From owner-svn-soc-all@FreeBSD.ORG Mon Jul 14 11:08:14 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C625CC36 for ; Mon, 14 Jul 2014 11:08:14 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B18372B69 for ; Mon, 14 Jul 2014 11:08:14 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EB8EMV087755 for ; Mon, 14 Jul 2014 11:08:14 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.8/8.14.8/Submit) id s6EB8D9n087738 for svn-soc-all@FreeBSD.org; Mon, 14 Jul 2014 11:08:13 GMT (envelope-from dpl@FreeBSD.org) Date: Mon, 14 Jul 2014 11:08:13 GMT Message-Id: <201407141108.s6EB8D9n087738@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r270819 - soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 11:08:14 -0000 Author: dpl Date: Mon Jul 14 11:08:13 2014 New Revision: 270819 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=270819 Log: Started with some style(9) changes. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c Mon Jul 14 10:16:28 2014 (r270818) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw2.c Mon Jul 14 11:08:13 2014 (r270819) @@ -125,6 +125,69 @@ /* Use 128 tables by default */ static unsigned int default_fw_tables = IPFW_TABLES_DEFAULT; +/* Rule functions */ +static inline void rule_nop(int *); +static inline void +rule_forward_mac(int opcode) +static inline void +rule_jail(int * match, u_short offset, uint8_t proto, ipfw_insn *cmd, struct ip_fw_args *args, int ucred_lookup, void *ucred_cache) +static inline void +rule_recv(int *match, ipfw_insn *cmd, struct mbuf *m, struct ip_fw_chain *chain, uint32_t *tablearg) +static inline void +rule_xmit(int *match, struct ifnet *oif, ipfw_insn *cmd, struct ip_fw_chain *chain, uint32_t *tablearg) +static inline void +rule_via(int *match, struct ifnet *oif, struct mbuf *m, ipfw_insn *cmd, struct ip_fw_chain *chain, uint32_t *tablearg) +static inline void +rule_macaddr2(int *match, struct ip_fw_args *args, ipfw_insn *cmd) +inline void +rule_mac_type(int *match, struct ip_fw_args *args, ipfw_insn *cmd, int cmdlen, uint16_t etype) +static inline void +rule_frag(int *match, u_short offset) +inline void +rule_in(int *match, struct ifnet *oif) +inline void +rule_layer2(int *match, struct ip_fw_args * args) +static inline void +rule_diverted(int *match, struct ip_fw_args * args, ipfw_insn *cmd) +static inline void +rule_proto(int *match, uint8_t proto, ipfw_insn *cmd) +static inline void +rule_ip_src(int *match, int is_ipv4, ipfw_insn *cmd, struct in_addr *src_ip) +static inline void +rule_ip_dst_lookup(int *match, ipfw_insn *cmd, int cmdlen, struct ip_fw_args *args, uint32_t *tablearg, int is_ipv4, int is_ipv6, struct ip *ip, struct in_addr *dst_ip, struct in_addr *src_ip, uint16_t dst_port, uint16_t src_port, u_short offset, uint8_t proto, int ucred_lookup, void *ucred_cache, struct ip_fw_chain *chain) +static inline void +rule_ip_dst_mask(int *match, int is_ipv4, ipfw_insn *cmd, int cmdlen, struct in_addr *dst_ip, struct in_addr *src_ip) +static inline void +rule_ip_src_me(int *match, int is_ipv4, int is_ipv6, struct in_addr *src_ip, struct ip_fw_args *args) + +#ifdef INET6 +static inline void +rule_ip6_src_me(int *match, int is_ipv6, struct ip_fw_args *args) +#endif /* INET6 */ + +static inline void +rule_ip_src_set(int *match, int is_ipv4, ipfw_insn *cmd, struct ip_fw_args *args) +static inline void +rule_ip_dst(int *match, int is_ipv4, ipfw_insn *cmd, struct in_addr *dst_ip) +static inline void +rule_ip_dst_me(int *match, struct ip_fw_args *args, int