Module Name: src Committed By: tls Date: Sun Aug 10 06:55:09 UTC 2014
Modified Files: src/sys/dist/pf/net [tls-earlyentropy]: pf.c pf_if.c pf_ioctl.c pfvar.h Log Message: Rebase. To generate a diff of this commit: cvs rdiff -u -r1.70 -r1.70.2.1 src/sys/dist/pf/net/pf.c cvs rdiff -u -r1.24 -r1.24.4.1 src/sys/dist/pf/net/pf_if.c cvs rdiff -u -r1.49 -r1.49.2.1 src/sys/dist/pf/net/pf_ioctl.c cvs rdiff -u -r1.21 -r1.21.2.1 src/sys/dist/pf/net/pfvar.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/dist/pf/net/pf.c diff -u src/sys/dist/pf/net/pf.c:1.70 src/sys/dist/pf/net/pf.c:1.70.2.1 --- src/sys/dist/pf/net/pf.c:1.70 Sun Oct 20 21:05:47 2013 +++ src/sys/dist/pf/net/pf.c Sun Aug 10 06:55:09 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: pf.c,v 1.70 2013/10/20 21:05:47 christos Exp $ */ +/* $NetBSD: pf.c,v 1.70.2.1 2014/08/10 06:55:09 tls Exp $ */ /* $OpenBSD: pf.c,v 1.552.2.1 2007/11/27 16:37:57 henning Exp $ */ /* @@ -37,7 +37,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: pf.c,v 1.70 2013/10/20 21:05:47 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pf.c,v 1.70.2.1 2014/08/10 06:55:09 tls Exp $"); #include "pflog.h" @@ -5822,7 +5822,7 @@ pf_test(int dir, struct ifnet *ifp, stru log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, - m, off, h, &pd, &a, &ruleset, &ipintrq); + m, off, h, &pd, &a, &ruleset, NULL); break; } @@ -5852,7 +5852,7 @@ pf_test(int dir, struct ifnet *ifp, stru log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, - m, off, h, &pd, &a, &ruleset, &ipintrq); + m, off, h, &pd, &a, &ruleset, NULL); break; } @@ -5876,7 +5876,7 @@ pf_test(int dir, struct ifnet *ifp, stru log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, - m, off, h, &pd, &a, &ruleset, &ipintrq); + m, off, h, &pd, &a, &ruleset, NULL); break; } @@ -5900,7 +5900,7 @@ pf_test(int dir, struct ifnet *ifp, stru log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, m, off, h, - &pd, &a, &ruleset, &ipintrq); + &pd, &a, &ruleset, NULL); break; } @@ -5963,6 +5963,7 @@ done: #endif /* !__NetBSD__ */ if (log) { +#if NPFLOG > 0 struct pf_rule *lr; if (s != NULL && s->nat_rule.ptr != NULL && @@ -5972,6 +5973,7 @@ done: lr = r; PFLOG_PACKET(kif, h, m, AF_INET, dir, reason, lr, a, ruleset, &pd); +#endif } kif->pfik_bytes[0][dir == PF_OUT][action != PF_PASS] += pd.tot_len; @@ -6241,7 +6243,7 @@ pf_test6(int dir, struct ifnet *ifp, str log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, - m, off, h, &pd, &a, &ruleset, &ip6intrq); + m, off, h, &pd, &a, &ruleset, NULL); break; } @@ -6271,7 +6273,7 @@ pf_test6(int dir, struct ifnet *ifp, str log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, - m, off, h, &pd, &a, &ruleset, &ip6intrq); + m, off, h, &pd, &a, &ruleset, NULL); break; } @@ -6304,7 +6306,7 @@ pf_test6(int dir, struct ifnet *ifp, str log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, - m, off, h, &pd, &a, &ruleset, &ip6intrq); + m, off, h, &pd, &a, &ruleset, NULL); break; } @@ -6319,7 +6321,7 @@ pf_test6(int dir, struct ifnet *ifp, str log = s->log; } else if (s == NULL) action = pf_test_rule(&r, &s, dir, kif, m, off, h, - &pd, &a, &ruleset, &ip6intrq); + &pd, &a, &ruleset, NULL); break; } @@ -6383,6 +6385,7 @@ done: #endif /* !