17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * Copyright (C) 1993-2001 by Darren Reed. 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * See the IPFILTER.LICENCE file for details on licencing. 57663b816Sml37995 * 6*ab25eeb5Syz155240 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 77663b816Sml37995 * Use is subject to license terms. 87c478bd9Sstevel@tonic-gate */ 97663b816Sml37995 107663b816Sml37995 #pragma ident "%Z%%M% %I% %E% SMI" 117663b816Sml37995 127c478bd9Sstevel@tonic-gate #include "ipf.h" 137c478bd9Sstevel@tonic-gate #include "ipt.h" 147c478bd9Sstevel@tonic-gate #include <sys/ioctl.h> 157c478bd9Sstevel@tonic-gate #include <sys/file.h> 167c478bd9Sstevel@tonic-gate 177c478bd9Sstevel@tonic-gate #if !defined(lint) 187c478bd9Sstevel@tonic-gate static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed"; 19*ab25eeb5Syz155240 static const char rcsid[] = "@(#)$Id: ipftest.c,v 1.44.2.4 2005/07/16 06:05:28 darrenr Exp $"; 207c478bd9Sstevel@tonic-gate #endif 217c478bd9Sstevel@tonic-gate 227c478bd9Sstevel@tonic-gate extern char *optarg; 237c478bd9Sstevel@tonic-gate extern struct frentry *ipfilter[2][2]; 247c478bd9Sstevel@tonic-gate extern struct ipread snoop, etherf, tcpd, pcap, iptext, iphex; 257c478bd9Sstevel@tonic-gate extern struct ifnet *get_unit __P((char *, int)); 267c478bd9Sstevel@tonic-gate extern void init_ifp __P((void)); 277c478bd9Sstevel@tonic-gate extern ipnat_t *natparse __P((char *, int)); 287c478bd9Sstevel@tonic-gate extern int fr_running; 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate ipfmutex_t ipl_mutex, ipf_authmx, ipf_rw, ipf_stinsert; 317c478bd9Sstevel@tonic-gate ipfmutex_t ipf_nat_new, ipf_natio, ipf_timeoutlock; 32*ab25eeb5Syz155240 ipfrwlock_t ipf_mutex, ipf_global, ipf_ipidfrag, ip_poolrw, ipf_frcache; 337c478bd9Sstevel@tonic-gate ipfrwlock_t ipf_frag, ipf_state, ipf_nat, ipf_natfrag, ipf_auth; 347c478bd9Sstevel@tonic-gate int opts = OPT_DONOTHING; 357c478bd9Sstevel@tonic-gate int use_inet6 = 0; 367c478bd9Sstevel@tonic-gate int pfil_delayed_copy = 0; 377c478bd9Sstevel@tonic-gate int main __P((int, char *[])); 387c478bd9Sstevel@tonic-gate int loadrules __P((char *, int)); 397c478bd9Sstevel@tonic-gate int kmemcpy __P((char *, long, int)); 407c478bd9Sstevel@tonic-gate int kstrncpy __P((char *, long, int n)); 417c478bd9Sstevel@tonic-gate void dumpnat __P((void)); 427c478bd9Sstevel@tonic-gate void dumpstate __P((void)); 437c478bd9Sstevel@tonic-gate void dumplookups __P((void)); 447c478bd9Sstevel@tonic-gate void dumpgroups __P((void)); 457c478bd9Sstevel@tonic-gate void drain_log __P((char *)); 467c478bd9Sstevel@tonic-gate void fixv4sums __P((mb_t *, ip_t *)); 477c478bd9Sstevel@tonic-gate 487c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 497c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 50*ab25eeb5Syz155240 defined(__osf__) || defined(linux) 517c478bd9Sstevel@tonic-gate int ipftestioctl __P((int, ioctlcmd_t, ...)); 527c478bd9Sstevel@tonic-gate int ipnattestioctl __P((int, ioctlcmd_t, ...)); 537c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((int, ioctlcmd_t, ...)); 547c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((int, ioctlcmd_t, ...)); 557c478bd9Sstevel@tonic-gate int ipscantestioctl __P((int, ioctlcmd_t, ...)); 567c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((int, ioctlcmd_t, ...)); 577c478bd9Sstevel@tonic-gate int ipooltestioctl __P((int, ioctlcmd_t, ...)); 587c478bd9Sstevel@tonic-gate #else 597c478bd9Sstevel@tonic-gate int ipftestioctl __P((dev_t, ioctlcmd_t, void *)); 607c478bd9Sstevel@tonic-gate int ipnattestioctl __P((dev_t, ioctlcmd_t, void *)); 617c478bd9Sstevel@tonic-gate int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *)); 627c478bd9Sstevel@tonic-gate int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *)); 637c478bd9Sstevel@tonic-gate int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *)); 647c478bd9Sstevel@tonic-gate int ipscantestioctl __P((dev_t, ioctlcmd_t, void *)); 657c478bd9Sstevel@tonic-gate int ipooltestioctl __P((dev_t, ioctlcmd_t, void *)); 667c478bd9Sstevel@tonic-gate #endif 677c478bd9Sstevel@tonic-gate 687c478bd9Sstevel@tonic-gate static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl, 697c478bd9Sstevel@tonic-gate ipnattestioctl, 707c478bd9Sstevel@tonic-gate ipstatetestioctl, 717c478bd9Sstevel@tonic-gate ipauthtestioctl, 727c478bd9Sstevel@tonic-gate ipsynctestioctl, 737c478bd9Sstevel@tonic-gate ipscantestioctl, 747c478bd9Sstevel@tonic-gate ipooltestioctl, 757c478bd9Sstevel@tonic-gate NULL }; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate 787c478bd9Sstevel@tonic-gate int main(argc,argv) 797c478bd9Sstevel@tonic-gate int argc; 807c478bd9Sstevel@tonic-gate char *argv[]; 817c478bd9Sstevel@tonic-gate { 827c478bd9Sstevel@tonic-gate char *datain, *iface, *ifname, *logout; 837c478bd9Sstevel@tonic-gate int fd, i, dir, c, loaded, dump, hlen; 847c478bd9Sstevel@tonic-gate struct ifnet *ifp; 857c478bd9Sstevel@tonic-gate struct ipread *r; 867c478bd9Sstevel@tonic-gate mb_t mb, *m; 877c478bd9Sstevel@tonic-gate ip_t *ip; 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate m = &mb; 907c478bd9Sstevel@tonic-gate dir = 0; 917c478bd9Sstevel@tonic-gate dump = 0; 927c478bd9Sstevel@tonic-gate hlen = 0; 937c478bd9Sstevel@tonic-gate loaded = 0; 947c478bd9Sstevel@tonic-gate r = &iptext; 957c478bd9Sstevel@tonic-gate iface = NULL; 967c478bd9Sstevel@tonic-gate logout = NULL; 977c478bd9Sstevel@tonic-gate ifname = "anon0"; 987c478bd9Sstevel@tonic-gate datain = NULL; 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate MUTEX_INIT(&ipf_rw, "ipf rw mutex"); 1017c478bd9Sstevel@tonic-gate MUTEX_INIT(&ipf_timeoutlock, "ipf timeout lock"); 1027c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_global, "ipf filter load/unload mutex"); 1037c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_mutex, "ipf filter rwlock"); 104*ab25eeb5Syz155240 RWLOCK_INIT(&ipf_frcache, "ipf cache rwlock"); 1057c478bd9Sstevel@tonic-gate RWLOCK_INIT(&ipf_ipidfrag, "ipf IP NAT-Frag rwlock"); 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate initparse(); 108*ab25eeb5Syz155240 if (fr_initialise() == -1) 109*ab25eeb5Syz155240 abort(); 1107c478bd9Sstevel@tonic-gate fr_running = 1; 1117c478bd9Sstevel@tonic-gate 112*ab25eeb5Syz155240 while ((c = getopt(argc, argv, "6bdDF:i:I:l:N:P:or:RT:vxX")) != -1) 1137c478bd9Sstevel@tonic-gate switch (c) 1147c478bd9Sstevel@tonic-gate { 1157c478bd9Sstevel@tonic-gate case '6' : 1167c478bd9Sstevel@tonic-gate #ifdef USE_INET6 1177c478bd9Sstevel@tonic-gate use_inet6 = 1; 1187c478bd9Sstevel@tonic-gate #else 1197c478bd9Sstevel@tonic-gate fprintf(stderr, "IPv6 not supported\n"); 1207c478bd9Sstevel@tonic-gate exit(1); 1217c478bd9Sstevel@tonic-gate #endif 1227c478bd9Sstevel@tonic-gate break; 1237c478bd9Sstevel@tonic-gate case 'b' : 1247c478bd9Sstevel@tonic-gate opts |= OPT_BRIEF; 1257c478bd9Sstevel@tonic-gate break; 1267c478bd9Sstevel@tonic-gate case 'd' : 1277c478bd9Sstevel@tonic-gate opts |= OPT_DEBUG; 1287c478bd9Sstevel@tonic-gate break; 1297c478bd9Sstevel@tonic-gate case 'D' : 1307c478bd9Sstevel@tonic-gate dump = 1; 1317c478bd9Sstevel@tonic-gate break; 1327c478bd9Sstevel@tonic-gate case 'F' : 1337c478bd9Sstevel@tonic-gate if (strcasecmp(optarg, "pcap") == 0) 1347c478bd9Sstevel@tonic-gate r = &pcap; 1357c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "etherfind") == 0) 1367c478bd9Sstevel@tonic-gate r = ðerf; 1377c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "snoop") == 0) 1387c478bd9Sstevel@tonic-gate r = &snoop; 1397c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "tcpdump") == 0) 1407c478bd9Sstevel@tonic-gate r = &tcpd; 1417c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "hex") == 0) 1427c478bd9Sstevel@tonic-gate r = &iphex; 1437c478bd9Sstevel@tonic-gate else if (strcasecmp(optarg, "text") == 0) 1447c478bd9Sstevel@tonic-gate r = &iptext; 1457c478bd9Sstevel@tonic-gate break; 1467c478bd9Sstevel@tonic-gate case 'i' : 1477c478bd9Sstevel@tonic-gate datain = optarg; 1487c478bd9Sstevel@tonic-gate break; 1497c478bd9Sstevel@tonic-gate case 'I' : 1507c478bd9Sstevel@tonic-gate ifname = optarg; 1517c478bd9Sstevel@tonic-gate break; 1527c478bd9Sstevel@tonic-gate case 'l' : 1537c478bd9Sstevel@tonic-gate logout = optarg; 1547c478bd9Sstevel@tonic-gate break; 1557c478bd9Sstevel@tonic-gate case 'o' : 1567c478bd9Sstevel@tonic-gate opts |= OPT_SAVEOUT; 1577c478bd9Sstevel@tonic-gate break; 1587c478bd9Sstevel@tonic-gate case 'r' : 1597c478bd9Sstevel@tonic-gate if (ipf_parsefile(-1, ipf_addrule, iocfunctions, 1607c478bd9Sstevel@tonic-gate optarg) == -1) 1617c478bd9Sstevel@tonic-gate return -1; 1627c478bd9Sstevel@tonic-gate loaded = 1; 1637c478bd9Sstevel@tonic-gate break; 164*ab25eeb5Syz155240 case 'R' : 165*ab25eeb5Syz155240 opts |= OPT_NORESOLVE; 166*ab25eeb5Syz155240 break; 1677c478bd9Sstevel@tonic-gate case 'v' : 1687c478bd9Sstevel@tonic-gate opts |= OPT_VERBOSE; 1697c478bd9Sstevel@tonic-gate break; 1707c478bd9Sstevel@tonic-gate case 'N' : 1717c478bd9Sstevel@tonic-gate if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl, 1727c478bd9Sstevel@tonic-gate optarg) == -1) 1737c478bd9Sstevel@tonic-gate return -1; 1747c478bd9Sstevel@tonic-gate