1
2 %{
3 /*
4 * Copyright (C) 2012 by Darren Reed.
5 *
6 * See the IPFILTER.LICENCE file for details on licencing.
7 *
8 * Id: iplang_y.y,v 2.9.2.4 2006/03/17 12:11:29 darrenr Exp $
9 */
10
11 #include <stdio.h>
12 #include <string.h>
13 #include <fcntl.h>
14 #if !defined(__SVR4) && !defined(__svr4__)
15 # include <strings.h>
16 #else
17 # include <sys/byteorder.h>
18 #endif
19 #include <sys/types.h>
20 #include <sys/stat.h>
21 #include <sys/param.h>
22 #include <sys/time.h>
23 #include <stdlib.h>
24 #include <unistd.h>
25 #include <stddef.h>
26 #include <sys/socket.h>
27 #include <net/if.h>
28 #include <netinet/in.h>
29 #include <netinet/in_systm.h>
30 #include <netinet/ip.h>
31 # include <netinet/ip_var.h>
32 # include <net/route.h>
33 # include <netinet/if_ether.h>
34 #include <netdb.h>
35 #include <arpa/nameser.h>
36 #include <arpa/inet.h>
37 #include <resolv.h>
38 #include <ctype.h>
39 #include "ipsend.h"
40 #include "ip_compat.h"
41 #include "ipf.h"
42 #include "iplang.h"
43
44 extern int opts;
45 extern struct ipopt_names ionames[];
46 extern int state, state, lineNum, token;
47 extern int yylineno;
48 extern char yytext[];
49 extern FILE *yyin;
50 int yylex __P((void));
51 #define YYDEBUG 1
52 int yydebug = 1;
53
54 iface_t *iflist = NULL, **iftail = &iflist;
55 iface_t *cifp = NULL;
56 arp_t *arplist = NULL, **arptail = &arplist, *carp = NULL;
57 struct in_addr defrouter;
58 send_t sending;
59 char *sclass = NULL;
60 u_short c_chksum(u_short *, u_int, u_long);
61 u_long p_chksum(u_short *, u_int);
62
63 u_long ipbuffer[67584/sizeof(u_long)]; /* 66K */
64 aniphdr_t *aniphead = NULL, *canip = NULL, **aniptail = &aniphead;
65 ip_t *ip = NULL;
66 udphdr_t *udp = NULL;
67 tcphdr_t *tcp = NULL;
68 icmphdr_t *icmp = NULL;
69
70 struct statetoopt {
71 int sto_st;
72 int sto_op;
73 };
74
75 struct in_addr getipv4addr(char *arg);
76 u_short getportnum(char *, char *);
77 struct ether_addr *geteaddr(char *, struct ether_addr *);
78 void *new_header(int);
79 void free_aniplist(void);
80 void inc_anipheaders(int);
81 void new_data(void);
82 void set_datalen(char **);
83 void set_datafile(char **);
84 void set_data(char **);
85 void new_packet(void);
86 void set_ipv4proto(char **);
87 void set_ipv4src(char **);
88 void set_ipv4dst(char **);
89 void set_ipv4off(char **);
90 void set_ipv4v(char **);
91 void set_ipv4hl(char **);
92 void set_ipv4ttl(char **);
93 void set_ipv4tos(char **);
94 void set_ipv4id(char **);
95 void set_ipv4sum(char **);
96 void set_ipv4len(char **);
97 void new_tcpheader(void);
98 void set_tcpsport(char **);
99 void set_tcpdport(char **);
100 void set_tcpseq(char **);
101 void set_tcpack(char **);
102 void set_tcpoff(char **);
103 void set_tcpurp(char **);
104 void set_tcpwin(char **);
105 void set_tcpsum(char **);
106 void set_tcpflags(char **);
107 void set_tcpopt(int, char **);
108 void end_tcpopt(void);
109 void new_udpheader(void);
110 void set_udplen(char **);
111 void set_udpsum(char **);
112 void prep_packet(void);
113 void packet_done(void);
114 void new_interface(void);
115 void check_interface(void);
116 void set_ifname(char **);
117 void set_ifmtu(int);
118 void set_ifv4addr(char **);
119 void set_ifeaddr(char **);
120 void new_arp(void);
121 void set_arpeaddr(char **);
122 void set_arpv4addr(char **);
123 void reset_send(void);
124 void set_sendif(char **);
125 void set_sendvia(char **);
126 void set_defaultrouter(char **);
127 void new_icmpheader(void);
128 void set_icmpcode(int);
129 void set_icmptype(int);
130 void set_icmpcodetok(char **);
131 void set_icmptypetok(char **);
132 void set_icmpid(int);
133 void set_icmpseq(int);
134 void set_icmpotime(int);
135 void set_icmprtime(int);
136 void set_icmpttime(int);
137 void set_icmpmtu(int);
138 void set_redir(int, char **);
139 void new_ipv4opt(void);
140 void set_icmppprob(int);
141 void add_ipopt(int, void *);
142 void end_ipopt(void);
143 void set_secclass(char **);
144 void free_anipheader(void);
145 void end_ipv4(void);
146 void end_icmp(void);
147 void end_udp(void);
148 void end_tcp(void);
149 void end_data(void);
150 void yyerror(char *);
151 void iplang(FILE *);
152 int arp_getipv4(char *, char *);
153 int yyparse(void);
154 %}
155 %union {
156 char *str;
157 int num;
158 }
159 %token <num> IL_NUMBER
160 %type <num> number digits optnumber
161 %token <str> IL_TOKEN
162 %type <str> token optoken
163 %token IL_HEXDIGIT IL_COLON IL_DOT IL_EOF IL_COMMENT
164 %token IL_INTERFACE IL_IFNAME IL_MTU IL_EADDR
165 %token IL_IPV4 IL_V4PROTO IL_V4SRC IL_V4DST IL_V4OFF IL_V4V IL_V4HL IL_V4TTL
166 %token IL_V4TOS IL_V4SUM IL_V4LEN IL_V4OPT IL_V4ID
