1/* $NetBSD: ip_compat.h,v 1.30 2011/11/28 08:05:05 tls Exp $ */ 2 3/* 4 * Copyright (C) 1993-2001, 2003 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * @(#)ip_compat.h 1.8 1/14/96 9 * Id: ip_compat.h,v 2.142.2.79 2010/01/31 16:22:54 darrenr Exp 10 */ 11 12#ifndef _NETINET_IP_COMPAT_H_ 13#define _NETINET_IP_COMPAT_H_ 14 15#ifndef __STDC__ 16# undef const 17# define const 18#endif 19 20#if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__) 21# undef KERNEL 22# undef _KERNEL 23# undef __KERNEL__ 24# define KERNEL 25# define _KERNEL 26# define __KERNEL__ 27#endif 28 29#ifndef SOLARIS 30#define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4))) 31#endif 32#if (defined(SOLARIS2) && (SOLARIS2 >= 8)) 33# ifndef USE_INET6 34# define USE_INET6 35# endif 36#endif 37#if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \ 38 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6) 39# define USE_INET6 40#endif 41#if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105000000) && \ 42 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6) 43# define USE_INET6 44#endif 45#if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106140000) && \ 46 defined(_KERNEL) && !defined(IPFILTER_LKM) 47# define IPFILTER_M_IPFILTER 48#endif 49#if defined(OpenBSD) && (OpenBSD >= 200206) && \ 50 !defined(_KERNEL) && !defined(USE_INET6) 51# define USE_INET6 52#endif 53#if defined(__osf__) 54# define USE_INET6 55#endif 56#if defined(linux) && (!defined(_KERNEL) || defined(CONFIG_IPV6)) 57# define USE_INET6 58#endif 59#if defined(HPUXREV) && (HPUXREV >= 1111) 60# define USE_INET6 61#endif 62 63#if defined(BSD) && (BSD < 199103) && defined(__osf__) 64# undef BSD 65# define BSD 199103 66#endif 67 68#if defined(__SVR4) || defined(__svr4__) || defined(__sgi) 69# define index strchr 70# if !defined(_KERNEL) 71# define bzero(a,b) memset(a,0,b) 72# define bcmp memcmp 73# define bcopy(a,b,c) memmove(b,a,c) 74# endif 75#endif 76 77#ifndef LIFNAMSIZ 78# ifdef IF_NAMESIZE 79# define LIFNAMSIZ IF_NAMESIZE 80# else 81# ifdef IFNAMSIZ 82# define LIFNAMSIZ IFNAMSIZ 83# else 84# define LIFNAMSIZ 16 85# endif 86# endif 87#endif 88 89#if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux) 90struct ether_addr { 91 u_char ether_addr_octet[6]; 92}; 93#endif 94 95#if defined(__sgi) && !defined(IPFILTER_LKM) 96# ifdef __STDC__ 97# define IPL_EXTERN(ep) ipfilter##ep 98# else 99# define IPL_EXTERN(ep) ipfilter/**/ep 100# endif 101#else 102# ifdef __STDC__ 103# define IPL_EXTERN(ep) ipl##ep 104# else 105# define IPL_EXTERN(ep) ipl/**/ep 106# endif 107#endif 108 109/* 110 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD. 111 */ 112#ifndef linux 113# ifndef _KERNEL 114# define ADD_KERNEL 115# define _KERNEL 116# define KERNEL 117# endif 118# ifdef __OpenBSD__ 119struct file; 120# endif 121# include <sys/uio.h> 122# ifdef ADD_KERNEL 123# undef _KERNEL 124# undef KERNEL 125# endif 126#endif 127 128 129/* ----------------------------------------------------------------------- */ 130/* S O L A R I S */ 131/* ----------------------------------------------------------------------- */ 132#if SOLARIS 133# define MENTAT 1 134# include <sys/cmn_err.h> 135# include <sys/isa_defs.h> 136# include <sys/stream.h> 137# include <sys/ioccom.h> 138# include <sys/sysmacros.h> 139# include <sys/kmem.h> 140# if SOLARIS2 >= 10 141# include <sys/procset.h> 142# include <sys/proc.h> 143# include <sys/devops.h> 144# include <sys/ddi_impldefs.h> 145# endif 146/* 147 * because Solaris 2 defines these in two places :-/ 148 */ 149# ifndef KERNEL 150# define _KERNEL 151# undef RES_INIT 152# endif /* _KERNEL */ 153 154# if SOLARIS2 >= 8 155# include <netinet/ip6.h> 156# include <netinet/icmp6.h> 157# endif 158 159# include <inet/common.h> 160/* These 5 are defined in <inet/ip.h> and <netinet/ip.h> */ 161# undef IPOPT_EOL 162# undef IPOPT_NOP 163# undef IPOPT_LSRR 164# undef IPOPT_RR 165# undef IPOPT_SSRR 166# ifdef i386 167# define _SYS_PROMIF_H 168# endif 169# ifndef _KERNEL 170# include "radix_ipf.h" 171# else 172# include "radix_ipf_local.h" 173# endif 174# include <inet/mib2.h> 175# include <inet/ip.h> 176# undef COPYOUT 177# if !defined(_SYS_NETI_H) 178# include <inet/ip_ire.h> 179# endif 180# ifndef KERNEL 181# undef _KERNEL 182# endif 183# if SOLARIS2 >= 8 184# define SNPRINTF snprintf 185 186# include <inet/ip_if.h> 187# define ipif_local_addr ipif_lcl_addr 188/* Only defined in private include file */ 189# ifndef V4_PART_OF_V6 190# define V4_PART_OF_V6(v6) v6.s6_addr32[3] 191# endif 192struct ip6_ext { 193 u_char ip6e_nxt; 194 u_char ip6e_len; 195}; 196# endif /* SOLARIS2 >= 8 */ 197 198# if SOLARIS2 >= 6 199# include <sys/atomic.h> 200typedef uint32_t u_32_t; 201# else 202typedef unsigned int u_32_t; 203# endif 204# define U_32_T 1 205# if SOLARIS2 >= 7 206# define U_QUAD_T uint64_t 207# define QUAD_T int64_t 208# endif 209 210# ifdef _KERNEL 211# define NEED_LOCAL_RAND 1 212# define ipf_random cprng_fast32 213# define KRWLOCK_T krwlock_t 214# define KMUTEX_T kmutex_t 215 216# if !defined(FW_HOOKS) 217# include "qif.h" 218# include "pfil.h" 219# else 220# include <sys/neti.h> 221 222extern net_handle_t ipfipv4; 223extern net_handle_t ipfipv6; 224 225 226typedef struct qpktinfo { 227 void *qpi_data; 228 mblk_t **qpi_mp; 229 mblk_t *qpi_m; 230 uintptr_t qpi_real; 231 int qpi_flags; 232 int qpi_num; 233 int qpi_off; 234} qpktinfo_t; 235# define QF_GROUP 0x01 236# endif 237 238# if SOLARIS2 >= 6 239# if SOLARIS2 == 6 240# define ATOMIC_INCL(x) atomic_add_long((uint32_t*)&(x), 1) 241# define ATOMIC_DECL(x) atomic_add_long((uint32_t*)&(x), -1) 242# else 243# define ATOMIC_INCL(x) atomic_add_long(&(x), 1) 244# define ATOMIC_DECL(x) atomic_add_long(&(x), -1) 245# endif /* SOLARIS2 == 6 */ 246# define ATOMIC_INC64(x) atomic_add_64((uint64_t*)&(x), 1) 247# define ATOMIC_INC32(x) atomic_add_32((uint32_t*)&(x), 1) 248# define ATOMIC_INC16(x) atomic_add_16((uint16_t*)&(x), 1) 249# define ATOMIC_DEC64(x) atomic_add_64((uint64_t*)&(x), -1) 250# define ATOMIC_DEC32(x) atomic_add_32((uint32_t*)&(x), -1) 251# define ATOMIC_DEC16(x) atomic_add_16((uint16_t*)&(x), -1) 252# else 253# define ATOMIC_INC(x) { mutex_enter(&ipf_rw); (x)++; \ 254 mutex_exit(&ipf_rw); } 255# define ATOMIC_DEC(x) { mutex_enter(&ipf_rw); (x)--; \ 256 mutex_exit(&ipf_rw); } 257# endif /* SOLARIS2 >= 6 */ 258# define USE_MUTEXES 259# define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk) 260# define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER) 261# define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER) 262# define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk) 263# define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk, (y), \ 264 RW_DRIVER, NULL) 265# define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk) 266# define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk) 267# define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, (y), \ 268 MUTEX_DRIVER, NULL) 269# define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk) 270# define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 271# define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk) 272# define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 273# define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 274# define BCOPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 275# define BCOPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 276# define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 277# define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 278# define KFREES(x,s) kmem_free((char *)(x), (s)) 279# define SPL_SCHED(x) ; 280# define SPL_NET(x) ; 281# define SPL_IMP(x) ; 282# undef SPL_X 283# define SPL_X(x) ; 284# ifdef sparc 285# define ntohs(x) (x) 286# define ntohl(x) (x) 287# define htons(x) (x) 288# define htonl(x) (x) 289# endif /* sparc */ 290# define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP) 291# define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP) 292# define GET_MINOR(x) getminor(x) 293extern void *get_unit(char *, int); 294# define GETIFP(n, v) get_unit(n, v) 295# if defined(_INET_IP_STACK_H) 296# define COPYIFNAME(v, x, b) \ 297 do { \ 298 if ((v) == 4) { \ 299 (void) net_getifname(ipfipv4,\ 300 (uintptr_t)x, b, \ 301 LIFNAMSIZ); \ 302 } else { \ 303 (void) net_getifname(ipfipv6,\ 304 (uintptr_t)x, b, \ 305 LIFNAMSIZ); \ 306 } \ 307 } while (0) 308# else 309# define FASTROUTE_RECURSION 1 310# define COPYIFNAME(v, x, b) \ 311 (void) strncpy(b, ((qif_t *)x)->qf_name, \ 312 LIFNAMSIZ) 313# endif 314# define GETKTIME(x) uniqtime((struct timeval *)x) 315# define MSGDSIZE(x) msgdsize(x) 316# define M_LEN(x) ((x)->b_wptr - (x)->b_rptr) 317# define M_DUPLICATE(x) dupmsg((x)) 318# define MTOD(m,t) ((t)((m)->b_rptr)) 319# define MTYPE(m) ((m)->b_datap->db_type) 320# define FREE_MB_T(m) freemsg(m) 321# define m_next b_cont 322# if !defined(_INET_IP_STACK_H) 323# define CACHE_HASH(x) (((qpktinfo_t *)(x)->fin_qpi)->qpi_num & 7) 324# else 325# define CACHE_HASH(x) ((uintptr_t)(x)->fin_ifp & 7) 326# endif 327# define IPF_PANIC(x,y) if (x) { printf y; cmn_err(CE_PANIC, "ipf_panic"); } 328typedef mblk_t mb_t; 329# endif /* _KERNEL */ 330 331# if (SOLARIS2 >= 7) 332# ifdef lint 333# define ALIGN32(ptr) (ptr ? 0L : 0L) 334# define ALIGN16(ptr) (ptr ? 