Page MenuHomeFreeBSD
Files F148037324

D17499.id.diff
No OneTemporary
Actions

D17499.id.diff
View Options

Index: head/sys/net/pfvar.h
===================================================================
--- head/sys/net/pfvar.h
+++ head/sys/net/pfvar.h
@@ -825,12 +825,18 @@
typedef void pfsync_clear_states_t(u_int32_t, const char *);
typedef int pfsync_defer_t(struct pf_state *, struct mbuf *);
-extern pfsync_state_import_t *pfsync_state_import_ptr;
-extern pfsync_insert_state_t *pfsync_insert_state_ptr;
-extern pfsync_update_state_t *pfsync_update_state_ptr;
-extern pfsync_delete_state_t *pfsync_delete_state_ptr;
-extern pfsync_clear_states_t *pfsync_clear_states_ptr;
-extern pfsync_defer_t *pfsync_defer_ptr;
+VNET_DECLARE(pfsync_state_import_t *, pfsync_state_import_ptr);
+#define V_pfsync_state_import_ptr VNET(pfsync_state_import_ptr)
+VNET_DECLARE(pfsync_insert_state_t *, pfsync_insert_state_ptr);
+#define V_pfsync_insert_state_ptr VNET(pfsync_insert_state_ptr)
+VNET_DECLARE(pfsync_update_state_t *, pfsync_update_state_ptr);
+#define V_pfsync_update_state_ptr VNET(pfsync_update_state_ptr)
+VNET_DECLARE(pfsync_delete_state_t *, pfsync_delete_state_ptr);
+#define V_pfsync_delete_state_ptr VNET(pfsync_delete_state_ptr)
+VNET_DECLARE(pfsync_clear_states_t *, pfsync_clear_states_ptr);
+#define V_pfsync_clear_states_ptr VNET(pfsync_clear_states_ptr)
+VNET_DECLARE(pfsync_defer_t *, pfsync_defer_ptr);
+#define V_pfsync_defer_ptr VNET(pfsync_defer_ptr)
void pfsync_state_export(struct pfsync_state *,
struct pf_state *);
Index: head/sys/netpfil/pf/if_pfsync.c
===================================================================
--- head/sys/netpfil/pf/if_pfsync.c
+++ head/sys/netpfil/pf/if_pfsync.c
@@ -1362,10 +1362,10 @@
sc->sc_maxupdates = pfsyncr.pfsyncr_maxupdates;
if (pfsyncr.pfsyncr_defer) {
sc->sc_flags |= PFSYNCF_DEFER;
- pfsync_defer_ptr = pfsync_defer;
+ V_pfsync_defer_ptr = pfsync_defer;
} else {
sc->sc_flags &= ~PFSYNCF_DEFER;
- pfsync_defer_ptr = NULL;
+ V_pfsync_defer_ptr = NULL;
}
if (sifp == NULL) {
@@ -2311,12 +2311,12 @@
{
PF_RULES_WLOCK();
- pfsync_state_import_ptr = pfsync_state_import;
- pfsync_insert_state_ptr = pfsync_insert_state;
- pfsync_update_state_ptr = pfsync_update_state;
- pfsync_delete_state_ptr = pfsync_delete_state;
- pfsync_clear_states_ptr = pfsync_clear_states;
- pfsync_defer_ptr = pfsync_defer;
+ V_pfsync_state_import_ptr = pfsync_state_import;
+ V_pfsync_insert_state_ptr = pfsync_insert_state;
+ V_pfsync_update_state_ptr = pfsync_update_state;
+ V_pfsync_delete_state_ptr = pfsync_delete_state;
+ V_pfsync_clear_states_ptr = pfsync_clear_states;
+ V_pfsync_defer_ptr = pfsync_defer;
PF_RULES_WUNLOCK();
}
@@ -2325,12 +2325,12 @@
{
PF_RULES_WLOCK();
- pfsync_state_import_ptr = NULL;
- pfsync_insert_state_ptr = NULL;
- pfsync_update_state_ptr = NULL;
- pfsync_delete_state_ptr = NULL;
- pfsync_clear_states_ptr = NULL;
- pfsync_defer_ptr = NULL;
+ V_pfsync_state_import_ptr = NULL;
+ V_pfsync_insert_state_ptr = NULL;
+ V_pfsync_update_state_ptr = NULL;
+ V_pfsync_delete_state_ptr = NULL;
+ V_pfsync_clear_states_ptr = NULL;
+ V_pfsync_defer_ptr = NULL;
PF_RULES_WUNLOCK();
}
@@ -2347,6 +2347,8 @@
if_clone_detach(V_pfsync_cloner);
log(LOG_INFO, "swi_add() failed in %s\n", __func__);
}
+
+ pfsync_pointers_init();
}
VNET_SYSINIT(vnet_pfsync_init, SI_SUB_PROTO_FIREWALL, SI_ORDER_ANY,
vnet_pfsync_init, NULL);
@@ -2355,6 +2357,8 @@
vnet_pfsync_uninit(const void *unused __unused)
{
+ pfsync_pointers_uninit();
+
if_clone_detach(V_pfsync_cloner);
swi_remove(V_pfsync_swi_cookie);
}
@@ -2380,7 +2384,6 @@
return (error);
}
#endif
- pfsync_pointers_init();
return (0);
}
@@ -2388,8 +2391,6 @@
static void
pfsync_uninit()
{
-
- pfsync_pointers_uninit();
#ifdef INET
ipproto_unregister(IPPROTO_PFSYNC);
Index: head/sys/netpfil/pf/pf.c
===================================================================
--- head/sys/netpfil/pf/pf.c
+++ head/sys/netpfil/pf/pf.c
@@ -1268,8 +1268,8 @@
refcount_init(&s->refs, 2);
counter_u64_add(V_pf_status.fcounters[FCNT_STATE_INSERT], 1);
- if (pfsync_insert_state_ptr != NULL)
- pfsync_insert_state_ptr(s);
+ if (V_pfsync_insert_state_ptr != NULL)
+ V_pfsync_insert_state_ptr(s);
/* Returns locked. */
return (0);
@@ -1672,8 +1672,8 @@
LIST_REMOVE(s, entry);
pf_src_tree_remove_state(s);
- if (pfsync_delete_state_ptr != NULL)
- pfsync_delete_state_ptr(s);
+ if (V_pfsync_delete_state_ptr != NULL)
+ V_pfsync_delete_state_ptr(s);
STATE_DEC_COUNTERS(s);
@@ -3582,7 +3582,7 @@
if (*sm != NULL && !((*sm)->state_flags & PFSTATE_NOSYNC) &&
direction == PF_OUT &&
- pfsync_defer_ptr != NULL && pfsync_defer_ptr(*sm, m))
+ V_pfsync_defer_ptr != NULL && V_pfsync_defer_ptr(*sm, m))
/*
* We want the state created, but we dont
* want to send this in case a partner
@@ -5996,8 +5996,8 @@
action = pf_test_state_tcp(&s, dir, kif, m, off, h, &pd,
&reason);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
@@ -6025,8 +6025,8 @@
}
action = pf_test_state_udp(&s, dir, kif, m, off, h, &pd);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
@@ -6048,8 +6048,8 @@
action = pf_test_state_icmp(&s, dir, kif, m, off, h, &pd,
&reason);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
@@ -6071,8 +6071,8 @@
default:
action = pf_test_state_other(&s, dir, kif, m, &pd);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
@@ -6435,8 +6435,8 @@
action = pf_test_state_tcp(&s, dir, kif, m, off, h, &pd,
&reason);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
@@ -6464,8 +6464,8 @@
}
action = pf_test_state_udp(&s, dir, kif, m, off, h, &pd);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
@@ -6494,8 +6494,8 @@
action = pf_test_state_icmp(&s, dir, kif,
m, off, h, &pd, &reason);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
@@ -6508,8 +6508,8 @@
default:
action = pf_test_state_other(&s, dir, kif, m, &pd);
if (action == PF_PASS) {
- if (pfsync_update_state_ptr != NULL)
- pfsync_update_state_ptr(s);
+ if (V_pfsync_update_state_ptr != NULL)
+ V_pfsync_update_state_ptr(s);
r = s->rule.ptr;
a = s->anchor.ptr;
log = s->log;
Index: head/sys/netpfil/pf/pf_ioctl.c
===================================================================
--- head/sys/netpfil/pf/pf_ioctl.c
+++ head/sys/netpfil/pf/pf_ioctl.c
@@ -212,12 +212,13 @@
struct sx pf_end_lock;
/* pfsync */
-pfsync_state_import_t *pfsync_state_import_ptr = NULL;
-pfsync_insert_state_t *pfsync_insert_state_ptr = NULL;
-pfsync_update_state_t *pfsync_update_state_ptr = NULL;
-pfsync_delete_state_t *pfsync_delete_state_ptr = NULL;
-pfsync_clear_states_t *pfsync_clear_states_ptr = NULL;
-pfsync_defer_t *pfsync_defer_ptr = NULL;
+VNET_DEFINE(pfsync_state_import_t *, pfsync_state_import_ptr);
+VNET_DEFINE(pfsync_insert_state_t *, pfsync_insert_state_ptr);
+VNET_DEFINE(pfsync_update_state_t *, pfsync_update_state_ptr);
+VNET_DEFINE(pfsync_delete_state_t *, pfsync_delete_state_ptr);
+VNET_DEFINE(pfsync_clear_states_t *, pfsync_clear_states_ptr);
+VNET_DEFINE(pfsync_defer_t *, pfsync_defer_ptr);
+
/* pflog */
pflog_packet_t *pflog_packet_ptr = NULL;
@@ -1873,8 +1874,8 @@
PF_HASHROW_UNLOCK(ih);
}
psk->psk_killed = killed;
- if (pfsync_clear_states_ptr != NULL)
- pfsync_clear_states_ptr(V_pf_status.hostid, psk->psk_ifname);
+ if (V_pfsync_clear_states_ptr != NULL)
+ V_pfsync_clear_states_ptr(V_pf_status.hostid, psk->psk_ifname);
break;
}
@@ -1961,9 +1962,9 @@
error = EINVAL;
break;
}
- if (pfsync_state_import_ptr != NULL) {
+ if (V_pfsync_state_import_ptr != NULL) {
PF_RULES_RLOCK();
- error = pfsync_state_import_ptr(sp, PFSYNC_SI_IOCTL);
+ error = V_pfsync_state_import_ptr(sp, PFSYNC_SI_IOCTL);
PF_RULES_RUNLOCK();
} else
error = EOPNOTSUPP;

File Metadata

Mime Type
text/plain
Expires
Mon, Mar 16, 8:16 AM (1 h, 25 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29742388
Default Alt Text
D17499.id.diff (8 KB)

Event Timeline