4 * Copyright (C) 2003 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
10 #include <sys/param.h>
11 #include <sys/socket.h>
12 #if defined(BSD) && (BSD >= 199306)
13 # include <sys/cdefs.h>
15 #include <sys/ioctl.h>
18 #if __FreeBSD_version >= 300000
19 # include <net/if_var.h>
21 #include <netinet/in.h>
23 #include <arpa/inet.h>
34 #include "netinet/ip_lookup.h"
35 #include "netinet/ip_pool.h"
36 #include "netinet/ip_htable.h"
40 extern int ippool_yyparse __P((void));
41 extern int ippool_yydebug;
42 extern FILE *ippool_yyin;
46 void showpools __P((ip_pool_stat_t *));
47 void usage __P((char *));
48 int main __P((int, char **));
49 int poolcommand __P((int, int, char *[]));
50 int poolnodecommand __P((int, int, char *[]));
51 int loadpoolfile __P((int, char *[], char *));
52 int poollist __P((int, char *[]));
53 int poolflush __P((int, char *[]));
54 int poolstats __P((int, char *[]));
55 int gettype __P((char *, u_int *));
56 int getrole __P((char *));
66 fprintf(stderr, "Usage:\t%s\n", prog);
67 fprintf(stderr, "\t\t\t-a [-dnv] [-m <name>] [-o <role>] -i <ipaddr>[/netmask]\n");
68 fprintf(stderr, "\t\t\t-A [-dnv] [-m <name>] [-o <role>] [-S <seed>] [-t <type>]\n");
69 fprintf(stderr, "\t\t\t-f <file> [-dnuv]\n");
70 fprintf(stderr, "\t\t\t-F [-dv] [-o <role>] [-t <type>]\n");
71 fprintf(stderr, "\t\t\t-l [-dv] [-m <name>] [-t <type>]\n");
72 fprintf(stderr, "\t\t\t-r [-dnv] [-m <name>] [-o <role>] -i <ipaddr>[/netmask]\n");
73 fprintf(stderr, "\t\t\t-R [-dnv] [-m <name>] [-o <role>] [-t <type>]\n");
74 fprintf(stderr, "\t\t\t-s [-dtv] [-M <core>] [-N <namelist>]\n");
88 switch (getopt(argc, argv, "aAf:FlrRs"))
91 err = poolnodecommand(0, argc, argv);
94 err = poolcommand(0, argc, argv);
97 err = loadpoolfile(argc, argv, optarg);
100 err = poolflush(argc, argv);
103 err = poollist(argc, argv);
106 err = poolnodecommand(1, argc, argv);
109 err = poolcommand(1, argc, argv);
112 err = poolstats(argc, argv);
122 int poolnodecommand(remove, argc, argv)
126 char *poolname = NULL, *s;
127 int err, c, ipset, role;
133 bzero((char *)&node, sizeof(node));
135 while ((c = getopt(argc, argv, "di:m:no:Rv")) != -1)
143 s = strchr(optarg, '/');
145 mask.s_addr = 0xffffffff;
146 else if (strchr(s, '.') == NULL) {
147 if (ntomask(4, atoi(s + 1), &mask.s_addr) != 0)
150 mask.s_addr = inet_addr(s + 1);
155 node.ipn_addr.adf_len = sizeof(node.ipn_addr);
156 node.ipn_addr.adf_addr.in4.s_addr = inet_addr(optarg);
157 node.ipn_mask.adf_len = sizeof(node.ipn_mask);
158 node.ipn_mask.adf_addr.in4.s_addr = mask.s_addr;
164 opts |= OPT_DONOTHING;
167 role = getrole(optarg);
168 if (role == IPL_LOGNONE)
172 opts |= OPT_NORESOLVE;
179 if (opts & OPT_DEBUG)
180 fprintf(stderr, "poolnodecommand: opts = %#x\n", opts);
184 if (poolname == NULL) {
185 fprintf(stderr, "poolname not given with add/remove node\n");
190 err = load_poolnode(0, poolname, &node, ioctl);
192 err = remove_poolnode(0, poolname, &node, ioctl);
197 int poolcommand(remove, argc, argv)
201 int type, role, c, err;
211 bzero((char *)&iph, sizeof(iph));
212 bzero((char *)&pool, sizeof(pool));
214 while ((c = getopt(argc, argv, "dm:no:RSt:v")) != -1)