167 %token IL_TCP IL_SPORT IL_DPORT IL_TCPFL IL_TCPSEQ IL_TCPACK IL_TCPOFF
168 %token IL_TCPWIN IL_TCPSUM IL_TCPURP IL_TCPOPT IL_TCPO_NOP IL_TCPO_EOL
169 %token IL_TCPO_MSS IL_TCPO_WSCALE IL_TCPO_TS
170 %token IL_UDP IL_UDPLEN IL_UDPSUM
171 %token IL_ICMP IL_ICMPTYPE IL_ICMPCODE
172 %token IL_SEND IL_VIA
173 %token IL_ARP
174 %token IL_DEFROUTER
175 %token IL_SUM IL_OFF IL_LEN IL_V4ADDR IL_OPT
176 %token IL_DATA IL_DLEN IL_DVALUE IL_DFILE
177 %token IL_IPO_NOP IL_IPO_RR IL_IPO_ZSU IL_IPO_MTUP IL_IPO_MTUR IL_IPO_EOL
178 %token IL_IPO_TS IL_IPO_TR IL_IPO_SEC IL_IPO_LSRR IL_IPO_ESEC
179 %token IL_IPO_SATID IL_IPO_SSRR IL_IPO_ADDEXT IL_IPO_VISA IL_IPO_IMITD
180 %token IL_IPO_EIP IL_IPO_FINN IL_IPO_SECCLASS IL_IPO_CIPSO IL_IPO_ENCODE
181 %token <str> IL_IPS_RESERV4 IL_IPS_TOPSECRET IL_IPS_SECRET IL_IPS_RESERV3
182 %token <str> IL_IPS_CONFID IL_IPS_UNCLASS IL_IPS_RESERV2 IL_IPS_RESERV1
183 %token IL_ICMP_ECHOREPLY IL_ICMP_UNREACH IL_ICMP_UNREACH_NET
184 %token IL_ICMP_UNREACH_HOST IL_ICMP_UNREACH_PROTOCOL IL_ICMP_UNREACH_PORT
185 %token IL_ICMP_UNREACH_NEEDFRAG IL_ICMP_UNREACH_SRCFAIL
186 %token IL_ICMP_UNREACH_NET_UNKNOWN IL_ICMP_UNREACH_HOST_UNKNOWN
187 %token IL_ICMP_UNREACH_ISOLATED IL_ICMP_UNREACH_NET_PROHIB
188 %token IL_ICMP_UNREACH_HOST_PROHIB IL_ICMP_UNREACH_TOSNET
189 %token IL_ICMP_UNREACH_TOSHOST IL_ICMP_UNREACH_FILTER_PROHIB
190 %token IL_ICMP_UNREACH_HOST_PRECEDENCE IL_ICMP_UNREACH_PRECEDENCE_CUTOFF
191 %token IL_ICMP_SOURCEQUENCH IL_ICMP_REDIRECT IL_ICMP_REDIRECT_NET
192 %token IL_ICMP_REDIRECT_HOST IL_ICMP_REDIRECT_TOSNET
193 %token IL_ICMP_REDIRECT_TOSHOST IL_ICMP_ECHO IL_ICMP_ROUTERADVERT
194 %token IL_ICMP_ROUTERSOLICIT IL_ICMP_TIMXCEED IL_ICMP_TIMXCEED_INTRANS
195 %token IL_ICMP_TIMXCEED_REASS IL_ICMP_PARAMPROB IL_ICMP_PARAMPROB_OPTABSENT
196 %token IL_ICMP_TSTAMP IL_ICMP_TSTAMPREPLY IL_ICMP_IREQ IL_ICMP_IREQREPLY
197 %token IL_ICMP_MASKREQ IL_ICMP_MASKREPLY IL_ICMP_SEQ IL_ICMP_ID
198 %token IL_ICMP_OTIME IL_ICMP_RTIME IL_ICMP_TTIME
199
200 %%
201 file: line
202 | line file
203 | IL_COMMENT
204 | IL_COMMENT file
205 ;
206
207 line: iface
208 | arp
209 | send
210 | defrouter
211 | ipline
212 ;
213
214 iface: ifhdr '{' ifaceopts '}' ';' { check_interface(); }
215 ;
216
217 ifhdr: IL_INTERFACE { new_interface(); }
218 ;
219
220 ifaceopts:
221 ifaceopt
222 | ifaceopt ifaceopts
223 ;
224
225 ifaceopt:
226 IL_IFNAME token { set_ifname(&$2); }
227 | IL_MTU number { set_ifmtu($2); }
228 | IL_V4ADDR token { set_ifv4addr(&$2); }
229 | IL_EADDR token { set_ifeaddr(&$2); }
230 ;
231
232 send: sendhdr '{' sendbody '}' ';' { packet_done(); }
233 | sendhdr ';' { packet_done(); }
234 ;
235
236 sendhdr:
237 IL_SEND { reset_send(); }
238 ;
239
240 sendbody:
241 sendopt
242 | sendbody sendopt
243 ;
244
245 sendopt:
246 IL_IFNAME token { set_sendif(&$2); }
247 | IL_VIA token { set_sendvia(&$2); }
248 ;
249
250 arp: arphdr '{' arpbody '}' ';'
251 ;
252
253 arphdr: IL_ARP { new_arp(); }
254 ;
255
256 arpbody:
257 arpopt
258 | arpbody arpopt
259 ;
260
261 arpopt: IL_V4ADDR token { set_arpv4addr(&$2); }
262 | IL_EADDR token { set_arpeaddr(&$2); }
263 ;
264
265 defrouter:
266 IL_DEFROUTER token { set_defaultrouter(&$2); }
267 ;
268
269 bodyline:
270 ipline
271 | tcp tcpline
272 | udp udpline
273 | icmp icmpline
274 | data dataline
275 ;
276
277 ipline: ipv4 '{' ipv4body '}' ';' { end_ipv4(); }
278 ;
279
280 ipv4: IL_IPV4 { new_packet(); }
281
282 ipv4body:
283 ipv4type
284 | ipv4type ipv4body
285 | bodyline
286 ;
287
288 ipv4type:
289 IL_V4PROTO token { set_ipv4proto(&$2); }
290 | IL_V4SRC token { set_ipv4src(&$2); }
291 | IL_V4DST token { set_ipv4dst(&$2); }
292 | IL_V4OFF token { set_ipv4off(&$2); }
293 | IL_V4V token { set_ipv4v(&$2); }
294 | IL_V4HL token { set_ipv4hl(&$2); }
295 | IL_V4ID token { set_ipv4id(&$2); }
296 | IL_V4TTL token { set_ipv4ttl(&$2); }
297 | IL_V4TOS token { set_ipv4tos(&$2); }
298 | IL_V4SUM token { set_ipv4sum(&$2); }
299 | IL_V4LEN token { set_ipv4len(&$2); }
300 | ipv4opt '{' ipv4optlist '}' ';' { end_ipopt(); }
301 ;
302
303 tcp: IL_TCP { new_tcpheader(); }
304 ;
305
306 tcpline:
307 '{' tcpheader '}' ';' { end_tcp(); }
308 ;
309
310 tcpheader:
311 tcpbody
312 | tcpbody tcpheader
313 | bodyline
314 ;
315
316 tcpbody:
317 IL_SPORT token { set_tcpsport(&$2); }
318 | IL_DPORT token { set_tcpdport(&$2); }
319 | IL_TCPSEQ token { set_tcpseq(&$2); }
320 | IL_TCPACK token { set_tcpack(&$2); }
321 | IL_TCPOFF token { set_tcpoff(&$2); }
322 | IL_TCPURP token { set_tcpurp(&$2); }
323 | IL_TCPWIN token { set_tcpwin(&$2); }
324 | IL_TCPSUM token { set_tcpsum(&$2); }
