Lines Matching refs:softc
160 #define LBUMP(x) softc->x++
161 #define LBUMPD(x, y) do { softc->x.y++; DT(y); } while (0)
604 ipf_main_softc_t *softc = fin->fin_main_soft;
617 ipf_main_softc_t *softc = fin->fin_main_soft;
645 ipf_main_softc_t *softc = fin->fin_main_soft;
776 ipf_main_softc_t *softc = fin->fin_main_soft;
825 ipf_main_softc_t *softc = fin->fin_main_soft;
883 ipf_main_softc_t *softc = fin->fin_main_soft;
911 ipf_main_softc_t *softc = fin->fin_main_soft;
1045 ipf_main_softc_t *softc = fin->fin_main_soft;
1072 ipf_main_softc_t *softc = fin->fin_main_soft;
1101 ipf_main_softc_t *softc = fin->fin_main_soft;
1135 ipf_main_softc_t *softc = fin->fin_main_soft;
1211 ipf_main_softc_t *softc = fin->fin_main_soft;
1269 if (icmp->icmp_nextmtu < softc->ipf_icmpminfragmtu) {
1271 DT3(ipf_fi_bad_icmp_nextmtu, fr_info_t *, fin, u_int, icmp->icmp_nextmtu, u_int, softc->ipf_icmpminfragmtu);
1330 ipf_main_softc_t *softc = fin->fin_main_soft;
1512 ipf_main_softc_t *softc = fin->fin_main_soft;
1585 ipf_main_softc_t *softc = fin->fin_main_soft;
1605 ipf_main_softc_t *softc = fin->fin_main_soft;
1653 ipf_main_softc_t *softc = fin->fin_main_soft;
1936 ipf_main_softc_t *softc = fin->fin_main_soft;
2035 ipf_main_softc_t *softc = fin->fin_main_soft;
2377 ipf_main_softc_t *softc = fin->fin_main_soft;
2599 if (ipf_state_add(softc, fin, NULL, 0) == 0) {
2630 ipf_main_softc_t *softc = fin->fin_main_soft;
2636 fr = softc->ipf_acct[fin->fin_out][softc->ipf_active];
2671 ipf_main_softc_t *softc = fin->fin_main_soft;
2683 fin->fin_fr = softc->ipf_rules[out][softc->ipf_active];
2685 pass = ipf_scanlist(fin, softc->ipf_pass);
2732 pass = ipf_auth_pre_scanlist(softc, fin, pass);
2741 if (ipf_frag_new(softc, fin, pass) == -1) {
2798 ipf_main_softc_t *softc = ctx;
2801 u_32_t pass = softc->ipf_pass;
2825 if (softc->ipf_running <= 0) {
2900 fin->fin_main_soft = softc;
2943 if (softc->ipf_chksrc && !ipf_verifysrc(fin)) {
2947 if (fin->fin_ip->ip_ttl < softc->ipf_minttl) {
2954 if (((ip6_t *)ip)->ip6_hlim < softc->ipf_minttl) {
2966 READ_ENTER(&softc->ipf_mutex);
3017 if (ipf_state_add(softc, fin, NULL, 0) == 0) {
3048 } else if ((softc->ipf_update_ipid != 0) && (v == 4)) {
3072 if ((softc->ipf_flags & FF_LOGGING) || (pass & FR_LOGMASK)) {
3099 RWLOCK_EXIT(&softc->ipf_mutex);
3192 (void) ipf_derefrule(softc, &fr);
3196 RWLOCK_EXIT(&softc->ipf_mutex);
3237 /*if ((pass & FR_CMDMASK) == (softc->ipf_pass & FR_CMDMASK))*/
3283 ipf_main_softc_t *softc = fin->fin_main_soft;
3290 if ((softc->ipf_flags & FF_LOGNOMATCH) && (pass & FR_NOMATCH)) {
3296 (FR_ISPASS(pass) && (softc->ipf_flags & FF_LOGPASS))) {
3303 (FR_ISBLOCK(pass) && (softc->ipf_flags & FF_LOGBLOCK))) {
3476 /* Parameters: softc(I) - pointer to soft context main structure */
3487 ipf_findgroup(ipf_main_softc_t *softc, char *group, minor_t unit, int set,
3496 fgp = &softc->ipf_groups[unit][set];
3514 /* Parameters: softc(I) - pointer to soft context main structure */
3526 ipf_group_add(ipf_main_softc_t *softc, char *group, void *head, u_32_t flags,
3541 fg = ipf_findgroup(softc, group, unit, set, &fgp);
3561 fg->fg_set = &softc->ipf_groups[unit][set];
3571 /* Parameters: softc(I) - pointer to soft context main structure */
3582 ipf_group_del(ipf_main_softc_t *softc, frgroup_t *group, frentry_t *fr)
3619 /* Parameters: softc(I) - pointer to soft context main structure */
3625 ipf_group_flush(ipf_main_softc_t *softc, frgroup_t *group)
