More cleanup in preparation of ipfw relocation (no actual code change):

+ move ipfw and dummynet hooks declarations to raw_ip.c (definitions
  in ip_var.h) same as for most other global variables.
  This removes some dependencies from ip_input.c;

+ remove the IPFW_LOADED macro, just test ip_fw_chk_ptr directly;

+ remove the DUMMYNET_LOADED macro, just test ip_dn_io_ptr directly;

+ move ip_dn_ruledel_ptr to ip_fw2.c which is the only file using it;

To be merged together with rev 193497

MFC after:	5 days

sys/net/if_bridge.c

@@ -3039,7 +3039,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
 			goto bad;
 	}
 
-	if (IPFW_LOADED && pfil_ipfw != 0 && dir == PFIL_OUT && ifp != NULL) {
+	if (ip_fw_chk_ptr && pfil_ipfw != 0 && dir == PFIL_OUT && ifp != NULL) {
 		INIT_VNET_INET(curvnet);
 
 		error = -1;
@@ -3058,7 +3058,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
 		if (*mp == NULL)
 			return (error);
 
-		if (DUMMYNET_LOADED && (i == IP_FW_DUMMYNET)) {
+		if (ip_dn_io_ptr && (i == IP_FW_DUMMYNET)) {
 
 			/* put the Ethernet header back on */
 			M_PREPEND(*mp, ETHER_HDR_LEN, M_DONTWAIT);

sys/net/if_ethersubr.c

@@ -432,7 +432,7 @@ ether_output_frame(struct ifnet *ifp, struct mbuf *m)
 	INIT_VNET_NET(ifp->if_vnet);
 	struct ip_fw *rule = ip_dn_claim_rule(m);
 
-	if (IPFW_LOADED && V_ether_ipfw != 0) {
+	if (ip_fw_chk_ptr && V_ether_ipfw != 0) {
 		if (ether_ipfw_chk(&m, ifp, &rule, 0) == 0) {
 			if (m) {
 				m_freem(m);
@@ -520,7 +520,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
 	if (i == IP_FW_PASS) /* a PASS rule.  */
 		return 1;
 
-	if (DUMMYNET_LOADED && (i == IP_FW_DUMMYNET)) {
+	if (ip_dn_io_ptr && (i == IP_FW_DUMMYNET)) {
 		/*
 		 * Pass the pkt to dummynet, which consumes it.
 		 * If shared, make a copy and keep the original.
@@ -766,7 +766,7 @@ ether_demux(struct ifnet *ifp, struct mbuf *m)
 	 * Allow dummynet and/or ipfw to claim the frame.
 	 * Do not do this for PROMISC frames in case we are re-entered.
 	 */
-	if (IPFW_LOADED && V_ether_ipfw != 0 && !(m->m_flags & M_PROMISC)) {
+	if (ip_fw_chk_ptr && V_ether_ipfw != 0 && !(m->m_flags & M_PROMISC)) {
 		struct ip_fw *rule = ip_dn_claim_rule(m);
 
 		if (ether_ipfw_chk(&m, NULL, &rule, 0) == 0) {

sys/netinet/ip_dummynet.h

@@ -373,13 +373,6 @@ struct dn_pipe_max {
 SLIST_HEAD(dn_pipe_head, dn_pipe);
 
 #ifdef _KERNEL
-typedef	int ip_dn_ctl_t(struct sockopt *); /* raw_ip.c */
-typedef	void ip_dn_ruledel_t(void *); /* ip_fw.c */
-typedef	int ip_dn_io_t(struct mbuf **m, int dir, struct ip_fw_args *fwa);
-extern	ip_dn_ctl_t *ip_dn_ctl_ptr;
-extern	ip_dn_ruledel_t *ip_dn_ruledel_ptr;
-extern	ip_dn_io_t *ip_dn_io_ptr;
-#define	DUMMYNET_LOADED	(ip_dn_io_ptr != NULL)
 
 /*
  * Return the IPFW rule associated with the dummynet tag; if any.

sys/netinet/ip_fw.h

@@ -636,9 +636,6 @@ void ipfw_destroy(void);
 void ipfw_nat_destroy(void);
 #endif
 
-typedef int ip_fw_ctl_t(struct sockopt *);
-extern ip_fw_ctl_t *ip_fw_ctl_ptr;
-
 #ifdef VIMAGE_GLOBALS
 extern int fw_one_pass;
 extern int fw_enable;
@@ -647,11 +644,6 @@ extern int fw6_enable;
 #endif
 #endif
 
-/* For kernel ipfw_ether and ipfw_bridge. */
-typedef	int ip_fw_chk_t(struct ip_fw_args *args);
-extern	ip_fw_chk_t	*ip_fw_chk_ptr;
-#define	IPFW_LOADED	(ip_fw_chk_ptr != NULL)
-
 struct ip_fw_chain {
 	struct ip_fw	*rules;		/* list of rules */
 	struct ip_fw	*reap;		/* list of rules to reap */

sys/netinet/ip_fw2.c

@@ -3603,6 +3603,12 @@ remove_rule(struct ip_fw_chain *chain, struct ip_fw *rule,
 	return n;
 }
 
