1 /* 2 Copyright (c) 2013, The Linux Foundation. All rights reserved. 3 4 Redistribution and use in source and binary forms, with or without 5 modification, are permitted provided that the following conditions are 6 met: 7 * Redistributions of source code must retain the above copyright 8 notice, this list of conditions and the following disclaimer. 9 * Redistributions in binary form must reproduce the above 10 copyright notice, this list of conditions and the following 11 disclaimer in the documentation and/or other materials provided 12 with the distribution. 13 * Neither the name of The Linux Foundation nor the names of its 14 contributors may be used to endorse or promote products derived 15 from this software without specific prior written permission. 16 17 THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED 18 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 19 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT 20 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS 21 BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 24 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 25 WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE 26 OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN 27 IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 /*! 30 @file 31 IPACM_Xml.cpp 32 33 @brief 34 This file implements the XML specific parsing functionality. 35 36 @Author 37 Skylar Chang/Shihuan Liu 38 */ 39 40 #include <sys/socket.h> 41 #include <netinet/in.h> 42 #include <arpa/inet.h> 43 44 #include "IPACM_Xml.h" 45 #include "IPACM_Log.h" 46 #include "IPACM_Netlink.h" 47 48 static char* IPACM_read_content_element 49 ( 50 xmlNode* element 51 ); 52 53 static int32_t IPACM_util_icmp_string 54 ( 55 const char* xml_str, 56 const char* str 57 ); 58 59 static int ipacm_cfg_xml_parse_tree 60 ( 61 xmlNode* xml_node, 62 IPACM_conf_t *config 63 ); 64 65 static int IPACM_firewall_xml_parse_tree 66 ( 67 xmlNode* xml_node, 68 IPACM_firewall_conf_t *config 69 ); 70 71 /*Reads content (stored as child) of the element */ 72 static char* IPACM_read_content_element 73 ( 74 xmlNode* element 75 ) 76 { 77 xmlNode* child_ptr; 78 79 for (child_ptr = element->children; 80 child_ptr != NULL; 81 child_ptr = child_ptr->next) 82 { 83 if (child_ptr->type == XML_TEXT_NODE) 84 { 85 return (char*)child_ptr->content; 86 } 87 } 88 return NULL; 89 } 90 91 /* insensitive comparison of a libxml's string (xml_str) and a regular string (str)*/ 92 static int32_t IPACM_util_icmp_string 93 ( 94 const char* xml_str, 95 const char* str 96 ) 97 { 98 int32_t ret = -1; 99 100 if (NULL != xml_str && NULL != str) 101 { 102 uint32_t len1 = strlen(str); 103 uint32_t len2 = strlen(xml_str); 104 /* If the lengths match, do the string comparison */ 105 if (len1 == len2) 106 { 107 ret = strncasecmp(xml_str, str, len1); 108 } 109 } 110 111 return ret; 112 } 113 114 /* This function read IPACM XML and populate the IPA CM Cfg */ 115 int ipacm_read_cfg_xml(char *xml_file, IPACM_conf_t *config) 116 { 117 xmlDocPtr doc = NULL; 118 xmlNode* root = NULL; 119 int ret_val = IPACM_SUCCESS; 120 121 /* Invoke the XML parser and obtain the parse tree */ 122 doc = xmlReadFile(xml_file, "UTF-8", XML_PARSE_NOBLANKS); 123 if (doc == NULL) { 124 IPACMDBG_H("IPACM_xml_parse: libxml returned parse error!\n"); 125 return IPACM_FAILURE; 126 } 127 128 /*Get the root of the tree*/ 129 root = xmlDocGetRootElement(doc); 130 131 memset(config, 0, sizeof(IPACM_conf_t)); 132 133 /* parse the xml tree returned by libxml */ 134 ret_val = ipacm_cfg_xml_parse_tree(root, config); 135 136 if (ret_val != IPACM_SUCCESS) 137 { 138 IPACMDBG_H("IPACM_xml_parse: ipacm_cfg_xml_parse_tree returned parse error!\n"); 139 } 140 141 /* Free up the libxml's parse tree */ 142 xmlFreeDoc(doc); 143 144 return ret_val; 145 } 146 147 /* This function traverses the xml tree*/ 148 static int ipacm_cfg_xml_parse_tree 149 ( 150 xmlNode* xml_node, 151 IPACM_conf_t *config 152 ) 153 { 154 int32_t ret_val = IPACM_SUCCESS; 155 int str_size; 156 char* content; 157 char content_buf[MAX_XML_STR_LEN]; 158 159 if (NULL == xml_node) 160 return ret_val; 161 while ( xml_node != NULL && 162 ret_val == IPACM_SUCCESS) 163 { 164 switch (xml_node->type) 165 { 166 case XML_ELEMENT_NODE: 167 { 168 if (IPACM_util_icmp_string((char*)xml_node->name, system_TAG) == 0 || 169 IPACM_util_icmp_string((char*)xml_node->name, ODU_TAG) == 0 || 170 IPACM_util_icmp_string((char*)xml_node->name, IPACMCFG_TAG) == 0 || 171 IPACM_util_icmp_string((char*)xml_node->name, IPACMIFACECFG_TAG) == 0 || 172 IPACM_util_icmp_string((char*)xml_node->name, IFACE_TAG) == 0 || 173 IPACM_util_icmp_string((char*)xml_node->name, IPACMPRIVATESUBNETCFG_TAG) == 0 || 174 IPACM_util_icmp_string((char*)xml_node->name, SUBNET_TAG) == 0 || 175 IPACM_util_icmp_string((char*)xml_node->name, IPACMALG_TAG) == 0 || 176 IPACM_util_icmp_string((char*)xml_node->name, ALG_TAG) == 0 || 177 IPACM_util_icmp_string((char*)xml_node->name, IPACMNat_TAG) == 0 || 178 IPACM_util_icmp_string((char*)xml_node->name, IP_PassthroughFlag_TAG) == 0) 