loaded = 1; 1757c478bd9Sstevel@tonic-gate opts |= OPT_NAT; 1767c478bd9Sstevel@tonic-gate break; 1777c478bd9Sstevel@tonic-gate case 'P' : 1787c478bd9Sstevel@tonic-gate if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1) 1797c478bd9Sstevel@tonic-gate return -1; 1807c478bd9Sstevel@tonic-gate loaded = 1; 1817c478bd9Sstevel@tonic-gate break; 182*ab25eeb5Syz155240 case 'T' : 183*ab25eeb5Syz155240 ipf_dotuning(-1, optarg, ipftestioctl); 184*ab25eeb5Syz155240 break; 1857c478bd9Sstevel@tonic-gate case 'x' : 1867c478bd9Sstevel@tonic-gate opts |= OPT_HEX; 1877c478bd9Sstevel@tonic-gate break; 1887c478bd9Sstevel@tonic-gate } 1897c478bd9Sstevel@tonic-gate 1907c478bd9Sstevel@tonic-gate if (loaded == 0) { 1917c478bd9Sstevel@tonic-gate (void)fprintf(stderr,"no rules loaded\n"); 1927c478bd9Sstevel@tonic-gate exit(-1); 1937c478bd9Sstevel@tonic-gate } 1947c478bd9Sstevel@tonic-gate 1957c478bd9Sstevel@tonic-gate if (opts & OPT_SAVEOUT) 1967c478bd9Sstevel@tonic-gate init_ifp(); 1977c478bd9Sstevel@tonic-gate 1987c478bd9Sstevel@tonic-gate if (datain) 1997c478bd9Sstevel@tonic-gate fd = (*r->r_open)(datain); 2007c478bd9Sstevel@tonic-gate else 2017c478bd9Sstevel@tonic-gate fd = (*r->r_open)("-"); 2027c478bd9Sstevel@tonic-gate 2037c478bd9Sstevel@tonic-gate if (fd < 0) 2047c478bd9Sstevel@tonic-gate exit(-1); 2057c478bd9Sstevel@tonic-gate 2067c478bd9Sstevel@tonic-gate ip = MTOD(m, ip_t *); 2077c478bd9Sstevel@tonic-gate while ((i = (*r->r_readip)(MTOD(m, char *), sizeof(m->mb_buf), 2087c478bd9Sstevel@tonic-gate &iface, &dir)) > 0) { 2097c478bd9Sstevel@tonic-gate if (iface == NULL || *iface == '\0') 2107c478bd9Sstevel@tonic-gate iface = ifname; 2117c478bd9Sstevel@tonic-gate ifp = get_unit(iface, IP_V(ip)); 2125e985db5Sschuster if (ifp == NULL) { 2135e985db5Sschuster fprintf(stderr, "out of memory\n"); 2145e985db5Sschuster exit(1); 2155e985db5Sschuster } 2167c478bd9Sstevel@tonic-gate if (!use_inet6) { 2177c478bd9Sstevel@tonic-gate ip->ip_off = ntohs(ip->ip_off); 2187c478bd9Sstevel@tonic-gate ip->ip_len = ntohs(ip->ip_len); 2197c478bd9Sstevel@tonic-gate if (r->r_flags & R_DO_CKSUM) 2207c478bd9Sstevel@tonic-gate fixv4sums(m, ip); 2217c478bd9Sstevel@tonic-gate hlen = IP_HL(ip) << 2; 2227c478bd9Sstevel@tonic-gate } 2237c478bd9Sstevel@tonic-gate #ifdef USE_INET6 2247c478bd9Sstevel@tonic-gate else 2257c478bd9Sstevel@tonic-gate hlen = sizeof(ip6_t); 2267c478bd9Sstevel@tonic-gate #endif 2277c478bd9Sstevel@tonic-gate /* ipfr_slowtimer(); */ 2287c478bd9Sstevel@tonic-gate m = &mb; 2297c478bd9Sstevel@tonic-gate m->mb_len = i; 2307c478bd9Sstevel@tonic-gate i = fr_check(ip, hlen, ifp, dir, &m); 2317c478bd9Sstevel@tonic-gate if ((opts & OPT_NAT) == 0) 2327c478bd9Sstevel@tonic-gate switch (i) 2337c478bd9Sstevel@tonic-gate { 2347c478bd9Sstevel@tonic-gate case -4 : 2357c478bd9Sstevel@tonic-gate (void)printf("preauth"); 2367c478bd9Sstevel@tonic-gate break; 2377c478bd9Sstevel@tonic-gate case -3 : 2387c478bd9Sstevel@tonic-gate (void)printf("account"); 2397c478bd9Sstevel@tonic-gate break; 2407c478bd9Sstevel@tonic-gate case -2 : 2417c478bd9Sstevel@tonic-gate (void)printf("auth"); 2427c478bd9Sstevel@tonic-gate break; 2437c478bd9Sstevel@tonic-gate case -1 : 2447c478bd9Sstevel@tonic-gate (void)printf("block"); 2457c478bd9Sstevel@tonic-gate break; 2467c478bd9Sstevel@tonic-gate case 0 : 2477c478bd9Sstevel@tonic-gate (void)printf("pass"); 2487c478bd9Sstevel@tonic-gate break; 2497c478bd9Sstevel@tonic-gate case 1 : 2507c478bd9Sstevel@tonic-gate (void)printf("nomatch"); 2517c478bd9Sstevel@tonic-gate break; 2527c478bd9Sstevel@tonic-gate case 3 : 2537c478bd9Sstevel@tonic-gate (void)printf("block return-rst"); 2547c478bd9Sstevel@tonic-gate break; 2557c478bd9Sstevel@tonic-gate case 4 : 2567c478bd9Sstevel@tonic-gate (void)printf("block return-icmp"); 2577c478bd9Sstevel@tonic-gate break; 2587c478bd9Sstevel@tonic-gate case 5 : 2597c478bd9Sstevel@tonic-gate (void)printf("block return-icmp-as-dest"); 2607c478bd9Sstevel@tonic-gate break; 2617c478bd9Sstevel@tonic-gate default : 2627c478bd9Sstevel@tonic-gate (void)printf("recognised return %#x\n", i); 2637c478bd9Sstevel@tonic-gate break; 2647c478bd9Sstevel@tonic-gate } 2657c478bd9Sstevel@tonic-gate if (!use_inet6) { 2667c478bd9Sstevel@tonic-gate ip->ip_off = htons(ip->ip_off); 2677c478bd9Sstevel@tonic-gate ip->ip_len = htons(ip->ip_len); 2687c478bd9Sstevel@tonic-gate } 2697c478bd9Sstevel@tonic-gate 2707c478bd9Sstevel@tonic-gate if (!