1 /*
2 Copyright (c) 2013, 2019, The Linux Foundation. All rights reserved.
3
4 Redistribution and use in source and binary forms, with or without
5 modification, are permitted provided that the following conditions are
6 met:
7 * Redistributions of source code must retain the above copyright
8 notice, this list of conditions and the following disclaimer.
9 * Redistributions in binary form must reproduce the above
10 copyright notice, this list of conditions and the following
11 disclaimer in the documentation and/or other materials provided
12 with the distribution.
13 * Neither the name of The Linux Foundation nor the names of its
14 contributors may be used to endorse or promote products derived
15 from this software without specific prior written permission.
16
17 THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
18 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
20 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
21 BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
24 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
25 WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
26 OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
27 IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29 /*!
30 @file
31 IPACM_Xml.cpp
32
33 @brief
34 This file implements the XML specific parsing functionality.
35
36 @Author
37 Skylar Chang/Shihuan Liu
38 */
39
40 #include <sys/socket.h>
41 #include <netinet/in.h>
42 #include <arpa/inet.h>
43
44 #include "IPACM_Xml.h"
45 #include "IPACM_Log.h"
46 #include "IPACM_Netlink.h"
47
48 static char* IPACM_read_content_element
49 (
50 xmlNode* element
51 );
52
53 static int32_t IPACM_util_icmp_string
54 (
55 const char* xml_str,
56 const char* str
57 );
58
59 static int ipacm_cfg_xml_parse_tree
60 (
61 xmlNode* xml_node,
62 IPACM_conf_t *config
63 );
64
65 static int IPACM_firewall_xml_parse_tree
66 (
67 xmlNode* xml_node,
68 IPACM_firewall_conf_t *config
69 );
70
71 /*Reads content (stored as child) of the element */
IPACM_read_content_element(xmlNode * element)72 static char* IPACM_read_content_element
73 (
74 xmlNode* element
75 )
76 {
77 xmlNode* child_ptr;
78 uint32_t str_len;
79
80 for (child_ptr = element->children;
81 child_ptr != NULL;
82 child_ptr = child_ptr->next)
83 {
84 if (child_ptr->type == XML_TEXT_NODE)
85 {
86 str_len = strlen((char*)child_ptr->content);
87
88 if(str_len < MAX_XML_STR_LEN)
89 return (char*)child_ptr->content;
90 else
91 {
92 IPACMERR("Invalid string size\n");
93 break;
94 }
95 }
96 }
97 return NULL;
98 }
99
100 /* insensitive comparison of a libxml's string (xml_str) and a regular string (str)*/
IPACM_util_icmp_string(const char * xml_str,const char * str)101 static int32_t IPACM_util_icmp_string
102 (
103 const char* xml_str,
104 const char* str
105 )
106 {
107 int32_t ret = -1;
108
109 if (NULL != xml_str && NULL != str)
110 {
111 uint32_t len1 = strlen(str);
112 uint32_t len2 = strlen(xml_str);
113 /* If the lengths match, do the string comparison */
114 if (len1 == len2)
115 {
116 ret = strncasecmp(xml_str, str, len1);
117 }
118 }
119
120 return ret;
121 }
122
123 /* This function read IPACM XML and populate the IPA CM Cfg */
ipacm_read_cfg_xml(char * xml_file,IPACM_conf_t * config)124 int ipacm_read_cfg_xml(char *xml_file, IPACM_conf_t *config)
125 {
126 xmlDocPtr doc = NULL;
127 xmlNode* root = NULL;
128 int ret_val = IPACM_SUCCESS;
129
130 /* Invoke the XML parser and obtain the parse tree */
131 doc = xmlReadFile(xml_file, "UTF-8", XML_PARSE_NOBLANKS);
132 if (doc == NULL) {
133 IPACMDBG_H("IPACM_xml_parse: libxml returned parse error!\n");
134 return IPACM_FAILURE;
135 }
136
137 /*Get the root of the tree*/
138 root = xmlDocGetRootElement(doc);
139
140 memset(config, 0, sizeof(IPACM_conf_t));
141
142 /* parse the xml tree returned by libxml */
143 ret_val = ipacm_cfg_xml_parse_tree(root, config);
144
145 if (ret_val != IPACM_SUCCESS)
146 {
147 IPACMDBG_H("IPACM_xml_parse: ipacm_cfg_xml_parse_tree returned parse error!\n");
148 }
149
150 /* Free up the libxml's parse tree */
151 xmlFreeDoc(doc);
152
153 return ret_val;
154 }
155
156 /* This function traverses the xml tree*/
ipacm_cfg_xml_parse_tree(xmlNode * xml_node,IPACM_conf_t * config)157 static int ipacm_cfg_xml_parse_tree
158 (
159 xmlNode* xml_node,
160 IPACM_conf_t *config
161 )
162 {
163 int32_t ret_val = IPACM_SUCCESS;
164 int str_size;
165 char* content;
166 char content_buf[MAX_XML_STR_LEN];
167
168 if (NULL == xml_node)
169 return ret_val;
170 while ( xml_node != NULL &&
171 ret_val == IPACM_SUCCESS)
172 {
173 switch (xml_node->type)
174 {
175 case XML_ELEMENT_NODE:
176 {
177 if (IPACM_util_icmp_string((char*)xml_node->name, system_TAG) == 0 ||
178 IPACM_util_icmp_string((char*)xml_node->name, ODU_TAG) == 0 ||
179 IPACM_util_icmp_string((char*)xml_node->name, IPACMCFG_TAG) == 0 ||
180 IPACM_util_icmp_string((char*)xml_node->name, IPACMIFACECFG_TAG) == 0 ||
181 IPACM_util_icmp_string((char*)xml_node->name, IFACE_TAG) == 0 ||
182 IPACM_util_icmp_string((char*)xml_node->name, IPACMPRIVATESUBNETCFG_TAG) == 0 ||
183 IPACM_util_icmp_string((char*)xml_node->name, SUBNET_TAG) == 0 ||
184 IPACM_util_icmp_string((char*)xml_node->name, IPACMALG_TAG) == 0 ||
