5 * Copyright (C) 1997-1998 by Darren Reed.
7 * See the IPFILTER.LICENCE file for details on licencing.
9 * Id: iplang_y.y,v 2.9.2.4 2006/03/17 12:11:29 darrenr Exp $
16 #if !defined(__SVR4) && !defined(__svr4__)
19 # include <sys/byteorder.h>
21 #include <sys/types.h>
23 #include <sys/param.h>
28 #include <sys/socket.h>
29 #include <netinet/in.h>
30 #include <netinet/in_systm.h>
31 #include <netinet/ip.h>
33 # include <netinet/ip_var.h>
36 # include "radix_ipf_local.h"
40 # include <netinet/if_ether.h>
43 #include <arpa/nameser.h>
44 #include <arpa/inet.h>
48 #include "ip_compat.h"
52 #if !defined(__NetBSD__) && (!defined(__FreeBSD_version) && \
53 __FreeBSD_version < 400020) && (!SOLARIS || SOLARIS2 < 10)
54 extern struct ether_addr *ether_aton __P((char *));
58 extern struct ipopt_names ionames[];
59 extern int state, state, lineNum, token;
63 int yylex __P((void));
65 #if !defined(ultrix) && !defined(hpux)
71 iface_t *iflist = NULL, **iftail = &iflist;
73 arp_t *arplist = NULL, **arptail = &arplist, *carp = NULL;
74 struct in_addr defrouter;
77 u_short c_chksum __P((u_short *, u_int, u_long));
78 u_long p_chksum __P((u_short *, u_int));
80 u_long ipbuffer[67584/sizeof(u_long)]; /* 66K */
81 aniphdr_t *aniphead = NULL, *canip = NULL, **aniptail = &aniphead;
85 icmphdr_t *icmp = NULL;
92 struct in_addr getipv4addr __P((char *arg));
93 u_short getportnum __P((char *, char *));
94 struct ether_addr *geteaddr __P((char *, struct ether_addr *));
95 void *new_header __P((int));
96 void free_aniplist __P((void));
97 void inc_anipheaders __P((int));
98 void new_data __P((void));
99 void set_datalen __P((char **));
100 void set_datafile __P((char **));
101 void set_data __P((char **));
102 void new_packet __P((void));
103 void set_ipv4proto __P((char **));
104 void set_ipv4src __P((char **));
105 void set_ipv4dst __P((char **));
106 void set_ipv4off __P((char **));
107 void set_ipv4v __P((char **));
108 void set_ipv4hl __P((char **));
109 void set_ipv4ttl __P((char **));
110 void set_ipv4tos __P((char **));
111 void set_ipv4id __P((char **));
112 void set_ipv4sum __P((char **));
113 void set_ipv4len __P((char **));
114 void new_tcpheader __P((void));
115 void set_tcpsport __P((char **));
116 void set_tcpdport __P((char **));
117 void set_tcpseq __P((char **));
118 void set_tcpack __P((char **));
119 void set_tcpoff __P((char **));
120 void set_tcpurp __P((char **));
121 void set_tcpwin __P((char **));
122 void set_tcpsum __P((char **));
123 void set_tcpflags __P((char **));
124 void set_tcpopt __P((int, char **));
125 void end_tcpopt __P((void));
126 void new_udpheader __P((void));
127 void set_udplen __P((char **));
128 void set_udpsum __P((char **));
129 void prep_packet __P((void));
130 void packet_done __P((void));
131 void new_interface __P((void));
132 void check_interface __P((void));
133 void set_ifname __P((char **));
134 void set_ifmtu __P((int));
135 void set_ifv4addr __P((char **));
136 void set_ifeaddr __P((char **));
137 void new_arp __P((void));
138 void set_arpeaddr __P((char **));
139 void set_arpv4addr __P((char **));
140 void reset_send __P((void));
141 void set_sendif __P((char **));
142 void set_sendvia __P((char **));
