File Manager

003 File Manager

Current Path: /usr/src/contrib/ipfilter/lib

📁 ..
📄 Makefile(18.78 KB)
📄 addicmp.c(446 B)
📄 addipopt.c(1.14 KB)
📄 alist_free.c(334 B)
📄 alist_new.c(1.59 KB)
📄 allocmbt.c(383 B)
📄 assigndefined.c(452 B)
📄 bcopywrap.c(274 B)
📄 binprint.c(411 B)
📄 buildopts.c(823 B)
📄 checkrev.c(803 B)
📄 connecttcp.c(911 B)
📄 count4bits.c(621 B)
📄 count6bits.c(376 B)
📄 debug.c(556 B)
📄 dupmbt.c(482 B)
📄 facpri.c(2.62 KB)
📄 facpri.h(629 B)
📄 familyname.c(184 B)
📄 fill6bits.c(744 B)
📄 findword.c(413 B)
📄 flags.c(414 B)
📄 freembt.c(233 B)
📄 ftov.c(204 B)
📄 gethost.c(1.42 KB)
📄 geticmptype.c(452 B)
📄 getifname.c(957 B)
📄 getnattype.c(1.15 KB)
📄 getport.c(1.75 KB)
📄 getportproto.c(621 B)
📄 getproto.c(462 B)
📄 getsumd.c(344 B)
📄 hostname.c(1.2 KB)
📄 icmpcode.c(493 B)
📄 icmptypename.c(494 B)
📄 icmptypes.c(3.34 KB)
📄 inet_addr.c(6.1 KB)
📄 initparse.c(300 B)
📄 interror.c(26.29 KB)
📄 ionames.c(1.57 KB)
📄 ipf_dotuning.c(1.61 KB)
📄 ipf_perror.c(698 B)
📄 ipft_hx.c(3.13 KB)
📄 ipft_pc.c(4.41 KB)
📄 ipft_tx.c(10.09 KB)
📄 ipoptsec.c(1.15 KB)
📄 kmem.c(1.85 KB)
📄 kmem.h(504 B)
📄 kmemcpywrap.c(314 B)
📄 kvatoname.c(672 B)
📄 load_dstlist.c(1.65 KB)
📄 load_dstlistnode.c(1.47 KB)
📄 load_file.c(1.56 KB)
📄 load_hash.c(2.29 KB)
📄 load_hashnode.c(1.35 KB)
📄 load_http.c(4.02 KB)
📄 load_pool.c(1.59 KB)
📄 load_poolnode.c(1.4 KB)
📄 load_url.c(542 B)
📄 mb_hexdump.c(541 B)
📄 msgdsize.c(333 B)
📄 mutex_emul.c(2.66 KB)
📄 nametokva.c(645 B)
📄 nat_setgroupmap.c(756 B)
📄 ntomask.c(635 B)
📄 optname.c(1.13 KB)
📄 optprint.c(1.73 KB)
📄 optprintv6.c(894 B)
📄 optvalue.c(520 B)
📄 parsefields.c(984 B)
📄 parseipfexpr.c(6.19 KB)
📄 parsewhoisline.c(2.72 KB)
📄 poolio.c(704 B)
📄 portname.c(902 B)
📄 prependmbt.c(307 B)
📄 print_toif.c(882 B)
📄 printactiveaddr.c(643 B)
📄 printactivenat.c(4.18 KB)
📄 printaddr.c(1.16 KB)
📄 printaps.c(3.53 KB)
📄 printbuf.c(414 B)
📄 printdstl_live.c(1.72 KB)
📄 printdstlist.c(1.04 KB)
📄 printdstlistdata.c(974 B)
📄 printdstlistnode.c(1.73 KB)
📄 printdstlistpolicy.c(454 B)
📄 printfieldhdr.c(972 B)
📄 printfr.c(10.73 KB)
📄 printfraginfo.c(801 B)
📄 printhash.c(1.04 KB)
📄 printhash_live.c(1.4 KB)
📄 printhashdata.c(1.93 KB)
📄 printhashnode.c(2.32 KB)
📄 printhost.c(553 B)
📄 printhostmap.c(626 B)
📄 printhostmask.c(612 B)
📄 printifname.c(339 B)
📄 printip.c(690 B)
📄 printipfexpr.c(3.58 KB)
📄 printiphdr.c(462 B)
📄 printlog.c(650 B)
📄 printlookup.c(700 B)
📄 printmask.c(450 B)
📄 printnat.c(8.69 KB)
📄 printnataddr.c(992 B)
📄 printnatfield.c(3.2 KB)
📄 printnatside.c(2.51 KB)
📄 printpacket.c(2.06 KB)
📄 printpacket6.c(1.29 KB)
📄 printpool.c(1.2 KB)
📄 printpool_live.c(1.39 KB)
📄 printpooldata.c(1.08 KB)
📄 printpoolfield.c(3.42 KB)
📄 printpoolnode.c(1.66 KB)
📄 printportcmp.c(632 B)
📄 printproto.c(750 B)
📄 printsbuf.c(542 B)
📄 printstate.c(5.74 KB)
📄 printstatefields.c(5.24 KB)
📄 printtcpflags.c(451 B)
📄 printtqtable.c(430 B)
📄 printtunable.c(649 B)
📄 printunit.c(652 B)
📄 remove_hash.c(1 KB)
📄 remove_hashnode.c(1.11 KB)
📄 remove_pool.c(947 B)
📄 remove_poolnode.c(1.08 KB)
📄 resetlexer.c(331 B)
📄 rwlock_emul.c(3.47 KB)
📄 save_execute.c(1.14 KB)
📄 save_file.c(1.88 KB)
📄 save_nothing.c(821 B)
📄 save_syslog.c(2.2 KB)
📄 save_v1trap.c(7.93 KB)
📄 save_v2trap.c(7.98 KB)
📄 tcp_flags.c(770 B)
📄 tcpflags.c(594 B)
📄 tcpoptnames.c(513 B)
📄 v6ionames.c(636 B)
📄 v6optvalue.c(577 B)
📄 var.c(2.92 KB)
📄 verbose.c(511 B)
📄 vtof.c(204 B)

