Changeset View
Changeset View
Standalone View
Standalone View
sys/netpfil/pf/pf_ioctl.c
| Show First 20 Lines • Show All 338 Lines • ▼ Show 20 Lines | #endif | ||||
| for (int i = 0; i < 2; i++) { | for (int i = 0; i < 2; i++) { | ||||
| pf_counter_u64_init(&V_pf_default_rule.packets[i], M_WAITOK); | pf_counter_u64_init(&V_pf_default_rule.packets[i], M_WAITOK); | ||||
| pf_counter_u64_init(&V_pf_default_rule.bytes[i], M_WAITOK); | pf_counter_u64_init(&V_pf_default_rule.bytes[i], M_WAITOK); | ||||
| } | } | ||||
| V_pf_default_rule.states_cur = counter_u64_alloc(M_WAITOK); | V_pf_default_rule.states_cur = counter_u64_alloc(M_WAITOK); | ||||
| V_pf_default_rule.states_tot = counter_u64_alloc(M_WAITOK); | V_pf_default_rule.states_tot = counter_u64_alloc(M_WAITOK); | ||||
| V_pf_default_rule.src_nodes = counter_u64_alloc(M_WAITOK); | V_pf_default_rule.src_nodes = counter_u64_alloc(M_WAITOK); | ||||
| V_pf_default_rule.timestamp = uma_zalloc_pcpu(pcpu_zone_4, M_WAITOK | M_ZERO); | V_pf_default_rule.timestamp = uma_zalloc_pcpu(pf_timestamp_pcpu_zone, | ||||
| M_WAITOK | M_ZERO); | |||||
| #ifdef PF_WANT_32_TO_64_COUNTER | #ifdef PF_WANT_32_TO_64_COUNTER | ||||
| V_pf_kifmarker = malloc(sizeof(*V_pf_kifmarker), PFI_MTYPE, M_WAITOK | M_ZERO); | V_pf_kifmarker = malloc(sizeof(*V_pf_kifmarker), PFI_MTYPE, M_WAITOK | M_ZERO); | ||||
| V_pf_rulemarker = malloc(sizeof(*V_pf_rulemarker), M_PFRULE, M_WAITOK | M_ZERO); | V_pf_rulemarker = malloc(sizeof(*V_pf_rulemarker), M_PFRULE, M_WAITOK | M_ZERO); | ||||
| PF_RULES_WLOCK(); | PF_RULES_WLOCK(); | ||||
| LIST_INSERT_HEAD(&V_pf_allkiflist, V_pf_kifmarker, pfik_allkiflist); | LIST_INSERT_HEAD(&V_pf_allkiflist, V_pf_kifmarker, pfik_allkiflist); | ||||
| LIST_INSERT_HEAD(&V_pf_allrulelist, &V_pf_default_rule, allrulelist); | LIST_INSERT_HEAD(&V_pf_allrulelist, &V_pf_default_rule, allrulelist); | ||||
| V_pf_allrulecount++; | V_pf_allrulecount++; | ||||
| ▲ Show 20 Lines • Show All 173 Lines • ▼ Show 20 Lines | #endif | ||||
| if (rule->ipdst.addr.type == PF_ADDR_TABLE) | if (rule->ipdst.addr.type == PF_ADDR_TABLE) | ||||
| pfr_detach_table(rule->ipdst.addr.p.tbl); | pfr_detach_table(rule->ipdst.addr.p.tbl); | ||||
| counter_u64_free(rule->evaluations); | counter_u64_free(rule->evaluations); | ||||
| for (int i = 0; i < 2; i++) { | for (int i = 0; i < 2; i++) { | ||||
| counter_u64_free(rule->packets[i]); | counter_u64_free(rule->packets[i]); | ||||
| counter_u64_free(rule->bytes[i]); | counter_u64_free(rule->bytes[i]); | ||||
| } | } | ||||
| uma_zfree_pcpu(pcpu_zone_4, rule->timestamp); | uma_zfree_pcpu(pf_timestamp_pcpu_zone, rule->timestamp); | ||||
| pf_keth_anchor_remove(rule); | pf_keth_anchor_remove(rule); | ||||
| free(rule, M_PFRULE); | free(rule, M_PFRULE); | ||||
| } | } | ||||
| void | void | ||||
| pf_free_rule(struct pf_krule *rule) | pf_free_rule(struct pf_krule *rule) | ||||
| { | { | ||||
| ▲ Show 20 Lines • Show All 1,235 Lines • ▼ Show 20 Lines | |||||
| struct pf_krule * | struct pf_krule * | ||||
| pf_krule_alloc(void) | pf_krule_alloc(void) | ||||
| { | { | ||||
| struct pf_krule *rule; | struct pf_krule *rule; | ||||
| rule = malloc(sizeof(struct pf_krule), M_PFRULE, M_WAITOK | M_ZERO); | rule = malloc(sizeof(struct pf_krule), M_PFRULE, M_WAITOK | M_ZERO); | ||||
| mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF); | mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF); | ||||
| rule->timestamp = uma_zalloc_pcpu(pcpu_zone_4, M_WAITOK | M_ZERO); | rule->timestamp = uma_zalloc_pcpu(pf_timestamp_pcpu_zone, | ||||
| M_WAITOK | M_ZERO); | |||||
| return (rule); | return (rule); | ||||
| } | } | ||||
| void | void | ||||
| pf_krule_free(struct pf_krule *rule) | pf_krule_free(struct pf_krule *rule) | ||||
| { | { | ||||
| #ifdef PF_WANT_32_TO_64_COUNTER | #ifdef PF_WANT_32_TO_64_COUNTER | ||||
| bool wowned; | bool wowned; | ||||
| Show All 17 Lines | #endif | ||||