143 void set_defaultrouter __P((char **));
144 void new_icmpheader __P((void));
145 void set_icmpcode __P((int));
146 void set_icmptype __P((int));
147 void set_icmpcodetok __P((char **));
148 void set_icmptypetok __P((char **));
149 void set_icmpid __P((int));
150 void set_icmpseq __P((int));
151 void set_icmpotime __P((int));
152 void set_icmprtime __P((int));
153 void set_icmpttime __P((int));
154 void set_icmpmtu __P((int));
155 void set_redir __P((int, char **));
156 void new_ipv4opt __P((void));
157 void set_icmppprob __P((int));
158 void add_ipopt __P((int, void *));
159 void end_ipopt __P((void));
160 void set_secclass __P((char **));
161 void free_anipheader __P((void));
162 void end_ipv4 __P((void));
163 void end_icmp __P((void));
164 void end_udp __P((void));
165 void end_tcp __P((void));
166 void end_data __P((void));
167 void yyerror __P((char *));
168 void iplang __P((FILE *));
169 int arp_getipv4 __P((char *, char *));
170 int yyparse __P((void));
176 %token <num> IL_NUMBER
177 %type <num> number digits optnumber
178 %token <str> IL_TOKEN
179 %type <str> token optoken
180 %token IL_HEXDIGIT IL_COLON IL_DOT IL_EOF IL_COMMENT
181 %token IL_INTERFACE IL_IFNAME IL_MTU IL_EADDR
182 %token IL_IPV4 IL_V4PROTO IL_V4SRC IL_V4DST IL_V4OFF IL_V4V IL_V4HL IL_V4TTL
183 %token IL_V4TOS IL_V4SUM IL_V4LEN IL_V4OPT IL_V4ID
184 %token IL_TCP IL_SPORT IL_DPORT IL_TCPFL IL_TCPSEQ IL_TCPACK IL_TCPOFF
185 %token IL_TCPWIN IL_TCPSUM IL_TCPURP IL_TCPOPT IL_TCPO_NOP IL_TCPO_EOL
186 %token IL_TCPO_MSS IL_TCPO_WSCALE IL_TCPO_TS
187 %token IL_UDP IL_UDPLEN IL_UDPSUM
188 %token IL_ICMP IL_ICMPTYPE IL_ICMPCODE
189 %token IL_SEND IL_VIA
192 %token IL_SUM IL_OFF IL_LEN IL_V4ADDR IL_OPT
193 %token IL_DATA IL_DLEN IL_DVALUE IL_DFILE
194 %token IL_IPO_NOP IL_IPO_RR IL_IPO_ZSU IL_IPO_MTUP IL_IPO_MTUR IL_IPO_EOL
195 %token IL_IPO_TS IL_IPO_TR IL_IPO_SEC IL_IPO_LSRR IL_IPO_ESEC
196 %token IL_IPO_SATID IL_IPO_SSRR IL_IPO_ADDEXT IL_IPO_VISA IL_IPO_IMITD
197 %token IL_IPO_EIP IL_IPO_FINN IL_IPO_SECCLASS IL_IPO_CIPSO IL_IPO_ENCODE
198 %token <str> IL_IPS_RESERV4 IL_IPS_TOPSECRET IL_IPS_SECRET IL_IPS_RESERV3
199 %token <str> IL_IPS_CONFID IL_IPS_UNCLASS IL_IPS_RESERV2 IL_IPS_RESERV1
200 %token IL_ICMP_ECHOREPLY IL_ICMP_UNREACH IL_ICMP_UNREACH_NET
201 %token IL_ICMP_UNREACH_HOST IL_ICMP_UNREACH_PROTOCOL IL_ICMP_UNREACH_PORT
202 %token IL_ICMP_UNREACH_NEEDFRAG IL_ICMP_UNREACH_SRCFAIL
203 %token IL_ICMP_UNREACH_NET_UNKNOWN IL_ICMP_UNREACH_HOST_UNKNOWN
204 %token IL_ICMP_UNREACH_ISOLATED IL_ICMP_UNREACH_NET_PROHIB
205 %token IL_ICMP_UNREACH_HOST_PROHIB IL_ICMP_UNREACH_TOSNET
206 %token IL_ICMP_UNREACH_TOSHOST IL_ICMP_UNREACH_FILTER_PROHIB
207 %token IL_ICMP_UNREACH_HOST_PRECEDENCE IL_ICMP_UNREACH_PRECEDENCE_CUTOFF
208 %token IL_ICMP_SOURCEQUENCH IL_ICMP_REDIRECT IL_ICMP_REDIRECT_NET
209 %token IL_ICMP_REDIRECT_HOST IL_ICMP_REDIRECT_TOSNET
210 %token IL_ICMP_REDIRECT_TOSHOST IL_ICMP_ECHO IL_ICMP_ROUTERADVERT
211 %token IL_ICMP_ROUTERSOLICIT IL_ICMP_TIMXCEED IL_ICMP_TIMXCEED_INTRANS
212 %token IL_ICMP_TIMXCEED_REASS IL_ICMP_PARAMPROB IL_ICMP_PARAMPROB_OPTABSENT
213 %token IL_ICMP_TSTAMP IL_ICMP_TSTAMPREPLY IL_ICMP_IREQ IL_ICMP_IREQREPLY
214 %token IL_ICMP_MASKREQ IL_ICMP_MASKREPLY IL_ICMP_SEQ IL_ICMP_ID
