1 2 %{ 3 /* 4 * Copyright (C) 2012 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * Id: iplang_y.y,v 2.9.2.4 2006/03/17 12:11:29 darrenr Exp $ 9 */ 10 11 #include <stdio.h> 12 #include <string.h> 13 #include <fcntl.h> 14 #if !defined(__SVR4) && !defined(__svr4__) 15 # include <strings.h> 16 #else 17 # include <sys/byteorder.h> 18 #endif 19 #include <sys/types.h> 20 #include <sys/stat.h> 21 #include <sys/param.h> 22 #include <sys/time.h> 23 #include <stdlib.h> 24 #include <unistd.h> 25 #include <stddef.h> 26 #include <sys/socket.h> 27 #include <net/if.h> 28 #include <netinet/in.h> 29 #include <netinet/in_systm.h> 30 #include <netinet/ip.h> 31 # include <netinet/ip_var.h> 32 # include <net/route.h> 33 # include <netinet/if_ether.h> 34 #include <netdb.h> 35 #include <arpa/nameser.h> 36 #include <arpa/inet.h> 37 #include <resolv.h> 38 #include <ctype.h> 39 #include "ipsend.h" 40 #include "ip_compat.h" 41 #include "ipf.h" 42 #include "iplang.h" 43 44 extern int opts; 45 extern struct ipopt_names ionames[]; 46 extern int state, state, lineNum, token; 47 extern int yylineno; 48 extern char yytext[]; 49 extern FILE *yyin; 50 int yylex __P((void)); 51 #define YYDEBUG 1 52 int yydebug = 1; 53 54 iface_t *iflist = NULL, **iftail = &iflist; 55 iface_t *cifp = NULL; 56 arp_t *arplist = NULL, **arptail = &arplist, *carp = NULL; 57 struct in_addr defrouter; 58 send_t sending; 59 char *sclass = NULL; 60 u_short c_chksum(u_short *, u_int, u_long); 61 u_long p_chksum(u_short *, u_int); 62 63 u_long ipbuffer[67584/sizeof(u_long)]; /* 66K */ 64 aniphdr_t *aniphead = NULL, *canip = NULL, **aniptail = &aniphead; 65 ip_t *ip = NULL; 66 udphdr_t *udp = NULL; 67 tcphdr_t *tcp = NULL; 68 icmphdr_t *icmp = NULL; 69 70 struct statetoopt { 71 int sto_st; 72 int sto_op; 73 }; 74 75 struct in_addr getipv4addr(char *arg); 76 u_short getportnum(char *, char *); 77 struct ether_addr *geteaddr(char *, struct ether_addr *); 78 void *new_header(int); 79 void free_aniplist(void); 80 void inc_anipheaders(int); 81 void new_data(void); 82 void set_datalen(char **); 83 void set_datafile(char **); 84 void set_data(char **); 85 void new_packet(void); 86 void set_ipv4proto(char **); 87 void set_ipv4src(char **); 88 void set_ipv4dst(char **); 89 void set_ipv4off(char **); 90 void set_ipv4v(char **); 91 void set_ipv4hl(char **); 92 void set_ipv4ttl(char **); 93 void set_ipv4tos(char **); 94 void set_ipv4id(char **); 95 void set_ipv4sum(char **); 96 void set_ipv4len(char **); 97 void new_tcpheader(void); 98 void set_tcpsport(char **); 99 void set_tcpdport(char **); 100 void set_tcpseq(char **); 101 void set_tcpack(char **); 102 void set_tcpoff(char **); 103 void set_tcpurp(char **); 104 void set_tcpwin(char **); 105 void set_tcpsum(char **); 106 void set_tcpflags(char **); 107 void set_tcpopt(int, char **); 108 void end_tcpopt(void); 109 void new_udpheader(void); 110 void set_udplen(char **); 111 void set_udpsum(char **); 112 void prep_packet(void); 113 void packet_done(void); 114 void new_interface(void); 115 void check_interface(void); 116 void set_ifname(char **); 117 void set_ifmtu(int); 118 void set_ifv4addr(char **); 119 void set_ifeaddr(char **); 120 void new_arp(void); 121 void set_arpeaddr(char **); 122 void set_arpv4addr(char **); 123 void reset_send(void); 124 void set_sendif(char **); 125 void set_sendvia(char **); 126 void set_defaultrouter(char **); 127 void new_icmpheader(void); 128 void set_icmpcode(int); 129 void set_icmptype(int); 130 void set_icmpcodetok(char **); 131 void set_icmptypetok(char **); 132 void set_icmpid(int); 133 void set_icmpseq(int); 134 void set_icmpotime(int); 135 void set_icmprtime(int); 136 void set_icmpttime(int); 137 void set_icmpmtu(int); 138 void set_redir(int, char **); 139 void new_ipv4opt(void); 140 void set_icmppprob(int); 141 void add_ipopt(int, void *); 142 void end_ipopt(void); 143 void set_secclass(char **); 144 void free_anipheader(void); 145 void end_ipv4(void); 146 void end_icmp(void); 147 void end_udp(void); 148 void end_tcp(void); 149 void end_data(void); 150 void yyerror(char *); 151 void iplang(FILE *); 152 int arp_getipv4(char *, char *); 153 int yyparse(void); 154 %} 155 %union { 156 char *str; 157 int num; 158 } 159 %token <num> IL_NUMBER 160 %type <num> number digits optnumber 161 %token <str> IL_TOKEN 162 %type <str> token optoken 163 %token IL_HEXDIGIT IL_COLON IL_DOT IL_EOF IL_COMMENT 164 %token IL_INTERFACE IL_IFNAME IL_MTU IL_EADDR 165 %token IL_IPV4 IL_V4PROTO IL_V4SRC IL_V4DST IL_V4OFF IL_V4V IL_V4HL IL_V4TTL 166 %token IL_V4TOS IL_V4SUM IL_V4LEN IL_V4OPT IL_V4ID 167 %token IL_TCP IL_SPORT IL_DPORT IL_TCPFL IL_TCPSEQ IL_TCPACK IL_TCPOFF 168 %token IL_TCPWIN IL_TCPSUM IL_TCPURP IL_TCPOPT IL_TCPO_NOP IL_TCPO_EOL 169 %token IL_TCPO_MSS IL_TCPO_WSCALE IL_TCPO_TS 170 %token IL_UDP IL_UDPLEN IL_UDPSUM 171 %token IL_ICMP IL_ICMPTYPE IL_ICMPCODE 172 %token IL_SEND IL_VIA 173 %token IL_ARP 174 %token IL_DEFROUTER 175 %token IL_SUM IL_OFF IL_LEN IL_V4ADDR IL_OPT 