]> The Tcpdump Group git mirrors - libpcap/blob - gencode.c
projects / libpcap / blob


92f83914ad48be737ad1a9adec4e1eb606e389d1
[libpcap] / gencode.c
1 /*#define CHASE_CHAIN*/
2 /*
3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998
4 * The Regents of the University of California. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that: (1) source code distributions
8 * retain the above copyright notice and this paragraph in its entirety, (2)
9 * distributions including binary code include the above copyright notice and
10 * this paragraph in its entirety in the documentation or other materials
11 * provided with the distribution, and (3) all advertising materials mentioning
12 * features or use of this software display the following acknowledgement:
13 * ``This product includes software developed by the University of California,
14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
15 * the University nor the names of its contributors may be used to endorse
16 * or promote products derived from this software without specific prior
17 * written permission.
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 */
22 #ifndef lint
23 static const char rcsid[] =
24 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.112 2000-07-01 03:32:50 assar Exp $ (LBL)";
25 #endif
26
27 #include <sys/types.h>
28 #include <sys/socket.h>
29 #include <sys/time.h>
30 #ifdef __NetBSD__
31 #include <sys/param.h>
32 #endif
33
34 struct mbuf;
35 struct rtentry;
36 #include <net/if.h>
37
38 #include <netinet/in.h>
39 #include <netinet/if_ether.h>
40
41 #include <stdlib.h>
42 #include <memory.h>
43 #include <setjmp.h>
44 #include <stdarg.h>
45
46 #include "pcap-int.h"
47
48 #include "ethertype.h"
49 #include "gencode.h"
50 #include "ppp.h"
51 #include <pcap-namedb.h>
52 #ifdef INET6
53 #include <netdb.h>
54 #include <sys/socket.h>
55 #endif /*INET6*/
56
57 #include "gnuc.h"
58 #ifdef HAVE_OS_PROTO_H
59 #include "os-proto.h"
60 #endif
61
62 #define JMP(c) ((c)|BPF_JMP|BPF_K)
63
64 /* Locals */
65 static jmp_buf top_ctx;
66 static pcap_t *bpf_pcap;
67
68 /* XXX */
69 #ifdef PCAP_FDDIPAD
70 int pcap_fddipad = PCAP_FDDIPAD;
71 #else
72 int pcap_fddipad;
73 #endif
74
75 /* VARARGS */
76 __dead void
77 bpf_error(const char *fmt, ...)
78 {
79 va_list ap;
80
81 va_start(ap, fmt);
82 if (bpf_pcap != NULL)
83 (void)vsnprintf(pcap_geterr(bpf_pcap), PCAP_ERRBUF_SIZE,
84 fmt, ap);
85 va_end(ap);
86 longjmp(top_ctx, 1);
87 /* NOTREACHED */
88 }
89
90 static void init_linktype(int);
91
92 static int alloc_reg(void);
93 static void free_reg(int);
94
95 static struct block *root;
96
97 /*
98 * We divy out chunks of memory rather than call malloc each time so
99 * we don't have to worry about leaking memory. It's probably
100 * not a big deal if all this memory was wasted but it this ever
101 * goes into a library that would probably not be a good idea.
102 */
103 #define NCHUNKS 16
104 #define CHUNK0SIZE 1024
105 struct chunk {
106 u_int n_left;
107 void *m;
108 };
109
110 static struct chunk chunks[NCHUNKS];
111 static int cur_chunk;
112
113 static void *newchunk(u_int);
114 static void freechunks(void);
115 static inline struct block *new_block(int);
116 static inline struct slist *new_stmt(int);
117 static struct block *gen_retblk(int);
118 static inline void syntax(void);
119
120 static void backpatch(struct block *, struct block *);
121 static void merge(struct block *, struct block *);
122 static struct block *gen_cmp(u_int, u_int, bpf_int32);
123 static struct block *gen_mcmp(u_int, u_int, bpf_int32, bpf_u_int32);
124 static struct block *gen_bcmp(u_int, u_int, const u_char *);
125 static struct block *gen_uncond(int);
126 static inline struct block *gen_true(void);
127 static inline struct block *gen_false(void);
128 static struct block *gen_linktype(int);
129 static struct block *gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int);
130 #ifdef INET6
131 static struct block *gen_hostop6(struct in6_addr *, struct in6_addr *, int, int, u_int, u_int);
132 #endif
133 static struct block *gen_ehostop(const u_char *, int);
134 static struct block *gen_fhostop(const u_char *, int);
135 static struct block *gen_dnhostop(bpf_u_int32, int, u_int);
136 static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int);
137 #ifdef INET6
138 static struct block *gen_host6(struct in6_addr *, struct in6_addr *, int, int);
139 #endif
140 #ifndef INET6
141 static struct block *gen_gateway(const u_char *, bpf_u_int32 **, int, int);
142 #endif
143 static struct block *gen_ipfrag(void);
144 static struct block *gen_portatom(int, bpf_int32);
145 #ifdef INET6
146 static struct block *gen_portatom6(int, bpf_int32);
147 #endif
148 struct block *gen_portop(int, int, int);
149 static struct block *gen_port(int, int, int);
150 #ifdef INET6
151 struct block *gen_portop6(int, int, int);
152 static struct block *gen_port6(int, int, int);
153 #endif
154 static int lookup_proto(const char *, int);
155 static struct block *gen_proto(int, int, int);
156 static struct slist *xfer_to_x(struct arth *);
157 static struct slist *xfer_to_a(struct arth *);
158 static struct block *gen_len(int, int);
159
160 static void *
161 newchunk(n)
162 u_int n;
163 {
164 struct chunk *cp;
165 int k, size;
166
167 #ifndef __NetBSD__
168 /* XXX Round up to nearest long. */
169 n = (n + sizeof(long) - 1) & ~(sizeof(long) - 1);
170 #else
171 /* XXX Round up to structure boundary. */
172 n = ALIGN(n);
173 #endif
174
175 cp = &chunks[cur_chunk];
176 if (n > cp->n_left) {
177 ++cp, k = ++cur_chunk;
178 if (k >= NCHUNKS)
179 bpf_error("out of memory");
180 size = CHUNK0SIZE << k;
181 cp->m = (void *)malloc(size);
182 memset((char *)cp->m, 0, size);
183 cp->n_left = size;
184 if (n > size)
185 bpf_error("out of memory");
186 }
187 cp->n_left -= n;
188 return (void *)((char *)cp->m + cp->n_left);
189 }
190
191 static void
192 freechunks()
193 {
194 int i;
195
196 cur_chunk = 0;
197 for (i = 0; i < NCHUNKS; ++i)
198 if (chunks[i].m != NULL) {
199 free(chunks[i].m);
200 chunks[i].m = NULL;
201 }
202 }
203
204 /*
205 * A strdup whose allocations are freed after code generation is over.
206 */
207 char *
208 sdup(s)
209 register const char *s;
210 {
211 int n = strlen(s) + 1;
212 char *cp = newchunk(n);
213
214 strlcpy(cp, s, n);
215 return (cp);
216 }
217
218 static inline struct block *
219 new_block(code)
220 int code;
221 {
222 struct block *p;
223
224 p = (struct block *)newchunk(sizeof(*p));
225 p->s.code = code;
226 p->head = p;
227
228 return p;
229 }
230
231 static inline struct slist *
232 new_stmt(code)
233 int code;
234 {
235 struct slist *p;
236
237 p = (struct slist *)newchunk(sizeof(*p));
238 p->s.code = code;
239
240 return p;
241 }
242
243 static struct block *
244 gen_retblk(v)
245 int v;
246 {
247 struct block *b = new_block(BPF_RET|BPF_K);
248
249 b->s.k = v;
250 return b;
251 }
252
253 static inline void
254 syntax()
255 {
256 bpf_error("syntax error in filter expression");
257 }
258
259 static bpf_u_int32 netmask;
260 static int snaplen;
261 int no_optimize;
262
263 int
264 pcap_compile(pcap_t *p, struct bpf_program *program,
265 char *buf, int optimize, bpf_u_int32 mask)
266 {
267 extern int n_errors;
268 int len;
269
270 no_optimize = 0;
271 n_errors = 0;
272 root = NULL;
273 bpf_pcap = p;
274 if (setjmp(top_ctx)) {
275 freechunks();
276 return (-1);
277 }
278
279 netmask = mask;
280 snaplen = pcap_snapshot(p);
281 if (snaplen == 0) {
282 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
283 "snaplen of 0 rejects all packets");
284 return -1;
285 }
286
287 lex_init(buf ? buf : "");
288 init_linktype(pcap_datalink(p));
289 (void)pcap_parse();
290
291 if (n_errors)
292 syntax();
293
294 if (root == NULL)
295 root = gen_retblk(snaplen);
296
297 if (optimize && !no_optimize) {
298 bpf_optimize(&root);
299 if (root == NULL ||
300 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
301 bpf_error("expression rejects all packets");
302 }
303 program->bf_insns = icode_to_fcode(root, &len);
304 program->bf_len = len;
305
306 freechunks();
307 return (0);
308 }
309
310 /*
311 * entry point for using the compiler with no pcap open
312 * pass in all the stuff that is needed explicitly instead.
313 */
314 int
315 pcap_compile_nopcap(int snaplen_arg, int linktype_arg,
316 struct bpf_program *program,
317 char *buf, int optimize, bpf_u_int32 mask)
318 {
319 extern int n_errors;
320 int len;
321
322 n_errors = 0;
323 root = NULL;
324 bpf_pcap = NULL;
325 if (setjmp(top_ctx)) {
326 freechunks();
327 return (-1);
328 }
329
330 netmask = mask;
331
332 /* XXX needed? I don't grok the use of globals here. */
333 snaplen = snaplen_arg;
334
335 lex_init(buf ? buf : "");
336 init_linktype(linktype_arg);
337 (void)pcap_parse();
338
339 if (n_errors)
340 syntax();
341
342 if (root == NULL)
343 root = gen_retblk(snaplen_arg);
344
345 if (optimize) {
346 bpf_optimize(&root);
347 if (root == NULL ||
348 (root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
349 bpf_error("expression rejects all packets");
350 }
351 program->bf_insns = icode_to_fcode(root, &len);
352 program->bf_len = len;
353
354 freechunks();
355 return (0);
356 }
357
358 /*
359 * Backpatch the blocks in 'list' to 'target'. The 'sense' field indicates
360 * which of the jt and jf fields has been resolved and which is a pointer
361 * back to another unresolved block (or nil). At least one of the fields
362 * in each block is already resolved.
363 */
364 static void
365 backpatch(list, target)
366 struct block *list, *target;
367 {
368 struct block *next;
369
370 while (list) {
371 if (!list->sense) {
372 next = JT(list);
373 JT(list) = target;
374 } else {
375 next = JF(list);
376 JF(list) = target;
377 }
378 list = next;
379 }
380 }
381
382 /*
383 * Merge the lists in b0 and b1, using the 'sense' field to indicate
384 * which of jt and jf is the link.
