xref: /illumos-gate/usr/src/cmd/ipf/tools/ipftest.c (revision 55fea89d) 
17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * Copyright (C) 1993-2001 by Darren Reed.
37c478bd9Sstevel@tonic-gate  *
47c478bd9Sstevel@tonic-gate  * See the IPFILTER.LICENCE file for details on licencing.
57663b816Sml  *
6e8d569f4SAlexandr Nedvedicky  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
77663b816Sml  * Use is subject to license terms.
87c478bd9Sstevel@tonic-gate  */
97663b816Sml 
107c478bd9Sstevel@tonic-gate #include "ipf.h"
117c478bd9Sstevel@tonic-gate #include "ipt.h"
127c478bd9Sstevel@tonic-gate #include <sys/ioctl.h>
137c478bd9Sstevel@tonic-gate #include <sys/file.h>
147c478bd9Sstevel@tonic-gate 
157c478bd9Sstevel@tonic-gate extern	char	*optarg;
167c478bd9Sstevel@tonic-gate extern	struct frentry	*ipfilter[2][2];
177c478bd9Sstevel@tonic-gate extern	struct ipread	snoop, etherf, tcpd, pcap, iptext, iphex;
18f4b3ec61Sdh extern	struct ifnet	*get_unit __P((char *, int, ipf_stack_t *));
197c478bd9Sstevel@tonic-gate extern	void	init_ifp __P((void));
207c478bd9Sstevel@tonic-gate 
217c478bd9Sstevel@tonic-gate int	opts = OPT_DONOTHING;
227c478bd9Sstevel@tonic-gate int	use_inet6 = 0;
237c478bd9Sstevel@tonic-gate int	pfil_delayed_copy = 0;
247c478bd9Sstevel@tonic-gate int	main __P((int, char *[]));
257c478bd9Sstevel@tonic-gate int	loadrules __P((char *, int));
267c478bd9Sstevel@tonic-gate int	kmemcpy __P((char *, long, int));
277c478bd9Sstevel@tonic-gate int     kstrncpy __P((char *, long, int n));
28f4b3ec61Sdh void	dumpnat __P((ipf_stack_t *ifs));
29f4b3ec61Sdh void	dumpstate __P((ipf_stack_t *ifs));
30f4b3ec61Sdh void	dumplookups __P((ipf_stack_t *ifs));
31f4b3ec61Sdh void	dumpgroups __P((ipf_stack_t *ifs));
32f4b3ec61Sdh void	drain_log __P((char *, ipf_stack_t *ifs));
337c478bd9Sstevel@tonic-gate void	fixv4sums __P((mb_t *, ip_t *));
34f4b3ec61Sdh ipf_stack_t *get_ifs __P((void));
35f4b3ec61Sdh ipf_stack_t *create_ifs __P((void));
36f4b3ec61Sdh 
377c478bd9Sstevel@tonic-gate 
38af5f29ddSToomas Soome #if defined(__NetBSD__) || defined(__OpenBSD__) || defined(SOLARIS) || \
397c478bd9Sstevel@tonic-gate 	(_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \
40ab25eeb5Syz 	defined(__osf__) || defined(linux)
417c478bd9Sstevel@tonic-gate int ipftestioctl __P((int, ioctlcmd_t, ...));
427c478bd9Sstevel@tonic-gate int ipnattestioctl __P((int, ioctlcmd_t, ...));
437c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((int, ioctlcmd_t, ...));
447c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((int, ioctlcmd_t, ...));
457c478bd9Sstevel@tonic-gate int ipscantestioctl __P((int, ioctlcmd_t, ...));
467c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((int, ioctlcmd_t, ...));
477c478bd9Sstevel@tonic-gate int ipooltestioctl __P((int, ioctlcmd_t, ...));
487c478bd9Sstevel@tonic-gate #else
497c478bd9Sstevel@tonic-gate int ipftestioctl __P((dev_t, ioctlcmd_t, void *));
507c478bd9Sstevel@tonic-gate int ipnattestioctl __P((dev_t, ioctlcmd_t, void *));
517c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *));
527c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *));
537c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *));
547c478bd9Sstevel@tonic-gate int ipscantestioctl __P((dev_t, ioctlcmd_t, void *));
557c478bd9Sstevel@tonic-gate int ipooltestioctl __P((dev_t, ioctlcmd_t, void *));
567c478bd9Sstevel@tonic-gate #endif
577c478bd9Sstevel@tonic-gate 
587c478bd9Sstevel@tonic-gate static	ioctlfunc_t	iocfunctions[IPL_LOGSIZE] = { ipftestioctl,
597c478bd9Sstevel@tonic-gate 						      ipnattestioctl,
607c478bd9Sstevel@tonic-gate 						      ipstatetestioctl,
617c478bd9Sstevel@tonic-gate 						      ipauthtestioctl,
627c478bd9Sstevel@tonic-gate 						      ipsynctestioctl,
637c478bd9Sstevel@tonic-gate 						      ipscantestioctl,
647c478bd9Sstevel@tonic-gate 						      ipooltestioctl,
657c478bd9Sstevel@tonic-gate 						      NULL };
667c478bd9Sstevel@tonic-gate 
677c478bd9Sstevel@tonic-gate 
main(argc,argv)687c478bd9Sstevel@tonic-gate int main(argc,argv)
697c478bd9Sstevel@tonic-gate int argc;
707c478bd9Sstevel@tonic-gate char *argv[];
717c478bd9Sstevel@tonic-gate {
727c478bd9Sstevel@tonic-gate 	char	*datain, *iface, *ifname, *logout;
737c478bd9Sstevel@tonic-gate 	int	fd, i, dir, c, loaded, dump, hlen;
747c478bd9Sstevel@tonic-gate 	struct	ifnet	*ifp;
757c478bd9Sstevel@tonic-gate 	struct	ipread	*r;
767c478bd9Sstevel@tonic-gate 	mb_t	mb, *m;
777c478bd9Sstevel@tonic-gate 	ip_t	*ip;
78f4b3ec61Sdh 	ipf_stack_t *ifs;
797c478bd9Sstevel@tonic-gate 
807c478bd9Sstevel@tonic-gate 	m = &mb;
817c478bd9Sstevel@tonic-gate 	dir = 0;
827c478bd9Sstevel@tonic-gate 	dump = 0;
837c478bd9Sstevel@tonic-gate 	hlen = 0;
847c478bd9Sstevel@tonic-gate 	loaded = 0;
857c478bd9Sstevel@tonic-gate 	r = &iptext;
