ipmon.c - OpenGrok cross reference for /illumos-gate/usr/src/cmd/ipf/tools/ipmon.c

Deleted Added

sdiffudifftextold ( 049fa28a )new ( ab25eeb5 )

ipmon.c (049fa28a)	ipmon.c (ab25eeb5)
1/* 2 * Copyright (C) 1993-2001, 2003 by Darren Reed. 3 * 4 * See the IPFILTER.LICENCE file for details on licencing. 5 * 6 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 7 * Use is subject to license terms. 8 / --- 15 unchanged lines hidden* (view full) --- 24#include <sys/socket.h> 25#include <sys/ioctl.h> 26 27#include <stdio.h> 28#include <unistd.h> 29#include <string.h> 30#include <fcntl.h> 31#include <errno.h>	1/* 2 * Copyright (C) 1993-2001, 2003 by Darren Reed. 3 * 4 * See the IPFILTER.LICENCE file for details on licencing. 5 * 6 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 7 * Use is subject to license terms. 8 / --- 15 unchanged lines hidden* (view full) --- 24#include <sys/socket.h> 25#include <sys/ioctl.h> 26 27#include <stdio.h> 28#include <unistd.h> 29#include <string.h> 30#include <fcntl.h> 31#include <errno.h>
	32#include <time.h>
32#if !defined(__SVR4) && !defined(__svr4__) 33# if (__FreeBSD_version >= 300000) 34# include <sys/dirent.h> 35# else 36# include <sys/dir.h> 37# endif 38#else 39# include <sys/filio.h> --- 4 unchanged lines hidden (view full) --- 44#endif 45#include <signal.h> 46#include <stdlib.h> 47#include <stddef.h> 48#include <netinet/in.h> 49#include <netinet/in_systm.h> 50#include <net/if.h> 51#include <netinet/ip.h>	33#if !defined(__SVR4) && !defined(__svr4__) 34# if (__FreeBSD_version >= 300000) 35# include <sys/dirent.h> 36# else 37# include <sys/dir.h> 38# endif 39#else 40# include <sys/filio.h> --- 4 unchanged lines hidden (view full) --- 45#endif 46#include <signal.h> 47#include <stdlib.h> 48#include <stddef.h> 49#include <netinet/in.h> 50#include <netinet/in_systm.h> 51#include <net/if.h> 52#include <netinet/ip.h>
52#if !defined(__hpux)	53#if !defined(__hpux) && !defined(linux)
53# include <netinet/tcp_fsm.h> 54#endif 55#include <netdb.h> 56#include <arpa/inet.h> 57#include <arpa/nameser.h> 58#ifdef __hpux 59# undef NOERROR 60#endif 61#include <resolv.h> 62	54# include <netinet/tcp_fsm.h> 55#endif 56#include <netdb.h> 57#include <arpa/inet.h> 58#include <arpa/nameser.h> 59#ifdef __hpux 60# undef NOERROR 61#endif 62#include <resolv.h> 63
63#include <sys/protosw.h> 64#include <netinet/ip_var.h>	64#if !defined(linux) 65# include <sys/protosw.h> 66# include <netinet/ip_var.h> 67#endif
65 66#include <netinet/tcp.h> 67#include <netinet/ip_icmp.h> 68 69#include <ctype.h> 70#include <syslog.h> 71	68 69#include <netinet/tcp.h> 70#include <netinet/ip_icmp.h> 71 72#include <ctype.h> 73#include <syslog.h> 74
72#include <netinet/tcpip.h> 73 74#if SOLARIS2 >= 10 75#include "ip_compat.h" 76#include "ip_fil.h" 77#include "ip_nat.h" 78#include "ip_state.h" 79#include "ip_proxy.h" 80#else
81#include "netinet/ip_compat.h"	75#include "netinet/ip_compat.h"
	76#include <netinet/tcpip.h>
82#include "netinet/ip_fil.h" 83#include "netinet/ip_nat.h" 84#include "netinet/ip_state.h" 85#include "netinet/ip_proxy.h"	77#include "netinet/ip_fil.h" 78#include "netinet/ip_nat.h" 79#include "netinet/ip_state.h" 80#include "netinet/ip_proxy.h"
86#endif