179 { 180 if (0 == IPACM_util_icmp_string((char*)xml_node->name, IFACE_TAG)) 181 { 182 /* increase iface entry number */ 183 config->iface_config.num_iface_entries++; 184 } 185 186 if (0 == IPACM_util_icmp_string((char*)xml_node->name, SUBNET_TAG)) 187 { 188 /* increase iface entry number */ 189 config->private_subnet_config.num_subnet_entries++; 190 } 191 192 if (0 == IPACM_util_icmp_string((char*)xml_node->name, ALG_TAG)) 193 { 194 /* increase iface entry number */ 195 config->alg_config.num_alg_entries++; 196 } 197 /* go to child */ 198 ret_val = ipacm_cfg_xml_parse_tree(xml_node->children, config); 199 } 200 else if (IPACM_util_icmp_string((char*)xml_node->name, IP_PassthroughMode_TAG) == 0) 201 { 202 IPACMDBG_H("inside IP Passthrough\n"); 203 content = IPACM_read_content_element(xml_node); 204 if (content) 205 { 206 str_size = strlen(content); 207 memset(content_buf, 0, sizeof(content_buf)); 208 memcpy(content_buf, (void *)content, str_size); 209 if (atoi(content_buf)) 210 { 211 config->ip_passthrough_mode = true; 212 IPACMDBG_H("Passthrough enable %d buf(%d)\n", config->ip_passthrough_mode, atoi(content_buf)); 213 } 214 else 215 { 216 config->ip_passthrough_mode = false; 217 IPACMDBG_H("Passthrough enable %d buf(%d)\n", config->ip_passthrough_mode, atoi(content_buf)); 218 } 219 } 220 } 221 else if (IPACM_util_icmp_string((char*)xml_node->name, ODUMODE_TAG) == 0) 222 { 223 IPACMDBG_H("inside ODU-XML\n"); 224 content = IPACM_read_content_element(xml_node); 225 if (content) 226 { 227 str_size = strlen(content); 228 memset(content_buf, 0, sizeof(content_buf)); 229 memcpy(content_buf, (void *)content, str_size); 230 if (0 == strncasecmp(content_buf, ODU_ROUTER_TAG, str_size)) 231 { 232 config->router_mode_enable = true; 233 IPACMDBG_H("router-mode enable %d\n", config->router_mode_enable); 234 } 235 else if (0 == strncasecmp(content_buf, ODU_BRIDGE_TAG, str_size)) 236 { 237 config->router_mode_enable = false; 238 IPACMDBG_H("router-mode enable %d\n", config->router_mode_enable); 239 } 240 } 241 } 242 else if (IPACM_util_icmp_string((char*)xml_node->name, ODUEMBMS_OFFLOAD_TAG) == 0) 243 { 244 IPACMDBG_H("inside ODU-XML\n"); 245 content = IPACM_read_content_element(xml_node); 246 if (content) 247 { 248 str_size = strlen(content); 249 memset(content_buf, 0, sizeof(content_buf)); 250 memcpy(content_buf, (void *)content, str_size); 251 if (atoi(content_buf)) 252 { 253 config->odu_embms_enable = true; 254 IPACMDBG_H("router-mode enable %d buf(%d)\n", config->odu_embms_enable, atoi(content_buf)); 255 } 256 else 257 { 258 config->odu_embms_enable = false; 259 IPACMDBG_H("router-mode enable %d buf(%d)\n", config->odu_embms_enable, atoi(content_buf)); 260 } 261 } 262 } 263 else if (IPACM_util_icmp_string((char*)xml_node->name, NAME_TAG) == 0) 264 { 265 content = IPACM_read_content_element(xml_node); 266 if (content) 267 { 268 str_size = strlen(content); 269 memset(content_buf, 0, sizeof(content_buf)); 270 strlcpy(content_buf, content, MAX_XML_STR_LEN); 271 strlcpy(config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name, content_buf, IPA_IFACE_NAME_LEN); 272 IPACMDBG_H("Name %s\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name); 273 } 274 } 275 else if (IPACM_util_icmp_string((char*)xml_node->name, CATEGORY_TAG) == 0) 276 { 277 content = IPACM_read_content_element(xml_node); 278 if (content) 279 { 280 str_size = strlen(content); 281 memset(content_buf, 0, sizeof(content_buf)); 282 memcpy(content_buf, (void *)content, str_size); 283 if (0 == strncasecmp(content_buf, WANIF_TAG, str_size)) 284 { 285 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = WAN_IF; 286 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat); 287 } 288 else if (0 == strncasecmp(content_buf, LANIF_TAG, str_size)) 289 { 290 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = LAN_IF; 291 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat); 292 } 293 else if (0 == strncasecmp(content_buf, WLANIF_TAG, str_size)) 294 { 295 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = WLAN_IF; 296 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat); 297 } 298 else if (0 == strncasecmp(content_buf, VIRTUALIF_TAG, str_size)) 299 { 300 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = VIRTUAL_IF; 301 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat); 302 } 303 else if (0 == strncasecmp(content_buf, UNKNOWNIF_TAG, str_size)) 304 { 305 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = UNKNOWN_IF; 306 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat); 307 } 308 else if (0 == strncasecmp(content_buf, ETHIF_TAG, str_size)) 309 { 310 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = ETH_IF; 311 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat); 312 } 313 else if (0 == strncasecmp(content_buf, ODUIF_TAG, str_size)) 314 { 315 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = ODU_IF; 316 IPACMDBG("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat); 317 } 318 } 319 } 320 else if (IPACM_util_icmp_string((char*)xml_node->name, MODE_TAG) == 0) 321 { 322 content = IPACM_read_content_element(xml_node); 323 if (content) 324 { 325 str_size = strlen(content); 326 memset(content_buf, 0, sizeof(content_buf)); 327 memcpy(content_buf, (void *)content, str_size); 328 if (0 == strncasecmp(content_buf, IFACE_ROUTER_MODE_TAG, str_size)) 329 { 330 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode = ROUTER; 331 IPACMDBG_H("Iface mode %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode); 332 } 333 else if (0 == strncasecmp(content_buf, IFACE_BRIDGE_MODE_TAG, str_size)) 334 { 335 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode = BRIDGE; 336 IPACMDBG_H("Iface mode %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode); 337 } 338 } 339 } 340 else if (IPACM_util_icmp_string((char*)xml_node->name, WLAN_MODE_TAG) == 0) 341 { 342 IPACMDBG_H("Inside WLAN-XML\n"); 343 content = IPACM_read_content_element(xml_node); 344 if (content) 345 { 346 str_size = strlen(content); 347 memset(content_buf, 0, sizeof(content_buf)); 348 memcpy(content_buf, (void *)content, str_size); 349 350 if (0 == strncasecmp(content_buf, WLAN_FULL_MODE_TAG, str_size)) 351 { 352 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode = FULL; 353 IPACMDBG_H("Wlan-mode full(%d)\n", 354 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode); 355 } 356 else if (0 == strncasecmp(content_buf, WLAN_INTERNET_MODE_TAG, str_size)) 357 { 358 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode = INTERNET; 359 config->num_wlan_guest_ap++; 360 IPACMDBG_H("Wlan-mode internet(%d)\n", 361 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode); 362 } 363 } 364 } 365 else if (IPACM_util_icmp_string((char*)xml_node->name, SUBNETADDRESS_TAG) == 0) 366 { 367 content = IPACM_read_content_element(xml_node); 368 if (content) 369 { 370 str_size = strlen(content); 371 memset(content_buf, 0, sizeof(content_buf)); 372 memcpy(content_buf, (void *)content, str_size); 373 content_buf[MAX_XML_STR_LEN-1] = '\0'; 374 config->private_subnet_config.private_subnet_entries[config->private_subnet_config.num_subnet_entries - 1].subnet_addr 375 = ntohl(inet_addr(content_buf)); 376 IPACMDBG_H("subnet_addr: %s \n", content_buf); 377 } 378 } 379 else if (IPACM_util_icmp_string((char*)xml_node->name, SUBNETMASK_TAG) == 0) 380 { 381 content = IPACM_read_content_element(xml_node); 382 if (content) 383 { 384 str_size = strlen(content); 385 memset(content_buf, 0, sizeof(content_buf)); 386 memcpy(content_buf, (void *)content, str_size); 387 content_buf[MAX_XML_STR_LEN-1] = '\0'; 388 config->private_subnet_config.private_subnet_entries[config->private_subnet_config.num_subnet_entries - 1].subnet_mask 389 = ntohl(inet_addr(content_buf)); 390 IPACMDBG_H("subnet_mask: %s \n", content_buf); 391 } 392 } 393 else if (IPACM_util_icmp_string((char*)xml_node->name, Protocol_TAG) == 0) 394 { 395 content = IPACM_read_content_element(xml_node); 396 if (content) 397 { 398 str_size = strlen(content); 399 memset(content_buf, 0, sizeof(content_buf)); 400 memcpy(content_buf, (void *)content, str_size); 401 content_buf[MAX_XML_STR_LEN-1] = '\0'; 402 403 if (0 == strncasecmp(content_buf, TCP_PROTOCOL_TAG, str_size)) 404 { 405 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol = IPPROTO_TCP; 406 IPACMDBG_H("Protocol %s: %d\n", 407 content_buf, config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol); 408 } 409 else if (0 == strncasecmp(content_buf, UDP_PROTOCOL_TAG, str_size)) 410 { 411 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol = IPPROTO_UDP; 412 IPACMDBG_H("Protocol %s: %d\n", 413 content_buf, config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol); 414 } 415 } 416 } 417 else if (IPACM_util_icmp_string((char*)xml_node->name, Port_TAG) == 0) 418 { 419 content = IPACM_read_content_element(xml_node); 420 if (content) 421 { 422 str_size = strlen(content); 423 memset(content_buf, 0, sizeof(content_buf)); 424 memcpy(content_buf, (void *)content, str_size); 425 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].port 426 = atoi(content_buf); 427 IPACMDBG_H("port %d\n", config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].port); 428 } 429 } 430 else if (IPACM_util_icmp_string((char*)xml_node->name, NAT_MaxEntries_TAG) == 0) 431 { 432 content = IPACM_read_content_element(xml_node); 433 if (content) 434 { 435 str_size = strlen(content); 436 memset(content_buf, 0, sizeof(content_buf)); 437 memcpy(content_buf, (void *)content, str_size); 438 config->nat_max_entries = atoi(content_buf); 439 IPACMDBG_H("Nat Table Max Entries %d\n", config->nat_max_entries); 440 } 441 } 442 } 443 break; 444 default: 445 break; 446 } 447 /* go to sibling */ 448 xml_node = xml_node->next; 449 } /* end while */ 450 return ret_val; 451 } 452 453 /* This function read QCMAP CM Firewall XML and populate the QCMAP CM Cfg */ 454 int IPACM_read_firewall_xml(char *xml_file, IPACM_firewall_conf_t *config) 455 { 456 xmlDocPtr doc = NULL; 457 xmlNode* root = NULL; 458 int ret_val; 459 460 IPACM_ASSERT(xml_file != NULL); 461 IPACM_ASSERT(config != NULL); 462 463 /* invoke the XML parser and obtain the parse tree */ 464 doc = xmlReadFile(xml_file, "UTF-8", XML_PARSE_NOBLANKS); 465 if (doc == NULL) { 466 IPACMDBG_H("IPACM_xml_parse: libxml returned parse error\n"); 467 return IPACM_FAILURE; 468 } 469 /*get the root of the tree*/ 470 root = xmlDocGetRootElement(doc); 471 472 /* parse the xml tree returned by libxml*/ 473 ret_val = IPACM_firewall_xml_parse_tree(root, config); 474 475 if (ret_val != IPACM_SUCCESS) 476 { 477 IPACMDBG_H("IPACM_xml_parse: ipacm_firewall_xml_parse_tree returned parse error!