| ip_fw2.c (304079) | ip_fw2.c (306475) |
|---|---|
| 1/*- 2 * Copyright (c) 2002-2009 Luigi Rizzo, Universita` di Pisa 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 */ 25 26#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 2002-2009 Luigi Rizzo, Universita` di Pisa 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 */ 25 26#include <sys/cdefs.h> |
| 27__FBSDID("$FreeBSD: stable/11/sys/netpfil/ipfw/ip_fw2.c 304079 2016-08-14 14:50:32Z ae $"); | 27__FBSDID("$FreeBSD: stable/11/sys/netpfil/ipfw/ip_fw2.c 306475 2016-09-30 03:27:07Z ae $"); |
| 28 29/* 30 * The FreeBSD IP packet firewall, main file 31 */ 32 33#include "opt_ipfw.h" 34#include "opt_ipdivert.h" 35#include "opt_inet.h" --- 2650 unchanged lines hidden (view full) --- 2686 printf("limited to %d packets/entry by default\n", 2687 V_verbose_limit); 2688 2689 /* Check user-supplied table count for validness */ 2690 if (default_fw_tables > IPFW_TABLES_MAX) 2691 default_fw_tables = IPFW_TABLES_MAX; 2692 2693 ipfw_init_sopt_handler(); | 28 29/* 30 * The FreeBSD IP packet firewall, main file 31 */ 32 33#include "opt_ipfw.h" 34#include "opt_ipdivert.h" 35#include "opt_inet.h" --- 2650 unchanged lines hidden (view full) --- 2686 printf("limited to %d packets/entry by default\n", 2687 V_verbose_limit); 2688 2689 /* Check user-supplied table count for validness */ 2690 if (default_fw_tables > IPFW_TABLES_MAX) 2691 default_fw_tables = IPFW_TABLES_MAX; 2692 2693 ipfw_init_sopt_handler(); |
| 2694 ipfw_init_obj_rewriter(); |
|
| 2694 ipfw_iface_init(); 2695 return (error); 2696} 2697 2698/* 2699 * Called for the removal of the last instance only on module unload. 2700 */ 2701static void 2702ipfw_destroy(void) 2703{ 2704 2705 ipfw_iface_destroy(); 2706 ipfw_destroy_sopt_handler(); | 2695 ipfw_iface_init(); 2696 return (error); 2697} 2698 2699/* 2700 * Called for the removal of the last instance only on module unload. 2701 */ 2702static void 2703ipfw_destroy(void) 2704{ 2705 2706 ipfw_iface_destroy(); 2707 ipfw_destroy_sopt_handler(); |
| 2708 ipfw_destroy_obj_rewriter(); |
|
| 2707 printf("IP firewall unloaded\n"); 2708} 2709 2710/* 2711 * Stuff that must be initialized for every instance 2712 * (including the first of course). 2713 */ 2714static int --- 18 unchanged lines hidden (view full) --- 2733#endif 2734#ifdef IPFIREWALL_NAT 2735 LIST_INIT(&chain->nat); 2736#endif 2737 2738 /* Init shared services hash table */ 2739 ipfw_init_srv(chain); 2740 | 2709 printf("IP firewall unloaded\n"); 2710} 2711 2712/* 2713 * Stuff that must be initialized for every instance 2714 * (including the first of course). 2715 */ 2716static int --- 18 unchanged lines hidden (view full) --- 2735#endif 2736#ifdef IPFIREWALL_NAT 2737 LIST_INIT(&chain->nat); 2738#endif 2739 2740 /* Init shared services hash table */ 2741 ipfw_init_srv(chain); 2742 |
| 2741 ipfw_init_obj_rewriter(); | |
| 2742 ipfw_init_counters(); 2743 /* insert the default rule and create the initial map */ 2744 chain->n_rules = 1; 2745 chain->map = malloc(sizeof(struct ip_fw *), M_IPFW, M_WAITOK | M_ZERO); 2746 rule = ipfw_alloc_rule(chain, sizeof(struct ip_fw)); 2747 2748 /* Set initial number of tables */ 2749 V_fw_tables_max = default_fw_tables; --- 90 unchanged lines hidden (view full) --- 2840 ipfw_eaction_uninit(chain, last); 2841 if (reap != NULL) 2842 ipfw_reap_rules(reap); 2843 vnet_ipfw_iface_destroy(chain); 2844 ipfw_destroy_srv(chain); 2845 IPFW_LOCK_DESTROY(chain); 2846 ipfw_dyn_uninit(1); /* free the remaining parts */ 2847 ipfw_destroy_counters(); | 2743 ipfw_init_counters(); 2744 /* insert the default rule and create the initial map */ 2745 chain->n_rules = 1; 2746 chain->map = malloc(sizeof(struct ip_fw *), M_IPFW, M_WAITOK | M_ZERO); 2747 rule = ipfw_alloc_rule(chain, sizeof(struct ip_fw)); 2748 2749 /* Set initial number of tables */ 2750 V_fw_tables_max = default_fw_tables; --- 90 unchanged lines hidden (view full) --- 2841 ipfw_eaction_uninit(chain, last); 2842 if (reap != NULL) 2843 ipfw_reap_rules(reap); 2844 vnet_ipfw_iface_destroy(chain); 2845 ipfw_destroy_srv(chain); 2846 IPFW_LOCK_DESTROY(chain); 2847 ipfw_dyn_uninit(1); /* free the remaining parts */ 2848 ipfw_destroy_counters(); |
| 2848 ipfw_destroy_obj_rewriter(); | |
| 2849 return (0); 2850} 2851 2852/* 2853 * Module event handler. 2854 * In general we have the choice of handling most of these events by the 2855 * event handler or by the (VNET_)SYS(UN)INIT handlers. I have chosen to 2856 * use the SYSINIT handlers as they are more capable of expressing the --- 67 unchanged lines hidden --- | 2849 return (0); 2850} 2851 2852/* 2853 * Module event handler. 2854 * In general we have the choice of handling most of these events by the 2855 * event handler or by the (VNET_)SYS(UN)INIT handlers. I have chosen to 2856 * use the SYSINIT handlers as they are more capable of expressing the --- 67 unchanged lines hidden --- |