printstate.c revision 170268
1145519Sdarrenr/* $FreeBSD: head/contrib/ipfilter/lib/printstate.c 170268 2007-06-04 02:54:36Z darrenr $ */ 2145510Sdarrenr 3145510Sdarrenr/* 4170268Sdarrenr * Copyright (C) 2002-2005 by Darren Reed. 5145510Sdarrenr * 6145510Sdarrenr * See the IPFILTER.LICENCE file for details on licencing. 7145510Sdarrenr */ 8145510Sdarrenr 9145510Sdarrenr#include "ipf.h" 10145510Sdarrenr#include "kmem.h" 11145510Sdarrenr 12145510Sdarrenr#define PRINTF (void)printf 13145510Sdarrenr#define FPRINTF (void)fprintf 14145510Sdarrenr 15145510Sdarrenripstate_t *printstate(sp, opts, now) 16145510Sdarrenripstate_t *sp; 17145510Sdarrenrint opts; 18145510Sdarrenru_long now; 19145510Sdarrenr{ 20145510Sdarrenr synclist_t ipsync; 21145510Sdarrenr 22170268Sdarrenr if (sp->is_phnext == NULL) 23170268Sdarrenr PRINTF("ORPHAN "); 24170268Sdarrenr PRINTF("%s -> ", hostname(sp->is_v, &sp->is_src.in4)); 25170268Sdarrenr PRINTF("%s pass %#x pr %d state %d/%d", 26170268Sdarrenr hostname(sp->is_v, &sp->is_dst.in4), sp->is_pass, sp->is_p, 27170268Sdarrenr sp->is_state[0], sp->is_state[1]); 28170268Sdarrenr if (opts & OPT_DEBUG) 29170268Sdarrenr PRINTF(" bkt %d ref %d", sp->is_hv, sp->is_ref); 30170268Sdarrenr PRINTF("\n\ttag %u ttl %lu", sp->is_tag, sp->is_die - now); 31145510Sdarrenr 32170268Sdarrenr if (sp->is_p == IPPROTO_TCP) { 33145510Sdarrenr PRINTF("\n\t%hu -> %hu %x:%x %hu<<%d:%hu<<%d\n", 34170268Sdarrenr ntohs(sp->is_sport), ntohs(sp->is_dport), 35170268Sdarrenr sp->is_send, sp->is_dend, 36170268Sdarrenr sp->is_maxswin, sp->is_swinscale, 37170268Sdarrenr sp->is_maxdwin, sp->is_dwinscale); 38145510Sdarrenr PRINTF("\tcmsk %04x smsk %04x isc %p s0 %08x/%08x\n", 39170268Sdarrenr sp->is_smsk[0], sp->is_smsk[1], sp->is_isc, 40170268Sdarrenr sp->is_s0[0], sp->is_s0[1]); 41145510Sdarrenr PRINTF("\tFWD:ISN inc %x sumd %x\n", 42170268Sdarrenr sp->is_isninc[0], sp->is_sumd[0]); 43145510Sdarrenr PRINTF("\tREV:ISN inc %x sumd %x\n", 44170268Sdarrenr sp->is_isninc[1], sp->is_sumd[1]); 45145510Sdarrenr#ifdef IPFILTER_SCAN 46145510Sdarrenr PRINTF("\tsbuf[0] ["); 47170268Sdarrenr printsbuf(sp->is_sbuf[0]); 48145510Sdarrenr PRINTF("] sbuf[1] ["); 49170268Sdarrenr printsbuf(sp->is_sbuf[1]); 50145510Sdarrenr PRINTF("]\n"); 51145510Sdarrenr#endif 52170268Sdarrenr } else if (sp->is_p == IPPROTO_UDP) { 53170268Sdarrenr PRINTF(" %hu -> %hu\n", ntohs(sp->is_sport), 54170268Sdarrenr ntohs(sp->is_dport)); 55170268Sdarrenr } else if (sp->is_p == IPPROTO_GRE) { 56170268Sdarrenr PRINTF(" call %hx/%hx\n", ntohs(sp->is_gre.gs_call[0]), 57170268Sdarrenr ntohs(sp->is_gre.gs_call[1])); 58170268Sdarrenr } else if (sp->is_p == IPPROTO_ICMP 59145510Sdarrenr#ifdef USE_INET6 60170268Sdarrenr || sp->is_p == IPPROTO_ICMPV6 61145510Sdarrenr#endif 62145510Sdarrenr ) 63170268Sdarrenr PRINTF(" id %hu seq %hu type %d\n", sp->is_icmp.ici_id, 64170268Sdarrenr sp->is_icmp.ici_seq, sp->is_icmp.ici_type); 65145510Sdarrenr 66145510Sdarrenr#ifdef USE_QUAD_T 67145640Sdarrenr PRINTF("\tforward: pkts in %lld bytes in %lld pkts out %lld bytes out %lld\n\tbackward: pkts in %lld bytes in %lld pkts out %lld bytes out %lld\n", 68170268Sdarrenr sp->is_pkts[0], sp->is_bytes[0], 69170268Sdarrenr sp->is_pkts[1], sp->is_bytes[1], 70170268Sdarrenr sp->is_pkts[2], sp->is_bytes[2], 71170268Sdarrenr sp->is_pkts[3], sp->is_bytes[3]); 72145510Sdarrenr#else 73145510Sdarrenr PRINTF("\tforward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n\tbackward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n", 74170268Sdarrenr sp->is_pkts[0], sp->is_bytes[0], 75170268Sdarrenr sp->is_pkts[1], sp->is_bytes[1], 76170268Sdarrenr sp->is_pkts[2], sp->is_bytes[2], 77170268Sdarrenr sp->is_pkts[3], sp->is_bytes[3]); 78145510Sdarrenr#endif 79145510Sdarrenr 80145510Sdarrenr PRINTF("\t"); 81145510Sdarrenr 82145510Sdarrenr /* 83145510Sdarrenr * Print out bits set in the result code for the state being 84145510Sdarrenr * kept as they would for a rule. 85145510Sdarrenr */ 86170268Sdarrenr if (FR_ISPASS(sp->is_pass)) { 87145510Sdarrenr PRINTF("pass"); 88170268Sdarrenr } else if (FR_ISBLOCK(sp->is_pass)) { 89145510Sdarrenr PRINTF("block"); 90170268Sdarrenr switch (sp->is_pass & FR_RETMASK) 91145510Sdarrenr { 92145510Sdarrenr case FR_RETICMP : 93145510Sdarrenr PRINTF(" return-icmp"); 94145510Sdarrenr break; 95145510Sdarrenr case FR_FAKEICMP : 96145510Sdarrenr PRINTF(" return-icmp-as-dest"); 97145510Sdarrenr break; 98145510Sdarrenr case FR_RETRST : 99145510Sdarrenr PRINTF(" return-rst"); 100145510Sdarrenr break; 101145510Sdarrenr default : 102145510Sdarrenr break; 103145510Sdarrenr } 104170268Sdarrenr } else if ((sp->is_pass & FR_LOGMASK) == FR_LOG) { 105145510Sdarrenr PRINTF("log"); 106170268Sdarrenr if (sp->is_pass & FR_LOGBODY) 107145510Sdarrenr PRINTF(" body"); 108170268Sdarrenr if (sp->is_pass & FR_LOGFIRST) 109145510Sdarrenr PRINTF(" first"); 110170268Sdarrenr } else if (FR_ISACCOUNT(sp->is_pass)) { 111145510Sdarrenr PRINTF("count"); 112170268Sdarrenr } else if (FR_ISPREAUTH(sp->is_pass)) { 113145510Sdarrenr PRINTF("preauth"); 114170268Sdarrenr } else if (FR_ISAUTH(sp->is_pass)) 115145510Sdarrenr PRINTF("auth"); 116145510Sdarrenr 117170268Sdarrenr if (sp->is_pass & FR_OUTQUE) 118145510Sdarrenr PRINTF(" out"); 119145510Sdarrenr else 120145510Sdarrenr PRINTF(" in"); 121145510Sdarrenr 122170268Sdarrenr if ((sp->is_pass & FR_LOG) != 0) { 123145510Sdarrenr PRINTF(" log"); 124170268Sdarrenr if (sp->is_pass & FR_LOGBODY) 125145510Sdarrenr PRINTF(" body"); 126170268Sdarrenr if (sp->is_pass & FR_LOGFIRST) 127145510Sdarrenr PRINTF(" first"); 128170268Sdarrenr if (sp->is_pass & FR_LOGORBLOCK) 129145510Sdarrenr PRINTF(" or-block"); 130145510Sdarrenr } 131170268Sdarrenr if (sp->is_pass & FR_QUICK) 132145510Sdarrenr PRINTF(" quick"); 133170268Sdarrenr if (sp->is_pass & FR_KEEPFRAG) 134145510Sdarrenr PRINTF(" keep frags"); 135145510Sdarrenr /* a given; no? */ 136170268Sdarrenr if (sp->is_pass & FR_KEEPSTATE) { 137145510Sdarrenr PRINTF(" keep state"); 138170268Sdarrenr if (sp->is_pass & FR_STATESYNC) 139145510Sdarrenr PRINTF(" ( sync )"); 140145510Sdarrenr } 141170268Sdarrenr PRINTF("\tIPv%d", sp->is_v); 142145510Sdarrenr PRINTF("\n"); 143145510Sdarrenr 144145510Sdarrenr PRINTF("\tpkt_flags & %x(%x) = %x,\t", 145170268Sdarrenr sp->is_flags & 0xf, sp->is_flags, 146170268Sdarrenr sp->is_flags >> 4); 147170268Sdarrenr PRINTF("\tpkt_options & %x = %x, %x = %x \n", sp->is_optmsk[0], 148170268Sdarrenr sp->is_opt[0], sp->is_optmsk[1], sp->is_opt[1]); 149145510Sdarrenr PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n", 150170268Sdarrenr sp->is_secmsk, sp->is_sec, sp->is_authmsk, 151170268Sdarrenr sp->is_auth); 152170268Sdarrenr PRINTF("\tis_flx %#x %#x %#x %#x\n", sp->is_flx[0][0], sp->is_flx[0][1], 153170268Sdarrenr sp->is_flx[1][0], sp->is_flx[1][1]); 154170268Sdarrenr PRINTF("\tinterfaces: in %s[%s", getifname(sp->is_ifp[0]), 155170268Sdarrenr sp->is_ifname[0]); 156145510Sdarrenr if (opts & OPT_DEBUG) 157170268Sdarrenr PRINTF("/%p", sp->is_ifp[0]); 158145510Sdarrenr putchar(']'); 159170268Sdarrenr PRINTF(",%s[%s", getifname(sp->is_ifp[1]), sp->is_ifname[1]); 160145510Sdarrenr if (opts & OPT_DEBUG) 161170268Sdarrenr PRINTF("/%p", sp->is_ifp[1]); 162145510Sdarrenr putchar(']'); 163170268Sdarrenr PRINTF(" out %s[%s", getifname(sp->is_ifp[2]), sp->is_ifname[2]); 164145510Sdarrenr if (opts & OPT_DEBUG) 165170268Sdarrenr PRINTF("/%p", sp->is_ifp[2]); 166145510Sdarrenr putchar(']'); 167170268Sdarrenr PRINTF(",%s[%s", getifname(sp->is_ifp[3]), sp->is_ifname[3]); 168145510Sdarrenr if (opts & OPT_DEBUG) 169170268Sdarrenr PRINTF("/%p", sp->is_ifp[3]); 170145510Sdarrenr PRINTF("]\n"); 171145510Sdarrenr 172170268Sdarrenr if (sp->is_sync != NULL) { 173145510Sdarrenr 174170268Sdarrenr if (kmemcpy((char *)&ipsync, (u_long)sp->is_sync, sizeof(ipsync))) { 175145510Sdarrenr 176145510Sdarrenr PRINTF("\tSync status: status could not be retrieved\n"); 177145510Sdarrenr return NULL; 178145510Sdarrenr } 179145510Sdarrenr 180145510Sdarrenr PRINTF("\tSync status: idx %d num %d v %d pr %d rev %d\n", 181145510Sdarrenr ipsync.sl_idx, ipsync.sl_num, ipsync.sl_v, 182145510Sdarrenr ipsync.sl_p, ipsync.sl_rev); 183145510Sdarrenr 184145510Sdarrenr } else { 185145510Sdarrenr PRINTF("\tSync status: not synchronized\n"); 186145510Sdarrenr } 187145510Sdarrenr 188170268Sdarrenr return sp->is_next; 189145510Sdarrenr} 190