diff options
-rw-r--r-- | include/datatype.h | 3 | ||||
-rw-r--r-- | src/Makefile.am | 1 | ||||
-rw-r--r-- | src/datatype.c | 56 | ||||
-rw-r--r-- | src/json.c | 2 | ||||
-rw-r--r-- | src/services.c | 344 |
5 files changed, 45 insertions, 361 deletions
diff --git a/include/datatype.h b/include/datatype.h index b641f0ed..eab505ba 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -221,7 +221,6 @@ extern void symbol_table_print(const struct symbol_table *tbl, extern struct symbol_table *rt_symbol_table_init(const char *filename); extern void rt_symbol_table_free(struct symbol_table *tbl); -extern const struct symbol_table inet_service_tbl; extern struct symbol_table *mark_tbl; extern const struct datatype invalid_type; @@ -246,6 +245,8 @@ extern const struct datatype icmpx_code_type; extern const struct datatype time_type; extern const struct datatype boolean_type; +void inet_service_type_print(const struct expr *expr, struct output_ctx *octx); + extern const struct datatype *concat_type_alloc(uint32_t type); extern void concat_type_destroy(const struct datatype *dtype); diff --git a/src/Makefile.am b/src/Makefile.am index e569029d..8e69232f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -54,7 +54,6 @@ libnftables_la_SOURCES = \ erec.c \ mnl.c \ iface.c \ - services.c \ mergesort.c \ osf.c \ nfnl_osf.c \ diff --git a/src/datatype.c b/src/datatype.c index fbc3ac35..bc3df214 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -614,11 +614,42 @@ const struct datatype inet_protocol_type = { .parse = inet_protocol_type_parse, }; -static void inet_service_type_print(const struct expr *expr, - struct output_ctx *octx) +static void inet_service_print(const struct expr *expr, struct output_ctx *octx) +{ + struct sockaddr_in sin = { .sin_family = AF_INET }; + char buf[NI_MAXSERV]; + uint16_t port; + int err; + + sin.sin_port = mpz_get_be16(expr->value); + err = getnameinfo((struct sockaddr *)&sin, sizeof(sin), NULL, 0, + buf, sizeof(buf), 0); + if (err != 0) { + nft_print(octx, "%u", ntohs(sin.sin_port)); + return; + } + port = atoi(buf); + /* We got a TCP service name string, display it... */ + if (htons(port) != sin.sin_port) { + nft_print(octx, "\"%s\"", buf); + return; + } + + /* ...otherwise, this might be a UDP service name. */ + err = getnameinfo((struct sockaddr *)&sin, sizeof(sin), NULL, 0, + buf, sizeof(buf), NI_DGRAM); + if (err != 0) { + /* No service name, display numeric value. */ + nft_print(octx, "%u", ntohs(sin.sin_port)); + return; + } + nft_print(octx, "\"%s\"", buf); +} + +void inet_service_type_print(const struct expr *expr, struct output_ctx *octx) { if (octx->literal == NFT_LITERAL_PORT) { - symbolic_constant_print(&inet_service_tbl, expr, false, octx); + inet_service_print(expr, octx); return; } integer_type_print(expr, octx); @@ -627,10 +658,11 @@ static void inet_service_type_print(const struct expr *expr, static struct error_record *inet_service_type_parse(const struct expr *sym, struct expr **res) { - const struct symbolic_constant *s; + struct addrinfo *ai; uint16_t port; uintmax_t i; char *end; + int err; errno = 0; i = strtoumax(sym->identifier, &end, 0); @@ -640,16 +672,13 @@ static struct error_record *inet_service_type_parse(const struct expr *sym, port = htons(i); } else { - for (s = inet_service_tbl.symbols; s->identifier != NULL; s++) { - if (!strcmp(sym->identifier, s->identifier)) - break; - } + err = getaddrinfo(NULL, sym->identifier, NULL, &ai); + if (err != 0) + return error(&sym->location, "Could not resolve service: %s", + gai_strerror(err)); - if (s->identifier == NULL) - return error(&sym->location, "Could not resolve service: " - "Servname not found in nft services list"); - - port = s->value; + port = ((struct sockaddr_in *)ai->ai_addr)->sin_port; + freeaddrinfo(ai); } *res = constant_expr_alloc(&sym->location, &inet_service_type, @@ -668,7 +697,6 @@ const struct datatype inet_service_type = { .print = inet_service_type_print, .json = inet_service_type_json, .parse = inet_service_type_parse, - .sym_tbl = &inet_service_tbl, }; #define RT_SYM_TAB_INITIAL_SIZE 16 @@ -864,7 +864,7 @@ json_t *inet_service_type_json(const struct expr *expr, struct output_ctx *octx) if (octx->numeric >= NFT_NUMERIC_PORT) return integer_type_json(expr, octx); - return symbolic_constant_json(&inet_service_tbl, expr, octx); + return inet_service_type_print(expr, octx); } json_t *mark_type_json(const struct expr *expr, struct output_ctx *octx) diff --git a/src/services.c b/src/services.c deleted file mode 100644 index 83c26723..00000000 --- a/src/services.c +++ /dev/null @@ -1,344 +0,0 @@ -#include <nftables.h> -#include <datatype.h> - -const struct symbol_table inet_service_tbl = { - .base = BASE_DECIMAL, - .symbols = { - SYMBOL("tcpmux", __constant_htons(1)), - SYMBOL("echo", __constant_htons(7)), - SYMBOL("discard", __constant_htons(9)), - SYMBOL("systat", __constant_htons(11)), - SYMBOL("daytime", __constant_htons(13)), - SYMBOL("netstat", __constant_htons(15)), - SYMBOL("qotd", __constant_htons(17)), - SYMBOL("msp", __constant_htons(18)), - SYMBOL("chargen", __constant_htons(19)), - SYMBOL("ftp-data", __constant_htons(20)), - SYMBOL("ftp", __constant_htons(21)), - SYMBOL("ssh", __constant_htons(22)), - SYMBOL("telnet", __constant_htons(23)), - SYMBOL("smtp", __constant_htons(25)), - SYMBOL("time", __constant_htons(37)), - SYMBOL("rlp", __constant_htons(39)), - SYMBOL("nameserver", __constant_htons(42)), - SYMBOL("whois", __constant_htons(43)), - SYMBOL("tacacs", __constant_htons(49)), - SYMBOL("re-mail-ck", __constant_htons(50)), - SYMBOL("domain", __constant_htons(53)), - SYMBOL("mtp", __constant_htons(57)), - SYMBOL("tacacs-ds", __constant_htons(65)), - SYMBOL("bootps", __constant_htons(67)), - SYMBOL("bootpc", __constant_htons(68)), - SYMBOL("tftp", __constant_htons(69)), - SYMBOL("gopher", __constant_htons(70)), - SYMBOL("rje", __constant_htons(77)), - SYMBOL("finger", __constant_htons(79)), - SYMBOL("http", __constant_htons(80)), - SYMBOL("link", __constant_htons(87)), - SYMBOL("kerberos", __constant_htons(88)), - SYMBOL("supdup", __constant_htons(95)), - SYMBOL("linuxconf", __constant_htons(98)), - SYMBOL("hostnames", __constant_htons(101)), - SYMBOL("iso-tsap", __constant_htons(102)), - SYMBOL("acr-nema", __constant_htons(104)), - SYMBOL("csnet-ns", __constant_htons(105)), - SYMBOL("poppassd", __constant_htons(106)), - SYMBOL("rtelnet", __constant_htons(107)), - SYMBOL("pop2", __constant_htons(109)), - SYMBOL("pop3", __constant_htons(110)), - SYMBOL("sunrpc", __constant_htons(111)), - SYMBOL("auth", __constant_htons(113)), - SYMBOL("sftp", __constant_htons(115)), - SYMBOL("uucp-path", __constant_htons(117)), - SYMBOL("nntp", __constant_htons(119)), - SYMBOL("ntp", __constant_htons(123)), - SYMBOL("pwdgen", __constant_htons(129)), - SYMBOL("loc-srv", __constant_htons(135)), - SYMBOL("netbios-ns", __constant_htons(137)), - SYMBOL("netbios-dgm", __constant_htons(138)), - SYMBOL("netbios-ssn", __constant_htons(139)), - SYMBOL("imap2", __constant_htons(143)), - SYMBOL("snmp", __constant_htons(161)), - SYMBOL("snmp-trap", __constant_htons(162)), - SYMBOL("cmip-man", __constant_htons(163)), - SYMBOL("cmip-agent", __constant_htons(164)), - SYMBOL("mailq", __constant_htons(174)), - SYMBOL("xdmcp", __constant_htons(177)), - SYMBOL("nextstep", __constant_htons(178)), - SYMBOL("bgp", __constant_htons(179)), - SYMBOL("prospero", __constant_htons(191)), - SYMBOL("irc", __constant_htons(194)), - SYMBOL("smux", __constant_htons(199)), - SYMBOL("at-rtmp", __constant_htons(201)), - SYMBOL("at-nbp", __constant_htons(202)), - SYMBOL("at-echo", __constant_htons(204)), - SYMBOL("at-zis", __constant_htons(206)), - SYMBOL("qmtp", __constant_htons(209)), - SYMBOL("z3950", __constant_htons(210)), - SYMBOL("ipx", __constant_htons(213)), - SYMBOL("imap3", __constant_htons(220)), - SYMBOL("pawserv", __constant_htons(345)), - SYMBOL("zserv", __constant_htons(346)), - SYMBOL("fatserv", __constant_htons(347)), - SYMBOL("rpc2portmap", __constant_htons(369)), - SYMBOL("codaauth2", __constant_htons(370)), - SYMBOL("clearcase", __constant_htons(371)), - SYMBOL("ulistserv", __constant_htons(372)), - SYMBOL("ldap", __constant_htons(389)), - SYMBOL("imsp", __constant_htons(406)), - SYMBOL("svrloc", __constant_htons(427)), - SYMBOL("https", __constant_htons(443)), - SYMBOL("snpp", __constant_htons(444)), - SYMBOL("microsoft-ds", __constant_htons(445)), - SYMBOL("kpasswd", __constant_htons(464)), - SYMBOL("urd", __constant_htons(465)), - SYMBOL("saft", __constant_htons(487)), - SYMBOL("isakmp", __constant_htons(500)), - SYMBOL("exec", __constant_htons(512)), - SYMBOL("login", __constant_htons(513)), - SYMBOL("shell", __constant_htons(514)), - SYMBOL("printer", __constant_htons(515)), - SYMBOL("talk", __constant_htons(517)), - SYMBOL("ntalk", __constant_htons(518)), - SYMBOL("route", __constant_htons(520)), - SYMBOL("timed", __constant_htons(525)), - SYMBOL("tempo", __constant_htons(526)), - SYMBOL("courier", __constant_htons(530)), - SYMBOL("conference", __constant_htons(531)), - SYMBOL("netnews", __constant_htons(532)), - SYMBOL("netwall", __constant_htons(533)), - SYMBOL("gdomap", __constant_htons(538)), - SYMBOL("uucp", __constant_htons(540)), - SYMBOL("klogin", __constant_htons(543)), - SYMBOL("kshell", __constant_htons(544)), - SYMBOL("dhcpv6-client", __constant_htons(546)), - SYMBOL("dhcpv6-server", __constant_htons(547)), - SYMBOL("afpovertcp", __constant_htons(548)), - SYMBOL("idfp", __constant_htons(549)), - SYMBOL("rtsp", __constant_htons(554)), - SYMBOL("remotefs", __constant_htons(556)), - SYMBOL("nntps", __constant_htons(563)), - SYMBOL("submission", __constant_htons(587)), - SYMBOL("nqs", __constant_htons(607)), - SYMBOL("npmp-local", __constant_htons(610)), - SYMBOL("npmp-gui", __constant_htons(611)), - SYMBOL("hmmp-ind", __constant_htons(612)), - SYMBOL("asf-rmcp", __constant_htons(623)), - SYMBOL("qmqp", __constant_htons(628)), - SYMBOL("ipp", __constant_htons(631)), - SYMBOL("ldaps", __constant_htons(636)), - SYMBOL("tinc", __constant_htons(655)), - SYMBOL("silc", __constant_htons(706)), - SYMBOL("kerberos-adm", __constant_htons(749)), - SYMBOL("kerberos4", __constant_htons(750)), - SYMBOL("kerberos-master", __constant_htons(751)), - SYMBOL("passwd-server", __constant_htons(752)), - SYMBOL("krb-prop", __constant_htons(754)), - SYMBOL("krbupdate", __constant_htons(760)), - SYMBOL("webster", __constant_htons(765)), - SYMBOL("moira-db", __constant_htons(775)), - SYMBOL("moira-update", __constant_htons(777)), - SYMBOL("moira-ureg", __constant_htons(779)), - SYMBOL("spamd", __constant_htons(783)), - SYMBOL("omirr", __constant_htons(808)), - SYMBOL("supfilesrv", __constant_htons(871)), - SYMBOL("rsync", __constant_htons(873)), - SYMBOL("swat", __constant_htons(901)), - SYMBOL("ftps-data", __constant_htons(989)), - SYMBOL("ftps", __constant_htons(990)), - SYMBOL("telnets", __constant_htons(992)), - SYMBOL("imaps", __constant_htons(993)), - SYMBOL("ircs", __constant_htons(994)), - SYMBOL("pop3s", __constant_htons(995)), - SYMBOL("customs", __constant_htons(1001)), - SYMBOL("socks", __constant_htons(1080)), - SYMBOL("proofd", __constant_htons(1093)), - SYMBOL("rootd", __constant_htons(1094)), - SYMBOL("rmiregistry", __constant_htons(1099)), - SYMBOL("kpop", __constant_htons(1109)), - SYMBOL("supfiledbg", __constant_htons(1127)), - SYMBOL("skkserv", __constant_htons(1178)), - SYMBOL("openvpn", __constant_htons(1194)), - SYMBOL("predict", __constant_htons(1210)), - SYMBOL("kazaa", __constant_htons(1214)), - SYMBOL("rmtcfg", __constant_htons(1236)), - SYMBOL("nessus", __constant_htons(1241)), - SYMBOL("wipld", __constant_htons(1300)), - SYMBOL("xtel", __constant_htons(1313)), - SYMBOL("xtelw", __constant_htons(1314)), - SYMBOL("lotusnote", __constant_htons(1352)), - SYMBOL("ms-sql-s", __constant_htons(1433)), - SYMBOL("ms-sql-m", __constant_htons(1434)), - SYMBOL("ingreslock", __constant_htons(1524)), - SYMBOL("prospero-np", __constant_htons(1525)), - SYMBOL("support", __constant_htons(1529)), - SYMBOL("datametrics", __constant_htons(1645)), - SYMBOL("sa-msg-port", __constant_htons(1646)), - SYMBOL("kermit", __constant_htons(1649)), - SYMBOL("groupwise", __constant_htons(1677)), - SYMBOL("l2f", __constant_htons(1701)), - SYMBOL("radius", __constant_htons(1812)), - SYMBOL("radius-acct", __constant_htons(1813)), - SYMBOL("msnp", __constant_htons(1863)), - SYMBOL("unix-status", __constant_htons(1957)), - SYMBOL("log-server", __constant_htons(1958)), - SYMBOL("remoteping", __constant_htons(1959)), - SYMBOL("cisco-sccp", __constant_htons(2000)), - SYMBOL("cfinger", __constant_htons(2003)), - SYMBOL("search", __constant_htons(2010)), - SYMBOL("nfs", __constant_htons(2049)), - SYMBOL("knetd", __constant_htons(2053)), - SYMBOL("gnunet", __constant_htons(2086)), - SYMBOL("rtcm-sc104", __constant_htons(2101)), - SYMBOL("zephyr-srv", __constant_htons(2102)), - SYMBOL("zephyr-clt", __constant_htons(2103)), - SYMBOL("zephyr-hm", __constant_htons(2104)), - SYMBOL("eklogin", __constant_htons(2105)), - SYMBOL("kx", __constant_htons(2111