From 0dad3f0e15122c6e8f3bab0515e51f6486a9860f Mon Sep 17 00:00:00 2001 From: Max Laier Date: Mon, 19 Jun 2006 22:20:45 +0000 Subject: [PATCH] Import interface groups from OpenBSD. This allows to group interfaces in order to - for example - apply firewall rules to a whole group of interfaces. This is required for importing pf from OpenBSD 3.9 Obtained from: OpenBSD (with changes) Discussed on: -net (back in April) --- sbin/ifconfig/Makefile | 1 + sbin/ifconfig/ifconfig.8 | 22 +++- sbin/ifconfig/ifgroup.c | 186 +++++++++++++++++++++++++++++ sys/net/if.c | 247 +++++++++++++++++++++++++++++++++++++++ sys/net/if.h | 31 +++++ sys/net/if_clone.c | 6 + sys/net/if_var.h | 37 ++++++ sys/sys/sockio.h | 5 + 8 files changed, 534 insertions(+), 1 deletion(-) create mode 100644 sbin/ifconfig/ifgroup.c diff --git a/sbin/ifconfig/Makefile b/sbin/ifconfig/Makefile index 2f29d9bab161..672d8884520b 100644 --- a/sbin/ifconfig/Makefile +++ b/sbin/ifconfig/Makefile @@ -26,6 +26,7 @@ SRCS+= ifvlan.c # SIOC[GS]ETVLAN support SRCS+= ifieee80211.c # SIOC[GS]IEEE80211 support SRCS+= ifcarp.c # SIOC[GS]VH support +SRCS+= ifgroup.c # ... SRCS+= ifpfsync.c # pfsync(4) support SRCS+= ifbridge.c # bridge support diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8 index e1c254052311..363ec780e3e7 100644 --- a/sbin/ifconfig/ifconfig.8 +++ b/sbin/ifconfig/ifconfig.8 @@ -28,7 +28,7 @@ .\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 .\" $FreeBSD$ .\" -.Dd February 27, 2006 +.Dd April 12, 2006 .Dt IFCONFIG 8 .Os .Sh NAME @@ -71,6 +71,8 @@ .Op Fl u .Op Fl v .Op Fl C +.Nm +.Op Fl g Ar groupname .Sh DESCRIPTION The .Nm @@ -178,6 +180,8 @@ parameter is a string of the form .Dq name unit , for example, .Dq Li ed0 . +.It Ar groupname +List the interfaces in the given group. .El .Pp The following parameters may be set with @@ -262,6 +266,22 @@ the system will not attempt to transmit messages through that interface. If possible, the interface will be reset to disable reception as well. This action does not automatically disable routes using the interface. +.It Cm group Ar group-name +Assign the interface to a +.Dq group . +Any interface can be in multiple groups. +.Pp +Cloned interfaces are members of their interface family group by default. +For example, a PPP interface such as +.Em ppp0 +is a member of the PPP interface family group, +.Em ppp . +.\" The interface(s) the default route(s) point to are members of the +.\" .Em egress +.\" interface group. +.It Cm -group Ar group-name +Remove the interface from the given +.Dq group . .It Cm eui64 (Inet6 only.) Fill interface index diff --git a/sbin/ifconfig/ifgroup.c b/sbin/ifconfig/ifgroup.c new file mode 100644 index 000000000000..a5ecd8b59b39 --- /dev/null +++ b/sbin/ifconfig/ifgroup.c @@ -0,0 +1,186 @@ +/*- + * Copyright (c) 2006 Max Laier. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef lint +static const char rcsid[] = + "$FreeBSD$"; +#endif /* not lint */ + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "ifconfig.h" + +/* ARGSUSED */ +static void +setifgroup(const char *group_name, int d, int s, const struct afswtch *rafp) +{ + struct ifgroupreq ifgr; + + memset(&ifgr, 0, sizeof(ifgr)); + strlcpy(ifgr.ifgr_name, name, IFNAMSIZ); + + if (group_name[0] && isdigit(group_name[strlen(group_name) - 1])) + errx(1, "setifgroup: group names may not end in a digit"); + + if (strlcpy(ifgr.ifgr_group, group_name, IFNAMSIZ) >= IFNAMSIZ) + errx(1, "setifgroup: group name too long"); + if (ioctl(s, SIOCAIFGROUP, (caddr_t)&ifgr) == -1) + err(1," SIOCAIFGROUP"); +} + +/* ARGSUSED */ +static void +unsetifgroup(const char *group_name, int d, int s, const struct afswtch *rafp) +{ + struct ifgroupreq ifgr; + + memset(&ifgr, 0, sizeof(ifgr)); + strlcpy(ifgr.ifgr_name, name, IFNAMSIZ); + + if (group_name[0] && isdigit(group_name[strlen(group_name) - 1])) + errx(1, "unsetifgroup: group names may not end in a digit"); + + if (strlcpy(ifgr.ifgr_group, group_name, IFNAMSIZ) >= IFNAMSIZ) + errx(1, "unsetifgroup: group name too long"); + if (ioctl(s, SIOCDIFGROUP, (caddr_t)&ifgr) == -1) + err(1, "SIOCDIFGROUP"); +} + +static void +getifgroups(int s) +{ + int len, cnt; + struct ifgroupreq ifgr; + struct ifg_req *ifg; + + if (!verbose) + return; + + memset(&ifgr, 0, sizeof(ifgr)); + strlcpy(ifgr.ifgr_name, name, IFNAMSIZ); + + if (ioctl(s, SIOCGIFGROUP, (caddr_t)&ifgr) == -1) { + if (errno == EINVAL || errno == ENOTTY) + return; + else + err(1, "SIOCGIFGROUP"); + } + + len = ifgr.ifgr_len; + ifgr.ifgr_groups = + (struct ifg_req *)calloc(len / sizeof(struct ifg_req), + sizeof(struct ifg_req)); + if (ifgr.ifgr_groups == NULL) + err(1, "getifgroups"); + if (ioctl(s, SIOCGIFGROUP, (caddr_t)&ifgr) == -1) + err(1, "SIOCGIFGROUP"); + + cnt = 0; + ifg = ifgr.ifgr_groups; + for (; ifg && len >= sizeof(struct ifg_req); ifg++) { + len -= sizeof(struct ifg_req); + if (strcmp(ifg->ifgrq_group, "all")) { + if (cnt == 0) + printf("\tgroups: "); + cnt++; + printf("%s ", ifg->ifgrq_group); + } + } + if (cnt) + printf("\n"); +} + +static void +printgroup(char *groupname) +{ + struct ifgroupreq ifgr; + struct ifg_req *ifg; + int len, cnt = 0; + int s; + + s = socket(AF_INET, SOCK_DGRAM, 0); + if (s == -1) + err(1, "socket(AF_INET,SOCK_DGRAM)"); + bzero(&ifgr, sizeof(ifgr)); + strlcpy(ifgr.ifgr_name, groupname, sizeof(ifgr.ifgr_name)); + if (ioctl(s, SIOCGIFGMEMB, (caddr_t)&ifgr) == -1) { + if (errno == EINVAL || errno == ENOTTY || + errno == ENOENT) + exit(0); + else + err(1, "SIOCGIFGMEMB"); + } + + len = ifgr.ifgr_len; + if ((ifgr.ifgr_groups = calloc(1, len)) == NULL) + err(1, "printgroup"); + if (ioctl(s, SIOCGIFGMEMB, (caddr_t)&ifgr) == -1) + err(1, "SIOCGIFGMEMB"); + + for (ifg = ifgr.ifgr_groups; ifg && len >= sizeof(struct ifg_req); + ifg++) { + len -= sizeof(struct ifg_req); + printf("%s\n", ifg->ifgrq_member); + cnt++; + } + free(ifgr.ifgr_groups); + + exit(0); +} + +static struct cmd group_cmds[] = { + DEF_CMD_ARG("group", setifgroup), + DEF_CMD_ARG("-group", unsetifgroup), +}; +static struct afswtch af_group = { + .af_name = "af_group", + .af_af = AF_UNSPEC, + .af_other_status = getifgroups, +}; +static struct option group_gopt = { "g:", "[-g groupname]", printgroup }; + +static __constructor void +group_ctor(void) +{ +#define N(a) (sizeof(a) / sizeof(a[0])) + int i; + + for (i = 0; i < N(group_cmds); i++) + cmd_register(&group_cmds[i]); + af_register(&af_group); + opt_register(&group_gopt); +#undef N +} diff --git a/sys/net/if.c b/sys/net/if.c index 8a98fa621b99..fc8c1cbbf404 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -113,6 +113,8 @@ static int if_rtdel(struct radix_node *, void *); static int ifhwioctl(u_long, struct ifnet *, caddr_t, struct thread *); static void if_start_deferred(void *context, int pending); static void do_link_state_change(void *, int); +static int if_getgroup(struct ifgroupreq *, struct ifnet *); +static int if_getgroupmembers(struct ifgroupreq *); #ifdef INET6 /* * XXX: declare here to avoid to include many inet6 related files.. @@ -125,6 +127,7 @@ int if_index = 0; struct ifindex_entry *ifindex_table = NULL; int ifqmaxlen = IFQ_MAXLEN; struct ifnethead ifnet; /* depend on static init XXX */ +struct ifgrouphead ifg_head; struct mtx ifnet_lock; static if_com_alloc_t *if_com_alloc[256]; static if_com_free_t *if_com_free[256]; @@ -282,6 +285,7 @@ if_init(void *dummy __unused) IFNET_LOCK_INIT(); TAILQ_INIT(&ifnet); + TAILQ_INIT(&ifg_head); knlist_init(&ifklist, NULL, NULL, NULL, NULL); if_grow(); /* create initial table */ ifdev_byindex(0) = make_dev(&net_cdevsw, 0, @@ -441,6 +445,10 @@ if_attach(struct ifnet *ifp) TAILQ_INIT(&ifp->if_addrhead); TAILQ_INIT(&ifp->if_prefixhead); TAILQ_INIT(&ifp->if_multiaddrs); + TAILQ_INIT(&ifp->if_groups); + + if_addgroup(ifp, IFG_ALL); + knlist_init(&ifp->if_klist, NULL, NULL, NULL, NULL); getmicrotime(&ifp->if_lastchange); ifp->if_data.ifi_epoch = time_uptime; @@ -714,6 +722,214 @@ if_detach(struct ifnet *ifp) splx(s); } +/* + * Add a group to an interface + */ +int +if_addgroup(struct ifnet *ifp, const char *groupname) +{ + struct ifg_list *ifgl; + struct ifg_group *ifg = NULL; + struct ifg_member *ifgm; + + if (groupname[0] && groupname[strlen(groupname) - 1] >= '0' && + groupname[strlen(groupname) - 1] <= '9') + return (EINVAL); + + IFNET_WLOCK(); + TAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next) + if (!strcmp(ifgl->ifgl_group->ifg_group, groupname)) { + IFNET_WUNLOCK(); + return (EEXIST); + } + + if ((ifgl = (struct ifg_list *)malloc(sizeof(struct ifg_list), M_TEMP, + M_NOWAIT)) == NULL) { + IFNET_WUNLOCK(); + return (ENOMEM); + } + + if ((ifgm = (struct ifg_member *)malloc(sizeof(struct ifg_member), + M_TEMP, M_NOWAIT)) == NULL) { + free(ifgl, M_TEMP); + IFNET_WUNLOCK(); + return (ENOMEM); + } + + TAILQ_FOREACH(ifg, &ifg_head, ifg_next) + if (!strcmp(ifg->ifg_group, groupname)) + break; + + if (ifg == NULL) { + if ((ifg = (struct ifg_group *)malloc(sizeof(struct ifg_group), + M_TEMP, M_NOWAIT)) == NULL) { + free(ifgl, M_TEMP); + free(ifgm, M_TEMP); + IFNET_WUNLOCK(); + return (ENOMEM); + } + strlcpy(ifg->ifg_group, groupname, sizeof(ifg->ifg_group)); + ifg->ifg_refcnt = 0; + TAILQ_INIT(&ifg->ifg_members); + EVENTHANDLER_INVOKE(group_attach_event, ifg); + TAILQ_INSERT_TAIL(&ifg_head, ifg, ifg_next); + } + + ifg->ifg_refcnt++; + ifgl->ifgl_group = ifg; + ifgm->ifgm_ifp = ifp; + + IF_ADDR_LOCK(ifp); + TAILQ_INSERT_TAIL(&ifg->ifg_members, ifgm, ifgm_next); + TAILQ_INSERT_TAIL(&ifp->if_groups, ifgl, ifgl_next); + IF_ADDR_UNLOCK(ifp); + + IFNET_WUNLOCK(); + + EVENTHANDLER_INVOKE(group_change_event, groupname); + + return (0); +} + +/* + * Remove a group from an interface + */ +int +if_delgroup(struct ifnet *ifp, const char *groupname) +{ + struct ifg_list *ifgl; + struct ifg_member *ifgm; + + IFNET_WLOCK(); + TAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next) + if (!strcmp(ifgl->ifgl_group->ifg_group, groupname)) + break; + if (ifgl == NULL) { + IFNET_WUNLOCK(); + return (ENOENT); + } + + IF_ADDR_LOCK(ifp); + TAILQ_REMOVE(&ifp->if_groups, ifgl, ifgl_next); + IF_ADDR_UNLOCK(ifp); + + TAILQ_FOREACH(ifgm, &ifgl->ifgl_group->ifg_members, ifgm_next) + if (ifgm->ifgm_ifp == ifp) + break; + + if (ifgm != NULL) { + TAILQ_REMOVE(&ifgl->ifgl_group->ifg_members, ifgm, ifgm_next); + free(ifgm, M_TEMP); + } + + if (--ifgl->ifgl_group->ifg_refcnt == 0) { + TAILQ_REMOVE(&ifg_head, ifgl->ifgl_group, ifg_next); + EVENTHANDLER_INVOKE(group_detach_event, ifgl->ifgl_group); + free(ifgl->ifgl_group, M_TEMP); + } + IFNET_WUNLOCK(); + + free(ifgl, M_TEMP); + + EVENTHANDLER_INVOKE(group_change_event, groupname); + + return (0); +} + +/* + * Stores all groups from an interface in memory pointed + * to by data + */ +static int +if_getgroup(struct ifgroupreq *data, struct ifnet *ifp) +{ + int len, error; + struct ifg_list *ifgl; + struct ifg_req ifgrq, *ifgp; + struct ifgroupreq *ifgr = data; + + if (ifgr->ifgr_len == 0) { + IF_ADDR_LOCK(ifp); + TAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next) + ifgr->ifgr_len += sizeof(struct ifg_req); + IF_ADDR_UNLOCK(ifp); + return (0); + } + + len = ifgr->ifgr_len; + ifgp = ifgr->ifgr_groups; + /* XXX: wire */ + IF_ADDR_LOCK(ifp); + TAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next) { + if (len < sizeof(ifgrq)) { + IF_ADDR_UNLOCK(ifp); + return (EINVAL); + } + bzero(&ifgrq, sizeof ifgrq); + strlcpy(ifgrq.ifgrq_group, ifgl->ifgl_group->ifg_group, + sizeof(ifgrq.ifgrq_group)); + if ((error = copyout(&ifgrq, ifgp, sizeof(struct ifg_req)))) { + IF_ADDR_UNLOCK(ifp); + return (error); + } + len -= sizeof(ifgrq); + ifgp++; + } + IF_ADDR_UNLOCK(ifp); + + return (0); +} + +/* + * Stores all members of a group in memory pointed to by data + */ +static int +if_getgroupmembers(struct ifgroupreq *data) +{ + struct ifgroupreq *ifgr = data; + struct ifg_group *ifg; + struct ifg_member *ifgm; + struct ifg_req ifgrq, *ifgp; + int len, error; + + IFNET_RLOCK(); + TAILQ_FOREACH(ifg, &ifg_head, ifg_next) + if (!strcmp(ifg->ifg_group, ifgr->ifgr_name)) + break; + if (ifg == NULL) { + IFNET_RUNLOCK(); + return (ENOENT); + } + + if (ifgr->ifgr_len == 0) { + TAILQ_FOREACH(ifgm, &ifg->ifg_members, ifgm_next) + ifgr->ifgr_len += sizeof(ifgrq); + IFNET_RUNLOCK(); + return (0); + } + + len = ifgr->ifgr_len; + ifgp = ifgr->ifgr_groups; + TAILQ_FOREACH(ifgm, &ifg->ifg_members, ifgm_next) { + if (len < sizeof(ifgrq)) { + IFNET_RUNLOCK(); + return (EINVAL); + } + bzero(&ifgrq, sizeof ifgrq); + strlcpy(ifgrq.ifgrq_member, ifgm->ifgm_ifp->if_xname, + sizeof(ifgrq.ifgrq_member)); + if ((error = copyout(&ifgrq, ifgp, sizeof(struct ifg_req)))) { + IFNET_RUNLOCK(); + return (error); + } + len -= sizeof(ifgrq); + ifgp++; + } + IFNET_RUNLOCK(); + + return (0); +} + /* * Delete Routes for a Network Interface * @@ -1472,6 +1688,35 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) ifr->ifr_addr.sa_data, ifr->ifr_addr.sa_len); break; + case SIOCAIFGROUP: + { + struct ifgroupreq *ifgr = (struct ifgroupreq *)ifr; + + error = suser(td); + if (error) + return (error); + if ((error = if_addgroup(ifp, ifgr->ifgr_group))) + return (error); + break; + } + + case SIOCGIFGROUP: + if ((error = if_getgroup((struct ifgroupreq *)ifr, ifp))) + return (error); + break; + + case SIOCDIFGROUP: + { + struct ifgroupreq *ifgr = (struct ifgroupreq *)ifr; + + error = suser(td); + if (error) + return (error); + if ((error = if_delgroup(ifp, ifgr->ifgr_group))) + return (error); + break; + } + default: error = ENOIOCTL; break; @@ -1511,6 +1756,8 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct thread *td) case SIOCIFGCLONERS: return (if_clone_list((struct if_clonereq *)data)); + case SIOCGIFGMEMB: + return (if_getgroupmembers((struct ifgroupreq *)data)); } ifp = ifunit(ifr->ifr_name); diff --git a/sys/net/if.h b/sys/net/if.h index f6690175e600..1116d4b9c9be 100644 --- a/sys/net/if.h +++ b/sys/net/if.h @@ -355,6 +355,37 @@ struct ifconf32 { }; #endif +/* + * interface groups + */ + +#define IFG_ALL "all" /* group contains all interfaces */ +/* XXX: will we implement this? */ +#define IFG_EGRESS "egress" /* if(s) default route(s) point to */ + +struct ifg_req { + union { + char ifgrqu_group[IFNAMSIZ]; + char ifgrqu_member[IFNAMSIZ]; + } ifgrq_ifgrqu; +#define ifgrq_group ifgrq_ifgrqu.ifgrqu_group +#define ifgrq_member ifgrq_ifgrqu.ifgrqu_member +}; + +/* + * Used to lookup groups for an interface + */ +struct ifgroupreq { + char ifgr_name[IFNAMSIZ]; + u_int ifgr_len; + union { + char ifgru_group[IFNAMSIZ]; + struct ifg_req *ifgru_groups; + } ifgr_ifgru; +#define ifgr_group ifgr_ifgru.ifgru_group +#define ifgr_groups ifgr_ifgru.ifgru_groups +}; + /* * Structure for SIOC[AGD]LIFADDR */ diff --git a/sys/net/if_clone.c b/sys/net/if_clone.c index 89d679d67922..aa2c21af7fa7 100644 --- a/sys/net/if_clone.c +++ b/sys/net/if_clone.c @@ -158,6 +158,8 @@ if_clone_createif(struct if_clone *ifc, char *name, size_t len) if (ifp == NULL) panic("%s: lookup failed for %s", __func__, name); + if_addgroup(ifp, ifc->ifc_name); + IF_CLONE_LOCK(ifc); IFC_IFLIST_INSERT(ifc, ifp); IF_CLONE_UNLOCK(ifc); @@ -210,9 +212,13 @@ if_clone_destroyif(struct if_clone *ifc, struct ifnet *ifp) IFC_IFLIST_REMOVE(ifc, ifp); IF_CLONE_UNLOCK(ifc); + if_delgroup(ifp, ifc->ifc_name); + err = (*ifc->ifc_destroy)(ifc, ifp); if (err != 0) { + if_addgroup(ifp, ifc->ifc_name); + IF_CLONE_LOCK(ifc); IFC_IFLIST_INSERT(ifc, ifp); IF_CLONE_UNLOCK(ifc); diff --git a/sys/net/if_var.h b/sys/net/if_var.h index