867c478bd9Sstevel@tonic-gate 	iface = NULL;
877c478bd9Sstevel@tonic-gate 	logout = NULL;
887c478bd9Sstevel@tonic-gate 	ifname = "anon0";
897c478bd9Sstevel@tonic-gate 	datain = NULL;
907c478bd9Sstevel@tonic-gate 
917c478bd9Sstevel@tonic-gate 	initparse();
92f4b3ec61Sdh 	ifs = create_ifs();
93f4b3ec61Sdh 
94f4b3ec61Sdh #if defined(IPFILTER_DEFAULT_BLOCK)
95f4b3ec61Sdh         ifs->ifs_fr_pass = FR_BLOCK|FR_NOMATCH;
96f4b3ec61Sdh #else
97f4b3ec61Sdh         ifs->ifs_fr_pass = (IPF_DEFAULT_PASS)|FR_NOMATCH;
98f4b3ec61Sdh #endif
99f4b3ec61Sdh 	ipftuneable_alloc(ifs);
100*55fea89dSDan Cross 
101f4b3ec61Sdh 	MUTEX_INIT(&ifs->ifs_ipf_rw, "ipf rw mutex");
102f4b3ec61Sdh 	MUTEX_INIT(&ifs->ifs_ipf_timeoutlock, "ipf timeout lock");
103f4b3ec61Sdh 	RWLOCK_INIT(&ifs->ifs_ipf_global, "ipf filter load/unload mutex");
104f4b3ec61Sdh 	RWLOCK_INIT(&ifs->ifs_ipf_mutex, "ipf filter rwlock");
105f4b3ec61Sdh 	RWLOCK_INIT(&ifs->ifs_ipf_ipidfrag, "ipf IP NAT-Frag rwlock");
106e8d569f4SAlexandr Nedvedicky 	RWLOCK_INIT(&ifs->ifs_ipf_frcache, "ipf rule cache rwlock");
107f4b3ec61Sdh 
108f4b3ec61Sdh 	fr_loginit(ifs);
109f4b3ec61Sdh 	fr_authinit(ifs);
110f4b3ec61Sdh 	fr_fraginit(ifs);
111f4b3ec61Sdh 	fr_stateinit(ifs);
112f4b3ec61Sdh 	fr_natinit(ifs);
113f4b3ec61Sdh 	appr_init(ifs);
114f4b3ec61Sdh 	ip_lookup_init(ifs);
115f4b3ec61Sdh 	ifs->ifs_fr_running = 1;
1167c478bd9Sstevel@tonic-gate 
117ab25eeb5Syz 	while ((c = getopt(argc, argv, "6bdDF:i:I:l:N:P:or:RT:vxX")) != -1)
1187c478bd9Sstevel@tonic-gate 		switch (c)
1197c478bd9Sstevel@tonic-gate 		{
1207c478bd9Sstevel@tonic-gate 		case '6' :
1217c478bd9Sstevel@tonic-gate #ifdef	USE_INET6
1227c478bd9Sstevel@tonic-gate 			use_inet6 = 1;
1237c478bd9Sstevel@tonic-gate #else
1247c478bd9Sstevel@tonic-gate 			fprintf(stderr, "IPv6 not supported\n");
1257c478bd9Sstevel@tonic-gate 			exit(1);
1267c478bd9Sstevel@tonic-gate #endif
1277c478bd9Sstevel@tonic-gate 			break;
1287c478bd9Sstevel@tonic-gate 		case 'b' :
1297c478bd9Sstevel@tonic-gate 			opts |= OPT_BRIEF;
1307c478bd9Sstevel@tonic-gate 			break;
1317c478bd9Sstevel@tonic-gate 		case 'd' :
1327c478bd9Sstevel@tonic-gate 			opts |= OPT_DEBUG;
1337c478bd9Sstevel@tonic-gate 			break;
1347c478bd9Sstevel@tonic-gate 		case 'D' :
1357c478bd9Sstevel@tonic-gate 			dump = 1;
1367c478bd9Sstevel@tonic-gate 			break;
1377c478bd9Sstevel@tonic-gate 		case 'F' :
1387c478bd9Sstevel@tonic-gate 			if (strcasecmp(optarg, "pcap") == 0)
1397c478bd9Sstevel@tonic-gate 				r = &pcap;
1407c478bd9Sstevel@tonic-gate 			else if (strcasecmp(optarg, "etherfind") == 0)
1417c478bd9Sstevel@tonic-gate 				r = &etherf;
1427c478bd9Sstevel@tonic-gate 			else if (strcasecmp(optarg, "snoop") == 0)
1437c478bd9Sstevel@tonic-gate 				r = &snoop;
1447c478bd9Sstevel@tonic-gate 			else if (strcasecmp(optarg, "tcpdump") == 0)
1457c478bd9Sstevel@tonic-gate 				r = &tcpd;
1467c478bd9Sstevel@tonic-gate 			else if (strcasecmp(optarg, "hex") == 0)
1477c478bd9Sstevel@tonic-gate 				r = &iphex;
1487c478bd9Sstevel@tonic-gate 			else if (strcasecmp(optarg, "text") == 0)
1497c478bd9Sstevel@tonic-gate 				r = &iptext;
1507c478bd9Sstevel@tonic-gate 			break;
1517c478bd9Sstevel@tonic-gate 		case 'i' :
1527c478bd9Sstevel@tonic-gate 			datain = optarg;
1537c478bd9Sstevel@tonic-gate 			break;
1547c478bd9Sstevel@tonic-gate 		case 'I' :
1557c478bd9Sstevel@tonic-gate 			ifname = optarg;
1567c478bd9Sstevel@tonic-gate 			break;
1577c478bd9Sstevel@tonic-gate 		case 'l' :
1587c478bd9Sstevel@tonic-gate 			logout = optarg;
1597c478bd9Sstevel@tonic-gate 			break;
1607c478bd9Sstevel@tonic-gate 		case 'o' :
1617c478bd9Sstevel@tonic-gate 			opts |= OPT_SAVEOUT;
1627c478bd9Sstevel@tonic-gate 			break;
1637c478bd9Sstevel@tonic-gate 		case 'r' :
1647c478bd9Sstevel@tonic-gate 			if (ipf_parsefile(-1, ipf_addrule, iocfunctions,
1657c478bd9Sstevel@tonic-gate 					  optarg) == -1)
1667c478bd9Sstevel@tonic-gate 				return -1;
1677c478bd9Sstevel@tonic-gate 			loaded = 1;
1687c478bd9Sstevel@tonic-gate 			break;
169ab25eeb5Syz 		case 'R' :
170ab25eeb5Syz 			opts |= OPT_NORESOLVE;
171ab25eeb5Syz 			break;
1727c478bd9Sstevel@tonic-gate 		case 'v' :
1737c478bd9Sstevel@tonic-gate 			opts |= OPT_VERBOSE;
1747c478bd9Sstevel@tonic-gate 			break;
1757c478bd9Sstevel@tonic-gate 		case 'N' :
1767c478bd9Sstevel@tonic-gate 			if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl,
1777c478bd9Sstevel@tonic-gate 					    optarg) == -1)
1787c478bd9Sstevel@tonic-gate 				return -1;
1797c478bd9Sstevel@tonic-gate 			loaded = 1;
1807c478bd9Sstevel@tonic-gate 			opts |= OPT_NAT;
1817c478bd9Sstevel@tonic-gate 			break;
1827c478bd9Sstevel@tonic-gate 		case 'P' :
1837c478bd9Sstevel@tonic-gate 			if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1)
1847c478bd9Sstevel@tonic-gate 				return -1;
1857c478bd9Sstevel@tonic-gate 			loaded = 1;
