Gitiles
Code Review Sign In
review.blissroms.org / platform_external_ebtables / 9cfd654314d5718393b847758ded6ef86530e5c6 / . / extensions / ebt_arp.c
blob: bd6bffe7353ca1950f2f66ed11d9dca1dad58206 [file] [log] [blame]
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]1#include <stdio.h>
2#include <string.h>
3#include <stdlib.h>
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]4#include <getopt.h>
5#include "../include/ebtables_u.h"
6#include <linux/netfilter_bridge/ebt_arp.h>
7
8#define ARP_OPCODE '1'
9#define ARP_HTYPE '2'
10#define ARP_PTYPE '3'
11#define ARP_IP_S '4'
12#define ARP_IP_D '5'
13static struct option opts[] =
14{
15 { "arp-opcode" , required_argument, 0, ARP_OPCODE },
16 { "arp-op" , required_argument, 0, ARP_OPCODE },
17 { "arp-htype" , required_argument, 0, ARP_HTYPE },
18 { "arp-ptype" , required_argument, 0, ARP_PTYPE },
19 { "arp-ip-src" , required_argument, 0, ARP_IP_S },
20 { "arp-ip-dst" , required_argument, 0, ARP_IP_D },
21 { 0 }
22};
23
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]24#define NUMOPCODES 9
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]25// a few names
26static char *opcodes[] =
27{
28 "Request",
29 "Reply",
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]30 "Request_Reverse",
31 "Reply_Reverse",
32 "DRARP_Request",
33 "DRARP_Reply",
34 "DRARP_Error",
35 "InARP_Request",
36 "ARP_NAK",
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]37};
38
39static void print_help()
40{
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]41 int i;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]42
43 printf(
44"arp options:\n"
45"--arp-opcode opcode : ARP opcode (integer or string)\n"
46"--arp-htype type : ARP hardware type (integer or string)\n"
47"--arp-ptype type : ARP protocol type (hexadecimal or string)\n"
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]48"--arp-ip-src [!] address[/mask]: ARP IP source specification\n"
49"--arp-ip-dst [!] address[/mask]: ARP IP target specification\n"
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]50" opcode strings: \n");
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]51 for (i = 0; i < NUMOPCODES; i++)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]52 printf("%d = %s\n", i + 1, opcodes[i]);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]53 printf(
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]54" hardware type string: 1 = Ethernet\n"
55" protocol type string: see /etc/ethertypes\n");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]56}
57
58static void init(struct ebt_entry_match *match)
59{
60 struct ebt_arp_info *arpinfo = (struct ebt_arp_info *)match->data;
61
62 arpinfo->invflags = 0;
63 arpinfo->bitmask = 0;
64}
65
66// defined in ebt_ip.c
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]67void parse_ip_address(char *address, uint32_t *addr, uint32_t *msk);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]68
69#define OPT_OPCODE 0x01
70#define OPT_HTYPE 0x02
71#define OPT_PTYPE 0x04
72#define OPT_IP_S 0x08
73#define OPT_IP_D 0x10
Bart De Schuymer7b9aaeb2002-06-23 20:38:34 +0000[diff] [blame]74static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry,
75 unsigned int *flags, struct ebt_entry_match **match)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]76{
77 struct ebt_arp_info *arpinfo = (struct ebt_arp_info *)(*match)->data;
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]78 long int i;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]79 char *end;
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]80 uint32_t *addr;
81 uint32_t *mask;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]82
83 switch (c) {
84 case ARP_OPCODE:
85 check_option(flags, OPT_OPCODE);
86 if (check_inverse(optarg))
87 arpinfo->invflags |= EBT_ARP_OPCODE;
88
89 if (optind > argc)
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]90 print_error("Missing ARP opcode argument");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]91 i = strtol(argv[optind - 1], &end, 10);
92 if (i < 0 || i >= (0x1 << 16) || *end !='\0') {