Editing: printfr.c

/*	$FreeBSD$	*/

/*
 * Copyright (C) 2012 by Darren Reed.
 *
 * See the IPFILTER.LICENCE file for details on licencing.
 *
 * $Id$
 */

#include "ipf.h"

/*
 * print the filter structure in a useful way
 */
void
printfr(fp, iocfunc)
	struct	frentry	*fp;
	ioctlfunc_t	iocfunc;
{
	struct protoent	*p;
	u_short	sec[2];
	u_32_t type;
	int pr, af;
	char *s;
	int hash;

pr = -2;
	type = fp->fr_type & ~FR_T_BUILTIN;

if ((fp->fr_type & FR_T_BUILTIN) != 0)
		PRINTF("# Builtin: ");

if (fp->fr_collect != 0)
		PRINTF("%u ", fp->fr_collect);

if (fp->fr_type == FR_T_CALLFUNC) {
		;
	} else if (fp->fr_func != NULL) {
		PRINTF("call");
		if ((fp->fr_flags & FR_CALLNOW) != 0)
			PRINTF(" now");
		s = kvatoname(fp->fr_func, iocfunc);
		PRINTF(" %s/%u", s ? s : "?", fp->fr_arg);
	} else if (FR_ISPASS(fp->fr_flags))
		PRINTF("pass");
	else if (FR_ISBLOCK(fp->fr_flags)) {
		PRINTF("block");
	} else if ((fp->fr_flags & FR_LOGMASK) == FR_LOG) {
		printlog(fp);
	} else if (FR_ISACCOUNT(fp->fr_flags))
		PRINTF("count");
	else if (FR_ISAUTH(fp->fr_flags))
		PRINTF("auth");
	else if (FR_ISPREAUTH(fp->fr_flags))
		PRINTF("preauth");
	else if (FR_ISNOMATCH(fp->fr_flags))
		PRINTF("nomatch");
	else if (FR_ISDECAPS(fp->fr_flags))
		PRINTF("decapsulate");
	else if (FR_ISSKIP(fp->fr_flags))
		PRINTF("skip %u", fp->fr_arg);
	else {
		PRINTF("%x", fp->fr_flags);
	}
	if (fp->fr_flags & FR_RETICMP) {
		if ((fp->fr_flags & FR_RETMASK) == FR_FAKEICMP)
			PRINTF(" return-icmp-as-dest");
		else if ((fp->fr_flags & FR_RETMASK) == FR_RETICMP)
			PRINTF(" return-icmp");
		if (fp->fr_icode) {
			if (fp->fr_icode <= MAX_ICMPCODE)
				PRINTF("(%s)",
					icmpcodes[(int)fp->fr_icode]);
			else
				PRINTF("(%d)", fp->fr_icode);
		}
	} else if ((fp->fr_flags & FR_RETMASK) == FR_RETRST)
		PRINTF(" return-rst");

