d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Style(9) round for the pf kernel parts. Mostly #if defined() -> #ifdef

Browse Source 
Also set HOOK_HACK to true (remove the related #ifdef's) as we have the
hooks in the kernel this was missed during the merge from the port.

Noticed by:	Amir S.	(for the HOOK_HACK part)
Approved by:	bms(mentor)
This commit is contained in:
Max Laier 2004-03-17 21:11:02 +00:00
parent 512af1646c
commit cc7e902276
10 changed files with 283 additions and 323 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
sys/contrib/pf/net/if_pflog.c
View File

@ -34,26 +34,26 @@
* PURPOSE.
*/
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include "opt_inet.h"
#include "opt_inet6.h"
#endif
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
#include "bpfilter.h"
#include "pflog.h"
#elif __FreeBSD__ >= 5
#include "opt_bpf.h"
#define NBPFILTER DEV_BPF
#include "opt_pf.h"
#define NPFLOG DEV_PFLOG
#define NBPFILTER DEV_BPF
#define NPFLOG DEV_PFLOG
#endif
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/mbuf.h>
#include <sys/socket.h>
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/sockio.h>
@ -73,7 +73,7 @@
#include <netinet/ip.h>
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <machine/in_cksum.h>
#endif
@ -87,8 +87,8 @@
#include <net/pfvar.h>
#include <net/if_pflog.h>
#if defined(__FreeBSD__)
#define PFLOGNAME "pflog"
#ifdef __FreeBSD__
#define PFLOGNAME "pflog"
#endif
#define PFLOGMTU (32768 + MHLEN + MLEN)
@ -99,11 +99,11 @@
#define DPRINTF(x)
#endif
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
struct pflog_softc pflogif[NPFLOG];
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
void pflog_clone_destroy(struct ifnet *);
int pflog_clone_create(struct if_clone *, int);
#else
@ -115,11 +115,11 @@ int pflogioctl(struct ifnet *, u_long, caddr_t);
void pflogrtrequest(int, struct rtentry *, struct sockaddr *);
void pflogstart(struct ifnet *);
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
extern int ifqmaxlen;
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
static MALLOC_DEFINE(M_PFLOG, PFLOGNAME, "Packet Filter Logging Interface");
static LIST_HEAD(pflog_list, pflog_softc) pflog_list;
struct if_clone pflog_cloner = IF_CLONE_INITIALIZER(PFLOGNAME,
@ -142,9 +142,7 @@ pflog_clone_destroy(struct ifnet *ifp)
LIST_REMOVE(sc, sc_next);
free(sc, M_PFLOG);
}
#endif /* __FreeBSD__ */
#if defined(__FreeBSD__)
int
pflog_clone_create(struct if_clone *ifc, int unit)
{
@ -226,12 +224,12 @@ pflogstart(struct ifnet *ifp)
#endif
int s;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
ifq = &ifp->if_snd;
#endif
for (;;) {
s = splimp();
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
IF_LOCK(ifq);
_IF_DROP(ifq);
_IF_DEQUEUE(ifq, m);
@ -339,7 +337,7 @@ pflog_packet(struct ifnet *ifp, struct mbuf *m, sa_family_t af, u_int8_t dir,
m1.m_len = PFLOG_HDRLEN;
m1.m_data = (char *) &hdr;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((!LIST_EMPTY(&pflog_list)), ("pflog: no interface"));
ifn = &LIST_FIRST(&pflog_list)->sc_if;
#else
@ -353,7 +351,7 @@ pflog_packet(struct ifnet *ifp, struct mbuf *m, sa_family_t af, u_int8_t dir,
return (0);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
static int
pflog_modevent(module_t mod, int type, void *data)
{

2
sys/contrib/pf/net/if_pflog.h
View File

@ -30,7 +30,7 @@
struct pflog_softc {
struct ifnet sc_if; /* the interface */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
LIST_ENTRY(pflog_softc) sc_next;
#endif
};

48
sys/contrib/pf/net/if_pfsync.c
View File

@ -27,19 +27,19 @@
* THE POSSIBILITY OF SUCH DAMAGE.
*/
#if defined(__FreeBSD__) && __FreeBSD__ >= 5
#ifdef __FreeBSD__
#include "opt_inet.h"
#include "opt_inet6.h"
#endif
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
#include "bpfilter.h"
#include "pfsync.h"
#elif __FreeBSD__ >= 5
#include "opt_bpf.h"
#define NBPFILTER DEV_BPF
#include "opt_pf.h"
#define NPFSYNC DEV_PFSYNC
#define NBPFILTER DEV_BPF
#define NPFSYNC DEV_PFSYNC
#endif
#include <sys/param.h>
@ -47,7 +47,7 @@
#include <sys/time.h>
#include <sys/mbuf.h>
#include <sys/socket.h>
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/sockio.h>
@ -76,8 +76,8 @@
#include <net/pfvar.h>
#include <net/if_pfsync.h>
#if defined(__FreeBSD__)
#define PFSYNCNAME "pfsync"
#ifdef __FreeBSD__
#define PFSYNCNAME "pfsync"
#endif
#define PFSYNC_MINMTU \
@ -90,11 +90,11 @@ int pfsyncdebug;
#define DPRINTF(x)
#endif
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
struct pfsync_softc pfsyncif;
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
void pfsync_clone_destroy(struct ifnet *);
int pfsync_clone_create(struct if_clone *, int);
#else
@ -110,11 +110,11 @@ struct mbuf *pfsync_get_mbuf(struct pfsync_softc *sc, u_int8_t action);
int pfsync_sendout(struct pfsync_softc *sc);
void pfsync_timeout(void *v);
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
extern int ifqmaxlen;
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
static MALLOC_DEFINE(M_PFSYNC, PFSYNCNAME, "Packet Filter State Sync. Interface");
static LIST_HEAD(pfsync_list, pfsync_softc) pfsync_list;
struct if_clone pfsync_cloner = IF_CLONE_INITIALIZER(PFSYNCNAME,
@ -140,9 +140,7 @@ pfsync_clone_destroy(struct ifnet *ifp)
LIST_REMOVE(sc, sc_next);
free(sc, M_PFSYNC);
}
#endif /* __FreeBSD__ */
#if defined(__FreeBSD__)
int
pfsync_clone_create(struct if_clone *ifc, int unit)
{
@ -226,12 +224,12 @@ pfsyncstart(struct ifnet *ifp)
#endif
int s;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
ifq = &ifp->if_snd;
#endif
for (;;) {
s = splimp();
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
IF_LOCK(ifq);
_IF_DROP(ifq);
_IF_DEQUEUE(ifq, m);
@ -309,7 +307,7 @@ pfsync_get_mbuf(sc, action)
struct pfsync_softc *sc;
u_int8_t action;
{
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
extern int hz;
#endif
struct pfsync_header *h;
@ -342,7 +340,7 @@ pfsync_get_mbuf(sc, action)
sc->sc_mbuf = m;
sc->sc_ptr = (struct pf_state *)((char *)h + PFSYNC_HDRLEN);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
callout_reset(&sc->sc_tmo, hz, pfsync_timeout,
LIST_FIRST(&pfsync_list));
#else
@ -361,7 +359,7 @@ pfsync_pack_state(action, st)
u_int8_t action;
struct pf_state *st;
{
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct pfsync_softc *sc = LIST_FIRST(&pfsync_list);
#else
extern struct timeval time;
@ -378,11 +376,11 @@ pfsync_pack_state(action, st)
if (action >= PFSYNC_ACT_MAX)
return (EINVAL);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX
* If we need to check mutex owned, PF_LOCK should be
* declared in pflog.ko. :-(
* declared in pflog.ko.
*
* PF_LOCK_ASSERT();
*/
@ -420,7 +418,7 @@ pfsync_pack_state(action, st)
pf_state_peer_hton(&st->dst, &sp->dst);
bcopy(&st->rt_addr, &sp->rt_addr, sizeof(sp->rt_addr));
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
secs = time_second;
#else
secs = time.tv_sec;
@ -456,7 +454,7 @@ int
pfsync_clear_state(st)
struct pf_state *st;
{
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct pfsync_softc *sc = LIST_FIRST(&pfsync_list);
#else
struct ifnet *ifp = &pfsyncif.sc_if;
@ -495,7 +493,7 @@ pfsync_sendout(sc)
struct ifnet *ifp = &sc->sc_if;
struct mbuf *m = sc->sc_mbuf;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
callout_stop(&sc->sc_tmo);
#else
timeout_del(&sc->sc_tmo);
@ -503,7 +501,7 @@ pfsync_sendout(sc)
sc->sc_mbuf = NULL;
sc->sc_ptr = NULL;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT(m != NULL, ("pfsync_sendout: null mbuf"));
#endif
#if NBPFILTER > 0
@ -517,7 +515,7 @@ pfsync_sendout(sc)
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
static int
pfsync_modevent(module_t mod, int type, void *data)
{