is_ipv4, int is_ipv6, struct in_addr *dst_ip) + +#ifdef INET6 +static inline void +rule_ip6_dst_me(int *match, struct ip_fw_args *args, int is_ipv6) +#endif /* INET6 */ + +static inline void rule_ip_dstport(int *, uint8_t, u_short , ipfw_insn *, int , uint16_t , uint16_t); +static inline void rule_icmptype(int *, u_short, uint8_t , void *, ipfw_insn *) + +#ifdef INET6 +static inline void rule_icmp6type(int *, u_short, int, uint8_t, void *, ipfw_insn *) +#endif /* INET6 */ + +static inline void rule_ipopt(int *match, int is_ipv4, struct ip *ip, ipfw_insn *cmd) +static inline void rule_ipver(int *match, int is_ipv4, ipfw_insn *cmd, struct ip *ip) +static inline void rule_ipttl(int *match, int is_ipv4, ipfw_insn *cmd, int cmdlen, struct ip *ip, uint16_t iplen) + /* * Each rule belongs to one of 32 different sets (0..31). * The variable set_disable contains one bit per set. Modified: soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h ============================================================================== --- soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h Mon Jul 14 10:16:28 2014 (r270818) +++ soc2014/dpl/netmap-ipfwjit/sys/netpfil/ipfw/ip_fw_rules.h Mon Jul 14 11:08:13 2014 (r270819) @@ -90,7 +90,6 @@ /* * Auxiliar functions. */ - static __inline int icmptype_match(struct icmphdr *icmp, ipfw_insn_u32 *cmd) { @@ -339,7 +338,7 @@ #ifdef INET6 /* - * ipv6 specific rules here... + * ipv6 specific aux funtions here... */ static __inline int icmp6type_match (int type, ipfw_insn_u32 *cmd) @@ -699,13 +698,13 @@ * Actions executed per-rule. */ -inline void +static inline void rule_nop(int *match) { *match = 1; } -inline void +static inline void rule_forward_mac(int opcode) { printf("ipfw: opcode %d unimplemented\n", @@ -713,7 +712,6 @@ } -/* XXX static inline void? */ static inline void rule_jail(int * match, u_short offset, uint8_t proto, ipfw_insn *cmd, struct ip_fw_args *args, int ucred_lookup, void *ucred_cache) { @@ -755,7 +753,7 @@ *match = iface_match(oif ? oif : m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, chain, tablearg); } -inline void +static inline void rule_macaddr2(int *match, struct ip_fw_args *args, ipfw_insn *cmd) { if (args->eh != NULL) { /* have MAC header */ @@ -773,7 +771,7 @@ } -inline void +static inline void rule_mac_type(int *match, struct ip_fw_args *args, ipfw_insn *cmd, int cmdlen, uint16_t etype) { if (args->eh != NULL) { @@ -789,26 +787,26 @@ } -inline void +static inline void rule_frag(int *match, u_short offset) { *match = (offset != 0); } -inline void +static inline void rule_in(int *match, struct ifnet *oif) { /* "out" is "not in" */ *match = (oif == NULL); } -inline void +static inline void rule_layer2(int *match, struct ip_fw_args * args) { *match = (args->eh != NULL); } -inline void +static inline void rule_diverted(int *match, struct ip_fw_args * args, ipfw_insn *cmd) { /* For diverted packets, args->rule.info @@ -820,7 +818,7 @@ cmd->arg1 & ((i & IPFW_INFO_IN) ? 