From e689014cc2747748c76a2b3f492470f1362031e2 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Fri, 5 Feb 1999 05:58:55 +0000 Subject: ipf 3.2.10; work by kjell --- sbin/ipnat/ipnat.c | 100 +++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 86 insertions(+), 14 deletions(-) (limited to 'sbin/ipnat/ipnat.c') diff --git a/sbin/ipnat/ipnat.c b/sbin/ipnat/ipnat.c index b9affc0e4cb..29bdf05a653 100644 --- a/sbin/ipnat/ipnat.c +++ b/sbin/ipnat/ipnat.c @@ -1,6 +1,6 @@ -/* $OpenBSD: ipnat.c,v 1.25 1998/10/11 05:36:32 deraadt Exp $ */ +/* $OpenBSD: ipnat.c,v 1.26 1999/02/05 05:58:48 deraadt Exp $ */ /* - * Copyright (C) 1993-1997 by Darren Reed. + * Copyright (C) 1993-1998 by Darren Reed. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and due credit is given @@ -67,7 +67,7 @@ extern char *sys_errlist[]; #if !defined(lint) static const char sccsid[] ="@(#)ipnat.c 1.9 6/5/96 (C) 1993 Darren Reed"; -static const char rcsid[] = "@(#)$Id: ipnat.c,v 1.25 1998/10/11 05:36:32 deraadt Exp $"; +static const char rcsid[] = "@(#)$Id: ipnat.c,v 1.26 1999/02/05 05:58:48 deraadt Exp $"; #endif @@ -83,6 +83,7 @@ u_32_t hostmask __P((char *)); u_short portnum __P((char *, char *)); void dostats __P((int, int)), flushtable __P((int, int)); void printnat __P((ipnat_t *, int, void *)); +void printaps __P((ap_session_t *, int )); void parsefile __P((int, char *, int)); void usage __P((char *)); int countbits __P((u_32_t)); @@ -195,8 +196,9 @@ ipnat_t *np; int verbose; void *ptr; { - int bits; struct protoent *pr; + struct servent *sv; + int bits; switch (np->in_redir) { @@ -253,12 +255,22 @@ void *ptr; else printf("%s", inet_ntoa(np->in_out[1])); if (*np->in_plabel) { + pr = getprotobynumber(np->in_p); printf(" proxy port"); - if (np->in_dport) - printf(" %hu", ntohs(np->in_dport)); + if (np->in_dport != 0) { + if (pr != NULL) + sv = getservbyport(np->in_dport, + pr->p_name); + else + sv = getservbyport(np->in_dport, NULL); + if (sv != NULL) + printf(" %s", sv->s_name); + else + printf(" %hu", ntohs(np->in_dport)); + } printf(" %.*s/", (int)sizeof(np->in_plabel), np->in_plabel); - if ((pr = getprotobynumber(np->in_p))) + if (pr != NULL) fputs(pr->p_name, stdout); else printf("%d", np->in_p); @@ -274,10 +286,51 @@ void *ptr; ntohs(np->in_pmax)); } printf("\n"); - if (verbose) - printf("\t%p %u %s %d %x\n", np->in_ifp, - np->in_space, inet_ntoa(np->in_nextip), - np->in_pnext, np->in_flags); + if (verbose) { + printf("\tifp %p space %u nextip %s pnext %d", + np->in_ifp, np->in_space, + inet_ntoa(np->in_nextip), np->in_pnext); + printf(" flags %x use %u\n", + np->in_flags, np->in_use); + } + } +} + + +void printaps(aps, opts) +ap_session_t *aps; +int opts; +{ + ap_session_t ap; + aproxy_t apr; + ap_tcp_t apt; + ap_udp_t apu; + + if (kmemcpy((char *)&ap, (long)aps, sizeof(ap))) + return; + if (kmemcpy((char *)&apr, (long)ap.aps_apr, sizeof(apr))) + return; + printf("\tproxy %s/%d use %d flags %x\n", apr.apr_label, + apr.apr_p, apr.apr_ref, apr.apr_flags); + printf("\t\t%d %s -> ", ap.aps_p, inet_ntoa(ap.aps_src)); + printf("%s [%#x ", inet_ntoa(ap.aps_dst), ap.aps_flags); +#ifdef USE_QUAD_T + printf("%qu %qu", ap.aps_bytes, ap.aps_pkts); +#else + printf("%lu %lu", ap.aps_bytes, ap.aps_pkts); +#endif + printf(" %x[%d]]\n", ap.aps_data, ap.aps_psiz); + if ((ap.aps_p == IPPROTO_TCP) && (opts & OPT_VERBOSE)) { + printf("\t\t%hu -> %hu state[%d,%d], sel[%d,%d]\n", + ap.aps_sport, ap.aps_dport, + ap.aps_state[0], ap.aps_state[1], + ap.aps_sel[0], ap.aps_sel[1]); + printf("\t\tseq: off %hd/%hd min %x/%x\n", + ap.aps_seqoff[0], ap.aps_seqoff[1], + ap.aps_seqmin[0], ap.aps_seqmin[1]); + printf("\t\tack: off %hd/%hd min %x/%x\n", + ap.aps_ackoff[0], ap.aps_ackoff[1], + ap.aps_ackmin[0], ap.aps_ackmin[1]); } } @@ -374,12 +427,26 @@ int fd, opts; ntohs(nat.nat_outport)); printf(" [%s %hu]", inet_ntoa(nat.nat_oip), ntohs(nat.nat_oport)); - printf(" %ld %hu %x", nat.nat_age, - nat.nat_use, nat.nat_sumd); + if (opts & OPT_VERBOSE) { + printf("\n\tage %lu use %hu sumd %x", + nat.nat_age, nat.nat_use, + nat.nat_sumd); + printf(" bkt %d flags %x ", + i, nat.nat_flags); +#ifdef USE_QUAD_T + printf("bytes %qu pkts %qu", + nat.nat_bytes, nat.nat_pkts); +#else + printf("bytes %lu pkts %lu", + nat.nat_bytes, nat.nat_pkts); +#endif #if SOLARIS - printf(" %lx", nat.nat_ipsumd); + printf(" %lx", nat.nat_ipsumd); #endif + } putchar('\n'); + if (nat.nat_aps) + printaps(nat.nat_aps, opts); } free(nt[0]); } @@ -677,6 +744,11 @@ char *line; if (*dnetm == '/') *dnetm++ = '\0'; } else { + if (strrchr(dhost, '/') != NULL) { + fprintf(stderr, "No netmask supported in %s\n", + "destination host for redirect"); + return NULL; + } /* If it's a in_redir, expect target port */ if (!(s = strtok(NULL, " \t"))) { fprintf(stderr, "missing fields (destination port)\n"); -- cgit v1.2.3