usr.bin/netstat/pfsync.c

*66dfcc85SDavid van Moolenbroek/*	$NetBSD: pfsync.c,v 1.1 2011/03/01 19:01:59 dyoung Exp $	*/
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek/*
*66dfcc85SDavid van Moolenbroek * Copyright (c) 1983, 1988, 1993
*66dfcc85SDavid van Moolenbroek *	The Regents of the University of California.  All rights reserved.
*66dfcc85SDavid van Moolenbroek *
*66dfcc85SDavid van Moolenbroek * Redistribution and use in source and binary forms, with or without
*66dfcc85SDavid van Moolenbroek * modification, are permitted provided that the following conditions
*66dfcc85SDavid van Moolenbroek * are met:
*66dfcc85SDavid van Moolenbroek * 1. Redistributions of source code must retain the above copyright
*66dfcc85SDavid van Moolenbroek *    notice, this list of conditions and the following disclaimer.
*66dfcc85SDavid van Moolenbroek * 2. Redistributions in binary form must reproduce the above copyright
*66dfcc85SDavid van Moolenbroek *    notice, this list of conditions and the following disclaimer in the
*66dfcc85SDavid van Moolenbroek *    documentation and/or other materials provided with the distribution.
*66dfcc85SDavid van Moolenbroek * 3. Neither the name of the University nor the names of its contributors
*66dfcc85SDavid van Moolenbroek *    may be used to endorse or promote products derived from this software
*66dfcc85SDavid van Moolenbroek *    without specific prior written permission.
*66dfcc85SDavid van Moolenbroek *
*66dfcc85SDavid van Moolenbroek * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
*66dfcc85SDavid van Moolenbroek * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
*66dfcc85SDavid van Moolenbroek * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
*66dfcc85SDavid van Moolenbroek * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
*66dfcc85SDavid van Moolenbroek * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
*66dfcc85SDavid van Moolenbroek * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
*66dfcc85SDavid van Moolenbroek * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
*66dfcc85SDavid van Moolenbroek * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
*66dfcc85SDavid van Moolenbroek * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
*66dfcc85SDavid van Moolenbroek * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
*66dfcc85SDavid van Moolenbroek * SUCH DAMAGE.
*66dfcc85SDavid van Moolenbroek */
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#include <sys/cdefs.h>
*66dfcc85SDavid van Moolenbroek#ifndef lint
*66dfcc85SDavid van Moolenbroek__RCSID("$NetBSD: pfsync.c,v 1.1 2011/03/01 19:01:59 dyoung Exp $");
*66dfcc85SDavid van Moolenbroek#endif /* not lint */
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#define	_CALLOUT_PRIVATE	/* for defs in sys/callout.h */
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#include <sys/param.h>
*66dfcc85SDavid van Moolenbroek#include <sys/queue.h>
*66dfcc85SDavid van Moolenbroek#include <sys/socket.h>
*66dfcc85SDavid van Moolenbroek#include <sys/socketvar.h>
*66dfcc85SDavid van Moolenbroek#include <sys/mbuf.h>
*66dfcc85SDavid van Moolenbroek#include <sys/protosw.h>
*66dfcc85SDavid van Moolenbroek#include <sys/sysctl.h>
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#include <net/if_arp.h>
*66dfcc85SDavid van Moolenbroek#include <net/route.h>
*66dfcc85SDavid van Moolenbroek#include <netinet/in.h>
*66dfcc85SDavid van Moolenbroek#include <netinet/in_systm.h>
*66dfcc85SDavid van Moolenbroek#include <netinet/ip.h>
*66dfcc85SDavid van Moolenbroek#include <netinet/in_pcb.h>
*66dfcc85SDavid van Moolenbroek#include <netinet/ip_icmp.h>
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#ifdef INET6
*66dfcc85SDavid van Moolenbroek#include <netinet/ip6.h>
*66dfcc85SDavid van Moolenbroek#endif
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#include <net/pfvar.h>
*66dfcc85SDavid van Moolenbroek#include <net/if_pfsync.h>
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#include <arpa/inet.h>
*66dfcc85SDavid van Moolenbroek#include <kvm.h>
*66dfcc85SDavid van Moolenbroek#include <netdb.h>
*66dfcc85SDavid van Moolenbroek#include <stdio.h>
*66dfcc85SDavid van Moolenbroek#include <string.h>
*66dfcc85SDavid van Moolenbroek#include <unistd.h>
*66dfcc85SDavid van Moolenbroek#include <stdlib.h>
*66dfcc85SDavid van Moolenbroek#include <err.h>
*66dfcc85SDavid van Moolenbroek#include "netstat.h"
*66dfcc85SDavid van Moolenbroek#include "prog_ops.h"
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek/*
*66dfcc85SDavid van Moolenbroek * Dump PFSYNC statistics structure.
*66dfcc85SDavid van Moolenbroek */
*66dfcc85SDavid van Moolenbroekvoid
*66dfcc85SDavid van Moolenbroekpfsync_stats(u_long off, const char *name)
*66dfcc85SDavid van Moolenbroek{
*66dfcc85SDavid van Moolenbroek	uint64_t pfsyncstat[PFSYNC_NSTATS];
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek	if (use_sysctl) {
*66dfcc85SDavid van Moolenbroek		size_t size = sizeof(pfsyncstat);
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek		if (sysctlbyname("net.inet.pfsync.stats", pfsyncstat, &size,
*66dfcc85SDavid van Moolenbroek				 NULL, 0) == -1)
*66dfcc85SDavid van Moolenbroek			return;
*66dfcc85SDavid van Moolenbroek	} else {
*66dfcc85SDavid van Moolenbroek		warnx("%s stats not available via KVM.", name);
*66dfcc85SDavid van Moolenbroek		return;
*66dfcc85SDavid van Moolenbroek	}
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek	printf("%s:\n", name);
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek#define p(f, m) if (pfsyncstat[f] || sflag <= 1) \
*66dfcc85SDavid van Moolenbroek	printf(m, pfsyncstat[f], plural(pfsyncstat[f]))
*66dfcc85SDavid van Moolenbroek#define p2(f, m) if (pfsyncstat[f] || sflag <= 1) \
*66dfcc85SDavid van Moolenbroek	printf(m, pfsyncstat[f])
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_IPACKETS, "\t%" PRIu64 " packet%s received (IPv4)\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_IPACKETS6,"\t%" PRIu64 " packet%s received (IPv6)\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADIF, "\t\t%" PRIu64 " packet%s discarded for bad interface\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADTTL, "\t\t%" PRIu64 " packet%s discarded for bad ttl\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_HDROPS, "\t\t%" PRIu64 " packet%s shorter than header\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADVER, "\t\t%" PRIu64 " packet%s discarded for bad version\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADAUTH, "\t\t%" PRIu64 " packet%s discarded for bad HMAC\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADACT,"\t\t%" PRIu64 " packet%s discarded for bad action\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADLEN, "\t\t%" PRIu64 " packet%s discarded for short packet\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADVAL, "\t\t%" PRIu64 " state%s discarded for bad values\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_STALE, "\t\t%" PRIu64 " stale state%s\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_BADSTATE, "\t\t%" PRIu64 " failed state lookup/insert%s\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_OPACKETS, "\t%" PRIu64 " packet%s sent (IPv4)\n");
*66dfcc85SDavid van Moolenbroek	p(PFSYNC_STAT_OPACKETS6, "\t%" PRIu64 " packet%s sent (IPv6)\n");
*66dfcc85SDavid van Moolenbroek	p2(PFSYNC_STAT_ONOMEM, "\t\t%" PRIu64 " send failed due to mbuf memory error\n");
*66dfcc85SDavid van Moolenbroek	p2(PFSYNC_STAT_OERRORS, "\t\t%" PRIu64 " send error\n");
*66dfcc85SDavid van Moolenbroek#undef p
*66dfcc85SDavid van Moolenbroek#undef p2
*66dfcc85SDavid van Moolenbroek}
*66dfcc85SDavid van Moolenbroek
*66dfcc85SDavid van Moolenbroek