1 2 # line 2 "../ipnat_y.y" 3 /* 4 * Copyright (C) 2001-2008 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 9 * Use is subject to license terms. 10 */ 11 12 #pragma ident "%Z%%M% %I% %E% SMI" 13 14 #ifdef __FreeBSD__ 15 # ifndef __FreeBSD_cc_version 16 # include <osreldate.h> 17 # else 18 # if __FreeBSD_cc_version < 430000 19 # include <osreldate.h> 20 # endif 21 # endif 22 #endif 23 #include <stdio.h> 24 #include <unistd.h> 25 #include <string.h> 26 #include <fcntl.h> 27 #include <errno.h> 28 #if !defined(__SVR4) && !defined(__GNUC__) 29 #include <strings.h> 30 #endif 31 #include <sys/types.h> 32 #include <sys/param.h> 33 #include <sys/file.h> 34 #include <stdlib.h> 35 #include <stddef.h> 36 #include <sys/socket.h> 37 #include <sys/ioctl.h> 38 #include <netinet/in.h> 39 #include <netinet/in_systm.h> 40 #include <sys/time.h> 41 #include <syslog.h> 42 #include <net/if.h> 43 #if __FreeBSD_version >= 300000 44 # include <net/if_var.h> 45 #endif 46 #include <netdb.h> 47 #include <arpa/nameser.h> 48 #include <resolv.h> 49 #include "ipf.h" 50 #include "netinet/ipl.h" 51 #include "ipnat_l.h" 52 53 #define YYDEBUG 1 54 55 extern void yyerror __P((char *)); 56 extern int yyparse __P((void)); 57 extern int yylex __P((void)); 58 extern int yydebug; 59 extern FILE *yyin; 60 extern int yylineNum; 61 62 static ipnat_t *nattop = NULL; 63 static ipnat_t *nat = NULL; 64 static int natfd = -1; 65 static ioctlfunc_t natioctlfunc = NULL; 66 static addfunc_t nataddfunc = NULL; 67 68 static void newnatrule __P((void)); 69 static void setnatproto __P((int)); 70 71 72 # line 71 "../ipnat_y.y" 73 typedef union 74 #ifdef __cplusplus 75 YYSTYPE 76 #endif 77 { 78 char *str; 79 u_32_t num; 80 struct { 81 i6addr_t a; 82 int v; 83 } ipa; 84 frentry_t fr; 85 frtuc_t *frt; 86 u_short port; 87 struct { 88 u_short p1; 89 u_short p2; 90 int pc; 91 } pc; 92 struct { 93 i6addr_t a; 94 i6addr_t m; 95 int v; 96 } ipp; 97 union i6addr ip6; 98 } YYSTYPE; 99 # define YY_NUMBER 257 100 # define YY_HEX 258 101 # define YY_STR 259 102 # define YY_COMMENT 260 103 # define YY_CMP_EQ 261 104 # define YY_CMP_NE 262 105 # define YY_CMP_LE 263 106 # define YY_CMP_GE 264 107 # define YY_CMP_LT 265 108 # define YY_CMP_GT 266 109 # define YY_RANGE_OUT 267 110 # define YY_RANGE_IN 268 111 # define YY_IPV6 269 112 # define IPNY_MAPBLOCK 270 113 # define IPNY_RDR 271 114 # define IPNY_PORT 272 115 # define IPNY_PORTS 273 116 # define IPNY_AUTO 274 117 # define IPNY_RANGE 275 118 # define IPNY_MAP 276 119 # define IPNY_BIMAP 277 120 # define IPNY_FROM 278 121 # define IPNY_TO 279 122 # define IPNY_MASK 280 123 # define IPNY_PORTMAP 281 124 # define IPNY_ANY 282 125 # define IPNY_ROUNDROBIN 283 126 # define IPNY_FRAG 284 127 # define IPNY_AGE 285 128 # define IPNY_ICMPIDMAP 286 129 # define IPNY_PROXY 287 130 # define IPNY_TCP 288 131 # define IPNY_UDP 289 132 # define IPNY_TCPUDP 290 133 # define IPNY_STICKY 291 134 # define IPNY_MSSCLAMP 292 135 # define IPNY_TAG 293 136 # define IPNY_TLATE 294 137 # define IPNY_SEQUENTIAL 295 138 139 #include <inttypes.h> 140 141 #ifdef __STDC__ 142 #include <stdlib.h> 143 #include <string.h> 144 #define YYCONST const 145 #else 146 #include <malloc.h> 147 #include <memory.h> 148 #define YYCONST 149 #endif 150 151 #include <values.h> 152 153 #if defined(__cplusplus) || defined(__STDC__) 154 155 #if defined(__cplusplus) && defined(__EXTERN_C__) 156 extern "C" { 157 #endif 158 #ifndef yyerror 159 #if defined(__cplusplus) 160 void yyerror(YYCONST char *); 161 #endif 162 #endif 163 #ifndef yylex 164 int yylex(void); 165 #endif 166 int yyparse(void); 167 #if defined(__cplusplus) && defined(__EXTERN_C__) 168 } 169 #endif 170 171 #endif 172 173 #define yyclearin yychar = -1 174 #define yyerrok yyerrflag = 0 175 extern int yychar; 176 extern int yyerrflag; 177 YYSTYPE yylval; 178 YYSTYPE yyval; 179 typedef int yytabelem; 180 #ifndef YYMAXDEPTH 181 #define YYMAXDEPTH 150 182 #endif 183 #if YYMAXDEPTH > 0 184 int yy_yys[YYMAXDEPTH], *yys = yy_yys; 185 YYSTYPE yy_yyv[YYMAXDEPTH], *yyv = yy_yyv; 186 #else /* user does initial allocation */ 187 int *yys; 188 YYSTYPE *yyv; 189 #endif 190 static int yymaxdepth = YYMAXDEPTH; 191 # define YYERRCODE 256 192 193 # line 791 "../ipnat_y.y" 194 195 196 197 static wordtab_t yywords[] = { 198 { "age", IPNY_AGE }, 199 { "any", IPNY_ANY }, 200 { "auto", IPNY_AUTO }, 201 { "bimap", IPNY_BIMAP }, 202 { "frag", IPNY_FRAG }, 203 { "from", IPNY_FROM }, 204 { "icmpidmap", IPNY_ICMPIDMAP }, 205 { "mask", IPNY_MASK }, 206 { "map", IPNY_MAP }, 207 { "map-block", IPNY_MAPBLOCK }, 208 { "mssclamp", IPNY_MSSCLAMP }, 209 { "netmask", IPNY_MASK }, 210 { "port", IPNY_PORT }, 211 { "portmap", IPNY_PORTMAP }, 212 { "ports", IPNY_PORTS }, 213 { "proxy", IPNY_PROXY }, 214 { "range", IPNY_RANGE }, 215 { "rdr", IPNY_RDR }, 216 { "round-robin",IPNY_ROUNDROBIN }, 217 { "sequential", IPNY_SEQUENTIAL }, 218 { "sticky", IPNY_STICKY }, 219 { "tag", IPNY_TAG }, 220 { "tcp", IPNY_TCP }, 221 { "tcpudp", IPNY_TCPUDP }, 222 { "to", IPNY_TO }, 223 { "udp", IPNY_UDP }, 224 { "-", '-' }, 225 { "->", IPNY_TLATE }, 226 { "eq", YY_CMP_EQ }, 227 { "ne", YY_CMP_NE }, 228 { "lt", YY_CMP_LT }, 229 { "gt", YY_CMP_GT }, 230 { "le", YY_CMP_LE }, 231 { "ge", YY_CMP_GE }, 232 { NULL, 0 } 233 }; 234 235 236 int ipnat_parsefile(fd, addfunc, ioctlfunc, filename) 237 int fd; 238 addfunc_t addfunc; 239 ioctlfunc_t ioctlfunc; 240 char *filename; 241 { 242 FILE *fp = NULL; 243 char *s; 244 245 (void) yysettab(yywords); 246 247 s = getenv("YYDEBUG"); 248 if (s) 249 yydebug = atoi(s); 250 else 251 yydebug = 0; 252 253 if (strcmp(filename, "-")) { 254 fp = fopen(filename, "r"); 255 if (!fp) { 256 fprintf(stderr, "fopen(%s) failed: %s\n", filename, 257 STRERROR(errno)); 258 return -1; 259 } 260 } else 261 fp = stdin; 262 263 while (ipnat_parsesome(fd, addfunc, ioctlfunc, fp) == 1) 264 ; 265 if (fp != NULL) 266 fclose(fp); 267 return 0; 268 } 269 270 271 int ipnat_parsesome(fd, addfunc, ioctlfunc, fp) 272 int fd; 273 addfunc_t addfunc; 274 ioctlfunc_t ioctlfunc; 275 FILE *fp; 276 { 277 char *s; 278 int i; 279 280 yylineNum = 1; 281 282 natfd = fd; 283 nataddfunc = addfunc; 284 natioctlfunc = ioctlfunc; 285 286 if (feof(fp)) 287 return 0; 288 i = fgetc(fp); 289 if (i == EOF) 290 return 0; 291 if (ungetc(i, fp) == EOF) 292 return 0; 293 if (feof(fp)) 294 return 0; 295 s = getenv("YYDEBUG"); 296 if (s) 297 yydebug = atoi(s); 298 else 299 yydebug = 0; 300 301 yyin = fp; 302 yyparse(); 303 return 1; 304 } 305 306 307 static void newnatrule() 308 { 309 ipnat_t *n; 310 311 n = calloc(1, sizeof(*n)); 312 if (n == NULL) 313 return; 314 315 if (nat == NULL) 316 nattop = nat = n; 317 else { 318 nat->in_next = n; 319 nat = n; 320 } 321 } 322 323 324 static void setnatproto(p) 325 int p; 326 { 327 nat->in_p = p; 328 329 switch (p) 330 { 331 case IPPROTO_TCP : 332 nat->in_flags |= IPN_TCP; 333 nat->in_flags &= ~IPN_UDP; 334 break; 335 case IPPROTO_UDP : 336 nat->in_flags |= IPN_UDP; 337 nat->in_flags &= ~IPN_TCP; 338 break; 339 case IPPROTO_ICMP : 340 nat->in_flags &= ~IPN_TCPUDP; 341 if (!