]> The Tcpdump Group git mirrors - libpcap/blob - gencode.c
projects / libpcap / blob


6eab6ced4f0847b3d9d9e14b816df09ddddf4574
[libpcap] / gencode.c
1 /*#define CHASE_CHAIN*/
2 /*
3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998
4 * The Regents of the University of California. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that: (1) source code distributions
8 * retain the above copyright notice and this paragraph in its entirety, (2)
9 * distributions including binary code include the above copyright notice and
10 * this paragraph in its entirety in the documentation or other materials
11 * provided with the distribution, and (3) all advertising materials mentioning
12 * features or use of this software display the following acknowledgement:
13 * ``This product includes software developed by the University of California,
14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
15 * the University nor the names of its contributors may be used to endorse
16 * or promote products derived from this software without specific prior
17 * written permission.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 */
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.113 2000-07-11 00:37:04 assar Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <sys/types.h>
32 #include <sys/socket.h>
33 #include <sys/time.h>
34 #ifdef __NetBSD__
35 #include <sys/param.h>
36 #endif
37
38 struct mbuf;
39 struct rtentry;
40 #include <net/if.h>
41
42 #include <netinet/in.h>
43 #include <netinet/if_ether.h>
44
45 #include <stdlib.h>
46 #include <memory.h>
47 #include <setjmp.h>
48 #include <stdarg.h>
49
50 #include "pcap-int.h"
51
52 #include "ethertype.h"
53 #include "gencode.h"
54 #include "ppp.h"
55 #include <pcap-namedb.h>
56 #ifdef INET6
57 #include <netdb.h>
58 #include <sys/socket.h>
59 #endif /*INET6*/
60
61 #ifdef HAVE_OS_PROTO_H
62 #include "os-proto.h"
63 #endif
64
65 #define JMP(c) ((c)|BPF_JMP|BPF_K)
66
67 /* Locals */
68 static jmp_buf top_ctx;
69 static pcap_t *bpf_pcap;
70
71 /* XXX */
72 #ifdef PCAP_FDDIPAD
73 int pcap_fddipad = PCAP_FDDIPAD;
74 #else
75 int pcap_fddipad;
76 #endif
77
78 /* VARARGS */
79 void
80 bpf_error(const char *fmt, ...)
81
82 {
83 va_list ap;
84
85 va_start(ap, fmt);
86 if (bpf_pcap != NULL)
87 (void)vsnprintf(pcap_geterr(bpf_pcap), PCAP_ERRBUF_SIZE,
88 fmt, ap);
89 va_end(ap);
90 longjmp(top_ctx, 1);
91 /* NOTREACHED */
92 }
93
94 static void init_linktype(int);
95
96 static int alloc_reg(void);
97 static void free_reg(int);
98
99 static struct block *root;
100
101 /*
102 * We divy out chunks of memory rather than call malloc each time so
103 * we don't have to worry about leaking memory. It's probably
104 * not a big deal if all this memory was wasted but it this ever
105 * goes into a library that would probably not be a good idea.
106 */
107 #define NCHUNKS 16
108 #define CHUNK0SIZE 1024
109 struct chunk {
110 u_int n_left;
111 void *m;
112 };
113
114 static struct chunk chunks[NCHUNKS];
115 static int cur_chunk;
116
117 static void *newchunk(u_int);
118 static void freechunks(void);
119 static inline struct block *new_block(int);
120 static inline struct slist *new_stmt(int);
121 static struct block *gen_retblk(int);
122 static inline void syntax(void);
123
124 static void backpatch(struct block *, struct block *);
125 static void merge(struct block *, struct block *);
126 static struct block *gen_cmp(u_int, u_int, bpf_int32);
127 static struct block *gen_mcmp(u_int, u_int, bpf_int32, bpf_u_int32);
128 static struct block *gen_bcmp(u_int, u_int, const u_char *);
129 static struct block *gen_uncond(int);
130 static inline struct block *gen_true(void);
131 static inline struct block *gen_false(void);
132 static struct block *gen_linktype(int);
133 static struct block *gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int);
134 #ifdef INET6
135 static struct block *gen_hostop6(struct in6_addr *, struct in6_addr *, int, int, u_int, u_int);
136 #endif
137 static struct block *gen_ehostop(const u_char *, int);
138 static struct block *gen_fhostop(const u_char *, int);
139 static struct block *gen_dnhostop(bpf_u_int32, int, u_int);
140 static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int);
141 #ifdef INET6
142 static struct block *gen_host6(struct in6_addr *, struct in6_addr *, int, int);
143 #endif
144 #ifndef INET6
145 static struct block *gen_gateway(const u_char *, bpf_u_int32 **, int, int);
146 #endif
147 static struct block *gen_ipfrag(void);
148 static struct block *gen_portatom(int, bpf_int32);
149 #ifdef INET6
150 static struct block *gen_portatom6(int, bpf_int32);
151 #endif
152 struct block *gen_portop(int, int, int);
153 static struct block *gen_port(int, int, int);
154 #ifdef INET6
155 struct block *gen_portop6(int, int, int);
156 static struct block *gen_port6(int, int, int);
157 #endif
158 static int lookup_proto(const char *, int);
159 static struct block *gen_proto(int, int, int);
160 static struct slist *xfer_to_x(struct arth *);
161 static struct slist *xfer_to_a(struct arth *);
162 static struct block *gen_len(int, int);
163
164 static void *
165 newchunk(n)
166 u_int n;
167 {
168 struct chunk *cp;
169 int k, size;
170
171 #ifndef __NetBSD__
172 /* XXX Round up to nearest long. */
173 n = (n + sizeof(long) - 1) & ~(sizeof(long) - 1);
174 #else
175 /* XXX Round up to structure boundary. */
176 n = ALIGN(n);
177 #endif
178
179 cp = &chunks[cur_chunk];
180 if (n > cp->n_left) {
181 ++cp, k = ++cur_chunk;
182 if (k >= NCHUNKS)
183 bpf_error("out of memory");
184 size = CHUNK0SIZE << k;
185 cp->m = (void *)malloc(size);
186 memset((char *)cp->m, 0, size);
187 cp->n_left = size;
188 if (n > size)
189 bpf_error("out of memory");
190 }
191 cp->n_left -= n;
192 return (void *)((char *)cp->m + cp->n_left);
193 }
194
195 static void
196 freechunks()
197 {
198 int i;
199
200 cur_chunk = 0;
201 for (i = 0; i < NCHUNKS; ++i)
202 if (chunks[i].m != NULL) {
203 free(chunks[i].m);
204 chunks[i].m = NULL;
205 }
206 }
207
208 /*
209 * A strdup whose allocations are freed after code generation is over.
210 */
211 char *
212 sdup(s)
213 register const char *s;
214 {
215 int n = strlen(s) + 1;
216 char *cp = newchunk(n);
217
218 strlcpy(cp, s, n);
219 return (cp);
220 }
221
222 static inline struct block *
223 new_block(code)
224 int code;
225 {
226 struct block *p;
227
228 p = (struct block *)newchunk(sizeof(*p));
229 p->s.code = code;
230 p->head = p;
231
232 return p;
233 }
234
235 static inline struct slist *
236 new_stmt(code)
237 int code;
238 {
239 struct slist *p;
240
241 p = (struct slist *)newchunk(sizeof(*p));
242 p->s.code = code;
243
244 return p;
245 }
246
247 static struct block *
248 gen_retblk(v)
249 int v;
250 {
251 struct block *b = new_block(BPF_RET|BPF_K);
252
253 b->s.k = v;
254 return b;
255 }
256
257 static inline void
258 syntax()
259 {
260 bpf_error("syntax error in filter expression");
261 }
262
263 static bpf_u_int32 netmask;
264 static int snaplen;
265 int no_optimize;
266
267 int
268 pcap_compile(pcap_t *p, struct bpf_program *program,
269 char *buf, int optimize, bpf_u_int32 mask)
270 {
271 extern int n_errors;
272 int len;
273
274 no_optimize = 0;
275 n_errors = 0;
276 root = NULL;
277 bpf_pcap = p;
278 if (setjmp(top_ctx)) {
279 freechunks();
280 return (-1);
281 }
282
283 netmask = mask;
284 snaplen = pcap_snapshot(p);
285 if (snaplen == 0) {
286 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
287 "snaplen of 0 rejects all packets");
288 return -1;
289 }
290
291 lex_init(buf ? buf : "");
292 init_linktype(pcap_datalink(p));
293 (void)pcap_parse();
294
295 if (n_errors)
296 syntax();
297
298 if (root == NULL)
299 root = gen_retblk(snaplen);
300
301 if (optimize && !no_optimize) {
302 bpf_optimize(&root);
303 if (root == NULL ||
304 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
305 bpf_error("expression rejects all packets");
306 }
307 program->bf_insns = icode_to_fcode(root, &len);
308 program->bf_len = len;
309
310 freechunks();
311 return (0);
312 }
313
314 /*
315 * entry point for using the compiler with no pcap open
316 * pass in all the stuff that is needed explicitly instead.
317 */
318 int
319 pcap_compile_nopcap(int snaplen_arg, int linktype_arg,
320 struct bpf_program *program,
321 char *buf, int optimize, bpf_u_int32 mask)
322 {
323 extern int n_errors;
324 int len;
325
326 n_errors = 0;
327 root = NULL;
328 bpf_pcap = NULL;
329 if (setjmp(top_ctx)) {
330 freechunks();
331 return (-1);
332 }
333
334 netmask = mask;
335
336 /* XXX needed? I don't grok the use of globals here. */
337 snaplen = snaplen_arg;
338
339 lex_init(buf ? buf : "");
340 init_linktype(linktype_arg);
341 (void)pcap_parse();
342
343 if (n_errors)
344 syntax();
345
346 if (root == NULL)
347 root = gen_retblk(snaplen_arg);
348
349 if (optimize) {
350 bpf_optimize(&root);
351 if (root == NULL ||
352 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
353 bpf_error("expression rejects all packets");
354 }
355 program->bf_insns = icode_to_fcode(root, &len);
356 program->bf_len = len;
357
358 freechunks();
359 return (0);
360 }
361
362 /*
363 * Backpatch the blocks in 'list' to 'target'. The 'sense' field indicates
364 * which of the jt and jf fields has been resolved and which is a pointer
365 * back to another unresolved block (or nil). At least one of the fields
366 * in each block is already resolved.
367 */
368 static void
369 backpatch(list, target)
370 struct block *list, *target;
371 {
372 struct block *next;
373
374 while (list) {
375 if (!list->sense) {
376 next = JT(list);
377 JT(list) = target;
378 } else {
379 next = JF(list);
380 JF(list) = target;
381 }
382 list = next;
383 }
384 }
385
386 /*
387 * Merge the lists in b0 and b1, using the 'sense' field to indicate
388 * which of jt and jf is the link.
