1/* 2 * Copyright (C) 2012 by Darren Reed. 3 * 4 * See the IPFILTER.LICENCE file for details on licencing. 5 * 6 * @(#)ip_compat.h 1.8 1/14/96 7 * $FreeBSD$ 8 * Id: ip_compat.h,v 2.142.2.57 2007/10/10 09:51:42 darrenr Exp $ 9 */ 10 11#ifndef __IP_COMPAT_H__ 12#define __IP_COMPAT_H__ 13 14#ifndef __P 15# ifdef __STDC__ 16# define __P(x) x 17# else 18# define __P(x) () 19# endif 20#endif 21#ifndef __STDC__ 22# undef const 23# define const 24#endif 25 26#if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__) 27# undef KERNEL 28# undef _KERNEL 29# undef __KERNEL__ 30# define KERNEL 31# define _KERNEL 32# define __KERNEL__ 33#endif 34 35#define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4))) 36#if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \ 37 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6) 38# define USE_INET6 39#endif 40 41 42#if defined(__SVR4) || defined(__svr4__) || defined(__sgi) 43# define index strchr 44# if !defined(_KERNEL) 45# define bzero(a,b) memset(a,0,b) 46# define bcmp memcmp 47# define bcopy(a,b,c) memmove(b,a,c) 48# endif 49#endif 50 51#ifndef LIFNAMSIZ 52# ifdef IF_NAMESIZE 53# define LIFNAMSIZ IF_NAMESIZE 54# else 55# ifdef IFNAMSIZ 56# define LIFNAMSIZ IFNAMSIZ 57# else 58# define LIFNAMSIZ 16 59# endif 60# endif 61#endif 62 63#if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux) 64struct ether_addr { 65 u_char ether_addr_octet[6]; 66}; 67#endif 68 69# ifdef __STDC__ 70# define IPL_EXTERN(ep) ipl##ep 71# else 72# define IPL_EXTERN(ep) ipl/**/ep 73# endif 74 75/* 76 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD. 77 */ 78# ifndef _KERNEL 79# define ADD_KERNEL 80# define _KERNEL 81# define KERNEL 82# endif 83# include <sys/uio.h> 84# ifdef ADD_KERNEL 85# undef _KERNEL 86# undef KERNEL 87# endif 88 89#define NETBSD_GE_REV(x) (defined(__NetBSD_Version__) && \ 90 (__NetBSD_Version__ >= (x))) 91#define NETBSD_GT_REV(x) (defined(__NetBSD_Version__) && \ 92 (__NetBSD_Version__ > (x))) 93#define NETBSD_LT_REV(x) (defined(__NetBSD_Version__) && \ 94 (__NetBSD_Version__ < (x))) 95#define FREEBSD_GE_REV(x) (defined(__FreeBSD_version) && \ 96 (__FreeBSD_version >= (x))) 97#define FREEBSD_GT_REV(x) (defined(__FreeBSD_version) && \ 98 (__FreeBSD_version > (x))) 99#define FREEBSD_LT_REV(x) (defined(__FreeBSD_version) && \ 100 (__FreeBSD_version < (x))) 101#define BSDOS_GE_REV(x) (defined(_BSDI_VERSION) && \ 102 (_BSDI_VERSION >= (x))) 103#define BSDOS_GT_REV(x) (defined(_BSDI_VERSION) && \ 104 (_BSDI_VERSION > (x))) 105#define BSDOS_LT_REV(x) (defined(_BSDI_VERSION) && \ 106 (_BSDI_VERSION < (x))) 107#define OPENBSD_GE_REV(x) (defined(OpenBSD) && (OpenBSD >= (x))) 108#define OPENBSD_GT_REV(x) (defined(OpenBSD) && (OpenBSD > (x))) 109#define OPENBSD_LT_REV(x) (defined(OpenBSD) && (OpenBSD < (x))) 110#define BSD_GE_YEAR(x) (defined(BSD) && (BSD >= (x))) 111#define BSD_GT_YEAR(x) (defined(BSD) && (BSD > (x))) 112#define BSD_LT_YEAR(x) (defined(BSD) && (BSD < (x))) 113 114 115/* ----------------------------------------------------------------------- */ 116/* F R E E B S D */ 117/* ----------------------------------------------------------------------- */ 118# define HAS_SYS_MD5_H 1 119# if defined(_KERNEL) 120# include "opt_bpf.h" 121# include "opt_inet6.h" 122# if defined(INET6) && !defined(USE_INET6) 123# define USE_INET6 124# endif 125# endif 126 127# if defined(_KERNEL) 128# include <netinet/ip_var.h> 129# define p_cred td_ucred 130# define p_uid td_ucred->cr_ruid 131 132/* 133 * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy. 134 * There may be other, safe, kernels but this is not extensively tested yet. 135 */ 136# define HAVE_M_PULLDOWN 137# if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000) 138# include "opt_ipfilter.h" 139# endif 140# define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 141# define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 142 143# define NETBSD_PF 144# else 145# include <inttypes.h> 146# endif /* _KERNEL */ 147 148# include <sys/selinfo.h> 149# include <sys/mutex.h> 150# define KRWLOCK_FILL_SZ 56 151# define KMUTEX_FILL_SZ 56 152# include <sys/rwlock.h> 153# define KMUTEX_T struct mtx 154# define KRWLOCK_T struct rwlock 155# ifdef _KERNEL 156# define READ_ENTER(x) rw_rlock(&(x)->ipf_lk) 157# define WRITE_ENTER(x) rw_wlock(&(x)->ipf_lk) 158# define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk) 159# define RWLOCK_INIT(x,y) rw_init(&(x)->ipf_lk, (y)) 160# define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk) 161# define RWLOCK_EXIT(x) do { \ 162 if (rw_wowned(&(x)->ipf_lk)) \ 163 rw_wunlock(&(x)->ipf_lk); \ 164 else \ 165 rw_runlock(&(x)->ipf_lk); \ 166 } while (0) 167# endif 168 169# include <net/if_var.h> 170# define IFNAME(x) ((struct ifnet *)x)->if_xname 171# define COPYIFNAME(v, x, b) \ 172 (void) strncpy(b, \ 173 ((struct ifnet *)x)->if_xname, \ 174 LIFNAMSIZ) 175 176# ifdef _KERNEL 177# define GETKTIME(x) microtime((struct timeval *)x) 178 179# include <netinet/in_systm.h> 180# include <netinet/ip.h> 181# include <machine/in_cksum.h> 182 183# define USE_MUTEXES 184# define MUTEX_ENTER(x) mtx_lock(&(x)->ipf_lk) 185# define MUTEX_EXIT(x) mtx_unlock(&(x)->ipf_lk) 186# define MUTEX_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\ 187 MTX_DEF) 188# define MUTEX_DESTROY(x) mtx_destroy(&(x)->ipf_lk) 189# define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 190/* 191 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface 192 * for what we want to use them for, despite testing showing they work - 193 * with a WITNESS kernel, it generates LOR messages. 