(nat->in_flags & IPN_ICMPQUERY)) { 342 nat->in_dcmp = 0; 343 nat->in_scmp = 0; 344 nat->in_pmin = 0; 345 nat->in_pmax = 0; 346 nat->in_pnext = 0; 347 } 348 break; 349 default : 350 if ((nat->in_redir & NAT_MAPBLK) == 0) { 351 /* Only reset dcmp/scmp in case dport/sport not set */ 352 if (0 == nat->in_tuc.ftu_dport) 353 nat->in_dcmp = 0; 354 if (0 == nat->in_tuc.ftu_sport) 355 nat->in_scmp = 0; 356 nat->in_pmin = 0; 357 nat->in_pmax = 0; 358 nat->in_pnext = 0; 359 nat->in_flags &= ~IPN_TCPUDP; 360 } 361 break; 362 } 363 364 if ((nat->in_flags & (IPN_TCPUDP|IPN_FIXEDDPORT)) == IPN_FIXEDDPORT) 365 nat->in_flags &= ~IPN_FIXEDDPORT; 366 } 367 368 369 void ipnat_addrule(fd, ioctlfunc, ptr) 370 int fd; 371 ioctlfunc_t ioctlfunc; 372 void *ptr; 373 { 374 ioctlcmd_t add, del; 375 ipfobj_t obj; 376 ipnat_t *ipn; 377 378 ipn = ptr; 379 bzero((char *)&obj, sizeof(obj)); 380 obj.ipfo_rev = IPFILTER_VERSION; 381 obj.ipfo_size = sizeof(ipnat_t); 382 obj.ipfo_type = IPFOBJ_IPNAT; 383 obj.ipfo_ptr = ptr; 384 add = 0; 385 del = 0; 386 387 if ((opts & OPT_DONOTHING) != 0) 388 fd = -1; 389 390 if (opts & OPT_ZERORULEST) { 391 add = SIOCZRLST; 392 } else if (opts & OPT_INACTIVE) { 393 add = SIOCADNAT; 394 del = SIOCRMNAT; 395 } else { 396 add = SIOCADNAT; 397 del = SIOCRMNAT; 398 } 399 400 if (ipn && (opts & OPT_VERBOSE)) 401 printnat(ipn, opts); 402 403 if (opts & OPT_DEBUG) 404 binprint(ipn, sizeof(*ipn)); 405 406 if ((opts & OPT_ZERORULEST) != 0) { 407 if ((*ioctlfunc)(fd, add, (void *)&obj) == -1) { 408 if ((opts & OPT_DONOTHING) == 0) { 409 fprintf(stderr, "%d:", yylineNum); 410 perror("ioctl(SIOCZRLST)"); 411 } 412 } else { 413 #ifdef USE_QUAD_T 414 /* 415 printf("hits %qd bytes %qd ", 416 (long long)fr->fr_hits, 417 (long long)fr->fr_bytes); 418 */ 419 #else 420 /* 421 printf("hits %ld bytes %ld ", 422 fr->fr_hits, fr->fr_bytes); 423 */ 424 #endif 425 printnat(ipn, opts); 426 } 427 } else if ((opts & OPT_REMOVE) != 0) { 428 if ((*ioctlfunc)(fd, del, (void *)&obj) == -1) { 429 if ((opts & OPT_DONOTHING) == 0) { 430 fprintf(stderr, "%d:", yylineNum); 431 perror("ioctl(delete nat rule)"); 432 } 433 } 434 } else { 435 if ((*ioctlfunc)(fd, add, (void *)&obj) == -1) { 436 if ((opts & OPT_DONOTHING) == 0) { 437 fprintf(stderr, "%d:", yylineNum); 438 perror("ioctl(add/insert nat rule)"); 439 } 440 } 441 } 442 } 443 444 static YYCONST yytabelem yyexca[] ={ 445 -1, 1, 446 0, -1, 447 -2, 9, 448 }; 449 # define YYNPROD 124 450 # define YYLAST 348 451 static YYCONST yytabelem yyact[]={ 452 453 194, 63, 124, 85, 126, 64, 60, 50, 49, 210, 454 201, 124, 208, 126, 141, 142, 143, 195, 222, 184, 455 97, 47, 189, 62, 171, 98, 96, 38, 38, 37, 456 37, 137, 51, 123, 125, 122, 38, 81, 37, 40, 457 40, 134, 214, 125, 105, 69, 92, 41, 40, 41, 458 18, 19, 34, 34, 156, 225, 16, 17, 89, 118, 459 90, 34, 132, 148, 139, 82, 57, 38, 139, 37, 460 89, 157, 90, 109, 220, 175, 79, 76, 211, 40, 461 71, 76, 152, 153, 168, 6, 5, 89, 75, 173, 462 219, 191, 75, 190, 144, 59, 31, 28, 206, 202, 463 197, 177, 162, 154, 83, 209, 94, 200, 120, 121, 464 193, 170, 188, 102, 136, 35, 131, 86, 21, 159, 465 135, 95, 104, 53, 129, 48, 23, 196, 192, 128, 466 67, 72, 127, 212, 39, 73, 204, 130, 203, 106, 467 176, 161, 181, 36, 116, 57, 145, 42, 26, 32, 468 221, 207, 43, 44, 108, 22, 3, 140, 8, 55, 469 2, 58, 7, 29, 30, 27, 163, 24, 25, 55, 470 65, 61, 68, 68, 46, 15, 117, 100, 87, 14, 471 87, 70, 91, 84, 77, 99, 74, 74, 78, 55, 472 93, 66, 101, 13, 12, 11, 10, 20, 9, 4, 473 1, 87, 45, 119, 33, 103, 133, 54, 151, 107, 474 0, 0, 0, 0, 0, 0, 138, 0, 88, 149, 475 0, 146, 147, 0, 0, 0, 0, 0, 0, 0, 476 0, 0, 0, 0, 0, 160, 158, 0, 155, 0, 477 166, 0, 0, 0, 0, 38, 0, 37, 169, 0, 478 0, 0, 0, 0, 0, 0, 0, 40, 0, 0, 479 0, 178, 150, 0, 0, 52, 41, 182, 0, 89, 480 34, 90, 183, 110, 111, 113, 115, 112, 114, 185, 481 89, 160, 90, 80, 164, 165, 186, 167, 179, 56, 482 0, 0, 0, 0, 172, 174, 199, 160, 0, 0, 483 0, 0, 198, 0, 0, 0, 180, 0, 0, 0, 484 0, 0, 0, 213, 215, 217, 216, 0, 218, 0, 485 0, 0, 0, 187, 223, 0, 0, 224, 0, 0, 486 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 487 0, 0, 0, 0, 0, 0, 0, 205 }; 488 static YYCONST yytabelem yypact[]={ 489 490 -174, -174,-10000000,-10000000, -220,-10000000, 57,-10000000,-10000000,-10000000, 491 67, 67, 67, -162, -162, -162,-10000000,-10000000,-10000000,-10000000, 492 -163,-10000000,-10000000,-10000000,-10000000,-10000000, -229, 103,-10000000, -221, 493 -12, 66, -286, -287,-10000000, -15, -221,-10000000, 20,-10000000, 494 -10000000,-10000000, -164, -288, -271, -289, -221, -231,-10000000, -230, 495 -230, -177, -181, 4, -207,-10000000,-10000000, -153,-10000000,-10000000, 496 -221, -291, -190, -187, -190, -233, -221, -261,-10000000, -190, 497 -261, 99,-10000000,-10000000,-10000000,-10000000,-10000000,-10000000,-10000000, 99, 498 -221, -235, 12, 98, -214, -190, -255, 85, 79,-10000000, 499 -10000000, -210, -221, -238, -252, -252, -208, -274, -165, 101, 500 -252, -252,-10000000, -209,-10000000, -221,-10000000, -187, -185,-10000000, 501 -10000000,-10000000,-10000000,-10000000,-10000000,-10000000, -154, -252, -203, -210, 502 -252,-10000000,-10000000, 94,-10000000,-10000000,-10000000, -155,-10000000, -187, 503 -187, -255, 23,-10000000, -221,-10000000, -260,-10000000,-10000000, -170, 504 -199, 93,-10000000,-10000000, -156, -190,-10000000,-10000000, 12,-10000000, 505 -10000000, -187,-10000000,-10000000, 96,-10000000,-10000000,-10000000, -255,-10000000, 506 -260, -270,-10000000, -190,-10000000,-10000000, -252,-10000000, -187,-10000000, 507 -263,-10000000, -166, -168, 70, -295, -272, 69,-10000000,-10000000, 508 -10000000, -157, -252, -263,-10000000,-10000000,-10000000,-10000000, -282, -158, 509 91, 89, -187,-10000000,-10000000,-10000000, -159,-10000000,-10000000, -279, 510 -284, -179, 86, -246, -246, -295,-10000000, -282,-10000000, -255, 511 -169,-10000000, -183,-10000000,-10000000,-10000000,-10000000, -269,-10000000,-10000000, 512 -10000000, -284, -204,-10000000,-10000000,-10000000 }; 513 static YYCONST yytabelem yypgo[]={ 514 515 0, 154, 135, 209, 208, 109, 207, 205, 123, 113, 516 204, 202, 117, 115, 134, 131, 122, 130, 139, 200, 517 160, 156, 199, 198, 197, 196, 155, 195, 194, 193, 518 148, 106, 120, 121, 179, 176, 175, 171, 116, 108, 519 119, 166, 143, 165, 161, 157, 110, 114, 111, 112, 520 107, 105, 151, 150 }; 521 static YYCONST yytabelem yyr1[]={ 522 523 0, 19, 19, 19, 19, 20, 20, 21, 24, 22, 524 23, 23, 23, 26, 26, 25, 25, 25, 25, 27, 525 28, 28, 28, 31, 31, 31, 39, 39, 39, 39, 526 17, 17, 12, 12, 41, 12, 1, 1, 37, 37, 527 37, 37, 38, 38, 35, 35, 35, 29, 29, 36, 528 34, 10, 10, 11, 11, 42, 30, 30, 43, 44, 529 33, 33, 33, 46, 46, 8, 8, 6, 9, 9, 530 7, 16, 16, 16, 16, 16, 16, 16, 18, 18, 531 32, 40, 51, 51, 47, 47, 48, 48, 49, 49, 532 49, 52, 52, 50, 50, 45, 45, 45, 45, 45, 533 53, 53, 5, 5, 5, 5, 2, 13, 13, 13, 534 13, 13, 3, 3, 3, 3, 3, 3, 3, 4, 535 4, 15, 15, 14 }; 536 static YYCONST yytabelem yyr2[]={ 537 538 0, 2, 2, 4, 4, 5, 2, 9, 3, 1, 539 4, 4, 4, 0, 2, 15, 15, 15, 15, 15, 540 19, 17, 15, 0, 13, 13, 0, 3, 3, 7, 541 3, 9, 3, 7, 1, 9, 3, 3, 0, 5, 542 9, 9, 5, 7, 0, 5, 5, 3, 3, 3, 543 3, 9, 11, 9, 11, 3, 3, 7, 3, 3, 544 13, 9, 11, 0, 3, 3, 7, 3, 3, 7, 545 3, 3, 3, 7, 7, 7, 7, 7, 5, 7, 546 12, 14, 0, 5, 0, 3, 0, 3, 0, 5, 547 9, 0, 3, 0, 5, 0, 3, 3, 3, 7, 548 5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 549 3, 5, 3, 3, 3, 3, 3, 3, 3, 3, 550 3, 3, 3, 15 }; 551 static YYCONST yytabelem yychk[]={ 552 553 -10000000, -19, -20, -21, -22, 260, 259, -20, -21, -23, 554 -25, -27, -28, -29, -34, -36, 276, 277, 270, 271, 555 -24, 61, -26, 59, -26, -26, -30, -43, 259, -30, 556 -30, 259, -16, -10, 282, -13, -42, 259, 257, -14, 557 269, 278, 44, -16, -16, -11, -42, 33, 59, 294, 558 294, 47, 280, -8, -6, -16, 269, 46, -44, 259, 559 294, -37, 294, 272, 294, -8, -42, -17, -16, 275, 560 -17, 257, -15, -2, -14, 269, 258, -15, -2, 257, 561 279, 33, 272, 257, -16, 294, -12, -13, -1, 257, 562 259, -12, 279, -8, -31, -33, 