3629 (void) ipf_flushlist(softc, &gone, &group->fg_start);
3638 /* Parameters: softc(I) - pointer to soft context main structure */
3648 ipf_getrulen(ipf_main_softc_t *softc, int unit, char *group, u_32_t n)
3653 fg = ipf_findgroup(softc, group, unit, softc->ipf_active, NULL);
3667 /* Parameters: softc(I) - pointer to soft context main structure */
3682 ipf_flushlist(ipf_main_softc_t *softc, int *nfreedp, frentry_t **listp)
3699 freed += ipf_group_flush(softc, fp->fr_grphead);
3704 freed += ipf_group_flush(softc, fp->fr_icmpgrp);
3714 if (ipf_derefrule(softc, &fp) == 0)
3725 /* Parameters: softc(I) - pointer to soft context main structure */
3733 ipf_flush(ipf_main_softc_t *softc, minor_t unit, int flags)
3737 WRITE_ENTER(&softc->ipf_mutex);
3739 set = softc->ipf_active;
3744 ipf_flushlist(softc, &flushed, &softc->ipf_rules[1][set]);
3745 ipf_flushlist(softc, &flushed, &softc->ipf_acct[1][set]);
3748 ipf_flushlist(softc, &flushed, &softc->ipf_rules[0][set]);
3749 ipf_flushlist(softc, &flushed, &softc->ipf_acct[0][set]);
3752 flushed += ipf_flush_groups(softc, &softc->ipf_groups[unit][set],
3755 RWLOCK_EXIT(&softc->ipf_mutex);
3760 tmp = ipf_flush(softc, IPL_LOGCOUNT, flags);
3771 /* Parameters: softc(I) - soft context pointerto work with */
3783 ipf_flush_groups( ipf_main_softc_t *softc, frgroup_t **grhead, int flags)
3806 (void) ipf_derefrule(softc, &fr);
3958 ipf_synclist(ipf_main_softc_t *softc, frentry_t *fr, void *ifp)
3986 fr->fr_ifas[i] = ipf_resolvenic(softc, name, v);
3992 ifa = ipf_resolvenic(softc, fr->fr_names +
3994 ipf_ifpaddr(softc, v, fr->fr_satype, ifa,
3999 ifa = ipf_resolvenic(softc, fr->fr_names +
4001 ipf_ifpaddr(softc, v, fr->fr_datype, ifa,
4008 error = ipf_resolvedest(softc, fr->fr_names, fdp, v);
4015 error = ipf_resolvedest(softc, fr->fr_names, fdp, v);
4022 error = ipf_resolvedest(softc, fr->fr_names, fdp, v);
4029 fr->fr_srcptr = ipf_lookup_res_num(softc,
4037 fr->fr_dstptr = ipf_lookup_res_num(softc,
4050 ipf_lookup_deref(softc, frt->fr_srctype,
4054 ipf_lookup_deref(softc, frt->fr_dsttype,
4072 ipf_sync(ipf_main_softc_t *softc, void *ifp)
4077 ipf_nat_sync(softc, ifp);
4078 ipf_state_sync(softc, ifp);
4079 ipf_lookup_sync(softc, ifp);
4082 WRITE_ENTER(&softc->ipf_mutex);
4083 (void) ipf_synclist(softc, softc->ipf_acct[0][softc->ipf_active], ifp);
4084 (void) ipf_synclist(softc, softc->ipf_acct[1][softc->ipf_active], ifp);
4085 (void) ipf_synclist(softc, softc->ipf_rules[0][softc->ipf_active], ifp);
4086 (void) ipf_synclist(softc, softc->ipf_rules[1][softc->ipf_active], ifp);
4091 for (g = softc->ipf_groups[i][0]; g != NULL; g = g->fg_next)
4092 (void) ipf_synclist(softc, g->fg_start, ifp);
4093 for (g = softc->ipf_groups[i][1]; g != NULL; g = g->fg_next)
4094 (void) ipf_synclist(softc, g->fg_start, ifp);
4096 RWLOCK_EXIT(&softc->ipf_mutex);
4119 copyinptr(ipf_main_softc_t *softc, void *src, void *dst, size_t size)
4152 copyoutptr(ipf_main_softc_t *softc, void *src, void *dst, size_t size)
4197 /* Parameters: softc(I) - pointer to soft context main structure */
4210 ipf_getstat(ipf_main_softc_t *softc, friostat_t *fiop, int rev)
4214 bcopy((char *)softc->ipf_stats, (char *)fiop->f_st,
4221 fiop->f_ipf[0][0] = softc->ipf_rules[0][0];
4222 fiop->f_acct[0][0] = softc->ipf_acct[0][0];
4223 fiop->f_ipf[0][1] = softc->ipf_rules[0][1];
4224 fiop->f_acct[0][1] = softc->ipf_acct[0][1];
4225 fiop->f_ipf[1][0] = softc->ipf_rules[1][0];
