]> The Tcpdump Group git mirrors - libpcap/blob - gencode.c
projects / libpcap / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add support for reading capture files from programs using Alexey
[libpcap] / gencode.c
1 /*#define CHASE_CHAIN*/
2 /*
3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998
4 * The Regents of the University of California. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that: (1) source code distributions
8 * retain the above copyright notice and this paragraph in its entirety, (2)
9 * distributions including binary code include the above copyright notice and
10 * this paragraph in its entirety in the documentation or other materials
11 * provided with the distribution, and (3) all advertising materials mentioning
12 * features or use of this software display the following acknowledgement:
13 * ``This product includes software developed by the University of California,
14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
15 * the University nor the names of its contributors may be used to endorse
16 * or promote products derived from this software without specific prior
17 * written permission.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 */
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.114 2000-07-13 06:51:56 guy Exp $ (LBL)";
25 #endif
26
27 #ifdef HAVE_CONFIG_H
28 #include "config.h"
29 #endif
30
31 #include <sys/types.h>
32 #include <sys/socket.h>
33 #include <sys/time.h>
34 #ifdef __NetBSD__
35 #include <sys/param.h>
36 #endif
37
38 struct mbuf;
39 struct rtentry;
40 #include <net/if.h>
41
42 #include <netinet/in.h>
43 #include <netinet/if_ether.h>
44
45 #include <stdlib.h>
46 #include <memory.h>
47 #include <setjmp.h>
48 #include <stdarg.h>
49
50 #include "pcap-int.h"
51
52 #include "ethertype.h"
53 #include "gencode.h"
54 #include "ppp.h"
55 #include <pcap-namedb.h>
56 #ifdef INET6
57 #include <netdb.h>
58 #include <sys/socket.h>
59 #endif /*INET6*/
60
61 #ifdef HAVE_OS_PROTO_H
62 #include "os-proto.h"
63 #endif
64
65 #define JMP(c) ((c)|BPF_JMP|BPF_K)
66
67 /* Locals */
68 static jmp_buf top_ctx;
69 static pcap_t *bpf_pcap;
70
71 /* XXX */
72 #ifdef PCAP_FDDIPAD
73 int pcap_fddipad = PCAP_FDDIPAD;
74 #else
75 int pcap_fddipad;
76 #endif
77
78 /* VARARGS */
79 void
80 bpf_error(const char *fmt, ...)
81
82 {
83 va_list ap;
84
85 va_start(ap, fmt);
86 if (bpf_pcap != NULL)
87 (void)vsnprintf(pcap_geterr(bpf_pcap), PCAP_ERRBUF_SIZE,
88 fmt, ap);
89 va_end(ap);
90 longjmp(top_ctx, 1);
91 /* NOTREACHED */
92 }
93
94 static void init_linktype(int);
95
96 static int alloc_reg(void);
97 static void free_reg(int);
98
99 static struct block *root;
100
101 /*
102 * We divy out chunks of memory rather than call malloc each time so
103 * we don't have to worry about leaking memory. It's probably
104 * not a big deal if all this memory was wasted but it this ever
105 * goes into a library that would probably not be a good idea.
106 */
107 #define NCHUNKS 16
108 #define CHUNK0SIZE 1024
109 struct chunk {
110 u_int n_left;
111 void *m;
112 };
113
114 static struct chunk chunks[NCHUNKS];
115 static int cur_chunk;
116
117 static void *newchunk(u_int);
118 static void freechunks(void);
119 static inline struct block *new_block(int);
120 static inline struct slist *new_stmt(int);
121 static struct block *gen_retblk(int);
122 static inline void syntax(void);
123
124 static void backpatch(struct block *, struct block *);
125 static void merge(struct block *, struct block *);
126 static struct block *gen_cmp(u_int, u_int, bpf_int32);
127 static struct block *gen_mcmp(u_int, u_int, bpf_int32, bpf_u_int32);
128 static struct block *gen_bcmp(u_int, u_int, const u_char *);
129 static struct block *gen_uncond(int);
130 static inline struct block *gen_true(void);
131 static inline struct block *gen_false(void);
132 static struct block *gen_linktype(int);
133 static struct block *gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int);
134 #ifdef INET6
135 static struct block *gen_hostop6(struct in6_addr *, struct in6_addr *, int, int, u_int, u_int);
136 #endif
137 static struct block *gen_ehostop(const u_char *, int);
138 static struct block *gen_fhostop(const u_char *, int);
139 static struct block *gen_dnhostop(bpf_u_int32, int, u_int);
140 static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int);
141 #ifdef INET6
142 static struct block *gen_host6(struct in6_addr *, struct in6_addr *, int, int);
143 #endif
144 #ifndef INET6
145 static struct block *gen_gateway(const u_char *, bpf_u_int32 **, int, int);
146 #endif
147 static struct block *gen_ipfrag(void);
148 static struct block *gen_portatom(int, bpf_int32);
149 #ifdef INET6
150 static struct block *gen_portatom6(int, bpf_int32);
151 #endif
152 struct block *gen_portop(int, int, int);
153 static struct block *gen_port(int, int, int);
154 #ifdef INET6
155 struct block *gen_portop6(int, int, int);
156 static struct block *gen_port6(int, int, int);
157 #endif
158 static int lookup_proto(const char *, int);
159 static struct block *gen_proto(int, int, int);
160 static struct slist *xfer_to_x(struct arth *);
161 static struct slist *xfer_to_a(struct arth *);
162 static struct block *gen_len(int, int);
163
164 static void *
165 newchunk(n)
166 u_int n;
167 {
168 struct chunk *cp;
169 int k, size;
170
171 #ifndef __NetBSD__
172 /* XXX Round up to nearest long. */
173 n = (n + sizeof(long) - 1) & ~(sizeof(long) - 1);
174 #else
175 /* XXX Round up to structure boundary. */
176 n = ALIGN(n);
177 #endif
178
179 cp = &chunks[cur_chunk];
180 if (n > cp->n_left) {
181 ++cp, k = ++cur_chunk;
182 if (k >= NCHUNKS)
183 bpf_error("out of memory");
184 size = CHUNK0SIZE << k;
185 cp->m = (void *)malloc(size);
186 memset((char *)cp->m, 0, size);
187 cp->n_left = size;
188 if (n > size)
189 bpf_error("out of memory");
190 }
191 cp->n_left -= n;
192 return (void *)((char *)cp->m + cp->n_left);
193 }
194
195 static void
196 freechunks()
197 {
198 int i;
199
200 cur_chunk = 0;
201 for (i = 0; i < NCHUNKS; ++i)
202 if (chunks[i].m != NULL) {
203 free(chunks[i].m);
204 chunks[i].m = NULL;
205 }
206 }
207
208 /*
209 * A strdup whose allocations are freed after code generation is over.
210 */
211 char *
212 sdup(s)
213 register const char *s;
214 {
215 int n = strlen(s) + 1;
216 char *cp = newchunk(n);
217
218 strlcpy(cp, s, n);
219 return (cp);
220 }
221
222 static inline struct block *
223 new_block(code)
224 int code;
225 {
226 struct block *p;
227
228 p = (struct block *)newchunk(sizeof(*p));
229 p->s.code = code;
230 p->head = p;
231
232 return p;
233 }
234
235 static inline struct slist *
236 new_stmt(code)
237 int code;
238 {
239 struct slist *p;
240
241 p = (struct slist *)newchunk(sizeof(*p));
242 p->s.code = code;
243
244 return p;
245 }
246
247 static struct block *
248 gen_retblk(v)
249 int v;
250 {
251 struct block *b = new_block(BPF_RET|BPF_K);
252
253 b->s.k = v;
254 return b;
255 }
256
257 static inline void
258 syntax()
259 {
260 bpf_error("syntax error in filter expression");
261 }
262
263 static bpf_u_int32 netmask;
264 static int snaplen;
265 int no_optimize;
266
267 int
268 pcap_compile(pcap_t *p, struct bpf_program *program,
269 char *buf, int optimize, bpf_u_int32 mask)
270 {
271 extern int n_errors;
272 int len;
273
274 no_optimize = 0;
275 n_errors = 0;
276 root = NULL;
277 bpf_pcap = p;
278 if (setjmp(top_ctx)) {
279 lex_cleanup();
280 freechunks();
281 return (-1);
282 }
283
284 netmask = mask;
285 snaplen = pcap_snapshot(p);
286 if (snaplen == 0) {
287 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
288 "snaplen of 0 rejects all packets");
289 return -1;
290 }
291
292 lex_init(buf ? buf : "");
293 init_linktype(pcap_datalink(p));
294 (void)pcap_parse();
295
296 if (n_errors)
297 syntax();
298
299 if (root == NULL)
300 root = gen_retblk(snaplen);
301
302 if (optimize && !no_optimize) {
303 bpf_optimize(&root);
304 if (root == NULL ||
305 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
306 bpf_error("expression rejects all packets");
307 }
308 program->bf_insns = icode_to_fcode(root, &len);
309 program->bf_len = len;
310
311 freechunks();
312 return (0);
313 }
314
315 /*
316 * entry point for using the compiler with no pcap open
317 * pass in all the stuff that is needed explicitly instead.
318 */
319 int
320 pcap_compile_nopcap(int snaplen_arg, int linktype_arg,
321 struct bpf_program *program,
322 char *buf, int optimize, bpf_u_int32 mask)
323 {
324 extern int n_errors;
325 int len;
326
327 n_errors = 0;
328 root = NULL;
329 bpf_pcap = NULL;
330 if (setjmp(top_ctx)) {
331 freechunks();
332 return (-1);
333 }
334
335 netmask = mask;
336
337 /* XXX needed? I don't grok the use of globals here. */
338 snaplen = snaplen_arg;
339
340 lex_init(buf ? buf : "");
341 init_linktype(linktype_arg);
342 (void)pcap_parse();
343
344 if (n_errors)
345 syntax();
346
347 if (root == NULL)
348 root = gen_retblk(snaplen_arg);
349
350 if (optimize) {
351 bpf_optimize(&root);
352 if (root == NULL ||
353 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
354 bpf_error("expression rejects all packets");
355 }
356 program->bf_insns = icode_to_fcode(root, &len);
357 program->bf_len = len;
358
359 freechunks();
360 return (0);
361 }
362
363 /*
364 * Backpatch the blocks in 'list' to 'target'. The 'sense' field indicates
365 * which of the jt and jf fields has been resolved and which is a pointer
366 * back to another unresolved block (or nil). At least one of the fields
367 * in each block is already resolved.
