Changeset View
Changeset View
Standalone View
Standalone View
head/sys/contrib/ipfilter/netinet/mlfk_ipl.c
| Show First 20 Lines • Show All 78 Lines • ▼ Show 20 Lines | |||||
| static int ipfread __P((dev_t, struct uio *, int)); | static int ipfread __P((dev_t, struct uio *, int)); | ||||
| static int ipfwrite __P((dev_t, struct uio *, int)); | static int ipfwrite __P((dev_t, struct uio *, int)); | ||||
| #endif | #endif | ||||
| SYSCTL_DECL(_net_inet); | SYSCTL_DECL(_net_inet); | ||||
| #define SYSCTL_IPF(parent, nbr, name, access, ptr, val, descr) \ | #define SYSCTL_IPF(parent, nbr, name, access, ptr, val, descr) \ | ||||
| SYSCTL_OID(parent, nbr, name, \ | SYSCTL_OID(parent, nbr, name, \ | ||||
| CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_NEEDGIANT | access, \ | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_MPSAFE | access, \ | ||||
| ptr, val, sysctl_ipf_int, "I", descr) | ptr, val, sysctl_ipf_int, "I", descr) | ||||
| #define SYSCTL_DYN_IPF_NAT(parent, nbr, name, access,ptr, val, descr) \ | #define SYSCTL_DYN_IPF_NAT(parent, nbr, name, access,ptr, val, descr) \ | ||||
| SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | ||||
| CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_NEEDGIANT |access, \ | CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_MPSAFE |access, \ | ||||
| ptr, val, sysctl_ipf_int_nat, "I", descr) | ptr, val, sysctl_ipf_int_nat, "I", descr) | ||||
| #define SYSCTL_DYN_IPF_STATE(parent, nbr, name, access,ptr, val, descr) \ | #define SYSCTL_DYN_IPF_STATE(parent, nbr, name, access,ptr, val, descr) \ | ||||
| SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | ||||
| CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_NEEDGIANT | access, \ | CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_MPSAFE | access, \ | ||||
| ptr, val, sysctl_ipf_int_state, "I", descr) | ptr, val, sysctl_ipf_int_state, "I", descr) | ||||
| #define SYSCTL_DYN_IPF_FRAG(parent, nbr, name, access,ptr, val, descr) \ | #define SYSCTL_DYN_IPF_FRAG(parent, nbr, name, access,ptr, val, descr) \ | ||||
| SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | ||||
| CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_NEEDGIANT | access, \ | CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_MPSAFE | access, \ | ||||
| ptr, val, sysctl_ipf_int_frag, "I", descr) | ptr, val, sysctl_ipf_int_frag, "I", descr) | ||||
| #define SYSCTL_DYN_IPF_AUTH(parent, nbr, name, access,ptr, val, descr) \ | #define SYSCTL_DYN_IPF_AUTH(parent, nbr, name, access,ptr, val, descr) \ | ||||
| SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | SYSCTL_ADD_OID(&ipf_clist, SYSCTL_STATIC_CHILDREN(parent), nbr, name, \ | ||||
| CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_NEEDGIANT | access, \ | CTLFLAG_DYN | CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_MPSAFE | access, \ | ||||
| ptr, val, sysctl_ipf_int_auth, "I", descr) | ptr, val, sysctl_ipf_int_auth, "I", descr) | ||||
| static struct sysctl_ctx_list ipf_clist; | static struct sysctl_ctx_list ipf_clist; | ||||
| #define CTLFLAG_OFF 0x00800000 /* IPFilter must be disabled */ | #define CTLFLAG_OFF 0x00800000 /* IPFilter must be disabled */ | ||||
| #define CTLFLAG_RWO (CTLFLAG_RW|CTLFLAG_OFF) | #define CTLFLAG_RWO (CTLFLAG_RW|CTLFLAG_OFF) | ||||
| SYSCTL_NODE(_net_inet, OID_AUTO, ipf, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, | SYSCTL_NODE(_net_inet, OID_AUTO, ipf, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, | ||||
| "IPF"); | "IPF"); | ||||
| SYSCTL_IPF(_net_inet_ipf, OID_AUTO, fr_flags, CTLFLAG_RW, &VNET_NAME(ipfmain.ipf_flags), 0, "IPF flags"); | SYSCTL_IPF(_net_inet_ipf, OID_AUTO, fr_flags, CTLFLAG_RW, &VNET_NAME(ipfmain.ipf_flags), 0, "IPF flags"); | ||||
| SYSCTL_IPF(_net_inet_ipf, OID_AUTO, ipf_pass, CTLFLAG_RW, &VNET_NAME(ipfmain.ipf_pass), 0, "default pass/block"); | SYSCTL_IPF(_net_inet_ipf, OID_AUTO, ipf_pass, CTLFLAG_RW, &VNET_NAME(ipfmain.ipf_pass), 0, "default pass/block"); | ||||
| ▲ Show 20 Lines • Show All 226 Lines • ▼ Show 20 Lines | |||||
| #ifdef SYSCTL_IPF | #ifdef SYSCTL_IPF | ||||
| int | int | ||||
| sysctl_ipf_int ( SYSCTL_HANDLER_ARGS ) | sysctl_ipf_int ( SYSCTL_HANDLER_ARGS ) | ||||
| { | { | ||||
| int error = 0; | int error = 0; | ||||
| WRITE_ENTER(&V_ipfmain.ipf_mutex); | |||||
| if (arg1) | if (arg1) | ||||
| error = SYSCTL_OUT(req, arg1, sizeof(int)); | error = SYSCTL_OUT(req, arg1, sizeof(int)); | ||||
| else | else | ||||
| error = SYSCTL_OUT(req, &arg2, sizeof(int)); | error = SYSCTL_OUT(req, &arg2, sizeof(int)); | ||||
| if (error || !req->newptr) | if (error || !req->newptr) | ||||
| return (error); | goto sysctl_error; | ||||
| if (!arg1) | if (!arg1) | ||||
| error = EPERM; | error = EPERM; | ||||
| else { | else { | ||||
| if ((oidp->oid_kind & CTLFLAG_OFF) && (V_ipfmain.ipf_running > 0)) | if ((oidp->oid_kind & CTLFLAG_OFF) && (V_ipfmain.ipf_running > 0)) | ||||
| error = EBUSY; | error = EBUSY; | ||||
| else | else | ||||
| error = SYSCTL_IN(req, arg1, sizeof(int)); | error = SYSCTL_IN(req, arg1, sizeof(int)); | ||||
| } | } | ||||
| sysctl_error: | |||||
| RWLOCK_EXIT(&V_ipfmain.ipf_mutex); | |||||
| return (error); | return (error); | ||||
| } | } | ||||
| /* | /* | ||||
| * In the VIMAGE case kern_sysctl.c already adds the vnet base address given | * In the VIMAGE case kern_sysctl.c already adds the vnet base address given | ||||
| * we set CTLFLAG_VNET to get proper access checks. Have to undo this. | * we set CTLFLAG_VNET to get proper access checks. Have to undo this. | ||||
| * Then we add the given offset to the specific malloced struct hanging off | * Then we add the given offset to the specific malloced struct hanging off | ||||
| * virtualized ipmain struct. | * virtualized ipmain struct. | ||||
| ▲ Show 20 Lines • Show All 310 Lines • Show Last 20 Lines | |||||