1*f3ac6781SToomas Soome /*
2*f3ac6781SToomas Soome * Copyright (C) 2002 by Darren Reed.
3*f3ac6781SToomas Soome *
4*f3ac6781SToomas Soome * See the IPFILTER.LICENCE file for details on licencing.
5*f3ac6781SToomas Soome *
6*f3ac6781SToomas Soome * $Id: load_hash.c,v 1.11.2.2 2005/02/01 02:44:05 darrenr Exp $
7*f3ac6781SToomas Soome *
8*f3ac6781SToomas Soome * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
9*f3ac6781SToomas Soome * Use is subject to license terms.
10*f3ac6781SToomas Soome *
11*f3ac6781SToomas Soome * Copyright (c) 2014, Joyent, Inc. All rights reserved.
12*f3ac6781SToomas Soome */
13*f3ac6781SToomas Soome
14*f3ac6781SToomas Soome #include <fcntl.h>
15*f3ac6781SToomas Soome #include <sys/ioctl.h>
16*f3ac6781SToomas Soome #include "ipf.h"
17*f3ac6781SToomas Soome #include "netinet/ip_lookup.h"
18*f3ac6781SToomas Soome #include "netinet/ip_htable.h"
19*f3ac6781SToomas Soome #include "ipfzone.h"
20*f3ac6781SToomas Soome
21*f3ac6781SToomas Soome static int hashfd = -1;
22*f3ac6781SToomas Soome
23*f3ac6781SToomas Soome
load_hash(iphp,list,iocfunc)24*f3ac6781SToomas Soome int load_hash(iphp, list, iocfunc)
25*f3ac6781SToomas Soome iphtable_t *iphp;
26*f3ac6781SToomas Soome iphtent_t *list;
27*f3ac6781SToomas Soome ioctlfunc_t iocfunc;
28*f3ac6781SToomas Soome {
29*f3ac6781SToomas Soome iplookupop_t op;
30*f3ac6781SToomas Soome iphtable_t iph;
31*f3ac6781SToomas Soome iphtent_t *a;
32*f3ac6781SToomas Soome size_t size;
33*f3ac6781SToomas Soome int n;
34*f3ac6781SToomas Soome
35*f3ac6781SToomas Soome if ((hashfd == -1) && ((opts & OPT_DONOTHING) == 0))
36*f3ac6781SToomas Soome hashfd = open(IPLOOKUP_NAME, O_RDWR);
37*f3ac6781SToomas Soome if ((hashfd == -1) && ((opts & OPT_DONOTHING) == 0))
38*f3ac6781SToomas Soome return -1;
39*f3ac6781SToomas Soome if (setzone(hashfd) != 0) {
40*f3ac6781SToomas Soome close(hashfd);
41*f3ac6781SToomas Soome return -1;
42*f3ac6781SToomas Soome }
43*f3ac6781SToomas Soome
44*f3ac6781SToomas Soome for (n = 0, a = list; a != NULL; a = a->ipe_next)
45*f3ac6781SToomas Soome n++;
46*f3ac6781SToomas Soome
47*f3ac6781SToomas Soome op.iplo_arg = 0;
48*f3ac6781SToomas Soome op.iplo_type = IPLT_HASH;
49*f3ac6781SToomas Soome op.iplo_unit = iphp->iph_unit;
50*f3ac6781SToomas Soome strncpy(op.iplo_name, iphp->iph_name, sizeof(op.iplo_name));
51*f3ac6781SToomas Soome if (*op.iplo_name == '\0')
52*f3ac6781SToomas Soome op.iplo_arg = IPHASH_ANON;
53*f3ac6781SToomas Soome op.iplo_size = sizeof(iph);
54*f3ac6781SToomas Soome op.iplo_struct = &iph;
55*f3ac6781SToomas Soome iph.iph_unit = iphp->iph_unit;
56*f3ac6781SToomas Soome iph.iph_type = iphp->iph_type;
57*f3ac6781SToomas Soome strncpy(iph.iph_name, iphp->iph_name, sizeof(iph.iph_name));
58*f3ac6781SToomas Soome iph.iph_flags = iphp->iph_flags;
59*f3ac6781SToomas Soome if (n <= 0)
60*f3ac6781SToomas Soome n = 1;
61*f3ac6781SToomas Soome if (iphp->iph_size == 0)
62*f3ac6781SToomas Soome size = n * 2 - 1;
63*f3ac6781SToomas Soome else
64*f3ac6781SToomas Soome size = iphp->iph_size;