325 | IL_TCPFL token { set_tcpflags(&$2); }
326 | IL_TCPOPT '{' tcpopts '}' ';' { end_tcpopt(); }
327 ;
328
329 tcpopts:
330 | tcpopt tcpopts
331 ;
332
333 tcpopt: IL_TCPO_NOP ';' { set_tcpopt(IL_TCPO_NOP, NULL); }
334 | IL_TCPO_EOL ';' { set_tcpopt(IL_TCPO_EOL, NULL); }
335 | IL_TCPO_MSS optoken { set_tcpopt(IL_TCPO_MSS,&$2);}
336 | IL_TCPO_WSCALE optoken { set_tcpopt(IL_TCPO_WSCALE,&$2);}
337 | IL_TCPO_TS optoken { set_tcpopt(IL_TCPO_TS, &$2);}
338 ;
339
340 udp: IL_UDP { new_udpheader(); }
341 ;
342
343 udpline:
344 '{' udpheader '}' ';' { end_udp(); }
345 ;
346
347
348 udpheader:
349 udpbody
350 | udpbody udpheader
351 | bodyline
352 ;
353
354 udpbody:
355 IL_SPORT token { set_tcpsport(&$2); }
356 | IL_DPORT token { set_tcpdport(&$2); }
357 | IL_UDPLEN token { set_udplen(&$2); }
358 | IL_UDPSUM token { set_udpsum(&$2); }
359 ;
360
361 icmp: IL_ICMP { new_icmpheader(); }
362 ;
363
364 icmpline:
365 '{' icmpbody '}' ';' { end_icmp(); }
366 ;
367
368 icmpbody:
369 icmpheader
370 | icmpheader bodyline
371 ;
372
373 icmpheader:
374 IL_ICMPTYPE icmptype
375 | IL_ICMPTYPE icmptype icmpcode
376 ;
377
378 icmpcode:
379 IL_ICMPCODE token { set_icmpcodetok(&$2); }
380 ;
381
382 icmptype:
383 IL_ICMP_ECHOREPLY ';' { set_icmptype(ICMP_ECHOREPLY); }
384 | IL_ICMP_ECHOREPLY '{' icmpechoopts '}' ';'
385 | unreach
386 | IL_ICMP_SOURCEQUENCH ';' { set_icmptype(ICMP_SOURCEQUENCH); }
387 | redirect
388 | IL_ICMP_ROUTERADVERT ';' { set_icmptype(ICMP_ROUTERADVERT); }
389 | IL_ICMP_ROUTERSOLICIT ';' { set_icmptype(ICMP_ROUTERSOLICIT); }
390 | IL_ICMP_ECHO ';' { set_icmptype(ICMP_ECHO); }
391 | IL_ICMP_ECHO '{' icmpechoopts '}' ';'
392 | IL_ICMP_TIMXCEED ';' { set_icmptype(ICMP_TIMXCEED); }
393 | IL_ICMP_TIMXCEED '{' exceed '}' ';'
394 | IL_ICMP_TSTAMP ';' { set_icmptype(ICMP_TSTAMP); }
395 | IL_ICMP_TSTAMPREPLY ';' { set_icmptype(ICMP_TSTAMPREPLY); }
396 | IL_ICMP_TSTAMPREPLY '{' icmptsopts '}' ';'
397 | IL_ICMP_IREQ ';' { set_icmptype(ICMP_IREQ); }
398 | IL_ICMP_IREQREPLY ';' { set_icmptype(ICMP_IREQREPLY); }
399 | IL_ICMP_IREQREPLY '{' data dataline '}' ';'
400 | IL_ICMP_MASKREQ ';' { set_icmptype(ICMP_MASKREQ); }
401 | IL_ICMP_MASKREPLY ';' { set_icmptype(ICMP_MASKREPLY); }
402 | IL_ICMP_MASKREPLY '{' token '}' ';'
403 | IL_ICMP_PARAMPROB ';' { set_icmptype(ICMP_PARAMPROB); }
404 | IL_ICMP_PARAMPROB '{' paramprob '}' ';'
405 | IL_TOKEN ';' { set_icmptypetok(&$1); }
406 ;
407
408 icmpechoopts:
409 | icmpechoopts icmpecho
410 ;
411
412 icmpecho:
413 IL_ICMP_SEQ number { set_icmpseq($2); }
414 | IL_ICMP_ID number { set_icmpid($2); }
415 ;
416
417 icmptsopts:
418 | icmptsopts icmpts ';'
419 ;
420
421 icmpts: IL_ICMP_OTIME number { set_icmpotime($2); }
422 | IL_ICMP_RTIME number { set_icmprtime($2); }
423 | IL_ICMP_TTIME number { set_icmpttime($2); }
424 ;
425
426 unreach:
427 IL_ICMP_UNREACH
428 | IL_ICMP_UNREACH '{' unreachopts '}' ';'
429 ;
430
431 unreachopts:
432 IL_ICMP_UNREACH_NET line
433 | IL_ICMP_UNREACH_HOST line
434 | IL_ICMP_UNREACH_PROTOCOL line
435 | IL_ICMP_UNREACH_PORT line
436 | IL_ICMP_UNREACH_NEEDFRAG number ';' { set_icmpmtu($2); }
437 | IL_ICMP_UNREACH_SRCFAIL line
438 | IL_ICMP_UNREACH_NET_UNKNOWN line
439 | IL_ICMP_UNREACH_HOST_UNKNOWN line
440 | IL_ICMP_UNREACH_ISOLATED line
441 | IL_ICMP_UNREACH_NET_PROHIB line
442 | IL_ICMP_UNREACH_HOST_PROHIB line
443 | IL_ICMP_UNREACH_TOSNET line
444 | IL_ICMP_UNREACH_TOSHOST line
445 | IL_ICMP_UNREACH_FILTER_PROHIB line
446 | IL_ICMP_UNREACH_HOST_PRECEDENCE line
447 | IL_ICMP_UNREACH_PRECEDENCE_CUTOFF line
448 ;
449
450 redirect:
451 IL_ICMP_REDIRECT
452 | IL_ICMP_REDIRECT '{' redirectopts '}' ';'
453 ;
454
455 redirectopts:
456 | IL_ICMP_REDIRECT_NET token { set_redir(0, &$2); }
457 | IL_ICMP_REDIRECT_HOST token { set_redir(1, &$2); }
458 | IL_ICMP_REDIRECT_TOSNET token { set_redir(2, &$2); }
459 | IL_ICMP_REDIRECT_TOSHOST token { set_redir(3, &$2); }
460 ;
461
462 exceed:
463 IL_ICMP_TIMXCEED_INTRANS line
464 | IL_ICMP_TIMXCEED_REASS line
465 ;
466
467 paramprob:
468 IL_ICMP_PARAMPROB_OPTABSENT
469 | IL_ICMP_PARAMPROB_OPTABSENT paraprobarg
470
471 paraprobarg:
472 '{' number '}' ';' { set_icmppprob($2); }
473 ;
474
475 ipv4opt: IL_V4OPT { new_ipv4opt(); }
476 ;
477
478 ipv4optlist:
479 | ipv4opts ipv4optlist
480 ;
481
482 ipv4opts:
483 IL_IPO_NOP ';' { add_ipopt(IL_IPO_NOP, NULL); }
484 | IL_IPO_RR optnumber { add_ipopt(IL_IPO_RR, &$2); }
485 | IL_IPO_ZSU ';' { add_ipopt(IL_IPO_ZSU, NULL); }
486 | IL_IPO_MTUP ';' { add_ipopt(IL_IPO_MTUP, NULL); }
487 | IL_IPO_MTUR ';' { add_ipopt(IL_IPO_MTUR, NULL); }
488 | IL_IPO_ENCODE ';' { add_ipopt(IL_IPO_ENCODE, NULL); }