368 */
369 static void
370 backpatch(list, target)
371 struct block *list, *target;
372 {
373 struct block *next;
374
375 while (list) {
376 if (!list->sense) {
377 next = JT(list);
378 JT(list) = target;
379 } else {
380 next = JF(list);
381 JF(list) = target;
382 }
383 list = next;
384 }
385 }
386
387 /*
388 * Merge the lists in b0 and b1, using the 'sense' field to indicate
389 * which of jt and jf is the link.
390 */
391 static void
392 merge(b0, b1)
393 struct block *b0, *b1;
394 {
395 register struct block **p = &b0;
396
397 /* Find end of list. */
398 while (*p)
399 p = !((*p)->sense) ? &JT(*p) : &JF(*p);
400
401 /* Concatenate the lists. */
402 *p = b1;
403 }
404
405 void
406 finish_parse(p)
407 struct block *p;
408 {
409 backpatch(p, gen_retblk(snaplen));
410 p->sense = !p->sense;
411 backpatch(p, gen_retblk(0));
412 root = p->head;
413 }
414
415 void
416 gen_and(b0, b1)
417 struct block *b0, *b1;
418 {
419 backpatch(b0, b1->head);
420 b0->sense = !b0->sense;
421 b1->sense = !b1->sense;
422 merge(b1, b0);
423 b1->sense = !b1->sense;
424 b1->head = b0->head;
425 }
426
427 void
428 gen_or(b0, b1)
429 struct block *b0, *b1;
430 {
431 b0->sense = !b0->sense;
432 backpatch(b0, b1->head);
433 b0->sense = !b0->sense;
434 merge(b1, b0);
435 b1->head = b0->head;
436 }
437
438 void
439 gen_not(b)
440 struct block *b;
441 {
442 b->sense = !b->sense;
443 }
444
445 static struct block *
446 gen_cmp(offset, size, v)
447 u_int offset, size;
448 bpf_int32 v;
449 {
450 struct slist *s;
451 struct block *b;
452
453 s = new_stmt(BPF_LD|BPF_ABS|size);
454 s->s.k = offset;
455
456 b = new_block(JMP(BPF_JEQ));
457 b->stmts = s;
458 b->s.k = v;
459
460 return b;
461 }
462
463 static struct block *
464 gen_mcmp(offset, size, v, mask)
465 u_int offset, size;
466 bpf_int32 v;
467 bpf_u_int32 mask;
468 {
469 struct block *b = gen_cmp(offset, size, v);
470 struct slist *s;
471
472 if (mask != 0xffffffff) {
473 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
474 s->s.k = mask;
475 b->stmts->next = s;
476 }
477 return b;
478 }
479
480 static struct block *
481 gen_bcmp(offset, size, v)
482 register u_int offset, size;
483 register const u_char *v;
484 {
485 register struct block *b, *tmp;
486
487 b = NULL;
488 while (size >= 4) {
489 register const u_char *p = &v[size - 4];
490 bpf_int32 w = ((bpf_int32)p[0] << 24) |
491 ((bpf_int32)p[1] << 16) | ((bpf_int32)p[2] << 8) | p[3];
492
493 tmp = gen_cmp(offset + size - 4, BPF_W, w);
494 if (b != NULL)
495 gen_and(b, tmp);
496 b = tmp;
497 size -= 4;
498 }
499 while (size >= 2) {
500 register const u_char *p = &v[size - 2];
501 bpf_int32 w = ((bpf_int32)p[0] << 8) | p[1];
502
503 tmp = gen_cmp(offset + size - 2, BPF_H, w);
504 if (b != NULL)
505 gen_and(b, tmp);
506 b = tmp;
507 size -= 2;
508 }
509 if (size > 0) {
510 tmp = gen_cmp(offset, BPF_B, (bpf_int32)v[0]);
511 if (b != NULL)
512 gen_and(b, tmp);
513 b = tmp;
514 }
515 return b;
516 }
517
518 /*
519 * Various code constructs need to know the layout of the data link
520 * layer. These variables give the necessary offsets. off_linktype
521 * is set to -1 for no encapsulation, in which case, IP is assumed.
522 */
523 static u_int off_linktype;
524 static u_int off_nl;
525 static int linktype;
526
527 static void
528 init_linktype(type)
529 int type;
530 {
531 linktype = type;
532
533 switch (type) {
534
535 case DLT_EN10MB:
536 off_linktype = 12;
537 off_nl = 14;
538 return;
539
540 case DLT_SLIP:
541 /*
542 * SLIP doesn't have a link level type. The 16 byte
543 * header is hacked into our SLIP driver.
544 */
545 off_linktype = -1;
546 off_nl = 16;
547 return;
548
549 case DLT_SLIP_BSDOS:
550 /* XXX this may be the same as the DLT_PPP_BSDOS case */
551 off_linktype = -1;
552 /* XXX end */
553 off_nl = 24;
554 return;
555
556 case DLT_NULL:
557 off_linktype = 0;
558 off_nl = 4;
559 return;
560
561 case DLT_PPP:
562 case DLT_CHDLC:
563 off_linktype = 2;
564 off_nl = 4;
565 return;
566
567 case DLT_PPP_BSDOS:
568 off_linktype = 5;
569 off_nl = 24;
570 return;
571
572 case DLT_FDDI:
573 /*
574 * FDDI doesn't really have a link-level type field.
575 * We assume that SSAP = SNAP is being used and pick
576 * out the encapsulated Ethernet type.
577 */
578 off_linktype = 19;
579 #ifdef PCAP_FDDIPAD
580 off_linktype += pcap_fddipad;
581 #endif
582 off_nl = 21;
583 #ifdef PCAP_FDDIPAD
584 off_nl += pcap_fddipad;
585 #endif
586 return;
587
588 case DLT_IEEE802:
589 off_linktype = 20;
590 off_nl = 22;
591 return;
592
593 case DLT_ATM_RFC1483:
594 /*
595 * assume routed, non-ISO PDUs
596 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00)
597 */
598 off_linktype = 6;
599 off_nl = 8;
600 return;
601
602 case DLT_RAW:
603 off_linktype = -1;
604 off_nl = 0;
605 return;
606 }
607 bpf_error("unknown data link type 0x%x", linktype);
608 /* NOTREACHED */
609 }
610
611 static struct block *
612 gen_uncond(rsense)
613 int rsense;
614 {
615 struct block *b;
616 struct slist *s;
617
618 s = new_stmt(BPF_LD|BPF_IMM);
619 s->s.k = !rsense;
620 b = new_block(JMP(BPF_JEQ));
621 b->stmts = s;
622
623 return b;
624 }
625
626 static inline struct block *
627 gen_true()
628 {
629 return gen_uncond(1);
630 }
631
632 static inline struct block *
633 gen_false()
634 {
635 return gen_uncond(0);
636 }
637
638 static struct block *
639 gen_linktype(proto)
640 register int proto;
641 {
642 struct block *b0, *b1;
643
644 /* If we're not using encapsulation, we're done */
645 if (off_linktype == -1)
646 return gen_true();
647
648 switch (linktype) {
649
650 case DLT_SLIP:
651 return gen_false();
652
653 case DLT_PPP:
654 if (proto == ETHERTYPE_IP)
655 proto = PPP_IP; /* XXX was 0x21 */
656 #ifdef INET6
657 else if (proto == ETHERTYPE_IPV6)
658 proto = PPP_IPV6;
659 #endif
660 break;
661
662 case DLT_PPP_BSDOS:
663 switch (proto) {
664
665 case ETHERTYPE_IP:
666 b0 = gen_cmp(off_linktype, BPF_H, PPP_IP);
667 b1 = gen_cmp(off_linktype, BPF_H, PPP_VJC);
668 gen_or(b0, b1);
669 b0 = gen_cmp(off_linktype, BPF_H, PPP_VJNC);
670 gen_or(b1, b0);
671 return b0;
672
673 #ifdef INET6
674 case ETHERTYPE_IPV6:
675 proto = PPP_IPV6;
676 /* more to go? */
677 break;
678 #endif
679
680 case ETHERTYPE_DN:
681 proto = PPP_DECNET;
682 break;
683
684 case ETHERTYPE_ATALK:
685 proto = PPP_APPLE;
686 break;
687
688 case ETHERTYPE_NS:
689 proto = PPP_NS;
690 break;
691 }
692 break;
693
694 case DLT_NULL:
695 /* XXX */
696 if (proto == ETHERTYPE_IP)
697 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET)));
698 #ifdef INET6
699 else if (proto == ETHERTYPE_IPV6)
700 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET6)));
701 #endif
702 else
703 return gen_false();
704 }
705 return gen_cmp(off_linktype, BPF_H, (bpf_int32)proto);
706 }
707
708 static struct block *
709 gen_hostop(addr, mask, dir, proto, src_off, dst_off)
710 bpf_u_int32 addr;
711 bpf_u_int32 mask;
712 int dir, proto;
713 u_int src_off, dst_off;
714 {
715 struct block *b0, *b1;
716 u_int offset;
717
718 switch (dir) {
719
720 case Q_SRC:
721 offset = src_off;
722 break;
723
724 case Q_DST:
725 offset = dst_off;
726 break;
727
728 case Q_AND:
729 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
730 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
731 gen_and(b0, b1);
732 return b1;
733
734 case Q_OR:
735 case Q_DEFAULT:
736 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
737 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
738 gen_or(b0, b1);
739 return b1;
740
741 default:
742 abort();
743 }
744 b0 = gen_linktype(proto);
745 b1 = gen_mcmp(offset, BPF_W, (bpf_int32)addr, mask);
746 gen_and(b0, b1);
747 return b1;
748 }
749
750 #ifdef INET6
751 static struct block *
752 gen_hostop6(addr, mask, dir, proto, src_off, dst_off)
753 struct in6_addr *addr;
754 struct in6_addr *mask;
755 int dir, proto;
756 u_int src_off, dst_off;
757 {
758 struct block *b0, *b1;
759 u_int offset;
760 u_int32_t *a, *m;
761
762 switch (dir) {
763
764 case Q_SRC:
765 offset = src_off;
766 break;
767
768 case Q_DST:
769 offset = dst_off;
770 break;
771
772 case Q_AND:
773 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
774 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
775 gen_and(b0, b1);
776 return b1;
777
778 case Q_OR:
779 case Q_DEFAULT:
780 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
781 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
782 gen_or(b0, b1);
783 return b1;
784
785 default:
786 abort();
787 }
788 /* this order is important */
789 a = (u_int32_t *)addr;
790 m = (u_int32_t *)mask;
791 b1 = gen_mcmp(offset + 12, BPF_W, ntohl(a[3]), ntohl(m[3]));
792 b0 = gen_mcmp(offset + 8, BPF_W, ntohl(a[2]), ntohl(m[2]));
793 gen_and(b0, b1);
794 b0 = gen_mcmp(offset + 4, BPF_W, ntohl(a[1]), ntohl(m[1]));
795 gen_and(b0, b1);
796 b0 = gen_mcmp(offset + 0, BPF_W, ntohl(a[0]), ntohl(m[0]));
797 gen_and(b0, b1);
798 b0 = gen_linktype(proto);
799 gen_and(b0, b1);
800 return b1;
801 }
802 #endif /*INET6*/
803
804 static struct block *
805 gen_ehostop(eaddr, dir)
806 register const u_char *eaddr;
807 register int dir;
808 {
809 register struct block *b0, *b1;
810
811 switch (dir) {
812 case Q_SRC:
813 return gen_bcmp(6, 6, eaddr);
814
815 case Q_DST:
816 return gen_bcmp(0, 6, eaddr);
817
818 case Q_AND:
819 b0 = gen_ehostop(eaddr, Q_SRC);
820 b1 = gen_ehostop(eaddr, Q_DST);
821 gen_and(b0, b1);
822 return b1;
823
824 case Q_DEFAULT:
825 case Q_OR:
826 b0 = gen_ehostop(eaddr, Q_SRC);
827 b1 = gen_ehostop(eaddr, Q_DST);
828 gen_or(b0, b1);
829 return b1;
830 }
831 abort();
832 /* NOTREACHED */
833 }
834
835 /*
836 * Like gen_ehostop, but for DLT_FDDI
837 */
838 static struct block *
839 gen_fhostop(eaddr, dir)
840 register const u_char *eaddr;
841 register int dir;
842 {
843 struct block *b0, *b1;
844
845 switch (dir) {
846 case Q_SRC:
847 #ifdef PCAP_FDDIPAD
848 return gen_bcmp(6 + 1 + pcap_fddipad, 6, eaddr);
849 #else
850 return gen_bcmp(6 + 1, 6, eaddr);
851 #endif
852
853 case Q_DST:
854 #ifdef PCAP_FDDIPAD
855 return gen_bcmp(0 + 1 + pcap_fddipad, 6, eaddr);
856 #else
857 return gen_bcmp(0 + 1, 6, eaddr);
858 #endif
859
860 case Q_AND:
861 b0 = gen_fhostop(eaddr, Q_SRC);
862 b1 = gen_fhostop(eaddr, Q_DST);
863 gen_and(b0, b1);
864 return b1;
865
866 case Q_DEFAULT:
867 case Q_OR:
868 b0 = gen_fhostop(eaddr, Q_SRC);
869 b1 = gen_fhostop(eaddr, Q_DST);
870 gen_or(b0, b1);
871 return b1;
872 }
873 abort();
874 /* NOTREACHED */
875 }
876
877 /*
878 * This is quite tricky because there may be pad bytes in front of the
879 * DECNET header, and then there are two possible data packet formats that
880 * carry both src and dst addresses, plus 5 packet types in a format that
881 * carries only the src node, plus 2 types that use a different format and
882 * also carry just the src node.
