svn commit: r203452 - user/luigi/ipfw3-head/sys/netinet/ipfw
Luigi Rizzo
luigi at FreeBSD.org
Wed Feb 3 22:08:26 UTC 2010
Author: luigi
Date: Wed Feb 3 22:08:25 2010
New Revision: 203452
URL: http://svn.freebsd.org/changeset/base/203452
Log:
portability fixes -- make this code build under Linux and Windows
Modified:
user/luigi/ipfw3-head/sys/netinet/ipfw/dn_sched_qfq.c
user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c
user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_dynamic.c
user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_log.c
user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_table.c
Modified: user/luigi/ipfw3-head/sys/netinet/ipfw/dn_sched_qfq.c
==============================================================================
--- user/luigi/ipfw3-head/sys/netinet/ipfw/dn_sched_qfq.c Wed Feb 3 22:07:50 2010 (r203451)
+++ user/luigi/ipfw3-head/sys/netinet/ipfw/dn_sched_qfq.c Wed Feb 3 22:08:25 2010 (r203452)
@@ -57,7 +57,7 @@ typedef unsigned long bitmap;
* bitmaps ops are critical. Some linux versions have __fls
* and the bitmap ops. Some machines have ffs
*/
-#if !defined(_KERNEL) || defined( __FreeBSD__ )
+#if !defined(_KERNEL) || defined( __FreeBSD__ ) || defined(_WIN32)
static inline unsigned long __fls(unsigned long word)
{
return fls(word) - 1;
@@ -92,6 +92,10 @@ void __clear_bit(int ix, bitmap *p)
#endif /* !QFQ_DEBUG */
#endif /* !__linux__ */
+#ifdef __MIPSEL__
+#define __clear_bit(ix, pData) (*pData) &= ~(1<<(ix))
+#endif
+
/*-------------------------------------------*/
/*
Modified: user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c Wed Feb 3 22:07:50 2010 (r203451)
+++ user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c Wed Feb 3 22:08:25 2010 (r203452)
@@ -155,11 +155,13 @@ SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUT
SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit,
CTLFLAG_RW, &VNET_NAME(verbose_limit), 0,
"Set upper limit of matches of ipfw rules logged");
+uint32_t dummy_def = IPFW_DEFAULT_RULE;
SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, default_rule, CTLFLAG_RD,
- NULL, IPFW_DEFAULT_RULE,
+ &dummy_def, 0,
"The default/max possible rule number.");
+uint32_t dummy_tables_max = IPFW_TABLES_MAX;
SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, tables_max, CTLFLAG_RD,
- NULL, IPFW_TABLES_MAX,
+ &dummy_tables_max, 0,
"The maximum number of tables.");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, default_to_accept, CTLFLAG_RDTUN,
&default_to_accept, 0,
@@ -344,6 +346,7 @@ iface_match(struct ifnet *ifp, ipfw_insn
return(1);
}
} else {
+#ifdef __FreeBSD__ /* and OSX too ? */
struct ifaddr *ia;
if_addr_rlock(ifp);
@@ -357,6 +360,7 @@ iface_match(struct ifnet *ifp, ipfw_insn
}
}
if_addr_runlock(ifp);
+#endif /* __FreeBSD__ */
}
return(0); /* no match, fail ... */
}
@@ -385,6 +389,9 @@ iface_match(struct ifnet *ifp, ipfw_insn
static int
verify_path(struct in_addr src, struct ifnet *ifp, u_int fib)
{
+#ifndef __FreeBSD__
+ return 0;
+#else
struct route ro;
struct sockaddr_in *dst;
@@ -427,6 +434,7 @@ verify_path(struct in_addr src, struct i
/* found valid route */
RTFREE(ro.ro_rt);
return 1;
+#endif /* __FreeBSD__ */
}
#ifdef INET6
@@ -634,9 +642,14 @@ send_reject(struct ip_fw_args *args, int
static int
check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif,
struct in_addr dst_ip, u_int16_t dst_port, struct in_addr src_ip,
- u_int16_t src_port, struct ucred **uc, int *ugid_lookupp,
- struct inpcb *inp)
+ u_int16_t src_port, int *ugid_lookupp,
+ struct ucred **uc, struct inpcb *inp)
{
+#ifndef __FreeBSD__
+ return cred_check(insn, proto, oif,
+ dst_ip, dst_port, src_ip, src_port,
+ (struct bsd_ucred *)uc, ugid_lookupp, ((struct mbuf *)inp)->m_skb);
+#else /* FreeBSD */
struct inpcbinfo *pi;
int wildcard;
struct inpcb *pcb;
@@ -703,6 +716,7 @@ check_uidgid(ipfw_insn_u32 *insn, int pr
else if (insn->o.opcode == O_JAIL)
match = ((*uc)->cr_prison->pr_id == (int)insn->d[0]);
return match;
+#endif /* __FreeBSD__ */
}
/*
@@ -794,7 +808,11 @@ ipfw_chk(struct ip_fw_args *args)
* these types of constraints, as well as decrease contention
* on pcb related locks.
