1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * Copyright (C) 1993-2001 by Darren Reed. 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * See the IPFILTER.LICENCE file for details on licencing. 5*7c478bd9Sstevel@tonic-gate */ 6*7c478bd9Sstevel@tonic-gate #include "ipf.h" 7*7c478bd9Sstevel@tonic-gate #include "ipt.h" 8*7c478bd9Sstevel@tonic-gate #include <sys/ioctl.h> 9*7c478bd9Sstevel@tonic-gate #include <sys/file.h> 10*7c478bd9Sstevel@tonic-gate 11*7c478bd9Sstevel@tonic-gate #if !defined(lint) 12*7c478bd9Sstevel@tonic-gate static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed"; 13*7c478bd9Sstevel@tonic-gate static const char rcsid[] = "@(#)$Id: ipftest.c,v 1.35 2003/07/01 01:03:04 darrenr Exp $"; 14*7c478bd9Sstevel@tonic-gate #endif 15*7c478bd9Sstevel@tonic-gate 16*7c478bd9Sstevel@tonic-gate extern char *optarg; 17*7c478bd9Sstevel@tonic-gate extern struct frentry *ipfilter[2][2]; 18*7c478bd9Sstevel@tonic-gate extern struct ipread snoop, etherf, tcpd, pcap, iptext, iphex; 19*7c478bd9Sstevel@tonic-gate extern struct ifnet *get_unit __P((char *, int)); 20*7c478bd9Sstevel@tonic-gate extern void init_ifp __P((void)); 21*7c478bd9Sstevel@tonic-gate extern ipnat_t *natparse __P((char *, int)); 22*7c478bd9Sstevel@tonic-gate extern int fr_running; 23*7c478bd9Sstevel@tonic-gate 24*7c478bd9Sstevel@tonic-gate ipfmutex_t ipl_mutex, ipf_authmx, ipf_rw, ipf_stinsert; 25*7c478bd9Sstevel@tonic-gate ipfmutex_t ipf_nat_new, ipf_natio, ipf_timeoutlock; 26*7c478bd9Sstevel@tonic-gate ipfrwlock_t ipf_mutex, ipf_global, ipf_ipidfrag, ip_poolrw; 27*7c478bd9Sstevel@tonic-gate ipfrwlock_t ipf_frag, ipf_state, ipf_nat, ipf_natfrag, ipf_auth; 28*7c478bd9Sstevel@tonic-gate int opts = OPT_DONOTHING; 29*7c478bd9Sstevel@tonic-gate int use_inet6 = 0; 30*7c478bd9Sstevel@tonic-gate int pfil_delayed_copy = 0; 31*7c478bd9Sstevel@tonic-gate int main __P((int, char *[])); 32*7c478bd9Sstevel@tonic-gate int loadrules __P((char *, int)); 33*7c478bd9Sstevel@tonic-gate int kmemcpy __P((char *, long, int)); 34*7c478bd9Sstevel@tonic-gate int kstrncpy __P((char *, long, int n)); 35*7c478bd9Sstevel@tonic-gate void dumpnat __P((void)); 36*7c478bd9Sstevel@tonic-gate void dumpstate __P((void)); 37*7c478bd9Sstevel@tonic-gate void dumplookups __P((void)); 38*7c478bd9Sstevel@tonic-gate void dumpgroups __P((void)); 39*7c478bd9Sstevel@tonic-gate void drain_log __P((char *)); 40*7c478bd9Sstevel@tonic-gate void fixv4sums __P((mb_t *, ip_t *)); 41*7c478bd9Sstevel@tonic-gate 42*7c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 43*7c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 44*7c478bd9Sstevel@tonic-gate defined(__osf__) 45*7c478bd9Sstevel@tonic-gate int ipftestioctl __P((int, ioctlcmd_t, ...)); 46*7c478bd9Sstevel@tonic-gate int ipnattestioctl __P((int, ioctlcmd_t, ...)); 47*7c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((int, ioctlcmd_t, ...)); 48*7c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((int, ioctlcmd_t, ...)); 49*7c478bd9Sstevel@tonic-gate int ipscantestioctl __P((int, ioctlcmd_t, ...)); 50*7c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((int, ioctlcmd_t, ...)); 51*7c478bd9Sstevel@tonic-gate int ipooltestioctl __P((int, ioctlcmd_t, ...)); 52*7c478bd9Sstevel@tonic-gate #else 53*7c478bd9Sstevel@tonic-gate int ipftestioctl __P((dev_t, ioctlcmd_t, void *)); 54*7c478bd9Sstevel@tonic-gate int ipnattestioctl __P((dev_t, ioctlcmd_t, void *)); 55*7c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *)); 56*7c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *)); 57*7c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *)); 58*7c478bd9Sstevel@tonic-gate int ipscantestioctl __P((dev_t, ioctlcmd_t, void *)); 59*7c478bd9Sstevel@tonic-gate int ipooltestioctl __P((dev_t, ioctlcmd_t, void *)); 60*7c478bd9Sstevel@tonic-gate #endif 61*7c478bd9Sstevel@tonic-gate 62*7c478bd9Sstevel@tonic-gate static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl, 63*7c478bd9Sstevel@tonic-gate ipnattestioctl, 64*7c478bd9Sstevel@tonic-gate ipstatetestioctl, 65*7c478bd9Sstevel@tonic-gate ipauthtestioctl, 66*7c478bd9Sstevel@tonic-gate ipsynctestioctl, 67*7c478bd9Sstevel@tonic-gate ipscantestioctl, 68*7c478bd9Sstevel@tonic-gate ipooltestioctl, 69*7c478bd9Sstevel@tonic-gate NULL }; 70*7c478bd9Sstevel@tonic-gate 71*7c478bd9Sstevel@tonic-gate 72*7c478bd9Sstevel@tonic-gate int main(argc,argv) 73*7c478bd9Sstevel@tonic-gate int argc; 74*7c478bd9Sstevel@tonic-gate