ippool.c revision 353085
1/* $FreeBSD: stable/11/contrib/ipfilter/tools/ippool.c 353085 2019-10-04 02:00:15Z cy $ */ 2 3/* 4 * Copyright (C) 2012 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 */ 8#include <sys/types.h> 9#include <sys/time.h> 10#include <sys/param.h> 11#include <sys/socket.h> 12# include <sys/cdefs.h> 13#include <sys/ioctl.h> 14 15#include <net/if.h> 16#include <netinet/in.h> 17 18#include <arpa/inet.h> 19 20#include <stdio.h> 21#include <fcntl.h> 22#include <stdlib.h> 23#include <string.h> 24#include <netdb.h> 25#include <ctype.h> 26#include <unistd.h> 27# include <nlist.h> 28 29#include "ipf.h" 30#include "netinet/ipl.h" 31#include "netinet/ip_lookup.h" 32#include "netinet/ip_pool.h" 33#include "netinet/ip_htable.h" 34#include "kmem.h" 35 36 37extern int ippool_yyparse __P((void)); 38extern int ippool_yydebug; 39extern FILE *ippool_yyin; 40extern char *optarg; 41extern int lineNum; 42 43void usage __P((char *)); 44int main __P((int, char **)); 45int poolcommand __P((int, int, char *[])); 46int poolnodecommand __P((int, int, char *[])); 47int loadpoolfile __P((int, char *[], char *)); 48int poollist __P((int, char *[])); 49void poollist_dead __P((int, char *, int, char *, char *)); 50void poollist_live __P((int, char *, int, int)); 51int poolflush __P((int, char *[])); 52int poolstats __P((int, char *[])); 53int gettype __P((char *, u_int *)); 54int getrole __P((char *)); 55int setnodeaddr __P((int, int, void *ptr, char *arg)); 56void showpools_live __P((int, int, ipf_pool_stat_t *, char *)); 57void showhashs_live __P((int, int, iphtstat_t *, char *)); 58void showdstls_live __P((int, int, ipf_dstl_stat_t *, char *)); 59 60int opts = 0; 61int fd = -1; 62int use_inet6 = 0; 63wordtab_t *pool_fields = NULL; 64int nohdrfields = 0; 65 66 67void 68usage(prog) 69 char *prog; 70{ 71 fprintf(stderr, "Usage:\t%s\n", prog); 72 fprintf(stderr, "\t-a [-dnv] [-m <name>] [-o <role>] [-t type] [-T ttl] -i <ipaddr>[/netmask]\n"); 73 fprintf(stderr, "\t-A [-dnv] [-m <name>] [-o <role>] [-S <seed>] [-t <type>]\n"); 74 fprintf(stderr, "\t-f <file> [-dnuv]\n"); 75 fprintf(stderr, "\t-F [-dv] [-o <role>] [-t <type>]\n"); 76 fprintf(stderr, "\t-l [-dv] [-m <name>] [-t <type>]\n"); 77 fprintf(stderr, "\t-r [-dnv] [-m <name>] [-o <role>] [-t type] -i <ipaddr>[/netmask]\n"); 78 fprintf(stderr, "\t-R [-dnv] [-m <name>] [-o <role>] [-t <type>]\n"); 79 fprintf(stderr, "\t-s [-dtv] [-M <core>] [-N <namelist>]\n"); 80 exit(1); 81} 82 83 84int 85main(argc, argv) 86 int argc; 87 char *argv[]; 88{ 89 int err = 1; 90 91 if (argc < 2) 92 usage(argv[0]); 93 94 assigndefined(getenv("IPPOOL_PREDEFINED")); 95 96 switch (getopt(argc, argv, "aAf:FlrRs")) 97 { 98 case 'a' : 99 err = poolnodecommand(0, argc, argv); 100 break; 101 case 'A' : 102 err = poolcommand(0, argc, argv); 103 break; 104 case 'f' : 105 err = loadpoolfile(argc, argv, optarg); 106 break; 107 case 'F' : 108 err = poolflush(argc, argv); 109 break; 110 case 'l' : 111 err = poollist(argc, argv); 112 break; 113 case 'r' : 114 err = poolnodecommand(1, argc, argv); 115 break; 116 case 'R' : 117 err = poolcommand(1, argc, argv); 118 break; 119 case 