ip_compat.h revision 281192 
1/*
2 * Copyright (C) 2012 by Darren Reed.
3 *
4 * See the IPFILTER.LICENCE file for details on licencing.
5 *
6 * @(#)ip_compat.h	1.8 1/14/96
7 * $FreeBSD: head/sys/contrib/ipfilter/netinet/ip_compat.h 281192 2015-04-07 06:22:22Z glebius $
8 * Id: ip_compat.h,v 2.142.2.57 2007/10/10 09:51:42 darrenr Exp $
9 */
10
11#ifndef	__IP_COMPAT_H__
12#define	__IP_COMPAT_H__
13
14#ifndef	__P
15# ifdef	__STDC__
16#  define	__P(x)  x
17# else
18#  define	__P(x)  ()
19# endif
20#endif
21#ifndef	__STDC__
22# undef		const
23# define	const
24#endif
25
26#if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__)
27# undef	KERNEL
28# undef	_KERNEL
29# undef 	__KERNEL__
30# define	KERNEL
31# define	_KERNEL
32# define 	__KERNEL__
33#endif
34
35#define	SOLARIS	(defined(sun) && (defined(__svr4__) || defined(__SVR4)))
36
37
38#if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
39# define index   strchr
40# if !defined(_KERNEL)
41#  define	bzero(a,b)	memset(a,0,b)
42#  define	bcmp		memcmp
43#  define	bcopy(a,b,c)	memmove(b,a,c)
44# endif
45#endif
46
47#ifndef LIFNAMSIZ
48# ifdef IF_NAMESIZE
49#  define	LIFNAMSIZ	IF_NAMESIZE
50# else
51#  ifdef	IFNAMSIZ
52#   define	LIFNAMSIZ	IFNAMSIZ
53#  else
54#   define	LIFNAMSIZ	16
55#  endif
56# endif
57#endif
58
59#if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux)
60struct  ether_addr {
61        u_char  ether_addr_octet[6];
62};
63#endif
64
65# ifdef __STDC__
66#  define IPL_EXTERN(ep) ipl##ep
67# else
68#  define IPL_EXTERN(ep) ipl/**/ep
69# endif
70
71/*
72 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD.
73 */
74# ifndef _KERNEL
75#  define ADD_KERNEL
76#  define _KERNEL
77#  define KERNEL
78# endif
79# include <sys/uio.h>
80# ifdef ADD_KERNEL
81#  undef _KERNEL
82#  undef KERNEL
83# endif
84
85#define	NETBSD_GE_REV(x)	(defined(__NetBSD_Version__) && \
86				 (__NetBSD_Version__ >= (x)))
87#define	NETBSD_GT_REV(x)	(defined(__NetBSD_Version__) && \
88				 (__NetBSD_Version__ > (x)))
89#define	NETBSD_LT_REV(x)	(defined(__NetBSD_Version__) && \
90				 (__NetBSD_Version__ < (x)))
91#define	FREEBSD_GE_REV(x)	(defined(__FreeBSD_version) && \
92				 (__FreeBSD_version >= (x)))
93#define	FREEBSD_GT_REV(x)	(defined(__FreeBSD_version) && \
94				 (__FreeBSD_version > (x)))
95#define	FREEBSD_LT_REV(x)	(defined(__FreeBSD_version) && \
96				 (__FreeBSD_version < (x)))
97#define	BSDOS_GE_REV(x)		(defined(_BSDI_VERSION) && \
98				 (_BSDI_VERSION >= (x)))
99#define	BSDOS_GT_REV(x)		(defined(_BSDI_VERSION) && \
100				 (_BSDI_VERSION > (x)))
101#define	BSDOS_LT_REV(x)		(defined(_BSDI_VERSION) && \
102				 (_BSDI_VERSION < (x)))
103#define	OPENBSD_GE_REV(x)	(defined(OpenBSD) && (OpenBSD >= (x)))
104#define	OPENBSD_GT_REV(x)	(defined(OpenBSD) && (OpenBSD > (x)))
105#define	OPENBSD_LT_REV(x)	(defined(OpenBSD) && (OpenBSD < (x)))
106#define	BSD_GE_YEAR(x)		(defined(BSD) && (BSD >= (x)))
107#define	BSD_GT_YEAR(x)		(defined(BSD) && (BSD > (x)))
108#define	BSD_LT_YEAR(x)		(defined(BSD) && (BSD < (x)))
109
110
111/* ----------------------------------------------------------------------- */
112/*                                F R E E B S D                            */
113/* ----------------------------------------------------------------------- */
114# define HAS_SYS_MD5_H	1
115# if defined(_KERNEL)
116#   include "opt_bpf.h"
117#   include "opt_inet6.h"
118#  if defined(INET6) && !defined(USE_INET6)
119#   define USE_INET6
120#  endif
121# else
122#  if !defined(USE_INET6) && !defined(NOINET6)
123#   define	USE_INET6
124#  endif
125# endif
126
127# if defined(_KERNEL)
128#  include <netinet/ip_var.h>
129#    define	p_cred	td_ucred
130#    define	p_uid	td_ucred->cr_ruid
131
132/*
133 * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy.
134 * There may be other, safe, kernels but this is not extensively tested yet.
135 */
136#   define HAVE_M_PULLDOWN
137#  if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000)
138#   include "opt_ipfilter.h"
139#  endif
140#  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
141#  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
142
143#   define NETBSD_PF
144# else
145#  include <inttypes.h>
146# endif /* _KERNEL */
147
148#  include <sys/selinfo.h>
149#  include <sys/lock.h>
150#  include <sys/mutex.h>
151#    define	KRWLOCK_FILL_SZ		56
152#    define	KMUTEX_FILL_SZ		56
153#   include <sys/rwlock.h>
154#   define	KMUTEX_T		struct mtx
155#   define	KRWLOCK_T		struct rwlock
156
157#ifdef _KERNEL
158#    define	READ_ENTER(x)		rw_rlock(&(x)->ipf_lk)
159#    define	WRITE_ENTER(x)		rw_wlock(&(x)->ipf_lk)
160#    define	MUTEX_DOWNGRADE(x)	rw_downgrade(&(x)->ipf_lk)
161#    define	RWLOCK_INIT(x,y)	rw_init(&(x)->ipf_lk, (y))
162#    define	RW_DESTROY(x)		rw_destroy(&(x)->ipf_lk)
163#    define	RWLOCK_EXIT(x)		do { \
164					    if (rw_wowned(&(x)->ipf_lk)) \
165					    	rw_wunlock(&(x)->ipf_lk); \
166					    else \
167						rw_runlock(&(x)->ipf_lk); \
168					} while (0)
169#  include <net/if_var.h>
170#  define	GETKTIME(x)	microtime((struct timeval *)x)
171
172#   include <netinet/in_systm.h>
173#   include <netinet/ip.h>
174#   include <machine/in_cksum.h>
175
176#   define	USE_MUTEXES
177#   define	MUTEX_ENTER(x)		mtx_lock(&(x)->ipf_lk)
178#   define	MUTEX_EXIT(x)		mtx_unlock(&(x)->ipf_lk)
179#   define	MUTEX_INIT(x,y)		mtx_init(&(x)->ipf_lk, (y), NULL,\
180						 MTX_DEF)
181#   define	MUTEX_DESTROY(x)	mtx_destroy(&(x)->ipf_lk)
182#   define	MUTEX_NUKE(x)		bzero((x), sizeof(*(x)))
183/*
184 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
185 * for what we want to use them for, despite testing showing they work -
186 * with a WITNESS kernel, it generates LOR messages.