0L : 0L) 335# else 336# define ALIGN32(ptr) (ptr) 337# define ALIGN16(ptr) (ptr) 338# endif 339# endif 340 341# if SOLARIS2 < 6 342typedef struct uio uio_t; 343# endif 344typedef int ioctlcmd_t; 345typedef uint8_t u_int8_t; 346 347# define OS_RECOGNISED 1 348 349#endif /* SOLARIS */ 350 351/* ----------------------------------------------------------------------- */ 352/* H P U X */ 353/* ----------------------------------------------------------------------- */ 354#ifdef __hpux 355# define MENTAT 1 356# include <sys/sysmacros.h> 357# include <sys/spinlock.h> 358# include <sys/lock.h> 359# include <sys/stream.h> 360# ifdef USE_INET6 361# include <netinet/if_ether.h> 362# include <netinet/ip6.h> 363# include <netinet/icmp6.h> 364typedef struct ip6_hdr ip6_t; 365# endif 366 367# ifdef _KERNEL 368# define FASTROUTE_RECURSION 1 369# define SNPRINTF sprintf 370# if (HPUXREV >= 1111) 371# define IPL_SELECT 372# ifdef IPL_SELECT 373# include <machine/sys/user.h> 374# include <sys/kthread_iface.h> 375# define READ_COLLISION 0x01 376 377typedef struct iplog_select_s { 378 kthread_t *read_waiter; 379 int state; 380} iplog_select_t; 381# endif 382# endif 383 384# define GETKTIME(x) uniqtime((struct timeval *)x) 385 386# if HPUXREV == 1111 387# include "kern_svcs.h" 388# else 389# include <sys/kern_svcs.h> 390# endif 391# undef ti_flags 392# undef TCP_NODELAY 393# undef TCP_MAXSEG 394# include <sys/reg.h> 395# include "../netinet/ip_info.h" 396/* 397 * According to /usr/include/sys/spinlock.h on HP-UX 11.00, these functions 398 * are available. Attempting to use them actually results in unresolved 399 * symbols when it comes time to load the module. 400 * This has been fixed! Yipee! 401 */ 402# if 1 403# ifdef __LP64__ 404# define ATOMIC_INCL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1) 405# define ATOMIC_DECL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1) 406# else 407# define ATOMIC_INCL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1) 408# define ATOMIC_DECL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1) 409# endif 410# define ATOMIC_INC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1) 411# define ATOMIC_INC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1) 412# define ATOMIC_INC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), 1) 413# define ATOMIC_DEC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1) 414# define ATOMIC_DEC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1) 415# define ATOMIC_DEC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), -1) 416# else /* 0 */ 417# define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 418 MUTEX_EXIT(&ipf_rw); } 419# define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 420 MUTEX_EXIT(&ipf_rw); } 421# define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 422 MUTEX_EXIT(&ipf_rw); } 423# define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 424 MUTEX_EXIT(&ipf_rw); } 425# define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 426 MUTEX_EXIT(&ipf_rw); } 427# define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 428 MUTEX_EXIT(&ipf_rw); } 429# define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 430 MUTEX_EXIT(&ipf_rw); } 431# define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 432 MUTEX_EXIT(&ipf_rw); } 433# endif 434# define ip_cksum ip_csuma 435# define memcpy(a,b,c) bcopy((void *)b, (void *)a, c) 436# define USE_MUTEXES 437# define MUTEX_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, (y)) 438# define MUTEX_ENTER(x) spinlock(&(x)->ipf_lk) 439# define MUTEX_EXIT(x) spinunlock(&(x)->ipf_lk); 440# define MUTEX_DESTROY(x) 441# define MUTEX_NUKE(x) bzero((char *)(x), sizeof(*(x))) 442# define KMUTEX_T lock_t 443# define kmutex_t lock_t /* for pfil.h */ 444# define krwlock_t lock_t /* for pfil.h */ 445/* 446 * The read-write lock implementation in HP-UX 11.0 is crippled - it can 447 * only be used by threads working in a user context! 448 * This has been fixed! Yipee! (Or at least it does in 11.00, not 11.11..) 449 */ 450# if HPUXREV < 1111 451# define MUTEX_DOWNGRADE(x) lock_write_to_read(x) 452# define KRWLOCK_T struct rw_lock 453# define READ_ENTER(x) lock_read(&(x)->ipf_lk) 454# define WRITE_ENTER(x) lock_write(&(x)->ipf_lk) 455# if HPUXREV >= 1111 456# define RWLOCK_INIT(x, y) rwlock_init4(&(x)->ipf_lk, 0, RWLCK_CANSLEEP, 0, y) 457# else 458# define RWLOCK_INIT(x, y) lock_init3(&(x)->ipf_lk, 0, 1, 0, 0, y) 459# endif 460# define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk) 461# else 462# define KRWLOCK_T lock_t 463# define KMUTEX_T lock_t 464# define READ_ENTER(x) MUTEX_ENTER(x) 465# define WRITE_ENTER(x) MUTEX_ENTER(x) 466# define MUTEX_DOWNGRADE(x) 467# define RWLOCK_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, y) 468# define RWLOCK_EXIT(x) MUTEX_EXIT(x) 469# endif 470# define RW_DESTROY(x) 471# define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 472# define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 473# define SPL_SCHED(x) ; 474# define SPL_NET(x) ; 475# define SPL_IMP(x) ; 476# undef SPL_X 477# define SPL_X(x) ; 478extern void *get_unit(char *, int); 479# define GETIFP(n, v) get_unit(n, v) 480# define COPYIFNAME(v, x, b) \ 481 (void) strncpy(b, ((qif_t *)x)->qf_name, \ 482 LIFNAMSIZ) 483# define UIOMOVE(a,b,c,d) uiomove((void *)a,b,c,d) 484# define SLEEP(id, n) { lock_t *_l = get_sleep_lock((void *)id); \ 485 sleep(id, PZERO+1); \ 486 spinunlock(_l); \ 487 } 488# define WAKEUP(id,x) { lock_t *_l = get_sleep_lock((void *)id); \ 489 wakeup(id + x); \ 490 spinunlock(_l); \ 491 } 492# define POLLWAKEUP(x) ; 493# define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_IOSYS, M_NOWAIT) 494# define KMALLOCS(a, b, c) (a) = (b)malloc((c), M_IOSYS, M_NOWAIT) 495# define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 496# define KFREES(x,s) kmem_free((char *)(x), (s)) 497# define MSGDSIZE(x) msgdsize(x) 498# define M_LEN(x) ((x)->b_wptr - (x)->b_rptr) 499# define M_DUPLICATE(x) dupmsg((x)) 500# define MTOD(m,t) ((t)((m)->b_rptr)) 501# define MTYPE(m) ((m)->b_datap->db_type) 502# define FREE_MB_T(m) freemsg(m) 503# define m_next b_cont 504# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 505typedef mblk_t mb_t; 506 507# define CACHE_HASH(x) (((qpktinfo_t *)(x)->fin_qpi)->qpi_num & 7) 508 509# include "qif.h" 510# include "pfil.h" 511 512# else /* _KERNEL */ 513 514typedef unsigned char uchar_t; 515 516# ifndef _SYS_STREAM_INCLUDED 517typedef char * mblk_t; 518typedef void *queue_t; 519typedef u_long ulong; 520# endif 521# include <netinet/ip_info.h> 522 523# endif /* _KERNEL */ 524 525# ifdef lint 526# define ALIGN32(ptr) (ptr ? 0L : 0L) 527# define ALIGN16(ptr) (ptr ? 0L : 0L) 528# else 529# define ALIGN32(ptr) (ptr) 530# define ALIGN16(ptr) (ptr) 531# endif 532 533typedef struct uio uio_t; 534typedef int ioctlcmd_t; 535typedef int minor_t; 536typedef unsigned int u_32_t; 537# define U_32_T 1 538 539# define OS_RECOGNISED 1 540 541#endif /* __hpux */ 542 543/* ----------------------------------------------------------------------- */ 544/* I R I X */ 545/* ----------------------------------------------------------------------- */ 546#ifdef __sgi 547# undef MENTAT 548# if IRIX < 60500 549typedef struct uio uio_t; 550# endif 551typedef int ioctlcmd_t; 552typedef u_int32_t u_32_t; 553# define U_32_T 1 554 555# ifdef INET6 556# define USE_INET6 557# endif 558 559# define hz HZ 560# include <sys/ksynch.h> 561# define IPF_LOCK_PL plhi 562# include <sys/sema.h> 563# undef kmutex_t 564typedef struct { 565 lock_t *l; 566 int pl; 567} kmutex_t; 568 569# ifdef MUTEX_INIT 570# define KMUTEX_T mutex_t 571# else 572# define KMUTEX_T kmutex_t 573# define KRWLOCK_T kmutex_t 574# endif 575 576# ifdef _KERNEL 577# define NEED_LOCAL_RAND 1 578#include <sys/cprng.h> 579# define ipf_random cprng_fast32 580# define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); \ 581 (x)++; MUTEX_EXIT(&ipf_rw); } 582# define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); \ 583 (x)--; MUTEX_EXIT(&ipf_rw); } 584# define USE_MUTEXES 585# ifdef MUTEX_INIT 586# include <sys/atomic_ops.h> 587# define ATOMIC_INCL(x) atomicAddUlong(&(x), 1) 588# define ATOMIC_INC64(x) atomicAddUint64(&(x), 1) 589# define ATOMIC_INC32(x) atomicAddUint(&(x), 1) 590# define ATOMIC_INC16 ATOMIC_INC 591# define ATOMIC_DECL(x) atomicAddUlong(&(x), -1) 592# define ATOMIC_DEC64(x) atomicAddUint64(&(x), -1) 593# define ATOMIC_DEC32(x) atomicAddUint(&(x), -1) 594# define ATOMIC_DEC16 ATOMIC_DEC 595# undef MUTEX_INIT 596# define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, \ 597 MUTEX_DEFAULT, y) 598# undef MUTEX_ENTER 599# define MUTEX_ENTER(x) mutex_lock(&(x)->ipf_lk, 0) 600# undef MUTEX_EXIT 601# define MUTEX_EXIT(x) mutex_unlock(&(x)->ipf_lk) 602# undef MUTEX_DESTROY 603# define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk) 604# define MUTEX_DOWNGRADE(x) mrdemote(&(x)->ipf_lk) 605# define KRWLOCK_T mrlock_t 606# define RWLOCK_INIT(x, y) mrinit(&(x)->ipf_lk, y) 607# undef RW_DESTROY 608# define RW_DESTROY(x) mrfree(&(x)->ipf_lk) 609# define READ_ENTER(x) RW_RDLOCK(&(x)->ipf_lk) 610# define WRITE_ENTER(x) RW_WRLOCK(&(x)->ipf_lk) 611# define RWLOCK_EXIT(x) RW_UNLOCK(&(x)->ipf_lk) 612# else 613# define READ_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk) 614# define WRITE_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk) 615# define MUTEX_DOWNGRADE(x) ; 616# define RWLOCK_EXIT(x) MUTEX_EXIT(&(x)->ipf_lk) 617# define MUTEX_EXIT(x) UNLOCK((x)->ipf_lk.l, (x)->ipf_lk.pl); 618# define MUTEX_INIT(x,y) (x)->ipf_lk.l = LOCK_ALLOC((uchar_t)-1, IPF_LOCK_PL, (lkinfo_t *)-1, KM_NOSLEEP) 619# define MUTEX_DESTROY(x) LOCK_DEALLOC((x)->ipf_lk.l) 620# define MUTEX_ENTER(x) (x)->ipf_lk.pl = LOCK((x)->ipf_lk.l, \ 621 IPF_LOCK_PL); 622# endif 623# define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 624# define FREE_MB_T(m) m_freem(m) 625# define MTOD(m,t) mtod(m,t) 626# define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 627# define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 628# define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 629# define SLEEP(id, n) sleep((id), PZERO+1) 630# define WAKEUP(id,x) wakeup(id+x) 631# define POLLWAKEUP(x) ; 632# define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 633# define KFREES(x,s) kmem_free((char *)(x), (s)) 634# define GETIFP(n,v) ifunit(n) 635# include <sys/kmem.h> 636# include <sys/ddi.h> 637# define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP) 638# define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP) 639# define GET_MINOR(x) getminor(x) 640# define USE_SPL 1 641# define SPL_IMP(x) (x) = splimp() 642# define SPL_NET(x) (x) = splnet() 643# define SPL_SCHED(x) (x) = splsched() 644# define SPL_X(x) (void) splx(x) 645extern void m_copydata(struct mbuf *, int, int, void *); 646extern void m_copyback(struct mbuf *, int, int, void *); 647# define MSGDSIZE(x) mbufchainlen(x) 648# define M_LEN(x) (x)->m_len 649# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 650# define GETKTIME(x) microtime((struct timeval *)x) 651# define IFNAME(x) ((struct ifnet *)x)->if_name 652# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 653 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 654# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 655typedef struct mbuf mb_t; 656# else 657# undef RW_DESTROY 658# undef MUTEX_INIT 659# undef MUTEX_DESTROY 660# endif /* _KERNEL */ 661 662# define OS_RECOGNISED 1 663 664#endif /* __sgi */ 665 666/* ----------------------------------------------------------------------- */ 667/* T R U 6 4 */ 668/* ----------------------------------------------------------------------- */ 669#ifdef __osf__ 670# undef MENTAT 671 672# include <kern/lock.h> 673# include <sys/sysmacros.h> 674 675# ifdef _KERNEL 676# define NEED_LOCAL_RAND 1 677# define ipf_random arc4random 678# define KMUTEX_T simple_lock_data_t 679# define KRWLOCK_T lock_data_t 680# include <net/net_globals.h> 681# define USE_MUTEXES 682# define READ_ENTER(x) lock_read(&(x)->ipf_lk) 683# define WRITE_ENTER(x) lock_write(&(x)->ipf_lk) 684# define MUTEX_DOWNGRADE(x) lock_write_to_read(&(x)->ipf_lk) 685# define RWLOCK_INIT(x, y) lock_init(&(x)->ipf_lk, TRUE) 686# define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk) 687# define RW_DESTROY(x) lock_terminate(&(x)->ipf_lk) 688# define MUTEX_ENTER(x) simple_lock(&(x)->ipf_lk) 689# define MUTEX_INIT(x, y) simple_lock_init(&(x)->ipf_lk) 690# define MUTEX_DESTROY(x) simple_lock_terminate(&(x)->ipf_lk) 691# define MUTEX_EXIT(x) simple_unlock(&(x)->ipf_lk) 692# define MUTEX_NUKE(x) bzero(x, sizeof(*(x))) 693# define ATOMIC_INC64(x) atomic_incq((uint64_t*)&(x)) 694# define ATOMIC_DEC64(x) atomic_decq((uint64_t*)&(x)) 695# define ATOMIC_INC32(x) atomic_incl((uint32_t*)&(x)) 696# define ATOMIC_DEC32(x) atomic_decl((uint32_t*)&(x)) 697# define ATOMIC_INC16(x) { simple_lock(&ipf_rw.ipf_lk); (x)++; \ 698 simple_unlock(&ipf_rw.ipf_lk); } 699# define ATOMIC_DEC16(x) { simple_lock(&ipf_rw.ipf_lk); (x)--; \ 700 simple_unlock(&ipf_rw.ipf_lk); } 701# define ATOMIC_INCL(x) atomic_incl((uint32_t*)&(x)) 702# define ATOMIC_DECL(x) atomic_decl((uint32_t*)&(x)) 703# define ATOMIC_INC(x) { simple_lock(&ipf_rw.ipf_lk); (x)++; \ 704 simple_unlock(&ipf_rw.ipf_lk); } 705# define ATOMIC_DEC(x) { simple_lock(&ipf_rw.ipf_lk); (x)--; \ 706 simple_unlock(&ipf_rw.ipf_lk); } 707# define SPL_SCHED(x) ; 708# define SPL_NET(x) ; 709# define SPL_IMP(x) ; 710# undef SPL_X 711# define SPL_X(x) ; 712# define UIOMOVE(a,b,c,d) uiomove((void *)a, b, d) 713# define FREE_MB_T(m) m_freem(m) 714# define MTOD(m,t) mtod(m,t) 715# define GETIFP(n, v) ifunit(n) 716# define GET_MINOR getminor 717# define WAKEUP(id,x) wakeup(id + x) 718# define POLLWAKEUP(x) ; 719# define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 720# define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 721# define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_PFILT, M_NOWAIT) 722# define KMALLOCS(a, b, c) (a) = (b)malloc((c), M_PFILT, \ 723 ((c) > 4096) ? M_WAITOK : M_NOWAIT) 724# define KFREE(x) FREE((x), M_PFILT) 725# define KFREES(x,s) FREE((x), M_PFILT) 726# define MSGDSIZE(x) mbufchainlen(x) 727# define M_LEN(x) (x)->m_len 728# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 729# define GETKTIME(x) microtime((struct timeval *)x) 730# define IFNAME(x) ((struct ifnet *)x)->if_name 731# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 732 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 733# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 734typedef struct mbuf mb_t; 735# endif /* _KERNEL */ 736 737# if (defined(_KERNEL) || defined(_NO_BITFIELDS) || (__STDC__ == 1)) 738# define IP_V(x) ((x)->ip_vhl >> 4) 739# define IP_HL(x) ((x)->ip_vhl & 0xf) 740# define IP_V_A(x,y) (x)->ip_vhl |= (((y) << 4) & 0xf0) 741# define IP_HL_A(x,y) (x)->ip_vhl |= ((y) & 0xf) 742# define TCP_X2(x) ((x)->th_xoff & 0xf) 743# define TCP_X2_A(x,y) (x)->th_xoff |= ((y) & 0xf) 744# define TCP_OFF(x) ((x)->th_xoff >> 4) 745# define TCP_OFF_A(x,y) (x)->th_xoff |= (((y) << 4) & 0xf0) 746# endif 747 748/* 749 * These are from's Solaris' #defines for little endian. 750 */ 751#define IP6F_MORE_FRAG 0x0100 752#define IP6F_RESERVED_MASK 0x0600 753#define IP6F_OFF_MASK 0xf8ff 754 755struct ip6_ext { 756 u_char ip6e_nxt; 757 u_char ip6e_len; 758}; 759 760typedef int ioctlcmd_t; 761/* 762 * Really, any arch where sizeof(long) != sizeof(int). 763 */ 764typedef unsigned int u_32_t; 765# define U_32_T 1 766 767# define OS_RECOGNISED 1 768#endif /* __osf__ */ 769 770/* ----------------------------------------------------------------------- */ 771/* N E T B S D */ 772/* ----------------------------------------------------------------------- */ 773#ifdef __NetBSD__ 774# if (NetBSD >= 199905) && !defined(IPFILTER_LKM) && defined(_KERNEL) 775# if (__NetBSD_Version__ < 399001400) 776# include "opt_ipfilter_log.h" 777# else 778# include "opt_ipfilter.h" 779# endif 780# endif 781# if defined(_KERNEL) 782# include <sys/systm.h> 783# else 784# include <stddef.h> 785# endif 786# if defined(_KERNEL) && !defined(IPFILTER_LKM) 787# if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 599002300) 788# define NBPFILTER 1 789# else 790# include "bpfilter.h" 791# endif 792# if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000) 793# include "opt_inet.h" 794# endif 795# ifdef INET6 796# define USE_INET6 797# endif 798# if (__NetBSD_Version__ >= 105000000) 799# define HAVE_M_PULLDOWN 1 800# endif 801# endif 802 803#ifndef _KERNEL 804# define ipf_random arc4random 805#endif 806 807# if (__NetBSD_Version__ >= 499000000) 808# ifdef _KERNEL 809# include <sys/rwlock.h> 810# define USE_MUTEXES 1 811# define KMUTEX_T kmutex_t 812# define KRWLOCK_T krwlock_t 813# define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk) 814# define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk) 815# define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk) 816# define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk) 817# define MUTEX_INIT(x,y) mutex_init(&(x)->ipf_lk, MUTEX_DRIVER,\ 818 IPL_SOFTNET) 819# define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 820# define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER) 821# define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk) 822# define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk) 823# define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk) 824# define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER) 825# define SPL_SCHED(x) ; 826# define SPL_NET(x) ; 827# define SPL_IMP(x) ; 828# define SPL_X(x) ; 829# endif 830# endif 831 832# ifdef _KERNEL 833# include <sys/cprng.h> 834# define ipf_random cprng_fast32 835# if (__NetBSD_Version__ >= 399001400) 836# define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT) 837# endif 838# define MSGDSIZE(x) mbufchainlen(x) 839# define M_LEN(x) (x)->m_len 840# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 841# define GETKTIME(x) microtime((struct timeval *)x) 842# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 843# define COPYIN(a,b,c) copyin((void *)(a), (void *)(b), (c)) 844# define COPYOUT(a,b,c) copyout((void *)(a), (void *)(b), (c)) 845# define BCOPYIN(a,b,c) (bcopy((void *)(a), (void *)(b), (c)), 0) 846# define BCOPYOUT(a,b,c) (bcopy((void *)(a), (void *)(b), (c)), 0) 847# if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 499005500)) 848# define POLLWAKEUP(x) selnotify(ipfselwait+x, 0, 0) 849# endif 850typedef struct mbuf mb_t; 851# endif /* _KERNEL */ 852# if (NetBSD <= 1991011) && (NetBSD >= 199606) 853# define IFNAME(x) ((struct ifnet *)x)->if_xname 854# define COPYIFNAME(v, x, b) \ 855 (void) strncpy(b, \ 856 ((struct ifnet *)x)->if_xname, \ 857 LIFNAMSIZ) 858# define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7) 859# else 860# define IFNAME(x) ((struct ifnet *)x)->if_name 861# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 862 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 863# endif 864typedef struct uio uio_t; 865typedef u_long ioctlcmd_t; 866typedef int minor_t; 867typedef u_int32_t u_32_t; 868# define U_32_T 1 869 870# define OS_RECOGNISED 1 871#endif /* __NetBSD__ */ 872 873 874/* ----------------------------------------------------------------------- */ 875/* F R E E B S D */ 876/* ----------------------------------------------------------------------- */ 877#ifdef __FreeBSD__ 878# if (__FreeBSD_version < 400000) 879# define NEED_LOCAL_RAND 1 880# endif 881# if defined(_KERNEL) 882# if (__FreeBSD_version >= 500000) 883# include "opt_bpf.h" 884# endif 885# if defined(__FreeBSD_version) && (__FreeBSD_version >= 500000) 886# include "opt_inet6.h" 887# endif 888# if defined(INET6) && !defined(USE_INET6) 889# define USE_INET6 890# endif 891# endif 892 893# if defined(_KERNEL) 894# if (__FreeBSD_version >= 500024) 895# if (__FreeBSD_version >= 500043) 896# define p_cred td_ucred 897# define p_uid td_ucred->cr_ruid 898# else 899# define p_cred t_proc->p_cred 900# define p_uid t_proc->p_cred->p_ruid 901# endif 902# else 903# define p_uid p_cred->p_ruid 904# endif /* __FreeBSD_version >= 500024 */ 905 906# if (__FreeBSD_version >= 400000) 907# define ipf_random arc4random 908/* 909 * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy. 910 * There may be other, safe, kernels but this is not extensively tested yet. 911 */ 912# define HAVE_M_PULLDOWN 913# endif 914# if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000) 915# include "opt_ipfilter.h" 916# endif 917# define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 918# define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 919 920# if (__FreeBSD_version >= 500043) 921# define NETBSD_PF 922# endif 923# endif /* _KERNEL */ 924 925# if (__FreeBSD_version >= 500043) 926# include <sys/mutex.h> 927# if (__FreeBSD_version > 700014) 928# include <sys/rwlock.h> 929# define KRWLOCK_T struct rwlock 930# ifdef _KERNEL 931# define READ_ENTER(x) rw_rlock(&(x)->ipf_lk) 932# define WRITE_ENTER(x) rw_wlock(&(x)->ipf_lk) 933# define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk) 934# define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk, (y)) 935# define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk) 936# define RWLOCK_EXIT(x) do { \ 937 if (rw_wowned(&(x)->ipf_lk)) \ 938 rw_wunlock(&(x)->ipf_lk); \ 939 else \ 940 rw_runlock(&(x)->ipf_lk); \ 941 } while (0) 942# endif 943# else 944# include <sys/sx.h> 945/* 946 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface 947 * for what we want to use them for, despite testing showing they work - 948 * with a WITNESS kernel, it generates LOR messages. 