xref: /titanic_51/usr/src/cmd/ipf/lib/common/extras.c (revision 7c478bd95313f5f23a4c958a745db2134aa03244) 
1*7c478bd9Sstevel@tonic-gate /*
2*7c478bd9Sstevel@tonic-gate  * Copyright (C) 1993-2001 by Darren Reed.
3*7c478bd9Sstevel@tonic-gate  *
4*7c478bd9Sstevel@tonic-gate  * See the IPFILTER.LICENCE file for details on licencing.
5*7c478bd9Sstevel@tonic-gate  *
6*7c478bd9Sstevel@tonic-gate  * $Id: extras.c,v 1.12 2002/07/13 12:06:49 darrenr Exp $
7*7c478bd9Sstevel@tonic-gate  */
8*7c478bd9Sstevel@tonic-gate 
9*7c478bd9Sstevel@tonic-gate #include "ipf.h"
10*7c478bd9Sstevel@tonic-gate 
11*7c478bd9Sstevel@tonic-gate 
12*7c478bd9Sstevel@tonic-gate /*
13*7c478bd9Sstevel@tonic-gate  * deal with extra bits on end of the line
14*7c478bd9Sstevel@tonic-gate  */
15*7c478bd9Sstevel@tonic-gate int	extras(cp, fr, linenum)
16*7c478bd9Sstevel@tonic-gate char	***cp;
17*7c478bd9Sstevel@tonic-gate struct	frentry	*fr;
18*7c478bd9Sstevel@tonic-gate int     linenum;
19*7c478bd9Sstevel@tonic-gate {
20*7c478bd9Sstevel@tonic-gate 	u_short	secmsk;
21*7c478bd9Sstevel@tonic-gate 	u_long	opts;
22*7c478bd9Sstevel@tonic-gate 	int	notopt;
23*7c478bd9Sstevel@tonic-gate 
24*7c478bd9Sstevel@tonic-gate 	opts = 0;
25*7c478bd9Sstevel@tonic-gate 	secmsk = 0;
26*7c478bd9Sstevel@tonic-gate 	notopt = 0;
27*7c478bd9Sstevel@tonic-gate 	(*cp)++;
28*7c478bd9Sstevel@tonic-gate 	if (!**cp)
29*7c478bd9Sstevel@tonic-gate 		return -1;
30*7c478bd9Sstevel@tonic-gate 
31*7c478bd9Sstevel@tonic-gate 	while (**cp) {
32*7c478bd9Sstevel@tonic-gate 		if (!strcasecmp(**cp, "not") || !strcasecmp(**cp, "no")) {
33*7c478bd9Sstevel@tonic-gate 			notopt = 1;
34*7c478bd9Sstevel@tonic-gate 			(*cp)++;
35*7c478bd9Sstevel@tonic-gate 			continue;
36*7c478bd9Sstevel@tonic-gate 		} else if (!strncasecmp(**cp, "ipopt", 5)) {
37*7c478bd9Sstevel@tonic-gate 			if (!notopt)
38*7c478bd9Sstevel@tonic-gate 				fr->fr_flx |= FI_OPTIONS;
39*7c478bd9Sstevel@tonic-gate 			fr->fr_mflx |= FI_OPTIONS;
40*7c478bd9Sstevel@tonic-gate 			goto nextopt;
41*7c478bd9Sstevel@tonic-gate 		} else if (!strcasecmp(**cp, "lowttl")) {
42*7c478bd9Sstevel@tonic-gate 			if (!notopt)
43*7c478bd9Sstevel@tonic-gate 				fr->fr_flx |= FI_LOWTTL;
44*7c478bd9Sstevel@tonic-gate 			fr->fr_mflx |= FI_LOWTTL;
45*7c478bd9Sstevel@tonic-gate 			goto nextopt;
46*7c478bd9Sstevel@tonic-gate 		} else if (!strcasecmp(**cp, "bad-src")) {
47*7c478bd9Sstevel@tonic-gate 			if (!notopt)
48*7c478bd9Sstevel@tonic-gate 				fr->fr_flx |= FI_BADSRC;
49*7c478bd9Sstevel@tonic-gate 			fr->fr_mflx |= FI_BADSRC;
50*7c478bd9Sstevel@tonic-gate 			goto nextopt;
51*7c478bd9Sstevel@tonic-gate 		} else if (!strncasecmp(**cp, "mbcast", 6)) {
52*7c478bd9Sstevel@tonic-gate 			if (!notopt)
53*7c478bd9Sstevel@tonic-gate 				fr->fr_flx |= FI_MBCAST;
54*7c478bd9Sstevel@tonic-gate 			fr->fr_mflx |= FI_MBCAST;
55*7c478bd9Sstevel@tonic-gate 			goto nextopt;
56*7c478bd9Sstevel@tonic-gate 		} else if (!strncasecmp(**cp, "nat", 3)) {