225 opts |= OPT_DONOTHING;
228 role = getrole(optarg);
229 if (role == IPL_LOGNONE) {
230 fprintf(stderr, "unknown role '%s'\n", optarg);
235 opts |= OPT_NORESOLVE;
238 iph.iph_seed = atoi(optarg);
241 type = gettype(optarg, &iph.iph_type);
242 if (type == IPLT_NONE) {
243 fprintf(stderr, "unknown type '%s'\n", optarg);
252 if (opts & OPT_DEBUG)
253 fprintf(stderr, "poolcommand: opts = %#x\n", opts);
255 if (poolname == NULL) {
256 fprintf(stderr, "poolname not given with add/remove pool\n");
260 if (type == IPLT_HASH) {
261 strncpy(iph.iph_name, poolname, sizeof(iph.iph_name));
262 iph.iph_name[sizeof(iph.iph_name) - 1] = '\0';
264 } else if (type == IPLT_POOL) {
265 strncpy(pool.ipo_name, poolname, sizeof(pool.ipo_name));
266 pool.ipo_name[sizeof(pool.ipo_name) - 1] = '\0';
267 pool.ipo_unit = role;
274 err = load_hash(&iph, NULL, ioctl);
277 err = load_pool(&pool, ioctl);
284 err = remove_hash(&iph, ioctl);
287 err = remove_pool(&pool, ioctl);
295 int loadpoolfile(argc, argv, infile)
297 char *argv[], *infile;
303 while ((c = getopt(argc, argv, "dnRuv")) != -1)
311 opts |= OPT_DONOTHING;
314 opts |= OPT_NORESOLVE;
324 if (opts & OPT_DEBUG)
325 fprintf(stderr, "loadpoolfile: opts = %#x\n", opts);
327 if (!(opts & OPT_DONOTHING) && (fd == -1)) {
328 fd = open(IPLOOKUP_NAME, O_RDWR);
330 perror("open(IPLOOKUP_NAME)");
335 if (ippool_parsefile(fd, infile, ioctl) != 0)
341 int poollist(argc, argv)
345 char *kernel, *core, *poolname;
346 int c, role, type, live_kernel;
347 ip_pool_stat_t *plstp, plstat;
348 iphtstat_t *htstp, htstat;
360 while ((c = getopt(argc, argv, "dm:M:N:o:Rt:v")) != -1)
378 role = getrole(optarg);
379 if (role == IPL_LOGNONE) {
380 fprintf(stderr, "unknown role '%s'\n", optarg);
385 opts |= OPT_NORESOLVE;
388 type = gettype(optarg, NULL);
389 if (type == IPLT_NONE) {
390 fprintf(stderr, "unknown type '%s'\n", optarg);
399 if (opts & OPT_DEBUG)
400 fprintf(stderr, "poollist: opts = %#x\n", opts);
402 if (!(opts & OPT_DONOTHING) && (fd == -1)) {
403 fd = open(IPLOOKUP_NAME, O_RDWR);
405 perror("open(IPLOOKUP_NAME)");
410 bzero((char *)&op, sizeof(op));
411 if (poolname != NULL) {
412 strncpy(op.iplo_name, poolname, sizeof(op.iplo_name));
413 op.iplo_name[sizeof(op.iplo_name) - 1] = '\0';
417 if (openkmem(kernel, core) == -1)
420 if (type == IPLT_ALL || type == IPLT_POOL) {
422 op.iplo_type = IPLT_POOL;
423 op.iplo_size = sizeof(plstat);
424 op.iplo_struct = &plstat;
425 c = ioctl(fd, SIOCLOOKUPSTAT, &op);
427 perror("ioctl(SIOCLOOKUPSTAT)");
431 if (role != IPL_LOGALL) {
432 ptr = plstp->ipls_list[role];
433 while (ptr != NULL) {
434 ptr = printpool(ptr, kmemcpywrap, poolname,
438 for (role = 0; role <= IPL_LOGMAX; role++) {
439 ptr = plstp->ipls_list[role];
440 while (ptr != NULL) {
441 ptr = printpool(ptr, kmemcpywrap,
448 if (type == IPLT_ALL || type == IPLT_HASH) {
450 op.iplo_type = IPLT_HASH;
451 op.iplo_size = sizeof(htstat);
452 op.iplo_struct = &htstat;
453 c = ioctl(fd, SIOCLOOKUPSTAT, &op);
455 perror("ioctl(SIOCLOOKUPSTAT)");
459 if (role != IPL_LOGALL) {
460 hptr = htstp->iphs_tables;
461 while (hptr != NULL) {
462 hptr = printhash(hptr, kmemcpywrap,
466 for (role = 0; role <= IPL_LOGMAX; role++) {
467 hptr = htstp->iphs_tables;
468 while (hptr != NULL) {
469 hptr = printhash(hptr, kmemcpywrap,
474 c = ioctl(fd, SIOCLOOKUPSTAT, &op);
476 perror("ioctl(SIOCLOOKUPSTAT)");
486 int poolstats(argc, argv)
490 int c, type, role, live_kernel;
491 ip_pool_stat_t plstat;
502 bzero((char *)&op, sizeof(op));
504 while ((c = getopt(argc, argv, "dM:N:o:t:v")) != -1)
519 role = getrole(optarg);
520 if (role == IPL_LOGNONE) {
521 fprintf(stderr, "unknown role '%s'\n", optarg);
526 type = gettype(optarg, NULL);
527 if (type != IPLT_POOL) {
529 "-s not supported for this type yet\n");
538 if (opts & OPT_DEBUG)
539 fprintf(stderr, "poolstats: opts = %#x\n", opts);
541 if (!(opts & OPT_DONOTHING) && (fd == -1)) {
542 fd = open(IPLOOKUP_NAME, O_RDWR);
544 perror("open(IPLOOKUP_NAME)");
549 if (type == IPLT_ALL || type == IPLT_POOL) {
550 op.iplo_type = IPLT_POOL;
551 op.iplo_struct = &plstat;
552 op.iplo_size = sizeof(plstat);
553 if (!(opts & OPT_DONOTHING)) {
554 c = ioctl(fd, SIOCLOOKUPSTAT, &op);
556 perror("ioctl(SIOCLOOKUPSTAT)");
559 printf("Pools:\t%lu\n", plstat.ipls_pools);
560 printf("Nodes:\t%lu\n", plstat.ipls_nodes);
564 if (type == IPLT_ALL || type == IPLT_HASH) {
565 op.iplo_type = IPLT_HASH;
566 op.iplo_struct = &htstat;
567 op.iplo_size = sizeof(htstat);
568 if (!(opts & OPT_DONOTHING)) {
569 c = ioctl(fd, SIOCLOOKUPSTAT, &op);
571 perror("ioctl(SIOCLOOKUPSTAT)");
574 printf("Hash Tables:\t%lu\n", htstat.iphs_numtables);
575 printf("Nodes:\t%lu\n", htstat.iphs_numnodes);
576 printf("Out of Memory:\t%lu\n", htstat.iphs_nomem);
583 int poolflush(argc, argv)
587 int c, role, type, arg;
588 iplookupflush_t flush;
594 while ((c = getopt(argc, argv, "do:t:v")) != -1)
601 role = getrole(optarg);
602 if (role == IPL_LOGNONE) {
603 fprintf(stderr, "unknown role '%s'\n", optarg);
608 type = gettype(optarg, NULL);
609 if (type == IPLT_NONE) {
610 fprintf(stderr, "unknown type '%s'\n", optarg);
619 if (opts & OPT_DEBUG)
620 fprintf(stderr, "poolflush: opts = %#x\n", opts);
622 if (!(opts & OPT_DONOTHING) && (fd == -1)) {
623 fd = open(IPLOOKUP_NAME, O_RDWR);
625 perror("open(IPLOOKUP_NAME)");
630 bzero((char *)&flush, sizeof(flush));
631 flush.iplf_type = type;
632 flush.iplf_unit = role;
633 flush.iplf_arg = arg;
635 if (!(opts & OPT_DONOTHING)) {
636 if (ioctl(fd, SIOCLOOKUPFLUSH, &flush) == -1) {
637 perror("ioctl(SIOCLOOKUPFLUSH)");
642 printf("%zd object%s flushed\n", flush.iplf_count,
643 (flush.iplf_count == 1) ? "" : "s");
649 int getrole(rolename)
654 if (!strcasecmp(rolename, "ipf")) {
657 } else if (!strcasecmp(rolename, "nat")) {
659 } else if (!strcasecmp(rolename, "state")) {
661 } else if (!strcasecmp(rolename, "auth")) {
663 } else if (!strcasecmp(rolename, "sync")) {
665 } else if (!strcasecmp(rolename, "scan")) {
667 } else if (!strcasecmp(rolename, "pool")) {
668 role = IPL_LOGLOOKUP;
669 } else if (!strcasecmp(rolename, "count")) {
680 int gettype(typename, minor)
686 if (!strcasecmp(optarg, "tree")) {
688 } else if (!strcasecmp(optarg, "hash")) {
691 *minor = IPHASH_LOOKUP;
692 } else if (!strcasecmp(optarg, "group-map")) {
695 *minor = IPHASH_GROUPMAP;