d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make it so dummynet and bridge can be loaded as modules.

Browse Source 
Submitted by:	billf
This commit is contained in:
Paul Saab 2001-10-05 05:45:27 +00:00
parent 239db728ab
commit db69a05dce
11 changed files with 202 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sys/modules/bridge/Makefile Normal file
View File

@ -0,0 +1,8 @@
# $FreeBSD$
.PATH: ${.CURDIR}/../../net
KMOD= bridge
SRCS= bridge.c
NOMAN=
.include <bsd.kmod.mk>

9
sys/modules/dummynet/Makefile Normal file
View File

@ -0,0 +1,9 @@
# $FreeBSD$
.PATH: ${.CURDIR}/../../netinet
KMOD= dummynet
SRCS= ip_dummynet.c opt_bdg.h
NOMAN=
KMODDEPS= ipfw
.include <bsd.kmod.mk>

82
sys/net/bridge.c
View File

@ -87,19 +87,20 @@
#include <netinet/ip.h>
#include <netinet/if_ether.h> /* for struct arpcom */
#if !defined(KLD_MODULE)
#include "opt_ipfw.h"
#include "opt_ipdn.h"
#endif
#if defined(IPFIREWALL)
#include <net/route.h>
#include <netinet/ip_fw.h>
#if defined(DUMMYNET)
#include <netinet/ip_dummynet.h>
#endif
#endif
#include <net/bridge.h>
static struct ifnet *bridge_in(struct ifnet *, struct ether_header *);
static struct mbuf *bdg_forward(struct mbuf *, struct ether_header *const, struct ifnet *);
static void bdgtakeifaces(void);
/*
* For debugging, you can use the following macros.
* remember, rdtsc() only works on Pentium-class machines
@ -123,18 +124,14 @@ static void parse_bdg_cfg(void);
static int bdg_initialized = 0;
static int bdg_ipfw = 0 ;
int do_bridge = 0;
bdg_hash_table *bdg_table = NULL ;
/*
* System initialization
*/
SYSINIT(interfaces, SI_SUB_PROTO_IF, SI_ORDER_FIRST, bdginit, NULL)
static struct bdg_stats bdg_stats ;
struct bdg_softc *ifp2sc = NULL ;
/* XXX make it static of size BDG_MAX_PORTS */
static struct callout_handle bdg_timeout_h ;
#define IFP_CHK(ifp, x) \
if (ifp2sc[ifp->if_index].magic != 0xDEADBEEF) { x ; }
@ -337,7 +334,6 @@ SYSCTL_INT(_net_link_ether, OID_AUTO, bridge_ipfw_collisions,
SYSCTL_PROC(_net_link_ether, OID_AUTO, bridge_refresh, CTLTYPE_INT|CTLFLAG_WR,
NULL, 0, &sysctl_refresh, "I", "iface refresh");
#if 1 /* diagnostic vars */
SY(_net_link_ether, verbose, "Be verbose");
SY(_net_link_ether, bdg_split_pkts, "Packets split in bdg_forward");
@ -352,7 +348,6 @@ SY(_net_link_ether, bdg_predict, "Correctly predicted header location");
SY(_net_link_ether, bdg_fw_avg, "Cycle counter avg");
SY(_net_link_ether, bdg_fw_ticks, "Cycle counter item");
SY(_net_link_ether, bdg_fw_count, "Cycle counter count");
#endif
SYSCTL_STRUCT(_net_link_ether, PF_BDG, bdgstats,
CTLFLAG_RD, &bdg_stats , bdg_stats, "bridge statistics");
@ -408,7 +403,7 @@ bdg_timeout(void *dummy)
bdg_loops = 0 ;
}
}
timeout(bdg_timeout, (void *)0, 2*hz );
bdg_timeout_h = timeout(bdg_timeout, NULL, 2*hz );
}
/*
@ -442,7 +437,7 @@ bdginit(void *dummy)
do_bridge=0;
}
void
static void
bdgtakeifaces(void)
{
int i ;
@ -457,7 +452,7 @@ bdgtakeifaces(void)
bdg_ports = 0 ;
*bridge_cfg = '\0';
printf("BRIDGE 010131, have %d interfaces\n", if_index);
printf("BRIDGE 011004, have %d interfaces\n", if_index);
for (i = 0 , ifp = TAILQ_FIRST(&ifnet) ; i < if_index ;
i++, ifp = TAILQ_NEXT(ifp, if_link))
if (ifp->if_type == IFT_ETHER) { /* ethernet ? */
@ -503,7 +498,7 @@ bdgtakeifaces(void)
* to fetch more of the packet, or simply drop it completely.
*/
struct ifnet *
static struct ifnet *
bridge_in(struct ifnet *ifp, struct ether_header *eh)
{
int index;
@ -607,7 +602,7 @@ bridge_in(struct ifnet *ifp, struct ether_header *eh)
*
* XXX be careful about eh, it can be a pointer into *m
*/
struct mbuf *
static struct mbuf *
bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
{
struct ifnet *src = m0->m_pkthdr.rcvif; /* could be NULL in output */
@ -615,9 +610,7 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
int shared = bdg_copy ; /* someone else is using the mbuf */
int once = 0; /* loop only once */
struct ifnet *real_dst = dst ; /* real dst from ether_output */
#ifdef IPFIREWALL
struct ip_fw *rule = NULL ; /* did we match a firewall rule ? */
#endif
/*
* XXX eh is usually a pointer within the mbuf (some ethernet drivers
@ -628,7 +621,6 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
DEB(quad_t ticks; ticks = rdtsc();)
#if defined(IPFIREWALL) && defined(DUMMYNET)
if (m0->m_type == MT_DUMMYNET) {
/* extract info from dummynet header */
rule = (struct ip_fw *)(m0->m_data) ;
@ -636,7 +628,6 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
src = m0->m_pkthdr.rcvif;
shared = 0 ; /* For sure this is our own mbuf. */
} else
#endif
bdg_thru++; /* only count once */
if (src == NULL) /* packet from ether_output */
@ -663,7 +654,6 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
if ( (u_int)(ifp) <= (u_int)BDG_FORWARD )
panic("bdg_forward: bad dst");
#ifdef IPFIREWALL
/*
* Do filtering in a very similar way to what is done in ip_output.
* Only if firewall is loaded, enabled, and the packet is not
@ -721,8 +711,7 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
if (i == 0) /* a PASS rule. */
goto forward ;
#ifdef DUMMYNET
if (i & IP_FW_PORT_DYNT_FLAG) {
if (do_bridge && ip_dn_io_ptr != NULL && (i & IP_FW_PORT_DYNT_FLAG)) {
/*
* Pass the pkt to dummynet, which consumes it.
* If shared, make a copy and keep the original.
@ -752,10 +741,9 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
return m0 ;
bcopy(&save_eh, mtod(m, struct ether_header *), ETHER_HDR_LEN);
}
dummynet_io((i & 0xffff),DN_TO_BDG_FWD,m,real_dst,NULL,0,rule,0);
ip_dn_io_ptr((i & 0xffff),DN_TO_BDG_FWD,m,real_dst,NULL,0,rule,0);
return m0 ;
}
#endif
/*
* XXX add divert/forward actions...
*/
@ -765,7 +753,6 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
return m0 ;
}
forward:
#endif /* IPFIREWALL */
/*
* Again, bring up the headers in case of shared bufs to avoid
* corruptions in the future.
@ -841,3 +828,44 @@ bdg_forward(struct mbuf *m0, struct ether_header *const eh, struct ifnet *dst)
if (bdg_fw_count != 0) bdg_fw_avg = bdg_fw_ticks/bdg_fw_count; )
return m0 ;
}
static int
bridge_modevent(module_t mod, int type, void *unused)
{
int s;
s = splimp();
switch (type) {
case MOD_LOAD:
bridge_in_ptr = bridge_in;
bdg_forward_ptr = bdg_forward;
bdgtakeifaces_ptr = bdgtakeifaces;
bdginit(NULL);
break;
case MOD_UNLOAD:
s = splimp();
do_bridge = 0;
bridge_in_ptr = NULL;
bdg_forward_ptr = NULL;
bdgtakeifaces_ptr = NULL;
untimeout(bdg_timeout, NULL, bdg_timeout_h);
if (bdg_table != NULL)
free(bdg_table, M_IFADDR);
if (ifp2sc != NULL)
free(ifp2sc, M_IFADDR);
break;
default:
break;
}
splx(s);
return 0;
}
static moduledata_t bridge_mod = {
"bridge",
bridge_modevent,
0
};
DECLARE_MODULE(bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
MODULE_VERSION(bridge, 1);

