Date: Sat, 5 Dec 2009 12:51:51 +0000 (UTC) From: Luigi Rizzo <luigi@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r200119 - in stable/8/sys/netinet: . ipfw Message-ID: <200912051251.nB5CppHl088023@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: luigi Date: Sat Dec 5 12:51:51 2009 New Revision: 200119 URL: http://svn.freebsd.org/changeset/base/200119 Log: some simple MFC: r200020: change the type of the opcode from enum *:8 to u_int8_t so the size and alignment of the ipfw_insn is not compiler dependent. No changes in the code generated by gcc. r200023: Add new sockopt names for ipfw and dummynet. This commit is just grabbing entries for the new names that will be used in the future, so you don't need to rebuild anything now. r200034 Dispatch sockopt calls to ipfw and dummynet using the new option numbers, IP_FW3 and IP_DUMMYNET3. Right now the modules return an error if called with those arguments so there is no danger of unwanted behaviour. r200040 - initialize src_ip in the main loop to prevent a compiler warning (gcc 4.x under linux, not sure how real is the complaint). - rename a macro argument to prevent name clashes. - add the macro name on a couple of #endif - add a blank line for readability. Modified: stable/8/sys/netinet/in.h stable/8/sys/netinet/ip_fw.h stable/8/sys/netinet/ipfw/ip_fw2.c stable/8/sys/netinet/raw_ip.c Modified: stable/8/sys/netinet/in.h ============================================================================== --- stable/8/sys/netinet/in.h Sat Dec 5 11:51:32 2009 (r200118) +++ stable/8/sys/netinet/in.h Sat Dec 5 12:51:51 2009 (r200119) @@ -443,12 +443,20 @@ __END_DECLS #define IP_ONESBCAST 23 /* bool: send all-ones broadcast */ #define IP_BINDANY 24 /* bool: allow bind to any address */ +/* + * Options for controlling the firewall and dummynet. + * Historical options (from 40 to 64) will eventually be + * replaced by only two options, IP_FW3 and IP_DUMMYNET3. + */ #define IP_FW_TABLE_ADD 40 /* add entry */ #define IP_FW_TABLE_DEL 41 /* delete entry */ #define IP_FW_TABLE_FLUSH 42 /* flush table */ #define IP_FW_TABLE_GETSIZE 43 /* get table size */ #define IP_FW_TABLE_LIST 44 /* list table contents */ +#define IP_FW3 48 /* generic ipfw v.3 sockopts */ +#define IP_DUMMYNET3 49 /* generic dummynet v.3 sockopts */ + #define IP_FW_ADD 50 /* add a firewall rule to chain */ #define IP_FW_DEL 51 /* delete a firewall rule from chain */ #define IP_FW_FLUSH 52 /* flush firewall rule chain */ Modified: stable/8/sys/netinet/ip_fw.h ============================================================================== --- stable/8/sys/netinet/ip_fw.h Sat Dec 5 11:51:32 2009 (r200118) +++ stable/8/sys/netinet/ip_fw.h Sat Dec 5 12:51:51 2009 (r200119) @@ -237,7 +237,7 @@ enum ipfw_opcodes { /* arguments (4 byt * */ typedef struct _ipfw_insn { /* template for instructions */ - enum ipfw_opcodes opcode:8; + u_int8_t opcode; u_int8_t len; /* number of 32-bit words */ #define F_NOT 0x80 #define F_OR 0x40 Modified: stable/8/sys/netinet/ipfw/ip_fw2.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw2.c Sat Dec 5 11:51:32 2009 (r200118) +++ stable/8/sys/netinet/ipfw/ip_fw2.c Sat Dec 5 12:51:51 2009 (r200119) @@ -185,6 +185,7 @@ SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, de &default_to_accept, 0, "Make the default rule accept all packets."); TUNABLE_INT("net.inet.ip.fw.default_to_accept", &default_to_accept); + #ifdef INET6 SYSCTL_DECL(_net_inet6_ip6); SYSCTL_NODE(_net_inet6_ip6, OID_AUTO, fw, CTLFLAG_RW, 0, "Firewall"); @@ -194,8 +195,9 @@ SYSCTL_VNET_PROC(_net_inet6_ip6_fw, OID_ SYSCTL_VNET_INT(_net_inet6_ip6_fw, OID_AUTO, deny_unknown_exthdrs, CTLFLAG_RW | CTLFLAG_SECURE, &VNET_NAME(fw_deny_unknown_exthdrs), 0, "Deny packets with unknown IPv6 Extension Headers"); -#endif -#endif +#endif /* INET6 */ + +#endif /* SYSCTL_NODE */ /* * Description of dynamic rules. @@ -2243,6 +2245,7 @@ ipfw_chk(struct ip_fw_args *args) return (IP_FW_PASS); /* accept */ dst_ip.s_addr = 0; /* make sure it is initialized */ + src_ip.s_addr = 0; /* make sure it is initialized */ pktlen = m->m_pkthdr.len; args->f_id.fib = M_GETFIB(m); /* note mbuf not altered) */ proto = args->f_id.proto = 0; /* mark f_id invalid */ @@ -2254,15 +2257,15 @@ ipfw_chk(struct ip_fw_args *args) * pointer might become stale after other pullups (but we never use it * this way). */ -#define PULLUP_TO(len, p, T) \ +#define PULLUP_TO(_len, p, T) \ do { \ - int x = (len) + sizeof(T); \ + int x = (_len) + sizeof(T); \ if ((m)->m_len < x) { \ args->m = m = m_pullup(m, x); \ if (m == NULL) \ goto pullup_failed; \ } \ - p = (mtod(m, char *) + (len)); \ + p = (mtod(m, char *) + (_len)); \ } while (0) /* Modified: stable/8/sys/netinet/raw_ip.c ============================================================================== --- stable/8/sys/netinet/raw_ip.c Sat Dec 5 11:51:32 2009 (r200118) +++ stable/8/sys/netinet/raw_ip.c Sat Dec 5 12:51:51 2009 (r200119) @@ -535,6 +535,7 @@ rip_ctloutput(struct socket *so, struct error = sooptcopyout(sopt, &optval, sizeof optval); break; + case IP_FW3: /* generic ipfw v.3 functions */ case IP_FW_ADD: /* ADD actually returns the body... */ case IP_FW_GET: case IP_FW_TABLE_GETSIZE: @@ -547,6 +548,7 @@ rip_ctloutput(struct socket *so, struct error = ENOPROTOOPT; break; + case IP_DUMMYNET3: /* generic dummynet v.3 functions */ case IP_DUMMYNET_GET: if (ip_dn_ctl_ptr != NULL) error = ip_dn_ctl_ptr(sopt); @@ -592,6 +594,7 @@ rip_ctloutput(struct socket *so, struct inp->inp_flags &= ~INP_HDRINCL; break; + case IP_FW3: /* generic ipfw v.3 functions */ case IP_FW_ADD: case IP_FW_DEL: case IP_FW_FLUSH: @@ -608,6 +611,7 @@ rip_ctloutput(struct socket *so, struct error = ENOPROTOOPT; break; + case IP_DUMMYNET3: /* generic dummynet v.3 functions */ case IP_DUMMYNET_CONFIGURE: case IP_DUMMYNET_DEL: case IP_DUMMYNET_FLUSH:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912051251.nB5CppHl088023>