87#include "ipmon.h" 88 89#if !defined(lint) 90static const char sccsid[] = "@(#)ipmon.c 1.21 6/5/96 (C)1993-2000 Darren Reed";	81#include "ipmon.h" 82 83#if !defined(lint) 84static const char sccsid[] = "@(#)ipmon.c 1.21 6/5/96 (C)1993-2000 Darren Reed";
91static const char rcsid[] = "@(#)$Id: ipmon.c,v 1.22 2003/06/14 02:56:57 darrenr Exp $";	85static const char rcsid[] = "@(#)$Id: ipmon.c,v 1.33.2.10 2005/06/18 02:41:35 darrenr Exp $";
92#endif 93 94 95#if defined(sun) && !defined(SOLARIS2) 96#define STRERROR(x) sys_errlist[x] 97extern char sys_errlist[]; 98#else 99#define STRERROR(x) strerror(x) --- 41 unchanged lines hidden* (view full) --- 141static char pidfile = "/var/run/ipmon.pid"; 142# else 143static char pidfile = "/etc/ipmon.pid"; 144# endif 145#endif 146 147static char line[2048]; 148static int opts = 0;	86#endif 87 88 89#if defined(sun) && !defined(SOLARIS2) 90#define STRERROR(x) sys_errlist[x] 91extern char sys_errlist[]; 92#else 93#define STRERROR(x) strerror(x) --- 41 unchanged lines hidden* (view full) --- 135static char pidfile = "/var/run/ipmon.pid"; 136# else 137static char pidfile = "/etc/ipmon.pid"; 138# endif 139#endif 140 141static char line[2048]; 142static int opts = 0;
149static FILE *newlog = NULL;
150static char logfile = NULL; 151static FILE binarylog = NULL;	143static char logfile = NULL; 144static FILE binarylog = NULL;
152static FILE *newbinarylog = NULL;
153static char binarylogfile = NULL; 154static int donehup = 0; 155static void usage __P((char )); 156static void handlehup __P((int)); 157static void flushlogs __P((char , FILE )); 158static void print_log __P((int, FILE , char , int)); 159static void print_ipflog __P((FILE , char , int)); 160static void print_natlog __P((FILE , char , int)); --- 235 unchanged lines hidden (view full) --- 396 return it; 397 return NULL; 398} 399 400 401static void handlehup(sig) 402int sig; 403{	145static char binarylogfile = NULL; 146static int donehup = 0; 147static void usage __P((char )); 148static void handlehup __P((int)); 149static void flushlogs __P((char , FILE )); 150static void print_log __P((int, FILE , char , int)); 151static void print_ipflog __P((FILE , char , int)); 152static void print_natlog __P((FILE , char , int)); --- 235 unchanged lines hidden (view full) --- 388 return it; 389 return NULL; 390} 391 392 393static void handlehup(sig) 394int sig; 395{
404 FILE fp; 405*
406 signal(SIGHUP, handlehup);	396 signal(SIGHUP, handlehup);
407 if (logfile && (fp = fopen(logfile, "a"))) 408 newlog = fp; 409 if (binarylogfile && (fp = fopen(binarylogfile, "a"))) 410 newbinarylog = fp; 411 init_tabs(); 412 if (conf_file) 413 if (load_config(conf_file) == -1) 414 exit(1);
415 donehup = 1; 416} 417 418 419static void init_tabs() 420{ 421 struct protoent p; 422* struct servent s; --- 14 unchanged lines hidden* (view full) --- 437 bzero((char )protocols, 256 sizeof(protocols)); 438* 439 setprotoent(1); 440 while ((p = getprotoent()) != NULL) 441 if (p->p_proto >= 0 && p->p_proto <= 255 && 442 p->p_name != NULL && protocols[p->p_proto] == NULL) 443 protocols[p->p_proto] = strdup(p->p_name); 444 endprotoent();	397 donehup = 1; 398} 399 400 401static void init_tabs() 402{ 403 struct protoent p; 404* struct servent s; --- 14 unchanged lines hidden* (view full) --- 419 bzero((char )protocols, 256 sizeof(protocols)); 420* 421 setprotoent(1); 422 while ((p = getprotoent()) != NULL) 423 if (p->p_proto >= 0 && p->p_proto <= 255 && 424 p->p_name != NULL && protocols[p->p_proto] == NULL) 425 protocols[p->p_proto] = strdup(p->p_name); 426 endprotoent();
