| pfctl.c (126354) | pfctl.c (126355) |
|---|---|
| 1/* $FreeBSD: head/contrib/pf/pfctl/pfctl.c 126355 2004-02-28 17:32:53Z mlaier $ */ |
|
| 1/* $OpenBSD: pfctl.c,v 1.188 2003/08/29 21:47:36 cedric Exp $ */ 2 3/* 4 * Copyright (c) 2001 Daniel Hartmeier 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 22 unchanged lines hidden (view full) --- 31 */ 32 33#include <sys/types.h> 34#include <sys/ioctl.h> 35#include <sys/socket.h> 36 37#include <net/if.h> 38#include <netinet/in.h> | 2/* $OpenBSD: pfctl.c,v 1.188 2003/08/29 21:47:36 cedric Exp $ */ 3 4/* 5 * Copyright (c) 2001 Daniel Hartmeier 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 22 unchanged lines hidden (view full) --- 32 */ 33 34#include <sys/types.h> 35#include <sys/ioctl.h> 36#include <sys/socket.h> 37 38#include <net/if.h> 39#include <netinet/in.h> |
| 40#if defined(__FreeBSD__) 41#include <inttypes.h> 42#include <net/route.h> 43#else 44#define PRIu64 "llu" 45#endif |
|
| 39#include <net/pfvar.h> 40#include <arpa/inet.h> 41#include <altq/altq.h> 42 43#include <err.h> 44#include <errno.h> 45#include <fcntl.h> 46#include <limits.h> --- 142 unchanged lines hidden (view full) --- 189} 190 191int 192pfctl_enable(int dev, int opts) 193{ 194 if (ioctl(dev, DIOCSTART)) { 195 if (errno == EEXIST) 196 errx(1, "pf already enabled"); | 46#include <net/pfvar.h> 47#include <arpa/inet.h> 48#include <altq/altq.h> 49 50#include <err.h> 51#include <errno.h> 52#include <fcntl.h> 53#include <limits.h> --- 142 unchanged lines hidden (view full) --- 196} 197 198int 199pfctl_enable(int dev, int opts) 200{ 201 if (ioctl(dev, DIOCSTART)) { 202 if (errno == EEXIST) 203 errx(1, "pf already enabled"); |
| 204#if defined(__FreeBSD__) 205 else if (errno == ESRCH) 206 errx(1, "pfil registeration failed"); 207#endif |
|
| 197 else 198 err(1, "DIOCSTART"); 199 } 200 if ((opts & PF_OPT_QUIET) == 0) 201 fprintf(stderr, "pf enabled\n"); 202 203 if (altqsupport && ioctl(dev, DIOCSTARTALTQ)) 204 if (errno != EEXIST) --- 333 unchanged lines hidden (view full) --- 538 printf("%u ", rule->skip[i].nr); 539 } 540 printf("]\n"); 541 542 printf(" [ queue: qname=%s qid=%u pqname=%s pqid=%u ]\n", 543 rule->qname, rule->qid, rule->pqname, rule->pqid); 544 } 545 if (opts & PF_OPT_VERBOSE) | 208 else 209 err(1, "DIOCSTART"); 210 } 211 if ((opts & PF_OPT_QUIET) == 0) 212 fprintf(stderr, "pf enabled\n"); 213 214 if (altqsupport && ioctl(dev, DIOCSTARTALTQ)) 215 if (errno != EEXIST) --- 333 unchanged lines hidden (view full) --- 549 printf("%u ", rule->skip[i].nr); 550 } 551 printf("]\n"); 552 553 printf(" [ queue: qname=%s qid=%u pqname=%s pqid=%u ]\n", 554 rule->qname, rule->qid, rule->pqname, rule->pqid); 555 } 556 if (opts & PF_OPT_VERBOSE) |
| 546 printf(" [ Evaluations: %-8llu Packets: %-8llu " 547 "Bytes: %-10llu States: %-6u]\n", | 557 printf(" [ Evaluations: %-8"PRIu64" Packets: %-8"PRIu64" " 558 "Bytes: %-10"PRIu64" States: %-6u]\n", |
| 548 rule->evaluations, rule->packets, 549 rule->bytes, rule->states); 550} 551 552int 553pfctl_show_rules(int dev, int opts, int format, char *anchorname, 554 char *rulesetname) 555{ --- 47 unchanged lines hidden (view full) --- 603 if (pfctl_get_pool(dev, &pr.rule.rpool, 604 nr, pr.ticket, PF_SCRUB, anchorname, rulesetname) != 0) 605 return (-1); 606 607 switch (format) { 608 case 1: 609 if (pr.rule.label[0]) { 610 printf("%s ", pr.rule.label); | 559 rule->evaluations, rule->packets, 560 rule->bytes, rule->states); 561} 562 563int 564pfctl_show_rules(int dev, int opts, int format, char *anchorname, 565 char *rulesetname) 566{ --- 47 unchanged lines hidden (view full) --- 614 if (pfctl_get_pool(dev, &pr.rule.rpool, 615 nr, pr.ticket, PF_SCRUB, anchorname, rulesetname) != 0) 616 return (-1); 617 618 switch (format) { 619 case 1: 620 if (pr.rule.label[0]) { 621 printf("%s ", pr.rule.label); |
| 611 printf("%llu %llu %llu\n", | 622 printf("%"PRIu64" %"PRIu64" %"PRIu64"\n", |
| 612 pr.rule.evaluations, pr.rule.packets, 613 pr.rule.bytes); 614 } 615 break; 616 default: 617 print_rule(&pr.rule, rule_numbers); 618 pfctl_print_rule_counters(&pr.rule, opts); 619 } --- 15 unchanged lines hidden (view full) --- 635 if (pfctl_get_pool(dev, &pr.rule.rpool, 636 nr, pr.ticket, PF_PASS, anchorname, rulesetname) != 0) 637 return (-1); 638 639 switch (format) { 640 case 1: 641 if (pr.rule.label[0]) { 642 printf("%s ", pr.rule.label); | 623 pr.rule.evaluations, pr.rule.packets, 624 pr.rule.bytes); 625 } 626 break; 627 default: 628 print_rule(&pr.rule, rule_numbers); 629 pfctl_print_rule_counters(&pr.rule, opts); 630 } --- 15 unchanged lines hidden (view full) --- 646 if (pfctl_get_pool(dev, &pr.rule.rpool, 647 nr, pr.ticket, PF_PASS, anchorname, rulesetname) != 0) 648 return (-1); 649 650 switch (format) { 651 case 1: 652 if (pr.rule.label[0]) { 653 printf("%s ", pr.rule.label); |
| 643 printf("%llu %llu %llu\n", | 654 printf("%"PRIu64" %"PRIu64" %"PRIu64"\n", |
| 644 pr.rule.evaluations, pr.rule.packets, 645 pr.rule.bytes); 646 } 647 break; 648 default: 649 print_rule(&pr.rule, rule_numbers); 650 pfctl_print_rule_counters(&pr.rule, opts); 651 } --- 565 unchanged lines hidden (view full) --- 1217 if ((opts & PF_OPT_QUIET) == 0) 1218 fprintf(stderr, "pf: rule counters cleared\n"); 1219 return (0); 1220} 1221 1222int 1223pfctl_test_altqsupport(int dev, int opts) 1224{ | 655 pr.rule.evaluations, pr.rule.packets, 656 pr.rule.bytes); 657 } 658 break; 659 default: 660 print_rule(&pr.rule, rule_numbers); 661 pfctl_print_rule_counters(&pr.rule, opts); 662 } --- 565 unchanged lines hidden (view full) --- 1228 if ((opts & PF_OPT_QUIET) == 0) 1229 fprintf(stderr, "pf: rule counters cleared\n"); 1230 return (0); 1231} 1232 1233int 1234pfctl_test_altqsupport(int dev, int opts) 1235{ |
| 1236#if defined(__FreeBSD__) && !defined(ENABLE_ALTQ) 1237 return (0); 1238#else |
|
| 1225 struct pfioc_altq pa; 1226 1227 if (ioctl(dev, DIOCGETALTQS, &pa)) { 1228 if (errno == ENODEV) { 1229 if (!(opts & PF_OPT_QUIET)) 1230 fprintf(stderr, "No ALTQ support in kernel\n" 1231 "ALTQ related functions disabled\n"); 1232 return (0); 1233 } else 1234 err(1, "DIOCGETALTQS"); 1235 } 1236 return (1); | 1239 struct pfioc_altq pa; 1240 1241 if (ioctl(dev, DIOCGETALTQS, &pa)) { 1242 if (errno == ENODEV) { 1243 if (!(opts & PF_OPT_QUIET)) 1244 fprintf(stderr, "No ALTQ support in kernel\n" 1245 "ALTQ related functions disabled\n"); 1246 return (0); 1247 } else 1248 err(1, "DIOCGETALTQS"); 1249 } 1250 return (1); |
| 1251#endif |
|
| 1237} 1238 1239int 1240pfctl_show_anchors(int dev, int opts, char *anchorname) 1241{ 1242 u_int32_t nr, mnr; 1243 1244 if (!*anchorname) { --- 226 unchanged lines hidden (view full) --- 1471 dev = open("/dev/pf", mode); 1472 if (dev == -1) 1473 err(1, "/dev/pf"); 1474 altqsupport = pfctl_test_altqsupport(dev, opts); 1475 } else { 1476 /* turn off options */ 1477 opts &= ~ (PF_OPT_DISABLE | PF_OPT_ENABLE); 1478 clearopt = showopt = debugopt = NULL; | 1252} 1253 1254int 1255pfctl_show_anchors(int dev, int opts, char *anchorname) 1256{ 1257 u_int32_t nr, mnr; 1258 1259 if (!*anchorname) { --- 226 unchanged lines hidden (view full) --- 1486 dev = open("/dev/pf", mode); 1487 if (dev == -1) 1488 err(1, "/dev/pf"); 1489 altqsupport = pfctl_test_altqsupport(dev, opts); 1490 } else { 1491 /* turn off options */ 1492 opts &= ~ (PF_OPT_DISABLE | PF_OPT_ENABLE); 1493 clearopt = showopt = debugopt = NULL; |
| 1494#if defined(__FreeBSD__) && !defined(ENABLE_ALTQ) 1495 altqsupport = 0; 1496#else |
|
| 1479 altqsupport = 1; | 1497 altqsupport = 1; |
| 1498#endif |
|
| 1480 } 1481 1482 if (opts & PF_OPT_DISABLE) 1483 if (pfctl_disable(dev, opts)) 1484 error = 1; 1485 1486 if (showopt != NULL) { 1487 switch (*showopt) { --- 139 unchanged lines hidden --- | 1499 } 1500 1501 if (opts & PF_OPT_DISABLE) 1502 if (pfctl_disable(dev, opts)) 1503 error = 1; 1504 1505 if (showopt != NULL) { 1506 switch (*showopt) { --- 139 unchanged lines hidden --- |