| fil.c (272994) | fil.c (272995) |
|---|---|
| 1/* $FreeBSD: stable/10/sys/contrib/ipfilter/netinet/fil.c 272994 2014-10-12 17:13:14Z cy $ */ | 1/* $FreeBSD: stable/10/sys/contrib/ipfilter/netinet/fil.c 272995 2014-10-12 17:15:20Z cy $ */ |
| 2 3/* 4 * Copyright (C) 2012 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * Copyright 2008 Sun Microsystems. 9 * --- 124 unchanged lines hidden (view full) --- 134#if defined(__OpenBSD__) 135# include <sys/timeout.h> 136extern struct timeout ipf_slowtimer_ch; 137#endif 138/* END OF INCLUDES */ 139 140#if !defined(lint) 141static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-2000 Darren Reed"; | 2 3/* 4 * Copyright (C) 2012 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * Copyright 2008 Sun Microsystems. 9 * --- 124 unchanged lines hidden (view full) --- 134#if defined(__OpenBSD__) 135# include <sys/timeout.h> 136extern struct timeout ipf_slowtimer_ch; 137#endif 138/* END OF INCLUDES */ 139 140#if !defined(lint) 141static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-2000 Darren Reed"; |
| 142static const char rcsid[] = "@(#)$FreeBSD: stable/10/sys/contrib/ipfilter/netinet/fil.c 272994 2014-10-12 17:13:14Z cy $"; | 142static const char rcsid[] = "@(#)$FreeBSD: stable/10/sys/contrib/ipfilter/netinet/fil.c 272995 2014-10-12 17:15:20Z cy $"; |
| 143/* static const char rcsid[] = "@(#)$Id: fil.c,v 2.243.2.125 2007/10/10 09:27:20 darrenr Exp $"; */ 144#endif 145 146#ifndef _KERNEL 147# include "ipf.h" 148# include "ipt.h" 149extern int opts; 150extern int blockreason; --- 4280 unchanged lines hidden (view full) --- 4431 } 4432 } 4433#endif 4434 return 0; 4435} 4436 4437 4438/* ------------------------------------------------------------------------ */ | 143/* static const char rcsid[] = "@(#)$Id: fil.c,v 2.243.2.125 2007/10/10 09:27:20 darrenr Exp $"; */ 144#endif 145 146#ifndef _KERNEL 147# include "ipf.h" 148# include "ipt.h" 149extern int opts; 150extern int blockreason; --- 4280 unchanged lines hidden (view full) --- 4431 } 4432 } 4433#endif 4434 return 0; 4435} 4436 4437 4438/* ------------------------------------------------------------------------ */ |
| 4439/* Function: ipf_rule_compare */ 4440/* Parameters: fr1(I) - first rule structure to compare */ 4441/* fr2(I) - second rule structure to compare */ 4442/* Returns: int - 0 == rules are the same, else mismatch */ 4443/* */ 4444/* Compare two rules and return 0 if they match or a number indicating */ 4445/* which of the individual checks failed. */ 4446/* ------------------------------------------------------------------------ */ 4447static int 4448ipf_rule_compare(frentry_t *fr1, frentry_t *fr2) 4449{ 4450 if (fr1->fr_cksum != fr2->fr_cksum) 4451 return 1; 4452 if (fr1->fr_size != fr2->fr_size) 4453 return 2; 4454 if (fr1->fr_dsize != fr2->fr_dsize) 4455 return 3; 4456 if (bcmp((char *)&fr1->fr_func, (char *)&fr2->fr_func, 4457 fr1->fr_size - offsetof(struct frentry, fr_func)) != 0) 4458 return 4; 4459 if (fr1->fr_data && !fr2->fr_data) 4460 return 5; 4461 if (!fr1->fr_data && fr2->fr_data) 4462 return 6; 4463 if (fr1->fr_data) { 4464 if (bcmp(fr1->fr_caddr, fr2->fr_caddr, fr1->fr_dsize)) 4465 return 7; 4466 } 4467 return 0; 4468} 4469 4470 4471/* ------------------------------------------------------------------------ */ |
|
| 4439/* Function: frrequest */ 4440/* Returns: int - 0 == success, > 0 == errno value */ 4441/* Parameters: unit(I) - device for which this is for */ 4442/* req(I) - ioctl command (SIOC*) */ 4443/* data(I) - pointr to ioctl data */ 4444/* set(I) - 1 or 0 (filter set) */ 4445/* makecopy(I) - flag indicating whether data points to a rule */ 4446/* in kernel space & hence doesn't need copying. */ --- 476 unchanged lines hidden (view full) --- 4923 ftail = fprev; 4924 f = NULL; 4925 break; 4926 } 4927 fprev = ftail; 4928 } 4929 4930 for (; (f = *ftail) != NULL; ftail = &f->fr_next) { | 4472/* Function: frrequest */ 4473/* Returns: int - 0 == success, > 0 == errno value */ 4474/* Parameters: unit(I) - device for which this is for */ 4475/* req(I) - ioctl command (SIOC*) */ 4476/* data(I) - pointr to ioctl data */ 4477/* set(I) - 1 or 0 (filter set) */ 4478/* makecopy(I) - flag indicating whether data points to a rule */ 4479/* in kernel space & hence doesn't need copying. */ --- 476 unchanged lines hidden (view full) --- 4956 ftail = fprev; 4957 f = NULL; 4958 break; 4959 } 4960 fprev = ftail; 4961 } 4962 4963 for (; (f = *ftail) != NULL; ftail = &f->fr_next) { |
| 4931 DT2(rule_cmp, frentry_t *, fp, frentry_t *, f); 4932 if ((fp->fr_cksum != f->fr_cksum) || 4933 (fp->fr_size != f->fr_size) || 4934 (f->fr_dsize != fp->fr_dsize)) 4935 continue; 4936 if (bcmp((char *)&f->fr_func, (char *)&fp->fr_func, 4937 fp->fr_size - offsetof(struct frentry, fr_func)) != 0) 4938 continue; 4939 if ((!ptr && !f->fr_data) || 4940 (ptr && f->fr_data && 4941 !bcmp((char *)ptr, (char *)f->fr_data, f->fr_dsize))) | 4964 if (ipf_rule_compare(fp, f) == 0) |
| 4942 break; 4943 } 4944 4945 /* 4946 * If zero'ing statistics, copy current to caller and zero. 4947 */ 4948 if (addrem == 2) { 4949 if (f == NULL) { --- 5278 unchanged lines hidden --- | 4965 break; 4966 } 4967 4968 /* 4969 * If zero'ing statistics, copy current to caller and zero. 4970 */ 4971 if (addrem == 2) { 4972 if (f == NULL) { --- 5278 unchanged lines hidden --- |