\n"); 478 } 479 480 /* free the tree */ 481 xmlFreeDoc(doc); 482 483 return ret_val; 484 } 485 486 487 /* This function traverses the firewall xml tree */ 488 static int IPACM_firewall_xml_parse_tree 489 ( 490 xmlNode* xml_node, 491 IPACM_firewall_conf_t *config 492 ) 493 { 494 int mask_value_v6, mask_index; 495 int32_t ret_val = IPACM_SUCCESS; 496 char *content; 497 int str_size; 498 char content_buf[MAX_XML_STR_LEN]; 499 struct in6_addr ip6_addr; 500 501 IPACM_ASSERT(config != NULL); 502 503 if (NULL == xml_node) 504 return ret_val; 505 506 while ( xml_node != NULL && 507 ret_val == IPACM_SUCCESS) 508 { 509 switch (xml_node->type) 510 { 511 512 case XML_ELEMENT_NODE: 513 { 514 if (0 == IPACM_util_icmp_string((char*)xml_node->name, system_TAG) || 515 0 == IPACM_util_icmp_string((char*)xml_node->name, MobileAPFirewallCfg_TAG) || 516 0 == IPACM_util_icmp_string((char*)xml_node->name, Firewall_TAG) || 517 0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallEnabled_TAG) || 518 0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallPktsAllowed_TAG)) 519 { 520 if (0 == IPACM_util_icmp_string((char*)xml_node->name, Firewall_TAG)) 521 { 522 /* increase firewall entry num */ 523 config->num_extd_firewall_entries++; 524 } 525 526 if (0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallPktsAllowed_TAG)) 527 { 528 /* setup action of matched rules */ 529 content = IPACM_read_content_element(xml_node); 530 if (content) 531 { 532 str_size = strlen(content); 533 memset(content_buf, 0, sizeof(content_buf)); 534 memcpy(content_buf, (void *)content, str_size); 535 if (atoi(content_buf)==1) 536 { 537 config->rule_action_accept = true; 538 } 539 else 540 { 541 config->rule_action_accept = false; 542 } 543 IPACMDBG_H(" Allow traffic which matches rules ?:%d\n",config->rule_action_accept); 544 } 545 } 546 547 if (0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallEnabled_TAG)) 548 { 549 /* setup if firewall enable or not */ 550 content = IPACM_read_content_element(xml_node); 551 if (content) 552 { 553 str_size = strlen(content); 554 memset(content_buf, 0, sizeof(content_buf)); 555 memcpy(content_buf, (void *)content, str_size); 556 if (atoi(content_buf)==1) 557 { 558 config->firewall_enable = true; 559 } 560 else 561 { 562 config->firewall_enable = false; 563 } 564 IPACMDBG_H(" Firewall Enable?:%d\n", config->firewall_enable); 565 } 566 } 567 /* go to child */ 568 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 569 } 570 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPFamily_TAG)) 571 { 572 content = IPACM_read_content_element(xml_node); 573 if (content) 574 { 575 str_size = strlen(content); 576 memset(content_buf, 0, sizeof(content_buf)); 577 memcpy(content_buf, (void *)content, str_size); 578 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].ip_vsn 579 = (firewall_ip_version_enum)atoi(content_buf); 580 IPACMDBG_H("\n IP family type is %d \n", 581 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].ip_vsn); 582 } 583 } 584 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceAddress_TAG)) 585 { 586 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_ADDR; 587 /* go to child */ 588 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 589 } 590 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceIPAddress_TAG)) 591 { 592 content = IPACM_read_content_element(xml_node); 593 if (content) 594 { 595 str_size = strlen(content); 596 memset(content_buf, 0, sizeof(content_buf)); 597 memcpy(content_buf, (void *)content, str_size); 598 content_buf[MAX_XML_STR_LEN-1] = '\0'; 599 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.src_addr 600 = ntohl(inet_addr(content_buf)); 601 IPACMDBG_H("IPv4 source address is: %s \n", content_buf); 602 } 603 } 604 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceSubnetMask_TAG)) 605 { 606 content = IPACM_read_content_element(xml_node); 607 if (content) 608 { 609 str_size = strlen(content); 610 memset(content_buf, 0, sizeof(content_buf)); 611 memcpy(content_buf, (void *)content, str_size); 612 content_buf[MAX_XML_STR_LEN-1] = '\0'; 613 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.src_addr_mask 614 = ntohl(inet_addr(content_buf)); 615 IPACMDBG_H("IPv4 source subnet mask is: %s \n", content_buf); 616 } 617 } 618 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationAddress_TAG)) 619 { 620 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_ADDR; 621 /* go to child */ 622 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 623 } 624 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationIPAddress_TAG)) 625 { 626 content = IPACM_read_content_element(xml_node); 627 if (content) 628 { 629 str_size = strlen(content); 630 memset(content_buf, 0, sizeof(content_buf)); 631 memcpy(content_buf, (void *)content, str_size); 632 content_buf[MAX_XML_STR_LEN-1] = '\0'; 633 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr 634 = ntohl(inet_addr(content_buf)); 635 IPACMDBG_H("IPv4 destination address is: %s \n", content_buf); 636 } 637 } 638 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationSubnetMask_TAG)) 639 { 640 content = IPACM_read_content_element(xml_node); 641 if (content) 642 { 643 str_size = strlen(content); 644 memset(content_buf, 0, sizeof(content_buf)); 645 memcpy(content_buf, (void *)content, str_size); 646 content_buf[MAX_XML_STR_LEN-1] = '\0'; 647 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr_mask 648 = ntohl(inet_addr(content_buf)); 649 IPACMDBG_H("IPv4 destination subnet mask is: %s \n", content_buf); 650 } 651 } 652 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4TypeOfService_TAG)) 653 { 654 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TOS; 655 /* go to child */ 656 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 657 } 658 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TOSValue_TAG)) 659 { 660 content = IPACM_read_content_element(xml_node); 661 if (content) 662 { 663 str_size = strlen(content); 664 memset(content_buf, 0, sizeof(content_buf)); 665 memcpy(content_buf, (void *)content, str_size); 666 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos 667 = atoi(content_buf); 668 IPACMDBG_H("\n IPV4 TOS val is %d \n", 669 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos); 670 } 671 } 672 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TOSMask_TAG)) 673 { 674 content = IPACM_read_content_element(xml_node); 675 if (content) 676 { 677 str_size = strlen(content); 678 memset(content_buf, 0, sizeof(content_buf)); 679 memcpy(content_buf, (void *)content, str_size); 680 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos 681 &= atoi(content_buf); 682 IPACMDBG_H("\n IPv4 TOS mask is %d \n", 683 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos); 684 } 685 } 686 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4NextHeaderProtocol_TAG)) 687 { 688 content = IPACM_read_content_element(xml_node); 689 if (content) 690 { 691 str_size = strlen(content); 692 memset(content_buf, 0, sizeof(content_buf)); 693 memcpy(content_buf, (void *)content, str_size); 694 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_PROTOCOL; 695 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.protocol = atoi(content_buf); 696 IPACMDBG_H("\n IPv4 next header prot is %d \n", 697 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.protocol); 698 } 699 } 700 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourceAddress_TAG)) 701 { 702 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= 703 IPA_FLT_SRC_ADDR; 704 /* go to child */ 705 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 706 } 707 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourceIPAddress_TAG)) 708 { 709 content = IPACM_read_content_element(xml_node); 710 if (content) 711 { 712 str_size = strlen(content); 713 memset(content_buf, 0, sizeof(content_buf)); 714 memcpy(content_buf, (void *)content, str_size); 715 inet_pton(AF_INET6, content_buf, &ip6_addr); 716 memcpy(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr, 717 ip6_addr.s6_addr, IPACM_IPV6_ADDR_LEN * sizeof(uint8_t)); 718 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]); 719 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[1]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[1]); 720 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[2]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[2]); 721 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[3]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[3]); 722 723 IPACMDBG_H("\n ipv6 source addr is %d \n ", 724 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]); 725 } 726 } 727 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourcePrefix_TAG)) 728 { 729 content = IPACM_read_content_element(xml_node); 730 if (content) 731 { 732 str_size = strlen(content); 733 memset(content_buf, 0, sizeof(content_buf)); 734 memcpy(content_buf, (void *)content, str_size); 735 mask_value_v6 = atoi(content_buf); 736 for (mask_index = 0; mask_index < 4; mask_index++) 737 { 738 if (mask_value_v6 >= 32) 739 { 740 mask_v6(32, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr_mask[mask_index])); 741 mask_value_v6 -= 32; 742 } 743 else 744 { 745 mask_v6(mask_value_v6, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr_mask[mask_index])); 746 mask_value_v6 = 0; 747 } 748 } 749 IPACMDBG_H("\n ipv6 source prefix is %d \n", atoi(content_buf)); 750 } 751 } 752 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationAddress_TAG)) 753 { 754 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= 755 IPA_FLT_DST_ADDR; 756 /* go to child */ 757 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 758 } 759 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationIPAddress_TAG)) 