svn commit: r193496 - in user/luigi/ipfw_80/sys: net netinet
netinet/ipfw
Luigi Rizzo
luigi at FreeBSD.org
Fri Jun 5 12:35:57 UTC 2009
Author: luigi
Date: Fri Jun 5 12:35:56 2009
New Revision: 193496
URL: http://svn.freebsd.org/changeset/base/193496
Log:
another batch of small changes to move ipfw-related stuff
into its own directory, and reduce header dependencies.
Modified:
user/luigi/ipfw_80/sys/net/if_bridge.c
user/luigi/ipfw_80/sys/net/if_ethersubr.c
user/luigi/ipfw_80/sys/netinet/ip_divert.c
user/luigi/ipfw_80/sys/netinet/ip_input.c
user/luigi/ipfw_80/sys/netinet/ip_var.h
user/luigi/ipfw_80/sys/netinet/ipfw/ip_dummynet.c
user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw2.c
user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw_pfil.c
user/luigi/ipfw_80/sys/netinet/raw_ip.c
Modified: user/luigi/ipfw_80/sys/net/if_bridge.c
==============================================================================
--- user/luigi/ipfw_80/sys/net/if_bridge.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/net/if_bridge.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -3060,7 +3060,7 @@ bridge_pfil(struct mbuf **mp, struct ifn
if (*mp == NULL)
return (error);
- if (DUMMYNET_LOADED && (i == IP_FW_DUMMYNET)) {
+ if (ip_dn_io_ptr && (i == IP_FW_DUMMYNET)) {
/* put the Ethernet header back on */
M_PREPEND(*mp, ETHER_HDR_LEN, M_DONTWAIT);
Modified: user/luigi/ipfw_80/sys/net/if_ethersubr.c
==============================================================================
--- user/luigi/ipfw_80/sys/net/if_ethersubr.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/net/if_ethersubr.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -524,7 +524,7 @@ ether_ipfw_chk(struct mbuf **m0, struct
if (i == IP_FW_PASS) /* a PASS rule. */
return 1;
- if (DUMMYNET_LOADED && (i == IP_FW_DUMMYNET)) {
+ if (ip_dn_io_ptr && (i == IP_FW_DUMMYNET)) {
/*
* Pass the pkt to dummynet, which consumes it.
* If shared, make a copy and keep the original.
Modified: user/luigi/ipfw_80/sys/netinet/ip_divert.c
==============================================================================
--- user/luigi/ipfw_80/sys/netinet/ip_divert.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/netinet/ip_divert.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -76,7 +76,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/ip_divert.h>
#include <netinet/ip_var.h>
#include <netinet/ip_fw.h>
-#include <netinet/ipfw/ip_fw_var.h>
+#include <netinet/ipfw/ip_fw_var.h> /* IP_FW_DIVERT_*_FLAG */
#include <netinet/vinet.h>
#ifdef SCTP
#include <netinet/sctp_crc32.h>
Modified: user/luigi/ipfw_80/sys/netinet/ip_input.c
==============================================================================
--- user/luigi/ipfw_80/sys/netinet/ip_input.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/netinet/ip_input.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -213,12 +213,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet
CTLFLAG_RDTUN, ip_output_flowtable_size, 2048,
"number of entries in the per-cpu output flow caches");
-/*
- * ipfw_ether and ipfw_bridge hooks.
- * XXX: Temporary until those are converted to pfil_hooks as well.
- */
-ip_fw_chk_t *ip_fw_chk_ptr = NULL;
-ip_dn_io_t *ip_dn_io_ptr = NULL;
#ifdef VIMAGE_GLOBALS
int fw_one_pass;
#endif
Modified: user/luigi/ipfw_80/sys/netinet/ip_var.h
==============================================================================
--- user/luigi/ipfw_80/sys/netinet/ip_var.h Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/netinet/ip_var.h Fri Jun 5 12:35:56 2009 (r193496)
@@ -224,24 +224,16 @@ extern struct pfil_head inet_pfil_hook;
void in_delayed_cksum(struct mbuf *m);
-/* Prototypes for ipfw and dummynet hooks */
-typedef int ip_fw_ctl_t(struct sockopt *);
-extern ip_fw_ctl_t *ip_fw_ctl_ptr;
-/* For kernel ipfw_ether and ipfw_bridge. */
+/* ipfw and dummynet hooks */
+extern int (*ip_fw_ctl_ptr)(struct sockopt *);
struct ip_fw_args;
-typedef int ip_fw_chk_t(struct ip_fw_args *args);
-extern ip_fw_chk_t *ip_fw_chk_ptr;
+extern int (*ip_fw_chk_ptr)(struct ip_fw_args *args);
#define IPFW_LOADED (ip_fw_chk_ptr != NULL)
-typedef int ip_dn_ctl_t(struct sockopt *); /* raw_ip.c */
-typedef void ip_dn_ruledel_t(void *); /* ip_fw.c */
-typedef int ip_dn_io_t(struct mbuf **m, int dir, struct ip_fw_args *fwa);
