| ipnat.c (34ef97d0) | ipnat.c (f4b3ec61) |
|---|---|
| 1/* 2 * Copyright (C) 1993-2001 by Darren Reed. 3 * 4 * See the IPFILTER.LICENCE file for details on licencing. 5 * 6 * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) 7 * | 1/* 2 * Copyright (C) 1993-2001 by Darren Reed. 3 * 4 * See the IPFILTER.LICENCE file for details on licencing. 5 * 6 * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) 7 * |
| 8 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. | 8 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. |
| 9 * Use is subject to license terms. 10 */ 11 12#pragma ident "%Z%%M% %I% %E% SMI" 13 14#include <stdio.h> 15#include <string.h> 16#include <fcntl.h> --- 61 unchanged lines hidden (view full) --- 78#if SOLARIS 79#define bzero(a,b) memset(a,0,b) 80#endif 81int use_inet6 = 0; 82char thishost[MAXHOSTNAMELEN]; 83 84extern char *optarg; 85 | 9 * Use is subject to license terms. 10 */ 11 12#pragma ident "%Z%%M% %I% %E% SMI" 13 14#include <stdio.h> 15#include <string.h> 16#include <fcntl.h> --- 61 unchanged lines hidden (view full) --- 78#if SOLARIS 79#define bzero(a,b) memset(a,0,b) 80#endif 81int use_inet6 = 0; 82char thishost[MAXHOSTNAMELEN]; 83 84extern char *optarg; 85 |
| 86void dostats __P((natstat_t *, int)), flushtable __P((int, int)); | 86void dostats __P((int, natstat_t *, int, int)); 87void flushtable __P((int, int)); |
| 87void usage __P((char *)); 88int main __P((int, char*[])); 89void showhostmap __P((natstat_t *nsp)); 90void natstat_dead __P((natstat_t *, char *)); | 88void usage __P((char *)); 89int main __P((int, char*[])); 90void showhostmap __P((natstat_t *nsp)); 91void natstat_dead __P((natstat_t *, char *)); |
| 92void dostats_live __P((int, natstat_t *, int)); 93void showhostmap_live __P((int, natstat_t *)); |
|
| 91 92int opts; 93 94void usage(name) 95char *name; 96{ 97 fprintf(stderr, "Usage: %s [-CdFhlnrRsv] [-f filename]\n", name); 98 exit(1); --- 79 unchanged lines hidden (view full) --- 178 if (checkrev(IPL_NAME) == -1) { 179 fprintf(stderr, "User/kernel version check failed\n"); 180 exit(1); 181 } 182 } 183 184 185 if (!(opts & OPT_DONOTHING) && (kernel == NULL) && (core == NULL)) { | 94 95int opts; 96 97void usage(name) 98char *name; 99{ 100 fprintf(stderr, "Usage: %s [-CdFhlnrRsv] [-f filename]\n", name); 101 exit(1); --- 79 unchanged lines hidden (view full) --- 181 if (checkrev(IPL_NAME) == -1) { 182 fprintf(stderr, "User/kernel version check failed\n"); 183 exit(1); 184 } 185 } 186 187 188 if (!(opts & OPT_DONOTHING) && (kernel == NULL) && (core == NULL)) { |
| 189#ifdef notdef |
|
| 186 if (openkmem(kernel, core) == -1) 187 exit(1); | 190 if (openkmem(kernel, core) == -1) 191 exit(1); |
| 188 | 192#endif |
| 189 if (((fd = open(IPNAT_NAME, mode)) == -1) && 190 ((fd = open(IPNAT_NAME, O_RDONLY)) == -1)) { 191 (void) fprintf(stderr, "%s: open: %s\n", IPNAT_NAME, 192 STRERROR(errno)); 193 exit(1); 194 } 195 196 bzero((char *)&obj, sizeof(obj)); --- 8 unchanged lines hidden (view full) --- 205 (void) setgid(getgid()); 206 (void) setreuid(getuid(), getuid()); 207 } else if ((kernel != NULL) || (core != NULL)) { 208 if (openkmem(kernel, core) == -1) 209 exit(1); 210 211 natstat_dead(nsp, kernel); 212 if (opts & (OPT_LIST|OPT_STAT)) | 193 if (((fd = open(IPNAT_NAME, mode)) == -1) && 194 ((fd = open(IPNAT_NAME, O_RDONLY)) == -1)) { 195 (void) fprintf(stderr, "%s: open: %s\n", IPNAT_NAME, 196 STRERROR(errno)); 197 exit(1); 198 } 199 200 bzero((char *)&obj, sizeof(obj)); --- 8 unchanged lines hidden (view full) --- 209 (void) setgid(getgid()); 210 (void) setreuid(getuid(), getuid()); 211 } else if ((kernel != NULL) || (core != NULL)) { 212 if (openkmem(kernel, core) == -1) 213 exit(1); 214 215 natstat_dead(nsp, kernel); 216 if (opts & (OPT_LIST|OPT_STAT)) |
| 213 dostats(nsp, opts); | 217 dostats(fd, nsp, opts, 0); |
| 214 exit(0); 215 } 216 217 if (opts & (OPT_FLUSH|OPT_CLEAR)) 218 flushtable(fd, opts); 219 if (file) { 220 ipnat_parsefile(fd, ipnat_addrule, ioctl, file); 221 } 222 if (opts & (OPT_LIST|OPT_STAT)) | 218 exit(0); 219 } 220 221 if (opts & (OPT_FLUSH|OPT_CLEAR)) 222 flushtable(fd, opts); 223 if (file) { 224 ipnat_parsefile(fd, ipnat_addrule, ioctl, file); 225 } 226 if (opts & (OPT_LIST|OPT_STAT)) |
| 223 dostats(nsp, opts); | 227 dostats(fd, nsp, opts, 1); |
| 224 return 0; 225} 226 227 228/* 229 * Read NAT statistic information in using a symbol table and memory file 230 * rather than doing ioctl's. 231 */ --- 46 unchanged lines hidden (view full) --- 278 kmemcpy((char *)&nsp->ns_apslist, nat_nlist[8].n_value, 279 sizeof(nsp->ns_apslist)); 280} 281 282 283/* 284 * Display NAT statistics. 285 */ | 228 return 0; 229} 230 231 232/* 233 * Read NAT statistic information in using a symbol table and memory file 234 * rather than doing ioctl's. 235 */ --- 46 unchanged lines hidden (view full) --- 282 kmemcpy((char *)&nsp->ns_apslist, nat_nlist[8].n_value, 283 sizeof(nsp->ns_apslist)); 284} 285 286 287/* 288 * Display NAT statistics. 289 */ |
| 286void dostats(nsp, opts) | 290void dostats(fd, nsp, opts, alive) |
| 287natstat_t *nsp; | 291natstat_t *nsp; |
| 288int opts; | 292int fd, opts, alive; |
| 289{ 290 nat_t *np, nat; 291 ipnat_t ipn; 292 293 /* 294 * Show statistics ? 295 */ 296 if (opts & OPT_STAT) { --- 10 unchanged lines hidden (view full) --- 307 printf("table %p list %p\n", 308 nsp->ns_table, nsp->ns_list); 309 } 310 311 /* 312 * Show list of NAT rules and NAT sessions ? 313 */ 314 if (opts & OPT_LIST) { | 293{ 294 nat_t *np, nat; 295 ipnat_t ipn; 296 297 /* 298 * Show statistics ? 299 */ 300 if (opts & OPT_STAT) { --- 10 unchanged lines hidden (view full) --- 311 printf("table %p list %p\n", 312 nsp->ns_table, nsp->ns_list); 313 } 314 315 /* 316 * Show list of NAT rules and NAT sessions ? 317 */ 318 if (opts & OPT_LIST) { |
| 319 if (alive) { 320 dostats_live(fd, nsp, opts); 321 return; 322 } |
|
| 315 printf("List of active MAP/Redirect filters:\n"); 316 while (nsp->ns_list) { 317 if (kmemcpy((char *)&ipn, (long)nsp->ns_list, 318 sizeof(ipn))) { 319 perror("kmemcpy"); 320 break; 321 } 322 if (opts & OPT_HITS) 323 printf("%lu ", ipn.in_hits); 324 printnat(&ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 325 nsp->ns_list = ipn.in_next; 326 } 327 328 printf("\nList of active sessions:\n"); 329 330 for (np = nsp->ns_instances; np; np = nat.nat_next) { 331 if (kmemcpy((char *)&nat, (long)np, sizeof(nat))) 332 break; | 323 printf("List of active MAP/Redirect