svn commit: r204837 - in head/sys: net netinet/ipfw

Sun Mar 7 15:37:59 UTC 2010

Author: bz
Date: Sun Mar  7 15:37:58 2010
New Revision: 204837
URL: http://svn.freebsd.org/changeset/base/204837

Log:
  Not only flush the ipfw tables when unloading ipfw or tearing
  down a virtual netowrk stack, but also free the Radix Node Head.
  
  Sponsored by:	ISPsystem
  Reviewed by:	julian
  MFC after:	5 days

Modified:
  head/sys/net/radix.c
  head/sys/net/radix.h
  head/sys/netinet/ipfw/ip_fw2.c
  head/sys/netinet/ipfw/ip_fw_private.h
  head/sys/netinet/ipfw/ip_fw_table.c

Modified: head/sys/net/radix.c
==============================================================================

--- head/sys/net/radix.c	Sun Mar  7 15:08:42 2010	(r204836)
+++ head/sys/net/radix.c	Sun Mar  7 15:37:58 2010	(r204837)
@@ -1161,7 +1161,6 @@ rn_inithead(head, off)
 	return (1);
 }
 
-#ifdef VIMAGE
 int
 rn_detachhead(void **head)
 {
@@ -1177,7 +1176,6 @@ rn_detachhead(void **head)
 	*head = NULL;
 	return (1);
 }
-#endif
 
 void
 rn_init(int maxk)

Modified: head/sys/net/radix.h
==============================================================================
--- head/sys/net/radix.h	Sun Mar  7 15:08:42 2010	(r204836)
+++ head/sys/net/radix.h	Sun Mar  7 15:37:58 2010	(r204837)
@@ -162,9 +162,7 @@ struct radix_node_head {
 
 void	 rn_init(int);
 int	 rn_inithead(void **, int);
-#ifdef VIMAGE
 int	 rn_detachhead(void **);
-#endif
 int	 rn_refines(void *, void *);
 struct radix_node
 	 *rn_addmask(void *, int, int),

Modified: head/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- head/sys/netinet/ipfw/ip_fw2.c	Sun Mar  7 15:08:42 2010	(r204836)
+++ head/sys/netinet/ipfw/ip_fw2.c	Sun Mar  7 15:37:58 2010	(r204837)
@@ -2392,7 +2392,7 @@ vnet_ipfw_uninit(const void *unused)
 	IPFW_WLOCK(chain);
 
 	ipfw_dyn_uninit(0);	/* run the callout_drain */
-	ipfw_flush_tables(chain);
+	ipfw_destroy_tables(chain);
 	reap = NULL;
 	for (i = 0; i < chain->n_rules; i++) {
 		rule = chain->map[i];

Modified: head/sys/netinet/ipfw/ip_fw_private.h
==============================================================================
--- head/sys/netinet/ipfw/ip_fw_private.h	Sun Mar  7 15:08:42 2010	(r204836)
+++ head/sys/netinet/ipfw/ip_fw_private.h	Sun Mar  7 15:37:58 2010	(r204837)
@@ -272,6 +272,7 @@ struct radix_node;
 int ipfw_lookup_table(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr,
     uint32_t *val);
 int ipfw_init_tables(struct ip_fw_chain *ch);
+void ipfw_destroy_tables(struct ip_fw_chain *ch);
 int ipfw_flush_table(struct ip_fw_chain *ch, uint16_t tbl);
 void ipfw_flush_tables(struct ip_fw_chain *ch);
 int ipfw_add_table_entry(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr,

Modified: head/sys/netinet/ipfw/ip_fw_table.c
==============================================================================
--- head/sys/netinet/ipfw/ip_fw_table.c	Sun Mar  7 15:08:42 2010	(r204836)
+++ head/sys/netinet/ipfw/ip_fw_table.c	Sun Mar  7 15:37:58 2010	(r204837)
@@ -203,6 +203,21 @@ ipfw_init_tables(struct ip_fw_chain *ch)
 	return (0);
 }
 
+void
+ipfw_destroy_tables(struct ip_fw_chain *ch)
+{
+	int tbl;
+	struct radix_node_head *rnh;
+
+	IPFW_WLOCK_ASSERT(ch);
+
+	ipfw_flush_tables(ch);
+	for (tbl = 0; tbl < IPFW_TABLES_MAX; tbl++) {
+		rnh = ch->tables[tbl];
+		rn_detachhead((void **)&rnh);
+	}
+}
+
 int
 ipfw_lookup_table(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr,
     uint32_t *val)