)), - SYMBOL("gsigatekeeper", __constant_htons(2119)), - SYMBOL("iprop", __constant_htons(2121)), - SYMBOL("gris", __constant_htons(2135)), - SYMBOL("ninstall", __constant_htons(2150)), - SYMBOL("cvspserver", __constant_htons(2401)), - SYMBOL("venus", __constant_htons(2430)), - SYMBOL("venus-se", __constant_htons(2431)), - SYMBOL("codasrv", __constant_htons(2432)), - SYMBOL("codasrv-se", __constant_htons(2433)), - SYMBOL("mon", __constant_htons(2583)), - SYMBOL("zebrasrv", __constant_htons(2600)), - SYMBOL("zebra", __constant_htons(2601)), - SYMBOL("ripd", __constant_htons(2602)), - SYMBOL("ripngd", __constant_htons(2603)), - SYMBOL("ospfd", __constant_htons(2604)), - SYMBOL("bgpd", __constant_htons(2605)), - SYMBOL("ospf6d", __constant_htons(2606)), - SYMBOL("ospfapi", __constant_htons(2607)), - SYMBOL("isisd", __constant_htons(2608)), - SYMBOL("dict", __constant_htons(2628)), - SYMBOL("f5-globalsite", __constant_htons(2792)), - SYMBOL("gsiftp", __constant_htons(2811)), - SYMBOL("gpsd", __constant_htons(2947)), - SYMBOL("afbackup", __constant_htons(2988)), - SYMBOL("afmbackup", __constant_htons(2989)), - SYMBOL("gds-db", __constant_htons(3050)), - SYMBOL("icpv2", __constant_htons(3130)), - SYMBOL("iscsi-target", __constant_htons(3260)), - SYMBOL("mysql", __constant_htons(3306)), - SYMBOL("nut", __constant_htons(3493)), - SYMBOL("distcc", __constant_htons(3632)), - SYMBOL("daap", __constant_htons(3689)), - SYMBOL("svn", __constant_htons(3690)), - SYMBOL("suucp", __constant_htons(4031)), - SYMBOL("sysrqd", __constant_htons(4094)), - SYMBOL("sieve", __constant_htons(4190)), - SYMBOL("xtell", __constant_htons(4224)), - SYMBOL("f5-iquery", __constant_htons(4353)), - SYMBOL("epmd", __constant_htons(4369)), - SYMBOL("remctl", __constant_htons(4373)), - SYMBOL("ipsec-nat-t", __constant_htons(4500)), - SYMBOL("fax", __constant_htons(4557)), - SYMBOL("hylafax", __constant_htons(4559)), - SYMBOL("iax", __constant_htons(4569)), - SYMBOL("distmp3", __constant_htons(4600)), - SYMBOL("mtn", __constant_htons(4691)), - SYMBOL("radmin-port", __constant_htons(4899)), - SYMBOL("munin", __constant_htons(4949)), - SYMBOL("rfe", __constant_htons(5002)), - SYMBOL("mmcc", __constant_htons(5050)), - SYMBOL("enbd-cstatd", __constant_htons(5051)), - SYMBOL("enbd-sstatd", __constant_htons(5052)), - SYMBOL("sip", __constant_htons(5060)), - SYMBOL("sip-tls", __constant_htons(5061)), - SYMBOL("pcrd", __constant_htons(5151)), - SYMBOL("aol", __constant_htons(5190)), - SYMBOL("xmpp-client", __constant_htons(5222)), - SYMBOL("xmpp-server", __constant_htons(5269)), - SYMBOL("cfengine", __constant_htons(5308)), - SYMBOL("mdns", __constant_htons(5353)), - SYMBOL("noclog", __constant_htons(5354)), - SYMBOL("hostmon", __constant_htons(5355)), - SYMBOL("postgresql", __constant_htons(5432)), - SYMBOL("rplay", __constant_htons(5555)), - SYMBOL("freeciv", __constant_htons(5556)), - SYMBOL("nrpe", __constant_htons(5666)), - SYMBOL("nsca", __constant_htons(5667)), - SYMBOL("amqps", __constant_htons(5671)), - SYMBOL("amqp", __constant_htons(5672)), - SYMBOL("mrtd", __constant_htons(5674)), - SYMBOL("bgpsim", __constant_htons(5675)), - SYMBOL("canna", __constant_htons(5680)), - SYMBOL("ggz", __constant_htons(5688)), - SYMBOL("x11", __constant_htons(6000