2 * Copyright (c) 2014 - 2018 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Bill Yuan <bycn82@dragonflybsd.org>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40 * This macro returns the size of a struct sockaddr when passed
41 * through a routing socket. Basically we round up sa_len to
42 * a multiple of sizeof(long), with a minimum of sizeof(long).
43 * The check for a NULL pointer is just a convenience, probably never used.
44 * The case sa_len == 0 should only apply to empty structures.
47 ( (!(sa) || ((struct sockaddr *)(sa))->sa_len == 0) ? \
49 1 + ( (((struct sockaddr *)(sa))->sa_len - 1) | (sizeof(long) - 1) ) )
52 * Definition of a port range, and macros to deal with values.
53 * FORMAT: HI 16-bits == first port in range, 0 == all ports.
54 * LO 16-bits == number of ports in range
55 * NOTES: - Port values are not stored in network byte order.
59 #define GETLOPORT(x) ((x) >> 0x10)
60 #define GETNUMPORTS(x) ((x) & 0x0000ffff)
61 #define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x)))
63 /* Set y to be the low-port value in port_range variable x. */
64 #define SETLOPORT(x, y) ((x) = ((x) & 0x0000ffff) | ((y) << 0x10))
66 /* Set y to be the number of ports in port_range variable x. */
67 #define SETNUMPORTS(x, y) ((x) = ((x) & 0xffff0000) | (y))
69 #define INC_ARGCV() do { \
113 struct char_int_map {
118 typedef void (*parser_func)(ipfw_insn **,int *, char ***);
119 typedef void (*shower_func)(ipfw_insn *, int);
120 typedef void (*register_func)(int, int, parser_func, shower_func);
121 typedef void (*register_keyword)(int, int, char *, int);
122 typedef void (*init_module)(register_func, register_keyword);
124 #define MAX_KEYWORD_LEN 20
125 #define KEYWORD_SIZE 256
126 #define MAPPING_SIZE 256
128 struct ipfw3_keyword {
130 char word[MAX_KEYWORD_LEN];
134 #define LEN_FW3_KEYWORD sizeof(struct ipfw3_keyword)
136 struct ipfw3_mapping {
143 #define LEN_FW3_MAPPING sizeof(struct ipfw3_mapping)
145 ipfw_insn* next_cmd(ipfw_insn *cmd);
146 void register_ipfw_keyword(int module, int opcode, char *word, int type);
147 void register_ipfw_func(int, int, parser_func, shower_func);
148 int do_get_x(int optname, void *rule, int *optlen);
149 int do_set_x(int optname, void *rule, int optlen);
151 int match_token(struct char_int_map *table, char *string);
152 void module_get(char *modules_str, int len);
153 void module_list(int ac, char **av);
154 void module_load(void);
155 void register_ipfw_keyword(int module, int opcode, char *word, int type);
156 void register_ipfw_func(int module, int opcode,
157 parser_func parser, shower_func shower);
158 void prev_show_chk(ipfw_insn *cmd, uint8_t *prev_module,
159 uint8_t *prev_opcode, int *show_or);
160 int show_filter(ipfw_insn *cmd, char *word, int type);
162 void rule_delete(int ac, char **av);
163 void rule_list(int ac, char **av);
164 void rule_add(int ac, char **av, uint8_t insert);
165 void rule_zero(int ac, char **av);
166 void rule_flush(void);
167 void rule_show(struct ipfw_ioc_rule *rule, int pcwidth, int bcwidth);
168 int do_set_x(int optname, void *rule, int optlen);
169 int do_get_x(int optname, void *rule, int *optlen);
170 int ipfw3_main(int ac, char **av);
171 void ipfw3_readfile(int ac, char **av);