FreeBSD Mail Archives

Date:      Tue, 16 Jan 2007 21:22:19 GMT
From:      Marko Zec <zec@FreeBSD.org>
To:        Perforce Change Reviews <perforce@FreeBSD.org>
Subject:   PERFORCE change 113021 for review
Message-ID:  <200701162122.l0GLMJr0035120@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help

http://perforce.freebsd.org/chv.cgi?CH=113021

Change 113021 by zec@zec_tca51 on 2007/01/16 21:21:44

	Fix the changes to ipfw to allow it to compile with INET6.

Affected files ...

.. //depot/projects/vimage/src/sys/netinet/ip_fw2.c#8 edit
.. //depot/projects/vimage/src/sys/netinet/ip_fw_pfil.c#4 edit

Differences ...

==== //depot/projects/vimage/src/sys/netinet/ip_fw2.c#8 (text+ko) ====

@@ -311,19 +311,26 @@
 /*
  * IPv6 specific variables
  */
+#ifndef VIMAGE
+static int fw_deny_unknown_exthdrs;
+#endif
+
 SYSCTL_DECL(_net_inet6_ip6);
-
-static struct sysctl_ctx_list ip6_fw_sysctl_ctx;
-static struct sysctl_oid *ip6_fw_sysctl_tree;
+SYSCTL_NODE(_net_inet6_ip6, OID_AUTO, fw, CTLFLAG_RW | CTLFLAG_SECURE,
+	0, "Firewall");
+SYSCTL_V_PROC(V_NET, vnet_ipfw, _net_inet6_ip6_fw, OID_AUTO, enable,
+    CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, fw6_enable, 0,
+    ipfw_chg_hook, "I", "Enable ipfw+6");
+SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet6_ip6_fw, OID_AUTO,
+    deny_unknown_exthdrs, CTLFLAG_RW | CTLFLAG_SECURE,
+    fw_deny_unknown_exthdrs, 0,
+    "Deny packets with unknown IPv6 Extension Headers");
 #endif /* INET6 */
 #endif /* SYSCTL_NODE */
 
 #ifdef IPFIREWALL_NAT
 MODULE_DEPEND(ipfw, libalias, 1, 1, 1);
 #endif
-#ifndef VIMAGE
-static int fw_deny_unknown_exthdrs;
-#endif
 
 /*
  * L3HDR maps an ipv4 pointer into a layer3 header pointer of type T
@@ -4980,23 +4987,6 @@
 int
 ipfw_init(void)
 {
-#ifdef INET6
-	/* Setup IPv6 fw sysctl tree. */
-	sysctl_ctx_init(&ip6_fw_sysctl_ctx);
-	ip6_fw_sysctl_tree = SYSCTL_ADD_NODE(&ip6_fw_sysctl_ctx,
-	    SYSCTL_STATIC_CHILDREN(_net_inet6_ip6), OID_AUTO, "fw",
-	    CTLFLAG_RW | CTLFLAG_SECURE, 0, "Firewall");
-	SYSCTL_ADD_PROC(&ip6_fw_sysctl_ctx, SYSCTL_CHILDREN(ip6_fw_sysctl_tree),
-	    OID_AUTO, "enable", CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3,
-	    &fw6_enable, 0, ipfw_chg_hook, "I", "Enable ipfw+6");
-#if 0 /* XXX MARKO */
-	SYSCTL_ADD_V_INT(V_NET, vnet_ipfw, &ip6_fw_sysctl_ctx,
-	    SYSCTL_CHILDREN(ip6_fw_sysctl_tree),
-	    OID_AUTO, "deny_unknown_exthdrs", CTLFLAG_RW | CTLFLAG_SECURE,
-	    fw_deny_unknown_exthdrs, 0,
-	    "Deny packets with unknown IPv6 Extension Headers");
-#endif /* 0 */
-#endif
 
 	ipfw_dyn_rule_zone = uma_zcreate("IPFW dynamic rule zone",
 	    sizeof(ipfw_dyn_rule), NULL, NULL, NULL, NULL,
@@ -5116,10 +5106,5 @@
 	IPFW_DYN_LOCK_DESTROY();
 	uma_zdestroy(ipfw_dyn_rule_zone);
 
-#ifdef INET6
-	/* Free IPv6 fw sysctl tree. */
-	sysctl_ctx_free(&ip6_fw_sysctl_ctx);
-#endif
-
 	printf("IP firewall unloaded\n");
 }

==== //depot/projects/vimage/src/sys/netinet/ip_fw_pfil.c#4 (text+ko) ====

@@ -519,7 +519,7 @@
 			error = ipfw_unhook();
 	}
 #ifdef INET6
-	if (arg1 == &fw6_enable) {
+	if (arg1 == &V_fw6_enable) {
 		if (enable)
 			error = ipfw6_hook();
 		else

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701162122.l0GLMJr0035120>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation