d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tidy up some stray / unused stuff in the IPFW package and friends.

Browse Source 
- unifdef -DCOMPAT_IPFW  (this was on by default already)
- remove traces of in-kernel ip_nat package, it was never committed.
- Make IPFW and DUMMYNET initialize themselves rather than depend on
  compiled-in hooks in ip_init().  This means they initialize the same
  way both in-kernel and as kld modules.  (IPFW initializes now :-)
This commit is contained in:
Peter Wemm 1999-04-20 13:32:06 +00:00
parent 346f1ca8fc
commit 66e55756b5
9 changed files with 14 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/net/bridge.c
View File

@ -95,7 +95,7 @@
#include "opt_ipfw.h"
#include "opt_ipdn.h"
#if defined(IPFIREWALL) && defined(DUMMYNET)
#if defined(DUMMYNET)
#include <net/route.h>
#include <netinet/ip_fw.h>
#include <netinet/ip_dummynet.h>
@ -480,7 +480,6 @@ bdg_forward (struct mbuf **m0, struct ifnet *dst)
ifp = dst ;
once = 1 ; /* and also canfree */
}
#ifdef IPFIREWALL
/*
* do filtering in a very similar way to what is done
* in ip_output. Only for IP packets, and only pass/fail/dummynet
@ -582,7 +581,6 @@ bdg_forward (struct mbuf **m0, struct ifnet *dst)
return 0 ;
}
forward:
#endif /* COMPAT_IPFW */
if (canfree && once)
m = *m0 ;
else

3
sys/netinet/in.h
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)in.h 8.3 (Berkeley) 1/3/94
* $Id: in.h,v 1.37 1998/08/23 03:07:14 wollman Exp $
* $Id: in.h,v 1.38 1998/12/14 18:09:13 luigi Exp $
*/
#ifndef _NETINET_IN_H_
@ -321,7 +321,6 @@ struct ip_opts {
#define IP_FW_FLUSH 52 /* flush firewall rule chain */
#define IP_FW_ZERO 53 /* clear single/all firewall counter(s) */
#define IP_FW_GET 54 /* get entire firewall rule chain */
#define IP_NAT 55 /* set/get NAT opts */
#define IP_DUMMYNET_CONFIGURE 60 /* add/configure a dummynet pipe */
#define IP_DUMMYNET_DEL 61 /* delete a dummynet pipe from chain */

15
sys/netinet/ip_dummynet.c
View File

@ -10,7 +10,7 @@
*
* This software is provided ``AS IS'' without any warranties of any kind.
*
* $Id: ip_dummynet.c,v 1.10 1999/03/26 14:15:59 luigi Exp $
* $Id: ip_dummynet.c,v 1.11 1999/04/17 11:09:08 peter Exp $
*/
/*
@ -39,6 +39,7 @@
#include <sys/mbuf.h>
#include <sys/queue.h> /* XXX */
#include <sys/kernel.h>
#include <sys/module.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/time.h>
@ -587,7 +588,7 @@ ip_dn_ctl(struct sockopt *sopt)
return error ;
}
void
static void
ip_dn_init(void)
{
printf("DUMMYNET initialized (990326) -- size dn_pkt %d\n",
@ -596,11 +597,7 @@ ip_dn_init(void)
ip_dn_ctl_ptr = ip_dn_ctl;
}
#ifdef DUMMYNET_MODULE
#include <sys/module.h>
static ip_dn_ctl_t *old_dn_ctl_ptr ;
static ip_dn_ctl_t *old_dn_ctl_ptr;
static int
dummynet_modevent(module_t mod, int type, void *data)
@ -619,7 +616,6 @@ dummynet_modevent(module_t mod, int type, void *data)
ip_dn_ctl_ptr = old_dn_ctl_ptr;
splx(s);
dummynet_flush();
printf("DUMMYNET unloaded\n");
break;
default:
break;
@ -632,5 +628,4 @@ static moduledata_t dummynet_mod = {
dummynet_modevent,
NULL
};
DECLARE_MODULE(dummynet, dummynet_mod, SI_SUB_PSEUDO, SI_ORDER_ANY)
#endif
DECLARE_MODULE(dummynet, dummynet_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);

3
sys/netinet/ip_dummynet.h
View File

@ -10,7 +10,7 @@
*
* This software is provided ``AS IS'' without any warranties of any kind.
*
* $Id: ip_dummynet.h,v 1.2 1998/12/14 18:09:13 luigi Exp $
* $Id: ip_dummynet.h,v 1.3 1999/01/23 23:59:50 archie Exp $
*/
#ifndef _IP_DUMMYNET_H
@ -105,7 +105,6 @@ MALLOC_DECLARE(M_IPFW);
typedef int ip_dn_ctl_t __P((struct sockopt *)) ;
extern ip_dn_ctl_t *ip_dn_ctl_ptr;
void ip_dn_init(void); /* called in ip_input.c */
void dn_rule_delete(void *r); /* used in ip_fw.c */
int dummynet_io(int pipe, int dir,
struct mbuf *m, struct ifnet *ifp, struct route *ro, int hlen,

