diff options
author | Gleb Smirnoff <glebius@FreeBSD.org> | 2011-04-18 21:18:22 +0000 |
---|---|---|
committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2011-04-18 21:18:22 +0000 |
commit | 5221106c04a89220599fbf9ba1def408d495d18e (patch) | |
tree | db3bade514eee879822dab423e313cd92d92f7c2 /sbin/ipfw/nat.c | |
parent | 576f40089babd3e64d0d289dcd374dd83bf4ad93 (diff) | |
download | src-5221106c04a89220599fbf9ba1def408d495d18e.tar.gz src-5221106c04a89220599fbf9ba1def408d495d18e.zip |
Whitespace fixes.
Checked with: md5, diff -w
Notes
Notes:
svn path=/head/; revision=220802
Diffstat (limited to 'sbin/ipfw/nat.c')
-rw-r--r-- | sbin/ipfw/nat.c | 197 |
1 files changed, 98 insertions, 99 deletions
diff --git a/sbin/ipfw/nat.c b/sbin/ipfw/nat.c index 21196bcdc1e5..bf9354955894 100644 --- a/sbin/ipfw/nat.c +++ b/sbin/ipfw/nat.c @@ -47,15 +47,15 @@ #include <alias.h> static struct _s_x nat_params[] = { - { "ip", TOK_IP }, - { "if", TOK_IF }, - { "log", TOK_ALOG }, - { "deny_in", TOK_DENY_INC }, - { "same_ports", TOK_SAME_PORTS }, - { "unreg_only", TOK_UNREG_ONLY }, - { "reset", TOK_RESET_ADDR }, - { "reverse", TOK_ALIAS_REV }, - { "proxy_only", TOK_PROXY_ONLY }, + { "ip", TOK_IP }, + { "if", TOK_IF }, + { "log", TOK_ALOG }, + { "deny_in", TOK_DENY_INC }, + { "same_ports", TOK_SAME_PORTS }, + { "unreg_only", TOK_UNREG_ONLY }, + { "reset", TOK_RESET_ADDR }, + { "reverse", TOK_ALIAS_REV }, + { "proxy_only", TOK_PROXY_ONLY }, { "redirect_addr", TOK_REDIR_ADDR }, { "redirect_port", TOK_REDIR_PORT }, { "redirect_proto", TOK_REDIR_PROTO }, @@ -63,10 +63,10 @@ static struct _s_x nat_params[] = { }; -/* +/* * Search for interface with name "ifn", and fill n accordingly: * - * n->ip ip address of interface "ifn" + * n->ip ip address of interface "ifn" * n->if_name copy of interface name "ifn" */ static void @@ -163,25 +163,25 @@ set_addr_dynamic(const char *ifn, struct cfg_nat *n) free(buf); } -/* +/* * XXX - The following functions, macros and definitions come from natd.c: - * it would be better to move them outside natd.c, in a file - * (redirect_support.[ch]?) shared by ipfw and natd, but for now i can live + * it would be better to move them outside natd.c, in a file + * (redirect_support.[ch]?) shared by ipfw and natd, but for now i can live * with it. */ /* * Definition of a port range, and macros to deal with values. * FORMAT: HI 16-bits == first port in range, 0 == all ports. - * LO 16-bits == number of ports in range + * LO 16-bits == number of ports in range * NOTES: - Port values are not stored in network byte order. */ #define port_range u_long -#define GETLOPORT(x) ((x) >> 0x10) -#define GETNUMPORTS(x) ((x) & 0x0000ffff) -#define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x))) +#define GETLOPORT(x) ((x) >> 0x10) +#define GETNUMPORTS(x) ((x) & 0x0000ffff) +#define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x))) /* Set y to be the low-port value in port_range variable x. */ #define SETLOPORT(x,y) ((x) = ((x) & 0x0000ffff) | ((y) << 0x10)) @@ -189,7 +189,7 @@ set_addr_dynamic(const char *ifn, struct cfg_nat *n) /* Set y to be the