883 *
884 * Yuck.
885 *
886 * Instead of doing those all right, we just look for data packets with
887 * 0 or 1 bytes of padding. If you want to look at other packets, that
888 * will require a lot more hacking.
889 *
890 * To add support for filtering on DECNET "areas" (network numbers)
891 * one would want to add a "mask" argument to this routine. That would
892 * make the filter even more inefficient, although one could be clever
893 * and not generate masking instructions if the mask is 0xFFFF.
894 */
895 static struct block *
896 gen_dnhostop(addr, dir, base_off)
897 bpf_u_int32 addr;
898 int dir;
899 u_int base_off;
900 {
901 struct block *b0, *b1, *b2, *tmp;
902 u_int offset_lh; /* offset if long header is received */
903 u_int offset_sh; /* offset if short header is received */
904
905 switch (dir) {
906
907 case Q_DST:
908 offset_sh = 1; /* follows flags */
909 offset_lh = 7; /* flgs,darea,dsubarea,HIORD */
910 break;
911
912 case Q_SRC:
913 offset_sh = 3; /* follows flags, dstnode */
914 offset_lh = 15; /* flgs,darea,dsubarea,did,sarea,ssub,HIORD */
915 break;
916
917 case Q_AND:
918 /* Inefficient because we do our Calvinball dance twice */
919 b0 = gen_dnhostop(addr, Q_SRC, base_off);
920 b1 = gen_dnhostop(addr, Q_DST, base_off);
921 gen_and(b0, b1);
922 return b1;
923
924 case Q_OR:
925 case Q_DEFAULT:
926 /* Inefficient because we do our Calvinball dance twice */
927 b0 = gen_dnhostop(addr, Q_SRC, base_off);
928 b1 = gen_dnhostop(addr, Q_DST, base_off);
929 gen_or(b0, b1);
930 return b1;
931
932 default:
933 abort();
934 }
935 b0 = gen_linktype(ETHERTYPE_DN);
936 /* Check for pad = 1, long header case */
937 tmp = gen_mcmp(base_off + 2, BPF_H,
938 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF));
939 b1 = gen_cmp(base_off + 2 + 1 + offset_lh,
940 BPF_H, (bpf_int32)ntohs(addr));
941 gen_and(tmp, b1);
942 /* Check for pad = 0, long header case */
943 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x06, (bpf_int32)0x7);
944 b2 = gen_cmp(base_off + 2 + offset_lh, BPF_H, (bpf_int32)ntohs(addr));
945 gen_and(tmp, b2);
946 gen_or(b2, b1);
947 /* Check for pad = 1, short header case */
948 tmp = gen_mcmp(base_off + 2, BPF_H,
949 (bpf_int32)ntohs(0x0281), (bpf_int32)ntohs(0x07FF));
950 b2 = gen_cmp(base_off + 2 + 1 + offset_sh,
951 BPF_H, (bpf_int32)ntohs(addr));
952 gen_and(tmp, b2);
953 gen_or(b2, b1);
954 /* Check for pad = 0, short header case */
955 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x02, (bpf_int32)0x7);
956 b2 = gen_cmp(base_off + 2 + offset_sh, BPF_H, (bpf_int32)ntohs(addr));
957 gen_and(tmp, b2);
958 gen_or(b2, b1);
959
960 /* Combine with test for linktype */
961 gen_and(b0, b1);
962 return b1;
963 }
964
965 static struct block *
966 gen_host(addr, mask, proto, dir)
967 bpf_u_int32 addr;
968 bpf_u_int32 mask;
969 int proto;
970 int dir;
971 {
972 struct block *b0, *b1;
973
974 switch (proto) {
975
976 case Q_DEFAULT:
977 b0 = gen_host(addr, mask, Q_IP, dir);
978 if (off_linktype != -1) {
979 b1 = gen_host(addr, mask, Q_ARP, dir);
980 gen_or(b0, b1);
981 b0 = gen_host(addr, mask, Q_RARP, dir);
982 gen_or(b1, b0);
983 }
984 return b0;
985
986 case Q_IP:
987 return gen_hostop(addr, mask, dir, ETHERTYPE_IP,
988 off_nl + 12, off_nl + 16);
989
990 case Q_RARP:
991 return gen_hostop(addr, mask, dir, ETHERTYPE_REVARP,
992 off_nl + 14, off_nl + 24);
993
994 case Q_ARP:
995 return gen_hostop(addr, mask, dir, ETHERTYPE_ARP,
996 off_nl + 14, off_nl + 24);
997
998 case Q_TCP:
999 bpf_error("'tcp' modifier applied to host");
1000
1001 case Q_UDP:
1002 bpf_error("'udp' modifier applied to host");
1003
1004 case Q_ICMP:
1005 bpf_error("'icmp' modifier applied to host");
1006
1007 case Q_IGMP:
1008 bpf_error("'igmp' modifier applied to host");
1009
1010 case Q_IGRP:
1011 bpf_error("'igrp' modifier applied to host");
1012
1013 case Q_PIM:
1014 bpf_error("'pim' modifier applied to host");
1015
1016 case Q_ATALK:
1017 bpf_error("ATALK host filtering not implemented");
1018
1019 case Q_DECNET:
1020 return gen_dnhostop(addr, dir, off_nl);
1021
1022 case Q_SCA:
1023 bpf_error("SCA host filtering not implemented");
1024
1025 case Q_LAT:
1026 bpf_error("LAT host filtering not implemented");
1027
1028 case Q_MOPDL:
1029 bpf_error("MOPDL host filtering not implemented");
1030
1031 case Q_MOPRC:
1032 bpf_error("MOPRC host filtering not implemented");
1033
1034 #ifdef INET6
1035 case Q_IPV6:
1036 bpf_error("'ip6' modifier applied to ip host");
1037
1038 case Q_ICMPV6:
1039 bpf_error("'icmp6' modifier applied to host");
1040 #endif /* INET6 */
1041
1042 case Q_AH:
1043 bpf_error("'ah' modifier applied to host");
1044
1045 case Q_ESP:
1046 bpf_error("'esp' modifier applied to host");
1047
1048 default:
1049 abort();
1050 }
1051 /* NOTREACHED */
1052 }
1053
1054 #ifdef INET6
1055 static struct block *
1056 gen_host6(addr, mask, proto, dir)
1057 struct in6_addr *addr;
1058 struct in6_addr *mask;
1059 int proto;
1060 int dir;
1061 {
1062 switch (proto) {
1063
1064 case Q_DEFAULT:
1065 return gen_host6(addr, mask, Q_IPV6, dir);
1066
1067 case Q_IP:
1068 bpf_error("'ip' modifier applied to ip6 host");
1069
1070 case Q_RARP:
1071 bpf_error("'rarp' modifier applied to ip6 host");
1072
1073 case Q_ARP:
1074 bpf_error("'arp' modifier applied to ip6 host");
1075
1076 case Q_TCP:
1077 bpf_error("'tcp' modifier applied to host");
1078
1079 case Q_UDP:
1080 bpf_error("'udp' modifier applied to host");
1081
1082 case Q_ICMP:
1083 bpf_error("'icmp' modifier applied to host");
1084
1085 case Q_IGMP:
1086 bpf_error("'igmp' modifier applied to host");
1087
1088 case Q_IGRP:
1089 bpf_error("'igrp' modifier applied to host");
1090
1091 case Q_PIM:
1092 bpf_error("'pim' modifier applied to host");
1093
1094 case Q_ATALK:
1095 bpf_error("ATALK host filtering not implemented");
1096
1097 case Q_DECNET:
1098 bpf_error("'decnet' modifier applied to ip6 host");
1099
1100 case Q_SCA:
1101 bpf_error("SCA host filtering not implemented");
1102
1103 case Q_LAT:
1104 bpf_error("LAT host filtering not implemented");
1105
1106 case Q_MOPDL:
1107 bpf_error("MOPDL host filtering not implemented");
1108
1109 case Q_MOPRC:
1110 bpf_error("MOPRC host filtering not implemented");
1111
1112 case Q_IPV6:
1113 return gen_hostop6(addr, mask, dir, ETHERTYPE_IPV6,
1114 off_nl + 8, off_nl + 24);
1115
1116 case Q_ICMPV6:
1117 bpf_error("'icmp6' modifier applied to host");
1118
1119 case Q_AH:
1120 bpf_error("'ah' modifier applied to host");
1121
1122 case Q_ESP:
1123 bpf_error("'esp' modifier applied to host");
1124
1125 default:
1126 abort();
1127 }
1128 /* NOTREACHED */
1129 }
1130 #endif /*INET6*/
1131
1132 #ifndef INET6
1133 static struct block *
1134 gen_gateway(eaddr, alist, proto, dir)
1135 const u_char *eaddr;
1136 bpf_u_int32 **alist;
1137 int proto;
1138 int dir;
1139 {
1140 struct block *b0, *b1, *tmp;
1141
1142 if (dir != 0)
1143 bpf_error("direction applied to 'gateway'");
1144
1145 switch (proto) {
1146 case Q_DEFAULT:
1147 case Q_IP:
1148 case Q_ARP:
1149 case Q_RARP:
1150 if (linktype == DLT_EN10MB)
1151 b0 = gen_ehostop(eaddr, Q_OR);
1152 else if (linktype == DLT_FDDI)
