1 /* $NetBSD: pfsync.c,v 1.1 2011/03/01 19:01:59 dyoung Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #ifndef lint 34 __RCSID("$NetBSD: pfsync.c,v 1.1 2011/03/01 19:01:59 dyoung Exp $"); 35 #endif /* not lint */ 36 37 #define _CALLOUT_PRIVATE /* for defs in sys/callout.h */ 38 39 #include <sys/param.h> 40 #include <sys/queue.h> 41 #include <sys/socket.h> 42 #include <sys/socketvar.h> 43 #include <sys/mbuf.h> 44 #include <sys/protosw.h> 45 #include <sys/sysctl.h> 46 47 #include <net/if_arp.h> 48 #include <net/route.h> 49 #include <netinet/in.h> 50 #include <netinet/in_systm.h> 51 #include <netinet/ip.h> 52 #include <netinet/in_pcb.h> 53 #include <netinet/ip_icmp.h> 54 55 #ifdef INET6 56 #include <netinet/ip6.h> 57 #endif 58 59 #include <net/pfvar.h> 60 #include <net/if_pfsync.h> 61 62 #include <arpa/inet.h> 63 #include <kvm.h> 64 #include <netdb.h> 65 #include <stdio.h> 66 #include <string.h> 67 #include <unistd.h> 68 #include <stdlib.h> 69 #include <err.h> 70 #include "netstat.h" 71 #include "prog_ops.h" 72 73 /* 74 * Dump PFSYNC statistics structure. 75 */ 76 void 77 pfsync_stats(u_long off, const char *name) 78 { 79 uint64_t pfsyncstat[PFSYNC_NSTATS]; 80 81 if (use_sysctl) { 82 size_t size = sizeof(pfsyncstat); 83 84 if (sysctlbyname("net.inet.pfsync.stats", pfsyncstat, &size, 85 NULL, 0) == -1) 86 return; 87 } else { 88 warnx("%s stats not available via KVM.", name); 89 return; 90 } 91 92 printf("%s:\n", name); 93 94 #define p(f, m) if (pfsyncstat[f] || sflag <= 1) \ 95 printf(m, pfsyncstat[f], plural(pfsyncstat[f])) 96 #define p2(f, m) if (pfsyncstat[f] || sflag <= 1) \ 97 printf(m, pfsyncstat[f]) 98 99 p(PFSYNC_STAT_IPACKETS, "\t%" PRIu64 " packet%s received (IPv4)\n"); 100 p(PFSYNC_STAT_IPACKETS6,"\t%" PRIu64 " packet%s received (IPv6)\n"); 101 p(PFSYNC_STAT_BADIF, "\t\t%" PRIu64 " packet%s discarded for bad interface\n"); 102 p(PFSYNC_STAT_BADTTL, "\t\t%" PRIu64 " packet%s discarded for bad ttl\n"); 103 p(PFSYNC_STAT_HDROPS, "\t\t%" PRIu64 " packet%s shorter than header\n"); 104 p(PFSYNC_STAT_BADVER, "\t\t%" PRIu64 " packet%s discarded for bad version\n"); 105 p(PFSYNC_STAT_BADAUTH, "\t\t%" PRIu64 " packet%s discarded for bad HMAC\n"); 106 p(PFSYNC_STAT_BADACT,"\t\t%" PRIu64 " packet%s discarded for bad action\n"); 107 p(PFSYNC_STAT_BADLEN, "\t\t%" PRIu64 " packet%s discarded for short packet\n"); 108 p(PFSYNC_STAT_BADVAL, "\t\t%" PRIu64 " state%s discarded for bad values\n"); 109 p(PFSYNC_STAT_STALE, "\t\t%" PRIu64 " stale state%s\n"); 110 p(PFSYNC_STAT_BADSTATE, "\t\t%" PRIu64 " failed state lookup/insert%s\n"); 111 p(PFSYNC_STAT_OPACKETS, "\t%" PRIu64 " packet%s sent (IPv4)\n"); 112 p(PFSYNC_STAT_OPACKETS6, "\t%" PRIu64 " packet%s sent (IPv6)\n"); 113 p2(PFSYNC_STAT_ONOMEM, "\t\t%" PRIu64 " send failed due to mbuf memory error\n"); 114 p2(PFSYNC_STAT_OERRORS, "\t\t%" PRIu64 " send error\n"); 115 #undef p 116 #undef p2 117 } 118 119 120