static void
ilbd_free_cli(ilbd_client_t *cli)
{
(void) close(cli->cli_sd);
if (cli->cli_cmd == ILBD_SHOW_NAT)
ilbd_show_nat_cleanup();
if (cli->cli_cmd == ILBD_SHOW_PERSIST)
ilbd_show_sticky_cleanup();
if (cli->cli_saved_reply != NULL)
free(cli->cli_saved_reply);
free(cli->cli_pw_buf);
free(cli);
}
/*
* To show the kernel NAT table.
*
* cli: the client pointer making the request.
* ic: the client request.
* rbuf: reply buffer to be filled in.
* rbufsz: reply buffer size.
*/
ilb_status_t
ilbd_show_nat(void *cli, const ilb_comm_t *ic, uint32_t *rbuf, size_t *rbufsz)
{
ilb_show_info_t *req_si = (ilb_show_info_t *)&ic->ic_data;
ilb_list_nat_cmd_t *kcmd;
boolean_t start;
size_t tmp_rbufsz, kbufsz;
uint32_t max_num;
ilb_status_t ret;
int i;
ilb_show_info_t *reply;
ilb_nat_info_t *nat_ret;
/* For new client request, start from the beginning of the table. */
if (nat_cur_cli == NULL) {
nat_cur_cli = cli;
start = B_TRUE;
} else if (cli == nat_cur_cli) {
/*
* Another request from client. If the client does not
* want to continue, reset the current client and reply OK.
*/
if (ic->ic_flags & ILB_COMM_END) {
ilbd_show_nat_cleanup();
ilbd_reply_ok(rbuf, rbufsz);
return (ILB_STATUS_OK);
}
start = B_FALSE;
} else {
/* A request is on-going, so reject a new client. */
return (ILB_STATUS_INPROGRESS);
}
tmp_rbufsz = *rbufsz;
ilbd_reply_ok(rbuf, rbufsz);
reply = (ilb_show_info_t *)&((ilb_comm_t *)rbuf)->ic_data;
/*
* Calculate the max number of ilb_nat_info_t can be fitted in the
* reply.
*/
*rbufsz += sizeof (ilb_show_info_t *);
tmp_rbufsz -= *rbufsz;
max_num = tmp_rbufsz / sizeof (ilb_nat_info_t);
/*
* Calculate the exact number of entries we should request from kernel.
*/
max_num = min(req_si->sn_num, min(NUM_ENTRIES, max_num));
kbufsz = max_num * sizeof (ilb_nat_entry_t) +
offsetof(ilb_list_nat_cmd_t, entries);
if ((kcmd = malloc(kbufsz)) == NULL) {
logdebug("ilbd_show_nat: malloc(cmd)");
ilbd_reply_err(rbuf, rbufsz, ILB_STATUS_ENOMEM);
return (ILB_STATUS_ENOMEM);
}
kcmd->cmd = ILB_LIST_NAT_TABLE;
kcmd->flags = start ? ILB_LIST_BEGIN : ILB_LIST_CONT;
kcmd->num_nat = max_num;
if ((ret = do_ioctl(kcmd, kbufsz)) != ILB_STATUS_OK) {
logperror("ilbd_show_nat: ioctl(ILB_LIST_NAT_TABLE)");
ilbd_reply_err(rbuf, rbufsz, ret);
free(kcmd);
return (ret);
}
reply->sn_num = kcmd->num_nat;
*rbufsz += reply->sn_num * sizeof (ilb_nat_info_t);
/*
* It is the end of table, let the client know. And the transaction
* is done.
*/
if (kcmd->flags & ILB_LIST_END) {
nat_cur_cli = NULL;
} else {
/*
* ilbd_reply_ok() sets ic_flags to ILB_COMM_END by default.
* Need to clear it here.
*/
((ilb_comm_t *)rbuf)->ic_flags = 0;
}
nat_ret = (ilb_nat_info_t *)&reply->sn_data;
for (i = 0; i < kcmd->num_nat; i++) {
ilb_nat_entry_t *nat;
nat = &kcmd->entries[i];
nat_ret->nat_proto = nat->proto;
nat_ret->nat_in_local = nat->in_local;
nat_ret->nat_in_global = nat->in_global;
nat_ret->nat_out_local = nat->out_local;
nat_ret->nat_out_global = nat->out_global;
nat_ret->nat_in_local_port = nat->in_local_port;
nat_ret->nat_in_global_port = nat->in_global_port;
nat_ret->nat_out_local_port = nat->out_local_port;
nat_ret->nat_out_global_port = nat->out_global_port;
nat_ret++;
}
end:
free(kcmd);
return (ret);
}
