search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Expand PMF_FN_* macros.
[netbsd-mini2440.git] / dist / ipf / ipsend / ipsopt.c
blob7f1670568f357f12ee75b253dd6350fadfd025f4
1 /* $NetBSD$ */
2
3 /*
4 * Copyright (C) 1995-1998 by Darren Reed.
5 *
6 * See the IPFILTER.LICENCE file for details on licencing.
7 *
8 */
9 #if !defined(lint)
10 static const char sccsid[] = "@(#)ipsopt.c 1.2 1/11/96 (C)1995 Darren Reed";
11 static const char rcsid[] = "@(#)Id: ipsopt.c,v 2.4.4.1 2004/03/23 12:58:05 darrenr Exp";
12 #endif
13 #include <sys/param.h>
14 #include <sys/types.h>
15 #include <sys/time.h>
16 #include <sys/socket.h>
17 #include <netinet/in.h>
18 #include <netinet/in_systm.h>
19 #include <netinet/ip.h>
20 #include <stdio.h>
21 #include <string.h>
22 #include <stdlib.h>
23 #ifndef linux
24 #include <netinet/ip_var.h>
25 #endif
26 #include <netinet/tcp.h>
27 #include <arpa/inet.h>
28 #include "ipsend.h"
29
30
31 #ifndef __P
32 # ifdef __STDC__
33 # define __P(x) x
34 # else
35 # define __P(x) ()
36 # endif
37 #endif
38
39
40 struct ipopt_names ionames[] = {
41 { IPOPT_EOL, 0x01, 1, "eol" },
42 { IPOPT_NOP, 0x02, 1, "nop" },
43 { IPOPT_RR, 0x04, 3, "rr" }, /* 1 route */
44 { IPOPT_TS, 0x08, 8, "ts" }, /* 1 TS */
45 { IPOPT_SECURITY, 0x08, 11, "sec-level" },
46 { IPOPT_LSRR, 0x10, 7, "lsrr" }, /* 1 route */
47 { IPOPT_SATID, 0x20, 4, "satid" },
48 { IPOPT_SSRR, 0x40, 7, "ssrr" }, /* 1 route */
49 { 0, 0, 0, NULL } /* must be last */
50 };
51
52 struct ipopt_names secnames[] = {
53 { IPOPT_SECUR_UNCLASS, 0x0100, 0, "unclass" },
54 { IPOPT_SECUR_CONFID, 0x0200, 0, "confid" },
55 { IPOPT_SECUR_EFTO, 0x0400, 0, "efto" },
56 { IPOPT_SECUR_MMMM, 0x0800, 0, "mmmm" },
57 { IPOPT_SECUR_RESTR, 0x1000, 0, "restr" },
58 { IPOPT_SECUR_SECRET, 0x2000, 0, "secret" },
59 { IPOPT_SECUR_TOPSECRET, 0x4000,0, "topsecret" },
60 { 0, 0, 0, NULL } /* must be last */
61 };
62
63
64 u_short ipseclevel(slevel)
65 char *slevel;
66 {
67 struct ipopt_names *so;
68
69 for (so = secnames; so->on_name; so++)
70 if (!strcasecmp(slevel, so->on_name))
71 break;
72
73 if (!so->on_name) {
74 fprintf(stderr, "no such security level: %s\n", slevel);
75 return 0;
76 }
77 return so->on_value;
78 }
79
80
81 int addipopt(op, io, len, class)
82 char *op;
83 struct ipopt_names *io;
84 int len;
85 char *class;
86 {
87 struct in_addr ipadr;
88 int olen = len, srr = 0;
89 u_short val;
90 u_char lvl;
91 char *s = op, *t;
92
93 if ((len + io->on_siz) > 48) {
94 fprintf(stderr, "options too long\n");
95 return 0;
96 }
97 len += io->on_siz;
98 *op++ = io->on_value;
99 if (io->on_siz > 1) {
100 /*
101 * Allow option to specify RR buffer length in bytes.
102 */
103 if (io->on_value == IPOPT_RR) {
104 val = (class && *class) ? atoi(class) : 4;
105 *op++ = val + io->on_siz;
106 len += val;
107 } else
108 *op++ = io->on_siz;
109 if (io->on_value == IPOPT_TS)
110 *op++ = IPOPT_MINOFF + 1;
111 else
112 *op++ = IPOPT_MINOFF;
113
114 while (class && *class) {
115 t = NULL;
116 switch (io->on_value)
117 {
118 case IPOPT_SECURITY :
119 lvl = ipseclevel(class);
120 *(op - 1) = lvl;
121 break;
122 case IPOPT_LSRR :
123 case IPOPT_SSRR :
124 if ((t = strchr(class, ',')))
125 *t = '\0';
126 ipadr.s_addr = inet_addr(class);
127 srr++;
128 bcopy((char *)&ipadr, op, sizeof(ipadr));
129 op += sizeof(ipadr);
130 break;
131 case IPOPT_SATID :
132 val = atoi(class);
133 bcopy((char *)&val, op, 2);
134 break;
135 }
136
137 if (t)
138 *t++ = ',';
139 class = t;
140 }
141 if (srr)
142 s[IPOPT_OLEN] = IPOPT_MINOFF - 1 + 4 * srr;
143 if (io->on_value == IPOPT_RR)
144 op += val;
145 else
146 op += io->on_siz - 3;
147 }
148 return len - olen;
149 }
150
151
152 u_32_t buildopts(cp, op, len)
153 char *cp, *op;
154 int len;
155 {
156 struct ipopt_names *io;
157 u_32_t msk = 0;
158 char *s, *t;
159 int inc, lastop = -1;
160
161 for (s = strtok(cp, ","); s; s = strtok(NULL, ",")) {
162 if ((t = strchr(s, '=')))
163 *t++ = '\0';
164 for (io = ionames; io->on_name; io++) {
165 if (strcasecmp(s, io->on_name) || (msk & io->on_bit))
166 continue;
167 lastop = io->on_value;
168 if ((inc = addipopt(op, io, len, t))) {
169 op += inc;
170 len += inc;
171 }
172 msk |= io->on_bit;
173 break;
174 }
175 if (!io->on_name) {
176 fprintf(stderr, "unknown IP option name %s\n", s);
177 return 0;
178 }
179 }
180
181 if (len & 3) {
182 while (len & 3) {
183 *op++ = ((len & 3) == 3) ? IPOPT_EOL : IPOPT_NOP;
184 len++;
185 }
186 } else {
187 if (lastop != IPOPT_EOL) {
188 if (lastop == IPOPT_NOP)
189 *(op - 1) = IPOPT_EOL;
190 else {
191 *op++ = IPOPT_NOP;
192 *op++ = IPOPT_NOP;
193 *op++ = IPOPT_NOP;
194 *op = IPOPT_EOL;
195 len += 4;
196 }
197 }
198 }
199 return len;
200 }
NetBSD on the FriendlyARM MINI2440