From 76917807eb50ccde58901e8bec7ed3d408d1cc22 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 13 Jan 2015 13:44:30 +0100 Subject: shared: add minimal firewall manipulation helpers for establishing NAT rules, using libiptc --- src/shared/in-addr-util.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'src/shared/in-addr-util.c') diff --git a/src/shared/in-addr-util.c b/src/shared/in-addr-util.c index 9dc9ec82b4..b02e7516ca 100644 --- a/src/shared/in-addr-util.c +++ b/src/shared/in-addr-util.c @@ -243,12 +243,25 @@ int in_addr_from_string_auto(const char *s, int *family, union in_addr_union *re return -EINVAL; } -unsigned in_addr_netmask_to_prefixlen(const struct in_addr *addr) { +unsigned char in_addr_netmask_to_prefixlen(const struct in_addr *addr) { assert(addr); return 32 - u32ctz(be32toh(addr->s_addr)); } +struct in_addr* in_addr_prefixlen_to_netmask(struct in_addr *addr, unsigned char prefixlen) { + assert(addr); + assert(prefixlen <= 32); + + /* Shifting beyond 32 is not defined, handle this specially. */ + if (prefixlen == 0) + addr->s_addr = 0; + else + addr->s_addr = htobe32((0xffffffff << (32 - prefixlen)) & 0xffffffff); + + return addr; +} + int in_addr_default_prefixlen(const struct in_addr *addr, unsigned char *prefixlen) { uint8_t msb_octet = *(uint8_t*) addr; @@ -284,9 +297,6 @@ int in_addr_default_subnet_mask(const struct in_addr *addr, struct in_addr *mask if (r < 0) return r; - assert(prefixlen > 0 && prefixlen < 32); - - mask->s_addr = htobe32((0xffffffff << (32 - prefixlen)) & 0xffffffff); - + in_addr_prefixlen_to_netmask(mask, prefixlen); return 0; } -- cgit v1.2.3-54-g00ecf