17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * Copyright (C) 2002 by Darren Reed. 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * See the IPFILTER.LICENCE file for details on licencing. 57c478bd9Sstevel@tonic-gate */ 67c478bd9Sstevel@tonic-gate 77c478bd9Sstevel@tonic-gate #include "ipf.h" 87c478bd9Sstevel@tonic-gate #include "kmem.h" 97c478bd9Sstevel@tonic-gate 107c478bd9Sstevel@tonic-gate #define PRINTF (void)printf 117c478bd9Sstevel@tonic-gate #define FPRINTF (void)fprintf 127c478bd9Sstevel@tonic-gate 13*ab25eeb5Syz155240 ipstate_t *printstate(sp, opts, now) 147c478bd9Sstevel@tonic-gate ipstate_t *sp; 157c478bd9Sstevel@tonic-gate int opts; 16*ab25eeb5Syz155240 u_long now; 177c478bd9Sstevel@tonic-gate { 187c478bd9Sstevel@tonic-gate ipstate_t ips; 19*ab25eeb5Syz155240 #ifdef IPFILTER_SYNC 20*ab25eeb5Syz155240 synclist_t ipsync; 21*ab25eeb5Syz155240 #endif 227c478bd9Sstevel@tonic-gate 237c478bd9Sstevel@tonic-gate if (kmemcpy((char *)&ips, (u_long)sp, sizeof(ips))) 247c478bd9Sstevel@tonic-gate return NULL; 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate PRINTF("%s -> ", hostname(ips.is_v, &ips.is_src.in4)); 277c478bd9Sstevel@tonic-gate PRINTF("%s pass %#x pr %d state %d/%d bkt %d\n", 287c478bd9Sstevel@tonic-gate hostname(ips.is_v, &ips.is_dst.in4), ips.is_pass, ips.is_p, 297c478bd9Sstevel@tonic-gate ips.is_state[0], ips.is_state[1], ips.is_hv); 30*ab25eeb5Syz155240 PRINTF("\ttag %u ttl %lu", ips.is_tag, ips.is_die - now); 317c478bd9Sstevel@tonic-gate 327c478bd9Sstevel@tonic-gate if (ips.is_p == IPPROTO_TCP) { 337c478bd9Sstevel@tonic-gate PRINTF("\n\t%hu -> %hu %x:%x %hu<<%d:%hu<<%d\n", 347c478bd9Sstevel@tonic-gate ntohs(ips.is_sport), ntohs(ips.is_dport), 357c478bd9Sstevel@tonic-gate ips.is_send, ips.is_dend, 367c478bd9Sstevel@tonic-gate ips.is_maxswin, ips.is_swinscale, 377c478bd9Sstevel@tonic-gate ips.is_maxdwin, ips.is_dwinscale); 387c478bd9Sstevel@tonic-gate PRINTF("\tcmsk %04x smsk %04x isc %p s0 %08x/%08x\n", 397c478bd9Sstevel@tonic-gate ips.is_smsk[0], ips.is_smsk[1], ips.is_isc, 407c478bd9Sstevel@tonic-gate ips.is_s0[0], ips.is_s0[1]); 417c478bd9Sstevel@tonic-gate PRINTF("\tFWD:ISN inc %x sumd %x\n", 427c478bd9Sstevel@tonic-gate ips.is_isninc[0], ips.is_sumd[0]); 437c478bd9Sstevel@tonic-gate PRINTF("\tREV:ISN inc %x sumd %x\n", 447c478bd9Sstevel@tonic-gate ips.is_isninc[1], ips.is_sumd[1]); 457c478bd9Sstevel@tonic-gate #ifdef IPFILTER_SCAN 467c478bd9Sstevel@tonic-gate PRINTF("\tsbuf[0] ["); 477c478bd9Sstevel@tonic-gate printsbuf(ips.is_sbuf[0]); 487c478bd9Sstevel@tonic-gate PRINTF("] sbuf[1] ["); 497c478bd9Sstevel@tonic-gate printsbuf(ips.is_sbuf[1]); 507c478bd9Sstevel@tonic-gate PRINTF("]\n"); 517c478bd9Sstevel@tonic-gate #endif 52*ab25eeb5Syz155240 } else if (ips.is_p == IPPROTO_UDP) { 537c478bd9Sstevel@tonic-gate PRINTF(" %hu -> %hu\n", ntohs(ips.is_sport), 547c478bd9Sstevel@tonic-gate ntohs(ips.is_dport)); 55*ab25eeb5Syz155240 } else if (ips.is_p == IPPROTO_GRE) { 56*ab25eeb5Syz155240 PRINTF(" call %hx/%hx\n", ntohs(ips.is_gre.gs_call[0]), 57*ab25eeb5Syz155240 ntohs(ips.is_gre.gs_call[1])); 58*ab25eeb5Syz155240 } else if (ips.is_p == IPPROTO_ICMP 597c478bd9Sstevel@tonic-gate #ifdef USE_INET6 607c478bd9Sstevel@tonic-gate || ips.is_p == IPPROTO_ICMPV6 617c478bd9Sstevel@tonic-gate #endif 627c478bd9Sstevel@tonic-gate ) 637c478bd9Sstevel@tonic-gate PRINTF(" id %hu seq %hu type %d\n", ntohs(ips.is_icmp.ici_id), 647c478bd9Sstevel@tonic-gate ntohs(ips.is_icmp.ici_seq), ips.is_icmp.ici_type); 