Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-4]: src/sys/netinet Pull up revision 1.15 (requested by darrenr):
details: https://anonhg.NetBSD.org/src/rev/19161cabea54
branches: netbsd-1-4
changeset: 469942:19161cabea54
user: he <he%NetBSD.org@localhost>
date: Mon Dec 20 21:07:13 1999 +0000
description:
Pull up revision 1.15 (requested by darrenr):
Update IPF to version 3.3.5.
diffstat:
sys/netinet/ip_frag.c | 218 ++++++++++++++++++++++++++++++++-----------------
1 files changed, 140 insertions(+), 78 deletions(-)
diffs (truncated from 439 to 300 lines):
diff -r 7b2a415629ce -r 19161cabea54 sys/netinet/ip_frag.c
--- a/sys/netinet/ip_frag.c Mon Dec 20 21:07:06 1999 +0000
+++ b/sys/netinet/ip_frag.c Mon Dec 20 21:07:13 1999 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_frag.c,v 1.14 1999/02/02 19:57:32 cjs Exp $ */
+/* $NetBSD: ip_frag.c,v 1.14.2.1 1999/12/20 21:07:13 he Exp $ */
/*
* Copyright (C) 1993-1998 by Darren Reed.
@@ -9,11 +9,16 @@
*/
#if !defined(lint)
#if defined(__NetBSD__)
-static const char rcsid[] = "$NetBSD: ip_frag.c,v 1.14 1999/02/02 19:57:32 cjs Exp $";
+static const char rcsid[] = "$NetBSD: ip_frag.c,v 1.14.2.1 1999/12/20 21:07:13 he Exp $";
#else
static const char sccsid[] = "@(#)ip_frag.c 1.11 3/24/96 (C) 1993-1995 Darren Reed";
-static const char rcsid[] = "@(#)Id: ip_frag.c,v 2.0.2.19.2.6 1998/11/22 01:50:25 darrenr Exp ";
+static const char rcsid[] = "@(#)Id: ip_frag.c,v 2.4.2.3 1999/09/18 15:03:54 darrenr Exp ";
+static const char rcsid[] = "@(#)Id: ip_frag.c,v 2.4.2.4 1999/11/28 04:52:10 darrenr Exp";
+#endif
#endif
+
+#if defined(__FreeBSD__) && defined(KERNEL) && !defined(_KERNEL)
+# define _KERNEL
#endif
#include <sys/errno.h>
@@ -27,40 +32,44 @@
# include <stdlib.h>
#endif
#if defined(KERNEL) && (__FreeBSD_version >= 220000)
-#include <sys/filio.h>
-#include <sys/fcntl.h>
+# include <sys/filio.h>
+# include <sys/fcntl.h>
#else
-#include <sys/ioctl.h>
+# include <sys/ioctl.h>
#endif
#include <sys/uio.h>
#ifndef linux
-#include <sys/protosw.h>
+# include <sys/protosw.h>
#endif
#include <sys/socket.h>
#if defined(_KERNEL) && !defined(linux)
# include <sys/systm.h>
#endif
#if !defined(__SVR4) && !defined(__svr4__)
+# if defined(_KERNEL) && !defined(__sgi)
+# include <sys/kernel.h>
+# endif
# ifndef linux
# include <sys/mbuf.h>
# endif
#else
# include <sys/byteorder.h>
-# include <sys/dditypes.h>
+# ifdef _KERNEL
+# include <sys/dditypes.h>
+# endif
# include <sys/stream.h>
# include <sys/kmem.h>
#endif
-
#include <net/if.h>
#ifdef sun
