npfctl.c revision 1.1
1 1.1 rmind /* $NetBSD: npfctl.c,v 1.1 2010/08/22 18:56:24 rmind Exp $ */ 2 1.1 rmind 3 1.1 rmind /*- 4 1.1 rmind * Copyright (c) 2009-2010 The NetBSD Foundation, Inc. 5 1.1 rmind * All rights reserved. 6 1.1 rmind * 7 1.1 rmind * This material is based upon work partially supported by The 8 1.1 rmind * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. 9 1.1 rmind * 10 1.1 rmind * Redistribution and use in source and binary forms, with or without 11 1.1 rmind * modification, are permitted provided that the following conditions 12 1.1 rmind * are met: 13 1.1 rmind * 1. Redistributions of source code must retain the above copyright 14 1.1 rmind * notice, this list of conditions and the following disclaimer. 15 1.1 rmind * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 rmind * notice, this list of conditions and the following disclaimer in the 17 1.1 rmind * documentation and/or other materials provided with the distribution. 18 1.1 rmind * 19 1.1 rmind * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 1.1 rmind * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 1.1 rmind * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 1.1 rmind * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 1.1 rmind * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 1.1 rmind * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 1.1 rmind * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 1.1 rmind * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 1.1 rmind * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 1.1 rmind * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 1.1 rmind * POSSIBILITY OF SUCH DAMAGE. 30 1.1 rmind */ 31 1.1 rmind 32 1.1 rmind #include <sys/ioctl.h> 33 1.1 rmind #include <sys/stat.h> 34 1.1 rmind #include <sys/types.h> 35 1.1 rmind 36 1.1 rmind #include <stdio.h> 37 1.1 rmind #include <stdlib.h> 38 1.1 rmind #include <string.h> 39 1.1 rmind #include <err.h> 40 1.1 rmind #include <fcntl.h> 41 1.1 rmind #include <unistd.h> 42 1.1 rmind 43 1.1 rmind #include "npfctl.h" 44 1.1 rmind 45 1.1 rmind #define NPFCTL_START 1 46 1.1 rmind #define NPFCTL_STOP 2 47 1.1 rmind #define NPFCTL_RELOAD 3 48 1.1 rmind #define NPFCTL_FLUSH 4 49 1.1 rmind #define NPFCTL_TABLE 5 50 1.1 rmind 51 1.1 rmind static struct operations_s { 52 1.1 rmind const char * cmd; 53 1.1 rmind int action; 54 1.1 rmind } operations[] = { 55 1.1 rmind /* Start, stop, reload */ 56 1.1 rmind { "start", NPFCTL_START }, 57 1.1 rmind { "stop", NPFCTL_STOP }, 58 1.1 rmind { "reload", NPFCTL_RELOAD }, 59 1.1 rmind { "flush", NPFCTL_FLUSH }, 60 1.1 rmind /* Table */ 61 1.1 rmind { "table", NPFCTL_TABLE }, 62 1.1 rmind /* --- */ 63 1.1 rmind { NULL, 0 } 64 1.1 rmind }; 65 1.1 rmind 66 1.1 rmind void * 67 1.1 rmind zalloc(size_t sz) 68 1.1 rmind { 69 1.1 rmind void *p; 70 1.1 rmind 71 1.1 rmind p = malloc(sz); 72 1.1 rmind if (p == NULL) { 73 1.1 rmind perror("zalloc"); 74 1.1 rmind exit(EXIT_FAILURE); 75 1.1 rmind } 76 1.1 rmind memset(p, 0, sz); 77 1.1 rmind return p; 78 1.1 rmind } 79 1.1 rmind 80 1.1 rmind char * 81 1.1 rmind xstrdup(const char *s) 82 1.1 rmind { 83 1.1 rmind char *p; 84 1.1 rmind 85 1.1 rmind p = strdup(s); 86 1.1 rmind if (p == NULL) { 87 1.1 rmind perror("xstrdup"); 88 1.1 rmind exit(EXIT_FAILURE); 89 1.1 rmind } 90 1.1 rmind return p; 91 1.1 rmind } 92 1.1 rmind 93 1.1 rmind static void 94 1.1 rmind usage(void) 95 1.1 rmind { 96 1.1 rmind const char *progname = getprogname(); 97 1.1 rmind 98 1.1 rmind fprintf(stderr, 99 1.1 rmind "usage:\t%s [ start | stop | reload ]\n", 100 1.1 rmind progname); 101 1.1 rmind fprintf(stderr, 102 1.1 rmind "\t%s table <tid> [ flush ]\n", 103 1.1 rmind progname); 104 1.1 rmind fprintf(stderr, 105 1.1 rmind "\t%s table <tid> { add | rem } <address/mask>\n", 106 1.1 rmind progname); 107 1.1 rmind 108 1.1 rmind exit(EXIT_FAILURE); 109 1.1 rmind } 110 1.1 rmind 111 1.1 rmind static void 112 1.1 rmind npfctl_parsecfg(const char *cfg) 113 1.1 rmind { 114 1.1 rmind char *buf, *p; 115 1.1 rmind FILE *fp; 116 1.1 rmind size_t n; 117 1.1 rmind int l; 118 1.1 rmind 119 1.1 rmind fp = fopen(cfg, "r"); 120 1.1 rmind if (fp == NULL) { 121 1.1 rmind err(EXIT_FAILURE, "fopen"); 122 1.1 rmind } 123 1.1 rmind l = 0; 124 1.1 rmind buf = NULL; 125 1.1 rmind while (getline(&buf, &n, fp) != -1) { 126 1.1 rmind l++; 127 1.1 rmind p = strpbrk(buf, "#\n"); 128 1.1 rmind if (p != NULL) { 129 1.1 rmind *p = '\0'; 130 1.1 rmind } 131 1.1 rmind if (npf_parseline(buf)) { 132 1.1 rmind fprintf(stderr, "invalid syntax at line %d\n", l); 133 1.1 rmind exit(EXIT_FAILURE); 134 1.1 rmind } 135 1.1 rmind } 136 1.1 rmind if (buf != NULL) { 137 1.1 rmind free(buf); 138 1.1 rmind } 139 1.1 rmind } 140 1.1 rmind 141 1.1 rmind static void 142 1.1 rmind npfctl(int action, int argc, char **argv) 143 1.1 rmind { 144 1.1 rmind int fd, ret, ver, boolval; 145 1.1 rmind npf_ioctl_table_t tbl; 146 1.1 rmind char *arg; 147 1.1 rmind 148 1.1 rmind #ifdef DEBUG 149 1.1 rmind npfctl_init_data(); 150 1.1 rmind npfctl_parsecfg("npf.conf"); 151 1.1 rmind ret = npfctl_ioctl_send(fd); 152 1.1 rmind return; 153 1.1 rmind #endif 154 1.1 rmind fd = open(NPF_DEV_PATH, O_RDONLY); 155 1.1 rmind if (fd == -1) { 156 1.1 rmind err(EXIT_FAILURE, "cannot open " NPF_DEV_PATH); 157 1.1 rmind } 158 1.1 rmind ret = ioctl(fd, IOC_NPF_VERSION, &ver); 159 1.1 rmind if (ver != NPF_VERSION) { 160 1.1 rmind errx(EXIT_FAILURE, "incompatible npf interface version " 161 1.1 rmind "(%d, kernel %d)", NPF_VERSION, ver); 162 1.1 rmind } 163 1.1 rmind switch (action) { 164 1.1 rmind case NPFCTL_START: 165 1.1 rmind boolval = true; 166 1.1 rmind ret = ioctl(fd, IOC_NPF_SWITCH, &boolval); 167 1.1 rmind break; 168 1.1 rmind case NPFCTL_STOP: 169 1.1 rmind boolval = false; 170 1.1 rmind ret = ioctl(fd, IOC_NPF_SWITCH, &boolval); 171 1.1 rmind break; 172 1.1 rmind case NPFCTL_RELOAD: 173 1.1 rmind npfctl_init_data(); 174 1.1 rmind npfctl_parsecfg(argc < 3 ? NPF_CONF_PATH : argv[2]); 175 1.1 rmind ret = npfctl_ioctl_send(fd); 176 1.1 rmind break; 177 1.1 rmind case NPFCTL_FLUSH: 178 1.1 rmind /* Pass empty configuration to flush. */ 179 1.1 rmind npfctl_init_data(); 180 1.1 rmind ret = npfctl_ioctl_send(fd); 181 1.1 rmind break; 182 1.1 rmind case NPFCTL_TABLE: 183 1.1 rmind if (argc < 5) { 184 1.1 rmind usage(); 185 1.1 rmind } 186 1.1 rmind tbl.nct_tid = atoi(argv[2]); 187 1.1 rmind if (strcmp(argv[3], "add") == 0) { 188 1.1 rmind tbl.nct_action = NPF_IOCTL_TBLENT_ADD; 189 1.1 rmind arg = argv[4]; 190 1.1 rmind } else if (strcmp(argv[3], "rem") == 0) { 191 1.1 rmind tbl.nct_action = NPF_IOCTL_TBLENT_REM; 192 1.1 rmind arg = argv[4]; 193 1.1 rmind } else { 194 1.1 rmind tbl.nct_action = 0; 195 1.1 rmind arg = argv[3]; 196 1.1 rmind } 197 1.1 rmind if (!npfctl_parse_v4mask(arg, 198 1.1 rmind &tbl.nct_addr, &tbl.nct_mask)) { 199 1.1 rmind errx(EXIT_FAILURE, "invalid CIDR '%s'", arg); 200 1.1 rmind } 201 1.1 rmind ret = ioctl(fd, IOC_NPF_TABLE, &tbl); 202 1.1 rmind break; 203 1.1 rmind } 204 1.1 rmind if (ret == -1) { 205 1.1 rmind err(EXIT_FAILURE, "ioctl"); 206 1.1 rmind } 207 1.1 rmind close(fd); 208 1.1 rmind } 209 1.1 rmind 210 1.1 rmind int 211 1.1 rmind main(int argc, char **argv) 212 1.1 rmind { 213 1.1 rmind char *cmd; 214 1.1 rmind int n; 215 1.1 rmind 216 1.1 rmind if (argc < 2) { 217 1.1 rmind usage(); 218 1.1 rmind } 219 1.1 rmind cmd = argv[1]; 220 1.1 rmind 221 1.1 rmind /* Find and call the subroutine */ 222 1.1 rmind for (n = 0; operations[n].cmd != NULL; n++) { 223 1.1 rmind if (strcmp(cmd, operations[n].cmd) != 0) 224 1.1 rmind continue; 225 1.1 rmind npfctl(operations[n].action, argc, argv); 226 1.1 rmind break; 227 1.1 rmind } 228 1.1 rmind return 0; 229 1.1 rmind } 230
Indexes created Thu Oct 30 03:10:01 GMT 2025