287, 281, 286, -13, 563 -31, -33, -9, -7, -16, 279, -18, -3, -1, 61, 564 261, 262, 265, 263, 266, 264, 46, -35, 273, -12, 565 -39, -5, 290, 288, 257, 289, 259, 47, 44, 45, 566 58, -38, 272, -9, 279, -32, -47, 283, -32, 272, 567 -45, 288, 289, 290, 259, 45, -32, -32, 272, -9, 568 -1, -4, 267, 268, 257, -32, 257, 274, -38, -40, 569 -47, 47, 257, -41, -1, -1, -39, -1, 61, -9, 570 -48, 284, -1, 259, -1, 274, 47, 257, -13, -18, 571 -1, 46, -39, -48, 289, -13, -40, -1, -49, 285, 572 259, 259, 58, -46, 295, 289, 58, 257, -40, -49, 573 -50, 292, 257, 47, 47, -1, 257, -52, 291, -51, 574 293, 257, 47, -5, 288, -5, -46, -50, -39, 259, 575 257, -53, 287, -31, -51, 259 }; 576 static YYCONST yytabelem yydef[]={ 577 578 9, -2, 1, 2, 0, 6, 0, 3, 4, 5, 579 13, 13, 13, 0, 0, 0, 47, 48, 50, 49, 580 0, 8, 10, 14, 11, 12, 0, 56, 58, 0, 581 0, 0, 0, 0, 71, 72, 0, 107, 108, 109, 582 110, 55, 0, 0, 0, 0, 0, 0, 7, 0, 583 0, 0, 0, 0, 65, 67, 111, 0, 57, 59, 584 0, 0, 0, 0, 0, 0, 0, 23, 30, 0, 585 23, 73, 74, 75, 121, 122, 106, 76, 77, 0, 586 0, 0, 0, 0, 44, 0, 26, 32, 39, 36, 587 37, 0, 0, 0, 84, 84, 0, 95, 0, 0, 588 84, 84, 51, 68, 70, 0, 66, 0, 0, 112, 589 113, 114, 115, 116, 117, 118, 0, 84, 0, 0, 590 84, 27, 28, 103, 102, 104, 105, 0, 34, 0, 591 0, 26, 0, 53, 0, 15, 86, 85, 16, 0, 592 0, 96, 97, 98, 0, 0, 17, 18, 0, 52, 593 78, 0, 119, 120, 0, 19, 45, 46, 26, 22, 594 86, 0, 33, 0, 40, 41, 84, 42, 0, 54, 595 88, 87, 0, 0, 0, 63, 0, 0, 31, 69, 596 79, 0, 84, 88, 29, 35, 21, 43, 93, 0, 597 0, 0, 0, 61, 64, 99, 0, 123, 20, 91, 598 82, 0, 89, 0, 0, 63, 62, 93, 92, 26, 599 0, 94, 0, 24, 103, 25, 60, 23, 80, 83, 600 90, 82, 0, 101, 81, 100 }; 601 typedef struct 602 #ifdef __cplusplus 603 yytoktype 604 #endif 605 { 606 #ifdef __cplusplus 607 const 608 #endif 609 char *t_name; int t_val; } yytoktype; 610 #ifndef YYDEBUG 611 # define YYDEBUG 0 /* don't allow debugging */ 612 #endif 613 614 #if YYDEBUG 615 616 yytoktype yytoks[] = 617 { 618 "YY_NUMBER", 257, 619 "YY_HEX", 258, 620 "YY_STR", 259, 621 "YY_COMMENT", 260, 622 "YY_CMP_EQ", 261, 623 "YY_CMP_NE", 262, 624 "YY_CMP_LE", 263, 625 "YY_CMP_GE", 264, 626 "YY_CMP_LT", 265, 627 "YY_CMP_GT", 266, 628 "YY_RANGE_OUT", 267, 629 "YY_RANGE_IN", 268, 630 "YY_IPV6", 269, 631 "IPNY_MAPBLOCK", 270, 632 "IPNY_RDR", 271, 633 "IPNY_PORT", 272, 634 "IPNY_PORTS", 273, 635 "IPNY_AUTO", 274, 636 "IPNY_RANGE", 275, 637 "IPNY_MAP", 276, 638 "IPNY_BIMAP", 277, 639 "IPNY_FROM", 278, 640 "IPNY_TO", 279, 641 "IPNY_MASK", 280, 642 "IPNY_PORTMAP", 281, 643 "IPNY_ANY", 282, 644 "IPNY_ROUNDROBIN", 283, 645 "IPNY_FRAG", 284, 646 "IPNY_AGE", 285, 647 "IPNY_ICMPIDMAP", 286, 648 "IPNY_PROXY", 287, 649 "IPNY_TCP", 288, 650 "IPNY_UDP", 289, 651 "IPNY_TCPUDP", 290, 652 "IPNY_STICKY", 291, 653 "IPNY_MSSCLAMP", 292, 654 "IPNY_TAG", 293, 655 "IPNY_TLATE", 294, 656 "IPNY_SEQUENTIAL", 295, 657 "-unknown-", -1 /* ends search */ 658 }; 659 660 #ifdef __cplusplus 661 const 662 #endif 663 char * yyreds[] = 664 { 665 "-no such reduction-", 666 "file : line", 667 "file : assign", 668 "file : file line", 669 "file : file assign", 670 "line : xx rule", 671 "line : YY_COMMENT", 672 "assign : YY_STR assigning YY_STR ';'", 673 "assigning : '='", 674 "xx : /* empty */", 675 "rule : map eol", 676 "rule : mapblock eol", 677 "rule : redir eol", 678 "eol : /* empty */", 679 "eol : ';'", 680 "map : mapit ifnames addr IPNY_TLATE rhaddr proxy mapoptions", 681 "map : mapit ifnames addr IPNY_TLATE rhaddr mapport mapoptions", 682 "map : mapit ifnames mapfrom IPNY_TLATE rhaddr proxy mapoptions", 683 "map : mapit ifnames mapfrom IPNY_TLATE rhaddr mapport mapoptions", 684 "mapblock : mapblockit ifnames addr IPNY_TLATE addr ports mapoptions", 685 "redir : rdrit ifnames addr dport IPNY_TLATE dip nport setproto rdroptions", 686 "redir : rdrit ifnames rdrfrom IPNY_TLATE dip nport setproto rdroptions", 687 "redir : rdrit ifnames addr IPNY_TLATE dip setproto rdroptions", 688 "proxy : /* empty */", 689 "proxy : IPNY_PROXY IPNY_PORT portspec YY_STR '/' proto", 690 "proxy : IPNY_PROXY IPNY_PORT YY_STR YY_STR '/' proto", 691 "setproto : /* empty */", 692 "setproto : proto", 693 "setproto : IPNY_TCPUDP", 694 "setproto : IPNY_TCP '/' IPNY_UDP", 695 "rhaddr : addr", 696 "rhaddr : IPNY_RANGE hostname '-' hostname", 697 "dip : hostname", 698 "dip : hostname '/' YY_NUMBER", 699 "dip : hostname ','", 700 "dip : hostname ',' hostname", 701 "portspec : YY_NUMBER", 702 "portspec : YY_STR", 703 "dport : /* empty */", 704 "dport : IPNY_PORT portspec", 705 "dport : IPNY_PORT portspec '-' portspec", 706 "dport : IPNY_PORT portspec ':' portspec", 707 "nport : IPNY_PORT portspec", 708 "nport : IPNY_PORT '=' portspec", 709 "ports : /* empty */", 710 "ports : IPNY_PORTS YY_NUMBER", 711 "ports : IPNY_PORTS IPNY_AUTO", 712 "mapit : IPNY_MAP", 713 "mapit : IPNY_BIMAP", 714 "rdrit : IPNY_RDR", 715 "mapblockit : IPNY_MAPBLOCK", 716 "mapfrom : from sobject IPNY_TO dobject", 717 "mapfrom : from sobject '!' IPNY_TO dobject", 718 "rdrfrom : from sobject IPNY_TO dobject", 719 "rdrfrom : '!' from sobject IPNY_TO dobject", 720 "from : IPNY_FROM", 721 "ifnames : ifname", 722 "ifnames : ifname ',' otherifname", 723 "ifname : YY_STR", 724 "otherifname : YY_STR", 725 "mapport : IPNY_PORTMAP tcpudp portspec ':' portspec randport", 726 "mapport : IPNY_PORTMAP tcpudp IPNY_AUTO randport", 727 "mapport : IPNY_ICMPIDMAP YY_STR YY_NUMBER ':' YY_NUMBER", 728 "randport : /* empty */", 729 "randport : IPNY_SEQUENTIAL", 730 "sobject : saddr", 731 "sobject : saddr IPNY_PORT portstuff", 732 "saddr : addr", 733 "dobject : daddr", 734 "dobject : daddr IPNY_PORT portstuff", 735 "daddr : addr", 736 "addr : IPNY_ANY", 737 "addr : hostname", 738 "addr : hostname '/' YY_NUMBER", 739 "addr : hostname '/' ipaddr", 740 "addr : hostname '/' hexnumber", 741 "addr : hostname IPNY_MASK ipaddr", 742 "addr : hostname IPNY_MASK hexnumber", 743 "portstuff : compare portspec", 744 "portstuff : portspec range portspec", 745 "mapoptions : rr frag age mssclamp nattag setproto", 746 "rdroptions : rr frag age sticky mssclamp rdrproxy nattag", 747 "nattag : /* empty */", 748 "nattag : IPNY_TAG YY_STR", 749 "rr : /* empty */", 750 "rr : IPNY_ROUNDROBIN", 751 "frag : /* empty */", 752 "frag : IPNY_FRAG", 753 "age : /* empty */", 754 "age : IPNY_AGE YY_NUMBER", 755 "age : IPNY_AGE YY_NUMBER '/' YY_NUMBER", 756 "sticky : /* empty */", 757 "sticky : IPNY_STICKY", 758 "mssclamp : /* empty */", 759 "mssclamp : IPNY_MSSCLAMP YY_NUMBER", 760 "tcpudp : /* empty */", 761 "tcpudp : IPNY_TCP", 762 "tcpudp : IPNY_UDP", 763 "tcpudp : IPNY_TCPUDP", 764 "tcpudp : IPNY_TCP '/' IPNY_UDP", 765 "rdrproxy : IPNY_PROXY YY_STR", 766 "rdrproxy : proxy", 767 "proto : YY_NUMBER", 768 "proto : IPNY_TCP", 769 "proto : IPNY_UDP", 770 "proto : YY_STR", 771 "hexnumber : YY_HEX", 772 "hostname : YY_STR", 773 "hostname : YY_NUMBER", 774 "hostname : ipv4", 775 "hostname : YY_IPV6", 776 "hostname : YY_NUMBER YY_IPV6", 777 "compare : '='", 778 "compare : YY_CMP_EQ", 779 "compare : YY_CMP_NE", 780 "compare : YY_CMP_LT", 781 "compare : YY_CMP_LE", 782 "compare : YY_CMP_GT", 783 "compare : YY_CMP_GE", 784 "range : YY_RANGE_OUT", 785 "range : YY_RANGE_IN", 786 "ipaddr : ipv4", 787 "ipaddr : YY_IPV6", 788 "ipv4 : YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER", 789 }; 790 #endif /* YYDEBUG */ 791 # line 1 "/usr/share/lib/ccs/yaccpar" 792 /* 793 * CDDL HEADER START 794 * 795 * The contents of this file are subject to the terms of the 796 * Common Development and Distribution License, Version 1.0 only 797 * (the "License"). You may not use this file except in compliance 798 * with the License. 