15
sys/net/bridge.h
View File

@ -76,8 +76,6 @@ typedef struct _bdg_addr {
extern bdg_addr bdg_addresses[BDG_MAX_PORTS];
extern int bdg_ports ;
extern void bdgtakeifaces(void);
/*
* out of the 6 bytes, the last ones are more "variable". Since
* we are on a little endian machine, we have to do some gimmick...
@ -86,10 +84,6 @@ extern void bdgtakeifaces(void);
#define HASH_FN(addr) ( \
ntohs( ((short *)addr)[1] ^ ((short *)addr)[2] ) & (HASH_SIZE -1))
struct ifnet *bridge_in(struct ifnet *ifp, struct ether_header *eh);
/* bdg_forward frees the mbuf if necessary, returning null */
struct mbuf *bdg_forward(struct mbuf *m0, struct ether_header *eh, struct ifnet *dst);
#ifdef __i386__
#define BDG_MATCH(a,b) ( \
((unsigned short *)(a))[2] == ((unsigned short *)(b))[2] && \
@ -136,6 +130,15 @@ struct bdg_stats {
#define BDG_STAT(ifp, type) bdg_stats.s[ifp->if_index].p_in[(int)type]++
#ifdef _KERNEL
typedef struct ifnet *bridge_in_t(struct ifnet *, struct ether_header *);
/* bdg_forward frees the mbuf if necessary, returning null */
typedef struct mbuf *bdg_forward_t(struct mbuf *, struct ether_header *const,
struct ifnet *);
typedef void bdgtakeifaces_t(void);
extern bridge_in_t *bridge_in_ptr;
extern bdg_forward_t *bdg_forward_ptr;
extern bdgtakeifaces_t *bdgtakeifaces_ptr;
/*
* Find the right pkt destination:
* BDG_BCAST is a broadcast

