1999-04-07 12:11:08 +00:00
|
|
|
/*
|
|
|
|
* Filters: utility functions
|
|
|
|
*
|
|
|
|
* Copyright 1998 Pavel Machek <pavel@ucw.cz>
|
|
|
|
*
|
|
|
|
* Can be freely distributed and used under the terms of the GNU GPL.
|
1999-08-20 09:59:39 +00:00
|
|
|
*
|
1999-04-07 12:11:08 +00:00
|
|
|
*/
|
|
|
|
|
2000-04-30 18:47:48 +00:00
|
|
|
/**
|
|
|
|
* DOC: Filters
|
|
|
|
*
|
2000-06-08 12:37:21 +00:00
|
|
|
* You can find sources of the filter language in |filter/|
|
|
|
|
* directory. File |filter/config.Y| contains filter grammar and basically translates
|
|
|
|
* the source from user into a tree of &f_inst structures. These trees are
|
|
|
|
* later interpreted using code in |filter/filter.c|.
|
2000-05-30 10:13:32 +00:00
|
|
|
*
|
2019-07-15 11:19:01 +00:00
|
|
|
* A filter is represented by a tree of &f_inst structures, later translated
|
|
|
|
* into lists called &f_line. All the instructions are defined and documented
|
|
|
|
* in |filter/f-inst.c| definition file.
|
2000-04-30 18:47:48 +00:00
|
|
|
*
|
2000-06-08 12:37:21 +00:00
|
|
|
* Filters use a &f_val structure for their data. Each &f_val
|
2019-07-15 11:19:01 +00:00
|
|
|
* contains type and value (types are constants prefixed with %T_).
|
|
|
|
* Look into |filter/data.h| for more information and appropriate calls.
|
2000-06-05 17:13:36 +00:00
|
|
|
*/
|
2000-04-30 18:47:48 +00:00
|
|
|
|
2000-05-04 20:52:28 +00:00
|
|
|
#undef LOCAL_DEBUG
|
2000-03-12 21:01:38 +00:00
|
|
|
|
1999-04-07 12:11:08 +00:00
|
|
|
#include "nest/bird.h"
|
|
|
|
#include "lib/lists.h"
|
|
|
|
#include "lib/resource.h"
|
|
|
|
#include "lib/socket.h"
|
1999-04-12 19:58:18 +00:00
|
|
|
#include "lib/string.h"
|
2000-04-10 15:07:43 +00:00
|
|
|
#include "lib/unaligned.h"
|
2016-01-20 14:38:37 +00:00
|
|
|
#include "lib/ip.h"
|
2019-12-09 03:23:01 +00:00
|
|
|
#include "lib/net.h"
|
|
|
|
#include "lib/flowspec.h"
|
2023-10-29 15:25:01 +00:00
|
|
|
#include "nest/route.h"
|
1999-04-07 12:11:08 +00:00
|
|
|
#include "nest/protocol.h"
|
|
|
|
#include "nest/iface.h"
|
2022-03-31 17:22:07 +00:00
|
|
|
#include "lib/attrs.h"
|
1999-04-07 12:11:08 +00:00
|
|
|
#include "conf/conf.h"
|
|
|
|
#include "filter/filter.h"
|
2019-02-07 20:25:38 +00:00
|
|
|
#include "filter/f-inst.h"
|
2019-02-08 12:38:12 +00:00
|
|
|
#include "filter/data.h"
|
1999-04-07 12:11:08 +00:00
|
|
|
|
2019-05-29 19:03:52 +00:00
|
|
|
|
2019-06-19 12:09:57 +00:00
|
|
|
/* Exception bits */
|
|
|
|
enum f_exception {
|
|
|
|
FE_RETURN = 0x1,
|
|
|
|
};
|
|
|
|
|
2024-06-13 13:49:56 +00:00
|
|
|
/* Global filter runtime */
|
|
|
|
static struct {
|
|
|
|
_Atomic u16 filter_vstk;
|
|
|
|
_Atomic u16 filter_estk;
|
|
|
|
} global_filter_runtime = {
|
|
|
|
.filter_vstk = 128,
|
|
|
|
.filter_estk = 128,
|
|
|
|
};
|
|
|
|
|
2021-08-25 20:20:48 +00:00
|
|
|
struct filter_exec_stack {
|
|
|
|
const struct f_line *line; /* The line that is being executed */
|
|
|
|
uint pos; /* Instruction index in the line */
|
|
|
|
uint ventry; /* Value stack depth on entry */
|
|
|
|
uint vbase; /* Where to index variable positions from */