799 * 800 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 801 * or http://www.opensolaris.org/os/licensing. 802 * See the License for the specific language governing permissions 803 * and limitations under the License. 804 * 805 * When distributing Covered Code, include this CDDL HEADER in each 806 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 807 * If applicable, add the following below this CDDL HEADER, with the 808 * fields enclosed by brackets "[]" replaced with your own identifying 809 * information: Portions Copyright [yyyy] [name of copyright owner] 810 * 811 * CDDL HEADER END 812 */ 813 /* 814 * Copyright 1993 Sun Microsystems, Inc. All rights reserved. 815 * Use is subject to license terms. 816 */ 817 818 /* Copyright (c) 1988 AT&T */ 819 /* All Rights Reserved */ 820 821 #pragma ident "%Z%%M% %I% %E% SMI" 822 823 /* 824 ** Skeleton parser driver for yacc output 825 */ 826 827 /* 828 ** yacc user known macros and defines 829 */ 830 #define YYERROR goto yyerrlab 831 #define YYACCEPT return(0) 832 #define YYABORT return(1) 833 #define YYBACKUP( newtoken, newvalue )\ 834 {\ 835 if ( yychar >= 0 || ( yyr2[ yytmp ] >> 1 ) != 1 )\ 836 {\ 837 yyerror( "syntax error - cannot backup" );\ 838 goto yyerrlab;\ 839 }\ 840 yychar = newtoken;\ 841 yystate = *yyps;\ 842 yylval = newvalue;\ 843 goto yynewstate;\ 844 } 845 #define YYRECOVERING() (!!yyerrflag) 846 #define YYNEW(type) malloc(sizeof(type) * yynewmax) 847 #define YYCOPY(to, from, type) \ 848 (type *) memcpy(to, (char *) from, yymaxdepth * sizeof (type)) 849 #define YYENLARGE( from, type) \ 850 (type *) realloc((char *) from, yynewmax * sizeof(type)) 851 #ifndef YYDEBUG 852 # define YYDEBUG 1 /* make debugging available */ 853 #endif 854 855 /* 856 ** user known globals 857 */ 858 int yydebug; /* set to 1 to get debugging */ 859 860 /* 861 ** driver internal defines 862 */ 863 #define YYFLAG (-10000000) 864 865 /* 866 ** global variables used by the parser 867 */ 868 YYSTYPE *yypv; /* top of value stack */ 869 int *yyps; /* top of state stack */ 870 871 int yystate; /* current state */ 872 int yytmp; /* extra var (lasts between blocks) */ 873 874 int yynerrs; /* number of errors */ 875 int yyerrflag; /* error recovery flag */ 876 int yychar; /* current input token number */ 877 878 879 880 #ifdef YYNMBCHARS 881 #define YYLEX() yycvtok(yylex()) 882 /* 883 ** yycvtok - return a token if i is a wchar_t value that exceeds 255. 884 ** If i<255, i itself is the token. If i>255 but the neither 885 ** of the 30th or 31st bit is on, i is already a token. 886 */ 887 #if defined(__STDC__) || defined(__cplusplus) 888 int yycvtok(int i) 889 #else 890 int yycvtok(i) int i; 891 #endif 892 { 893 int first = 0; 894 int last = YYNMBCHARS - 1; 895 int mid; 896 wchar_t j; 897 898 if(i&0x60000000){/*Must convert to a token. */ 899 if( yymbchars[last].character < i ){ 900 return i;/*Giving up*/ 901 } 902 while ((last>=first)&&(first>=0)) {/*Binary search loop*/ 903 mid = (first+last)/2; 904 j = yymbchars[mid].character; 905 if( j==i ){/*Found*/ 906 return yymbchars[mid].tvalue; 907 }else if( j<i ){ 908 first = mid + 1; 909 }else{ 910 last = mid -1; 911 } 912 } 913 /*No entry in the table.*/ 914 return i;/* Giving up.*/ 915 }else{/* i is already a token. */ 916 return i; 917 } 918 } 919 #else/*!YYNMBCHARS*/ 920 #define YYLEX() yylex() 921 #endif/*!YYNMBCHARS*/ 922 923 /* 924 ** yyparse - return 0 if worked, 1 if syntax error not recovered from 925 */ 926 #if defined(__STDC__) || defined(__cplusplus) 927 int yyparse(void) 928 #else 929 int yyparse() 930 #endif 931 { 932 register YYSTYPE *yypvt = 0; /* top of value stack for $vars */ 933 934 #if defined(__cplusplus) || defined(lint) 935 /* 936 hacks to please C++ and lint - goto's inside 937 switch should never be executed 938 */ 939 static int __yaccpar_lint_hack__ = 0; 940 switch (__yaccpar_lint_hack__) 941 { 942 case 1: goto yyerrlab; 943 case 2: goto yynewstate; 944 } 945 #endif 946 947 /* 948 ** Initialize externals - yyparse may be called more than once 949 */ 950 yypv = &yyv[-1]; 951 yyps = &yys[-1]; 952 yystate = 0; 953 yytmp = 0; 954 yynerrs = 0; 955 yyerrflag = 0; 956 yychar = -1; 957 958 #if YYMAXDEPTH <= 0 959 if (yymaxdepth <= 0) 960 { 961 if ((yymaxdepth = YYEXPAND(0)) <= 0) 962 { 963 yyerror("yacc initialization error"); 964 YYABORT; 965 } 966 } 967 #endif 968 969 { 970 register YYSTYPE *yy_pv; /* top of value stack */ 971 register int *yy_ps; /* top of state stack */ 972 register int yy_state; /* current state */ 973 register int yy_n; /* internal state number info */ 974 goto yystack; /* moved from 6 lines above to here to please C++ */ 975 976 /* 977 ** get globals into registers. 978 ** branch to here only if YYBACKUP was called. 979 */ 980 yynewstate: 981 yy_pv = yypv; 982 yy_ps = yyps; 983 yy_state = yystate; 984 goto yy_newstate; 985 986 /* 987 ** get globals into registers. 988 ** either we just started, or we just finished a reduction 989 */ 990 yystack: 991 yy_pv = yypv; 992 yy_ps = yyps; 993 yy_state = yystate; 994 995 /* 996 ** top of for (;;) loop while no reductions done 997 */ 998 yy_stack: 999 /* 1000 ** put a state and value onto the stacks 1001 */ 1002 #if YYDEBUG 1003 /* 1004 ** if debugging, look up token value in list of value vs. 1005 ** name pairs. 0 and negative (-1) are special values. 1006 ** Note: linear search is used since time is not a real 1007 ** consideration while debugging. 1008 */ 1009 if ( yydebug ) 1010 { 1011 register int yy_i; 1012 1013 printf( "State %d, token ", yy_state ); 1014 if ( yychar == 0 ) 1015 printf( "end-of-file\n" ); 1016 else if ( yychar < 0 ) 1017 printf( "-none-\n" ); 1018 else 1019 { 1020 for ( yy_i = 0; yytoks[yy_i].t_val >= 0; 1021 yy_i++ ) 1022 { 1023 if ( yytoks[yy_i].t_val == yychar ) 1024 break; 1025 } 1026 printf( "%s\n", yytoks[yy_i].t_name ); 1027 } 1028 } 1029 #endif /* YYDEBUG */ 1030 if ( ++yy_ps >= &yys[ yymaxdepth ] ) /* room on stack? */ 1031 { 1032 /* 1033 ** reallocate and recover. Note that pointers 1034 ** have to be reset, or bad things will happen 1035 */ 1036 long yyps_index = (yy_ps - yys); 1037 long yypv_index = (yy_pv - yyv); 1038 long yypvt_index = (yypvt - yyv); 1039 int yynewmax; 1040 #ifdef YYEXPAND 1041 yynewmax = YYEXPAND(yymaxdepth); 1042 #else 1043 yynewmax = 2 * yymaxdepth; /* double table size */ 1044 if (yymaxdepth == YYMAXDEPTH) /* first time growth */ 1045 { 1046 char *newyys = (char *)YYNEW(int); 1047 char *newyyv = (char *)YYNEW(YYSTYPE); 1048 if (newyys != 0 && newyyv != 0) 1049 { 1050 yys = YYCOPY(newyys, yys, int); 1051 yyv = YYCOPY(newyyv, yyv, YYSTYPE); 1052 } 1053 else 1054 yynewmax = 0; /* failed */ 1055 } 1056 else /* not first time */ 1057 { 1058 yys = YYENLARGE(yys, int); 1059 yyv = YYENLARGE(yyv, YYSTYPE); 1060 if (yys == 0 || yyv == 0) 1061 yynewmax = 0; /* failed */ 1062 } 1063 #endif 1064 if (yynewmax <= yymaxdepth) /* tables not expanded */ 1065 { 1066 yyerror( "yacc stack overflow" ); 1067 YYABORT; 1068 } 1069 yymaxdepth = yynewmax; 1070 1071 yy_ps = yys + yyps_index; 1072 yy_pv = yyv + yypv_index; 1073 yypvt = yyv + yypvt_index; 1074 } 1075 *yy_ps = yy_state; 1076 *++yy_pv = yyval; 1077 1078 /* 1079 ** we have a new state - find out what to do 1080 */ 1081 yy_newstate: 1082 if ( ( yy_n = yypact[ yy_state ] ) <= YYFLAG ) 1083 goto yydefault; /* simple state */ 1084 #if YYDEBUG 1085 /* 1086 ** if debugging, need to mark whether new