176 %token IL_DATA IL_DLEN IL_DVALUE IL_DFILE 177 %token IL_IPO_NOP IL_IPO_RR IL_IPO_ZSU IL_IPO_MTUP IL_IPO_MTUR IL_IPO_EOL 178 %token IL_IPO_TS IL_IPO_TR IL_IPO_SEC IL_IPO_LSRR IL_IPO_ESEC 179 %token IL_IPO_SATID IL_IPO_SSRR IL_IPO_ADDEXT IL_IPO_VISA IL_IPO_IMITD 180 %token IL_IPO_EIP IL_IPO_FINN IL_IPO_SECCLASS IL_IPO_CIPSO IL_IPO_ENCODE 181 %token <str> IL_IPS_RESERV4 IL_IPS_TOPSECRET IL_IPS_SECRET IL_IPS_RESERV3 182 %token <str> IL_IPS_CONFID IL_IPS_UNCLASS IL_IPS_RESERV2 IL_IPS_RESERV1 183 %token IL_ICMP_ECHOREPLY IL_ICMP_UNREACH IL_ICMP_UNREACH_NET 184 %token IL_ICMP_UNREACH_HOST IL_ICMP_UNREACH_PROTOCOL IL_ICMP_UNREACH_PORT 185 %token IL_ICMP_UNREACH_NEEDFRAG IL_ICMP_UNREACH_SRCFAIL 186 %token IL_ICMP_UNREACH_NET_UNKNOWN IL_ICMP_UNREACH_HOST_UNKNOWN 187 %token IL_ICMP_UNREACH_ISOLATED IL_ICMP_UNREACH_NET_PROHIB 188 %token IL_ICMP_UNREACH_HOST_PROHIB IL_ICMP_UNREACH_TOSNET 189 %token IL_ICMP_UNREACH_TOSHOST IL_ICMP_UNREACH_FILTER_PROHIB 190 %token IL_ICMP_UNREACH_HOST_PRECEDENCE IL_ICMP_UNREACH_PRECEDENCE_CUTOFF 191 %token IL_ICMP_SOURCEQUENCH IL_ICMP_REDIRECT IL_ICMP_REDIRECT_NET 192 %token IL_ICMP_REDIRECT_HOST IL_ICMP_REDIRECT_TOSNET 193 %token IL_ICMP_REDIRECT_TOSHOST IL_ICMP_ECHO IL_ICMP_ROUTERADVERT 194 %token IL_ICMP_ROUTERSOLICIT IL_ICMP_TIMXCEED IL_ICMP_TIMXCEED_INTRANS 195 %token IL_ICMP_TIMXCEED_REASS IL_ICMP_PARAMPROB IL_ICMP_PARAMPROB_OPTABSENT 196 %token IL_ICMP_TSTAMP IL_ICMP_TSTAMPREPLY IL_ICMP_IREQ IL_ICMP_IREQREPLY 197 %token IL_ICMP_MASKREQ IL_ICMP_MASKREPLY IL_ICMP_SEQ IL_ICMP_ID 198 %token IL_ICMP_OTIME IL_ICMP_RTIME IL_ICMP_TTIME 199 200 %% 201 file: line 202 | line file 203 | IL_COMMENT 204 | IL_COMMENT file 205 ; 206 207 line: iface 208 | arp 209 | send 210 | defrouter 211 | ipline 212 ; 213 214 iface: ifhdr '{' ifaceopts '}' ';' { check_interface(); } 215 ; 216 217 ifhdr: IL_INTERFACE { new_interface(); } 218 ; 219 220 ifaceopts: 221 ifaceopt 222 | ifaceopt ifaceopts 223 ; 224 225 ifaceopt: 226 IL_IFNAME token { set_ifname(&$2); } 227 | IL_MTU number { set_ifmtu($2); } 228 | IL_V4ADDR token { set_ifv4addr(&$2); } 229 | IL_EADDR token { set_ifeaddr(&$2); } 230 ; 231 232 send: sendhdr '{' sendbody '}' ';' { packet_done(); } 233 | sendhdr ';' { packet_done(); } 234 ; 235 236 sendhdr: 237 IL_SEND { reset_send(); } 238 ; 239 240 sendbody: 241 sendopt 242 | sendbody sendopt 243 ; 244 245 sendopt: 246 IL_IFNAME token { set_sendif(&$2); } 247 | IL_VIA token { set_sendvia(&$2); } 248 ; 249 250 arp: arphdr '{' arpbody '}' ';' 251 ; 252 253 arphdr: IL_ARP { new_arp(); } 254 ; 255 256 arpbody: 257 arpopt 258 | arpbody arpopt 259 ; 260 261 arpopt: IL_V4ADDR token { set_arpv4addr(&$2); } 262 | IL_EADDR token { set_arpeaddr(&$2); } 263 ; 264 265 defrouter: 266 IL_DEFROUTER token { set_defaultrouter(&$2); } 267 ; 268 269 bodyline: 270 ipline 271 | tcp tcpline 272 | udp udpline 273 | icmp icmpline 274 | data dataline 275 ; 276 277 ipline: ipv4 '{' ipv4body '}' ';' { end_ipv4(); } 278 ; 279 280 ipv4: IL_IPV4 { new_packet(); } 281 282 ipv4body: 283 ipv4type 284 | ipv4type ipv4body 285 | bodyline 286 ; 287 288 ipv4type: 289 IL_V4PROTO token { set_ipv4proto(&$2); } 290 | IL_V4SRC token { set_ipv4src(&$2); } 291 | IL_V4DST token { set_ipv4dst(&$2); } 292 | IL_V4OFF token { set_ipv4off(&$2); } 293 | IL_V4V token { set_ipv4v(&$2); } 294 | IL_V4HL token { set_ipv4hl(&$2); } 295 | IL_V4ID token { set_ipv4id(&$2); } 296 | IL_V4TTL token { set_ipv4ttl(&$2); } 297 | IL_V4TOS token { set_ipv4tos(&$2); } 298 | IL_V4SUM token { set_ipv4sum(&$2); } 299 | IL_V4LEN token { set_ipv4len(&$2); } 300 | ipv4opt '{' ipv4optlist '}' ';' { end_ipopt(); } 301 ; 302 303 tcp: IL_TCP { new_tcpheader(); } 304 ; 305 306 tcpline: 307 '{' tcpheader '}' ';' { end_tcp(); } 308 ; 309 310 tcpheader: 311 tcpbody 312 | tcpbody tcpheader 313 | bodyline 314 ; 315 316 tcpbody: 317 IL_SPORT token { set_tcpsport(&$2); } 318 | IL_DPORT token { set_tcpdport(&$2); } 319 | IL_TCPSEQ token { set_tcpseq(&$2); } 320 | IL_TCPACK token { set_tcpack(&$2); } 321 | IL_TCPOFF token { set_tcpoff(&$2); } 322 | IL_TCPURP token { set_tcpurp(&$2); } 323 | IL_TCPWIN token { set_tcpwin(&$2); } 324 | IL_TCPSUM token { set_tcpsum(&$2); } 325 | IL_TCPFL token { set_tcpflags(&$2); } 326 | IL_TCPOPT '{' tcpopts '}' ';' { end_tcpopt(); } 327 ; 328 329 tcpopts: 330 | tcpopt tcpopts 331 ; 332 333 tcpopt: IL_TCPO_NOP ';' { set_tcpopt(IL_TCPO_NOP, NULL); } 334 | IL_TCPO_EOL ';' { set_tcpopt(IL_TCPO_EOL, NULL); } 335 | IL_TCPO_MSS optoken { set_tcpopt(IL_TCPO_MSS,&$2);} 336 | IL_TCPO_WSCALE optoken { set_tcpopt(IL_TCPO_WSCALE,&$2);} 337 | IL_TCPO_TS optoken { set_tcpopt(IL_TCPO_TS, &$2);} 338 ; 339 340 udp: IL_UDP { new_udpheader(); } 341 ; 342 343 udpline: 344 '{' udpheader '}' ';' { end_udp(); } 345 ; 346 347 348 udpheader: 349 udpbody 350 | udpbody udpheader 351 | bodyline 352 ; 353 354 udpbody: 355 IL_SPORT token { set_tcpsport(&$2); } 356 | IL_DPORT token { set_tcpdport(&$2); } 357 | IL_UDPLEN token { set_udplen(&$2); } 358 | IL_UDPSUM