949 */ 950# ifdef _KERNEL 951# if (__FreeBSD_version < 700000) 952# define KRWLOCK_T struct mtx 953# define READ_ENTER(x) mtx_lock(&(x)->ipf_lk) 954# define WRITE_ENTER(x) mtx_lock(&(x)->ipf_lk) 955# define RWLOCK_EXIT(x) mtx_unlock(&(x)->ipf_lk) 956# define MUTEX_DOWNGRADE(x) ; 957# define RWLOCK_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\ 958 MTX_DEF) 959# define RW_DESTROY(x) mtx_destroy(&(x)->ipf_lk) 960# else 961# define KRWLOCK_T struct sx 962# define READ_ENTER(x) sx_slock(&(x)->ipf_lk) 963# define WRITE_ENTER(x) sx_xlock(&(x)->ipf_lk) 964# define MUTEX_DOWNGRADE(x) sx_downgrade(&(x)->ipf_lk) 965# define RWLOCK_INIT(x, y) sx_init(&(x)->ipf_lk, (y)) 966# define RW_DESTROY(x) sx_destroy(&(x)->ipf_lk) 967# ifdef sx_unlock 968# define RWLOCK_EXIT(x) sx_unlock(&(x)->ipf_lk) 969# else 970# define RWLOCK_EXIT(x) do { \ 971 if ((x)->ipf_lk.sx_cnt < 0) \ 972 sx_xunlock(&(x)->ipf_lk); \ 973 else \ 974 sx_sunlock(&(x)->ipf_lk); \ 975 } while (0) 976# endif 977# endif 978# endif 979# endif 980# define KMUTEX_T struct mtx 981# endif 982 983# if (__FreeBSD_version >= 501113) 984# include <net/if_var.h> 985# define IFNAME(x) ((struct ifnet *)x)->if_xname 986# define COPYIFNAME(v, x, b) \ 987 (void) strncpy(b, \ 988 ((struct ifnet *)x)->if_xname, \ 989 LIFNAMSIZ) 990# endif 991# if (__FreeBSD_version >= 500043) 992# define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index) & 7) 993# else 994# define IFNAME(x) ((struct ifnet *)x)->if_name 995# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 996 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 997# endif 998 999# ifdef _KERNEL 1000# define GETKTIME(x) microtime((struct timeval *)x) 1001 1002# if (__FreeBSD_version >= 500002) 1003# include <netinet/in_systm.h> 1004# include <netinet/ip.h> 1005# include <machine/in_cksum.h> 1006# endif 1007 1008# if (__FreeBSD_version >= 500043) 1009# define USE_MUTEXES 1010# define MUTEX_ENTER(x) mtx_lock(&(x)->ipf_lk) 1011# define MUTEX_EXIT(x) mtx_unlock(&(x)->ipf_lk) 1012# define MUTEX_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\ 1013 MTX_DEF) 1014# define MUTEX_DESTROY(x) mtx_destroy(&(x)->ipf_lk) 1015# define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 1016# include <machine/atomic.h> 1017# define ATOMIC_INC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)++; \ 1018 mtx_unlock(&ipf_rw.ipf_lk); } 1019# define ATOMIC_DEC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)--; \ 1020 mtx_unlock(&ipf_rw.ipf_lk); } 1021# define ATOMIC_INCL(x) atomic_add_long(&(x), 1) 1022# define ATOMIC_INC64(x) ATOMIC_INC(x) 1023# define ATOMIC_INC32(x) atomic_add_32((u_int *)&(x), 1) 1024# define ATOMIC_INC16(x) atomic_add_16(&(x), 1) 1025# define ATOMIC_DECL(x) atomic_add_long(&(x), -1) 1026# define ATOMIC_DEC64(x) ATOMIC_DEC(x) 1027# define ATOMIC_DEC32(x) atomic_add_32((u_int *)&(x), -1) 1028# define ATOMIC_DEC16(x) atomic_add_16(&(x), -1) 1029# define SPL_X(x) ; 1030# define SPL_NET(x) ; 1031# define SPL_IMP(x) ; 1032# define SPL_SCHED(x) ; 1033extern int in_cksum(struct mbuf *, int); 1034# else 1035# define SPL_SCHED(x) x = splhigh() 1036# endif /* __FreeBSD_version >= 500043 */ 1037# if (__FreeBSD_version >= 500024) 1038# define GET_MINOR dev2unit 1039# endif 1040# define MSGDSIZE(x) mbufchainlen(x) 1041# define M_LEN(x) (x)->m_len 1042# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1043# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 1044typedef struct mbuf mb_t; 1045# endif /* _KERNEL */ 1046 1047# if __FreeBSD__ < 3 1048# include <machine/spl.h> 1049# else 1050# if __FreeBSD__ == 3 1051# if defined(IPFILTER_LKM) && !defined(ACTUALLY_LKM_NOT_KERNEL) 1052# define ACTUALLY_LKM_NOT_KERNEL 1053# endif 1054# endif 1055# endif 1056 1057# if (__FreeBSD_version >= 300000) 1058typedef u_long ioctlcmd_t; 1059# else 1060typedef int ioctlcmd_t; 1061# endif 1062typedef struct uio uio_t; 1063typedef int minor_t; 1064typedef u_int32_t u_32_t; 1065# define U_32_T 1 1066 1067# define OS_RECOGNISED 1 1068#endif /* __FreeBSD__ */ 1069 1070 1071/* ----------------------------------------------------------------------- */ 1072/* O P E N B S D */ 1073/* ----------------------------------------------------------------------- */ 1074#ifdef __OpenBSD__ 1075# ifdef INET6 1076# define USE_INET6 1077# endif 1078 1079# ifdef _KERNEL 1080# if !defined(IPFILTER_LKM) 1081# include "bpfilter.h" 1082# endif 1083# if (OpenBSD >= 200311) 1084# define SNPRINTF snprintf 1085# if defined(USE_INET6) 1086# include "netinet6/in6_var.h" 1087# include "netinet6/nd6.h" 1088# endif 1089# endif 1090# if (OpenBSD >= 200012) 1091# define HAVE_M_PULLDOWN 1 1092# endif 1093# define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 1094# define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 1095# define GETKTIME(x) microtime((struct timeval *)x) 1096# define MSGDSIZE(x) mbufchainlen(x) 1097# define M_LEN(x) (x)->m_len 1098# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1099# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 1100typedef struct mbuf mb_t; 1101# endif /* _KERNEL */ 1102# if (OpenBSD >= 199603) 1103# define IFNAME(x, b) ((struct ifnet *)x)->if_xname 1104# define COPYIFNAME(v, x, b) \ 1105 (void) strncpy(b, \ 1106 ((struct ifnet *)x)->if_xname, \ 1107 LIFNAMSIZ) 1108# define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7) 1109# else 1110# define IFNAME(x, b) ((struct ifnet *)x)->if_name 1111# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1112 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1113# endif 1114 1115typedef struct uio uio_t; 1116typedef u_long ioctlcmd_t; 1117typedef int minor_t; 1118typedef u_int32_t u_32_t; 1119# define U_32_T 1 1120 1121# define OS_RECOGNISED 1 1122#endif /* __OpenBSD__ */ 1123 1124 1125/* ----------------------------------------------------------------------- */ 1126/* B S D O S */ 1127/* ----------------------------------------------------------------------- */ 1128#ifdef _BSDI_VERSION 1129# ifdef INET6 1130# define USE_INET6 1131# endif 1132 1133# ifdef _KERNEL 1134# define GETKTIME(x) microtime((struct timeval *)x) 1135# define MSGDSIZE(x) mbufchainlen(x) 1136# define M_LEN(x) (x)->m_len 1137# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1138# define IFNAME(x, b) ((struct ifnet *)x)->if_name 1139# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1140 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1141typedef struct mbuf mb_t; 1142# endif /* _KERNEL */ 1143 1144# if (_BSDI_VERSION >= 199701) 1145typedef u_long ioctlcmd_t; 1146# else 1147typedef int ioctlcmd_t; 1148# endif 1149typedef u_int32_t u_32_t; 1150# define U_32_T 1 1151 1152#endif /* _BSDI_VERSION */ 1153 1154 1155/* ----------------------------------------------------------------------- */ 1156/* S U N O S 4 */ 1157/* ----------------------------------------------------------------------- */ 1158#if defined(sun) && !defined(OS_RECOGNISED) /* SunOS4 */ 1159# ifdef _KERNEL 1160# include <sys/kmem_alloc.h> 1161# define GETKTIME(x) uniqtime((struct timeval *)x) 1162# define MSGDSIZE(x) mbufchainlen(x) 1163# define M_LEN(x) (x)->m_len 1164# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1165# define IFNAME(x, b) ((struct ifnet *)x)->if_name 1166# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1167 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1168# define GETIFP(n, v) ifunit(n, IFNAMSIZ) 1169# define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 1170# define KFREES(x,s) kmem_free((char *)(x), (s)) 1171# define SLEEP(id, n) sleep((id), PZERO+1) 1172# define WAKEUP(id,x) wakeup(id + x) 1173# define POLLWAKEUP(x) ; 1174# define UIOMOVE(a,b,c,d) uiomove((void *)a,b,c,d) 1175# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 1176 1177extern void m_copydata(struct mbuf *, int, int, void *); 1178extern void m_copyback(struct mbuf *, int, int, void *); 1179 1180typedef struct mbuf mb_t; 1181# endif 1182 1183typedef struct uio uio_t; 1184typedef int ioctlcmd_t; 1185typedef int minor_t; 1186typedef unsigned int u_32_t; 1187# define U_32_T 1 1188 1189# define OS_RECOGNISED 1 1190 1191#endif /* SunOS 4 */ 1192 1193/* ----------------------------------------------------------------------- */ 1194/* L I N U X */ 1195/* ----------------------------------------------------------------------- */ 1196#if defined(linux) && !defined(OS_RECOGNISED) 1197 1198# include <linux/version.h> 1199# if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,10) 1200# include <linux/config.h> 1201# endif 1202 1203# if (LINUX >= 20600) && defined(_KERNEL) 1204# define HDR_T_PRIVATE 1 1205# endif 1206# undef USE_INET6 1207# ifdef USE_INET6 1208struct ip6_ext { 1209 u_char ip6e_nxt; 1210 u_char ip6e_len; 1211}; 1212# endif 1213 1214# ifdef _KERNEL 1215# include <asm/byteorder.h> 1216# ifdef __LITTLE_ENDIAN 1217# define LITTLE_ENDIAN 1 1218# define BIG_ENDIAN 0 1219# define BYTE_ORDER LITTLE_ENDIAN 1220# else 1221# define LITTLE_ENDIAN 0 1222# define BIG_ENDIAN 1 1223# define BYTE_ORDER BIG_ENDIAN 1224# endif 1225# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 1226# define COPYIN(a,b,c) copy_from_user((caddr_t)(b), (caddr_t)(a), (c)) 1227# define COPYOUT(a,b,c) copy_to_user((caddr_t)(b), (caddr_t)(a), (c)) 1228# define FREE_MB_T(m) kfree_skb(m) 1229# define GETKTIME(x) do_gettimeofday((struct timeval *)x) 1230# define POLLWAKEUP(x) ; 1231# ifdef wait_event_interruptible 1232# define SLEEP(x,s) wait_event_interruptible((*(x##_linux)), 0) 1233# else 1234# define SLEEP(x,s) 0, interruptible_sleep_on(x##_linux) 1235# endif 1236# define WAKEUP(x,y) wake_up(x##_linux + y) 1237# define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 1238# define USE_MUTEXES 1239# define KRWLOCK_T rwlock_t 1240# define KMUTEX_T spinlock_t 1241# define MUTEX_INIT(x,y) spin_lock_init(&(x)->ipf_lk) 1242# define MUTEX_ENTER(x) spin_lock_bh(&(x)->ipf_lk) 1243# define MUTEX_EXIT(x) spin_unlock_bh(&(x)->ipf_lk) 1244# define MUTEX_DESTROY(x) do { } while (0) 1245# define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk)) 1246# define READ_ENTER(x) ipf_read_enter(x) 1247# define WRITE_ENTER(x) ipf_write_enter(x) 1248# define RWLOCK_INIT(x,y) ipf_rw_init(x, y) 1249# define RW_DESTROY(x) do { } while (0) 1250# define RWLOCK_EXIT(x) ipf_rw_exit(x) 1251# define MUTEX_DOWNGRADE(x) ipf_rw_downgrade(x) 1252# define ATOMIC_INCL(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1253 MUTEX_EXIT(&ipf_rw) 1254# define ATOMIC_DECL(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1255 MUTEX_EXIT(&ipf_rw) 1256# define ATOMIC_INC64(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1257 MUTEX_EXIT(&ipf_rw) 1258# define ATOMIC_INC32(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1259 MUTEX_EXIT(&ipf_rw) 1260# define ATOMIC_INC16(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1261 MUTEX_EXIT(&ipf_rw) 1262# define ATOMIC_DEC64(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1263 MUTEX_EXIT(&ipf_rw) 1264# define ATOMIC_DEC32(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1265 MUTEX_EXIT(&ipf_rw) 1266# define ATOMIC_DEC16(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1267 MUTEX_EXIT(&ipf_rw) 1268# define SPL_SCHED(x) do { } while (0) 1269# define SPL_IMP(x) do { } while (0) 1270# define SPL_NET(x) do { } while (0) 1271# define SPL_X(x) do { } while (0) 1272# define IFNAME(x) ((struct net_device*)x)->name 1273# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1274 ((struct net_device *)fin->fin_ifp)->ifindex) & 7) 1275typedef struct sk_buff mb_t; 1276extern void m_copydata(mb_t *, int, int, void *); 1277extern void m_copyback(mb_t *, int, int, void *); 1278extern void m_adj(mb_t *, int); 1279extern mb_t *m_pullup(mb_t *, int); 1280# define mbuf sk_buff 1281 1282# define mtod(m, t) ((t)(m)->data) 1283# define m_adj(m, x) skb_trim((m), (m)->len + (x)) 1284# define m_data data 1285# define m_len len 1286# define m_next next 1287# define M_DUPLICATE(m) skb_clone((m), in_interrupt() ? GFP_ATOMIC : \ 1288 GFP_KERNEL) 1289# define MSGDSIZE(m) (m)->len 1290# define M_LEN(m) (m)->len 1291 1292# define splnet(x) ; 1293# define printf printk 1294# define bcopy(s,d,z) memmove(d, s, z) 1295# define bzero(s,z) memset(s, 0, z) 1296# define bcmp(a,b,z) memcmp(a, b, z) 1297# if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) 1298# define ipf_random random32 1299# define arc4random random32 1300# else 1301# include <linux/random.h> 1302# define ipf_random get_random_int 1303# define arc4random get_random_int 1304# endif 1305 1306# define ifnet net_device 1307# define if_xname name 1308# define if_unit ifindex 1309 1310# define KMALLOC(x,t) (x) = (t)kmalloc(sizeof(*(x)), \ 1311 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL) 1312# define KFREE(x) kfree(x) 1313# define KMALLOCS(x,t,s) (x) = (t)kmalloc((s), \ 1314 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL) 1315# define KFREES(x,s) kfree(x) 1316 1317# if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) 1318# define f_uid f_owner.uid 1319# define GETIFP(n,v) dev_get_by_name(&init_net,n) 1320# else 1321# define GETIFP(n,v) dev_get_by_name(n) 1322# endif 1323# else 1324# include <net/ethernet.h> 1325 1326struct mbuf { 1327}; 1328 1329# ifndef _NET_ROUTE_H 1330struct rtentry { 1331}; 1332# endif 1333 1334struct ifnet { 1335 char if_xname[IFNAMSIZ]; 1336 int if_unit; 1337 int (* if_output)(struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *); 1338 struct ifaddr *if_addrlist; 1339}; 1340# define IFNAME(x) ((struct ifnet *)x)->if_xname 1341 1342# endif /* _KERNEL */ 1343 1344# define COPYIFNAME(v, x, b) \ 1345 (void) strncpy(b, \ 1346 ((struct ifnet *)x)->if_xname, \ 1347 LIFNAMSIZ) 1348 1349# include <linux/fs.h> 1350# define FWRITE FMODE_WRITE 1351# define FREAD FMODE_READ 1352 1353# define __USE_MISC 1 1354# define __FAVOR_BSD 1 1355 1356typedef struct uio { 1357 struct iovec *uio_iov; 1358 void *uio_file; 1359 char *uio_buf; 1360 int uio_iovcnt; 1361 int uio_offset; 1362 size_t uio_resid; 1363 int uio_rw; 1364} uio_t; 1365 1366extern int uiomove(void *, size_t, int, struct uio *); 1367 1368# define UIO_READ 1 1369# define UIO_WRITE 2 1370 1371# if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)) && !defined(_KERNEL) 1372typedef int fmode_t; 1373# endif 1374 1375typedef u_long ioctlcmd_t; 1376typedef int minor_t; 1377typedef u_int32_t u_32_t; 1378# define U_32_T 1 1379 1380# define OS_RECOGNISED 1 1381 1382#endif 1383 1384 1385/* ----------------------------------------------------------------------- */ 1386/* A I X */ 1387/* ----------------------------------------------------------------------- */ 1388#if defined(_AIX51) 1389# undef MENTAT 1390 1391# include <sys/lock.h> 1392# include <sys/sysmacros.h> 1393 1394# ifdef _KERNEL 1395# define rw_read_locked(x) 0 1396# include <net/net_globals.h> 1397# include <net/net_malloc.h> 1398# define KMUTEX_T simple_lock_t 1399# define KRWLOCK_T complex_lock_t 1400# define USE_MUTEXES 1 1401# define USE_SPL 1 1402# define READ_ENTER(x) lock_read((x)->ipf_lk) 1403# define WRITE_ENTER(x) lock_write((x)->ipf_lk) 1404# define MUTEX_DOWNGRADE(x) lock_write_to_read((x)->ipf_lk) 1405# define RWLOCK_INIT(x, y) lock_alloc(&(x)->ipf_lk, \ 1406 LOCK_ALLOC_PIN, \ 1407 (u_short)y, 0); \ 1408 lock_init((x)->ipf_lk, TRUE) 1409# define RWLOCK_EXIT(x) lock_done((x)->ipf_lk) 1410# define RW_DESTROY(x) lock_free(&(x)->ipf_lk) 1411# define MUTEX_ENTER(x) simple_lock((x)->ipf_lk) 1412# define MUTEX_INIT(x, y) lock_alloc(&(x)->ipf_lk, \ 1413 LOCK_ALLOC_PIN, \ 1414 (u_short)y, 0); \ 1415 simple_lock_init((x)->ipf_lk) 1416# define MUTEX_DESTROY(x) lock_free(&(x)->ipf_lk) 1417# define MUTEX_EXIT(x) simple_unlock((x)->ipf_lk) 1418# define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk)) 1419# define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1420 MUTEX_EXIT(&ipf_rw); } 1421# define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1422 MUTEX_EXIT(&ipf_rw); } 1423# define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1424 MUTEX_EXIT(&ipf_rw); } 1425# define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1426 MUTEX_EXIT(&ipf_rw); } 1427# define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1428 MUTEX_EXIT(&ipf_rw); } 1429# define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1430 MUTEX_EXIT(&ipf_rw); } 1431# define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1432 MUTEX_EXIT(&ipf_rw); } 1433# define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1434 MUTEX_EXIT(&ipf_rw); } 1435# define SPL_SCHED(x) x = splsched() 1436# define SPL_NET(x) x = splnet() 1437# define SPL_IMP(x) x = splimp() 1438# undef SPL_X 1439# define SPL_X(x) splx(x) 1440# define UIOMOVE(a,b,c,d) uiomove((void *)a,b,c,d) 1441extern void* getifp(char *, int); 1442# define GETIFP(n, v) getifp(n, v) 1443# define GET_MINOR minor 1444# define SLEEP(id, n) sleepx((id), PZERO+1, 0) 1445# define WAKEUP(id,x) wakeup(id) 1446# define POLLWAKEUP(x) ; 1447# define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 1448# define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 1449# define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_TEMP, M_NOWAIT) 1450# define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_TEMP, \ 1451 ((c) > 4096) ? M_WAITOK : M_NOWAIT) 1452# define KFREE(x) FREE((x), M_TEMP) 1453# define KFREES(x,s) FREE((x), M_TEMP) 1454# define MSGDSIZE(x) mbufchainlen(x) 1455# define M_LEN(x) (x)->m_len 1456# define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1457# define GETKTIME(x) 1458# define IFNAME(x, b) ((struct ifnet *)x)->if_name 1459# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1460 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1461# define IPF_PANIC(x,y) 1462typedef struct mbuf mb_t; 1463# endif /* _KERNEL */ 1464 1465/* 1466 * These are from's Solaris' #defines for little endian. 1467 */ 1468#if !defined(IP6F_MORE_FRAG) 1469# define IP6F_MORE_FRAG 0x0100 1470#endif 1471#if !defined(IP6F_RESERVED_MASK) 1472# define IP6F_RESERVED_MASK 0x0600 1473#endif 1474#if !defined(IP6F_OFF_MASK) 1475# define IP6F_OFF_MASK 0xf8ff 1476#endif 1477 1478struct ip6_ext { 1479 u_char ip6e_nxt; 1480 u_char ip6e_len; 1481}; 1482 1483typedef int ioctlcmd_t; 1484typedef int minor_t; 1485/* 1486 * Really, any arch where sizeof(long) != sizeof(int). 1487 */ 1488typedef unsigned int u_32_t; 1489# define U_32_T 1 1490 1491# define OS_RECOGNISED 1 1492#endif /* _AIX51 */ 1493 1494 1495#ifndef OS_RECOGNISED 1496#error ip_compat.h does not recognise this platform/OS. 1497#endif 1498 1499 1500/* ----------------------------------------------------------------------- */ 1501/* G E N E R I C */ 1502/* ----------------------------------------------------------------------- */ 1503#ifndef OS_RECOGNISED 1504#endif 1505 1506/* 1507 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in 1508 * filter rules. 