Date: Fri, 6 Jun 2008 18:11:11 GMT From: Gleb Kurtsou <gk@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 143044 for review Message-ID: <200806061811.m56IBB02072386@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=143044 Change 143044 by gk@gk_h1 on 2008/06/06 18:10:27 add ipfw options: src-mac & dst-mac Affected files ... .. //depot/projects/soc2008/gk_l2filter/sbin-ipfw/ipfw2.c#2 edit .. //depot/projects/soc2008/gk_l2filter/sys-netinet/ip_fw.h#3 edit .. //depot/projects/soc2008/gk_l2filter/sys-netinet/ip_fw2.c#3 edit Differences ... ==== //depot/projects/soc2008/gk_l2filter/sbin-ipfw/ipfw2.c#2 (text+ko) ==== @@ -295,6 +295,8 @@ TOK_TCPWIN, TOK_ICMPTYPES, TOK_MAC, + TOK_MAC_SRC, + TOK_MAC_DST, TOK_MACTYPE, TOK_VERREVPATH, TOK_VERSRCREACH, @@ -477,6 +479,8 @@ { "proto", TOK_PROTO }, { "MAC", TOK_MAC }, { "mac", TOK_MAC }, + { "src-mac", TOK_MAC_SRC }, + { "dst-mac", TOK_MAC_DST }, { "mac-type", TOK_MACTYPE }, { "verrevpath", TOK_VERREVPATH }, { "versrcreach", TOK_VERSRCREACH }, @@ -1810,12 +1814,28 @@ case O_MACADDR2: { ipfw_insn_mac *m = (ipfw_insn_mac *)cmd; - printf(" MAC"); + printf(" mac"); print_mac(m->addr, m->mask); print_mac(m->addr + 6, m->mask + 6); } break; + case O_MAC_SRC: { + ipfw_insn_mac *m = (ipfw_insn_mac *)cmd; + + printf(" src-mac"); + print_mac(m->addr + 6, m->mask + 6); + } + break; + + case O_MAC_DST: { + ipfw_insn_mac *m = (ipfw_insn_mac *)cmd; + + printf(" dst-mac"); + print_mac(m->addr, m->mask); + } + break; + case O_MAC_TYPE: print_newports((ipfw_insn_u16 *)cmd, IPPROTO_ETHERTYPE, cmd->opcode); @@ -4570,6 +4590,43 @@ } static ipfw_insn * +add_mac_src(ipfw_insn *cmd, int ac, char *av[]) +{ + ipfw_insn_mac *mac; + + if (ac < 1) + errx(EX_DATAERR, "src-mac src"); + + cmd->opcode = O_MAC_SRC; + cmd->len = (cmd->len & (F_NOT | F_OR)) | F_INSN_SIZE(ipfw_insn_mac); + + mac = (ipfw_insn_mac *)cmd; + bzero(mac->addr, ETHER_ADDR_LEN); + bzero(mac->mask, ETHER_ADDR_LEN); + get_mac_addr_mask(av[0], &(mac->addr[ETHER_ADDR_LEN]), + &(mac->mask[ETHER_ADDR_LEN])); /* src */ + return cmd; +} + +static ipfw_insn * +add_mac_dst(ipfw_insn *cmd, int ac, char *av[]) +{ + ipfw_insn_mac *mac; + + if (ac < 1) + errx(EX_DATAERR, "dst-mac dst"); + + cmd->opcode = O_MAC_DST; + cmd->len = (cmd->len & (F_NOT | F_OR)) | F_INSN_SIZE(ipfw_insn_mac); + + mac = (ipfw_insn_mac *)cmd; + bzero(mac->addr + ETHER_ADDR_LEN, ETHER_ADDR_LEN); + bzero(mac->mask + ETHER_ADDR_LEN, ETHER_ADDR_LEN); + get_mac_addr_mask(av[0], mac->addr, mac->mask); /* dst */ + return cmd; +} + +static ipfw_insn * add_mactype(ipfw_insn *cmd, int ac, char *av) { if (ac < 1) @@ -5590,6 +5647,18 @@ } break; + case TOK_MAC_SRC: + if (add_mac_src(cmd, ac, av)) { + ac--; av++; + } + break; + + case TOK_MAC_DST: + if (add_mac_dst(cmd, ac, av)) { + ac--; av++; + } + break; + case TOK_MACTYPE: NEED1("missing mac type"); if (!add_mactype(cmd, ac, *av)) ==== //depot/projects/soc2008/gk_l2filter/sys-netinet/ip_fw.h#3 (text+ko) ==== @@ -68,6 +68,8 @@ O_PROTO, /* arg1=protocol */ O_MACADDR2, /* 2 mac addr:mask */ + O_MAC_SRC, /* 2 mac addr:mask */ + O_MAC_DST, /* 2 mac addr:mask */ O_MAC_TYPE, /* same as srcport */ O_LAYER2, /* none */ ==== //depot/projects/soc2008/gk_l2filter/sys-netinet/ip_fw2.c#3 (text+ko) ==== @@ -2584,6 +2584,8 @@ break; case O_MACADDR2: + case O_MAC_SRC: + case O_MAC_DST: if (args->eh != NULL) { /* have MAC header */ u_int32_t *want = (u_int32_t *) ((ipfw_insn_mac *)cmd)->addr; @@ -3881,6 +3883,8 @@ break; case O_MACADDR2: + case O_MAC_SRC: + case O_MAC_DST: if (cmdlen != F_INSN_SIZE(ipfw_insn_mac)) goto bad_size; break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200806061811.m56IBB02072386>