185 IPACM_util_icmp_string((char*)xml_node->name, ALG_TAG) == 0 ||
186 IPACM_util_icmp_string((char*)xml_node->name, IPACMNat_TAG) == 0 ||
187 IPACM_util_icmp_string((char*)xml_node->name, IP_PassthroughFlag_TAG) == 0)
188 {
189 if (0 == IPACM_util_icmp_string((char*)xml_node->name, IFACE_TAG))
190 {
191 /* increase iface entry number */
192 config->iface_config.num_iface_entries++;
193 }
194
195 if (0 == IPACM_util_icmp_string((char*)xml_node->name, SUBNET_TAG))
196 {
197 /* increase iface entry number */
198 config->private_subnet_config.num_subnet_entries++;
199 }
200
201 if (0 == IPACM_util_icmp_string((char*)xml_node->name, ALG_TAG))
202 {
203 /* increase iface entry number */
204 config->alg_config.num_alg_entries++;
205 }
206 /* go to child */
207 ret_val = ipacm_cfg_xml_parse_tree(xml_node->children, config);
208 }
209 else if (IPACM_util_icmp_string((char*)xml_node->name, IP_PassthroughMode_TAG) == 0)
210 {
211 IPACMDBG_H("inside IP Passthrough\n");
212 content = IPACM_read_content_element(xml_node);
213 if (content)
214 {
215 str_size = strlen(content);
216 memset(content_buf, 0, sizeof(content_buf));
217 memcpy(content_buf, (void *)content, str_size);
218 if (atoi(content_buf))
219 {
220 config->ip_passthrough_mode = true;
221 IPACMDBG_H("Passthrough enable %d buf(%d)\n", config->ip_passthrough_mode, atoi(content_buf));
222 }
223 else
224 {
225 config->ip_passthrough_mode = false;
226 IPACMDBG_H("Passthrough enable %d buf(%d)\n", config->ip_passthrough_mode, atoi(content_buf));
227 }
228 }
229 }
230 else if (IPACM_util_icmp_string((char*)xml_node->name, ODUMODE_TAG) == 0)
231 {
232 IPACMDBG_H("inside ODU-XML\n");
233 content = IPACM_read_content_element(xml_node);
234 if (content)
235 {
236 str_size = strlen(content);
237 memset(content_buf, 0, sizeof(content_buf));
238 memcpy(content_buf, (void *)content, str_size);
239 if (0 == strncasecmp(content_buf, ODU_ROUTER_TAG, str_size))
240 {
241 config->router_mode_enable = true;
242 IPACMDBG_H("router-mode enable %d\n", config->router_mode_enable);
243 }
244 else if (0 == strncasecmp(content_buf, ODU_BRIDGE_TAG, str_size))
245 {
246 config->router_mode_enable = false;
247 IPACMDBG_H("router-mode enable %d\n", config->router_mode_enable);
248 }
249 }
250 }
251 else if (IPACM_util_icmp_string((char*)xml_node->name, ODUEMBMS_OFFLOAD_TAG) == 0)
252 {
253 IPACMDBG_H("inside ODU-XML\n");
254 content = IPACM_read_content_element(xml_node);
255 if (content)
256 {
257 str_size = strlen(content);
258 memset(content_buf, 0, sizeof(content_buf));
259 memcpy(content_buf, (void *)content, str_size);
260 if (atoi(content_buf))
261 {
262 config->odu_embms_enable = true;
263 IPACMDBG_H("router-mode enable %d buf(%d)\n", config->odu_embms_enable, atoi(content_buf));
264 }
265 else
266 {
267 config->odu_embms_enable = false;
268 IPACMDBG_H("router-mode enable %d buf(%d)\n", config->odu_embms_enable, atoi(content_buf));
269 }
270 }
271 }
272 else if (IPACM_util_icmp_string((char*)xml_node->name, NAME_TAG) == 0)
273 {
274 content = IPACM_read_content_element(xml_node);
275 if (content)
276 {
277 str_size = strlen(content);
278 memset(content_buf, 0, sizeof(content_buf));
279 strlcpy(content_buf, content, MAX_XML_STR_LEN);
280 strlcpy(config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name, content_buf, IPA_IFACE_NAME_LEN);
281 IPACMDBG_H("Name %s\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name);
282 }
283 }
284 else if (IPACM_util_icmp_string((char*)xml_node->name, CATEGORY_TAG) == 0)
285 {
286 content = IPACM_read_content_element(xml_node);
287 if (content)
288 {
289 str_size = strlen(content);
290 memset(content_buf, 0, sizeof(content_buf));
291 memcpy(content_buf, (void *)content, str_size);
292 if (0 == strncasecmp(content_buf, WANIF_TAG, str_size))
293 {
294 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = WAN_IF;
295 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
296 }
297 else if (0 == strncasecmp(content_buf, LANIF_TAG, str_size))
298 {
299 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = LAN_IF;
300 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
301 }
302 else if (0 == strncasecmp(content_buf, WLANIF_TAG, str_size))
303 {
304 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = WLAN_IF;
305 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
306 }
307 else if (0 == strncasecmp(content_buf, VIRTUALIF_TAG, str_size))
308 {
309 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = VIRTUAL_IF;
310 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
311 }
312 else if (0 == strncasecmp(content_buf, UNKNOWNIF_TAG, str_size))
313 {
314 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = UNKNOWN_IF;
315 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
316 }
317 else if (0 == strncasecmp(content_buf, ETHIF_TAG, str_size))
318 {
319 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = ETH_IF;
320 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
321 }
322 else if (0 == strncasecmp(content_buf, ODUIF_TAG, str_size))
323 {
324 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = ODU_IF;
325 IPACMDBG("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
326 }
327 }
328 }