|
|
|
|
enum f_exception emask; /* Exception mask */
|
2019-05-29 19:03:52 +00:00
|
|
|
};
|
|
|
|
|
2018-02-27 14:39:39 +00:00
|
|
|
/* Internal filter state, to be allocated on stack when executing filters */
|
2019-05-23 11:27:24 +00:00
|
|
|
struct filter_state {
|
2019-05-29 19:03:52 +00:00
|
|
|
/* Stacks needed for execution */
|
2021-08-25 20:20:48 +00:00
|
|
|
struct filter_stack {
|
|
|
|
/* Current filter stack depth */
|
|
|
|
|
|
|
|
/* Value stack */
|
|
|
|
uint vcnt, vlen;
|
|
|
|
struct f_val *vstk;
|
|
|
|
|
|
|
|
/* Instruction stack for execution */
|
|
|
|
uint ecnt, elen;
|
|
|
|
struct filter_exec_stack *estk;
|
|
|
|
} stack;
|
2019-05-29 19:03:52 +00:00
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/* The route we are processing. This may be NULL to indicate no route available. */
|
2020-01-28 10:42:46 +00:00
|
|
|
struct rte *rte;
|
2019-05-20 17:53:10 +00:00
|
|
|
|
2023-10-30 09:44:45 +00:00
|
|
|
/* Additional external values provided to the filter */
|
|
|
|
const struct f_val *val;
|
|
|
|
|
2019-05-30 12:42:54 +00:00
|
|
|
/* Buffer for log output */
|
2023-08-16 13:05:36 +00:00
|
|
|
log_buffer buf;
|
2019-05-30 12:42:54 +00:00
|
|
|
|
|
|
|
/* Filter execution flags */
|
2018-02-27 14:39:39 +00:00
|
|
|
int flags;
|
2019-05-23 11:27:24 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
_Thread_local static struct filter_state filter_state;
|
2018-02-27 14:39:39 +00:00
|
|
|
|
2018-12-27 13:26:11 +00:00
|
|
|
void (*bt_assert_hook)(int result, const struct f_line_item *assert);
|
2018-01-03 14:44:05 +00:00
|
|
|
|
2024-06-13 13:49:56 +00:00
|
|
|
#define _f_stack_init(fs, px) ((fs).stack.px##stk = alloca(sizeof(*(fs).stack.px##stk) * ((fs).stack.px##len = atomic_load_explicit(&global_filter_runtime.filter_##px##stk, memory_order_relaxed))))
|
2021-08-25 20:20:48 +00:00
|
|
|
|
2024-06-13 13:49:56 +00:00
|
|
|
#define f_stack_init(fs) ( _f_stack_init(fs, v), _f_stack_init(fs, e) )
|
2021-08-25 20:20:48 +00:00
|
|
|
|
2014-10-02 09:41:34 +00:00
|
|
|
static struct tbf rl_runtime_err = TBF_DEFAULT_LOG_LIMITS;
|
2009-02-26 13:23:54 +00:00
|
|
|
|
2000-06-05 12:52:57 +00:00
|
|
|
/**
|
|
|
|
* interpret
|
2018-02-27 14:39:39 +00:00
|
|
|
* @fs: filter state
|
2000-06-07 12:29:08 +00:00
|
|
|
* @what: filter to interpret
|
2000-06-05 12:52:57 +00:00
|
|
|
*
|
2000-06-05 17:13:36 +00:00
|
|
|
* Interpret given tree of filter instructions. This is core function
|
2000-06-05 12:52:57 +00:00
|
|
|
* of filter system and does all the hard work.
|
2000-06-07 13:54:06 +00:00
|
|
|
*
|
|
|
|
* Each instruction has 4 fields: code (which is instruction code),
|
|
|
|
* aux (which is extension to instruction code, typically type),
|
|
|
|
* arg1 and arg2 - arguments. Depending on instruction, arguments
|
2015-05-09 16:50:15 +00:00
|
|
|
* are either integers, or pointers to instruction trees. Common
|
2000-06-07 13:54:06 +00:00
|
|
|
* instructions like +, that have two expressions as arguments use
|
|
|
|
* TWOARGS macro to get both of them evaluated.
