Lines Matching refs:av
94 if (!av[0]) \
96 if (_substrcmp(*av, "tablearg") == 0) { \
105 _xval = strtol(*av, &end, 10); \
107 if (!isdigit(**av) || *end != '\0' || (_xval == 0 && errno == EINVAL)) \
109 match_value(s_x, tok), *av); \
113 match_value(s_x, tok), min, max, *av); \
117 match_value(s_x, tok), *av); \
440 ipfw_cfg_lheader *cfg, size_t sz, int ac, char **av);
1083 fill_newports(ipfw_insn_u16 *cmd, char *av, int proto, int cblen) in fill_newports() argument
1087 char *s = av; in fill_newports()
1090 a = strtoport(av, &s, 0, proto); in fill_newports()
1091 if (s == av) /* empty or invalid argument */ in fill_newports()
1098 av = s + 1; in fill_newports()
1099 b = strtoport(av, &s, 0, proto); in fill_newports()
1101 if (s == av || (*s != ',' && *s != '\0')) in fill_newports()
1112 *s, av); in fill_newports()
1118 av = s + 1; in fill_newports()
1132 fill_dscp(ipfw_insn *cmd, char *av, int cblen) in fill_dscp() argument
1135 char *s = av, *a; in fill_dscp()
1177 fill_mark(ipfw_insn *cmd, char *av, int cblen) in fill_mark() argument
1190 value_str = strsep(&av, ":"); in fill_mark()
1200 if (av) in fill_mark()
1201 *mask = strtoul(av, NULL, 0); in fill_mark()
1488 fill_icmptypes(ipfw_insn_u32 *cmd, char *av) in fill_icmptypes() argument
1493 while (*av) { in fill_icmptypes()
1494 if (*av == ',') in fill_icmptypes()
1495 av++; in fill_icmptypes()
1497 type = strtoul(av, &av, 0); in fill_icmptypes()
1499 if (*av != ',' && *av != '\0') in fill_icmptypes()
2622 ipfw_sets_handler(char *av[]) in ipfw_sets_handler() argument
2631 av++; in ipfw_sets_handler()
2634 if (av[0] == NULL) in ipfw_sets_handler()
2636 if (_substrcmp(*av, "show") == 0) { in ipfw_sets_handler()
2657 } else if (_substrcmp(*av, "swap") == 0) { in ipfw_sets_handler()
2658 av++; in ipfw_sets_handler()
2659 if ( av[0] == NULL || av[1] == NULL ) in ipfw_sets_handler()
2661 rt.set = atoi(av[0]); in ipfw_sets_handler()
2662 rt.new_set = atoi(av[1]); in ipfw_sets_handler()
2663 if (!isdigit(*(av[0])) || rt.set > RESVD_SET) in ipfw_sets_handler()
2664 errx(EX_DATAERR, "invalid set number %s\n", av[0]); in ipfw_sets_handler()
2665 if (!isdigit(*(av[1])) || rt.new_set > RESVD_SET) in ipfw_sets_handler()
2666 errx(EX_DATAERR, "invalid set number %s\n", av[1]); in ipfw_sets_handler()
2668 } else if (_substrcmp(*av, "move") == 0) { in ipfw_sets_handler()
2669 av++; in ipfw_sets_handler()
2670 if (av[0] && _substrcmp(*av, "rule") == 0) { in ipfw_sets_handler()
2673 av++; in ipfw_sets_handler()
2676 if (av[0] == NULL || av[1] == NULL || av[2] == NULL || in ipfw_sets_handler()
2677 av[3] != NULL || _substrcmp(av[1], "to") != 0) in ipfw_sets_handler()
2679 rulenum = (uint32_t)strtoul(av[0], NULL, 10); in ipfw_sets_handler()
2680 rt.new_set = atoi(av[2]); in ipfw_sets_handler()
2686 rt.new_set = atoi(av[2]); in ipfw_sets_handler()
2687 if (!isdigit(*(av[0])) || (cmd == 3 && rt.set > RESVD_SET) || in ipfw_sets_handler()
2689 errx(EX_DATAERR, "invalid source number %s\n", av[0]); in ipfw_sets_handler()
2690 if (!isdigit(*(av[2])) || rt.new_set > RESVD_SET) in ipfw_sets_handler()
2691 errx(EX_DATAERR, "invalid dest. set %s\n", av[1]); in ipfw_sets_handler()
2696 } else if (_substrcmp(*av, "disable") == 0 || in ipfw_sets_handler()
2697 _substrcmp(*av, "enable") == 0 ) { in ipfw_sets_handler()