215 %token IL_ICMP_OTIME IL_ICMP_RTIME IL_ICMP_TTIME
231 iface: ifhdr '{' ifaceopts '}' ';' { check_interface(); }
234 ifhdr: IL_INTERFACE { new_interface(); }
243 IL_IFNAME token { set_ifname(&$2); }
244 | IL_MTU number { set_ifmtu($2); }
245 | IL_V4ADDR token { set_ifv4addr(&$2); }
246 | IL_EADDR token { set_ifeaddr(&$2); }
249 send: sendhdr '{' sendbody '}' ';' { packet_done(); }
250 | sendhdr ';' { packet_done(); }
254 IL_SEND { reset_send(); }
263 IL_IFNAME token { set_sendif(&$2); }
264 | IL_VIA token { set_sendvia(&$2); }
267 arp: arphdr '{' arpbody '}' ';'
270 arphdr: IL_ARP { new_arp(); }
278 arpopt: IL_V4ADDR token { set_arpv4addr(&$2); }
279 | IL_EADDR token { set_arpeaddr(&$2); }
283 IL_DEFROUTER token { set_defaultrouter(&$2); }
294 ipline: ipv4 '{' ipv4body '}' ';' { end_ipv4(); }
297 ipv4: IL_IPV4 { new_packet(); }
306 IL_V4PROTO token { set_ipv4proto(&$2); }
307 | IL_V4SRC token { set_ipv4src(&$2); }
308 | IL_V4DST token { set_ipv4dst(&$2); }
309 | IL_V4OFF token { set_ipv4off(&$2); }
310 | IL_V4V token { set_ipv4v(&$2); }
311 | IL_V4HL token { set_ipv4hl(&$2); }
312 | IL_V4ID token { set_ipv4id(&$2); }
313 | IL_V4TTL token { set_ipv4ttl(&$2); }
314 | IL_V4TOS token { set_ipv4tos(&$2); }
315 | IL_V4SUM token { set_ipv4sum(&$2); }
316 | IL_V4LEN token { set_ipv4len(&$2); }
317 | ipv4opt '{' ipv4optlist '}' ';' { end_ipopt(); }
320 tcp: IL_TCP { new_tcpheader(); }
324 '{' tcpheader '}' ';' { end_tcp(); }
334 IL_SPORT token { set_tcpsport(&$2); }
335 | IL_DPORT token { set_tcpdport(&$2); }
336 | IL_TCPSEQ token { set_tcpseq(&$2); }
337 | IL_TCPACK token { set_tcpack(&$2); }
338 | IL_TCPOFF token { set_tcpoff(&$2); }
339 | IL_TCPURP token { set_tcpurp(&$2); }
340 | IL_TCPWIN token { set_tcpwin(&$2); }
341 | IL_TCPSUM token { set_tcpsum(&$2); }
342 | IL_TCPFL token { set_tcpflags(&$2); }
343 | IL_TCPOPT '{' tcpopts '}' ';' { end_tcpopt(); }
350 tcpopt: IL_TCPO_NOP ';' { set_tcpopt(IL_TCPO_NOP, NULL); }
351 | IL_TCPO_EOL ';' { set_tcpopt(IL_TCPO_EOL, NULL); }
352 | IL_TCPO_MSS optoken { set_tcpopt(IL_TCPO_MSS,&$2);}
353 | IL_TCPO_WSCALE optoken { set_tcpopt(IL_TCPO_WSCALE,&$2);}
354 | IL_TCPO_TS optoken { set_tcpopt(IL_TCPO_TS, &$2);}
357 udp: IL_UDP { new_udpheader(); }
361 '{' udpheader '}' ';' { end_udp(); }
372 IL_SPORT token { set_tcpsport(&$2); }
373 | IL_DPORT token { set_tcpdport(&$2); }
374 | IL_UDPLEN token { set_udplen(&$2); }
375 | IL_UDPSUM token { set_udpsum(&$2); }
378 icmp: IL_ICMP { new_icmpheader(); }
382 '{' icmpbody '}' ';' { end_icmp(); }
387 | icmpheader bodyline
392 | IL_ICMPTYPE icmptype icmpcode
396 IL_ICMPCODE token { set_icmpcodetok(&$2); }
400 IL_ICMP_ECHOREPLY ';' { set_icmptype(ICMP_ECHOREPLY); }
401 | IL_ICMP_ECHOREPLY '{' icmpechoopts '}' ';'
403 | IL_ICMP_SOURCEQUENCH ';' { set_icmptype(ICMP_SOURCEQUENCH); }
405 | IL_ICMP_ROUTERADVERT ';' { set_icmptype(ICMP_ROUTERADVERT); }
406 | IL_ICMP_ROUTERSOLICIT ';' { set_icmptype(ICMP_ROUTERSOLICIT); }
407 | IL_ICMP_ECHO ';' { set_icmptype(ICMP_ECHO); }
408 | IL_ICMP_ECHO '{' icmpechoopts '}' ';'
409 | IL_ICMP_TIMXCEED ';' { set_icmptype(ICMP_TIMXCEED); }
410 | IL_ICMP_TIMXCEED '{' exceed '}' ';'
411 | IL_ICMP_TSTAMP ';' { set_icmptype(ICMP_TSTAMP); }
