diff options
author | Andrey V. Elsukov <ae@FreeBSD.org> | 2015-11-03 10:21:53 +0000 |
---|---|---|
committer | Andrey V. Elsukov <ae@FreeBSD.org> | 2015-11-03 10:21:53 +0000 |
commit | 5dc5a0e0aa5bd44eecf8a3cdff85d213607312dc (patch) | |
tree | a2573899214f447b2413410ae4bf368561c93709 /sys/netpfil | |
parent | 8f94ce2876bc295ec05b664711b7d807c134bc31 (diff) | |
download | src-5dc5a0e0aa5bd44eecf8a3cdff85d213607312dc.tar.gz src-5dc5a0e0aa5bd44eecf8a3cdff85d213607312dc.zip |
Implement `ipfw internal olist` command to list named objects.
Reviewed by: melifaro
Obtained from: Yandex LLC
Sponsored by: Yandex LLC
Notes
Notes:
svn path=/head/; revision=290330
Diffstat (limited to 'sys/netpfil')
-rw-r--r-- | sys/netpfil/ipfw/ip_fw_private.h | 1 | ||||
-rw-r--r-- | sys/netpfil/ipfw/ip_fw_sockopt.c | 67 |
2 files changed, 63 insertions, 5 deletions
diff --git a/sys/netpfil/ipfw/ip_fw_private.h b/sys/netpfil/ipfw/ip_fw_private.h index e39b32ddc577..0950c4cfe6f5 100644 --- a/sys/netpfil/ipfw/ip_fw_private.h +++ b/sys/netpfil/ipfw/ip_fw_private.h @@ -673,6 +673,7 @@ int ipfw_objhash_free_idx(struct namedobj_instance *ni, uint16_t idx); int ipfw_objhash_alloc_idx(void *n, uint16_t *pidx); void ipfw_objhash_set_funcs(struct namedobj_instance *ni, objhash_hash_f *hash_f, objhash_cmp_f *cmp_f); +void ipfw_export_obj_ntlv(struct named_object *no, ipfw_obj_ntlv *ntlv); void ipfw_init_obj_rewriter(void); void ipfw_destroy_obj_rewriter(void); void ipfw_add_obj_rewriter(struct opcode_obj_rewrite *rw, size_t count); diff --git a/sys/netpfil/ipfw/ip_fw_sockopt.c b/sys/netpfil/ipfw/ip_fw_sockopt.c index 7ed4c1d055c3..3e2ae937be73 100644 --- a/sys/netpfil/ipfw/ip_fw_sockopt.c +++ b/sys/netpfil/ipfw/ip_fw_sockopt.c @@ -119,6 +119,8 @@ static int manage_sets(struct ip_fw_chain *chain, ip_fw3_opheader *op3, struct sockopt_data *sd); static int dump_soptcodes(struct ip_fw_chain *chain, ip_fw3_opheader *op3, struct sockopt_data *sd); +static int dump_srvobjects(struct ip_fw_chain *chain, ip_fw3_opheader *op3, + struct sockopt_data *sd); /* ctl3 handler data */ struct mtx ctl3_lock; @@ -146,6 +148,7 @@ static struct ipfw_sopt_handler scodes[] = { { IP_FW_SET_MOVE, 0, HDIR_SET, manage_sets }, { IP_FW_SET_ENABLE, 0, HDIR_SET, manage_sets }, { IP_FW_DUMP_SOPTCODES, 0, HDIR_GET, dump_soptcodes }, + { IP_FW_DUMP_SRVOBJECTS,0, HDIR_GET, dump_srvobjects }, }; static int @@ -1876,6 +1879,16 @@ struct dump_args { int rcounters; /* counters */ }; +void +ipfw_export_obj_ntlv(struct named_object *no, ipfw_obj_ntlv *ntlv) +{ + + ntlv->head.type = no->etlv; + ntlv->head.length = sizeof(*ntlv); + ntlv->idx = no->kidx; + strlcpy(ntlv->name, no->name, sizeof(ntlv->name)); +} + /* * Export named object info in instance @ni, identified by @kidx * to ipfw_obj_ntlv. TLV is allocated from @sd space. @@ -1896,11 +1909,7 @@ export_objhash_ntlv(struct namedobj_instance *ni, uint16_t kidx, if (ntlv == NULL) return (ENOMEM); - ntlv->head.type = no->etlv; - ntlv->head.length = sizeof(*ntlv); - ntlv->idx = no->kidx; - strlcpy(ntlv->name, no->name, sizeof(ntlv->name)); - + ipfw_export_obj_ntlv(no, ntlv); return (0); } @@ -2803,6 +2812,54 @@ ipfw_del_obj_rewriter(struct opcode_obj_rewrite *rw, size_t count) return (0); } +static void +export_objhash_ntlv_internal(struct namedobj_instance *ni, + struct named_object *no, void *arg) +{ + struct sockopt_data *sd; + ipfw_obj_ntlv *ntlv; + + sd = (struct sockopt_data *)arg; + ntlv = (ipfw_obj_ntlv *)ipfw_get_sopt_space(sd, sizeof(*ntlv)); + if (ntlv == NULL) + return; + ipfw_export_obj_ntlv(no, ntlv); +} + +/* + * Lists all service objects. + * Data layout (v0)(current): + * Request: [ ipfw_obj_lheader ] size = ipfw_cfg_lheader.size + * Reply: [ ipfw_obj_lheader [ ipfw_obj_ntlv x N ] (optional) ] + * Returns 0 on success + */ +static int +dump_srvobjects(struct ip_fw_chain *chain, ip_fw3_opheader *op3, + struct sockopt_data *sd) +{ + ipfw_obj_lheader *hdr; + int count; + + hdr = (ipfw_obj_lheader *)ipfw_get_sopt_header(sd, sizeof(*hdr)); + if (hdr == NULL) + return (EINVAL); + + IPFW_UH_RLOCK(chain); + count = ipfw_objhash_count(CHAIN_TO_SRV(chain)); + hdr->size = sizeof(ipfw_obj_lheader) + count * sizeof(ipfw_obj_ntlv); + if (sd->valsize < hdr->size) { + IPFW_UH_RUNLOCK(chain); + return (ENOMEM); + } + hdr->count = count; + hdr->objsize = sizeof(ipfw_obj_ntlv); + if (count > 0) + ipfw_objhash_foreach(CHAIN_TO_SRV(chain), + export_objhash_ntlv_internal, sd); + IPFW_UH_RUNLOCK(chain); + return (0); +} + /* * Compares two sopt handlers (code, version and handler ptr). * Used both as qsort() and bsearch(). |