2698 int which = _substrcmp(*av, "enable") == 0 ? 1 : 0; in ipfw_sets_handler()
2700 av++; in ipfw_sets_handler()
2703 while (av[0]) { in ipfw_sets_handler()
2704 if (isdigit(**av)) { in ipfw_sets_handler()
2705 i = atoi(*av); in ipfw_sets_handler()
2710 } else if (_substrcmp(*av, "disable") == 0) in ipfw_sets_handler()
2712 else if (_substrcmp(*av, "enable") == 0) in ipfw_sets_handler()
2716 "invalid set command %s\n", *av); in ipfw_sets_handler()
2717 av++; in ipfw_sets_handler()
2729 errx(EX_USAGE, "invalid set command %s\n", *av); in ipfw_sets_handler()
2745 ipfw_sysctl_handler(char *av[], int which) in ipfw_sysctl_handler() argument
2747 av++; in ipfw_sysctl_handler()
2749 if (av[0] == NULL) { in ipfw_sysctl_handler()
2751 } else if (_substrcmp(*av, "firewall") == 0) { in ipfw_sysctl_handler()
2756 } else if (_substrcmp(*av, "one_pass") == 0) { in ipfw_sysctl_handler()
2759 } else if (_substrcmp(*av, "debug") == 0) { in ipfw_sysctl_handler()
2762 } else if (_substrcmp(*av, "verbose") == 0) { in ipfw_sysctl_handler()
2765 } else if (_substrcmp(*av, "dyn_keepalive") == 0) { in ipfw_sysctl_handler()
2768 } else if (_substrcmp(*av, "skipto_cache") == 0) { in ipfw_sysctl_handler()
2771 } else if (_substrcmp(*av, "altq") == 0) { in ipfw_sysctl_handler()
2775 warnx("unrecognize enable/disable keyword: %s\n", *av); in ipfw_sysctl_handler()
2953 ipfw_list(int ac, char *av[], int show_counters) in ipfw_list() argument
2969 dummynet_list(ac, av, show_counters); in ipfw_list()
2974 av++; in ipfw_list()
2979 for (lac = ac, lav = av; lac != 0; lac--) { in ipfw_list()
3004 error = ipfw_show_config(&g_co, &sfo, cfg, sz, ac, av); in ipfw_list()
3014 ipfw_cfg_lheader *cfg, size_t sz, int ac, char *av[]) in ipfw_show_config() argument
3089 for (lac = ac, lav = av; lac != 0; lac--) { in ipfw_show_config()
3117 for (lac = ac, lav = av; lac != 0; lac--) { in ipfw_show_config()
3332 fill_table(ipfw_insn *cmd, char *av, uint8_t opcode, struct tidx *tstate) in fill_table() argument
3337 if ((p = strchr(av + 6, ')')) == NULL) in fill_table()
3338 errx(EX_DATAERR, "forgotten parenthesis: '%s'", av); in fill_table()
3340 p = strchr(av + 6, ','); in fill_table()
3344 if ((c->kidx = pack_table(tstate, av + 6)) == 0) in fill_table()
3345 errx(EX_DATAERR, "Invalid table name: %s", av + 6); in fill_table()
3369 fill_ip(ipfw_insn_ip *cmd, char *av, int cblen, struct tidx *tstate) in fill_ip() argument
3376 if (_substrcmp(av, "any") == 0) in fill_ip()
3379 if (_substrcmp(av, "me") == 0) { in fill_ip()
3384 if (strncmp(av, "table(", 6) == 0) { in fill_ip()
3385 fill_table(&cmd->o, av, O_IP_DST_LOOKUP, tstate); in fill_ip()
3389 while (av) { in fill_ip()
3395 char *t = NULL, *p = strpbrk(av, "/:,{"); in fill_ip()
3411 if (lookup_host(av, (struct in_addr *)&d[0]) != 0) in fill_ip()
3412 errx(EX_NOHOST, "hostname ``%s'' unknown", av); in fill_ip()
3470 av = p + 1; in fill_ip()
3479 while (isdigit(*av)) { in fill_ip()
3481 int a = strtol(av, &s, 0); in fill_ip()
3483 if (s == av) { /* no parameter */ in fill_ip()
3484 if (*av != '}') in fill_ip()
3510 av = s+1; in fill_ip()
3514 av = p; in fill_ip()
3515 if (av) /* then *av must be a ',' */ in fill_ip()
3516 av++; in fill_ip()
3527 if (av == NULL && len == 0) /* only this entry */ in fill_ip()
