[PATCH conntrack 2/4 v2] conntrack: extend parse_addr() with CIDR support

Asbjørn Sloth Tønnesen Mon, 01 Feb 2016 05:39:07 -0800

Signed-off-by: Asbjørn Sloth Tønnesen <[email protected]>
---
Previously posted as part of "conntrack: add support for CIDR notation".


 src/conntrack.c | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index a656b84..dfc2de8 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -1029,23 +1029,44 @@ parse_inetaddr(const char *cp, struct addr_parse *parse)
 }
 
 static int
-parse_addr(const char *cp, union ct_address *address)
+parse_addr(const char *cp, union ct_address *address, int *mask)
 {
        struct addr_parse parse;
-       int ret;
+       int family;
+       char buf[INET6_ADDRSTRLEN];
+       char *slash, *end;
+
+       strncpy((char *) &buf, cp, INET6_ADDRSTRLEN);
+       buf[INET6_ADDRSTRLEN-1] = '\0';
+
+       if (mask != NULL) {
+               slash = strchr(buf, '/');
+               if (slash != NULL) {
+                       *mask = strtol(slash+1, &end, 10);
+                       if (*mask < 0 || end != slash+strlen(slash))
+                               *mask = -2; /* invalid netmask */
+                       slash[0] = '\0';
+               } else {
+                       *mask = -1; /* no netmask */
+               }
+       }
 
-       ret = parse_inetaddr(cp, &parse);
+       family = parse_inetaddr(buf, &parse);
 
-       switch(ret) {
+       switch(family) {
        case AF_INET:
                address->v4 = parse.addr.s_addr;
+               if (mask != NULL && *mask > 32)
+                       *mask = -2; /* invalid netmask */
                break;
        case AF_INET6:
                memcpy(address->v6, &parse.addr6, sizeof(parse.addr6));
+               if (mask != NULL && *mask > 128)
+                       *mask = -2; /* invalid netmask */
                break;
        }
 
-       return ret;
+       return family;
 }
 
 static void
@@ -1087,7 +1108,7 @@ nat_parse(char *arg, struct nf_conntrack *obj, int type)
                }
        }
 
-       if (parse_addr(arg, &parse) == AF_UNSPEC) {
+       if (parse_addr(arg, &parse, NULL) == AF_UNSPEC) {
                if (strlen(arg) == 0) {
                        exit_error(PARAMETER_PROBLEM, "No IP specified");
                } else {
@@ -2108,7 +2129,7 @@ nfct_parse_addr_from_opt(int opt, struct nf_conntrack *ct,
 {
        int l3protonum;
 
-       l3protonum = parse_addr(optarg, ad);
+       l3protonum = parse_addr(optarg, ad, NULL);
        if (l3protonum == AF_UNSPEC) {
                exit_error(PARAMETER_PROBLEM,
                           "Invalid IP address `%s'", optarg);
-- 
2.6.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH conntrack 2/4 v2] conntrack: extend parse_addr() with CIDR support

Reply via email to