329 else if (IPACM_util_icmp_string((char*)xml_node->name, MODE_TAG) == 0)
330 {
331 content = IPACM_read_content_element(xml_node);
332 if (content)
333 {
334 str_size = strlen(content);
335 memset(content_buf, 0, sizeof(content_buf));
336 memcpy(content_buf, (void *)content, str_size);
337 if (0 == strncasecmp(content_buf, IFACE_ROUTER_MODE_TAG, str_size))
338 {
339 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode = ROUTER;
340 IPACMDBG_H("Iface mode %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode);
341 }
342 else if (0 == strncasecmp(content_buf, IFACE_BRIDGE_MODE_TAG, str_size))
343 {
344 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode = BRIDGE;
345 IPACMDBG_H("Iface mode %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode);
346 }
347 }
348 }
349 else if (IPACM_util_icmp_string((char*)xml_node->name, WLAN_MODE_TAG) == 0)
350 {
351 IPACMDBG_H("Inside WLAN-XML\n");
352 content = IPACM_read_content_element(xml_node);
353 if (content)
354 {
355 str_size = strlen(content);
356 memset(content_buf, 0, sizeof(content_buf));
357 memcpy(content_buf, (void *)content, str_size);
358
359 if (0 == strncasecmp(content_buf, WLAN_FULL_MODE_TAG, str_size))
360 {
361 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode = FULL;
362 IPACMDBG_H("Wlan-mode full(%d)\n",
363 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode);
364 }
365 else if (0 == strncasecmp(content_buf, WLAN_INTERNET_MODE_TAG, str_size))
366 {
367 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode = INTERNET;
368 config->num_wlan_guest_ap++;
369 IPACMDBG_H("Wlan-mode internet(%d)\n",
370 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode);
371 }
372 }
373 }
374 else if (IPACM_util_icmp_string((char*)xml_node->name, SUBNETADDRESS_TAG) == 0)
375 {
376 content = IPACM_read_content_element(xml_node);
377 if (content)
378 {
379 str_size = strlen(content);
380 memset(content_buf, 0, sizeof(content_buf));
381 memcpy(content_buf, (void *)content, str_size);
382 content_buf[MAX_XML_STR_LEN-1] = '\0';
383 config->private_subnet_config.private_subnet_entries[config->private_subnet_config.num_subnet_entries - 1].subnet_addr
384 = ntohl(inet_addr(content_buf));
385 IPACMDBG_H("subnet_addr: %s \n", content_buf);
386 }
387 }
388 else if (IPACM_util_icmp_string((char*)xml_node->name, SUBNETMASK_TAG) == 0)
389 {
390 content = IPACM_read_content_element(xml_node);
391 if (content)
392 {
393 str_size = strlen(content);
394 memset(content_buf, 0, sizeof(content_buf));
395 memcpy(content_buf, (void *)content, str_size);
396 content_buf[MAX_XML_STR_LEN-1] = '\0';
397 config->private_subnet_config.private_subnet_entries[config->private_subnet_config.num_subnet_entries - 1].subnet_mask
398 = ntohl(inet_addr(content_buf));
399 IPACMDBG_H("subnet_mask: %s \n", content_buf);
400 }
401 }
402 else if (IPACM_util_icmp_string((char*)xml_node->name, Protocol_TAG) == 0)
403 {
404 content = IPACM_read_content_element(xml_node);
405 if (content)
406 {
407 str_size = strlen(content);
408 memset(content_buf, 0, sizeof(content_buf));
409 memcpy(content_buf, (void *)content, str_size);
410 content_buf[MAX_XML_STR_LEN-1] = '\0';
411
412 if (0 == strncasecmp(content_buf, TCP_PROTOCOL_TAG, str_size))
413 {
414 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol = IPPROTO_TCP;
415 IPACMDBG_H("Protocol %s: %d\n",
416 content_buf, config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol);
417 }
418 else if (0 == strncasecmp(content_buf, UDP_PROTOCOL_TAG, str_size))
419 {
420 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol = IPPROTO_UDP;
421 IPACMDBG_H("Protocol %s: %d\n",
422 content_buf, config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol);
423 }
424 }
425 }
426 else if (IPACM_util_icmp_string((char*)xml_node->name, Port_TAG) == 0)
427 {
428 content = IPACM_read_content_element(xml_node);
429 if (content)
430 {
431 str_size = strlen(content);
432 memset(content_buf, 0, sizeof(content_buf));
433 memcpy(content_buf, (void *)content, str_size);
434 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].port
435 = atoi(content_buf);
436 IPACMDBG_H("port %d\n", config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].port);
437 }
438 }
439 else if (IPACM_util_icmp_string((char*)xml_node->name, NAT_MaxEntries_TAG) == 0)
440 {
441 content = IPACM_read_content_element(xml_node);
442 if (content)
443 {
444 str_size = strlen(content);
445 memset(content_buf, 0, sizeof(content_buf));
446 memcpy(content_buf, (void *)content, str_size);
447 config->nat_max_entries = atoi(content_buf);
448 IPACMDBG_H("Nat Table Max Entries %d\n", config->nat_max_entries);
449 }
450 }
451 }
452 break;
453 default:
454 break;
455 }
456 /* go to sibling */
457 xml_node = xml_node->next;
458 } /* end while */
459 return ret_val;
460 }
461
462 /* This function read QCMAP CM Firewall XML and populate the QCMAP CM Cfg */
IPACM_read_firewall_xml(char * xml_file,IPACM_firewall_conf_t * config)463 int IPACM_read_firewall_xml(char *xml_file, IPACM_firewall_conf_t *config)
464 {
465 xmlDocPtr doc = NULL;
466 xmlNode* root = NULL;
467 int ret_val;
468
469 IPACM_ASSERT(xml_file != NULL);
470 IPACM_ASSERT(config != NULL);
471
472 /* invoke the XML parser and obtain the parse tree */