4226 fiop->f_acct[1][0] = softc->ipf_acct[1][0];
4227 fiop->f_ipf[1][1] = softc->ipf_rules[1][1];
4228 fiop->f_acct[1][1] = softc->ipf_acct[1][1];
4230 fiop->f_ticks = softc->ipf_ticks;
4231 fiop->f_active = softc->ipf_active;
4232 fiop->f_froute[0] = softc->ipf_frouteok[0];
4233 fiop->f_froute[1] = softc->ipf_frouteok[1];
4234 fiop->f_rb_no_mem = softc->ipf_rb_no_mem;
4235 fiop->f_rb_node_max = softc->ipf_rb_node_max;
4237 fiop->f_running = softc->ipf_running;
4239 fiop->f_groups[i][0] = softc->ipf_groups[i][0];
4240 fiop->f_groups[i][1] = softc->ipf_groups[i][1];
4243 fiop->f_log_ok = ipf_log_logok(softc, IPL_LOGIPF);
4244 fiop->f_log_fail = ipf_log_failures(softc, IPL_LOGIPF);
4251 fiop->f_defpass = softc->ipf_pass;
4410 frrequest(ipf_main_softc_t *softc, int unit, ioctlcmd_t req, void *data,
4425 error = ipf_inobj(softc, data, NULL, fp, IPFOBJ_FRENTRY);
4439 error = ipf_inobjsz(softc, data, f, IPFOBJ_FRENTRY,
4519 error = ipf_funcinit(softc, fp);
4582 fg = ipf_group_add(softc, group, NULL,
4591 fg = ipf_findgroup(softc, group, unit,
4636 fprev = ipf_auth_rulehead(softc);
4639 fprev = &softc->ipf_acct[in][set];
4641 fprev = &softc->ipf_rules[in][set];
4748 fp->fr_srcptr = ipf_findlookup(softc, unit, fp,
4780 fp->fr_dstptr = ipf_findlookup(softc, unit, fp,
4846 error = ipf_synclist(softc, fp, NULL);
4867 WRITE_ENTER(&softc->ipf_mutex);
4906 /* MUTEX_DOWNGRADE(&softc->ipf_mutex); */
4913 error = ipf_outobj(softc, data, fp, IPFOBJ_FRENTRY);
4937 RWLOCK_EXIT(&softc->ipf_mutex);
5017 error = ipf_auth_precmd(softc, req, f, ftail);
5021 ipf_rule_delete(softc, f, unit, set);
5035 error = ipf_auth_precmd(softc, req, fp, ftail);
5042 ipf_rule_expire_insert(softc, fp, set);
5058 fg = ipf_group_add(softc, group, fp, 0, unit, set);
5065 fg = ipf_group_add(softc, group, fp, fp->fr_flags,
5071 RWLOCK_EXIT(&softc->ipf_mutex);
5077 ipf_lookup_deref(softc, fp->fr_srctype,
5081 ipf_lookup_deref(softc, fp->fr_dsttype,
5085 WRITE_ENTER(&softc->ipf_mutex);
5086 ipf_group_del(softc, fp->fr_grp, fp);
5087 RWLOCK_EXIT(&softc->ipf_mutex);
5101 /* Parameters: softc(I) - pointer to soft context main structure */
5113 ipf_rule_delete(ipf_main_softc_t *softc, frentry_t *f, int unit, int set)
5136 (void) ipf_derefrule(softc, &f);
5142 /* Parameters: softc(I) - pointer to soft context main structure */
5152 ipf_rule_expire_insert(ipf_main_softc_t *softc, frentry_t *f, int set)
5159 f->fr_die = softc->ipf_ticks + IPF_TTLVAL(f->fr_die);
5160 for (fr = softc->ipf_rule_explist[set]; fr != NULL;
5177 if (softc->ipf_rule_explist[set] == NULL) {
5178 softc->ipf_rule_explist[set] = f;
5179 f->fr_pdnext = &softc->ipf_rule_explist[set];
5191 /* Parameters: softc(I) - pointer to soft context main structure */
5204 ipf_findlookup(ipf_main_softc_t *softc, int unit, frentry_t *fr,
5212 ptr = ipf_lookup_res_num(softc, unit, addrp->iplookuptype,
5221 ptr = ipf_lookup_res_name(softc, unit, addrp->iplookuptype,
5236 /* Parameters: softc(I) - pointer to soft context main structure */
5243 ipf_funcinit(ipf_main_softc_t *softc, frentry_t *fr)
5255 err = (*ft->ipfu_init)(softc, fr);
5265 /* Parameters: softc(I) - pointer to soft context main structure */
5273 ipf_funcfini(ipf_main_softc_t *softc, frentry_t *fr)
5280 (void) (*ft->ipfu_fini)(softc, fr);
5316 ipf_resolvefunc(ipf_main_softc_t *softc, void *data)
5419 ipf_derefrule(ipf_main_softc_t *softc, frentry_t **frp)
5433 ipf_funcfini(softc, fr);
5437 ipf_lookup_deref(softc, IPLT_DSTLIST, fdp->fd_ptr);
