| ip_fw.h (183744) | ip_fw.h (185895) |
|---|---|
| 1/*- 2 * Copyright (c) 2002 Luigi Rizzo, Universita` di Pisa 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 * | 1/*- 2 * Copyright (c) 2002 Luigi Rizzo, Universita` di Pisa 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 * |
| 25 * $FreeBSD: head/sys/netinet/ip_fw.h 183744 2008-10-10 14:33:47Z rwatson $ | 25 * $FreeBSD: head/sys/netinet/ip_fw.h 185895 2008-12-10 23:12:39Z zec $ |
| 26 */ 27 28#ifndef _IPFW2_H 29#define _IPFW2_H 30 31/* 32 * The default rule number. By the design of ip_fw, the default rule 33 * is the last one, so its number can also serve as the highest number --- 611 unchanged lines hidden (view full) --- 645#endif 646#endif 647 648/* For kernel ipfw_ether and ipfw_bridge. */ 649typedef int ip_fw_chk_t(struct ip_fw_args *args); 650extern ip_fw_chk_t *ip_fw_chk_ptr; 651#define IPFW_LOADED (ip_fw_chk_ptr != NULL) 652 | 26 */ 27 28#ifndef _IPFW2_H 29#define _IPFW2_H 30 31/* 32 * The default rule number. By the design of ip_fw, the default rule 33 * is the last one, so its number can also serve as the highest number --- 611 unchanged lines hidden (view full) --- 645#endif 646#endif 647 648/* For kernel ipfw_ether and ipfw_bridge. */ 649typedef int ip_fw_chk_t(struct ip_fw_args *args); 650extern ip_fw_chk_t *ip_fw_chk_ptr; 651#define IPFW_LOADED (ip_fw_chk_ptr != NULL) 652 |
| 653#ifdef IPFW_INTERNAL 654 | |
| 655struct ip_fw_chain { 656 struct ip_fw *rules; /* list of rules */ 657 struct ip_fw *reap; /* list of rules to reap */ 658 LIST_HEAD(, cfg_nat) nat; /* list of nat entries */ 659 struct radix_node_head *tables[IPFW_TABLES_MAX]; 660 struct rwlock rwmtx; 661}; | 653struct ip_fw_chain { 654 struct ip_fw *rules; /* list of rules */ 655 struct ip_fw *reap; /* list of rules to reap */ 656 LIST_HEAD(, cfg_nat) nat; /* list of nat entries */ 657 struct radix_node_head *tables[IPFW_TABLES_MAX]; 658 struct rwlock rwmtx; 659}; |
| 660 661#ifdef IPFW_INTERNAL 662 |
|
| 662#define IPFW_LOCK_INIT(_chain) \ 663 rw_init(&(_chain)->rwmtx, "IPFW static rules") 664#define IPFW_LOCK_DESTROY(_chain) rw_destroy(&(_chain)->rwmtx) 665#define IPFW_WLOCK_ASSERT(_chain) rw_assert(&(_chain)->rwmtx, RA_WLOCKED) 666 667#define IPFW_RLOCK(p) rw_rlock(&(p)->rwmtx) 668#define IPFW_RUNLOCK(p) rw_runlock(&(p)->rwmtx) 669#define IPFW_WLOCK(p) rw_wlock(&(p)->rwmtx) --- 9 unchanged lines hidden (view full) --- 679 680typedef int ipfw_nat_t(struct ip_fw_args *, struct cfg_nat *, struct mbuf *); 681typedef int ipfw_nat_cfg_t(struct sockopt *); 682#endif 683 684/* 685 * Stack virtualization support. 686 */ | 663#define IPFW_LOCK_INIT(_chain) \ 664 rw_init(&(_chain)->rwmtx, "IPFW static rules") 665#define IPFW_LOCK_DESTROY(_chain) rw_destroy(&(_chain)->rwmtx) 666#define IPFW_WLOCK_ASSERT(_chain) rw_assert(&(_chain)->rwmtx, RA_WLOCKED) 667 668#define IPFW_RLOCK(p) rw_rlock(&(p)->rwmtx) 669#define IPFW_RUNLOCK(p) rw_runlock(&(p)->rwmtx) 670#define IPFW_WLOCK(p) rw_wlock(&(p)->rwmtx) --- 9 unchanged lines hidden (view full) --- 680 681typedef int ipfw_nat_t(struct ip_fw_args *, struct cfg_nat *, struct mbuf *); 682typedef int ipfw_nat_cfg_t(struct sockopt *); 683#endif 684 685/* 686 * Stack virtualization support. 687 */ |
