[Netadm-devel] gwc/gwclib confio.c,1.4,1.5 confproc.c,1.11,1.12 conftab.c,1.4,1.5 confutil.c,1.3,1.4
Status: Beta
Brought to you by:
linuxpark
Menu
▾
▴
[Netadm-devel] gwc/gwclib confio.c,1.4,1.5 confproc.c,1.11,1.12 conftab.c,1.4,1.5 confutil.c,1.3,1.4 sysutil.c,1.2,1.3
|
From: linuxpark <lin...@us...> - 2006-03-05 01:11:05
|
Update of /cvsroot/netadm/gwc/gwclib In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv2507/gwclib Modified Files: confio.c confproc.c conftab.c confutil.c sysutil.c Log Message: ADD: <flow control concerned> from now, pf temporary will be not compiled properly. because between user data structure and pf are different. This will be updated in one or two days later. sorry. i will upload new presentation file which illustrate what has been happen since starting gwc-v0.1-pre3 development. 2006. 2.15 ADD1: add_fc_pol, del_fc_pol, list_fc_pol these files will be modified again. and updated todays. ADD2: _get_fc_net ~ _dmp_fc_ipol about 8 function. and it's map data struct. these functoin can be accessed by sys_ucmd_msg. ADD3: sys_ucmd_msg : this function exported library function about ADD2. this function is somewhat useful to access a specified object in system config (shared memory). ADD4: runpol_list list : This list was made for supporting extended address for example, if user enter network hostinfo(not subnet) in flow control as like 192.168.1.1-100, then the real packet filter policy extend it's real address 192.168.1.1, 192.168.1.2 ... so runpol_list is for this extending IP address of network object but this data structure will be updated by gwcadmd at not the moment "apply flow control rule" but the moment whenever user enter one policy. MOD: kuio_msg_t in include/sysioctl.h All of updating to gwc-v0.1-pre3 may be completed in about one week. jeho park Index: confio.c =================================================================== RCS file: /cvsroot/netadm/gwc/gwclib/confio.c,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** confio.c 1 Mar 2006 04:06:33 -0000 1.4 --- confio.c 5 Mar 2006 01:11:00 -0000 1.5 *************** *** 366,371 **** csm->fc_net[i].name, mapidtostr(map_nettype, csm->fc_net[i].type), ! inet_ntoa(csm->fc_net[i].net.addr), ! csm->fc_net[i].net.mask, csm->fc_net[i].net_if); } --- 366,374 ---- csm->fc_net[i].name, mapidtostr(map_nettype, csm->fc_net[i].type), ! /* ! * inet_ntoa(csm->fc_net[i].net.addr), ! */ ! csm->fc_net[i].addr, ! csm->fc_net[i].mask, csm->fc_net[i].net_if); } *************** *** 392,396 **** STR_FC_FW, csm->fc_fw[i].name, ! csm->fc_fw[i].val, mapidtostr (map_thput_unit, csm->fc_fw[i].unit)); --- 395,399 ---- STR_FC_FW, csm->fc_fw[i].name, ! csm->fc_fw[i].quota, mapidtostr (map_thput_unit, csm->fc_fw[i].unit)); Index: sysutil.c =================================================================== RCS file: /cvsroot/netadm/gwc/gwclib/sysutil.c,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** sysutil.c 28 Feb 2006 23:41:50 -0000 1.2 --- sysutil.c 5 Mar 2006 01:11:00 -0000 1.3 *************** *** 721,722 **** --- 721,822 ---- } + static int _parse_iprange(char *s, int i, unsigned char *v, frp_t fr) { + char *c; + char *p; + + if ( !