From owner-svn-src-projects@FreeBSD.ORG Sat Aug 23 11:27:50 2014 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3FFF0D26; Sat, 23 Aug 2014 11:27:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2B35A3A3C; Sat, 23 Aug 2014 11:27:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s7NBRogw054941; Sat, 23 Aug 2014 11:27:50 GMT (envelope-from melifaro@FreeBSD.org) Received: (from melifaro@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s7NBRn9n054939; Sat, 23 Aug 2014 11:27:49 GMT (envelope-from melifaro@FreeBSD.org) Message-Id: <201408231127.s7NBRn9n054939@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: melifaro set sender to melifaro@FreeBSD.org using -f From: "Alexander V. Chernikov" Date: Sat, 23 Aug 2014 11:27:49 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r270394 - projects/ipfw/sys/netpfil/ipfw X-SVN-Group: projects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Aug 2014 11:27:50 -0000 Author: melifaro Date: Sat Aug 23 11:27:49 2014 New Revision: 270394 URL: http://svnweb.freebsd.org/changeset/base/270394 Log: * Use OP_ADD/OP_DEL macro instead of plain integers. * ipfw_foreach_table_tentry() to permit listing arbitrary ipfw table using standart format. Modified: projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c projects/ipfw/sys/netpfil/ipfw/ip_fw_table.h Modified: projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c ============================================================================== --- projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c Sat Aug 23 10:58:16 2014 (r270393) +++ projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c Sat Aug 23 11:27:49 2014 (r270394) @@ -107,6 +107,11 @@ static int create_table_internal(struct struct table_algo **pta, uint16_t *pkidx, int ref); static void link_table(struct ip_fw_chain *ch, struct table_config *tc); static void unlink_table(struct ip_fw_chain *ch, struct table_config *tc); +static int find_ref_table(struct ip_fw_chain *ch, struct tid_info *ti, + struct tentry_info *tei, uint32_t count, int op, + struct table_config **ptc, struct table_algo **pta); +#define OP_ADD 1 +#define OP_DEL 0 static int export_tables(struct ip_fw_chain *ch, ipfw_obj_lheader *olh, struct sockopt_data *sd); static void export_table_info(struct ip_fw_chain *ch, struct table_config *tc, @@ -239,7 +244,7 @@ create_table_compat(struct ip_fw_chain * */ static int find_ref_table(struct ip_fw_chain *ch, struct tid_info *ti, - struct tentry_info *tei, uint32_t count, int do_add, + struct tentry_info *tei, uint32_t count, int op, struct table_config **ptc, struct table_algo **pta) { struct namedobj_instance *ni; @@ -265,7 +270,7 @@ find_ref_table(struct ip_fw_chain *ch, s } /* Try to exit early on limit hit */ - if (do_add != 0 && count == 1 && + if (op == OP_ADD && count == 1 && check_table_limit(tc, tei) != 0) { IPFW_UH_WUNLOCK(ch); return (EFBIG); @@ -278,7 +283,7 @@ find_ref_table(struct ip_fw_chain *ch, s IPFW_UH_WUNLOCK(ch); if (tc == NULL) { - if (do_add == 0) + if (op == OP_DEL) return (ESRCH); /* Compability mode: create new table for old clients */ @@ -354,7 +359,7 @@ rollback_added_entries(struct ip_fw_chai */ static int prepare_batch_buffer(struct ip_fw_chain *ch, struct table_algo *ta, - struct tentry_info *tei, uint32_t count, int do_add, caddr_t *ta_buf) + struct tentry_info *tei, uint32_t count, int op, caddr_t *ta_buf) { caddr_t ta_buf_m, v; size_t ta_buf_sz, sz; @@ -378,14 +383,14 @@ prepare_batch_buffer(struct ip_fw_chain * if we need to rollback all changes) */ sz = count * ta_buf_sz; - ta_buf_m = malloc((do_add != 0) ? sz * 2 : sz, M_TEMP, + ta_buf_m = malloc((op == OP_ADD) ? sz * 2 : sz, M_TEMP, M_WAITOK | M_ZERO); } v = ta_buf_m; for (i = 0; i < count; i++, v += ta_buf_sz) { ptei = &tei[i]; - error = (do_add != 0) ? + error = (op == OP_ADD) ? ta->prepare_add(ch, ptei, v) : ta->prepare_del(ch, ptei, v); /* @@ -460,14 +465,15 @@ add_table_entry(struct ip_fw_chain *ch, /* * Find and reference existing table. */ - if ((error = find_ref_table(ch, ti, tei, count, 1, &tc, &ta)) != 0) + error = find_ref_table(ch, ti, tei, count, OP_ADD, &tc, &ta); + if (error != 0) return (error); /* Allocate memory and prepare record(s) */ rollback = 0; /* Pass stack buffer by default */ ta_buf_m = ta_buf; - error = prepare_batch_buffer(ch, ta, tei, count, 1, &ta_buf_m); + error = prepare_batch_buffer(ch, ta, tei, count, OP_ADD, &ta_buf_m); if (error != 0) goto cleanup; @@ -579,13 +585,14 @@ del_table_entry(struct ip_fw_chain *ch, /* * Find and reference existing table. */ - if ((error = find_ref_table(ch, ti, tei, count, 0, &tc, &ta)) != 0) + error = find_ref_table(ch, ti, tei, count, OP_DEL, &tc, &ta); + if (error != 0) return (error); /* Allocate memory and prepare record(s) */ /* Pass stack buffer by default */ ta_buf_m = ta_buf; - error = prepare_batch_buffer(ch, ta, tei, count, 0, &ta_buf_m); + error = prepare_batch_buffer(ch, ta, tei, count, OP_DEL, &ta_buf_m); if (error != 0) goto cleanup; @@ -1892,8 +1899,10 @@ struct dump_args { uint32_t cnt; uint16_t uidx; int error; - ipfw_table_entry *ent; uint32_t size; + ipfw_table_entry *ent; + ta_foreach_f *f; + void *farg; ipfw_obj_tentry tent; }; @@ -2357,6 +2366,65 @@ dump_table_xentry(void *e, void *arg) } /* + * Helper function to export table algo data + * to tentry format before calling user function. + * + * Returns 0 on success. + */ +static int +prepare_table_tentry(void *e, void *arg) +{ + struct dump_args *da; + struct table_config *tc; + struct table_algo *ta; + int error; + + da = (struct dump_args *)arg; + + tc = da->tc; + ta = tc->ta; + + error = ta->dump_tentry(tc->astate, da->ti, e, &da->tent); + if (error != 0) + return (error); + + da->f(&da->tent, da->farg); + + return (0); +} + +/* + * Allow external consumers to read table entries in standard format. + */ +int +ipfw_foreach_table_tentry(struct ip_fw_chain *ch, uint16_t kidx, + ta_foreach_f *f, void *arg) +{ + struct namedobj_instance *ni; + struct table_config *tc; + struct table_algo *ta; + struct dump_args da; + + ni = CHAIN_TO_NI(ch); + + tc = (struct table_config *)ipfw_objhash_lookup_kidx(ni, kidx); + if (tc == NULL) + return (ESRCH); + + ta = tc->ta; + + memset(&da, 0, sizeof(da)); + da.ti = KIDX_TO_TI(ch, tc->no.kidx); + da.tc = tc; + da.f = f; + da.farg = arg; + + ta->foreach(tc->astate, da.ti, prepare_table_tentry, &da); + + return (0); +} + +/* * Table algorithms */ Modified: projects/ipfw/sys/netpfil/ipfw/ip_fw_table.h ============================================================================== --- projects/ipfw/sys/netpfil/ipfw/ip_fw_table.h Sat Aug 23 10:58:16 2014 (r270393) +++ projects/ipfw/sys/netpfil/ipfw/ip_fw_table.h Sat Aug 23 11:27:49 2014 (r270394) @@ -188,6 +188,8 @@ int ipfw_move_tables_sets(struct ip_fw_c uint32_t new_set); void ipfw_swap_tables_sets(struct ip_fw_chain *ch, uint32_t old_set, uint32_t new_set, int mv); +int ipfw_foreach_table_tentry(struct ip_fw_chain *ch, uint16_t kidx, + ta_foreach_f f, void *arg); /* Legacy interfaces */ int ipfw_count_table(struct ip_fw_chain *ch, struct tid_info *ti,