1 /*
2 Copyright (c) 2013, 2019, The Linux Foundation. All rights reserved.
3
4 Redistribution and use in source and binary forms, with or without
5 modification, are permitted provided that the following conditions are
6 met:
7 * Redistributions of source code must retain the above copyright
8 notice, this list of conditions and the following disclaimer.
9 * Redistributions in binary form must reproduce the above
10 copyright notice, this list of conditions and the following
11 disclaimer in the documentation and/or other materials provided
12 with the distribution.
13 * Neither the name of The Linux Foundation nor the names of its
14 contributors may be used to endorse or promote products derived
15 from this software without specific prior written permission.
16
17 THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
18 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
20 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
21 BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
24 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
25 WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
26 OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
27 IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29 /*!
30 @file
31 IPACM_Xml.cpp
32
33 @brief
34 This file implements the XML specific parsing functionality.
35
36 @Author
37 Skylar Chang/Shihuan Liu
38 */
39
40 #include <sys/socket.h>
41 #include <netinet/in.h>
42 #ifndef in_addr_t
43 typedef uint32_t in_addr_t;
44 #endif
45 #include <arpa/inet.h>
46
47 #include "IPACM_Xml.h"
48 #include "IPACM_Log.h"
49 #include "IPACM_Netlink.h"
50
51 static char* IPACM_read_content_element
52 (
53 xmlNode* element
54 );
55
56 static int32_t IPACM_util_icmp_string
57 (
58 const char* xml_str,
59 const char* str
60 );
61
62 static int ipacm_cfg_xml_parse_tree
63 (
64 xmlNode* xml_node,
65 IPACM_conf_t *config
66 );
67
68 static int IPACM_firewall_xml_parse_tree
69 (
70 xmlNode* xml_node,
71 IPACM_firewall_conf_t *config
72 );
73
74 /*Reads content (stored as child) of the element */
IPACM_read_content_element(xmlNode * element)75 static char* IPACM_read_content_element
76 (
77 xmlNode* element
78 )
79 {
80 xmlNode* child_ptr;
81 uint32_t str_len;
82
83 for (child_ptr = element->children;
84 child_ptr != NULL;
85 child_ptr = child_ptr->next)
86 {
87 if (child_ptr->type == XML_TEXT_NODE)
88 {
89 str_len = strlen((char*)child_ptr->content);
90
91 if(str_len < MAX_XML_STR_LEN)
92 return (char*)child_ptr->content;
93 else
94 {
95 IPACMERR("Invalid string size\n");
96 break;
97 }
98 }
99 }
100 return NULL;
101 }
102
103 /* insensitive comparison of a libxml's string (xml_str) and a regular string (str)*/
IPACM_util_icmp_string(const char * xml_str,const char * str)104 static int32_t IPACM_util_icmp_string
105 (
106 const char* xml_str,
107 const char* str
108 )
109 {
110 int32_t ret = -1;
111
112 if (NULL != xml_str && NULL != str)
113 {
114 uint32_t len1 = strlen(str);
115 uint32_t len2 = strlen(xml_str);
116 /* If the lengths match, do the string comparison */
117 if (len1 == len2)
118 {
119 ret = strncasecmp(xml_str, str, len1);
120 }
121 }
122
123 return ret;
124 }
125
126 /* This function read IPACM XML and populate the IPA CM Cfg */
ipacm_read_cfg_xml(char * xml_file,IPACM_conf_t * config)127 int ipacm_read_cfg_xml(char *xml_file, IPACM_conf_t *config)
128 {
129 xmlDocPtr doc = NULL;
130 xmlNode* root = NULL;
131 int ret_val = IPACM_SUCCESS;
132
133 /* Invoke the XML parser and obtain the parse tree */
134 doc = xmlReadFile(xml_file, "UTF-8", XML_PARSE_NOBLANKS);
135 if (doc == NULL) {
136 IPACMDBG_H("IPACM_xml_parse: libxml returned parse error!\n");
137 return IPACM_FAILURE;
138 }
139
140 /*Get the root of the tree*/
141 root = xmlDocGetRootElement(doc);
142
143 memset(config, 0, sizeof(IPACM_conf_t));
144
145 /* parse the xml tree returned by libxml */
146 ret_val = ipacm_cfg_xml_parse_tree(root, config);
147
148 if (ret_val != IPACM_SUCCESS)
149 {
150 IPACMDBG_H("IPACM_xml_parse: ipacm_cfg_xml_parse_tree returned parse error!\n");
151 }
152
153 /* Free up the libxml's parse tree */
154 xmlFreeDoc(doc);
155
156 return ret_val;
157 }
158
159 /* This function traverses the xml tree*/
ipacm_cfg_xml_parse_tree(xmlNode * xml_node,IPACM_conf_t * config)160 static int ipacm_cfg_xml_parse_tree
161 (
162 xmlNode* xml_node,
163 IPACM_conf_t *config
164 )
165 {
166 int32_t ret_val = IPACM_SUCCESS;
167 int str_size;
168 char* content;
169 char content_buf[MAX_XML_STR_LEN];
170
171 if (NULL == xml_node)
172 return ret_val;
173 while ( xml_node != NULL &&
174 ret_val == IPACM_SUCCESS)
175 {
176 switch (xml_node->type)
177 {
178 case XML_ELEMENT_NODE:
179 {
180 if (IPACM_util_icmp_string((char*)xml_node->name, system_TAG) == 0 ||
181 IPACM_util_icmp_string((char*)xml_node->name, ODU_TAG) == 0 ||
182 IPACM_util_icmp_string((char*)xml_node->name, IPACMCFG_TAG) == 0 ||
183 IPACM_util_icmp_string((char*)xml_node->name, IPACMIFACECFG_TAG) == 0 ||
184 IPACM_util_icmp_string((char*)xml_node->name, IFACE_TAG) == 0 ||
185 IPACM_util_icmp_string((char*)xml_node->name, IPACMPRIVATESUBNETCFG_TAG) == 0 ||
186 IPACM_util_icmp_string((char*)xml_node->name, SUBNET_TAG) == 0 ||
187 IPACM_util_icmp_string((char*)xml_node->name, IPACMALG_TAG) == 0 ||
