| blob | a6d12c1fca313012162ef0df2418d10df40ecade |
1 /*
2 * netsniff-ng - the packet sniffing beast
3 * By Daniel Borkmann <daniel@netsniff-ng.org>
4 * Copyright 2012 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,
5 * Swiss federal institute of technology (ETH Zurich)
6 * Subject to the GPL, version 2.
7 */
9 /* lex-func-prefix: yy */
11 %{
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <string.h>
16 #include <ctype.h>
17 #include <stdbool.h>
18 #include <arpa/inet.h>
20 #include "trafgen_parser.tab.h"
21 #include "xmalloc.h"
22 #include "built_in.h"
23 #include "str.h"
25 extern void yyerror(const char *);
27 static char *try_convert_shellcode(char *sstr)
28 {
29 bool found_any = false;
30 char *bstr, *ostr = sstr, *hay, *orig = sstr;
31 size_t j = 0, blen, slen = strlen(sstr), tot = 0;
32 const char *needle = "\\x";
34 sstr++;
35 slen -= 2;
37 if (slen % 4 != 0)
38 return orig;
40 blen = slen / 4;
41 hay = sstr;
42 while ((hay = strstr(hay, needle)) != NULL ) {
43 hay += strlen(needle) + 2;
44 found_any = true;
45 tot++;
46 }
48 if (blen != tot || !found_any)
49 return orig;
51 blen += 2;
52 bstr = xzmalloc(blen);
54 bstr[j++] = '\"';
55 while (j < blen - 1)
56 bstr[j++] = (uint8_t) strtoul(sstr + 2, &sstr, 16);
57 bstr[j++] = '\"';
59 xfree(ostr);
60 return bstr;
61 }
63 %}
65 %option align
66 %option nounput
67 %option noyywrap
68 %option noreject
69 %option 8bit
70 %option caseless
71 %option noinput
72 %option nodefault
74 number_oct ([0][0-9]+)
75 number_hex ([0]?[x][a-fA-F0-9]+)
76 number_bin ([0]?[b][0-1]+)
77 number_dec (([0])|([1-9][0-9]*))
78 number_ascii ([a-zA-Z])
80 /* rules taken from nftables scanner.l */
81 hex4 ([[:xdigit:]]{1,4})
82 v680 (({hex4}:){7}{hex4})
83 v670 ((:)((:{hex4}){7}))
84 v671 ((({hex4}:){1})((:{hex4}){6}))
85 v672 ((({hex4}:){2})((:{hex4}){5}))
86 v673 ((({hex4}:){3})((:{hex4}){4}))
87 v674 ((({hex4}:){4})((:{hex4}){3}))
88 v675 ((({hex4}:){5})((:{hex4}){2}))
89 v676 ((({hex4}:){6})(:{hex4}{1}))
90 v677 ((({hex4}:){7})(:))
91 v67 ({v670}|{v671}|{v672}|{v673}|{v674}|{v675}|{v676}|{v677})
92 v660 ((:)((:{hex4}){6}))
93 v661 ((({hex4}:){1})((:{hex4}){5}))
94 v662 ((({hex4}:){2})((:{hex4}){4}))
95 v663 ((({hex4}:){3})((:{hex4}){3}))
96 v664 ((({hex4}:){4})((:{hex4}){2}))
97 v665 ((({hex4}:){5})((:{hex4}){1}))
98 v666 ((({hex4}:){6})(:))
99 v66 ({v660}|{v661}|{v662}|{v663}|{v664}|{v665}|{v666})
100 v650 ((:)((:{hex4}){5}))
101 v651 ((({hex4}:){1})((:{hex4}){4}))
102 v652 ((({hex4}:){2})((:{hex4}){3}))
103 v653 ((({hex4}:){3})((:{hex4}){2}))
104 v654 ((({hex4}:){4})(:{hex4}{1}))
105 v655 ((({hex4}:){5})(:))
106 v65 ({v650}|{v651}|{v652}|{v653}|{v654}|{v655})
107 v640 ((:)((:{hex4}){4}))
108 v641 ((({hex4}:){1})((:{hex4}){3}))
109 v642 ((({hex4}:){2})((:{hex4}){2}))
110 v643 ((({hex4}:){3})((:{hex4}){1}))
111 v644 ((({hex4}:){4})(:))
112 v64 ({v640}|{v641}|{v642}|{v643}|{v644})
113 v630 ((:)((:{hex4}){3}))
114 v631 ((({hex4}:){1})((:{hex4}){2}))
115 v632 ((({hex4}:){2})((:{hex4}){1}))
116 v633 ((({hex4}:){3})(:))
117 v63 ({v630}|{v631}|{v632}|{v633})
118 v620 ((:)((:{hex4}){2}))
119 v621 ((({hex4}:){1})((:{hex4}){1}))
120 v622 ((({hex4}:){2})(:))
121 v62 ({v620}|{v621}|{v622})
122 v610 ((:)(:{hex4}{1}))