char *argv[]; 75*7c478bd9Sstevel@tonic-gate { 76*7c478bd9Sstevel@tonic-gate char *datain, *iface, *ifname, *logout; 77*7c478bd9Sstevel@tonic-gate int fd, i, dir, c, loaded, dump, hlen; 78*7c478bd9Sstevel@tonic-gate struct ifnet *ifp; 79*7c478bd9Sstevel@tonic-gate struct ipread *r; 80*7c478bd9Sstevel@tonic-gate mb_t mb, *m; 81*7c478bd9Sstevel@tonic-gate ip_t *ip; 82*7c478bd9Sstevel@tonic-gate 83*7c478bd9Sstevel@tonic-gate m = &mb; 84*7c478bd9Sstevel@tonic-gate dir = 0; 85*7c478bd9Sstevel@tonic-gate dump = 0; 86*7c478bd9Sstevel@tonic-gate hlen = 0; 87*7c478bd9Sstevel@tonic-gate loaded = 0; 88*7c478bd9Sstevel@tonic-gate r = &iptext; 89*7c478bd9Sstevel@tonic-gate iface = NULL; 90*7c478bd9Sstevel@tonic-gate logout = NULL; 91*7c478bd9Sstevel@tonic-gate ifname = "anon0"; 92*7c478bd9Sstevel@tonic-gate datain = NULL; 93*7c478bd9Sstevel@tonic-gate 94*7c478bd9Sstevel@tonic-gate MUTEX_INIT(&ipf_rw, "ipf rw mutex"); 95*7c478bd9Sstevel@tonic-gate MUTEX_INIT(&ipf_timeoutlock, "ipf timeout lock"); 96*7c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_global, "ipf filter load/unload mutex"); 97*7c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_mutex, "ipf filter rwlock"); 98*7c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_ipidfrag, "ipf IP NAT-Frag rwlock"); 99*7c478bd9Sstevel@tonic-gate 100*7c478bd9Sstevel@tonic-gate initparse(); 101*7c478bd9Sstevel@tonic-gate fr_loginit(); 102*7c478bd9Sstevel@tonic-gate fr_authinit(); 103*7c478bd9Sstevel@tonic-gate fr_fraginit(); 104*7c478bd9Sstevel@tonic-gate fr_stateinit(); 105*7c478bd9Sstevel@tonic-gate fr_natinit(); 106*7c478bd9Sstevel@tonic-gate appr_init(); 107*7c478bd9Sstevel@tonic-gate ip_lookup_init(); 108*7c478bd9Sstevel@tonic-gate fr_running = 1; 109*7c478bd9Sstevel@tonic-gate 110*7c478bd9Sstevel@tonic-gate while ((c = getopt(argc, argv, "6bdDF:i:I:l:N:P:or:vxX")) != -1) 111*7c478bd9Sstevel@tonic-gate switch (c) 112*7c478bd9Sstevel@tonic-gate { 113*7c478bd9Sstevel@tonic-gate case '6' : 114*7c478bd9Sstevel@tonic-gate #ifdef USE_INET6 115*7c478bd9Sstevel@tonic-gate use_inet6 = 1; 116*7c478bd9Sstevel@tonic-gate #else 117*7c478bd9Sstevel@tonic-gate fprintf(stderr, "IPv6 not supported\n"); 118*7c478bd9Sstevel@tonic-gate exit(1); 119*7c478bd9Sstevel@tonic-gate #endif 120*7c478bd9Sstevel@tonic-gate break; 121*7c478bd9Sstevel@tonic-gate case 'b' : 122*7c478bd9Sstevel@tonic-gate opts |= OPT_BRIEF; 123*7c478bd9Sstevel@tonic-gate break; 124*7c478bd9Sstevel@tonic-gate case 'd' : 125*7c478bd9Sstevel@tonic-gate opts |= OPT_DEBUG; 126*7c478bd9Sstevel@tonic-gate break; 127*7c478bd9Sstevel@tonic-gate case 'D' : 128*7c478bd9Sstevel@tonic-gate dump = 1; 129*7c478bd9Sstevel@tonic-gate break; 130*7c478bd9Sstevel@tonic-gate case 'F' : 131*7c478bd9Sstevel@tonic-gate if (strcasecmp(optarg, "pcap") == 0) 132*7c478bd9Sstevel@tonic-gate r = &pcap; 133*7c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "etherfind") == 0) 134*7c478bd9Sstevel@tonic-gate r = ðerf; 135*7c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "snoop") == 0) 136*7c478bd9Sstevel@tonic-gate r = &snoop; 137*7c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "tcpdump") == 0) 138*7c478bd9Sstevel@tonic-gate r = &tcpd; 139*7c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "hex") == 0) 140*7c478bd9Sstevel@tonic-gate r = &iphex; 141*7c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "text") == 0) 142*7c478bd9Sstevel@tonic-gate r = &iptext; 143*7c478bd9Sstevel@tonic-gate break; 144*7c478bd9Sstevel@tonic-gate case 'i' : 145*7c478bd9Sstevel@tonic-gate datain = optarg; 146*7c478bd9Sstevel@tonic-gate break; 147*7c478bd9Sstevel@tonic-gate case 'I' : 148*7c478bd9Sstevel@tonic-gate ifname = optarg; 149*7c478bd9Sstevel@tonic-gate break; 150*7c478bd9Sstevel@tonic-gate case 'l' : 151*7c478bd9Sstevel@tonic-gate logout = optarg; 152*7c478bd9Sstevel@tonic-gate break; 153*7c478bd9Sstevel@tonic-gate case 'o' : 154*7c478bd9Sstevel@tonic-gate opts |= OPT_SAVEOUT; 155*7c478bd9Sstevel@tonic-gate break; 156*7c478bd9Sstevel@tonic-gate case 'r' : 157*7c478bd9Sstevel@tonic-gate if (ipf_parsefile(-1, ipf_addrule, iocfunctions, 158*7c478bd9Sstevel@tonic-gate optarg) == -1) 159*7c478bd9Sstevel@tonic-gate return -1; 160*7c478bd9Sstevel@tonic-gate loaded = 1; 161*7c478bd9Sstevel@tonic-gate break; 162*7c478bd9Sstevel@tonic-gate case 'v' : 163*7c478bd9Sstevel@tonic-gate opts |= OPT_VERBOSE; 164*7c478bd9Sstevel@tonic-gate break; 165*7c478bd9Sstevel@tonic-gate