187 */
188#   include <machine/atomic.h>
189#   define	ATOMIC_INC(x)		{ mtx_lock(&softc->ipf_rw.ipf_lk); (x)++; \
190					  mtx_unlock(&softc->ipf_rw.ipf_lk); }
191#   define	ATOMIC_DEC(x)		{ mtx_lock(&softc->ipf_rw.ipf_lk); (x)--; \
192					  mtx_unlock(&softc->ipf_rw.ipf_lk); }
193#   define	ATOMIC_INCL(x)		atomic_add_long(&(x), 1)
194#   define	ATOMIC_INC64(x)		ATOMIC_INC(x)
195#   define	ATOMIC_INC32(x)		atomic_add_32((u_int *)&(x), 1)
196#   define	ATOMIC_DECL(x)		atomic_add_long(&(x), -1)
197#   define	ATOMIC_DEC64(x)		ATOMIC_DEC(x)
198#   define	ATOMIC_DEC32(x)		atomic_add_32((u_int *)&(x), -1)
199#   define	SPL_X(x)	;
200#   define	SPL_NET(x)	;
201#   define	SPL_IMP(x)	;
202#   define	SPL_SCHED(x)	;
203#   define	GET_MINOR		dev2unit
204#  define	MSGDSIZE(m)	mbufchainlen(m)
205#  define	M_LEN(m)	(m)->m_len
206#  define	M_ADJ(m,x)	m_adj(m, x)
207#  define	M_COPY(x)	m_copy((x), 0, M_COPYALL)
208#  define	M_DUP(m)	m_dup(m, M_NOWAIT)
209#  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
210typedef struct mbuf mb_t;
211
212#else	/* !_KERNEL */
213#ifndef _NET_IF_VAR_H_
214/*
215 * Userland emulation of struct ifnet.
216 */
217struct route;
218struct mbuf;
219struct ifnet {
220	char			if_xname[IFNAMSIZ];
221	TAILQ_HEAD(, ifaddr)	if_addrlist;
222	int	(*if_output)(struct ifnet *, struct mbuf *,
223	    const struct sockaddr *, struct route *);
224};
225#endif /* _NET_IF_VAR_H_ */
226#endif /* _KERNEL */
227
228#  define	IFNAME(x)	((struct ifnet *)x)->if_xname
229#  define	COPYIFNAME(v, x, b) \
230				(void) strncpy(b, \
231					       ((struct ifnet *)x)->if_xname, \
232					       LIFNAMSIZ)
233
234typedef	u_long		ioctlcmd_t;
235typedef	struct uio	uio_t;
236typedef	int		minor_t;
237typedef	u_int32_t	u_32_t;
238# define	U_32_T	1
239
240
241/* ----------------------------------------------------------------------- */
242/*                           G E N E R I C                                 */
243/* ----------------------------------------------------------------------- */
244
245/*
246 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in
247 * filter rules.
248 */
249#if !defined(IPFILTER_BPF)
250# if (defined(NBPF) && (NBPF > 0)) || (defined(DEV_BPF) && (DEV_BPF > 0)) || \
251     (defined(NBPFILTER) && (NBPFILTER > 0))
252#  define	IPFILTER_BPF
253# endif
254#endif
255
256/*
257 * Userland locking primitives
258 */
259#ifndef _KERNEL
260#if !defined(KMUTEX_FILL_SZ)
261# define	KMUTEX_FILL_SZ	1
262#endif
263#if !defined(KRWLOCK_FILL_SZ)
264# define	KRWLOCK_FILL_SZ	1
265#endif
266#endif
267
268typedef	struct	{
269	char	*eMm_owner;
270	char	*eMm_heldin;
271	u_int	eMm_magic;
272	int	eMm_held;
273	int	eMm_heldat;
274} eMmutex_t;
275
276typedef	struct	{
277	char	*eMrw_owner;
278	char	*eMrw_heldin;
279	u_int	eMrw_magic;
280	short	eMrw_read;
281	short	eMrw_write;
282	int	eMrw_heldat;
283} eMrwlock_t;
284
285typedef union {
286	char	_fill[KMUTEX_FILL_SZ];
287#ifdef KMUTEX_T
288	struct	{
289		KMUTEX_T	ipf_slk;
290		const char	*ipf_lname;
291	} ipf_lkun_s;
292#endif
293	eMmutex_t	ipf_emu;
294} ipfmutex_t;
295
296typedef union {
297	char	_fill[KRWLOCK_FILL_SZ];
298#ifdef KRWLOCK_T
299	struct	{
300		KRWLOCK_T	ipf_slk;
301		const char	*ipf_lname;
302		int		ipf_sr;
303		int		ipf_sw;
304		u_int		ipf_magic;
305	} ipf_lkun_s;
306#endif
307	eMrwlock_t	ipf_emu;
308} ipfrwlock_t;
309
310#define	ipf_lk		ipf_lkun_s.ipf_slk
311#define	ipf_lname	ipf_lkun_s.ipf_lname
312#define	ipf_isr		ipf_lkun_s.ipf_sr
313#define	ipf_isw		ipf_lkun_s.ipf_sw
314#define	ipf_magic	ipf_lkun_s.ipf_magic
315
316#if !defined(__GNUC__) || \
317    (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000))
318# ifndef	INLINE
319#  define	INLINE
320# endif
321#else
322# define	INLINE	__inline__
323#endif
324
325#if defined(__FreeBSD_version) && defined(_KERNEL)
326     CTASSERT(sizeof(ipfrwlock_t) == KRWLOCK_FILL_SZ);
327     CTASSERT(sizeof(ipfmutex_t) == KMUTEX_FILL_SZ);
328#endif
329
330
331/*
332 * In a non-kernel environment, there are a lot of macros that need to be
333 * filled in to be null-ops or to point to some compatibility function,
334 * somewhere in userland.
