2 * Copyright (c) 2003 Ryan McBride. All rights reserved.
3 * Copyright (c) 2004 Max Laier. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/types.h>
30 #include <sys/ioctl.h>
31 #include <sys/socket.h>
34 #include <netinet/in.h>
35 #include <net/pfvar.h>
36 #include <net/if_pfsync.h>
37 #include <net/route.h>
38 #include <arpa/inet.h>
49 void setpfsync_syncdev(const char *, int, int, const struct afswtch *);
50 void unsetpfsync_syncdev(const char *, int, int, const struct afswtch *);
51 void setpfsync_syncpeer(const char *, int, int, const struct afswtch *);
52 void unsetpfsync_syncpeer(const char *, int, int, const struct afswtch *);
53 void setpfsync_syncpeer(const char *, int, int, const struct afswtch *);
54 void setpfsync_maxupd(const char *, int, int, const struct afswtch *);
55 void pfsync_status(int);
58 setpfsync_syncdev(const char *val, int d, int s, const struct afswtch *rafp)
60 struct pfsyncreq preq;
62 bzero((char *)&preq, sizeof(struct pfsyncreq));
63 ifr.ifr_data = (caddr_t)&preq;
65 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
66 err(1, "SIOCGETPFSYNC");
68 strlcpy(preq.pfsyncr_syncdev, val, sizeof(preq.pfsyncr_syncdev));
70 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
71 err(1, "SIOCSETPFSYNC");
76 unsetpfsync_syncdev(const char *val, int d, int s, const struct afswtch *rafp)
78 struct pfsyncreq preq;
80 bzero((char *)&preq, sizeof(struct pfsyncreq));
81 ifr.ifr_data = (caddr_t)&preq;
83 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
84 err(1, "SIOCGETPFSYNC");
86 bzero((char *)&preq.pfsyncr_syncdev, sizeof(preq.pfsyncr_syncdev));
88 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
89 err(1, "SIOCSETPFSYNC");
94 setpfsync_syncpeer(const char *val, int d, int s, const struct afswtch *rafp)
96 struct pfsyncreq preq;
97 struct addrinfo hints, *peerres;
100 bzero((char *)&preq, sizeof(struct pfsyncreq));
101 ifr.ifr_data = (caddr_t)&preq;
103 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
104 err(1, "SIOCGETPFSYNC");
106 memset(&hints, 0, sizeof(hints));
107 hints.ai_family = AF_INET;
108 hints.ai_socktype = SOCK_DGRAM; /*dummy*/
110 if ((ecode = getaddrinfo(val, NULL, &hints, &peerres)) != 0)
111 errx(1, "error in parsing address string: %s",
112 gai_strerror(ecode));
114 if (peerres->ai_addr->sa_family != AF_INET)
115 errx(1, "only IPv4 addresses supported for the syncpeer");
117 preq.pfsyncr_syncpeer.s_addr = ((struct sockaddr_in *)
118 peerres->ai_addr)->sin_addr.s_addr;
120 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
121 err(1, "SIOCSETPFSYNC");
126 unsetpfsync_syncpeer(const char *val, int d, int s, const struct afswtch *rafp)
128 struct pfsyncreq preq;
130 bzero((char *)&preq, sizeof(struct pfsyncreq));
131 ifr.ifr_data = (caddr_t)&preq;
133 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
134 err(1, "SIOCGETPFSYNC");
136 preq.pfsyncr_syncpeer.s_addr = 0;
138 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
139 err(1, "SIOCSETPFSYNC");
144 setpfsync_maxupd(const char *val, int d, int s, const struct afswtch *rafp)
146 struct pfsyncreq preq;
149 maxupdates = atoi(val);
150 if ((maxupdates < 0) || (maxupdates > 255))
151 errx(1, "maxupd %s: out of range", val);
153 memset((char *)&preq, 0, sizeof(struct pfsyncreq));
154 ifr.ifr_data = (caddr_t)&preq;
156 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
157 err(1, "SIOCGETPFSYNC");
159 preq.pfsyncr_maxupdates = maxupdates;
161 if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1)
162 err(1, "SIOCSETPFSYNC");
168 struct pfsyncreq preq;
170 bzero((char *)&preq, sizeof(struct pfsyncreq));
171 ifr.ifr_data = (caddr_t)&preq;
173 if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1)
176 if (preq.pfsyncr_syncdev[0] != '\0' ||
177 preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP)
180 if (preq.pfsyncr_syncdev[0] != '\0')
181 printf("pfsync: syncdev: %s ", preq.pfsyncr_syncdev);
182 if (preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP)
183 printf("syncpeer: %s ", inet_ntoa(preq.pfsyncr_syncpeer));
185 if (preq.pfsyncr_syncdev[0] != '\0' ||
186 preq.pfsyncr_syncpeer.s_addr != INADDR_PFSYNC_GROUP)
187 printf("maxupd: %d\n", preq.pfsyncr_maxupdates);
190 static struct cmd pfsync_cmds[] = {
191 DEF_CMD_ARG("syncdev", setpfsync_syncdev),
192 DEF_CMD("-syncdev", 1, unsetpfsync_syncdev),
193 DEF_CMD_ARG("syncif", setpfsync_syncdev),
194 DEF_CMD("-syncif", 1, unsetpfsync_syncdev),
195 DEF_CMD_ARG("syncpeer", setpfsync_syncpeer),
196 DEF_CMD("-syncpeer", 1, unsetpfsync_syncpeer),
197 DEF_CMD_ARG("maxupd", setpfsync_maxupd)
199 static struct afswtch af_pfsync = {
200 .af_name = "af_pfsync",
202 .af_other_status = pfsync_status,
205 static __constructor void
208 #define N(a) (sizeof(a) / sizeof(a[0]))
211 for (i = 0; i < N(pfsync_cmds); i++)
212 cmd_register(&pfsync_cmds[i]);
213 af_register(&af_pfsync);