diff options
author | Michael Shalayeff <mickey@cvs.openbsd.org> | 2002-11-29 18:27:55 +0000 |
---|---|---|
committer | Michael Shalayeff <mickey@cvs.openbsd.org> | 2002-11-29 18:27:55 +0000 |
commit | 17ca6171958bd50bac72f467792006f0347159a5 (patch) | |
tree | 6579415a2458fd61da66dab70c993b99da69bfb5 /usr.sbin/tcpdump | |
parent | 9f068907d7c2fd3327baf5ca6957f17a3d51f933 (diff) |
tcpdump support for pfsync; henning@ ok
Diffstat (limited to 'usr.sbin/tcpdump')
-rw-r--r-- | usr.sbin/tcpdump/Makefile | 6 | ||||
-rw-r--r-- | usr.sbin/tcpdump/interface.h | 6 | ||||
-rw-r--r-- | usr.sbin/tcpdump/print-pfsync.c | 130 | ||||
-rw-r--r-- | usr.sbin/tcpdump/tcpdump.c | 9 |
4 files changed, 143 insertions, 8 deletions
diff --git a/usr.sbin/tcpdump/Makefile b/usr.sbin/tcpdump/Makefile index 5bd85a3e1f3..b3eac9abc64 100644 --- a/usr.sbin/tcpdump/Makefile +++ b/usr.sbin/tcpdump/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.35 2002/09/18 08:51:17 jakob Exp $ +# $OpenBSD: Makefile,v 1.36 2002/11/29 18:27:54 mickey Exp $ # # Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994 # The Regents of the University of California. All rights reserved. @@ -23,7 +23,8 @@ PROG= tcpdump MAN= tcpdump.8 -CFLAGS+=-Wall -Werror +CFLAGS+=-Wall -Werror -I${.CURDIR}/../../sbin/pfctl +.PATH: ${.CURDIR}/../../sbin/pfctl CFLAGS+=-DCSLIP -DPPP -DHAVE_FDDI -DETHER_SERVICE -DRETSIGTYPE=void -DHAVE_NET_SLIP_H -DHAVE_ETHER_NTOHOST -DINET6 .if (${MACHINE_ARCH} == "alpha") || (${MACHINE_ARCH} == "sparc") || \ @@ -48,6 +49,7 @@ SRCS= tcpdump.c addrtoname.c \ print-ip6.c print-ip6opts.c print-icmp6.c print-dhcp6.c print-frag6.c \ print-bgp.c print-ospf6.c print-ripng.c print-rt6.c print-stp.c \ print-etherip.c print-lwres.c print-cdp.c print-pflog.c \ + print-pfsync.c pf_print_state.c \ gmt2local.c savestr.c setsignal.c #SRCS+= smbutil.c print-smb.c diff --git a/usr.sbin/tcpdump/interface.h b/usr.sbin/tcpdump/interface.h index 4f576f1c605..74903d916fc 100644 --- a/usr.sbin/tcpdump/interface.h +++ b/usr.sbin/tcpdump/interface.h @@ -1,4 +1,4 @@ -/* $OpenBSD: interface.h,v 1.32 2002/07/12 23:18:12 pvalchev Exp $ */ +/* $OpenBSD: interface.h,v 1.33 2002/11/29 18:27:54 mickey Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 @@ -20,7 +20,7 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/interface.h,v 1.32 2002/07/12 23:18:12 pvalchev Exp $ (LBL) + * @(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/interface.h,v 1.33 2002/11/29 18:27:54 mickey Exp $ (LBL) */ #ifndef tcpdump_interface_h @@ -195,6 +195,8 @@ extern void egp_print(const u_char *, u_int, const u_char *); extern void enc_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void pflog_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); +extern void pfsync_if_print(u_char *, const struct pcap_pkthdr *, + const u_char *); extern void ether_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); extern void fddi_if_print(u_char *, const struct pcap_pkthdr *, const u_char *); diff --git a/usr.sbin/tcpdump/print-pfsync.c b/usr.sbin/tcpdump/print-pfsync.c new file mode 100644 index 00000000000..b7fff5a065b --- /dev/null +++ b/usr.sbin/tcpdump/print-pfsync.c @@ -0,0 +1,130 @@ +/* $OpenBSD: print-pfsync.c,v 1.1 2002/11/29 18:27:54 mickey Exp $ */ + +/* + * Copyright (c) 2002 Michael Shalayeff + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef lint +static const char rcsid[] = + "@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/print-pfsync.c,v 1.1 2002/11/29 18:27:54 mickey Exp $"; +#endif + +#include <sys/param.h> +#include <sys/time.h> +#include <sys/socket.h> +#include <sys/file.h> +#include <sys/ioctl.h> +#include <sys/mbuf.h> + +#ifdef __STDC__ +struct rtentry; +#endif +#include <net/if.h> + +#include <netinet/in.h> +#include <netinet/in_systm.h> +#include <netinet/ip.h> + +#include <net/pfvar.h> +#include <net/if_pfsync.h> + +#include <ctype.h> +#include <netdb.h> +#include <pcap.h> +#include <signal.h> +#include <stdio.h> + +#include "interface.h" +#include "addrtoname.h" +#include "pfctl_parser.h" +#include "pf_print_state.h" + +const char *pfsync_acts[] = { PFSYNC_ACTIONS }; + +void +pfsync_if_print(u_char *user, const struct pcap_pkthdr *h, + register const u_char *p) +{ + /*u_int length = h->len;*/ + u_int caplen = h->caplen; + struct pfsync_header *hdr; + struct pf_state *s; + int i, flags; + + ts_print(&h->ts); + + if (caplen < PFSYNC_HDRLEN) { + printf("[|pflog]"); + goto out; + } + + packetp = p; + snapend = p + caplen; + + hdr = (struct pfsync_header *)p; + if (eflag) + printf("version %d count %d: ", + hdr->version, hdr->count); + + if (hdr->action < PFSYNC_ACT_MAX) + printf("%s: ", pfsync_acts[hdr->action]); + else + printf("%d?: ", hdr->action); + + flags = 0; + if (vflag) + flags |= PF_OPT_VERBOSE; + if (!nflag) + flags |= PF_OPT_USEDNS; + + for (i = 1, s = (struct pf_state *)(p + PFSYNC_HDRLEN); + i <= hdr->count && PFSYNC_HDRLEN + i * sizeof(*s) <= caplen; + i++, s++) { + struct pf_state st; + + st.lan = s->lan; NTOHS(st.lan.port); + st.gwy = s->gwy; NTOHS(st.gwy.port); + st.ext = s->ext; NTOHS(st.ext.port); + pf_state_peer_ntoh(&s->src, &st.src); + pf_state_peer_ntoh(&s->dst, &st.dst); + st.rule.nr = ntohl(s->rule.nr); + st.rt_addr = s->rt_addr; + st.creation = ntohl(s->creation); + st.expire = ntohl(s->expire); + st.packets = ntohl(s->packets); + st.bytes = ntohl(s->bytes); + st.af = s->af; + st.proto = s->proto; + st.direction = s->direction; + st.log = s->log; + st.allow_opts = s->allow_opts; + + printf("rule %d ", st.rule.nr); + + print_state(&st, flags); + } +out: + putchar('\n'); +} diff --git a/usr.sbin/tcpdump/tcpdump.c b/usr.sbin/tcpdump/tcpdump.c index e0d54022e79..112fd700714 100644 --- a/usr.sbin/tcpdump/tcpdump.c +++ b/usr.sbin/tcpdump/tcpdump.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcpdump.c,v 1.27 2002/01/23 23:32:20 mickey Exp $ */ +/* $OpenBSD: tcpdump.c,v 1.28 2002/11/29 18:27:54 mickey Exp $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 @@ -26,7 +26,7 @@ static const char copyright[] = "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997\n\ The Regents of the University of California. All rights reserved.\n"; static const char rcsid[] = - "@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/tcpdump.c,v 1.27 2002/01/23 23:32:20 mickey Exp $ (LBL)"; + "@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/tcpdump.c,v 1.28 2002/11/29 18:27:54 mickey Exp $ (LBL)"; #endif /* @@ -98,7 +98,7 @@ struct printer { #define DLT_ATM_RFC1483 11 #endif -static struct printer printers[] = { +static const struct printer printers[] = { { ether_if_print, DLT_EN10MB }, { ether_if_print, DLT_IEEE802 }, { sl_if_print, DLT_SLIP }, @@ -111,13 +111,14 @@ static struct printer printers[] = { { loop_if_print, DLT_LOOP }, { enc_if_print, DLT_ENC }, { pflog_if_print, DLT_PFLOG }, + { pfsync_if_print, DLT_PFSYNC }, { NULL, 0 }, }; static pcap_handler lookup_printer(int type) { - struct printer *p; + const struct printer *p; for (p = printers; p->f; ++p) if (type == p->type) |