3534 if (d[1] == (uint32_t)~0 && av == NULL && len == 0) { in fill_ip()
3583 ipfw_delete(char *av[]) in ipfw_delete() argument
3591 av++; in ipfw_delete()
3593 if ( *av && _substrcmp(*av, "set") == 0) { in ipfw_delete()
3600 av++; in ipfw_delete()
3604 while (*av && isdigit(**av)) { in ipfw_delete()
3605 i = strtol(*av, &sep, 10); in ipfw_delete()
3609 av++; in ipfw_delete()
3765 fill_comment(ipfw_insn *cmd, char **av, int cblen) in fill_comment() argument
3774 for (i = 0, l = 0; av[i] != NULL; i++) in fill_comment()
3775 l += strlen(av[i]) + 1; in fill_comment()
3785 for (i = 0; av[i] != NULL; i++) { in fill_comment()
3786 strcpy(p, av[i]); in fill_comment()
3787 p += strlen(av[i]); in fill_comment()
3810 add_mac(ipfw_insn *cmd, char *av[], int cblen) in add_mac() argument
3814 if ( ( av[0] == NULL ) || ( av[1] == NULL ) ) in add_mac()
3822 get_mac_addr_mask(av[0], mac->addr, mac->mask); /* dst */ in add_mac()
3823 get_mac_addr_mask(av[1], &(mac->addr[ETHER_ADDR_LEN]), in add_mac()
3829 add_mactype(ipfw_insn *cmd, char *av, int cblen) in add_mactype() argument
3831 if (!av) in add_mactype()
3833 if (strcmp(av, "any") != 0) { /* we have a non-null type */ in add_mactype()
3834 fill_newports((ipfw_insn_u16 *)cmd, av, IPPROTO_ETHERTYPE, in add_mactype()
3843 add_proto0(ipfw_insn *cmd, char *av, u_char *protop) in add_proto0() argument
3849 proto = strtol(av, &ep, 10); in add_proto0()
3851 if ((pe = getprotobyname(av)) == NULL) in add_proto0()
3862 add_proto(ipfw_insn *cmd, char *av, u_char *protop) in add_proto() argument
3866 if (_substrcmp(av, "all") == 0 || strcmp(av, "ip") == 0) in add_proto()
3868 else if (strcmp(av, "ip4") == 0) in add_proto()
3871 else if (strcmp(av, "ip6") == 0) { in add_proto()
3876 return add_proto0(cmd, av, protop); in add_proto()
3883 add_proto_compat(ipfw_insn *cmd, char *av, u_char *protop) in add_proto_compat() argument
3887 if (_substrcmp(av, "all") == 0 || strcmp(av, "ip") == 0) in add_proto_compat()
3889 else if (strcmp(av, "ipv4") == 0 || strcmp(av, "ip4") == 0) in add_proto_compat()
3892 else if (strcmp(av, "ipv6") == 0 || strcmp(av, "ip6") == 0) { in add_proto_compat()
3897 return add_proto0(cmd, av, protop); in add_proto_compat()
3904 add_srcip(ipfw_insn *cmd, char *av, int cblen, struct tidx *tstate) in add_srcip() argument
3906 fill_ip((ipfw_insn_ip *)cmd, av, cblen, tstate); in add_srcip()
3921 add_dstip(ipfw_insn *cmd, char *av, int cblen, struct tidx *tstate) in add_dstip() argument
3923 fill_ip((ipfw_insn_ip *)cmd, av, cblen, tstate); in add_dstip()
3938 add_srcmac(ipfw_insn *cmd, char *av, struct tidx *tstate) in add_srcmac() argument
3941 if (strncmp(av, "table(", 6) == 0) in add_srcmac()
3942 fill_table(cmd, av, O_MAC_SRC_LOOKUP, tstate); in add_srcmac()
3944 errx(EX_DATAERR, "only mac table lookup is supported %s", av); in add_srcmac()
3949 add_dstmac(ipfw_insn *cmd, char *av, struct tidx *tstate) in add_dstmac() argument
3952 if (strncmp(av, "table(", 6) == 0) in add_dstmac()
3953 fill_table(cmd, av, O_MAC_DST_LOOKUP, tstate); in add_dstmac()
3955 errx(EX_DATAERR, "only mac table lookup is supported %s", av); in add_dstmac()
3983 add_ports(ipfw_insn *cmd, char *av, u_char proto, int opcode, int cblen) in add_ports() argument
3986 if (match_token(f_reserved_keywords, av) != -1) in add_ports()
