Kill EOL spaces.
Approved by: luigi MFC after: 1 week
This commit is contained in:
parent
6b6874b20c
commit
ba3a9d459c
@ -6,10 +6,10 @@
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
@ -118,15 +118,15 @@ SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, enable,
|
||||
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, autoinc_step, CTLFLAG_RW,
|
||||
&autoinc_step, 0, "Rule number autincrement step");
|
||||
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, one_pass,
|
||||
CTLFLAG_RW | CTLFLAG_SECURE,
|
||||
&fw_one_pass, 0,
|
||||
CTLFLAG_RW | CTLFLAG_SECURE,
|
||||
&fw_one_pass, 0,
|
||||
"Only do a single pass through ipfw when using dummynet(4)");
|
||||
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW,
|
||||
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW,
|
||||
&fw_debug, 0, "Enable printing of debug ip_fw statements");
|
||||
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose,
|
||||
CTLFLAG_RW | CTLFLAG_SECURE,
|
||||
CTLFLAG_RW | CTLFLAG_SECURE,
|
||||
&fw_verbose, 0, "Log matches to ipfw rules");
|
||||
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit, CTLFLAG_RW,
|
||||
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit, CTLFLAG_RW,
|
||||
&verbose_limit, 0, "Set upper limit of matches of ipfw rules logged");
|
||||
|
||||
/*
|
||||
@ -186,7 +186,7 @@ static u_int32_t dyn_short_lifetime = 5;
|
||||
* dyn_rst_lifetime and dyn_fin_lifetime should be strictly lower
|
||||
* than dyn_keepalive_period.
|
||||
*/
|
||||
|
||||
|
||||
static u_int32_t dyn_keepalive_interval = 20;
|
||||
static u_int32_t dyn_keepalive_period = 5;
|
||||
static u_int32_t dyn_keepalive = 1; /* do send keepalives */
|
||||
@ -496,7 +496,7 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ether_header *eh,
|
||||
ntohs(sa->sa.sin_port));
|
||||
}
|
||||
break;
|
||||
default:
|
||||
default:
|
||||
action = "UNKNOWN";
|
||||
break;
|
||||
}
|
||||
@ -1058,7 +1058,7 @@ send_pkt(struct ipfw_flow_id *id, u_int32_t seq, u_int32_t ack, int flags)
|
||||
struct route sro; /* fake route */
|
||||
|
||||
MGETHDR(m, M_DONTWAIT, MT_HEADER);
|
||||
if (m == 0)
|
||||
if (m == 0)
|
||||
return;
|
||||
m->m_pkthdr.rcvif = (struct ifnet *)0;
|
||||
m->m_pkthdr.len = m->m_len = sizeof(struct ip) + sizeof(struct tcphdr);
|
||||
@ -1164,7 +1164,7 @@ send_reject(struct ip_fw_args *args, int code, int offset, int ip_len)
|
||||
* This never returns NULL -- in case we do not have an exact match,
|
||||
* the next rule is returned. When the ruleset is changed,
|
||||
* pointers are flushed so we are always correct.