42
sys/net/if_ethersubr.c
View File

@ -59,6 +59,7 @@
#include <net/if_types.h>
#include <net/bpf.h>
#include <net/ethernet.h>
#include <net/bridge.h>
#if defined(INET) || defined(INET6)
#include <netinet/in.h>
@ -97,10 +98,6 @@ extern u_char at_org_code[3];
extern u_char aarp_org_code[3];
#endif /* NETATALK */
#ifdef BRIDGE
#include <net/bridge.h>
#endif
/* netgraph node hooks for ng_ether(4) */
void (*ng_ether_input_p)(struct ifnet *ifp,
struct mbuf **mp, struct ether_header *eh);
@ -114,6 +111,13 @@ int (*vlan_input_p)(struct ether_header *eh, struct mbuf *m);
int (*vlan_input_tag_p)(struct ether_header *eh, struct mbuf *m,
u_int16_t t);
/* bridge support */
int do_bridge = 0;
bridge_in_t *bridge_in_ptr;
bdg_forward_t *bdg_forward_ptr;
bdgtakeifaces_t *bdgtakeifaces_ptr;
struct bdg_softc *ifp2sc = NULL;
static int ether_resolvemulti __P((struct ifnet *, struct sockaddr **,
struct sockaddr *));
u_char etherbroadcastaddr[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
@ -360,19 +364,17 @@ ether_output_frame(ifp, m)
{
int error = 0;
#ifdef BRIDGE
if (do_bridge && BDG_USED(ifp) ) {
if (do_bridge && bdg_forward_ptr != NULL && BDG_USED(ifp) ) {
struct ether_header *eh; /* a ptr suffices */
m->m_pkthdr.rcvif = NULL;
eh = mtod(m, struct ether_header *);
m_adj(m, ETHER_HDR_LEN);
m = bdg_forward(m, eh, ifp);
m = bdg_forward_ptr(m, eh, ifp);
if (m != NULL)
m_freem(m);
return (0);
}
#endif
/*
* Queue message on interface, update output statistics if
@ -406,9 +408,7 @@ ether_input(ifp, eh, m)
struct ether_header *eh;
struct mbuf *m;
{
#ifdef BRIDGE
struct ether_header save_eh;
#endif
/* Check for a BPF tap */
if (ifp->if_bpf != NULL) {
@ -428,13 +428,12 @@ ether_input(ifp, eh, m)
return;
}
#ifdef BRIDGE
/* Check for bridging mode */
if (do_bridge && BDG_USED(ifp) ) {
if (do_bridge && bdg_forward_ptr != NULL && BDG_USED(ifp) ) {
struct ifnet *bif;
/* Check with bridging code */
if ((bif = bridge_in(ifp, eh)) == BDG_DROP) {
if ((bif = bridge_in_ptr(ifp, eh)) == BDG_DROP) {
m_freem(m);
return;
}
@ -442,9 +441,9 @@ ether_input(ifp, eh, m)
struct mbuf *oldm = m ;
save_eh = *eh ; /* because it might change */
m = bdg_forward(m, eh, bif); /* needs forwarding */
m = bdg_forward_ptr(m, eh, bif); /* needs forwarding */
/*
* Do not continue if bdg_forward() processed our
* Do not continue if bdg_forward_ptr() processed our
* packet (and cleared the mbuf pointer m) or if
* it dropped (m_free'd) the packet itself.
*/
@ -466,11 +465,8 @@ ether_input(ifp, eh, m)
m_freem(m);
return;
}
#endif
#ifdef BRIDGE
recvLocal:
#endif
/* Continue with upper layer processing */
ether_demux(ifp, eh, m);
/* First chunk of an mbuf contains good junk */
@ -677,9 +673,8 @@ ether_ifattach(ifp, bpf)
bpfattach(ifp, DLT_EN10MB, sizeof(struct ether_header));
if (ng_ether_attach_p != NULL)
(*ng_ether_attach_p)(ifp);
#ifdef BRIDGE
bdgtakeifaces();
#endif
if (bdgtakeifaces_ptr != NULL)
bdgtakeifaces_ptr();
}
/*
@ -695,9 +690,8 @@ ether_ifdetach(ifp, bpf)
if (bpf)
bpfdetach(ifp);
if_detach(ifp);
#ifdef BRIDGE
bdgtakeifaces();
#endif
if (bdgtakeifaces_ptr != NULL)
bdgtakeifaces_ptr();
}
SYSCTL_DECL(_net_link);