token grabbed 1087 */ 1088 yytmp = yychar < 0; 1089 #endif 1090 if ( ( yychar < 0 ) && ( ( yychar = YYLEX() ) < 0 ) ) 1091 yychar = 0; /* reached EOF */ 1092 #if YYDEBUG 1093 if ( yydebug && yytmp ) 1094 { 1095 register int yy_i; 1096 1097 printf( "Received token " ); 1098 if ( yychar == 0 ) 1099 printf( "end-of-file\n" ); 1100 else if ( yychar < 0 ) 1101 printf( "-none-\n" ); 1102 else 1103 { 1104 for ( yy_i = 0; yytoks[yy_i].t_val >= 0; 1105 yy_i++ ) 1106 { 1107 if ( yytoks[yy_i].t_val == yychar ) 1108 break; 1109 } 1110 printf( "%s\n", yytoks[yy_i].t_name ); 1111 } 1112 } 1113 #endif /* YYDEBUG */ 1114 if ( ( ( yy_n += yychar ) < 0 ) || ( yy_n >= YYLAST ) ) 1115 goto yydefault; 1116 if ( yychk[ yy_n = yyact[ yy_n ] ] == yychar ) /*valid shift*/ 1117 { 1118 yychar = -1; 1119 yyval = yylval; 1120 yy_state = yy_n; 1121 if ( yyerrflag > 0 ) 1122 yyerrflag--; 1123 goto yy_stack; 1124 } 1125 1126 yydefault: 1127 if ( ( yy_n = yydef[ yy_state ] ) == -2 ) 1128 { 1129 #if YYDEBUG 1130 yytmp = yychar < 0; 1131 #endif 1132 if ( ( yychar < 0 ) && ( ( yychar = YYLEX() ) < 0 ) ) 1133 yychar = 0; /* reached EOF */ 1134 #if YYDEBUG 1135 if ( yydebug && yytmp ) 1136 { 1137 register int yy_i; 1138 1139 printf( "Received token " ); 1140 if ( yychar == 0 ) 1141 printf( "end-of-file\n" ); 1142 else if ( yychar < 0 ) 1143 printf( "-none-\n" ); 1144 else 1145 { 1146 for ( yy_i = 0; 1147 yytoks[yy_i].t_val >= 0; 1148 yy_i++ ) 1149 { 1150 if ( yytoks[yy_i].t_val 1151 == yychar ) 1152 { 1153 break; 1154 } 1155 } 1156 printf( "%s\n", yytoks[yy_i].t_name ); 1157 } 1158 } 1159 #endif /* YYDEBUG */ 1160 /* 1161 ** look through exception table 1162 */ 1163 { 1164 register YYCONST int *yyxi = yyexca; 1165 1166 while ( ( *yyxi != -1 ) || 1167 ( yyxi[1] != yy_state ) ) 1168 { 1169 yyxi += 2; 1170 } 1171 while ( ( *(yyxi += 2) >= 0 ) && 1172 ( *yyxi != yychar ) ) 1173 ; 1174 if ( ( yy_n = yyxi[1] ) < 0 ) 1175 YYACCEPT; 1176 } 1177 } 1178 1179 /* 1180 ** check for syntax error 1181 */ 1182 if ( yy_n == 0 ) /* have an error */ 1183 { 1184 /* no worry about speed here! */ 1185 switch ( yyerrflag ) 1186 { 1187 case 0: /* new error */ 1188 yyerror( "syntax error" ); 1189 goto skip_init; 1190 yyerrlab: 1191 /* 1192 ** get globals into registers. 1193 ** we have a user generated syntax type error 1194 */ 1195 yy_pv = yypv; 1196 yy_ps = yyps; 1197 yy_state = yystate; 1198 skip_init: 1199 yynerrs++; 1200 /* FALLTHRU */ 1201 case 1: 1202 case 2: /* incompletely recovered error */ 1203 /* try again... */ 1204 yyerrflag = 3; 1205 /* 1206 ** find state where "error" is a legal 1207 ** shift action 1208 */ 1209 while ( yy_ps >= yys ) 1210 { 1211 yy_n = yypact[ *yy_ps ] + YYERRCODE; 1212 if ( yy_n >= 0 && yy_n < YYLAST && 1213 yychk[yyact[yy_n]] == YYERRCODE) { 1214 /* 1215 ** simulate shift of "error" 1216 */ 1217 yy_state = yyact[ yy_n ]; 1218 goto yy_stack; 1219 } 1220 /* 1221 ** current state has no shift on 1222 ** "error", pop stack 1223 */ 1224 #if YYDEBUG 1225 # define _POP_ "Error recovery pops state %d, uncovers state %d\n" 1226 if ( yydebug ) 1227 printf( _POP_, *yy_ps, 1228 yy_ps[-1] ); 1229 # undef _POP_ 1230 #endif 1231 yy_ps--; 1232 yy_pv--; 1233 } 1234 /* 1235 ** there is no state on stack with "error" as 1236 ** a valid shift. give up. 1237 */ 1238 YYABORT; 1239 case 3: /* no shift yet; eat a token */ 1240 #if YYDEBUG 1241 /* 1242 ** if debugging, look up token in list of 1243 ** pairs. 0 and negative shouldn't occur, 1244 ** but since timing doesn't matter when 1245 ** debugging, it doesn't hurt to leave the 1246 ** tests here. 1247 */ 1248 if ( yydebug ) 1249 { 1250 register int yy_i; 1251 1252 printf( "Error recovery discards " ); 1253 if ( yychar == 0 ) 1254 printf( "token end-of-file\n" ); 1255 else if ( yychar < 0 ) 1256 printf( "token -none-\n" ); 1257 else 1258 { 1259 for ( yy_i = 0; 1260 yytoks[yy_i].t_val >= 0; 1261 yy_i++ ) 1262 { 1263 if ( yytoks[yy_i].t_val 1264 == yychar ) 1265 { 1266 break; 1267 } 1268 } 1269 printf( "token %s\n", 1270 yytoks[yy_i].t_name ); 1271 } 1272 } 1273 #endif /* YYDEBUG */ 1274 if ( yychar == 0 ) /* reached EOF. quit */ 1275 YYABORT; 1276 yychar = -1; 1277 goto yy_newstate; 1278 } 1279 }/* end if ( yy_n == 0 ) */ 1280 /* 1281 ** reduction by production yy_n 1282 ** put stack tops, etc. so things right after switch 1283 */ 1284 #if YYDEBUG 1285 /* 1286 ** if debugging, print the string that is the user's 1287 ** specification of the reduction which is just about 1288 ** to be done. 1289 */ 1290 if ( yydebug ) 1291 printf( "Reduce by (%d) \"%s\"\n", 1292 yy_n, yyreds[ yy_n ] ); 1293 #endif 1294 yytmp = yy_n; /* value to switch over */ 1295 yypvt = yy_pv; /* $vars top of value stack */ 1296 /* 1297 ** Look in goto table for next state 1298 ** Sorry about using yy_state here as temporary 1299 ** register variable, but why not, if it works... 1300 ** If yyr2[ yy_n ] doesn't have the low order bit 1301 ** set, then there is no action to be done for 1302 ** this reduction. So, no saving & unsaving of 1303 ** registers done. The only difference between the 1304 ** code just after the if and the body of the if is 1305 ** the goto yy_stack in the body. This way the test 1306 ** can be made before the choice of what to do is needed. 1307 */ 1308 { 1309 /* length of production doubled with extra bit */ 1310 register int yy_len = yyr2[ yy_n ]; 1311 1312 if ( !( yy_len & 01 ) ) 1313 { 1314 yy_len >>= 1; 1315 yyval = ( yy_pv -= yy_len )[1]; /* $$ = $1 */ 1316 yy_state = yypgo[ yy_n = yyr1[ yy_n ] ] + 1317 *( yy_ps -= yy_len ) + 1; 1318 if ( yy_state >= YYLAST || 1319 yychk[ yy_state = 1320 yyact[ yy_state ] ] != -yy_n ) 1321 { 1322 yy_state = yyact[ yypgo[ yy_n ] ]; 1323 } 1324 goto yy_stack; 1325 } 1326 yy_len >>= 1; 1327 yyval = ( yy_pv -= yy_len )[1]; /* $$ = $1 */ 1328 yy_state = yypgo[ yy_n = yyr1[ yy_n ] ] + 1329 *( yy_ps -= yy_len ) + 1; 1330 if ( yy_state >= YYLAST || 1331 yychk[ yy_state = yyact[ yy_state ] ] != -yy_n ) 1332 { 1333 yy_state = yyact[ yypgo[ yy_n ] ]; 1334 } 1335 } 1336 /* save until reenter driver code */ 1337 yystate = yy_state; 1338 yyps = yy_ps; 1339 yypv = yy_pv; 1340 } 1341 /* 1342 ** code supplied by user is placed in this switch 1343 */ 1344 switch( yytmp ) 1345 { 1346 1347 case 5: 1348 # line 119 "../ipnat_y.y" 1349 { while ((nat = nattop) != NULL) { 1350 if (nat->in_v == 0) 1351 nat->in_v = 4; 1352 nattop = nat->in_next; 1353 (*nataddfunc)(natfd, natioctlfunc, nat); 1354 free(nat); 1355 } 1356 resetlexer(); 1357 } break; 1358 case 7: 1359 # line 131 "../ipnat_y.y" 1360 { set_variable(yypvt[-3].str, yypvt[-1].str); 1361 resetlexer(); 1362 free(yypvt[-3].str); 1363 free(yypvt[-1].str); 1364 } break; 1365 case 8: 1366 # line 139 "../ipnat_y.y" 1367 { yyvarnext = 1; } break; 1368 case 9: 1369 # line 142 "../ipnat_y.y" 1370 { newnatrule(); } break; 1371 case 15: 1372 # line 154 "../ipnat_y.y" 1373 { if (yypvt[-4].ipp.v != 0 && yypvt[-4].ipp.v != yypvt[-2].ipp.v && yypvt[-2].ipp.v != 0) 1374 yyerror("1.address family mismatch"); 1375 bcopy(&yypvt[-4].ipp.a, &nat->in_in[0], sizeof(yypvt[-4].ipp.a)); 1376 bcopy(&yypvt[-4].ipp.m, &nat->in_in[1], sizeof(yypvt[-4].ipp.a)); 1377 bcopy(&yypvt[-2].ipp.a, &nat->in_out[0], sizeof(yypvt[-2].ipp.a)); 1378 bcopy(&yypvt[-2].ipp.m, &nat->in_out[1], sizeof(yypvt[-2].ipp.a)); 1379 if (nat->in_ifnames[1][0] == '\0') 1380 strncpy(nat->in_ifnames[1], 1381 nat->in_ifnames[0], 1382 sizeof(nat->in_ifnames[0])); 1383 if ((nat->in_flags & IPN_TCPUDP) == 0) 1384 setnatproto(nat->in_p); 1385 if (((nat->in_redir & NAT_MAPBLK) != 0) || 1386 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 1387 nat_setgroupmap(nat); 1388 } break; 1389 case 16: 1390 # line 171 "../ipnat_y.y" 1391 { if (yypvt[-4].ipp.v != 0 && yypvt[-4].ipp.v != yypvt[-2].ipp.v && yypvt[-2].ipp.v != 0) 1392 yyerror("2.address family mismatch"); 1393 bcopy(&yypvt[-4].ipp.a, &nat->in_in[0], sizeof(yypvt[-4].ipp.a)); 1394 bcopy(&yypvt[-4].ipp.m, &nat->in_in[1], sizeof(yypvt[-4].ipp.a)); 1395 bcopy(&yypvt[-2].ipp.a, &nat->in_out[0], sizeof(yypvt[-2].ipp.a)); 1396 bcopy(&yypvt[-2].ipp.m, &nat->in_out[1], sizeof(yypvt[-2].ipp.a)); 1397 if (nat->in_ifnames[1][0] == '\0') 1398 strncpy(nat->in_ifnames[1], 1399 nat->in_ifnames[0], 1400 sizeof(nat->in_ifnames[0])); 1401 if ((nat->in_flags & IPN_TCPUDPICMPQ) == 0) 1402 setnatproto(nat->in_p); 1403 if (((nat->in_redir & NAT_MAPBLK) != 0) || 1404 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 1405 nat_setgroupmap(nat); 1406 } break; 1407 case 17: 1408 # line 188 "../ipnat_y.y" 1409 { if (yypvt[-4].num != 0 && yypvt[-4].num != yypvt[-2].ipp.v && yypvt[-2].ipp.v != 0) 1410 yyerror("3.address family mismatch"); 1411 bcopy(&yypvt[-2].ipp.a, &nat->in_out[0], sizeof(yypvt[-2].ipp.a)); 1412 bcopy(&yypvt[-2].ipp.m, &nat->in_out[1], sizeof(yypvt[-2].ipp.a)); 1413 if (nat->in_ifnames[1][0] == '\0') 1414 strncpy(nat->in_ifnames[1], 1415 nat->in_ifnames[0], 1416 sizeof(nat->in_ifnames[0])); 1417 if ((nat->in_flags & IPN_TCPUDP) == 0) 1418 setnatproto(nat->in_p); 1419 if (((nat->in_redir & NAT_MAPBLK) != 0) || 1420 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 1421 nat_setgroupmap(nat); 1422 } break; 1423 case 18: 1424 # line 203 "../ipnat_y.y" 1425 { if (yypvt[-4].num != 0 && yypvt[-4].num != yypvt[-2].ipp.v && yypvt[-2].ipp.v != 0) 1426 yyerror("4.address family mismatch"); 1427 bcopy(&yypvt[-2].ipp.a, &nat->in_out[0], sizeof(yypvt[-2].ipp.a)); 1428 bcopy(&yypvt[-2].ipp.m, &nat->in_out[1], sizeof(yypvt[-2].ipp.a)); 1429 if (nat->in_ifnames[1][0] == '\0') 1430 strncpy(nat->in_ifnames[1], 1431 nat->in_ifnames[0], 1432 sizeof(nat->in_ifnames[0])); 1433 if ((nat->in_flags & IPN_TCPUDPICMPQ) == 0) 1434 setnatproto(nat->in_p); 1435 if (((nat->in_redir & NAT_MAPBLK) != 0) || 1436 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 1437 nat_setgroupmap(nat); 1438 } break; 1439 case 19: 1440 # line 221 "../ipnat_y.y" 1441 { if (yypvt[-4].ipp.v != 0 && yypvt[-4].ipp.v != yypvt[-2].ipp.v && yypvt[-2].ipp.v != 0) 1442 yyerror("5.address family mismatch"); 1443 bcopy(&yypvt[-4].ipp.a, &nat->in_in[0], sizeof(yypvt[-4].ipp.a)); 1444 bcopy(&yypvt[-4].ipp.m, &nat->in_in[1], sizeof(yypvt[-4].ipp.a)); 1445 bcopy(&yypvt[-2].ipp.a, &nat->in_out[0], sizeof(yypvt[-2].ipp.a)); 1446 bcopy(&yypvt[-2].ipp.m, &nat->in_out[1], sizeof(yypvt[-2].ipp.a)); 1447 if (nat->in_ifnames[1][0] == '\0') 1448 strncpy(nat->in_ifnames[1], 1449 nat->in_ifnames[0], 1450 sizeof(nat->in_ifnames[0])); 1451 if ((nat->in_flags & IPN_TCPUDP) == 0) 1452 setnatproto(nat->in_p); 1453 if (((nat->in_redir & NAT_MAPBLK) != 0) || 1454 ((nat->in_flags & IPN_AUTOPORTMAP) != 0)) 1455 nat_setgroupmap(nat); 1456 } break; 1457 case 20: 1458 # line 240 "../ipnat_y.y" 1459 { if (yypvt[-3].num != 0 && yypvt[-6].ipp.v != 0 && yypvt[-3].num != yypvt[-6].ipp.v) 1460 yyerror("6.address family mismatch"); 1461 bcopy(&yypvt[-6].ipp.a, &nat->in_out[0], sizeof(yypvt[-6].ipp.a)); 1462 bcopy(&yypvt[-6].ipp.m, &nat->in_out[1], sizeof(yypvt[-6].ipp.a)); 1463 if (nat->in_ifnames[1][0] == '\0') 1464 strncpy(nat->in_ifnames[1], 1465 nat->in_ifnames[0], 1466 sizeof(nat->in_ifnames[0])); 1467 if ((nat->in_p == 0) && 1468 ((nat->in_flags & IPN_TCPUDP) == 0) && 1469 (nat->in_pmin != 0 || 1470 nat->in_pmax != 0 || 1471 nat->in_pnext != 0)) 1472 setnatproto(IPPROTO_TCP); 1473 } break; 1474 case 21: 1475 # line 256 "../ipnat_y.y" 1476 { if (yypvt[-3].num != 0 && yypvt[-5].num != 0 && yypvt[-3].num != yypvt[-5].num) 1477 yyerror("7.address family mismatch"); 1478 if ((nat->in_p == 0) && 1479 ((nat->in_flags & IPN_TCPUDP) == 0) && 1480 (nat->in_pmin != 0 || 1481 nat->in_pmax != 0 || 1482 nat->in_pnext != 0)) 1483 setnatproto(IPPROTO_TCP); 1484 if (nat->in_ifnames[1][0] == '\0') 1485 strncpy(nat->in_ifnames[1], 1486 nat->in_ifnames[0], 1487 sizeof(nat->in_ifnames[0])); 1488 } break; 1489 case 22: 1490 # line 270 "../ipnat_y.y" 1491 { if (yypvt[-2].num != 0 && yypvt[-4].ipp.v != 0 && yypvt[-2].num != yypvt[-4].ipp.v) 1492 yyerror("8.address family mismatch"); 1493 bcopy(&yypvt[-4].ipp.a, &nat->in_out[0], sizeof(yypvt[-4].ipp.a)); 1494 bcopy(&yypvt[-4].ipp.m, &nat->in_out[1], sizeof(yypvt[-4].ipp.a)); 1495 if (nat->in_ifnames[1][0] == '\0') 1496 strncpy(nat->in_ifnames[1], 1497 nat->in_ifnames[0], 1498 sizeof(nat->in_ifnames[0])); 1499 } break; 1500 case 24: 1501 # line 282 "../ipnat_y.y" 1502 { strncpy(nat->in_plabel, yypvt[-2].str, sizeof(nat->in_plabel)); 1503 if (nat->in_dcmp == 0) { 1504 nat->in_dport = htons(yypvt[-3].port); 1505 } else if (yypvt[-3].port != nat->in_dport) { 1506 yyerror("proxy port numbers not consistant"); 1507 } 1508 setnatproto(yypvt[-0].num); 1509 free(yypvt[-2].str); 1510 } break; 1511 case 25: 1512 # line 292 "../ipnat_y.y" 1513 { int pnum; 1514 strncpy(nat->in_plabel, yypvt[-2].str, sizeof(nat->in_plabel)); 1515 pnum = getportproto(yypvt[-3].str, yypvt[-0].num); 1516 if (pnum == -1) 1517 yyerror("invalid port number"); 1518 nat->in_dport = pnum; 1519 setnatproto(yypvt[-0].num); 1520 free(yypvt[-3].str); 1521 free(yypvt[-2].str); 1522 } break; 1523 case 27: 1524 # line 305 "../ipnat_y.y" 1525 { if (nat->in_p != 0 || 1526 nat->in_flags & IPN_TCPUDP) 1527 yyerror("protocol set twice"); 1528 setnatproto(yypvt[-0].num); 1529 } break; 1530 case 28: 1531 # line 310 "../ipnat_y.y" 1532 { if (nat->in_p != 0 || 1533 nat->in_flags & IPN_TCPUDP) 1534 yyerror("protocol set twice"); 1535 nat->in_flags |= IPN_TCPUDP; 1536 nat->in_p = 0; 1537 } break; 1538 case 29: 1539 # line 316 "../ipnat_y.y" 1540 { if (nat->in_p != 0 || 1541 nat->in_flags & IPN_TCPUDP) 1542 yyerror("protocol set twice"); 1543 nat->in_flags |= IPN_TCPUDP; 1544 nat->in_p = 0; 1545 } break; 1546 case 30: 1547 # line 324 "../ipnat_y.y" 1548 { yyval.ipp.a = yypvt[-0].ipp.a; 1549 yyval.ipp.m = yypvt[-0].ipp.m; 1550 yyval.ipp.v = yypvt[-0].ipp.v; 1551 if (yyval.ipp.v == 0) 1552 yyval.ipp.v = nat->in_v; 1553 yyexpectaddr = 0; } break; 1554 case 31: 1555 # line 331 "../ipnat_y.y" 1556 { if (yypvt[-2].ipa.v != 0 && yypvt[-0].ipa.v != 0 && yypvt[-0].ipa.v != yypvt[-2].ipa.v) 1557 yyerror("9.address family " 1558 "mismatch"); 1559 yyval.ipp.v = yypvt[-2].ipa.v; 1560 yyval.ipp.a = yypvt[-2].ipa.a; 1561 yyval.ipp.m = yypvt[-0].ipa.a; 1562 nat->in_flags |= IPN_IPRANGE; 1563 yyexpectaddr = 0; } break; 1564 case 32: 1565 # line 342 "../ipnat_y.y" 1566 { bcopy(&yypvt[-0].ipa.a, &nat->in_in[0], 1567 sizeof(yypvt[-0].ipa.a)); 1568 if (yypvt[-0].ipa.v == 0) 1569 yypvt[-0].ipa.v = nat->in_v; 1570 if (yypvt[-0].ipa.v == 4) { 1571 nat->in_inmsk = 0xffffffff; 1572 } else { 1573 nat->in_in[1].i6[0] = 0xffffffff; 1574 nat->in_in[1].i6[1] = 0xffffffff; 1575 nat->in_in[1].i6[2] = 0xffffffff; 1576 nat->in_in[1].i6[3] = 0xffffffff; 1577 } 1578 yyval.num = yypvt[-0].ipa.v; 1579 } break; 1580 case 33: 1581 # line 356 "../ipnat_y.y" 1582 { if (yypvt[-2].ipa.v == 0) 1583 yypvt[-2].ipa.v = nat->in_v; 1584 if (yypvt[-2].ipa.v == 4 && 1585 (yypvt[-2].ipa.a.in4.s_addr != 0 || 1586 (yypvt[-0].num != 0 && yypvt[-0].num != 32))) 1587 yyerror("Invalid mask for dip"); 1588 else if (yypvt[-2].ipa.v == 6 && 1589 (yypvt[-2].ipa.a.in4.s_addr != 0 || 1590 (yypvt[-0].num != 0 && yypvt[-0].num != 128))) 1591 yyerror("Invalid mask for dip"); 1592 else if (yypvt[-2].ipa.v == 0 ) { 1593 if (yypvt[-2].ipa.a.in4.s_addr == 0 && 1594 (yypvt[-0].num == 32 || yypvt[-0].num == 0)) 1595 yypvt[-2].ipa.v = 4; 1596 else if (yypvt[-0].num == 128) 1597 yypvt[-2].ipa.v = 6; 1598 } 1599 bcopy(&yypvt[-2].ipa.a, &nat->in_in[0], 1600 sizeof(yypvt[-2].ipa.a)); 1601 ntomask(yypvt[-2].ipa.v, yypvt[-0].num, 1602 (u_32_t *)&nat->in_in[1]); 1603 nat->in_in[0].i6[0] &= nat->in_in[1].i6[0]; 1604 nat->in_in[0].i6[0] &= nat->in_in[1].i6[1]; 1605 nat->in_in[0].i6[0] &= nat->in_in[1].i6[2]; 1606 nat->in_in[0].i6[0] &= nat->in_in[1].i6[3]; 1607 nat->in_v = yypvt[-2].ipa.v; 1608 yyval.num = yypvt[-2].ipa.v; 1609 } break; 1610 case 34: 1611 # line 384 "../ipnat_y.y" 1612 { yyexpectaddr = 1; } break; 1613 case 35: 1614 # line 385 "../ipnat_y.y" 1615 { if (yypvt[-3].ipa.v != yypvt[-0].ipa.v) 1616 yyerror("10.address family " 1617 "mismatch"); 1618 yyval.num = yypvt[-3].ipa.v; 1619 nat->in_flags |= IPN_SPLIT; 1620 bcopy(&yypvt[-3].ipa.a, &nat->in_in[0], 1621 sizeof(yypvt[-3].ipa.a)); 1622 bcopy(&yypvt[-0].ipa.a, &nat->in_in[1], 1623 sizeof(yypvt[-0].ipa.a)); 1624 yyexpectaddr = 0; } break; 1625 case 36: 1626 # line 398 "../ipnat_y.y" 1627 { if (yypvt[-0].num > 65535) /* Unsigned */ 1628 yyerror("invalid port number"); 1629 else 1630 yyval.port = yypvt[-0].num; 1631 } break; 1632 case 37: 1633 # line 403 "../ipnat_y.y" 1634 { if (getport(NULL, yypvt[-0].str, &(yyval.port)) == -1) 1635 yyerror("invalid port number"); 1636 yyval.port = ntohs(yyval.port); 1637 } break; 1638 case 39: 1639 # line 409 "../ipnat_y.y" 1640 { nat->in_pmin = htons(yypvt[-0].port); 1641 nat->in_pmax = htons(yypvt[-0].port); } break; 1642 case 40: 1643 # line 411 "../ipnat_y.y" 1644 { nat->in_pmin = htons(yypvt[-2].port); 1645 nat->in_pmax = htons(yypvt[-0].port); } break; 1646 case 41: 1647 # line 413 "../ipnat_y.y" 1648 { nat->in_pmin = htons(yypvt[-2].port); 1649 nat->in_pmax = htons(yypvt[-0].port); } break; 1650 case 42: 1651 # line 417 "../ipnat_y.y" 1652 { nat->in_pnext = htons(yypvt[-0].port); } break; 1653 case 43: 1654 # line 418 "../ipnat_y.y" 1655 { nat->in_pnext = htons(yypvt[-0].port); 1656 nat->in_flags |= IPN_FIXEDDPORT; 1657 } break; 1658 case 45: 1659 # line 423 "../ipnat_y.y" 1660 { nat->in_pmin = yypvt[-0].num; } break; 1661 case 46: 1662 # line 424 "../ipnat_y.y" 1663 { nat->in_flags |= IPN_AUTOPORTMAP; } break; 1664 case 47: 1665 # line 427 "../ipnat_y.y" 1666 { nat->in_redir = NAT_MAP; } break; 1667 case 48: 1668 # line 428 "../ipnat_y.y" 1669 { nat->in_redir = NAT_BIMAP; } break; 1670 case 49: 1671 # line 431 "../ipnat_y.y" 1672 { nat->in_redir = NAT_REDIRECT; } break; 1673 case 50: 1674 # line 435 "../ipnat_y.y" 1675 { nat->in_redir = NAT_MAPBLK; } break; 1676 case 51: 1677 # line 439 "../ipnat_y.y" 1678 { if (yypvt[-2].num != 0 && yypvt[-0].num != 0 && yypvt[-2].num != yypvt[-0].num) 1679 yyerror("11.address family " 1680 "mismatch"); 1681 yyval.num = yypvt[-2].num; 1682 } break; 1683 case 52: 1684 # line 445 "../ipnat_y.y" 1685 { if (yypvt[-3].num != 0 && yypvt[-0].num != 0 && yypvt[-3].num != yypvt[-0].num) 1686 yyerror("12.address family " 1687 "mismatch"); 1688 nat->in_flags |= IPN_NOTDST; 1689 yyval.num = yypvt[-3].num; 1690 } break; 1691 case 53: 1692 # line 454 "../ipnat_y.y" 1693 { if (yypvt[-2].num != 0 && yypvt[-0].num != 0 && yypvt[-2].num != yypvt[-0].num) 1694 yyerror("13.address family " 1695 "mismatch"); 1696 yyval.num = yypvt[-2].num; 1697 } break; 1698 case 54: 1699 # line 460 "../ipnat_y.y" 1700 { if (yypvt[-2].num != 0 && yypvt[-0].num != 0 && yypvt[-2].num != yypvt[-0].num) 1701 yyerror("14.address family " 1702 "mismatch"); 1703 nat->in_flags |= IPN_NOTSRC; 1704 yyval.num = yypvt[-2].num; 1705 } break; 1706 case 55: 1707 # line 468 "../ipnat_y.y" 1708 { nat->in_flags |= IPN_FILTER; 1709 yyexpectaddr = 1; } break; 1710 case 56: 1711 # line 473 "../ipnat_y.y" 1712 { yyexpectaddr = 1; } break; 1713 case 57: 1714 # line 474 "../ipnat_y.y" 1715 { yyexpectaddr = 1; } break; 1716 case 58: 1717 # line 477 "../ipnat_y.y" 1718 { strncpy(nat->in_ifnames[0], yypvt[-0].str, 1719 sizeof(nat->in_ifnames[0])); 1720 nat->in_ifnames[0][LIFNAMSIZ - 1] = '\0'; 1721 free(yypvt[-0].str); 1722 } break; 1723 case 59: 1724 # line 485 "../ipnat_y.y" 1725 { strncpy(nat->in_ifnames[1], yypvt[-0].str, 1726 sizeof(nat->in_ifnames[1])); 1727 nat->in_ifnames[1][LIFNAMSIZ - 1] = '\0'; 1728 free(yypvt[-0].str); 1729 } break; 1730 case 60: 1731 # line 494 "../ipnat_y.y" 1732 { nat->in_pmin = htons(yypvt[-3].port); 1733 nat->in_pmax = htons(yypvt[-1].port); 1734 } break; 1735 case 61: 1736 # line 498 "../ipnat_y.y" 1737 { nat->in_flags |= IPN_AUTOPORTMAP; 1738 nat->in_pmin = htons(1024); 1739 nat->in_pmax = htons(65535); 1740 } break; 1741 case 62: 1742 # line 503 "../ipnat_y.y" 1743 { if (strcmp(yypvt[-3].str, "icmp") != 0) { 1744 yyerror("icmpidmap not followed by icmp"); 1745 } 1746 free(yypvt[-3].str); 1747 if (yypvt[-2].num < 0 || yypvt[-2].num > 65535) 1748 yyerror("invalid ICMP Id number"); 1749 if (yypvt[-0].num < 0 || yypvt[-0].num > 65535) 1750 yyerror("invalid ICMP Id number"); 1751 nat->in_flags = IPN_ICMPQUERY; 1752 nat->in_pmin = htons(yypvt[-2].num); 1753 nat->in_pmax = htons(yypvt[-0].num); 1754 } break; 1755 case 64: 1756 # line 518 "../ipnat_y.y" 1757 { nat->in_flags |= IPN_SEQUENTIAL; } break; 1758 case 65: 1759 # line 522 "../ipnat_y.y" 1760 { yyval.num = yypvt[-0].num; } break; 1761 case 66: 1762 # line 523 "../ipnat_y.y" 1763 { nat->in_sport = yypvt[-0].pc.p1; 1764 nat->in_stop = yypvt[-0].pc.p2; 1765 nat->in_scmp = yypvt[-0].pc.pc; 1766 yyval.num = yypvt[-2].num; 1767 } break; 1768 case 67: 1769 # line 530 "../ipnat_y.y" 1770 { if (nat->in_redir == NAT_REDIRECT) { 1771 bcopy(&yypvt[-0].ipp.a, &nat->in_src[0], 1772 sizeof(yypvt[-0].ipp.a)); 1773 bcopy(&yypvt[-0].ipp.m, &nat->in_src[1], 1774 sizeof(yypvt[-0].ipp.a)); 1775 } else { 1776 bcopy(&yypvt[-0].ipp.a, &nat->in_in[0], 1777 sizeof(yypvt[-0].ipp.a)); 1778 bcopy(&yypvt[-0].ipp.m, &nat->in_in[1], 1779 sizeof(yypvt[-0].ipp.a)); 1780 } 1781 yyval.num = yypvt[-0].ipp.v; 1782 } break; 1783 case 68: 1784 # line 546 "../ipnat_y.y" 1785 { yyval.num = yypvt[-0].num; } break; 1786 case 69: 1787 # line 547 "../ipnat_y.y" 1788 { nat->in_dport = yypvt[-0].pc.p1; 1789 nat->in_dtop = yypvt[-0].pc.p2; 1790 nat->in_dcmp = yypvt[-0].pc.pc; 1791 if (nat->in_redir == NAT_REDIRECT) 1792 nat->in_pmin = htons(yypvt[-0].pc.p1); 1793 } break; 1794 case 70: 1795 # line 555 "../ipnat_y.y" 1796 { if (nat->in_redir == NAT_REDIRECT) { 1797 bcopy(&yypvt[-0].ipp.a, &nat->in_out[0], 1798 sizeof(yypvt[-0].ipp.a)); 1799 bcopy(&yypvt[-0].ipp.m, &nat->in_out[1], 1800 sizeof(yypvt[-0].ipp.a)); 1801 } else { 1802 bcopy(&yypvt[-0].ipp.a, &nat->in_src[0], 1803 sizeof(yypvt[-0].ipp.a)); 1804 bcopy(&yypvt[-0].ipp.m, &nat->in_src[1], 1805 sizeof(yypvt[-0].ipp.a)); 1806 } 1807 yyval.num = yypvt[-0].ipp.v; 1808 } break; 1809 case 71: 1810 # line 570 "../ipnat_y.y" 1811 { yyexpectaddr = 0; 1812 bzero(&yyval.ipp.a, sizeof(yyval.ipp.a)); 1813 bzero(&yyval.ipp.m, sizeof(yyval.ipp.a)); 1814 yyval.ipp.v = nat->in_v; 1815 } break; 1816 case 72: 1817 # line 575 "../ipnat_y.y" 1818 { yyval.ipp.a = yypvt[-0].ipa.a; 1819 yyval.ipp.v = yypvt[-0].ipa.v; 1820 if (yyval.ipp.v == 4) { 1821 yyval.ipp.m.in4.s_addr = 0xffffffff; 1822 } else { 1823 yyval.ipp.m.i6[0] = 0xffffffff; 