1 /*
2 * Copyright (c) 2016 - 2018 The DragonFly Project. All rights reserved.
3 *
4 * This code is derived from software contributed to The DragonFly Project
5 * by Bill Yuan <bycn82@dragonflybsd.org>
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35 #include <sys/param.h>
36 #include <sys/mbuf.h>
37 #include <sys/socket.h>
38 #include <sys/sockio.h>
39 #include <sys/sysctl.h>
40 #include <sys/time.h>
41 #include <sys/wait.h>
42
43 #include <arpa/inet.h>
44 #include <ctype.h>
45 #include <dlfcn.h>
46 #include <err.h>
47 #include <errno.h>
48 #include <grp.h>
49 #include <limits.h>
50 #include <netdb.h>
51 #include <pwd.h>
52 #include <sysexits.h>
53 #include <signal.h>
54 #include <stdio.h>
55 #include <stdlib.h>
56 #include <stdarg.h>
57 #include <string.h>
58 #include <timeconv.h>
59 #include <unistd.h>
60
61 #include <netinet/in.h>
62 #include <netinet/in_systm.h>
63 #include <netinet/ip.h>
64 #include <netinet/ip_icmp.h>
65 #include <netinet/tcp.h>
66 #include <net/if.h>
67 #include <net/if_dl.h>
68 #include <net/route.h>
69 #include <net/ethernet.h>
70
71 #include <net/ipfw3/ip_fw3.h>
72 #include <net/ipfw3_basic/ip_fw3_table.h>
73 #include <net/ipfw3_basic/ip_fw3_sync.h>
74 #include <net/ipfw3_basic/ip_fw3_basic.h>
75 #include <net/ipfw3_nat/ip_fw3_nat.h>
76 #include <net/dummynet3/ip_dummynet3.h>
77
78 #include "ipfw3.h"
79 #include "ipfw3sync.h"
80
81 void
sync_config_edge(int ac,char * av[])82 sync_config_edge(int ac, char *av[])
83 {
84 struct ipfw3_ioc_sync_edge ioc_edge;
85 NEXT_ARG;
86 if (isdigit(**av)) {
87 ioc_edge.port = atoi(*av);
88 if (ioc_edge.port == 0) {
89 errx(EX_USAGE, "invalid edge port `%s'", *av);
90 }
91 NEXT_ARG;
92 if (strcmp(*av, "all") == 0) {
93 ioc_edge.hw_same = 1;
94 } else {
95 ioc_edge.hw_same = 0;
96 }
97 if(do_set_x(IP_FW_SYNC_EDGE_CONF,
98 &ioc_edge, sizeof(ioc_edge)) < 0) {
99 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_EDGE_CONF)");
100 }
101 } else {
102 errx(EX_USAGE, "invalid edge port `%s'", *av);
103 }
104 }
105
106 void
sync_config_centre(int ac,char * av[])107 sync_config_centre(int ac, char *av[])
108 {
109 struct ipfw3_ioc_sync_centre *centre;
110 struct ipfw3_sync_edge *edge;
111 struct in_addr addr;
112 char *tok;
113 char *str;
114 int count = 0, step = 10, len, data_len;
115
116 void *data = NULL;
117
118 NEXT_ARG;
119 tok = strtok(*av, ",");
120 len = sizeof(int);
121
122 data_len = len + step * LEN_SYNC_EDGE;
123 data = malloc(data_len);
124 centre = (struct ipfw3_ioc_sync_centre *)data;
125 edge = centre->edges;
126 while (tok != NULL) {
127 str = strchr(tok,':');
128 if (str != NULL) {
129 *(str++) = '\0';
130 edge->port = (u_short)strtoul(str, NULL, 0);
131 if (edge->port == 0) {
132 errx(EX_USAGE, "edge `%s:%s' invalid",
133 tok, str);
134 }
135 } else {
136 err(EX_UNAVAILABLE, "dst invalid");
137 }
138 inet_aton(tok, &addr);
139 edge->addr = addr.s_addr;
140 if (count >= step) {
141 step += 10;
