Lines Matching refs:av
86 if (!av[0]) \
88 if (_substrcmp(*av, "tablearg") == 0) { \
97 _xval = strtol(*av, &end, 10); \
99 if (!isdigit(**av) || *end != '\0' || (_xval == 0 && errno == EINVAL)) \
101 match_value(s_x, tok), *av); \
105 match_value(s_x, tok), min, max, *av); \
109 match_value(s_x, tok), *av); \
701 fill_newports(ipfw_insn_u16 *cmd, char *av, int proto, int cblen)
705 char *s = av;
708 a = strtoport(av, &s, 0, proto);
709 if (s == av) /* empty or invalid argument */
716 av = s + 1;
717 b = strtoport(av, &s, 0, proto);
719 if (s == av || (*s != ',' && *s != '\0'))
730 *s, av);
736 av = s + 1;
750 fill_dscp(ipfw_insn *cmd, char *av, int cblen)
753 char *s = av, *a;
1011 fill_icmptypes(ipfw_insn_u32 *cmd, char *av)
1016 while (*av) {
1017 if (*av == ',')
1018 av++;
1020 type = strtoul(av, &av, 0);
1022 if (*av != ',' && *av != '\0')
1846 ipfw_sets_handler(char *av[])
1853 av++;
1855 if (av[0] == NULL)
1857 if (_substrcmp(*av, "show") == 0) {
1888 } else if (_substrcmp(*av, "swap") == 0) {
1889 av++;
1890 if ( av[0] == NULL || av[1] == NULL )
1892 rulenum = atoi(av[0]);
1893 new_set = atoi(av[1]);
1894 if (!isdigit(*(av[0])) || rulenum > RESVD_SET)
1895 errx(EX_DATAERR, "invalid set number %s\n", av[0]);
1896 if (!isdigit(*(av[1])) || new_set > RESVD_SET)
1897 errx(EX_DATAERR, "invalid set number %s\n", av[1]);
1900 } else if (_substrcmp(*av, "move") == 0) {
1901 av++;
1902 if (av[0] && _substrcmp(*av, "rule") == 0) {
1904 av++;
1907 if (av[0] == NULL || av[1] == NULL || av[2] == NULL ||
1908 av[3] != NULL || _substrcmp(av[1], "to") != 0)
1910 rulenum = atoi(av[0]);
1911 new_set = atoi(av[2]);
1912 if (!isdigit(*(av[0])) || (cmd == 3 && rulenum > RESVD_SET) ||
1914 errx(EX_DATAERR, "invalid source number %s\n", av[0]);
1915 if (!isdigit(*(av[2])) || new_set > RESVD_SET)
1916 errx(EX_DATAERR, "invalid dest. set %s\n", av[1]);
1919 } else if (_substrcmp(*av, "disable") == 0 ||
1920 _substrcmp(*av, "enable") == 0 ) {
1921 int which = _substrcmp(*av, "enable") == 0 ? 1 : 0;
1923 av++;
1926 while (av[0]) {
1927 if (isdigit(**av)) {
1928 i = atoi(*av);
1933 } else if (_substrcmp(*av, "disable") == 0)
1935 else if (_substrcmp(*av, "enable") == 0)
1939 "invalid set command %s\n", *av);
1940 av++;
1950 errx(EX_USAGE, "invalid set command %s\n", *av);
1954 ipfw_sysctl_handler(char *av[], int which)
1956 av++;
1958 if (av[0] == NULL) {
1960 } else if (_substrcmp(*av, "firewall") == 0) {
1965 } else if (_substrcmp(*av, "one_pass") == 0) {
1968 } else if (_substrcmp(*av, "debug") == 0) {
1971 } else if (_substrcmp(*av, "verbose") == 0) {
1974 } else if (_substrcmp(*av, "dyn_keepalive") == 0) {
1978 } else if (_substrcmp(*av, "altq") == 0) {
1982 warnx("unrecognize enable/disable keyword: %s\n", *av);
1987 ipfw_list(int ac, char *av[], int show_counters)
2014 dummynet_list(ac, av, show_counters);
2019 av++;
2113 for (lac = ac, lav = av; lac != 0; lac--) {
2143 for (lac = ac, lav = av; lac != 0; lac--) {
2192 * fills the addr and mask fields in the instruction as appropriate from av.