*/
+#ifndef __FreeBSD__
+ struct bsd_ucred ucred_cache;
+#else
struct ucred *ucred_cache = NULL;
+#endif
int ucred_lookup = 0;
/*
@@ -1233,8 +1251,13 @@ do { \
(ipfw_insn_u32 *)cmd,
proto, oif,
dst_ip, dst_port,
- src_ip, src_port, &ucred_cache,
- &ucred_lookup, args->inp);
+ src_ip, src_port, &ucred_lookup,
+#ifdef __FreeBSD__
+ &ucred_cache, args->inp);
+#else
+ (void *)&ucred_cache,
+ (struct inpcb *)args->m);
+#endif
break;
case O_RECV:
@@ -1348,13 +1371,22 @@ do { \
(ipfw_insn_u32 *)cmd,
proto, oif,
dst_ip, dst_port,
- src_ip, src_port, &ucred_cache,
- &ucred_lookup, args->inp);
+ src_ip, src_port, &ucred_lookup,
+#ifdef __FreeBSD__
+ &ucred_cache, args->inp);
if (v == 4 /* O_UID */)
key = ucred_cache->cr_uid;
else if (v == 5 /* O_JAIL */)
key = ucred_cache->cr_prison->pr_id;
key = htonl(key);
+#else /* !__FreeBSD__ */
+ (void *)&ucred_cache,
+ (struct inpcb *)args->m);
+ if (v ==4 /* O_UID */)
+ key = ucred_cache.uid;
+ else if (v == 5 /* O_JAIL */)
+ key = ucred_cache.xid;
+#endif /* !__FreeBSD__ */
} else
break;
}
@@ -1390,7 +1422,13 @@ do { \
INADDR_TO_IFP(src_ip, tif);
match = (tif != NULL);
+ break;
}
+#ifdef INET6
+ /* FALLTHROUGH */
+ case O_IP6_SRC_ME:
+ match= is_ipv6 && search_ip6_addr_net(&args->f_id.src_ip6);
+#endif
break;
case O_IP_DST_SET:
@@ -1423,9 +1461,16 @@ do { \
INADDR_TO_IFP(dst_ip, tif);
match = (tif != NULL);
+ break;
}
+#ifdef INET6
+ /* FALLTHROUGH */
+ case O_IP6_DST_ME:
+ match= is_ipv6 && search_ip6_addr_net(&args->f_id.dst_ip6);
+#endif
break;
+
case O_IP_SRCPORT:
case O_IP_DSTPORT:
/*
@@ -1691,14 +1736,6 @@ do { \
}
break;
- case O_IP6_SRC_ME:
- match= is_ipv6 && search_ip6_addr_net(&args->f_id.src_ip6);
- break;
-
- case O_IP6_DST_ME:
- match= is_ipv6 && search_ip6_addr_net(&args->f_id.dst_ip6);
- break;
-
case O_FLOW6ID:
match = is_ipv6 &&
flow6id_match(args->f_id.flow_id6,
@@ -2158,8 +2195,10 @@ do { \
printf("ipfw: ouch!, skip past end of rules, denying packet\n");
}
IPFW_RUNLOCK(chain);
+#ifdef __FreeBSD__
if (ucred_cache != NULL)
crfree(ucred_cache);
+#endif
return (retval);
pullup_failed:
Modified: user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_dynamic.c
==============================================================================
--- user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_dynamic.c Wed Feb 3 22:07:50 2010 (r203451)
+++ user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_dynamic.c Wed Feb 3 22:08:25 2010 (r203452)
@@ -128,7 +128,11 @@ static VNET_DEFINE(struct callout, ipfw_
#define V_ipfw_timeout VNET(ipfw_timeout)
static uma_zone_t ipfw_dyn_rule_zone;
+#ifndef __FreeBSD__
+DEFINE_SPINLOCK(ipfw_dyn_mtx);
+#else
static struct mtx ipfw_dyn_mtx; /* mutex guarding dynamic rules */
+#endif
#define IPFW_DYN_LOCK_INIT() \
mtx_init(&ipfw_dyn_mtx, "IPFW dynamic rules", NULL, MTX_DEF)
@@ -884,6 +888,9 @@ struct mbuf *
ipfw_send_pkt(struct mbuf *replyto, struct ipfw_flow_id *id, u_int32_t seq,
u_int32_t ack, int flags)
{
+#ifndef __FreeBSD__
+ return NULL;
+#else
struct mbuf *m;
int len, dir;
struct ip *h = NULL; /* stupid compiler */
@@ -1020,6 +1027,7 @@ ipfw_send_pkt(struct mbuf *replyto, stru
}
return (m);
+#endif /* __FreeBSD__ */
}
/*
Modified: user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_log.c
==============================================================================
--- user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_log.c Wed Feb 3 22:07:50 2010 (r203451)
+++ user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_log.c Wed Feb 3 22:08:25 2010 (r203452)
@@ -413,6 +413,7 @@ ipfw_log(struct ip_fw *f, u_int hlen, st
(ipoff & IP_MF) ? "+" : "");
}
}
+#ifdef __FreeBSD__
if (oif || m->m_pkthdr.rcvif)
log(LOG_SECURITY | LOG_INFO,
"ipfw: %d %s %s %s via %s%s\n",
@@ -421,6 +422,7 @@ ipfw_log(struct ip_fw *f, u_int hlen, st
oif ? oif->if_xname : m->m_pkthdr.rcvif->if_xname,
fragment);
else
+#endif
log(LOG_SECURITY | LOG_INFO,
"ipfw: %d %s %s [no if info]%s\n",
f ? f->rulenum : -1,
Modified: user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_table.c
==============================================================================
--- user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_table.c Wed Feb 3 22:07:50 2010 (r203451)
+++ user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw_table.c Wed Feb 3 22:08:25 2010 (r203452)
@@ -66,6 +66,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/in.h>
#include <netinet/ip_var.h> /* struct ipfw_rule_ref */
#include <netinet/ip_fw.h>
+#include <sys/queue.h> /* LIST_HEAD */
#include <netinet/ipfw/ip_fw_private.h>
#ifdef MAC
More information about the svn-src-user
mailing list