From owner-svn-src-projects@FreeBSD.ORG Wed Feb 29 14:50:17 2012 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D62881065673; Wed, 29 Feb 2012 14:50:17 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id BFB058FC0A; Wed, 29 Feb 2012 14:50:17 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q1TEoHGP031428; Wed, 29 Feb 2012 14:50:17 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q1TEoHIa031422; Wed, 29 Feb 2012 14:50:17 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201202291450.q1TEoHIa031422@svn.freebsd.org> From: Gleb Smirnoff Date: Wed, 29 Feb 2012 14:50:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org X-SVN-Group: projects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r232298 - projects/pf/head/sys/contrib/pf/net X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 14:50:17 -0000 Author: glebius Date: Wed Feb 29 14:50:17 2012 New Revision: 232298 URL: http://svn.freebsd.org/changeset/base/232298 Log: Make local functions static. Not only a perfectionism, but also improves readability and understanding of code. Modified: projects/pf/head/sys/contrib/pf/net/if_pflog.c projects/pf/head/sys/contrib/pf/net/if_pfsync.c projects/pf/head/sys/contrib/pf/net/if_pfsync.h projects/pf/head/sys/contrib/pf/net/pf.c projects/pf/head/sys/contrib/pf/net/pf_if.c projects/pf/head/sys/contrib/pf/net/pf_ioctl.c projects/pf/head/sys/contrib/pf/net/pf_lb.c projects/pf/head/sys/contrib/pf/net/pf_norm.c projects/pf/head/sys/contrib/pf/net/pf_osfp.c projects/pf/head/sys/contrib/pf/net/pf_ruleset.c projects/pf/head/sys/contrib/pf/net/pf_table.c projects/pf/head/sys/contrib/pf/net/pfvar.h Modified: projects/pf/head/sys/contrib/pf/net/if_pflog.c ============================================================================== --- projects/pf/head/sys/contrib/pf/net/if_pflog.c Wed Feb 29 14:44:42 2012 (r232297) +++ projects/pf/head/sys/contrib/pf/net/if_pflog.c Wed Feb 29 14:50:17 2012 (r232298) @@ -100,20 +100,20 @@ __FBSDID("$FreeBSD$"); #define DPRINTF(x) #endif -void pflogattach(int); -int pflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *, - struct route *); -int pflogioctl(struct ifnet *, u_long, caddr_t); -void pflogstart(struct ifnet *); -static int pflog_clone_create(struct if_clone *, int, caddr_t); -static void pflog_clone_destroy(struct ifnet *); +static int pflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *, + struct route *); +static void pflogattach(int); +static int pflogioctl(struct ifnet *, u_long, caddr_t); +static void pflogstart(struct ifnet *); +static int pflog_clone_create(struct if_clone *, int, caddr_t); +static void pflog_clone_destroy(struct ifnet *); LIST_HEAD(, pflog_softc) pflogif_list; IFC_SIMPLE_DECLARE(pflog, 1); struct ifnet *pflogifs[PFLOGIFS_MAX]; /* for fast access */ -void +static void pflogattach(int npflog) { int i; @@ -186,7 +186,7 @@ pflog_clone_destroy(struct ifnet *ifp) /* * Start output on the pflog interface. */ -void +static void pflogstart(struct ifnet *ifp) { struct mbuf *m; @@ -204,7 +204,7 @@ pflogstart(struct ifnet *ifp) } } -int +static int pflogoutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, struct route *rt) { @@ -213,7 +213,7 @@ pflogoutput(struct ifnet *ifp, struct mb } /* ARGSUSED */ -int +static int pflogioctl(struct ifnet *ifp, u_long cmd, caddr_t data) { switch (cmd) { @@ -230,7 +230,7 @@ pflogioctl(struct ifnet *ifp, u_long cmd return (0); } -int +static int pflog_packet(struct pfi_kif *kif, struct mbuf *m, sa_family_t af, u_int8_t dir, u_int8_t reason, struct pf_rule *rm, struct pf_rule *am, struct pf_ruleset *ruleset, struct pf_pdesc *pd) Modified: projects/pf/head/sys/contrib/pf/net/if_pfsync.c ============================================================================== --- projects/pf/head/sys/contrib/pf/net/if_pfsync.c Wed Feb 29 14:44:42 2012 (r232297) +++ projects/pf/head/sys/contrib/pf/net/if_pfsync.c Wed Feb 29 14:50:17 2012 (r232298) @@ -122,26 +122,22 @@ struct pfsync_pkt { u_int8_t flags; }; -int pfsync_input_hmac(struct mbuf *, int); +static int pfsync_upd_tcp(struct pf_state *, struct pfsync_state_peer *, + struct pfsync_state_peer *); +static int pfsync_in_clr(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_ins(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_iack(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_upd(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_upd_c(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_ureq(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_del(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_del_c(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_bus(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_tdb(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_eof(struct pfsync_pkt *, struct mbuf *, int, int); +static int pfsync_in_error(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_upd_tcp(struct pf_state *, struct pfsync_state_peer *, - struct pfsync_state_peer *); - -int pfsync_in_clr(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_ins(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_iack(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_upd(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_upd_c(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_ureq(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_del(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_del_c(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_bus(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_tdb(struct pfsync_pkt *, struct mbuf *, int, int); -int pfsync_in_eof(struct pfsync_pkt *, struct mbuf *, int, int); - -int pfsync_in_error(struct pfsync_pkt *, struct mbuf *, int, int); - -int (*pfsync_acts[])(struct pfsync_pkt *, struct mbuf *, int, int) = { +static int (*pfsync_acts[])(struct pfsync_pkt *, struct mbuf *, int, int) = { pfsync_in_clr, /* PFSYNC_ACT_CLR */ pfsync_in_ins, /* PFSYNC_ACT_INS */ pfsync_in_iack, /* PFSYNC_ACT_INS_ACK */ @@ -164,12 +160,12 @@ struct pfsync_q { }; /* we have one of these for every PFSYNC_S_ */ -int pfsync_out_state(struct pf_state *, struct mbuf *, int); -int pfsync_out_iack(struct pf_state *, struct mbuf *, int); -int pfsync_out_upd_c(struct pf_state *, struct mbuf *, int); -int pfsync_out_del(struct pf_state *, struct mbuf *, int); +static int pfsync_out_state(struct pf_state *, struct mbuf *, int); +static int pfsync_out_iack(struct pf_state *, struct mbuf *, int); +static int pfsync_out_upd_c(struct pf_state *, struct mbuf *, int); +static int pfsync_out_del(struct pf_state *, struct mbuf *, int); -struct pfsync_q pfsync_qs[] = { +static struct pfsync_q pfsync_qs[] = { { pfsync_out_state, sizeof(struct pfsync_state), PFSYNC_ACT_INS }, { pfsync_out_iack, sizeof(struct pfsync_ins_ack), PFSYNC_ACT_INS_ACK }, { pfsync_out_state, sizeof(struct pfsync_state), PFSYNC_ACT_UPD }, @@ -177,8 +173,10 @@ struct pfsync_q pfsync_qs[] = { { pfsync_out_del, sizeof(struct pfsync_del_c), PFSYNC_ACT_DEL_C } }; -void pfsync_q_ins(struct pf_state *, int); -void pfsync_q_del(struct pf_state *); +static void pfsync_q_ins(struct pf_state *, int); +static void pfsync_q_del(struct pf_state *); + +static void pfsync_update_state(struct pf_state *); struct pfsync_upd_req_item { TAILQ_ENTRY(pfsync_upd_req_item) ur_entry; @@ -198,7 +196,7 @@ TAILQ_HEAD(pfsync_deferrals, pfsync_defe sizeof(struct pfsync_deferral)) #ifdef notyet -int pfsync_out_tdb(struct tdb *, struct mbuf *, int); +static int