diff options
| author | brian <brian@cvs.openbsd.org> | 1999-06-23 16:49:05 +0000 |
|---|---|---|
| committer | brian <brian@cvs.openbsd.org> | 1999-06-23 16:49:05 +0000 |
| commit | b244ab165683014b7e2a1059e5103ca72e7d3270 (patch) | |
| tree | 0bb2aec626a8b2e69bcdf138df6085c43976de83 | |
| parent | d365e2fb7b4cb73f6b3bed771977dbf6f5f91f8c (diff) | |
Support `igmp' filters.
Mostly submitted by: Timo Geusch <freebsd@sleepycat.ukpeople.net>
| -rw-r--r-- | usr.sbin/ppp/ppp/command.c | 8 | ||||
| -rw-r--r-- | usr.sbin/ppp/ppp/filter.c | 19 | ||||
| -rw-r--r-- | usr.sbin/ppp/ppp/filter.h | 3 | ||||
| -rw-r--r-- | usr.sbin/ppp/ppp/ip.c | 8 | ||||
| -rw-r--r-- | usr.sbin/ppp/ppp/ppp.8 | 5 |
5 files changed, 32 insertions, 11 deletions
diff --git a/usr.sbin/ppp/ppp/command.c b/usr.sbin/ppp/ppp/command.c index 01dca786260..e5ad05a325f 100644 --- a/usr.sbin/ppp/ppp/command.c +++ b/usr.sbin/ppp/ppp/command.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: command.c,v 1.29 1999/06/10 09:34:42 brian Exp $ + * $Id: command.c,v 1.30 1999/06/23 16:49:03 brian Exp $ * */ #include <sys/param.h> @@ -144,7 +144,7 @@ #define NEG_VJCOMP 53 const char Version[] = "2.22"; -const char VersionDate[] = "$Date: 1999/06/10 09:34:42 $"; +const char VersionDate[] = "$Date: 1999/06/23 16:49:03 $"; static int ShowCommand(struct cmdargs const *); static int TerminalCommand(struct cmdargs const *); @@ -1814,8 +1814,8 @@ static struct cmdtab const SetCommands[] = { "escape characters", "set escape hex-digit ..."}, {"filter", NULL, filter_Set, LOCAL_AUTH, "packet filters", "set filter alive|dial|in|out rule-no permit|deny " - "[src_addr[/width]] [dst_addr[/width]] [tcp|udp|icmp [src [lt|eq|gt port]] " - "[dst [lt|eq|gt port]] [estab] [syn] [finrst]]"}, + "[src_addr[/width]] [dst_addr[/width]] [tcp|udp|icmp|igmp " + "[src [lt|eq|gt port]] [dst [lt|eq|gt port]] [estab] [syn] [finrst]]"}, {"hangup", NULL, SetVariable, LOCAL_AUTH | LOCAL_CX, "hangup script", "set hangup chat-script", (const void *) VAR_HANGUP}, {"ifaddr", NULL, SetInterfaceAddr, LOCAL_AUTH, "destination address", diff --git a/usr.sbin/ppp/ppp/filter.c b/usr.sbin/ppp/ppp/filter.c index 491e62783cc..19868a8776f 100644 --- a/usr.sbin/ppp/ppp/filter.c +++ b/usr.sbin/ppp/ppp/filter.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: filter.c,v 1.5 1999/05/31 23:57:36 brian Exp $ + * $Id: filter.c,v 1.6 1999/06/23 16:49:03 brian Exp $ * * TODO: Shoud send ICMP error message when we discard packets. */ @@ -261,6 +261,18 @@ ParseUdpOrTcp(int argc, char const *const *argv, int proto, return 1; } +static int ParseIgmp(int argc, char const * const *argv, struct filterent *tgt) { + /* Filter currently is a