case 'N' : 166*7c478bd9Sstevel@tonic-gate if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl, 167*7c478bd9Sstevel@tonic-gate optarg) == -1) 168*7c478bd9Sstevel@tonic-gate return -1; 169*7c478bd9Sstevel@tonic-gate loaded = 1; 170*7c478bd9Sstevel@tonic-gate opts |= OPT_NAT; 171*7c478bd9Sstevel@tonic-gate break; 172*7c478bd9Sstevel@tonic-gate case 'P' : 173*7c478bd9Sstevel@tonic-gate if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1) 174*7c478bd9Sstevel@tonic-gate return -1; 175*7c478bd9Sstevel@tonic-gate loaded = 1; 176*7c478bd9Sstevel@tonic-gate break; 177*7c478bd9Sstevel@tonic-gate case 'x' : 178*7c478bd9Sstevel@tonic-gate opts |= OPT_HEX; 179*7c478bd9Sstevel@tonic-gate break; 180*7c478bd9Sstevel@tonic-gate } 181*7c478bd9Sstevel@tonic-gate 182*7c478bd9Sstevel@tonic-gate if (loaded == 0) { 183*7c478bd9Sstevel@tonic-gate (void)fprintf(stderr,"no rules loaded\n"); 184*7c478bd9Sstevel@tonic-gate exit(-1); 185*7c478bd9Sstevel@tonic-gate } 186*7c478bd9Sstevel@tonic-gate 187*7c478bd9Sstevel@tonic-gate if (opts & OPT_SAVEOUT) 188*7c478bd9Sstevel@tonic-gate init_ifp(); 189*7c478bd9Sstevel@tonic-gate 190*7c478bd9Sstevel@tonic-gate if (datain) 191*7c478bd9Sstevel@tonic-gate fd = (*r->r_open)(datain); 192*7c478bd9Sstevel@tonic-gate else 193*7c478bd9Sstevel@tonic-gate fd = (*r->r_open)("-"); 194*7c478bd9Sstevel@tonic-gate 195*7c478bd9Sstevel@tonic-gate if (fd < 0) 196*7c478bd9Sstevel@tonic-gate exit(-1); 197*7c478bd9Sstevel@tonic-gate 198*7c478bd9Sstevel@tonic-gate ip = MTOD(m, ip_t *); 199*7c478bd9Sstevel@tonic-gate while ((i = (*r->r_readip)(MTOD(m, char *), sizeof(m->mb_buf), 200*7c478bd9Sstevel@tonic-gate &iface, &dir)) > 0) { 201*7c478bd9Sstevel@tonic-gate if (iface == NULL || *iface == '\0') 202*7c478bd9Sstevel@tonic-gate iface = ifname; 203*7c478bd9Sstevel@tonic-gate ifp = get_unit(iface, IP_V(ip)); 204*7c478bd9Sstevel@tonic-gate if (!use_inet6) { 205*7c478bd9Sstevel@tonic-gate ip->ip_off = ntohs(ip->ip_off); 206*7c478bd9Sstevel@tonic-gate ip->ip_len = ntohs(ip->ip_len); 207*7c478bd9Sstevel@tonic-gate if (r->r_flags & R_DO_CKSUM) 208*7c478bd9Sstevel@tonic-gate fixv4sums(m, ip); 209*7c478bd9Sstevel@tonic-gate hlen = IP_HL(ip) << 2; 210*7c478bd9Sstevel@tonic-gate } 211*7c478bd9Sstevel@tonic-gate #ifdef USE_INET6 212*7c478bd9Sstevel@tonic-gate else 213*7c478bd9Sstevel@tonic-gate hlen = sizeof(ip6_t); 214*7c478bd9Sstevel@tonic-gate #endif 215*7c478bd9Sstevel@tonic-gate /* ipfr_slowtimer(); */ 216*7c478bd9Sstevel@tonic-gate m = &mb; 217*7c478bd9Sstevel@tonic-gate m->mb_len = i; 218*7c478bd9Sstevel@tonic-gate i = fr_check(ip, hlen, ifp, dir, &m); 219*7c478bd9Sstevel@tonic-gate if ((opts & OPT_NAT) == 0) 220*7c478bd9Sstevel@tonic-gate switch (i) 221*7c478bd9Sstevel@tonic-gate { 222*7c478bd9Sstevel@tonic-gate case -4 : 223*7c478bd9Sstevel@tonic-gate (void)printf("preauth"); 224*7c478bd9Sstevel@tonic-gate break; 225*7c478bd9Sstevel@tonic-gate case -3 : 226*7c478bd9Sstevel@tonic-gate (void)printf("account"); 227*7c478bd9Sstevel@tonic-gate break; 228*7c478bd9Sstevel@tonic-gate case -2 : 229*7c478bd9Sstevel@tonic-gate (void)printf("auth"); 230*7c478bd9Sstevel@tonic-gate break; 231*7c478bd9Sstevel@tonic-gate case -1 : 232*7c478bd9Sstevel@tonic-gate (void)printf("block"); 233*7c478bd9Sstevel@tonic-gate break; 234*7c478bd9Sstevel@tonic-gate case 0 : 235*7c478bd9Sstevel@tonic-gate (void)printf("pass"); 236*7c478bd9Sstevel@tonic-gate break; 237*7c478bd9Sstevel@tonic-gate case 1 : 238*7c478bd9Sstevel@tonic-gate (void)printf("nomatch"); 239*7c478bd9Sstevel@tonic-gate break; 240*7c478bd9Sstevel@tonic-gate case 3 : 241*7c478bd9Sstevel@tonic-gate (void)printf("block return-rst"); 242*7c478bd9Sstevel@tonic-gate break; 243*7c478bd9Sstevel@tonic-gate case 4 : 244*7c478bd9Sstevel@tonic-gate (void)printf("block return-icmp"); 245*7c478bd9Sstevel@tonic-gate break; 246*7c478bd9Sstevel@tonic-gate case 5 : 247*7c478bd9Sstevel@tonic-gate (void)printf("block return-icmp-as-dest"); 248*7c478bd9Sstevel@tonic-gate break; 249*7c478bd9Sstevel@tonic-gate default : 250*7c478bd9Sstevel@tonic-gate (void)printf("recognised return %#x\n", i); 251*7c478bd9Sstevel@tonic-gate break; 252*7c478bd9Sstevel@tonic-gate } 253*7c478bd9Sstevel@tonic-gate if (!use_inet6) { 254*7c478bd9Sstevel@tonic-gate ip->ip_off = htons(ip->ip_off); 255*7c478bd9Sstevel@tonic-gate ip->ip_len = htons(ip->ip_len); 256*7c478bd9Sstevel@tonic-gate } 257*7c478bd9Sstevel@tonic-gate 258*7c478bd9Sstevel@tonic-gate if (!