2203 fill_ip(ipfw_insn_ip *cmd, char *av, int cblen)
2211 if (_substrcmp(av, "any") == 0)
2214 if (_substrcmp(av, "me") == 0) {
2219 if (strncmp(av, "table(", 6) == 0) {
2220 char *p = strchr(av + 6, ',');
2225 cmd->o.arg1 = strtoul(av + 6, NULL, 0);
2238 while (av) {
2244 char *t = NULL, *p = strpbrk(av, "/:,{");
2260 if (lookup_host(av, (struct in_addr *)&d[0]) != 0)
2261 errx(EX_NOHOST, "hostname ``%s'' unknown", av);
2319 av = p + 1;
2328 while (isdigit(*av)) {
2330 int a = strtol(av, &s, 0);
2332 if (s == av) { /* no parameter */
2333 if (*av != '}')
2359 av = s+1;
2363 av = p;
2364 if (av) /* then *av must be a ',' */
2365 av++;
2376 if (av == NULL && len == 0) /* only this entry */
2383 if (d[1] == (uint32_t)~0 && av == NULL && len == 0) {
2451 ipfw_delete(char *av[])
2458 av++;
2460 if ( *av && _substrcmp(*av, "set") == 0) {
2467 av++;
2471 while (*av && isdigit(**av)) {
2472 i = atoi(*av); av++;
2598 fill_comment(ipfw_insn *cmd, char **av, int cblen)
2607 for (i = 0, l = 0; av[i] != NULL; i++)
2608 l += strlen(av[i]) + 1;
2618 for (i = 0; av[i] != NULL; i++) {
2619 strcpy(p, av[i]);
2620 p += strlen(av[i]);
2643 add_mac(ipfw_insn *cmd, char *av[], int cblen)
2647 if ( ( av[0] == NULL ) || ( av[1] == NULL ) )
2655 get_mac_addr_mask(av[0], mac->addr, mac->mask); /* dst */
2656 get_mac_addr_mask(av[1], &(mac->addr[ETHER_ADDR_LEN]),
2662 add_mactype(ipfw_insn *cmd, char *av, int cblen)
2664 if (!av)
2666 if (strcmp(av, "any") != 0) { /* we have a non-null type */
2667 fill_newports((ipfw_insn_u16 *)cmd, av, IPPROTO_ETHERTYPE,
2676 add_proto0(ipfw_insn *cmd, char *av, u_char *protop)
2682 proto = strtol(av, &ep, 10);
2684 if ((pe = getprotobyname(av)) == NULL)
2695 add_proto(ipfw_insn *cmd, char *av, u_char *protop)
2699 if (_substrcmp(av, "all") == 0 || strcmp(av, "ip") == 0)
2701 else if (strcmp(av, "ip4") == 0)
2704 else if (strcmp(av, "ip6") == 0) {
2709 return add_proto0(cmd, av, protop);
2716 add_proto_compat(ipfw_insn *cmd, char *av, u_char *protop)
2720 if (_substrcmp(av, "all") == 0 || strcmp(av, "ip") == 0)
2722 else if (strcmp(av, "ipv4") == 0 || strcmp(av, "ip4") == 0)
2725 else if (strcmp(av, "ipv6") == 0 || strcmp(av, "ip6") == 0) {
2730 return add_proto0(cmd, av, protop);
2737 add_srcip(ipfw_insn *cmd, char *av, int cblen)
2739 fill_ip((ipfw_insn_ip *)cmd, av, cblen);
2754 add_dstip(ipfw_insn *cmd, char *av, int cblen)
2756 fill_ip((ipfw_insn_ip *)cmd, av, cblen);
2771 add_ports(ipfw_insn *cmd, char *av, u_char proto, int opcode, int cblen)
2774 if (_substrcmp(av, "any") == 0) {
2776 } else if (fill_newports((ipfw_insn_u16 *)cmd, av, proto, cblen)) {
2785 add_src(ipfw_insn *cmd, char *av, u_char proto, int cblen)
2791 if ((host = strdup(av)) == NULL)
