Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/dist/ipf Pull up revisions 1.12-1.13 (requested by mart...
details: https://anonhg.NetBSD.org/src/rev/3f616cf755d7
branches: netbsd-1-5
changeset: 492680:3f616cf755d7
user: he <he%NetBSD.org@localhost>
date: Sat Feb 09 16:55:38 2002 +0000
description:
Pull up revisions 1.12-1.13 (requested by martti):
Updated IPFilter to 3.4.23
diffstat:
dist/ipf/fils.c | 841 ++++++++++++++++++++++++++++++++++++-------------------
1 files changed, 549 insertions(+), 292 deletions(-)
diffs (truncated from 1160 to 300 lines):
diff -r 6971f4abcc49 -r 3f616cf755d7 dist/ipf/fils.c
--- a/dist/ipf/fils.c Sat Feb 09 16:55:32 2002 +0000
+++ b/dist/ipf/fils.c Sat Feb 09 16:55:38 2002 +0000
@@ -1,14 +1,18 @@
-/* $NetBSD: fils.c,v 1.9.4.2 2001/07/29 19:29:18 he Exp $ */
+/* $NetBSD: fils.c,v 1.9.4.3 2002/02/09 16:55:38 he Exp $ */
/*
- * Copyright (C) 1993-2000 by Darren Reed.
+ * Copyright (C) 1993-2001 by Darren Reed.
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*/
-#ifdef __FreeBSD__
-# include <osreldate.h>
+#ifdef __FreeBSD__
+# ifndef __FreeBSD_cc_version
+# include <osreldate.h>
+# else
+# if __FreeBSD_cc_version < 430000
+# include <osreldate.h>
+# endif
+# endif
#endif
#include <stdio.h>
#include <string.h>
@@ -19,22 +23,30 @@
#include <sys/time.h>
#include <sys/param.h>
#include <sys/file.h>
-#if defined(STATETOP) && defined(sun) && !defined(__svr4__) && !defined(__SVR4)
-#include <sys/select.h>
+#if defined(STATETOP)
+# if defined(_BSDI_VERSION)
+# undef STATETOP)
+# endif
+# if defined(__FreeBSD__) && \
+ (!defined(__FreeBSD_version) || (__FreeBSD_version < 430000))
+# undef STATETOP
+# endif
+# if defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105000000)
+# undef STATETOP
+# endif
+# if defined(sun)
+# if defined(__svr4__) || defined(__SVR4)
+# include <sys/select.h>
+# else
+# undef STATETOP /* NOT supported on SunOS4 */
+# endif
+# endif
#endif
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <stddef.h>
#include <nlist.h>
-#ifdef STATETOP
-#include <ctype.h>
-#ifndef __NetBSD__
-#include <ncurses.h>
-#else
-#include <curses.h>
-#endif
-#endif
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <netinet/in.h>
@@ -56,14 +68,24 @@
#include "netinet/ip_compat.h"
#include "netinet/ip_fil.h"
#include "ipf.h"
-#include "netinet/ip_proxy.h"
#include "netinet/ip_nat.h"
#include "netinet/ip_frag.h"
#include "netinet/ip_state.h"
+#include "netinet/ip_proxy.h"
#include "netinet/ip_auth.h"
#ifdef STATETOP
-#include "netinet/ipl.h"
-#endif
+# include "netinet/ipl.h"
+# include <ctype.h>
+# if SOLARIS || defined(__NetBSD__) || defined(_BSDI_VERSION) || \
+ defined(__sgi)
+# ifdef ERR
+# undef ERR
+# endif
+# include <curses.h>
+# else /* SOLARIS */
+# include <ncurses.h>
+# endif /* SOLARIS */
+#endif /* STATETOP */
#include "kmem.h"
#if defined(__NetBSD__) || (__OpenBSD__)
# include <paths.h>
@@ -71,10 +93,11 @@
#if !defined(lint)
static const char sccsid[] = "@(#)fils.c 1.21 4/20/96 (C) 1993-2000 Darren Reed";
-static const char rcsid[] = "@(#)Id: fils.c,v 2.21.2.5 2000/07/20 14:13:30 darrenr Exp";
+static const char rcsid[] = "@(#)Id: fils.c,v 2.21.2.33 2002/01/13 04:58:10 darrenr Exp";
#endif
extern char *optarg;
+extern int optind;
#define PRINTF (void)printf
#define FPRINTF (void)fprintf
@@ -85,19 +108,21 @@
"ipacct(in)", "ipacct(out)" };
int opts = 0;
-#ifdef USE_INET6
int use_inet6 = 0;
-#endif
+int live_kernel = 1;
#ifdef STATETOP
#define STSTRSIZE 80
#define STGROWSIZE 16
+#define HOSTNMLEN 40
#define STSORT_PR 0
#define STSORT_PKTS 1
#define STSORT_BYTES 2
#define STSORT_TTL 3
-#define STSORT_MAX STSORT_TTL
+#define STSORT_SRCIP 4
+#define STSORT_DSTIP 5
+#define STSORT_MAX STSORT_DSTIP
#define STSORT_DEFAULT STSORT_BYTES
@@ -115,47 +140,32 @@
#endif
extern int main __P((int, char *[]));
-static void showstats __P((int, friostat_t *));
-static void showfrstates __P((int, ipfrstat_t *));
+static void showstats __P((friostat_t *, u_32_t));
+static void showfrstates __P((ipfrstat_t *));
static void showlist __P((friostat_t *));
-static void showipstates __P((int, ips_stat_t *));
-static void showauthstates __P((int, fr_authstat_t *));
+static void showipstates __P((ips_stat_t *));
+static void showauthstates __P((fr_authstat_t *));
static void showgroups __P((friostat_t *));
static void Usage __P((char *));
static void printlist __P((frentry_t *));
-static char *get_ifname __P((void *));
-static char *hostname __P((int, void *));
static void parse_ipportstr __P((const char *, struct in_addr *, int *));
+static int ipfstate_live __P((char *, friostat_t **, ips_stat_t **,
+ ipfrstat_t **, fr_authstat_t **, u_32_t *));
+static void ipfstate_dead __P((char *, friostat_t **, ips_stat_t **,
+ ipfrstat_t **, fr_authstat_t **, u_32_t *));
#ifdef STATETOP
-static void topipstates __P((int, struct in_addr, struct in_addr, int, int, int, int, int));
+static void topipstates __P((struct in_addr, struct in_addr, int, int, int, int, int));
static char *ttl_to_string __P((long));
static int sort_p __P((const void *, const void *));
static int sort_pkts __P((const void *, const void *));
static int sort_bytes __P((const void *, const void *));
static int sort_ttl __P((const void *, const void *));
-#endif
-
-static char *hostname(v, ip)
-int v;
-void *ip;
-{
-#ifdef USE_INET6
- static char hostbuf[MAXHOSTNAMELEN+1];
+static int sort_srcip __P((const void *, const void *));
+static int sort_dstip __P((const void *, const void *));
#endif
- struct in_addr ipa;
-
- if (v == 4) {
- ipa.s_addr = *(u_32_t *)ip;
- return inet_ntoa(ipa);
- }
-#ifdef USE_INET6
- (void) inet_ntop(AF_INET6, ip, hostbuf, sizeof(hostbuf) - 1);
- hostbuf[MAXHOSTNAMELEN] = '\0';
- return hostbuf;
-#else
- return "IPv6";
+#if SOLARIS
+void showqiflist __P((char *));
#endif
-}
static void Usage(name)
@@ -166,6 +176,7 @@
#else
fprintf(stderr, "Usage: %s [-aAfhIinosv] [-d <device>]\n", name);
#endif
+ fprintf(stderr, "\t\t[-M corefile] [-N symbol-list]\n");
fprintf(stderr, " %s -t [-S source address] [-D destination address] [-P protocol] [-T refreshtime] [-C] [-d <device>]\n", name);
exit(1);
}
@@ -178,13 +189,14 @@
fr_authstat_t frauthst;
fr_authstat_t *frauthstp = &frauthst;
friostat_t fio;
- friostat_t *fiop=&fio;
+ friostat_t *fiop = &fio;
ips_stat_t ipsst;
ips_stat_t *ipsstp = &ipsst;
ipfrstat_t ifrst;
ipfrstat_t *ifrstp = &ifrst;
- char *name = NULL, *device = IPL_NAME;
- int c, fd;
+ char *device = IPL_NAME, *memf = NULL;
+ char *kern = NULL;
+ int c, fd, myoptind;
struct protoent *proto;
int protocol = -1; /* -1 = wild card for any protocol */
@@ -193,16 +205,43 @@
int dport = -1; /* -1 = wild card for any dest port */
int topclosed = 0; /* do not show closed tcp sessions */
struct in_addr saddr, daddr;
+ u_32_t frf;
+
saddr.s_addr = INADDR_ANY; /* default any source addr */
daddr.s_addr = INADDR_ANY; /* default any dest addr */
- if (openkmem() == -1)
+ /*
+ * Parse these two arguments now lest there be any buffer overflows
+ * in the parsing of the rest.
+ */
+ myoptind = optind;
+ while ((c = getopt(argc, argv, "6aACfghIilnoqstvd:D:M:N:P:S:T:")) != -1)
+ switch (c)
+ {
+ case 'M' :
+ memf = optarg;
+ live_kernel = 0;
+ break;
+ case 'N' :
+ kern = optarg;
+ live_kernel = 0;
+ break;
+ }
+ optind = myoptind;
+
+ if (kern != NULL || memf != NULL)
+ {
+ (void)setuid(getuid());
+ (void)setgid(getgid());
+ }
+
+ if (openkmem(kern, memf) == -1)
exit(-1);
(void)setuid(getuid());
(void)setgid(getgid());
- while ((c = getopt(argc, argv, "6aACfghIilnostvd:D:P:S:T:")) != -1)
+ while ((c = getopt(argc, argv, "6aACfghIilnoqstvd:D:M:N:P:S:T:")) != -1)
{
switch (c)
{
@@ -245,6 +284,10 @@
case 'l' :
opts |= OPT_SHOWLIST;
break;
+ case 'M' :
+ break;
+ case 'N' :
+ break;
case 'n' :
opts |= OPT_SHOWLINENO;
break;
@@ -261,6 +304,16 @@
exit(-2);
}
break;
+ case 'q' :
+#if SOLARIS
+ showqiflist(kern);
+ exit(0);
+ break;
+#else
+ fprintf(stderr, "-q only availble on Solaris\n");
+ exit(1);
+ break;
+#endif
case 's' :
opts |= OPT_IPSTATES;
break;
@@ -295,19 +348,67 @@
}
}
Home |
Main Index |
Thread Index |
Old Index