token { set_udpsum(&$2); } 359 ; 360 361 icmp: IL_ICMP { new_icmpheader(); } 362 ; 363 364 icmpline: 365 '{' icmpbody '}' ';' { end_icmp(); } 366 ; 367 368 icmpbody: 369 icmpheader 370 | icmpheader bodyline 371 ; 372 373 icmpheader: 374 IL_ICMPTYPE icmptype 375 | IL_ICMPTYPE icmptype icmpcode 376 ; 377 378 icmpcode: 379 IL_ICMPCODE token { set_icmpcodetok(&$2); } 380 ; 381 382 icmptype: 383 IL_ICMP_ECHOREPLY ';' { set_icmptype(ICMP_ECHOREPLY); } 384 | IL_ICMP_ECHOREPLY '{' icmpechoopts '}' ';' 385 | unreach 386 | IL_ICMP_SOURCEQUENCH ';' { set_icmptype(ICMP_SOURCEQUENCH); } 387 | redirect 388 | IL_ICMP_ROUTERADVERT ';' { set_icmptype(ICMP_ROUTERADVERT); } 389 | IL_ICMP_ROUTERSOLICIT ';' { set_icmptype(ICMP_ROUTERSOLICIT); } 390 | IL_ICMP_ECHO ';' { set_icmptype(ICMP_ECHO); } 391 | IL_ICMP_ECHO '{' icmpechoopts '}' ';' 392 | IL_ICMP_TIMXCEED ';' { set_icmptype(ICMP_TIMXCEED); } 393 | IL_ICMP_TIMXCEED '{' exceed '}' ';' 394 | IL_ICMP_TSTAMP ';' { set_icmptype(ICMP_TSTAMP); } 395 | IL_ICMP_TSTAMPREPLY ';' { set_icmptype(ICMP_TSTAMPREPLY); } 396 | IL_ICMP_TSTAMPREPLY '{' icmptsopts '}' ';' 397 | IL_ICMP_IREQ ';' { set_icmptype(ICMP_IREQ); } 398 | IL_ICMP_IREQREPLY ';' { set_icmptype(ICMP_IREQREPLY); } 399 | IL_ICMP_IREQREPLY '{' data dataline '}' ';' 400 | IL_ICMP_MASKREQ ';' { set_icmptype(ICMP_MASKREQ); } 401 | IL_ICMP_MASKREPLY ';' { set_icmptype(ICMP_MASKREPLY); } 402 | IL_ICMP_MASKREPLY '{' token '}' ';' 403 | IL_ICMP_PARAMPROB ';' { set_icmptype(ICMP_PARAMPROB); } 404 | IL_ICMP_PARAMPROB '{' paramprob '}' ';' 405 | IL_TOKEN ';' { set_icmptypetok(&$1); } 406 ; 407 408 icmpechoopts: 409 | icmpechoopts icmpecho 410 ; 411 412 icmpecho: 413 IL_ICMP_SEQ number { set_icmpseq($2); } 414 | IL_ICMP_ID number { set_icmpid($2); } 415 ; 416 417 icmptsopts: 418 | icmptsopts icmpts ';' 419 ; 420 421 icmpts: IL_ICMP_OTIME number { set_icmpotime($2); } 422 | IL_ICMP_RTIME number { set_icmprtime($2); } 423 | IL_ICMP_TTIME number { set_icmpttime($2); } 424 ; 425 426 unreach: 427 IL_ICMP_UNREACH 428 | IL_ICMP_UNREACH '{' unreachopts '}' ';' 429 ; 430 431 unreachopts: 432 IL_ICMP_UNREACH_NET line 433 | IL_ICMP_UNREACH_HOST line 434 | IL_ICMP_UNREACH_PROTOCOL line 435 | IL_ICMP_UNREACH_PORT line 436 | IL_ICMP_UNREACH_NEEDFRAG number ';' { set_icmpmtu($2); } 437 | IL_ICMP_UNREACH_SRCFAIL line 438 | IL_ICMP_UNREACH_NET_UNKNOWN line 439 | IL_ICMP_UNREACH_HOST_UNKNOWN line 440 | IL_ICMP_UNREACH_ISOLATED line 441 | IL_ICMP_UNREACH_NET_PROHIB line 442 | IL_ICMP_UNREACH_HOST_PROHIB line 443 | IL_ICMP_UNREACH_TOSNET line 444 | IL_ICMP_UNREACH_TOSHOST line 445 | IL_ICMP_UNREACH_FILTER_PROHIB line 446 | IL_ICMP_UNREACH_HOST_PRECEDENCE line 447 | IL_ICMP_UNREACH_PRECEDENCE_CUTOFF line 448 ; 449 450 redirect: 451 IL_ICMP_REDIRECT 452 | IL_ICMP_REDIRECT '{' redirectopts '}' ';' 453 ; 454 455 redirectopts: 456 | IL_ICMP_REDIRECT_NET token { set_redir(0, &$2); } 457 | IL_ICMP_REDIRECT_HOST token { set_redir(1, &$2); } 458 | IL_ICMP_REDIRECT_TOSNET token { set_redir(2, &$2); } 459 | IL_ICMP_REDIRECT_TOSHOST token { set_redir(3, &$2); } 460 ; 461 462 exceed: 463 IL_ICMP_TIMXCEED_INTRANS line 464 | IL_ICMP_TIMXCEED_REASS line 465 ; 466 467 paramprob: 468 IL_ICMP_PARAMPROB_OPTABSENT 469 | IL_ICMP_PARAMPROB_OPTABSENT paraprobarg 470 471 paraprobarg: 472 '{' number '}' ';' { set_icmppprob($2); } 473 ; 474 475 ipv4opt: IL_V4OPT { new_ipv4opt(); } 476 ; 477 478 ipv4optlist: 479 | ipv4opts ipv4optlist 480 ; 481 482 ipv4opts: 483 IL_IPO_NOP ';' { add_ipopt(IL_IPO_NOP, NULL); } 484 | IL_IPO_RR optnumber { add_ipopt(IL_IPO_RR, &$2); } 485 | IL_IPO_ZSU ';' { add_ipopt(IL_IPO_ZSU, NULL); } 486 | IL_IPO_MTUP ';' { add_ipopt(IL_IPO_MTUP, NULL); } 487 | IL_IPO_MTUR ';' { add_ipopt(IL_IPO_MTUR, NULL); } 488 | IL_IPO_ENCODE ';' { add_ipopt(IL_IPO_ENCODE, NULL); } 489 | IL_IPO_TS ';' { add_ipopt(IL_IPO_TS, NULL); } 490 | IL_IPO_TR ';' { add_ipopt(IL_IPO_TR, NULL); } 491 | IL_IPO_SEC ';' { add_ipopt(IL_IPO_SEC, NULL); } 492 | IL_IPO_SECCLASS secclass { add_ipopt(IL_IPO_SECCLASS, sclass); } 493 | IL_IPO_LSRR token { add_ipopt(IL_IPO_LSRR,&$2); } 494 | IL_IPO_ESEC ';' { add_ipopt(IL_IPO_ESEC, NULL); } 495 | IL_IPO_CIPSO ';' { add_ipopt(IL_IPO_CIPSO, NULL); } 496 | IL_IPO_SATID optnumber { add_ipopt(IL_IPO_SATID,&$2);} 497 | IL_IPO_SSRR token { add_ipopt(IL_IPO_SSRR,&$2); } 498 | IL_IPO_ADDEXT ';' { add_ipopt(IL_IPO_ADDEXT, NULL); } 499 | IL_IPO_VISA ';' { add_ipopt(IL_IPO_VISA, NULL); } 500 | IL_IPO_IMITD ';' { add_ipopt(IL_IPO_IMITD, NULL); } 501 | IL_IPO_EIP ';' { add_ipopt(IL_IPO_EIP, NULL); } 502 | IL_IPO_FINN ';' { add_ipopt(IL_IPO_FINN, NULL); } 503 ; 504 505 secclass: 506 IL_IPS_RESERV4 ';' { set_secclass(&$1); } 507 | IL_IPS_TOPSECRET ';' { set_secclass(&$1); } 508 | IL_IPS_SECRET ';' { set_secclass(&$1); } 509 | IL_IPS_RESERV3 ';' { set_secclass(&$1); } 510 | IL_IPS_CONFID ';' { set_secclass(&$1); } 511 | IL_IPS_UNCLASS ';' { set_secclass(&$1); } 512 | IL_IPS_RESERV2 ';' { set_secclass(&$1); } 513 | IL_IPS_RESERV1 ';' { set_secclass(&$1); } 