1867c478bd9Sstevel@tonic-gate 			break;
187ab25eeb5Syz 		case 'T' :
188ab25eeb5Syz 			ipf_dotuning(-1, optarg, ipftestioctl);
189ab25eeb5Syz 			break;
1907c478bd9Sstevel@tonic-gate 		case 'x' :
1917c478bd9Sstevel@tonic-gate 			opts |= OPT_HEX;
1927c478bd9Sstevel@tonic-gate 			break;
1937c478bd9Sstevel@tonic-gate 		}
1947c478bd9Sstevel@tonic-gate 
1957c478bd9Sstevel@tonic-gate 	if (loaded == 0) {
1967c478bd9Sstevel@tonic-gate 		(void)fprintf(stderr,"no rules loaded\n");
1977c478bd9Sstevel@tonic-gate 		exit(-1);
1987c478bd9Sstevel@tonic-gate 	}
1997c478bd9Sstevel@tonic-gate 
2007c478bd9Sstevel@tonic-gate 	if (opts & OPT_SAVEOUT)
2017c478bd9Sstevel@tonic-gate 		init_ifp();
2027c478bd9Sstevel@tonic-gate 
2037c478bd9Sstevel@tonic-gate 	if (datain)
2047c478bd9Sstevel@tonic-gate 		fd = (*r->r_open)(datain);
2057c478bd9Sstevel@tonic-gate 	else
2067c478bd9Sstevel@tonic-gate 		fd = (*r->r_open)("-");
2077c478bd9Sstevel@tonic-gate 
2087c478bd9Sstevel@tonic-gate 	if (fd < 0)
2097c478bd9Sstevel@tonic-gate 		exit(-1);
2107c478bd9Sstevel@tonic-gate 
2117c478bd9Sstevel@tonic-gate 	ip = MTOD(m, ip_t *);
2127c478bd9Sstevel@tonic-gate 	while ((i = (*r->r_readip)(MTOD(m, char *), sizeof(m->mb_buf),
2137c478bd9Sstevel@tonic-gate 				    &iface, &dir)) > 0) {
2147c478bd9Sstevel@tonic-gate 		if (iface == NULL || *iface == '\0')
2157c478bd9Sstevel@tonic-gate 			iface = ifname;
216f4b3ec61Sdh 		ifp = get_unit(iface, IP_V(ip), ifs);
2175e985db5Sschuster 		if (ifp == NULL) {
2185e985db5Sschuster 			fprintf(stderr, "out of memory\n");
2195e985db5Sschuster 			exit(1);
2205e985db5Sschuster 		}
2217c478bd9Sstevel@tonic-gate 		if (!use_inet6) {
2227c478bd9Sstevel@tonic-gate 			ip->ip_off = ntohs(ip->ip_off);
2237c478bd9Sstevel@tonic-gate 			ip->ip_len = ntohs(ip->ip_len);
2247c478bd9Sstevel@tonic-gate 			if (r->r_flags & R_DO_CKSUM)
2257c478bd9Sstevel@tonic-gate 				fixv4sums(m, ip);
2267c478bd9Sstevel@tonic-gate 			hlen = IP_HL(ip) << 2;
2277c478bd9Sstevel@tonic-gate 		}
2287c478bd9Sstevel@tonic-gate #ifdef	USE_INET6
2297c478bd9Sstevel@tonic-gate 		else
2307c478bd9Sstevel@tonic-gate 			hlen = sizeof(ip6_t);
2317c478bd9Sstevel@tonic-gate #endif
2327c478bd9Sstevel@tonic-gate 		/* ipfr_slowtimer(); */
2337c478bd9Sstevel@tonic-gate 		m = &mb;
2347c478bd9Sstevel@tonic-gate 		m->mb_len = i;
235f4b3ec61Sdh 		i = fr_check(ip, hlen, ifp, dir, &m, ifs);
2367c478bd9Sstevel@tonic-gate 		if ((opts & OPT_NAT) == 0)
2377c478bd9Sstevel@tonic-gate 			switch (i)
2387c478bd9Sstevel@tonic-gate 			{
2397c478bd9Sstevel@tonic-gate 			case -4 :
2407c478bd9Sstevel@tonic-gate 				(void)printf("preauth");
2417c478bd9Sstevel@tonic-gate 				break;
2427c478bd9Sstevel@tonic-gate 			case -3 :
2437c478bd9Sstevel@tonic-gate 				(void)printf("account");
2447c478bd9Sstevel@tonic-gate 				break;
2457c478bd9Sstevel@tonic-gate 			case -2 :
2467c478bd9Sstevel@tonic-gate 				(void)printf("auth");
2477c478bd9Sstevel@tonic-gate 				break;
2487c478bd9Sstevel@tonic-gate 			case -1 :
2497c478bd9Sstevel@tonic-gate 				(void)printf("block");
2507c478bd9Sstevel@tonic-gate 				break;
2517c478bd9Sstevel@tonic-gate 			case 0 :
2527c478bd9Sstevel@tonic-gate 				(void)printf("pass");
2537c478bd9Sstevel@tonic-gate 				break;
2547c478bd9Sstevel@tonic-gate 			case 1 :
2557c478bd9Sstevel@tonic-gate 				(void)printf("nomatch");
2567c478bd9Sstevel@tonic-gate 				break;
2577c478bd9Sstevel@tonic-gate 			case 3 :
2587c478bd9Sstevel@tonic-gate 				(void)printf("block return-rst");
2597c478bd9Sstevel@tonic-gate 				break;
2607c478bd9Sstevel@tonic-gate 			case 4 :
2617c478bd9Sstevel@tonic-gate 				(void)printf("block return-icmp");
2627c478bd9Sstevel@tonic-gate 				break;
2637c478bd9Sstevel@tonic-gate 			case 5 :
2647c478bd9Sstevel@tonic-gate 				(void)printf("block return-icmp-as-dest");
2657c478bd9Sstevel@tonic-gate 				break;
2667c478bd9Sstevel@tonic-gate 			default :
2677c478bd9Sstevel@tonic-gate 				(void)printf("recognised return %#x\n", i);
2687c478bd9Sstevel@tonic-gate 				break;
2697c478bd9Sstevel@tonic-gate 			}
2707c478bd9Sstevel@tonic-gate 		if (!use_inet6) {
2717c478bd9Sstevel@tonic-gate 			ip->ip_off = htons(ip->ip_off);
2727c478bd9Sstevel@tonic-gate 			ip->ip_len = htons(ip->ip_len);
2737c478bd9Sstevel@tonic-gate 		}
2747c478bd9Sstevel@tonic-gate 
2757c478bd9Sstevel@tonic-gate 		if (!(opts & OPT_BRIEF)) {
2767c478bd9Sstevel@tonic-gate 			putchar(' ');
2777c478bd9Sstevel@tonic-gate 			printpacket(ip);
2787c478bd9Sstevel@tonic-gate 			printf("--------------");
2797c478bd9Sstevel@tonic-gate 		} else if ((opts & (OPT_BRIEF|OPT_NAT)) == (OPT_NAT|OPT_BRIEF))
2807c478bd9Sstevel@tonic-gate 			printpacket(ip);
2817c478bd9Sstevel@tonic-gate 		if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL))
282ab25eeb5Syz #if  defined(__sgi) && (IRIX < 60500)