3989 if (fill_newports((ipfw_insn_u16 *)cmd, av, proto, cblen)) { in add_ports()
3998 add_src(ipfw_insn *cmd, char *av, u_char proto, int cblen, struct tidx *tstate) in add_src() argument
4006 if ((ch = strpbrk(av, "/,")) != NULL) { in add_src()
4007 len = ch - av; in add_src()
4008 strlcpy(buf, av, sizeof(buf)); in add_src()
4013 host = av; in add_src()
4015 if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 || in add_src()
4017 ret = add_srcip6(cmd, av, cblen, tstate); in add_src()
4019 if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 || in add_src()
4021 ret = add_srcip(cmd, av, cblen, tstate); in add_src()
4022 if (ret == NULL && strcmp(av, "any") != 0) in add_src()
4029 add_dst(ipfw_insn *cmd, char *av, u_char proto, int cblen, struct tidx *tstate) in add_dst() argument
4037 if ((ch = strpbrk(av, "/,")) != NULL) { in add_dst()
4038 len = ch - av; in add_dst()
4039 strlcpy(buf, av, sizeof(buf)); in add_dst()
4044 host = av; in add_dst()
4046 if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 || in add_dst()
4048 ret = add_dstip6(cmd, av, cblen, tstate); in add_dst()
4050 if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 || in add_dst()
4052 ret = add_dstip(cmd, av, cblen, tstate); in add_dst()
4053 if (ret == NULL && strcmp(av, "any") != 0) in add_dst()
4143 compile_rule(char *av[], uint32_t *rbuf, int *rbufsize, struct tidx *tstate) in compile_rule() argument
4194 av++; in compile_rule()
4197 if (av[0] && isdigit(**av)) { in compile_rule()
4198 rule->rulenum = atoi(*av); in compile_rule()
4199 av++; in compile_rule()
4203 if (av[0] && av[1] && _substrcmp(*av, "set") == 0) { in compile_rule()
4204 int set = strtoul(av[1], NULL, 10); in compile_rule()
4206 errx(EX_DATAERR, "illegal set %s", av[1]); in compile_rule()
4209 av += 2; in compile_rule()
4213 if (av[0] && av[1] && _substrcmp(*av, "prob") == 0) { in compile_rule()
4214 match_prob = strtod(av[1], NULL); in compile_rule()
4217 errx(EX_DATAERR, "illegal match prob. %s", av[1]); in compile_rule()
4218 av += 2; in compile_rule()
4223 i = match_token(rule_actions, *av); in compile_rule()
4224 av++; in compile_rule()
4233 if (*av == NULL || in compile_rule()
4234 match_token(rule_options, *av) == TOK_COMMENT) { in compile_rule()
4239 if (*av[0] == ':') { in compile_rule()
4240 if (strcmp(*av + 1, "any") == 0) in compile_rule()
4242 else if (state_check_name(*av + 1) == 0) in compile_rule()
4244 tstate, *av + 1, IPFW_TLV_STATE_NAME); in compile_rule()
4247 *av); in compile_rule()
4248 av++; in compile_rule()
4251 errx(EX_DATAERR, "Invalid state name %s", *av); in compile_rule()
4291 action->arg1 = get_reject_code(*av); in compile_rule()
4292 av++; in compile_rule()
4293 if (action->arg1 == ICMP_UNREACH_NEEDFRAG && isdigit(**av)) { in compile_rule()
4296 mtu = strtoul(*av, NULL, 10); in compile_rule()
4299 *(av - 1)); in compile_rule()
4302 av++; in compile_rule()
4309 action->arg1 = get_unreach6_code(*av); in compile_rule()
4310 av++; in compile_rule()
4321 if (*av != NULL && _substrcmp(*av, "global") == 0) in compile_rule()
4324 action->arg1 = arg_or_targ(av[0], *(av - 1)); in compile_rule()
4325 av++; in compile_rule()
4329 action->arg1 = arg_or_targ(av[0], *(av - 1)); in compile_rule()
4330 av++; in compile_rule()
4334 action->arg1 = arg_or_targ(av[0], *(av - 1)); in compile_rule()