760 { 761 content = IPACM_read_content_element(xml_node); 762 if (content) 763 { 764 str_size = strlen(content); 765 memset(content_buf, 0, sizeof(content_buf)); 766 memcpy(content_buf, (void *)content, str_size); 767 inet_pton(AF_INET6, content_buf, &ip6_addr); 768 memcpy(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr, 769 ip6_addr.s6_addr, IPACM_IPV6_ADDR_LEN * sizeof(uint8_t)); 770 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]); 771 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[1]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[1]); 772 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[2]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[2]); 773 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[3]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[3]); 774 IPACMDBG_H("\n ipv6 dest addr is %d \n", 775 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]); 776 } 777 } 778 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationPrefix_TAG)) 779 { 780 content = IPACM_read_content_element(xml_node); 781 if (content) 782 { 783 str_size = strlen(content); 784 memset(content_buf, 0, sizeof(content_buf)); 785 memcpy(content_buf, (void *)content, str_size); 786 mask_value_v6 = atoi(content_buf); 787 for (mask_index = 0; mask_index < 4; mask_index++) 788 { 789 if (mask_value_v6 >= 32) 790 { 791 mask_v6(32, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr_mask[mask_index])); 792 mask_value_v6 -= 32; 793 } 794 else 795 { 796 mask_v6(mask_value_v6, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr_mask[mask_index])); 797 mask_value_v6 = 0; 798 } 799 } 800 IPACMDBG_H("\n ipv6 dest prefix is %d \n", atoi(content_buf)); 801 } 802 } 803 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6TrafficClass_TAG)) 804 { 805 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TC; 806 /* go to child */ 807 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 808 } 809 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TrfClsValue_TAG)) 810 { 811 content = IPACM_read_content_element(xml_node); 812 if (content) 813 { 814 str_size = strlen(content); 815 memset(content_buf, 0, sizeof(content_buf)); 816 memcpy(content_buf, (void *)content, str_size); 817 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc 818 = atoi(content_buf); 819 IPACMDBG_H("\n ipv6 trf class val is %d \n", 820 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc); 821 } 822 } 823 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TrfClsMask_TAG)) 824 { 825 content = IPACM_read_content_element(xml_node); 826 if (content) 827 { 828 str_size = strlen(content); 829 memset(content_buf, 0, sizeof(content_buf)); 830 memcpy(content_buf, (void *)content, str_size); 831 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc 832 &= atoi(content_buf); 833 IPACMDBG_H("\n ipv6 trf class mask is %d \n", atoi(content_buf)); 834 } 835 } 836 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6NextHeaderProtocol_TAG)) 837 { 838 content = IPACM_read_content_element(xml_node); 839 if (content) 840 { 841 str_size = strlen(content); 842 memset(content_buf, 0, sizeof(content_buf)); 843 memcpy(content_buf, (void *)content, str_size); 844 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_NEXT_HDR; 845 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.next_hdr 846 = atoi(content_buf); 847 IPACMDBG_H("\n ipv6 next header protocol is %d \n", 848 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.next_hdr); 849 } 850 } 851 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSource_TAG)) 852 { 853 /* go to child */ 854 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 855 } 856 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSourcePort_TAG)) 857 { 858 content = IPACM_read_content_element(xml_node); 859 if (content) 860 { 861 str_size = strlen(content); 862 memset(content_buf, 0, sizeof(content_buf)); 863 memcpy(content_buf, (void *)content, str_size); 864 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port 865 = atoi(content_buf); 866 } 867 } 868 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSourceRange_TAG)) 869 { 870 content = IPACM_read_content_element(xml_node); 871 if (content) 872 { 873 str_size = strlen(content); 874 memset(content_buf, 0, sizeof(content_buf)); 875 memcpy(content_buf, (void *)content, str_size); 876 if (atoi(content_buf) != 0) 877 { 878 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE; 879 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo 880 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port; 881 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi 882 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf); 883 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0; 884 IPACMDBG_H("\n tcp source port from %d to %d \n", 885 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo, 886 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi); 887 } 888 else 889 { 890 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT; 891 IPACMDBG_H("\n tcp source port= %d \n", 892 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port); 