1 /* $OpenBSD: gencode.c,v 1.12 2000/04/26 21:25:52 jakob Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that: (1) source code distributions 9 * retain the above copyright notice and this paragraph in its entirety, (2) 10 * distributions including binary code include the above copyright notice and 11 * this paragraph in its entirety in the documentation or other materials 12 * provided with the distribution, and (3) all advertising materials mentioning 13 * features or use of this software display the following acknowledgement: 14 * ``This product includes software developed by the University of California, 15 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 16 * the University nor the names of its contributors may be used to endorse 17 * or promote products derived from this software without specific prior 18 * written permission. 19 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 20 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 22 */ 23 #ifndef lint 24 static const char rcsid[] = 25 "@(#) $Header: /home/cvs/src/lib/libpcap/gencode.c,v 1.12 2000/04/26 21:25:52 jakob Exp $ (LBL)"; 26 #endif 27 28 #include <sys/types.h> 29 #include <sys/socket.h> 30 #include <sys/time.h> 31 32 #ifdef __STDC__ 33 struct mbuf; 34 struct rtentry; 35 #endif 36 37 #include <net/if.h> 38 39 #include <netinet/in.h> 40 #include <netinet/if_ether.h> 41 #include <netinet/if_arc.h> 42 43 #include <stdlib.h> 44 #include <memory.h> 45 #include <setjmp.h> 46 #ifdef __STDC__ 47 #include <stdarg.h> 48 #else 49 #include <varargs.h> 50 #endif 51 52 #include "pcap-int.h" 53 54 #include "ethertype.h" 55 #include "gencode.h" 56 #include "ppp.h" 57 #include <pcap-namedb.h> 58 #ifdef INET6 59 #include <netdb.h> 60 #include <sys/socket.h> 61 #endif /*INET6*/ 62 63 #ifdef HAVE_OS_PROTO_H 64 #include "os-proto.h" 65 #endif 66 67 #define JMP(c) ((c)|BPF_JMP|BPF_K) 68 69 /* Locals */ 70 static jmp_buf top_ctx; 71 static pcap_t *bpf_pcap; 72 73 /* XXX */ 74 #ifdef PCAP_FDDIPAD 75 int pcap_fddipad = PCAP_FDDIPAD; 76 #else 77 int pcap_fddipad; 78 #endif 79 80 /* VARARGS */ 81 __dead void 82 #ifdef __STDC__ 83 bpf_error(const char *fmt, ...) 84 #else 85 bpf_error(fmt, va_alist) 86 const char *fmt; 87 va_dcl 88 #endif 89 { 90 va_list ap; 91 92 #ifdef __STDC__ 93 va_start(ap, fmt); 94 #else 95 va_start(ap); 96 #endif 97 if (bpf_pcap != NULL) 98 (void)vsnprintf(pcap_geterr(bpf_pcap), PCAP_ERRBUF_SIZE, 99 fmt, ap); 100 va_end(ap); 101 longjmp(top_ctx, 1); 102 /* NOTREACHED */ 103 } 104 105 static void init_linktype(int); 106 107 static int alloc_reg(void); 108 static void free_reg(int); 109 110 static struct block *root; 111 112 /* 113 * We divy out chunks of memory rather than call malloc each time so 114 * we don't have to worry about leaking memory. It's probably 115 * not a big deal if all this memory was wasted but it this ever 116 * goes into a library that would probably not be a good idea. 117 */ 118 #define NCHUNKS 16 119 #define CHUNK0SIZE 1024 120 struct chunk { 121 u_int n_left; 122 void *m; 123 }; 124 125 static struct chunk chunks[NCHUNKS]; 126 static int cur_chunk; 127 128 static void *newchunk(u_int); 129 static void freechunks(void); 130 static __inline struct block *new_block(int); 131 static __inline struct slist *new_stmt(int); 132 static struct block *gen_retblk(int); 133 static __inline void syntax(void); 134 135 static void backpatch(struct block *, struct block *); 136 static void merge(struct block *, struct block *); 137 static struct block *gen_cmp(u_int, u_int, bpf_int32); 138 static struct block *gen_mcmp(u_int, u_int, bpf_int32, bpf_u_int32); 139 static struct block *gen_bcmp(u_int, u_int, const u_char *); 140 static struct block *gen_uncond(int); 141 static __inline struct block *gen_true(void); 142 static __inline struct block *gen_false(void); 143 static struct block *gen_linktype(int); 144 static struct block *gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int); 145 #ifdef INET6 146 static struct block *gen_hostop6(struct in6_addr *, struct in6_addr *, int, int, u_int, u_int); 147 #endif 148 static struct block *gen_ahostop(const u_char *, int); 149 static struct block *gen_ehostop(const u_char *, int); 150 static struct block *gen_fhostop(const u_char *, int); 151 static struct block *gen_dnhostop(bpf_u_int32, int, u_int); 152 static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int); 153 #ifdef INET6 154 static struct block *gen_host6(struct in6_addr *, struct in6_addr *, int, int); 155 #endif 156 #ifndef INET6 157 static struct block *gen_gateway(const u_char *, bpf_u_int32 **, int, int); 158 #endif 159 static struct block *gen_ipfrag(void); 160 static struct block *gen_portatom(int, bpf_int32); 161 #ifdef INET6 162 static struct block *gen_portatom6(int, bpf_int32); 163 #endif 164 struct block *gen_portop(int, int, int); 165 static struct block *gen_port(int, int, int); 166 #ifdef INET6 167 struct block *gen_portop6(int, int, int); 168 static struct block *gen_port6(int, int, int); 169 #endif 170 static int lookup_proto(const char *, int); 171 static struct block *gen_protochain(int, int, int); 172 static struct block *gen_proto(int, int, int); 173 static struct slist *xfer_to_x(struct arth *); 174 static struct slist *xfer_to_a(struct arth *); 175 static struct block *gen_len(int, int); 176 177 static void * 178 newchunk(n) 179 u_int n; 180 { 181 struct chunk *cp; 182 int k, size; 183 184 /* XXX Round to structure boundary. */ 185 n = ALIGN(n); 186 187 cp = &chunks[cur_chunk]; 188 if (n > cp->n_left) { 189 ++cp, k = ++cur_chunk; 190 if (k >= NCHUNKS) 191 bpf_error("out of memory"); 192 size = CHUNK0SIZE << k; 193 cp->m = (void *)malloc(size); 194 memset((char *)cp->m, 0, size); 195 cp->n_left = size; 196 if (n > size) 197 bpf_error("out of memory"); 198 } 199 cp->n_left -= n; 200 return (void *)((char *)cp->m + cp->n_left); 201 } 202 203 static void 204 freechunks() 205 { 206 int i; 207 208 cur_chunk = 0; 209 for (i = 0; i < NCHUNKS; ++i) 210 if (chunks[i].m != NULL) { 211 free(chunks[i].m); 212 chunks[i].m = NULL; 213 } 214 } 215 216 /* 217 * A strdup whose allocations are freed after code generation is over. 218 */ 219 char * 220 sdup(s) 221 register const char *s; 222 { 223 int n = strlen(s) + 1; 224 char *cp = newchunk(n); 225 226 strlcpy(cp, s, n); 227 return (cp); 228 } 229 230 static __inline struct block * 231 new_block(code) 232 int code; 233 { 234 struct block *p; 235 236 p = (struct block *)newchunk(sizeof(*p)); 237 p->s.code = code; 238 p->head = p; 239 240 return p; 241 } 242 243 static __inline struct slist * 244 new_stmt(code) 245 int code; 246 { 247 struct slist *p; 248 249 p = (struct slist *)newchunk(sizeof(*p)); 250 p->s.code = code; 251 252 return p; 253 } 254 255 static struct block * 256 gen_retblk(v) 257 int v; 258 { 259 struct block *b = new_block(BPF_RET|BPF_K); 260 261 b->s.k = v; 262 return b; 263 } 264 265 static __inline void 266 syntax() 267 { 268 bpf_error("syntax error in filter expression"); 269 } 270 271 static bpf_u_int32 netmask; 272 static int snaplen; 273 int no_optimize; 274 275 int 276 pcap_compile(pcap_t *p, struct bpf_program *program, 277 char *buf, int optimize, bpf_u_int32 mask) 278 { 279 extern int n_errors; 280 int len; 281 282 no_optimize = 0; 283 n_errors = 0; 284 root = NULL; 285 bpf_pcap = p; 286 if (setjmp(top_ctx)) { 287 freechunks(); 288 return (-1); 289 } 290 291 netmask = mask; 292 snaplen = pcap_snapshot(p); 293 294 lex_init(buf ? buf : ""); 295 init_linktype(pcap_datalink(p)); 296 (void)pcap_parse(); 297 298 if (n_errors) 299 syntax(); 300 301 if (root == NULL) 302 root = gen_retblk(snaplen); 303 304 if (optimize && !no_optimize) { 305 bpf_optimize(&root); 306 if (root == NULL || 307 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0)) 308 bpf_error("expression rejects all packets"); 309 } 310 program->bf_insns = icode_to_fcode(root, &len); 311 program->bf_len = len; 312 313 freechunks(); 314 return (0); 315 } 316 317 /* 318 * entry point for using the compiler with no pcap open 319 * pass in all the stuff that is needed explicitly instead. 