Changeset View
Changeset View
Standalone View
Standalone View
sys/netpfil/ipfw/ip_fw_private.h
| Show First 20 Lines • Show All 244 Lines • ▼ Show 20 Lines | |||||
| #define V_autoinc_step VNET(autoinc_step) | #define V_autoinc_step VNET(autoinc_step) | ||||
| VNET_DECLARE(unsigned int, fw_tables_max); | VNET_DECLARE(unsigned int, fw_tables_max); | ||||
| #define V_fw_tables_max VNET(fw_tables_max) | #define V_fw_tables_max VNET(fw_tables_max) | ||||
| VNET_DECLARE(unsigned int, fw_tables_sets); | VNET_DECLARE(unsigned int, fw_tables_sets); | ||||
| #define V_fw_tables_sets VNET(fw_tables_sets) | #define V_fw_tables_sets VNET(fw_tables_sets) | ||||
| extern int fw_nat_hash; | |||||
| struct tables_config; | struct tables_config; | ||||
| #ifdef _KERNEL | #ifdef _KERNEL | ||||
| /* | /* | ||||
| * Here we have the structure representing an ipfw rule. | * Here we have the structure representing an ipfw rule. | ||||
| * | * | ||||
| * It starts with a general area | * It starts with a general area | ||||
| * followed by an array of one or more instructions, which the code | * followed by an array of one or more instructions, which the code | ||||
| Show All 22 Lines | struct ip_fw { | ||||
| struct ip_fw *next; /* linked list of deleted rules */ | struct ip_fw *next; /* linked list of deleted rules */ | ||||
| ipfw_insn cmd[1]; /* storage for commands */ | ipfw_insn cmd[1]; /* storage for commands */ | ||||
| }; | }; | ||||
| #define IPFW_RULE_CNTR_SIZE (2 * sizeof(uint64_t)) | #define IPFW_RULE_CNTR_SIZE (2 * sizeof(uint64_t)) | ||||
| #endif | #endif | ||||
| struct nat_lists { | |||||
| LIST_HEAD(nat_list, cfg_nat) *tbl; /* table of lists of nat entries */ | |||||
| int len; /* size of of nat lookup table */ | |||||
| }; | |||||
| #define NAT_TABLE_LIST(n,i) (&((n).tbl[(i)%(n).len])) | |||||
| struct ip_fw_chain { | struct ip_fw_chain { | ||||
| struct ip_fw **map; /* array of rule ptrs to ease lookup */ | struct ip_fw **map; /* array of rule ptrs to ease lookup */ | ||||
| uint32_t id; /* ruleset id */ | uint32_t id; /* ruleset id */ | ||||
| int n_rules; /* number of static rules */ | int n_rules; /* number of static rules */ | ||||
| void *tablestate; /* runtime table info */ | void *tablestate; /* runtime table info */ | ||||
| void *valuestate; /* runtime table value info */ | void *valuestate; /* runtime table value info */ | ||||
| int *idxmap; /* skipto array of rules */ | int *idxmap; /* skipto array of rules */ | ||||
| void **srvstate; /* runtime service mappings */ | void **srvstate; /* runtime service mappings */ | ||||
| #if defined( __linux__ ) || defined( _WIN32 ) | #if defined( __linux__ ) || defined( _WIN32 ) | ||||
| spinlock_t rwmtx; | spinlock_t rwmtx; | ||||
| #else | #else | ||||
| struct rmlock rwmtx; | struct rmlock rwmtx; | ||||
| #endif | #endif | ||||
| int static_len; /* total len of static rules (v0) */ | int static_len; /* total len of static rules (v0) */ | ||||
| uint32_t gencnt; /* NAT generation count */ | uint32_t gencnt; /* NAT generation count */ | ||||
| LIST_HEAD(nat_list, cfg_nat) nat; /* list of nat entries */ | struct nat_lists nat; /* nat entries */ | ||||
| struct ip_fw *default_rule; | struct ip_fw *default_rule; | ||||
| struct tables_config *tblcfg; /* tables module data */ | struct tables_config *tblcfg; /* tables module data */ | ||||
| void *ifcfg; /* interface module data */ | void *ifcfg; /* interface module data */ | ||||
| int *idxmap_back; /* standby skipto array of rules */ | int *idxmap_back; /* standby skipto array of rules */ | ||||
| struct namedobj_instance *srvmap; /* cfg name->number mappings */ | struct namedobj_instance *srvmap; /* cfg name->number mappings */ | ||||
| #if defined( __linux__ ) || defined( _WIN32 ) | #if defined( __linux__ ) || defined( _WIN32 ) | ||||
| spinlock_t uh_lock; | spinlock_t uh_lock; | ||||
| #else | #else | ||||
| ▲ Show 20 Lines • Show All 468 Lines • ▼ Show 20 Lines | |||||
| void ipfw_unref_table(struct ip_fw_chain *ch, uint16_t kidx); | void ipfw_unref_table(struct ip_fw_chain *ch, uint16_t kidx); | ||||
| int ipfw_init_tables(struct ip_fw_chain *ch, int first); | int ipfw_init_tables(struct ip_fw_chain *ch, int first); | ||||
| int ipfw_resize_tables(struct ip_fw_chain *ch, unsigned int ntables); | int ipfw_resize_tables(struct ip_fw_chain *ch, unsigned int ntables); | ||||
| int ipfw_switch_tables_namespace(struct ip_fw_chain *ch, unsigned int nsets); | int ipfw_switch_tables_namespace(struct ip_fw_chain *ch, unsigned int nsets); | ||||
| void ipfw_destroy_tables(struct ip_fw_chain *ch, int last); | void ipfw_destroy_tables(struct ip_fw_chain *ch, int last); | ||||
| /* In ip_fw_nat.c -- XXX to be moved to ip_var.h */ | /* In ip_fw_nat.c -- XXX to be moved to ip_var.h */ | ||||
| extern struct cfg_nat *(*lookup_nat_ptr)(struct nat_list *, int); | extern struct cfg_nat *(*lookup_nat_ptr)(struct nat_lists *, int); | ||||
| typedef int ipfw_nat_t(struct ip_fw_args *, struct cfg_nat *, struct mbuf *); | typedef int ipfw_nat_t(struct ip_fw_args *, struct cfg_nat *, struct mbuf *); | ||||
| typedef int ipfw_nat_cfg_t(struct sockopt *); | typedef int ipfw_nat_cfg_t(struct sockopt *); | ||||
| VNET_DECLARE(int, ipfw_nat_ready); | VNET_DECLARE(int, ipfw_nat_ready); | ||||
| #define V_ipfw_nat_ready VNET(ipfw_nat_ready) | #define V_ipfw_nat_ready VNET(ipfw_nat_ready) | ||||
| #define IPFW_NAT_LOADED (V_ipfw_nat_ready) | #define IPFW_NAT_LOADED (V_ipfw_nat_ready) | ||||
| Show All 25 Lines | |||||