]> The Tcpdump Group git mirrors - libpcap/blob - gencode.c
projects / libpcap / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
-Wall -Werror clean.
[libpcap] / gencode.c
1 /*#define CHASE_CHAIN*/
2 /*
3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998
4 * The Regents of the University of California. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that: (1) source code distributions
8 * retain the above copyright notice and this paragraph in its entirety, (2)
9 * distributions including binary code include the above copyright notice and
10 * this paragraph in its entirety in the documentation or other materials
11 * provided with the distribution, and (3) all advertising materials mentioning
12 * features or use of this software display the following acknowledgement:
13 * ``This product includes software developed by the University of California,
14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
15 * the University nor the names of its contributors may be used to endorse
16 * or promote products derived from this software without specific prior
17 * written permission.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 */
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.110 2000-06-03 16:29:42 itojun Exp $ (LBL)";
25 #endif
26
27 #include <sys/types.h>
28 #include <sys/socket.h>
29 #include <sys/time.h>
30 #ifdef __NetBSD__
31 #include <sys/param.h>
32 #endif
33
34 #if __STDC__
35 struct mbuf;
36 struct rtentry;
37 #endif
38
39 #include <net/if.h>
40
41 #include <netinet/in.h>
42 #include <netinet/if_ether.h>
43
44 #include <stdlib.h>
45 #include <memory.h>
46 #include <setjmp.h>
47 #if __STDC__
48 #include <stdarg.h>
49 #else
50 #include <varargs.h>
51 #endif
52
53 #include "pcap-int.h"
54
55 #include "ethertype.h"
56 #include "gencode.h"
57 #include "ppp.h"
58 #include <pcap-namedb.h>
59 #ifdef INET6
60 #include <netdb.h>
61 #include <sys/socket.h>
62 #endif /*INET6*/
63
64 #include "gnuc.h"
65 #ifdef HAVE_OS_PROTO_H
66 #include "os-proto.h"
67 #endif
68
69 #define JMP(c) ((c)|BPF_JMP|BPF_K)
70
71 /* Locals */
72 static jmp_buf top_ctx;
73 static pcap_t *bpf_pcap;
74
75 /* XXX */
76 #ifdef PCAP_FDDIPAD
77 int pcap_fddipad = PCAP_FDDIPAD;
78 #else
79 int pcap_fddipad;
80 #endif
81
82 /* VARARGS */
83 __dead void
84 #if __STDC__
85 bpf_error(const char *fmt, ...)
86 #else
87 bpf_error(fmt, va_alist)
88 const char *fmt;
89 va_dcl
90 #endif
91 {
92 va_list ap;
93
94 #if __STDC__
95 va_start(ap, fmt);
96 #else
97 va_start(ap);
98 #endif
99 if (bpf_pcap != NULL)
100 (void)vsnprintf(pcap_geterr(bpf_pcap), PCAP_ERRBUF_SIZE,
101 fmt, ap);
102 va_end(ap);
103 longjmp(top_ctx, 1);
104 /* NOTREACHED */
105 }
106
107 static void init_linktype(int);
108
109 static int alloc_reg(void);
110 static void free_reg(int);
111
112 static struct block *root;
113
114 /*
115 * We divy out chunks of memory rather than call malloc each time so
116 * we don't have to worry about leaking memory. It's probably
117 * not a big deal if all this memory was wasted but it this ever
118 * goes into a library that would probably not be a good idea.
119 */
120 #define NCHUNKS 16
121 #define CHUNK0SIZE 1024
122 struct chunk {
123 u_int n_left;
124 void *m;
125 };
126
127 static struct chunk chunks[NCHUNKS];
128 static int cur_chunk;
129
130 static void *newchunk(u_int);
131 static void freechunks(void);
132 static inline struct block *new_block(int);
133 static inline struct slist *new_stmt(int);
134 static struct block *gen_retblk(int);
135 static inline void syntax(void);
136
137 static void backpatch(struct block *, struct block *);
138 static void merge(struct block *, struct block *);
139 static struct block *gen_cmp(u_int, u_int, bpf_int32);
140 static struct block *gen_mcmp(u_int, u_int, bpf_int32, bpf_u_int32);
141 static struct block *gen_bcmp(u_int, u_int, const u_char *);
142 static struct block *gen_uncond(int);
143 static inline struct block *gen_true(void);
144 static inline struct block *gen_false(void);
145 static struct block *gen_linktype(int);
146 static struct block *gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int);
147 #ifdef INET6
148 static struct block *gen_hostop6(struct in6_addr *, struct in6_addr *, int, int, u_int, u_int);
149 #endif
150 static struct block *gen_ehostop(const u_char *, int);
151 static struct block *gen_fhostop(const u_char *, int);
152 static struct block *gen_dnhostop(bpf_u_int32, int, u_int);
153 static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int);
154 #ifdef INET6
155 static struct block *gen_host6(struct in6_addr *, struct in6_addr *, int, int);
156 #endif
157 #ifndef INET6
158 static struct block *gen_gateway(const u_char *, bpf_u_int32 **, int, int);
159 #endif
160 static struct block *gen_ipfrag(void);
161 static struct block *gen_portatom(int, bpf_int32);
162 #ifdef INET6
163 static struct block *gen_portatom6(int, bpf_int32);
164 #endif
165 struct block *gen_portop(int, int, int);
166 static struct block *gen_port(int, int, int);
167 #ifdef INET6
168 struct block *gen_portop6(int, int, int);
169 static struct block *gen_port6(int, int, int);
170 #endif
171 static int lookup_proto(const char *, int);
172 static struct block *gen_proto(int, int, int);
173 static struct slist *xfer_to_x(struct arth *);
174 static struct slist *xfer_to_a(struct arth *);
175 static struct block *gen_len(int, int);
176
177 static void *
178 newchunk(n)
179 u_int n;
180 {
181 struct chunk *cp;
182 int k, size;
183
184 #ifndef __NetBSD__
185 /* XXX Round up to nearest long. */
186 n = (n + sizeof(long) - 1) & ~(sizeof(long) - 1);
187 #else
188 /* XXX Round up to structure boundary. */
189 n = ALIGN(n);
190 #endif
191
192 cp = &chunks[cur_chunk];
193 if (n > cp->n_left) {
194 ++cp, k = ++cur_chunk;
195 if (k >= NCHUNKS)
196 bpf_error("out of memory");
197 size = CHUNK0SIZE << k;
198 cp->m = (void *)malloc(size);
199 memset((char *)cp->m, 0, size);
200 cp->n_left = size;
201 if (n > size)
202 bpf_error("out of memory");
203 }
204 cp->n_left -= n;
205 return (void *)((char *)cp->m + cp->n_left);
206 }
207
208 static void
209 freechunks()
210 {
211 int i;
212
213 cur_chunk = 0;
214 for (i = 0; i < NCHUNKS; ++i)
215 if (chunks[i].m != NULL) {
216 free(chunks[i].m);
217 chunks[i].m = NULL;
218 }
219 }
220
221 /*
222 * A strdup whose allocations are freed after code generation is over.
223 */
224 char *
225 sdup(s)
226 register const char *s;
227 {
228 int n = strlen(s) + 1;
229 char *cp = newchunk(n);
230
231 strlcpy(cp, s, n);
232 return (cp);
233 }
234
235 static inline struct block *
236 new_block(code)
237 int code;
238 {
239 struct block *p;
240
241 p = (struct block *)newchunk(sizeof(*p));
242 p->s.code = code;
243 p->head = p;
244
245 return p;
246 }
247
248 static inline struct slist *
249 new_stmt(code)
250 int code;
251 {
252 struct slist *p;
253
254 p = (struct slist *)newchunk(sizeof(*p));
255 p->s.code = code;
256
257 return p;
258 }
259
260 static struct block *
261 gen_retblk(v)
262 int v;
263 {
264 struct block *b = new_block(BPF_RET|BPF_K);
265
266 b->s.k = v;
267 return b;
268 }
269
270 static inline void
271 syntax()
272 {
273 bpf_error("syntax error in filter expression");
274 }
275
276 static bpf_u_int32 netmask;
277 static int snaplen;
278 int no_optimize;
279
280 int
281 pcap_compile(pcap_t *p, struct bpf_program *program,
282 char *buf, int optimize, bpf_u_int32 mask)
283 {
284 extern int n_errors;
285 int len;
286
287 no_optimize = 0;
288 n_errors = 0;
289 root = NULL;
290 bpf_pcap = p;
291 if (setjmp(top_ctx)) {
292 freechunks();
293 return (-1);
294 }
295
296 netmask = mask;
297 snaplen = pcap_snapshot(p);
298
299 lex_init(buf ? buf : "");
300 init_linktype(pcap_datalink(p));
301 (void)pcap_parse();
302
303 if (n_errors)
304 syntax();
305
306 if (root == NULL)
307 root = gen_retblk(snaplen);
308
309 if (optimize && !no_optimize) {
310 bpf_optimize(&root);
311 if (root == NULL ||
312 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
313 bpf_error("expression rejects all packets");
314 }
315 program->bf_insns = icode_to_fcode(root, &len);
316 program->bf_len = len;
317
318 freechunks();
319 return (0);
320 }
321
322 /*
323 * entry point for using the compiler with no pcap open
324 * pass in all the stuff that is needed explicitly instead.
325 */
326 int
327 pcap_compile_nopcap(int snaplen_arg, int linktype_arg,
328 struct bpf_program *program,
329 char *buf, int optimize, bpf_u_int32 mask)
330 {
331 extern int n_errors;
332 int len;
333
334 n_errors = 0;
335 root = NULL;
336 bpf_pcap = NULL;
337 if (setjmp(top_ctx)) {
338 freechunks();
339 return (-1);
340 }
341
342 netmask = mask;
343
344 /* XXX needed? I don't grok the use of globals here. */
345 snaplen = snaplen_arg;
346
347 lex_init(buf ? buf : "");
348 init_linktype(linktype_arg);
349 (void)pcap_parse();
350
351 if (n_errors)
352 syntax();
353
354 if (root == NULL)
355 root = gen_retblk(snaplen_arg);
356
357 if (optimize) {
358 bpf_optimize(&root);
359 if (root == NULL ||
360 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
361 bpf_error("expression rejects all packets");
362 }
363 program->bf_insns = icode_to_fcode(root, &len);
364 program->bf_len = len;
365
366 freechunks();
367 return (0);
368 }
369
370 /*
371 * Backpatch the blocks in 'list' to 'target'. The 'sense' field indicates
372 * which of the jt and jf fields has been resolved and which is a pointer
373 * back to another unresolved block (or nil). At least one of the fields
374 * in each block is already resolved.
