diff options
Diffstat (limited to 'src/starter')
| -rw-r--r-- | src/starter/cmp.c | 4 | ||||
| -rw-r--r-- | src/starter/confread.c | 37 | ||||
| -rw-r--r-- | src/starter/confread.h | 3 | ||||
| -rw-r--r-- | src/starter/starterstroke.c | 3 |
4 files changed, 37 insertions, 10 deletions
diff --git a/src/starter/cmp.c b/src/starter/cmp.c index aaba7b11d..cea864a4a 100644 --- a/src/starter/cmp.c +++ b/src/starter/cmp.c @@ -27,7 +27,8 @@ static bool starter_cmp_end(starter_end_t *c1, starter_end_t *c2) return FALSE; VARCMP(modecfg); - VARCMP(port); + VARCMP(from_port); + VARCMP(to_port); VARCMP(protocol); return cmp_args(KW_END_FIRST, KW_END_LAST, (char *)c1, (char *)c2); @@ -63,4 +64,3 @@ bool starter_cmp_ca(starter_ca_t *c1, starter_ca_t *c2) return cmp_args(KW_CA_NAME, KW_CA_LAST, (char *)c1, (char *)c2); } - diff --git a/src/starter/confread.c b/src/starter/confread.c index fecb998df..883534aad 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -142,6 +142,9 @@ static void default_values(starter_config_t *cfg) cfg->conn_default.left.ikeport = 500; cfg->conn_default.right.ikeport = 500; + cfg->conn_default.left.to_port = 0xffff; + cfg->conn_default.right.to_port = 0xffff; + cfg->ca_default.seen = SEEN_NONE; } @@ -292,24 +295,46 @@ static void kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token, } if (streq(port, "%any")) { - end->port = 0; + end->from_port = 0; + end->to_port = 0xffff; } - else + else if (streq(port, "%opaque")) + { + end->from_port = 0xffff; + end->to_port = 0; + } + else if (*port) { svc = getservbyname(port, NULL); if (svc) { - end->port = ntohs(svc->s_port); + end->from_port = end->to_port = ntohs(svc->s_port); } else { p = strtol(port, &endptr, 0); - if ((*port && *endptr) || p < 0 || p > 0xffff) + if (p < 0 || p > 0xffff) + { + DBG1(DBG_APP, "# bad port: %s=%s", name, port); + goto err; + } + end->from_port = p; + if (*endptr == '-') + { + port = endptr + 1; + p = strtol(port, &endptr, 0); + if (p < 0 || p > 0xffff) + { + DBG1(DBG_APP, "# bad port: %s=%s", name, port); + goto err; + } + } + end->to_port = p; + if (*endptr) { - DBG1(DBG_APP, "# bad port: %s=%s", name, value); + DBG1(DBG_APP, "# bad port: %s=%s", name, port); goto err; } - end->port = (u_int16_t)p; } } if (sep) diff --git a/src/starter/confread.h b/src/starter/confread.h index 8dd56080d..0690bed4e 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -115,7 +115,8 @@ struct starter_end { bool hostaccess; bool allow_any; char *updown; - u_int16_t port; + u_int16_t from_port; + u_int16_t to_port; u_int8_t protocol; char *sourceip; char *dns; diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 9d096453a..cc447c41f 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -146,7 +146,8 @@ static void starter_stroke_add_end(stroke_msg_t *msg, stroke_end_t *msg_end, sta msg_end->tohost = !conn_end->subnet; msg_end->allow_any = conn_end->allow_any; msg_end->protocol = conn_end->protocol; - msg_end->port = conn_end->port; + msg_end->from_port = conn_end->from_port; + msg_end->to_port = conn_end->to_port; } int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn) |