4335 av++; in compile_rule()
4342 arg_or_targ_relaxed(av[0], *(av - 1), IPFW_DEFAULT_RULE); in compile_rule()
4343 av++; in compile_rule()
4347 action->arg1 = arg_or_targ(av[0], *(av - 1)); in compile_rule()
4348 av++; in compile_rule()
4352 action->arg1 = arg_or_targ(av[0], *(av - 1)); in compile_rule()
4353 av++; in compile_rule()
4357 action->arg1 = get_divert_port(av[0], *(av - 1)); in compile_rule()
4358 av++; in compile_rule()
4362 action->arg1 = get_divert_port(av[0], *(av - 1)); in compile_rule()
4363 av++; in compile_rule()
4370 arg_or_targ_relaxed(av[0], *(av - 1), IPFW_DEFAULT_RULE); in compile_rule()
4371 av++; in compile_rule()
4392 if (strncmp(*av, "tablearg", 8) == 0 && in compile_rule()
4393 ((*av)[8] == '\0' || (*av)[8] == ',' || (*av)[8] == ':')) in compile_rule()
4394 memcpy(++(*av), "0.0.0.0", 7); in compile_rule()
4399 if (strchr(*av, '[')) in compile_rule()
4400 (*av)++; in compile_rule()
4405 s = strchr(*av, ','); in compile_rule()
4407 s = strchr(*av, ']'); in compile_rule()
4412 s = *av; in compile_rule()
4434 if (getaddrinfo(*av, NULL, NULL, &res)) in compile_rule()
4476 av++; in compile_rule()
4482 av--; /* go back... */ in compile_rule()
4492 if (_substrcmp(*av, "tablearg") == 0) { in compile_rule()
4495 action->arg1 = strtoul(*av, NULL, 10); in compile_rule()
4504 av++; in compile_rule()
4514 if (_substrcmp(*av, "tablearg") == 0) { in compile_rule()
4517 if (isalpha(*av[0])) { in compile_rule()
4518 if ((code = match_token(f_ipdscp, *av)) == -1) in compile_rule()
4522 action->arg1 = strtoul(*av, NULL, 10); in compile_rule()
4529 av++; in compile_rule()
4541 if (*av != NULL) { in compile_rule()
4546 i = match_token(return_types, *av); in compile_rule()
4549 av++; in compile_rule()
4559 if (strcmp(*av, "tablearg") == 0) { in compile_rule()
4562 insntod(action, u32)->d[0] = strtoul(*av, NULL, 0); in compile_rule()
4566 av++; in compile_rule()
4587 mss = strtoul(*av, NULL, 10); in compile_rule()
4589 errx(EX_USAGE, "invalid MSS value %s", *av); in compile_rule()
4591 av++; in compile_rule()
4596 av--; in compile_rule()
4597 if (match_token(rule_eactions, *av) == -1) in compile_rule()
4598 errx(EX_DATAERR, "invalid action %s\n", *av); in compile_rule()
4611 if (eaction_check_name(*av) != 0) in compile_rule()
4612 errx(EX_DATAERR, "Invalid eaction name %s", *av); in compile_rule()
4613 idx = pack_object(tstate, *av, IPFW_TLV_EACTION); in compile_rule()
4621 av++; in compile_rule()
4623 if (eaction_check_name(*av) != 0) in compile_rule()
4625 *av); in compile_rule()
4631 idx = pack_object(tstate, *av, 0); in compile_rule()
4639 av++; in compile_rule()
4651 while (av[0] != NULL && (i = match_token(rule_action_params, *av)) != -1) { in compile_rule()
4652 av++; in compile_rule()
4668 if (av[0] && _substrcmp(*av, "logdst") == 0) { in compile_rule()
4669 av++; in compile_rule()
4671 cmd->arg1 = parse_logdst(*av); in compile_rule()
4672 av++; in compile_rule()
4675 if (av[0] && _substrcmp(*av, "logamount") == 0) { in compile_rule()
4676 av++; in compile_rule()
4678 l = atoi(*av); in compile_rule()
4683 av++; in compile_rule()
4698 if (av[0] && _substrcmp(*av, "logdst") == 0) { in compile_rule()
4699 av++; in compile_rule()
4701 cmd->arg1 = parse_logdst(*av); in compile_rule()
4702 av++; in compile_rule()
4720 a->qid = altq_name_to_qid(*av); in compile_rule()
4721 av++; in compile_rule()
4737 av++; in compile_rule()
4748 if (*av != NULL && in compile_rule()
4749 match_token(rule_options, *av) == TOK_COMMENT) { in compile_rule()
4751 av++; in compile_rule()
4752 fill_comment(cmd, av, cblen); in compile_rule()
4754 av[0] = NULL; in compile_rule()
4760 if (av[0] && (*av[0] == '(' || *av[0] == '{')) { \ in compile_rule()
4765 if ( (av[0])[1] == '\0') { \ in compile_rule()
4766 av++; \ in compile_rule()
4768 (*av)++; \ in compile_rule()
4775 if (av[0] && ( \ in compile_rule()
4776 strcmp(*av, ")") == 0 || \ in compile_rule()
4777 strcmp(*av, "}") == 0)) { \ in compile_rule()
4780 av++; \ in compile_rule()
4786 if (av[0] && _substrcmp(*av, "not") == 0) { \ in compile_rule()
4790 av++; \ in compile_rule()
4794 if (av[0] && _substrcmp(*av, "or") == 0) { \ in compile_rule()
4798 av++; \ in compile_rule()
4813 if (_substrcmp(*av, "MAC") == 0 || in compile_rule()
4814 _substrcmp(*av, "mac") == 0) { in compile_rule()
4815 av++; /* the "MAC" keyword */ in compile_rule()
4816 add_mac(cmd, av); /* exits in case of errors */ in compile_rule()
4818 av += 2; /* dst-mac and src-mac */ in compile_rule()
4821 if (add_mactype(cmd, av[0])) in compile_rule()
4823 av++; /* any or mac-type */ in compile_rule()
4834 if (add_proto_compat(cmd, *av, &proto)) { in compile_rule()
4835 av++; in compile_rule()
4841 errx(EX_DATAERR, "invalid protocol ``%s''", *av); in compile_rule()
4853 if ((av[0] == NULL) || _substrcmp(*av, "from") != 0) in compile_rule()
4855 av++; in compile_rule()
4863 if (add_src(cmd, *av, proto, cblen, tstate)) { in compile_rule()
4864 av++; in compile_rule()
4870 errx(EX_USAGE, "bad source address %s", *av); in compile_rule()
4877 if ( av[0] != NULL ) { in compile_rule()
4878 if (_substrcmp(*av, "any") == 0 || in compile_rule()
4879 add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) { in compile_rule()
4880 av++; in compile_rule()
4889 if ( (av[0] == NULL) || _substrcmp(*av, "to") != 0 ) in compile_rule()
4891 av++; in compile_rule()
4899 if (add_dst(cmd, *av, proto, cblen, tstate)) { in compile_rule()
4900 av++; in compile_rule()
4906 errx( EX_USAGE, "bad destination address %s", *av); in compile_rule()
4913 if (av[0]) { in compile_rule()
4914 if (_substrcmp(*av, "any") == 0 || in compile_rule()
4915 add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) { in compile_rule()
4916 av++; in compile_rule()
4926 while ( av[0] != NULL ) { in compile_rule()
4930 s = *av; in compile_rule()
4940 av++; in compile_rule()
4991 if (*av != NULL && fill_flags(f_ipoff, *av, NULL, in compile_rule()
4993 av++; in compile_rule()
5016 fill_iface(insntod(cmd, if), av[0], cblen, tstate); in compile_rule()
5017 av++; in compile_rule()
5030 fill_icmptypes((ipfw_insn_u32 *)cmd, *av); in compile_rule()
5031 av++; in compile_rule()
5036 fill_icmp6types((ipfw_insn_icmp6 *)cmd, *av, cblen); in compile_rule()
5037 av++; in compile_rule()
5042 if (strpbrk(*av, "-,")) { in compile_rule()
5043 if (!add_ports(cmd, *av, 0, O_IPTTL, cblen)) in compile_rule()
5044 errx(EX_DATAERR, "invalid ipttl %s", *av); in compile_rule()
5046 fill_cmd(cmd, O_IPTTL, 0, strtoul(*av, NULL, 0)); in compile_rule()
5047 av++; in compile_rule()
5052 if (strpbrk(*av, "-,")) { in compile_rule()