137
sys/netinet/ip_dummynet.c
View File

@ -47,6 +47,7 @@
*
* Most important Changes:
*
* 011004: KLDable
* 010124: Fixed WF2Q behaviour
* 010122: Fixed spl protection.
* 000601: WF2Q support
@ -78,11 +79,11 @@
#include <netinet/ip_dummynet.h>
#include <netinet/ip_var.h>
#if !defined(KLD_MODULE)
#include "opt_bdg.h"
#ifdef BRIDGE
#endif
#include <netinet/if_ether.h> /* for struct arpcom */
#include <net/bridge.h>
#endif
/*
* We keep a private variable for the simulation time, but we could
@ -111,6 +112,9 @@ static int red_max_pkt_size = 1500; /* RED - default max packet size */
* extract_heap contains pipes associated with delay lines.
*
*/
MALLOC_DEFINE(M_DUMMYNET, "dummynet", "dummynet heap");
static struct dn_heap ready_heap, extract_heap, wfq_ready_heap ;
static int heap_init(struct dn_heap *h, int size) ;
@ -123,6 +127,8 @@ static void ready_event(struct dn_flow_queue *q);
static struct dn_pipe *all_pipes = NULL ; /* list of all pipes */
static struct dn_flow_set *all_flow_sets = NULL ;/* list of all flow_sets */
static struct callout_handle dn_timeout;
#ifdef SYSCTL_NODE
SYSCTL_NODE(_net_inet_ip, OID_AUTO, dummynet,
CTLFLAG_RW, 0, "Dummynet");
@ -158,6 +164,10 @@ static void rt_unref(struct rtentry *);
static void dummynet(void *);
static void dummynet_flush(void);
void dummynet_drain(void);
static int dummynet_io(int pipe, int dir, struct mbuf *m, struct ifnet *ifp,
struct route *ro, struct sockaddr_in * dst,
struct ip_fw *rule, int flags);
void dn_rule_delete(void *);
int if_tx_rdy(struct ifnet *ifp);
@ -207,14 +217,14 @@ heap_init(struct dn_heap *h, int new_size)
return 0 ;
}
new_size = (new_size + HEAP_INCREMENT ) & ~HEAP_INCREMENT ;
p = malloc(new_size * sizeof(*p), M_IPFW, M_DONTWAIT );
p = malloc(new_size * sizeof(*p), M_DUMMYNET, M_DONTWAIT );
if (p == NULL) {
printf(" heap_init, resize %d failed\n", new_size );
return 1 ; /* error */
}
if (h->size > 0) {
bcopy(h->p, p, h->size * sizeof(*p) );
free(h->p, M_IPFW);
free(h->p, M_DUMMYNET);
}
h->p = p ;
h->size = new_size ;
@ -375,7 +385,7 @@ static void
heap_free(struct dn_heap *h)
{
if (h->size >0 )
free(h->p, M_IPFW);
free(h->p, M_DUMMYNET);
bzero(h, sizeof(*h) );
}
@ -433,40 +443,38 @@ transmit_event(struct dn_pipe *pipe)
ip_input((struct mbuf *)pkt) ;
break ;
#ifdef BRIDGE
case DN_TO_BDG_FWD : {
struct mbuf *m = (struct mbuf *)pkt;
struct ether_header *eh;
case DN_TO_BDG_FWD :
if (bdg_forward_ptr != NULL) {
struct mbuf *m = (struct mbuf *)pkt;
struct ether_header *eh;
if (pkt->dn_m->m_len < ETHER_HDR_LEN
&& (pkt->dn_m = m_pullup(pkt->dn_m, ETHER_HDR_LEN)) == NULL) {
printf("dummynet/bridge: pullup fail, dropping pkt\n");
break;
}
/*
* same as ether_input, make eh be a pointer into the mbuf
*/
eh = mtod(pkt->dn_m, struct ether_header *);
m_adj(pkt->dn_m, ETHER_HDR_LEN);
/*
* bdg_forward() wants a pointer to the pseudo-mbuf-header, but
* on return it will supply the pointer to the actual packet
* (originally pkt->dn_m, but could be something else now) if
* it has not consumed it.
*/
m = bdg_forward(m, eh, pkt->ifp);
if (m)
m_freem(m);
if (pkt->dn_m->m_len < ETHER_HDR_LEN &&
(pkt->dn_m = m_pullup(pkt->dn_m, ETHER_HDR_LEN)) == NULL) {
printf("dummynet/bridge: pullup fail, dropping pkt\n");
break;
}
/*
* same as ether_input, make eh be a pointer into the mbuf
*/
eh = mtod(pkt->dn_m, struct ether_header *);
m_adj(pkt->dn_m, ETHER_HDR_LEN);
/*
* bdg_forward_ptr() wants a pointer to the pseudo-mbuf-header,
* but on return it will supply the pointer to the actual packet
* (originally pkt->dn_m, but could be something else now) if
* it has not consumed it.
*/
m = bdg_forward_ptr(m, eh, pkt->ifp);
if (m)
m_freem(m);
}
break ;
#endif
default:
printf("dummynet: bad switch %d!\n", pkt->dn_dir);
m_freem(pkt->dn_m);
break ;
}
FREE(pkt, M_IPFW);
FREE(pkt, M_DUMMYNET);
}
/* if there are leftover packets, put into the heap for next event */
if ( (pkt = pipe->head) )
@ -741,7 +749,7 @@ dummynet(void * __unused unused)
pe->sum -= q->fs->weight ;
}
splx(s);
timeout(dummynet, NULL, 1);
dn_timeout = timeout(dummynet, NULL, 1);
}
/*
@ -800,7 +808,7 @@ expire_queues(struct dn_flow_set *fs)
else
fs->rq[i] = q = q->next ;
fs->rq_elements-- ;
free(old_q, M_IPFW);
free(old_q, M_DUMMYNET);
}
return initial_elements - fs->rq_elements ;
}
@ -823,7 +831,7 @@ create_queue(struct dn_flow_set *fs, int i)
if ( fs->rq[i] != NULL )
return fs->rq[i] ;
}
q = malloc(sizeof(*q), M_IPFW, M_DONTWAIT | M_ZERO); /* M_ZERO needed */
q = malloc(sizeof(*q), M_DUMMYNET, M_DONTWAIT | M_ZERO); /* M_ZERO needed */
if (q == NULL) {
printf("sorry, cannot allocate queue for new flow\n");
return NULL ;
@ -881,7 +889,7 @@ find_queue(struct dn_flow_set *fs)
else
fs->rq[i] = q = q->next ;
fs->rq_elements-- ;
free(old_q, M_IPFW);
free(old_q, M_DUMMYNET);
continue ;
}
prev = q ;
@ -1084,7 +1092,7 @@ dummynet_io(int pipe_nr, int dir, /* pipe_nr can also be a fs_nr */
goto dropit ;
/* XXX expensive to zero, see if we can remove it*/