(c = strchr (s, '-'))) { + if ( str_isdigit (s) != TRUE ) { + sprintf(fr->errmsg, "ugly char entered (%s)", s); + fr->ret = RET_EUSAGE; + return FALSE; + } + + if (atoi (s) > 254) { + sprintf(fr->errmsg, "over limit char entered (%s)", s); + fr->ret = RET_EUSAGE; + return FALSE; + } + + *(v+i+1) = *(v + i) = atoi (s); + return TRUE; + } + + *c = '\0'; + p = ++c; + + if ( str_isdigit (s) != TRUE || atoi (s) > 254) { + sprintf(fr->errmsg, "ugly char entered (%s)", s); + fr->ret = RET_EUSAGE; + return FALSE; + } + + if ( str_isdigit (p) != TRUE || atoi (p) > 254) { + sprintf(fr->errmsg, "ugly char entered (%s)", p); + fr->ret = RET_EUSAGE; + return FALSE; + } + + *(v+i) = atoi (s); + *(v+i+1) = atoi (p); + + return TRUE; + } + + + /* parse_iprange + * : parsing ranged ip address for example, 192.168.10-11.100-200 type + * + * @ip: char ip address + * @parsed : result ( address[8] ) + * + * class A + * address[0] : start addr of class A + * address[1] : end addr of class A + * + * class B + * address[2] : start addr of class B + * address[3] : end addr of class B + * + * class C + * address[4] : start addr of class C + * address[5] : end addr of class C + * + * class D + * address[6] : start addr of class D + * address[7] : end addr of class D + * + * return : TRUE (success), FALSE (fail: ugly ip address) + */ + int parse_iprange (const char *ip, unsigned char *parsed, frp_t fr) { + char *c; + char *p; + char addr[OL*2]; + int len; + int quit = 0; + int i = 0; + + if (strlen (ip) > sizeof (addr)) { + return FALSE; + } + + strcpy(addr, ip); + + p = addr; + while (!quit) { + if ((c = strchr (p, '.')) != NULL) { + *c = '\0'; + if ( _parse_iprange (p, i, parsed, fr) != TRUE ) + return FALSE; + p = ++c; + + } + else { + if ( _parse_iprange (p, i, parsed, fr) != TRUE ) + return FALSE; + quit = 1; + } + i+=2; + } + return TRUE; + } + Index: confproc.c =================================================================== RCS file: /cvsroot/netadm/gwc/gwclib/confproc.c,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** confproc.c 1 Mar 2006 19:13:23 -0000 1.11 --- confproc.c 5 Mar 2006 01:11:00 -0000 1.12 *************** *** 2353,2358 **** --- 2353,2362 ---- } n += 1 + sprintf(&fr->p[n], "%s", mapidtostr(map_nettype, csm->fc_net[i].type)); + #if 0 n += 1 + sprintf(&fr->p[n], "%s", inet_ntoa(csm->fc_net[i].net.addr)); n += 1 + sprintf(&fr->p[n], "%d", csm->fc_net[i].net.mask); + #endif + n += 1 + sprintf(&fr->p[n], "%s", csm->fc_net[i].addr); + n += 1 + sprintf(&fr->p[n], "%d", csm->fc_net[i].mask); n += 1 + sprintf(&fr->p[n], "%s", csm->fc_net[i].net_if); } *************** *** 2378,2381 **** --- 2382,2387 ---- return; } + + /* name */ if (!str_nospace(argv[0])) frerr(fr, RET_EUSAGE,"[FC/Network name] cannot contain spaces\n"); *************** *** 2395,2409 **** } if ((net->type = mapstrtoid(map_nettype, argv[1])) == -1) frerrmap(fr, RET_EUSAGE, "Type", map_nettype); if (!str_inetaddr(argv[2], ! (net->type == SYS_NT_HOST) ? TRUE : FALSE)) ! frerr(fr, RET_EUSAGE, ! "Invalid [IP address] \"%s\" entered\n", argv[2]); ! else if ((net->net.addr.s_addr = inet_addr(argv[2])) == (in_addr_t)(-1)) { frerr(fr, RET_EUSAGE, "Invalid [IP address] \"%s\" entered\n", argv[2]); } if (!str_isdigit(argv[3])) { frerr(fr, RET_EUSAGE, --- 2401,2431 ---- } + /* type */ if ((net->type = mapstrtoid(map_nettype, argv[1])) == -1) frerrmap(fr, RET_EUSAGE, "Type", map_nettype); + /* IP */ if (!str_inetaddr(argv[2], ! (net->type == SYS_NT_HOST) ? TRUE : FALSE)) { ! /* ! * case1: ip range case2: wrong input case3: ? ! */ ! unsigned char address[8]; ! if ( parse_iprange ( argv[2], address, fr) != TRUE ) ! frerr(fr, RET_EUSAGE, ! "Invalid [IP address range] \"%s\" entered" ! " ex) 192.168.1-3.10-100\n", ! argv[2]); ! else ! strcpy (net->addr, argv[2]); ! } ! else if ( inet_addr(argv[2]) == (in_addr_t)(-1)) { frerr(fr, RET_EUSAGE, "Invalid [IP address] \"%s\" entered\n", argv[2]); } + else + strcpy (net->addr, argv[2]); + + /* mask */ if (!str_isdigit(argv[3])) { frerr(fr, RET_EUSAGE, *************** *** 2411,2421 **** } else { ! net->net.mask = atoi(argv[3]); ! if (net->type == SYS_NT_HOST && net->net.mask != 32) frerr(fr, RET_EUSAGE, "[Netmask] must be 32 with host type\n"); ! if (net->net.mask > 32 ) frerr(fr, RET_EUSAGE, "[Netmask] must be between 0 and 32\n"); } if (!str_nospace(argv[4])) frerr(fr, RET_EUSAGE, "[Interface name] cannot contain spaces\n"); --- 2433,2444 ---- } else { ! net->mask = atoi(argv[3]); ! if (net->type == SYS_NT_HOST && net->mask != 32) frerr(fr, RET_EUSAGE, "[Netmask] must be 32 with host type\n"); ! if (net->mask > 32 ) frerr(fr, RET_EUSAGE, "[Netmask] must be between 0 and 32\n"); } + /* neighbor interface name */ if (!str_nospace(argv[4])) frerr(fr, RET_EUSAGE, "[Interface name] cannot contain spaces\n"); *************** *** 2442,2451 **** if (i == slot) continue; ! if (net->net.addr.s_addr != csm->fc_net[i].net.addr.s_addr) ! continue; ! if (net->net.mask != csm->fc_net[i].net.mask) continue; ! if (strcmp(net->net_if, csm->fc_net[i].net_if)) continue; frerr(fr, RET_ENOTUNIQ, "%s: Same Network already defined as %s\n", --- 2465,2479 ---- if (i == slot) continue; ! /* ! *if (net->net.addr.s_addr != csm->fc_net[i].net.addr.s_addr) ! * continue; ! */ ! if (strcmp (net->addr, csm->fc_net[i].addr) != 0) ! continue; ! if (net->mask != csm->fc_net[i].mask) continue; ! if (strcmp(net->net_if, csm->fc_net[i].net_if) != 0) continue; + frerr(fr, RET_ENOTUNIQ, "%s: Same Network already defined as %s\n", *************** *** 2593,2597 **** continue; } ! n += 1 + sprintf(&fr->p[n], "%d", csm->fc_fw[i].val); n += 1 + sprintf(&fr->p[n], "%s", mapidtostr(map_thput_unit, csm->fc_fw[i].unit)); } --- 2621,2625 ---- continue; } ! n += 1 + sprintf(&fr->p[n], "%d", csm->fc_fw[i].quota); n += 1 + sprintf(&fr->p[n], "%s", mapidtostr(map_thput_unit, csm->fc_fw[i].unit)); } *************** *** 2645,2655 **** argv[1]); } ! else if ( atoi (argv[1]) < 0 || atoi (argv[1]) > 999 ) { frerr(fr, RET_EUSAGE, ! "[flow