514 ; 515 516 data: IL_DATA { new_data(); } 517 ; 518 519 dataline: 520 '{' databody '}' ';' { end_data(); } 521 ; 522 523 databody: dataopts 524 | dataopts databody 525 ; 526 527 dataopts: 528 IL_DLEN token { set_datalen(&$2); } 529 | IL_DVALUE token { set_data(&$2); } 530 | IL_DFILE token { set_datafile(&$2); } 531 ; 532 533 token: IL_TOKEN ';' 534 ; 535 536 optoken: ';' { $$ = ""; } 537 | token 538 ; 539 540 number: digits ';' 541 ; 542 543 optnumber: ';' { $$ = 0; } 544 | number 545 ; 546 547 digits: IL_NUMBER 548 | digits IL_NUMBER 549 ; 550 %% 551 552 struct statetoopt toipopts[] = { 553 { IL_IPO_NOP, IPOPT_NOP }, 554 { IL_IPO_RR, IPOPT_RR }, 555 { IL_IPO_ZSU, IPOPT_ZSU }, 556 { IL_IPO_MTUP, IPOPT_MTUP }, 557 { IL_IPO_MTUR, IPOPT_MTUR }, 558 { IL_IPO_ENCODE, IPOPT_ENCODE }, 559 { IL_IPO_TS, IPOPT_TS }, 560 { IL_IPO_TR, IPOPT_TR }, 561 { IL_IPO_SEC, IPOPT_SECURITY }, 562 { IL_IPO_SECCLASS, IPOPT_SECURITY }, 563 { IL_IPO_LSRR, IPOPT_LSRR }, 564 { IL_IPO_ESEC, IPOPT_E_SEC }, 565 { IL_IPO_CIPSO, IPOPT_CIPSO }, 566 { IL_IPO_SATID, IPOPT_SATID }, 567 { IL_IPO_SSRR, IPOPT_SSRR }, 568 { IL_IPO_ADDEXT, IPOPT_ADDEXT }, 569 { IL_IPO_VISA, IPOPT_VISA }, 570 { IL_IPO_IMITD, IPOPT_IMITD }, 571 { IL_IPO_EIP, IPOPT_EIP }, 572 { IL_IPO_FINN, IPOPT_FINN }, 573 { 0, 0 } 574 }; 575 576 struct statetoopt tosecopts[] = { 577 { IL_IPS_RESERV4, IPSO_CLASS_RES4 }, 578 { IL_IPS_TOPSECRET, IPSO_CLASS_TOPS }, 579 { IL_IPS_SECRET, IPSO_CLASS_SECR }, 580 { IL_IPS_RESERV3, IPSO_CLASS_RES3 }, 581 { IL_IPS_CONFID, IPSO_CLASS_CONF }, 582 { IL_IPS_UNCLASS, IPSO_CLASS_UNCL }, 583 { IL_IPS_RESERV2, IPSO_CLASS_RES2 }, 584 { IL_IPS_RESERV1, IPSO_CLASS_RES1 }, 585 { 0, 0 } 586 }; 587 588 589 struct in_addr getipv4addr(arg) 590 char *arg; 591 { 592 struct hostent *hp; 593 struct in_addr in; 594 595 in.s_addr = 0xffffffff; 596 597 if ((hp = gethostbyname(arg))) 598 bcopy(hp->h_addr, &in.s_addr, sizeof(struct in_addr)); 599 else 600 in.s_addr = inet_addr(arg); 601 return(in); 602 } 603 604 605 u_short getportnum(pr, name) 606 char *pr, *name; 607 { 608 struct servent *sp; 609 610 if (!(sp = getservbyname(name, pr))) 611 return(htons(atoi(name))); 612 return(sp->s_port); 613 } 614 615 616 struct ether_addr *geteaddr(char *arg, struct ether_addr *buf) 617 { 618 struct ether_addr *e; 619 620 e = ether_aton(arg); 621 if (!e) 622 fprintf(stderr, "Invalid ethernet address: %s\n", arg); 623 else 624 # ifdef __FreeBSD__ 625 bcopy(e->octet, buf->octet, sizeof(e->octet)); 626 # else 627 bcopy(e->ether_addr_octet, buf->ether_addr_octet, 628 sizeof(e->ether_addr_octet)); 629 # endif 630 return(e); 631 } 632 633 634 void *new_header(int type) 635 { 636 aniphdr_t *aip, *oip = canip; 637 int sz = 0; 638 639 aip = (aniphdr_t *)calloc(1, sizeof(*aip)); 640 *aniptail = aip; 641 aniptail = &aip->ah_next; 642 aip->ah_p = type; 643 aip->ah_prev = oip; 644 canip = aip; 645 646 if (type == IPPROTO_UDP) 647 sz = sizeof(udphdr_t); 648 else if (type == IPPROTO_TCP) 649 sz = sizeof(tcphdr_t); 650 else if (type == IPPROTO_ICMP) 651 sz = sizeof(icmphdr_t); 652 else if (type == IPPROTO_IP) 653 sz = sizeof(ip_t); 654 655 if (oip) 656 canip->ah_data = oip->ah_data + oip->ah_len; 657 else 658 canip->ah_data = (char *)ipbuffer; 659 660 /* 661 * Increase the size fields in all wrapping headers. 662 */ 663 for (aip = aniphead; aip; aip = aip->ah_next) { 664 aip->ah_len += sz; 665 if (aip->ah_p == IPPROTO_IP) 666 aip->ah_ip->ip_len += sz; 667 else if (aip->ah_p == IPPROTO_UDP) 668 aip->ah_udp->uh_ulen += sz; 669 } 670 return(void *)canip->ah_data; 671 } 672 673 674 void free_aniplist(void) 675 { 676 aniphdr_t *aip, **aipp = &aniphead; 677 678 while ((aip = *aipp)) { 679 *aipp = aip->ah_next; 680 free(aip); 681 } 682 aniptail = &aniphead; 683 } 684 685 686 void inc_anipheaders(int inc) 687 { 688 aniphdr_t *aip; 689 690 for (aip = aniphead; aip; aip = aip->ah_next) { 691 aip->ah_len += inc; 692 if (aip->ah_p == IPPROTO_IP) 693 aip->ah_ip->ip_len += inc; 694 else if (aip->ah_p == IPPROTO_UDP) 695 aip->ah_udp->uh_ulen += inc; 696 } 697 } 698 699 700 void new_data(void) 701 { 702 (void) new_header(-1); 703 canip->ah_len = 0; 704 } 705 706 707 void set_datalen(char **arg) 708 { 709 int len; 710 711 len = strtol(*arg, NULL, 0); 712 inc_anipheaders(len); 713 free(*arg); 714 *arg = NULL; 715 } 716 717 718 void set_data(char **arg) 719 { 720 u_char *s = (u_char *)*arg, *t = (u_char *)canip->ah_data, c; 721 int len = 0, todo = 0, quote = 0, val = 0; 722 723 while ((c = *s++)) { 724 if (todo) { 725 if (ISDIGIT(c)) { 726 todo--; 727 if (c > '7') { 728 fprintf(stderr, "octal with %c!\n", c); 729 break; 730 } 731 val <<= 3; 732 val |= (c - '0'); 733 } 734 if (!ISDIGIT(c) || !todo) { 735 *t++ = (u_char)(val & 0xff); 736 todo = 0; 737 } 738 if (todo) 739 continue; 740 } 741 if (quote) { 742 if (ISDIGIT(c)) { 743 todo = 2; 744 if (c > '7') { 745 fprintf(stderr, "octal with %c!