[PATCH conntrack 2/4 v2] conntrack: extend parse_addr() with CIDR support

Asbjørn Sloth Tønnesen <ast@xxxxxxxxxx> · Mon, 1 Feb 2016 13:30:05 +0000

Signed-off-by: Asbjørn Sloth Tønnesen <ast@xxxxxxxxxx>
---
Previously posted as part of "conntrack: add support for CIDR notation".

 src/conntrack.c | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index a656b84..dfc2de8 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -1029,23 +1029,44 @@ parse_inetaddr(const char *cp, struct addr_parse *parse)
 }
 
 static int
-parse_addr(const char *cp, union ct_address *address)
+parse_addr(const char *cp, union ct_address *address, int *mask)
 {
 	struct addr_parse parse;
-	int ret;
+	int family;
+	char buf[INET6_ADDRSTRLEN];
+	char *slash, *end;
+
+	strncpy((char *) &buf, cp, INET6_ADDRSTRLEN);
+	buf[INET6_ADDRSTRLEN-1] = '\0';
+
+	if (mask != NULL) {
+		slash = strchr(buf, '/');
+		if (slash != NULL) {
+			*mask = strtol(slash+1, &end, 10);
+			if (*mask < 0 || end != slash+strlen(slash))
+				*mask = -2; /* invalid netmask */
+			slash[0] = '\0';
+		} else {
+			*mask = -1; /* no netmask */
+		}
+	}
 
-	ret = parse_inetaddr(cp, &parse);
+	family = parse_inetaddr(buf, &parse);
 
-	switch(ret) {
+	switch(family) {
 	case AF_INET:
 		address->v4 = parse.addr.s_addr;
+		if (mask != NULL && *mask > 32)
+			*mask = -2; /* invalid netmask */
 		break;
 	case AF_INET6:
 		memcpy(address->v6, &parse.addr6, sizeof(parse.addr6));
+		if (mask != NULL && *mask > 128)
+			*mask = -2; /* invalid netmask */
 		break;
 	}
 
-	return ret;
+	return family;
 }
 
 static void
@@ -1087,7 +1108,7 @@ nat_parse(char *arg, struct nf_conntrack *obj, int type)
 		}
 	}
 
-	if (parse_addr(arg, &parse) == AF_UNSPEC) {
+	if (parse_addr(arg, &parse, NULL) == AF_UNSPEC) {
 		if (strlen(arg) == 0) {
 			exit_error(PARAMETER_PROBLEM, "No IP specified");
 		} else {
@@ -2108,7 +2129,7 @@ nfct_parse_addr_from_opt(int opt, struct nf_conntrack *ct,
 {
 	int l3protonum;
 
-	l3protonum = parse_addr(optarg, ad);
+	l3protonum = parse_addr(optarg, ad, NULL);
 	if (l3protonum == AF_UNSPEC) {
 		exit_error(PARAMETER_PROBLEM,
 			   "Invalid IP address `%s'", optarg);
-- 
2.6.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html






