Acasă Explorează Ajutor
Autentificare
SoftwareDesign
/
csu3_am335x
8
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Ramură: master
Ramuri Etichete
csu3_am335x
/
EVSE
/
GPL
/
iptables-1.4.18
/
extensions
/
libip6t_rt.c

libip6t_rt.c 6.8 KB
Permalink Istoric Crud

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258 
  1. #include <stdio.h>
    2. 

  2. #include <string.h>
    3. 

  3. #include <stdlib.h>
    4. 

  4. #include <xtables.h>
    5. 

  5. #include <linux/netfilter_ipv6/ip6t_rt.h>
    6. 

  6. #include <arpa/inet.h>
    7. 

  7. 

  8. enum {
    9. 

  9. 	O_RT_TYPE = 0,
    10. 

  10. 	O_RT_SEGSLEFT,
    11. 

  11. 	O_RT_LEN,
    12. 

  12. 	O_RT0RES,
    13. 

  13. 	O_RT0ADDRS,
    14. 

  14. 	O_RT0NSTRICT,
    15. 

  15. 	F_RT_TYPE  = 1 << O_RT_TYPE,
    16. 

  16. 	F_RT0ADDRS = 1 << O_RT0ADDRS,
    17. 

  17. };
    18. 

  18. 

  19. static void rt_help(void)
    20. 

  20. {
    21. 

  21. 	printf(
    22. 

  22. "rt match options:\n"
    23. 

  23. "[!] --rt-type type             match the type\n"
    24. 

  24. "[!] --rt-segsleft num[:num]    match the Segments Left field (range)\n"
    25. 

  25. "[!] --rt-len length            total length of this header\n"
    26. 

  26. " --rt-0-res                    check the reserved field too (type 0)\n"
    27. 

  27. " --rt-0-addrs ADDR[,ADDR...]   Type=0 addresses (list, max: %d)\n"
    28. 

  28. " --rt-0-not-strict             List of Type=0 addresses not a strict list\n",
    29. 

  29. IP6T_RT_HOPS);
    30. 

  30. }
    31. 

  31. 

  32. #define s struct ip6t_rt
    33. 

  33. static const struct xt_option_entry rt_opts[] = {
    34. 

  34. 	{.name = "rt-type", .id = O_RT_TYPE, .type = XTTYPE_UINT32,
    35. 

  35. 	 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, rt_type)},
    36. 

  36. 	{.name = "rt-segsleft", .id = O_RT_SEGSLEFT, .type = XTTYPE_UINT32RC,
    37. 

  37. 	 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, segsleft)},
    38. 

  38. 	{.name = "rt-len", .id = O_RT_LEN, .type = XTTYPE_UINT32,
    39. 

  39. 	 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, hdrlen)},
    40. 

  40. 	{.name = "rt-0-res", .id = O_RT0RES, .type = XTTYPE_NONE},
    41. 

  41. 	{.name = "rt-0-addrs", .id = O_RT0ADDRS, .type = XTTYPE_STRING},
    42. 

  42. 	{.name = "rt-0-not-strict", .id = O_RT0NSTRICT, .type = XTTYPE_NONE},
    43. 

  43. 	XTOPT_TABLEEND,
    44. 

  44. };
    45. 

  45. #undef s
    46. 

  46. 

  47. static const char *
    48. 

  48. addr_to_numeric(const struct in6_addr *addrp)
    49. 

  49. {
    50. 

  50. 	static char buf[50+1];
    51. 

  51. 	return inet_ntop(AF_INET6, addrp, buf, sizeof(buf));
    52. 

  52. }
    53. 

  53. 

  54. static struct in6_addr *
    55. 

  55. numeric_to_addr(const char *num)
    56. 

  56. {
    57. 

  57. 	static struct in6_addr ap;
    58. 

  58. 	int err;
    59. 

  59. 

  60. 	if ((err=inet_pton(AF_INET6, num, &ap)) == 1)
    61. 

  61. 		return &ap;
    62. 

  62. #ifdef DEBUG
    63. 

  63. 	fprintf(stderr, "\nnumeric2addr: %d\n", err);
    64. 

  64. #endif
    65. 

  65. 	xtables_error(PARAMETER_PROBLEM, "bad address: %s", num);
    66. 

  66. 

  67. 	return (struct in6_addr *)NULL;
    68. 

  68. }
    69. 

  69. 

  70. 

  71. static int
    72. 

  72. parse_addresses(const char *addrstr, struct in6_addr *addrp)
    73. 

  73. {
    74. 

  74.         char *buffer, *cp, *next;
    75. 

  75.         unsigned int i;
    76. 

  76. 	
    77. 

  77. 	buffer = strdup(addrstr);
    78. 

  78. 	if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed");
    79. 

  79. 			
    80. 

  80.         for (cp=buffer, i=0; cp && i<IP6T_RT_HOPS; cp=next,i++)
    81. 

  81.         {
    82. 

  82.                 next=strchr(cp, ',');
    83. 

  83.                 if (next) *next++='\0';
    84. 

  84. 		memcpy(&(addrp[i]), numeric_to_addr(cp), sizeof(struct in6_addr));
    85. 