389 */
390 static void
391 merge(b0, b1)
392 struct block *b0, *b1;
393 {
394 register struct block **p = &b0;
395
396 /* Find end of list. */
397 while (*p)
398 p = !((*p)->sense) ? &JT(*p) : &JF(*p);
399
400 /* Concatenate the lists. */
401 *p = b1;
402 }
403
404 void
405 finish_parse(p)
406 struct block *p;
407 {
408 backpatch(p, gen_retblk(snaplen));
409 p->sense = !p->sense;
410 backpatch(p, gen_retblk(0));
411 root = p->head;
412 }
413
414 void
415 gen_and(b0, b1)
416 struct block *b0, *b1;
417 {
418 backpatch(b0, b1->head);
419 b0->sense = !b0->sense;
420 b1->sense = !b1->sense;
421 merge(b1, b0);
422 b1->sense = !b1->sense;
423 b1->head = b0->head;
424 }
425
426 void
427 gen_or(b0, b1)
428 struct block *b0, *b1;
429 {
430 b0->sense = !b0->sense;
431 backpatch(b0, b1->head);
432 b0->sense = !b0->sense;
433 merge(b1, b0);
434 b1->head = b0->head;
435 }
436
437 void
438 gen_not(b)
439 struct block *b;
440 {
441 b->sense = !b->sense;
442 }
443
444 static struct block *
445 gen_cmp(offset, size, v)
446 u_int offset, size;
447 bpf_int32 v;
448 {
449 struct slist *s;
450 struct block *b;
451
452 s = new_stmt(BPF_LD|BPF_ABS|size);
453 s->s.k = offset;
454
455 b = new_block(JMP(BPF_JEQ));
456 b->stmts = s;
457 b->s.k = v;
458
459 return b;
460 }
461
462 static struct block *
463 gen_mcmp(offset, size, v, mask)
464 u_int offset, size;
465 bpf_int32 v;
466 bpf_u_int32 mask;
467 {
468 struct block *b = gen_cmp(offset, size, v);
469 struct slist *s;
470
471 if (mask != 0xffffffff) {
472 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
473 s->s.k = mask;
474 b->stmts->next = s;
475 }
476 return b;
477 }
478
479 static struct block *
480 gen_bcmp(offset, size, v)
481 register u_int offset, size;
482 register const u_char *v;
483 {
484 register struct block *b, *tmp;
485
486 b = NULL;
487 while (size >= 4) {
488 register const u_char *p = &v[size - 4];
489 bpf_int32 w = ((bpf_int32)p[0] << 24) |
490 ((bpf_int32)p[1] << 16) | ((bpf_int32)p[2] << 8) | p[3];
491
492 tmp = gen_cmp(offset + size - 4, BPF_W, w);
493 if (b != NULL)
494 gen_and(b, tmp);
495 b = tmp;
496 size -= 4;
497 }
498 while (size >= 2) {
499 register const u_char *p = &v[size - 2];
500 bpf_int32 w = ((bpf_int32)p[0] << 8) | p[1];
501
502 tmp = gen_cmp(offset + size - 2, BPF_H, w);
503 if (b != NULL)
504 gen_and(b, tmp);
505 b = tmp;
506 size -= 2;
507 }
508 if (size > 0) {
509 tmp = gen_cmp(offset, BPF_B, (bpf_int32)v[0]);
510 if (b != NULL)
511 gen_and(b, tmp);
512 b = tmp;
513 }
514 return b;
515 }
516
517 /*
518 * Various code constructs need to know the layout of the data link
519 * layer. These variables give the necessary offsets. off_linktype
520 * is set to -1 for no encapsulation, in which case, IP is assumed.
521 */
522 static u_int off_linktype;
523 static u_int off_nl;
524 static int linktype;
525
526 static void
527 init_linktype(type)
528 int type;
529 {
530 linktype = type;
531
532 switch (type) {
533
534 case DLT_EN10MB:
535 off_linktype = 12;
536 off_nl = 14;
537 return;
538
539 case DLT_SLIP:
540 /*
541 * SLIP doesn't have a link level type. The 16 byte
542 * header is hacked into our SLIP driver.
543 */
544 off_linktype = -1;
545 off_nl = 16;
546 return;
547
548 case DLT_SLIP_BSDOS:
549 /* XXX this may be the same as the DLT_PPP_BSDOS case */
550 off_linktype = -1;
551 /* XXX end */
552 off_nl = 24;
553 return;
554
555 case DLT_NULL:
556 off_linktype = 0;
557 off_nl = 4;
558 return;
559
560 case DLT_PPP:
561 case DLT_CHDLC:
562 off_linktype = 2;
563 off_nl = 4;
564 return;
565
566 case DLT_PPP_BSDOS:
567 off_linktype = 5;
568 off_nl = 24;
569 return;
570
571 case DLT_FDDI:
572 /*
573 * FDDI doesn't really have a link-level type field.
574 * We assume that SSAP = SNAP is being used and pick
575 * out the encapsulated Ethernet type.
576 */
577 off_linktype = 19;
578 #ifdef PCAP_FDDIPAD
579 off_linktype += pcap_fddipad;
580 #endif
581 off_nl = 21;
582 #ifdef PCAP_FDDIPAD
583 off_nl += pcap_fddipad;
584 #endif
585 return;
586
587 case DLT_IEEE802:
588 off_linktype = 20;
589 off_nl = 22;
590 return;
591
592 case DLT_ATM_RFC1483:
593 /*
594 * assume routed, non-ISO PDUs
595 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00)
596 */
597 off_linktype = 6;
598 off_nl = 8;
599 return;
600
601 case DLT_RAW:
602 off_linktype = -1;
603 off_nl = 0;
604 return;
605 }
606 bpf_error("unknown data link type 0x%x", linktype);
607 /* NOTREACHED */
608 }
609
610 static struct block *
611 gen_uncond(rsense)
612 int rsense;
613 {
614 struct block *b;
615 struct slist *s;
616
617 s = new_stmt(BPF_LD|BPF_IMM);
618 s->s.k = !rsense;
619 b = new_block(JMP(BPF_JEQ));
620 b->stmts = s;
621
622 return b;
623 }
624
625 static inline struct block *
626 gen_true()
627 {
628 return gen_uncond(1);
629 }
630
631 static inline struct block *
632 gen_false()
633 {
634 return gen_uncond(0);
635 }
636
637 static struct block *
638 gen_linktype(proto)
639 register int proto;
640 {
641 struct block *b0, *b1;
642
643 /* If we're not using encapsulation, we're done */
644 if (off_linktype == -1)
645 return gen_true();
646
647 switch (linktype) {
648
649 case DLT_SLIP:
650 return gen_false();
651
652 case DLT_PPP:
653 if (proto == ETHERTYPE_IP)
654 proto = PPP_IP; /* XXX was 0x21 */
655 #ifdef INET6
656 else if (proto == ETHERTYPE_IPV6)
657 proto = PPP_IPV6;
658 #endif
659 break;
660
661 case DLT_PPP_BSDOS:
662 switch (proto) {
663
664 case ETHERTYPE_IP:
665 b0 = gen_cmp(off_linktype, BPF_H, PPP_IP);
666 b1 = gen_cmp(off_linktype, BPF_H, PPP_VJC);
667 gen_or(b0, b1);
668 b0 = gen_cmp(off_linktype, BPF_H, PPP_VJNC);
669 gen_or(b1, b0);
670 return b0;
671
672 #ifdef INET6
673 case ETHERTYPE_IPV6:
674 proto = PPP_IPV6;
675 /* more to go? */
676 break;
677 #endif
678
679 case ETHERTYPE_DN:
680 proto = PPP_DECNET;
681 break;
682
683 case ETHERTYPE_ATALK:
684 proto = PPP_APPLE;
685 break;
686
687 case ETHERTYPE_NS:
688 proto = PPP_NS;
689 break;
690 }
691 break;
692
693 case DLT_NULL:
694 /* XXX */
695 if (proto == ETHERTYPE_IP)
696 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET)));
697 #ifdef INET6
698 else if (proto == ETHERTYPE_IPV6)
699 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET6)));
700 #endif
701 else
702 return gen_false();
703 }
704 return gen_cmp(off_linktype, BPF_H, (bpf_int32)proto);
705 }
706
707 static struct block *
708 gen_hostop(addr, mask, dir, proto, src_off, dst_off)
709 bpf_u_int32 addr;
710 bpf_u_int32 mask;
711 int dir, proto;
712 u_int src_off, dst_off;
713 {
714 struct block *b0, *b1;
715 u_int offset;
716
717 switch (dir) {
718
719 case Q_SRC:
720 offset = src_off;
721 break;
722
723 case Q_DST:
724 offset = dst_off;
725 break;
726
727 case Q_AND:
728 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
729 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
730 gen_and(b0, b1);
731 return b1;
732
733 case Q_OR:
734 case Q_DEFAULT:
735 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
736 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
737 gen_or(b0, b1);
738 return b1;
739
740 default:
741 abort();
742 }
743 b0 = gen_linktype(proto);
744 b1 = gen_mcmp(offset, BPF_W, (bpf_int32)addr, mask);
745 gen_and(b0, b1);
746 return b1;
747 }
748
749 #ifdef INET6
750 static struct block *
751 gen_hostop6(addr, mask, dir, proto, src_off, dst_off)
752 struct in6_addr *addr;
753 struct in6_addr *mask;
754 int dir, proto;
755 u_int src_off, dst_off;
756 {
757 struct block *b0, *b1;
758 u_int offset;
759 u_int32_t *a, *m;
760
761 switch (dir) {
762
763 case Q_SRC:
764 offset = src_off;
765 break;
766
767 case Q_DST:
768 offset = dst_off;
769 break;
770
771 case Q_AND:
772 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
773 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
774 gen_and(b0, b1);
775 return b1;
776
777 case Q_OR:
778 case Q_DEFAULT:
779 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
780 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
781 gen_or(b0, b1);
782 return b1;
783
784 default:
785 abort();
786 }
787 /* this order is important */
788 a = (u_int32_t *)addr;
789 m = (u_int32_t *)mask;
790 b1 = gen_mcmp(offset + 12, BPF_W, ntohl(a[3]), ntohl(m[3]));
791 b0 = gen_mcmp(offset + 8, BPF_W, ntohl(a[2]), ntohl(m[2]));
792 gen_and(b0, b1);
793 b0 = gen_mcmp(offset + 4, BPF_W, ntohl(a[1]), ntohl(m[1]));
794 gen_and(b0, b1);
795 b0 = gen_mcmp(offset + 0, BPF_W, ntohl(a[0]), ntohl(m[0]));
796 gen_and(b0, b1);
797 b0 = gen_linktype(proto);
798 gen_and(b0, b1);
799 return b1;
800 }
801 #endif /*INET6*/
802
803 static struct block *
804 gen_ehostop(eaddr, dir)
805 register const u_char *eaddr;
806 register int dir;
807 {
808 register struct block *b0, *b1;
809
810 switch (dir) {
811 case Q_SRC:
812 return gen_bcmp(6, 6, eaddr);
813
814 case Q_DST:
815 return gen_bcmp(0, 6, eaddr);
816
817 case Q_AND:
818 b0 = gen_ehostop(eaddr, Q_SRC);
819 b1 = gen_ehostop(eaddr, Q_DST);
820 gen_and(b0, b1);
821 return b1;
822
823 case Q_DEFAULT:
824 case Q_OR:
825 b0 = gen_ehostop(eaddr, Q_SRC);
826 b1 = gen_ehostop(eaddr, Q_DST);
827 gen_or(b0, b1);
828 return b1;
829 }
830 abort();
831 /* NOTREACHED */
832 }
833
834 /*
835 * Like gen_ehostop, but for DLT_FDDI
836 */
837 static struct block *
838 gen_fhostop(eaddr, dir)
839 register const u_char *eaddr;
840 register int dir;
841 {
842 struct block *b0, *b1;
843
844 switch (dir) {
845 case Q_SRC:
846 #ifdef PCAP_FDDIPAD
847 return gen_bcmp(6 + 1 + pcap_fddipad, 6, eaddr);
848 #else
849 return gen_bcmp(6 + 1, 6, eaddr);
850 #endif
851
852 case Q_DST:
853 #ifdef PCAP_FDDIPAD
854 return gen_bcmp(0 + 1 + pcap_fddipad, 6, eaddr);
855 #else
856 return gen_bcmp(0 + 1, 6, eaddr);
857 #endif
858
859 case Q_AND:
860 b0 = gen_fhostop(eaddr, Q_SRC);
861 b1 = gen_fhostop(eaddr, Q_DST);
862 gen_and(b0, b1);
863 return b1;
864
865 case Q_DEFAULT:
866 case Q_OR:
867 b0 = gen_fhostop(eaddr, Q_SRC);
868 b1 = gen_fhostop(eaddr, Q_DST);
869 gen_or(b0, b1);
870 return b1;
871 }
872 abort();
873 /* NOTREACHED */
874 }
875
876 /*
877 * This is quite tricky because there may be pad bytes in front of the
878 * DECNET header, and then there are two possible data packet formats that
879 * carry both src and dst addresses, plus 5 packet types in a format that
880 * carries only the src node, plus 2 types that use a different format and
881 * also carry just the src node.