pfsync_out_tdb(struct tdb *, struct mbuf *, int); #endif struct pfsync_softc { @@ -266,36 +264,37 @@ SYSCTL_VNET_STRUCT(_net_pfsync, OID_AUTO SYSCTL_INT(_net_pfsync, OID_AUTO, carp_demotion_factor, CTLFLAG_RW, &VNET_NAME(pfsync_carp_adj), 0, "pfsync's CARP demotion factor adjustment"); -void pfsyncattach(int); -int pfsync_clone_create(struct if_clone *, int, caddr_t); -void pfsync_clone_destroy(struct ifnet *); -int pfsync_alloc_scrub_memory(struct pfsync_state_peer *, - struct pf_state_peer *); -void pfsync_update_net_tdb(struct pfsync_tdb *); -int pfsyncoutput(struct ifnet *, struct mbuf *, struct sockaddr *, - struct route *); -int pfsyncioctl(struct ifnet *, u_long, caddr_t); -void pfsyncstart(struct ifnet *); - -struct mbuf *pfsync_if_dequeue(struct ifnet *); - -void pfsync_deferred(struct pf_state *, int); -void pfsync_undefer(struct pfsync_deferral *, int); -void pfsync_defer_tmo(void *); - -void pfsync_request_update(u_int32_t, u_int64_t); -void pfsync_update_state_req(struct pf_state *); - -void pfsync_drop(struct pfsync_softc *); -void pfsync_sendout(void); -void pfsync_send_plus(void *, size_t); -void pfsync_timeout(void *); -void pfsync_tdb_timeout(void *); - -void pfsync_bulk_start(void); -void pfsync_bulk_status(u_int8_t); -void pfsync_bulk_update(void *); -void pfsync_bulk_fail(void *); +static int pfsync_clone_create(struct if_clone *, int, caddr_t); +static void pfsync_clone_destroy(struct ifnet *); +static int pfsync_alloc_scrub_memory(struct pfsync_state_peer *, + struct pf_state_peer *); +static int pfsyncoutput(struct ifnet *, struct mbuf *, struct sockaddr *, + struct route *); +static int pfsyncioctl(struct ifnet *, u_long, caddr_t); +static void pfsyncstart(struct ifnet *); + +static struct mbuf *pfsync_if_dequeue(struct ifnet *); + +static void pfsync_deferred(struct pf_state *, int); +static void pfsync_undefer(struct pfsync_deferral *, int); +static void pfsync_defer_tmo(void *); + +static void pfsync_request_update(u_int32_t, u_int64_t); +static void pfsync_update_state_req(struct pf_state *); + +static void pfsync_drop(struct pfsync_softc *); +static void pfsync_sendout(void); +static void pfsync_send_plus(void *, size_t); +static void pfsync_timeout(void *); + +static void pfsync_bulk_start(void); +static void pfsync_bulk_status(u_int8_t); +static void pfsync_bulk_update(void *); +static void pfsync_bulk_fail(void *); + +#ifdef IPSEC +static void pfsync_update_net_tdb(struct pfsync_tdb *); +#endif #define PFSYNC_MAX_BULKTRIES 12 @@ -305,12 +304,7 @@ VNET_DEFINE(struct if_clone, pfsync_clon #define V_pfsync_cloner VNET(pfsync_cloner) IFC_SIMPLE_DECLARE(pfsync, 1); -void -pfsyncattach(int npfsync) -{ - if_clone_attach(&pfsync_cloner); -} -int +static int pfsync_clone_create(struct if_clone *ifc, int unit, caddr_t param) { struct pfsync_softc *sc; @@ -368,7 +362,7 @@ pfsync_clone_create(struct if_clone *ifc return (0); } -void +static void pfsync_clone_destroy(struct ifnet *ifp) { struct pfsync_softc *sc = ifp->if_softc; @@ -400,7 +394,7 @@ pfsync_clone_destroy(struct ifnet *ifp) } -struct mbuf * +static struct mbuf * pfsync_if_dequeue(struct ifnet *ifp) { struct mbuf *m; @@ -416,7 +410,7 @@ pfsync_if_dequeue(struct ifnet *ifp) /* * Start output on the pfsync interface. */ -void +static void pfsyncstart(struct ifnet *ifp) { struct mbuf *m; @@ -426,7 +420,7 @@ pfsyncstart(struct ifnet *ifp) } } -int +static int pfsync_alloc_scrub_memory(struct pfsync_state_peer *s, struct pf_state_peer *d) { @@ -440,7 +434,7 @@ pfsync_alloc_scrub_memory(struct pfsync_ } -int +static int pfsync_state_import(struct pfsync_state *sp, u_int8_t flags) { struct pf_state *st = NULL; @@ -597,7 +591,7 @@ cleanup_state: /* pf_state_insert frees return (error); } -void +static void pfsync_input(struct mbuf *m, __unused int off) { struct pfsync_softc *sc = V_pfsyncif; @@ -650,13 +644,6 @@ pfsync_input(struct mbuf *m, __unused in goto done; } -#if 0 - if (pfsync_input_hmac(m, offset) != 0) { - /* XXX stats */ - goto done; - } -#endif - /* Cheaper to grab this now than having to mess with mbufs later */ pkt.ip = ip; pkt.src = ip->ip_src; @@ -687,7 +674,7 @@ done: m_freem(m); } -int +static int pfsync_in_clr(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct pfsync_clr *clr; @@ -744,7 +731,7 @@ pfsync_in_clr(struct pfsync_pkt *pkt, st return (len); } -int +static int pfsync_in_ins(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct mbuf *mp; @@ -787,7 +774,7 @@ pfsync_in_ins(struct pfsync_pkt *pkt, st return (len); } -int +static int pfsync_in_iack(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct pfsync_ins_ack *ia, *iaa; @@ -828,7 +815,7 @@ pfsync_in_iack(struct pfsync_pkt *pkt, s return (count * sizeof(struct pfsync_ins_ack)); } -int +static int pfsync_upd_tcp(struct pf_state *st, struct pfsync_state_peer *src, struct pfsync_state_peer *dst) { @@ -862,7 +849,7 @@ pfsync_upd_tcp(struct pf_state *st, stru return (sfail); } -int +static int pfsync_in_upd(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct pfsync_state *sa, *sp; @@ -953,7 +940,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, st return (len); } -int +static int pfsync_in_upd_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct pfsync_upd_c *ua, *up; @@ -1044,7 +1031,7 @@ pfsync_in_upd_c(struct pfsync_pkt *pkt, return (len); } -int +static int pfsync_in_ureq(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct pfsync_upd_req *ur, *ura; @@ -1088,7 +1075,7 @@ pfsync_in_ureq(struct pfsync_pkt *pkt, s return (len); } -int +static int pfsync_in_del(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct mbuf *mp; @@ -1125,7 +1112,7 @@ pfsync_in_del(struct pfsync_pkt *pkt, st return (len); } -int +static int pfsync_in_del_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct mbuf *mp; @@ -1163,7 +1150,7 @@ pfsync_in_del_c(struct pfsync_pkt *pkt, return (len); } -int +static int pfsync_in_bus(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct pfsync_softc *sc = V_pfsyncif; @@ -1219,7 +1206,7 @@ pfsync_in_bus(struct pfsync_pkt *pkt, st return (len); } -int +static int pfsync_in_tdb(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { int len = count * sizeof(struct pfsync_tdb); @@ -1249,7 +1236,7 @@ pfsync_in_tdb(struct pfsync_pkt *pkt, st #if defined(IPSEC) /* Update an in-kernel tdb. Silently fail if no tdb is found. */ -void +static void pfsync_update_net_tdb(struct pfsync_tdb *pt) { struct tdb *tdb; @@ -1287,7 +1274,7 @@ bad: #endif -int +static int pfsync_in_eof(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { /* check if we are at the right place in the packet */ @@ -1299,7 +1286,7 @@ pfsync_in_eof(struct pfsync_pkt *pkt, st return (-1); } -int +static int pfsync_in_error(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { V_pfsyncstats.pfsyncs_badact++; @@ -1308,7 +1295,7 @@ pfsync_in_error(struct pfsync_pkt *pkt, return (-1); } -int +static int pfsyncoutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, struct route *rt) { @@ -1317,7 +1304,7 @@ pfsyncoutput(struct ifnet *ifp, struct m } /* ARGSUSED */ -int +static int pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) { struct pfsync_softc *sc = ifp->if_softc; @@ -1448,7 +1435,7 @@ pfsyncioctl(struct ifnet *ifp, u_long cm return (0); } -int +static int pfsync_out_state(struct pf_state *st, struct mbuf *m, int offset) { struct pfsync_state *sp = (struct pfsync_state *)(m->m_data + offset); @@ -1458,7 +1445,7 @@ pfsync_out_state(struct pf_state *st, st return (sizeof(*sp)); } -int +static int pfsync_out_iack(struct pf_state *st, struct mbuf *m, int offset) { struct pfsync_ins_ack *iack = @@ -1470,7 +1457,7 @@ pfsync_out_iack(struct pf_state *st, str return (sizeof(*iack)); } -int +static int pfsync_out_upd_c(struct pf_state *st, struct mbuf *m, int offset) { struct pfsync_upd_c *up = (struct pfsync_upd_c *)(m->m_data + offset); @@ -1492,7 +1479,7 @@ pfsync_out_upd_c(struct pf_state *st, st return (sizeof(*up)); } -int +static int pfsync_out_del(struct pf_state *st, struct mbuf *m, int offset) { struct pfsync_del_c *dp = (struct pfsync_del_c *)(m->m_data + offset); @@ -1505,7 +1492,7 @@ pfsync_out_del(struct pf_state *st, stru return (sizeof(*dp)); } -void +static void pfsync_drop(struct pfsync_softc *sc) { struct pf_state *st; @@ -1549,7 +1536,8 @@ pfsync_drop(struct pfsync_softc *sc) sc->sc_len = PFSYNC_MINPKT; } -void pfsync_sendout() +static void +pfsync_sendout() { pfsync_sendout1(1); } @@ -1730,7 +1718,7 @@ pfsync_sendout1(int schedswi) swi_sched(V_pfsync_swi_cookie, 0); } -void +static void pfsync_insert_state(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; @@ -1763,9 +1751,9 @@ pfsync_insert_state(struct pf_state *st) st->sync_updates = 0; } -int defer = 10; +static int defer = 10; -int +static int pfsync_defer(struct pf_state *st, struct mbuf *m) { struct pfsync_softc *sc = V_pfsyncif; @@ -1795,7 +1783,7 @@ pfsync_defer(struct pf_state *st, struct return (1); } -void +static void pfsync_undefer(struct pfsync_deferral *pd, int drop) { struct pfsync_softc *sc = V_pfsyncif; @@ -1820,7 +1808,7 @@ pfsync_undefer(struct pfsync_deferral *p uma_zfree(sc->sc_pool, pd); } -void +static void pfsync_defer_tmo(void *arg) { #ifdef VIMAGE @@ -1834,7 +1822,7 @@ pfsync_defer_tmo(void *arg) CURVNET_RESTORE(); } -void +static void pfsync_deferred(struct pf_state *st, int drop) { struct pfsync_softc *sc = V_pfsyncif; @@ -1850,9 +1838,9 @@ pfsync_deferred(struct pf_state *st, int panic("pfsync_send_deferred: unable to find deferred state"); } -u_int pfsync_upds = 0; +static u_int pfsync_upds = 0; -void +static void pfsync_update_state(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; @@ -1906,7 +1894,7 @@ pfsync_update_state(struct pf_state *st) } } -void +static void pfsync_request_update(u_int32_t creatorid, u_int64_t id) { struct pfsync_softc *sc = V_pfsyncif; @@ -1945,7 +1933,7 @@ pfsync_request_update(u_int32_t creatori schednetisr(NETISR_PFSYNC); } -void +static void pfsync_update_state_req(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; @@ -1981,7 +1969,7 @@ pfsync_update_state_req(struct pf_state } } -void +static void pfsync_delete_state(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; @@ -2025,7 +2013,7 @@ pfsync_delete_state(struct pf_state *st) } } -void +static void pfsync_clear_states(u_int32_t creatorid, const char *ifname) { struct { @@ -2051,7 +2039,7 @@ pfsync_clear_states(u_int32_t creatorid, pfsync_send_plus(&r, sizeof(r)); } -void +static void pfsync_q_ins(struct pf_state *st, int q) { struct pfsync_softc *sc = V_pfsyncif; @@ -2078,7 +2066,7 @@ pfsync_q_ins(struct pf_state *st, int q) st->sync_state = q; } -void +static void pfsync_q_del(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; @@ -2096,7 +2084,7 @@ pfsync_q_del(struct pf_state *st) } #ifdef notyet -void +static void pfsync_update_tdb(struct tdb *t, int output) { struct pfsync_softc *sc = V_pfsyncif; @@ -2134,7 +2122,7 @@ pfsync_update_tdb(struct tdb *t, int out CLR(t->tdb_flags, TDBF_PFSYNC_RPL); } -void +static void pfsync_delete_tdb(struct tdb *t) { struct pfsync_softc *sc = V_pfsyncif; @@ -2150,7 +2138,7 @@ pfsync_delete_tdb(struct tdb *t) sc->sc_len -= sizeof(struct pfsync_subheader); } -int +static int pfsync_out_tdb(struct tdb *t, struct mbuf *m, int offset) { struct pfsync_tdb *ut = (struct pfsync_tdb *)(m->m_data + offset); @@ -2185,7 +2173,7 @@ pfsync_out_tdb(struct tdb *t, struct mbu } #endif -void +static void pfsync_bulk_start(void) { struct pfsync_softc *sc = V_pfsyncif; @@ -2207,7 +2195,7 @@ pfsync_bulk_start(void) } } -void +static void pfsync_bulk_update(void *arg) { struct pfsync_softc *sc = arg; @@ -2250,7 +2238,7 @@ pfsync_bulk_update(void *arg) CURVNET_RESTORE(); } -void +static void pfsync_bulk_status(u_int8_t status) { struct { @@ -2274,7 +2262,7 @@ pfsync_bulk_status(u_int8_t status) pfsync_send_plus(&r, sizeof(r)); } -void +static void pfsync_bulk_fail(void *arg) { struct pfsync_softc *sc = arg; @@ -2303,7 +2291,7 @@ pfsync_bulk_fail(void *arg) CURVNET_RESTORE(); } -void +static void pfsync_send_plus(void *plus, size_t pluslen) { struct pfsync_softc *sc = V_pfsyncif; @@ -2320,7 +2308,7 @@ pfsync_send_plus(void *plus, size_t plus pfsync_sendout(); } -int +static int pfsync_up(void) { struct pfsync_softc *sc = V_pfsyncif; @@ -2331,7 +2319,7 @@ pfsync_up(void) return (1); } -int +static int pfsync_state_in_use(struct pf_state *st) { struct pfsync_softc *sc = V_pfsyncif; @@ -2347,10 +2335,10 @@ pfsync_state_in_use(struct pf_state *st) return (0); } -u_int pfsync_ints; -u_int pfsync_tmos; +static u_int pfsync_ints; +static u_int pfsync_tmos; -void +static void pfsync_timeout(void *arg) { #ifdef VIMAGE @@ -2369,7 +2357,7 @@ pfsync_timeout(void *arg) } /* this is a softnet/netisr handler */ -void +static void pfsyncintr(void *arg) { struct pfsync_softc *sc = arg; @@ -2397,12 +2385,12 @@ pfsyncintr(void *arg) CURVNET_RESTORE(); } -int +#ifdef notyet +static int pfsync_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, size_t newlen) { -#ifdef notyet /* All sysctl names at this level are terminal. */ if (namelen != 1) return (ENOTDIR); @@ -2414,9 +2402,9 @@ pfsync_sysctl(int *name, u_int namelen, return (sysctl_struct(oldp, oldlenp, newp, newlen, &V_pfsyncstats, sizeof(V_pfsyncstats))); } -#endif return (ENOPROTOOPT); } +#endif static int pfsync_multicast_setup(struct pfsync_softc *sc) Modified: projects/pf/head/sys/contrib/pf/net/if_pfsync.h ============================================================================== --- projects/pf/head/sys/contrib/pf/net/if_pfsync.h Wed Feb 29 14:44:42 2012 (r232297) +++ projects/pf/head/sys/contrib/pf/net/if_pfsync.h Wed Feb 29 14:50:17 2012 (r232298) @@ -286,29 +286,10 @@ struct pfsyncreq { #define PFSYNC_S_DEFER 0xfe #define PFSYNC_S_NONE 0xff -void pfsync_input(struct mbuf *, __unused int); -int pfsync_sysctl(int *, u_int, void *, size_t *, - void *, size_t); - #define PFSYNC_SI_IOCTL 0x01 #define PFSYNC_SI_CKSUM 0x02 #define PFSYNC_SI_ACK 0x04 -int pfsync_state_import(struct pfsync_state *, u_int8_t); - -void pfsync_insert_state(struct pf_state *); -void pfsync_update_state(struct pf_state *); -void pfsync_delete_state(struct pf_state *); -void pfsync_clear_states(u_int32_t, const char *); - -#ifdef notyet -void pfsync_update_tdb(struct tdb *, int); -void pfsync_delete_tdb(struct tdb *); -#endif - -int pfsync_defer(struct pf_state *, struct mbuf *); -int pfsync_up(void); -int pfsync_state_in_use(struct pf_state *); -#endif +#endif /* _KERNEL */ #endif /* _NET_IF_PFSYNC_H_ */ Modified: projects/pf/head/sys/contrib/pf/net/pf.c ============================================================================== --- projects/pf/head/sys/contrib/pf/net/pf.c Wed Feb 29 14:44:42 2012 (r232297) +++ projects/pf/head/sys/contrib/pf/net/pf.c Wed Feb 29 14:50:17 2012 (r232298) @@ -163,25 +163,26 @@ VNET_DEFINE(uma_zone_t, pf_state_key_pl VNET_DEFINE(uma_zone_t, pf_state_item_pl); VNET_DEFINE(uma_zone_t, pf_altq_pl); -void