1/* $FreeBSD$ */ 2 3/* 4 * Copyright (C) 2012 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 */ 9 10#include <sys/param.h> 11#include <sys/systm.h> 12#include <sys/conf.h> 13#include <sys/proc.h> 14#include <sys/ioctl.h> 15#include <sys/kernel.h> 16#include <sys/mbuf.h> 17#include <sys/exec.h> 18#include <sys/socket.h> 19#include <net/if.h> 20#include <netinet/in_systm.h> 21#include <netinet/in.h> 22#include <netinet/ip.h> 23#include <net/route.h> 24#include <netinet/ip_var.h> 25#include <netinet/tcp.h> 26#include <netinet/tcpip.h> 27#include <sys/lkm.h> 28#include "ip_compat.h" 29#include "ip_fil.h" 30#include "ip_rules.h" 31 32 33#ifdef IPFILTER_LKM 34 35static int ipfruleaction __P((struct lkm_table *, int)); 36 37int ipfrule __P((struct lkm_table *, int, int)); 38 39 40MOD_MISC("IPFilter Rules"); 41 42int ipfrule(lkmtp, cmd, ver) 43 struct lkm_table *lkmtp; 44 int cmd, ver; 45{ 46 DISPATCH(lkmtp, cmd, ver, ipfruleaction, ipfruleaction, ipfruleaction); 47} 48 49int lkmexists __P((struct lkm_table *)); /* defined in /sys/kern/kern_lkm.c */ 50 51static int ipfruleaction(lkmtp, cmd) 52 struct lkm_table *lkmtp; 53 int cmd; 54{ 55 int err = 0; 56 57 switch (cmd) 58 { 59 case LKM_E_LOAD : 60 if (lkmexists(lkmtp)) 61 return EEXIST; 62 63 err = ipfrule_add(); 64 if (!err) 65 ipf_refcnt++; 66 break; 67 case LKM_E_UNLOAD : 68 err = ipfrule_remove(); 69 if (!err) 70 ipf_refcnt--; 71 break; 72 case LKM_E_STAT : 73 break; 74 default: 75 err = EIO; 76 break; 77 } 78 return err; 79} 80#endif /* IPFILTER_LKM */ 81