\n", c); 746 break; 747 } 748 val = (c - '0'); 749 } else { 750 switch (c) 751 { 752 case '\"' : 753 *t++ = '\"'; 754 break; 755 case '\\' : 756 *t++ = '\\'; 757 break; 758 case 'n' : 759 *t++ = '\n'; 760 break; 761 case 'r' : 762 *t++ = '\r'; 763 break; 764 case 't' : 765 *t++ = '\t'; 766 break; 767 } 768 } 769 quote = 0; 770 continue; 771 } 772 773 if (c == '\\') 774 quote = 1; 775 else 776 *t++ = c; 777 } 778 if (todo) 779 *t++ = (u_char)(val & 0xff); 780 if (quote) 781 *t++ = '\\'; 782 len = t - (u_char *)canip->ah_data; 783 inc_anipheaders(len - canip->ah_len); 784 canip->ah_len = len; 785 } 786 787 788 void set_datafile(char **arg) 789 { 790 struct stat sb; 791 char *file = *arg; 792 int fd, len; 793 794 if ((fd = open(file, O_RDONLY)) == -1) { 795 perror("open"); 796 exit(-1); 797 } 798 799 if (fstat(fd, &sb) == -1) { 800 perror("fstat"); 801 exit(-1); 802 } 803 804 if ((sb.st_size + aniphead->ah_len ) > 65535) { 805 fprintf(stderr, "data file %s too big to include.\n", file); 806 close(fd); 807 return; 808 } 809 if ((len = read(fd, canip->ah_data, sb.st_size)) == -1) { 810 perror("read"); 811 close(fd); 812 return; 813 } 814 inc_anipheaders(len); 815 canip->ah_len += len; 816 close(fd); 817 } 818 819 820 void new_packet(void) 821 { 822 static u_short id = 0; 823 824 if (!aniphead) 825 bzero((char *)ipbuffer, sizeof(ipbuffer)); 826 827 ip = (ip_t *)new_header(IPPROTO_IP); 828 ip->ip_v = IPVERSION; 829 ip->ip_hl = sizeof(ip_t) >> 2; 830 ip->ip_len = sizeof(ip_t); 831 ip->ip_ttl = 63; 832 ip->ip_id = htons(id++); 833 } 834 835 836 void set_ipv4proto(arg) 837 char **arg; 838 { 839 struct protoent *pr; 840 841 if ((pr = getprotobyname(*arg))) 842 ip->ip_p = pr->p_proto; 843 else 844 if (!(ip->ip_p = atoi(*arg))) 845 fprintf(stderr, "unknown protocol %s\n", *arg); 846 free(*arg); 847 *arg = NULL; 848 } 849 850 851 void set_ipv4src(char **arg) 852 { 853 ip->ip_src = getipv4addr(*arg); 854 free(*arg); 855 *arg = NULL; 856 } 857 858 859 void set_ipv4dst(char **arg) 860 { 861 ip->ip_dst = getipv4addr(*arg); 862 free(*arg); 863 *arg = NULL; 864 } 865 866 867 void set_ipv4off(char **arg) 868 { 869 ip->ip_off = htons(strtol(*arg, NULL, 0)); 870 free(*arg); 871 *arg = NULL; 872 } 873 874 875 void set_ipv4v(char **arg) 876 { 877 ip->ip_v = strtol(*arg, NULL, 0); 878 free(*arg); 879 *arg = NULL; 880 } 881 882 883 void set_ipv4hl(char **arg) 884 { 885 int newhl, inc; 886 887 newhl = strtol(*arg, NULL, 0); 888 inc = (newhl - ip->ip_hl) << 2; 889 ip->ip_len += inc; 890 ip->ip_hl = newhl; 891 canip->ah_len += inc; 892 free(*arg); 893 *arg = NULL; 894 } 895 896 897 void set_ipv4ttl(char **arg) 898 { 899 ip->ip_ttl = strtol(*arg, NULL, 0); 900 free(*arg); 901 *arg = NULL; 902 } 903 904 905 void set_ipv4tos(char **arg) 906 { 907 ip->ip_tos = strtol(*arg, NULL, 0); 908 free(*arg); 909 *arg = NULL; 910 } 911 912 913 void set_ipv4id(char **arg) 914 { 915 ip->ip_id = htons(strtol(*arg, NULL, 0)); 916 free(*arg); 917 *arg = NULL; 918 } 919 920 921 void set_ipv4sum(char **arg) 922 { 923 ip->ip_sum = strtol(*arg, NULL, 0); 924 free(*arg); 925 *arg = NULL; 926 } 927 928 929 void set_ipv4len(char **arg) 930 { 931 int len; 932 933 len = strtol(*arg, NULL, 0); 934 inc_anipheaders(len - ip->ip_len); 935 ip->ip_len = len; 936 free(*arg); 937 *arg = NULL; 938 } 939 940 941 void new_tcpheader(void) 942 { 943 944 if ((ip->ip_p) && (ip->ip_p != IPPROTO_TCP)) { 945 fprintf(stderr, "protocol %d specified with TCP!\n", ip->ip_p); 946 return; 947 } 948 ip->ip_p = IPPROTO_TCP; 949 950 tcp = (tcphdr_t *)new_header(IPPROTO_TCP); 951 tcp->th_win = htons(4096); 952 tcp->th_off = sizeof(*tcp) >> 2; 953 } 954 955 956 void set_tcpsport(char **arg) 957 { 958 u_short *port; 959 char *pr; 960 961 if (ip->ip_p == IPPROTO_UDP) { 962 port = &udp->uh_sport; 963 pr = "udp"; 964 } else { 965 port = &tcp->th_sport; 966 pr = "udp"; 967 } 968 969 *port = getportnum(pr, *arg); 970 free(*arg); 971 *arg = NULL; 972 } 973 974 975 void set_tcpdport(char **arg) 976 { 977 u_short *port; 978 char *pr; 979 980 if (ip->ip_p == IPPROTO_UDP) { 981 port = &udp->uh_dport; 982 pr = "udp"; 983 } else { 984 port = &tcp->th_dport; 985 pr = "udp"; 986 } 987 988 *port = getportnum(pr, *arg); 989 free(*arg); 990 *arg = NULL; 991 } 992 993 994 void set_tcpseq(char **arg) 995 { 996 tcp->th_seq = htonl(strtol(*arg, NULL, 0)); 997 free(*arg); 998 *arg = NULL; 999 } 1000 1001 1002 void set_tcpack(char **arg) 1003 { 1004 tcp->th_ack = htonl(strtol(*arg, NULL, 0)); 1005 free(*arg); 1006 *arg = NULL; 1007 } 1008 1009 1010 void set_tcpoff(char **arg) 1011 { 1012 int off; 1013 1014 off = strtol(*arg, NULL, 0); 1015 inc_anipheaders((off - tcp->th_off) << 2); 1016 tcp->th_off = off; 1017 free(*arg); 1018 *arg = NULL; 1019 } 1020 1021 1022 void set_tcpurp(char **arg) 1023 { 1024 tcp->th_urp = htons(strtol(*arg, NULL, 0)); 1025 free(*arg); 1026 *arg = NULL; 1027 } 1028 1029 1030 void set_tcpwin(char **arg) 1031 { 1032 tcp->th_win = htons(strtol(*arg, NULL, 0)); 1033 free(*arg); 1034 *arg = NULL; 1035 } 1036 1037 1038 void set_tcpsum(char **arg) 1039 { 1040 tcp->th_sum = strtol(*arg, NULL, 0); 1041 free(*arg); 1042 *arg = NULL; 1043 } 1044 1045 1046 void set_tcpflags(char **arg) 1047 { 1048 static char flags[] = "ASURPF"; 1049 static int flagv[] = { TH_ACK, TH_SYN, TH_URG, TH_RST, TH_PUSH, 1050 TH_FIN } ; 1051 char *s, *t; 1052 1053 for (s = *arg; *s; s++) 1054 if (!