From c2fea541719c467678f0967f9e2d5e39e505c3a2 Mon Sep 17 00:00:00 2001 From: bharat Date: Wed, 26 Sep 2012 15:17:40 -0700 Subject: - Added Multicast and Broadcast checks for route and next hop for static route command. --- src/check_next_hop.c | 65 ++++++++++++++++++++++++++++++++++ src/check_prefix_boundary.c | 85 ++++++++++++++------------------------------- src/check_ucast_static.c | 38 ++++++++++++++++++++ src/check_ucast_static.h | 58 +++++++++++++++++++++++++++++++ 4 files changed, 188 insertions(+), 58 deletions(-) create mode 100644 src/check_next_hop.c create mode 100644 src/check_ucast_static.c create mode 100644 src/check_ucast_static.h (limited to 'src') diff --git a/src/check_next_hop.c b/src/check_next_hop.c new file mode 100644 index 00000000..0730c43e --- /dev/null +++ b/src/check_next_hop.c @@ -0,0 +1,65 @@ +#include "check_ucast_static.h" + +static void usage(void) +{ + fprintf(stderr, "Usage: check_next_hop [-4|-6] address\n"); + exit(1); +} + +static void get_prefix_1(inet_prefix *dst, char *arg, int family) +{ + + memset(dst, 0, sizeof(*dst)); + get_addr_1(dst, arg, family); + +} + +int main(int argc, char **argv) +{ + int family = AF_UNSPEC; + + while (--argc) { + char *arg = *++argv; + inet_prefix dst; + + if (arg[0] == '-') { + switch(arg[1]) { + case '4': + family = AF_INET; + break; + case '6': + family = AF_INET6; + break; + default: + usage(); + } + continue; + } + + get_prefix_1(&dst, arg, family); + + /* + * Macros to check for Mcast are based on: + * + * Addr dst.data + * 224.1.2.2 ==> 0x030201e0 + * ff01:0203:: ==> 0x030201ff + * + */ + if (family == AF_INET) { + if (IS_MULTICAST(dst.data[0])) { + err("Invalid next_hop...next_hop cannot be multicast\n"); + } + if (IS_BROADCAST(dst.data[0])) { + err("Invalid next_hop...next_hop cannot be broadcast\n"); + } + } else if (family == AF_INET6) { + if (IS_IPV6_MULTICAST(dst.data[0])) { + err("Invalid next_hop...next_hop cannot be IPv6 multicast\n"); + } + } + + } + + return 0; +} diff --git a/src/check_prefix_boundary.c b/src/check_prefix_boundary.c index 1c9ee30a..b432c788 100644 --- a/src/check_prefix_boundary.c +++ b/src/check_prefix_boundary.c @@ -1,33 +1,4 @@ -/* - * Check format of network prefix - */ -#include -#include -#include -#include -#include -#include -#include -#include - -typedef struct -{ - uint8_t family; - uint8_t bytelen; - unsigned int plen; - uint32_t data[4]; -} inet_prefix; - -static void err(const char *fmt, ...) -{ - va_list ap; - - va_start(ap, fmt); - vfprintf(stderr, fmt, ap); - va_end(ap); - - exit(1); -} +#include "check_ucast_static.h" static void usage(void) { @@ -35,32 +6,6 @@ static void usage(void) exit(1); } -static void get_addr_1(inet_prefix *addr, const char *name, int family) -{ - memset(addr, 0, sizeof(*addr)); - - if (strchr(name, ':')) { - addr->family = AF_INET6; - addr->bytelen = 16; - if (family != AF_UNSPEC && family != AF_INET6) - err("IPV6 address not allowed\n"); - - if (inet_pton(AF_INET6, name, addr->data) <= 0) - err("Invalid IPV6 address: %s\n", name); - - return; - } - - addr->family = AF_INET; - addr->bytelen = 4; - if (family != AF_UNSPEC && family != AF_INET) - err("IPV4 address not allowed\n"); - - if (inet_pton(AF_INET, name, addr->data) <= 0) - err("Invalid IPV4 address: %s\n", name); - return; -} - static void get_prefix_1(inet_prefix *dst, char *arg, int family) { char *slash, *endp; @@ -103,12 +48,12 @@ static void get_netmask(inet_prefix *msk, const inet_prefix *dst) int main(int argc, char **argv) { int family = AF_UNSPEC; - + while (--argc) { char *arg = *++argv; inet_prefix dst, msk; - if (arg[0] == '-') + if (arg[0] == '-') { switch(arg[1]) { case '4': family = AF_INET; @@ -119,6 +64,8 @@ int main(int argc, char **argv) default: usage(); } + continue; + } get_prefix_1(&dst, arg, family); get_netmask(&msk, &dst); @@ -129,6 +76,28 @@ int main(int argc, char **argv) "Did you mean %s?