number of ports in port_range variable x. */ #define SETNUMPORTS(x,y) ((x) = ((x) & 0xffff0000) | (y)) -static void +static void StrToAddr (const char* str, struct in_addr* addr) { struct hostent* hp; @@ -204,30 +204,30 @@ StrToAddr (const char* str, struct in_addr* addr) memcpy (addr, hp->h_addr, sizeof (struct in_addr)); } -static int +static int StrToPortRange (const char* str, const char* proto, port_range *portRange) { - char* sep; + char* sep; struct servent* sp; char* end; - u_short loPort; - u_short hiPort; + u_short loPort; + u_short hiPort; /* First see if this is a service, return corresponding port if so. */ sp = getservbyname (str,proto); if (sp) { - SETLOPORT(*portRange, ntohs(sp->s_port)); + SETLOPORT(*portRange, ntohs(sp->s_port)); SETNUMPORTS(*portRange, 1); return 0; } - + /* Not a service, see if it's a single port or port range. */ sep = strchr (str, '-'); if (sep == NULL) { - SETLOPORT(*portRange, strtol(str, &end, 10)); + SETLOPORT(*portRange, strtol(str, &end, 10)); if (end != str) { - /* Single port. */ - SETNUMPORTS(*portRange, 1); + /* Single port. */ + SETNUMPORTS(*portRange, 1); return 0; } @@ -240,15 +240,15 @@ StrToPortRange (const char* str, const char* proto, port_range *portRange) SETLOPORT(*portRange, loPort); SETNUMPORTS(*portRange, 0); /* Error by default */ if (loPort <= hiPort) - SETNUMPORTS(*portRange, hiPort - loPort + 1); + SETNUMPORTS(*portRange, hiPort - loPort + 1); if (GETNUMPORTS(*portRange) == 0) - errx (EX_DATAERR, "invalid port range %s", str); + errx (EX_DATAERR, "invalid port range %s", str); return 0; } -static int +static int StrToProto (const char* str) { if (!strcmp (str, "tcp")) @@ -262,9 +262,9 @@ StrToProto (const char* str) errx (EX_DATAERR, "unknown protocol %s. Expected sctp, tcp or udp", str); } -static int -StrToAddrAndPortRange (const char* str, struct in_addr* addr, char* proto, - port_range *portRange) +static int +StrToAddrAndPortRange (const char* str, struct in_addr* addr, char* proto, + port_range *portRange) { char* ptr; @@ -281,50 +281,49 @@ StrToAddrAndPortRange (const char* str, struct in_addr* addr, char* proto, /* End of stuff taken from natd.c. */ -#define INC_ARGCV() do { \ - (*_av)++; \ - (*_ac)--; \ - av = *_av; \ - ac = *_ac; \ +#define INC_ARGCV() do { \ + (*_av)++; \ + (*_ac)--; \ + av = *_av; \ + ac = *_ac; \ } while(0) -/* - * The next 3 functions add support for the addr, port and proto redirect and - * their logic is loosely based on SetupAddressRedirect(), SetupPortRedirect() +/* + * The next 3 functions add support for the addr, port and proto redirect and + * their logic is loosely based on SetupAddressRedirect(), SetupPortRedirect() * and SetupProtoRedirect() from natd.c. * - * Every setup_* function fills at least one redirect entry - * (struct cfg_redir) and zero or more server pool entry (struct cfg_spool) + * Every setup_* function fills at least one redirect entry + * (struct cfg_redir) and zero or more server pool entry (struct cfg_spool) * in buf. - * + * * The format of data in buf is: - * * - * cfg_nat cfg_redir cfg_spool ...... cfg_spool + * cfg_nat