335 */
336#ifndef _KERNEL
337typedef	struct	mb_s	{
338	struct	mb_s	*mb_next;
339	char		*mb_data;
340	void		*mb_ifp;
341	int		mb_len;
342	int		mb_flags;
343	u_long		mb_buf[2048];
344} mb_t;
345# undef		m_next
346# define	m_next		mb_next
347# undef		m_len
348# define	m_len		mb_len
349# undef		m_flags
350# define	m_flags		mb_flags
351# undef		m_data
352# define	m_data		mb_data
353# undef		M_MCAST
354# define	M_MCAST		0x01
355# undef		M_BCAST
356# define	M_BCAST		0x02
357# undef		M_MBCAST
358# define	M_MBCAST	0x04
359# define	MSGDSIZE(m)	msgdsize(m)
360# define	M_LEN(m)	(m)->mb_len
361# define	M_ADJ(m,x)	(m)->mb_len += x
362# define	M_COPY(m)	dupmbt(m)
363# define	M_DUP(m)	dupmbt(m)
364# define	GETKTIME(x)	gettimeofday((struct timeval *)(x), NULL)
365# define	MTOD(m, t)	((t)(m)->mb_data)
366# define	FREE_MB_T(m)	freembt(m)
367# define	ALLOC_MB_T(m,l)	(m) = allocmbt(l)
368# define	PREP_MB_T(f, m)	do { \
369						(m)->mb_next = *(f)->fin_mp; \
370						*(fin)->fin_mp = (m); \
371						(f)->fin_m = (m); \
372					} while (0)
373# define	SLEEP(x,y)	1;
374# define	WAKEUP(x,y)	;
375# define	POLLWAKEUP(y)	;
376# define	IPF_PANIC(x,y)	;
377# define	PANIC(x,y)	;
378# define	SPL_SCHED(x)	;
379# define	SPL_NET(x)	;
380# define	SPL_IMP(x)	;
381# define	SPL_X(x)	;
382# define	KMALLOC(a,b)	(a) = (b)malloc(sizeof(*a))
383# define	KMALLOCS(a,b,c)	(a) = (b)malloc(c)
384# define	KFREE(x)	free(x)
385# define	KFREES(x,s)	free(x)
386# define	GETIFP(x, v)	get_unit(x,v)
387# define	GETIFMTU_4(x)	2048
388# define	GETIFMTU_6(x)	2048
389# define	COPYIN(a,b,c)	bcopywrap((a), (b), (c))
390# define	COPYOUT(a,b,c)	bcopywrap((a), (b), (c))
391# define	COPYDATA(m, o, l, b)	bcopy(MTOD((mb_t *)m, char *) + (o), \
392					      (b), (l))
393# define	COPYBACK(m, o, l, b)	bcopy((b), \
394					      MTOD((mb_t *)m, char *) + (o), \
395					      (l))
396# define	UIOMOVE(a,b,c,d)	ipfuiomove((caddr_t)a,b,c,d)
397extern	void	m_copydata __P((mb_t *, int, int, caddr_t));
398extern	int	ipfuiomove __P((caddr_t, int, int, struct uio *));
399extern	int	bcopywrap __P((void *, void *, size_t));
400extern	mb_t	*allocmbt __P((size_t));
401extern	mb_t	*dupmbt __P((mb_t *));
402extern	void	freembt __P((mb_t *));
403
404# define	MUTEX_DESTROY(x)	eMmutex_destroy(&(x)->ipf_emu, \
405							__FILE__, __LINE__)
406# define	MUTEX_ENTER(x)		eMmutex_enter(&(x)->ipf_emu, \
407						      __FILE__, __LINE__)
408# define	MUTEX_EXIT(x)		eMmutex_exit(&(x)->ipf_emu, \
409						     __FILE__, __LINE__)
410# define	MUTEX_INIT(x,y)		eMmutex_init(&(x)->ipf_emu, y, \
411						     __FILE__, __LINE__)
412# define	MUTEX_NUKE(x)		bzero((x), sizeof(*(x)))
413
414# define	MUTEX_DOWNGRADE(x)	eMrwlock_downgrade(&(x)->ipf_emu, \
415							   __FILE__, __LINE__)
416# define	READ_ENTER(x)		eMrwlock_read_enter(&(x)->ipf_emu, \
417							    __FILE__, __LINE__)
418# define	RWLOCK_INIT(x, y)	eMrwlock_init(&(x)->ipf_emu, y)
419# define	RWLOCK_EXIT(x)		eMrwlock_exit(&(x)->ipf_emu)
420# define	RW_DESTROY(x)		eMrwlock_destroy(&(x)->ipf_emu)
421# define	WRITE_ENTER(x)		eMrwlock_write_enter(&(x)->ipf_emu, \
422							     __FILE__, \
423							     __LINE__)
424
425# define	USE_MUTEXES		1
426
427extern void eMmutex_destroy __P((eMmutex_t *, char *, int));
428extern void eMmutex_enter __P((eMmutex_t *, char *, int));
429extern void eMmutex_exit __P((eMmutex_t *, char *, int));
430extern void eMmutex_init __P((eMmutex_t *, char *, char *, int));
431extern void eMrwlock_destroy __P((eMrwlock_t *));
432extern void eMrwlock_exit __P((eMrwlock_t *));
433extern void eMrwlock_init __P((eMrwlock_t *, char *));
434extern void eMrwlock_read_enter __P((eMrwlock_t *, char *, int));
435extern void eMrwlock_write_enter __P((eMrwlock_t *, char *, int));
436extern void eMrwlock_downgrade __P((eMrwlock_t *, char *, int));
437
438#endif
439
440extern	mb_t	*allocmbt(size_t);
441
442#define	MAX_IPV4HDR	((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8)
443
444#ifndef	IP_OFFMASK
445# define	IP_OFFMASK	0x1fff
446#endif
447
448
449/*
450 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized
451 * object.
452 */
453#if !defined(__amd64__) && BSD_GT_YEAR(199306)
454# define	USE_QUAD_T
455# define	U_QUAD_T	unsigned long long
456# define	QUAD_T		long long
457#else /* BSD > 199306 */
458# if !defined(U_QUAD_T)
459#  define	U_QUAD_T	u_long
460#  define	QUAD_T		long
461# endif
462#endif /* BSD > 199306 */
463
464
465#ifdef	USE_INET6
466# if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
467     defined(__osf__) || defined(linux)
468#  include <netinet/ip6.h>
469#  include <netinet/icmp6.h>
470#   if defined(_KERNEL) && !defined(__osf__)
471#    include <netinet6/ip6_var.h>
472#   endif
473typedef	struct ip6_hdr	ip6_t;
474# endif
475#endif
476
477#ifndef	MAX
478# define	MAX(a,b)	(((a) > (b)) ? (a) : (b))
479#endif
480
481#if defined(_KERNEL)
482# if defined(MENTAT) && !defined(INSTANCES)
483#  define	COPYDATA	mb_copydata
484#  define	COPYBACK	mb_copyback
485# else
486#  define	COPYDATA	m_copydata
487#  define	COPYBACK	m_copyback
488# endif
489#  if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \
490       defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \
491       defined(_BSDI_VERSION)
492#   include <vm/vm.h>
493#  endif
494#  if !defined(__FreeBSD__) || FREEBSD_GE_REV(300000)
495#   if NETBSD_GE_REV(105180000) || OPENBSD_GE_REV(200111)
496#    include <uvm/uvm_extern.h>
497#   else
498#    include <vm/vm_extern.h>
499extern  vm_map_t        kmem_map;
500#   endif
501#   include <sys/proc.h>
502#  else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
503#   include <vm/vm_kern.h>
504#  endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
505
506#  ifdef IPFILTER_M_IPFILTER
507#    include <sys/malloc.h>
508MALLOC_DECLARE(M_IPFILTER);
509#    define	_M_IPF		M_IPFILTER
510#  else /* IPFILTER_M_IPFILTER */
511#   ifdef M_PFIL
512#    define	_M_IPF		M_PFIL
513#   else
514#    ifdef M_IPFILTER
515#     define	_M_IPF		M_IPFILTER
516#    else
517#     define	_M_IPF		M_TEMP
518#    endif /* M_IPFILTER */
519#   endif /* M_PFIL */
520#  endif /* IPFILTER_M_IPFILTER */
521#  if !defined(KMALLOC)
522#   define	KMALLOC(a, b)	MALLOC((a), b, sizeof(*(a)), _M_IPF, M_NOWAIT)
523#  endif
524#  if !defined(KMALLOCS)
525#   define	KMALLOCS(a, b, c)	MALLOC((a), b, (c), _M_IPF, M_NOWAIT)
526#  endif
527#  if !defined(KFREE)
528#   define	KFREE(x)	FREE((x), _M_IPF)
529#  endif
530#   if !defined(KFREES)
531#  define	KFREES(x,s)	FREE((x), _M_IPF)
532#  endif