2796 if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
2798 ret = add_srcip6(cmd, av, cblen);
2800 if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
2802 ret = add_srcip(cmd, av, cblen);
2803 if (ret == NULL && strcmp(av, "any") != 0)
2811 add_dst(ipfw_insn *cmd, char *av, u_char proto, int cblen)
2817 if ((host = strdup(av)) == NULL)
2822 if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
2824 ret = add_dstip6(cmd, av, cblen);
2826 if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
2828 ret = add_dstip(cmd, av, cblen);
2829 if (ret == NULL && strcmp(av, "any") != 0)
2849 ipfw_add(char *av[])
2898 av++;
2901 if (av[0] && isdigit(**av)) {
2902 rule->rulenum = atoi(*av);
2903 av++;
2907 if (av[0] && av[1] && _substrcmp(*av, "set") == 0) {
2908 int set = strtoul(av[1], NULL, 10);
2910 errx(EX_DATAERR, "illegal set %s", av[1]);
2912 av += 2;
2916 if (av[0] && av[1] && _substrcmp(*av, "prob") == 0) {
2917 match_prob = strtod(av[1], NULL);
2920 errx(EX_DATAERR, "illegal match prob. %s", av[1]);
2921 av += 2;
2926 i = match_token(rule_actions, *av);
2927 av++;
2963 fill_reject_code(&action->arg1, *av);
2964 av++;
2970 fill_unreach6_code(&action->arg1, *av);
2971 av++;
2982 if (_substrcmp(*av, "global") == 0) {
2984 av++;
3013 if (!av[0])
3014 errx(EX_USAGE, "missing argument for %s", *(av - 1));
3015 if (isdigit(**av)) {
3016 action->arg1 = strtoul(*av, NULL, 10);
3019 *(av - 1));
3020 } else if (_substrcmp(*av, "tablearg") == 0) {
3025 s = getservbyname(av[0], "divert");
3031 errx(EX_DATAERR, "illegal argument for %s", *(av - 1));
3032 av++;
3057 s = strchr(*av, ',');
3060 s = strchr(*av, ':');
3076 if (_substrcmp(*av, "tablearg") == 0) {
3085 if (getaddrinfo(*av, NULL, NULL, &res))
3128 av++;
3134 av--; /* go back... */
3144 if (_substrcmp(*av, "tablearg") == 0) {
3147 action->arg1 = strtoul(*av, NULL, 10);
3154 av++;
3164 if (_substrcmp(*av, "tablearg") == 0) {
3166 } else if (isalpha(*av[0])) {
3167 if ((code = match_token(f_ipdscp, *av)) == -1)
3171 action->arg1 = strtoul(*av, NULL, 10);
3172 av++;
3185 errx(EX_DATAERR, "invalid action %s\n", av[-1]);
3196 while (av[0] != NULL && (i = match_token(rule_action_params, *av)) != -1) {
3197 av++;
3211 if (av[0] && _substrcmp(*av, "logamount") == 0) {
3212 av++;
3214 l = atoi(*av);
3219 av++;
3248 a->qid = altq_name_to_qid(*av);
3249 av++;
3265 av++;
3279 if (av[0] && (*av[0] == '(' || *av[0] == '{')) { \
3284 if ( (av[0])[1] == '\0') { \
3285 av++; \
3287 (*av)++; \
3294 if (av[0] && ( \
3295 strcmp(*av, ")") == 0 || \
3296 strcmp(*av, "}") == 0)) { \
3299 av++; \
3305 if (av[0] && _substrcmp(*av, "not") == 0) { \
3309 av++; \
3313 if (av[0] && _substrcmp(*av, "or") == 0) { \
3317 av++; \
3332 if (_substrcmp(*av, "MAC") == 0 ||