pkt = (struct dn_pkt *)malloc(sizeof (*pkt), M_IPFW, M_NOWAIT | M_ZERO);
pkt = (struct dn_pkt *)malloc(sizeof (*pkt), M_DUMMYNET, M_NOWAIT | M_ZERO);
if ( pkt == NULL )
goto dropit ; /* cannot allocate packet header */
/* ok, i can handle the pkt now... */
@ -1211,7 +1219,7 @@ dummynet_io(int pipe_nr, int dir, /* pipe_nr can also be a fs_nr */
rt_unref ( n->ro.ro_rt ) ; \
m_freem(n->dn_m); \
pkt = DN_NEXT(n) ; \
free(n, M_IPFW) ; }
free(n, M_DUMMYNET) ; }
/*
* Dispose all packets and flow_queues on a flow_set.
@ -1231,7 +1239,7 @@ purge_flow_set(struct dn_flow_set *fs, int all)
for (pkt = q->head ; pkt ; )
DN_FREE_PKT(pkt) ;
qn = q->next ;
free(q, M_IPFW);
free(q, M_DUMMYNET);
}
fs->rq[i] = NULL ;
}
@ -1239,12 +1247,12 @@ purge_flow_set(struct dn_flow_set *fs, int all)
if (all) {
/* RED - free lookup table */
if (fs->w_q_lookup)
free(fs->w_q_lookup, M_IPFW);
free(fs->w_q_lookup, M_DUMMYNET);
if (fs->rq)
free(fs->rq, M_IPFW);
free(fs->rq, M_DUMMYNET);
/* if this fs is not part of a pipe, free it */
if (fs->pipe && fs != &(fs->pipe->fs) )
free(fs, M_IPFW);
free(fs, M_DUMMYNET);
}
}
@ -1308,7 +1316,7 @@ dummynet_flush()
purge_pipe(p);
curr_p = p ;
p = p->next ;
free(curr_p, M_IPFW);
free(curr_p, M_DUMMYNET);
}
}
@ -1376,18 +1384,18 @@ config_red(struct dn_flow_set *p, struct dn_flow_set * x)
/* if the lookup table already exist, free and create it again */
if (x->w_q_lookup)
free(x->w_q_lookup, M_IPFW);
free(x->w_q_lookup, M_DUMMYNET);
if (red_lookup_depth == 0) {
printf("\nnet.inet.ip.dummynet.red_lookup_depth must be > 0");
free(x, M_IPFW);
free(x, M_DUMMYNET);
return EINVAL;
}
x->lookup_depth = red_lookup_depth;
x->w_q_lookup = (u_int *) malloc(x->lookup_depth * sizeof(int),
M_IPFW, M_DONTWAIT);
M_DUMMYNET, M_DONTWAIT);
if (x->w_q_lookup == NULL) {
printf("sorry, cannot allocate red lookup table\n");
free(x, M_IPFW);
free(x, M_DUMMYNET);
return ENOSPC;
}
@ -1422,7 +1430,7 @@ alloc_hash(struct dn_flow_set *x, struct dn_flow_set *pfs)
} else /* one is enough for null mask */
x->rq_size = 1;
x->rq = malloc((1 + x->rq_size) * sizeof(struct dn_flow_queue *),
M_IPFW, M_DONTWAIT | M_ZERO);
M_DUMMYNET, M_DONTWAIT | M_ZERO);
if (x->rq == NULL) {
printf("sorry, cannot allocate queue\n");
return ENOSPC;
@ -1481,7 +1489,7 @@ config_pipe(struct dn_pipe *p)
a = b , b = b->next) ;
if (b == NULL || b->pipe_nr != p->pipe_nr) { /* new pipe */
x = malloc(sizeof(struct dn_pipe), M_IPFW, M_DONTWAIT | M_ZERO);
x = malloc(sizeof(struct dn_pipe), M_DUMMYNET, M_DONTWAIT | M_ZERO);
if (x == NULL) {
printf("ip_dummynet.c: no memory for new pipe\n");
return ENOSPC;
@ -1506,7 +1514,7 @@ config_pipe(struct dn_pipe *p)
if ( x->fs.rq == NULL ) { /* a new pipe */
s = alloc_hash(&(x->fs), pfs) ;
if (s) {
free(x, M_IPFW);
free(x, M_DUMMYNET);
return s ;
}
s = splimp() ;
@ -1527,7 +1535,7 @@ config_pipe(struct dn_pipe *p)
if (b == NULL || b->fs_nr != pfs->fs_nr) { /* new */
if (pfs->parent_nr == 0) /* need link to a pipe */
return EINVAL ;
x = malloc(sizeof(struct dn_flow_set), M_IPFW, M_DONTWAIT | M_ZERO);
x = malloc(sizeof(struct dn_flow_set), M_DUMMYNET, M_DONTWAIT | M_ZERO);
if (x == NULL) {
printf("ip_dummynet.c: no memory for new flow_set\n");
return ENOSPC;
@ -1550,7 +1558,7 @@ config_pipe(struct dn_pipe *p)
if ( x->rq == NULL ) { /* a new flow_set */
s = alloc_hash(x, pfs) ;
if (s) {
free(x, M_IPFW);
free(x, M_DUMMYNET);
return s ;
}
s = splimp() ;
@ -1677,7 +1685,7 @@ delete_pipe(struct dn_pipe *p)
pipe_remove_from_heap(&extract_heap, b);
pipe_remove_from_heap(&wfq_ready_heap, b);
splx(s);
free(b, M_IPFW);
free(b, M_DUMMYNET);
} else { /* this is a WF2Q queue (dn_flow_set) */
struct dn_flow_set *a, *b;
@ -1860,7 +1868,7 @@ ip_dn_ctl(struct sockopt *sopt)
static void
ip_dn_init(void)
{
printf("DUMMYNET initialized (010124)\n");
printf("DUMMYNET initialized (011004)\n");
all_pipes = NULL ;
all_flow_sets = NULL ;
ready_heap.size = ready_heap.elements = 0 ;
@ -1872,27 +1880,30 @@ ip_dn_init(void)
extract_heap.size = extract_heap.elements = 0 ;
extract_heap.offset = 0 ;
ip_dn_ctl_ptr = ip_dn_ctl;
timeout(dummynet, NULL, 1);
ip_dn_ruledel_ptr = dn_rule_delete;
ip_dn_io_ptr = dummynet_io;
bzero(&dn_timeout, sizeof(struct callout_handle));
dn_timeout = timeout(dummynet, NULL, 1);
}
static ip_dn_ctl_t *old_dn_ctl_ptr ;
static int
dummynet_modevent(module_t mod, int type, void *data)
{
int s ;
int s;
switch (type) {
case MOD_LOAD:
s = splimp();
old_dn_ctl_ptr = ip_dn_ctl_ptr;
ip_dn_init();
splx(s);
break;
case MOD_UNLOAD:
s = splimp();
ip_dn_ctl_ptr = old_dn_ctl_ptr;
splx(s);
untimeout(dummynet, NULL, dn_timeout);
dummynet_flush();
s = splimp();
ip_dn_ctl_ptr = NULL;
ip_dn_io_ptr = NULL;
ip_dn_ruledel_ptr = NULL;
splx(s);
break ;
default:
break ;
@ -1904,5 +1915,7 @@ static moduledata_t dummynet_mod = {
"dummynet",
dummynet_modevent,
NULL
} ;
};
DECLARE_MODULE(dummynet, dummynet_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
MODULE_DEPEND(dummynet, ipfw, 1, 1, 1);
MODULE_VERSION(dummynet, 1);