's' : 120 err = poolstats(argc, argv); 121 break; 122 default : 123 exit(1); 124 } 125 126 if (err != 0) 127 exit(1); 128 return 0; 129} 130 131 132int 133poolnodecommand(remove, argc, argv) 134 int remove, argc; 135 char *argv[]; 136{ 137 int err = 0, c, ipset, role, type = IPLT_POOL, ttl = 0; 138 char *poolname = NULL; 139 ip_pool_node_t pnode; 140 iphtent_t hnode; 141 void *ptr = &pnode; 142 143 ipset = 0; 144 role = IPL_LOGIPF; 145 bzero((char *)&pnode, sizeof(pnode)); 146 bzero((char *)&hnode, sizeof(hnode)); 147 148 while ((c = getopt(argc, argv, "di:m:no:Rt:T:v")) != -1) 149 switch (c) 150 { 151 case 'd' : 152 opts |= OPT_DEBUG; 153 ippool_yydebug++; 154 break; 155 case 'i' : 156 if (setnodeaddr(type, role, ptr, optarg) == 0) 157 ipset = 1; 158 break; 159 case 'm' : 160 poolname = optarg; 161 break; 162 case 'n' : 163 opts |= OPT_DONOTHING|OPT_DONTOPEN; 164 break; 165 case 'o' : 166 if (ipset == 1) { 167 fprintf(stderr, 168 "cannot set role after ip address\n"); 169 return -1; 170 } 171 role = getrole(optarg); 172 if (role == IPL_LOGNONE) 173 return -1; 174 break; 175 case 'R' : 176 opts |= OPT_NORESOLVE; 177 break; 178 case 't' : 179 if (ipset == 1) { 180 fprintf(stderr, 181 "cannot set type after ip address\n"); 182 return -1; 183 } 184 type = gettype(optarg, NULL); 185 switch (type) { 186 case IPLT_NONE : 187 fprintf(stderr, "unknown type '%s'\n", optarg); 188 return -1; 189 case IPLT_HASH : 190 ptr = &hnode; 191 break; 192 case IPLT_POOL : 193 default : 194 break; 195 } 196 break; 197 case 'T' : 198 ttl = atoi(optarg); 199 if (ttl < 0) { 200 fprintf(stderr, "cannot set negative ttl\n"); 201 return -1; 202 } 203 break; 204 case 'v' : 205 opts |= OPT_VERBOSE; 206 break; 207 } 208 209 if (argv[optind] != NULL && ipset == 0) { 210 if (setnodeaddr(type, role, ptr, argv[optind]) == 0) 211 ipset = 1; 212 } 213 214 if (opts & OPT_DEBUG) 215 fprintf(stderr, "poolnodecommand: opts = %#x\n", opts); 216 217 if (ipset == 0) { 218 fprintf(stderr, "no IP address given with -i\n"); 219 return -1; 220 } 221 222 if (poolname == NULL) { 223 fprintf(stderr, "poolname not given with add/remove node\n"); 224 return -1; 225 } 226 227 switch (type) { 228 case IPLT_POOL : 229 if (remove == 0) 230 err = load_poolnode(role, poolname, &pnode, ttl, ioctl); 231 else 232 err = remove_poolnode(role, poolname, &pnode, ioctl); 233 break; 234 case IPLT_HASH : 235 if (remove == 0) 236 err = load_hashnode(role, poolname, &hnode, ttl, ioctl); 237 else 238 err = remove_hashnode(role, poolname, &hnode, ioctl); 239 break; 240 default : 241 break; 242 } 243 return err; 244} 245 246 247int 248poolcommand(remove, argc, argv) 249 int remove, argc; 250 char *argv[]; 251{ 252 int type, role, c, err; 253 char *poolname; 254 iphtable_t iph; 255 ip_pool_t pool; 256 257 err = 1; 258 role = 0; 259 type = 0; 260 poolname = NULL; 261 role = IPL_LOGIPF; 262 bzero((char *)&iph, sizeof(iph)); 263 bzero((char *)&pool, sizeof(pool)); 264 265 while ((c = getopt(argc, argv, "dm:no:RS:v")) != -1) 266 switch (c) 267 { 268 case 'd' : 269 opts |= OPT_DEBUG; 270 ippool_yydebug++; 271 break; 272 case 'm' : 273 poolname = optarg; 274 break; 275 case 