(opts & OPT_BRIEF)) { 2717c478bd9Sstevel@tonic-gate putchar(' '); 2727c478bd9Sstevel@tonic-gate printpacket(ip); 2737c478bd9Sstevel@tonic-gate printf("--------------"); 2747c478bd9Sstevel@tonic-gate } else if ((opts & (OPT_BRIEF|OPT_NAT)) == (OPT_NAT|OPT_BRIEF)) 2757c478bd9Sstevel@tonic-gate printpacket(ip); 2767c478bd9Sstevel@tonic-gate if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL)) 277*ab25eeb5Syz155240 #if defined(__sgi) && (IRIX < 60500) 2787c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL); 2797c478bd9Sstevel@tonic-gate #else 2807c478bd9Sstevel@tonic-gate # if TRU64 >= 1885 2817c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0); 2827c478bd9Sstevel@tonic-gate # else 2837c478bd9Sstevel@tonic-gate (*ifp->if_output)(ifp, (void *)m, NULL, 0); 2847c478bd9Sstevel@tonic-gate # endif 2857c478bd9Sstevel@tonic-gate #endif 2867c478bd9Sstevel@tonic-gate if ((opts & (OPT_BRIEF|OPT_NAT)) != (OPT_NAT|OPT_BRIEF)) 2877c478bd9Sstevel@tonic-gate putchar('\n'); 2887c478bd9Sstevel@tonic-gate dir = 0; 2897c478bd9Sstevel@tonic-gate if (iface != ifname) { 2907c478bd9Sstevel@tonic-gate free(iface); 2917c478bd9Sstevel@tonic-gate iface = ifname; 2927c478bd9Sstevel@tonic-gate } 2937c478bd9Sstevel@tonic-gate m = &mb; 2947c478bd9Sstevel@tonic-gate } 2957c478bd9Sstevel@tonic-gate (*r->r_close)(); 2967c478bd9Sstevel@tonic-gate 2977c478bd9Sstevel@tonic-gate if (logout != NULL) { 2987c478bd9Sstevel@tonic-gate drain_log(logout); 2997c478bd9Sstevel@tonic-gate } 3007c478bd9Sstevel@tonic-gate 3017c478bd9Sstevel@tonic-gate if (dump == 1) { 3027c478bd9Sstevel@tonic-gate dumpnat(); 3037c478bd9Sstevel@tonic-gate dumpstate(); 3047c478bd9Sstevel@tonic-gate dumplookups(); 3057c478bd9Sstevel@tonic-gate dumpgroups(); 3067c478bd9Sstevel@tonic-gate } 3077c478bd9Sstevel@tonic-gate 308*ab25eeb5Syz155240 fr_deinitialise(); 3097c478bd9Sstevel@tonic-gate 3107c478bd9Sstevel@tonic-gate return 0; 3117c478bd9Sstevel@tonic-gate } 3127c478bd9Sstevel@tonic-gate 3137c478bd9Sstevel@tonic-gate 3147c478bd9Sstevel@tonic-gate #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 3157c478bd9Sstevel@tonic-gate (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 316*ab25eeb5Syz155240 defined(__osf__) || defined(linux) 3177c478bd9Sstevel@tonic-gate int ipftestioctl(int dev, ioctlcmd_t cmd, ...) 3187c478bd9Sstevel@tonic-gate { 3197c478bd9Sstevel@tonic-gate caddr_t data; 3207c478bd9Sstevel@tonic-gate va_list ap; 3217c478bd9Sstevel@tonic-gate int i; 3227c478bd9Sstevel@tonic-gate 3237c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3247c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3257c478bd9Sstevel@tonic-gate va_end(ap); 3267c478bd9Sstevel@tonic-gate 3277c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 3287c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 3297c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", 3307c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 331*ab25eeb5Syz155240 if (i != 0) { 332*ab25eeb5Syz155240 errno = i; 333*ab25eeb5Syz155240 return -1; 334*ab25eeb5Syz155240 } 335*ab25eeb5Syz155240 return 0; 3367c478bd9Sstevel@tonic-gate } 3377c478bd9Sstevel@tonic-gate 3387c478bd9Sstevel@tonic-gate 3397c478bd9Sstevel@tonic-gate int ipnattestioctl(int dev, ioctlcmd_t cmd, ...) 3407c478bd9Sstevel@tonic-gate { 3417c478bd9Sstevel@tonic-gate caddr_t data; 3427c478bd9Sstevel@tonic-gate va_list ap; 3437c478bd9Sstevel@tonic-gate int i; 3447c478bd9Sstevel@tonic-gate 3457c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3467c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3477c478bd9Sstevel@tonic-gate va_end(ap); 3487c478bd9Sstevel@tonic-gate 3497c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 3507c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 3517c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", 3527c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 353*ab25eeb5Syz155240 if (i != 0) { 354*ab25eeb5Syz155240 errno = i; 355*ab25eeb5Syz155240 return -1; 356*ab25eeb5Syz155240 } 357*ab25eeb5Syz155240 return 0; 3587c478bd9Sstevel@tonic-gate } 3597c478bd9Sstevel@tonic-gate 3607c478bd9Sstevel@tonic-gate 3617c478bd9Sstevel@tonic-gate int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...) 3627c478bd9Sstevel@tonic-gate { 3637c478bd9Sstevel@tonic-gate caddr_t data; 3647c478bd9Sstevel@tonic-gate va_list ap; 3657c478bd9Sstevel@tonic-gate int i; 3667c478bd9Sstevel@tonic-gate 3677c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3687c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3697c478bd9Sstevel@tonic-gate va_end(ap); 3707c478bd9Sstevel@tonic-gate 3717c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 3727c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 3737c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", 3747c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 375*ab25eeb5Syz155240 if (i != 0) { 376*ab25eeb5Syz155240 errno = i; 377*ab25eeb5Syz155240 return -1; 378*ab25eeb5Syz155240 } 379*ab25eeb5Syz155240 return 0; 3807c478bd9Sstevel@tonic-gate } 3817c478bd9Sstevel@tonic-gate 3827c478bd9Sstevel@tonic-gate 3837c478bd9Sstevel@tonic-gate int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...) 3847c478bd9Sstevel@tonic-gate { 3857c478bd9Sstevel@tonic-gate caddr_t data; 3867c478bd9Sstevel@tonic-gate va_list ap; 3877c478bd9Sstevel@tonic-gate int i; 3887c478bd9Sstevel@tonic-gate 3897c478bd9Sstevel@tonic-gate va_start(ap, cmd); 3907c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 3917c478bd9Sstevel@tonic-gate va_end(ap); 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 3947c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 3957c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", 3967c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 397*ab25eeb5Syz155240 if (i != 0) { 398*ab25eeb5Syz155240 errno = i; 399*ab25eeb5Syz155240 return -1; 400*ab25eeb5Syz155240 } 401*ab25eeb5Syz155240 return 0; 4027c478bd9Sstevel@tonic-gate } 4037c478bd9Sstevel@tonic-gate 4047c478bd9Sstevel@tonic-gate 4057c478bd9Sstevel@tonic-gate int ipscantestioctl(int dev, ioctlcmd_t cmd, ...) 4067c478bd9Sstevel@tonic-gate { 4077c478bd9Sstevel@tonic-gate caddr_t data; 4087c478bd9Sstevel@tonic-gate va_list ap; 4097c478bd9Sstevel@tonic-gate int i; 4107c478bd9Sstevel@tonic-gate 4117c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4127c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4137c478bd9Sstevel@tonic-gate va_end(ap); 4147c478bd9Sstevel@tonic-gate 4157c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 4167c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4177c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", 4187c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 419*ab25eeb5Syz155240 if (i != 0) { 420*ab25eeb5Syz155240 errno = i; 421*ab25eeb5Syz155240 return -1; 422*ab25eeb5Syz155240 } 423*ab25eeb5Syz155240 return 0; 4247c478bd9Sstevel@tonic-gate } 4257c478bd9Sstevel@tonic-gate 4267c478bd9Sstevel@tonic-gate 4277c478bd9Sstevel@tonic-gate int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...) 4287c478bd9Sstevel@tonic-gate { 4297c478bd9Sstevel@tonic-gate caddr_t data; 4307c478bd9Sstevel@tonic-gate va_list ap; 4317c478bd9Sstevel@tonic-gate int i; 4327c478bd9Sstevel@tonic-gate 4337c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4347c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4357c478bd9Sstevel@tonic-gate va_end(ap); 4367c478bd9Sstevel@tonic-gate 4377c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 4387c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4397c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", 4407c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 441*ab25eeb5Syz155240 if (i != 0) { 442*ab25eeb5Syz155240 errno = i; 443*ab25eeb5Syz155240 return -1; 444*ab25eeb5Syz155240 } 445*ab25eeb5Syz155240 return 0; 4467c478bd9Sstevel@tonic-gate } 4477c478bd9Sstevel@tonic-gate 4487c478bd9Sstevel@tonic-gate 4497c478bd9Sstevel@tonic-gate int ipooltestioctl(int dev, ioctlcmd_t cmd, ...) 4507c478bd9Sstevel@tonic-gate { 4517c478bd9Sstevel@tonic-gate caddr_t data; 4527c478bd9Sstevel@tonic-gate va_list ap; 4537c478bd9Sstevel@tonic-gate int i; 4547c478bd9Sstevel@tonic-gate 4557c478bd9Sstevel@tonic-gate va_start(ap, cmd); 4567c478bd9Sstevel@tonic-gate data = va_arg(ap, caddr_t); 4577c478bd9Sstevel@tonic-gate va_end(ap); 4587c478bd9Sstevel@tonic-gate 4597c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 4607c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4617c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", 4627c478bd9Sstevel@tonic-gate (u_int)cmd, data, i); 463*ab25eeb5Syz155240 if (i != 0) { 464*ab25eeb5Syz155240 errno = i; 465*ab25eeb5Syz155240 return -1; 466*ab25eeb5Syz155240 } 467*ab25eeb5Syz155240 return 0; 4687c478bd9Sstevel@tonic-gate } 4697c478bd9Sstevel@tonic-gate #else 4707c478bd9Sstevel@tonic-gate int ipftestioctl(dev, cmd, data) 4717c478bd9Sstevel@tonic-gate dev_t dev; 4727c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 4737c478bd9Sstevel@tonic-gate void *data; 4747c478bd9Sstevel@tonic-gate { 4757c478bd9Sstevel@tonic-gate int i; 4767c478bd9Sstevel@tonic-gate 4777c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 4787c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4797c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", cmd, data, i); 480*ab25eeb5Syz155240 if (i != 0) { 481*ab25eeb5Syz155240 errno = i; 482*ab25eeb5Syz155240 return -1; 483*ab25eeb5Syz155240 } 484*ab25eeb5Syz155240 return 0; 4857c478bd9Sstevel@tonic-gate } 4867c478bd9Sstevel@tonic-gate 4877c478bd9Sstevel@tonic-gate 4887c478bd9Sstevel@tonic-gate int ipnattestioctl(dev, cmd, data) 4897c478bd9Sstevel@tonic-gate dev_t dev; 4907c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 4917c478bd9Sstevel@tonic-gate void *data; 4927c478bd9Sstevel@tonic-gate { 4937c478bd9Sstevel@tonic-gate int i; 4947c478bd9Sstevel@tonic-gate 4957c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 4967c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 4977c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", cmd, data, i); 498*ab25eeb5Syz155240 if (i != 0) { 499*ab25eeb5Syz155240 errno = i; 500*ab25eeb5Syz155240 return -1; 501*ab25eeb5Syz155240 } 502*ab25eeb5Syz155240 return 0; 5037c478bd9Sstevel@tonic-gate } 5047c478bd9Sstevel@tonic-gate 5057c478bd9Sstevel@tonic-gate 5067c478bd9Sstevel@tonic-gate int ipstatetestioctl(dev, cmd, data) 5077c478bd9Sstevel@tonic-gate dev_t dev; 5087c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5097c478bd9Sstevel@tonic-gate void *data; 5107c478bd9Sstevel@tonic-gate { 5117c478bd9Sstevel@tonic-gate int i; 5127c478bd9Sstevel@tonic-gate 5137c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 5147c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5157c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", cmd, data, i); 516*ab25eeb5Syz155240 if (i != 0) { 517*ab25eeb5Syz155240 errno = i; 518*ab25eeb5Syz155240 return -1; 519*ab25eeb5Syz155240 } 520*ab25eeb5Syz155240 return 0; 5217c478bd9Sstevel@tonic-gate } 5227c478bd9Sstevel@tonic-gate 5237c478bd9Sstevel@tonic-gate 5247c478bd9Sstevel@tonic-gate int ipauthtestioctl(dev, cmd, data) 5257c478bd9Sstevel@tonic-gate dev_t dev; 5267c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5277c478bd9Sstevel@tonic-gate void *data; 5287c478bd9Sstevel@tonic-gate { 5297c478bd9Sstevel@tonic-gate int i; 5307c478bd9Sstevel@tonic-gate 5317c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 5327c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5337c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", cmd, data, i); 534*ab25eeb5Syz155240 if (i != 0) { 535*ab25eeb5Syz155240 errno = i; 536*ab25eeb5Syz155240 return -1; 537*ab25eeb5Syz155240 } 538*ab25eeb5Syz155240 return 0; 5397c478bd9Sstevel@tonic-gate } 5407c478bd9Sstevel@tonic-gate 5417c478bd9Sstevel@tonic-gate 5427c478bd9Sstevel@tonic-gate int ipsynctestioctl(dev, cmd, data) 5437c478bd9Sstevel@tonic-gate dev_t dev; 5447c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5457c478bd9Sstevel@tonic-gate void *data; 5467c478bd9Sstevel@tonic-gate { 5477c478bd9Sstevel@tonic-gate int i; 5487c478bd9Sstevel@tonic-gate 5497c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 5507c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5517c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", cmd, data, i); 552*ab25eeb5Syz155240 if (i != 0) { 553*ab25eeb5Syz155240 errno = i; 554*ab25eeb5Syz155240 return -1; 555*ab25eeb5Syz155240 } 556*ab25eeb5Syz155240 return 0; 5577c478bd9Sstevel@tonic-gate } 5587c478bd9Sstevel@tonic-gate 5597c478bd9Sstevel@tonic-gate 5607c478bd9Sstevel@tonic-gate int ipscantestioctl(dev, cmd, data) 5617c478bd9Sstevel@tonic-gate dev_t dev; 5627c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5637c478bd9Sstevel@tonic-gate void *data; 5647c478bd9Sstevel@tonic-gate { 5657c478bd9Sstevel@tonic-gate int i; 5667c478bd9Sstevel@tonic-gate 5677c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 5687c478bd9Sstevel@tonic-gate if ((opts & OPT_DEBUG) || (i != 0)) 5697c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", cmd, data, i); 570*ab25eeb5Syz155240 if (i != 0) { 571*ab25eeb5Syz155240 errno = i; 572*ab25eeb5Syz155240 return -1; 573*ab25eeb5Syz155240 } 574*ab25eeb5Syz155240 return 0; 5757c478bd9Sstevel@tonic-gate } 5767c478bd9Sstevel@tonic-gate 5777c478bd9Sstevel@tonic-gate 5787c478bd9Sstevel@tonic-gate int ipooltestioctl(dev, cmd, data) 5797c478bd9Sstevel@tonic-gate dev_t dev; 5807c478bd9Sstevel@tonic-gate ioctlcmd_t cmd; 5817c478bd9Sstevel@tonic-gate void *data; 5827c478bd9Sstevel@tonic-gate { 5837c478bd9Sstevel@tonic-gate int i; 5847c478bd9Sstevel@tonic-gate 5857c478bd9Sstevel@tonic-gate i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 5867c478bd9Sstevel@tonic-gate if (opts & OPT_DEBUG) 5877c478bd9Sstevel@tonic-gate fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", cmd, data, i); 588*ab25eeb5Syz155240 if (i != 0) { 589*ab25eeb5Syz155240 errno = i; 590*ab25eeb5Syz155240 return -1; 591*ab25eeb5Syz155240 } 592*ab25eeb5Syz155240 return 0; 5937c478bd9Sstevel@tonic-gate } 5947c478bd9Sstevel@tonic-gate #endif 5957c478bd9Sstevel@tonic-gate 5967c478bd9Sstevel@tonic-gate 5977c478bd9Sstevel@tonic-gate int kmemcpy(addr, offset, size) 5987c478bd9Sstevel@tonic-gate char *addr; 5997c478bd9Sstevel@tonic-gate long offset; 6007c478bd9Sstevel@tonic-gate int size; 6017c478bd9Sstevel@tonic-gate { 6027c478bd9Sstevel@tonic-gate bcopy((char *)offset, addr, size); 6037c478bd9Sstevel@tonic-gate return 0; 6047c478bd9Sstevel@tonic-gate } 6057c478bd9Sstevel@tonic-gate 6067c478bd9Sstevel@tonic-gate 6077c478bd9Sstevel@tonic-gate int kstrncpy(buf, pos, n) 6087c478bd9Sstevel@tonic-gate char *buf; 6097c478bd9Sstevel@tonic-gate long pos; 6107c478bd9Sstevel@tonic-gate int n; 6117c478bd9Sstevel@tonic-gate { 6127c478bd9Sstevel@tonic-gate char *ptr; 6137c478bd9Sstevel@tonic-gate 6147c478bd9Sstevel@tonic-gate ptr = (char *)pos; 6157c478bd9Sstevel@tonic-gate 6167663b816Sml37995 while ((n-- > 0) && (*buf++ = *ptr++)) 6177c478bd9Sstevel@tonic-gate ; 6187c478bd9Sstevel@tonic-gate return 0; 6197c478bd9Sstevel@tonic-gate } 6207c478bd9Sstevel@tonic-gate 6217c478bd9Sstevel@tonic-gate 6227c478bd9Sstevel@tonic-gate /* 6237c478bd9Sstevel@tonic-gate * Display the built up NAT table rules and mapping entries. 6247c478bd9Sstevel@tonic-gate */ 6257c478bd9Sstevel@tonic-gate void dumpnat() 6267c478bd9Sstevel@tonic-gate { 6277c478bd9Sstevel@tonic-gate ipnat_t *ipn; 6287c478bd9Sstevel@tonic-gate nat_t *nat; 6297c478bd9Sstevel@tonic-gate 6307c478bd9Sstevel@tonic-gate printf("List of active MAP/Redirect filters:\n"); 6317c478bd9Sstevel@tonic-gate for (ipn = nat_list; ipn != NULL; ipn = ipn->in_next) 6327c478bd9Sstevel@tonic-gate printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 6337c478bd9Sstevel@tonic-gate printf("\nList of active sessions:\n"); 634*ab25eeb5Syz155240 for (nat = nat_instances; nat; nat = nat->nat_next) { 6357c478bd9Sstevel@tonic-gate printactivenat(nat, opts); 636*ab25eeb5Syz155240 if (nat->nat_aps) 637*ab25eeb5Syz155240 printaps(nat->nat_aps, opts); 638*ab25eeb5Syz155240 } 6397c478bd9Sstevel@tonic-gate } 6407c478bd9Sstevel@tonic-gate 6417c478bd9Sstevel@tonic-gate 6427c478bd9Sstevel@tonic-gate /* 6437c478bd9Sstevel@tonic-gate * Display the built up state table rules and mapping entries. 6447c478bd9Sstevel@tonic-gate */ 6457c478bd9Sstevel@tonic-gate void dumpstate() 6467c478bd9Sstevel@tonic-gate { 6477c478bd9Sstevel@tonic-gate ipstate_t *ips; 6487c478bd9Sstevel@tonic-gate 6497c478bd9Sstevel@tonic-gate printf("List of active state sessions:\n"); 6507c478bd9Sstevel@tonic-gate for (ips = ips_list; ips != NULL; ) 651*ab25eeb5Syz155240 ips = printstate(ips, opts & (OPT_DEBUG|OPT_VERBOSE), 652*ab25eeb5Syz155240 fr_ticks); 6537c478bd9Sstevel@tonic-gate } 6547c478bd9Sstevel@tonic-gate 6557c478bd9Sstevel@tonic-gate 6567c478bd9Sstevel@tonic-gate void dumplookups() 6577c478bd9Sstevel@tonic-gate { 6587c478bd9Sstevel@tonic-gate iphtable_t *iph; 6597c478bd9Sstevel@tonic-gate ip_pool_t *ipl; 6607c478bd9Sstevel@tonic-gate int i; 6617c478bd9Sstevel@tonic-gate 6627c478bd9Sstevel@tonic-gate printf("List of configured pools\n"); 6637c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6647c478bd9Sstevel@tonic-gate for (ipl = ip_pool_list[i]; ipl != NULL; ipl = ipl->ipo_next) 665*ab25eeb5Syz155240 printpool(ipl, bcopywrap, NULL, opts); 6667c478bd9Sstevel@tonic-gate 6677c478bd9Sstevel@tonic-gate printf("List of configured hash tables\n"); 6687c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6697c478bd9Sstevel@tonic-gate for (iph = ipf_htables[i]; iph != NULL; iph = iph->iph_next) 670*ab25eeb5Syz155240 printhash(iph, bcopywrap, NULL, opts); 6717c478bd9Sstevel@tonic-gate } 6727c478bd9Sstevel@tonic-gate 6737c478bd9Sstevel@tonic-gate 6747c478bd9Sstevel@tonic-gate void dumpgroups() 6757c478bd9Sstevel@tonic-gate { 6767c478bd9Sstevel@tonic-gate frgroup_t *fg; 6777c478bd9Sstevel@tonic-gate frentry_t *fr; 6787c478bd9Sstevel@tonic-gate int i; 6797c478bd9Sstevel@tonic-gate 6807c478bd9Sstevel@tonic-gate printf("List of groups configured (set 0)\n"); 6817c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6827c478bd9Sstevel@tonic-gate for (fg = ipfgroups[i][0]; fg != NULL; fg = fg->fg_next) { 6837c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 6847c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 6857c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 6867c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 6877c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 6887c478bd9Sstevel@tonic-gate #else 6897c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 6907c478bd9Sstevel@tonic-gate #endif 6917c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 6927c478bd9Sstevel@tonic-gate } 6937c478bd9Sstevel@tonic-gate } 6947c478bd9Sstevel@tonic-gate 6957c478bd9Sstevel@tonic-gate printf("List of groups configured (set 1)\n"); 6967c478bd9Sstevel@tonic-gate for (i = 0; i < IPL_LOGSIZE; i++) 6977c478bd9Sstevel@tonic-gate for (fg = ipfgroups[i][1]; fg != NULL; fg = fg->fg_next) { 6987c478bd9Sstevel@tonic-gate printf("Dev.%d. Group %s Ref %d Flags %#x\n", 6997c478bd9Sstevel@tonic-gate i, fg->fg_name, fg->fg_ref, fg->fg_flags); 7007c478bd9Sstevel@tonic-gate for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 7017c478bd9Sstevel@tonic-gate #ifdef USE_QUAD_T 7027c478bd9Sstevel@tonic-gate printf("%qu ",(unsigned long long)fr->fr_hits); 7037c478bd9Sstevel@tonic-gate #else 7047c478bd9Sstevel@tonic-gate printf("%ld ", fr->fr_hits); 7057c478bd9Sstevel@tonic-gate #endif 7067c478bd9Sstevel@tonic-gate printfr(fr, ipftestioctl); 7077c478bd9Sstevel@tonic-gate } 7087c478bd9Sstevel@tonic-gate } 7097c478bd9Sstevel@tonic-gate } 7107c478bd9Sstevel@tonic-gate 7117c478bd9Sstevel@tonic-gate 7127c478bd9Sstevel@tonic-gate void drain_log(filename) 7137c478bd9Sstevel@tonic-gate char *filename; 7147c478bd9Sstevel@tonic-gate { 7157c478bd9Sstevel@tonic-gate char buffer[DEFAULT_IPFLOGSIZE]; 7167c478bd9Sstevel@tonic-gate struct iovec iov; 7177c478bd9Sstevel@tonic-gate struct uio uio; 7187c478bd9Sstevel@tonic-gate size_t resid; 719*ab25eeb5Syz155240 int fd, i; 7207c478bd9Sstevel@tonic-gate 7217c478bd9Sstevel@tonic-gate fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644); 7227c478bd9Sstevel@tonic-gate if (fd == -1) { 7237c478bd9Sstevel@tonic-gate perror("drain_log:open"); 7247c478bd9Sstevel@tonic-gate return; 7257c478bd9Sstevel@tonic-gate } 7267c478bd9Sstevel@tonic-gate 727*ab25eeb5Syz155240 for (i = 0; i <= IPL_LOGMAX; i++) 7287c478bd9Sstevel@tonic-gate while (1) { 7297c478bd9Sstevel@tonic-gate bzero((char *)&iov, sizeof(iov)); 7307c478bd9Sstevel@tonic-gate iov.iov_base = buffer; 7317c478bd9Sstevel@tonic-gate iov.iov_len = sizeof(buffer); 7327c478bd9Sstevel@tonic-gate 7337c478bd9Sstevel@tonic-gate bzero((char *)&uio, sizeof(uio)); 7347c478bd9Sstevel@tonic-gate uio.uio_iov = &iov; 7357c478bd9Sstevel@tonic-gate uio.uio_iovcnt = 1; 7367c478bd9Sstevel@tonic-gate uio.uio_resid = iov.iov_len; 7377c478bd9Sstevel@tonic-gate resid = uio.uio_resid; 7387c478bd9Sstevel@tonic-gate 739*ab25eeb5Syz155240 if (ipflog_read(i, &uio) == 0) { 7407c478bd9Sstevel@tonic-gate /* 7417c478bd9Sstevel@tonic-gate * If nothing was read then break out. 7427c478bd9Sstevel@tonic-gate */ 7437c478bd9Sstevel@tonic-gate if (uio.uio_resid == resid) 7447c478bd9Sstevel@tonic-gate break; 7457c478bd9Sstevel@tonic-gate write(fd, buffer, resid - uio.uio_resid); 7467c478bd9Sstevel@tonic-gate } else 7477c478bd9Sstevel@tonic-gate break; 7487c478bd9Sstevel@tonic-gate } 7497c478bd9Sstevel@tonic-gate 7507c478bd9Sstevel@tonic-gate close(fd); 7517c478bd9Sstevel@tonic-gate } 7527c478bd9Sstevel@tonic-gate 7537c478bd9Sstevel@tonic-gate 7547c478bd9Sstevel@tonic-gate void fixv4sums(m, ip) 7557c478bd9Sstevel@tonic-gate mb_t *m; 7567c478bd9Sstevel@tonic-gate ip_t *ip; 7577c478bd9Sstevel@tonic-gate { 7587c478bd9Sstevel@tonic-gate u_char *csump, *hdr; 7597c478bd9Sstevel@tonic-gate 7607c478bd9Sstevel@tonic-gate ip->ip_sum = 0; 7617c478bd9Sstevel@tonic-gate ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2); 7627c478bd9Sstevel@tonic-gate 7637c478bd9Sstevel@tonic-gate csump = (u_char *)ip; 7647c478bd9Sstevel@tonic-gate csump += IP_HL(ip) << 2; 7657c478bd9Sstevel@tonic-gate 7667c478bd9Sstevel@tonic-gate switch (ip->ip_p) 7677c478bd9Sstevel@tonic-gate { 7687c478bd9Sstevel@tonic-gate case IPPROTO_TCP : 7697c478bd9Sstevel@tonic-gate hdr = csump; 7707c478bd9Sstevel@tonic-gate csump += offsetof(tcphdr_t, th_sum); 7717c478bd9Sstevel@tonic-gate break; 7727c478bd9Sstevel@tonic-gate case IPPROTO_UDP : 7737c478bd9Sstevel@tonic-gate hdr = csump; 7747c478bd9Sstevel@tonic-gate csump += offsetof(udphdr_t, uh_sum); 7757c478bd9Sstevel@tonic-gate break; 7767c478bd9Sstevel@tonic-gate default : 7777c478bd9Sstevel@tonic-gate csump = NULL; 7787c478bd9Sstevel@tonic-gate hdr = NULL; 7797c478bd9Sstevel@tonic-gate break; 7807c478bd9Sstevel@tonic-gate } 7817c478bd9Sstevel@tonic-gate if (hdr != NULL) { 7827c478bd9Sstevel@tonic-gate *csump = 0; 7837c478bd9Sstevel@tonic-gate *(u_short *)csump = fr_cksum(m, ip, ip->ip_p, hdr); 7847c478bd9Sstevel@tonic-gate } 7857c478bd9Sstevel@tonic-gate } 786