diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2002-12-12 15:06:17 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2002-12-12 15:06:17 +0000 |
| commit | a514e57b4799b40b2b6df5a395a13a47ac0044d4 (patch) | |
| tree | 53877a477ed4f9809b825b82a2241b3734076bc3 | |
| parent | 52eff8a5ba462b49737290c486c504a96c3d3e8a (diff) | |
KNF
| -rw-r--r-- | sbin/pfctl/parse.y | 249 |
1 files changed, 126 insertions, 123 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 99ce7ef3069..a067bd81249 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.250 2002/12/12 14:46:26 henning Exp $ */ +/* $OpenBSD: parse.y,v 1.251 2002/12/12 15:06:16 henning Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -487,7 +487,7 @@ varset : STRING PORTUNARY string { ; anchorrule : ANCHOR string dir interface af proto fromto { - struct pf_rule r; + struct pf_rule r; if (check_rulestate(PFCTL_STATE_FILTER)) YYERROR; @@ -554,7 +554,7 @@ anchorrule : ANCHOR string dir interface af proto fromto { scrubrule : SCRUB dir interface af fromto nodf minttl maxmss fragcache { - struct pf_rule r; + struct pf_rule r; if (check_rulestate(PFCTL_STATE_SCRUB)) YYERROR; @@ -588,9 +588,9 @@ scrubrule : SCRUB dir interface af fromto nodf minttl maxmss fragcache ; antispoof : ANTISPOOF logquick antispoof_ifspc af { - struct pf_rule r; - struct node_host *h = NULL; - struct node_if *i, *j; + struct pf_rule r; + struct node_host *h = NULL; + struct node_if *i, *j; if (check_rulestate(PFCTL_STATE_FILTER)) YYERROR; @@ -646,7 +646,7 @@ antispoof_iflst : if_item { $$ = $1; } ; altqif : ALTQ interface queue_opts QUEUE qassign { - struct pf_altq a; + struct pf_altq a; if (check_rulestate(PFCTL_STATE_QUEUE)) YYERROR; @@ -671,7 +671,7 @@ altqif : ALTQ interface queue_opts QUEUE qassign { ; queuespec : QUEUE STRING queue_opts qassign { - struct pf_altq a; + struct pf_altq a; if (check_rulestate(PFCTL_STATE_QUEUE)) YYERROR; @@ -772,8 +772,8 @@ queue_opt : bandwidth { ; bandwidth : BANDWIDTH STRING { - double bps; - char *cp; + double bps; + char *cp; $$.bw_percent = 0; @@ -878,9 +878,9 @@ qassign_item : STRING { pfrule : action dir logquick interface route af proto fromto filter_opts { - struct pf_rule r; - struct node_state_opt *o; - struct node_proto *proto; + struct pf_rule r; + struct node_state_opt *o; + struct node_proto *proto; if (check_rulestate(PFCTL_STATE_FILTER)) YYERROR; @@ -974,18 +974,20 @@ pfrule : action dir logquick interface route af proto fromto } if ($5.host->next != NULL) { if (r.rt_pool.opts == PF_POOL_NONE) - r.rt_pool.opts = PF_POOL_ROUNDROBIN; - if (r.rt_pool.opts != PF_POOL_ROUNDROBIN) { - yyerror("r.rt_pool.opts must be " - "PF_POOL_ROUNDROBIN"); + r.rt_pool.opts = + PF_POOL_ROUNDROBIN; + if (r.rt_pool.opts != + PF_POOL_ROUNDROBIN) { + yyerror("r.rt_pool.opts must " + "be PF_POOL_ROUNDROBIN"); YYERROR; } } } if ($9.label) { - if (strlcpy(r.label, $9.label, sizeof(r.label)) >= - PF_RULE_LABEL_SIZE) { + if (strlcpy(r.label, $9.label, + sizeof(r.label)) >= PF_RULE_LABEL_SIZE) { yyerror("rule label too long (max " "%d chars)", PF_RULE_LABEL_SIZE-1); YYERROR; @@ -994,8 +996,8 @@ pfrule : action dir logquick interface route af proto fromto } if ($9.qname) { - if (strlcpy(r.qname, $9.qname, sizeof(r.qname)) >= - PF_QNAME_SIZE) { + if (strlcpy(r.qname, $9.qname, + sizeof(r.qname)) >= PF_QNAME_SIZE) { yyerror("rule qname too long (max " "%d chars)", PF_QNAME_SIZE-1); YYERROR; @@ -1188,7 +1190,7 @@ if_item_not : '!' if_item { $$ = $2; $$->not = 1; } | if_item { $$ = $1; } if_item : STRING { - struct node_host *n; + struct node_host *n; if ((n = ifa_exists($1)) == NULL) { yyerror("unknown interface %s", $1); @@ -1301,7 +1303,7 @@ host_list : xhost { $$ = $1; } ; xhost : '!' host { - struct node_host *n; + struct node_host *n; for (n = $2; n != NULL; n = n->next) n->not = 1; @@ -1323,7 +1325,7 @@ host : address ; number : STRING { - u_long ulval; + u_long ulval; if (atoul($1, &ulval) == -1) { yyerror("%s is not a number", $1); @@ -1393,8 +1395,8 @@ port_item : port { ; port : STRING { - struct servent *s = NULL; - u_long ulval; + struct servent *s = NULL; + u_long ulval; if (atoul($1, &ulval) == 0) { if (ulval > 65535) { @@ -1468,7 +1470,7 @@ uid_item : uid { ; uid : STRING { - u_long ulval; + u_long ulval; if (atoul($1, &ulval) == -1) { if (!strcmp($1, "unknown")) @@ -1545,7 +1547,7 @@ gid_item : gid { ; gid : STRING { - u_long ulval; + u_long ulval; if (atoul($1, &ulval) == -1) { if (!strcmp($1, "unknown")) @@ -1570,7 +1572,7 @@ gid : STRING { ; flag : STRING { - int f; + int f; if ((f = parse_flags($1)) < 0) { yyerror("bad flags %s", $1); @@ -1580,8 +1582,8 @@ flag : STRING { } ; -flags : FLAGS flag '/' flag { $$.b1 = $2.b1; $$.b2 = $4.b1; } - | FLAGS '/' flag { $$.b1 = 0; $$.b2 = $3.b1; } +flags : FLAGS flag '/' flag { $$.b1 = $2.b1; $$.b2 = $4.b1; } + | FLAGS '/' flag { $$.b1 = 0; $$.b2 = $3.b1; } ; icmpspec : ICMPTYPE icmp_item { $$ = $2; } @@ -1617,8 +1619,8 @@ icmp_item : icmptype { $$->tail = $$; } | icmptype CODE STRING { - const struct icmpcodeent *p; - u_long ulval; + const struct icmpcodeent *p; + u_long ulval; if (atoul($3, &ulval) == 0) { if (ulval > 255) { @@ -1655,8 +1657,8 @@ icmp6_item : icmp6type { $$->tail = $$; } | icmp6type CODE STRING { - const struct icmpcodeent *p; - u_long ulval; + const struct icmpcodeent *p; + u_long ulval; if (atoul($3, &ulval) == 0) { if (ulval > 255) { @@ -1683,8 +1685,8 @@ icmp6_item : icmp6type { ; icmptype : STRING { - const struct icmptypeent *p; - u_long ulval; + const struct icmptypeent *p; + u_long ulval; if (atoul($1, &ulval) == 0) { if (ulval > 255) { @@ -1703,8 +1705,8 @@ icmptype : STRING { ; icmp6type : STRING { - const struct icmptypeent *p; - u_long ulval; + const struct icmptypeent *p; + u_long ulval; if (atoul($1, &ulval) == 0) { if (ulval > 255) { @@ -1776,7 +1778,7 @@ state_opt_item : MAXIMUM number { $$->tail = $$; } | STRING number { - int i; + int i; for (i = 0; pf_timeouts[i].name && strcmp(pf_timeouts[i].name, $1); ++i) @@ -1842,7 +1844,7 @@ no : /* empty */ { $$ = 0; } ; rport : STRING { - char *p = strchr($1, ':'); + char *p = strchr($1, ':'); if (p == NULL) { if (($$.a = getservice($1)) == -1) @@ -1974,7 +1976,7 @@ redirection : /* empty */ { $$ = NULL; } natrule : no NAT interface af proto fromto redirpool pooltype staticport { - struct pf_nat nat; + struct pf_nat nat; if (check_rulestate(PFCTL_STATE_NAT)) YYERROR; @@ -2065,7 +2067,7 @@ natrule : no NAT interface af proto fromto redirpool pooltype staticport binatrule : no BINAT interface af proto FROM host TO ipspec redirection { - struct pf_binat binat; + struct pf_binat