if (fp->fr_flags & FR_OUTQUE)
		PRINTF(" out ");
	else if (fp->fr_flags & FR_INQUE)
		PRINTF(" in ");

if (((fp->fr_flags & FR_LOGB) == FR_LOGB) ||
	    ((fp->fr_flags & FR_LOGP) == FR_LOGP)) {
		printlog(fp);
		putchar(' ');
	}

if (fp->fr_flags & FR_QUICK)
		PRINTF("quick ");

if (fp->fr_ifnames[0] != -1) {
		printifname("on ", fp->fr_names + fp->fr_ifnames[0],
			    fp->fr_ifa);
		if (fp->fr_ifnames[1] != -1 &&
		    strcmp(fp->fr_names + fp->fr_ifnames[1], "*"))
			printifname(",", fp->fr_names + fp->fr_ifnames[1],
				    fp->fr_ifas[1]);
		putchar(' ');
	}

if (fp->fr_tif.fd_name != -1)
		print_toif(fp->fr_family, "to", fp->fr_names, &fp->fr_tif);
	if (fp->fr_dif.fd_name != -1)
		print_toif(fp->fr_family, "dup-to", fp->fr_names,
			   &fp->fr_dif);
	if (fp->fr_rif.fd_name != -1)
		print_toif(fp->fr_family, "reply-to", fp->fr_names,
			   &fp->fr_rif);
	if (fp->fr_flags & FR_FASTROUTE)
		PRINTF("fastroute ");

if ((fp->fr_ifnames[2] != -1 &&
	     strcmp(fp->fr_names + fp->fr_ifnames[2], "*")) ||
	    (fp->fr_ifnames[3] != -1 &&
		 strcmp(fp->fr_names + fp->fr_ifnames[3], "*"))) {
		if (fp->fr_flags & FR_OUTQUE)
			PRINTF("in-via ");
		else
			PRINTF("out-via ");

if (fp->fr_ifnames[2] != -1) {
			printifname("", fp->fr_names + fp->fr_ifnames[2],
				    fp->fr_ifas[2]);
			if (fp->fr_ifnames[3] != -1) {
				printifname(",",
					    fp->fr_names + fp->fr_ifnames[3],
					    fp->fr_ifas[3]);
			}
			putchar(' ');
		}
	}

if (fp->fr_family == AF_INET) {
		PRINTF("inet ");
		af = AF_INET;
#ifdef USE_INET6
	} else if (fp->fr_family == AF_INET6) {
		PRINTF("inet6 ");
		af = AF_INET6;
#endif
	} else {
		af = -1;
	}

if (type == FR_T_IPF) {
		if (fp->fr_mip.fi_tos)
			PRINTF("tos %#x ", fp->fr_tos);
		if (fp->fr_mip.fi_ttl)
			PRINTF("ttl %d ", fp->fr_ttl);
		if (fp->fr_flx & FI_TCPUDP) {
			PRINTF("proto tcp/udp ");
			pr = -1;
		} else if (fp->fr_mip.fi_p) {
			pr = fp->fr_ip.fi_p;
			p = getprotobynumber(pr);
			PRINTF("proto ");
			printproto(p, pr, NULL);
			putchar(' ');
		}
	}

switch (type)
	{
	case FR_T_NONE :
		PRINTF("all");
		break;

case FR_T_IPF :
		PRINTF("from %s", fp->fr_flags & FR_NOTSRCIP ? "!" : "");
		printaddr(af, fp->fr_satype, fp->fr_names, fp->fr_ifnames[0],
			  &fp->fr_src.s_addr, &fp->fr_smsk.s_addr);
		if (fp->fr_scmp)
			printportcmp(pr, &fp->fr_tuc.ftu_src);