| pf_counter_u64_deinit(&rule->evaluations); | pf_counter_u64_deinit(&rule->evaluations); | ||||
| for (int i = 0; i < 2; i++) { | for (int i = 0; i < 2; i++) { | ||||
| pf_counter_u64_deinit(&rule->packets[i]); | pf_counter_u64_deinit(&rule->packets[i]); | ||||
| pf_counter_u64_deinit(&rule->bytes[i]); | pf_counter_u64_deinit(&rule->bytes[i]); | ||||
| } | } | ||||
| counter_u64_free(rule->states_cur); | counter_u64_free(rule->states_cur); | ||||
| counter_u64_free(rule->states_tot); | counter_u64_free(rule->states_tot); | ||||
| counter_u64_free(rule->src_nodes); | counter_u64_free(rule->src_nodes); | ||||
| uma_zfree_pcpu(pcpu_zone_4, rule->timestamp); | uma_zfree_pcpu(pf_timestamp_pcpu_zone, rule->timestamp); | ||||
| mtx_destroy(&rule->rpool.mtx); | mtx_destroy(&rule->rpool.mtx); | ||||
| free(rule, M_PFRULE); | free(rule, M_PFRULE); | ||||
| } | } | ||||
| static void | static void | ||||
| pf_kpooladdr_to_pooladdr(const struct pf_kpooladdr *kpool, | pf_kpooladdr_to_pooladdr(const struct pf_kpooladdr *kpool, | ||||
| struct pf_pooladdr *pool) | struct pf_pooladdr *pool) | ||||
| ▲ Show 20 Lines • Show All 1,031 Lines • ▼ Show 20 Lines | #define ERROUT(x) ERROUT_IOCTL(DIOCADDETHRULE_error, x) | ||||
| if (rule->ifname[0]) | if (rule->ifname[0]) | ||||
| kif = pf_kkif_create(M_WAITOK); | kif = pf_kkif_create(M_WAITOK); | ||||
| rule->evaluations = counter_u64_alloc(M_WAITOK); | rule->evaluations = counter_u64_alloc(M_WAITOK); | ||||
| for (int i = 0; i < 2; i++) { | for (int i = 0; i < 2; i++) { | ||||
| rule->packets[i] = counter_u64_alloc(M_WAITOK); | rule->packets[i] = counter_u64_alloc(M_WAITOK); | ||||
| rule->bytes[i] = counter_u64_alloc(M_WAITOK); | rule->bytes[i] = counter_u64_alloc(M_WAITOK); | ||||
| } | } | ||||
| rule->timestamp = uma_zalloc_pcpu(pcpu_zone_4, | rule->timestamp = uma_zalloc_pcpu(pf_timestamp_pcpu_zone, | ||||
| M_WAITOK | M_ZERO); | M_WAITOK | M_ZERO); | ||||
| PF_RULES_WLOCK(); | PF_RULES_WLOCK(); | ||||
| if (rule->ifname[0]) { | if (rule->ifname[0]) { | ||||
| rule->kif = pfi_kkif_attach(kif, rule->ifname); | rule->kif = pfi_kkif_attach(kif, rule->ifname); | ||||
| pfi_kkif_ref(rule->kif); | pfi_kkif_ref(rule->kif); | ||||
| } else | } else | ||||
| ▲ Show 20 Lines • Show All 3,884 Lines • ▼ Show 20 Lines | #endif | ||||
| pf_counter_u64_deinit(&V_pf_default_rule.evaluations); | pf_counter_u64_deinit(&V_pf_default_rule.evaluations); | ||||
| for (int i = 0; i < 2; i++) { | for (int i = 0; i < 2; i++) { | ||||
| pf_counter_u64_deinit(&V_pf_default_rule.packets[i]); | pf_counter_u64_deinit(&V_pf_default_rule.packets[i]); | ||||
| pf_counter_u64_deinit(&V_pf_default_rule.bytes[i]); | pf_counter_u64_deinit(&V_pf_default_rule.bytes[i]); | ||||
| } | } | ||||
| counter_u64_free(V_pf_default_rule.states_cur); | counter_u64_free(V_pf_default_rule.states_cur); | ||||
| counter_u64_free(V_pf_default_rule.states_tot); | counter_u64_free(V_pf_default_rule.states_tot); | ||||
| counter_u64_free(V_pf_default_rule.src_nodes); | counter_u64_free(V_pf_default_rule.src_nodes); | ||||
| uma_zfree_pcpu(pcpu_zone_4, V_pf_default_rule.timestamp); | uma_zfree_pcpu(pf_timestamp_pcpu_zone, V_pf_default_rule.timestamp); | ||||
| for (int i = 0; i < PFRES_MAX; i++) | for (int i = 0; i < PFRES_MAX; i++) | ||||
| counter_u64_free(V_pf_status.counters[i]); | counter_u64_free(V_pf_status.counters[i]); | ||||
| for (int i = 0; i < KLCNT_MAX; i++) | for (int i = 0; i < KLCNT_MAX; i++) | ||||
| counter_u64_free(V_pf_status.lcounters[i]); | counter_u64_free(V_pf_status.lcounters[i]); | ||||
| for (int i = 0; i < FCNT_MAX; i++) | for (int i = 0; i < FCNT_MAX; i++) | ||||
| pf_counter_u64_deinit(&V_pf_status.fcounters[i]); | pf_counter_u64_deinit(&V_pf_status.fcounters[i]); | ||||
| for (int i = 0; i < SCNT_MAX; i++) | for (int i = 0; i < SCNT_MAX; i++) | ||||
| ▲ Show 20 Lines • Show All 73 Lines • Show Last 20 Lines | |||||