533#  define	UIOMOVE(a,b,c,d)	uiomove((caddr_t)a,b,d)
534#  define	SLEEP(id, n)	tsleep((id), PPAUSE|PCATCH, n, 0)
535#  define	WAKEUP(id,x)	wakeup(id+x)
536#  if !defined(POLLWAKEUP)
537#   define	POLLWAKEUP(x)	selwakeup(softc->ipf_selwait+x)
538#  endif
539#  define	GETIFP(n, v)	ifunit(n)
540#  define	GETIFMTU_4(x)	((struct ifnet *)x)->if_mtu
541#  define	GETIFMTU_6(x)	((struct ifnet *)x)->if_mtu
542
543# if !defined(USE_MUTEXES) && !defined(SPL_NET)
544#  define	SPL_IMP(x)	x = splimp()
545#  define	SPL_NET(x)	x = splnet()
546#  if !defined(SPL_SCHED)
547#   define	SPL_SCHED(x)	x = splsched()
548#  endif
549#  define	SPL_X(x)	(void) splx(x)
550# endif /* !USE_MUTEXES */
551
552# ifndef FREE_MB_T
553#  define	FREE_MB_T(m)	m_freem(m)
554# endif
555# ifndef ALLOC_MB_T
556#  ifdef MGETHDR
557#   define	ALLOC_MB_T(m,l)	do { \
558					MGETHDR((m), M_NOWAIT, MT_HEADER); \
559					if ((m) != NULL) { \
560						(m)->m_len = (l); \
561						(m)->m_pkthdr.len = (l); \
562					} \
563				} while (0)
564#  else
565#   define	ALLOC_MB_T(m,l)	do { \
566					MGET((m), M_NOWAIT, MT_HEADER); \
567					if ((m) != NULL) { \
568						(m)->m_len = (l); \
569						(m)->m_pkthdr.len = (l); \
570					} \
571				} while (0)
572#  endif
573# endif
574# ifndef PREP_MB_T
575#  define	PREP_MB_T(f, m)	do { \
576						mb_t *_o = *(f)->fin_mp; \
577						(m)->m_next = _o; \
578						*(fin)->fin_mp = (m); \
579						if (_o->m_flags & M_PKTHDR) { \
580							(m)->m_pkthdr.len += \
581							    _o->m_pkthdr.len; \
582							(m)->m_pkthdr.rcvif = \
583							  _o->m_pkthdr.rcvif; \
584						} \
585					} while (0)
586# endif
587# ifndef M_DUP
588#  ifdef M_COPYALL
589#   define	M_DUP(m)	m_dup(m, 0, M_COPYALL, 0)
590#  else
591#   define	M_DUP(m)	m_dup(m)
592#  endif
593# endif
594
595# ifndef MTOD
596#  define	MTOD(m,t)	mtod(m,t)
597# endif
598
599# ifndef COPYIN
600#  define	COPYIN(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
601#  define	COPYOUT(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
602# endif
603
604# ifndef KMALLOC
605#  define	KMALLOC(a,b)	(a) = (b)new_kmem_alloc(sizeof(*(a)), \
606							KMEM_NOSLEEP)
607#  define	KMALLOCS(a,b,c)	(a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP)
608# endif
609
610# ifndef	GET_MINOR
611#  define	GET_MINOR(x)	dev2unit(x)
612# endif
613# define	PANIC(x,y)	if (x) panic y
614#endif /* _KERNEL */
615
616#if !defined(IFNAME) && !defined(_KERNEL)
617# define	IFNAME(x)	get_ifname((struct ifnet *)x)
618#endif
619#ifndef	COPYIFNAME
620# define	NEED_FRGETIFNAME
621extern	char	*ipf_getifname __P((struct ifnet *, char *));
622# define	COPYIFNAME(v, x, b) \
623				ipf_getifname((struct ifnet *)x, b)
624#endif
625
626#ifndef ASSERT
627# ifdef _KERNEL
628#  define	ASSERT(x)
629# else
630#  define	ASSERT(x)	do { if (!(x)) abort(); } while (0)
631# endif
632#endif
633
634#ifndef BCOPYIN
635#  define	BCOPYIN(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
636#  define	BCOPYOUT(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
637#endif
638
639/*
640 * Because the ctype(3) posix definition, if used "safely" in code everywhere,
641 * would mean all normal code that walks through strings needed casts.  Yuck.
642 */
643#define	ISALNUM(x)	isalnum((u_char)(x))
644#define	ISALPHA(x)	isalpha((u_char)(x))
645#define	ISDIGIT(x)	isdigit((u_char)(x))
646#define	ISSPACE(x)	isspace((u_char)(x))
647#define	ISUPPER(x)	isupper((u_char)(x))
648#define	ISXDIGIT(x)	isxdigit((u_char)(x))
649#define	ISLOWER(x)	islower((u_char)(x))
650#define	TOUPPER(x)	toupper((u_char)(x))
651#define	TOLOWER(x)	tolower((u_char)(x))
652
653/*
654 * If mutexes aren't being used, turn all the mutex functions into null-ops.
655 */
656#if !defined(USE_MUTEXES)
657# define	USE_SPL			1
658# undef		RW_DESTROY
659# undef		MUTEX_INIT
660# undef		MUTEX_NUKE
661# undef		MUTEX_DESTROY
662# define	MUTEX_ENTER(x)		;
663# define	READ_ENTER(x)		;
664# define	WRITE_ENTER(x)		;
665# define	MUTEX_DOWNGRADE(x)	;
666# define	RWLOCK_INIT(x, y)	;
667# define	RWLOCK_EXIT(x)		;
668# define	RW_DESTROY(x)		;
669# define	MUTEX_EXIT(x)		;
670# define	MUTEX_INIT(x,y)		;
671# define	MUTEX_DESTROY(x)	;
672# define	MUTEX_NUKE(x)		;
673#endif /* !USE_MUTEXES */
674#ifndef	ATOMIC_INC
675# define	ATOMIC_INC(x)		(x)++
676# define	ATOMIC_DEC(x)		(x)--
677#endif
678
679#if defined(USE_SPL) && defined(_KERNEL)
680# define	SPL_INT(x)	int x
681#else
682# define	SPL_INT(x)
683#endif
684
685/*
686 * If there are no atomic operations for bit sizes defined, define them to all
687 * use a generic one that works for all sizes.
688 */
689#ifndef	ATOMIC_INCL
690# define	ATOMIC_INCL		ATOMIC_INC
691# define	ATOMIC_INC64		ATOMIC_INC
692# define	ATOMIC_INC32		ATOMIC_INC
693# define	ATOMIC_DECL		ATOMIC_DEC
694# define	ATOMIC_DEC64		ATOMIC_DEC
695# define	ATOMIC_DEC32		ATOMIC_DEC
696#endif
697
698#ifndef HDR_T_PRIVATE
699typedef	struct	tcphdr	tcphdr_t;
700typedef	struct	udphdr	udphdr_t;
701#endif
702typedef	struct	icmp	icmphdr_t;
703typedef	struct	ip	ip_t;
704typedef	struct	ether_header	ether_header_t;
705typedef	struct	tcpiphdr	tcpiphdr_t;
706
707#ifndef	FR_GROUPLEN
708# define	FR_GROUPLEN	16
709#endif
710
711#ifndef offsetof
712# define offsetof(t,m) (size_t)((&((t *)0L)->m))
713#endif
714#ifndef stsizeof
715# define stsizeof(t,m)	sizeof(((t *)0L)->m)
716#endif
717
718/*
719 * This set of macros has been brought about because on Tru64 it is not
720 * possible to easily assign or examine values in a structure that are
721 * bit fields.
722 */
723#ifndef IP_V
724# define	IP_V(x)		(x)->ip_v
725#endif
726#ifndef	IP_V_A
727# define	IP_V_A(x,y)	(x)->ip_v = (y)
728#endif
729#ifndef	IP_HL
730# define	IP_HL(x)	(x)->ip_hl
731#endif
732#ifndef	IP_HL_A
733# define	IP_HL_A(x,y)	(x)->ip_hl = ((y) & 0xf)
734#endif
735#ifndef	TCP_X2
736# define	TCP_X2(x)	(x)->th_x2
737#endif
738#ifndef	TCP_X2_A
739# define	TCP_X2_A(x,y)	(x)->th_x2 = (y)
740#endif
741#ifndef	TCP_OFF
742# define	TCP_OFF(x)	(x)->th_off
743#endif
744#ifndef	TCP_OFF_A
745# define	TCP_OFF_A(x,y)	(x)->th_off = (y)
746#endif
747#define	IPMINLEN(i, h)	((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h)))
748
749
750/*
751 * XXX - This is one of those *awful* hacks which nobody likes
752 */
753#ifdef	ultrix
754#define	A_A
755#else
756#define	A_A	&
757#endif
758
759#define	TCPF_ALL	(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\
760			 TH_ECN|TH_CWR)
761
762#if BSD_GE_YEAR(199306) && !defined(m_act)
763# define	m_act	m_nextpkt
764#endif
765
766/*
767 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108.