4
sys/contrib/pf/net/if_pfsync.h
View File

@ -34,7 +34,7 @@
struct pfsync_softc {
struct ifnet sc_if;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct callout sc_tmo;
#else
struct timeout sc_tmo;
@ -42,7 +42,7 @@ struct pfsync_softc {
struct mbuf *sc_mbuf; /* current cummulative mbuf */
struct pf_state *sc_ptr; /* current ongoing state */
int sc_count; /* number of states in one mtu */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
LIST_ENTRY(pfsync_softc) sc_next;
#endif
};

182
sys/contrib/pf/net/pf.c
View File

@ -35,17 +35,17 @@
*
*/
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include "opt_inet.h"
#include "opt_inet6.h"
#endif
#if defined(__FreeBSD__) && __FreeBSD__ >= 5
#ifdef __FreeBSD__
#include "opt_bpf.h"
#define NBPFILTER DEV_BPF
#include "opt_pf.h"
#define NPFLOG DEV_PFLOG
#define NPFSYNC DEV_PFSYNC
#define NBPFILTER DEV_BPF
#define NPFLOG DEV_PFLOG
#define NPFSYNC DEV_PFSYNC
#else
#include "bpfilter.h"
#include "pflog.h"
@ -60,7 +60,7 @@
#include <sys/socketvar.h>
#include <sys/kernel.h>
#include <sys/time.h>
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <sys/sysctl.h>
#else
#include <sys/pool.h>
@ -86,7 +86,7 @@
#include <netinet/udp_var.h>
#include <netinet/icmp_var.h>
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
#include <dev/rndvar.h>
#endif
#include <net/pfvar.h>
@ -98,7 +98,7 @@
#include <netinet/in_pcb.h>
#include <netinet/icmp6.h>
#include <netinet6/nd6.h>
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <netinet6/ip6_var.h>
#include <netinet6/in6_pcb.h>
#endif
@ -108,7 +108,7 @@
#include <altq/if_altq.h>
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <machine/in_cksum.h>
#if (__FreeBSD_version >= 500112)
#include <sys/limits.h>
@ -118,7 +118,7 @@
#include <sys/ucred.h>
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
extern int ip_optcopy(struct ip *, struct ip *);
#if (__FreeBSD_version < 501105)
int ip_fragment(struct ip *ip, struct mbuf **m_frag, int mtu,
@ -146,14 +146,14 @@ u_int32_t ticket_altqs_active;
u_int32_t ticket_altqs_inactive;
u_int32_t ticket_pabuf;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct callout pf_expire_to; /* expire timeout */
#else
struct timeout pf_expire_to; /* expire timeout */
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
uma_zone_t pf_tree_pl, pf_rule_pl, pf_addr_pl;
uma_zone_t pf_state_pl, pf_altq_pl, pf_pooladdr_pl;
#else
@ -162,8 +162,8 @@ struct pool pf_state_pl, pf_altq_pl, pf_pooladdr_pl;
#endif
void pf_dynaddr_update(void *);
#if defined(__FreeBSD__) && defined(HOOK_HACK)
void pf_dynaddr_update_event(void *arg, struct ifnet *ifp);
#ifdef __FreeBSD__
void pf_dynaddr_update_event(void *arg, struct ifnet *ifp);
#endif
void pf_print_host(struct pf_addr *, u_int16_t, u_int8_t);
void pf_print_state(struct pf_state *);
@ -259,11 +259,9 @@ int pf_check_proto_cksum(struct mbuf *, int, int,
int pf_addr_wrap_neq(struct pf_addr_wrap *,
struct pf_addr_wrap *);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int in4_cksum(struct mbuf *m, u_int8_t nxt, int off, int len);
#endif
#if defined(__FreeBSD__)
struct pf_pool_limit pf_pool_limits[PF_LIMIT_MAX];
#else
struct pf_pool_limit pf_pool_limits[PF_LIMIT_MAX] =
@ -302,7 +300,7 @@ static __inline int pf_state_compare(struct pf_tree_node *,
struct pf_state_tree tree_lan_ext, tree_ext_gwy;
RB_GENERATE(pf_state_tree, pf_tree_node, entry, pf_state_compare);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
static int
#else
static __inline int
@ -488,25 +486,25 @@ pf_insert_state(struct pf_state *state)
void
pf_purge_timeout(void *arg)
{
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct callout *to = arg;
#else
struct timeout *to = arg;
#endif
int s;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
s = splsoftnet();
pf_purge_expired_states();
pf_purge_expired_fragments();
splx(s);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
callout_reset(to, pf_default_rule.timeout[PFTM_INTERVAL] * hz,
pf_purge_timeout, to);
#else
@ -524,14 +522,14 @@ pf_state_expires(const struct pf_state *state)
/* handle all PFTM_* > PFTM_MAX here */
if (state->timeout == PFTM_PURGE)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
return (time_second);
#else
return (time.tv_sec);
#endif
if (state->timeout == PFTM_UNTIL_PACKET)
return (0);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((state->timeout < PFTM_MAX),
("pf_state_expires: timeout > PFTM_MAX"));
#else
@ -554,7 +552,7 @@ pf_state_expires(const struct pf_state *state)
return (state->expire + timeout * (end - states) /
(end - start));
else
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
return (time_second);
#else
return (time.tv_sec);
@ -572,7 +570,7 @@ pf_purge_expired_states(void)
for (cur = RB_MIN(pf_state_tree, &tree_ext_gwy); cur; cur = next) {
next = RB_NEXT(pf_state_tree, &tree_ext_gwy, cur);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (pf_state_expires(cur->state) <= (u_int32_t)time_second) {
#else
if (pf_state_expires(cur->state) <= time.tv_sec) {
@ -602,7 +600,7 @@ pf_purge_expired_states(void)
key.port[1] = cur->state->ext.port;
peer = RB_FIND(pf_state_tree, &tree_lan_ext, &key);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((peer), ("peer null :%s", __FUNCTION__));
KASSERT((peer->state == cur->state),
("peer->state != cur->state: %s", __FUNCTION__));
@ -686,7 +684,7 @@ pf_dynaddr_setup(struct pf_addr_wrap *aw, sa_family_t af)
aw->p.dyn->addr = &aw->v.a.addr;
aw->p.dyn->af = af;
aw->p.dyn->undefined = 1;
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
aw->p.dyn->hook_cookie = hook_establish(
aw->p.dyn->ifp->if_addrhooks, 1,
pf_dynaddr_update, aw->p.dyn);
@ -695,7 +693,7 @@ pf_dynaddr_setup(struct pf_addr_wrap *aw, sa_family_t af)
aw->p.dyn = NULL;
return (1);
}
#elif defined(__FreeBSD__) && defined(HOOK_HACK)
#else
PF_UNLOCK();
aw->p.dyn->hook_cookie = EVENTHANDLER_REGISTER(ifaddr_event,
pf_dynaddr_update_event, aw->p.dyn, EVENTHANDLER_PRI_ANY);
@ -705,26 +703,12 @@ pf_dynaddr_setup(struct pf_addr_wrap *aw, sa_family_t af)
aw->p.dyn = NULL;
return (1);
}
#else
/*
* XXX
* We have no hook_establish(9)/dohooks(9) kernel interfaces.
* This means that we do not aware of interface address changes(add,
* remove, etc). User should update pf rule manually after interface
* address changed. This may not be possible solution if you use xDSL.
* ipfw/ipfw2's approach with this situation(with me keyword) is not
* very efficient due to analyzing interface address during runtime.
* Another solution is to use a user-land daemon watching address
* changes with socket interface. Neither one is good.
* Supporting hook_establish(9) requries modification of in_control()
* located in netinet/in.c.
*/
#endif
pf_dynaddr_update(aw->p.dyn);
return (0);
}
#if defined(__FreeBSD__) && defined(HOOK_HACK)
#ifdef __FreeBSD__
void
pf_dynaddr_update_event(void *arg, struct ifnet *ifp)
{
@ -784,19 +768,13 @@ pf_dynaddr_remove(struct pf_addr_wrap *aw)
{
if (aw->type != PF_ADDR_DYNIFTL || aw->p.dyn == NULL)
return;
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
hook_disestablish(aw->p.dyn->ifp->if_addrhooks,
aw->p.dyn->hook_cookie);
#elif defined(__FreeBSD__) && defined(HOOK_HACK)
#else
PF_UNLOCK();
EVENTHANDLER_DEREGISTER(ifaddr_event, aw->p.dyn->hook_cookie);
PF_LOCK();
#else
/*
* XXX
* We have no hook_establish(9)/dohooks(9) kernel interfaces.
* See comments above function, pf_dynaddr_setup().
*/
#endif
pool_put(&pf_addr_pl, aw->p.dyn);
aw->p.dyn = NULL;
@ -1252,7 +1230,7 @@ pf_send_tcp(const struct pf_rule *r, sa_family_t af,
struct ip6_hdr *h6;
#endif /* INET6 */
struct tcphdr *th;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct ip *ip;
#if (__FreeBSD_version < 501114)
struct route ro;
@ -1363,15 +1341,15 @@ pf_send_tcp(const struct pf_rule *r, sa_family_t af,
h->ip_v = 4;
h->ip_hl = sizeof(*h) >> 2;
h->ip_tos = IPTOS_LOWDELAY;
#if defined(__FreeBSD__)
h->ip_off = htons(path_mtu_discovery ? IP_DF : 0);
#ifdef __FreeBSD__
h->ip_off = htons(path_mtu_discovery ? IP_DF : 0);
#else
h->ip_off = htons(ip_mtudisc ? IP_DF : 0);
#endif
h->ip_len = htons(len);
h->ip_ttl = ttl ? ttl : ip_defttl;
h->ip_sum = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
ip = mtod(m, struct ip *);
/*
* XXX
@ -1412,7 +1390,7 @@ pf_send_tcp(const struct pf_rule *r, sa_family_t af,
h6->ip6_vfc |= IPV6_VERSION;
h6->ip6_hlim = IPV6_DEFHLIM;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
ip6_output(m, NULL, NULL, 0, NULL, NULL, NULL);
PF_LOCK();
@ -1430,14 +1408,14 @@ pf_send_icmp(struct mbuf *m, u_int8_t type, u_int8_t code, sa_family_t af,
{
struct m_tag *mtag;
struct mbuf *m0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct ip *ip;
#endif
mtag = m_tag_get(PACKET_TAG_PF_GENERATED, 0, M_NOWAIT);
if (mtag == NULL)
return;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
m0 = m_copypacket(m, M_DONTWAIT);
#else
m0 = m_copy(m, 0, M_COPYALL);
@ -1467,7 +1445,7 @@ pf_send_icmp(struct mbuf *m, u_int8_t type, u_int8_t code, sa_family_t af,
switch (af) {
#ifdef INET
case AF_INET:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/* icmp_error() expects host byte ordering */
ip = mtod(m0, struct ip *);
NTOHS(ip->ip_len);
@ -1475,18 +1453,18 @@ pf_send_icmp(struct mbuf *m, u_int8_t type, u_int8_t code, sa_family_t af,
PF_UNLOCK();
#endif
icmp_error(m0, type, code, 0, NULL);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
break;
#endif /* INET */
#ifdef INET6
case AF_INET6:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
icmp6_error(m0, type, code, 0);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
break;
@ -2156,7 +2134,7 @@ pf_socket_lookup(uid_t *uid, gid_t *gid, int direction, sa_family_t af,
{
struct pf_addr *saddr, *daddr;
u_int16_t sport, dport;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct inpcbinfo *pi;
#else
struct inpcbtable *tb;
@ -2169,7 +2147,7 @@ pf_socket_lookup(uid_t *uid, gid_t *gid, int direction, sa_family_t af,
case IPPROTO_TCP:
sport = pd->hdr.tcp->th_sport;
dport = pd->hdr.tcp->th_dport;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
pi = &tcbinfo;
#else
tb = &tcbtable;
@ -2178,7 +2156,7 @@ pf_socket_lookup(uid_t *uid, gid_t *gid, int direction, sa_family_t af,
case IPPROTO_UDP:
sport = pd->hdr.udp->uh_sport;
dport = pd->hdr.udp->uh_dport;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
pi = &udbinfo;
#else
tb = &udbtable;
@ -2201,7 +2179,7 @@ pf_socket_lookup(uid_t *uid, gid_t *gid, int direction, sa_family_t af,
}
switch(af) {
case AF_INET:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#if (__FreeBSD_version >= 500043)
INP_INFO_RLOCK(pi); /* XXX LOR */
#endif
@ -2229,7 +2207,7 @@ pf_socket_lookup(uid_t *uid, gid_t *gid, int direction, sa_family_t af,
break;
#ifdef INET6
case AF_INET6:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#if (__FreeBSD_version >= 500043)
INP_INFO_RLOCK(pi);
#endif
@ -2261,7 +2239,7 @@ pf_socket_lookup(uid_t *uid, gid_t *gid, int direction, sa_family_t af,
default:
return (0);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#if (__FreeBSD_version >= 500043)
INP_LOCK(inp);
#endif
@ -2377,7 +2355,7 @@ pf_calc_mss(struct pf_addr *addr, sa_family_t af, u_int16_t offer)
dst->sin_family = AF_INET;
dst->sin_len = sizeof(*dst);
dst->sin_addr = addr->v4;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#ifdef RTF_PRCLONING
rtalloc_ign(&ro, (RTF_CLONING | RTF_PRCLONING));
#else /* !RTF_PRCLONING */
@ -2397,7 +2375,7 @@ pf_calc_mss(struct pf_addr *addr, sa_family_t af, u_int16_t offer)
dst6->sin6_family = AF_INET6;
dst6->sin6_len = sizeof(*dst6);
dst6->sin6_addr = addr->v6;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#ifdef RTF_PRCLONING
rtalloc_ign((struct route *)&ro6,
(RTF_CLONING | RTF_PRCLONING));
@ -2712,7 +2690,7 @@ pf_test_tcp(struct pf_rule **rm, struct pf_state **sm, int direction,
s->dst.max_win = 1;
s->src.state = TCPS_SYN_SENT;
s->dst.state = TCPS_CLOSED;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
s->creation = time_second;
s->expire = time_second;
#else
@ -2989,7 +2967,7 @@ pf_test_udp(struct pf_rule **rm, struct pf_state **sm, int direction,
}
s->src.state = PFUDPS_SINGLE;
s->dst.state = PFUDPS_NO_TRAFFIC;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
s->creation = time_second;
s->expire = time_second;
#else
@ -3243,7 +3221,7 @@ pf_test_icmp(struct pf_rule **rm, struct pf_state **sm, int direction,
s->gwy.port = icmpid;
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
s->creation = time_second;
s->expire = time_second;
#else
@ -3475,7 +3453,7 @@ pf_test_other(struct pf_rule **rm, struct pf_state **sm, int direction,
}
s->src.state = PFOTHERS_SINGLE;
s->dst.state = PFOTHERS_NO_TRAFFIC;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
s->creation = time_second;
s->expire = time_second;
#else
@ -3839,7 +3817,7 @@ pf_test_state_tcp(struct pf_state **state, int direction, struct ifnet *ifp,
src->state = dst->state = TCPS_TIME_WAIT;
/* update expire time */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
(*state)->expire = time_second;
#else
(*state)->expire = time.tv_sec;
@ -4041,7 +4019,7 @@ pf_test_state_udp(struct pf_state **state, int direction, struct ifnet *ifp,
dst->state = PFUDPS_MULTIPLE;
/* update expire time */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
(*state)->expire = time_second;
#else
(*state)->expire = time.tv_sec;
@ -4136,7 +4114,7 @@ pf_test_state_icmp(struct pf_state **state, int direction, struct ifnet *ifp,
dirndx = (direction == (*state)->direction) ? 0 : 1;
(*state)->packets[dirndx]++;
(*state)->bytes[dirndx] += pd->tot_len;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
(*state)->expire = time_second;
#else
(*state)->expire = time.tv_sec;
@ -4643,7 +4621,7 @@ pf_test_state_other(struct pf_state **state, int direction, struct ifnet *ifp,
dst->state = PFOTHERS_MULTIPLE;
/* update expire time */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
(*state)->expire = time_second;
#else
(*state)->expire = time.tv_sec;
@ -4762,7 +4740,7 @@ pf_routable(struct pf_addr *addr, sa_family_t af)
dst->sin_family = af;
dst->sin_len = sizeof(*dst);
dst->sin_addr = addr->v4;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#ifdef RTF_PRCLONING
rtalloc_ign(&ro, (RTF_CLONING|RTF_PRCLONING));
#else /* !RTF_PRCLONING */
@ -4956,7 +4934,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
struct m_tag *mtag;
struct pf_addr naddr;
int error = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int sw_csum;
#endif
@ -4973,7 +4951,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
goto bad;
m_tag_prepend(m0, mtag);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
m0 = m_dup(*m, M_DONTWAIT);
#else
m0 = m_copym2(*m, 0, M_COPYALL, M_NOWAIT);
@ -5041,7 +5019,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
}
if (oifp != ifp && mtag == NULL) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
if (pf_test(PF_OUT, ifp, &m0) != PF_PASS) {
PF_LOCK();
@ -5062,7 +5040,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
ip = mtod(m0, struct ip *);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/* Copied from FreeBSD 5.1-CURRENT ip_output. */
m0->m_pkthdr.csum_flags |= CSUM_IP;
sw_csum = m0->m_pkthdr.csum_flags & ~ifp->if_hwassist;
@ -5129,7 +5107,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
if (ip->ip_off & htons(IP_DF)) {
ipstat.ips_cantfrag++;
if (r->rt != PF_DUPTO) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/* icmp_error() expects host byte ordering */
NTOHS(ip->ip_len);
NTOHS(ip->ip_off);
@ -5137,7 +5115,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
#endif
icmp_error(m0, ICMP_UNREACH, ICMP_UNREACH_NEEDFRAG, 0,
ifp);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
goto done;
@ -5146,7 +5124,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
}
m1 = m0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX: is cheaper + less error prone than own function
*/
@ -5156,7 +5134,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
#else
error = ip_fragment(m0, ifp, ifp->if_mtu);
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (error)
#else
if (error == EMSGSIZE)
@ -5166,7 +5144,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
for (m0 = m1; m0; m0 = m1) {
m1 = m0->m_nextpkt;
m0->m_nextpkt = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (error == 0) {
PF_UNLOCK();
error = (*ifp->if_output)(ifp, m0, sintosa(dst),
@ -5226,7 +5204,7 @@ pf_route6(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
goto bad;
m_tag_prepend(m0, mtag);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
m0 = m_dup(*m, M_DONTWAIT);
#else
m0 = m_copym2(*m, 0, M_COPYALL, M_NOWAIT);
@ -5256,7 +5234,7 @@ pf_route6(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
if (mtag == NULL)
goto bad;
m_tag_prepend(m0, mtag);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
ip6_output(m0, NULL, NULL, 0, NULL, NULL, NULL);
PF_LOCK();
@ -5292,7 +5270,7 @@ pf_route6(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
if (mtag == NULL)
goto bad;
m_tag_prepend(m0, mtag);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
if (pf_test6(PF_OUT, ifp, &m0) != PF_PASS) {
PF_LOCK();
@ -5318,16 +5296,16 @@ pf_route6(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
if (IN6_IS_ADDR_LINKLOCAL(&dst->sin6_addr))
dst->sin6_addr.s6_addr16[1] = htons(ifp->if_index);
if ((u_long)m0->m_pkthdr.len <= ifp->if_mtu) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
error = nd6_output(ifp, ifp, m0, dst, NULL);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
} else {
in6_ifstat_inc(ifp, ifs6_in_toobig);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (r->rt != PF_DUPTO) {
PF_UNLOCK();
icmp6_error(m0, ICMP6_PACKET_TOO_BIG, 0, ifp->if_mtu);
@ -5353,7 +5331,7 @@ bad:
#endif /* INET6 */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX
* FreeBSD supports cksum offload for the following drivers.
@ -5585,12 +5563,12 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf **m0)
int off;
int pqid = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
if (!pf_status.running ||
(m_tag_find(m, PACKET_TAG_PF_GENERATED, NULL) != NULL)) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
return (PF_PASS);
@ -5805,7 +5783,7 @@ done:
/* pf_route can free the mbuf causing *m0 to become NULL */
pf_route(m0, r, dir, ifp, s);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
@ -5826,13 +5804,13 @@ pf_test6(int dir, struct ifnet *ifp, struct mbuf **m0)
struct pf_pdesc pd;
int off, terminal = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
if (!pf_status.running ||
(m_tag_find(m, PACKET_TAG_PF_GENERATED, NULL) != NULL)) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
return (PF_PASS);
@ -6051,7 +6029,7 @@ done:
/* pf_route6 can free the mbuf causing *m0 to become NULL */
pf_route6(m0, r, dir, ifp, s);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
return (action);

