ip_log.c revision 1.1
1 /* $NetBSD: ip_log.c,v 1.1 2012/03/23 20:36:57 christos Exp $ */ 2 3 /* 4 * Copyright (C) 2010 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * Id 9 */ 10 #include <sys/param.h> 11 #if defined(KERNEL) || defined(_KERNEL) 12 # undef KERNEL 13 # undef _KERNEL 14 # define KERNEL 1 15 # define _KERNEL 1 16 #endif 17 #if defined(__FreeBSD__) && !defined(_KERNEL) 18 # include <osreldate.h> 19 #endif 20 #ifndef SOLARIS 21 # define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4))) 22 #endif 23 #include <sys/errno.h> 24 #include <sys/types.h> 25 #include <sys/file.h> 26 #ifndef _KERNEL 27 # include <stdio.h> 28 # include <string.h> 29 # include <stdlib.h> 30 # include <ctype.h> 31 # define _KERNEL 32 # define KERNEL 33 # ifdef __OpenBSD__ 34 struct file; 35 # endif 36 # include <sys/uio.h> 37 # undef _KERNEL 38 # undef KERNEL 39 #endif 40 #if (defined(__FreeBSD_version) && (__FreeBSD_version >= 220000)) && \ 41 defined(_KERNEL) 42 # include <sys/fcntl.h> 43 # include <sys/filio.h> 44 #else 45 # include <sys/ioctl.h> 46 #endif 47 #include <sys/time.h> 48 #if defined(_KERNEL) 49 # include <sys/systm.h> 50 # if (defined(NetBSD) && (__NetBSD_Version__ >= 104000000)) 51 # include <sys/proc.h> 52 # endif 53 #endif /* _KERNEL */ 54 #if !SOLARIS && !defined(__hpux) && !defined(linux) 55 # if (defined(NetBSD) && (NetBSD > 199609)) || \ 56 (defined(OpenBSD) && (OpenBSD > 199603)) || \ 57 (defined(__FreeBSD_version) && (__FreeBSD_version >= 300000)) 58 # include <sys/dirent.h> 59 # else 60 # include <sys/dir.h> 61 # endif 62 # include <sys/mbuf.h> 63 # include <sys/select.h> 64 # if __FreeBSD_version >= 500000 65 # include <sys/selinfo.h> 66 # endif 67 #else 68 # if !defined(__hpux) && defined(_KERNEL) 69 # include <sys/filio.h> 70 # include <sys/cred.h> 71 # include <sys/ddi.h> 72 # include <sys/sunddi.h> 73 # include <sys/ksynch.h> 74 # include <sys/kmem.h> 75 # include <sys/mkdev.h> 76 # include <sys/dditypes.h> 77 # include <sys/cmn_err.h> 78 # endif /* !__hpux */ 79 #endif /* !SOLARIS && !__hpux */ 80 #if !defined(linux) 81 # include <sys/protosw.h> 82 #endif 83 #include <sys/socket.h> 84 85 #include <net/if.h> 86 #ifdef sun 87 # include <net/af.h> 88 #endif 89 #if __FreeBSD_version >= 300000 90 # include <net/if_var.h> 91 #endif 92 #include <netinet/in.h> 93 #ifdef __sgi 94 # include <sys/ddi.h> 95 # ifdef IFF_DRVRLOCK /* IRIX6 */ 96 # include <sys/hashing.h> 97 # endif 98 #endif 99 #if !defined(__hpux) && !defined(linux) && \ 100 !(defined(__sgi) && !defined(IFF_DRVRLOCK)) /*IRIX<6*/ 101 # include <netinet/in_var.h> 102 #endif 103 #include <netinet/in_systm.h> 104 #include <netinet/ip.h> 105 #include <netinet/tcp.h> 106 #include <netinet/udp.h> 107 #include <netinet/ip_icmp.h> 108 #ifdef USE_INET6 109 # include <netinet/icmp6.h> 110 #endif 111 #if !defined(linux) 112 # include <netinet/ip_var.h> 113 #endif 114 #ifndef _KERNEL 115 # include <syslog.h> 116 #endif 117 #include "netinet/ip_compat.h" 118 #include <netinet/tcpip.h> 119 #include "netinet/ip_fil.h" 120 #include "netinet/ip_nat.h" 121 #include "netinet/ip_frag.h" 122 #include "netinet/ip_state.h" 123 #include "netinet/ip_auth.h" 124 #if (__FreeBSD_version >= 300000) || defined(__NetBSD__) 125 # include <sys/malloc.h> 126 #endif 127 /* END OF INCLUDES */ 128 129 #ifdef IPFILTER_LOG 130 131 # if defined(IPL_SELECT) 132 # include <machine/sys/user.h> 133 # include <sys/kthread_iface.h> 134 # define READ_COLLISION 0x001 135 extern int selwait; 136 # endif /* IPL_SELECT */ 137 138 typedef struct ipf_log_softc_s { 139 ipfmutex_t ipl_mutex[IPL_LOGSIZE]; 140 # if SOLARIS && defined(_KERNEL) 141 kcondvar_t ipl_wait[IPL_LOGSIZE]; 142 # endif 143 # if defined(linux) && defined(_KERNEL) 144 wait_queue_head_t iplh_linux[IPL_LOGSIZE]; 145 # endif 146 # if defined(__hpux) && defined(_KERNEL) 147 iplog_select_t ipl_ss[IPL_LOGSIZE]; 148 # endif 149 iplog_t **iplh[IPL_LOGSIZE]; 150 iplog_t *iplt[IPL_LOGSIZE]; 151 iplog_t *ipll[IPL_LOGSIZE]; 152 u_long ipl_logfail[IPL_LOGSIZE]; 153 u_long ipl_logok[IPL_LOGSIZE]; 154 fr_info_t ipl_crc[IPL_LOGSIZE]; 155 u_32_t ipl_counter[IPL_LOGSIZE]; 156 int ipl_suppress; 157 int ipl_logall; 158 int ipl_log_init; 159 int ipl_logsize; 160 int ipl_used[IPL_LOGSIZE]; 161 int ipl_magic[IPL_LOGSIZE]; 162 ipftuneable_t *ipf_log_tune; 163 } ipf_log_softc_t; 164 165 static int magic[IPL_LOGSIZE] = { IPL_MAGIC, IPL_MAGIC_NAT, IPL_MAGIC_STATE, 166 IPL_MAGIC, IPL_MAGIC, IPL_MAGIC, 167 IPL_MAGIC, IPL_MAGIC }; 168 169 static ipftuneable_t ipf_log_tuneables[] = { 170 /* log */ 171 { { (void *)offsetof(ipf_log_softc_t, ipl_suppress) }, 172 "log_suppress", 0, 1, 173 stsizeof(ipf_log_softc_t, ipl_suppress), 174 0, NULL, NULL }, 175 { { (void *)offsetof(ipf_log_softc_t, ipl_logall) }, 176 "log_all", 0, 1, 177 stsizeof(ipf_log_softc_t, ipl_logall), 178 0, NULL, NULL }, 179 { { (void *)offsetof(ipf_log_softc_t, ipl_logsize) }, 180 "log_size", 0, 0x80000, 181 stsizeof(ipf_log_softc_t, ipl_logsize), 182 0, NULL, NULL }, 183 { { NULL }, NULL, 0, 0, 184 0, 185 0, NULL, NULL } 186 }; 187 188 189 int 190 ipf_log_main_load() 191 { 192 return 0; 193 } 194 195 196 int 197 ipf_log_main_unload() 198 { 199 return 0; 200 } 201 202 void * 203 ipf_log_soft_create(softc) 204 ipf_main_softc_t *softc; 205 { 206 ipf_log_softc_t *softl; 207 208 KMALLOC(softl, ipf_log_softc_t *); 209 if (softl == NULL) 210 return NULL; 211 212 bzero((char *)softl, sizeof(*softl)); 213 bcopy((char *)magic, (char *)softl->ipl_magic, sizeof(magic)); 214 215 softl->ipf_log_tune = ipf_tune_array_copy(softl, 216 sizeof(ipf_log_tuneables), 217 ipf_log_tuneables); 218 if (softl->ipf_log_tune == NULL) { 219 ipf_log_soft_destroy(softc, softl); 220 return NULL; 221 } 222 if (ipf_tune_array_link(softc, softl->ipf_log_tune) == -1) { 223 ipf_log_soft_destroy(softc, softl); 224 return NULL; 225 } 226 227 softl->ipl_suppress = 1; 228 softl->ipl_logall = 0; 229 softl->ipl_log_init = 0; 230 softl->ipl_logsize = IPFILTER_LOGSIZE; 231 232 return softl; 233 } 234 235 /* ------------------------------------------------------------------------ */ 236 /* Function: ipf_log_init */ 237 /* Returns: int - 0 == success (always returned) */ 238 /* Parameters: Nil */ 239 /* */ 240 /* Initialise log buffers & pointers. Also iniialised the CRC to a local */ 241 /* secret for use in calculating the "last log checksum". */ 242 /* ------------------------------------------------------------------------ */ 243 int 244 ipf_log_soft_init(softc, arg) 245 ipf_main_softc_t *softc; 246 void *arg; 247 { 248 ipf_log_softc_t *softl = arg; 249 int i; 250 251 for (i = IPL_LOGMAX; i >= 0; i--) { 252 softl->iplt[i] = NULL; 253 softl->ipll[i] = NULL; 254 softl->iplh[i] = &softl->iplt[i]; 255 bzero((char *)&softl->ipl_crc[i], sizeof(softl->ipl_crc[i])); 256 # ifdef IPL_SELECT 257 softl->iplog_ss[i].read_waiter = 0; 258 softl->iplog_ss[i].state = 0; 259 # endif 260 # if defined(linux) && defined(_KERNEL) 261 init_waitqueue_head(softl->iplh_linux + i); 262 # endif 263 # if SOLARIS && defined(_KERNEL) 264 cv_init(&softl->ipl_wait[i], NULL, CV_DRIVER, NULL); 265 # endif 266 MUTEX_INIT(&softl->ipl_mutex[i], "ipf log mutex"); 267 } 268 269 270 softl->ipl_log_init = 1; 271 272 return 0; 273 } 274 275 276 /* ------------------------------------------------------------------------ */ 277 /* Function: ipf_log_unload */ 278 /* Returns: Nil */ 279 /* Parameters: Nil */ 280 /* */ 281 /* Clean up any log data that has accumulated without being read. */ 282 /* ------------------------------------------------------------------------ */ 283 int 284 ipf_log_soft_fini(softc, arg) 285 ipf_main_softc_t *softc; 286 void *arg; 287 { 288 ipf_log_softc_t *softl = arg; 289 int i; 290 291 if (softl->ipl_log_init == 0) 292 return 0; 293 294 for (i = IPL_LOGMAX; i >= 0; i--) { 295 (void) ipf_log_clear(softc, i); 296 297 # if SOLARIS && defined(_KERNEL) 298 cv_destroy(&softl->ipl_wait[i]); 299 # endif 300 MUTEX_DESTROY(&softl->ipl_mutex[i]); 301 } 302 303 softl->ipl_log_init = 0; 304 305 return 0; 306 } 307 308 309 void 310 ipf_log_soft_destroy(softc, arg) 311 ipf_main_softc_t *softc; 312 void *arg; 313 { 314 ipf_log_softc_t *softl = arg; 315 316 if (softl->ipf_log_tune != NULL) { 317 ipf_tune_array_unlink(softc, softl->ipf_log_tune); 318 KFREES(softl->ipf_log_tune, sizeof(ipf_log_tuneables)); 319 softl->ipf_log_tune = NULL; 320 } 321 322 KFREE(softl); 323 } 324 325 326 /* ------------------------------------------------------------------------ */ 327 /* Function: ipf_log_pkt */ 328 /* Returns: int - 0 == success, -1 == failure */ 329 /* Parameters: fin(I) - pointer to packet information */ 330 /* flags(I) - flags from filter rules */ 331 /* */ 332 /* Create a log record for a packet given that it has been triggered by a */ 333 /* rule (or the default setting). Calculate the transport protocol header */ 334 /* size using predetermined size of a couple of popular protocols and thus */ 335 /* how much data to copy into the log, including part of the data body if */ 336 /* requested. */ 337 /* ------------------------------------------------------------------------ */ 338 int 339 ipf_log_pkt(fin, flags) 340 fr_info_t *fin; 341 u_int flags; 342 { 343 ipf_main_softc_t *softc = fin->fin_main_soft; 344 ipf_log_softc_t *softl = softc->ipf_log_soft; 345 register size_t hlen; 346 int types[2], mlen; 347 size_t sizes[2]; 348 void *ptrs[2]; 349 ipflog_t ipfl; 350 u_char p; 351 mb_t *m; 352 # if (SOLARIS || defined(__hpux)) && defined(_KERNEL) && !defined(FW_HOOKS) 353 qif_t *ifp; 354 # else 355 struct ifnet *ifp; 356 # endif /* SOLARIS || __hpux */ 357 358 m = fin->fin_m; 359 if (m == NULL) 360 return -1; 361 362 ipfl.fl_nattag.ipt_num[0] = 0; 363 ifp = fin->fin_ifp; 364 hlen = (char *)fin->fin_dp - (char *)fin->fin_ip; 365 366 /* 367 * calculate header size. 368 */ 369 if (fin->fin_off == 0) { 370 p = fin->fin_fi.fi_p; 371 if (p == IPPROTO_TCP) 372 hlen += MIN(sizeof(tcphdr_t), fin->fin_dlen); 373 else if (p == IPPROTO_UDP) 374 hlen += MIN(sizeof(udphdr_t), fin->fin_dlen); 375 else if (p == IPPROTO_ICMP) { 376 struct icmp *icmp; 377 378 icmp = (struct icmp *)fin->fin_dp; 379 380 /* 381 * For ICMP, if the packet is an error packet, also 382 * include the information about the packet which 383 * caused the error. 384 */ 385 switch (icmp->icmp_type) 386 { 387 case ICMP_UNREACH : 388 case ICMP_SOURCEQUENCH : 389 case ICMP_REDIRECT : 390 case ICMP_TIMXCEED : 391 case ICMP_PARAMPROB : 392 hlen += MIN(sizeof(struct icmp) + 8, 393 fin->fin_dlen); 394 break; 395 default : 396 hlen += MIN(sizeof(struct icmp), 397 fin->fin_dlen); 398 break; 399 } 400 } 401 # ifdef USE_INET6 402 else if (p == IPPROTO_ICMPV6) { 403 struct icmp6_hdr *icmp; 404 405 icmp = (struct icmp6_hdr *)fin->fin_dp; 406 407 /* 408 * For ICMPV6, if the packet is an error packet, also 409 * include the information about the packet which 410 * caused the error. 411 */ 412 if (icmp->icmp6_type < 128) { 413 hlen += MIN(sizeof(struct icmp6_hdr) + 8, 414 fin->fin_dlen); 415 } else { 416 hlen += MIN(sizeof(struct icmp6_hdr), 417 fin->fin_dlen); 418 } 419 } 420 # endif 421 } 422 /* 423 * Get the interface number and name to which this packet is 424 * currently associated. 425 */ 426 # if (SOLARIS || defined(__hpux)) && defined(_KERNEL) 427 # if !defined(FW_HOOKS) 428 ipfl.fl_unit = (u_int)ifp->qf_ppa; 429 # endif 430 COPYIFNAME(fin->fin_v, ifp, ipfl.fl_ifname); 431 # else 432 # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199603)) || \ 433 OPENBSD_GE_REV(199603) || defined(linux) || FREEBSD_GE_REV(501113) 434 COPYIFNAME(fin->fin_v, ifp, ipfl.fl_ifname); 435 # else 436 ipfl.fl_unit = (u_int)ifp->if_unit; 437 # if defined(_KERNEL) 438 if ((ipfl.fl_ifname[0] = ifp->if_name[0])) 439 if ((ipfl.fl_ifname[1] = ifp->if_name[1])) 440 if ((ipfl.fl_ifname[2] = ifp->if_name[2])) 441 ipfl.fl_ifname[3] = ifp->if_name[3]; 442 # else 443 (void) strncpy(ipfl.fl_ifname, IFNAME(ifp), sizeof(ipfl.fl_ifname)); 444 ipfl.fl_ifname[sizeof(ipfl.fl_ifname) - 1] = '\0'; 445 # endif 446 # endif 447 # endif /* __hpux || SOLARIS */ 448 mlen = fin->fin_plen - hlen; 449 if (!softl->ipl_logall) { 450 mlen = (flags & FR_LOGBODY) ? MIN(mlen, 128) : 0; 451 } else if ((flags & FR_LOGBODY) == 0) { 452 mlen = 0; 453 } 454 if (mlen < 0) 455 mlen = 0; 456 ipfl.fl_plen = (u_char)mlen; 457 ipfl.fl_hlen = (u_char)hlen; 458 ipfl.fl_rule = fin->fin_rule; 459 (void) strncpy(ipfl.fl_group, fin->fin_group, FR_GROUPLEN); 460 if (fin->fin_fr != NULL) { 461 ipfl.fl_loglevel = fin->fin_fr->fr_loglevel; 462 ipfl.fl_logtag = fin->fin_fr->fr_logtag; 463 } else { 464 ipfl.fl_loglevel = 0xffff; 465 ipfl.fl_logtag = FR_NOLOGTAG; 466 } 467 if (fin->fin_nattag != NULL) 468 bcopy(fin->fin_nattag, (void *)&ipfl.fl_nattag, 469 sizeof(ipfl.fl_nattag)); 470 ipfl.fl_flags = flags; 471 ipfl.fl_breason = (fin->fin_reason & 0xff); 472 ipfl.fl_dir = fin->fin_out; 473 ipfl.fl_lflags = fin->fin_flx; 474 ipfl.fl_family = fin->fin_family; 475 ptrs[0] = (void *)&ipfl; 476 sizes[0] = sizeof(ipfl); 477 types[0] = 0; 478 # if defined(MENTAT) && defined(_KERNEL) 479 /* 480 * Are we copied from the mblk or an aligned array ? 