'n' : 276 opts |= OPT_DONOTHING|OPT_DONTOPEN; 277 break; 278 case 'o' : 279 role = getrole(optarg); 280 if (role == IPL_LOGNONE) { 281 fprintf(stderr, "unknown role '%s'\n", optarg); 282 return -1; 283 } 284 break; 285 case 'R' : 286 opts |= OPT_NORESOLVE; 287 break; 288 case 'S' : 289 iph.iph_seed = atoi(optarg); 290 break; 291 case 'v' : 292 opts |= OPT_VERBOSE; 293 break; 294 default : 295 usage(argv[0]); 296 break; /* keep compiler happy */ 297 } 298 299 if (argc - 1 - optind > 0) 300 usage(argv[0]); 301 302 if (opts & OPT_DEBUG) 303 fprintf(stderr, "poolcommand: opts = %#x\n", opts); 304 305 if (poolname == NULL) { 306 fprintf(stderr, "poolname not given with add/remove pool\n"); 307 return -1; 308 } 309 310 type = gettype(argv[optind], &iph.iph_type); 311 if (type == IPLT_NONE) { 312 fprintf(stderr, "unknown type '%s'\n", argv[optind]); 313 return -1; 314 } 315 316 if (type == IPLT_HASH) { 317 strncpy(iph.iph_name, poolname, sizeof(iph.iph_name)); 318 iph.iph_name[sizeof(iph.iph_name) - 1] = '\0'; 319 iph.iph_unit = role; 320 } else if (type == IPLT_POOL) { 321 strncpy(pool.ipo_name, poolname, sizeof(pool.ipo_name)); 322 pool.ipo_name[sizeof(pool.ipo_name) - 1] = '\0'; 323 pool.ipo_unit = role; 324 } 325 326 if (remove == 0) { 327 switch (type) 328 { 329 case IPLT_HASH : 330 err = load_hash(&iph, NULL, ioctl); 331 break; 332 case IPLT_POOL : 333 err = load_pool(&pool, ioctl); 334 break; 335 } 336 } else { 337 switch (type) 338 { 339 case IPLT_HASH : 340 err = remove_hash(&iph, ioctl); 341 break; 342 case IPLT_POOL : 343 err = remove_pool(&pool, ioctl); 344 break; 345 } 346 } 347 return err; 348} 349 350 351int 352loadpoolfile(argc, argv, infile) 353 int argc; 354 char *argv[], *infile; 355{ 356 int c; 357 358 while ((c = getopt(argc, argv, "dnRuv")) != -1) 359 switch (c) 360 { 361 case 'd' : 362 opts |= OPT_DEBUG; 363 ippool_yydebug++; 364 break; 365 case 'n' : 366 opts |= OPT_DONOTHING|OPT_DONTOPEN; 367 break; 368 case 'R' : 369 opts |= OPT_NORESOLVE; 370 break; 371 case 'u' : 372 opts |= OPT_REMOVE; 373 break; 374 case 'v' : 375 opts |= OPT_VERBOSE; 376 break; 377 default : 378 usage(argv[0]); 379 break; /* keep compiler happy */ 380 } 381 382 if (argc - 1 - optind > 0) 383 usage(argv[0]); 384 385 if (opts & OPT_DEBUG) 386 fprintf(stderr, "loadpoolfile: opts = %#x\n", opts); 387 388 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) { 389 fd = open(IPLOOKUP_NAME, O_RDWR); 390 if (fd == -1) { 391 perror("open(IPLOOKUP_NAME)"); 392 exit(1); 393 } 394 } 395 396 if (ippool_parsefile(fd, infile, ioctl) != 0) 397 return -1; 398 return 0; 399} 400 401 402int 403poolstats(argc, argv) 404 int argc; 405 char *argv[]; 406{ 407 int c, type, role, live_kernel; 408 ipf_pool_stat_t plstat; 409 ipf_dstl_stat_t dlstat; 410 char *kernel, *core; 411 iphtstat_t htstat; 412 iplookupop_t op; 413 414 core = NULL; 415 kernel = NULL; 416 live_kernel = 1; 417 type = IPLT_ALL; 418 role = IPL_LOGALL; 419 420 bzero((char *)&op, sizeof(op)); 421 422 while ((c = getopt(argc, argv, "dM:N:o:t:v")) != -1) 423 switch (c) 424 { 425 case 'd' : 426 opts |= OPT_DEBUG; 427 break; 428 case 'M' : 429 live_kernel = 0; 430 core = optarg; 431 break; 432 case 'N' : 433 live_kernel = 0; 434 kernel = optarg; 435 break; 436 case 'o' : 437 role = getrole(optarg); 438 if (role == IPL_LOGNONE) { 439 fprintf(stderr, "unknown role '%s'\n", optarg); 440 return -1; 441 } 442 break; 443 case 't' : 444 type = gettype(optarg, NULL); 445 if (type != IPLT_POOL) { 446 fprintf(stderr, 447 "-s not supported for this type yet\n"); 448 return -1; 449 } 450 break; 451 case 'v' : 452 opts |= OPT_VERBOSE; 453 break; 454 default : 455 usage(argv[0]); 456 break; /* keep compiler happy */ 457 } 458 459 if (argc - 1 - optind > 0) 460 usage(argv[0]); 461 462 if (opts & OPT_DEBUG) 463 fprintf(stderr, "poolstats: opts = %#x\n", opts); 464 465 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) { 466 fd = open(IPLOOKUP_NAME, O_RDWR); 467 if (fd == -1) { 468 perror("open(IPLOOKUP_NAME)"); 469 exit(1); 470 } 471 } 472 473 if (type == IPLT_ALL || type == IPLT_POOL) { 474 op.iplo_type = IPLT_POOL; 475 op.iplo_struct = &plstat; 476 op.iplo_size = sizeof(plstat); 477 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) { 478 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 479 if (c == -1) { 480 ipferror(fd, "ioctl(S0IOCLOOKUPSTAT)"); 481 return -1; 482 } 483 printf("%lu\taddress pools\n", plstat.ipls_pools); 484 printf("%lu\taddress pool nodes\n", plstat.ipls_nodes); 485 } 486 } 487 488 if (type == IPLT_ALL || type == IPLT_HASH) { 489 op.iplo_type = IPLT_HASH; 490 op.iplo_struct = &htstat; 491 op.iplo_size = sizeof(htstat); 492 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) { 493 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 494 if (c == -1) { 495 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 496 return -1; 497 } 498 printf("%lu\thash tables\n", htstat.iphs_numtables); 499 printf("%lu\thash table nodes\n", htstat.iphs_numnodes); 500 printf("%lu\thash table no memory \n", 501 htstat.iphs_nomem); 502 } 503 } 504 505 if (type == IPLT_ALL || type == IPLT_DSTLIST) { 506 op.iplo_type = IPLT_DSTLIST; 507 op.iplo_struct = &dlstat; 508 op.iplo_size = sizeof(dlstat); 509 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) { 510 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 511 if (c == -1) { 512 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 513 return -1; 514 } 515 printf("%u\tdestination lists\n", 516 dlstat.ipls_numlists); 517 printf("%u\tdestination list nodes\n", 518 dlstat.ipls_numnodes); 519 printf("%lu\tdestination list no memory\n", 520 dlstat.ipls_nomem); 521 printf("%u\tdestination list zombies\n", 522 dlstat.ipls_numdereflists); 523 printf("%u\tdesetination list node zombies\n", 524 dlstat.ipls_numderefnodes); 525 } 526 } 527 return 0; 528} 529 530 531int 532poolflush(argc, argv) 533 int argc; 534 char *argv[]; 535{ 536 int c, role, type, arg; 537 iplookupflush_t flush; 538 539 arg = IPLT_ALL; 540 type = IPLT_ALL; 541 role = IPL_LOGALL; 542 543 while ((c = getopt(argc, argv, "do:t:v")) != -1) 544 switch (c) 545 { 546 case 'd' : 547 opts |= OPT_DEBUG; 548 break; 549 case 'o' : 550 role = getrole(optarg); 551 if (role == IPL_LOGNONE) { 552 fprintf(stderr, "unknown role '%s'\n", optarg); 553 return -1; 554 } 555 break; 556 case 't' : 557 type = gettype(optarg, NULL); 558 if (type == IPLT_NONE) { 559 fprintf(stderr, "unknown type '%s'\n", optarg); 560 return -1; 561 } 562 break; 563 case 'v' : 564 opts |= OPT_VERBOSE; 565 break; 566 default : 567 usage(argv[0]); 568 break; /* keep compiler happy */ 569 } 570 571 if (argc - 1 - optind > 0) 572 usage(argv[0]); 573 574 if (opts & OPT_DEBUG) 575 fprintf(stderr, "poolflush: opts = %#x\n", opts); 576 577 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) { 578 fd = open(IPLOOKUP_NAME, O_RDWR); 579 if (fd == -1) { 580 perror("open(IPLOOKUP_NAME)"); 581 exit(1); 582 } 583 } 584 585 bzero((char *)&flush, sizeof(flush)); 586 flush.iplf_type = type; 587 flush.iplf_unit = role; 588 flush.iplf_arg = arg; 589 590 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) { 591 if (ioctl(fd, SIOCLOOKUPFLUSH, &flush) == -1) { 592 ipferror(fd, "ioctl(SIOCLOOKUPFLUSH)"); 593 exit(1); 594 } 595 596 } 597 printf("%u object%s flushed\n", flush.iplf_count, 598 (flush.iplf_count == 1) ? "" : "s"); 599 600 return 0; 601} 602 603 604int 605getrole(rolename) 606 char *rolename; 607{ 608 int role; 609 610 if (!strcasecmp(rolename, "ipf")) { 611 role = IPL_LOGIPF; 612#if 0 613 } else if (!strcasecmp(rolename, "nat")) { 614 role = IPL_LOGNAT; 615 } else if (!strcasecmp(rolename, "state")) { 616 role = IPL_LOGSTATE; 617 } else if (!strcasecmp(rolename, "auth")) { 618 role = IPL_LOGAUTH; 619 } else if (!strcasecmp(rolename, "sync")) { 620 role = IPL_LOGSYNC; 621 } else if (!strcasecmp(rolename, "scan")) { 622 role = IPL_LOGSCAN; 623 } else if (!strcasecmp(rolename, "pool")) { 624 role = IPL_LOGLOOKUP; 625 } else if (!strcasecmp(rolename, "count")) { 626 role = IPL_LOGCOUNT; 627#endif 628 } else { 629 role = IPL_LOGNONE; 630 } 631 632 return role; 633} 634 635 636int 637gettype(typename, minor) 638 char *typename; 639 u_int *minor; 640{ 641 int type; 642 643 if (!strcasecmp(typename, "tree") || !strcasecmp(typename, "pool")) { 644 type = IPLT_POOL; 645 } else if (!strcasecmp(typename, "hash")) { 646 type = IPLT_HASH; 647 if (minor != NULL) 648 *minor = IPHASH_LOOKUP; 649 } else if (!strcasecmp(typename, "group-map")) { 650 type = IPLT_HASH; 651 if (minor != NULL) 652 *minor = IPHASH_GROUPMAP; 653 } else { 654 type = IPLT_NONE; 655 } 656 return type; 657} 658 659 660int 661poollist(argc, argv) 662 int argc; 663 char *argv[]; 664{ 665 char *kernel, *core, *poolname; 666 int c, role, type, live_kernel; 667 iplookupop_t op; 668 669 core = NULL; 670 kernel = NULL; 671 live_kernel = 1; 672 type = IPLT_ALL; 673 poolname = NULL; 674 role = IPL_LOGALL; 675 676 while ((c = getopt(argc, argv, "dm:M:N:o:t:v")) != -1) 677 switch (c) 678 { 679 case 'd' : 680 opts |= OPT_DEBUG; 681 break; 682 case 'm' : 683 poolname = optarg; 684 break; 685 case 'M' : 686 live_kernel = 0; 687 core = optarg; 688 break; 689 case 'N' : 690 live_kernel = 0; 691 kernel = optarg; 692 break; 693 case 'o' : 694 role = getrole(optarg); 695 if (role == IPL_LOGNONE) { 696 fprintf(stderr, "unknown role '%s'\n", optarg); 697 return -1; 698 } 699 break; 700#if 0 701 case 'O' : 702 /* XXX This option does not work. This function as */ 703 /* XXX used by state and nat can be used to format */ 704 /* XXX output especially useful for scripting. It */ 705 /* XXX is left here with the intention of making */ 706 /* XXX it work for the same purpose at some point. */ 707 pool_fields = parsefields(poolfields, optarg); 708 break; 709#endif 710 case 't' : 711 type = gettype(optarg, NULL); 712 if (type == IPLT_NONE) { 713 fprintf(stderr, "unknown type '%s'\n", optarg); 714 return -1; 715 } 716 break; 717 case 'v' : 718 opts |= OPT_VERBOSE; 719 break; 720 default : 721 usage(argv[0]); 722 break; /* keep compiler happy */ 723 } 724 725 if (argc - optind > 0) 726 usage(argv[0]); 727 728 if (opts & OPT_DEBUG) 729 fprintf(stderr, "poollist: opts = %#x\n", opts); 730 731 if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) { 732 fd = open(IPLOOKUP_NAME, O_RDWR); 733 if (fd == -1) { 734 perror("open(IPLOOKUP_NAME)"); 735 exit(1); 736 } 737 } 738 739 bzero((char *)&op, sizeof(op)); 740 if (poolname != NULL) { 741 strncpy(op.iplo_name, poolname, sizeof(op.iplo_name)); 742 op.iplo_name[sizeof(op.iplo_name) - 1] = '\0'; 743 } 744 op.iplo_unit = role; 745 746 if (live_kernel) 747 poollist_live(role, poolname, type, fd); 748 else 749 poollist_dead(role, poolname, type, kernel, core); 750 return 0; 751} 752 753 754void 755poollist_dead(role, poolname, type, kernel, core) 756 int role, type; 757 char *poolname, *kernel, *core; 758{ 759 iphtable_t *hptr; 760 ip_pool_t *ptr; 761 762 if (openkmem(kernel, core) == -1) 763 exit(-1); 764 765 if (type == IPLT_ALL || type == IPLT_POOL) { 766 ip_pool_t *pools[IPL_LOGSIZE]; 767 struct nlist names[2] = { { "ip_pool_list" } , { "" } }; 768 769 if (nlist(kernel, names) != 1) 770 return; 771 772 bzero(&pools, sizeof(pools)); 773 if (kmemcpy((char *)&pools, names[0].n_value, sizeof(pools))) 774 return; 775 776 if (role != IPL_LOGALL) { 777 ptr = pools[role]; 778 while (ptr != NULL) { 779 ptr = printpool(ptr, kmemcpywrap, poolname, 780 opts, pool_fields); 781 } 782 } else { 783 for (role = 0; role <= IPL_LOGMAX; role++) { 784 ptr = pools[role]; 785 while (ptr != NULL) { 786 ptr = printpool(ptr, kmemcpywrap, 787 poolname, opts, 788 pool_fields); 789 } 790 } 791 role = IPL_LOGALL; 792 } 793 } 794 if (type == IPLT_ALL || type == IPLT_HASH) { 795 iphtable_t *tables[IPL_LOGSIZE]; 796 struct nlist names[2] = { { "ipf_htables" } , { "" } }; 797 798 if (nlist(kernel, names) != 1) 799 return; 800 801 bzero(&tables, sizeof(tables)); 802 if (kmemcpy((char *)&tables, names[0].n_value, sizeof(tables))) 803 return; 804 805 if (role != IPL_LOGALL) { 806 hptr = tables[role]; 807 while (hptr != NULL) { 808 hptr = printhash(hptr, kmemcpywrap, 809 poolname, opts, pool_fields); 810 } 811 } else { 812 for (role = 0; role <= IPL_LOGMAX; role++) { 813 hptr = tables[role]; 814 while (hptr != NULL) { 815 hptr = printhash(hptr, kmemcpywrap, 816 poolname, opts, 817 pool_fields); 818 } 819 } 820 } 821 } 822} 823 824 825void 826poollist_live(role, poolname, type, fd) 827 int role, type, fd; 828 char *poolname; 829{ 830 ipf_pool_stat_t plstat; 831 iplookupop_t op; 832 int c; 833 834 if (type == IPLT_ALL || type == IPLT_POOL) { 835 op.iplo_type = IPLT_POOL; 836 op.iplo_size = sizeof(plstat); 837 op.iplo_struct = &plstat; 838 op.iplo_name[0] = '\0'; 839 op.iplo_arg = 0; 840 841 if (role != IPL_LOGALL) { 842 op.iplo_unit = role; 843 844 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 845 if (c == -1) { 846 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 847 return; 848 } 849 850 showpools_live(fd, role, &plstat, poolname); 851 } else { 852 for (role = -1; role <= IPL_LOGMAX; role++) { 853 op.iplo_unit = role; 854 855 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 856 if (c == -1) { 857 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 858 return; 859 } 860 861 showpools_live(fd, role, &plstat, poolname); 862 } 863 864 role = IPL_LOGALL; 865 } 866 } 867 868 if (type == IPLT_ALL || type == IPLT_HASH) { 869 iphtstat_t htstat; 870 871 op.iplo_type = IPLT_HASH; 872 op.iplo_size = sizeof(htstat); 873 op.iplo_struct = &htstat; 874 op.iplo_name[0] = '\0'; 875 op.iplo_arg = 0; 876 877 if (role != IPL_LOGALL) { 878 op.iplo_unit = role; 879 880 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 881 if (c == -1) { 882 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 883 return; 884 } 885 showhashs_live(fd, role, &htstat, poolname); 886 } else { 887 for (role = 0; role <= IPL_LOGMAX; role++) { 888 889 op.iplo_unit = role; 890 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 891 if (c == -1) { 892 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 893 return; 894 } 895 896 showhashs_live(fd, role, &htstat, poolname); 897 } 898 role = IPL_LOGALL; 899 } 900 } 901 902 if (type == IPLT_ALL || type == IPLT_DSTLIST) { 903 ipf_dstl_stat_t dlstat; 904 905 op.iplo_type = IPLT_DSTLIST; 906 op.iplo_size = sizeof(dlstat); 907 op.iplo_struct = &dlstat; 908 op.iplo_name[0] = '\0'; 909 op.iplo_arg = 0; 910 911 if (role != IPL_LOGALL) { 912 op.iplo_unit = role; 913 914 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 915 if (c == -1) { 916 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 917 return; 918 } 919 showdstls_live(fd, role, &dlstat, poolname); 920 } else { 921 for (role = 0; role <= IPL_LOGMAX; role++) { 922 923 op.iplo_unit = role; 924 c = ioctl(fd, SIOCLOOKUPSTAT, &op); 925 if (c == -1) { 926 ipferror(fd, "ioctl(SIOCLOOKUPSTAT)"); 927 return; 928 } 929 930 showdstls_live(fd, role, &dlstat, poolname); 931 } 932 role = IPL_LOGALL; 933 } 934 } 935} 936 937 938void 939showpools_live(fd, role, plstp, poolname) 940 int fd, role; 941 ipf_pool_stat_t *plstp; 942 char *poolname; 943{ 944 ipflookupiter_t iter; 945 ip_pool_t pool; 946 ipfobj_t obj; 947 948 obj.ipfo_rev = IPFILTER_VERSION; 949 obj.ipfo_type = IPFOBJ_LOOKUPITER; 950 obj.ipfo_size = sizeof(iter); 951 obj.ipfo_ptr = &iter; 952 953 iter.ili_type = IPLT_POOL; 954 iter.ili_otype = IPFLOOKUPITER_LIST; 955 iter.ili_ival = IPFGENITER_LOOKUP; 956 iter.ili_nitems = 1; 957 iter.ili_data = &pool; 958 iter.ili_unit = role; 959 *iter.ili_name = '\0'; 960 961 bzero((char *)&pool, sizeof(pool)); 962 963 while (plstp->ipls_list[role + 1] != NULL) { 964 if (ioctl(fd, SIOCLOOKUPITER, &obj)) { 965 ipferror(fd, "ioctl(SIOCLOOKUPITER)"); 966 break; 967 } 968 if (((pool.ipo_flags & IPOOL_DELETE) == 0) || 969 ((opts & OPT_DEBUG) != 0)) 970 printpool_live(&pool, fd, poolname, opts, pool_fields); 971 972 plstp->ipls_list[role + 1] = pool.ipo_next; 973 } 974} 975 976 977void 978showhashs_live(fd, role, htstp, poolname) 979 int fd, role; 980 iphtstat_t *htstp; 981 char *poolname; 982{ 983 ipflookupiter_t iter; 984 iphtable_t table; 985 ipfobj_t obj; 986 987 obj.ipfo_rev = IPFILTER_VERSION; 988 obj.ipfo_type = IPFOBJ_LOOKUPITER; 989 obj.ipfo_size = sizeof(iter); 990 obj.ipfo_ptr = &iter; 991 992 iter.ili_type = IPLT_HASH; 993 iter.ili_otype = IPFLOOKUPITER_LIST; 994 iter.ili_ival = IPFGENITER_LOOKUP; 995 iter.ili_nitems = 1; 996 iter.ili_data = &table; 997 iter.ili_unit = role; 998 *iter.ili_name = '\0'; 999 1000 while (htstp->iphs_tables != NULL) { 1001 if (ioctl(fd, SIOCLOOKUPITER, &obj)) { 1002 ipferror(fd, "ioctl(SIOCLOOKUPITER)"); 1003 break; 1004 } 1005 1006 printhash_live(&table, fd, poolname, opts, pool_fields); 1007 1008 htstp->iphs_tables = table.iph_next; 1009 } 1010} 1011 1012 1013void 1014showdstls_live(fd, role, dlstp, poolname) 1015 int fd, role; 1016 ipf_dstl_stat_t *dlstp; 1017 char *poolname; 1018{ 1019 ipflookupiter_t iter; 1020 ippool_dst_t table; 1021 ipfobj_t obj; 1022 1023 obj.ipfo_rev = IPFILTER_VERSION; 1024 obj.ipfo_type = IPFOBJ_LOOKUPITER; 1025 obj.ipfo_size = sizeof(iter); 1026 obj.ipfo_ptr = &iter; 1027 1028 iter.ili_type = IPLT_DSTLIST; 1029 iter.ili_otype = IPFLOOKUPITER_LIST; 1030 iter.ili_ival = IPFGENITER_LOOKUP; 1031 iter.ili_nitems = 1; 1032 iter.ili_data = &table; 1033 iter.ili_unit = role; 1034 *iter.ili_name = '\0'; 1035 1036 while (dlstp->ipls_list[role] != NULL) { 1037 if (ioctl(fd, SIOCLOOKUPITER, &obj)) { 1038 ipferror(fd, "ioctl(SIOCLOOKUPITER)"); 1039 break; 1040 } 1041 1042 printdstl_live(&table, fd, poolname, opts, pool_fields); 1043 1044 dlstp->ipls_list[role] = table.ipld_next; 1045 } 1046} 1047 1048 1049int 1050setnodeaddr(int type, int role, void *ptr, char *arg) 1051{ 1052 struct in_addr mask; 1053 char *s; 1054 1055 s = strchr(arg, '/'); 1056 if (s == NULL) 1057 mask.s_addr = 0xffffffff; 1058 else if (strchr(s, '.') == NULL) { 1059 if (ntomask(AF_INET, atoi(s + 1), &mask.s_addr) != 0) 1060 return -1; 1061 } else { 1062 mask.s_addr = inet_addr(s + 1); 1063 } 1064 if (s != NULL) 1065 *s = '\0'; 1066 1067 if (type == IPLT_POOL) { 1068 ip_pool_node_t *node = ptr; 1069 1070#ifdef USE_INET6 1071 if (node->ipn_addr.adf_family == AF_INET) 1072#endif 1073 node->ipn_addr.adf_len = offsetof(addrfamily_t, 1074 adf_addr) + 1075 sizeof(struct in_addr); 1076#ifdef USE_INET6 1077 else 1078 node->ipn_addr.adf_len = offsetof(addrfamily_t, 1079 adf_addr) + 1080 sizeof(struct in6_addr); 1081#endif 1082 node->ipn_addr.adf_addr.in4.s_addr = inet_addr(arg); 1083 node->ipn_mask.adf_len = node->ipn_addr.adf_len; 1084 node->ipn_mask.adf_addr.in4.s_addr = mask.s_addr; 1085 } else if (type == IPLT_HASH) { 1086 iphtent_t *node = ptr; 1087 1088 node->ipe_addr.in4.s_addr = inet_addr(arg); 1089 node->ipe_mask.in4.s_addr = mask.s_addr; 1090 node->ipe_family = AF_INET; 1091 node->ipe_unit = role; 1092 } 1093 1094 return 0; 1095} 1096