| pf_table.c (145873) | pf_table.c (171168) |
|---|---|
| 1/* $FreeBSD: head/sys/contrib/pf/net/pf_table.c 145873 2005-05-04 15:29:28Z mlaier $ */ 2/* $OpenBSD: pf_table.c,v 1.62 2004/12/07 18:02:04 mcbride Exp $ */ | 1/* $OpenBSD: pf_table.c,v 1.68 2006/05/02 10:08:45 dhartmei Exp $ */ |
| 3 4/* 5 * Copyright (c) 2002 Cedric Berger 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: --- 18 unchanged lines hidden (view full) --- 29 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 * 32 */ 33 34#ifdef __FreeBSD__ 35#include "opt_inet.h" 36#include "opt_inet6.h" | 2 3/* 4 * Copyright (c) 2002 Cedric Berger 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: --- 18 unchanged lines hidden (view full) --- 28 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 * 31 */ 32 33#ifdef __FreeBSD__ 34#include "opt_inet.h" 35#include "opt_inet6.h" |
| 36 37#include <sys/cdefs.h> 38__FBSDID("$FreeBSD: head/sys/contrib/pf/net/pf_table.c 171168 2007-07-03 12:16:07Z mlaier $"); |
|
| 37#endif 38 39#include <sys/param.h> 40#include <sys/systm.h> 41#include <sys/socket.h> 42#include <sys/mbuf.h> 43#include <sys/kernel.h> 44#ifdef __FreeBSD__ --- 415 unchanged lines hidden (view full) --- 460_bad: 461 if (flags & PFR_FLAG_FEEDBACK) 462 pfr_reset_feedback(addr, size, flags); 463 return (rv); 464} 465 466int 467pfr_set_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size, | 39#endif 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/socket.h> 44#include <sys/mbuf.h> 45#include <sys/kernel.h> 46#ifdef __FreeBSD__ --- 415 unchanged lines hidden (view full) --- 462_bad: 463 if (flags & PFR_FLAG_FEEDBACK) 464 pfr_reset_feedback(addr, size, flags); 465 return (rv); 466} 467 468int 469pfr_set_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size, |
| 468 int *size2, int *nadd, int *ndel, int *nchange, int flags) | 470 int *size2, int *nadd, int *ndel, int *nchange, int flags, 471 u_int32_t ignore_pfrt_flags) |
| 469{ 470 struct pfr_ktable *kt, *tmpkt; 471 struct pfr_kentryworkq addq, delq, changeq; 472 struct pfr_kentry *p, *q; 473 struct pfr_addr ad; 474 int i, rv, s = 0, xadd = 0, xdel = 0, xchange = 0; 475 long tzero = time_second; 476 477 ACCEPT_FLAGS(PFR_FLAG_ATOMIC+PFR_FLAG_DUMMY+PFR_FLAG_FEEDBACK); | 472{ 473 struct pfr_ktable *kt, *tmpkt; 474 struct pfr_kentryworkq addq, delq, changeq; 475 struct pfr_kentry *p, *q; 476 struct pfr_addr ad; 477 int i, rv, s = 0, xadd = 0, xdel = 0, xchange = 0; 478 long tzero = time_second; 479 480 ACCEPT_FLAGS(PFR_FLAG_ATOMIC+PFR_FLAG_DUMMY+PFR_FLAG_FEEDBACK); |
| 478 if (pfr_validate_table(tbl, 0, flags & PFR_FLAG_USERIOCTL)) | 481 if (pfr_validate_table(tbl, ignore_pfrt_flags, flags & 482 PFR_FLAG_USERIOCTL)) |
| 479 return (EINVAL); 480 kt = pfr_lookup_table(tbl); 481 if (kt == NULL || !(kt->pfrkt_flags & PFR_TFLAG_ACTIVE)) 482 return (ESRCH); 483 if (kt->pfrkt_flags & PFR_TFLAG_CONST) 484 return (EPERM); 485 tmpkt = pfr_create_ktable(&pfr_nulltable, 0, 0); 486 if (tmpkt == NULL) --- 383 unchanged lines hidden (view full) --- 870 head = kt->pfrkt_ip4; 871 } else if ( ad->pfra_af == AF_INET6 ) { 872 FILLIN_SIN6(sa.sin6, ad->pfra_ip6addr); 873 head = kt->pfrkt_ip6; 874 } 875 if (ADDR_NETWORK(ad)) { 876 pfr_prepare_network(&mask, ad->pfra_af, ad->pfra_net); 877 s = splsoftnet(); /* rn_lookup makes use of globals */ | 483 return (EINVAL); 484 kt = pfr_lookup_table(tbl); 485 if (kt == NULL || !