Annotation of fwsync/patches/ip_fw_dynamic.patch, revision 1.3
1.1 misho 1: diff --git a/sys/netpfil/ipfw/ip_fw_dynamic.c b/sys/netpfil/ipfw/ip_fw_dynamic.c
1.3 ! misho 2: index 00b54fa463a..3a2054aaca4 100644
1.1 misho 3: --- a/sys/netpfil/ipfw/ip_fw_dynamic.c
4: +++ b/sys/netpfil/ipfw/ip_fw_dynamic.c
1.2 misho 5: @@ -1868,6 +1868,7 @@ dyn_install_state(const struct ipfw_flow_id *pkt, uint32_t zoneid,
6: struct ipfw_flow_id id;
7: uint32_t hashval, parent_hashval, ruleid, rulenum;
8: int ret;
9: + struct ipfw_dyn_hook_extdata edat;
10:
11: MPASS(type == O_LIMIT || type == O_KEEP_STATE);
12:
1.3 ! misho 13: @@ -1959,6 +1960,17 @@ dyn_install_state(const struct ipfw_flow_id *pkt, uint32_t zoneid,
1.1 misho 14: #endif
15: }
16: }
17: +
1.2 misho 18: + if (type == O_KEEP_STATE && !ret && V_hook_state) {
19: + memset(&edat, 0, sizeof edat);
20: + edat.ruleid = ruleid;
21: + edat.rulenum = rulenum;
22: + edat.fibnum = fibnum;
1.3 ! misho 23: + edat.kidx = kidx;
! 24: + edat.cmdtype = type;
1.2 misho 25: + V_hook_state(pkt, &edat);
26: + }
1.1 misho 27: +
28: /*
29: * EEXIST means that simultaneous thread has created this
30: * state. Consider this as success.
1.3 ! misho 31: @@ -2783,6 +2795,7 @@ dyn_tick(void *vnetx)
! 32: #endif
! 33: NET_EPOCH_EXIT(et);
! 34: }
! 35: +
! 36: /*
! 37: * Check if we need to resize the hash:
! 38: * if current number of states exceeds number of buckets in hash,
! 39: @@ -2816,6 +2829,34 @@ ipfw_expire_dyn_states(struct ip_fw_chain *chain, ipfw_range_tlv *rt)
! 40: dyn_expire_states(chain, rt);
1.2 misho 41: }
42:
43: +int
1.3 ! misho 44: +ipfw_dyn_install_sync_state(const struct ipfw_flow_id *pkt, void *rule, uint32_t ruleid,
! 45: + uint16_t rulenum, uint16_t kidx, uint8_t cmdtype)
1.2 misho 46: +{
47: + int ret = 0;
1.3 ! misho 48: + uint32_t hashval = 0;
1.2 misho 49: + struct ipfw_dyn_info info;
50: +
51: + DYN_INFO_INIT(&info);
52: +
1.3 ! misho 53: + printf("%s: pkt=%p rule=%p rid=%u rn=%hu kidx=0x%hx ct=%hhu\n", __func__,
! 54: + pkt, rule, ruleid, rulenum, kidx, cmdtype);
! 55: +
1.2 misho 56: + hashval = hash_packet(pkt);
57: + if (IS_IP4_FLOW_ID(pkt))
58: + ret = dyn_add_ipv4_state(rule, ruleid, rulenum, pkt,
1.3 ! misho 59: + NULL, 0, hashval, &info, pkt->fib, kidx, cmdtype);
1.2 misho 60: +#ifdef INET6
61: + else if (IS_IP6_FLOW_ID(pkt))
62: + ret = dyn_add_ipv6_state(rule, ruleid, rulenum, pkt,
1.3 ! misho 63: + pkt->flow_id6, NULL, 0, hashval, &info, pkt->fib, kidx, cmdtype);
1.2 misho 64: +#endif /* INET6 */
65: + else
66: + ret = EAFNOSUPPORT;
67: +
68: + return ret;
69: +}
70: +
71: /*
1.3 ! misho 72: * Pass through all states and reset eaction for orphaned rules.
! 73: */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ip_fw_dynamic.patch CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / fwsync / patches