473 doc = xmlReadFile(xml_file, "UTF-8", XML_PARSE_NOBLANKS);
474 if (doc == NULL) {
475 IPACMDBG_H("IPACM_xml_parse: libxml returned parse error\n");
476 return IPACM_FAILURE;
477 }
478 /*get the root of the tree*/
479 root = xmlDocGetRootElement(doc);
480
481 /* parse the xml tree returned by libxml*/
482 ret_val = IPACM_firewall_xml_parse_tree(root, config);
483
484 if (ret_val != IPACM_SUCCESS)
485 {
486 IPACMDBG_H("IPACM_xml_parse: ipacm_firewall_xml_parse_tree returned parse error!\n");
487 }
488
489 /* free the tree */
490 xmlFreeDoc(doc);
491
492 return ret_val;
493 }
494
495
496 /* This function traverses the firewall xml tree */
IPACM_firewall_xml_parse_tree(xmlNode * xml_node,IPACM_firewall_conf_t * config)497 static int IPACM_firewall_xml_parse_tree
498 (
499 xmlNode* xml_node,
500 IPACM_firewall_conf_t *config
501 )
502 {
503 int mask_value_v6, mask_index;
504 int32_t ret_val = IPACM_SUCCESS;
505 char *content;
506 int str_size;
507 char content_buf[MAX_XML_STR_LEN];
508 struct in6_addr ip6_addr;
509
510 IPACM_ASSERT(config != NULL);
511
512 if (NULL == xml_node)
513 return ret_val;
514
515 while ( xml_node != NULL &&
516 ret_val == IPACM_SUCCESS)
517 {
518 switch (xml_node->type)
519 {
520
521 case XML_ELEMENT_NODE:
522 {
523 if (0 == IPACM_util_icmp_string((char*)xml_node->name, system_TAG) ||
524 0 == IPACM_util_icmp_string((char*)xml_node->name, MobileAPFirewallCfg_TAG) ||
525 0 == IPACM_util_icmp_string((char*)xml_node->name, Firewall_TAG) ||
526 0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallEnabled_TAG) ||
527 0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallPktsAllowed_TAG))
528 {
529 if (0 == IPACM_util_icmp_string((char*)xml_node->name, Firewall_TAG))
530 {
531 /* increase firewall entry num */
532 config->num_extd_firewall_entries++;
533 }
534
535 if (0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallPktsAllowed_TAG))
536 {
537 /* setup action of matched rules */
538 content = IPACM_read_content_element(xml_node);
539 if (content)
540 {
541 str_size = strlen(content);
542 memset(content_buf, 0, sizeof(content_buf));
543 memcpy(content_buf, (void *)content, str_size);
544 if (atoi(content_buf)==1)
545 {
546 config->rule_action_accept = true;
547 }
548 else
549 {
550 config->rule_action_accept = false;
551 }
552 IPACMDBG_H(" Allow traffic which matches rules ?:%d\n",config->rule_action_accept);
553 }
554 }
555
556 if (0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallEnabled_TAG))
557 {
558 /* setup if firewall enable or not */
559 content = IPACM_read_content_element(xml_node);
560 if (content)
561 {
562 str_size = strlen(content);
563 memset(content_buf, 0, sizeof(content_buf));
564 memcpy(content_buf, (void *)content, str_size);
565 if (atoi(content_buf)==1)
566 {
567 config->firewall_enable = true;
568 }
569 else
570 {
571 config->firewall_enable = false;
572 }
573 IPACMDBG_H(" Firewall Enable?:%d\n", config->firewall_enable);
574 }
575 }
576 /* go to child */
577 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
578 }
579 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPFamily_TAG))
580 {
581 content = IPACM_read_content_element(xml_node);
582 if (content)
583 {
584 str_size = strlen(content);
585 memset(content_buf, 0, sizeof(content_buf));
586 memcpy(content_buf, (void *)content, str_size);
587 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].ip_vsn
588 = (firewall_ip_version_enum)atoi(content_buf);
589 IPACMDBG_H("\n IP family type is %d \n",
590 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].ip_vsn);
591 }
592 }
593 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceAddress_TAG))
594 {
595 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_ADDR;
596 /* go to child */
597 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
598 }
599 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceIPAddress_TAG))
600 {
601 content = IPACM_read_content_element(xml_node);
602 if (content)
603 {
604 str_size = strlen(content);
605 memset(content_buf, 0, sizeof(content_buf));
606 memcpy(content_buf, (void *)content, str_size);
607 content_buf[MAX_XML_STR_LEN-1] = '\0';
608 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.src_addr
609 = ntohl(inet_addr(content_buf));
610 IPACMDBG_H("IPv4 source address is: %s \n", content_buf);
611 }
612 }
613 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceSubnetMask_TAG))
614 {
615 content = IPACM_read_content_element(xml_node);
616 if (content)
617 {
618 str_size = strlen(content);
619 memset(content_buf, 0, sizeof(content_buf));
620 memcpy(content_buf, (void *)content, str_size);
621 content_buf[MAX_XML_STR_LEN-1] = '\0';
622 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.src_addr_mask
623 = ntohl(inet_addr(content_buf));
624 IPACMDBG_H("IPv4 source subnet mask is: %s \n", content_buf);
625 }
626 }
627 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationAddress_TAG))
628 {
629 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_ADDR;
630 /* go to child */
631 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
632 }
633 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationIPAddress_TAG))
634 {
635 content = IPACM_read_content_element(xml_node);
636 if (content)
