17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * Copyright (C) 1993-2001 by Darren Reed. 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * See the IPFILTER.LICENCE file for details on licencing. 57663b816Sml37995 * 67663b816Sml37995 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 77663b816Sml37995 * Use is subject to license terms. 87c478bd9Sstevel@tonic-gate */ 97663b816Sml37995 107663b816Sml37995 #pragma ident "%Z%%M% %I% %E% SMI" 117663b816Sml37995 127c478bd9Sstevel@tonic-gate #include "ipf.h" 137c478bd9Sstevel@tonic-gate #include "ipt.h" 147c478bd9Sstevel@tonic-gate #include <sys/ioctl.h> 157c478bd9Sstevel@tonic-gate #include <sys/file.h> 167c478bd9Sstevel@tonic-gate 177c478bd9Sstevel@tonic-gate #if !defined(lint) 187c478bd9Sstevel@tonic-gate static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed"; 197c478bd9Sstevel@tonic-gate static const char rcsid[] = "@(#)$Id: ipftest.c,v 1.35 2003/07/01 01:03:04 darrenr Exp $"; 207c478bd9Sstevel@tonic-gate #endif 217c478bd9Sstevel@tonic-gate 227c478bd9Sstevel@tonic-gate extern char *optarg; 237c478bd9Sstevel@tonic-gate extern struct frentry *ipfilter[2][2]; 247c478bd9Sstevel@tonic-gate extern struct ipread snoop, etherf, tcpd, pcap, iptext, iphex; 257c478bd9Sstevel@tonic-gate extern struct ifnet *get_unit __P((char *, int)); 267c478bd9Sstevel@tonic-gate extern void init_ifp __P((void)); 277c478bd9Sstevel@tonic-gate extern ipnat_t *natparse __P((char *, int)); 287c478bd9Sstevel@tonic-gate extern int fr_running; 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate ipfmutex_t ipl_mutex, ipf_authmx, ipf_rw, ipf_stinsert; 317c478bd9Sstevel@tonic-gate ipfmutex_t ipf_nat_new, ipf_natio, ipf_timeoutlock; 327c478bd9Sstevel@tonic-gate ipfrwlock_t ipf_mutex, ipf_global, ipf_ipidfrag, ip_poolrw; 337c478bd9Sstevel@tonic-gate ipfrwlock_t ipf_frag, ipf_state, ipf_nat, ipf_natfrag, ipf_auth; 347c478bd9Sstevel@tonic-gate int opts = OPT_DONOTHING; 357c478bd9Sstevel@tonic-gate int use_inet6 = 0; 367c478bd9Sstevel@tonic-gate int pfil_delayed_copy = 0; 377c478bd9Sstevel@tonic-gate int main __P((int, char *[])); 387c478bd9Sstevel@tonic-gate int loadrules __P((char *, int)); 397c478bd9Sstevel@tonic-gate int kmemcpy __P((char *, long, int)); 407c478bd9Sstevel@tonic-gate int kstrncpy __P((char *, long, int n)); 417c478bd9Sstevel@tonic-gate void dumpnat __P((void)); 427c478bd9Sstevel@tonic-gate void dumpstate __P((void)); 437c478bd9Sstevel@tonic-gate void dumplookups __P((void)); 447c478bd9Sstevel@tonic-gate void dumpgroups __P((void)); 457c478bd9Sstevel@tonic-gate void drain_log __P((char *)); 467c478bd9Sstevel@tonic-gate void fixv4sums __P((mb_t *, ip_t *)); 477c478bd9Sstevel@tonic-gate 487c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 497c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 507c478bd9Sstevel@tonic-gate defined(__osf__) 517c478bd9Sstevel@tonic-gate int ipftestioctl __P((int, ioctlcmd_t, ...)); 527c478bd9Sstevel@tonic-gate int ipnattestioctl __P((int, ioctlcmd_t, ...)); 537c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((int, ioctlcmd_t, ...)); 547c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((int, ioctlcmd_t, ...)); 557c478bd9Sstevel@tonic-gate int ipscantestioctl __P((int, ioctlcmd_t, ...)); 567c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((int, ioctlcmd_t, ...)); 577c478bd9Sstevel@tonic-gate int ipooltestioctl __P((int, ioctlcmd_t, ...)); 587c478bd9Sstevel@tonic-gate #else 597c478bd9Sstevel@tonic-gate int ipftestioctl __P((dev_t, ioctlcmd_t, void *)); 607c478bd9Sstevel@tonic-gate int ipnattestioctl __P((dev_t, ioctlcmd_t, void *)); 617c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *)); 627c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *)); 637c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *)); 647c478bd9Sstevel@tonic-gate int ipscantestioctl __P((dev_t, ioctlcmd_t, void *)); 657c478bd9Sstevel@tonic-gate int ipooltestioctl __P((dev_t, ioctlcmd_t, void *)); 667c478bd9Sstevel@tonic-gate #endif 677c478bd9Sstevel@tonic-gate 687c478bd9Sstevel@tonic-gate static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl, 697c478bd9Sstevel@tonic-gate ipnattestioctl, 707c478bd9Sstevel@tonic-gate ipstatetestioctl, 717c478bd9Sstevel@tonic-gate ipauthtestioctl, 727c478bd9Sstevel@tonic-gate ipsynctestioctl, 737c478bd9Sstevel@tonic-gate ipscantestioctl, 747c478bd9Sstevel@tonic-gate ipooltestioctl, 