320 */ 321 int 322 pcap_compile_nopcap(int snaplen_arg, int linktype_arg, 323 struct bpf_program *program, 324 char *buf, int optimize, bpf_u_int32 mask) 325 { 326 extern int n_errors; 327 int len; 328 329 n_errors = 0; 330 root = NULL; 331 bpf_pcap = NULL; 332 if (setjmp(top_ctx)) { 333 freechunks(); 334 return (-1); 335 } 336 337 netmask = mask; 338 339 /* XXX needed? I don't grok the use of globals here. */ 340 snaplen = snaplen_arg; 341 342 lex_init(buf ? buf : ""); 343 init_linktype(linktype_arg); 344 (void)pcap_parse(); 345 346 if (n_errors) 347 syntax(); 348 349 if (root == NULL) 350 root = gen_retblk(snaplen_arg); 351 352 if (optimize) { 353 bpf_optimize(&root); 354 if (root == NULL || 355 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0)) 356 bpf_error("expression rejects all packets"); 357 } 358 program->bf_insns = icode_to_fcode(root, &len); 359 program->bf_len = len; 360 361 freechunks(); 362 return (0); 363 } 364 365 /* 366 * Backpatch the blocks in 'list' to 'target'. The 'sense' field indicates 367 * which of the jt and jf fields has been resolved and which is a pointer 368 * back to another unresolved block (or nil). At least one of the fields 369 * in each block is already resolved. 370 */ 371 static void 372 backpatch(list, target) 373 struct block *list, *target; 374 { 375 struct block *next; 376 377 while (list) { 378 if (!list->sense) { 379 next = JT(list); 380 JT(list) = target; 381 } else { 382 next = JF(list); 383 JF(list) = target; 384 } 385 list = next; 386 } 387 } 388 389 /* 390 * Merge the lists in b0 and b1, using the 'sense' field to indicate 391 * which of jt and jf is the link. 392 */ 393 static void 394 merge(b0, b1) 395 struct block *b0, *b1; 396 { 397 register struct block **p = &b0; 398 399 /* Find end of list. */ 400 while (*p) 401 p = !((*p)->sense) ? &JT(*p) : &JF(*p); 402 403 /* Concatenate the lists. */ 404 *p = b1; 405 } 406 407 void 408 finish_parse(p) 409 struct block *p; 410 { 411 backpatch(p, gen_retblk(snaplen)); 412 p->sense = !p->sense; 413 backpatch(p, gen_retblk(0)); 414 root = p->head; 415 } 416 417 void 418 gen_and(b0, b1) 419 struct block *b0, *b1; 420 { 421 backpatch(b0, b1->head); 422 b0->sense = !b0->sense; 423 b1->sense = !b1->sense; 424 merge(b1, b0); 425 b1->sense = !b1->sense; 426 b1->head = b0->head; 427 } 428 429 void 430 gen_or(b0, b1) 431 struct block *b0, *b1; 432 { 433 b0->sense = !b0->sense; 434 backpatch(b0, b1->head); 435 b0->sense = !b0->sense; 436 merge(b1, b0); 437 b1->head = b0->head; 438 } 439 440 void 441 gen_not(b) 442 struct block *b; 443 { 444 b->sense = !b->sense; 445 } 446 447 static struct block * 448 gen_cmp(offset, size, v) 449 u_int offset, size; 450 bpf_int32 v; 451 { 452 struct slist *s; 453 struct block *b; 454 455 s = new_stmt(BPF_LD|BPF_ABS|size); 456 s->s.k = offset; 457 458 b = new_block(JMP(BPF_JEQ)); 459 b->stmts = s; 460 b->s.k = v; 461 462 return b; 463 } 464 465 static struct block * 466 gen_mcmp(offset, size, v, mask) 467 u_int offset, size; 468 bpf_int32 v; 469 bpf_u_int32 mask; 470 { 471 struct block *b = gen_cmp(offset, size, v); 472 struct slist *s; 473 474 if (mask != 0xffffffff) { 475 s = new_stmt(BPF_ALU|BPF_AND|BPF_K); 476 s->s.k = mask; 477 b->stmts->next = s; 478 } 479 return b; 480 } 481 482 static struct block * 483 gen_bcmp(offset, size, v) 484 register u_int offset, size; 485 register const u_char *v; 486 { 487 register struct block *b, *tmp; 488 489 b = NULL; 490 while (size >= 4) { 491 register const u_char *p = &v[size - 4]; 492 bpf_int32 w = ((bpf_int32)p[0] << 24) | 493 ((bpf_int32)p[1] << 16) | ((bpf_int32)p[2] << 8) | p[3]; 494 495 tmp = gen_cmp(offset + size - 4, BPF_W, w); 496 if (b != NULL) 497 gen_and(b, tmp); 498 b = tmp; 499 size -= 4; 500 } 501 while (size >= 2) { 502 register const u_char *p = &v[size - 2]; 503 bpf_int32 w = ((bpf_int32)p[0] << 8) | p[1]; 504 505 tmp = gen_cmp(offset + size - 2, BPF_H, w); 506 if (b != NULL) 507 gen_and(b, tmp); 508 b = tmp; 509 size -= 2; 510 } 511 if (size > 0) { 512 tmp = gen_cmp(offset, BPF_B, (bpf_int32)v[0]); 513 if (b != NULL) 514 gen_and(b, tmp); 515 b = tmp; 516 } 517 return b; 518 } 519 520 /* 521 * Various code constructs need to know the layout of the data link 522 * layer. These variables give the necessary offsets. off_linktype 523 * is set to -1 for no encapsulation, in which case, IP is assumed. 524 */ 525 static u_int off_linktype; 526 static u_int off_nl; 527 static int linktype; 528 529 static void 530 init_linktype(type) 531 int type; 532 { 533 linktype = type; 534 535 switch (type) { 536 537 case DLT_ARCNET: 538 off_linktype = 2; 539 off_nl = 6; /* XXX in reality, variable! */ 540 return; 541 542 case DLT_EN10MB: 543 off_linktype = 12; 544 off_nl = 14; 545 return; 546 547 case DLT_SLIP: 548 /* 549 * SLIP doesn't have a link level type. The 16 byte 550 * header is hacked into our SLIP driver. 551 */ 552 off_linktype = -1; 553 off_nl = 16; 554 return; 555 556 case DLT_SLIP_BSDOS: 557 /* XXX this may be the same as the DLT_PPP_BSDOS case */ 558 off_linktype = -1; 559 /* XXX end */ 560 off_nl = 24; 561 return; 562 563 case DLT_NULL: 564 off_linktype = 0; 565 off_nl = 4; 566 return; 567 568 case DLT_PPP: 569 off_linktype = 2; 570 off_nl = 4; 571 return; 572 573 case DLT_PPP_BSDOS: 574 off_linktype = 5; 575 off_nl = 24; 576 return; 577 578 case DLT_FDDI: 579 /* 580 * FDDI doesn't really have a link-level type field. 581 * We assume that SSAP = SNAP is being used and pick 582 * out the encapsulated Ethernet type. 583 */ 584 off_linktype = 19; 585 #ifdef PCAP_FDDIPAD 586 off_linktype += pcap_fddipad; 587 #endif 588 off_nl = 21; 589 #ifdef PCAP_FDDIPAD 590 off_nl += pcap_fddipad; 591 #endif 592 return; 593 594 case DLT_IEEE802: 595 off_linktype = 20; 596 off_nl = 22; 597 return; 598 599 case DLT_ATM_RFC1483: 600 /* 601 * assume routed, non-ISO PDUs 602 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00) 603 */ 604 off_linktype = 6; 605 off_nl = 8; 606 return; 607 608 case DLT_LOOP: 609 off_linktype = -1; 610 off_nl = 4; 611 return; 612 613 case DLT_ENC: 614 off_linktype = -1; 615 off_nl = 12; 616 return; 617 618 case DLT_RAW: 619 off_linktype = -1; 620 off_nl = 0; 621 return; 622 } 623 bpf_error("unknown data link type 0x%x", linktype); 624 /* NOTREACHED */ 625 } 626 627 static struct block * 628 gen_uncond(rsense) 629 int rsense; 630 { 631 struct block *b; 632 struct slist *s; 633 634 s = new_stmt(BPF_LD|BPF_IMM); 635 s->s.k = !rsense; 636 b = new_block(JMP(BPF_JEQ)); 637 b->stmts = s; 638 639 return b; 640 } 641 642 static __inline struct block * 643 gen_true() 644 { 645 return gen_uncond(1); 646 } 647 648 static __inline struct block * 649 gen_false() 650 { 651 return gen_uncond(0); 652 } 653 654 static struct block * 655 gen_linktype(proto) 656 register int proto; 657 { 658 struct block *b0, *b1; 659 660 /* If we're not using encapsulation and checking for IP, we're done */ 661 if (off_linktype == -1 && proto == ETHERTYPE_IP) 662 return gen_true(); 663 #ifdef INET6 664 /* this isn't the right thing to do, but sometimes necessary */ 665 if (off_linktype == -1 && proto == ETHERTYPE_IPV6) 666 return gen_true(); 667 #endif 668 669 switch (linktype) { 670 671 case DLT_SLIP: 672 return gen_false(); 673 674 case DLT_PPP: 675 if (proto == ETHERTYPE_IP) 676 proto = PPP_IP; /* XXX was 0x21 */ 677 #ifdef INET6 678 else if (proto == ETHERTYPE_IPV6) 679 proto = PPP_IPV6; 680 #endif 681 break; 682 683 case DLT_PPP_BSDOS: 684 switch (proto) { 685 686 case ETHERTYPE_IP: 687 b0 = gen_cmp(off_linktype, BPF_H, PPP_IP); 688 b1 = gen_cmp(off_linktype, BPF_H, PPP_VJC); 689 gen_or(b0, b1); 690 b0 = gen_cmp(off_linktype, BPF_H, PPP_VJNC); 691 gen_or(b1, b0); 692 return b0; 693 694 #ifdef INET6 695 case ETHERTYPE_IPV6: 696 proto = PPP_IPV6; 697 /* more to go? */ 698 break; 699 #endif /* INET6 */ 700 701 case ETHERTYPE_DN: 702 proto = PPP_DECNET; 703 break; 704 705 case ETHERTYPE_ATALK: 706 proto = PPP_APPLE; 707 break; 708 709 case ETHERTYPE_NS: 710 proto = PPP_NS; 711 break; 712 } 713 break; 714 715 case DLT_LOOP: 716 case DLT_ENC: 717 case DLT_NULL: 718 /* XXX */ 719 if (proto == ETHERTYPE_IP) 720 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET))); 721 #ifdef INET6 722 else if (proto == ETHERTYPE_IPV6) 723 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET6))); 724 #endif /* INET6 */ 725 else 726 return gen_false(); 727 break; 728 case DLT_ARCNET: 729 /* 730 * XXX should we check for first fragment if the protocol 731 * uses PHDS? 732 */ 733 switch(proto) { 734 default: 735 return gen_false(); 736 #ifdef INET6 737 case ETHERTYPE_IPV6: 738 return(gen_cmp(2, BPF_B, 739 (bpf_int32)htonl(ARCTYPE_INET6))); 740 #endif /* INET6 */ 741 case ETHERTYPE_IP: 742 b0 = gen_cmp(2, BPF_B, (bpf_int32)htonl(ARCTYPE_IP)); 743 b1 = gen_cmp(2, BPF_B, 744 (bpf_int32)htonl(ARCTYPE_IP_OLD)); 745 gen_or(b0, b1); 746 return(b1); 747 