Changeset View
Changeset View
Standalone View
Standalone View
sys/netpfil/pf/pf_lb.c
Show First 20 Lines • Show All 58 Lines • ▼ Show 20 Lines | |||||
static void pf_hash(struct pf_addr *, struct pf_addr *, | static void pf_hash(struct pf_addr *, struct pf_addr *, | ||||
struct pf_poolhashkey *, sa_family_t); | struct pf_poolhashkey *, sa_family_t); | ||||
static struct pf_rule *pf_match_translation(struct pf_pdesc *, struct mbuf *, | static struct pf_rule *pf_match_translation(struct pf_pdesc *, struct mbuf *, | ||||
int, int, struct pfi_kif *, | int, int, struct pfi_kif *, | ||||
struct pf_addr *, u_int16_t, struct pf_addr *, | struct pf_addr *, u_int16_t, struct pf_addr *, | ||||
uint16_t, int, struct pf_anchor_stackframe *); | uint16_t, int, struct pf_anchor_stackframe *); | ||||
static int pf_get_sport(sa_family_t, uint8_t, struct pf_rule *, | static int pf_get_sport(sa_family_t, uint8_t, struct pf_rule *, | ||||
struct pf_addr *, uint16_t, struct pf_addr *, uint16_t, struct pf_addr *, | struct pf_addr *, uint16_t, struct pf_addr *, uint16_t, struct pf_addr *, | ||||
uint16_t *, uint16_t, uint16_t, struct pf_src_node **); | uint16_t *, uint16_t, uint16_t, struct pf_ksrc_node **); | ||||
#define mix(a,b,c) \ | #define mix(a,b,c) \ | ||||
do { \ | do { \ | ||||
a -= b; a -= c; a ^= (c >> 13); \ | a -= b; a -= c; a ^= (c >> 13); \ | ||||
b -= c; b -= a; b ^= (a << 8); \ | b -= c; b -= a; b ^= (a << 8); \ | ||||
c -= a; c -= b; c ^= (b >> 13); \ | c -= a; c -= b; c ^= (b >> 13); \ | ||||
a -= b; a -= c; a ^= (c >> 12); \ | a -= b; a -= c; a ^= (c >> 12); \ | ||||
b -= c; b -= a; b ^= (a << 16); \ | b -= c; b -= a; b ^= (a << 16); \ | ||||
▲ Show 20 Lines • Show All 134 Lines • ▼ Show 20 Lines | if (rm != NULL && (rm->action == PF_NONAT || | ||||
return (NULL); | return (NULL); | ||||
return (rm); | return (rm); | ||||
} | } | ||||
static int | static int | ||||
pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_rule *r, | pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_rule *r, | ||||
struct pf_addr *saddr, uint16_t sport, struct pf_addr *daddr, | struct pf_addr *saddr, uint16_t sport, struct pf_addr *daddr, | ||||
uint16_t dport, struct pf_addr *naddr, uint16_t *nport, uint16_t low, | uint16_t dport, struct pf_addr *naddr, uint16_t *nport, uint16_t low, | ||||
uint16_t high, struct pf_src_node **sn) | uint16_t high, struct pf_ksrc_node **sn) | ||||
{ | { | ||||
struct pf_state_key_cmp key; | struct pf_state_key_cmp key; | ||||
struct pf_addr init_addr; | struct pf_addr init_addr; | ||||
bzero(&init_addr, sizeof(init_addr)); | bzero(&init_addr, sizeof(init_addr)); | ||||
if (pf_map_addr(af, r, saddr, naddr, &init_addr, sn)) | if (pf_map_addr(af, r, saddr, naddr, &init_addr, sn)) | ||||
return (1); | return (1); | ||||
▲ Show 20 Lines • Show All 80 Lines • ▼ Show 20 Lines | default: | ||||
return (1); | return (1); | ||||
} | } | ||||
} while (! PF_AEQ(&init_addr, naddr, af) ); | } while (! PF_AEQ(&init_addr, naddr, af) ); | ||||
return (1); /* none available */ | return (1); /* none available */ | ||||
} | } | ||||
int | int | ||||
pf_map_addr(sa_family_t af, struct pf_rule *r, struct pf_addr *saddr, | pf_map_addr(sa_family_t af, struct pf_rule *r, struct pf_addr *saddr, | ||||
struct pf_addr *naddr, struct pf_addr *init_addr, struct pf_src_node **sn) | struct pf_addr *naddr, struct pf_addr *init_addr, struct pf_ksrc_node **sn) | ||||
{ | { | ||||
struct pf_pool *rpool = &r->rpool; | struct pf_pool *rpool = &r->rpool; | ||||
struct pf_addr *raddr = NULL, *rmask = NULL; | struct pf_addr *raddr = NULL, *rmask = NULL; | ||||
/* Try to find a src_node if none was given and this | /* Try to find a src_node if none was given and this | ||||
is a sticky-address rule. */ | is a sticky-address rule. */ | ||||
if (*sn == NULL && r->rpool.opts & PF_POOL_STICKYADDR && | if (*sn == NULL && r->rpool.opts & PF_POOL_STICKYADDR && | ||||
(r->rpool.opts & PF_POOL_TYPEMASK) != PF_POOL_NONE) | (r->rpool.opts & PF_POOL_TYPEMASK) != PF_POOL_NONE) | ||||
▲ Show 20 Lines • Show All 193 Lines • ▼ Show 20 Lines | if (V_pf_status.debug >= PF_DEBUG_MISC && | ||||
printf("\n"); | printf("\n"); | ||||
} | } | ||||
return (0); | return (0); | ||||
} | } | ||||
struct pf_rule * | struct pf_rule * | ||||
pf_get_translation(struct pf_pdesc *pd, struct mbuf *m, int off, int direction, | pf_get_translation(struct pf_pdesc *pd, struct mbuf *m, int off, int direction, | ||||
struct pfi_kif *kif, struct pf_src_node **sn, | struct pfi_kif *kif, struct pf_ksrc_node **sn, | ||||
struct pf_state_key **skp, struct pf_state_key **nkp, | struct pf_state_key **skp, struct pf_state_key **nkp, | ||||
struct pf_addr *saddr, struct pf_addr *daddr, | struct pf_addr *saddr, struct pf_addr *daddr, | ||||
uint16_t sport, uint16_t dport, struct pf_anchor_stackframe *anchor_stack) | uint16_t sport, uint16_t dport, struct pf_anchor_stackframe *anchor_stack) | ||||
{ | { | ||||
struct pf_rule *r = NULL; | struct pf_rule *r = NULL; | ||||
struct pf_addr *naddr; | struct pf_addr *naddr; | ||||
uint16_t *nport; | uint16_t *nport; | ||||
▲ Show 20 Lines • Show All 159 Lines • Show Last 20 Lines |