|
2000-06-05 12:52:57 +00:00
|
|
|
*/
|
2018-12-17 12:51:11 +00:00
|
|
|
static enum filter_return
|
2023-10-31 11:03:49 +00:00
|
|
|
interpret(struct filter_state *fs, const struct f_line *line, uint argc, const struct f_val *argv, uint resc, struct f_val *resv)
|
1999-04-07 12:11:08 +00:00
|
|
|
{
|
2023-10-30 09:44:45 +00:00
|
|
|
/* Check of appropriate number of arguments */
|
|
|
|
ASSERT(line->args == argc);
|
2019-02-07 20:25:38 +00:00
|
|
|
|
2019-05-29 19:03:52 +00:00
|
|
|
/* Initialize the filter stack */
|
2021-08-25 20:20:48 +00:00
|
|
|
struct filter_stack *fstk = &fs->stack;
|
2019-05-21 16:33:37 +00:00
|
|
|
|
2023-10-30 09:44:45 +00:00
|
|
|
/* Set the arguments and top-level variables */
|
|
|
|
fstk->vcnt = line->vars + line->args;
|
|
|
|
memcpy(fstk->vstk, argv, sizeof(struct f_val) * line->args);
|
|
|
|
memset(fstk->vstk + argc, 0, sizeof(struct f_val) * line->vars);
|
2019-02-07 20:25:38 +00:00
|
|
|
|
2023-10-30 09:44:45 +00:00
|
|
|
/* The same as with the value stack. Not resetting the stack completely for performance reasons. */
|
2019-05-29 19:03:52 +00:00
|
|
|
fstk->ecnt = 1;
|
2021-08-25 20:20:48 +00:00
|
|
|
fstk->estk[0] = (struct filter_exec_stack) {
|
|
|
|
.line = line,
|
|
|
|
.pos = 0,
|
|
|
|
};
|
2018-12-17 14:00:01 +00:00
|
|
|
|
2019-05-29 19:03:52 +00:00
|
|
|
#define curline fstk->estk[fstk->ecnt-1]
|
2023-06-18 20:50:45 +00:00
|
|
|
#define prevline fstk->estk[fstk->ecnt-2]
|
2018-12-27 13:26:11 +00:00
|
|
|
|
2019-11-05 14:13:57 +00:00
|
|
|
#ifdef LOCAL_DEBUG
|
2019-02-15 22:59:44 +00:00
|
|
|
debug("Interpreting line.");
|
|
|
|
f_dump_line(line, 1);
|
|
|
|
#endif
|
|
|
|
|
2019-05-29 19:03:52 +00:00
|
|
|
while (fstk->ecnt > 0) {
|
2018-12-27 13:26:11 +00:00
|
|
|
while (curline.pos < curline.line->len) {
|
|
|
|
const struct f_line_item *what = &(curline.line->items[curline.pos++]);
|
2018-12-17 12:51:11 +00:00
|
|
|
|
2018-12-27 13:26:11 +00:00
|
|
|
switch (what->fi_code) {
|
2019-05-29 19:03:52 +00:00
|
|
|
#define res fstk->vstk[fstk->vcnt]
|
2019-07-15 13:12:18 +00:00
|
|
|
#define vv(i) fstk->vstk[fstk->vcnt + (i)]
|
|
|
|
#define v1 vv(0)
|
|
|
|
#define v2 vv(1)
|
|
|
|
#define v3 vv(2)
|
2018-12-17 12:51:11 +00:00
|
|
|
|
2021-08-25 20:20:48 +00:00
|
|
|
#define f_vcnt_check_overflow(n) do { if (fstk->vcnt + n >= fstk->vlen) runtime("Filter execution stack overflow"); } while (0)
|
|
|
|
|
2019-06-19 12:09:57 +00:00
|
|
|
#define runtime(fmt, ...) do { \
|
|
|
|
if (!(fs->flags & FF_SILENT)) \
|
|
|
|
log_rl(&rl_runtime_err, L_ERR "filters, line %d: " fmt, what->lineno, ##__VA_ARGS__); \
|
|
|
|
return F_ERROR; \
|
|
|
|
} while(0)
|
|
|
|
|
2022-04-10 16:55:15 +00:00
|
|
|
#define falloc(size) tmp_alloc(size)
|
|
|
|
#define fpool tmp_linpool
|
2019-07-02 08:45:53 +00:00
|
|
|
|
2019-02-19 11:34:16 +00:00
|
|
|
#include "filter/inst-interpret.c"
|
2018-12-17 12:51:11 +00:00
|
|
|
#undef res
|
2018-12-27 13:26:11 +00:00
|
|
|