binat; if (check_rulestate(PFCTL_STATE_NAT)) YYERROR; @@ -2178,7 +2180,7 @@ binatrule : no BINAT interface af proto FROM host TO ipspec redirection rdrrule : no RDR interface af proto FROM ipspec TO ipspec dport redirpool pooltype { - struct pf_rdr rdr; + struct pf_rdr rdr; if (check_rulestate(PFCTL_STATE_NAT)) YYERROR; @@ -2280,7 +2282,7 @@ dport : /* empty */ { $$.a = $$.b = $$.t = 0; } | PORT STRING { - char *p = strchr($2, ':'); + char *p = strchr($2, ':'); if (p == NULL) { if (($$.a = getservice($2)) == -1) @@ -2418,10 +2420,10 @@ comma : ',' int yyerror(char *fmt, ...) { - va_list ap; - extern char *infile; - errors = 1; + va_list ap; + extern char *infile; + errors = 1; va_start(ap, fmt); fprintf(stderr, "%s:%d: ", infile, yylval.lineno); vfprintf(stderr, fmt, ap); @@ -2433,7 +2435,7 @@ yyerror(char *fmt, ...) int rule_consistent(struct pf_rule *r) { - int problems = 0; + int problems = 0; if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP && (r->src.port_op || r->dst.port_op)) { @@ -2487,8 +2489,8 @@ rule_consistent(struct pf_rule *r) int nat_consistent(struct pf_nat *r) { - int problems = 0; - struct pf_pooladdr *pa; + int problems = 0; + struct pf_pooladdr *pa; if (!r->af) { TAILQ_FOREACH(pa, &r->rpool.list, entries) { @@ -2506,8 +2508,8 @@ nat_consistent(struct pf_nat *r) int rdr_consistent(struct pf_rdr *r) { - int problems = 0; - struct pf_pooladdr *pa; + int problems = 0; + struct pf_pooladdr *pa; if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP && (r->dport || r->dport2 || r->rport)) { @@ -2535,7 +2537,7 @@ rdr_consistent(struct pf_rdr *r) struct keywords { const char *k_name; - int k_val; + int k_val; }; /* macro gore, but you should've seen the prior indentation nightmare... */ @@ -2571,8 +2573,8 @@ struct keywords { void expand_label_if(const char *name, char *label, const char *ifname) { - char tmp[PF_RULE_LABEL_SIZE]; - char *p; + char tmp[PF_RULE_LABEL_SIZE]; + char *p; while ((p = strstr(label, name)) != NULL) { tmp[0] = 0; @@ -2590,8 +2592,8 @@ void expand_label_addr(const char *name, char *label, sa_family_t af, struct node_host *h) { - char tmp[PF_RULE_LABEL_SIZE]; - char *p; + char tmp[PF_RULE_LABEL_SIZE]; + char *p; while ((p = strstr(label, name)) != NULL) { tmp[0] = 0; @@ -2631,9 +2633,9 @@ expand_label_addr(const char *name, char *label, sa_family_t af, void expand_label_port(const char *name, char *label, struct node_port *port) { - char tmp[PF_RULE_LABEL_SIZE]; - char *p; - char a1[6], a2[6], op[13]; + char tmp[PF_RULE_LABEL_SIZE]; + char *p; + char a1[6], a2[6], op[13]; while ((p = strstr(label, name)) != NULL) { tmp[0] = 0; @@ -2669,9 +2671,9 @@ expand_label_port(const char *name, char *label, struct node_port *port) void expand_label_proto(const char *name, char *label, u_int8_t proto) { - char tmp[PF_RULE_LABEL_SIZE]; - char *p; - struct protoent *pe; + char tmp[PF_RULE_LABEL_SIZE]; + char *p; + struct protoent *pe; while ((p = strstr(label, name)) != NULL) { tmp[0] = 0; @@ -2690,8 +2692,8 @@ expand_label_proto(const char *name, char *label, u_int8_t proto) void expand_label_nr(const char *name, char *label) { - char tmp[PF_RULE_LABEL_SIZE]; - char *p; + char tmp[PF_RULE_LABEL_SIZE]; + char *p; while ((p = strstr(label, name)) != NULL) { tmp[0] = 0; @@ -2722,10 +2724,10 @@ int