(opts & OPT_BRIEF)) { 259*7c478bd9Sstevel@tonic-gate putchar(' '); 260*7c478bd9Sstevel@tonic-gate printpacket(ip); 261*7c478bd9Sstevel@tonic-gate printf("--------------"); 262*7c478bd9Sstevel@tonic-gate } else if ((opts & (OPT_BRIEF|OPT_NAT)) == (OPT_NAT|OPT_BRIEF)) 263*7c478bd9Sstevel@tonic-gate printpacket(ip); 264*7c478bd9Sstevel@tonic-gate if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL)) 265*7c478bd9Sstevel@tonic-gate #if defined(__sgi) && (IRIX < 605) 266*7c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL); 267*7c478bd9Sstevel@tonic-gate #else 268*7c478bd9Sstevel@tonic-gate # if TRU64 >= 1885 269*7c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0); 270*7c478bd9Sstevel@tonic-gate # else 271*7c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0); 272*7c478bd9Sstevel@tonic-gate # endif 273*7c478bd9Sstevel@tonic-gate #endif 274*7c478bd9Sstevel@tonic-gate if ((opts & (OPT_BRIEF|OPT_NAT)) != (OPT_NAT|OPT_BRIEF)) 275*7c478bd9Sstevel@tonic-gate putchar('\n'); 276*7c478bd9Sstevel@tonic-gate dir = 0; 277*7c478bd9Sstevel@tonic-gate if (iface != ifname) { 278*7c478bd9Sstevel@tonic-gate free(iface); 279*7c478bd9Sstevel@tonic-gate iface = ifname; 280*7c478bd9Sstevel@tonic-gate } 281*7c478bd9Sstevel@tonic-gate m = &mb; 282*7c478bd9Sstevel@tonic-gate } 283*7c478bd9Sstevel@tonic-gate (*r->r_close)(); 284*7c478bd9Sstevel@tonic-gate 285*7c478bd9Sstevel@tonic-gate if (logout != NULL) { 286*7c478bd9Sstevel@tonic-gate drain_log(logout); 287*7c478bd9Sstevel@tonic-gate } 288*7c478bd9Sstevel@tonic-gate 289*7c478bd9Sstevel@tonic-gate if (dump == 1) { 290*7c478bd9Sstevel@tonic-gate dumpnat(); 291*7c478bd9Sstevel@tonic-gate dumpstate(); 292*7c478bd9Sstevel@tonic-gate dumplookups(); 293*7c478bd9Sstevel@tonic-gate dumpgroups(); 294*7c478bd9Sstevel@tonic-gate } 295*7c478bd9Sstevel@tonic-gate 296*7c478bd9Sstevel@tonic-gate for (i = IPL_LOGMAX; i >= 0; i--) 297*7c478bd9Sstevel@tonic-gate (void) ipflog_clear(i); 298*7c478bd9Sstevel@tonic-gate 299*7c478bd9Sstevel@tonic-gate fr_fragunload(); 300*7c478bd9Sstevel@tonic-gate fr_authunload(); 301*7c478bd9Sstevel@tonic-gate fr_stateunload(); 302*7c478bd9Sstevel@tonic-gate fr_natunload(); 303*7c478bd9Sstevel@tonic-gate appr_unload(); 304*7c478bd9Sstevel@tonic-gate 305*7c478bd9Sstevel@tonic-gate i = frflush(IPL_LOGIPF, FR_INQUE|FR_OUTQUE|FR_INACTIVE); 306*7c478bd9Sstevel@tonic-gate i += frflush(IPL_LOGIPF, FR_INQUE|FR_OUTQUE); 307*7c478bd9Sstevel@tonic-gate 308*7c478bd9Sstevel@tonic-gate ip_lookup_unload(); 309*7c478bd9Sstevel@tonic-gate 310*7c478bd9Sstevel@tonic-gate return 0; 311*7c478bd9Sstevel@tonic-gate } 312*7c478bd9Sstevel@tonic-gate 313*7c478bd9Sstevel@tonic-gate 314*7c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 315*7c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 316*7c478bd9Sstevel@tonic-gate defined(__osf__) 317*7c478bd9Sstevel@tonic-gate int ipftestioctl(int dev, ioctlcmd_t cmd, ...) 318*7c478bd9Sstevel@tonic-gate { 319*7c478bd9Sstevel@tonic-gate caddr_t data; 320*7c478bd9Sstevel@tonic-gate va_list ap; 321*7c478bd9Sstevel@tonic-gate int i; 322*7c478bd9Sstevel@tonic-gate 323*7c478bd9Sstevel@tonic-gate va_start(ap, cmd); 324*7c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 325*7c478bd9Sstevel@tonic-gate va_end(ap); 326*7c478bd9Sstevel@tonic-gate 327*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 328*7c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 329*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", 330*7c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 331*7c478bd9Sstevel@tonic-gate return i; 332*7c478bd9Sstevel@tonic-gate } 333*7c478bd9Sstevel@tonic-gate 334*7c478bd9Sstevel@tonic-gate 335*7c478bd9Sstevel@tonic-gate int ipnattestioctl(int dev, ioctlcmd_t cmd, ...) 336*7c478bd9Sstevel@tonic-gate { 337*7c478bd9Sstevel@tonic-gate caddr_t data; 338*7c478bd9Sstevel@tonic-gate va_list ap; 339*7c478bd9Sstevel@tonic-gate int i; 340*7c478bd9Sstevel@tonic-gate 341*7c478bd9Sstevel@tonic-gate va_start(ap, cmd); 342*7c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 343*7c478bd9Sstevel@tonic-gate va_end(ap); 344*7c478bd9Sstevel@tonic-gate 345*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 346*7c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 347*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", 348*7c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 349*7c478bd9Sstevel@tonic-gate return i; 350*7c478bd9Sstevel@tonic-gate } 351*7c478bd9Sstevel@tonic-gate 352*7c478bd9Sstevel@tonic-gate 353*7c478bd9Sstevel@tonic-gate int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...) 