#undef v1
|
|
|
|
#undef v2
|
|
|
|
#undef v3
|
2018-12-17 11:48:33 +00:00
|
|
|
#undef runtime
|
2019-07-02 08:45:53 +00:00
|
|
|
#undef falloc
|
|
|
|
#undef fpool
|
2018-12-27 13:26:11 +00:00
|
|
|
}
|
2018-12-18 16:10:05 +00:00
|
|
|
}
|
2019-07-10 14:46:31 +00:00
|
|
|
|
2019-05-21 16:33:37 +00:00
|
|
|
/* End of current line. Drop local variables before exiting. */
|
2022-03-09 01:32:29 +00:00
|
|
|
fstk->vcnt = curline.ventry + curline.line->results;
|
2019-05-29 19:03:52 +00:00
|
|
|
fstk->ecnt--;
|
2018-12-18 16:10:05 +00:00
|
|
|
}
|
1999-04-07 12:11:08 +00:00
|
|
|
|
2023-10-31 11:03:49 +00:00
|
|
|
if (fstk->vcnt != resc)
|
|
|
|
{
|
|
|
|
log_rl(&rl_runtime_err, L_ERR "Filter expected to leave %d values on stack but %d left instead", resc, fstk->vcnt);
|
|
|
|
return F_ERROR;
|
2019-05-21 16:33:37 +00:00
|
|
|
}
|
|
|
|
|
2023-10-31 11:03:49 +00:00
|
|
|
memcpy(resv, fstk->vstk, sizeof(struct f_val) * resc);
|
|
|
|
return F_NOP;
|
2018-12-27 13:26:11 +00:00
|
|
|
}
|
2018-04-30 14:06:53 +00:00
|
|
|
|
2000-01-31 17:44:22 +00:00
|
|
|
|
2000-04-28 09:48:28 +00:00
|
|
|
/**
|
2012-01-02 23:42:25 +00:00
|
|
|
* f_run - run a filter for a route
|
|
|
|
* @filter: filter to run
|
2020-01-28 10:42:46 +00:00
|
|
|
* @rte: route being filtered, must be write-able
|
2000-04-28 09:48:28 +00:00
|
|
|
* @tmp_pool: all filter allocations go from this pool
|
2000-06-05 17:13:36 +00:00
|
|
|
* @flags: flags
|
2012-01-02 23:42:25 +00:00
|
|
|
*
|
2020-01-28 10:42:46 +00:00
|
|
|
* If @rte->attrs is cached, the returned rte allocates a new rta on
|
|
|
|
* tmp_pool, otherwise the filters may modify it.
|
2000-04-28 09:48:28 +00:00
|
|
|
*/
|
2018-12-17 12:51:11 +00:00
|
|
|
enum filter_return
|
2022-05-30 14:41:15 +00:00
|
|
|
f_run(const struct filter *filter, struct rte *rte, int flags)
|
1999-04-07 12:11:08 +00:00
|
|
|
{
|
2013-02-08 22:58:27 +00:00
|
|
|
if (filter == FILTER_ACCEPT)
|
|
|
|
return F_ACCEPT;
|
|
|
|
|
|
|
|
if (filter == FILTER_REJECT)
|
|
|
|
return F_REJECT;
|
|
|
|
|
2023-10-31 09:28:01 +00:00
|
|
|
return f_run_args(filter, rte, 0, NULL, flags);
|
2023-10-30 09:44:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
enum filter_return
|
2023-10-31 09:28:01 +00:00
|
|
|
f_run_args(const struct filter *filter, struct rte *rte, uint argc, const struct f_val *argv, int flags)
|
2023-10-30 09:44:45 +00:00
|
|
|
{
|
2000-03-12 21:01:38 +00:00
|
|
|
DBG( "Running filter `%s'...", filter->name );
|
1999-04-07 12:11:08 +00:00
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/* Initialize the filter state */
|
2019-07-15 13:23:35 +00:00
|
|
|
filter_state = (struct filter_state) {
|
|
|
|
.rte = rte,
|
|
|
|
.flags = flags,
|
|
|
|
};
|
2010-09-20 11:01:01 +00:00
|
|
|
|
2021-08-25 20:20:48 +00:00
|
|
|
f_stack_init(filter_state);
|
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/* Run the interpreter itself */
|
2023-10-31 11:03:49 +00:00
|
|
|