2837c478bd9Sstevel@tonic-gate 			(*ifp->if_output)(ifp, (void *)m, NULL);
2847c478bd9Sstevel@tonic-gate #else
2857c478bd9Sstevel@tonic-gate # if TRU64 >= 1885
2867c478bd9Sstevel@tonic-gate 			(*ifp->if_output)(ifp, (void *)m, NULL, 0, 0);
2877c478bd9Sstevel@tonic-gate # else
2887c478bd9Sstevel@tonic-gate 			(*ifp->if_output)(ifp, (void *)m, NULL, 0);
2897c478bd9Sstevel@tonic-gate # endif
2907c478bd9Sstevel@tonic-gate #endif
2917c478bd9Sstevel@tonic-gate 		if ((opts & (OPT_BRIEF|OPT_NAT)) != (OPT_NAT|OPT_BRIEF))
2927c478bd9Sstevel@tonic-gate 			putchar('\n');
2937c478bd9Sstevel@tonic-gate 		dir = 0;
2947c478bd9Sstevel@tonic-gate 		if (iface != ifname) {
2957c478bd9Sstevel@tonic-gate 			free(iface);
2967c478bd9Sstevel@tonic-gate 			iface = ifname;
2977c478bd9Sstevel@tonic-gate 		}
2987c478bd9Sstevel@tonic-gate 		m = &mb;
2997c478bd9Sstevel@tonic-gate 	}
3007c478bd9Sstevel@tonic-gate 	(*r->r_close)();
3017c478bd9Sstevel@tonic-gate 
3027c478bd9Sstevel@tonic-gate 	if (logout != NULL) {
303f4b3ec61Sdh 		drain_log(logout, ifs);
3047c478bd9Sstevel@tonic-gate 	}
3057c478bd9Sstevel@tonic-gate 
3067c478bd9Sstevel@tonic-gate 	if (dump == 1)  {
307f4b3ec61Sdh 		dumpnat(ifs);
308f4b3ec61Sdh 		dumpstate(ifs);
309f4b3ec61Sdh 		dumplookups(ifs);
310f4b3ec61Sdh 		dumpgroups(ifs);
3117c478bd9Sstevel@tonic-gate 	}
3127c478bd9Sstevel@tonic-gate 
313f4b3ec61Sdh 	fr_deinitialise(ifs);
3147c478bd9Sstevel@tonic-gate 
3157c478bd9Sstevel@tonic-gate 	return 0;
3167c478bd9Sstevel@tonic-gate }
3177c478bd9Sstevel@tonic-gate 
3187c478bd9Sstevel@tonic-gate 
319af5f29ddSToomas Soome #if defined(__NetBSD__) || defined(__OpenBSD__) || defined(SOLARIS) || \
3207c478bd9Sstevel@tonic-gate 	(_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \
321ab25eeb5Syz 	defined(__osf__) || defined(linux)
ipftestioctl(int dev,ioctlcmd_t cmd,...)3227c478bd9Sstevel@tonic-gate int ipftestioctl(int dev, ioctlcmd_t cmd, ...)
3237c478bd9Sstevel@tonic-gate {
3247c478bd9Sstevel@tonic-gate 	caddr_t data;
3257c478bd9Sstevel@tonic-gate 	va_list ap;
3267c478bd9Sstevel@tonic-gate 	int i;
3277c478bd9Sstevel@tonic-gate 
3287c478bd9Sstevel@tonic-gate 	va_start(ap, cmd);
3297c478bd9Sstevel@tonic-gate 	data = va_arg(ap, caddr_t);
3307c478bd9Sstevel@tonic-gate 	va_end(ap);
3317c478bd9Sstevel@tonic-gate 
3327c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD);
3337c478bd9Sstevel@tonic-gate 	if (opts & OPT_DEBUG)
3347c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n",
3357c478bd9Sstevel@tonic-gate 			(u_int)cmd, data, i);
336ab25eeb5Syz 	if (i != 0) {
337ab25eeb5Syz 		errno = i;
338ab25eeb5Syz 		return -1;
339ab25eeb5Syz 	}
340ab25eeb5Syz 	return 0;
3417c478bd9Sstevel@tonic-gate }
3427c478bd9Sstevel@tonic-gate 
3437c478bd9Sstevel@tonic-gate 
ipnattestioctl(int dev,ioctlcmd_t cmd,...)3447c478bd9Sstevel@tonic-gate int ipnattestioctl(int dev, ioctlcmd_t cmd, ...)
3457c478bd9Sstevel@tonic-gate {
3467c478bd9Sstevel@tonic-gate 	caddr_t data;
3477c478bd9Sstevel@tonic-gate 	va_list ap;
3487c478bd9Sstevel@tonic-gate 	int i;
3497c478bd9Sstevel@tonic-gate 
3507c478bd9Sstevel@tonic-gate 	va_start(ap, cmd);
3517c478bd9Sstevel@tonic-gate 	data = va_arg(ap, caddr_t);
3527c478bd9Sstevel@tonic-gate 	va_end(ap);
3537c478bd9Sstevel@tonic-gate 
3547c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD);
3557c478bd9Sstevel@tonic-gate 	if (opts & OPT_DEBUG)
3567c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n",
3577c478bd9Sstevel@tonic-gate 			(u_int)cmd, data, i);
358ab25eeb5Syz 	if (i != 0) {
359ab25eeb5Syz 		errno = i;
360ab25eeb5Syz 		return -1;
361ab25eeb5Syz 	}
362ab25eeb5Syz 	return 0;
3637c478bd9Sstevel@tonic-gate }
3647c478bd9Sstevel@tonic-gate 
3657c478bd9Sstevel@tonic-gate 
ipstatetestioctl(int dev,ioctlcmd_t cmd,...)3667c478bd9Sstevel@tonic-gate int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...)
3677c478bd9Sstevel@tonic-gate {
3687c478bd9Sstevel@tonic-gate 	caddr_t data;
3697c478bd9Sstevel@tonic-gate 	va_list ap;
3707c478bd9Sstevel@tonic-gate 	int i;
3717c478bd9Sstevel@tonic-gate 
3727c478bd9Sstevel@tonic-gate 	va_start(ap, cmd);
3737c478bd9Sstevel@tonic-gate 	data = va_arg(ap, caddr_t);
3747c478bd9Sstevel@tonic-gate 	va_end(ap);
3757c478bd9Sstevel@tonic-gate 
3767c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD);
3777c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
3787c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n",
3797c478bd9Sstevel@tonic-gate 			(u_int)cmd, data, i);
380ab25eeb5Syz 	if (i != 0) {
381ab25eeb5Syz 		errno = i;
382ab25eeb5Syz 		return -1;
383ab25eeb5Syz 	}
384ab25eeb5Syz 	return 0;
3857c478bd9Sstevel@tonic-gate }
3867c478bd9Sstevel@tonic-gate 
3877c478bd9Sstevel@tonic-gate 
ipauthtestioctl(int dev,ioctlcmd_t cmd,...)3887c478bd9Sstevel@tonic-gate int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...)