375 */
376 static void
377 backpatch(list, target)
378 struct block *list, *target;
379 {
380 struct block *next;
381
382 while (list) {
383 if (!list->sense) {
384 next = JT(list);
385 JT(list) = target;
386 } else {
387 next = JF(list);
388 JF(list) = target;
389 }
390 list = next;
391 }
392 }
393
394 /*
395 * Merge the lists in b0 and b1, using the 'sense' field to indicate
396 * which of jt and jf is the link.
397 */
398 static void
399 merge(b0, b1)
400 struct block *b0, *b1;
401 {
402 register struct block **p = &b0;
403
404 /* Find end of list. */
405 while (*p)
406 p = !((*p)->sense) ? &JT(*p) : &JF(*p);
407
408 /* Concatenate the lists. */
409 *p = b1;
410 }
411
412 void
413 finish_parse(p)
414 struct block *p;
415 {
416 backpatch(p, gen_retblk(snaplen));
417 p->sense = !p->sense;
418 backpatch(p, gen_retblk(0));
419 root = p->head;
420 }
421
422 void
423 gen_and(b0, b1)
424 struct block *b0, *b1;
425 {
426 backpatch(b0, b1->head);
427 b0->sense = !b0->sense;
428 b1->sense = !b1->sense;
429 merge(b1, b0);
430 b1->sense = !b1->sense;
431 b1->head = b0->head;
432 }
433
434 void
435 gen_or(b0, b1)
436 struct block *b0, *b1;
437 {
438 b0->sense = !b0->sense;
439 backpatch(b0, b1->head);
440 b0->sense = !b0->sense;
441 merge(b1, b0);
442 b1->head = b0->head;
443 }
444
445 void
446 gen_not(b)
447 struct block *b;
448 {
449 b->sense = !b->sense;
450 }
451
452 static struct block *
453 gen_cmp(offset, size, v)
454 u_int offset, size;
455 bpf_int32 v;
456 {
457 struct slist *s;
458 struct block *b;
459
460 s = new_stmt(BPF_LD|BPF_ABS|size);
461 s->s.k = offset;
462
463 b = new_block(JMP(BPF_JEQ));
464 b->stmts = s;
465 b->s.k = v;
466
467 return b;
468 }
469
470 static struct block *
471 gen_mcmp(offset, size, v, mask)
472 u_int offset, size;
473 bpf_int32 v;
474 bpf_u_int32 mask;
475 {
476 struct block *b = gen_cmp(offset, size, v);
477 struct slist *s;
478
479 if (mask != 0xffffffff) {
480 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
481 s->s.k = mask;
482 b->stmts->next = s;
483 }
484 return b;
485 }
486
487 static struct block *
488 gen_bcmp(offset, size, v)
489 register u_int offset, size;
490 register const u_char *v;
491 {
492 register struct block *b, *tmp;
493
494 b = NULL;
495 while (size >= 4) {
496 register const u_char *p = &v[size - 4];
497 bpf_int32 w = ((bpf_int32)p[0] << 24) |
498 ((bpf_int32)p[1] << 16) | ((bpf_int32)p[2] << 8) | p[3];
499
500 tmp = gen_cmp(offset + size - 4, BPF_W, w);
501 if (b != NULL)
502 gen_and(b, tmp);
503 b = tmp;
504 size -= 4;
505 }
506 while (size >= 2) {
507 register const u_char *p = &v[size - 2];
508 bpf_int32 w = ((bpf_int32)p[0] << 8) | p[1];
509
510 tmp = gen_cmp(offset + size - 2, BPF_H, w);
511 if (b != NULL)
512 gen_and(b, tmp);
513 b = tmp;
514 size -= 2;
515 }
516 if (size > 0) {
517 tmp = gen_cmp(offset, BPF_B, (bpf_int32)v[0]);
518 if (b != NULL)
519 gen_and(b, tmp);
520 b = tmp;
521 }
522 return b;
523 }
524
525 /*
526 * Various code constructs need to know the layout of the data link
527 * layer. These variables give the necessary offsets. off_linktype
528 * is set to -1 for no encapsulation, in which case, IP is assumed.
529 */
530 static u_int off_linktype;
531 static u_int off_nl;
532 static int linktype;
533
534 static void
535 init_linktype(type)
536 int type;
537 {
538 linktype = type;
539
540 switch (type) {
541
542 case DLT_EN10MB:
543 off_linktype = 12;
544 off_nl = 14;
545 return;
546
547 case DLT_SLIP:
548 /*
549 * SLIP doesn't have a link level type. The 16 byte
550 * header is hacked into our SLIP driver.
551 */
552 off_linktype = -1;
553 off_nl = 16;
554 return;
555
556 case DLT_SLIP_BSDOS:
557 /* XXX this may be the same as the DLT_PPP_BSDOS case */
558 off_linktype = -1;
559 /* XXX end */
560 off_nl = 24;
561 return;
562
563 case DLT_NULL:
564 off_linktype = 0;
565 off_nl = 4;
566 return;
567
568 case DLT_PPP:
569 case DLT_CHDLC:
570 off_linktype = 2;
571 off_nl = 4;
572 return;
573
574 case DLT_PPP_BSDOS:
575 off_linktype = 5;
576 off_nl = 24;
577 return;
578
579 case DLT_FDDI:
580 /*
581 * FDDI doesn't really have a link-level type field.
582 * We assume that SSAP = SNAP is being used and pick
583 * out the encapsulated Ethernet type.
584 */
585 off_linktype = 19;
586 #ifdef PCAP_FDDIPAD
587 off_linktype += pcap_fddipad;
588 #endif
589 off_nl = 21;
590 #ifdef PCAP_FDDIPAD
591 off_nl += pcap_fddipad;
592 #endif
593 return;
594
595 case DLT_IEEE802:
596 off_linktype = 20;
597 off_nl = 22;
598 return;
599
600 case DLT_ATM_RFC1483:
601 /*
602 * assume routed, non-ISO PDUs
603 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00)
604 */
605 off_linktype = 6;
606 off_nl = 8;
607 return;
608
609 case DLT_RAW:
610 off_linktype = -1;
611 off_nl = 0;
612 return;
613 }
614 bpf_error("unknown data link type 0x%x", linktype);
615 /* NOTREACHED */
616 }
617
618 static struct block *
619 gen_uncond(rsense)
620 int rsense;
621 {
622 struct block *b;
623 struct slist *s;
624
625 s = new_stmt(BPF_LD|BPF_IMM);
626 s->s.k = !rsense;
627 b = new_block(JMP(BPF_JEQ));
628 b->stmts = s;
629
630 return b;
631 }
632
633 static inline struct block *
634 gen_true()
635 {
636 return gen_uncond(1);
637 }
638
639 static inline struct block *
640 gen_false()
641 {
642 return gen_uncond(0);
643 }
644
645 static struct block *
646 gen_linktype(proto)
647 register int proto;
648 {
649 struct block *b0, *b1;
650
651 /* If we're not using encapsulation and checking for IP, we're done */
652 if (off_linktype == -1 && proto == ETHERTYPE_IP)
653 return gen_true();
654
655 switch (linktype) {
656
657 case DLT_SLIP:
658 return gen_false();
659
660 case DLT_PPP:
661 if (proto == ETHERTYPE_IP)
662 proto = PPP_IP; /* XXX was 0x21 */
663 #ifdef INET6
664 else if (proto == ETHERTYPE_IPV6)
665 proto = PPP_IPV6;
666 #endif
667 break;
668
669 case DLT_PPP_BSDOS:
670 switch (proto) {
671
672 case ETHERTYPE_IP:
673 b0 = gen_cmp(off_linktype, BPF_H, PPP_IP);
674 b1 = gen_cmp(off_linktype, BPF_H, PPP_VJC);
675 gen_or(b0, b1);
676 b0 = gen_cmp(off_linktype, BPF_H, PPP_VJNC);
677 gen_or(b1, b0);
678 return b0;
679
680 #ifdef INET6
681 case ETHERTYPE_IPV6:
682 proto = PPP_IPV6;
683 /* more to go? */
684 break;
685 #endif
686
687 case ETHERTYPE_DN:
688 proto = PPP_DECNET;
689 break;
690
691 case ETHERTYPE_ATALK:
692 proto = PPP_APPLE;
693 break;
694
695 case ETHERTYPE_NS:
696 proto = PPP_NS;
697 break;
698 }
699 break;
700
701 case DLT_NULL:
702 /* XXX */
703 if (proto == ETHERTYPE_IP)
704 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET)));
705 #ifdef INET6
706 else if (proto == ETHERTYPE_IPV6)
707 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET6)));
708 #endif
709 else
710 return gen_false();
711 }
712 return gen_cmp(off_linktype, BPF_H, (bpf_int32)proto);
713 }
714
715 static struct block *
716 gen_hostop(addr, mask, dir, proto, src_off, dst_off)
717 bpf_u_int32 addr;
718 bpf_u_int32 mask;
719 int dir, proto;
720 u_int src_off, dst_off;
721 {
722 struct block *b0, *b1;
723 u_int offset;
724
725 switch (dir) {
726
727 case Q_SRC:
728 offset = src_off;
729 break;
730
731 case Q_DST:
732 offset = dst_off;
733 break;
734
735 case Q_AND:
736 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
737 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
738 gen_and(b0, b1);
739 return b1;
740
741 case Q_OR:
742 case Q_DEFAULT:
743 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
744 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
745 gen_or(b0, b1);
746 return b1;
747
748 default:
749 abort();
750 }
751 b0 = gen_linktype(proto);
752 b1 = gen_mcmp(offset, BPF_W, (bpf_int32)addr, mask);
753 gen_and(b0, b1);
754 return b1;
755 }
756
757 #ifdef INET6
758 static struct block *
759 gen_hostop6(addr, mask, dir, proto, src_off, dst_off)
760 struct in6_addr *addr;
761 struct in6_addr *mask;
762 int dir, proto;
763 u_int src_off, dst_off;
764 {
765 struct block *b0, *b1;
766 u_int offset;
767 u_int32_t *a, *m;
768
769 switch (dir) {
770
771 case Q_SRC:
772 offset = src_off;
773 break;
774
775 case Q_DST:
776 offset = dst_off;
777 break;
778
779 case Q_AND:
780 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
781 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
782 gen_and(b0, b1);
783 return b1;
784
785 case Q_OR:
786 case Q_DEFAULT:
787 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
788 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
789 gen_or(b0, b1);
790 return b1;
791
792 default:
793 abort();
794 }
795 /* this order is important */
796 a = (u_int32_t *)addr;
797 m = (u_int32_t *)mask;
798 b1 = gen_mcmp(offset + 12, BPF_W, ntohl(a[3]), ntohl(m[3]));
799 b0 = gen_mcmp(offset + 8, BPF_W, ntohl(a[2]), ntohl(m[2]));
800 gen_and(b0, b1);
801 b0 = gen_mcmp(offset + 4, BPF_W, ntohl(a[1]), ntohl(m[1]));
802 gen_and(b0, b1);
803 b0 = gen_mcmp(offset + 0, BPF_W, ntohl(a[0]), ntohl(m[0]));
804 gen_and(b0, b1);
805 b0 = gen_linktype(proto);
806 gen_and(b0, b1);
807 return b1;
808 }
809 #endif /*INET6*/
810
811 static struct block *
812 gen_ehostop(eaddr, dir)
813 register const u_char *eaddr;
814 register int dir;
815 {
816 register struct block *b0, *b1;
817
818 switch (dir) {
819 case Q_SRC:
820 return gen_bcmp(6, 6, eaddr);
821
822 case Q_DST:
823 return gen_bcmp(0, 6, eaddr);
824
825 case Q_AND:
826 b0 = gen_ehostop(eaddr, Q_SRC);
827 b1 = gen_ehostop(eaddr, Q_DST);
828 gen_and(b0, b1);
829 return b1;
830
831 case Q_DEFAULT:
832 case Q_OR:
833 b0 = gen_ehostop(eaddr, Q_SRC);
834 b1 = gen_ehostop(eaddr, Q_DST);
835 gen_or(b0, b1);
836 return b1;
837 }
838 abort();
839 /* NOTREACHED */
840 }
841
842 /*
843 * Like gen_ehostop, but for DLT_FDDI
844 */
845 static struct block *
846 gen_fhostop(eaddr, dir)
847 register const u_char *eaddr;
848 register int dir;
849 {
850 struct block *b0, *b1;
851
852 switch (dir) {
853 case Q_SRC:
854 #ifdef PCAP_FDDIPAD
855 return gen_bcmp(6 + 1 + pcap_fddipad, 6, eaddr);
856 #else
857 return gen_bcmp(6 + 1, 6, eaddr);
858 #endif
859
860 case Q_DST:
861 #ifdef PCAP_FDDIPAD
862 return gen_bcmp(0 + 1 + pcap_fddipad, 6, eaddr);
863 #else
864 return gen_bcmp(0 + 1, 6, eaddr);
865 #endif
866
867 case Q_AND:
868 b0 = gen_fhostop(eaddr, Q_SRC);
869 b1 = gen_fhostop(eaddr, Q_DST);
870 gen_and(b0, b1);
871 return b1;
872
873 case Q_DEFAULT:
874 case Q_OR:
875 b0 = gen_fhostop(eaddr, Q_SRC);
876 b1 = gen_fhostop(eaddr, Q_DST);
877 gen_or(b0, b1);
878 return b1;
879 }
880 abort();
881 /* NOTREACHED */
882 }
883
884 /*
885 * This is quite tricky because there may be pad bytes in front of the
886 * DECNET header, and then there are two possible data packet formats that
887 * carry both src and dst addresses, plus 5 packet types in a format that
888 * carries only the src node, plus 2 types that use a different format and
889 * also carry just the src node.
