| if_pflog.c (126259) | if_pflog.c (126261) |
|---|---|
| 1/* $FreeBSD: head/sys/contrib/pf/net/if_pflog.c 126261 2004-02-26 02:34:12Z mlaier $ */ |
|
| 1/* $OpenBSD: if_pflog.c,v 1.9 2003/05/14 08:42:00 canacar Exp $ */ 2/* 3 * The authors of this code are John Ioannidis (ji@tla.org), 4 * Angelos D. Keromytis (kermit@csd.uch.gr) and 5 * Niels Provos (provos@physnet.uni-hamburg.de). 6 * 7 * This code was written by John Ioannidis for BSD/OS in Athens, Greece, 8 * in November 1995. --- 19 unchanged lines hidden (view full) --- 28 * 29 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 30 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 31 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 32 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 33 * PURPOSE. 34 */ 35 | 2/* $OpenBSD: if_pflog.c,v 1.9 2003/05/14 08:42:00 canacar Exp $ */ 3/* 4 * The authors of this code are John Ioannidis (ji@tla.org), 5 * Angelos D. Keromytis (kermit@csd.uch.gr) and 6 * Niels Provos (provos@physnet.uni-hamburg.de). 7 * 8 * This code was written by John Ioannidis for BSD/OS in Athens, Greece, 9 * in November 1995. --- 19 unchanged lines hidden (view full) --- 29 * 30 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 31 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 32 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 33 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 34 * PURPOSE. 35 */ 36 |
| 37#if defined(__FreeBSD__) 38#include "opt_inet.h" 39#include "opt_inet6.h" 40#endif 41 42#if !defined(__FreeBSD__) |
|
| 36#include "bpfilter.h" 37#include "pflog.h" | 43#include "bpfilter.h" 44#include "pflog.h" |
| 45#elif __FreeBSD__ >= 5 46#include "opt_bpf.h" 47#define NBPFILTER DEV_BPF 48#include "opt_pf.h" 49#define NPFLOG DEV_PFLOG 50#endif |
|
| 38 39#include <sys/param.h> 40#include <sys/systm.h> 41#include <sys/mbuf.h> 42#include <sys/socket.h> | 51 52#include <sys/param.h> 53#include <sys/systm.h> 54#include <sys/mbuf.h> 55#include <sys/socket.h> |
| 56#if defined(__FreeBSD__) 57#include <sys/kernel.h> 58#include <sys/malloc.h> 59#include <sys/sockio.h> 60#else |
|
| 43#include <sys/ioctl.h> | 61#include <sys/ioctl.h> |
| 62#endif |
|
| 44 45#include <net/if.h> 46#include <net/if_types.h> 47#include <net/route.h> 48#include <net/bpf.h> 49 50#ifdef INET 51#include <netinet/in.h> 52#include <netinet/in_var.h> 53#include <netinet/in_systm.h> 54#include <netinet/ip.h> 55#endif 56 | 63 64#include <net/if.h> 65#include <net/if_types.h> 66#include <net/route.h> 67#include <net/bpf.h> 68 69#ifdef INET 70#include <netinet/in.h> 71#include <netinet/in_var.h> 72#include <netinet/in_systm.h> 73#include <netinet/ip.h> 74#endif 75 |
| 76#if defined(__FreeBSD__) 77#include <machine/in_cksum.h> 78#endif 79 |
|
| 57#ifdef INET6 58#ifndef INET 59#include <netinet/in.h> 60#endif 61#include <netinet6/nd6.h> 62#endif /* INET6 */ 63 64#include <net/pfvar.h> 65#include <net/if_pflog.h> 66 | 80#ifdef INET6 81#ifndef INET 82#include <netinet/in.h> 83#endif 84#include <netinet6/nd6.h> 85#endif /* INET6 */ 86 87#include <net/pfvar.h> 88#include <net/if_pflog.h> 89 |
| 90#if defined(__FreeBSD__) 91#define PFLOGNAME "pflog" 92#endif 93 |
|
| 67#define PFLOGMTU (32768 + MHLEN + MLEN) 68 69#ifdef PFLOGDEBUG 70#define DPRINTF(x) do { if (pflogdebug) printf x ; } while (0) 71#else 72#define DPRINTF(x) 73#endif 74 | 94#define PFLOGMTU (32768 + MHLEN + MLEN) 95 96#ifdef PFLOGDEBUG 97#define DPRINTF(x) do { if (pflogdebug) printf x ; } while (0) 98#else 99#define DPRINTF(x) 100#endif 101 |
| 102#if !defined(__FreeBSD__) |
|
