xref: /freebsd/share/dtrace/ipfw.d (revision 24e4dcf4ba5e9dedcf89efd358ea3e1fe5867020)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2020 Yandex LLC
5  * Copyright (c) 2020 Andrey V. Elsukov <ae@FreeBSD.org>
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #pragma D depends_on provider ipfw
30 #pragma D depends_on module kernel
31 #pragma D depends_on module ipfw.ko
32 
33 /* ipfw_chk() return values */
34 #pragma D binding "1.0" IP_FW_PASS
35 inline int IP_FW_PASS = 	0;
36 #pragma D binding "1.0" IP_FW_DENY
37 inline int IP_FW_DENY = 	1;
38 #pragma D binding "1.0" IP_FW_DIVERT
39 inline int IP_FW_DIVERT =	2;
40 #pragma D binding "1.0" IP_FW_TEE
41 inline int IP_FW_TEE =		3;
42 #pragma D binding "1.0" IP_FW_DUMMYNET
43 inline int IP_FW_DUMMYNET =	4;
44 #pragma D binding "1.0" IP_FW_NETGRAPH
45 inline int IP_FW_NETGRAPH =	5;
46 #pragma D binding "1.0" IP_FW_NGTEE
47 inline int IP_FW_NGTEE =	6;
48 #pragma D binding "1.0" IP_FW_NAT
49 inline int IP_FW_NAT =		7;
50 #pragma D binding "1.0" IP_FW_REASS
51 inline int IP_FW_REASS =	8;
52 #pragma D binding "1.0" IP_FW_NAT64
53 inline int IP_FW_NAT64 =	9;
54 
55 #pragma D binding "1.0" ipfw_retcodes
56 inline string ipfw_retcodes[int ret] =
57 	ret == IP_FW_PASS ? "PASS" :
58 	ret == IP_FW_DENY ? "DENY" :
59 	ret == IP_FW_DIVERT ? "DIVERT" :
60 	ret == IP_FW_TEE ? "TEE" :
61 	ret == IP_FW_DUMMYNET ? "DUMMYNET" :
62 	ret == IP_FW_NETGRAPH ? "NETGRAPH" :
63 	ret == IP_FW_NGTEE ? "NGTEE" :
64 	ret == IP_FW_NAT ? "NAT" :
65 	ret == IP_FW_REASS ? "REASS" :
66 	ret == IP_FW_NAT64 ? "NAT64" :
67 	"<unknown>";
68 
69 /* ip_fw_args flags */
70 #pragma D binding "1.0" IPFW_ARGS_ETHER
71 inline int IPFW_ARGS_ETHER =	0x00010000; /* valid ethernet header */
72 #pragma D binding "1.0" IPFW_ARGS_NH4
73 inline int IPFW_ARGS_NH4 =	0x00020000; /* IPv4 next hop in hopstore */
74 #pragma D binding "1.0" IPFW_ARGS_NH6
75 inline int IPFW_ARGS_NH6 =	0x00040000; /* IPv6 next hop in hopstore */
76 #pragma D binding "1.0" IPFW_ARGS_NH4PTR
77 inline int IPFW_ARGS_NH4PTR =	0x00080000; /* IPv4 next hop in next_hop */
78 #pragma D binding "1.0" IPFW_ARGS_NH6PTR
79 inline int IPFW_ARGS_NH6PTR =	0x00100000; /* IPv6 next hop in next_hop6 */
80 #pragma D binding "1.0" IPFW_ARGS_REF
81 inline int IPFW_ARGS_REF =	0x00200000; /* valid ipfw_rule_ref	*/
82 #pragma D binding "1.0" IPFW_ARGS_IN
83 inline int IPFW_ARGS_IN =	0x00400000; /* called on input */
84 #pragma D binding "1.0" IPFW_ARGS_OUT
85 inline int IPFW_ARGS_OUT =	0x00800000; /* called on output */
86 #pragma D binding "1.0" IPFW_ARGS_IP4
87 inline int IPFW_ARGS_IP4 =	0x01000000; /* belongs to v4 ISR */
88 #pragma D binding "1.0" IPFW_ARGS_IP6
89 inline int IPFW_ARGS_IP6 =	0x02000000; /* belongs to v6 ISR */
90 #pragma D binding "1.0" IPFW_ARGS_DROP
91 inline int IPFW_ARGS_DROP =	0x04000000; /* drop it (dummynet) */
92 #pragma D binding "1.0" IPFW_ARGS_LENMASK
93 inline int IPFW_ARGS_LENMASK =	0x0000ffff; /* length of data in *mem */
94 
95 /* ipfw_rule_ref.info */
96 #pragma D binding "1.0" IPFW_INFO_MASK
97 inline int IPFW_INFO_MASK =	0x0000ffff;
98 #pragma D binding "1.0" IPFW_INFO_OUT
99 inline int IPFW_INFO_OUT =	0x00000000;
100 #pragma D binding "1.0" IPFW_INFO_IN
101 inline int IPFW_INFO_IN =	0x80000000;
102 #pragma D binding "1.0" IPFW_ONEPASS
103 inline int IPFW_ONEPASS =	0x40000000;
104 #pragma D binding "1.0" IPFW_IS_MASK
105 inline int IPFW_IS_MASK =	0x30000000;
106 #pragma D binding "1.0" IPFW_IS_DIVERT
107 inline int IPFW_IS_DIVERT =	0x20000000;