757c478bd9Sstevel@tonic-gate NULL }; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate 787c478bd9Sstevel@tonic-gate int main(argc,argv) 797c478bd9Sstevel@tonic-gate int argc; 807c478bd9Sstevel@tonic-gate char *argv[]; 817c478bd9Sstevel@tonic-gate { 827c478bd9Sstevel@tonic-gate char *datain, *iface, *ifname, *logout; 837c478bd9Sstevel@tonic-gate int fd, i, dir, c, loaded, dump, hlen; 847c478bd9Sstevel@tonic-gate struct ifnet *ifp; 857c478bd9Sstevel@tonic-gate struct ipread *r; 867c478bd9Sstevel@tonic-gate mb_t mb, *m; 877c478bd9Sstevel@tonic-gate ip_t *ip; 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate m = &mb; 907c478bd9Sstevel@tonic-gate dir = 0; 917c478bd9Sstevel@tonic-gate dump = 0; 927c478bd9Sstevel@tonic-gate hlen = 0; 937c478bd9Sstevel@tonic-gate loaded = 0; 947c478bd9Sstevel@tonic-gate r = &iptext; 957c478bd9Sstevel@tonic-gate iface = NULL; 967c478bd9Sstevel@tonic-gate logout = NULL; 977c478bd9Sstevel@tonic-gate ifname = "anon0"; 987c478bd9Sstevel@tonic-gate datain = NULL; 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate MUTEX_INIT(&ipf_rw, "ipf rw mutex"); 1017c478bd9Sstevel@tonic-gate MUTEX_INIT(&ipf_timeoutlock, "ipf timeout lock"); 1027c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_global, "ipf filter load/unload mutex"); 1037c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_mutex, "ipf filter rwlock"); 1047c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_ipidfrag, "ipf IP NAT-Frag rwlock"); 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate initparse(); 1077c478bd9Sstevel@tonic-gate fr_loginit(); 1087c478bd9Sstevel@tonic-gate fr_authinit(); 1097c478bd9Sstevel@tonic-gate fr_fraginit(); 1107c478bd9Sstevel@tonic-gate fr_stateinit(); 1117c478bd9Sstevel@tonic-gate fr_natinit(); 1127c478bd9Sstevel@tonic-gate appr_init(); 1137c478bd9Sstevel@tonic-gate ip_lookup_init(); 1147c478bd9Sstevel@tonic-gate fr_running = 1; 1157c478bd9Sstevel@tonic-gate 1167c478bd9Sstevel@tonic-gate while ((c = getopt(argc, argv, "6bdDF:i:I:l:N:P:or:vxX")) != -1) 1177c478bd9Sstevel@tonic-gate switch (c) 1187c478bd9Sstevel@tonic-gate { 1197c478bd9Sstevel@tonic-gate case '6' : 1207c478bd9Sstevel@tonic-gate #ifdef USE_INET6 1217c478bd9Sstevel@tonic-gate use_inet6 = 1; 1227c478bd9Sstevel@tonic-gate #else 1237c478bd9Sstevel@tonic-gate fprintf(stderr, "IPv6 not supported\n"); 1247c478bd9Sstevel@tonic-gate exit(1); 1257c478bd9Sstevel@tonic-gate #endif 1267c478bd9Sstevel@tonic-gate break; 1277c478bd9Sstevel@tonic-gate case 'b' : 1287c478bd9Sstevel@tonic-gate opts |= OPT_BRIEF; 1297c478bd9Sstevel@tonic-gate break; 1307c478bd9Sstevel@tonic-gate case 'd' : 1317c478bd9Sstevel@tonic-gate opts |= OPT_DEBUG; 1327c478bd9Sstevel@tonic-gate break; 1337c478bd9Sstevel@tonic-gate case 'D' : 1347c478bd9Sstevel@tonic-gate dump = 1; 1357c478bd9Sstevel@tonic-gate break; 1367c478bd9Sstevel@tonic-gate case 'F' : 1377c478bd9Sstevel@tonic-gate if (strcasecmp(optarg, "pcap") == 0) 1387c478bd9Sstevel@tonic-gate r = &pcap; 1397c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "etherfind") == 0) 1407c478bd9Sstevel@tonic-gate r = ðerf; 1417c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "snoop") == 0) 1427c478bd9Sstevel@tonic-gate r = &snoop; 1437c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "tcpdump") == 0) 1447c478bd9Sstevel@tonic-gate r = &tcpd; 1457c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "hex") == 0) 1467c478bd9Sstevel@tonic-gate r = &iphex; 1477c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "text") == 0) 1487c478bd9Sstevel@tonic-gate r = &iptext; 1497c478bd9Sstevel@tonic-gate break; 1507c478bd9Sstevel@tonic-gate case 'i' : 1517c478bd9Sstevel@tonic-gate datain = optarg; 1527c478bd9Sstevel@tonic-gate break; 1537c478bd9Sstevel@tonic-gate case 'I' : 1547c478bd9Sstevel@tonic-gate ifname = optarg; 1557c478bd9Sstevel@tonic-gate break; 1567c478bd9Sstevel@tonic-gate case 'l' : 1577c478bd9Sstevel@tonic-gate logout = optarg; 1587c478bd9Sstevel@tonic-gate break; 1597c478bd9Sstevel@tonic-gate case 'o' : 1607c478bd9Sstevel@tonic-gate opts |= OPT_SAVEOUT; 1617c478bd9Sstevel@tonic-gate break; 1627c478bd9Sstevel@tonic-gate case 'r' : 1637c478bd9Sstevel@tonic-gate if (ipf_parsefile(-1, ipf_addrule, iocfunctions, 1647c478bd9Sstevel@tonic-gate optarg) == -1) 1657c478bd9Sstevel@tonic-gate return -1; 1667c478bd9Sstevel@tonic-gate loaded = 1; 1677c478bd9Sstevel@tonic-gate break; 