*av, "prob") == 0) {
2921 match_prob = strtod(av[1], NULL);
2924 errx(EX_DATAERR, "illegal match prob. %s", av[1]);
2925 av += 2;
2930 i = match_token(rule_actions, *av);
2931 av++;
2967 fill_reject_code(&action->arg1, *av);
2968 av++;
2974 fill_unreach6_code(&action->arg1, *av);
2975 av++;
2986 if (_substrcmp(*av, "global") == 0) {
2988 av++;
3017 if (!av[0])
3018 errx(EX_USAGE, "missing argument for %s", *(av - 1));
3019 if (isdigit(**av)) {
3020 action->arg1 = strtoul(*av, NULL, 10);
3023 *(av - 1));
3024 } else if (_substrcmp(*av, "tablearg") == 0) {
3029 s = getservbyname(av[0], "divert");
3035 errx(EX_DATAERR, "illegal argument for %s", *(av - 1));
3036 av++;
3061 s = strchr(*av, ',');
3064 s = strchr(*av, ':');
3080 if (_substrcmp(*av, "tablearg") == 0) {
3089 if (getaddrinfo(*av, NULL, NULL, &res))
3132 av++;
3138 av--; /* go back... */
3148 if (_substrcmp(*av, "tablearg") == 0) {
3151 action->arg1 = strtoul(*av, NULL, 10);
3158 av++;
3168 if (_substrcmp(*av, "tablearg") == 0) {
3170 } else if (isalpha(*av[0])) {
3171 if ((code = match_token(f_ipdscp, *av)) == -1)
3175 action->arg1 = strtoul(*av, NULL, 10);
3176 av++;
3189 errx(EX_DATAERR, "invalid action %s\n", av[-1]);
3200 while (av[0] != NULL && (i = match_token(rule_action_params, *av)) != -1) {
3201 av++;
3215 if (av[0] && _substrcmp(*av, "logamount") == 0) {
3216 av++;
3218 l = atoi(*av);
3223 av++;
3252 a->qid = altq_name_to_qid(*av);
3253 av++;
3269 av++;
3283 if (av[0] && (*av[0] == '(' || *av[0] == '{')) { \
3288 if ( (av[0])[1] == '\0') { \
3289 av++; \
3291 (*av)++; \
3298 if (av[0] && ( \
3299 strcmp(*av, ")") == 0 || \
3300 strcmp(*av, "}") == 0)) { \
3303 av++; \
3309 if (av[0] && _substrcmp(*av, "not") == 0) { \
3313 av++; \
3317 if (av[0] && _substrcmp(*av, "or") == 0) { \
3321 av++; \
3336 if (_substrcmp(*av, "MAC") == 0 ||
3337 _substrcmp(*av, "mac") == 0) {
3338 av++; /* the "MAC" keyword */
3339 add_mac(cmd, av); /* exits in case of errors */
3341 av += 2; /* dst-mac and src-mac */
3344 if (add_mactype(cmd, av[0]))
3346 av++; /* any or mac-type */
3357 if (add_proto_compat(cmd, *av, &proto)) {
3358 av++;
3364 errx(EX_DATAERR, "invalid protocol ``%s''", *av);
3372 if ((av[0] == NULL) || _substrcmp(*av, "from") != 0)
3374 av++;
3382 if (add_src(cmd, *av, proto, cblen)) {
3383 av++;
3389 errx(EX_USAGE, "bad source address %s", *av);
3396 if ( av[0] != NULL ) {
3397 if (_substrcmp(*av, "any") == 0 ||
3398 add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) {
3399 av++;
3408 if ( (av[0] == NULL) || _substrcmp(*av, "to") != 0 )
3410 av++;
3418 if (add_dst(cmd, *av, proto, cblen)) {
3419 av++;
3425 errx( EX_USAGE, "bad destination address %s", *av);
3432 if (av[0]) {
3433 if (_substrcmp(*av, "any") == 0 ||
3434 add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) {
3435 av++;
3442 if (av[0] && first_cmd == cmd) {
3450 while ( av[0] != NULL ) {
3454 s = *av;
3464 av++;
3525 fill_iface((ipfw_insn_if *)cmd, av[0], cblen);
3526 av++;
3539 fill_icmptypes((ipfw_insn_u32 *)cmd, *av);
3540 av++;
3545 fill_icmp6types((ipfw_insn_icmp6 *)cmd, *av, cblen);
3546 av++;
3551 if (strpbrk(*av, "-,")) {
3552 if (!add_ports(cmd, *av, 0, O_IPTTL, cblen))
3553 errx(EX_DATAERR, "invalid ipttl %s", *av);
3555 fill_cmd(cmd, O_IPTTL, 0, strtoul(*av, NULL, 0));
3556 av++;
3561 if (strpbrk(*av, "-,")) {
3562 if (!add_ports(cmd, *av, 0, O_IPID, cblen))
3563 errx(EX_DATAERR, "invalid ipid %s", *av);
3565 fill_cmd(cmd, O_IPID, 0, strtoul(*av, NULL, 0));
3566 av++;
3571 if (strpbrk(*av, "-,")) {
3572 if (!add_ports(cmd, *av, 0, O_IPLEN, cblen))
3573 errx(EX_DATAERR, "invalid ip len %s", *av);
3575 fill_cmd(cmd, O_IPLEN, 0, strtoul(*av, NULL, 0));