385 */
386 static void
387 merge(b0, b1)
388 struct block *b0, *b1;
389 {
390 register struct block **p = &b0;
391
392 /* Find end of list. */
393 while (*p)
394 p = !((*p)->sense) ? &JT(*p) : &JF(*p);
395
396 /* Concatenate the lists. */
397 *p = b1;
398 }
399
400 void
401 finish_parse(p)
402 struct block *p;
403 {
404 backpatch(p, gen_retblk(snaplen));
405 p->sense = !p->sense;
406 backpatch(p, gen_retblk(0));
407 root = p->head;
408 }
409
410 void
411 gen_and(b0, b1)
412 struct block *b0, *b1;
413 {
414 backpatch(b0, b1->head);
415 b0->sense = !b0->sense;
416 b1->sense = !b1->sense;
417 merge(b1, b0);
418 b1->sense = !b1->sense;
419 b1->head = b0->head;
420 }
421
422 void
423 gen_or(b0, b1)
424 struct block *b0, *b1;
425 {
426 b0->sense = !b0->sense;
427 backpatch(b0, b1->head);
428 b0->sense = !b0->sense;
429 merge(b1, b0);
430 b1->head = b0->head;
431 }
432
433 void
434 gen_not(b)
435 struct block *b;
436 {
437 b->sense = !b->sense;
438 }
439
440 static struct block *
441 gen_cmp(offset, size, v)
442 u_int offset, size;
443 bpf_int32 v;
444 {
445 struct slist *s;
446 struct block *b;
447
448 s = new_stmt(BPF_LD|BPF_ABS|size);
449 s->s.k = offset;
450
451 b = new_block(JMP(BPF_JEQ));
452 b->stmts = s;
453 b->s.k = v;
454
455 return b;
456 }
457
458 static struct block *
459 gen_mcmp(offset, size, v, mask)
460 u_int offset, size;
461 bpf_int32 v;
462 bpf_u_int32 mask;
463 {
464 struct block *b = gen_cmp(offset, size, v);
465 struct slist *s;
466
467 if (mask != 0xffffffff) {
468 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
469 s->s.k = mask;
470 b->stmts->next = s;
471 }
472 return b;
473 }
474
475 static struct block *
476 gen_bcmp(offset, size, v)
477 register u_int offset, size;
478 register const u_char *v;
479 {
480 register struct block *b, *tmp;
481
482 b = NULL;
483 while (size >= 4) {
484 register const u_char *p = &v[size - 4];
485 bpf_int32 w = ((bpf_int32)p[0] << 24) |
486 ((bpf_int32)p[1] << 16) | ((bpf_int32)p[2] << 8) | p[3];
487
488 tmp = gen_cmp(offset + size - 4, BPF_W, w);
489 if (b != NULL)
490 gen_and(b, tmp);
491 b = tmp;
492 size -= 4;
493 }
494 while (size >= 2) {
495 register const u_char *p = &v[size - 2];
496 bpf_int32 w = ((bpf_int32)p[0] << 8) | p[1];
497
498 tmp = gen_cmp(offset + size - 2, BPF_H, w);
499 if (b != NULL)
500 gen_and(b, tmp);
501 b = tmp;
502 size -= 2;
503 }
504 if (size > 0) {
505 tmp = gen_cmp(offset, BPF_B, (bpf_int32)v[0]);
506 if (b != NULL)
507 gen_and(b, tmp);
508 b = tmp;
509 }
510 return b;
511 }
512
513 /*
514 * Various code constructs need to know the layout of the data link
515 * layer. These variables give the necessary offsets. off_linktype
516 * is set to -1 for no encapsulation, in which case, IP is assumed.
517 */
518 static u_int off_linktype;
519 static u_int off_nl;
520 static int linktype;
521
522 static void
523 init_linktype(type)
524 int type;
525 {
526 linktype = type;
527
528 switch (type) {
529
530 case DLT_EN10MB:
531 off_linktype = 12;
532 off_nl = 14;
533 return;
534
535 case DLT_SLIP:
536 /*
537 * SLIP doesn't have a link level type. The 16 byte
538 * header is hacked into our SLIP driver.
539 */
540 off_linktype = -1;
541 off_nl = 16;
542 return;
543
544 case DLT_SLIP_BSDOS:
545 /* XXX this may be the same as the DLT_PPP_BSDOS case */
546 off_linktype = -1;
547 /* XXX end */
548 off_nl = 24;
549 return;
550
551 case DLT_NULL:
552 off_linktype = 0;
553 off_nl = 4;
554 return;
555
556 case DLT_PPP:
557 case DLT_CHDLC:
558 off_linktype = 2;
559 off_nl = 4;
560 return;
561
562 case DLT_PPP_BSDOS:
563 off_linktype = 5;
564 off_nl = 24;
565 return;
566
567 case DLT_FDDI:
568 /*
569 * FDDI doesn't really have a link-level type field.
570 * We assume that SSAP = SNAP is being used and pick
571 * out the encapsulated Ethernet type.
572 */
573 off_linktype = 19;
574 #ifdef PCAP_FDDIPAD
575 off_linktype += pcap_fddipad;
576 #endif
577 off_nl = 21;
578 #ifdef PCAP_FDDIPAD
579 off_nl += pcap_fddipad;
580 #endif
581 return;
582
583 case DLT_IEEE802:
584 off_linktype = 20;
585 off_nl = 22;
586 return;
587
588 case DLT_ATM_RFC1483:
589 /*
590 * assume routed, non-ISO PDUs
591 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00)
592 */
593 off_linktype = 6;
594 off_nl = 8;
595 return;
596
597 case DLT_RAW:
598 off_linktype = -1;
599 off_nl = 0;
600 return;
601 }
602 bpf_error("unknown data link type 0x%x", linktype);
603 /* NOTREACHED */
604 }
605
606 static struct block *
607 gen_uncond(rsense)
608 int rsense;
609 {
610 struct block *b;
611 struct slist *s;
612
613 s = new_stmt(BPF_LD|BPF_IMM);
614 s->s.k = !rsense;
615 b = new_block(JMP(BPF_JEQ));
616 b->stmts = s;
617
618 return b;
619 }
620
621 static inline struct block *
622 gen_true()
623 {
624 return gen_uncond(1);
625 }
626
627 static inline struct block *
628 gen_false()
629 {
630 return gen_uncond(0);
631 }
632
633 static struct block *
634 gen_linktype(proto)
635 register int proto;
636 {
637 struct block *b0, *b1;
638
639 /* If we're not using encapsulation, we're done */
640 if (off_linktype == -1)
641 return gen_true();
642
643 switch (linktype) {
644
645 case DLT_SLIP:
646 return gen_false();
647
648 case DLT_PPP:
649 if (proto == ETHERTYPE_IP)
650 proto = PPP_IP; /* XXX was 0x21 */
651 #ifdef INET6
652 else if (proto == ETHERTYPE_IPV6)
653 proto = PPP_IPV6;
654 #endif
655 break;
656
657 case DLT_PPP_BSDOS:
658 switch (proto) {
659
660 case ETHERTYPE_IP:
661 b0 = gen_cmp(off_linktype, BPF_H, PPP_IP);
662 b1 = gen_cmp(off_linktype, BPF_H, PPP_VJC);
663 gen_or(b0, b1);
664 b0 = gen_cmp(off_linktype, BPF_H, PPP_VJNC);
665 gen_or(b1, b0);
666 return b0;
667
668 #ifdef INET6
669 case ETHERTYPE_IPV6:
670 proto = PPP_IPV6;
671 /* more to go? */
672 break;
673 #endif
674
675 case ETHERTYPE_DN:
676 proto = PPP_DECNET;
677 break;
678
679 case ETHERTYPE_ATALK:
680 proto = PPP_APPLE;
681 break;
682
683 case ETHERTYPE_NS:
684 proto = PPP_NS;
685 break;
686 }
687 break;
688
689 case DLT_NULL:
690 /* XXX */
691 if (proto == ETHERTYPE_IP)
692 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET)));
693 #ifdef INET6
694 else if (proto == ETHERTYPE_IPV6)
695 return (gen_cmp(0, BPF_W, (bpf_int32)htonl(AF_INET6)));
696 #endif
697 else
698 return gen_false();
699 }
700 return gen_cmp(off_linktype, BPF_H, (bpf_int32)proto);
701 }
702
703 static struct block *
704 gen_hostop(addr, mask, dir, proto, src_off, dst_off)
705 bpf_u_int32 addr;
706 bpf_u_int32 mask;
707 int dir, proto;
708 u_int src_off, dst_off;
709 {
710 struct block *b0, *b1;
711 u_int offset;
712
713 switch (dir) {
714
715 case Q_SRC:
716 offset = src_off;
717 break;
718
719 case Q_DST:
720 offset = dst_off;
721 break;
722
723 case Q_AND:
724 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
725 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
726 gen_and(b0, b1);
727 return b1;
728
729 case Q_OR:
730 case Q_DEFAULT:
731 b0 = gen_hostop(addr, mask, Q_SRC, proto, src_off, dst_off);
732 b1 = gen_hostop(addr, mask, Q_DST, proto, src_off, dst_off);
733 gen_or(b0, b1);
734 return b1;
735
736 default:
737 abort();
738 }
739 b0 = gen_linktype(proto);
740 b1 = gen_mcmp(offset, BPF_W, (bpf_int32)addr, mask);
741 gen_and(b0, b1);
742 return b1;
743 }
744
745 #ifdef INET6
746 static struct block *
747 gen_hostop6(addr, mask, dir, proto, src_off, dst_off)
748 struct in6_addr *addr;
749 struct in6_addr *mask;
750 int dir, proto;
751 u_int src_off, dst_off;
752 {
753 struct block *b0, *b1;
754 u_int offset;
755 u_int32_t *a, *m;
756
757 switch (dir) {
758
759 case Q_SRC:
760 offset = src_off;
761 break;
762
763 case Q_DST:
764 offset = dst_off;
765 break;
766
767 case Q_AND:
768 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
769 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
770 gen_and(b0, b1);
771 return b1;
772
773 case Q_OR:
774 case Q_DEFAULT:
775 b0 = gen_hostop6(addr, mask, Q_SRC, proto, src_off, dst_off);
776 b1 = gen_hostop6(addr, mask, Q_DST, proto, src_off, dst_off);
777 gen_or(b0, b1);
778 return b1;
779
780 default:
781 abort();
782 }
783 /* this order is important */
784 a = (u_int32_t *)addr;
785 m = (u_int32_t *)mask;
786 b1 = gen_mcmp(offset + 12, BPF_W, ntohl(a[3]), ntohl(m[3]));
787 b0 = gen_mcmp(offset + 8, BPF_W, ntohl(a[2]), ntohl(m[2]));
788 gen_and(b0, b1);
789 b0 = gen_mcmp(offset + 4, BPF_W, ntohl(a[1]), ntohl(m[1]));
790 gen_and(b0, b1);
791 b0 = gen_mcmp(offset + 0, BPF_W, ntohl(a[0]), ntohl(m[0]));
792 gen_and(b0, b1);
793 b0 = gen_linktype(proto);
794 gen_and(b0, b1);
795 return b1;
796 }
797 #endif /*INET6*/
798
799 static struct block *
800 gen_ehostop(eaddr, dir)
801 register const u_char *eaddr;
802 register int dir;
803 {
804 register struct block *b0, *b1;
805
806 switch (dir) {
807 case Q_SRC:
808 return gen_bcmp(6, 6, eaddr);
809
810 case Q_DST:
811 return gen_bcmp(0, 6, eaddr);
812
813 case Q_AND:
814 b0 = gen_ehostop(eaddr, Q_SRC);
815 b1 = gen_ehostop(eaddr, Q_DST);
816 gen_and(b0, b1);
817 return b1;
818
819 case Q_DEFAULT:
820 case Q_OR:
821 b0 = gen_ehostop(eaddr, Q_SRC);
822 b1 = gen_ehostop(eaddr, Q_DST);
823 gen_or(b0, b1);
824 return b1;
825 }
826 abort();
827 /* NOTREACHED */
828 }
829
830 /*
831 * Like gen_ehostop, but for DLT_FDDI
832 */
833 static struct block *
834 gen_fhostop(eaddr, dir)
835 register const u_char *eaddr;
836 register int dir;
837 {
838 struct block *b0, *b1;
839
840 switch (dir) {
841 case Q_SRC:
842 #ifdef PCAP_FDDIPAD
843 return gen_bcmp(6 + 1 + pcap_fddipad, 6, eaddr);
844 #else
845 return gen_bcmp(6 + 1, 6, eaddr);
846 #endif
847
848 case Q_DST:
849 #ifdef PCAP_FDDIPAD
850 return gen_bcmp(0 + 1 + pcap_fddipad, 6, eaddr);
851 #else
852 return gen_bcmp(0 + 1, 6, eaddr);
853 #endif
854
855 case Q_AND:
856 b0 = gen_fhostop(eaddr, Q_SRC);
857 b1 = gen_fhostop(eaddr, Q_DST);
858 gen_and(b0, b1);
859 return b1;
860
861 case Q_DEFAULT:
862 case Q_OR:
863 b0 = gen_fhostop(eaddr, Q_SRC);
864 b1 = gen_fhostop(eaddr, Q_DST);
865 gen_or(b0, b1);
866 return b1;
867 }
868 abort();
869 /* NOTREACHED */
870 }
871
872 /*
873 * This is quite tricky because there may be pad bytes in front of the
874 * DECNET header, and then there are two possible data packet formats that
875 * carry both src and dst addresses, plus 5 packet types in a format that
876 * carries only the src node, plus 2 types that use a different format and
877 * also carry just the src node.
