allow macro definition on the command line:

pfctl -Dextif=wi0 -f /etc/pf.conf command line macro definitions override the ones made in the file (idea theo), very handy if your notebook has another NIC at some conference, as well as for debugging etc. idea rezine@mistrusted.net via pb@ hacked live at FOSDEM ok pb@ dhartmei@ cedric@
author: henning <henning@openbsd.org> 2003-02-11 20:11:36 +0000
committer: henning <henning@openbsd.org> 2003-02-11 20:11:36 +0000
commit: 04201873898aa4f3855be62ed3283b83aa9996db (patch)
tree: 46c7ee1432de80fd3042b8ac0349b56979aab488
parent: Manual pages for the new hil(4) and hilkbd(4) drivers. (diff)
download: wireguard-openbsd-04201873898aa4f3855be62ed3283b83aa9996db.tar.xz
wireguard-openbsd-04201873898aa4f3855be62ed3283b83aa9996db.zip
3 files changed, 47 insertions, 9 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index c7395aa41bf..3fa192c528b 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.312 2003/02/09 15:04:04 henning Exp $	*/
+/*	$OpenBSD: parse.y,v 1.313 2003/02/11 20:11:36 henning Exp $	*/
 
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -258,12 +258,13 @@ int	 getservice(char *);
 struct sym {
 	struct sym	*next;
 	int		 used;
+	int		 persist;
 	char		*nam;
 	char		*val;
 };
 struct sym	*symhead = NULL;
 
-int	 symset(const char *, const char *);
+int	 symset(const char *, const char *, int);
 char	*symget(const char *);
 
 void	 decide_address_family(struct node_host *, sa_family_t *);
@@ -483,7 +484,7 @@ string		: string STRING				{
 varset		: STRING PORTUNARY string		{
 			if (pf->opts & PF_OPT_VERBOSE)
 				printf("%s = \"%s\"\n", $1, $3);
-			if (symset($1, $3) == -1)
+			if (symset($1, $3, 0) == -1)
 				err(1, "cannot store variable %s", $1);
 		}
 		;
@@ -3947,11 +3948,19 @@ parse_rules(FILE *input, struct pfctl *xpf)
  * we wait until they discover this ugliness and make it all fancy.
  */
 int
-symset(const char *nam, const char *val)
+symset(const char *nam, const char *val, int persist)
 {
 	struct sym	*sym;
 
-	sym = calloc(1, sizeof(*sym));
+	for (sym = symhead; sym && strcmp(nam, sym->nam); sym = sym->next)
+		;	/* nothing */
+
+	if (sym == NULL)
+		sym = calloc(1, sizeof(*sym));
+	else
+		if (sym->persist == 1)
+			return (0);
+
 	if (sym == NULL)
 		return (-1);
 	sym->nam = strdup(nam);
@@ -3967,10 +3976,31 @@ symset(const char *nam, const char *val)
 	}
 	sym->next = symhead;
 	sym->used = 0;
+	sym->persist = persist;
 	symhead = sym;
 	return (0);
 }
 
+int
+pfctl_cmdline_symset(char *optarg)
+{
+	char	*sym, *val;
+	int	 ret;
+
+	if ((val = strrchr(optarg, '=')) == NULL)
+		return (-1);
+
+	if ((sym = malloc(strlen(optarg) - strlen(val) + 1)) == NULL)
+		err(1, "pfctl_cmdline_symset: malloc");
+
+	strlcpy(sym, optarg, strlen(optarg) - strlen(val) + 1);
+
+	ret = symset(sym, val + 1, 1);
+	free(sym);
+
+	return (ret);
+}
+
 char *
 symget(const char *nam)
 {
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 671a8301e41..f58b6c1af01 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfctl.c,v 1.147 2003/02/05 11:18:45 cedric Exp $ */
+/*	$OpenBSD: pfctl.c,v 1.148 2003/02/11 20:11:36 henning Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -187,7 +187,8 @@ usage(void)
 	fprintf(stderr, "usage: %s [-AdeqhnNrROvz] ", __progname);
 	fprintf(stderr, "[-a anchor:ruleset] [-f file]\n");
 	fprintf(stderr, "             ");
-	fprintf(stderr, "[-F modifier] [-k host] [-s modifier] [-x level]\n");
+	fprintf(stderr, "[-F modifier] [-k host] [-s modifier] [-x level] "
+	    "[-D macro=value ]\n");
 	fprintf(stderr, "             ");
 	fprintf(stderr, "[-t table [-T command [addresses]*]]\n");
 	exit(1);
@@ -1247,7 +1248,7 @@ main(int argc, char *argv[])
 	if (argc < 2)
 		usage();
 
-	while ((ch = getopt(argc, argv, "a:Adeqf:F:hk:nNOrRs:t:T:vx:z")) !=
+	while ((ch = getopt(argc, argv, "a:AdD:eqf:F:hk:nNOrRs:t:T:vx:z")) !=
 		-1) {
 		switch (ch) {
 		case 'a':
@@ -1257,6 +1258,11 @@ main(int argc, char *argv[])
 			opts |= PF_OPT_DISABLE;
 			mode = O_RDWR;
 			break;
+		case 'D':
+			if (pfctl_cmdline_symset(optarg) < 0)
+				warnx("could not parse macro definition %s",
+				    optarg);
+			break;
 		case 'e':
 			opts |= PF_OPT_ENABLE;
 			mode = O_RDWR;
diff --git a/sbin/pfctl/pfctl.h b/sbin/pfctl/pfctl.h
index 4ad60ff3f07..5d780e4aa1e 100644
--- a/sbin/pfctl/pfctl.h
+++ b/sbin/pfctl/pfctl.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfctl.h,v 1.9 2003/01/24 11:11:17 henning Exp $ */
+/*	$OpenBSD: pfctl.h,v 1.10 2003/02/11 20:11:36 henning Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -94,4 +94,6 @@ void	 print_seq(struct pf_state_peer *);
 void	 print_state(struct pf_state *, int);
 int	 unmask(struct pf_addr *, sa_family_t);
 
+int	 pfctl_cmdline_symset(char *);
+
 #endif /* _PFCTL_H_ */
author	henning <henning@openbsd.org>	2003-02-11 20:11:36 +0000
committer	henning <henning@openbsd.org>	2003-02-11 20:11:36 +0000
commit	04201873898aa4f3855be62ed3283b83aa9996db (patch)
tree	46c7ee1432de80fd3042b8ac0349b56979aab488
parent	Manual pages for the new hil(4) and hilkbd(4) drivers. (diff)
download	wireguard-openbsd-04201873898aa4f3855be62ed3283b83aa9996db.tar.xz wireguard-openbsd-04201873898aa4f3855be62ed3283b83aa9996db.zip