657c478bd9Sstevel@tonic-gate 667c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 67*ab25eeb5Syz155240 PRINTF("\tforward: pkts in %qd bytes in %qd pkts out %qd bytes out %qd\n\tbackward: pkts in %qd bytes in %qd pkts out %qd bytes out %qd\n", 687c478bd9Sstevel@tonic-gate ips.is_pkts[0], ips.is_bytes[0], 697c478bd9Sstevel@tonic-gate ips.is_pkts[1], ips.is_bytes[1], 707c478bd9Sstevel@tonic-gate ips.is_pkts[2], ips.is_bytes[2], 717c478bd9Sstevel@tonic-gate ips.is_pkts[3], ips.is_bytes[3]); 727c478bd9Sstevel@tonic-gate #else 737c478bd9Sstevel@tonic-gate PRINTF("\tforward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n\tbackward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n", 747c478bd9Sstevel@tonic-gate ips.is_pkts[0], ips.is_bytes[0], 757c478bd9Sstevel@tonic-gate ips.is_pkts[1], ips.is_bytes[1], 767c478bd9Sstevel@tonic-gate ips.is_pkts[2], ips.is_bytes[2], 777c478bd9Sstevel@tonic-gate ips.is_pkts[3], ips.is_bytes[3]); 787c478bd9Sstevel@tonic-gate #endif 797c478bd9Sstevel@tonic-gate 807c478bd9Sstevel@tonic-gate PRINTF("\t"); 817c478bd9Sstevel@tonic-gate 827c478bd9Sstevel@tonic-gate /* 837c478bd9Sstevel@tonic-gate * Print out bits set in the result code for the state being 847c478bd9Sstevel@tonic-gate * kept as they would for a rule. 857c478bd9Sstevel@tonic-gate */ 867c478bd9Sstevel@tonic-gate if (FR_ISPASS(ips.is_pass)) { 877c478bd9Sstevel@tonic-gate PRINTF("pass"); 887c478bd9Sstevel@tonic-gate } else if (FR_ISBLOCK(ips.is_pass)) { 897c478bd9Sstevel@tonic-gate PRINTF("block"); 907c478bd9Sstevel@tonic-gate switch (ips.is_pass & FR_RETMASK) 917c478bd9Sstevel@tonic-gate { 927c478bd9Sstevel@tonic-gate case FR_RETICMP : 937c478bd9Sstevel@tonic-gate PRINTF(" return-icmp"); 947c478bd9Sstevel@tonic-gate break; 957c478bd9Sstevel@tonic-gate case FR_FAKEICMP : 967c478bd9Sstevel@tonic-gate PRINTF(" return-icmp-as-dest"); 977c478bd9Sstevel@tonic-gate break; 987c478bd9Sstevel@tonic-gate case FR_RETRST : 997c478bd9Sstevel@tonic-gate PRINTF(" return-rst"); 1007c478bd9Sstevel@tonic-gate break; 1017c478bd9Sstevel@tonic-gate default : 1027c478bd9Sstevel@tonic-gate break; 1037c478bd9Sstevel@tonic-gate } 1047c478bd9Sstevel@tonic-gate } else if ((ips.is_pass & FR_LOGMASK) == FR_LOG) { 1057c478bd9Sstevel@tonic-gate PRINTF("log"); 1067c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_LOGBODY) 1077c478bd9Sstevel@tonic-gate PRINTF(" body"); 1087c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_LOGFIRST) 1097c478bd9Sstevel@tonic-gate PRINTF(" first"); 1107c478bd9Sstevel@tonic-gate } else if (FR_ISACCOUNT(ips.is_pass)) { 1117c478bd9Sstevel@tonic-gate PRINTF("count"); 1127c478bd9Sstevel@tonic-gate } else if (FR_ISPREAUTH(ips.is_pass)) { 1137c478bd9Sstevel@tonic-gate PRINTF("preauth"); 1147c478bd9Sstevel@tonic-gate } else if (FR_ISAUTH(ips.is_pass)) 1157c478bd9Sstevel@tonic-gate PRINTF("auth"); 1167c478bd9Sstevel@tonic-gate 1177c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_OUTQUE) 1187c478bd9Sstevel@tonic-gate PRINTF(" out"); 1197c478bd9Sstevel@tonic-gate else 1207c478bd9Sstevel@tonic-gate PRINTF(" in"); 1217c478bd9Sstevel@tonic-gate 1227c478bd9Sstevel@tonic-gate if ((ips.is_pass & FR_LOG) != 0) { 1237c478bd9Sstevel@tonic-gate PRINTF(" log"); 1247c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_LOGBODY) 1257c478bd9Sstevel@tonic-gate PRINTF(" body"); 1267c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_LOGFIRST) 1277c478bd9Sstevel@tonic-gate PRINTF(" first"); 