diff options
| author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-12-28 17:18:59 +0000 |
|---|---|---|
| committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-12-28 17:18:59 +0000 |
| commit | 4014ff0edbe22947d096b8709f129fe07db44924 (patch) | |
| tree | 8efaf0cbf6f3398f9dd011094b7bb8c469e247da /usr.sbin | |
| parent | 6ec2b280f8cc47f17cea14e3904954ba27ad6256 (diff) | |
Add a new PFSYNC_ACT_UREQ message type.
A pfsync system which recieves a partial update for a state it cannot
find can now request a full version of the update, and insert it.
pfsync'd firewalls now converge more gracefully if one is missing some
states (due to reset, lost insert packets, etc).
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/tcpdump/print-pfsync.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/usr.sbin/tcpdump/print-pfsync.c b/usr.sbin/tcpdump/print-pfsync.c index 3d8dc3c7861..d5a455a31e1 100644 --- a/usr.sbin/tcpdump/print-pfsync.c +++ b/usr.sbin/tcpdump/print-pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-pfsync.c,v 1.16 2003/12/27 19:50:47 mcbride Exp $ */ +/* $OpenBSD: print-pfsync.c,v 1.17 2003/12/28 17:18:58 mcbride Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -28,7 +28,7 @@ #ifndef lint static const char rcsid[] = - "@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/print-pfsync.c,v 1.16 2003/12/27 19:50:47 mcbride Exp $"; + "@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/print-pfsync.c,v 1.17 2003/12/28 17:18:58 mcbride Exp $"; #endif #include <sys/param.h> @@ -107,6 +107,8 @@ pfsync_print(struct pfsync_header *hdr, int len) struct pfsync_state *s; struct pfsync_state_upd *u; struct pfsync_state_del *d; + struct pfsync_state_clr *c; + struct pfsync_state_upd_req *r; int i, flags; if (eflag) @@ -125,6 +127,11 @@ pfsync_print(struct pfsync_header *hdr, int len) flags |= PF_OPT_USEDNS; switch (hdr->action) { + case PFSYNC_ACT_CLR: + if (sizeof(*c) <= len) { + c = (void *)((char *)hdr + PFSYNC_HDRLEN); + printf("\tcreatorid: %08x\n", htonl(c->creatorid)); + } case PFSYNC_ACT_INS: case PFSYNC_ACT_UPD: case PFSYNC_ACT_DEL: @@ -174,6 +181,13 @@ pfsync_print(struct pfsync_header *hdr, int len) betoh64(d->id), htonl(d->creatorid)); } break; + case PFSYNC_REQ_UPD: + for (i = 1, r = (void *)((char *)hdr + PFSYNC_HDRLEN); + i <= hdr->count && i * sizeof(*r) <= len; i++, d++) { + printf("\tid: %016llx creatorid: %08x\n", + betoh64(r->id), htonl(r->creatorid)); + } + break; default: break; } |