diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -2405,7 +2405,7 @@ void pf_normalize_init(void); void pf_normalize_cleanup(void); -int pf_normalize_tcp(struct pfi_kkif *, struct mbuf *, int, int, void *, +int pf_normalize_tcp(struct pfi_kkif *, struct mbuf *, int, int, struct pf_pdesc *); void pf_normalize_tcp_cleanup(struct pf_kstate *); int pf_normalize_tcp_init(struct mbuf *, int, struct pf_pdesc *, @@ -2416,7 +2416,7 @@ int pf_normalize_sctp_init(struct mbuf *, int, struct pf_pdesc *, struct pf_state_peer *, struct pf_state_peer *); int pf_normalize_sctp(int, struct pfi_kkif *, struct mbuf *, int, - int, void *, struct pf_pdesc *); + int, struct pf_pdesc *); u_int32_t pf_state_expires(const struct pf_kstate *); void pf_purge_expired_fragments(void); diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -336,7 +336,7 @@ int, struct pf_state_key_cmp *, int, struct pf_addr *, int, struct pf_addr *, int); static int pf_test_fragment(struct pf_krule **, struct pfi_kkif *, - struct mbuf *, void *, struct pf_pdesc *, + struct mbuf *, struct pf_pdesc *, struct pf_krule **, struct pf_kruleset **); static int pf_tcp_track_full(struct pf_kstate **, struct pfi_kkif *, struct mbuf *, int, @@ -345,23 +345,23 @@ struct pf_pdesc *, u_short *); static int pf_test_state_tcp(struct pf_kstate **, struct pfi_kkif *, struct mbuf *, int, - void *, struct pf_pdesc *, u_short *); + struct pf_pdesc *, u_short *); static int pf_test_state_udp(struct pf_kstate **, struct pfi_kkif *, struct mbuf *, int, - void *, struct pf_pdesc *); + struct pf_pdesc *); int pf_icmp_state_lookup(struct pf_state_key_cmp *, struct pf_pdesc *, struct pf_kstate **, struct mbuf *, int, int, struct pfi_kkif *, u_int16_t, u_int16_t, int, int *, int, int); static int pf_test_state_icmp(struct pf_kstate **, struct pfi_kkif *, struct mbuf *, int, - void *, struct pf_pdesc *, u_short *); + struct pf_pdesc *, u_short *); static void pf_sctp_multihome_detach_addr(const struct pf_kstate *); static void pf_sctp_multihome_delayed(struct pf_pdesc *, int, struct pfi_kkif *, struct pf_kstate *, int); static int pf_test_state_sctp(struct pf_kstate **, struct pfi_kkif *, struct mbuf *, int, - void *, struct pf_pdesc *, u_short *); + struct pf_pdesc *, u_short *); static int pf_test_state_other(struct pf_kstate **, struct pfi_kkif *, struct mbuf *, struct pf_pdesc *); static u_int16_t pf_calc_mss(struct pf_addr *, sa_family_t, @@ -5586,7 +5586,7 @@ static int pf_test_fragment(struct pf_krule **rm, struct pfi_kkif *kif, - struct mbuf *m, void *h, struct pf_pdesc *pd, struct pf_krule **am, + struct mbuf *m, struct pf_pdesc *pd, struct pf_krule **am, struct pf_kruleset **rsm) { struct pf_krule *r, *a = NULL; @@ -6235,7 +6235,7 @@ static int pf_test_state_tcp(struct pf_kstate **state, struct pfi_kkif *kif, - struct mbuf *m, int off, void *h, struct pf_pdesc *pd, + struct mbuf *m, int off, struct pf_pdesc *pd, u_short *reason) { struct pf_state_key_cmp key; @@ -6326,7 +6326,7 @@ static int pf_test_state_udp(struct pf_kstate **state, struct pfi_kkif *kif, - struct mbuf *m, int off, void *h, struct pf_pdesc *pd) + struct mbuf *m, int off, struct pf_pdesc *pd) { struct pf_state_peer *src, *dst; struct pf_state_key_cmp key; @@ -6398,7 +6398,7 @@ static int pf_test_state_sctp(struct pf_kstate **state, struct pfi_kkif *kif, - struct mbuf *m, int off, void *h, struct pf_pdesc *pd, u_short *reason) + struct mbuf *m, int off, struct pf_pdesc *pd, u_short *reason) { struct pf_state_key_cmp key; struct pf_state_peer *src, *dst; @@ -6976,7 +6976,7 @@ static int pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, - struct mbuf *m, int off, void *h, struct pf_pdesc *pd, u_short *reason) + struct mbuf *m, int off, struct pf_pdesc *pd, u_short *reason) { struct pf_addr *saddr = pd->src, *daddr = pd->dst; u_int16_t *icmpsum, virtual_id, virtual_type; @@ -8686,7 +8686,7 @@ *action = PF_DROP; else *action = pf_test_fragment(r, kif, - m, h, pd, a, ruleset); + m, pd, a, ruleset); if (*action == PF_DROP) REASON_SET(reason, PFRES_FRAG); return (-1); @@ -9050,7 +9050,7 @@ /* handle fragments that didn't get reassembled by normalization */ if (h->ip_off & htons(IP_MF | IP_OFFMASK)) { - action = pf_test_fragment(&r, kif, m, h, &pd, &a, &ruleset); + action = pf_test_fragment(&r, kif, m, &pd, &a, &ruleset); goto done; } @@ -9067,10 +9067,10 @@ if ((pd.hdr.tcp.th_flags & TH_ACK) && pd.p_len == 0) use_2nd_queue = 1; - action = pf_normalize_tcp(kif, m, 0, off, h, &pd); + action = pf_normalize_tcp(kif, m, 0, off, &pd); if (action == PF_DROP) goto done; - action = pf_test_state_tcp(&s, kif, m, off, h, &pd, &reason); + action = pf_test_state_tcp(&s, kif, m, off, &pd, &reason); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) V_pfsync_update_state_ptr(s); @@ -9097,7 +9097,7 @@ if (action != PF_PASS) break; - action = pf_test_state_tcp(&s, kif, m, off, h, + action = pf_test_state_tcp(&s, kif, m, off, &pd, &reason); if (action != PF_PASS || s == NULL) { action = PF_DROP; @@ -9118,7 +9118,7 @@ } case IPPROTO_UDP: { - action = pf_test_state_udp(&s, kif, m, off, h, &pd); + action = pf_test_state_udp(&s, kif, m, off, &pd); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) V_pfsync_update_state_ptr(s); @@ -9131,10 +9131,10 @@ } case IPPROTO_SCTP: { - action = pf_normalize_sctp(dir, kif, m, 0, off, h, &pd); + action = pf_normalize_sctp(dir, kif, m, 0, off, &pd); if (action == PF_DROP) goto done; - action = pf_test_state_sctp(&s, kif, m, off, h, &pd, + action = pf_test_state_sctp(&s, kif, m, off, &pd, &reason); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) @@ -9149,7 +9149,7 @@ } case IPPROTO_ICMP: { - action = pf_test_state_icmp(&s, kif, m, off, h, &pd, &reason); + action = pf_test_state_icmp(&s, kif, m, off, &pd, &reason); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) V_pfsync_update_state_ptr(s); @@ -9509,10 +9509,10 @@ if ((pd.hdr.tcp.th_flags & TH_ACK) && pd.p_len == 0) use_2nd_queue = 1; - action = pf_normalize_tcp(kif, m, 0, off, h, &pd); + action = pf_normalize_tcp(kif, m, 0, off, &pd); if (action == PF_DROP) goto done; - action = pf_test_state_tcp(&s, kif, m, off, h, &pd, &reason); + action = pf_test_state_tcp(&s, kif, m, off, &pd, &reason); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) V_pfsync_update_state_ptr(s); @@ -9539,7 +9539,7 @@ if (action != PF_PASS) break; - action = pf_test_state_tcp(&s, kif, m, off, h, + action = pf_test_state_tcp(&s, kif, m, off, &pd, &reason); if (action != PF_PASS || s == NULL) { action = PF_DROP; @@ -9561,7 +9561,7 @@ } case IPPROTO_UDP: { - action = pf_test_state_udp(&s, kif, m, off, h, &pd); + action = pf_test_state_udp(&s, kif, m, off, &pd); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) V_pfsync_update_state_ptr(s); @@ -9574,10 +9574,10 @@ } case IPPROTO_SCTP: { - action = pf_normalize_sctp(dir, kif, m, 0, off, h, &pd); + action = pf_normalize_sctp(dir, kif, m, 0, off, &pd); if (action == PF_DROP) goto done; - action = pf_test_state_sctp(&s, kif, m, off, h, &pd, + action = pf_test_state_sctp(&s, kif, m, off, &pd, &reason); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) @@ -9599,7 +9599,7 @@ } case IPPROTO_ICMPV6: { - action = pf_test_state_icmp(&s, kif, m, off, h, &pd, &reason); + action = pf_test_state_icmp(&s, kif, m, off, &pd, &reason); if (action == PF_PASS) { if (V_pfsync_update_state_ptr != NULL) V_pfsync_update_state_ptr(s); diff --git a/sys/netpfil/pf/pf_norm.c b/sys/netpfil/pf/pf_norm.c --- a/sys/netpfil/pf/pf_norm.c +++ b/sys/netpfil/pf/pf_norm.c @@ -1385,7 +1385,7 @@ int pf_normalize_tcp(struct pfi_kkif *kif, struct mbuf *m, int ipoff, - int off, void *h, struct pf_pdesc *pd) + int off, struct pf_pdesc *pd) { struct pf_krule *r, *rm = NULL; struct tcphdr *th = &pd->hdr.tcp; @@ -2193,7 +2193,7 @@ int pf_normalize_sctp(int dir, struct pfi_kkif *kif, struct mbuf *m, int ipoff, - int off, void *h, struct pf_pdesc *pd) + int off, struct pf_pdesc *pd) { struct pf_krule *r, *rm = NULL; struct sctphdr *sh = &pd->hdr.sctp;