637 {
638 str_size = strlen(content);
639 memset(content_buf, 0, sizeof(content_buf));
640 memcpy(content_buf, (void *)content, str_size);
641 content_buf[MAX_XML_STR_LEN-1] = '\0';
642 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr
643 = ntohl(inet_addr(content_buf));
644 IPACMDBG_H("IPv4 destination address is: %s \n", content_buf);
645 }
646 }
647 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationSubnetMask_TAG))
648 {
649 content = IPACM_read_content_element(xml_node);
650 if (content)
651 {
652 str_size = strlen(content);
653 memset(content_buf, 0, sizeof(content_buf));
654 memcpy(content_buf, (void *)content, str_size);
655 content_buf[MAX_XML_STR_LEN-1] = '\0';
656 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr_mask
657 = ntohl(inet_addr(content_buf));
658 IPACMDBG_H("IPv4 destination subnet mask is: %s \n", content_buf);
659 }
660 }
661 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4TypeOfService_TAG))
662 {
663 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TOS;
664 /* go to child */
665 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
666 }
667 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TOSValue_TAG))
668 {
669 content = IPACM_read_content_element(xml_node);
670 if (content)
671 {
672 str_size = strlen(content);
673 memset(content_buf, 0, sizeof(content_buf));
674 memcpy(content_buf, (void *)content, str_size);
675 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos
676 = atoi(content_buf);
677 // Here we do not know if it is TOS with mask or not, so we put at both places
678 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.tos_value
679 = atoi(content_buf);
680 IPACMDBG_H("\n IPV4 TOS val is %d \n",
681 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos);
682 }
683 }
684 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TOSMask_TAG))
685 {
686 content = IPACM_read_content_element(xml_node);
687 if (content)
688 {
689 uint8_t mask;
690
691 str_size = strlen(content);
692 memset(content_buf, 0, sizeof(content_buf));
693 memcpy(content_buf, (void *)content, str_size);
694 mask = atoi(content_buf);
695 IPACMDBG_H("\n IPv4 TOS mask is %u \n", mask);
696 if (mask != 0xFF) {
697 // TOS attribute cannot be used
698 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos = 0;
699 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.tos_mask = mask;
700
701 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |=
702 IPA_FLT_TOS_MASKED;
703 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask &=
704 ~IPA_FLT_TOS;
705 } else {
706 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.tos_value = 0;
707 }
708 }
709 }
710 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4NextHeaderProtocol_TAG))
711 {
712 content = IPACM_read_content_element(xml_node);
713 if (content)
714 {
715 str_size = strlen(content);
716 memset(content_buf, 0, sizeof(content_buf));
717 memcpy(content_buf, (void *)content, str_size);
718 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_PROTOCOL;
719 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.protocol = atoi(content_buf);
720 IPACMDBG_H("\n IPv4 next header prot is %d \n",
721 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.protocol);
722 }
723 }
724 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourceAddress_TAG))
725 {
726 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |=
727 IPA_FLT_SRC_ADDR;
728 /* go to child */
729 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
730 }
731 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourceIPAddress_TAG))
732 {
733 content = IPACM_read_content_element(xml_node);
734 if (content)
735 {
736 str_size = strlen(content);
737 memset(content_buf, 0, sizeof(content_buf));
738 memcpy(content_buf, (void *)content, str_size);
739 inet_pton(AF_INET6, content_buf, &ip6_addr);
740 memcpy(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr,
741 ip6_addr.s6_addr, IPACM_IPV6_ADDR_LEN * sizeof(uint8_t));
742 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]);
743 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[1]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[1]);
744 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[2]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[2]);
745 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[3]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[3]);
746
747 IPACMDBG_H("\n ipv6 source addr is %d \n ",
748 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]);
749 }
750 }
751 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourcePrefix_TAG))
752 {
753 content = IPACM_read_content_element(xml_node);
754 if (content)
755 {
756 str_size = strlen(content);
757 memset(content_buf, 0, sizeof(content_buf));
758 memcpy(content_buf, (void *)content, str_size);
759 mask_value_v6 = atoi(content_buf);
760 for (mask_index = 0; mask_index < 4; mask_index++)
761 {
762 if (mask_value_v6 >= 32)
763 {
764 mask_v6(32, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr_mask[mask_index]));
765 mask_value_v6 -= 32;
766 }
767 else
768 {
769 mask_v6(mask_value_v6, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr_mask[mask_index]));
770 mask_value_v6 = 0;
771 }
772 }