142 data_len = len + step * LEN_SYNC_EDGE;
143 if ((data = realloc(data, data_len)) == NULL) {
144 err(EX_OSERR, "realloc in config sync centre");
145 }
146 }
147
148 tok = strtok (NULL, ",");
149 count++;
150 edge++;
151 }
152 if (count > MAX_EDGES) {
153 err(EX_OSERR,"too much edges");
154 }
155 centre->count = count;
156 len += count * LEN_SYNC_EDGE;
157 if(do_set_x(IP_FW_SYNC_CENTRE_CONF, data, len) < 0) {
158 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_CENTRE_CONF)");
159 }
160
161 }
162
163 void
sync_show_config(int ac,char * av[])164 sync_show_config(int ac, char *av[])
165 {
166 void *data = NULL;
167 int nalloc = 1000, nbytes;
168 nbytes = nalloc;
169
170 while (nbytes >= nalloc) {
171 nalloc = nalloc * 2 + 321;
172 nbytes = nalloc;
173 if (data == NULL) {
174 if ((data = malloc(nbytes)) == NULL) {
175 err(EX_OSERR, "malloc");
176 }
177 } else if ((data = realloc(data, nbytes)) == NULL) {
178 err(EX_OSERR, "realloc");
179 }
180 if (do_get_x(IP_FW_SYNC_SHOW_CONF, data, &nbytes) < 0) {
181 err(EX_OSERR, "getsockopt(IP_FW_SYNC_SHOW_CONF)");
182 }
183 }
184 struct ipfw3_ioc_sync_context *sync_ctx;
185 sync_ctx = (struct ipfw3_ioc_sync_context *)data;
186 if (sync_ctx->edge_port != 0) {
187 printf("ipfw3sync edge on %d %s\n", sync_ctx->edge_port,
188 sync_ctx->hw_same == 1 ? "all" : "");
189 }
190 if (sync_ctx->count > 0) {
191 struct ipfw3_sync_edge *edge;
192 int i;
193
194 edge = sync_ctx->edges;
195 printf("ipfw3sync centre to %d edge(s)\n", sync_ctx->count);
196 for (i = 0; i < sync_ctx->count; i++) {
197 struct in_addr in;
198 in.s_addr = edge->addr;
199 printf("edge on %s:%d\n", inet_ntoa(in), edge->port);
200 edge++;
201 }
202 }
203 }
204
205 void
sync_show_status(int ac,char * av[])206 sync_show_status(int ac, char *av[])
207 {
208 int running, len;
209 len = sizeof(running);
210 if (do_get_x(IP_FW_SYNC_SHOW_STATUS, &running, &len) < 0) {
211 err(EX_OSERR, "getsockopt(IP_FW_SYNC_SHOW_STATUS)");
212 }
213 if (running & 1) {
214 printf("edge is running\n");
215 }
216 if (running & 2) {
217 printf("centre is running\n");
218 }
219 }
220
221 void
sync_edge_start(int ac,char * av[])222 sync_edge_start(int ac, char *av[])
223 {
224 int i = 0;
225 if(do_set_x(IP_FW_SYNC_EDGE_START, &i, sizeof(i)) < 0) {
226 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_EDGE_START)");
227 }
228 }
229
230 void
sync_centre_start(int ac,char * av[])231 sync_centre_start(int ac, char *av[])
232 {
233 int i = 0;
234 if(do_set_x(IP_FW_SYNC_CENTRE_START, &i, sizeof(i)) < 0) {
235 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_CENTRE_START)");
236 }
237 }
238
239 void
sync_edge_stop(int ac,char * av[])240 sync_edge_stop(int ac, char *av[])
241 {
242 int i = 0;
243 if(do_set_x(IP_FW_SYNC_EDGE_STOP, &i, sizeof(i)) < 0) {
244 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_EDGE_STOP)");
245 }
246 }
247
248 void
sync_centre_stop(int ac,char * av[])249 sync_centre_stop(int ac, char *av[])
250 {
251 int i = 0;
252 if(do_set_x(IP_FW_SYNC_CENTRE_STOP, &i, sizeof(i)) < 0) {
253 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_CENTRE_STOP");
254 }
255 }
256
257 void
sync_edge_clear(int ac,char * av[])258 sync_edge_clear(int ac, char *av[])
259 {
260 int i = 0;
261 if(do_set_x(IP_FW_SYNC_EDGE_CLEAR, &i, sizeof(i)) < 0) {
262 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_EDGE_CLEAR)");
263 }
264 }
265
266 void
sync_centre_clear(int ac,char * av[])267 sync_centre_clear(int ac, char *av[])
268 {
269 int i = 0;
270 if(do_set_x(IP_FW_SYNC_CENTRE_CLEAR, &i, sizeof(i)) < 0) {
271 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_CENTRE_CLEAR)");
272 }
273 }
274
275 void
sync_edge_test(int ac,char * av[])276 sync_edge_test(int ac, char *av[])
277 {
278 int i = 0;
279 if(do_set_x(IP_FW_SYNC_EDGE_TEST, &i, sizeof(i)) < 0) {
280 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_EDGE_CLEAR)");
281 }
282 }
283
284 void
sync_centre_test(int ac,char * av[])285 sync_centre_test(int ac, char *av[])
286 {
287 int n;
288 NEXT_ARG;
289 if (!isdigit(**av)) {
290 errx(EX_DATAERR, "invalid test number %s\n", *av);
291 }
292 n = atoi(*av);
293 if(do_set_x(IP_FW_SYNC_CENTRE_TEST, &n, sizeof(n)) < 0) {
294 err(EX_UNAVAILABLE, "do_set_x(IP_FW_SYNC_CENTRE_TEST)");
295 }
296 printf("centre test %d sent\n", n);
297 }
298
299
300 void
sync_main(int ac,char ** av)301 sync_main(int ac, char **av)
302 {
303 if (!strncmp(*av, "edge", strlen(*av))) {
304 sync_config_edge(ac, av);
305 } else if (!strncmp(*av, "centre", strlen(*av))) {
306 sync_config_centre(ac, av);
307 } else if (!strncmp(*av, "show", strlen(*av))) {
308 NEXT_ARG;
309 if (!strncmp(*av, "config", strlen(*av))) {
310 sync_show_config(ac, av);
311 } else if (!strncmp(*av, "status", strlen(*av))) {
312 sync_show_status(ac, av);
313 } else {
314 errx(EX_USAGE, "bad show command `%s'", *av);
315 }
316 } else if (!strncmp(*av, "start", strlen(*av))) {
317 NEXT_ARG;
318 if (!strncmp(*av, "edge", strlen(*av))) {
319 sync_edge_start(ac, av);
320 } else if (!strncmp(*av, "centre", strlen(*av))) {
321 sync_centre_start(ac, av);
322 }
323 } else if (!strncmp(*av, "stop", strlen(*av))) {
324 NEXT_ARG;
325 if (!strncmp(*av, "edge", strlen(*av))) {
326 sync_edge_stop(ac, av);
327 } else if (!strncmp(*av, "centre", strlen(*av))) {
328 sync_centre_stop(ac, av);
329 }
330 } else if (!strncmp(*av, "clear", strlen(*av))) {
331 NEXT_ARG;
332 if (!strncmp(*av, "edge", strlen(*av))) {
333 sync_edge_clear(ac, av);
334 } else if (!strncmp(*av, "centre", strlen(*av))) {
335 sync_centre_clear(ac, av);
336 }
337 } else if (!strncmp(*av, "test", strlen(*av))) {
338 NEXT_ARG;
339 if (!strncmp(*av, "edge", strlen(*av))) {
340 sync_edge_test(ac, av);
341 } else if (!strncmp(*av, "centre", strlen(*av))) {
342 sync_centre_test(ac, av);
343 }
344 } else {
345 errx(EX_USAGE, "bad ipfw sync command `%s'", *av);
346 }
347 }
348
349