882 *
883 * Yuck.
884 *
885 * Instead of doing those all right, we just look for data packets with
886 * 0 or 1 bytes of padding. If you want to look at other packets, that
887 * will require a lot more hacking.
888 *
889 * To add support for filtering on DECNET "areas" (network numbers)
890 * one would want to add a "mask" argument to this routine. That would
891 * make the filter even more inefficient, although one could be clever
892 * and not generate masking instructions if the mask is 0xFFFF.
893 */
894 static struct block *
895 gen_dnhostop(addr, dir, base_off)
896 bpf_u_int32 addr;
897 int dir;
898 u_int base_off;
899 {
900 struct block *b0, *b1, *b2, *tmp;
901 u_int offset_lh; /* offset if long header is received */
902 u_int offset_sh; /* offset if short header is received */
903
904 switch (dir) {
905
906 case Q_DST:
907 offset_sh = 1; /* follows flags */
908 offset_lh = 7; /* flgs,darea,dsubarea,HIORD */
909 break;
910
911 case Q_SRC:
912 offset_sh = 3; /* follows flags, dstnode */
913 offset_lh = 15; /* flgs,darea,dsubarea,did,sarea,ssub,HIORD */
914 break;
915
916 case Q_AND:
917 /* Inefficient because we do our Calvinball dance twice */
918 b0 = gen_dnhostop(addr, Q_SRC, base_off);
919 b1 = gen_dnhostop(addr, Q_DST, base_off);
920 gen_and(b0, b1);
921 return b1;
922
923 case Q_OR:
924 case Q_DEFAULT:
925 /* Inefficient because we do our Calvinball dance twice */
926 b0 = gen_dnhostop(addr, Q_SRC, base_off);
927 b1 = gen_dnhostop(addr, Q_DST, base_off);
928 gen_or(b0, b1);
929 return b1;
930
931 default:
932 abort();
933 }
934 b0 = gen_linktype(ETHERTYPE_DN);
935 /* Check for pad = 1, long header case */
936 tmp = gen_mcmp(base_off + 2, BPF_H,
937 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF));
938 b1 = gen_cmp(base_off + 2 + 1 + offset_lh,
939 BPF_H, (bpf_int32)ntohs(addr));
940 gen_and(tmp, b1);
941 /* Check for pad = 0, long header case */
942 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x06, (bpf_int32)0x7);
943 b2 = gen_cmp(base_off + 2 + offset_lh, BPF_H, (bpf_int32)ntohs(addr));
944 gen_and(tmp, b2);
945 gen_or(b2, b1);
946 /* Check for pad = 1, short header case */
947 tmp = gen_mcmp(base_off + 2, BPF_H,
948 (bpf_int32)ntohs(0x0281), (bpf_int32)ntohs(0x07FF));
949 b2 = gen_cmp(base_off + 2 + 1 + offset_sh,
950 BPF_H, (bpf_int32)ntohs(addr));
951 gen_and(tmp, b2);
952 gen_or(b2, b1);
953 /* Check for pad = 0, short header case */
954 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x02, (bpf_int32)0x7);
955 b2 = gen_cmp(base_off + 2 + offset_sh, BPF_H, (bpf_int32)ntohs(addr));
956 gen_and(tmp, b2);
957 gen_or(b2, b1);
958
959 /* Combine with test for linktype */
960 gen_and(b0, b1);
961 return b1;
962 }
963
964 static struct block *
965 gen_host(addr, mask, proto, dir)
966 bpf_u_int32 addr;
967 bpf_u_int32 mask;
968 int proto;
969 int dir;
970 {
971 struct block *b0, *b1;
972
973 switch (proto) {
974
975 case Q_DEFAULT:
976 b0 = gen_host(addr, mask, Q_IP, dir);
977 if (off_linktype != -1) {
978 b1 = gen_host(addr, mask, Q_ARP, dir);
979 gen_or(b0, b1);
980 b0 = gen_host(addr, mask, Q_RARP, dir);
981 gen_or(b1, b0);
982 }
983 return b0;
984
985 case Q_IP:
986 return gen_hostop(addr, mask, dir, ETHERTYPE_IP,
987 off_nl + 12, off_nl + 16);
988
989 case Q_RARP:
990 return gen_hostop(addr, mask, dir, ETHERTYPE_REVARP,
991 off_nl + 14, off_nl + 24);
992
993 case Q_ARP:
994 return gen_hostop(addr, mask, dir, ETHERTYPE_ARP,
995 off_nl + 14, off_nl + 24);
996
997 case Q_TCP:
998 bpf_error("'tcp' modifier applied to host");
999
1000 case Q_UDP:
1001 bpf_error("'udp' modifier applied to host");
1002
1003 case Q_ICMP:
1004 bpf_error("'icmp' modifier applied to host");
1005
1006 case Q_IGMP:
1007 bpf_error("'igmp' modifier applied to host");
1008
1009 case Q_IGRP:
1010 bpf_error("'igrp' modifier applied to host");
1011
1012 case Q_PIM:
1013 bpf_error("'pim' modifier applied to host");
1014
1015 case Q_ATALK:
1016 bpf_error("ATALK host filtering not implemented");
1017
1018 case Q_DECNET:
1019 return gen_dnhostop(addr, dir, off_nl);
1020
1021 case Q_SCA:
1022 bpf_error("SCA host filtering not implemented");
1023
1024 case Q_LAT:
1025 bpf_error("LAT host filtering not implemented");
1026
1027 case Q_MOPDL:
1028 bpf_error("MOPDL host filtering not implemented");
1029
1030 case Q_MOPRC:
1031 bpf_error("MOPRC host filtering not implemented");
1032
1033 #ifdef INET6
1034 case Q_IPV6:
1035 bpf_error("'ip6' modifier applied to ip host");
1036
1037 case Q_ICMPV6:
1038 bpf_error("'icmp6' modifier applied to host");
1039 #endif /* INET6 */
1040
1041 case Q_AH:
1042 bpf_error("'ah' modifier applied to host");
1043
1044 case Q_ESP:
1045 bpf_error("'esp' modifier applied to host");
1046
1047 default:
1048 abort();
1049 }
1050 /* NOTREACHED */
1051 }
1052
1053 #ifdef INET6
1054 static struct block *
1055 gen_host6(addr, mask, proto, dir)
1056 struct in6_addr *addr;
1057 struct in6_addr *mask;
1058 int proto;
1059 int dir;
1060 {
1061 switch (proto) {
1062
1063 case Q_DEFAULT:
1064 return gen_host6(addr, mask, Q_IPV6, dir);
1065
1066 case Q_IP:
1067 bpf_error("'ip' modifier applied to ip6 host");
1068
1069 case Q_RARP:
1070 bpf_error("'rarp' modifier applied to ip6 host");
1071
1072 case Q_ARP:
1073 bpf_error("'arp' modifier applied to ip6 host");
1074
1075 case Q_TCP:
1076 bpf_error("'tcp' modifier applied to host");
1077
1078 case Q_UDP:
1079 bpf_error("'udp' modifier applied to host");
1080
1081 case Q_ICMP:
1082 bpf_error("'icmp' modifier applied to host");
1083
1084 case Q_IGMP:
1085 bpf_error("'igmp' modifier applied to host");
1086
1087 case Q_IGRP:
1088 bpf_error("'igrp' modifier applied to host");
1089
1090 case Q_PIM:
1091 bpf_error("'pim' modifier applied to host");
1092
1093 case Q_ATALK:
1094 bpf_error("ATALK host filtering not implemented");
1095
1096 case Q_DECNET:
1097 bpf_error("'decnet' modifier applied to ip6 host");
1098
1099 case Q_SCA:
1100 bpf_error("SCA host filtering not implemented");
1101
1102 case Q_LAT:
1103 bpf_error("LAT host filtering not implemented");
1104
1105 case Q_MOPDL:
1106 bpf_error("MOPDL host filtering not implemented");
1107
1108 case Q_MOPRC:
1109 bpf_error("MOPRC host filtering not implemented");
1110
1111 case Q_IPV6:
1112 return gen_hostop6(addr, mask, dir, ETHERTYPE_IPV6,
1113 off_nl + 8, off_nl + 24);
1114
1115 case Q_ICMPV6:
1116 bpf_error("'icmp6' modifier applied to host");
1117
1118 case Q_AH:
1119 bpf_error("'ah' modifier applied to host");
1120
1121 case Q_ESP:
1122 bpf_error("'esp' modifier applied to host");
1123
1124 default:
1125 abort();
1126 }
1127 /* NOTREACHED */
1128 }
1129 #endif /*INET6*/
1130
1131 #ifndef INET6
1132 static struct block *
1133 gen_gateway(eaddr, alist, proto, dir)
1134 const u_char *eaddr;
1135 bpf_u_int32 **alist;
1136 int proto;
1137 int dir;
1138 {
1139 struct block *b0, *b1, *tmp;
1140
1141 if (dir != 0)
1142 bpf_error("direction applied to 'gateway'");
1143
1144 switch (proto) {
1145 case Q_DEFAULT:
1146 case Q_IP:
1147 case Q_ARP:
1148 case Q_RARP:
1149 if (linktype == DLT_EN10MB)
1150 b0 = gen_ehostop(eaddr, Q_OR);
1151 else if (linktype == DLT_FDDI)