5
sys/netinet/ip_fw.c
View File

@ -12,7 +12,7 @@
*
* This software is provided ``AS IS'' without any warranties of any kind.
*
* $Id: ip_fw.c,v 1.105 1999/03/30 23:45:34 nsayer Exp $
* $Id: ip_fw.c,v 1.106 1999/04/17 08:56:38 peter Exp $
*/
/*
@ -1276,7 +1276,6 @@ ip_fw_init(void)
static ip_fw_chk_t *old_chk_ptr;
static ip_fw_ctl_t *old_ctl_ptr;
#if defined(IPFIREWALL_MODULE)
static int
ipfw_modevent(module_t mod, int type, void *unused)
{
@ -1306,7 +1305,6 @@ ipfw_modevent(module_t mod, int type, void *unused)
}
splx(s);
printf("IP firewall unloaded\n");
return 0;
default:
break;
@ -1320,4 +1318,3 @@ static moduledata_t ipfwmod = {
0
};
DECLARE_MODULE(ipfw, ipfwmod, SI_SUB_PSEUDO, SI_ORDER_ANY);
#endif

10
sys/netinet/ip_fw.h
View File

@ -11,7 +11,7 @@
*
* This software is provided ``AS IS'' without any warranties of any kind.
*
* $Id: ip_fw.h,v 1.35 1998/09/02 19:14:01 phk Exp $
* $Id: ip_fw.h,v 1.36 1998/12/14 18:09:13 luigi Exp $
*/
#ifndef _IP_FW_H
@ -198,14 +198,6 @@ typedef int ip_fw_ctl_t __P((struct sockopt *));
extern ip_fw_chk_t *ip_fw_chk_ptr;
extern ip_fw_ctl_t *ip_fw_ctl_ptr;
/* IP NAT hooks */
typedef int ip_nat_t __P((struct ip **, struct mbuf **, struct ifnet *, int));
typedef int ip_nat_ctl_t __P((struct sockopt *));
extern ip_nat_t *ip_nat_ptr;
extern ip_nat_ctl_t *ip_nat_ctl_ptr;
#define IP_NAT_IN 0x00000001
#define IP_NAT_OUT 0x00000002
#endif /* KERNEL */
#endif /* _IP_FW_H */

36
sys/netinet/ip_input.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)ip_input.c 8.2 (Berkeley) 1/4/94
* $Id: ip_input.c,v 1.115 1999/02/22 18:19:57 des Exp $
* $Id: ip_input.c,v 1.116 1999/03/12 01:15:57 julian Exp $
*/
#define _IP_VHL
@ -73,9 +73,7 @@
#include <sys/socketvar.h>
#ifdef IPFIREWALL
#include <netinet/ip_fw.h>
#endif
#ifdef DUMMYNET
#include <netinet/ip_dummynet.h>
@ -145,16 +143,6 @@ SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
&ipstealth, 0, "");
#endif
#if !defined(COMPAT_IPFW) || COMPAT_IPFW == 1
#undef COMPAT_IPFW
#define COMPAT_IPFW 1
#else
#undef COMPAT_IPFW
#endif
#ifdef COMPAT_IPFW
#include <netinet/ip_fw.h>
/* Firewall hooks */
ip_fw_chk_t *ip_fw_chk_ptr;
@ -164,11 +152,6 @@ ip_fw_ctl_t *ip_fw_ctl_ptr;
ip_dn_ctl_t *ip_dn_ctl_ptr;
#endif
/* IP Network Address Translation (NAT) hooks */
ip_nat_t *ip_nat_ptr;
ip_nat_ctl_t *ip_nat_ctl_ptr;
#endif
#if defined(IPFILTER_LKM) || defined(IPFILTER)
int iplattach __P((void));
int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)) = NULL;
@ -239,12 +222,6 @@ ip_init()
ip_id = time_second & 0xffff;
ipintrq.ifq_maxlen = ipqmaxlen;
#ifdef DUMMYNET
ip_dn_init();
#endif
#ifdef IPNAT
ip_nat_init();
#endif
#ifdef IPFILTER
iplattach();
#endif
@ -269,9 +246,7 @@ ip_input(struct mbuf *m)
#ifndef IPDIVERT /* dummy variable for the firewall code to play with */
u_short ip_divert_cookie = 0 ;
#endif
#ifdef COMPAT_IPFW
struct ip_fw_chain *rule = NULL ;
#endif
#if defined(IPFIREWALL) && defined(DUMMYNET)
/*
@ -391,7 +366,6 @@ iphack:
ip = mtod(m = m1, struct ip *);
}
#endif
#ifdef COMPAT_IPFW
if (ip_fw_chk_ptr) {
#ifdef IPFIREWALL_FORWARD
/*
@ -437,14 +411,6 @@ iphack:
}
pass:
if (ip_nat_ptr && !(*ip_nat_ptr)(&ip, &m, m->m_pkthdr.rcvif, IP_NAT_IN)) {
#ifdef IPFIREWALL_FORWARD
ip_fw_fwd_addr = NULL;
#endif
return;
}
#endif /* !COMPAT_IPFW */
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an