expand_altq(struct pf_altq *a, struct node_if *interfaces, struct node_queue *nqueues, struct node_queue_bw bwspec) { - struct pf_altq pa, pb; - char qname[PF_QNAME_SIZE]; - struct node_queue *n; - int errs = 0; + struct pf_altq pa, pb; + char qname[PF_QNAME_SIZE]; + struct node_queue *n; + int errs = 0; LOOP_THROUGH(struct node_if, interface, interfaces, memcpy(&pa, a, sizeof(struct pf_altq)); @@ -2799,9 +2801,9 @@ int expand_queue(struct pf_altq *a, struct node_queue *nqueues, struct node_queue_bw bwspec) { - struct node_queue *n; - u_int8_t added = 0; - u_int8_t found = 0; + struct node_queue *n; + u_int8_t added = 0; + u_int8_t found = 0; LOOP_THROUGH(struct node_queue, tqueue, queues, if (!strncmp(a->qname, tqueue->queue, PF_QNAME_SIZE)) { @@ -2863,13 +2865,13 @@ expand_rule(struct pf_rule *r, struct node_port *dst_ports, struct node_uid *uids, struct node_gid *gids, struct node_icmp *icmp_types) { - sa_family_t af = r->af; - int added = 0, error = 0; - char ifname[IF_NAMESIZE]; - char label[PF_RULE_LABEL_SIZE]; - struct pf_pooladdr *pa; - struct node_host *h; - u_int8_t flags, flagset; + sa_family_t af = r->af; + int added = 0, error = 0; + char ifname[IF_NAMESIZE]; + char label[PF_RULE_LABEL_SIZE]; + struct pf_pooladdr *pa; + struct node_host *h; + u_int8_t flags, flagset; strlcpy(label, r->label, sizeof(label)); flags = r->flags; @@ -2996,11 +2998,11 @@ expand_nat(struct pf_nat *n, struct node_host *dst_hosts, struct node_port *dst_ports, struct node_host *rpool_hosts) { - char ifname[IF_NAMESIZE]; - struct pf_pooladdr *pa; - struct node_host *h; - sa_family_t af = n->af; - int added = 0, error = 0; + char ifname[IF_NAMESIZE]; + struct pf_pooladdr *pa; + struct node_host *h; + sa_family_t af = n->af; + int added = 0, error = 0; LOOP_THROUGH(struct node_if, interface, interfaces, LOOP_THROUGH(struct node_proto, proto, protos, @@ -3087,11 +3089,11 @@ expand_rdr(struct pf_rdr *r, struct node_if *interfaces, struct node_proto *protos, struct node_host *src_hosts, struct node_host *dst_hosts, struct node_host *rpool_hosts) { - sa_family_t af = r->af; - int added = 0, error = 0; - char ifname[IF_NAMESIZE]; - struct pf_pooladdr *pa; - struct node_host *h; + sa_family_t af = r->af; + int added = 0, error = 0; + char ifname[IF_NAMESIZE]; + struct pf_pooladdr *pa; + struct node_host *h; LOOP_THROUGH(struct node_if, interface, interfaces, LOOP_THROUGH(struct node_proto, proto, protos, @@ -3269,7 +3271,7 @@ lookup(char *s) { "user", USER}, { "yes", YES}, }; - const struct keywords *p; + const struct keywords *p; p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]), sizeof(keywords[0]), kw_cmp); @@ -3288,14 +3290,14 @@ lookup(char *s) #define MAXPUSHBACK 128 char *parsebuf; -int parseindex; -char pushback_buffer[MAXPUSHBACK]; -int pushback_index = 0; +int parseindex; +char pushback_buffer[MAXPUSHBACK]; +int pushback_index = 0; int lgetc(FILE *f) { - int c, next; + int c, next; if (parsebuf) { /* Read character from the parsebuffer instead of input. */ @@ -3353,7 +3355,7 @@ lungetc(int c) int findeol(void) { - int c; + int c; parsebuf = NULL; pushback_index = 0; @@ -3374,9 +3376,10 @@ findeol(void) int yylex(void) { - char buf[8096], *p, *val; - int endc, c, next; - int token; + char buf[8096]; + char *p, *val; + int endc, c, next; + int