From owner-svn-src-all@FreeBSD.ORG Thu Jun 18 21:21:53 2015 Return-Path: Delivered-To: svn-src-all@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 44EC7D28; Thu, 18 Jun 2015 21:21:53 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 267C37EA; Thu, 18 Jun 2015 21:21:53 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t5ILLrRx051766; Thu, 18 Jun 2015 21:21:53 GMT (envelope-from kp@FreeBSD.org) Received: (from kp@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t5ILLqI1051764; Thu, 18 Jun 2015 21:21:52 GMT (envelope-from kp@FreeBSD.org) Message-Id: <201506182121.t5ILLqI1051764@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: kp set sender to kp@FreeBSD.org using -f From: Kristof Provost Date: Thu, 18 Jun 2015 21:21:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r284579 - in stable/10/sys: net netpfil/pf X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2015 21:21:53 -0000 Author: kp Date: Thu Jun 18 21:21:52 2015 New Revision: 284579 URL: https://svnweb.freebsd.org/changeset/base/284579 Log: Merge r278874, r278925, r278868 - Improve INET/INET6 scope. - style(9) declarations. - Make couple of local functions static. - Even more fixes to !INET and !INET6 kernels. In collaboration with pluknet - Toss declarations to fix regular build and NO_INET6 build. Differential Revision: https://reviews.freebsd.org/D2823 Reviewed by: gnn Modified: stable/10/sys/net/pfvar.h stable/10/sys/netpfil/pf/pf_norm.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/net/pfvar.h ============================================================================== --- stable/10/sys/net/pfvar.h Thu Jun 18 21:18:43 2015 (r284578) +++ stable/10/sys/net/pfvar.h Thu Jun 18 21:21:52 2015 (r284579) @@ -1566,14 +1566,18 @@ void pf_free_rule(struct pf_rule *); #ifdef INET int pf_test(int, struct ifnet *, struct mbuf **, struct inpcb *); +int pf_normalize_ip(struct mbuf **, int, struct pfi_kif *, u_short *, + struct pf_pdesc *); #endif /* INET */ #ifdef INET6 int pf_test6(int, struct ifnet *, struct mbuf **, struct inpcb *); +int pf_normalize_ip6(struct mbuf **, int, struct pfi_kif *, u_short *, + struct pf_pdesc *); void pf_poolmask(struct pf_addr *, struct pf_addr*, struct pf_addr *, struct pf_addr *, u_int8_t); void pf_addr_inc(struct pf_addr *, sa_family_t); -int pf_refragment6(struct ifnet *ifp, struct mbuf **m0, struct m_tag *mtag); +int pf_refragment6(struct ifnet *, struct mbuf **, struct m_tag *); #endif /* INET6 */ u_int32_t pf_new_isn(struct pf_state *); @@ -1589,10 +1593,6 @@ int pf_match_port(u_int8_t, u_int16_t, u void pf_normalize_init(void); void pf_normalize_cleanup(void); -int pf_normalize_ip(struct mbuf **, int, struct pfi_kif *, u_short *, - struct pf_pdesc *); -int pf_normalize_ip6(struct mbuf **, int, struct pfi_kif *, u_short *, - struct pf_pdesc *); int pf_normalize_tcp(int, struct pfi_kif *, struct mbuf *, int, int, void *, struct pf_pdesc *); void pf_normalize_tcp_cleanup(struct pf_state *); Modified: stable/10/sys/netpfil/pf/pf_norm.c ============================================================================== --- stable/10/sys/netpfil/pf/pf_norm.c Thu Jun 18 21:18:43 2015 (r284578) +++ stable/10/sys/netpfil/pf/pf_norm.c Thu Jun 18 21:21:52 2015 (r284579) @@ -135,35 +135,30 @@ static int pf_frag_compare(struct pf_f static RB_PROTOTYPE(pf_frag_tree, pf_fragment, fr_entry, pf_frag_compare); static RB_GENERATE(pf_frag_tree, pf_fragment, fr_entry, pf_frag_compare); -/* Private prototypes */ -static void pf_free_fragment(struct pf_fragment *); -static void pf_remove_fragment(struct pf_fragment *); -static int pf_normalize_tcpopt(struct pf_rule *, struct mbuf *, - struct tcphdr *, int, sa_family_t); -#ifdef INET -static void pf_scrub_ip(struct mbuf **, u_int32_t, u_int8_t, - u_int8_t); -static void pf_flush_fragments(void); +static void pf_flush_fragments(void); +static void pf_free_fragment(struct pf_fragment *); +static void pf_remove_fragment(struct pf_fragment *); +static int pf_normalize_tcpopt(struct pf_rule *, struct mbuf *, + struct tcphdr *, int, sa_family_t); +static struct pf_frent *pf_create_fragment(u_short *); static struct pf_fragment *pf_find_fragment(struct pf_fragment_cmp *key, - struct pf_frag_tree *tree); -struct pf_frent *pf_create_fragment(u_short *); -static int