(t = strchr(flags, *s))) { 1055 if (s - *arg) { 1056 fprintf(stderr, "unknown TCP flag %c\n", *s); 1057 break; 1058 } 1059 tcp->th_flags = strtol(*arg, NULL, 0); 1060 break; 1061 } else 1062 tcp->th_flags |= flagv[t - flags]; 1063 free(*arg); 1064 *arg = NULL; 1065 } 1066 1067 1068 void set_tcpopt(int state, char **arg) 1069 { 1070 u_char *s; 1071 int val, len, val2, pad, optval; 1072 1073 if (arg && *arg) 1074 val = atoi(*arg); 1075 else 1076 val = 0; 1077 1078 s = (u_char *)tcp + sizeof(*tcp) + canip->ah_optlen; 1079 switch (state) 1080 { 1081 case IL_TCPO_EOL : 1082 optval = 0; 1083 len = 1; 1084 break; 1085 case IL_TCPO_NOP : 1086 optval = 1; 1087 len = 1; 1088 break; 1089 case IL_TCPO_MSS : 1090 optval = 2; 1091 len = 4; 1092 break; 1093 case IL_TCPO_WSCALE : 1094 optval = 3; 1095 len = 3; 1096 break; 1097 case IL_TCPO_TS : 1098 optval = 8; 1099 len = 10; 1100 break; 1101 default : 1102 optval = 0; 1103 len = 0; 1104 break; 1105 } 1106 1107 if (len > 1) { 1108 /* 1109 * prepend padding - if required. 1110 */ 1111 if (len & 3) 1112 for (pad = 4 - (len & 3); pad; pad--) { 1113 *s++ = 1; 1114 canip->ah_optlen++; 1115 } 1116 /* 1117 * build tcp option 1118 */ 1119 *s++ = (u_char)optval; 1120 *s++ = (u_char)len; 1121 if (len > 2) { 1122 if (len == 3) { /* 1 byte - char */ 1123 *s++ = (u_char)val; 1124 } else if (len == 4) { /* 2 bytes - short */ 1125 *s++ = (u_char)((val >> 8) & 0xff); 1126 *s++ = (u_char)(val & 0xff); 1127 } else if (len >= 6) { /* 4 bytes - long */ 1128 val2 = htonl(val); 1129 bcopy((char *)&val2, s, 4); 1130 } 1131 s += (len - 2); 1132 } 1133 } else 1134 *s++ = (u_char)optval; 1135 1136 canip->ah_lastopt = optval; 1137 canip->ah_optlen += len; 1138 1139 if (arg && *arg) { 1140 free(*arg); 1141 *arg = NULL; 1142 } 1143 } 1144 1145 1146 void end_tcpopt(void) 1147 { 1148 int pad; 1149 char *s = (char *)tcp; 1150 1151 s += sizeof(*tcp) + canip->ah_optlen; 1152 /* 1153 * pad out so that we have a multiple of 4 bytes in size fo the 1154 * options. make sure last byte is EOL. 1155 */ 1156 if (canip->ah_optlen & 3) { 1157 if (canip->ah_lastopt != 1) { 1158 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) { 1159 *s++ = 1; 1160 canip->ah_optlen++; 1161 } 1162 canip->ah_optlen++; 1163 } else { 1164 s -= 1; 1165 1166 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) { 1167 *s++ = 1; 1168 canip->ah_optlen++; 1169 } 1170 } 1171 *s++ = 0; 1172 } 1173 tcp->th_off = (sizeof(*tcp) + canip->ah_optlen) >> 2; 1174 inc_anipheaders(canip->ah_optlen); 1175 } 1176 1177 1178 void new_udpheader(void) 1179 { 1180 if ((ip->ip_p) && (ip->ip_p != IPPROTO_UDP)) { 1181 fprintf(stderr, "protocol %d specified with UDP!\n", ip->ip_p); 1182 return; 1183 } 1184 ip->ip_p = IPPROTO_UDP; 1185 1186 udp = (udphdr_t *)new_header(IPPROTO_UDP); 1187 udp->uh_ulen = sizeof(*udp); 1188 } 1189 1190 1191 void set_udplen(arg) 1192 char **arg; 1193 { 1194 int len; 1195 1196 len = strtol(*arg, NULL, 0); 1197 inc_anipheaders(len - udp->uh_ulen); 1198 udp->uh_ulen = len; 1199 free(*arg); 1200 *arg = NULL; 1201 } 1202 1203 1204 void set_udpsum(char **arg) 1205 { 1206 udp->uh_sum = strtol(*arg, NULL, 0); 1207 free(*arg); 1208 *arg = NULL; 1209 } 1210 1211 1212 void prep_packet(void) 1213 { 1214 iface_t *ifp; 1215 struct in_addr gwip; 1216 1217 ifp = sending.snd_if; 1218 if (!ifp) { 1219 fprintf(stderr, "no interface defined for sending!\n"); 1220 return; 1221 } 1222 if (ifp->if_fd == -1) 1223 ifp->if_fd = initdevice(ifp->if_name, 5); 1224 gwip = sending.snd_gw; 1225 if (!gwip.s_addr) { 1226 if (aniphead == NULL) { 1227 fprintf(stderr, 1228 "no destination address defined for sending\n"); 1229 return; 1230 } 1231 gwip = aniphead->ah_ip->ip_dst; 1232 } 1233 (void) send_ip(ifp->if_fd, ifp->if_MTU, (ip_t *)ipbuffer, gwip, 2); 1234 } 1235 1236 1237 void packet_done(void) 1238 { 1239 char outline[80]; 1240 int i, j, k; 1241 u_char *s = (u_char *)ipbuffer, *t = (u_char *)outline; 1242 1243 if (opts & OPT_VERBOSE) { 1244 ip->ip_len = htons(ip->ip_len); 1245 for (i = ntohs(ip->ip_len), j = 0; i; i--, j++, s++) { 1246 if (j && !(j & 0xf)) { 1247 *t++ = '\n'; 1248 *t = '\0'; 1249 fputs(outline, stdout); 1250 fflush(stdout); 1251 t = (u_char *)outline; 1252 *t = '\0'; 1253 } 1254 sprintf((char *)t, "%02x", *s & 0xff); 1255 t += 2; 1256 if (!