2 * Copyright (c) 2014 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Bill Yuan <bycn82@gmail.com>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
45 #include <net/route.h>
47 #include <netinet/in.h>
49 #include "../../../sys/net/ipfw2/ip_fw3.h"
50 #include "../../../sbin/ipfw2/ipfw.h"
51 #include "ipfw2_layer4.h"
55 parse_tcpflag(ipfw_insn **cmd, int *ac, char **av[])
57 (*cmd)->opcode = O_LAYER4_TCPFLAG;
58 (*cmd)->module = MODULE_LAYER4_ID;
59 (*cmd)->len = ((*cmd)->len&(F_NOT|F_OR))|LEN_OF_IPFWINSN;
60 /* XXX TODO parse the tcpflag value and store in arg1 or arg3 */
65 parse_uid(ipfw_insn **cmd, int *ac, char **av[])
72 ipfw_insn_u32 *cmd32 = (ipfw_insn_u32 *)(*cmd);
73 uid = strtoul(**av, &end, 0);
74 pwd = (*end == '\0') ? getpwuid(uid) : getpwnam(**av);
76 errx(EX_DATAERR, "uid \"%s\" not exists", **av);
78 cmd32->d[0] = pwd->pw_uid;
80 (*cmd)->opcode = O_LAYER4_UID;
81 (*cmd)->module = MODULE_LAYER4_ID;
82 (*cmd)->len = F_INSN_SIZE(ipfw_insn_u32);
87 parse_gid(ipfw_insn **cmd, int *ac, char **av[])
94 ipfw_insn_u32 *cmd32 = (ipfw_insn_u32 *)(*cmd);
95 gid = strtoul(**av, &end, 0);
96 grp = (*end == '\0') ? getgrgid(gid) : getgrnam(**av);
98 errx(EX_DATAERR, "gid \"%s\" not exists", **av);
100 cmd32->d[0] = grp->gr_gid;
102 (*cmd)->opcode = O_LAYER4_GID;
103 (*cmd)->module = MODULE_LAYER4_ID;
104 (*cmd)->len = F_INSN_SIZE(ipfw_insn_u32);
109 show_tcpflag(ipfw_insn *cmd)
111 printf(" tcpflag %d", cmd->arg1);
115 show_uid(ipfw_insn *cmd)
117 ipfw_insn_u32 *cmd32 = (ipfw_insn_u32 *)cmd;
118 struct passwd *pwd = getpwuid(cmd32->d[0]);
120 printf(" uid %s", pwd->pw_name);
122 printf(" uid %u", cmd32->d[0]);
127 show_gid(ipfw_insn *cmd)
129 ipfw_insn_u32 *cmd32 = (ipfw_insn_u32 *)cmd;
130 struct group *grp = getgrgid(cmd32->d[0]);
132 printf(" gid %s", grp->gr_name);
134 printf(" gid %u", cmd32->d[0]);
140 load_module(register_func function, register_keyword keyword)
142 keyword(MODULE_LAYER4_ID, O_LAYER4_TCPFLAG, "tcpflag", IPFW_KEYWORD_TYPE_FILTER);
143 function(MODULE_LAYER4_ID, O_LAYER4_TCPFLAG,
144 (parser_func)parse_tcpflag, (shower_func)show_tcpflag);
145 keyword(MODULE_LAYER4_ID, O_LAYER4_UID, "uid", IPFW_KEYWORD_TYPE_FILTER);
146 function(MODULE_LAYER4_ID, O_LAYER4_UID,
147 (parser_func)parse_uid, (shower_func)show_uid);
148 keyword(MODULE_LAYER4_ID, O_LAYER4_GID, "gid", IPFW_KEYWORD_TYPE_FILTER);
149 function(MODULE_LAYER4_ID, O_LAYER4_GID,
150 (parser_func)parse_gid, (shower_func)show_gid);