pf_reassemble(struct mbuf **, struct ip *, int, - u_short *); -int pf_reassemble6(struct mbuf **, struct ip6_hdr *, - struct ip6_frag *, uint16_t, uint16_t, int, - u_short *); -static struct mbuf *pf_fragcache(struct mbuf **, struct ip*, - struct pf_fragment **, int, int, int *); + struct pf_frag_tree *tree); static struct pf_fragment *pf_fillup_fragment(struct pf_fragment_cmp *, - struct pf_frent *, u_short *); -int pf_isfull_fragment(struct pf_fragment *); -struct mbuf *pf_join_fragment(struct pf_fragment *); - - -#endif /* INET */ + struct pf_frent *, u_short *); +static int pf_isfull_fragment(struct pf_fragment *); +static struct mbuf *pf_join_fragment(struct pf_fragment *); +#ifdef INET +static void pf_scrub_ip(struct mbuf **, uint32_t, uint8_t, uint8_t); +static int pf_reassemble(struct mbuf **, struct ip *, int, u_short *); +static struct mbuf *pf_fragcache(struct mbuf **, struct ip*, + struct pf_fragment **, int, int, int *); +#endif /* INET */ #ifdef INET6 -static void pf_scrub_ip6(struct mbuf **, u_int8_t); -#endif +static int pf_reassemble6(struct mbuf **, struct ip6_hdr *, + struct ip6_frag *, uint16_t, uint16_t, int, u_short *); +static void pf_scrub_ip6(struct mbuf **, uint8_t); +#endif /* INET6 */ + #define DPFPRINTF(x) do { \ if (V_pf_status.debug >= PF_DEBUG_MISC) { \ printf("%s: ", __func__); \ @@ -171,6 +166,7 @@ static void pf_scrub_ip6(struct mbuf * } \ } while(0) +#ifdef INET static void pf_ip2key(struct ip *ip, int dir, struct pf_fragment_cmp *key) { @@ -182,6 +178,7 @@ pf_ip2key(struct ip *ip, int dir, struct key->frc_id = ip->ip_id; key->frc_direction = dir; } +#endif /* INET */ void pf_normalize_init(void) @@ -269,7 +266,6 @@ pf_purge_expired_fragments(void) PF_FRAG_UNLOCK(); } -#ifdef INET /* * Try to flush old fragments to make space for new ones */ @@ -294,7 +290,6 @@ pf_flush_fragments(void) break; } } -#endif /* INET */ /* Frees the fragments and all associated entries */ static void @@ -331,7 +326,6 @@ pf_free_fragment(struct pf_fragment *fra pf_remove_fragment(frag); } -#ifdef INET static struct pf_fragment * pf_find_fragment(struct pf_fragment_cmp *key, struct pf_frag_tree *tree) { @@ -354,10 +348,8 @@ pf_find_fragment(struct pf_fragment_cmp return (frag); } -#endif /* INET */ /* Removes a fragment from the fragment queue and frees the fragment */ - static void pf_remove_fragment(struct pf_fragment *frag) { @@ -375,8 +367,7 @@ pf_remove_fragment(struct pf_fragment *f } } -#ifdef INET -struct pf_frent * +static struct pf_frent * pf_create_fragment(u_short *reason) { struct pf_frent *frent; @@ -539,7 +530,7 @@ drop_fragment: return (NULL); } -int +static int pf_isfull_fragment(struct pf_fragment *frag) { struct pf_frent *frent, *next; @@ -573,7 +564,7 @@ pf_isfull_fragment(struct pf_fragment *f return (1); } -struct mbuf * +static struct mbuf * pf_join_fragment(struct pf_fragment *frag) { struct mbuf *m, *m2; @@ -604,7 +595,7 @@ pf_join_fragment(struct pf_fragment *fra return (m); } -#define FR_IP_OFF(fr) ((ntohs((fr)->fr_ip->ip_off) & IP_OFFMASK) << 3) +#ifdef INET static int pf_reassemble(struct mbuf **m0, struct ip *ip, int dir, u_short *reason) { @@ -669,11 +660,12 @@ pf_reassemble(struct mbuf **m0, struct i DPFPRINTF(("complete: %p(%d)\n", m, ntohs(ip->ip_len))); return (PF_PASS); } +#endif /* INET */ #ifdef INET6 -int +static int pf_reassemble6(struct mbuf **m0, struct ip6_hdr *ip6, struct ip6_frag *fraghdr, - uint16_t hdrlen, uint16_t extoff, int dir, u_short *reason) + uint16_t hdrlen, uint16_t extoff, int dir, u_short *reason) { struct mbuf *m = *m0; struct pf_frent *frent; @@ -793,9 +785,9 @@ fail: /* PF_DROP requires a valid mbuf *m0 in pf_test6(), will free later. */ return (PF_DROP); } +#endif /* INET6 */ -#endif - +#ifdef INET static struct mbuf * pf_fragcache(struct mbuf **m0, struct ip *h, struct pf_fragment **frag, int mff, int drop, int *nomem) @@ -1097,7 +1089,9 @@ pf_fragcache(struct mbuf **m0, struct ip m_freem(m); return (NULL); } +#endif /* INET */ +#ifdef INET6 int pf_refragment6(struct ifnet *ifp, struct mbuf **m0, struct m_tag *mtag) { @@ -1169,7 +1163,9 @@ pf_refragment6(struct ifnet *ifp, struct return (action); } +#endif /* INET6 */ +#ifdef INET int pf_normalize_ip(struct mbuf **m0, int dir, struct pfi_kif *kif, u_short *reason, struct pf_pdesc *pd)