filters:\n"); 324 while (nsp->ns_list) { 325 if (kmemcpy((char *)&ipn, (long)nsp->ns_list, 326 sizeof(ipn))) { 327 perror("kmemcpy"); 328 break; 329 } 330 if (opts & OPT_HITS) 331 printf("%lu ", ipn.in_hits); 332 printnat(&ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 333 nsp->ns_list = ipn.in_next; 334 } 335 336 printf("\nList of active sessions:\n"); 337 338 for (np = nsp->ns_instances; np; np = nat.nat_next) { 339 if (kmemcpy((char *)&nat, (long)np, sizeof(nat))) 340 break; |
| 333 printactivenat(&nat, opts); | 341 printactivenat(&nat, opts, 0); |
| 334 if (nat.nat_aps) 335 printaps(nat.nat_aps, opts); 336 } 337 338 if (opts & OPT_VERBOSE) 339 showhostmap(nsp); 340 } 341} --- 59 unchanged lines hidden (view full) --- 401 if (opts & OPT_CLEAR) { 402 n = 1; 403 if (!(opts & OPT_DONOTHING) && ioctl(fd, SIOCIPFFL, &n) == -1) 404 perror("ioctl(SIOCCNATL)"); 405 else 406 printf("%d entries flushed from NAT list\n", n); 407 } 408} | 342 if (nat.nat_aps) 343 printaps(nat.nat_aps, opts); 344 } 345 346 if (opts & OPT_VERBOSE) 347 showhostmap(nsp); 348 } 349} --- 59 unchanged lines hidden (view full) --- 409 if (opts & OPT_CLEAR) { 410 n = 1; 411 if (!(opts & OPT_DONOTHING) && ioctl(fd, SIOCIPFFL, &n) == -1) 412 perror("ioctl(SIOCCNATL)"); 413 else 414 printf("%d entries flushed from NAT list\n", n); 415 } 416} |
| 417 418/* 419 * Display NAT statistics. 420 */ 421void dostats_live(fd, nsp, opts) 422natstat_t *nsp; 423int fd, opts; 424{ 425 ipfgeniter_t iter; 426 ipfobj_t obj; 427 ipnat_t ipn; 428 nat_t nat; 429 430 bzero((char *)&obj, sizeof(obj)); 431 obj.ipfo_rev = IPFILTER_VERSION; 432 obj.ipfo_type = IPFOBJ_GENITER; 433 obj.ipfo_size = sizeof(iter); 434 obj.ipfo_ptr = &iter; 435 436 iter.igi_type = IPFGENITER_IPNAT; 437 iter.igi_data = &ipn; 438 439 /* 440 * Show list of NAT rules and NAT sessions ? 441 */ 442 printf("List of active MAP/Redirect filters:\n"); 443 while (nsp->ns_list) { 444 if (ioctl(fd, SIOCGENITER, &obj) == -1) 445 break; 446 if (opts & OPT_HITS) 447 printf("%lu ", ipn.in_hits); 448 printnat(&ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 449 nsp->ns_list = ipn.in_next; 450 } 451 452 printf("\nList of active sessions:\n"); 453 454 iter.igi_type = IPFGENITER_NAT; 455 iter.igi_data = &nat; 456 457 while (nsp->ns_instances != NULL) { 458 if (ioctl(fd, SIOCGENITER, &obj) == -1) 459 break; 460 printactivenat(&nat, opts, 1); 461 if (nat.nat_aps) 462 printaps(nat.nat_aps, opts); 463 nsp->ns_instances = nat.nat_next; 464 } 465 466 if (opts & OPT_VERBOSE) 467 showhostmap_live(fd, nsp); 468} 469 470/* 471 * Display the active host mapping table. 472 */ 473void showhostmap_live(fd, nsp) 474int fd; 475natstat_t *nsp; 476{ 477 hostmap_t hm, *hmp; 478 ipfgeniter_t iter; 479 ipfobj_t obj; 480 481 bzero((char *)&obj, sizeof(obj)); 482 obj.ipfo_rev = IPFILTER_VERSION; 483 obj.ipfo_type = IPFOBJ_GENITER; 484 obj.ipfo_size = sizeof(iter); 485 obj.ipfo_ptr = &iter; 486 487 iter.igi_type = IPFGENITER_HOSTMAP; 488 iter.igi_data = &hm; 489 490 printf("\nList of active host mappings:\n"); 491 492 while (nsp->ns_maplist != NULL) { 493 if (ioctl(fd, SIOCGENITER, &obj) == -1) 494 break; 495 printhostmap(&hm, 0); 496 nsp->ns_maplist = hm.hm_next; 497 } 498} 499 500 |
|