5441 ipf_lookup_deref(softc, IPLT_DSTLIST, fdp->fd_ptr);
5445 ipf_lookup_deref(softc, IPLT_DSTLIST, fdp->fd_ptr);
5449 ipf_lookup_deref(softc, fr->fr_srctype, fr->fr_srcptr);
5452 ipf_lookup_deref(softc, fr->fr_dsttype, fr->fr_dstptr);
5455 ipf_group_del(softc, fr->fr_grp, fr);
5458 ipf_group_del(softc, fr->fr_grphead, fr);
5461 ipf_group_del(softc, fr->fr_icmpgrp, fr);
5487 ipf_grpmapinit(ipf_main_softc_t *softc, frentry_t *fr)
5493 iph = ipf_lookup_find_htable(softc, IPL_LOGIPF, name);
5511 /* Parameters: softc(I) - pointer to soft context main structure */
5518 ipf_grpmapfini(ipf_main_softc_t *softc, frentry_t *fr)
5523 ipf_lookup_deref(softc, IPLT_HASH, iph);
5613 ipf_addtimeoutqueue(ipf_main_softc_t *softc, ipftq_t **parent, u_int seconds)
5620 MUTEX_ENTER(&softc->ipf_timeoutlock);
5631 MUTEX_EXIT(&softc->ipf_timeoutlock);
5646 softc->ipf_userifqs++;
5648 MUTEX_EXIT(&softc->ipf_timeoutlock);
5695 ipf_freetimeoutqueue(ipf_main_softc_t *softc, ipftq_t *ifq)
5716 ATOMIC_DEC(softc->ipf_userifqs);
6057 ipf_ioctlswitch(ipf_main_softc_t *softc, int unit, void *data, ioctlcmd_t cmd,
6065 error = BCOPYOUT(&softc->ipf_interror, data,
6066 sizeof(softc->ipf_interror));
6079 error = ipf_ipf_ioctl(softc, data, cmd, mode, uid, ctx);
6082 if (softc->ipf_running > 0) {
6083 error = ipf_nat_ioctl(softc, data, cmd, mode,
6091 if (softc->ipf_running > 0) {
6092 error = ipf_state_ioctl(softc, data, cmd, mode,
6100 if (softc->ipf_running > 0) {
6101 error = ipf_auth_ioctl(softc, data, cmd, mode,
6109 if (softc->ipf_running > 0) {
6110 error = ipf_sync_ioctl(softc, data, cmd, mode,
6119 if (softc->ipf_running > 0)
6120 error = ipf_scan_ioctl(softc, data, cmd, mode,
6130 if (softc->ipf_running > 0) {
6131 error = ipf_lookup_ioctl(softc, data, cmd, mode,
6186 /* Parameters: softc(I) - soft context pointerto work with */
6200 ipf_inobj(ipf_main_softc_t *softc, void *data, ipfobj_t *objp, void *ptr,
6245 error = ipf_in_compat(softc, objp, ptr, 0);
6258 /* Parameters: softc(I) - soft context pointerto work with */
6271 ipf_inobjsz(ipf_main_softc_t *softc, void *data, void *ptr, int type, int sz)
6305 error = ipf_in_compat(softc, &obj, ptr, sz);
6330 ipf_outobjsz(ipf_main_softc_t *softc, void *data, void *ptr, int type, int sz)
6364 error = ipf_out_compat(softc, &obj, ptr);
6386 ipf_outobj(ipf_main_softc_t *softc, void *data, void *ptr, int type)
6425 error = ipf_out_compat(softc, &obj, ptr);
6449 ipf_outobjk(ipf_main_softc_t *softc, ipfobj_t *obj, void *ptr)
6478 error = ipf_out_compat(softc, obj, ptr);
6726 ipf_main_softc_t *softc = fin->fin_main_soft;
6845 ipf_tune_add_array(ipf_main_softc_t *softc, ipftuneable_t *newtune)
6851 error = ipf_tune_add(softc, nt);
6854 (void) ipf_tune_del(softc, dt);
6866 /* Parameters: softc(I) - soft context pointerto work with */
6870 /* tuneables for this context (softc->ipf_tuners.) To properly prepare the */
6878 ipf_tune_array_link(ipf_main_softc_t *softc, ipftuneable_t *array)
6894 for (p = &softc->ipf_tuners; (t = *p) != NULL; p = &t->ipft_next)
6906 /* Parameters: softc(I) - soft context pointerto work with */
6911 ipf_tune_array_unlink(ipf_main_softc_t *softc, ipftuneable_t *array)
6915 for (p = &softc->ipf_tuners; (t = *p) != NULL; p = &t->ipft_next)
6980 ipf_tune_add(ipf_main_softc_t *softc, ipftuneable_t *newtune)
6984 ta = ipf_tune_findbyname(softc->ipf_tuners, newtune->ipft_name);
