version 1.3, 2022/07/11 12:58:58
|
version 1.8, 2022/08/04 00:24:39
|
Line 5
|
Line 5
|
#include "fwsync.h" |
#include "fwsync.h" |
|
|
|
|
|
static int |
|
fwsync_add_state_4(struct ipfw_flow_id *fid, u_int ruleid, u_short rulenum) |
|
{ |
|
struct ip_fw *rule = NULL; |
|
struct ip_fw_args args; |
|
struct ipfw_dyn_info info; |
|
ipfw_insn cmd; |
|
|
|
DTRACE(); |
|
|
|
memset(&cmd, 0, sizeof cmd); |
|
cmd.opcode = O_KEEP_STATE; |
|
memset(&info, 0, sizeof info); |
|
memset(&args, 0, sizeof args); |
|
memcpy(&args.f_id, fid, sizeof args.f_id); |
|
|
|
rule = ipfw_dyn_lookup_state(&args, NULL, 0, &cmd, &info); |
|
printf("rule=%p\n", rule); |
|
return 0; |
|
// return ipfw_dyn_install_sync_state(fid, rule, ruleid, rulenum); |
|
} |
|
|
|
static int |
|
fwsync_add_state_6(struct ipfw_flow_id *fid, u_int ruleid, u_short rulenum) |
|
{ |
|
DTRACE(); |
|
|
|
return 0; |
|
} |
|
|
|
int |
|
fwsync_add_state(const struct fws_proto *pkt) |
|
{ |
|
struct ipfw_flow_id fid; |
|
|
|
DTRACE(); |
|
|
|
memset(&fid, 0, sizeof fid); |
|
fid.fib = pkt->fws_fib; |
|
fid.proto = pkt->fws_proto; |
|
fid.addr_type = pkt->fws_addrtype; |
|
fid.src_port = pkt->fws_sport; |
|
fid.dst_port = pkt->fws_dport; |
|
switch (pkt->fws_addrtype) { |
|
case 4: |
|
fid.src_ip = pkt->fws_saddr.s_addr; |
|
fid.dst_ip = pkt->fws_daddr.s_addr; |
|
break; |
|
case 6: |
|
memcpy(&fid.src_ip6, &pkt->fws_saddr6, sizeof fid.src_ip6); |
|
memcpy(&fid.dst_ip6, &pkt->fws_daddr6, sizeof fid.dst_ip6); |
|
fid.flow_id6 = pkt->fws_scopeid; |
|
break; |
|
default: |
|
return EINVAL; |
|
} |
|
|
|
if (pkt->fws_addrtype == 4) |
|
fwsync_add_state_4(&fid, pkt->fws_ruleid, pkt->fws_rulenum); |
|
else if (pkt->fws_addrtype == 6) |
|
fwsync_add_state_6(&fid, pkt->fws_ruleid, pkt->fws_rulenum); |
|
else |
|
return EINVAL; |
|
|
|
return 0; |
|
} |
|
|
|
int |
|
fwsync_add_alias(const struct fws_proto *pkt) |
|
{ |
|
DTRACE(); |
|
|
|
return 0; |
|
} |
|
|
|
|
void |
void |
fwsync_sndpkt_handler(void *context, int pending) |
fwsync_sndpkt_handler(void *context, int pending) |
{ |
{ |
Line 19 fwsync_sndpkt_handler(void *context, int pending)
|
Line 95 fwsync_sndpkt_handler(void *context, int pending)
|
do { |
do { |
mtx_lock(&fws_mtx_c); |
mtx_lock(&fws_mtx_c); |
pkt = TAILQ_FIRST(&fwsync_sndpkt); |
pkt = TAILQ_FIRST(&fwsync_sndpkt); |
TAILQ_REMOVE(&fwsync_sndpkt, pkt, sp_next); | if (pkt) |
| TAILQ_REMOVE(&fwsync_sndpkt, pkt, sp_next); |
mtx_unlock(&fws_mtx_c); |
mtx_unlock(&fws_mtx_c); |
|
|
if (!(fws_cfg.cfg.on & CFG_SYNC_COLLECTOR)) | if (!pkt) /* sending queue is empty */ |
| break; |
| |
| if (!(fws_cfg.cfg.on & CFG_SYNC_COLLECTOR)) { |
| free(pkt, M_FWSYNC); |
continue; |
continue; |
|
} |
|
|
m = m_gethdr(M_NOWAIT, MT_DATA); |
m = m_gethdr(M_NOWAIT, MT_DATA); |
if (!m) | if (!m) { |
| free(pkt, M_FWSYNC); |
continue; |
continue; |
|
} |
|
|
memcpy(mtod(m, struct fws_proto *), &pkt->sp_proto, sizeof pkt->sp_proto); |
