CVS commit: src

Mindaugas Rasiukevicius Sun, 19 May 2013 13:45:42 -0700

Module Name:    src
Committed By:   rmind
Date:           Sun May 19 20:45:34 UTC 2013


Modified Files:
        src/sys/net/npf: npf_ctl.c npf_impl.h npf_tableset.c
        src/usr.sbin/npf/npfctl: npf_build.c npf_parse.y npfctl.c

Log Message:
- Add NPF table flushing functionality.
- Fix line numbering for npfctl debug command.


To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/sys/net/npf/npf_ctl.c
cvs rdiff -u -r1.29 -r1.30 src/sys/net/npf/npf_impl.h
cvs rdiff -u -r1.17 -r1.18 src/sys/net/npf/npf_tableset.c
cvs rdiff -u -r1.23 -r1.24 src/usr.sbin/npf/npfctl/npf_build.c \
    src/usr.sbin/npf/npfctl/npf_parse.y
cvs rdiff -u -r1.36 -r1.37 src/usr.sbin/npf/npfctl/npfctl.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/net/npf/npf_ctl.c
diff -u src/sys/net/npf/npf_ctl.c:1.24 src/sys/net/npf/npf_ctl.c:1.25
--- src/sys/net/npf/npf_ctl.c:1.24	Wed Mar 20 00:29:47 2013
+++ src/sys/net/npf/npf_ctl.c	Sun May 19 20:45:34 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: npf_ctl.c,v 1.24 2013/03/20 00:29:47 christos Exp $	*/
+/*	$NetBSD: npf_ctl.c,v 1.25 2013/05/19 20:45:34 rmind Exp $	*/
 
 /*-
  * Copyright (c) 2009-2013 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_ctl.c,v 1.24 2013/03/20 00:29:47 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_ctl.c,v 1.25 2013/05/19 20:45:34 rmind Exp $");
 
 #include <sys/param.h>
 #include <sys/conf.h>
@@ -813,6 +813,9 @@ npfctl_table(void *data)
 		error = npf_table_list(tblset, nct->nct_tid,
 		    nct->nct_data.buf.buf, nct->nct_data.buf.len);
 		break;
+	case NPF_CMD_TABLE_FLUSH:
+		error = npf_table_flush(tblset, nct->nct_tid);
+		break;
 	default:
 		error = EINVAL;
 		break;

Index: src/sys/net/npf/npf_impl.h
diff -u src/sys/net/npf/npf_impl.h:1.29 src/sys/net/npf/npf_impl.h:1.30
--- src/sys/net/npf/npf_impl.h:1.29	Wed Mar 20 00:29:47 2013
+++ src/sys/net/npf/npf_impl.h	Sun May 19 20:45:34 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: npf_impl.h,v 1.29 2013/03/20 00:29:47 christos Exp $	*/
+/*	$NetBSD: npf_impl.h,v 1.30 2013/05/19 20:45:34 rmind Exp $	*/
 
 /*-
  * Copyright (c) 2009-2013 The NetBSD Foundation, Inc.
@@ -220,6 +220,7 @@ int		npf_table_remove(npf_tableset_t *, 
 int		npf_table_lookup(npf_tableset_t *, u_int,
 		    const int, const npf_addr_t *);
 int		npf_table_list(npf_tableset_t *, u_int, void *, size_t);
+int		npf_table_flush(npf_tableset_t *, u_int);
 
 /* Ruleset interface. */
 npf_ruleset_t *	npf_ruleset_create(size_t);

Index: src/sys/net/npf/npf_tableset.c
diff -u src/sys/net/npf/npf_tableset.c:1.17 src/sys/net/npf/npf_tableset.c:1.18
--- src/sys/net/npf/npf_tableset.c:1.17	Sat Feb  9 03:35:32 2013
+++ src/sys/net/npf/npf_tableset.c	Sun May 19 20:45:34 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: npf_tableset.c,v 1.17 2013/02/09 03:35:32 rmind Exp $	*/
+/*	$NetBSD: npf_tableset.c,v 1.18 2013/05/19 20:45:34 rmind Exp $	*/
 
