Rivoreo Source Code Repositories
src.rivoreo.one / net / ipfilter / 3eb7953d8cd95f583c3b106763a202f2183fa56f / . / lib / printstate.c
blob: 4fef1a181846412d95ba4e458334f350df08bd8b [file] [log] [blame] [raw]
/*
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
#include "ipf.h"
#include "kmem.h"
#define PRINTF (void)printf
#define FPRINTF (void)fprintf
ipstate_t *printstate(sp, opts, now)
ipstate_t *sp;
int opts;
u_long now;
{
synclist_t ipsync;
if (sp->is_phnext == NULL)
PRINTF("ORPHAN ");
PRINTF("%s -> ", hostname(sp->is_v, &sp->is_src.in4));
PRINTF("%s pass %#x pr %d state %d/%d",
hostname(sp->is_v, &sp->is_dst.in4), sp->is_pass, sp->is_p,
sp->is_state[0], sp->is_state[1]);
if (opts & OPT_DEBUG)
PRINTF(" bkt %d ref %d", sp->is_hv, sp->is_ref);
PRINTF("\n\ttag %u ttl %lu", sp->is_tag, sp->is_die - now);
if (sp->is_p == IPPROTO_TCP) {
PRINTF("\n\t%hu -> %hu %x:%x %hu<<%d:%hu<<%d\n",
ntohs(sp->is_sport), ntohs(sp->is_dport),
sp->is_send, sp->is_dend,
sp->is_maxswin, sp->is_swinscale,
sp->is_maxdwin, sp->is_dwinscale);
PRINTF("\tcmsk %04x smsk %04x s0 %08x/%08x\n",
sp->is_smsk[0], sp->is_smsk[1],
sp->is_s0[0], sp->is_s0[1]);
PRINTF("\tFWD:ISN inc %x sumd %x\n",
sp->is_isninc[0], sp->is_sumd[0]);
PRINTF("\tREV:ISN inc %x sumd %x\n",
sp->is_isninc[1], sp->is_sumd[1]);
#ifdef IPFILTER_SCAN
PRINTF("\tsbuf[0] [");
printsbuf(sp->is_sbuf[0]);
PRINTF("] sbuf[1] [");
printsbuf(sp->is_sbuf[1]);
PRINTF("]\n");
#endif
} else if (sp->is_p == IPPROTO_UDP) {
PRINTF(" %hu -> %hu\n", ntohs(sp->is_sport),
ntohs(sp->is_dport));
} else if (sp->is_p == IPPROTO_GRE) {
PRINTF(" call %hx/%hx\n", ntohs(sp->is_gre.gs_call[0]),
ntohs(sp->is_gre.gs_call[1]));
} else if (sp->is_p == IPPROTO_ICMP
#ifdef USE_INET6
|| sp->is_p == IPPROTO_ICMPV6
#endif
)
PRINTF(" id %hu seq %hu type %d\n", sp->is_icmp.ici_id,
sp->is_icmp.ici_seq, sp->is_icmp.ici_type);
#ifdef USE_QUAD_T
PRINTF("\tforward: pkts in %qd bytes in %qd pkts out %qd bytes out %qd\n\tbackward: pkts in %qd bytes in %qd pkts out %qd bytes out %qd\n",
sp->is_pkts[0], sp->is_bytes[0],
sp->is_pkts[1], sp->is_bytes[1],
sp->is_pkts[2], sp->is_bytes[2],
sp->is_pkts[3], sp->is_bytes[3]);
#else
PRINTF("\tforward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n\tbackward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n",
sp->is_pkts[0], sp->is_bytes[0],
sp->is_pkts[1], sp->is_bytes[1],
sp->is_pkts[2], sp->is_bytes[2],
sp->is_pkts[3], sp->is_bytes[3]);
#endif
PRINTF("\t");
/*
* Print out bits set in the result code for the state being
* kept as they would for a rule.
