Changeset View
Changeset View
Standalone View
Standalone View
sys/netinet/siftr.c
Show First 20 Lines • Show All 1,133 Lines • ▼ Show 20 Lines | |||||
#define V_siftr_inet_hook VNET(siftr_inet_hook) | #define V_siftr_inet_hook VNET(siftr_inet_hook) | ||||
#ifdef SIFTR_IPV6 | #ifdef SIFTR_IPV6 | ||||
VNET_DEFINE_STATIC(pfil_hook_t, siftr_inet6_hook); | VNET_DEFINE_STATIC(pfil_hook_t, siftr_inet6_hook); | ||||
#define V_siftr_inet6_hook VNET(siftr_inet6_hook) | #define V_siftr_inet6_hook VNET(siftr_inet6_hook) | ||||
#endif | #endif | ||||
static int | static int | ||||
siftr_pfil(int action) | siftr_pfil(int action) | ||||
{ | { | ||||
struct pfil_hook_args pha; | struct pfil_hook_args pha = { | ||||
struct pfil_link_args pla; | .pa_version = PFIL_VERSION, | ||||
.pa_flags = PFIL_IN | PFIL_OUT, | |||||
.pa_modname = "siftr", | |||||
.pa_rulname = "default", | |||||
}; | |||||
struct pfil_link_args pla = { | |||||
.pa_version = PFIL_VERSION, | |||||
.pa_flags = PFIL_IN | PFIL_OUT | PFIL_HEADPTR | PFIL_HOOKPTR, | |||||
}; | |||||
pha.pa_version = PFIL_VERSION; | |||||
pha.pa_flags = PFIL_IN | PFIL_OUT; | |||||
pha.pa_modname = "siftr"; | |||||
pha.pa_ruleset = NULL; | |||||
pha.pa_rulname = "default"; | |||||
pla.pa_version = PFIL_VERSION; | |||||
pla.pa_flags = PFIL_IN | PFIL_OUT | | |||||
PFIL_HEADPTR | PFIL_HOOKPTR; | |||||
VNET_ITERATOR_DECL(vnet_iter); | VNET_ITERATOR_DECL(vnet_iter); | ||||
VNET_LIST_RLOCK(); | VNET_LIST_RLOCK(); | ||||
VNET_FOREACH(vnet_iter) { | VNET_FOREACH(vnet_iter) { | ||||
CURVNET_SET(vnet_iter); | CURVNET_SET(vnet_iter); | ||||
if (action == HOOK) { | if (action == HOOK) { | ||||
pha.pa_func = siftr_chkpkt; | pha.pa_mbuf_chk = siftr_chkpkt; | ||||
pha.pa_type = PFIL_TYPE_IP4; | pha.pa_type = PFIL_TYPE_IP4; | ||||
V_siftr_inet_hook = pfil_add_hook(&pha); | V_siftr_inet_hook = pfil_add_hook(&pha); | ||||
pla.pa_hook = V_siftr_inet_hook; | pla.pa_hook = V_siftr_inet_hook; | ||||
pla.pa_head = V_inet_pfil_head; | pla.pa_head = V_inet_pfil_head; | ||||
(void)pfil_link(&pla); | (void)pfil_link(&pla); | ||||
#ifdef SIFTR_IPV6 | #ifdef SIFTR_IPV6 | ||||
pha.pa_func = siftr_chkpkt6; | pha.pa_mbuf_chk = siftr_chkpkt6; | ||||
pha.pa_type = PFIL_TYPE_IP6; | pha.pa_type = PFIL_TYPE_IP6; | ||||
V_siftr_inet6_hook = pfil_add_hook(&pha); | V_siftr_inet6_hook = pfil_add_hook(&pha); | ||||
pla.pa_hook = V_siftr_inet6_hook; | pla.pa_hook = V_siftr_inet6_hook; | ||||
pla.pa_head = V_inet6_pfil_head; | pla.pa_head = V_inet6_pfil_head; | ||||
(void)pfil_link(&pla); | (void)pfil_link(&pla); | ||||
#endif | #endif | ||||
} else if (action == UNHOOK) { | } else if (action == UNHOOK) { | ||||
pfil_remove_hook(V_siftr_inet_hook); | pfil_remove_hook(V_siftr_inet_hook); | ||||
▲ Show 20 Lines • Show All 420 Lines • Show Last 20 Lines |