1152 b0 = gen_fhostop(eaddr, Q_OR);
1153 else
1154 bpf_error(
1155 "'gateway' supported only on ethernet or FDDI");
1156
1157 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1158 while (*alist) {
1159 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1160 gen_or(b1, tmp);
1161 b1 = tmp;
1162 }
1163 gen_not(b1);
1164 gen_and(b0, b1);
1165 return b1;
1166 }
1167 bpf_error("illegal modifier of 'gateway'");
1168 /* NOTREACHED */
1169 }
1170 #endif
1171
1172 struct block *
1173 gen_proto_abbrev(proto)
1174 int proto;
1175 {
1176 #ifdef INET6
1177 struct block *b0;
1178 #endif
1179 struct block *b1;
1180
1181 switch (proto) {
1182
1183 case Q_TCP:
1184 b1 = gen_proto(IPPROTO_TCP, Q_IP, Q_DEFAULT);
1185 #ifdef INET6
1186 b0 = gen_proto(IPPROTO_TCP, Q_IPV6, Q_DEFAULT);
1187 gen_or(b0, b1);
1188 #endif
1189 break;
1190
1191 case Q_UDP:
1192 b1 = gen_proto(IPPROTO_UDP, Q_IP, Q_DEFAULT);
1193 #ifdef INET6
1194 b0 = gen_proto(IPPROTO_UDP, Q_IPV6, Q_DEFAULT);
1195 gen_or(b0, b1);
1196 #endif
1197 break;
1198
1199 case Q_ICMP:
1200 b1 = gen_proto(IPPROTO_ICMP, Q_IP, Q_DEFAULT);
1201 break;
1202
1203 #ifndef IPPROTO_IGMP
1204 #define IPPROTO_IGMP 2
1205 #endif
1206
1207 case Q_IGMP:
1208 b1 = gen_proto(IPPROTO_IGMP, Q_IP, Q_DEFAULT);
1209 break;
1210
1211 #ifndef IPPROTO_IGRP
1212 #define IPPROTO_IGRP 9
1213 #endif
1214 case Q_IGRP:
1215 b1 = gen_proto(IPPROTO_IGRP, Q_IP, Q_DEFAULT);
1216 break;
1217
1218 #ifndef IPPROTO_PIM
1219 #define IPPROTO_PIM 103
1220 #endif
1221
1222 case Q_PIM:
1223 b1 = gen_proto(IPPROTO_PIM, Q_IP, Q_DEFAULT);
1224 #ifdef INET6
1225 b0 = gen_proto(IPPROTO_PIM, Q_IPV6, Q_DEFAULT);
1226 gen_or(b0, b1);
1227 #endif
1228 break;
1229
1230 case Q_IP:
1231 b1 = gen_linktype(ETHERTYPE_IP);
1232 break;
1233
1234 case Q_ARP:
1235 b1 = gen_linktype(ETHERTYPE_ARP);
1236 break;
1237
1238 case Q_RARP:
1239 b1 = gen_linktype(ETHERTYPE_REVARP);
1240 break;
1241
1242 case Q_LINK:
1243 bpf_error("link layer applied in wrong context");
1244
1245 case Q_ATALK:
1246 b1 = gen_linktype(ETHERTYPE_ATALK);
1247 break;
1248
1249 case Q_DECNET:
1250 b1 = gen_linktype(ETHERTYPE_DN);
1251 break;
1252
1253 case Q_SCA:
1254 b1 = gen_linktype(ETHERTYPE_SCA);
1255 break;
1256
1257 case Q_LAT:
1258 b1 = gen_linktype(ETHERTYPE_LAT);
1259 break;
1260
1261 case Q_MOPDL:
1262 b1 = gen_linktype(ETHERTYPE_MOPDL);
1263 break;
1264
1265 case Q_MOPRC:
1266 b1 = gen_linktype(ETHERTYPE_MOPRC);
1267 break;
1268
1269 #ifdef INET6
1270 case Q_IPV6:
1271 b1 = gen_linktype(ETHERTYPE_IPV6);
1272 break;
1273
1274 #ifndef IPPROTO_ICMPV6
1275 #define IPPROTO_ICMPV6 58
1276 #endif
1277 case Q_ICMPV6:
1278 b1 = gen_proto(IPPROTO_ICMPV6, Q_IPV6, Q_DEFAULT);
1279 break;
1280 #endif /* INET6 */
1281
1282 #ifndef IPPROTO_AH
1283 #define IPPROTO_AH 51
1284 #endif
1285 case Q_AH:
1286 b1 = gen_proto(IPPROTO_AH, Q_IP, Q_DEFAULT);
1287 #ifdef INET6
1288 b0 = gen_proto(IPPROTO_AH, Q_IPV6, Q_DEFAULT);
1289 gen_or(b0, b1);
1290 #endif
1291 break;
1292
1293 #ifndef IPPROTO_ESP
1294 #define IPPROTO_ESP 50
1295 #endif
1296 case Q_ESP:
1297 b1 = gen_proto(IPPROTO_ESP, Q_IP, Q_DEFAULT);
1298 #ifdef INET6
1299 b0 = gen_proto(IPPROTO_ESP, Q_IPV6, Q_DEFAULT);
1300 gen_or(b0, b1);
1301 #endif
1302 break;
1303
1304 default:
1305 abort();
1306 }
1307 return b1;
1308 }
1309
1310 static struct block *
1311 gen_ipfrag()
1312 {
1313 struct slist *s;
1314 struct block *b;
1315
1316 /* not ip frag */
1317 s = new_stmt(BPF_LD|BPF_H|BPF_ABS);
1318 s->s.k = off_nl + 6;
1319 b = new_block(JMP(BPF_JSET));
1320 b->s.k = 0x1fff;
1321 b->stmts = s;
1322 gen_not(b);
1323
1324 return b;
1325 }
1326
1327 static struct block *
1328 gen_portatom(off, v)
1329 int off;
1330 bpf_int32 v;
1331 {
1332 struct slist *s;
1333 struct block *b;
1334
1335 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1336 s->s.k = off_nl;
1337
1338 s->next = new_stmt(BPF_LD|BPF_IND|BPF_H);
1339 s->next->s.k = off_nl + off;
1340
1341 b = new_block(JMP(BPF_JEQ));
1342 b->stmts = s;
1343 b->s.k = v;
1344
1345 return b;
1346 }
1347
1348 #ifdef INET6
1349 static struct block *
1350 gen_portatom6(off, v)
1351 int off;
1352 bpf_int32 v;
1353 {
1354 return gen_cmp(off_nl + 40 + off, BPF_H, v);
1355 }
1356 #endif/*INET6*/
1357
1358 struct block *
1359 gen_portop(port, proto, dir)
1360 int port, proto, dir;
1361 {
1362 struct block *b0, *b1, *tmp;
1363
1364 /* ip proto 'proto' */
1365 tmp = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)proto);
1366 b0 = gen_ipfrag();
1367 gen_and(tmp, b0);
1368
1369 switch (dir) {
1370 case Q_SRC:
1371 b1 = gen_portatom(0, (bpf_int32)port);
1372 break;
1373
1374 case Q_DST:
1375 b1 = gen_portatom(2, (bpf_int32)port);
1376 break;
1377
1378 case Q_OR:
1379 case Q_DEFAULT:
1380 tmp = gen_portatom(0, (bpf_int32)port);
1381 b1 = gen_portatom(2, (bpf_int32)port);
1382 gen_or(tmp, b1);
1383 break;
1384
1385 case Q_AND:
1386 tmp = gen_portatom(0, (bpf_int32)port);
1387 b1 = gen_portatom(2, (bpf_int32)port);
1388 gen_and(tmp, b1);
1389 break;
1390
1391 default:
1392 abort();
1393 }
1394 gen_and(b0, b1);
1395
1396 return b1;
1397 }
1398
1399 static struct block *
1400 gen_port(port, ip_proto, dir)
1401 int port;
1402 int ip_proto;
1403 int dir;
1404 {
1405 struct block *b0, *b1, *tmp;
1406
1407 /* ether proto ip */
1408 b0 = gen_linktype(ETHERTYPE_IP);
1409
1410 switch (ip_proto) {
1411 case IPPROTO_UDP:
1412 case IPPROTO_TCP:
1413 b1 = gen_portop(port, ip_proto, dir);
1414 break;
1415
1416 case PROTO_UNDEF:
1417 tmp = gen_portop(port, IPPROTO_TCP, dir);
1418 b1 = gen_portop(port, IPPROTO_UDP, dir);
1419 gen_or(tmp, b1);
1420 break;
1421
1422 default:
1423 abort();
1424 }
1425 gen_and(b0, b1);
1426 return b1;
1427 }
1428
1429 #ifdef INET6
1430 struct block *
1431 gen_portop6(port, proto, dir)
1432 int port, proto, dir;
1433 {
1434 struct block *b0, *b1, *tmp;
1435
1436 /* ip proto 'proto' */
1437 b0 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)proto);
1438
1439 switch (dir) {
1440 case Q_SRC:
1441 b1 = gen_portatom6(0, (bpf_int32)port);
1442 break;
1443
1444 case Q_DST:
1445 b1 = gen_portatom6(2, (bpf_int32)port);
1446 break;
1447
1448 case Q_OR:
1449 case Q_DEFAULT:
1450 tmp = gen_portatom6(0, (bpf_int32)port);
1451 b1 = gen_portatom6(2, (bpf_int32)port);
1452 gen_or(tmp, b1);
1453 break;
1454
1455 case Q_AND:
1456 tmp = gen_portatom6(0, (bpf_int32)port);
1457 b1 = gen_portatom6(2, (bpf_int32)port);
1458 gen_and(tmp, b1);
1459 break;
1460
1461 default:
1462 abort();
1463 }
1464 gen_and(b0, b1);
1465
1466 return b1;
1467 }
1468
1469 static struct block *
1470 gen_port6(port, ip_proto, dir)
1471 int port;
1472 int ip_proto;
1473 int dir;
1474 {
1475 struct block *b0, *b1, *tmp;
1476
1477 /* ether proto ip */
1478 b0 = gen_linktype(ETHERTYPE_IPV6);
1479
1480 switch (ip_proto) {
1481 case IPPROTO_UDP:
1482 case IPPROTO_TCP:
1483 b1 = gen_portop6(port, ip_proto, dir);
1484 break;
1485
1486 case PROTO_UNDEF:
1487 tmp = gen_portop6(port, IPPROTO_TCP, dir);
1488 b1 = gen_portop6(port, IPPROTO_UDP, dir);
1489 gen_or(tmp, b1);
1490 break;
1491
1492 default:
1493 abort();
1494 }
1495 gen_and(b0, b1);
