diff options
| author | Can Erkin Acar <canacar@cvs.openbsd.org> | 2003-05-14 08:50:38 +0000 |
|---|---|---|
| committer | Can Erkin Acar <canacar@cvs.openbsd.org> | 2003-05-14 08:50:38 +0000 |
| commit | 7776f84fd3b0bc8897c89b7c525c6125fc067a1b (patch) | |
| tree | 1f7ffaaf9c33ca2967e278d23a0bcdb3e4888160 /lib | |
| parent | ba0ae9ac18af661d67199b18276c8e19de2a1588 (diff) | |
libpcap and tcpdump now understand the new pflog datalink type.
old datalink type is still recognized.
ok henning@ dhartmei@ frantzen@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libpcap/gencode.c | 119 | ||||
| -rw-r--r-- | lib/libpcap/gencode.h | 6 | ||||
| -rw-r--r-- | lib/libpcap/grammar.y | 8 | ||||
| -rw-r--r-- | lib/libpcap/scanner.l | 6 |
4 files changed, 113 insertions, 26 deletions
diff --git a/lib/libpcap/gencode.c b/lib/libpcap/gencode.c index 88c20bd582e..db36a64e072 100644 --- a/lib/libpcap/gencode.c +++ b/lib/libpcap/gencode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gencode.c,v 1.18 2002/11/29 18:27:54 mickey Exp $ */ +/* $OpenBSD: gencode.c,v 1.19 2003/05/14 08:50:37 canacar Exp $ */ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998 @@ -22,7 +22,7 @@ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: /cvs/OpenBSD/src/lib/libpcap/gencode.c,v 1.18 2002/11/29 18:27:54 mickey Exp $ (LBL)"; + "@(#) $Header: /cvs/OpenBSD/src/lib/libpcap/gencode.c,v 1.19 2003/05/14 08:50:37 canacar Exp $ (LBL)"; #endif #include <sys/types.h> @@ -620,11 +620,17 @@ init_linktype(type) off_nl = 12; return; - case DLT_PFLOG: + case DLT_OLD_PFLOG: off_linktype = 0; off_nl = 28; return; + case DLT_PFLOG: + off_linktype = 0; + /* XXX read from header? */ + off_nl = PFLOG_HDRLEN; + return; + case DLT_PFSYNC: off_linktype = -1; off_nl = 4; @@ -740,7 +746,7 @@ gen_linktype(proto) else return gen_false(); break; - case DLT_PFLOG: + case DLT_OLD_PFLOG: if (proto == ETHERTYPE_IP) return (gen_cmp(0, BPF_W, (bpf_int32)AF_INET)); #ifdef INET6 @@ -750,6 +756,20 @@ gen_linktype(proto) else return gen_false(); break; + + case DLT_PFLOG: + if (proto == ETHERTYPE_IP) + return (gen_cmp(offsetof(struct pfloghdr, af), BPF_B, + (bpf_int32)AF_INET)); +#ifdef INET6 + else if (proto == ETHERTYPE_IPV6) + return (gen_cmp(offsetof(struct pfloghdr, af), BPF_B, + (bpf_int32)AF_INET6)); +#endif /* INET6 */ + else + return gen_false(); + break; + case DLT_ARCNET: /* * XXX should we check for first fragment if the protocol @@ -2903,7 +2923,12 @@ gen_inbound(dir) break; case DLT_PFLOG: - b0 = gen_cmp(offsetof(struct pfloghdr, dir), BPF_H, + b0 = gen_cmp(offsetof(struct pfloghdr, dir), BPF_B, + (bpf_int32)((dir == 0) ? PF_IN : PF_OUT)); + break; + + case DLT_OLD_PFLOG: + b0 = gen_cmp(offsetof(struct old_pfloghdr, dir), BPF_H, (bpf_int32)((dir == 0) ? PF_IN : PF_OUT)); break; @@ -2922,19 +2947,45 @@ struct block * gen_pf_ifname(char *ifname) { struct block *b0; - - if (linktype != DLT_PFLOG) { + u_int len, off; + + if (linktype == DLT_PFLOG) { + len = sizeof(((struct pfloghdr *)0)->ifname); + off = offsetof(struct pfloghdr, ifname); + } else if (linktype == DLT_OLD_PFLOG) { + len = sizeof(((struct old_pfloghdr *)0)->ifname); + off = offsetof(struct old_pfloghdr, ifname); + } else { bpf_error("ifname not supported on linktype 0x%x\n", linktype); /* NOTREACHED */ } - if (strlen(ifname) >= sizeof(((struct pfloghdr *)0)->ifname)) { + if (strlen(ifname) >= len) { bpf_error("ifname interface names can only be %d characters\n", - sizeof(((struct pfloghdr *)0)->ifname) - 1); + len - 1); + /* NOTREACHED */ + } + b0 = gen_bcmp(off, strlen(ifname), ifname); + return (b0); +} + +/* PF firewall log matched interface */ +struct block * +gen_pf_ruleset(char *ruleset) +{ + struct block *b0; + + if (linktype != DLT_PFLOG) { + bpf_error("ruleset not supported on linktype 0x%x\n", linktype); /* NOTREACHED */ } - b0 = gen_bcmp(offsetof(struct pfloghdr, ifname), strlen(ifname), - ifname); + if (strlen(ruleset) >= sizeof(((struct pfloghdr *)0)->ruleset)) { + bpf_error("ruleset names can only be %d characters\n", + sizeof(((struct pfloghdr *)0)->ruleset) - 1); + /* NOTREACHED */ + } + b0 = gen_bcmp(offsetof(struct pfloghdr, ruleset), + strlen(ruleset), ruleset); return (b0); } @@ -2945,12 +2996,34 @@ gen_pf_rnr(int rnr) { struct block *b0; - if (linktype != DLT_PFLOG) { + if (linktype == DLT_PFLOG) { + b0 = gen_cmp(offsetof(struct pfloghdr, rulenr), BPF_W, + (bpf_int32)rnr); + } else if (linktype == DLT_OLD_PFLOG) { + b0 = gen_cmp(offsetof(struct old_pfloghdr, rnr), BPF_H, + (bpf_int32)rnr); + } else { bpf_error("rnr not supported on linktype 0x%x\n", linktype); /* NOTREACHED */ } - b0 = gen_cmp(offsetof(struct pfloghdr, rnr), BPF_H, (bpf_int32)rnr); + return (b0); +} + + +/* PF firewall log sub-rule number */ +struct block * +gen_pf_srnr(int srnr) +{ + struct block *b0; + + if (linktype != DLT_PFLOG) { + bpf_error("srnr not supported on linktype 0x%x\n", linktype); + /* NOTREACHED */ + } + + b0 = gen_cmp(offsetof(struct pfloghdr, subrulenr), BPF_W, + (bpf_int32)srnr); return (b0); } @@ -2960,13 +3033,17 @@ gen_pf_reason(int reason) { struct block *b0; - if (linktype != DLT_PFLOG) { + if (linktype == DLT_PFLOG) { + b0 = gen_cmp(offsetof(struct pfloghdr, reason), BPF_B, + (bpf_int32)reason); + } else if (linktype == DLT_OLD_PFLOG) { + b0 = gen_cmp(offsetof(struct old_pfloghdr, reason), BPF_H, + (bpf_int32)reason); + } else { bpf_error("reason not supported on linktype 0x%x\n", linktype); /* NOTREACHED */ } - b0 = gen_cmp(offsetof(struct pfloghdr, reason), BPF_H, - (bpf_int32)reason); return (b0); } @@ -2976,13 +3053,17 @@ gen_pf_action(int action) { struct block *b0; - if (linktype != DLT_PFLOG) { + if (linktype == DLT_PFLOG) { + b0 = gen_cmp(offsetof(struct pfloghdr, action), BPF_B, + (bpf_int32)action); + } else if (linktype == DLT_OLD_PFLOG) { + b0 = gen_cmp(offsetof(struct old_pfloghdr, action), BPF_H, + (bpf_int32)action); + } else { bpf_error("action not supported on linktype 0x%x\n", linktype); /* NOTREACHED */ } - b0 = gen_cmp(offsetof(struct pfloghdr, action), BPF_H, - (bpf_int32)action); return (b0); } diff --git a/lib/libpcap/gencode.h b/lib/libpcap/gencode.h index 