PERFORCE change 150134 for review

Fri Sep 19 18:48:43 UTC 2008

http://perforce.freebsd.org/chv.cgi?CH=150134

Change 150134 by zec at zec_tpx32 on 2008/09/19 18:47:47

	Diff reduction.

Affected files ...

.. //depot/projects/vimage-commit2/src/sys/netinet/ip_fw.h#7 edit

Differences ...

==== //depot/projects/vimage-commit2/src/sys/netinet/ip_fw.h#7 (text+ko) ====

@@ -28,8 +28,6 @@
 #ifndef _IPFW2_H
 #define _IPFW2_H
 
-#include <sys/rwlock.h>
-#include <net/radix.h>
 /*
  * The default rule number.  By the design of ip_fw, the default rule
  * is the last one, so its number can also serve as the highest number
@@ -559,40 +557,7 @@
  * Main firewall chains definitions and global var's definitions.
  */
 #ifdef _KERNEL
-#ifdef NOTYET /* still in ip_fw2.c */
 
-/*
- * Data structure to cache our ucred related
- * information. This structure only gets used if
- * the user specified UID/GID based constraints in
- * a firewall rule.
- */
-struct ip_fw_ugid {
-	gid_t		fw_groups[NGROUPS];
-	int		fw_ngroups;
-	uid_t		fw_uid;
-	int		fw_prid;
-};
-#endif
-
-
-#define	IPFW_TABLES_MAX		128
-struct ip_fw_chain {
-	struct ip_fw	*rules;		/* list of rules */
-	struct ip_fw	*reap;		/* list of rules to reap */
-	LIST_HEAD(, cfg_nat) nat;	/* list of nat entries */
-	struct radix_node_head *tables[IPFW_TABLES_MAX];
-	struct rwlock	rwmtx;
-};
-
-#ifdef NOTYET /* still in ip_fw2.c */
-struct table_entry {
-	struct radix_node	rn[2];
-	struct sockaddr_in	addr, mask;
-	u_int32_t		value;
-};
-#endif
-
 /* Return values from ipfw_chk() */
 enum {
 	IP_FW_PASS = 0,
@@ -681,6 +646,14 @@
 
 #ifdef IPFW_INTERNAL
 
+#define	IPFW_TABLES_MAX		128
+struct ip_fw_chain {
+	struct ip_fw	*rules;		/* list of rules */
+	struct ip_fw	*reap;		/* list of rules to reap */
+	LIST_HEAD(, cfg_nat) nat;       /* list of nat entries */
+	struct radix_node_head *tables[IPFW_TABLES_MAX];
+	struct rwlock	rwmtx;
+};
 #define	IPFW_LOCK_INIT(_chain) \
 	rw_init(&(_chain)->rwmtx, "IPFW static rules")
 #define	IPFW_LOCK_DESTROY(_chain)	rw_destroy(&(_chain)->rwmtx)
@@ -711,19 +684,16 @@
 	int	_fw_one_pass;
 	int	_fw_enable;
 	int	_fw6_enable;
-
 	u_int32_t _set_disable;
 	int	_fw_deny_unknown_exthdrs;
 	int	_fw_verbose;
 	int	_verbose_limit;
 	int	_fw_debug;
 	int	_autoinc_step;
-
 	ipfw_dyn_rule **_ipfw_dyn_v;
 	struct ip_fw_chain _layer3_chain;
 	u_int32_t _dyn_buckets;
 	u_int32_t _curr_dyn_buckets;
-
 	u_int32_t _dyn_ack_lifetime;
 	u_int32_t _dyn_syn_lifetime;
 	u_int32_t _dyn_fin_lifetime;
@@ -737,9 +707,7 @@
 	u_int32_t _static_len;
 	u_int32_t _dyn_count;
 	u_int32_t _dyn_max;
-
 	u_int64_t _norule_counter;
-
 	struct callout _ipfw_timeout;
 	eventhandler_tag _ifaddr_event_tag;
 };
@@ -748,7 +716,6 @@
 /*
  * Symbol translation macros
  */
-
 #define INIT_VNET_IPFW(vnet) \
 	INIT_FROM_VNET(vnet, VNET_MOD_IPFW, struct vnet_ipfw, vnet_ipfw)
  