354*7c478bd9Sstevel@tonic-gate { 355*7c478bd9Sstevel@tonic-gate caddr_t data; 356*7c478bd9Sstevel@tonic-gate va_list ap; 357*7c478bd9Sstevel@tonic-gate int i; 358*7c478bd9Sstevel@tonic-gate 359*7c478bd9Sstevel@tonic-gate va_start(ap, cmd); 360*7c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 361*7c478bd9Sstevel@tonic-gate va_end(ap); 362*7c478bd9Sstevel@tonic-gate 363*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 364*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 365*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", 366*7c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 367*7c478bd9Sstevel@tonic-gate return i; 368*7c478bd9Sstevel@tonic-gate } 369*7c478bd9Sstevel@tonic-gate 370*7c478bd9Sstevel@tonic-gate 371*7c478bd9Sstevel@tonic-gate int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...) 372*7c478bd9Sstevel@tonic-gate { 373*7c478bd9Sstevel@tonic-gate caddr_t data; 374*7c478bd9Sstevel@tonic-gate va_list ap; 375*7c478bd9Sstevel@tonic-gate int i; 376*7c478bd9Sstevel@tonic-gate 377*7c478bd9Sstevel@tonic-gate va_start(ap, cmd); 378*7c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 379*7c478bd9Sstevel@tonic-gate va_end(ap); 380*7c478bd9Sstevel@tonic-gate 381*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 382*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 383*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", 384*7c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 385*7c478bd9Sstevel@tonic-gate return i; 386*7c478bd9Sstevel@tonic-gate } 387*7c478bd9Sstevel@tonic-gate 388*7c478bd9Sstevel@tonic-gate 389*7c478bd9Sstevel@tonic-gate int ipscantestioctl(int dev, ioctlcmd_t cmd, ...) 390*7c478bd9Sstevel@tonic-gate { 391*7c478bd9Sstevel@tonic-gate caddr_t data; 392*7c478bd9Sstevel@tonic-gate va_list ap; 393*7c478bd9Sstevel@tonic-gate int i; 394*7c478bd9Sstevel@tonic-gate 395*7c478bd9Sstevel@tonic-gate va_start(ap, cmd); 396*7c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 397*7c478bd9Sstevel@tonic-gate va_end(ap); 398*7c478bd9Sstevel@tonic-gate 399*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 400*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 401*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", 402*7c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 403*7c478bd9Sstevel@tonic-gate return i; 404*7c478bd9Sstevel@tonic-gate } 405*7c478bd9Sstevel@tonic-gate 406*7c478bd9Sstevel@tonic-gate 407*7c478bd9Sstevel@tonic-gate int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...) 408*7c478bd9Sstevel@tonic-gate { 409*7c478bd9Sstevel@tonic-gate caddr_t data; 410*7c478bd9Sstevel@tonic-gate va_list ap; 411*7c478bd9Sstevel@tonic-gate int i; 412*7c478bd9Sstevel@tonic-gate 413*7c478bd9Sstevel@tonic-gate va_start(ap, cmd); 414*7c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 415*7c478bd9Sstevel@tonic-gate va_end(ap); 416*7c478bd9Sstevel@tonic-gate 417*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 418*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 419*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", 420*7c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 421*7c478bd9Sstevel@tonic-gate return i; 422*7c478bd9Sstevel@tonic-gate } 423*7c478bd9Sstevel@tonic-gate 424*7c478bd9Sstevel@tonic-gate 425*7c478bd9Sstevel@tonic-gate int ipooltestioctl(int dev, ioctlcmd_t cmd, ...) 426*7c478bd9Sstevel@tonic-gate { 427*7c478bd9Sstevel@tonic-gate caddr_t data; 428*7c478bd9Sstevel@tonic-gate va_list ap; 429*7c478bd9Sstevel@tonic-gate int i; 430*7c478bd9Sstevel@tonic-gate 431*7c478bd9Sstevel@tonic-gate va_start(ap, cmd); 432*7c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 433*7c478bd9Sstevel@tonic-gate va_end(ap); 434*7c478bd9Sstevel@tonic-gate 435*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 436*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 437*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", 438*7c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 439*7c478bd9Sstevel@tonic-gate return i; 440*7c478bd9Sstevel@tonic-gate } 441*7c478bd9Sstevel@tonic-gate #else 442*7c478bd9Sstevel@tonic-gate int ipftestioctl(dev, cmd, data) 443*7c478bd9Sstevel@tonic-gate dev_t dev; 444*7c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 445*7c478bd9Sstevel@tonic-gate