130
sys/contrib/pf/net/pf_ioctl.c
View File

@ -35,7 +35,7 @@
*
*/
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include "opt_inet.h"
#include "opt_inet6.h"
#endif
@ -50,7 +50,7 @@
#include <sys/kernel.h>
#include <sys/time.h>
#include <sys/malloc.h>
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <sys/conf.h>
#else
#include <sys/timeout.h>
@ -82,7 +82,7 @@
#include <altq/altq.h>
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#if (__FreeBSD_version >= 500112)
#include <sys/limits.h>
#else
@ -96,7 +96,7 @@
#include <net/pfil.h>
#endif /* __FreeBSD__ */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
void init_zone_var(void);
void cleanup_pf_zone(void);
int pfattach(void);
@ -111,16 +111,16 @@ int pf_get_ruleset_number(u_int8_t);
void pf_init_ruleset(struct pf_ruleset *);
void pf_mv_pool(struct pf_palist *, struct pf_palist *);
void pf_empty_pool(struct pf_palist *);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int pfioctl(dev_t, u_long, caddr_t, int, struct thread *);
#else
int pfioctl(dev_t, u_long, caddr_t, int, struct proc *);
#endif
#if defined(__FreeBSD__)
extern struct callout pf_expire_to;
#ifdef __FreeBSD__
extern struct callout pf_expire_to;
#if __FreeBSD_version < 501108
extern struct protosw inetsw[];
extern struct protosw inetsw[];
#endif
#else
extern struct timeout pf_expire_to;
@ -134,7 +134,7 @@ TAILQ_HEAD(pf_tags, pf_tagname) pf_tags = TAILQ_HEAD_INITIALIZER(pf_tags);
#define DPFPRINTF(n, x) if (pf_status.debug >= (n)) printf x
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
static dev_t pf_dev;
/*
@ -142,7 +142,7 @@ static dev_t pf_dev;
*/
static int pf_beginrules(void *addr);
static int pf_commitrules(void *addr);
#if defined(ALTQ)
#ifdef ALTQ
static int pf_beginaltqs(void *addr);
static int pf_commitaltqs(void *addr);
static int pf_stopaltq(void);
@ -158,7 +158,7 @@ static int pf_check_in(void *ip, int hlen, struct ifnet *ifp, int dir,
struct mbuf **m);
static int pf_check_out(void *ip, int hlen, struct ifnet *ifp, int dir,
struct mbuf **m);
#if defined(INET6)
#ifdef INET6
static int pf_check6_in(void *ip, int hlen, struct ifnet *ifp, int dir,
struct mbuf **m);
static int pf_check6_out(void *ip, int hlen, struct ifnet *ifp, int dir,
@ -169,7 +169,7 @@ static int pf_check_in(void *arg, struct mbuf **m, struct ifnet *ifp,
int dir);
static int pf_check_out(void *arg, struct mbuf **m, struct ifnet *ifp,
int dir);
#if defined(INET6)
#ifdef INET6
static int pf_check6_in(void *arg, struct mbuf **m, struct ifnet *ifp,
int dir);
static int pf_check6_out(void *arg, struct mbuf **m, struct ifnet *ifp,
@ -220,9 +220,7 @@ static struct cdevsw pf_cdevsw = {
.d_version = D_VERSION,
#endif
};
#endif /* __FreeBSD__ */
#if defined(__FreeBSD__)
static volatile int pf_pfil_hooked = 0;
struct mtx pf_task_mtx;
@ -279,9 +277,7 @@ cleanup_pf_zone(void)
UMA_DESTROY(pfr_kentry_pl);
UMA_DESTROY(pf_state_scrub_pl);
}
#endif /* __FreeBSD__ */
#if defined(__FreeBSD__)
int
pfattach(void)
{
@ -433,9 +429,7 @@ pfattach(int num)
pf_normalize_init();
pf_status.debug = PF_DEBUG_URGENT;
}
#endif /* __FreeBSD__ */
#if !defined(__FreeBSD__)
int
pfopen(dev_t dev, int flags, int fmt, struct proc *p)
{
@ -443,9 +437,7 @@ pfopen(dev_t dev, int flags, int fmt, struct proc *p)
return (ENXIO);
return (0);
}
#endif
#if !defined(__FreeBSD__)
int
pfclose(dev_t dev, int flags, int fmt, struct proc *p)
{
@ -453,7 +445,7 @@ pfclose(dev_t dev, int flags, int fmt, struct proc *p)
return (ENXIO);
return (0);
}
#endif
#endif /* __FreeBSD__ */
struct pf_pool *
pf_get_pool(char *anchorname, char *rulesetname, u_int32_t ticket,
@ -786,7 +778,7 @@ pf_tag_unref(u_int16_t tag)
}
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int
pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct thread *td)
#else
@ -835,7 +827,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
case DIOCRCLRASTATS:
case DIOCRTSTADDRS:
case DIOCOSFPGET:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
case DIOCGIFSPEED:
#endif
break;
@ -867,7 +859,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
case DIOCRGETASTATS:
case DIOCRTSTADDRS:
case DIOCOSFPGET:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
case DIOCGIFSPEED:
#endif
break;
@ -875,7 +867,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
return (EACCES);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
@ -886,7 +878,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
error = EEXIST;
else {
u_int32_t states = pf_status.states;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
error = hook_pf();
PF_LOCK();
@ -899,7 +891,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
bzero(&pf_status, sizeof(struct pf_status));
pf_status.running = 1;
pf_status.states = states;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
pf_status.since = time_second;
#else
pf_status.since = time.tv_sec;
@ -921,7 +913,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
error = ENOENT;
else {
pf_status.running = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
error = dehook_pf();
PF_LOCK();
@ -1440,7 +1432,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
state->nat_rule.ptr = NULL;
state->anchor.ptr = NULL;
state->rt_ifp = NULL;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
state->creation = time_second;
#else
state->creation = time.tv_sec;
@ -1480,7 +1472,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
-1 : n->state->anchor.ptr->nr;
splx(s);
ps->state.expire = pf_state_expires(n->state);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (ps->state.expire > time_second)
ps->state.expire -= time_second;
#else
@ -1505,7 +1497,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
nr++;
splx(s);
ps->ps_len = sizeof(struct pf_state) * nr;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
return (0);
@ -1514,7 +1506,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
s = splsoftnet();
p = ps->ps_states;
RB_FOREACH(n, pf_state_tree, &tree_ext_gwy) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int secs = time_second;
#else
int secs = time.tv_sec;
@ -1535,7 +1527,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
pstore.expire -= secs;
else
pstore.expire = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&pstore, p, sizeof(*p), error);
#else
error = copyout(&pstore, p, sizeof(*p));
@ -1696,7 +1688,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
error = EINVAL;
goto fail;
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
uma_zone_set_max(pf_pool_limits[pl->index].pp, pl->limit);
#else
if (pool_sethardlimit(pf_pool_limits[pl->index].pp,
@ -1731,7 +1723,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
break;