| 75struct pflog_softc pflogif[NPFLOG]; | 103struct pflog_softc pflogif[NPFLOG]; |
| 104#endif |
|
| 76 | 105 |
| 106#if defined(__FreeBSD__) 107void pflog_clone_destroy(struct ifnet *); 108int pflog_clone_create(struct if_clone *, int); 109#else |
|
| 77void pflogattach(int); | 110void pflogattach(int); |
| 111#endif |
|
| 78int pflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *, 79 struct rtentry *); 80int pflogioctl(struct ifnet *, u_long, caddr_t); 81void pflogrtrequest(int, struct rtentry *, struct sockaddr *); 82void pflogstart(struct ifnet *); 83 | 112int pflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *, 113 struct rtentry *); 114int pflogioctl(struct ifnet *, u_long, caddr_t); 115void pflogrtrequest(int, struct rtentry *, struct sockaddr *); 116void pflogstart(struct ifnet *); 117 |
| 118#if !defined(__FreeBSD__) |
|
| 84extern int ifqmaxlen; | 119extern int ifqmaxlen; |
| 120#endif |
|
| 85 | 121 |
| 122#if defined(__FreeBSD__) 123static MALLOC_DEFINE(M_PFLOG, PFLOGNAME, "Packet Filter Logging Interface"); 124static LIST_HEAD(pflog_list, pflog_softc) pflog_list; 125struct if_clone pflog_cloner = IF_CLONE_INITIALIZER(PFLOGNAME, 126 pflog_clone_create, pflog_clone_destroy, 1, IF_MAXUNIT); 127 |
|
| 86void | 128void |
| 129pflog_clone_destroy(struct ifnet *ifp) 130{ 131 struct pflog_softc *sc; 132 133 sc = ifp->if_softc; 134 135 /* 136 * Does we really need this? 137 */ 138 IF_DRAIN(&ifp->if_snd); 139 140 bpfdetach(ifp); 141 if_detach(ifp); 142 LIST_REMOVE(sc, sc_next); 143 free(sc, M_PFLOG); 144} 145#endif /* __FreeBSD__ */ 146 147#if defined(__FreeBSD__) 148int 149pflog_clone_create(struct if_clone *ifc, int unit) 150{ 151 struct pflog_softc *sc; 152 153 MALLOC(sc, struct pflog_softc *, sizeof(*sc), M_PFLOG, M_WAITOK|M_ZERO); 154 155#if (__FreeBSD_version < 501113) 156 sc->sc_if.if_name = PFLOGNAME; 157 sc->sc_if.if_unit = unit; 158#else 159 if_initname(&sc->sc_if, ifc->ifc_name, unit); 160#endif 161 sc->sc_if.if_mtu = PFLOGMTU; 162 sc->sc_if.if_ioctl = pflogioctl; 163 sc->sc_if.if_output = pflogoutput; 164 sc->sc_if.if_start = pflogstart; 165 sc->sc_if.if_type = IFT_PFLOG; 166 sc->sc_if.if_snd.ifq_maxlen = ifqmaxlen; 167 sc->sc_if.if_hdrlen = PFLOG_HDRLEN; 168 sc->sc_if.if_softc = sc; 169 /* 170 * We would get a message like 171 * "in6_ifattach: pflog0 is not multicast capable, IPv6 not enabled". 172 * We need a patch to in6_ifattach() to exclude interface type 173 * IFT_PFLOG. 174 */ 175 if_attach(&sc->sc_if); 176 177 LIST_INSERT_HEAD(&pflog_list, sc, sc_next); 178#if NBPFILTER > 0 179 bpfattach(&sc->sc_if, DLT_PFLOG, PFLOG_HDRLEN); 180#endif 181 182 return (0); 183} 184#else /* !__FreeBSD__ */ 185void |
|
| 87pflogattach(int npflog) 88{ 89 struct ifnet *ifp; 90 int i; 91 92 bzero(pflogif, sizeof(pflogif)); 93 94 for (i = 0; i < NPFLOG; i++) { --- 11 unchanged lines hidden (view full) --- 106 if_alloc_sadl(ifp); 107 108#if NBPFILTER > 0 109 bpfattach(&pflogif[i].sc_if.if_bpf, ifp, DLT_PFLOG, 110 PFLOG_HDRLEN); 111#endif 112 } 113} | 186pflogattach(int npflog) 187{ 188 struct ifnet *ifp; 189 int i; 190 191 bzero(pflogif, sizeof(pflogif)); 192 193 for (i = 0; i < NPFLOG; i++) { --- 11 unchanged lines hidden (view full) --- 205 if_alloc_sadl(ifp); 206 207#if NBPFILTER > 0 208 bpfattach(&pflogif[i].sc_if.if_bpf, ifp, DLT_PFLOG, 209 PFLOG_HDRLEN); 210#endif 211 } 212} |
| 213#endif /* __FreeBSD__ */ |
|
| 114 115/* 116 * Start output on the pflog interface. 117 */ 118void 119pflogstart(struct ifnet *ifp) 120{ 121 struct mbuf *m; | 214 215/* 216 * Start output on the pflog interface. 217 */ 218void 219pflogstart(struct ifnet *ifp) 220{ 221 struct mbuf *m; |
