Changeset View
Changeset View
Standalone View
Standalone View
sys/net/pfvar.h
Show First 20 Lines • Show All 934 Lines • ▼ Show 20 Lines | struct pf_state_peer { | ||||
u_int16_t max_win; /* largest window (pre scaling) */ | u_int16_t max_win; /* largest window (pre scaling) */ | ||||
u_int16_t mss; /* Maximum segment size option */ | u_int16_t mss; /* Maximum segment size option */ | ||||
u_int8_t state; /* active state level */ | u_int8_t state; /* active state level */ | ||||
u_int8_t wscale; /* window scaling factor */ | u_int8_t wscale; /* window scaling factor */ | ||||
u_int8_t tcp_est; /* Did we reach TCPS_ESTABLISHED */ | u_int8_t tcp_est; /* Did we reach TCPS_ESTABLISHED */ | ||||
u_int8_t pad[1]; | u_int8_t pad[1]; | ||||
}; | }; | ||||
/* Keep synced with struct pf_udp_endpoint. */ | |||||
struct pf_udp_endpoint_cmp { | |||||
struct pf_addr addr; | |||||
kp: Space out addr/port/... with tabs, not spaces. | |||||
uint16_t port; | |||||
sa_family_t af; | |||||
uint8_t pad[1]; | |||||
}; | |||||
struct pf_udp_endpoint { | |||||
struct pf_addr addr; | |||||
Done Inline ActionsSpace out addr/port/... with tabs, not spaces. kp: Space out addr/port/... with tabs, not spaces. | |||||
uint16_t port; | |||||
Not Done Inline ActionsPlease use new C standard uintXX_t types instead of historic u_intXX_t in new code. glebius: Please use new C standard uintXX_t types instead of historic u_intXX_t in new code. | |||||
sa_family_t af; | |||||
uint8_t pad[1]; | |||||
struct pf_udp_mapping *mapping; | |||||
LIST_ENTRY(pf_udp_endpoint) entry; | |||||
}; | |||||
struct pf_udp_mapping { | |||||
struct pf_udp_endpoint endpoints[2]; | |||||
Not Done Inline ActionsWhy two endpoints? kp: Why two endpoints? | |||||
u_int refs; | |||||
}; | |||||
/* Keep synced with struct pf_state_key. */ | /* Keep synced with struct pf_state_key. */ | ||||
struct pf_state_key_cmp { | struct pf_state_key_cmp { | ||||
struct pf_addr addr[2]; | struct pf_addr addr[2]; | ||||
u_int16_t port[2]; | u_int16_t port[2]; | ||||
sa_family_t af; | sa_family_t af; | ||||
u_int8_t proto; | u_int8_t proto; | ||||
u_int8_t pad[2]; | u_int8_t pad[2]; | ||||
}; | }; | ||||
▲ Show 20 Lines • Show All 113 Lines • ▼ Show 20 Lines | struct pf_kstate { | ||||
struct pf_state_peer src; | struct pf_state_peer src; | ||||
struct pf_state_peer dst; | struct pf_state_peer dst; | ||||
struct pf_krule_slist match_rules; | struct pf_krule_slist match_rules; | ||||
union pf_krule_ptr rule; | union pf_krule_ptr rule; | ||||
union pf_krule_ptr anchor; | union pf_krule_ptr anchor; | ||||
union pf_krule_ptr nat_rule; | union pf_krule_ptr nat_rule; | ||||
struct pf_addr rt_addr; | struct pf_addr rt_addr; | ||||
struct pf_state_key *key[2]; /* addresses stack and wire */ | struct pf_state_key *key[2]; /* addresses stack and wire */ | ||||
struct pf_udp_mapping *udp_mapping; | |||||
struct pfi_kkif *kif; | struct pfi_kkif *kif; | ||||
struct pfi_kkif *orig_kif; /* The real kif, even if we're a floating state (i.e. if == V_pfi_all). */ | struct pfi_kkif *orig_kif; /* The real kif, even if we're a floating state (i.e. if == V_pfi_all). */ | ||||
struct pfi_kkif *rt_kif; | struct pfi_kkif *rt_kif; | ||||
struct pf_ksrc_node *src_node; | struct pf_ksrc_node *src_node; | ||||
struct pf_ksrc_node *nat_src_node; | struct pf_ksrc_node *nat_src_node; | ||||
u_int64_t packets[2]; | u_int64_t packets[2]; | ||||
u_int64_t bytes[2]; | u_int64_t bytes[2]; | ||||
u_int64_t creation; | u_int64_t creation; | ||||
▲ Show 20 Lines • Show All 1,039 Lines • ▼ Show 20 Lines | struct pf_keyhash { | ||||
struct mtx lock; | struct mtx lock; | ||||
}; | }; | ||||
struct pf_idhash { | struct pf_idhash { | ||||
LIST_HEAD(, pf_kstate) states; | LIST_HEAD(, pf_kstate) states; | ||||
struct mtx lock; | struct mtx lock; | ||||
}; | }; | ||||
struct pf_udpendpointhash { | |||||
LIST_HEAD(, pf_udp_endpoint) endpoints; | |||||
struct mtx lock; | |||||
}; | |||||
extern u_long pf_ioctl_maxcount; | extern u_long pf_ioctl_maxcount; | ||||
VNET_DECLARE(u_long, pf_hashmask); | VNET_DECLARE(u_long, pf_hashmask); | ||||
#define V_pf_hashmask VNET(pf_hashmask) | #define V_pf_hashmask VNET(pf_hashmask) | ||||
VNET_DECLARE(u_long, pf_srchashmask); | VNET_DECLARE(u_long, pf_srchashmask); | ||||
#define V_pf_srchashmask VNET(pf_srchashmask) | #define V_pf_srchashmask VNET(pf_srchashmask) | ||||
VNET_DECLARE(u_long, pf_udpendpointhashmask); | |||||
#define V_pf_udpendpointhashmask VNET(pf_udpendpointhashmask) | |||||
#define PF_HASHSIZ (131072) | #define PF_HASHSIZ (131072) | ||||
#define PF_SRCHASHSIZ (PF_HASHSIZ/4) | #define PF_SRCHASHSIZ (PF_HASHSIZ/4) | ||||
VNET_DECLARE(struct pf_keyhash *, pf_keyhash); | VNET_DECLARE(struct pf_keyhash *, pf_keyhash); | ||||
VNET_DECLARE(struct pf_idhash *, pf_idhash); | VNET_DECLARE(struct pf_idhash *, pf_idhash); | ||||
VNET_DECLARE(struct pf_udpendpointhash *, pf_udpendpointhash); | |||||
#define V_pf_keyhash VNET(pf_keyhash) | #define V_pf_keyhash VNET(pf_keyhash) | ||||
#define V_pf_idhash VNET(pf_idhash) | #define V_pf_idhash VNET(pf_idhash) | ||||
#define V_pf_udpendpointhash VNET(pf_udpendpointhash) | |||||
VNET_DECLARE(struct pf_srchash *, pf_srchash); | VNET_DECLARE(struct pf_srchash *, pf_srchash); | ||||
#define V_pf_srchash VNET(pf_srchash) | #define V_pf_srchash VNET(pf_srchash) | ||||
#define PF_IDHASH(s) (be64toh((s)->id) % (V_pf_hashmask + 1)) | #define PF_IDHASH(s) (be64toh((s)->id) % (V_pf_hashmask + 1)) | ||||
VNET_DECLARE(void *, pf_swi_cookie); | VNET_DECLARE(void *, pf_swi_cookie); | ||||
#define V_pf_swi_cookie VNET(pf_swi_cookie) | #define V_pf_swi_cookie VNET(pf_swi_cookie) | ||||
VNET_DECLARE(struct intr_event *, pf_swi_ie); | VNET_DECLARE(struct intr_event *, pf_swi_ie); | ||||
▲ Show 20 Lines • Show All 58 Lines • ▼ Show 20 Lines | |||||
extern void pf_calc_skip_steps(struct pf_krulequeue *); | extern void pf_calc_skip_steps(struct pf_krulequeue *); | ||||
#ifdef ALTQ | #ifdef ALTQ | ||||
extern void pf_altq_ifnet_event(struct ifnet *, int); | extern void pf_altq_ifnet_event(struct ifnet *, int); | ||||
#endif | #endif | ||||
VNET_DECLARE(uma_zone_t, pf_state_z); | VNET_DECLARE(uma_zone_t, pf_state_z); | ||||
#define V_pf_state_z VNET(pf_state_z) | #define V_pf_state_z VNET(pf_state_z) | ||||
VNET_DECLARE(uma_zone_t, pf_state_key_z); | VNET_DECLARE(uma_zone_t, pf_state_key_z); | ||||
#define V_pf_state_key_z VNET(pf_state_key_z) | #define V_pf_state_key_z VNET(pf_state_key_z) | ||||
VNET_DECLARE(uma_zone_t, pf_udp_mapping_z); | |||||
#define V_pf_udp_mapping_z VNET(pf_udp_mapping_z) | |||||
VNET_DECLARE(uma_zone_t, pf_state_scrub_z); | VNET_DECLARE(uma_zone_t, pf_state_scrub_z); | ||||
#define V_pf_state_scrub_z VNET(pf_state_scrub_z) | #define V_pf_state_scrub_z VNET(pf_state_scrub_z) | ||||
extern void pf_purge_thread(void *); | extern void pf_purge_thread(void *); | ||||
extern void pf_unload_vnet_purge(void); | extern void pf_unload_vnet_purge(void); | ||||
extern void pf_intr(void *); | extern void pf_intr(void *); | ||||
extern void pf_purge_expired_src_nodes(void); | extern void pf_purge_expired_src_nodes(void); | ||||
▲ Show 20 Lines • Show All 56 Lines • ▼ Show 20 Lines | |||||