	427#if defined(_AIX51) 428 if (protocols[0]) 429 free(protocols[0]); 430 if (protocols[252]) 431 free(protocols[252]); 432 protocols[0] = "ip"; 433 protocols[252] = NULL; 434#endif
445 } 446 447 if (udp_ports != NULL) { 448 for (i = 0; i < 65536; i++) 449 if (udp_ports[i] != NULL) { 450 free(udp_ports[i]); 451 udp_ports[i] = NULL; 452 } --- 220 unchanged lines hidden (view full) --- 673 } 674 sprintf((char )t, "%02x", s & 0xff); 675 t += 2; 676 if (!((j + 1) & 0xf)) { 677 s -= 15; 678 sprintf((char )t, " "); 679* t += 8; 680 for (k = 16; k; k--, s++)	435 } 436 437 if (udp_ports != NULL) { 438 for (i = 0; i < 65536; i++) 439 if (udp_ports[i] != NULL) { 440 free(udp_ports[i]); 441 udp_ports[i] = NULL; 442 } --- 220 unchanged lines hidden (view full) --- 663 } 664 sprintf((char )t, "%02x", s & 0xff); 665 t += 2; 666 if (!((j + 1) & 0xf)) { 667 s -= 15; 668 sprintf((char )t, " "); 669* t += 8; 670 for (k = 16; k; k--, s++)
681 t++ = (isprint(s) ? *s : '.');	671 t++ = (ISPRINT(s) ? *s : '.');
682 s--; 683 } 684 685 if ((j + 1) & 0xf) 686 t++ = ' ';; 687* } 688 689 if (j & 0xf) { 690 for (k = 16 - (j & 0xf); k; k--) { 691 t++ = ' '; 692* t++ = ' '; 693* t++ = ' '; 694* } 695 sprintf((char )t, " "); 696* t += 7; 697 s -= j & 0xf; 698 for (k = j & 0xf; k; k--, s++)	672 s--; 673 } 674 675 if ((j + 1) & 0xf) 676 t++ = ' ';; 677* } 678 679 if (j & 0xf) { 680 for (k = 16 - (j & 0xf); k; k--) { 681 t++ = ' '; 682* t++ = ' '; 683* t++ = ' '; 684* } 685 sprintf((char )t, " "); 686* t += 7; 687 s -= j & 0xf; 688 for (k = j & 0xf; k; k--, s++)
699 t++ = (isprint(s) ? *s : '.');	689 t++ = (ISPRINT(s) ? *s : '.');
700 t++ = '\n'; 701* t = '\0'; 702* } 703 if (!(dopts & OPT_SYSLOG)) { 704 fputs(hline, log); 705 fflush(log); 706 } else 707 syslog(LOG_INFO, "%s", hline); --- 74 unchanged lines hidden (view full) --- 782 if (nl->nl_type == NL_EXPIRE) { 783#ifdef USE_QUAD_T 784 (void) sprintf(t, " Pkts %qd/%qd Bytes %qd/%qd", 785 (long long)nl->nl_pkts[0], 786 (long long)nl->nl_pkts[1], 787 (long long)nl->nl_bytes[0], 788 (long long)nl->nl_bytes[1]); 789#else	690 t++ = '\n'; 691* t = '\0'; 692* } 693 if (!(dopts & OPT_SYSLOG)) { 694 fputs(hline, log); 695 fflush(log); 696 } else 697 syslog(LOG_INFO, "%s", hline); --- 74 unchanged lines hidden (view full) --- 772 if (nl->nl_type == NL_EXPIRE) { 773#ifdef USE_QUAD_T 774 (void) sprintf(t, " Pkts %qd/%qd Bytes %qd/%qd", 775 (long long)nl->nl_pkts[0], 776 (long long)nl->nl_pkts[1], 777 (long long)nl->nl_bytes[0], 778 (long long)nl->nl_bytes[1]); 779#else
790 (void) sprintf(t, " Pkts %ld Bytes %ld",	780 (void) sprintf(t, " Pkts %ld/%ld Bytes %ld/%ld",
791 nl->nl_pkts[0], nl->nl_pkts[1], 792 nl->nl_bytes[0], nl->nl_bytes[1]); 793#endif 794 t += strlen(t); 795 } 796 797 t++ = '\n'; 798* t++ = '\0'; --- 72 unchanged lines hidden* (view full) --- 871 sl->isl_itype); 872 } else if (sl->isl_p == IPPROTO_ICMPV6) { 873 (void) sprintf(t, "%s -> ", hostname(res, sl->isl_v, 874 (u_32_t )&sl->isl_src)); 875* t += strlen(t); 876 (void) sprintf(t, "%s PR icmpv6 %d", 877 hostname(res, sl->isl_v, (u_32_t )&sl->isl_dst), 878* sl->isl_itype);	781 nl->nl_pkts[0], nl->nl_pkts[1], 782 nl->nl_bytes[0], nl->nl_bytes[1]); 783#endif 784 t += strlen(t); 785 } 786 787 t++ = '\n'; 788* t++ = '\0'; --- 72 unchanged lines hidden* (view full) --- 861 sl->isl_itype); 862 } else if (sl->isl_p == IPPROTO_ICMPV6) { 863 (void) sprintf(t, "%s -> ", hostname(res, sl->isl_v, 864 (u_32_t )&sl->isl_src)); 865* t += strlen(t); 866 (void) sprintf(t, "%s PR icmpv6 %d", 867 hostname(res, sl->isl_v, (u_32_t )&sl->isl_dst), 868* sl->isl_itype);