188 IPACM_util_icmp_string((char*)xml_node->name, ALG_TAG) == 0 ||
189 IPACM_util_icmp_string((char*)xml_node->name, IPACMNat_TAG) == 0 ||
190 IPACM_util_icmp_string((char*)xml_node->name, IP_PassthroughFlag_TAG) == 0)
191 {
192 if (0 == IPACM_util_icmp_string((char*)xml_node->name, IFACE_TAG))
193 {
194 /* increase iface entry number */
195 config->iface_config.num_iface_entries++;
196 }
197
198 if (0 == IPACM_util_icmp_string((char*)xml_node->name, SUBNET_TAG))
199 {
200 /* increase iface entry number */
201 config->private_subnet_config.num_subnet_entries++;
202 }
203
204 if (0 == IPACM_util_icmp_string((char*)xml_node->name, ALG_TAG))
205 {
206 /* increase iface entry number */
207 config->alg_config.num_alg_entries++;
208 }
209 /* go to child */
210 ret_val = ipacm_cfg_xml_parse_tree(xml_node->children, config);
211 }
212 else if (IPACM_util_icmp_string((char*)xml_node->name, IP_PassthroughMode_TAG) == 0)
213 {
214 IPACMDBG_H("inside IP Passthrough\n");
215 content = IPACM_read_content_element(xml_node);
216 if (content)
217 {
218 str_size = strlen(content);
219 memset(content_buf, 0, sizeof(content_buf));
220 memcpy(content_buf, (void *)content, str_size);
221 if (atoi(content_buf))
222 {
223 config->ip_passthrough_mode = true;
224 IPACMDBG_H("Passthrough enable %d buf(%d)\n", config->ip_passthrough_mode, atoi(content_buf));
225 }
226 else
227 {
228 config->ip_passthrough_mode = false;
229 IPACMDBG_H("Passthrough enable %d buf(%d)\n", config->ip_passthrough_mode, atoi(content_buf));
230 }
231 }
232 }
233 else if (IPACM_util_icmp_string((char*)xml_node->name, ODUMODE_TAG) == 0)
234 {
235 IPACMDBG_H("inside ODU-XML\n");
236 content = IPACM_read_content_element(xml_node);
237 if (content)
238 {
239 str_size = strlen(content);
240 memset(content_buf, 0, sizeof(content_buf));
241 memcpy(content_buf, (void *)content, str_size);
242 if (0 == strncasecmp(content_buf, ODU_ROUTER_TAG, str_size))
243 {
244 config->router_mode_enable = true;
245 IPACMDBG_H("router-mode enable %d\n", config->router_mode_enable);
246 }
247 else if (0 == strncasecmp(content_buf, ODU_BRIDGE_TAG, str_size))
248 {
249 config->router_mode_enable = false;
250 IPACMDBG_H("router-mode enable %d\n", config->router_mode_enable);
251 }
252 }
253 }
254 else if (IPACM_util_icmp_string((char*)xml_node->name, ODUEMBMS_OFFLOAD_TAG) == 0)
255 {
256 IPACMDBG_H("inside ODU-XML\n");
257 content = IPACM_read_content_element(xml_node);
258 if (content)
259 {
260 str_size = strlen(content);
261 memset(content_buf, 0, sizeof(content_buf));
262 memcpy(content_buf, (void *)content, str_size);
263 if (atoi(content_buf))
264 {
265 config->odu_embms_enable = true;
266 IPACMDBG_H("router-mode enable %d buf(%d)\n", config->odu_embms_enable, atoi(content_buf));
267 }
268 else
269 {
270 config->odu_embms_enable = false;
271 IPACMDBG_H("router-mode enable %d buf(%d)\n", config->odu_embms_enable, atoi(content_buf));
272 }
273 }
274 }
275 else if (IPACM_util_icmp_string((char*)xml_node->name, NAME_TAG) == 0)
276 {
277 content = IPACM_read_content_element(xml_node);
278 if (content)
279 {
280 str_size = strlen(content);
281 memset(content_buf, 0, sizeof(content_buf));
282 strlcpy(content_buf, content, MAX_XML_STR_LEN);
283 strlcpy(config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name, content_buf, IPA_IFACE_NAME_LEN);
284 IPACMDBG_H("Name %s\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name);
285 }
286 }
287 else if (IPACM_util_icmp_string((char*)xml_node->name, CATEGORY_TAG) == 0)
288 {
289 content = IPACM_read_content_element(xml_node);
290 if (content)
291 {
292 str_size = strlen(content);
293 memset(content_buf, 0, sizeof(content_buf));
294 memcpy(content_buf, (void *)content, str_size);
295 if (0 == strncasecmp(content_buf, WANIF_TAG, str_size))
296 {
297 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = WAN_IF;
298 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
299 }
300 else if (0 == strncasecmp(content_buf, LANIF_TAG, str_size))
301 {
302 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = LAN_IF;
303 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
304 }
305 else if (0 == strncasecmp(content_buf, WLANIF_TAG, str_size))
306 {
307 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = WLAN_IF;
308 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
309 }
310 else if (0 == strncasecmp(content_buf, VIRTUALIF_TAG, str_size))
311 {
312 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = VIRTUAL_IF;
313 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
314 }
315 else if (0 == strncasecmp(content_buf, UNKNOWNIF_TAG, str_size))
316 {
317 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = UNKNOWN_IF;
318 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
319 }
320 else if (0 == strncasecmp(content_buf, ETHIF_TAG, str_size))
321 {
322 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = ETH_IF;
323 IPACMDBG_H("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
324 }
325 else if (0 == strncasecmp(content_buf, ODUIF_TAG, str_size))
326 {
327 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat = ODU_IF;
328 IPACMDBG("Category %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_cat);
329 }
330 }
331 }
