--- fwsync/patches/sync.c 2022/06/22 13:01:55 1.1.1.1 +++ fwsync/patches/sync.c 2022/08/26 14:47:36 1.4 @@ -1,16 +1,29 @@ /*- - * Copyright (c) 2022 Michael Pounov + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * + * Copyright (c) 2022 Michael Pounov , CloudSigma AG * - * Redistribution and use in source forms, with and without modification, - * are permitted provided that this entire comment appears intact. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * Redistribution in binary form may occur without any restrictions. - * Obviously, it would be nice if you gave credit where credit is due - * but requiring it would be too onerous. + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * - * This software is provided ``AS IS'' without any warranties of any kind. - * * command line interface for sync state of IP firewall */ #include @@ -104,7 +117,7 @@ ipfw_config_sync(int ac, char **av) if (inet_pton(AF_INET6, host, &cfg->addr[0].ip6.sin6_addr) != 1) errx(EX_DATAERR, "invalid edge IPv6 address\n"); } - } else if (!strcmp(*av, "collector")) { + } else if (ac && !strcmp(*av, "collector")) { SYNC_SHIFT_ARG; if (!ac) errx(EX_DATAERR, "missing destination(s) address[,port]\n"); @@ -196,6 +209,46 @@ ipfw_config_sync(int ac, char **av) } free(buf); +} + +void +ipfw_list_sync(int ac, char **av) +{ + ipfw_obj_header *oh; + struct ipfw_sync_cfg *cfg; + size_t sz; + + SYNC_SHIFT_ARG; + + sz = sizeof *oh + sizeof *cfg; + while (42) { + if (!(oh = malloc(sz))) + return; + else + memset(oh, 0, sz); + cfg = (struct ipfw_sync_cfg*) (oh + 1); + oh->ntlv.head.length = sizeof(oh->ntlv); + strlcpy(oh->ntlv.name, ac ? *av : "", sizeof(oh->ntlv.name)); + strlcpy(cfg->name, ac ? *av : "", sizeof(cfg->name)); + + if (do_get3(IP_FW_SYNC_LIST, &oh->opheader, &sz)) { + free(oh); + if (errno == ENOMEM) + continue; + return; + } + + break; + } + + if (!ac || !strcmp(*av, "edge")) + printf("sync edge states %lu aliases %lu\n", + *(uint64_t*) (cfg->addr[0].ip6.sin6_addr.s6_addr + 8), + *(uint64_t*) (cfg->addr[1].ip6.sin6_addr.s6_addr + 8)); + if (!ac || !strcmp(*av, "collector")) + printf("sync collector states %lu aliases %lu\n", + *(uint64_t*) cfg->addr[0].ip6.sin6_addr.s6_addr, + *(uint64_t*) cfg->addr[1].ip6.sin6_addr.s6_addr); } void