more on nettrace

author: netblue30 <netblue30@protonmail.com> 2022-01-07 09:52:00 -0500
committer: netblue30 <netblue30@protonmail.com> 2022-01-07 09:52:00 -0500
commit: 500a56efd310396f142440019aee671b5f747efb (patch)
tree: 8effc272b3814207c8b5583e99bcd9b925558dab /src/include/common.h
parent: fix wrap/nowrap help string in firemon (diff)
download: firejail-500a56efd310396f142440019aee671b5f747efb.tar.gz
firejail-500a56efd310396f142440019aee671b5f747efb.tar.zst
firejail-500a56efd310396f142440019aee671b5f747efb.zip
1 files changed, 19 insertions, 0 deletions
diff --git a/src/include/common.h b/src/include/common.h
index 5bcbaad88..d51382c41 100644
--- a/src/include/common.h
+++ b/src/include/common.h
@@ -73,6 +73,25 @@ static inline int atoip(const char *str, uint32_t *ip) {
        return 0;
 }
+// read an IPv4 address in CIDR format, for example 192.168.1.0/24
+static inline int atocidr(const char *str, uint32_t *ip, uint32_t *mask) {
+        unsigned a, b, c, d, e;
+        // extract ip
+        int rv = sscanf(str, "%u.%u.%u.%u/%u", &a, &b, &c, &d, &e);
+        if (rv != 5 || a > 255 || b > 255 || c > 255 || d > 255 || e > 32)
+                return 1;
+        *ip = a * 0x1000000 + b * 0x10000 + c * 0x100 + d;
+        // extract mask
+        uint32_t tmp;
+        unsigned i;
+        for (i = 0, *mask = 0, tmp = 0x80000000; i < e; i++, tmp >>= 1) {
+                *mask |= tmp;
+        }
+        return 0;
+}
 // verify an ip address is in the network range given by ifip and mask
 static inline char *in_netrange(uint32_t ip, uint32_t ifip, uint32_t ifmask) {
        if ((ip & ifmask) != (ifip & ifmask))
author	netblue30 <netblue30@protonmail.com>	2022-01-07 09:52:00 -0500
committer	netblue30 <netblue30@protonmail.com>	2022-01-07 09:52:00 -0500
commit	500a56efd310396f142440019aee671b5f747efb (patch)
tree	8effc272b3814207c8b5583e99bcd9b925558dab /src/include/common.h
parent	fix wrap/nowrap help string in firemon (diff)
download	firejail-500a56efd310396f142440019aee671b5f747efb.tar.gz firejail-500a56efd310396f142440019aee671b5f747efb.tar.zst firejail-500a56efd310396f142440019aee671b5f747efb.zip

diff --git a/src/include/common.h b/src/include/common.h index 5bcbaad88..d51382c41 100644 --- a/src/include/common.h +++ b/src/include/common.h
@@ -73,6 +73,25 @@ static inline int atoip(const char str, uint32_t ip) {
73	return 0;	73	return 0;
74	}	74	}
75		75
		76	// read an IPv4 address in CIDR format, for example 192.168.1.0/24
		77	static inline int atocidr(const char str, uint32_t ip, uint32_t *mask) {
		78	unsigned a, b, c, d, e;
		79
		80	// extract ip
		81	int rv = sscanf(str, "%u.%u.%u.%u/%u", &a, &b, &c, &d, &e);
		82	if (rv != 5 \|\| a > 255 \|\| b > 255 \|\| c > 255 \|\| d > 255 \|\| e > 32)
		83	return 1;
		84	ip = a 0x1000000 + b * 0x10000 + c * 0x100 + d;
		85
		86	// extract mask
		87	uint32_t tmp;
		88	unsigned i;
		89	for (i = 0, *mask = 0, tmp = 0x80000000; i < e; i++, tmp >>= 1) {
		90	*mask \|= tmp;
		91	}
		92	return 0;
		93	}
		94
76	// verify an ip address is in the network range given by ifip and mask	95	// verify an ip address is in the network range given by ifip and mask
77	static inline char *in_netrange(uint32_t ip, uint32_t ifip, uint32_t ifmask) {	96	static inline char *in_netrange(uint32_t ip, uint32_t ifip, uint32_t ifmask) {
78	if ((ip & ifmask) != (ifip & ifmask))	97	if ((ip & ifmask) != (ifip & ifmask))