(kt->pfrkt_flags & PFR_TFLAG_ACTIVE)) 486 return (ESRCH); 487 if (kt->pfrkt_flags & PFR_TFLAG_CONST) 488 return (EPERM); 489 tmpkt = pfr_create_ktable(&pfr_nulltable, 0, 0); 490 if (tmpkt == NULL) --- 383 unchanged lines hidden (view full) --- 874 head = kt->pfrkt_ip4; 875 } else if ( ad->pfra_af == AF_INET6 ) { 876 FILLIN_SIN6(sa.sin6, ad->pfra_ip6addr); 877 head = kt->pfrkt_ip6; 878 } 879 if (ADDR_NETWORK(ad)) { 880 pfr_prepare_network(&mask, ad->pfra_af, ad->pfra_net); 881 s = splsoftnet(); /* rn_lookup makes use of globals */ |
| 878#if defined(__FreeBSD__) && (__FreeBSD_version >= 500100) 879 RADIX_NODE_HEAD_LOCK(head); | 882#ifdef __FreeBSD__ 883 PF_ASSERT(MA_OWNED); |
| 880#endif 881 ke = (struct pfr_kentry *)rn_lookup(&sa, &mask, head); | 884#endif 885 ke = (struct pfr_kentry *)rn_lookup(&sa, &mask, head); |
| 882#if defined(__FreeBSD__) && (__FreeBSD_version >= 500100) 883 RADIX_NODE_HEAD_UNLOCK(head); 884#endif | |
| 885 splx(s); 886 if (ke && KENTRY_RNF_ROOT(ke)) 887 ke = NULL; 888 } else { 889 ke = (struct pfr_kentry *)rn_match(&sa, head); 890 if (ke && KENTRY_RNF_ROOT(ke)) 891 ke = NULL; 892 if (exact && ke && KENTRY_NETWORK(ke)) --- 181 unchanged lines hidden (view full) --- 1074 1075 bzero(ke->pfrke_node, sizeof(ke->pfrke_node)); 1076 if (ke->pfrke_af == AF_INET) 1077 head = kt->pfrkt_ip4; 1078 else if (ke->pfrke_af == AF_INET6) 1079 head = kt->pfrkt_ip6; 1080 1081 s = splsoftnet(); | 886 splx(s); 887 if (ke && KENTRY_RNF_ROOT(ke)) 888 ke = NULL; 889 } else { 890 ke = (struct pfr_kentry *)rn_match(&sa, head); 891 if (ke && KENTRY_RNF_ROOT(ke)) 892 ke = NULL; 893 if (exact && ke && KENTRY_NETWORK(ke)) --- 181 unchanged lines hidden (view full) --- 1075 1076 bzero(ke->pfrke_node, sizeof(ke->pfrke_node)); 1077 if (ke->pfrke_af == AF_INET) 1078 head = kt->pfrkt_ip4; 1079 else if (ke->pfrke_af == AF_INET6) 1080 head = kt->pfrkt_ip6; 1081 1082 s = splsoftnet(); |
| 1082#if defined(__FreeBSD__) && (__FreeBSD_version >= 500100) 1083 RADIX_NODE_HEAD_LOCK(head); | 1083#ifdef __FreeBSD__ 1084 PF_ASSERT(MA_OWNED); |
| 1084#endif 1085 if (KENTRY_NETWORK(ke)) { 1086 pfr_prepare_network(&mask, ke->pfrke_af, ke->pfrke_net); 1087 rn = rn_addroute(&ke->pfrke_sa, &mask, head, ke->pfrke_node); 1088 } else 1089 rn = rn_addroute(&ke->pfrke_sa, NULL, head, ke->pfrke_node); | 1085#endif 1086 if (KENTRY_NETWORK(ke)) { 1087 pfr_prepare_network(&mask, ke->pfrke_af, ke->pfrke_net); 1088 rn = rn_addroute(&ke->pfrke_sa, &mask, head, ke->pfrke_node); 1089 } else 1090 rn = rn_addroute(&ke->pfrke_sa, NULL, head, ke->pfrke_node); |
| 1090#if defined(__FreeBSD__) && (__FreeBSD_version >= 500100) 1091 RADIX_NODE_HEAD_UNLOCK(head); 1092#endif | |