b76e07535ee6..84ac36438a96 100644 --- a/sys/net/if_var.h +++ b/sys/net/if_var.h @@ -91,6 +91,7 @@ TAILQ_HEAD(ifnethead, ifnet); /* we use TAILQs so that the order of */ TAILQ_HEAD(ifaddrhead, ifaddr); /* instantiation is preserved in the list */ TAILQ_HEAD(ifprefixhead, ifprefix); TAILQ_HEAD(ifmultihead, ifmultiaddr); +TAILQ_HEAD(ifgrouphead, ifg_group); /* * Structure defining a queue for a network interface. @@ -182,6 +183,9 @@ struct ifnet { struct task if_linktask; /* task for link change events */ struct mtx if_addr_mtx; /* mutex to protect address lists */ LIST_ENTRY(ifnet) if_clones; /* interfaces of a cloner */ + TAILQ_HEAD(, ifg_list) if_groups; /* linked list of groups per if */ + /* protected by if_addr_mtx */ + void *if_pf_kif; }; typedef void if_init_f_t(void *); @@ -318,6 +322,37 @@ EVENTHANDLER_DECLARE(ifnet_arrival_event, ifnet_arrival_event_handler_t); typedef void (*ifnet_departure_event_handler_t)(void *, struct ifnet *); EVENTHANDLER_DECLARE(ifnet_departure_event, ifnet_departure_event_handler_t); +/* + * interface groups + */ +struct ifg_group { + char ifg_group[IFNAMSIZ]; + u_int ifg_refcnt; + void *ifg_pf_kif; + TAILQ_HEAD(, ifg_member) ifg_members; + TAILQ_ENTRY(ifg_group) ifg_next; +}; + +struct ifg_member { + TAILQ_ENTRY(ifg_member) ifgm_next; + struct ifnet *ifgm_ifp; +}; + +struct ifg_list { + struct ifg_group *ifgl_group; + TAILQ_ENTRY(ifg_list) ifgl_next; +}; + +/* group attach event */ +typedef void (*group_attach_event_handler_t)(void *, struct ifg_group *); +EVENTHANDLER_DECLARE(group_attach_event, group_attach_event_handler_t); +/* group detach event */ +typedef void (*group_detach_event_handler_t)(void *, struct ifg_group *); +EVENTHANDLER_DECLARE(group_detach_event, group_detach_event_handler_t); +/* group change event */ +typedef void (*group_change_event_handler_t)(void *, const char *); +EVENTHANDLER_DECLARE(group_change_event, group_change_event_handler_t); + #define IF_AFDATA_LOCK_INIT(ifp) \ mtx_init(&(ifp)->if_afdata_mtx, "if_afdata", NULL, MTX_DEF) #define IF_AFDATA_LOCK(ifp) mtx_lock(&(ifp)->if_afdata_mtx) @@ -624,6 +659,8 @@ extern int ifqmaxlen; extern struct ifnet *loif; /* first loopback interface */ extern int if_index; +int if_addgroup(struct ifnet *, const char *); +int if_delgroup(struct ifnet *, const char *); int if_addmulti(struct ifnet *, struct sockaddr *, struct ifmultiaddr **); int if_allmulti(struct ifnet *, int); struct ifnet* if_alloc(u_char); diff --git a/sys/sys/sockio.h b/sys/sys/sockio.h index 3331e87678da..e25aee23af72 100644 --- a/sys/sys/sockio.h +++ b/sys/sys/sockio.h @@ -117,4 +117,9 @@ #define SIOCIFDESTROY _IOW('i', 121, struct ifreq) /* destroy clone if */ #define SIOCIFGCLONERS _IOWR('i', 120, struct if_clonereq) /* get cloners */ +#define SIOCAIFGROUP _IOW('i', 135, struct ifgroupreq) /* add an ifgroup */ +#define SIOCGIFGROUP _IOWR('i', 136, struct ifgroupreq) /* get ifgroups */ +#define SIOCDIFGROUP _IOW('i', 137, struct ifgroupreq) /* delete ifgroup */ +#define SIOCGIFGMEMB _IOWR('i', 138, struct ifgroupreq) /* get members */ + #endif /* !_SYS_SOCKIO_H_ */