108 #pragma D binding "1.0" IPFW_IS_DUMMYNET
109 inline int IPFW_IS_DUMMYNET =	0x10000000;
110 #pragma D binding "1.0" IPFW_IS_PIPE
111 inline int IPFW_IS_PIPE =	0x08000000;
112 
113 typedef struct ipfw_match_info {
114 	uint32_t	flags;
115 
116 	struct mbuf	*m;
117 	void		*mem;
118 	struct inpcb	*inp;
119 	struct ifnet	*ifp;
120 	struct ip	*ipp;
121 	struct ip6_hdr	*ip6p;
122 
123 	/* flow id */
124 	uint8_t		addr_type;
125 	uint8_t		proto;
126 	uint8_t		proto_flags;
127 	uint16_t	fib;	/* XXX */
128 	in_addr_t	dst_ip;	/* in network byte order */
129 	in_addr_t	src_ip;	/* in network byte order */
130 	struct in6_addr	dst_ip6;
131 	struct in6_addr	src_ip6;
132 
133 	uint16_t	dst_port; /* in host byte order */
134 	uint16_t	src_port; /* in host byte order */
135 
136 	uint32_t	flowid;	/* IPv6 flowid */
137 	uint32_t	extra;
138 
139 	/* ipfw_rule_ref */
140 	uint32_t	slot;
141 	uint32_t	rulenum;
142 	uint32_t	rule_id;
143 	uint32_t	chain_id;
144 	uint32_t	match_info;
145 } ipfw_match_info_t;
146 
147 #pragma D binding "1.0" translator
148 translator ipfw_match_info_t < struct ip_fw_args *p > {
149 	flags =		p->flags;
150 	m =		(p->flags & IPFW_ARGS_LENMASK) ? NULL : p->m;
151 	mem =		(p->flags & IPFW_ARGS_LENMASK) ? p->mem : NULL;
152 	inp =		p->inp;
153 	ifp =		p->ifp;
154 	/* Initialize IP pointer corresponding to addr_type */
155 	ipp =		(p->flags & IPFW_ARGS_IP4) ?
156 	    (p->flags & IPFW_ARGS_LENMASK) ? (struct ip *)p->mem :
157 	    (p->m != NULL) ? (struct ip *)p->m->m_data : NULL : NULL;
158 	ip6p =		(p->flags & IPFW_ARGS_IP6) ?
159 	    (p->flags & IPFW_ARGS_LENMASK) ? (struct ip6_hdr *)p->mem :
160 	    (p->m != NULL) ? (struct ip6_hdr *)p->m->m_data : NULL : NULL;
161 
162 	/* fill f_id fields */
163 	addr_type =	p->f_id.addr_type;
164 	proto =		p->f_id.proto;
165 	proto_flags =	p->f_id._flags;
166 
167 	/* f_id.fib keeps truncated fibnum, use mbuf's fibnum if possible */
168 	fib =		p->m != NULL ? p->m->m_pkthdr.fibnum : p->f_id.fib;
169 
170 	/*
171 	 * ipfw_chk() keeps IPv4 addresses in host byte order. But for
172 	 * dtrace script it is useful to have them in network byte order,
173 	 * because inet_ntoa() uses address in network byte order.
174 	 */
175 	dst_ip =	htonl(p->f_id.dst_ip);
176 	src_ip =	htonl(p->f_id.src_ip);
177 
178 	dst_ip6 =	p->f_id.dst_ip6;
179 	src_ip6 =	p->f_id.src_ip6;
180 
181 	dst_port =	p->f_id.dst_port;
182 	src_port =	p->f_id.src_port;
183 
184 	flowid =	p->f_id.flow_id6;
185 	extra = 	p->f_id.extra;
186 
187 	/* ipfw_rule_ref */
188 	slot =		(p->flags & IPFW_ARGS_REF) ? p->rule.slot : 0;
189 	rulenum =	(p->flags & IPFW_ARGS_REF) ? p->rule.rulenum : 0;
190 	rule_id =	(p->flags & IPFW_ARGS_REF) ? p->rule.rule_id : 0;
191 	chain_id =	(p->flags & IPFW_ARGS_REF) ? p->rule.chain_id : 0;
192 	match_info =	(p->flags & IPFW_ARGS_REF) ? p->rule.info : 0;
193 };
194 
195 typedef struct ipfw_rule_info {
196 	uint16_t	act_ofs;
197 	uint16_t	cmd_len;
198 	uint32_t	rulenum;
199 	uint8_t		flags;
200 	uint8_t		set;
201 	uint32_t	rule_id;
202 	uint32_t	cached_id;
203 	uint32_t	cached_pos;
204 	uint32_t	refcnt;
205 } ipfw_rule_info_t;
206 
207 #pragma D binding "1.0" translator
208 translator ipfw_rule_info_t < struct ip_fw *r > {
209 	act_ofs =	r->act_ofs;
210 	cmd_len =	r->cmd_len;
211 	rulenum =	r->rulenum;
212 	flags =		r->flags;
213 	set =		r->set;
214 	rule_id =	r->id;
215 	cached_id =	r->cache.id;
216 	cached_pos =	r->cache.pos;
217 	refcnt =	r->refcnt;
218 };
219 
220