1687c478bd9Sstevel@tonic-gate case 'v' : 1697c478bd9Sstevel@tonic-gate opts |= OPT_VERBOSE; 1707c478bd9Sstevel@tonic-gate break; 1717c478bd9Sstevel@tonic-gate case 'N' : 1727c478bd9Sstevel@tonic-gate if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl, 1737c478bd9Sstevel@tonic-gate optarg) == -1) 1747c478bd9Sstevel@tonic-gate return -1; 1757c478bd9Sstevel@tonic-gate loaded = 1; 1767c478bd9Sstevel@tonic-gate opts |= OPT_NAT; 1777c478bd9Sstevel@tonic-gate break; 1787c478bd9Sstevel@tonic-gate case 'P' : 1797c478bd9Sstevel@tonic-gate if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1) 1807c478bd9Sstevel@tonic-gate return -1; 1817c478bd9Sstevel@tonic-gate loaded = 1; 1827c478bd9Sstevel@tonic-gate break; 1837c478bd9Sstevel@tonic-gate case 'x' : 1847c478bd9Sstevel@tonic-gate opts |= OPT_HEX; 1857c478bd9Sstevel@tonic-gate break; 1867c478bd9Sstevel@tonic-gate } 1877c478bd9Sstevel@tonic-gate 1887c478bd9Sstevel@tonic-gate if (loaded == 0) { 1897c478bd9Sstevel@tonic-gate (void)fprintf(stderr,"no rules loaded\n"); 1907c478bd9Sstevel@tonic-gate exit(-1); 1917c478bd9Sstevel@tonic-gate } 1927c478bd9Sstevel@tonic-gate 1937c478bd9Sstevel@tonic-gate if (opts & OPT_SAVEOUT) 1947c478bd9Sstevel@tonic-gate init_ifp(); 1957c478bd9Sstevel@tonic-gate 1967c478bd9Sstevel@tonic-gate if (datain) 1977c478bd9Sstevel@tonic-gate fd = (*r->r_open)(datain); 1987c478bd9Sstevel@tonic-gate else 1997c478bd9Sstevel@tonic-gate fd = (*r->r_open)("-"); 2007c478bd9Sstevel@tonic-gate 2017c478bd9Sstevel@tonic-gate if (fd < 0) 2027c478bd9Sstevel@tonic-gate exit(-1); 2037c478bd9Sstevel@tonic-gate 2047c478bd9Sstevel@tonic-gate ip = MTOD(m, ip_t *); 2057c478bd9Sstevel@tonic-gate while ((i = (*r->r_readip)(MTOD(m, char *), sizeof(m->mb_buf), 2067c478bd9Sstevel@tonic-gate &iface, &dir)) > 0) { 2077c478bd9Sstevel@tonic-gate if (iface == NULL || *iface == '\0') 2087c478bd9Sstevel@tonic-gate iface = ifname; 2097c478bd9Sstevel@tonic-gate ifp = get_unit(iface, IP_V(ip)); 210*5e985db5Sschuster if (ifp == NULL) { 211*5e985db5Sschuster fprintf(stderr, "out of memory\n"); 212*5e985db5Sschuster exit(1); 213*5e985db5Sschuster } 2147c478bd9Sstevel@tonic-gate if (!use_inet6) { 2157c478bd9Sstevel@tonic-gate ip->ip_off = ntohs(ip->ip_off); 2167c478bd9Sstevel@tonic-gate ip->ip_len = ntohs(ip->ip_len); 2177c478bd9Sstevel@tonic-gate if (r->r_flags & R_DO_CKSUM) 2187c478bd9Sstevel@tonic-gate fixv4sums(m, ip); 2197c478bd9Sstevel@tonic-gate hlen = IP_HL(ip) << 2; 2207c478bd9Sstevel@tonic-gate } 2217c478bd9Sstevel@tonic-gate #ifdef USE_INET6 2227c478bd9Sstevel@tonic-gate else 2237c478bd9Sstevel@tonic-gate hlen = sizeof(ip6_t); 2247c478bd9Sstevel@tonic-gate #endif 2257c478bd9Sstevel@tonic-gate /* ipfr_slowtimer(); */ 2267c478bd9Sstevel@tonic-gate m = &mb; 2277c478bd9Sstevel@tonic-gate m->mb_len = i; 2287c478bd9Sstevel@tonic-gate i = fr_check(ip, hlen, ifp, dir, &m); 2297c478bd9Sstevel@tonic-gate if ((opts & OPT_NAT) == 0) 2307c478bd9Sstevel@tonic-gate switch (i) 2317c478bd9Sstevel@tonic-gate { 2327c478bd9Sstevel@tonic-gate case -4 : 2337c478bd9Sstevel@tonic-gate (void)printf("preauth"); 2347c478bd9Sstevel@tonic-gate break; 2357c478bd9Sstevel@tonic-gate case -3 : 2367c478bd9Sstevel@tonic-gate (void)printf("account"); 2377c478bd9Sstevel@tonic-gate break; 2387c478bd9Sstevel@tonic-gate case -2 : 2397c478bd9Sstevel@tonic-gate (void)printf("auth"); 2407c478bd9Sstevel@tonic-gate break; 2417c478bd9Sstevel@tonic-gate case -1 : 2427c478bd9Sstevel@tonic-gate (void)printf("block"); 2437c478bd9Sstevel@tonic-gate break; 2447c478bd9Sstevel@tonic-gate case 0 : 2457c478bd9Sstevel@tonic-gate (void)printf("pass"); 2467c478bd9Sstevel@tonic-gate break; 2477c478bd9Sstevel@tonic-gate case 1 : 2487c478bd9Sstevel@tonic-gate (void)printf("nomatch"); 2497c478bd9Sstevel@tonic-gate break; 2507c478bd9Sstevel@tonic-gate case 3 : 2517c478bd9Sstevel@tonic-gate (void)printf("block return-rst"); 2527c478bd9Sstevel@tonic-gate break; 2537c478bd9Sstevel@tonic-gate case 4 : 2547c478bd9Sstevel@tonic-gate (void)printf("block return-icmp"); 2557c478bd9Sstevel@tonic-gate break; 2567c478bd9Sstevel@tonic-gate case 5 : 2577c478bd9Sstevel@tonic-gate (void)printf("block return-icmp-as-dest"); 2587c478bd9Sstevel@tonic-gate break; 2597c478bd9Sstevel@tonic-gate default : 2607c478bd9Sstevel@tonic-gate (void)printf("recognised return %#x\n", i); 2617c478bd9Sstevel@tonic-gate break; 2627c478bd9Sstevel@tonic-gate } 2637c478bd9Sstevel@tonic-gate if (!use_inet6) { 2647c478bd9Sstevel@tonic-gate ip->ip_off = htons(ip->ip_off); 2657c478bd9Sstevel@tonic-gate ip->ip_len = htons(ip->ip_len); 2667c478bd9Sstevel@tonic-gate } 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate if (!