Annotation of fwsync/patches/ip_fw_dynamic.patch, revision 1.2
1.1 misho 1: diff --git a/sys/netpfil/ipfw/ip_fw_dynamic.c b/sys/netpfil/ipfw/ip_fw_dynamic.c
1.2 ! misho 2: index 00b54fa463a..871d7f565fe 100644
1.1 misho 3: --- a/sys/netpfil/ipfw/ip_fw_dynamic.c
4: +++ b/sys/netpfil/ipfw/ip_fw_dynamic.c
1.2 ! misho 5: @@ -1868,6 +1868,7 @@ dyn_install_state(const struct ipfw_flow_id *pkt, uint32_t zoneid,
! 6: struct ipfw_flow_id id;
! 7: uint32_t hashval, parent_hashval, ruleid, rulenum;
! 8: int ret;
! 9: + struct ipfw_dyn_hook_extdata edat;
! 10:
! 11: MPASS(type == O_LIMIT || type == O_KEEP_STATE);
! 12:
! 13: @@ -1959,6 +1960,15 @@ dyn_install_state(const struct ipfw_flow_id *pkt, uint32_t zoneid,
1.1 misho 14: #endif
15: }
16: }
17: +
1.2 ! misho 18: + if (type == O_KEEP_STATE && !ret && V_hook_state) {
! 19: + memset(&edat, 0, sizeof edat);
! 20: + edat.ruleid = ruleid;
! 21: + edat.rulenum = rulenum;
! 22: + edat.fibnum = fibnum;
! 23: + V_hook_state(pkt, &edat);
! 24: + }
1.1 misho 25: +
26: /*
27: * EEXIST means that simultaneous thread has created this
28: * state. Consider this as success.
1.2 ! misho 29: @@ -1970,6 +1980,30 @@ dyn_install_state(const struct ipfw_flow_id *pkt, uint32_t zoneid,
! 30: return (ret);
! 31: }
! 32:
! 33: +int
! 34: +ipfw_dyn_install_sync_state(const struct ipfw_flow_id *pkt, void *rule, uint32_t ruleid, uint16_t rulenum)
! 35: +{
! 36: + int ret = 0;
! 37: + uint32_t hashval;
! 38: + struct ipfw_dyn_info info;
! 39: +
! 40: + DYN_INFO_INIT(&info);
! 41: +
! 42: + hashval = hash_packet(pkt);
! 43: + if (IS_IP4_FLOW_ID(pkt))
! 44: + ret = dyn_add_ipv4_state(rule, ruleid, rulenum, pkt,
! 45: + NULL, 0, hashval, &info, pkt->fib, 0, O_KEEP_STATE);
! 46: +#ifdef INET6
! 47: + else if (IS_IP6_FLOW_ID(pkt))
! 48: + ret = dyn_add_ipv6_state(rule, ruleid, rulenum, pkt,
! 49: + pkt->flow_id6, NULL, 0, hashval, &info, pkt->fib, 0, O_KEEP_STATE);
! 50: +#endif /* INET6 */
! 51: + else
! 52: + ret = EAFNOSUPPORT;
! 53: +
! 54: + return ret;
! 55: +}
! 56: +
! 57: /*
! 58: * Install dynamic state.
! 59: * chain - ipfw's instance;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>