Filter ospf and igmp separately.

Kind-of submitted by: phk

usr.sbin/ppp/filter.c

@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: filter.c,v 1.32 1999/07/27 23:43:58 brian Exp $
+ * $Id: filter.c,v 1.33 1999/07/28 03:01:51 brian Exp $
  *
  *	TODO: Shoud send ICMP error message when we discard packets.
  */
@@ -261,10 +261,13 @@ ParseUdpOrTcp(int argc, char const *const *argv, int proto,
   return 1;
 }
 
-static int ParseIgmp(int argc, char const * const *argv, struct filterent *tgt)
+static int
+ParseIgmp(int argc, char const * const *argv, struct filterent *tgt)
 {
-  /* Filter currently is a catch-all. Requests are either permitted or
-     dropped. */
+  /*
+   * Filter currently is a catch-all. Requests are either permitted or
+   * dropped.
+   */
   if (argc != 0) {
     log_Printf(LogWARN, "ParseIgmp: Too many parameters\n");
     return 0;
@@ -274,6 +277,22 @@ static int ParseIgmp(int argc, char const * const *argv, struct filterent *tgt)
   return 1;
 }
 
+static int
+ParseOspf(int argc, char const * const *argv, struct filterent *tgt)
+{
+  /*
+   * Filter currently is a catch-all. Requests are either permitted or
+   * dropped.
+   */
+  if (argc != 0) {
+    log_Printf(LogWARN, "ParseOspf: Too many parameters\n");
+    return 0;
+  } else
+    tgt->f_srcop = OP_NONE;
+
+  return 1;
+}
+
 static unsigned
 addrtype(const char *addr)
 {
@@ -432,6 +451,9 @@ Parse(struct ipcp *ipcp, int argc, char const *const *argv,
   case P_IGMP:
     val = ParseIgmp(argc, argv, &filterdata);
     break;
+  case P_OSPF:
+    val = ParseOspf(argc, argv, &filterdata);
+    break;
   }
 
   log_Printf(LogDEBUG, "Parse: Src: %s\n", inet_ntoa(filterdata.f_src.ipaddr));
@@ -569,7 +591,9 @@ filter_Show(struct cmdargs const *arg)
   return 0;
 }
 
-static const char *protoname[] = { "none", "tcp", "udp", "icmp", "igmp" };
+static const char *protoname[] = {
+  "none", "tcp", "udp", "icmp", "ospf", "igmp"
+};
 
 const char *
 filter_Proto2Nam(int proto)

usr.sbin/ppp/filter.h

@@ -15,7 +15,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: filter.h,v 1.16 1999/06/23 16:48:22 brian Exp $
+ * $Id: filter.h,v 1.17 1999/07/27 23:43:59 brian Exp $
  *
  *	TODO:
  */
@@ -25,7 +25,8 @@
 #define	P_TCP	1
 #define	P_UDP	2
 #define	P_ICMP	3
-#define P_IGMP	4
+#define	P_OSPF	4
+#define	P_IGMP	5
 
 /* Operations - f_srcop, f_dstop */
 #define	OP_NONE	0

usr.sbin/ppp/ip.c

@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: ip.c,v 1.64 1999/06/23 16:48:23 brian Exp $
+ * $Id: ip.c,v 1.65 1999/07/27 23:43:59 brian Exp $
  *
  *	TODO:
  *		o Return ICMP message for filterd packet
@@ -179,6 +179,13 @@ FilterCheck(const struct ip *pip, const struct filter *filter)
 	    estab = syn = finrst = -1;
 	    sport = ntohs(0);
 	    break;
+	  case IPPROTO_OSPFIGP:
+	    cproto = P_OSPF;
+	    if (datalen < 8)	/* IGMP uses 8-octet messages */
+	      return (1);
+	    estab = syn = finrst = -1;
+	    sport = ntohs(0);
+	    break;
 	  case IPPROTO_UDP:
 	  case IPPROTO_IPIP:
 	    cproto = P_UDP;
@@ -350,6 +357,16 @@ PacketCheck(struct bundle *bundle, char *cp, int nb, struct filter *filter)
       loglen += strlen(logbuf + loglen);
     }
     break;
+  case IPPROTO_OSPFIGP:
+    if (logit && loglen < sizeof logbuf) {
+      snprintf(logbuf + loglen, sizeof logbuf - loglen,
+	   "OSPF: %s ---> ", inet_ntoa(pip->ip_src));
+      loglen += strlen(logbuf + loglen);
+      snprintf(logbuf + loglen, sizeof logbuf - loglen,
+	       "%s", inet_ntoa(pip->ip_dst));
+      loglen += strlen(logbuf + loglen);
+    }
+    break;
   case IPPROTO_IPIP:
     if (logit && loglen < sizeof logbuf) {
       uh = (struct udphdr *) ptop;