((j + 1) & 0xf)) { 1257 s -= 15; 1258 sprintf((char *)t, " "); 1259 t += 8; 1260 for (k = 16; k; k--, s++) 1261 *t++ = (isprint(*s) ? *s : '.'); 1262 s--; 1263 } 1264 1265 if ((j + 1) & 0xf) 1266 *t++ = ' ';; 1267 } 1268 1269 if (j & 0xf) { 1270 for (k = 16 - (j & 0xf); k; k--) { 1271 *t++ = ' '; 1272 *t++ = ' '; 1273 *t++ = ' '; 1274 } 1275 sprintf((char *)t, " "); 1276 t += 7; 1277 s -= j & 0xf; 1278 for (k = j & 0xf; k; k--, s++) 1279 *t++ = (isprint(*s) ? *s : '.'); 1280 *t++ = '\n'; 1281 *t = '\0'; 1282 } 1283 fputs(outline, stdout); 1284 fflush(stdout); 1285 ip->ip_len = ntohs(ip->ip_len); 1286 } 1287 1288 prep_packet(); 1289 free_aniplist(); 1290 } 1291 1292 1293 void new_interface(void) 1294 { 1295 cifp = (iface_t *)calloc(1, sizeof(iface_t)); 1296 *iftail = cifp; 1297 iftail = &cifp->if_next; 1298 cifp->if_fd = -1; 1299 } 1300 1301 1302 void check_interface(void) 1303 { 1304 if (!cifp->if_name || !*cifp->if_name) 1305 fprintf(stderr, "No interface name given!\n"); 1306 if (!cifp->if_MTU || !*cifp->if_name) 1307 fprintf(stderr, "Interface %s has an MTU of 0!\n", 1308 cifp->if_name); 1309 } 1310 1311 1312 void set_ifname(char **arg) 1313 { 1314 cifp->if_name = *arg; 1315 *arg = NULL; 1316 } 1317 1318 1319 void set_ifmtu(int arg) 1320 { 1321 cifp->if_MTU = arg; 1322 } 1323 1324 1325 void set_ifv4addr(char **arg) 1326 { 1327 cifp->if_addr = getipv4addr(*arg); 1328 free(*arg); 1329 *arg = NULL; 1330 } 1331 1332 1333 void set_ifeaddr(char **arg) 1334 { 1335 (void) geteaddr(*arg, &cifp->if_eaddr); 1336 free(*arg); 1337 *arg = NULL; 1338 } 1339 1340 1341 void new_arp(void) 1342 { 1343 carp = (arp_t *)calloc(1, sizeof(arp_t)); 1344 *arptail = carp; 1345 arptail = &carp->arp_next; 1346 } 1347 1348 1349 void set_arpeaddr(char **arg) 1350 { 1351 (void) geteaddr(*arg, &carp->arp_eaddr); 1352 free(*arg); 1353 *arg = NULL; 1354 } 1355 1356 1357 void set_arpv4addr(char **arg) 1358 { 1359 carp->arp_addr = getipv4addr(*arg); 1360 free(*arg); 1361 *arg = NULL; 1362 } 1363 1364 1365 int arp_getipv4(char *ip, char *addr) 1366 { 1367 arp_t *a; 1368 1369 for (a = arplist; a; a = a->arp_next) 1370 if (!bcmp(ip, (char *)&a->arp_addr, 4)) { 1371 bcopy((char *)&a->arp_eaddr, addr, 6); 1372 return(0); 1373 } 1374 return(-1); 1375 } 1376 1377 1378 void reset_send(void) 1379 { 1380 sending.snd_if = iflist; 1381 sending.snd_gw = defrouter; 1382 } 1383 1384 1385 void set_sendif(char **arg) 1386 { 1387 iface_t *ifp; 1388 1389 for (ifp = iflist; ifp; ifp = ifp->if_next) 1390 if (ifp->if_name && !strcmp(ifp->if_name, *arg)) 1391 break; 1392 sending.snd_if = ifp; 1393 if (!ifp) 1394 fprintf(stderr, "couldn't find interface %s\n", *arg); 1395 free(*arg); 1396 *arg = NULL; 1397 } 1398 1399 1400 void set_sendvia(char **arg) 1401 { 1402 sending.snd_gw = getipv4addr(*arg); 1403 free(*arg); 1404 *arg = NULL; 1405 } 1406 1407 1408 void set_defaultrouter(char **arg) 1409 { 1410 defrouter = getipv4addr(*arg); 1411 free(*arg); 1412 *arg = NULL; 1413 } 1414 1415 1416 void new_icmpheader(void) 1417 { 1418 if ((ip->ip_p) && (ip->ip_p != IPPROTO_ICMP)) { 1419 fprintf(stderr, "protocol %d specified with ICMP!\n", 1420 ip->ip_p); 1421 return; 1422 } 1423 ip->ip_p = IPPROTO_ICMP; 1424 icmp = (icmphdr_t *)new_header(IPPROTO_ICMP); 1425 } 1426 1427 1428 void set_icmpcode(int code) 1429 { 1430 icmp->icmp_code = code; 1431 } 1432 1433 1434 void set_icmptype(int type) 1435 { 1436 icmp->icmp_type = type; 1437 } 1438 1439 1440 void set_icmpcodetok(char **code) 1441 { 1442 char *s; 1443 int i; 1444 1445 for (i = 0; (s = icmpcodes[i]); i++) 1446 if (!strcmp(s, *code)) { 1447 icmp->icmp_code = i; 1448 break; 1449 } 1450 if (!s) 1451 fprintf(stderr, "unknown ICMP code %s\n", *code); 1452 free(*code); 1453 *code = NULL; 1454 } 1455 1456 1457 void set_icmptypetok(char **type) 1458 { 1459 char *s; 1460 int i, done = 0; 1461 1462 for (i = 0; !(s = icmptypes[i]) || strcmp(s, "END"); i++) 1463 if (s && !strcmp(s, *type)) { 1464 icmp->icmp_type = i; 1465 done = 1; 1466 break; 1467 } 1468 if (!done) 1469 fprintf(stderr, "unknown ICMP type %s\n", *type); 1470 free(*type); 1471 *type = NULL; 1472 } 1473 1474 1475 void set_icmpid(int arg) 1476 { 1477 icmp->icmp_id = htons(arg); 1478 } 1479 1480 1481 void set_icmpseq(int arg) 1482 { 1483 icmp->icmp_seq = htons(arg); 1484 } 1485 1486 1487 void set_icmpotime(int arg) 1488 { 1489 icmp->icmp_otime = htonl(arg); 1490 } 1491 1492 1493 void set_icmprtime(int arg) 1494 { 1495 icmp->icmp_rtime = htonl(arg); 1496 } 1497 1498 1499 void set_icmpttime(int arg) 1500 { 1501 icmp->icmp_ttime = htonl(arg); 1502 } 1503 1504 1505 void set_icmpmtu(int arg) 1506 { 1507 icmp->icmp_nextmtu = htons(arg); 1508 } 1509 1510 1511 void set_redir(int redir, char **arg) 1512 { 1513 icmp->icmp_code = redir; 1514 icmp->icmp_gwaddr = getipv4addr(*arg); 1515 free(*arg); 1516 *arg = NULL; 1517 } 1518 1519 1520 void set_icmppprob(int num) 1521 { 1522 icmp->icmp_pptr = num; 1523 } 1524 1525 1526 void new_ipv4opt(void) 1527 { 1528 new_header(-2); 1529 } 1530 1531 1532 void add_ipopt(int state, void *ptr) 1533 { 1534 struct ipopt_names *io; 1535 struct statetoopt *sto; 1536 char numbuf[16], *arg, **param = ptr; 1537 int inc, hlen; 1538 1539 if (state == IL_IPO_RR || state == IL_IPO_SATID) { 1540 if (param) 1541 snprintf(numbuf, sizeof(numbuf), "%d", *(int *)param); 1542 else 1543 strcpy(numbuf, "0"); 