void *data; 446*7c478bd9Sstevel@tonic-gate { 447*7c478bd9Sstevel@tonic-gate int i; 448*7c478bd9Sstevel@tonic-gate 449*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 450*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 451*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", cmd, data, i); 452*7c478bd9Sstevel@tonic-gate return i; 453*7c478bd9Sstevel@tonic-gate } 454*7c478bd9Sstevel@tonic-gate 455*7c478bd9Sstevel@tonic-gate 456*7c478bd9Sstevel@tonic-gate int ipnattestioctl(dev, cmd, data) 457*7c478bd9Sstevel@tonic-gate dev_t dev; 458*7c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 459*7c478bd9Sstevel@tonic-gate void *data; 460*7c478bd9Sstevel@tonic-gate { 461*7c478bd9Sstevel@tonic-gate int i; 462*7c478bd9Sstevel@tonic-gate 463*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 464*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 465*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", cmd, data, i); 466*7c478bd9Sstevel@tonic-gate return i; 467*7c478bd9Sstevel@tonic-gate } 468*7c478bd9Sstevel@tonic-gate 469*7c478bd9Sstevel@tonic-gate 470*7c478bd9Sstevel@tonic-gate int ipstatetestioctl(dev, cmd, data) 471*7c478bd9Sstevel@tonic-gate dev_t dev; 472*7c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 473*7c478bd9Sstevel@tonic-gate void *data; 474*7c478bd9Sstevel@tonic-gate { 475*7c478bd9Sstevel@tonic-gate int i; 476*7c478bd9Sstevel@tonic-gate 477*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 478*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 479*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", cmd, data, i); 480*7c478bd9Sstevel@tonic-gate return i; 481*7c478bd9Sstevel@tonic-gate } 482*7c478bd9Sstevel@tonic-gate 483*7c478bd9Sstevel@tonic-gate 484*7c478bd9Sstevel@tonic-gate int ipauthtestioctl(dev, cmd, data) 485*7c478bd9Sstevel@tonic-gate dev_t dev; 486*7c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 487*7c478bd9Sstevel@tonic-gate void *data; 488*7c478bd9Sstevel@tonic-gate { 489*7c478bd9Sstevel@tonic-gate int i; 490*7c478bd9Sstevel@tonic-gate 491*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 492*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 493*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", cmd, data, i); 494*7c478bd9Sstevel@tonic-gate return i; 495*7c478bd9Sstevel@tonic-gate } 496*7c478bd9Sstevel@tonic-gate 497*7c478bd9Sstevel@tonic-gate 498*7c478bd9Sstevel@tonic-gate int ipsynctestioctl(dev, cmd, data) 499*7c478bd9Sstevel@tonic-gate dev_t dev; 500*7c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 501*7c478bd9Sstevel@tonic-gate void *data; 502*7c478bd9Sstevel@tonic-gate { 503*7c478bd9Sstevel@tonic-gate int i; 504*7c478bd9Sstevel@tonic-gate 505*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 506*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 507*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", cmd, data, i); 508*7c478bd9Sstevel@tonic-gate return i; 509*7c478bd9Sstevel@tonic-gate } 510*7c478bd9Sstevel@tonic-gate 511*7c478bd9Sstevel@tonic-gate 512*7c478bd9Sstevel@tonic-gate int ipscantestioctl(dev, cmd, data) 513*7c478bd9Sstevel@tonic-gate dev_t dev; 514*7c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 515*7c478bd9Sstevel@tonic-gate void *data; 516*7c478bd9Sstevel@tonic-gate { 517*7c478bd9Sstevel@tonic-gate int i; 518*7c478bd9Sstevel@tonic-gate 519*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 520*7c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 521*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", cmd, data, i); 522*7c478bd9Sstevel@tonic-gate return i; 523*7c478bd9Sstevel@tonic-gate } 524*7c478bd9Sstevel@tonic-gate 525*7c478bd9Sstevel@tonic-gate 526*7c478bd9Sstevel@tonic-gate int ipooltestioctl(dev, cmd, data) 527*7c478bd9Sstevel@tonic-gate dev_t dev; 528*7c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 529*7c478bd9Sstevel@tonic-gate void *data; 530*7c478bd9Sstevel@tonic-gate { 531*7c478bd9Sstevel@tonic-gate int i; 532*7c478bd9Sstevel@tonic-gate 533*7c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 534*7c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 535*7c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", cmd, data, i); 536*7c478bd9Sstevel@tonic-gate return i; 537*7c478bd9Sstevel@tonic-gate } 538*7c478bd9Sstevel@tonic-gate #endif 539*7c478bd9Sstevel@tonic-gate 540*7c478bd9Sstevel@tonic-gate 541*7c478bd9Sstevel@tonic-gate int kmemcpy(addr, offset, size) 542*7c478bd9Sstevel@tonic-gate char *addr; 543*7c478bd9Sstevel@tonic-gate long offset; 544*7c478bd9Sstevel@tonic-gate int size; 545*7c478bd9Sstevel@tonic-gate { 546*7c478bd9Sstevel@tonic-gate bcopy((char *)offset, addr, size); 547*7c478bd9Sstevel@tonic-gate return 0; 548*7c478bd9Sstevel@tonic-gate } 549*7c478bd9Sstevel@tonic-gate 550*7c478bd9Sstevel@tonic-gate 551*7c478bd9Sstevel@tonic-gate int kstrncpy(buf, pos, n) 552*7c478bd9Sstevel@tonic-gate char *buf; 553*7c478bd9Sstevel@tonic-gate long pos; 554*7c478bd9Sstevel@tonic-gate int n; 555*7c478bd9Sstevel@tonic-gate { 556*7c478bd9Sstevel@tonic-gate char *ptr; 557*7c478bd9Sstevel@tonic-gate 558*7c478bd9Sstevel@tonic-gate ptr = (char *)pos; 559*7c478bd9Sstevel@tonic-gate 560*7c478bd9Sstevel@tonic-gate while ((n > 0) && (*buf++ = *ptr++)) 561*7c478bd9Sstevel@tonic-gate ; 562*7c478bd9Sstevel@tonic-gate return 0; 563*7c478bd9Sstevel@tonic-gate } 564*7c478bd9Sstevel@tonic-gate 565*7c478bd9Sstevel@tonic-gate 566*7c478bd9Sstevel@tonic-gate /* 567*7c478bd9Sstevel@tonic-gate * Display the built up NAT table rules and mapping entries. 568*7c478bd9Sstevel@tonic-gate */ 569*7c478bd9Sstevel@tonic-gate void dumpnat() 570*7c478bd9Sstevel@tonic-gate { 571*7c478bd9Sstevel@tonic-gate ipnat_t *ipn; 572*7c478bd9Sstevel@tonic-gate nat_t *nat; 573*7c478bd9Sstevel@tonic-gate 574*7c478bd9Sstevel@tonic-gate printf("List of active MAP/Redirect filters:\n"); 575*7c478bd9Sstevel@tonic-gate for (ipn = nat_list; ipn != NULL; ipn = ipn->in_next) 576*7c478bd9Sstevel@tonic-gate printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 577*7c478bd9Sstevel@tonic-gate printf("\nList of active sessions:\n"); 578*7c478bd9Sstevel@tonic-gate for (nat = nat_instances; nat; nat = nat->nat_next) 579*7c478bd9Sstevel@tonic-gate printactivenat(nat, opts); 580*7c478bd9Sstevel@tonic-gate } 581*7c478bd9Sstevel@tonic-gate 582*7c478bd9Sstevel@tonic-gate 583*7c478bd9Sstevel@tonic-gate /* 584*7c478bd9Sstevel@tonic-gate * Display the built up state table rules and mapping entries. 585*7c478bd9Sstevel@tonic-gate */ 586*7c478bd9Sstevel@tonic-gate void dumpstate() 587*7c478bd9Sstevel@tonic-gate { 588*7c478bd9Sstevel@tonic-gate ipstate_t *ips; 589*7c478bd9Sstevel@tonic-gate 590*7c478bd9Sstevel@tonic-gate printf("List of active state sessions:\n"); 591*7c478bd9Sstevel@tonic-gate for (ips = ips_list; ips != NULL; ) 592*7c478bd9Sstevel@tonic-gate ips = printstate(ips, opts & (OPT_DEBUG|OPT_VERBOSE)); 593*7c478bd9Sstevel@tonic-gate } 594*7c478bd9Sstevel@tonic-gate 595*7c478bd9Sstevel@tonic-gate 596*7c478bd9Sstevel@tonic-gate void dumplookups() 597*7c478bd9Sstevel@tonic-gate { 598*7c478bd9Sstevel@tonic-gate iphtable_t *iph; 599*7c478bd9Sstevel@tonic-gate ip_pool_t *ipl; 600*7c478bd9Sstevel@tonic-gate int i; 601*7c478bd9Sstevel@tonic-gate 602*7c478bd9Sstevel@tonic-gate printf("List of configured pools\n"); 603*7c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 604*7c478bd9Sstevel@tonic-gate for (ipl = ip_pool_list[i]; ipl != NULL; ipl = ipl->ipo_next) 605*7c478bd9Sstevel@tonic-gate printpool(ipl, bcopywrap, opts); 606*7c478bd9Sstevel@tonic-gate 607*7c478bd9Sstevel@tonic-gate printf("List of configured hash tables\n"); 608*7c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 609*7c478bd9Sstevel@tonic-gate for (iph = ipf_htables[i]; iph != NULL; iph = iph->iph_next) 610*7c478bd9Sstevel@tonic-gate printhash(iph, bcopywrap, opts); 611*7c478bd9Sstevel@tonic-gate } 612*7c478bd9Sstevel@tonic-gate 613*7c478bd9Sstevel@tonic-gate 614*7c478bd9Sstevel@tonic-gate void dumpgroups() 615*7c478bd9Sstevel@tonic-gate { 616*7c478bd9Sstevel@tonic-gate frgroup_t *fg; 617*7c478bd9Sstevel@tonic-gate frentry_t *fr; 618*7c478bd9Sstevel@tonic-gate int i; 619*7c478bd9Sstevel@tonic-gate 620*7c478bd9Sstevel@tonic-gate printf("List of groups configured (set 0)\n"); 621*7c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 622*7c478bd9Sstevel@tonic-gate for (fg = ipfgroups[i][0]; fg != NULL; fg = fg->fg_next) { 623*7c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 624*7c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 625*7c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 626*7c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 627*7c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 628*7c478bd9Sstevel@tonic-gate #else 629*7c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 630*7c478bd9Sstevel@tonic-gate #endif 631*7c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 