878 *
879 * Yuck.
880 *
881 * Instead of doing those all right, we just look for data packets with
882 * 0 or 1 bytes of padding. If you want to look at other packets, that
883 * will require a lot more hacking.
884 *
885 * To add support for filtering on DECNET "areas" (network numbers)
886 * one would want to add a "mask" argument to this routine. That would
887 * make the filter even more inefficient, although one could be clever
888 * and not generate masking instructions if the mask is 0xFFFF.
889 */
890 static struct block *
891 gen_dnhostop(addr, dir, base_off)
892 bpf_u_int32 addr;
893 int dir;
894 u_int base_off;
895 {
896 struct block *b0, *b1, *b2, *tmp;
897 u_int offset_lh; /* offset if long header is received */
898 u_int offset_sh; /* offset if short header is received */
899
900 switch (dir) {
901
902 case Q_DST:
903 offset_sh = 1; /* follows flags */
904 offset_lh = 7; /* flgs,darea,dsubarea,HIORD */
905 break;
906
907 case Q_SRC:
908 offset_sh = 3; /* follows flags, dstnode */
909 offset_lh = 15; /* flgs,darea,dsubarea,did,sarea,ssub,HIORD */
910 break;
911
912 case Q_AND:
913 /* Inefficient because we do our Calvinball dance twice */
914 b0 = gen_dnhostop(addr, Q_SRC, base_off);
915 b1 = gen_dnhostop(addr, Q_DST, base_off);
916 gen_and(b0, b1);
917 return b1;
918
919 case Q_OR:
920 case Q_DEFAULT:
921 /* Inefficient because we do our Calvinball dance twice */
922 b0 = gen_dnhostop(addr, Q_SRC, base_off);
923 b1 = gen_dnhostop(addr, Q_DST, base_off);
924 gen_or(b0, b1);
925 return b1;
926
927 default:
928 abort();
929 }
930 b0 = gen_linktype(ETHERTYPE_DN);
931 /* Check for pad = 1, long header case */
932 tmp = gen_mcmp(base_off + 2, BPF_H,
933 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF));
934 b1 = gen_cmp(base_off + 2 + 1 + offset_lh,
935 BPF_H, (bpf_int32)ntohs(addr));
936 gen_and(tmp, b1);
937 /* Check for pad = 0, long header case */
938 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x06, (bpf_int32)0x7);
939 b2 = gen_cmp(base_off + 2 + offset_lh, BPF_H, (bpf_int32)ntohs(addr));
940 gen_and(tmp, b2);
941 gen_or(b2, b1);
942 /* Check for pad = 1, short header case */
943 tmp = gen_mcmp(base_off + 2, BPF_H,
944 (bpf_int32)ntohs(0x0281), (bpf_int32)ntohs(0x07FF));
945 b2 = gen_cmp(base_off + 2 + 1 + offset_sh,
946 BPF_H, (bpf_int32)ntohs(addr));
947 gen_and(tmp, b2);
948 gen_or(b2, b1);
949 /* Check for pad = 0, short header case */
950 tmp = gen_mcmp(base_off + 2, BPF_B, (bpf_int32)0x02, (bpf_int32)0x7);
951 b2 = gen_cmp(base_off + 2 + offset_sh, BPF_H, (bpf_int32)ntohs(addr));
952 gen_and(tmp, b2);
953 gen_or(b2, b1);
954
955 /* Combine with test for linktype */
956 gen_and(b0, b1);
957 return b1;
958 }
959
960 static struct block *
961 gen_host(addr, mask, proto, dir)
962 bpf_u_int32 addr;
963 bpf_u_int32 mask;
964 int proto;
965 int dir;
966 {
967 struct block *b0, *b1;
968
969 switch (proto) {
970
971 case Q_DEFAULT:
972 b0 = gen_host(addr, mask, Q_IP, dir);
973 if (off_linktype != -1) {
974 b1 = gen_host(addr, mask, Q_ARP, dir);
975 gen_or(b0, b1);
976 b0 = gen_host(addr, mask, Q_RARP, dir);
977 gen_or(b1, b0);
978 }
979 return b0;
980
981 case Q_IP:
982 return gen_hostop(addr, mask, dir, ETHERTYPE_IP,
983 off_nl + 12, off_nl + 16);
984
985 case Q_RARP:
986 return gen_hostop(addr, mask, dir, ETHERTYPE_REVARP,
987 off_nl + 14, off_nl + 24);
988
989 case Q_ARP:
990 return gen_hostop(addr, mask, dir, ETHERTYPE_ARP,
991 off_nl + 14, off_nl + 24);
992
993 case Q_TCP:
994 bpf_error("'tcp' modifier applied to host");
995
996 case Q_UDP:
997 bpf_error("'udp' modifier applied to host");
998
999 case Q_ICMP:
1000 bpf_error("'icmp' modifier applied to host");
1001
1002 case Q_IGMP:
1003 bpf_error("'igmp' modifier applied to host");
1004
1005 case Q_IGRP:
1006 bpf_error("'igrp' modifier applied to host");
1007
1008 case Q_PIM:
1009 bpf_error("'pim' modifier applied to host");
1010
1011 case Q_ATALK:
1012 bpf_error("ATALK host filtering not implemented");
1013
1014 case Q_DECNET:
1015 return gen_dnhostop(addr, dir, off_nl);
1016
1017 case Q_SCA:
1018 bpf_error("SCA host filtering not implemented");
1019
1020 case Q_LAT:
1021 bpf_error("LAT host filtering not implemented");
1022
1023 case Q_MOPDL:
1024 bpf_error("MOPDL host filtering not implemented");
1025
1026 case Q_MOPRC:
1027 bpf_error("MOPRC host filtering not implemented");
1028
1029 #ifdef INET6
1030 case Q_IPV6:
1031 bpf_error("'ip6' modifier applied to ip host");
1032
1033 case Q_ICMPV6:
1034 bpf_error("'icmp6' modifier applied to host");
1035 #endif /* INET6 */
1036
1037 case Q_AH:
1038 bpf_error("'ah' modifier applied to host");
1039
1040 case Q_ESP:
1041 bpf_error("'esp' modifier applied to host");
1042
1043 default:
1044 abort();
1045 }
1046 /* NOTREACHED */
1047 }
1048
1049 #ifdef INET6
1050 static struct block *
1051 gen_host6(addr, mask, proto, dir)
1052 struct in6_addr *addr;
1053 struct in6_addr *mask;
1054 int proto;
1055 int dir;
1056 {
1057 switch (proto) {
1058
1059 case Q_DEFAULT:
1060 return gen_host6(addr, mask, Q_IPV6, dir);
1061
1062 case Q_IP:
1063 bpf_error("'ip' modifier applied to ip6 host");
1064
1065 case Q_RARP:
1066 bpf_error("'rarp' modifier applied to ip6 host");
1067
1068 case Q_ARP:
1069 bpf_error("'arp' modifier applied to ip6 host");
1070
1071 case Q_TCP:
1072 bpf_error("'tcp' modifier applied to host");
1073
1074 case Q_UDP:
1075 bpf_error("'udp' modifier applied to host");
1076
1077 case Q_ICMP:
1078 bpf_error("'icmp' modifier applied to host");
1079
1080 case Q_IGMP:
1081 bpf_error("'igmp' modifier applied to host");
1082
1083 case Q_IGRP:
1084 bpf_error("'igrp' modifier applied to host");
1085
1086 case Q_PIM:
1087 bpf_error("'pim' modifier applied to host");
1088
1089 case Q_ATALK:
1090 bpf_error("ATALK host filtering not implemented");
1091
1092 case Q_DECNET:
1093 bpf_error("'decnet' modifier applied to ip6 host");
1094
1095 case Q_SCA:
1096 bpf_error("SCA host filtering not implemented");
1097
1098 case Q_LAT:
1099 bpf_error("LAT host filtering not implemented");
1100
1101 case Q_MOPDL:
1102 bpf_error("MOPDL host filtering not implemented");
1103
1104 case Q_MOPRC:
1105 bpf_error("MOPRC host filtering not implemented");
1106
1107 case Q_IPV6:
1108 return gen_hostop6(addr, mask, dir, ETHERTYPE_IPV6,
1109 off_nl + 8, off_nl + 24);
1110
1111 case Q_ICMPV6:
1112 bpf_error("'icmp6' modifier applied to host");
1113
1114 case Q_AH:
1115 bpf_error("'ah' modifier applied to host");
1116
1117 case Q_ESP:
1118 bpf_error("'esp' modifier applied to host");
1119
1120 default:
1121 abort();
1122 }
1123 /* NOTREACHED */
1124 }
1125 #endif /*INET6*/
1126
1127 #ifndef INET6
1128 static struct block *
1129 gen_gateway(eaddr, alist, proto, dir)
1130 const u_char *eaddr;
1131 bpf_u_int32 **alist;
1132 int proto;
1133 int dir;
1134 {
1135 struct block *b0, *b1, *tmp;
1136
1137 if (dir != 0)
1138 bpf_error("direction applied to 'gateway'");
1139
1140 switch (proto) {
1141 case Q_DEFAULT:
1142 case Q_IP:
1143 case Q_ARP:
1144 case Q_RARP:
1145 if (linktype == DLT_EN10MB)
1146 b0 = gen_ehostop(eaddr, Q_OR);