memcpy(mtod(m, struct fws_proto *), &pkt->sp_proto, sizeof pkt->sp_proto); |
m->m_len = sizeof pkt->sp_proto; |
m->m_len = sizeof pkt->sp_proto; |
Line 62 fwsync_sndpkt_handler(void *context, int pending)
|
Line 146 fwsync_sndpkt_handler(void *context, int pending)
|
} |
} |
out: |
out: |
m_freem(m); |
m_freem(m); |
|
free(pkt, M_FWSYNC); |
} while (--pending); |
} while (--pending); |
} |
} |
|
|
int |
int |
fwsync_state_handler(void *arg) | fwsync_state_handler(const void *arg, const void *extdata) |
{ |
{ |
struct ipfw_flow_id *pkt = arg; | const struct ipfw_flow_id *pkt = arg; |
| const struct ipfw_dyn_hook_extdata *edata = extdata; |
struct fws_proto *spkt; |
struct fws_proto *spkt; |
struct fws_sndpkt *p; |
struct fws_sndpkt *p; |
|
|
DTRACE(); |
DTRACE(); |
|
|
if (pkt->addr_type == 1) | if (!pkt || pkt->addr_type == 1) |
return 0; /* skip ethernet packet */ |
return 0; /* skip ethernet packet */ |
|
|
mtx_lock(&fws_mtx_c); |
mtx_lock(&fws_mtx_c); |
|
|
p = malloc(sizeof(struct fws_proto), M_FWSYNC, M_NOWAIT | M_ZERO); | p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO); |
if (!p) { |
if (!p) { |
mtx_unlock(&fws_mtx_c); |
mtx_unlock(&fws_mtx_c); |
return 0; |
return 0; |
Line 88 fwsync_state_handler(void *arg)
|
Line 174 fwsync_state_handler(void *arg)
|
|
|
spkt->fws_version = FWS_PKTVER_STATE; |
spkt->fws_version = FWS_PKTVER_STATE; |
spkt->fws_fib = pkt->fib; |
spkt->fws_fib = pkt->fib; |
|
spkt->fws_ruleid = edata->ruleid; |
|
spkt->fws_rulenum = edata->rulenum; |
spkt->fws_proto = pkt->proto; |
spkt->fws_proto = pkt->proto; |
spkt->fws_addrtype = pkt->addr_type; |
spkt->fws_addrtype = pkt->addr_type; |
spkt->fws_sport = pkt->src_port; |
spkt->fws_sport = pkt->src_port; |
Line 119 fwsync_state_handler(void *arg)
|
Line 207 fwsync_state_handler(void *arg)
|
} |
} |
|
|
int |
int |
fwsync_alias_handler(void *arg) | fwsync_alias_handler(const void *arg, const void *extdata) |
{ |
{ |
|
const struct alias_link *lnk = arg; |
|
struct fws_proto *spkt; |
|
struct fws_sndpkt *p; |
|
|
DTRACE(); |
DTRACE(); |
|
|
|
if (!lnk || lnk->link_type >= IPPROTO_MAX) |
|
return 0; |
|
|
|
mtx_lock(&fws_mtx_c); |
|
|
|
p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO); |
|
if (!p) { |
|
mtx_unlock(&fws_mtx_c); |
|
return 0; |
|
} else |
|
spkt = &p->sp_proto; |
|
|
|
spkt->fws_version = FWS_PKTVER_ALIAS; |
|
spkt->fws_proto = lnk->link_type; |
|
spkt->fws_addrtype = 4; |
|
spkt->fws_sport = lnk->src_port; |
|
spkt->fws_dport = lnk->dst_port; |
|
spkt->fws_aport = lnk->alias_port; |
|
spkt->fws_pport = lnk->proxy_port; |
|
spkt->fws_saddr.s_addr = lnk->src_addr.s_addr; |
|
spkt->fws_daddr.s_addr = lnk->dst_addr.s_addr; |
|
spkt->fws_aaddr.s_addr = lnk->alias_addr.s_addr; |
|
spkt->fws_paddr.s_addr = lnk->proxy_addr.s_addr; |
|
|
|
TAILQ_INSERT_TAIL(&fwsync_sndpkt, p, sp_next); |
|
|
|
mtx_unlock(&fws_mtx_c); |
|
|
|
taskqueue_enqueue(fws_tq, &fws_sndpkt_task); |
return 0; |
return 0; |
} |
} |