890 *
891 * Yuck.
892 *
893 * Instead of doing those all right, we just look for data packets with
894 * 0 or 1 bytes of padding. If you want to look at other packets, that
895 * will require a lot more hacking.
896 *
897 * To add support for filtering on DECNET "areas" (network numbers)
898 * one would want to add a "mask" argument to this routine. That would
899 * make the filter even more inefficient, although one could be clever
900 * and not generate masking instructions if the mask is 0xFFFF.
901 */
902 static struct block *
903 gen_dnhostop(addr, dir, base_off)
904 bpf_u_int32 addr;
905 int dir;
906 u_int base_off;
907 {
908 struct block *b0, *b1, *b2, *tmp;
909 u_int offset_lh; /* offset if long header is received */
910 u_int offset_sh; /* offset if short header is received */
911
912 switch (dir) {
913
914 case Q_DST:
915 offset_sh = 1; /* follows flags */
916 offset_lh = 7; /* flgs,darea,dsubarea,HIORD */
917 break;
918
919 case Q_SRC:
920 offset_sh = 3; /* follows flags, dstnode */
921 offset_lh = 15; /* flgs,darea,dsubarea,did,sarea,ssub,HIORD */
922 break;
923
924 case Q_AND:
925 /* Inefficient because we do our Calvinball dance twice */
926 b0 = gen_dnhostop(addr, Q_SRC, base_off);
927 b1 = gen_dnhostop(addr, Q_DST, base_off);
928 gen_and(b0, b1);
929 return b1;
930
931 case Q_OR:
932 case Q_DEFAULT:
933 /* Inefficient because we do our Calvinball dance twice */
934 b0 = gen_dnhostop(addr, Q_SRC, base_off);
935 b1 = gen_dnhostop(addr, Q_DST, base_off);
936 gen_or(b0, b1);
937 return b1;
938
939 default:
940 abort();
941 }
942 b0 = gen_linktype(ETHERTYPE_DN);
943 /* Check for pad = 1, long header case */
944 tmp = gen_mcmp(base_off + 2, BPF_H,
945 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF));
946 b1 = gen_cmp(base_off + 2 + 1 + offset_lh,
947 BPF_H, (bpf_int32)ntohs(addr));
948 gen_and(tmp, b1);
949 /* Check for pad = 0, long header case */
950 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x06, (bpf_int32)0x7);
951 b2 = gen_cmp(base_off + 2 + offset_lh, BPF_H, (bpf_int32)ntohs(addr));
952 gen_and(tmp, b2);
953 gen_or(b2, b1);
954 /* Check for pad = 1, short header case */
955 tmp = gen_mcmp(base_off + 2, BPF_H,
956 (bpf_int32)ntohs(0x0281), (bpf_int32)ntohs(0x07FF));
957 b2 = gen_cmp(base_off + 2 + 1 + offset_sh,
958 BPF_H, (bpf_int32)ntohs(addr));
959 gen_and(tmp, b2);
960 gen_or(b2, b1);
961 /* Check for pad = 0, short header case */
962 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x02, (bpf_int32)0x7);
963 b2 = gen_cmp(base_off + 2 + offset_sh, BPF_H, (bpf_int32)ntohs(addr));
964 gen_and(tmp, b2);
965 gen_or(b2, b1);
966
967 /* Combine with test for linktype */
968 gen_and(b0, b1);
969 return b1;
970 }
971
972 static struct block *
973 gen_host(addr, mask, proto, dir)
974 bpf_u_int32 addr;
975 bpf_u_int32 mask;
976 int proto;
977 int dir;
978 {
979 struct block *b0, *b1;
980
981 switch (proto) {
982
983 case Q_DEFAULT:
984 b0 = gen_host(addr, mask, Q_IP, dir);
985 b1 = gen_host(addr, mask, Q_ARP, dir);
986 gen_or(b0, b1);
987 b0 = gen_host(addr, mask, Q_RARP, dir);
988 gen_or(b1, b0);
989 return b0;
990
991 case Q_IP:
992 return gen_hostop(addr, mask, dir, ETHERTYPE_IP,
993 off_nl + 12, off_nl + 16);
994
995 case Q_RARP:
996 return gen_hostop(addr, mask, dir, ETHERTYPE_REVARP,
997 off_nl + 14, off_nl + 24);
998
999 case Q_ARP:
1000 return gen_hostop(addr, mask, dir, ETHERTYPE_ARP,
1001 off_nl + 14, off_nl + 24);
1002
1003 case Q_TCP:
1004 bpf_error("'tcp' modifier applied to host");
1005
1006 case Q_UDP:
1007 bpf_error("'udp' modifier applied to host");
1008
1009 case Q_ICMP:
1010 bpf_error("'icmp' modifier applied to host");
1011
1012 case Q_IGMP:
1013 bpf_error("'igmp' modifier applied to host");
1014
1015 case Q_IGRP:
1016 bpf_error("'igrp' modifier applied to host");
1017
1018 case Q_PIM:
1019 bpf_error("'pim' modifier applied to host");
1020
1021 case Q_ATALK:
1022 bpf_error("ATALK host filtering not implemented");
1023
1024 case Q_DECNET:
1025 return gen_dnhostop(addr, dir, off_nl);
1026
1027 case Q_SCA:
1028 bpf_error("SCA host filtering not implemented");
1029
1030 case Q_LAT:
1031 bpf_error("LAT host filtering not implemented");
1032
1033 case Q_MOPDL:
1034 bpf_error("MOPDL host filtering not implemented");
1035
1036 case Q_MOPRC:
1037 bpf_error("MOPRC host filtering not implemented");
1038
1039 #ifdef INET6
1040 case Q_IPV6:
1041 bpf_error("'ip6' modifier applied to ip host");
1042
1043 case Q_ICMPV6:
1044 bpf_error("'icmp6' modifier applied to host");
1045 #endif /* INET6 */
1046
1047 case Q_AH:
1048 bpf_error("'ah' modifier applied to host");
1049
1050 case Q_ESP:
1051 bpf_error("'esp' modifier applied to host");
1052
1053 default:
1054 abort();
1055 }
1056 /* NOTREACHED */
1057 }
1058
1059 #ifdef INET6
1060 static struct block *
1061 gen_host6(addr, mask, proto, dir)
1062 struct in6_addr *addr;
1063 struct in6_addr *mask;
1064 int proto;
1065 int dir;
1066 {
1067 switch (proto) {
1068
1069 case Q_DEFAULT:
1070 return gen_host6(addr, mask, Q_IPV6, dir);
1071
1072 case Q_IP:
1073 bpf_error("'ip' modifier applied to ip6 host");
1074
1075 case Q_RARP:
1076 bpf_error("'rarp' modifier applied to ip6 host");
1077
1078 case Q_ARP:
1079 bpf_error("'arp' modifier applied to ip6 host");
1080
1081 case Q_TCP:
1082 bpf_error("'tcp' modifier applied to host");
1083
1084 case Q_UDP:
1085 bpf_error("'udp' modifier applied to host");
1086
1087 case Q_ICMP:
1088 bpf_error("'icmp' modifier applied to host");
1089
1090 case Q_IGMP:
1091 bpf_error("'igmp' modifier applied to host");
1092
1093 case Q_IGRP:
1094 bpf_error("'igrp' modifier applied to host");
1095
1096 case Q_PIM:
1097 bpf_error("'pim' modifier applied to host");
1098
1099 case Q_ATALK:
1100 bpf_error("ATALK host filtering not implemented");
1101
1102 case Q_DECNET:
1103 bpf_error("'decnet' modifier applied to ip6 host");
1104
1105 case Q_SCA:
1106 bpf_error("SCA host filtering not implemented");
1107
1108 case Q_LAT:
1109 bpf_error("LAT host filtering not implemented");
1110
1111 case Q_MOPDL:
1112 bpf_error("MOPDL host filtering not implemented");
1113
1114 case Q_MOPRC:
1115 bpf_error("MOPRC host filtering not implemented");
1116
1117 case Q_IPV6:
1118 return gen_hostop6(addr, mask, dir, ETHERTYPE_IPV6,
1119 off_nl + 8, off_nl + 24);
1120
1121 case Q_ICMPV6:
1122 bpf_error("'icmp6' modifier applied to host");
1123
1124 case Q_AH:
1125 bpf_error("'ah' modifier applied to host");
1126
1127 case Q_ESP:
1128 bpf_error("'esp' modifier applied to host");
1129
1130 default:
1131 abort();
1132 }
1133 /* NOTREACHED */
1134 }
1135 #endif /*INET6*/
1136
1137 #ifndef INET6
1138 static struct block *
1139 gen_gateway(eaddr, alist, proto, dir)
1140 const u_char *eaddr;
1141 bpf_u_int32 **alist;
1142 int proto;
1143 int dir;
1144 {
1145 struct block *b0, *b1, *tmp;
1146
1147 if (dir != 0)
1148 bpf_error("direction applied to 'gateway'");
1149
1150 switch (proto) {
1151 case Q_DEFAULT:
1152 case Q_IP:
1153 case Q_ARP:
1154 case Q_RARP:
1155 if (linktype == DLT_EN10MB)
1156 b0 = gen_ehostop(eaddr, Q_OR);
1157 else if (linktype == DLT_FDDI)
