Changeset View
Changeset View
Standalone View
Standalone View
sys/netpfil/pf/pf.c
Show First 20 Lines • Show All 696 Lines • ▼ Show 20 Lines | if (n != NULL) { | ||||
n->states++; | n->states++; | ||||
PF_HASHROW_UNLOCK(sh); | PF_HASHROW_UNLOCK(sh); | ||||
} else if (returnlocked == 0) | } else if (returnlocked == 0) | ||||
PF_HASHROW_UNLOCK(sh); | PF_HASHROW_UNLOCK(sh); | ||||
return (n); | return (n); | ||||
} | } | ||||
static void | |||||
pf_free_src_node(struct pf_ksrc_node *sn) | |||||
{ | |||||
for (int i = 0; i < 2; i++) { | |||||
if (sn->bytes[i]) | |||||
counter_u64_free(sn->bytes[i]); | |||||
if (sn->packets[i]) | |||||
counter_u64_free(sn->packets[i]); | |||||
} | |||||
uma_zfree(V_pf_sources_z, sn); | |||||
} | |||||
static int | static int | ||||
pf_insert_src_node(struct pf_ksrc_node **sn, struct pf_rule *rule, | pf_insert_src_node(struct pf_ksrc_node **sn, struct pf_rule *rule, | ||||
struct pf_addr *src, sa_family_t af) | struct pf_addr *src, sa_family_t af) | ||||
{ | { | ||||
KASSERT((rule->rule_flag & PFRULE_SRCTRACK || | KASSERT((rule->rule_flag & PFRULE_SRCTRACK || | ||||
rule->rpool.opts & PF_POOL_STICKYADDR), | rule->rpool.opts & PF_POOL_STICKYADDR), | ||||
("%s for non-tracking rule %p", __func__, rule)); | ("%s for non-tracking rule %p", __func__, rule)); | ||||
Show All 12 Lines | if (*sn == NULL) { | ||||
else | else | ||||
counter_u64_add(V_pf_status.lcounters[LCNT_SRCNODES], | counter_u64_add(V_pf_status.lcounters[LCNT_SRCNODES], | ||||
1); | 1); | ||||
if ((*sn) == NULL) { | if ((*sn) == NULL) { | ||||
PF_HASHROW_UNLOCK(sh); | PF_HASHROW_UNLOCK(sh); | ||||
return (-1); | return (-1); | ||||
} | } | ||||
for (int i = 0; i < 2; i++) { | |||||
(*sn)->bytes[i] = counter_u64_alloc(M_NOWAIT); | |||||
(*sn)->packets[i] = counter_u64_alloc(M_NOWAIT); | |||||
if ((*sn)->bytes[i] == NULL || (*sn)->packets[i] == NULL) { | |||||
pf_free_src_node(*sn); | |||||
PF_HASHROW_UNLOCK(sh); | |||||
return (-1); | |||||
} | |||||
} | |||||
pf_init_threshold(&(*sn)->conn_rate, | pf_init_threshold(&(*sn)->conn_rate, | ||||
rule->max_src_conn_rate.limit, | rule->max_src_conn_rate.limit, | ||||
rule->max_src_conn_rate.seconds); | rule->max_src_conn_rate.seconds); | ||||
(*sn)->af = af; | (*sn)->af = af; | ||||
(*sn)->rule.ptr = rule; | (*sn)->rule.ptr = rule; | ||||
PF_ACPY(&(*sn)->addr, src, af); | PF_ACPY(&(*sn)->addr, src, af); | ||||
LIST_INSERT_HEAD(&sh->nodes, *sn, entry); | LIST_INSERT_HEAD(&sh->nodes, *sn, entry); | ||||
Show All 27 Lines | |||||
u_int | u_int | ||||
pf_free_src_nodes(struct pf_ksrc_node_list *head) | pf_free_src_nodes(struct pf_ksrc_node_list *head) | ||||
{ | { | ||||
struct pf_ksrc_node *sn, *tmp; | struct pf_ksrc_node *sn, *tmp; | ||||
u_int count = 0; | u_int count = 0; | ||||
LIST_FOREACH_SAFE(sn, head, entry, tmp) { | LIST_FOREACH_SAFE(sn, head, entry, tmp) { | ||||
uma_zfree(V_pf_sources_z, sn); | pf_free_src_node(sn); | ||||
count++; | count++; | ||||
} | } | ||||
counter_u64_add(V_pf_status.scounters[SCNT_SRC_NODE_REMOVALS], count); | counter_u64_add(V_pf_status.scounters[SCNT_SRC_NODE_REMOVALS], count); | ||||
return (count); | return (count); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 5,399 Lines • ▼ Show 20 Lines | if (a != NULL) { | ||||
