MfP4 CH=192029:
Expose ip_icmp.c to INET6 as well and only export badport_bandlim() along with the two sysctls in the non-INET case. The bandlim types work for all cases I reviewed in IPv6 as well and the sysctls are available as we export net.inet.* from in_proto.c. Reviewed by: gnn Sponsored by: The FreeBSD Foundation Sponsored by: iXsystems MFC after: 4 days
This commit is contained in:
Bjoern A. Zeeb
parent
5084821ac2
commit
b8e463e644
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=221134
@ -2707,7 +2707,7 @@ netinet/ipfw/ip_fw_pfil.c optional inet ipfirewall
|
||||
netinet/ipfw/ip_fw_sockopt.c optional inet ipfirewall
|
||||
netinet/ipfw/ip_fw_table.c optional inet ipfirewall
|
||||
netinet/ipfw/ip_fw_nat.c optional inet ipfirewall_nat
|
||||
netinet/ip_icmp.c optional inet
|
||||
netinet/ip_icmp.c optional inet | inet6
|
||||
netinet/ip_input.c optional inet
|
||||
netinet/ip_ipsec.c optional inet ipsec
|
||||
netinet/ip_mroute.c optional mrouting inet | mrouting inet6
|
||||
|
||||
@ -32,6 +32,7 @@
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include "opt_inet.h"
|
||||
#include "opt_ipsec.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -62,6 +63,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <netinet/tcpip.h>
|
||||
#include <netinet/icmp_var.h>
|
||||
|
||||
#ifdef INET
|
||||
#ifdef IPSEC
|
||||
#include <netipsec/ipsec.h>
|
||||
#include <netipsec/key.h>
|
||||
@ -70,12 +72,26 @@ __FBSDID("$FreeBSD$");
|
||||
#include <machine/in_cksum.h>
|
||||
|
||||
#include <security/mac/mac_framework.h>
|
||||
#endif /* INET */
|
||||
|
||||
/*
|
||||
* ICMP routines: error generation, receive packet processing, and
|
||||
* routines to turnaround packets back to the originator, and
|
||||
* host table maintenance routines.
|
||||
*/
|
||||
static VNET_DEFINE(int, icmplim) = 200;
|
||||
#define V_icmplim VNET(icmplim)
|
||||
SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW,
|
||||
&VNET_NAME(icmplim), 0,
|
||||
"Maximum number of ICMP responses per second");
|
||||
|
||||
static VNET_DEFINE(int, icmplim_output) = 1;
|
||||
#define V_icmplim_output VNET(icmplim_output)
|
||||
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW,
|
||||
&VNET_NAME(icmplim_output), 0,
|
||||
"Enable rate limiting of ICMP responses");
|
||||
|
||||
#ifdef INET
|
||||
VNET_DEFINE(struct icmpstat, icmpstat);
|
||||
SYSCTL_VNET_STRUCT(_net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW,
|
||||
&VNET_NAME(icmpstat), icmpstat, "");
|
||||
@ -104,18 +120,6 @@ SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW,
|
||||
&VNET_NAME(log_redirect), 0,
|
||||
"Log ICMP redirects to the console");
|
||||
|
||||
static VNET_DEFINE(int, icmplim) = 200;
|
||||
#define V_icmplim VNET(icmplim)
|
||||
SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW,
|
||||
&VNET_NAME(icmplim), 0,
|
||||
"Maximum number of ICMP responses per second");
|
||||
|
||||
static VNET_DEFINE(int, icmplim_output) = 1;
|
||||
#define V_icmplim_output VNET(icmplim_output)
|
||||
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW,
|
||||
&VNET_NAME(icmplim_output), 0,
|
||||
"Enable rate limiting of ICMP responses");
|
||||
|
||||
static VNET_DEFINE(char, reply_src[IFNAMSIZ]);
|
||||
#define V_reply_src VNET(reply_src)
|
||||
SYSCTL_VNET_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW,
|
||||
@ -922,6 +926,7 @@ ip_next_mtu(int mtu, int dir)
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
#endif /* INET */
|
||||
|
||||
|
||||
/*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user