1 #include "ipf.h" 2 3 static void printport(int *); 4 static void printhosts(int *); 5 static void printsingle(int *); 6 #ifdef USE_INET6 7 static void printhostsv6(int *); 8 #endif 9 10 void 11 printipfexpr(array) 12 int *array; 13 { 14 int i, nelems, j, not; 15 ipfexp_t *ipfe; 16 17 nelems = array[0]; 18 19 for (i = 1; i < nelems; ) { 20 ipfe = (ipfexp_t *)(array + i); 21 if (ipfe->ipfe_cmd == IPF_EXP_END) 22 break; 23 24 not = ipfe->ipfe_not; 25 26 switch (ipfe->ipfe_cmd) 27 { 28 case IPF_EXP_IP_ADDR : 29 PRINTF("ip.addr %s= ", not ? "!" : ""); 30 printhosts(array + i); 31 break; 32 33 case IPF_EXP_IP_PR : 34 PRINTF("ip.p %s= ", not ? "!" : ""); 35 printsingle(array + i); 36 break; 37 38 case IPF_EXP_IP_SRCADDR : 39 PRINTF("ip.src %s= ", not ? "!" : ""); 40 printhosts(array + i); 41 break; 42 43 case IPF_EXP_IP_DSTADDR : 44 PRINTF("ip.dst %s= ", not ? "!" : ""); 45 printhosts(array + i); 46 break; 47 48 case IPF_EXP_TCP_PORT : 49 PRINTF("tcp.port %s= ", not ? "!" : ""); 50 printport(array + i); 51 break; 52 53 case IPF_EXP_TCP_DPORT : 54 PRINTF("tcp.dport %s= ", not ? "!" : ""); 55 printport(array + i); 56 break; 57 58 case IPF_EXP_TCP_SPORT : 59 PRINTF("tcp.sport %s= ", not ? "!" : ""); 60 printport(array + i); 61 break; 62 63 case IPF_EXP_TCP_FLAGS : 64 PRINTF("tcp.flags %s= ", not ? "!" : ""); 65 66 for (j = 0; j < ipfe->ipfe_narg; ) { 67 printtcpflags(array[i + 4], array[i + 5]); 68 j += 2; 69 if (j < array[4]) 70 putchar(','); 71 } 72 break; 73 74 case IPF_EXP_UDP_PORT : 75 PRINTF("udp.port %s= ", not ? "!" : ""); 76 printport(array + i); 77 break; 78 79 case IPF_EXP_UDP_DPORT : 80 PRINTF("udp.dport %s= ", not ? "!" : ""); 81 printport(array + i); 82 break; 83 84 case IPF_EXP_UDP_SPORT : 85 PRINTF("udp.sport %s= ", not ? "!" : ""); 86 printport(array + i); 87 break; 88 89 case IPF_EXP_IDLE_GT : 90 PRINTF("idle-gt %s= ", not ? "!" : ""); 91 printsingle(array + i); 92 break; 93 94 case IPF_EXP_TCP_STATE : 95 PRINTF("tcp-state %s= ", not ? "!" : ""); 96 printsingle(array + i); 97 break; 98 99 #ifdef USE_INET6 100 case IPF_EXP_IP6_ADDR : 101 PRINTF("ip6.addr %s= ", not ? "!" : ""); 102 printhostsv6(array + i); 103 break; 104 105 case IPF_EXP_IP6_SRCADDR : 106 PRINTF("ip6.src %s= ", not ? "!" : ""); 107 printhostsv6(array + i); 108 break; 109 110 case IPF_EXP_IP6_DSTADDR : 111 PRINTF("ip6.dst %s= ", not ? "!" : ""); 112 printhostsv6(array + i); 113 break; 114 #endif 115 116 case IPF_EXP_END : 117 break; 118 119 default : 120 PRINTF("#%#x,len=%d;", 121 ipfe->ipfe_cmd, ipfe->ipfe_narg); 122 } 123 124 if (array[i] != IPF_EXP_END) 125 putchar(';'); 126 127 i += ipfe->ipfe_size; 128 if (array[i] != IPF_EXP_END) 129 putchar(' '); 130 } 131 } 132 133 134 static void 135 printsingle(array) 136 int *array; 137 { 138 ipfexp_t *ipfe = (ipfexp_t *)array; 139 int i; 140 141 for (i = 0; i < ipfe->ipfe_narg; ) { 142 PRINTF("%d", array[i + 4]); 143 i++; 144 if (i < ipfe->ipfe_narg) 145 putchar(','); 146 } 147 } 148 149 150 static void 151 printport(array) 152 int *array; 153 { 154 ipfexp_t *ipfe = (ipfexp_t *)array; 155 int i; 156 157 for (i = 0; i < ipfe->ipfe_narg; ) { 158 PRINTF("%d", ntohs(array[i + 4])); 159 i++; 160 if (i < ipfe->ipfe_narg) 161 putchar(','); 162 } 163 } 164 165 166 static void 167 printhosts(array) 168 int *array; 169 { 170 ipfexp_t *ipfe = (ipfexp_t *)array; 171 int i, j; 172 173 for (i = 0, j = 0; i < ipfe->ipfe_narg; j++) { 174 printhostmask(AF_INET, (u_32_t *)ipfe->ipfe_arg0 + j * 2, 175 (u_32_t *)ipfe->ipfe_arg0 + j * 2 + 1); 176 i += 2; 177 if (i < ipfe->ipfe_narg) 178 putchar(','); 179 } 180 } 181 182 183 #ifdef USE_INET6 184 static void 185 printhostsv6(array) 186 int *array; 187 { 188 ipfexp_t *ipfe = (ipfexp_t *)array; 189 int i, j; 190 191 for (i = 4, j= 0; i < ipfe->ipfe_size; j++) { 192 printhostmask(AF_INET6, (u_32_t *)ipfe->ipfe_arg0 + j * 8, 193 (u_32_t *)ipfe->ipfe_arg0 + j * 8 + 4); 194 i += 8; 195 if (i < ipfe->ipfe_size) 196 putchar(','); 197 } 198 } 199 #endif 200