3333 _substrcmp(*av, "mac") == 0) {
3334 av++; /* the "MAC" keyword */
3335 add_mac(cmd, av); /* exits in case of errors */
3337 av += 2; /* dst-mac and src-mac */
3340 if (add_mactype(cmd, av[0]))
3342 av++; /* any or mac-type */
3353 if (add_proto_compat(cmd, *av, &proto)) {
3354 av++;
3360 errx(EX_DATAERR, "invalid protocol ``%s''", *av);
3368 if ((av[0] == NULL) || _substrcmp(*av, "from") != 0)
3370 av++;
3378 if (add_src(cmd, *av, proto, cblen)) {
3379 av++;
3385 errx(EX_USAGE, "bad source address %s", *av);
3392 if ( av[0] != NULL ) {
3393 if (_substrcmp(*av, "any") == 0 ||
3394 add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) {
3395 av++;
3404 if ( (av[0] == NULL) || _substrcmp(*av, "to") != 0 )
3406 av++;
3414 if (add_dst(cmd, *av, proto, cblen)) {
3415 av++;
3421 errx( EX_USAGE, "bad destination address %s", *av);
3428 if (av[0]) {
3429 if (_substrcmp(*av, "any") == 0 ||
3430 add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) {
3431 av++;
3438 if (av[0] && first_cmd == cmd) {
3446 while ( av[0] != NULL ) {
3450 s = *av;
3460 av++;
3521 fill_iface((ipfw_insn_if *)cmd, av[0], cblen);
3522 av++;
3535 fill_icmptypes((ipfw_insn_u32 *)cmd, *av);
3536 av++;
3541 fill_icmp6types((ipfw_insn_icmp6 *)cmd, *av, cblen);
3542 av++;
3547 if (strpbrk(*av, "-,")) {
3548 if (!add_ports(cmd, *av, 0, O_IPTTL, cblen))
3549 errx(EX_DATAERR, "invalid ipttl %s", *av);
3551 fill_cmd(cmd, O_IPTTL, 0, strtoul(*av, NULL, 0));
3552 av++;
3557 if (strpbrk(*av, "-,")) {
3558 if (!add_ports(cmd, *av, 0, O_IPID, cblen))
3559 errx(EX_DATAERR, "invalid ipid %s", *av);
3561 fill_cmd(cmd, O_IPID, 0, strtoul(*av, NULL, 0));
3562 av++;
3567 if (strpbrk(*av, "-,")) {
3568 if (!add_ports(cmd, *av, 0, O_IPLEN, cblen))
3569 errx(EX_DATAERR, "invalid ip len %s", *av);
3571 fill_cmd(cmd, O_IPLEN, 0, strtoul(*av, NULL, 0));
3572 av++;
3577 fill_cmd(cmd, O_IPVER, 0, strtoul(*av, NULL, 0));
3578 av++;
3584 (strtoul(*av, NULL, 0) & 7) << 5);
3585 av++;
3590 fill_dscp(cmd, *av, cblen);
3591 av++;
3596 fill_flags(cmd, O_IPOPT, f_ipopts, *av);
3597 av++;
3602 fill_flags(cmd, O_IPTOS, f_iptos, *av);
3603 av++;
3614 uid = strtoul(*av, &end, 0);
3615 pwd = (*end == '\0') ? getpwuid(uid) : getpwnam(*av);
3617 errx(EX_DATAERR, "uid \"%s\" nonexistent", *av);
3620 av++;
3632 gid = strtoul(*av, &end, 0);
3633 grp = (*end == '\0') ? getgrgid(gid) : getgrnam(*av);
3635 errx(EX_DATAERR, "gid \"%s\" nonexistent", *av);
3638 av++;
3649 jid = (int)strtol(*av, &end, 0);
3654 av++;
3669 if (strpbrk(*av, "-,")) {
3670 if (!add_ports(cmd, *av, 0, O_TCPDATALEN, cblen))
3671 errx(EX_DATAERR, "invalid tcpdata len %s", *av);
3674 strtoul(*av, NULL, 0));
3675 av++;
3680 fill_flags(cmd, O_TCPOPTS, f_tcpopts, *av);
3681 av++;
3689 cmd32->d[0] = htonl(strtoul(*av, NULL, 0));