412 | IL_ICMP_TSTAMPREPLY ';' { set_icmptype(ICMP_TSTAMPREPLY); }
413 | IL_ICMP_TSTAMPREPLY '{' icmptsopts '}' ';'
414 | IL_ICMP_IREQ ';' { set_icmptype(ICMP_IREQ); }
415 | IL_ICMP_IREQREPLY ';' { set_icmptype(ICMP_IREQREPLY); }
416 | IL_ICMP_IREQREPLY '{' data dataline '}' ';'
417 | IL_ICMP_MASKREQ ';' { set_icmptype(ICMP_MASKREQ); }
418 | IL_ICMP_MASKREPLY ';' { set_icmptype(ICMP_MASKREPLY); }
419 | IL_ICMP_MASKREPLY '{' token '}' ';'
420 | IL_ICMP_PARAMPROB ';' { set_icmptype(ICMP_PARAMPROB); }
421 | IL_ICMP_PARAMPROB '{' paramprob '}' ';'
422 | IL_TOKEN ';' { set_icmptypetok(&$1); }
426 | icmpechoopts icmpecho
430 IL_ICMP_SEQ number { set_icmpseq($2); }
431 | IL_ICMP_ID number { set_icmpid($2); }
435 | icmptsopts icmpts ';'
438 icmpts: IL_ICMP_OTIME number { set_icmpotime($2); }
439 | IL_ICMP_RTIME number { set_icmprtime($2); }
440 | IL_ICMP_TTIME number { set_icmpttime($2); }
445 | IL_ICMP_UNREACH '{' unreachopts '}' ';'
449 IL_ICMP_UNREACH_NET line
450 | IL_ICMP_UNREACH_HOST line
451 | IL_ICMP_UNREACH_PROTOCOL line
452 | IL_ICMP_UNREACH_PORT line
453 | IL_ICMP_UNREACH_NEEDFRAG number ';' { set_icmpmtu($2); }
454 | IL_ICMP_UNREACH_SRCFAIL line
455 | IL_ICMP_UNREACH_NET_UNKNOWN line
456 | IL_ICMP_UNREACH_HOST_UNKNOWN line
457 | IL_ICMP_UNREACH_ISOLATED line
458 | IL_ICMP_UNREACH_NET_PROHIB line
459 | IL_ICMP_UNREACH_HOST_PROHIB line
460 | IL_ICMP_UNREACH_TOSNET line
461 | IL_ICMP_UNREACH_TOSHOST line
462 | IL_ICMP_UNREACH_FILTER_PROHIB line
463 | IL_ICMP_UNREACH_HOST_PRECEDENCE line
464 | IL_ICMP_UNREACH_PRECEDENCE_CUTOFF line
469 | IL_ICMP_REDIRECT '{' redirectopts '}' ';'
473 | IL_ICMP_REDIRECT_NET token { set_redir(0, &$2); }
474 | IL_ICMP_REDIRECT_HOST token { set_redir(1, &$2); }
475 | IL_ICMP_REDIRECT_TOSNET token { set_redir(2, &$2); }
476 | IL_ICMP_REDIRECT_TOSHOST token { set_redir(3, &$2); }
480 IL_ICMP_TIMXCEED_INTRANS line
481 | IL_ICMP_TIMXCEED_REASS line
485 IL_ICMP_PARAMPROB_OPTABSENT
486 | IL_ICMP_PARAMPROB_OPTABSENT paraprobarg
489 '{' number '}' ';' { set_icmppprob($2); }
492 ipv4opt: IL_V4OPT { new_ipv4opt(); }
496 | ipv4opts ipv4optlist
500 IL_IPO_NOP ';' { add_ipopt(IL_IPO_NOP, NULL); }
501 | IL_IPO_RR optnumber { add_ipopt(IL_IPO_RR, &$2); }
502 | IL_IPO_ZSU ';' { add_ipopt(IL_IPO_ZSU, NULL); }
503 | IL_IPO_MTUP ';' { add_ipopt(IL_IPO_MTUP, NULL); }
504 | IL_IPO_MTUR ';' { add_ipopt(IL_IPO_MTUR, NULL); }
505 | IL_IPO_ENCODE ';' { add_ipopt(IL_IPO_ENCODE, NULL); }
506 | IL_IPO_TS ';' { add_ipopt(IL_IPO_TS, NULL); }
507 | IL_IPO_TR ';' { add_ipopt(IL_IPO_TR, NULL); }
508 | IL_IPO_SEC ';' { add_ipopt(IL_IPO_SEC, NULL); }
509 | IL_IPO_SECCLASS secclass { add_ipopt(IL_IPO_SECCLASS, sclass); }
510 | IL_IPO_LSRR token { add_ipopt(IL_IPO_LSRR,&$2); }
511 | IL_IPO_ESEC ';' { add_ipopt(IL_IPO_ESEC, NULL); }
512 | IL_IPO_CIPSO ';' { add_ipopt(IL_IPO_CIPSO, NULL); }
513 | IL_IPO_SATID optnumber { add_ipopt(IL_IPO_SATID,&$2);}
514 | IL_IPO_SSRR token { add_ipopt(IL_IPO_SSRR,&$2); }
515 | IL_IPO_ADDEXT ';' { add_ipopt(IL_IPO_ADDEXT, NULL); }
516 | IL_IPO_VISA ';' { add_ipopt(IL_IPO_VISA, NULL); }
517 | IL_IPO_IMITD ';' { add_ipopt(IL_IPO_IMITD, NULL); }
518 | IL_IPO_EIP ';' { add_ipopt(IL_IPO_EIP, NULL); }
519 | IL_IPO_FINN ';' { add_ipopt(IL_IPO_FINN, NULL); }