1 : 2); } -inline void +static inline void rule_proto(int *match, uint8_t proto, ipfw_insn *cmd) { /* @@ -830,7 +828,7 @@ *match = (proto == cmd->arg1); } -inline void +static inline void rule_ip_src(int *match, int is_ipv4, ipfw_insn *cmd, struct in_addr *src_ip) { *match = is_ipv4 && @@ -913,8 +911,7 @@ } } - -inline void +static inline void rule_ip_dst_mask(int *match, int is_ipv4, ipfw_insn *cmd, int cmdlen, struct in_addr *dst_ip, struct in_addr *src_ip) { if (is_ipv4) { @@ -953,7 +950,7 @@ } #endif /* INET6 */ -inline void +static inline void rule_ip_src_set(int *match, int is_ipv4, ipfw_insn *cmd, struct ip_fw_args *args) { if (is_ipv4) { @@ -972,7 +969,7 @@ } } -inline void +static inline void rule_ip_dst(int *match, int is_ipv4, ipfw_insn *cmd, struct in_addr *dst_ip) { *match = is_ipv4 && @@ -1003,7 +1000,7 @@ } #endif /* INET6 */ -inline void +static inline void rule_ip_dstport(int *match, uint8_t proto, u_short offset, ipfw_insn *cmd, int cmdlen, uint16_t dst_port, uint16_t src_port) { /* @@ -1034,7 +1031,7 @@ } #ifdef INET6 -inline void +static inline void rule_icmp6type(int *match, u_short offset, int is_ipv6, uint8_t proto, void *ulp, ipfw_insn *cmd) { *match = is_ipv6 && offset == 0 && @@ -1054,14 +1051,14 @@ } -inline void +static inline void rule_ipver(int *match, int is_ipv4, ipfw_insn *cmd, struct ip *ip) { *match = (is_ipv4 && cmd->arg1 == ip->ip_v); } -inline void +static inline void rule_ipttl(int *match, int is_ipv4, ipfw_insn *cmd, int cmdlen, struct ip *ip, uint16_t iplen) { if (is_ipv4) { /* only for IP packets */ @@ -1087,7 +1084,7 @@ } } -inline void +static inline void rule_ipprecedence(int *match, int is_ipv4, ipfw_insn *cmd, struct ip *ip) { *match = (is_ipv4 && @@ -1101,7 +1098,7 @@ flags_match(cmd, ip->ip_tos)); } -inline void +static inline void rule_dscp(int *match, int is_ipv4, int is_ipv6, ipfw_insn *cmd, struct ip *ip) { uint32_t *p; @@ -1127,7 +1124,7 @@ *match = *p & (1 << x); } -inline void +static inline void rule_tcpdatalen(int *match, uint8_t proto, u_short offset, void *ulp, uint16_t iplen, int cmdlen, ipfw_insn *cmd, struct ip *ip) { if (proto == IPPROTO_TCP && offset == 0) { @@ -1182,7 +1179,7 @@ return (0); } -inline void +static inline void rule_tcpseq(int *match, uint8_t proto, u_short offset, ipfw_insn *cmd, void *ulp) { *match = (proto == IPPROTO_TCP && offset == 0 && @@ -1190,7 +1187,7 @@ TCP(ulp)->th_seq); } -inline void +static inline void rule_tcpack(int *match, uint8_t proto, u_short offset, ipfw_insn *cmd, void *ulp) { *match = (proto == IPPROTO_TCP && offset == 0 && @@ -1198,7 +1195,7 @@ TCP(ulp)->th_ack); } -inline void +static inline void rule_tcpwin(int *match, uint8_t proto, u_short offset, ipfw_insn *cmd, int cmdlen, void *ulp) { if (proto == IPPROTO_TCP && offset == 0) { @@ -1219,7 +1216,7 @@ } } -inline void +static inline void rule_estab(int *match, uint8_t proto, u_short offset, void *ulp) { /* reject packets which have SYN only */ @@ -1229,7 +1226,7 @@ (TH_RST | TH_ACK | TH_SYN)) != TH_SYN); } -inline void +static inline void rule_altq(int *match, ipfw_insn *cmd, struct mbuf *m, struct ip *ip) { struct pf_mtag *at; @@ -1261,7 +1258,7 @@ at->hdr = ip; } -inline void +static inline void rule_log(int *match, struct ip_fw *f, u_int hlen, struct ip_fw_args *args, struct mbuf *m, struct ifnet *oif, u_short offset, u_short ip6f_mf, uint32_t tablearg, struct ip *ip) { ipfw_log(f, hlen, args, m, @@ -1269,7 +1266,7 @@ *match = 1; } -inline void +static inline void rule_prob(int *match, ipfw_insn *cmd) { *match = (random()<((ipfw_insn_u32 *)cmd)->d[0]); @@ -1332,7 +1329,7 @@ } #ifdef IPSEC -inline void +static inline void rule_ipsec(int *match, m) { *match = (m_tag_find(m, @@ -1341,7 +1338,7 @@ #endif #ifdef INET6 -inline void +static inline void rule_ip6_src(int *match, int is_ipv6, struct ip_fw_args *args, ipfw_insn *cmd) { *match = is_ipv6 && @@ -1349,7 +1346,7 @@ &((ipfw_insn_ip6 *)cmd)->addr6); } -inline void +static inline void rule_ip6_dst(int *match, int is_ipv6, struct