(opts & OPT_BRIEF)) { 2697c478bd9Sstevel@tonic-gate putchar(' '); 2707c478bd9Sstevel@tonic-gate printpacket(ip); 2717c478bd9Sstevel@tonic-gate printf("--------------"); 2727c478bd9Sstevel@tonic-gate } else if ((opts & (OPT_BRIEF|OPT_NAT)) == (OPT_NAT|OPT_BRIEF)) 2737c478bd9Sstevel@tonic-gate printpacket(ip); 2747c478bd9Sstevel@tonic-gate if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL)) 2757c478bd9Sstevel@tonic-gate #if defined(__sgi) && (IRIX < 605) 2767c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL); 2777c478bd9Sstevel@tonic-gate #else 2787c478bd9Sstevel@tonic-gate # if TRU64 >= 1885 2797c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0); 2807c478bd9Sstevel@tonic-gate # else 2817c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0); 2827c478bd9Sstevel@tonic-gate # endif 2837c478bd9Sstevel@tonic-gate #endif 2847c478bd9Sstevel@tonic-gate if ((opts & (OPT_BRIEF|OPT_NAT)) != (OPT_NAT|OPT_BRIEF)) 2857c478bd9Sstevel@tonic-gate putchar('\n'); 2867c478bd9Sstevel@tonic-gate dir = 0; 2877c478bd9Sstevel@tonic-gate if (iface != ifname) { 2887c478bd9Sstevel@tonic-gate free(iface); 2897c478bd9Sstevel@tonic-gate iface = ifname; 2907c478bd9Sstevel@tonic-gate } 2917c478bd9Sstevel@tonic-gate m = &mb; 2927c478bd9Sstevel@tonic-gate } 2937c478bd9Sstevel@tonic-gate (*r->r_close)(); 2947c478bd9Sstevel@tonic-gate 2957c478bd9Sstevel@tonic-gate if (logout != NULL) { 2967c478bd9Sstevel@tonic-gate drain_log(logout); 2977c478bd9Sstevel@tonic-gate } 2987c478bd9Sstevel@tonic-gate 2997c478bd9Sstevel@tonic-gate if (dump == 1) { 3007c478bd9Sstevel@tonic-gate dumpnat(); 3017c478bd9Sstevel@tonic-gate dumpstate(); 3027c478bd9Sstevel@tonic-gate dumplookups(); 3037c478bd9Sstevel@tonic-gate dumpgroups(); 3047c478bd9Sstevel@tonic-gate } 3057c478bd9Sstevel@tonic-gate 3067c478bd9Sstevel@tonic-gate for (i = IPL_LOGMAX; i >= 0; i--) 3077c478bd9Sstevel@tonic-gate (void) ipflog_clear(i); 3087c478bd9Sstevel@tonic-gate 3097c478bd9Sstevel@tonic-gate fr_fragunload(); 3107c478bd9Sstevel@tonic-gate fr_authunload(); 3117c478bd9Sstevel@tonic-gate fr_stateunload(); 3127c478bd9Sstevel@tonic-gate fr_natunload(); 3137c478bd9Sstevel@tonic-gate appr_unload(); 3147c478bd9Sstevel@tonic-gate 3157663b816Sml37995 i = frflush(IPL_LOGIPF, 0, FR_INQUE|FR_OUTQUE|FR_INACTIVE); 3167663b816Sml37995 i += frflush(IPL_LOGIPF, 0, FR_INQUE|FR_OUTQUE); 3177c478bd9Sstevel@tonic-gate 3187c478bd9Sstevel@tonic-gate ip_lookup_unload(); 3197c478bd9Sstevel@tonic-gate 3207c478bd9Sstevel@tonic-gate return 0; 3217c478bd9Sstevel@tonic-gate } 3227c478bd9Sstevel@tonic-gate 3237c478bd9Sstevel@tonic-gate 3247c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 3257c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 3267c478bd9Sstevel@tonic-gate defined(__osf__) 3277c478bd9Sstevel@tonic-gate int ipftestioctl(int dev, ioctlcmd_t cmd, ...) 3287c478bd9Sstevel@tonic-gate { 3297c478bd9Sstevel@tonic-gate caddr_t data; 3307c478bd9Sstevel@tonic-gate va_list ap; 3317c478bd9Sstevel@tonic-gate int i; 3327c478bd9Sstevel@tonic-gate 3337c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3347c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3357c478bd9Sstevel@tonic-gate va_end(ap); 3367c478bd9Sstevel@tonic-gate 3377c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 3387c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 3397c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", 3407c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 3417c478bd9Sstevel@tonic-gate return i; 3427c478bd9Sstevel@tonic-gate } 3437c478bd9Sstevel@tonic-gate 3447c478bd9Sstevel@tonic-gate 3457c478bd9Sstevel@tonic-gate int ipnattestioctl(int dev, ioctlcmd_t cmd, ...) 3467c478bd9Sstevel@tonic-gate { 3477c478bd9Sstevel@tonic-gate caddr_t data; 3487c478bd9Sstevel@tonic-gate va_list ap; 3497c478bd9Sstevel@tonic-gate int i; 3507c478bd9Sstevel@tonic-gate 3517c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3527c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3537c478bd9Sstevel@tonic-gate va_end(ap); 3547c478bd9Sstevel@tonic-gate 3557c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 3567c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 3577c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", 3587c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 3597c478bd9Sstevel@tonic-gate return i; 3607c478bd9Sstevel@tonic-gate } 3617c478bd9Sstevel@tonic-gate 3627c478bd9Sstevel@tonic-gate 3637c478bd9Sstevel@tonic-gate int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...) 