 /*-
  * Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
@@ -41,7 +41,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_tableset.c,v 1.17 2013/02/09 03:35:32 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_tableset.c,v 1.18 2013/05/19 20:45:34 rmind Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -223,6 +223,19 @@ table_hash_lookup(const npf_table_t *t, 
 }
 
 static void
+table_hash_destroy(npf_table_t *t)
+{
+	for (unsigned n = 0; n <= t->t_hashmask; n++) {
+		npf_tblent_t *ent;
+
+		while ((ent = LIST_FIRST(&t->t_hashl[n])) != NULL) {
+			LIST_REMOVE(ent, te_entry.hashq);
+			pool_cache_put(tblent_cache, ent);
+		}
+	}
+}
+
+static void
 table_tree_destroy(pt_tree_t *tree)
 {
 	npf_tblent_t *ent;
@@ -282,14 +295,7 @@ npf_table_destroy(npf_table_t *t)
 
 	switch (t->t_type) {
 	case NPF_TABLE_HASH:
-		for (unsigned n = 0; n <= t->t_hashmask; n++) {
-			npf_tblent_t *ent;
-
-			while ((ent = LIST_FIRST(&t->t_hashl[n])) != NULL) {
-				LIST_REMOVE(ent, te_entry.hashq);
-				pool_cache_put(tblent_cache, ent);
-			}
-		}
+		table_hash_destroy(t);
 		hashdone(t->t_hashl, HASH_LIST, t->t_hashmask);
 		break;
 	case NPF_TABLE_TREE:
@@ -592,3 +598,34 @@ npf_table_list(npf_tableset_t *tset, u_i
 
 	return error;
 }
+
+/*
+ * npf_table_flush: remove all table entries.
+ */
+int
+npf_table_flush(npf_tableset_t *tset, u_int tid)
+{
+	npf_table_t *t;
+
+	if ((u_int)tid >= NPF_TABLE_SLOTS || (t = tset[tid]) == NULL) {
+		return EINVAL;
+	}
+
+	rw_enter(&t->t_lock, RW_WRITER);
+	switch (t->t_type) {
+	case NPF_TABLE_HASH:
+		table_hash_destroy(t);
+		t->t_nitems = 0;
+		break;
+	case NPF_TABLE_TREE:
+		table_tree_destroy(&t->t_tree[0]);
+		table_tree_destroy(&t->t_tree[1]);
+		t->t_nitems = 0;
+		break;
+	default:
+		KASSERT(false);
+	}
+	rw_exit(&t->t_lock);
+
+	return 0;
+}

Index: src/usr.sbin/npf/npfctl/npf_build.c
diff -u src/usr.sbin/npf/npfctl/npf_build.c:1.23 src/usr.sbin/npf/npfctl/npf_build.c:1.24
--- src/usr.sbin/npf/npfctl/npf_build.c:1.23	Wed Mar 20 00:29:47 2013
+++ src/usr.sbin/npf/npfctl/npf_build.c	Sun May 19 20:45:34 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: npf_build.c,v 1.23 2013/03/20 00:29:47 christos Exp $	*/
+/*	$NetBSD: npf_build.c,v 1.24 2013/05/19 20:45:34 rmind Exp $	*/
 
 /*-
  * Copyright (c) 2011-2013 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: npf_build.c,v 1.23 2013/03/20 00:29:47 christos Exp $");
+__RCSID("$NetBSD: npf_build.c,v 1.24 2013/05/19 20:45:34 rmind Exp $");
 
 #include <sys/types.h>
 #include <sys/ioctl.h>
@@ -384,8 +384,10 @@ npfctl_build_ncode(nl_rule_t *rl, sa_fam
 	 */
 	code = npfctl_ncgen_complete(nc, &len);
 	if (npf_debug) {
+		extern char *yytext;
 		extern int yylineno;
-		printf("RULE AT LINE %d\n", yylineno);
+
+		printf("RULE AT LINE %d\n", yylineno - (int)(*yytext == '\n'));
 		npfctl_ncgen_print(code, len);
 	}
 	assert(code && len > 0);
Index: src/usr.sbin/npf/npfctl/npf_parse.y
diff -u src/usr.sbin/npf/npfctl/npf_parse.y:1.23 src/usr.sbin/npf/npfctl/npf_parse.y:1.24
--- src/usr.sbin/npf/npfctl/npf_parse.y:1.23	Thu May  9 19:12:03 2013
+++ src/usr.sbin/npf/npfctl/npf_parse.y	Sun May 19 20:45:34 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: npf_parse.y,v 1.23 2013/05/09 19:12:03 christos Exp $	*/
+/*	$NetBSD: npf_parse.y,v 1.24 2013/05/19 20:45:34 rmind Exp $	*/
 