19
sys/netinet/ip_dummynet.h
View File

@ -340,17 +340,14 @@ struct dn_pipe { /* a pipe */
};
#ifdef _KERNEL
MALLOC_DECLARE(M_IPFW);
typedef int ip_dn_ctl_t (struct sockopt *) ;
extern ip_dn_ctl_t *ip_dn_ctl_ptr;
void dn_rule_delete(void *r); /* used in ip_fw.c */
int dummynet_io(int pipe, int dir,
struct mbuf *m, struct ifnet *ifp, struct route *ro,
struct sockaddr_in * dst,
struct ip_fw *rule, int flags);
typedef int ip_dn_ctl_t(struct sockopt *); /* raw_ip.c */
typedef void ip_dn_ruledel_t(void *); /* ip_fw.c */
typedef int ip_dn_io_t(int pipe, int dir, struct mbuf *m,
struct ifnet *ifp, struct route *ro, struct sockaddr_in * dst,
struct ip_fw *rule, int flags); /* ip_{in,out}put.c, bridge.c */
extern ip_dn_ctl_t *ip_dn_ctl_ptr;
extern ip_dn_ruledel_t *ip_dn_ruledel_ptr;
extern ip_dn_io_t *ip_dn_io_ptr;
#endif
#endif /* _IP_DUMMYNET_H */

