4 * Copyright (C) 2012 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
14 printstate(ipstate_t *sp, int opts, u_long now)
19 if ((opts & OPT_NORESOLVE) == 0)
20 pr = getprotobynumber(sp->is_p);
24 PRINTF("%d:", sp->is_v);
26 PRINTF("%s", pr->p_name);
28 PRINTF("%d", sp->is_p);
30 PRINTF(" src:%s", hostname(sp->is_family, &sp->is_src.in4));
31 if (sp->is_p == IPPROTO_UDP || sp->is_p == IPPROTO_TCP) {
32 if (sp->is_flags & IS_WSPORT)
35 PRINTF(",%d", ntohs(sp->is_sport));
38 PRINTF(" dst:%s", hostname(sp->is_family, &sp->is_dst.in4));
39 if (sp->is_p == IPPROTO_UDP || sp->is_p == IPPROTO_TCP) {
40 if (sp->is_flags & IS_WDPORT)
43 PRINTF(",%d", ntohs(sp->is_dport));
46 if (sp->is_p == IPPROTO_TCP) {
47 PRINTF(" state:%d/%d", sp->is_state[0], sp->is_state[1]);
50 PRINTF(" %ld", sp->is_die - now);
51 if (sp->is_phnext == NULL)
53 if (sp->is_flags & IS_CLONE)
57 if (sp->is_p == IPPROTO_TCP) {
58 PRINTF("\t%x:%x %hu<<%d:%hu<<%d\n",
59 sp->is_send, sp->is_dend,
60 sp->is_maxswin, sp->is_swinscale,
61 sp->is_maxdwin, sp->is_dwinscale);
62 if ((opts & OPT_VERBOSE) != 0) {
63 PRINTF("\tcmsk %04x smsk %04x isc %p s0 %08x/%08x\n",
64 sp->is_smsk[0], sp->is_smsk[1], sp->is_isc,
65 sp->is_s0[0], sp->is_s0[1]);
66 PRINTF("\tFWD: ISN inc %x sumd %x\n",
67 sp->is_isninc[0], sp->is_sumd[0]);
68 PRINTF("\tREV: ISN inc %x sumd %x\n",
69 sp->is_isninc[1], sp->is_sumd[1]);
71 PRINTF("\tsbuf[0] [");
72 printsbuf(sp->is_sbuf[0]);
73 PRINTF("] sbuf[1] [");
74 printsbuf(sp->is_sbuf[1]);
78 } else if (sp->is_p == IPPROTO_GRE) {
79 PRINTF("\tcall %hx/%hx\n", ntohs(sp->is_gre.gs_call[0]),
80 ntohs(sp->is_gre.gs_call[1]));
81 } else if (sp->is_p == IPPROTO_ICMP
83 || sp->is_p == IPPROTO_ICMPV6
86 PRINTF("\tid %hu seq %hu type %d\n", sp->is_icmp.ici_id,
87 sp->is_icmp.ici_seq, sp->is_icmp.ici_type);
91 PRINTF("\tFWD: IN pkts %"PRIu64" bytes %"PRIu64" OUT pkts %"PRIu64" bytes %"PRIu64"\n\tREV: IN pkts %"PRIu64" bytes %"PRIu64" OUT pkts %"PRIu64" bytes %"PRIu64"\n",
92 sp->is_pkts[0], sp->is_bytes[0],
93 sp->is_pkts[1], sp->is_bytes[1],
94 sp->is_pkts[2], sp->is_bytes[2],
95 sp->is_pkts[3], sp->is_bytes[3]);
97 PRINTF("\tFWD: IN pkts %lu bytes %lu OUT pkts %lu bytes %lu\n\tREV: IN pkts %lu bytes %lu OUT pkts %lu bytes %lu\n",
98 sp->is_pkts[0], sp->is_bytes[0],
99 sp->is_pkts[1], sp->is_bytes[1],
100 sp->is_pkts[2], sp->is_bytes[2],
101 sp->is_pkts[3], sp->is_bytes[3]);
104 PRINTF("\ttag %u pass %#x = ", sp->is_tag, sp->is_pass);
107 * Print out bits set in the result code for the state being
108 * kept as they would for a rule.