489 | IL_IPO_TS ';' { add_ipopt(IL_IPO_TS, NULL); }
490 | IL_IPO_TR ';' { add_ipopt(IL_IPO_TR, NULL); }
491 | IL_IPO_SEC ';' { add_ipopt(IL_IPO_SEC, NULL); }
492 | IL_IPO_SECCLASS secclass { add_ipopt(IL_IPO_SECCLASS, sclass); }
493 | IL_IPO_LSRR token { add_ipopt(IL_IPO_LSRR,&$2); }
494 | IL_IPO_ESEC ';' { add_ipopt(IL_IPO_ESEC, NULL); }
495 | IL_IPO_CIPSO ';' { add_ipopt(IL_IPO_CIPSO, NULL); }
496 | IL_IPO_SATID optnumber { add_ipopt(IL_IPO_SATID,&$2);}
497 | IL_IPO_SSRR token { add_ipopt(IL_IPO_SSRR,&$2); }
498 | IL_IPO_ADDEXT ';' { add_ipopt(IL_IPO_ADDEXT, NULL); }
499 | IL_IPO_VISA ';' { add_ipopt(IL_IPO_VISA, NULL); }
500 | IL_IPO_IMITD ';' { add_ipopt(IL_IPO_IMITD, NULL); }
501 | IL_IPO_EIP ';' { add_ipopt(IL_IPO_EIP, NULL); }
502 | IL_IPO_FINN ';' { add_ipopt(IL_IPO_FINN, NULL); }
503 ;
504
505 secclass:
506 IL_IPS_RESERV4 ';' { set_secclass(&$1); }
507 | IL_IPS_TOPSECRET ';' { set_secclass(&$1); }
508 | IL_IPS_SECRET ';' { set_secclass(&$1); }
509 | IL_IPS_RESERV3 ';' { set_secclass(&$1); }
510 | IL_IPS_CONFID ';' { set_secclass(&$1); }
511 | IL_IPS_UNCLASS ';' { set_secclass(&$1); }
512 | IL_IPS_RESERV2 ';' { set_secclass(&$1); }
513 | IL_IPS_RESERV1 ';' { set_secclass(&$1); }
514 ;
515
516 data: IL_DATA { new_data(); }
517 ;
518
519 dataline:
520 '{' databody '}' ';' { end_data(); }
521 ;
522
523 databody: dataopts
524 | dataopts databody
525 ;
526
527 dataopts:
528 IL_DLEN token { set_datalen(&$2); }
529 | IL_DVALUE token { set_data(&$2); }
530 | IL_DFILE token { set_datafile(&$2); }
531 ;
532
533 token: IL_TOKEN ';'
534 ;
535
536 optoken: ';' { $$ = ""; }
537 | token
538 ;
539
540 number: digits ';'
541 ;
542
543 optnumber: ';' { $$ = 0; }
544 | number
545 ;
546
547 digits: IL_NUMBER
548 | digits IL_NUMBER
549 ;
550 %%
551
552 struct statetoopt toipopts[] = {
553 { IL_IPO_NOP, IPOPT_NOP },
554 { IL_IPO_RR, IPOPT_RR },
555 { IL_IPO_ZSU, IPOPT_ZSU },
556 { IL_IPO_MTUP, IPOPT_MTUP },
557 { IL_IPO_MTUR, IPOPT_MTUR },
558 { IL_IPO_ENCODE, IPOPT_ENCODE },
559 { IL_IPO_TS, IPOPT_TS },
560 { IL_IPO_TR, IPOPT_TR },
561 { IL_IPO_SEC, IPOPT_SECURITY },
562 { IL_IPO_SECCLASS, IPOPT_SECURITY },
563 { IL_IPO_LSRR, IPOPT_LSRR },
564 { IL_IPO_ESEC, IPOPT_E_SEC },
565 { IL_IPO_CIPSO, IPOPT_CIPSO },
566 { IL_IPO_SATID, IPOPT_SATID },
567 { IL_IPO_SSRR, IPOPT_SSRR },
568 { IL_IPO_ADDEXT, IPOPT_ADDEXT },
569 { IL_IPO_VISA, IPOPT_VISA },
570 { IL_IPO_IMITD, IPOPT_IMITD },
571 { IL_IPO_EIP, IPOPT_EIP },
572 { IL_IPO_FINN, IPOPT_FINN },
573 { 0, 0 }
574 };
575
576 struct statetoopt tosecopts[] = {
577 { IL_IPS_RESERV4, IPSO_CLASS_RES4 },
578 { IL_IPS_TOPSECRET, IPSO_CLASS_TOPS },
579 { IL_IPS_SECRET, IPSO_CLASS_SECR },
580 { IL_IPS_RESERV3, IPSO_CLASS_RES3 },
581 { IL_IPS_CONFID, IPSO_CLASS_CONF },
582 { IL_IPS_UNCLASS, IPSO_CLASS_UNCL },
583 { IL_IPS_RESERV2, IPSO_CLASS_RES2 },
584 { IL_IPS_RESERV1, IPSO_CLASS_RES1 },
585 { 0, 0 }
586 };
587
588
getipv4addr(arg)589 struct in_addr getipv4addr(arg)
590 char *arg;
591 {
592 struct hostent *hp;
593 struct in_addr in;
594
595 in.s_addr = 0xffffffff;
596
597 if ((hp = gethostbyname(arg)))
598 bcopy(hp->h_addr, &in.s_addr, sizeof(struct in_addr));
599 else
600 in.s_addr = inet_addr(arg);
601 return(in);
602 }
603
604
getportnum(pr,name)605 u_short getportnum(pr, name)
606 char *pr, *name;
607 {
608 struct servent *sp;
609
610 if (!(sp = getservbyname(name, pr)))
611 return(htons(atoi(name)));
612 return(sp->s_port);
613 }
614
615
geteaddr(char * arg,struct ether_addr * buf)616 struct ether_addr *geteaddr(char *arg, struct ether_addr *buf)
617 {
618 struct ether_addr *e;
619
620 e = ether_aton(arg);
621 if (!e)
622 fprintf(stderr, "Invalid ethernet address: %s\n", arg);
623 else
624 # ifdef __FreeBSD__
625 bcopy(e->octet, buf->octet, sizeof(e->octet));
626 # else
627 bcopy(e->ether_addr_octet, buf->ether_addr_octet,
628 sizeof(e->ether_addr_octet));
629 # endif
630 return(e);
631 }
632
633
new_header(int type)634 void *new_header(int type)
635 {
636 aniphdr_t *aip, *oip = canip;
637 int sz = 0;
638
639 aip = (aniphdr_t *)calloc(1, sizeof(*aip));
640 *aniptail = aip;
641 aniptail = &aip->ah_next;
642 aip->ah_p = type;
643 aip->ah_prev = oip;
644 canip = aip;
645
646 if (type == IPPROTO_UDP)
647 sz = sizeof(udphdr_t);
648 else if (type == IPPROTO_TCP)
649 sz = sizeof(tcphdr_t);
650 else if (type == IPPROTO_ICMP)
651 sz = sizeof(icmphdr_t);
652 else if (type == IPPROTO_IP)
653 sz = sizeof(ip_t);
654
655 if (oip)
656 canip->ah_data = oip->ah_data + oip->ah_len;
657 else
658 canip->ah_data = (char *)ipbuffer;
659
660 /*
661 * Increase the size fields in all wrapping headers.
