/* Parses range of IPs */
static void
parse_to(char *arg, struct ip_nat_range *range)
{
char *dash;
struct in_addr *ip;
range->flags |= IP_NAT_RANGE_MAP_IPS;
dash = strchr(arg, '-');
if (dash)
*dash = '\0';
ip = dotted_to_addr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
arg);
range->min_ip = ip->s_addr;
if (dash) {
ip = dotted_to_addr(dash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
dash+1);
}
range->max_ip = ip->s_addr;
if (dash)
if (range->min_ip > range->max_ip)
exit_error(PARAMETER_PROBLEM, "Bad IP range `%s-%s'\n",
arg, dash+1);
}
static void
parse_iprange(char *arg, struct ipt_iprange *range)
{
char *dash;
struct in_addr *ip;
dash = strchr(arg, '-');
if (dash)
*dash = '\0';
ip = dotted_to_addr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "iprange match: Bad IP address `%s'\n",
arg);
range->min_ip = ip->s_addr;
if (dash) {
ip = dotted_to_addr(dash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "iprange match: Bad IP address `%s'\n",
dash+1);
range->max_ip = ip->s_addr;
} else
range->max_ip = range->min_ip;
}
static struct in_addr *
parse_mask(char *mask)
{
static struct in_addr maskaddr;
struct in_addr *addrp;
unsigned int bits;
if (mask == NULL) {
/* no mask at all defaults to 32 bits */
maskaddr.s_addr = 0xFFFFFFFF;
return &maskaddr;
}
if ((addrp = dotted_to_addr(mask)) != NULL)
/* dotted_to_addr already returns a network byte order addr */
return addrp;
if (string_to_number(mask, 0, 32, &bits) == -1)
xtables_error(PARAMETER_PROBLEM,
"invalid mask `%s' specified", mask);
if (bits != 0) {
maskaddr.s_addr = htonl(0xFFFFFFFF << (32 - bits));
return &maskaddr;
}
maskaddr.s_addr = 0L;
return &maskaddr;
}
/* Parses network address */
static void
parse_to(char *arg, struct ip_nat_range *range)
{
char *slash;
struct in_addr *ip;
u_int32_t netmask;
unsigned int bits;
range->flags |= IP_NAT_RANGE_MAP_IPS;
slash = strchr(arg, '/');
if (slash)
*slash = '\0';
ip = dotted_to_addr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
arg);
range->min_ip = ip->s_addr;
if (slash) {
if (strchr(slash+1, '.')) {
ip = dotted_to_addr(slash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad netmask `%s'\n",
slash+1);
netmask = ip->s_addr;
}
else {
if (string_to_number(slash+1, 0, 32, &bits) == -1)
exit_error(PARAMETER_PROBLEM, "Bad netmask `%s'\n",
slash+1);
netmask = bits2netmask(bits);
}
/* Don't allow /0 (/1 is probably insane, too) */
if (netmask == 0)
exit_error(PARAMETER_PROBLEM, "Netmask needed\n");
}
else
netmask = ~0;
if (range->min_ip & ~netmask) {
if (slash)
*slash = '/';
exit_error(PARAMETER_PROBLEM, "Bad network address `%s'\n",
arg);
}
range->max_ip = range->min_ip | ~netmask;
}
static struct in_addr *parse_hostnetwork(const char *name,
unsigned int *naddrs)
{
struct in_addr *addrp, *addrptmp;
if ((addrptmp = dotted_to_addr(name)) != NULL ||
(addrptmp = network_to_addr(name)) != NULL) {
addrp = xtables_malloc(sizeof(struct in_addr));
inaddrcpy(addrp, addrptmp);
*naddrs = 1;
return addrp;
}
if ((addrp = host_to_addr(name, naddrs)) != NULL)
return addrp;
xtables_error(PARAMETER_PROBLEM, "host/network `%s' not found", name);
}
/* Ranges expected in network order. */
static struct ipt_entry_target *
parse_to(char *arg, int portok, struct ipt_natinfo *info)
{
struct ip_nat_range range;
char *colon, *dash, *error;
struct in_addr *ip;
memset(&range, 0, sizeof(range));
colon = strchr(arg, ':');
if (colon) {
int port;
if (!portok)
exit_error(PARAMETER_PROBLEM,
"Need TCP or UDP with port specification");
range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
port = atoi(colon+1);
if (port <= 0 || port > 65535)
exit_error(PARAMETER_PROBLEM,
"Port `%s' not valid\n", colon+1);
error = strchr(colon+1, ':');
if (error)
exit_error(PARAMETER_PROBLEM,
"Invalid port:port syntax - use dash\n");
dash = strchr(colon, '-');
if (!dash) {
range.min.tcp.port
= range.max.tcp.port
= htons(port);
} else {
int maxport;
maxport = atoi(dash + 1);
if (maxport <= 0 || maxport > 65535)
exit_error(PARAMETER_PROBLEM,
"Port `%s' not valid\n", dash+1);
if (maxport < port)
/* People are stupid. */
exit_error(PARAMETER_PROBLEM,
"Port range `%s' funky\n", colon+1);
range.min.tcp.port = htons(port);
range.max.tcp.port = htons(maxport);
}
/* Starts with a colon? No IP info...*/
if (colon == arg)
return &(append_range(info, &range)->t);
*colon = '\0';
}
range.flags |= IP_NAT_RANGE_MAP_IPS;
dash = strchr(arg, '-');
if (colon && dash && dash > colon)
dash = NULL;
if (dash)
*dash = '\0';
ip = dotted_to_addr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
arg);
range.min_ip = ip->s_addr;
if (dash) {
ip = dotted_to_addr(dash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
dash+1);
range.max_ip = ip->s_addr;
} else
range.max_ip = range.min_ip;
return &(append_range(info, &range)->t);
}