value] must be valid value but you enter %s\n", ! argv[1]); } else ! fw->val = atoi (argv[1]); if ((fw->unit = mapstrtoid(map_thput_unit, argv[2])) == -1) --- 2673,2685 ---- argv[1]); } ! else if ( atoi (argv[1]) < MINDEF_FW_VAL || ! atoi (argv[1]) > MAXDEF_FW_VAL ) { frerr(fr, RET_EUSAGE, ! "[flow value] must be valid value %s" ! " min(%d)~max(%d)\n", ! argv[1], MINDEF_FW_VAL, MAXDEF_FW_VAL); } else ! fw->quota = atoi (argv[1]); if ((fw->unit = mapstrtoid(map_thput_unit, argv[2])) == -1) *************** *** 2659,2663 **** if (i == slot) continue; ! if (fw->val != csm->fc_fw[i].val) continue; if (fw->unit != csm->fc_fw[i].unit) --- 2689,2693 ---- if (i == slot) continue; ! if (fw->quota != csm->fc_fw[i].quota) continue; if (fw->unit != csm->fc_fw[i].unit) *************** *** 2852,2856 **** strcpy(pol->name, argv[0]); ! if (sys_ucmd_msg (_CMD_GET_FC_POL, argv[0], strlen(argv[0]))) frerr(fr, RET_ENOTUNIQ, "[FC/policy name] \"%s\" already exists\n", argv[0]); --- 2882,2886 ---- strcpy(pol->name, argv[0]); ! if (sys_ucmd_msg (_CMD_GET_FC_POL, argv[0], strlen(argv[0]), fr)) frerr(fr, RET_ENOTUNIQ, "[FC/policy name] \"%s\" already exists\n", argv[0]); *************** *** 2870,2874 **** strcpy(pol->snet, argv[2]); ! if ( !sys_ucmd_msg (_CMD_GET_FC_NET, argv[2], strlen(argv[2]))) frerr(fr, RET_ENOTUNIQ, "[FC/source network name] \"%s\" does not exists\n", argv[2]); --- 2900,2904 ---- strcpy(pol->snet, argv[2]); ! if ( !sys_ucmd_msg (_CMD_GET_FC_NET, argv[2], strlen(argv[2]), fr)) frerr(fr, RET_ENOTUNIQ, "[FC/source network name] \"%s\" does not exists\n", argv[2]); *************** *** 2885,2889 **** strcpy(pol->ssvc, argv[3]); ! if ( !(ssvc = (fc_svc_t*)sys_ucmd_msg (_CMD_GET_FC_SVC, argv[3], strlen(argv[3]))) ) frerr(fr, RET_ENOTUNIQ, "[FC/source service protocol name] \"%s\" does not exists\n", argv[3]); --- 2915,2922 ---- strcpy(pol->ssvc, argv[3]); ! if ( !(ssvc = (fc_svc_t*)sys_ucmd_msg (_CMD_GET_FC_SVC, ! argv[3], ! strlen(argv[3]), ! fr)) ) frerr(fr, RET_ENOTUNIQ, "[FC/source service protocol name] \"%s\" does not exists\n", argv[3]); *************** *** 2900,2904 **** strcpy(pol->dnet, argv[4]); ! if ( !sys_ucmd_msg (_CMD_GET_FC_NET, argv[4], strlen(argv[4]))) frerr(fr, RET_ENOTUNIQ, "[FC/destination network name] \"%s\" does not exists\n", argv[4]); --- 2933,2937 ---- strcpy(pol->dnet, argv[4]); ! if ( !sys_ucmd_msg (_CMD_GET_FC_NET, argv[4], strlen(argv[4]), fr)) frerr(fr, RET_ENOTUNIQ, "[FC/destination network name] \"%s\" does not exists\n", argv[4]); *************** *** 2915,2919 **** strcpy(pol->dsvc, argv[5]); ! if ( !(dsvc = (fc_svc_t*)sys_ucmd_msg (_CMD_GET_FC_SVC, argv[5], strlen(argv[5]))) ) frerr(fr, RET_ENOTUNIQ, "[FC/destination service protocol name] \"%s\" does not exists\n",argv[5]); --- 2948,2955 ---- strcpy(pol->dsvc, argv[5]); ! if ( !(dsvc = (fc_svc_t*)sys_ucmd_msg (_CMD_GET_FC_SVC, ! argv[5], ! strlen(argv[5]), ! fr)) ) frerr(fr, RET_ENOTUNIQ, "[FC/destination service protocol name] \"%s\" does not exists\n",argv[5]); *************** *** 2937,2941 **** strcpy(pol->fw, argv[6]); ! if ( !sys_ucmd_msg (_CMD_GET_FC_FW, argv[6], strlen(argv[6]))) frerr(fr, RET_ENOTUNIQ, "[FC/flow control name] \"%s\" does not exists\n", argv[6]); --- 2973,2977 ---- strcpy(pol->fw, argv[6]); ! if ( !sys_ucmd_msg (_CMD_GET_FC_FW, argv[6], strlen(argv[6]), fr)) frerr(fr, RET_ENOTUNIQ, "[FC/flow control name] \"%s\" does not exists\n", argv[6]); *************** *** 3001,3008 **** --- 3037,3053 ---- if (modify != CBFROM_SYSTEM) { + if ((fr->ret = saveconf(csm)) != RET_OK) { frerr(fr, fr->ret, "Cannot save configuration (%d)\n", fr->ret); return; } + else { + if (!sys_ucmd_msg (_CMD_ADD_FC_IPOL, + argv[0], + strlen(argv[0]), + fr)) + frerr(fr, fr->ret,"Failed to add internal policy (%s): " + "%s", argv[0], fr->errmsg); + } } } *************** *** 3024,3041 **** if (argc == 1) { ! ! for (i = 0; i < csm->fc_pol_cnt; i++) { ! if (!strcmp(csm->fc_pol[i].name, argv[0])) { ! pol = &csm->fc_pol[i]; ! slot = i; ! break; ! } ! } ! ! if (pol == NULL) { frerr(fr, RET_ENOTFOUND, "[FC/policy name] \"%s\" does not exist\n", argv[0]); ! return; ! } if (fr->ret != RET_OK) --- 3069,3091 ---- if (argc == 1) { ! ! if (!(pol = sys_ucmd_msg (_CMD_GET_FC_POL, ! argv[0], ! strlen(argv[0]), ! fr))) { frerr(fr, RET_ENOTFOUND, "[FC/policy name] \"%s\" does not exist\n", argv[0]); ! } ! #if 0 ! else { ! if ( !sys_ucmd_msg ( _CMD_DEL_FC_IPOL, ! argv[0], ! strlen(argv[0]), ! fr)) ! frerr(fr, fr->ret, "Failed to delete internal policy(%s): %s", ! argv[0], ! fr->errmsg); ! } ! #endif if (fr->ret != RET_OK) *************** *** 3050,3058 **** if (modify != CBFROM_SYSTEM) { ! if ((fr->ret = saveconf(csm)) != RET_OK) { frerr(fr, fr->ret, "Cannot save configuration (%d)\n", fr->ret); return; } } } --- 3100,3119 ---- if (modify != CBFROM_SYSTEM) { ! if ((fr->ret = saveconf(csm)) != RET_OK) { frerr(fr, fr->ret, "Cannot save configuration (%d)\n", fr->ret); return; } + else { + + if ( !sys_ucmd_msg ( _CMD_DEL_FC_IPOL, + argv[0], + strlen(argv[0]), + fr)) + frerr(fr, fr->ret, + "Failed to delete internal policy(%s): %s", + argv[0], + fr->errmsg); + } } } *************** *** 3071,3074 **** --- 3132,3144 ---- int ret; + /* snet/ssvc ----> dnet/dsvc (fw) + * IP, dev_idx / proto, port ----> IP, dev_idx / proto, port [fw(byte)] + * + * - IP (u32) + * - proto + * - port + * ip->protocol (struct iphdr *ip = (*pkt)->nh.iph ), pkt == sk_buff** + * + */ if (argc == 0) { fd = open(SZPFDEV, O_RDWR | O_NDELAY); *************** *** 3079,3082 **** --- 3149,3153 ---- ioctl (fd, IOCTLPF_REFLESH, 0); + #if 0 for (i = 0; i < csm->hpolcnt; i++) { switch (csm->hostpol[i].flag) { *************** *** 3106,3109 **** --- 3177,3181 ---- } } + #endif close(fd); Index: confutil.c =================================================================== RCS file: /cvsroot/netadm/gwc/gwclib/confutil.c,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** confutil.c 1 Mar 2006 19:13:24 -0000 1.3 --- confutil.c 5 Mar 2006 01:11:00 -0000 1.4 *************** *** 35,38 **** --- 35,39 ---- #include "sysdef.h" #include "confutil.h" + #include "linklist.h" #if !defined(TRUE) *************** *** 49,108 **** extern sys_ucmd_t ucmdtab[]; ! void * sys_ucmd_msg (sys_ucmd_e cmd, void *arg, int len) { /* * TODO: someday later, lock for shared mem will be needed * to support multiprocessing by admin */ ! return ucmdtab[cmd].func (arg, len); } ! void * _get_fc_net ( void *arg, int len) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(net); i++) { ! if ( !strncmp (FC_OBJ_NAME(net, i), name, len)) return &FC_OBJ(net, i); } return NULL; } ! void * _get_fc_svc ( void *arg, int len) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(svc); i++) { ! if ( !strncmp (FC_OBJ_NAME(svc, i), name, len)) return &FC_OBJ(svc, i); } return NULL; } ! void * _get_fc_fw ( void *arg, int len) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(fw); i++) { ! if ( !strncmp (FC_OBJ_NAME(fw, i), name, len)) return &FC_OBJ(fw, i); } return NULL; } ! void * _get_fc_pol ( void *arg, int len) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(pol); i++) { ! if ( !strncmp (FC_OBJ_NAME(pol, i), name, len)) return &FC_OBJ(pol, i); } return NULL; } char * mapidtostr(sys_strmap_t * map, int id) --- 50,385 ---- extern sys_ucmd_t ucmdtab[]; ! void * sys_ucmd_msg (sys_ucmd_e cmd, void *arg, int len, frp_t fr) { /* * TODO: someday later, lock for shared mem will be needed * to support multiprocessing by admin */ ! return ucmdtab[cmd].func (arg, len, fr); } ! void * _get_fc_net ( void *arg, int len, frp_t fr) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(net); i++) { ! if ( !strncmp (FC_OBJ_NAME(net, i), name, len)) { ! fr->ret = RET_OK; return &FC_OBJ(net, i); + } } + + strcpy (fr->errmsg, "Can't found fc net"); + fr->ret = RET_ENOTFOUND; return NULL; } ! void * _get_fc_svc ( void *arg, int len, frp_t fr) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(svc); i++) { ! if ( !strncmp (FC_OBJ_NAME(svc, i), name, len)) { ! fr->ret = RET_OK; return &FC_OBJ(svc, i); + } } + strcpy (fr->errmsg, "Can't found fc svc"); + fr->ret = RET_ENOTFOUND; return NULL; } ! void * _get_fc_fw ( void *arg, int len, frp_t fr) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(fw); i++) { ! if ( !strncmp (FC_OBJ_NAME(fw, i), name, len)) { ! fr->ret = RET_OK; return &FC_OBJ(fw, i); + } } + strcpy (fr->errmsg, "Can't found fc fw"); + fr->ret = RET_ENOTFOUND; return NULL; } ! void * _get_fc_pol ( void *arg, int len, frp_t fr) { int i; char *name = (char *)arg; for ( i = 0 ; i < FC_CNT(pol); i++) { ! if ( !strncmp (FC_OBJ_NAME(pol, i), name, len)) { ! fr->ret = RET_OK; return &FC_OBJ(pol, i); + } } + strcpy (fr->errmsg, "Can't found fc pol"); + fr->ret = RET_ENOTFOUND; return NULL; } + + //update_ipol (p, pol, snet, dnet, ssvc, dsvc, fw); + /* update_ipol() + * : set fc_umsg_t in runpol_list + * + * @c : runpol_list, fc_umsg_t + * @p : policy, fc_pol_t + * @sn: source net, fc_net_t + * @dn: destination net fc_net_t + * @ss: source svc fc_svc_t + * @ds: destination svc fc_svc_t + * @fw: flow unit fc_fw_t + */ + + static inline void update_ipol ( fc_umsg_t *c, + fc_pol_t *p, + fc_net_t *sn, + fc_net_t *dn, + fc_svc_t *ss, + fc_svc_t *ds, + fc_fw_t *fw ) { + + strcpy (c->polname, p->name); + strcpy (c->msg.indev, sn->net_if); + c->msg.protocol = ss->proto; + c->msg.rule = p->rule; + + if (ss->proto != SYS_PROTO_ICMP){ + c->msg.sport = ss->u.port; + c->msg.dport = ds->u.port; + } + else { + c->msg.sport = ss->u.icmptype; + c->msg.dport = ds->u.icmptype; + } + + c->msg.smask = sn->mask; + c->msg.dmask = dn->mask; + + if (fw->unit == SYS_FLOW_BPS) + c->msg.quota = ((double)(fw->quota)) / 8.0; + else if (fw->unit == SYS_FLOW_KBPS) + c->msg.quota = 1024 * ((double)(fw->quota)) / 8.0; + else if (fw->unit == SYS_FLOW_MBPS) + c->msg.quota = 1024 * 1024 * ((double)(fw->quota)) / 8.0; + else if (fw->unit == SYS_FLOW_BYTE) + c->msg.quota = fw->quota; + else if (fw->unit == SYS_FLOW_KBYTE) + c->msg.quota = 1024 * fw->quota; + else if (fw->unit == SYS_FLOW_MBYTE) + c->msg.quota = 1024 * 1024 * fw->quota; + } + + void * _mod_fc_ipol ( void *arg, int len, frp_t fr) { + /* + * TODO: later, + */ + return NULL; + } + + #ifndef FC_ADDR_NORMAL + #define FC_ADDR_NORMAL 0x00000000 /* nomal ip address */ + #endif + + #ifndef FC_ADDR_EXTEND + #define FC_ADDR_EXTEND 0x00000001 /* extended ip address. + for example, 192.168.1.10-100 + */ + #endif + + typedef struct { + int addr; + }tmp_addr_t; + + /* __add_fc_ipol() + * : this function add internal policy not for GUI user process but for pf module. + * : don't call this function directly. use sys_umsg_cmd with index. + * : This function exist for more better performance at 'apply time' + * : because whenever user insert one policy, this function will be call, + * : and then make runtime cache? of internal policy. + * + * @arg : policy name in fc_pol_t + * @len : length of policyname + * @fr : detailed result fr->ret, fr->errmsg + */ + void * _add_fc_ipol ( void *arg, int len, frp_t fr) { + fc_umsg_t *p; /* node which include new vals */ + fc_pol_t *pol; + fc_net_t *snet; + fc_net_t *dnet; + fc_svc_t *ssvc; + fc_svc_t *dsvc; + fc_fw_t *fw; + unsigned char saddr[8]; + unsigned char daddr[8]; + list saddr_list; + list daddr_list; + struct listnode *SAN; + struct listnode *DAN; + int addr; + int i; + int j; + int k; + int l; + tmp_addr_t *sa; + tmp_addr_t *da; + char *polname = (char *)arg; + + if (!(pol = sys_ucmd_msg (_CMD_GET_FC_POL, + polname, + strlen(polname), + fr))) + return NULL; + + if (!(snet = sys_ucmd_msg (_CMD_GET_FC_NET, + pol->snet, + strlen(pol->snet), + fr))) + return NULL; + + if (!(dnet = sys_ucmd_msg (_CMD_GET_FC_NET, + pol->dnet, + strlen(pol->dnet), + fr))) + return NULL; + + if (!(ssvc = sys_ucmd_msg (_CMD_GET_FC_SVC, + pol->ssvc, + strlen(pol->ssvc), + fr))) + return NULL; + + if (!(dsvc = sys_ucmd_msg (_CMD_GET_FC_SVC, + pol->dsvc, + strlen(pol->dsvc), + fr))) + return NULL; + + if (!