3897c478bd9Sstevel@tonic-gate {
3907c478bd9Sstevel@tonic-gate 	caddr_t data;
3917c478bd9Sstevel@tonic-gate 	va_list ap;
3927c478bd9Sstevel@tonic-gate 	int i;
3937c478bd9Sstevel@tonic-gate 
3947c478bd9Sstevel@tonic-gate 	va_start(ap, cmd);
3957c478bd9Sstevel@tonic-gate 	data = va_arg(ap, caddr_t);
3967c478bd9Sstevel@tonic-gate 	va_end(ap);
3977c478bd9Sstevel@tonic-gate 
3987c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD);
3997c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
4007c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n",
4017c478bd9Sstevel@tonic-gate 			(u_int)cmd, data, i);
402ab25eeb5Syz 	if (i != 0) {
403ab25eeb5Syz 		errno = i;
404ab25eeb5Syz 		return -1;
405ab25eeb5Syz 	}
406ab25eeb5Syz 	return 0;
4077c478bd9Sstevel@tonic-gate }
4087c478bd9Sstevel@tonic-gate 
4097c478bd9Sstevel@tonic-gate 
ipscantestioctl(int dev,ioctlcmd_t cmd,...)4107c478bd9Sstevel@tonic-gate int ipscantestioctl(int dev, ioctlcmd_t cmd, ...)
4117c478bd9Sstevel@tonic-gate {
4127c478bd9Sstevel@tonic-gate 	caddr_t data;
4137c478bd9Sstevel@tonic-gate 	va_list ap;
4147c478bd9Sstevel@tonic-gate 	int i;
4157c478bd9Sstevel@tonic-gate 
4167c478bd9Sstevel@tonic-gate 	va_start(ap, cmd);
4177c478bd9Sstevel@tonic-gate 	data = va_arg(ap, caddr_t);
4187c478bd9Sstevel@tonic-gate 	va_end(ap);
4197c478bd9Sstevel@tonic-gate 
4207c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD);
4217c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
4227c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n",
4237c478bd9Sstevel@tonic-gate 			(u_int)cmd, data, i);
424ab25eeb5Syz 	if (i != 0) {
425ab25eeb5Syz 		errno = i;
426ab25eeb5Syz 		return -1;
427ab25eeb5Syz 	}
428ab25eeb5Syz 	return 0;
4297c478bd9Sstevel@tonic-gate }
4307c478bd9Sstevel@tonic-gate 
4317c478bd9Sstevel@tonic-gate 
ipsynctestioctl(int dev,ioctlcmd_t cmd,...)4327c478bd9Sstevel@tonic-gate int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...)
4337c478bd9Sstevel@tonic-gate {
4347c478bd9Sstevel@tonic-gate 	caddr_t data;
4357c478bd9Sstevel@tonic-gate 	va_list ap;
4367c478bd9Sstevel@tonic-gate 	int i;
4377c478bd9Sstevel@tonic-gate 
4387c478bd9Sstevel@tonic-gate 	va_start(ap, cmd);
4397c478bd9Sstevel@tonic-gate 	data = va_arg(ap, caddr_t);
4407c478bd9Sstevel@tonic-gate 	va_end(ap);
4417c478bd9Sstevel@tonic-gate 
4427c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD);
4437c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
4447c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n",
4457c478bd9Sstevel@tonic-gate 			(u_int)cmd, data, i);
446ab25eeb5Syz 	if (i != 0) {
447ab25eeb5Syz 		errno = i;
448ab25eeb5Syz 		return -1;
449ab25eeb5Syz 	}
450ab25eeb5Syz 	return 0;
4517c478bd9Sstevel@tonic-gate }
4527c478bd9Sstevel@tonic-gate 
4537c478bd9Sstevel@tonic-gate 
ipooltestioctl(int dev,ioctlcmd_t cmd,...)4547c478bd9Sstevel@tonic-gate int ipooltestioctl(int dev, ioctlcmd_t cmd, ...)
4557c478bd9Sstevel@tonic-gate {
4567c478bd9Sstevel@tonic-gate 	caddr_t data;
4577c478bd9Sstevel@tonic-gate 	va_list ap;
4587c478bd9Sstevel@tonic-gate 	int i;
4597c478bd9Sstevel@tonic-gate 
4607c478bd9Sstevel@tonic-gate 	va_start(ap, cmd);
4617c478bd9Sstevel@tonic-gate 	data = va_arg(ap, caddr_t);
4627c478bd9Sstevel@tonic-gate 	va_end(ap);
4637c478bd9Sstevel@tonic-gate 
4647c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD);
4657c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
4667c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n",
4677c478bd9Sstevel@tonic-gate 			(u_int)cmd, data, i);
468ab25eeb5Syz 	if (i != 0) {
469ab25eeb5Syz 		errno = i;
470ab25eeb5Syz 		return -1;
471ab25eeb5Syz 	}
472ab25eeb5Syz 	return 0;
4737c478bd9Sstevel@tonic-gate }
4747c478bd9Sstevel@tonic-gate #else
ipftestioctl(dev,cmd,data)4757c478bd9Sstevel@tonic-gate int ipftestioctl(dev, cmd, data)
4767c478bd9Sstevel@tonic-gate dev_t dev;
4777c478bd9Sstevel@tonic-gate ioctlcmd_t cmd;
4787c478bd9Sstevel@tonic-gate void *data;
4797c478bd9Sstevel@tonic-gate {
4807c478bd9Sstevel@tonic-gate 	int i;
4817c478bd9Sstevel@tonic-gate 
4827c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD);
4837c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
4847c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", cmd, data, i);
485ab25eeb5Syz 	if (i != 0) {
486ab25eeb5Syz 		errno = i;
487ab25eeb5Syz 		return -1;
488ab25eeb5Syz 	}
489ab25eeb5Syz 	return 0;
4907c478bd9Sstevel@tonic-gate }
4917c478bd9Sstevel@tonic-gate 
4927c478bd9Sstevel@tonic-gate 
ipnattestioctl(dev,cmd,data)4937c478bd9Sstevel@tonic-gate int ipnattestioctl(dev, cmd, data)
4947c478bd9Sstevel@tonic-gate dev_t dev;
4957c478bd9Sstevel@tonic-gate ioctlcmd_t cmd;
4967c478bd9Sstevel@tonic-gate void *data;
4977c478bd9Sstevel@tonic-gate {
4987c478bd9Sstevel@tonic-gate 	int i;
4997c478bd9Sstevel@tonic-gate 
5007c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD);
5017c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
5027c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", cmd, data, i);
503ab25eeb5Syz 	if (i != 0) {
504ab25eeb5Syz 		errno = i;
505ab25eeb5Syz 		return -1;
506ab25eeb5Syz 	}
507ab25eeb5Syz 	return 0;
5087c478bd9Sstevel@tonic-gate }
5097c478bd9Sstevel@tonic-gate 
5107c478bd9Sstevel@tonic-gate 
ipstatetestioctl(dev,cmd,data)5117c478bd9Sstevel@tonic-gate int ipstatetestioctl(dev, cmd, data)
5127c478bd9Sstevel@tonic-gate dev_t dev;
5137c478bd9Sstevel@tonic-gate ioctlcmd_t cmd;
5147c478bd9Sstevel@tonic-gate void *data;
5157c478bd9Sstevel@tonic-gate {
5167c478bd9Sstevel@tonic-gate 	int i;
5177c478bd9Sstevel@tonic-gate 
5187c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD);
5197c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
5207c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", cmd, data, i);
521ab25eeb5Syz 	if (i != 0) {
522ab25eeb5Syz 		errno = i;
523ab25eeb5Syz 		return -1;
524ab25eeb5Syz 	}
525ab25eeb5Syz 	return 0;
5267c478bd9Sstevel@tonic-gate }
5277c478bd9Sstevel@tonic-gate 
5287c478bd9Sstevel@tonic-gate 
ipauthtestioctl(dev,cmd,data)5297c478bd9Sstevel@tonic-gate int ipauthtestioctl(dev, cmd, data)
5307c478bd9Sstevel@tonic-gate dev_t dev;
5317c478bd9Sstevel@tonic-gate ioctlcmd_t cmd;
5327c478bd9Sstevel@tonic-gate void *data;
5337c478bd9Sstevel@tonic-gate {
5347c478bd9Sstevel@tonic-gate 	int i;
5357c478bd9Sstevel@tonic-gate 
5367c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD);
5377c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
5387c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", cmd, data, i);
539ab25eeb5Syz 	if (i != 0) {
540ab25eeb5Syz 		errno = i;
541ab25eeb5Syz 		return -1;
542ab25eeb5Syz 	}
543ab25eeb5Syz 	return 0;
5447c478bd9Sstevel@tonic-gate }
5457c478bd9Sstevel@tonic-gate 
5467c478bd9Sstevel@tonic-gate 
ipsynctestioctl(dev,cmd,data)5477c478bd9Sstevel@tonic-gate int ipsynctestioctl(dev, cmd, data)
5487c478bd9Sstevel@tonic-gate dev_t dev;
5497c478bd9Sstevel@tonic-gate ioctlcmd_t cmd;
5507c478bd9Sstevel@tonic-gate void *data;
5517c478bd9Sstevel@tonic-gate {
5527c478bd9Sstevel@tonic-gate 	int i;
5537c478bd9Sstevel@tonic-gate 
5547c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD);
5557c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
5567c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", cmd, data, i);
557ab25eeb5Syz 	if (i != 0) {
558ab25eeb5Syz 		errno = i;
559ab25eeb5Syz 		return -1;
560ab25eeb5Syz 	}
561ab25eeb5Syz 	return 0;
5627c478bd9Sstevel@tonic-gate }
5637c478bd9Sstevel@tonic-gate 
5647c478bd9Sstevel@tonic-gate 
ipscantestioctl(dev,cmd,data)5657c478bd9Sstevel@tonic-gate int ipscantestioctl(dev, cmd, data)
5667c478bd9Sstevel@tonic-gate dev_t dev;
5677c478bd9Sstevel@tonic-gate ioctlcmd_t cmd;
5687c478bd9Sstevel@tonic-gate void *data;
5697c478bd9Sstevel@tonic-gate {
5707c478bd9Sstevel@tonic-gate 	int i;
5717c478bd9Sstevel@tonic-gate 
5727c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD);
5737c478bd9Sstevel@tonic-gate 	if ((opts & OPT_DEBUG) || (i != 0))
5747c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", cmd, data, i);
575ab25eeb5Syz 	if (i != 0) {
576ab25eeb5Syz 		errno = i;
577ab25eeb5Syz 		return -1;
578ab25eeb5Syz 	}
579ab25eeb5Syz 	return 0;
5807c478bd9Sstevel@tonic-gate }
5817c478bd9Sstevel@tonic-gate 
5827c478bd9Sstevel@tonic-gate 
ipooltestioctl(dev,cmd,data)5837c478bd9Sstevel@tonic-gate int ipooltestioctl(dev, cmd, data)
5847c478bd9Sstevel@tonic-gate dev_t dev;
5857c478bd9Sstevel@tonic-gate ioctlcmd_t cmd;
5867c478bd9Sstevel@tonic-gate void *data;
5877c478bd9Sstevel@tonic-gate {
5887c478bd9Sstevel@tonic-gate 	int i;
5897c478bd9Sstevel@tonic-gate 
5907c478bd9Sstevel@tonic-gate 	i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD);
5917c478bd9Sstevel@tonic-gate 	if (opts & OPT_DEBUG)
5927c478bd9Sstevel@tonic-gate 		fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", cmd, data, i);
593ab25eeb5Syz 	if (i != 0) {
594ab25eeb5Syz 		errno = i;
595ab25eeb5Syz 		return -1;
596ab25eeb5Syz 	}
597ab25eeb5Syz 	return 0;
5987c478bd9Sstevel@tonic-gate }
5997c478bd9Sstevel@tonic-gate #endif
6007c478bd9Sstevel@tonic-gate 
6017c478bd9Sstevel@tonic-gate 
kmemcpy(addr,offset,size)6027c478bd9Sstevel@tonic-gate int kmemcpy(addr, offset, size)
6037c478bd9Sstevel@tonic-gate char *addr;
6047c478bd9Sstevel@tonic-gate long offset;
6057c478bd9Sstevel@tonic-gate int size;
6067c478bd9Sstevel@tonic-gate {
6077c478bd9Sstevel@tonic-gate 	bcopy((char *)offset, addr, size);
6087c478bd9Sstevel@tonic-gate 	return 0;
6097c478bd9Sstevel@tonic-gate }
6107c478bd9Sstevel@tonic-gate 
6117c478bd9Sstevel@tonic-gate 
kstrncpy(buf,pos,n)6127c478bd9Sstevel@tonic-gate int kstrncpy(buf, pos, n)
6137c478bd9Sstevel@tonic-gate char *buf;
6147c478bd9Sstevel@tonic-gate long pos;
6157c478bd9Sstevel@tonic-gate int n;
6167c478bd9Sstevel@tonic-gate {
6177c478bd9Sstevel@tonic-gate 	char *ptr;
6187c478bd9Sstevel@tonic-gate 
6197c478bd9Sstevel@tonic-gate 	ptr = (char *)pos;
6207c478bd9Sstevel@tonic-gate 
6217663b816Sml 	while ((n-- > 0) && (*buf++ = *ptr++))
6227c478bd9Sstevel@tonic-gate 		;
6237c478bd9Sstevel@tonic-gate 	return 0;
6247c478bd9Sstevel@tonic-gate }
6257c478bd9Sstevel@tonic-gate 
6267c478bd9Sstevel@tonic-gate 
6277c478bd9Sstevel@tonic-gate /*
6287c478bd9Sstevel@tonic-gate  * Display the built up NAT table rules and mapping entries.