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
case DIOCGIFSPEED: {
struct pf_ifspeed *psp = (struct pf_ifspeed *)addr;
struct pf_ifspeed ps;
@ -1777,7 +1769,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
break;
}
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (error == 0) {
mtx_lock(&pf_altq_mtx);
pfaltq_running = 1;
@ -1818,7 +1810,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
error = err;
}
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (error == 0) {
mtx_lock(&pf_altq_mtx);
pfaltq_running = 0;
@ -1842,11 +1834,11 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
TAILQ_REMOVE(pf_altqs_inactive, altq, entries);
if (altq->qname[0] == 0) {
/* detach and destroy the discipline */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
error = altq_remove(altq);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
}
@ -1885,11 +1877,11 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
}
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
error = altq_add(altq);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
if (error) {
@ -1926,11 +1918,11 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
TAILQ_FOREACH(altq, pf_altqs_active, entries) {
if (altq->qname[0] == 0) {
/* attach the discipline */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
error = altq_pfattach(altq);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
if (error) {
@ -1945,7 +1937,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
TAILQ_REMOVE(pf_altqs_inactive, altq, entries);
if (altq->qname[0] == 0) {
/* detach and destroy the discipline */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
err = altq_pfdetach(altq);
@ -1954,7 +1946,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
err = altq_remove(altq);
if (err != 0 && error == 0)
error = err;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
}
@ -2042,11 +2034,11 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
splx(s);
break;
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
error = altq_getqstats(altq, pq->buf, &nbytes);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
splx(s);
@ -2580,13 +2572,13 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
break;
}
fail:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
return (error);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX - Check for version missmatch!!!
*/
@ -2672,7 +2664,7 @@ pf_commitrules(void *addr)
return (error);
}
#if defined(ALTQ)
#ifdef ALTQ
static int
pf_beginaltqs(void *addr)
{
@ -2684,12 +2676,12 @@ pf_beginaltqs(void *addr)
while ((altq = TAILQ_FIRST(pf_altqs_inactive)) != NULL) {
TAILQ_REMOVE(pf_altqs_inactive, altq, entries);
if (altq->qname[0] == 0) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
/* detach and destroy the discipline */
error = altq_remove(altq);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
}
@ -2729,11 +2721,11 @@ pf_commitaltqs(void *addr)
TAILQ_FOREACH(altq, pf_altqs_active, entries) {
if (altq->qname[0] == 0) {
/* attach the discipline */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
error = altq_pfattach(altq);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
if (error) {
@ -2748,7 +2740,7 @@ pf_commitaltqs(void *addr)
TAILQ_REMOVE(pf_altqs_inactive, altq, entries);
if (altq->qname[0] == 0) {
/* detach and destroy the discipline */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_UNLOCK();
#endif
err = altq_pfdetach(altq);
@ -2757,7 +2749,7 @@ pf_commitaltqs(void *addr)
err = altq_remove(altq);
if (err != 0 && error == 0)
error = err;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_LOCK();
#endif
}
@ -2813,7 +2805,7 @@ pf_stopaltq(void)
error = err;
}
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (error == 0) {
mtx_lock(&pf_altq_mtx);
pfaltq_running = 0;
@ -2860,7 +2852,7 @@ static int
shutdown_pf(void)
{
struct pfioc_rule pr;
#if defined(ALTQ)
#ifdef ALTQ
struct pfioc_altq pa;
#endif
struct pfioc_table io;
@ -2871,7 +2863,7 @@ shutdown_pf(void)
PF_LOCK();
pf_status.running = 0;
do {
#if defined(ALTQ)
#ifdef ALTQ
if ((error = pf_stopaltq())) {
DPFPRINTF(PF_DEBUG_MISC,
("ALTQ: stop(%i)\n", error));
@ -2943,7 +2935,7 @@ shutdown_pf(void)
break;
}
#if defined(ALTQ)
#ifdef ALTQ
bzero(&pa, sizeof(pa));
if ((error = pf_beginaltqs(&pa))) {
DPFPRINTF(PF_DEBUG_MISC,
@ -3104,7 +3096,7 @@ hook_pf(void)
{
#if (__FreeBSD_version >= 501108)
struct pfil_head *pfh_inet;
#if defined(INET6)
#ifdef INET6
struct pfil_head *pfh_inet6;
#endif
#endif
@ -3126,7 +3118,7 @@ hook_pf(void)
&inetsw[ip_protox[IPPROTO_IP]].pr_pfh);
pfil_add_hook(pf_check_out, PFIL_OUT,
&inetsw[ip_protox[IPPROTO_IP]].pr_pfh);
#if defined(INET6)
#ifdef INET6
pfil_add_hook(pf_check6_in, PFIL_IN,
&inet6sw[ip6_protox[IPPROTO_IPV6]].pr_pfh);
pfil_add_hook(pf_check6_out, PFIL_OUT,
@ -3138,7 +3130,7 @@ hook_pf(void)
return (ESRCH); /* XXX */
pfil_add_hook(pf_check_in, NULL, PFIL_IN | PFIL_WAITOK, pfh_inet);
pfil_add_hook(pf_check_out, NULL, PFIL_OUT | PFIL_WAITOK, pfh_inet);
#if defined(INET6)
#ifdef INET6
pfh_inet6 = pfil_head_get(PFIL_TYPE_AF, AF_INET6);
if (pfh_inet6 == NULL) {
pfil_remove_hook(pf_check_in, NULL, PFIL_IN | PFIL_WAITOK,
@ -3161,7 +3153,7 @@ dehook_pf(void)
{
#if (__FreeBSD_version >= 501108)
struct pfil_head *pfh_inet;
#if defined(INET6)
#ifdef INET6
struct pfil_head *pfh_inet6;
#endif
#endif
@ -3176,7 +3168,7 @@ dehook_pf(void)
&inetsw[ip_protox[IPPROTO_IP]].pr_pfh);
pfil_remove_hook(pf_check_out, PFIL_OUT,
&inetsw[ip_protox[IPPROTO_IP]].pr_pfh);
#if defined(INET6)
#ifdef INET6
pfil_remove_hook(pf_check6_in, PFIL_IN,
&inet6sw[ip6_protox[IPPROTO_IPV6]].pr_pfh);
pfil_remove_hook(pf_check6_out, PFIL_OUT,
@ -3190,7 +3182,7 @@ dehook_pf(void)
pfh_inet);
pfil_remove_hook(pf_check_out, NULL, PFIL_OUT | PFIL_WAITOK,
pfh_inet);
#if defined(INET6)
#ifdef INET6
pfh_inet6 = pfil_head_get(PFIL_TYPE_AF, AF_INET6);
if (pfh_inet6 == NULL)
return (ESRCH); /* XXX */
@ -3216,7 +3208,7 @@ pf_load(void)
destroy_pf_mutex();
return (ENOMEM);
}
#if defined(ALTQ)
#ifdef ALTQ
mtx_lock(&pf_altq_mtx);
++pfaltq_ref;
mtx_unlock(&pf_altq_mtx);
@ -3246,7 +3238,7 @@ pf_unload(void)
cleanup_pf_zone();
pf_osfp_cleanup();
destroy_dev(pf_dev);
#if defined(ALTQ)
#ifdef ALTQ
mtx_lock(&pf_altq_mtx);
--pfaltq_ref;
mtx_unlock(&pf_altq_mtx);
@ -3284,7 +3276,7 @@ static moduledata_t pf_mod = {
DECLARE_MODULE(pf, pf_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
MODULE_DEPEND(pf, pflog, PFLOG_MINVER, PFLOG_PREFVER, PFLOG_MAXVER);
MODULE_DEPEND(pf, pfsync, PFSYNC_MINVER, PFSYNC_PREFVER, PFSYNC_MAXVER);
#if defined(ALTQ)
#ifdef ALTQ
MODULE_DEPEND(pf, pfaltq, PFALTQ_MINVER, PFALTQ_PREFVER, PFALTQ_MAXVER);
#endif
MODULE_VERSION(pf, PF_MODVER);