65*f3ac6781SToomas Soome if ((list == NULL) && (size == 1)) {
66*f3ac6781SToomas Soome fprintf(stderr,
67*f3ac6781SToomas Soome "WARNING: empty hash table %s, recommend setting %s\n",
68*f3ac6781SToomas Soome iphp->iph_name, "size to match expected use");
69*f3ac6781SToomas Soome }
70*f3ac6781SToomas Soome iph.iph_size = size;
71*f3ac6781SToomas Soome iph.iph_seed = iphp->iph_seed;
72*f3ac6781SToomas Soome iph.iph_table = NULL;
73*f3ac6781SToomas Soome iph.iph_ref = 0;
74*f3ac6781SToomas Soome
75*f3ac6781SToomas Soome if ((opts & OPT_REMOVE) == 0) {
76*f3ac6781SToomas Soome if ((*iocfunc)(hashfd, SIOCLOOKUPADDTABLE, &op))
77*f3ac6781SToomas Soome if ((opts & OPT_DONOTHING) == 0) {
78*f3ac6781SToomas Soome perror("load_hash:SIOCLOOKUPADDTABLE");
79*f3ac6781SToomas Soome return -1;
80*f3ac6781SToomas Soome }
81*f3ac6781SToomas Soome }
82*f3ac6781SToomas Soome
83*f3ac6781SToomas Soome strncpy(op.iplo_name, iph.iph_name, sizeof(op.iplo_name));
84*f3ac6781SToomas Soome strncpy(iphp->iph_name, iph.iph_name, sizeof(op.iplo_name));
85*f3ac6781SToomas Soome
86*f3ac6781SToomas Soome if (opts & OPT_VERBOSE) {
87*f3ac6781SToomas Soome for (a = list; a != NULL; a = a->ipe_next) {
88*f3ac6781SToomas Soome if (a->ipe_family == AF_INET) {
89*f3ac6781SToomas Soome a->ipe_addr.in4_addr = ntohl(a->ipe_addr.in4_addr);
90*f3ac6781SToomas Soome a->ipe_mask.in4_addr = ntohl(a->ipe_mask.in4_addr);
91*f3ac6781SToomas Soome }
92*f3ac6781SToomas Soome }
93*f3ac6781SToomas Soome iph.iph_table = calloc(size, sizeof(*iph.iph_table));
94*f3ac6781SToomas Soome if (iph.iph_table == NULL) {
95*f3ac6781SToomas Soome perror("calloc(size, sizeof(*iph.iph_table))");
96*f3ac6781SToomas Soome return -1;
97*f3ac6781SToomas Soome }
98*f3ac6781SToomas Soome iph.iph_table[0] = list;
99*f3ac6781SToomas Soome printhash(&iph, bcopywrap, iph.iph_name, opts);
100*f3ac6781SToomas Soome free(iph.iph_table);
101*f3ac6781SToomas Soome
102*f3ac6781SToomas Soome for (a = list; a != NULL; a = a->ipe_next) {
103*f3ac6781SToomas Soome if (a->ipe_family == AF_INET) {
104*f3ac6781SToomas Soome a->ipe_addr.in4_addr = htonl(a->ipe_addr.in4_addr);
105*f3ac6781SToomas Soome a->ipe_mask.in4_addr = htonl(a->ipe_mask.in4_addr);
106*f3ac6781SToomas Soome }
107*f3ac6781SToomas Soome }
108*f3ac6781SToomas Soome }
109*f3ac6781SToomas Soome
110*f3ac6781SToomas Soome if (opts & OPT_DEBUG)
111*f3ac6781SToomas Soome printf("Hash %s:\n", iph.iph_name);
112*f3ac6781SToomas Soome
113*f3ac6781SToomas Soome for (a = list; a != NULL; a = a->ipe_next)
114*f3ac6781SToomas Soome load_hashnode(iphp->iph_unit, iph.iph_name, a, iocfunc);
115*f3ac6781SToomas Soome
116*f3ac6781SToomas Soome if ((opts & OPT_REMOVE) != 0) {
117*f3ac6781SToomas Soome if ((*iocfunc)(hashfd, SIOCLOOKUPDELTABLE, &op))
118*f3ac6781SToomas Soome if ((opts & OPT_DONOTHING) == 0) {
119*f3ac6781SToomas Soome perror("load_hash:SIOCLOOKUPDELTABLE");
120*f3ac6781SToomas Soome return -1;
121*f3ac6781SToomas Soome }
122*f3ac6781SToomas Soome }
123*f3ac6781SToomas Soome return 0;
124*f3ac6781SToomas Soome }
125