1147 else if (linktype == DLT_FDDI)
1148 b0 = gen_fhostop(eaddr, Q_OR);
1149 else
1150 bpf_error(
1151 "'gateway' supported only on ethernet or FDDI");
1152
1153 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1154 while (*alist) {
1155 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR);
1156 gen_or(b1, tmp);
1157 b1 = tmp;
1158 }
1159 gen_not(b1);
1160 gen_and(b0, b1);
1161 return b1;
1162 }
1163 bpf_error("illegal modifier of 'gateway'");
1164 /* NOTREACHED */
1165 }
1166 #endif
1167
1168 struct block *
1169 gen_proto_abbrev(proto)
1170 int proto;
1171 {
1172 #ifdef INET6
1173 struct block *b0;
1174 #endif
1175 struct block *b1;
1176
1177 switch (proto) {
1178
1179 case Q_TCP:
1180 b1 = gen_proto(IPPROTO_TCP, Q_IP, Q_DEFAULT);
1181 #ifdef INET6
1182 b0 = gen_proto(IPPROTO_TCP, Q_IPV6, Q_DEFAULT);
1183 gen_or(b0, b1);
1184 #endif
1185 break;
1186
1187 case Q_UDP:
1188 b1 = gen_proto(IPPROTO_UDP, Q_IP, Q_DEFAULT);
1189 #ifdef INET6
1190 b0 = gen_proto(IPPROTO_UDP, Q_IPV6, Q_DEFAULT);
1191 gen_or(b0, b1);
1192 #endif
1193 break;
1194
1195 case Q_ICMP:
1196 b1 = gen_proto(IPPROTO_ICMP, Q_IP, Q_DEFAULT);
1197 break;
1198
1199 #ifndef IPPROTO_IGMP
1200 #define IPPROTO_IGMP 2
1201 #endif
1202
1203 case Q_IGMP:
1204 b1 = gen_proto(IPPROTO_IGMP, Q_IP, Q_DEFAULT);
1205 break;
1206
1207 #ifndef IPPROTO_IGRP
1208 #define IPPROTO_IGRP 9
1209 #endif
1210 case Q_IGRP:
1211 b1 = gen_proto(IPPROTO_IGRP, Q_IP, Q_DEFAULT);
1212 break;
1213
1214 #ifndef IPPROTO_PIM
1215 #define IPPROTO_PIM 103
1216 #endif
1217
1218 case Q_PIM:
1219 b1 = gen_proto(IPPROTO_PIM, Q_IP, Q_DEFAULT);
1220 #ifdef INET6
1221 b0 = gen_proto(IPPROTO_PIM, Q_IPV6, Q_DEFAULT);
1222 gen_or(b0, b1);
1223 #endif
1224 break;
1225
1226 case Q_IP:
1227 b1 = gen_linktype(ETHERTYPE_IP);
1228 break;
1229
1230 case Q_ARP:
1231 b1 = gen_linktype(ETHERTYPE_ARP);
1232 break;
1233
1234 case Q_RARP:
1235 b1 = gen_linktype(ETHERTYPE_REVARP);
1236 break;
1237
1238 case Q_LINK:
1239 bpf_error("link layer applied in wrong context");
1240
1241 case Q_ATALK:
1242 b1 = gen_linktype(ETHERTYPE_ATALK);
1243 break;
1244
1245 case Q_DECNET:
1246 b1 = gen_linktype(ETHERTYPE_DN);
1247 break;
1248
1249 case Q_SCA:
1250 b1 = gen_linktype(ETHERTYPE_SCA);
1251 break;
1252
1253 case Q_LAT:
1254 b1 = gen_linktype(ETHERTYPE_LAT);
1255 break;
1256
1257 case Q_MOPDL:
1258 b1 = gen_linktype(ETHERTYPE_MOPDL);
1259 break;
1260
1261 case Q_MOPRC:
1262 b1 = gen_linktype(ETHERTYPE_MOPRC);
1263 break;
1264
1265 #ifdef INET6
1266 case Q_IPV6:
1267 b1 = gen_linktype(ETHERTYPE_IPV6);
1268 break;
1269
1270 #ifndef IPPROTO_ICMPV6
1271 #define IPPROTO_ICMPV6 58
1272 #endif
1273 case Q_ICMPV6:
1274 b1 = gen_proto(IPPROTO_ICMPV6, Q_IPV6, Q_DEFAULT);
1275 break;
1276 #endif /* INET6 */
1277
1278 #ifndef IPPROTO_AH
1279 #define IPPROTO_AH 51
1280 #endif
1281 case Q_AH:
1282 b1 = gen_proto(IPPROTO_AH, Q_IP, Q_DEFAULT);
1283 #ifdef INET6
1284 b0 = gen_proto(IPPROTO_AH, Q_IPV6, Q_DEFAULT);
1285 gen_or(b0, b1);
1286 #endif
1287 break;
1288
1289 #ifndef IPPROTO_ESP
1290 #define IPPROTO_ESP 50
1291 #endif
1292 case Q_ESP:
1293 b1 = gen_proto(IPPROTO_ESP, Q_IP, Q_DEFAULT);
1294 #ifdef INET6
1295 b0 = gen_proto(IPPROTO_ESP, Q_IPV6, Q_DEFAULT);
1296 gen_or(b0, b1);
1297 #endif
1298 break;
1299
1300 default:
1301 abort();
1302 }
1303 return b1;
1304 }
1305
1306 static struct block *
1307 gen_ipfrag()
1308 {
1309 struct slist *s;
1310 struct block *b;
1311
1312 /* not ip frag */
1313 s = new_stmt(BPF_LD|BPF_H|BPF_ABS);
1314 s->s.k = off_nl + 6;
1315 b = new_block(JMP(BPF_JSET));
1316 b->s.k = 0x1fff;
1317 b->stmts = s;
1318 gen_not(b);
1319
1320 return b;
1321 }
1322
1323 static struct block *
1324 gen_portatom(off, v)
1325 int off;
1326 bpf_int32 v;
1327 {
1328 struct slist *s;
1329 struct block *b;
1330
1331 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1332 s->s.k = off_nl;
1333
1334 s->next = new_stmt(BPF_LD|BPF_IND|BPF_H);
1335 s->next->s.k = off_nl + off;
1336
1337 b = new_block(JMP(BPF_JEQ));
1338 b->stmts = s;
1339 b->s.k = v;
1340
1341 return b;
1342 }
1343
1344 #ifdef INET6
1345 static struct block *
1346 gen_portatom6(off, v)
1347 int off;
1348 bpf_int32 v;
1349 {
1350 return gen_cmp(off_nl + 40 + off, BPF_H, v);
1351 }
1352 #endif/*INET6*/
1353
1354 struct block *
1355 gen_portop(port, proto, dir)
1356 int port, proto, dir;
1357 {
1358 struct block *b0, *b1, *tmp;
1359
1360 /* ip proto 'proto' */
1361 tmp = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)proto);
1362 b0 = gen_ipfrag();
1363 gen_and(tmp, b0);
1364
1365 switch (dir) {
1366 case Q_SRC:
1367 b1 = gen_portatom(0, (bpf_int32)port);
1368 break;
1369
1370 case Q_DST:
1371 b1 = gen_portatom(2, (bpf_int32)port);
1372 break;
1373
1374 case Q_OR:
1375 case Q_DEFAULT:
1376 tmp = gen_portatom(0, (bpf_int32)port);
1377 b1 = gen_portatom(2, (bpf_int32)port);
1378 gen_or(tmp, b1);
1379 break;
1380
1381 case Q_AND:
1382 tmp = gen_portatom(0, (bpf_int32)port);
1383 b1 = gen_portatom(2, (bpf_int32)port);
1384 gen_and(tmp, b1);
1385 break;
1386
1387 default:
1388 abort();
1389 }
1390 gen_and(b0, b1);
1391
1392 return b1;
1393 }
1394
1395 static struct block *
1396 gen_port(port, ip_proto, dir)
1397 int port;
1398 int ip_proto;
1399 int dir;
1400 {
1401 struct block *b0, *b1, *tmp;
1402
1403 /* ether proto ip */
1404 b0 = gen_linktype(ETHERTYPE_IP);
1405
1406 switch (ip_proto) {
1407 case IPPROTO_UDP:
1408 case IPPROTO_TCP:
1409 b1 = gen_portop(port, ip_proto, dir);
1410 break;
1411
1412 case PROTO_UNDEF:
1413 tmp = gen_portop(port, IPPROTO_TCP, dir);
1414 b1 = gen_portop(port, IPPROTO_UDP, dir);
1415 gen_or(tmp, b1);
1416 break;
1417
1418 default:
1419 abort();
1420 }
1421 gen_and(b0, b1);
1422 return b1;
1423 }
1424
1425 #ifdef INET6
1426 struct block *
1427 gen_portop6(port, proto, dir)
1428 int port, proto, dir;
1429 {
1430 struct block *b0, *b1, *tmp;
1431
1432 /* ip proto 'proto' */
1433 b0 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)proto);
1434
1435 switch (dir) {
1436 case Q_SRC:
1437 b1 = gen_portatom6(0, (bpf_int32)port);
1438 break;
1439
1440 case Q_DST:
1441 b1 = gen_portatom6(2, (bpf_int32)port);
1442 break;
1443
1444 case Q_OR:
1445 case Q_DEFAULT:
1446 tmp = gen_portatom6(0, (bpf_int32)port);
1447 b1 = gen_portatom6(2, (bpf_int32)port);
1448 gen_or(tmp, b1);
1449 break;
1450
1451 case Q_AND:
1452 tmp = gen_portatom6(0, (bpf_int32)port);
1453 b1 = gen_portatom6(2, (bpf_int32)port);
1454 gen_and(tmp, b1);
1455 break;
1456
1457 default:
1458 abort();
1459 }
1460 gen_and(b0, b1);
1461
1462 return b1;
1463 }
1464
1465 static struct block *
1466 gen_port6(port, ip_proto, dir)
1467 int port;
1468 int ip_proto;
1469 int dir;
1470 {
1471 struct block *b0, *b1, *tmp;
1472
1473 /* ether proto ip */
1474 b0 = gen_linktype(ETHERTYPE_IPV6);
1475
1476 switch (ip_proto) {
1477 case IPPROTO_UDP:
1478 case IPPROTO_TCP:
1479 b1 = gen_portop6(port, ip_proto, dir);
1480 break;
1481
1482 case PROTO_UNDEF:
1483 tmp = gen_portop6(port, IPPROTO_TCP, dir);
1484 b1 = gen_portop6(port, IPPROTO_UDP, dir);
1485 gen_or(tmp, b1);
1486 break;
1487
1488 default:
1489 abort();