58
sys/contrib/pf/net/pf_norm.c
View File

@ -26,12 +26,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include "opt_inet.h"
#include "opt_inet6.h"
#include "opt_random_ip_id.h" /* or ip_var does not export it */
#include "opt_pf.h"
#define NPFLOG DEV_PFLOG
#define NPFLOG DEV_PFLOG
#else
#include "pflog.h"
#endif
@ -44,11 +44,9 @@
#include <sys/socket.h>
#include <sys/kernel.h>
#include <sys/time.h>
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
#include <sys/pool.h>
#endif
#if !defined(__FreeBSD__)
#include <dev/rndvar.h>
#endif
#include <net/if.h>
@ -115,7 +113,7 @@ struct ip6_opt_router {
} __packed;
#endif /* __FreeBSD__ && INET6 */
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
struct pf_frent {
LIST_ENTRY(pf_frent) fr_next;
struct ip *fr_ip;
@ -134,7 +132,7 @@ struct pf_frcache {
#define PFFRAG_DROP 0x0004 /* Drop all fragments */
#define BUFFER_FRAGMENTS(fr) (!((fr)->fr_flags & PFFRAG_NOBUFFER))
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
struct pf_fragment {
RB_ENTRY(pf_fragment) fr_entry;
TAILQ_ENTRY(pf_fragment) frag_next;
@ -184,7 +182,7 @@ int pf_normalize_tcpopt(struct pf_rule *, struct mbuf *,
{ printf("%s: ", __func__); printf x ;}
/* Globals */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
uma_zone_t pf_frent_pl, pf_frag_pl, pf_cache_pl, pf_cent_pl;
uma_zone_t pf_state_scrub_pl;
#else
@ -196,7 +194,7 @@ int pf_nfrents, pf_ncache;
void
pf_normalize_init(void)
{
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX
* No high water mark support(It's hint not hard limit).
@ -227,7 +225,7 @@ pf_normalize_init(void)
TAILQ_INIT(&pf_cachequeue);
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
static int
#else
static __inline int
@ -255,7 +253,7 @@ void
pf_purge_expired_fragments(void)
{
struct pf_fragment *frag;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
u_int32_t expire = time_second -
pf_default_rule.timeout[PFTM_FRAG];
#else
@ -264,7 +262,7 @@ pf_purge_expired_fragments(void)
#endif
while ((frag = TAILQ_LAST(&pf_fragqueue, pf_fragqueue)) != NULL) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((BUFFER_FRAGMENTS(frag)),
("BUFFER_FRAGMENTS(frag) == 0: %s", __FUNCTION__));
#else
@ -278,7 +276,7 @@ pf_purge_expired_fragments(void)
}
while ((frag = TAILQ_LAST(&pf_cachequeue, pf_cachequeue)) != NULL) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((!BUFFER_FRAGMENTS(frag)),
("BUFFER_FRAGMENTS(frag) != 0: %s", __FUNCTION__));
#else
@ -289,7 +287,7 @@ pf_purge_expired_fragments(void)
DPFPRINTF(("expiring %d(%p)\n", frag->fr_id, frag));
pf_free_fragment(frag);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((TAILQ_EMPTY(&pf_cachequeue) ||
TAILQ_LAST(&pf_cachequeue, pf_cachequeue) != frag),
("!(TAILQ_EMPTY() || TAILQ_LAST() == farg): %s",
@ -356,7 +354,7 @@ pf_free_fragment(struct pf_fragment *frag)
frcache = LIST_FIRST(&frag->fr_cache)) {
LIST_REMOVE(frcache, fr_next);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((LIST_EMPTY(&frag->fr_cache) ||
LIST_FIRST(&frag->fr_cache)->fr_off >
frcache->fr_end),
@ -396,7 +394,7 @@ pf_find_fragment(struct ip *ip, struct pf_frag_tree *tree)
frag = RB_FIND(pf_frag_tree, tree, &key);
if (frag != NULL) {
/* XXX Are we sure we want to update the timeout? */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
frag->fr_timeout = time_second;
#else
frag->fr_timeout = time.tv_sec;
@ -443,7 +441,7 @@ pf_reassemble(struct mbuf **m0, struct pf_fragment **frag,
u_int16_t ip_len = ntohs(ip->ip_len) - ip->ip_hl * 4;
u_int16_t max = ip_len + off;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((*frag == NULL || BUFFER_FRAGMENTS(*frag)),
("! (*frag == NULL || BUFFER_FRAGMENTS(*frag)): %s", __FUNCTION__));
#else
@ -470,7 +468,7 @@ pf_reassemble(struct mbuf **m0, struct pf_fragment **frag,
(*frag)->fr_dst = frent->fr_ip->ip_dst;
(*frag)->fr_p = frent->fr_ip->ip_p;
(*frag)->fr_id = frent->fr_ip->ip_id;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
(*frag)->fr_timeout = time_second;
#else
(*frag)->fr_timeout = time.tv_sec;
@ -495,7 +493,7 @@ pf_reassemble(struct mbuf **m0, struct pf_fragment **frag,
frep = frea;
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((frep != NULL || frea != NULL),
("!(frep != NULL || frea != NULL): %s", __FUNCTION__));;
#else
@ -585,7 +583,7 @@ pf_reassemble(struct mbuf **m0, struct pf_fragment **frag,
/* We have all the data */
frent = LIST_FIRST(&(*frag)->fr_queue);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((frent != NULL), ("frent == NULL: %s", __FUNCTION__));
#else
KASSERT(frent != NULL);
@ -658,7 +656,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
u_int16_t max = ip_len + off;
int hosed = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((*frag == NULL || !BUFFER_FRAGMENTS(*frag)),
("!(*frag == NULL || !BUFFER_FRAGMENTS(*frag)): %s", __FUNCTION__));
#else
@ -690,7 +688,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
(*frag)->fr_dst = h->ip_dst;
(*frag)->fr_p = h->ip_p;
(*frag)->fr_id = h->ip_id;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
(*frag)->fr_timeout = time_second;
#else
(*frag)->fr_timeout = time.tv_sec;
@ -720,7 +718,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
frp = fra;
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((frp != NULL || fra != NULL),
("!(frp != NULL || fra != NULL): %s", __FUNCTION__));
#else
@ -767,7 +765,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
* than this mbuf magic. For my next trick,
* I'll pull a rabbit out of my laptop.
*/
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
*m0 = m_dup(m, M_DONTWAIT);
/* From KAME Project : We have missed this! */
m_adj(*m0, (h->ip_hl << 2) -
@ -777,7 +775,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
#endif
if (*m0 == NULL)
goto no_mem;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT(((*m0)->m_next == NULL),
("(*m0)->m_next != NULL: %s",
__FUNCTION__));
@ -798,7 +796,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
h = mtod(m, struct ip *);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT(((int)m->m_len == ntohs(h->ip_len) - precut),
("m->m_len != ntohs(h->ip_len) - precut: %s",
__FUNCTION__));
@ -859,7 +857,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
m->m_pkthdr.len = plen;
}
h = mtod(m, struct ip *);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT(((int)m->m_len == ntohs(h->ip_len) - aftercut),
("m->m_len != ntohs(h->ip_len) - aftercut: %s",
__FUNCTION__));
@ -903,7 +901,7 @@ pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff,
} else if (frp && fra->fr_off <= frp->fr_end) {
/* Need to merge in a modified 'frp' */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((cur == NULL), ("cur != NULL: %s",
__FUNCTION__));
#else
@ -1478,7 +1476,7 @@ pf_normalize_tcp_init(struct mbuf *m, int off, struct pf_pdesc *pd,
u_int8_t hdr[60];
u_int8_t *opt;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((src->scrub == NULL),
("pf_normalize_tcp_init: src->scrub != NULL"));
#else
@ -1567,7 +1565,7 @@ pf_normalize_tcp_stateful(struct mbuf *m, int off, struct pf_pdesc *pd,
u_int8_t *opt;
int copyback = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
KASSERT((src->scrub || dst->scrub),
("pf_normalize_tcp_statefull: src->scrub && dst->scrub!"));
#else