ip_fw_args *args, ipfw_insn *cmd) { *match = is_ipv6 && @@ -1357,7 +1354,7 @@ &((ipfw_insn_ip6 *)cmd)->addr6); } -inline void +static inline void rule_ip6_dst_mask(int *match, struct ip_fw_args *args, ipfw_insn *cmd, int cmdlen, int is_ipv6) { if (is_ipv6) { @@ -1389,27 +1386,27 @@ (ipfw_insn_u32 *) cmd); } -inline void +static inline void rule_ext_hdr(int *match, int is_ipv6, uint16_t ext_hd, ipfw_insn *cmd) { *match = is_ipv6 && (ext_hd & ((ipfw_insn *) cmd)->arg1); } -inline void +static inline void rule_ip6(int *match, int is_ipv6) { *match = is_ipv6; } #endif -inline void +static inline void rule_ip4(int *match, int is_ipv4) { *match = is_ipv4; } -inline void +static inline void rule_tag(int *match, ipfw_insn *cmd, struct mbuf *m, uint32_t tablearg) { struct m_tag *mtag; @@ -1440,14 +1437,14 @@ } } -inline void +static inline void rule_fib(int *match, struct ip_fw_args *args, ipfw_insn *cmd) { if (args->f_id.fib == cmd->arg1) *match = 1; } -inline void +static inline void rule_sockarg(int *match, int is_ipv6, uint8_t proto, struct in_addr *dst_ip, struct in_addr *src_ip, uint16_t dst_port, uint16_t src_port, struct ip_fw_args *args, uint32_t *tablearg) { #ifndef USERSPACE /* not supported in userspace */ @@ -1494,7 +1491,7 @@ #endif /* !USERSPACE */ } -inline void +static inline void rule_tagged(int *match, ipfw_insn *cmd, int cmdlen, struct mbuf *m, uint32_t tablearg) { struct m_tag *mtag; @@ -1528,7 +1525,7 @@ /* * The second sets of opcodes. They represent the actions of a rule. */ -inline void +static inline void rule_keep_state(int *match, struct ip_fw *f, ipfw_insn *cmd, struct ip_fw_args *args, uint32_t tablearg, int *retval, int *l, int *done) { if (ipfw_install_state(f, @@ -1541,7 +1538,7 @@ *match = 1; } -inline void +static inline void rule_check_state(int *match, int *dyn_dir, ipfw_dyn_rule *q, struct ip_fw_args *args, uint8_t proto, void *ulp, int pktlen, struct ip_fw *f, int *f_pos, struct ip_fw_chain *chain, ipfw_insn *cmd, int *cmdlen, int *l) { /* @@ -1590,7 +1587,7 @@ *match = 1; } -inline void +static inline void rule_accept(int *retval, int *l, int *done) { *retval = 0; /* accept */ @@ -1626,7 +1623,7 @@ args->rule.info = IP_FW_ARG_TABLEARG(cmd->arg1); } -inline void +static inline void rule_count(int *l, struct ip_fw *f, int pktlen) { IPFW_INC_RULE_COUNTER(f, pktlen); @@ -1792,7 +1789,7 @@ #endif /* INET6 */ -inline void +static inline void rule_deny(int *l, int *done, int *retval) { *retval = IP_FW_DENY; @@ -1800,7 +1797,7 @@ *done = 1; /* exit outer loop */ } -inline void +static inline void rule_forward_ip(struct ip_fw_args *args, ipfw_dyn_rule *q, struct ip_fw *f, int dyn_dir, ipfw_insn *cmd, uint32_t tablearg, int *retval, int *l, int *done) { if (args->eh) /* not valid on layer2 pkts */ @@ -1825,7 +1822,7 @@ } #ifdef INET6 -inline void +static inline void rule_forward_ip6(struct ip_fw_args *args, ipfw_dyn_rule *q, struct ip_fw *f, int dyn_dir, ipfw_insn *cmd, int *retval, int *l, int *done) { if (args->eh) /* not valid on layer2 pkts */ @@ -1856,7 +1853,7 @@ *done = 1; /* exit outer loop */ } -inline void +static inline void rule_setfib(struct ip_fw *f, int pktlen, uint32_t tablearg, ipfw_insn *cmd, struct mbuf *m, struct ip_fw_args *args, int *l) { uint32_t fib; @@ -1870,7 +1867,7 @@ *l = 0; /* exit inner loop */ } -inline void +static inline void rule_setdscp(ipfw_insn *cmd, struct ip *ip, int is_ipv4, int is_ipv6, uint32_t tablearg, struct ip_fw *f, int pktlen, int *l) { uint16_t code;