1287c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_LOGORBLOCK) 1297c478bd9Sstevel@tonic-gate PRINTF(" or-block"); 1307c478bd9Sstevel@tonic-gate } 1317c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_QUICK) 1327c478bd9Sstevel@tonic-gate PRINTF(" quick"); 1337c478bd9Sstevel@tonic-gate if (ips.is_pass & FR_KEEPFRAG) 1347c478bd9Sstevel@tonic-gate PRINTF(" keep frags"); 1357c478bd9Sstevel@tonic-gate /* a given; no? */ 136*ab25eeb5Syz155240 if (ips.is_pass & FR_KEEPSTATE) { 1377c478bd9Sstevel@tonic-gate PRINTF(" keep state"); 138*ab25eeb5Syz155240 if (ips.is_pass & FR_STATESYNC) 139*ab25eeb5Syz155240 PRINTF(" ( sync )"); 140*ab25eeb5Syz155240 } 1417c478bd9Sstevel@tonic-gate PRINTF("\tIPv%d", ips.is_v); 1427c478bd9Sstevel@tonic-gate PRINTF("\n"); 1437c478bd9Sstevel@tonic-gate 1447c478bd9Sstevel@tonic-gate PRINTF("\tpkt_flags & %x(%x) = %x,\t", 1457c478bd9Sstevel@tonic-gate ips.is_flags & 0xf, ips.is_flags, 1467c478bd9Sstevel@tonic-gate ips.is_flags >> 4); 147*ab25eeb5Syz155240 PRINTF("\tpkt_options & %x = %x, %x = %x \n", ips.is_optmsk[0], 148*ab25eeb5Syz155240 ips.is_opt[0], ips.is_optmsk[1], ips.is_opt[1]); 1497c478bd9Sstevel@tonic-gate PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n", 1507c478bd9Sstevel@tonic-gate ips.is_secmsk, ips.is_sec, ips.is_authmsk, 1517c478bd9Sstevel@tonic-gate ips.is_auth); 1527c478bd9Sstevel@tonic-gate PRINTF("\tis_flx %#x %#x %#x %#x\n", ips.is_flx[0][0], ips.is_flx[0][1], 1537c478bd9Sstevel@tonic-gate ips.is_flx[1][0], ips.is_flx[1][1]); 1547c478bd9Sstevel@tonic-gate PRINTF("\tinterfaces: in %s[%s", getifname(ips.is_ifp[0]), 1557c478bd9Sstevel@tonic-gate ips.is_ifname[0]); 1567c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 1577c478bd9Sstevel@tonic-gate PRINTF("/%p", ips.is_ifp[0]); 1587c478bd9Sstevel@tonic-gate putchar(']'); 1597c478bd9Sstevel@tonic-gate PRINTF(",%s[%s", getifname(ips.is_ifp[1]), ips.is_ifname[1]); 1607c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 1617c478bd9Sstevel@tonic-gate PRINTF("/%p", ips.is_ifp[1]); 1627c478bd9Sstevel@tonic-gate putchar(']'); 1637c478bd9Sstevel@tonic-gate PRINTF(" out %s[%s", getifname(ips.is_ifp[2]), ips.is_ifname[2]); 1647c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 1657c478bd9Sstevel@tonic-gate PRINTF("/%p", ips.is_ifp[2]); 1667c478bd9Sstevel@tonic-gate putchar(']'); 1677c478bd9Sstevel@tonic-gate PRINTF(",%s[%s", getifname(ips.is_ifp[3]), ips.is_ifname[3]); 1687c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 1697c478bd9Sstevel@tonic-gate PRINTF("/%p", ips.is_ifp[3]); 1707c478bd9Sstevel@tonic-gate PRINTF("]\n"); 1717c478bd9Sstevel@tonic-gate 172*ab25eeb5Syz155240 #ifdef IPFILTER_SYNC 173*ab25eeb5Syz155240 if (ips.is_sync != NULL) { 174*ab25eeb5Syz155240 175*ab25eeb5Syz155240 if (kmemcpy((char *)&ipsync, (u_long)ips.is_sync, sizeof(ipsync))) { 176*ab25eeb5Syz155240 177*ab25eeb5Syz155240 PRINTF("\tSync status: status could not be retrieved\n"); 178*ab25eeb5Syz155240 return NULL; 179*ab25eeb5Syz155240 } 180*ab25eeb5Syz155240 181*ab25eeb5Syz155240 PRINTF("\tSync status: idx %d num %d v %d pr %d rev %d\n", 182*ab25eeb5Syz155240 ipsync.sl_idx, ipsync.sl_num, ipsync.sl_v, 183*ab25eeb5Syz155240 ipsync.sl_p, ipsync.sl_rev); 184*ab25eeb5Syz155240 185*ab25eeb5Syz155240 } else { 186*ab25eeb5Syz155240 PRINTF("\tSync status: not synchronized\n"); 187*ab25eeb5Syz155240 } 188*ab25eeb5Syz155240 #endif 189*ab25eeb5Syz155240 1907c478bd9Sstevel@tonic-gate return ips.is_next; 1917c478bd9Sstevel@tonic-gate } 192