1153 b0 = gen_fhostop(eaddr, Q_OR);
1154 else
1155 bpf_error(
1156 "'gateway' supported only on ethernet or FDDI");
1157
1158 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1159 while (*alist) {
1160 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1161 gen_or(b1, tmp);
1162 b1 = tmp;
1163 }
1164 gen_not(b1);
1165 gen_and(b0, b1);
1166 return b1;
1167 }
1168 bpf_error("illegal modifier of 'gateway'");
1169 /* NOTREACHED */
1170 }
1171 #endif
1172
1173 struct block *
1174 gen_proto_abbrev(proto)
1175 int proto;
1176 {
1177 #ifdef INET6
1178 struct block *b0;
1179 #endif
1180 struct block *b1;
1181
1182 switch (proto) {
1183
1184 case Q_TCP:
1185 b1 = gen_proto(IPPROTO_TCP, Q_IP, Q_DEFAULT);
1186 #ifdef INET6
1187 b0 = gen_proto(IPPROTO_TCP, Q_IPV6, Q_DEFAULT);
1188 gen_or(b0, b1);
1189 #endif
1190 break;
1191
1192 case Q_UDP:
1193 b1 = gen_proto(IPPROTO_UDP, Q_IP, Q_DEFAULT);
1194 #ifdef INET6
1195 b0 = gen_proto(IPPROTO_UDP, Q_IPV6, Q_DEFAULT);
1196 gen_or(b0, b1);
1197 #endif
1198 break;
1199
1200 case Q_ICMP:
1201 b1 = gen_proto(IPPROTO_ICMP, Q_IP, Q_DEFAULT);
1202 break;
1203
1204 #ifndef IPPROTO_IGMP
1205 #define IPPROTO_IGMP 2
1206 #endif
1207
1208 case Q_IGMP:
1209 b1 = gen_proto(IPPROTO_IGMP, Q_IP, Q_DEFAULT);
1210 break;
1211
1212 #ifndef IPPROTO_IGRP
1213 #define IPPROTO_IGRP 9
1214 #endif
1215 case Q_IGRP:
1216 b1 = gen_proto(IPPROTO_IGRP, Q_IP, Q_DEFAULT);
1217 break;
1218
1219 #ifndef IPPROTO_PIM
1220 #define IPPROTO_PIM 103
1221 #endif
1222
1223 case Q_PIM:
1224 b1 = gen_proto(IPPROTO_PIM, Q_IP, Q_DEFAULT);
1225 #ifdef INET6
1226 b0 = gen_proto(IPPROTO_PIM, Q_IPV6, Q_DEFAULT);
1227 gen_or(b0, b1);
1228 #endif
1229 break;
1230
1231 case Q_IP:
1232 b1 = gen_linktype(ETHERTYPE_IP);
1233 break;
1234
1235 case Q_ARP:
1236 b1 = gen_linktype(ETHERTYPE_ARP);
1237 break;
1238
1239 case Q_RARP:
1240 b1 = gen_linktype(ETHERTYPE_REVARP);
1241 break;
1242
1243 case Q_LINK:
1244 bpf_error("link layer applied in wrong context");
1245
1246 case Q_ATALK:
1247 b1 = gen_linktype(ETHERTYPE_ATALK);
1248 break;
1249
1250 case Q_DECNET:
1251 b1 = gen_linktype(ETHERTYPE_DN);
1252 break;
1253
1254 case Q_SCA:
1255 b1 = gen_linktype(ETHERTYPE_SCA);
1256 break;
1257
1258 case Q_LAT:
1259 b1 = gen_linktype(ETHERTYPE_LAT);
1260 break;
1261
1262 case Q_MOPDL:
1263 b1 = gen_linktype(ETHERTYPE_MOPDL);
1264 break;
1265
1266 case Q_MOPRC:
1267 b1 = gen_linktype(ETHERTYPE_MOPRC);
1268 break;
1269
1270 #ifdef INET6
1271 case Q_IPV6:
1272 b1 = gen_linktype(ETHERTYPE_IPV6);
1273 break;
1274
1275 #ifndef IPPROTO_ICMPV6
1276 #define IPPROTO_ICMPV6 58
1277 #endif
1278 case Q_ICMPV6:
1279 b1 = gen_proto(IPPROTO_ICMPV6, Q_IPV6, Q_DEFAULT);
1280 break;
1281 #endif /* INET6 */
1282
1283 #ifndef IPPROTO_AH
1284 #define IPPROTO_AH 51
1285 #endif
1286 case Q_AH:
1287 b1 = gen_proto(IPPROTO_AH, Q_IP, Q_DEFAULT);
1288 #ifdef INET6
1289 b0 = gen_proto(IPPROTO_AH, Q_IPV6, Q_DEFAULT);
1290 gen_or(b0, b1);
1291 #endif
1292 break;
1293
1294 #ifndef IPPROTO_ESP
1295 #define IPPROTO_ESP 50
1296 #endif
1297 case Q_ESP:
1298 b1 = gen_proto(IPPROTO_ESP, Q_IP, Q_DEFAULT);
1299 #ifdef INET6
1300 b0 = gen_proto(IPPROTO_ESP, Q_IPV6, Q_DEFAULT);
1301 gen_or(b0, b1);
1302 #endif
1303 break;
1304
1305 default:
1306 abort();
1307 }
1308 return b1;
1309 }
1310
1311 static struct block *
1312 gen_ipfrag()
1313 {
1314 struct slist *s;
1315 struct block *b;
1316
1317 /* not ip frag */
1318 s = new_stmt(BPF_LD|BPF_H|BPF_ABS);
1319 s->s.k = off_nl + 6;
1320 b = new_block(JMP(BPF_JSET));
1321 b->s.k = 0x1fff;
1322 b->stmts = s;
1323 gen_not(b);
1324
1325 return b;
1326 }
1327
1328 static struct block *
1329 gen_portatom(off, v)
1330 int off;
1331 bpf_int32 v;
1332 {
1333 struct slist *s;
1334 struct block *b;
1335
1336 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1337 s->s.k = off_nl;
1338
1339 s->next = new_stmt(BPF_LD|BPF_IND|BPF_H);
1340 s->next->s.k = off_nl + off;
1341
1342 b = new_block(JMP(BPF_JEQ));
1343 b->stmts = s;
1344 b->s.k = v;
1345
1346 return b;
1347 }
1348
1349 #ifdef INET6
1350 static struct block *
1351 gen_portatom6(off, v)
1352 int off;
1353 bpf_int32 v;
1354 {
1355 return gen_cmp(off_nl + 40 + off, BPF_H, v);
1356 }
1357 #endif/*INET6*/
1358
1359 struct block *
1360 gen_portop(port, proto, dir)
1361 int port, proto, dir;
1362 {
1363 struct block *b0, *b1, *tmp;
1364
1365 /* ip proto 'proto' */
1366 tmp = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)proto);
1367 b0 = gen_ipfrag();
1368 gen_and(tmp, b0);
1369
1370 switch (dir) {
1371 case Q_SRC:
1372 b1 = gen_portatom(0, (bpf_int32)port);
1373 break;
1374
1375 case Q_DST:
1376 b1 = gen_portatom(2, (bpf_int32)port);
1377 break;
1378
1379 case Q_OR:
1380 case Q_DEFAULT:
1381 tmp = gen_portatom(0, (bpf_int32)port);
1382 b1 = gen_portatom(2, (bpf_int32)port);
1383 gen_or(tmp, b1);
1384 break;
1385
1386 case Q_AND:
1387 tmp = gen_portatom(0, (bpf_int32)port);
1388 b1 = gen_portatom(2, (bpf_int32)port);
1389 gen_and(tmp, b1);
1390 break;
1391
1392 default:
1393 abort();
1394 }
1395 gen_and(b0, b1);
1396
1397 return b1;
1398 }
1399
1400 static struct block *
1401 gen_port(port, ip_proto, dir)
1402 int port;
1403 int ip_proto;
1404 int dir;
1405 {
1406 struct block *b0, *b1, *tmp;
1407
1408 /* ether proto ip */
1409 b0 = gen_linktype(ETHERTYPE_IP);
1410
1411 switch (ip_proto) {
1412 case IPPROTO_UDP:
1413 case IPPROTO_TCP:
1414 b1 = gen_portop(port, ip_proto, dir);
1415 break;
1416
1417 case PROTO_UNDEF:
1418 tmp = gen_portop(port, IPPROTO_TCP, dir);
1419 b1 = gen_portop(port, IPPROTO_UDP, dir);
1420 gen_or(tmp, b1);
1421 break;
1422
1423 default:
1424 abort();
1425 }
1426 gen_and(b0, b1);
1427 return b1;
1428 }
1429
1430 #ifdef INET6
1431 struct block *
1432 gen_portop6(port, proto, dir)
1433 int port, proto, dir;
1434 {
1435 struct block *b0, *b1, *tmp;
1436
1437 /* ip proto 'proto' */
1438 b0 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)proto);
1439
1440 switch (dir) {
1441 case Q_SRC:
1442 b1 = gen_portatom6(0, (bpf_int32)port);
1443 break;
1444
1445 case Q_DST:
1446 b1 = gen_portatom6(2, (bpf_int32)port);
1447 break;
1448
1449 case Q_OR:
1450 case Q_DEFAULT:
1451 tmp = gen_portatom6(0, (bpf_int32)port);
1452 b1 = gen_portatom6(2, (bpf_int32)port);
1453 gen_or(tmp, b1);
1454 break;
1455
1456 case Q_AND:
1457 tmp = gen_portatom6(0, (bpf_int32)port);
1458 b1 = gen_portatom6(2, (bpf_int32)port);
1459 gen_and(tmp, b1);
1460 break;
1461
1462 default:
1463 abort();
1464 }
1465 gen_and(b0, b1);
1466
1467 return b1;
1468 }
1469
1470 static struct block *
1471 gen_port6(port, ip_proto, dir)
1472 int port;
1473 int ip_proto;
1474 int dir;
1475 {
1476 struct block *b0, *b1, *tmp;
1477
1478 /* ether proto ip */
1479 b0 = gen_linktype(ETHERTYPE_IPV6);
1480
1481 switch (ip_proto) {
1482 case IPPROTO_UDP:
1483 case IPPROTO_TCP:
1484 b1 = gen_portop6(port, ip_proto, dir);
1485 break;
1486
1487 case PROTO_UNDEF:
1488 tmp = gen_portop6(port, IPPROTO_TCP, dir);
1489 b1 = gen_portop6(port, IPPROTO_UDP, dir);
1490 gen_or(tmp, b1);
1491 break;
1492
1493 default:
1494 abort();
1495 }
1496 gen_and(b0, b1);
