diff options
| author | Pawel Biernacki <kaktus@FreeBSD.org> | 2020-02-26 14:26:36 +0000 |
|---|---|---|
| committer | Pawel Biernacki <kaktus@FreeBSD.org> | 2020-02-26 14:26:36 +0000 |
| commit | 7029da5c36f2d3cf6bb6c81bf551229f416399e8 (patch) | |
| tree | 53cae9da1371117a3ac21d0d0f3f030a692807ae /sys/netinet/in_pcb.c | |
| parent | d7313dc6f5fcab29946951936597772dfff6a4be (diff) | |
Notes
Diffstat (limited to 'sys/netinet/in_pcb.c')
| -rw-r--r-- | sys/netinet/in_pcb.c | 35 |
1 files changed, 21 insertions, 14 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index be954c30ddef4..884c36f608281 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -172,27 +172,34 @@ sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) #undef RANGECHK -static SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, +static SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, + CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "IP Ports"); SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, - CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW, - &VNET_NAME(ipport_lowfirstauto), 0, &sysctl_net_ipport_check, "I", ""); + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, + &VNET_NAME(ipport_lowfirstauto), 0, &sysctl_net_ipport_check, "I", + ""); SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, - CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW, - &VNET_NAME(ipport_lowlastauto), 0, &sysctl_net_ipport_check, "I", ""); + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, + &VNET_NAME(ipport_lowlastauto), 0, &sysctl_net_ipport_check, "I", + ""); SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, - CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW, - &VNET_NAME(ipport_firstauto), 0, &sysctl_net_ipport_check, "I", ""); + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, + &VNET_NAME(ipport_firstauto), 0, &sysctl_net_ipport_check, "I", + ""); SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, - CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW, - &VNET_NAME(ipport_lastauto), 0, &sysctl_net_ipport_check, "I", ""); + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, + &VNET_NAME(ipport_lastauto), 0, &sysctl_net_ipport_check, "I", + ""); SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, - CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW, - &VNET_NAME(ipport_hifirstauto), 0, &sysctl_net_ipport_check, "I", ""); + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, + &VNET_NAME(ipport_hifirstauto), 0, &sysctl_net_ipport_check, "I", + ""); SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, - CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW, - &VNET_NAME(ipport_hilastauto), 0, &sysctl_net_ipport_check, "I", ""); + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, + &VNET_NAME(ipport_hilastauto), 0, &sysctl_net_ipport_check, "I", + ""); SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedhigh, CTLFLAG_VNET | CTLFLAG_RW | CTLFLAG_SECURE, &VNET_NAME(ipport_reservedhigh), 0, ""); @@ -216,7 +223,7 @@ counter_u64_t rate_limit_active; counter_u64_t rate_limit_alloc_fail; counter_u64_t rate_limit_set_ok; -static SYSCTL_NODE(_net_inet_ip, OID_AUTO, rl, CTLFLAG_RD, 0, +static SYSCTL_NODE(_net_inet_ip, OID_AUTO, rl, CTLFLAG_RD | CTLFLAG_MPSAFE, 0, "IP Rate Limiting"); SYSCTL_COUNTER_U64(_net_inet_ip_rl, OID_AUTO, active, CTLFLAG_RD, &rate_limit_active, "Active rate limited connections"); |