diff options
Diffstat (limited to 'freebsd/sys/contrib/pf/net/pf_ruleset.c')
| -rw-r--r-- | freebsd/sys/contrib/pf/net/pf_ruleset.c | 94 |
1 files changed, 60 insertions, 34 deletions
diff --git a/freebsd/sys/contrib/pf/net/pf_ruleset.c b/freebsd/sys/contrib/pf/net/pf_ruleset.c index 5e018b48..c7ab6178 100644 --- a/freebsd/sys/contrib/pf/net/pf_ruleset.c +++ b/freebsd/sys/contrib/pf/net/pf_ruleset.c @@ -1,6 +1,6 @@ #include <machine/rtems-bsd-kernel-space.h> -/* $OpenBSD: pf_ruleset.c,v 1.1 2006/10/27 13:56:51 mcbride Exp $ */ +/* $OpenBSD: pf_ruleset.c,v 1.2 2008/12/18 15:31:37 dhill Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -63,48 +63,55 @@ __FBSDID("$FreeBSD$"); #ifdef _KERNEL -# define DPFPRINTF(format, x...) \ - if (pf_status.debug >= PF_DEBUG_NOISY) \ +#ifdef __FreeBSD__ +#define DPFPRINTF(format, x...) \ + if (V_pf_status.debug >= PF_DEBUG_NOISY) \ + printf(format , ##x) +#else +#define DPFPRINTF(format, x...) \ + if (pf_status.debug >= PF_DEBUG_NOISY) \ printf(format , ##x) +#endif #ifdef __FreeBSD__ -#define rs_malloc(x) malloc(x, M_TEMP, M_NOWAIT) +#define rs_malloc(x) malloc(x, M_TEMP, M_NOWAIT|M_ZERO) #else -#define rs_malloc(x) malloc(x, M_TEMP, M_WAITOK) +#define rs_malloc(x) malloc(x, M_TEMP, M_WAITOK|M_CANFAIL|M_ZERO) #endif #define rs_free(x) free(x, M_TEMP) #else /* Userland equivalents so we can lend code to pfctl et al. */ -# include <arpa/inet.h> -# include <errno.h> -# include <stdio.h> -# include <stdlib.h> -# include <string.h> -# define rs_malloc(x) malloc(x) -# define rs_free(x) free(x) - -# ifdef PFDEBUG -# include <sys/stdarg.h> -# define DPFPRINTF(format, x...) fprintf(stderr, format , ##x) -# else -# define DPFPRINTF(format, x...) ((void)0) -# endif /* PFDEBUG */ +#include <arpa/inet.h> +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#define rs_malloc(x) calloc(1, x) +#define rs_free(x) free(x) + +#ifdef PFDEBUG +#include <sys/stdarg.h> +#define DPFPRINTF(format, x...) fprintf(stderr, format , ##x) +#else +#define DPFPRINTF(format, x...) ((void)0) +#endif /* PFDEBUG */ #endif /* _KERNEL */ +#if defined(__FreeBSD__) && !defined(_KERNEL) +#undef V_pf_anchors +#define V_pf_anchors pf_anchors + +#undef pf_main_ruleset +#define pf_main_ruleset pf_main_anchor.ruleset +#endif +#if defined(__FreeBSD__) && defined(_KERNEL) +VNET_DEFINE(struct pf_anchor_global, pf_anchors); +VNET_DEFINE(struct pf_anchor, pf_main_anchor); +#else struct pf_anchor_global pf_anchors; struct pf_anchor pf_main_anchor; - -#ifndef __FreeBSD__ -/* XXX: hum? */ -int pf_get_ruleset_number(u_int8_t); -void pf_init_ruleset(struct pf_ruleset *); -int pf_anchor_setup(struct pf_rule *, - const struct pf_ruleset *, const char *); -int pf_anchor_copyout(const struct pf_ruleset *, - const struct pf_rule *, struct pfioc_rule *); -void pf_anchor_remove(struct pf_rule *); #endif static __inline int pf_anchor_compare(struct pf_anchor *, struct pf_anchor *); @@ -170,9 +177,14 @@ pf_find_anchor(const char *path) struct pf_anchor *key, *found; key = (struct pf_anchor *)rs_malloc(sizeof(*key)); - memset(key, 0, sizeof(*key)); + if (key == NULL) + return (NULL); strlcpy(key->path, path, sizeof(key->path)); +#ifdef __FreeBSD__ + found = RB_FIND(pf_anchor_global, &V_pf_anchors, key); +#else found = RB_FIND(pf_anchor_global, &pf_anchors, key); +#endif rs_free(key); return (found); } @@ -212,7 +224,8 @@ pf_find_or_create_ruleset(const char *path) if (ruleset != NULL) return (ruleset); p = (char *)rs_malloc(MAXPATHLEN); - bzero(p, MAXPATHLEN); + if (p == NULL) + return (NULL); strlcpy(p, path, MAXPATHLEN); while (parent == NULL && (q = strrchr(p, '/')) != NULL) { *q = 0; @@ -244,7 +257,6 @@ pf_find_or_create_ruleset(const char *path) rs_free(p); return (NULL); } - memset(anchor, 0, sizeof(*anchor)); RB_INIT(&anchor->children); strlcpy(anchor->name, q, sizeof(anchor->name)); if (parent != NULL) { @@ -253,7 +265,11 @@ pf_find_or_create_ruleset(const char *path) strlcat(anchor->path, "/", sizeof(anchor->path)); } strlcat(anchor->path, anchor->name, sizeof(anchor->path)); +#ifdef __FreeBSD__ + if ((dup = RB_INSERT(pf_anchor_global, &V_pf_anchors, anchor)) != +#else if ((dup = RB_INSERT(pf_anchor_global, &pf_anchors, anchor)) != +#endif NULL) { printf("pf_find_or_create_ruleset: RB_INSERT1 " "'%s' '%s' collides with '%s' '%s'\n", @@ -270,7 +286,11 @@ pf_find_or_create_ruleset(const char *path) "RB_INSERT2 '%s' '%s' collides with " "'%s' '%s'\n", anchor->path, anchor->name, dup->path, dup->name); +#ifdef __FreeBSD__ + RB_REMOVE(pf_anchor_global, &V_pf_anchors, +#else RB_REMOVE(pf_anchor_global, &pf_anchors, +#endif anchor); rs_free(anchor); rs_free(p); @@ -306,7 +326,11 @@ pf_remove_if_empty_ruleset(struct pf_ruleset *ruleset) !TAILQ_EMPTY(ruleset->rules[i].inactive.ptr) || ruleset->rules[i].inactive.open) return; +#ifdef __FreeBSD__ + RB_REMOVE(pf_anchor_global, &V_pf_anchors, ruleset->anchor); +#else RB_REMOVE(pf_anchor_global, &pf_anchors, ruleset->anchor); +#endif if ((parent = ruleset->anchor->parent) != NULL) RB_REMOVE(pf_anchor_node, &parent->children, ruleset->anchor); @@ -330,7 +354,8 @@ pf_anchor_setup(struct pf_rule *r, const struct pf_ruleset *s, if (!name[0]) return (0); path = (char *)rs_malloc(MAXPATHLEN); - bzero(path, MAXPATHLEN); + if (path == NULL) + return (1); if (name[0] == '/') strlcpy(path, name + 1, MAXPATHLEN); else { @@ -388,7 +413,8 @@ pf_anchor_copyout(const struct pf_ruleset *rs, const struct pf_rule *r, int i; a = (char *)rs_malloc(MAXPATHLEN); - bzero(a, MAXPATHLEN); + if (a == NULL) + return (1); if (rs->anchor == NULL) a[0] = 0; else |