523 IL_IPS_RESERV4 ';' { set_secclass(&$1); }
524 | IL_IPS_TOPSECRET ';' { set_secclass(&$1); }
525 | IL_IPS_SECRET ';' { set_secclass(&$1); }
526 | IL_IPS_RESERV3 ';' { set_secclass(&$1); }
527 | IL_IPS_CONFID ';' { set_secclass(&$1); }
528 | IL_IPS_UNCLASS ';' { set_secclass(&$1); }
529 | IL_IPS_RESERV2 ';' { set_secclass(&$1); }
530 | IL_IPS_RESERV1 ';' { set_secclass(&$1); }
533 data: IL_DATA { new_data(); }
537 '{' databody '}' ';' { end_data(); }
545 IL_DLEN token { set_datalen(&$2); }
546 | IL_DVALUE token { set_data(&$2); }
547 | IL_DFILE token { set_datafile(&$2); }
553 optoken: ';' { $$ = ""; }
560 optnumber: ';' { $$ = 0; }
569 struct statetoopt toipopts[] = {
570 { IL_IPO_NOP, IPOPT_NOP },
571 { IL_IPO_RR, IPOPT_RR },
572 { IL_IPO_ZSU, IPOPT_ZSU },
573 { IL_IPO_MTUP, IPOPT_MTUP },
574 { IL_IPO_MTUR, IPOPT_MTUR },
575 { IL_IPO_ENCODE, IPOPT_ENCODE },
576 { IL_IPO_TS, IPOPT_TS },
577 { IL_IPO_TR, IPOPT_TR },
578 { IL_IPO_SEC, IPOPT_SECURITY },
579 { IL_IPO_SECCLASS, IPOPT_SECURITY },
580 { IL_IPO_LSRR, IPOPT_LSRR },
581 { IL_IPO_ESEC, IPOPT_E_SEC },
582 { IL_IPO_CIPSO, IPOPT_CIPSO },
583 { IL_IPO_SATID, IPOPT_SATID },
584 { IL_IPO_SSRR, IPOPT_SSRR },
585 { IL_IPO_ADDEXT, IPOPT_ADDEXT },
586 { IL_IPO_VISA, IPOPT_VISA },
587 { IL_IPO_IMITD, IPOPT_IMITD },
588 { IL_IPO_EIP, IPOPT_EIP },
589 { IL_IPO_FINN, IPOPT_FINN },
593 struct statetoopt tosecopts[] = {
594 { IL_IPS_RESERV4, IPSO_CLASS_RES4 },
595 { IL_IPS_TOPSECRET, IPSO_CLASS_TOPS },
596 { IL_IPS_SECRET, IPSO_CLASS_SECR },
597 { IL_IPS_RESERV3, IPSO_CLASS_RES3 },
598 { IL_IPS_CONFID, IPSO_CLASS_CONF },
599 { IL_IPS_UNCLASS, IPSO_CLASS_UNCL },
600 { IL_IPS_RESERV2, IPSO_CLASS_RES2 },
601 { IL_IPS_RESERV1, IPSO_CLASS_RES1 },
610 static struct ether_addr n;
613 if (sscanf(s, " %x:%x:%x:%x:%x:%x ", &i[0], &i[1],
614 &i[2], &i[3], &i[4], &i[5]) == 6) {
615 n.ether_addr_octet[0] = (u_char)i[0];
616 n.ether_addr_octet[1] = (u_char)i[1];
617 n.ether_addr_octet[2] = (u_char)i[2];
618 n.ether_addr_octet[3] = (u_char)i[3];
619 n.ether_addr_octet[4] = (u_char)i[4];
620 n.ether_addr_octet[5] = (u_char)i[5];
628 struct in_addr getipv4addr(arg)
634 in.s_addr = 0xffffffff;
636 if ((hp = gethostbyname(arg)))
637 bcopy(hp->h_addr, &in.s_addr, sizeof(struct in_addr));
639 in.s_addr = inet_addr(arg);
644 u_short getportnum(pr, name)
649 if (!(sp = getservbyname(name, pr)))
650 return htons(atoi(name));
655 struct ether_addr *geteaddr(arg, buf)
657 struct ether_addr *buf;
659 struct ether_addr *e;
661 #if !defined(hpux) && !defined(linux)
664 fprintf(stderr, "Invalid ethernet address: %s\n", arg);
667 bcopy(e->octet, buf->octet, sizeof(e->octet));
669 bcopy(e->ether_addr_octet, buf->ether_addr_octet,
670 sizeof(e->ether_addr_octet));
679 void *new_header(type)
682 aniphdr_t *aip, *oip = canip;
685 aip = (aniphdr_t *)calloc(1, sizeof(*aip));
687 aniptail = &aip->ah_next;
692 if (type == IPPROTO_UDP)
693 sz = sizeof(udphdr_t);
694 else if (type == IPPROTO_TCP)
695 sz = sizeof(tcphdr_t);
696 else if (type == IPPROTO_ICMP)
697 sz = sizeof(icmphdr_t);
698 else if (type == IPPROTO_IP)
702 canip->ah_data = oip->ah_data + oip->ah_len;
704 canip->ah_data = (char *)ipbuffer;
707 * Increase the size fields in all wrapping headers.
