Re: pfctl -ss: show rt_addr
On 2019/02/02 19:26, YASUOKA Masahiko wrote:
> On Fri, 1 Feb 2019 11:13:01 +
> Stuart Henderson wrote:
> > On 2019/02/01 18:09, YASUOKA Masahiko wrote:
> >> Hi,
> >>
> >> I often use "route-to" for DSR or balancing routes. It seems there is
> >> no way to know which route is selected for the pf state.
> >>
> >> The diff following makes "pfctl -ss" show the route address with
> >> square brackets if any.
> >>
> >> example:
> >>
> >> all tcp 10.0.0.101:8080 [10.0.0.12] <- 10.1.0.100:45482
> >> ESTABLISHED:ESTABLISHED
> >>
> >> all tcp 10.0.0.165:35691 -> 192.168.0.156:22 [10.0.0.2]
> >> ESTABLISHED:ESTABLISHED
> >>
> >> ok? comment?
> >
> > I'd like to have this information too, but [] are quite heavily used
> > in the output format already, making it a bit hard to grep or pipe
> > through cut -d'[' to extract certain parts. What do you/anyone else
> > think of using { } for this instead?
>
> Using { } is also fine for me.
Thanks, OK sthen@
> Index: sbin/pfctl/pf_print_state.c
> ===
> RCS file: /disk/cvs/openbsd/src/sbin/pfctl/pf_print_state.c,v
> retrieving revision 1.68
> diff -u -p -r1.68 pf_print_state.c
> --- sbin/pfctl/pf_print_state.c 7 Sep 2018 10:29:22 - 1.68
> +++ sbin/pfctl/pf_print_state.c 2 Feb 2019 10:21:24 -
> @@ -241,6 +241,11 @@ print_state(struct pfsync_state *s, int
> sk->rdomain, pn, opts);
> printf(")");
> }
> + if (s->direction == PF_IN && !PF_AZERO(>rt_addr, sk->af)) {
> + printf(" {");
> + print_addr_str(sk->af, >rt_addr);
> + printf("}");
> + }
> if (s->direction == PF_OUT || (afto && s->direction == PF_IN))
> printf(" -> ");
> else
> @@ -254,6 +259,11 @@ print_state(struct pfsync_state *s, int
> print_host(>addr[idx], sk->port[idx], sk->af,
> sk->rdomain, pn, opts);
> printf(")");
> + }
> + if (s->direction == PF_OUT && !PF_AZERO(>rt_addr, nk->af)) {
> + printf(" {");
> + print_addr_str(nk->af, >rt_addr);
> + printf("}");
> }
>
> printf("");
Re: pfctl -ss: show rt_addr
On Fri, 1 Feb 2019 11:13:01 +
Stuart Henderson wrote:
> On 2019/02/01 18:09, YASUOKA Masahiko wrote:
>> Hi,
>>
>> I often use "route-to" for DSR or balancing routes. It seems there is
>> no way to know which route is selected for the pf state.
>>
>> The diff following makes "pfctl -ss" show the route address with
>> square brackets if any.
>>
>> example:
>>
>> all tcp 10.0.0.101:8080 [10.0.0.12] <- 10.1.0.100:45482
>> ESTABLISHED:ESTABLISHED
>>
>> all tcp 10.0.0.165:35691 -> 192.168.0.156:22 [10.0.0.2]
>> ESTABLISHED:ESTABLISHED
>>
>> ok? comment?
>
> I'd like to have this information too, but [] are quite heavily used
> in the output format already, making it a bit hard to grep or pipe
> through cut -d'[' to extract certain parts. What do you/anyone else
> think of using { } for this instead?
Using { } is also fine for me.
Index: sbin/pfctl/pf_print_state.c
===
RCS file: /disk/cvs/openbsd/src/sbin/pfctl/pf_print_state.c,v
retrieving revision 1.68
diff -u -p -r1.68 pf_print_state.c
--- sbin/pfctl/pf_print_state.c 7 Sep 2018 10:29:22 - 1.68
+++ sbin/pfctl/pf_print_state.c 2 Feb 2019 10:21:24 -
@@ -241,6 +241,11 @@ print_state(struct pfsync_state *s, int
sk->rdomain, pn, opts);
printf(")");
}
+ if (s->direction == PF_IN && !PF_AZERO(>rt_addr, sk->af)) {
+ printf(" {");
+ print_addr_str(sk->af, >rt_addr);
+ printf("}");
+ }
if (s->direction == PF_OUT || (afto && s->direction == PF_IN))
printf(" -> ");
else
@@ -254,6 +259,11 @@ print_state(struct pfsync_state *s, int
print_host(>addr[idx], sk->port[idx], sk->af,
sk->rdomain, pn, opts);
printf(")");
+ }
+ if (s->direction == PF_OUT && !PF_AZERO(>rt_addr, nk->af)) {
+ printf(" {");
+ print_addr_str(nk->af, >rt_addr);
+ printf("}");
}
printf("");
Re: pfctl -ss: show rt_addr
On 2019/02/01 18:09, YASUOKA Masahiko wrote:
> Hi,
>
> I often use "route-to" for DSR or balancing routes. It seems there is
> no way to know which route is selected for the pf state.
>
> The diff following makes "pfctl -ss" show the route address with
> square brackets if any.
>
> example:
>
> all tcp 10.0.0.101:8080 [10.0.0.12] <- 10.1.0.100:45482
> ESTABLISHED:ESTABLISHED
>
> all tcp 10.0.0.165:35691 -> 192.168.0.156:22 [10.0.0.2]
> ESTABLISHED:ESTABLISHED
>
> ok? comment?
I'd like to have this information too, but [] are quite heavily used
in the output format already, making it a bit hard to grep or pipe
through cut -d'[' to extract certain parts. What do you/anyone else
think of using { } for this instead?
> Index: sbin/pfctl/pf_print_state.c
> ===
> RCS file: /var/cvs/openbsd/src/sbin/pfctl/pf_print_state.c,v
> retrieving revision 1.68
> diff -u -p -r1.68 pf_print_state.c
> --- sbin/pfctl/pf_print_state.c 7 Sep 2018 10:29:22 - 1.68
> +++ sbin/pfctl/pf_print_state.c 1 Feb 2019 08:53:35 -
> @@ -241,6 +241,11 @@ print_state(struct pfsync_state *s, int
> sk->rdomain, pn, opts);
> printf(")");
> }
> + if (s->direction == PF_IN && !PF_AZERO(>rt_addr, sk->af)) {
> + printf(" [");
> + print_addr_str(sk->af, >rt_addr);
> + printf("]");
> + }
> if (s->direction == PF_OUT || (afto && s->direction == PF_IN))
> printf(" -> ");
> else
> @@ -254,6 +259,11 @@ print_state(struct pfsync_state *s, int
> print_host(>addr[idx], sk->port[idx], sk->af,
> sk->rdomain, pn, opts);
> printf(")");
> + }
> + if (s->direction == PF_OUT && !PF_AZERO(>rt_addr, nk->af)) {
> + printf(" [");
> + print_addr_str(nk->af, >rt_addr);
> + printf("]");
> }
>
> printf("");
>