53a075e9faa..487ae35ad3e 100644 --- a/lib/libpcap/gencode.h +++ b/lib/libpcap/gencode.h @@ -1,4 +1,4 @@ -/* $OpenBSD: gencode.h,v 1.10 2002/03/23 01:33:16 frantzen Exp $ */ +/* $OpenBSD: gencode.h,v 1.11 2003/05/14 08:50:37 canacar Exp $ */ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996 @@ -20,7 +20,7 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Header: /cvs/OpenBSD/src/lib/libpcap/gencode.h,v 1.10 2002/03/23 01:33:16 frantzen Exp $ (LBL) + * @(#) $Header: /cvs/OpenBSD/src/lib/libpcap/gencode.h,v 1.11 2003/05/14 08:50:37 canacar Exp $ (LBL) */ /* Address qualifiers. */ @@ -178,6 +178,8 @@ struct block *gen_inbound(int); struct block *gen_pf_ifname(char *); struct block *gen_pf_rnr(int); +struct block *gen_pf_srnr(int); +struct block *gen_pf_ruleset(char *); struct block *gen_pf_reason(int); struct block *gen_pf_action(int); struct block *gen_pf_dir(int); diff --git a/lib/libpcap/grammar.y b/lib/libpcap/grammar.y index a038822c26f..6de982046b7 100644 --- a/lib/libpcap/grammar.y +++ b/lib/libpcap/grammar.y @@ -1,5 +1,5 @@ %{ -/* $OpenBSD: grammar.y,v 1.10 2002/03/23 01:33:16 frantzen Exp $ */ +/* $OpenBSD: grammar.y,v 1.11 2003/05/14 08:50:37 canacar Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996 @@ -24,7 +24,7 @@ */ #ifndef lint static const char rcsid[] = - "@(#) $Header: /cvs/OpenBSD/src/lib/libpcap/grammar.y,v 1.10 2002/03/23 01:33:16 frantzen Exp $ (LBL)"; + "@(#) $Header: /cvs/OpenBSD/src/lib/libpcap/grammar.y,v 1.11 2003/05/14 08:50:37 canacar Exp $ (LBL)"; #endif #include <sys/types.h> @@ -108,7 +108,7 @@ pcap_parse() %token ATALK DECNET LAT SCA MOPRC MOPDL %token TK_BROADCAST TK_MULTICAST %token NUM INBOUND OUTBOUND -%token PF_IFNAME PF_RNR PF_REASON PF_ACTION +%token PF_IFNAME PF_RSET PF_RNR PF_SRNR PF_REASON PF_ACTION %token LINK %token GEQ LEQ NEQ %token ID EID HID HID6 @@ -274,7 +274,9 @@ other: pqual TK_BROADCAST { $$ = gen_broadcast($1); } ; pfvar: PF_IFNAME ID { $$ = gen_pf_ifname($2); } + | PF_RSET ID { $$ = gen_pf_ruleset($2); } | PF_RNR NUM { $$ = gen_pf_rnr($2); } + | PF_SRNR NUM { $$ = gen_pf_srnr($2); } | PF_REASON reason { $$ = gen_pf_reason($2); } | PF_ACTION action { $$ = gen_pf_action($2); } ; diff --git a/lib/libpcap/scanner.l b/lib/libpcap/scanner.l index eb253906a21..6273c7a97e9 100644 --- a/lib/libpcap/scanner.l +++ b/lib/libpcap/scanner.l @@ -1,5 +1,5 @@ %{ -/* $OpenBSD: scanner.l,v 1.13 2002/08/26 22:43:53 deraadt Exp $ */ +/* $OpenBSD: scanner.l,v 1.14 2003/05/14 08:50:37 canacar Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 @@ -24,7 +24,7 @@ #ifndef lint static const char rcsid[] = - "@(#) $Header: /cvs/OpenBSD/src/lib/libpcap/scanner.l,v 1.13 2002/08/26 22:43:53 deraadt Exp $ (LBL)"; + "@(#) $Header: /cvs/OpenBSD/src/lib/libpcap/scanner.l,v 1.14 2003/05/14 08:50:37 canacar Exp $ (LBL)"; #endif #include <sys/types.h> @@ -227,7 +227,9 @@ inbound return INBOUND; outbound return OUTBOUND; on|ifname return PF_IFNAME; +rset|ruleset return PF_RSET; rnr|rulenum return PF_RNR; +srnr|subrulenum return PF_SRNR; reason return PF_REASON; action return PF_ACTION; |