1*64a05fe8Schristos /* $NetBSD: ippool.c,v 1.4 2013/10/20 03:09:11 christos Exp $ */
2bc4097aaSchristos
3bc4097aaSchristos /*
413885a66Sdarrenr * Copyright (C) 2012 by Darren Reed.
5bc4097aaSchristos *
6bc4097aaSchristos * See the IPFILTER.LICENCE file for details on licencing.
7bc4097aaSchristos */
8bc4097aaSchristos #include <sys/types.h>
9bc4097aaSchristos #include <sys/time.h>
10bc4097aaSchristos #include <sys/param.h>
11bc4097aaSchristos #include <sys/socket.h>
12bc4097aaSchristos #if defined(BSD) && (BSD >= 199306)
13bc4097aaSchristos # include <sys/cdefs.h>
14bc4097aaSchristos #endif
15bc4097aaSchristos #include <sys/ioctl.h>
16bc4097aaSchristos
17bc4097aaSchristos #include <net/if.h>
18bc4097aaSchristos #if __FreeBSD_version >= 300000
19bc4097aaSchristos # include <net/if_var.h>
20bc4097aaSchristos #endif
21bc4097aaSchristos #include <netinet/in.h>
22bc4097aaSchristos
23bc4097aaSchristos #include <arpa/inet.h>
24bc4097aaSchristos
25bc4097aaSchristos #include <stdio.h>
26bc4097aaSchristos #include <fcntl.h>
27bc4097aaSchristos #include <stdlib.h>
28bc4097aaSchristos #include <string.h>
29bc4097aaSchristos #include <netdb.h>
30bc4097aaSchristos #include <ctype.h>
31bc4097aaSchristos #include <unistd.h>
32bc4097aaSchristos #ifdef linux
33bc4097aaSchristos # include <linux/a.out.h>
34bc4097aaSchristos #else
35bc4097aaSchristos # include <nlist.h>
36bc4097aaSchristos #endif
37bc4097aaSchristos
38bc4097aaSchristos #include "ipf.h"
39bc4097aaSchristos #include "netinet/ipl.h"
40bc4097aaSchristos #include "netinet/ip_lookup.h"
41bc4097aaSchristos #include "netinet/ip_pool.h"
42bc4097aaSchristos #include "netinet/ip_htable.h"
43bc4097aaSchristos #include "kmem.h"
44bc4097aaSchristos
45bc4097aaSchristos
46bc4097aaSchristos extern int ippool_yyparse __P((void));
47bc4097aaSchristos extern int ippool_yydebug;
48bc4097aaSchristos extern FILE *ippool_yyin;
49bc4097aaSchristos extern char *optarg;
50bc4097aaSchristos extern int lineNum;
51bc4097aaSchristos
52bc4097aaSchristos void usage __P((char *));
53bc4097aaSchristos int main __P((int, char **));
54bc4097aaSchristos int poolcommand __P((int, int, char *[]));
55bc4097aaSchristos int poolnodecommand __P((int, int, char *[]));
56bc4097aaSchristos int loadpoolfile __P((int, char *[], char *));
57bc4097aaSchristos int poollist __P((int, char *[]));
58bc4097aaSchristos void poollist_dead __P((int, char *, int, char *, char *));
59bc4097aaSchristos void poollist_live __P((int, char *, int, int));
60bc4097aaSchristos int poolflush __P((int, char *[]));
61bc4097aaSchristos int poolstats __P((int, char *[]));
62bc4097aaSchristos int gettype __P((char *, u_int *));
63bc4097aaSchristos int getrole __P((char *));
64bc4097aaSchristos int setnodeaddr __P((int, int, void *ptr, char *arg));
65bc4097aaSchristos void showpools_live __P((int, int, ipf_pool_stat_t *, char *));
66bc4097aaSchristos void showhashs_live __P((int, int, iphtstat_t *, char *));
67bc4097aaSchristos void showdstls_live __P((int, int, ipf_dstl_stat_t *, char *));
68bc4097aaSchristos
69bc4097aaSchristos int opts = 0;
70bc4097aaSchristos int fd = -1;
71bc4097aaSchristos int use_inet6 = 0;
72bc4097aaSchristos wordtab_t *pool_fields = NULL;
73bc4097aaSchristos int nohdrfields = 0;
74bc4097aaSchristos
75bc4097aaSchristos
76bc4097aaSchristos void
usage(prog)77bc4097aaSchristos usage(prog)
78bc4097aaSchristos char *prog;
79bc4097aaSchristos {
80bc4097aaSchristos fprintf(stderr, "Usage:\t%s\n", prog);
81bc4097aaSchristos fprintf(stderr, "\t-a [-dnv] [-m <name>] [-o <role>] [-t type] [-T ttl] -i <ipaddr>[/netmask]\n");
82bc4097aaSchristos fprintf(stderr, "\t-A [-dnv] [-m <name>] [-o <role>] [-S <seed>] [-t <type>]\n");
83bc4097aaSchristos fprintf(stderr, "\t-f <file> [-dnuv]\n");
84bc4097aaSchristos fprintf(stderr, "\t-F [-dv] [-o <role>] [-t <type>]\n");
85bc4097aaSchristos fprintf(stderr, "\t-l [-dv] [-m <name>] [-t <type>] [-O <fields>]\n");
86bc4097aaSchristos fprintf(stderr, "\t-r [-dnv] [-m <name>] [-o <role>] [-t type] -i <ipaddr>[/netmask]\n");
87bc4097aaSchristos fprintf(stderr, "\t-R [-dnv] [-m <name>] [-o <role>] [-t <type>]\n");
88bc4097aaSchristos fprintf(stderr, "\t-s [-dtv] [-M <core>] [-N <namelist>]\n");
89bc4097aaSchristos exit(1);
90bc4097aaSchristos }
91bc4097aaSchristos
92bc4097aaSchristos
93bc4097aaSchristos int
main(argc,argv)94bc4097aaSchristos main(argc, argv)
95bc4097aaSchristos int argc;
96bc4097aaSchristos char *argv[];
97bc4097aaSchristos {
9813885a66Sdarrenr int err = 1;
99bc4097aaSchristos
100bc4097aaSchristos if (argc < 2)
101bc4097aaSchristos usage(argv[0]);
102bc4097aaSchristos
103bc4097aaSchristos assigndefined(getenv("IPPOOL_PREDEFINED"));
104bc4097aaSchristos
10513885a66Sdarrenr switch (getopt(argc, argv, "aAf:FlnrRsv"))
106bc4097aaSchristos {
107bc4097aaSchristos case 'a' :
108bc4097aaSchristos err = poolnodecommand(0, argc, argv);
109bc4097aaSchristos break;
110bc4097aaSchristos case 'A' :
111bc4097aaSchristos err = poolcommand(0, argc, argv);
112bc4097aaSchristos break;
113bc4097aaSchristos case 'f' :
114bc4097aaSchristos err = loadpoolfile(argc, argv, optarg);
115bc4097aaSchristos break;
116bc4097aaSchristos case 'F' :
117bc4097aaSchristos err = poolflush(argc, argv);
118bc4097aaSchristos break;
119bc4097aaSchristos case 'l' :
120bc4097aaSchristos err = poollist(argc, argv);
121bc4097aaSchristos break;
