Changeset View
Changeset View
Standalone View
Standalone View
sys/netpfil/pf/pf_ioctl.c
| Show First 20 Lines • Show All 278 Lines • ▼ Show 20 Lines | |||||
| pfattach_vnet(void) | pfattach_vnet(void) | ||||
| { | { | ||||
| u_int32_t *my_timeout = V_pf_default_rule.timeout; | u_int32_t *my_timeout = V_pf_default_rule.timeout; | ||||
| pf_initialize(); | pf_initialize(); | ||||
| pfr_initialize(); | pfr_initialize(); | ||||
| pfi_initialize_vnet(); | pfi_initialize_vnet(); | ||||
| pf_normalize_init(); | pf_normalize_init(); | ||||
| pf_syncookies_init(); | |||||
| V_pf_limits[PF_LIMIT_STATES].limit = PFSTATE_HIWAT; | V_pf_limits[PF_LIMIT_STATES].limit = PFSTATE_HIWAT; | ||||
| V_pf_limits[PF_LIMIT_SRC_NODES].limit = PFSNODE_HIWAT; | V_pf_limits[PF_LIMIT_SRC_NODES].limit = PFSNODE_HIWAT; | ||||
| RB_INIT(&V_pf_anchors); | RB_INIT(&V_pf_anchors); | ||||
| pf_init_kruleset(&pf_main_ruleset); | pf_init_kruleset(&pf_main_ruleset); | ||||
| /* default rule should never be garbage collected */ | /* default rule should never be garbage collected */ | ||||
| ▲ Show 20 Lines • Show All 5,224 Lines • ▼ Show 20 Lines | #endif | ||||
| V_pf_vnet_active = 1; | V_pf_vnet_active = 1; | ||||
| } | } | ||||
| static int | static int | ||||
| pf_load(void) | pf_load(void) | ||||
| { | { | ||||
| int error; | int error; | ||||
| rm_init(&pf_rules_lock, "pf rulesets"); | rm_init_flags(&pf_rules_lock, "pf rulesets", RM_RECURSE); | ||||
| sx_init(&pf_ioctl_lock, "pf ioctl"); | sx_init(&pf_ioctl_lock, "pf ioctl"); | ||||
| sx_init(&pf_end_lock, "pf end thread"); | sx_init(&pf_end_lock, "pf end thread"); | ||||
| pf_mtag_initialize(); | pf_mtag_initialize(); | ||||
| pf_dev = make_dev(&pf_cdevsw, 0, UID_ROOT, GID_WHEEL, 0600, PF_NAME); | pf_dev = make_dev(&pf_cdevsw, 0, UID_ROOT, GID_WHEEL, 0600, PF_NAME); | ||||
| if (pf_dev == NULL) | if (pf_dev == NULL) | ||||
| return (ENOMEM); | return (ENOMEM); | ||||
| ▲ Show 20 Lines • Show All 137 Lines • Show Last 20 Lines | |||||