-#include <net/af.h>
+# include <net/af.h>
#endif
#include <net/route.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#ifndef linux
-#include <netinet/ip_var.h>
+# include <netinet/ip_var.h>
#endif
#include <netinet/tcp.h>
#include <netinet/udp.h>
@@ -73,6 +82,17 @@
#include "netinet/ip_frag.h"
#include "netinet/ip_state.h"
#include "netinet/ip_auth.h"
+#if (__FreeBSD_version >= 300000)
+# include <sys/malloc.h>
+# if (defined(KERNEL) || defined(_KERNEL))
+# ifndef IPFILTER_LKM
+# include <sys/libkern.h>
+# include <sys/systm.h>
+# endif
+extern struct callout_handle ipfr_slowtimer_ch;
+# endif
+#endif
+
ipfr_t *ipfr_heads[IPFT_SIZE];
ipfr_t *ipfr_nattab[IPFT_SIZE];
@@ -80,16 +100,26 @@
int ipfr_inuse = 0,
fr_ipfrttl = 120; /* 60 seconds */
#ifdef _KERNEL
+# if SOLARIS2 >= 7
+extern timeout_id_t ipfr_timer_id;
+# else
extern int ipfr_timer_id;
+# endif
#endif
#if (SOLARIS || defined(__sgi)) && defined(_KERNEL)
-extern KRWLOCK_T ipf_frag, ipf_natfrag, ipf_nat;
+extern KRWLOCK_T ipf_frag, ipf_natfrag, ipf_nat, ipf_mutex;
+# if SOLARIS
+extern KRWLOCK_T ipf_solaris;
+# else
+KRWLOCK_T ipf_solaris;
+# endif
extern kmutex_t ipf_rw;
#endif
-static ipfr_t *ipfr_new __P((ip_t *, fr_info_t *, int, ipfr_t **));
+static ipfr_t *ipfr_new __P((ip_t *, fr_info_t *, u_int, ipfr_t **));
static ipfr_t *ipfr_lookup __P((ip_t *, fr_info_t *, ipfr_t **));
+static void ipfr_delete __P((ipfr_t *));
ipfrstat_t *ipfr_fragstats()
@@ -108,10 +138,10 @@
static ipfr_t *ipfr_new(ip, fin, pass, table)
ip_t *ip;
fr_info_t *fin;
-int pass;
+u_int pass;
ipfr_t *table[];
{
- ipfr_t **fp, *fr, frag;
+ ipfr_t **fp, *fra, frag;
u_int idx;
frag.ipfr_p = ip->ip_p;
@@ -129,8 +159,8 @@
/*
* first, make sure it isn't already there...
*/
- for (fp = &table[idx]; (fr = *fp); fp = &fr->ipfr_next)
- if (!bcmp((char *)&frag.ipfr_src, (char *)&fr->ipfr_src,
+ for (fp = &table[idx]; (fra = *fp); fp = &fra->ipfr_next)
+ if (!bcmp((char *)&frag.ipfr_src, (char *)&fra->ipfr_src,
IPFR_CMPSZ)) {
ATOMIC_INC(ipfr_stats.ifs_exists);
return NULL;
@@ -140,39 +170,43 @@
* allocate some memory, if possible, if not, just record that we
* failed to do so.
*/
- KMALLOC(fr, ipfr_t *, sizeof(*fr));
- if (fr == NULL) {
+ KMALLOC(fra, ipfr_t *);
+ if (fra == NULL) {
ATOMIC_INC(ipfr_stats.ifs_nomem);
return NULL;
}
+ if ((fra->ipfr_rule = fin->fin_fr) != NULL) {
+ ATOMIC_INC(fin->fin_fr->fr_ref);
+ }
+
+
/*
* Instert the fragment into the fragment table, copy the struct used
* in the search using bcopy rather than reassign each field.