12213885a66Sdarrenr case 'n' :
12313885a66Sdarrenr opts |= OPT_DONOTHING|OPT_DONTOPEN;
12413885a66Sdarrenr break;
125bc4097aaSchristos case 'r' :
126bc4097aaSchristos err = poolnodecommand(1, argc, argv);
127bc4097aaSchristos break;
128bc4097aaSchristos case 'R' :
129bc4097aaSchristos err = poolcommand(1, argc, argv);
130bc4097aaSchristos break;
131bc4097aaSchristos case 's' :
132bc4097aaSchristos err = poolstats(argc, argv);
133bc4097aaSchristos break;
13413885a66Sdarrenr case 'v' :
13513885a66Sdarrenr opts |= OPT_VERBOSE;
13613885a66Sdarrenr break;
137bc4097aaSchristos default :
138bc4097aaSchristos exit(1);
139bc4097aaSchristos }
140bc4097aaSchristos
141bc4097aaSchristos if (err != 0)
142bc4097aaSchristos exit(1);
143bc4097aaSchristos return 0;
144bc4097aaSchristos }
145bc4097aaSchristos
146bc4097aaSchristos
147bc4097aaSchristos int
poolnodecommand(remove,argc,argv)148bc4097aaSchristos poolnodecommand(remove, argc, argv)
149bc4097aaSchristos int remove, argc;
150bc4097aaSchristos char *argv[];
151bc4097aaSchristos {
152bc4097aaSchristos int err = 0, c, ipset, role, type = IPLT_POOL, ttl = 0;
153bc4097aaSchristos char *poolname = NULL;
154bc4097aaSchristos ip_pool_node_t pnode;
155bc4097aaSchristos iphtent_t hnode;
156bc4097aaSchristos void *ptr = &pnode;
157bc4097aaSchristos
158bc4097aaSchristos ipset = 0;
159bc4097aaSchristos role = IPL_LOGIPF;
160bc4097aaSchristos bzero((char *)&pnode, sizeof(pnode));
161bc4097aaSchristos bzero((char *)&hnode, sizeof(hnode));
162bc4097aaSchristos
163bc4097aaSchristos while ((c = getopt(argc, argv, "di:m:no:Rt:T:v")) != -1)
164bc4097aaSchristos switch (c)
165bc4097aaSchristos {
166bc4097aaSchristos case 'd' :
167bc4097aaSchristos opts |= OPT_DEBUG;
168bc4097aaSchristos ippool_yydebug++;
169bc4097aaSchristos break;
170bc4097aaSchristos case 'i' :
171bc4097aaSchristos if (setnodeaddr(type, role, ptr, optarg) == 0)
172bc4097aaSchristos ipset = 1;
173bc4097aaSchristos break;
174bc4097aaSchristos case 'm' :
175bc4097aaSchristos poolname = optarg;
176bc4097aaSchristos break;
177bc4097aaSchristos case 'n' :
178bc4097aaSchristos opts |= OPT_DONOTHING|OPT_DONTOPEN;
179bc4097aaSchristos break;
180bc4097aaSchristos case 'o' :
181bc4097aaSchristos if (ipset == 1) {
182bc4097aaSchristos fprintf(stderr,
183bc4097aaSchristos "cannot set role after ip address\n");
184bc4097aaSchristos return -1;
185bc4097aaSchristos }
186bc4097aaSchristos role = getrole(optarg);
187bc4097aaSchristos if (role == IPL_LOGNONE)
188bc4097aaSchristos return -1;
189bc4097aaSchristos break;
190bc4097aaSchristos case 'R' :
191bc4097aaSchristos opts |= OPT_NORESOLVE;
192bc4097aaSchristos break;
193bc4097aaSchristos case 't' :
194bc4097aaSchristos if (ipset == 1) {
195bc4097aaSchristos fprintf(stderr,
196bc4097aaSchristos "cannot set type after ip address\n");
197bc4097aaSchristos return -1;
198bc4097aaSchristos }
199bc4097aaSchristos type = gettype(optarg, NULL);
200bc4097aaSchristos switch (type) {
201bc4097aaSchristos case IPLT_NONE :
202bc4097aaSchristos fprintf(stderr, "unknown type '%s'\n", optarg);
203bc4097aaSchristos return -1;
204bc4097aaSchristos case IPLT_HASH :
205bc4097aaSchristos ptr = &hnode;
206bc4097aaSchristos break;
207bc4097aaSchristos case IPLT_POOL :
208bc4097aaSchristos default :
209bc4097aaSchristos break;
210bc4097aaSchristos }
211bc4097aaSchristos break;
212bc4097aaSchristos case 'T' :
213bc4097aaSchristos ttl = atoi(optarg);
214bc4097aaSchristos if (ttl < 0) {
215bc4097aaSchristos fprintf(stderr, "cannot set negative ttl\n");
216bc4097aaSchristos return -1;
217bc4097aaSchristos }
218bc4097aaSchristos break;
219bc4097aaSchristos case 'v' :
220bc4097aaSchristos opts |= OPT_VERBOSE;
221bc4097aaSchristos break;
222bc4097aaSchristos }
223bc4097aaSchristos
224bc4097aaSchristos if (argv[optind] != NULL && ipset == 0) {
225bc4097aaSchristos if (setnodeaddr(type, role, ptr, argv[optind]) == 0)
226bc4097aaSchristos ipset = 1;
227bc4097aaSchristos }
228bc4097aaSchristos
229bc4097aaSchristos if (opts & OPT_DEBUG)
230bc4097aaSchristos fprintf(stderr, "poolnodecommand: opts = %#x\n", opts);
231bc4097aaSchristos
232bc4097aaSchristos if (ipset == 0) {
233bc4097aaSchristos fprintf(stderr, "no IP address given with -i\n");
234bc4097aaSchristos return -1;
235bc4097aaSchristos }
236bc4097aaSchristos
237bc4097aaSchristos if (poolname == NULL) {
238bc4097aaSchristos fprintf(stderr, "poolname not given with add/remove node\n");
239bc4097aaSchristos return -1;
240bc4097aaSchristos }
241bc4097aaSchristos
242bc4097aaSchristos switch (type) {
243bc4097aaSchristos case IPLT_POOL :
244bc4097aaSchristos if (remove == 0)
245bc4097aaSchristos err = load_poolnode(role, poolname, &pnode, ttl, ioctl);
246bc4097aaSchristos else
247bc4097aaSchristos err = remove_poolnode(role, poolname, &pnode, ioctl);
248bc4097aaSchristos break;
249bc4097aaSchristos case IPLT_HASH :
250bc4097aaSchristos if (remove == 0)
251bc4097aaSchristos err = load_hashnode(role, poolname, &hnode, ttl, ioctl);
252bc4097aaSchristos else
253bc4097aaSchristos err = remove_hashnode(role, poolname, &hnode, ioctl);
254bc4097aaSchristos break;
255bc4097aaSchristos default :
256bc4097aaSchristos break;
257bc4097aaSchristos }
258bc4097aaSchristos return err;
259bc4097aaSchristos }
260bc4097aaSchristos
261bc4097aaSchristos
262bc4097aaSchristos int
poolcommand(remove,argc,argv)263bc4097aaSchristos poolcommand(remove, argc, argv)
