PERFORCE change 106010 for review
Paolo Pisati
piso at FreeBSD.org
Tue Sep 12 05:28:03 PDT 2006
http://perforce.freebsd.org/chv.cgi?CH=106010
Change 106010 by piso at piso_longino on 2006/09/12 12:27:59
-correctly release the rlock on nat_chain_rwl in case
something goes wrong with the nat action
-use a nat counter (nat_cnt) to keep track of all
the nat instances
-white space cleanup
Affected files ...
.. //depot/projects/soc2005/libalias/sbin/ipfw/ipfw2.c#8 edit
.. //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#13 edit
Differences ...
==== //depot/projects/soc2005/libalias/sbin/ipfw/ipfw2.c#8 (text+ko) ====
@@ -5830,7 +5830,7 @@
struct cfg_nat *n;
struct cfg_redir *e;
int cmd, i, nbytes, do_cfg, do_rule = 0, frule, lrule, nalloc = 1024,
- size = 0, loop, r;
+ size = 0, nat_cnt, r;
u_int8_t *data = NULL, *p;
char **lav, *endptr;
@@ -5864,10 +5864,9 @@
if (nbytes == 0)
exit(0);
if (do_cfg) {
- for (i = 0, loop = 1; loop; ) {
+ nat_cnt = *((int *)data);
+ for (i = sizeof(nat_cnt); nat_cnt; nat_cnt--) {
n = (struct cfg_nat *)&data[i];
- if (n->next == NULL)
- loop = 0;
if (do_rule)
if (!(frule <= n->id && lrule >= n->id))
continue;
==== //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#13 (text+ko) ====
@@ -3420,16 +3420,17 @@
struct mbuf *mcl;
/* XXX - libalias duct tape */
int ldt = 0;
- char *c;
+ char *c;
args->rule = f; /* Report matching rule. */
retval = 0;
t = ((ipfw_insn_nat *)cmd)->nat;
+ NAT_RLOCK(&nat_chain_rwl);
if (t == NULL) {
- NAT_RLOCK(&nat_chain_rwl);
t = lookup_nat(cmd->arg1);
if (t == NULL) {
retval = IP_FW_DENY;
+ NAT_RUNLOCK(&nat_chain_rwl);
goto done;
} else
((ipfw_insn_nat *)cmd)->nat = t;
@@ -3495,6 +3496,7 @@
/* XXX - should i add some logging? */
m_free(mcl);
badnat:
+ NAT_RUNLOCK(&nat_chain_rwl);
args->m = NULL;
retval = IP_FW_DENY;
goto done;
@@ -4599,9 +4601,9 @@
add_redir_spool_cfg(&buf[(sizeof(struct cfg_nat))],
ptr); /* Add new entries. */
free(buf, M_IPFW);
- NAT_WLOCK(&nat_chain_rwl);
+ NAT_WLOCK(&nat_chain_rwl);
HOOK_NAT(&nat_chain, ptr);
- NAT_WUNLOCK(&nat_chain_rwl);
+ NAT_WUNLOCK(&nat_chain_rwl);
}
break;
@@ -4636,14 +4638,16 @@
int sof_nat = sizeof(struct cfg_nat);
int sof_redir = sizeof(struct cfg_redir);
int sof_spool = sizeof(struct cfg_spool);
- int off = 0;
-
+ int nat_cnt = 0, off = sizeof(nat_cnt);
+
+ printf("NAT_GET_CONFIG\n");
data = malloc(NAT_BUF_LEN, M_IPFW, M_NOWAIT | M_ZERO);
if (data == NULL)
return (ENOSPC);
NAT_RLOCK(&nat_chain_rwl);
/* Serialize all the data. */
LIST_FOREACH(n, &nat_chain, _next) {
+ nat_cnt++;
if (off + sof_nat < NAT_BUF_LEN) {
bcopy(n, &data[off], sof_nat);
off += sof_nat;
@@ -4664,9 +4668,11 @@
} else
goto nospace;
}
+ bcopy(&nat_cnt, data, sizeof(nat_cnt));
NAT_RUNLOCK(&nat_chain_rwl);
error = sooptcopyout(sopt, data, NAT_BUF_LEN);
free(data, M_IPFW);
+ break;
nospace:
NAT_RUNLOCK(&nat_chain_rwl);
printf("serialized data buffer not big enough: please increase NAT_BUF_LEN\n");
More information about the p4-projects
mailing list