	869 } else { 870 (void) sprintf(t, "%s -> ", 871 hostname(res, sl->isl_v, (u_32_t )&sl->isl_src)); 872* t += strlen(t); 873 (void) sprintf(t, "%s PR %s", 874 hostname(res, sl->isl_v, (u_32_t )&sl->isl_dst), 875* proto);
879 } 880 t += strlen(t); 881 if (sl->isl_tag != FR_NOLOGTAG) { 882 (void) sprintf(t, " tag %u", sl->isl_tag); 883 t += strlen(t); 884 } 885 if (sl->isl_type != ISL_NEW) { 886 sprintf(t, 887#ifdef USE_QUAD_T	876 } 877 t += strlen(t); 878 if (sl->isl_tag != FR_NOLOGTAG) { 879 (void) sprintf(t, " tag %u", sl->isl_tag); 880 t += strlen(t); 881 } 882 if (sl->isl_type != ISL_NEW) { 883 sprintf(t, 884#ifdef USE_QUAD_T
	885#ifdef PRId64 886 " Forward: Pkts in %" PRId64 " Bytes in %" PRId64 887 " Pkts out %" PRId64 " Bytes out %" PRId64 888 " Backward: Pkts in %" PRId64 " Bytes in %" PRId64 889 " Pkts out %" PRId64 " Bytes out %" PRId64, 890#else
888 " Forward: Pkts in %qd Bytes in %qd Pkts out %qd Bytes out %qd Backward: Pkts in %qd Bytes in %qd Pkts out %qd Bytes out %qd",	891 " Forward: Pkts in %qd Bytes in %qd Pkts out %qd Bytes out %qd Backward: Pkts in %qd Bytes in %qd Pkts out %qd Bytes out %qd",
	892#endif /* PRId64 */
889#else 890 " Forward: Pkts in %ld Bytes in %ld Pkts out %ld Bytes out %ld Backward: Pkts in %ld Bytes in %ld Pkts out %ld Bytes out %ld", 891#endif 892 sl->isl_pkts[0], sl->isl_bytes[0], 893 sl->isl_pkts[1], sl->isl_bytes[1], 894 sl->isl_pkts[2], sl->isl_bytes[2], 895 sl->isl_pkts[3], sl->isl_bytes[3]); 896 --- 42 unchanged lines hidden (view full) --- 939 break; 940 941 if (binarylog) { 942 fwrite(buf, psize, 1, binarylog); 943 fflush(binarylog); 944 } 945 946 if (logtype == IPL_LOGIPF) {	893#else 894 " Forward: Pkts in %ld Bytes in %ld Pkts out %ld Bytes out %ld Backward: Pkts in %ld Bytes in %ld Pkts out %ld Bytes out %ld", 895#endif 896 sl->isl_pkts[0], sl->isl_bytes[0], 897 sl->isl_pkts[1], sl->isl_bytes[1], 898 sl->isl_pkts[2], sl->isl_bytes[2], 899 sl->isl_pkts[3], sl->isl_bytes[3]); 900 --- 42 unchanged lines hidden (view full) --- 943 break; 944 945 if (binarylog) { 946 fwrite(buf, psize, 1, binarylog); 947 fflush(binarylog); 948 } 949 950 if (logtype == IPL_LOGIPF) {
947 if (ipl->ipl_magic != IPL_MAGIC) { 948 /* invalid data or out of sync / 949* break; 950 } 951 print_ipflog(log, buf, psize);	951 if (ipl->ipl_magic == IPL_MAGIC) 952 print_ipflog(log, buf, psize);
952 953 } else if (logtype == IPL_LOGNAT) {	953 954 } else if (logtype == IPL_LOGNAT) {
954 if (ipl->ipl_magic != IPL_MAGIC) { 955 /* invalid data or out of sync / 956* break; 957 } 958 print_natlog(log, buf, psize);	955 if (ipl->ipl_magic == IPL_MAGIC_NAT) 956 print_natlog(log, buf, psize);
959 960 } else if (logtype == IPL_LOGSTATE) {	957 958 } else if (logtype == IPL_LOGSTATE) {