enum filter_return fret = interpret(&filter_state, filter->root, argc, argv, 0, NULL);
|
2012-01-02 23:42:25 +00:00
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/* Process the filter output, log it and return */
|
2018-12-17 12:51:11 +00:00
|
|
|
if (fret < F_ACCEPT) {
|
2019-05-20 17:53:10 +00:00
|
|
|
if (!(filter_state.flags & FF_SILENT))
|
2019-02-26 15:44:24 +00:00
|
|
|
log_rl(&rl_runtime_err, L_ERR "Filter %s did not return accept nor reject. Make up your mind", filter_name(filter));
|
1999-04-07 12:11:08 +00:00
|
|
|
return F_ERROR;
|
2000-05-31 21:50:13 +00:00
|
|
|
}
|
2013-11-23 23:17:02 +00:00
|
|
|
DBG( "done (%u)\n", res.val.i );
|
2018-12-17 12:51:11 +00:00
|
|
|
return fret;
|
1999-04-07 12:11:08 +00:00
|
|
|
}
|
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/**
|
2019-07-10 14:46:31 +00:00
|
|
|
* f_eval_rte - run a filter line for an uncached route
|
2019-05-20 17:53:10 +00:00
|
|
|
* @expr: filter line to run
|
|
|
|
* @rte: route being filtered, may be modified
|
|
|
|
* @tmp_pool: all filter allocations go from this pool
|
|
|
|
*
|
|
|
|
* This specific filter entry point runs the given filter line
|
|
|
|
* (which must not have any arguments) on the given route.
|
|
|
|
*
|
|
|
|
* The route MUST NOT have REF_COW set and its attributes MUST NOT
|
|
|
|
* be cached by rta_lookup().
|
|
|
|
*/
|
2015-07-20 09:12:02 +00:00
|
|
|
|
2018-12-17 12:51:11 +00:00
|
|
|
enum filter_return
|
2023-10-31 15:54:58 +00:00
|
|
|
f_eval_rte(const struct f_line *expr, struct rte *rte, uint argc, const struct f_val *argv, uint resc, struct f_val *resv)
|
2015-07-20 09:12:02 +00:00
|
|
|
{
|
2019-07-15 13:23:35 +00:00
|
|
|
filter_state = (struct filter_state) {
|
|
|
|
.rte = rte,
|
|
|
|
};
|
2015-07-20 09:12:02 +00:00
|
|
|
|
2021-08-25 20:20:48 +00:00
|
|
|
f_stack_init(filter_state);
|
|
|
|
|
2023-10-31 11:03:49 +00:00
|
|
|
return interpret(&filter_state, expr, argc, argv, resc, resv);
|
2015-07-20 09:12:02 +00:00
|
|
|
}
|
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/*
|
2019-07-10 14:46:31 +00:00
|
|
|
* f_eval - get a value of a term
|
2019-05-20 17:53:10 +00:00
|
|
|
* @expr: filter line containing the term
|
|
|
|
* @tmp_pool: long data may get allocated from this pool
|
2023-10-31 11:03:49 +00:00
|
|
|
* @pres: here the output will be stored if requested
|
2019-05-20 17:53:10 +00:00
|
|
|
*/
|
2018-12-17 12:51:11 +00:00
|
|
|
enum filter_return
|
2022-04-10 16:55:15 +00:00
|
|
|
f_eval(const struct f_line *expr, struct f_val *pres)
|
2000-05-15 10:49:38 +00:00
|
|
|
{
|
2022-04-10 16:55:15 +00:00
|
|
|
filter_state = (struct filter_state) {};
|
2010-09-20 11:01:01 +00:00
|
|
|
|
2021-08-25 20:20:48 +00:00
|
|
|
f_stack_init(filter_state);
|
|
|
|
|
2023-10-31 11:03:49 +00:00
|
|
|
enum filter_return fret = interpret(&filter_state, expr, 0, NULL, !!pres, pres);
|
2018-12-17 14:00:01 +00:00
|
|
|
return fret;
|
2013-07-25 11:15:32 +00:00
|
|
|
}
|
2010-09-20 11:01:01 +00:00