632*7c478bd9Sstevel@tonic-gate } 633*7c478bd9Sstevel@tonic-gate } 634*7c478bd9Sstevel@tonic-gate 635*7c478bd9Sstevel@tonic-gate printf("List of groups configured (set 1)\n"); 636*7c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 637*7c478bd9Sstevel@tonic-gate for (fg = ipfgroups[i][1]; fg != NULL; fg = fg->fg_next) { 638*7c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 639*7c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 640*7c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 641*7c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 642*7c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 643*7c478bd9Sstevel@tonic-gate #else 644*7c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 645*7c478bd9Sstevel@tonic-gate #endif 646*7c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 647*7c478bd9Sstevel@tonic-gate } 648*7c478bd9Sstevel@tonic-gate } 649*7c478bd9Sstevel@tonic-gate } 650*7c478bd9Sstevel@tonic-gate 651*7c478bd9Sstevel@tonic-gate 652*7c478bd9Sstevel@tonic-gate void drain_log(filename) 653*7c478bd9Sstevel@tonic-gate char *filename; 654*7c478bd9Sstevel@tonic-gate { 655*7c478bd9Sstevel@tonic-gate char buffer[DEFAULT_IPFLOGSIZE]; 656*7c478bd9Sstevel@tonic-gate struct iovec iov; 657*7c478bd9Sstevel@tonic-gate struct uio uio; 658*7c478bd9Sstevel@tonic-gate size_t resid; 659*7c478bd9Sstevel@tonic-gate int fd; 660*7c478bd9Sstevel@tonic-gate 661*7c478bd9Sstevel@tonic-gate fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644); 662*7c478bd9Sstevel@tonic-gate if (fd == -1) { 663*7c478bd9Sstevel@tonic-gate perror("drain_log:open"); 664*7c478bd9Sstevel@tonic-gate return; 665*7c478bd9Sstevel@tonic-gate } 666*7c478bd9Sstevel@tonic-gate 667*7c478bd9Sstevel@tonic-gate while (1) { 668*7c478bd9Sstevel@tonic-gate bzero((char *)&iov, sizeof(iov)); 669*7c478bd9Sstevel@tonic-gate iov.iov_base = buffer; 670*7c478bd9Sstevel@tonic-gate iov.iov_len = sizeof(buffer); 671*7c478bd9Sstevel@tonic-gate 672*7c478bd9Sstevel@tonic-gate bzero((char *)&uio, sizeof(uio)); 673*7c478bd9Sstevel@tonic-gate uio.uio_iov = &iov; 674*7c478bd9Sstevel@tonic-gate uio.uio_iovcnt = 1; 675*7c478bd9Sstevel@tonic-gate uio.uio_resid = iov.iov_len; 676*7c478bd9Sstevel@tonic-gate resid = uio.uio_resid; 677*7c478bd9Sstevel@tonic-gate 678*7c478bd9Sstevel@tonic-gate if (ipflog_read(0, &uio) == 0) { 679*7c478bd9Sstevel@tonic-gate /* 680*7c478bd9Sstevel@tonic-gate * If nothing was read then break out. 681*7c478bd9Sstevel@tonic-gate */ 682*7c478bd9Sstevel@tonic-gate if (uio.uio_resid == resid) 683*7c478bd9Sstevel@tonic-gate break; 684*7c478bd9Sstevel@tonic-gate write(fd, buffer, resid - uio.uio_resid); 685*7c478bd9Sstevel@tonic-gate } else 686*7c478bd9Sstevel@tonic-gate break; 687*7c478bd9Sstevel@tonic-gate } 688*7c478bd9Sstevel@tonic-gate 689*7c478bd9Sstevel@tonic-gate close(fd); 690*7c478bd9Sstevel@tonic-gate } 691*7c478bd9Sstevel@tonic-gate 692*7c478bd9Sstevel@tonic-gate 693*7c478bd9Sstevel@tonic-gate void fixv4sums(m, ip) 694*7c478bd9Sstevel@tonic-gate mb_t *m; 695*7c478bd9Sstevel@tonic-gate ip_t *ip; 696*7c478bd9Sstevel@tonic-gate { 697*7c478bd9Sstevel@tonic-gate u_char *csump, *hdr; 698*7c478bd9Sstevel@tonic-gate 699*7c478bd9Sstevel@tonic-gate ip->ip_sum = 0; 700*7c478bd9Sstevel@tonic-gate ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2); 701*7c478bd9Sstevel@tonic-gate 702*7c478bd9Sstevel@tonic-gate csump = (u_char *)ip; 703*7c478bd9Sstevel@tonic-gate csump += IP_HL(ip) << 2; 704*7c478bd9Sstevel@tonic-gate 705*7c478bd9Sstevel@tonic-gate switch (ip->ip_p) 706*7c478bd9Sstevel@tonic-gate { 707*7c478bd9Sstevel@tonic-gate case IPPROTO_TCP : 708*7c478bd9Sstevel@tonic-gate hdr = csump; 709*7c478bd9Sstevel@tonic-gate csump += offsetof(tcphdr_t, th_sum); 710*7c478bd9Sstevel@tonic-gate break; 711*7c478bd9Sstevel@tonic-gate case IPPROTO_UDP : 712*7c478bd9Sstevel@tonic-gate hdr = csump; 713*7c478bd9Sstevel@tonic-gate csump += offsetof(udphdr_t, uh_sum); 714*7c478bd9Sstevel@tonic-gate break; 715*7c478bd9Sstevel@tonic-gate default : 716*7c478bd9Sstevel@tonic-gate csump = NULL; 717*7c478bd9Sstevel@tonic-gate hdr = NULL; 718*7c478bd9Sstevel@tonic-gate break; 719*7c478bd9Sstevel@tonic-gate } 720*7c478bd9Sstevel@tonic-gate if (hdr != NULL) { 721*7c478bd9Sstevel@tonic-gate *csump = 0; 722*7c478bd9Sstevel@tonic-gate *(u_short *)csump = fr_cksum(m, ip, ip->ip_p, hdr); 723*7c478bd9Sstevel@tonic-gate } 724*7c478bd9Sstevel@tonic-gate } 725