-extern ip_dn_ctl_t *ip_dn_ctl_ptr;
-extern ip_dn_ruledel_t *ip_dn_ruledel_ptr;
-extern ip_dn_io_t *ip_dn_io_ptr;
-#define DUMMYNET_LOADED (ip_dn_io_ptr != NULL)
-
-
+extern int (*ip_dn_ctl_ptr)(struct sockopt *); /* raw_ip.c */
+extern int (*ip_dn_io_ptr)(struct mbuf **m, int dir, struct ip_fw_args *fwa);
+//typedef void ip_dn_ruledel_t(void *); /* ip_fw_pfil.c */
+extern void (*ip_dn_ruledel_ptr)(void *); /* ip_fw_pfil.c */
#endif /* _KERNEL */
#endif /* !_NETINET_IP_VAR_H_ */
Modified: user/luigi/ipfw_80/sys/netinet/ipfw/ip_dummynet.c
==============================================================================
--- user/luigi/ipfw_80/sys/netinet/ipfw/ip_dummynet.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/netinet/ipfw/ip_dummynet.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -244,7 +244,7 @@ static void dummynet(void *);
static void dummynet_flush(void);
static void dummynet_send(struct mbuf *);
void dummynet_drain(void);
-static ip_dn_io_t dummynet_io;
+static int dummynet_io(struct mbuf **, int , struct ip_fw_args *);
static void dn_rule_delete(void *);
/*
@@ -1640,8 +1640,9 @@ dn_rule_delete_fs(struct dn_flow_set *fs
pkt->rule = ip_fw_default_rule ;
}
}
+
/*
- * when a firewall rule is deleted, scan all queues and remove the flow-id
+ * when a firewall rule is deleted, scan all queues and remove the rule-id
* from packets matching this rule.
*/
void
@@ -2339,7 +2340,7 @@ dummynet_modevent(module_t mod, int type
switch (type) {
case MOD_LOAD:
- if (DUMMYNET_LOADED) {
+ if (ip_dn_io_ptr) {
printf("DUMMYNET already loaded\n");
return EEXIST ;
}
Modified: user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw2.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw2.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -3605,6 +3605,12 @@ remove_rule(struct ip_fw_chain *chain, s
return n;
}
+/*
+ * Hook for rule delete.
+ * Set/cleared when dummynet module is loaded.
+ */
+void (*ip_dn_ruledel_ptr)(void *) = NULL;
+
/**
* Reclaim storage associated with a list of rules. This is
* typically the list created using remove_rule.
@@ -3616,7 +3622,7 @@ reap_rules(struct ip_fw *head)
while ((rule = head) != NULL) {
head = head->next;
- if (DUMMYNET_LOADED)
+ if (ip_dn_ruledel_ptr)
ip_dn_ruledel_ptr(rule);
free(rule, M_IPFW);
}
Modified: user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw_pfil.c
==============================================================================
--- user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw_pfil.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/netinet/ipfw/ip_fw_pfil.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -79,9 +79,6 @@ int fw6_enable = 1;
int ipfw_chg_hook(SYSCTL_HANDLER_ARGS);
-/* Dummynet hooks. */
-ip_dn_ruledel_t *ip_dn_ruledel_ptr = NULL;
-
/* Divert hooks. */
ip_divert_packet_t *ip_divert_ptr = NULL;
@@ -169,7 +166,7 @@ again:
break; /* not reached */
case IP_FW_DUMMYNET:
- if (!DUMMYNET_LOADED)
+ if (ip_dn_io_ptr == NULL)
goto drop;
if (mtod(*m0, struct ip *)->ip_v == 4)
ip_dn_io_ptr(m0, DN_TO_IP_IN, &args);
@@ -304,7 +301,7 @@ again:
break; /* not reached */
case IP_FW_DUMMYNET:
- if (!DUMMYNET_LOADED)
+ if (ip_dn_io_ptr == NULL)
break;
if (mtod(*m0, struct ip *)->ip_v == 4)
ip_dn_io_ptr(m0, DN_TO_IP_OUT, &args);
Modified: user/luigi/ipfw_80/sys/netinet/raw_ip.c
==============================================================================
--- user/luigi/ipfw_80/sys/netinet/raw_ip.c Fri Jun 5 12:14:43 2009 (r193495)
+++ user/luigi/ipfw_80/sys/netinet/raw_ip.c Fri Jun 5 12:35:56 2009 (r193496)
@@ -83,9 +83,15 @@ struct inpcbhead ripcb;
struct inpcbinfo ripcbinfo;
#endif
-/* control hooks for ipfw and dummynet */
-ip_fw_ctl_t *ip_fw_ctl_ptr = NULL;
-ip_dn_ctl_t *ip_dn_ctl_ptr = NULL;
+/*
+ * Control and data hooks for ipfw and dummynet.
+ * The data hooks are not used here but it is convenient
+ * to keep them all in one place.
+ */
+int (*ip_fw_ctl_ptr)(struct sockopt *) = NULL;
+int (*ip_dn_ctl_ptr)(struct sockopt *) = NULL;
+int (*ip_fw_chk_ptr)(struct ip_fw_args *args) = NULL;
+int (*ip_dn_io_ptr)(struct mbuf **m, int dir, struct ip_fw_args *fwa) = NULL;
/*
* Hooks for multicast routing. They all default to NULL, so leave them not
More information about the svn-src-user
mailing list