1490 }
1491 gen_and(b0, b1);
1492 return b1;
1493 }
1494 #endif /* INET6 */
1495
1496 static int
1497 lookup_proto(name, proto)
1498 register const char *name;
1499 register int proto;
1500 {
1501 register int v;
1502
1503 switch (proto) {
1504
1505 case Q_DEFAULT:
1506 case Q_IP:
1507 v = pcap_nametoproto(name);
1508 if (v == PROTO_UNDEF)
1509 bpf_error("unknown ip proto '%s'", name);
1510 break;
1511
1512 case Q_LINK:
1513 /* XXX should look up h/w protocol type based on linktype */
1514 v = pcap_nametoeproto(name);
1515 if (v == PROTO_UNDEF)
1516 bpf_error("unknown ether proto '%s'", name);
1517 break;
1518
1519 default:
1520 v = PROTO_UNDEF;
1521 break;
1522 }
1523 return v;
1524 }
1525
1526 #if 0
1527 struct stmt *
1528 gen_joinsp(s, n)
1529 struct stmt **s;
1530 int n;
1531 {
1532 return NULL;
1533 }
1534 #endif
1535
1536 struct block *
1537 gen_protochain(v, proto, dir)
1538 int v;
1539 int proto;
1540 int dir;
1541 {
1542 #ifdef NO_PROTOCHAIN
1543 return gen_proto(v, proto, dir);
1544 #else
1545 struct block *b0, *b;
1546 struct slist *s[100];
1547 int fix2, fix3, fix4, fix5;
1548 int ahcheck, again, end;
1549 int i, max;
1550 int reg1 = alloc_reg();
1551 int reg2 = alloc_reg();
1552
1553 memset(s, 0, sizeof(s));
1554 fix2 = fix3 = fix4 = fix5 = 0;
1555
1556 switch (proto) {
1557 case Q_IP:
1558 case Q_IPV6:
1559 break;
1560 case Q_DEFAULT:
1561 b0 = gen_protochain(v, Q_IP, dir);
1562 b = gen_protochain(v, Q_IPV6, dir);
1563 gen_or(b0, b);
1564 return b;
1565 default:
1566 bpf_error("bad protocol applied for 'protochain'");
1567 /*NOTREACHED*/
1568 }
1569
1570 no_optimize = 1; /*this code is not compatible with optimzer yet */
1571
1572 /*
1573 * s[0] is a dummy entry to protect other BPF insn from damaged
1574 * by s[fix] = foo with uninitialized variable "fix". It is somewhat
1575 * hard to find interdependency made by jump table fixup.
1576 */
1577 i = 0;
1578 s[i] = new_stmt(0); /*dummy*/
1579 i++;
1580
1581 switch (proto) {
1582 case Q_IP:
1583 b0 = gen_linktype(ETHERTYPE_IP);
1584
1585 /* A = ip->ip_p */
1586 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1587 s[i]->s.k = off_nl + 9;
1588 i++;
1589 /* X = ip->ip_hl << 2 */
1590 s[i] = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
1591 s[i]->s.k = off_nl;
1592 i++;
1593 break;
1594 #ifdef INET6
1595 case Q_IPV6:
1596 b0 = gen_linktype(ETHERTYPE_IPV6);
1597
1598 /* A = ip6->ip_nxt */
1599 s[i] = new_stmt(BPF_LD|BPF_ABS|BPF_B);
1600 s[i]->s.k = off_nl + 6;
1601 i++;
1602 /* X = sizeof(struct ip6_hdr) */
1603 s[i] = new_stmt(BPF_LDX|BPF_IMM);
1604 s[i]->s.k = 40;
1605 i++;
1606 break;
1607 #endif
1608 default:
1609 bpf_error("unsupported proto to gen_protochain");
1610 /*NOTREACHED*/
1611 }
1612
1613 /* again: if (A == v) goto end; else fall through; */
1614 again = i;
1615 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1616 s[i]->s.k = v;
1617 s[i]->s.jt = NULL; /*later*/
1618 s[i]->s.jf = NULL; /*update in next stmt*/
1619 fix5 = i;
1620 i++;
1621
1622 #ifndef IPPROTO_NONE
1623 #define IPPROTO_NONE 59
1624 #endif
1625 /* if (A == IPPROTO_NONE) goto end */
1626 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1627 s[i]->s.jt = NULL; /*later*/
1628 s[i]->s.jf = NULL; /*update in next stmt*/
1629 s[i]->s.k = IPPROTO_NONE;
1630 s[fix5]->s.jf = s[i];
1631 fix2 = i;
1632 i++;
1633
1634 #ifdef INET6
1635 if (proto == Q_IPV6) {
1636 int v6start, v6end, v6advance, j;
1637
1638 v6start = i;
1639 /* if (A == IPPROTO_HOPOPTS) goto v6advance */
1640 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1641 s[i]->s.jt = NULL; /*later*/
1642 s[i]->s.jf = NULL; /*update in next stmt*/
1643 s[i]->s.k = IPPROTO_HOPOPTS;
1644 s[fix2]->s.jf = s[i];
1645 i++;
1646 /* if (A == IPPROTO_DSTOPTS) goto v6advance */
1647 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1648 s[i]->s.jt = NULL; /*later*/
1649 s[i]->s.jf = NULL; /*update in next stmt*/
1650 s[i]->s.k = IPPROTO_DSTOPTS;
1651 i++;
1652 /* if (A == IPPROTO_ROUTING) goto v6advance */
1653 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1654 s[i]->s.jt = NULL; /*later*/
1655 s[i]->s.jf = NULL; /*update in next stmt*/
1656 s[i]->s.k = IPPROTO_ROUTING;
1657 i++;
1658 /* if (A == IPPROTO_FRAGMENT) goto v6advance; else goto ahcheck; */
1659 s[i - 1]->s.jf = s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1660 s[i]->s.jt = NULL; /*later*/
1661 s[i]->s.jf = NULL; /*later*/
1662 s[i]->s.k = IPPROTO_FRAGMENT;
1663 fix3 = i;
1664 v6end = i;
1665 i++;
1666
1667 /* v6advance: */
1668 v6advance = i;
1669
1670 /*
1671 * in short,
1672 * A = P[X + 1];
1673 * X = X + (P[X] + 1) * 8;
1674 */
1675 /* A = X */
1676 s[i] = new_stmt(BPF_MISC|BPF_TXA);
1677 i++;
1678 /* MEM[reg1] = A */
1679 s[i] = new_stmt(BPF_ST);
1680 s[i]->s.k = reg1;
1681 i++;
1682 /* A += 1 */
1683 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1684 s[i]->s.k = 1;
1685 i++;
1686 /* X = A */
1687 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1688 i++;
1689 /* A = P[X + packet head]; */
1690 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1691 s[i]->s.k = off_nl;
1692 i++;
1693 /* MEM[reg2] = A */
1694 s[i] = new_stmt(BPF_ST);
1695 s[i]->s.k = reg2;
1696 i++;
1697 /* X = MEM[reg1] */
1698 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1699 s[i]->s.k = reg1;
1700 i++;
1701 /* A = P[X + packet head] */
1702 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1703 s[i]->s.k = off_nl;
1704 i++;
1705 /* A += 1 */
1706 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1707 s[i]->s.k = 1;
1708 i++;
1709 /* A *= 8 */
1710 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1711 s[i]->s.k = 8;
1712 i++;
1713 /* X = A; */
1714 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1715 i++;
1716 /* A = MEM[reg2] */
1717 s[i] = new_stmt(BPF_LD|BPF_MEM);
1718 s[i]->s.k = reg2;
1719 i++;
1720
1721 /* goto again; (must use BPF_JA for backward jump) */
1722 s[i] = new_stmt(BPF_JMP|BPF_JA);
1723 s[i]->s.k = again - i - 1;
1724 s[i - 1]->s.jf = s[i];
1725 i++;
1726
1727 /* fixup */
1728 for (j = v6start; j <= v6end; j++)
1729 s[j]->s.jt = s[v6advance];
1730 } else
1731 #endif
1732 {
1733 /* nop */
1734 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1735 s[i]->s.k = 0;
1736 s[fix2]->s.jf = s[i];
1737 i++;
1738 }
1739
1740 /* ahcheck: */
1741 ahcheck = i;
1742 /* if (A == IPPROTO_AH) then fall through; else goto end; */
1743 s[i] = new_stmt(BPF_JMP|BPF_JEQ|BPF_K);
1744 s[i]->s.jt = NULL; /*later*/
1745 s[i]->s.jf = NULL; /*later*/
1746 s[i]->s.k = IPPROTO_AH;
1747 if (fix3)
1748 s[fix3]->s.jf = s[ahcheck];
1749 fix4 = i;
1750 i++;
1751
1752 /*
1753 * in short,
1754 * A = P[X + 1];
1755 * X = X + (P[X] + 2) * 4;
1756 */
1757 /* A = X */
1758 s[i - 1]->s.jt = s[i] = new_stmt(BPF_MISC|BPF_TXA);
1759 i++;
1760 /* MEM[reg1] = A */
1761 s[i] = new_stmt(BPF_ST);
1762 s[i]->s.k = reg1;
1763 i++;
1764 /* A += 1 */
1765 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1766 s[i]->s.k = 1;
1767 i++;
1768 /* X = A */
1769 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1770 i++;
1771 /* A = P[X + packet head]; */