)), - SYMBOL("x11-1", __constant_htons(6001)), - SYMBOL("x11-2", __constant_htons(6002)), - SYMBOL("x11-3", __constant_htons(6003)), - SYMBOL("x11-4", __constant_htons(6004)), - SYMBOL("x11-5", __constant_htons(6005)), - SYMBOL("x11-6", __constant_htons(6006)), - SYMBOL("x11-7", __constant_htons(6007)), - SYMBOL("gnutella-svc", __constant_htons(6346)), - SYMBOL("gnutella-rtr", __constant_htons(6347)), - SYMBOL("sge-qmaster", __constant_htons(6444)), - SYMBOL("sge-execd", __constant_htons(6445)), - SYMBOL("mysql-proxy", __constant_htons(6446)), - SYMBOL("syslog-tls", __constant_htons(6514)), - SYMBOL("sane-port", __constant_htons(6566)), - SYMBOL("ircd", __constant_htons(6667)), - SYMBOL("afs3-fileserver", __constant_htons(7000)), - SYMBOL("afs3-callback", __constant_htons(7001)), - SYMBOL("afs3-prserver", __constant_htons(7002)), - SYMBOL("afs3-vlserver", __constant_htons(7003)), - SYMBOL("afs3-kaserver", __constant_htons(7004)), - SYMBOL("afs3-volser", __constant_htons(7005)), - SYMBOL("afs3-errors", __constant_htons(7006)), - SYMBOL("afs3-bos", __constant_htons(7007)), - SYMBOL("afs3-update", __constant_htons(7008)), - SYMBOL("afs3-rmtsys", __constant_htons(7009)), - SYMBOL("font-service", __constant_htons(7100)), - SYMBOL("zope-ftp", __constant_htons(8021)), - SYMBOL("http-alt", __constant_htons(8080)), - SYMBOL("tproxy", __constant_htons(8081)), - SYMBOL("omniorb", __constant_htons(8088)), - SYMBOL("clc-build-daemon", __constant_htons(8990)), - SYMBOL("xinetd", __constant_htons(9098)), - SYMBOL("bacula-dir", __constant_htons(9101)), - SYMBOL("bacula-fd", __constant_htons(9102)), - SYMBOL("bacula-sd", __constant_htons(9103)), - SYMBOL("mandelspawn", __constant_htons(9359)), - SYMBOL("git", __constant_htons(9418)), - SYMBOL("xmms2", __constant_htons(9667)), - SYMBOL("zope", __constant_htons(9673)), - SYMBOL("webmin", __constant_htons(10000)), - SYMBOL("zabbix-agent", __constant_htons(10050)), - SYMBOL("zabbix-trapper", __constant_htons(10051)), - SYMBOL("amanda", __constant_htons(10080)), - SYMBOL("kamanda", __constant_htons(10081)), - SYMBOL("amandaidx", __constant_htons(10082)), - SYMBOL("amidxtape", __constant_htons(10083)), - SYMBOL("nbd", __constant_htons(10809)), - SYMBOL("dicom", __constant_htons(11112)), - SYMBOL("smsqp", __constant_htons(11201)), - SYMBOL("hkp", __constant_htons(11371)), - SYMBOL("bprd", __constant_htons(13720)), - SYMBOL("bpdbm", __constant_htons(13721)), - SYMBOL("bpjava-msvc", __constant_htons(13722)), - SYMBOL("vnetd", __constant_htons(13724)), - SYMBOL("bpcd", __constant_htons(13782)), - SYMBOL("vopied", __constant_htons(13783)), - SYMBOL("xpilot", __constant_htons(15345)), - SYMBOL("sgi-cmsd", __constant_htons(17001)), - SYMBOL("sgi-crsd", __constant_htons(17002)), - SYMBOL("sgi-gcd", __constant_htons(17003)), - SYMBOL("sgi-cad", __constant_htons(17004)), - SYMBOL("db-lsp", __constant_htons(17500)), - SYMBOL("isdnlog", __constant_htons(20011)), - SYMBOL("vboxd", __constant_htons(20012)), - SYMBOL("dcap", __constant_htons(22125)), - SYMBOL("gsidcap", __constant_htons(22128)), - SYMBOL("wnn6", __constant_htons(22273)), - SYMBOL("binkp", __constant_htons(24554)), - SYMBOL("asp", __constant_htons(27374)), - SYMBOL("csync2", __constant_htons(30865)), - SYMBOL_LIST_END - }, -}; |