4 * Copyright (C) 2002-2005 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
12 #define PRINTF (void)printf
13 #define FPRINTF (void)fprintf
15 ipstate_t *printstate(sp, opts, now)
22 if (sp->is_phnext == NULL)
24 PRINTF("%s -> ", hostname(sp->is_v, &sp->is_src.in4));
25 PRINTF("%s pass %#x pr %d state %d/%d",
26 hostname(sp->is_v, &sp->is_dst.in4), sp->is_pass, sp->is_p,
27 sp->is_state[0], sp->is_state[1]);
29 PRINTF(" bkt %d ref %d", sp->is_hv, sp->is_ref);
30 PRINTF("\n\ttag %u ttl %lu", sp->is_tag, sp->is_die - now);
32 if (sp->is_p == IPPROTO_TCP) {
33 PRINTF("\n\t%hu -> %hu %x:%x %hu<<%d:%hu<<%d\n",
34 ntohs(sp->is_sport), ntohs(sp->is_dport),
35 sp->is_send, sp->is_dend,
36 sp->is_maxswin, sp->is_swinscale,
37 sp->is_maxdwin, sp->is_dwinscale);
38 PRINTF("\tcmsk %04x smsk %04x s0 %08x/%08x\n",
39 sp->is_smsk[0], sp->is_smsk[1],
40 sp->is_s0[0], sp->is_s0[1]);
41 PRINTF("\tFWD:ISN inc %x sumd %x\n",
42 sp->is_isninc[0], sp->is_sumd[0]);
43 PRINTF("\tREV:ISN inc %x sumd %x\n",
44 sp->is_isninc[1], sp->is_sumd[1]);
46 PRINTF("\tsbuf[0] [");
47 printsbuf(sp->is_sbuf[0]);
48 PRINTF("] sbuf[1] [");
49 printsbuf(sp->is_sbuf[1]);
52 } else if (sp->is_p == IPPROTO_UDP) {
53 PRINTF(" %hu -> %hu\n", ntohs(sp->is_sport),
55 } else if (sp->is_p == IPPROTO_GRE) {
56 PRINTF(" call %hx/%hx\n", ntohs(sp->is_gre.gs_call[0]),
57 ntohs(sp->is_gre.gs_call[1]));
58 } else if (sp->is_p == IPPROTO_ICMP
60 || sp->is_p == IPPROTO_ICMPV6
63 PRINTF(" id %hu seq %hu type %d\n", sp->is_icmp.ici_id,
64 sp->is_icmp.ici_seq, sp->is_icmp.ici_type);
67 PRINTF("\tforward: pkts in %lld bytes in %lld pkts out %lld bytes out %lld\n\tbackward: pkts in %lld bytes in %lld pkts out %lld bytes out %lld\n",
68 sp->is_pkts[0], sp->is_bytes[0],
69 sp->is_pkts[1], sp->is_bytes[1],
70 sp->is_pkts[2], sp->is_bytes[2],
71 sp->is_pkts[3], sp->is_bytes[3]);
73 PRINTF("\tforward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n\tbackward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n",
74 sp->is_pkts[0], sp->is_bytes[0],
75 sp->is_pkts[1], sp->is_bytes[1],
76 sp->is_pkts[2], sp->is_bytes[2],
77 sp->is_pkts[3], sp->is_bytes[3]);
83 * Print out bits set in the result code for the state being
84 * kept as they would for a rule.
86 if (FR_ISPASS(sp->is_pass)) {
88 } else if (FR_ISBLOCK(sp->is_pass)) {
90 switch (sp->is_pass & FR_RETMASK)
93 PRINTF(" return-icmp");
96 PRINTF(" return-icmp-as-dest");
99 PRINTF(" return-rst");
104 } else if ((sp->is_pass & FR_LOGMASK) == FR_LOG) {
106 if (sp->is_pass & FR_LOGBODY)
108 if (sp->is_pass & FR_LOGFIRST)
110 } else if (FR_ISACCOUNT(sp->is_pass)) {
112 } else if (FR_ISPREAUTH(sp->is_pass)) {
114 } else if (FR_ISAUTH(sp->is_pass))
117 if (sp->is_pass & FR_OUTQUE)
122 if ((sp->is_pass & FR_LOG) != 0) {
124 if (sp->is_pass & FR_LOGBODY)
126 if (sp->is_pass & FR_LOGFIRST)
128 if (sp->is_pass & FR_LOGORBLOCK)
131 if (sp->is_pass & FR_QUICK)
133 if (sp->is_pass & FR_KEEPFRAG)
134 PRINTF(" keep frags");
136 if (sp->is_pass & FR_KEEPSTATE) {
137 PRINTF(" keep state");
138 if (sp->is_pass & FR_STATESYNC)
141 PRINTF("\tIPv%d", sp->is_v);
144 PRINTF("\tpkt_flags & %x(%x) = %x,\t",
145 sp->is_flags & 0xf, sp->is_flags,
147 PRINTF("\tpkt_options & %x = %x, %x = %x \n", sp->is_optmsk[0],
148 sp->is_opt[0], sp->is_optmsk[1], sp->is_opt[1]);
149 PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n",
150 sp->is_secmsk, sp->is_sec, sp->is_authmsk,
152 PRINTF("\tis_flx %#x %#x %#x %#x\n", sp->is_flx[0][0], sp->is_flx[0][1],
153 sp->is_flx[1][0], sp->is_flx[1][1]);
154 PRINTF("\tinterfaces: in %s[%s", getifname(sp->is_ifp[0]),
156 if (opts & OPT_DEBUG)
157 PRINTF("/%p", sp->is_ifp[0]);
159 PRINTF(",%s[%s", getifname(sp->is_ifp[1]), sp->is_ifname[1]);
160 if (opts & OPT_DEBUG)
161 PRINTF("/%p", sp->is_ifp[1]);
163 PRINTF(" out %s[%s", getifname(sp->is_ifp[2]), sp->is_ifname[2]);
164 if (opts & OPT_DEBUG)
165 PRINTF("/%p", sp->is_ifp[2]);
167 PRINTF(",%s[%s", getifname(sp->is_ifp[3]), sp->is_ifname[3]);
168 if (opts & OPT_DEBUG)
169 PRINTF("/%p", sp->is_ifp[3]);
172 if (sp->is_sync != NULL) {
174 if (kmemcpy((char *)&ipsync, (u_long)sp->is_sync, sizeof(ipsync))) {
176 PRINTF("\tSync status: status could not be retrieved\n");
180 PRINTF("\tSync status: idx %d num %d v %d pr %d rev %d\n",
181 ipsync.sl_idx, ipsync.sl_num, ipsync.sl_v,
182 ipsync.sl_p, ipsync.sl_rev);
185 PRINTF("\tSync status: not synchronized\n");