(fw = sys_ucmd_msg (_CMD_GET_FC_FW, + pol->fw, + strlen(pol->fw), + fr))) + return NULL; + + if ( parse_iprange (snet->addr, saddr, fr) != TRUE) { + return NULL; + } + + saddr_list = list_new (); + if (!saddr_list) { + strcpy(fr->errmsg, "failed to alloc saddr_list"); + fr->ret = RET_EMALLOC; + return NULL; + } + + for ( i = saddr[0]; i <= saddr[1]; i++) + for ( j = saddr[2]; j <= saddr[3]; j++) + for ( k = saddr[4]; k <= saddr[5]; k++) + for ( l = saddr[6]; l <= saddr[7]; l++) { + /* LITTLE ENDIAN */ + addr = 0; + addr = l; + addr <<= 8; + + addr |= k; + addr <<= 8; + + addr |= j; + addr <<= 8; + + addr |= i; + + sa = (tmp_addr_t*)malloc (sizeof(tmp_addr_t)); + if (!sa) { + strcpy(fr->errmsg, + "failed to alloc tmp saddr node"); + fr->ret = RET_EMALLOC; + return NULL; + } + sa->addr = addr; + listnode_add (saddr_list, sa); + } + + if ( parse_iprange (dnet->addr, daddr, fr) != TRUE) { + return NULL; + } + + daddr_list = list_new (); + if (!daddr_list) { + strcpy(fr->errmsg, "failed to alloc daddr_list"); + fr->ret = RET_EMALLOC; + return NULL; + } + + for ( i = daddr[0]; i <= daddr[1]; i++) + for ( j = daddr[2]; j <= daddr[3]; j++) + for ( k = daddr[4]; k <= daddr[5]; k++) + for ( l = daddr[6]; l <= daddr[7]; l++) { + /* LITTLE ENDIAN */ + addr = 0; + addr = l; + addr <<= 8; + + addr |= k; + addr <<= 8; + + addr |= j; + addr <<= 8; + + addr |= i; + + da = (tmp_addr_t*)malloc (sizeof(tmp_addr_t)); + if (!da) { + strcpy(fr->errmsg, + "failed to alloc tmp daddr node"); + fr->ret = RET_EMALLOC; + return NULL; + } + da->addr = addr; + listnode_add (daddr_list, da); + } + + LIST_LOOP (saddr_list, sa, SAN) { + LIST_LOOP (daddr_list, da, DAN) { + p = (fc_umsg_t*)malloc (sizeof (fc_umsg_t)); + if (!p) { + strcpy(fr->errmsg, "failed to alloc ipol node"); + fr->ret = RET_EMALLOC; + return NULL; + } + update_ipol (p, pol, snet, dnet, ssvc, dsvc, fw); + p->msg.saddr = sa->addr; + p->msg.daddr = da->addr; + listnode_add (csm->fc_ipol_list, p); + } + } + + fr->ret = RET_OK; + return polname; + } + + void * _del_fc_ipol ( void *arg, int len, frp_t fr) { + fc_umsg_t *p; /* node which include new vals */ + struct listnode *n; + char *polname = (char *)arg; + + LIST_LOOP (csm->fc_ipol_list, p, n) { + if (!strcmp (p->polname, polname)) { + listnode_delete (csm->fc_ipol_list, p); + } + } + + fr->ret = RET_OK; + return polname; + } + + void * _dmp_fc_ipol ( void *arg, int len, frp_t fr) { + } + char * mapidtostr(sys_strmap_t * map, int id) Index: conftab.c =================================================================== RCS file: /cvsroot/netadm/gwc/gwclib/conftab.c,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** conftab.c 1 Mar 2006 04:06:33 -0000 1.4 --- conftab.c 5 Mar 2006 01:11:00 -0000 1.5 *************** *** 98,105 **** sys_ucmd_t ucmdtab [] = { ! { _CMD_GET_FC_NET, _get_fc_net }, ! { _CMD_GET_FC_SVC, _get_fc_svc }, ! { _CMD_GET_FC_FW, _get_fc_fw }, ! { _CMD_GET_FC_POL, _get_fc_pol }, {0}, }; --- 98,109 ---- sys_ucmd_t ucmdtab [] = { ! { _CMD_GET_FC_NET, _get_fc_net }, ! { _CMD_GET_FC_SVC, _get_fc_svc }, ! { _CMD_GET_FC_FW, _get_fc_fw }, ! { _CMD_GET_FC_POL, _get_fc_pol }, ! { _CMD_MOD_FC_IPOL, _mod_fc_ipol }, ! { _CMD_ADD_FC_IPOL, _add_fc_ipol }, ! { _CMD_DEL_FC_IPOL, _del_fc_ipol }, ! { _CMD_DMP_FC_IPOL, _dmp_fc_ipol }, {0}, }; |