3647c478bd9Sstevel@tonic-gate { 3657c478bd9Sstevel@tonic-gate caddr_t data; 3667c478bd9Sstevel@tonic-gate va_list ap; 3677c478bd9Sstevel@tonic-gate int i; 3687c478bd9Sstevel@tonic-gate 3697c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3707c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3717c478bd9Sstevel@tonic-gate va_end(ap); 3727c478bd9Sstevel@tonic-gate 3737c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 3747c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 3757c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", 3767c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 3777c478bd9Sstevel@tonic-gate return i; 3787c478bd9Sstevel@tonic-gate } 3797c478bd9Sstevel@tonic-gate 3807c478bd9Sstevel@tonic-gate 3817c478bd9Sstevel@tonic-gate int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...) 3827c478bd9Sstevel@tonic-gate { 3837c478bd9Sstevel@tonic-gate caddr_t data; 3847c478bd9Sstevel@tonic-gate va_list ap; 3857c478bd9Sstevel@tonic-gate int i; 3867c478bd9Sstevel@tonic-gate 3877c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3887c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3897c478bd9Sstevel@tonic-gate va_end(ap); 3907c478bd9Sstevel@tonic-gate 3917c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 3927c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 3937c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", 3947c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 3957c478bd9Sstevel@tonic-gate return i; 3967c478bd9Sstevel@tonic-gate } 3977c478bd9Sstevel@tonic-gate 3987c478bd9Sstevel@tonic-gate 3997c478bd9Sstevel@tonic-gate int ipscantestioctl(int dev, ioctlcmd_t cmd, ...) 4007c478bd9Sstevel@tonic-gate { 4017c478bd9Sstevel@tonic-gate caddr_t data; 4027c478bd9Sstevel@tonic-gate va_list ap; 4037c478bd9Sstevel@tonic-gate int i; 4047c478bd9Sstevel@tonic-gate 4057c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4067c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4077c478bd9Sstevel@tonic-gate va_end(ap); 4087c478bd9Sstevel@tonic-gate 4097c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 4107c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4117c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", 4127c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 4137c478bd9Sstevel@tonic-gate return i; 4147c478bd9Sstevel@tonic-gate } 4157c478bd9Sstevel@tonic-gate 4167c478bd9Sstevel@tonic-gate 4177c478bd9Sstevel@tonic-gate int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...) 4187c478bd9Sstevel@tonic-gate { 4197c478bd9Sstevel@tonic-gate caddr_t data; 4207c478bd9Sstevel@tonic-gate va_list ap; 4217c478bd9Sstevel@tonic-gate int i; 4227c478bd9Sstevel@tonic-gate 4237c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4247c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4257c478bd9Sstevel@tonic-gate va_end(ap); 4267c478bd9Sstevel@tonic-gate 4277c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 4287c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4297c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", 4307c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 4317c478bd9Sstevel@tonic-gate return i; 4327c478bd9Sstevel@tonic-gate } 4337c478bd9Sstevel@tonic-gate 4347c478bd9Sstevel@tonic-gate 4357c478bd9Sstevel@tonic-gate int ipooltestioctl(int dev, ioctlcmd_t cmd, ...) 4367c478bd9Sstevel@tonic-gate { 4377c478bd9Sstevel@tonic-gate caddr_t data; 4387c478bd9Sstevel@tonic-gate va_list ap; 4397c478bd9Sstevel@tonic-gate int i; 4407c478bd9Sstevel@tonic-gate 4417c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4427c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4437c478bd9Sstevel@tonic-gate va_end(ap); 4447c478bd9Sstevel@tonic-gate 4457c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 4467c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4477c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", 4487c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 4497c478bd9Sstevel@tonic-gate return i; 4507c478bd9Sstevel@tonic-gate } 4517c478bd9Sstevel@tonic-gate #else 