--- fwsync/driver/fwsync_workers.c 2022/07/11 12:58:58 1.3 +++ fwsync/driver/fwsync_workers.c 2022/08/04 00:24:39 1.8 @@ -5,6 +5,82 @@ #include "fwsync.h" +static int +fwsync_add_state_4(struct ipfw_flow_id *fid, u_int ruleid, u_short rulenum) +{ + struct ip_fw *rule = NULL; + struct ip_fw_args args; + struct ipfw_dyn_info info; + ipfw_insn cmd; + + DTRACE(); + + memset(&cmd, 0, sizeof cmd); + cmd.opcode = O_KEEP_STATE; + memset(&info, 0, sizeof info); + memset(&args, 0, sizeof args); + memcpy(&args.f_id, fid, sizeof args.f_id); + + rule = ipfw_dyn_lookup_state(&args, NULL, 0, &cmd, &info); + printf("rule=%p\n", rule); + return 0; +// return ipfw_dyn_install_sync_state(fid, rule, ruleid, rulenum); +} + +static int +fwsync_add_state_6(struct ipfw_flow_id *fid, u_int ruleid, u_short rulenum) +{ + DTRACE(); + + return 0; +} + +int +fwsync_add_state(const struct fws_proto *pkt) +{ + struct ipfw_flow_id fid; + + DTRACE(); + + memset(&fid, 0, sizeof fid); + fid.fib = pkt->fws_fib; + fid.proto = pkt->fws_proto; + fid.addr_type = pkt->fws_addrtype; + fid.src_port = pkt->fws_sport; + fid.dst_port = pkt->fws_dport; + switch (pkt->fws_addrtype) { + case 4: + fid.src_ip = pkt->fws_saddr.s_addr; + fid.dst_ip = pkt->fws_daddr.s_addr; + break; + case 6: + memcpy(&fid.src_ip6, &pkt->fws_saddr6, sizeof fid.src_ip6); + memcpy(&fid.dst_ip6, &pkt->fws_daddr6, sizeof fid.dst_ip6); + fid.flow_id6 = pkt->fws_scopeid; + break; + default: + return EINVAL; + } + + if (pkt->fws_addrtype == 4) + fwsync_add_state_4(&fid, pkt->fws_ruleid, pkt->fws_rulenum); + else if (pkt->fws_addrtype == 6) + fwsync_add_state_6(&fid, pkt->fws_ruleid, pkt->fws_rulenum); + else + return EINVAL; + + return 0; +} + +int +fwsync_add_alias(const struct fws_proto *pkt) +{ + DTRACE(); + + return 0; +} + + void fwsync_sndpkt_handler(void *context, int pending) { @@ -19,15 +95,23 @@ fwsync_sndpkt_handler(void *context, int pending) do { mtx_lock(&fws_mtx_c); pkt = TAILQ_FIRST(&fwsync_sndpkt); - TAILQ_REMOVE(&fwsync_sndpkt, pkt, sp_next); + if (pkt) + TAILQ_REMOVE(&fwsync_sndpkt, pkt, sp_next); mtx_unlock(&fws_mtx_c); - if (!(fws_cfg.cfg.on & CFG_SYNC_COLLECTOR)) + if (!pkt) /* sending queue is empty */ + break; + + if (!(fws_cfg.cfg.on & CFG_SYNC_COLLECTOR)) { + free(pkt, M_FWSYNC); continue; + } m = m_gethdr(M_NOWAIT, MT_DATA); - if (!m) + if (!m) { + free(pkt, M_FWSYNC); continue; + } memcpy(mtod(m, struct fws_proto *), &pkt->sp_proto, sizeof pkt->sp_proto); m->m_len = sizeof pkt->sp_proto; @@ -62,24 +146,26 @@ fwsync_sndpkt_handler(void *context, int pending) } out: m_freem(m); + free(pkt, M_FWSYNC); } while (--pending); } int -fwsync_state_handler(void *arg) +fwsync_state_handler(const void *arg, const void *extdata) { - struct ipfw_flow_id *pkt = arg; + const struct ipfw_flow_id *pkt = arg; + const struct ipfw_dyn_hook_extdata *edata = extdata; struct fws_proto *spkt; struct fws_sndpkt *p; DTRACE(); - if (pkt->addr_type == 1) + if (!pkt || pkt->addr_type == 1) return 0; /* skip ethernet packet */ mtx_lock(&fws_mtx_c); - p = malloc(sizeof(struct fws_proto), M_FWSYNC, M_NOWAIT | M_ZERO); + p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO); if (!p) { mtx_unlock(&fws_mtx_c); return 0; @@ -88,6 +174,8 @@ fwsync_state_handler(void *arg) spkt->fws_version = FWS_PKTVER_STATE; spkt->fws_fib = pkt->fib; + spkt->fws_ruleid = edata->ruleid; + spkt->fws_rulenum = edata->rulenum; spkt->fws_proto = pkt->proto; spkt->fws_addrtype = pkt->addr_type; spkt->fws_sport = pkt->src_port; @@ -119,9 +207,42 @@ fwsync_state_handler(void *arg) } int -fwsync_alias_handler(void *arg) +fwsync_alias_handler(const void *arg, const void *extdata) { + const struct alias_link *lnk = arg; + struct fws_proto *spkt; + struct fws_sndpkt *p; + DTRACE(); + if (!lnk || lnk->link_type >= IPPROTO_MAX) + return 0; + + mtx_lock(&fws_mtx_c); + + p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO); + if (!p) { + mtx_unlock(&fws_mtx_c); + return 0; + } else + spkt = &p->sp_proto; + + spkt->fws_version = FWS_PKTVER_ALIAS; + spkt->fws_proto = lnk->link_type; + spkt->fws_addrtype = 4; + spkt->fws_sport = lnk->src_port; + spkt->fws_dport = lnk->dst_port; + spkt->fws_aport = lnk->alias_port; + spkt->fws_pport = lnk->proxy_port; + spkt->fws_saddr.s_addr = lnk->src_addr.s_addr; + spkt->fws_daddr.s_addr = lnk->dst_addr.s_addr; + spkt->fws_aaddr.s_addr = lnk->alias_addr.s_addr; + spkt->fws_paddr.s_addr = lnk->proxy_addr.s_addr; + + TAILQ_INSERT_TAIL(&fwsync_sndpkt, p, sp_next); + + mtx_unlock(&fws_mtx_c); + + taskqueue_enqueue(fws_tq, &fws_sndpkt_task); return 0; }