332 else if (IPACM_util_icmp_string((char*)xml_node->name, MODE_TAG) == 0)
333 {
334 content = IPACM_read_content_element(xml_node);
335 if (content)
336 {
337 str_size = strlen(content);
338 memset(content_buf, 0, sizeof(content_buf));
339 memcpy(content_buf, (void *)content, str_size);
340 if (0 == strncasecmp(content_buf, IFACE_ROUTER_MODE_TAG, str_size))
341 {
342 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode = ROUTER;
343 IPACMDBG_H("Iface mode %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode);
344 }
345 else if (0 == strncasecmp(content_buf, IFACE_BRIDGE_MODE_TAG, str_size))
346 {
347 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode = BRIDGE;
348 IPACMDBG_H("Iface mode %d\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].if_mode);
349 }
350 }
351 }
352 else if (IPACM_util_icmp_string((char*)xml_node->name, WLAN_MODE_TAG) == 0)
353 {
354 IPACMDBG_H("Inside WLAN-XML\n");
355 content = IPACM_read_content_element(xml_node);
356 if (content)
357 {
358 str_size = strlen(content);
359 memset(content_buf, 0, sizeof(content_buf));
360 memcpy(content_buf, (void *)content, str_size);
361
362 if (0 == strncasecmp(content_buf, WLAN_FULL_MODE_TAG, str_size))
363 {
364 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode = FULL;
365 IPACMDBG_H("Wlan-mode full(%d)\n",
366 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode);
367 }
368 else if (0 == strncasecmp(content_buf, WLAN_INTERNET_MODE_TAG, str_size))
369 {
370 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode = INTERNET;
371 config->num_wlan_guest_ap++;
372 IPACMDBG_H("Wlan-mode internet(%d)\n",
373 config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].wlan_mode);
374 }
375 }
376 }
377 else if (IPACM_util_icmp_string((char*)xml_node->name, SUBNETADDRESS_TAG) == 0)
378 {
379 content = IPACM_read_content_element(xml_node);
380 if (content)
381 {
382 str_size = strlen(content);
383 memset(content_buf, 0, sizeof(content_buf));
384 memcpy(content_buf, (void *)content, str_size);
385 content_buf[MAX_XML_STR_LEN-1] = '\0';
386 config->private_subnet_config.private_subnet_entries[config->private_subnet_config.num_subnet_entries - 1].subnet_addr
387 = ntohl(inet_addr(content_buf));
388 IPACMDBG_H("subnet_addr: %s \n", content_buf);
389 }
390 }
391 else if (IPACM_util_icmp_string((char*)xml_node->name, SUBNETMASK_TAG) == 0)
392 {
393 content = IPACM_read_content_element(xml_node);
394 if (content)
395 {
396 str_size = strlen(content);
397 memset(content_buf, 0, sizeof(content_buf));
398 memcpy(content_buf, (void *)content, str_size);
399 content_buf[MAX_XML_STR_LEN-1] = '\0';
400 config->private_subnet_config.private_subnet_entries[config->private_subnet_config.num_subnet_entries - 1].subnet_mask
401 = ntohl(inet_addr(content_buf));
402 IPACMDBG_H("subnet_mask: %s \n", content_buf);
403 }
404 }
405 else if (IPACM_util_icmp_string((char*)xml_node->name, Protocol_TAG) == 0)
406 {
407 content = IPACM_read_content_element(xml_node);
408 if (content)
409 {
410 str_size = strlen(content);
411 memset(content_buf, 0, sizeof(content_buf));
412 memcpy(content_buf, (void *)content, str_size);
413 content_buf[MAX_XML_STR_LEN-1] = '\0';
414
415 if (0 == strncasecmp(content_buf, TCP_PROTOCOL_TAG, str_size))
416 {
417 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol = IPPROTO_TCP;
418 IPACMDBG_H("Protocol %s: %d\n",
419 content_buf, config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol);
420 }
421 else if (0 == strncasecmp(content_buf, UDP_PROTOCOL_TAG, str_size))
422 {
423 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol = IPPROTO_UDP;
424 IPACMDBG_H("Protocol %s: %d\n",
425 content_buf, config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].protocol);
426 }
427 }
428 }
429 else if (IPACM_util_icmp_string((char*)xml_node->name, Port_TAG) == 0)
430 {
431 content = IPACM_read_content_element(xml_node);
432 if (content)
433 {
434 str_size = strlen(content);
435 memset(content_buf, 0, sizeof(content_buf));
436 memcpy(content_buf, (void *)content, str_size);
437 config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].port
438 = atoi(content_buf);
439 IPACMDBG_H("port %d\n", config->alg_config.alg_entries[config->alg_config.num_alg_entries - 1].port);
440 }
441 }
442 else if (IPACM_util_icmp_string((char*)xml_node->name, NAT_MaxEntries_TAG) == 0)
443 {
444 content = IPACM_read_content_element(xml_node);
445 if (content)
446 {
447 str_size = strlen(content);
448 memset(content_buf, 0, sizeof(content_buf));
449 memcpy(content_buf, (void *)content, str_size);
450 config->nat_max_entries = atoi(content_buf);
451 IPACMDBG_H("Nat Table Max Entries %d\n", config->nat_max_entries);
452 }
453 }
454 }
455 break;
456 default:
457 break;
458 }
459 /* go to sibling */
460 xml_node = xml_node->next;
461 } /* end while */
462 return ret_val;
463 }
464
465 /* This function read QCMAP CM Firewall XML and populate the QCMAP CM Cfg */
IPACM_read_firewall_xml(char * xml_file,IPACM_firewall_conf_t * config)466 int IPACM_read_firewall_xml(char *xml_file, IPACM_firewall_conf_t *config)
467 {
468 xmlDocPtr doc = NULL;
469 xmlNode* root = NULL;
470 int ret_val;
471
472 IPACM_ASSERT(xml_file != NULL);
473 IPACM_ASSERT(config != NULL);
474
475 /* invoke the XML parser and obtain the parse tree */