961 if (ipl->ipl_magic != IPL_MAGIC) { 962 /* invalid data or out of sync / 963* break; 964 } 965 print_statelog(log, buf, psize);	959 if (ipl->ipl_magic == IPL_MAGIC_STATE) 960 print_statelog(log, buf, psize);
966 } 967 968 blen -= psize; 969 buf += psize; 970 } 971 if (bp) 972 free(bp); 973 return; --- 5 unchanged lines hidden (view full) --- 979char buf; 980int blen; 981{ 982* tcphdr_t tp; 983* struct icmp ic; 984* struct icmp icmp; 985* struct tm tm; 986* char t, proto;	961 } 962 963 blen -= psize; 964 buf += psize; 965 } 966 if (bp) 967 free(bp); 968 return; --- 5 unchanged lines hidden (view full) --- 974char buf; 975int blen; 976{ 977* tcphdr_t tp; 978* struct icmp ic; 979* struct icmp icmp; 980* struct tm tm; 981* char t, proto;
987 int i, v, lvl, res, len, off, plen, ipoff; 988 u_32_t s, d, cmdflags;	982 int i, v, lvl, res, len, off, plen, ipoff, defaction;
989 ip_t ipc, ip;	983 ip_t ipc, ip;
	984 u_32_t s, d;
990 u_short hl, p; 991 ipflog_t ipf; 992* iplog_t ipl; 993#ifdef USE_INET6 994* ip6_t ip6; 995#endif 996* 997 ipl = (iplog_t )buf; --- 17 unchanged lines hidden* (view full) --- 1015 (void) sprintf(t, ".%-.6ld ", ipl->ipl_usec); 1016 t += strlen(t); 1017 if (ipl->ipl_count > 1) { 1018 (void) sprintf(t, "%dx ", ipl->ipl_count); 1019 t += strlen(t); 1020 } 1021#if (defined(MENTAT) \|\| \ 1022 (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199603)) \|\| \	985 u_short hl, p; 986 ipflog_t ipf; 987* iplog_t ipl; 988#ifdef USE_INET6 989* ip6_t ip6; 990#endif 991* 992 ipl = (iplog_t )buf; --- 17 unchanged lines hidden* (view full) --- 1010 (void) sprintf(t, ".%-.6ld ", ipl->ipl_usec); 1011 t += strlen(t); 1012 if (ipl->ipl_count > 1) { 1013 (void) sprintf(t, "%dx ", ipl->ipl_count); 1014 t += strlen(t); 1015 } 1016#if (defined(MENTAT) \|\| \ 1017 (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199603)) \|\| \
	1018 (defined(__FreeBSD__) && (__FreeBSD_version >= 501113)) \|\| \
1023 (defined(OpenBSD) && (OpenBSD >= 199603))) \|\| defined(linux) 1024 { 1025 char ifname[sizeof(ipf->fl_ifname) + 1]; 1026 1027 strncpy(ifname, ipf->fl_ifname, sizeof(ipf->fl_ifname)); 1028 ifname[sizeof(ipf->fl_ifname)] = '\0'; 1029 (void) sprintf(t, "%s", ifname); 1030 t += strlen(t);	1019 (defined(OpenBSD) && (OpenBSD >= 199603))) \|\| defined(linux) 1020 { 1021 char ifname[sizeof(ipf->fl_ifname) + 1]; 1022 1023 strncpy(ifname, ipf->fl_ifname, sizeof(ipf->fl_ifname)); 1024 ifname[sizeof(ipf->fl_ifname)] = '\0'; 1025 (void) sprintf(t, "%s", ifname); 1026 t += strlen(t);
1031# if defined(MENTAT) 1032 if (isalpha(*(t - 1))) {	1027# if defined(MENTAT) \|\| defined(linux) 1028 if (ISALPHA(*(t - 1))) {
1033 sprintf(t, "%d", ipf->fl_unit); 1034 t += strlen(t); 1035 } 1036# endif 1037 } 1038#else 1039 for (len = 0; len < 3; len++) 1040 if (ipf->fl_ifname[len] == '\0') 1041 break; 1042 if (ipf->fl_ifname[len]) 1043 len++; 1044 (void) sprintf(t, "%.s%u", len, len, ipf->fl_ifname, ipf->fl_unit); 1045 t += strlen(t); 1046#endif	1029 sprintf(t, "%d", ipf->fl_unit); 1030 t += strlen(t); 1031 } 1032# endif 1033 } 1034#else 1035 for (len = 0; len < 3; len++) 1036 if (ipf->fl_ifname[len] == '\0') 1037 break; 1038 if (ipf->fl_ifname[len]) 1039 len++; 1040 (void) sprintf(t, "%.s%u", len, len, ipf->fl_ifname, ipf->fl_unit); 1041 t += strlen(t); 1042#endif
	1043#if defined(__sgi) \|\| defined(_AIX51) \|\| defined(__powerpc__) \|\| \ 1044 defined(__arm__) 1045 if ((ipf->fl_group[0] == 255) && (ipf->fl_group[1] == '\0')) 1046#else