123 v611 ((({hex4}:){1})(:))
124 v61 ({v610}|{v611})
125 v60 (::)
127 a_hex ([a-fA-F0-9]+)
128 mac ({a_hex}:{a_hex}:{a_hex}:{a_hex}:{a_hex}:{a_hex})
129 ip4_addr ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
130 ip6_addr ({v680}|{v67}|{v66}|{v65}|{v64}|{v63}|{v62}|{v61}|{v60})
132 %%
134 "cpu" { return K_CPU; }
135 "fill" { return K_FILL; }
136 "rnd" { return K_RND; }
137 "csum16" { return K_CSUMIP; }
138 "csumip" { return K_CSUMIP; }
139 "csumip4" { return K_CSUMIP; }
140 "csumicmp" { return K_CSUMIP; }
141 "csumicmp4" { return K_CSUMIP; }
142 "csumudp" { return K_CSUMUDP; }
143 "csumtcp" { return K_CSUMTCP; }
144 "csumudp6" { return K_CSUMUDP6; }
145 "csumtcp6" { return K_CSUMTCP6; }
146 "csumicmp6" { return K_CSUMICMP6; }
147 "drnd" { return K_DRND; }
148 "dinc" { return K_DINC; }
149 "ddec" { return K_DDEC; }
150 "seqinc" { return K_SEQINC; }
151 "seqdec" { return K_SEQDEC; }
152 "const8"|"c8" { return K_CONST8; }
153 "const16"|"c16" { return K_CONST16; }
154 "const32"|"c32" { return K_CONST32; }
155 "const64"|"c64" { return K_CONST64; }
157 "prot"[o]? { return K_PROT; }
158 "tc"|"tclass" { return K_TC; }
160 /* Ethernet */
161 "daddr"|"da" { return K_DADDR; }
162 "saddr"|"sa" { return K_SADDR; }
163 "etype" { return K_ETYPE; }
164 "type" { return K_TYPE; }
166 /* PFC/IEEE 802.3X PAUSE */
167 "time" { return K_TIME; }
168 "pri"|"prio" { return K_PRIO; }
170 /* VLAN (802.1Q & 802.1ad) */
171 "tpid" { return K_TPID; }
172 "tci" { return K_TCI; }
173 "pcp" { return K_PCP; }
174 "dei"|"cfi" { return K_DEI; }
175 "1ad" { return K_1AD; }
176 "1q" { return K_1Q; }
178 /* MPLS (Multi Protocol Label Switching) */
179 "lbl"|"label" { return K_LABEL; }
180 "last" { return K_LAST; }
181 "exp" { return K_EXP; }
183 /* ARP */
184 "sha"|"smac" { return K_SHA; }
185 "spa"|"sip" { return K_SPA; }
186 "tha"|"tmac" { return K_THA; }
187 "tpa"|"tip" { return K_TPA; }
188 "req"|"request" { return K_REQUEST; }
189 "reply" { return K_REPLY; }
190 "op"|"oper" { return K_OPER; }
191 "htype" { return K_HTYPE; }
192 "ptype" { return K_PTYPE; }
194 /* IPv4 */
195 "ihl" { return K_IHL; }
196 "ver"|"version" { return K_VER; }
197 "ttl" { return K_TTL; }
198 "dscp" { return K_DSCP; }
199 "ecn" { return K_ECN; }
200 "tos" { return K_TOS; }
201 "len"|"length" { return K_LEN; }
202 "id" { return K_ID; }
203 "flags" { return K_FLAGS; }
204 "frag" { return K_FRAG; }
205 "csum" { return K_CSUM; }
206 "df" { return K_DF; }
207 "mf" { return K_MF; }
209 /* IPv6 */
210 "fl"|"flow" { return K_FLOW; }
211 "nh"|"nexthdr" { return K_NEXT_HDR; }
212 "hl"|"hoplimit" { return K_HOP_LIMIT; }
215 /* ICMPv4 */
216 "addr" { return K_ADDR; }
217 "mtu" { return K_MTU; }
219 /* ICMPv6 */
220 "code" { return K_CODE; }
221 "echorequest" { return K_ECHO_REQUEST; }
222 "echoreply" { return K_ECHO_REPLY; }
224 /* UDP */
225 "sp"|"sport" { return K_SPORT; }
226 "dp"|"dport" { return K_DPORT; }
228 /* TCP */
229 "seq" { return K_SEQ; }
230 "ackseq"|"aseq" { return K_ACK_SEQ; }
231 "doff"|hlen { return K_DOFF; }
232 "cwr" { return K_CWR; }
233 "ece"|"ecn" { return K_ECE; }
234 "urg" { return K_URG; }
235 "ack" { return K_ACK; }
236 "psh" { return K_PSH; }
237 "rst" { return K_RST; }