extern struct pf_kstate *pf_find_state_byid(uint64_t, uint32_t); | extern struct pf_kstate *pf_find_state_byid(uint64_t, uint32_t); | ||||
extern struct pf_kstate *pf_find_state_all( | extern struct pf_kstate *pf_find_state_all( | ||||
const struct pf_state_key_cmp *, | const struct pf_state_key_cmp *, | ||||
u_int, int *); | u_int, int *); | ||||
extern bool pf_find_state_all_exists( | extern bool pf_find_state_all_exists( | ||||
const struct pf_state_key_cmp *, | const struct pf_state_key_cmp *, | ||||
u_int); | u_int); | ||||
extern struct pf_udp_mapping *pf_udp_mapping_find(struct pf_udp_endpoint_cmp | |||||
*endpoint); | |||||
extern struct pf_udp_mapping *pf_udp_mapping_create(sa_family_t af, | |||||
struct pf_addr *src_addr, uint16_t src_port, | |||||
struct pf_addr *nat_addr, uint16_t nat_port); | |||||
extern int pf_udp_mapping_insert(struct pf_udp_mapping | |||||
*mapping); | |||||
extern void pf_udp_mapping_release(struct pf_udp_mapping | |||||
*mapping); | |||||
extern struct pf_ksrc_node *pf_find_src_node(struct pf_addr *, | extern struct pf_ksrc_node *pf_find_src_node(struct pf_addr *, | ||||
struct pf_krule *, sa_family_t, | struct pf_krule *, sa_family_t, | ||||
struct pf_srchash **, bool); | struct pf_srchash **, bool); | ||||
extern void pf_unlink_src_node(struct pf_ksrc_node *); | extern void pf_unlink_src_node(struct pf_ksrc_node *); | ||||
extern u_int pf_free_src_nodes(struct pf_ksrc_node_list *); | extern u_int pf_free_src_nodes(struct pf_ksrc_node_list *); | ||||
extern void pf_print_state(struct pf_kstate *); | extern void pf_print_state(struct pf_kstate *); | ||||
extern void pf_print_flags(u_int8_t); | extern void pf_print_flags(u_int8_t); | ||||
extern int pf_addr_wrap_neq(struct pf_addr_wrap *, | extern int pf_addr_wrap_neq(struct pf_addr_wrap *, | ||||
▲ Show 20 Lines • Show All 277 Lines • ▼ Show 20 Lines | u_short pf_map_addr(u_int8_t, struct pf_krule *, | ||||
struct pf_addr *, struct pf_addr *, | struct pf_addr *, struct pf_addr *, | ||||
struct pfi_kkif **nkif, struct pf_addr *, | struct pfi_kkif **nkif, struct pf_addr *, | ||||
struct pf_ksrc_node **); | struct pf_ksrc_node **); | ||||
u_short pf_get_translation(struct pf_pdesc *, struct mbuf *, | u_short pf_get_translation(struct pf_pdesc *, struct mbuf *, | ||||
int, struct pfi_kkif *, struct pf_ksrc_node **, | int, struct pfi_kkif *, struct pf_ksrc_node **, | ||||
struct pf_state_key **, struct pf_state_key **, | struct pf_state_key **, struct pf_state_key **, | ||||
struct pf_addr *, struct pf_addr *, | struct pf_addr *, struct pf_addr *, | ||||
uint16_t, uint16_t, struct pf_kanchor_stackframe *, | uint16_t, uint16_t, struct pf_kanchor_stackframe *, | ||||
struct pf_krule **); | struct pf_krule **, | ||||
struct pf_udp_mapping **udp_mapping); | |||||
struct pf_state_key *pf_state_key_setup(struct pf_pdesc *, struct pf_addr *, | struct pf_state_key *pf_state_key_setup(struct pf_pdesc *, struct pf_addr *, | ||||
struct pf_addr *, u_int16_t, u_int16_t); | struct pf_addr *, u_int16_t, u_int16_t); | ||||
struct pf_state_key *pf_state_key_clone(const struct pf_state_key *); | struct pf_state_key *pf_state_key_clone(const struct pf_state_key *); | ||||
void pf_rule_to_actions(struct pf_krule *, | void pf_rule_to_actions(struct pf_krule *, | ||||
struct pf_rule_actions *); | struct pf_rule_actions *); | ||||
int pf_normalize_mss(struct mbuf *m, int off, | int pf_normalize_mss(struct mbuf *m, int off, | ||||
struct pf_pdesc *pd); | struct pf_pdesc *pd); | ||||
Show All 13 Lines |
Space out addr/port/... with tabs, not spaces.