| 222#if defined(__FreeBSD__) && defined(ALTQ) 223 struct ifaltq *ifq; 224#else 225 struct ifqueue *ifq; 226#endif |
|
| 122 int s; 123 | 227 int s; 228 |
| 229#if defined(__FreeBSD__) 230 ifq = &ifp->if_snd; 231#endif |
|
| 124 for (;;) { 125 s = splimp(); | 232 for (;;) { 233 s = splimp(); |
| 234#if defined(__FreeBSD__) 235 IF_LOCK(ifq); 236 _IF_DROP(ifq); 237 _IF_DEQUEUE(ifq, m); 238 IF_UNLOCK(ifq); 239#else |
|
| 126 IF_DROP(&ifp->if_snd); 127 IF_DEQUEUE(&ifp->if_snd, m); | 240 IF_DROP(&ifp->if_snd); 241 IF_DEQUEUE(&ifp->if_snd, m); |
| 242#endif |
|
| 128 splx(s); | 243 splx(s); |
| 129 | |
| 130 if (m == NULL) 131 return; 132 else 133 m_freem(m); 134 } 135} 136 137int --- 45 unchanged lines hidden (view full) --- 183 184 if (ifp == NULL || m == NULL || rm == NULL) 185 return (-1); 186 187 hdr.length = PFLOG_REAL_HDRLEN; 188 hdr.af = af; 189 hdr.action = rm->action; 190 hdr.reason = reason; | 244 if (m == NULL) 245 return; 246 else 247 m_freem(m); 248 } 249} 250 251int --- 45 unchanged lines hidden (view full) --- 297 298 if (ifp == NULL || m == NULL || rm == NULL) 299 return (-1); 300 301 hdr.length = PFLOG_REAL_HDRLEN; 302 hdr.af = af; 303 hdr.action = rm->action; 304 hdr.reason = reason; |
| 305#if defined(__FreeBSD__) && (__FreeBSD_version < 501113) 306 snprintf(hdr.ifname, IFNAMSIZ, "%s%d", ifp->if_name, ifp->if_unit); 307#else |
|
| 191 memcpy(hdr.ifname, ifp->if_xname, sizeof(hdr.ifname)); | 308 memcpy(hdr.ifname, ifp->if_xname, sizeof(hdr.ifname)); |
| 309#endif |
|
| 192 193 if (am == NULL) { 194 hdr.rulenr = htonl(rm->nr); 195 hdr.subrulenr = -1; 196 bzero(hdr.ruleset, sizeof(hdr.ruleset)); 197 } else { 198 hdr.rulenr = htonl(am->nr); 199 hdr.subrulenr = htonl(rm->nr); --- 16 unchanged lines hidden (view full) --- 216 ip->ip_sum = in_cksum(m, ip->ip_hl << 2); 217 } 218#endif /* INET */ 219 220 m1.m_next = m; 221 m1.m_len = PFLOG_HDRLEN; 222 m1.m_data = (char *) &hdr; 223 | 310 311 if (am == NULL) { 312 hdr.rulenr = htonl(rm->nr); 313 hdr.subrulenr = -1; 314 bzero(hdr.ruleset, sizeof(hdr.ruleset)); 315 } else { 316 hdr.rulenr = htonl(am->nr); 317 hdr.subrulenr = htonl(rm->nr); --- 16 unchanged lines hidden (view full) --- 334 ip->ip_sum = in_cksum(m, ip->ip_hl << 2); 335 } 336#endif /* INET */ 337 338 m1.m_next = m; 339 m1.m_len = PFLOG_HDRLEN; 340 m1.m_data = (char *) &hdr; 341 |
| 342#if defined(__FreeBSD__) 343 KASSERT((!LIST_EMPTY(&pflog_list)), ("pflog: no interface")); 344 ifn = &LIST_FIRST(&pflog_list)->sc_if; 345#else |
|
| 224 ifn = &(pflogif[0].sc_if); | 346 ifn = &(pflogif[0].sc_if); |
| 347#endif |
|
| 225 226 if (ifn->if_bpf) 227 bpf_mtap(ifn->if_bpf, &m1); 228#endif 229 230 return (0); 231} | 348 349 if (ifn->if_bpf) 350 bpf_mtap(ifn->if_bpf, &m1); 351#endif 352 353 return (0); 354} |
| 355 356#if defined(__FreeBSD__) 357static int 358pflog_modevent(module_t mod, int type, void *data) 359{ 360 int error = 0; 361 362 switch (type) { 363 case MOD_LOAD: 364 LIST_INIT(&pflog_list); 365 if_clone_attach(&pflog_cloner); 366 printf("pflog: $Name: $\n"); 367 break; 368 369 case MOD_UNLOAD: 370 if_clone_detach(&pflog_cloner); 371 while (!LIST_EMPTY(&pflog_list)) 372 pflog_clone_destroy( 373 &LIST_FIRST(&pflog_list)->sc_if); 374 break; 375 376 default: 377 error = EINVAL; 378 break; 379 } 380 381 return error; 382} 383 384static moduledata_t pflog_mod = { 385 "pflog", 386 pflog_modevent, 387 0 388}; 389 390#define PFLOG_MODVER 1 391 392DECLARE_MODULE(pflog, pflog_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 393MODULE_VERSION(pflog, PFLOG_MODVER); 394#endif /* __FreeBSD__ */ |
|