768 *
769 * Basic Option
770 *
771 * 00000001   -   (Reserved 4)
772 * 00111101   -   Top Secret
773 * 01011010   -   Secret
774 * 10010110   -   Confidential
775 * 01100110   -   (Reserved 3)
776 * 11001100   -   (Reserved 2)
777 * 10101011   -   Unclassified
778 * 11110001   -   (Reserved 1)
779 */
780#define	IPSO_CLASS_RES4		0x01
781#define	IPSO_CLASS_TOPS		0x3d
782#define	IPSO_CLASS_SECR		0x5a
783#define	IPSO_CLASS_CONF		0x96
784#define	IPSO_CLASS_RES3		0x66
785#define	IPSO_CLASS_RES2		0xcc
786#define	IPSO_CLASS_UNCL		0xab
787#define	IPSO_CLASS_RES1		0xf1
788
789#define	IPSO_AUTH_GENSER	0x80
790#define	IPSO_AUTH_ESI		0x40
791#define	IPSO_AUTH_SCI		0x20
792#define	IPSO_AUTH_NSA		0x10
793#define	IPSO_AUTH_DOE		0x08
794#define	IPSO_AUTH_UN		0x06
795#define	IPSO_AUTH_FTE		0x01
796
797/*
798 * IP option #defines
799 */
800#undef	IPOPT_RR
801#define	IPOPT_RR	7
802#undef	IPOPT_ZSU
803#define	IPOPT_ZSU	10	/* ZSU */
804#undef	IPOPT_MTUP
805#define	IPOPT_MTUP	11	/* MTUP */
806#undef	IPOPT_MTUR
807#define	IPOPT_MTUR	12	/* MTUR */
808#undef	IPOPT_ENCODE
809#define	IPOPT_ENCODE	15	/* ENCODE */
810#undef	IPOPT_TS
811#define	IPOPT_TS	68
812#undef	IPOPT_TR
813#define	IPOPT_TR	82	/* TR */
814#undef	IPOPT_SECURITY
815#define	IPOPT_SECURITY	130
816#undef	IPOPT_LSRR
817#define	IPOPT_LSRR	131
818#undef	IPOPT_E_SEC
819#define	IPOPT_E_SEC	133	/* E-SEC */
820#undef	IPOPT_CIPSO
821#define	IPOPT_CIPSO	134	/* CIPSO */
822#undef	IPOPT_SATID
823#define	IPOPT_SATID	136
824#ifndef	IPOPT_SID
825# define	IPOPT_SID	IPOPT_SATID
826#endif
827#undef	IPOPT_SSRR
828#define	IPOPT_SSRR	137
829#undef	IPOPT_ADDEXT
830#define	IPOPT_ADDEXT	147	/* ADDEXT */
831#undef	IPOPT_VISA
832#define	IPOPT_VISA	142	/* VISA */
833#undef	IPOPT_IMITD
834#define	IPOPT_IMITD	144	/* IMITD */
835#undef	IPOPT_EIP
836#define	IPOPT_EIP	145	/* EIP */
837#undef	IPOPT_RTRALRT
838#define	IPOPT_RTRALRT	148	/* RTRALRT */
839#undef	IPOPT_SDB
840#define	IPOPT_SDB	149
841#undef	IPOPT_NSAPA
842#define	IPOPT_NSAPA	150
843#undef	IPOPT_DPS
844#define	IPOPT_DPS	151
845#undef	IPOPT_UMP
846#define	IPOPT_UMP	152
847#undef	IPOPT_FINN
848#define	IPOPT_FINN	205	/* FINN */
849#undef	IPOPT_AH
850#define	IPOPT_AH	256+IPPROTO_AH
851
852#ifndef TCPOPT_EOL
853# define TCPOPT_EOL		0
854#endif
855#ifndef TCPOPT_NOP
856# define TCPOPT_NOP		1
857#endif
858#ifndef TCPOPT_MAXSEG
859# define TCPOPT_MAXSEG		2
860#endif
861#ifndef TCPOLEN_MAXSEG
862# define TCPOLEN_MAXSEG		4
863#endif
864#ifndef TCPOPT_WINDOW
865# define TCPOPT_WINDOW		3
866#endif
867#ifndef TCPOLEN_WINDOW
868# define TCPOLEN_WINDOW		3
869#endif
870#ifndef TCPOPT_SACK_PERMITTED
871# define TCPOPT_SACK_PERMITTED	4
872#endif
873#ifndef TCPOLEN_SACK_PERMITTED
874# define TCPOLEN_SACK_PERMITTED	2
875#endif
876#ifndef TCPOPT_SACK
877# define TCPOPT_SACK		5
878#endif
879#ifndef TCPOPT_TIMESTAMP
880# define TCPOPT_TIMESTAMP	8
881#endif
882
883#ifndef	ICMP_MINLEN
884# define	ICMP_MINLEN	8
885#endif
886#ifndef	ICMP_ECHOREPLY
887# define	ICMP_ECHOREPLY	0
888#endif
889#ifndef	ICMP_UNREACH
890# define	ICMP_UNREACH	3
891#endif
892#ifndef	ICMP_UNREACH_NET
893# define	ICMP_UNREACH_NET	0
894#endif
895#ifndef	ICMP_UNREACH_HOST
896# define	ICMP_UNREACH_HOST	1
897#endif
898#ifndef	ICMP_UNREACH_PROTOCOL
899# define	ICMP_UNREACH_PROTOCOL	2
900#endif
901#ifndef	ICMP_UNREACH_PORT
902# define	ICMP_UNREACH_PORT	3
903#endif
904#ifndef	ICMP_UNREACH_NEEDFRAG
905# define	ICMP_UNREACH_NEEDFRAG	4
906#endif
907#ifndef	ICMP_UNREACH_SRCFAIL
908# define	ICMP_UNREACH_SRCFAIL	5
909#endif
910#ifndef	ICMP_UNREACH_NET_UNKNOWN
911# define	ICMP_UNREACH_NET_UNKNOWN	6
912#endif
913#ifndef	ICMP_UNREACH_HOST_UNKNOWN
914# define	ICMP_UNREACH_HOST_UNKNOWN	7
915#endif
916#ifndef	ICMP_UNREACH_ISOLATED
917# define	ICMP_UNREACH_ISOLATED	8
918#endif
919#ifndef	ICMP_UNREACH_NET_PROHIB
920# define	ICMP_UNREACH_NET_PROHIB	9
921#endif
922#ifndef	ICMP_UNREACH_HOST_PROHIB
923# define	ICMP_UNREACH_HOST_PROHIB	10
924#endif
925#ifndef	ICMP_UNREACH_TOSNET
926# define	ICMP_UNREACH_TOSNET	11
927#endif
928#ifndef	ICMP_UNREACH_TOSHOST
929# define	ICMP_UNREACH_TOSHOST	12
930#endif
931#ifndef	ICMP_UNREACH_ADMIN_PROHIBIT
932# define	ICMP_UNREACH_ADMIN_PROHIBIT	13
933#endif
934#ifndef	ICMP_UNREACH_FILTER
935# define	ICMP_UNREACH_FILTER	13
936#endif
937#ifndef	ICMP_UNREACH_HOST_PRECEDENCE
938# define	ICMP_UNREACH_HOST_PRECEDENCE	14
939#endif
940#ifndef	ICMP_UNREACH_PRECEDENCE_CUTOFF
941# define	ICMP_UNREACH_PRECEDENCE_CUTOFF	15
942#endif
943#ifndef	ICMP_SOURCEQUENCH
944# define	ICMP_SOURCEQUENCH	4
945#endif
946#ifndef	ICMP_REDIRECT_NET
947# define	ICMP_REDIRECT_NET	0
948#endif
949#ifndef	ICMP_REDIRECT_HOST
950# define	ICMP_REDIRECT_HOST	1
951#endif
952#ifndef	ICMP_REDIRECT_TOSNET
953# define	ICMP_REDIRECT_TOSNET	2
954#endif
955#ifndef	ICMP_REDIRECT_TOSHOST