| 687#ifdef VIMAGE | |
| 688struct vnet_ipfw { | 688struct vnet_ipfw { |
| 689 int _fw_one_pass; | |
| 690 int _fw_enable; 691 int _fw6_enable; 692 u_int32_t _set_disable; 693 int _fw_deny_unknown_exthdrs; 694 int _fw_verbose; 695 int _verbose_limit; 696 int _fw_debug; 697 int _autoinc_step; --- 13 unchanged lines hidden (view full) --- 711 u_int32_t _static_count; 712 u_int32_t _static_len; 713 u_int32_t _dyn_count; 714 u_int32_t _dyn_max; 715 u_int64_t _norule_counter; 716 struct callout _ipfw_timeout; 717 eventhandler_tag _ifaddr_event_tag; 718}; | 689 int _fw_enable; 690 int _fw6_enable; 691 u_int32_t _set_disable; 692 int _fw_deny_unknown_exthdrs; 693 int _fw_verbose; 694 int _verbose_limit; 695 int _fw_debug; 696 int _autoinc_step; --- 13 unchanged lines hidden (view full) --- 710 u_int32_t _static_count; 711 u_int32_t _static_len; 712 u_int32_t _dyn_count; 713 u_int32_t _dyn_max; 714 u_int64_t _norule_counter; 715 struct callout _ipfw_timeout; 716 eventhandler_tag _ifaddr_event_tag; 717}; |
| 718 719#ifndef VIMAGE 720#ifndef VIMAGE_GLOBALS 721extern struct vnet_ipfw vnet_ipfw_0; |
|
| 719#endif | 722#endif |
| 723#endif |
|
| 720 721/* 722 * Symbol translation macros 723 */ 724#define INIT_VNET_IPFW(vnet) \ 725 INIT_FROM_VNET(vnet, VNET_MOD_IPFW, struct vnet_ipfw, vnet_ipfw) 726 727#define VNET_IPFW(sym) VSYM(vnet_ipfw, sym) 728 | 724 725/* 726 * Symbol translation macros 727 */ 728#define INIT_VNET_IPFW(vnet) \ 729 INIT_FROM_VNET(vnet, VNET_MOD_IPFW, struct vnet_ipfw, vnet_ipfw) 730 731#define VNET_IPFW(sym) VSYM(vnet_ipfw, sym) 732 |
| 729#define V_fw_one_pass VNET_IPFW(fw_one_pass) | |
| 730#define V_fw_enable VNET_IPFW(fw_enable) 731#define V_fw6_enable VNET_IPFW(fw6_enable) 732#define V_set_disable VNET_IPFW(set_disable) 733#define V_fw_deny_unknown_exthdrs VNET_IPFW(fw_deny_unknown_exthdrs) 734#define V_fw_verbose VNET_IPFW(fw_verbose) 735#define V_verbose_limit VNET_IPFW(verbose_limit) 736#define V_fw_debug VNET_IPFW(fw_debug) 737#define V_autoinc_step VNET_IPFW(autoinc_step) --- 23 unchanged lines hidden --- | 733#define V_fw_enable VNET_IPFW(fw_enable) 734#define V_fw6_enable VNET_IPFW(fw6_enable) 735#define V_set_disable VNET_IPFW(set_disable) 736#define V_fw_deny_unknown_exthdrs VNET_IPFW(fw_deny_unknown_exthdrs) 737#define V_fw_verbose VNET_IPFW(fw_verbose) 738#define V_verbose_limit VNET_IPFW(verbose_limit) 739#define V_fw_debug VNET_IPFW(fw_debug) 740#define V_autoinc_step VNET_IPFW(autoinc_step) --- 23 unchanged lines hidden --- |