194 */ 195# include <machine/atomic.h> 196# define ATOMIC_INC(x) { mtx_lock(&softc->ipf_rw.ipf_lk); (x)++; \ 197 mtx_unlock(&softc->ipf_rw.ipf_lk); } 198# define ATOMIC_DEC(x) { mtx_lock(&softc->ipf_rw.ipf_lk); (x)--; \ 199 mtx_unlock(&softc->ipf_rw.ipf_lk); } 200# define ATOMIC_INCL(x) atomic_add_long(&(x), 1) 201# define ATOMIC_INC64(x) ATOMIC_INC(x) 202# define ATOMIC_INC32(x) atomic_add_32((u_int *)&(x), 1) 203# define ATOMIC_DECL(x) atomic_add_long(&(x), -1) 204# define ATOMIC_DEC64(x) ATOMIC_DEC(x) 205# define ATOMIC_DEC32(x) atomic_add_32((u_int *)&(x), -1) 206# define SPL_X(x) ; 207# define SPL_NET(x) ; 208# define SPL_IMP(x) ; 209# define SPL_SCHED(x) ; 210# define GET_MINOR dev2unit 211# define MSGDSIZE(m) mbufchainlen(m) 212# define M_LEN(m) (m)->m_len 213# define M_ADJ(m,x) m_adj(m, x) 214# define M_COPY(x) m_copy((x), 0, M_COPYALL) 215# define M_DUP(m) m_dup(m, M_NOWAIT) 216# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 217typedef struct mbuf mb_t; 218# endif /* _KERNEL */ 219 220 221typedef u_long ioctlcmd_t; 222typedef struct uio uio_t; 223typedef int minor_t; 224typedef u_int32_t u_32_t; 225# define U_32_T 1 226 227 228/* ----------------------------------------------------------------------- */ 229/* G E N E R I C */ 230/* ----------------------------------------------------------------------- */ 231 232/* 233 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in 234 * filter rules. 235 */ 236#if !defined(IPFILTER_BPF) 237# if (defined(NBPF) && (NBPF > 0)) || (defined(DEV_BPF) && (DEV_BPF > 0)) || \ 238 (defined(NBPFILTER) && (NBPFILTER > 0)) 239# define IPFILTER_BPF 240# endif 241#endif 242 243/* 244 * Userland locking primitives 245 */ 246#ifndef _KERNEL 247#if !defined(KMUTEX_FILL_SZ) 248# define KMUTEX_FILL_SZ 1 249#endif 250#if !defined(KRWLOCK_FILL_SZ) 251# define KRWLOCK_FILL_SZ 1 252#endif 253#endif 254 255typedef struct { 256 char *eMm_owner; 257 char *eMm_heldin; 258 u_int eMm_magic; 259 int eMm_held; 260 int eMm_heldat; 261} eMmutex_t; 262 263typedef struct { 264 char *eMrw_owner; 265 char *eMrw_heldin; 266 u_int eMrw_magic; 267 short eMrw_read; 268 short eMrw_write; 269 int eMrw_heldat; 270} eMrwlock_t; 271 272typedef union { 273 char _fill[KMUTEX_FILL_SZ]; 274#ifdef KMUTEX_T 275 struct { 276 KMUTEX_T ipf_slk; 277 const char *ipf_lname; 278 } ipf_lkun_s; 279#endif 280 eMmutex_t ipf_emu; 281} ipfmutex_t; 282 283typedef union { 284 char _fill[KRWLOCK_FILL_SZ]; 285#ifdef KRWLOCK_T 286 struct { 287 KRWLOCK_T ipf_slk; 288 const char *ipf_lname; 289 int ipf_sr; 290 int ipf_sw; 291 u_int ipf_magic; 292 } ipf_lkun_s; 293#endif 294 eMrwlock_t ipf_emu; 295} ipfrwlock_t; 296 297#define ipf_lk ipf_lkun_s.ipf_slk 298#define ipf_lname ipf_lkun_s.ipf_lname 299#define ipf_isr ipf_lkun_s.ipf_sr 300#define ipf_isw ipf_lkun_s.ipf_sw 301#define ipf_magic ipf_lkun_s.ipf_magic 302 303#if !defined(__GNUC__) || \ 304 (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000)) 305# ifndef INLINE 306# define INLINE 307# endif 308#else 309# define INLINE __inline__ 310#endif 311 312#if defined(__FreeBSD_version) && defined(_KERNEL) 313 CTASSERT(sizeof(ipfrwlock_t) == KRWLOCK_FILL_SZ); 314 CTASSERT(sizeof(ipfmutex_t) == KMUTEX_FILL_SZ); 315#endif 316 317 318/* 319 * In a non-kernel environment, there are a lot of macros that need to be 320 * filled in to be null-ops or to point to some compatibility function, 321 * somewhere in userland. 322 */ 323#ifndef _KERNEL 324typedef struct mb_s { 325 struct mb_s *mb_next; 326 char *mb_data; 327 void *mb_ifp; 328 int mb_len; 329 int mb_flags; 330 u_long mb_buf[2048]; 331} mb_t; 332# undef m_next 333# define m_next mb_next 334# undef m_len 335# define m_len mb_len 336# undef m_flags 337# define m_flags mb_flags 338# undef m_data 339# define m_data mb_data 340# undef M_MCAST 341# define M_MCAST 0x01 342# undef M_BCAST 343# define M_BCAST 0x02 344# undef M_MBCAST 345# define M_MBCAST 0x04 346# define MSGDSIZE(m) msgdsize(m) 347# define M_LEN(m) (m)->mb_len 348# define M_ADJ(m,x) (m)->mb_len += x 349# define M_COPY(m) dupmbt(m) 350# define M_DUP(m) dupmbt(m) 351# define GETKTIME(x) gettimeofday((struct timeval *)(x), NULL) 352# define MTOD(m, t) ((t)(m)->mb_data) 353# define FREE_MB_T(m) freembt(m) 354# define ALLOC_MB_T(m,l) (m) = allocmbt(l) 355# define PREP_MB_T(f, m) do { \ 356 (m)->mb_next = *(f)->fin_mp; \ 357 *(fin)->fin_mp = (m); \ 358 (f)->fin_m = (m); \ 359 } while (0) 360# define SLEEP(x,y) 1; 361# define WAKEUP(x,y) ; 362# define POLLWAKEUP(y) ; 363# define IPF_PANIC(x,y) ; 364# define