1047 if ((ipf->fl_group[0] == -1) && (ipf->fl_group[1] == '\0'))	1047 if ((ipf->fl_group[0] == -1) && (ipf->fl_group[1] == '\0'))
	1048#endif
1048 strcat(t, " @-1:"); 1049 else if (ipf->fl_group[0] == '\0') 1050 (void) strcpy(t, " @0:"); 1051 else 1052 (void) sprintf(t, " @%s:", ipf->fl_group); 1053 t += strlen(t); 1054 if (ipf->fl_rule == 0xffffffff) 1055 strcat(t, "-1 "); 1056 else 1057 (void) sprintf(t, "%u ", ipf->fl_rule + 1); 1058 t += strlen(t); 1059 1060 lvl = LOG_NOTICE; 1061 1062 if (ipf->fl_lflags & FI_SHORT) { 1063 t++ = 'S'; 1064* lvl = LOG_ERR; 1065 } 1066	1049 strcat(t, " @-1:"); 1050 else if (ipf->fl_group[0] == '\0') 1051 (void) strcpy(t, " @0:"); 1052 else 1053 (void) sprintf(t, " @%s:", ipf->fl_group); 1054 t += strlen(t); 1055 if (ipf->fl_rule == 0xffffffff) 1056 strcat(t, "-1 "); 1057 else 1058 (void) sprintf(t, "%u ", ipf->fl_rule + 1); 1059 t += strlen(t); 1060 1061 lvl = LOG_NOTICE; 1062 1063 if (ipf->fl_lflags & FI_SHORT) { 1064 t++ = 'S'; 1065* lvl = LOG_ERR; 1066 } 1067
1067 cmdflags = ipf->fl_flags & FR_CMDMASK;
1068 if (FR_ISPASS(ipf->fl_flags)) { 1069 if (ipf->fl_flags & FR_LOGP) 1070 t++ = 'p'; 1071* else 1072 t++ = 'P'; 1073* } else if (FR_ISBLOCK(ipf->fl_flags)) { 1074 if (ipf->fl_flags & FR_LOGB) 1075 t++ = 'b'; --- 18 unchanged lines hidden* (view full) --- 1094#ifdef USE_INET6 1095 off = 0; 1096 ipoff = 0; 1097 hl = sizeof(ip6_t); 1098 ip6 = (ip6_t )ip; 1099* p = (u_short)ip6->ip6_nxt; 1100 s = (u_32_t )&ip6->ip6_src; 1101* d = (u_32_t *)&ip6->ip6_dst;	1068 if (FR_ISPASS(ipf->fl_flags)) { 1069 if (ipf->fl_flags & FR_LOGP) 1070 t++ = 'p'; 1071* else 1072 t++ = 'P'; 1073* } else if (FR_ISBLOCK(ipf->fl_flags)) { 1074 if (ipf->fl_flags & FR_LOGB) 1075 t++ = 'b'; --- 18 unchanged lines hidden* (view full) --- 1094#ifdef USE_INET6 1095 off = 0; 1096 ipoff = 0; 1097 hl = sizeof(ip6_t); 1098 ip6 = (ip6_t )ip; 1099* p = (u_short)ip6->ip6_nxt; 1100 s = (u_32_t )&ip6->ip6_src; 1101* d = (u_32_t *)&ip6->ip6_dst;
1102 plen = ntohs(ip6->ip6_plen);	1102 plen = hl + ntohs(ip6->ip6_plen);
1103#else 1104 sprintf(t, "ipv6"); 1105 goto printipflog; 1106#endif 1107 } else if (v == 4) { 1108 hl = IP_HL(ip) << 2; 1109 ipoff = ip->ip_off; 1110 off = ipoff & IP_OFFMASK; --- 102 unchanged lines hidden (view full) --- 1213 (void) sprintf(t, " for %s -", 1214 HOSTNAME_V4(res, ipc->ip_src)); 1215 t += strlen(t); 1216 (void) sprintf(t, " %s PR %s len %hu (%hu)", 1217 HOSTNAME_V4(res, ipc->ip_dst), proto, 1218 IP_HL(ipc) << 2, i); 1219 t += strlen(t); 1220 if (ipoff & IP_OFFMASK) {	1103#else 1104 sprintf(t, "ipv6"); 1105 goto printipflog; 1106#endif 1107 } else if (v == 4) { 1108 hl = IP_HL(ip) << 2; 1109 ipoff = ip->ip_off; 1110 off = ipoff & IP_OFFMASK; --- 102 unchanged lines hidden (view full) --- 1213 (void) sprintf(t, " for %s -", 1214 HOSTNAME_V4(res, ipc->ip_src)); 1215 t += strlen(t); 1216 (void) sprintf(t, " %s PR %s len %hu (%hu)", 1217 HOSTNAME_V4(res, ipc->ip_dst), proto, 1218 IP_HL(ipc) << 2, i); 1219 t += strlen(t); 1220 if (ipoff & IP_OFFMASK) {
1221 (void) sprintf(t, " frag %s%s%hu@%hu", 1222 ipoff & IP_MF ? "+" : "", 1223 ipoff & IP_DF ? "-" : "",	1221 (void) sprintf(t, 1222 "(frag %d:%hu@%hu%s%s)", 1223 ntohs(ipc->ip_id),
1224 i - (IP_HL(ipc) << 2),	1224 i - (IP_HL(ipc) << 2),
1225 (ipoff & IP_OFFMASK) << 3);	1225 (ipoff & IP_OFFMASK) << 3, 1226 ipoff & IP_MF ? "+" : "", 1227 ipoff & IP_DF ? "-" : "");
1226 } 1227 } 1228 1229 } 1230 } else { 1231 (void) sprintf(t, "%s -> ", hostname(res, v, s)); 1232 t += strlen(t); 1233 (void) sprintf(t, "%s PR %s len %hu (%hu)", 1234 hostname(res, v, d), proto, hl, plen); 1235 t += strlen(t); 1236 if (off & IP_OFFMASK)	1228 } 1229 } 1230 1231 } 1232 } else { 1233 (void) sprintf(t, "%s -> ", hostname(res, v, s)); 1234 t += strlen(t); 1235 (void) sprintf(t, "%s PR %s len %hu (%hu)", 1236 hostname(res, v, d), proto, hl, plen); 1237 t += strlen(t); 1238 if (off & IP_OFFMASK)
1237 (void) sprintf(t, " frag %s%s%hu@%hu",	1239 (void) sprintf(t, " (frag %d:%hu@%hu%s%s)", 1240 ntohs(ip->ip_id), 1241 plen - hl, (off & IP_OFFMASK) << 3,
1238 ipoff & IP_MF ? "+" : "",	1242 ipoff & IP_MF ? "+" : "",
1239 ipoff & IP_DF ? "-" : "", 1240 plen - hl, (off & IP_OFFMASK) << 3);	1243 ipoff & IP_DF ? "-" : "");
1241 } 1242 t += strlen(t); 1243	1244 } 1245 t += strlen(t); 1246
	1247printipflog:
1244 if (ipf->fl_flags & FR_KEEPSTATE) { 1245 (void) strcpy(t, " K-S"); 1246 t += strlen(t); 1247 } 1248 1249 if (ipf->fl_flags & FR_KEEPFRAG) { 1250 (void) strcpy(t, " K-F"); 1251 t += strlen(t); 1252 } 1253 1254 if (ipf->fl_dir == 0) 1255 strcpy(t, " IN"); 1256 else if (ipf->fl_dir == 1) 1257 strcpy(t, " OUT"); 1258 t += strlen(t);	1248 if (ipf->fl_flags & FR_KEEPSTATE) { 1249 (void) strcpy(t, " K-S"); 1250 t += strlen(t); 1251 } 1252 1253 if (ipf->fl_flags & FR_KEEPFRAG) { 1254 (void) strcpy(t, " K-F"); 1255 t += strlen(t); 1256 } 1257 1258 if (ipf->fl_dir == 0) 1259 strcpy(t, " IN"); 1260 else if (ipf->fl_dir == 1) 1261 strcpy(t, " OUT"); 1262 t += strlen(t);
1259 if (ipf->fl_tag) { 1260 sprintf(t, " tag %d", ipf->fl_tag);	1263 if (ipf->fl_logtag != 0) { 1264 sprintf(t, " log-tag %d", ipf->fl_logtag);
1261 t += strlen(t); 1262 }	1265 t += strlen(t); 1266 }
1263printipflog:	1267 if (ipf->fl_nattag.ipt_num[0] != 0) { 1268 strcpy(t, " nat-tag "); 1269 t += strlen(t); 1270 strncpy(t, ipf->fl_nattag.ipt_tag, sizeof(ipf->fl_nattag)); 1271 t += strlen(t); 1272 } 1273 if ((ipf->fl_lflags & FI_LOWTTL) != 0) { 1274 strcpy(t, " low-ttl"); 1275 t += 8; 1276 } 1277 if ((ipf->fl_lflags & FI_OOW) != 0) { 1278 strcpy(t, " OOW"); 1279 t += 4; 1280 } 1281 if ((ipf->fl_lflags & FI_BAD) != 0) { 1282 strcpy(t, " bad"); 1283 t += 4; 1284 } 1285 if ((ipf->fl_lflags & FI_NATED) != 0) { 1286 strcpy(t, " NAT"); 1287 t += 4; 1288 } 1289 if ((ipf->fl_lflags & FI_BADNAT) != 0) { 1290 strcpy(t, " bad-NAT"); 1291 t += 8; 1292 } 1293 if ((ipf->fl_lflags & FI_BADSRC) != 0) { 1294 strcpy(t, " bad-src"); 1295 t += 8; 1296 } 1297 if ((ipf->fl_lflags & FI_MULTICAST) != 0) { 1298 strcpy(t, " multicast"); 1299 t += 10; 1300 } 1301 if ((ipf->fl_lflags & FI_BROADCAST) != 0) { 1302 strcpy(t, " broadcast"); 1303 t += 10; 1304 } 1305 if ((ipf->fl_lflags & (FI_MULTICAST\|FI_BROADCAST\|FI_MBCAST)) == 1306 FI_MBCAST) { 1307 strcpy(t, " mbcast"); 1308 t += 7; 1309 }
1264 t++ = '\n'; 1265* *t++ = '\0';	1310 t++ = '\n'; 1311* *t++ = '\0';