token; top: p = buf; @@ -3518,7 +3521,7 @@ top: int parse_rules(FILE *input, struct pfctl *xpf, int opts) { - struct sym *sym; + struct sym *sym; fin = input; pf = xpf; @@ -3540,8 +3543,8 @@ parse_rules(FILE *input, struct pfctl *xpf, int opts) void set_ipmask(struct node_host *h, u_int8_t b) { - struct pf_addr *m, *n; - int i, j = 0; + struct pf_addr *m, *n; + int i, j = 0; m = &h->addr.mask; @@ -3570,7 +3573,7 @@ set_ipmask(struct node_host *h, u_int8_t b) int symset(const char *nam, const char *val) { - struct sym *sym; + struct sym *sym; sym = calloc(1, sizeof(*sym)); if (sym == NULL) @@ -3595,7 +3598,7 @@ symset(const char *nam, const char *val) char * symget(const char *nam) { - struct sym *sym; + struct sym *sym; for (sym = symhead; sym; sym = sym->next) if (strcmp(nam, sym->nam) == 0) { @@ -3612,8 +3615,8 @@ struct node_host *iftab; void ifa_load(void) { - struct ifaddrs *ifap, *ifa; - struct node_host *n = NULL, *h = NULL; + struct ifaddrs *ifap, *ifa; + struct node_host *n = NULL, *h = NULL; if (getifaddrs(&ifap) < 0) err(1, "getifaddrs"); @@ -3688,7 +3691,7 @@ ifa_load(void) struct node_host * ifa_exists(char *ifa_name) { - struct node_host *n; + struct node_host *n; if (iftab == NULL) ifa_load(); @@ -3703,8 +3706,8 @@ ifa_exists(char *ifa_name) struct node_host * ifa_lookup(char *ifa_name, enum pfctl_iflookup_mode mode) { - struct node_host *p = NULL, *h = NULL, *n = NULL; - int return_all = 0; + struct node_host *p = NULL, *h = NULL, *n = NULL; + int return_all = 0; if (!strncmp(ifa_name, "self", IFNAMSIZ)) return_all = 1; @@ -3764,7 +3767,7 @@ ifa_lookup(char *ifa_name, enum pfctl_iflookup_mode mode) void decide_address_family(struct node_host *n, sa_family_t *af) { - sa_family_t target_af = 0; + sa_family_t target_af = 0; while (!*af && n != NULL) { if (n->af) { @@ -3782,7 +3785,7 @@ decide_address_family(struct node_host *n, sa_family_t *af) void remove_invalid_hosts(struct node_host **nh, sa_family_t *af) { - struct node_host *n = *nh, *prev = NULL; + struct node_host *n = *nh, *prev = NULL; while (n != NULL) { if (*af && n->af && n->af != *af) { @@ -3821,11 +3824,11 @@ remove_invalid_hosts(struct node_host **nh, sa_family_t *af) struct node_host * host(char *s, int mask) { - struct node_host *h = NULL, *n; - struct in_addr ina; - struct addrinfo hints, *res0, *res; - int bits, error, v4mask, v6mask; - char *buf = NULL; + struct node_host *h = NULL, *n; + struct in_addr ina; + struct addrinfo hints, *res0, *res; + int bits, error, v4mask, v6mask; + char *buf = NULL; if (ifa_exists(s) || !strncmp(s, "self", IFNAMSIZ)) { /* interface with this name exists */ @@ -3940,8 +3943,8 @@ host(char *s, int mask) int atoul(char *s, u_long *ulvalp) { - u_long ulval; - char *ep; + u_long ulval; + char *ep; errno = 0; ulval = strtoul(s, &ep, 0); @@ -3956,8 +3959,8 @@ atoul(char *s, u_long *ulvalp) int getservice(char *n) { - struct servent *s; - u_long ulval; + struct servent *s; + u_long ulval; if (atoul(n, &ulval) == 0) { if (ulval > 65535) { @@ -3980,9 +3983,9 @@ getservice(char *n) u_int16_t parseicmpspec(char *w, sa_family_t af) { - const struct icmpcodeent *p; - u_long ulval; - u_int8_t icmptype; + const struct icmpcodeent *p; + u_long ulval; + u_int8_t icmptype; if (af == AF_INET) icmptype = returnicmpdefault >> 8; |