summaryrefslogtreecommitdiff
path: root/options.c
Commit message (Collapse)AuthorAgeFilesLines
* options: remove stray continue statementJo-Philipp Wich2017-05-271-1/+0
| | | | | | | The continue statement was mistakingly copy-pasted from other error handling code. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* options: improve handling of negations when parsing space separated valuesJo-Philipp Wich2017-05-261-1/+30
| | | | | | | | | | | | | | | | | | Improve the space separated list parser to interprete "val1 ! val2" as ("val1", "!val2") instead of ("val1", "!", "val2"). This corrects parsing of sections like ... config rule option sec_ip '! 1.1.1.0/24' ... which previously errored out with: Warning: Option @rule[0].src_ip has invalid value '!' Fixes FS#806. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* utils.h: Avoid name clashes for setbit/delbit/hasbitFlorian Fainelli2016-09-181-4/+4
| | | | | | | | | Rename to fw3_{set,del,has}bit to avoid name clashes with sys/param.h: /opt/toolchains/stbgcc-4.8-1.5/arm-linux-gnueabihf/sys-root/usr/include/sys/param.h:80:0: note: this is the location of the previous definition #define setbit(a,i) ((a)[(i)/NBBY] |= 1<<((i)%NBBY)) Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-071-1/+1
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ubus: print rule name when reporting errorsJo-Philipp Wich2015-04-181-7/+12
| | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* options: allow '*' as value for protocols and familiesJo-Philipp Wich2014-09-191-2/+2
| | | | | | | | | | | No functional change, just a little bit of consistency with src / dest specifiers where '*' means 'any' or 'all'. To follow the principle of least surprise, allow the some for family and protocol options. option proto '*' is equivalent to option proto 'all' option family '*' is equivalent to option family 'any' Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* options: fix logic flaw when parsing ipaddr/mask notationJo-Philipp Wich2014-07-191-8/+14
| | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* Use netmasks instead of prefix lengths internallyJo-Philipp Wich2014-07-191-44/+57
| | | | | | | | | | | | | | | | | | | | Iptables supports using non-continuous netmasks like FFFF::FFFF which would match the first and last 16bit of an IPv6 address while ignoring the parts in between which is useful fordeclaring rules targeting hosts on rotating prefixes. Instead of storing parsed netmasks as bitcount internally, use a full mask which is passed to iptables as-is. Also support a new shorthand notation "addr/-N" which will construct a mask that matches the *last* N bits of an address - useful for matching the host part only of an IPv4 address, e.g. option dest_ip '::c23f:eff:fe7a:a094/-64' This will convert to a netmask of "::ffff:ffff:ffff:ffff". Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* options: fix fw3_parse_network() when destination pointer is not a listJo-Philipp Wich2014-07-031-2/+14
| | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* make fw3_ubus_address take a list_head * argument instead of allocating & ↵Felix Fietkau2014-06-301-14/+6
| | | | | | returning one Signed-off-by: Felix Fietkau <nbd@openwrt.org>
* Add support for netifd-generated rulesSteven Barth2014-04-141-0/+101
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* Add support for device and direction parametersSteven Barth2014-04-141-0/+16
| | | | Signed-off-by: Steven Barth <steven@midlink.org>
* Initial support for "config nat" rules - this allows configuring ↵Jo-Philipp Wich2014-04-061-2/+3
| | | | zone-independant SNAT and MASQUERADE rules
* Properly check strtol() results when paring values as integersJo-Philipp Wich2013-12-171-2/+3
|
* Change fw3_parse_options() to indicate whether all options where parsed ↵Jo-Philipp Wich2013-11-181-1/+10
| | | | successfully
* Don't mistreat unknown protocol names as "any protocol"Jo-Philipp Wich2013-06-181-2/+3
|
* Extend ipset option syntax to support specifying directions inplace.Jo-Philipp Wich2013-06-051-3/+45
|
* Mark fw3_address objects that got resolved by fw3_parse_network()Jo-Philipp Wich2013-05-261-0/+1
|
* Remove fw3_ubus_address_free() and use fw3_free_list() insteadJo-Philipp Wich2013-05-261-1/+1
|
* Remove now unused fw3_format_*() functionsJo-Philipp Wich2013-05-171-282/+0
|
* Drop iptables-restore and create rules through libiptc and libxtablesJo-Philipp Wich2013-05-171-13/+3
|
* Simplify ipset external checks and optionally initialize ispet name from ↵Jo-Philipp Wich2013-05-021-4/+1
| | | | external value
* Record device-network relation in state file, fix zone hotplug eventsJo-Philipp Wich2013-05-021-0/+7
|
* Store ipset storage method and matches in state file, keep iprange and ports ↵Jo-Philipp Wich2013-04-301-4/+6
| | | | if set
* Fix parsing of ipset datatypesJo-Philipp Wich2013-04-301-6/+12
|
* Allow hex notation in int type optionsJo-Philipp Wich2013-04-301-1/+1
|
* Add common fw3_address_to_string() helper functionJo-Philipp Wich2013-04-301-39/+36
|
* Add support for fwmark matches and targetsJo-Philipp Wich2013-04-091-0/+51
|
* Fix parsing of '*' device and 'all' protocol valueJo-Philipp Wich2013-03-221-0/+2
|
* Rework option parsing to support emitting multiple values from within a ↵Jo-Philipp Wich2013-03-191-122/+139
| | | | parse handler
* Implement support for "network" datatype and use it for masq_src / masq_destJo-Philipp Wich2013-03-191-0/+33
|
* Make nat reflection src address configurable by introducing a reflection_src ↵Jo-Philipp Wich2013-03-131-0/+12
| | | | parameter which can be set to "external" or "internal"
* Unify fw3_default and fw3_target enumsJo-Philipp Wich2013-03-131-3/+3
|
* Introduce new enum values for zone src policies and map src policy to ↵Jo-Philipp Wich2013-03-101-0/+4
| | | | dst_flags bitfield, making the src_flags bitfield unnecessary
* Support abstract "tcpudp" protocolJo-Philipp Wich2013-03-071-5/+12
|
* use dup'ed string in fw3_parse_monthdays()Jo-Philipp Wich2013-02-281-1/+1
|
* generalize enum parsingJo-Philipp Wich2013-02-281-120/+89
|
* add support for includesJo-Philipp Wich2013-02-221-0/+13
|
* use hasbit() to test for invert flag of weekdays and monthdaysJo-Philipp Wich2013-02-211-2/+2
|
* add time match supportJo-Philipp Wich2013-02-211-0/+232
|
* introduce support for ip rangesJo-Philipp Wich2013-02-211-6/+61
|
* unify object freeingJo-Philipp Wich2013-02-211-8/+4
|
* introduce global string array for enum names, remove private arraysJo-Philipp Wich2013-02-201-0/+17
|
* initial commitJo-Philipp Wich2013-02-171-0/+800
View Lorry Controller Status