  85. #if DEBUG
    86. 

  86. 		printf("addr str: %s\n", cp);
    87. 

  87. 		printf("addr ip6: %s\n", addr_to_numeric((numeric_to_addr(cp))));
    88. 

  88. 		printf("addr [%d]: %s\n", i, addr_to_numeric(&(addrp[i])));
    89. 

  89. #endif
    90. 

  90. 	}
    91. 

  91. 	if (cp) xtables_error(PARAMETER_PROBLEM, "too many addresses specified");
    92. 

  92. 

  93. 	free(buffer);
    94. 

  94. 

  95. #if DEBUG
    96. 

  96. 	printf("addr nr: %d\n", i);
    97. 

  97. #endif
    98. 

  98. 

  99. 	return i;
    100. 

  100. }
    101. 

  101. 

  102. static void rt_parse(struct xt_option_call *cb)
    103. 

  103. {
    104. 

  104. 	struct ip6t_rt *rtinfo = cb->data;
    105. 

  105. 

  106. 	xtables_option_parse(cb);
    107. 

  107. 	switch (cb->entry->id) {
    108. 

  108. 	case O_RT_TYPE:
    109. 

  109. 		if (cb->invert)
    110. 

  110. 			rtinfo->invflags |= IP6T_RT_INV_TYP;
    111. 

  111. 		rtinfo->flags |= IP6T_RT_TYP;
    112. 

  112. 		break;
    113. 

  113. 	case O_RT_SEGSLEFT:
    114. 

  114. 		if (cb->nvals == 1)
    115. 

  115. 			rtinfo->segsleft[1] = rtinfo->segsleft[0];
    116. 

  116. 		if (cb->invert)
    117. 

  117. 			rtinfo->invflags |= IP6T_RT_INV_SGS;
    118. 

  118. 		rtinfo->flags |= IP6T_RT_SGS;
    119. 

  119. 		break;
    120. 

  120. 	case O_RT_LEN:
    121. 

  121. 		if (cb->invert)
    122. 

  122. 			rtinfo->invflags |= IP6T_RT_INV_LEN;
    123. 

  123. 		rtinfo->flags |= IP6T_RT_LEN;
    124. 

  124. 		break;
    125. 

  125. 	case O_RT0RES:
    126. 

  126. 		if (!(cb->xflags & F_RT_TYPE) || rtinfo->rt_type != 0 ||
    127. 

  127. 		    rtinfo->invflags & IP6T_RT_INV_TYP)
    128. 

  128. 			xtables_error(PARAMETER_PROBLEM,
    129. 

  129. 				   "`--rt-type 0' required before `--rt-0-res'");
    130. 

  130. 		rtinfo->flags |= IP6T_RT_RES;
    131. 

  131. 		break;
    132. 

  132. 	case O_RT0ADDRS:
    133. 

  133. 		if (!(cb->xflags & F_RT_TYPE) || rtinfo->rt_type != 0 ||
    134. 

  134. 		    rtinfo->invflags & IP6T_RT_INV_TYP)
    135. 

  135. 			xtables_error(PARAMETER_PROBLEM,
    136. 

  136. 				   "`--rt-type 0' required before `--rt-0-addrs'");
    137. 

  137. 		rtinfo->addrnr = parse_addresses(cb->arg, rtinfo->addrs);
    138. 

  138. 		rtinfo->flags |= IP6T_RT_FST;
    139. 

  139. 		break;
    140. 

  140. 	case O_RT0NSTRICT:
    141. 

  141. 		if (!(cb->xflags & F_RT0ADDRS))
    142. 

  142. 			xtables_error(PARAMETER_PROBLEM,
    143. 

  143. 				   "`--rt-0-addr ...' required before `--rt-0-not-strict'");
    144. 

  144. 		rtinfo->flags |= IP6T_RT_FST_NSTRICT;
    145. 

  145. 		break;
    146. 

  146. 	}
    147. 

  147. }
    148. 

  148. 

  149. static void
    150. 

  150. print_nums(const char *name, uint32_t min, uint32_t max,
    151. 

  151. 	    int invert)
    152. 

  152. {
    153. 

  153. 	const char *inv = invert ? "!" : "";
    154. 

  154. 

  155. 	if (min != 0 || max != 0xFFFFFFFF || invert) {
    156. 

  156. 		printf(" %s", name);
    157. 

  157. 		if (min == max) {
    158. 

  158. 			printf(":%s", inv);
    159. 

  159. 			printf("%u", min);
    160. 

  160. 		} else {
    161. 

  161. 			printf("s:%s", inv);
    162. 

  162. 			printf("%u",min);
    163. 

  163. 			printf(":");
    164. 

  164. 			printf("%u",max);
    165. 

  165. 		}
    166. 

  166. 	}
    167. 

  167. }
    168. 

  168. 

  169. static void
    170. 

  170. print_addresses(unsigned int addrnr, struct in6_addr *addrp)
    171. 

  171. {
    172. 

  172. 	unsigned int i;
    173. 

  173. 

  174. 	for(i=0; i<addrnr; i++){
    175. 