1158 b0 = gen_fhostop(eaddr, Q_OR);
1159 else
1160 bpf_error(
1161 "'gateway' supported only on ethernet or FDDI");
1162
1163 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1164 while (*alist) {
1165 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1166 gen_or(b1, tmp);
1167 b1 = tmp;
1168 }
1169 gen_not(b1);
1170 gen_and(b0, b1);
1171 return b1;
1172 }
1173 bpf_error("illegal modifier of 'gateway'");
1174 /* NOTREACHED */
1175 }
1176 #endif
1177
1178 struct block *
1179 gen_proto_abbrev(proto)
1180 int proto;
1181 {
1182 struct block *b0, *b1;
1183
1184 switch (proto) {
1185
1186 case Q_TCP:
1187 b1 = gen_proto(IPPROTO_TCP, Q_IP, Q_DEFAULT);
1188 #ifdef INET6
1189 b0 = gen_proto(IPPROTO_TCP, Q_IPV6, Q_DEFAULT);
1190 gen_or(b0, b1);
1191 #endif
1192 break;
1193
1194 case Q_UDP:
1195 b1 = gen_proto(IPPROTO_UDP, Q_IP, Q_DEFAULT);
1196 #ifdef INET6
1197 b0 = gen_proto(IPPROTO_UDP, Q_IPV6, Q_DEFAULT);
1198 gen_or(b0, b1);
1199 #endif
1200 break;
1201
1202 case Q_ICMP:
1203 b1 = gen_proto(IPPROTO_ICMP, Q_IP, Q_DEFAULT);
1204 break;
1205
1206 #ifndef IPPROTO_IGMP
1207 #define IPPROTO_IGMP 2
1208 #endif
1209
1210 case Q_IGMP:
1211 b1 = gen_proto(IPPROTO_IGMP, Q_IP, Q_DEFAULT);
1212 break;
1213
1214 #ifndef IPPROTO_IGRP
1215 #define IPPROTO_IGRP 9
1216 #endif
1217 case Q_IGRP:
1218 b1 = gen_proto(IPPROTO_IGRP, Q_IP, Q_DEFAULT);
1219 break;
1220
1221 #ifndef IPPROTO_PIM
1222 #define IPPROTO_PIM 103
1223 #endif
1224
1225 case Q_PIM:
1226 b1 = gen_proto(IPPROTO_PIM, Q_IP, Q_DEFAULT);
1227 #ifdef INET6
1228 b0 = gen_proto(IPPROTO_PIM, Q_IPV6, Q_DEFAULT);
1229 gen_or(b0, b1);
1230 #endif
1231 break;
1232
1233 case Q_IP:
1234 b1 = gen_linktype(ETHERTYPE_IP);
1235 break;
1236
1237 case Q_ARP:
1238 b1 = gen_linktype(ETHERTYPE_ARP);
1239 break;
1240
1241 case Q_RARP:
1242 b1 = gen_linktype(ETHERTYPE_REVARP);
1243 break;
1244
1245 case Q_LINK:
1246 bpf_error("link layer applied in wrong context");
1247
1248 case Q_ATALK:
1249 b1 = gen_linktype(ETHERTYPE_ATALK);
1250 break;
1251
1252 case Q_DECNET:
1253 b1 = gen_linktype(ETHERTYPE_DN);
1254 break;
1255
1256 case Q_SCA:
1257 b1 = gen_linktype(ETHERTYPE_SCA);
1258 break;
1259
1260 case Q_LAT:
1261 b1 = gen_linktype(ETHERTYPE_LAT);
1262 break;
1263
1264 case Q_MOPDL:
1265 b1 = gen_linktype(ETHERTYPE_MOPDL);
1266 break;
1267
1268 case Q_MOPRC:
1269 b1 = gen_linktype(ETHERTYPE_MOPRC);
1270 break;
1271
1272 #ifdef INET6
1273 case Q_IPV6:
1274 b1 = gen_linktype(ETHERTYPE_IPV6);
1275 break;
1276
1277 #ifndef IPPROTO_ICMPV6
1278 #define IPPROTO_ICMPV6 58
1279 #endif
1280 case Q_ICMPV6:
1281 b1 = gen_proto(IPPROTO_ICMPV6, Q_IPV6, Q_DEFAULT);
1282 break;
1283 #endif /* INET6 */
1284
1285 #ifndef IPPROTO_AH
1286 #define IPPROTO_AH 51
1287 #endif
1288 case Q_AH:
1289 b1 = gen_proto(IPPROTO_AH, Q_IP, Q_DEFAULT);
1290 #ifdef INET6
1291 b0 = gen_proto(IPPROTO_AH, Q_IPV6, Q_DEFAULT);
1292 gen_or(b0, b1);
1293 #endif
1294 break;
1295
1296 #ifndef IPPROTO_ESP
1297 #define IPPROTO_ESP 50
1298 #endif
1299 case Q_ESP:
1300 b1 = gen_proto(IPPROTO_ESP, Q_IP, Q_DEFAULT);
1301 #ifdef INET6
1302 b0 = gen_proto(IPPROTO_ESP, Q_IPV6, Q_DEFAULT);
1303 gen_or(b0, b1);
1304 #endif
1305 break;
1306
1307 default:
1308 abort();
1309 }
1310 return b1;
1311 }
1312
1313 static struct block *
1314 gen_ipfrag()
1315 {
1316 struct slist *s;
1317 struct block *b;
1318
1319 /* not ip frag */
1320 s = new_stmt(BPF_LD|BPF_H|BPF_ABS);
1321 s->s.k = off_nl + 6;
1322 b = new_block(JMP(BPF_JSET));
1323 b->s.k = 0x1fff;
1324 b->stmts = s;
1325 gen_not(b);
1326
1327 return b;
1328 }
1329
1330 static struct block *
1331 gen_portatom(off, v)
1332 int off;
1333 bpf_int32 v;
1334 {
1335 struct slist *s;
1336 struct block *b;
1337
1338 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1339 s->s.k = off_nl;
1340
1341 s->next = new_stmt(BPF_LD|BPF_IND|BPF_H);
1342 s->next->s.k = off_nl + off;
1343
1344 b = new_block(JMP(BPF_JEQ));
1345 b->stmts = s;
1346 b->s.k = v;
1347
1348 return b;
1349 }
1350
1351 #ifdef INET6
1352 static struct block *
1353 gen_portatom6(off, v)
1354 int off;
1355 bpf_int32 v;
1356 {
1357 return gen_cmp(off_nl + 40 + off, BPF_H, v);
1358 }
1359 #endif/*INET6*/
1360
1361 struct block *
1362 gen_portop(port, proto, dir)
1363 int port, proto, dir;
1364 {
1365 struct block *b0, *b1, *tmp;
1366
1367 /* ip proto 'proto' */
1368 tmp = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)proto);
1369 b0 = gen_ipfrag();
1370 gen_and(tmp, b0);
1371
1372 switch (dir) {
1373 case Q_SRC:
1374 b1 = gen_portatom(0, (bpf_int32)port);
1375 break;
1376
1377 case Q_DST:
1378 b1 = gen_portatom(2, (bpf_int32)port);
1379 break;
1380
1381 case Q_OR:
1382 case Q_DEFAULT:
1383 tmp = gen_portatom(0, (bpf_int32)port);
1384 b1 = gen_portatom(2, (bpf_int32)port);
1385 gen_or(tmp, b1);
1386 break;
1387
1388 case Q_AND:
1389 tmp = gen_portatom(0, (bpf_int32)port);
1390 b1 = gen_portatom(2, (bpf_int32)port);
1391 gen_and(tmp, b1);
1392 break;
1393
1394 default:
1395 abort();
1396 }
1397 gen_and(b0, b1);
1398
1399 return b1;
1400 }
1401
1402 static struct block *
1403 gen_port(port, ip_proto, dir)
1404 int port;
1405 int ip_proto;
1406 int dir;
1407 {
1408 struct block *b0, *b1, *tmp;
1409
1410 /* ether proto ip */
1411 b0 = gen_linktype(ETHERTYPE_IP);
1412
1413 switch (ip_proto) {
1414 case IPPROTO_UDP:
1415 case IPPROTO_TCP:
1416 b1 = gen_portop(port, ip_proto, dir);
1417 break;
1418
1419 case PROTO_UNDEF:
1420 tmp = gen_portop(port, IPPROTO_TCP, dir);
1421 b1 = gen_portop(port, IPPROTO_UDP, dir);
1422 gen_or(tmp, b1);
1423 break;
1424
1425 default:
1426 abort();
1427 }
1428 gen_and(b0, b1);
1429 return b1;
1430 }
1431
1432 #ifdef INET6
1433 struct block *
1434 gen_portop6(port, proto, dir)
1435 int port, proto, dir;
1436 {
1437 struct block *b0, *b1, *tmp;
1438
1439 /* ip proto 'proto' */
1440 b0 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)proto);
1441
1442 switch (dir) {
1443 case Q_SRC:
1444 b1 = gen_portatom6(0, (bpf_int32)port);
1445 break;
1446
1447 case Q_DST:
1448 b1 = gen_portatom6(2, (bpf_int32)port);
1449 break;
1450
1451 case Q_OR:
1452 case Q_DEFAULT:
1453 tmp = gen_portatom6(0, (bpf_int32)port);
1454 b1 = gen_portatom6(2, (bpf_int32)port);
1455 gen_or(tmp, b1);
1456 break;
1457
1458 case Q_AND:
1459 tmp = gen_portatom6(0, (bpf_int32)port);
1460 b1 = gen_portatom6(2, (bpf_int32)port);
1461 gen_and(tmp, b1);
1462 break;
1463
1464 default:
1465 abort();
1466 }
1467 gen_and(b0, b1);
1468
1469 return b1;
1470 }
1471
1472 static struct block *
1473 gen_port6(port, ip_proto, dir)
1474 int port;
1475 int ip_proto;
1476 int dir;
1477 {
1478 struct block *b0, *b1, *tmp;
1479
1480 /* ether proto ip */
1481 b0 = gen_linktype(ETHERTYPE_IPV6);
1482
1483 switch (ip_proto) {
1484 case IPPROTO_UDP:
1485 case IPPROTO_TCP:
1486 b1 = gen_portop6(port, ip_proto, dir);
1487 break;
1488
1489 case PROTO_UNDEF:
1490 tmp = gen_portop6(port, IPPROTO_TCP, dir);
1491 b1 = gen_portop6(port, IPPROTO_UDP, dir);
1492 gen_or(tmp, b1);
1493 break;
1494
1495 default:
1496 abort();
1497 }
1498 gen_and(b0, b1);
1499 return b1;
1500 }
1501 #endif /* INET6 */
1502