1824 yyval.ipp.m.i6[1] = 0xffffffff; 1825 yyval.ipp.m.i6[2] = 0xffffffff; 1826 yyval.ipp.m.i6[3] = 0xffffffff; 1827 } 1828 yyexpectaddr = 0; 1829 } break; 1830 case 73: 1831 # line 587 "../ipnat_y.y" 1832 { yyval.ipp.a = yypvt[-2].ipa.a; 1833 if (yypvt[-2].ipa.v == 0) { 1834 if (yypvt[-2].ipa.a.in4.s_addr != 0) 1835 yyerror("invalid addr"); 1836 if (yypvt[-0].num == 0 || yypvt[-0].num == 32) 1837 yypvt[-2].ipa.v = 4; 1838 else if (yypvt[-0].num == 128) 1839 yypvt[-2].ipa.v = 6; 1840 else 1841 yyerror("invalid mask"); 1842 nat->in_v = yypvt[-2].ipa.v; 1843 } 1844 ntomask(yypvt[-2].ipa.v, yypvt[-0].num, (u_32_t *)&yyval.ipp.m); 1845 yyval.ipp.a.i6[0] &= yyval.ipp.m.i6[0]; 1846 yyval.ipp.a.i6[1] &= yyval.ipp.m.i6[1]; 1847 yyval.ipp.a.i6[2] &= yyval.ipp.m.i6[2]; 1848 yyval.ipp.a.i6[3] &= yyval.ipp.m.i6[3]; 1849 yyval.ipp.v = yypvt[-2].ipa.v; 1850 yyexpectaddr = 0; 1851 } break; 1852 case 74: 1853 # line 607 "../ipnat_y.y" 1854 { if (yypvt[-2].ipa.v != yypvt[-0].ipa.v) { 1855 yyerror("1.address family " 1856 "mismatch"); 1857 } 1858 yyval.ipp.a = yypvt[-2].ipa.a; 1859 yyval.ipp.m = yypvt[-0].ipa.a; 1860 yyval.ipp.a.i6[0] &= yyval.ipp.m.i6[0]; 1861 yyval.ipp.a.i6[1] &= yyval.ipp.m.i6[1]; 1862 yyval.ipp.a.i6[2] &= yyval.ipp.m.i6[2]; 1863 yyval.ipp.a.i6[3] &= yyval.ipp.m.i6[3]; 1864 yyval.ipp.v = yypvt[-2].ipa.v; 1865 yyexpectaddr = 0; 1866 } break; 1867 case 75: 1868 # line 620 "../ipnat_y.y" 1869 { yyval.ipp.a = yypvt[-2].ipa.a; 1870 yyval.ipp.m.in4.s_addr = htonl(yypvt[-0].num); 1871 yyval.ipp.a.in4.s_addr &= yyval.ipp.m.in4.s_addr; 1872 yyval.ipp.v = 4; 1873 } break; 1874 case 76: 1875 # line 625 "../ipnat_y.y" 1876 { if (yypvt[-2].ipa.v != yypvt[-0].ipa.v) { 1877 yyerror("2.address family " 1878 "mismatch"); 1879 } 1880 yyval.ipp.a = yypvt[-2].ipa.a; 1881 yyval.ipp.m = yypvt[-0].ipa.a; 1882 yyval.ipp.a.i6[0] &= yyval.ipp.m.i6[0]; 1883 yyval.ipp.a.i6[1] &= yyval.ipp.m.i6[1]; 1884 yyval.ipp.a.i6[2] &= yyval.ipp.m.i6[2]; 1885 yyval.ipp.a.i6[3] &= yyval.ipp.m.i6[3]; 1886 yyval.ipp.v = yypvt[-2].ipa.v; 1887 yyexpectaddr = 0; 1888 } break; 1889 case 77: 1890 # line 638 "../ipnat_y.y" 1891 { yyval.ipp.a = yypvt[-2].ipa.a; 1892 yyval.ipp.m.in4.s_addr = htonl(yypvt[-0].num); 1893 yyval.ipp.a.in4.s_addr &= yyval.ipp.m.in4.s_addr; 1894 yyval.ipp.v = 4; 1895 } break; 1896 case 78: 1897 # line 646 "../ipnat_y.y" 1898 { yyval.pc.pc = yypvt[-1].num; yyval.pc.p1 = yypvt[-0].port; } break; 1899 case 79: 1900 # line 647 "../ipnat_y.y" 1901 { yyval.pc.pc = yypvt[-1].num; yyval.pc.p1 = yypvt[-2].port; yyval.pc.p2 = yypvt[-0].port; } break; 1902 case 83: 1903 # line 658 "../ipnat_y.y" 1904 { strncpy(nat->in_tag.ipt_tag, yypvt[-0].str, 1905 sizeof(nat->in_tag.ipt_tag)); 1906 } break; 1907 case 85: 1908 # line 662 "../ipnat_y.y" 1909 { nat->in_flags |= IPN_ROUNDR; } break; 1910 case 87: 1911 # line 665 "../ipnat_y.y" 1912 { nat->in_flags |= IPN_FRAG; } break; 1913 case 89: 1914 # line 668 "../ipnat_y.y" 1915 { nat->in_age[0] = yypvt[-0].num; 1916 nat->in_age[1] = yypvt[-0].num; } break; 1917 case 90: 1918 # line 670 "../ipnat_y.y" 1919 { nat->in_age[0] = yypvt[-2].num; 1920 nat->in_age[1] = yypvt[-0].num; } break; 1921 case 92: 1922 # line 674 "../ipnat_y.y" 1923 { if (!(nat->in_flags & IPN_ROUNDR) && 1924 !(nat->in_flags & IPN_SPLIT)) { 1925 fprintf(stderr, 1926 "'sticky' for use with round-robin/IP splitting only\n"); 1927 } else 1928 nat->in_flags |= IPN_STICKY; 1929 } break; 1930 case 94: 1931 # line 684 "../ipnat_y.y" 1932 { nat->in_mssclamp = yypvt[-0].num; } break; 1933 case 96: 1934 # line 687 "../ipnat_y.y" 1935 { setnatproto(IPPROTO_TCP); } break; 1936 case 97: 1937 # line 688 "../ipnat_y.y" 1938 { setnatproto(IPPROTO_UDP); } break; 1939 case 98: 1940 # line 689 "../ipnat_y.y" 1941 { nat->in_flags |= IPN_TCPUDP; 1942 nat->in_p = 0; 1943 } break; 1944 case 99: 1945 # line 692 "../ipnat_y.y" 1946 { nat->in_flags |= IPN_TCPUDP; 1947 nat->in_p = 0; 1948 } break; 1949 case 100: 1950 # line 699 "../ipnat_y.y" 1951 { strncpy(nat->in_plabel, yypvt[-0].str, 1952 sizeof(nat->in_plabel)); 1953 nat->in_dport = nat->in_pnext; 1954 nat->in_dport = htons(nat->in_dport); 1955 free(yypvt[-0].str); 1956 } break; 1957 case 101: 1958 # line 705 "../ipnat_y.y" 1959 { if (nat->in_plabel[0] != '\0') { 1960 nat->in_pmin = nat->in_dport; 1961 nat->in_pmax = nat->in_pmin; 1962 nat->in_pnext = nat->in_pmin; 1963 } 1964 } break; 1965 case 102: 1966 # line 713 "../ipnat_y.y" 1967 { yyval.num = yypvt[-0].num; } break; 1968 case 103: 1969 # line 714 "../ipnat_y.y" 1970 { yyval.num = IPPROTO_TCP; } break; 1971 case 104: 1972 # line 715 "../ipnat_y.y" 1973 { yyval.num = IPPROTO_UDP; } break; 1974 case 105: 1975 # line 716 "../ipnat_y.y" 1976 { yyval.num = getproto(yypvt[-0].str); free(yypvt[-0].str); } break; 1977 case 106: 1978 # line 720 "../ipnat_y.y" 1979 { yyval.num = yypvt[-0].num; } break; 1980 case 107: 1981 # line 724 "../ipnat_y.y" 1982 { i6addr_t addr; 1983 if (gethost(yypvt[-0].str, &addr, 0) == 0) { 1984 yyval.ipa.a = addr; 1985 yyval.ipa.v = 4; 1986 } else 1987 if (gethost(yypvt[-0].str, &addr, 1) == 0) { 1988 yyval.ipa.a = addr; 1989 yyval.ipa.v = 6; 1990 } else { 1991 yyerror("Unknown hostname"); 1992 } 1993 if (yyval.ipa.v != 0) 1994 nat->in_v = yyval.ipa.v; 1995 free(yypvt[-0].str); 1996 } break; 1997 case 108: 1998 # line 739 "../ipnat_y.y" 1999 { bzero(&yyval.ipa.a, sizeof(yyval.ipa.a)); 2000 yyval.ipa.a.in4.s_addr = htonl(yypvt[-0].num); 2001 if (yyval.ipa.a.in4.s_addr != 0) 2002 yyval.ipa.v = 4; 2003 else 2004 yyval.ipa.v = nat->in_v; 2005 if (yyval.ipa.v != 0) 2006 nat->in_v = yyval.ipa.v; 2007 } break; 2008 case 109: 2009 # line 748 "../ipnat_y.y" 2010 { yyval.ipa = yypvt[-0].ipa; 2011 nat->in_v = 4; 2012 } break; 2013 case 110: 2014 # line 751 "../ipnat_y.y" 2015 { yyval.ipa.a = yypvt[-0].ip6; 2016 yyval.ipa.v = 6; 2017 nat->in_v = 6; 2018 } break; 2019 case 111: 2020 # line 755 "../ipnat_y.y" 2021 { yyval.ipa.a = yypvt[-0].ip6; 2022 yyval.ipa.v = 6; 2023 } break; 2024 case 112: 2025 # line 761 "../ipnat_y.y" 2026 { yyval.num = FR_EQUAL; } break; 2027 case 113: 2028 # line 762 "../ipnat_y.y" 2029 { yyval.num = FR_EQUAL; } break; 2030 case 114: 2031 # line 763 "../ipnat_y.y" 2032 { yyval.num = FR_NEQUAL; } break; 2033 case 115: 2034 # line 764 "../ipnat_y.y" 2035 { yyval.num = FR_LESST; } break; 2036 case 116: 2037 # line 765 "../ipnat_y.y" 2038 { yyval.num = FR_LESSTE; } break; 2039 case 117: 2040 # line 766 "../ipnat_y.y" 2041 { yyval.num = FR_GREATERT; } break; 2042 case 118: 2043 # line 767 "../ipnat_y.y" 2044 { yyval.num = FR_GREATERTE; } break; 2045 case 119: 2046 # line 770 "../ipnat_y.y" 2047 { yyval.num = FR_OUTRANGE; } break; 2048 case 120: 2049 # line 771 "../ipnat_y.y" 2050 { yyval.num = FR_INRANGE; } break; 2051 case 121: 2052 # line 774 "../ipnat_y.y" 2053 { yyval.ipa = yypvt[-0].ipa; } break; 2054 case 122: 2055 # line 775 "../ipnat_y.y" 2056 { yyval.ipa.a = yypvt[-0].ip6; 2057 yyval.ipa.v = 6; 2058 } break; 2059 case 123: 2060 # line 781 "../ipnat_y.y" 2061 { if (yypvt[-6].num > 255 || yypvt[-4].num > 255 || yypvt[-2].num > 255 || yypvt[-0].num > 255) { 2062 yyerror("Invalid octet string for IP address"); 2063 return 0; 2064 } 2065 yyval.ipa.a.in4.s_addr = (yypvt[-6].num << 24) | (yypvt[-4].num << 16) | (yypvt[-2].num << 8) | yypvt[-0].num; 2066 yyval.ipa.a.in4.s_addr = htonl(yyval.ipa.a.in4.s_addr); 2067 yyval.ipa.v = 4; 2068 } break; 2069 # line 556 "/usr/share/lib/ccs/yaccpar" 2070 } 2071 goto yystack; /* reset registers in driver code */ 2072 } 2073 2074