10
sys/contrib/pf/net/pf_osfp.c
View File

@ -41,7 +41,7 @@
# define DPFPRINTF(format, x...) \
if (pf_status.debug >= PF_DEBUG_NOISY) \
printf(format , ##x)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
typedef uma_zone_t pool_t;
#else
typedef struct pool pool_t;
@ -59,7 +59,7 @@ typedef struct pool pool_t;
# define pool_put(pool, item) free(item)
# define pool_init(pool, size, a, ao, f, m, p) (*(pool)) = (size)
# if defined(__FreeBSD__)
# ifdef __FreeBSD__
# define NTOHS(x) (x) = ntohs((u_int16_t)(x))
# endif
@ -236,7 +236,7 @@ pf_osfp_match(struct pf_osfp_enlist *list, pf_osfp_t os)
}
/* Initialize the OS fingerprint system */
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int
#else
void
@ -259,8 +259,8 @@ pf_osfp_initialize(void)
"pfosfp", NULL);
#endif
SLIST_INIT(&pf_osfp_list);
#if defined(__FreeBSD__)
#if defined(_KERNEL)
#ifdef __FreeBSD__
#ifdef _KERNEL
return (error);
#else
return (0);

112
sys/contrib/pf/net/pf_table.c
View File

@ -31,7 +31,7 @@
*
*/
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include "opt_inet.h"
#include "opt_inet6.h"
#endif
@ -41,23 +41,19 @@
#include <sys/socket.h>
#include <sys/mbuf.h>
#include <sys/kernel.h>
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <sys/malloc.h>
#endif
#include <net/if.h>
#include <net/route.h>
#include <netinet/in.h>
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
#include <netinet/ip_ipsp.h>
#endif
#include <net/pfvar.h>
#if defined(FreeBSD__)
MALLOC_DECLARE(M_RTABLE);
#endif
#define ACCEPT_FLAGS(oklist) \
do { \
if ((flags & ~(oklist)) & \
@ -125,7 +121,7 @@ struct pfr_walktree {
#define senderr(e) do { rv = (e); goto _bad; } while (0)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
uma_zone_t pfr_ktable_pl;
uma_zone_t pfr_kentry_pl;
#else
@ -193,7 +189,7 @@ int pfr_ktable_cnt;
void
pfr_initialize(void)
{
#if !defined(__FreeBSD__)
#ifndef __FreeBSD__
pool_init(&pfr_ktable_pl, sizeof(struct pfr_ktable), 0, 0, 0,
"pfrktable", NULL);
pool_init(&pfr_kentry_pl, sizeof(struct pfr_kentry), 0, 0, 0,
@ -249,7 +245,7 @@ pfr_add_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
struct pfr_kentry *p, *q;
struct pfr_addr ad;
int i, rv, s, xadd = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
/*
* XXX Is it OK under LP64 environments?
@ -272,7 +268,7 @@ pfr_add_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
return (ENOMEM);
SLIST_INIT(&workq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(addr+i, &ad, sizeof(ad), ec);
if (ec)
senderr(EFAULT);
@ -306,7 +302,7 @@ pfr_add_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
xadd++;
}
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (flags & PFR_FLAG_FEEDBACK) {
PF_COPYOUT(&ad, addr+i, sizeof(ad), ec);
if (ec)
@ -349,7 +345,7 @@ pfr_del_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
struct pfr_kentry *p;
struct pfr_addr ad;
int i, rv, s, xdel = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
@ -364,7 +360,7 @@ pfr_del_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
pfr_mark_addrs(kt);
SLIST_INIT(&workq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(addr+i, &ad, sizeof(ad), ec);
if (ec)
senderr(EFAULT);
@ -391,7 +387,7 @@ pfr_del_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
SLIST_INSERT_HEAD(&workq, p, pfrke_workq);
xdel++;
}
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (flags & PFR_FLAG_FEEDBACK) {
PF_COPYOUT(&ad, addr+i, sizeof(ad), ec);
if (ec)
@ -428,7 +424,7 @@ pfr_set_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
struct pfr_kentry *p, *q;
struct pfr_addr ad;
int i, rv, s, xadd = 0, xdel = 0, xchange = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
/*
* XXX Is it OK under LP64 environments?
@ -454,7 +450,7 @@ pfr_set_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
SLIST_INIT(&delq);
SLIST_INIT(&changeq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(addr+i, &ad, sizeof(ad), ec);
if (ec)
senderr(EFAULT);
@ -496,7 +492,7 @@ pfr_set_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
}
}
_skip:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (flags & PFR_FLAG_FEEDBACK) {
PF_COPYOUT(&ad, addr+i, sizeof(ad), ec);
if (ec)
@ -518,7 +514,7 @@ _skip:
SLIST_FOREACH(p, &delq, pfrke_workq) {
pfr_copyout_addr(&ad, p);
ad.pfra_fback = PFR_FB_DELETED;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&ad, addr+size+i, sizeof(ad), ec);
if (ec)
senderr(EFAULT);
@ -567,7 +563,7 @@ pfr_tst_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
struct pfr_kentry *p;
struct pfr_addr ad;
int i, xmatch = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
@ -579,7 +575,7 @@ pfr_tst_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
return (ESRCH);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(addr+i, &ad, sizeof(ad), ec);
if (ec)
return (EFAULT);
@ -598,7 +594,7 @@ pfr_tst_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
(p->pfrke_not ? PFR_FB_NOTMATCH : PFR_FB_MATCH);
if (p != NULL && !p->pfrke_not)
xmatch++;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&ad, addr+i, sizeof(ad), ec);
if (ec)
return (EFAULT);
@ -635,13 +631,13 @@ pfr_get_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int *size,
w.pfrw_op = PFRW_GET_ADDRS;
w.pfrw_addr = addr;
w.pfrw_free = kt->pfrkt_cnt;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
rv = kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
#else
rv = rn_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
#endif
if (!rv)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
rv = kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree,
&w);
#else
@ -667,7 +663,7 @@ pfr_get_astats(struct pfr_table *tbl, struct pfr_astats *addr, int *size,
struct pfr_walktree w;
struct pfr_kentryworkq workq;
int rv, s;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX Is it OK under LP64 environments?
*/
@ -693,13 +689,13 @@ pfr_get_astats(struct pfr_table *tbl, struct pfr_astats *addr, int *size,
w.pfrw_free = kt->pfrkt_cnt;
if (flags & PFR_FLAG_ATOMIC)
s = splsoftnet();
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
rv = kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
#else
rv = rn_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
#endif
if (!rv)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
rv = kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree,
&w);
#else
@ -732,7 +728,7 @@ pfr_clr_astats(struct pfr_table *tbl, struct pfr_addr *addr, int size,
struct pfr_kentry *p;
struct pfr_addr ad;
int i, rv, s, xzero = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
@ -744,7 +740,7 @@ pfr_clr_astats(struct pfr_table *tbl, struct pfr_addr *addr, int size,
return (ESRCH);
SLIST_INIT(&workq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(addr+i, &ad, sizeof(ad), ec);
if (ec)
senderr(EFAULT);
@ -758,7 +754,7 @@ pfr_clr_astats(struct pfr_table *tbl, struct pfr_addr *addr, int size,
if (flags & PFR_FLAG_FEEDBACK) {
ad.pfra_fback = (p != NULL) ?
PFR_FB_CLEARED : PFR_FB_NONE;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&ad, addr+i, sizeof(ad), ec);
if (ec)
senderr(EFAULT);
@ -830,7 +826,7 @@ pfr_enqueue_addrs(struct pfr_ktable *kt, struct pfr_kentryworkq *workq,
w.pfrw_op = sweep ? PFRW_SWEEP : PFRW_ENQUEUE;
w.pfrw_workq = workq;
if (kt->pfrkt_ip4 != NULL)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree,
&w))
#else
@ -838,7 +834,7 @@ pfr_enqueue_addrs(struct pfr_ktable *kt, struct pfr_kentryworkq *workq,
#endif
printf("pfr_enqueue_addrs: IPv4 walktree failed.\n");
if (kt->pfrkt_ip6 != NULL)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree,
&w))
#else
@ -856,13 +852,13 @@ pfr_mark_addrs(struct pfr_ktable *kt)
bzero(&w, sizeof(w));
w.pfrw_op = PFRW_MARK;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w))
#else
if (rn_walktree(kt->pfrkt_ip4, pfr_walktree, &w))
#endif
printf("pfr_mark_addrs: IPv4 walktree failed.\n");
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
if (kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree, &w))
#else
if (rn_walktree(kt->pfrkt_ip6, pfr_walktree, &w))
@ -1014,12 +1010,12 @@ pfr_reset_feedback(struct pfr_addr *addr, int size)
{
struct pfr_addr ad;
int i;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(addr+i, &ad, sizeof(ad), ec);
if (ec)
break;
@ -1028,7 +1024,7 @@ pfr_reset_feedback(struct pfr_addr *addr, int size)
break;
#endif
ad.pfra_fback = PFR_FB_NONE;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&ad, addr+i, sizeof(ad), ec);
if (ec)
break;
@ -1150,7 +1146,7 @@ pfr_walktree(struct radix_node *rn, void *arg)
struct pfr_kentry *ke = (struct pfr_kentry *)rn;
struct pfr_walktree *w = arg;
int s;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
@ -1171,7 +1167,7 @@ pfr_walktree(struct radix_node *rn, void *arg)
struct pfr_addr ad;
pfr_copyout_addr(&ad, ke);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&ad, w->pfrw_addr, sizeof(ad), ec);
if (ec)
return (EFAULT);
@ -1196,7 +1192,7 @@ pfr_walktree(struct radix_node *rn, void *arg)
splx(s);
as.pfras_tzero = ke->pfrke_tzero;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&as, w->pfrw_astats, sizeof(as), ec);
if (ec)
return (EFAULT);
@ -1258,7 +1254,7 @@ pfr_add_tables(struct pfr_table *tbl, int size, int *nadd, int flags)
struct pfr_ktableworkq addq, changeq;
struct pfr_ktable *p, *q, *r, key;
int i, rv, s, xadd = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
/*
* XXX Is it OK under LP64 environments?
@ -1272,7 +1268,7 @@ pfr_add_tables(struct pfr_table *tbl, int size, int *nadd, int flags)
SLIST_INIT(&addq);
SLIST_INIT(&changeq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(tbl+i, &key.pfrkt_t, sizeof(key.pfrkt_t), ec);
if (ec)
senderr(EFAULT);
@ -1352,14 +1348,14 @@ pfr_del_tables(struct pfr_table *tbl, int size, int *ndel, int flags)
struct pfr_ktableworkq workq;
struct pfr_ktable *p, *q, key;
int i, s, xdel = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
ACCEPT_FLAGS(PFR_FLAG_ATOMIC+PFR_FLAG_DUMMY);
SLIST_INIT(&workq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(tbl+i, &key.pfrkt_t, sizeof(key.pfrkt_t), ec);
if (ec)
return (EFAULT);
@ -1400,7 +1396,7 @@ pfr_get_tables(struct pfr_table *filter, struct pfr_table *tbl, int *size,
{
struct pfr_ktable *p;
int n, nn;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
@ -1417,7 +1413,7 @@ pfr_get_tables(struct pfr_table *filter, struct pfr_table *tbl, int *size,
continue;
if (n-- <= 0)
continue;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&p->pfrkt_t, tbl++, sizeof(*tbl), ec);
if (ec)
return (EFAULT);
@ -1441,7 +1437,7 @@ pfr_get_tstats(struct pfr_table *filter, struct pfr_tstats *tbl, int *size,
struct pfr_ktable *p;
struct pfr_ktableworkq workq;
int s, n, nn;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
/*
* XXX Is it OK under LP64 environments?
@ -1470,7 +1466,7 @@ pfr_get_tstats(struct pfr_table *filter, struct pfr_tstats *tbl, int *size,
continue;
if (!(flags & PFR_FLAG_ATOMIC))
s = splsoftnet();
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYOUT(&p->pfrkt_ts, tbl++, sizeof(*tbl), ec);
if (ec) {
splx(s);
@ -1505,7 +1501,7 @@ pfr_clr_tstats(struct pfr_table *tbl, int size, int *nzero, int flags)
struct pfr_ktableworkq workq;
struct pfr_ktable *p, key;
int i, s, xzero = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
/*
* XXX Is it OK under LP64 environments?
@ -1518,7 +1514,7 @@ pfr_clr_tstats(struct pfr_table *tbl, int size, int *nzero, int flags)
ACCEPT_FLAGS(PFR_FLAG_ATOMIC+PFR_FLAG_DUMMY+PFR_FLAG_ADDRSTOO);
SLIST_INIT(&workq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(tbl+i, &key.pfrkt_t, sizeof(key.pfrkt_t), ec);
if (ec)
return (EFAULT);
@ -1553,7 +1549,7 @@ pfr_set_tflags(struct pfr_table *tbl, int size, int setflag, int clrflag,
struct pfr_ktableworkq workq;
struct pfr_ktable *p, *q, key;
int i, s, xchange = 0, xdel = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
@ -1564,7 +1560,7 @@ pfr_set_tflags(struct pfr_table *tbl, int size, int setflag, int clrflag,
return (EINVAL);
SLIST_INIT(&workq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(tbl+i, &key.pfrkt_t, sizeof(key.pfrkt_t), ec);
if (ec)
return (EFAULT);
@ -1652,7 +1648,7 @@ pfr_ina_define(struct pfr_table *tbl, struct pfr_addr *addr, int size,
struct pfr_addr ad;
struct pf_ruleset *rs;
int i, rv, xadd = 0, xaddr = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int ec;
#endif
@ -1701,7 +1697,7 @@ _skip:
}
SLIST_INIT(&addrq);
for (i = 0; i < size; i++) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
PF_COPYIN(addr+i, &ad, sizeof(ad), ec);
if (ec)
senderr(EFAULT);
@ -1757,7 +1753,7 @@ pfr_ina_commit(struct pfr_table *trs, u_int32_t ticket, int *nadd,
struct pfr_ktableworkq workq;
struct pf_ruleset *rs;
int s, xadd = 0, xchange = 0;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX Is it OK under LP64 environments?
*/
@ -2192,7 +2188,7 @@ pfr_attach_table(struct pf_ruleset *rs, char *name)
}
kt = pfr_lookup_table(&tbl);
if (kt == NULL) {
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
/*
* XXX Is it OK under LP64 environments?
*/
@ -2323,14 +2319,14 @@ pfr_kentry_byidx(struct pfr_ktable *kt, int idx, int af)
switch(af) {
case AF_INET:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
#else
rn_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
#endif
return w.pfrw_kentry;
case AF_INET6:
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree, &w);
#else
rn_walktree(kt->pfrkt_ip6, pfr_walktree, &w);