1772 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1773 s[i]->s.k = off_nl;
1774 i++;
1775 /* MEM[reg2] = A */
1776 s[i] = new_stmt(BPF_ST);
1777 s[i]->s.k = reg2;
1778 i++;
1779 /* X = MEM[reg1] */
1780 s[i] = new_stmt(BPF_LDX|BPF_MEM);
1781 s[i]->s.k = reg1;
1782 i++;
1783 /* A = P[X + packet head] */
1784 s[i] = new_stmt(BPF_LD|BPF_IND|BPF_B);
1785 s[i]->s.k = off_nl;
1786 i++;
1787 /* A += 2 */
1788 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1789 s[i]->s.k = 2;
1790 i++;
1791 /* A *= 4 */
1792 s[i] = new_stmt(BPF_ALU|BPF_MUL|BPF_K);
1793 s[i]->s.k = 4;
1794 i++;
1795 /* X = A; */
1796 s[i] = new_stmt(BPF_MISC|BPF_TAX);
1797 i++;
1798 /* A = MEM[reg2] */
1799 s[i] = new_stmt(BPF_LD|BPF_MEM);
1800 s[i]->s.k = reg2;
1801 i++;
1802
1803 /* goto again; (must use BPF_JA for backward jump) */
1804 s[i] = new_stmt(BPF_JMP|BPF_JA);
1805 s[i]->s.k = again - i - 1;
1806 i++;
1807
1808 /* end: nop */
1809 end = i;
1810 s[i] = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
1811 s[i]->s.k = 0;
1812 s[fix2]->s.jt = s[end];
1813 s[fix4]->s.jf = s[end];
1814 s[fix5]->s.jt = s[end];
1815 i++;
1816
1817 /*
1818 * make slist chain
1819 */
1820 max = i;
1821 for (i = 0; i < max - 1; i++)
1822 s[i]->next = s[i + 1];
1823 s[max - 1]->next = NULL;
1824
1825 /*
1826 * emit final check
1827 */
1828 b = new_block(JMP(BPF_JEQ));
1829 b->stmts = s[1]; /*remember, s[0] is dummy*/
1830 b->s.k = v;
1831
1832 free_reg(reg1);
1833 free_reg(reg2);
1834
1835 gen_and(b0, b);
1836 return b;
1837 #endif
1838 }
1839
1840 static struct block *
1841 gen_proto(v, proto, dir)
1842 int v;
1843 int proto;
1844 int dir;
1845 {
1846 struct block *b0, *b1;
1847
1848 if (dir != Q_DEFAULT)
1849 bpf_error("direction applied to 'proto'");
1850
1851 switch (proto) {
1852 case Q_DEFAULT:
1853 #ifdef INET6
1854 b0 = gen_proto(v, Q_IP, dir);
1855 b1 = gen_proto(v, Q_IPV6, dir);
1856 gen_or(b0, b1);
1857 return b1;
1858 #else
1859 /*FALLTHROUGH*/
1860 #endif
1861 case Q_IP:
1862 b0 = gen_linktype(ETHERTYPE_IP);
1863 #ifndef CHASE_CHAIN
1864 b1 = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)v);
1865 #else
1866 b1 = gen_protochain(v, Q_IP);
1867 #endif
1868 gen_and(b0, b1);
1869 return b1;
1870
1871 case Q_ARP:
1872 bpf_error("arp does not encapsulate another protocol");
1873 /* NOTREACHED */
1874
1875 case Q_RARP:
1876 bpf_error("rarp does not encapsulate another protocol");
1877 /* NOTREACHED */
1878
1879 case Q_ATALK:
1880 bpf_error("atalk encapsulation is not specifiable");
1881 /* NOTREACHED */
1882
1883 case Q_DECNET:
1884 bpf_error("decnet encapsulation is not specifiable");
1885 /* NOTREACHED */
1886
1887 case Q_SCA:
1888 bpf_error("sca does not encapsulate another protocol");
1889 /* NOTREACHED */
1890
1891 case Q_LAT:
1892 bpf_error("lat does not encapsulate another protocol");
1893 /* NOTREACHED */
1894
1895 case Q_MOPRC:
1896 bpf_error("moprc does not encapsulate another protocol");
1897 /* NOTREACHED */
1898
1899 case Q_MOPDL:
1900 bpf_error("mopdl does not encapsulate another protocol");
1901 /* NOTREACHED */
1902
1903 case Q_LINK:
1904 return gen_linktype(v);
1905
1906 case Q_UDP:
1907 bpf_error("'udp proto' is bogus");
1908 /* NOTREACHED */
1909
1910 case Q_TCP:
1911 bpf_error("'tcp proto' is bogus");
1912 /* NOTREACHED */
1913
1914 case Q_ICMP:
1915 bpf_error("'icmp proto' is bogus");
1916 /* NOTREACHED */
1917
1918 case Q_IGMP:
1919 bpf_error("'igmp proto' is bogus");
1920 /* NOTREACHED */
1921
1922 case Q_IGRP:
1923 bpf_error("'igrp proto' is bogus");
1924 /* NOTREACHED */
1925
1926 case Q_PIM:
1927 bpf_error("'pim proto' is bogus");
1928 /* NOTREACHED */
1929
1930 #ifdef INET6
1931 case Q_IPV6:
1932 b0 = gen_linktype(ETHERTYPE_IPV6);
1933 #ifndef CHASE_CHAIN
1934 b1 = gen_cmp(off_nl + 6, BPF_B, (bpf_int32)v);
1935 #else
1936 b1 = gen_protochain(v, Q_IPV6);
1937 #endif
1938 gen_and(b0, b1);
1939 return b1;
1940
1941 case Q_ICMPV6:
1942 bpf_error("'icmp6 proto' is bogus");
1943 #endif /* INET6 */
1944
1945 case Q_AH:
1946 bpf_error("'ah proto' is bogus");
1947
1948 case Q_ESP:
1949 bpf_error("'ah proto' is bogus");
1950
1951 default:
1952 abort();
1953 /* NOTREACHED */
1954 }
1955 /* NOTREACHED */
1956 }
1957
1958 struct block *
1959 gen_scode(name, q)
1960 register const char *name;
1961 struct qual q;
1962 {
1963 int proto = q.proto;
1964 int dir = q.dir;
1965 int tproto;
1966 u_char *eaddr;
1967 bpf_u_int32 mask, addr;
1968 #ifndef INET6
1969 bpf_u_int32 **alist;
1970 #else
1971 int tproto6;
1972 struct sockaddr_in *sin;
1973 struct sockaddr_in6 *sin6;
1974 struct addrinfo *res, *res0;
1975 struct in6_addr mask128;
1976 #endif /*INET6*/
1977 struct block *b, *tmp;
1978 int port, real_proto;
1979
1980 switch (q.addr) {
1981
1982 case Q_NET:
1983 addr = pcap_nametonetaddr(name);
1984 if (addr == 0)
1985 bpf_error("unknown network '%s'", name);
1986 /* Left justify network addr and calculate its network mask */
1987 mask = 0xffffffff;
1988 while (addr && (addr & 0xff000000) == 0) {
1989 addr <<= 8;
1990 mask <<= 8;
1991 }
1992 return gen_host(addr, mask, proto, dir);
1993
1994 case Q_DEFAULT:
1995 case Q_HOST:
1996 if (proto == Q_LINK) {
1997 switch (linktype) {
1998
1999 case DLT_EN10MB:
2000 eaddr = pcap_ether_hostton(name);
2001 if (eaddr == NULL)
2002 bpf_error(
2003 "unknown ether host '%s'", name);
2004 return gen_ehostop(eaddr, dir);
2005
2006 case DLT_FDDI:
2007 eaddr = pcap_ether_hostton(name);
2008 if (eaddr == NULL)
2009 bpf_error(
2010 "unknown FDDI host '%s'", name);
2011 return gen_fhostop(eaddr, dir);
2012
2013 default:
2014 bpf_error(
2015 "only ethernet/FDDI supports link-level host name");
2016 break;
2017 }
2018 } else if (proto == Q_DECNET) {
2019 unsigned short dn_addr = __pcap_nametodnaddr(name);
2020 /*
2021 * I don't think DECNET hosts can be multihomed, so
2022 * there is no need to build up a list of addresses
2023 */
2024 return (gen_host(dn_addr, 0, proto, dir));
2025 } else {
2026 #ifndef INET6
2027 alist = pcap_nametoaddr(name);
2028 if (alist == NULL || *alist == NULL)
2029 bpf_error("unknown host '%s'", name);
2030 tproto = proto;
2031 if (off_linktype == -1 && tproto == Q_DEFAULT)
2032 tproto = Q_IP;
2033 b = gen_host(**alist++, 0xffffffff, tproto, dir);
2034 while (*alist) {
2035 tmp = gen_host(**alist++, 0xffffffff,
2036 tproto, dir);
2037 gen_or(b, tmp);
2038 b = tmp;
2039 }
2040 return b;
2041 #else
2042 memset(&mask128, 0xff, sizeof(mask128));
2043 res0 = res = pcap_nametoaddrinfo(name);
2044 if (res == NULL)
2045 bpf_error("unknown host '%s'", name);
2046 b = tmp = NULL;
2047 tproto = tproto6 = proto;
2048 if (off_linktype == -1 && tproto == Q_DEFAULT) {
2049 tproto = Q_IP;
2050 tproto6 = Q_IPV6;
2051 }
2052 for (res = res0; res; res = res->ai_next) {
2053 switch (res->ai_family) {
2054 case AF_INET:
2055 if (tproto == Q_IPV6)
2056 continue;
2057
2058 sin = (struct sockaddr_in *)
2059 res->ai_addr;
2060 tmp = gen_host(ntohl(sin->sin_addr.s_addr),
2061 0xffffffff, tproto, dir);
2062 break;
2063 case AF_INET6:
2064 if (tproto6 == Q_IP)
2065 continue;
2066
2067 sin6 = (struct sockaddr_in6 *)
2068 res->ai_addr;
2069 tmp = gen_host6(&sin6->sin6_addr,
2070 &mask128, tproto6, dir);
2071 break;
2072 }
2073 if (b)
2074 gen_or(b, tmp);
2075 b = tmp;
2076 }
2077 freeaddrinfo(res0);
2078 if (b == NULL) {
2079 bpf_error("unknown host '%s'%s", name,
2080 (proto == Q_DEFAULT)
2081 ? ""
2082 : " for specified address family");
2083 }
2084 return b;
2085 #endif /*INET6*/
2086 }
2087
2088 case Q_PORT:
2089 if (proto != Q_DEFAULT && proto != Q_UDP && proto != Q_TCP)
2090 bpf_error("illegal qualifier of 'port'");
2091 if (pcap_nametoport(name, &port, &real_proto) == 0)
2092 bpf_error("unknown port '%s'", name);
2093 if (proto == Q_UDP) {
2094 if (real_proto == IPPROTO_TCP)
2095 bpf_error("port '%s' is tcp", name);
2096 else
2097 /* override PROTO_UNDEF */
2098 real_proto = IPPROTO_UDP;
2099 }
2100 if (proto == Q_TCP) {
2101 if (real_proto == IPPROTO_UDP)
2102 bpf_error("port '%s' is udp", name);
2103 else
2104 /* override PROTO_UNDEF */
2105 real_proto = IPPROTO_TCP;
2106 }
2107 #ifndef INET6
2108 return gen_port(port, real_proto, dir);
2109 #else
2110 {
2111 struct block *b;
2112 b = gen_port(port, real_proto, dir);
2113 gen_or(gen_port6(port, real_proto, dir), b);
2114 return b;
2115 }
2116 #endif /* INET6 */
2117
2118 case Q_GATEWAY:
2119 #ifndef INET6
2120 eaddr = pcap_ether_hostton(name);
2121 if (eaddr == NULL)
2122 bpf_error("unknown ether host: %s", name);
2123
2124 alist = pcap_nametoaddr(name);
2125 if (alist == NULL || *alist == NULL)
2126 bpf_error("unknown host '%s'", name);
2127 return gen_gateway(eaddr, alist, proto, dir);
2128 #else
2129 bpf_error("'gateway' not supported in this configuration");
2130 #endif /*INET6*/
2131
2132 case Q_PROTO:
2133 real_proto = lookup_proto(name, proto);
2134 if (real_proto >= 0)
2135 return gen_proto(real_proto, proto, dir);
2136 else
2137 bpf_error("unknown protocol: %s", name);
2138
2139 case Q_PROTOCHAIN:
2140 real_proto = lookup_proto(name, proto);
2141 if (real_proto >= 0)
2142 return gen_protochain(real_proto, proto, dir);
2143 else
2144 bpf_error("unknown protocol: %s", name);
2145
2146
2147 case Q_UNDEF:
2148 syntax();
2149 /* NOTREACHED */
2150 }
2151 abort();
2152 /* NOTREACHED */
2153 }
2154
2155 struct block *
2156 gen_mcode(s1, s2, masklen, q)
2157 register const char *s1, *s2;
2158 register int masklen;
2159 struct qual q;
2160 {
2161 register int nlen, mlen;
2162 bpf_u_int32 n, m;
2163
2164 nlen = __pcap_atoin(s1, &n);
2165 /* Promote short ipaddr */
2166 n <<= 32 - nlen;
2167
2168 if (s2 != NULL) {
2169 mlen = __pcap_atoin(s2, &m);
2170 /* Promote short ipaddr */
2171 m <<= 32 - mlen;
2172 if ((n & ~m) != 0)
2173 bpf_error("non-network bits set in \"%s mask %s\"",
2174 s1, s2);
2175 } else {
2176 /* Convert mask len to mask */
2177 if (masklen > 32)
2178 bpf_error("mask length must be <= 32");
2179 m = 0xffffffff << (32 - masklen);
2180 if ((n & ~m) != 0)
2181 bpf_error("non-network bits set in \"%s/%d\"",
2182 s1, masklen);
2183 }
2184
2185 switch (q.addr) {
2186
2187 case Q_NET:
2188 return gen_host(n, m, q.proto, q.dir);
2189
2190 default:
2191 bpf_error("Mask syntax for networks only");
2192 /* NOTREACHED */
2193 }
2194 }
2195
2196 struct block *
2197 gen_ncode(s, v, q)
2198 register const char *s;
2199 bpf_u_int32 v;
2200 struct qual q;
2201 {
2202 bpf_u_int32 mask;
2203 int proto = q.proto;
2204 int dir = q.dir;
2205 register int vlen;
2206
2207 if (s == NULL)
2208 vlen = 32;
2209 else if (q.proto == Q_DECNET)
2210 vlen = __pcap_atodn(s, &v);
2211 else
2212 vlen = __pcap_atoin(s, &v);
2213
2214 switch (q.addr) {
2215
2216 case Q_DEFAULT:
2217 case Q_HOST:
2218 case Q_NET:
2219 if (proto == Q_DECNET)
2220 return gen_host(v, 0, proto, dir);
2221 else if (proto == Q_LINK) {
2222 bpf_error("illegal link layer address");
2223 } else {
2224 mask = 0xffffffff;
2225 if (s == NULL && q.addr == Q_NET) {
2226 /* Promote short net number */
2227 while (v && (v & 0xff000000) == 0) {
2228 v <<= 8;
2229 mask <<= 8;
2230 }
2231 } else {
2232 /* Promote short ipaddr */
2233 v <<= 32 - vlen;
2234 mask <<= 32 - vlen;
2235 }
2236 return gen_host(v, mask, proto, dir);
2237 }
2238
2239 case Q_PORT:
2240 if (proto == Q_UDP)
2241 proto = IPPROTO_UDP;
2242 else if (proto == Q_TCP)
2243 proto = IPPROTO_TCP;
2244 else if (proto == Q_DEFAULT)
2245 proto = PROTO_UNDEF;
2246 else
2247 bpf_error("illegal qualifier of 'port'");
2248
2249 #ifndef INET6
2250 return gen_port((int)v, proto, dir);
2251 #else
2252 {
2253 struct block *b;
2254 b = gen_port((int)v, proto, dir);
2255 gen_or(gen_port6((int)v, proto, dir), b);
2256 return b;
2257 }
2258 #endif /* INET6 */
2259
2260 case Q_GATEWAY:
2261 bpf_error("'gateway' requires a name");
2262 /* NOTREACHED */
2263
2264 case Q_PROTO:
2265 return gen_proto((int)v, proto, dir);
2266
2267 case Q_PROTOCHAIN:
2268 return gen_protochain((int)v, proto, dir);
2269
2270 case Q_UNDEF:
2271 syntax();
2272 /* NOTREACHED */
2273
2274 default:
2275 abort();
2276 /* NOTREACHED */
2277 }
2278 /* NOTREACHED */
2279 }
2280
2281 #ifdef INET6
2282 struct block *
2283 gen_mcode6(s1, s2, masklen, q)
2284 register const char *s1, *s2;
2285 register int masklen;
2286 struct qual q;
2287 {
2288 struct addrinfo *res;
2289 struct in6_addr *addr;
2290 struct in6_addr mask;
2291 struct block *b;
2292 u_int32_t *a, *m;
2293
2294 if (s2)
2295 bpf_error("no mask %s supported", s2);
2296
2297 res = pcap_nametoaddrinfo(s1);
2298 if (!res)
2299 bpf_error("invalid ip6 address %s", s1);
2300 if (res->ai_next)
2301 bpf_error("%s resolved to multiple address", s1);
2302 addr = &((struct sockaddr_in6 *)res->ai_addr)->sin6_addr;
2303
2304 if (sizeof(mask) * 8 < masklen)
2305 bpf_error("mask length must be <= %u", (unsigned int)(sizeof(mask) * 8));
2306 memset(&mask, 0xff, masklen / 8);
2307 if (masklen % 8) {
2308 mask.s6_addr[masklen / 8] =
2309 (0xff << (8 - masklen % 8)) & 0xff;
2310 }
2311
2312 a = (u_int32_t *)addr;
2313 m = (u_int32_t *)&mask;
2314 if ((a[0] & ~m[0]) || (a[1] & ~m[1])
2315 || (a[2] & ~m[2]) || (a[3] & ~m[3])) {
2316 bpf_error("non-network bits set in \"%s/%d\"", s1, masklen);
2317 }
2318
2319 switch (q.addr) {
2320
2321 case Q_DEFAULT:
2322 case Q_HOST:
2323 if (masklen != 128)
2324 bpf_error("Mask syntax for networks only");
2325 /* FALLTHROUGH */
2326
2327 case Q_NET:
2328 b = gen_host6(addr, &mask, q.proto, q.dir);
2329 freeaddrinfo(res);
2330 return b;
2331
2332 default:
2333 bpf_error("invalid qualifier against IPv6 address");
2334 /* NOTREACHED */
2335 }
2336 }
2337 #endif /*INET6*/
2338
2339 struct block *
2340 gen_ecode(eaddr, q)
2341 register const u_char *eaddr;
2342 struct qual q;
2343 {
2344 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) {
2345 if (linktype == DLT_EN10MB)
2346 return gen_ehostop(eaddr, (int)q.dir);
2347 if (linktype == DLT_FDDI)
2348 return gen_fhostop(eaddr, (int)q.dir);
2349 }
2350 bpf_error("ethernet address used in non-ether expression");
2351 /* NOTREACHED */
2352 }
2353
2354 void
2355 sappend(s0, s1)
2356 struct slist *s0, *s1;
2357 {
2358 /*
2359 * This is definitely not the best way to do this, but the
2360 * lists will rarely get long.
