diff options
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/ifconfig/ifconfig.c | 93 | ||||
| -rw-r--r-- | sbin/pfctl/parse.y | 15 | ||||
| -rw-r--r-- | sbin/pfctl/pf_print_state.c | 10 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl.c | 20 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 3 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_parser.h | 3 |
6 files changed, 135 insertions, 9 deletions
diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c index f74d17d06a7..7babe138462 100644 --- a/sbin/ifconfig/ifconfig.c +++ b/sbin/ifconfig/ifconfig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ifconfig.c,v 1.86 2003/12/08 09:09:03 markus Exp $ */ +/* $OpenBSD: ifconfig.c,v 1.87 2003/12/15 07:11:29 mcbride Exp $ */ /* $NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $ */ /* @@ -77,7 +77,7 @@ static const char copyright[] = #if 0 static const char sccsid[] = "@(#)ifconfig.c 8.2 (Berkeley) 2/16/94"; #else -static const char rcsid[] = "$OpenBSD: ifconfig.c,v 1.86 2003/12/08 09:09:03 markus Exp $"; +static const char rcsid[] = "$OpenBSD: ifconfig.c,v 1.87 2003/12/15 07:11:29 mcbride Exp $"; #endif #endif /* not lint */ @@ -97,6 +97,8 @@ static const char rcsid[] = "$OpenBSD: ifconfig.c,v 1.86 2003/12/08 09:09:03 mar #include <netinet/if_ether.h> #include <net/if_enc.h> #include <net/if_ieee80211.h> +#include <net/pfvar.h> +#include <net/if_pfsync.h> #include <netatalk/at.h> @@ -205,6 +207,10 @@ void setcarp_advbase(const char *,int); void setcarp_advskew(const char *, int); void setcarp_passwd(const char *, int); void setcarp_vhid(const char *, int); +void setpfsync_syncif(const char *, int); +void setpfsync_maxupd(const char *, int); +void unsetpfsync_syncif(const char *, int); +void pfsync_status(void); void fixnsel(struct sockaddr_iso *); int main(int, char *[]); int prefix(void *val, int); @@ -292,6 +298,9 @@ const struct cmd { { "advskew", NEXTARG, 0, setcarp_advskew }, { "pass", NEXTARG, 0, setcarp_passwd }, { "vhid", NEXTARG, 0, setcarp_vhid }, + { "syncif", NEXTARG, 0, setpfsync_syncif }, + { "maxupd", NEXTARG, 0, setpfsync_maxupd }, + { "-syncif", 1, 0, unsetpfsync_syncif }, #endif /* INET_ONLY */ /* giftunnel is for backward compat */ { "giftunnel", NEXTARG2, 0, NULL, settunnel } , @@ -1729,6 +1738,7 @@ status(int link, struct sockaddr_dl *sdl) #ifndef INET_ONLY vlan_status(); carp_status(); + pfsync_status(); #endif ieee80211_status(); @@ -2807,6 +2817,85 @@ setcarp_advbase(const char *val, int d) return; } + +void +setpfsync_syncif(const char *val, int d) +{ + struct pfsyncreq preq; + + bzero((char *)&preq, sizeof(struct pfsyncreq)); + ifr.ifr_data = (caddr_t)&preq; + + if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1) + err(1, "SIOCGETPFSYNC"); + + strlcpy(preq.pfsyncr_syncif, val, sizeof(preq.pfsyncr_syncif)); + + if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1) + err(1, "SIOCSETPFSYNC"); + + return; +} + +void +unsetpfsync_syncif(const char *val, int d) +{ + struct pfsyncreq preq; + + bzero((char *)&preq, sizeof(struct pfsyncreq)); + ifr.ifr_data = (caddr_t)&preq; + + if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1) + err(1, "SIOCGETPFSYNC"); + + bzero((char *)&preq.pfsyncr_syncif, sizeof(preq.pfsyncr_syncif)); + + if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1) + err(1, "SIOCSETPFSYNC"); + + return; +} + +void +setpfsync_maxupd(const char *val, int d) +{ + int maxupdates; + struct pfsyncreq preq; + + maxupdates = atoi(val); + + memset((char *)&preq, 0, sizeof(struct pfsyncreq)); + ifr.ifr_data = (caddr_t)&preq; + + if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1) + err(1, "SIOCGETPFSYNC"); + + preq.pfsyncr_maxupdates = maxupdates; + + if (ioctl(s, SIOCSETPFSYNC, (caddr_t)&ifr) == -1) + err(1, "SIOCSETPFSYNC"); + + return; +} + +void +pfsync_status(void) +{ + struct pfsyncreq preq; + + bzero((char *)&preq, sizeof(struct pfsyncreq)); + ifr.ifr_data = (caddr_t)&preq; + + if (ioctl(s, SIOCGETPFSYNC, (caddr_t)&ifr) == -1) + return; + + if (preq.pfsyncr_syncif[0] != '\0') { + printf("\tpfsync: syncif: %s maxupd: %d\n", + preq.pfsyncr_syncif, preq.pfsyncr_maxupdates); + } + + return; +} #endif /* INET_ONLY */ #ifdef INET6 diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 5fa0985374d..5628803fc5e 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.425 2003/12/15 00:02:03 mcbride Exp $ */ +/* $OpenBSD: parse.y,v 1.426 2003/12/15 07:11:30 mcbride Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -383,7 +383,7 @@ typedef struct { %token NOROUTE FRAGMENT USER GROUP MAXMSS MAXIMUM TTL TOS DROP TABLE %token REASSEMBLE FRAGDROP FRAGCROP ANCHOR NATANCHOR RDRANCHOR BINATANCHOR %token SET OPTIMIZATION TIMEOUT LIMIT LOGINTERFACE BLOCKPOLICY RANDOMID -%token REQUIREORDER SYNPROXY FINGERPRINTS NOSYNC DEBUG +%token REQUIREORDER SYNPROXY FINGERPRINTS NOSYNC DEBUG HOSTID %token ANTISPOOF FOR %token BITMASK RANDOM SOURCEHASH ROUNDROBIN STATICPORT %token ALTQ CBQ PRIQ HFSC BANDWIDTH TBRSIZE LINKSHARE REALTIME UPPERLIMIT @@ -477,6 +477,16 @@ option : SET OPTIMIZATION STRING { YYERROR; } } + | SET HOSTID number { + if ($3 == 0) { + yyerror("hostid must be non-zero"); + YYERROR; + } + if (pfctl_set_hostid(pf, $3) != 0) { + yyerror("error setting loginterface %08x", $3); + YYERROR; + } + } | SET BLOCKPOLICY DROP { if (pf->opts & PF_OPT_VERBOSE) printf("set block-policy drop\n"); @@ -4069,6 +4079,7 @@ lookup(char *s) { "global", GLOBAL}, { "group", GROUP}, { "hfsc", HFSC}, + { "hostid", HOSTID}, { "icmp-type", ICMPTYPE}, { "icmp6-type", ICMP6TYPE}, { "in", IN}, diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c index 22f1d0399f9..94972d73820 100644 --- a/sbin/pfctl/pf_print_state.c +++ b/sbin/pfctl/pf_print_state.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_print_state.c,v 1.34 2003/12/15 00:02:03 mcbride Exp $ */ +/* $OpenBSD: pf_print_state.c,v 1.35 2003/12/15 07:11:30 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -140,8 +140,10 @@ print_host(struct pf_state_host *h, sa_family_t af, int opts) aw.v.a.addr = h->addr; if (af == AF_INET) aw.v.a.mask.addr32[0] = 0xffffffff; - else + else { memset(&aw.v.a.mask, 0xff, sizeof(aw.v.a.mask)); + af = AF_INET6; + } print_addr(&aw, af, opts & PF_OPT_VERBOSE2); } @@ -263,6 +265,10 @@ print_state(struct pf_state *s, int opts) printf("\n"); printf("\n"); } + if (opts & PF_OPT_VERBOSE2) { + printf(" id: %016llx creatorid: %08x\n", + betoh64(s->id), ntohl(s->creatorid)); + } } int diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index db3194958d4..1a8a0ea17dc 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.c,v 1.193 2003/12/15 00:02:03 mcbride Exp $ */ +/* $OpenBSD: pfctl.c,v 1.194 2003/12/15 07:11:30 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1213,6 +1213,24 @@ pfctl_set_logif(struct pfctl *pf, char *ifname) } int +pfctl_set_hostid(struct pfctl *pf, u_int32_t hostid) +{ + if ((loadopt & PFCTL_FLAG_OPTION) == 0) + return (0); + + HTONL(hostid); + + if ((pf->opts & PF_OPT_NOACTION) == 0) + if (ioctl(dev, DIOCSETHOSTID, &hostid)) + err(1, "DIOCSETHOSTID"); + + if (pf->opts & PF_OPT_VERBOSE) + printf("set hostid %#08x\n", hostid); + + return (0); +} + +int pfctl_set_debug(struct pfctl *pf, char *d) { u_int32_t level; diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index 7cb363c1de5..ccd1f7ec574 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.182 2003/12/15 00:02:03 mcbride Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.183 2003/12/15 07:11:30 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -508,6 +508,7 @@ print_status(struct pf_status *s, int opts) printf("%15s\n\n", "Debug: Loud"); break; } + printf("hostid: 0x%08x\n\n", ntohl(s->hostid)); if (s->ifname[0] != 0) { printf("Interface Stats for %-16s %5s %16s\n", s->ifname, "IPv4", "IPv6"); diff --git a/sbin/pfctl/pfctl_parser.h b/sbin/pfctl/pfctl_parser.h index c0a710c533e..fe130816264 100644 --- a/sbin/pfctl/pfctl_parser.h +++ b/sbin/pfctl/pfctl_parser.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.h,v 1.70 2003/12/15 00:02:03 mcbride Exp $ */ +/* $OpenBSD: pfctl_parser.h,v 1.71 2003/12/15 07:11:30 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -154,6 +154,7 @@ int pfctl_set_timeout(struct pfctl *, const char *, int, int); int pfctl_set_optimization(struct pfctl *, const char *); int pfctl_set_limit(struct pfctl *, const char *, unsigned int); int pfctl_set_logif(struct pfctl *, char *); +int pfctl_set_hostid(struct pfctl *, u_int32_t); int pfctl_set_debug(struct pfctl *, char *); int parse_rules(FILE *, struct pfctl *); |