12949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 22949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996 32949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * The Regents of the University of California. All rights reserved. 42949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * 52949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Redistribution and use in source and binary forms, with or without 62949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * modification, are permitted provided that: (1) source code distributions 72949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * retain the above copyright notice and this paragraph in its entirety, (2) 82949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * distributions including binary code include the above copyright notice and 92949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * this paragraph in its entirety in the documentation or other materials 102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * provided with the distribution, and (3) all advertising materials mentioning 112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * features or use of this software display the following acknowledgement: 122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * ``This product includes software developed by the University of California, 132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * the University nor the names of its contributors may be used to endorse 152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * or promote products derived from this software without specific prior 162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * written permission. 172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef lint 232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic const char rcsid[] _U_ = 242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project "@(#) $Header: /tcpdump/master/tcpdump/print-pflog.c,v 1.13.2.4 2007/09/13 17:18:10 gianluca Exp $ (LBL)"; 252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef HAVE_CONFIG_H 282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "config.h" 292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef HAVE_NET_PFVAR_H 322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#error "No pf headers available" 332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <sys/types.h> 362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifndef WIN32 372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <sys/socket.h> 382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <net/if.h> 402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <net/pfvar.h> 412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <net/if_pflog.h> 422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <tcpdump-stdinc.h> 462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <stdio.h> 482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include <pcap.h> 492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "interface.h" 512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#include "addrtoname.h" 522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic struct tok pf_reasons[] = { 542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 0, "0(match)" }, 552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 1, "1(bad-offset)" }, 562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 2, "2(fragment)" }, 572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 3, "3(short)" }, 582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 4, "4(normalize)" }, 592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 5, "5(memory)" }, 602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 6, "6(bad-timestamp)" }, 612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 7, "7(congestion)" }, 622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 8, "8(ip-option)" }, 632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 9, "9(proto-cksum)" }, 642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 10, "10(state-mismatch)" }, 652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 11, "11(state-insert)" }, 662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 12, "12(state-limit)" }, 672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 13, "13(src-limit)" }, 682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 14, "14(synproxy)" }, 692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 0, NULL } 702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic struct tok pf_actions[] = { 732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_PASS, "pass" }, 742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_DROP, "block" }, 752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_SCRUB, "scrub" }, 762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_NAT, "nat" }, 772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_NONAT, "nat" }, 782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_BINAT, "binat" }, 792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_NOBINAT, "binat" }, 802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_RDR, "rdr" }, 812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_NORDR, "rdr" }, 822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_SYNPROXY_DROP, "synproxy-drop" }, 832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 0, NULL } 842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic struct tok pf_directions[] = { 872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_INOUT, "in/out" }, 882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_IN, "in" }, 892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { PF_OUT, "out" }, 902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project { 0, NULL } 912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project}; 922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 932949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* For reading capture files on other systems */ 942949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define OPENBSD_AF_INET 2 952949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define OPENBSD_AF_INET6 24 962949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 972949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectstatic void 982949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectpflog_print(const struct pfloghdr *hdr) 992949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 1002949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int32_t rulenr, subrulenr; 1012949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1022949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project rulenr = ntohl(hdr->rulenr); 1032949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project subrulenr = ntohl(hdr->subrulenr); 1042949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (subrulenr == (u_int32_t)-1) 1052949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project printf("rule %u/", rulenr); 1062949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project else 1072949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project printf("rule %u.%s.%u/", rulenr, hdr->ruleset, subrulenr); 1082949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1092949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project printf("%s: %s %s on %s: ", 1102949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project tok2str(pf_reasons, "unkn(%u)", hdr->reason), 1112949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project tok2str(pf_actions, "unkn(%u)", hdr->action), 1122949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project tok2str(pf_directions, "unkn(%u)", hdr->dir), 1132949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project hdr->ifname); 1142949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 1152949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1162949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectu_int 1172949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projectpflog_if_print(const struct pcap_pkthdr *h, register const u_char *p) 1182949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project{ 1192949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int length = h->len; 1202949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int hdrlen; 1212949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int caplen = h->caplen; 1222949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project const struct pfloghdr *hdr; 1232949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project u_int8_t af; 1242949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1252949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* check length */ 1262949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (caplen < sizeof(u_int8_t)) { 1272949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project printf("[|pflog]"); 1282949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (caplen); 1292949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1302949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1312949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#define MIN_PFLOG_HDRLEN 45 1322949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project hdr = (struct pfloghdr *)p; 1332949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (hdr->length < MIN_PFLOG_HDRLEN) { 1342949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project printf("[pflog: invalid header length!]"); 1352949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (hdr->length); /* XXX: not really */ 1362949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1372949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project hdrlen = BPF_WORDALIGN(hdr->length); 1382949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1392949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (caplen < hdrlen) { 1402949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project printf("[|pflog]"); 1412949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (hdrlen); /* XXX: true? */ 1422949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1432949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1442949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* print what we know */ 1452949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project hdr = (struct pfloghdr *)p; 1462949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project TCHECK(*hdr); 1472949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (eflag) 1482949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project pflog_print(hdr); 1492949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1502949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* skip to the real packet */ 1512949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project af = hdr->af; 1522949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project length -= hdrlen; 1532949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project caplen -= hdrlen; 1542949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project p += hdrlen; 1552949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project switch (af) { 1562949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1572949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case AF_INET: 1582949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#if OPENBSD_AF_INET != AF_INET 1592949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case OPENBSD_AF_INET: /* XXX: read pcap files */ 1602949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 1612949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ip_print(gndo, p, length); 1622949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 1632949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1642949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#ifdef INET6 1652949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case AF_INET6: 1662949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#if OPENBSD_AF_INET6 != AF_INET6 1672949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project case OPENBSD_AF_INET6: /* XXX: read pcap files */ 1682949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 1692949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project ip6_print(p, length); 1702949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project break; 1712949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project#endif 1722949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1732949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default: 1742949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project /* address family not handled, print raw packet */ 1752949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (!eflag) 1762949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project pflog_print(hdr); 1772949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project if (!suppress_default_print) 1782949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project default_print(p, caplen); 1792949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project } 1802949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1812949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (hdrlen); 1822949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Projecttrunc: 1832949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project printf("[|pflog]"); 1842949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project return (hdrlen); 1852949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project} 1862949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project 1872949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project/* 1882949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * Local Variables: 1892949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * c-style: whitesmith 1902949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * c-basic-offset: 8 1912949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project * End: 1922949f58a438f6fd85f66a8b7ed4708042cde4b37The Android Open Source Project */ 193