1: /*************************************************************************
2: * (C) 2022 CloudSigma AG - Sofia/Bulgaria
3: * by Michael Pounov <misho@elwix.org>
4: **************************************************************************/
5: #include "fwsync.h"
6:
7:
8: static int
9: fwsync_add_state_4(struct ipfw_flow_id *fid, u_int ruleid, u_short rulenum)
10: {
11: struct ip_fw *rule = NULL;
12: struct ip_fw_args args;
13: struct ipfw_dyn_info info;
14: ipfw_insn cmd;
15:
16: DTRACE();
17:
18: memset(&cmd, 0, sizeof cmd);
19: cmd.opcode = O_KEEP_STATE;
20: memset(&info, 0, sizeof info);
21: memset(&args, 0, sizeof args);
22: memcpy(&args.f_id, fid, sizeof args.f_id);
23:
24: rule = ipfw_dyn_lookup_state(&args, NULL, 0, &cmd, &info);
25: printf("rule=%p\n", rule);
26: return 0;
27: // return ipfw_dyn_install_sync_state(fid, rule, ruleid, rulenum);
28: }
29:
30: static int
31: fwsync_add_state_6(struct ipfw_flow_id *fid, u_int ruleid, u_short rulenum)
32: {
33: DTRACE();
34:
35: return 0;
36: }
37:
38: int
39: fwsync_add_state(const struct fws_proto *pkt)
40: {
41: struct ipfw_flow_id fid;
42:
43: DTRACE();
44:
45: memset(&fid, 0, sizeof fid);
46: fid.fib = pkt->fws_fib;
47: fid.proto = pkt->fws_proto;
48: fid.addr_type = pkt->fws_addrtype;
49: fid.src_port = pkt->fws_sport;
50: fid.dst_port = pkt->fws_dport;
51: switch (pkt->fws_addrtype) {
52: case 4:
53: fid.src_ip = pkt->fws_saddr.s_addr;
54: fid.dst_ip = pkt->fws_daddr.s_addr;
55: break;
56: case 6:
57: memcpy(&fid.src_ip6, &pkt->fws_saddr6, sizeof fid.src_ip6);
58: memcpy(&fid.dst_ip6, &pkt->fws_daddr6, sizeof fid.dst_ip6);
59: fid.flow_id6 = pkt->fws_scopeid;
60: break;
61: default:
62: return EINVAL;
63: }
64:
65: if (pkt->fws_addrtype == 4)
66: fwsync_add_state_4(&fid, pkt->fws_ruleid, pkt->fws_rulenum);
67: else if (pkt->fws_addrtype == 6)
68: fwsync_add_state_6(&fid, pkt->fws_ruleid, pkt->fws_rulenum);
69: else
70: return EINVAL;
71:
72: return 0;
73: }
74:
75: int
76: fwsync_add_alias(const struct fws_proto *pkt)
77: {
78: DTRACE();
79:
80: return 0;
81: }
82:
83:
84: void
85: fwsync_sndpkt_handler(void *context, int pending)
86: {
87: struct fws_sndpkt *pkt;
88: struct mbuf *m2, *m;
89: int e;
90:
91: DTRACE();
92:
93: printf("pending=%d\n", pending);
94:
95: do {
96: mtx_lock(&fws_mtx_c);
97: pkt = TAILQ_FIRST(&fwsync_sndpkt);
98: if (pkt)
99: TAILQ_REMOVE(&fwsync_sndpkt, pkt, sp_next);
100: mtx_unlock(&fws_mtx_c);
101:
102: if (!pkt) /* sending queue is empty */
103: break;
104:
105: if (!(fws_cfg.cfg.on & CFG_SYNC_COLLECTOR)) {
106: free(pkt, M_FWSYNC);
107: continue;
108: }
109:
110: m = m_gethdr(M_NOWAIT, MT_DATA);
111: if (!m) {
112: free(pkt, M_FWSYNC);
113: continue;
114: }
115:
116: memcpy(mtod(m, struct fws_proto *), &pkt->sp_proto, sizeof pkt->sp_proto);
117: m->m_len = sizeof pkt->sp_proto;
118: m_fixhdr(m);
119:
120: if ((fws_ctx.config & (CTX_COLLECTOR_2_ONLINE | CTX_COLLECTOR_2_READY)) ==
121: (CTX_COLLECTOR_2_ONLINE | CTX_COLLECTOR_2_READY)) {
122: m2 = m_copypacket(m, M_NOWAIT);
123: if (!m2) {
124: printf("error in copypacket for second collector\n");
125: goto out;
126: }
127: e = sosend(fws_ctx.sockz[CFG_SYNC_ADDR_COLLECTOR_2],
128: &fws_cfg.cfg_addr[CFG_SYNC_ADDR_COLLECTOR_2].addr, NULL,
129: m2, NULL, 0, curthread);
130: if (e && e != EAGAIN)
131: printf("error in collector %d handler #%d\n", CFG_SYNC_ADDR_COLLECTOR_2, e);
132: }
133:
134: if ((fws_ctx.config & (CTX_COLLECTOR_1_ONLINE | CTX_COLLECTOR_1_READY)) ==
135: (CTX_COLLECTOR_1_ONLINE | CTX_COLLECTOR_1_READY)) {
136: m2 = m_copypacket(m, M_NOWAIT);
137: if (!m2) {
138: printf("error in copypacket for first collector\n");
139: goto out;
140: }
141: e = sosend(fws_ctx.sockz[CFG_SYNC_ADDR_COLLECTOR_1],
142: &fws_cfg.cfg_addr[CFG_SYNC_ADDR_COLLECTOR_1].addr, NULL,
143: m2, NULL, 0, curthread);
144: if (e && e != EAGAIN)
145: printf("error in collector %d handler #%d\n", CFG_SYNC_ADDR_COLLECTOR_1, e);
146: }
147: out:
148: m_freem(m);
149: free(pkt, M_FWSYNC);
150: } while (--pending);
151: }
152:
153: int
154: fwsync_state_handler(const void *arg, const void *extdata)
155: {
156: const struct ipfw_flow_id *pkt = arg;
157: const struct ipfw_dyn_hook_extdata *edata = extdata;
158: struct fws_proto *spkt;
159: struct fws_sndpkt *p;
160:
161: DTRACE();
162:
163: if (!pkt || pkt->addr_type == 1)
164: return 0; /* skip ethernet packet */
165:
166: mtx_lock(&fws_mtx_c);
167:
168: p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO);
169: if (!p) {
170: mtx_unlock(&fws_mtx_c);
171: return 0;
172: } else
173: spkt = &p->sp_proto;
174:
175: spkt->fws_version = FWS_PKTVER_STATE;
176: spkt->fws_fib = pkt->fib;
177: spkt->fws_ruleid = edata->ruleid;
178: spkt->fws_rulenum = edata->rulenum;
179: spkt->fws_proto = pkt->proto;
180: spkt->fws_addrtype = pkt->addr_type;
181: spkt->fws_sport = pkt->src_port;
182: spkt->fws_dport = pkt->dst_port;
183:
184: switch (pkt->addr_type) {
185: case 4:
186: spkt->fws_saddr.s_addr = pkt->src_ip;
187: spkt->fws_daddr.s_addr = pkt->dst_ip;
188: spkt->fws_scopeid = 0;
189: break;
190: case 6:
191: memcpy(&spkt->fws_saddr6, &pkt->src_ip6, sizeof spkt->fws_saddr6);
192: memcpy(&spkt->fws_daddr6, &pkt->dst_ip6, sizeof spkt->fws_daddr6);
193: spkt->fws_scopeid = pkt->flow_id6;
194: break;
195: default:
196: free(p, M_FWSYNC);
197: mtx_unlock(&fws_mtx_c);
198: return EINVAL;
199: }
200:
201: TAILQ_INSERT_TAIL(&fwsync_sndpkt, p, sp_next);
202:
203: mtx_unlock(&fws_mtx_c);
204:
205: taskqueue_enqueue(fws_tq, &fws_sndpkt_task);
206: return 0;
207: }
208:
209: int
210: fwsync_alias_handler(const void *arg, const void *extdata)
211: {
212: const struct alias_link *lnk = arg;
213: struct fws_proto *spkt;
214: struct fws_sndpkt *p;
215:
216: DTRACE();
217:
218: if (!lnk || lnk->link_type >= IPPROTO_MAX)
219: return 0;
220:
221: mtx_lock(&fws_mtx_c);
222:
223: p = malloc(sizeof(struct fws_sndpkt), M_FWSYNC, M_NOWAIT | M_ZERO);
224: if (!p) {
225: mtx_unlock(&fws_mtx_c);
226: return 0;
227: } else
228: spkt = &p->sp_proto;
229:
230: spkt->fws_version = FWS_PKTVER_ALIAS;
231: spkt->fws_proto = lnk->link_type;
232: spkt->fws_addrtype = 4;
233: spkt->fws_sport = lnk->src_port;
234: spkt->fws_dport = lnk->dst_port;
235: spkt->fws_aport = lnk->alias_port;
236: spkt->fws_pport = lnk->proxy_port;
237: spkt->fws_saddr.s_addr = lnk->src_addr.s_addr;
238: spkt->fws_daddr.s_addr = lnk->dst_addr.s_addr;
239: spkt->fws_aaddr.s_addr = lnk->alias_addr.s_addr;
240: spkt->fws_paddr.s_addr = lnk->proxy_addr.s_addr;
241:
242: TAILQ_INSERT_TAIL(&fwsync_sndpkt, p, sp_next);
243:
244: mtx_unlock(&fws_mtx_c);
245:
246: taskqueue_enqueue(fws_tq, &fws_sndpkt_task);
247: return 0;
248: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to fwsync_workers.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / fwsync / driver