893 } 894 } 895 } 896 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestination_TAG)) 897 { 898 /* go to child */ 899 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 900 } 901 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestinationPort_TAG)) 902 { 903 content = IPACM_read_content_element(xml_node); 904 if (content) 905 { 906 str_size = strlen(content); 907 memset(content_buf, 0, sizeof(content_buf)); 908 memcpy(content_buf, (void *)content, str_size); 909 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port 910 = atoi(content_buf); 911 } 912 } 913 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestinationRange_TAG)) 914 { 915 content = IPACM_read_content_element(xml_node); 916 if (content) 917 { 918 str_size = strlen(content); 919 memset(content_buf, 0, sizeof(content_buf)); 920 memcpy(content_buf, (void *)content, str_size); 921 if(atoi(content_buf)!=0) 922 { 923 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE; 924 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo 925 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port; 926 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi 927 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf); 928 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0; 929 IPACMDBG_H("\n tcp dest port from %d to %d \n", 930 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo, 931 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi); 932 } 933 else 934 { 935 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT; 936 IPACMDBG_H("\n tcp dest port= %d \n", 937 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port); 938 } 939 } 940 } 941 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSource_TAG)) 942 { 943 /* go to child */ 944 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 945 } 946 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSourcePort_TAG)) 947 { 948 content = IPACM_read_content_element(xml_node); 949 if (content) 950 { 951 str_size = strlen(content); 952 memset(content_buf, 0, sizeof(content_buf)); 953 memcpy(content_buf, (void *)content, str_size); 954 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port 955 = atoi(content_buf); 956 } 957 } 958 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSourceRange_TAG)) 959 { 960 content = IPACM_read_content_element(xml_node); 961 if (content) 962 { 963 str_size = strlen(content); 964 memset(content_buf, 0, sizeof(content_buf)); 965 memcpy(content_buf, (void *)content, str_size); 966 if(atoi(content_buf)!=0) 967 { 968 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE; 969 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo 970 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port; 971 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi 972 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf); 973 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0; 974 IPACMDBG_H("\n udp source port from %d to %d \n", 975 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo, 976 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi); 977 } 978 else 979 { 980 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT; 981 IPACMDBG_H("\n udp source port= %d \n", 982 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port); 983 } 984 } 985 } 986 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestination_TAG)) 987 { 988 /* go to child */ 989 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 990 } 991 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestinationPort_TAG)) 992 { 993 content = IPACM_read_content_element(xml_node); 994 if (content) 995 { 996 str_size = strlen(content); 997 memset(content_buf, 0, sizeof(content_buf)); 998 memcpy(content_buf, (void *)content, str_size); 999 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port 1000 = atoi(content_buf); 1001 } 1002 } 1003 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestinationRange_TAG)) 1004 { 1005 content = IPACM_read_content_element(xml_node); 1006 if (content) 1007 { 1008 str_size = strlen(content); 1009 memset(content_buf, 0, sizeof(content_buf)); 1010 memcpy(content_buf, (void *)content, str_size); 1011 if(atoi(content_buf)!=0) 1012 { 1013 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE; 1014 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo 1015 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port; 1016 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi 1017 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf); 1018 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0; 1019 IPACMDBG_H("\n UDP dest port from %d to %d \n", 1020 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo, 1021 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi); 1022 } 1023 else 1024 { 1025 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT; 1026 IPACMDBG_H("\n UDP dest port= %d \n", 1027 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port); 1028 } 1029 } 1030 } 1031 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ICMPType_TAG)) 1032 { 1033 content = IPACM_read_content_element(xml_node); 