1503 static int
1504 lookup_proto(name, proto)
1505 register const char *name;
1506 register int proto;
1507 {
1508 register int v;
1509
1510 switch (proto) {
1511
1512 case Q_DEFAULT:
1513 case Q_IP:
1514 v = pcap_nametoproto(name);
1515 if (v == PROTO_UNDEF)
1516 bpf_error("unknown ip proto '%s'", name);
1517 break;
1518
1519 case Q_LINK:
1520 /* XXX should look up h/w protocol type based on linktype */
1521 v = pcap_nametoeproto(name);
1522 if (v == PROTO_UNDEF)
1523 bpf_error("unknown ether proto '%s'", name);
1524 break;
1525
1526 default:
1527 v = PROTO_UNDEF;
1528 break;
1529 }
1530 return v;
1531 }
1532
1533 #if 0
1534 struct stmt *
1535 gen_joinsp(s, n)
1536 struct stmt **s;
1537 int n;
1538 {
1539 return NULL;
1540 }
1541 #endif
1542
1543 struct block *
1544 gen_protochain(v, proto, dir)
1545 int v;
1546 int proto;
1547 int dir;
1548 {
1549 #ifdef NO_PROTOCHAIN
1550 return gen_proto(v, proto, dir);
1551 #else
1552 struct block *b0, *b;
1553 struct slist *s[100];
1554 int fix2, fix3, fix4, fix5;
1555 int ahcheck, again, end;
1556 int i, max;
1557 int reg1 = alloc_reg();
1558 int reg2 = alloc_reg();
1559
1560 memset(s, 0, sizeof(s));
1561 fix2 = fix3 = fix4 = fix5 = 0;
1562
1563 switch (proto) {
1564 case Q_IP:
1565 case Q_IPV6:
1566 break;
1567 case Q_DEFAULT:
1568 b0 = gen_protochain(v, Q_IP, dir);
1569 b = gen_protochain(v, Q_IPV6, dir);
1570 gen_or(b0, b);
1571 return b;
1572 default:
1573 bpf_error("bad protocol applied for 'protochain'");
1574 /*NOTREACHED*/
1575 }
1576
1577 no_optimize = 1; /*this code is not compatible with optimzer yet */
1578
1579 /*
1580 * s[0] is a dummy entry to protect other BPF insn from damaged
1581 * by s[fix] = foo with uninitialized variable "fix". It is somewhat
1582 * hard to find interdependency made by jump table fixup.
1583 */
1584 i = 0;
1585 s[i] = new_stmt(0); /*dummy*/
1586 i++;
1587
1588 switch (proto) {
1589 case Q_IP:
1590 b0 = gen_linktype(ETHERTYPE_IP);
1591
1592 /* A = ip->ip_p */
1593 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1594 s[i]->s.k = off_nl + 9;
1595 i++;
1596 /* X = ip->ip_hl << 2 */
1597 s[i] = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1598 s[i]->s.k = off_nl;
1599 i++;
1600 break;
1601 #ifdef INET6
1602 case Q_IPV6:
1603 b0 = gen_linktype(ETHERTYPE_IPV6);
1604
1605 /* A = ip6->ip_nxt */
1606 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1607 s[i]->s.k = off_nl + 6;
1608 i++;
1609 /* X = sizeof(struct ip6_hdr) */
1610 s[i] = new_stmt(BPF_LDX|BPF_IMM);
1611 s[i]->s.k = 40;
1612 i++;
1613 break;
1614 #endif
1615 default:
1616 bpf_error("unsupported proto to gen_protochain");
1617 /*NOTREACHED*/
1618 }
1619
1620 /* again: if (A == v) goto end; else fall through; */
1621 again = i;
1622 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1623 s[i]->s.k = v;
1624 s[i]->s.jt = NULL; /*later*/
1625 s[i]->s.jf = NULL; /*update in next stmt*/
1626 fix5 = i;
1627 i++;
1628
1629 #ifndef IPPROTO_NONE
1630 #define IPPROTO_NONE 59
1631 #endif
1632 /* if (A == IPPROTO_NONE) goto end */
1633 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1634 s[i]->s.jt = NULL; /*later*/
1635 s[i]->s.jf = NULL; /*update in next stmt*/
1636 s[i]->s.k = IPPROTO_NONE;
1637 s[fix5]->s.jf = s[i];
1638 fix2 = i;
1639 i++;
1640
1641 #ifdef INET6
1642 if (proto == Q_IPV6) {
1643 int v6start, v6end, v6advance, j;
1644
1645 v6start = i;
1646 /* if (A == IPPROTO_HOPOPTS) goto v6advance */
1647 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1648 s[i]->s.jt = NULL; /*later*/
1649 s[i]->s.jf = NULL; /*update in next stmt*/
1650 s[i]->s.k = IPPROTO_HOPOPTS;
1651 s[fix2]->s.jf = s[i];
1652 i++;
1653 /* if (A == IPPROTO_DSTOPTS) goto v6advance */
1654 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1655 s[i]->s.jt = NULL; /*later*/
1656 s[i]->s.jf = NULL; /*update in next stmt*/
1657 s[i]->s.k = IPPROTO_DSTOPTS;
1658 i++;
1659 /* if (A == IPPROTO_ROUTING) goto v6advance */
1660 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1661 s[i]->s.jt = NULL; /*later*/
1662 s[i]->s.jf = NULL; /*update in next stmt*/
1663 s[i]->s.k = IPPROTO_ROUTING;
1664 i++;
1665 /* if (A == IPPROTO_FRAGMENT) goto v6advance; else goto ahcheck; */
1666 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1667 s[i]->s.jt = NULL; /*later*/
1668 s[i]->s.jf = NULL; /*later*/
1669 s[i]->s.k = IPPROTO_FRAGMENT;
1670 fix3 = i;
1671 v6end = i;
1672 i++;
1673
1674 /* v6advance: */
1675 v6advance = i;
1676
1677 /*
1678 * in short,
1679 * A = P[X + 1];
1680 * X = X + (P[X] + 1) * 8;
1681 */
1682 /* A = X */
1683 s[i] = new_stmt(BPF_MISC|BPF_TXA);
1684 i++;
1685 /* MEM[reg1] = A */
1686 s[i] = new_stmt(BPF_ST);
1687 s[i]->s.k = reg1;
1688 i++;
1689 /* A += 1 */
1690 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1691 s[i]->s.k = 1;
1692 i++;
1693 /* X = A */
1694 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1695 i++;
1696 /* A = P[X + packet head]; */
1697 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1698 s[i]->s.k = off_nl;
1699 i++;
1700 /* MEM[reg2] = A */
1701 s[i] = new_stmt(BPF_ST);
1702 s[i]->s.k = reg2;
1703 i++;
1704 /* X = MEM[reg1] */
1705 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1706 s[i]->s.k = reg1;
1707 i++;
1708 /* A = P[X + packet head] */
1709 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1710 s[i]->s.k = off_nl;
1711 i++;
1712 /* A += 1 */
1713 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1714 s[i]->s.k = 1;
1715 i++;
1716 /* A *= 8 */
1717 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1718 s[i]->s.k = 8;
1719 i++;
1720 /* X = A; */
1721 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1722 i++;
1723 /* A = MEM[reg2] */
1724 s[i] = new_stmt(BPF_LD|BPF_MEM);
1725 s[i]->s.k = reg2;
1726 i++;
1727
1728 /* goto again; (must use BPF_JA for backward jump) */
1729 s[i] = new_stmt(BPF_JMP|BPF_JA);
1730 s[i]->s.k = again - i - 1;
1731 s[i - 1]->s.jf = s[i];
1732 i++;
1733
1734 /* fixup */
1735 for (j = v6start; j <= v6end; j++)
1736 s[j]->s.jt = s[v6advance];
1737 } else
1738 #endif
1739 {
1740 /* nop */
1741 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1742 s[i]->s.k = 0;
1743 s[fix2]->s.jf = s[i];
1744 i++;
1745 }
1746
1747 /* ahcheck: */
1748 ahcheck = i;
1749 /* if (A == IPPROTO_AH) then fall through; else goto end; */
1750 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1751 s[i]->s.jt = NULL; /*later*/
1752 s[i]->s.jf = NULL; /*later*/
1753 s[i]->s.k = IPPROTO_AH;
1754 if (fix3)
1755 s[fix3]->s.jf = s[ahcheck];
1756 fix4 = i;
1757 i++;
1758
1759 /*
1760 * in short,
1761 * A = P[X + 1];
1762 * X = X + (P[X] + 2) * 4;
1763 */
1764 /* A = X */
1765 s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC|BPF_TXA);
1766 i++;
1767 /* MEM[reg1] = A */
1768 s[i] = new_stmt(BPF_ST);
1769 s[i]->s.k = reg1;
1770 i++;
1771 /* A += 1 */
1772 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1773 s[i]->s.k = 1;
1774 i++;
1775 /* X = A */
1776 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1777 i++;
1778 /* A = P[X + packet head]; */
1779 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1780 s[i]->s.k = off_nl;