6990 for (tap = &softc->ipf_tuners; *tap != NULL; tap = &(*tap)->ipft_next)
7010 ipf_tune_del(ipf_main_softc_t *softc, ipftuneable_t *oldtune)
7015 for (tap = &softc->ipf_tuners; (ta = *tap) != NULL;
7044 ipf_tune_del_array(ipf_main_softc_t *softc, ipftuneable_t *oldtune)
7050 error = ipf_tune_del(softc, ot);
7074 ipf_ipftune(ipf_main_softc_t *softc, ioctlcmd_t cmd, void *data)
7081 error = ipf_inobj(softc, data, NULL, &tu, IPFOBJ_TUNEABLE);
7102 ta = ipf_tune_findbycookie(&softc->ipf_tuners,
7105 ta = softc->ipf_tuners;
7136 error = ipf_outobj(softc, data, &tu, IPFOBJ_TUNEABLE);
7148 ta = ipf_tune_findbycookie(&softc->ipf_tuners,
7153 ta = ipf_tune_findbyname(softc->ipf_tuners,
7179 error = ipf_outobj(softc, data, &tu, IPFOBJ_TUNEABLE);
7190 (softc->ipf_running > 0)) {
7207 error = (*ta->ipft_func)(softc, ta,
7227 error = ipf_outobj(softc, data, &tu, IPFOBJ_TUNEABLE);
7251 ipf_zerostats(ipf_main_softc_t *softc, void *data)
7257 error = ipf_inobj(softc, data, &obj, &fio, IPFOBJ_IPFSTAT);
7260 ipf_getstat(softc, &fio, obj.ipfo_rev);
7261 error = ipf_outobj(softc, data, &fio, IPFOBJ_IPFSTAT);
7265 WRITE_ENTER(&softc->ipf_mutex);
7266 bzero(&softc->ipf_stats, sizeof(softc->ipf_stats));
7267 RWLOCK_EXIT(&softc->ipf_mutex);
7276 /* Parameters: softc(I) - pointer to soft context main structure */
7288 ipf_resolvedest(ipf_main_softc_t *softc, char *base, frdest_t *fdp, int v)
7297 ifp = ipf_lookup_res_name(softc, IPL_LOGIPF,
7319 /* Parameters: softc(I)- pointer to soft context main structure */
7330 ipf_resolvenic(ipf_main_softc_t *softc, char *name, int v)
7334 softc = softc; /* gcc -Wextra */
7352 /* Parameters: softc(I) - pointer to soft context main structure */
7358 ipf_token_expire(ipf_main_softc_t *softc)
7362 WRITE_ENTER(&softc->ipf_tokens);
7363 while ((it = softc->ipf_token_head) != NULL) {
7364 if (it->ipt_die > softc->ipf_ticks)
7367 ipf_token_deref(softc, it);
7369 RWLOCK_EXIT(&softc->ipf_tokens);
7376 /* Parameters: softc(I) - pointer to soft context main structure */
7385 ipf_token_flush(ipf_main_softc_t *softc)
7389 WRITE_ENTER(&softc->ipf_tokens);
7390 for (it = softc->ipf_token_head; it != NULL; it = next) {
7392 (void) ipf_token_deref(softc, it);
7394 RWLOCK_EXIT(&softc->ipf_tokens);
7401 /* Parameters: softc(I)- pointer to soft context main structure */
7414 ipf_token_del(ipf_main_softc_t *softc, int type, int uid, void *ptr)
7422 WRITE_ENTER(&softc->ipf_tokens);
7423 for (it = softc->ipf_token_head; it != NULL; it = it->ipt_next) {
7427 ipf_token_deref(softc, it);
7432 RWLOCK_EXIT(&softc->ipf_tokens);
7456 /* Parameters: softc(I)- pointer to soft context main structure */
7467 ipf_token_find(ipf_main_softc_t *softc, int type, int uid, void *ptr)
7475 WRITE_ENTER(&softc->ipf_tokens);
7476 for (it = softc->ipf_token_head; it != NULL; it = it->ipt_next) {
7486 RWLOCK_EXIT(&softc->ipf_tokens);
7502 ipf_token_unlink(softc, it);
7506 it->ipt_pnext = softc->ipf_token_tail;
7507 *softc->ipf_token_tail = it;
7508 softc->ipf_token_tail = &it->ipt_next;
7512 it->ipt_die = softc->ipf_ticks + 20;
7515 RWLOCK_EXIT(&softc->ipf_tokens);
7524 /* Parameters: softc(I) - pointer to soft context main structure */
7533 ipf_token_unlink(ipf_main_softc_t *softc, ipftoken_t *token)
7536 if (softc->ipf_token_tail == &token->ipt_next)
7537 softc->ipf_token_tail = token->ipt_pnext;
7550 /* Parameters: softc(I) - pointer to soft context main structure */
7559 ipf_token_deref(ipf_main_softc_t *softc, ipftoken_t *token)