PRINTF(" to %s", fp->fr_flags & FR_NOTDSTIP ? "!" : "");
		printaddr(af, fp->fr_datype, fp->fr_names, fp->fr_ifnames[0],
			  &fp->fr_dst.s_addr, &fp->fr_dmsk.s_addr);
		if (fp->fr_dcmp)
			printportcmp(pr, &fp->fr_tuc.ftu_dst);

if (((fp->fr_proto == IPPROTO_ICMP) ||
		     (fp->fr_proto == IPPROTO_ICMPV6)) && fp->fr_icmpm) {
			int	type = fp->fr_icmp, code;
			char	*name;

type = ntohs(fp->fr_icmp);
			code = type & 0xff;
			type /= 256;
			name = icmptypename(fp->fr_family, type);
			if (name == NULL)
				PRINTF(" icmp-type %d", type);
			else
				PRINTF(" icmp-type %s", name);
			if (ntohs(fp->fr_icmpm) & 0xff)
				PRINTF(" code %d", code);
		}
		if ((fp->fr_proto == IPPROTO_TCP) &&
		    (fp->fr_tcpf || fp->fr_tcpfm)) {
			PRINTF(" flags ");
			printtcpflags(fp->fr_tcpf, fp->fr_tcpfm);
		}
		break;

case FR_T_BPFOPC :
	    {
		fakebpf_t *fb;
		int i;

PRINTF("bpf-v%d { \"", fp->fr_family);
		i = fp->fr_dsize / sizeof(*fb);

for (fb = fp->fr_data, s = ""; i; i--, fb++, s = " ")
			PRINTF("%s%#x %#x %#x %#x", s, fb->fb_c, fb->fb_t,
			       fb->fb_f, fb->fb_k);

PRINTF("\" }");
		break;
	    }

case FR_T_COMPIPF :
		break;

case FR_T_CALLFUNC :
		PRINTF("call function at %p", fp->fr_data);
		break;

case FR_T_IPFEXPR :
		PRINTF("exp { \"");
		printipfexpr(fp->fr_data);
		PRINTF("\" } ");
		break;

default :
		PRINTF("[unknown filter type %#x]", fp->fr_type);
		break;
	}

if ((type == FR_T_IPF) &&
	    ((fp->fr_flx & FI_WITH) || (fp->fr_mflx & FI_WITH) ||
	     fp->fr_optbits || fp->fr_optmask ||
	     fp->fr_secbits || fp->fr_secmask)) {
		char *comma = " ";

PRINTF(" with");
		if (fp->fr_optbits || fp->fr_optmask ||
		    fp->fr_secbits || fp->fr_secmask) {
			sec[0] = fp->fr_secmask;
			sec[1] = fp->fr_secbits;
			if (fp->fr_family == AF_INET)
				optprint(sec, fp->fr_optmask, fp->fr_optbits);
#ifdef	USE_INET6
			else
				optprintv6(sec, fp->fr_optmask,
					   fp->fr_optbits);
#endif
		} else if (fp->fr_mflx & FI_OPTIONS) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_OPTIONS))
				PRINTF("not ");
			PRINTF("ipopts");
			comma = ",";
		}
		if (fp->fr_mflx & FI_SHORT) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_SHORT))
				PRINTF("not ");
			PRINTF("short");
			comma = ",";
		}
		if (fp->fr_mflx & FI_FRAG) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_FRAG))
				PRINTF("not ");
			PRINTF("frag");
			comma = ",";
		}
		if (fp->fr_mflx & FI_FRAGBODY) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_FRAGBODY))
				PRINTF("not ");
			PRINTF("frag-body");
			comma = ",";
		}
		if (fp->fr_mflx & FI_NATED) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_NATED))
				PRINTF("not ");
			PRINTF("nat");
			comma = ",";
		}
		if (fp->fr_mflx & FI_LOWTTL) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_LOWTTL))
				PRINTF("not ");
			PRINTF("lowttl");
			comma = ",";
		}
		if (fp->fr_mflx & FI_BAD) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_BAD))
				PRINTF("not ");
			PRINTF("bad");
			comma = ",";
		}
		if (fp->fr_mflx & FI_BADSRC) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_BADSRC))
				PRINTF("not ");
			PRINTF("bad-src");
			comma = ",";
		}
		if (fp->fr_mflx & FI_BADNAT) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_BADNAT))
				PRINTF("not ");
			PRINTF("bad-nat");
			comma = ",";
		}
		if (fp->fr_mflx & FI_OOW) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_OOW))
				PRINTF("not ");
			PRINTF("oow");
			comma = ",";
		}
		if (fp->fr_mflx & FI_MBCAST) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_MBCAST))
				PRINTF("not ");
			PRINTF("mbcast");
			comma = ",";
		}
		if (fp->fr_mflx & FI_BROADCAST) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_BROADCAST))
				PRINTF("not ");
			PRINTF("bcast");
			comma = ",";
		}
		if (fp->fr_mflx & FI_MULTICAST) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_MULTICAST))
				PRINTF("not ");
			PRINTF("mcast");
			comma = ",";
		}
		if (fp->fr_mflx & FI_STATE) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_STATE))
				PRINTF("not ");
			PRINTF("state");
			comma = ",";
		}
		if (fp->fr_mflx & FI_V6EXTHDR) {
			fputs(comma, stdout);
			if (!(fp->fr_flx & FI_V6EXTHDR))
				PRINTF("not ");
			PRINTF("v6hdrs");
			comma = ",";
		}
	}

if (fp->fr_flags & FR_KEEPSTATE) {
		host_track_t *src = &fp->fr_srctrack;
		PRINTF(" keep state");
		if ((fp->fr_flags & (FR_STSTRICT|FR_NEWISN|
				     FR_NOICMPERR|FR_STATESYNC)) ||
		    (fp->fr_statemax != 0) || (fp->fr_age[0] != 0) ||
		    (src->ht_max_nodes != 0)) {
			char *comma = "";
			PRINTF(" (");
			if (fp->fr_statemax != 0) {
				PRINTF("limit %u", fp->fr_statemax);
				comma = ",";
			}
			if (src->ht_max_nodes != 0) {
				PRINTF("%smax-nodes %d", comma,
				       src->ht_max_nodes);
				if (src->ht_max_per_node)
					PRINTF(", max-per-src %d/%d",
					       src->ht_max_per_node,
					       src->ht_netmask);
				comma = ",";
			}
			if (fp->fr_flags & FR_STSTRICT) {
				PRINTF("%sstrict", comma);
				comma = ",";
			}
			if (fp->fr_flags & FR_STLOOSE) {
				PRINTF("%sloose", comma);
				comma = ",";
			}
			if (fp->fr_flags & FR_NEWISN) {
				PRINTF("%snewisn", comma);
				comma = ",";
			}
			if (fp->fr_flags & FR_NOICMPERR) {
				PRINTF("%sno-icmp-err", comma);
				comma = ",";
			}
			if (fp->fr_flags & FR_STATESYNC) {
				PRINTF("%ssync", comma);
				comma = ",";
			}
			if (fp->fr_age[0] || fp->fr_age[1])
				PRINTF("%sage %d/%d", comma, fp->fr_age[0],
				       fp->fr_age[1]);
			PRINTF(")");
		}
	}
	if (fp->fr_flags & FR_KEEPFRAG) {
		PRINTF(" keep frags");
		if (fp->fr_flags & (FR_FRSTRICT)) {
			PRINTF(" (");
			if (fp->fr_flags & FR_FRSTRICT)
				PRINTF("strict");
			PRINTF(")");

}
	}
	if (fp->fr_isc != (struct ipscan *)-1) {
		if (fp->fr_isctag != -1)
			PRINTF(" scan %s", fp->fr_isctag + fp->fr_names);
		else
			PRINTF(" scan *");
	}
	if (fp->fr_grhead != -1)
		PRINTF(" head %s", fp->fr_names + fp->fr_grhead);
	if (fp->fr_group != -1)
		PRINTF(" group %s", fp->fr_names + fp->fr_group);
	if (fp->fr_logtag != FR_NOLOGTAG || *fp->fr_nattag.ipt_tag) {
		char *s = "";

PRINTF(" set-tag(");
		if (fp->fr_logtag != FR_NOLOGTAG) {
			PRINTF("log=%u", fp->fr_logtag);
			s = ", ";
		}
		if (*fp->fr_nattag.ipt_tag) {
			PRINTF("%snat=%-.*s", s, IPFTAG_LEN,
				fp->fr_nattag.ipt_tag);
		}
		PRINTF(")");
	}

if (fp->fr_pps)
		PRINTF(" pps %d", fp->fr_pps);

if (fp->fr_comment != -1)
		PRINTF(" comment \"%s\"", fp->fr_names + fp->fr_comment);

hash = 0;
	if ((fp->fr_flags & FR_KEEPSTATE) && (opts & OPT_VERBOSE)) {
		PRINTF(" # count %d", fp->fr_statecnt);
		if (fp->fr_die != 0)
			PRINTF(" rule-ttl %u", fp->fr_die);
		hash = 1;
	} else if (fp->fr_die != 0) {
		PRINTF(" # rule-ttl %u", fp->fr_die);
		hash = 1;
	}
	if (opts & OPT_DEBUG) {
		if (hash == 0)
			putchar('#');
		PRINTF(" ref %d", fp->fr_ref);
	}
	(void)putchar('\n');
}

003 File Manager

Editing: printfr.c

Upload File

Create Folder