1496 return b1;
1497 }
1498 #endif /* INET6 */
1499
1500 static int
1501 lookup_proto(name, proto)
1502 register const char *name;
1503 register int proto;
1504 {
1505 register int v;
1506
1507 switch (proto) {
1508
1509 case Q_DEFAULT:
1510 case Q_IP:
1511 v = pcap_nametoproto(name);
1512 if (v == PROTO_UNDEF)
1513 bpf_error("unknown ip proto '%s'", name);
1514 break;
1515
1516 case Q_LINK:
1517 /* XXX should look up h/w protocol type based on linktype */
1518 v = pcap_nametoeproto(name);
1519 if (v == PROTO_UNDEF)
1520 bpf_error("unknown ether proto '%s'", name);
1521 break;
1522
1523 default:
1524 v = PROTO_UNDEF;
1525 break;
1526 }
1527 return v;
1528 }
1529
1530 #if 0
1531 struct stmt *
1532 gen_joinsp(s, n)
1533 struct stmt **s;
1534 int n;
1535 {
1536 return NULL;
1537 }
1538 #endif
1539
1540 struct block *
1541 gen_protochain(v, proto, dir)
1542 int v;
1543 int proto;
1544 int dir;
1545 {
1546 #ifdef NO_PROTOCHAIN
1547 return gen_proto(v, proto, dir);
1548 #else
1549 struct block *b0, *b;
1550 struct slist *s[100];
1551 int fix2, fix3, fix4, fix5;
1552 int ahcheck, again, end;
1553 int i, max;
1554 int reg1 = alloc_reg();
1555 int reg2 = alloc_reg();
1556
1557 memset(s, 0, sizeof(s));
1558 fix2 = fix3 = fix4 = fix5 = 0;
1559
1560 switch (proto) {
1561 case Q_IP:
1562 case Q_IPV6:
1563 break;
1564 case Q_DEFAULT:
1565 b0 = gen_protochain(v, Q_IP, dir);
1566 b = gen_protochain(v, Q_IPV6, dir);
1567 gen_or(b0, b);
1568 return b;
1569 default:
1570 bpf_error("bad protocol applied for 'protochain'");
1571 /*NOTREACHED*/
1572 }
1573
1574 no_optimize = 1; /*this code is not compatible with optimzer yet */
1575
1576 /*
1577 * s[0] is a dummy entry to protect other BPF insn from damaged
1578 * by s[fix] = foo with uninitialized variable "fix". It is somewhat
1579 * hard to find interdependency made by jump table fixup.
1580 */
1581 i = 0;
1582 s[i] = new_stmt(0); /*dummy*/
1583 i++;
1584
1585 switch (proto) {
1586 case Q_IP:
1587 b0 = gen_linktype(ETHERTYPE_IP);
1588
1589 /* A = ip->ip_p */
1590 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1591 s[i]->s.k = off_nl + 9;
1592 i++;
1593 /* X = ip->ip_hl << 2 */
1594 s[i] = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1595 s[i]->s.k = off_nl;
1596 i++;
1597 break;
1598 #ifdef INET6
1599 case Q_IPV6:
1600 b0 = gen_linktype(ETHERTYPE_IPV6);
1601
1602 /* A = ip6->ip_nxt */
1603 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1604 s[i]->s.k = off_nl + 6;
1605 i++;
1606 /* X = sizeof(struct ip6_hdr) */
1607 s[i] = new_stmt(BPF_LDX|BPF_IMM);
1608 s[i]->s.k = 40;
1609 i++;
1610 break;
1611 #endif
1612 default:
1613 bpf_error("unsupported proto to gen_protochain");
1614 /*NOTREACHED*/
1615 }
1616
1617 /* again: if (A == v) goto end; else fall through; */
1618 again = i;
1619 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1620 s[i]->s.k = v;
1621 s[i]->s.jt = NULL; /*later*/
1622 s[i]->s.jf = NULL; /*update in next stmt*/
1623 fix5 = i;
1624 i++;
1625
1626 #ifndef IPPROTO_NONE
1627 #define IPPROTO_NONE 59
1628 #endif
1629 /* if (A == IPPROTO_NONE) goto end */
1630 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1631 s[i]->s.jt = NULL; /*later*/
1632 s[i]->s.jf = NULL; /*update in next stmt*/
1633 s[i]->s.k = IPPROTO_NONE;
1634 s[fix5]->s.jf = s[i];
1635 fix2 = i;
1636 i++;
1637
1638 #ifdef INET6
1639 if (proto == Q_IPV6) {
1640 int v6start, v6end, v6advance, j;
1641
1642 v6start = i;
1643 /* if (A == IPPROTO_HOPOPTS) goto v6advance */
1644 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1645 s[i]->s.jt = NULL; /*later*/
1646 s[i]->s.jf = NULL; /*update in next stmt*/
1647 s[i]->s.k = IPPROTO_HOPOPTS;
1648 s[fix2]->s.jf = s[i];
1649 i++;
1650 /* if (A == IPPROTO_DSTOPTS) goto v6advance */
1651 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1652 s[i]->s.jt = NULL; /*later*/
1653 s[i]->s.jf = NULL; /*update in next stmt*/
1654 s[i]->s.k = IPPROTO_DSTOPTS;
1655 i++;
1656 /* if (A == IPPROTO_ROUTING) goto v6advance */
1657 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1658 s[i]->s.jt = NULL; /*later*/
1659 s[i]->s.jf = NULL; /*update in next stmt*/
1660 s[i]->s.k = IPPROTO_ROUTING;
1661 i++;
1662 /* if (A == IPPROTO_FRAGMENT) goto v6advance; else goto ahcheck; */
1663 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1664 s[i]->s.jt = NULL; /*later*/
1665 s[i]->s.jf = NULL; /*later*/
1666 s[i]->s.k = IPPROTO_FRAGMENT;
1667 fix3 = i;
1668 v6end = i;
1669 i++;
1670
1671 /* v6advance: */
1672 v6advance = i;
1673
1674 /*
1675 * in short,
1676 * A = P[X + 1];
1677 * X = X + (P[X] + 1) * 8;
1678 */
1679 /* A = X */
1680 s[i] = new_stmt(BPF_MISC|BPF_TXA);
1681 i++;
1682 /* MEM[reg1] = A */
1683 s[i] = new_stmt(BPF_ST);
1684 s[i]->s.k = reg1;
1685 i++;
1686 /* A += 1 */
1687 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1688 s[i]->s.k = 1;
1689 i++;
1690 /* X = A */
1691 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1692 i++;
1693 /* A = P[X + packet head]; */
1694 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1695 s[i]->s.k = off_nl;
1696 i++;
1697 /* MEM[reg2] = A */
1698 s[i] = new_stmt(BPF_ST);
1699 s[i]->s.k = reg2;
1700 i++;
1701 /* X = MEM[reg1] */
1702 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1703 s[i]->s.k = reg1;
1704 i++;
1705 /* A = P[X + packet head] */
1706 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1707 s[i]->s.k = off_nl;
1708 i++;
1709 /* A += 1 */
1710 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1711 s[i]->s.k = 1;
1712 i++;
1713 /* A *= 8 */
1714 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1715 s[i]->s.k = 8;
1716 i++;
1717 /* X = A; */
1718 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1719 i++;
1720 /* A = MEM[reg2] */
1721 s[i] = new_stmt(BPF_LD|BPF_MEM);
1722 s[i]->s.k = reg2;
1723 i++;
1724
1725 /* goto again; (must use BPF_JA for backward jump) */
1726 s[i] = new_stmt(BPF_JMP|BPF_JA);
1727 s[i]->s.k = again - i - 1;
1728 s[i - 1]->s.jf = s[i];
1729 i++;
1730
1731 /* fixup */
1732 for (j = v6start; j <= v6end; j++)
1733 s[j]->s.jt = s[v6advance];
1734 } else
1735 #endif
1736 {
1737 /* nop */
1738 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1739 s[i]->s.k = 0;
1740 s[fix2]->s.jf = s[i];
1741 i++;
1742 }
1743
1744 /* ahcheck: */
1745 ahcheck = i;
1746 /* if (A == IPPROTO_AH) then fall through; else goto end; */
1747 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1748 s[i]->s.jt = NULL; /*later*/
1749 s[i]->s.jf = NULL; /*later*/
1750 s[i]->s.k = IPPROTO_AH;
1751 if (fix3)
1752 s[fix3]->s.jf = s[ahcheck];
1753 fix4 = i;
1754 i++;
1755
1756 /*
1757 * in short,
1758 * A = P[X + 1];
1759 * X = X + (P[X] + 2) * 4;
1760 */
1761 /* A = X */
1762 s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC|BPF_TXA);
1763 i++;
1764 /* MEM[reg1] = A */
1765 s[i] = new_stmt(BPF_ST);
1766 s[i]->s.k = reg1;
1767 i++;
1768 /* A += 1 */
1769 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1770 s[i]->s.k = 1;
1771 i++;
1772 /* X = A */
1773 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1774 i++;
1775 /* A = P[X + packet head]; */
1776 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1777 s[i]->s.k = off_nl;