1509 */ 1510#if !defined(IPFILTER_BPF) 1511# if (defined(NBPF) && (NBPF > 0)) || (defined(DEV_BPF) && (DEV_BPF > 0)) || \ 1512 (defined(NBPFILTER) && (NBPFILTER > 0)) 1513# define IPFILTER_BPF 1514# endif 1515#endif 1516 1517/* 1518 * Userland locking primitives 1519 */ 1520typedef struct { 1521 char *eMm_owner; 1522 char *eMm_heldin; 1523 u_int eMm_magic; 1524 int eMm_held; 1525 int eMm_heldat; 1526#if defined(__hpux) || defined(__linux) 1527 char eMm_fill[8]; 1528#endif 1529} eMmutex_t; 1530 1531typedef struct { 1532 char *eMrw_owner; 1533 char *eMrw_heldin; 1534 u_int eMrw_magic; 1535 short eMrw_read; 1536 short eMrw_write; 1537 int eMrw_heldat; 1538#ifdef __hpux 1539 char eMm_fill[24]; 1540#endif 1541} eMrwlock_t; 1542 1543typedef union { 1544#ifdef KMUTEX_T 1545 struct { 1546 KMUTEX_T ipf_slk; 1547 const char *ipf_lname; 1548 } ipf_lkun_s; 1549#endif 1550 eMmutex_t ipf_emu; 1551} ipfmutex_t; 1552 1553typedef union { 1554#ifdef KRWLOCK_T 1555 struct { 1556 KRWLOCK_T ipf_slk; 1557 const char *ipf_lname; 1558 int ipf_sr; 1559 int ipf_sw; 1560 u_int ipf_magic; 1561 } ipf_lkun_s; 1562#endif 1563 eMrwlock_t ipf_emu; 1564} ipfrwlock_t; 1565 1566#define ipf_lk ipf_lkun_s.ipf_slk 1567#define ipf_lname ipf_lkun_s.ipf_lname 1568#define ipf_isr ipf_lkun_s.ipf_sr 1569#define ipf_isw ipf_lkun_s.ipf_sw 1570#define ipf_magic ipf_lkun_s.ipf_magic 1571 1572#if !defined(__GNUC__) || \ 1573 (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000)) 1574# ifndef INLINE 1575# define INLINE 1576# endif 1577#else 1578# define INLINE __inline__ 1579#endif 1580 1581#ifndef EXTERN_INLINE 1582# if defined(__GNUC__) && !defined(__GNUC_STDC_INLINE__) 1583# define EXTERN_INLINE inline 1584# else 1585# define EXTERN_INLINE extern inline 1586# endif 1587#endif 1588 1589#if defined(linux) && defined(_KERNEL) 1590extern void ipf_read_enter(ipfrwlock_t *); 1591extern void ipf_write_enter(ipfrwlock_t *); 1592extern void ipf_rw_exit(ipfrwlock_t *); 1593extern void ipf_rw_init(ipfrwlock_t *, char *); 1594extern void ipf_rw_downgrade(ipfrwlock_t *); 1595#endif 1596 1597/* 1598 * In a non-kernel environment, there are a lot of macros that need to be 1599 * filled in to be null-ops or to point to some compatibility function, 1600 * somewhere in userland. 1601 */ 1602#ifndef _KERNEL 1603typedef struct mb_s { 1604 struct mb_s *mb_next; 1605 int mb_len; 1606 u_long mb_buf[2048]; 1607} mb_t; 1608# undef m_next 1609# define m_next mb_next 1610# define MSGDSIZE(x) (x)->mb_len /* XXX - from ipt.c */ 1611# define M_LEN(x) (x)->mb_len 1612# define M_DUPLICATE(x) (x) 1613# define GETKTIME(x) gettimeofday((struct timeval *)(x), NULL) 1614# undef MTOD 1615# define MTOD(m, t) ((t)(m)->mb_buf) 1616# define FREE_MB_T(x) 1617# define SLEEP(x,y) 1; 1618# define WAKEUP(x,y) ; 1619# define POLLWAKEUP(y) ; 1620# define IPF_PANIC(x,y) ; 1621# define PANIC(x,y) ; 1622# define SPL_SCHED(x) ; 1623# define SPL_NET(x) ; 1624# define SPL_IMP(x) ; 1625# define SPL_X(x) ; 1626# define KMALLOC(a,b) (a) = (b)malloc(sizeof(*a)) 1627# define KMALLOCS(a,b,c) (a) = (b)malloc(c) 1628# define KFREE(x) free(x) 1629# define KFREES(x,s) free(x) 1630# define GETIFP(x, v) get_unit(x,v) 1631# define COPYIN(a,b,c) bcopywrap((a), (b), (c)) 1632# define COPYOUT(a,b,c) bcopywrap((a), (b), (c)) 1633# define COPYDATA(m, o, l, b) bcopy(MTOD((mb_t *)m, char *) + (o), \ 1634 (b), (l)) 1635# define COPYBACK(m, o, l, b) bcopy((b), \ 1636 MTOD((mb_t *)m, char *) + (o), \ 1637 (l)) 1638# define UIOMOVE(a,b,c,d) ipfuiomove(a,b,c,d) 1639extern void m_copydata(mb_t *, int, int, void *); 1640extern int ipfuiomove(void *, int, int, struct uio *); 1641extern int bcopywrap(void *, void *, size_t); 1642# ifndef CACHE_HASH 1643# define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1644 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1645# endif 1646 1647# define MUTEX_DESTROY(x) eMmutex_destroy(&(x)->ipf_emu) 1648# define MUTEX_ENTER(x) eMmutex_enter(&(x)->ipf_emu, \ 1649 __FILE__, __LINE__) 1650# define MUTEX_EXIT(x) eMmutex_exit(&(x)->ipf_emu) 1651# define MUTEX_INIT(x,y) eMmutex_init(&(x)->ipf_emu, y) 1652# define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 1653 1654# define MUTEX_DOWNGRADE(x) eMrwlock_downgrade(&(x)->ipf_emu, \ 1655 __FILE__, __LINE__) 1656# define READ_ENTER(x) eMrwlock_read_enter(&(x)->ipf_emu, \ 1657 __FILE__, __LINE__) 1658# define RWLOCK_INIT(x, y) eMrwlock_init(&(x)->ipf_emu, y) 1659# define RWLOCK_EXIT(x) eMrwlock_exit(&(x)->ipf_emu) 1660# define RW_DESTROY(x) eMrwlock_destroy(&(x)->ipf_emu) 1661# define WRITE_ENTER(x) eMrwlock_write_enter(&(x)->ipf_emu, \ 1662 __FILE__, \ 1663 __LINE__) 1664 1665# define USE_MUTEXES 1 1666 1667extern void eMmutex_destroy(eMmutex_t *); 1668extern void eMmutex_enter(eMmutex_t *, char *, int); 1669extern void eMmutex_exit(eMmutex_t *); 1670extern void eMmutex_init(eMmutex_t *, char *); 1671extern void eMrwlock_destroy(eMrwlock_t *); 1672extern void eMrwlock_exit(eMrwlock_t *); 1673extern void eMrwlock_init(eMrwlock_t *, char *); 1674extern void eMrwlock_read_enter(eMrwlock_t *, char *, int); 1675extern void eMrwlock_write_enter(eMrwlock_t *, char *, int); 1676extern void eMrwlock_downgrade(eMrwlock_t *, char *, int); 1677 1678#endif 1679 1680#define MAX_IPV4HDR ((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8) 1681 1682#ifndef IP_OFFMASK 1683# define IP_OFFMASK 0x1fff 1684#endif 1685 1686 1687/* 1688 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized 1689 * object. 1690 */ 1691#if !defined(__amd64__) && defined(BSD) && (BSD > 199306) 1692# define USE_QUAD_T 1693# define U_QUAD_T u_quad_t 1694# define QUAD_T quad_t 1695#else /* BSD > 199306 */ 1696# if !defined(U_QUAD_T) 1697# define U_QUAD_T u_long 1698# define QUAD_T long 1699# endif 1700#endif /* BSD > 199306 */ 1701 1702 1703#ifdef USE_INET6 1704# if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \ 1705 defined(__osf__) || defined(linux) 1706# include <netinet/ip6.h> 1707# include <netinet/icmp6.h> 1708# if !defined(linux) 1709# if defined(_KERNEL) && !defined(__osf__) 1710# include <netinet6/ip6_var.h> 1711# endif 1712# endif 1713typedef struct ip6_hdr ip6_t; 1714# endif 1715#endif 1716 1717#ifndef MAX 1718# define MAX(a,b) (((a) > (b)) ? (a) : (b)) 1719#endif 1720 1721#if defined(_KERNEL) 1722# ifdef BSD 1723# include <sys/selinfo.h> 1724extern struct selinfo ipfselwait[]; 1725# endif 1726# ifdef MENTAT 1727# define COPYDATA mb_copydata 1728# define COPYBACK mb_copyback 1729# else 1730# define COPYDATA m_copydata 1731# define COPYBACK m_copyback 1732# endif 1733# if (defined(BSD) && (BSD >= 199306)) || defined(__FreeBSD__) 1734# if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \ 1735 defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \ 1736 defined(_BSDI_VERSION) 1737# include <vm/vm.h> 1738# endif 1739# if !defined(__FreeBSD__) || (defined (__FreeBSD_version) && \ 1740 (__FreeBSD_version >= 300000)) 1741# if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105180000)) || \ 1742 (defined(OpenBSD) && (OpenBSD >= 200111)) 1743/* # include <uvm/uvm_extern.h> */ 1744# else 1745# include <vm/vm_extern.h> 1746extern vm_map_t kmem_map; 1747# endif 1748# include <sys/proc.h> 1749# else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */ 1750# include <vm/vm_kern.h> 1751# endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */ 1752 1753# ifdef IPFILTER_M_IPFILTER 1754# include <sys/malloc.h> 1755MALLOC_DECLARE(M_IPFILTER); 1756# define _M_IPF M_IPFILTER 1757# else /* IPFILTER_M_IPFILTER */ 1758# ifdef M_PFIL 1759# define _M_IPF M_PFIL 1760# else 1761# ifdef M_IPFILTER 1762# define _M_IPF M_IPFILTER 1763# else 1764# define _M_IPF M_TEMP 1765# endif /* M_IPFILTER */ 1766# endif /* M_PFIL */ 1767# endif /* IPFILTER_M_IPFILTER */ 1768# define KMALLOC(a, b) (a) = (b)malloc(sizeof(*(a)), _M_IPF, M_NOWAIT) 1769# define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT) 1770# define KFREE(x) free((x), _M_IPF) 1771# define KFREES(x,s) free((x), _M_IPF) 1772# define UIOMOVE(a,b,c,d) uiomove((void *)a,b,d) 1773# define SLEEP(id, n) tsleep((id), PPAUSE|PCATCH, n, 0) 1774# define WAKEUP(id,x) wakeup(id+x) 1775# if !defined(POLLWAKEUP) 1776# define POLLWAKEUP(x) selwakeup(ipfselwait+x) 1777# endif 1778# define GETIFP(n, v) ifunit(n) 1779# endif /* (Free)BSD */ 1780 1781# if !defined(USE_MUTEXES) && !defined(SPL_NET) 1782# if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199407)) || \ 1783 (defined(OpenBSD) && (OpenBSD >= 200006)) 1784# define SPL_NET(x) x = splsoftnet() 1785# else 1786# define SPL_IMP(x) x = splimp() 1787# define SPL_NET(x) x = splnet() 1788# endif /* NetBSD && (NetBSD <= 1991011) && (NetBSD >= 199407) */ 1789# if !defined(SPL_SCHED) 1790# define SPL_SCHED(x) x = splsched() 1791# endif 1792# define SPL_X(x) (void) splx(x) 1793# endif /* !USE_MUTEXES */ 1794 1795# ifndef FREE_MB_T 1796# define FREE_MB_T(m) m_freem(m) 1797# endif 1798 1799# ifndef MTOD 1800# define MTOD(m,t) mtod(m,t) 1801# endif 1802 1803# ifndef COPYIN 1804# define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1805# define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1806# endif 1807 1808# ifndef KMALLOC 1809# define KMALLOC(a,b) (a) = (b)new_kmem_alloc(sizeof(*(a)), \ 1810 KMEM_NOSLEEP) 1811# define KMALLOCS(a,b,c) (a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP) 1812# endif 1813 1814# ifndef GET_MINOR 1815# define GET_MINOR(x) minor(x) 1816# endif 1817# define PANIC(x,y) if (x) panic y 1818#endif /* _KERNEL */ 1819 1820#if !defined(IFNAME) && !defined(_KERNEL) 1821# define IFNAME(x) ((struct ifnet *)x)->if_name 1822#endif 1823#ifndef COPYIFNAME 1824# define NEED_FRGETIFNAME 1825extern char *fr_getifname(struct ifnet *, char *); 1826# define COPYIFNAME(v, x, b) \ 1827 fr_getifname((struct ifnet *)x, b) 1828#endif 1829 1830#ifndef ASSERT 1831# ifdef _KERNEL 1832# define ASSERT(x) 1833# else 1834# define ASSERT(x) do { if (!(x)) abort(); } while (0) 1835# endif 1836#endif 1837 1838#ifndef BCOPYIN 1839# define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1840# define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1841#endif 1842 1843/* 1844 * Because the ctype(3) posix definition, if used "safely" in code everywhere, 1845 * would mean all normal code that walks through strings needed casts. Yuck. 1846 */ 1847#define ISALNUM(x) isalnum((u_char)(x)) 1848#define ISALPHA(x) isalpha((u_char)(x)) 1849#define ISASCII(x) isascii((u_char)(x)) 1850#define ISDIGIT(x) isdigit((u_char)(x)) 1851#define ISPRINT(x) isprint((u_char)(x)) 1852#define ISSPACE(x) isspace((u_char)(x)) 1853#define ISUPPER(x) isupper((u_char)(x)) 1854#define ISXDIGIT(x) isxdigit((u_char)(x)) 1855#define ISLOWER(x) islower((u_char)(x)) 1856#define TOUPPER(x) toupper((u_char)(x)) 1857#define TOLOWER(x) tolower((u_char)(x)) 1858 1859/* 1860 * If mutexes aren't being used, turn all the mutex functions into null-ops. 1861 */ 1862#if !defined(USE_MUTEXES) 1863# define USE_SPL 1 1864# undef RW_DESTROY 1865# undef MUTEX_INIT 1866# undef MUTEX_NUKE 1867# undef MUTEX_DESTROY 1868# define MUTEX_ENTER(x) ; 1869# define READ_ENTER(x) ; 1870# define WRITE_ENTER(x) ; 1871# define MUTEX_DOWNGRADE(x) ; 1872# define RWLOCK_INIT(x, y) ; 1873# define RWLOCK_EXIT(x) ; 1874# define RW_DESTROY(x) ; 1875# define MUTEX_EXIT(x) ; 1876# define MUTEX_INIT(x,y) ; 1877# define MUTEX_DESTROY(x) ; 1878# define MUTEX_NUKE(x) ; 1879#endif /* !USE_MUTEXES */ 1880#ifndef ATOMIC_INC 1881# define ATOMIC_INC(x) (x)++ 1882# define ATOMIC_DEC(x) (x)-- 1883#endif 1884 1885#if defined(USE_SPL) && defined(_KERNEL) 1886# define SPL_INT(x) int x 1887#else 1888# define SPL_INT(x) 1889#endif 1890 1891/* 1892 * If there are no atomic operations for bit sizes defined, define them to all 1893 * use a generic one that works for all sizes. 1894 */ 1895#ifndef ATOMIC_INCL 1896# define ATOMIC_INCL ATOMIC_INC 1897# define ATOMIC_INC64 ATOMIC_INC 1898# define ATOMIC_INC32 ATOMIC_INC 1899# define ATOMIC_INC16 ATOMIC_INC 1900# define ATOMIC_DECL ATOMIC_DEC 1901# define ATOMIC_DEC64 ATOMIC_DEC 1902# define ATOMIC_DEC32 ATOMIC_DEC 1903# define ATOMIC_DEC16 ATOMIC_DEC 1904#endif 1905 1906#ifndef HDR_T_PRIVATE 1907typedef struct tcphdr tcphdr_t; 1908typedef struct udphdr udphdr_t; 1909#endif 1910typedef struct icmp icmphdr_t; 1911typedef struct ip ip_t; 1912typedef struct ether_header ether_header_t; 1913typedef struct tcpiphdr tcpiphdr_t; 1914 1915#ifndef FR_GROUPLEN 1916# define FR_GROUPLEN 16 1917#endif 1918 1919/* 1920 * This set of macros has been brought about because on Tru64 it is not 1921 * possible to easily assign or examine values in a structure that are 1922 * bit fields. 1923 */ 1924#ifndef IP_V 1925# define IP_V(x) (x)->ip_v 1926#endif 1927#ifndef IP_V_A 1928# define IP_V_A(x,y) (x)->ip_v = (y) 1929#endif 1930#ifndef IP_HL 1931# define IP_HL(x) (x)->ip_hl 1932#endif 1933#ifndef IP_HL_A 1934# define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf) 1935#endif 1936#ifndef TCP_X2 1937# define TCP_X2(x) (x)->th_x2 1938#endif 1939#ifndef TCP_X2_A 1940# define TCP_X2_A(x,y) (x)->th_x2 = (y) 1941#endif 1942#ifndef TCP_OFF 1943# define TCP_OFF(x) (x)->th_off 1944#endif 1945#ifndef TCP_OFF_A 1946# define TCP_OFF_A(x,y) (x)->th_off = (y) 1947#endif 1948#define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h))) 1949 1950 1951/* 1952 * XXX - This is one of those *awful* hacks which nobody likes 1953 */ 1954#ifdef ultrix 1955#define A_A 1956#else 1957#define A_A & 1958#endif 1959 1960#define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\ 1961 TH_ECN|TH_CWR) 1962 1963#if (defined(BSD) && (BSD >= 199306)) && !defined(m_act) 1964# define m_act m_nextpkt 1965#endif 1966 1967/* 1968 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108. 1969 * 1970 * Basic Option 1971 * 1972 * 00000001 - (Reserved 4) 1973 * 00111101 - Top Secret 1974 * 01011010 - Secret 1975 * 10010110 - Confidential 1976 * 01100110 - (Reserved 3) 1977 * 11001100 - (Reserved 2) 1978 * 10101011 - Unclassified 1979 * 11110001 - (Reserved 1) 1980 */ 1981#define IPSO_CLASS_RES4 0x01 1982#define IPSO_CLASS_TOPS 0x3d 1983#define IPSO_CLASS_SECR 0x5a 1984#define IPSO_CLASS_CONF 0x96 1985#define IPSO_CLASS_RES3 0x66 1986#define IPSO_CLASS_RES2 0xcc 1987#define IPSO_CLASS_UNCL 0xab 1988#define IPSO_CLASS_RES1 0xf1 1989 1990#define IPSO_AUTH_GENSER 0x80 1991#define IPSO_AUTH_ESI 0x40 1992#define IPSO_AUTH_SCI 0x20 1993#define IPSO_AUTH_NSA 0x10 1994#define IPSO_AUTH_DOE 0x08 1995#define IPSO_AUTH_UN 0x06 1996#define IPSO_AUTH_FTE 0x01 1997 1998/* 1999 * IP option #defines 2000 */ 2001#undef IPOPT_RR 2002#define IPOPT_RR 7 2003#undef IPOPT_ZSU 2004#define IPOPT_ZSU 10 /* ZSU */ 2005#undef IPOPT_MTUP 2006#define IPOPT_MTUP 11 /* MTUP */ 2007#undef IPOPT_MTUR 2008#define IPOPT_MTUR 12 /* MTUR */ 2009#undef IPOPT_ENCODE 2010#define IPOPT_ENCODE 15 /* ENCODE */ 2011#undef IPOPT_TS 2012#define IPOPT_TS 68 2013#undef IPOPT_TR 2014#define IPOPT_TR 82 /* TR */ 2015#undef IPOPT_SECURITY 2016#define IPOPT_SECURITY 130 2017#undef IPOPT_LSRR 2018#define IPOPT_LSRR 131 2019#undef IPOPT_E_SEC 2020#define IPOPT_E_SEC 133 /* E-SEC */ 2021#undef IPOPT_CIPSO 2022#define IPOPT_CIPSO 134 /* CIPSO */ 2023#undef IPOPT_SATID 2024#define IPOPT_SATID 136 2025#ifndef IPOPT_SID 2026# define IPOPT_SID IPOPT_SATID 2027#endif 2028#undef IPOPT_SSRR 2029#define IPOPT_SSRR 137 2030#undef IPOPT_ADDEXT 2031#define IPOPT_ADDEXT 147 /* ADDEXT */ 2032#undef IPOPT_VISA 2033#define IPOPT_VISA 142 /* VISA */ 2034#undef IPOPT_IMITD 2035#define IPOPT_IMITD 144 /* IMITD */ 2036#undef IPOPT_EIP 2037#define IPOPT_EIP 145 /* EIP */ 2038#undef IPOPT_RTRALRT 2039#define IPOPT_RTRALRT 148 /* RTRALRT */ 2040#undef IPOPT_SDB 2041#define IPOPT_SDB 149 2042#undef IPOPT_NSAPA 2043#define IPOPT_NSAPA 150 2044#undef IPOPT_DPS 2045#define IPOPT_DPS 151 2046#undef IPOPT_UMP 2047#define IPOPT_UMP 152 2048#undef IPOPT_FINN 2049#define IPOPT_FINN 205 /* FINN */ 2050 2051#ifndef TCPOPT_EOL 2052# define TCPOPT_EOL 0 2053#endif 2054#ifndef TCPOPT_NOP 2055# define TCPOPT_NOP 1 2056#endif 2057#ifndef TCPOPT_MAXSEG 2058# define TCPOPT_MAXSEG 2 2059#endif 2060#ifndef TCPOLEN_MAXSEG 2061# define TCPOLEN_MAXSEG 4 2062#endif 2063#ifndef TCPOPT_WINDOW 2064# define TCPOPT_WINDOW 3 2065#endif 2066#ifndef TCPOLEN_WINDOW 2067# define TCPOLEN_WINDOW 3 2068#endif 2069#ifndef TCPOPT_SACK_PERMITTED 2070# define TCPOPT_SACK_PERMITTED 4 2071#endif 2072#ifndef TCPOLEN_SACK_PERMITTED 2073# define TCPOLEN_SACK_PERMITTED 2 2074#endif 2075#ifndef TCPOPT_SACK 2076# define TCPOPT_SACK 5 2077#endif 2078#ifndef TCPOPT_TIMESTAMP 2079# define TCPOPT_TIMESTAMP 8 2080#endif 2081 2082#ifndef ICMP_MINLEN 2083# define ICMP_MINLEN 8 2084#endif 2085#ifndef ICMP_ECHOREPLY 2086# define ICMP_ECHOREPLY 0 2087#endif 2088#ifndef ICMP_UNREACH 2089# define ICMP_UNREACH 3 2090#endif 2091#ifndef ICMP_UNREACH_NET 2092# define ICMP_UNREACH_NET 0 2093#endif 2094#ifndef ICMP_UNREACH_HOST 2095# define ICMP_UNREACH_HOST 1 2096#endif 2097#ifndef ICMP_UNREACH_PROTOCOL 2098# define ICMP_UNREACH_PROTOCOL 2 2099#endif 2100#ifndef ICMP_UNREACH_PORT 2101# define ICMP_UNREACH_PORT 3 2102#endif 2103#ifndef ICMP_UNREACH_NEEDFRAG 2104# define ICMP_UNREACH_NEEDFRAG 4 2105#endif 2106#ifndef ICMP_UNREACH_SRCFAIL 2107# define ICMP_UNREACH_SRCFAIL 5 2108#endif 2109#ifndef ICMP_UNREACH_NET_UNKNOWN 2110# define ICMP_UNREACH_NET_UNKNOWN 6 2111#endif 2112#ifndef ICMP_UNREACH_HOST_UNKNOWN 2113# define ICMP_UNREACH_HOST_UNKNOWN 7 2114#endif 2115#ifndef ICMP_UNREACH_ISOLATED 2116# define ICMP_UNREACH_ISOLATED 8 2117#endif 2118#ifndef ICMP_UNREACH_NET_PROHIB 2119# define ICMP_UNREACH_NET_PROHIB 9 2120#endif 2121#ifndef ICMP_UNREACH_HOST_PROHIB 2122# define ICMP_UNREACH_HOST_PROHIB 10 2123#endif 2124#ifndef ICMP_UNREACH_TOSNET 2125# define ICMP_UNREACH_TOSNET 11 2126#endif 2127#ifndef ICMP_UNREACH_TOSHOST 2128# define ICMP_UNREACH_TOSHOST 12 2129#endif 2130#ifndef ICMP_UNREACH_ADMIN_PROHIBIT 2131# define ICMP_UNREACH_ADMIN_PROHIBIT 13 2132#endif 2133#ifndef ICMP_UNREACH_FILTER 2134# define ICMP_UNREACH_FILTER 13 2135#endif 2136#ifndef ICMP_UNREACH_HOST_PRECEDENCE 2137# define ICMP_UNREACH_HOST_PRECEDENCE 14 2138#endif 2139#ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 2140# define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 2141#endif 2142#ifndef ICMP_SOURCEQUENCH 2143# define ICMP_SOURCEQUENCH 4 2144#endif 2145#ifndef ICMP_REDIRECT_NET 2146# define ICMP_REDIRECT_NET 0 2147#endif 2148#ifndef ICMP_REDIRECT_HOST 2149# define ICMP_REDIRECT_HOST 1 2150#endif 2151#ifndef ICMP_REDIRECT_TOSNET 2152# define ICMP_REDIRECT_TOSNET 2 2153#endif 2154#ifndef ICMP_REDIRECT_TOSHOST 2155# define ICMP_REDIRECT_TOSHOST 3 2156#endif 2157#ifndef ICMP_ALTHOSTADDR 2158# define ICMP_ALTHOSTADDR 6 2159#endif 2160#ifndef ICMP_TIMXCEED 2161# define ICMP_TIMXCEED 11 2162#endif 2163#ifndef ICMP_TIMXCEED_INTRANS 2164# define ICMP_TIMXCEED_INTRANS 0 2165#endif 2166#ifndef ICMP_TIMXCEED_REASS 2167# define ICMP_TIMXCEED_REASS 1 2168#endif 2169#ifndef ICMP_PARAMPROB 2170# define ICMP_PARAMPROB 12 2171#endif 2172#ifndef ICMP_PARAMPROB_ERRATPTR 2173# define ICMP_PARAMPROB_ERRATPTR 0 2174#endif 2175#ifndef ICMP_PARAMPROB_OPTABSENT 2176# define ICMP_PARAMPROB_OPTABSENT 1 2177#endif 2178#ifndef ICMP_PARAMPROB_LENGTH 2179# define ICMP_PARAMPROB_LENGTH 2 2180#endif 2181#ifndef ICMP_TSTAMP 2182# define ICMP_TSTAMP 13 2183#endif 2184#ifndef ICMP_TSTAMPREPLY 2185# define ICMP_TSTAMPREPLY 14 2186#endif 2187#ifndef ICMP_IREQ 2188# define ICMP_IREQ 15 2189#endif 2190#ifndef ICMP_IREQREPLY 2191# define ICMP_IREQREPLY 16 2192#endif 2193#ifndef ICMP_MASKREQ 2194# define ICMP_MASKREQ 17 2195#endif 2196#ifndef ICMP_MASKREPLY 2197# define ICMP_MASKREPLY 18 2198#endif 2199#ifndef ICMP_TRACEROUTE 2200# define ICMP_TRACEROUTE 30 2201#endif 2202#ifndef ICMP_DATACONVERR 2203# define ICMP_DATACONVERR 31 2204#endif 2205#ifndef ICMP_MOBILE_REDIRECT 2206# define ICMP_MOBILE_REDIRECT 32 2207#endif 2208#ifndef ICMP_IPV6_WHEREAREYOU 2209# define ICMP_IPV6_WHEREAREYOU 33 2210#endif 2211#ifndef ICMP_IPV6_IAMHERE 2212# define ICMP_IPV6_IAMHERE 34 2213#endif 2214#ifndef ICMP_MOBILE_REGREQUEST 2215# define ICMP_MOBILE_REGREQUEST 35 2216#endif 2217#ifndef ICMP_MOBILE_REGREPLY 2218# define ICMP_MOBILE_REGREPLY 36 2219#endif 2220#ifndef ICMP_SKIP 2221# define ICMP_SKIP 39 2222#endif 2223#ifndef ICMP_PHOTURIS 2224# define ICMP_PHOTURIS 40 2225#endif 2226#ifndef ICMP_PHOTURIS_UNKNOWN_INDEX 2227# define ICMP_PHOTURIS_UNKNOWN_INDEX 1 2228#endif 2229#ifndef ICMP_PHOTURIS_AUTH_FAILED 2230# define ICMP_PHOTURIS_AUTH_FAILED 2 2231#endif 2232#ifndef ICMP_PHOTURIS_DECRYPT_FAILED 2233# define ICMP_PHOTURIS_DECRYPT_FAILED 3 2234#endif 2235#ifndef IPVERSION 2236# define IPVERSION 4 2237#endif 2238#ifndef IPOPT_MINOFF 2239# define IPOPT_MINOFF 4 2240#endif 2241#ifndef IPOPT_COPIED 2242# define IPOPT_COPIED(x) ((x)&0x80) 2243#endif 2244#ifndef IPOPT_EOL 2245# define IPOPT_EOL 0 2246#endif 2247#ifndef IPOPT_NOP 2248# define IPOPT_NOP 1 2249#endif 2250#ifndef IP_MF 2251# define IP_MF ((u_short)0x2000) 2252#endif 2253#ifndef ETHERTYPE_IP 2254# define ETHERTYPE_IP ((u_short)0x0800) 2255#endif 2256#ifndef TH_FIN 2257# define TH_FIN 0x01 2258#endif 2259#ifndef TH_SYN 2260# define TH_SYN 0x02 2261#endif 