diff options
| author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2007-08-30 09:28:50 +0000 |
|---|---|---|
| committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2007-08-30 09:28:50 +0000 |
| commit | eab5da4ad50973492e4006b90a121d5e0700a56b (patch) | |
| tree | 329a79f665779d7d104f88c1066caab489cc3df9 /sys/net/pfvar.h | |
| parent | 73bc0ba623ce24190c9095c492a035142c0a5bc6 (diff) | |
add support for address ranges ("from 10.1.2.50 - 10.1.3.75") in from/to
criteria. ok mcbride@
Diffstat (limited to 'sys/net/pfvar.h')
| -rw-r--r-- | sys/net/pfvar.h | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 1cea3385e15..db7175c0846 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.254 2007/07/13 09:17:48 markus Exp $ */ +/* $OpenBSD: pfvar.h,v 1.255 2007/08/30 09:28:48 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -112,7 +112,8 @@ enum { PF_LIMIT_STATES, PF_LIMIT_SRC_NODES, PF_LIMIT_FRAGS, enum { PF_POOL_NONE, PF_POOL_BITMASK, PF_POOL_RANDOM, PF_POOL_SRCHASH, PF_POOL_ROUNDROBIN }; enum { PF_ADDR_ADDRMASK, PF_ADDR_NOROUTE, PF_ADDR_DYNIFTL, - PF_ADDR_TABLE, PF_ADDR_RTLABEL, PF_ADDR_URPFFAILED }; + PF_ADDR_TABLE, PF_ADDR_RTLABEL, PF_ADDR_URPFFAILED, + PF_ADDR_RANGE }; #define PF_POOL_TYPEMASK 0x0f #define PF_POOL_STICKYADDR 0x20 #define PF_WSCALE_FLAG 0x80 @@ -329,6 +330,9 @@ struct pfi_dynaddr { !pfr_match_addr((aw)->p.tbl, (x), (af))) || \ ((aw)->type == PF_ADDR_DYNIFTL && \ !pfi_match_addr((aw)->p.dyn, (x), (af))) || \ + ((aw)->type == PF_ADDR_RANGE && \ + !pf_match_addr_range(&(aw)->v.a.addr, \ + &(aw)->v.a.mask, (x), (af))) || \ ((aw)->type == PF_ADDR_ADDRMASK && \ !PF_AZERO(&(aw)->v.a.mask, (af)) && \ !PF_MATCHA(0, &(aw)->v.a.addr, \ @@ -1612,6 +1616,8 @@ int pflog_packet(struct pfi_kif *, struct mbuf *, sa_family_t, u_int8_t, struct pf_pdesc *); int pf_match_addr(u_int8_t, struct pf_addr *, struct pf_addr *, struct pf_addr *, sa_family_t); +int pf_match_addr_range(struct pf_addr *, struct pf_addr *, + struct pf_addr *, sa_family_t); int pf_match(u_int8_t, u_int32_t, u_int32_t, u_int32_t); int pf_match_port(u_int8_t, u_int16_t, u_int16_t, u_int16_t); int pf_match_uid(u_int8_t, uid_t, uid_t, uid_t); |