PANIC(x,y) ; 365# define SPL_SCHED(x) ; 366# define SPL_NET(x) ; 367# define SPL_IMP(x) ; 368# define SPL_X(x) ; 369# define KMALLOC(a,b) (a) = (b)malloc(sizeof(*a)) 370# define KMALLOCS(a,b,c) (a) = (b)malloc(c) 371# define KFREE(x) free(x) 372# define KFREES(x,s) free(x) 373# define GETIFP(x, v) get_unit(x,v) 374# define GETIFMTU_4(x) 2048 375# define GETIFMTU_6(x) 2048 376# define COPYIN(a,b,c) bcopywrap((a), (b), (c)) 377# define COPYOUT(a,b,c) bcopywrap((a), (b), (c)) 378# define COPYDATA(m, o, l, b) bcopy(MTOD((mb_t *)m, char *) + (o), \ 379 (b), (l)) 380# define COPYBACK(m, o, l, b) bcopy((b), \ 381 MTOD((mb_t *)m, char *) + (o), \ 382 (l)) 383# define UIOMOVE(a,b,c,d) ipfuiomove((caddr_t)a,b,c,d) 384extern void m_copydata __P((mb_t *, int, int, caddr_t)); 385extern int ipfuiomove __P((caddr_t, int, int, struct uio *)); 386extern int bcopywrap __P((void *, void *, size_t)); 387extern mb_t *allocmbt __P((size_t)); 388extern mb_t *dupmbt __P((mb_t *)); 389extern void freembt __P((mb_t *)); 390 391# define MUTEX_DESTROY(x) eMmutex_destroy(&(x)->ipf_emu, \ 392 __FILE__, __LINE__) 393# define MUTEX_ENTER(x) eMmutex_enter(&(x)->ipf_emu, \ 394 __FILE__, __LINE__) 395# define MUTEX_EXIT(x) eMmutex_exit(&(x)->ipf_emu, \ 396 __FILE__, __LINE__) 397# define MUTEX_INIT(x,y) eMmutex_init(&(x)->ipf_emu, y, \ 398 __FILE__, __LINE__) 399# define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 400 401# define MUTEX_DOWNGRADE(x) eMrwlock_downgrade(&(x)->ipf_emu, \ 402 __FILE__, __LINE__) 403# define READ_ENTER(x) eMrwlock_read_enter(&(x)->ipf_emu, \ 404 __FILE__, __LINE__) 405# define RWLOCK_INIT(x, y) eMrwlock_init(&(x)->ipf_emu, y) 406# define RWLOCK_EXIT(x) eMrwlock_exit(&(x)->ipf_emu) 407# define RW_DESTROY(x) eMrwlock_destroy(&(x)->ipf_emu) 408# define WRITE_ENTER(x) eMrwlock_write_enter(&(x)->ipf_emu, \ 409 __FILE__, \ 410 __LINE__) 411 412# define USE_MUTEXES 1 413 414extern void eMmutex_destroy __P((eMmutex_t *, char *, int)); 415extern void eMmutex_enter __P((eMmutex_t *, char *, int)); 416extern void eMmutex_exit __P((eMmutex_t *, char *, int)); 417extern void eMmutex_init __P((eMmutex_t *, char *, char *, int)); 418extern void eMrwlock_destroy __P((eMrwlock_t *)); 419extern void eMrwlock_exit __P((eMrwlock_t *)); 420extern void eMrwlock_init __P((eMrwlock_t *, char *)); 421extern void eMrwlock_read_enter __P((eMrwlock_t *, char *, int)); 422extern void eMrwlock_write_enter __P((eMrwlock_t *, char *, int)); 423extern void eMrwlock_downgrade __P((eMrwlock_t *, char *, int)); 424 425#endif 426 427extern mb_t *allocmbt(size_t); 428 429#define MAX_IPV4HDR ((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8) 430 431#ifndef IP_OFFMASK 432# define IP_OFFMASK 0x1fff 433#endif 434 435 436/* 437 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized 438 * object. 439 */ 440#if !defined(__amd64__) && BSD_GT_YEAR(199306) 441# define USE_QUAD_T 442# define U_QUAD_T unsigned long long 443# define QUAD_T long long 444#else /* BSD > 199306 */ 445# if !defined(U_QUAD_T) 446# define U_QUAD_T u_long 447# define QUAD_T long 448# endif 449#endif /* BSD > 199306 */ 450 451 452#ifdef USE_INET6 453# if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \ 454 defined(__osf__) || defined(linux) 455# include <netinet/ip6.h> 456# include <netinet/icmp6.h> 457# if defined(_KERNEL) && !defined(__osf__) 458# include <netinet6/ip6_var.h> 459# endif 460typedef struct ip6_hdr ip6_t; 461# endif 462#endif 463 464#ifndef MAX 465# define MAX(a,b) (((a) > (b)) ? (a) : (b)) 466#endif 467 468#if defined(_KERNEL) 469# if defined(MENTAT) && !defined(INSTANCES) 470# define COPYDATA mb_copydata 471# define COPYBACK mb_copyback 472# else 473# define COPYDATA m_copydata 474# define COPYBACK m_copyback 475# endif 476# if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \ 477 defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \ 478 defined(_BSDI_VERSION) 479# include <vm/vm.h> 480# endif 481# if !defined(__FreeBSD__) || FREEBSD_GE_REV(300000) 482# if NETBSD_GE_REV(105180000) || OPENBSD_GE_REV(200111) 483# include <uvm/uvm_extern.h> 484# else 485# include <vm/vm_extern.h> 486extern vm_map_t kmem_map; 487# endif 488# include <sys/proc.h> 489# else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */ 490# include <vm/vm_kern.h> 491# endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */ 492 493# ifdef IPFILTER_M_IPFILTER 494# include <sys/malloc.h> 495MALLOC_DECLARE(M_IPFILTER); 496# define _M_IPF M_IPFILTER 497# else /* IPFILTER_M_IPFILTER */ 498# ifdef M_PFIL 499# define _M_IPF M_PFIL 500# else 501# ifdef M_IPFILTER 502# define _M_IPF M_IPFILTER 503# else 504# define _M_IPF M_TEMP 505# endif /* M_IPFILTER */ 506# endif /* M_PFIL */ 507# endif /* IPFILTER_M_IPFILTER */ 508# if !defined(KMALLOC) 509# define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), _M_IPF, M_NOWAIT) 510# endif 511# if !defined(KMALLOCS) 512# define KMALLOCS(a, b, c) MALLOC((a), b, (c), _M_IPF, M_NOWAIT) 513# endif 514# if !defined(KFREE) 515# define KFREE(x) FREE((x), _M_IPF) 516# endif 517# if !defined(KFREES) 518# define KFREES(x,s) FREE((x), _M_IPF) 519# endif 520# define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,d) 521# define SLEEP(id, n) tsleep((id), PPAUSE|PCATCH, n, 0) 522# define WAKEUP(id,x) wakeup(id+x) 523# if !defined(POLLWAKEUP) 524# define POLLWAKEUP(x) selwakeup(softc->ipf_selwait+x) 525# endif 526# define GETIFP(n, v) ifunit(n) 527# define GETIFMTU_4(x) ((struct ifnet *)x)->if_mtu 528# define GETIFMTU_6(x) ((struct ifnet *)x)->if_mtu 529 530# if !defined(USE_MUTEXES) && !defined(SPL_NET) 531# define SPL_IMP(x) x = splimp() 532# define SPL_NET(x) x = splnet() 533# if !defined(SPL_SCHED) 534# define SPL_SCHED(x) x = splsched() 535# endif 536# define SPL_X(x) (void) splx(x) 537# endif /* !USE_MUTEXES */ 538 539# ifndef FREE_MB_T 540# define FREE_MB_T(m) m_freem(m) 541# endif 542# ifndef ALLOC_MB_T 543# ifdef MGETHDR 544# define ALLOC_MB_T(m,l) do { \ 545 MGETHDR((m), M_DONTWAIT, MT_HEADER); \ 546 if ((m) != NULL) { \ 547 (m)->m_len = (l); \ 548 (m)->m_pkthdr.len = (l); \ 549 } \ 550 } while (0) 551# else 552# define ALLOC_MB_T(m,l) do { \ 553 MGET((m), M_DONTWAIT, MT_HEADER); \ 554 if ((m) != NULL) { \ 555 (m)->m_len = (l); \ 556 (m)->m_pkthdr.len = (l); \ 557 } \ 558 } while (0) 559# endif 560# endif 561# ifndef PREP_MB_T 562# define PREP_MB_T(f, m) do { \ 563 mb_t *_o = *(f)->fin_mp; \ 564 (m)->m_next = _o; \ 565 *(fin)->fin_mp = (m); \ 566 if (_o->m_flags & M_PKTHDR) { \ 567 (m)->m_pkthdr.len += \ 568 _o->m_pkthdr.len; \ 569 (m)->m_pkthdr.rcvif = \ 570 _o->m_pkthdr.rcvif; \ 571 } \ 572 } while (0) 573# endif 574# ifndef M_DUP 575# ifdef M_COPYALL 576# define M_DUP(m) m_dup(m, 0, M_COPYALL, 0) 577# else 578# define M_DUP(m) m_dup(m) 579# endif 580# endif 581 582# ifndef MTOD 583# define MTOD(m,t) mtod(m,t) 584# endif 585 586# ifndef COPYIN 587# define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 588# define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 589# endif 590 591# ifndef KMALLOC 592# define KMALLOC(a,b) (a) = (b)new_kmem_alloc(sizeof(*(a)), \ 593 KMEM_NOSLEEP) 594# define KMALLOCS(a,b,c) (a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP) 595# endif 596 597# ifndef GET_MINOR 598# define GET_MINOR(x) dev2unit(x) 599# endif 600# define PANIC(x,y) if (x) panic y 601#endif /* _KERNEL */ 602 603#if !defined(IFNAME) && !defined(_KERNEL) 604# define IFNAME(x) get_ifname((struct ifnet *)x) 605#endif 606#ifndef COPYIFNAME 607# define NEED_FRGETIFNAME 608extern char *ipf_getifname __P((struct ifnet *, char *)); 609# define COPYIFNAME(v, x, b) \ 610 ipf_getifname((struct ifnet *)x, b) 611#endif 612 613#ifndef ASSERT 614# ifdef _KERNEL 615# define ASSERT(x) 616# else 617# define ASSERT(x) do { if (!(x)) abort(); } while (0) 618# endif 619#endif 620 621#ifndef BCOPYIN 622# define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 623# define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 624#endif 625 626/* 627 * Because the ctype(3) posix definition, if used "safely" in code everywhere, 628 * would mean all normal code that walks through strings needed casts. Yuck. 629 */ 630#define ISALNUM(x) isalnum((u_char)(x)) 631#define ISALPHA(x) isalpha((u_char)(x)) 632#define ISDIGIT(x) isdigit((u_char)(x)) 633#define ISSPACE(x) isspace((u_char)(x)) 634#define ISUPPER(x) isupper((u_char)(x)) 635#define ISXDIGIT(x) isxdigit((u_char)(x)) 636#define ISLOWER(x) islower((u_char)(x)) 637#define TOUPPER(x) toupper((u_char)(x)) 638#define TOLOWER(x) tolower((u_char)(x)) 639 640/* 641 * If mutexes aren't being used, turn all the mutex functions into null-ops. 642 */ 643#if !defined(USE_MUTEXES) 644# define USE_SPL 1 645# undef RW_DESTROY 646# undef MUTEX_INIT 647# undef MUTEX_NUKE 648# undef MUTEX_DESTROY 649# define MUTEX_ENTER(x) ; 650# define READ_ENTER(x) ; 651# define WRITE_ENTER(x) ; 652# define MUTEX_DOWNGRADE(x) ; 653# define RWLOCK_INIT(x, y) ; 654# define RWLOCK_EXIT(x) ; 655# define RW_DESTROY(x) ; 656# define MUTEX_EXIT(x) ; 657# define MUTEX_INIT(x,y) ; 658# define MUTEX_DESTROY(x) ; 659# define MUTEX_NUKE(x) ; 660#endif /* !USE_MUTEXES */ 661#ifndef ATOMIC_INC 662# define ATOMIC_INC(x) (x)++ 663# define ATOMIC_DEC(x) (x)-- 664#endif 665 666#if defined(USE_SPL) && defined(_KERNEL) 667# define SPL_INT(x) int x 668#else 669# define SPL_INT(x) 670#endif 671 672/* 673 * If there are no atomic operations for bit sizes defined, define them to all 674 * use a generic one that works for all sizes. 675 */ 676#ifndef ATOMIC_INCL 677# define ATOMIC_INCL ATOMIC_INC 678# define ATOMIC_INC64 ATOMIC_INC 679# define ATOMIC_INC32 ATOMIC_INC 680# define ATOMIC_DECL ATOMIC_DEC 681# define ATOMIC_DEC64 ATOMIC_DEC 682# define ATOMIC_DEC32 ATOMIC_DEC 683#endif 684 685#ifndef HDR_T_PRIVATE 686typedef struct tcphdr tcphdr_t; 687typedef struct udphdr udphdr_t; 688#endif 689typedef struct icmp icmphdr_t; 690typedef struct ip ip_t; 691typedef struct ether_header ether_header_t; 692typedef struct tcpiphdr tcpiphdr_t; 693 694#ifndef FR_GROUPLEN 695# define FR_GROUPLEN 16 696#endif 697 698#ifndef offsetof 699# define offsetof(t,m) (size_t)((&((t *)0L)->m)) 700#endif 701#ifndef stsizeof 702# define stsizeof(t,m) sizeof(((t *)0L)->m) 703#endif 704 705/* 706 * This set of macros has been brought about because on Tru64 it is not 707 * possible to easily assign or examine values in a structure that are 708 * bit fields. 