+/*
+ * Hook for cleaning up dummynet when an ipfw rule is deleted.
+ * Set/cleared when dummynet module is loaded/unloaded.
+ */
+void   (*ip_dn_ruledel_ptr)(void *) = NULL;
+
 /**
  * Reclaim storage associated with a list of rules.  This is
  * typically the list created using remove_rule.
@@ -3614,7 +3620,7 @@ reap_rules(struct ip_fw *head)
 
 	while ((rule = head) != NULL) {
 		head = head->next;
-		if (DUMMYNET_LOADED)
+		if (ip_dn_ruledel_ptr)
 			ip_dn_ruledel_ptr(rule);
 		free(rule, M_IPFW);
 	}

sys/netinet/ip_fw_pfil.c

@@ -77,9 +77,6 @@ int fw6_enable = 1;
 
 int ipfw_chg_hook(SYSCTL_HANDLER_ARGS);
 
-/* Dummynet hooks. */
-ip_dn_ruledel_t	*ip_dn_ruledel_ptr = NULL;
-
 /* Divert hooks. */
 ip_divert_packet_t *ip_divert_ptr = NULL;
 
@@ -167,7 +164,7 @@ ipfw_check_in(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
 		break;			/* not reached */
 
 	case IP_FW_DUMMYNET:
-		if (!DUMMYNET_LOADED)
+		if (ip_dn_io_ptr == NULL)
 			goto drop;
 		if (mtod(*m0, struct ip *)->ip_v == 4)
 			ip_dn_io_ptr(m0, DN_TO_IP_IN, &args);
@@ -302,7 +299,7 @@ ipfw_check_out(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
 		break;  		/* not reached */
 
 	case IP_FW_DUMMYNET:
-		if (!DUMMYNET_LOADED)
+		if (ip_dn_io_ptr == NULL)
 			break;
 		if (mtod(*m0, struct ip *)->ip_v == 4)
 			ip_dn_io_ptr(m0, DN_TO_IP_OUT, &args);

sys/netinet/ip_input.c

@@ -85,10 +85,6 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/socketvar.h>
 
-/* XXX: Temporary until ipfw_ether and ipfw_bridge are converted. */
-#include <netinet/ip_fw.h>
-#include <netinet/ip_dummynet.h>
-
 #include <security/mac/mac_framework.h>
 
 #ifdef CTASSERT
@@ -217,12 +213,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, output_flowtable_size,
     CTLFLAG_RDTUN, ip_output_flowtable_size, 2048,
     "number of entries in the per-cpu output flow caches");
 
-/*
- * ipfw_ether and ipfw_bridge hooks.
- * XXX: Temporary until those are converted to pfil_hooks as well.
- */
-ip_fw_chk_t *ip_fw_chk_ptr = NULL;
-ip_dn_io_t *ip_dn_io_ptr = NULL;
 #ifdef VIMAGE_GLOBALS
 int fw_one_pass;
 #endif

sys/netinet/ip_var.h

@@ -173,7 +173,8 @@ extern int	ipstealth;		/* stealth forwarding */
 extern int rsvp_on;
 extern struct socket *ip_rsvpd;		/* reservation protocol daemon */
 extern struct socket *ip_mrouter;	/* multicast routing daemon */
-#endif
+#endif /* VIMAGE_GLOBALS */
+
 extern u_char	ip_protox[];
 extern int	(*legal_vif_num)(int);
 extern u_long	(*ip_mcast_src)(int);
@@ -223,6 +224,13 @@ extern	struct pfil_head inet_pfil_hook;	/* packet filter hooks */
 
 void	in_delayed_cksum(struct mbuf *m);
 
+/* ipfw and dummynet hooks. Most are declared in raw_ip.c */
+struct ip_fw_args;
+extern int	(*ip_fw_chk_ptr)(struct ip_fw_args *args);
+extern int	(*ip_fw_ctl_ptr)(struct sockopt *);
+extern int	(*ip_dn_ctl_ptr)(struct sockopt *);
+extern int	(*ip_dn_io_ptr)(struct mbuf **m, int dir, struct ip_fw_args *fwa);
+extern void	(*ip_dn_ruledel_ptr)(void *);		/* in ip_fw2.c */
 #endif /* _KERNEL */
 
 #endif /* !_NETINET_IP_VAR_H_ */

sys/netinet/raw_ip.c

@@ -70,8 +70,6 @@ __FBSDID("$FreeBSD$");
 #include <netinet/ip_var.h>
 #include <netinet/ip_mroute.h>
 
-#include <netinet/ip_fw.h>
-#include <netinet/ip_dummynet.h>
 #include <netinet/vinet.h>
 
 #ifdef IPSEC
@@ -85,9 +83,15 @@ struct	inpcbhead ripcb;
 struct	inpcbinfo ripcbinfo;
 #endif
 
-/* control hooks for ipfw and dummynet */
-ip_fw_ctl_t *ip_fw_ctl_ptr = NULL;
-ip_dn_ctl_t *ip_dn_ctl_ptr = NULL;
+/*
+ * Control and data hooks for ipfw and dummynet.
+ * The data hooks are not used here but it is convenient
+ * to keep them all in one place.
+ */
+int (*ip_fw_ctl_ptr)(struct sockopt *) = NULL;
+int (*ip_dn_ctl_ptr)(struct sockopt *) = NULL;
+int (*ip_fw_chk_ptr)(struct ip_fw_args *args) = NULL;
+int (*ip_dn_io_ptr)(struct mbuf **m, int dir, struct ip_fw_args *fwa) = NULL;
 
 /*
  * Hooks for multicast routing. They all default to NULL, so leave them not