Move IP Address Manipulation Functions to /usr/share/shorewall/functions

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@631 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-01-22 13:39:06 +01:00 · 2003-07-05 16:24:41 +00:00 · 2003-07-05 16:24:41 +00:00 · b1b3d09473
commit b1b3d09473
parent 0e04a4faeb
2 changed files with 147 additions and 116 deletions
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@ -2916,117 +2916,6 @@ get_routed_subnets() # $1 = interface name
 	    fi
        done
 }
-#
-# Convert an IP address in dot quad format to an integer
-#
-decodeaddr() {
-    local x
-    local temp=0
-    local ifs=$IFS
-    
-    IFS=.
-
-    for x in $1; do
-	temp=$(( $(( $temp $LEFTSHIFT 8 )) | $x ))
-    done
-
-    echo $temp
-
-    IFS=$ifs
-}
-#
-# convert an integer to dot quad format
-#
-encodeaddr() {
-    addr=$1
-    local x
-    local y=$(($addr & 255))
-
-    for x in 1 2 3 ; do
-	addr=$(($addr >> 8))
-	y=$(($addr & 255)).$y
-    done
-
-    echo $y
-}
-#
-# Enumerate the members of an IP range -- When using a shell supporting only
-# 32-bit signed arithmetic, the range cannot span 128.0.0.0.
-#
-ip_range() {
-    local first
-    local last
-
-    case $1 in 
-    *-*)
-	;;
-    *)
-	echo $1
-	return
-	;;
-    esac
-
-    first=`decodeaddr ${1%-*}`
-    last=`decodeaddr ${1#*-}`
-
-    if [ $first -gt $last -o $(($last - $first)) -gt 256 ]; then
-	fatal_error "Invalid IP address range: $1"
-    fi
-
-    while [ $first -le $last ]; do
-	echo `encodeaddr $first`
-	first=$(($first + 1))
-    done
-}
-#
-# Netmask from CIDR
-#
-ip_netmask() {
-    echo $(( -1 $LEFTSHIFT $(( 32 - ${1#*/} )) ))
-}
-
-#
-# Network address from CIDR
-#
-networkaddress() {
-    local decodedaddr=`decodeaddr ${1%/*}`
-    local netmask=`ip_netmask $1`
-
-    echo `encodeaddr $(($decodedaddr & $netmask))`
-}
-
-#
-# The following hack is supplied to compensate for the fact that many of
-# the popular light-weight Bourne shell derivatives don't support XOR ("^").
-#
-# Note: 2147483647 = 0x7fffffff
-
-ip_broadcast() {
-    local x=$(( ${1#*/} - 1 ))
-
-    [ $x -eq -1 ] && echo -1 || echo $(( 2147483647 >> $x ))
-}
-
-#
-# Calculate broadcast address from CIDR
-#
-broadcastaddress() {
-    local decodedaddr=`decodeaddr ${1%/*}`
-    local netmask=`ip_netmask $1`
-    local broadcast=`ip_broadcast $1`
-
-    echo `encodeaddr $(( $(($decodedaddr & $netmask)) | $broadcast ))`
-}
-
-#
-# Test for subnet membership
-#
-in_subnet() # $1 = IP address, $2 = CIDR network
-{
-    local netmask=`ip_netmask $2`
-
-    test $(( `decodeaddr $1` & $netmask)) -eq $(( `decodeaddr ${2%/*}` & $netmask ))
-}