18
sys/netinet/ip_fw.c
View File

@ -54,9 +54,7 @@
#include <netinet/ip_var.h>
#include <netinet/ip_icmp.h>
#include <netinet/ip_fw.h>
#ifdef DUMMYNET
#include <netinet/ip_dummynet.h>
#endif
#include <netinet/tcp.h>
#include <netinet/tcp_timer.h>
#include <netinet/tcp_var.h>
@ -236,6 +234,8 @@ static int ip_fw_chk (struct ip **pip, int hlen,
struct sockaddr_in **next_hop);
static int ip_fw_ctl (struct sockopt *sopt);
ip_dn_ruledel_t *ip_dn_ruledel_ptr = NULL;
static char err_prefix[] = "ip_fw_ctl:";
/*
@ -562,7 +562,6 @@ ipfw_report(struct ip_fw *f, struct ip *ip, int offset, int ip_len,
snprintf(SNPARGS(action2, 0), "SkipTo %d",
f->fw_skipto_rule);
break;
#ifdef DUMMYNET
case IP_FW_F_PIPE:
snprintf(SNPARGS(action2, 0), "Pipe %d",
f->fw_skipto_rule);
@ -571,7 +570,6 @@ ipfw_report(struct ip_fw *f, struct ip *ip, int offset, int ip_len,
snprintf(SNPARGS(action2, 0), "Queue %d",
f->fw_skipto_rule);
break;
#endif
#ifdef IPFIREWALL_FORWARD
case IP_FW_F_FWD:
if (f->fw_fwd_ip.sin_port)
@ -1518,12 +1516,10 @@ ip_fw_chk(struct ip **pip, int hlen,
if (!f)
goto dropit;
goto again ;
#ifdef DUMMYNET
case IP_FW_F_PIPE:
case IP_FW_F_QUEUE:
*flow_id = f;
return(f->fw_pipe_nr | IP_FW_PORT_DYNT_FLAG);
#endif
#ifdef IPFIREWALL_FORWARD
case IP_FW_F_FWD:
/* Change the next-hop address for this packet.
@ -1704,9 +1700,8 @@ free_chain(struct ip_fw *fcp)
DELETE_DYN_CHAIN(fcp);
LIST_REMOVE(fcp, next);
static_count--;
#ifdef DUMMYNET
dn_rule_delete(fcp) ;
#endif
if (ip_dn_ruledel_ptr != NULL)
ip_dn_ruledel_ptr(fcp) ;
flush_rule_ptrs(); /* more efficient to do outside the loop */
free(fcp, M_IPFW);
return n;
@ -1903,21 +1898,17 @@ check_ipfw_struct(struct ip_fw *frwl)
return (EINVAL);
}
break;
#if defined(IPDIVERT) || defined(DUMMYNET)
#ifdef IPDIVERT
case IP_FW_F_DIVERT: /* Diverting to port zero is invalid */
case IP_FW_F_TEE:
#endif
#ifdef DUMMYNET
case IP_FW_F_PIPE: /* pipe 0 is invalid */
case IP_FW_F_QUEUE: /* queue 0 is invalid */
#endif
if (frwl->fw_divert_port == 0) {
dprintf(("%s 0 is an invalid argument\n", err_prefix));
return (EINVAL);
}
break;
#endif /* IPDIVERT || DUMMYNET */
case IP_FW_F_DENY:
case IP_FW_F_ACCEPT:
case IP_FW_F_COUNT:
@ -2181,3 +2172,4 @@ static moduledata_t ipfwmod = {
0
};
DECLARE_MODULE(ipfw, ipfwmod, SI_SUB_PSEUDO, SI_ORDER_ANY);
MODULE_VERSION(ipfw, 1);

22
sys/netinet/ip_input.c
View File

@ -79,16 +79,14 @@
#include <sys/socketvar.h>
#include <netinet/ip_fw.h>
#include <netinet/ip_dummynet.h>
#ifdef IPSEC
#include <netinet6/ipsec.h>
#include <netkey/key.h>
#endif
#ifdef DUMMYNET
#include <netinet/ip_dummynet.h>
#endif
int rsvp_on = 0;
static int ip_rsvp_on;
struct socket *ip_rsvpd;
@ -190,12 +188,10 @@ SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
/* Firewall hooks */
ip_fw_chk_t *ip_fw_chk_ptr;
ip_fw_ctl_t *ip_fw_ctl_ptr;
int fw_enable = 1 ;
#ifdef DUMMYNET
ip_dn_ctl_t *ip_dn_ctl_ptr;
#endif
/* Dummynet hooks */
ip_dn_io_t *ip_dn_io_ptr;
/*
@ -301,7 +297,6 @@ ip_input(struct mbuf *m)
divert_cookie = 0;
#endif
#if defined(IPFIREWALL) && defined(DUMMYNET)
/*
* dummynet packet are prepended a vestigial mbuf with
* m_type = MT_DUMMYNET and m_data pointing to the matching
@ -315,7 +310,6 @@ ip_input(struct mbuf *m)
goto iphack ;
} else
rule = NULL ;
#endif
#ifdef DIAGNOSTIC
if (m == NULL || (m->m_flags & M_PKTHDR) == 0)
@ -420,9 +414,7 @@ ip_input(struct mbuf *m)
* - Encapsulate: put it in another IP and send out. <unimp.>
*/
#if defined(IPFIREWALL) && defined(DUMMYNET)
iphack:
#endif
#ifdef PFIL_HOOKS
/*
@ -477,14 +469,12 @@ ip_input(struct mbuf *m)
}
if (i == 0 && ip_fw_fwd_addr == NULL) /* common case */
goto pass;
#ifdef DUMMYNET
if ((i & IP_FW_PORT_DYNT_FLAG) != 0) {
if (ip_dn_io_ptr != NULL && (i & IP_FW_PORT_DYNT_FLAG) != 0) {
/* Send packet to the appropriate pipe */
dummynet_io(i&0xffff,DN_TO_IP_IN,m,NULL,NULL,0, rule,
ip_dn_io_ptr(i&0xffff,DN_TO_IP_IN,m,NULL,NULL,0, rule,
0);
return;
}
#endif
#ifdef IPDIVERT
if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) {
/* Divert or tee packet */