238 "syn" { return K_SYN; }
239 "fin" { return K_FIN; }
240 "win"|"window" { return K_WINDOW; }
241 "urgptr" { return K_URG_PTR; }
243 /* DNS */
244 "qr" { return K_QR; }
245 "aa"|"aanswer" { return K_AANSWER; }
246 "trunc" { return K_TRUNC; }
247 "ravail" { return K_RAVAIL; }
248 "rdesired" { return K_RDESIRED; }
249 "zero" { return K_ZERO; }
250 "rc"|"rcode" { return K_RCODE; }
251 "qdcount" { return K_QDCOUNT; }
252 "ancount" { return K_ANCOUNT; }
253 "nscount" { return K_NSCOUNT; }
254 "arcount" { return K_ARCOUNT; }
255 "name" { return K_NAME; }
256 "class" { return K_CLASS; }
257 "data" { return K_DATA; }
258 "qry"|"query" { return K_QUERY; }
259 "ans"|"answer" { return K_ANSWER; }
260 "auth" { return K_AUTH; }
261 "add" { return K_ADD; }
262 "ns" { return K_NS; }
263 "cname" { return K_CNAME; }
264 "ptr" { return K_PTR; }
266 "eth" { return K_ETH; }
267 "pause" { return K_PAUSE; }
268 "pfc" { return K_PFC; }
269 "vlan" { return K_VLAN; }
270 "mpls" { return K_MPLS; }
271 "arp" { return K_ARP; }
272 "ip4"|"ipv4" { return K_IP4; }
273 "ip6"|"ipv6" { return K_IP6; }
274 "icmp4"|"icmpv4" { return K_ICMP4; }
275 "icmp6"|"icmpv6" { return K_ICMP6; }
276 "udp" { return K_UDP; }
277 "tcp" { return K_TCP; }
278 "dns" { return K_DNS; }
280 [ ]*"-"[ ]* { return '-'; }
281 [ ]*"+"[ ]* { return '+'; }
282 [ ]*"*"[ ]* { return '*'; }
283 [ ]*"/"[ ]* { return '/'; }
284 [ ]*"%"[ ]* { return '%'; }
285 [ ]*"&"[ ]* { return '&'; }
286 [ ]*"|"[ ]* { return '|'; }
287 [ ]*"<"[ ]* { return '<'; }
288 [ ]*">"[ ]* { return '>'; }
289 [ ]*"^"[ ]* { return '^'; }
290 "{" { return '{'; }
291 "}" { return '}'; }
292 "(" { return '('; }
293 ")" { return ')'; }
294 "[" { return '['; }
295 "]" { return ']'; }
296 "," { return ','; }
297 ":" { return ':'; }
298 "=" { return '='; }
300 "\n" { yylineno++; }
302 "\""[^\"]+"\"" { yylval.str = try_convert_shellcode(xstrdup(yytext));
303 return string; }
305 ([ \t\n]+)? { return K_WHITE; }
307 "/*"([^\*]|\*[^/])*"*/" { return K_COMMENT; }
309 "#"[^\n]* { return K_COMMENT; }
311 {number_hex} { yylval.number = strtoul(yytext + (yytext[0] == 'x' ? 1 : 0),
312 NULL, 16);
313 return number; }
315 {number_dec} { yylval.number = strtol(yytext, NULL, 10);
316 return number; }
318 {number_oct} { yylval.number = strtol(yytext + 1, NULL, 8);
319 return number; }
321 {number_bin} { yylval.number = strtol(yytext + (yytext[0] == 'b' ? 1 : 2),
322 NULL, 2);
323 return number; }
325 {number_ascii} { yylval.number = (uint8_t) (*yytext);
326 return number; }
328 {mac} { if (str2mac(yytext, yylval.mac, 6))
329 panic("Failed to parse MAC address %s\n", yytext);
330 return mac; }
332 {ip4_addr} { if (inet_pton(AF_INET, yytext, &yylval.ip4_addr) != 1)
333 panic("Failed to parse IPv4 address %s\n", yytext);
334 return ip4_addr; };
336 {ip6_addr} { if (inet_pton(AF_INET6, yytext, &yylval.ip6_addr) != 1)
337 panic("Failed to parse IPv6 address %s\n", yytext);
338 return ip6_addr; };
340 "'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
341 return number; }
343 "'"."'" { yylval.number = (uint8_t) (*(yytext + 1));
344 return number; }
346 ";"[^\n]* {/* NOP */}
347 . { printf("Unknown character '%s'", yytext);
348 yyerror("lex Unknown character"); }
350 %%