From 8339ff1d7d8694153e2daac032c0999fbf04aad9 Mon Sep 17 00:00:00 2001 From: Bart De Schuymer Date: Wed, 14 Jan 2004 20:05:27 +0000 Subject: Make ebtables library functions --- extensions/ebt_ip.c | 136 +++++++--------------------------------------------- 1 file changed, 16 insertions(+), 120 deletions(-) (limited to 'extensions/ebt_ip.c') diff --git a/extensions/ebt_ip.c b/extensions/ebt_ip.c index b836bae..f93b8b9 100644 --- a/extensions/ebt_ip.c +++ b/extensions/ebt_ip.c @@ -57,111 +57,7 @@ static struct option opts[] = { 0 } }; -/* put the ip string into 4 bytes */ -static int undot_ip(char *ip, unsigned char *ip2) -{ - char *p, *q, *end; - long int onebyte; - int i; - char buf[20]; - - strncpy(buf, ip, sizeof(buf) - 1); - - p = buf; - for (i = 0; i < 3; i++) { - if ((q = strchr(p, '.')) == NULL) - return -1; - *q = '\0'; - onebyte = strtol(p, &end, 10); - if (*end != '\0' || onebyte > 255 || onebyte < 0) - return -1; - ip2[i] = (unsigned char)onebyte; - p = q + 1; - } - - onebyte = strtol(p, &end, 10); - if (*end != '\0' || onebyte > 255 || onebyte < 0) - return -1; - ip2[3] = (unsigned char)onebyte; - - return 0; -} - /* put the mask into 4 bytes */ -static int ip_mask(char *mask, unsigned char *mask2) -{ - char *end; - long int bits; - uint32_t mask22; - - if (undot_ip(mask, mask2)) { - /* not the /a.b.c.e format, maybe the /x format */ - bits = strtol(mask, &end, 10); - if (*end != '\0' || bits > 32 || bits < 0) - return -1; - if (bits != 0) { - mask22 = htonl(0xFFFFFFFF << (32 - bits)); - memcpy(mask2, &mask22, 4); - } else { - mask22 = 0xFFFFFFFF; - memcpy(mask2, &mask22, 4); - } - } - return 0; -} - -/* set the ip mask and ip address */ -void parse_ip_address(char *address, uint32_t *addr, uint32_t *msk) -{ - char *p; - - /* first the mask */ - if ((p = strrchr(address, '/')) != NULL) { - *p = '\0'; - if (ip_mask(p + 1, (unsigned char *)msk)) - print_error("Problem with the IP mask"); - } - else - *msk = 0xFFFFFFFF; - - if (undot_ip(address, (unsigned char *)addr)) - print_error("Problem with the IP address"); - *addr = *addr & *msk; -} - -/* transform the ip mask into a string ready for output */ -char *mask_to_dotted(uint32_t mask) -{ - int i; - static char buf[20]; - uint32_t maskaddr, bits; - - maskaddr = ntohl(mask); - - /* don't print /32 */ - if (mask == 0xFFFFFFFFL) { - *buf = '\0'; - return buf; - } - - i = 32; - bits = 0xFFFFFFFEL; /* case 0xFFFFFFFF has just been dealt with */ - while (--i >= 0 && maskaddr != bits) - bits <<= 1; - - if (i > 0) - sprintf(buf, "/%d", i); - else if (!i) - *buf = '\0'; - else - /* mask was not a decent combination of 1's and 0's */ - sprintf(buf, "/%d.%d.%d.%d", ((unsigned char *)&mask)[0], - ((unsigned char *)&mask)[1], ((unsigned char *)&mask)[2], - ((unsigned char *)&mask)[3]); - - return buf; -} - /* transform a protocol and service name into a port number */ static uint16_t parse_port(const char *protocol, const char *name) { @@ -247,15 +143,15 @@ static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry, switch (c) { case IP_SOURCE: - check_option(flags, OPT_SOURCE); + ebt_check_option(flags, OPT_SOURCE); ipinfo->bitmask |= EBT_IP_SOURCE; case IP_DEST: if (c == IP_DEST) { - check_option(flags, OPT_DEST); + ebt_check_option(flags, OPT_DEST); ipinfo->bitmask |= EBT_IP_DEST; } - if (check_inverse(optarg)) { + if (ebt_check_inverse(optarg)) { if (c == IP_SOURCE) ipinfo->invflags |= EBT_IP_SOURCE; else @@ -265,24 +161,24 @@ static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry, if (optind > argc) print_error("Missing IP address argument"); if (c == IP_SOURCE) - parse_ip_address(argv[optind - 1], &ipinfo->saddr, + ebt_parse_ip_address(argv[optind - 1], &ipinfo->saddr, &ipinfo->smsk); else - parse_ip_address(argv[optind - 1], &ipinfo->daddr, + ebt_parse_ip_address(argv[optind - 1], &ipinfo->daddr, &ipinfo->dmsk); break; case IP_SPORT: case IP_DPORT: if (c == IP_SPORT) { - check_option(flags, OPT_SPORT); + ebt_check_option(flags, OPT_SPORT); ipinfo->bitmask |= EBT_IP_SPORT; - if (check_inverse(optarg)) + if (ebt_check_inverse(optarg)) ipinfo->invflags |= EBT_IP_SPORT; } else { - check_option(flags, OPT_DPORT); + ebt_check_option(flags, OPT_DPORT); ipinfo->bitmask |= EBT_IP_DPORT; - if (check_inverse(optarg)) + if (ebt_check_inverse(optarg)) ipinfo->invflags |= EBT_IP_DPORT; } if (optind > argc) @@ -294,8 +190,8 @@ static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry, break; case IP_myTOS: - check_option(flags, OPT_TOS); - if (check_inverse(optarg)) + ebt_check_option(flags, OPT_TOS); + if (ebt_check_inverse(optarg)) ipinfo->invflags |= EBT_IP_TOS; if (optind > argc) @@ -308,8 +204,8 @@ static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry, break; case IP_PROTO: - check_option(flags, OPT_PROTO); - if (check_inverse(optarg)) + ebt_check_option(flags, OPT_PROTO); + if (ebt_check_inverse(optarg)) ipinfo->invflags |= EBT_IP_PROTO; if (optind > argc) print_error("Missing IP protocol argument"); @@ -366,7 +262,7 @@ static void print(const struct ebt_u_entry *entry, for (j = 0; j < 4; j++) printf("%d%s",((unsigned char *)&ipinfo->saddr)[j], (j == 3) ? "" : "."); - printf("%s ", mask_to_dotted(ipinfo->smsk)); + printf("%s ", ebt_mask_to_dotted(ipinfo->smsk)); } if (ipinfo->bitmask & EBT_IP_DEST) { printf("--ip-dst "); @@ -375,7 +271,7 @@ static void print(const struct ebt_u_entry *entry, for (j = 0; j < 4; j++) printf("%d%s", ((unsigned char *)&ipinfo->daddr)[j], (j == 3) ? "" : "."); - printf("%s ", mask_to_dotted(ipinfo->dmsk)); + printf("%s ", ebt_mask_to_dotted(ipinfo->dmsk)); } if (ipinfo->bitmask & EBT_IP_TOS) { printf("--ip-tos "); @@ -471,5 +367,5 @@ static struct ebt_u_match ip_match = static void _init(void) __attribute((constructor)); static void _init(void) { - register_match(&ip_match); + ebt_register_match(&ip_match); } -- cgit v1.2.3