ipftest.c revision 1.2.2.2
1/* $NetBSD: ipftest.c,v 1.2.2.2 2012/04/17 00:03:26 yamt Exp $ */ 2 3/* 4 * Copyright (C) 2012 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 */ 8#include "ipf.h" 9#include "ipt.h" 10#include <sys/ioctl.h> 11#include <sys/file.h> 12 13#if !defined(lint) 14static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed"; 15static const char rcsid[] = "@(#)Id: ipftest.c,v 1.78.2.6 2012/01/26 05:29:18 darrenr Exp"; 16#endif 17 18extern char *optarg; 19extern struct ipread pcap, iptext, iphex; 20extern struct ifnet *get_unit __P((char *, int)); 21extern void init_ifp __P((void)); 22extern ipnat_t *natparse __P((char *, int)); 23extern hostmap_t **ipf_hm_maptable; 24extern hostmap_t *ipf_hm_maplist; 25 26ipfmutex_t ipl_mutex, ipf_auth_mx, ipf_rw, ipf_stinsert; 27ipfmutex_t ipf_nat_new, ipf_natio, ipf_timeoutlock; 28ipfrwlock_t ipf_mutex, ipf_global, ipf_ipidfrag, ip_poolrw, ipf_frcache; 29ipfrwlock_t ipf_frag, ipf_state, ipf_nat, ipf_natfrag, ipf_authlk; 30ipfrwlock_t ipf_tokens; 31int opts = OPT_DONTOPEN; 32int use_inet6 = 0; 33int docksum = 0; 34int pfil_delayed_copy = 0; 35int main __P((int, char *[])); 36int loadrules __P((char *, int)); 37int kmemcpy __P((char *, long, int)); 38int kstrncpy __P((char *, long, int n)); 39int blockreason; 40void dumpnat __P((void *)); 41void dumpgroups __P((ipf_main_softc_t *)); 42void dumprules __P((frentry_t *)); 43void drain_log __P((char *)); 44void fixv4sums __P((mb_t *, ip_t *)); 45 46#if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 47 (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 48 defined(__osf__) || defined(linux) 49int ipftestioctl __P((int, ioctlcmd_t, ...)); 50int ipnattestioctl __P((int, ioctlcmd_t, ...)); 51int ipstatetestioctl __P((int, ioctlcmd_t, ...)); 52int ipauthtestioctl __P((int, ioctlcmd_t, ...)); 53int ipscantestioctl __P((int, ioctlcmd_t, ...)); 54int ipsynctestioctl __P((int, ioctlcmd_t, ...)); 55int ipooltestioctl __P((int, ioctlcmd_t, ...)); 56#else 57int ipftestioctl __P((dev_t, ioctlcmd_t, void *)); 58int ipnattestioctl __P((dev_t, ioctlcmd_t, void *)); 59int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *)); 60int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *)); 61int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *)); 62int ipscantestioctl __P((dev_t, ioctlcmd_t, void *)); 63int ipooltestioctl __P((dev_t, ioctlcmd_t, void *)); 64#endif 65 66static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl, 67 ipnattestioctl, 68 ipstatetestioctl, 69 ipauthtestioctl, 70 ipsynctestioctl, 71 ipscantestioctl, 72 ipooltestioctl, 73 NULL }; 74static ipf_main_softc_t *softc = NULL; 75 76 77int 78main(argc,argv) 79 int argc; 80 char *argv[]; 81{ 82 char *datain, *iface, *ifname, *logout; 83 int fd, i, dir, c, loaded, dump, hlen; 84 struct in_addr sip; 85 struct ifnet *ifp; 86 struct ipread *r; 87 mb_t mb, *m, *n; 88 ip_t *ip; 89 90 m = &mb; 91 dir = 0; 92 dump = 0; 93 hlen = 0; 94 loaded = 0; 95 r = &iptext; 96 iface = NULL; 97 logout = NULL; 98 datain = NULL; 99 sip.s_addr = 0; 100 ifname = "anon0"; 101 102 initparse(); 103 104 ipf_load_all(); 105 106 softc = ipf_create_all(NULL); 107 if (softc == NULL) 108 exit(1); 109 110 if (ipf_init_all(softc) == -1) 111 exit(1); 112 113 i = 1; 114 if (ipftestioctl(IPL_LOGIPF, SIOCFRENB, &i) != 0) 115 exit(1); 116 117 while ((c = getopt(argc, argv, "6bCdDF:i:I:l:N:P:or:RS:T:vxX")) != -1) 118 switch (c) 119 { 120 case '6' : 121#ifdef USE_INET6 122 use_inet6 = 1; 123#else 124 fprintf(stderr, "IPv6 not supported\n"); 125 exit(1); 126#endif 127 break; 128 case 'b' : 129 opts |= OPT_BRIEF; 130 break; 131 case 'd' : 132 opts |= OPT_DEBUG; 133 break; 134 case 'C' : 135 docksum = 1; 136 break; 137 case 'D' : 138 dump = 1; 139 break; 140 case 'F' : 141 if (strcasecmp(optarg, "pcap") == 0) 142 r = &pcap; 143 else if (strcasecmp(optarg, "hex") == 0) 144 r = &iphex; 145 else if (strcasecmp(optarg, "text") == 0) 146 r = &iptext; 147 break; 148 case 'i' : 149 datain = optarg; 150 break; 151 case 'I' : 152 ifname = optarg; 153 break; 154 case 'l' : 155 logout = optarg; 156 break; 157 case 'N' : 158 if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl, 159 optarg) == -1) 160 return -1; 161 loaded = 1; 162 opts |= OPT_NAT; 163 break; 164 case 'o' : 165 opts |= OPT_SAVEOUT; 166 break; 167 case 'P' : 168 if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1) 169 return -1; 170 loaded = 1; 171 break; 172 case 'r' : 173 if (ipf_parsefile(-1, ipf_addrule, iocfunctions, 174 optarg) == -1) 175 return -1; 176 loaded = 1; 177 break; 178 case 'S' : 179 sip.s_addr = inet_addr(optarg); 180 break; 181 case 'R' : 182 opts |= OPT_NORESOLVE; 183 break; 184 case 'T' : 185 ipf_dotuning(-1, optarg, ipftestioctl); 186 break; 187 case 'v' : 188 opts |= OPT_VERBOSE; 189 break; 190 case 'x' : 191 opts |= OPT_HEX; 192 break; 193 } 194 195 if (loaded == 0) { 196 (void)fprintf(stderr,"no rules loaded\n"); 197 exit(-1); 198 } 199 200 if (opts & OPT_SAVEOUT) 201 init_ifp(); 202 203 if (datain) 204 fd = (*r->r_open)(datain); 205 else 206 fd = (*r->r_open)("-"); 207 208 if (fd < 0) 209 exit(-1); 210 211 m->m_data = (char *)m->mb_buf; 212 while ((i = (*r->r_readip)(m, &iface, &dir)) > 0) { 213 214 if ((iface == NULL) || (*iface == '\0')) 215 iface = ifname; 216 217 ip = MTOD(m, ip_t *); 218 ifp = get_unit(iface, IP_V(ip)); 219 220 if (IP_V(ip) == 4) { 221 if ((r->r_flags & R_DO_CKSUM) || docksum) 222 fixv4sums(m, ip); 223 hlen = IP_HL(ip) << 2; 224 if (sip.s_addr) 225 dir = !(sip.s_addr == ip->ip_src.s_addr); 226 } 227#ifdef USE_INET6 228 else 229 hlen = sizeof(ip6_t); 230#endif 231 /* ipfr_slowtimer(); */ 232 blockreason = 0; 233 m = &mb; 234 m->mb_ifp = ifp; 235 m->mb_len = i; 236 i = ipf_check(softc, ip, hlen, ifp, dir, &m); 237 if ((opts & OPT_NAT) == 0) 238 switch (i) 239 { 240 case -4 : 241 (void)printf("preauth"); 242 break; 243 case -3 : 244 (void)printf("account"); 245 break; 246 case -2 : 247 (void)printf("auth"); 248 break; 249 case -1 : 250 (void)printf("block"); 251 break; 252 case 0 : 253 (void)printf("pass"); 254 break; 255 case 1 : 256 if (m == NULL) 257 (void)printf("bad-packet"); 258 else 259 (void)printf("nomatch"); 260 break; 261 case 3 : 262 (void)printf("block return-rst"); 263 break; 264 case 4 : 265 (void)printf("block return-icmp"); 266 break; 267 case 5 : 268 (void)printf("block return-icmp-as-dest"); 269 break; 270 default : 271 (void)printf("recognised return %#x\n", i); 272 break; 273 } 274 275 if (!(opts & OPT_BRIEF)) { 276 putchar(' '); 277 if (m != NULL) 278 printpacket(dir, m); 279 else 280 printpacket(dir, &mb); 281 printf("--------------"); 282 } else if ((opts & (OPT_BRIEF|OPT_NAT)) == 283 (OPT_NAT|OPT_BRIEF)) { 284 if (m != NULL) 285 printpacket(dir, m); 286 else 287 PRINTF("%d\n", blockreason); 288 } 289 290 ipf_state_flush(softc, 1, 0); 291 292 if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL)) 293#if defined(__sgi) && (IRIX < 60500) 294 (*ifp->if_output)(ifp, (void *)m, NULL); 295#else 296# if TRU64 >= 1885 297 (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0); 298# else 299 (*ifp->if_output)(ifp, (void *)m, NULL, 0); 300# endif 301#endif 302 303 while ((m != NULL) && (m != &mb)) { 304 n = m->mb_next; 305 freembt(m); 306 m = n; 307 } 308 309 if ((opts & (OPT_BRIEF|OPT_NAT)) != (OPT_NAT|OPT_BRIEF)) 310 putchar('\n'); 311 dir = 0; 312 if (iface != ifname) { 313 free(iface); 314 iface = ifname; 315 } 316 m = &mb; 317 m->mb_data = (char *)m->mb_buf; 318 } 319 320 if (i != 0) 321 fprintf(stderr, "readip failed: %d\n", i); 322 (*r->r_close)(); 323 324 if (logout != NULL) { 325 drain_log(logout); 326 } 327 328 if (dump == 1) { 329 dumpnat(softc->ipf_nat_soft); 330 ipf_state_dump(softc, softc->ipf_state_soft); 331 ipf_lookup_dump(softc, softc->ipf_state_soft); 332 dumpgroups(softc); 333 } 334 335 ipf_fini_all(softc); 336 337 ipf_destroy_all(softc); 338 339 ipf_unload_all(); 340 341 ipf_mutex_clean(); 342 ipf_rwlock_clean(); 343 344 if (getenv("FINDLEAKS")) { 345 fflush(stdout); 346 abort(); 347 } 348 return 0; 349} 350 351 352#if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 353 (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 354 defined(__osf__) || defined(linux) 355int ipftestioctl(int dev, ioctlcmd_t cmd, ...) 356{ 357 caddr_t data; 358 va_list ap; 359 int i; 360 361 va_start(ap, cmd); 362 data = va_arg(ap, caddr_t); 363 va_end(ap); 364 365 i = ipfioctl(softc, IPL_LOGIPF, cmd, data, FWRITE|FREAD); 366 if (opts & OPT_DEBUG) 367 fprintf(stderr, "ipfioctl(IPF,%#x,%p) = %d (%d)\n", 368 (u_int)cmd, data, i, softc->ipf_interror); 369 if (i != 0) { 370 errno = i; 371 return -1; 372 } 373 return 0; 374} 375 376 377int ipnattestioctl(int dev, ioctlcmd_t cmd, ...) 378{ 379 caddr_t data; 380 va_list ap; 381 int i; 382 383 va_start(ap, cmd); 384 data = va_arg(ap, caddr_t); 385 va_end(ap); 386 387 i = ipfioctl(softc, IPL_LOGNAT, cmd, data, FWRITE|FREAD); 388 if (opts & OPT_DEBUG) 389 fprintf(stderr, "ipfioctl(NAT,%#x,%p) = %d\n", 390 (u_int)cmd, data, i); 391 if (i != 0) { 392 errno = i; 393 return -1; 394 } 395 return 0; 396} 397 398 399int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...) 400{ 401 caddr_t data; 402 va_list ap; 403 int i; 404 405 va_start(ap, cmd); 406 data = va_arg(ap, caddr_t); 407 va_end(ap); 408 409 i = ipfioctl(softc, IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 410 if ((opts & OPT_DEBUG) || (i != 0)) 411 fprintf(stderr, "ipfioctl(STATE,%#x,%p) = %d\n", 412 (u_int)cmd, data, i); 413 if (i != 0) { 414 errno = i; 415 return -1; 416 } 417 return 0; 418} 419 420 421int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...) 422{ 423 caddr_t data; 424 va_list ap; 425 int i; 426 427 va_start(ap, cmd); 428 data = va_arg(ap, caddr_t); 429 va_end(ap); 430 431 i = ipfioctl(softc, IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 432 if ((opts & OPT_DEBUG) || (i != 0)) 433 fprintf(stderr, "ipfioctl(AUTH,%#x,%p) = %d\n", 434 (u_int)cmd, data, i); 435 if (i != 0) { 436 errno = i; 437 return -1; 438 } 439 return 0; 440} 441 442 443int ipscantestioctl(int dev, ioctlcmd_t cmd, ...) 444{ 445 caddr_t data; 446 va_list ap; 447 int i; 448 449 va_start(ap, cmd); 450 data = va_arg(ap, caddr_t); 451 va_end(ap); 452 453 i = ipfioctl(softc, IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 454 if ((opts & OPT_DEBUG) || (i != 0)) 455 fprintf(stderr, "ipfioctl(SCAN,%#x,%p) = %d\n", 456 (u_int)cmd, data, i); 457 if (i != 0) { 458 errno = i; 459 return -1; 460 } 461 return 0; 462} 463 464 465int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...) 466{ 467 caddr_t data; 468 va_list ap; 469 int i; 470 471 va_start(ap, cmd); 472 data = va_arg(ap, caddr_t); 473 va_end(ap); 474 475 i = ipfioctl(softc, IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 476 if ((opts & OPT_DEBUG) || (i != 0)) 477 fprintf(stderr, "ipfioctl(SYNC,%#x,%p) = %d\n", 478 (u_int)cmd, data, i); 479 if (i != 0) { 480 errno = i; 481 return -1; 482 } 483 return 0; 484} 485 486 487int ipooltestioctl(int dev, ioctlcmd_t cmd, ...) 488{ 489 caddr_t data; 490 va_list ap; 491 int i; 492 493 va_start(ap, cmd); 494 data = va_arg(ap, caddr_t); 495 va_end(ap); 496 497 i = ipfioctl(softc, IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 498 if ((opts & OPT_DEBUG) || (i != 0)) 499 fprintf(stderr, "ipfioctl(POOL,%#x,%p) = %d (%d)\n", 500 (u_int)cmd, data, i, softc->ipf_interror); 501 if (i != 0) { 502 errno = i; 503 return -1; 504 } 505 return 0; 506} 507#else 508int ipftestioctl(dev, cmd, data) 509 dev_t dev; 510 ioctlcmd_t cmd; 511 void *data; 512{ 513 int i; 514 515 i = ipfioctl(softc, IPL_LOGIPF, cmd, data, FWRITE|FREAD); 516 if ((opts & OPT_DEBUG) || (i != 0)) 517 fprintf(stderr, "ipfioctl(IPF,%#x,%p) = %d (%d)\n", 518 cmd, data, i, softc->ipf_interror); 519 if (i != 0) { 520 errno = i; 521 return -1; 522 } 523 return 0; 524} 525 526 527int ipnattestioctl(dev, cmd, data) 528 dev_t dev; 529 ioctlcmd_t cmd; 530 void *data; 531{ 532 int i; 533 534 i = ipfioctl(softc, IPL_LOGNAT, cmd, data, FWRITE|FREAD); 535 if ((opts & OPT_DEBUG) || (i != 0)) 536 fprintf(stderr, "ipfioctl(NAT,%#x,%p) = %d\n", cmd, data, i); 537 if (i != 0) { 538 errno = i; 539 return -1; 540 } 541 return 0; 542} 543 544 545int ipstatetestioctl(dev, cmd, data) 546 dev_t dev; 547 ioctlcmd_t cmd; 548 void *data; 549{ 550 int i; 551 552 i = ipfioctl(softc, IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 553 if ((opts & OPT_DEBUG) || (i != 0)) 554 fprintf(stderr, "ipfioctl(STATE,%#x,%p) = %d\n", cmd, data, i); 555 if (i != 0) { 556 errno = i; 557 return -1; 558 } 559 return 0; 560} 561 562 563int ipauthtestioctl(dev, cmd, data) 564 dev_t dev; 565 ioctlcmd_t cmd; 566 void *data; 567{ 568 int i; 569 570 i = ipfioctl(softc, IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 571 if ((opts & OPT_DEBUG) || (i != 0)) 572 fprintf(stderr, "ipfioctl(AUTH,%#x,%p) = %d\n", cmd, data, i); 573 if (i != 0) { 574 errno = i; 575 return -1; 576 } 577 return 0; 578} 579 580 581int ipsynctestioctl(dev, cmd, data) 582 dev_t dev; 583 ioctlcmd_t cmd; 584 void *data; 585{ 586 int i; 587 588 i = ipfioctl(softc, IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 589 if ((opts & OPT_DEBUG) || (i != 0)) 590 fprintf(stderr, "ipfioctl(SYNC,%#x,%p) = %d\n", cmd, data, i); 591 if (i != 0) { 592 errno = i; 593 return -1; 594 } 595 return 0; 596} 597 598 599int ipscantestioctl(dev, cmd, data) 600 dev_t dev; 601 ioctlcmd_t cmd; 602 void *data; 603{ 604 int i; 605 606 i = ipfioctl(softc, IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 607 if ((opts & OPT_DEBUG) || (i != 0)) 608 fprintf(stderr, "ipfioctl(SCAN,%#x,%p) = %d\n", cmd, data, i); 609 if (i != 0) { 610 errno = i; 611 return -1; 612 } 613 return 0; 614} 615 616 617int ipooltestioctl(dev, cmd, data) 618 dev_t dev; 619 ioctlcmd_t cmd; 620 void *data; 621{ 622 int i; 623 624 i = ipfioctl(softc, IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 625 if (opts & OPT_DEBUG) 626 fprintf(stderr, "ipfioctl(POOL,%#x,%p) = %d (%d)\n", 627 cmd, data, i, softc->ipf_interror); 628 if (i != 0) { 629 errno = i; 630 return -1; 631 } 632 return 0; 633} 634#endif 635 636 637int kmemcpy(addr, offset, size) 638 char *addr; 639 long offset; 640 int size; 641{ 642 bcopy((char *)offset, addr, size); 643 return 0; 644} 645 646 647int kstrncpy(buf, pos, n) 648 char *buf; 649 long pos; 650 int n; 651{ 652 char *ptr; 653 654 ptr = (char *)pos; 655 656 while ((n > 0) && (*buf++ = *ptr++)) 657 ; 658 return 0; 659} 660 661 662/* 663 * Display the built up NAT table rules and mapping entries. 664 */ 665void dumpnat(arg) 666 void *arg; 667{ 668 ipf_nat_softc_t *softn = arg; 669 hostmap_t *hm; 670 ipnat_t *ipn; 671 nat_t *nat; 672 673 printf("List of active MAP/Redirect filters:\n"); 674 for (ipn = softn->ipf_nat_list; ipn != NULL; ipn = ipn->in_next) 675 printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 676 printf("\nList of active sessions:\n"); 677 for (nat = softn->ipf_nat_instances; nat; nat = nat->nat_next) { 678 printactivenat(nat, opts, 0); 679 if (nat->nat_aps) 680 printf("\tproxy active\n"); 681 } 682 683 printf("\nHostmap table:\n"); 684 for (hm = softn->ipf_hm_maplist; hm != NULL; hm = hm->hm_next) 685 printhostmap(hm, hm->hm_hv); 686} 687 688 689void dumpgroups(softc) 690 ipf_main_softc_t *softc; 691{ 692 frgroup_t *fg; 693 int i; 694 695 printf("List of groups configured (set 0)\n"); 696 for (i = 0; i < IPL_LOGSIZE; i++) 697 for (fg = softc->ipf_groups[i][0]; fg != NULL; 698 fg = fg->fg_next) { 699 printf("Dev.%d. Group %s Ref %d Flags %#x\n", 700 i, fg->fg_name, fg->fg_ref, fg->fg_flags); 701 dumprules(fg->fg_start); 702 } 703 704 printf("List of groups configured (set 1)\n"); 705 for (i = 0; i < IPL_LOGSIZE; i++) 706 for (fg = softc->ipf_groups[i][1]; fg != NULL; 707 fg = fg->fg_next) { 708 printf("Dev.%d. Group %s Ref %d Flags %#x\n", 709 i, fg->fg_name, fg->fg_ref, fg->fg_flags); 710 dumprules(fg->fg_start); 711 } 712 713 printf("Rules configured (set 0, in)\n"); 714 dumprules(softc->ipf_rules[0][0]); 715 printf("Rules configured (set 0, out)\n"); 716 dumprules(softc->ipf_rules[1][0]); 717 printf("Rules configured (set 1, in)\n"); 718 dumprules(softc->ipf_rules[0][1]); 719 printf("Rules configured (set 1, out)\n"); 720 dumprules(softc->ipf_rules[1][1]); 721 722 printf("Accounting rules configured (set 0, in)\n"); 723 dumprules(softc->ipf_acct[0][0]); 724 printf("Accounting rules configured (set 0, out)\n"); 725 dumprules(softc->ipf_acct[0][1]); 726 printf("Accounting rules configured (set 1, in)\n"); 727 dumprules(softc->ipf_acct[1][0]); 728 printf("Accounting rules configured (set 1, out)\n"); 729 dumprules(softc->ipf_acct[1][1]); 730} 731 732void dumprules(rulehead) 733 frentry_t *rulehead; 734{ 735 frentry_t *fr; 736 737 for (fr = rulehead; fr != NULL; fr = fr->fr_next) { 738#ifdef USE_QUAD_T 739 printf("%llu ",(unsigned long long)fr->fr_hits); 740#else 741 printf("%ld ", fr->fr_hits); 742#endif 743 printfr(fr, ipftestioctl); 744 } 745} 746 747 748void drain_log(filename) 749 char *filename; 750{ 751 char buffer[DEFAULT_IPFLOGSIZE]; 752 struct iovec iov; 753 struct uio uio; 754 size_t resid; 755 int fd, i; 756 757 fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644); 758 if (fd == -1) { 759 perror("drain_log:open"); 760 return; 761 } 762 763 for (i = 0; i <= IPL_LOGMAX; i++) 764 while (1) { 765 bzero((char *)&iov, sizeof(iov)); 766 iov.iov_base = buffer; 767 iov.iov_len = sizeof(buffer); 768 769 bzero((char *)&uio, sizeof(uio)); 770 uio.uio_iov = &iov; 771 uio.uio_iovcnt = 1; 772 uio.uio_resid = iov.iov_len; 773 resid = uio.uio_resid; 774 775 if (ipf_log_read(softc, i, &uio) == 0) { 776 /* 777 * If nothing was read then break out. 778 */ 779 if (uio.uio_resid == resid) 780 break; 781 write(fd, buffer, resid - uio.uio_resid); 782 } else 783 break; 784 } 785 786 close(fd); 787} 788 789 790void fixv4sums(m, ip) 791 mb_t *m; 792 ip_t *ip; 793{ 794 u_char *csump, *hdr, p; 795 fr_info_t tmp; 796 int len; 797 798 p = 0; 799 len = 0; 800 bzero((char *)&tmp, sizeof(tmp)); 801 802 csump = (u_char *)ip; 803 if (IP_V(ip) == 4) { 804 ip->ip_sum = 0; 805 ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2); 806 tmp.fin_hlen = IP_HL(ip) << 2; 807 csump += IP_HL(ip) << 2; 808 p = ip->ip_p; 809 len = ntohs(ip->ip_len); 810#ifdef USE_INET6 811 } else if (IP_V(ip) == 6) { 812 tmp.fin_hlen = sizeof(ip6_t); 813 csump += sizeof(ip6_t); 814 p = ((ip6_t *)ip)->ip6_nxt; 815 len = ntohs(((ip6_t *)ip)->ip6_plen); 816 len += sizeof(ip6_t); 817#endif 818 } 819 tmp.fin_plen = len; 820 tmp.fin_dlen = len - tmp.fin_hlen; 821 822 switch (p) 823 { 824 case IPPROTO_TCP : 825 hdr = csump; 826 csump += offsetof(tcphdr_t, th_sum); 827 break; 828 case IPPROTO_UDP : 829 hdr = csump; 830 csump += offsetof(udphdr_t, uh_sum); 831 break; 832 case IPPROTO_ICMP : 833 hdr = csump; 834 csump += offsetof(icmphdr_t, icmp_cksum); 835 break; 836 default : 837 csump = NULL; 838 hdr = NULL; 839 break; 840 } 841 if (hdr != NULL) { 842 tmp.fin_m = m; 843 tmp.fin_mp = &m; 844 tmp.fin_dp = hdr; 845 tmp.fin_ip = ip; 846 tmp.fin_plen = len; 847 *csump = 0; 848 *(u_short *)csump = fr_cksum(&tmp, ip, p, hdr); 849 } 850} 851