7575 (void) ipf_derefrule(softc, (frentry_t **)datap);
7578 WRITE_ENTER(&softc->ipf_nat);
7579 ipf_nat_rule_deref(softc, (ipnat_t **)datap);
7580 RWLOCK_EXIT(&softc->ipf_nat);
7583 ipf_nat_deref(softc, (nat_t **)datap);
7586 ipf_state_deref(softc, (ipstate_t **)datap);
7589 ipf_frag_pkt_deref(softc, (ipfr_t **)datap);
7592 ipf_frag_nat_deref(softc, (ipfr_t **)datap);
7595 WRITE_ENTER(&softc->ipf_nat);
7596 ipf_nat_hostmapdel(softc, (hostmap_t **)datap);
7597 RWLOCK_EXIT(&softc->ipf_nat);
7600 ipf_lookup_iterderef(softc, token->ipt_type, data);
7605 ipf_token_unlink(softc, token);
7614 /* Parameters: softc(I) - pointer to soft context main structure */
7624 ipf_nextrule(ipf_main_softc_t *softc, int active, int unit,
7631 fg = ipf_findgroup(softc, fr->fr_names + fr->fr_group,
7636 fg = softc->ipf_groups[unit][active];
7660 /* Parameters: softc(I)- pointer to soft context main structure */
7673 ipf_getnextrule(ipf_main_softc_t *softc, ipftoken_t *t, void *ptr)
7689 error = ipf_inobj(softc, ptr, &obj, &it, IPFOBJ_IPFITER);
7721 READ_ENTER(&softc->ipf_mutex);
7725 next = softc->ipf_acct[out][it.iri_active];
7727 next = softc->ipf_rules[out][it.iri_active];
7730 next = ipf_nextrule(softc, it.iri_active,
7733 fg = ipf_findgroup(softc, it.iri_group, unit,
7743 next = ipf_nextrule(softc, it.iri_active, unit,
7749 else if (ipf_nextrule(softc, it.iri_active, unit, next, out) != NULL)
7755 (void) ipf_derefrule(softc, &fr);
7776 RWLOCK_EXIT(&softc->ipf_mutex);
7779 error = ipf_outobjk(softc, &obj, next);
7792 error = ipf_outobjk(softc, &dobj, next->fr_data);
7797 (void) ipf_derefrule(softc, &fr);
7806 /* Parameters: softc(I)- pointer to soft context main structure */
7816 ipf_frruleiter(ipf_main_softc_t *softc, void *data, int uid, void *ctx)
7823 token = ipf_token_find(softc, IPFGENITER_IPF, uid, ctx);
7825 error = ipf_getnextrule(softc, token, data);
7826 WRITE_ENTER(&softc->ipf_tokens);
7827 ipf_token_deref(softc, token);
7828 RWLOCK_EXIT(&softc->ipf_tokens);
7830 error = ipf_inobj(softc, data, &obj, &it, IPFOBJ_IPFITER);
7834 error = ipf_outobj(softc, data, &it, IPFOBJ_IPFITER);
7844 /* Parameters: softc(I) - pointer to soft context main structure */
7852 ipf_geniter(ipf_main_softc_t *softc, ipftoken_t *token, ipfgeniter_t *itp)
7859 error = ipf_frag_pkt_next(softc, token, itp);
7874 /* Parameters: softc(I)- pointer to soft context main structure */
7882 ipf_genericiter(ipf_main_softc_t *softc, void *data, int uid, void *ctx)
7888 error = ipf_inobj(softc, data, NULL, &iter, IPFOBJ_GENITER);
7892 token = ipf_token_find(softc, iter.igi_type, uid, ctx);
7895 error = ipf_geniter(softc, token, &iter);
7896 WRITE_ENTER(&softc->ipf_tokens);
7897 ipf_token_deref(softc, token);
7898 RWLOCK_EXIT(&softc->ipf_tokens);
7911 /* Parameters: softc(I)- pointer to soft context main structure */
7922 ipf_ipf_ioctl(ipf_main_softc_t *softc, void *data, ioctlcmd_t cmd, int mode,
7944 WRITE_ENTER(&softc->ipf_global);
7946 if (softc->ipf_running > 0)
7949 error = ipfattach(softc);
7951 softc->ipf_running = 1;
7953 (void) ipfdetach(softc);
7955 if (softc->ipf_running == 1)
7956 error = ipfdetach(softc);
7960 softc->ipf_running = -1;
7962 RWLOCK_EXIT(&softc->ipf_global);
7975 error = ipf_ipftune(softc, cmd, (void *)data);
7983 error = BCOPYIN(data, &softc->ipf_flags,
7984 sizeof(softc->ipf_flags));
7993 error = BCOPYOUT(&softc->ipf_flags, data,
7994 sizeof(softc->ipf_flags));
8002 error = ipf_resolvefunc(softc, (void *)data);
8013 error = frrequest(softc, IPL_LOGIPF, cmd, data,
8014 softc->ipf_active, 1);
8025 error = frrequest(softc, IPL_LOGIPF, cmd, data,
8026 1 - softc->ipf_active, 1);
8035 WRITE_ENTER(&softc->ipf_mutex);
8036 error = BCOPYOUT(&softc->ipf_active, data,
8037 sizeof(softc->ipf_active));
8042 softc->ipf_active = 1 - softc->ipf_active;
8044 RWLOCK_EXIT(&softc->ipf_mutex);
8049 error = ipf_inobj(softc, (void *)data, &obj, &fio,
8053 ipf_getstat(softc, &fio, obj.ipfo_rev);
8054 error = ipf_outobj(softc, (void *)data, &fio, IPFOBJ_IPFSTAT);
8062 error = ipf_zerostats(softc, data);
8072 tmp = ipf_flush(softc, IPL_LOGIPF, tmp);
8093 tmp = ipf_flush(softc, IPL_LOGIPF, tmp);
8114 ipf_state_setlock(softc->ipf_state_soft, tmp);
8115 ipf_nat_setlock(softc->ipf_nat_soft, tmp);
8116 ipf_frag_setlock(softc->ipf_frag_soft, tmp);
8117 ipf_auth_setlock(softc->ipf_auth_soft, tmp);
8131 tmp = ipf_log_clear(softc, IPL_LOGIPF);
8146 WRITE_ENTER(&softc->ipf_global);
8150 ipf_sync(softc, NULL);
8153 RWLOCK_EXIT(&softc->ipf_global);
8159 error = ipf_outobj(softc, (void *)data,
8160 ipf_frag_stats(softc->ipf_frag_soft),
8166 tmp = ipf_log_bytesused(softc, IPL_LOGIPF);
8173 error = ipf_frruleiter(softc, data, uid, ctx);
8179 error = ipf_genericiter(softc, data, uid, ctx);
8187 error = ipf_token_del(softc, tmp, uid, ctx);
8403 /* Parameters: softc(I) - pointer to soft context main structure */
8417 ipf_matcharray_load(ipf_main_softc_t *softc, void *data, ipfobj_t *objp,
8682 /* Parameters: softc(I) - pointer to soft context main structure */
8731 ipf_queueflush(ipf_main_softc_t *softc, ipftq_delete_fn_t deletefn,
8741 if ((*deletefn)(softc, tqe->tqe_parent) == 0)
8748 if ((*deletefn)(softc, tqe->tqe_parent) == 0)
8762 if (softc->ipf_ticks > IPF_TTLVAL(43200 * 15 / 10)) {
8765 } else if (softc->ipf_ticks > IPF_TTLVAL(1800 * 15 / 10)) {
8768 } else if (softc->ipf_ticks > IPF_TTLVAL(30 * 15 / 10)) {
8774 if (istart > softc->ipf_ticks) {
8775 if (softc->ipf_ticks - interval < interval)
8778 istart = (softc->ipf_ticks / interval) * interval;
8781 iend = softc->ipf_ticks - interval;
8786 try = softc->ipf_ticks - istart;
8793 if ((*deletefn)(softc, tqe->tqe_parent) == 0)
8805 if ((*deletefn)(softc, tqe->tqe_parent) == 0)
8818 if (interval >= softc->ipf_ticks)
8821 iend = softc->ipf_ticks - interval;
8833 /* Parameters: softc(I) - pointer to soft context main structure */
8842 ipf_deliverlocal(ipf_main_softc_t *softc, int ipversion, void *ifp,
8849 if (ipf_ifpaddr(softc, 4, FRI_NORMAL, ifp, &addr, NULL) == 0) {
8856 if (ipf_ifpaddr(softc, 6, FRI_NORMAL, ifp, &addr, NULL) == 0) {
8870 /* Parameters: softc(I) - pointer to soft context main structure */
8879 ipf_settimeout(struct ipf_main_softc_s *softc, ipftuneable_t *t,
8887 if (ipf_state_settimeout(softc, t, p) == -1)
8889 if (ipf_nat_settimeout(softc, t, p) == -1)
9001 ipf_main_softc_t *softc;
9004 KMALLOC(softc, ipf_main_softc_t *);
9005 if (softc == NULL)
9008 softc = arg;
9011 bzero((char *)softc, sizeof(*softc));
9014 * This serves as a flag as to whether or not the softc should be
9017 softc->ipf_dynamic_softc = (arg == NULL) ? 1 : 0;
9019 softc->ipf_tuners = ipf_tune_array_copy(softc,
9022 if (softc->ipf_tuners == NULL) {
9023 ipf_main_soft_destroy(softc);
9027 MUTEX_INIT(&softc->ipf_rw, "ipf rw mutex");
9028 MUTEX_INIT(&softc->ipf_timeoutlock, "ipf timeout lock");
9029 RWLOCK_INIT(&softc->ipf_global, "ipf filter load/unload mutex");