26
sys/contrib/pf/net/pfvar.h
View File

@ -39,13 +39,13 @@
#include <sys/tree.h>
#include <net/radix.h>
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <vm/uma.h>
#else
#include <netinet/ip_ipsp.h>
#endif
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#include <netinet/in.h>
/*
* XXX
@ -134,13 +134,15 @@ struct pf_addr_wrap {
u_int8_t type; /* PF_ADDR_* */
};
#ifdef _KERNEL
struct pf_addr_dyn {
char ifname[IFNAMSIZ];
struct ifnet *ifp;
struct pf_addr *addr;
sa_family_t af;
#if defined(__FreeBSD__) && defined(HOOK_HACK)
eventhandler_tag hook_cookie;
#ifdef __FreeBSD__
eventhandler_tag hook_cookie;
#else
void *hook_cookie;
#endif
@ -151,9 +153,7 @@ struct pf_addr_dyn {
* Address manipulation macros
*/
#ifdef _KERNEL
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
#define splsoftnet() splnet()
#define HTONL(x) (x) = htonl((__uint32_t)(x))
@ -175,7 +175,7 @@ struct pf_addr_dyn {
if(var) uma_zdestroy(var)
extern struct mtx pf_task_mtx;
#if defined(ALTQ)
#ifdef ALTQ
extern struct mtx pf_altq_mtx;
extern int pfaltq_ref;
#endif
@ -1190,7 +1190,7 @@ struct pfioc_table {
#define DIOCOSFPFLUSH _IO('D', 78)
#define DIOCOSFPADD _IOWR('D', 79, struct pf_osfp_ioctl)
#define DIOCOSFPGET _IOWR('D', 80, struct pf_osfp_ioctl)
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct pf_ifspeed {
char ifname[IFNAMSIZ];
u_int32_t baudrate;
@ -1231,7 +1231,7 @@ extern void pf_calc_skip_steps(struct pf_rulequeue *);
extern void pf_rule_set_qid(struct pf_rulequeue *);
extern u_int32_t pf_qname_to_qid(char *);
extern void pf_update_anchor_rules(void);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
extern uma_zone_t pf_tree_pl, pf_rule_pl, pf_addr_pl;
extern uma_zone_t pf_state_pl, pf_altq_pl, pf_pooladdr_pl;
extern uma_zone_t pfr_ktable_pl, pfr_kentry_pl;
@ -1339,7 +1339,7 @@ int pf_tag_packet(struct mbuf *, struct pf_tag *, int);
extern struct pf_status pf_status;
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
extern uma_zone_t pf_frent_pl, pf_frag_pl;
#else
extern struct pool pf_frent_pl, pf_frag_pl;
@ -1351,7 +1351,7 @@ struct pf_pool_limit {
};
extern struct pf_pool_limit pf_pool_limits[PF_LIMIT_MAX];
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
struct pf_frent {
LIST_ENTRY(pf_frent) fr_next;
struct ip *fr_ip;
@ -1396,7 +1396,7 @@ struct pf_osfp_enlist *
pf_osfp_fingerprint_hdr(const struct ip *, const struct tcphdr *);
void pf_osfp_flush(void);
int pf_osfp_get(struct pf_osfp_ioctl *);
#if defined(__FreeBSD__)
#ifdef __FreeBSD__
int pf_osfp_initialize(void);
void pf_osfp_cleanup(void);
#else