22
sys/netinet/ip_output.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)ip_output.c 8.3 (Berkeley) 1/21/94
* $Id: ip_output.c,v 1.86 1999/02/19 18:32:55 luigi Exp $
* $Id: ip_output.c,v 1.87 1999/03/16 12:06:11 luigi Exp $
*/
#define _IP_VHL
@ -67,16 +67,7 @@
static MALLOC_DEFINE(M_IPMOPTS, "ip_moptions", "internet multicast options");
#if !defined(COMPAT_IPFW) || COMPAT_IPFW == 1
#undef COMPAT_IPFW
#define COMPAT_IPFW 1
#else
#undef COMPAT_IPFW
#endif
#ifdef COMPAT_IPFW
#include <netinet/ip_fw.h>
#endif
#ifdef DUMMYNET
#include <netinet/ip_dummynet.h>
@ -139,9 +130,7 @@ ip_output(m0, opt, ro, flags, imo)
#ifndef IPDIVERT /* dummy variable for the firewall code to play with */
u_short ip_divert_cookie = 0 ;
#endif
#ifdef COMPAT_IPFW
struct ip_fw_chain *rule = NULL ;
#endif
#if defined(IPFIREWALL) && defined(DUMMYNET)
/*
@ -424,12 +413,6 @@ sendit:
}
#endif
#ifdef COMPAT_IPFW
if (ip_nat_ptr && !(*ip_nat_ptr)(&ip, &m, ifp, IP_NAT_OUT)) {
error = EACCES;
goto done;
}
/*
* Check with the firewall...
*/
@ -468,7 +451,7 @@ sendit:
* XXX note: if the ifp or ro entry are deleted
* while a pkt is in dummynet, we are in trouble!
*/
dummynet_io(off & 0xffff, DN_TO_IP_OUT, m,ifp,ro,dst,rule);
dummynet_io(off & 0xffff, DN_TO_IP_OUT, m,ifp,ro,hlen,rule);
goto done;
}
#endif
@ -590,7 +573,6 @@ sendit:
error = EACCES; /* not sure this is the right error msg */
goto done;
}
#endif /* COMPAT_IPFW */
pass:
/*

24
sys/netinet/raw_ip.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)raw_ip.c 8.7 (Berkeley) 5/15/95
* $Id: raw_ip.c,v 1.55 1998/08/23 03:07:14 wollman Exp $
* $Id: raw_ip.c,v 1.56 1998/12/14 18:09:13 luigi Exp $
*/
#include <sys/param.h>
@ -65,12 +65,6 @@
#ifdef DUMMYNET
#include <netinet/ip_dummynet.h>
#endif
#if !defined(COMPAT_IPFW) || COMPAT_IPFW == 1
#undef COMPAT_IPFW
#define COMPAT_IPFW 1
#else
#undef COMPAT_IPFW
#endif
static struct inpcbhead ripcb;
static struct inpcbinfo ripcbinfo;
@ -249,7 +243,6 @@ rip_ctloutput(so, sopt)
error = sooptcopyout(sopt, &optval, sizeof optval);
break;
#ifdef COMPAT_IPFW
case IP_FW_GET:
if (ip_fw_ctl_ptr == 0)
error = ENOPROTOOPT;
@ -257,12 +250,6 @@ rip_ctloutput(so, sopt)
error = ip_fw_ctl_ptr(sopt);
break;
case IP_NAT:
if (ip_nat_ctl_ptr == 0)
error = ENOPROTOOPT;
else
error = ip_nat_ctl_ptr(sopt);
break;
#ifdef DUMMYNET
case IP_DUMMYNET_GET:
if (ip_dn_ctl_ptr == NULL)
@ -271,7 +258,6 @@ rip_ctloutput(so, sopt)
error = ip_dn_ctl_ptr(sopt);
break ;
#endif /* DUMMYNET */
#endif /* COMPAT_IPFW */
case MRT_INIT:
case MRT_DONE:
@ -303,7 +289,6 @@ rip_ctloutput(so, sopt)
inp->inp_flags &= ~INP_HDRINCL;
break;
#ifdef COMPAT_IPFW
case IP_FW_ADD:
case IP_FW_DEL:
case IP_FW_FLUSH:
@ -314,12 +299,6 @@ rip_ctloutput(so, sopt)
error = ip_fw_ctl_ptr(sopt);
break;
case IP_NAT:
if (ip_nat_ctl_ptr == 0)
error = ENOPROTOOPT;
else
error = ip_nat_ctl_ptr(sopt);
break;
#ifdef DUMMYNET
case IP_DUMMYNET_CONFIGURE:
case IP_DUMMYNET_DEL:
@ -330,7 +309,6 @@ rip_ctloutput(so, sopt)
error = ip_dn_ctl_ptr(sopt);
break ;
#endif
#endif /* COMPAT_IPFW */
case IP_RSVP_ON:
error = ip_rsvp_init(so);