1778 i++;
1779 /* MEM[reg2] = A */
1780 s[i] = new_stmt(BPF_ST);
1781 s[i]->s.k = reg2;
1782 i++;
1783 /* X = MEM[reg1] */
1784 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1785 s[i]->s.k = reg1;
1786 i++;
1787 /* A = P[X + packet head] */
1788 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1789 s[i]->s.k = off_nl;
1790 i++;
1791 /* A += 2 */
1792 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1793 s[i]->s.k = 2;
1794 i++;
1795 /* A *= 4 */
1796 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1797 s[i]->s.k = 4;
1798 i++;
1799 /* X = A; */
1800 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1801 i++;
1802 /* A = MEM[reg2] */
1803 s[i] = new_stmt(BPF_LD|BPF_MEM);
1804 s[i]->s.k = reg2;
1805 i++;
1806
1807 /* goto again; (must use BPF_JA for backward jump) */
1808 s[i] = new_stmt(BPF_JMP|BPF_JA);
1809 s[i]->s.k = again - i - 1;
1810 i++;
1811
1812 /* end: nop */
1813 end = i;
1814 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1815 s[i]->s.k = 0;
1816 s[fix2]->s.jt = s[end];
1817 s[fix4]->s.jf = s[end];
1818 s[fix5]->s.jt = s[end];
1819 i++;
1820
1821 /*
1822 * make slist chain
1823 */
1824 max = i;
1825 for (i = 0; i < max - 1; i++)
1826 s[i]->next = s[i + 1];
1827 s[max - 1]->next = NULL;
1828
1829 /*
1830 * emit final check
1831 */
1832 b = new_block(JMP(BPF_JEQ));
1833 b->stmts = s[1]; /*remember, s[0] is dummy*/
1834 b->s.k = v;
1835
1836 free_reg(reg1);
1837 free_reg(reg2);
1838
1839 gen_and(b0, b);
1840 return b;
1841 #endif
1842 }
1843
1844 static struct block *
1845 gen_proto(v, proto, dir)
1846 int v;
1847 int proto;
1848 int dir;
1849 {
1850 struct block *b0, *b1;
1851
1852 if (dir != Q_DEFAULT)
1853 bpf_error("direction applied to 'proto'");
1854
1855 switch (proto) {
1856 case Q_DEFAULT:
1857 #ifdef INET6
1858 b0 = gen_proto(v, Q_IP, dir);
1859 b1 = gen_proto(v, Q_IPV6, dir);
1860 gen_or(b0, b1);
1861 return b1;
1862 #else
1863 /*FALLTHROUGH*/
1864 #endif
1865 case Q_IP:
1866 b0 = gen_linktype(ETHERTYPE_IP);
1867 #ifndef CHASE_CHAIN
1868 b1 = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)v);
1869 #else
1870 b1 = gen_protochain(v, Q_IP);
1871 #endif
1872 gen_and(b0, b1);
1873 return b1;
1874
1875 case Q_ARP:
1876 bpf_error("arp does not encapsulate another protocol");
1877 /* NOTREACHED */
1878
1879 case Q_RARP:
1880 bpf_error("rarp does not encapsulate another protocol");
1881 /* NOTREACHED */
1882
1883 case Q_ATALK:
1884 bpf_error("atalk encapsulation is not specifiable");
1885 /* NOTREACHED */
1886
1887 case Q_DECNET:
1888 bpf_error("decnet encapsulation is not specifiable");
1889 /* NOTREACHED */
1890
1891 case Q_SCA:
1892 bpf_error("sca does not encapsulate another protocol");
1893 /* NOTREACHED */
1894
1895 case Q_LAT:
1896 bpf_error("lat does not encapsulate another protocol");
1897 /* NOTREACHED */
1898
1899 case Q_MOPRC:
1900 bpf_error("moprc does not encapsulate another protocol");
1901 /* NOTREACHED */
1902
1903 case Q_MOPDL:
1904 bpf_error("mopdl does not encapsulate another protocol");
1905 /* NOTREACHED */
1906
1907 case Q_LINK:
1908 return gen_linktype(v);
1909
1910 case Q_UDP:
1911 bpf_error("'udp proto' is bogus");
1912 /* NOTREACHED */
1913
1914 case Q_TCP:
1915 bpf_error("'tcp proto' is bogus");
1916 /* NOTREACHED */
1917
1918 case Q_ICMP:
1919 bpf_error("'icmp proto' is bogus");
1920 /* NOTREACHED */
1921
1922 case Q_IGMP:
1923 bpf_error("'igmp proto' is bogus");
1924 /* NOTREACHED */
1925
1926 case Q_IGRP:
1927 bpf_error("'igrp proto' is bogus");
1928 /* NOTREACHED */
1929
1930 case Q_PIM:
1931 bpf_error("'pim proto' is bogus");
1932 /* NOTREACHED */
1933
1934 #ifdef INET6
1935 case Q_IPV6:
1936 b0 = gen_linktype(ETHERTYPE_IPV6);
1937 #ifndef CHASE_CHAIN
1938 b1 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)v);
1939 #else
1940 b1 = gen_protochain(v, Q_IPV6);
1941 #endif
1942 gen_and(b0, b1);
1943 return b1;
1944
1945 case Q_ICMPV6:
1946 bpf_error("'icmp6 proto' is bogus");
1947 #endif /* INET6 */
1948
1949 case Q_AH:
1950 bpf_error("'ah proto' is bogus");
1951
1952 case Q_ESP:
1953 bpf_error("'ah proto' is bogus");
1954
1955 default:
1956 abort();
1957 /* NOTREACHED */
1958 }
1959 /* NOTREACHED */
1960 }
1961
1962 struct block *
1963 gen_scode(name, q)
1964 register const char *name;
1965 struct qual q;
1966 {
1967 int proto = q.proto;
1968 int dir = q.dir;
1969 int tproto;
1970 u_char *eaddr;
1971 bpf_u_int32 mask, addr;
1972 #ifndef INET6
1973 bpf_u_int32 **alist;
1974 #else
1975 int tproto6;
1976 struct sockaddr_in *sin;
1977 struct sockaddr_in6 *sin6;
1978 struct addrinfo *res, *res0;
1979 struct in6_addr mask128;
1980 #endif /*INET6*/
1981 struct block *b, *tmp;
1982 int port, real_proto;
1983
1984 switch (q.addr) {
1985
1986 case Q_NET:
1987 addr = pcap_nametonetaddr(name);
1988 if (addr == 0)
1989 bpf_error("unknown network '%s'", name);
1990 /* Left justify network addr and calculate its network mask */
1991 mask = 0xffffffff;
1992 while (addr && (addr & 0xff000000) == 0) {
1993 addr <<= 8;
1994 mask <<= 8;
1995 }
1996 return gen_host(addr, mask, proto, dir);
1997
1998 case Q_DEFAULT:
1999 case Q_HOST:
2000 if (proto == Q_LINK) {
2001 switch (linktype) {
2002
2003 case DLT_EN10MB:
2004 eaddr = pcap_ether_hostton(name);
2005 if (eaddr == NULL)
2006 bpf_error(
2007 "unknown ether host '%s'", name);
2008 return gen_ehostop(eaddr, dir);
2009
2010 case DLT_FDDI:
2011 eaddr = pcap_ether_hostton(name);
2012 if (eaddr == NULL)
2013 bpf_error(
2014 "unknown FDDI host '%s'", name);
2015 return gen_fhostop(eaddr, dir);
2016
2017 default:
2018 bpf_error(
2019 "only ethernet/FDDI supports link-level host name");
2020 break;
2021 }
2022 } else if (proto == Q_DECNET) {
2023 unsigned short dn_addr = __pcap_nametodnaddr(name);
2024 /*
2025 * I don't think DECNET hosts can be multihomed, so
2026 * there is no need to build up a list of addresses
2027 */
2028 return (gen_host(dn_addr, 0, proto, dir));
2029 } else {
2030 #ifndef INET6
2031 alist = pcap_nametoaddr(name);
2032 if (alist == NULL || *alist == NULL)
2033 bpf_error("unknown host '%s'", name);
2034 tproto = proto;
2035 if (off_linktype == -1 && tproto == Q_DEFAULT)
2036 tproto = Q_IP;
2037 b = gen_host(**alist++, 0xffffffff, tproto, dir);
2038 while (*alist) {
2039 tmp = gen_host(**alist++, 0xffffffff,
2040 tproto, dir);
2041 gen_or(b, tmp);
2042 b = tmp;
2043 }
2044 return b;
2045 #else
2046 memset(&mask128, 0xff, sizeof(mask128));
2047 res0 = res = pcap_nametoaddrinfo(name);
2048 if (res == NULL)
2049 bpf_error("unknown host '%s'", name);
2050 b = tmp = NULL;
2051 tproto = tproto6 = proto;
2052 if (off_linktype == -1 && tproto == Q_DEFAULT) {
2053 tproto = Q_IP;
2054 tproto6 = Q_IPV6;
2055 }
2056 for (res = res0; res; res = res->ai_next) {
2057 switch (res->ai_family) {
2058 case AF_INET:
2059 if (tproto == Q_IPV6)
2060 continue;
2061
2062 sin = (struct sockaddr_in *)
2063 res->ai_addr;
2064 tmp = gen_host(ntohl(sin->sin_addr.s_addr),
2065 0xffffffff, tproto, dir);
2066 break;
2067 case AF_INET6:
2068 if (tproto6 == Q_IP)
2069 continue;
2070
2071 sin6 = (struct sockaddr_in6 *)