1781 i++;
1782 /* MEM[reg2] = A */
1783 s[i] = new_stmt(BPF_ST);
1784 s[i]->s.k = reg2;
1785 i++;
1786 /* X = MEM[reg1] */
1787 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1788 s[i]->s.k = reg1;
1789 i++;
1790 /* A = P[X + packet head] */
1791 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1792 s[i]->s.k = off_nl;
1793 i++;
1794 /* A += 2 */
1795 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1796 s[i]->s.k = 2;
1797 i++;
1798 /* A *= 4 */
1799 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1800 s[i]->s.k = 4;
1801 i++;
1802 /* X = A; */
1803 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1804 i++;
1805 /* A = MEM[reg2] */
1806 s[i] = new_stmt(BPF_LD|BPF_MEM);
1807 s[i]->s.k = reg2;
1808 i++;
1809
1810 /* goto again; (must use BPF_JA for backward jump) */
1811 s[i] = new_stmt(BPF_JMP|BPF_JA);
1812 s[i]->s.k = again - i - 1;
1813 i++;
1814
1815 /* end: nop */
1816 end = i;
1817 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1818 s[i]->s.k = 0;
1819 s[fix2]->s.jt = s[end];
1820 s[fix4]->s.jf = s[end];
1821 s[fix5]->s.jt = s[end];
1822 i++;
1823
1824 /*
1825 * make slist chain
1826 */
1827 max = i;
1828 for (i = 0; i < max - 1; i++)
1829 s[i]->next = s[i + 1];
1830 s[max - 1]->next = NULL;
1831
1832 /*
1833 * emit final check
1834 */
1835 b = new_block(JMP(BPF_JEQ));
1836 b->stmts = s[1]; /*remember, s[0] is dummy*/
1837 b->s.k = v;
1838
1839 free_reg(reg1);
1840 free_reg(reg2);
1841
1842 gen_and(b0, b);
1843 return b;
1844 #endif
1845 }
1846
1847 static struct block *
1848 gen_proto(v, proto, dir)
1849 int v;
1850 int proto;
1851 int dir;
1852 {
1853 struct block *b0, *b1;
1854
1855 if (dir != Q_DEFAULT)
1856 bpf_error("direction applied to 'proto'");
1857
1858 switch (proto) {
1859 case Q_DEFAULT:
1860 #ifdef INET6
1861 b0 = gen_proto(v, Q_IP, dir);
1862 b1 = gen_proto(v, Q_IPV6, dir);
1863 gen_or(b0, b1);
1864 return b1;
1865 #else
1866 /*FALLTHROUGH*/
1867 #endif
1868 case Q_IP:
1869 b0 = gen_linktype(ETHERTYPE_IP);
1870 #ifndef CHASE_CHAIN
1871 b1 = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)v);
1872 #else
1873 b1 = gen_protochain(v, Q_IP);
1874 #endif
1875 gen_and(b0, b1);
1876 return b1;
1877
1878 case Q_ARP:
1879 bpf_error("arp does not encapsulate another protocol");
1880 /* NOTREACHED */
1881
1882 case Q_RARP:
1883 bpf_error("rarp does not encapsulate another protocol");
1884 /* NOTREACHED */
1885
1886 case Q_ATALK:
1887 bpf_error("atalk encapsulation is not specifiable");
1888 /* NOTREACHED */
1889
1890 case Q_DECNET:
1891 bpf_error("decnet encapsulation is not specifiable");
1892 /* NOTREACHED */
1893
1894 case Q_SCA:
1895 bpf_error("sca does not encapsulate another protocol");
1896 /* NOTREACHED */
1897
1898 case Q_LAT:
1899 bpf_error("lat does not encapsulate another protocol");
1900 /* NOTREACHED */
1901
1902 case Q_MOPRC:
1903 bpf_error("moprc does not encapsulate another protocol");
1904 /* NOTREACHED */
1905
1906 case Q_MOPDL:
1907 bpf_error("mopdl does not encapsulate another protocol");
1908 /* NOTREACHED */
1909
1910 case Q_LINK:
1911 return gen_linktype(v);
1912
1913 case Q_UDP:
1914 bpf_error("'udp proto' is bogus");
1915 /* NOTREACHED */
1916
1917 case Q_TCP:
1918 bpf_error("'tcp proto' is bogus");
1919 /* NOTREACHED */
1920
1921 case Q_ICMP:
1922 bpf_error("'icmp proto' is bogus");
1923 /* NOTREACHED */
1924
1925 case Q_IGMP:
1926 bpf_error("'igmp proto' is bogus");
1927 /* NOTREACHED */
1928
1929 case Q_IGRP:
1930 bpf_error("'igrp proto' is bogus");
1931 /* NOTREACHED */
1932
1933 case Q_PIM:
1934 bpf_error("'pim proto' is bogus");
1935 /* NOTREACHED */
1936
1937 #ifdef INET6
1938 case Q_IPV6:
1939 b0 = gen_linktype(ETHERTYPE_IPV6);
1940 #ifndef CHASE_CHAIN
1941 b1 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)v);
1942 #else
1943 b1 = gen_protochain(v, Q_IPV6);
1944 #endif
1945 gen_and(b0, b1);
1946 return b1;
1947
1948 case Q_ICMPV6:
1949 bpf_error("'icmp6 proto' is bogus");
1950 #endif /* INET6 */
1951
1952 case Q_AH:
1953 bpf_error("'ah proto' is bogus");
1954
1955 case Q_ESP:
1956 bpf_error("'ah proto' is bogus");
1957
1958 default:
1959 abort();
1960 /* NOTREACHED */
1961 }
1962 /* NOTREACHED */
1963 }
1964
1965 struct block *
1966 gen_scode(name, q)
1967 register const char *name;
1968 struct qual q;
1969 {
1970 int proto = q.proto;
1971 int dir = q.dir;
1972 int tproto;
1973 u_char *eaddr;
1974 bpf_u_int32 mask, addr;
1975 #ifndef INET6
1976 bpf_u_int32 **alist;
1977 #else
1978 int tproto6;
1979 struct sockaddr_in *sin;
1980 struct sockaddr_in6 *sin6;
1981 struct addrinfo *res, *res0;
1982 struct in6_addr mask128;
1983 #endif /*INET6*/
1984 struct block *b, *tmp;
1985 int port, real_proto;
1986
1987 switch (q.addr) {
1988
1989 case Q_NET:
1990 addr = pcap_nametonetaddr(name);
1991 if (addr == 0)
1992 bpf_error("unknown network '%s'", name);
1993 /* Left justify network addr and calculate its network mask */
1994 mask = 0xffffffff;
1995 while (addr && (addr & 0xff000000) == 0) {
1996 addr <<= 8;
1997 mask <<= 8;
1998 }
1999 return gen_host(addr, mask, proto, dir);
2000
2001 case Q_DEFAULT:
2002 case Q_HOST:
2003 if (proto == Q_LINK) {
2004 switch (linktype) {
2005
2006 case DLT_EN10MB:
2007 eaddr = pcap_ether_hostton(name);
2008 if (eaddr == NULL)
2009 bpf_error(
2010 "unknown ether host '%s'", name);
2011 return gen_ehostop(eaddr, dir);
2012
2013 case DLT_FDDI:
2014 eaddr = pcap_ether_hostton(name);
2015 if (eaddr == NULL)
2016 bpf_error(
2017 "unknown FDDI host '%s'", name);
2018 return gen_fhostop(eaddr, dir);
2019
2020 default:
2021 bpf_error(
2022 "only ethernet/FDDI supports link-level host name");
2023 break;
2024 }
2025 } else if (proto == Q_DECNET) {
2026 unsigned short dn_addr = __pcap_nametodnaddr(name);
2027 /*
2028 * I don't think DECNET hosts can be multihomed, so
2029 * there is no need to build up a list of addresses
2030 */
2031 return (gen_host(dn_addr, 0, proto, dir));
2032 } else {
2033 #ifndef INET6
2034 alist = pcap_nametoaddr(name);
2035 if (alist == NULL || *alist == NULL)
2036 bpf_error("unknown host '%s'", name);
2037 tproto = proto;
2038 if (off_linktype == -1 && tproto == Q_DEFAULT)
2039 tproto = Q_IP;
2040 b = gen_host(**alist++, 0xffffffff, tproto, dir);
2041 while (*alist) {
2042 tmp = gen_host(**alist++, 0xffffffff,
2043 tproto, dir);
2044 gen_or(b, tmp);
2045 b = tmp;
2046 }
2047 return b;
2048 #else
2049 memset(&mask128, 0xff, sizeof(mask128));
2050 res0 = res = pcap_nametoaddrinfo(name);
2051 if (res == NULL)
2052 bpf_error("unknown host '%s'", name);
2053 b = tmp = NULL;
2054 tproto = tproto6 = proto;
2055 if (off_linktype == -1 && tproto == Q_DEFAULT) {
2056 tproto = Q_IP;
2057 tproto6 = Q_IPV6;
2058 }
2059 for (res = res0; res; res = res->ai_next) {
2060 switch (res->ai_family) {
2061 case AF_INET:
2062 if (tproto == Q_IPV6)
2063 continue;
2064
2065 sin = (struct sockaddr_in *)
2066 res->ai_addr;
2067 tmp = gen_host(ntohl(sin->sin_addr.s_addr),
2068 0xffffffff, tproto, dir);
2069 break;
2070 case AF_INET6:
2071 if (tproto6 == Q_IP)
2072 continue;
2073
2074 sin6 = (struct sockaddr_in6 *)
2075 res->ai_addr;
