Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/dist/ipf PR/25122: Peter Postma: ipfstat state top broken wi...
details: https://anonhg.NetBSD.org/src/rev/dc4c6ecadc66
branches: trunk
changeset: 566437:dc4c6ecadc66
user: christos <christos%NetBSD.org@localhost>
date: Sun May 09 04:12:03 2004 +0000
description:
PR/25122: Peter Postma: ipfstat state top broken with IPv6 addresses
patch applied.
diffstat:
dist/ipf/man/ipfstat.8 | 36 ++-
dist/ipf/tools/ipfstat.c | 447 ++++++++++++++++++++++++++++++++--------------
2 files changed, 329 insertions(+), 154 deletions(-)
diffs (truncated from 895 to 300 lines):
diff -r 2f8397c3f509 -r dc4c6ecadc66 dist/ipf/man/ipfstat.8
--- a/dist/ipf/man/ipfstat.8 Sun May 09 04:02:32 2004 +0000
+++ b/dist/ipf/man/ipfstat.8 Sun May 09 04:12:03 2004 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: ipfstat.8,v 1.10 2004/03/28 09:00:56 martti Exp $
+.\" $NetBSD: ipfstat.8,v 1.11 2004/05/09 04:12:03 christos Exp $
.\"
.TH ipfstat 8
.SH NAME
@@ -6,12 +6,12 @@
.SH SYNOPSIS
.B ipfstat
[
-.B \-6aACdfghIinosv
+.B \-6aAdfghIilnoRsv
]
-
+.br
.B ipfstat -t
[
-.B \-C
+.B \-6C
] [
.B \-D
<addrport>
@@ -26,7 +26,6 @@
<refresh time>
]
.SH DESCRIPTION
-.PP
\fBipfstat\fP examines /dev/kmem using the symbols \fB_fr_flags\fP,
\fB_frstats\fP, \fB_filterin\fP, and \fB_filterout\fP.
To run and work, it needs to be able to read both /dev/kmem and the
@@ -38,7 +37,7 @@
.SH OPTIONS
.TP
.B \-6
-Display filter lists for IPv6, if available.
+Display filter lists and states for IPv6, if available.
.TP
.B \-a
Display the accounting filter list and show bytes counted against each rule.
@@ -58,7 +57,7 @@
.BR \-D \0<addrport>
This option is only valid in combination with \fB\-t\fP. Limit the state top
display to show only state entries whose destination IP address and port
-match the addport argument. The addrport specification is of the form
+match the addrport argument. The addrport specification is of the form
ipaddress[,port]. The ipaddress and port should be either numerical or the
string "any" (specifying any IP address resp. any port). If the \fB\-D\fP
option is not specified, it defaults to "\fB\-D\fP any,any".
@@ -94,6 +93,10 @@
protocol number. If this option is not specified, state entries for any
protocol are specified.
.TP
+.BR \-R
+Don't try to resolve addresses to hostnames and ports to services while
+printing statistics.
+.TP
.B \-s
Show packet/flow state information (statistics only).
.TP
@@ -103,14 +106,14 @@
.BR \-S \0<addrport>
This option is only valid in combination with \fB\-t\fP. Limit the state top
display to show only state entries whose source IP address and port match
-the addport argument. The addrport specification is of the form
+the addrport argument. The addrport specification is of the form
ipaddress[,port]. The ipaddress and port should be either numerical or the
string "any" (specifying any IP address resp. any port). If the \fB\-S\fP
option is not specified, it defaults to "\fB\-S\fP any,any".
.TP
.B \-t
-Show the state table in a way similar to they way \fBtop(1)\fP shows the process
-table. States can be sorted using a number of different ways. This options
+Show the state table in a way similar to the way \fBtop(1)\fP shows the process
+table. States can be sorted using a number of different ways. This option
requires \fBcurses(3)\fP and needs to be compiled in. It may not be available on
all operating systems. See below, for more information on the keys that can
be used while ipfstat is in top mode.
@@ -142,7 +145,9 @@
In state top mode, the following keys can be used to influence the displayed
information:
.TP
-\fBd\fP select information to display.
+\fBb\fP show packets/bytes from backward direction.
+.TP
+\fBf\fP show packets/bytes from forward direction. (default)
.TP
\fBl\fP redraw the screen.
.TP
@@ -162,13 +167,12 @@
command line.
.PP
The screen must have at least 80 columns. This is however not checked.
+When running state top in IPv6 mode, the screen must be much wider to display
+the very long IPv6 addresses.
.PP
Only the first X-5 entries that match the sort and filter criteria are
-displayed (where X is the number of rows on the display. There is no way to
-see more entries.
-.PP
-No support for IPv6
-.PP
+displayed (where X is the number of rows on the display. The only way to see
+more entries is to resize the screen.
.SH FILES
/dev/kmem
.br
diff -r 2f8397c3f509 -r dc4c6ecadc66 dist/ipf/tools/ipfstat.c
--- a/dist/ipf/tools/ipfstat.c Sun May 09 04:02:32 2004 +0000
+++ b/dist/ipf/tools/ipfstat.c Sun May 09 04:12:03 2004 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipfstat.c,v 1.3 2004/04/07 20:27:54 christos Exp $ */
+/* $NetBSD: ipfstat.c,v 1.4 2004/05/09 04:12:03 christos Exp $ */
/*
* Copyright (C) 1993-2001, 2003 by Darren Reed.
@@ -29,7 +29,7 @@
#include "netinet/ipl.h"
#if defined(STATETOP)
# if defined(_BSDI_VERSION)
-# undef STATETOP)
+# undef STATETOP
# endif
# if defined(__FreeBSD__) && \
(!defined(__FreeBSD_version) || (__FreeBSD_version < 430000))
@@ -52,6 +52,7 @@
#endif
#ifdef STATETOP
# include <ctype.h>
+# include <signal.h>
# if SOLARIS || defined(__NetBSD__) || defined(_BSDI_VERSION) || \
defined(__sgi)
# ifdef ERR
@@ -78,6 +79,7 @@
extern char *optarg;
extern int optind;
+extern int opterr;
#define PRINTF (void)printf
#define FPRINTF (void)fprintf
@@ -116,6 +118,7 @@
u_short st_sport;
u_short st_dport;
u_char st_p;
+ u_char st_v;
u_char st_state[2];
U_QUAD_T st_pkts;
U_QUAD_T st_bytes;
@@ -123,22 +126,27 @@
} statetop_t;
#endif
-extern int main __P((int, char *[]));
+int main __P((int, char *[]));
+
static void showstats __P((friostat_t *, u_32_t));
static void showfrstates __P((ipfrstat_t *));
static void showlist __P((friostat_t *));
static void showipstates __P((ips_stat_t *));
static void showauthstates __P((fr_authstat_t *));
static void showgroups __P((friostat_t *));
-static void Usage __P((char *));
+static void usage __P((char *));
static void printlist __P((frentry_t *, char *));
-static void parse_ipportstr __P((const char *, struct in_addr *, int *));
+static void parse_ipportstr __P((const char *, i6addr_t *, int *));
static void ipfstate_live __P((char *, friostat_t **, ips_stat_t **,
ipfrstat_t **, fr_authstat_t **, u_32_t *));
static void ipfstate_dead __P((char *, friostat_t **, ips_stat_t **,
ipfrstat_t **, fr_authstat_t **, u_32_t *));
#ifdef STATETOP
-static void topipstates __P((struct in_addr, struct in_addr, int, int, int, int, int));
+static void topipstates __P((i6addr_t, i6addr_t, int, int, int,
+ int, int, int));
+static void sig_break __P((int));
+static void sig_resize __P((int));
+static char *getip __P((int, i6addr_t *));
static char *ttl_to_string __P((long));
static int sort_p __P((const void *, const void *));
static int sort_pkts __P((const void *, const void *));
@@ -149,16 +157,21 @@
#endif
-static void Usage(name)
+static void usage(name)
char *name;
{
#ifdef USE_INET6
- fprintf(stderr, "Usage: %s [-6aACdfghIilnoRstv] [-d <device>]\n", name);
+ fprintf(stderr, "Usage: %s [-6aAdfghIilnoRsv]\n", name);
#else
- fprintf(stderr, "Usage: %s [-aACdfghIilnoRstv] [-d <device>]\n", name);
+ fprintf(stderr, "Usage: %s [-aAdfghIilnoRsv]\n", name);
#endif
- fprintf(stderr, "\t\t[-M corefile] [-N symbol-list]\n");
- fprintf(stderr, " %s -t [-S source address] [-D destination address] [-P protocol] [-T refreshtime] [-C] [-d <device>]\n", name);
+ fprintf(stderr, " %s [-M corefile] [-N symbol-list]\n", name);
+#ifdef USE_INET6
+ fprintf(stderr, " %s -t [-6C] ", name);
+#else
+ fprintf(stderr, " %s -t [-C] ", name);
+#endif
+ fprintf(stderr, "[-D destination address] [-P protocol] [-S source address] [-T refresh time]\n");
exit(1);
}
@@ -176,7 +189,7 @@
ipfrstat_t ifrst;
ipfrstat_t *ifrstp = &ifrst;
char *device = IPL_NAME, *memf = NULL;
- char *kern = NULL;
+ char *options, *kern = NULL;
int c, myoptind;
int protocol = -1; /* -1 = wild card for any protocol */
@@ -184,18 +197,31 @@
int sport = -1; /* -1 = wild card for any source port */
int dport = -1; /* -1 = wild card for any dest port */
int topclosed = 0; /* do not show closed tcp sessions */
- struct in_addr saddr, daddr;
+ i6addr_t saddr, daddr;
u_32_t frf;
- saddr.s_addr = INADDR_ANY; /* default any source addr */
- daddr.s_addr = INADDR_ANY; /* default any dest addr */
+#ifdef USE_INET6
+ options = "6aACdfghIilnostvD:M:N:P:RS:T:";
+#else
+ options = "aACdfghIilnostvD:M:N:P:RS:T:";
+#endif
+
+ saddr.in4.s_addr = INADDR_ANY; /* default any v4 source addr */
+ daddr.in4.s_addr = INADDR_ANY; /* default any v4 dest addr */
+#ifdef USE_INET6
+ saddr.in6 = in6addr_any; /* default any v6 source addr */
+ daddr.in6 = in6addr_any; /* default any v6 dest addr */
+#endif
+
+ /* Don't warn about invalid flags when we run getopt for the 1st time */
+ opterr = 0;
/*
* Parse these two arguments now lest there be any buffer overflows
* in the parsing of the rest.
*/
myoptind = optind;
- while ((c = getopt(argc, argv, "6aACdfghIilnostvD:M:N:P:RS:T:")) != -1)
+ while ((c = getopt(argc, argv, options)) != -1) {
switch (c)
{
case 'M' :
@@ -207,6 +233,7 @@
live_kernel = 0;
break;
}
+ }
optind = myoptind;
if (live_kernel == 1) {
@@ -221,8 +248,7 @@
}
}
- if (kern != NULL || memf != NULL)
- {
+ if (kern != NULL || memf != NULL) {
(void)setgid(getgid());
(void)setuid(getuid());
}
@@ -235,7 +261,9 @@
(void)setgid(getgid());
(void)setuid(getuid());
- while ((c = getopt(argc, argv, "6aACdfghIilnostvD:M:N:P:RS:T:")) != -1)
+ opterr = 1;
+
+ while ((c = getopt(argc, argv, options)) != -1)
{
switch (c)
{
@@ -290,7 +318,7 @@
case 'P' :
protocol = getproto(optarg);
if (protocol == -1) {
- fprintf(stderr, "%s : Invalid protocol: %s\n",
+ fprintf(stderr, "%s: Invalid protocol: %s\n",
argv[0], optarg);
exit(-2);
}
@@ -310,7 +338,7 @@
break;
#else
fprintf(stderr,
- "%s : state top facility not compiled in\n",
+ "%s: state top facility not compiled in\n",
argv[0]);
Home |
Main Index |
Thread Index |
Old Index