Changeset View
Changeset View
Standalone View
Standalone View
sys/net/pfvar.h
Show First 20 Lines • Show All 677 Lines • ▼ Show 20 Lines | struct pf_state_peer { | ||||
u_int16_t max_win; /* largest window (pre scaling) */ | u_int16_t max_win; /* largest window (pre scaling) */ | ||||
u_int16_t mss; /* Maximum segment size option */ | u_int16_t mss; /* Maximum segment size option */ | ||||
u_int8_t state; /* active state level */ | u_int8_t state; /* active state level */ | ||||
u_int8_t wscale; /* window scaling factor */ | u_int8_t wscale; /* window scaling factor */ | ||||
u_int8_t tcp_est; /* Did we reach TCPS_ESTABLISHED */ | u_int8_t tcp_est; /* Did we reach TCPS_ESTABLISHED */ | ||||
u_int8_t pad[1]; | u_int8_t pad[1]; | ||||
}; | }; | ||||
/* Keep synced with struct pf_udp_endpoint. */ | |||||
struct pf_udp_endpoint_cmp { | |||||
struct pf_addr addr; | |||||
kp: Space out addr/port/... with tabs, not spaces. | |||||
uint16_t port; | |||||
sa_family_t af; | |||||
uint8_t pad[1]; | |||||
}; | |||||
struct pf_udp_endpoint { | |||||
struct pf_addr addr; | |||||
Done Inline ActionsSpace out addr/port/... with tabs, not spaces. kp: Space out addr/port/... with tabs, not spaces. | |||||
uint16_t port; | |||||
Not Done Inline ActionsPlease use new C standard uintXX_t types instead of historic u_intXX_t in new code. glebius: Please use new C standard uintXX_t types instead of historic u_intXX_t in new code. | |||||
sa_family_t af; | |||||
uint8_t pad[1]; | |||||
struct pf_udp_mapping *mapping; | |||||
LIST_ENTRY(pf_udp_endpoint) entry; | |||||
}; | |||||
struct pf_udp_mapping { | |||||
struct pf_udp_endpoint endpoints[2]; | |||||
Not Done Inline ActionsWhy two endpoints? kp: Why two endpoints? | |||||
u_int refs; | |||||
}; | |||||
/* Keep synced with struct pf_state_key. */ | /* Keep synced with struct pf_state_key. */ | ||||
struct pf_state_key_cmp { | struct pf_state_key_cmp { | ||||
struct pf_addr addr[2]; | struct pf_addr addr[2]; | ||||
u_int16_t port[2]; | u_int16_t port[2]; | ||||
sa_family_t af; | sa_family_t af; | ||||
u_int8_t proto; | u_int8_t proto; | ||||
u_int8_t pad[2]; | u_int8_t pad[2]; | ||||
}; | }; | ||||
Show All 29 Lines | struct pf_state { | ||||
LIST_ENTRY(pf_state) entry; | LIST_ENTRY(pf_state) entry; | ||||
struct pf_state_peer src; | struct pf_state_peer src; | ||||
struct pf_state_peer dst; | struct pf_state_peer dst; | ||||
union pf_rule_ptr rule; | union pf_rule_ptr rule; | ||||
union pf_rule_ptr anchor; | union pf_rule_ptr anchor; | ||||
union pf_rule_ptr nat_rule; | union pf_rule_ptr nat_rule; | ||||
struct pf_addr rt_addr; | struct pf_addr rt_addr; | ||||
struct pf_state_key *key[2]; /* addresses stack and wire */ | struct pf_state_key *key[2]; /* addresses stack and wire */ | ||||
struct pf_udp_mapping *udp_mapping; | |||||
struct pfi_kif *kif; | struct pfi_kif *kif; | ||||
struct pfi_kif *rt_kif; | struct pfi_kif *rt_kif; | ||||
struct pf_src_node *src_node; | struct pf_src_node *src_node; | ||||
struct pf_src_node *nat_src_node; | struct pf_src_node *nat_src_node; | ||||
u_int64_t packets[2]; | u_int64_t packets[2]; | ||||
u_int64_t bytes[2]; | u_int64_t bytes[2]; | ||||
u_int32_t creation; | u_int32_t creation; | ||||
u_int32_t expire; | u_int32_t expire; | ||||
