+static int acl_checkhost(void *aa, struct in_addr addr, unsigned port)
+{
+ acl_host *a = aa;
+ return ((addr.s_addr & a->mask.s_addr) == a->addr.s_addr);
+}
+
+static void acl_dumphost(void *aa, FILE *fp)
+{
+ acl_host *a = aa;
+
+ fputs("from ", fp);
+ fputs(inet_ntoa(a->addr), fp);
+ fputc('/', fp);
+ fputs(inet_ntoa(a->mask), fp);
+}
+
+static void acl_freehost(void *aa)
+{
+ acl_host *a = aa;
+ DESTROY(a);
+}
+
+static const acl_ops acl_hostops = {
+ acl_checkhost, acl_dumphost, acl_freehost
+};
+
+void acl_addhost(acl_entry ***a, unsigned act,
+ struct in_addr addr, struct in_addr mask)
+{
+ acl_host *aa = CREATE(acl_host);
+ aa->a.next = 0;
+ aa->a.ops = &acl_hostops;
+ aa->a.act = act;
+ aa->addr.s_addr = addr.s_addr & mask.s_addr;
+ aa->mask = mask;
+ **a = &aa->a;
+ *a = &aa->a.next;
+}
+
+/* --- @acl_addpriv@ --- *
+ *
+ * Arguments: @acl_entry ***a@ = address of pointer to list tail
+ * @unsigned act@ = what to do with matching addresses
+ *
+ * Returns: ---
+ *
+ * Use: Adds a privileged-port check to the end of an access control
+ * list.
+ */
+
+static int acl_checkpriv(void *aa, struct in_addr addr, unsigned port)
+{
+ return (port < 1024);
+}
+
+static void acl_dumppriv(void *aa, FILE *fp)
+{
+ fputs("from privileged ports", fp);
+}
+
+static void acl_freepriv(void *aa)
+{
+ acl_entry *a = aa;
+ DESTROY(a);
+}
+
+static const acl_ops acl_privops = {
+ acl_checkpriv, acl_dumppriv, acl_freepriv
+};
+
+void acl_addpriv(acl_entry ***a, unsigned act)
+{
+ acl_entry *aa = CREATE(acl_entry);
+ aa->next = 0;
+ aa->ops = &acl_privops;
+ aa->act = act;
+ **a = aa;
+ *a = &aa->next;
+}