| 1093 splx(s); 1094 1095 return (rn == NULL ? -1 : 0); 1096} 1097 1098int 1099pfr_unroute_kentry(struct pfr_ktable *kt, struct pfr_kentry *ke) 1100{ 1101 union sockaddr_union mask; 1102 struct radix_node *rn; 1103 struct radix_node_head *head = NULL; /* make the compiler happy */ 1104 int s; 1105 1106 if (ke->pfrke_af == AF_INET) 1107 head = kt->pfrkt_ip4; 1108 else if (ke->pfrke_af == AF_INET6) 1109 head = kt->pfrkt_ip6; 1110 1111 s = splsoftnet(); | 1091 splx(s); 1092 1093 return (rn == NULL ? -1 : 0); 1094} 1095 1096int 1097pfr_unroute_kentry(struct pfr_ktable *kt, struct pfr_kentry *ke) 1098{ 1099 union sockaddr_union mask; 1100 struct radix_node *rn; 1101 struct radix_node_head *head = NULL; /* make the compiler happy */ 1102 int s; 1103 1104 if (ke->pfrke_af == AF_INET) 1105 head = kt->pfrkt_ip4; 1106 else if (ke->pfrke_af == AF_INET6) 1107 head = kt->pfrkt_ip6; 1108 1109 s = splsoftnet(); |
| 1112#if defined(__FreeBSD__) && (__FreeBSD_version >= 500100) 1113 RADIX_NODE_HEAD_LOCK(head); | 1110#ifdef __FreeBSD__ 1111 PF_ASSERT(MA_OWNED); |
| 1114#endif 1115 if (KENTRY_NETWORK(ke)) { 1116 pfr_prepare_network(&mask, ke->pfrke_af, ke->pfrke_net); 1117#ifdef __FreeBSD__ 1118 rn = rn_delete(&ke->pfrke_sa, &mask, head); 1119#else 1120 rn = rn_delete(&ke->pfrke_sa, &mask, head, NULL); 1121#endif 1122 } else 1123#ifdef __FreeBSD__ 1124 rn = rn_delete(&ke->pfrke_sa, NULL, head); 1125#else 1126 rn = rn_delete(&ke->pfrke_sa, NULL, head, NULL); 1127#endif | 1112#endif 1113 if (KENTRY_NETWORK(ke)) { 1114 pfr_prepare_network(&mask, ke->pfrke_af, ke->pfrke_net); 1115#ifdef __FreeBSD__ 1116 rn = rn_delete(&ke->pfrke_sa, &mask, head); 1117#else 1118 rn = rn_delete(&ke->pfrke_sa, &mask, head, NULL); 1119#endif 1120 } else 1121#ifdef __FreeBSD__ 1122 rn = rn_delete(&ke->pfrke_sa, NULL, head); 1123#else 1124 rn = rn_delete(&ke->pfrke_sa, NULL, head, NULL); 1125#endif |
| 1128#if defined(__FreeBSD__) && (__FreeBSD_version >= 500100) 1129 RADIX_NODE_HEAD_UNLOCK(head); 1130#endif | |
| 1131 splx(s); 1132 1133 if (rn == NULL) { 1134 printf("pfr_unroute_kentry: delete failed.\n"); 1135 return (-1); 1136 } 1137 return (0); 1138} --- 1038 unchanged lines hidden (view full) --- 2177{ 2178 struct pfr_ktable *kt, *rt; 2179 struct pfr_table tbl; 2180 struct pf_anchor *ac = rs->anchor; 2181 2182 bzero(&tbl, sizeof(tbl)); 2183 strlcpy(tbl.pfrt_name, name, sizeof(tbl.pfrt_name)); 2184 if (ac != NULL) | 1126 splx(s); 1127 1128 if (rn == NULL) { 1129 printf("pfr_unroute_kentry: delete failed.\n"); 1130 return (-1); 1131 } 1132 return (0); 1133} --- 1038 unchanged lines hidden (view full) --- 2172{ 2173 struct pfr_ktable *kt, *rt; 2174 struct pfr_table tbl; 2175 struct pf_anchor *ac = rs->anchor; 2176 2177 bzero(&tbl, sizeof(tbl)); 2178 strlcpy(tbl.pfrt_name, name, sizeof(tbl.pfrt_name)); 2179 if (ac != NULL) |
| 2185 strlcpy(tbl.pfrt_anchor, ac->name, sizeof(tbl.pfrt_anchor)); | 2180 strlcpy(tbl.pfrt_anchor, ac->path, sizeof(tbl.pfrt_anchor)); |
| 2186 kt = pfr_lookup_table(&tbl); 2187 if (kt == NULL) { 2188 kt = pfr_create_ktable(&tbl, time_second, 1); 2189 if (kt == NULL) 2190 return (NULL); 2191 if (ac != NULL) { 2192 bzero(tbl.pfrt_anchor, sizeof(tbl.pfrt_anchor)); 2193 rt = pfr_lookup_table(&tbl); --- 171 unchanged lines hidden --- | 2181 kt = pfr_lookup_table(&tbl); 2182 if (kt == NULL) { 2183 kt = pfr_create_ktable(&tbl, time_second, 1); 2184 if (kt == NULL) 2185 return (NULL); 2186 if (ac != NULL) { 2187 bzero(tbl.pfrt_anchor, sizeof(tbl.pfrt_anchor)); 2188 rt = pfr_lookup_table(&tbl); --- 171 unchanged lines hidden --- |