case ETHERTYPE_ARP: 748 b0 = gen_cmp(2, BPF_B, (bpf_int32)htonl(ARCTYPE_ARP)); 749 b1 = gen_cmp(2, BPF_B, 750 (bpf_int32)htonl(ARCTYPE_ARP_OLD)); 751 gen_or(b0, b1); 752 return(b1); 753 case ETHERTYPE_REVARP: 754 return(gen_cmp(2, BPF_B, 755 (bpf_int32)htonl(ARCTYPE_REVARP))); 756 case ETHERTYPE_ATALK: 757 return(gen_cmp(2, BPF_B, 758 (bpf_int32)htonl(ARCTYPE_ATALK))); 759 } 760 } 761 return gen_cmp(off_linktype, BPF_H, (bpf_int32)proto); 762 } 763 764 static struct block * 765 gen_hostop(addr, mask, dir, proto, src_off, dst_off) 766 bpf_u_int32 addr; 767 bpf_u_int32 mask; 768 int dir, proto; 769 u_int src_off, dst_off; 770 { 771 struct block *b0, *b1; 772 u_int offset; 773 774 switch (dir) { 775 776 case Q_SRC: 777 offset = src_off; 778 break; 779 780 case Q_DST: 781 offset = dst_off; 782 break; 783 784 case Q_AND: 785 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off); 786 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off); 787 gen_and(b0, b1); 788 return b1; 789 790 case Q_OR: 791 case Q_DEFAULT: 792 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off); 793 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off); 794 gen_or(b0, b1); 795 return b1; 796 797 default: 798 abort(); 799 } 800 b0 = gen_linktype(proto); 801 b1 = gen_mcmp(offset, BPF_W, (bpf_int32)addr, mask); 802 gen_and(b0, b1); 803 return b1; 804 } 805 806 #ifdef INET6 807 static struct block * 808 gen_hostop6(addr, mask, dir, proto, src_off, dst_off) 809 struct in6_addr *addr; 810 struct in6_addr *mask; 811 int dir, proto; 812 u_int src_off, dst_off; 813 { 814 struct block *b0, *b1; 815 u_int offset; 816 u_int32_t *a, *m; 817 818 switch (dir) { 819 820 case Q_SRC: 821 offset = src_off; 822 break; 823 824 case Q_DST: 825 offset = dst_off; 826 break; 827 828 case Q_AND: 829 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off); 830 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off); 831 gen_and(b0, b1); 832 return b1; 833 834 case Q_OR: 835 case Q_DEFAULT: 836 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off); 837 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off); 838 gen_or(b0, b1); 839 return b1; 840 841 default: 842 abort(); 843 } 844 /* this order is important */ 845 a = (u_int32_t *)addr; 846 m = (u_int32_t *)mask; 847 b1 = gen_mcmp(offset + 12, BPF_W, ntohl(a[3]), ntohl(m[3])); 848 b0 = gen_mcmp(offset + 8, BPF_W, ntohl(a[2]), ntohl(m[2])); 849 gen_and(b0, b1); 850 b0 = gen_mcmp(offset + 4, BPF_W, ntohl(a[1]), ntohl(m[1])); 851 gen_and(b0, b1); 852 b0 = gen_mcmp(offset + 0, BPF_W, ntohl(a[0]), ntohl(m[0])); 853 gen_and(b0, b1); 854 b0 = gen_linktype(proto); 855 gen_and(b0, b1); 856 return b1; 857 } 858 #endif /*INET6*/ 859 860 static struct block * 861 gen_ehostop(eaddr, dir) 862 register const u_char *eaddr; 863 register int dir; 864 { 865 struct block *b0, *b1; 866 867 switch (dir) { 868 case Q_SRC: 869 return gen_bcmp(6, 6, eaddr); 870 871 case Q_DST: 872 return gen_bcmp(0, 6, eaddr); 873 874 case Q_AND: 875 b0 = gen_ehostop(eaddr, Q_SRC); 876 b1 = gen_ehostop(eaddr, Q_DST); 877 gen_and(b0, b1); 878 return b1; 879 880 case Q_DEFAULT: 881 case Q_OR: 882 b0 = gen_ehostop(eaddr, Q_SRC); 883 b1 = gen_ehostop(eaddr, Q_DST); 884 gen_or(b0, b1); 885 return b1; 886 } 887 abort(); 888 /* NOTREACHED */ 889 } 890 891 /* 892 * Like gen_ehostop, but for DLT_FDDI 893 */ 894 static struct block * 895 gen_fhostop(eaddr, dir) 896 register const u_char *eaddr; 897 register int dir; 898 { 899 struct block *b0, *b1; 900 901 switch (dir) { 902 case Q_SRC: 903 #ifdef PCAP_FDDIPAD 904 return gen_bcmp(6 + 1 + pcap_fddipad, 6, eaddr); 905 #else 906 return gen_bcmp(6 + 1, 6, eaddr); 907 #endif 908 909 case Q_DST: 910 #ifdef PCAP_FDDIPAD 911 return gen_bcmp(0 + 1 + pcap_fddipad, 6, eaddr); 912 #else 913 return gen_bcmp(0 + 1, 6, eaddr); 914 #endif 915 916 case Q_AND: 917 b0 = gen_fhostop(eaddr, Q_SRC); 918 b1 = gen_fhostop(eaddr, Q_DST); 919 gen_and(b0, b1); 920 return b1; 921 922 case Q_DEFAULT: 923 case Q_OR: 924 b0 = gen_fhostop(eaddr, Q_SRC); 925 b1 = gen_fhostop(eaddr, Q_DST); 926 gen_or(b0, b1); 927 return b1; 928 } 929 abort(); 930 /* NOTREACHED */ 931 } 932 933 /* 934 * This is quite tricky because there may be pad bytes in front of the 935 * DECNET header, and then there are two possible data packet formats that 936 * carry both src and dst addresses, plus 5 packet types in a format that 937 * carries only the src node, plus 2 types that use a different format and 938 * also carry just the src node. 939 * 940 * Yuck. 941 * 942 * Instead of doing those all right, we just look for data packets with 943 * 0 or 1 bytes of padding. If you want to look at other packets, that 944 * will require a lot more hacking. 945 * 946 * To add support for filtering on DECNET "areas" (network numbers) 947 * one would want to add a "mask" argument to this routine. That would 948 * make the filter even more inefficient, although one could be clever 949 * and not generate masking instructions if the mask is 0xFFFF. 950 */ 951 static struct block * 952 gen_dnhostop(addr, dir, base_off) 953 bpf_u_int32 addr; 954 int dir; 955 u_int base_off; 956 { 957 struct block *b0, *b1, *b2, *tmp; 958 u_int offset_lh; /* offset if long header is received */ 959 u_int offset_sh; /* offset if short header is received */ 960 961 switch (dir) { 962 963 case Q_DST: 964 offset_sh = 1; /* follows flags */ 965 offset_lh = 7; /* flgs,darea,dsubarea,HIORD */ 966 break; 967 968 case Q_SRC: 969 offset_sh = 3; /* follows flags, dstnode */ 970 offset_lh = 15; /* flgs,darea,dsubarea,did,sarea,ssub,HIORD */ 971 break; 972 973 case Q_AND: 974 /* Inefficient because we do our Calvinball dance twice */ 975 b0 = gen_dnhostop(addr, Q_SRC, base_off); 976 b1 = gen_dnhostop(addr, Q_DST, base_off); 977 gen_and(b0, b1); 978 return b1; 979 980 case Q_OR: 981 case Q_DEFAULT: 982 /* Inefficient because we do our Calvinball dance twice */ 983 b0 = gen_dnhostop(addr, Q_SRC, base_off); 984 b1 = gen_dnhostop(addr, Q_DST, base_off); 985 gen_or(b0, b1); 986 return b1; 987 988 default: 989 abort(); 990 } 991 b0 = gen_linktype(ETHERTYPE_DN); 992 /* Check for pad = 1, long header case */ 993 tmp = gen_mcmp(base_off + 2, BPF_H, 994 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF)); 995 b1 = gen_cmp(base_off + 2 + 1 + offset_lh, 996 BPF_H, (bpf_int32)ntohs(addr)); 997 gen_and(tmp, b1); 998 /* Check for pad = 0, long header case */ 999 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x06, (bpf_int32)0x7); 1000 b2 = gen_cmp(base_off + 2 + offset_lh, BPF_H, (bpf_int32)ntohs(addr)); 1001 gen_and(tmp, b2); 1002 gen_or(b2, b1); 1003 /* Check for pad = 1, short header case */ 1004 tmp = gen_mcmp(base_off + 2, BPF_H, 1005 (bpf_int32)ntohs(0x0281), (bpf_int32)ntohs(0x07FF)); 1006 b2 = gen_cmp(base_off + 2 + 1 + offset_sh, 1007 BPF_H, (bpf_int32)ntohs(addr)); 1008 gen_and(tmp, b2); 1009 gen_or(b2, b1); 1010 /* Check for pad = 0, short header case */ 1011 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x02, (bpf_int32)0x7); 1012 b2 = gen_cmp(base_off + 2 + offset_sh, BPF_H, (bpf_int32)ntohs(addr)); 1013 gen_and(tmp, b2); 1014 gen_or(b2, b1); 1015 1016 /* Combine with test for linktype */ 1017 gen_and(b0, b1); 1018 return b1; 1019 } 1020 1021 static struct block * 1022 gen_host(addr, mask, proto, dir) 1023 bpf_u_int32 addr; 1024 bpf_u_int32 mask; 1025 int proto; 1026 int dir; 1027 { 1028 struct block *b0, *b1; 1029 1030 switch (proto) { 1031 1032 case Q_DEFAULT: 1033 b0 = gen_host(addr, mask, Q_IP, dir); 1034 b1 = gen_host(addr, mask, Q_ARP, dir); 1035 gen_or(b0, b1); 1036 b0 = gen_host(addr, mask, Q_RARP, dir); 1037 gen_or(b1, b0); 1038 return b0; 1039 1040 case Q_IP: 1041 return gen_hostop(addr, mask, dir, ETHERTYPE_IP, 1042 off_nl + 12, off_nl + 16); 1043 1044 case Q_RARP: 1045 return gen_hostop(addr, mask, dir, ETHERTYPE_REVARP, 1046 off_nl + 14, off_nl + 24); 1047 1048 case Q_ARP: 1049 return gen_hostop(addr, mask, dir, ETHERTYPE_ARP, 1050 off_nl + 14, off_nl + 24); 1051 1052 case Q_TCP: 1053 bpf_error("'tcp' modifier applied to host"); 1054 1055 case Q_UDP: 1056 bpf_error("'udp' modifier applied to host"); 1057 1058 case Q_ICMP: 1059 bpf_error("'icmp' modifier applied to host"); 1060 1061 case Q_IGMP: 1062 bpf_error("'igmp' modifier applied to host"); 1063 1064 case Q_IGRP: 1065 bpf_error("'igrp' modifier applied to host"); 1066 1067 case Q_PIM: 1068 bpf_error("'pim' modifier applied to host"); 1069 1070 case Q_ATALK: 1071 bpf_error("ATALK host filtering not implemented"); 