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]93 for (i = 0; i < NUMOPCODES; i++)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]94 if (!strcasecmp(opcodes[i], optarg))
95 break;
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]96 if (i == NUMOPCODES)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]97 print_error("Problem with specified "
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]98 "ARP opcode");
99 i++;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]100 }
101 arpinfo->opcode = htons(i);
102 arpinfo->bitmask |= EBT_ARP_OPCODE;
103 break;
104
105 case ARP_HTYPE:
106 check_option(flags, OPT_HTYPE);
107 if (check_inverse(optarg))
108 arpinfo->invflags |= EBT_ARP_HTYPE;
109
110 if (optind > argc)
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]111 print_error("Missing ARP hardware type argument");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]112 i = strtol(argv[optind - 1], &end, 10);
113 if (i < 0 || i >= (0x1 << 16) || *end !='\0') {
114 if (!strcasecmp("Ethernet", argv[optind - 1]))
115 i = 1;
116 else
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]117 print_error("Problem with specified ARP "
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]118 "hardware type");
119 }
120 arpinfo->htype = htons(i);
121 arpinfo->bitmask |= EBT_ARP_HTYPE;
122 break;
123
124 case ARP_PTYPE:
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]125 {
126 uint16_t proto;
127
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]128 check_option(flags, OPT_PTYPE);
129 if (check_inverse(optarg))
130 arpinfo->invflags |= EBT_ARP_PTYPE;
131
132 if (optind > argc)
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]133 print_error("Missing ARP protocol type argument");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]134 i = strtol(argv[optind - 1], &end, 16);
135 if (i < 0 || i >= (0x1 << 16) || *end !='\0') {
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]136 if (name_to_number (argv[optind - 1], &proto) == -1)
137 print_error("Problem with specified ARP "
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]138 "protocol type");
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]139 } else
140 proto = i;
141 arpinfo->ptype = htons(proto);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]142 arpinfo->bitmask |= EBT_ARP_PTYPE;
143 break;
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]144 }
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]145
146 case ARP_IP_S:
147 case ARP_IP_D:
148 if (c == ARP_IP_S) {
149 check_option(flags, OPT_IP_S);
150 addr = &arpinfo->saddr;
151 mask = &arpinfo->smsk;
152 arpinfo->bitmask |= EBT_ARP_SRC_IP;
153 } else {
154 check_option(flags, OPT_IP_D);
155 addr = &arpinfo->daddr;
156 mask = &arpinfo->dmsk;
157 arpinfo->bitmask |= EBT_ARP_DST_IP;
158 }
159 if (check_inverse(optarg)) {
160 if (c == ARP_IP_S)
161 arpinfo->invflags |= EBT_ARP_SRC_IP;
162 else
163 arpinfo->invflags |= EBT_ARP_DST_IP;
164 }
165 if (optind > argc)
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]166 print_error("Missing ARP IP address argument");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]167 parse_ip_address(argv[optind - 1], addr, mask);
168 break;
169 default:
170 return 0;
171 }
172 return 1;
173}
174
175static void final_check(const struct ebt_u_entry *entry,
Bart De Schuymer7b9aaeb2002-06-23 20:38:34 +0000[diff] [blame]176 const struct ebt_entry_match *match, const char *name,
177 unsigned int hook_mask, unsigned int time)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]178{
179 if (entry->bitmask & EBT_NOPROTO || entry->bitmask & EBT_802_3 ||
Bart De Schuymerb2632c52002-08-09 18:57:05 +0000[diff] [blame]180 (entry->ethproto != ETH_P_ARP && entry->ethproto != ETH_P_RARP) ||
181 entry->invflags & EBT_IPROTO)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]182 print_error("For (R)ARP filtering the protocol must be "
183 "specified as ARP or RARP");
184}
185
186// defined in the ebt_ip.c
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]187char *mask_to_dotted(uint32_t mask);
188
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]189static void print(const struct ebt_u_entry *entry,
190 const struct ebt_entry_match *match)
191{