1497 return b1;
1498 }
1499 #endif /* INET6 */
1500
1501 static int
1502 lookup_proto(name, proto)
1503 register const char *name;
1504 register int proto;
1505 {
1506 register int v;
1507
1508 switch (proto) {
1509
1510 case Q_DEFAULT:
1511 case Q_IP:
1512 v = pcap_nametoproto(name);
1513 if (v == PROTO_UNDEF)
1514 bpf_error("unknown ip proto '%s'", name);
1515 break;
1516
1517 case Q_LINK:
1518 /* XXX should look up h/w protocol type based on linktype */
1519 v = pcap_nametoeproto(name);
1520 if (v == PROTO_UNDEF)
1521 bpf_error("unknown ether proto '%s'", name);
1522 break;
1523
1524 default:
1525 v = PROTO_UNDEF;
1526 break;
1527 }
1528 return v;
1529 }
1530
1531 #if 0
1532 struct stmt *
1533 gen_joinsp(s, n)
1534 struct stmt **s;
1535 int n;
1536 {
1537 return NULL;
1538 }
1539 #endif
1540
1541 struct block *
1542 gen_protochain(v, proto, dir)
1543 int v;
1544 int proto;
1545 int dir;
1546 {
1547 #ifdef NO_PROTOCHAIN
1548 return gen_proto(v, proto, dir);
1549 #else
1550 struct block *b0, *b;
1551 struct slist *s[100];
1552 int fix2, fix3, fix4, fix5;
1553 int ahcheck, again, end;
1554 int i, max;
1555 int reg1 = alloc_reg();
1556 int reg2 = alloc_reg();
1557
1558 memset(s, 0, sizeof(s));
1559 fix2 = fix3 = fix4 = fix5 = 0;
1560
1561 switch (proto) {
1562 case Q_IP:
1563 case Q_IPV6:
1564 break;
1565 case Q_DEFAULT:
1566 b0 = gen_protochain(v, Q_IP, dir);
1567 b = gen_protochain(v, Q_IPV6, dir);
1568 gen_or(b0, b);
1569 return b;
1570 default:
1571 bpf_error("bad protocol applied for 'protochain'");
1572 /*NOTREACHED*/
1573 }
1574
1575 no_optimize = 1; /*this code is not compatible with optimzer yet */
1576
1577 /*
1578 * s[0] is a dummy entry to protect other BPF insn from damaged
1579 * by s[fix] = foo with uninitialized variable "fix". It is somewhat
1580 * hard to find interdependency made by jump table fixup.
1581 */
1582 i = 0;
1583 s[i] = new_stmt(0); /*dummy*/
1584 i++;
1585
1586 switch (proto) {
1587 case Q_IP:
1588 b0 = gen_linktype(ETHERTYPE_IP);
1589
1590 /* A = ip->ip_p */
1591 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1592 s[i]->s.k = off_nl + 9;
1593 i++;
1594 /* X = ip->ip_hl << 2 */
1595 s[i] = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1596 s[i]->s.k = off_nl;
1597 i++;
1598 break;
1599 #ifdef INET6
1600 case Q_IPV6:
1601 b0 = gen_linktype(ETHERTYPE_IPV6);
1602
1603 /* A = ip6->ip_nxt */
1604 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1605 s[i]->s.k = off_nl + 6;
1606 i++;
1607 /* X = sizeof(struct ip6_hdr) */
1608 s[i] = new_stmt(BPF_LDX|BPF_IMM);
1609 s[i]->s.k = 40;
1610 i++;
1611 break;
1612 #endif
1613 default:
1614 bpf_error("unsupported proto to gen_protochain");
1615 /*NOTREACHED*/
1616 }
1617
1618 /* again: if (A == v) goto end; else fall through; */
1619 again = i;
1620 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1621 s[i]->s.k = v;
1622 s[i]->s.jt = NULL; /*later*/
1623 s[i]->s.jf = NULL; /*update in next stmt*/
1624 fix5 = i;
1625 i++;
1626
1627 #ifndef IPPROTO_NONE
1628 #define IPPROTO_NONE 59
1629 #endif
1630 /* if (A == IPPROTO_NONE) goto end */
1631 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1632 s[i]->s.jt = NULL; /*later*/
1633 s[i]->s.jf = NULL; /*update in next stmt*/
1634 s[i]->s.k = IPPROTO_NONE;
1635 s[fix5]->s.jf = s[i];
1636 fix2 = i;
1637 i++;
1638
1639 #ifdef INET6
1640 if (proto == Q_IPV6) {
1641 int v6start, v6end, v6advance, j;
1642
1643 v6start = i;
1644 /* if (A == IPPROTO_HOPOPTS) goto v6advance */
1645 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1646 s[i]->s.jt = NULL; /*later*/
1647 s[i]->s.jf = NULL; /*update in next stmt*/
1648 s[i]->s.k = IPPROTO_HOPOPTS;
1649 s[fix2]->s.jf = s[i];
1650 i++;
1651 /* if (A == IPPROTO_DSTOPTS) goto v6advance */
1652 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1653 s[i]->s.jt = NULL; /*later*/
1654 s[i]->s.jf = NULL; /*update in next stmt*/
1655 s[i]->s.k = IPPROTO_DSTOPTS;
1656 i++;
1657 /* if (A == IPPROTO_ROUTING) goto v6advance */
1658 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1659 s[i]->s.jt = NULL; /*later*/
1660 s[i]->s.jf = NULL; /*update in next stmt*/
1661 s[i]->s.k = IPPROTO_ROUTING;
1662 i++;
1663 /* if (A == IPPROTO_FRAGMENT) goto v6advance; else goto ahcheck; */
1664 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1665 s[i]->s.jt = NULL; /*later*/
1666 s[i]->s.jf = NULL; /*later*/
1667 s[i]->s.k = IPPROTO_FRAGMENT;
1668 fix3 = i;
1669 v6end = i;
1670 i++;
1671
1672 /* v6advance: */
1673 v6advance = i;
1674
1675 /*
1676 * in short,
1677 * A = P[X + 1];
1678 * X = X + (P[X] + 1) * 8;
1679 */
1680 /* A = X */
1681 s[i] = new_stmt(BPF_MISC|BPF_TXA);
1682 i++;
1683 /* MEM[reg1] = A */
1684 s[i] = new_stmt(BPF_ST);
1685 s[i]->s.k = reg1;
1686 i++;
1687 /* A += 1 */
1688 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1689 s[i]->s.k = 1;
1690 i++;
1691 /* X = A */
1692 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1693 i++;
1694 /* A = P[X + packet head]; */
1695 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1696 s[i]->s.k = off_nl;
1697 i++;
1698 /* MEM[reg2] = A */
1699 s[i] = new_stmt(BPF_ST);
1700 s[i]->s.k = reg2;
1701 i++;
1702 /* X = MEM[reg1] */
1703 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1704 s[i]->s.k = reg1;
1705 i++;
1706 /* A = P[X + packet head] */
1707 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1708 s[i]->s.k = off_nl;
1709 i++;
1710 /* A += 1 */
1711 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1712 s[i]->s.k = 1;
1713 i++;
1714 /* A *= 8 */
1715 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1716 s[i]->s.k = 8;
1717 i++;
1718 /* X = A; */
1719 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1720 i++;
1721 /* A = MEM[reg2] */
1722 s[i] = new_stmt(BPF_LD|BPF_MEM);
1723 s[i]->s.k = reg2;
1724 i++;
1725
1726 /* goto again; (must use BPF_JA for backward jump) */
1727 s[i] = new_stmt(BPF_JMP|BPF_JA);
1728 s[i]->s.k = again - i - 1;
1729 s[i - 1]->s.jf = s[i];
1730 i++;
1731
1732 /* fixup */
1733 for (j = v6start; j <= v6end; j++)
1734 s[j]->s.jt = s[v6advance];
1735 } else
1736 #endif
1737 {
1738 /* nop */
1739 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1740 s[i]->s.k = 0;
1741 s[fix2]->s.jf = s[i];
1742 i++;
1743 }
1744
1745 /* ahcheck: */
1746 ahcheck = i;
1747 /* if (A == IPPROTO_AH) then fall through; else goto end; */
1748 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1749 s[i]->s.jt = NULL; /*later*/
1750 s[i]->s.jf = NULL; /*later*/
1751 s[i]->s.k = IPPROTO_AH;
1752 if (fix3)
1753 s[fix3]->s.jf = s[ahcheck];
1754 fix4 = i;
1755 i++;
1756
1757 /*
1758 * in short,
1759 * A = P[X + 1];
1760 * X = X + (P[X] + 2) * 4;
1761 */
1762 /* A = X */
1763 s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC|BPF_TXA);
1764 i++;
1765 /* MEM[reg1] = A */
1766 s[i] = new_stmt(BPF_ST);
1767 s[i]->s.k = reg1;
1768 i++;
1769 /* A += 1 */
1770 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1771 s[i]->s.k = 1;
1772 i++;
1773 /* X = A */
1774 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1775 i++;
1776 /* A = P[X + packet head]; */
1777 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1778 s[i]->s.k = off_nl;