662 */
663 for (aip = aniphead; aip; aip = aip->ah_next) {
664 aip->ah_len += sz;
665 if (aip->ah_p == IPPROTO_IP)
666 aip->ah_ip->ip_len += sz;
667 else if (aip->ah_p == IPPROTO_UDP)
668 aip->ah_udp->uh_ulen += sz;
669 }
670 return(void *)canip->ah_data;
671 }
672
673
free_aniplist(void)674 void free_aniplist(void)
675 {
676 aniphdr_t *aip, **aipp = &aniphead;
677
678 while ((aip = *aipp)) {
679 *aipp = aip->ah_next;
680 free(aip);
681 }
682 aniptail = &aniphead;
683 }
684
685
inc_anipheaders(int inc)686 void inc_anipheaders(int inc)
687 {
688 aniphdr_t *aip;
689
690 for (aip = aniphead; aip; aip = aip->ah_next) {
691 aip->ah_len += inc;
692 if (aip->ah_p == IPPROTO_IP)
693 aip->ah_ip->ip_len += inc;
694 else if (aip->ah_p == IPPROTO_UDP)
695 aip->ah_udp->uh_ulen += inc;
696 }
697 }
698
699
new_data(void)700 void new_data(void)
701 {
702 (void) new_header(-1);
703 canip->ah_len = 0;
704 }
705
706
set_datalen(char ** arg)707 void set_datalen(char **arg)
708 {
709 int len;
710
711 len = strtol(*arg, NULL, 0);
712 inc_anipheaders(len);
713 free(*arg);
714 *arg = NULL;
715 }
716
717
set_data(char ** arg)718 void set_data(char **arg)
719 {
720 u_char *s = (u_char *)*arg, *t = (u_char *)canip->ah_data, c;
721 int len = 0, todo = 0, quote = 0, val = 0;
722
723 while ((c = *s++)) {
724 if (todo) {
725 if (ISDIGIT(c)) {
726 todo--;
727 if (c > '7') {
728 fprintf(stderr, "octal with %c!\n", c);
729 break;
730 }
731 val <<= 3;
732 val |= (c - '0');
733 }
734 if (!ISDIGIT(c) || !todo) {
735 *t++ = (u_char)(val & 0xff);
736 todo = 0;
737 }
738 if (todo)
739 continue;
740 }
741 if (quote) {
742 if (ISDIGIT(c)) {
743 todo = 2;
744 if (c > '7') {
745 fprintf(stderr, "octal with %c!\n", c);
746 break;
747 }
748 val = (c - '0');
749 } else {
750 switch (c)
751 {
752 case '\"' :
753 *t++ = '\"';
754 break;
755 case '\\' :
756 *t++ = '\\';
757 break;
758 case 'n' :
759 *t++ = '\n';
760 break;
761 case 'r' :
762 *t++ = '\r';
763 break;
764 case 't' :
765 *t++ = '\t';
766 break;
767 }
768 }
769 quote = 0;
770 continue;
771 }
772
773 if (c == '\\')
774 quote = 1;
775 else
776 *t++ = c;
777 }
778 if (todo)
779 *t++ = (u_char)(val & 0xff);
780 if (quote)
781 *t++ = '\\';
782 len = t - (u_char *)canip->ah_data;
783 inc_anipheaders(len - canip->ah_len);
784 canip->ah_len = len;
785 }
786
787
set_datafile(char ** arg)788 void set_datafile(char **arg)
789 {
790 struct stat sb;
791 char *file = *arg;
792 int fd, len;
793
794 if ((fd = open(file, O_RDONLY)) == -1) {
795 perror("open");
796 exit(-1);
797 }
798
799 if (fstat(fd, &sb) == -1) {
800 perror("fstat");
801 exit(-1);
802 }
803
804 if ((sb.st_size + aniphead->ah_len ) > 65535) {
805 fprintf(stderr, "data file %s too big to include.\n", file);
806 close(fd);
807 return;
808 }
809 if ((len = read(fd, canip->ah_data, sb.st_size)) == -1) {
810 perror("read");
811 close(fd);
812 return;
813 }
814 inc_anipheaders(len);
815 canip->ah_len += len;
816 close(fd);
817 }
818
819
new_packet(void)820 void new_packet(void)
821 {
822 static u_short id = 0;
823
824 if (!aniphead)
825 bzero((char *)ipbuffer, sizeof(ipbuffer));
826
827 ip = (ip_t *)new_header(IPPROTO_IP);
828 ip->ip_v = IPVERSION;
829 ip->ip_hl = sizeof(ip_t) >> 2;
830 ip->ip_len = sizeof(ip_t);
831 ip->ip_ttl = 63;
832 ip->ip_id = htons(id++);
833 }
834
835
set_ipv4proto(arg)836 void set_ipv4proto(arg)
837 char **arg;
838 {
839 struct protoent *pr;
840
841 if ((pr = getprotobyname(*arg)))
842 ip->ip_p = pr->p_proto;
843 else
844 if (!(ip->ip_p = atoi(*arg)))
845 fprintf(stderr, "unknown protocol %s\n", *arg);
846 free(*arg);
847 *arg = NULL;
848 }
849
850
set_ipv4src(char ** arg)851 void set_ipv4src(char **arg)
852 {
853 ip->ip_src = getipv4addr(*arg);
854 free(*arg);
855 *arg = NULL;
856 }
857
858
set_ipv4dst(char ** arg)859 void set_ipv4dst(char **arg)
860 {
861 ip->ip_dst = getipv4addr(*arg);
862 free(*arg);
863 *arg = NULL;
864 }
865
866
set_ipv4off(char ** arg)867 void set_ipv4off(char **arg)
868 {
869 ip->ip_off = htons(strtol(*arg, NULL, 0));
870 free(*arg);
871 *arg = NULL;
872 }
873
874
set_ipv4v(char ** arg)875 void set_ipv4v(char **arg)
876 {
877 ip->ip_v = strtol(*arg, NULL, 0);
878 free(*arg);
879 *arg = NULL;
880 }
881
882
set_ipv4hl(char ** arg)883 void set_ipv4hl(char **arg)
884 {
885 int newhl, inc;
886
887 newhl = strtol(*arg, NULL, 0);
888 inc = (newhl - ip->ip_hl) << 2;
889 ip->ip_len += inc;
890 ip->ip_hl = newhl;
891 canip->ah_len += inc;
892 free(*arg);
893 *arg = NULL;
894 }
895
896
set_ipv4ttl(char ** arg)897 void set_ipv4ttl(char **arg)
898 {
899 ip->ip_ttl = strtol(*arg, NULL, 0);
900 free(*arg);
901 *arg = NULL;
902 }
903
904
set_ipv4tos(char ** arg)905 void set_ipv4tos(char **arg)
906 {
907 ip->ip_tos = strtol(*arg, NULL, 0);
908 free(*arg);
909 *arg = NULL;
910 }
911
912
set_ipv4id(char ** arg)913 void set_ipv4id(char **arg)
914 {
915 ip->ip_id = htons(strtol(*arg, NULL, 0));
916 free(*arg);
917 *arg = NULL;
918 }
919
920
set_ipv4sum(char ** arg)921 void set_ipv4sum(char **arg)
922 {
923 ip->ip_sum = strtol(*arg, NULL, 0);
924 free(*arg);
925 *arg = NULL;
926 }
927
928
set_ipv4len(char ** arg)929 void set_ipv4len(char **arg)
930 {
931 int len;
932
933 len = strtol(*arg, NULL, 0);
934 inc_anipheaders(len - ip->ip_len);
935 ip->ip_len = len;
936 free(*arg);
937 *arg = NULL;
938 }
939
940
new_tcpheader(void)941 void new_tcpheader(void)
942 {
943
944 if ((ip->ip_p) && (ip->ip_p != IPPROTO_TCP)) {
945 fprintf(stderr, "protocol %d specified with TCP!\n", ip->ip_p);
946 return;
947 }
948 ip->ip_p = IPPROTO_TCP;
949
950 tcp = (tcphdr_t *)new_header(IPPROTO_TCP);
951 tcp->th_win = htons(4096);
952 tcp->th_off = sizeof(*tcp) >> 2;
953 }
954
955
set_tcpsport(char ** arg)956 void set_tcpsport(char **arg)
957 {
958 u_short *port;
959 char *pr;
960
961 if (ip->ip_p == IPPROTO_UDP) {
962 port = &udp->uh_sport;
963 pr = "udp";
964 } else {
965 port = &tcp->th_sport;
966 pr = "udp";
967 }
968
969 *port = getportnum(pr, *arg);
970 free(*arg);
971 *arg = NULL;
972 }
973
974
set_tcpdport(char ** arg)975 void set_tcpdport(char **arg)
976 {
977 u_short *port;
978 char *pr;
979
980 if (ip->ip_p == IPPROTO_UDP) {
981 port = &udp->uh_dport;
982 pr = "udp";
983 } else {
984 port = &tcp->th_dport;
985 pr = "udp";
986 }
987
988 *port = getportnum(pr, *arg);
989 free(*arg);
990 *arg = NULL;
991 }
992
993
set_tcpseq(char ** arg)994 void set_tcpseq(char **arg)
995 {
996 tcp->th_seq = htonl(strtol(*arg, NULL, 0));
997 free(*arg);
998 *arg = NULL;
