Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-4]: src/sys/netinet Pull up revision 1.35 (requested by darrenr):
details: https://anonhg.NetBSD.org/src/rev/1efcad8830b4
branches: netbsd-1-4
changeset: 469951:1efcad8830b4
user: he <he%NetBSD.org@localhost>
date: Mon Dec 20 21:07:57 1999 +0000
description:
Pull up revision 1.35 (requested by darrenr):
Update IPF to version 3.3.5.
diffstat:
sys/netinet/ip_fil.c | 588 ++++++++++++++++++++++++++++++++------------------
1 files changed, 376 insertions(+), 212 deletions(-)
diffs (truncated from 1166 to 300 lines):
diff -r 7f9e4fd9de76 -r 1efcad8830b4 sys/netinet/ip_fil.c
--- a/sys/netinet/ip_fil.c Mon Dec 20 21:07:52 1999 +0000
+++ b/sys/netinet/ip_fil.c Mon Dec 20 21:07:57 1999 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_fil.c,v 1.34 1999/02/02 19:57:31 cjs Exp $ */
+/* $NetBSD: ip_fil.c,v 1.34.2.1 1999/12/20 21:07:57 he Exp $ */
/*
* Copyright (C) 1993-1998 by Darren Reed.
@@ -9,20 +9,29 @@
*/
#if !defined(lint)
#if defined(__NetBSD__)
-static const char rcsid[] = "$NetBSD: ip_fil.c,v 1.34 1999/02/02 19:57:31 cjs Exp $";
+static const char rcsid[] = "$NetBSD: ip_fil.c,v 1.34.2.1 1999/12/20 21:07:57 he Exp $";
#else
static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-1995 Darren Reed";
-static const char rcsid[] = "@(#)Id: ip_fil.c,v 2.0.2.44.2.10 1998/11/22 01:50:22 darrenr Exp ";
+static const char rcsid[] = "@(#)Id: ip_fil.c,v 2.4.2.14 1999/12/11 05:31:08 darrenr Exp";
+#endif
#endif
+
+#if defined(__NetBSD__) && defined(_KERNEL)
+# ifdef _LKM
+# define IPSEC
+# else
+# include "opt_ipsec.h"
+# endif
#endif
#ifndef SOLARIS
#define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
#endif
-#if defined(KERNEL) && !defined(_KERNEL)
+#if defined(__FreeBSD__) && defined(KERNEL) && !defined(_KERNEL)
# define _KERNEL
#endif
+#include <sys/param.h>
#ifdef __FreeBSD__
# if defined(_KERNEL) && !defined(IPFILTER_LKM)
# include <sys/osreldate.h>
@@ -35,10 +44,10 @@
# include <string.h>
# include <stdlib.h>
# include <ctype.h>
+# include <fcntl.h>
#endif
#include <sys/errno.h>
#include <sys/types.h>
-#include <sys/param.h>
#include <sys/file.h>
#if __FreeBSD_version >= 220000 && defined(_KERNEL)
# include <sys/fcntl.h>
@@ -52,7 +61,7 @@
#endif
#include <sys/uio.h>
#if !SOLARIS
-# if (NetBSD > 199609) || (OpenBSD > 199603)
+# if (NetBSD > 199609) || (OpenBSD > 199603) || (__FreeBSD_version >= 300000)
# include <sys/dirent.h>
# else
# include <sys/dir.h>
@@ -70,6 +79,9 @@
#endif
#if __FreeBSD_version >= 300000
# include <net/if_var.h>
+# if defined(_KERNEL) && !defined(IPFILTER_LKM)
+# include "opt_ipfilter.h"
+# endif
#endif
#ifdef __sgi
#include <sys/debug.h>
@@ -80,7 +92,7 @@
#include <net/route.h>
#include <netinet/in.h>
#if !(defined(__sgi) && !defined(IFF_DRVRLOCK)) /* IRIX < 6 */
-#include <netinet/in_var.h>
+# include <netinet/in_var.h>
#endif
#include <netinet/in_systm.h>
#include <netinet/ip.h>
@@ -90,6 +102,7 @@
#include <netinet/tcpip.h>
#include <netinet/ip_icmp.h>
#ifndef _KERNEL
+# include <unistd.h>
# include <syslog.h>
#endif
#include "netinet/ip_compat.h"
@@ -99,10 +112,14 @@
#include "netinet/ip_frag.h"
#include "netinet/ip_state.h"
#include "netinet/ip_auth.h"
+#if defined(__FreeBSD_version) && (__FreeBSD_version >= 300000)
+# include <sys/malloc.h>
+#endif
#ifndef MIN
-#define MIN(a,b) (((a)<(b))?(a):(b))
+# define MIN(a,b) (((a)<(b))?(a):(b))
#endif
-#if !SOLARIS && defined(_KERNEL)
+#if !SOLARIS && defined(_KERNEL) && !defined(__sgi)
+# include <sys/kernel.h>
extern int ip_optcopy __P((struct ip *, struct ip *));
#endif
@@ -114,11 +131,6 @@
static struct ifnet **ifneta = NULL;
static int nifs = 0;
#else
-# if (BSD < 199306) && !defined(__sgi)
-static int (*fr_saveslowtimo) __P((void));
-# else
-static void (*fr_saveslowtimo) __P((void));
-# endif
# if (BSD < 199306) || defined(__sgi)
extern int tcp_ttl;