476 doc = xmlReadFile(xml_file, "UTF-8", XML_PARSE_NOBLANKS);
477 if (doc == NULL) {
478 IPACMDBG_H("IPACM_xml_parse: libxml returned parse error\n");
479 return IPACM_FAILURE;
480 }
481 /*get the root of the tree*/
482 root = xmlDocGetRootElement(doc);
483
484 /* parse the xml tree returned by libxml*/
485 ret_val = IPACM_firewall_xml_parse_tree(root, config);
486
487 if (ret_val != IPACM_SUCCESS)
488 {
489 IPACMDBG_H("IPACM_xml_parse: ipacm_firewall_xml_parse_tree returned parse error!\n");
490 }
491
492 /* free the tree */
493 xmlFreeDoc(doc);
494
495 return ret_val;
496 }
497
498
499 /* This function traverses the firewall xml tree */
IPACM_firewall_xml_parse_tree(xmlNode * xml_node,IPACM_firewall_conf_t * config)500 static int IPACM_firewall_xml_parse_tree
501 (
502 xmlNode* xml_node,
503 IPACM_firewall_conf_t *config
504 )
505 {
506 int mask_value_v6, mask_index;
507 int32_t ret_val = IPACM_SUCCESS;
508 char *content;
509 int str_size;
510 char content_buf[MAX_XML_STR_LEN];
511 struct in6_addr ip6_addr;
512
513 IPACM_ASSERT(config != NULL);
514
515 if (NULL == xml_node)
516 return ret_val;
517
518 while ( xml_node != NULL &&
519 ret_val == IPACM_SUCCESS)
520 {
521 switch (xml_node->type)
522 {
523
524 case XML_ELEMENT_NODE:
525 {
526 if (0 == IPACM_util_icmp_string((char*)xml_node->name, system_TAG) ||
527 0 == IPACM_util_icmp_string((char*)xml_node->name, MobileAPFirewallCfg_TAG) ||
528 0 == IPACM_util_icmp_string((char*)xml_node->name, Firewall_TAG) ||
529 0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallEnabled_TAG) ||
530 0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallPktsAllowed_TAG))
531 {
532 if (0 == IPACM_util_icmp_string((char*)xml_node->name, Firewall_TAG))
533 {
534 /* increase firewall entry num */
535 config->num_extd_firewall_entries++;
536 }
537
538 if (0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallPktsAllowed_TAG))
539 {
540 /* setup action of matched rules */
541 content = IPACM_read_content_element(xml_node);
542 if (content)
543 {
544 str_size = strlen(content);
545 memset(content_buf, 0, sizeof(content_buf));
546 memcpy(content_buf, (void *)content, str_size);
547 if (atoi(content_buf)==1)
548 {
549 config->rule_action_accept = true;
550 }
551 else
552 {
553 config->rule_action_accept = false;
554 }
555 IPACMDBG_H(" Allow traffic which matches rules ?:%d\n",config->rule_action_accept);
556 }
557 }
558
559 if (0 == IPACM_util_icmp_string((char*)xml_node->name, FirewallEnabled_TAG))
560 {
561 /* setup if firewall enable or not */
562 content = IPACM_read_content_element(xml_node);
563 if (content)
564 {
565 str_size = strlen(content);
566 memset(content_buf, 0, sizeof(content_buf));
567 memcpy(content_buf, (void *)content, str_size);
568 if (atoi(content_buf)==1)
569 {
570 config->firewall_enable = true;
571 }
572 else
573 {
574 config->firewall_enable = false;
575 }
576 IPACMDBG_H(" Firewall Enable?:%d\n", config->firewall_enable);
577 }
578 }
579 /* go to child */
580 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
581 }
582 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPFamily_TAG))
583 {
584 content = IPACM_read_content_element(xml_node);
585 if (content)
586 {
587 str_size = strlen(content);
588 memset(content_buf, 0, sizeof(content_buf));
589 memcpy(content_buf, (void *)content, str_size);
590 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].ip_vsn
591 = (firewall_ip_version_enum)atoi(content_buf);
592 IPACMDBG_H("\n IP family type is %d \n",
593 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].ip_vsn);
594 }
595 }
596 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceAddress_TAG))
597 {
598 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_ADDR;
599 /* go to child */
600 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
601 }
602 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceIPAddress_TAG))
603 {
604 content = IPACM_read_content_element(xml_node);
605 if (content)
606 {
607 str_size = strlen(content);
608 memset(content_buf, 0, sizeof(content_buf));
609 memcpy(content_buf, (void *)content, str_size);
610 content_buf[MAX_XML_STR_LEN-1] = '\0';
611 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.src_addr
612 = ntohl(inet_addr(content_buf));
613 IPACMDBG_H("IPv4 source address is: %s \n", content_buf);
614 }
615 }
616 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4SourceSubnetMask_TAG))
617 {
618 content = IPACM_read_content_element(xml_node);
619 if (content)
620 {
621 str_size = strlen(content);
622 memset(content_buf, 0, sizeof(content_buf));
623 memcpy(content_buf, (void *)content, str_size);
624 content_buf[MAX_XML_STR_LEN-1] = '\0';
625 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.src_addr_mask
626 = ntohl(inet_addr(content_buf));
627 IPACMDBG_H("IPv4 source subnet mask is: %s \n", content_buf);
628 }
629 }
630 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationAddress_TAG))
631 {
632 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_ADDR;
633 /* go to child */
634 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
635 }
636 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationIPAddress_TAG))
637 {
638 content = IPACM_read_content_element(xml_node);
639 if (content)
640 {
641 str_size = strlen(content);