999 }
1000
1001
set_tcpack(char ** arg)1002 void set_tcpack(char **arg)
1003 {
1004 tcp->th_ack = htonl(strtol(*arg, NULL, 0));
1005 free(*arg);
1006 *arg = NULL;
1007 }
1008
1009
set_tcpoff(char ** arg)1010 void set_tcpoff(char **arg)
1011 {
1012 int off;
1013
1014 off = strtol(*arg, NULL, 0);
1015 inc_anipheaders((off - tcp->th_off) << 2);
1016 tcp->th_off = off;
1017 free(*arg);
1018 *arg = NULL;
1019 }
1020
1021
set_tcpurp(char ** arg)1022 void set_tcpurp(char **arg)
1023 {
1024 tcp->th_urp = htons(strtol(*arg, NULL, 0));
1025 free(*arg);
1026 *arg = NULL;
1027 }
1028
1029
set_tcpwin(char ** arg)1030 void set_tcpwin(char **arg)
1031 {
1032 tcp->th_win = htons(strtol(*arg, NULL, 0));
1033 free(*arg);
1034 *arg = NULL;
1035 }
1036
1037
set_tcpsum(char ** arg)1038 void set_tcpsum(char **arg)
1039 {
1040 tcp->th_sum = strtol(*arg, NULL, 0);
1041 free(*arg);
1042 *arg = NULL;
1043 }
1044
1045
set_tcpflags(char ** arg)1046 void set_tcpflags(char **arg)
1047 {
1048 static char flags[] = "ASURPF";
1049 static int flagv[] = { TH_ACK, TH_SYN, TH_URG, TH_RST, TH_PUSH,
1050 TH_FIN } ;
1051 char *s, *t;
1052
1053 for (s = *arg; *s; s++)
1054 if (!(t = strchr(flags, *s))) {
1055 if (s - *arg) {
1056 fprintf(stderr, "unknown TCP flag %c\n", *s);
1057 break;
1058 }
1059 tcp->th_flags = strtol(*arg, NULL, 0);
1060 break;
1061 } else
1062 tcp->th_flags |= flagv[t - flags];
1063 free(*arg);
1064 *arg = NULL;
1065 }
1066
1067
set_tcpopt(int state,char ** arg)1068 void set_tcpopt(int state, char **arg)
1069 {
1070 u_char *s;
1071 int val, len, val2, pad, optval;
1072
1073 if (arg && *arg)
1074 val = atoi(*arg);
1075 else
1076 val = 0;
1077
1078 s = (u_char *)tcp + sizeof(*tcp) + canip->ah_optlen;
1079 switch (state)
1080 {
1081 case IL_TCPO_EOL :
1082 optval = 0;
1083 len = 1;
1084 break;
1085 case IL_TCPO_NOP :
1086 optval = 1;
1087 len = 1;
1088 break;
1089 case IL_TCPO_MSS :
1090 optval = 2;
1091 len = 4;
1092 break;
1093 case IL_TCPO_WSCALE :
1094 optval = 3;
1095 len = 3;
1096 break;
1097 case IL_TCPO_TS :
1098 optval = 8;
1099 len = 10;
1100 break;
1101 default :
1102 optval = 0;
1103 len = 0;
1104 break;
1105 }
1106
1107 if (len > 1) {
1108 /*
1109 * prepend padding - if required.
1110 */
1111 if (len & 3)
1112 for (pad = 4 - (len & 3); pad; pad--) {
1113 *s++ = 1;
1114 canip->ah_optlen++;
1115 }
1116 /*
1117 * build tcp option
1118 */
1119 *s++ = (u_char)optval;
1120 *s++ = (u_char)len;
1121 if (len > 2) {
1122 if (len == 3) { /* 1 byte - char */
1123 *s++ = (u_char)val;
1124 } else if (len == 4) { /* 2 bytes - short */
1125 *s++ = (u_char)((val >> 8) & 0xff);
1126 *s++ = (u_char)(val & 0xff);
1127 } else if (len >= 6) { /* 4 bytes - long */
1128 val2 = htonl(val);
1129 bcopy((char *)&val2, s, 4);
1130 }
1131 s += (len - 2);
1132 }
1133 } else
1134 *s++ = (u_char)optval;
1135
1136 canip->ah_lastopt = optval;
1137 canip->ah_optlen += len;
1138
1139 if (arg && *arg) {
1140 free(*arg);
1141 *arg = NULL;
1142 }
1143 }
1144
1145
end_tcpopt(void)1146 void end_tcpopt(void)
1147 {
1148 int pad;
1149 char *s = (char *)tcp;
1150
1151 s += sizeof(*tcp) + canip->ah_optlen;
1152 /*
1153 * pad out so that we have a multiple of 4 bytes in size fo the
1154 * options. make sure last byte is EOL.
1155 */
1156 if (canip->ah_optlen & 3) {
1157 if (canip->ah_lastopt != 1) {
1158 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1159 *s++ = 1;
1160 canip->ah_optlen++;
1161 }
1162 canip->ah_optlen++;
1163 } else {
1164 s -= 1;
1165
1166 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1167 *s++ = 1;
1168 canip->ah_optlen++;
1169 }
1170 }
1171 *s++ = 0;
1172 }
1173 tcp->th_off = (sizeof(*tcp) + canip->ah_optlen) >> 2;
1174 inc_anipheaders(canip->ah_optlen);
1175 }
1176
1177
new_udpheader(void)1178 void new_udpheader(void)
1179 {
1180 if ((ip->ip_p) && (ip->ip_p != IPPROTO_UDP)) {
1181 fprintf(stderr, "protocol %d specified with UDP!\n", ip->ip_p);
1182 return;
1183 }
1184 ip->ip_p = IPPROTO_UDP;
1185
1186 udp = (udphdr_t *)new_header(IPPROTO_UDP);
1187 udp->uh_ulen = sizeof(*udp);
1188 }
1189
1190
set_udplen(arg)1191 void set_udplen(arg)
1192 char **arg;
1193 {
1194 int len;
1195
1196 len = strtol(*arg, NULL, 0);
1197 inc_anipheaders(len - udp->uh_ulen);
1198 udp->uh_ulen = len;
1199 free(*arg);
1200 *arg = NULL;
1201 }
1202
1203
set_udpsum(char ** arg)1204 void set_udpsum(char **arg)
1205 {
1206 udp->uh_sum = strtol(*arg, NULL, 0);
1207 free(*arg);
1208 *arg = NULL;
1209 }
1210
1211
prep_packet(void)1212 void prep_packet(void)
1213 {
1214 iface_t *ifp;
1215 struct in_addr gwip;
1216
1217 ifp = sending.snd_if;
1218 if (!ifp) {
1219 fprintf(stderr, "no interface defined for sending!\n");
1220 return;
1221 }
1222 if (ifp->if_fd == -1)
1223 ifp->if_fd = initdevice(ifp->if_name, 5);
1224 gwip = sending.snd_gw;
1225 if (!gwip.s_addr) {
1226 if (aniphead == NULL) {
1227 fprintf(stderr,
1228 "no destination address defined for sending\n");
1229 return;
1230 }
1231 gwip = aniphead->ah_ip->ip_dst;
1232 }
1233 (void) send_ip(ifp->if_fd, ifp->if_MTU, (ip_t *)ipbuffer, gwip, 2);
1234 }
1235
1236
packet_done(void)1237 void packet_done(void)
1238 {
1239 char outline[80];
1240 int i, j, k;
1241 u_char *s = (u_char *)ipbuffer, *t = (u_char *)outline;
1242
1243 if (opts & OPT_VERBOSE) {
1244 ip->ip_len = htons(ip->ip_len);
1245 for (i = ntohs(ip->ip_len), j = 0; i; i--, j++, s++) {
1246 if (j && !(j & 0xf)) {
1247 *t++ = '\n';
1248 *t = '\0';
1249 fputs(outline, stdout);
1250 fflush(stdout);
1251 t = (u_char *)outline;
1252 *t = '\0';
1253 }
1254 sprintf((char *)t, "%02x", *s & 0xff);
1255 t += 2;
1256 if (!((j + 1) & 0xf)) {
1257 s -= 15;
1258 sprintf((char *)t, " ");
1259 t += 8;
1260 for (k = 16; k; k--, s++)
1261 *t++ = (isprint(*s) ? *s : '.');
1262 s--;
1263 }
1264
1265 if ((j + 1) & 0xf)
1266 *t++ = ' ';;
1267 }
1268
1269 if (j & 0xf) {
1270 for (k = 16 - (j & 0xf); k; k--) {
1271 *t++ = ' ';
1272 *t++ = ' ';
1273 *t++ = ' ';
1274 }
1275 sprintf((char *)t, " ");
1276 t += 7;
1277 s -= j & 0xf;
1278 for (k = j & 0xf; k; k--, s++)
1279 *t++ = (isprint(*s) ? *s : '.');
1280 *t++ = '\n';
1281 *t = '\0';
1282 }
1283 fputs(outline, stdout);
1284 fflush(stdout);
1285 ip->ip_len = ntohs(ip->ip_len);
1286 }
1287
1288 prep_packet();
1289 free_aniplist();
1290 }
1291
1292
new_interface(void)1293 void new_interface(void)
1294 {
1295 cifp = (iface_t *)calloc(1, sizeof(iface_t));
1296 *iftail = cifp;
1297 iftail = &cifp->if_next;
1298 cifp->if_fd = -1;
1299 }
1300
