Differential D20534 Diff 58303 sys/netpfil/ipfw/nat64/nat64lsn.c

Changeset View

Standalone View

sys/netpfil/ipfw/nat64/nat64lsn.c

Show First 20 Lines • Show All 81 Lines • ▼ Show 20 Lines
static uma_zone_t nat64lsn_pg_zone;		static uma_zone_t nat64lsn_pg_zone;
static uma_zone_t nat64lsn_aliaslink_zone;		static uma_zone_t nat64lsn_aliaslink_zone;
static uma_zone_t nat64lsn_state_zone;		static uma_zone_t nat64lsn_state_zone;
static uma_zone_t nat64lsn_job_zone;		static uma_zone_t nat64lsn_job_zone;

static void nat64lsn_periodic(void *data);		static void nat64lsn_periodic(void *data);
#define PERIODIC_DELAY 4		#define PERIODIC_DELAY 4
#define NAT64_LOOKUP(chain, cmd) \		#define NAT64_LOOKUP(chain, cmd) \
(struct nat64lsn_cfg *)SRV_OBJECT((chain), (cmd)->arg1)		(struct nat64lsn_instance *)SRV_OBJECT((chain), (cmd)->arg1)
/*		/*
* Delayed job queue, used to create new hosts		* Delayed job queue, used to create new hosts
* and new portgroups		* and new portgroups
*/		*/
enum nat64lsn_jtype {		enum nat64lsn_jtype {
JTYPE_NEWHOST = 1,		JTYPE_NEWHOST = 1,
JTYPE_NEWPORTGROUP,		JTYPE_NEWPORTGROUP,
JTYPE_DESTROY,		JTYPE_DESTROY,
▲ Show 20 Lines • Show All 1,410 Lines • ▼ Show 20 Lines

/*		/*
* Main dataplane entry point.		* Main dataplane entry point.
*/		*/
int		int
ipfw_nat64lsn(struct ip_fw_chain ch, struct ip_fw_args args,		ipfw_nat64lsn(struct ip_fw_chain ch, struct ip_fw_args args,
ipfw_insn cmd, int done)		ipfw_insn cmd, int done)
{		{
struct nat64lsn_cfg *cfg;		struct nat64lsn_instance *i;
		melifaroUnsubmitted Not Done Inline Actions Would it be possible to use more descriptive variable? inst / ilsn / whatever? melifaro: Would it be possible to use more descriptive variable? inst / ilsn / whatever?
ipfw_insn *icmd;		ipfw_insn *icmd;
int ret;		int ret;

IPFW_RLOCK_ASSERT(ch);		IPFW_RLOCK_ASSERT(ch);

done = 0; / continue the search in case of failure */		done = 0; / continue the search in case of failure */
icmd = cmd + 1;		icmd = cmd + 1;
if (cmd->opcode != O_EXTERNAL_ACTION \|\|		if (cmd->opcode != O_EXTERNAL_ACTION \|\|
cmd->arg1 != V_nat64lsn_eid \|\|		cmd->arg1 != V_nat64lsn_eid \|\|
icmd->opcode != O_EXTERNAL_INSTANCE \|\|		icmd->opcode != O_EXTERNAL_INSTANCE \|\|
(cfg = NAT64_LOOKUP(ch, icmd)) == NULL)		(i = NAT64_LOOKUP(ch, icmd)) == NULL)
		melifaroUnsubmitted Not Done Inline Actions Would it make sense to store i->cfg pointer in a separate variable to avoid multiple pointer lookups & simplify code? melifaro: Would it make sense to store i->cfg pointer in a separate variable to avoid multiple pointer…
return (IP_FW_DENY);		return (IP_FW_DENY);