catch-all. Requests are either permitted or + dropped. */ + if (argc != 0) { + log_Printf(LogWARN, "ParseIgmp: Too many parameters\n"); + return 0; + } else + tgt->opt.srcop = OP_NONE; + + return 1; +} + static unsigned addrtype(const char *addr) { @@ -396,6 +408,9 @@ Parse(struct ipcp *ipcp, int argc, char const *const *argv, case P_ICMP: val = ParseIcmp(argc, argv, &filterdata); break; + case P_IGMP: + val = ParseIgmp(argc, argv, &filterdata); + break; } log_Printf(LogDEBUG, "Parse: Src: %s\n", inet_ntoa(filterdata.src.ipaddr)); @@ -529,7 +544,7 @@ filter_Show(struct cmdargs const *arg) return 0; } -static const char *protoname[] = { "none", "tcp", "udp", "icmp" }; +static const char *protoname[] = { "none", "tcp", "udp", "icmp", "igmp" }; const char * filter_Proto2Nam(int proto) diff --git a/usr.sbin/ppp/ppp/filter.h b/usr.sbin/ppp/ppp/filter.h index 334170e22c3..5d4159594aa 100644 --- a/usr.sbin/ppp/ppp/filter.h +++ b/usr.sbin/ppp/ppp/filter.h @@ -15,7 +15,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: filter.h,v 1.4 1999/05/31 23:57:37 brian Exp $ + * $Id: filter.h,v 1.5 1999/06/23 16:49:03 brian Exp $ * * TODO: */ @@ -33,6 +33,7 @@ #define P_TCP 1 #define P_UDP 2 #define P_ICMP 3 +#define P_IGMP 4 /* Operations */ #define OP_NONE 0 diff --git a/usr.sbin/ppp/ppp/ip.c b/usr.sbin/ppp/ppp/ip.c index bc0cf77229b..53c73df90a4 100644 --- a/usr.sbin/ppp/ppp/ip.c +++ b/usr.sbin/ppp/ppp/ip.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: ip.c,v 1.12 1999/06/02 15:58:40 brian Exp $ + * $Id: ip.c,v 1.13 1999/06/23 16:49:04 brian Exp $ * * TODO: * o Return ICMP message for filterd packet @@ -139,8 +139,12 @@ FilterCheck(struct ip *pip, struct filter *filter) if (log_IsKept(LogDEBUG)) snprintf(dbuff, sizeof dbuff, "sport = %d", sport); break; - case IPPROTO_UDP: case IPPROTO_IGMP: + cproto = P_IGMP; + estab = syn = finrst = -1; + sport = ntohs(0); + break; + case IPPROTO_UDP: case IPPROTO_IPIP: cproto = P_UDP; uh = (struct udphdr *) ptop; diff --git a/usr.sbin/ppp/ppp/ppp.8 b/usr.sbin/ppp/ppp/ppp.8 index e133900e47c..0446ff62c91 100644 --- a/usr.sbin/ppp/ppp/ppp.8 +++ b/usr.sbin/ppp/ppp/ppp.8 @@ -1,4 +1,4 @@ -.\" $Id: ppp.8,v 1.52 1999/06/14 10:14:19 brian Exp $ +.\" $Id: ppp.8,v 1.53 1999/06/23 16:49:04 brian Exp $ .Dd 20 September 1995 .nr XX \w'\fC00' .Os @@ -1465,6 +1465,7 @@ command below. .Ar Proto must be one of .Sq icmp , +.Sq igmp , .Sq udp or .Sq tcp . @@ -3830,7 +3831,7 @@ as they travel across the link. .No permit|deny .Oo Ar src_addr Ns Op / Ns Ar width .Op Ar dst_addr Ns Op / Ns Ar width -.Oc Oo tcp|udp|icmp Op src lt|eq|gt Ar port +.Oc Oo tcp|udp|igmp|icmp Op src lt|eq|gt Ar port .Op dst lt|eq|gt Ar port .Op estab .Op syn |