Date: Sun, 20 Oct 2002 16:33:45 -0700 From: Maxime Henrion <mux@freebsd.org> To: current@FreeBSD.org Cc: luigi@FreeBSD.org Subject: Patch to make ipfw2 work on sparc64 Message-ID: <20021020233345.GA26605@elvis.mu.org>
next in thread | raw e-mail | index | archive | help
--G4iJoqBmSsgzjUCe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Hello all,
I got ipfw2 apparently working on my sparc64 box. I simply added
new fields in the structure of the rules to avoid the evil casting.
Of course, it breaks the ABI, so ipfw(8) must be rebuilt. Also,
this may be considered bloat since I didn't use unions or anything,
but I think it would be nice to have ipfw2 working first and then
have the code which exports the rules to userland reworked. It
should probably use two versions of the structures, one for userland
and one for the kernel like ucred/xucred, etc... Patches for both
kernel and userland attached.
Comments appreciated.
Cheers,
Maxime
--G4iJoqBmSsgzjUCe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="ipfw2.patch"
Index: sys/netinet/ip_fw.h
===================================================================
RCS file: /space/ncvs/src/sys/netinet/ip_fw.h,v
retrieving revision 1.74
diff -u -r1.74 ip_fw.h
--- sys/netinet/ip_fw.h 10 Aug 2002 04:37:32 -0000 1.74
+++ sys/netinet/ip_fw.h 20 Oct 2002 23:20:20 -0000
@@ -276,6 +276,7 @@
struct ip_fw {
struct ip_fw *next; /* linked list of rules */
struct ip_fw *next_rule; /* ptr to next [skipto] rule */
+ u_int32_t set_disable; /* disabled sets (for userland) */
u_int16_t act_ofs; /* offset of action in 32-bit units */
u_int16_t cmd_len; /* # of 32-bit words in cmd */
u_int16_t rulenum; /* rule number */
@@ -331,6 +332,7 @@
/* to generate keepalives) */
u_int16_t dyn_type; /* rule type */
u_int16_t count; /* refcount */
+ u_int16_t rulenum; /* rule number (for userland) */
};
/*
Index: sys/netinet/ip_fw2.c
===================================================================
RCS file: /space/ncvs/src/sys/netinet/ip_fw2.c,v
retrieving revision 1.13
diff -u -r1.13 ip_fw2.c
--- sys/netinet/ip_fw2.c 19 Oct 2002 11:31:50 -0000 1.13
+++ sys/netinet/ip_fw2.c 20 Oct 2002 23:18:42 -0000
@@ -2502,11 +2502,7 @@
for (rule = layer3_chain; rule ; rule = rule->next) {
int i = RULESIZE(rule);
bcopy(rule, bp, i);
- /*
- * abuse 'next_rule' to store the set_disable word
- */
- (u_int32_t)(((struct ip_fw *)bp)->next_rule) =
- set_disable;
+ ((struct ip_fw *)bp)->set_disable = set_disable;
bp = (struct ip_fw *)((char *)bp + i);
}
if (ipfw_dyn_v) {
@@ -2518,7 +2514,7 @@
for ( p = ipfw_dyn_v[i] ; p != NULL ;
p = p->next, dst++ ) {
bcopy(p, dst, sizeof *p);
- (int)dst->rule = p->rule->rulenum ;
+ dst->rulenum = p->rule->rulenum;
/*
* store a non-null value in "next".
* The userland code will interpret a
Index: sbin/ipfw/ipfw2.c
===================================================================
RCS file: /space/ncvs/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.13
diff -u -r1.13 ipfw2.c
--- sbin/ipfw/ipfw2.c 12 Sep 2002 00:45:32 -0000 1.13
+++ sbin/ipfw/ipfw2.c 20 Oct 2002 23:22:00 -0000
@@ -811,7 +811,7 @@
ipfw_insn_log *logptr = NULL; /* set if we find an O_LOG */
int or_block = 0; /* we are in an or block */
- u_int32_t set_disable = (u_int32_t)(rule->next_rule);
+ u_int32_t set_disable = rule->set_disable;
if (set_disable & (1 << rule->set)) { /* disabled */
if (!show_sets)
@@ -1198,7 +1198,7 @@
}
printf("%05d %10qu %10qu (%ds)",
- (int)(d->rule), d->pcnt, d->bcnt, d->expire);
+ d->rulenum, d->pcnt, d->bcnt, d->expire);
switch (d->dyn_type) {
case O_LIMIT_PARENT:
printf(" PARENT %d", d->count);
@@ -1432,7 +1432,7 @@
err(EX_OSERR, "malloc");
if (getsockopt(s, IPPROTO_IP, IP_FW_GET, data, &nbytes) < 0)
err(EX_OSERR, "getsockopt(IP_FW_GET)");
- set_disable = (u_int32_t)(((struct ip_fw *)data)->next_rule);
+ set_disable = ((struct ip_fw *)data)->set_disable;
for (i = 0, msg = "disable" ; i < 31; i++)
if ( (set_disable & (1<<i))) {
@@ -1618,9 +1618,9 @@
/* already warned */
continue;
for (n = 0, d = dynrules; n < ndyn; n++, d++) {
- if ((int)(d->rule) > rnum)
+ if (d->rulenum > rnum)
break;
- if ((int)(d->rule) == rnum)
+ if (d->rulenum == rnum)
show_dyn_ipfw(d);
}
}
--G4iJoqBmSsgzjUCe--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021020233345.GA26605>