709 */ 710#ifndef IP_V 711# define IP_V(x) (x)->ip_v 712#endif 713#ifndef IP_V_A 714# define IP_V_A(x,y) (x)->ip_v = (y) 715#endif 716#ifndef IP_HL 717# define IP_HL(x) (x)->ip_hl 718#endif 719#ifndef IP_HL_A 720# define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf) 721#endif 722#ifndef TCP_X2 723# define TCP_X2(x) (x)->th_x2 724#endif 725#ifndef TCP_X2_A 726# define TCP_X2_A(x,y) (x)->th_x2 = (y) 727#endif 728#ifndef TCP_OFF 729# define TCP_OFF(x) (x)->th_off 730#endif 731#ifndef TCP_OFF_A 732# define TCP_OFF_A(x,y) (x)->th_off = (y) 733#endif 734#define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h))) 735 736 737/* 738 * XXX - This is one of those *awful* hacks which nobody likes 739 */ 740#ifdef ultrix 741#define A_A 742#else 743#define A_A & 744#endif 745 746#define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\ 747 TH_ECN|TH_CWR) 748 749#if BSD_GE_YEAR(199306) && !defined(m_act) 750# define m_act m_nextpkt 751#endif 752 753/* 754 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108. 755 * 756 * Basic Option 757 * 758 * 00000001 - (Reserved 4) 759 * 00111101 - Top Secret 760 * 01011010 - Secret 761 * 10010110 - Confidential 762 * 01100110 - (Reserved 3) 763 * 11001100 - (Reserved 2) 764 * 10101011 - Unclassified 765 * 11110001 - (Reserved 1) 766 */ 767#define IPSO_CLASS_RES4 0x01 768#define IPSO_CLASS_TOPS 0x3d 769#define IPSO_CLASS_SECR 0x5a 770#define IPSO_CLASS_CONF 0x96 771#define IPSO_CLASS_RES3 0x66 772#define IPSO_CLASS_RES2 0xcc 773#define IPSO_CLASS_UNCL 0xab 774#define IPSO_CLASS_RES1 0xf1 775 776#define IPSO_AUTH_GENSER 0x80 777#define IPSO_AUTH_ESI 0x40 778#define IPSO_AUTH_SCI 0x20 779#define IPSO_AUTH_NSA 0x10 780#define IPSO_AUTH_DOE 0x08 781#define IPSO_AUTH_UN 0x06 782#define IPSO_AUTH_FTE 0x01 783 784/* 785 * IP option #defines 786 */ 787#undef IPOPT_RR 788#define IPOPT_RR 7 789#undef IPOPT_ZSU 790#define IPOPT_ZSU 10 /* ZSU */ 791#undef IPOPT_MTUP 792#define IPOPT_MTUP 11 /* MTUP */ 793#undef IPOPT_MTUR 794#define IPOPT_MTUR 12 /* MTUR */ 795#undef IPOPT_ENCODE 796#define IPOPT_ENCODE 15 /* ENCODE */ 797#undef IPOPT_TS 798#define IPOPT_TS 68 799#undef IPOPT_TR 800#define IPOPT_TR 82 /* TR */ 801#undef IPOPT_SECURITY 802#define IPOPT_SECURITY 130 803#undef IPOPT_LSRR 804#define IPOPT_LSRR 131 805#undef IPOPT_E_SEC 806#define IPOPT_E_SEC 133 /* E-SEC */ 807#undef IPOPT_CIPSO 808#define IPOPT_CIPSO 134 /* CIPSO */ 809#undef IPOPT_SATID 810#define IPOPT_SATID 136 811#ifndef IPOPT_SID 812# define IPOPT_SID IPOPT_SATID 813#endif 814#undef IPOPT_SSRR 815#define IPOPT_SSRR 137 816#undef IPOPT_ADDEXT 817#define IPOPT_ADDEXT 147 /* ADDEXT */ 818#undef IPOPT_VISA 819#define IPOPT_VISA 142 /* VISA */ 820#undef IPOPT_IMITD 821#define IPOPT_IMITD 144 /* IMITD */ 822#undef IPOPT_EIP 823#define IPOPT_EIP 145 /* EIP */ 824#undef IPOPT_RTRALRT 825#define IPOPT_RTRALRT 148 /* RTRALRT */ 826#undef IPOPT_SDB 827#define IPOPT_SDB 149 828#undef IPOPT_NSAPA 829#define IPOPT_NSAPA 150 830#undef IPOPT_DPS 831#define IPOPT_DPS 151 832#undef IPOPT_UMP 833#define IPOPT_UMP 152 834#undef IPOPT_FINN 835#define IPOPT_FINN 205 /* FINN */ 836#undef IPOPT_AH 837#define IPOPT_AH 256+IPPROTO_AH 838 839#ifndef TCPOPT_EOL 840# define TCPOPT_EOL 0 841#endif 842#ifndef TCPOPT_NOP 843# define TCPOPT_NOP 1 844#endif 845#ifndef TCPOPT_MAXSEG 846# define TCPOPT_MAXSEG 2 847#endif 848#ifndef TCPOLEN_MAXSEG 849# define TCPOLEN_MAXSEG 4 850#endif 851#ifndef TCPOPT_WINDOW 852# define TCPOPT_WINDOW 3 853#endif 854#ifndef TCPOLEN_WINDOW 855# define TCPOLEN_WINDOW 3 856#endif 857#ifndef TCPOPT_SACK_PERMITTED 858# define TCPOPT_SACK_PERMITTED 4 859#endif 860#ifndef TCPOLEN_SACK_PERMITTED 861# define TCPOLEN_SACK_PERMITTED 2 862#endif 863#ifndef TCPOPT_SACK 864# define TCPOPT_SACK 5 865#endif 866#ifndef TCPOPT_TIMESTAMP 867# define TCPOPT_TIMESTAMP 8 868#endif 869 870#ifndef ICMP_MINLEN 871# define ICMP_MINLEN 8 872#endif 873#ifndef ICMP_ECHOREPLY 874# define ICMP_ECHOREPLY 0 875#endif 876#ifndef ICMP_UNREACH 877# define ICMP_UNREACH 3 878#endif 879#ifndef ICMP_UNREACH_NET 880# define ICMP_UNREACH_NET 0 881#endif 882#ifndef ICMP_UNREACH_HOST 883# define ICMP_UNREACH_HOST 1 884#endif 885#ifndef ICMP_UNREACH_PROTOCOL 886# define ICMP_UNREACH_PROTOCOL 2 887#endif 888#ifndef ICMP_UNREACH_PORT 889# define ICMP_UNREACH_PORT 3 890#endif 891#ifndef ICMP_UNREACH_NEEDFRAG 892# define ICMP_UNREACH_NEEDFRAG 4 893#endif 894#ifndef ICMP_UNREACH_SRCFAIL 895# define ICMP_UNREACH_SRCFAIL 5 896#endif 897#ifndef ICMP_UNREACH_NET_UNKNOWN 898# define ICMP_UNREACH_NET_UNKNOWN 6 899#endif 900#ifndef ICMP_UNREACH_HOST_UNKNOWN 901# define ICMP_UNREACH_HOST_UNKNOWN 7 902#endif 903#ifndef ICMP_UNREACH_ISOLATED 904# define ICMP_UNREACH_ISOLATED 8 905#endif 906#ifndef ICMP_UNREACH_NET_PROHIB 907# define ICMP_UNREACH_NET_PROHIB 