1779 i++;
1780 /* MEM[reg2] = A */
1781 s[i] = new_stmt(BPF_ST);
1782 s[i]->s.k = reg2;
1783 i++;
1784 /* X = MEM[reg1] */
1785 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1786 s[i]->s.k = reg1;
1787 i++;
1788 /* A = P[X + packet head] */
1789 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1790 s[i]->s.k = off_nl;
1791 i++;
1792 /* A += 2 */
1793 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1794 s[i]->s.k = 2;
1795 i++;
1796 /* A *= 4 */
1797 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1798 s[i]->s.k = 4;
1799 i++;
1800 /* X = A; */
1801 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1802 i++;
1803 /* A = MEM[reg2] */
1804 s[i] = new_stmt(BPF_LD|BPF_MEM);
1805 s[i]->s.k = reg2;
1806 i++;
1807
1808 /* goto again; (must use BPF_JA for backward jump) */
1809 s[i] = new_stmt(BPF_JMP|BPF_JA);
1810 s[i]->s.k = again - i - 1;
1811 i++;
1812
1813 /* end: nop */
1814 end = i;
1815 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1816 s[i]->s.k = 0;
1817 s[fix2]->s.jt = s[end];
1818 s[fix4]->s.jf = s[end];
1819 s[fix5]->s.jt = s[end];
1820 i++;
1821
1822 /*
1823 * make slist chain
1824 */
1825 max = i;
1826 for (i = 0; i < max - 1; i++)
1827 s[i]->next = s[i + 1];
1828 s[max - 1]->next = NULL;
1829
1830 /*
1831 * emit final check
1832 */
1833 b = new_block(JMP(BPF_JEQ));
1834 b->stmts = s[1]; /*remember, s[0] is dummy*/
1835 b->s.k = v;
1836
1837 free_reg(reg1);
1838 free_reg(reg2);
1839
1840 gen_and(b0, b);
1841 return b;
1842 #endif
1843 }
1844
1845 static struct block *
1846 gen_proto(v, proto, dir)
1847 int v;
1848 int proto;
1849 int dir;
1850 {
1851 struct block *b0, *b1;
1852
1853 if (dir != Q_DEFAULT)
1854 bpf_error("direction applied to 'proto'");
1855
1856 switch (proto) {
1857 case Q_DEFAULT:
1858 #ifdef INET6
1859 b0 = gen_proto(v, Q_IP, dir);
1860 b1 = gen_proto(v, Q_IPV6, dir);
1861 gen_or(b0, b1);
1862 return b1;
1863 #else
1864 /*FALLTHROUGH*/
1865 #endif
1866 case Q_IP:
1867 b0 = gen_linktype(ETHERTYPE_IP);
1868 #ifndef CHASE_CHAIN
1869 b1 = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)v);
1870 #else
1871 b1 = gen_protochain(v, Q_IP);
1872 #endif
1873 gen_and(b0, b1);
1874 return b1;
1875
1876 case Q_ARP:
1877 bpf_error("arp does not encapsulate another protocol");
1878 /* NOTREACHED */
1879
1880 case Q_RARP:
1881 bpf_error("rarp does not encapsulate another protocol");
1882 /* NOTREACHED */
1883
1884 case Q_ATALK:
1885 bpf_error("atalk encapsulation is not specifiable");
1886 /* NOTREACHED */
1887
1888 case Q_DECNET:
1889 bpf_error("decnet encapsulation is not specifiable");
1890 /* NOTREACHED */
1891
1892 case Q_SCA:
1893 bpf_error("sca does not encapsulate another protocol");
1894 /* NOTREACHED */
1895
1896 case Q_LAT:
1897 bpf_error("lat does not encapsulate another protocol");
1898 /* NOTREACHED */
1899
1900 case Q_MOPRC:
1901 bpf_error("moprc does not encapsulate another protocol");
1902 /* NOTREACHED */
1903
1904 case Q_MOPDL:
1905 bpf_error("mopdl does not encapsulate another protocol");
1906 /* NOTREACHED */
1907
1908 case Q_LINK:
1909 return gen_linktype(v);
1910
1911 case Q_UDP:
1912 bpf_error("'udp proto' is bogus");
1913 /* NOTREACHED */
1914
1915 case Q_TCP:
1916 bpf_error("'tcp proto' is bogus");
1917 /* NOTREACHED */
1918
1919 case Q_ICMP:
1920 bpf_error("'icmp proto' is bogus");
1921 /* NOTREACHED */
1922
1923 case Q_IGMP:
1924 bpf_error("'igmp proto' is bogus");
1925 /* NOTREACHED */
1926
1927 case Q_IGRP:
1928 bpf_error("'igrp proto' is bogus");
1929 /* NOTREACHED */
1930
1931 case Q_PIM:
1932 bpf_error("'pim proto' is bogus");
1933 /* NOTREACHED */
1934
1935 #ifdef INET6
1936 case Q_IPV6:
1937 b0 = gen_linktype(ETHERTYPE_IPV6);
1938 #ifndef CHASE_CHAIN
1939 b1 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)v);
1940 #else
1941 b1 = gen_protochain(v, Q_IPV6);
1942 #endif
1943 gen_and(b0, b1);
1944 return b1;
1945
1946 case Q_ICMPV6:
1947 bpf_error("'icmp6 proto' is bogus");
1948 #endif /* INET6 */
1949
1950 case Q_AH:
1951 bpf_error("'ah proto' is bogus");
1952
1953 case Q_ESP:
1954 bpf_error("'ah proto' is bogus");
1955
1956 default:
1957 abort();
1958 /* NOTREACHED */
1959 }
1960 /* NOTREACHED */
1961 }
1962
1963 struct block *
1964 gen_scode(name, q)
1965 register const char *name;
1966 struct qual q;
1967 {
1968 int proto = q.proto;
1969 int dir = q.dir;
1970 int tproto;
1971 u_char *eaddr;
1972 bpf_u_int32 mask, addr;
1973 #ifndef INET6
1974 bpf_u_int32 **alist;
1975 #else
1976 int tproto6;
1977 struct sockaddr_in *sin;
1978 struct sockaddr_in6 *sin6;
1979 struct addrinfo *res, *res0;
1980 struct in6_addr mask128;
1981 #endif /*INET6*/
1982 struct block *b, *tmp;
1983 int port, real_proto;
1984
1985 switch (q.addr) {
1986
1987 case Q_NET:
1988 addr = pcap_nametonetaddr(name);
1989 if (addr == 0)
1990 bpf_error("unknown network '%s'", name);
1991 /* Left justify network addr and calculate its network mask */
1992 mask = 0xffffffff;
1993 while (addr && (addr & 0xff000000) == 0) {
1994 addr <<= 8;
1995 mask <<= 8;
1996 }
1997 return gen_host(addr, mask, proto, dir);
1998
1999 case Q_DEFAULT:
2000 case Q_HOST:
2001 if (proto == Q_LINK) {
2002 switch (linktype) {
2003
2004 case DLT_EN10MB:
2005 eaddr = pcap_ether_hostton(name);
2006 if (eaddr == NULL)
2007 bpf_error(
2008 "unknown ether host '%s'", name);
2009 return gen_ehostop(eaddr, dir);
2010
2011 case DLT_FDDI:
2012 eaddr = pcap_ether_hostton(name);
2013 if (eaddr == NULL)
2014 bpf_error(
2015 "unknown FDDI host '%s'", name);
2016 return gen_fhostop(eaddr, dir);
2017
2018 default:
2019 bpf_error(
2020 "only ethernet/FDDI supports link-level host name");
2021 break;
2022 }
2023 } else if (proto == Q_DECNET) {
2024 unsigned short dn_addr = __pcap_nametodnaddr(name);
2025 /*
2026 * I don't think DECNET hosts can be multihomed, so
2027 * there is no need to build up a list of addresses
2028 */
2029 return (gen_host(dn_addr, 0, proto, dir));
2030 } else {
2031 #ifndef INET6
2032 alist = pcap_nametoaddr(name);
2033 if (alist == NULL || *alist == NULL)
2034 bpf_error("unknown host '%s'", name);
2035 tproto = proto;
2036 if (off_linktype == -1 && tproto == Q_DEFAULT)
2037 tproto = Q_IP;
2038 b = gen_host(**alist++, 0xffffffff, tproto, dir);
2039 while (*alist) {
2040 tmp = gen_host(**alist++, 0xffffffff,
2041 tproto, dir);
2042 gen_or(b, tmp);
2043 b = tmp;
2044 }
2045 return b;
2046 #else
2047 memset(&mask128, 0xff, sizeof(mask128));
2048 res0 = res = pcap_nametoaddrinfo(name);
2049 if (res == NULL)
2050 bpf_error("unknown host '%s'", name);
2051 b = tmp = NULL;
2052 tproto = tproto6 = proto;
2053 if (off_linktype == -1 && tproto == Q_DEFAULT) {
2054 tproto = Q_IP;
2055 tproto6 = Q_IPV6;
2056 }
2057 for (res = res0; res; res = res->ai_next) {
2058 switch (res->ai_family) {
2059 case AF_INET:
2060 if (tproto == Q_IPV6)
2061 continue;
2062
2063 sin = (struct sockaddr_in *)
2064 res->ai_addr;
2065 tmp = gen_host(ntohl(sin->sin_addr.s_addr),
2066 0xffffffff, tproto, dir);
2067 break;
2068 case AF_INET6:
2069 if (tproto6 == Q_IP)
2070 continue;
2071
2072 sin6 = (struct sockaddr_in6 *)