* Set the ttl to the default and mask out logging from "pass"
*/
- if ((fr->ipfr_next = table[idx]))
- table[idx]->ipfr_prev = fr;
- fr->ipfr_prev = NULL;
- fr->ipfr_data = NULL;
- table[idx] = fr;
- bcopy((char *)&frag.ipfr_src, (char *)&fr->ipfr_src, IPFR_CMPSZ);
- fr->ipfr_ttl = fr_ipfrttl;
- fr->ipfr_pass = pass & ~(FR_LOGFIRST|FR_LOG);
+ if ((fra->ipfr_next = table[idx]))
+ table[idx]->ipfr_prev = fra;
+ fra->ipfr_prev = NULL;
+ fra->ipfr_data = NULL;
+ table[idx] = fra;
+ bcopy((char *)&frag.ipfr_src, (char *)&fra->ipfr_src, IPFR_CMPSZ);
+ fra->ipfr_ttl = fr_ipfrttl;
/*
* Compute the offset of the expected start of the next packet.
*/
- fr->ipfr_off = (ip->ip_off & IP_OFFMASK) + (fin->fin_dlen >> 3);
+ fra->ipfr_off = (ip->ip_off & IP_OFFMASK) + (fin->fin_dlen >> 3);
ATOMIC_INC(ipfr_stats.ifs_new);
ATOMIC_INC(ipfr_inuse);
- return fr;
+ return fra;
}
int ipfr_newfrag(ip, fin, pass)
ip_t *ip;
fr_info_t *fin;
-int pass;
+u_int pass;
{
ipfr_t *ipf;
@@ -186,7 +220,7 @@
int ipfr_nat_newfrag(ip, fin, pass, nat)
ip_t *ip;
fr_info_t *fin;
-int pass;
+u_int pass;
nat_t *nat;
{
ipfr_t *ipf;
@@ -252,14 +286,14 @@
f->ipfr_prev = NULL;
table[idx] = f;
}
- off = ip->ip_off;
+ off = ip->ip_off & IP_OFFMASK;
atoff = off + (fin->fin_dlen >> 3);
/*
* If we've follwed the fragments, and this is the
* last (in order), shrink expiration time.
*/
- if ((off & IP_OFFMASK) == f->ipfr_off) {
- if (!(off & IP_MF))
+ if (off == f->ipfr_off) {
+ if (!(ip->ip_off & IP_MF))
f->ipfr_ttl = 1;
else
f->ipfr_off = atoff;
@@ -302,18 +336,19 @@
/*
* functional interface for normal lookups of the fragment cache
*/
-int ipfr_knownfrag(ip, fin)
+frentry_t *ipfr_knownfrag(ip, fin)
ip_t *ip;
fr_info_t *fin;
{
- int ret;
- ipfr_t *ipf;
+ frentry_t *fr = NULL;
+ ipfr_t *fra;
READ_ENTER(&ipf_frag);
- ipf = ipfr_lookup(ip, fin, ipfr_heads);
- ret = ipf ? ipf->ipfr_pass : 0;
+ fra = ipfr_lookup(ip, fin, ipfr_heads);
+ if (fra != NULL)
+ fr = fra->ipfr_rule;
RWLOCK_EXIT(&ipf_frag);
- return ret;
+ return fr;
}
@@ -336,34 +371,53 @@
}
+static void ipfr_delete(fra)
+ipfr_t *fra;
+{
+ frentry_t *fr;
+
+ fr = fra->ipfr_rule;
+ if (fr != NULL) {
+ ATOMIC_DEC(fr->fr_ref);
+ if (fr->fr_ref == 0)
+ KFREE(fr);
+ }
+ if (fra->ipfr_prev)
+ fra->ipfr_prev->ipfr_next = fra->ipfr_next;
+ if (fra->ipfr_next)
+ fra->ipfr_next->ipfr_prev = fra->ipfr_prev;
+ KFREE(fra);
+}
+
+
/*
* Free memory in use by fragment state info. kept.
*/
void ipfr_unload()
{
- ipfr_t **fp, *fr;
+ ipfr_t **fp, *fra;
nat_t *nat;
int idx;
WRITE_ENTER(&ipf_frag);
for (idx = IPFT_SIZE - 1; idx >= 0; idx--)
- for (fp = &ipfr_heads[idx]; (fr = *fp); ) {
- *fp = fr->ipfr_next;
- KFREE(fr);
Home |
Main Index |
Thread Index |
Old Index