version 1.5, 2022/08/03 17:10:59
|
version 1.7, 2022/08/18 11:33:20
|
Line 1
|
Line 1
|
diff --git a/sys/netpfil/ipfw/ip_fw_private.h b/sys/netpfil/ipfw/ip_fw_private.h |
diff --git a/sys/netpfil/ipfw/ip_fw_private.h b/sys/netpfil/ipfw/ip_fw_private.h |
index 1440b1a40ee..61bf5115fdd 100644 | index 1440b1a40ee..bd4cefb7fed 100644 |
--- a/sys/netpfil/ipfw/ip_fw_private.h |
--- a/sys/netpfil/ipfw/ip_fw_private.h |
+++ b/sys/netpfil/ipfw/ip_fw_private.h |
+++ b/sys/netpfil/ipfw/ip_fw_private.h |
@@ -251,6 +251,28 @@ VNET_DECLARE(unsigned int, fw_tables_sets); | @@ -251,6 +251,40 @@ VNET_DECLARE(unsigned int, fw_tables_sets); |
|
|
struct tables_config; |
struct tables_config; |
|
|
Line 13 index 1440b1a40ee..61bf5115fdd 100644
|
Line 13 index 1440b1a40ee..61bf5115fdd 100644
|
+#define V_hook_state VNET(hook_state) |
+#define V_hook_state VNET(hook_state) |
+VNET_DECLARE(ipfw_hook_t, hook_alias); |
+VNET_DECLARE(ipfw_hook_t, hook_alias); |
+#define V_hook_alias VNET(hook_alias) |
+#define V_hook_alias VNET(hook_alias) |
|
+VNET_DECLARE(ipfw_hook_t, sync_state); |
|
+#define V_sync_state VNET(sync_state) |
|
+VNET_DECLARE(ipfw_hook_t, sync_alias); |
|
+#define V_sync_alias VNET(sync_alias) |
+#endif |
+#endif |
+ |
+ |
+struct ipfw_dyn_hook_extdata { |
+struct ipfw_dyn_hook_extdata { |
+ unsigned int ruleid; |
+ unsigned int ruleid; |
+ unsigned short rulenum; |
+ unsigned short rulenum; |
+ unsigned short fibnum; |
+ unsigned short fibnum; |
|
+ unsigned short kidx; |
|
+ unsigned char cmdtype; |
+}; |
+}; |
+ |
+ |
+int ipfw_dyn_install_sync_state(const struct ipfw_flow_id *pkt, void *rule, uint32_t ruleid, uint16_t rulenum); | +int ipfw_dyn_install_sync_state(const struct ipfw_flow_id *pkt, void *rule, |
| + uint32_t ruleid, uint16_t rulenum, uint16_t kidx, uint8_t cmdtype); |
+ |
+ |
+#define ipfw_unregister_state_hook() V_hook_state = NULL |
+#define ipfw_unregister_state_hook() V_hook_state = NULL |
+#define ipfw_unregister_alias_hook() V_hook_alias = NULL |
+#define ipfw_unregister_alias_hook() V_hook_alias = NULL |
+#define ipfw_register_state_hook(_hcb) V_hook_state = (_hcb) |
+#define ipfw_register_state_hook(_hcb) V_hook_state = (_hcb) |
+#define ipfw_register_alias_hook(_hcb) V_hook_alias = (_hcb) |
+#define ipfw_register_alias_hook(_hcb) V_hook_alias = (_hcb) |
+ |
+ |
|
+#define ipfw_unregister_state_sync() V_sync_state = NULL |
|
+#define ipfw_unregister_alias_sync() V_sync_alias = NULL |
|
+#define ipfw_register_state_sync(_hcb) V_sync_state = (_hcb) |
|
+#define ipfw_register_alias_sync(_hcb) V_sync_alias = (_hcb) |
|
+ |
#ifdef _KERNEL |
#ifdef _KERNEL |
/* |
/* |
* Here we have the structure representing an ipfw rule. |
* Here we have the structure representing an ipfw rule. |
|
@@ -295,6 +329,22 @@ struct ip_fw { |
|
|
|
#endif |
|
|
|
+/* Nat configuration data struct. */ |
|
+struct cfg_nat { |
|
+ /* chain of nat instances */ |
|
+ LIST_ENTRY(cfg_nat) _next; |
|
+ int id; /* nat id */ |
|
+ struct in_addr ip; /* nat ip address */ |
|
+ struct libalias *lib; /* libalias instance */ |
|
+ int mode; /* aliasing mode */ |
|
+ int redir_cnt; /* number of entry in spool chain */ |
|
+ /* chain of redir instances */ |
|
+ LIST_HEAD(redir_chain, cfg_redir) redir_chain; |
|
+ char if_name[IF_NAMESIZE]; /* interface name */ |
|
+ u_short alias_port_lo; /* low range for port aliasing */ |
|
+ u_short alias_port_hi; /* high range for port aliasing */ |
|
+}; |
|
+ |
|
struct ip_fw_chain { |
|
struct ip_fw **map; /* array of rule ptrs to ease lookup */ |
|
uint32_t id; /* ruleset id */ |