Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.sbin/npf/npfctl Improve 'npfctl debug' a little bit.
details: https://anonhg.NetBSD.org/src/rev/0c4562e421f4
branches: trunk
changeset: 820104:0c4562e421f4
user: rmind <rmind%NetBSD.org@localhost>
date: Thu Dec 29 20:48:50 2016 +0000
description:
Improve 'npfctl debug' a little bit.
diffstat:
usr.sbin/npf/npfctl/npf_show.c | 6 +-
usr.sbin/npf/npfctl/npfctl.c | 76 ++++++++++++++++++++++++-----------------
2 files changed, 48 insertions(+), 34 deletions(-)
diffs (205 lines):
diff -r f16c0bc9524f -r 0c4562e421f4 usr.sbin/npf/npfctl/npf_show.c
--- a/usr.sbin/npf/npfctl/npf_show.c Thu Dec 29 20:29:30 2016 +0000
+++ b/usr.sbin/npf/npfctl/npf_show.c Thu Dec 29 20:48:50 2016 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: npf_show.c,v 1.21 2016/12/27 20:14:35 christos Exp $ */
+/* $NetBSD: npf_show.c,v 1.22 2016/12/29 20:48:50 rmind Exp $ */
/*-
* Copyright (c) 2013 The NetBSD Foundation, Inc.
@@ -36,7 +36,7 @@
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: npf_show.c,v 1.21 2016/12/27 20:14:35 christos Exp $");
+__RCSID("$NetBSD: npf_show.c,v 1.22 2016/12/29 20:48:50 rmind Exp $");
#include <sys/socket.h>
#define __FAVOR_BSD
@@ -506,8 +506,8 @@
loaded ? "loaded" : "empty");
print_linesep(ctx);
} else {
- npfctl_config_send(0, NULL);
ncf = npfctl_config_ref();
+ (void)npf_config_build(ncf);
loaded = true;
}
ctx->conf = ncf;
diff -r f16c0bc9524f -r 0c4562e421f4 usr.sbin/npf/npfctl/npfctl.c
--- a/usr.sbin/npf/npfctl/npfctl.c Thu Dec 29 20:29:30 2016 +0000
+++ b/usr.sbin/npf/npfctl/npfctl.c Thu Dec 29 20:48:50 2016 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: npfctl.c,v 1.51 2016/12/27 20:24:32 wiz Exp $ */
+/* $NetBSD: npfctl.c,v 1.52 2016/12/29 20:48:50 rmind Exp $ */
/*-
* Copyright (c) 2009-2014 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: npfctl.c,v 1.51 2016/12/27 20:24:32 wiz Exp $");
+__RCSID("$NetBSD: npfctl.c,v 1.52 2016/12/29 20:48:50 rmind Exp $");
#include <sys/stat.h>
#include <sys/types.h>
@@ -70,6 +70,7 @@
NPFCTL_STATS,
NPFCTL_SAVE,
NPFCTL_LOAD,
+ NPFCTL_DEBUG,
NPFCTL_CONN_LIST,
};
@@ -83,7 +84,6 @@
{ "reload", NPFCTL_RELOAD },
{ "show", NPFCTL_SHOWCONF, },
{ "flush", NPFCTL_FLUSH },
- { "valid", NPFCTL_VALIDATE },
/* Table */
{ "table", NPFCTL_TABLE },
/* Rule */
@@ -94,6 +94,9 @@
{ "save", NPFCTL_SAVE },
{ "load", NPFCTL_LOAD },
{ "list", NPFCTL_CONN_LIST },
+ /* Misc. */
+ { "valid", NPFCTL_VALIDATE },
+ { "debug", NPFCTL_DEBUG },
/* --- */
{ NULL, 0 }
};
@@ -247,14 +250,12 @@
switch (alen) {
case 4: {
struct sockaddr_in *sin = (void *)&ss;
- sin->sin_len = sizeof(*sin);
sin->sin_family = AF_INET;
memcpy(&sin->sin_addr, addr, sizeof(sin->sin_addr));
break;
}
case 16: {
struct sockaddr_in6 *sin6 = (void *)&ss;
- sin6->sin6_len = sizeof(*sin6);
sin6->sin6_family = AF_INET6;
memcpy(&sin6->sin6_addr, addr, sizeof(sin6->sin6_addr));
break;
@@ -593,7 +594,7 @@
};
static int
-npfctl_conn_print(unsigned alen, const npf_addr_t *a, const in_port_t *p,
+npfctl_conn_print(unsigned alen, const npf_addr_t *a, const in_port_t *p,
const char *ifname, void *v)
{
struct npf_conn_filter *fil = v;
@@ -674,21 +675,19 @@
if (header)
fprintf(f.fp, "%*.*s %*.*s\n",
w, w, "From address:port ", w, w, "To address:port ");
-
+
npf_conn_list(fd, npfctl_conn_print, &f);
return 0;
}
-static void
-npfctl(int action, int argc, char **argv)
+static int
+npfctl_open_dev(const char *path)
{
- int fd, ver, boolval, ret = 0;
- nl_config_t *ncf;
- const char *fun = "";
+ int fd, ver;
- fd = open(NPF_DEV_PATH, O_RDONLY);
+ fd = open(path, O_RDONLY);
if (fd == -1) {
- err(EXIT_FAILURE, "cannot open '%s'", NPF_DEV_PATH);
+ err(EXIT_FAILURE, "cannot open '%s'", path);
}
if (ioctl(fd, IOC_NPF_VERSION, &ver) == -1) {
err(EXIT_FAILURE, "ioctl(IOC_NPF_VERSION)");
@@ -698,6 +697,24 @@
"incompatible NPF interface version (%d, kernel %d)\n"
"Hint: update userland?", NPF_VERSION, ver);
}
+ return fd;
+}
+
+static void
+npfctl(int action, int argc, char **argv)
+{
+ int fd, boolval, ret = 0;
+ const char *fun = "";
+ nl_config_t *ncf;
+
+ switch (action) {
+ case NPFCTL_VALIDATE:
+ case NPFCTL_DEBUG:
+ fd = 0;
+ break;
+ default:
+ fd = npfctl_open_dev(NPF_DEV_PATH);
+ }
switch (action) {
case NPFCTL_START:
@@ -725,12 +742,6 @@
ret = npf_config_flush(fd);
fun = "npf_config_flush";
break;
- case NPFCTL_VALIDATE:
- npfctl_config_init(false);
- npfctl_parse_file(argc < 3 ? NPF_CONF_PATH : argv[2]);
- ret = npfctl_config_show(0);
- fun = "npfctl_config_show";
- break;
case NPFCTL_TABLE:
if ((argc -= 2) < 2) {
usage();
@@ -768,11 +779,24 @@
ret = npfctl_conn_list(fd, argc, argv);
fun = "npfctl_conn_list";
break;
+ case NPFCTL_VALIDATE:
+ npfctl_config_init(false);
+ npfctl_parse_file(argc > 2 ? argv[2] : NPF_CONF_PATH);
+ ret = npfctl_config_show(0);
+ fun = "npfctl_config_show";
+ break;
+ case NPFCTL_DEBUG:
+ npfctl_config_init(true);
+ npfctl_parse_file(argc > 2 ? argv[2] : NPF_CONF_PATH);
+ npfctl_config_send(0, argc > 3 ? argv[3] : "/tmp/npf.plist");
+ break;
}
if (ret) {
err(EXIT_FAILURE, "%s", fun);
}
- close(fd);
+ if (fd) {
+ close(fd);
+ }
}
int
@@ -786,16 +810,6 @@
npfctl_show_init();
cmd = argv[1];
- if (strcmp(cmd, "debug") == 0) {
- const char *cfg = argc > 2 ? argv[2] : "/etc/npf.conf";
- const char *out = argc > 3 ? argv[3] : "/tmp/npf.plist";
-
- npfctl_config_init(true);
- npfctl_parse_file(cfg);
- npfctl_config_send(0, out);
- return EXIT_SUCCESS;
- }
-
/* Find and call the subroutine. */
for (int n = 0; operations[n].cmd != NULL; n++) {
const char *opcmd = operations[n].cmd;
Home |
Main Index |
Thread Index |
Old Index