481 */ 482 if (fin->fin_ip == (ip_t *)m->b_rptr) { 483 ptrs[1] = m; 484 sizes[1] = hlen + mlen; 485 types[1] = 1; 486 } else { 487 ptrs[1] = fin->fin_ip; 488 sizes[1] = hlen + mlen; 489 types[1] = 0; 490 } 491 # else 492 ptrs[1] = m; 493 sizes[1] = hlen + mlen; 494 types[1] = 1; 495 # endif /* MENTAT */ 496 return ipf_log_items(softc, IPL_LOGIPF, fin, ptrs, sizes, types, 2); 497 } 498 499 500 /* ------------------------------------------------------------------------ */ 501 /* Function: ipf_log_items */ 502 /* Returns: int - 0 == success, -1 == failure */ 503 /* Parameters: softc(I) - pointer to main soft context */ 504 /* unit(I) - device we are reading from */ 505 /* fin(I) - pointer to packet information */ 506 /* items(I) - array of pointers to log data */ 507 /* itemsz(I) - array of size of valid memory pointed to */ 508 /* types(I) - type of data pointed to by items pointers */ 509 /* cnt(I) - number of elements in arrays items/itemsz/types */ 510 /* */ 511 /* Takes an array of parameters and constructs one record to include the */ 512 /* miscellaneous packet information, as well as packet data, for reading */ 513 /* from the log device. */ 514 /* ------------------------------------------------------------------------ */ 515 int 516 ipf_log_items(softc, unit, fin, items, itemsz, types, cnt) 517 ipf_main_softc_t *softc; 518 int unit; 519 fr_info_t *fin; 520 void **items; 521 size_t *itemsz; 522 int *types, cnt; 523 { 524 ipf_log_softc_t *softl = softc->ipf_log_soft; 525 caddr_t buf, ptr; 526 iplog_t *ipl; 527 size_t len; 528 int i; 529 SPL_INT(s); 530 531 /* 532 * Get the total amount of data to be logged. 533 */ 534 for (i = 0, len = sizeof(iplog_t); i < cnt; i++) 535 len += itemsz[i]; 536 537 SPL_NET(s); 538 MUTEX_ENTER(&softl->ipl_mutex[unit]); 539 softl->ipl_counter[unit]++; 540 /* 541 * check that we have space to record this information and can 542 * allocate that much. 543 */ 544 if ((softl->ipl_used[unit] + len) > softl->ipl_logsize) { 545 softl->ipl_logfail[unit]++; 546 MUTEX_EXIT(&softl->ipl_mutex[unit]); 547 return -1; 548 } 549 550 KMALLOCS(buf, caddr_t, len); 551 if (buf == NULL) { 552 softl->ipl_logfail[unit]++; 553 MUTEX_EXIT(&softl->ipl_mutex[unit]); 554 return -1; 555 } 556 ipl = (iplog_t *)buf; 557 ipl->ipl_magic = softl->ipl_magic[unit]; 558 ipl->ipl_count = 1; 559 ipl->ipl_seqnum = softl->ipl_counter[unit]; 560 ipl->ipl_next = NULL; 561 ipl->ipl_dsize = len; 562 #ifdef _KERNEL 563 GETKTIME(&ipl->ipl_sec); 564 #else 565 ipl->ipl_sec = 0; 566 ipl->ipl_usec = 0; 567 #endif 568 569 /* 570 * Loop through all the items to be logged, copying each one to the 571 * buffer. Use bcopy for normal data or the mb_t copyout routine. 572 */ 573 for (i = 0, ptr = buf + sizeof(*ipl); i < cnt; i++) { 574 if (types[i] == 0) { 575 bcopy(items[i], ptr, itemsz[i]); 576 } else if (types[i] == 1) { 577 COPYDATA(items[i], 0, itemsz[i], ptr); 578 } 579 ptr += itemsz[i]; 580 } 581 /* 582 * Check to see if this log record has a CRC which matches the last 583 * record logged. If it does, just up the count on the previous one 584 * rather than create a new one. 585 */ 586 if (softl->ipl_suppress) { 587 if ((fin != NULL) && (fin->fin_off == 0)) { 588 if ((softl->ipll[unit] != NULL) && 589 (fin->fin_crc == softl->ipl_crc[unit].fin_crc) && 590 bcmp((char *)fin, (char *)&softl->ipl_crc[unit], 591 FI_LCSIZE) == 0) { 592 softl->ipll[unit]->ipl_count++; 593 MUTEX_EXIT(&softl->ipl_mutex[unit]); 594 SPL_X(s); 595 KFREES(buf, len); 596 return 0; 597 } 598 bcopy((char *)fin, (char *)&softl->ipl_crc[unit], 599 FI_LCSIZE); 600 softl->ipl_crc[unit].fin_crc = fin->fin_crc; 601 } else 602 bzero((char *)&softl->ipl_crc[unit], FI_CSIZE); 603 } 604 605 /* 606 * advance the log pointer to the next empty record and deduct the 607 * amount of space we're going to use. 608 */ 609 softl->ipl_logok[unit]++; 610 softl->ipll[unit] = ipl; 611 *softl->iplh[unit] = ipl; 612 softl->iplh[unit] = &ipl->ipl_next; 613 softl->ipl_used[unit] += len; 614 615 /* 616 * Now that the log record has been completed and added to the queue, 617 * wake up any listeners who may want to read it. 618 */ 619 # if SOLARIS && defined(_KERNEL) 620 cv_signal(&softl->ipl_wait[unit]); 621 MUTEX_EXIT(&softl->ipl_mutex[unit]); 622 pollwakeup(&softc->ipf_poll_head[unit], POLLRDNORM); 623 # else 624 MUTEX_EXIT(&softl->ipl_mutex[unit]); 625 WAKEUP(softl->iplh, unit); 626 POLLWAKEUP(unit); 627 # endif 628 SPL_X(s); 629 # ifdef IPL_SELECT 630 iplog_input_ready(unit); 631 # endif 632 return 0; 633 } 634 635 636 /* ------------------------------------------------------------------------ */ 637 /* Function: ipf_log_read */ 638 /* Returns: int - 0 == success, else error value. */ 639 /* Parameters: softc(I) - pointer to main soft context */ 640 /* unit(I) - device we are reading from */ 641 /* uio(O) - pointer to information about where to store data */ 642 /* */ 643 /* Called to handle a read on an IPFilter device. Returns only complete */ 644 /* log messages - will not partially copy a log record out to userland. */ 645 /* */ 646 /* NOTE: This function will block and wait for a signal to return data if */ 647 /* there is none present. Asynchronous I/O is not implemented. */ 648 /* ------------------------------------------------------------------------ */ 649 int 650 ipf_log_read(softc, unit, uio) 651 ipf_main_softc_t *softc; 652 minor_t unit; 653 struct uio *uio; 654 { 655 ipf_log_softc_t *softl = softc->ipf_log_soft; 656 size_t dlen, copied; 657 int error = 0; 658 iplog_t *ipl; 659 SPL_INT(s); 660 661 /* 662 * Sanity checks. Make sure the minor # is valid and we're copying 663 * a valid chunk of data. 664 */ 665 if (IPL_LOGMAX < unit) { 666 IPFERROR(40001); 667 return ENXIO; 668 } 669 if (uio->uio_resid == 0) 670 return 0; 671 672 if (uio->uio_resid < sizeof(iplog_t)) { 673 IPFERROR(40002); 674 return EINVAL; 675 } 676 if (uio->uio_resid > softl->ipl_logsize) { 677 IPFERROR(40005); 678 return EINVAL; 679 } 680 681 /* 682 * Lock the log so we can snapshot the variables. Wait for a signal 683 * if the log is empty. 684 */ 685 SPL_NET(s); 686 MUTEX_ENTER(&softl->ipl_mutex[unit]); 687 688 while (softl->iplt[unit] == NULL) { 689 # if SOLARIS && defined(_KERNEL) 690 if (!cv_wait_sig(&softl->ipl_wait[unit], &softl->ipl_mutex[unit].ipf_lk)) { 691 MUTEX_EXIT(&softl->ipl_mutex[unit]); 692 IPFERROR(40003); 693 return EINTR; 694 } 695 # else 696 # if defined(__hpux) && defined(_KERNEL) 697 lock_t *l; 698 699 # ifdef IPL_SELECT 700 if (uio->uio_fpflags & (FNBLOCK|FNDELAY)) { 701 /* this is no blocking system call */ 702 MUTEX_EXIT(&softl->ipl_mutex[unit]); 703 return 0; 704 } 705 # endif 706 707 MUTEX_EXIT(&softl->ipl_mutex[unit]); 708 l = get_sleep_lock(&softl->iplh[unit]); 709 error = sleep(&softl->iplh[unit], PZERO+1); 710 spinunlock(l); 711 # else 712 # if defined(__osf__) && defined(_KERNEL) 713 error = mpsleep(&softl->iplh[unit], PSUSP|PCATCH, "ipfread", 0, 714 &softl->ipl_mutex, MS_LOCK_SIMPLE); 715 # else 716 MUTEX_EXIT(&softl->ipl_mutex[unit]); 717 SPL_X(s); 718 error = SLEEP(unit + softl->iplh, "ipl sleep"); 719 # endif /* __osf__ */ 720 # endif /* __hpux */ 721 if (error) { 722 IPFERROR(40004); 723 return error; 724 } 725 SPL_NET(s); 726 MUTEX_ENTER(&softl->ipl_mutex[unit]); 727 # endif /* SOLARIS */ 728 } 729 730 # if (defined(BSD) && (BSD >= 199101)) || defined(__FreeBSD__) || \ 731 defined(__osf__) 732 uio->uio_rw = UIO_READ; 733 # endif 734 735 for (copied = 0; (ipl = softl->iplt[unit]) != NULL; copied += dlen) { 736 dlen = ipl->ipl_dsize; 737 if (dlen > uio->uio_resid) 738 break; 739 /* 740 * Don't hold the mutex over the uiomove call. 741 */ 742 softl->iplt[unit] = ipl->ipl_next; 743 softl->ipl_used[unit] -= dlen; 744 MUTEX_EXIT(&softl->ipl_mutex[unit]); 745 SPL_X(s); 746 error = UIOMOVE(ipl, dlen, UIO_READ, uio); 747 if (error) { 748 SPL_NET(s); 749 MUTEX_ENTER(&softl->ipl_mutex[unit]); 750 IPFERROR(40006); 751 ipl->ipl_next = softl->iplt[unit]; 752 softl->iplt[unit] = ipl; 753 softl->ipl_used[unit] += dlen; 754 break; 755 } 756 MUTEX_ENTER(&softl->ipl_mutex[unit]); 757 KFREES((caddr_t)ipl, dlen); 758 SPL_NET(s); 759 } 760 if (!softl->iplt[unit]) { 761 softl->ipl_used[unit] = 0; 762 softl->iplh[unit] = &softl->iplt[unit]; 763 softl->ipll[unit] = NULL; 764 } 765 766 MUTEX_EXIT(&softl->ipl_mutex[unit]); 767 SPL_X(s); 768 return error; 769 } 770 771 772 /* ------------------------------------------------------------------------ */ 773 /* Function: ipf_log_clear */ 774 /* Returns: int - number of log bytes cleared. */ 775 /* Parameters: softc(I) - pointer to main soft context */ 776 /* unit(I) - device we are reading from */ 777 /* */ 778 /* Deletes all queued up log records for a given output device. */ 779 /* ------------------------------------------------------------------------ */ 780 int 781 ipf_log_clear(softc, unit) 782 ipf_main_softc_t *softc; 783 minor_t unit; 784 { 785 ipf_log_softc_t *softl = softc->ipf_log_soft; 786 iplog_t *ipl; 787 int used; 788 SPL_INT(s); 789 790 SPL_NET(s); 791 MUTEX_ENTER(&softl->ipl_mutex[unit]); 792 while ((ipl = softl->iplt[unit]) != NULL) { 793 softl->iplt[unit] = ipl->ipl_next; 794 KFREES((caddr_t)ipl, ipl->ipl_dsize); 795 } 796 softl->iplh[unit] = &softl->iplt[unit]; 797 softl->ipll[unit] = NULL; 798 used = softl->ipl_used[unit]; 799 softl->ipl_used[unit] = 0; 800 bzero((char *)&softl->ipl_crc[unit], FI_CSIZE); 801 MUTEX_EXIT(&softl->ipl_mutex[unit]); 802 SPL_X(s); 803 return used; 804 } 805 806 807 /* ------------------------------------------------------------------------ */ 808 /* Function: ipf_log_canread */ 809 /* Returns: int - 0 == no data to read, 1 = data present */ 810 /* Parameters: softc(I) - pointer to main soft context */ 811 /* unit(I) - device we are reading from */ 812 /* */ 813 /* Returns an indication of whether or not there is data present in the */ 814 /* current buffer for the selected ipf device. */ 815 /* ------------------------------------------------------------------------ */ 816 int 817 ipf_log_canread(softc, unit) 818 ipf_main_softc_t *softc; 819 int unit; 820 { 821 ipf_log_softc_t *softl = softc->ipf_log_soft; 822 823 return softl->iplt[unit] != NULL; 824 } 825 826 827 /* ------------------------------------------------------------------------ */ 828 /* Function: ipf_log_canread */ 829 /* Returns: int - 0 == no data to read, 1 = data present */ 830 /* Parameters: softc(I) - pointer to main soft context */ 831 /* unit(I) - device we are reading from */ 832 /* */ 833 /* Returns how many bytes are currently held in log buffers for the */ 834 /* selected ipf device. */ 835 /* ------------------------------------------------------------------------ */ 836 int 837 ipf_log_bytesused(softc, unit) 838 ipf_main_softc_t *softc; 839 int unit; 840 { 841 ipf_log_softc_t *softl = softc->ipf_log_soft; 842 843 if (softl == NULL) 844 return 0; 845 846 return softl->ipl_used[unit]; 847 } 848 849 850 /* ------------------------------------------------------------------------ */ 851 /* Function: ipf_log_failures */ 852 /* Returns: U_QUAD_T - number of log failures */ 853 /* Parameters: softc(I) - pointer to main soft context */ 854 /* unit(I) - device we are reading from */ 855 /* */ 856 /* Returns how many times we've tried to log a packet but failed to do so */ 857 /* for the selected ipf device. */ 858 /* ------------------------------------------------------------------------ */ 859 u_long 860 ipf_log_failures(softc, unit) 861 ipf_main_softc_t *softc; 862 int unit; 863 { 864 ipf_log_softc_t *softl = softc->ipf_log_soft; 865 866 if (softl == NULL) 867 return 0; 868 869 return softl->ipl_logfail[unit]; 870 } 871 872 873 /* ------------------------------------------------------------------------ */ 874 /* Function: ipf_log_logok */ 875 /* Returns: U_QUAD_T - number of packets logged */ 876 /* Parameters: softc(I) - pointer to main soft context */ 877 /* unit(I) - device we are reading from */ 878 /* */ 879 /* Returns how many times we've successfully logged a packet for the */ 880 /* selected ipf device. */ 881 /* ------------------------------------------------------------------------ */ 882 u_long 883 ipf_log_logok(softc, unit) 884 ipf_main_softc_t *softc; 885 int unit; 886 { 887 ipf_log_softc_t *softl = softc->ipf_log_soft; 888 889 if (softl == NULL) 890 return 0; 891 892 return softl->ipl_logok[unit]; 893 } 894 #endif /* IPFILTER_LOG */ 895
Indexes created Sat Sep 27 22:09:54 GMT 2025