709 for (aip = aniphead; aip; aip = aip->ah_next) {
711 if (aip->ah_p == IPPROTO_IP)
712 aip->ah_ip->ip_len += sz;
713 else if (aip->ah_p == IPPROTO_UDP)
714 aip->ah_udp->uh_ulen += sz;
716 return (void *)canip->ah_data;
722 aniphdr_t *aip, **aipp = &aniphead;
724 while ((aip = *aipp)) {
725 *aipp = aip->ah_next;
728 aniptail = &aniphead;
732 void inc_anipheaders(inc)
737 for (aip = aniphead; aip; aip = aip->ah_next) {
739 if (aip->ah_p == IPPROTO_IP)
740 aip->ah_ip->ip_len += inc;
741 else if (aip->ah_p == IPPROTO_UDP)
742 aip->ah_udp->uh_ulen += inc;
749 (void) new_header(-1);
754 void set_datalen(arg)
759 len = strtol(*arg, NULL, 0);
760 inc_anipheaders(len);
769 u_char *s = (u_char *)*arg, *t = (u_char *)canip->ah_data, c;
770 int len = 0, todo = 0, quote = 0, val = 0;
777 fprintf(stderr, "octal with %c!\n", c);
783 if (!ISDIGIT(c) || !todo) {
784 *t++ = (u_char)(val & 0xff);
794 fprintf(stderr, "octal with %c!\n", c);
828 *t++ = (u_char)(val & 0xff);
831 len = t - (u_char *)canip->ah_data;
832 inc_anipheaders(len - canip->ah_len);
837 void set_datafile(arg)
844 if ((fd = open(file, O_RDONLY)) == -1) {
849 if (fstat(fd, &sb) == -1) {
854 if ((sb.st_size + aniphead->ah_len ) > 65535) {
855 fprintf(stderr, "data file %s too big to include.\n", file);
859 if ((len = read(fd, canip->ah_data, sb.st_size)) == -1) {
864 inc_anipheaders(len);
865 canip->ah_len += len;
872 static u_short id = 0;
875 bzero((char *)ipbuffer, sizeof(ipbuffer));
877 ip = (ip_t *)new_header(IPPROTO_IP);
878 ip->ip_v = IPVERSION;
879 ip->ip_hl = sizeof(ip_t) >> 2;
880 ip->ip_len = sizeof(ip_t);
882 ip->ip_id = htons(id++);
886 void set_ipv4proto(arg)
891 if ((pr = getprotobyname(*arg)))
892 ip->ip_p = pr->p_proto;
894 if (!(ip->ip_p = atoi(*arg)))
895 fprintf(stderr, "unknown protocol %s\n", *arg);
901 void set_ipv4src(arg)
904 ip->ip_src = getipv4addr(*arg);
910 void set_ipv4dst(arg)
913 ip->ip_dst = getipv4addr(*arg);
919 void set_ipv4off(arg)
922 ip->ip_off = htons(strtol(*arg, NULL, 0));
931 ip->ip_v = strtol(*arg, NULL, 0);
942 newhl = strtol(*arg, NULL, 0);
943 inc = (newhl - ip->ip_hl) << 2;
946 canip->ah_len += inc;
952 void set_ipv4ttl(arg)
955 ip->ip_ttl = strtol(*arg, NULL, 0);
961 void set_ipv4tos(arg)
964 ip->ip_tos = strtol(*arg, NULL, 0);
973 ip->ip_id = htons(strtol(*arg, NULL, 0));
979 void set_ipv4sum(arg)
982 ip->ip_sum = strtol(*arg, NULL, 0);
988 void set_ipv4len(arg)
993 len = strtol(*arg, NULL, 0);
994 inc_anipheaders(len - ip->ip_len);
1001 void new_tcpheader()
1004 if ((ip->ip_p) && (ip->ip_p != IPPROTO_TCP)) {
1005 fprintf(stderr, "protocol %d specified with TCP!\n", ip->ip_p);
1008 ip->ip_p = IPPROTO_TCP;
1010 tcp = (tcphdr_t *)new_header(IPPROTO_TCP);
1011 tcp->th_win = htons(4096);
1012 tcp->th_off = sizeof(*tcp) >> 2;
1016 void set_tcpsport(arg)
1022 if (ip->ip_p == IPPROTO_UDP) {
1023 port = &udp->uh_sport;
1026 port = &tcp->th_sport;
1030 *port = getportnum(pr, *arg);
1036 void set_tcpdport(arg)
1042 if (ip->ip_p == IPPROTO_UDP) {
1043 port = &udp->uh_dport;
1046 port = &tcp->th_dport;
1050 *port = getportnum(pr, *arg);
1056 void set_tcpseq(arg)
1059 tcp->th_seq = htonl(strtol(*arg, NULL, 0));
1065 void set_tcpack(arg)
1068 tcp->th_ack = htonl(strtol(*arg, NULL, 0));
1074 void set_tcpoff(arg)
1079 off = strtol(*arg, NULL, 0);
1080 inc_anipheaders((off - tcp->th_off) << 2);
1087 void set_tcpurp(arg)
1090 tcp->th_urp = htons(strtol(*arg, NULL, 0));
1096 void set_tcpwin(arg)
1099 tcp->th_win = htons(strtol(*arg, NULL, 0));
1105 void set_tcpsum(arg)
1108 tcp->th_sum = strtol(*arg, NULL, 0);
1114 void set_tcpflags(arg)
1117 static char flags[] = "ASURPF";
1118 static int flagv[] = { TH_ACK, TH_SYN, TH_URG, TH_RST, TH_PUSH,
1122 for (s = *arg; *s; s++)
1123 if (!(t = strchr(flags, *s))) {
1125 fprintf(stderr, "unknown TCP flag %c\n", *s);
1128 tcp->th_flags = strtol(*arg, NULL, 0);
1131 tcp->th_flags |= flagv[t - flags];
1137 void set_tcpopt(state, arg)
1142 int val, len, val2, pad, optval;
1149 s = (u_char *)tcp + sizeof(*tcp) + canip->ah_optlen;
1164 case IL_TCPO_WSCALE :
1180 * prepend padding - if required.
1183 for (pad = 4 - (len & 3); pad; pad--) {
1190 *s++ = (u_char)optval;
1193 if (len == 3) { /* 1 byte - char */
1195 } else if (len == 4) { /* 2 bytes - short */
1196 *s++ = (u_char)((val >> 8) & 0xff);
1197 *s++ = (u_char)(val & 0xff);
1198 } else if (len >= 6) { /* 4 bytes - long */
1200 bcopy((char *)&val2, s, 4);
1205 *s++ = (u_char)optval;
1207 canip->ah_lastopt = optval;
1208 canip->ah_optlen += len;
1220 char *s = (char *)tcp;
1222 s += sizeof(*tcp) + canip->ah_optlen;
1224 * pad out so that we have a multiple of 4 bytes in size fo the
1225 * options. make sure last byte is EOL.
