search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Expand PMF_FN_* macros.
[netbsd-mini2440.git] / dist / ipf / tools / ipftest.c
blob3bda5921a5220bd7568ad32e36c4603e01d6506a
1 /* $NetBSD$ */
2
3 /*
4 * Copyright (C) 2002-2006 by Darren Reed.
5 *
6 * See the IPFILTER.LICENCE file for details on licencing.
7 */
8 #include "ipf.h"
9 #include "ipt.h"
10 #include <sys/ioctl.h>
11 #include <sys/file.h>
12
13 #if !defined(lint)
14 static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed";
15 static const char rcsid[] = "@(#)Id: ipftest.c,v 1.44.2.14 2008/11/06 21:18:20 darrenr Exp";
16 #endif
17
18 extern char *optarg;
19 extern struct frentry *ipfilter[2][2];
20 extern struct ipread snoop, etherf, tcpd, pcap, iptext, iphex;
21 extern struct ifnet *get_unit __P((char *, int));
22 extern void init_ifp __P((void));
23 extern ipnat_t *natparse __P((char *, int));
24 extern int fr_running;
25 extern hostmap_t **ipf_hm_maptable;
26 extern hostmap_t *ipf_hm_maplist;
27
28 ipfmutex_t ipl_mutex, ipf_authmx, ipf_rw, ipf_stinsert;
29 ipfmutex_t ipf_nat_new, ipf_natio, ipf_timeoutlock;
30 ipfrwlock_t ipf_mutex, ipf_global, ipf_ipidfrag, ip_poolrw, ipf_frcache;
31 ipfrwlock_t ipf_frag, ipf_state, ipf_nat, ipf_natfrag, ipf_auth, ipf_tokens;
32 int opts = OPT_DONOTHING;
33 int use_inet6 = 0;
34 int docksum = 0;
35 int pfil_delayed_copy = 0;
36 int main __P((int, char *[]));
37 int loadrules __P((char *, int));
38 int kmemcpy __P((char *, long, int));
39 int kstrncpy __P((char *, long, int n));
40 void dumpnat __P((void));
41 void dumpstate __P((void));
42 void dumplookups __P((void));
43 void dumpgroups __P((void));
44 void drain_log __P((char *));
45 void fixv4sums __P((mb_t *, ip_t *));
46
47 #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \
48 (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \
49 defined(__osf__) || defined(linux)
50 int ipftestioctl __P((int, ioctlcmd_t, ...));
51 int ipnattestioctl __P((int, ioctlcmd_t, ...));
52 int ipstatetestioctl __P((int, ioctlcmd_t, ...));
53 int ipauthtestioctl __P((int, ioctlcmd_t, ...));
54 int ipscantestioctl __P((int, ioctlcmd_t, ...));
55 int ipsynctestioctl __P((int, ioctlcmd_t, ...));
56 int ipooltestioctl __P((int, ioctlcmd_t, ...));
57 #else
58 int ipftestioctl __P((dev_t, ioctlcmd_t, void *));
59 int ipnattestioctl __P((dev_t, ioctlcmd_t, void *));
60 int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *));
61 int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *));
62 int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *));
63 int ipscantestioctl __P((dev_t, ioctlcmd_t, void *));
64 int ipooltestioctl __P((dev_t, ioctlcmd_t, void *));
65 #endif
66
67 static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl,
68 ipnattestioctl,
69 ipstatetestioctl,
70 ipauthtestioctl,
71 ipsynctestioctl,
72 ipscantestioctl,
73 ipooltestioctl,
74 NULL };
75
76
77 int main(argc,argv)
78 int argc;
79 char *argv[];
80 {
81 int fd, i, dir, c, loaded, dump, hlen, eol;
82 char *datain, *iface, *ifname, *logout;
83 struct in_addr sip;
84 struct ifnet *ifp;
85 struct ipread *r;
86 mb_t mb, *m;
87 ip_t *ip;
88
89 m = &mb;
90 dir = 0;
91 dump = 0;
92 hlen = 0;
93 loaded = 0;
94 r = &iptext;
95 iface = NULL;
96 logout = NULL;
97 datain = NULL;
98 sip.s_addr = 0;
99 ifname = "anon0";
100
101 MUTEX_INIT(&ipf_rw, "ipf rw mutex");
102 MUTEX_INIT(&ipf_timeoutlock, "ipf timeout lock");
103 RWLOCK_INIT(&ipf_global, "ipf filter load/unload mutex");
104 RWLOCK_INIT(&ipf_mutex, "ipf filter rwlock");
105 RWLOCK_INIT(&ipf_ipidfrag, "ipf IP NAT-Frag rwlock");
106 RWLOCK_INIT(&ipf_frcache, "ipf filter cache");
107 RWLOCK_INIT(&ipf_tokens, "ipf token rwlock");
108
109 initparse();
110 if (fr_initialise() == -1)
111 abort();
112 fr_running = 1;
113
114 while ((c = getopt(argc, argv, "6bCdDF:i:I:l:N:P:or:RS:T:vxX")) != -1)
115 switch (c)
116 {
117 case '6' :
118 #ifdef USE_INET6
119 use_inet6 = 1;
120 #else
121 fprintf(stderr, "IPv6 not supported\n");
122 exit(1);
123 #endif
124 break;
125 case 'b' :
126 opts |= OPT_BRIEF;
127 break;
128 case 'd' :
129 opts |= OPT_DEBUG;
130 break;
131 case 'C' :
132 docksum = 1;
133 break;
134 case 'D' :
135 dump = 1;
136 break;
137 case 'F' :
138 if (strcasecmp(optarg, "pcap") == 0)
139 r = &pcap;
140 else if (strcasecmp(optarg, "etherfind") == 0)
141 r = &etherf;
142 else if (strcasecmp(optarg, "snoop") == 0)
143 r = &snoop;
144 else if (strcasecmp(optarg, "tcpdump") == 0)
145 r = &tcpd;
146 else if (strcasecmp(optarg, "hex") == 0)
147 r = &iphex;
148 else if (strcasecmp(optarg, "text") == 0)
149 r = &iptext;
150 break;
151 case 'i' :
152 datain = optarg;
153 break;
154 case 'I' :
155 ifname = optarg;
156 break;
157 case 'l' :
158 logout = optarg;
159 break;
160 case 'N' :
161 if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl,
162 optarg) == -1)
163 return -1;
164 loaded = 1;
165 opts |= OPT_NAT;
166 break;
167 case 'o' :
168 opts |= OPT_SAVEOUT;
169 break;
170 case 'P' :
171 if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1)
172 return -1;
173 loaded = 1;
174 break;
175 case 'r' :
176 if (ipf_parsefile(-1, ipf_addrule, iocfunctions,
177 optarg) == -1)
178 return -1;
179 loaded = 1;
180 break;
181 case 'S' :
182 sip.s_addr = inet_addr(optarg);
183 break;
184 case 'R' :
185 opts |= OPT_NORESOLVE;
186 break;
187 case 'T' :
188 ipf_dotuning(-1, optarg, ipftestioctl);
189 break;
190 case 'v' :
191 opts |= OPT_VERBOSE;
192 break;
193 case 'x' :
194 opts |= OPT_HEX;
195 break;
196 }
197
198 if (loaded == 0) {
199 (void)fprintf(stderr,"no rules loaded\n");
200 exit(-1);
201 }
202
203 if (opts & OPT_SAVEOUT)
204 init_ifp();
205
206 if (datain)
207 fd = (*r->r_open)(datain);
208 else
209 fd = (*r->r_open)("-");
210
211 if (fd < 0)
212 exit(-1);
213
214 ip = MTOD(m, ip_t *);
215 while ((i = (*r->r_readip)(MTOD(m, char *), sizeof(m->mb_buf),
216 &iface, &dir)) > 0) {
217 if ((iface == NULL) || (*iface == '\0'))
218 iface = ifname;
219 ifp = get_unit(iface, IP_V(ip));
220 if (!use_inet6) {
221 ip->ip_off = ntohs(ip->ip_off);
222 ip->ip_len = ntohs(ip->ip_len);
223 if ((r->r_flags & R_DO_CKSUM) || docksum)
224 fixv4sums(m, ip);
225 hlen = IP_HL(ip) << 2;
226 if (sip.s_addr)
227 dir = !(sip.s_addr == ip->ip_src.s_addr);
228 }
229 #ifdef USE_INET6
230 else
231 hlen = sizeof(ip6_t);
232 #endif
233 /* ipfr_slowtimer(); */
234 m = &mb;
235 m->mb_len = i;
236 i = fr_check(ip, hlen, ifp, dir, &m);
237 if ((opts & OPT_NAT) == 0) {
238 switch (i)
239 {
240 case -4 :
241 (void)printf("preauth");
242 break;
243 case -3 :
244 (void)printf("account");
245 break;
246 case -2 :
247 (void)printf("auth");
248 break;
249 case -1 :
250 (void)printf("block");
251 break;
252 case 0 :
253 (void)printf("pass");
254 break;
255 case 1 :
256 if (m == NULL)
257 (void)printf("bad-packet");
258 else
259 (void)printf("nomatch");
260 break;
261 case 3 :
262 (void)printf("block return-rst");
263 break;
264 case 4 :
265 (void)printf("block return-icmp");
266 break;
267 case 5 :
268 (void)printf("block return-icmp-as-dest");
269 break;
270 default :
271 (void)printf("recognised return %#x\n", i);
272 break;
273 }
274 } else {
275 if (i == -1) {
276 (void)printf("block ");
277 }
278 }
279
280 if (!use_inet6) {
281 ip->ip_off = htons(ip->ip_off);
282 ip->ip_len = htons(ip->ip_len);
283 }
284
285 eol = 0;
286 if (!(opts & OPT_BRIEF)) {
287 putchar(' ');
288 printpacket(ip);
289 printf("--------------");
290 eol = 1;
291 } else {
292 if (opts & OPT_NAT) {
293 printpacket(ip);
294 eol = 1;
295 }
296 }
297
298 if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL))
299 #if defined(__sgi) && (IRIX < 60500)
300 (*ifp->if_output)(ifp, (void *)m, NULL);
301 #else
302 # if TRU64 >= 1885
303 (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0);
304 # else
305 (*ifp->if_output)(ifp, (void *)m, NULL, 0);
306 # endif
307 #endif
308
309 /*
310 * Because we have no timers to clear out a state entry, we
311 * do a flush call after every packet. Thus once an entry
312 * is recorded as starting to close (TCP), it will be flushed.
313 * This allows verification that flushing does work and that a
314 * packet arriving late will not match, along with the state
315 * table being empty when state is dumped at the end.
316 */
317 fr_state_flush(1, 0);
318
319 if (eol == 0)
320 putchar('\n');
321 dir = 0;
322 if (iface != ifname) {
323 free(iface);
324 iface = ifname;
325 }
326 m = &mb;
327 }
328
329 if (i != 0)
330 fprintf(stderr, "readip failed: %d\n", i);
331 (*r->r_close)();
332
333 if (logout != NULL) {
334 drain_log(logout);
335 }
336
337 if (dump == 1) {
338 dumpnat();
339 dumpstate();
340 dumplookups();
341 dumpgroups();
342 }
343
344 fr_deinitialise();
345
346 return 0;
347 }
348
349
350 #if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \
351 (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \
352 defined(__osf__) || defined(linux)
353 int ipftestioctl(int dev, ioctlcmd_t cmd, ...)
354 {
355 caddr_t data;
356 va_list ap;
357 int i;
358
359 va_start(ap, cmd);
360 data = va_arg(ap, caddr_t);
361 va_end(ap);
362
363 i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD);
364 if (opts & OPT_DEBUG)
365 fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n",
366 (u_int)cmd, data, i);
367 if (i != 0) {
368 errno = i;
369 return -1;
370 }
371 return 0;
372 }
373
374
375 int ipnattestioctl(int dev, ioctlcmd_t cmd, ...)
376 {
377 caddr_t data;
378 va_list ap;
379 int i;
380
381 va_start(ap, cmd);
382 data = va_arg(ap, caddr_t);
383 va_end(ap);
384
385 i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD);
386 if (opts & OPT_DEBUG)
387 fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n",
388 (u_int)cmd, data, i);
389 if (i != 0) {
390 errno = i;
391 return -1;
392 }
393 return 0;
394 }
395
396
397 int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...)
398 {
399 caddr_t data;
400 va_list ap;
401 int i;
402
403 va_start(ap, cmd);
404 data = va_arg(ap, caddr_t);
405 va_end(ap);
406
407 i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD);
408 if ((opts & OPT_DEBUG) || (i != 0))
409 fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n",
410 (u_int)cmd, data, i);
411 if (i != 0) {
412 errno = i;
413 return -1;
414 }
415 return 0;
416 }
417
418
419 int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...)
420 {
421 caddr_t data;
422 va_list ap;
423 int i;
424
425 va_start(ap, cmd);
426 data = va_arg(ap, caddr_t);
427 va_end(ap);
428
429 i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD);
430 if ((opts & OPT_DEBUG) || (i != 0))
431 fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n",
432 (u_int)cmd, data, i);
433 if (i != 0) {
434 errno = i;
435 return -1;
436 }
437 return 0;
438 }
439
440
441 int ipscantestioctl(int dev, ioctlcmd_t cmd, ...)
442 {
443 caddr_t data;
444 va_list ap;
445 int i;
446
447 va_start(ap, cmd);
448 data = va_arg(ap, caddr_t);
449 va_end(ap);
450
451 i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD);
452 if ((opts & OPT_DEBUG) || (i != 0))
453 fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n",
454 (u_int)cmd, data, i);
455 if (i != 0) {
456 errno = i;
457 return -1;
458 }
459 return 0;
460 }
461
462
463 int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...)
464 {
465 caddr_t data;
466 va_list ap;
467 int i;
468
469 va_start(ap, cmd);
470 data = va_arg(ap, caddr_t);
471 va_end(ap);
472
473 i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD);
474 if ((opts & OPT_DEBUG) || (i != 0))
475 fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n",
476 (u_int)cmd, data, i);
477 if (i != 0) {
478 errno = i;
479 return -1;
480 }
481 return 0;
482 }
483
484
485 int ipooltestioctl(int dev, ioctlcmd_t cmd, ...)
486 {
487 caddr_t data;
488 va_list ap;
489 int i;
490
491 va_start(ap, cmd);
492 data = va_arg(ap, caddr_t);
493 va_end(ap);
494
495 i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD);
496 if ((opts & OPT_DEBUG) || (i != 0))
497 fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n",
498 (u_int)cmd, data, i);
499 if (i != 0) {
500 errno = i;
501 return -1;
502 }
503 return 0;
504 }
505 #else
506 int ipftestioctl(dev, cmd, data)
507 dev_t dev;
508 ioctlcmd_t cmd;
509 void *data;
510 {
511 int i;
512
513 i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD);
514 if ((opts & OPT_DEBUG) || (i != 0))
515 fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", cmd, data, i);
516 if (i != 0) {
517 errno = i;
518 return -1;
519 }
520 return 0;
521 }
522
523
524 int ipnattestioctl(dev, cmd, data)
525 dev_t dev;
526 ioctlcmd_t cmd;
527 void *data;
528 {
529 int i;
530
531 i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD);
532 if ((opts & OPT_DEBUG) || (i != 0))
533 fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", cmd, data, i);
534 if (i != 0) {
535 errno = i;
536 return -1;
537 }
538 return 0;
539 }
540
541
542 int ipstatetestioctl(dev, cmd, data)
543 dev_t dev;
544 ioctlcmd_t cmd;
545 void *data;
546 {
547 int i;
548
549 i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD);
550 if ((opts & OPT_DEBUG) || (i != 0))
551 fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", cmd, data, i);
552 if (i != 0) {
553 errno = i;
554 return -1;
555 }
556 return 0;
557 }
558
559
560 int ipauthtestioctl(dev, cmd, data)
561 dev_t dev;
562 ioctlcmd_t cmd;
563 void *data;
564 {
565 int i;
566
567 i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD);
568 if ((opts & OPT_DEBUG) || (i != 0))
569 fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", cmd, data, i);
570 if (i != 0) {
571 errno = i;
572 return -1;
573 }
574 return 0;
575 }
576
577
578 int ipsynctestioctl(dev, cmd, data)
579 dev_t dev;
580 ioctlcmd_t cmd;
581 void *data;
582 {
583 int i;
584
585 i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD);
586 if ((opts & OPT_DEBUG) || (i != 0))
587 fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", cmd, data, i);
588 if (i != 0) {
589 errno = i;
590 return -1;
591 }
592 return 0;
593 }
594
595
596 int ipscantestioctl(dev, cmd, data)
597 dev_t dev;
598 ioctlcmd_t cmd;
599 void *data;
600 {
601 int i;
602
603 i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD);
604 if ((opts & OPT_DEBUG) || (i != 0))
605 fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", cmd, data, i);
606 if (i != 0) {
607 errno = i;
608 return -1;
609 }
610 return 0;
611 }
612
613
614 int ipooltestioctl(dev, cmd, data)
615 dev_t dev;
616 ioctlcmd_t cmd;
617 void *data;
618 {
619 int i;
620
621 i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD);
622 if (opts & OPT_DEBUG)
623 fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", cmd, data, i);
624 if (i != 0) {
625 errno = i;
626 return -1;
627 }
628 return 0;
629 }
630 #endif
631
632
633 int kmemcpy(addr, offset, size)
634 char *addr;
635 long offset;
636 int size;
637 {
638 bcopy((char *)offset, addr, size);
639 return 0;
640 }
641
642
643 int kstrncpy(buf, pos, n)
644 char *buf;
645 long pos;
646 int n;
647 {
648 char *ptr;
649
650 ptr = (char *)pos;
651
652 while ((n > 0) && (*buf++ = *ptr++))
653 ;
654 return 0;
655 }
656
657
658 /*
659 * Display the built up NAT table rules and mapping entries.
660 */
661 void dumpnat()
662 {
663 hostmap_t *hm;
664 ipnat_t *ipn;
665 nat_t *nat;
666
667 printf("List of active MAP/Redirect filters:\n");
668 for (ipn = nat_list; ipn != NULL; ipn = ipn->in_next)
669 printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE));
670 printf("\nList of active sessions:\n");
671 for (nat = nat_instances; nat; nat = nat->nat_next) {
672 printactivenat(nat, opts, 0, 0);
673 if (nat->nat_aps)
674 printaps(nat->nat_aps, opts);
675 }
676
677 printf("\nHostmap table:\n");
678 for (hm = ipf_hm_maplist; hm != NULL; hm = hm->hm_next)
679 printhostmap(hm, 0);
680 }
681
682
683 /*
684 * Display the built up state table rules and mapping entries.
685 */
686 void dumpstate()
687 {
688 ipstate_t *ips;
689
690 printf("List of active state sessions:\n");
691 for (ips = ips_list; ips != NULL; )
692 ips = printstate(ips, opts & (OPT_DEBUG|OPT_VERBOSE),
693 fr_ticks);
694 }
695
696
697 void dumplookups()
698 {
699 iphtable_t *iph;
700 ip_pool_t *ipl;
701 int i;
702
703 printf("List of configured pools\n");
704 for (i = 0; i < IPL_LOGSIZE; i++)
705 for (ipl = ip_pool_list[i]; ipl != NULL; ipl = ipl->ipo_next)
706 printpool(ipl, bcopywrap, NULL, opts);
707
708 printf("List of configured hash tables\n");
709 for (i = 0; i < IPL_LOGSIZE; i++)
710 for (iph = ipf_htables[i]; iph != NULL; iph = iph->iph_next)
711 printhash(iph, bcopywrap, NULL, opts);
712 }
713
714
715 void dumpgroups()
716 {
717 frgroup_t *fg;
718 frentry_t *fr;
719 int i;
720
721 printf("List of groups configured (set 0)\n");
722 for (i = 0; i < IPL_LOGSIZE; i++)
723 for (fg = ipfgroups[i][0]; fg != NULL; fg = fg->fg_next) {
724 printf("Dev.%d. Group %s Ref %d Flags %#x\n",
725 i, fg->fg_name, fg->fg_ref, fg->fg_flags);
726 for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) {
727 #ifdef USE_QUAD_T
728 printf("%qu ",(unsigned long long)fr->fr_hits);
729 #else
730 printf("%ld ", fr->fr_hits);
731 #endif
732 printfr(fr, ipftestioctl);
733 }
734 }
735
736 printf("List of groups configured (set 1)\n");
737 for (i = 0; i < IPL_LOGSIZE; i++)
738 for (fg = ipfgroups[i][1]; fg != NULL; fg = fg->fg_next) {
739 printf("Dev.%d. Group %s Ref %d Flags %#x\n",
740 i, fg->fg_name, fg->fg_ref, fg->fg_flags);
741 for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) {
742 #ifdef USE_QUAD_T
743 printf("%qu ",(unsigned long long)fr->fr_hits);
744 #else
745 printf("%ld ", fr->fr_hits);
746 #endif
747 printfr(fr, ipftestioctl);
748 }
749 }
750 }
751
752
753 void drain_log(filename)
754 char *filename;
755 {
756 char buffer[DEFAULT_IPFLOGSIZE];
757 struct iovec iov;
758 struct uio uio;
759 size_t resid;
760 int fd, i;
761
762 fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644);
763 if (fd == -1) {
764 perror("drain_log:open");
765 return;
766 }
767
768 for (i = 0; i <= IPL_LOGMAX; i++)
769 while (1) {
770 bzero((char *)&iov, sizeof(iov));
771 iov.iov_base = buffer;
772 iov.iov_len = sizeof(buffer);
773
774 bzero((char *)&uio, sizeof(uio));
775 uio.uio_iov = &iov;
776 uio.uio_iovcnt = 1;
777 uio.uio_resid = iov.iov_len;
778 resid = uio.uio_resid;
779
780 if (ipflog_read(i, &uio) == 0) {
781 /*
782 * If nothing was read then break out.
783 */
784 if (uio.uio_resid == resid)
785 break;
786 write(fd, buffer, resid - uio.uio_resid);
787 } else
788 break;
789 }
790
791 close(fd);
792 }
793
794
795 void fixv4sums(m, ip)
796 mb_t *m;
797 ip_t *ip;
798 {
799 u_char *csump, *hdr;
800
801 ip->ip_sum = 0;
802 ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2);
803
804 csump = (u_char *)ip;
805 csump += IP_HL(ip) << 2;
806
807 switch (ip->ip_p)
808 {
809 case IPPROTO_TCP :
810 hdr = csump;
811 csump += offsetof(tcphdr_t, th_sum);
812 break;
813 case IPPROTO_UDP :
814 hdr = csump;
815 csump += offsetof(udphdr_t, uh_sum);
816 break;
817 case IPPROTO_ICMP :
818 hdr = csump;
819 csump += offsetof(icmphdr_t, icmp_cksum);
820 break;
821 default :
822 csump = NULL;
823 hdr = NULL;
824 break;
825 }
826 if (hdr != NULL) {
827 *csump = 0;
828 *(u_short *)csump = fr_cksum(m, ip, ip->ip_p, hdr, ip->ip_len);
829 }
830 }
NetBSD on the FriendlyARM MINI2440