2361 */
2362 while (s0->next)
2363 s0 = s0->next;
2364 s0->next = s1;
2365 }
2366
2367 static struct slist *
2368 xfer_to_x(a)
2369 struct arth *a;
2370 {
2371 struct slist *s;
2372
2373 s = new_stmt(BPF_LDX|BPF_MEM);
2374 s->s.k = a->regno;
2375 return s;
2376 }
2377
2378 static struct slist *
2379 xfer_to_a(a)
2380 struct arth *a;
2381 {
2382 struct slist *s;
2383
2384 s = new_stmt(BPF_LD|BPF_MEM);
2385 s->s.k = a->regno;
2386 return s;
2387 }
2388
2389 struct arth *
2390 gen_load(proto, index, size)
2391 int proto;
2392 struct arth *index;
2393 int size;
2394 {
2395 struct slist *s, *tmp;
2396 struct block *b;
2397 int regno = alloc_reg();
2398
2399 free_reg(index->regno);
2400 switch (size) {
2401
2402 default:
2403 bpf_error("data size must be 1, 2, or 4");
2404
2405 case 1:
2406 size = BPF_B;
2407 break;
2408
2409 case 2:
2410 size = BPF_H;
2411 break;
2412
2413 case 4:
2414 size = BPF_W;
2415 break;
2416 }
2417 switch (proto) {
2418 default:
2419 bpf_error("unsupported index operation");
2420
2421 case Q_LINK:
2422 s = xfer_to_x(index);
2423 tmp = new_stmt(BPF_LD|BPF_IND|size);
2424 sappend(s, tmp);
2425 sappend(index->s, s);
2426 break;
2427
2428 case Q_IP:
2429 case Q_ARP:
2430 case Q_RARP:
2431 case Q_ATALK:
2432 case Q_DECNET:
2433 case Q_SCA:
2434 case Q_LAT:
2435 case Q_MOPRC:
2436 case Q_MOPDL:
2437 #ifdef INET6
2438 case Q_IPV6:
2439 #endif
2440 /* XXX Note that we assume a fixed link header here. */
2441 s = xfer_to_x(index);
2442 tmp = new_stmt(BPF_LD|BPF_IND|size);
2443 tmp->s.k = off_nl;
2444 sappend(s, tmp);
2445 sappend(index->s, s);
2446
2447 b = gen_proto_abbrev(proto);
2448 if (index->b)
2449 gen_and(index->b, b);
2450 index->b = b;
2451 break;
2452
2453 case Q_TCP:
2454 case Q_UDP:
2455 case Q_ICMP:
2456 case Q_IGMP:
2457 case Q_IGRP:
2458 case Q_PIM:
2459 s = new_stmt(BPF_LDX|BPF_MSH|BPF_B);
2460 s->s.k = off_nl;
2461 sappend(s, xfer_to_a(index));
2462 sappend(s, new_stmt(BPF_ALU|BPF_ADD|BPF_X));
2463 sappend(s, new_stmt(BPF_MISC|BPF_TAX));
2464 sappend(s, tmp = new_stmt(BPF_LD|BPF_IND|size));
2465 tmp->s.k = off_nl;
2466 sappend(index->s, s);
2467
2468 gen_and(gen_proto_abbrev(proto), b = gen_ipfrag());
2469 if (index->b)
2470 gen_and(index->b, b);
2471 #ifdef INET6
2472 gen_and(gen_proto_abbrev(Q_IP), b);
2473 #endif
2474 index->b = b;
2475 break;
2476 #ifdef INET6
2477 case Q_ICMPV6:
2478 bpf_error("IPv6 upper-layer protocol is not supported by proto[x]");
2479 /*NOTREACHED*/
2480 #endif
2481 }
2482 index->regno = regno;
2483 s = new_stmt(BPF_ST);
2484 s->s.k = regno;
2485 sappend(index->s, s);
2486
2487 return index;
2488 }
2489
2490 struct block *
2491 gen_relation(code, a0, a1, reversed)
2492 int code;
2493 struct arth *a0, *a1;
2494 int reversed;
2495 {
2496 struct slist *s0, *s1, *s2;
2497 struct block *b, *tmp;
2498
2499 s0 = xfer_to_x(a1);
2500 s1 = xfer_to_a(a0);
2501 s2 = new_stmt(BPF_ALU|BPF_SUB|BPF_X);
2502 b = new_block(JMP(code));
2503 if (code == BPF_JGT || code == BPF_JGE) {
2504 reversed = !reversed;
2505 b->s.k = 0x80000000;
2506 }
2507 if (reversed)
2508 gen_not(b);
2509
2510 sappend(s1, s2);
2511 sappend(s0, s1);
2512 sappend(a1->s, s0);
2513 sappend(a0->s, a1->s);
2514
2515 b->stmts = a0->s;
2516
2517 free_reg(a0->regno);
2518 free_reg(a1->regno);
2519
2520 /* 'and' together protocol checks */
2521 if (a0->b) {
2522 if (a1->b) {
2523 gen_and(a0->b, tmp = a1->b);
2524 }
2525 else
2526 tmp = a0->b;
2527 } else
2528 tmp = a1->b;
2529
2530 if (tmp)
2531 gen_and(tmp, b);
2532
2533 return b;
2534 }
2535
2536 struct arth *
2537 gen_loadlen()
2538 {
2539 int regno = alloc_reg();
2540 struct arth *a = (struct arth *)newchunk(sizeof(*a));
2541 struct slist *s;
2542
2543 s = new_stmt(BPF_LD|BPF_LEN);
2544 s->next = new_stmt(BPF_ST);
2545 s->next->s.k = regno;
2546 a->s = s;
2547 a->regno = regno;
2548
2549 return a;
2550 }
2551
2552 struct arth *
2553 gen_loadi(val)
2554 int val;
2555 {
2556 struct arth *a;
2557 struct slist *s;
2558 int reg;
2559
2560 a = (struct arth *)newchunk(sizeof(*a));
2561
2562 reg = alloc_reg();
2563
2564 s = new_stmt(BPF_LD|BPF_IMM);
2565 s->s.k = val;
2566 s->next = new_stmt(BPF_ST);
2567 s->next->s.k = reg;
2568 a->s = s;
2569 a->regno = reg;
2570
2571 return a;
2572 }
2573
2574 struct arth *
2575 gen_neg(a)
2576 struct arth *a;
2577 {
2578 struct slist *s;
2579
2580 s = xfer_to_a(a);
2581 sappend(a->s, s);
2582 s = new_stmt(BPF_ALU|BPF_NEG);
2583 s->s.k = 0;
2584 sappend(a->s, s);
2585 s = new_stmt(BPF_ST);
2586 s->s.k = a->regno;
2587 sappend(a->s, s);
2588
2589 return a;
2590 }
2591
2592 struct arth *
2593 gen_arth(code, a0, a1)
2594 int code;
2595 struct arth *a0, *a1;
2596 {
2597 struct slist *s0, *s1, *s2;
2598
2599 s0 = xfer_to_x(a1);
2600 s1 = xfer_to_a(a0);
2601 s2 = new_stmt(BPF_ALU|BPF_X|code);
2602
2603 sappend(s1, s2);
2604 sappend(s0, s1);
2605 sappend(a1->s, s0);
2606 sappend(a0->s, a1->s);
2607
2608 free_reg(a1->regno);
2609
2610 s0 = new_stmt(BPF_ST);
2611 a0->regno = s0->s.k = alloc_reg();
2612 sappend(a0->s, s0);
2613
2614 return a0;
2615 }
2616
2617 /*
2618 * Here we handle simple allocation of the scratch registers.
2619 * If too many registers are alloc'd, the allocator punts.
2620 */
2621 static int regused[BPF_MEMWORDS];
2622 static int curreg;
2623
2624 /*
2625 * Return the next free register.
2626 */
2627 static int
2628 alloc_reg()
2629 {
2630 int n = BPF_MEMWORDS;
2631
2632 while (--n >= 0) {
2633 if (regused[curreg])
2634 curreg = (curreg + 1) % BPF_MEMWORDS;
2635 else {
2636 regused[curreg] = 1;
2637 return curreg;
2638 }
2639 }
2640 bpf_error("too many registers needed to evaluate expression");
2641 /* NOTREACHED */
2642 }
2643
2644 /*
2645 * Return a register to the table so it can
2646 * be used later.
2647 */
2648 static void
2649 free_reg(n)
2650 int n;
2651 {
2652 regused[n] = 0;
2653 }
2654
2655 static struct block *
2656 gen_len(jmp, n)
2657 int jmp, n;
2658 {
2659 struct slist *s;
2660 struct block *b;
2661
2662 s = new_stmt(BPF_LD|BPF_LEN);
2663 b = new_block(JMP(jmp));
2664 b->stmts = s;
2665 b->s.k = n;
2666
2667 return b;
2668 }
2669
2670 struct block *
2671 gen_greater(n)
2672 int n;
2673 {
2674 return gen_len(BPF_JGE, n);
2675 }
2676
2677 struct block *
2678 gen_less(n)
2679 int n;
2680 {
2681 struct block *b;
2682
2683 b = gen_len(BPF_JGT, n);
2684 gen_not(b);
2685
2686 return b;
2687 }
2688
2689 struct block *
2690 gen_byteop(op, idx, val)
2691 int op, idx, val;
2692 {
2693 struct block *b;
2694 struct slist *s;
2695
2696 switch (op) {
2697 default:
2698 abort();
2699
2700 case '=':
2701 return gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2702
2703 case '<':
2704 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2705 b->s.code = JMP(BPF_JGE);
2706 gen_not(b);
2707 return b;
2708
2709 case '>':
2710 b = gen_cmp((u_int)idx, BPF_B, (bpf_int32)val);
2711 b->s.code = JMP(BPF_JGT);
2712 return b;
2713
2714 case '|':
2715 s = new_stmt(BPF_ALU|BPF_OR|BPF_K);
2716 break;
2717
2718 case '&':
2719 s = new_stmt(BPF_ALU|BPF_AND|BPF_K);
2720 break;
2721 }
2722 s->s.k = val;
2723 b = new_block(JMP(BPF_JEQ));
2724 b->stmts = s;
2725 gen_not(b);
2726
2727 return b;
2728 }
2729
2730 struct block *
2731 gen_broadcast(proto)
2732 int proto;
2733 {
2734 bpf_u_int32 hostmask;
2735 struct block *b0, *b1, *b2;
2736 static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2737
2738 switch (proto) {
2739
2740 case Q_DEFAULT:
2741 case Q_LINK:
2742 if (linktype == DLT_EN10MB)
2743 return gen_ehostop(ebroadcast, Q_DST);
2744 if (linktype == DLT_FDDI)
2745 return gen_fhostop(ebroadcast, Q_DST);
2746 bpf_error("not a broadcast link");
2747 break;
2748
2749 case Q_IP:
2750 b0 = gen_linktype(ETHERTYPE_IP);
2751 hostmask = ~netmask;
2752 b1 = gen_mcmp(off_nl + 16, BPF_W, (bpf_int32)0, hostmask);
2753 b2 = gen_mcmp(off_nl + 16, BPF_W,
2754 (bpf_int32)(~0 & hostmask), hostmask);
2755 gen_or(b1, b2);
2756 gen_and(b0, b2);
2757 return b2;
2758 }
2759 bpf_error("only ether/ip broadcast filters supported");
2760 }
2761
2762 struct block *
2763 gen_multicast(proto)
2764 int proto;
2765 {
2766 register struct block *b0, *b1;
2767 register struct slist *s;
2768
2769 switch (proto) {
2770
2771 case Q_DEFAULT:
2772 case Q_LINK:
2773 if (linktype == DLT_EN10MB) {
2774 /* ether[0] & 1 != 0 */
2775 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2776 s->s.k = 0;
2777 b0 = new_block(JMP(BPF_JSET));
2778 b0->s.k = 1;
2779 b0->stmts = s;
2780 return b0;
2781 }
2782
2783 if (linktype == DLT_FDDI) {
2784 /* XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX */
2785 /* fddi[1] & 1 != 0 */
2786 s = new_stmt(BPF_LD|BPF_B|BPF_ABS);
2787 s->s.k = 1;
2788 b0 = new_block(JMP(BPF_JSET));
2789 b0->s.k = 1;
2790 b0->stmts = s;
2791 return b0;
2792 }
2793 /* Link not known to support multicasts */
2794 break;
2795
2796 case Q_IP:
2797 b0 = gen_linktype(ETHERTYPE_IP);
2798 b1 = gen_cmp(off_nl + 16, BPF_B, (bpf_int32)224);
2799 b1->s.code = JMP(BPF_JGE);
2800 gen_and(b0, b1);
2801 return b1;
2802
2803 #ifdef INET6
2804 case Q_IPV6:
2805 b0 = gen_linktype(ETHERTYPE_IPV6);
2806 b1 = gen_cmp(off_nl + 24, BPF_B, (bpf_int32)255);
2807 gen_and(b0, b1);
2808 return b1;
2809 #endif /* INET6 */
2810 }
2811 bpf_error("only IP multicast filters supported on ethernet/FDDI");
2812 }
2813
2814 /*
2815 * generate command for inbound/outbound. It's here so we can
2816 * make it link-type specific. 'dir' = 0 implies "inbound",
2817 * = 1 implies "outbound".
2818 */
2819 struct block *
2820 gen_inbound(dir)
2821 int dir;
2822 {
2823 register struct block *b0;
2824
2825 b0 = gen_relation(BPF_JEQ,
2826 gen_load(Q_LINK, gen_loadi(0), 1),
2827 gen_loadi(0),
2828 dir);
2829 return (b0);
2830 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism