1 1.1 christos /* $NetBSD: printstate.c,v 1.1.1.1 2012/03/23 21:20:10 christos Exp $ */ 2 1.1 christos 3 1.1 christos /* 4 1.1 christos * Copyright (C) 2012 by Darren Reed. 5 1.1 christos * 6 1.1 christos * See the IPFILTER.LICENCE file for details on licencing. 7 1.1 christos */ 8 1.1 christos 9 1.1 christos #include "ipf.h" 10 1.1 christos #include "kmem.h" 11 1.1 christos 12 1.1 christos 13 1.1 christos ipstate_t * 14 1.1 christos printstate(sp, opts, now) 15 1.1 christos ipstate_t *sp; 16 1.1 christos int opts; 17 1.1 christos u_long now; 18 1.1 christos { 19 1.1 christos struct protoent *pr; 20 1.1 christos synclist_t ipsync; 21 1.1 christos 22 1.1 christos if ((opts & OPT_NORESOLVE) == 0) 23 1.1 christos pr = getprotobynumber(sp->is_p); 24 1.1 christos else 25 1.1 christos pr = NULL; 26 1.1 christos 27 1.1 christos PRINTF("%d:", sp->is_v); 28 1.1 christos if (pr != NULL) 29 1.1 christos PRINTF("%s", pr->p_name); 30 1.1 christos else 31 1.1 christos PRINTF("%d", sp->is_p); 32 1.1 christos 33 1.1 christos PRINTF(" src:%s", hostname(sp->is_family, &sp->is_src.in4)); 34 1.1 christos if (sp->is_p == IPPROTO_UDP || sp->is_p == IPPROTO_TCP) { 35 1.1 christos if (sp->is_flags & IS_WSPORT) 36 1.1 christos PRINTF(",*"); 37 1.1 christos else 38 1.1 christos PRINTF(",%d", ntohs(sp->is_sport)); 39 1.1 christos } 40 1.1 christos 41 1.1 christos PRINTF(" dst:%s", hostname(sp->is_family, &sp->is_dst.in4)); 42 1.1 christos if (sp->is_p == IPPROTO_UDP || sp->is_p == IPPROTO_TCP) { 43 1.1 christos if (sp->is_flags & IS_WDPORT) 44 1.1 christos PRINTF(",*"); 45 1.1 christos else 46 1.1 christos PRINTF(",%d", ntohs(sp->is_dport)); 47 1.1 christos } 48 1.1 christos 49 1.1 christos if (sp->is_p == IPPROTO_TCP) { 50 1.1 christos PRINTF(" state:%d/%d", sp->is_state[0], sp->is_state[1]); 51 1.1 christos } 52 1.1 christos 53 1.1 christos PRINTF(" %ld", sp->is_die - now); 54 1.1 christos if (sp->is_phnext == NULL) 55 1.1 christos PRINTF(" ORPHAN"); 56 1.1 christos if (sp->is_flags & IS_CLONE) 57 1.1 christos PRINTF(" CLONE"); 58 1.1 christos putchar('\n'); 59 1.1 christos 60 1.1 christos if (sp->is_p == IPPROTO_TCP) { 61 1.1 christos PRINTF("\t%x:%x %hu<<%d:%hu<<%d\n", 62 1.1 christos sp->is_send, sp->is_dend, 63 1.1 christos sp->is_maxswin, sp->is_swinscale, 64 1.1 christos sp->is_maxdwin, sp->is_dwinscale); 65 1.1 christos if ((opts & OPT_VERBOSE) != 0) { 66 1.1 christos PRINTF("\tcmsk %04x smsk %04x isc %p s0 %08x/%08x\n", 67 1.1 christos sp->is_smsk[0], sp->is_smsk[1], sp->is_isc, 68 1.1 christos sp->is_s0[0], sp->is_s0[1]); 69 1.1 christos PRINTF("\tFWD: ISN inc %x sumd %x\n", 70 1.1 christos sp->is_isninc[0], sp->is_sumd[0]); 71 1.1 christos PRINTF("\tREV: ISN inc %x sumd %x\n", 72 1.1 christos sp->is_isninc[1], sp->is_sumd[1]); 73 1.1 christos #ifdef IPFILTER_SCAN 74 1.1 christos PRINTF("\tsbuf[0] ["); 75 1.1 christos printsbuf(sp->is_sbuf[0]); 76 1.1 christos PRINTF("] sbuf[1] ["); 77 1.1 christos printsbuf(sp->is_sbuf[1]); 78 1.1 christos PRINTF("]\n"); 79 1.1 christos #endif 80 1.1 christos } 81 1.1 christos } else if (sp->is_p == IPPROTO_GRE) { 82 1.1 christos PRINTF("\tcall %hx/%hx\n", ntohs(sp->is_gre.gs_call[0]), 83 1.1 christos ntohs(sp->is_gre.gs_call[1])); 84 1.1 christos } else if (sp->is_p == IPPROTO_ICMP 85 1.1 christos #ifdef USE_INET6 86 1.1 christos || sp->is_p == IPPROTO_ICMPV6 87 1.1 christos #endif 88 1.1 christos ) { 89 1.1 christos PRINTF("\tid %hu seq %hu type %d\n", sp->is_icmp.ici_id, 90 1.1 christos sp->is_icmp.ici_seq, sp->is_icmp.ici_type); 91 1.1 christos } 92 1.1 christos 93 1.1 christos #ifdef USE_QUAD_T 94 1.1 christos PRINTF("\tFWD: IN pkts %"PRIu64" bytes %"PRIu64" OUT pkts %"PRIu64" bytes %"PRIu64"\n\tREV: IN pkts %"PRIu64" bytes %"PRIu64" OUT pkts %"PRIu64" bytes %"PRIu64"\n", 95 1.1 christos sp->is_pkts[0], sp->is_bytes[0], 96 1.1 christos sp->is_pkts[1], sp->is_bytes[1], 97 1.1 christos sp->is_pkts[2], sp->is_bytes[2], 98 1.1 christos sp->is_pkts[3], sp->is_bytes[3]); 99 1.1 christos #else 100 1.1 christos PRINTF("\tFWD: IN pkts %lu bytes %lu OUT pkts %lu bytes %lu\n\tREV: IN pkts %lu bytes %lu OUT pkts %lu bytes %lu\n", 101 1.1 christos sp->is_pkts[0], sp->is_bytes[0], 102 1.1 christos sp->is_pkts[1], sp->is_bytes[1], 103 1.1 christos sp->is_pkts[2], sp->is_bytes[2], 104 1.1 christos sp->is_pkts[3], sp->is_bytes[3]); 105 1.1 christos #endif 106 1.1 christos 107 1.1 christos PRINTF("\ttag %u pass %#x = ", sp->is_tag, sp->is_pass); 108 1.1 christos 109 1.1 christos /* 110 1.1 christos * Print out bits set in the result code for the state being 111 1.1 christos * kept as they would for a rule. 112 1.1 christos */ 113 1.1 christos if (FR_ISPASS(sp->is_pass)) { 114 1.1 christos PRINTF("pass"); 115 1.1 christos } else if (FR_ISBLOCK(sp->is_pass)) { 116 1.1 christos PRINTF("block"); 117 1.1 christos switch (sp->is_pass & FR_RETMASK) 118 1.1 christos { 119 1.1 christos case FR_RETICMP : 120 1.1 christos PRINTF(" return-icmp"); 121 1.1 christos break; 122 1.1 christos case FR_FAKEICMP : 123 1.1 christos PRINTF(" return-icmp-as-dest"); 124 1.1 christos break; 125 1.1 christos case FR_RETRST : 126 1.1 christos PRINTF(" return-rst"); 127 1.1 christos break; 128 1.1 christos default : 129 1.1 christos break; 130 1.1 christos } 131 1.1 christos } else if ((sp->is_pass & FR_LOGMASK) == FR_LOG) { 132 1.1 christos PRINTF("log"); 133 1.1 christos if (sp->is_pass & FR_LOGBODY) 134 1.1 christos PRINTF(" body"); 135 1.1 christos if (sp->is_pass & FR_LOGFIRST) 136 1.1 christos PRINTF(" first"); 137 1.1 christos } else if (FR_ISACCOUNT(sp->is_pass)) { 138 1.1 christos PRINTF("count"); 139 1.1 christos } else if (FR_ISPREAUTH(sp->is_pass)) { 140 1.1 christos PRINTF("preauth"); 141 1.1 christos } else if (FR_ISAUTH(sp->is_pass)) 142 1.1 christos PRINTF("auth"); 143 1.1 christos 144 1.1 christos if (sp->is_pass & FR_OUTQUE) 145 1.1 christos PRINTF(" out"); 146 1.1 christos else 147 1.1 christos PRINTF(" in"); 148 1.1 christos 149 1.1 christos if ((sp->is_pass & FR_LOG) != 0) { 150 1.1 christos PRINTF(" log"); 151 1.1 christos if (sp->is_pass & FR_LOGBODY) 152 1.1 christos PRINTF(" body"); 153 1.1 christos if (sp->is_pass & FR_LOGFIRST) 154 1.1 christos PRINTF(" first"); 155 1.1 christos if (sp->is_pass & FR_LOGORBLOCK) 156 1.1 christos PRINTF(" or-block"); 157 1.1 christos } 158 1.1 christos if (sp->is_pass & FR_QUICK) 159 1.1 christos PRINTF(" quick"); 160 1.1 christos if (sp->is_pass & FR_KEEPFRAG) 161 1.1 christos PRINTF(" keep frags"); 162 1.1 christos /* a given; no? */ 163 1.1 christos if (sp->is_pass & FR_KEEPSTATE) { 164 1.1 christos PRINTF(" keep state"); 165 1.1 christos if (sp->is_pass & (FR_STATESYNC|FR_STSTRICT|FR_STLOOSE)) { 166 1.1 christos PRINTF(" ("); 167 1.1 christos if (sp->is_pass & FR_STATESYNC) 168 1.1 christos PRINTF(" sync"); 169 1.1 christos if (sp->is_pass & FR_STSTRICT) 170 1.1 christos PRINTF(" strict"); 171 1.1 christos if (sp->is_pass & FR_STLOOSE) 172 1.1 christos PRINTF(" loose"); 173 1.1 christos PRINTF(" )"); 174 1.1 christos } 175 1.1 christos } 176 1.1 christos PRINTF("\n"); 177 1.1 christos 178 1.1 christos if ((opts & OPT_VERBOSE) != 0) { 179 1.1 christos PRINTF("\tref %d", sp->is_ref); 180 1.1 christos PRINTF(" pkt_flags & %x(%x) = %x\n", 181 1.1 christos sp->is_flags & 0xf, sp->is_flags, sp->is_flags >> 4); 182 1.1 christos PRINTF("\tpkt_options & %x = %x, %x = %x \n", sp->is_optmsk[0], 183 1.1 christos sp->is_opt[0], sp->is_optmsk[1], sp->is_opt[1]); 184 1.1 christos PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n", 185 1.1 christos sp->is_secmsk, sp->is_sec, sp->is_authmsk, 186 1.1 christos sp->is_auth); 187 1.1 christos PRINTF("\tis_flx %#x %#x %#x %#x\n", sp->is_flx[0][0], 188 1.1 christos sp->is_flx[0][1], sp->is_flx[1][0], sp->is_flx[1][1]); 189 1.1 christos } 190 1.1 christos PRINTF("\tinterfaces: in %s[%s", getifname(sp->is_ifp[0]), 191 1.1 christos sp->is_ifname[0]); 192 1.1 christos if (opts & OPT_DEBUG) 193 1.1 christos PRINTF("/%p", sp->is_ifp[0]); 194 1.1 christos putchar(']'); 195 1.1 christos PRINTF(",%s[%s", getifname(sp->is_ifp[1]), sp->is_ifname[1]); 196 1.1 christos if (opts & OPT_DEBUG) 197 1.1 christos PRINTF("/%p", sp->is_ifp[1]); 198 1.1 christos putchar(']'); 199 1.1 christos PRINTF(" out %s[%s", getifname(sp->is_ifp[2]), sp->is_ifname[2]); 200 1.1 christos if (opts & OPT_DEBUG) 201 1.1 christos PRINTF("/%p", sp->is_ifp[2]); 202 1.1 christos putchar(']'); 203 1.1 christos PRINTF(",%s[%s", getifname(sp->is_ifp[3]), sp->is_ifname[3]); 204 1.1 christos if (opts & OPT_DEBUG) 205 1.1 christos PRINTF("/%p", sp->is_ifp[3]); 206 1.1 christos PRINTF("]\n"); 207 1.1 christos 208 1.1 christos PRINTF("\tSync status: "); 209 1.1 christos if (sp->is_sync != NULL) { 210 1.1 christos if (kmemcpy((char *)&ipsync, (u_long)sp->is_sync, 211 1.1 christos sizeof(ipsync))) { 212 1.1 christos PRINTF("status could not be retrieved\n"); 213 1.1 christos return NULL; 214 1.1 christos } 215 1.1 christos 216 1.1 christos PRINTF("idx %d num %d v %d pr %d rev %d\n", 217 1.1 christos ipsync.sl_idx, ipsync.sl_num, ipsync.sl_v, 218 1.1 christos ipsync.sl_p, ipsync.sl_rev); 219 1.1 christos } else { 220 1.1 christos PRINTF("not synchronized\n"); 221 1.1 christos } 222 1.1 christos 223 1.1 christos return sp->is_next; 224 1.1 christos } 225
Indexes created Sat Apr 04 00:22:49 UTC 2026