|
||||
*/
|
||||
*/
|
||||
|
||||
static struct ip_fw *
|
||||
lookup_next_rule(struct ip_fw *me)
|
||||
@ -1220,7 +1220,7 @@ lookup_next_rule(struct ip_fw *me)
|
||||
* 16 bits as a dummynet pipe number instead of diverting
|
||||
*/
|
||||
|
||||
static int
|
||||
static int
|
||||
ipfw_chk(struct ip_fw_args *args)
|
||||
{
|
||||
/*
|
||||
@ -1585,7 +1585,7 @@ ipfw_chk(struct ip_fw_args *args)
|
||||
((ipfw_insn_ip *)cmd)->addr.s_addr ==
|
||||
src_ip.s_addr);
|
||||
break;
|
||||
|
||||
|
||||
case O_IP_SRC_MASK:
|
||||
match = (hlen > 0 &&
|
||||
((ipfw_insn_ip *)cmd)->addr.s_addr ==
|
||||
@ -1601,7 +1601,7 @@ ipfw_chk(struct ip_fw_args *args)
|
||||
match = (tif != NULL);
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
case O_IP_DST_SET:
|
||||
case O_IP_SRC_SET:
|
||||
if (hlen > 0) {
|
||||
@ -1641,7 +1641,7 @@ ipfw_chk(struct ip_fw_args *args)
|
||||
match = (tif != NULL);
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
case O_IP_SRCPORT:
|
||||
case O_IP_DSTPORT:
|
||||
/*
|
||||
@ -1842,7 +1842,7 @@ ipfw_chk(struct ip_fw_args *args)
|
||||
args->rule = f; /* report matching rule */
|
||||
retval = cmd->arg1 | IP_FW_PORT_DYNT_FLAG;
|
||||
goto done;
|
||||
|
||||
|
||||
case O_DIVERT:
|
||||
case O_TEE:
|
||||
if (args->eh) /* not on layer 2 */
|
||||
@ -1913,7 +1913,7 @@ ipfw_chk(struct ip_fw_args *args)
|
||||
} /* end of inner for, scan opcodes */
|
||||
|
||||
next_rule:; /* try next rule */
|
||||
|
||||
|
||||
} /* end of outer for, scan rules */
|
||||
printf("+++ ipfw: ouch!, skip past end of rules, denying packet\n");
|
||||
return(IP_FW_PORT_DENY_FLAG);
|
||||
@ -1957,10 +1957,9 @@ flush_pipe_ptrs(struct dn_flow_set *match)
|
||||
|
||||
for (rule = layer3_chain; rule; rule = rule->next) {
|
||||
ipfw_insn_pipe *cmd = (ipfw_insn_pipe *)ACTION_PTR(rule);
|
||||
|
||||
|
||||
if (cmd->o.opcode != O_PIPE && cmd->o.opcode != O_QUEUE)
|
||||
continue;
|
||||
|
||||
if (match == NULL || cmd->pipe_ptr == match)
|
||||
cmd->pipe_ptr = NULL;
|
||||
}
|
||||
@ -2100,7 +2099,7 @@ free_chain(struct ip_fw **chain, int kill_default)
|
||||
*
|
||||
* The argument is an u_int32_t. The low 16 bit are the rule or set number,
|
||||
* the next 8 bits are the new set, the top 8 bits are the command:
|
||||
*
|
||||
*
|
||||
* 0 delete rules with given number
|
||||
* 1 delete rules with given set number
|
||||
* 2 move rules with given number to new set
|
||||
@ -2130,7 +2129,7 @@ del_entry(struct ip_fw **chain, u_int32_t arg)
|
||||
if (rulenum > 30)
|
||||
return EINVAL;
|
||||
}
|
||||
|
||||
|
||||
switch (cmd) {
|
||||
case 0: /* delete rules with given number */
|
||||
/*
|
||||
@ -2339,7 +2338,7 @@ check_ipfw_struct(struct ip_fw *rule, int size)
|
||||
case O_LOG:
|
||||
if (cmdlen != F_INSN_SIZE(ipfw_insn_log))
|
||||
goto bad_size;
|
||||
|
||||
|
||||
((ipfw_insn_log *)cmd)->log_left =
|
||||
((ipfw_insn_log *)cmd)->max_log;
|
||||
|
||||
@ -2548,7 +2547,7 @@ ipfw_ctl(struct sockopt *sopt)
|
||||
* On the other hand, the risk is that we end up with
|
||||
* a very inconsistent ruleset, so better keep the lock
|
||||
* around the whole cycle.
|
||||
*
|
||||
*
|
||||
* XXX this code can be improved by resetting the head of
|
||||
* the list to point to the default rule, and then freeing
|
||||
* the old list without the need for a lock.
|
||||
@ -2726,7 +2725,7 @@ ipfw_modevent(module_t mod, int type, void *unused)
|
||||
{
|
||||
int s;
|
||||
int err = 0;
|
||||
|
||||
|
||||
switch (type) {
|
||||
case MOD_LOAD:
|
||||
s = splimp();
|
||||
|
Loading…
Reference in New Issue
Block a user