773 IPACMDBG_H("\n ipv6 source prefix is %d \n", atoi(content_buf));
774 }
775 }
776 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationAddress_TAG))
777 {
778 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |=
779 IPA_FLT_DST_ADDR;
780 /* go to child */
781 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
782 }
783 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationIPAddress_TAG))
784 {
785 content = IPACM_read_content_element(xml_node);
786 if (content)
787 {
788 str_size = strlen(content);
789 memset(content_buf, 0, sizeof(content_buf));
790 memcpy(content_buf, (void *)content, str_size);
791 inet_pton(AF_INET6, content_buf, &ip6_addr);
792 memcpy(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr,
793 ip6_addr.s6_addr, IPACM_IPV6_ADDR_LEN * sizeof(uint8_t));
794 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]);
795 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[1]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[1]);
796 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[2]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[2]);
797 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[3]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[3]);
798 IPACMDBG_H("\n ipv6 dest addr is %d \n",
799 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]);
800 }
801 }
802 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationPrefix_TAG))
803 {
804 content = IPACM_read_content_element(xml_node);
805 if (content)
806 {
807 str_size = strlen(content);
808 memset(content_buf, 0, sizeof(content_buf));
809 memcpy(content_buf, (void *)content, str_size);
810 mask_value_v6 = atoi(content_buf);
811 for (mask_index = 0; mask_index < 4; mask_index++)
812 {
813 if (mask_value_v6 >= 32)
814 {
815 mask_v6(32, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr_mask[mask_index]));
816 mask_value_v6 -= 32;
817 }
818 else
819 {
820 mask_v6(mask_value_v6, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr_mask[mask_index]));
821 mask_value_v6 = 0;
822 }
823 }
824 IPACMDBG_H("\n ipv6 dest prefix is %d \n", atoi(content_buf));
825 }
826 }
827 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6TrafficClass_TAG))
828 {
829 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TC;
830 /* go to child */
831 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
832 }
833 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TrfClsValue_TAG))
834 {
835 content = IPACM_read_content_element(xml_node);
836 if (content)
837 {
838 str_size = strlen(content);
839 memset(content_buf, 0, sizeof(content_buf));
840 memcpy(content_buf, (void *)content, str_size);
841 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc
842 = atoi(content_buf);
843 IPACMDBG_H("\n ipv6 trf class val is %d \n",
844 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc);
845 }
846 }
847 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TrfClsMask_TAG))
848 {
849 content = IPACM_read_content_element(xml_node);
850 if (content)
851 {
852 str_size = strlen(content);
853 memset(content_buf, 0, sizeof(content_buf));
854 memcpy(content_buf, (void *)content, str_size);
855 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc
856 &= atoi(content_buf);
857 IPACMDBG_H("\n ipv6 trf class mask is %d \n", atoi(content_buf));
858 }
859 }
860 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6NextHeaderProtocol_TAG))
861 {
862 content = IPACM_read_content_element(xml_node);
863 if (content)
864 {
865 str_size = strlen(content);
866 memset(content_buf, 0, sizeof(content_buf));
867 memcpy(content_buf, (void *)content, str_size);
868 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_NEXT_HDR;
869 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.next_hdr
870 = atoi(content_buf);
871 IPACMDBG_H("\n ipv6 next header protocol is %d \n",
872 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.next_hdr);
873 }
874 }
875 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSource_TAG))
876 {
877 /* go to child */
878 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
879 }
880 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSourcePort_TAG))
881 {
882 content = IPACM_read_content_element(xml_node);
883 if (content)
884 {
885 str_size = strlen(content);
886 memset(content_buf, 0, sizeof(content_buf));
887 memcpy(content_buf, (void *)content, str_size);
888 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port
889 = atoi(content_buf);
890 }
891 }
892 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSourceRange_TAG))
893 {
894 content = IPACM_read_content_element(xml_node);
895 if (content)
896 {
897 str_size = strlen(content);
898 memset(content_buf, 0, sizeof(content_buf));
899 memcpy(content_buf, (void *)content, str_size);
900 if (atoi(content_buf) != 0)
901 {
902 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE;
903 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo
904 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port;
905 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi
906 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf);
907 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0;
908 IPACMDBG_H("\n tcp source port from %d to %d \n",
909 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo,
910 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi);
911 }
912 else
913 {
914 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT;
915 IPACMDBG_H("\n tcp source port= %d \n",
916 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port);
917 }
918 }
919 }
920 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestination_TAG))
921 {
922 /* go to child */
923 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
924 }
925 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestinationPort_TAG))
926 {
927 content = IPACM_read_content_element(xml_node);
928 if (content)
929 {
930 str_size = strlen(content);
931 memset(content_buf, 0, sizeof(content_buf));
932 memcpy(content_buf, (void *)content, str_size);
933 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port
934 = atoi(content_buf);
935 }
936 }
937 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestinationRange_TAG))
938 {
939 content = IPACM_read_content_element(xml_node);
940 if (content)
941 {
942 str_size = strlen(content);
943 memset(content_buf, 0, sizeof(content_buf));
944 memcpy(content_buf, (void *)content, str_size);
945 if(atoi(content_buf)!=0)
946 {
947 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE;
948 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo
949 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port;
950 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi
951 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf);
952 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0;
953 IPACMDBG_H("\n tcp dest port from %d to %d \n",
954 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo,
955 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi);
956 }
957 else
958 {
959 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT;
960 IPACMDBG_H("\n tcp dest port= %d \n",
961 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port);
962 }
963 }
964 }
965 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSource_TAG))
966 {
967 /* go to child */
968 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
969 }
970 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSourcePort_TAG))
971 {
972 content = IPACM_read_content_element(xml_node);
973 if (content)
974 {
975 str_size = strlen(content);
976 memset(content_buf, 0, sizeof(content_buf));
977 memcpy(content_buf, (void *)content, str_size);
978 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port
979 = atoi(content_buf);
980 }
981 }
982 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSourceRange_TAG))
983 {
984 content = IPACM_read_content_element(xml_node);
985 if (content)
986 {
987 str_size = strlen(content);
988 memset(content_buf, 0, sizeof(content_buf));
989 memcpy(content_buf, (void *)content, str_size);
990 if(atoi(content_buf)!=0)
991 {
992 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE;
993 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo
994 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port;
995 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi
996 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf);
997 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0;
998 IPACMDBG_H("\n udp source port from %d to %d \n",
999 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo,
1000 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi);
1001 }
1002 else
1003 {
1004 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT;
1005 IPACMDBG_H("\n udp source port= %d \n",
1006 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port);
1007 }
1008 }
1009 }
1010 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestination_TAG))
1011 {
1012 /* go to child */
1013 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
1014 }
1015 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestinationPort_TAG))
1016 {
1017 content = IPACM_read_content_element(xml_node);
1018 if (content)
1019 {
1020 str_size = strlen(content);
1021 memset(content_buf, 0, sizeof(content_buf));
1022 memcpy(content_buf, (void *)content, str_size);
1023 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port
1024 = atoi(content_buf);
1025 }
1026 }
1027 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestinationRange_TAG))
1028 {
1029 content = IPACM_read_content_element(xml_node);
1030 if (content)
1031 {
1032 str_size = strlen(content);
1033 memset(content_buf, 0, sizeof(content_buf));
1034 memcpy(content_buf, (void *)content, str_size);
1035 if(atoi(content_buf)!=0)
1036 {
1037 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE;
1038 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo
1039 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port;
1040 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi
1041 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf);
1042 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0;
1043 IPACMDBG_H("\n UDP dest port from %d to %d \n",
1044 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo,
1045 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi);
1046 }
1047 else
1048 {
1049 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT;
1050 IPACMDBG_H("\n UDP dest port= %d \n",
1051 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port);
1052 }
