PERFORCE change 106010 for review

Tue Sep 12 05:28:03 PDT 2006

http://perforce.freebsd.org/chv.cgi?CH=106010

Change 106010 by piso at piso_longino on 2006/09/12 12:27:59

	-correctly release the rlock on nat_chain_rwl in case
	 something goes wrong with the nat action
	
	-use a nat counter (nat_cnt) to keep track of all
	 the nat instances  
	
	-white space cleanup

Affected files ...

.. //depot/projects/soc2005/libalias/sbin/ipfw/ipfw2.c#8 edit
.. //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#13 edit

Differences ...

==== //depot/projects/soc2005/libalias/sbin/ipfw/ipfw2.c#8 (text+ko) ====

@@ -5830,7 +5830,7 @@
 	struct cfg_nat *n;
 	struct cfg_redir *e;
 	int cmd, i, nbytes, do_cfg, do_rule = 0, frule, lrule, nalloc = 1024, 
-		size = 0, loop, r;
+		size = 0, nat_cnt, r;
 	u_int8_t *data = NULL, *p;
 	char **lav, *endptr;
 
@@ -5864,10 +5864,9 @@
 	if (nbytes == 0) 
 		exit(0); 
 	if (do_cfg) {
-		for (i = 0, loop = 1; loop; ) {
+		nat_cnt = *((int *)data);
+		for (i = sizeof(nat_cnt); nat_cnt; nat_cnt--) {
 			n = (struct cfg_nat *)&data[i];
-			if (n->next == NULL) 
-				loop = 0;
 			if (do_rule)
 				if (!(frule <= n->id && lrule >= n->id)) 
 					continue;

==== //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#13 (text+ko) ====

@@ -3420,16 +3420,17 @@
 				struct mbuf *mcl;
 				/* XXX - libalias duct tape */
 				int ldt = 0; 
-				char *c; 				
+				char *c;
 				
 				args->rule = f;	/* Report matching rule. */
 				retval = 0;
 				t = ((ipfw_insn_nat *)cmd)->nat;				
+				NAT_RLOCK(&nat_chain_rwl);
 				if (t == NULL) {
-					NAT_RLOCK(&nat_chain_rwl);
 					t = lookup_nat(cmd->arg1);
 					if (t == NULL) {
 						retval = IP_FW_DENY;
+						NAT_RUNLOCK(&nat_chain_rwl);
 						goto done;
 					} else 
 						((ipfw_insn_nat *)cmd)->nat = t;					
@@ -3495,6 +3496,7 @@
 					/* XXX - should i add some logging? */
 					m_free(mcl);
 				badnat:
+					NAT_RUNLOCK(&nat_chain_rwl);
 					args->m = NULL;
 					retval = IP_FW_DENY;
 					goto done;
@@ -4599,9 +4601,9 @@
 		add_redir_spool_cfg(&buf[(sizeof(struct cfg_nat))], 
 				    ptr);                               /* Add new entries. */
 		free(buf, M_IPFW);
-		NAT_WLOCK(&nat_chain_rwl);			
+		NAT_WLOCK(&nat_chain_rwl);
 		HOOK_NAT(&nat_chain, ptr);
-		NAT_WUNLOCK(&nat_chain_rwl);			
+		NAT_WUNLOCK(&nat_chain_rwl);
 	}
 	break;
 
@@ -4636,14 +4638,16 @@
 		int sof_nat = sizeof(struct cfg_nat);
 		int sof_redir = sizeof(struct cfg_redir);
 		int sof_spool = sizeof(struct cfg_spool);
-		int off = 0;
-
+		int nat_cnt = 0, off = sizeof(nat_cnt);
+		
+		printf("NAT_GET_CONFIG\n");
 		data = malloc(NAT_BUF_LEN, M_IPFW, M_NOWAIT | M_ZERO);
 		if (data == NULL)
 			return (ENOSPC);
 		NAT_RLOCK(&nat_chain_rwl);
 		/* Serialize all the data. */
 		LIST_FOREACH(n, &nat_chain, _next) {
+			nat_cnt++;
 			if (off + sof_nat < NAT_BUF_LEN) {
 				bcopy(n, &data[off], sof_nat);
 				off += sof_nat;
@@ -4664,9 +4668,11 @@
 			} else
 				goto nospace;
 		}
+		bcopy(&nat_cnt, data, sizeof(nat_cnt));
 		NAT_RUNLOCK(&nat_chain_rwl);
 		error = sooptcopyout(sopt, data, NAT_BUF_LEN);
 		free(data, M_IPFW);
+		break;
 	nospace:
 		NAT_RUNLOCK(&nat_chain_rwl);
 		printf("serialized data buffer not big enough: please increase NAT_BUF_LEN\n");