110 if (FR_ISPASS(sp->is_pass)) {
112 } else if (FR_ISBLOCK(sp->is_pass)) {
114 switch (sp->is_pass & FR_RETMASK)
117 PRINTF(" return-icmp");
120 PRINTF(" return-icmp-as-dest");
123 PRINTF(" return-rst");
128 } else if ((sp->is_pass & FR_LOGMASK) == FR_LOG) {
130 if (sp->is_pass & FR_LOGBODY)
132 if (sp->is_pass & FR_LOGFIRST)
134 } else if (FR_ISACCOUNT(sp->is_pass)) {
136 } else if (FR_ISPREAUTH(sp->is_pass)) {
138 } else if (FR_ISAUTH(sp->is_pass))
141 if (sp->is_pass & FR_OUTQUE)
146 if ((sp->is_pass & FR_LOG) != 0) {
148 if (sp->is_pass & FR_LOGBODY)
150 if (sp->is_pass & FR_LOGFIRST)
152 if (sp->is_pass & FR_LOGORBLOCK)
155 if (sp->is_pass & FR_QUICK)
157 if (sp->is_pass & FR_KEEPFRAG)
158 PRINTF(" keep frags");
160 if (sp->is_pass & FR_KEEPSTATE) {
161 PRINTF(" keep state");
162 if (sp->is_pass & (FR_STATESYNC|FR_STSTRICT|FR_STLOOSE)) {
164 if (sp->is_pass & FR_STATESYNC)
166 if (sp->is_pass & FR_STSTRICT)
168 if (sp->is_pass & FR_STLOOSE)
175 if ((opts & OPT_VERBOSE) != 0) {
176 PRINTF("\tref %d", sp->is_ref);
177 PRINTF(" pkt_flags & %x(%x) = %x\n",
178 sp->is_flags & 0xf, sp->is_flags, sp->is_flags >> 4);
179 PRINTF("\tpkt_options & %x = %x, %x = %x \n", sp->is_optmsk[0],
180 sp->is_opt[0], sp->is_optmsk[1], sp->is_opt[1]);
181 PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n",
182 sp->is_secmsk, sp->is_sec, sp->is_authmsk,
184 PRINTF("\tis_flx %#x %#x %#x %#x\n", sp->is_flx[0][0],
185 sp->is_flx[0][1], sp->is_flx[1][0], sp->is_flx[1][1]);
187 PRINTF("\tinterfaces: in %s[%s", getifname(sp->is_ifp[0]),
189 if (opts & OPT_DEBUG)
190 PRINTF("/%p", sp->is_ifp[0]);
192 PRINTF(",%s[%s", getifname(sp->is_ifp[1]), sp->is_ifname[1]);
193 if (opts & OPT_DEBUG)
194 PRINTF("/%p", sp->is_ifp[1]);
196 PRINTF(" out %s[%s", getifname(sp->is_ifp[2]), sp->is_ifname[2]);
197 if (opts & OPT_DEBUG)
198 PRINTF("/%p", sp->is_ifp[2]);
200 PRINTF(",%s[%s", getifname(sp->is_ifp[3]), sp->is_ifname[3]);
201 if (opts & OPT_DEBUG)
202 PRINTF("/%p", sp->is_ifp[3]);
205 PRINTF("\tSync status: ");
206 if (sp->is_sync != NULL) {
207 if (kmemcpy((char *)&ipsync, (u_long)sp->is_sync,
209 PRINTF("status could not be retrieved\n");
213 PRINTF("idx %d num %d v %d pr %d rev %d\n",
214 ipsync.sl_idx, ipsync.sl_num, ipsync.sl_v,
215 ipsync.sl_p, ipsync.sl_rev);
217 PRINTF("not synchronized\n");
220 return (sp->is_next);
projects / FreeBSD / FreeBSD.git / blob