pf.c (181803) | pf.c (183550) |
---|---|
1/* $OpenBSD: pf.c,v 1.527 2007/02/22 15:23:23 pyr Exp $ */ 2/* add: $OpenBSD: pf.c,v 1.559 2007/09/18 18:45:59 markus Exp $ */ 3 4/* 5 * Copyright (c) 2001 Daniel Hartmeier 6 * Copyright (c) 2002,2003 Henning Brauer 7 * All rights reserved. 8 * --- 27 unchanged lines hidden (view full) --- 36 * 37 */ 38 39#ifdef __FreeBSD__ 40#include "opt_inet.h" 41#include "opt_inet6.h" 42 43#include <sys/cdefs.h> | 1/* $OpenBSD: pf.c,v 1.527 2007/02/22 15:23:23 pyr Exp $ */ 2/* add: $OpenBSD: pf.c,v 1.559 2007/09/18 18:45:59 markus Exp $ */ 3 4/* 5 * Copyright (c) 2001 Daniel Hartmeier 6 * Copyright (c) 2002,2003 Henning Brauer 7 * All rights reserved. 8 * --- 27 unchanged lines hidden (view full) --- 36 * 37 */ 38 39#ifdef __FreeBSD__ 40#include "opt_inet.h" 41#include "opt_inet6.h" 42 43#include <sys/cdefs.h> |
44__FBSDID("$FreeBSD: head/sys/contrib/pf/net/pf.c 181803 2008-08-17 23:27:27Z bz $"); | 44__FBSDID("$FreeBSD: head/sys/contrib/pf/net/pf.c 183550 2008-10-02 15:37:58Z zec $"); |
45#endif 46 47#ifdef __FreeBSD__ 48#include "opt_mac.h" 49#include "opt_bpf.h" 50#include "opt_pf.h" 51 52#ifdef DEV_BPF --- 1701 unchanged lines hidden (view full) --- 1754#else 1755pf_send_tcp(const struct pf_rule *r, sa_family_t af, 1756#endif 1757 const struct pf_addr *saddr, const struct pf_addr *daddr, 1758 u_int16_t sport, u_int16_t dport, u_int32_t seq, u_int32_t ack, 1759 u_int8_t flags, u_int16_t win, u_int16_t mss, u_int8_t ttl, int tag, 1760 u_int16_t rtag, struct ether_header *eh, struct ifnet *ifp) 1761{ | 45#endif 46 47#ifdef __FreeBSD__ 48#include "opt_mac.h" 49#include "opt_bpf.h" 50#include "opt_pf.h" 51 52#ifdef DEV_BPF --- 1701 unchanged lines hidden (view full) --- 1754#else 1755pf_send_tcp(const struct pf_rule *r, sa_family_t af, 1756#endif 1757 const struct pf_addr *saddr, const struct pf_addr *daddr, 1758 u_int16_t sport, u_int16_t dport, u_int32_t seq, u_int32_t ack, 1759 u_int8_t flags, u_int16_t win, u_int16_t mss, u_int8_t ttl, int tag, 1760 u_int16_t rtag, struct ether_header *eh, struct ifnet *ifp) 1761{ |
1762 INIT_VNET_INET(curvnet); |
|
1762 struct mbuf *m; 1763 int len, tlen; 1764#ifdef INET 1765 struct ip *h; 1766#endif /* INET */ 1767#ifdef INET6 1768 struct ip6_hdr *h6; 1769#endif /* INET6 */ --- 1147 unchanged lines hidden (view full) --- 2917 2918int 2919#ifdef __FreeBSD__ 2920pf_socket_lookup(int direction, struct pf_pdesc *pd, struct inpcb *inp_arg) 2921#else 2922pf_socket_lookup(int direction, struct pf_pdesc *pd) 2923#endif 2924{ | 1763 struct mbuf *m; 1764 int len, tlen; 1765#ifdef INET 1766 struct ip *h; 1767#endif /* INET */ 1768#ifdef INET6 1769 struct ip6_hdr *h6; 1770#endif /* INET6 */ --- 1147 unchanged lines hidden (view full) --- 2918 2919int 2920#ifdef __FreeBSD__ 2921pf_socket_lookup(int direction, struct pf_pdesc *pd, struct inpcb *inp_arg) 2922#else 2923pf_socket_lookup(int direction, struct pf_pdesc *pd) 2924#endif 2925{ |