1301
check_interface(void)1302 void check_interface(void)
1303 {
1304 if (!cifp->if_name || !*cifp->if_name)
1305 fprintf(stderr, "No interface name given!\n");
1306 if (!cifp->if_MTU || !*cifp->if_name)
1307 fprintf(stderr, "Interface %s has an MTU of 0!\n",
1308 cifp->if_name);
1309 }
1310
1311
set_ifname(char ** arg)1312 void set_ifname(char **arg)
1313 {
1314 cifp->if_name = *arg;
1315 *arg = NULL;
1316 }
1317
1318
set_ifmtu(int arg)1319 void set_ifmtu(int arg)
1320 {
1321 cifp->if_MTU = arg;
1322 }
1323
1324
set_ifv4addr(char ** arg)1325 void set_ifv4addr(char **arg)
1326 {
1327 cifp->if_addr = getipv4addr(*arg);
1328 free(*arg);
1329 *arg = NULL;
1330 }
1331
1332
set_ifeaddr(char ** arg)1333 void set_ifeaddr(char **arg)
1334 {
1335 (void) geteaddr(*arg, &cifp->if_eaddr);
1336 free(*arg);
1337 *arg = NULL;
1338 }
1339
1340
new_arp(void)1341 void new_arp(void)
1342 {
1343 carp = (arp_t *)calloc(1, sizeof(arp_t));
1344 *arptail = carp;
1345 arptail = &carp->arp_next;
1346 }
1347
1348
set_arpeaddr(char ** arg)1349 void set_arpeaddr(char **arg)
1350 {
1351 (void) geteaddr(*arg, &carp->arp_eaddr);
1352 free(*arg);
1353 *arg = NULL;
1354 }
1355
1356
set_arpv4addr(char ** arg)1357 void set_arpv4addr(char **arg)
1358 {
1359 carp->arp_addr = getipv4addr(*arg);
1360 free(*arg);
1361 *arg = NULL;
1362 }
1363
1364
arp_getipv4(char * ip,char * addr)1365 int arp_getipv4(char *ip, char *addr)
1366 {
1367 arp_t *a;
1368
1369 for (a = arplist; a; a = a->arp_next)
1370 if (!bcmp(ip, (char *)&a->arp_addr, 4)) {
1371 bcopy((char *)&a->arp_eaddr, addr, 6);
1372 return(0);
1373 }
1374 return(-1);
1375 }
1376
1377
reset_send(void)1378 void reset_send(void)
1379 {
1380 sending.snd_if = iflist;
1381 sending.snd_gw = defrouter;
1382 }
1383
1384
set_sendif(char ** arg)1385 void set_sendif(char **arg)
1386 {
1387 iface_t *ifp;
1388
1389 for (ifp = iflist; ifp; ifp = ifp->if_next)
1390 if (ifp->if_name && !strcmp(ifp->if_name, *arg))
1391 break;
1392 sending.snd_if = ifp;
1393 if (!ifp)
1394 fprintf(stderr, "couldn't find interface %s\n", *arg);
1395 free(*arg);
1396 *arg = NULL;
1397 }
1398
1399
set_sendvia(char ** arg)1400 void set_sendvia(char **arg)
1401 {
1402 sending.snd_gw = getipv4addr(*arg);
1403 free(*arg);
1404 *arg = NULL;
1405 }
1406
1407
set_defaultrouter(char ** arg)1408 void set_defaultrouter(char **arg)
1409 {
1410 defrouter = getipv4addr(*arg);
1411 free(*arg);
1412 *arg = NULL;
1413 }
1414
1415
new_icmpheader(void)1416 void new_icmpheader(void)
1417 {
1418 if ((ip->ip_p) && (ip->ip_p != IPPROTO_ICMP)) {
1419 fprintf(stderr, "protocol %d specified with ICMP!\n",
1420 ip->ip_p);
1421 return;
1422 }
1423 ip->ip_p = IPPROTO_ICMP;
1424 icmp = (icmphdr_t *)new_header(IPPROTO_ICMP);
1425 }
1426
1427
set_icmpcode(int code)1428 void set_icmpcode(int code)
1429 {
1430 icmp->icmp_code = code;
1431 }
1432
1433
set_icmptype(int type)1434 void set_icmptype(int type)
1435 {
1436 icmp->icmp_type = type;
1437 }
1438
1439
set_icmpcodetok(char ** code)1440 void set_icmpcodetok(char **code)
1441 {
1442 char *s;
1443 int i;
1444
1445 for (i = 0; (s = icmpcodes[i]); i++)
1446 if (!strcmp(s, *code)) {
1447 icmp->icmp_code = i;
1448 break;
1449 }
1450 if (!s)
1451 fprintf(stderr, "unknown ICMP code %s\n", *code);
1452 free(*code);
1453 *code = NULL;
1454 }
1455
1456
set_icmptypetok(char ** type)1457 void set_icmptypetok(char **type)
1458 {
1459 char *s;
1460 int i, done = 0;
1461
1462 for (i = 0; !(s = icmptypes[i]) || strcmp(s, "END"); i++)
1463 if (s && !strcmp(s, *type)) {
1464 icmp->icmp_type = i;
1465 done = 1;
1466 break;
1467 }
1468 if (!done)
1469 fprintf(stderr, "unknown ICMP type %s\n", *type);
1470 free(*type);
1471 *type = NULL;
1472 }
1473
1474
set_icmpid(int arg)1475 void set_icmpid(int arg)
1476 {
1477 icmp->icmp_id = htons(arg);
1478 }
1479
1480
set_icmpseq(int arg)1481 void set_icmpseq(int arg)
1482 {
1483 icmp->icmp_seq = htons(arg);
1484 }
1485
1486
set_icmpotime(int arg)1487 void set_icmpotime(int arg)
1488 {
1489 icmp->icmp_otime = htonl(arg);
1490 }
1491
1492
set_icmprtime(int arg)1493 void set_icmprtime(int arg)
1494 {
1495 icmp->icmp_rtime = htonl(arg);
1496 }
1497
1498
set_icmpttime(int arg)1499 void set_icmpttime(int arg)
1500 {
1501 icmp->icmp_ttime = htonl(arg);
1502 }
1503
1504
set_icmpmtu(int arg)1505 void set_icmpmtu(int arg)
1506 {
1507 icmp->icmp_nextmtu = htons(arg);
1508 }
1509
1510
set_redir(int redir,char ** arg)1511 void set_redir(int redir, char **arg)
1512 {
1513 icmp->icmp_code = redir;
1514 icmp->icmp_gwaddr = getipv4addr(*arg);
1515 free(*arg);
1516 *arg = NULL;
1517 }
1518
1519
set_icmppprob(int num)1520 void set_icmppprob(int num)
1521 {
1522 icmp->icmp_pptr = num;
1523 }
1524
1525
new_ipv4opt(void)1526 void new_ipv4opt(void)
1527 {
1528 new_header(-2);
1529 }
1530
1531
add_ipopt(int state,void * ptr)1532 void add_ipopt(int state, void *ptr)
1533 {
1534 struct ipopt_names *io;
1535 struct statetoopt *sto;
1536 char numbuf[16], *arg, **param = ptr;
1537 int inc, hlen;
1538
1539 if (state == IL_IPO_RR || state == IL_IPO_SATID) {
1540 if (param)
1541 snprintf(numbuf, sizeof(numbuf), "%d", *(int *)param);
1542 else
1543 strcpy(numbuf, "0");
1544 arg = numbuf;
1545 } else
1546 arg = param ? *param : NULL;
1547
1548 if (canip->ah_next) {
1549 fprintf(stderr, "cannot specify options after data body\n");
1550 return;
1551 }
1552 for (sto = toipopts; sto->sto_st; sto++)
1553 if (sto->sto_st == state)
1554 break;
1555 if (!sto->sto_st) {
1556 fprintf(stderr, "No mapping for state %d to IP option\n",
1557 state);
1558 return;
1559 }
1560
1561 hlen = sizeof(ip_t) + canip->ah_optlen;
1562 for (io = ionames; io->on_name; io++)
1563 if (io->on_value == sto->sto_op)
1564 break;
1565 canip->ah_lastopt = io->on_value;
1566
1567 if (io->on_name) {
1568 inc = addipopt((char *)ip + hlen, io, hlen - sizeof(ip_t),arg);
1569 if (inc > 0) {
1570 while (inc & 3) {
1571 ((char *)ip)[sizeof(*ip) + inc] = IPOPT_NOP;
1572 canip->ah_lastopt = IPOPT_NOP;
1573 inc++;
1574 }
1575 hlen += inc;
1576 }
1577 }
1578
1579 canip->ah_optlen = hlen - sizeof(ip_t);
1580
1581 if (state != IL_IPO_RR && state != IL_IPO_SATID)
1582 if (param && *param) {
1583 free(*param);
1584 *param = NULL;
1585 }
1586 sclass = NULL;
1587 }
1588
1589
end_ipopt(void)1590 void end_ipopt(void)
1591 {
1592 int pad;
1593 char *s, *buf = (char *)ip;
1594
1595 /*
1596 * pad out so that we have a multiple of 4 bytes in size fo the
1597 * options. make sure last byte is EOL.
