--- fwsync/driver/fwsync.c 2022/08/18 12:53:19 1.10 +++ fwsync/driver/fwsync.c 2022/08/26 14:47:36 1.13 @@ -1,7 +1,29 @@ -/************************************************************************* -* (C) 2022 CloudSigma AG - Sofia/Bulgaria -* by Michael Pounov -**************************************************************************/ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2022 Michael Pounov , CloudSigma AG + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ #include "fwsync.h" @@ -162,18 +184,20 @@ fwsync_destroy(struct ip_fw_chain *ch, ip_fw3_opheader n = (int*) (oh + 1); if (*n & CFG_SYNC_EDGE) { + if (fws_ctx.config & CTX_EDGE_ONLINE) { + ipfw_unregister_state_sync(); + ipfw_unregister_alias_sync(); + } + + callout_drain(&fws_co); + fws_cfg.cfg.on &= ~CFG_SYNC_EDGE; fws_cfg.cfg.edge = 0; fws_cfg.cfg.addrs = 0; memset(fws_cfg.cfg_addr, 0, sizeof fws_cfg.cfg_addr[0]); - if (fws_ctx.config & CTX_EDGE_ONLINE) { - callout_drain(&fws_co); - ipfw_unregister_state_sync(); - ipfw_unregister_alias_sync(); - soshutdown(fws_ctx.sockz[CFG_SYNC_ADDR_EDGE], SHUT_RD); - soclose(fws_ctx.sockz[CFG_SYNC_ADDR_EDGE]); - } + soshutdown(fws_ctx.sockz[CFG_SYNC_ADDR_EDGE], SHUT_RD); + soclose(fws_ctx.sockz[CFG_SYNC_ADDR_EDGE]); } if (*n & CFG_SYNC_COLLECTOR) { if (fws_ctx.config & (CTX_COLLECTOR_1_ONLINE | CTX_COLLECTOR_2_ONLINE)) { @@ -196,6 +220,8 @@ fwsync_destroy(struct ip_fw_chain *ch, ip_fw3_opheader fws_ctx.config ^= fws_ctx.config; + memset(&fws_acct, 0, sizeof fws_acct); + return 0; } @@ -240,7 +266,39 @@ fwsync_get_cfg(struct ip_fw_chain *ch, ip_fw3_opheader int fwsync_list(struct ip_fw_chain *ch, ip_fw3_opheader *op3, struct sockopt_data *sd) { + ipfw_obj_header *oh; + struct ipfw_sync_cfg *ucfg; + size_t sz; + DTRACE(); + + sz = sizeof(*oh) + sizeof(*ucfg); + /* Check minimum header size */ + if (sd->valsize < sz) + return (EINVAL); + + oh = (struct _ipfw_obj_header*) ipfw_get_sopt_header(sd, sz); + + /* Basic length checks for TLVs */ + if (oh->ntlv.head.length != sizeof(oh->ntlv)) + return (EINVAL); + + ucfg = (struct ipfw_sync_cfg*) (oh + 1); + + /* Check if name is properly terminated */ + if (strnlen(ucfg->name, sizeof(ucfg->name)) == sizeof(ucfg->name)) + return (EINVAL); + + ucfg->mode = 0; + if (fws_cfg.cfg.edge) + ucfg->mode |= CFG_SYNC_EDGE; + if (fws_cfg.cfg.collector) + ucfg->mode |= CFG_SYNC_COLLECTOR; + ucfg->addrs = 2; + memcpy(ucfg->addr[0].ip6.sin6_addr.s6_addr, &fws_acct.states[0], sizeof(uint64_t)); + memcpy(ucfg->addr[0].ip6.sin6_addr.s6_addr + 8, &fws_acct.states[1], sizeof(uint64_t)); + memcpy(ucfg->addr[1].ip6.sin6_addr.s6_addr, &fws_acct.aliases[0], sizeof(uint64_t)); + memcpy(ucfg->addr[1].ip6.sin6_addr.s6_addr + 8, &fws_acct.aliases[1], sizeof(uint64_t)); return 0; }