30#include <sys/ioctl.h>
31#include <sys/socket.h>
32
33#include <net/if.h>
34#include <netinet/in.h>
35#include <net/pfvar.h>
36#include <net/if_pfsync.h>
37#include <net/route.h>
38#include <arpa/inet.h>
39
40#include <err.h>
41#include <netdb.h>
42#include <stdio.h>
43#include <stdlib.h>
44#include <string.h>
45#include <unistd.h>
46
47#include "ifconfig.h"
48
49void setpfsync_syncdev(const char *, int, int, const struct afswtch *);
50void unsetpfsync_syncdev(const char *, int, int, const struct afswtch *);
51void setpfsync_syncpeer(const char *, int, int, const struct afswtch *);
52void unsetpfsync_syncpeer(const char *, int, int, const struct afswtch *);
53void setpfsync_syncpeer(const char *, int, int, const struct afswtch *);
54void setpfsync_maxupd(const char *, int, int, const struct afswtch *);
55void setpfsync_defer(const char *, int, int, const struct afswtch *);
56void pfsync_status(int);
57
58void
59setpfsync_syncdev(const char *val, int d, int s, const struct afswtch *rafp)
60{
61 struct pfsyncreq preq;
62
63 bzero((char *)&preq, sizeof(struct pfsyncreq));
64 ifr.ifr_data = (caddr_t)&preq;
65
66 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
67 err(1, "SIOCGETPFSYNC");
68
69 strlcpy(preq.pfsyncr_syncdev, val, sizeof(preq.pfsyncr_syncdev));
70
71 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
72 err(1, "SIOCSETPFSYNC");
73}
74
75/* ARGSUSED */
76void
77unsetpfsync_syncdev(const char *val, int d, int s, const struct afswtch *rafp)
78{
79 struct pfsyncreq preq;
80
81 bzero((char *)&preq, sizeof(struct pfsyncreq));
82 ifr.ifr_data = (caddr_t)&preq;
83
84 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
85 err(1, "SIOCGETPFSYNC");
86
87 bzero((char *)&preq.pfsyncr_syncdev, sizeof(preq.pfsyncr_syncdev));
88
89 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
90 err(1, "SIOCSETPFSYNC");
91}
92
93/* ARGSUSED */
94void
95setpfsync_syncpeer(const char *val, int d, int s, const struct afswtch *rafp)
96{
97 struct pfsyncreq preq;
98 struct addrinfo hints, *peerres;
99 int ecode;
100
101 bzero((char *)&preq, sizeof(struct pfsyncreq));
102 ifr.ifr_data = (caddr_t)&preq;
103
104 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
105 err(1, "SIOCGETPFSYNC");
106
107 memset(&hints, 0, sizeof(hints));
108 hints.ai_family = AF_INET;
109 hints.ai_socktype = SOCK_DGRAM; /*dummy*/
110
111 if ((ecode = getaddrinfo(val, NULL, &hints, &peerres)) != 0)
112 errx(1, "error in parsing address string: %s",
113 gai_strerror(ecode));
114
115 if (peerres->ai_addr->sa_family != AF_INET)
116 errx(1, "only IPv4 addresses supported for the syncpeer");
117
118 preq.pfsyncr_syncpeer.s_addr = ((struct sockaddr_in *)
119 peerres->ai_addr)->sin_addr.s_addr;
120
121 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
122 err(1, "SIOCSETPFSYNC");
123}
124
125/* ARGSUSED */
126void
127unsetpfsync_syncpeer(const char *val, int d, int s, const struct afswtch *rafp)
128{
129 struct pfsyncreq preq;
130
131 bzero((char *)&preq, sizeof(struct pfsyncreq));
132 ifr.ifr_data = (caddr_t)&preq;
133
134 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
135 err(1, "SIOCGETPFSYNC");
136
137 preq.pfsyncr_syncpeer.s_addr = 0;
138
139 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
140 err(1, "SIOCSETPFSYNC");
141}
142
143/* ARGSUSED */
144void
145setpfsync_maxupd(const char *val, int d, int s, const struct afswtch *rafp)
146{
147 struct pfsyncreq preq;
148 int maxupdates;
149
150 maxupdates = atoi(val);
151 if ((maxupdates < 0) || (maxupdates > 255))
152 errx(1, "maxupd %s: out of range", val);
153
154 memset((char *)&preq, 0, sizeof(struct pfsyncreq));
155 ifr.ifr_data = (caddr_t)&preq;
156
157 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
158 err(1, "SIOCGETPFSYNC");
159
160 preq.pfsyncr_maxupdates = maxupdates;
161
162 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
163 err(1, "SIOCSETPFSYNC");
164}
165
166/* ARGSUSED */
167void
168setpfsync_defer(const char *val, int d, int s, const struct afswtch *rafp)
169{
170 struct pfsyncreq preq;
171
172 memset((char *)&preq, 0, sizeof(struct pfsyncreq));
173 ifr.ifr_data = (caddr_t)&preq;
174
175 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
176 err(1, "SIOCGETPFSYNC");
177
178 preq.pfsyncr_defer = d;
179 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
180 err(1, "SIOCSETPFSYNC");
181}
182
183void
184pfsync_status(int s)
185{
186 struct pfsyncreq preq;
187
188 bzero((char *)&preq, sizeof(struct pfsyncreq));
189 ifr.ifr_data = (caddr_t)&preq;
190
191 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
192 return;
193
194 if (preq.pfsyncr_syncdev[0] != '\0' ||
195 preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP)
196 printf("\t");
197
198 if (preq.pfsyncr_syncdev[0] != '\0')
199 printf("pfsync: syncdev: %s ", preq.pfsyncr_syncdev);
200 if (preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP)
201 printf("syncpeer: %s ", inet_ntoa(preq.pfsyncr_syncpeer));
202
203 if (preq.pfsyncr_syncdev[0] != '\0' ||
204 preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP) {
205 printf("maxupd: %d ", preq.pfsyncr_maxupdates);
206 printf("defer: %s\n", preq.pfsyncr_defer ? "on" : "off");
207 }
208}
209
210static struct cmd pfsync_cmds[] = {
211 DEF_CMD_ARG("syncdev", setpfsync_syncdev),
212 DEF_CMD("-syncdev", 1, unsetpfsync_syncdev),
213 DEF_CMD_ARG("syncif", setpfsync_syncdev),
214 DEF_CMD("-syncif", 1, unsetpfsync_syncdev),
215 DEF_CMD_ARG("syncpeer", setpfsync_syncpeer),
216 DEF_CMD("-syncpeer", 1, unsetpfsync_syncpeer),
217 DEF_CMD_ARG("maxupd", setpfsync_maxupd),
218 DEF_CMD("defer", 1, setpfsync_defer),
219 DEF_CMD("-defer", 0, setpfsync_defer),
220};
221static struct afswtch af_pfsync = {
222 .af_name = "af_pfsync",
223 .af_af = AF_UNSPEC,
224 .af_other_status = pfsync_status,
225};
226
227static __constructor void
228pfsync_ctor(void)
229{
| 30#include <sys/ioctl.h>
31#include <sys/socket.h>
32
33#include <net/if.h>
34#include <netinet/in.h>
35#include <net/pfvar.h>
36#include <net/if_pfsync.h>
37#include <net/route.h>
38#include <arpa/inet.h>
39
40#include <err.h>
41#include <netdb.h>
42#include <stdio.h>
43#include <stdlib.h>
44#include <string.h>
45#include <unistd.h>
46
47#include "ifconfig.h"
48
49void setpfsync_syncdev(const char *, int, int, const struct afswtch *);
50void unsetpfsync_syncdev(const char *, int, int, const struct afswtch *);
51void setpfsync_syncpeer(const char *, int, int, const struct afswtch *);
52void unsetpfsync_syncpeer(const char *, int, int, const struct afswtch *);
53void setpfsync_syncpeer(const char *, int, int, const struct afswtch *);
54void setpfsync_maxupd(const char *, int, int, const struct afswtch *);
55void setpfsync_defer(const char *, int, int, const struct afswtch *);
56void pfsync_status(int);
57
58void
59setpfsync_syncdev(const char *val, int d, int s, const struct afswtch *rafp)
60{
61 struct pfsyncreq preq;
62
63 bzero((char *)&preq, sizeof(struct pfsyncreq));
64 ifr.ifr_data = (caddr_t)&preq;
65
66 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
67 err(1, "SIOCGETPFSYNC");
68
69 strlcpy(preq.pfsyncr_syncdev, val, sizeof(preq.pfsyncr_syncdev));
70
71 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
72 err(1, "SIOCSETPFSYNC");
73}
74
75/* ARGSUSED */
76void
77unsetpfsync_syncdev(const char *val, int d, int s, const struct afswtch *rafp)
78{
79 struct pfsyncreq preq;
80
81 bzero((char *)&preq, sizeof(struct pfsyncreq));
82 ifr.ifr_data = (caddr_t)&preq;
83
84 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
85 err(1, "SIOCGETPFSYNC");
86
87 bzero((char *)&preq.pfsyncr_syncdev, sizeof(preq.pfsyncr_syncdev));
88
89 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
90 err(1, "SIOCSETPFSYNC");
91}
92
93/* ARGSUSED */
94void
95setpfsync_syncpeer(const char *val, int d, int s, const struct afswtch *rafp)
96{
97 struct pfsyncreq preq;
98 struct addrinfo hints, *peerres;
99 int ecode;
100
101 bzero((char *)&preq, sizeof(struct pfsyncreq));
102 ifr.ifr_data = (caddr_t)&preq;
103
104 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
105 err(1, "SIOCGETPFSYNC");
106
107 memset(&hints, 0, sizeof(hints));
108 hints.ai_family = AF_INET;
109 hints.ai_socktype = SOCK_DGRAM; /*dummy*/
110
111 if ((ecode = getaddrinfo(val, NULL, &hints, &peerres)) != 0)
112 errx(1, "error in parsing address string: %s",
113 gai_strerror(ecode));
114
115 if (peerres->ai_addr->sa_family != AF_INET)
116 errx(1, "only IPv4 addresses supported for the syncpeer");
117
118 preq.pfsyncr_syncpeer.s_addr = ((struct sockaddr_in *)
119 peerres->ai_addr)->sin_addr.s_addr;
120
121 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
122 err(1, "SIOCSETPFSYNC");
123}
124
125/* ARGSUSED */
126void
127unsetpfsync_syncpeer(const char *val, int d, int s, const struct afswtch *rafp)
128{
129 struct pfsyncreq preq;
130
131 bzero((char *)&preq, sizeof(struct pfsyncreq));
132 ifr.ifr_data = (caddr_t)&preq;
133
134 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
135 err(1, "SIOCGETPFSYNC");
136
137 preq.pfsyncr_syncpeer.s_addr = 0;
138
139 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
140 err(1, "SIOCSETPFSYNC");
141}
142
143/* ARGSUSED */
144void
145setpfsync_maxupd(const char *val, int d, int s, const struct afswtch *rafp)
146{
147 struct pfsyncreq preq;
148 int maxupdates;
149
150 maxupdates = atoi(val);
151 if ((maxupdates < 0) || (maxupdates > 255))
152 errx(1, "maxupd %s: out of range", val);
153
154 memset((char *)&preq, 0, sizeof(struct pfsyncreq));
155 ifr.ifr_data = (caddr_t)&preq;
156
157 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
158 err(1, "SIOCGETPFSYNC");
159
160 preq.pfsyncr_maxupdates = maxupdates;
161
162 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
163 err(1, "SIOCSETPFSYNC");
164}
165
166/* ARGSUSED */
167void
168setpfsync_defer(const char *val, int d, int s, const struct afswtch *rafp)
169{
170 struct pfsyncreq preq;
171
172 memset((char *)&preq, 0, sizeof(struct pfsyncreq));
173 ifr.ifr_data = (caddr_t)&preq;
174
175 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
176 err(1, "SIOCGETPFSYNC");
177
178 preq.pfsyncr_defer = d;
179 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
180 err(1, "SIOCSETPFSYNC");
181}
182
183void
184pfsync_status(int s)
185{
186 struct pfsyncreq preq;
187
188 bzero((char *)&preq, sizeof(struct pfsyncreq));
189 ifr.ifr_data = (caddr_t)&preq;
190
191 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
192 return;
193
194 if (preq.pfsyncr_syncdev[0] != '\0' ||
195 preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP)
196 printf("\t");
197
198 if (preq.pfsyncr_syncdev[0] != '\0')
199 printf("pfsync: syncdev: %s ", preq.pfsyncr_syncdev);
200 if (preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP)
201 printf("syncpeer: %s ", inet_ntoa(preq.pfsyncr_syncpeer));
202
203 if (preq.pfsyncr_syncdev[0] != '\0' ||
204 preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP) {
205 printf("maxupd: %d ", preq.pfsyncr_maxupdates);
206 printf("defer: %s\n", preq.pfsyncr_defer ? "on" : "off");
207 }
208}
209
210static struct cmd pfsync_cmds[] = {
211 DEF_CMD_ARG("syncdev", setpfsync_syncdev),
212 DEF_CMD("-syncdev", 1, unsetpfsync_syncdev),
213 DEF_CMD_ARG("syncif", setpfsync_syncdev),
214 DEF_CMD("-syncif", 1, unsetpfsync_syncdev),
215 DEF_CMD_ARG("syncpeer", setpfsync_syncpeer),
216 DEF_CMD("-syncpeer", 1, unsetpfsync_syncpeer),
217 DEF_CMD_ARG("maxupd", setpfsync_maxupd),
218 DEF_CMD("defer", 1, setpfsync_defer),
219 DEF_CMD("-defer", 0, setpfsync_defer),
220};
221static struct afswtch af_pfsync = {
222 .af_name = "af_pfsync",
223 .af_af = AF_UNSPEC,
224 .af_other_status = pfsync_status,
225};
226
227static __constructor void
228pfsync_ctor(void)
229{
|