\n", inet_ntop(msk.family, msk.data, buf, sizeof buf)); } + + /* + * Macros to check for Mcast are based on: + * + * Addr dst.data + * 224.1.2.2 ==> 0x030201e0 + * ff01:0203:: ==> 0x030201ff + * + */ + if (family == AF_INET) { + if (IS_MULTICAST(dst.data[0])) { + err("Invalid Prefix...Route cannot be Multicast\n"); + } + if (IS_BROADCAST(dst.data[0])) { + err("Invalid Prefix...Route cannot be Broadcast\n"); + } + } else if (family == AF_INET6) { + if (IS_IPV6_MULTICAST(dst.data[0])) { + err("Invalid Prefix...Route cannot be IPv6 Multicast\n"); + } + } + } return 0; diff --git a/src/check_ucast_static.c b/src/check_ucast_static.c new file mode 100644 index 00000000..d3c4e557 --- /dev/null +++ b/src/check_ucast_static.c @@ -0,0 +1,38 @@ +#include "check_ucast_static.h" + +void get_addr_1(inet_prefix *addr, const char *name, int family) +{ + memset(addr, 0, sizeof(*addr)); + + if (strchr(name, ':')) { + addr->family = AF_INET6; + addr->bytelen = 16; + if (family != AF_UNSPEC && family != AF_INET6) + err("IPV6 address not allowed\n"); + + if (inet_pton(AF_INET6, name, addr->data) <= 0) + err("Invalid IPV6 address: %s\n", name); + + return; + } + + addr->family = AF_INET; + addr->bytelen = 4; + if (family != AF_UNSPEC && family != AF_INET) + err("IPV4 address not allowed\n"); + + if (inet_pton(AF_INET, name, addr->data) <= 0) + err("Invalid IPV4 address: %s\n", name); + return; +} + +void err(const char *fmt, ...) +{ + va_list ap; + + va_start(ap, fmt); + vfprintf(stderr, fmt, ap); + va_end(ap); + + exit(1); +} diff --git a/src/check_ucast_static.h b/src/check_ucast_static.h new file mode 100644 index 00000000..e5d87ade --- /dev/null +++ b/src/check_ucast_static.h @@ -0,0 +1,58 @@ +/* + * Check format of network prefix + */ +#include +#include +#include +#include +#include +#include +#include +#include + +#define IS_CLASSD(a) ((((uint32_t)(a)) & 0x000000f0) == 0x000000e0) +#define IS_MULTICAST(a) IS_CLASSD(a) +#define IS_BROADCAST(a) ((((uint32_t)(a)) & 0xffffffff) == 0xffffffff) + +#define IS_IPV6_MULTICAST(a) ((((uint32_t)(a)) & 0x000000ff) == 0x000000ff) + + +typedef struct +{ + uint8_t family; + uint8_t bytelen; + unsigned int plen; + uint32_t data[4]; +} inet_prefix; + +void get_addr_1(inet_prefix *addr, const char *name, int family); +void err(const char *fmt, ...); + +/* +static void get_addr_1(inet_prefix *addr, const char *name, int family) +{ + memset(addr, 0, sizeof(*addr)); + + if (strchr(name, ':')) { + addr->family = AF_INET6; + addr->bytelen = 16; + if (family != AF_UNSPEC && family != AF_INET6) + err("IPV6 address not allowed\n"); + + if (inet_pton(AF_INET6, name, addr->data) <= 0) + err("Invalid IPV6 address: %s\n", name); + + return; + } + + addr->family = AF_INET; + addr->bytelen = 4; + if (family != AF_UNSPEC && family != AF_INET) + err("IPV4 address not allowed\n"); + + if (inet_pton(AF_INET, name, addr->data) <= 0) + err("Invalid IPV4 address: %s\n", name); + return; +} +*/ +void err(const char *fmt, ...); -- cgit v1.2.3