264bc4097aaSchristos int remove, argc;
265bc4097aaSchristos char *argv[];
266bc4097aaSchristos {
267bc4097aaSchristos int type, role, c, err;
268bc4097aaSchristos char *poolname;
269bc4097aaSchristos iphtable_t iph;
270bc4097aaSchristos ip_pool_t pool;
271bc4097aaSchristos
272bc4097aaSchristos err = 1;
273bc4097aaSchristos role = 0;
274bc4097aaSchristos type = 0;
275bc4097aaSchristos poolname = NULL;
276bc4097aaSchristos role = IPL_LOGIPF;
277bc4097aaSchristos bzero((char *)&iph, sizeof(iph));
278bc4097aaSchristos bzero((char *)&pool, sizeof(pool));
279bc4097aaSchristos
280bc4097aaSchristos while ((c = getopt(argc, argv, "dm:no:RSv")) != -1)
281bc4097aaSchristos switch (c)
282bc4097aaSchristos {
283bc4097aaSchristos case 'd' :
284bc4097aaSchristos opts |= OPT_DEBUG;
285bc4097aaSchristos ippool_yydebug++;
286bc4097aaSchristos break;
287bc4097aaSchristos case 'm' :
288bc4097aaSchristos poolname = optarg;
289bc4097aaSchristos break;
290bc4097aaSchristos case 'n' :
291bc4097aaSchristos opts |= OPT_DONOTHING|OPT_DONTOPEN;
292bc4097aaSchristos break;
293bc4097aaSchristos case 'o' :
294bc4097aaSchristos role = getrole(optarg);
295bc4097aaSchristos if (role == IPL_LOGNONE) {
296bc4097aaSchristos fprintf(stderr, "unknown role '%s'\n", optarg);
297bc4097aaSchristos return -1;
298bc4097aaSchristos }
299bc4097aaSchristos break;
300bc4097aaSchristos case 'R' :
301bc4097aaSchristos opts |= OPT_NORESOLVE;
302bc4097aaSchristos break;
303bc4097aaSchristos case 'S' :
304bc4097aaSchristos iph.iph_seed = atoi(optarg);
305bc4097aaSchristos break;
306bc4097aaSchristos case 'v' :
307bc4097aaSchristos opts |= OPT_VERBOSE;
308bc4097aaSchristos break;
309bc4097aaSchristos }
310bc4097aaSchristos
311bc4097aaSchristos if (opts & OPT_DEBUG)
312bc4097aaSchristos fprintf(stderr, "poolcommand: opts = %#x\n", opts);
313bc4097aaSchristos
314bc4097aaSchristos if (poolname == NULL) {
315bc4097aaSchristos fprintf(stderr, "poolname not given with add/remove pool\n");
316bc4097aaSchristos return -1;
317bc4097aaSchristos }
318bc4097aaSchristos
319bc4097aaSchristos type = gettype(argv[optind], &iph.iph_type);
320bc4097aaSchristos if (type == IPLT_NONE) {
321bc4097aaSchristos fprintf(stderr, "unknown type '%s'\n", argv[optind]);
322bc4097aaSchristos return -1;
323bc4097aaSchristos }
324bc4097aaSchristos
325bc4097aaSchristos if (type == IPLT_HASH) {
326bc4097aaSchristos strncpy(iph.iph_name, poolname, sizeof(iph.iph_name));
327bc4097aaSchristos iph.iph_name[sizeof(iph.iph_name) - 1] = '\0';
328bc4097aaSchristos iph.iph_unit = role;
329bc4097aaSchristos } else if (type == IPLT_POOL) {
330bc4097aaSchristos strncpy(pool.ipo_name, poolname, sizeof(pool.ipo_name));
331bc4097aaSchristos pool.ipo_name[sizeof(pool.ipo_name) - 1] = '\0';
332bc4097aaSchristos pool.ipo_unit = role;
333bc4097aaSchristos }
334bc4097aaSchristos
335bc4097aaSchristos if (remove == 0) {
336bc4097aaSchristos switch (type)
337bc4097aaSchristos {
338bc4097aaSchristos case IPLT_HASH :
339bc4097aaSchristos err = load_hash(&iph, NULL, ioctl);
340bc4097aaSchristos break;
341bc4097aaSchristos case IPLT_POOL :
342bc4097aaSchristos err = load_pool(&pool, ioctl);
343bc4097aaSchristos break;
344bc4097aaSchristos }
345bc4097aaSchristos } else {
346bc4097aaSchristos switch (type)
347bc4097aaSchristos {
348bc4097aaSchristos case IPLT_HASH :
349bc4097aaSchristos err = remove_hash(&iph, ioctl);
350bc4097aaSchristos break;
351bc4097aaSchristos case IPLT_POOL :
352bc4097aaSchristos err = remove_pool(&pool, ioctl);
353bc4097aaSchristos break;
354bc4097aaSchristos }
355bc4097aaSchristos }
356bc4097aaSchristos return err;
357bc4097aaSchristos }
358bc4097aaSchristos
359bc4097aaSchristos
360bc4097aaSchristos int
loadpoolfile(argc,argv,infile)361bc4097aaSchristos loadpoolfile(argc, argv, infile)
362bc4097aaSchristos int argc;
363bc4097aaSchristos char *argv[], *infile;
364bc4097aaSchristos {
365bc4097aaSchristos int c;
366bc4097aaSchristos
367bc4097aaSchristos infile = optarg;
368bc4097aaSchristos
369bc4097aaSchristos while ((c = getopt(argc, argv, "dnRuv")) != -1)
370bc4097aaSchristos switch (c)
371bc4097aaSchristos {
372bc4097aaSchristos case 'd' :
373bc4097aaSchristos opts |= OPT_DEBUG;
374bc4097aaSchristos ippool_yydebug++;
375bc4097aaSchristos break;
376bc4097aaSchristos case 'n' :
377bc4097aaSchristos opts |= OPT_DONOTHING|OPT_DONTOPEN;
378bc4097aaSchristos break;
379bc4097aaSchristos case 'R' :
380bc4097aaSchristos opts |= OPT_NORESOLVE;
381bc4097aaSchristos break;
382bc4097aaSchristos case 'u' :
383bc4097aaSchristos opts |= OPT_REMOVE;
384bc4097aaSchristos break;
385bc4097aaSchristos case 'v' :
386bc4097aaSchristos opts |= OPT_VERBOSE;
387bc4097aaSchristos break;
388bc4097aaSchristos }
389bc4097aaSchristos
390bc4097aaSchristos if (opts & OPT_DEBUG)
391bc4097aaSchristos fprintf(stderr, "loadpoolfile: opts = %#x\n", opts);
392bc4097aaSchristos
393bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) {
394bc4097aaSchristos fd = open(IPLOOKUP_NAME, O_RDWR);
395bc4097aaSchristos if (fd == -1) {
396bc4097aaSchristos perror("open(IPLOOKUP_NAME)");
397bc4097aaSchristos exit(1);
398bc4097aaSchristos }
399bc4097aaSchristos }
400bc4097aaSchristos
401bc4097aaSchristos if (ippool_parsefile(fd, infile, ioctl) != 0)
402bc4097aaSchristos return -1;
403bc4097aaSchristos return 0;
404bc4097aaSchristos }
