X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=options.c;h=a2a0465d8bab1ab8e2a4eed9f6546d00182d3afc;hp=3d30c57c5f86ae736d64c3490ef141971cdc7c6f;hb=2bcf21ee2e44e9e4158ae4a36a5d73832cd99587;hpb=78e134ba7cdc473e7cdf0422b863579ac700ac13 diff --git a/options.c b/options.c index 3d30c57..a2a0465 100644 --- a/options.c +++ b/options.c @@ -84,7 +84,7 @@ const char *fw3_flag_names[__FW3_FLAG_MAX] = { "DROP", }; -static const char *limit_units[] = { +const char *fw3_limit_units[__FW3_LIMIT_UNIT_MAX] = { "second", "minute", "hour", @@ -191,7 +191,7 @@ fw3_parse_limit(void *ptr, const char *val, bool is_list) if (!strlen(e)) return false; - if (!parse_enum(&u, e, limit_units, 0, FW3_LIMIT_UNIT_DAY)) + if (!parse_enum(&u, e, fw3_limit_units, 0, FW3_LIMIT_UNIT_DAY)) return false; limit->rate = n; @@ -893,16 +893,6 @@ fw3_parse_options(void *s, const struct fw3_option *opts, } -void -fw3_format_in_out(struct fw3_device *in, struct fw3_device *out) -{ - if (in && !in->any) - fw3_pr(" %s-i %s", in->invert ? "! " : "", in->name); - - if (out && !out->any) - fw3_pr(" %s-o %s", out->invert ? "! " : "", out->name); -} - const char * fw3_address_to_string(struct fw3_address *address, bool allow_invert) { @@ -933,285 +923,3 @@ fw3_address_to_string(struct fw3_address *address, bool allow_invert) return buf; } - -void -fw3_format_src_dest(struct fw3_address *src, struct fw3_address *dest) -{ - if ((src && src->range) || (dest && dest->range)) - fw3_pr(" -m iprange"); - - if (src && src->set) - { - fw3_pr(" %s%s %s", src->invert ? "! " : "", - src->range ? "--src-range" : "-s", - fw3_address_to_string(src, false)); - } - - if (dest && dest->set) - { - fw3_pr(" %s%s %s", dest->invert ? "! " : "", - dest->range ? "--dst-range" : "-d", - fw3_address_to_string(dest, false)); - } -} - -void -fw3_format_sport_dport(struct fw3_port *sp, struct fw3_port *dp) -{ - if (sp && sp->set) - { - if (sp->port_min == sp->port_max) - fw3_pr(" %s--sport %u", sp->invert ? "! " : "", sp->port_min); - else - fw3_pr(" %s--sport %u:%u", - sp->invert ? "! " : "", sp->port_min, sp->port_max); - } - - if (dp && dp->set) - { - if (dp->port_min == dp->port_max) - fw3_pr(" %s--dport %u", dp->invert ? "! " : "", dp->port_min); - else - fw3_pr(" %s--dport %u:%u", - dp->invert ? "! " : "", dp->port_min, dp->port_max); - } -} - -void -fw3_format_mac(struct fw3_mac *mac) -{ - if (!mac) - return; - - fw3_pr(" -m mac %s--mac-source %s", - mac->invert ? "! " : "", ether_ntoa(&mac->mac)); -} - -void -fw3_format_protocol(struct fw3_protocol *proto, enum fw3_family family) -{ - uint16_t pr; - - if (!proto) - return; - - pr = proto->protocol; - - if (pr == 1 && family == FW3_FAMILY_V6) - pr = 58; - - if (proto->any) - fw3_pr(" -p all"); - else - fw3_pr(" %s-p %u", proto->invert ? "! " : "", pr); -} - -void -fw3_format_icmptype(struct fw3_icmptype *icmp, enum fw3_family family) -{ - if (!icmp) - return; - - if (family != FW3_FAMILY_V6) - { - if (icmp->code_min == 0 && icmp->code_max == 0xFF) - fw3_pr(" %s--icmp-type %u", icmp->invert ? "! " : "", icmp->type); - else - fw3_pr(" %s--icmp-type %u/%u", - icmp->invert ? "! " : "", icmp->type, icmp->code_min); - } - else - { - if (icmp->code6_min == 0 && icmp->code6_max == 0xFF) - fw3_pr(" %s--icmpv6-type %u", icmp->invert ? "! " : "", icmp->type6); - else - fw3_pr(" %s--icmpv6-type %u/%u", - icmp->invert ? "! " : "", icmp->type6, icmp->code6_min); - } -} - -void -fw3_format_limit(struct fw3_limit *limit) -{ - if (!limit) - return; - - if (limit->rate > 0) - { - fw3_pr(" -m limit %s--limit %u/%s", - limit->invert ? "! " : "", - limit->rate, limit_units[limit->unit]); - - if (limit->burst > 0) - fw3_pr(" --limit-burst %u", limit->burst); - } -} - -void -fw3_format_ipset(struct fw3_ipset *ipset, bool invert) -{ - bool first = true; - const char *name = NULL; - struct fw3_ipset_datatype *type; - - if (!ipset) - return; - - name = ipset->external ? ipset->external : ipset->name; - - fw3_pr(" -m set %s--match-set %s", invert ? "! " : "", name); - - list_for_each_entry(type, &ipset->datatypes, list) - { - fw3_pr("%c%s", first ? ' ' : ',', type->dest ? "dst" : "src"); - first = false; - } -} - -void -fw3_format_time(struct fw3_time *time) -{ - int i; - struct tm empty = { 0 }; - char buf[sizeof("9999-99-99T23:59:59\0")]; - bool d1 = memcmp(&time->datestart, &empty, sizeof(empty)); - bool d2 = memcmp(&time->datestop, &empty, sizeof(empty)); - bool first; - - if (!d1 && !d2 && !time->timestart && !time->timestop && - !(time->monthdays & 0xFFFFFFFE) && !(time->weekdays & 0xFE)) - { - return; - } - - fw3_pr(" -m time"); - - if (time->utc) - fw3_pr(" --utc"); - - if (d1) - { - strftime(buf, sizeof(buf), "%Y-%m-%dT%H:%M:%S", &time->datestart); - fw3_pr(" --datestart %s", buf); - } - - if (d2) - { - strftime(buf, sizeof(buf), "%Y-%m-%dT%H:%M:%S", &time->datestop); - fw3_pr(" --datestop %s", buf); - } - - if (time->timestart) - { - fw3_pr(" --timestart %02d:%02d:%02d", - time->timestart / 3600, - time->timestart % 3600 / 60, - time->timestart % 60); - } - - if (time->timestop) - { - fw3_pr(" --timestop %02d:%02d:%02d", - time->timestop / 3600, - time->timestop % 3600 / 60, - time->timestop % 60); - } - - if (time->monthdays & 0xFFFFFFFE) - { - fw3_pr(" %s--monthdays", hasbit(time->monthdays, 0) ? "! " : ""); - - for (i = 1, first = true; i < 32; i++) - { - if (hasbit(time->monthdays, i)) - { - fw3_pr("%c%u", first ? ' ' : ',', i); - first = false; - } - } - } - - if (time->weekdays & 0xFE) - { - fw3_pr(" %s--weekdays", hasbit(time->weekdays, 0) ? "! " : ""); - - for (i = 1, first = true; i < 8; i++) - { - if (hasbit(time->weekdays, i)) - { - fw3_pr("%c%u", first ? ' ' : ',', i); - first = false; - } - } - } -} - -void -fw3_format_mark(struct fw3_mark *mark) -{ - if (!mark->set) - return; - - fw3_pr(" -m mark %s--mark 0x%x", mark->invert ? "! " : "", mark->mark); - - if (mark->mask < 0xFFFFFFFF) - fw3_pr("/0x%x", mark->mask); -} - -void -__fw3_format_comment(const char *comment, ...) -{ - va_list ap; - int len = 0; - const char *c; - - if (!comment || !*comment) - return; - - fw3_pr(" -m comment --comment \""); - - c = comment; - - va_start(ap, comment); - - do - { - while (*c) - { - switch (*c) - { - case '"': - case '$': - case '`': - case '\\': - fw3_pr("\\"); - /* fall through */ - - default: - fw3_pr("%c", *c); - break; - } - - c++; - - if (len++ >= 255) - goto end; - } - - c = va_arg(ap, const char *); - } - while (c); - -end: - va_end(ap); - fw3_pr("\""); -} - -void -fw3_format_extra(const char *extra) -{ - if (!extra || !*extra) - return; - - fw3_pr(" %s", extra); -}