1227 if (canip->ah_optlen & 3) {
1228 if (canip->ah_lastopt != 1) {
1229 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1237 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1244 tcp->th_off = (sizeof(*tcp) + canip->ah_optlen) >> 2;
1245 inc_anipheaders(canip->ah_optlen);
1249 void new_udpheader()
1251 if ((ip->ip_p) && (ip->ip_p != IPPROTO_UDP)) {
1252 fprintf(stderr, "protocol %d specified with UDP!\n", ip->ip_p);
1255 ip->ip_p = IPPROTO_UDP;
1257 udp = (udphdr_t *)new_header(IPPROTO_UDP);
1258 udp->uh_ulen = sizeof(*udp);
1262 void set_udplen(arg)
1267 len = strtol(*arg, NULL, 0);
1268 inc_anipheaders(len - udp->uh_ulen);
1275 void set_udpsum(arg)
1278 udp->uh_sum = strtol(*arg, NULL, 0);
1287 struct in_addr gwip;
1289 ifp = sending.snd_if;
1291 fprintf(stderr, "no interface defined for sending!\n");
1294 if (ifp->if_fd == -1)
1295 ifp->if_fd = initdevice(ifp->if_name, 5);
1296 gwip = sending.snd_gw;
1298 if (aniphead == NULL) {
1300 "no destination address defined for sending\n");
1303 gwip = aniphead->ah_ip->ip_dst;
1305 (void) send_ip(ifp->if_fd, ifp->if_MTU, (ip_t *)ipbuffer, gwip, 2);
1313 u_char *s = (u_char *)ipbuffer, *t = (u_char *)outline;
1315 if (opts & OPT_VERBOSE) {
1316 ip->ip_len = htons(ip->ip_len);
1317 for (i = ntohs(ip->ip_len), j = 0; i; i--, j++, s++) {
1318 if (j && !(j & 0xf)) {
1321 fputs(outline, stdout);
1323 t = (u_char *)outline;
1326 sprintf((char *)t, "%02x", *s & 0xff);
1328 if (!((j + 1) & 0xf)) {
1330 sprintf((char *)t, " ");
1332 for (k = 16; k; k--, s++)
1333 *t++ = (ISPRINT(*s) ? *s : '.');
1342 for (k = 16 - (j & 0xf); k; k--) {
1347 sprintf((char *)t, " ");
1350 for (k = j & 0xf; k; k--, s++)
1351 *t++ = (ISPRINT(*s) ? *s : '.');
1355 fputs(outline, stdout);
1357 ip->ip_len = ntohs(ip->ip_len);
1365 void new_interface()
1367 cifp = (iface_t *)calloc(1, sizeof(iface_t));
1369 iftail = &cifp->if_next;
1374 void check_interface()
1376 if (!cifp->if_name || !*cifp->if_name)
1377 fprintf(stderr, "No interface name given!\n");
1378 if (!cifp->if_MTU || !*cifp->if_name)
1379 fprintf(stderr, "Interface %s has an MTU of 0!\n",
1384 void set_ifname(arg)
1387 cifp->if_name = *arg;
1399 void set_ifv4addr(arg)
1402 cifp->if_addr = getipv4addr(*arg);
1408 void set_ifeaddr(arg)
1411 (void) geteaddr(*arg, &cifp->if_eaddr);
1419 carp = (arp_t *)calloc(1, sizeof(arp_t));
1421 arptail = &carp->arp_next;
1425 void set_arpeaddr(arg)
1428 (void) geteaddr(*arg, &carp->arp_eaddr);
1434 void set_arpv4addr(arg)
1437 carp->arp_addr = getipv4addr(*arg);
1443 int arp_getipv4(ip, addr)
1449 for (a = arplist; a; a = a->arp_next)
1450 if (!bcmp(ip, (char *)&a->arp_addr, 4)) {
1451 bcopy((char *)&a->arp_eaddr, addr, 6);
1460 sending.snd_if = iflist;
1461 sending.snd_gw = defrouter;
1465 void set_sendif(arg)
1470 for (ifp = iflist; ifp; ifp = ifp->if_next)
1471 if (ifp->if_name && !strcmp(ifp->if_name, *arg))
1473 sending.snd_if = ifp;
1475 fprintf(stderr, "couldn't find interface %s\n", *arg);
1481 void set_sendvia(arg)
1484 sending.snd_gw = getipv4addr(*arg);
1490 void set_defaultrouter(arg)
1493 defrouter = getipv4addr(*arg);
1499 void new_icmpheader()
1501 if ((ip->ip_p) && (ip->ip_p != IPPROTO_ICMP)) {
1502 fprintf(stderr, "protocol %d specified with ICMP!\n",
1506 ip->ip_p = IPPROTO_ICMP;
1507 icmp = (icmphdr_t *)new_header(IPPROTO_ICMP);
1511 void set_icmpcode(code)
1514 icmp->icmp_code = code;
1518 void set_icmptype(type)
1521 icmp->icmp_type = type;
1525 void set_icmpcodetok(code)
1531 for (i = 0; (s = icmpcodes[i]); i++)
1532 if (!strcmp(s, *code)) {
1533 icmp->icmp_code = i;
1537 fprintf(stderr, "unknown ICMP code %s\n", *code);
1543 void set_icmptypetok(type)
1549 for (i = 0; !(s = icmptypes[i]) || strcmp(s, "END"); i++)
1550 if (s && !strcmp(s, *type)) {
1551 icmp->icmp_type = i;
1556 fprintf(stderr, "unknown ICMP type %s\n", *type);
1562 void set_icmpid(arg)
