PERFORCE change 113021 for review
Marko Zec
zec at FreeBSD.org
Tue Jan 16 21:22:20 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=113021
Change 113021 by zec at zec_tca51 on 2007/01/16 21:21:44
Fix the changes to ipfw to allow it to compile with INET6.
Affected files ...
.. //depot/projects/vimage/src/sys/netinet/ip_fw2.c#8 edit
.. //depot/projects/vimage/src/sys/netinet/ip_fw_pfil.c#4 edit
Differences ...
==== //depot/projects/vimage/src/sys/netinet/ip_fw2.c#8 (text+ko) ====
@@ -311,19 +311,26 @@
/*
* IPv6 specific variables
*/
+#ifndef VIMAGE
+static int fw_deny_unknown_exthdrs;
+#endif
+
SYSCTL_DECL(_net_inet6_ip6);
-
-static struct sysctl_ctx_list ip6_fw_sysctl_ctx;
-static struct sysctl_oid *ip6_fw_sysctl_tree;
+SYSCTL_NODE(_net_inet6_ip6, OID_AUTO, fw, CTLFLAG_RW | CTLFLAG_SECURE,
+ 0, "Firewall");
+SYSCTL_V_PROC(V_NET, vnet_ipfw, _net_inet6_ip6_fw, OID_AUTO, enable,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, fw6_enable, 0,
+ ipfw_chg_hook, "I", "Enable ipfw+6");
+SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet6_ip6_fw, OID_AUTO,
+ deny_unknown_exthdrs, CTLFLAG_RW | CTLFLAG_SECURE,
+ fw_deny_unknown_exthdrs, 0,
+ "Deny packets with unknown IPv6 Extension Headers");
#endif /* INET6 */
#endif /* SYSCTL_NODE */
#ifdef IPFIREWALL_NAT
MODULE_DEPEND(ipfw, libalias, 1, 1, 1);
#endif
-#ifndef VIMAGE
-static int fw_deny_unknown_exthdrs;
-#endif
/*
* L3HDR maps an ipv4 pointer into a layer3 header pointer of type T
@@ -4980,23 +4987,6 @@
int
ipfw_init(void)
{
-#ifdef INET6
- /* Setup IPv6 fw sysctl tree. */
- sysctl_ctx_init(&ip6_fw_sysctl_ctx);
- ip6_fw_sysctl_tree = SYSCTL_ADD_NODE(&ip6_fw_sysctl_ctx,
- SYSCTL_STATIC_CHILDREN(_net_inet6_ip6), OID_AUTO, "fw",
- CTLFLAG_RW | CTLFLAG_SECURE, 0, "Firewall");
- SYSCTL_ADD_PROC(&ip6_fw_sysctl_ctx, SYSCTL_CHILDREN(ip6_fw_sysctl_tree),
- OID_AUTO, "enable", CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3,
- &fw6_enable, 0, ipfw_chg_hook, "I", "Enable ipfw+6");
-#if 0 /* XXX MARKO */
- SYSCTL_ADD_V_INT(V_NET, vnet_ipfw, &ip6_fw_sysctl_ctx,
- SYSCTL_CHILDREN(ip6_fw_sysctl_tree),
- OID_AUTO, "deny_unknown_exthdrs", CTLFLAG_RW | CTLFLAG_SECURE,
- fw_deny_unknown_exthdrs, 0,
- "Deny packets with unknown IPv6 Extension Headers");
-#endif /* 0 */
-#endif
ipfw_dyn_rule_zone = uma_zcreate("IPFW dynamic rule zone",
sizeof(ipfw_dyn_rule), NULL, NULL, NULL, NULL,
@@ -5116,10 +5106,5 @@
IPFW_DYN_LOCK_DESTROY();
uma_zdestroy(ipfw_dyn_rule_zone);
-#ifdef INET6
- /* Free IPv6 fw sysctl tree. */
- sysctl_ctx_free(&ip6_fw_sysctl_ctx);
-#endif
-
printf("IP firewall unloaded\n");
}
==== //depot/projects/vimage/src/sys/netinet/ip_fw_pfil.c#4 (text+ko) ====
@@ -519,7 +519,7 @@
error = ipfw_unhook();
}
#ifdef INET6
- if (arg1 == &fw6_enable) {
+ if (arg1 == &V_fw6_enable) {
if (enable)
error = ipfw6_hook();
else
More information about the p4-projects
mailing list