src - FreeBSD source tree

diff options


context:
space:
mode:

author	Max Laier <mlaier@FreeBSD.org>	2008-12-10 21:22:57 +0000
committer	Max Laier <mlaier@FreeBSD.org>	2008-12-10 21:22:57 +0000
commit	17f418e29d3ae329309cbe068d302f7e12e15b55 (patch)
tree	217022ae8627168b7e009c658c02296cc9c8c552 /net/if_pfsync.c
parent	c6c4fc3df17fc4a3e8022fd276c04e834febe004 (diff)

vendor/pf-sys/4.3

Diffstat (limited to 'net/if_pfsync.c')

-rw-r--r--

net/if_pfsync.c

1 files changed, 47 insertions, 11 deletions

diff --git a/net/if_pfsync.c b/net/if_pfsync.c
index da42c20a689a..2d3d3e4443a5 100644
--- a/net/if_pfsync.c
+++ b/net/if_pfsync.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: if_pfsync.c,v 1.83 2007/06/26 14:44:12 mcbride Exp $ */

+/* $OpenBSD: if_pfsync.c,v 1.89 2008/01/12 17:08:33 mpf Exp $ */

@@ -36,6 +36,7 @@

#include <sys/ioctl.h>

#include <sys/timeout.h>

#include <sys/kernel.h>

+#include <sys/sysctl.h>

#include <net/if.h>

#include <net/if_types.h>

@@ -45,6 +46,7 @@

#include <netinet/if_ether.h>

#include <netinet/tcp.h>

#include <netinet/tcp_seq.h>

+#include <sys/pool.h>

#ifdef INET

#include <netinet/in_systm.h>

@@ -124,9 +126,9 @@ pfsync_clone_create(struct if_clone *ifc, int unit)

return (EINVAL);

pfsync_sync_ok = 1;

- if ((pfsyncif = malloc(sizeof(*pfsyncif), M_DEVBUF, M_NOWAIT)) == NULL)

+ if ((pfsyncif = malloc(sizeof(*pfsyncif), M_DEVBUF,

+ M_NOWAIT|M_ZERO)) == NULL)

return (ENOMEM);

- bzero(pfsyncif, sizeof(*pfsyncif));

pfsyncif->sc_mbuf = NULL;

pfsyncif->sc_mbuf_net = NULL;

pfsyncif->sc_mbuf_tdb = NULL;

@@ -140,6 +142,10 @@ pfsync_clone_create(struct if_clone *ifc, int unit)

pfsyncif->sc_ureq_sent = 0;

pfsyncif->sc_bulk_send_next = NULL;

pfsyncif->sc_bulk_terminator = NULL;

+ pfsyncif->sc_imo.imo_membership = (struct in_multi **)malloc(

+ (sizeof(struct in_multi *) * IP_MIN_MEMBERSHIPS), M_IPMOPTS,

+ M_WAITOK|M_ZERO);

+ pfsyncif->sc_imo.imo_max_memberships = IP_MIN_MEMBERSHIPS;

ifp = &pfsyncif->sc_if;

snprintf(ifp->if_xname, sizeof ifp->if_xname, "pfsync%d", unit);

ifp->if_softc = pfsyncif;

@@ -171,10 +177,21 @@ pfsync_clone_create(struct if_clone *ifc, int unit)

int

pfsync_clone_destroy(struct ifnet *ifp)

{

+ struct pfsync_softc *sc = ifp->if_softc;

+ timeout_del(&sc->sc_tmo);

+ timeout_del(&sc->sc_tdb_tmo);

+ timeout_del(&sc->sc_bulk_tmo);

+ timeout_del(&sc->sc_bulkfail_tmo);

+#if NCARP > 0

+ if (!pfsync_sync_ok)

+ carp_group_demote_adj(&sc->sc_if, -1);

+#endif

#if NBPFILTER > 0

bpfdetach(ifp);

#endif

if_detach(ifp);

+ free(pfsyncif->sc_imo.imo_membership, M_IPMOPTS);

free(pfsyncif, M_DEVBUF);

pfsyncif = NULL;

return (0);

@@ -461,9 +478,9 @@ pfsync_input(struct mbuf *m, ...)

sp->direction > PF_OUT ||

(sp->af != AF_INET && sp->af != AF_INET6)) {

if (pf_status.debug >= PF_DEBUG_MISC)

- printf("pfsync_insert: PFSYNC_ACT_INS: "

+ printf("pfsync_input: PFSYNC_ACT_INS: "

"invalid value\n");

- pfsyncstats.pfsyncs_badstate++;

+ pfsyncstats.pfsyncs_badval++;

continue;

}

@@ -495,9 +512,9 @@ pfsync_input(struct mbuf *m, ...)

sp->src.state > PF_TCPS_PROXY_DST ||

sp->dst.state > PF_TCPS_PROXY_DST) {

if (pf_status.debug >= PF_DEBUG_MISC)

- printf("pfsync_insert: PFSYNC_ACT_UPD: "

+ printf("pfsync_input: PFSYNC_ACT_UPD: "

"invalid value\n");

- pfsyncstats.pfsyncs_badstate++;

+ pfsyncstats.pfsyncs_badval++;

continue;

}

@@ -559,7 +576,7 @@ pfsync_input(struct mbuf *m, ...)

: "partial"), sfail,

betoh64(st->id),

ntohl(st->creatorid));

- pfsyncstats.pfsyncs_badstate++;

+ pfsyncstats.pfsyncs_stale++;

if (!(sp->sync_flags & PFSTATE_STALE)) {

/* we have a better state, send it */

@@ -626,10 +643,10 @@ pfsync_input(struct mbuf *m, ...)

up->src.state > PF_TCPS_PROXY_DST ||

up->dst.state > PF_TCPS_PROXY_DST) {

if (pf_status.debug >= PF_DEBUG_MISC)

- printf("pfsync_insert: "

+ printf("pfsync_input: "

"PFSYNC_ACT_UPD_C: "

"invalid value\n");

- pfsyncstats.pfsyncs_badstate++;

+ pfsyncstats.pfsyncs_badval++;

continue;

}

@@ -685,7 +702,7 @@ pfsync_input(struct mbuf *m, ...)

"creatorid: %08x\n", sfail,

betoh64(st->id),

ntohl(st->creatorid));

- pfsyncstats.pfsyncs_badstate++;

+ pfsyncstats.pfsyncs_stale++;

/* we have a better state, send it out */

if ((!stale || update_requested) &&

@@ -1750,3 +1767,22 @@ pfsync_update_tdb(struct tdb *tdb, int output)

return (ret);

}

#endif

+int

+pfsync_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,

+ size_t newlen)

+ /* All sysctl names at this level are terminal. */

+ if (namelen != 1)

+ return (ENOTDIR);

+ switch (name[0]) {

+ case PFSYNCCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &pfsyncstats, sizeof(pfsyncstats)));

+ default:

+ return (ENOPROTOOPT);

+ }