2073 res->ai_addr;
2074 tmp = gen_host6(&sin6->sin6_addr,
2075 &mask128, tproto6, dir);
2076 break;
2077 }
2078 if (b)
2079 gen_or(b, tmp);
2080 b = tmp;
2081 }
2082 freeaddrinfo(res0);
2083 if (b == NULL) {
2084 bpf_error("unknown host '%s'%s", name,
2085 (proto == Q_DEFAULT)
2086 ? ""
2087 : " for specified address family");
2088 }
2089 return b;
2090 #endif /*INET6*/
2091 }
2092
2093 case Q_PORT:
2094 if (proto != Q_DEFAULT && proto != Q_UDP && proto != Q_TCP)
2095 bpf_error("illegal qualifier of 'port'");
2096 if (pcap_nametoport(name, &port, &real_proto) == 0)
2097 bpf_error("unknown port '%s'", name);
2098 if (proto == Q_UDP) {
2099 if (real_proto == IPPROTO_TCP)
2100 bpf_error("port '%s' is tcp", name);
2101 else
2102 /* override PROTO_UNDEF */
2103 real_proto = IPPROTO_UDP;
2104 }
2105 if (proto == Q_TCP) {
2106 if (real_proto == IPPROTO_UDP)
2107 bpf_error("port '%s' is udp", name);
2108 else
2109 /* override PROTO_UNDEF */
2110 real_proto = IPPROTO_TCP;
2111 }
2112 #ifndef INET6
2113 return gen_port(port, real_proto, dir);
2114 #else
2115 {
2116 struct block *b;
2117 b = gen_port(port, real_proto, dir);
2118 gen_or(gen_port6(port, real_proto, dir), b);
2119 return b;
2120 }
2121 #endif /* INET6 */
2122
2123 case Q_GATEWAY:
2124 #ifndef INET6
2125 eaddr = pcap_ether_hostton(name);
2126 if (eaddr == NULL)
2127 bpf_error("unknown ether host: %s", name);
2128
2129 alist = pcap_nametoaddr(name);
2130 if (alist == NULL || *alist == NULL)
2131 bpf_error("unknown host '%s'", name);
2132 return gen_gateway(eaddr, alist, proto, dir);
2133 #else
2134 bpf_error("'gateway' not supported in this configuration");
2135 #endif /*INET6*/
2136
2137 case Q_PROTO:
2138 real_proto = lookup_proto(name, proto);
2139 if (real_proto >= 0)
2140 return gen_proto(real_proto, proto, dir);
2141 else
2142 bpf_error("unknown protocol: %s", name);
2143
2144 case Q_PROTOCHAIN:
2145 real_proto = lookup_proto(name, proto);
2146 if (real_proto >= 0)
2147 return gen_protochain(real_proto, proto, dir);
2148 else
2149 bpf_error("unknown protocol: %s", name);
2150
2151
2152 case Q_UNDEF:
2153 syntax();
2154 /* NOTREACHED */
2155 }
2156 abort();
2157 /* NOTREACHED */
2158 }
2159
2160 struct block *
2161 gen_mcode(s1, s2, masklen, q)
2162 register const char *s1, *s2;
2163 register int masklen;
2164 struct qual q;
2165 {
2166 register int nlen, mlen;
2167 bpf_u_int32 n, m;
2168
2169 nlen = __pcap_atoin(s1, &n);
2170 /* Promote short ipaddr */
2171 n <<= 32 - nlen;
2172
2173 if (s2 != NULL) {
2174 mlen = __pcap_atoin(s2, &m);
2175 /* Promote short ipaddr */
2176 m <<= 32 - mlen;
2177 if ((n & ~m) != 0)
2178 bpf_error("non-network bits set in \"%s mask %s\"",
2179 s1, s2);
2180 } else {
2181 /* Convert mask len to mask */
2182 if (masklen > 32)
2183 bpf_error("mask length must be <= 32");
2184 m = 0xffffffff << (32 - masklen);
2185 if ((n & ~m) != 0)
2186 bpf_error("non-network bits set in \"%s/%d\"",
2187 s1, masklen);
2188 }
2189
2190 switch (q.addr) {
2191
2192 case Q_NET:
2193 return gen_host(n, m, q.proto, q.dir);
2194
2195 default:
2196 bpf_error("Mask syntax for networks only");
2197 /* NOTREACHED */
2198 }
2199 }
2200
2201 struct block *
2202 gen_ncode(s, v, q)
2203 register const char *s;
2204 bpf_u_int32 v;
2205 struct qual q;
2206 {
2207 bpf_u_int32 mask;
2208 int proto = q.proto;
2209 int dir = q.dir;
2210 register int vlen;
2211
2212 if (s == NULL)
2213 vlen = 32;
2214 else if (q.proto == Q_DECNET)
2215 vlen = __pcap_atodn(s, &v);
2216 else
2217 vlen = __pcap_atoin(s, &v);
2218
2219 switch (q.addr) {
2220
2221 case Q_DEFAULT:
2222 case Q_HOST:
2223 case Q_NET:
2224 if (proto == Q_DECNET)
2225 return gen_host(v, 0, proto, dir);
2226 else if (proto == Q_LINK) {
2227 bpf_error("illegal link layer address");
2228 } else {
2229 mask = 0xffffffff;
2230 if (s == NULL && q.addr == Q_NET) {
2231 /* Promote short net number */
2232 while (v && (v & 0xff000000) == 0) {
2233 v <<= 8;
2234 mask <<= 8;
2235 }
2236 } else {
2237 /* Promote short ipaddr */
2238 v <<= 32 - vlen;
2239 mask <<= 32 - vlen;
2240 }
2241 return gen_host(v, mask, proto, dir);
2242 }
2243
2244 case Q_PORT:
2245 if (proto == Q_UDP)
2246 proto = IPPROTO_UDP;
2247 else if (proto == Q_TCP)
2248 proto = IPPROTO_TCP;
2249 else if (proto == Q_DEFAULT)
2250 proto = PROTO_UNDEF;
2251 else
2252 bpf_error("illegal qualifier of 'port'");
2253
2254 #ifndef INET6
2255 return gen_port((int)v, proto, dir);
2256 #else
2257 {
2258 struct block *b;
2259 b = gen_port((int)v, proto, dir);
2260 gen_or(gen_port6((int)v, proto, dir), b);
2261 return b;
2262 }
2263 #endif /* INET6 */
2264
2265 case Q_GATEWAY:
2266 bpf_error("'gateway' requires a name");
2267 /* NOTREACHED */
2268
2269 case Q_PROTO:
2270 return gen_proto((int)v, proto, dir);
2271
2272 case Q_PROTOCHAIN:
2273 return gen_protochain((int)v, proto, dir);
2274
2275 case Q_UNDEF:
2276 syntax();
2277 /* NOTREACHED */
2278
2279 default:
2280 abort();
2281 /* NOTREACHED */
2282 }
2283 /* NOTREACHED */
2284 }
2285
2286 #ifdef INET6
2287 struct block *
2288 gen_mcode6(s1, s2, masklen, q)
2289 register const char *s1, *s2;
2290 register int masklen;
2291 struct qual q;
2292 {
2293 struct addrinfo *res;
2294 struct in6_addr *addr;
2295 struct in6_addr mask;
2296 struct block *b;
2297 u_int32_t *a, *m;
2298
2299 if (s2)
2300 bpf_error("no mask %s supported", s2);
2301
2302 res = pcap_nametoaddrinfo(s1);
2303 if (!res)
2304 bpf_error("invalid ip6 address %s", s1);
2305 if (res->ai_next)
2306 bpf_error("%s resolved to multiple address", s1);
2307 addr = &((struct sockaddr_in6 *)res->ai_addr)->sin6_addr;
2308
2309 if (sizeof(mask) * 8 < masklen)
2310 bpf_error("mask length must be <= %u", (unsigned int)(sizeof(mask) * 8));
2311 memset(&mask, 0xff, masklen / 8);
2312 if (masklen % 8) {
2313 mask.s6_addr[masklen / 8] =
2314 (0xff << (8 - masklen % 8)) & 0xff;
2315 }
2316
2317 a = (u_int32_t *)addr;
2318 m = (u_int32_t *)&mask;
2319 if ((a[0] & ~m[0]) || (a[1] & ~m[1])
2320 || (a[2] & ~m[2]) || (a[3] & ~m[3])) {
2321 bpf_error("non-network bits set in \"%s/%d\"", s1, masklen);
2322 }
2323
2324 switch (q.addr) {
2325
2326 case Q_DEFAULT:
2327 case Q_HOST:
2328 if (masklen != 128)
2329 bpf_error("Mask syntax for networks only");
2330 /* FALLTHROUGH */
2331
2332 case Q_NET:
2333 b = gen_host6(addr, &mask, q.proto, q.dir);
2334 freeaddrinfo(res);
2335 return b;
2336
2337 default:
2338 bpf_error("invalid qualifier against IPv6 address");
2339 /* NOTREACHED */
2340 }
2341 }
2342 #endif /*INET6*/
2343
2344 struct block *
2345 gen_ecode(eaddr, q)
2346 register const u_char *eaddr;
2347 struct qual q;
2348 {
2349 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) {
2350 if (linktype == DLT_EN10MB)
2351 return gen_ehostop(eaddr, (int)q.dir);
2352 if (linktype == DLT_FDDI)
2353 return gen_fhostop(eaddr, (int)q.dir);
2354 }
2355 bpf_error("ethernet address used in non-ether expression");
2356 /* NOTREACHED */
2357 }
2358
2359 void
2360 sappend(s0, s1)
2361 struct slist *s0, *s1;
2362 {
2363 /*
2364 * This is definitely not the best way to do this, but the
2365 * lists will rarely get long.