1544 arg = numbuf; 1545 } else 1546 arg = param ? *param : NULL; 1547 1548 if (canip->ah_next) { 1549 fprintf(stderr, "cannot specify options after data body\n"); 1550 return; 1551 } 1552 for (sto = toipopts; sto->sto_st; sto++) 1553 if (sto->sto_st == state) 1554 break; 1555 if (!sto->sto_st) { 1556 fprintf(stderr, "No mapping for state %d to IP option\n", 1557 state); 1558 return; 1559 } 1560 1561 hlen = sizeof(ip_t) + canip->ah_optlen; 1562 for (io = ionames; io->on_name; io++) 1563 if (io->on_value == sto->sto_op) 1564 break; 1565 canip->ah_lastopt = io->on_value; 1566 1567 if (io->on_name) { 1568 inc = addipopt((char *)ip + hlen, io, hlen - sizeof(ip_t),arg); 1569 if (inc > 0) { 1570 while (inc & 3) { 1571 ((char *)ip)[sizeof(*ip) + inc] = IPOPT_NOP; 1572 canip->ah_lastopt = IPOPT_NOP; 1573 inc++; 1574 } 1575 hlen += inc; 1576 } 1577 } 1578 1579 canip->ah_optlen = hlen - sizeof(ip_t); 1580 1581 if (state != IL_IPO_RR && state != IL_IPO_SATID) 1582 if (param && *param) { 1583 free(*param); 1584 *param = NULL; 1585 } 1586 sclass = NULL; 1587 } 1588 1589 1590 void end_ipopt(void) 1591 { 1592 int pad; 1593 char *s, *buf = (char *)ip; 1594 1595 /* 1596 * pad out so that we have a multiple of 4 bytes in size fo the 1597 * options. make sure last byte is EOL. 1598 */ 1599 if (canip->ah_lastopt == IPOPT_NOP) { 1600 buf[sizeof(*ip) + canip->ah_optlen - 1] = IPOPT_EOL; 1601 } else if (canip->ah_lastopt != IPOPT_EOL) { 1602 s = buf + sizeof(*ip) + canip->ah_optlen; 1603 1604 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) { 1605 *s++ = IPOPT_NOP; 1606 *s = IPOPT_EOL; 1607 canip->ah_optlen++; 1608 } 1609 canip->ah_optlen++; 1610 } else { 1611 s = buf + sizeof(*ip) + canip->ah_optlen - 1; 1612 1613 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) { 1614 *s++ = IPOPT_NOP; 1615 *s = IPOPT_EOL; 1616 canip->ah_optlen++; 1617 } 1618 } 1619 ip->ip_hl = (sizeof(*ip) + canip->ah_optlen) >> 2; 1620 inc_anipheaders(canip->ah_optlen); 1621 free_anipheader(); 1622 } 1623 1624 1625 void set_secclass(char **arg) 1626 { 1627 sclass = *arg; 1628 *arg = NULL; 1629 } 1630 1631 1632 void free_anipheader(void) 1633 { 1634 aniphdr_t *aip; 1635 1636 aip = canip; 1637 if ((canip = aip->ah_prev)) { 1638 canip->ah_next = NULL; 1639 aniptail = &canip->ah_next; 1640 } 1641 1642 if (canip) 1643 free(aip); 1644 } 1645 1646 1647 void end_ipv4(void) 1648 { 1649 aniphdr_t *aip; 1650 1651 ip->ip_sum = 0; 1652 ip->ip_len = htons(ip->ip_len); 1653 ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); 1654 ip->ip_len = ntohs(ip->ip_len); 1655 free_anipheader(); 1656 for (aip = aniphead, ip = NULL; aip; aip = aip->ah_next) 1657 if (aip->ah_p == IPPROTO_IP) 1658 ip = aip->ah_ip; 1659 } 1660 1661 1662 void end_icmp(void) 1663 { 1664 aniphdr_t *aip; 1665 1666 icmp->icmp_cksum = 0; 1667 icmp->icmp_cksum = chksum((u_short *)icmp, canip->ah_len); 1668 free_anipheader(); 1669 for (aip = aniphead, icmp = NULL; aip; aip = aip->ah_next) 1670 if (aip->ah_p == IPPROTO_ICMP) 1671 icmp = aip->ah_icmp; 1672 } 1673 1674 1675 void end_udp(void) 1676 { 1677 u_long sum; 1678 aniphdr_t *aip; 1679 ip_t iptmp; 1680 1681 bzero((char *)&iptmp, sizeof(iptmp)); 1682 iptmp.ip_p = ip->ip_p; 1683 iptmp.ip_src = ip->ip_src; 1684 iptmp.ip_dst = ip->ip_dst; 1685 iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2)); 1686 sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); 1687 udp->uh_ulen = htons(udp->uh_ulen); 1688 udp->uh_sum = c_chksum((u_short *)udp, (u_int)ntohs(iptmp.ip_len), sum); 1689 free_anipheader(); 1690 for (aip = aniphead, udp = NULL; aip; aip = aip->ah_next) 1691 if (aip->ah_p == IPPROTO_UDP) 1692 udp = aip->ah_udp; 1693 } 1694 1695 1696 void end_tcp(void) 1697 { 1698 u_long sum; 1699 aniphdr_t *aip; 1700 ip_t iptmp; 1701 1702 bzero((char *)&iptmp, sizeof(iptmp)); 1703 iptmp.ip_p = ip->ip_p; 1704 iptmp.ip_src = ip->ip_src; 1705 iptmp.ip_dst = ip->ip_dst; 1706 iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2)); 1707 sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); 1708 tcp->th_sum = 0; 1709 tcp->th_sum = c_chksum((u_short *)tcp, (u_int)ntohs(iptmp.ip_len), sum); 1710 free_anipheader(); 1711 for (aip = aniphead, tcp = NULL; aip; aip = aip->ah_next) 1712 if (aip->ah_p == IPPROTO_TCP) 1713 tcp = aip->ah_tcp; 1714 } 1715 1716 1717 void end_data(void) 1718 { 1719 free_anipheader(); 1720 } 1721 1722 1723 void iplang(FILE *fp) 1724 { 1725 yyin = fp; 1726 1727 yydebug = (opts & OPT_DEBUG) ? 1 : 0; 1728 1729 while (!feof(fp)) 1730 yyparse(); 1731 } 1732 1733 1734 u_short c_chksum(u_short *buf, u_int len, u_long init) 1735 { 1736 u_long sum = init; 1737 int nwords = len >> 1; 1738 1739 for(; nwords > 0; nwords--) 1740 sum += *buf++; 1741 sum = (sum>>16) + (sum & 0xffff); 1742 sum += (sum >>16); 1743 return(~sum); 1744 } 1745 1746 1747 u_long p_chksum(u_short *buf, u_int len) 1748 { 1749 u_long sum = 0; 1750 int nwords = len >> 1; 1751 1752 for(; nwords > 0; nwords--) 1753 sum += *buf++; 1754 return(sum); 1755 } 1756