*/
if (FR_ISPASS(sp->is_pass)) {
PRINTF("pass");
} else if (FR_ISBLOCK(sp->is_pass)) {
PRINTF("block");
switch (sp->is_pass & FR_RETMASK)
{
case FR_RETICMP :
PRINTF(" return-icmp");
break;
case FR_FAKEICMP :
PRINTF(" return-icmp-as-dest");
break;
case FR_RETRST :
PRINTF(" return-rst");
break;
default :
break;
}
} else if ((sp->is_pass & FR_LOGMASK) == FR_LOG) {
PRINTF("log");
if (sp->is_pass & FR_LOGBODY)
PRINTF(" body");
if (sp->is_pass & FR_LOGFIRST)
PRINTF(" first");
} else if (FR_ISACCOUNT(sp->is_pass)) {
PRINTF("count");
} else if (FR_ISPREAUTH(sp->is_pass)) {
PRINTF("preauth");
} else if (FR_ISAUTH(sp->is_pass))
PRINTF("auth");
if (sp->is_pass & FR_OUTQUE)
PRINTF(" out");
else
PRINTF(" in");
if ((sp->is_pass & FR_LOG) != 0) {
PRINTF(" log");
if (sp->is_pass & FR_LOGBODY)
PRINTF(" body");
if (sp->is_pass & FR_LOGFIRST)
PRINTF(" first");
if (sp->is_pass & FR_LOGORBLOCK)
PRINTF(" or-block");
}
if (sp->is_pass & FR_QUICK)
PRINTF(" quick");
if (sp->is_pass & FR_KEEPFRAG)
PRINTF(" keep frags");
/* a given; no? */
if (sp->is_pass & FR_KEEPSTATE) {
PRINTF(" keep state");
if (sp->is_pass & FR_STATESYNC)
PRINTF(" ( sync )");
}
PRINTF("\tIPv%d", sp->is_v);
PRINTF("\n");
PRINTF("\tpkt_flags & %x(%x) = %x,\t",
sp->is_flags & 0xf, sp->is_flags,
sp->is_flags >> 4);
PRINTF("\tpkt_options & %x = %x, %x = %x \n", sp->is_optmsk[0],
sp->is_opt[0], sp->is_optmsk[1], sp->is_opt[1]);
PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n",
sp->is_secmsk, sp->is_sec, sp->is_authmsk,
sp->is_auth);
PRINTF("\tis_flx %#x %#x %#x %#x\n", sp->is_flx[0][0], sp->is_flx[0][1],
sp->is_flx[1][0], sp->is_flx[1][1]);
PRINTF("\tinterfaces: in %s[%s", getifname(sp->is_ifp[0]),
sp->is_ifname[0]);
if (opts & OPT_DEBUG)
PRINTF("/%p", sp->is_ifp[0]);
putchar(']');
PRINTF(",%s[%s", getifname(sp->is_ifp[1]), sp->is_ifname[1]);
if (opts & OPT_DEBUG)
PRINTF("/%p", sp->is_ifp[1]);
putchar(']');
PRINTF(" out %s[%s", getifname(sp->is_ifp[2]), sp->is_ifname[2]);
if (opts & OPT_DEBUG)
PRINTF("/%p", sp->is_ifp[2]);
putchar(']');
PRINTF(",%s[%s", getifname(sp->is_ifp[3]), sp->is_ifname[3]);
if (opts & OPT_DEBUG)
PRINTF("/%p", sp->is_ifp[3]);
PRINTF("]\n");
if (sp->is_sync != NULL) {
if (kmemcpy((char *)&ipsync, (u_long)sp->is_sync, sizeof(ipsync))) {
PRINTF("\tSync status: status could not be retrieved\n");
return NULL;
}
PRINTF("\tSync status: idx %d num %d v %d pr %d rev %d\n",
ipsync.sl_idx, ipsync.sl_num, ipsync.sl_v,
ipsync.sl_p, ipsync.sl_rev);
} else {
PRINTF("\tSync status: not synchronized\n");
}
return sp->is_next;
}