642 memset(content_buf, 0, sizeof(content_buf));
643 memcpy(content_buf, (void *)content, str_size);
644 content_buf[MAX_XML_STR_LEN-1] = '\0';
645 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr
646 = ntohl(inet_addr(content_buf));
647 IPACMDBG_H("IPv4 destination address is: %s \n", content_buf);
648 }
649 }
650 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4DestinationSubnetMask_TAG))
651 {
652 content = IPACM_read_content_element(xml_node);
653 if (content)
654 {
655 str_size = strlen(content);
656 memset(content_buf, 0, sizeof(content_buf));
657 memcpy(content_buf, (void *)content, str_size);
658 content_buf[MAX_XML_STR_LEN-1] = '\0';
659 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr_mask
660 = ntohl(inet_addr(content_buf));
661 IPACMDBG_H("IPv4 destination subnet mask is: %s \n", content_buf);
662 }
663 }
664 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4TypeOfService_TAG))
665 {
666 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TOS;
667 /* go to child */
668 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
669 }
670 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TOSValue_TAG))
671 {
672 content = IPACM_read_content_element(xml_node);
673 if (content)
674 {
675 str_size = strlen(content);
676 memset(content_buf, 0, sizeof(content_buf));
677 memcpy(content_buf, (void *)content, str_size);
678 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos
679 = atoi(content_buf);
680 // Here we do not know if it is TOS with mask or not, so we put at both places
681 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.tos_value
682 = atoi(content_buf);
683 IPACMDBG_H("\n IPV4 TOS val is %d \n",
684 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos);
685 }
686 }
687 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TOSMask_TAG))
688 {
689 content = IPACM_read_content_element(xml_node);
690 if (content)
691 {
692 uint8_t mask;
693
694 str_size = strlen(content);
695 memset(content_buf, 0, sizeof(content_buf));
696 memcpy(content_buf, (void *)content, str_size);
697 mask = atoi(content_buf);
698 IPACMDBG_H("\n IPv4 TOS mask is %u \n", mask);
699 if (mask != 0xFF) {
700 // TOS attribute cannot be used
701 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.tos = 0;
702 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.tos_mask = mask;
703
704 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |=
705 IPA_FLT_TOS_MASKED;
706 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask &=
707 ~IPA_FLT_TOS;
708 } else {
709 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.tos_value = 0;
710 }
711 }
712 }
713 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4NextHeaderProtocol_TAG))
714 {
715 content = IPACM_read_content_element(xml_node);
716 if (content)
717 {
718 str_size = strlen(content);
719 memset(content_buf, 0, sizeof(content_buf));
720 memcpy(content_buf, (void *)content, str_size);
721 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_PROTOCOL;
722 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.protocol = atoi(content_buf);
723 IPACMDBG_H("\n IPv4 next header prot is %d \n",
724 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.protocol);
725 }
726 }
727 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourceAddress_TAG))
728 {
729 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |=
730 IPA_FLT_SRC_ADDR;
731 /* go to child */
732 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
733 }
734 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourceIPAddress_TAG))
735 {
736 content = IPACM_read_content_element(xml_node);
737 if (content)
738 {
739 str_size = strlen(content);
740 memset(content_buf, 0, sizeof(content_buf));
741 memcpy(content_buf, (void *)content, str_size);
742 inet_pton(AF_INET6, content_buf, &ip6_addr);
743 memcpy(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr,
744 ip6_addr.s6_addr, IPACM_IPV6_ADDR_LEN * sizeof(uint8_t));
745 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]);
746 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[1]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[1]);
747 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[2]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[2]);
748 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[3]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[3]);
749
750 IPACMDBG_H("\n ipv6 source addr is %d \n ",
751 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr[0]);
752 }
753 }
754 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6SourcePrefix_TAG))
755 {
756 content = IPACM_read_content_element(xml_node);
757 if (content)
758 {
759 str_size = strlen(content);
760 memset(content_buf, 0, sizeof(content_buf));
761 memcpy(content_buf, (void *)content, str_size);
762 mask_value_v6 = atoi(content_buf);
763 for (mask_index = 0; mask_index < 4; mask_index++)
764 {
765 if (mask_value_v6 >= 32)
766 {
767 mask_v6(32, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr_mask[mask_index]));
768 mask_value_v6 -= 32;
769 }
770 else
771 {
772 mask_v6(mask_value_v6, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.src_addr_mask[mask_index]));
773 mask_value_v6 = 0;
774 }
775 }
776 IPACMDBG_H("\n ipv6 source prefix is %d \n", atoi(content_buf));
777 }
778 }