1266 if (opts & OPT_SYSLOG) 1267 syslog(lvl, "%s", line); 1268 else 1269 (void) fprintf(log, "%s", line); 1270 if (opts & OPT_HEXHDR) 1271 dumphex(log, opts, buf, sizeof(iplog_t) + sizeof(ipf)); 1272* if (opts & OPT_HEXBODY) 1273 dumphex(log, opts, (char )ip, ipf->fl_plen + ipf->fl_hlen); 1274* else if ((opts & OPT_LOGBODY) && (ipf->fl_flags & FR_LOGBODY)) 1275 dumphex(log, opts, (char )ip + ipf->fl_hlen, ipf->fl_plen); 1276* if (conf_file) 1277 check_action(buf, opts, line);	1312 defaction = 0; 1313 if (conf_file != NULL) 1314 defaction = check_action(buf, line, opts, lvl); 1315 if (defaction == 0) { 1316 if (opts & OPT_SYSLOG) 1317 syslog(lvl, "%s", line); 1318 else 1319 (void) fprintf(log, "%s", line); 1320 if (opts & OPT_HEXHDR) 1321 dumphex(log, opts, buf, 1322 sizeof(iplog_t) + sizeof(ipf)); 1323* if (opts & OPT_HEXBODY) 1324 dumphex(log, opts, (char )ip, 1325* ipf->fl_plen + ipf->fl_hlen); 1326 else if ((opts & OPT_LOGBODY) && (ipf->fl_flags & FR_LOGBODY)) 1327 dumphex(log, opts, (char )ip + ipf->fl_hlen, 1328* ipf->fl_plen); 1329 }
1278} 1279 1280 1281static void usage(prog) 1282char prog; 1283{ 1284* fprintf(stderr, "%s: [-abDFhnpstvxX] %s %s %s %s %s %s\n", 1285 prog, "[-N device]", "[ [-o [NSI]] [-O [NSI]]", --- 87 unchanged lines hidden (view full) --- 1373 1374 1375int main(argc, argv) 1376int argc; 1377char argv[]; 1378{ 1379* struct stat sb; 1380 FILE *log = stdout;	1330} 1331 1332 1333static void usage(prog) 1334char prog; 1335{ 1336* fprintf(stderr, "%s: [-abDFhnpstvxX] %s %s %s %s %s %s\n", 1337 prog, "[-N device]", "[ [-o [NSI]] [-O [NSI]]", --- 87 unchanged lines hidden (view full) --- 1425 1426 1427int main(argc, argv) 1428int argc; 1429char argv[]; 1430{ 1431* struct stat sb; 1432 FILE *log = stdout;
	1433 FILE *fp;
1381 int fd[3], doread, n, i; 1382 int tr, nr, regular[3], c; 1383 int fdt[3], devices = 0, make_daemon = 0; 1384 char buf[DEFAULT_IPFLOGSIZE], iplfile[3], s; 1385 extern int optind; 1386 extern char optarg; 1387* 1388 fd[0] = fd[1] = fd[2] = -1; --- 187 unchanged lines hidden (view full) --- 1576 doread = 0; 1577 } 1578 if (!tr) 1579 continue; 1580 nr += tr; 1581 1582 tr = read_log(fd[i], &n, buf, sizeof(buf)); 1583 if (donehup) {	1434 int fd[3], doread, n, i; 1435 int tr, nr, regular[3], c; 1436 int fdt[3], devices = 0, make_daemon = 0; 1437 char buf[DEFAULT_IPFLOGSIZE], iplfile[3], s; 1438 extern int optind; 1439 extern char optarg; 1440* 1441 fd[0] = fd[1] = fd[2] = -1; --- 187 unchanged lines hidden (view full) --- 1629 doread = 0; 1630 } 1631 if (!tr) 1632 continue; 1633 nr += tr; 1634 1635 tr = read_log(fd[i], &n, buf, sizeof(buf)); 1636 if (donehup) {
1584 donehup = 0; 1585 if (newlog) {	1637 if (logfile && (fp = fopen(logfile, "a"))) {
1586 fclose(log);	1638 fclose(log);
1587 log = newlog; 1588 newlog = NULL;	1639 log = fp;
1589 }	1640 }
1590 if (newbinarylog) {	1641 if (binarylogfile && (fp = fopen(binarylogfile, "a"))) {
1591 fclose(binarylog);	1642 fclose(binarylog);
1592 binarylog = newbinarylog; 1593 newbinarylog = NULL;	1643 binarylog = fp;
1594 }	1644 }
	1645 init_tabs(); 1646 if (conf_file != NULL) 1647 load_config(conf_file); 1648 donehup = 0;
1595 } 1596 1597 switch (tr) 1598 { 1599 case -1 : 1600 if (opts & OPT_SYSLOG) 1601 syslog(LOG_CRIT, "read: %m\n"); 1602 else --- 27 unchanged lines hidden ---	1649 } 1650 1651 switch (tr) 1652 { 1653 case -1 : 1654 if (opts & OPT_SYSLOG) 1655 syslog(LOG_CRIT, "read: %m\n"); 1656 else --- 27 unchanged lines hidden ---