1598 */
1599 if (canip->ah_lastopt == IPOPT_NOP) {
1600 buf[sizeof(*ip) + canip->ah_optlen - 1] = IPOPT_EOL;
1601 } else if (canip->ah_lastopt != IPOPT_EOL) {
1602 s = buf + sizeof(*ip) + canip->ah_optlen;
1603
1604 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1605 *s++ = IPOPT_NOP;
1606 *s = IPOPT_EOL;
1607 canip->ah_optlen++;
1608 }
1609 canip->ah_optlen++;
1610 } else {
1611 s = buf + sizeof(*ip) + canip->ah_optlen - 1;
1612
1613 for (pad = 3 - (canip->ah_optlen & 3); pad; pad--) {
1614 *s++ = IPOPT_NOP;
1615 *s = IPOPT_EOL;
1616 canip->ah_optlen++;
1617 }
1618 }
1619 ip->ip_hl = (sizeof(*ip) + canip->ah_optlen) >> 2;
1620 inc_anipheaders(canip->ah_optlen);
1621 free_anipheader();
1622 }
1623
1624
set_secclass(char ** arg)1625 void set_secclass(char **arg)
1626 {
1627 sclass = *arg;
1628 *arg = NULL;
1629 }
1630
1631
free_anipheader(void)1632 void free_anipheader(void)
1633 {
1634 aniphdr_t *aip;
1635
1636 aip = canip;
1637 if ((canip = aip->ah_prev)) {
1638 canip->ah_next = NULL;
1639 aniptail = &canip->ah_next;
1640 }
1641
1642 if (canip)
1643 free(aip);
1644 }
1645
1646
end_ipv4(void)1647 void end_ipv4(void)
1648 {
1649 aniphdr_t *aip;
1650
1651 ip->ip_sum = 0;
1652 ip->ip_len = htons(ip->ip_len);
1653 ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2);
1654 ip->ip_len = ntohs(ip->ip_len);
1655 free_anipheader();
1656 for (aip = aniphead, ip = NULL; aip; aip = aip->ah_next)
1657 if (aip->ah_p == IPPROTO_IP)
1658 ip = aip->ah_ip;
1659 }
1660
1661
end_icmp(void)1662 void end_icmp(void)
1663 {
1664 aniphdr_t *aip;
1665
1666 icmp->icmp_cksum = 0;
1667 icmp->icmp_cksum = chksum((u_short *)icmp, canip->ah_len);
1668 free_anipheader();
1669 for (aip = aniphead, icmp = NULL; aip; aip = aip->ah_next)
1670 if (aip->ah_p == IPPROTO_ICMP)
1671 icmp = aip->ah_icmp;
1672 }
1673
1674
end_udp(void)1675 void end_udp(void)
1676 {
1677 u_long sum;
1678 aniphdr_t *aip;
1679 ip_t iptmp;
1680
1681 bzero((char *)&iptmp, sizeof(iptmp));
1682 iptmp.ip_p = ip->ip_p;
1683 iptmp.ip_src = ip->ip_src;
1684 iptmp.ip_dst = ip->ip_dst;
1685 iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2));
1686 sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp));
1687 udp->uh_ulen = htons(udp->uh_ulen);
1688 udp->uh_sum = c_chksum((u_short *)udp, (u_int)ntohs(iptmp.ip_len), sum);
1689 free_anipheader();
1690 for (aip = aniphead, udp = NULL; aip; aip = aip->ah_next)
1691 if (aip->ah_p == IPPROTO_UDP)
1692 udp = aip->ah_udp;
1693 }
1694
1695
end_tcp(void)1696 void end_tcp(void)
1697 {
1698 u_long sum;
1699 aniphdr_t *aip;
1700 ip_t iptmp;
1701
1702 bzero((char *)&iptmp, sizeof(iptmp));
1703 iptmp.ip_p = ip->ip_p;
1704 iptmp.ip_src = ip->ip_src;
1705 iptmp.ip_dst = ip->ip_dst;
1706 iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2));
1707 sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp));
1708 tcp->th_sum = 0;
1709 tcp->th_sum = c_chksum((u_short *)tcp, (u_int)ntohs(iptmp.ip_len), sum);
1710 free_anipheader();
1711 for (aip = aniphead, tcp = NULL; aip; aip = aip->ah_next)
1712 if (aip->ah_p == IPPROTO_TCP)
1713 tcp = aip->ah_tcp;
1714 }
1715
1716
end_data(void)1717 void end_data(void)
1718 {
1719 free_anipheader();
1720 }
1721
1722
iplang(FILE * fp)1723 void iplang(FILE *fp)
1724 {
1725 yyin = fp;
1726
1727 yydebug = (opts & OPT_DEBUG) ? 1 : 0;
1728
1729 while (!feof(fp))
1730 yyparse();
1731 }
1732
1733
c_chksum(u_short * buf,u_int len,u_long init)1734 u_short c_chksum(u_short *buf, u_int len, u_long init)
1735 {
1736 u_long sum = init;
1737 int nwords = len >> 1;
1738
1739 for(; nwords > 0; nwords--)
1740 sum += *buf++;
1741 sum = (sum>>16) + (sum & 0xffff);
1742 sum += (sum >>16);
1743 return(~sum);
1744 }
1745
1746
p_chksum(u_short * buf,u_int len)1747 u_long p_chksum(u_short *buf, u_int len)
1748 {
1749 u_long sum = 0;
1750 int nwords = len >> 1;
1751
1752 for(; nwords > 0; nwords--)
1753 sum += *buf++;
1754 return(sum);
1755 }
1756