1565 icmp->icmp_id = htons(arg);
1569 void set_icmpseq(arg)
1572 icmp->icmp_seq = htons(arg);
1576 void set_icmpotime(arg)
1579 icmp->icmp_otime = htonl(arg);
1583 void set_icmprtime(arg)
1586 icmp->icmp_rtime = htonl(arg);
1590 void set_icmpttime(arg)
1593 icmp->icmp_ttime = htonl(arg);
1597 void set_icmpmtu(arg)
1601 icmp->icmp_nextmtu = htons(arg);
1606 void set_redir(redir, arg)
1610 icmp->icmp_code = redir;
1611 icmp->icmp_gwaddr = getipv4addr(*arg);
1617 void set_icmppprob(num)
1620 icmp->icmp_pptr = num;
1630 void add_ipopt(state, ptr)
1634 struct ipopt_names *io;
1635 struct statetoopt *sto;
1636 char numbuf[16], *arg, **param = ptr;
1639 if (state == IL_IPO_RR || state == IL_IPO_SATID) {
1641 sprintf(numbuf, "%d", *(int *)param);
1643 strcpy(numbuf, "0");
1646 arg = param ? *param : NULL;
1648 if (canip->ah_next) {
1649 fprintf(stderr, "cannot specify options after data body\n");
1652 for (sto = toipopts; sto->sto_st; sto++)
1653 if (sto->sto_st == state)
1656 fprintf(stderr, "No mapping for state %d to IP option\n",
1661 hlen = sizeof(ip_t) + canip->ah_optlen;
1662 for (io = ionames; io->on_name; io++)
1663 if (io->on_value == sto->sto_op)
1665 canip->ah_lastopt = io->on_value;
1668 inc = addipopt((char *)ip + hlen, io, hlen - sizeof(ip_t),arg);
1671 ((char *)ip)[sizeof(*ip) + inc] = IPOPT_NOP;
1672 canip->ah_lastopt = IPOPT_NOP;
1679 canip->ah_optlen = hlen - sizeof(ip_t);
1681 if (state != IL_IPO_RR && state != IL_IPO_SATID)
1682 if (param && *param) {
1693 char *s, *buf = (char *)ip;
1696 * pad out so that we have a multiple of 4 bytes in size fo the
1697 * options. make sure last byte is EOL.
1699 if (canip->ah_lastopt == IPOPT_NOP) {
1700 buf[sizeof(*ip) + canip->ah_optlen - 1] = IPOPT_EOL;
1701 } else if (canip->ah_lastopt != IPOPT_EOL) {
1702 s = buf + sizeof(*ip) + canip->ah_optlen;
1704 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1711 s = buf + sizeof(*ip) + canip->ah_optlen - 1;
1713 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1719 ip->ip_hl = (sizeof(*ip) + canip->ah_optlen) >> 2;
1720 inc_anipheaders(canip->ah_optlen);
1725 void set_secclass(arg)
1733 void free_anipheader()
1738 if ((canip = aip->ah_prev)) {
1739 canip->ah_next = NULL;
1740 aniptail = &canip->ah_next;
1753 ip->ip_len = htons(ip->ip_len);
1754 ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2);
1755 ip->ip_len = ntohs(ip->ip_len);
1757 for (aip = aniphead, ip = NULL; aip; aip = aip->ah_next)
1758 if (aip->ah_p == IPPROTO_IP)
1767 icmp->icmp_cksum = 0;
1768 icmp->icmp_cksum = chksum((u_short *)icmp, canip->ah_len);
1770 for (aip = aniphead, icmp = NULL; aip; aip = aip->ah_next)
1771 if (aip->ah_p == IPPROTO_ICMP)
1772 icmp = aip->ah_icmp;
1782 bzero((char *)&iptmp, sizeof(iptmp));
1783 iptmp.ip_p = ip->ip_p;
1784 iptmp.ip_src = ip->ip_src;
1785 iptmp.ip_dst = ip->ip_dst;
1786 iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2));
1787 sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp));
1788 udp->uh_ulen = htons(udp->uh_ulen);
1789 udp->uh_sum = c_chksum((u_short *)udp, (u_int)ntohs(iptmp.ip_len), sum);
1791 for (aip = aniphead, udp = NULL; aip; aip = aip->ah_next)
1792 if (aip->ah_p == IPPROTO_UDP)
1803 bzero((char *)&iptmp, sizeof(iptmp));
1804 iptmp.ip_p = ip->ip_p;
1805 iptmp.ip_src = ip->ip_src;
1806 iptmp.ip_dst = ip->ip_dst;
1807 iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2));
1808 sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp));
1810 tcp->th_sum = c_chksum((u_short *)tcp, (u_int)ntohs(iptmp.ip_len), sum);
1812 for (aip = aniphead, tcp = NULL; aip; aip = aip->ah_next)
1813 if (aip->ah_p == IPPROTO_TCP)
1829 yydebug = (opts & OPT_DEBUG) ? 1 : 0;
1836 u_short c_chksum(buf, len, init)
1842 int nwords = len >> 1;
1844 for(; nwords > 0; nwords--)
1846 sum = (sum>>16) + (sum & 0xffff);
1852 u_long p_chksum(buf,len)
1857 int nwords = len >> 1;
1859 for(; nwords > 0; nwords--)