done = 1; / terminate the search */		done = 1; / terminate the search */

switch (args->f_id.addr_type) {		switch (args->f_id.addr_type) {
case 4:		case 4:
ret = nat64lsn_translate4(cfg, &args->f_id, &args->m);		ret = nat64lsn_translate4(i->cfg, &args->f_id, &args->m);
break;		break;
case 6:		case 6:
/*		/*
* Check that destination IPv6 address matches our prefix6.		* Check that destination IPv6 address matches our prefix6.
*/		*/
if ((cfg->base.flags & NAT64LSN_ANYPREFIX) == 0 &&		if ((i->cfg->base.flags & NAT64LSN_ANYPREFIX) == 0 &&
memcmp(&args->f_id.dst_ip6, &cfg->base.plat_prefix,		memcmp(&args->f_id.dst_ip6, &i->cfg->base.plat_prefix,
cfg->base.plat_plen / 8) != 0) {		i->cfg->base.plat_plen / 8) != 0) {
ret = cfg->nomatch_verdict;		ret = i->cfg->nomatch_verdict;
break;		break;
}		}
ret = nat64lsn_translate6(cfg, &args->f_id, &args->m);		ret = nat64lsn_translate6(i->cfg, &args->f_id, &args->m);
break;		break;
default:		default:
ret = cfg->nomatch_verdict;		ret = i->cfg->nomatch_verdict;
}		}

if (ret != IP_FW_PASS && args->m != NULL) {		if (ret != IP_FW_PASS && args->m != NULL) {
m_freem(args->m);		m_freem(args->m);
args->m = NULL;		args->m = NULL;
}		}
return (ret);		return (ret);
}		}
▲ Show 20 Lines • Show All 55 Lines • ▼ Show 20 Lines	nat64lsn_start_instance(struct nat64lsn_cfg *cfg)

CALLOUT_LOCK(cfg);		CALLOUT_LOCK(cfg);
callout_reset(&cfg->periodic, hz * PERIODIC_DELAY,		callout_reset(&cfg->periodic, hz * PERIODIC_DELAY,
nat64lsn_periodic, cfg);		nat64lsn_periodic, cfg);
CALLOUT_UNLOCK(cfg);		CALLOUT_UNLOCK(cfg);
}		}

struct nat64lsn_cfg *		struct nat64lsn_cfg *
nat64lsn_init_instance(struct ip_fw_chain *ch, in_addr_t prefix, int plen)		nat64lsn_init_config(struct ip_fw_chain *ch, in_addr_t prefix, int plen)
{		{
struct nat64lsn_cfg *cfg;		struct nat64lsn_cfg *cfg;
struct nat64lsn_alias *alias;		struct nat64lsn_alias *alias;
int i, naddr;		int i, naddr;

cfg = malloc(sizeof(struct nat64lsn_cfg), M_NAT64LSN,		cfg = malloc(sizeof(struct nat64lsn_cfg), M_NAT64LSN,
M_WAITOK \| M_ZERO);		M_WAITOK \| M_ZERO);

▲ Show 20 Lines • Show All 86 Lines • ▼ Show 20 Lines	while (!CK_SLIST_EMPTY(&host->aliases)) {
uma_zfree(nat64lsn_aliaslink_zone, link);		uma_zfree(nat64lsn_aliaslink_zone, link);
}		}
HOST_LOCK_DESTROY(host);		HOST_LOCK_DESTROY(host);
free(host->states_hash, M_NAT64LSN);		free(host->states_hash, M_NAT64LSN);
uma_zfree(nat64lsn_host_zone, host);		uma_zfree(nat64lsn_host_zone, host);
}		}

void		void
nat64lsn_destroy_instance(struct nat64lsn_cfg *cfg)		nat64lsn_destroy_config(struct nat64lsn_cfg *cfg)
{		{
struct nat64lsn_host *host;		struct nat64lsn_host *host;
int i;		int i;

CALLOUT_LOCK(cfg);		CALLOUT_LOCK(cfg);
callout_drain(&cfg->periodic);		callout_drain(&cfg->periodic);
CALLOUT_UNLOCK(cfg);		CALLOUT_UNLOCK(cfg);
callout_drain(&cfg->jcallout);		callout_drain(&cfg->jcallout);
Show All 20 Lines