summaryrefslogtreecommitdiffstats
path: root/usr.sbin/tcpdump/pf_print_state.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/tcpdump/pf_print_state.c')
-rw-r--r--usr.sbin/tcpdump/pf_print_state.c48
1 files changed, 30 insertions, 18 deletions
diff --git a/usr.sbin/tcpdump/pf_print_state.c b/usr.sbin/tcpdump/pf_print_state.c
index 745dadc9da2..2306cf9768a 100644
--- a/usr.sbin/tcpdump/pf_print_state.c
+++ b/usr.sbin/tcpdump/pf_print_state.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_print_state.c,v 1.5 2008/05/09 11:57:52 mpf Exp $ */
+/* $OpenBSD: pf_print_state.c,v 1.6 2008/05/29 01:00:53 mcbride Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -129,17 +129,15 @@ print_name(struct pf_addr *addr, sa_family_t af)
}
void
-print_host(struct pfsync_state_host *h, sa_family_t af, int opts)
+print_host(struct pf_addr *addr, u_int16_t port, sa_family_t af, int opts)
{
- u_int16_t p = ntohs(h->port);
-
if (opts & PF_OPT_USEDNS)
- print_name(&h->addr, af);
+ print_name(addr, af);
else {
struct pf_addr_wrap aw;
memset(&aw, 0, sizeof(aw));
- aw.v.a.addr = h->addr;
+ aw.v.a.addr = *addr;
if (af == AF_INET)
aw.v.a.mask.addr32[0] = 0xffffffff;
else {
@@ -149,11 +147,11 @@ print_host(struct pfsync_state_host *h, sa_family_t af, int opts)
print_addr(&aw, af, opts & PF_OPT_VERBOSE2);
}
- if (p) {
+ if (port) {
if (af == AF_INET)
- printf(":%u", p);
+ printf(":%u", ntohs(port));
else
- printf("[%u]", p);
+ printf("[%u]", ntohs(port));
}
}
@@ -172,31 +170,45 @@ void
print_state(struct pfsync_state *s, int opts)
{
struct pfsync_state_peer *src, *dst;
+ struct pfsync_state_key *sk, *nk;
int min, sec;
if (s->direction == PF_OUT) {
src = &s->src;
dst = &s->dst;
+ sk = &s->key[PF_SK_STACK];
+ nk = &s->key[PF_SK_WIRE];
+ if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6)
+ sk->port[0] = nk->port[0];
} else {
src = &s->dst;
dst = &s->src;
+ sk = &s->key[PF_SK_WIRE];
+ nk = &s->key[PF_SK_STACK];
+ if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6)
+ sk->port[1] = nk->port[1];
}
printf("%s ", s->ifname);
printf("%s ", ipproto_string(s->proto));
- if (PF_ANEQ(&s->lan.addr, &s->gwy.addr, s->af) ||
- (s->lan.port != s->gwy.port)) {
- print_host(&s->lan, s->af, opts);
- if (s->direction == PF_OUT)
- printf(" -> ");
- else
- printf(" <- ");
+
+ print_host(&nk->addr[1], nk->port[1], s->af, opts);
+ if (PF_ANEQ(&nk->addr[1], &sk->addr[1], s->af) ||
+ nk->port[1] != sk->port[1]) {
+ printf(" (");
+ print_host(&sk->addr[1], sk->port[1], s->af, opts);
+ printf(")");
}
- print_host(&s->gwy, s->af, opts);
if (s->direction == PF_OUT)
printf(" -> ");
else
printf(" <- ");
- print_host(&s->ext, s->af, opts);
+ print_host(&nk->addr[0], nk->port[0], s->af, opts);
+ if (PF_ANEQ(&nk->addr[0], &sk->addr[0], s->af) ||
+ nk->port[0] != sk->port[0]) {
+ printf(" (");
+ print_host(&sk->addr[0], sk->port[0], s->af, opts);
+ printf(")");
+ }
printf(" ");
if (s->proto == IPPROTO_TCP) {
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.