summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2009-07-28 13:26:53 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2009-07-28 13:26:53 +0000
commita4d429758d4e0205f70bb2e506e0deee6c1e038c (patch)
treee33a3753a1b33c6a381c812d539856fe37a8a91b
parent8d38de5c778284f43a8d441038d168a37311367e (diff)
Bring back rev. 1.560:
Make it possible to use DiffServ Code Point in the TOS fields. Requested by deraadt@
-rw-r--r--sbin/pfctl/parse.y70
1 files changed, 60 insertions, 10 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 0d9988aa8b2..318f447380b 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.561 2009/07/27 19:00:28 deraadt Exp $ */
+/* $OpenBSD: parse.y,v 1.562 2009/07/28 13:26:52 claudio Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -340,6 +340,8 @@ void decide_address_family(struct node_host *, sa_family_t *);
void remove_invalid_hosts(struct node_host **, sa_family_t *);
int invalid_redirect(struct node_host *, sa_family_t);
u_int16_t parseicmpspec(char *, sa_family_t);
+int kw_casecmp(const void *, const void *);
+int map_tos(char *string, int *);
TAILQ_HEAD(loadanchorshead, loadanchors)
loadanchorshead = TAILQ_HEAD_INITIALIZER(loadanchorshead);
@@ -3308,17 +3310,14 @@ icmp6type : STRING {
;
tos : STRING {
- if (!strcmp($1, "lowdelay"))
- $$ = IPTOS_LOWDELAY;
- else if (!strcmp($1, "throughput"))
- $$ = IPTOS_THROUGHPUT;
- else if (!strcmp($1, "reliability"))
- $$ = IPTOS_RELIABILITY;
+ int val;
+ if (map_tos($1, &val))
+ $$ = val;
else if ($1[0] == '0' && $1[1] == 'x')
$$ = strtoul($1, NULL, 16);
else
- $$ = 0; /* flag bad argument */
- if (!$$ || $$ > 255) {
+ $$ = 256; /* flag bad argument */
+ if ($$ > 255) {
yyerror("illegal tos value %s", $1);
free($1);
YYERROR;
@@ -3327,7 +3326,7 @@ tos : STRING {
}
| NUMBER {
$$ = $1;
- if (!$$ || $$ > 255) {
+ if ($$ > 255) {
yyerror("illegal tos value %s", $1);
YYERROR;
}
@@ -5973,3 +5972,54 @@ pfctl_load_anchors(int dev, struct pfctl *pf, struct pfr_buffer *trans)
return (0);
}
+
+int
+kw_casecmp(const void *k, const void *e)
+{
+ return (strcasecmp(k, ((const struct keywords *)e)->k_name));
+}
+
+int
+map_tos(char *s, int *val)
+{
+ /* DiffServ Codepoints and other TOS mappings */
+ const struct keywords toswords[] = {
+ { "af11", IPTOS_DSCP_AF11 },
+ { "af12", IPTOS_DSCP_AF12 },
+ { "af13", IPTOS_DSCP_AF13 },
+ { "af21", IPTOS_DSCP_AF21 },
+ { "af22", IPTOS_DSCP_AF22 },
+ { "af23", IPTOS_DSCP_AF23 },
+ { "af31", IPTOS_DSCP_AF31 },
+ { "af32", IPTOS_DSCP_AF32 },
+ { "af33", IPTOS_DSCP_AF33 },
+ { "af41", IPTOS_DSCP_AF41 },
+ { "af42", IPTOS_DSCP_AF42 },
+ { "af43", IPTOS_DSCP_AF43 },
+ { "critical", IPTOS_PREC_CRITIC_ECP },
+ { "cs0", IPTOS_DSCP_CS0 },
+ { "cs1", IPTOS_DSCP_CS1 },
+ { "cs2", IPTOS_DSCP_CS2 },
+ { "cs3", IPTOS_DSCP_CS3 },
+ { "cs4", IPTOS_DSCP_CS4 },
+ { "cs5", IPTOS_DSCP_CS5 },
+ { "cs6", IPTOS_DSCP_CS6 },
+ { "cs7", IPTOS_DSCP_CS7 },
+ { "ef", IPTOS_DSCP_EF },
+ { "inetcontrol", IPTOS_PREC_INTERNETCONTROL },
+ { "lowdelay", IPTOS_LOWDELAY },
+ { "netcontrol", IPTOS_PREC_NETCONTROL },
+ { "reliability", IPTOS_RELIABILITY },
+ { "throughput", IPTOS_THROUGHPUT }
+ };
+ const struct keywords *p;
+
+ p = bsearch(s, toswords, sizeof(toswords)/sizeof(toswords[0]),
+ sizeof(toswords[0]), kw_casecmp);
+
+ if (p) {
+ *val = p->k_val;
+ return (1);
+ }
+ return (0);
+}