779 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationAddress_TAG))
780 {
781 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |=
782 IPA_FLT_DST_ADDR;
783 /* go to child */
784 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
785 }
786 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationIPAddress_TAG))
787 {
788 content = IPACM_read_content_element(xml_node);
789 if (content)
790 {
791 str_size = strlen(content);
792 memset(content_buf, 0, sizeof(content_buf));
793 memcpy(content_buf, (void *)content, str_size);
794 inet_pton(AF_INET6, content_buf, &ip6_addr);
795 memcpy(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr,
796 ip6_addr.s6_addr, IPACM_IPV6_ADDR_LEN * sizeof(uint8_t));
797 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]);
798 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[1]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[1]);
799 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[2]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[2]);
800 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[3]=ntohl(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[3]);
801 IPACMDBG_H("\n ipv6 dest addr is %d \n",
802 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr[0]);
803 }
804 }
805 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6DestinationPrefix_TAG))
806 {
807 content = IPACM_read_content_element(xml_node);
808 if (content)
809 {
810 str_size = strlen(content);
811 memset(content_buf, 0, sizeof(content_buf));
812 memcpy(content_buf, (void *)content, str_size);
813 mask_value_v6 = atoi(content_buf);
814 for (mask_index = 0; mask_index < 4; mask_index++)
815 {
816 if (mask_value_v6 >= 32)
817 {
818 mask_v6(32, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr_mask[mask_index]));
819 mask_value_v6 -= 32;
820 }
821 else
822 {
823 mask_v6(mask_value_v6, &(config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.dst_addr_mask[mask_index]));
824 mask_value_v6 = 0;
825 }
826 }
827 IPACMDBG_H("\n ipv6 dest prefix is %d \n", atoi(content_buf));
828 }
829 }
830 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6TrafficClass_TAG))
831 {
832 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TC;
833 /* go to child */
834 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
835 }
836 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TrfClsValue_TAG))
837 {
838 content = IPACM_read_content_element(xml_node);
839 if (content)
840 {
841 str_size = strlen(content);
842 memset(content_buf, 0, sizeof(content_buf));
843 memcpy(content_buf, (void *)content, str_size);
844 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc
845 = atoi(content_buf);
846 IPACMDBG_H("\n ipv6 trf class val is %d \n",
847 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc);
848 }
849 }
850 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TrfClsMask_TAG))
851 {
852 content = IPACM_read_content_element(xml_node);
853 if (content)
854 {
855 str_size = strlen(content);
856 memset(content_buf, 0, sizeof(content_buf));
857 memcpy(content_buf, (void *)content, str_size);
858 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.tc
859 &= atoi(content_buf);
860 IPACMDBG_H("\n ipv6 trf class mask is %d \n", atoi(content_buf));
861 }
862 }
863 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV6NextHeaderProtocol_TAG))
864 {
865 content = IPACM_read_content_element(xml_node);
866 if (content)
867 {
868 str_size = strlen(content);
869 memset(content_buf, 0, sizeof(content_buf));
870 memcpy(content_buf, (void *)content, str_size);
871 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_NEXT_HDR;
872 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.next_hdr
873 = atoi(content_buf);
874 IPACMDBG_H("\n ipv6 next header protocol is %d \n",
875 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v6.next_hdr);
876 }
877 }
878 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSource_TAG))
879 {
880 /* go to child */
881 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
882 }
883 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSourcePort_TAG))
884 {
885 content = IPACM_read_content_element(xml_node);
886 if (content)
887 {
888 str_size = strlen(content);
889 memset(content_buf, 0, sizeof(content_buf));
890 memcpy(content_buf, (void *)content, str_size);
891 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port
892 = atoi(content_buf);
893 }
894 }
895 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPSourceRange_TAG))
896 {
897 content = IPACM_read_content_element(xml_node);
898 if (content)
899 {
900 str_size = strlen(content);
901 memset(content_buf, 0, sizeof(content_buf));
902 memcpy(content_buf, (void *)content, str_size);
903 if (atoi(content_buf) != 0)
904 {
905 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE;
906 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo
907 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port;
908 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi
909 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf);
910 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0;
911 IPACMDBG_H("\n tcp source port from %d to %d \n",
912 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo,
913 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi);
914 }