5053 if (!add_ports(cmd, *av, 0, O_IPID, cblen)) in compile_rule()
5054 errx(EX_DATAERR, "invalid ipid %s", *av); in compile_rule()
5056 fill_cmd(cmd, O_IPID, 0, strtoul(*av, NULL, 0)); in compile_rule()
5057 av++; in compile_rule()
5062 if (strpbrk(*av, "-,")) { in compile_rule()
5063 if (!add_ports(cmd, *av, 0, O_IPLEN, cblen)) in compile_rule()
5064 errx(EX_DATAERR, "invalid ip len %s", *av); in compile_rule()
5066 fill_cmd(cmd, O_IPLEN, 0, strtoul(*av, NULL, 0)); in compile_rule()
5067 av++; in compile_rule()
5072 fill_cmd(cmd, O_IPVER, 0, strtoul(*av, NULL, 0)); in compile_rule()
5073 av++; in compile_rule()
5079 (strtoul(*av, NULL, 0) & 7) << 5); in compile_rule()
5080 av++; in compile_rule()
5085 fill_dscp(cmd, *av, cblen); in compile_rule()
5086 av++; in compile_rule()
5091 fill_flags_cmd(cmd, O_IPOPT, f_ipopts, *av); in compile_rule()
5092 av++; in compile_rule()
5097 fill_flags_cmd(cmd, O_IPTOS, f_iptos, *av); in compile_rule()
5098 av++; in compile_rule()
5109 uid = strtoul(*av, &end, 0); in compile_rule()
5110 pwd = (*end == '\0') ? getpwuid(uid) : getpwnam(*av); in compile_rule()
5112 errx(EX_DATAERR, "uid \"%s\" nonexistent", *av); in compile_rule()
5115 av++; in compile_rule()
5127 gid = strtoul(*av, &end, 0); in compile_rule()
5128 grp = (*end == '\0') ? getgrgid(gid) : getgrnam(*av); in compile_rule()
5130 errx(EX_DATAERR, "gid \"%s\" nonexistent", *av); in compile_rule()
5133 av++; in compile_rule()
5155 jid = strtoul(*av, &end, 10); in compile_rule()
5157 jid = jail_getid(*av); in compile_rule()
5163 av++; in compile_rule()
5178 if (strpbrk(*av, "-,")) { in compile_rule()
5179 if (!add_ports(cmd, *av, 0, O_TCPDATALEN, cblen)) in compile_rule()
5180 errx(EX_DATAERR, "invalid tcpdata len %s", *av); in compile_rule()
5183 strtoul(*av, NULL, 0)); in compile_rule()
5184 av++; in compile_rule()
5189 fill_flags_cmd(cmd, O_TCPOPTS, f_tcpopts, *av); in compile_rule()
5190 av++; in compile_rule()
5198 cmd32->d[0] = htonl(strtoul(*av, NULL, 0)); in compile_rule()
5199 av++; in compile_rule()
5205 if (strpbrk(*av, "-,")) { in compile_rule()
5206 if (add_ports(cmd, *av, 0, in compile_rule()
5210 s, *av); in compile_rule()
5213 O_TCPMSS, 0, strtoul(*av, NULL, 0)); in compile_rule()
5214 av++; in compile_rule()
5220 fill_flags_cmd(cmd, O_TCPFLAGS, f_tcpflags, *av); in compile_rule()
5221 av++; in compile_rule()
5234 if (*av != NULL && *av[0] == ':') { in compile_rule()
5235 if (state_check_name(*av + 1) != 0) in compile_rule()
5237 "Invalid state name %s", *av); in compile_rule()
5238 uidx = pack_object(tstate, *av + 1, in compile_rule()
5240 av++; in compile_rule()
5272 while ( av[0] != NULL ) { in compile_rule()
5273 if ((val = match_token(limit_masks, *av)) <= 0) in compile_rule()
5276 av++; in compile_rule()
5284 av++; in compile_rule()
5286 if (*av != NULL && *av[0] == ':') { in compile_rule()
5287 if (state_check_name(*av + 1) != 0) in compile_rule()
5289 "Invalid state name %s", *av); in compile_rule()
5290 c->kidx = pack_object(tstate, *av + 1, in compile_rule()
5292 av++; in compile_rule()
5301 if (add_proto(cmd, *av, &proto)) { in compile_rule()
5302 av++; in compile_rule()
5305 *av); in compile_rule()
5310 if (add_srcip(cmd, *av, cblen, tstate)) { in compile_rule()
5311 av++; in compile_rule()
5317 if (add_dstip(cmd, *av, cblen, tstate)) { in compile_rule()