956# define	ICMP_REDIRECT_TOSHOST	3
957#endif
958#ifndef	ICMP_ALTHOSTADDR
959# define	ICMP_ALTHOSTADDR	6
960#endif
961#ifndef	ICMP_TIMXCEED
962# define	ICMP_TIMXCEED	11
963#endif
964#ifndef	ICMP_TIMXCEED_INTRANS
965# define	ICMP_TIMXCEED_INTRANS	0
966#endif
967#ifndef	ICMP_TIMXCEED_REASS
968# define		ICMP_TIMXCEED_REASS	1
969#endif
970#ifndef	ICMP_PARAMPROB
971# define	ICMP_PARAMPROB	12
972#endif
973#ifndef	ICMP_PARAMPROB_ERRATPTR
974# define	ICMP_PARAMPROB_ERRATPTR	0
975#endif
976#ifndef	ICMP_PARAMPROB_OPTABSENT
977# define	ICMP_PARAMPROB_OPTABSENT	1
978#endif
979#ifndef	ICMP_PARAMPROB_LENGTH
980# define	ICMP_PARAMPROB_LENGTH	2
981#endif
982#ifndef ICMP_TSTAMP
983# define	ICMP_TSTAMP	13
984#endif
985#ifndef ICMP_TSTAMPREPLY
986# define	ICMP_TSTAMPREPLY	14
987#endif
988#ifndef ICMP_IREQ
989# define	ICMP_IREQ	15
990#endif
991#ifndef ICMP_IREQREPLY
992# define	ICMP_IREQREPLY	16
993#endif
994#ifndef	ICMP_MASKREQ
995# define	ICMP_MASKREQ	17
996#endif
997#ifndef ICMP_MASKREPLY
998# define	ICMP_MASKREPLY	18
999#endif
1000#ifndef	ICMP_TRACEROUTE
1001# define	ICMP_TRACEROUTE	30
1002#endif
1003#ifndef	ICMP_DATACONVERR
1004# define	ICMP_DATACONVERR	31
1005#endif
1006#ifndef	ICMP_MOBILE_REDIRECT
1007# define	ICMP_MOBILE_REDIRECT	32
1008#endif
1009#ifndef	ICMP_IPV6_WHEREAREYOU
1010# define	ICMP_IPV6_WHEREAREYOU	33
1011#endif
1012#ifndef	ICMP_IPV6_IAMHERE
1013# define	ICMP_IPV6_IAMHERE	34
1014#endif
1015#ifndef	ICMP_MOBILE_REGREQUEST
1016# define	ICMP_MOBILE_REGREQUEST	35
1017#endif
1018#ifndef	ICMP_MOBILE_REGREPLY
1019# define	ICMP_MOBILE_REGREPLY	36
1020#endif
1021#ifndef	ICMP_SKIP
1022# define	ICMP_SKIP	39
1023#endif
1024#ifndef	ICMP_PHOTURIS
1025# define	ICMP_PHOTURIS	40
1026#endif
1027#ifndef	ICMP_PHOTURIS_UNKNOWN_INDEX
1028# define	ICMP_PHOTURIS_UNKNOWN_INDEX	1
1029#endif
1030#ifndef	ICMP_PHOTURIS_AUTH_FAILED
1031# define	ICMP_PHOTURIS_AUTH_FAILED	2
1032#endif
1033#ifndef	ICMP_PHOTURIS_DECRYPT_FAILED
1034# define	ICMP_PHOTURIS_DECRYPT_FAILED	3
1035#endif
1036#ifndef	IPVERSION
1037# define	IPVERSION	4
1038#endif
1039#ifndef	IPOPT_MINOFF
1040# define	IPOPT_MINOFF	4
1041#endif
1042#ifndef	IPOPT_COPIED
1043# define	IPOPT_COPIED(x)	((x)&0x80)
1044#endif
1045#ifndef	IPOPT_EOL
1046# define	IPOPT_EOL	0
1047#endif
1048#ifndef	IPOPT_NOP
1049# define	IPOPT_NOP	1
1050#endif
1051#ifndef	IP_MF
1052# define	IP_MF	((u_short)0x2000)
1053#endif
1054#ifndef	ETHERTYPE_IP
1055# define	ETHERTYPE_IP	((u_short)0x0800)
1056#endif
1057#ifndef	TH_FIN
1058# define	TH_FIN	0x01
1059#endif
1060#ifndef	TH_SYN
1061# define	TH_SYN	0x02
1062#endif
1063#ifndef	TH_RST
1064# define	TH_RST	0x04
1065#endif
1066#ifndef	TH_PUSH
1067# define	TH_PUSH	0x08
1068#endif
1069#ifndef	TH_ACK
1070# define	TH_ACK	0x10
1071#endif
1072#ifndef	TH_URG
1073# define	TH_URG	0x20
1074#endif
1075#undef	TH_ACKMASK
1076#define	TH_ACKMASK	(TH_FIN|TH_SYN|TH_RST|TH_ACK)
1077
1078#ifndef	IPOPT_EOL
1079# define	IPOPT_EOL	0
1080#endif
1081#ifndef	IPOPT_NOP
1082# define	IPOPT_NOP	1
1083#endif
1084#ifndef	IPOPT_RR
1085# define	IPOPT_RR	7
1086#endif
1087#ifndef	IPOPT_TS
1088# define	IPOPT_TS	68
1089#endif
1090#ifndef	IPOPT_SECURITY
1091# define	IPOPT_SECURITY	130
1092#endif
1093#ifndef	IPOPT_LSRR
1094# define	IPOPT_LSRR	131
1095#endif
1096#ifndef	IPOPT_SATID
1097# define	IPOPT_SATID	136
1098#endif
1099#ifndef	IPOPT_SSRR
1100# define	IPOPT_SSRR	137
1101#endif
1102#ifndef	IPOPT_SECUR_UNCLASS
1103# define	IPOPT_SECUR_UNCLASS	((u_short)0x0000)
1104#endif
1105#ifndef	IPOPT_SECUR_CONFID
1106# define	IPOPT_SECUR_CONFID	((u_short)0xf135)
1107#endif
1108#ifndef	IPOPT_SECUR_EFTO
1109# define	IPOPT_SECUR_EFTO	((u_short)0x789a)
1110#endif
1111#ifndef	IPOPT_SECUR_MMMM
1112# define	IPOPT_SECUR_MMMM	((u_short)0xbc4d)
1113#endif
1114#ifndef	IPOPT_SECUR_RESTR
1115# define	IPOPT_SECUR_RESTR	((u_short)0xaf13)
1116#endif
1117#ifndef	IPOPT_SECUR_SECRET
1118# define	IPOPT_SECUR_SECRET	((u_short)0xd788)
1119#endif
1120#ifndef IPOPT_SECUR_TOPSECRET
1121# define	IPOPT_SECUR_TOPSECRET	((u_short)0x6bc5)
1122#endif
1123#ifndef IPOPT_OLEN
1124# define	IPOPT_OLEN	1
1125#endif
1126#ifndef	IPPROTO_HOPOPTS
1127# define	IPPROTO_HOPOPTS	0
1128#endif
1129#ifndef	IPPROTO_IPIP
1130# define	IPPROTO_IPIP	4
1131#endif
1132#ifndef	IPPROTO_ENCAP
1133# define	IPPROTO_ENCAP	98
1134#endif
1135#ifndef	IPPROTO_IPV6
1136# define	IPPROTO_IPV6	41
1137#endif
1138#ifndef	IPPROTO_ROUTING
1139# define	IPPROTO_ROUTING	43
1140#endif
1141#ifndef	IPPROTO_FRAGMENT
1142# define	IPPROTO_FRAGMENT	44
1143#endif
1144#ifndef	IPPROTO_GRE
1145# define	IPPROTO_GRE	47	/* GRE encaps RFC 1701 */
1146#endif
1147#ifndef	IPPROTO_ESP
1148# define	IPPROTO_ESP	50
1149#endif
1150#ifndef	IPPROTO_AH
1151# define	IPPROTO_AH	51
1152#endif
1153#ifndef	IPPROTO_ICMPV6
1154# define	IPPROTO_ICMPV6	58
1155#endif
1156#ifndef	IPPROTO_NONE
1157# define	IPPROTO_NONE	59
1158#endif
1159#ifndef	IPPROTO_DSTOPTS
1160# define	IPPROTO_DSTOPTS	60
1161#endif
1162#ifndef	IPPROTO_MOBILITY
1163# define	IPPROTO_MOBILITY	135
1164#endif
1165
1166#ifndef	ICMP_ROUTERADVERT
1167# define	ICMP_ROUTERADVERT	9
1168#endif
1169#ifndef	ICMP_ROUTERSOLICIT
1170# define	ICMP_ROUTERSOLICIT	10
1171#endif
1172#ifndef	ICMP6_DST_UNREACH
1173# define	ICMP6_DST_UNREACH	1
1174#endif
1175#ifndef	ICMP6_PACKET_TOO_BIG
1176# define	ICMP6_PACKET_TOO_BIG	2
1177#endif
1178#ifndef	ICMP6_TIME_EXCEEDED
1179# define	ICMP6_TIME_EXCEEDED	3
1180#endif
1181#ifndef	ICMP6_PARAM_PROB
1182# define	ICMP6_PARAM_PROB	4
1183#endif
1184
1185#ifndef	ICMP6_ECHO_REQUEST
1186# define	ICMP6_ECHO_REQUEST	128
1187#endif
1188#ifndef	ICMP6_ECHO_REPLY
1189# define	ICMP6_ECHO_REPLY	129
1190#endif
1191#ifndef	ICMP6_MEMBERSHIP_QUERY
1192# define	ICMP6_MEMBERSHIP_QUERY	130
1193#endif
1194#ifndef	MLD6_LISTENER_QUERY
1195# define	MLD6_LISTENER_QUERY	130
1196#endif
1197#ifndef	ICMP6_MEMBERSHIP_REPORT
1198# define	ICMP6_MEMBERSHIP_REPORT	131
1199#endif
1200#ifndef	MLD6_LISTENER_REPORT
1201# define	MLD6_LISTENER_REPORT	131
1202#endif
1203#ifndef	ICMP6_MEMBERSHIP_REDUCTION
1204# define	ICMP6_MEMBERSHIP_REDUCTION	132
1205#endif
1206#ifndef	MLD6_LISTENER_DONE
1207# define	MLD6_LISTENER_DONE	132
1208#endif
1209#ifndef	ND_ROUTER_SOLICIT
1210# define	ND_ROUTER_SOLICIT	133
1211#endif
1212#ifndef	ND_ROUTER_ADVERT
1213# define	ND_ROUTER_ADVERT	134
1214#endif
1215#ifndef	ND_NEIGHBOR_SOLICIT
1216# define	ND_NEIGHBOR_SOLICIT	135
1217#endif
1218#ifndef	ND_NEIGHBOR_ADVERT
1219# define	ND_NEIGHBOR_ADVERT	136
1220#endif
1221#ifndef	ND_REDIRECT
1222# define	ND_REDIRECT	137
1223#endif
1224#ifndef	ICMP6_ROUTER_RENUMBERING
1225# define	ICMP6_ROUTER_RENUMBERING	138
1226#endif
1227#ifndef	ICMP6_WRUREQUEST
1228# define	ICMP6_WRUREQUEST	139
1229#endif
1230#ifndef	ICMP6_WRUREPLY
1231# define	ICMP6_WRUREPLY		140
1232#endif
1233#ifndef	ICMP6_FQDN_QUERY
1234# define	ICMP6_FQDN_QUERY	139
1235#endif
1236#ifndef	ICMP6_FQDN_REPLY
1237# define	ICMP6_FQDN_REPLY	140
1238#endif
1239#ifndef	ICMP6_NI_QUERY
1240# define	ICMP6_NI_QUERY		139
1241#endif
1242#ifndef	ICMP6_NI_REPLY
1243# define	ICMP6_NI_REPLY		140
1244#endif
1245#ifndef	MLD6_MTRACE_RESP
1246# define	MLD6_MTRACE_RESP	200
1247#endif
1248#ifndef	MLD6_MTRACE
1249# define	MLD6_MTRACE		201
1250#endif
1251#ifndef	ICMP6_HADISCOV_REQUEST
1252# define	ICMP6_HADISCOV_REQUEST	202
1253#endif
1254#ifndef	ICMP6_HADISCOV_REPLY
1255# define	ICMP6_HADISCOV_REPLY	203
1256#endif
1257#ifndef	ICMP6_MOBILEPREFIX_SOLICIT
1258# define	ICMP6_MOBILEPREFIX_SOLICIT	204
1259#endif
1260#ifndef	ICMP6_MOBILEPREFIX_ADVERT
1261# define	ICMP6_MOBILEPREFIX_ADVERT	205
1262#endif
1263#ifndef	ICMP6_MAXTYPE
1264# define	ICMP6_MAXTYPE		205
1265#endif
1266
1267#ifndef	ICMP6_DST_UNREACH_NOROUTE
1268# define	ICMP6_DST_UNREACH_NOROUTE	0
1269#endif
1270#ifndef	ICMP6_DST_UNREACH_ADMIN
1271# define	ICMP6_DST_UNREACH_ADMIN		1
1272#endif
1273#ifndef	ICMP6_DST_UNREACH_NOTNEIGHBOR
1274# define	ICMP6_DST_UNREACH_NOTNEIGHBOR	2
1275#endif
1276#ifndef	ICMP6_DST_UNREACH_BEYONDSCOPE
1277# define	ICMP6_DST_UNREACH_BEYONDSCOPE	2
1278#endif
1279#ifndef	ICMP6_DST_UNREACH_ADDR
1280# define	ICMP6_DST_UNREACH_ADDR		3
1281#endif
1282#ifndef	ICMP6_DST_UNREACH_NOPORT
1283# define	ICMP6_DST_UNREACH_NOPORT	4
1284#endif
1285#ifndef	ICMP6_TIME_EXCEED_TRANSIT
1286# define	ICMP6_TIME_EXCEED_TRANSIT	0
1287#endif
1288#ifndef	ICMP6_TIME_EXCEED_REASSEMBLY
1289# define	ICMP6_TIME_EXCEED_REASSEMBLY	1
1290#endif
1291
1292#ifndef	ICMP6_NI_SUCCESS
1293# define	ICMP6_NI_SUCCESS	0
1294#endif
1295#ifndef	ICMP6_NI_REFUSED
1296# define	ICMP6_NI_REFUSED	1
1297#endif
1298#ifndef	ICMP6_NI_UNKNOWN
1299# define	ICMP6_NI_UNKNOWN	2
1300#endif
1301
1302#ifndef	ICMP6_ROUTER_RENUMBERING_COMMAND
1303# define	ICMP6_ROUTER_RENUMBERING_COMMAND	0
1304#endif
1305#ifndef	ICMP6_ROUTER_RENUMBERING_RESULT
1306# define	ICMP6_ROUTER_RENUMBERING_RESULT	1
1307#endif
1308#ifndef	ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET
1309# define	ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET	255
1310#endif
1311
1312#ifndef	ICMP6_PARAMPROB_HEADER
1313# define	ICMP6_PARAMPROB_HEADER	0
1314#endif
1315#ifndef	ICMP6_PARAMPROB_NEXTHEADER
1316# define	ICMP6_PARAMPROB_NEXTHEADER	1
1317#endif
1318#ifndef	ICMP6_PARAMPROB_OPTION
1319# define	ICMP6_PARAMPROB_OPTION	2
1320#endif
1321
1322#ifndef	ICMP6_NI_SUBJ_IPV6
1323# define	ICMP6_NI_SUBJ_IPV6	0
1324#endif
1325#ifndef	ICMP6_NI_SUBJ_FQDN
1326# define	ICMP6_NI_SUBJ_FQDN	1
1327#endif
1328#ifndef	ICMP6_NI_SUBJ_IPV4
1329# define	ICMP6_NI_SUBJ_IPV4	2
1330#endif
1331
1332#ifndef	MLD_MTRACE_RESP
1333# define	MLD_MTRACE_RESP		200
1334#endif
1335#ifndef	MLD_MTRACE
1336# define	MLD_MTRACE		201
1337#endif