cfg_redir cfg_spool ...... cfg_spool * * ------------------------------------- ------------ * | | .....X ... | | | | ..... * ------------------------------------- ...... ------------ - * ^ + * ^ * spool_cnt n=0 ...... n=(X-1) * * len points to the amount of available space in buf * space counts the memory consumed by every function * - * XXX - Every function get all the argv params so it + * XXX - Every function get all the argv params so it * has to check, in optional parameters, that the next - * args is a valid option for the redir entry and not - * another token. Only redir_port and redir_proto are + * args is a valid option for the redir entry and not + * another token. Only redir_port and redir_proto are * affected by this. */ static int setup_redir_addr(char *spool_buf, unsigned int len, - int *_ac, char ***_av) + int *_ac, char ***_av) { char **av, *sep; /* Token separator. */ /* Temporary buffer used to hold server pool ip's. */ - char tmp_spool_buf[NAT_BUF_LEN]; + char tmp_spool_buf[NAT_BUF_LEN]; int ac, space, lsnat; struct cfg_redir *r; struct cfg_spool *tmp; @@ -339,11 +338,11 @@ setup_redir_addr(char *spool_buf, unsigned int len, spool_buf = &spool_buf[SOF_REDIR]; space = SOF_REDIR; len -= SOF_REDIR; - } else - goto nospace; + } else + goto nospace; r->mode = REDIR_ADDR; /* Extract local address. */ - if (ac == 0) + if (ac == 0) errx(EX_DATAERR, "redirect_addr: missing local address"); sep = strchr(*av, ','); if (sep) { /* LSNAT redirection syntax. */ @@ -351,12 +350,12 @@ setup_redir_addr(char *spool_buf, unsigned int len, /* Preserve av, copy spool servers to tmp_spool_buf. */ strncpy(tmp_spool_buf, *av, strlen(*av)+1); lsnat = 1; - } else + } else StrToAddr(*av, &r->laddr); INC_ARGCV(); /* Extract public address. */ - if (ac == 0) + if (ac == 0) errx(EX_DATAERR, "redirect_addr: missing public address"); StrToAddr(*av, &r->paddr); INC_ARGCV(); @@ -385,7 +384,7 @@ nospace: static int setup_redir_port(char *spool_buf, unsigned int len, - int *_ac, char ***_av) + int *_ac, char ***_av) { char **av, *sep, *protoName; char tmp_spool_buf[NAT_BUF_LEN]; @@ -407,8 +406,8 @@ setup_redir_port(char *spool_buf, unsigned int len, spool_buf = &spool_buf[SOF_REDIR]; space = SOF_REDIR; len -= SOF_REDIR; - } else - goto nospace; + } else + goto nospace; r->mode = REDIR_PORT; /* * Extract protocol. @@ -436,8 +435,8 @@ setup_redir_port(char *spool_buf, unsigned int len, lsnat = 1; } else { /* - * The sctp nat does not allow the port numbers to be mapped to - * new port numbers. Therefore, no ports are to be specified + * The sctp nat does not allow the port numbers to be mapped to + * new port numbers. Therefore, no ports are to be specified * in the target port field. */ if (r->proto == IPPROTO_SCTP) { @@ -448,7 +447,7 @@ setup_redir_port(char *spool_buf, unsigned int len, else StrToAddr(*av, &r->laddr); } else { - if (StrToAddrAndPortRange (*av, &r->laddr, protoName, + if (StrToAddrAndPortRange (*av, &r->laddr, protoName, &portRange) != 0) errx(EX_DATAERR, "redirect_port:" "invalid local port range"); @@ -467,14 +466,14 @@ setup_redir_port(char *spool_buf, unsigned int len, sep = strchr (*av, ':'); if (sep) { - if (StrToAddrAndPortRange (*av, &r->paddr, protoName, + if (StrToAddrAndPortRange (*av, &r->paddr, protoName, &portRange) != 0) - errx(EX_DATAERR, "redirect_port:" + errx(EX_DATAERR, "redirect_port:" "invalid public port range"); } else { r->paddr.s_addr = INADDR_ANY; if (StrToPortRange (*av, protoName, &portRange) != 0) - errx(EX_DATAERR, "redirect_port:" + errx(EX_DATAERR, "redirect_port:" "invalid public port range"); } @@ -489,19 +488,19 @@ setup_redir_port(char *spool_buf, unsigned int len, /* * Extract remote address and optionally port. */ - /* + /* * NB: isalpha(**av) => we've to check that next parameter is really an * option for this redirect entry, else stop here processing arg[cv]. */ - if (ac != 0 && !isalpha(**av)) { + if (ac != 0 && !isalpha(**av)) { sep = strchr (*av, ':'); if (sep) { - if (StrToAddrAndPortRange (*av, &r->raddr, protoName, + if (StrToAddrAndPortRange (*av, &r->raddr, protoName, &portRange) != 0) errx(EX_DATAERR, "redirect_port:" "invalid remote port range"); } else { - SETLOPORT(portRange, 0); + SETLOPORT(portRange, 0); SETNUMPORTS(portRange, 1); StrToAddr (*av, &r->raddr); } @@ -514,17 +513,17 @@ setup_redir_port(char *spool_buf, unsigned int len, r->rport = GETLOPORT(portRange); r->rport_cnt = GETNUMPORTS(portRange); - /* + /* * Make sure port ranges match up, then add the redirect ports. */ if (numLocalPorts != r->pport_cnt) - errx(EX_DATAERR, "redirect_port:" + errx(EX_DATAERR, "redirect_port:" "port ranges must be equal in size"); /* Remote port range is allowed to be '0' which means all ports. */ - if (r->rport_cnt != numLocalPorts && + if (r->rport_cnt != numLocalPorts && (r->rport_cnt != 1 || r->rport != 0)) - errx(EX_DATAERR, "redirect_port: remote port must" + errx(EX_DATAERR, "redirect_port: remote port must" "be 0 or equal to local port range in size"); /* @@ -553,7 +552,7 @@ setup_redir_port(char *spool_buf, unsigned int len, tmp->port = r->pport; } } else { - if (StrToAddrAndPortRange(sep, &tmp->addr, + if (StrToAddrAndPortRange(sep, &tmp->addr, protoName, &portRange) != 0) errx(EX_DATAERR, "redirect_port:" "invalid local port range"); @@ -576,7 +575,7 @@ nospace: static int setup_redir_proto(char *spool_buf, unsigned int len, - int *_ac, char ***_av) + int *_ac, char ***_av) { char **av; int ac, space; @@ -591,7 +590,7 @@ setup_redir_proto(char *spool_buf, unsigned int len, spool_buf = &spool_buf[SOF_REDIR]; space = SOF_REDIR; len -= SOF_REDIR; - } else + } else goto nospace; r->mode = REDIR_PROTO; /* @@ -700,7 +699,7 @@ print_nat_config(unsigned char *buf) s = (struct cfg_spool *)&buf[off]; if (i) printf(","); - else + else printf(" "); printf("%s", inet_ntoa(s->addr)); off += SOF_SPOOL; @@ -713,21 +712,21 @@ print_nat_config(unsigned char *buf) if (!t->spool_cnt) { printf("%s:%u", inet_ntoa(t->laddr), t->lport); if (t->pport_cnt > 1) - printf("-%u", t->lport + + printf("-%u", t->lport + t->pport_cnt - 1); } else for (i=0; i < t->spool_cnt; i++) { s = (struct cfg_spool *)&buf[off]; if (i) printf(","); - printf("%s:%u", inet_ntoa(s->addr), + printf("%s:%u", inet_ntoa(s->addr), s->port); off += SOF_SPOOL; } printf(" "); if (t->paddr.s_addr) - printf("%s:", inet_ntoa(t->paddr)); + printf("%s:", inet_ntoa(t->paddr)); printf("%u", t->pport); if (!t->spool_cnt && t->pport_cnt > 1) printf("-%u", t->pport + t->pport_cnt - 1); @@ -737,14 +736,14 @@ print_nat_config(unsigned char *buf) if (t->rport) { printf(":%u", t->rport); if (!t->spool_cnt && t->rport_cnt > 1) - printf("-%u", t->rport + + printf("-%u", t->rport + t->rport_cnt - 1); } } break; case REDIR_PROTO: p = getprotobynumber(t->proto); - printf(" redirect_proto %s %s", p->p_name, + printf(" redirect_proto %s %s", p->p_name, inet_ntoa(t->laddr)); if (t->paddr.s_addr != 0) { printf(" %s", inet_ntoa(t->paddr)); @@ -763,7 +762,7 @@ print_nat_config(unsigned char *buf) void ipfw_config_nat(int ac, char **av) { - struct cfg_nat *n; /* Nat instance configuration. */ + struct cfg_nat *n; /* Nat instance configuration. */ int i, len, off, tok; char *id, buf[NAT_BUF_LEN]; /* Buffer for serialized data. */ @@ -777,12 +776,12 @@ ipfw_config_nat(int ac, char **av) /* Nat id. */ if (ac && isdigit(**av)) { id = *av; - i = atoi(*av); + i = atoi(*av); ac--; av++; n->id = i; - } else + } else errx(EX_DATAERR, "missing nat id"); - if (ac == 0) + if (ac == 0) errx(EX_DATAERR, "missing option"); while (ac > 0) { @@ -790,15 +789,15 @@ ipfw_config_nat(int ac, char **av) ac--; av++; switch (tok) { case TOK_IP: - if (ac == 0) + if (ac == 0) errx(EX_DATAERR, "missing option"); if (!inet_aton(av[0], &(n->ip))) - errx(EX_DATAERR, "bad ip address ``%s''", + errx(EX_DATAERR, "bad ip address ``%s''", av[0]); ac--; av++; - break; + break; case TOK_IF: - if (ac == 0) + if (ac == 0) errx(EX_DATAERR, "missing option"); set_addr_dynamic(av[0], n); ac--; av++; @@ -824,9 +823,9 @@ ipfw_config_nat(int ac, char **av) case TOK_PROXY_ONLY: n->mode |= PKT_ALIAS_PROXY_ONLY; break; - /* - * All the setup_redir_* functions work directly in the final - * buffer, see above for details. + /* + * All the setup_redir_* functions work directly in + * the final buffer, see above for details. */ case TOK_REDIR_ADDR: case TOK_REDIR_PORT: @@ -834,10 +833,10 @@ ipfw_config_nat(int ac, char **av) switch (tok) { case TOK_REDIR_ADDR: i = setup_redir_addr(&buf[off], len, &ac, &av); - break; + break; case TOK_REDIR_PORT: i = setup_redir_port(&buf[off], len, &ac, &av); - break; + break; case TOK_REDIR_PROTO: i = setup_redir_proto(&buf[off], len, &ac, &av); break; @@ -888,7 +887,7 @@ ipfw_show_nat(int ac, char **av) /* Parse parameters. */ for (cmd = IP_FW_NAT_GET_LOG, do_cfg = 0; ac != 0; ac--, av++) { if (!strncmp(av[0], "config", strlen(av[0]))) { - cmd = IP_FW_NAT_GET_CONFIG, do_cfg = 1; + cmd = IP_FW_NAT_GET_CONFIG, do_cfg = 1; continue; } /* Convert command line rule #. */ @@ -920,7 +919,7 @@ ipfw_show_nat(int ac, char **av) i += sizeof(struct cfg_nat); for (redir_cnt = 0; redir_cnt < n->redir_cnt; redir_cnt++) { e = (struct cfg_redir *)&data[i]; - i += sizeof(struct cfg_redir) + e->spool_cnt * + i += sizeof(struct cfg_redir) + e->spool_cnt * sizeof(struct cfg_spool); } } |