1 /* 2 * Copyright (c) 2014 - 2018 The DragonFly Project. All rights reserved. 3 * 4 * This code is derived from software contributed to The DragonFly Project 5 * by Bill Yuan <bycn82@dragonflybsd.org> 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in 15 * the documentation and/or other materials provided with the 16 * distribution. 17 * 3. Neither the name of The DragonFly Project nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific, prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #include <sys/param.h> 36 #include <sys/mbuf.h> 37 #include <sys/socket.h> 38 #include <sys/sockio.h> 39 #include <sys/sysctl.h> 40 #include <sys/time.h> 41 #include <sys/wait.h> 42 43 #include <arpa/inet.h> 44 #include <ctype.h> 45 #include <dlfcn.h> 46 #include <err.h> 47 #include <errno.h> 48 #include <grp.h> 49 #include <limits.h> 50 #include <netdb.h> 51 #include <pwd.h> 52 #include <sysexits.h> 53 #include <signal.h> 54 #include <stdio.h> 55 #include <stdlib.h> 56 #include <stdarg.h> 57 #include <string.h> 58 #include <timeconv.h> 59 #include <unistd.h> 60 61 #include <netinet/in.h> 62 #include <netinet/in_systm.h> 63 #include <netinet/ip.h> 64 #include <netinet/ip_icmp.h> 65 #include <netinet/tcp.h> 66 #include <net/if.h> 67 #include <net/if_dl.h> 68 #include <net/route.h> 69 #include <net/ethernet.h> 70 71 #include <net/ipfw3/ip_fw3.h> 72 #include <net/ipfw3_basic/ip_fw3_table.h> 73 #include <net/ipfw3_basic/ip_fw3_sync.h> 74 #include <net/ipfw3_basic/ip_fw3_basic.h> 75 #include <net/ipfw3_nat/ip_fw3_nat.h> 76 #include <net/dummynet3/ip_dummynet3.h> 77 78 #include "ipfw3.h" 79 #include "ipfw3log.h" 80 81 extern int fw3_socket; 82 extern int do_quiet; 83 84 85 void 86 resetlog(int ac, char *av[]) 87 { 88 int rulenum; 89 int failed = EX_OK; 90 91 NEXT_ARG; 92 93 if (!ac) { 94 /* clear all entries */ 95 if (setsockopt(fw3_socket, IPPROTO_IP, 96 IP_FW_RESETLOG, NULL, 0) < 0) 97 err(EX_UNAVAILABLE, "setsockopt(IP_FW_RESETLOG)"); 98 if (!do_quiet) 99 printf("Logging counts reset.\n"); 100 101 return; 102 } 103 104 while (ac) { 105 /* Rule number */ 106 if (isdigit(**av)) { 107 rulenum = atoi(*av); 108 NEXT_ARG; 109 if (setsockopt(fw3_socket, IPPROTO_IP, 110 IP_FW_RESETLOG, &rulenum, sizeof rulenum)) { 111 warn("rule %u: setsockopt(IP_FW_RESETLOG)", 112 rulenum); 113 failed = EX_UNAVAILABLE; 114 } else if (!do_quiet) 115 printf("Entry %d logging count reset\n", 116 rulenum); 117 } else { 118 errx(EX_DATAERR, "invalid rule number ``%s''", *av); 119 } 120 } 121 if (failed != EX_OK) 122 exit(failed); 123 } 124 125 void 126 log_main(int ac, char **av) 127 { 128 if (!strncmp(*av, "reset", strlen(*av))) { 129 resetlog(ac, av); 130 } else if (!strncmp(*av, "off", strlen(*av))) { 131 132 } else if (!strncmp(*av, "on", strlen(*av))) { 133 134 } else { 135 errx(EX_USAGE, "bad command `%s'", *av); 136 } 137 } 138 139