1338#ifndef	MLD6_MTRACE_RESP
1339# define	MLD6_MTRACE_RESP	MLD_MTRACE_RESP
1340#endif
1341#ifndef	MLD6_MTRACE
1342# define	MLD6_MTRACE		MLD_MTRACE
1343#endif
1344
1345#if !defined(IPV6_FLOWINFO_MASK)
1346# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
1347#  define IPV6_FLOWINFO_MASK	0x0fffffff	/* flow info (28 bits) */
1348# else
1349#  if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
1350#   define IPV6_FLOWINFO_MASK	0xffffff0f	/* flow info (28 bits) */
1351#  endif /* LITTLE_ENDIAN */
1352# endif
1353#endif
1354#if !defined(IPV6_FLOWLABEL_MASK)
1355# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
1356#  define IPV6_FLOWLABEL_MASK	0x000fffff	/* flow label (20 bits) */
1357# else
1358#  if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
1359#   define IPV6_FLOWLABEL_MASK	0xffff0f00	/* flow label (20 bits) */
1360#  endif /* LITTLE_ENDIAN */
1361# endif
1362#endif
1363
1364/*
1365 * ECN is a new addition to TCP - RFC 2481
1366 */
1367#ifndef TH_ECN
1368# define	TH_ECN	0x40
1369#endif
1370#ifndef TH_CWR
1371# define	TH_CWR	0x80
1372#endif
1373#define	TH_ECNALL	(TH_ECN|TH_CWR)
1374
1375/*
1376 * TCP States
1377 */
1378#define IPF_TCPS_LISTEN		0	/* listening for connection */
1379#define IPF_TCPS_SYN_SENT	1	/* active, have sent syn */
1380#define IPF_TCPS_SYN_RECEIVED	2	/* have send and received syn */
1381#define IPF_TCPS_HALF_ESTAB	3	/* for connections not fully "up" */
1382/* states < IPF_TCPS_ESTABLISHED are those where connections not established */
1383#define IPF_TCPS_ESTABLISHED	4	/* established */
1384#define IPF_TCPS_CLOSE_WAIT	5	/* rcvd fin, waiting for close */
1385/* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */
1386#define IPF_TCPS_FIN_WAIT_1	6	/* have closed, sent fin */
1387#define IPF_TCPS_CLOSING	7	/* closed xchd FIN; await FIN ACK */
1388#define IPF_TCPS_LAST_ACK	8	/* had fin and close; await FIN ACK */
1389/* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */
1390#define IPF_TCPS_FIN_WAIT_2	9	/* have closed, fin is acked */
1391#define IPF_TCPS_TIME_WAIT	10	/* in 2*msl quiet wait after close */
1392#define IPF_TCPS_CLOSED		11	/* closed */
1393#define IPF_TCP_NSTATES		12
1394
1395#define	TCP_MSL			120
1396
1397#undef	ICMP_MAX_UNREACH
1398#define	ICMP_MAX_UNREACH	14
1399#undef	ICMP_MAXTYPE
1400#define	ICMP_MAXTYPE		18
1401
1402#ifndef	IFNAMSIZ
1403#define	IFNAMSIZ		16
1404#endif
1405
1406#ifndef	LOG_FTP
1407# define	LOG_FTP		(11<<3)
1408#endif
1409#ifndef	LOG_AUTHPRIV
1410# define	LOG_AUTHPRIV	(10<<3)
1411#endif
1412#ifndef	LOG_AUDIT
1413# define	LOG_AUDIT	(13<<3)
1414#endif
1415#ifndef	LOG_NTP
1416# define	LOG_NTP		(12<<3)
1417#endif
1418#ifndef	LOG_SECURITY
1419# define	LOG_SECURITY	(13<<3)
1420#endif
1421#ifndef	LOG_LFMT
1422# define	LOG_LFMT	(14<<3)
1423#endif
1424#ifndef	LOG_CONSOLE
1425# define	LOG_CONSOLE	(14<<3)
1426#endif
1427
1428/*
1429 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data,
1430 * another IP header and then 64 bits of data, totalling 56.  Of course,
1431 * the last 64 bits is dependent on that being available.
1432 */
1433#define	ICMPERR_ICMPHLEN	8
1434#define	ICMPERR_IPICMPHLEN	(20 + 8)
1435#define	ICMPERR_MINPKTLEN	(20 + 8 + 20)
1436#define	ICMPERR_MAXPKTLEN	(20 + 8 + 20 + 8)
1437#define ICMP6ERR_MINPKTLEN	(40 + 8)
1438#define ICMP6ERR_IPICMPHLEN	(40 + 8 + 40)
1439
1440#ifndef MIN
1441# define	MIN(a,b)	(((a)<(b))?(a):(b))
1442#endif
1443
1444#ifdef RESCUE
1445# undef IPFILTER_BPF
1446#endif
1447
1448#ifdef IPF_DEBUG
1449# define	DPRINT(x)	printf x
1450#else
1451# define	DPRINT(x)
1452#endif
1453
1454#ifndef	AF_INET6
1455# define	AF_INET6	26
1456#endif
1457
1458#ifdef DTRACE_PROBE
1459# ifdef _KERNEL
1460#  define	DT(_n)			DTRACE_PROBE(_n)
1461#  define	DT1(_n,_a,_b)		DTRACE_PROBE1(_n,_a,_b)
1462#  define	DT2(_n,_a,_b,_c,_d)	DTRACE_PROBE2(_n,_a,_b,_c,_d)
1463#  define	DT3(_n,_a,_b,_c,_d,_e,_f)	\
1464					DTRACE_PROBE3(_n,_a,_b,_c,_d,_e,_f)
1465#  define	DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h) \
1466				DTRACE_PROBE4(_n,_a,_b,_c,_d,_e,_f,_g,_h)
1467# else
1468#  define	DT(_n)
1469#  define	DT1(_n,_a,_b)
1470#  define	DT2(_n,_a,_b,_c,_d)
1471#  define	DT3(_n,_a,_b,_c,_d,_e,_f)
1472#  define	DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h)
1473# endif
1474#else
1475# define	DT(_n)
1476# define	DT1(_n,_a,_b)
1477# define	DT2(_n,_a,_b,_c,_d)
1478# define	DT3(_n,_a,_b,_c,_d,_e,_f)
1479# define	DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h)
1480#endif
1481
1482struct ip6_routing {
1483	u_char	ip6r_nxt;	/* next header */
1484	u_char	ip6r_len;	/* length in units of 8 octets */
1485	u_char	ip6r_type;	/* always zero */
1486	u_char	ip6r_segleft;	/* segments left */
1487	u_32_t	ip6r_reserved;	/* reserved field */
1488};
1489
1490#endif	/* __IP_COMPAT_H__ */
1491