2262#ifndef TH_RST 2263# define TH_RST 0x04 2264#endif 2265#ifndef TH_PUSH 2266# define TH_PUSH 0x08 2267#endif 2268#ifndef TH_ACK 2269# define TH_ACK 0x10 2270#endif 2271#ifndef TH_URG 2272# define TH_URG 0x20 2273#endif 2274#undef TH_ACKMASK 2275#define TH_ACKMASK (TH_FIN|TH_SYN|TH_RST|TH_ACK) 2276 2277#ifndef IPOPT_EOL 2278# define IPOPT_EOL 0 2279#endif 2280#ifndef IPOPT_NOP 2281# define IPOPT_NOP 1 2282#endif 2283#ifndef IPOPT_RR 2284# define IPOPT_RR 7 2285#endif 2286#ifndef IPOPT_TS 2287# define IPOPT_TS 68 2288#endif 2289#ifndef IPOPT_SECURITY 2290# define IPOPT_SECURITY 130 2291#endif 2292#ifndef IPOPT_LSRR 2293# define IPOPT_LSRR 131 2294#endif 2295#ifndef IPOPT_SATID 2296# define IPOPT_SATID 136 2297#endif 2298#ifndef IPOPT_SSRR 2299# define IPOPT_SSRR 137 2300#endif 2301#ifndef IPOPT_SECUR_UNCLASS 2302# define IPOPT_SECUR_UNCLASS ((u_short)0x0000) 2303#endif 2304#ifndef IPOPT_SECUR_CONFID 2305# define IPOPT_SECUR_CONFID ((u_short)0xf135) 2306#endif 2307#ifndef IPOPT_SECUR_EFTO 2308# define IPOPT_SECUR_EFTO ((u_short)0x789a) 2309#endif 2310#ifndef IPOPT_SECUR_MMMM 2311# define IPOPT_SECUR_MMMM ((u_short)0xbc4d) 2312#endif 2313#ifndef IPOPT_SECUR_RESTR 2314# define IPOPT_SECUR_RESTR ((u_short)0xaf13) 2315#endif 2316#ifndef IPOPT_SECUR_SECRET 2317# define IPOPT_SECUR_SECRET ((u_short)0xd788) 2318#endif 2319#ifndef IPOPT_SECUR_TOPSECRET 2320# define IPOPT_SECUR_TOPSECRET ((u_short)0x6bc5) 2321#endif 2322#ifndef IPOPT_OLEN 2323# define IPOPT_OLEN 1 2324#endif 2325#ifndef IPPROTO_HOPOPTS 2326# define IPPROTO_HOPOPTS 0 2327#endif 2328#ifndef IPPROTO_ENCAP 2329# define IPPROTO_ENCAP 4 2330#endif 2331#ifndef IPPROTO_IPV6 2332# define IPPROTO_IPV6 41 2333#endif 2334#ifndef IPPROTO_ROUTING 2335# define IPPROTO_ROUTING 43 2336#endif 2337#ifndef IPPROTO_FRAGMENT 2338# define IPPROTO_FRAGMENT 44 2339#endif 2340#ifndef IPPROTO_GRE 2341# define IPPROTO_GRE 47 /* GRE encaps RFC 1701 */ 2342#endif 2343#ifndef IPPROTO_ESP 2344# define IPPROTO_ESP 50 2345#endif 2346#ifndef IPPROTO_AH 2347# define IPPROTO_AH 51 2348#endif 2349#ifndef IPPROTO_ICMPV6 2350# define IPPROTO_ICMPV6 58 2351#endif 2352#ifndef IPPROTO_NONE 2353# define IPPROTO_NONE 59 2354#endif 2355#ifndef IPPROTO_DSTOPTS 2356# define IPPROTO_DSTOPTS 60 2357#endif 2358#ifndef IPPROTO_MOBILITY 2359# define IPPROTO_MOBILITY 135 2360#endif 2361 2362#ifndef ICMP_ROUTERADVERT 2363# define ICMP_ROUTERADVERT 9 2364#endif 2365#ifndef ICMP_ROUTERSOLICIT 2366# define ICMP_ROUTERSOLICIT 10 2367#endif 2368#ifndef ICMP6_DST_UNREACH 2369# define ICMP6_DST_UNREACH 1 2370#endif 2371#ifndef ICMP6_PACKET_TOO_BIG 2372# define ICMP6_PACKET_TOO_BIG 2 2373#endif 2374#ifndef ICMP6_TIME_EXCEEDED 2375# define ICMP6_TIME_EXCEEDED 3 2376#endif 2377#ifndef ICMP6_PARAM_PROB 2378# define ICMP6_PARAM_PROB 4 2379#endif 2380 2381#ifndef ICMP6_ECHO_REQUEST 2382# define ICMP6_ECHO_REQUEST 128 2383#endif 2384#ifndef ICMP6_ECHO_REPLY 2385# define ICMP6_ECHO_REPLY 129 2386#endif 2387#ifndef ICMP6_MEMBERSHIP_QUERY 2388# define ICMP6_MEMBERSHIP_QUERY 130 2389#endif 2390#ifndef MLD6_LISTENER_QUERY 2391# define MLD6_LISTENER_QUERY 130 2392#endif 2393#ifndef ICMP6_MEMBERSHIP_REPORT 2394# define ICMP6_MEMBERSHIP_REPORT 131 2395#endif 2396#ifndef MLD6_LISTENER_REPORT 2397# define MLD6_LISTENER_REPORT 131 2398#endif 2399#ifndef ICMP6_MEMBERSHIP_REDUCTION 2400# define ICMP6_MEMBERSHIP_REDUCTION 132 2401#endif 2402#ifndef MLD6_LISTENER_DONE 2403# define MLD6_LISTENER_DONE 132 2404#endif 2405#ifndef ND_ROUTER_SOLICIT 2406# define ND_ROUTER_SOLICIT 133 2407#endif 2408#ifndef ND_ROUTER_ADVERT 2409# define ND_ROUTER_ADVERT 134 2410#endif 2411#ifndef ND_NEIGHBOR_SOLICIT 2412# define ND_NEIGHBOR_SOLICIT 135 2413#endif 2414#ifndef ND_NEIGHBOR_ADVERT 2415# define ND_NEIGHBOR_ADVERT 136 2416#endif 2417#ifndef ND_REDIRECT 2418# define ND_REDIRECT 137 2419#endif 2420#ifndef ICMP6_ROUTER_RENUMBERING 2421# define ICMP6_ROUTER_RENUMBERING 138 2422#endif 2423#ifndef ICMP6_WRUREQUEST 2424# define ICMP6_WRUREQUEST 139 2425#endif 2426#ifndef ICMP6_WRUREPLY 2427# define ICMP6_WRUREPLY 140 2428#endif 2429#ifndef ICMP6_FQDN_QUERY 2430# define ICMP6_FQDN_QUERY 139 2431#endif 2432#ifndef ICMP6_FQDN_REPLY 2433# define ICMP6_FQDN_REPLY 140 2434#endif 2435#ifndef ICMP6_NI_QUERY 2436# define ICMP6_NI_QUERY 139 2437#endif 2438#ifndef ICMP6_NI_REPLY 2439# define ICMP6_NI_REPLY 140 2440#endif 2441#ifndef MLD6_MTRACE_RESP 2442# define MLD6_MTRACE_RESP 200 2443#endif 2444#ifndef MLD6_MTRACE 2445# define MLD6_MTRACE 201 2446#endif 2447#ifndef ICMP6_HADISCOV_REQUEST 2448# define ICMP6_HADISCOV_REQUEST 202 2449#endif 2450#ifndef ICMP6_HADISCOV_REPLY 2451# define ICMP6_HADISCOV_REPLY 203 2452#endif 2453#ifndef ICMP6_MOBILEPREFIX_SOLICIT 2454# define ICMP6_MOBILEPREFIX_SOLICIT 204 2455#endif 2456#ifndef ICMP6_MOBILEPREFIX_ADVERT 2457# define ICMP6_MOBILEPREFIX_ADVERT 205 2458#endif 2459#ifndef ICMP6_MAXTYPE 2460# define ICMP6_MAXTYPE 205 2461#endif 2462 2463#ifndef ICMP6_DST_UNREACH_NOROUTE 2464# define ICMP6_DST_UNREACH_NOROUTE 0 2465#endif 2466#ifndef ICMP6_DST_UNREACH_ADMIN 2467# define ICMP6_DST_UNREACH_ADMIN 1 2468#endif 2469#ifndef ICMP6_DST_UNREACH_NOTNEIGHBOR 2470# define ICMP6_DST_UNREACH_NOTNEIGHBOR 2 2471#endif 2472#ifndef ICMP6_DST_UNREACH_BEYONDSCOPE 2473# define ICMP6_DST_UNREACH_BEYONDSCOPE 2 2474#endif 2475#ifndef ICMP6_DST_UNREACH_ADDR 2476# define ICMP6_DST_UNREACH_ADDR 3 2477#endif 2478#ifndef ICMP6_DST_UNREACH_NOPORT 2479# define ICMP6_DST_UNREACH_NOPORT 4 2480#endif 2481#ifndef ICMP6_TIME_EXCEED_TRANSIT 2482# define ICMP6_TIME_EXCEED_TRANSIT 0 2483#endif 2484#ifndef ICMP6_TIME_EXCEED_REASSEMBLY 2485# define ICMP6_TIME_EXCEED_REASSEMBLY 1 2486#endif 2487 2488#ifndef ICMP6_NI_SUCCESS 2489# define ICMP6_NI_SUCCESS 0 2490#endif 2491#ifndef ICMP6_NI_REFUSED 2492# define ICMP6_NI_REFUSED 1 2493#endif 2494#ifndef ICMP6_NI_UNKNOWN 2495# define ICMP6_NI_UNKNOWN 2 2496#endif 2497 2498#ifndef ICMP6_ROUTER_RENUMBERING_COMMAND 2499# define ICMP6_ROUTER_RENUMBERING_COMMAND 0 2500#endif 2501#ifndef ICMP6_ROUTER_RENUMBERING_RESULT 2502# define ICMP6_ROUTER_RENUMBERING_RESULT 1 2503#endif 2504#ifndef ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 2505# define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255 2506#endif 2507 2508#ifndef ICMP6_PARAMPROB_HEADER 2509# define ICMP6_PARAMPROB_HEADER 0 2510#endif 2511#ifndef ICMP6_PARAMPROB_NEXTHEADER 2512# define ICMP6_PARAMPROB_NEXTHEADER 1 2513#endif 2514#ifndef ICMP6_PARAMPROB_OPTION 2515# define ICMP6_PARAMPROB_OPTION 2 2516#endif 2517 2518#ifndef ICMP6_NI_SUBJ_IPV6 2519# define ICMP6_NI_SUBJ_IPV6 0 2520#endif 2521#ifndef ICMP6_NI_SUBJ_FQDN 2522# define ICMP6_NI_SUBJ_FQDN 1 2523#endif 2524#ifndef ICMP6_NI_SUBJ_IPV4 2525# define ICMP6_NI_SUBJ_IPV4 2 2526#endif 2527 2528#if !defined(IPV6_FLOWINFO_MASK) 2529# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN) 2530# define IPV6_FLOWINFO_MASK 0x0fffffff /* flow info (28 bits) */ 2531# else 2532# if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN) 2533# define IPV6_FLOWINFO_MASK 0xffffff0f /* flow info (28 bits) */ 2534# endif /* LITTLE_ENDIAN */ 2535# endif 2536#endif 2537#if !defined(IPV6_FLOWLABEL_MASK) 2538# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN) 2539# define IPV6_FLOWLABEL_MASK 0x000fffff /* flow label (20 bits) */ 2540# else 2541# if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN) 2542# define IPV6_FLOWLABEL_MASK 0xffff0f00 /* flow label (20 bits) */ 2543# endif /* LITTLE_ENDIAN */ 2544# endif 2545#endif 2546 2547/* 2548 * ECN is a new addition to TCP - RFC 2481 2549 */ 2550#ifndef TH_ECN 2551# define TH_ECN 0x40 2552#endif 2553#ifndef TH_CWR 2554# define TH_CWR 0x80 2555#endif 2556#define TH_ECNALL (TH_ECN|TH_CWR) 2557 2558/* 2559 * TCP States 2560 */ 2561#define IPF_TCPS_LISTEN 0 /* listening for connection */ 2562#define IPF_TCPS_SYN_SENT 1 /* active, have sent syn */ 2563#define IPF_TCPS_SYN_RECEIVED 2 /* have send and received syn */ 2564#define IPF_TCPS_HALF_ESTAB 3 /* for connections not fully "up" */ 2565/* states < IPF_TCPS_ESTABLISHED are those where connections not established */ 2566#define IPF_TCPS_ESTABLISHED 4 /* established */ 2567#define IPF_TCPS_CLOSE_WAIT 5 /* rcvd fin, waiting for close */ 2568/* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */ 2569#define IPF_TCPS_FIN_WAIT_1 6 /* have closed, sent fin */ 2570#define IPF_TCPS_CLOSING 7 /* closed xchd FIN; await FIN ACK */ 2571#define IPF_TCPS_LAST_ACK 8 /* had fin and close; await FIN ACK */ 2572/* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */ 2573#define IPF_TCPS_FIN_WAIT_2 9 /* have closed, fin is acked */ 2574#define IPF_TCPS_TIME_WAIT 10 /* in 2*msl quiet wait after close */ 2575#define IPF_TCPS_CLOSED 11 /* closed */ 2576#define IPF_TCP_NSTATES 12 2577 2578#define TCP_MSL 120 2579 2580#undef ICMP_MAX_UNREACH 2581#define ICMP_MAX_UNREACH 14 2582#undef ICMP_MAXTYPE 2583#define ICMP_MAXTYPE 18 2584 2585#ifndef IFNAMSIZ 2586#define IFNAMSIZ 16 2587#endif 2588 2589#ifndef LOG_FTP 2590# define LOG_FTP (11<<3) 2591#endif 2592#ifndef LOG_AUTHPRIV 2593# define LOG_AUTHPRIV (10<<3) 2594#endif 2595#ifndef LOG_AUDIT 2596# define LOG_AUDIT (13<<3) 2597#endif 2598#ifndef LOG_NTP 2599# define LOG_NTP (12<<3) 2600#endif 2601#ifndef LOG_SECURITY 2602# define LOG_SECURITY (13<<3) 2603#endif 2604#ifndef LOG_LFMT 2605# define LOG_LFMT (14<<3) 2606#endif 2607#ifndef LOG_CONSOLE 2608# define LOG_CONSOLE (14<<3) 2609#endif 2610 2611/* 2612 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data, 2613 * another IP header and then 64 bits of data, totalling 56. Of course, 2614 * the last 64 bits is dependent on that being available. 2615 */ 2616#define ICMPERR_ICMPHLEN 8 2617#define ICMPERR_IPICMPHLEN (20 + 8) 2618#define ICMPERR_MINPKTLEN (20 + 8 + 20) 2619#define ICMPERR_MAXPKTLEN (20 + 8 + 20 + 8) 2620#define ICMP6ERR_MINPKTLEN (40 + 8) 2621#define ICMP6ERR_IPICMPHLEN (40 + 8 + 40) 2622 2623#ifndef MIN 2624# define MIN(a,b) (((a)<(b))?(a):(b)) 2625#endif 2626 2627#ifdef IPF_DEBUG 2628# define DPRINT(x) printf x 2629#else 2630# define DPRINT(x) 2631#endif 2632 2633#ifdef RESCUE 2634# undef IPFILTER_BPF 2635#endif 2636 2637#endif /* __IP_COMPAT_H__ */ 2638