# endif
@@ -128,9 +140,7 @@
int ipl_unreach = ICMP_UNREACH_FILTER;
u_long ipl_frouteok[2] = {0, 0};
-static void fixskip __P((frentry_t **, frentry_t *, int));
static void frzerostats __P((caddr_t));
-static void frsync __P((void));
#if defined(__NetBSD__) || defined(__OpenBSD__)
static int frrequest __P((int, u_long, caddr_t, int));
#else
@@ -138,8 +148,10 @@
#endif
#ifdef _KERNEL
static int (*fr_savep) __P((ip_t *, int, void *, int, struct mbuf **));
+static int send_ip __P((struct mbuf *, ip_t *));
# ifdef __sgi
extern kmutex_t ipf_rw;
+extern KRWLOCK_T ipf_mutex;
# endif
#else
int ipllog __P((void));
@@ -156,6 +168,15 @@
struct sockaddr *, struct rtentry *));
# endif
#endif
+#if defined(IPFILTER_LKM)
+int fr_running = 1;
+#else
+int fr_running = 0;
+#endif
+
+#if (__FreeBSD_version >= 300000) && defined(_KERNEL)
+struct callout_handle ipfr_slowtimer_ch;
+#endif
#if (_BSDI_VERSION >= 199510) && defined(_KERNEL)
# include <sys/device.h>
@@ -232,6 +253,16 @@
return EBUSY;
}
+# ifdef IPFILTER_LOG
+ ipflog_init();
+# endif
+ if (nat_init() == -1)
+ return -1;
+ if (fr_stateinit() == -1)
+ return -1;
+ if (appr_init() == -1)
+ return -1;
+
# ifdef NETBSD_PF
pfil_add_hook((void *)fr_check, PFIL_IN|PFIL_OUT);
# endif
@@ -246,15 +277,9 @@
ipl_inited = 1;
bzero((char *)frcache, sizeof(frcache));
- bzero((char *)nat_table, sizeof(nat_table));
fr_savep = fr_checkp;
fr_checkp = fr_check;
- fr_saveslowtimo = inetsw[0].pr_slowtimo;
- inetsw[0].pr_slowtimo = ipfr_slowtimer;
-# ifdef IPFILTER_LOG
- ipflog_init();
-# endif
SPL_X(s);
if (fr_pass & FR_PASS)
defpass = "pass";
@@ -270,6 +295,14 @@
# else
"disabled");
# endif
+ printf("%s\n", ipfilter_version);
+#ifdef _KERNEL
+# if (__FreeBSD_version >= 300000) && defined(_KERNEL)
+ ipfr_slowtimer_ch = timeout(ipfr_slowtimer, NULL, hz/2);
+# else
+ timeout(ipfr_slowtimer, NULL, hz/2);
+# endif
+#endif
return 0;
}
@@ -286,6 +319,17 @@
{
int s, i = FR_INQUE|FR_OUTQUE;
+#ifdef _KERNEL
+# if (__FreeBSD_version >= 300000)
+ untimeout(ipfr_slowtimer, NULL, ipfr_slowtimer_ch);
+# else
+# ifdef __sgi
+ untimeout(ipfr_slowtimer);
+# else
+ untimeout(ipfr_slowtimer, NULL);
+# endif
+# endif
+#endif
SPL_NET(s);
if (!ipl_inited)
{
@@ -295,8 +339,7 @@
}
fr_checkp = fr_savep;
- inetsw[0].pr_slowtimo = fr_saveslowtimo;
- frflush(IPL_LOGIPF, &i);
+ i = frflush(IPL_LOGIPF, i);
ipl_inited = 0;
# ifdef NETBSD_PF
@@ -321,7 +364,7 @@
static void frzerostats(data)
caddr_t data;
{
- struct friostat fio;
+ friostat_t fio;
bcopy((char *)frstats, (char *)fio.f_st,
sizeof(struct filterstats) * 2);
@@ -353,14 +396,15 @@
#else
int IPL_EXTERN(ioctl)(dev, cmd, data, mode
#if ((_BSDI_VERSION >= 199510) || (BSD >= 199506) || (NetBSD >= 199511) || \
- (__FreeBSD_version >= 220000)) && defined(_KERNEL)
+ (__FreeBSD_version >= 220000) || defined(__OpenBSD__)) && defined(_KERNEL)
, p)
struct proc *p;
#else
)
#endif
dev_t dev;
-#if defined(__NetBSD__) || defined(__OpenBSD__) || (_BSDI_VERSION >= 199701)
+#if defined(__NetBSD__) || defined(__OpenBSD__) || \
+ (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000)
u_long cmd;
#else
int cmd;
@@ -374,10 +418,16 @@
#endif
int error = 0, unit = 0, tmp;
+#if (BSD >= 199306) && defined(_KERNEL)
+ if ((securelevel >= 2) && (mode & FWRITE))
+ return EPERM;
+#endif
#ifdef _KERNEL
unit = GET_MINOR(dev);
if ((IPL_LOGMAX < unit) || (unit < 0))
return ENXIO;
+#else
+ unit = dev;
#endif
SPL_NET(s);
@@ -404,35 +454,33 @@
{
u_int enable;
-# if defined(__NetBSD__) && defined(_KERNEL)
- if ((securelevel >= 2) || !(mode & FWRITE))
-#else
if (!(mode & FWRITE))
-#endif
error = EPERM;
else {
IRCOPY(data, (caddr_t)&enable, sizeof(enable));
+ if (enable) {
# if defined(__NetBSD__)
- if (enable)
error = ipl_enable();
- else
+# else
+ error = iplattach();
+# endif
+ if (error == 0)
+ fr_running = 1;
+ } else {
+# if defined(__NetBSD__)
Home |
Main Index |
Thread Index |
Old Index