  175. 		printf("%c%s", (i==0)?' ':',', addr_to_numeric(&(addrp[i])));
    176. 

  176. 	}
    177. 

  177. }
    178. 

  178. 

  179. static void rt_print(const void *ip, const struct xt_entry_match *match,
    180. 

  180.                      int numeric)
    181. 

  181. {
    182. 

  182. 	const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
    183. 

  183. 

  184. 	printf(" rt");
    185. 

  185. 	if (rtinfo->flags & IP6T_RT_TYP)
    186. 

  186. 	    printf(" type:%s%d", rtinfo->invflags & IP6T_RT_INV_TYP ? "!" : "",
    187. 

  187. 		    rtinfo->rt_type);
    188. 

  188. 	print_nums("segsleft", rtinfo->segsleft[0], rtinfo->segsleft[1],
    189. 

  189. 		    rtinfo->invflags & IP6T_RT_INV_SGS);
    190. 

  190. 	if (rtinfo->flags & IP6T_RT_LEN) {
    191. 

  191. 		printf(" length");
    192. 

  192. 		printf(":%s", rtinfo->invflags & IP6T_RT_INV_LEN ? "!" : "");
    193. 

  193. 		printf("%u", rtinfo->hdrlen);
    194. 

  194. 	}
    195. 

  195. 	if (rtinfo->flags & IP6T_RT_RES) printf(" reserved");
    196. 

  196. 	if (rtinfo->flags & IP6T_RT_FST) printf(" 0-addrs");
    197. 

  197. 	print_addresses(rtinfo->addrnr, (struct in6_addr *)rtinfo->addrs);
    198. 

  198. 	if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf(" 0-not-strict");
    199. 

  199. 	if (rtinfo->invflags & ~IP6T_RT_INV_MASK)
    200. 

  200. 		printf(" Unknown invflags: 0x%X",
    201. 

  201. 		       rtinfo->invflags & ~IP6T_RT_INV_MASK);
    202. 

  202. }
    203. 

  203. 

  204. static void rt_save(const void *ip, const struct xt_entry_match *match)
    205. 

  205. {
    206. 

  206. 	const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
    207. 

  207. 

  208. 	if (rtinfo->flags & IP6T_RT_TYP) {
    209. 

  209. 		printf("%s --rt-type %u",
    210. 

  210. 			(rtinfo->invflags & IP6T_RT_INV_TYP) ? " !" : "",
    211. 

  211. 			rtinfo->rt_type);
    212. 

  212. 	}
    213. 

  213. 

  214. 	if (!(rtinfo->segsleft[0] == 0
    215. 

  215. 	    && rtinfo->segsleft[1] == 0xFFFFFFFF)) {
    216. 

  216. 		printf("%s --rt-segsleft ",
    217. 

  217. 			(rtinfo->invflags & IP6T_RT_INV_SGS) ? " !" : "");
    218. 

  218. 		if (rtinfo->segsleft[0]
    219. 

  219. 		    != rtinfo->segsleft[1])
    220. 

  220. 			printf("%u:%u",
    221. 

  221. 			       rtinfo->segsleft[0],
    222. 

  222. 			       rtinfo->segsleft[1]);
    223. 

  223. 		else
    224. 

  224. 			printf("%u",
    225. 

  225. 			       rtinfo->segsleft[0]);
    226. 

  226. 	}
    227. 

  227. 

  228. 	if (rtinfo->flags & IP6T_RT_LEN) {
    229. 

  229. 		printf("%s --rt-len %u",
    230. 

  230. 			(rtinfo->invflags & IP6T_RT_INV_LEN) ? " !" : "", 
    231. 

  231. 			rtinfo->hdrlen);
    232. 

  232. 	}
    233. 

  233. 

  234. 	if (rtinfo->flags & IP6T_RT_RES) printf(" --rt-0-res");
    235. 

  235. 	if (rtinfo->flags & IP6T_RT_FST) printf(" --rt-0-addrs");
    236. 

  236. 	print_addresses(rtinfo->addrnr, (struct in6_addr *)rtinfo->addrs);
    237. 

  237. 	if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf(" --rt-0-not-strict");
    238. 

  238. 

  239. }
    240. 

  240. 

  241. static struct xtables_match rt_mt6_reg = {
    242. 

  242. 	.name		= "rt",
    243. 

  243. 	.version	= XTABLES_VERSION,
    244. 

  244. 	.family		= NFPROTO_IPV6,
    245. 

  245. 	.size		= XT_ALIGN(sizeof(struct ip6t_rt)),
    246. 

  246. 	.userspacesize	= XT_ALIGN(sizeof(struct ip6t_rt)),
    247. 

  247. 	.help		= rt_help,
    248. 

  248. 	.x6_parse	= rt_parse,
    249. 

  249. 	.print		= rt_print,
    250. 

  250. 	.save		= rt_save,
    251. 

  251. 	.x6_options	= rt_opts,
    252. 

  252. };
    253. 

  253. 

  254. void
    255. 

  255. _init(void)
    256. 

  256. {
    257. 

  257. 	xtables_register_match(&rt_mt6_reg);
    258. 

  258. }
    259.