192 struct ebt_arp_info *arpinfo = (struct ebt_arp_info *)match->data;
193 int i;
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]194 char name[21];
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]195
196 if (arpinfo->bitmask & EBT_ARP_OPCODE) {
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]197 int opcode = ntohs(arpinfo->opcode);
Bart De Schuymer41e8a192002-06-23 08:03:12 +0000[diff] [blame]198 printf("--arp-op ");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]199 if (arpinfo->invflags & EBT_ARP_OPCODE)
200 printf("! ");
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]201 if (opcode > 0 && opcode <= NUMOPCODES)
202 printf("%s ", opcodes[opcode - 1]);
203 else
204 printf("%d ", opcode);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]205 }
206 if (arpinfo->bitmask & EBT_ARP_HTYPE) {
Bart De Schuymer41e8a192002-06-23 08:03:12 +0000[diff] [blame]207 printf("--arp-htype ");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]208 if (arpinfo->invflags & EBT_ARP_HTYPE)
209 printf("! ");
210 printf("%d ", ntohs(arpinfo->htype));
211 }
212 if (arpinfo->bitmask & EBT_ARP_PTYPE) {
Bart De Schuymer41e8a192002-06-23 08:03:12 +0000[diff] [blame]213 printf("--arp-ptype ");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]214 if (arpinfo->invflags & EBT_ARP_PTYPE)
215 printf("! ");
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]216 if (number_to_name(ntohs(arpinfo->ptype), name))
217 printf("0x%x ", ntohs(arpinfo->ptype));
218 else
219 printf("%s ", name);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]220 }
221 if (arpinfo->bitmask & EBT_ARP_SRC_IP) {
Bart De Schuymer41e8a192002-06-23 08:03:12 +0000[diff] [blame]222 printf("--arp-ip-src ");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]223 if (arpinfo->invflags & EBT_ARP_SRC_IP)
224 printf("! ");
225 for (i = 0; i < 4; i++)
226 printf("%d%s", ((unsigned char *)&arpinfo->saddr)[i],
227 (i == 3) ? "" : ".");
Bart De Schuymer41e8a192002-06-23 08:03:12 +0000[diff] [blame]228 printf("%s ", mask_to_dotted(arpinfo->smsk));
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]229 }
230 if (arpinfo->bitmask & EBT_ARP_DST_IP) {
Bart De Schuymer41e8a192002-06-23 08:03:12 +0000[diff] [blame]231 printf("--arp-ip-dst ");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]232 if (arpinfo->invflags & EBT_ARP_DST_IP)
233 printf("! ");
234 for (i = 0; i < 4; i++)
235 printf("%d%s", ((unsigned char *)&arpinfo->daddr)[i],
236 (i == 3) ? "" : ".");
Bart De Schuymer41e8a192002-06-23 08:03:12 +0000[diff] [blame]237 printf("%s ", mask_to_dotted(arpinfo->dmsk));
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]238 }
239}
240
241static int compare(const struct ebt_entry_match *m1,
242 const struct ebt_entry_match *m2)
243{
244 struct ebt_arp_info *arpinfo1 = (struct ebt_arp_info *)m1->data;
245 struct ebt_arp_info *arpinfo2 = (struct ebt_arp_info *)m2->data;
246
247 if (arpinfo1->bitmask != arpinfo2->bitmask)
248 return 0;
249 if (arpinfo1->invflags != arpinfo2->invflags)
250 return 0;
251 if (arpinfo1->bitmask & EBT_ARP_OPCODE) {
252 if (arpinfo1->opcode != arpinfo2->opcode)
253 return 0;
254 }
255 if (arpinfo1->bitmask & EBT_ARP_HTYPE) {
256 if (arpinfo1->htype != arpinfo2->htype)
257 return 0;
258 }
259 if (arpinfo1->bitmask & EBT_ARP_PTYPE) {
260 if (arpinfo1->ptype != arpinfo2->ptype)
261 return 0;
262 }
263 if (arpinfo1->bitmask & EBT_ARP_SRC_IP) {
264 if (arpinfo1->saddr != arpinfo2->saddr)
265 return 0;
266 if (arpinfo1->smsk != arpinfo2->smsk)
267 return 0;
268 }
269 if (arpinfo1->bitmask & EBT_ARP_DST_IP) {
270 if (arpinfo1->daddr != arpinfo2->daddr)
271 return 0;
272 if (arpinfo1->dmsk != arpinfo2->dmsk)
273 return 0;
274 }
275 return 1;
276}
277
278static struct ebt_u_match arp_match =
279{
280 EBT_ARP_MATCH,
281 sizeof(struct ebt_arp_info),
282 print_help,
283 init,
284 parse,
285 final_check,
286 print,
287 compare,
Bart De Schuymer9cfd6542002-08-13 16:08:08 +0000[diff] [blame^]288 opts
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]289};
290
291static void _init(void) __attribute__ ((constructor));
292static void _init(void)
293{
294 register_match(&arp_match);
295}