2076 tmp = gen_host6(&sin6->sin6_addr,
2077 &mask128, tproto6, dir);
2078 break;
2079 }
2080 if (b)
2081 gen_or(b, tmp);
2082 b = tmp;
2083 }
2084 freeaddrinfo(res0);
2085 if (b == NULL) {
2086 bpf_error("unknown host '%s'%s", name,
2087 (proto == Q_DEFAULT)
2088 ? ""
2089 : " for specified address family");
2090 }
2091 return b;
2092 #endif /*INET6*/
2093 }
2094
2095 case Q_PORT:
2096 if (proto != Q_DEFAULT && proto != Q_UDP && proto != Q_TCP)
2097 bpf_error("illegal qualifier of 'port'");
2098 if (pcap_nametoport(name, &port, &real_proto) == 0)
2099 bpf_error("unknown port '%s'", name);
2100 if (proto == Q_UDP) {
2101 if (real_proto == IPPROTO_TCP)
2102 bpf_error("port '%s' is tcp", name);
2103 else
2104 /* override PROTO_UNDEF */
2105 real_proto = IPPROTO_UDP;
2106 }
2107 if (proto == Q_TCP) {
2108 if (real_proto == IPPROTO_UDP)
2109 bpf_error("port '%s' is udp", name);
2110 else
2111 /* override PROTO_UNDEF */
2112 real_proto = IPPROTO_TCP;
2113 }
2114 #ifndef INET6
2115 return gen_port(port, real_proto, dir);
2116 #else
2117 {
2118 struct block *b;
2119 b = gen_port(port, real_proto, dir);
2120 gen_or(gen_port6(port, real_proto, dir), b);
2121 return b;
2122 }
2123 #endif /* INET6 */
2124
2125 case Q_GATEWAY:
2126 #ifndef INET6
2127 eaddr = pcap_ether_hostton(name);
2128 if (eaddr == NULL)
2129 bpf_error("unknown ether host: %s", name);
2130
2131 alist = pcap_nametoaddr(name);
2132 if (alist == NULL || *alist == NULL)
2133 bpf_error("unknown host '%s'", name);
2134 return gen_gateway(eaddr, alist, proto, dir);
2135 #else
2136 bpf_error("'gateway' not supported in this configuration");
2137 #endif /*INET6*/
2138
2139 case Q_PROTO:
2140 real_proto = lookup_proto(name, proto);
2141 if (real_proto >= 0)
2142 return gen_proto(real_proto, proto, dir);
2143 else
2144 bpf_error("unknown protocol: %s", name);
2145
2146 case Q_PROTOCHAIN:
2147 real_proto = lookup_proto(name, proto);
2148 if (real_proto >= 0)
2149 return gen_protochain(real_proto, proto, dir);
2150 else
2151 bpf_error("unknown protocol: %s", name);
2152
2153
2154 case Q_UNDEF:
2155 syntax();
2156 /* NOTREACHED */
2157 }
2158 abort();
2159 /* NOTREACHED */
2160 }
2161
2162 struct block *
2163 gen_mcode(s1, s2, masklen, q)
2164 register const char *s1, *s2;
2165 register int masklen;
2166 struct qual q;
2167 {
2168 register int nlen, mlen;
2169 bpf_u_int32 n, m;
2170
2171 nlen = __pcap_atoin(s1, &n);
2172 /* Promote short ipaddr */
2173 n <<= 32 - nlen;
2174
2175 if (s2 != NULL) {
2176 mlen = __pcap_atoin(s2, &m);
2177 /* Promote short ipaddr */
2178 m <<= 32 - mlen;
2179 if ((n & ~m) != 0)
2180 bpf_error("non-network bits set in \"%s mask %s\"",
2181 s1, s2);
2182 } else {
2183 /* Convert mask len to mask */
2184 if (masklen > 32)
2185 bpf_error("mask length must be <= 32");
2186 m = 0xffffffff << (32 - masklen);
2187 if ((n & ~m) != 0)
2188 bpf_error("non-network bits set in \"%s/%d\"",
2189 s1, masklen);
2190 }
2191
2192 switch (q.addr) {
2193
2194 case Q_NET:
2195 return gen_host(n, m, q.proto, q.dir);
2196
2197 default:
2198 bpf_error("Mask syntax for networks only");
2199 /* NOTREACHED */
2200 }
2201 }
2202
2203 struct block *
2204 gen_ncode(s, v, q)
2205 register const char *s;
2206 bpf_u_int32 v;
2207 struct qual q;
2208 {
2209 bpf_u_int32 mask;
2210 int proto = q.proto;
2211 int dir = q.dir;
2212 register int vlen;
2213
2214 if (s == NULL)
2215 vlen = 32;
2216 else if (q.proto == Q_DECNET)
2217 vlen = __pcap_atodn(s, &v);
2218 else
2219 vlen = __pcap_atoin(s, &v);
2220
2221 switch (q.addr) {
2222
2223 case Q_DEFAULT:
2224 case Q_HOST:
2225 case Q_NET:
2226 if (proto == Q_DECNET)
2227 return gen_host(v, 0, proto, dir);
2228 else if (proto == Q_LINK) {
2229 bpf_error("illegal link layer address");
2230 } else {
2231 mask = 0xffffffff;
2232 if (s == NULL && q.addr == Q_NET) {
2233 /* Promote short net number */
2234 while (v && (v & 0xff000000) == 0) {
2235 v <<= 8;
2236 mask <<= 8;
2237 }
2238 } else {
2239 /* Promote short ipaddr */
2240 v <<= 32 - vlen;
2241 mask <<= 32 - vlen;
2242 }
2243 return gen_host(v, mask, proto, dir);
2244 }
2245
2246 case Q_PORT:
2247 if (proto == Q_UDP)
2248 proto = IPPROTO_UDP;
2249 else if (proto == Q_TCP)
2250 proto = IPPROTO_TCP;
2251 else if (proto == Q_DEFAULT)
2252 proto = PROTO_UNDEF;
2253 else
2254 bpf_error("illegal qualifier of 'port'");
2255
2256 #ifndef INET6
2257 return gen_port((int)v, proto, dir);
2258 #else
2259 {
2260 struct block *b;
2261 b = gen_port((int)v, proto, dir);
2262 gen_or(gen_port6((int)v, proto, dir), b);
2263 return b;
2264 }
2265 #endif /* INET6 */
2266
2267 case Q_GATEWAY:
2268 bpf_error("'gateway' requires a name");
2269 /* NOTREACHED */
2270
2271 case Q_PROTO:
2272 return gen_proto((int)v, proto, dir);
2273
2274 case Q_PROTOCHAIN:
2275 return gen_protochain((int)v, proto, dir);
2276
2277 case Q_UNDEF:
2278 syntax();
2279 /* NOTREACHED */
2280
2281 default:
2282 abort();
2283 /* NOTREACHED */
2284 }
2285 /* NOTREACHED */
2286 }
2287
2288 #ifdef INET6
2289 struct block *
2290 gen_mcode6(s1, s2, masklen, q)
2291 register const char *s1, *s2;
2292 register int masklen;
2293 struct qual q;
2294 {
2295 struct addrinfo *res;
2296 struct in6_addr *addr;
2297 struct in6_addr mask;
2298 struct block *b;
2299 u_int32_t *a, *m;
2300
2301 if (s2)
2302 bpf_error("no mask %s supported", s2);
2303
2304 res = pcap_nametoaddrinfo(s1);
2305 if (!res)
2306 bpf_error("invalid ip6 address %s", s1);
2307 if (res->ai_next)
2308 bpf_error("%s resolved to multiple address", s1);
2309 addr = &((struct sockaddr_in6 *)res->ai_addr)->sin6_addr;
2310
2311 if (sizeof(mask) * 8 < masklen)
2312 bpf_error("mask length must be <= %u", (unsigned int)(sizeof(mask) * 8));
2313 memset(&mask, 0xff, masklen / 8);
2314 if (masklen % 8) {
2315 mask.s6_addr[masklen / 8] =
2316 (0xff << (8 - masklen % 8)) & 0xff;
2317 }
2318
2319 a = (u_int32_t *)addr;
2320 m = (u_int32_t *)&mask;
2321 if ((a[0] & ~m[0]) || (a[1] & ~m[1])
2322 || (a[2] & ~m[2]) || (a[3] & ~m[3])) {
2323 bpf_error("non-network bits set in \"%s/%d\"", s1, masklen);
2324 }
2325
2326 switch (q.addr) {
2327
2328 case Q_DEFAULT:
2329 case Q_HOST:
2330 if (masklen != 128)
2331 bpf_error("Mask syntax for networks only");
2332 /* FALLTHROUGH */
2333
2334 case Q_NET:
2335 b = gen_host6(addr, &mask, q.proto, q.dir);
2336 freeaddrinfo(res);
2337 return b;
2338
2339 default:
2340 bpf_error("invalid qualifier against IPv6 address");
2341 /* NOTREACHED */
2342 }
2343 }
2344 #endif /*INET6*/
2345
2346 struct block *
2347 gen_ecode(eaddr, q)
2348 register const u_char *eaddr;
2349 struct qual q;
2350 {
2351 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) {
2352 if (linktype == DLT_EN10MB)
2353 return gen_ehostop(eaddr, (int)q.dir);
2354 if (linktype == DLT_FDDI)
2355 return gen_fhostop(eaddr, (int)q.dir);
2356 }
2357 bpf_error("ethernet address used in non-ether expression");
2358 /* NOTREACHED */
2359 }
2360
2361 void
2362 sappend(s0, s1)
2363 struct slist *s0, *s1;
2364 {
2365 /*
2366 * This is definitely not the best way to do this, but the
2367 * lists will rarely get long.