4527c478bd9Sstevel@tonic-gate int ipftestioctl(dev, cmd, data) 4537c478bd9Sstevel@tonic-gate dev_t dev; 4547c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 4557c478bd9Sstevel@tonic-gate void *data; 4567c478bd9Sstevel@tonic-gate { 4577c478bd9Sstevel@tonic-gate int i; 4587c478bd9Sstevel@tonic-gate 4597c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 4607c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4617c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", cmd, data, i); 4627c478bd9Sstevel@tonic-gate return i; 4637c478bd9Sstevel@tonic-gate } 4647c478bd9Sstevel@tonic-gate 4657c478bd9Sstevel@tonic-gate 4667c478bd9Sstevel@tonic-gate int ipnattestioctl(dev, cmd, data) 4677c478bd9Sstevel@tonic-gate dev_t dev; 4687c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 4697c478bd9Sstevel@tonic-gate void *data; 4707c478bd9Sstevel@tonic-gate { 4717c478bd9Sstevel@tonic-gate int i; 4727c478bd9Sstevel@tonic-gate 4737c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 4747c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4757c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", cmd, data, i); 4767c478bd9Sstevel@tonic-gate return i; 4777c478bd9Sstevel@tonic-gate } 4787c478bd9Sstevel@tonic-gate 4797c478bd9Sstevel@tonic-gate 4807c478bd9Sstevel@tonic-gate int ipstatetestioctl(dev, cmd, data) 4817c478bd9Sstevel@tonic-gate dev_t dev; 4827c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 4837c478bd9Sstevel@tonic-gate void *data; 4847c478bd9Sstevel@tonic-gate { 4857c478bd9Sstevel@tonic-gate int i; 4867c478bd9Sstevel@tonic-gate 4877c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 4887c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4897c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", cmd, data, i); 4907c478bd9Sstevel@tonic-gate return i; 4917c478bd9Sstevel@tonic-gate } 4927c478bd9Sstevel@tonic-gate 4937c478bd9Sstevel@tonic-gate 4947c478bd9Sstevel@tonic-gate int ipauthtestioctl(dev, cmd, data) 4957c478bd9Sstevel@tonic-gate dev_t dev; 4967c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 4977c478bd9Sstevel@tonic-gate void *data; 4987c478bd9Sstevel@tonic-gate { 4997c478bd9Sstevel@tonic-gate int i; 5007c478bd9Sstevel@tonic-gate 5017c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 5027c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5037c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", cmd, data, i); 5047c478bd9Sstevel@tonic-gate return i; 5057c478bd9Sstevel@tonic-gate } 5067c478bd9Sstevel@tonic-gate 5077c478bd9Sstevel@tonic-gate 5087c478bd9Sstevel@tonic-gate int ipsynctestioctl(dev, cmd, data) 5097c478bd9Sstevel@tonic-gate dev_t dev; 5107c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5117c478bd9Sstevel@tonic-gate void *data; 5127c478bd9Sstevel@tonic-gate { 5137c478bd9Sstevel@tonic-gate int i; 5147c478bd9Sstevel@tonic-gate 5157c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 5167c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5177c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", cmd, data, i); 5187c478bd9Sstevel@tonic-gate return i; 5197c478bd9Sstevel@tonic-gate } 5207c478bd9Sstevel@tonic-gate 5217c478bd9Sstevel@tonic-gate 5227c478bd9Sstevel@tonic-gate int ipscantestioctl(dev, cmd, data) 5237c478bd9Sstevel@tonic-gate dev_t dev; 5247c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5257c478bd9Sstevel@tonic-gate void *data; 5267c478bd9Sstevel@tonic-gate { 5277c478bd9Sstevel@tonic-gate int i; 5287c478bd9Sstevel@tonic-gate 5297c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 5307c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5317c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", cmd, data, i); 5327c478bd9Sstevel@tonic-gate return i; 5337c478bd9Sstevel@tonic-gate } 5347c478bd9Sstevel@tonic-gate 5357c478bd9Sstevel@tonic-gate 5367c478bd9Sstevel@tonic-gate int ipooltestioctl(dev, cmd, data) 5377c478bd9Sstevel@tonic-gate dev_t dev; 5387c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5397c478bd9Sstevel@tonic-gate void *data; 5407c478bd9Sstevel@tonic-gate { 5417c478bd9Sstevel@tonic-gate int i; 5427c478bd9Sstevel@tonic-gate 5437c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 5447c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 5457c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", cmd, data, i); 5467c478bd9Sstevel@tonic-gate return i; 5477c478bd9Sstevel@tonic-gate } 5487c478bd9Sstevel@tonic-gate #endif 5497c478bd9Sstevel@tonic-gate 5507c478bd9Sstevel@tonic-gate 5517c478bd9Sstevel@tonic-gate int kmemcpy(addr, offset, size) 5527c478bd9Sstevel@tonic-gate char *addr; 5537c478bd9Sstevel@tonic-gate long offset; 5547c478bd9Sstevel@tonic-gate int size; 5557c478bd9Sstevel@tonic-gate { 5567c478bd9Sstevel@tonic-gate bcopy((char *)offset, addr, size); 5577c478bd9Sstevel@tonic-gate return 0; 5587c478bd9Sstevel@tonic-gate } 5597c478bd9Sstevel@tonic-gate 5607c478bd9Sstevel@tonic-gate 5617c478bd9Sstevel@tonic-gate int kstrncpy(buf, pos, n) 5627c478bd9Sstevel@tonic-gate char *buf; 5637c478bd9Sstevel@tonic-gate long pos; 5647c478bd9Sstevel@tonic-gate int n; 5657c478bd9Sstevel@tonic-gate { 5667c478bd9Sstevel@tonic-gate char *ptr; 5677c478bd9Sstevel@tonic-gate 5687c478bd9Sstevel@tonic-gate ptr = (char *)pos; 5697c478bd9Sstevel@tonic-gate 5707663b816Sml37995 while ((n-- > 0) && (*buf++ = *ptr++)) 5717c478bd9Sstevel@tonic-gate ; 5727c478bd9Sstevel@tonic-gate return 0; 5737c478bd9Sstevel@tonic-gate } 5747c478bd9Sstevel@tonic-gate 5757c478bd9Sstevel@tonic-gate 5767c478bd9Sstevel@tonic-gate /* 5777c478bd9Sstevel@tonic-gate * Display the built up NAT table rules and mapping entries. 5787c478bd9Sstevel@tonic-gate */ 5797c478bd9Sstevel@tonic-gate void dumpnat() 5807c478bd9Sstevel@tonic-gate { 5817c478bd9Sstevel@tonic-gate ipnat_t *ipn; 5827c478bd9Sstevel@tonic-gate nat_t *nat; 5837c478bd9Sstevel@tonic-gate 5847c478bd9Sstevel@tonic-gate printf("List of active MAP/Redirect filters:\n"); 5857c478bd9Sstevel@tonic-gate for (ipn = nat_list; ipn != NULL; ipn = ipn->in_next) 5867c478bd9Sstevel@tonic-gate printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 5877c478bd9Sstevel@tonic-gate printf("\nList of active sessions:\n"); 5887c478bd9Sstevel@tonic-gate for (nat = nat_instances; nat; nat = nat->nat_next) 5897c478bd9Sstevel@tonic-gate printactivenat(nat, opts); 5907c478bd9Sstevel@tonic-gate } 5917c478bd9Sstevel@tonic-gate 5927c478bd9Sstevel@tonic-gate 5937c478bd9Sstevel@tonic-gate /* 5947c478bd9Sstevel@tonic-gate * Display the built up state table rules and mapping entries. 5957c478bd9Sstevel@tonic-gate */ 5967c478bd9Sstevel@tonic-gate void dumpstate() 5977c478bd9Sstevel@tonic-gate { 5987c478bd9Sstevel@tonic-gate ipstate_t *ips; 5997c478bd9Sstevel@tonic-gate 6007c478bd9Sstevel@tonic-gate printf("List of active state sessions:\n"); 6017c478bd9Sstevel@tonic-gate for (ips = ips_list; ips != NULL; ) 6027c478bd9Sstevel@tonic-gate ips = printstate(ips, opts & (OPT_DEBUG|OPT_VERBOSE)); 6037c478bd9Sstevel@tonic-gate } 6047c478bd9Sstevel@tonic-gate 6057c478bd9Sstevel@tonic-gate 6067c478bd9Sstevel@tonic-gate void dumplookups() 6077c478bd9Sstevel@tonic-gate { 6087c478bd9Sstevel@tonic-gate iphtable_t *iph; 6097c478bd9Sstevel@tonic-gate ip_pool_t *ipl; 6107c478bd9Sstevel@tonic-gate int i; 6117c478bd9Sstevel@tonic-gate 6127c478bd9Sstevel@tonic-gate printf("List of configured pools\n"); 6137c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6147c478bd9Sstevel@tonic-gate for (ipl = ip_pool_list[i]; ipl != NULL; ipl = ipl->ipo_next) 6157c478bd9Sstevel@tonic-gate printpool(ipl, bcopywrap, opts); 6167c478bd9Sstevel@tonic-gate 6177c478bd9Sstevel@tonic-gate printf("List of configured hash tables\n"); 6187c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6197c478bd9Sstevel@tonic-gate for (iph = ipf_htables[i]; iph != NULL; iph = iph->iph_next) 6207c478bd9Sstevel@tonic-gate printhash(iph, bcopywrap, opts); 6217c478bd9Sstevel@tonic-gate } 6227c478bd9Sstevel@tonic-gate 6237c478bd9Sstevel@tonic-gate 6247c478bd9Sstevel@tonic-gate void dumpgroups() 6257c478bd9Sstevel@tonic-gate { 6267c478bd9Sstevel@tonic-gate frgroup_t *fg; 6277c478bd9Sstevel@tonic-gate frentry_t *fr; 6287c478bd9Sstevel@tonic-gate int i; 6297c478bd9Sstevel@tonic-gate 6307c478bd9Sstevel@tonic-gate printf("List of groups configured (set 0)\n"); 6317c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6327c478bd9Sstevel@tonic-gate for (fg = ipfgroups[i][0]; fg != NULL; fg = fg->fg_next) { 6337c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 6347c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 6357c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 6367c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 6377c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 6387c478bd9Sstevel@tonic-gate #else 6397c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 