405bc4097aaSchristos
406bc4097aaSchristos
407bc4097aaSchristos int
poolstats(argc,argv)408bc4097aaSchristos poolstats(argc, argv)
409bc4097aaSchristos int argc;
410bc4097aaSchristos char *argv[];
411bc4097aaSchristos {
412*64a05fe8Schristos int c, type, role;
413bc4097aaSchristos ipf_pool_stat_t plstat;
414bc4097aaSchristos ipf_dstl_stat_t dlstat;
415bc4097aaSchristos iphtstat_t htstat;
416bc4097aaSchristos iplookupop_t op;
417bc4097aaSchristos
418bc4097aaSchristos type = IPLT_ALL;
419bc4097aaSchristos role = IPL_LOGALL;
420bc4097aaSchristos
421bc4097aaSchristos bzero((char *)&op, sizeof(op));
422bc4097aaSchristos
423bc4097aaSchristos while ((c = getopt(argc, argv, "dM:N:o:t:v")) != -1)
424bc4097aaSchristos switch (c)
425bc4097aaSchristos {
426bc4097aaSchristos case 'd' :
427bc4097aaSchristos opts |= OPT_DEBUG;
428bc4097aaSchristos break;
429bc4097aaSchristos case 'M' :
430bc4097aaSchristos break;
431bc4097aaSchristos case 'N' :
432bc4097aaSchristos break;
433bc4097aaSchristos case 'o' :
434bc4097aaSchristos role = getrole(optarg);
435bc4097aaSchristos if (role == IPL_LOGNONE) {
436bc4097aaSchristos fprintf(stderr, "unknown role '%s'\n", optarg);
437bc4097aaSchristos return -1;
438bc4097aaSchristos }
439bc4097aaSchristos break;
440bc4097aaSchristos case 't' :
441bc4097aaSchristos type = gettype(optarg, NULL);
442bc4097aaSchristos if (type != IPLT_POOL) {
443bc4097aaSchristos fprintf(stderr,
444bc4097aaSchristos "-s not supported for this type yet\n");
445bc4097aaSchristos return -1;
446bc4097aaSchristos }
447bc4097aaSchristos break;
448bc4097aaSchristos case 'v' :
449bc4097aaSchristos opts |= OPT_VERBOSE;
450bc4097aaSchristos break;
451bc4097aaSchristos }
452bc4097aaSchristos
453bc4097aaSchristos if (opts & OPT_DEBUG)
454bc4097aaSchristos fprintf(stderr, "poolstats: opts = %#x\n", opts);
455bc4097aaSchristos
456bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) {
457bc4097aaSchristos fd = open(IPLOOKUP_NAME, O_RDWR);
458bc4097aaSchristos if (fd == -1) {
459bc4097aaSchristos perror("open(IPLOOKUP_NAME)");
460bc4097aaSchristos exit(1);
461bc4097aaSchristos }
462bc4097aaSchristos }
463bc4097aaSchristos
464bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_POOL) {
465bc4097aaSchristos op.iplo_type = IPLT_POOL;
466bc4097aaSchristos op.iplo_struct = &plstat;
467bc4097aaSchristos op.iplo_size = sizeof(plstat);
468bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) {
469bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
470bc4097aaSchristos if (c == -1) {
471bc4097aaSchristos ipferror(fd, "ioctl(S0IOCLOOKUPSTAT)");
472bc4097aaSchristos return -1;
473bc4097aaSchristos }
474bc4097aaSchristos printf("%lu\taddress pools\n", plstat.ipls_pools);
475bc4097aaSchristos printf("%lu\taddress pool nodes\n", plstat.ipls_nodes);
476bc4097aaSchristos }
477bc4097aaSchristos }
478bc4097aaSchristos
479bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_HASH) {
480bc4097aaSchristos op.iplo_type = IPLT_HASH;
481bc4097aaSchristos op.iplo_struct = &htstat;
482bc4097aaSchristos op.iplo_size = sizeof(htstat);
483bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) {
484bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
485bc4097aaSchristos if (c == -1) {
486bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
487bc4097aaSchristos return -1;
488bc4097aaSchristos }
489bc4097aaSchristos printf("%lu\thash tables\n", htstat.iphs_numtables);
490bc4097aaSchristos printf("%lu\thash table nodes\n", htstat.iphs_numnodes);
491bc4097aaSchristos printf("%lu\thash table no memory \n",
492bc4097aaSchristos htstat.iphs_nomem);
493bc4097aaSchristos }
494bc4097aaSchristos }
495bc4097aaSchristos
496bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_DSTLIST) {
497bc4097aaSchristos op.iplo_type = IPLT_DSTLIST;
498bc4097aaSchristos op.iplo_struct = &dlstat;
499bc4097aaSchristos op.iplo_size = sizeof(dlstat);
500bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) {
501bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
502bc4097aaSchristos if (c == -1) {
503bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
504bc4097aaSchristos return -1;
505bc4097aaSchristos }
506bc4097aaSchristos printf("%u\tdestination lists\n",
507bc4097aaSchristos dlstat.ipls_numlists);
508bc4097aaSchristos printf("%u\tdestination list nodes\n",
509bc4097aaSchristos dlstat.ipls_numnodes);
510bc4097aaSchristos printf("%lu\tdestination list no memory\n",
511bc4097aaSchristos dlstat.ipls_nomem);
512bc4097aaSchristos printf("%u\tdestination list zombies\n",
513bc4097aaSchristos dlstat.ipls_numdereflists);
514bc4097aaSchristos printf("%u\tdesetination list node zombies\n",
515bc4097aaSchristos dlstat.ipls_numderefnodes);
516bc4097aaSchristos }
517bc4097aaSchristos }
518bc4097aaSchristos return 0;
519bc4097aaSchristos }
520bc4097aaSchristos
521bc4097aaSchristos
522bc4097aaSchristos int
poolflush(argc,argv)523bc4097aaSchristos poolflush(argc, argv)
524bc4097aaSchristos int argc;
525bc4097aaSchristos char *argv[];
526bc4097aaSchristos {
527bc4097aaSchristos int c, role, type, arg;
528bc4097aaSchristos iplookupflush_t flush;
529bc4097aaSchristos
530bc4097aaSchristos arg = IPLT_ALL;
531bc4097aaSchristos type = IPLT_ALL;
532bc4097aaSchristos role = IPL_LOGALL;
533bc4097aaSchristos
534bc4097aaSchristos while ((c = getopt(argc, argv, "do:t:v")) != -1)
535bc4097aaSchristos switch (c)
536bc4097aaSchristos {
537bc4097aaSchristos case 'd' :
538bc4097aaSchristos opts |= OPT_DEBUG;
539bc4097aaSchristos break;
540bc4097aaSchristos case 'o' :
541bc4097aaSchristos role = getrole(optarg);
542bc4097aaSchristos if (role == IPL_LOGNONE) {
543bc4097aaSchristos fprintf(stderr, "unknown role '%s'\n", optarg);
544bc4097aaSchristos return -1;
545bc4097aaSchristos }
546bc4097aaSchristos break;
547bc4097aaSchristos case 't' :
548bc4097aaSchristos type = gettype(optarg, NULL);
549bc4097aaSchristos if (type == IPLT_NONE) {
550bc4097aaSchristos fprintf(stderr, "unknown type '%s'\n", optarg);
551bc4097aaSchristos return -1;
552bc4097aaSchristos }
553bc4097aaSchristos break;
554bc4097aaSchristos case 'v' :
555bc4097aaSchristos opts |= OPT_VERBOSE;
556bc4097aaSchristos break;
557bc4097aaSchristos }
558bc4097aaSchristos
559bc4097aaSchristos if (opts & OPT_DEBUG)
560bc4097aaSchristos fprintf(stderr, "poolflush: opts = %#x\n", opts);
561bc4097aaSchristos
562bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) {
563bc4097aaSchristos fd = open(IPLOOKUP_NAME, O_RDWR);
564bc4097aaSchristos if (fd == -1) {
565bc4097aaSchristos perror("open(IPLOOKUP_NAME)");
566bc4097aaSchristos exit(1);
567bc4097aaSchristos }
568bc4097aaSchristos }
569bc4097aaSchristos
570bc4097aaSchristos bzero((char *)&flush, sizeof(flush));
571bc4097aaSchristos flush.iplf_type = type;
572bc4097aaSchristos flush.iplf_unit = role;
573bc4097aaSchristos flush.iplf_arg = arg;
574bc4097aaSchristos
575bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN))) {
576bc4097aaSchristos if (ioctl(fd, SIOCLOOKUPFLUSH, &flush) == -1) {
577bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPFLUSH)");
578bc4097aaSchristos exit(1);
579bc4097aaSchristos }
580bc4097aaSchristos
581bc4097aaSchristos }
582bc4097aaSchristos printf("%u object%s flushed\n", flush.iplf_count,
583bc4097aaSchristos (flush.iplf_count == 1) ? "" : "s");
584bc4097aaSchristos
585bc4097aaSchristos return 0;
586bc4097aaSchristos }
587bc4097aaSchristos
588bc4097aaSchristos
589bc4097aaSchristos int
getrole(rolename)590bc4097aaSchristos getrole(rolename)
591bc4097aaSchristos char *rolename;
592bc4097aaSchristos {
593bc4097aaSchristos int role;
594bc4097aaSchristos
595bc4097aaSchristos if (!strcasecmp(rolename, "ipf")) {
596bc4097aaSchristos role = IPL_LOGIPF;
597bc4097aaSchristos #if 0
598bc4097aaSchristos } else if (!strcasecmp(rolename, "nat")) {
599bc4097aaSchristos role = IPL_LOGNAT;
600bc4097aaSchristos } else if (!strcasecmp(rolename, "state")) {
601bc4097aaSchristos role = IPL_LOGSTATE;
602bc4097aaSchristos } else if (!strcasecmp(rolename, "auth")) {
603bc4097aaSchristos role = IPL_LOGAUTH;
604bc4097aaSchristos } else if (!strcasecmp(rolename, "sync")) {
605bc4097aaSchristos role = IPL_LOGSYNC;
606bc4097aaSchristos } else if (!strcasecmp(rolename, "scan")) {
607bc4097aaSchristos role = IPL_LOGSCAN;
608bc4097aaSchristos } else if (!strcasecmp(rolename, "pool")) {
609bc4097aaSchristos role = IPL_LOGLOOKUP;
610bc4097aaSchristos } else if (!strcasecmp(rolename, "count")) {
611bc4097aaSchristos role = IPL_LOGCOUNT;
612bc4097aaSchristos #endif
613bc4097aaSchristos } else {
614bc4097aaSchristos role = IPL_LOGNONE;
615bc4097aaSchristos }
616bc4097aaSchristos
617bc4097aaSchristos return role;
618bc4097aaSchristos }
619bc4097aaSchristos
620bc4097aaSchristos
621bc4097aaSchristos int
gettype(typename,minor)622bc4097aaSchristos gettype(typename, minor)
623bc4097aaSchristos char *typename;
624bc4097aaSchristos u_int *minor;
625bc4097aaSchristos {
626bc4097aaSchristos int type;
627bc4097aaSchristos
628bc4097aaSchristos if (!strcasecmp(typename, "tree") || !strcasecmp(typename, "pool")) {
629bc4097aaSchristos type = IPLT_POOL;
630bc4097aaSchristos } else if (!strcasecmp(typename, "hash")) {
631bc4097aaSchristos type = IPLT_HASH;
632bc4097aaSchristos if (minor != NULL)
633bc4097aaSchristos *minor = IPHASH_LOOKUP;
634bc4097aaSchristos } else if (!strcasecmp(typename, "group-map")) {
635bc4097aaSchristos type = IPLT_HASH;
636bc4097aaSchristos if (minor != NULL)
637bc4097aaSchristos *minor = IPHASH_GROUPMAP;
638bc4097aaSchristos } else {
639bc4097aaSchristos type = IPLT_NONE;
640bc4097aaSchristos }
641bc4097aaSchristos return type;
642bc4097aaSchristos }
643bc4097aaSchristos
644bc4097aaSchristos
645bc4097aaSchristos int
poollist(argc,argv)646bc4097aaSchristos poollist(argc, argv)
647bc4097aaSchristos int argc;
648bc4097aaSchristos char *argv[];
649bc4097aaSchristos {
650bc4097aaSchristos char *kernel, *core, *poolname;
651bc4097aaSchristos int c, role, type, live_kernel;
652bc4097aaSchristos iplookupop_t op;
653bc4097aaSchristos
654bc4097aaSchristos core = NULL;
655bc4097aaSchristos kernel = NULL;
656bc4097aaSchristos live_kernel = 1;
657bc4097aaSchristos type = IPLT_ALL;
658bc4097aaSchristos poolname = NULL;
659bc4097aaSchristos role = IPL_LOGALL;
660bc4097aaSchristos
661bc4097aaSchristos while ((c = getopt(argc, argv, "dm:M:N:o:Rt:v")) != -1)
662bc4097aaSchristos switch (c)
663bc4097aaSchristos {
664bc4097aaSchristos case 'd' :
665bc4097aaSchristos opts |= OPT_DEBUG;
666bc4097aaSchristos break;
667bc4097aaSchristos case 'm' :
668bc4097aaSchristos poolname = optarg;
669bc4097aaSchristos break;
670bc4097aaSchristos case 'M' :
671bc4097aaSchristos live_kernel = 0;
672bc4097aaSchristos core = optarg;
673bc4097aaSchristos break;
674bc4097aaSchristos case 'N' :
675bc4097aaSchristos live_kernel = 0;
676bc4097aaSchristos kernel = optarg;
677bc4097aaSchristos break;
678bc4097aaSchristos case 'o' :
679bc4097aaSchristos role = getrole(optarg);
680bc4097aaSchristos if (role == IPL_LOGNONE) {
681bc4097aaSchristos fprintf(stderr, "unknown role '%s'\n", optarg);
682bc4097aaSchristos return -1;
683bc4097aaSchristos }
684bc4097aaSchristos break;
685bc4097aaSchristos case 'O' :
686bc4097aaSchristos pool_fields = parsefields(poolfields, optarg);
687bc4097aaSchristos break;
688bc4097aaSchristos case 'R' :
689bc4097aaSchristos opts |= OPT_NORESOLVE;
690bc4097aaSchristos break;
691bc4097aaSchristos case 't' :
692bc4097aaSchristos type = gettype(optarg, NULL);
693bc4097aaSchristos if (type == IPLT_NONE) {
694bc4097aaSchristos fprintf(stderr, "unknown type '%s'\n", optarg);
695bc4097aaSchristos return -1;
696bc4097aaSchristos }
697bc4097aaSchristos break;
698bc4097aaSchristos case 'v' :
699bc4097aaSchristos opts |= OPT_VERBOSE;
700bc4097aaSchristos break;
701bc4097aaSchristos }
702bc4097aaSchristos
703bc4097aaSchristos if (opts & OPT_DEBUG)
704bc4097aaSchristos fprintf(stderr, "poollist: opts = %#x\n", opts);
705bc4097aaSchristos
706bc4097aaSchristos if (!(opts & (OPT_DONOTHING|OPT_DONTOPEN)) && (fd == -1)) {
707bc4097aaSchristos fd = open(IPLOOKUP_NAME, O_RDWR);
708bc4097aaSchristos if (fd == -1) {
709bc4097aaSchristos perror("open(IPLOOKUP_NAME)");
710bc4097aaSchristos exit(1);
711bc4097aaSchristos }
712bc4097aaSchristos }
713bc4097aaSchristos
714bc4097aaSchristos bzero((char *)&op, sizeof(op));
715bc4097aaSchristos if (poolname != NULL) {
716bc4097aaSchristos strncpy(op.iplo_name, poolname, sizeof(op.iplo_name));
717bc4097aaSchristos op.iplo_name[sizeof(op.iplo_name) - 1] = '\0';
718bc4097aaSchristos }
719bc4097aaSchristos op.iplo_unit = role;
720bc4097aaSchristos
721bc4097aaSchristos if (live_kernel)
722bc4097aaSchristos poollist_live(role, poolname, type, fd);
723bc4097aaSchristos else
724bc4097aaSchristos poollist_dead(role, poolname, type, kernel, core);
725bc4097aaSchristos return 0;
726bc4097aaSchristos }
727bc4097aaSchristos
728bc4097aaSchristos
729bc4097aaSchristos void
poollist_dead(role,poolname,type,kernel,core)730bc4097aaSchristos poollist_dead(role, poolname, type, kernel, core)
731bc4097aaSchristos int role, type;
732bc4097aaSchristos char *poolname, *kernel, *core;
733bc4097aaSchristos {
734bc4097aaSchristos iphtable_t *hptr;
735bc4097aaSchristos ip_pool_t *ptr;
736bc4097aaSchristos
737bc4097aaSchristos if (openkmem(kernel, core) == -1)
738bc4097aaSchristos exit(-1);
739bc4097aaSchristos
740bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_POOL) {
741bc4097aaSchristos ip_pool_t *pools[IPL_LOGSIZE];
742bc4097aaSchristos struct nlist names[2] = { { "ip_pool_list" } , { "" } };
743bc4097aaSchristos
744bc4097aaSchristos if (nlist(kernel, names) != 1)
745bc4097aaSchristos return;
746bc4097aaSchristos
747bc4097aaSchristos bzero(&pools, sizeof(pools));
748bc4097aaSchristos if (kmemcpy((char *)&pools, names[0].n_value, sizeof(pools)))
749bc4097aaSchristos return;
750bc4097aaSchristos
751bc4097aaSchristos if (role != IPL_LOGALL) {
752bc4097aaSchristos ptr = pools[role];
753bc4097aaSchristos while (ptr != NULL) {
754bc4097aaSchristos ptr = printpool(ptr, kmemcpywrap, poolname,
755bc4097aaSchristos opts, pool_fields);
756bc4097aaSchristos }
757bc4097aaSchristos } else {
758bc4097aaSchristos for (role = 0; role <= IPL_LOGMAX; role++) {
759bc4097aaSchristos ptr = pools[role];
760bc4097aaSchristos while (ptr != NULL) {
761bc4097aaSchristos ptr = printpool(ptr, kmemcpywrap,
762bc4097aaSchristos poolname, opts,
763bc4097aaSchristos pool_fields);
764bc4097aaSchristos }
765bc4097aaSchristos }
766bc4097aaSchristos role = IPL_LOGALL;
767bc4097aaSchristos }
768bc4097aaSchristos }
769bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_HASH) {
770bc4097aaSchristos iphtable_t *tables[IPL_LOGSIZE];
771bc4097aaSchristos struct nlist names[2] = { { "ipf_htables" } , { "" } };
772bc4097aaSchristos
773bc4097aaSchristos if (nlist(kernel, names) != 1)
774bc4097aaSchristos return;
775bc4097aaSchristos
776bc4097aaSchristos bzero(&tables, sizeof(tables));
777bc4097aaSchristos if (kmemcpy((char *)&tables, names[0].n_value, sizeof(tables)))
778bc4097aaSchristos return;
779bc4097aaSchristos
780bc4097aaSchristos if (role != IPL_LOGALL) {
781bc4097aaSchristos hptr = tables[role];
782bc4097aaSchristos while (hptr != NULL) {
783bc4097aaSchristos hptr = printhash(hptr, kmemcpywrap,
784bc4097aaSchristos poolname, opts, pool_fields);
785bc4097aaSchristos }
786bc4097aaSchristos } else {
787bc4097aaSchristos for (role = 0; role <= IPL_LOGMAX; role++) {
788bc4097aaSchristos hptr = tables[role];
789bc4097aaSchristos while (hptr != NULL) {
790bc4097aaSchristos hptr = printhash(hptr, kmemcpywrap,
791bc4097aaSchristos poolname, opts,
792bc4097aaSchristos pool_fields);
793bc4097aaSchristos }
794bc4097aaSchristos }
795bc4097aaSchristos }
796bc4097aaSchristos }
797bc4097aaSchristos }
798bc4097aaSchristos
799bc4097aaSchristos
800bc4097aaSchristos void
poollist_live(role,poolname,type,fd)801bc4097aaSchristos poollist_live(role, poolname, type, fd)
802bc4097aaSchristos int role, type, fd;
803bc4097aaSchristos char *poolname;
804bc4097aaSchristos {
805bc4097aaSchristos ipf_pool_stat_t plstat;
806bc4097aaSchristos iplookupop_t op;
807fe7112e3Schristos int unit;
808bc4097aaSchristos int c;
809bc4097aaSchristos
810bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_POOL) {
811bc4097aaSchristos op.iplo_type = IPLT_POOL;
812bc4097aaSchristos op.iplo_size = sizeof(plstat);
813bc4097aaSchristos op.iplo_struct = &plstat;
814bc4097aaSchristos op.iplo_name[0] = '\0';
815bc4097aaSchristos op.iplo_arg = 0;
816bc4097aaSchristos
817bc4097aaSchristos if (role != IPL_LOGALL) {
818bc4097aaSchristos op.iplo_unit = role;
819bc4097aaSchristos
820bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
821bc4097aaSchristos if (c == -1) {
822bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
823bc4097aaSchristos return;
824bc4097aaSchristos }
825bc4097aaSchristos
826bc4097aaSchristos showpools_live(fd, role, &plstat, poolname);
827bc4097aaSchristos } else {
828fe7112e3Schristos for (unit = -1; unit <= IPL_LOGMAX; unit++) {
829fe7112e3Schristos op.iplo_unit = unit;
830bc4097aaSchristos
831bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
832bc4097aaSchristos if (c == -1) {
833bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
834bc4097aaSchristos return;
835bc4097aaSchristos }
836bc4097aaSchristos
837fe7112e3Schristos showpools_live(fd, unit, &plstat, poolname);
838bc4097aaSchristos }
839bc4097aaSchristos }
840bc4097aaSchristos }
841bc4097aaSchristos
842bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_HASH) {
843bc4097aaSchristos iphtstat_t htstat;
844bc4097aaSchristos
845bc4097aaSchristos op.iplo_type = IPLT_HASH;
846bc4097aaSchristos op.iplo_size = sizeof(htstat);
847bc4097aaSchristos op.iplo_struct = &htstat;
848bc4097aaSchristos op.iplo_name[0] = '\0';
849bc4097aaSchristos op.iplo_arg = 0;
850bc4097aaSchristos
851bc4097aaSchristos if (role != IPL_LOGALL) {
852bc4097aaSchristos op.iplo_unit = role;
853bc4097aaSchristos
854bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
855bc4097aaSchristos if (c == -1) {
856bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
857bc4097aaSchristos return;
858bc4097aaSchristos }
859bc4097aaSchristos showhashs_live(fd, role, &htstat, poolname);
860bc4097aaSchristos } else {
861fe7112e3Schristos for (unit = 0; unit <= IPL_LOGMAX; unit++) {
862bc4097aaSchristos
863fe7112e3Schristos op.iplo_unit = unit;
864bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
865bc4097aaSchristos if (c == -1) {
866bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
867bc4097aaSchristos return;
868bc4097aaSchristos }
869bc4097aaSchristos
870fe7112e3Schristos showhashs_live(fd, unit, &htstat, poolname);
871bc4097aaSchristos }
872bc4097aaSchristos }
873bc4097aaSchristos }
874bc4097aaSchristos
875bc4097aaSchristos if (type == IPLT_ALL || type == IPLT_DSTLIST) {
876bc4097aaSchristos ipf_dstl_stat_t dlstat;
877bc4097aaSchristos
878bc4097aaSchristos op.iplo_type = IPLT_DSTLIST;
879bc4097aaSchristos op.iplo_size = sizeof(dlstat);
880bc4097aaSchristos op.iplo_struct = &dlstat;
881bc4097aaSchristos op.iplo_name[0] = '\0';
882bc4097aaSchristos op.iplo_arg = 0;
883bc4097aaSchristos
884bc4097aaSchristos if (role != IPL_LOGALL) {
885bc4097aaSchristos op.iplo_unit = role;
886bc4097aaSchristos
887bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
888bc4097aaSchristos if (c == -1) {
889bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
890bc4097aaSchristos return;
891bc4097aaSchristos }
892bc4097aaSchristos showdstls_live(fd, role, &dlstat, poolname);
893bc4097aaSchristos } else {
894fe7112e3Schristos for (unit = 0; unit <= IPL_LOGMAX; unit++) {
895bc4097aaSchristos
896fe7112e3Schristos op.iplo_unit = unit;
897bc4097aaSchristos c = ioctl(fd, SIOCLOOKUPSTAT, &op);
898bc4097aaSchristos if (c == -1) {
899bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPSTAT)");
900bc4097aaSchristos return;
901bc4097aaSchristos }
902bc4097aaSchristos
903fe7112e3Schristos showdstls_live(fd, unit, &dlstat, poolname);
904bc4097aaSchristos }
905bc4097aaSchristos }
906bc4097aaSchristos }
907bc4097aaSchristos }
908bc4097aaSchristos
909bc4097aaSchristos
910bc4097aaSchristos void
showpools_live(fd,role,plstp,poolname)911bc4097aaSchristos showpools_live(fd, role, plstp, poolname)
912bc4097aaSchristos int fd, role;
913bc4097aaSchristos ipf_pool_stat_t *plstp;
914bc4097aaSchristos char *poolname;
915bc4097aaSchristos {
916bc4097aaSchristos ipflookupiter_t iter;
917bc4097aaSchristos ip_pool_t pool;
918bc4097aaSchristos ipfobj_t obj;
919bc4097aaSchristos
920bc4097aaSchristos obj.ipfo_rev = IPFILTER_VERSION;
921bc4097aaSchristos obj.ipfo_type = IPFOBJ_LOOKUPITER;
922bc4097aaSchristos obj.ipfo_size = sizeof(iter);
923bc4097aaSchristos obj.ipfo_ptr = &iter;
924bc4097aaSchristos
925bc4097aaSchristos iter.ili_type = IPLT_POOL;
926bc4097aaSchristos iter.ili_otype = IPFLOOKUPITER_LIST;
927bc4097aaSchristos iter.ili_ival = IPFGENITER_LOOKUP;
928bc4097aaSchristos iter.ili_nitems = 1;
929bc4097aaSchristos iter.ili_data = &pool;
930bc4097aaSchristos iter.ili_unit = role;
931bc4097aaSchristos *iter.ili_name = '\0';
932bc4097aaSchristos
933bc4097aaSchristos bzero((char *)&pool, sizeof(pool));
934bc4097aaSchristos
935bc4097aaSchristos while (plstp->ipls_list[role + 1] != NULL) {
936bc4097aaSchristos if (ioctl(fd, SIOCLOOKUPITER, &obj)) {
937bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPITER)");
938bc4097aaSchristos break;
939bc4097aaSchristos }
94013885a66Sdarrenr if (((pool.ipo_flags & IPOOL_DELETE) == 0) ||
94113885a66Sdarrenr ((opts & OPT_DEBUG) != 0))
942bc4097aaSchristos printpool_live(&pool, fd, poolname, opts, pool_fields);
943bc4097aaSchristos
944bc4097aaSchristos plstp->ipls_list[role + 1] = pool.ipo_next;
945bc4097aaSchristos }
946bc4097aaSchristos }
947bc4097aaSchristos
948bc4097aaSchristos
949bc4097aaSchristos void
showhashs_live(fd,role,htstp,poolname)950bc4097aaSchristos showhashs_live(fd, role, htstp, poolname)
951bc4097aaSchristos int fd, role;
952bc4097aaSchristos iphtstat_t *htstp;
953bc4097aaSchristos char *poolname;
954bc4097aaSchristos {
955bc4097aaSchristos ipflookupiter_t iter;
956bc4097aaSchristos iphtable_t table;
957bc4097aaSchristos ipfobj_t obj;
958bc4097aaSchristos
959bc4097aaSchristos obj.ipfo_rev = IPFILTER_VERSION;
960bc4097aaSchristos obj.ipfo_type = IPFOBJ_LOOKUPITER;
961bc4097aaSchristos obj.ipfo_size = sizeof(iter);
962bc4097aaSchristos obj.ipfo_ptr = &iter;
963bc4097aaSchristos
964bc4097aaSchristos iter.ili_type = IPLT_HASH;
965bc4097aaSchristos iter.ili_otype = IPFLOOKUPITER_LIST;
966bc4097aaSchristos iter.ili_ival = IPFGENITER_LOOKUP;
967bc4097aaSchristos iter.ili_nitems = 1;
968bc4097aaSchristos iter.ili_data = &table;
969bc4097aaSchristos iter.ili_unit = role;
970bc4097aaSchristos *iter.ili_name = '\0';
971bc4097aaSchristos
972bc4097aaSchristos while (htstp->iphs_tables != NULL) {
973bc4097aaSchristos if (ioctl(fd, SIOCLOOKUPITER, &obj)) {
974bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPITER)");
975bc4097aaSchristos break;
976bc4097aaSchristos }
977bc4097aaSchristos
978bc4097aaSchristos printhash_live(&table, fd, poolname, opts, pool_fields);
979bc4097aaSchristos
980bc4097aaSchristos htstp->iphs_tables = table.iph_next;
981bc4097aaSchristos }
982bc4097aaSchristos }
983bc4097aaSchristos
984bc4097aaSchristos
985bc4097aaSchristos void
showdstls_live(fd,role,dlstp,poolname)986bc4097aaSchristos showdstls_live(fd, role, dlstp, poolname)
987bc4097aaSchristos int fd, role;
988bc4097aaSchristos ipf_dstl_stat_t *dlstp;
989bc4097aaSchristos char *poolname;
990bc4097aaSchristos {
991bc4097aaSchristos ipflookupiter_t iter;
992bc4097aaSchristos ippool_dst_t table;
993bc4097aaSchristos ipfobj_t obj;
994bc4097aaSchristos
995bc4097aaSchristos obj.ipfo_rev = IPFILTER_VERSION;
996bc4097aaSchristos obj.ipfo_type = IPFOBJ_LOOKUPITER;
997bc4097aaSchristos obj.ipfo_size = sizeof(iter);
998bc4097aaSchristos obj.ipfo_ptr = &iter;
999bc4097aaSchristos
1000bc4097aaSchristos iter.ili_type = IPLT_DSTLIST;
1001bc4097aaSchristos iter.ili_otype = IPFLOOKUPITER_LIST;
1002bc4097aaSchristos iter.ili_ival = IPFGENITER_LOOKUP;
1003bc4097aaSchristos iter.ili_nitems = 1;
1004bc4097aaSchristos iter.ili_data = &table;
1005bc4097aaSchristos iter.ili_unit = role;
1006bc4097aaSchristos *iter.ili_name = '\0';
1007bc4097aaSchristos
1008bc4097aaSchristos while (dlstp->ipls_list[role] != NULL) {
1009bc4097aaSchristos if (ioctl(fd, SIOCLOOKUPITER, &obj)) {
1010bc4097aaSchristos ipferror(fd, "ioctl(SIOCLOOKUPITER)");
1011bc4097aaSchristos break;
1012bc4097aaSchristos }
1013bc4097aaSchristos
1014bc4097aaSchristos printdstl_live(&table, fd, poolname, opts, pool_fields);
1015bc4097aaSchristos
1016bc4097aaSchristos dlstp->ipls_list[role] = table.ipld_next;
1017bc4097aaSchristos }
1018bc4097aaSchristos }
1019bc4097aaSchristos
1020bc4097aaSchristos
1021bc4097aaSchristos int
setnodeaddr(int type,int role,void * ptr,char * arg)1022bc4097aaSchristos setnodeaddr(int type, int role, void *ptr, char *arg)
1023bc4097aaSchristos {
1024bc4097aaSchristos struct in_addr mask;
1025bc4097aaSchristos char *s;
1026bc4097aaSchristos
1027bc4097aaSchristos s = strchr(arg, '/');
1028bc4097aaSchristos if (s == NULL)
1029bc4097aaSchristos mask.s_addr = 0xffffffff;
1030bc4097aaSchristos else if (strchr(s, '.') == NULL) {
1031bc4097aaSchristos if (ntomask(AF_INET, atoi(s + 1), &mask.s_addr) != 0)
1032bc4097aaSchristos return -1;
1033bc4097aaSchristos } else {
1034bc4097aaSchristos mask.s_addr = inet_addr(s + 1);
1035bc4097aaSchristos }
1036bc4097aaSchristos if (s != NULL)
1037bc4097aaSchristos *s = '\0';
1038bc4097aaSchristos
1039bc4097aaSchristos if (type == IPLT_POOL) {
1040bc4097aaSchristos ip_pool_node_t *node = ptr;
1041bc4097aaSchristos
104213885a66Sdarrenr if (node->ipn_addr.adf_family == AF_INET)
104313885a66Sdarrenr node->ipn_addr.adf_len = offsetof(addrfamily_t,
104413885a66Sdarrenr adf_addr) +
104513885a66Sdarrenr sizeof(struct in_addr);
104613885a66Sdarrenr #ifdef USE_INET6
104713885a66Sdarrenr else
104813885a66Sdarrenr node->ipn_addr.adf_len = offsetof(addrfamily_t,
104913885a66Sdarrenr adf_addr) +
105013885a66Sdarrenr sizeof(struct in6_addr);
105113885a66Sdarrenr #endif
1052bc4097aaSchristos node->ipn_addr.adf_addr.in4.s_addr = inet_addr(arg);
105313885a66Sdarrenr node->ipn_mask.adf_len = node->ipn_addr.adf_len;
1054bc4097aaSchristos node->ipn_mask.adf_addr.in4.s_addr = mask.s_addr;
1055bc4097aaSchristos } else if (type == IPLT_HASH) {
1056bc4097aaSchristos iphtent_t *node = ptr;
1057bc4097aaSchristos
1058bc4097aaSchristos node->ipe_addr.in4.s_addr = inet_addr(arg);
1059bc4097aaSchristos node->ipe_mask.in4.s_addr = mask.s_addr;
1060bc4097aaSchristos node->ipe_family = AF_INET;
1061bc4097aaSchristos node->ipe_unit = role;
1062bc4097aaSchristos }
1063bc4097aaSchristos
1064bc4097aaSchristos return 0;
1065bc4097aaSchristos }
1066