2368 */
2369 while (s0->next)
2370 s0 = s0->next;
2371 s0->next = s1;
2372 }
2373
2374 static struct slist *
2375 xfer_to_x(a)
2376 struct arth *a;
2377 {
2378 struct slist *s;
2379
2380 s = new_stmt(BPF_LDX|BPF_MEM);
2381 s->s.k = a->regno;
2382 return s;
2383 }
2384
2385 static struct slist *
2386 xfer_to_a(a)
2387 struct arth *a;
2388 {
2389 struct slist *s;
2390
2391 s = new_stmt(BPF_LD|BPF_MEM);
2392 s->s.k = a->regno;
2393 return s;
2394 }
2395
2396 struct arth *
2397 gen_load(proto, index, size)
2398 int proto;
2399 struct arth *index;
2400 int size;
2401 {
2402 struct slist *s, *tmp;
2403 struct block *b;
2404 int regno = alloc_reg();
2405
2406 free_reg(index->regno);
2407 switch (size) {
2408
2409 default:
2410 bpf_error("data size must be 1, 2, or 4");
2411
2412 case 1:
2413 size = BPF_B;
2414 break;
2415
2416 case 2:
2417 size = BPF_H;
2418 break;
2419
2420 case 4:
2421 size = BPF_W;
2422 break;
2423 }
2424 switch (proto) {
2425 default:
2426 bpf_error("unsupported index operation");
2427
2428 case Q_LINK:
2429 s = xfer_to_x(index);
2430 tmp = new_stmt(BPF_LD|BPF_IND|size);
2431 sappend(s, tmp);
2432 sappend(index->s, s);
2433 break;
2434
2435 case Q_IP:
2436 case Q_ARP:
2437 case Q_RARP:
2438 case Q_ATALK:
2439 case Q_DECNET:
2440 case Q_SCA:
2441 case Q_LAT:
2442 case Q_MOPRC:
2443 case Q_MOPDL:
2444 #ifdef INET6
2445 case Q_IPV6:
2446 #endif
2447 /* XXX Note that we assume a fixed link header here. */
2448 s = xfer_to_x(index);
2449 tmp = new_stmt(BPF_LD|BPF_IND|size);
2450 tmp->s.k = off_nl;
2451 sappend(s, tmp);
2452 sappend(index->s, s);
2453
2454 b = gen_proto_abbrev(proto);
2455 if (index->b)
2456 gen_and(index->b, b);
2457 index->b = b;
2458 break;
2459
2460 case Q_TCP:
2461 case Q_UDP:
2462 case Q_ICMP:
2463 case Q_IGMP:
2464 case Q_IGRP:
2465 case Q_PIM:
2466 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
2467 s->s.k = off_nl;
2468 sappend(s, xfer_to_a(index));
2469 sappend(s, new_stmt(BPF_ALU|BPF_ADD|BPF_X));
2470 sappend(s, new_stmt(BPF_MISC|BPF_TAX));
2471 sappend(s, tmp = new_stmt(BPF_LD|BPF_IND|size));
2472 tmp->s.k = off_nl;
2473 sappend(index->s, s);
2474
2475 gen_and(gen_proto_abbrev(proto), b = gen_ipfrag());
2476 if (index->b)
2477 gen_and(index->b, b);
2478 #ifdef INET6
2479 gen_and(gen_proto_abbrev(Q_IP), b);
2480 #endif
2481 index->b = b;
2482 break;
2483 #ifdef INET6
2484 case Q_ICMPV6:
2485 bpf_error("IPv6 upper-layer protocol is not supported by proto[x]");
2486 /*NOTREACHED*/
2487 #endif
2488 }
2489 index->regno = regno;
2490 s = new_stmt(BPF_ST);
2491 s->s.k = regno;
2492 sappend(index->s, s);
2493
2494 return index;
2495 }
2496
2497 struct block *
2498 gen_relation(code, a0, a1, reversed)
2499 int code;
2500 struct arth *a0, *a1;
2501 int reversed;
2502 {
2503 struct slist *s0, *s1, *s2;
2504 struct block *b, *tmp;
2505
2506 s0 = xfer_to_x(a1);
2507 s1 = xfer_to_a(a0);
2508 s2 = new_stmt(BPF_ALU|BPF_SUB|BPF_X);
2509 b = new_block(JMP(code));
2510 if (code == BPF_JGT || code == BPF_JGE) {
2511 reversed = !reversed;
2512 b->s.k = 0x80000000;
2513 }
2514 if (reversed)
2515 gen_not(b);
2516
2517 sappend(s1, s2);
2518 sappend(s0, s1);
2519 sappend(a1->s, s0);
2520 sappend(a0->s, a1->s);
2521
2522 b->stmts = a0->s;
2523
2524 free_reg(a0->regno);
2525 free_reg(a1->regno);
2526
2527 /* 'and' together protocol checks */
2528 if (a0->b) {
2529 if (a1->b) {
2530 gen_and(a0->b, tmp = a1->b);
2531 }
2532 else
2533 tmp = a0->b;
2534 } else
2535 tmp = a1->b;
2536
2537 if (tmp)
2538 gen_and(tmp, b);
2539
2540 return b;
2541 }
2542
2543 struct arth *
2544 gen_loadlen()
2545 {
2546 int regno = alloc_reg();
2547 struct arth *a = (struct arth *)newchunk(sizeof(*a));
2548 struct slist *s;
2549
2550 s = new_stmt(BPF_LD|BPF_LEN);
2551 s->next = new_stmt(BPF_ST);
2552 s->next->s.k = regno;
2553 a->s = s;
2554 a->regno = regno;
2555
2556 return a;
2557 }
2558
2559 struct arth *
2560 gen_loadi(val)
2561 int val;
2562 {
2563 struct arth *a;
2564 struct slist *s;
2565 int reg;
2566
2567 a = (struct arth *)newchunk(sizeof(*a));
2568
2569 reg = alloc_reg();
2570
2571 s = new_stmt(BPF_LD|BPF_IMM);
2572 s->s.k = val;
2573 s->next = new_stmt(BPF_ST);
2574 s->next->s.k = reg;
2575 a->s = s;
2576 a->regno = reg;
2577
2578 return a;
2579 }
2580
2581 struct arth *
2582 gen_neg(a)
2583 struct arth *a;
2584 {
2585 struct slist *s;
2586
2587 s = xfer_to_a(a);
2588 sappend(a->s, s);
2589 s = new_stmt(BPF_ALU|BPF_NEG);
2590 s->s.k = 0;
2591 sappend(a->s, s);
2592 s = new_stmt(BPF_ST);
2593 s->s.k = a->regno;
2594 sappend(a->s, s);
2595
2596 return a;
2597 }
2598
2599 struct arth *
2600 gen_arth(code, a0, a1)
2601 int code;
2602 struct arth *a0, *a1;
2603 {
2604 struct slist *s0, *s1, *s2;
2605
2606 s0 = xfer_to_x(a1);
2607 s1 = xfer_to_a(a0);
2608 s2 = new_stmt(BPF_ALU|BPF_X|code);
2609
2610 sappend(s1, s2);
2611 sappend(s0, s1);
2612 sappend(a1->s, s0);
2613 sappend(a0->s, a1->s);
2614
2615 free_reg(a1->regno);
2616
2617 s0 = new_stmt(BPF_ST);
2618 a0->regno = s0->s.k = alloc_reg();
2619 sappend(a0->s, s0);
2620
2621 return a0;
2622 }
2623
2624 /*
2625 * Here we handle simple allocation of the scratch registers.
2626 * If too many registers are alloc'd, the allocator punts.
2627 */
2628 static int regused[BPF_MEMWORDS];
2629 static int curreg;
2630
2631 /*
2632 * Return the next free register.
2633 */
2634 static int
2635 alloc_reg()
2636 {
2637 int n = BPF_MEMWORDS;
2638
2639 while (--n >= 0) {
2640 if (regused[curreg])
2641 curreg = (curreg + 1) % BPF_MEMWORDS;
2642 else {
2643 regused[curreg] = 1;
2644 return curreg;
2645 }
2646 }
2647 bpf_error("too many registers needed to evaluate expression");
2648 /* NOTREACHED */
2649 }
2650
2651 /*
2652 * Return a register to the table so it can
2653 * be used later.
2654 */
2655 static void
2656 free_reg(n)
2657 int n;
2658 {
2659 regused[n] = 0;
2660 }
2661
2662 static struct block *
2663 gen_len(jmp, n)
2664 int jmp, n;
2665 {
2666 struct slist *s;
2667 struct block *b;
2668
2669 s = new_stmt(BPF_LD|BPF_LEN);
2670 b = new_block(JMP(jmp));
2671 b->stmts = s;
2672 b->s.k = n;
2673
2674 return b;
2675 }
2676
2677 struct block *
2678 gen_greater(n)
2679 int n;
2680 {
2681 return gen_len(BPF_JGE, n);
2682 }
2683
2684 struct block *
2685 gen_less(n)
2686 int n;
2687 {
2688 struct block *b;
2689
2690 b = gen_len(BPF_JGT, n);
2691 gen_not(b);
2692
2693 return b;
2694 }
2695
2696 struct block *
2697 gen_byteop(op, idx, val)
2698 int op, idx, val;
2699 {
2700 struct block *b;
2701 struct slist *s;
2702
2703 switch (op) {
2704 default:
2705 abort();
2706
2707 case '=':
2708 return gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2709
2710 case '<':
2711 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2712 b->s.code = JMP(BPF_JGE);
2713 gen_not(b);
2714 return b;
2715
2716 case '>':
2717 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2718 b->s.code = JMP(BPF_JGT);
2719 return b;
2720
2721 case '|':
2722 s = new_stmt(BPF_ALU|BPF_OR|BPF_K);
2723 break;
2724
2725 case '&':
2726 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
2727 break;
2728 }
2729 s->s.k = val;
2730 b = new_block(JMP(BPF_JEQ));
2731 b->stmts = s;
2732 gen_not(b);
2733
2734 return b;
2735 }
2736
2737 struct block *
2738 gen_broadcast(proto)
2739 int proto;
2740 {
2741 bpf_u_int32 hostmask;
2742 struct block *b0, *b1, *b2;
2743 static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2744
2745 switch (proto) {
2746
2747 case Q_DEFAULT:
2748 case Q_LINK:
2749 if (linktype == DLT_EN10MB)
2750 return gen_ehostop(ebroadcast, Q_DST);
2751 if (linktype == DLT_FDDI)
2752 return gen_fhostop(ebroadcast, Q_DST);
2753 bpf_error("not a broadcast link");
2754 break;
2755
2756 case Q_IP:
2757 b0 = gen_linktype(ETHERTYPE_IP);
2758 hostmask = ~netmask;
2759 b1 = gen_mcmp(off_nl + 16, BPF_W, (bpf_int32)0, hostmask);
2760 b2 = gen_mcmp(off_nl + 16, BPF_W,
2761 (bpf_int32)(~0 & hostmask), hostmask);
2762 gen_or(b1, b2);
2763 gen_and(b0, b2);
2764 return b2;
2765 }
2766 bpf_error("only ether/ip broadcast filters supported");
2767 }
2768
2769 struct block *
2770 gen_multicast(proto)
2771 int proto;
2772 {
2773 register struct block *b0, *b1;
2774 register struct slist *s;
2775
2776 switch (proto) {
2777
2778 case Q_DEFAULT:
2779 case Q_LINK:
2780 if (linktype == DLT_EN10MB) {
2781 /* ether[0] & 1 != 0 */
2782 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2783 s->s.k = 0;
2784 b0 = new_block(JMP(BPF_JSET));
2785 b0->s.k = 1;
2786 b0->stmts = s;
2787 return b0;
2788 }
2789
2790 if (linktype == DLT_FDDI) {
2791 /* XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX */
2792 /* fddi[1] & 1 != 0 */
2793 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2794 s->s.k = 1;
2795 b0 = new_block(JMP(BPF_JSET));
2796 b0->s.k = 1;
2797 b0->stmts = s;
2798 return b0;
2799 }
2800 /* Link not known to support multicasts */
2801 break;
2802
2803 case Q_IP:
2804 b0 = gen_linktype(ETHERTYPE_IP);
2805 b1 = gen_cmp(off_nl + 16, BPF_B, (bpf_int32)224);
2806 b1->s.code = JMP(BPF_JGE);
2807 gen_and(b0, b1);
2808 return b1;
2809
2810 #ifdef INET6
2811 case Q_IPV6:
2812 b0 = gen_linktype(ETHERTYPE_IPV6);
2813 b1 = gen_cmp(off_nl + 24, BPF_B, (bpf_int32)255);
2814 gen_and(b0, b1);
2815 return b1;
2816 #endif /* INET6 */
2817 }
2818 bpf_error("only IP multicast filters supported on ethernet/FDDI");
2819 }
2820
2821 /*
2822 * generate command for inbound/outbound. It's here so we can
2823 * make it link-type specific. 'dir' = 0 implies "inbound",
2824 * = 1 implies "outbound".
2825 */
2826 struct block *
2827 gen_inbound(dir)
2828 int dir;
2829 {
2830 register struct block *b0;
2831
2832 b0 = gen_relation(BPF_JEQ,
2833 gen_load(Q_LINK, gen_loadi(0), 1),
2834 gen_loadi(0),
2835 dir);
2836 return (b0);
2837 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism