17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * Copyright (C) 1993-2001 by Darren Reed. 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * See the IPFILTER.LICENCE file for details on licencing. 57663b816Sml * 6*e8d569f4SAlexandr Nedvedicky * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 77663b816Sml * Use is subject to license terms. 87c478bd9Sstevel@tonic-gate */ 97663b816Sml 107c478bd9Sstevel@tonic-gate #include "ipf.h" 117c478bd9Sstevel@tonic-gate #include "ipt.h" 127c478bd9Sstevel@tonic-gate #include <sys/ioctl.h> 137c478bd9Sstevel@tonic-gate #include <sys/file.h> 147c478bd9Sstevel@tonic-gate 157c478bd9Sstevel@tonic-gate #if !defined(lint) 167c478bd9Sstevel@tonic-gate static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed"; 17ab25eeb5Syz static const char rcsid[] = "@(#)$Id: ipftest.c,v 1.44.2.4 2005/07/16 06:05:28 darrenr Exp $"; 187c478bd9Sstevel@tonic-gate #endif 197c478bd9Sstevel@tonic-gate 207c478bd9Sstevel@tonic-gate extern char *optarg; 217c478bd9Sstevel@tonic-gate extern struct frentry *ipfilter[2][2]; 227c478bd9Sstevel@tonic-gate extern struct ipread snoop, etherf, tcpd, pcap, iptext, iphex; 23f4b3ec61Sdh extern struct ifnet *get_unit __P((char *, int, ipf_stack_t *)); 247c478bd9Sstevel@tonic-gate extern void init_ifp __P((void)); 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate int opts = OPT_DONOTHING; 277c478bd9Sstevel@tonic-gate int use_inet6 = 0; 287c478bd9Sstevel@tonic-gate int pfil_delayed_copy = 0; 297c478bd9Sstevel@tonic-gate int main __P((int, char *[])); 307c478bd9Sstevel@tonic-gate int loadrules __P((char *, int)); 317c478bd9Sstevel@tonic-gate int kmemcpy __P((char *, long, int)); 327c478bd9Sstevel@tonic-gate int kstrncpy __P((char *, long, int n)); 33f4b3ec61Sdh void dumpnat __P((ipf_stack_t *ifs)); 34f4b3ec61Sdh void dumpstate __P((ipf_stack_t *ifs)); 35f4b3ec61Sdh void dumplookups __P((ipf_stack_t *ifs)); 36f4b3ec61Sdh void dumpgroups __P((ipf_stack_t *ifs)); 37f4b3ec61Sdh void drain_log __P((char *, ipf_stack_t *ifs)); 387c478bd9Sstevel@tonic-gate void fixv4sums __P((mb_t *, ip_t *)); 39f4b3ec61Sdh ipf_stack_t *get_ifs __P((void)); 40f4b3ec61Sdh ipf_stack_t *create_ifs __P((void)); 41f4b3ec61Sdh 427c478bd9Sstevel@tonic-gate 437c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 447c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 45ab25eeb5Syz defined(__osf__) || defined(linux) 467c478bd9Sstevel@tonic-gate int ipftestioctl __P((int, ioctlcmd_t, ...)); 477c478bd9Sstevel@tonic-gate int ipnattestioctl __P((int, ioctlcmd_t, ...)); 487c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((int, ioctlcmd_t, ...)); 497c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((int, ioctlcmd_t, ...)); 507c478bd9Sstevel@tonic-gate int ipscantestioctl __P((int, ioctlcmd_t, ...)); 517c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((int, ioctlcmd_t, ...)); 527c478bd9Sstevel@tonic-gate int ipooltestioctl __P((int, ioctlcmd_t, ...)); 537c478bd9Sstevel@tonic-gate #else 547c478bd9Sstevel@tonic-gate int ipftestioctl __P((dev_t, ioctlcmd_t, void *)); 557c478bd9Sstevel@tonic-gate int ipnattestioctl __P((dev_t, ioctlcmd_t, void *)); 567c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *)); 577c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *)); 587c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *)); 597c478bd9Sstevel@tonic-gate int ipscantestioctl __P((dev_t, ioctlcmd_t, void *)); 607c478bd9Sstevel@tonic-gate int ipooltestioctl __P((dev_t, ioctlcmd_t, void *)); 617c478bd9Sstevel@tonic-gate #endif 627c478bd9Sstevel@tonic-gate 637c478bd9Sstevel@tonic-gate static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl, 647c478bd9Sstevel@tonic-gate ipnattestioctl, 657c478bd9Sstevel@tonic-gate ipstatetestioctl, 667c478bd9Sstevel@tonic-gate ipauthtestioctl, 677c478bd9Sstevel@tonic-gate ipsynctestioctl, 687c478bd9Sstevel@tonic-gate ipscantestioctl, 697c478bd9Sstevel@tonic-gate ipooltestioctl, 707c478bd9Sstevel@tonic-gate NULL }; 717c478bd9Sstevel@tonic-gate 727c478bd9Sstevel@tonic-gate 737c478bd9Sstevel@tonic-gate int main(argc,argv) 747c478bd9Sstevel@tonic-gate int argc; 757c478bd9Sstevel@tonic-gate char *argv[]; 767c478bd9Sstevel@tonic-gate { 777c478bd9Sstevel@tonic-gate char *datain, *iface, *ifname, *logout; 787c478bd9Sstevel@tonic-gate int fd, i, dir, c, loaded, dump, hlen; 797c478bd9Sstevel@tonic-gate struct ifnet *ifp; 807c478bd9Sstevel@tonic-gate struct ipread *r; 817c478bd9Sstevel@tonic-gate mb_t mb, *m; 827c478bd9Sstevel@tonic-gate ip_t *ip; 83f4b3ec61Sdh ipf_stack_t *ifs; 847c478bd9Sstevel@tonic-gate 857c478bd9Sstevel@tonic-gate m = &mb; 867c478bd9Sstevel@tonic-gate dir = 0; 877c478bd9Sstevel@tonic-gate dump = 0; 887c478bd9Sstevel@tonic-gate hlen = 0; 897c478bd9Sstevel@tonic-gate loaded = 0; 907c478bd9Sstevel@tonic-gate r = &iptext; 917c478bd9Sstevel@tonic-gate iface = NULL; 927c478bd9Sstevel@tonic-gate logout = NULL; 937c478bd9Sstevel@tonic-gate ifname = "anon0"; 947c478bd9Sstevel@tonic-gate datain = NULL; 957c478bd9Sstevel@tonic-gate 967c478bd9Sstevel@tonic-gate initparse(); 97f4b3ec61Sdh ifs = create_ifs(); 98f4b3ec61Sdh 99f4b3ec61Sdh #if defined(IPFILTER_DEFAULT_BLOCK) 100f4b3ec61Sdh ifs->ifs_fr_pass = FR_BLOCK|FR_NOMATCH; 101f4b3ec61Sdh #else 102f4b3ec61Sdh ifs->ifs_fr_pass = (IPF_DEFAULT_PASS)|FR_NOMATCH; 103f4b3ec61Sdh #endif 104f4b3ec61Sdh ipftuneable_alloc(ifs); 105f4b3ec61Sdh 106f4b3ec61Sdh MUTEX_INIT(&ifs->ifs_ipf_rw, "ipf rw mutex"); 107f4b3ec61Sdh MUTEX_INIT(&ifs->ifs_ipf_timeoutlock, "ipf timeout lock"); 108f4b3ec61Sdh RWLOCK_INIT(&ifs->ifs_ipf_global, "ipf filter load/unload mutex"); 109f4b3ec61Sdh RWLOCK_INIT(&ifs->ifs_ipf_mutex, "ipf filter rwlock"); 110f4b3ec61Sdh RWLOCK_INIT(&ifs->ifs_ipf_ipidfrag, "ipf IP NAT-Frag rwlock"); 111*e8d569f4SAlexandr Nedvedicky RWLOCK_INIT(&ifs->ifs_ipf_frcache, "ipf rule cache rwlock"); 112f4b3ec61Sdh 113f4b3ec61Sdh fr_loginit(ifs); 114f4b3ec61Sdh fr_authinit(ifs); 115f4b3ec61Sdh fr_fraginit(ifs); 116f4b3ec61Sdh fr_stateinit(ifs); 117f4b3ec61Sdh fr_natinit(ifs); 118f4b3ec61Sdh appr_init(ifs); 119f4b3ec61Sdh ip_lookup_init(ifs); 120f4b3ec61Sdh ifs->ifs_fr_running = 1; 1217c478bd9Sstevel@tonic-gate 122ab25eeb5Syz while ((c = getopt(argc, argv, "6bdDF:i:I:l:N:P:or:RT:vxX")) != -1) 1237c478bd9Sstevel@tonic-gate switch (c) 1247c478bd9Sstevel@tonic-gate { 1257c478bd9Sstevel@tonic-gate case '6' : 1267c478bd9Sstevel@tonic-gate #ifdef USE_INET6 1277c478bd9Sstevel@tonic-gate use_inet6 = 1; 1287c478bd9Sstevel@tonic-gate #else 1297c478bd9Sstevel@tonic-gate fprintf(stderr, "IPv6 not supported\n"); 1307c478bd9Sstevel@tonic-gate exit(1); 1317c478bd9Sstevel@tonic-gate #endif 1327c478bd9Sstevel@tonic-gate break; 1337c478bd9Sstevel@tonic-gate case 'b' : 1347c478bd9Sstevel@tonic-gate opts |= OPT_BRIEF; 1357c478bd9Sstevel@tonic-gate break; 1367c478bd9Sstevel@tonic-gate case 'd' : 1377c478bd9Sstevel@tonic-gate opts |= OPT_DEBUG; 1387c478bd9Sstevel@tonic-gate break; 1397c478bd9Sstevel@tonic-gate case 'D' : 1407c478bd9Sstevel@tonic-gate dump = 1; 1417c478bd9Sstevel@tonic-gate break; 1427c478bd9Sstevel@tonic-gate case 'F' : 1437c478bd9Sstevel@tonic-gate if (strcasecmp(optarg, "pcap") == 0) 1447c478bd9Sstevel@tonic-gate r = &pcap; 1457c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "etherfind") == 0) 1467c478bd9Sstevel@tonic-gate r = ðerf; 1477c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "snoop") == 0) 1487c478bd9Sstevel@tonic-gate r = &snoop; 1497c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "tcpdump") == 0) 1507c478bd9Sstevel@tonic-gate r = &tcpd; 1517c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "hex") == 0) 1527c478bd9Sstevel@tonic-gate r = &iphex; 1537c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "text") == 0) 1547c478bd9Sstevel@tonic-gate r = &iptext; 1557c478bd9Sstevel@tonic-gate break; 1567c478bd9Sstevel@tonic-gate case 'i' : 1577c478bd9Sstevel@tonic-gate datain = optarg; 1587c478bd9Sstevel@tonic-gate break; 1597c478bd9Sstevel@tonic-gate case 'I' : 1607c478bd9Sstevel@tonic-gate ifname = optarg; 1617c478bd9Sstevel@tonic-gate break; 1627c478bd9Sstevel@tonic-gate case 'l' : 1637c478bd9Sstevel@tonic-gate logout = optarg; 1647c478bd9Sstevel@tonic-gate break; 1657c478bd9Sstevel@tonic-gate case 'o' : 1667c478bd9Sstevel@tonic-gate opts |= OPT_SAVEOUT; 1677c478bd9Sstevel@tonic-gate break; 1687c478bd9Sstevel@tonic-gate case 'r' : 1697c478bd9Sstevel@tonic-gate if (ipf_parsefile(-1, ipf_addrule, iocfunctions, 1707c478bd9Sstevel@tonic-gate optarg) == -1) 1717c478bd9Sstevel@tonic-gate return -1; 1727c478bd9Sstevel@tonic-gate loaded = 1; 1737c478bd9Sstevel@tonic-gate break; 174ab25eeb5Syz case 'R' : 175ab25eeb5Syz opts |= OPT_NORESOLVE; 176ab25eeb5Syz break; 1777c478bd9Sstevel@tonic-gate case 'v' : 1787c478bd9Sstevel@tonic-gate opts |= OPT_VERBOSE; 1797c478bd9Sstevel@tonic-gate break; 1807c478bd9Sstevel@tonic-gate case 'N' : 1817c478bd9Sstevel@tonic-gate if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl, 1827c478bd9Sstevel@tonic-gate optarg) == -1) 1837c478bd9Sstevel@tonic-gate return -1; 1847c478bd9Sstevel@tonic-gate loaded = 1; 1857c478bd9Sstevel@tonic-gate opts |= OPT_NAT; 1867c478bd9Sstevel@tonic-gate break; 1877c478bd9Sstevel@tonic-gate case 'P' : 1887c478bd9Sstevel@tonic-gate if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1) 1897c478bd9Sstevel@tonic-gate return -1; 1907c478bd9Sstevel@tonic-gate loaded = 1; 1917c478bd9Sstevel@tonic-gate break; 192ab25eeb5Syz case 'T' : 193ab25eeb5Syz ipf_dotuning(-1, optarg, ipftestioctl); 194ab25eeb5Syz break; 1957c478bd9Sstevel@tonic-gate case 'x' : 1967c478bd9Sstevel@tonic-gate opts |= OPT_HEX; 1977c478bd9Sstevel@tonic-gate break; 1987c478bd9Sstevel@tonic-gate } 1997c478bd9Sstevel@tonic-gate 2007c478bd9Sstevel@tonic-gate if (loaded == 0) { 2017c478bd9Sstevel@tonic-gate (void)fprintf(stderr,"no rules loaded\n"); 2027c478bd9Sstevel@tonic-gate exit(-1); 2037c478bd9Sstevel@tonic-gate } 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate if (opts & OPT_SAVEOUT) 2067c478bd9Sstevel@tonic-gate init_ifp(); 2077c478bd9Sstevel@tonic-gate 2087c478bd9Sstevel@tonic-gate if (datain) 2097c478bd9Sstevel@tonic-gate fd = (*r->r_open)(datain); 2107c478bd9Sstevel@tonic-gate else 2117c478bd9Sstevel@tonic-gate fd = (*r->r_open)("-"); 2127c478bd9Sstevel@tonic-gate 2137c478bd9Sstevel@tonic-gate if (fd < 0) 2147c478bd9Sstevel@tonic-gate exit(-1); 2157c478bd9Sstevel@tonic-gate 2167c478bd9Sstevel@tonic-gate ip = MTOD(m, ip_t *); 2177c478bd9Sstevel@tonic-gate while ((i = (*r->r_readip)(MTOD(m, char *), sizeof(m->mb_buf), 2187c478bd9Sstevel@tonic-gate &iface, &dir)) > 0) { 2197c478bd9Sstevel@tonic-gate if (iface == NULL || *iface == '\0') 2207c478bd9Sstevel@tonic-gate iface = ifname; 221f4b3ec61Sdh ifp = get_unit(iface, IP_V(ip), ifs); 2225e985db5Sschuster if (ifp == NULL) { 2235e985db5Sschuster fprintf(stderr, "out of memory\n"); 2245e985db5Sschuster exit(1); 2255e985db5Sschuster } 2267c478bd9Sstevel@tonic-gate if (!use_inet6) { 2277c478bd9Sstevel@tonic-gate ip->ip_off = ntohs(ip->ip_off); 2287c478bd9Sstevel@tonic-gate ip->ip_len = ntohs(ip->ip_len); 2297c478bd9Sstevel@tonic-gate if (r->r_flags & R_DO_CKSUM) 2307c478bd9Sstevel@tonic-gate fixv4sums(m, ip); 2317c478bd9Sstevel@tonic-gate hlen = IP_HL(ip) << 2; 2327c478bd9Sstevel@tonic-gate } 2337c478bd9Sstevel@tonic-gate #ifdef USE_INET6 2347c478bd9Sstevel@tonic-gate else 2357c478bd9Sstevel@tonic-gate hlen = sizeof(ip6_t); 2367c478bd9Sstevel@tonic-gate #endif 2377c478bd9Sstevel@tonic-gate /* ipfr_slowtimer(); */ 2387c478bd9Sstevel@tonic-gate m = &mb; 2397c478bd9Sstevel@tonic-gate m->mb_len = i; 240f4b3ec61Sdh i = fr_check(ip, hlen, ifp, dir, &m, ifs); 2417c478bd9Sstevel@tonic-gate if ((opts & OPT_NAT) == 0) 2427c478bd9Sstevel@tonic-gate switch (i) 2437c478bd9Sstevel@tonic-gate { 2447c478bd9Sstevel@tonic-gate case -4 : 2457c478bd9Sstevel@tonic-gate (void)printf("preauth"); 2467c478bd9Sstevel@tonic-gate break; 2477c478bd9Sstevel@tonic-gate case -3 : 2487c478bd9Sstevel@tonic-gate (void)printf("account"); 2497c478bd9Sstevel@tonic-gate break; 2507c478bd9Sstevel@tonic-gate case -2 : 2517c478bd9Sstevel@tonic-gate (void)printf("auth"); 2527c478bd9Sstevel@tonic-gate break; 2537c478bd9Sstevel@tonic-gate case -1 : 2547c478bd9Sstevel@tonic-gate (void)printf("block"); 2557c478bd9Sstevel@tonic-gate break; 2567c478bd9Sstevel@tonic-gate case 0 : 2577c478bd9Sstevel@tonic-gate (void)printf("pass"); 2587c478bd9Sstevel@tonic-gate break; 2597c478bd9Sstevel@tonic-gate case 1 : 2607c478bd9Sstevel@tonic-gate (void)printf("nomatch"); 2617c478bd9Sstevel@tonic-gate break; 2627c478bd9Sstevel@tonic-gate case 3 : 2637c478bd9Sstevel@tonic-gate (void)printf("block return-rst"); 2647c478bd9Sstevel@tonic-gate break; 2657c478bd9Sstevel@tonic-gate case 4 : 2667c478bd9Sstevel@tonic-gate (void)printf("block return-icmp"); 2677c478bd9Sstevel@tonic-gate break; 2687c478bd9Sstevel@tonic-gate case 5 : 2697c478bd9Sstevel@tonic-gate (void)printf("block return-icmp-as-dest"); 2707c478bd9Sstevel@tonic-gate break; 2717c478bd9Sstevel@tonic-gate default : 2727c478bd9Sstevel@tonic-gate (void)printf("recognised return %#x\n", i); 2737c478bd9Sstevel@tonic-gate break; 2747c478bd9Sstevel@tonic-gate } 2757c478bd9Sstevel@tonic-gate if (!use_inet6) { 2767c478bd9Sstevel@tonic-gate ip->ip_off = htons(ip->ip_off); 2777c478bd9Sstevel@tonic-gate ip->ip_len = htons(ip->ip_len); 2787c478bd9Sstevel@tonic-gate } 2797c478bd9Sstevel@tonic-gate 2807c478bd9Sstevel@tonic-gate if (!(opts & OPT_BRIEF)) { 2817c478bd9Sstevel@tonic-gate putchar(' '); 2827c478bd9Sstevel@tonic-gate printpacket(ip); 2837c478bd9Sstevel@tonic-gate printf("--------------"); 2847c478bd9Sstevel@tonic-gate } else if ((opts & (OPT_BRIEF|OPT_NAT)) == (OPT_NAT|OPT_BRIEF)) 2857c478bd9Sstevel@tonic-gate printpacket(ip); 2867c478bd9Sstevel@tonic-gate if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL)) 287ab25eeb5Syz #if defined(__sgi) && (IRIX < 60500) 2887c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL); 2897c478bd9Sstevel@tonic-gate #else 2907c478bd9Sstevel@tonic-gate # if TRU64 >= 1885 2917c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0); 2927c478bd9Sstevel@tonic-gate # else 2937c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0); 2947c478bd9Sstevel@tonic-gate # endif 2957c478bd9Sstevel@tonic-gate #endif 2967c478bd9Sstevel@tonic-gate if ((opts & (OPT_BRIEF|OPT_NAT)) != (OPT_NAT|OPT_BRIEF)) 2977c478bd9Sstevel@tonic-gate putchar('\n'); 2987c478bd9Sstevel@tonic-gate dir = 0; 2997c478bd9Sstevel@tonic-gate if (iface != ifname) { 3007c478bd9Sstevel@tonic-gate free(iface); 3017c478bd9Sstevel@tonic-gate iface = ifname; 3027c478bd9Sstevel@tonic-gate } 3037c478bd9Sstevel@tonic-gate m = &mb; 3047c478bd9Sstevel@tonic-gate } 3057c478bd9Sstevel@tonic-gate (*r->r_close)(); 3067c478bd9Sstevel@tonic-gate 3077c478bd9Sstevel@tonic-gate if (logout != NULL) { 308f4b3ec61Sdh drain_log(logout, ifs); 3097c478bd9Sstevel@tonic-gate } 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate if (dump == 1) { 312f4b3ec61Sdh dumpnat(ifs); 313f4b3ec61Sdh dumpstate(ifs); 314f4b3ec61Sdh dumplookups(ifs); 315f4b3ec61Sdh dumpgroups(ifs); 3167c478bd9Sstevel@tonic-gate } 3177c478bd9Sstevel@tonic-gate 318f4b3ec61Sdh fr_deinitialise(ifs); 3197c478bd9Sstevel@tonic-gate 3207c478bd9Sstevel@tonic-gate return 0; 3217c478bd9Sstevel@tonic-gate } 3227c478bd9Sstevel@tonic-gate 3237c478bd9Sstevel@tonic-gate 3247c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 3257c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 326ab25eeb5Syz defined(__osf__) || defined(linux) 3277c478bd9Sstevel@tonic-gate int ipftestioctl(int dev, ioctlcmd_t cmd, ...) 3287c478bd9Sstevel@tonic-gate { 3297c478bd9Sstevel@tonic-gate caddr_t data; 3307c478bd9Sstevel@tonic-gate va_list ap; 3317c478bd9Sstevel@tonic-gate int i; 3327c478bd9Sstevel@tonic-gate 3337c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3347c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3357c478bd9Sstevel@tonic-gate va_end(ap); 3367c478bd9Sstevel@tonic-gate 3377c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 3387c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 3397c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", 3407c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 341ab25eeb5Syz if (i != 0) { 342ab25eeb5Syz errno = i; 343ab25eeb5Syz return -1; 344ab25eeb5Syz } 345ab25eeb5Syz return 0; 3467c478bd9Sstevel@tonic-gate } 3477c478bd9Sstevel@tonic-gate 3487c478bd9Sstevel@tonic-gate 3497c478bd9Sstevel@tonic-gate int ipnattestioctl(int dev, ioctlcmd_t cmd, ...) 3507c478bd9Sstevel@tonic-gate { 3517c478bd9Sstevel@tonic-gate caddr_t data; 3527c478bd9Sstevel@tonic-gate va_list ap; 3537c478bd9Sstevel@tonic-gate int i; 3547c478bd9Sstevel@tonic-gate 3557c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3567c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3577c478bd9Sstevel@tonic-gate va_end(ap); 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 3607c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 3617c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", 3627c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 363ab25eeb5Syz if (i != 0) { 364ab25eeb5Syz errno = i; 365ab25eeb5Syz return -1; 366ab25eeb5Syz } 367ab25eeb5Syz return 0; 3687c478bd9Sstevel@tonic-gate } 3697c478bd9Sstevel@tonic-gate 3707c478bd9Sstevel@tonic-gate 3717c478bd9Sstevel@tonic-gate int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...) 3727c478bd9Sstevel@tonic-gate { 3737c478bd9Sstevel@tonic-gate caddr_t data; 3747c478bd9Sstevel@tonic-gate va_list ap; 3757c478bd9Sstevel@tonic-gate int i; 3767c478bd9Sstevel@tonic-gate 3777c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3787c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3797c478bd9Sstevel@tonic-gate va_end(ap); 3807c478bd9Sstevel@tonic-gate 3817c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 3827c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 3837c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", 3847c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 385ab25eeb5Syz if (i != 0) { 386ab25eeb5Syz errno = i; 387ab25eeb5Syz return -1; 388ab25eeb5Syz } 389ab25eeb5Syz return 0; 3907c478bd9Sstevel@tonic-gate } 3917c478bd9Sstevel@tonic-gate 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...) 3947c478bd9Sstevel@tonic-gate { 3957c478bd9Sstevel@tonic-gate caddr_t data; 3967c478bd9Sstevel@tonic-gate va_list ap; 3977c478bd9Sstevel@tonic-gate int i; 3987c478bd9Sstevel@tonic-gate 3997c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4007c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4017c478bd9Sstevel@tonic-gate va_end(ap); 4027c478bd9Sstevel@tonic-gate 4037c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 4047c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4057c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", 4067c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 407ab25eeb5Syz if (i != 0) { 408ab25eeb5Syz errno = i; 409ab25eeb5Syz return -1; 410ab25eeb5Syz } 411ab25eeb5Syz return 0; 4127c478bd9Sstevel@tonic-gate } 4137c478bd9Sstevel@tonic-gate 4147c478bd9Sstevel@tonic-gate 4157c478bd9Sstevel@tonic-gate int ipscantestioctl(int dev, ioctlcmd_t cmd, ...) 4167c478bd9Sstevel@tonic-gate { 4177c478bd9Sstevel@tonic-gate caddr_t data; 4187c478bd9Sstevel@tonic-gate va_list ap; 4197c478bd9Sstevel@tonic-gate int i; 4207c478bd9Sstevel@tonic-gate 4217c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4227c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4237c478bd9Sstevel@tonic-gate va_end(ap); 4247c478bd9Sstevel@tonic-gate 4257c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 4267c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4277c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", 4287c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 429ab25eeb5Syz if (i != 0) { 430ab25eeb5Syz errno = i; 431ab25eeb5Syz return -1; 432ab25eeb5Syz } 433ab25eeb5Syz return 0; 4347c478bd9Sstevel@tonic-gate } 4357c478bd9Sstevel@tonic-gate 4367c478bd9Sstevel@tonic-gate 4377c478bd9Sstevel@tonic-gate int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...) 4387c478bd9Sstevel@tonic-gate { 4397c478bd9Sstevel@tonic-gate caddr_t data; 4407c478bd9Sstevel@tonic-gate va_list ap; 4417c478bd9Sstevel@tonic-gate int i; 4427c478bd9Sstevel@tonic-gate 4437c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4447c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4457c478bd9Sstevel@tonic-gate va_end(ap); 4467c478bd9Sstevel@tonic-gate 4477c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 4487c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4497c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", 4507c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 451ab25eeb5Syz if (i != 0) { 452ab25eeb5Syz errno = i; 453ab25eeb5Syz return -1; 454ab25eeb5Syz } 455ab25eeb5Syz return 0; 4567c478bd9Sstevel@tonic-gate } 4577c478bd9Sstevel@tonic-gate 4587c478bd9Sstevel@tonic-gate 4597c478bd9Sstevel@tonic-gate int ipooltestioctl(int dev, ioctlcmd_t cmd, ...) 4607c478bd9Sstevel@tonic-gate { 4617c478bd9Sstevel@tonic-gate caddr_t data; 4627c478bd9Sstevel@tonic-gate va_list ap; 4637c478bd9Sstevel@tonic-gate int i; 4647c478bd9Sstevel@tonic-gate 4657c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4667c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4677c478bd9Sstevel@tonic-gate va_end(ap); 4687c478bd9Sstevel@tonic-gate 4697c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 4707c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4717c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", 4727c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 473ab25eeb5Syz if (i != 0) { 474ab25eeb5Syz errno = i; 475ab25eeb5Syz return -1; 476ab25eeb5Syz } 477ab25eeb5Syz return 0; 4787c478bd9Sstevel@tonic-gate } 4797c478bd9Sstevel@tonic-gate #else 4807c478bd9Sstevel@tonic-gate int ipftestioctl(dev, cmd, data) 4817c478bd9Sstevel@tonic-gate dev_t dev; 4827c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 4837c478bd9Sstevel@tonic-gate void *data; 4847c478bd9Sstevel@tonic-gate { 4857c478bd9Sstevel@tonic-gate int i; 4867c478bd9Sstevel@tonic-gate 4877c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 4887c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4897c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", cmd, data, i); 490ab25eeb5Syz if (i != 0) { 491ab25eeb5Syz errno = i; 492ab25eeb5Syz return -1; 493ab25eeb5Syz } 494ab25eeb5Syz return 0; 4957c478bd9Sstevel@tonic-gate } 4967c478bd9Sstevel@tonic-gate 4977c478bd9Sstevel@tonic-gate 4987c478bd9Sstevel@tonic-gate int ipnattestioctl(dev, cmd, data) 4997c478bd9Sstevel@tonic-gate dev_t dev; 5007c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5017c478bd9Sstevel@tonic-gate void *data; 5027c478bd9Sstevel@tonic-gate { 5037c478bd9Sstevel@tonic-gate int i; 5047c478bd9Sstevel@tonic-gate 5057c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 5067c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5077c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", cmd, data, i); 508ab25eeb5Syz if (i != 0) { 509ab25eeb5Syz errno = i; 510ab25eeb5Syz return -1; 511ab25eeb5Syz } 512ab25eeb5Syz return 0; 5137c478bd9Sstevel@tonic-gate } 5147c478bd9Sstevel@tonic-gate 5157c478bd9Sstevel@tonic-gate 5167c478bd9Sstevel@tonic-gate int ipstatetestioctl(dev, cmd, data) 5177c478bd9Sstevel@tonic-gate dev_t dev; 5187c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5197c478bd9Sstevel@tonic-gate void *data; 5207c478bd9Sstevel@tonic-gate { 5217c478bd9Sstevel@tonic-gate int i; 5227c478bd9Sstevel@tonic-gate 5237c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 5247c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5257c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", cmd, data, i); 526ab25eeb5Syz if (i != 0) { 527ab25eeb5Syz errno = i; 528ab25eeb5Syz return -1; 529ab25eeb5Syz } 530ab25eeb5Syz return 0; 5317c478bd9Sstevel@tonic-gate } 5327c478bd9Sstevel@tonic-gate 5337c478bd9Sstevel@tonic-gate 5347c478bd9Sstevel@tonic-gate int ipauthtestioctl(dev, cmd, data) 5357c478bd9Sstevel@tonic-gate dev_t dev; 5367c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5377c478bd9Sstevel@tonic-gate void *data; 5387c478bd9Sstevel@tonic-gate { 5397c478bd9Sstevel@tonic-gate int i; 5407c478bd9Sstevel@tonic-gate 5417c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 5427c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5437c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", cmd, data, i); 544ab25eeb5Syz if (i != 0) { 545ab25eeb5Syz errno = i; 546ab25eeb5Syz return -1; 547ab25eeb5Syz } 548ab25eeb5Syz return 0; 5497c478bd9Sstevel@tonic-gate } 5507c478bd9Sstevel@tonic-gate 5517c478bd9Sstevel@tonic-gate 5527c478bd9Sstevel@tonic-gate int ipsynctestioctl(dev, cmd, data) 5537c478bd9Sstevel@tonic-gate dev_t dev; 5547c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5557c478bd9Sstevel@tonic-gate void *data; 5567c478bd9Sstevel@tonic-gate { 5577c478bd9Sstevel@tonic-gate int i; 5587c478bd9Sstevel@tonic-gate 5597c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 5607c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5617c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", cmd, data, i); 562ab25eeb5Syz if (i != 0) { 563ab25eeb5Syz errno = i; 564ab25eeb5Syz return -1; 565ab25eeb5Syz } 566ab25eeb5Syz return 0; 5677c478bd9Sstevel@tonic-gate } 5687c478bd9Sstevel@tonic-gate 5697c478bd9Sstevel@tonic-gate 5707c478bd9Sstevel@tonic-gate int ipscantestioctl(dev, cmd, data) 5717c478bd9Sstevel@tonic-gate dev_t dev; 5727c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5737c478bd9Sstevel@tonic-gate void *data; 5747c478bd9Sstevel@tonic-gate { 5757c478bd9Sstevel@tonic-gate int i; 5767c478bd9Sstevel@tonic-gate 5777c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 5787c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5797c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", cmd, data, i); 580ab25eeb5Syz if (i != 0) { 581ab25eeb5Syz errno = i; 582ab25eeb5Syz return -1; 583ab25eeb5Syz } 584ab25eeb5Syz return 0; 5857c478bd9Sstevel@tonic-gate } 5867c478bd9Sstevel@tonic-gate 5877c478bd9Sstevel@tonic-gate 5887c478bd9Sstevel@tonic-gate int ipooltestioctl(dev, cmd, data) 5897c478bd9Sstevel@tonic-gate dev_t dev; 5907c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5917c478bd9Sstevel@tonic-gate void *data; 5927c478bd9Sstevel@tonic-gate { 5937c478bd9Sstevel@tonic-gate int i; 5947c478bd9Sstevel@tonic-gate 5957c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 5967c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 5977c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", cmd, data, i); 598ab25eeb5Syz if (i != 0) { 599ab25eeb5Syz errno = i; 600ab25eeb5Syz return -1; 601ab25eeb5Syz } 602ab25eeb5Syz return 0; 6037c478bd9Sstevel@tonic-gate } 6047c478bd9Sstevel@tonic-gate #endif 6057c478bd9Sstevel@tonic-gate 6067c478bd9Sstevel@tonic-gate 6077c478bd9Sstevel@tonic-gate int kmemcpy(addr, offset, size) 6087c478bd9Sstevel@tonic-gate char *addr; 6097c478bd9Sstevel@tonic-gate long offset; 6107c478bd9Sstevel@tonic-gate int size; 6117c478bd9Sstevel@tonic-gate { 6127c478bd9Sstevel@tonic-gate bcopy((char *)offset, addr, size); 6137c478bd9Sstevel@tonic-gate return 0; 6147c478bd9Sstevel@tonic-gate } 6157c478bd9Sstevel@tonic-gate 6167c478bd9Sstevel@tonic-gate 6177c478bd9Sstevel@tonic-gate int kstrncpy(buf, pos, n) 6187c478bd9Sstevel@tonic-gate char *buf; 6197c478bd9Sstevel@tonic-gate long pos; 6207c478bd9Sstevel@tonic-gate int n; 6217c478bd9Sstevel@tonic-gate { 6227c478bd9Sstevel@tonic-gate char *ptr; 6237c478bd9Sstevel@tonic-gate 6247c478bd9Sstevel@tonic-gate ptr = (char *)pos; 6257c478bd9Sstevel@tonic-gate 6267663b816Sml while ((n-- > 0) && (*buf++ = *ptr++)) 6277c478bd9Sstevel@tonic-gate ; 6287c478bd9Sstevel@tonic-gate return 0; 6297c478bd9Sstevel@tonic-gate } 6307c478bd9Sstevel@tonic-gate 6317c478bd9Sstevel@tonic-gate 6327c478bd9Sstevel@tonic-gate /* 6337c478bd9Sstevel@tonic-gate * Display the built up NAT table rules and mapping entries. 6347c478bd9Sstevel@tonic-gate */ 635f4b3ec61Sdh void dumpnat(ifs) 636f4b3ec61Sdh ipf_stack_t *ifs; 6377c478bd9Sstevel@tonic-gate { 6387c478bd9Sstevel@tonic-gate ipnat_t *ipn; 6397c478bd9Sstevel@tonic-gate nat_t *nat; 6407c478bd9Sstevel@tonic-gate 6417c478bd9Sstevel@tonic-gate printf("List of active MAP/Redirect filters:\n"); 642f4b3ec61Sdh for (ipn = ifs->ifs_nat_list; ipn != NULL; ipn = ipn->in_next) 6437c478bd9Sstevel@tonic-gate printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 6447c478bd9Sstevel@tonic-gate printf("\nList of active sessions:\n"); 645f4b3ec61Sdh for (nat = ifs->ifs_nat_instances; nat; nat = nat->nat_next) { 646f4b3ec61Sdh printactivenat(nat, opts, 0); 647ab25eeb5Syz if (nat->nat_aps) 648ab25eeb5Syz printaps(nat->nat_aps, opts); 649ab25eeb5Syz } 6507c478bd9Sstevel@tonic-gate } 6517c478bd9Sstevel@tonic-gate 6527c478bd9Sstevel@tonic-gate 6537c478bd9Sstevel@tonic-gate /* 6547c478bd9Sstevel@tonic-gate * Display the built up state table rules and mapping entries. 6557c478bd9Sstevel@tonic-gate */ 656f4b3ec61Sdh void dumpstate(ifs) 657f4b3ec61Sdh ipf_stack_t *ifs; 6587c478bd9Sstevel@tonic-gate { 6597c478bd9Sstevel@tonic-gate ipstate_t *ips; 6607c478bd9Sstevel@tonic-gate 6617c478bd9Sstevel@tonic-gate printf("List of active state sessions:\n"); 662f4b3ec61Sdh for (ips = ifs->ifs_ips_list; ips != NULL; ) 663ab25eeb5Syz ips = printstate(ips, opts & (OPT_DEBUG|OPT_VERBOSE), 664f4b3ec61Sdh ifs->ifs_fr_ticks); 6657c478bd9Sstevel@tonic-gate } 6667c478bd9Sstevel@tonic-gate 6677c478bd9Sstevel@tonic-gate 668f4b3ec61Sdh void dumplookups(ifs) 669f4b3ec61Sdh ipf_stack_t *ifs; 6707c478bd9Sstevel@tonic-gate { 6717c478bd9Sstevel@tonic-gate iphtable_t *iph; 6727c478bd9Sstevel@tonic-gate ip_pool_t *ipl; 6737c478bd9Sstevel@tonic-gate int i; 6747c478bd9Sstevel@tonic-gate 6757c478bd9Sstevel@tonic-gate printf("List of configured pools\n"); 6767c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 677f4b3ec61Sdh for (ipl = ifs->ifs_ip_pool_list[i]; ipl != NULL; 678f4b3ec61Sdh ipl = ipl->ipo_next) 679ab25eeb5Syz printpool(ipl, bcopywrap, NULL, opts); 6807c478bd9Sstevel@tonic-gate 6817c478bd9Sstevel@tonic-gate printf("List of configured hash tables\n"); 6827c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 683f4b3ec61Sdh for (iph = ifs->ifs_ipf_htables[i]; iph != NULL; 684f4b3ec61Sdh iph = iph->iph_next) 685ab25eeb5Syz printhash(iph, bcopywrap, NULL, opts); 6867c478bd9Sstevel@tonic-gate } 6877c478bd9Sstevel@tonic-gate 6887c478bd9Sstevel@tonic-gate 689f4b3ec61Sdh void dumpgroups(ifs) 690f4b3ec61Sdh ipf_stack_t *ifs; 6917c478bd9Sstevel@tonic-gate { 6927c478bd9Sstevel@tonic-gate frgroup_t *fg; 6937c478bd9Sstevel@tonic-gate frentry_t *fr; 6947c478bd9Sstevel@tonic-gate int i; 6957c478bd9Sstevel@tonic-gate 6967c478bd9Sstevel@tonic-gate printf("List of groups configured (set 0)\n"); 6977c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 698f4b3ec61Sdh for (fg = ifs->ifs_ipfgroups[i][0]; fg != NULL; 699f4b3ec61Sdh fg = fg->fg_next) { 7007c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 7017c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 7027c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 7037c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 7047c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 7057c478bd9Sstevel@tonic-gate #else 7067c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 7077c478bd9Sstevel@tonic-gate #endif 7087c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 7097c478bd9Sstevel@tonic-gate } 7107c478bd9Sstevel@tonic-gate } 7117c478bd9Sstevel@tonic-gate 7127c478bd9Sstevel@tonic-gate printf("List of groups configured (set 1)\n"); 