5318 av++; in compile_rule()
5324 if (add_srcip6(cmd, *av, cblen, tstate)) { in compile_rule()
5325 av++; in compile_rule()
5331 if (add_dstip6(cmd, *av, cblen, tstate)) { in compile_rule()
5332 av++; in compile_rule()
5339 if (add_srcmac(cmd, *av, tstate)) { in compile_rule()
5340 av++; in compile_rule()
5346 if (add_dstmac(cmd, *av, tstate)) { in compile_rule()
5347 av++; in compile_rule()
5353 if (_substrcmp(*av, "any") == 0 || in compile_rule()
5354 add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) { in compile_rule()
5355 av++; in compile_rule()
5357 errx(EX_DATAERR, "invalid source port %s", *av); in compile_rule()
5362 if (_substrcmp(*av, "any") == 0 || in compile_rule()
5363 add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) { in compile_rule()
5364 av++; in compile_rule()
5367 *av); in compile_rule()
5371 if (add_mac(cmd, av, cblen)) in compile_rule()
5372 av += 2; in compile_rule()
5377 if (!add_mactype(cmd, *av, cblen)) in compile_rule()
5378 errx(EX_DATAERR, "invalid mac type %s", *av); in compile_rule()
5379 av++; in compile_rule()
5408 fill_ext6hdr( cmd, *av ); in compile_rule()
5409 av++; in compile_rule()
5416 fill_flow6( (ipfw_insn_u32 *) cmd, *av, cblen); in compile_rule()
5417 av++; in compile_rule()
5421 fill_comment(cmd, av, cblen); in compile_rule()
5422 av[0]=NULL; in compile_rule()
5426 if (av[0] && strpbrk(*av, "-,")) { in compile_rule()
5427 if (!add_ports(cmd, *av, 0, O_TAGGED, cblen)) in compile_rule()
5429 " list: %s", *av); in compile_rule()
5438 av++; in compile_rule()
5443 fill_cmd(cmd, O_FIB, 0, strtoul(*av, NULL, 0)); in compile_rule()
5444 av++; in compile_rule()
5455 if (!av[0] || !av[1]) in compile_rule()
5460 lkey = strsep(av, ":"); in compile_rule()
5466 if (*av != NULL) { in compile_rule()
5482 c->value = strtoul(*av, NULL, 0); in compile_rule()
5493 av++; in compile_rule()
5494 c->kidx = pack_table(tstate, *av); in compile_rule()
5497 "Invalid table name: %s", *av); in compile_rule()
5498 av++; in compile_rule()
5503 if (strncmp(*av, "table(", 6) != 0) in compile_rule()
5506 fill_table(cmd, *av, O_IP_FLOW_LOOKUP, tstate); in compile_rule()
5507 av++; in compile_rule()
5520 fill_mark(cmd, *av, cblen); in compile_rule()
5521 av++; in compile_rule()
5768 ipfw_add(char *av[]) in ipfw_add() argument
5790 compile_rule(av, (uint32_t *)rule, &rbufsize, &ts); in ipfw_add()
5858 ipfw_zero(int ac, char *av[], int optname) in ipfw_zero() argument
5867 av++; ac--; in ipfw_zero()
5884 if (isdigit(**av)) { in ipfw_zero()
5885 arg = strtonum(*av, 0, 0xffff, &errstr); in ipfw_zero()
5888 "invalid rule number %s\n", *av); in ipfw_zero()
5909 errx(EX_USAGE, "invalid rule number ``%s''", *av); in ipfw_zero()
5911 av++; ac--; in ipfw_zero()
5987 ipfw_list_objects(int ac __unused, char *av[] __unused) in ipfw_list_objects()
6034 ipfw_internal_handler(int ac, char *av[]) in ipfw_internal_handler() argument
6038 ac--; av++; in ipfw_internal_handler()
6041 if ((tcmd = match_token(intcmds, *av)) == -1) in ipfw_internal_handler()
6042 errx(EX_USAGE, "invalid internal sub-cmd: %s", *av); in ipfw_internal_handler()
6049 ipfw_list_ta(ac, av); in ipfw_internal_handler()
6052 ipfw_list_objects(ac, av); in ipfw_internal_handler()
6055 ipfw_list_values(ac, av); in ipfw_internal_handler()