2072 res->ai_addr;
2073 tmp = gen_host6(&sin6->sin6_addr,
2074 &mask128, tproto6, dir);
2075 break;
2076 }
2077 if (b)
2078 gen_or(b, tmp);
2079 b = tmp;
2080 }
2081 freeaddrinfo(res0);
2082 if (b == NULL) {
2083 bpf_error("unknown host '%s'%s", name,
2084 (proto == Q_DEFAULT)
2085 ? ""
2086 : " for specified address family");
2087 }
2088 return b;
2089 #endif /*INET6*/
2090 }
2091
2092 case Q_PORT:
2093 if (proto != Q_DEFAULT && proto != Q_UDP && proto != Q_TCP)
2094 bpf_error("illegal qualifier of 'port'");
2095 if (pcap_nametoport(name, &port, &real_proto) == 0)
2096 bpf_error("unknown port '%s'", name);
2097 if (proto == Q_UDP) {
2098 if (real_proto == IPPROTO_TCP)
2099 bpf_error("port '%s' is tcp", name);
2100 else
2101 /* override PROTO_UNDEF */
2102 real_proto = IPPROTO_UDP;
2103 }
2104 if (proto == Q_TCP) {
2105 if (real_proto == IPPROTO_UDP)
2106 bpf_error("port '%s' is udp", name);
2107 else
2108 /* override PROTO_UNDEF */
2109 real_proto = IPPROTO_TCP;
2110 }
2111 #ifndef INET6
2112 return gen_port(port, real_proto, dir);
2113 #else
2114 {
2115 struct block *b;
2116 b = gen_port(port, real_proto, dir);
2117 gen_or(gen_port6(port, real_proto, dir), b);
2118 return b;
2119 }
2120 #endif /* INET6 */
2121
2122 case Q_GATEWAY:
2123 #ifndef INET6
2124 eaddr = pcap_ether_hostton(name);
2125 if (eaddr == NULL)
2126 bpf_error("unknown ether host: %s", name);
2127
2128 alist = pcap_nametoaddr(name);
2129 if (alist == NULL || *alist == NULL)
2130 bpf_error("unknown host '%s'", name);
2131 return gen_gateway(eaddr, alist, proto, dir);
2132 #else
2133 bpf_error("'gateway' not supported in this configuration");
2134 #endif /*INET6*/
2135
2136 case Q_PROTO:
2137 real_proto = lookup_proto(name, proto);
2138 if (real_proto >= 0)
2139 return gen_proto(real_proto, proto, dir);
2140 else
2141 bpf_error("unknown protocol: %s", name);
2142
2143 case Q_PROTOCHAIN:
2144 real_proto = lookup_proto(name, proto);
2145 if (real_proto >= 0)
2146 return gen_protochain(real_proto, proto, dir);
2147 else
2148 bpf_error("unknown protocol: %s", name);
2149
2150
2151 case Q_UNDEF:
2152 syntax();
2153 /* NOTREACHED */
2154 }
2155 abort();
2156 /* NOTREACHED */
2157 }
2158
2159 struct block *
2160 gen_mcode(s1, s2, masklen, q)
2161 register const char *s1, *s2;
2162 register int masklen;
2163 struct qual q;
2164 {
2165 register int nlen, mlen;
2166 bpf_u_int32 n, m;
2167
2168 nlen = __pcap_atoin(s1, &n);
2169 /* Promote short ipaddr */
2170 n <<= 32 - nlen;
2171
2172 if (s2 != NULL) {
2173 mlen = __pcap_atoin(s2, &m);
2174 /* Promote short ipaddr */
2175 m <<= 32 - mlen;
2176 if ((n & ~m) != 0)
2177 bpf_error("non-network bits set in \"%s mask %s\"",
2178 s1, s2);
2179 } else {
2180 /* Convert mask len to mask */
2181 if (masklen > 32)
2182 bpf_error("mask length must be <= 32");
2183 m = 0xffffffff << (32 - masklen);
2184 if ((n & ~m) != 0)
2185 bpf_error("non-network bits set in \"%s/%d\"",
2186 s1, masklen);
2187 }
2188
2189 switch (q.addr) {
2190
2191 case Q_NET:
2192 return gen_host(n, m, q.proto, q.dir);
2193
2194 default:
2195 bpf_error("Mask syntax for networks only");
2196 /* NOTREACHED */
2197 }
2198 }
2199
2200 struct block *
2201 gen_ncode(s, v, q)
2202 register const char *s;
2203 bpf_u_int32 v;
2204 struct qual q;
2205 {
2206 bpf_u_int32 mask;
2207 int proto = q.proto;
2208 int dir = q.dir;
2209 register int vlen;
2210
2211 if (s == NULL)
2212 vlen = 32;
2213 else if (q.proto == Q_DECNET)
2214 vlen = __pcap_atodn(s, &v);
2215 else
2216 vlen = __pcap_atoin(s, &v);
2217
2218 switch (q.addr) {
2219
2220 case Q_DEFAULT:
2221 case Q_HOST:
2222 case Q_NET:
2223 if (proto == Q_DECNET)
2224 return gen_host(v, 0, proto, dir);
2225 else if (proto == Q_LINK) {
2226 bpf_error("illegal link layer address");
2227 } else {
2228 mask = 0xffffffff;
2229 if (s == NULL && q.addr == Q_NET) {
2230 /* Promote short net number */
2231 while (v && (v & 0xff000000) == 0) {
2232 v <<= 8;
2233 mask <<= 8;
2234 }
2235 } else {
2236 /* Promote short ipaddr */
2237 v <<= 32 - vlen;
2238 mask <<= 32 - vlen;
2239 }
2240 return gen_host(v, mask, proto, dir);
2241 }
2242
2243 case Q_PORT:
2244 if (proto == Q_UDP)
2245 proto = IPPROTO_UDP;
2246 else if (proto == Q_TCP)
2247 proto = IPPROTO_TCP;
2248 else if (proto == Q_DEFAULT)
2249 proto = PROTO_UNDEF;
2250 else
2251 bpf_error("illegal qualifier of 'port'");
2252
2253 #ifndef INET6
2254 return gen_port((int)v, proto, dir);
2255 #else
2256 {
2257 struct block *b;
2258 b = gen_port((int)v, proto, dir);
2259 gen_or(gen_port6((int)v, proto, dir), b);
2260 return b;
2261 }
2262 #endif /* INET6 */
2263
2264 case Q_GATEWAY:
2265 bpf_error("'gateway' requires a name");
2266 /* NOTREACHED */
2267
2268 case Q_PROTO:
2269 return gen_proto((int)v, proto, dir);
2270
2271 case Q_PROTOCHAIN:
2272 return gen_protochain((int)v, proto, dir);
2273
2274 case Q_UNDEF:
2275 syntax();
2276 /* NOTREACHED */
2277
2278 default:
2279 abort();
2280 /* NOTREACHED */
2281 }
2282 /* NOTREACHED */
2283 }
2284
2285 #ifdef INET6
2286 struct block *
2287 gen_mcode6(s1, s2, masklen, q)
2288 register const char *s1, *s2;
2289 register int masklen;
2290 struct qual q;
2291 {
2292 struct addrinfo *res;
2293 struct in6_addr *addr;
2294 struct in6_addr mask;
2295 struct block *b;
2296 u_int32_t *a, *m;
2297
2298 if (s2)
2299 bpf_error("no mask %s supported", s2);
2300
2301 res = pcap_nametoaddrinfo(s1);
2302 if (!res)
2303 bpf_error("invalid ip6 address %s", s1);
2304 if (res->ai_next)
2305 bpf_error("%s resolved to multiple address", s1);
2306 addr = &((struct sockaddr_in6 *)res->ai_addr)->sin6_addr;
2307
2308 if (sizeof(mask) * 8 < masklen)
2309 bpf_error("mask length must be <= %u", (unsigned int)(sizeof(mask) * 8));
2310 memset(&mask, 0xff, masklen / 8);
2311 if (masklen % 8) {
2312 mask.s6_addr[masklen / 8] =
2313 (0xff << (8 - masklen % 8)) & 0xff;
2314 }
2315
2316 a = (u_int32_t *)addr;
2317 m = (u_int32_t *)&mask;
2318 if ((a[0] & ~m[0]) || (a[1] & ~m[1])
2319 || (a[2] & ~m[2]) || (a[3] & ~m[3])) {
2320 bpf_error("non-network bits set in \"%s/%d\"", s1, masklen);
2321 }
2322
2323 switch (q.addr) {
2324
2325 case Q_DEFAULT:
2326 case Q_HOST:
2327 if (masklen != 128)
2328 bpf_error("Mask syntax for networks only");
2329 /* FALLTHROUGH */
2330
2331 case Q_NET:
2332 b = gen_host6(addr, &mask, q.proto, q.dir);
2333 freeaddrinfo(res);
2334 return b;
2335
2336 default:
2337 bpf_error("invalid qualifier against IPv6 address");
2338 /* NOTREACHED */
2339 }
2340 }
2341 #endif /*INET6*/
2342
2343 struct block *
2344 gen_ecode(eaddr, q)
2345 register const u_char *eaddr;
2346 struct qual q;
2347 {
2348 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) {
2349 if (linktype == DLT_EN10MB)
2350 return gen_ehostop(eaddr, (int)q.dir);
2351 if (linktype == DLT_FDDI)
2352 return gen_fhostop(eaddr, (int)q.dir);
2353 }
2354 bpf_error("ethernet address used in non-ether expression");
2355 /* NOTREACHED */
2356 }
2357
2358 void
2359 sappend(s0, s1)
2360 struct slist *s0, *s1;
2361 {
2362 /*
2363 * This is definitely not the best way to do this, but the
2364 * lists will rarely get long.