__NetBSD__ */ if (log) { +#if NPFLOG > 0 struct pf_rule *lr; if (s != NULL && s->nat_rule.ptr != NULL && @@ -6392,6 +6395,7 @@ done: lr = r; PFLOG_PACKET(kif, h, m, AF_INET6, dir, reason, lr, a, ruleset, &pd); +#endif } kif->pfik_bytes[1][dir == PF_OUT][action != PF_PASS] += pd.tot_len; @@ -6476,6 +6480,8 @@ int pf_check_congestion(struct ifqueue *ifq) { #ifdef __NetBSD__ + // XXX: not handled anyway + KASSERT(ifq == NULL); return (0); #else if (ifq->ifq_congestion) Index: src/sys/dist/pf/net/pf_if.c diff -u src/sys/dist/pf/net/pf_if.c:1.24 src/sys/dist/pf/net/pf_if.c:1.24.4.1 --- src/sys/dist/pf/net/pf_if.c:1.24 Mon Jul 1 08:32:48 2013 +++ src/sys/dist/pf/net/pf_if.c Sun Aug 10 06:55:09 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: pf_if.c,v 1.24 2013/07/01 08:32:48 skrll Exp $ */ +/* $NetBSD: pf_if.c,v 1.24.4.1 2014/08/10 06:55:09 tls Exp $ */ /* $OpenBSD: pf_if.c,v 1.47 2007/07/13 09:17:48 markus Exp $ */ /* @@ -34,7 +34,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: pf_if.c,v 1.24 2013/07/01 08:32:48 skrll Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pf_if.c,v 1.24.4.1 2014/08/10 06:55:09 tls Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -100,10 +100,6 @@ RB_GENERATE(pfi_ifhead, pfi_kif, pfik_tr void pfi_initialize(void) { -#ifdef __NetBSD__ - int i; -#endif /* __NetBSD__ */ - if (pfi_all != NULL) /* already initialized */ return; @@ -122,14 +118,10 @@ pfi_initialize(void) panic("pfi_kif_get for pfi_all failed"); #ifdef __NetBSD__ - for (i = 0; i < if_indexlim; i++) { - struct ifnet *ifp = ifindex2ifnet[i]; - - if (ifp != NULL) { - pfi_init_groups(ifp); - - pfi_attach_ifnet(ifp); - } + ifnet_t *ifp; + IFNET_FOREACH(ifp) { + pfi_init_groups(ifp); + pfi_attach_ifnet(ifp); } pfil_add_hook(pfil_ifnet_wrapper, NULL, PFIL_IFNET, if_pfil); @@ -142,19 +134,14 @@ void pfi_destroy(void) { struct pfi_kif *p; - int i; + ifnet_t *ifp; pfil_remove_hook(pfil_ifaddr_wrapper, NULL, PFIL_IFADDR, if_pfil); pfil_remove_hook(pfil_ifnet_wrapper, NULL, PFIL_IFNET, if_pfil); - for (i = 0; i < if_indexlim; i++) { - struct ifnet *ifp = ifindex2ifnet[i]; - - if (ifp != NULL) { - pfi_detach_ifnet(ifp); - - pfi_destroy_groups(ifp); - } + IFNET_FOREACH(ifp) { + pfi_detach_ifnet(ifp); + pfi_destroy_groups(ifp); } while ((p = RB_MIN(pfi_ifhead, &pfi_ifs))) { Index: src/sys/dist/pf/net/pf_ioctl.c diff -u src/sys/dist/pf/net/pf_ioctl.c:1.49 src/sys/dist/pf/net/pf_ioctl.c:1.49.2.1 --- src/sys/dist/pf/net/pf_ioctl.c:1.49 Sun Mar 16 05:20:29 2014 +++ src/sys/dist/pf/net/pf_ioctl.c Sun Aug 10 06:55:09 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: pf_ioctl.c,v 1.49 2014/03/16 05:20:29 dholland Exp $ */ +/* $NetBSD: pf_ioctl.c,v 1.49.2.1 2014/08/10 06:55:09 tls Exp $ */ /* $OpenBSD: pf_ioctl.c,v 1.182 2007/06/24 11:17:13 mcbride Exp $ */ /* @@ -37,7 +37,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: pf_ioctl.c,v 1.49 2014/03/16 05:20:29 dholland Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pf_ioctl.c,v 1.49.2.1 2014/08/10 06:55:09 tls Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -179,6 +179,7 @@ const struct cdevsw pf_cdevsw = { .d_poll = nopoll, .d_mmap = nommap, .d_kqfilter = nokqfilter, + .d_discard = nodiscard, .d_flag = D_OTHER }; Index: src/sys/dist/pf/net/pfvar.h diff -u src/sys/dist/pf/net/pfvar.h:1.21 src/sys/dist/pf/net/pfvar.h:1.21.2.1 --- src/sys/dist/pf/net/pfvar.h:1.21 Sun Oct 20 21:05:47 2013 +++ src/sys/dist/pf/net/pfvar.h Sun Aug 10 06:55:09 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: pfvar.h,v 1.21 2013/10/20 21:05:47 christos Exp $ */ +/* $NetBSD: pfvar.h,v 1.21.2.1 2014/08/10 06:55:09 tls Exp $ */ /* $OpenBSD: pfvar.h,v 1.254 2007/07/13 09:17:48 markus Exp $ */ /* @@ -1116,7 +1116,7 @@ struct pf_pdesc { #define PFRES_NORM 4 /* Dropping by normalizer */ #define PFRES_MEMORY 5 /* Dropped due to lacking mem */ #define PFRES_TS 6 /* Bad TCP Timestamp (RFC1323) */ -#define PFRES_CONGEST 7 /* Congestion (of ipintrq) */ +#define PFRES_CONGEST 7 /* Congestion (of IP queue) */ #define PFRES_IPOPTIONS 8 /* IP option */ #define PFRES_PROTCKSUM 9 /* Protocol checksum invalid */ #define PFRES_BADSTATE 10 /* State mismatch */