11
sys/netinet/ip_output.c
View File

@ -78,10 +78,7 @@ static MALLOC_DEFINE(M_IPMOPTS, "ip_moptions", "internet multicast options");
#endif /*IPSEC*/
#include <netinet/ip_fw.h>
#ifdef DUMMYNET
#include <netinet/ip_dummynet.h>
#endif
#ifdef IPFIREWALL_FORWARD_DEBUG
#define print_ip(a) printf("%ld.%ld.%ld.%ld",(ntohl(a.s_addr)>>24)&0xFF,\
@ -153,7 +150,6 @@ ip_output(m0, opt, ro, flags, imo)
divert_cookie = 0;
#endif
#if defined(IPFIREWALL) && defined(DUMMYNET)
/*
* dummynet packet are prepended a vestigial mbuf with
* m_type = MT_DUMMYNET and m_data pointing to the matching
@ -184,7 +180,6 @@ ip_output(m0, opt, ro, flags, imo)
goto sendit;
} else
rule = NULL ;
#endif
#ifdef IPSEC
so = ipsec_getsocket(m);
(void)ipsec_setsocket(m, NULL);
@ -627,8 +622,7 @@ ip_output(m0, opt, ro, flags, imo)
}
if (off == 0 && dst == old) /* common case */
goto pass ;
#ifdef DUMMYNET
if ((off & IP_FW_PORT_DYNT_FLAG) != 0) {
if (ip_dn_io_ptr != NULL && (off & IP_FW_PORT_DYNT_FLAG) != 0) {
/*
* pass the pkt to dummynet. Need to include
* pipe number, m, ifp, ro, dst because these are
@ -638,11 +632,10 @@ ip_output(m0, opt, ro, flags, imo)
* XXX note: if the ifp or ro entry are deleted
* while a pkt is in dummynet, we are in trouble!
*/
error = dummynet_io(off & 0xffff, DN_TO_IP_OUT, m,
error = ip_dn_io_ptr(off & 0xffff, DN_TO_IP_OUT, m,
ifp,ro,dst,rule, flags);
goto done;
}
#endif
#ifdef IPDIVERT
if (off != 0 && (off & IP_FW_PORT_DYNT_FLAG) == 0) {
struct mbuf *clone = NULL;

16
sys/netinet/raw_ip.c
View File

@ -63,19 +63,21 @@
#include <netinet/ip_mroute.h>
#include <netinet/ip_fw.h>
#include <netinet/ip_dummynet.h>
#ifdef IPSEC
#include <netinet6/ipsec.h>
#endif /*IPSEC*/
#include "opt_ipdn.h"
#ifdef DUMMYNET
#include <netinet/ip_dummynet.h>
#endif
struct inpcbhead ripcb;
struct inpcbinfo ripcbinfo;
/* control hooks for ipfw and dummynet */
ip_fw_ctl_t *ip_fw_ctl_ptr;
ip_dn_ctl_t *ip_dn_ctl_ptr;
/*
* Nominal space allocated to a raw ip socket.
*/
@ -287,20 +289,18 @@ rip_ctloutput(so, sopt)
case IP_FW_ADD:
case IP_FW_GET:
if (ip_fw_ctl_ptr == 0)
if (ip_fw_ctl_ptr == NULL)
error = ENOPROTOOPT;
else
error = ip_fw_ctl_ptr(sopt);
break;
#ifdef DUMMYNET
case IP_DUMMYNET_GET:
if (ip_dn_ctl_ptr == NULL)
error = ENOPROTOOPT ;
error = ENOPROTOOPT;
else
error = ip_dn_ctl_ptr(sopt);
break ;
#endif /* DUMMYNET */
case MRT_INIT:
case MRT_DONE:
@ -343,7 +343,6 @@ rip_ctloutput(so, sopt)
error = ip_fw_ctl_ptr(sopt);
break;
#ifdef DUMMYNET
case IP_DUMMYNET_CONFIGURE:
case IP_DUMMYNET_DEL:
case IP_DUMMYNET_FLUSH:
@ -352,7 +351,6 @@ rip_ctloutput(so, sopt)
else
error = ip_dn_ctl_ptr(sopt);
break ;
#endif
case IP_RSVP_ON:
error = ip_rsvp_init(so);