]>
Commit | Line | Data |
---|---|---|
5e358816 MF |
1 | From 396750cef533cf72c7e6a72e47a9c93e2e431cb7 Mon Sep 17 00:00:00 2001 |
2 | From: Simon Kelley <simon@thekelleys.org.uk> | |
3 | Date: Sat, 13 Aug 2016 22:34:11 +0100 | |
4 | Subject: [PATCH] Refactor openBSD pftables code to remove blatant copyright | |
5 | violation. | |
6 | ||
7 | --- | |
8 | src/tables.c | 90 +++++++++++++++++++++------------------------------------- | |
9 | 1 file changed, 32 insertions(+), 58 deletions(-) | |
10 | ||
11 | diff --git a/src/tables.c b/src/tables.c | |
12 | index aae1252..4fa3487 100644 | |
13 | --- a/src/tables.c | |
14 | +++ b/src/tables.c | |
15 | @@ -53,52 +53,6 @@ static char *pfr_strerror(int errnum) | |
16 | } | |
17 | } | |
18 | ||
19 | -static int pfr_add_tables(struct pfr_table *tbl, int size, int *nadd, int flags) | |
20 | -{ | |
21 | - struct pfioc_table io; | |
22 | - | |
23 | - if (size < 0 || (size && tbl == NULL)) | |
24 | - { | |
25 | - errno = EINVAL; | |
26 | - return (-1); | |
27 | - } | |
28 | - bzero(&io, sizeof io); | |
29 | - io.pfrio_flags = flags; | |
30 | - io.pfrio_buffer = tbl; | |
31 | - io.pfrio_esize = sizeof(*tbl); | |
32 | - io.pfrio_size = size; | |
33 | - if (ioctl(dev, DIOCRADDTABLES, &io)) | |
34 | - return (-1); | |
35 | - if (nadd != NULL) | |
36 | - *nadd = io.pfrio_nadd; | |
37 | - return (0); | |
38 | -} | |
39 | - | |
40 | -static int fill_addr(const struct all_addr *ipaddr, int flags, struct pfr_addr* addr) { | |
41 | - if ( !addr || !ipaddr) | |
42 | - { | |
43 | - my_syslog(LOG_ERR, _("error: fill_addr missused")); | |
44 | - return -1; | |
45 | - } | |
46 | - bzero(addr, sizeof(*addr)); | |
47 | -#ifdef HAVE_IPV6 | |
48 | - if (flags & F_IPV6) | |
49 | - { | |
50 | - addr->pfra_af = AF_INET6; | |
51 | - addr->pfra_net = 0x80; | |
52 | - memcpy(&(addr->pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr)); | |
53 | - } | |
54 | - else | |
55 | -#endif | |
56 | - { | |
57 | - addr->pfra_af = AF_INET; | |
58 | - addr->pfra_net = 0x20; | |
59 | - addr->pfra_ip4addr.s_addr = ipaddr->addr.addr4.s_addr; | |
60 | - } | |
61 | - return 1; | |
62 | -} | |
63 | - | |
64 | -/*****************************************************************************/ | |
65 | ||
66 | void ipset_init(void) | |
67 | { | |
68 | @@ -111,14 +65,13 @@ void ipset_init(void) | |
69 | } | |
70 | ||
71 | int add_to_ipset(const char *setname, const struct all_addr *ipaddr, | |
72 | - int flags, int remove) | |
73 | + int flags, int remove) | |
74 | { | |
75 | struct pfr_addr addr; | |
76 | struct pfioc_table io; | |
77 | struct pfr_table table; | |
78 | - int n = 0, rc = 0; | |
79 | ||
80 | - if ( dev == -1 ) | |
81 | + if (dev == -1) | |
82 | { | |
83 | my_syslog(LOG_ERR, _("warning: no opened pf devices %s"), pf_device); | |
84 | return -1; | |
85 | @@ -126,31 +79,52 @@ int add_to_ipset(const char *setname, const struct all_addr *ipaddr, | |
86 | ||
87 | bzero(&table, sizeof(struct pfr_table)); | |
88 | table.pfrt_flags |= PFR_TFLAG_PERSIST; | |
89 | - if ( strlen(setname) >= PF_TABLE_NAME_SIZE ) | |
90 | + if (strlen(setname) >= PF_TABLE_NAME_SIZE) | |
91 | { | |
92 | my_syslog(LOG_ERR, _("error: cannot use table name %s"), setname); | |
93 | errno = ENAMETOOLONG; | |
94 | return -1; | |
95 | } | |
96 | ||
97 | - if ( strlcpy(table.pfrt_name, setname, | |
98 | - sizeof(table.pfrt_name)) >= sizeof(table.pfrt_name)) | |
99 | + if (strlcpy(table.pfrt_name, setname, | |
100 | + sizeof(table.pfrt_name)) >= sizeof(table.pfrt_name)) | |
101 | { | |
102 | my_syslog(LOG_ERR, _("error: cannot strlcpy table name %s"), setname); | |
103 | return -1; | |
104 | } | |
105 | ||
106 | - if ((rc = pfr_add_tables(&table, 1, &n, 0))) | |
107 | + bzero(&io, sizeof io); | |
108 | + io.pfrio_flags = 0; | |
109 | + io.pfrio_buffer = &table; | |
110 | + io.pfrio_esize = sizeof(table); | |
111 | + io.pfrio_size = 1; | |
112 | + if (ioctl(dev, DIOCRADDTABLES, &io)) | |
113 | { | |
114 | - my_syslog(LOG_WARNING, _("warning: pfr_add_tables: %s(%d)"), | |
115 | - pfr_strerror(errno),rc); | |
116 | + my_syslog(LOG_WARNING, _("IPset: error:%s"), pfr_strerror(errno)); | |
117 | + | |
118 | return -1; | |
119 | } | |
120 | + | |
121 | table.pfrt_flags &= ~PFR_TFLAG_PERSIST; | |
122 | - if (n) | |
123 | + if (io.pfrio_nadd) | |
124 | my_syslog(LOG_INFO, _("info: table created")); | |
125 | - | |
126 | - fill_addr(ipaddr,flags,&addr); | |
127 | + | |
128 | + bzero(&addr, sizeof(addr)); | |
129 | +#ifdef HAVE_IPV6 | |
130 | + if (flags & F_IPV6) | |
131 | + { | |
132 | + addr.pfra_af = AF_INET6; | |
133 | + addr.pfra_net = 0x80; | |
134 | + memcpy(&(addr.pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr)); | |
135 | + } | |
136 | + else | |
137 | +#endif | |
138 | + { | |
139 | + addr.pfra_af = AF_INET; | |
140 | + addr.pfra_net = 0x20; | |
141 | + addr.pfra_ip4addr.s_addr = ipaddr->addr.addr4.s_addr; | |
142 | + } | |
143 | + | |
144 | bzero(&io, sizeof(io)); | |
145 | io.pfrio_flags = 0; | |
146 | io.pfrio_table = table; | |
147 | -- | |
148 | 1.7.10.4 | |
149 |