6407c478bd9Sstevel@tonic-gate #endif 6417c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 6427c478bd9Sstevel@tonic-gate } 6437c478bd9Sstevel@tonic-gate } 6447c478bd9Sstevel@tonic-gate 6457c478bd9Sstevel@tonic-gate printf("List of groups configured (set 1)\n"); 6467c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6477c478bd9Sstevel@tonic-gate for (fg = ipfgroups[i][1]; fg != NULL; fg = fg->fg_next) { 6487c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 6497c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 6507c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 6517c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 6527c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 6537c478bd9Sstevel@tonic-gate #else 6547c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 6557c478bd9Sstevel@tonic-gate #endif 6567c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 6577c478bd9Sstevel@tonic-gate } 6587c478bd9Sstevel@tonic-gate } 6597c478bd9Sstevel@tonic-gate } 6607c478bd9Sstevel@tonic-gate 6617c478bd9Sstevel@tonic-gate 6627c478bd9Sstevel@tonic-gate void drain_log(filename) 6637c478bd9Sstevel@tonic-gate char *filename; 6647c478bd9Sstevel@tonic-gate { 6657c478bd9Sstevel@tonic-gate char buffer[DEFAULT_IPFLOGSIZE]; 6667c478bd9Sstevel@tonic-gate struct iovec iov; 6677c478bd9Sstevel@tonic-gate struct uio uio; 6687c478bd9Sstevel@tonic-gate size_t resid; 6697c478bd9Sstevel@tonic-gate int fd; 6707c478bd9Sstevel@tonic-gate 6717c478bd9Sstevel@tonic-gate fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644); 6727c478bd9Sstevel@tonic-gate if (fd == -1) { 6737c478bd9Sstevel@tonic-gate perror("drain_log:open"); 6747c478bd9Sstevel@tonic-gate return; 6757c478bd9Sstevel@tonic-gate } 6767c478bd9Sstevel@tonic-gate 6777c478bd9Sstevel@tonic-gate while (1) { 6787c478bd9Sstevel@tonic-gate bzero((char *)&iov, sizeof(iov)); 6797c478bd9Sstevel@tonic-gate iov.iov_base = buffer; 6807c478bd9Sstevel@tonic-gate iov.iov_len = sizeof(buffer); 6817c478bd9Sstevel@tonic-gate 6827c478bd9Sstevel@tonic-gate bzero((char *)&uio, sizeof(uio)); 6837c478bd9Sstevel@tonic-gate uio.uio_iov = &iov; 6847c478bd9Sstevel@tonic-gate uio.uio_iovcnt = 1; 6857c478bd9Sstevel@tonic-gate uio.uio_resid = iov.iov_len; 6867c478bd9Sstevel@tonic-gate resid = uio.uio_resid; 6877c478bd9Sstevel@tonic-gate 6887c478bd9Sstevel@tonic-gate if (ipflog_read(0, &uio) == 0) { 6897c478bd9Sstevel@tonic-gate /* 6907c478bd9Sstevel@tonic-gate * If nothing was read then break out. 6917c478bd9Sstevel@tonic-gate */ 6927c478bd9Sstevel@tonic-gate if (uio.uio_resid == resid) 6937c478bd9Sstevel@tonic-gate break; 6947c478bd9Sstevel@tonic-gate write(fd, buffer, resid - uio.uio_resid); 6957c478bd9Sstevel@tonic-gate } else 6967c478bd9Sstevel@tonic-gate break; 6977c478bd9Sstevel@tonic-gate } 6987c478bd9Sstevel@tonic-gate 6997c478bd9Sstevel@tonic-gate close(fd); 7007c478bd9Sstevel@tonic-gate } 7017c478bd9Sstevel@tonic-gate 7027c478bd9Sstevel@tonic-gate 7037c478bd9Sstevel@tonic-gate void fixv4sums(m, ip) 7047c478bd9Sstevel@tonic-gate mb_t *m; 7057c478bd9Sstevel@tonic-gate ip_t *ip; 7067c478bd9Sstevel@tonic-gate { 7077c478bd9Sstevel@tonic-gate u_char *csump, *hdr; 7087c478bd9Sstevel@tonic-gate 7097c478bd9Sstevel@tonic-gate ip->ip_sum = 0; 7107c478bd9Sstevel@tonic-gate ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2); 7117c478bd9Sstevel@tonic-gate 7127c478bd9Sstevel@tonic-gate csump = (u_char *)ip; 7137c478bd9Sstevel@tonic-gate csump += IP_HL(ip) << 2; 7147c478bd9Sstevel@tonic-gate 7157c478bd9Sstevel@tonic-gate switch (ip->ip_p) 7167c478bd9Sstevel@tonic-gate { 7177c478bd9Sstevel@tonic-gate case IPPROTO_TCP : 7187c478bd9Sstevel@tonic-gate hdr = csump; 7197c478bd9Sstevel@tonic-gate csump += offsetof(tcphdr_t, th_sum); 7207c478bd9Sstevel@tonic-gate break; 7217c478bd9Sstevel@tonic-gate case IPPROTO_UDP : 7227c478bd9Sstevel@tonic-gate hdr = csump; 7237c478bd9Sstevel@tonic-gate csump += offsetof(udphdr_t, uh_sum); 7247c478bd9Sstevel@tonic-gate break; 7257c478bd9Sstevel@tonic-gate default : 7267c478bd9Sstevel@tonic-gate csump = NULL; 7277c478bd9Sstevel@tonic-gate hdr = NULL; 7287c478bd9Sstevel@tonic-gate break; 7297c478bd9Sstevel@tonic-gate } 7307c478bd9Sstevel@tonic-gate if (hdr != NULL) { 7317c478bd9Sstevel@tonic-gate *csump = 0; 7327c478bd9Sstevel@tonic-gate *(u_short *)csump = fr_cksum(m, ip, ip->ip_p, hdr); 7337c478bd9Sstevel@tonic-gate } 7347c478bd9Sstevel@tonic-gate } 735