Revision: 14425
Author: adrian.chadd
Date: Sat Feb 20 00:10:33 2010
Log: * add fwdip_addr (ipv4 for now) to the acl checklist struct
* use it in the dstfwdip lookup
* attempt to error out if dstfwdip is handed an IP which isn't explicitly
initialised
http://code.google.com/p/lusca-cache/source/detail?r=14425
Modified:
/branches/LUSCA_HEAD/src/acl.c
/branches/LUSCA_HEAD/src/structs.h
=======================================
--- /branches/LUSCA_HEAD/src/acl.c Fri Feb 19 19:58:24 2010
+++ /branches/LUSCA_HEAD/src/acl.c Sat Feb 20 00:10:33 2010
@@ -2097,9 +2097,12 @@
return aclMatchWordList(ae->data,
hier_strings[checklist->request->hier.code]);
/* NOTREACHED */
case ACL_DSTFWD_IP:
- /* XXX make sure this checks that the dstfwdip is SET to something
non-blank and
- * XXX error out in case. */
- return 0; /* XXX for now just always deny */
+ /* make sure this checks that the dstfwdip is SET to something non-blank
and
+ * error out in case. */
+ if (IsAnyAddr(&checklist->fwdip_addr))
+ return -1;
+ return aclMatchIp(&ae->data, checklist->fwdip_addr);
+ /* NOTREACHED */
case ACL_NONE:
case ACL_ENUM_MAX:
break;
=======================================
--- /branches/LUSCA_HEAD/src/structs.h Tue Feb 16 03:21:51 2010
+++ /branches/LUSCA_HEAD/src/structs.h Sat Feb 20 00:10:33 2010
@@ -288,6 +288,7 @@
struct in_addr src_addr;
struct in_addr dst_addr;
struct in_addr my_addr;
+ struct in_addr fwdip_addr;
unsigned short my_port;
request_t *request;
/* for acls that look at reply data */
--
You received this message because you are subscribed to the Google Groups
"lusca-commit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/lusca-commit?hl=en.