915 else
916 {
917 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT;
918 IPACMDBG_H("\n tcp source port= %d \n",
919 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port);
920 }
921 }
922 }
923 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestination_TAG))
924 {
925 /* go to child */
926 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
927 }
928 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestinationPort_TAG))
929 {
930 content = IPACM_read_content_element(xml_node);
931 if (content)
932 {
933 str_size = strlen(content);
934 memset(content_buf, 0, sizeof(content_buf));
935 memcpy(content_buf, (void *)content, str_size);
936 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port
937 = atoi(content_buf);
938 }
939 }
940 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCPDestinationRange_TAG))
941 {
942 content = IPACM_read_content_element(xml_node);
943 if (content)
944 {
945 str_size = strlen(content);
946 memset(content_buf, 0, sizeof(content_buf));
947 memcpy(content_buf, (void *)content, str_size);
948 if(atoi(content_buf)!=0)
949 {
950 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE;
951 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo
952 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port;
953 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi
954 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf);
955 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0;
956 IPACMDBG_H("\n tcp dest port from %d to %d \n",
957 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo,
958 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi);
959 }
960 else
961 {
962 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT;
963 IPACMDBG_H("\n tcp dest port= %d \n",
964 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port);
965 }
966 }
967 }
968 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSource_TAG))
969 {
970 /* go to child */
971 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
972 }
973 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSourcePort_TAG))
974 {
975 content = IPACM_read_content_element(xml_node);
976 if (content)
977 {
978 str_size = strlen(content);
979 memset(content_buf, 0, sizeof(content_buf));
980 memcpy(content_buf, (void *)content, str_size);
981 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port
982 = atoi(content_buf);
983 }
984 }
985 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPSourceRange_TAG))
986 {
987 content = IPACM_read_content_element(xml_node);
988 if (content)
989 {
990 str_size = strlen(content);
991 memset(content_buf, 0, sizeof(content_buf));
992 memcpy(content_buf, (void *)content, str_size);
993 if(atoi(content_buf)!=0)
994 {
995 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE;
996 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo
997 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port;
998 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi
999 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf);
1000 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0;
1001 IPACMDBG_H("\n udp source port from %d to %d \n",
1002 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo,
1003 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi);
1004 }
1005 else
1006 {
1007 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT;
1008 IPACMDBG_H("\n udp source port= %d \n",
1009 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port);
1010 }
1011 }
1012 }
1013 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestination_TAG))
1014 {
1015 /* go to child */
1016 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
1017 }
1018 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestinationPort_TAG))
1019 {
1020 content = IPACM_read_content_element(xml_node);
1021 if (content)
1022 {
1023 str_size = strlen(content);
1024 memset(content_buf, 0, sizeof(content_buf));
1025 memcpy(content_buf, (void *)content, str_size);
1026 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port
1027 = atoi(content_buf);
1028 }
1029 }
1030 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, UDPDestinationRange_TAG))
1031 {
1032 content = IPACM_read_content_element(xml_node);
1033 if (content)
1034 {
1035 str_size = strlen(content);
1036 memset(content_buf, 0, sizeof(content_buf));
1037 memcpy(content_buf, (void *)content, str_size);
1038 if(atoi(content_buf)!=0)
1039 {
1040 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE;
1041 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo
1042 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port;
1043 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi
1044 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf);
1045 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0;
1046 IPACMDBG_H("\n UDP dest port from %d to %d \n",
1047 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo,
1048 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi);
1049 }
1050 else
1051 {
1052 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT;
1053 IPACMDBG_H("\n UDP dest port= %d \n",
1054 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port);
1055 }
1056 }
1057 }
1058 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ICMPType_TAG))
1059 {
1060 content = IPACM_read_content_element(xml_node);
