diff options
Diffstat (limited to 'sbin/pfctl')
| -rw-r--r-- | sbin/pfctl/parse.y | 40 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl.c | 12 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl.h | 4 |
3 files changed, 47 insertions, 9 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index c7395aa41bf..3fa192c528b 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.312 2003/02/09 15:04:04 henning Exp $ */ +/* $OpenBSD: parse.y,v 1.313 2003/02/11 20:11:36 henning Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -258,12 +258,13 @@ int getservice(char *); struct sym { struct sym *next; int used; + int persist; char *nam; char *val; }; struct sym *symhead = NULL; -int symset(const char *, const char *); +int symset(const char *, const char *, int); char *symget(const char *); void decide_address_family(struct node_host *, sa_family_t *); @@ -483,7 +484,7 @@ string : string STRING { varset : STRING PORTUNARY string { if (pf->opts & PF_OPT_VERBOSE) printf("%s = \"%s\"\n", $1, $3); - if (symset($1, $3) == -1) + if (symset($1, $3, 0) == -1) err(1, "cannot store variable %s", $1); } ; @@ -3947,11 +3948,19 @@ parse_rules(FILE *input, struct pfctl *xpf) * we wait until they discover this ugliness and make it all fancy. */ int -symset(const char *nam, const char *val) +symset(const char *nam, const char *val, int persist) { struct sym *sym; - sym = calloc(1, sizeof(*sym)); + for (sym = symhead; sym && strcmp(nam, sym->nam); sym = sym->next) + ; /* nothing */ + + if (sym == NULL) + sym = calloc(1, sizeof(*sym)); + else + if (sym->persist == 1) + return (0); + if (sym == NULL) return (-1); sym->nam = strdup(nam); @@ -3967,10 +3976,31 @@ symset(const char *nam, const char *val) } sym->next = symhead; sym->used = 0; + sym->persist = persist; symhead = sym; return (0); } +int +pfctl_cmdline_symset(char *optarg) +{ + char *sym, *val; + int ret; + + if ((val = strrchr(optarg, '=')) == NULL) + return (-1); + + if ((sym = malloc(strlen(optarg) - strlen(val) + 1)) == NULL) + err(1, "pfctl_cmdline_symset: malloc"); + + strlcpy(sym, optarg, strlen(optarg) - strlen(val) + 1); + + ret = symset(sym, val + 1, 1); + free(sym); + + return (ret); +} + char * symget(const char *nam) { diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index 671a8301e41..f58b6c1af01 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.c,v 1.147 2003/02/05 11:18:45 cedric Exp $ */ +/* $OpenBSD: pfctl.c,v 1.148 2003/02/11 20:11:36 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -187,7 +187,8 @@ usage(void) fprintf(stderr, "usage: %s [-AdeqhnNrROvz] ", __progname); fprintf(stderr, "[-a anchor:ruleset] [-f file]\n"); fprintf(stderr, " "); - fprintf(stderr, "[-F modifier] [-k host] [-s modifier] [-x level]\n"); + fprintf(stderr, "[-F modifier] [-k host] [-s modifier] [-x level] " + "[-D macro=value ]\n"); fprintf(stderr, " "); fprintf(stderr, "[-t table [-T command [addresses]*]]\n"); exit(1); @@ -1247,7 +1248,7 @@ main(int argc, char *argv[]) if (argc < 2) usage(); - while ((ch = getopt(argc, argv, "a:Adeqf:F:hk:nNOrRs:t:T:vx:z")) != + while ((ch = getopt(argc, argv, "a:AdD:eqf:F:hk:nNOrRs:t:T:vx:z")) != -1) { switch (ch) { case 'a': @@ -1257,6 +1258,11 @@ main(int argc, char *argv[]) opts |= PF_OPT_DISABLE; mode = O_RDWR; break; + case 'D': + if (pfctl_cmdline_symset(optarg) < 0) + warnx("could not parse macro definition %s", + optarg); + break; case 'e': opts |= PF_OPT_ENABLE; mode = O_RDWR; diff --git a/sbin/pfctl/pfctl.h b/sbin/pfctl/pfctl.h index 4ad60ff3f07..5d780e4aa1e 100644 --- a/sbin/pfctl/pfctl.h +++ b/sbin/pfctl/pfctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.h,v 1.9 2003/01/24 11:11:17 henning Exp $ */ +/* $OpenBSD: pfctl.h,v 1.10 2003/02/11 20:11:36 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -94,4 +94,6 @@ void print_seq(struct pf_state_peer *); void print_state(struct pf_state *, int); int unmask(struct pf_addr *, sa_family_t); +int pfctl_cmdline_symset(char *); + #endif /* _PFCTL_H_ */ |