1034 if (content) 1035 { 1036 str_size = strlen(content); 1037 memset(content_buf, 0, sizeof(content_buf)); 1038 memcpy(content_buf, (void *)content, str_size); 1039 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.type = atoi(content_buf); 1040 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TYPE; 1041 IPACMDBG_H("\n icmp type is %d \n", 1042 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.type); 1043 } 1044 } 1045 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ICMPCode_TAG)) 1046 { 1047 content = IPACM_read_content_element(xml_node); 1048 if (content) 1049 { 1050 str_size = strlen(content); 1051 memset(content_buf, 0, sizeof(content_buf)); 1052 memcpy(content_buf, (void *)content, str_size); 1053 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.code = atoi(content_buf); 1054 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_CODE; 1055 IPACMDBG_H("\n icmp code is %d \n", 1056 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.code); 1057 } 1058 } 1059 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ESPSPI_TAG)) 1060 { 1061 content = IPACM_read_content_element(xml_node); 1062 if (content) 1063 { 1064 str_size = strlen(content); 1065 memset(content_buf, 0, sizeof(content_buf)); 1066 memcpy(content_buf, (void *)content, str_size); 1067 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.spi = atoi(content_buf); 1068 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SPI; 1069 IPACMDBG_H("\n esp spi is %d \n", 1070 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.spi); 1071 } 1072 } 1073 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSource_TAG)) 1074 { 1075 /* go to child */ 1076 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 1077 } 1078 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSourcePort_TAG)) 1079 { 1080 content = IPACM_read_content_element(xml_node); 1081 if (content) 1082 { 1083 str_size = strlen(content); 1084 memset(content_buf, 0, sizeof(content_buf)); 1085 memcpy(content_buf, (void *)content,str_size); 1086 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port 1087 = atoi(content_buf); 1088 } 1089 } 1090 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSourceRange_TAG)) 1091 { 1092 content = IPACM_read_content_element(xml_node); 1093 if (content) 1094 { 1095 str_size = strlen(content); 1096 memset(content_buf, 0, sizeof(content_buf)); 1097 memcpy(content_buf, (void *)content, str_size); 1098 if(atoi(content_buf)!=0) 1099 { 1100 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE; 1101 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo 1102 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port; 1103 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi 1104 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf); 1105 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0; 1106 IPACMDBG_H("\n tcp_udp source port from %d to %d \n", 1107 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo, 1108 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi); 1109 } 1110 else 1111 { 1112 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT; 1113 IPACMDBG_H("\n tcp_udp source port= %d \n", 1114 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port); 1115 1116 } 1117 } 1118 } 1119 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestination_TAG)) 1120 { 1121 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config); 1122 } 1123 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestinationPort_TAG)) 1124 { 1125 content = IPACM_read_content_element(xml_node); 1126 if (content) 1127 { 1128 str_size = strlen(content); 1129 memset(content_buf, 0, sizeof(content_buf)); 1130 memcpy(content_buf, (void *)content, str_size); 1131 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port 1132 = atoi(content_buf); 1133 } 1134 } 1135 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestinationRange_TAG)) 1136 { 1137 content = IPACM_read_content_element(xml_node); 1138 if (content) 1139 { 1140 str_size = strlen(content); 1141 memset(content_buf, 0, sizeof(content_buf)); 1142 memcpy(content_buf, (void *)content, str_size); 1143 if(atoi(content_buf)!=0) 1144 { 1145 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE; 1146 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo 1147 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port; 1148 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi 1149 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf); 1150 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0; 1151 IPACMDBG_H("\n tcp_udp dest port from %d to %d \n", 1152 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo, 1153 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi); 1154 } 1155 else 1156 { 1157 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT; 1158 IPACMDBG_H("\n tcp_udp dest port= %d \n", 1159 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port); 1160 } 1161 } 1162 } 1163 } 1164 break; 1165 1166 default: 1167 break; 1168 } 1169 /* go to sibling */ 1170 xml_node = xml_node->next; 1171 } /* end while */ 1172 return ret_val; 1173 } 1174