3576 av++;
3581 fill_cmd(cmd, O_IPVER, 0, strtoul(*av, NULL, 0));
3582 av++;
3588 (strtoul(*av, NULL, 0) & 7) << 5);
3589 av++;
3594 fill_dscp(cmd, *av, cblen);
3595 av++;
3600 fill_flags(cmd, O_IPOPT, f_ipopts, *av);
3601 av++;
3606 fill_flags(cmd, O_IPTOS, f_iptos, *av);
3607 av++;
3618 uid = strtoul(*av, &end, 0);
3619 pwd = (*end == '\0') ? getpwuid(uid) : getpwnam(*av);
3621 errx(EX_DATAERR, "uid \"%s\" nonexistent", *av);
3624 av++;
3636 gid = strtoul(*av, &end, 0);
3637 grp = (*end == '\0') ? getgrgid(gid) : getgrnam(*av);
3639 errx(EX_DATAERR, "gid \"%s\" nonexistent", *av);
3642 av++;
3653 jid = (int)strtol(*av, &end, 0);
3658 av++;
3673 if (strpbrk(*av, "-,")) {
3674 if (!add_ports(cmd, *av, 0, O_TCPDATALEN, cblen))
3675 errx(EX_DATAERR, "invalid tcpdata len %s", *av);
3678 strtoul(*av, NULL, 0));
3679 av++;
3684 fill_flags(cmd, O_TCPOPTS, f_tcpopts, *av);
3685 av++;
3693 cmd32->d[0] = htonl(strtoul(*av, NULL, 0));
3694 av++;
3699 if (strpbrk(*av, "-,")) {
3700 if (!add_ports(cmd, *av, 0, O_TCPWIN, cblen))
3701 errx(EX_DATAERR, "invalid tcpwin len %s", *av);
3704 strtoul(*av, NULL, 0));
3705 av++;
3711 fill_flags(cmd, O_TCPFLAGS, f_tcpflags, *av);
3712 av++;
3743 while ( av[0] != NULL ) {
3744 if ((val = match_token(limit_masks, *av)) <= 0)
3747 av++;
3756 av++;
3762 if (add_proto(cmd, *av, &proto)) {
3763 av++;
3766 *av);
3771 if (add_srcip(cmd, *av, cblen)) {
3772 av++;
3778 if (add_dstip(cmd, *av, cblen)) {
3779 av++;
3785 if (add_srcip6(cmd, *av, cblen)) {
3786 av++;
3792 if (add_dstip6(cmd, *av, cblen)) {
3793 av++;
3799 if (_substrcmp(*av, "any") == 0 ||
3800 add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) {
3801 av++;
3803 errx(EX_DATAERR, "invalid source port %s", *av);
3808 if (_substrcmp(*av, "any") == 0 ||
3809 add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) {
3810 av++;
3813 *av);
3817 if (add_mac(cmd, av, cblen))
3818 av += 2;
3823 if (!add_mactype(cmd, *av, cblen))
3824 errx(EX_DATAERR, "invalid mac type %s", *av);
3825 av++;
3853 fill_ext6hdr( cmd, *av );
3854 av++;
3861 fill_flow6( (ipfw_insn_u32 *) cmd, *av, cblen);
3862 av++;
3866 fill_comment(cmd, av, cblen);
3867 av[0]=NULL;
3871 if (av[0] && strpbrk(*av, "-,")) {
3872 if (!add_ports(cmd, *av, 0, O_TAGGED, cblen))
3874 " list: %s", *av);
3883 av++;
3888 fill_cmd(cmd, O_FIB, 0, strtoul(*av, NULL, 0));
3889 av++;
3900 if (!av[0] || !av[1])
3904 i = match_token(rule_options, *av);
3910 errx(EX_USAGE, "format: cannot lookup on %s", *av);
3912 av++;
3913 cmd->arg1 = strtoul(*av, &p, 0);
3916 av++;
4031 ipfw_zero(int ac, char *av[], int optname /* 0 = IP_FW_ZERO, 1 = IP_FW_RESETLOG */)
4040 av++; ac--;
4055 if (isdigit(**av)) {
4056 arg = strtonum(*av, 0, 0xffff, &errstr);
4059 "invalid rule number %s\n", *av);
4063 av++;
4074 errx(EX_USAGE, "invalid rule number ``%s''", *av);
4129 ipfw_table_handler(int ac, char *av[])
4150 ac--; av++;
4151 if (ac && isdigit(**av)) {
4152 xent.tbl = atoi(*av);
4154 ac--; av++;
4155 } else if (ac && _substrcmp(*av, "all") == 0) {
4158 ac--; av++;
4165 if (is_all && _substrcmp(*av, "list") != 0
4166 && _substrcmp(*av, "flush") != 0)
4169 if (_substrcmp(*av, "add") == 0 ||
4170 _substrcmp(*av, "delete") == 0) {
4171 do_add = **av == 'a';
4172 ac--; av++;
4176 table_fill_xentry(*av, &xent);
4178 ac--; av++;
4182 if (strchr(*av, (int)'.') == NULL && isdigit(**av)) {
4183 xent.value = strtoul(*av, NULL, 0);
4185 if (lookup_host(*av, (struct in_addr *)&tval) == 0) {
4190 errx(EX_NOHOST, "hostname ``%s'' unknown", *av);
4209 } else if (_substrcmp(*av, "flush") == 0) {
4216 } else if (_substrcmp(*av, "list") == 0) {
4222 errx(EX_USAGE, "invalid table command %s", *av);