static char *
mask_to_numeric(const struct in6_addr *addrp)
{
static char buf[50+2];
int l = ipv6_prefix_length(addrp);
if (l == -1) {
strcpy(buf, "/");
strcat(buf, addr_to_numeric(addrp));
return buf;
}
sprintf(buf, "/%d", l);
return buf;
}
/* print a given ip including mask if neccessary */
static void print_ip(char *prefix, const struct in6_addr *ip, const struct in6_addr *mask, int invert)
{
char buf[51];
int l = ipv6_prefix_length(mask);
if (l == 0 && !invert)
return;
printf("%s %s%s",
prefix,
invert ? "! " : "",
inet_ntop(AF_INET6, ip, buf, sizeof buf));
if (l == -1)
printf("/%s ", inet_ntop(AF_INET6, mask, buf, sizeof buf));
else
printf("/%d ", l);
}
static int
dump_entry(struct ip6t_entry *e, const ip6tc_handle_t handle)
{
size_t i;
char buf[40];
int len;
struct ip6t_entry_target *t;
printf("Entry %u (%lu):\n", entry2index(handle, e),
entry2offset(handle, e));
puts("SRC IP: ");
inet_ntop(AF_INET6, &e->ipv6.src, buf, sizeof buf);
puts(buf);
putchar('/');
len = ipv6_prefix_length(&e->ipv6.smsk);
if (len != -1)
printf("%d", len);
else {
inet_ntop(AF_INET6, &e->ipv6.smsk, buf, sizeof buf);
puts(buf);
}
putchar('\n');
puts("DST IP: ");
inet_ntop(AF_INET6, &e->ipv6.dst, buf, sizeof buf);
puts(buf);
putchar('/');
len = ipv6_prefix_length(&e->ipv6.dmsk);
if (len != -1)
printf("%d", len);
else {
inet_ntop(AF_INET6, &e->ipv6.dmsk, buf, sizeof buf);
puts(buf);
}
putchar('\n');
printf("Interface: `%s'/", e->ipv6.iniface);
for (i = 0; i < IFNAMSIZ; i++)
printf("%c", e->ipv6.iniface_mask[i] ? 'X' : '.');
printf("to `%s'/", e->ipv6.outiface);
for (i = 0; i < IFNAMSIZ; i++)
printf("%c", e->ipv6.outiface_mask[i] ? 'X' : '.');
printf("\nProtocol: %u\n", e->ipv6.proto);
if (e->ipv6.flags & IP6T_F_TOS)
printf("TOS: %u\n", e->ipv6.tos);
printf("Flags: %02X\n", e->ipv6.flags);
printf("Invflags: %02X\n", e->ipv6.invflags);
printf("Counters: %llu packets, %llu bytes\n",
e->counters.pcnt, e->counters.bcnt);
printf("Cache: %08X ", e->nfcache);
if (e->nfcache & NFC_ALTERED) printf("ALTERED ");
if (e->nfcache & NFC_UNKNOWN) printf("UNKNOWN ");
if (e->nfcache & NFC_IP6_SRC) printf("IP6_SRC ");
if (e->nfcache & NFC_IP6_DST) printf("IP6_DST ");
if (e->nfcache & NFC_IP6_IF_IN) printf("IP6_IF_IN ");
if (e->nfcache & NFC_IP6_IF_OUT) printf("IP6_IF_OUT ");
if (e->nfcache & NFC_IP6_TOS) printf("IP6_TOS ");
if (e->nfcache & NFC_IP6_PROTO) printf("IP6_PROTO ");
if (e->nfcache & NFC_IP6_OPTIONS) printf("IP6_OPTIONS ");
if (e->nfcache & NFC_IP6_TCPFLAGS) printf("IP6_TCPFLAGS ");
if (e->nfcache & NFC_IP6_SRC_PT) printf("IP6_SRC_PT ");
if (e->nfcache & NFC_IP6_DST_PT) printf("IP6_DST_PT ");
if (e->nfcache & NFC_IP6_PROTO_UNKNOWN) printf("IP6_PROTO_UNKNOWN ");
printf("\n");
IP6T_MATCH_ITERATE(e, print_match);
t = ip6t_get_target(e);
printf("Target name: `%s' [%u]\n", t->u.user.name, t->u.target_size);
if (strcmp(t->u.user.name, IP6T_STANDARD_TARGET) == 0) {
int pos = *(int *)t->data;
if (pos < 0)
printf("verdict=%s\n",
pos == -NF_ACCEPT-1 ? "NF_ACCEPT"
: pos == -NF_DROP-1 ? "NF_DROP"
: pos == IP6T_RETURN ? "RETURN"
: "UNKNOWN");
else
printf("verdict=%u\n", pos);
} else if (strcmp(t->u.user.name, IP6T_ERROR_TARGET) == 0)
printf("error=`%s'\n", t->data);
printf("\n");
return 0;
}