summaryrefslogtreecommitdiff
path: root/usr/src/cmd/ipf/tools
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/cmd/ipf/tools')
-rw-r--r--usr/src/cmd/ipf/tools/Makefile.tools17
-rw-r--r--usr/src/cmd/ipf/tools/ipf_y.y17
-rw-r--r--usr/src/cmd/ipf/tools/ipfstat.c4
-rw-r--r--usr/src/cmd/ipf/tools/ipmon_y.y5
-rw-r--r--usr/src/cmd/ipf/tools/ipnat_y.y4
-rw-r--r--usr/src/cmd/ipf/tools/ippool_y.y4
-rw-r--r--usr/src/cmd/ipf/tools/lexer.c37
-rw-r--r--usr/src/cmd/ipf/tools/lexer.h5
8 files changed, 83 insertions, 10 deletions
diff --git a/usr/src/cmd/ipf/tools/Makefile.tools b/usr/src/cmd/ipf/tools/Makefile.tools
index 15b1634758..2bea0cd0b0 100644
--- a/usr/src/cmd/ipf/tools/Makefile.tools
+++ b/usr/src/cmd/ipf/tools/Makefile.tools
@@ -23,8 +23,7 @@
# Use is subject to license terms.
#
# Copyright 2013 Nexenta Systems, Inc. All rights reserved.
-#
-# Copyright (c) 2012, Joyent Inc. All rights reserved.
+# Copyright 2020 Joyent, Inc.
#
PROG= ipf ipfs ipmon ipnat ippool ipfstat
@@ -36,7 +35,7 @@ IPFSTAT_OBJS= ipfstat.o ipfzone.o
IPMON_OBJS= ipmon.o ipfzone.o ipmon_y.o ipmon_l.o
IPNAT_OBJS= ipnat.o ipfzone.o ipnat_y.o ipnat_l.o
IPPOOL_OBJS= ippool.o ipfzone.o ippool_y.o ippool_l.o
-IPFTEST_OBJS= ipftest.o ipfzone.o \
+IPFTEST_OBJS= cfw.o ipftest.o ipfzone.o \
ip_fil.o ip_state.o ip_compat.o \
ip_frag.o ip_nat.o ip_nat6.o fil.o \
ip_htable.o ip_lookup.o \
@@ -65,12 +64,12 @@ CPPFLAGS += -I. -DIPFILTER_LOOKUP -DIPFILTER_LOG
ipfstat.o := CPPFLAGS += -DSTATETOP
ipfstat := LDLIBS += -lcurses
-ipf := LDLIBS += -lsocket -lnsl
-ipftest := LDLIBS += -lsocket -lnsl -lmd
-ipfstat := LDLIBS += -lsocket -lnsl -lkvm -lelf
-ipmon := LDLIBS += -lsocket -lnsl
-ipnat := LDLIBS += -lsocket -lnsl -lkvm -lelf
-ippool := LDLIBS += -lsocket -lnsl -lkvm -lelf
+ipf := LDLIBS += -lsocket -lnsl -luuid
+ipftest := LDLIBS += -lsocket -lnsl -lmd -luuid
+ipfstat := LDLIBS += -lsocket -lnsl -lkvm -lelf -luuid
+ipmon := LDLIBS += -lsocket -lnsl -luuid
+ipnat := LDLIBS += -lsocket -lnsl -lkvm -lelf -luuid
+ippool := LDLIBS += -lsocket -lnsl -lkvm -lelf -luuid
CLEANFILES += $(OBJS)
CLOBBERFILES += $(IPFPROG)
diff --git a/usr/src/cmd/ipf/tools/ipf_y.y b/usr/src/cmd/ipf/tools/ipf_y.y
index 7689d676c7..c8909b4e92 100644
--- a/usr/src/cmd/ipf/tools/ipf_y.y
+++ b/usr/src/cmd/ipf/tools/ipf_y.y
@@ -6,6 +6,7 @@
*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2019 Joyent, Inc.
*/
#include "ipf.h"
@@ -16,6 +17,7 @@
# define _NET_BPF_H_
# include <pcap.h>
#endif
+#include <uuid/uuid.h>
#include "netinet/ip_pool.h"
#include "netinet/ip_htable.h"
#include "netinet/ipl.h"
@@ -98,6 +100,7 @@ static int set_ipv6_addr = 0;
union i6addr m;
} ipp;
union i6addr ip6;
+ uuid_t uuid;
};
%type <port> portnum
@@ -117,6 +120,7 @@ static int set_ipv6_addr = 0;
%token YY_CMP_EQ YY_CMP_NE YY_CMP_LE YY_CMP_GE YY_CMP_LT YY_CMP_GT
%token YY_RANGE_OUT YY_RANGE_IN
%token <ip6> YY_IPV6
+%token <uuid> YY_UUID
%token IPFY_PASS IPFY_BLOCK IPFY_COUNT IPFY_CALL
%token IPFY_RETICMP IPFY_RETRST IPFY_RETICMPASDST
@@ -127,6 +131,7 @@ static int set_ipv6_addr = 0;
%token IPFY_HEAD IPFY_GROUP
%token IPFY_AUTH IPFY_PREAUTH
%token IPFY_LOG IPFY_BODY IPFY_FIRST IPFY_LEVEL IPFY_ORBLOCK
+%token IPFY_UUID IPFY_CFWLOG
%token IPFY_LOGTAG IPFY_MATCHTAG IPFY_SETTAG IPFY_SKIP
%token IPFY_FROM IPFY_ALL IPFY_ANY IPFY_BPFV4 IPFY_BPFV6 IPFY_POOL IPFY_HASH
%token IPFY_PPS
@@ -518,6 +523,8 @@ taginlist:
taginspec:
logtag
|nattag
+ |uuidtag
+ |cfwtag
;
nattag: IPFY_NAT '=' YY_STR { DOALL(strncpy(fr->fr_nattag.ipt_tag,\
@@ -530,6 +537,12 @@ nattag: IPFY_NAT '=' YY_STR { DOALL(strncpy(fr->fr_nattag.ipt_tag,\
logtag: IPFY_LOG '=' YY_NUMBER { DOALL(fr->fr_logtag = $3;) }
;
+cfwtag: IPFY_CFWLOG { DOALL(fr->fr_flags |= FR_CFWLOG;) }
+ ;
+
+uuidtag: IPFY_UUID '=' YY_UUID { DOALL(uuid_copy(fr->fr_uuid, $3);) }
+ ;
+
settagout:
| IPFY_SETTAG '(' tagoutlist ')'
;
@@ -542,6 +555,8 @@ tagoutlist:
tagoutspec:
logtag
| nattag
+ | uuidtag
+ | cfwtag
;
matchtagin:
@@ -1566,6 +1581,7 @@ static struct wordtab ipfwords[96] = {
{ "bpf-v6", IPFY_BPFV6 },
#endif
{ "call", IPFY_CALL },
+ { "cfwlog", IPFY_CFWLOG },
{ "code", IPFY_ICMPCODE },
{ "count", IPFY_COUNT },
{ "dup-to", IPFY_DUPTO },
@@ -1641,6 +1657,7 @@ static struct wordtab ipfwords[96] = {
{ "to", IPFY_TO },
{ "ttl", IPFY_TTL },
{ "udp", IPFY_UDP },
+ { "uuid", IPFY_UUID },
{ "v6hdrs", IPF6_V6HDRS },
{ "with", IPFY_WITH },
{ NULL, 0 }
diff --git a/usr/src/cmd/ipf/tools/ipfstat.c b/usr/src/cmd/ipf/tools/ipfstat.c
index 1a3a5f4be8..52c4421404 100644
--- a/usr/src/cmd/ipf/tools/ipfstat.c
+++ b/usr/src/cmd/ipf/tools/ipfstat.c
@@ -165,6 +165,10 @@ static int sort_dstip __P((const void *, const void *));
static int sort_dstpt __P((const void *, const void *));
#endif
+#if SOLARIS
+#include "ipfzone.h"
+#endif
+
static void usage(name)
char *name;
diff --git a/usr/src/cmd/ipf/tools/ipmon_y.y b/usr/src/cmd/ipf/tools/ipmon_y.y
index e6dda81c35..b4fce4015d 100644
--- a/usr/src/cmd/ipf/tools/ipmon_y.y
+++ b/usr/src/cmd/ipf/tools/ipmon_y.y
@@ -1,11 +1,14 @@
/*
* Copyright (C) 1993-2005 by Darren Reed.
* See the IPFILTER.LICENCE file for details on licencing.
+ *
+ * Copyright 2019 Joyent, Inc.
