diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2001-08-18 21:09:14 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2001-08-18 21:09:14 +0000 |
| commit | a2b4251cf4433ff7ff3616c4b52db4bf1868ff0c (patch) | |
| tree | 841042af150ee5b833c34c11defaaa4a1c2e6461 /sys | |
| parent | bf1f8f839edfa6e8cfeab821d16b873eeac5d5f4 (diff) | |
make pfctl -s state SCREAM; frantzen is now happy
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/pf.c | 49 | ||||
| -rw-r--r-- | sys/net/pfvar.h | 13 |
2 files changed, 59 insertions, 3 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index 909ab981a66..ef8ba7ad847 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,7 +1,7 @@ -/* $OpenBSD: pf.c,v 1.123 2001/08/11 12:05:00 dhartmei Exp $ */ +/* $OpenBSD: pf.c,v 1.124 2001/08/18 21:09:13 deraadt Exp $ */ /* - * Copyright (c) 2001, Daniel Hartmeier + * Copyright (c) 2001 Daniel Hartmeier * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -1117,6 +1117,50 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) break; } + case DIOCGETSTATES: { + struct pfioc_states *ps = (struct pfioc_states *)addr; + struct pf_tree_node *n; + struct pf_state *p, pstore; + u_int32_t nr = 0; + int space = ps->ps_len; + + if (space == 0) { + s = splsoftnet(); + n = pf_tree_first(tree_ext_gwy); + while (n != NULL) { + n = pf_tree_next(n); + nr++; + } + splx(s); + ps->ps_len = sizeof(struct pf_state) * nr; + return (0); + } + + microtime(&pftv); + s = splsoftnet(); + p = ps->ps_states; + n = pf_tree_first(tree_ext_gwy); + while (n && (nr + 1) * sizeof(*p) <= ps->ps_len) { + bcopy(n->state, &pstore, sizeof(pstore)); + pstore.creation = pftv.tv_sec - pstore.creation; + if (pstore.expire <= pftv.tv_sec) + pstore.expire = 0; + else + pstore.expire -= pftv.tv_sec; + error = copyout(&pstore, p, sizeof(*p)); + if (error) { + splx(s); + goto fail; + } + p++; + nr++; + n = pf_tree_next(n); + } + ps->ps_len = sizeof(struct pf_state) * nr; + splx(s); + break; + } + case DIOCSETSTATUSIF: { struct pfioc_if *pi = (struct pfioc_if *)addr; struct ifnet *ifp; @@ -1200,6 +1244,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) error = ENODEV; break; } +fail: return (error); } diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 2724ffdc7ce..65536ff80c1 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.39 2001/08/11 12:04:59 dhartmei Exp $ */ +/* $OpenBSD: pfvar.h,v 1.40 2001/08/18 21:09:13 deraadt Exp $ */ /* * Copyright (c) 2001, Daniel Hartmeier @@ -264,6 +264,16 @@ struct pfioc_state { struct pf_state state; }; +struct pfioc_states { + int ps_len; + union { + caddr_t psu_buf; + struct pf_state *psu_states; + } ps_u; +#define ps_buf ps_u.psu_buf +#define ps_states ps_u.psu_states +}; + struct pfioc_if { char ifname[IFNAMSIZ]; }; @@ -296,6 +306,7 @@ struct pfioc_if { #define DIOCCLRSTATUS _IO ('D', 22) #define DIOCNATLOOK _IOWR('D', 23, struct pf_natlook) #define DIOCSETDEBUG _IOWR('D', 24, u_int32_t) +#define DIOCGETSTATES _IOWR('D', 25, struct pfioc_states) #ifdef _KERNEL |