1053 }
1054 }
1055 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ICMPType_TAG))
1056 {
1057 content = IPACM_read_content_element(xml_node);
1058 if (content)
1059 {
1060 str_size = strlen(content);
1061 memset(content_buf, 0, sizeof(content_buf));
1062 memcpy(content_buf, (void *)content, str_size);
1063 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.type = atoi(content_buf);
1064 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TYPE;
1065 IPACMDBG_H("\n icmp type is %d \n",
1066 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.type);
1067 }
1068 }
1069 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ICMPCode_TAG))
1070 {
1071 content = IPACM_read_content_element(xml_node);
1072 if (content)
1073 {
1074 str_size = strlen(content);
1075 memset(content_buf, 0, sizeof(content_buf));
1076 memcpy(content_buf, (void *)content, str_size);
1077 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.code = atoi(content_buf);
1078 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_CODE;
1079 IPACMDBG_H("\n icmp code is %d \n",
1080 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.code);
1081 }
1082 }
1083 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ESPSPI_TAG))
1084 {
1085 content = IPACM_read_content_element(xml_node);
1086 if (content)
1087 {
1088 str_size = strlen(content);
1089 memset(content_buf, 0, sizeof(content_buf));
1090 memcpy(content_buf, (void *)content, str_size);
1091 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.spi = atoi(content_buf);
1092 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SPI;
1093 IPACMDBG_H("\n esp spi is %d \n",
1094 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.spi);
1095 }
1096 }
1097 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSource_TAG))
1098 {
1099 /* go to child */
1100 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
1101 }
1102 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSourcePort_TAG))
1103 {
1104 content = IPACM_read_content_element(xml_node);
1105 if (content)
1106 {
1107 str_size = strlen(content);
1108 memset(content_buf, 0, sizeof(content_buf));
1109 memcpy(content_buf, (void *)content,str_size);
1110 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port
1111 = atoi(content_buf);
1112 }
1113 }
1114 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSourceRange_TAG))
1115 {
1116 content = IPACM_read_content_element(xml_node);
1117 if (content)
1118 {
1119 str_size = strlen(content);
1120 memset(content_buf, 0, sizeof(content_buf));
1121 memcpy(content_buf, (void *)content, str_size);
1122 if(atoi(content_buf)!=0)
1123 {
1124 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE;
1125 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo
1126 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port;
1127 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi
1128 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf);
1129 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0;
1130 IPACMDBG_H("\n tcp_udp source port from %d to %d \n",
1131 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo,
1132 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi);
1133 }
1134 else
1135 {
1136 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT;
1137 IPACMDBG_H("\n tcp_udp source port= %d \n",
1138 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port);
1139
1140 }
1141 }
1142 }
1143 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestination_TAG))
1144 {
1145 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
1146 }
1147 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestinationPort_TAG))
1148 {
1149 content = IPACM_read_content_element(xml_node);
1150 if (content)
1151 {
1152 str_size = strlen(content);
1153 memset(content_buf, 0, sizeof(content_buf));
1154 memcpy(content_buf, (void *)content, str_size);
1155 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port
1156 = atoi(content_buf);
1157 }
1158 }
1159 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestinationRange_TAG))
1160 {
1161 content = IPACM_read_content_element(xml_node);
1162 if (content)
1163 {
1164 str_size = strlen(content);
1165 memset(content_buf, 0, sizeof(content_buf));
1166 memcpy(content_buf, (void *)content, str_size);
1167 if(atoi(content_buf)!=0)
1168 {
1169 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE;
1170 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo
1171 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port;
1172 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi
1173 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf);
1174 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0;
1175 IPACMDBG_H("\n tcp_udp dest port from %d to %d \n",
1176 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo,
1177 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi);
1178 }
1179 else
1180 {
1181 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT;
1182 IPACMDBG_H("\n tcp_udp dest port= %d \n",
1183 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port);
1184 }
1185 }
1186 }
1187 }
1188 break;
1189
1190 default:
1191 break;
1192 }
1193 /* go to sibling */
1194 xml_node = xml_node->next;
1195 } /* end while */
1196 return ret_val;
1197 }
1198