pf_init_threshold(struct pf_threshold *, u_int32_t, +static void pf_src_tree_remove_state(struct pf_state *); +static void pf_init_threshold(struct pf_threshold *, u_int32_t, u_int32_t); -void pf_add_threshold(struct pf_threshold *); -int pf_check_threshold(struct pf_threshold *); +static void pf_add_threshold(struct pf_threshold *); +static int pf_check_threshold(struct pf_threshold *); -void pf_change_ap(struct pf_addr *, u_int16_t *, +static void pf_change_ap(struct pf_addr *, u_int16_t *, u_int16_t *, u_int16_t *, struct pf_addr *, u_int16_t, u_int8_t, sa_family_t); -int pf_modulate_sack(struct mbuf *, int, struct pf_pdesc *, +static int pf_modulate_sack(struct mbuf *, int, struct pf_pdesc *, struct tcphdr *, struct pf_state_peer *); #ifdef INET6 -void pf_change_a6(struct pf_addr *, u_int16_t *, +static void pf_change_a6(struct pf_addr *, u_int16_t *, struct pf_addr *, u_int8_t); #endif /* INET6 */ -void pf_change_icmp(struct pf_addr *, u_int16_t *, +static void pf_change_icmp(struct pf_addr *, u_int16_t *, struct pf_addr *, struct pf_addr *, u_int16_t, u_int16_t *, u_int16_t *, u_int16_t *, u_int16_t *, u_int8_t, sa_family_t); -void pf_send_tcp(struct mbuf *, +static void pf_send_tcp(struct mbuf *, const struct pf_rule *, sa_family_t, const struct pf_addr *, const struct pf_addr *, u_int16_t, u_int16_t, u_int32_t, u_int32_t, @@ -189,10 +190,12 @@ void pf_send_tcp(struct mbuf *, u_int16_t, struct ether_header *, struct ifnet *); static void pf_send_icmp(struct mbuf *, u_int8_t, u_int8_t, sa_family_t, struct pf_rule *); -void pf_detach_state(struct pf_state *); -void pf_state_key_detach(struct pf_state *, int); -u_int32_t pf_tcp_iss(struct pf_pdesc *); -int pf_test_rule(struct pf_rule **, struct pf_state **, +static void pf_detach_state(struct pf_state *); +static int pf_state_key_attach(struct pf_state_key *, + struct pf_state *, int); +static void pf_state_key_detach(struct pf_state *, int); +static u_int32_t pf_tcp_iss(struct pf_pdesc *); +static int pf_test_rule(struct pf_rule **, struct pf_state **, int, struct pfi_kif *, struct mbuf *, int, void *, struct pf_pdesc *, struct pf_rule **, struct pf_ruleset **, struct ifqueue *, @@ -205,55 +208,60 @@ static __inline int pf_create_state(str u_int16_t, u_int16_t, int *, struct pfi_kif *, struct pf_state **, int, u_int16_t, u_int16_t, int); -int pf_test_fragment(struct pf_rule **, int, +static int pf_test_fragment(struct pf_rule **, int, struct pfi_kif *, struct mbuf *, void *, struct pf_pdesc *, struct pf_rule **, struct pf_ruleset **); -int pf_tcp_track_full(struct pf_state_peer *, +static int pf_tcp_track_full(struct pf_state_peer *, struct pf_state_peer *, struct pf_state **, struct pfi_kif *, struct mbuf *, int, struct pf_pdesc *, u_short *, int *); -int pf_tcp_track_sloppy(struct pf_state_peer *, +static int pf_tcp_track_sloppy(struct pf_state_peer *, struct pf_state_peer *, struct pf_state **, struct pf_pdesc *, u_short *); -int pf_test_state_tcp(struct pf_state **, int, +static int pf_test_state_tcp(struct pf_state **, int, struct pfi_kif *, struct mbuf *, int, void *, struct pf_pdesc *, u_short *); -int pf_test_state_udp(struct pf_state **, int, +static int pf_test_state_udp(struct pf_state **, int, struct pfi_kif *, struct mbuf *, int, void *, struct pf_pdesc *); -int pf_test_state_icmp(struct pf_state **, int, +static int pf_test_state_icmp(struct pf_state **, int, struct pfi_kif *, struct mbuf *, int, void *, struct pf_pdesc *, u_short *); -int pf_test_state_other(struct pf_state **, int, +static int pf_test_state_other(struct pf_state **, int, struct pfi_kif *, struct mbuf *, struct pf_pdesc *); -void pf_route(struct mbuf **, struct pf_rule *, int, +static void