 #
 # Set up Source NAT (including masquerading)
@ -3326,7 +3215,7 @@ verify_os_version() {
    osversion=`uname -r`

    case $osversion in
-    2.4.*|2.5.*)
+    2.4.*|2.5.*|2.6.*)
 	;;
    *)
 	startup_error "Shorewall version $version does not work with kernel version $osversion"
@ -4821,10 +4710,6 @@ do_initialize() {
    strip_file interfaces
    strip_file hosts
    #
-    # So that emacs doesn't get lost, we use $LEFTSHIFT rather than <<
-    #
-    LEFTSHIFT='<<'
-    #
    # Determine the capabilities of the installed iptables/netfilter
    #
    determine_capabilities
--- a/Shorewall/functions
+++ b/Shorewall/functions
@ -219,3 +219,149 @@ strip_file() # $1 = Base Name of the file, $2 = Full Name of File (optional)
 	> $TMP_DIR/$1
    fi
 }
+
+#
+# So that emacs doesn't get lost, we use $LEFTSHIFT rather than <<
+#
+LEFTSHIFT='<<'
+
+#
+# Convert an IP address in dot quad format to an integer
+#
+decodeaddr() {
+    local x
+    local temp=0
+    local ifs=$IFS
+    
+    IFS=.
+
+    for x in $1; do
+	temp=$(( $(( $temp $LEFTSHIFT 8 )) | $x ))
+    done
+
+    echo $temp
+
+    IFS=$ifs
+}
+
+#
+# convert an integer to dot quad format
+#
+encodeaddr() {
+    addr=$1
+    local x
+    local y=$(($addr & 255))
+
+    for x in 1 2 3 ; do
+	addr=$(($addr >> 8))
+	y=$(($addr & 255)).$y
+    done
+
+    echo $y
+}
+
+#
+# Enumerate the members of an IP range -- When using a shell supporting only
+# 32-bit signed arithmetic, the range cannot span 128.0.0.0.
+#
+ip_range() {
+    local first
+    local last
+
+    case $1 in 
+    *-*)
+	;;
+    *)
+	echo $1
+	return
+	;;
+    esac
+
+    first=`decodeaddr ${1%-*}`
+    last=`decodeaddr ${1#*-}`
+
+    if [ $first -gt $last -o $(($last - $first)) -gt 256 ]; then
+	fatal_error "Invalid IP address range: $1"
+    fi
+
+    while [ $first -le $last ]; do
+	echo `encodeaddr $first`
+	first=$(($first + 1))
+    done
+}
+
+#
+# Netmask from CIDR
+#
+ip_netmask() {
+    echo $(( -1 $LEFTSHIFT $(( 32 - ${1#*/} )) ))
+}
+
+#
+# Network address from CIDR
+#
+ip_network() {
+    local decodedaddr=`decodeaddr ${1%/*}`
+    local netmask=`ip_netmask $1`
+
+    echo `encodeaddr $(($decodedaddr & $netmask))`
+}
+
+#
+# The following hack is supplied to compensate for the fact that many of
+# the popular light-weight Bourne shell derivatives don't support XOR ("^").
+#
+# Note: 2147483647 = 0x7fffffff
+
+ip_broadcast() {
+    local x=$(( ${1#*/} - 1 ))
+
+    [ $x -eq -1 ] && echo -1 || echo $(( 2147483647 >> $x ))
+}
+
+#
+# Calculate broadcast address from CIDR
+#
+broadcastaddress() {
+    local decodedaddr=`decodeaddr ${1%/*}`
+    local netmask=`ip_netmask $1`
+    local broadcast=`ip_broadcast $1`
+
+    echo `encodeaddr $(( $(($decodedaddr & $netmask)) | $broadcast ))`
+}
+
+#
+# Test for subnet membership
+#
+in_subnet() # $1 = IP address, $2 = CIDR network
+{
+    local netmask=`ip_netmask $2`
+
+    test $(( `decodeaddr $1` & $netmask)) -eq $(( `decodeaddr ${2%/*}` & $netmask ))
+}
+
+#
+# Address Netmask to CIDR
+#
+ip_cidr() {
+    local mask=`decodeaddr $2`
+    local cidr=0
+    local x=$(( 128 $LEFTSHIFT 24 ))
+
+    while [ $(( $x & $mask )) -ne 0 ]; do
+	[ $mask -eq $x ] && mask=0 || mask=$(( $mask $LEFTSHIFT 1 )) # Don't Ask...
+	cidr=$(($cidr + 1))
+    done
+
+    if [ $(( $mask & 2147483647)) -ne 0 ]; then
+	echo "Invalid net mask: $2" >&2
+    else
+	echo $1/$cidr
+    fi
+}
+	
+    
+
+    
+    
+