diff --git a/sys/netpfil/ipfw/ip_fw_private.h b/sys/netpfil/ipfw/ip_fw_private.h index 1440b1a40ee..bd4cefb7fed 100644 --- a/sys/netpfil/ipfw/ip_fw_private.h +++ b/sys/netpfil/ipfw/ip_fw_private.h @@ -251,6 +251,40 @@ VNET_DECLARE(unsigned int, fw_tables_sets); struct tables_config; +#ifndef V_hook_state +typedef int (*ipfw_hook_t)(const void *arg, const void *extdata); +/* callback hooks for notify on update of internal states and aliases */ +VNET_DECLARE(ipfw_hook_t, hook_state); +#define V_hook_state VNET(hook_state) +VNET_DECLARE(ipfw_hook_t, hook_alias); +#define V_hook_alias VNET(hook_alias) +VNET_DECLARE(ipfw_hook_t, sync_state); +#define V_sync_state VNET(sync_state) +VNET_DECLARE(ipfw_hook_t, sync_alias); +#define V_sync_alias VNET(sync_alias) +#endif + +struct ipfw_dyn_hook_extdata { + unsigned int ruleid; + unsigned short rulenum; + unsigned short fibnum; + unsigned short kidx; + unsigned char cmdtype; +}; + +int ipfw_dyn_install_sync_state(const struct ipfw_flow_id *pkt, void *rule, + uint32_t ruleid, uint16_t rulenum, uint16_t kidx, uint8_t cmdtype); + +#define ipfw_unregister_state_hook() V_hook_state = NULL +#define ipfw_unregister_alias_hook() V_hook_alias = NULL +#define ipfw_register_state_hook(_hcb) V_hook_state = (_hcb) +#define ipfw_register_alias_hook(_hcb) V_hook_alias = (_hcb) + +#define ipfw_unregister_state_sync() V_sync_state = NULL +#define ipfw_unregister_alias_sync() V_sync_alias = NULL +#define ipfw_register_state_sync(_hcb) V_sync_state = (_hcb) +#define ipfw_register_alias_sync(_hcb) V_sync_alias = (_hcb) + #ifdef _KERNEL /* * Here we have the structure representing an ipfw rule. @@ -295,6 +329,22 @@ struct ip_fw { #endif +/* Nat configuration data struct. */ +struct cfg_nat { + /* chain of nat instances */ + LIST_ENTRY(cfg_nat) _next; + int id; /* nat id */ + struct in_addr ip; /* nat ip address */ + struct libalias *lib; /* libalias instance */ + int mode; /* aliasing mode */ + int redir_cnt; /* number of entry in spool chain */ + /* chain of redir instances */ + LIST_HEAD(redir_chain, cfg_redir) redir_chain; + char if_name[IF_NAMESIZE]; /* interface name */ + u_short alias_port_lo; /* low range for port aliasing */ + u_short alias_port_hi; /* high range for port aliasing */ +}; + struct ip_fw_chain { struct ip_fw **map; /* array of rule ptrs to ease lookup */ uint32_t id; /* ruleset id */