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/*
|
2023-10-13 11:36:47 +00:00
|
|
|
* cf_eval_tmp - evaluate a value of a term and check its type
|
2019-05-20 17:53:10 +00:00
|
|
|
*/
|
2023-08-24 02:45:55 +00:00
|
|
|
struct f_val
|
2023-10-13 11:36:47 +00:00
|
|
|
cf_eval_tmp(const struct f_inst *inst, int type)
|
2013-07-25 11:15:32 +00:00
|
|
|
{
|
2018-12-27 13:26:11 +00:00
|
|
|
struct f_val val;
|
|
|
|
|
2023-10-13 11:36:47 +00:00
|
|
|
if (f_eval(f_linearize(inst, 1), &val) > F_RETURN)
|
2019-07-15 10:03:13 +00:00
|
|
|
cf_error("Runtime error while evaluating expression; see log for details");
|
2010-09-20 11:01:01 +00:00
|
|
|
|
2023-08-24 02:45:55 +00:00
|
|
|
if (type != T_VOID && val.type != type)
|
|
|
|
cf_error("Expression of type %s expected", f_type_name(type));
|
2013-07-25 11:15:32 +00:00
|
|
|
|
2023-08-24 02:45:55 +00:00
|
|
|
return val;
|
2000-05-16 22:37:53 +00:00
|
|
|
}
|
2000-05-15 10:49:38 +00:00
|
|
|
|
2023-10-13 11:36:47 +00:00
|
|
|
|
2019-05-20 17:53:10 +00:00
|
|
|
/*
|
2019-07-10 14:46:31 +00:00
|
|
|
* f_eval_buf - get a value of a term and print it to the supplied buffer
|
2019-05-20 17:53:10 +00:00
|
|
|
*/
|
2019-02-11 16:12:48 +00:00
|
|
|
enum filter_return
|
2022-04-10 16:55:15 +00:00
|
|
|
f_eval_buf(const struct f_line *expr, buffer *buf)
|
2019-02-11 16:12:48 +00:00
|
|
|
{
|
|
|
|
struct f_val val;
|
2022-04-10 16:55:15 +00:00
|
|
|
enum filter_return fret = f_eval(expr, &val);
|
2019-09-23 22:18:48 +00:00
|
|
|
if (fret <= F_RETURN)
|
2019-02-11 16:12:48 +00:00
|
|
|
val_format(&val, buf);
|
|
|
|
return fret;
|
|
|
|
}
|
|
|
|
|
2000-04-28 09:48:28 +00:00
|
|
|
/**
|
|
|
|
* filter_same - compare two filters
|
|
|
|
* @new: first filter to be compared
|
2019-02-15 12:53:17 +00:00
|
|
|
* @old: second filter to be compared
|
2000-04-28 09:48:28 +00:00
|
|
|
*
|
|
|
|
* Returns 1 in case filters are same, otherwise 0. If there are
|
|
|
|
* underlying bugs, it will rather say 0 on same filters than say
|
|
|
|
* 1 on different.
|
|
|
|
*/
|
2000-01-16 17:49:32 +00:00
|
|
|
int
|
2019-02-15 12:53:17 +00:00
|
|
|
filter_same(const struct filter *new, const struct filter *old)
|
2000-01-16 17:49:32 +00:00
|
|
|
{
|
2000-03-12 22:40:07 +00:00
|
|
|
if (old == new) /* Handle FILTER_ACCEPT and FILTER_REJECT */
|
|
|
|
return 1;
|
|
|
|
if (old == FILTER_ACCEPT || old == FILTER_REJECT ||
|
|
|
|
new == FILTER_ACCEPT || new == FILTER_REJECT)
|
|
|
|
return 0;
|
2019-02-26 15:44:24 +00:00
|
|
|
|
|
|
|
if ((!old->sym) && (!new->sym))
|
|
|
|
return f_same(new->root, old->root);
|
|
|
|
|
|
|
|
if ((!old->sym) || (!new->sym))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
if (strcmp(old->sym->name, new->sym->name))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
return new->sym->flags & SYM_FLAG_SAME;
|
|
|
|
}
|
|
|
|
|
2024-06-13 13:49:56 +00:00
|
|
|
/* Initialize filter knobs */
|
|
|
|
void
|
|
|
|
filter_preconfig(struct config *new)