2366 */
2367 while (s0->next)
2368 s0 = s0->next;
2369 s0->next = s1;
2370 }
2371
2372 static struct slist *
2373 xfer_to_x(a)
2374 struct arth *a;
2375 {
2376 struct slist *s;
2377
2378 s = new_stmt(BPF_LDX|BPF_MEM);
2379 s->s.k = a->regno;
2380 return s;
2381 }
2382
2383 static struct slist *
2384 xfer_to_a(a)
2385 struct arth *a;
2386 {
2387 struct slist *s;
2388
2389 s = new_stmt(BPF_LD|BPF_MEM);
2390 s->s.k = a->regno;
2391 return s;
2392 }
2393
2394 struct arth *
2395 gen_load(proto, index, size)
2396 int proto;
2397 struct arth *index;
2398 int size;
2399 {
2400 struct slist *s, *tmp;
2401 struct block *b;
2402 int regno = alloc_reg();
2403
2404 free_reg(index->regno);
2405 switch (size) {
2406
2407 default:
2408 bpf_error("data size must be 1, 2, or 4");
2409
2410 case 1:
2411 size = BPF_B;
2412 break;
2413
2414 case 2:
2415 size = BPF_H;
2416 break;
2417
2418 case 4:
2419 size = BPF_W;
2420 break;
2421 }
2422 switch (proto) {
2423 default:
2424 bpf_error("unsupported index operation");
2425
2426 case Q_LINK:
2427 s = xfer_to_x(index);
2428 tmp = new_stmt(BPF_LD|BPF_IND|size);
2429 sappend(s, tmp);
2430 sappend(index->s, s);
2431 break;
2432
2433 case Q_IP:
2434 case Q_ARP:
2435 case Q_RARP:
2436 case Q_ATALK:
2437 case Q_DECNET:
2438 case Q_SCA:
2439 case Q_LAT:
2440 case Q_MOPRC:
2441 case Q_MOPDL:
2442 #ifdef INET6
2443 case Q_IPV6:
2444 #endif
2445 /* XXX Note that we assume a fixed link header here. */
2446 s = xfer_to_x(index);
2447 tmp = new_stmt(BPF_LD|BPF_IND|size);
2448 tmp->s.k = off_nl;
2449 sappend(s, tmp);
2450 sappend(index->s, s);
2451
2452 b = gen_proto_abbrev(proto);
2453 if (index->b)
2454 gen_and(index->b, b);
2455 index->b = b;
2456 break;
2457
2458 case Q_TCP:
2459 case Q_UDP:
2460 case Q_ICMP:
2461 case Q_IGMP:
2462 case Q_IGRP:
2463 case Q_PIM:
2464 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
2465 s->s.k = off_nl;
2466 sappend(s, xfer_to_a(index));
2467 sappend(s, new_stmt(BPF_ALU|BPF_ADD|BPF_X));
2468 sappend(s, new_stmt(BPF_MISC|BPF_TAX));
2469 sappend(s, tmp = new_stmt(BPF_LD|BPF_IND|size));
2470 tmp->s.k = off_nl;
2471 sappend(index->s, s);
2472
2473 gen_and(gen_proto_abbrev(proto), b = gen_ipfrag());
2474 if (index->b)
2475 gen_and(index->b, b);
2476 #ifdef INET6
2477 gen_and(gen_proto_abbrev(Q_IP), b);
2478 #endif
2479 index->b = b;
2480 break;
2481 #ifdef INET6
2482 case Q_ICMPV6:
2483 bpf_error("IPv6 upper-layer protocol is not supported by proto[x]");
2484 /*NOTREACHED*/
2485 #endif
2486 }
2487 index->regno = regno;
2488 s = new_stmt(BPF_ST);
2489 s->s.k = regno;
2490 sappend(index->s, s);
2491
2492 return index;
2493 }
2494
2495 struct block *
2496 gen_relation(code, a0, a1, reversed)
2497 int code;
2498 struct arth *a0, *a1;
2499 int reversed;
2500 {
2501 struct slist *s0, *s1, *s2;
2502 struct block *b, *tmp;
2503
2504 s0 = xfer_to_x(a1);
2505 s1 = xfer_to_a(a0);
2506 s2 = new_stmt(BPF_ALU|BPF_SUB|BPF_X);
2507 b = new_block(JMP(code));
2508 if (code == BPF_JGT || code == BPF_JGE) {
2509 reversed = !reversed;
2510 b->s.k = 0x80000000;
2511 }
2512 if (reversed)
2513 gen_not(b);
2514
2515 sappend(s1, s2);
2516 sappend(s0, s1);
2517 sappend(a1->s, s0);
2518 sappend(a0->s, a1->s);
2519
2520 b->stmts = a0->s;
2521
2522 free_reg(a0->regno);
2523 free_reg(a1->regno);
2524
2525 /* 'and' together protocol checks */
2526 if (a0->b) {
2527 if (a1->b) {
2528 gen_and(a0->b, tmp = a1->b);
2529 }
2530 else
2531 tmp = a0->b;
2532 } else
2533 tmp = a1->b;
2534
2535 if (tmp)
2536 gen_and(tmp, b);
2537
2538 return b;
2539 }
2540
2541 struct arth *
2542 gen_loadlen()
2543 {
2544 int regno = alloc_reg();
2545 struct arth *a = (struct arth *)newchunk(sizeof(*a));
2546 struct slist *s;
2547
2548 s = new_stmt(BPF_LD|BPF_LEN);
2549 s->next = new_stmt(BPF_ST);
2550 s->next->s.k = regno;
2551 a->s = s;
2552 a->regno = regno;
2553
2554 return a;
2555 }
2556
2557 struct arth *
2558 gen_loadi(val)
2559 int val;
2560 {
2561 struct arth *a;
2562 struct slist *s;
2563 int reg;
2564
2565 a = (struct arth *)newchunk(sizeof(*a));
2566
2567 reg = alloc_reg();
2568
2569 s = new_stmt(BPF_LD|BPF_IMM);
2570 s->s.k = val;
2571 s->next = new_stmt(BPF_ST);
2572 s->next->s.k = reg;
2573 a->s = s;
2574 a->regno = reg;
2575
2576 return a;
2577 }
2578
2579 struct arth *
2580 gen_neg(a)
2581 struct arth *a;
2582 {
2583 struct slist *s;
2584
2585 s = xfer_to_a(a);
2586 sappend(a->s, s);
2587 s = new_stmt(BPF_ALU|BPF_NEG);
2588 s->s.k = 0;
2589 sappend(a->s, s);
2590 s = new_stmt(BPF_ST);
2591 s->s.k = a->regno;
2592 sappend(a->s, s);
2593
2594 return a;
2595 }
2596
2597 struct arth *
2598 gen_arth(code, a0, a1)
2599 int code;
2600 struct arth *a0, *a1;
2601 {
2602 struct slist *s0, *s1, *s2;
2603
2604 s0 = xfer_to_x(a1);
2605 s1 = xfer_to_a(a0);
2606 s2 = new_stmt(BPF_ALU|BPF_X|code);
2607
2608 sappend(s1, s2);
2609 sappend(s0, s1);
2610 sappend(a1->s, s0);
2611 sappend(a0->s, a1->s);
2612
2613 free_reg(a1->regno);
2614
2615 s0 = new_stmt(BPF_ST);
2616 a0->regno = s0->s.k = alloc_reg();
2617 sappend(a0->s, s0);
2618
2619 return a0;
2620 }
2621
2622 /*
2623 * Here we handle simple allocation of the scratch registers.
2624 * If too many registers are alloc'd, the allocator punts.
2625 */
2626 static int regused[BPF_MEMWORDS];
2627 static int curreg;
2628
2629 /*
2630 * Return the next free register.
2631 */
2632 static int
2633 alloc_reg()
2634 {
2635 int n = BPF_MEMWORDS;
2636
2637 while (--n >= 0) {
2638 if (regused[curreg])
2639 curreg = (curreg + 1) % BPF_MEMWORDS;
2640 else {
2641 regused[curreg] = 1;
2642 return curreg;
2643 }
2644 }
2645 bpf_error("too many registers needed to evaluate expression");
2646 /* NOTREACHED */
2647 }
2648
2649 /*
2650 * Return a register to the table so it can
2651 * be used later.
2652 */
2653 static void
2654 free_reg(n)
2655 int n;
2656 {
2657 regused[n] = 0;
2658 }
2659
2660 static struct block *
2661 gen_len(jmp, n)
2662 int jmp, n;
2663 {
2664 struct slist *s;
2665 struct block *b;
2666
2667 s = new_stmt(BPF_LD|BPF_LEN);
2668 b = new_block(JMP(jmp));
2669 b->stmts = s;
2670 b->s.k = n;
2671
2672 return b;
2673 }
2674
2675 struct block *
2676 gen_greater(n)
2677 int n;
2678 {
2679 return gen_len(BPF_JGE, n);
2680 }
2681
2682 struct block *
2683 gen_less(n)
2684 int n;
2685 {
2686 struct block *b;
2687
2688 b = gen_len(BPF_JGT, n);
2689 gen_not(b);
2690
2691 return b;
2692 }
2693
2694 struct block *
2695 gen_byteop(op, idx, val)
2696 int op, idx, val;
2697 {
2698 struct block *b;
2699 struct slist *s;
2700
2701 switch (op) {
2702 default:
2703 abort();
2704
2705 case '=':
2706 return gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2707
2708 case '<':
2709 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2710 b->s.code = JMP(BPF_JGE);
2711 gen_not(b);
2712 return b;
2713
2714 case '>':
2715 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2716 b->s.code = JMP(BPF_JGT);
2717 return b;
2718
2719 case '|':
2720 s = new_stmt(BPF_ALU|BPF_OR|BPF_K);
2721 break;
2722
2723 case '&':
2724 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
2725 break;
2726 }
2727 s->s.k = val;
2728 b = new_block(JMP(BPF_JEQ));
2729 b->stmts = s;
2730 gen_not(b);
2731
2732 return b;
2733 }
2734
2735 struct block *
2736 gen_broadcast(proto)
2737 int proto;
2738 {
2739 bpf_u_int32 hostmask;
2740 struct block *b0, *b1, *b2;
2741 static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2742
2743 switch (proto) {
2744
2745 case Q_DEFAULT:
2746 case Q_LINK:
2747 if (linktype == DLT_EN10MB)
2748 return gen_ehostop(ebroadcast, Q_DST);
2749 if (linktype == DLT_FDDI)
2750 return gen_fhostop(ebroadcast, Q_DST);
2751 bpf_error("not a broadcast link");
2752 break;
2753
2754 case Q_IP:
2755 b0 = gen_linktype(ETHERTYPE_IP);
2756 hostmask = ~netmask;
2757 b1 = gen_mcmp(off_nl + 16, BPF_W, (bpf_int32)0, hostmask);
2758 b2 = gen_mcmp(off_nl + 16, BPF_W,
2759 (bpf_int32)(~0 & hostmask), hostmask);
2760 gen_or(b1, b2);
2761 gen_and(b0, b2);
2762 return b2;
2763 }
2764 bpf_error("only ether/ip broadcast filters supported");
2765 }
2766
2767 struct block *
2768 gen_multicast(proto)
2769 int proto;
2770 {
2771 register struct block *b0, *b1;
2772 register struct slist *s;
2773
2774 switch (proto) {
2775
2776 case Q_DEFAULT:
2777 case Q_LINK:
2778 if (linktype == DLT_EN10MB) {
2779 /* ether[0] & 1 != 0 */
2780 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2781 s->s.k = 0;
2782 b0 = new_block(JMP(BPF_JSET));
2783 b0->s.k = 1;
2784 b0->stmts = s;
2785 return b0;
2786 }
2787
2788 if (linktype == DLT_FDDI) {
2789 /* XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX */
2790 /* fddi[1] & 1 != 0 */
2791 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2792 s->s.k = 1;
2793 b0 = new_block(JMP(BPF_JSET));
2794 b0->s.k = 1;
2795 b0->stmts = s;
2796 return b0;
2797 }
2798 /* Link not known to support multicasts */
2799 break;
2800
2801 case Q_IP:
2802 b0 = gen_linktype(ETHERTYPE_IP);
2803 b1 = gen_cmp(off_nl + 16, BPF_B, (bpf_int32)224);
2804 b1->s.code = JMP(BPF_JGE);
2805 gen_and(b0, b1);
2806 return b1;
2807
2808 #ifdef INET6
2809 case Q_IPV6:
2810 b0 = gen_linktype(ETHERTYPE_IPV6);
2811 b1 = gen_cmp(off_nl + 24, BPF_B, (bpf_int32)255);
2812 gen_and(b0, b1);
2813 return b1;
2814 #endif /* INET6 */
2815 }
2816 bpf_error("only IP multicast filters supported on ethernet/FDDI");
2817 }
2818
2819 /*
2820 * generate command for inbound/outbound. It's here so we can
2821 * make it link-type specific. 'dir' = 0 implies "inbound",
2822 * = 1 implies "outbound".
2823 */
2824 struct block *
2825 gen_inbound(dir)
2826 int dir;
2827 {
2828 register struct block *b0;
2829
2830 b0 = gen_relation(BPF_JEQ,
2831 gen_load(Q_LINK, gen_loadi(0), 1),
2832 gen_loadi(0),
2833 dir);
2834 return (b0);
2835 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism