- npfctl_print_stats: beautification a la French style.
- npfctl_icmpcode: fix the build break.
This commit is contained in:
parent
7cf84a83d6
commit
083c690112
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: npf_data.c,v 1.16 2012/07/19 21:52:29 spz Exp $ */
|
||||
/* $NetBSD: npf_data.c,v 1.17 2012/07/19 22:22:53 rmind Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
|
||||
@ -31,7 +31,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__RCSID("$NetBSD: npf_data.c,v 1.16 2012/07/19 21:52:29 spz Exp $");
|
||||
__RCSID("$NetBSD: npf_data.c,v 1.17 2012/07/19 22:22:53 rmind Exp $");
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/null.h>
|
||||
@ -471,7 +471,7 @@ npfctl_icmptype(int proto, const char *type)
|
||||
uint8_t
|
||||
npfctl_icmpcode(int proto, uint8_t type, const char *code)
|
||||
{
|
||||
const char **arr;
|
||||
const char * const *arr;
|
||||
|
||||
switch (proto) {
|
||||
case IPPROTO_ICMP:
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: npfctl.c,v 1.16 2012/07/19 06:31:26 joerg Exp $ */
|
||||
/* $NetBSD: npfctl.c,v 1.17 2012/07/19 22:22:53 rmind Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
|
||||
@ -30,7 +30,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__RCSID("$NetBSD: npfctl.c,v 1.16 2012/07/19 06:31:26 joerg Exp $");
|
||||
__RCSID("$NetBSD: npfctl.c,v 1.17 2012/07/19 22:22:53 rmind Exp $");
|
||||
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/stat.h>
|
||||
@ -171,48 +171,64 @@ npfctl_parsecfg(const char *cfg)
|
||||
static int
|
||||
npfctl_print_stats(int fd)
|
||||
{
|
||||
static const struct stats_s {
|
||||
/* Note: -1 indicates a new section. */
|
||||
int index;
|
||||
const char * name;
|
||||
} stats[] = {
|
||||
{ -1, "Packets passed" },
|
||||
{ NPF_STAT_PASS_DEFAULT, "default pass" },
|
||||
{ NPF_STAT_PASS_RULESET, "ruleset pass" },
|
||||
{ NPF_STAT_PASS_SESSION, "session pass" },
|
||||
|
||||
{ -1, "Packets blocked" },
|
||||
{ NPF_STAT_BLOCK_DEFAULT, "default block" },
|
||||
{ NPF_STAT_BLOCK_RULESET, "ruleset block" },
|
||||
|
||||
{ -1, "Session and NAT entries" },
|
||||
{ NPF_STAT_SESSION_CREATE, "session allocations" },
|
||||
{ NPF_STAT_SESSION_DESTROY, "session destructions" },
|
||||
{ NPF_STAT_NAT_CREATE, "NAT entry allocations" },
|
||||
{ NPF_STAT_NAT_DESTROY, "NAT entry destructions"},
|
||||
|
||||
{ -1, "Invalid packet state cases" },
|
||||
{ NPF_STAT_INVALID_STATE, "cases in total" },
|
||||
{ NPF_STAT_INVALID_STATE_TCP1, "TCP case I" },
|
||||
{ NPF_STAT_INVALID_STATE_TCP2, "TCP case II" },
|
||||
{ NPF_STAT_INVALID_STATE_TCP3, "TCP case III" },
|
||||
|
||||
{ -1, "Packet race cases" },
|
||||
{ NPF_STAT_RACE_NAT, "NAT association race" },
|
||||
{ NPF_STAT_RACE_SESSION, "duplicate session race"},
|
||||
|
||||
{ -1, "Rule procedure cases" },
|
||||
{ NPF_STAT_RPROC_LOG, "packets logged" },
|
||||
{ NPF_STAT_RPROC_NORM, "packets normalised" },
|
||||
|
||||
{ -1, "Fragmentation" },
|
||||
{ NPF_STAT_FRAGMENTS, "fragments" },
|
||||
{ NPF_STAT_REASSEMBLY, "reassembled" },
|
||||
{ NPF_STAT_REASSFAIL, "failed reassembly" },
|
||||
|
||||
{ -1, "Other" },
|
||||
{ NPF_STAT_ERROR, "unexpected errors" },
|
||||
};
|
||||
uint64_t *st = zalloc(NPF_STATS_SIZE);
|
||||
|
||||
if (ioctl(fd, IOC_NPF_STATS, &st) != 0) {
|
||||
err(EXIT_FAILURE, "ioctl(IOC_NPF_STATS)");
|
||||
}
|
||||
|
||||
printf("Packets passed:\n\t%"PRIu64" default pass\n\t"
|
||||
"%"PRIu64 " ruleset pass\n\t%"PRIu64" session pass\n\n",
|
||||
st[NPF_STAT_PASS_DEFAULT], st[NPF_STAT_PASS_RULESET],
|
||||
st[NPF_STAT_PASS_SESSION]);
|
||||
for (unsigned i = 0; i < __arraycount(stats); i++) {
|
||||
const char *sname = stats[i].name;
|
||||
int sidx = stats[i].index;
|
||||
|
||||
printf("Packets blocked:\n\t%"PRIu64" default block\n\t"
|
||||
"%"PRIu64 " ruleset block\n\n", st[NPF_STAT_BLOCK_DEFAULT],
|
||||
st[NPF_STAT_BLOCK_RULESET]);
|
||||
|
||||
printf("Session and NAT entries:\n\t%"PRIu64" session allocations\n\t"
|
||||
"%"PRIu64" session destructions\n\t%"PRIu64" NAT entry allocations\n\t"
|
||||
"%"PRIu64" NAT entry destructions\n\n", st[NPF_STAT_SESSION_CREATE],
|
||||
st[NPF_STAT_SESSION_DESTROY], st[NPF_STAT_NAT_CREATE],
|
||||
st[NPF_STAT_NAT_DESTROY]);
|
||||
|
||||
printf("Invalid packet state cases:\n\t%"PRIu64" cases in total\n\t"
|
||||
"%"PRIu64" TCP case I\n\t%"PRIu64" TCP case II\n\t%"PRIu64
|
||||
" TCP case III\n\n", st[NPF_STAT_INVALID_STATE],
|
||||
st[NPF_STAT_INVALID_STATE_TCP1], st[NPF_STAT_INVALID_STATE_TCP2],
|
||||
st[NPF_STAT_INVALID_STATE_TCP3]);
|
||||
|
||||
printf("Packet race cases:\n\t%"PRIu64" NAT association race\n\t"
|
||||
"%"PRIu64" duplicate session race\n\n", st[NPF_STAT_RACE_NAT],
|
||||
st[NPF_STAT_RACE_SESSION]);
|
||||
|
||||
printf("Rule processing procedure cases:\n"
|
||||
"\t%"PRIu64" packets logged\n\t%"PRIu64" packets normalized\n\n",
|
||||
st[NPF_STAT_RPROC_LOG], st[NPF_STAT_RPROC_NORM]);
|
||||
|
||||
printf("Fragmentation:\n"
|
||||
"\t%"PRIu64" fragments\n\t%"PRIu64" reassembled\n"
|
||||
"\t%"PRIu64" failed reassembly\n\n",
|
||||
st[NPF_STAT_FRAGMENTS], st[NPF_STAT_REASSEMBLY],
|
||||
st[NPF_STAT_REASSFAIL]);
|
||||
|
||||
printf("Unexpected error cases:\n\t%"PRIu64"\n", st[NPF_STAT_ERROR]);
|
||||
if (sidx == -1) {
|
||||
printf("%s:\n", sname);
|
||||
} else {
|
||||
printf("\t%"PRIu64" %s\n", st[sidx], sname);
|
||||
}
|
||||
}
|
||||
|
||||
free(st);
|
||||
return 0;
|
||||
|
Loading…
Reference in New Issue
Block a user