*/
%{
#include "ipf.h"
#include <syslog.h>
+#include <uuid/uuid.h>
#undef OPT_NAT
#undef OPT_VERBOSE
#include "ipmon_l.h"
@@ -42,11 +45,13 @@ static ipmon_action_t *alist = NULL;
struct in_addr addr;
struct opt *opt;
union i6addr ip6;
+ uuid_t uuid;
}
%token <num> YY_NUMBER YY_HEX
%token <str> YY_STR
%token <ip6> YY_IPV6
+%token <uuid> YY_UUID
%token YY_COMMENT
%token YY_CMP_EQ YY_CMP_NE YY_CMP_LE YY_CMP_GE YY_CMP_LT YY_CMP_GT
%token YY_RANGE_OUT YY_RANGE_IN
diff --git a/usr/src/cmd/ipf/tools/ipnat_y.y b/usr/src/cmd/ipf/tools/ipnat_y.y
index d929bf413a..2c913afea2 100644
--- a/usr/src/cmd/ipf/tools/ipnat_y.y
+++ b/usr/src/cmd/ipf/tools/ipnat_y.y
@@ -6,6 +6,7 @@
*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2019 Joyent, Inc.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
@@ -39,6 +40,7 @@
#include <sys/time.h>
#include <syslog.h>
#include <net/if.h>
+#include <uuid/uuid.h>
#if __FreeBSD_version >= 300000
# include <net/if_var.h>
#endif
@@ -89,6 +91,7 @@ static void setnatproto __P((int));
int v;
} ipp;
union i6addr ip6;
+ uuid_t uuid;
};
%token <num> YY_NUMBER YY_HEX
@@ -97,6 +100,7 @@ static void setnatproto __P((int));
%token YY_CMP_EQ YY_CMP_NE YY_CMP_LE YY_CMP_GE YY_CMP_LT YY_CMP_GT
%token YY_RANGE_OUT YY_RANGE_IN
%token <ip6> YY_IPV6
+%token <uuid> YY_UUID
%token IPNY_MAPBLOCK IPNY_RDR IPNY_PORT IPNY_PORTS IPNY_AUTO IPNY_RANGE
%token IPNY_MAP IPNY_BIMAP IPNY_FROM IPNY_TO IPNY_MASK IPNY_PORTMAP IPNY_ANY
diff --git a/usr/src/cmd/ipf/tools/ippool_y.y b/usr/src/cmd/ipf/tools/ippool_y.y
index cca5052bd4..5aadd22206 100644
--- a/usr/src/cmd/ipf/tools/ippool_y.y
+++ b/usr/src/cmd/ipf/tools/ippool_y.y
@@ -6,6 +6,7 @@
*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2019 Joyent, Inc.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
@@ -34,6 +35,7 @@
#include <netdb.h>
#include <ctype.h>
#include <unistd.h>
+#include <uuid/uuid.h>
#include "ipf.h"
#include "netinet/ip_lookup.h"
@@ -66,6 +68,7 @@ static int set_ipv6_addr = 0;
iphtent_t *ipe;
ip_pool_node_t *ipp;
union i6addr ip6;
+ uuid_t uuid;
}
%token <num> YY_NUMBER YY_HEX
@@ -74,6 +77,7 @@ static int set_ipv6_addr = 0;
%token YY_CMP_EQ YY_CMP_NE YY_CMP_LE YY_CMP_GE YY_CMP_LT YY_CMP_GT
%token YY_RANGE_OUT YY_RANGE_IN
%token <ip6> YY_IPV6
+%token <uuid> YY_UUID
%token IPT_IPF IPT_NAT IPT_COUNT IPT_AUTH IPT_IN IPT_OUT
%token IPT_TABLE IPT_GROUPMAP IPT_HASH
diff --git a/usr/src/cmd/ipf/tools/lexer.c b/usr/src/cmd/ipf/tools/lexer.c
index 3db3a0888b..b4ee8b3f77 100644
--- a/usr/src/cmd/ipf/tools/lexer.c
+++ b/usr/src/cmd/ipf/tools/lexer.c
@@ -5,6 +5,7 @@
*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2019 Joyent, Inc.
*/
#include <ctype.h>
@@ -14,6 +15,7 @@
#endif
#include <sys/ioctl.h>
#include <syslog.h>
+#include <uuid/uuid.h>
#ifdef TEST_LEXER
# define NO_YACC
union {
@@ -21,6 +23,7 @@ union {
char *str;
struct in_addr ipa;
i6addr_t ip6;
+ uuid_t uuid;
} yylval;
#endif
#include "lexer.h"
@@ -455,6 +458,40 @@ nextchar:
}
#endif
+ /*
+ * UUID: e.g., "2426e38c-9f63-c0b8-cfd5-9aaeaf992d42" or its uppercase
+ * variant.
+ */
+ if (isbuilding == 0 && (ishex(c) || c == '-')) {
+ char uuidbuf[UUID_PRINTABLE_STRING_LENGTH], *s, oc;
+ int start;
+
+ start = yypos;
+ s = uuidbuf;
+ oc = c;
+
+ /*
+ * Don't worry about exact position of hexdigits and hyphens
+ * because uuid_parse() will provide the sanity check.
+ */
+ do {
+ *s++ = c;
+ c = yygetc(1);
+ } while ((ishex(c) || c == '-') &&
+ (s - uuidbuf < sizeof (uuidbuf)));
+ yyunputc(c);
+ *s = '\0';
+
+ if (uuid_parse(uuidbuf, yylval.uuid) == 0) {
+ rval = YY_UUID;
+ yyexpectaddr = 0;
+ goto done;
+ }
+ yypos = start;
+ c = oc;
+ }
+
+
if (c == ':') {
if (isbuilding == 1) {
yyunputc(c);
diff --git a/usr/src/cmd/ipf/tools/lexer.h b/usr/src/cmd/ipf/tools/lexer.h
index a296cb0bc3..448b3e6ffd 100644
--- a/usr/src/cmd/ipf/tools/lexer.h
+++ b/usr/src/cmd/ipf/tools/lexer.h
@@ -1,4 +1,6 @@
-
+/*
+ * Copyright 2019 Joyent, Inc.
+ */
typedef struct wordtab {
char *w_word;
int w_value;
@@ -16,6 +18,7 @@ typedef struct wordtab {
#define YY_IPV6 1008
#define YY_STR 1009
#define YY_IPADDR 1010
+#define YY_UUID 1011
#endif
#define YYBUFSIZ 8192
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-21 14:23:18 +0000