57*7c478bd9Sstevel@tonic-gate 			if (!notopt)
58*7c478bd9Sstevel@tonic-gate 				fr->fr_flx |= FI_NATED;
59*7c478bd9Sstevel@tonic-gate 			fr->fr_mflx |= FI_NATED;
60*7c478bd9Sstevel@tonic-gate 			goto nextopt;
61*7c478bd9Sstevel@tonic-gate 		} else if (!strncasecmp(**cp, "frag", 4)) {
62*7c478bd9Sstevel@tonic-gate 			if (!notopt)
63*7c478bd9Sstevel@tonic-gate 				fr->fr_flx |= FI_FRAG;
64*7c478bd9Sstevel@tonic-gate 			fr->fr_mflx |= FI_FRAG;
65*7c478bd9Sstevel@tonic-gate 			goto nextopt;
66*7c478bd9Sstevel@tonic-gate 		} else if (!strncasecmp(**cp, "opt", 3)) {
67*7c478bd9Sstevel@tonic-gate 			if (!*(*cp + 1)) {
68*7c478bd9Sstevel@tonic-gate 				fprintf(stderr, "%d: opt missing arguements\n",
69*7c478bd9Sstevel@tonic-gate 					linenum);
70*7c478bd9Sstevel@tonic-gate 				return -1;
71*7c478bd9Sstevel@tonic-gate 			}
72*7c478bd9Sstevel@tonic-gate 			(*cp)++;
73*7c478bd9Sstevel@tonic-gate 			if (!(opts = optname(cp, &secmsk, linenum)))
74*7c478bd9Sstevel@tonic-gate 				return -1;
75*7c478bd9Sstevel@tonic-gate 
76*7c478bd9Sstevel@tonic-gate 			if (notopt) {
77*7c478bd9Sstevel@tonic-gate 				if (!secmsk) {
78*7c478bd9Sstevel@tonic-gate 					fr->fr_optmask |= opts;
79*7c478bd9Sstevel@tonic-gate 				} else {
80*7c478bd9Sstevel@tonic-gate 					fr->fr_optmask |= (opts & ~0x0100);
81*7c478bd9Sstevel@tonic-gate 					fr->fr_secmask |= secmsk;
82*7c478bd9Sstevel@tonic-gate 				}
83*7c478bd9Sstevel@tonic-gate 				fr->fr_secbits &= ~secmsk;
84*7c478bd9Sstevel@tonic-gate 				fr->fr_optbits &= ~opts;
85*7c478bd9Sstevel@tonic-gate 			} else {
86*7c478bd9Sstevel@tonic-gate 				fr->fr_optmask |= opts;
87*7c478bd9Sstevel@tonic-gate 				fr->fr_secmask |= secmsk;
88*7c478bd9Sstevel@tonic-gate 				fr->fr_optbits |= opts;
89*7c478bd9Sstevel@tonic-gate 				fr->fr_secbits |= secmsk;
90*7c478bd9Sstevel@tonic-gate 			}
91*7c478bd9Sstevel@tonic-gate 		} else if (!strncasecmp(**cp, "short", 5)) {
92*7c478bd9Sstevel@tonic-gate 			if (fr->fr_tcpf) {
93*7c478bd9Sstevel@tonic-gate 				fprintf(stderr,
94*7c478bd9Sstevel@tonic-gate 				"%d: short cannot be used with TCP flags\n",
95*7c478bd9Sstevel@tonic-gate 					linenum);
96*7c478bd9Sstevel@tonic-gate 				return -1;
97*7c478bd9Sstevel@tonic-gate 			}
98*7c478bd9Sstevel@tonic-gate 
99*7c478bd9Sstevel@tonic-gate 			if (!notopt)
100*7c478bd9Sstevel@tonic-gate 				fr->fr_flx |= FI_SHORT;
101*7c478bd9Sstevel@tonic-gate 			fr->fr_mflx |= FI_SHORT;
102*7c478bd9Sstevel@tonic-gate 			goto nextopt;
103*7c478bd9Sstevel@tonic-gate 		} else
104*7c478bd9Sstevel@tonic-gate 			return -1;
105*7c478bd9Sstevel@tonic-gate nextopt:
106*7c478bd9Sstevel@tonic-gate 		notopt = 0;
107*7c478bd9Sstevel@tonic-gate 		opts = 0;
108*7c478bd9Sstevel@tonic-gate 		secmsk = 0;
109*7c478bd9Sstevel@tonic-gate 		(*cp)++;
110*7c478bd9Sstevel@tonic-gate 	}
111*7c478bd9Sstevel@tonic-gate 	return 0;
112*7c478bd9Sstevel@tonic-gate }
113