|
|
|
|
{
|
|
|
|
new->filter_vstk = 128;
|
|
|
|
new->filter_estk = 128;
|
|
|
|
}
|
|
|
|
|
2019-02-26 15:44:24 +00:00
|
|
|
/**
|
|
|
|
* filter_commit - do filter comparisons on all the named functions and filters
|
|
|
|
*/
|
|
|
|
void
|
2019-06-13 12:24:48 +00:00
|
|
|
filter_commit(struct config *new, struct config *old)
|
2019-02-26 15:44:24 +00:00
|
|
|
{
|
2024-06-13 13:49:56 +00:00
|
|
|
/* Update filter stack size variables */
|
|
|
|
atomic_store_explicit(&global_filter_runtime.filter_vstk, new->filter_vstk, memory_order_relaxed);
|
|
|
|
atomic_store_explicit(&global_filter_runtime.filter_estk, new->filter_estk, memory_order_relaxed);
|
|
|
|
|
2019-02-26 15:44:24 +00:00
|
|
|
if (!old)
|
|
|
|
return;
|
|
|
|
|
|
|
|
struct symbol *sym, *osym;
|
|
|
|
WALK_LIST(sym, new->symbols)
|
|
|
|
switch (sym->class) {
|
|
|
|
case SYM_FUNCTION:
|
|
|
|
if ((osym = cf_find_symbol(old, sym->name)) &&
|
|
|
|
(osym->class == SYM_FUNCTION) &&
|
|
|
|
f_same(sym->function, osym->function))
|
|
|
|
sym->flags |= SYM_FLAG_SAME;
|
|
|
|
else
|
|
|
|
sym->flags &= ~SYM_FLAG_SAME;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SYM_FILTER:
|
|
|
|
if ((osym = cf_find_symbol(old, sym->name)) &&
|
|
|
|
(osym->class == SYM_FILTER) &&
|
|
|
|
f_same(sym->filter->root, osym->filter->root))
|
|
|
|
sym->flags |= SYM_FLAG_SAME;
|
|
|
|
else
|
|
|
|
sym->flags &= ~SYM_FLAG_SAME;
|
|
|
|
break;
|
|
|
|
}
|
2000-01-16 17:49:32 +00:00
|
|
|
}
|
2019-07-03 06:13:07 +00:00
|
|
|
|
2021-06-21 15:07:31 +00:00
|
|
|
void channel_filter_dump(const struct filter *f)
|
|
|
|
{
|
|
|
|
if (f == FILTER_ACCEPT)
|
|
|
|
debug(" ALL");
|
|
|
|
else if (f == FILTER_REJECT)
|
|
|
|
debug(" NONE");
|
|
|
|
else if (f == FILTER_UNDEF)
|
|
|
|
debug(" UNDEF");
|
|
|
|
else if (f->sym) {
|
|
|
|
ASSERT(f->sym->filter == f);
|
|
|
|
debug(" named filter %s", f->sym->name);
|
|
|
|
} else {
|
|
|
|
debug("\n");
|
|
|
|
f_dump_line(f->root, 2);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-07-03 06:13:07 +00:00
|
|
|
void filters_dump_all(void)
|
|
|
|
{
|
|
|
|
struct symbol *sym;
|
|
|
|
WALK_LIST(sym, config->symbols) {
|
|
|
|
switch (sym->class) {
|
|
|
|
case SYM_FILTER:
|
|
|
|
debug("Named filter %s:\n", sym->name);
|
|
|
|
f_dump_line(sym->filter->root, 1);
|
|
|
|
break;
|
|
|
|
case SYM_FUNCTION:
|
|
|
|
debug("Function %s:\n", sym->name);
|
|
|
|
f_dump_line(sym->function, 1);
|
|
|
|
break;
|
|
|
|
case SYM_PROTO:
|
|
|
|
{
|
|
|
|
debug("Protocol %s:\n", sym->name);
|
|
|
|
struct channel *c;
|
|
|
|
WALK_LIST(c, sym->proto->proto->channels) {
|
|
|
|
debug(" Channel %s (%s) IMPORT", c->name, net_label[c->net_type]);
|
2021-06-21 15:07:31 +00:00
|
|
|
channel_filter_dump(c->in_filter);
|
|
|
|
debug(" EXPORT", c->name, net_label[c->net_type]);
|
|
|
|
channel_filter_dump(c->out_filter);
|
|
|
|
debug("\n");
|
2019-07-03 06:13:07 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|