1072 1073 case Q_DECNET: 1074 return gen_dnhostop(addr, dir, off_nl); 1075 1076 case Q_SCA: 1077 bpf_error("SCA host filtering not implemented"); 1078 1079 case Q_LAT: 1080 bpf_error("LAT host filtering not implemented"); 1081 1082 case Q_MOPDL: 1083 bpf_error("MOPDL host filtering not implemented"); 1084 1085 case Q_MOPRC: 1086 bpf_error("MOPRC host filtering not implemented"); 1087 1088 #ifdef INET6 1089 case Q_IPV6: 1090 bpf_error("'ip6' modifier applied to ip host"); 1091 1092 case Q_ICMPV6: 1093 bpf_error("'icmp6' modifier applied to host"); 1094 #endif /* INET6 */ 1095 1096 case Q_AH: 1097 bpf_error("'ah' modifier applied to host"); 1098 1099 case Q_ESP: 1100 bpf_error("'esp' modifier applied to host"); 1101 1102 default: 1103 abort(); 1104 } 1105 /* NOTREACHED */ 1106 } 1107 1108 #ifdef INET6 1109 static struct block * 1110 gen_host6(addr, mask, proto, dir) 1111 struct in6_addr *addr; 1112 struct in6_addr *mask; 1113 int proto; 1114 int dir; 1115 { 1116 switch (proto) { 1117 1118 case Q_DEFAULT: 1119 return gen_host6(addr, mask, Q_IPV6, dir); 1120 1121 case Q_IP: 1122 bpf_error("'ip' modifier applied to ip6 host"); 1123 1124 case Q_RARP: 1125 bpf_error("'rarp' modifier applied to ip6 host"); 1126 1127 case Q_ARP: 1128 bpf_error("'arp' modifier applied to ip6 host"); 1129 1130 case Q_TCP: 1131 bpf_error("'tcp' modifier applied to host"); 1132 1133 case Q_UDP: 1134 bpf_error("'udp' modifier applied to host"); 1135 1136 case Q_ICMP: 1137 bpf_error("'icmp' modifier applied to host"); 1138 1139 case Q_IGMP: 1140 bpf_error("'igmp' modifier applied to host"); 1141 1142 case Q_IGRP: 1143 bpf_error("'igrp' modifier applied to host"); 1144 1145 case Q_PIM: 1146 bpf_error("'pim' modifier applied to host"); 1147 1148 case Q_ATALK: 1149 bpf_error("ATALK host filtering not implemented"); 1150 1151 case Q_DECNET: 1152 bpf_error("'decnet' modifier applied to ip6 host"); 1153 1154 case Q_SCA: 1155 bpf_error("SCA host filtering not implemented"); 1156 1157 case Q_LAT: 1158 bpf_error("LAT host filtering not implemented"); 1159 1160 case Q_MOPDL: 1161 bpf_error("MOPDL host filtering not implemented"); 1162 1163 case Q_MOPRC: 1164 bpf_error("MOPRC host filtering not implemented"); 1165 1166 case Q_IPV6: 1167 return gen_hostop6(addr, mask, dir, ETHERTYPE_IPV6, 1168 off_nl + 8, off_nl + 24); 1169 1170 case Q_ICMPV6: 1171 bpf_error("'icmp6' modifier applied to host"); 1172 1173 case Q_AH: 1174 bpf_error("'ah' modifier applied to host"); 1175 1176 case Q_ESP: 1177 bpf_error("'esp' modifier applied to host"); 1178 1179 default: 1180 abort(); 1181 } 1182 /* NOTREACHED */ 1183 } 1184 #endif /*INET6*/ 1185 1186 #ifndef INET6 1187 static struct block * 1188 gen_gateway(eaddr, alist, proto, dir) 1189 const u_char *eaddr; 1190 bpf_u_int32 **alist; 1191 int proto; 1192 int dir; 1193 { 1194 struct block *b0, *b1, *tmp; 1195 1196 if (dir != 0) 1197 bpf_error("direction applied to 'gateway'"); 1198 1199 switch (proto) { 1200 case Q_DEFAULT: 1201 case Q_IP: 1202 case Q_ARP: 1203 case Q_RARP: 1204 if (linktype == DLT_EN10MB) 1205 b0 = gen_ehostop(eaddr, Q_OR); 1206 else if (linktype == DLT_FDDI) 1207 b0 = gen_fhostop(eaddr, Q_OR); 1208 else 1209 bpf_error( 1210 "'gateway' supported only on ethernet or FDDI"); 1211 1212 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR); 1213 while (*alist) { 1214 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR); 1215 gen_or(b1, tmp); 1216 b1 = tmp; 1217 } 1218 gen_not(b1); 1219 gen_and(b0, b1); 1220 return b1; 1221 } 1222 bpf_error("illegal modifier of 'gateway'"); 1223 /* NOTREACHED */ 1224 } 1225 #endif /*INET6*/ 1226 1227 struct block * 1228 gen_proto_abbrev(proto) 1229 int proto; 1230 { 1231 struct block *b0 = NULL, *b1; 1232 1233 switch (proto) { 1234 1235 case Q_TCP: 1236 b1 = gen_proto(IPPROTO_TCP, Q_IP, Q_DEFAULT); 1237 #ifdef INET6 1238 b0 = gen_proto(IPPROTO_TCP, Q_IPV6, Q_DEFAULT); 1239 gen_or(b0, b1); 1240 #endif 1241 break; 1242 1243 case Q_UDP: 1244 b1 = gen_proto(IPPROTO_UDP, Q_IP, Q_DEFAULT); 1245 #ifdef INET6 1246 b0 = gen_proto(IPPROTO_UDP, Q_IPV6, Q_DEFAULT); 1247 gen_or(b0, b1); 1248 #endif 1249 break; 1250 1251 case Q_ICMP: 1252 b1 = gen_proto(IPPROTO_ICMP, Q_IP, Q_DEFAULT); 1253 break; 1254 1255 #ifndef IPPROTO_IGMP 1256 #define IPPROTO_IGMP 2 1257 #endif 1258 1259 case Q_IGMP: 1260 b1 = gen_proto(IPPROTO_IGMP, Q_IP, Q_DEFAULT); 1261 break; 1262 1263 #ifndef IPPROTO_IGRP 1264 #define IPPROTO_IGRP 9 1265 #endif 1266 case Q_IGRP: 1267 b1 = gen_proto(IPPROTO_IGRP, Q_IP, Q_DEFAULT); 1268 break; 1269 1270 #ifndef IPPROTO_PIM 1271 #define IPPROTO_PIM 103 1272 #endif 1273 1274 case Q_PIM: 1275 b1 = gen_proto(IPPROTO_PIM, Q_IP, Q_DEFAULT); 1276 #ifdef INET6 1277 b0 = gen_proto(IPPROTO_PIM, Q_IPV6, Q_DEFAULT); 1278 gen_or(b0, b1); 1279 #endif 1280 break; 1281 1282 case Q_IP: 1283 b1 = gen_linktype(ETHERTYPE_IP); 1284 break; 1285 1286 case Q_ARP: 1287 b1 = gen_linktype(ETHERTYPE_ARP); 1288 break; 1289 1290 case Q_RARP: 1291 b1 = gen_linktype(ETHERTYPE_REVARP); 1292 break; 1293 1294 case Q_LINK: 1295 bpf_error("link layer applied in wrong context"); 1296 1297 case Q_ATALK: 1298 b1 = gen_linktype(ETHERTYPE_ATALK); 1299 break; 1300 1301 case Q_DECNET: 1302 b1 = gen_linktype(ETHERTYPE_DN); 1303 break; 1304 1305 case Q_SCA: 1306 b1 = gen_linktype(ETHERTYPE_SCA); 1307 break; 1308 1309 case Q_LAT: 1310 b1 = gen_linktype(ETHERTYPE_LAT); 1311 break; 1312 1313 case Q_MOPDL: 1314 b1 = gen_linktype(ETHERTYPE_MOPDL); 1315 break; 1316 1317 case Q_MOPRC: 1318 b1 = gen_linktype(ETHERTYPE_MOPRC); 1319 break; 1320 1321 #ifdef INET6 1322 case Q_IPV6: 1323 b1 = gen_linktype(ETHERTYPE_IPV6); 1324 break; 1325 1326 #ifndef IPPROTO_ICMPV6 1327 #define IPPROTO_ICMPV6 58 1328 #endif 1329 case Q_ICMPV6: 1330 b1 = gen_proto(IPPROTO_ICMPV6, Q_IPV6, Q_DEFAULT); 1331 break; 1332 #endif /* INET6 */ 1333 1334 #ifndef IPPROTO_AH 1335 #define IPPROTO_AH 51 1336 #endif 1337 case Q_AH: 1338 b1 = gen_proto(IPPROTO_AH, Q_IP, Q_DEFAULT); 1339 #ifdef INET6 1340 b0 = gen_proto(IPPROTO_AH, Q_IPV6, Q_DEFAULT); 1341 gen_or(b0, b1); 1342 #endif 1343 break; 1344 1345 #ifndef IPPROTO_ESP 1346 #define IPPROTO_ESP 50 1347 #endif 1348 case Q_ESP: 1349 b1 = gen_proto(IPPROTO_ESP, Q_IP, Q_DEFAULT); 1350 #ifdef INET6 1351 b0 = gen_proto(IPPROTO_ESP, Q_IPV6, Q_DEFAULT); 1352 gen_or(b0, b1); 1353 #endif 1354 break; 1355 1356 default: 1357 abort(); 1358 } 1359 return b1; 1360 } 1361 1362 static struct block * 1363 gen_ipfrag() 1364 { 1365 struct slist *s; 1366 struct block *b; 1367 1368 /* not ip frag */ 1369 s = new_stmt(BPF_LD|BPF_H|BPF_ABS); 1370 s->s.k = off_nl + 6; 1371 b = new_block(JMP(BPF_JSET)); 1372 b->s.k = 0x1fff; 1373 b->stmts = s; 1374 gen_not(b); 1375 1376 return b; 1377 } 1378 1379 static struct block * 1380 gen_portatom(off, v) 1381 int off; 1382 bpf_int32 v; 1383 { 1384 struct slist *s; 1385 struct block *b; 1386 1387 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B); 1388 s->s.k = off_nl; 1389 1390 s->next = new_stmt(BPF_LD|BPF_IND|BPF_H); 1391 s->next->s.k = off_nl + off; 1392 1393 b = new_block(JMP(BPF_JEQ)); 1394 b->stmts = s; 1395 b->s.k = v; 1396 1397 return b; 1398 } 1399 1400 #ifdef INET6 1401 static struct block * 1402 gen_portatom6(off, v) 1403 int off; 1404 bpf_int32 v; 1405 { 1406 return gen_cmp(off_nl + 40 + off, BPF_H, v); 1407 } 1408 #endif/*INET6*/ 1409 1410 struct block * 1411 gen_portop(port, proto, dir) 1412 int port, proto, dir; 1413 { 1414 struct block *b0, *b1, *tmp; 1415 1416 /* ip proto 'proto' */ 1417 tmp = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)proto); 1418 b0 = gen_ipfrag(); 1419 gen_and(tmp, b0); 1420 1421 switch (dir) { 1422 case Q_SRC: 1423 b1 = gen_portatom(0, (bpf_int32)port); 1424 break; 1425 1426 case Q_DST: 1427 b1 = gen_portatom(2, (bpf_int32)port); 1428 break; 1429 1430 case Q_OR: 1431 case Q_DEFAULT: 1432 tmp = gen_portatom(0, (bpf_int32)port); 1433 b1 = gen_portatom(2, (bpf_int32)port); 1434 gen_or(tmp, b1); 1435 break; 1436 1437 case Q_AND: 1438 tmp = gen_portatom(0, (bpf_int32)port); 1439 b1 = gen_portatom(2, (bpf_int32)port); 1440 gen_and(tmp, b1); 1441 break; 1442 1443 default: 1444 abort(); 1445 } 1446 gen_and(b0, b1); 1447 1448 return b1; 1449 } 1450 1451 static struct block * 1452 gen_port(port, ip_proto, dir) 1453 int port; 1454 int ip_proto; 1455 int dir; 1456 { 1457 struct block *b0, *b1, *tmp; 1458 1459 /* ether proto ip */ 1460 b0 = gen_linktype(ETHERTYPE_IP); 1461 1462 switch (ip_proto) { 1463 case IPPROTO_UDP: 1464 case IPPROTO_TCP: 1465 b1 = gen_portop(port, ip_proto, dir); 1466 break; 1467 1468 case PROTO_UNDEF: 1469 tmp = gen_portop(port, IPPROTO_TCP, dir); 1470 b1 = gen_portop(port, IPPROTO_UDP, dir); 1471 gen_or(tmp, b1); 1472 break; 1473 1474 default: 1475 abort(); 1476 } 1477 gen_and(b0, b1); 1478 return b1; 1479 } 1480 1481 #ifdef INET6 1482 struct block * 1483 gen_portop6(port, proto, dir) 1484 int port, proto, dir; 1485 { 1486 struct block *b0, *b1, *tmp; 1487 1488 /* ip proto 'proto' */ 1489 b0 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)proto); 1490 1491 switch (dir) { 1492 case Q_SRC: 1493 b1 = gen_portatom6(0, (bpf_int32)port); 1494 break; 1495 1496 case Q_DST: 1497 b1 = gen_portatom6(2, (bpf_int32)port); 1498 break; 1499 1500 case Q_OR: 1501 case Q_DEFAULT: 1502 tmp = gen_portatom6(0, (bpf_int32)port); 1503 b1 = gen_portatom6(2, (bpf_int32)port); 1504 gen_or(tmp, b1); 1505 break; 1506 1507 case Q_AND: 1508 tmp = gen_portatom6(0, (bpf_int32)port); 1509 b1 = gen_portatom6(2, (bpf_int32)port); 1510 gen_and(tmp, b1); 1511 break; 1512 1513 default: 1514 abort(); 1515 } 1516 gen_and(b0, b1); 1517 1518 return b1; 1519 } 1520 1521 static struct block * 1522 gen_port6(port, ip_proto, dir) 1523 int port; 1524 int ip_proto; 1525 int dir; 1526 { 1527 struct block *b0, *b1, *tmp; 1528 1529 /* ether proto ip */ 1530 b0 = gen_linktype(ETHERTYPE_IPV6); 1531 1532 switch (ip_proto) { 1533 case IPPROTO_UDP: 1534 case IPPROTO_TCP: 1535 b1 = gen_portop6(port, ip_proto, dir); 1536 break; 1537 1538 case PROTO_UNDEF: 1539 tmp = gen_portop6(port, IPPROTO_TCP, dir); 1540 b1 = gen_portop6(port, IPPROTO_UDP, dir); 1541 gen_or(tmp, b1); 1542 break; 1543 1544 default: 1545 abort(); 1546 } 1547 gen_and(b0, b1); 1548 return b1; 1549 } 1550 #endif /* INET6 */ 1551 1552 static int 1553 lookup_proto(name, proto) 1554 register const char *name; 1555 register int proto; 1556 { 1557 register int v; 1558 1559 switch (proto) { 1560 1561 case Q_DEFAULT: 1562 case Q_IP: 1563 v = pcap_nametoproto(name); 1564 if (v == PROTO_UNDEF) 1565 bpf_error("unknown ip proto '%s'", name); 1566 break; 1567 1568 case Q_LINK: 1569 /* XXX should look up h/w protocol type based on linktype */ 1570 v = pcap_nametoeproto(name); 1571 if (v == PROTO_UNDEF) 1572 bpf_error("unknown ether proto '%s'", name); 1573 break; 1574 1575 default: 1576 v = PROTO_UNDEF; 1577 break; 1578 } 1579 return v; 1580 } 1581 1582 static struct block * 1583 gen_protochain(v, proto, dir) 1584 int v; 1585 int proto; 1586 int dir; 1587 { 1588 struct block *b0, *b; 1589 struct slist *s[100]; 1590 int fix2, fix3, fix4, fix5; 1591 int ahcheck, again, end; 1592 int i, max; 1593 int reg1 = alloc_reg(); 1594 int reg2 = alloc_reg(); 1595 1596 memset(s, 0, sizeof(s)); 1597 fix2 = fix3 = fix4 = fix5 = 0; 1598 1599 switch (proto) { 1600 case Q_IP: 1601 case Q_IPV6: 1602 break; 1603 case Q_DEFAULT: 1604 b0 = gen_protochain(v, Q_IP, dir); 1605 b = gen_protochain(v, Q_IPV6, dir); 1606 gen_or(b0, b); 1607 return b; 1608 default: 1609 bpf_error("bad protocol applied for 'protochain'"); 1610 /*NOTREACHED*/ 1611 } 1612 1613 no_optimize = 1; /*this code is not compatible with optimzer yet */ 1614 1615 /* 1616 * s[0] is a dummy entry to protect other BPF insn from damaged 1617 * by s[fix] = foo with uninitialized variable "fix". It is somewhat 1618 * hard to find interdependency made by jump table fixup. 1619 */ 1620 i = 0; 1621 s[i] = new_stmt(0); /*dummy*/ 1622 i++; 1623 1624 switch (proto) { 1625 case Q_IP: 1626 b0 = gen_linktype(ETHERTYPE_IP); 1627 1628 /* A = ip->ip_p */ 1629 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B); 1630 s[i]->s.k = off_nl + 9; 1631 i++; 1632 /* X = ip->ip_hl << 2 */ 1633 s[i] = new_stmt(BPF_LDX|BPF_MSH|BPF_B); 1634 s[i]->s.k = off_nl; 1635 i++; 1636 break; 1637 case Q_IPV6: 1638 b0 = gen_linktype(ETHERTYPE_IPV6); 1639 1640 /* A = ip6->ip_nxt */ 1641 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B); 1642 s[i]->s.k = off_nl + 6; 1643 i++; 1644 /* X = sizeof(struct ip6_hdr) */ 1645 s[i] = new_stmt(BPF_LDX|BPF_IMM); 1646 s[i]->s.k = 40; 1647 i++; 1648 break; 1649 default: 1650 bpf_error("unsupported proto to gen_protochain"); 1651 /*NOTREACHED*/ 1652 } 1653 1654 /* again: if (A == v) goto end; else fall through; */ 1655 again = i; 1656 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K); 1657 s[i]->s.k = v; 1658 s[i]->s.jt = NULL; /*later*/ 1659 s[i]->s.jf = NULL; /*update in next stmt*/ 1660 fix5 = i; 1661 i++; 1662 1663 /* if (A == IPPROTO_NONE) goto end */ 1664 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K); 1665 s[i]->s.jt = NULL; /*later*/ 1666 s[i]->s.jf = NULL; /*update in next stmt*/ 1667 s[i]->s.k = IPPROTO_NONE; 1668 s[fix5]->s.jf = s[i]; 1669 fix2 = i; 1670 i++; 1671 1672 if (proto == Q_IPV6) { 1673 int v6start, v6end, v6advance, j; 1674 1675 v6start = i; 1676 /* if (A == IPPROTO_HOPOPTS) goto v6advance */ 1677 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K); 1678 s[i]->s.jt = NULL; /*later*/ 1679 s[i]->s.jf = NULL; /*update in next stmt*/ 1680 s[i]->s.k = IPPROTO_HOPOPTS; 1681 s[fix2]->s.jf = s[i]; 1682 i++; 1683 /* if (A == IPPROTO_DSTOPTS) goto v6advance */ 1684 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K); 1685 s[i]->s.jt = NULL; /*later*/ 1686 s[i]->s.jf = NULL; /*update in next stmt*/ 1687 s[i]->s.k = IPPROTO_DSTOPTS; 1688 i++; 1689 /* if (A == IPPROTO_ROUTING) goto v6advance */ 1690 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K); 1691 s[i]->s.jt = NULL; /*later*/ 1692 s[i]->s.jf = NULL; /*update in next stmt*/ 1693 s[i]->s.k = IPPROTO_ROUTING; 1694 i++; 1695 /* if (A == IPPROTO_FRAGMENT) goto v6advance; else goto ahcheck; */ 1696 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K); 1697 s[i]->s.jt = NULL; /*later*/ 1698 s[i]->s.jf = NULL; /*later*/ 1699 s[i]->s.k = IPPROTO_FRAGMENT; 1700 fix3 = i; 1701 v6end = i; 1702 i++; 1703 1704 /* v6advance: */ 1705 v6advance = i; 1706 1707 /* 1708 * in short, 1709 * A = P[X + 1]; 1710 * X = X + (P[X] + 1) * 8; 1711 */ 1712 /* A = X */ 1713 s[i] = new_stmt(BPF_MISC|BPF_TXA); 1714 i++; 1715 /* MEM[reg1] = A */ 1716 s[i] = new_stmt(BPF_ST); 1717 s[i]->s.k = reg1; 1718 i++; 1719 /* A += 1 */ 1720 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K); 1721 s[i]->s.k = 1; 1722 i++; 1723 /* X = A */ 1724 s[i] = new_stmt(BPF_MISC|BPF_TAX); 1725 i++; 1726 /* A = P[X + packet head]; */ 1727 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B); 1728 s[i]->s.k = off_nl; 1729 i++; 1730 /* MEM[reg2] = A */ 1731 s[i] = new_stmt(BPF_ST); 1732 s[i]->s.k = reg2; 1733 i++; 1734 /* X = MEM[reg1] */ 1735 s[i] = new_stmt(BPF_LDX|BPF_MEM); 1736 s[i]->s.k = reg1; 1737 i++; 1738 /* A = P[X + packet head] */ 1739 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B); 1740 s[i]->s.k = off_nl; 1741 i++; 1742 /* A += 1 */ 1743 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K); 1744 s[i]->s.k = 1; 1745 i++; 1746 /* A *= 8 */ 1747 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K); 1748 s[i]->s.k = 8; 1749 i++; 1750 /* X = A; */ 1751 s[i] = new_stmt(BPF_MISC|BPF_TAX); 1752 i++; 1753 /* A = MEM[reg2] */ 1754 s[i] = new_stmt(BPF_LD|BPF_MEM); 1755 s[i]->s.k = reg2; 1756 i++; 1757 1758 /* goto again; (must use BPF_JA for backward jump) */ 1759 s[i] = new_stmt(BPF_JMP|BPF_JA); 1760 s[i]->s.k = again - i - 1; 1761 s[i - 1]->s.jf = s[i]; 1762 i++; 1763 1764 /* fixup */ 1765 for (j = v6start; j <= v6end; j++) 1766 s[j]->s.jt = s[v6advance]; 1767 } else { 1768 /* nop */ 1769 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K); 1770 s[i]->s.k = 0; 1771 s[fix2]->s.jf = s[i]; 1772 i++; 1773 } 1774 1775 /* ahcheck: */ 1776 ahcheck = i; 1777 /* if (A == IPPROTO_AH) then fall through; else goto end; */ 1778 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K); 1779 s[i]->s.jt = NULL; /*later*/ 1780 s[i]->s.jf = NULL; /*later*/ 1781 s[i]->s.k = IPPROTO_AH; 1782 if (fix3) 1783 s[fix3]->s.jf = s[ahcheck]; 1784 fix4 = i; 1785 i++; 1786 1787 /* 1788 * in short, 1789 * A = P[X + 1]; 1790 * X = X + (P[X] + 2) * 4; 1791 */ 1792 /* A = X */ 1793 s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC|BPF_TXA); 1794 i++; 1795 /* MEM[reg1] = A */ 1796 s[i] = new_stmt(BPF_ST); 1797 s[i]->s.k = reg1; 1798 i++; 1799 /* A += 1 */ 1800 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K); 1801 s[i]->s.k = 1; 1802 i++; 1803 /* X = A */ 1804 s[i] = new_stmt(BPF_MISC|BPF_TAX); 1805 i++; 1806 /* A = P[X + packet head]; */ 1807 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B); 1808 s[i]->s.k = off_nl; 1809 i++; 1810 /* MEM[reg2] = A */ 1811 s[i] = new_stmt(BPF_ST); 1812 s[i]->s.k = reg2; 1813 i++; 1814 /* X = MEM[reg1] */ 1815 s[i] = new_stmt(BPF_LDX|BPF_MEM); 1816 s[i]->s.k = reg1; 1817 i++; 1818 /* A = P[X + packet head] */ 1819 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B); 1820 s[i]->s.k = off_nl; 1821 i++; 1822 /* A += 2 */ 1823 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K); 1824 s[i]->s.k = 2; 1825 i++; 1826 /* A *= 4 */ 1827 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K); 1828 s[i]->s.k = 4; 1829 i++; 1830 /* X = A; */ 1831 s[i] = new_stmt(BPF_MISC|BPF_TAX); 1832 i++; 1833 /* A = MEM[reg2] */ 1834 s[i] = new_stmt(BPF_LD|BPF_MEM); 1835 s[i]->s.k = reg2; 1836 i++; 1837 1838 /* goto again; (must use BPF_JA for backward jump) */ 1839 s[i] = new_stmt(BPF_JMP|BPF_JA); 1840 s[i]->s.k = again - i - 1; 1841 i++; 1842 1843 /* end: nop */ 1844 end = i; 1845 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K); 1846 s[i]->s.k = 0; 1847 s[fix2]->s.jt = s[end]; 1848 s[fix4]->s.jf = s[end]; 1849 s[fix5]->s.jt = s[end]; 1850 i++; 1851 1852 /* 1853 * make slist chain 1854 */ 1855 max = i; 1856 for (i = 0; i < max - 1; i++) 1857 s[i]->next = s[i + 1]; 1858 s[max - 1]->next = NULL; 1859 1860 /* 1861 * emit final check 1862 */ 1863 b = new_block(JMP(BPF_JEQ)); 1864 b->stmts = s[1]; /*remember, s[0] is dummy*/ 1865 b->s.k = v; 1866 1867 free_reg(reg1); 1868 free_reg(reg2); 1869 1870 gen_and(b0, b); 1871 return b; 1872 } 1873 1874 static struct block * 1875 gen_proto(v, proto, dir) 1876 int v; 1877 int proto; 1878 int dir; 1879 { 1880 struct block *b0, *b1; 1881 1882 if (dir != Q_DEFAULT) 1883 bpf_error("direction applied to 'proto'"); 1884 1885 switch (proto) { 1886 case Q_DEFAULT: 1887 #ifdef INET6 1888 b0 = gen_proto(v, Q_IP, dir); 1889 b1 = gen_proto(v, Q_IPV6, dir); 1890 gen_or(b0, b1); 1891 return b1; 1892 #else 1893 /*FALLTHROUGH*/ 1894 #endif 1895 case Q_IP: 1896 b0 = gen_linktype(ETHERTYPE_IP); 1897 #ifndef CHASE_CHAIN 1898 b1 = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)v); 1899 #else 1900 b1 = gen_protochain(v, Q_IP); 1901 #endif 1902 gen_and(b0, b1); 1903 return b1; 1904 1905 case Q_ARP: 1906 bpf_error("arp does not encapsulate another protocol"); 1907 /* NOTREACHED */ 1908 1909 case Q_RARP: 1910 bpf_error("rarp does not encapsulate another protocol"); 1911 /* NOTREACHED */ 1912 1913 case Q_ATALK: 1914 bpf_error("atalk encapsulation is not specifiable"); 1915 /* NOTREACHED */ 1916 1917 case Q_DECNET: 1918 bpf_error("decnet encapsulation is not specifiable"); 1919 /* NOTREACHED */ 1920 1921 case Q_SCA: 1922 bpf_error("sca does not encapsulate another protocol"); 1923 /* NOTREACHED */ 1924 1925 case Q_LAT: 1926 bpf_error("lat does not encapsulate another protocol"); 1927 /* NOTREACHED */ 1928 1929 case Q_MOPRC: 1930 bpf_error("moprc does not encapsulate another protocol"); 1931 /* NOTREACHED */ 1932 1933 case Q_MOPDL: 1934 bpf_error("mopdl does not encapsulate another protocol"); 1935 /* NOTREACHED */ 1936 1937 case Q_LINK: 1938 return gen_linktype(v); 1939 1940 case Q_UDP: 1941 bpf_error("'udp proto' is bogus"); 1942 /* NOTREACHED */ 1943 1944 case Q_TCP: 1945 bpf_error("'tcp proto' is bogus"); 1946 /* NOTREACHED */ 1947 1948 case Q_ICMP: 1949 bpf_error("'icmp proto' is bogus"); 1950 /* NOTREACHED */ 1951 1952 case Q_IGMP: 1953 bpf_error("'igmp proto' is bogus"); 1954 /* NOTREACHED */ 1955 1956 case Q_IGRP: 1957 bpf_error("'igrp proto' is bogus"); 1958 /* NOTREACHED */ 1959 1960 case Q_PIM: 1961 bpf_error("'pim proto' is bogus"); 1962 /* NOTREACHED */ 1963 1964 #ifdef INET6 1965 case Q_IPV6: 1966 b0 = gen_linktype(ETHERTYPE_IPV6); 1967 #ifndef CHASE_CHAIN 1968 b1 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)v); 1969 #else 1970 b1 = gen_protochain(v, Q_IPV6); 1971 #endif 1972 gen_and(b0, b1); 1973 return b1; 1974 1975 case Q_ICMPV6: 1976 bpf_error("'icmp6 proto' is bogus"); 1977 #endif /* INET6 */ 1978 1979 case Q_AH: 1980 bpf_error("'ah proto' is bogus"); 1981 1982 case Q_ESP: 1983 bpf_error("'ah proto' is bogus"); 1984 1985 default: 1986 abort(); 1987 /* NOTREACHED */ 1988 } 1989 /* NOTREACHED */ 1990 } 1991 1992 struct block * 1993 gen_scode(name, q) 1994 register const char *name; 1995 struct qual q; 1996 { 1997 int proto = q.proto; 1998 int dir = q.dir; 1999 int tproto; 2000 u_char *eaddr; 2001 bpf_u_int32 mask, addr; 2002 #ifndef INET6 2003 bpf_u_int32 **alist; 2004 #else 2005 int tproto6; 2006 struct sockaddr_in *sin; 2007 struct sockaddr_in6 *sin6; 2008 struct addrinfo *res, *res0; 2009 struct in6_addr mask128; 2010 #endif /*INET6*/ 2011 struct block *b, *tmp; 2012 int port, real_proto; 2013 2014 switch (q.addr) { 2015 2016 case Q_NET: 2017 addr = pcap_nametonetaddr(name); 2018 if (addr == 0) 2019 bpf_error("unknown network '%s'", name); 2020 /* Left justify network addr and calculate its network mask */ 2021 mask = 0xffffffff; 2022 while (addr && (addr & 0xff000000) == 0) { 2023 addr <<= 8; 2024 mask <<= 8; 2025 } 2026 return gen_host(addr, mask, proto, dir); 2027 2028 case Q_DEFAULT: 2029 case Q_HOST: 2030 if (proto == Q_LINK) { 2031 switch (linktype) { 2032 2033 case DLT_EN10MB: 2034 eaddr = pcap_ether_hostton(name); 2035 if (eaddr == NULL) 2036 bpf_error( 2037 "unknown ether host '%s'", name); 2038 return gen_ehostop(eaddr, dir); 2039 2040 case DLT_FDDI: 2041 eaddr = pcap_ether_hostton(name); 2042 if (eaddr == NULL) 2043 bpf_error( 2044 "unknown FDDI host '%s'", name); 2045 return gen_fhostop(eaddr, dir); 2046 2047 default: 2048 bpf_error( 2049 "only ethernet/FDDI supports link-level host name"); 2050 break; 2051 } 2052 } else if (proto == Q_DECNET) { 2053 unsigned short dn_addr = __pcap_nametodnaddr(name); 2054 /* 2055 * I don't think DECNET hosts can be multihomed, so 2056 * there is no need to build up a list of addresses 2057 */ 2058 return (gen_host(dn_addr, 0, proto, dir)); 2059 } else { 2060 #ifndef INET6 2061 alist = pcap_nametoaddr(name); 2062 if (alist == NULL || *alist == NULL) 2063 bpf_error("unknown host '%s'", name); 2064 tproto = proto; 2065 if (off_linktype == -1 && tproto == Q_DEFAULT) 2066 tproto = Q_IP; 2067 b = gen_host(**alist++, 0xffffffff, tproto, dir); 2068 while (*alist) { 2069 tmp = gen_host(**alist++, 0xffffffff, 2070 tproto, dir); 2071 gen_or(b, tmp); 2072 b = tmp; 2073 } 2074 return b; 2075 #else 2076 memset(&mask128, 0xff, sizeof(mask128)); 2077 res0 = res = pcap_nametoaddrinfo(name); 2078 if (res == NULL) 2079 bpf_error("unknown host '%s'", name); 2080 b = tmp = NULL; 2081 tproto = tproto6 = proto; 2082 if (off_linktype == -1 && tproto == Q_DEFAULT) { 2083 tproto = Q_IP; 2084 tproto6 = Q_IPV6; 2085 } 2086 for (res = res0; res; res = res->ai_next) { 2087 switch (res->ai_family) { 2088 case AF_INET: 2089 if (tproto == Q_IPV6) 2090 continue; 2091 2092 sin = (struct sockaddr_in *) 2093 res->ai_addr; 2094 tmp = gen_host(ntohl(sin->sin_addr.s_addr), 2095 0xffffffff, tproto, dir); 2096 break; 2097 case AF_INET6: 2098 if (tproto6 == Q_IP) 2099 continue; 2100 2101 sin6 = (struct sockaddr_in6 *) 2102 res->ai_addr; 2103 tmp = gen_host6(&sin6->sin6_addr, 2104 &mask128, tproto6, dir); 2105 break; 2106 } 2107 if (b) 2108 gen_or(b, tmp); 2109 b = tmp; 2110 } 2111 freeaddrinfo(res0); 2112 if (b == NULL) { 2113 bpf_error("unknown host '%s'%s", name, 2114 (proto == Q_DEFAULT) 2115 ? "" 2116 : " for specified address family"); 2117 } 2118 return b; 2119 #endif /*INET6*/ 2120 } 2121 2122 case Q_PORT: 2123 if (proto != Q_DEFAULT && proto != Q_UDP && proto != Q_TCP) 2124 bpf_error("illegal qualifier of 'port'"); 2125 if (pcap_nametoport(name, &port, &real_proto) == 0) 2126 bpf_error("unknown port '%s'", name); 2127 if (proto == Q_UDP) { 2128 if (real_proto == IPPROTO_TCP) 2129 bpf_error("port '%s' is tcp", name); 2130 else 2131 /* override PROTO_UNDEF */ 2132 real_proto = IPPROTO_UDP; 2133 } 2134 if (proto == Q_TCP) { 2135 if (real_proto == IPPROTO_UDP) 2136 bpf_error("port '%s' is udp", name); 2137 else 2138 /* override PROTO_UNDEF */ 2139 real_proto = IPPROTO_TCP; 2140 } 2141 #ifndef INET6 2142 return gen_port(port, real_proto, dir); 2143 #else 2144 { 2145 struct block *b; 2146 b = gen_port(port, real_proto, dir); 2147 gen_or(gen_port6(port, real_proto, dir), b); 2148 return b; 2149 } 2150 #endif /* INET6 */ 2151 2152 case Q_GATEWAY: 2153 #ifndef INET6 2154 eaddr = pcap_ether_hostton(name); 2155 if (eaddr == NULL) 2156 bpf_error("unknown ether host: %s", name); 2157 2158 alist = pcap_nametoaddr(name); 2159 if (alist == NULL || *alist == NULL) 