Changeset View
Changeset View
Standalone View
Standalone View
sys/net/pfil.h
Show First 20 Lines • Show All 188 Lines • ▼ Show 20 Lines | |||||
/* Public functions for pfil head management by inspection points. */ | /* Public functions for pfil head management by inspection points. */ | ||||
pfil_head_t pfil_head_register(struct pfil_head_args *); | pfil_head_t pfil_head_register(struct pfil_head_args *); | ||||
void pfil_head_unregister(pfil_head_t); | void pfil_head_unregister(pfil_head_t); | ||||
/* Public functions to run the packet inspection by inspection points. */ | /* Public functions to run the packet inspection by inspection points. */ | ||||
int pfil_run_hooks(struct pfil_head *, pfil_packet_t, struct ifnet *, int, | int pfil_run_hooks(struct pfil_head *, pfil_packet_t, struct ifnet *, int, | ||||
struct inpcb *inp); | struct inpcb *inp); | ||||
int pfil_mbuf_in(struct pfil_head *, pfil_packet_t, struct ifnet *, | |||||
struct inpcb *inp); | |||||
int pfil_mbuf_out(struct pfil_head *, pfil_packet_t, struct ifnet *, | |||||
struct inpcb *inp); | |||||
/* | /* | ||||
* Minimally exposed structure to avoid function call in case of absence | * Minimally exposed structure to avoid function call in case of absence | ||||
* of any filters by protocols and macros to do the check. | * of any filters by protocols and macros to do the check. | ||||
*/ | */ | ||||
struct _pfil_head { | struct _pfil_head { | ||||
melifaro: Is this still needed? | |||||
Done Inline Actionsthis is used a lot to avoid calling the routine. perhaps you are asking if it can be patched to check for the list being empty? ultimately that's beyond the scope of this patch mjg: this is used a lot to avoid calling the routine. perhaps you are asking if it can be patched to… | |||||
Done Inline Actionsfwiw i don't think firewalls should be using this interface to begin with, but that's for another time mjg: fwiw i don't think firewalls should be using this interface to begin with, but that's for… | |||||
Not Done Inline ActionsSorry, let me rephrase. Originally this structure existed as pfil_head was private to pfil.c . Given this patch exposes it to everyone, _pfil_head becomes unnecessary melifaro: Sorry, let me rephrase. Originally this structure existed as pfil_head was private to pfil.c . | |||||
int head_nhooksin; | int head_nhooksin; | ||||
int head_nhooksout; | int head_nhooksout; | ||||
}; | }; | ||||
#define PFIL_HOOKED_IN(p) (((struct _pfil_head *)(p))->head_nhooksin > 0) | #define PFIL_HOOKED_IN(p) (((struct _pfil_head *)(p))->head_nhooksin > 0) | ||||
#define PFIL_HOOKED_OUT(p) (((struct _pfil_head *)(p))->head_nhooksout > 0) | #define PFIL_HOOKED_OUT(p) (((struct _pfil_head *)(p))->head_nhooksout > 0) | ||||
/* | /* | ||||
* Alloc mbuf to be used instead of memory pointer. | * Alloc mbuf to be used instead of memory pointer. | ||||
*/ | */ | ||||
int pfil_realloc(pfil_packet_t *, int, struct ifnet *); | int pfil_realloc(pfil_packet_t *, int, struct ifnet *); | ||||
#endif /* _KERNEL */ | #endif /* _KERNEL */ | ||||
#endif /* _NET_PFIL_H_ */ | #endif /* _NET_PFIL_H_ */ |
Is this still needed?