6297c478bd9Sstevel@tonic-gate  */
dumpnat(ifs)630f4b3ec61Sdh void dumpnat(ifs)
631f4b3ec61Sdh 	ipf_stack_t *ifs;
6327c478bd9Sstevel@tonic-gate {
6337c478bd9Sstevel@tonic-gate 	ipnat_t	*ipn;
6347c478bd9Sstevel@tonic-gate 	nat_t	*nat;
6357c478bd9Sstevel@tonic-gate 
6367c478bd9Sstevel@tonic-gate 	printf("List of active MAP/Redirect filters:\n");
637f4b3ec61Sdh 	for (ipn = ifs->ifs_nat_list; ipn != NULL; ipn = ipn->in_next)
6387c478bd9Sstevel@tonic-gate 		printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE));
6397c478bd9Sstevel@tonic-gate 	printf("\nList of active sessions:\n");
640f4b3ec61Sdh 	for (nat = ifs->ifs_nat_instances; nat; nat = nat->nat_next) {
641f4b3ec61Sdh 		printactivenat(nat, opts, 0);
642ab25eeb5Syz 		if (nat->nat_aps)
643ab25eeb5Syz 			printaps(nat->nat_aps, opts);
644ab25eeb5Syz 	}
6457c478bd9Sstevel@tonic-gate }
6467c478bd9Sstevel@tonic-gate 
6477c478bd9Sstevel@tonic-gate 
6487c478bd9Sstevel@tonic-gate /*
6497c478bd9Sstevel@tonic-gate  * Display the built up state table rules and mapping entries.
6507c478bd9Sstevel@tonic-gate  */
dumpstate(ifs)651f4b3ec61Sdh void dumpstate(ifs)
652f4b3ec61Sdh 	ipf_stack_t *ifs;
6537c478bd9Sstevel@tonic-gate {
6547c478bd9Sstevel@tonic-gate 	ipstate_t *ips;
6557c478bd9Sstevel@tonic-gate 
6567c478bd9Sstevel@tonic-gate 	printf("List of active state sessions:\n");
657f4b3ec61Sdh 	for (ips = ifs->ifs_ips_list; ips != NULL; )
658ab25eeb5Syz 		ips = printstate(ips, opts & (OPT_DEBUG|OPT_VERBOSE),
659f4b3ec61Sdh 				 ifs->ifs_fr_ticks);
6607c478bd9Sstevel@tonic-gate }
6617c478bd9Sstevel@tonic-gate 
6627c478bd9Sstevel@tonic-gate 
dumplookups(ifs)663f4b3ec61Sdh void dumplookups(ifs)
664f4b3ec61Sdh 	ipf_stack_t *ifs;
6657c478bd9Sstevel@tonic-gate {
6667c478bd9Sstevel@tonic-gate 	iphtable_t *iph;
6677c478bd9Sstevel@tonic-gate 	ip_pool_t *ipl;
6687c478bd9Sstevel@tonic-gate 	int i;
6697c478bd9Sstevel@tonic-gate 
6707c478bd9Sstevel@tonic-gate 	printf("List of configured pools\n");
6717c478bd9Sstevel@tonic-gate 	for (i = 0; i < IPL_LOGSIZE; i++)
672f4b3ec61Sdh 		for (ipl = ifs->ifs_ip_pool_list[i]; ipl != NULL;
673f4b3ec61Sdh 		    ipl = ipl->ipo_next)
674ab25eeb5Syz 			printpool(ipl, bcopywrap, NULL, opts);
6757c478bd9Sstevel@tonic-gate 
6767c478bd9Sstevel@tonic-gate 	printf("List of configured hash tables\n");
6777c478bd9Sstevel@tonic-gate 	for (i = 0; i < IPL_LOGSIZE; i++)
678f4b3ec61Sdh 		for (iph = ifs->ifs_ipf_htables[i]; iph != NULL;
679f4b3ec61Sdh 		     iph = iph->iph_next)
680ab25eeb5Syz 			printhash(iph, bcopywrap, NULL, opts);
6817c478bd9Sstevel@tonic-gate }
6827c478bd9Sstevel@tonic-gate 
6837c478bd9Sstevel@tonic-gate 
dumpgroups(ifs)684f4b3ec61Sdh void dumpgroups(ifs)
685f4b3ec61Sdh 	ipf_stack_t *ifs;
6867c478bd9Sstevel@tonic-gate {
6877c478bd9Sstevel@tonic-gate 	frgroup_t *fg;
6887c478bd9Sstevel@tonic-gate 	frentry_t *fr;
6897c478bd9Sstevel@tonic-gate 	int i;
6907c478bd9Sstevel@tonic-gate 
6917c478bd9Sstevel@tonic-gate 	printf("List of groups configured (set 0)\n");
6927c478bd9Sstevel@tonic-gate 	for (i = 0; i < IPL_LOGSIZE; i++)
693f4b3ec61Sdh 		for (fg =  ifs->ifs_ipfgroups[i][0]; fg != NULL;
694f4b3ec61Sdh 		    fg = fg->fg_next) {
6957c478bd9Sstevel@tonic-gate 			printf("Dev.%d. Group %s Ref %d Flags %#x\n",
6967c478bd9Sstevel@tonic-gate 				i, fg->fg_name, fg->fg_ref, fg->fg_flags);
6977c478bd9Sstevel@tonic-gate 			for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) {
6987c478bd9Sstevel@tonic-gate #ifdef	USE_QUAD_T
6997c478bd9Sstevel@tonic-gate 				printf("%qu ",(unsigned long long)fr->fr_hits);
7007c478bd9Sstevel@tonic-gate #else
7017c478bd9Sstevel@tonic-gate 				printf("%ld ", fr->fr_hits);
7027c478bd9Sstevel@tonic-gate #endif
7037c478bd9Sstevel@tonic-gate 				printfr(fr, ipftestioctl);
7047c478bd9Sstevel@tonic-gate 			}
7057c478bd9Sstevel@tonic-gate 		}
7067c478bd9Sstevel@tonic-gate 
7077c478bd9Sstevel@tonic-gate 	printf("List of groups configured (set 1)\n");
7087c478bd9Sstevel@tonic-gate 	for (i = 0; i < IPL_LOGSIZE; i++)
709f4b3ec61Sdh 		for (fg =  ifs->ifs_ipfgroups[i][1]; fg != NULL;
710f4b3ec61Sdh 		    fg = fg->fg_next) {
7117c478bd9Sstevel@tonic-gate 			printf("Dev.%d. Group %s Ref %d Flags %#x\n",
7127c478bd9Sstevel@tonic-gate 				i, fg->fg_name, fg->fg_ref, fg->fg_flags);
7137c478bd9Sstevel@tonic-gate 			for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) {
7147c478bd9Sstevel@tonic-gate #ifdef	USE_QUAD_T