2160 bpf_error("unknown host '%s'", name); 2161 return gen_gateway(eaddr, alist, proto, dir); 2162 #else 2163 bpf_error("'gateway' not supported in this configuration"); 2164 #endif /*INET6*/ 2165 2166 case Q_PROTO: 2167 real_proto = lookup_proto(name, proto); 2168 if (real_proto >= 0) 2169 return gen_proto(real_proto, proto, dir); 2170 else 2171 bpf_error("unknown protocol: %s", name); 2172 2173 case Q_PROTOCHAIN: 2174 real_proto = lookup_proto(name, proto); 2175 if (real_proto >= 0) 2176 return gen_protochain(real_proto, proto, dir); 2177 else 2178 bpf_error("unknown protocol: %s", name); 2179 2180 2181 case Q_UNDEF: 2182 syntax(); 2183 /* NOTREACHED */ 2184 } 2185 abort(); 2186 /* NOTREACHED */ 2187 } 2188 2189 struct block * 2190 gen_mcode(s1, s2, masklen, q) 2191 register const char *s1, *s2; 2192 register int masklen; 2193 struct qual q; 2194 { 2195 register int nlen, mlen; 2196 bpf_u_int32 n, m; 2197 2198 nlen = __pcap_atoin(s1, &n); 2199 /* Promote short ipaddr */ 2200 n <<= 32 - nlen; 2201 2202 if (s2 != NULL) { 2203 mlen = __pcap_atoin(s2, &m); 2204 /* Promote short ipaddr */ 2205 m <<= 32 - mlen; 2206 if ((n & ~m) != 0) 2207 bpf_error("non-network bits set in \"%s mask %s\"", 2208 s1, s2); 2209 } else { 2210 /* Convert mask len to mask */ 2211 if (masklen > 32) 2212 bpf_error("mask length must be <= 32"); 2213 m = 0xffffffff << (32 - masklen); 2214 if ((n & ~m) != 0) 2215 bpf_error("non-network bits set in \"%s/%d\"", 2216 s1, masklen); 2217 } 2218 2219 switch (q.addr) { 2220 2221 case Q_NET: 2222 return gen_host(n, m, q.proto, q.dir); 2223 2224 default: 2225 bpf_error("Mask syntax for networks only"); 2226 /* NOTREACHED */ 2227 } 2228 } 2229 2230 struct block * 2231 gen_ncode(s, v, q) 2232 register const char *s; 2233 bpf_u_int32 v; 2234 struct qual q; 2235 { 2236 bpf_u_int32 mask; 2237 int proto = q.proto; 2238 int dir = q.dir; 2239 register int vlen; 2240 2241 if (s == NULL) 2242 vlen = 32; 2243 else if (q.proto == Q_DECNET) 2244 vlen = __pcap_atodn(s, &v); 2245 else 2246 vlen = __pcap_atoin(s, &v); 2247 2248 switch (q.addr) { 2249 2250 case Q_DEFAULT: 2251 case Q_HOST: 2252 case Q_NET: 2253 if (proto == Q_DECNET) 2254 return gen_host(v, 0, proto, dir); 2255 else if (proto == Q_LINK) { 2256 bpf_error("illegal link layer address"); 2257 } else { 2258 mask = 0xffffffff; 2259 if (s == NULL && q.addr == Q_NET) { 2260 /* Promote short net number */ 2261 while (v && (v & 0xff000000) == 0) { 2262 v <<= 8; 2263 mask <<= 8; 2264 } 2265 } else { 2266 /* Promote short ipaddr */ 2267 v <<= 32 - vlen; 2268 mask <<= 32 - vlen; 2269 } 2270 return gen_host(v, mask, proto, dir); 2271 } 2272 2273 case Q_PORT: 2274 if (proto == Q_UDP) 2275 proto = IPPROTO_UDP; 2276 else if (proto == Q_TCP) 2277 proto = IPPROTO_TCP; 2278 else if (proto == Q_DEFAULT) 2279 proto = PROTO_UNDEF; 2280 else 2281 bpf_error("illegal qualifier of 'port'"); 2282 2283 #ifndef INET6 2284 return gen_port((int)v, proto, dir); 2285 #else 2286 { 2287 struct block *b; 2288 b = gen_port((int)v, proto, dir); 2289 gen_or(gen_port6((int)v, proto, dir), b); 2290 return b; 2291 } 2292 #endif /* INET6 */ 2293 2294 case Q_GATEWAY: 2295 bpf_error("'gateway' requires a name"); 2296 /* NOTREACHED */ 2297 2298 case Q_PROTO: 2299 return gen_proto((int)v, proto, dir); 2300 2301 case Q_PROTOCHAIN: 2302 return gen_protochain((int)v, proto, dir); 2303 2304 case Q_UNDEF: 2305 syntax(); 2306 /* NOTREACHED */ 2307 2308 default: 2309 abort(); 2310 /* NOTREACHED */ 2311 } 2312 /* NOTREACHED */ 2313 } 2314 2315 #ifdef INET6 2316 struct block * 2317 gen_mcode6(s1, s2, masklen, q) 2318 register const char *s1, *s2; 2319 register int masklen; 2320 struct qual q; 2321 { 2322 struct addrinfo *res; 2323 struct in6_addr *addr; 2324 struct in6_addr mask; 2325 struct block *b; 2326 u_int32_t *a, *m; 2327 2328 if (s2) 2329 bpf_error("no mask %s supported", s2); 2330 2331 res = pcap_nametoaddrinfo(s1); 2332 if (!res) 2333 bpf_error("invalid ip6 address %s", s1); 2334 if (res->ai_next) 2335 bpf_error("%s resolved to multiple address", s1); 2336 addr = &((struct sockaddr_in6 *)res->ai_addr)->sin6_addr; 2337 2338 if (sizeof(mask) * 8 < masklen) 2339 bpf_error("mask length must be <= %u", (unsigned int)(sizeof(mask) * 8)); 2340 memset(&mask, 0xff, masklen / 8); 2341 if (masklen % 8) { 2342 mask.s6_addr[masklen / 8] = 2343 (0xff << (8 - masklen % 8)) & 0xff; 2344 } 2345 2346 a = (u_int32_t *)addr; 2347 m = (u_int32_t *)&mask; 2348 if ((a[0] & ~m[0]) || (a[1] & ~m[1]) 2349 || (a[2] & ~m[2]) || (a[3] & ~m[3])) { 2350 bpf_error("non-network bits set in \"%s/%d\"", s1, masklen); 2351 } 2352 2353 switch (q.addr) { 2354 2355 case Q_DEFAULT: 2356 case Q_HOST: 2357 if (masklen != 128) 2358 bpf_error("Mask syntax for networks only"); 2359 /* FALLTHROUGH */ 2360 2361 case Q_NET: 2362 b = gen_host6(addr, &mask, q.proto, q.dir); 2363 freeaddrinfo(res); 2364 return b; 2365 2366 default: 2367 bpf_error("invalid qualifier against IPv6 address"); 2368 /* NOTREACHED */ 2369 } 2370 } 2371 #endif /*INET6*/ 2372 2373 struct block * 2374 gen_ecode(eaddr, q) 2375 register const u_char *eaddr; 2376 struct qual q; 2377 { 2378 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) { 2379 if (linktype == DLT_EN10MB) 2380 return gen_ehostop(eaddr, (int)q.dir); 2381 if (linktype == DLT_FDDI) 2382 return gen_fhostop(eaddr, (int)q.dir); 2383 } 2384 bpf_error("ethernet address used in non-ether expression"); 2385 /* NOTREACHED */ 2386 } 2387 2388 void 2389 sappend(s0, s1) 2390 struct slist *s0, *s1; 2391 { 2392 /* 2393 * This is definitely not the best way to do this, but the 2394 * lists will rarely get long. 2395 */ 2396 while (s0->next) 2397 s0 = s0->next; 2398 s0->next = s1; 2399 } 2400 2401 static struct slist * 2402 xfer_to_x(a) 2403 struct arth *a; 2404 { 2405 struct slist *s; 2406 2407 s = new_stmt(BPF_LDX|BPF_MEM); 2408 s->s.k = a->regno; 2409 return s; 2410 } 2411 2412 static struct slist * 2413 xfer_to_a(a) 2414 struct arth *a; 2415 { 2416 struct slist *s; 2417 2418 s = new_stmt(BPF_LD|BPF_MEM); 2419 s->s.k = a->regno; 2420 return s; 2421 } 2422 2423 struct arth * 2424 gen_load(proto, index, size) 2425 int proto; 2426 struct arth *index; 2427 int size; 2428 { 2429 struct slist *s, *tmp; 2430 struct block *b; 2431 int regno = alloc_reg(); 2432 2433 free_reg(index->regno); 2434 switch (size) { 2435 2436 default: 2437 bpf_error("data size must be 1, 2, or 4"); 2438 2439 case 1: 2440 size = BPF_B; 2441 break; 2442 2443 case 2: 2444 size = BPF_H; 2445 break; 2446 2447 case 4: 2448 size = BPF_W; 2449 break; 2450 } 2451 switch (proto) { 2452 default: 2453 bpf_error("unsupported index operation"); 2454 2455 case Q_LINK: 2456 s = xfer_to_x(index); 2457 tmp = new_stmt(BPF_LD|BPF_IND|size); 2458 sappend(s, tmp); 2459 sappend(index->s, s); 2460 break; 2461 2462 case Q_IP: 2463 case Q_ARP: 2464 case Q_RARP: 2465 case Q_ATALK: 2466 case Q_DECNET: 2467 case Q_SCA: 2468 case Q_LAT: 2469 case Q_MOPRC: 2470 case Q_MOPDL: 2471 #ifdef INET6 2472 case Q_IPV6: 2473 #endif 2474 /* XXX Note that we assume a fixed link header here. */ 2475 s = xfer_to_x(index); 2476 tmp = new_stmt(BPF_LD|BPF_IND|size); 2477 tmp->s.k = off_nl; 2478 sappend(s, tmp); 2479 sappend(index->s, s); 2480 2481 b = gen_proto_abbrev(proto); 2482 if (index->b) 2483 gen_and(index->b, b); 2484 index->b = b; 2485 break; 2486 2487 case Q_TCP: 2488 case Q_UDP: 2489 case Q_ICMP: 2490 case Q_IGMP: 2491 case Q_IGRP: 2492 case Q_PIM: 2493 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B); 2494 s->s.k = off_nl; 2495 sappend(s, xfer_to_a(index)); 2496 sappend(s, new_stmt(BPF_ALU|BPF_ADD|BPF_X)); 2497 sappend(s, new_stmt(BPF_MISC|BPF_TAX)); 2498 sappend(s, tmp = new_stmt(BPF_LD|BPF_IND|size)); 2499 tmp->s.k = off_nl; 2500 sappend(index->s, s); 2501 2502 gen_and(gen_proto_abbrev(proto), b = gen_ipfrag()); 2503 if (index->b) 2504 gen_and(index->b, b); 2505 #ifdef INET6 2506 gen_and(gen_proto_abbrev(Q_IP), b); 2507 #endif 2508 index->b = b; 2509 break; 2510 #ifdef INET6 2511 case Q_ICMPV6: 2512 bpf_error("IPv6 upper-layer protocol is not supported by proto[x]"); 2513 /*NOTREACHED*/ 2514 #endif 2515 } 2516 index->regno = regno; 2517 s = new_stmt(BPF_ST); 2518 s->s.k = regno; 2519 sappend(index->s, s); 2520 2521 return index; 2522 } 2523 2524 struct block * 2525 gen_relation(code, a0, a1, reversed) 2526 int code; 2527 struct arth *a0, *a1; 2528 int reversed; 2529 { 2530 struct slist *s0, *s1, *s2; 2531 struct block *b, *tmp; 2532 2533 s0 = xfer_to_x(a1); 2534 s1 = xfer_to_a(a0); 2535 s2 = new_stmt(BPF_ALU|BPF_SUB|BPF_X); 2536 b = new_block(JMP(code)); 2537 if (code == BPF_JGT || code == BPF_JGE) { 2538 reversed = !reversed; 2539 b->s.k = 0x80000000; 2540 } 2541 if (reversed) 2542 gen_not(b); 2543 2544 sappend(s1, s2); 2545 sappend(s0, s1); 2546 sappend(a1->s, s0); 2547 sappend(a0->s, a1->s); 2548 2549 b->stmts = a0->s; 2550 2551 free_reg(a0->regno); 2552 free_reg(a1->regno); 2553 2554 /* 'and' together protocol checks */ 2555 if (a0->b) { 2556 if (a1->b) { 2557 gen_and(a0->b, tmp = a1->b); 2558 } 2559 else 2560 tmp = a0->b; 2561 } else 2562 tmp = a1->b; 2563 2564 if (tmp) 2565 gen_and(tmp, b); 2566 2567 return b; 2568 } 2569 2570 struct arth * 2571 gen_loadlen() 2572 { 2573 int regno = alloc_reg(); 2574 struct arth *a = (struct arth *)newchunk(sizeof(*a)); 2575 struct slist *s; 2576 2577 s = new_stmt(BPF_LD|BPF_LEN); 2578 s->next = new_stmt(BPF_ST); 2579 s->next->s.k = regno; 2580 a->s = s; 2581 a->regno = regno; 2582 2583 return a; 2584 } 2585 2586 struct arth * 2587 gen_loadi(val) 2588 int val; 2589 { 2590 struct arth *a; 2591 struct slist *s; 2592 int reg; 2593 2594 a = (struct arth *)newchunk(sizeof(*a)); 2595 2596 reg = alloc_reg(); 2597 2598 s = new_stmt(BPF_LD|BPF_IMM); 2599 s->s.k = val; 2600 s->next = new_stmt(BPF_ST); 2601 s->next->s.k = reg; 2602 a->s = s; 2603 a->regno = reg; 2604 2605 return a; 2606 } 2607 2608 struct arth * 2609 gen_neg(a) 2610 struct arth *a; 2611 { 2612 struct slist *s; 2613 2614 s = xfer_to_a(a); 2615 sappend(a->s, s); 2616 s = new_stmt(BPF_ALU|BPF_NEG); 2617 s->s.k = 0; 2618 sappend(a->s, s); 2619 s = new_stmt(BPF_ST); 2620 s->s.k = a->regno; 2621 sappend(a->s, s); 2622 2623 return a; 2624 } 2625 2626 struct arth * 2627 gen_arth(code, a0, a1) 2628 int code; 2629 struct arth *a0, *a1; 2630 { 2631 struct slist *s0, *s1, *s2; 2632 2633 s0 = xfer_to_x(a1); 2634 s1 = xfer_to_a(a0); 2635 s2 = new_stmt(BPF_ALU|BPF_X|code); 2636 2637 sappend(s1, s2); 2638 sappend(s0, s1); 2639 sappend(a1->s, s0); 2640 sappend(a0->s, a1->s); 2641 2642 free_reg(a1->regno); 2643 2644 s0 = new_stmt(BPF_ST); 2645 a0->regno = s0->s.k = alloc_reg(); 2646 sappend(a0->s, s0); 2647 2648 return a0; 2649 } 2650 2651 /* 2652 * Here we handle simple allocation of the scratch registers. 2653 * If too many registers are alloc'd, the allocator punts. 2654 */ 2655 static int regused[BPF_MEMWORDS]; 2656 static int curreg; 2657 2658 /* 2659 * Return the next free register. 2660 */ 2661 static int 2662 alloc_reg() 2663 { 2664 int n = BPF_MEMWORDS; 2665 2666 while (--n >= 0) { 2667 if (regused[curreg]) 2668 curreg = (curreg + 1) % BPF_MEMWORDS; 2669 else { 2670 regused[curreg] = 1; 2671 return curreg; 2672 } 2673 } 2674 bpf_error("too many registers needed to evaluate expression"); 2675 /* NOTREACHED */ 2676 } 2677 2678 /* 2679 * Return a register to the table so it can 2680 * be used later. 2681 */ 2682 static void 2683 free_reg(n) 2684 int n; 2685 { 2686 regused[n] = 0; 2687 } 2688 2689 static struct block * 2690 gen_len(jmp, n) 2691 int jmp, n; 2692 { 2693 struct slist *s; 2694 struct block *b; 2695 2696 s = new_stmt(BPF_LD|BPF_LEN); 2697 b = new_block(JMP(jmp)); 2698 b->stmts = s; 2699 b->s.k = n; 2700 2701 return b; 2702 } 2703 2704 struct block * 2705 gen_greater(n) 2706 int n; 2707 { 2708 return gen_len(BPF_JGE, n); 2709 } 2710 2711 struct block * 2712 gen_less(n) 2713 int n; 2714 { 2715 struct block *b; 2716 2717 b = gen_len(BPF_JGT, n); 2718 gen_not(b); 2719 2720 return b; 2721 } 2722 2723 struct block * 2724 gen_byteop(op, idx, val) 2725 int op, idx, val; 2726 { 2727 struct block *b; 2728 struct slist *s; 2729 2730 switch (op) { 2731 default: 2732 abort(); 2733 2734 case '=': 2735 return gen_cmp((u_int)idx, BPF_B, (bpf_int32)val); 2736 2737 case '<': 2738 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val); 2739 b->s.code = JMP(BPF_JGE); 2740 gen_not(b); 2741 return b; 2742 2743 case '>': 2744 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val); 2745 b->s.code = JMP(BPF_JGT); 2746 return b; 2747 2748 case '|': 2749 s = new_stmt(BPF_ALU|BPF_OR|BPF_K); 2750 break; 2751 2752 case '&': 2753 s = new_stmt(BPF_ALU|BPF_AND|BPF_K); 2754 break; 2755 } 2756 s->s.k = val; 2757 b = new_block(JMP(BPF_JEQ)); 2758 b->stmts = s; 2759 gen_not(b); 2760 2761 return b; 2762 } 2763 2764 static u_char abroadcast[] = { 0x0 }; 2765 2766 struct block * 2767 gen_broadcast(proto) 2768 int proto; 2769 { 2770 bpf_u_int32 hostmask; 2771 struct block *b0, *b1, *b2; 2772 static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 2773 2774 switch (proto) { 2775 2776 case Q_DEFAULT: 2777 case Q_LINK: 2778 if (linktype == DLT_ARCNET) 2779 return gen_ahostop(abroadcast, Q_DST); 2780 if (linktype == DLT_EN10MB) 2781 return gen_ehostop(ebroadcast, Q_DST); 2782 if (linktype == DLT_FDDI) 2783 return gen_fhostop(ebroadcast, Q_DST); 2784 bpf_error("not a broadcast link"); 2785 break; 2786 2787 case Q_IP: 2788 b0 = gen_linktype(ETHERTYPE_IP); 2789 hostmask = ~netmask; 2790 b1 = gen_mcmp(off_nl + 16, BPF_W, (bpf_int32)0, hostmask); 2791 b2 = gen_mcmp(off_nl + 16, BPF_W, 2792 (bpf_int32)(~0 & hostmask), hostmask); 2793 gen_or(b1, b2); 2794 gen_and(b0, b2); 2795 return b2; 2796 } 2797 bpf_error("only ether/ip broadcast filters supported"); 2798 } 2799 2800 struct block * 2801 gen_multicast(proto) 2802 int proto; 2803 { 2804 register struct block *b0, *b1; 2805 register struct slist *s; 2806 2807 switch (proto) { 2808 2809 case Q_DEFAULT: 2810 case Q_LINK: 2811 if (linktype == DLT_ARCNET) 2812 /* all ARCnet multicasts use the same address */ 2813 return gen_ahostop(abroadcast, Q_DST); 2814 2815 if (linktype == DLT_EN10MB) { 2816 /* ether[0] & 1 != 0 */ 2817 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2818 s->s.k = 0; 2819 b0 = new_block(JMP(BPF_JSET)); 2820 b0->s.k = 1; 2821 b0->stmts = s; 2822 return b0; 2823 } 2824 2825 if (linktype == DLT_FDDI) { 2826 /* XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX */ 2827 /* fddi[1] & 1 != 0 */ 2828 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2829 s->s.k = 1; 2830 b0 = new_block(JMP(BPF_JSET)); 2831 b0->s.k = 1; 2832 b0->stmts = s; 2833 return b0; 2834 } 2835 /* Link not known to support multicasts */ 2836 break; 2837 2838 case Q_IP: 2839 b0 = gen_linktype(ETHERTYPE_IP); 2840 b1 = gen_cmp(off_nl + 16, BPF_B, (bpf_int32)224); 2841 b1->s.code = JMP(BPF_JGE); 2842 gen_and(b0, b1); 2843 return b1; 2844 2845 #ifdef INET6 2846 case Q_IPV6: 2847 b0 = gen_linktype(ETHERTYPE_IPV6); 2848 b1 = gen_cmp(off_nl + 24, BPF_B, (bpf_int32)255); 2849 gen_and(b0, b1); 2850 return b1; 2851 #endif /* INET6 */ 2852 } 2853 bpf_error("only IP multicast filters supported on ethernet/FDDI"); 2854 } 2855 2856 /* 2857 * generate command for inbound/outbound. It's here so we can 2858 * make it link-type specific. 'dir' = 0 implies "inbound", 2859 * = 1 implies "outbound". 2860 */ 2861 struct block * 2862 gen_inbound(dir) 2863 int dir; 2864 { 2865 register struct block *b0; 2866 2867 /* 2868 * Only SLIP and old-style PPP data link types support 2869 * inbound/outbound qualifiers. 2870 */ 2871 switch (linktype) { 2872 case DLT_SLIP: 2873 case DLT_PPP: 2874 /* These are okay. */ 2875 break; 2876 2877 default: 2878 bpf_error("inbound/outbound not supported on linktype 0x%x\n", 2879 linktype); 2880 /* NOTREACHED */ 2881 } 2882 2883 b0 = gen_relation(BPF_JEQ, 2884 gen_load(Q_LINK, gen_loadi(0), 1), 2885 gen_loadi(0), 2886 dir); 2887 return (b0); 2888 } 2889 2890 struct block * 2891 gen_acode(eaddr, q) 2892 register const u_char *eaddr; 2893 struct qual q; 2894 { 2895 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) { 2896 if (linktype == DLT_ARCNET) 2897 return gen_ahostop(eaddr, (int)q.dir); 2898 } 2899 bpf_error("ARCnet address used in non-arc expression"); 2900 /* NOTREACHED */ 2901 } 2902 2903 static struct block * 2904 gen_ahostop(eaddr, dir) 2905 register const u_char *eaddr; 2906 register int dir; 2907 { 2908 register struct block *b0, *b1; 2909 2910 switch (dir) { 2911 /* src comes first, different from Ethernet */ 2912 case Q_SRC: 2913 return gen_bcmp(0, 1, eaddr); 2914 2915 case Q_DST: 2916 return gen_bcmp(1, 1, eaddr); 2917 2918 case Q_AND: 2919 b0 = gen_ahostop(eaddr, Q_SRC); 2920 b1 = gen_ahostop(eaddr, Q_DST); 2921 gen_and(b0, b1); 2922 return b1; 2923 2924 case Q_DEFAULT: 2925 case Q_OR: 2926 b0 = gen_ahostop(eaddr, Q_SRC); 2927 b1 = gen_ahostop(eaddr, Q_DST); 2928 gen_or(b0, b1); 2929 return b1; 2930 } 2931 abort(); 2932 /* NOTREACHED */ 2933 } 2934