pf_route(struct mbuf **, struct pf_rule *, int, struct ifnet *, struct pf_state *, struct pf_pdesc *); -void pf_route6(struct mbuf **, struct pf_rule *, int, +static void pf_route6(struct mbuf **, struct pf_rule *, int, struct ifnet *, struct pf_state *, struct pf_pdesc *); -u_int8_t pf_get_wscale(struct mbuf *, int, u_int16_t, +static int pf_socket_lookup(int, struct pf_pdesc *, + struct inpcb *); +static u_int8_t pf_get_wscale(struct mbuf *, int, u_int16_t, sa_family_t); -u_int16_t pf_get_mss(struct mbuf *, int, u_int16_t, +static u_int16_t pf_get_mss(struct mbuf *, int, u_int16_t, sa_family_t); -u_int16_t pf_calc_mss(struct pf_addr *, sa_family_t, +static u_int16_t pf_calc_mss(struct pf_addr *, sa_family_t, int, u_int16_t); -void pf_set_rt_ifp(struct pf_state *, +static void pf_set_rt_ifp(struct pf_state *, struct pf_addr *); -int pf_check_proto_cksum(struct mbuf *, int, int, +static int pf_check_proto_cksum(struct mbuf *, int, int, u_int8_t, sa_family_t); -void pf_print_state_parts(struct pf_state *, +static void pf_print_state_parts(struct pf_state *, struct pf_state_key *, struct pf_state_key *); -int pf_addr_wrap_neq(struct pf_addr_wrap *, +static int pf_addr_wrap_neq(struct pf_addr_wrap *, struct pf_addr_wrap *); -int pf_compare_state_keys(struct pf_state_key *, +static int pf_compare_state_keys(struct pf_state_key *, struct pf_state_key *, struct pfi_kif *, u_int); -struct pf_state *pf_find_state(struct pfi_kif *, +static struct pf_state *pf_find_state(struct pfi_kif *, struct pf_state_key_cmp *, u_int, struct mbuf *, struct pf_mtag *); -int pf_src_connlimit(struct pf_state **); -int pf_check_congestion(struct ifqueue *); +static int pf_src_connlimit(struct pf_state **); +static int pf_insert_src_node(struct pf_src_node **, + struct pf_rule *, struct pf_addr *, sa_family_t); +static int pf_check_congestion(struct ifqueue *); +static int pf_purge_expired_states(u_int32_t , int); int in4_cksum(struct mbuf *m, u_int8_t nxt, int off, int len); @@ -390,7 +398,7 @@ pf_addrcpy(struct pf_addr *dst, struct p } #endif /* INET6 */ -void +static void pf_init_threshold(struct pf_threshold *threshold, u_int32_t limit, u_int32_t seconds) { @@ -400,7 +408,7 @@ pf_init_threshold(struct pf_threshold *t threshold->last = time_second; } -void +static void pf_add_threshold(struct pf_threshold *threshold) { u_int32_t t = time_second, diff = t - threshold->last; @@ -414,13 +422,13 @@ pf_add_threshold(struct pf_threshold *th threshold->last = t; } -int +static int pf_check_threshold(struct pf_threshold *threshold) { return (threshold->count > threshold->limit); } -int +static int pf_src_connlimit(struct pf_state **state) { int bad = 0; @@ -519,7 +527,7 @@ pf_src_connlimit(struct pf_state **state return (1); } -int +static int pf_insert_src_node(struct pf_src_node **sn, struct pf_rule *rule, struct pf_addr *src, sa_family_t af) { @@ -667,7 +675,7 @@ pf_state_compare_id(struct pf_state *a, return (0); } -int +static int pf_state_key_attach(struct pf_state_key *sk, struct pf_state *s, int idx) { struct pf_state_item *si; @@ -735,7 +743,7 @@ pf_state_key_attach(struct pf_state_key return (0); } -void +static void pf_detach_state(struct pf_state *s) { if (s->key[PF_SK_WIRE] == s->key[PF_SK_STACK]) @@ -748,7 +756,7 @@ pf_detach_state(struct pf_state *s) pf_state_key_detach(s, PF_SK_WIRE); } -void +static void pf_state_key_detach(struct pf_state *s, int idx) { struct pf_state_item *si; @@ -884,7 +892,7 @@ pf_find_state_byid(struct pf_state_cmp * } /* XXX debug function, intended to be removed one day */ -int +static int pf_compare_state_keys(struct pf_state_key *a, struct pf_state_key *b, struct pfi_kif *kif, u_int dir) { *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***