1061 if (content)
1062 {
1063 str_size = strlen(content);
1064 memset(content_buf, 0, sizeof(content_buf));
1065 memcpy(content_buf, (void *)content, str_size);
1066 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.type = atoi(content_buf);
1067 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_TYPE;
1068 IPACMDBG_H("\n icmp type is %d \n",
1069 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.type);
1070 }
1071 }
1072 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ICMPCode_TAG))
1073 {
1074 content = IPACM_read_content_element(xml_node);
1075 if (content)
1076 {
1077 str_size = strlen(content);
1078 memset(content_buf, 0, sizeof(content_buf));
1079 memcpy(content_buf, (void *)content, str_size);
1080 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.code = atoi(content_buf);
1081 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_CODE;
1082 IPACMDBG_H("\n icmp code is %d \n",
1083 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.code);
1084 }
1085 }
1086 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, ESPSPI_TAG))
1087 {
1088 content = IPACM_read_content_element(xml_node);
1089 if (content)
1090 {
1091 str_size = strlen(content);
1092 memset(content_buf, 0, sizeof(content_buf));
1093 memcpy(content_buf, (void *)content, str_size);
1094 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.spi = atoi(content_buf);
1095 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SPI;
1096 IPACMDBG_H("\n esp spi is %d \n",
1097 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.spi);
1098 }
1099 }
1100 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSource_TAG))
1101 {
1102 /* go to child */
1103 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
1104 }
1105 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSourcePort_TAG))
1106 {
1107 content = IPACM_read_content_element(xml_node);
1108 if (content)
1109 {
1110 str_size = strlen(content);
1111 memset(content_buf, 0, sizeof(content_buf));
1112 memcpy(content_buf, (void *)content,str_size);
1113 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port
1114 = atoi(content_buf);
1115 }
1116 }
1117 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPSourceRange_TAG))
1118 {
1119 content = IPACM_read_content_element(xml_node);
1120 if (content)
1121 {
1122 str_size = strlen(content);
1123 memset(content_buf, 0, sizeof(content_buf));
1124 memcpy(content_buf, (void *)content, str_size);
1125 if(atoi(content_buf)!=0)
1126 {
1127 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT_RANGE;
1128 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo
1129 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port;
1130 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi
1131 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port + atoi(content_buf);
1132 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port = 0;
1133 IPACMDBG_H("\n tcp_udp source port from %d to %d \n",
1134 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_lo,
1135 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port_hi);
1136 }
1137 else
1138 {
1139 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_SRC_PORT;
1140 IPACMDBG_H("\n tcp_udp source port= %d \n",
1141 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.src_port);
1142
1143 }
1144 }
1145 }
1146 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestination_TAG))
1147 {
1148 ret_val = IPACM_firewall_xml_parse_tree(xml_node->children, config);
1149 }
1150 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestinationPort_TAG))
1151 {
1152 content = IPACM_read_content_element(xml_node);
1153 if (content)
1154 {
1155 str_size = strlen(content);
1156 memset(content_buf, 0, sizeof(content_buf));
1157 memcpy(content_buf, (void *)content, str_size);
1158 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port
1159 = atoi(content_buf);
1160 }
1161 }
1162 else if (0 == IPACM_util_icmp_string((char*)xml_node->name, TCP_UDPDestinationRange_TAG))
1163 {
1164 content = IPACM_read_content_element(xml_node);
1165 if (content)
1166 {
1167 str_size = strlen(content);
1168 memset(content_buf, 0, sizeof(content_buf));
1169 memcpy(content_buf, (void *)content, str_size);
1170 if(atoi(content_buf)!=0)
1171 {
1172 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT_RANGE;
1173 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo
1174 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port;
1175 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi
1176 = config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port + atoi(content_buf);
1177 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port = 0;
1178 IPACMDBG_H("\n tcp_udp dest port from %d to %d \n",
1179 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_lo,
1180 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port_hi);
1181 }
1182 else
1183 {
1184 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.attrib_mask |= IPA_FLT_DST_PORT;
1185 IPACMDBG_H("\n tcp_udp dest port= %d \n",
1186 config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.dst_port);
1187 }
1188 }
1189 }
1190 }
1191 break;
1192
1193 default:
1194 break;
1195 }
1196 /* go to sibling */
1197 xml_node = xml_node->next;
1198 } /* end while */
1199 return ret_val;
1200 }
1201