| pf_snmp.c (205312) | pf_snmp.c (205607) |
|---|---|
| 1/*- 2 * Copyright (c) 2005 Philip Paeps <philip@FreeBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * | 1/*- 2 * Copyright (c) 2005 Philip Paeps <philip@FreeBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * |
| 26 * $FreeBSD: head/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c 205312 2010-03-19 09:53:25Z syrinx $ | 26 * $FreeBSD: head/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c 205607 2010-03-24 16:07:33Z syrinx $ |
| 27 */ 28 29#include <bsnmp/snmpmod.h> 30 31#include <net/pfvar.h> 32#include <sys/ioctl.h> 33 34#include <errno.h> --- 45 unchanged lines hidden (view full) --- 80TAILQ_HEAD(pft_table, pft_entry); 81 82static struct pft_table pft_table; 83static time_t pft_table_age; 84static int pft_table_count; 85 86#define PFT_TABLE_MAXAGE 5 87 | 27 */ 28 29#include <bsnmp/snmpmod.h> 30 31#include <net/pfvar.h> 32#include <sys/ioctl.h> 33 34#include <errno.h> --- 45 unchanged lines hidden (view full) --- 80TAILQ_HEAD(pft_table, pft_entry); 81 82static struct pft_table pft_table; 83static time_t pft_table_age; 84static int pft_table_count; 85 86#define PFT_TABLE_MAXAGE 5 87 |
| 88struct pfa_entry { 89 struct pfr_astats pfas; 90 u_int index; 91 TAILQ_ENTRY(pfa_entry) link; 92}; 93TAILQ_HEAD(pfa_table, pfa_entry); 94 95static struct pfa_table pfa_table; 96static time_t pfa_table_age; 97static int pfa_table_count; 98 99#define PFA_TABLE_MAXAGE 5 100 |
|
| 88struct pfq_entry { 89 struct pf_altq altq; 90 u_int index; 91 TAILQ_ENTRY(pfq_entry) link; 92}; 93TAILQ_HEAD(pfq_table, pfq_entry); 94 95static struct pfq_table pfq_table; --- 20 unchanged lines hidden (view full) --- 116 117#define PFL_TABLE_MAXAGE 5 118 119/* Forward declarations */ 120static int pfi_refresh(void); 121static int pfq_refresh(void); 122static int pfs_refresh(void); 123static int pft_refresh(void); | 101struct pfq_entry { 102 struct pf_altq altq; 103 u_int index; 104 TAILQ_ENTRY(pfq_entry) link; 105}; 106TAILQ_HEAD(pfq_table, pfq_entry); 107 108static struct pfq_table pfq_table; --- 20 unchanged lines hidden (view full) --- 129 130#define PFL_TABLE_MAXAGE 5 131 132/* Forward declarations */ 133static int pfi_refresh(void); 134static int pfq_refresh(void); 135static int pfs_refresh(void); 136static int pft_refresh(void); |
| 137static int pfa_refresh(void); |
|
| 124static int pfl_refresh(void); 125static struct pfi_entry * pfi_table_find(u_int idx); 126static struct pfq_entry * pfq_table_find(u_int idx); 127static struct pft_entry * pft_table_find(u_int idx); | 138static int pfl_refresh(void); 139static struct pfi_entry * pfi_table_find(u_int idx); 140static struct pfq_entry * pfq_table_find(u_int idx); 141static struct pft_entry * pft_table_find(u_int idx); |
| 142static struct pfa_entry * pfa_table_find(u_int idx); |
|
| 128static struct pfl_entry * pfl_table_find(u_int idx); 129 130static int altq_is_enabled(int pfdevice); 131 132int 133pf_status(struct snmp_context __unused *ctx, struct snmp_value *val, 134 u_int sub, u_int __unused vindex, enum snmp_op op) 135{ --- 653 unchanged lines hidden (view full) --- 789 790 return (SNMP_ERR_NOERROR); 791} 792 793int 794pf_tbladdr(struct snmp_context __unused *ctx, struct snmp_value __unused *val, 795 u_int __unused sub, u_int __unused vindex, enum snmp_op __unused op) 796{ | 143static struct pfl_entry * pfl_table_find(u_int idx); 144 145static int altq_is_enabled(int pfdevice); 146 147int 148pf_status(struct snmp_context __unused *ctx, struct snmp_value *val, 149 u_int sub, u_int __unused vindex, enum snmp_op op) 150{ --- 653 unchanged lines hidden (view full) --- 804 805 return (SNMP_ERR_NOERROR); 806} 807 808int 809pf_tbladdr(struct snmp_context __unused *ctx, struct snmp_value __unused *val, 810 u_int __unused sub, u_int __unused vindex, enum snmp_op __unused op) 811{ |
| 797 return (SNMP_ERR_GENERR); | 812 asn_subid_t which = val->var.subs[sub - 1]; 813 struct pfa_entry *e = NULL; 814 815 if ((time(NULL) - pfa_table_age) > PFA_TABLE_MAXAGE) 816 pfa_refresh(); 817 818 switch (op) { 819 case SNMP_OP_SET: 820 return (SNMP_ERR_NOT_WRITEABLE); 821 case SNMP_OP_GETNEXT: 822 if ((e = NEXT_OBJECT_INT(&pfa_table, 823 &val->var, sub)) == NULL) 824 return (SNMP_ERR_NOSUCHNAME); 825 val->var.len = sub + 1; 826 val->var.subs[sub] = e->index; 827 break; 828 case SNMP_OP_GET: 829 if (val->var.len - sub != 1) 830 return (SNMP_ERR_NOSUCHNAME); 831 if ((e = pfa_table_find(val->var.subs[sub])) == NULL) 832 return (SNMP_ERR_NOSUCHNAME); 833 break; 834 835 case SNMP_OP_COMMIT: 836 case SNMP_OP_ROLLBACK: 837 default: 838 abort(); 839 } 840 841 switch (which) { 842 case LEAF_pfTablesAddrNetType: 843 if (e->pfas.pfras_a.pfra_af == AF_INET) 844 val->v.integer = pfTablesAddrNetType_ipv4; 845 else if (e->pfas.pfras_a.pfra_af == AF_INET6) 846 val->v.integer = pfTablesAddrNetType_ipv6; 847 else 848 return (SNMP_ERR_GENERR); 849 break; 850 case LEAF_pfTablesAddrNet: 851 if (e->pfas.pfras_a.pfra_af == AF_INET) { 852 return (string_get(val, 853 (u_char *)&e->pfas.pfras_a.pfra_ip4addr, 4)); 854 } else if (e->pfas.pfras_a.pfra_af == AF_INET6) 855 return (string_get(val, 856 (u_char *)&e->pfas.pfras_a.pfra_ip6addr, 16)); 857 else 858 return (SNMP_ERR_GENERR); 859 break; 860 case LEAF_pfTablesAddrPrefix: 861 val->v.integer = (int32_t) e->pfas.pfras_a.pfra_net; 862 break; 863 case LEAF_pfTablesAddrTZero: 864 val->v.uint32 = 865 (time(NULL) - e->pfas.pfras_tzero) * 100; 866 break; 867 case LEAF_pfTablesAddrBytesInPass: 868 val->v.counter64 = 869 e->pfas.pfras_bytes[PFR_DIR_IN][PFR_OP_PASS]; 870 break; 871 case LEAF_pfTablesAddrBytesInBlock: 872 val->v.counter64 = 873 e->pfas.pfras_bytes[PFR_DIR_IN][PFR_OP_BLOCK]; 874 break; 875 case LEAF_pfTablesAddrBytesOutPass: 876 val->v.counter64 = 877 e->pfas.pfras_bytes[PFR_DIR_OUT][PFR_OP_PASS]; 878 break; 879 case LEAF_pfTablesAddrBytesOutBlock: 880 val->v.counter64 = 881 e->pfas.pfras_bytes[PFR_DIR_OUT][PFR_OP_BLOCK]; 882 break; 883 case LEAF_pfTablesAddrPktsInPass: 884 val->v.counter64 = 885 e->pfas.pfras_packets[PFR_DIR_IN][PFR_OP_PASS]; 886 break; 887 case LEAF_pfTablesAddrPktsInBlock: 888 val->v.counter64 = 889 e->pfas.pfras_packets[PFR_DIR_IN][PFR_OP_BLOCK]; 890 break; 891 case LEAF_pfTablesAddrPktsOutPass: 892 val->v.counter64 = 893 e->pfas.pfras_packets[PFR_DIR_OUT][PFR_OP_PASS]; 894 break; 895 case LEAF_pfTablesAddrPktsOutBlock: 896 val->v.counter64 = 897 e->pfas.pfras_packets[PFR_DIR_OUT][PFR_OP_BLOCK]; 898 break; 899 default: 900 return (SNMP_ERR_NOSUCHNAME); 901 } 902 903 return (SNMP_ERR_NOERROR); |
| 798} 799 800int 801pf_altq(struct snmp_context __unused *ctx, struct snmp_value *val, 802 u_int sub, u_int __unused vindex, enum snmp_op op) 803{ 804 asn_subid_t which = val->var.subs[sub - 1]; 805 | 904} 905 906int 907pf_altq(struct snmp_context __unused *ctx, struct snmp_value *val, 908 u_int sub, u_int __unused vindex, enum snmp_op op) 909{ 910 asn_subid_t which = val->var.subs[sub - 1]; 911 |
| 806 if (!altq_enabled) { 807 return (SNMP_ERR_NOERROR); 808 } | 912 if (!altq_enabled) 913 return (SNMP_ERR_NOSUCHNAME); |
| 809 810 if (op == SNMP_OP_SET) 811 return (SNMP_ERR_NOT_WRITEABLE); 812 813 if (op == SNMP_OP_GET) { 814 if ((time(NULL) - pfq_table_age) > PFQ_TABLE_MAXAGE) 815 if (pfq_refresh() == -1) 816 return (SNMP_ERR_GENERR); --- 16 unchanged lines hidden (view full) --- 833 834int 835pf_altqq(struct snmp_context __unused *ctx, struct snmp_value *val, 836 u_int sub, u_int __unused vindex, enum snmp_op op) 837{ 838 asn_subid_t which = val->var.subs[sub - 1]; 839 struct pfq_entry *e = NULL; 840 | 914 915 if (op == SNMP_OP_SET) 916 return (SNMP_ERR_NOT_WRITEABLE); 917 918 if (op == SNMP_OP_GET) { 919 if ((time(NULL) - pfq_table_age) > PFQ_TABLE_MAXAGE) 920 if (pfq_refresh() == -1) 921 return (SNMP_ERR_GENERR); --- 16 unchanged lines hidden (view full) --- 938 939int 940pf_altqq(struct snmp_context __unused *ctx, struct snmp_value *val, 941 u_int sub, u_int __unused vindex, enum snmp_op op) 942{ 943 asn_subid_t which = val->var.subs[sub - 1]; 944 struct pfq_entry *e = NULL; 945 |
| 841 if (!altq_enabled) { 842 return (SNMP_ERR_NOERROR); 843 } | 946 if (!altq_enabled) 947 return (SNMP_ERR_NOSUCHNAME); |
| 844 845 if ((time(NULL) - pfq_table_age) > PFQ_TABLE_MAXAGE) 846 pfq_refresh(); 847 848 switch (op) { 849 case SNMP_OP_SET: 850 return (SNMP_ERR_NOT_WRITEABLE); 851 case SNMP_OP_GETNEXT: --- 157 unchanged lines hidden (view full) --- 1009 struct pft_entry *e; 1010 1011 TAILQ_FOREACH(e, &pft_table, link) 1012 if (e->index == idx) 1013 return (e); 1014 return (NULL); 1015} 1016 | 948 949 if ((time(NULL) - pfq_table_age) > PFQ_TABLE_MAXAGE) 950 pfq_refresh(); 951 952 switch (op) { 953 case SNMP_OP_SET: 954 return (SNMP_ERR_NOT_WRITEABLE); 955 case SNMP_OP_GETNEXT: --- 157 unchanged lines hidden (view full) --- 1113 struct pft_entry *e; 1114 1115 TAILQ_FOREACH(e, &pft_table, link) 1116 if (e->index == idx) 1117 return (e); 1118 return (NULL); 1119} 1120 |
| 1121static struct pfa_entry * 1122pfa_table_find(u_int idx) 1123{ 1124 struct pfa_entry *e; 1125 1126 TAILQ_FOREACH(e, &pfa_table, link) 1127 if (e->index == idx) 1128 return (e); 1129 return (NULL); 1130} 1131 |
|
| 1017static struct pfl_entry * 1018pfl_table_find(u_int idx) 1019{ 1020 struct pfl_entry *e; 1021 1022 TAILQ_FOREACH(e, &pfl_table, link) 1023 if (e->index == idx) 1024 return (e); --- 219 unchanged lines hidden (view full) --- 1244 free(e); 1245 } 1246err2: 1247 free(t); 1248 return(-1); 1249} 1250 1251static int | 1132static struct pfl_entry * 1133pfl_table_find(u_int idx) 1134{ 1135 struct pfl_entry *e; 1136 1137 TAILQ_FOREACH(e, &pfl_table, link) 1138 if (e->index == idx) 1139 return (e); --- 219 unchanged lines hidden (view full) --- 1359 free(e); 1360 } 1361err2: 1362 free(t); 1363 return(-1); 1364} 1365 1366static int |
| 1367pfa_table_addrs(u_int sidx, struct pfr_table *pt) 1368{ 1369 struct pfioc_table io; 1370 struct pfr_astats *t = NULL; 1371 struct pfa_entry *e; 1372 int i, numaddrs = 1; 1373 1374 if (pt == NULL) 1375 return (-1); 1376 1377 memset(&io, 0, sizeof(io)); 1378 strlcpy(io.pfrio_table.pfrt_name, pt->pfrt_name, 1379 sizeof(io.pfrio_table.pfrt_name)); 1380 1381 for (;;) { 1382 t = reallocf(t, numaddrs * sizeof(struct pfr_astats)); 1383 if (t == NULL) { 1384 syslog(LOG_ERR, "pfa_table_addrs(): reallocf(): %s", 1385 strerror(errno)); 1386 numaddrs = -1; 1387 goto error; 1388 } 1389 1390 memset(t, 0, sizeof(*t)); 1391 io.pfrio_size = numaddrs; 1392 io.pfrio_buffer = t; 1393 io.pfrio_esize = sizeof(struct pfr_astats); 1394 1395 if (ioctl(dev, DIOCRGETASTATS, &io)) { 1396 syslog(LOG_ERR, "pfa_table_addrs(): ioctl() on %s: %s", 1397 pt->pfrt_name, strerror(errno)); 1398 numaddrs = -1; 1399 break; 1400 } 1401 1402 if (numaddrs >= io.pfrio_size) 1403 break; 1404 1405 numaddrs = io.pfrio_size; 1406 } 1407 1408 for (i = 0; i < numaddrs; i++) { 1409 if ((t + i)->pfras_a.pfra_af != AF_INET && 1410 (t + i)->pfras_a.pfra_af != AF_INET6) { 1411 numaddrs = i; 1412 break; 1413 } 1414 1415 e = (struct pfa_entry *)malloc(sizeof(struct pfa_entry)); 1416 if (e == NULL) { 1417 syslog(LOG_ERR, "pfa_table_addrs(): malloc(): %s", 1418 strerror(errno)); 1419 numaddrs = -1; 1420 break; 1421 } 1422 e->index = sidx + i; 1423 memcpy(&e->pfas, t + i, sizeof(struct pfr_astats)); 1424 TAILQ_INSERT_TAIL(&pfa_table, e, link); 1425 } 1426 1427 free(t); 1428error: 1429 return (numaddrs); 1430} 1431 1432static int 1433pfa_refresh(void) 1434{ 1435 struct pfioc_table io; 1436 struct pfr_table *pt = NULL, *it = NULL; 1437 struct pfa_entry *e; 1438 int i, numtbls = 1, cidx, naddrs; 1439 1440 if (started && this_tick <= pf_tick) 1441 return (0); 1442 1443 while (!TAILQ_EMPTY(&pfa_table)) { 1444 e = TAILQ_FIRST(&pfa_table); 1445 TAILQ_REMOVE(&pfa_table, e, link); 1446 free(e); 1447 } 1448 1449 memset(&io, 0, sizeof(io)); 1450 io.pfrio_esize = sizeof(struct pfr_table); 1451 1452 for (;;) { 1453 pt = reallocf(pt, numtbls * sizeof(struct pfr_table)); 1454 if (pt == NULL) { 1455 syslog(LOG_ERR, "pfa_refresh(): reallocf() %s", 1456 strerror(errno)); 1457 return (-1); 1458 } 1459 memset(pt, 0, sizeof(*pt)); 1460 io.pfrio_size = numtbls; 1461 io.pfrio_buffer = pt; 1462 1463 if (ioctl(dev, DIOCRGETTABLES, &io)) { 1464 syslog(LOG_ERR, "pfa_refresh(): ioctl(): %s", 1465 strerror(errno)); 1466 goto err2; 1467 } 1468 1469 if (numtbls >= io.pfrio_size) 1470 break; 1471 1472 numtbls = io.pfrio_size; 1473 } 1474 1475 cidx = 1; 1476 1477 for (it = pt, i = 0; i < numtbls; it++, i++) { 1478 /* 1479 * Skip the table if not active - ioctl(DIOCRGETASTATS) will 1480 * return ESRCH for this entry anyway. 1481 */ 1482 if (!(it->pfrt_flags & PFR_TFLAG_ACTIVE)) 1483 continue; 1484 1485 if ((naddrs = pfa_table_addrs(cidx, it)) < 0) 1486 goto err1; 1487 1488 cidx += naddrs; 1489 } 1490 1491 pfa_table_age = time(NULL); 1492 pfa_table_count = cidx; 1493 pf_tick = this_tick; 1494 1495 free(pt); 1496 return (0); 1497err1: 1498 while (!TAILQ_EMPTY(&pfa_table)) { 1499 e = TAILQ_FIRST(&pfa_table); 1500 TAILQ_REMOVE(&pfa_table, e, link); 1501 free(e); 1502 } 1503 1504err2: 1505 free(pt); 1506 return (-1); 1507} 1508 1509static int |
|
| 1252pfl_scan_ruleset(const char *path) 1253{ 1254 struct pfioc_rule pr; 1255 struct pfl_entry *e; 1256 u_int32_t nr, i; 1257 1258 bzero(&pr, sizeof(pr)); 1259 strlcpy(pr.anchor, path, sizeof(pr.anchor)); --- 158 unchanged lines hidden (view full) --- 1418 syslog(LOG_ERR, "pf_init(): altq test failed"); 1419 return (-1); 1420 } 1421 1422 /* Prepare internal state */ 1423 TAILQ_INIT(&pfi_table); 1424 TAILQ_INIT(&pfq_table); 1425 TAILQ_INIT(&pft_table); | 1510pfl_scan_ruleset(const char *path) 1511{ 1512 struct pfioc_rule pr; 1513 struct pfl_entry *e; 1514 u_int32_t nr, i; 1515 1516 bzero(&pr, sizeof(pr)); 1517 strlcpy(pr.anchor, path, sizeof(pr.anchor)); --- 158 unchanged lines hidden (view full) --- 1676 syslog(LOG_ERR, "pf_init(): altq test failed"); 1677 return (-1); 1678 } 1679 1680 /* Prepare internal state */ 1681 TAILQ_INIT(&pfi_table); 1682 TAILQ_INIT(&pfq_table); 1683 TAILQ_INIT(&pft_table); |
| 1684 TAILQ_INIT(&pfa_table); |
|
| 1426 TAILQ_INIT(&pfl_table); 1427 1428 pfi_refresh(); 1429 if (altq_enabled) { 1430 pfq_refresh(); 1431 } 1432 1433 pfs_refresh(); 1434 pft_refresh(); | 1685 TAILQ_INIT(&pfl_table); 1686 1687 pfi_refresh(); 1688 if (altq_enabled) { 1689 pfq_refresh(); 1690 } 1691 1692 pfs_refresh(); 1693 pft_refresh(); |
| 1694 pfa_refresh(); |
|
| 1435 pfl_refresh(); 1436 1437 started = 1; 1438 1439 return (0); 1440} 1441 1442static int 1443pf_fini(void) 1444{ 1445 struct pfi_entry *i1, *i2; 1446 struct pfq_entry *q1, *q2; 1447 struct pft_entry *t1, *t2; | 1695 pfl_refresh(); 1696 1697 started = 1; 1698 1699 return (0); 1700} 1701 1702static int 1703pf_fini(void) 1704{ 1705 struct pfi_entry *i1, *i2; 1706 struct pfq_entry *q1, *q2; 1707 struct pft_entry *t1, *t2; |
| 1708 struct pfa_entry *a1, *a2; |
|
| 1448 struct pfl_entry *l1, *l2; 1449 1450 /* Empty the list of interfaces */ 1451 i1 = TAILQ_FIRST(&pfi_table); 1452 while (i1 != NULL) { 1453 i2 = TAILQ_NEXT(i1, link); 1454 free(i1); 1455 i1 = i2; --- 10 unchanged lines hidden (view full) --- 1466 /* List of tables */ 1467 t1 = TAILQ_FIRST(&pft_table); 1468 while (t1 != NULL) { 1469 t2 = TAILQ_NEXT(t1, link); 1470 free(t1); 1471 t1 = t2; 1472 } 1473 | 1709 struct pfl_entry *l1, *l2; 1710 1711 /* Empty the list of interfaces */ 1712 i1 = TAILQ_FIRST(&pfi_table); 1713 while (i1 != NULL) { 1714 i2 = TAILQ_NEXT(i1, link); 1715 free(i1); 1716 i1 = i2; --- 10 unchanged lines hidden (view full) --- 1727 /* List of tables */ 1728 t1 = TAILQ_FIRST(&pft_table); 1729 while (t1 != NULL) { 1730 t2 = TAILQ_NEXT(t1, link); 1731 free(t1); 1732 t1 = t2; 1733 } 1734 |
| 1735 /* List of table addresses */ 1736 a1 = TAILQ_FIRST(&pfa_table); 1737 while (a1 != NULL) { 1738 a2 = TAILQ_NEXT(a1, link); 1739 free(a1); 1740 a1 = a2; 1741 } 1742 |
|
| 1474 /* And the list of labeled filter rules */ 1475 l1 = TAILQ_FIRST(&pfl_table); 1476 while (l1 != NULL) { 1477 l2 = TAILQ_NEXT(l1, link); 1478 free(l1); 1479 l1 = l2; 1480 } 1481 --- 4 unchanged lines hidden (view full) --- 1486static void 1487pf_dump(void) 1488{ 1489 pfi_refresh(); 1490 if (altq_enabled) { 1491 pfq_refresh(); 1492 } 1493 pft_refresh(); | 1743 /* And the list of labeled filter rules */ 1744 l1 = TAILQ_FIRST(&pfl_table); 1745 while (l1 != NULL) { 1746 l2 = TAILQ_NEXT(l1, link); 1747 free(l1); 1748 l1 = l2; 1749 } 1750 --- 4 unchanged lines hidden (view full) --- 1755static void 1756pf_dump(void) 1757{ 1758 pfi_refresh(); 1759 if (altq_enabled) { 1760 pfq_refresh(); 1761 } 1762 pft_refresh(); |
| 1763 pfa_refresh(); |
|
| 1494 pfl_refresh(); 1495 1496 syslog(LOG_ERR, "Dump: pfi_table_age = %jd", 1497 (intmax_t)pfi_table_age); 1498 syslog(LOG_ERR, "Dump: pfi_table_count = %d", 1499 pfi_table_count); 1500 1501 syslog(LOG_ERR, "Dump: pfq_table_age = %jd", 1502 (intmax_t)pfq_table_age); 1503 syslog(LOG_ERR, "Dump: pfq_table_count = %d", 1504 pfq_table_count); 1505 1506 syslog(LOG_ERR, "Dump: pft_table_age = %jd", 1507 (intmax_t)pft_table_age); 1508 syslog(LOG_ERR, "Dump: pft_table_count = %d", 1509 pft_table_count); 1510 | 1764 pfl_refresh(); 1765 1766 syslog(LOG_ERR, "Dump: pfi_table_age = %jd", 1767 (intmax_t)pfi_table_age); 1768 syslog(LOG_ERR, "Dump: pfi_table_count = %d", 1769 pfi_table_count); 1770 1771 syslog(LOG_ERR, "Dump: pfq_table_age = %jd", 1772 (intmax_t)pfq_table_age); 1773 syslog(LOG_ERR, "Dump: pfq_table_count = %d", 1774 pfq_table_count); 1775 1776 syslog(LOG_ERR, "Dump: pft_table_age = %jd", 1777 (intmax_t)pft_table_age); 1778 syslog(LOG_ERR, "Dump: pft_table_count = %d", 1779 pft_table_count); 1780 |
| 1781 syslog(LOG_ERR, "Dump: pfa_table_age = %jd", 1782 (intmax_t)pfa_table_age); 1783 syslog(LOG_ERR, "Dump: pfa_table_count = %d", 1784 pfa_table_count); 1785 |
|
| 1511 syslog(LOG_ERR, "Dump: pfl_table_age = %jd", 1512 (intmax_t)pfl_table_age); 1513 syslog(LOG_ERR, "Dump: pfl_table_count = %d", 1514 pfl_table_count); 1515} 1516 1517const struct snmp_module config = { 1518 .comment = "This module implements a MIB for the pf packet filter.", 1519 .init = pf_init, 1520 .fini = pf_fini, 1521 .tree = pf_ctree, 1522 .dump = pf_dump, 1523 .tree_size = pf_CTREE_SIZE, 1524}; | 1786 syslog(LOG_ERR, "Dump: pfl_table_age = %jd", 1787 (intmax_t)pfl_table_age); 1788 syslog(LOG_ERR, "Dump: pfl_table_count = %d", 1789 pfl_table_count); 1790} 1791 1792const struct snmp_module config = { 1793 .comment = "This module implements a MIB for the pf packet filter.", 1794 .init = pf_init, 1795 .fini = pf_fini, 1796 .tree = pf_ctree, 1797 .dump = pf_dump, 1798 .tree_size = pf_CTREE_SIZE, 1799}; |