Date: Thu, 12 Jun 2014 09:24:17 GMT From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r269434 - soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw Message-ID: <201406120924.s5C9OH4F056416@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dpl Date: Thu Jun 12 09:24:17 2014 New Revision: 269434 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=269434 Log: Added rule_forward_ip and rule_forward_ip6. Modified: soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h Modified: soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c Thu Jun 12 09:06:05 2014 (r269433) +++ soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c Thu Jun 12 09:24:17 2014 (r269434) @@ -1847,54 +1847,18 @@ break; case O_FORWARD_IP: - if (args->eh) /* not valid on layer2 pkts */ - break; - if (q == NULL || q->rule != f || - dyn_dir == MATCH_FORWARD) { - struct sockaddr_in *sa; - sa = &(((ipfw_insn_sa *)cmd)->sa); - if (sa->sin_addr.s_addr == INADDR_ANY) { - bcopy(sa, &args->hopstore, - sizeof(*sa)); - args->hopstore.sin_addr.s_addr = - htonl(tablearg); - args->next_hop = &args->hopstore; - } else { - args->next_hop = sa; - } - } - retval = IP_FW_PASS; - l = 0; /* exit inner loop */ - done = 1; /* exit outer loop */ + rule_forward_ip(args, q, dyn_dir, cmd, sa, &retval, &l, &done); break; #ifdef INET6 case O_FORWARD_IP6: - if (args->eh) /* not valid on layer2 pkts */ - break; - if (q == NULL || q->rule != f || - dyn_dir == MATCH_FORWARD) { - struct sockaddr_in6 *sin6; - - sin6 = &(((ipfw_insn_sa6 *)cmd)->sa); - args->next_hop6 = sin6; - } - retval = IP_FW_PASS; - l = 0; /* exit inner loop */ - done = 1; /* exit outer loop */ + rule_forward_ip6(args, q, f, cmd, &retval, &l, &done); break; #endif case O_NETGRAPH: case O_NGTEE: - set_match(args, f_pos, chain); - args->rule.info = IP_FW_ARG_TABLEARG(cmd->arg1); - if (V_fw_one_pass) - args->rule.info |= IPFW_ONEPASS; - retval = (cmd->opcode == O_NETGRAPH) ? - IP_FW_NETGRAPH : IP_FW_NGTEE; - l = 0; /* exit inner loop */ - done = 1; /* exit outer loop */ + rule_ngtee(args, f_pos, chain, cmd, &retval, &l, &done); break; case O_SETFIB: { Modified: soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h ============================================================================== --- soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h Thu Jun 12 09:06:05 2014 (r269433) +++ soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h Thu Jun 12 09:24:17 2014 (r269434) @@ -924,13 +924,13 @@ * f_pos, f, l and cmd. * Also clear cmdlen and skip_or */ - for (; f_pos < chain->n_rules - 1 && + for (; (*f_pos) < chain->n_rules - 1 && (V_set_disable & - (1 << chain->map[f_pos]->set)); - f_pos++) + (1 << chain->map[(*f_pos)]->set)); + (*f_pos)++) ; /* Re-enter the inner loop at the skipto rule. */ - f = chain->map[f_pos]; + f = chain->map[(*f_pos)]; *l = f->cmd_len; cmd = f->cmd; *match = 1; @@ -964,21 +964,61 @@ *done = 1; /* exit outer loop */ } +/* XXX typeof q?? */ inline void -rule_forward_ip(args, q, dyn_dir, ipfw_insn *cmd, sa, int *retval, int *l, int *done) +rule_forward_ip(struct ip_fw_args *args, q, int dyn_dir, ipfw_insn *cmd, struct sockaddr_in *sa, int *retval, int *l, int *done) { + if (args->eh) /* not valid on layer2 pkts */ + return; + if (q == NULL || q->rule != f || + dyn_dir == MATCH_FORWARD) { + struct sockaddr_in *sa; + sa = &(((ipfw_insn_sa *)cmd)->sa); + if (sa->sin_addr.s_addr == INADDR_ANY) { + bcopy(sa, &args->hopstore, + sizeof(*sa)); + args->hopstore.sin_addr.s_addr = + htonl(tablearg); + args->next_hop = &args->hopstore; + } else { + args->next_hop = sa; + } + } + *retval = IP_FW_PASS; + *l = 0; /* exit inner loop */ + *done = 1; /* exit outer loop */ } #ifdef INET6 inline void -rule_forward_ip6(args, q, struct ip_fw *f, dun_dir, ipfw_insn *cmd, struct ip_fw_args *args, int *retval, int *l, int *done) +rule_forward_ip6(struct ip_fw_args *args, q, struct ip_fw *f, ipfw_insn *cmd, int *retval, int *l, int *done) { + if (args->eh) /* not valid on layer2 pkts */ + return; + if (q == NULL || q->rule != f || + dyn_dir == MATCH_FORWARD) { + struct sockaddr_in6 *sin6; + + sin6 = &(((ipfw_insn_sa6 *)cmd)->sa); + args->next_hop6 = sin6; + } + *retval = IP_FW_PASS; + *l = 0; /* exit inner loop */ + *done = 1; /* exit outer loop */ } #endif /* INET6 */ inline void -rule_ngtee(args, f_pos, struct ip_fw_chain *chain, ipfw_insn *cmd, V_fw_one_pass, int *retval, int *l, int *done) +rule_ngtee(struct ip_fw_args *args, int f_pos, struct ip_fw_chain *chain, ipfw_insn *cmd, int *retval, int *l, int *done) { + set_match(args, f_pos, chain); + args->rule.info = IP_FW_ARG_TABLEARG(cmd->arg1); + if (V_fw_one_pass) + args->rule.info |= IPFW_ONEPASS; + *retval = (cmd->opcode == O_NETGRAPH) ? + IP_FW_NETGRAPH : IP_FW_NGTEE; + *l = 0; /* exit inner loop */ + *done = 1; /* exit outer loop */ } inline void @@ -992,7 +1032,7 @@ } inline void -rule_nat(int *l, int *done, int *retval, struct ip_fw_args *args, f_pos, struct ip_fw_chain *chain, ipfw_insn *cmd, struct ip_fw_chain *chain) +rule_nat(int *l, int *done, int *retval, struct ip_fw_args *args, int f_pos, struct ip_fw_chain *chain, ipfw_insn *cmd, struct ip_fw_chain *chain) { }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201406120924.s5C9OH4F056416>