9 908#endif 909#ifndef ICMP_UNREACH_HOST_PROHIB 910# define ICMP_UNREACH_HOST_PROHIB 10 911#endif 912#ifndef ICMP_UNREACH_TOSNET 913# define ICMP_UNREACH_TOSNET 11 914#endif 915#ifndef ICMP_UNREACH_TOSHOST 916# define ICMP_UNREACH_TOSHOST 12 917#endif 918#ifndef ICMP_UNREACH_ADMIN_PROHIBIT 919# define ICMP_UNREACH_ADMIN_PROHIBIT 13 920#endif 921#ifndef ICMP_UNREACH_FILTER 922# define ICMP_UNREACH_FILTER 13 923#endif 924#ifndef ICMP_UNREACH_HOST_PRECEDENCE 925# define ICMP_UNREACH_HOST_PRECEDENCE 14 926#endif 927#ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 928# define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 929#endif 930#ifndef ICMP_SOURCEQUENCH 931# define ICMP_SOURCEQUENCH 4 932#endif 933#ifndef ICMP_REDIRECT_NET 934# define ICMP_REDIRECT_NET 0 935#endif 936#ifndef ICMP_REDIRECT_HOST 937# define ICMP_REDIRECT_HOST 1 938#endif 939#ifndef ICMP_REDIRECT_TOSNET 940# define ICMP_REDIRECT_TOSNET 2 941#endif 942#ifndef ICMP_REDIRECT_TOSHOST 943# define ICMP_REDIRECT_TOSHOST 3 944#endif 945#ifndef ICMP_ALTHOSTADDR 946# define ICMP_ALTHOSTADDR 6 947#endif 948#ifndef ICMP_TIMXCEED 949# define ICMP_TIMXCEED 11 950#endif 951#ifndef ICMP_TIMXCEED_INTRANS 952# define ICMP_TIMXCEED_INTRANS 0 953#endif 954#ifndef ICMP_TIMXCEED_REASS 955# define ICMP_TIMXCEED_REASS 1 956#endif 957#ifndef ICMP_PARAMPROB 958# define ICMP_PARAMPROB 12 959#endif 960#ifndef ICMP_PARAMPROB_ERRATPTR 961# define ICMP_PARAMPROB_ERRATPTR 0 962#endif 963#ifndef ICMP_PARAMPROB_OPTABSENT 964# define ICMP_PARAMPROB_OPTABSENT 1 965#endif 966#ifndef ICMP_PARAMPROB_LENGTH 967# define ICMP_PARAMPROB_LENGTH 2 968#endif 969#ifndef ICMP_TSTAMP 970# define ICMP_TSTAMP 13 971#endif 972#ifndef ICMP_TSTAMPREPLY 973# define ICMP_TSTAMPREPLY 14 974#endif 975#ifndef ICMP_IREQ 976# define ICMP_IREQ 15 977#endif 978#ifndef ICMP_IREQREPLY 979# define ICMP_IREQREPLY 16 980#endif 981#ifndef ICMP_MASKREQ 982# define ICMP_MASKREQ 17 983#endif 984#ifndef ICMP_MASKREPLY 985# define ICMP_MASKREPLY 18 986#endif 987#ifndef ICMP_TRACEROUTE 988# define ICMP_TRACEROUTE 30 989#endif 990#ifndef ICMP_DATACONVERR 991# define ICMP_DATACONVERR 31 992#endif 993#ifndef ICMP_MOBILE_REDIRECT 994# define ICMP_MOBILE_REDIRECT 32 995#endif 996#ifndef ICMP_IPV6_WHEREAREYOU 997# define ICMP_IPV6_WHEREAREYOU 33 998#endif 999#ifndef ICMP_IPV6_IAMHERE 1000# define ICMP_IPV6_IAMHERE 34 1001#endif 1002#ifndef ICMP_MOBILE_REGREQUEST 1003# define ICMP_MOBILE_REGREQUEST 35 1004#endif 1005#ifndef ICMP_MOBILE_REGREPLY 1006# define ICMP_MOBILE_REGREPLY 36 1007#endif 1008#ifndef ICMP_SKIP 1009# define ICMP_SKIP 39 1010#endif 1011#ifndef ICMP_PHOTURIS 1012# define ICMP_PHOTURIS 40 1013#endif 1014#ifndef ICMP_PHOTURIS_UNKNOWN_INDEX 1015# define ICMP_PHOTURIS_UNKNOWN_INDEX 1 1016#endif 1017#ifndef ICMP_PHOTURIS_AUTH_FAILED 1018# define ICMP_PHOTURIS_AUTH_FAILED 2 1019#endif 1020#ifndef ICMP_PHOTURIS_DECRYPT_FAILED 1021# define ICMP_PHOTURIS_DECRYPT_FAILED 3 1022#endif 1023#ifndef IPVERSION 1024# define IPVERSION 4 1025#endif 1026#ifndef IPOPT_MINOFF 1027# define IPOPT_MINOFF 4 1028#endif 1029#ifndef IPOPT_COPIED 1030# define IPOPT_COPIED(x) ((x)&0x80) 1031#endif 1032#ifndef IPOPT_EOL 1033# define IPOPT_EOL 0 1034#endif 1035#ifndef IPOPT_NOP 1036# define IPOPT_NOP 1 1037#endif 1038#ifndef IP_MF 1039# define IP_MF ((u_short)0x2000) 1040#endif 1041#ifndef ETHERTYPE_IP 1042# define ETHERTYPE_IP ((u_short)0x0800) 1043#endif 1044#ifndef TH_FIN 1045# define TH_FIN 0x01 1046#endif 1047#ifndef TH_SYN 1048# define TH_SYN 0x02 1049#endif 1050#ifndef TH_RST 1051# define TH_RST 0x04 1052#endif 1053#ifndef TH_PUSH 1054# define TH_PUSH 0x08 1055#endif 1056#ifndef TH_ACK 1057# define TH_ACK 0x10 1058#endif 1059#ifndef TH_URG 1060# define TH_URG 0x20 1061#endif 1062#undef TH_ACKMASK 1063#define TH_ACKMASK (TH_FIN|TH_SYN|TH_RST|TH_ACK) 1064 1065#ifndef IPOPT_EOL 1066# define IPOPT_EOL 0 1067#endif 1068#ifndef IPOPT_NOP 1069# define IPOPT_NOP 1 1070#endif 1071#ifndef IPOPT_RR 1072# define IPOPT_RR 7 1073#endif 1074#ifndef IPOPT_TS 1075# define IPOPT_TS 68 1076#endif 1077#ifndef IPOPT_SECURITY 1078# define IPOPT_SECURITY 130 1079#endif 1080#ifndef IPOPT_LSRR 1081# define IPOPT_LSRR 131 1082#endif 1083#ifndef IPOPT_SATID 1084# define IPOPT_SATID 136 1085#endif 1086#ifndef IPOPT_SSRR 1087# define IPOPT_SSRR 137 1088#endif 1089#ifndef IPOPT_SECUR_UNCLASS 1090# define IPOPT_SECUR_UNCLASS ((u_short)0x0000) 1091#endif 1092#ifndef IPOPT_SECUR_CONFID 1093# define IPOPT_SECUR_CONFID ((u_short)0xf135) 1094#endif 1095#ifndef IPOPT_SECUR_EFTO 1096# define IPOPT_SECUR_EFTO ((u_short)0x789a) 1097#endif 1098#ifndef IPOPT_SECUR_MMMM 1099# define IPOPT_SECUR_MMMM ((u_short)0xbc4d) 1100#endif 1101#ifndef IPOPT_SECUR_RESTR 1102# define IPOPT_SECUR_RESTR ((u_short)0xaf13) 1103#endif 1104#ifndef IPOPT_SECUR_SECRET 1105# define IPOPT_SECUR_SECRET ((u_short)0xd788) 1106#endif 1107#ifndef IPOPT_SECUR_TOPSECRET 1108# define IPOPT_SECUR_TOPSECRET ((u_short)0x6bc5) 1109#endif 1110#ifndef IPOPT_OLEN 1111# define IPOPT_OLEN 1 1112#endif 1113#ifndef IPPROTO_HOPOPTS 1114# define IPPROTO_HOPOPTS 0 1115#endif 1116#ifndef IPPROTO_IPIP 1117# define IPPROTO_IPIP 4 1118#endif 1119#ifndef IPPROTO_ENCAP 1120# define IPPROTO_ENCAP 98 1121#endif 1122#ifndef IPPROTO_IPV6 1123# define IPPROTO_IPV6 41 1124#endif 1125#ifndef IPPROTO_ROUTING 1126# define IPPROTO_ROUTING 43 1127#endif 1128#ifndef IPPROTO_FRAGMENT 1129# define IPPROTO_FRAGMENT 44 1130#endif 1131#ifndef IPPROTO_GRE 1132# define IPPROTO_GRE 47 /* GRE encaps RFC 1701 */ 1133#endif 1134#ifndef IPPROTO_ESP 1135# define IPPROTO_ESP 50 1136#endif 1137#ifndef IPPROTO_AH 1138# define IPPROTO_AH 51 1139#endif 1140#ifndef IPPROTO_ICMPV6 1141# define IPPROTO_ICMPV6 58 1142#endif 1143#ifndef IPPROTO_NONE 1144# define IPPROTO_NONE 59 1145#endif 1146#ifndef IPPROTO_DSTOPTS 1147# define IPPROTO_DSTOPTS 60 1148#endif 1149#ifndef IPPROTO_MOBILITY 1150# define IPPROTO_MOBILITY 135 1151#endif 1152 1153#ifndef ICMP_ROUTERADVERT 1154# define ICMP_ROUTERADVERT 9 1155#endif 1156#ifndef ICMP_ROUTERSOLICIT 1157# define ICMP_ROUTERSOLICIT 10 1158#endif 1159#ifndef ICMP6_DST_UNREACH 1160# define ICMP6_DST_UNREACH 1 1161#endif 1162#ifndef ICMP6_PACKET_TOO_BIG 1163# define ICMP6_PACKET_TOO_BIG 2 1164#endif 1165#ifndef ICMP6_TIME_EXCEEDED 1166# define ICMP6_TIME_EXCEEDED 3 1167#endif 1168#ifndef ICMP6_PARAM_PROB 1169# define ICMP6_PARAM_PROB 4 1170#endif 1171 1172#ifndef ICMP6_ECHO_REQUEST 1173# define ICMP6_ECHO_REQUEST 128 1174#endif 1175#ifndef ICMP6_ECHO_REPLY 1176# define ICMP6_ECHO_REPLY 129 1177#endif 1178#ifndef ICMP6_MEMBERSHIP_QUERY 1179# define ICMP6_MEMBERSHIP_QUERY 130 1180#endif 1181#ifndef MLD6_LISTENER_QUERY 1182# define MLD6_LISTENER_QUERY 130 1183#endif 1184#ifndef ICMP6_MEMBERSHIP_REPORT 1185# define ICMP6_MEMBERSHIP_REPORT 131 1186#endif 1187#ifndef MLD6_LISTENER_REPORT 1188# define MLD6_LISTENER_REPORT 131 1189#endif 1190#ifndef ICMP6_MEMBERSHIP_REDUCTION 1191# define ICMP6_MEMBERSHIP_REDUCTION 132 1192#endif 1193#ifndef MLD6_LISTENER_DONE 1194# define MLD6_LISTENER_DONE 132 1195#endif 1196#ifndef ND_ROUTER_SOLICIT 1197# define ND_ROUTER_SOLICIT 133 1198#endif 1199#ifndef ND_ROUTER_ADVERT 1200# define ND_ROUTER_ADVERT 134 1201#endif 1202#ifndef ND_NEIGHBOR_SOLICIT 1203# define ND_NEIGHBOR_SOLICIT 135 1204#endif 1205#ifndef ND_NEIGHBOR_ADVERT 1206# define ND_NEIGHBOR_ADVERT 136 1207#endif 1208#ifndef ND_REDIRECT 1209# define ND_REDIRECT 137 1210#endif 1211#ifndef ICMP6_ROUTER_RENUMBERING 1212# define ICMP6_ROUTER_RENUMBERING 138 1213#endif 1214#ifndef ICMP6_WRUREQUEST 1215# define ICMP6_WRUREQUEST 139 1216#endif 1217#ifndef ICMP6_WRUREPLY 1218# define ICMP6_WRUREPLY 140 1219#endif 1220#ifndef ICMP6_FQDN_QUERY 1221# define ICMP6_FQDN_QUERY 139 1222#endif 1223#ifndef ICMP6_FQDN_REPLY 1224# define ICMP6_FQDN_REPLY 140 1225#endif 1226#ifndef ICMP6_NI_QUERY 1227# define ICMP6_NI_QUERY 139 1228#endif 1229#ifndef ICMP6_NI_REPLY 1230# define ICMP6_NI_REPLY 140 1231#endif 1232#ifndef MLD6_MTRACE_RESP 1233# define MLD6_MTRACE_RESP 200 1234#endif 1235#ifndef MLD6_MTRACE 1236# define MLD6_MTRACE 201 1237#endif 1238#ifndef ICMP6_HADISCOV_REQUEST 1239# define ICMP6_HADISCOV_REQUEST 202 1240#endif 1241#ifndef ICMP6_HADISCOV_REPLY 1242# define ICMP6_HADISCOV_REPLY 203 1243#endif 1244#ifndef ICMP6_MOBILEPREFIX_SOLICIT 1245# define ICMP6_MOBILEPREFIX_SOLICIT 204 1246#endif 1247#ifndef ICMP6_MOBILEPREFIX_ADVERT 1248# define ICMP6_MOBILEPREFIX_ADVERT 205 1249#endif 1250#ifndef ICMP6_MAXTYPE 1251# define ICMP6_MAXTYPE 205 1252#endif 1253 1254#ifndef ICMP6_DST_UNREACH_NOROUTE 1255# define ICMP6_DST_UNREACH_NOROUTE 0 1256#endif 1257#ifndef ICMP6_DST_UNREACH_ADMIN 1258# define ICMP6_DST_UNREACH_ADMIN 1 1259#endif 1260#ifndef ICMP6_DST_UNREACH_NOTNEIGHBOR 1261# define ICMP6_DST_UNREACH_NOTNEIGHBOR 2 1262#endif 1263#ifndef ICMP6_DST_UNREACH_BEYONDSCOPE 1264# define ICMP6_DST_UNREACH_BEYONDSCOPE 2 1265#endif 1266#ifndef ICMP6_DST_UNREACH_ADDR 1267# define ICMP6_DST_UNREACH_ADDR 3 1268#endif 1269#ifndef ICMP6_DST_UNREACH_NOPORT 1270# define ICMP6_DST_UNREACH_NOPORT 4 1271#endif 1272#ifndef ICMP6_TIME_EXCEED_TRANSIT 1273# define ICMP6_TIME_EXCEED_TRANSIT 0 1274#endif 1275#ifndef ICMP6_TIME_EXCEED_REASSEMBLY 1276# define ICMP6_TIME_EXCEED_REASSEMBLY 1 1277#endif 1278 1279#ifndef ICMP6_NI_SUCCESS 1280# define ICMP6_NI_SUCCESS 0 1281#endif 1282#ifndef ICMP6_NI_REFUSED 1283# define ICMP6_NI_REFUSED 1 1284#endif 1285#ifndef ICMP6_NI_UNKNOWN 1286# define ICMP6_NI_UNKNOWN 2 1287#endif 1288 1289#ifndef ICMP6_ROUTER_RENUMBERING_COMMAND 1290# define ICMP6_ROUTER_RENUMBERING_COMMAND 0 1291#endif 1292#ifndef ICMP6_ROUTER_RENUMBERING_RESULT 1293# define ICMP6_ROUTER_RENUMBERING_RESULT 1 1294#endif 1295#ifndef ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 1296# define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255 1297#endif 1298 1299#ifndef ICMP6_PARAMPROB_HEADER 1300# define ICMP6_PARAMPROB_HEADER 0 1301#endif 1302#ifndef ICMP6_PARAMPROB_NEXTHEADER 1303# define ICMP6_PARAMPROB_NEXTHEADER 1 1304#endif 1305#ifndef ICMP6_PARAMPROB_OPTION 1306# define ICMP6_PARAMPROB_OPTION 2 1307#endif 1308 1309#ifndef ICMP6_NI_SUBJ_IPV6 1310# define ICMP6_NI_SUBJ_IPV6 0 1311#endif 1312#ifndef ICMP6_NI_SUBJ_FQDN 1313# define ICMP6_NI_SUBJ_FQDN 1 1314#endif 1315#ifndef ICMP6_NI_SUBJ_IPV4 1316# define ICMP6_NI_SUBJ_IPV4 2 1317#endif 1318 1319#ifndef MLD_MTRACE_RESP 1320# define MLD_MTRACE_RESP 200 1321#endif 1322#ifndef MLD_MTRACE 1323# define MLD_MTRACE 201 1324#endif 1325#ifndef MLD6_MTRACE_RESP 1326# define MLD6_MTRACE_RESP MLD_MTRACE_RESP 1327#endif 1328#ifndef MLD6_MTRACE 1329# define MLD6_MTRACE MLD_MTRACE 1330#endif 1331 1332#if !defined(IPV6_FLOWINFO_MASK) 1333# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN) 1334# define IPV6_FLOWINFO_MASK 0x0fffffff /* flow info (28 bits) */ 1335# else 1336# if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN) 1337# define IPV6_FLOWINFO_MASK 0xffffff0f /* flow info (28 bits) */ 1338# endif /* LITTLE_ENDIAN */ 1339# endif 1340#endif 1341#if !defined(IPV6_FLOWLABEL_MASK) 1342# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN) 1343# define IPV6_FLOWLABEL_MASK 0x000fffff /* flow label (20 bits) */ 1344# else 1345# if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN) 1346# define IPV6_FLOWLABEL_MASK 0xffff0f00 /* flow label (20 bits) */ 1347# endif /* LITTLE_ENDIAN */ 1348# endif 1349#endif 1350 1351/* 1352 * ECN is a new addition to TCP - RFC 2481 1353 */ 1354#ifndef TH_ECN 1355# define TH_ECN 0x40 1356#endif 1357#ifndef TH_CWR 1358# define TH_CWR 0x80 1359#endif 1360#define TH_ECNALL (TH_ECN|TH_CWR) 1361 1362/* 1363 * TCP States 1364 */ 1365#define IPF_TCPS_LISTEN 0 /* listening for connection */ 1366#define IPF_TCPS_SYN_SENT 1 /* active, have sent syn */ 1367#define IPF_TCPS_SYN_RECEIVED 2 /* have send and received syn */ 1368#define IPF_TCPS_HALF_ESTAB 3 /* for connections not fully "up" */ 1369/* states < IPF_TCPS_ESTABLISHED are those where connections not established */ 1370#define IPF_TCPS_ESTABLISHED 4 /* established */ 1371#define IPF_TCPS_CLOSE_WAIT 5 /* rcvd fin, waiting for close */ 1372/* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */ 1373#define IPF_TCPS_FIN_WAIT_1 6 /* have closed, sent fin */ 1374#define IPF_TCPS_CLOSING 7 /* closed xchd FIN; await FIN ACK */ 1375#define IPF_TCPS_LAST_ACK 8 /* had fin and close; await FIN ACK */ 1376/* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */ 1377#define IPF_TCPS_FIN_WAIT_2 9 /* have closed, fin is acked */ 1378#define IPF_TCPS_TIME_WAIT 10 /* in 2*msl quiet wait after close */ 1379#define IPF_TCPS_CLOSED 11 /* closed */ 1380#define IPF_TCP_NSTATES 12 1381 1382#define TCP_MSL 120 1383 1384#undef ICMP_MAX_UNREACH 1385#define ICMP_MAX_UNREACH 14 1386#undef ICMP_MAXTYPE 1387#define ICMP_MAXTYPE 18 1388 1389#ifndef IFNAMSIZ 1390#define IFNAMSIZ 16 1391#endif 1392 1393#ifndef LOG_FTP 1394# define LOG_FTP (11<<3) 1395#endif 1396#ifndef LOG_AUTHPRIV 1397# define LOG_AUTHPRIV (10<<3) 1398#endif 1399#ifndef LOG_AUDIT 1400# define LOG_AUDIT (13<<3) 1401#endif 1402#ifndef LOG_NTP 1403# define LOG_NTP (12<<3) 1404#endif 1405#ifndef LOG_SECURITY 1406# define LOG_SECURITY (13<<3) 1407#endif 1408#ifndef LOG_LFMT 1409# define LOG_LFMT (14<<3) 1410#endif 1411#ifndef LOG_CONSOLE 1412# define LOG_CONSOLE (14<<3) 1413#endif 1414 1415/* 1416 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data, 1417 * another IP header and then 64 bits of data, totalling 56. Of course, 1418 * the last 64 bits is dependent on that being available. 1419 */ 1420#define ICMPERR_ICMPHLEN 8 1421#define ICMPERR_IPICMPHLEN (20 + 8) 1422#define ICMPERR_MINPKTLEN (20 + 8 + 20) 1423#define ICMPERR_MAXPKTLEN (20 + 8 + 20 + 8) 1424#define ICMP6ERR_MINPKTLEN (40 + 8) 1425#define ICMP6ERR_IPICMPHLEN (40 + 8 + 40) 1426 1427#ifndef MIN 1428# define MIN(a,b) (((a)<(b))?(a):(b)) 1429#endif 1430 1431#ifdef RESCUE 1432# undef IPFILTER_BPF 1433#endif 1434 1435#ifdef IPF_DEBUG 1436# define DPRINT(x) printf x 1437#else 1438# define DPRINT(x) 1439#endif 1440 1441#ifndef AF_INET6 1442# define AF_INET6 26 1443#endif 1444 1445#ifdef DTRACE_PROBE 1446# ifdef _KERNEL 1447# define DT(_n) DTRACE_PROBE(_n) 1448# define DT1(_n,_a,_b) DTRACE_PROBE1(_n,_a,_b) 1449# define DT2(_n,_a,_b,_c,_d) DTRACE_PROBE2(_n,_a,_b,_c,_d) 1450# define DT3(_n,_a,_b,_c,_d,_e,_f) \ 1451 DTRACE_PROBE3(_n,_a,_b,_c,_d,_e,_f) 1452# define DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h) \ 1453 DTRACE_PROBE4(_n,_a,_b,_c,_d,_e,_f,_g,_h) 1454# else 1455# define DT(_n) 1456# define DT1(_n,_a,_b) 1457# define DT2(_n,_a,_b,_c,_d) 1458# define DT3(_n,_a,_b,_c,_d,_e,_f) 1459# define DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h) 1460# endif 1461#else 1462# define DT(_n) 1463# define DT1(_n,_a,_b) 1464# define DT2(_n,_a,_b,_c,_d) 1465# define DT3(_n,_a,_b,_c,_d,_e,_f) 1466# define DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h) 1467#endif 1468 1469struct ip6_routing { 1470 u_char ip6r_nxt; /* next header */ 1471 u_char ip6r_len; /* length in units of 8 octets */ 1472 u_char ip6r_type; /* always zero */ 1473 u_char ip6r_segleft; /* segments left */ 1474 u_32_t ip6r_reserved; /* reserved field */ 1475}; 1476 1477#endif /* __IP_COMPAT_H__ */ 1478