7137c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 714f4b3ec61Sdh for (fg = ifs->ifs_ipfgroups[i][1]; fg != NULL; 715f4b3ec61Sdh fg = fg->fg_next) { 7167c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 7177c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 7187c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 7197c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 7207c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 7217c478bd9Sstevel@tonic-gate #else 7227c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 7237c478bd9Sstevel@tonic-gate #endif 7247c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 7257c478bd9Sstevel@tonic-gate } 7267c478bd9Sstevel@tonic-gate } 7277c478bd9Sstevel@tonic-gate } 7287c478bd9Sstevel@tonic-gate 7297c478bd9Sstevel@tonic-gate 730f4b3ec61Sdh void drain_log(filename, ifs) 7317c478bd9Sstevel@tonic-gate char *filename; 732f4b3ec61Sdh ipf_stack_t *ifs; 7337c478bd9Sstevel@tonic-gate { 7347c478bd9Sstevel@tonic-gate char buffer[DEFAULT_IPFLOGSIZE]; 7357c478bd9Sstevel@tonic-gate struct iovec iov; 7367c478bd9Sstevel@tonic-gate struct uio uio; 7377c478bd9Sstevel@tonic-gate size_t resid; 738ab25eeb5Syz int fd, i; 7397c478bd9Sstevel@tonic-gate 7407c478bd9Sstevel@tonic-gate fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644); 7417c478bd9Sstevel@tonic-gate if (fd == -1) { 7427c478bd9Sstevel@tonic-gate perror("drain_log:open"); 7437c478bd9Sstevel@tonic-gate return; 7447c478bd9Sstevel@tonic-gate } 7457c478bd9Sstevel@tonic-gate 746ab25eeb5Syz for (i = 0; i <= IPL_LOGMAX; i++) 747ab25eeb5Syz while (1) { 748ab25eeb5Syz bzero((char *)&iov, sizeof(iov)); 749ab25eeb5Syz iov.iov_base = buffer; 750ab25eeb5Syz iov.iov_len = sizeof(buffer); 751ab25eeb5Syz 752ab25eeb5Syz bzero((char *)&uio, sizeof(uio)); 753ab25eeb5Syz uio.uio_iov = &iov; 754ab25eeb5Syz uio.uio_iovcnt = 1; 755ab25eeb5Syz uio.uio_resid = iov.iov_len; 756ab25eeb5Syz resid = uio.uio_resid; 757ab25eeb5Syz 758f4b3ec61Sdh if (ipflog_read(i, &uio, ifs) == 0) { 759ab25eeb5Syz /* 760ab25eeb5Syz * If nothing was read then break out. 761ab25eeb5Syz */ 762ab25eeb5Syz if (uio.uio_resid == resid) 763ab25eeb5Syz break; 764ab25eeb5Syz write(fd, buffer, resid - uio.uio_resid); 765ab25eeb5Syz } else 7667c478bd9Sstevel@tonic-gate break; 7677c478bd9Sstevel@tonic-gate } 7687c478bd9Sstevel@tonic-gate 7697c478bd9Sstevel@tonic-gate close(fd); 7707c478bd9Sstevel@tonic-gate } 7717c478bd9Sstevel@tonic-gate 7727c478bd9Sstevel@tonic-gate 7737c478bd9Sstevel@tonic-gate void fixv4sums(m, ip) 7747c478bd9Sstevel@tonic-gate mb_t *m; 7757c478bd9Sstevel@tonic-gate ip_t *ip; 7767c478bd9Sstevel@tonic-gate { 7777c478bd9Sstevel@tonic-gate u_char *csump, *hdr; 7787c478bd9Sstevel@tonic-gate 7797c478bd9Sstevel@tonic-gate ip->ip_sum = 0; 7807c478bd9Sstevel@tonic-gate ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2); 7817c478bd9Sstevel@tonic-gate 7827c478bd9Sstevel@tonic-gate csump = (u_char *)ip; 7837c478bd9Sstevel@tonic-gate csump += IP_HL(ip) << 2; 7847c478bd9Sstevel@tonic-gate 7857c478bd9Sstevel@tonic-gate switch (ip->ip_p) 7867c478bd9Sstevel@tonic-gate { 7877c478bd9Sstevel@tonic-gate case IPPROTO_TCP : 7887c478bd9Sstevel@tonic-gate hdr = csump; 7897c478bd9Sstevel@tonic-gate csump += offsetof(tcphdr_t, th_sum); 7907c478bd9Sstevel@tonic-gate break; 7917c478bd9Sstevel@tonic-gate case IPPROTO_UDP : 7927c478bd9Sstevel@tonic-gate hdr = csump; 7937c478bd9Sstevel@tonic-gate csump += offsetof(udphdr_t, uh_sum); 7947c478bd9Sstevel@tonic-gate break; 7957c478bd9Sstevel@tonic-gate default : 7967c478bd9Sstevel@tonic-gate csump = NULL; 7977c478bd9Sstevel@tonic-gate hdr = NULL; 7987c478bd9Sstevel@tonic-gate break; 7997c478bd9Sstevel@tonic-gate } 8007c478bd9Sstevel@tonic-gate if (hdr != NULL) { 8017c478bd9Sstevel@tonic-gate *csump = 0; 8027c478bd9Sstevel@tonic-gate *(u_short *)csump = fr_cksum(m, ip, ip->ip_p, hdr); 8037c478bd9Sstevel@tonic-gate } 8047c478bd9Sstevel@tonic-gate } 805f4b3ec61Sdh 806f4b3ec61Sdh ipf_stack_t *gifs; 807f4b3ec61Sdh 808f4b3ec61Sdh /* 809f4b3ec61Sdh * Allocate and keep pointer for get_ifs() 810f4b3ec61Sdh */ 811f4b3ec61Sdh ipf_stack_t * 812f4b3ec61Sdh create_ifs() 813f4b3ec61Sdh { 814f4b3ec61Sdh ipf_stack_t *ifs; 815f4b3ec61Sdh 816f4b3ec61Sdh KMALLOCS(ifs, ipf_stack_t *, sizeof (*ifs)); 817f4b3ec61Sdh bzero(ifs, sizeof (*ifs)); 818f4b3ec61Sdh gifs = ifs; 819f4b3ec61Sdh return (ifs); 820f4b3ec61Sdh } 821f4b3ec61Sdh 822f4b3ec61Sdh ipf_stack_t * 823f4b3ec61Sdh get_ifs() 824f4b3ec61Sdh { 825f4b3ec61Sdh return (gifs); 826f4b3ec61Sdh } 827