2926 INIT_VNET_INET(curvnet); |
|
2925 struct pf_addr *saddr, *daddr; 2926 u_int16_t sport, dport; 2927#ifdef __FreeBSD__ 2928 struct inpcbinfo *pi; 2929#else 2930 struct inpcbtable *tb; 2931#endif 2932 struct inpcb *inp; --- 163 unchanged lines hidden (view full) --- 3096 } 3097 } 3098 return (wscale); 3099} 3100 3101u_int16_t 3102pf_get_mss(struct mbuf *m, int off, u_int16_t th_off, sa_family_t af) 3103{ | 2927 struct pf_addr *saddr, *daddr; 2928 u_int16_t sport, dport; 2929#ifdef __FreeBSD__ 2930 struct inpcbinfo *pi; 2931#else 2932 struct inpcbtable *tb; 2933#endif 2934 struct inpcb *inp; --- 163 unchanged lines hidden (view full) --- 3098 } 3099 } 3100 return (wscale); 3101} 3102 3103u_int16_t 3104pf_get_mss(struct mbuf *m, int off, u_int16_t th_off, sa_family_t af) 3105{ |
3106 INIT_VNET_INET(curvnet); |
|
3104 int hlen; 3105 u_int8_t hdr[60]; 3106 u_int8_t *opt, optlen; 3107 u_int16_t mss = V_tcp_mssdflt; 3108 3109 hlen = th_off << 2; /* hlen <= sizeof(hdr) */ 3110 if (hlen <= sizeof(struct tcphdr)) 3111 return (0); --- 23 unchanged lines hidden (view full) --- 3135 } 3136 return (mss); 3137} 3138 3139u_int16_t 3140pf_calc_mss(struct pf_addr *addr, sa_family_t af, u_int16_t offer) 3141{ 3142#ifdef INET | 3107 int hlen; 3108 u_int8_t hdr[60]; 3109 u_int8_t *opt, optlen; 3110 u_int16_t mss = V_tcp_mssdflt; 3111 3112 hlen = th_off << 2; /* hlen <= sizeof(hdr) */ 3113 if (hlen <= sizeof(struct tcphdr)) 3114 return (0); --- 23 unchanged lines hidden (view full) --- 3138 } 3139 return (mss); 3140} 3141 3142u_int16_t 3143pf_calc_mss(struct pf_addr *addr, sa_family_t af, u_int16_t offer) 3144{ 3145#ifdef INET |
3146 INIT_VNET_INET(curvnet); |
|
3143 struct sockaddr_in *dst; 3144 struct route ro; 3145#endif /* INET */ 3146#ifdef INET6 3147 struct sockaddr_in6 *dst6; 3148 struct route_in6 ro6; 3149#endif /* INET6 */ 3150 struct rtentry *rt = NULL; --- 86 unchanged lines hidden (view full) --- 3237#ifdef __FreeBSD__ 3238 struct pf_pdesc *pd, struct pf_rule **am, struct pf_ruleset **rsm, 3239 struct ifqueue *ifq, struct inpcb *inp) 3240#else 3241 struct pf_pdesc *pd, struct pf_rule **am, struct pf_ruleset **rsm, 3242 struct ifqueue *ifq) 3243#endif 3244{ | 3147 struct sockaddr_in *dst; 3148 struct route ro; 3149#endif /* INET */ 3150#ifdef INET6 3151 struct sockaddr_in6 *dst6; 3152 struct route_in6 ro6; 3153#endif /* INET6 */ 3154 struct rtentry *rt = NULL; --- 86 unchanged lines hidden (view full) --- 3241#ifdef __FreeBSD__ 3242 struct pf_pdesc *pd, struct pf_rule **am, struct pf_ruleset **rsm, 3243 struct ifqueue *ifq, struct inpcb *inp) 3244#else 3245 struct pf_pdesc *pd, struct pf_rule **am, struct pf_ruleset **rsm, 3246 struct ifqueue *ifq) 3247#endif 3248{ |
3249 INIT_VNET_INET(curvnet); |
|
3245 struct pf_rule *nr = NULL; 3246 struct pf_addr *saddr = pd->src, *daddr = pd->dst; 3247 struct tcphdr *th = pd->hdr.tcp; 3248 u_int16_t bport, nport = 0; 3249 sa_family_t af = pd->af; 3250 struct pf_rule *r, *a = NULL; 3251 struct pf_ruleset *ruleset = NULL; 3252 struct pf_src_node *nsn = NULL; --- 2838 unchanged lines hidden (view full) --- 6091} 6092 6093#ifdef INET 6094 6095void 6096pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, 6097 struct pf_state *s, struct pf_pdesc *pd) 6098{ | 3250 struct pf_rule *nr = NULL; 3251 struct pf_addr *saddr = pd->src, *daddr = pd->dst; 3252 struct tcphdr *th = pd->hdr.tcp; 3253 u_int16_t bport, nport = 0; 3254 sa_family_t af = pd->af; 3255 struct pf_rule *r, *a = NULL; 3256 struct pf_ruleset *ruleset = NULL; 3257 struct pf_src_node *nsn = NULL; --- 2838 unchanged lines hidden (view full) --- 6096} 6097 6098#ifdef INET 6099 6100void 6101pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, 6102 struct pf_state *s, struct pf_pdesc *pd) 6103{ |
6104 INIT_VNET_INET(curvnet); |
|
6099 struct mbuf *m0, *m1; 6100 struct route iproute; 6101 struct route *ro = NULL; 6102 struct sockaddr_in *dst; 6103 struct ip *ip; 6104 struct ifnet *ifp = NULL; 6105 struct pf_addr naddr; 6106 struct pf_src_node *sn = NULL; --- 521 unchanged lines hidden (view full) --- 6628#endif /* INET6 */ 6629 default: 6630 return (1); 6631 } 6632 } 6633 if (sum) { 6634 switch (p) { 6635 case IPPROTO_TCP: | 6105 struct mbuf *m0, *m1; 6106 struct route iproute; 6107 struct route *ro = NULL; 6108 struct sockaddr_in *dst; 6109 struct ip *ip; 6110 struct ifnet *ifp = NULL; 6111 struct pf_addr naddr; 6112 struct pf_src_node *sn = NULL; --- 521 unchanged lines hidden (view full) --- 6634#endif /* INET6 */ 6635 default: 6636 return (1); 6637 } 6638 } 6639 if (sum) { 6640 switch (p) { 6641 case IPPROTO_TCP: |
6642 { 6643 INIT_VNET_INET(curvnet); |
|
6636 V_tcpstat.tcps_rcvbadsum++; 6637 break; | 6644 V_tcpstat.tcps_rcvbadsum++; 6645 break; |
6646 } |
|
6638 case IPPROTO_UDP: | 6647 case IPPROTO_UDP: |
6648 { 6649 INIT_VNET_INET(curvnet); |
|
6639 V_udpstat.udps_badsum++; 6640 break; | 6650 V_udpstat.udps_badsum++; 6651 break; |
6652 } |
|
6641 case IPPROTO_ICMP: | 6653 case IPPROTO_ICMP: |
6654 { 6655 INIT_VNET_INET(curvnet); |
|
6642 V_icmpstat.icps_checksum++; 6643 break; | 6656 V_icmpstat.icps_checksum++; 6657 break; |
6658 } |
|
6644#ifdef INET6 6645 case IPPROTO_ICMPV6: | 6659#ifdef INET6 6660 case IPPROTO_ICMPV6: |
6661 { 6662 INIT_VNET_INET6(curvnet); |
|
6646 V_icmp6stat.icp6s_checksum++; 6647 break; | 6663 V_icmp6stat.icp6s_checksum++; 6664 break; |
6665 } |
|
6648#endif /* INET6 */ 6649 } 6650 return (1); 6651 } else { 6652 if (p == IPPROTO_TCP || p == IPPROTO_UDP) { 6653 m->m_pkthdr.csum_flags |= 6654 (CSUM_DATA_VALID | CSUM_PSEUDO_HDR); 6655 m->m_pkthdr.csum_data = 0xffff; --- 958 unchanged lines hidden --- | 6666#endif /* INET6 */ 6667 } 6668 return (1); 6669 } else { 6670 if (p == IPPROTO_TCP || p == IPPROTO_UDP) { 6671 m->m_pkthdr.csum_flags |= 6672 (CSUM_DATA_VALID | CSUM_PSEUDO_HDR); 6673 m->m_pkthdr.csum_data = 0xffff; --- 958 unchanged lines hidden --- |