4 * Copyright (C) 2012 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
9 static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed";
10 static const char rcsid[] = "@(#)$Id$";
12 #include <sys/types.h>
14 #include <sys/socket.h>
16 #include <netinet/in.h>
19 #include <arpa/inet.h>
29 #include "netinet/ip_compat.h"
30 #include "netinet/ip_fil.h"
31 #include "netinet/ip_nat.h"
32 #include "netinet/ip_state.h"
33 #include "netinet/ip_sync.h"
36 int main __P((int, char *[]));
37 void usage __P((const char *));
41 void usage(const char *progname) {
42 fprintf(stderr, "Usage: %s <destination IP> <destination port>\n", progname);
46 static void handleterm(int sig)
53 /* should be large enough to hold header + any datatype */
54 #define BUFFERLEN 1400
60 struct sockaddr_in sin;
64 int nfd = -1, lfd = -1, n1, n2, n3, len;
70 progname = strrchr(argv[0], '/');
84 signal(SIGHUP, handleterm);
85 signal(SIGINT, handleterm);
86 signal(SIGTERM, handleterm);
89 openlog(progname, LOG_PID, LOG_SECURITY);
91 bzero((char *)&sin, sizeof(sin));
92 sin.sin_family = AF_INET;
93 sin.sin_addr.s_addr = inet_addr(argv[1]);
95 sin.sin_port = htons(atoi(argv[2]));
97 sin.sin_port = htons(43434);
106 lfd = open(IPSYNC_NAME, O_RDONLY);
108 syslog(LOG_ERR, "Opening %s :%m", IPSYNC_NAME);
112 nfd = socket(AF_INET, SOCK_DGRAM, 0);
114 syslog(LOG_ERR, "Socket :%m");
118 if (connect(nfd, (struct sockaddr *)&sin, sizeof(sin)) == -1) {
119 syslog(LOG_ERR, "Connect: %m");
123 syslog(LOG_INFO, "Sending data to %s",
124 inet_ntoa(sin.sin_addr));
129 n1 = read(lfd, buff+inbuf, BUFFERLEN-inbuf);
131 printf("header : %d bytes read (header = %d bytes)\n",
132 n1, (int) sizeof(*sh));
135 syslog(LOG_ERR, "Read error (header): %m");
140 /* XXX can this happen??? */
142 "Read error (header) : No data");
150 if (inbuf < sizeof(*sh)) {
151 continue; /* need more data */
154 sh = (synchdr_t *)buff;
155 len = ntohl(sh->sm_len);
156 magic = ntohl(sh->sm_magic);
158 if (magic != SYNHDRMAGIC) {
160 "Invalid header magic %x", magic);
166 printf("v:%d p:%d len:%d magic:%x", sh->sm_v,
167 sh->sm_p, len, magic);
169 if (sh->sm_cmd == SMC_CREATE)
170 printf(" cmd:CREATE");
171 else if (sh->sm_cmd == SMC_UPDATE)
172 printf(" cmd:UPDATE");
174 printf(" cmd:Unknown(%d)", sh->sm_cmd);
176 if (sh->sm_table == SMC_NAT)
177 printf(" table:NAT");
178 else if (sh->sm_table == SMC_STATE)
179 printf(" table:STATE");
181 printf(" table:Unknown(%d)", sh->sm_table);
183 printf(" num:%d\n", (u_32_t)ntohl(sh->sm_num));
186 if (inbuf < sizeof(*sh) + len) {
187 continue; /* need more data */
192 if (sh->sm_cmd == SMC_CREATE) {
193 sl = (synclogent_t *)buff;
195 } else if (sh->sm_cmd == SMC_UPDATE) {
196 su = (syncupdent_t *)buff;
197 if (sh->sm_p == IPPROTO_TCP) {
198 printf(" TCP Update: age %lu state %d/%d\n",
200 su->sup_tcp.stu_state[0],
201 su->sup_tcp.stu_state[1]);
204 printf("Unknown command\n");
208 n2 = sizeof(*sh) + len;
209 n3 = write(nfd, buff, n2);
211 syslog(LOG_ERR, "Write error: %m");
217 syslog(LOG_ERR, "Incomplete write (%d/%d)",
222 /* signal received? */
226 /* move buffer to the front,we might need to make
227 * this more efficient, by using a rolling pointer
228 * over the buffer and only copying it, when
229 * we are reaching the end
233 bcopy(buff+n2, buff, inbuf);
234 printf("More data in buffer\n");
252 syslog(LOG_ERR, "signal %d received, exiting...", terminate);