3690 av++;
3695 if (strpbrk(*av, "-,")) {
3696 if (!add_ports(cmd, *av, 0, O_TCPWIN, cblen))
3697 errx(EX_DATAERR, "invalid tcpwin len %s", *av);
3700 strtoul(*av, NULL, 0));
3701 av++;
3707 fill_flags(cmd, O_TCPFLAGS, f_tcpflags, *av);
3708 av++;
3739 while ( av[0] != NULL ) {
3740 if ((val = match_token(limit_masks, *av)) <= 0)
3743 av++;
3752 av++;
3758 if (add_proto(cmd, *av, &proto)) {
3759 av++;
3762 *av);
3767 if (add_srcip(cmd, *av, cblen)) {
3768 av++;
3774 if (add_dstip(cmd, *av, cblen)) {
3775 av++;
3781 if (add_srcip6(cmd, *av, cblen)) {
3782 av++;
3788 if (add_dstip6(cmd, *av, cblen)) {
3789 av++;
3795 if (_substrcmp(*av, "any") == 0 ||
3796 add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) {
3797 av++;
3799 errx(EX_DATAERR, "invalid source port %s", *av);
3804 if (_substrcmp(*av, "any") == 0 ||
3805 add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) {
3806 av++;
3809 *av);
3813 if (add_mac(cmd, av, cblen))
3814 av += 2;
3819 if (!add_mactype(cmd, *av, cblen))
3820 errx(EX_DATAERR, "invalid mac type %s", *av);
3821 av++;
3849 fill_ext6hdr( cmd, *av );
3850 av++;
3857 fill_flow6( (ipfw_insn_u32 *) cmd, *av, cblen);
3858 av++;
3862 fill_comment(cmd, av, cblen);
3863 av[0]=NULL;
3867 if (av[0] && strpbrk(*av, "-,")) {
3868 if (!add_ports(cmd, *av, 0, O_TAGGED, cblen))
3870 " list: %s", *av);
3879 av++;
3884 fill_cmd(cmd, O_FIB, 0, strtoul(*av, NULL, 0));
3885 av++;
3896 if (!av[0] || !av[1])
3900 i = match_token(rule_options, *av);
3906 errx(EX_USAGE, "format: cannot lookup on %s", *av);
3908 av++;
3909 cmd->arg1 = strtoul(*av, &p, 0);
3912 av++;
4027 ipfw_zero(int ac, char *av[], int optname /* 0 = IP_FW_ZERO, 1 = IP_FW_RESETLOG */)
4036 av++; ac--;
4051 if (isdigit(**av)) {
4052 arg = strtonum(*av, 0, 0xffff, &errstr);
4055 "invalid rule number %s\n", *av);
4059 av++;
4070 errx(EX_USAGE, "invalid rule number ``%s''", *av);
4152 ipfw_table_handler(int ac, char *av[])
4164 ac--; av++;
4165 if (ac && isdigit(**av)) {
4166 xent.tbl = atoi(*av);
4168 ac--; av++;
4169 } else if (ac && _substrcmp(*av, "all") == 0) {
4172 ac--; av++;
4179 if (is_all && _substrcmp(*av, "list") != 0
4180 && _substrcmp(*av, "flush") != 0)
4183 if (_substrcmp(*av, "add") == 0 ||
4184 _substrcmp(*av, "delete") == 0) {
4185 do_add = **av == 'a';
4186 ac--; av++;
4190 table_fill_xentry(*av, &xent);
4192 ac--; av++;
4196 if (strchr(*av, (int)'.') == NULL && isdigit(**av)) {
4197 xent.value = strtoul(*av, NULL, 0);
4199 if (lookup_host(*av, (struct in_addr *)&tval) == 0) {
4204 errx(EX_NOHOST, "hostname ``%s'' unknown", *av);
4223 } else if (_substrcmp(*av, "flush") == 0) {
4230 } else if (_substrcmp(*av, "list") == 0) {
4236 errx(EX_USAGE, "invalid table command %s", *av);