 /*-
  * Copyright (c) 2011-2012 The NetBSD Foundation, Inc.
@@ -326,12 +326,13 @@ rproc
 	}
 	;
 
-alg	
+alg
 	: ALG STRING
 	{
 		npfctl_build_alg($2);
 	}
 	;
+
 procs
 	: proc_call SEPLINE procs
 	{
@@ -478,6 +479,7 @@ rule_group
 	| group
 	| ruleset
 	|
+	;
 
 rule
 	: block_or_pass opt_stateful rule_dir opt_final on_ifindex

Index: src/usr.sbin/npf/npfctl/npfctl.c
diff -u src/usr.sbin/npf/npfctl/npfctl.c:1.36 src/usr.sbin/npf/npfctl/npfctl.c:1.37
--- src/usr.sbin/npf/npfctl/npfctl.c:1.36	Mon Mar 18 02:17:49 2013
+++ src/usr.sbin/npf/npfctl/npfctl.c	Sun May 19 20:45:34 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: npfctl.c,v 1.36 2013/03/18 02:17:49 rmind Exp $	*/
+/*	$NetBSD: npfctl.c,v 1.37 2013/05/19 20:45:34 rmind Exp $	*/
 
 /*-
  * Copyright (c) 2009-2013 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: npfctl.c,v 1.36 2013/03/18 02:17:49 rmind Exp $");
+__RCSID("$NetBSD: npfctl.c,v 1.37 2013/05/19 20:45:34 rmind Exp $");
 
 #include <sys/ioctl.h>
 #include <sys/stat.h>
@@ -115,10 +115,7 @@ usage(void)
 	const char *progname = getprogname();
 
 	fprintf(stderr,
-	    "Usage:\t%s start | stop | flush | show | stats\n", 
-	    progname);
-	fprintf(stderr,
-	    "\t%s sess-load | sess-save\n",
+	    "Usage:\t%s start | stop | flush | show | stats\n",
 	    progname);
 	fprintf(stderr,
 	    "\t%s validate | reload [<rule-file>]\n",
@@ -138,6 +135,9 @@ usage(void)
 	fprintf(stderr,
 	    "\t%s table <tid> { list | flush }\n",
 	    progname);
+	fprintf(stderr,
+	    "\t%s sess-load | sess-save\n",
+	    progname);
 	exit(EXIT_FAILURE);
 }
 
@@ -279,6 +279,7 @@ npfctl_table(int fd, int argc, char **ar
 		{ "del",	NPF_CMD_TABLE_REMOVE		},
 		{ "test",	NPF_CMD_TABLE_LOOKUP		},
 		{ "list",	NPF_CMD_TABLE_LIST		},
+		{ "flush",	NPF_CMD_TABLE_FLUSH		},
 		{ NULL,		0				}
 	};
 	npf_ioctl_table_t nct;
@@ -302,17 +303,27 @@ npfctl_table(int fd, int argc, char **ar
 	if (tblops[n].cmd == NULL) {
 		errx(EXIT_FAILURE, "invalid command '%s'", cmd);
 	}
-	if (nct.nct_cmd != NPF_CMD_TABLE_LIST) {
+
+	switch (nct.nct_cmd) {
+	case NPF_CMD_TABLE_LIST:
+	case NPF_CMD_TABLE_FLUSH:
+		break;
+	default:
 		if (argc < 3) {
 			usage();
 		}
 		arg = argv[2];
 	}
+
 again:
-	if (nct.nct_cmd == NPF_CMD_TABLE_LIST) {
+	switch (nct.nct_cmd) {
+	case NPF_CMD_TABLE_LIST:
 		nct.nct_data.buf.buf = ecalloc(1, buflen);
 		nct.nct_data.buf.len = buflen;
-	} else {
+		break;
+	case NPF_CMD_TABLE_FLUSH:
+		break;
+	default:
 		if (!npfctl_parse_cidr(arg, &fam, &alen)) {
 			errx(EXIT_FAILURE, "invalid CIDR '%s'", arg);
 		}

CVS commit: src

Reply via email to