7157c478bd9Sstevel@tonic-gate 				printf("%qu ",(unsigned long long)fr->fr_hits);
7167c478bd9Sstevel@tonic-gate #else
7177c478bd9Sstevel@tonic-gate 				printf("%ld ", fr->fr_hits);
7187c478bd9Sstevel@tonic-gate #endif
7197c478bd9Sstevel@tonic-gate 				printfr(fr, ipftestioctl);
7207c478bd9Sstevel@tonic-gate 			}
7217c478bd9Sstevel@tonic-gate 		}
7227c478bd9Sstevel@tonic-gate }
7237c478bd9Sstevel@tonic-gate 
7247c478bd9Sstevel@tonic-gate 
drain_log(filename,ifs)725f4b3ec61Sdh void drain_log(filename, ifs)
7267c478bd9Sstevel@tonic-gate char *filename;
727f4b3ec61Sdh ipf_stack_t *ifs;
7287c478bd9Sstevel@tonic-gate {
7297c478bd9Sstevel@tonic-gate 	char buffer[DEFAULT_IPFLOGSIZE];
7307c478bd9Sstevel@tonic-gate 	struct iovec iov;
7317c478bd9Sstevel@tonic-gate 	struct uio uio;
7327c478bd9Sstevel@tonic-gate 	size_t resid;
733ab25eeb5Syz 	int fd, i;
7347c478bd9Sstevel@tonic-gate 
7357c478bd9Sstevel@tonic-gate 	fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644);
7367c478bd9Sstevel@tonic-gate 	if (fd == -1) {
7377c478bd9Sstevel@tonic-gate 		perror("drain_log:open");
7387c478bd9Sstevel@tonic-gate 		return;
7397c478bd9Sstevel@tonic-gate 	}
7407c478bd9Sstevel@tonic-gate 
741ab25eeb5Syz 	for (i = 0; i <= IPL_LOGMAX; i++)
742ab25eeb5Syz 		while (1) {
743ab25eeb5Syz 			bzero((char *)&iov, sizeof(iov));
744ab25eeb5Syz 			iov.iov_base = buffer;
745ab25eeb5Syz 			iov.iov_len = sizeof(buffer);
746ab25eeb5Syz 
747ab25eeb5Syz 			bzero((char *)&uio, sizeof(uio));
748ab25eeb5Syz 			uio.uio_iov = &iov;
749ab25eeb5Syz 			uio.uio_iovcnt = 1;
750ab25eeb5Syz 			uio.uio_resid = iov.iov_len;
751ab25eeb5Syz 			resid = uio.uio_resid;
752ab25eeb5Syz 
753f4b3ec61Sdh 			if (ipflog_read(i, &uio, ifs) == 0) {
754ab25eeb5Syz 				/*
755ab25eeb5Syz 				 * If nothing was read then break out.
756ab25eeb5Syz 				 */
757ab25eeb5Syz 				if (uio.uio_resid == resid)
758ab25eeb5Syz 					break;
759ab25eeb5Syz 				write(fd, buffer, resid - uio.uio_resid);
760ab25eeb5Syz 			} else
7617c478bd9Sstevel@tonic-gate 				break;
7627c478bd9Sstevel@tonic-gate 	}
7637c478bd9Sstevel@tonic-gate 
7647c478bd9Sstevel@tonic-gate 	close(fd);
7657c478bd9Sstevel@tonic-gate }
7667c478bd9Sstevel@tonic-gate 
7677c478bd9Sstevel@tonic-gate 
fixv4sums(m,ip)7687c478bd9Sstevel@tonic-gate void fixv4sums(m, ip)
7697c478bd9Sstevel@tonic-gate mb_t *m;
7707c478bd9Sstevel@tonic-gate ip_t *ip;
7717c478bd9Sstevel@tonic-gate {
7727c478bd9Sstevel@tonic-gate 	u_char *csump, *hdr;
7737c478bd9Sstevel@tonic-gate 
7747c478bd9Sstevel@tonic-gate 	ip->ip_sum = 0;
7757c478bd9Sstevel@tonic-gate 	ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2);
7767c478bd9Sstevel@tonic-gate 
7777c478bd9Sstevel@tonic-gate 	csump = (u_char *)ip;
7787c478bd9Sstevel@tonic-gate 	csump += IP_HL(ip) << 2;
7797c478bd9Sstevel@tonic-gate 
7807c478bd9Sstevel@tonic-gate 	switch (ip->ip_p)
7817c478bd9Sstevel@tonic-gate 	{
7827c478bd9Sstevel@tonic-gate 	case IPPROTO_TCP :
7837c478bd9Sstevel@tonic-gate 		hdr = csump;
7847c478bd9Sstevel@tonic-gate 		csump += offsetof(tcphdr_t, th_sum);
7857c478bd9Sstevel@tonic-gate 		break;
7867c478bd9Sstevel@tonic-gate 	case IPPROTO_UDP :
7877c478bd9Sstevel@tonic-gate 		hdr = csump;
7887c478bd9Sstevel@tonic-gate 		csump += offsetof(udphdr_t, uh_sum);
7897c478bd9Sstevel@tonic-gate 		break;
7907c478bd9Sstevel@tonic-gate 	default :
7917c478bd9Sstevel@tonic-gate 		csump = NULL;
7927c478bd9Sstevel@tonic-gate 		hdr = NULL;
7937c478bd9Sstevel@tonic-gate 		break;
7947c478bd9Sstevel@tonic-gate 	}
7957c478bd9Sstevel@tonic-gate 	if (hdr != NULL) {
7967c478bd9Sstevel@tonic-gate 		*csump = 0;
7977c478bd9Sstevel@tonic-gate 		*(u_short *)csump = fr_cksum(m, ip, ip->ip_p, hdr);
7987c478bd9Sstevel@tonic-gate 	}
7997c478bd9Sstevel@tonic-gate }
800f4b3ec61Sdh 
801f4b3ec61Sdh ipf_stack_t *gifs;
802f4b3ec61Sdh 
803f4b3ec61Sdh /*
804f4b3ec61Sdh  * Allocate and keep pointer for get_ifs()
805f4b3ec61Sdh  */
806f4b3ec61Sdh ipf_stack_t *
create_ifs()807f4b3ec61Sdh create_ifs()
808f4b3ec61Sdh {
809f4b3ec61Sdh 	ipf_stack_t *ifs;
810f4b3ec61Sdh 
811f4b3ec61Sdh 	KMALLOCS(ifs, ipf_stack_t *, sizeof (*ifs));
812f4b3ec61Sdh 	bzero(ifs, sizeof (*ifs));
813f4b3ec61Sdh 	gifs = ifs;
814f4b3ec61Sdh 	return (ifs);
815f4b3ec61Sdh }
816f4b3ec61Sdh 
817f4b3ec61Sdh ipf_stack_t *
get_ifs()818f4b3ec61Sdh get_ifs()
819f4b3ec61Sdh {
820f4b3ec61Sdh 	return (gifs);
821f4b3ec61Sdh }
822