▲ Show 20 Lines • Show All 708 Lines • ▼ Show 20 Lines | |||||
#ifdef _KERNEL | #ifdef _KERNEL | ||||
LIST_HEAD(pf_src_node_list, pf_src_node); | LIST_HEAD(pf_src_node_list, pf_src_node); | ||||
struct pf_srchash { | struct pf_srchash { | ||||
struct pf_src_node_list nodes; | struct pf_src_node_list nodes; | ||||
struct mtx lock; | struct mtx lock; | ||||
}; | }; | ||||
struct pf_udpendpointhash { | |||||
LIST_HEAD(, pf_udp_endpoint) endpoints; | |||||
struct mtx lock; | |||||
}; | |||||
struct pf_keyhash { | struct pf_keyhash { | ||||
LIST_HEAD(, pf_state_key) keys; | LIST_HEAD(, pf_state_key) keys; | ||||
struct mtx lock; | struct mtx lock; | ||||
}; | }; | ||||
struct pf_idhash { | struct pf_idhash { | ||||
LIST_HEAD(, pf_state) states; | LIST_HEAD(, pf_state) states; | ||||
struct mtx lock; | struct mtx lock; | ||||
}; | }; | ||||
extern u_long pf_hashmask; | extern u_long pf_hashmask; | ||||
extern u_long pf_srchashmask; | extern u_long pf_srchashmask; | ||||
#define PF_HASHSIZ (32768) | #define PF_HASHSIZ (32768) | ||||
VNET_DECLARE(struct pf_udpendpointhash *, pf_udpendpointhash); | |||||
VNET_DECLARE(struct pf_keyhash *, pf_keyhash); | VNET_DECLARE(struct pf_keyhash *, pf_keyhash); | ||||
VNET_DECLARE(struct pf_idhash *, pf_idhash); | VNET_DECLARE(struct pf_idhash *, pf_idhash); | ||||
#define V_pf_udpendpointhash VNET(pf_udpendpointhash) | |||||
#define V_pf_keyhash VNET(pf_keyhash) | #define V_pf_keyhash VNET(pf_keyhash) | ||||
#define V_pf_idhash VNET(pf_idhash) | #define V_pf_idhash VNET(pf_idhash) | ||||
VNET_DECLARE(struct pf_srchash *, pf_srchash); | VNET_DECLARE(struct pf_srchash *, pf_srchash); | ||||
#define V_pf_srchash VNET(pf_srchash) | #define V_pf_srchash VNET(pf_srchash) | ||||
#define PF_IDHASH(s) (be64toh((s)->id) % (pf_hashmask + 1)) | #define PF_IDHASH(s) (be64toh((s)->id) % (pf_hashmask + 1)) | ||||
VNET_DECLARE(void *, pf_swi_cookie); | VNET_DECLARE(void *, pf_swi_cookie); | ||||
Show All 34 Lines | |||||
extern void pf_calc_skip_steps(struct pf_rulequeue *); | extern void pf_calc_skip_steps(struct pf_rulequeue *); | ||||
#ifdef ALTQ | #ifdef ALTQ | ||||
extern void pf_altq_ifnet_event(struct ifnet *, int); | extern void pf_altq_ifnet_event(struct ifnet *, int); | ||||
#endif | #endif | ||||
VNET_DECLARE(uma_zone_t, pf_state_z); | VNET_DECLARE(uma_zone_t, pf_state_z); | ||||
#define V_pf_state_z VNET(pf_state_z) | #define V_pf_state_z VNET(pf_state_z) | ||||
VNET_DECLARE(uma_zone_t, pf_state_key_z); | VNET_DECLARE(uma_zone_t, pf_state_key_z); | ||||
#define V_pf_state_key_z VNET(pf_state_key_z) | #define V_pf_state_key_z VNET(pf_state_key_z) | ||||
VNET_DECLARE(uma_zone_t, pf_udp_mapping_z); | |||||
#define V_pf_udp_mapping_z VNET(pf_udp_mapping_z) | |||||
VNET_DECLARE(uma_zone_t, pf_state_scrub_z); | VNET_DECLARE(uma_zone_t, pf_state_scrub_z); | ||||
#define V_pf_state_scrub_z VNET(pf_state_scrub_z) | #define V_pf_state_scrub_z VNET(pf_state_scrub_z) | ||||
extern void pf_purge_thread(void *); | extern void pf_purge_thread(void *); | ||||
extern void pf_unload_vnet_purge(void); | extern void pf_unload_vnet_purge(void); | ||||
extern void pf_intr(void *); | extern void pf_intr(void *); | ||||
extern void pf_purge_expired_src_nodes(void); | extern void pf_purge_expired_src_nodes(void); | ||||
Show All 22 Lines | if (refcount_release(&s->refs)) { | ||||
return (1); | return (1); | ||||
} else | } else | ||||
return (0); | return (0); | ||||
} | } | ||||
extern struct pf_state *pf_find_state_byid(uint64_t, uint32_t); | extern struct pf_state *pf_find_state_byid(uint64_t, uint32_t); | ||||
extern struct pf_state *pf_find_state_all(struct pf_state_key_cmp *, | extern struct pf_state *pf_find_state_all(struct pf_state_key_cmp *, | ||||
u_int, int *); | u_int, int *); | ||||
extern struct pf_udp_mapping *pf_udp_mapping_find(struct pf_udp_endpoint_cmp *endpoint); | |||||
extern struct pf_udp_mapping *pf_udp_mapping_create(sa_family_t af, | |||||
struct pf_addr *src_addr, uint16_t src_port, | |||||
struct pf_addr *nat_addr, uint16_t nat_port); | |||||
extern int pf_udp_mapping_insert(struct pf_udp_mapping *mapping); | |||||
extern void pf_udp_mapping_release(struct pf_udp_mapping *mapping); | |||||
extern struct pf_src_node *pf_find_src_node(struct pf_addr *, | extern struct pf_src_node *pf_find_src_node(struct pf_addr *, | ||||
struct pf_rule *, sa_family_t, int); | struct pf_rule *, sa_family_t, int); | ||||
extern void pf_unlink_src_node(struct pf_src_node *); | extern void pf_unlink_src_node(struct pf_src_node *); | ||||
extern u_int pf_free_src_nodes(struct pf_src_node_list *); | extern u_int pf_free_src_nodes(struct pf_src_node_list *); | ||||
extern void pf_print_state(struct pf_state *); | extern void pf_print_state(struct pf_state *); | ||||
extern void pf_print_flags(u_int8_t); | extern void pf_print_flags(u_int8_t); | ||||
extern u_int16_t pf_cksum_fixup(u_int16_t, u_int16_t, u_int16_t, | extern u_int16_t pf_cksum_fixup(u_int16_t, u_int16_t, u_int16_t, | ||||
u_int8_t); | u_int8_t); | ||||
▲ Show 20 Lines • Show All 178 Lines • ▼ Show 20 Lines | |||||
int pf_map_addr(u_int8_t, struct pf_rule *, | int pf_map_addr(u_int8_t, struct pf_rule *, | ||||
struct pf_addr *, struct pf_addr *, | struct pf_addr *, struct pf_addr *, | ||||
struct pf_addr *, struct pf_src_node **); | struct pf_addr *, struct pf_src_node **); | ||||
struct pf_rule *pf_get_translation(struct pf_pdesc *, struct mbuf *, | struct pf_rule *pf_get_translation(struct pf_pdesc *, struct mbuf *, | ||||
int, int, struct pfi_kif *, struct pf_src_node **, | int, int, struct pfi_kif *, struct pf_src_node **, | ||||
struct pf_state_key **, struct pf_state_key **, | struct pf_state_key **, struct pf_state_key **, | ||||
struct pf_addr *, struct pf_addr *, | struct pf_addr *, struct pf_addr *, | ||||
uint16_t, uint16_t, struct pf_anchor_stackframe *); | uint16_t, uint16_t, struct pf_anchor_stackframe *, | ||||
struct pf_udp_mapping **udp_mapping); | |||||
struct pf_state_key *pf_state_key_setup(struct pf_pdesc *, struct pf_addr *, | struct pf_state_key *pf_state_key_setup(struct pf_pdesc *, struct pf_addr *, | ||||
struct pf_addr *, u_int16_t, u_int16_t); | struct pf_addr *, u_int16_t, u_int16_t); | ||||
struct pf_state_key *pf_state_key_clone(struct pf_state_key *); | struct pf_state_key *pf_state_key_clone(struct pf_state_key *); | ||||
#endif /* _KERNEL */ | #endif /* _KERNEL */ | ||||
#endif /* _NET_PFVAR_H_ */ | #endif /* _NET_PFVAR_H_ */ |
Space out addr/port/... with tabs, not spaces.