a->bytes[dirndx] += pd.tot_len; | a->bytes[dirndx] += pd.tot_len; | ||||
} | } | ||||
if (s != NULL) { | if (s != NULL) { | ||||
if (s->nat_rule.ptr != NULL) { | if (s->nat_rule.ptr != NULL) { | ||||
s->nat_rule.ptr->packets[dirndx]++; | s->nat_rule.ptr->packets[dirndx]++; | ||||
s->nat_rule.ptr->bytes[dirndx] += pd.tot_len; | s->nat_rule.ptr->bytes[dirndx] += pd.tot_len; | ||||
} | } | ||||
if (s->src_node != NULL) { | if (s->src_node != NULL) { | ||||
s->src_node->packets[dirndx]++; | counter_u64_add(s->src_node->packets[dirndx], | ||||
s->src_node->bytes[dirndx] += pd.tot_len; | 1); | ||||
counter_u64_add(s->src_node->bytes[dirndx], | |||||
pd.tot_len); | |||||
} | } | ||||
if (s->nat_src_node != NULL) { | if (s->nat_src_node != NULL) { | ||||
s->nat_src_node->packets[dirndx]++; | counter_u64_add(s->nat_src_node->packets[dirndx], | ||||
s->nat_src_node->bytes[dirndx] += pd.tot_len; | 1); | ||||
counter_u64_add(s->nat_src_node->bytes[dirndx], | |||||
pd.tot_len); | |||||
} | } | ||||
dirndx = (dir == s->direction) ? 0 : 1; | dirndx = (dir == s->direction) ? 0 : 1; | ||||
counter_u64_add(s->packets[dirndx], 1); | counter_u64_add(s->packets[dirndx], 1); | ||||
counter_u64_add(s->bytes[dirndx], pd.tot_len); | counter_u64_add(s->bytes[dirndx], pd.tot_len); | ||||
} | } | ||||
tr = r; | tr = r; | ||||
nr = (s != NULL) ? s->nat_rule.ptr : pd.nat_rule; | nr = (s != NULL) ? s->nat_rule.ptr : pd.nat_rule; | ||||
if (nr != NULL && r == &V_pf_default_rule) | if (nr != NULL && r == &V_pf_default_rule) | ||||
▲ Show 20 Lines • Show All 374 Lines • ▼ Show 20 Lines | if (a != NULL) { | ||||
a->bytes[dirndx] += pd.tot_len; | a->bytes[dirndx] += pd.tot_len; | ||||
} | } | ||||
if (s != NULL) { | if (s != NULL) { | ||||
if (s->nat_rule.ptr != NULL) { | if (s->nat_rule.ptr != NULL) { | ||||
s->nat_rule.ptr->packets[dirndx]++; | s->nat_rule.ptr->packets[dirndx]++; | ||||
s->nat_rule.ptr->bytes[dirndx] += pd.tot_len; | s->nat_rule.ptr->bytes[dirndx] += pd.tot_len; | ||||
} | } | ||||
if (s->src_node != NULL) { | if (s->src_node != NULL) { | ||||
s->src_node->packets[dirndx]++; | counter_u64_add(s->src_node->packets[dirndx], | ||||
s->src_node->bytes[dirndx] += pd.tot_len; | 1); | ||||
counter_u64_add(s->src_node->bytes[dirndx], | |||||
pd.tot_len); | |||||
} | } | ||||
if (s->nat_src_node != NULL) { | if (s->nat_src_node != NULL) { | ||||
s->nat_src_node->packets[dirndx]++; | counter_u64_add(s->nat_src_node->packets[dirndx], | ||||
s->nat_src_node->bytes[dirndx] += pd.tot_len; | 1); | ||||
counter_u64_add(s->nat_src_node->bytes[dirndx], | |||||
pd.tot_len); | |||||
} | } | ||||
dirndx = (dir == s->direction) ? 0 : 1; | dirndx = (dir == s->direction) ? 0 : 1; | ||||
counter_u64_add(s->packets[dirndx], 1); | counter_u64_add(s->packets[dirndx], 1); | ||||
counter_u64_add(s->bytes[dirndx], pd.tot_len); | counter_u64_add(s->bytes[dirndx], pd.tot_len); | ||||
} | } | ||||
tr = r; | tr = r; | ||||
nr = (s != NULL) ? s->nat_rule.ptr : pd.nat_rule; | nr = (s != NULL) ? s->nat_rule.ptr : pd.nat_rule; | ||||
if (nr != NULL && r == &V_pf_default_rule) | if (nr != NULL && r == &V_pf_default_rule) | ||||
▲ Show 20 Lines • Show All 46 Lines • Show Last 20 Lines |