2365 */
2366 while (s0->next)
2367 s0 = s0->next;
2368 s0->next = s1;
2369 }
2370
2371 static struct slist *
2372 xfer_to_x(a)
2373 struct arth *a;
2374 {
2375 struct slist *s;
2376
2377 s = new_stmt(BPF_LDX|BPF_MEM);
2378 s->s.k = a->regno;
2379 return s;
2380 }
2381
2382 static struct slist *
2383 xfer_to_a(a)
2384 struct arth *a;
2385 {
2386 struct slist *s;
2387
2388 s = new_stmt(BPF_LD|BPF_MEM);
2389 s->s.k = a->regno;
2390 return s;
2391 }
2392
2393 struct arth *
2394 gen_load(proto, index, size)
2395 int proto;
2396 struct arth *index;
2397 int size;
2398 {
2399 struct slist *s, *tmp;
2400 struct block *b;
2401 int regno = alloc_reg();
2402
2403 free_reg(index->regno);
2404 switch (size) {
2405
2406 default:
2407 bpf_error("data size must be 1, 2, or 4");
2408
2409 case 1:
2410 size = BPF_B;
2411 break;
2412
2413 case 2:
2414 size = BPF_H;
2415 break;
2416
2417 case 4:
2418 size = BPF_W;
2419 break;
2420 }
2421 switch (proto) {
2422 default:
2423 bpf_error("unsupported index operation");
2424
2425 case Q_LINK:
2426 s = xfer_to_x(index);
2427 tmp = new_stmt(BPF_LD|BPF_IND|size);
2428 sappend(s, tmp);
2429 sappend(index->s, s);
2430 break;
2431
2432 case Q_IP:
2433 case Q_ARP:
2434 case Q_RARP:
2435 case Q_ATALK:
2436 case Q_DECNET:
2437 case Q_SCA:
2438 case Q_LAT:
2439 case Q_MOPRC:
2440 case Q_MOPDL:
2441 #ifdef INET6
2442 case Q_IPV6:
2443 #endif
2444 /* XXX Note that we assume a fixed link header here. */
2445 s = xfer_to_x(index);
2446 tmp = new_stmt(BPF_LD|BPF_IND|size);
2447 tmp->s.k = off_nl;
2448 sappend(s, tmp);
2449 sappend(index->s, s);
2450
2451 b = gen_proto_abbrev(proto);
2452 if (index->b)
2453 gen_and(index->b, b);
2454 index->b = b;
2455 break;
2456
2457 case Q_TCP:
2458 case Q_UDP:
2459 case Q_ICMP:
2460 case Q_IGMP:
2461 case Q_IGRP:
2462 case Q_PIM:
2463 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
2464 s->s.k = off_nl;
2465 sappend(s, xfer_to_a(index));
2466 sappend(s, new_stmt(BPF_ALU|BPF_ADD|BPF_X));
2467 sappend(s, new_stmt(BPF_MISC|BPF_TAX));
2468 sappend(s, tmp = new_stmt(BPF_LD|BPF_IND|size));
2469 tmp->s.k = off_nl;
2470 sappend(index->s, s);
2471
2472 gen_and(gen_proto_abbrev(proto), b = gen_ipfrag());
2473 if (index->b)
2474 gen_and(index->b, b);
2475 #ifdef INET6
2476 gen_and(gen_proto_abbrev(Q_IP), b);
2477 #endif
2478 index->b = b;
2479 break;
2480 #ifdef INET6
2481 case Q_ICMPV6:
2482 bpf_error("IPv6 upper-layer protocol is not supported by proto[x]");
2483 /*NOTREACHED*/
2484 #endif
2485 }
2486 index->regno = regno;
2487 s = new_stmt(BPF_ST);
2488 s->s.k = regno;
2489 sappend(index->s, s);
2490
2491 return index;
2492 }
2493
2494 struct block *
2495 gen_relation(code, a0, a1, reversed)
2496 int code;
2497 struct arth *a0, *a1;
2498 int reversed;
2499 {
2500 struct slist *s0, *s1, *s2;
2501 struct block *b, *tmp;
2502
2503 s0 = xfer_to_x(a1);
2504 s1 = xfer_to_a(a0);
2505 s2 = new_stmt(BPF_ALU|BPF_SUB|BPF_X);
2506 b = new_block(JMP(code));
2507 if (code == BPF_JGT || code == BPF_JGE) {
2508 reversed = !reversed;
2509 b->s.k = 0x80000000;
2510 }
2511 if (reversed)
2512 gen_not(b);
2513
2514 sappend(s1, s2);
2515 sappend(s0, s1);
2516 sappend(a1->s, s0);
2517 sappend(a0->s, a1->s);
2518
2519 b->stmts = a0->s;
2520
2521 free_reg(a0->regno);
2522 free_reg(a1->regno);
2523
2524 /* 'and' together protocol checks */
2525 if (a0->b) {
2526 if (a1->b) {
2527 gen_and(a0->b, tmp = a1->b);
2528 }
2529 else
2530 tmp = a0->b;
2531 } else
2532 tmp = a1->b;
2533
2534 if (tmp)
2535 gen_and(tmp, b);
2536
2537 return b;
2538 }
2539
2540 struct arth *
2541 gen_loadlen()
2542 {
2543 int regno = alloc_reg();
2544 struct arth *a = (struct arth *)newchunk(sizeof(*a));
2545 struct slist *s;
2546
2547 s = new_stmt(BPF_LD|BPF_LEN);
2548 s->next = new_stmt(BPF_ST);
2549 s->next->s.k = regno;
2550 a->s = s;
2551 a->regno = regno;
2552
2553 return a;
2554 }
2555
2556 struct arth *
2557 gen_loadi(val)
2558 int val;
2559 {
2560 struct arth *a;
2561 struct slist *s;
2562 int reg;
2563
2564 a = (struct arth *)newchunk(sizeof(*a));
2565
2566 reg = alloc_reg();
2567
2568 s = new_stmt(BPF_LD|BPF_IMM);
2569 s->s.k = val;
2570 s->next = new_stmt(BPF_ST);
2571 s->next->s.k = reg;
2572 a->s = s;
2573 a->regno = reg;
2574
2575 return a;
2576 }
2577
2578 struct arth *
2579 gen_neg(a)
2580 struct arth *a;
2581 {
2582 struct slist *s;
2583
2584 s = xfer_to_a(a);
2585 sappend(a->s, s);
2586 s = new_stmt(BPF_ALU|BPF_NEG);
2587 s->s.k = 0;
2588 sappend(a->s, s);
2589 s = new_stmt(BPF_ST);
2590 s->s.k = a->regno;
2591 sappend(a->s, s);
2592
2593 return a;
2594 }
2595
2596 struct arth *
2597 gen_arth(code, a0, a1)
2598 int code;
2599 struct arth *a0, *a1;
2600 {
2601 struct slist *s0, *s1, *s2;
2602
2603 s0 = xfer_to_x(a1);
2604 s1 = xfer_to_a(a0);
2605 s2 = new_stmt(BPF_ALU|BPF_X|code);
2606
2607 sappend(s1, s2);
2608 sappend(s0, s1);
2609 sappend(a1->s, s0);
2610 sappend(a0->s, a1->s);
2611
2612 free_reg(a1->regno);
2613
2614 s0 = new_stmt(BPF_ST);
2615 a0->regno = s0->s.k = alloc_reg();
2616 sappend(a0->s, s0);
2617
2618 return a0;
2619 }
2620
2621 /*
2622 * Here we handle simple allocation of the scratch registers.
2623 * If too many registers are alloc'd, the allocator punts.
2624 */
2625 static int regused[BPF_MEMWORDS];
2626 static int curreg;
2627
2628 /*
2629 * Return the next free register.
2630 */
2631 static int
2632 alloc_reg()
2633 {
2634 int n = BPF_MEMWORDS;
2635
2636 while (--n >= 0) {
2637 if (regused[curreg])
2638 curreg = (curreg + 1) % BPF_MEMWORDS;
2639 else {
2640 regused[curreg] = 1;
2641 return curreg;
2642 }
2643 }
2644 bpf_error("too many registers needed to evaluate expression");
2645 /* NOTREACHED */
2646 }
2647
2648 /*
2649 * Return a register to the table so it can
2650 * be used later.
2651 */
2652 static void
2653 free_reg(n)
2654 int n;
2655 {
2656 regused[n] = 0;
2657 }
2658
2659 static struct block *
2660 gen_len(jmp, n)
2661 int jmp, n;
2662 {
2663 struct slist *s;
2664 struct block *b;
2665
2666 s = new_stmt(BPF_LD|BPF_LEN);
2667 b = new_block(JMP(jmp));
2668 b->stmts = s;
2669 b->s.k = n;
2670
2671 return b;
2672 }
2673
2674 struct block *
2675 gen_greater(n)
2676 int n;
2677 {
2678 return gen_len(BPF_JGE, n);
2679 }
2680
2681 struct block *
2682 gen_less(n)
2683 int n;
2684 {
2685 struct block *b;
2686
2687 b = gen_len(BPF_JGT, n);
2688 gen_not(b);
2689
2690 return b;
2691 }
2692
2693 struct block *
2694 gen_byteop(op, idx, val)
2695 int op, idx, val;
2696 {
2697 struct block *b;
2698 struct slist *s;
2699
2700 switch (op) {
2701 default:
2702 abort();
2703
2704 case '=':
2705 return gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2706
2707 case '<':
2708 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2709 b->s.code = JMP(BPF_JGE);
2710 gen_not(b);
2711 return b;
2712
2713 case '>':
2714 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2715 b->s.code = JMP(BPF_JGT);
2716 return b;
2717
2718 case '|':
2719 s = new_stmt(BPF_ALU|BPF_OR|BPF_K);
2720 break;
2721
2722 case '&':
2723 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
2724 break;
2725 }
2726 s->s.k = val;
2727 b = new_block(JMP(BPF_JEQ));
2728 b->stmts = s;
2729 gen_not(b);
2730
2731 return b;
2732 }
2733
2734 struct block *
2735 gen_broadcast(proto)
2736 int proto;
2737 {
2738 bpf_u_int32 hostmask;
2739 struct block *b0, *b1, *b2;
2740 static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2741
2742 switch (proto) {
2743
2744 case Q_DEFAULT:
2745 case Q_LINK:
2746 if (linktype == DLT_EN10MB)
2747 return gen_ehostop(ebroadcast, Q_DST);
2748 if (linktype == DLT_FDDI)
2749 return gen_fhostop(ebroadcast, Q_DST);
2750 bpf_error("not a broadcast link");
2751 break;
2752
2753 case Q_IP:
2754 b0 = gen_linktype(ETHERTYPE_IP);
2755 hostmask = ~netmask;
2756 b1 = gen_mcmp(off_nl + 16, BPF_W, (bpf_int32)0, hostmask);
2757 b2 = gen_mcmp(off_nl + 16, BPF_W,
2758 (bpf_int32)(~0 & hostmask), hostmask);
2759 gen_or(b1, b2);
2760 gen_and(b0, b2);
2761 return b2;
2762 }
2763 bpf_error("only ether/ip broadcast filters supported");
2764 }
2765
2766 struct block *
2767 gen_multicast(proto)
2768 int proto;
2769 {
2770 register struct block *b0, *b1;
2771 register struct slist *s;
2772
2773 switch (proto) {
2774
2775 case Q_DEFAULT:
2776 case Q_LINK:
2777 if (linktype == DLT_EN10MB) {
2778 /* ether[0] & 1 != 0 */
2779 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2780 s->s.k = 0;
2781 b0 = new_block(JMP(BPF_JSET));
2782 b0->s.k = 1;
2783 b0->stmts = s;
2784 return b0;
2785 }
2786
2787 if (linktype == DLT_FDDI) {
2788 /* XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX */
2789 /* fddi[1] & 1 != 0 */
2790 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2791 s->s.k = 1;
2792 b0 = new_block(JMP(BPF_JSET));
2793 b0->s.k = 1;
2794 b0->stmts = s;
2795 return b0;
2796 }
2797 /* Link not known to support multicasts */
2798 break;
2799
2800 case Q_IP:
2801 b0 = gen_linktype(ETHERTYPE_IP);
2802 b1 = gen_cmp(off_nl + 16, BPF_B, (bpf_int32)224);
2803 b1->s.code = JMP(BPF_JGE);
2804 gen_and(b0, b1);
2805 return b1;
2806
2807 #ifdef INET6
2808 case Q_IPV6:
2809 b0 = gen_linktype(ETHERTYPE_IPV6);
2810 b1 = gen_cmp(off_nl + 24, BPF_B, (bpf_int32)255);
2811 gen_and(b0, b1);
2812 return b1;
2813 #endif /* INET6 */
2814 }
2815 bpf_error("only IP multicast filters supported on ethernet/FDDI");
2816 }
2817
2818 /*
2819 * generate command for inbound/outbound. It's here so we can
2820 * make it link-type specific. 'dir' = 0 implies "inbound",
2821 * = 1 implies "outbound".
2822 */
2823 struct block *
2824 gen_inbound(dir)
2825 int dir;
2826 {
2827 register struct block *b0;
2828
2829 b0 = gen_relation(BPF_JEQ,
2830 gen_load(Q_LINK, gen_loadi(0), 1),
2831 gen_loadi(0),
2832 dir);
2833 return (b0);
2834 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism