2 * Copyright (C) 1993-1998 by Darren Reed.
4 * Redistribution and use in source and binary forms are permitted
5 * provided that this notice is preserved and due credit is given
6 * to the original author and the contributors.
8 * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com)
14 #include <sys/types.h>
15 #if !defined(__SVR4) && !defined(__svr4__)
18 #include <sys/byteorder.h>
21 #include <sys/param.h>
25 #include <sys/socket.h>
26 #include <sys/ioctl.h>
27 #if defined(sun) && (defined(__svr4__) || defined(__SVR4))
28 # include <sys/ioccom.h>
29 # include <sys/sysmacros.h>
31 #include <netinet/in.h>
32 #include <netinet/in_systm.h>
33 #include <netinet/ip.h>
34 #include <netinet/tcp.h>
36 #if __FreeBSD_version >= 300000
37 # include <net/if_var.h>
40 #include <arpa/nameser.h>
41 #include <arpa/inet.h>
44 #include "netinet/ip_compat.h"
45 #include "netinet/ip_fil.h"
46 #include "netinet/ip_proxy.h"
47 #include "netinet/ip_nat.h"
50 #if defined(sun) && !SOLARIS2
51 # define STRERROR(x) sys_errlist[x]
52 extern char *sys_errlist[];
54 # define STRERROR(x) strerror(x)
58 static const char sccsid[] ="@(#)ipnat.c 1.9 6/5/96 (C) 1993 Darren Reed";
59 static const char rcsid[] = "@(#)$Id: ipnat.c,v 2.1 1999/08/04 17:30:07 darrenr Exp $";
64 #define bzero(a,b) memset(a,0,b)
68 extern ipnat_t *natparse __P((char *, int));
69 extern void natparsefile __P((int, char *, int));
70 extern void printnat __P((ipnat_t *, int, void *));
72 u_32_t hostnum __P((char *, int *, int));
73 u_32_t hostmask __P((char *));
74 void dostats __P((int, int)), flushtable __P((int, int));
75 void usage __P((char *));
76 int countbits __P((u_32_t));
77 char *getnattype __P((ipnat_t *));
78 int main __P((int, char*[]));
79 void printaps __P((ap_session_t *, int));
85 #define OPT_VERBOSE 16
94 fprintf(stderr, "%s: [-CFhlnrsv] [-f filename]\n", name);
104 int fd = -1, opts = 0, c;
106 while ((c = getopt(argc, argv, "CFf:hlnrsv")) != -1)
140 if (!(opts & OPT_NODO) && ((fd = open(IPL_NAT, O_RDWR)) == -1) &&
141 ((fd = open(IPL_NAT, O_RDONLY)) == -1)) {
142 (void) fprintf(stderr, "%s: open: %s\n", IPL_NAT,
147 if (opts & (OPT_FLUSH|OPT_CLEAR))
148 flushtable(fd, opts);
150 natparsefile(fd, file, opts);
151 if (opts & (OPT_LIST|OPT_STAT))
158 * count consecutive 1's in bit mask. If the mask generated by counting
159 * consecutive 1's is different to that passed, return -1, else return #
168 ip = ipn = ntohl(ip);
169 for (i = 32; i; i--, ipn *= 2)
170 if (ipn & 0x80000000)
175 for (i = 32, j = cnt; i; i--, j--) {
186 void printaps(aps, opts)
194 if (kmemcpy((char *)&ap, (long)aps, sizeof(ap)))
196 if (kmemcpy((char *)&apr, (long)ap.aps_apr, sizeof(apr)))
198 printf("\tproxy %s/%d use %d flags %x\n", apr.apr_label,
199 apr.apr_p, apr.apr_ref, apr.apr_flags);
200 printf("\t\tproto %d flags %#x bytes ", ap.aps_p, ap.aps_flags);
202 printf("%qu pkts %qu", ap.aps_bytes, ap.aps_pkts);
204 printf("%lu pkts %lu", ap.aps_bytes, ap.aps_pkts);
206 printf(" data %p psiz %d\n", ap.aps_data, ap.aps_psiz);
207 if ((ap.aps_p == IPPROTO_TCP) && (opts & OPT_VERBOSE)) {
208 printf("\t\tstate[%u,%u], sel[%d,%d]\n",
209 ap.aps_state[0], ap.aps_state[1],
210 ap.aps_sel[0], ap.aps_sel[1]);
211 #if (defined(NetBSD) && (NetBSD >= 199905) && (NetBSD < 1991011)) || \
212 (__FreeBSD_version >= 300000) || defined(OpenBSD)
213 printf("\t\tseq: off %hd/%hd min %x/%x\n",
214 ap.aps_seqoff[0], ap.aps_seqoff[1],
215 ap.aps_seqmin[0], ap.aps_seqmin[1]);
216 printf("\t\tack: off %hd/%hd min %x/%x\n",
217 ap.aps_ackoff[0], ap.aps_ackoff[1],
218 ap.aps_ackmin[0], ap.aps_ackmin[1]);
220 printf("\t\tseq: off %hd/%hd min %lx/%lx\n",
221 ap.aps_seqoff[0], ap.aps_seqoff[1],
222 ap.aps_seqmin[0], ap.aps_seqmin[1]);
223 printf("\t\tack: off %hd/%hd min %lx/%lx\n",
224 ap.aps_ackoff[0], ap.aps_ackoff[1],
225 ap.aps_ackmin[0], ap.aps_ackmin[1]);
229 if (!strcmp(apr.apr_label, "raudio") && ap.aps_psiz == sizeof(ra)) {
230 if (kmemcpy((char *)&ra, (long)ap.aps_data, sizeof(ra)))
232 printf("\tReal Audio Proxy:\n");
233 printf("\t\tSeen PNA: %d\tVersion: %d\tEOS: %d\n",
234 ra.rap_seenpna, ra.rap_version, ra.rap_eos);
235 printf("\t\tMode: %#x\tSBF: %#x\n", ra.rap_mode, ra.rap_sbf);
236 printf("\t\tPorts:pl %hu, pr %hu, sr %hu\n",
237 ra.rap_plport, ra.rap_prport, ra.rap_srport);
243 * Get a nat filter type given its kernel address.
245 char *getnattype(ipnat)
251 if (!ipnat || (ipnat && kmemcpy((char *)&ipnatbuff, (long)ipnat,
255 switch (ipnatbuff.in_redir)
277 void dostats(fd, opts)
282 nat_t **nt[2], *np, nat;
285 bzero((char *)&ns, sizeof(ns));
287 if (!(opts & OPT_NODO) && ioctl(fd, SIOCGNATS, &ns) == -1) {
288 perror("ioctl(SIOCGNATS)");
292 if (opts & OPT_STAT) {
293 printf("mapped\tin\t%lu\tout\t%lu\n",
294 ns.ns_mapped[0], ns.ns_mapped[1]);
295 printf("added\t%lu\texpired\t%lu\n",
296 ns.ns_added, ns.ns_expire);
297 printf("inuse\t%lu\nrules\t%lu\n", ns.ns_inuse, ns.ns_rules);
298 if (opts & OPT_VERBOSE)
299 printf("table %p list %p\n", ns.ns_table, ns.ns_list);
301 if (opts & OPT_LIST) {
302 printf("List of active MAP/Redirect filters:\n");
304 if (kmemcpy((char *)&ipn, (long)ns.ns_list,
310 printf("%d ", ipn.in_hits);
311 printnat(&ipn, opts & OPT_VERBOSE, (void *)ns.ns_list);
312 ns.ns_list = ipn.in_next;
315 nt[0] = (nat_t **)malloc(sizeof(*nt) * NAT_SIZE);
316 if (kmemcpy((char *)nt[0], (long)ns.ns_table[0],
317 sizeof(**nt) * NAT_SIZE)) {
322 printf("\nList of active sessions:\n");
324 for (np = ns.ns_instances; np; np = nat.nat_next) {
325 if (kmemcpy((char *)&nat, (long)np, sizeof(nat)))
328 printf("%s %-15s %-5hu <- ->", getnattype(nat.nat_ptr),
329 inet_ntoa(nat.nat_inip), ntohs(nat.nat_inport));
330 printf(" %-15s %-5hu", inet_ntoa(nat.nat_outip),
331 ntohs(nat.nat_outport));
332 printf(" [%s %hu]", inet_ntoa(nat.nat_oip),
333 ntohs(nat.nat_oport));
334 if (opts & OPT_VERBOSE) {
335 printf("\n\tage %lu use %hu sumd %x pr %u",
336 nat.nat_age, nat.nat_use, nat.nat_sumd,
338 printf(" bkt %d flags %x ", i, nat.nat_flags);
340 printf("bytes %qu pkts %qu",
341 nat.nat_bytes, nat.nat_pkts);
343 printf("bytes %lu pkts %lu",
344 nat.nat_bytes, nat.nat_pkts);
347 printf(" %lx", nat.nat_ipsumd);
352 printaps(nat.nat_aps, opts);
368 if (strchr(msk, '.'))
369 return inet_addr(msk);
370 if (strchr(msk, 'x'))
371 return (u_32_t)strtol(msk, NULL, 0);
373 * set x most significant bits
375 for (mask = 0, bits = atoi(msk); bits; bits--) {
377 mask |= ntohl(inet_addr("128.0.0.0"));
385 * returns an ip address as a long var as a result of either a DNS lookup or
386 * straight inet_addr() call
388 u_32_t hostnum(host, resolved, linenum)
397 if (!strcasecmp("any", host))
400 return inet_addr(host);
402 if (!(hp = gethostbyname(host))) {
403 if (!(np = getnetbyname(host))) {
405 fprintf(stderr, "Line %d: can't resolve hostname: %s\n", linenum, host);
408 return htonl(np->n_net);
410 return *(u_32_t *)hp->h_addr;
414 void flushtable(fd, opts)
419 if (opts & OPT_FLUSH) {
421 if (!(opts & OPT_NODO) && ioctl(fd, SIOCFLNAT, &n) == -1)
422 perror("ioctl(SIOCFLNAT)");
424 printf("%d entries flushed from NAT table\n", n);
427 if (opts & OPT_CLEAR) {
429 if (!(opts & OPT_NODO) && ioctl(fd, SIOCCNATL, &n) == -1)
430 perror("ioctl(SIOCCNATL)");
432 printf("%d entries flushed from NAT list\n", n);
projects / FreeBSD / FreeBSD.git / blob