9030 RWLOCK_INIT(&softc->ipf_mutex, "ipf filter rwlock");
9031 RWLOCK_INIT(&softc->ipf_tokens, "ipf token rwlock");
9032 RWLOCK_INIT(&softc->ipf_state, "ipf state rwlock");
9033 RWLOCK_INIT(&softc->ipf_nat, "ipf IP NAT rwlock");
9034 RWLOCK_INIT(&softc->ipf_poolrw, "ipf pool rwlock");
9035 RWLOCK_INIT(&softc->ipf_frag, "ipf frag rwlock");
9037 softc->ipf_token_head = NULL;
9038 softc->ipf_token_tail = &softc->ipf_token_head;
9040 softc->ipf_tcpidletimeout = FIVE_DAYS;
9041 softc->ipf_tcpclosewait = IPF_TTLVAL(2 * TCP_MSL);
9042 softc->ipf_tcplastack = IPF_TTLVAL(30);
9043 softc->ipf_tcptimewait = IPF_TTLVAL(2 * TCP_MSL);
9044 softc->ipf_tcptimeout = IPF_TTLVAL(2 * TCP_MSL);
9045 softc->ipf_tcpsynsent = IPF_TTLVAL(2 * TCP_MSL);
9046 softc->ipf_tcpsynrecv = IPF_TTLVAL(2 * TCP_MSL);
9047 softc->ipf_tcpclosed = IPF_TTLVAL(30);
9048 softc->ipf_tcphalfclosed = IPF_TTLVAL(2 * 3600);
9049 softc->ipf_udptimeout = IPF_TTLVAL(120);
9050 softc->ipf_udpacktimeout = IPF_TTLVAL(12);
9051 softc->ipf_icmptimeout = IPF_TTLVAL(60);
9052 softc->ipf_icmpacktimeout = IPF_TTLVAL(6);
9053 softc->ipf_iptimeout = IPF_TTLVAL(60);
9056 softc->ipf_pass = FR_BLOCK|FR_NOMATCH;
9058 softc->ipf_pass = (IPF_DEFAULT_PASS)|FR_NOMATCH;
9060 softc->ipf_minttl = 4;
9061 softc->ipf_icmpminfragmtu = 68;
9062 softc->ipf_flags = IPF_LOGGING;
9064 return softc;
9070 /* Parameters: softc(I) - pointer to soft context main structure */
9077 ipf_main_soft_init(ipf_main_softc_t *softc)
9086 /* Parameters: softc(I) - pointer to soft context main structure */
9096 ipf_main_soft_destroy(ipf_main_softc_t *softc)
9099 RW_DESTROY(&softc->ipf_frag);
9100 RW_DESTROY(&softc->ipf_poolrw);
9101 RW_DESTROY(&softc->ipf_nat);
9102 RW_DESTROY(&softc->ipf_state);
9103 RW_DESTROY(&softc->ipf_tokens);
9104 RW_DESTROY(&softc->ipf_mutex);
9105 RW_DESTROY(&softc->ipf_global);
9106 MUTEX_DESTROY(&softc->ipf_timeoutlock);
9107 MUTEX_DESTROY(&softc->ipf_rw);
9109 if (softc->ipf_tuners != NULL) {
9110 KFREES(softc->ipf_tuners, sizeof(ipf_main_tuneables));
9112 if (softc->ipf_dynamic_softc == 1) {
9113 KFREE(softc);
9121 /* Parameters: softc(I) - pointer to soft context main structure */
9127 ipf_main_soft_fini(ipf_main_softc_t *softc)
9129 (void) ipf_flush(softc, IPL_LOGIPF, FR_INQUE|FR_OUTQUE|FR_INACTIVE);
9130 (void) ipf_flush(softc, IPL_LOGIPF, FR_INQUE|FR_OUTQUE);
9131 (void) ipf_flush(softc, IPL_LOGCOUNT, FR_INQUE|FR_OUTQUE|FR_INACTIVE);
9132 (void) ipf_flush(softc, IPL_LOGCOUNT, FR_INQUE|FR_OUTQUE);
9267 ipf_main_softc_t *softc;
9269 softc = ipf_main_soft_create(arg);
9270 if (softc == NULL)
9274 softc->ipf_log_soft = ipf_log_soft_create(softc);
9275 if (softc->ipf_log_soft == NULL) {
9276 ipf_destroy_all(softc);
9281 softc->ipf_lookup_soft = ipf_lookup_soft_create(softc);
9282 if (softc->ipf_lookup_soft == NULL) {
9283 ipf_destroy_all(softc);
9287 softc->ipf_sync_soft = ipf_sync_soft_create(softc);
9288 if (softc->ipf_sync_soft == NULL) {
9289 ipf_destroy_all(softc);
9293 softc->ipf_state_soft = ipf_state_soft_create(softc);
9294 if (softc->ipf_state_soft == NULL) {
9295 ipf_destroy_all(softc);
9299 softc->ipf_nat_soft = ipf_nat_soft_create(softc);
9300 if (softc->ipf_nat_soft == NULL) {
9301 ipf_destroy_all(softc);
9305 softc->ipf_frag_soft = ipf_frag_soft_create(softc);
9306 if (softc->ipf_frag_soft == NULL) {
9307 ipf_destroy_all(softc);
9311 softc->ipf_auth_soft = ipf_auth_soft_create(softc);
9312 if (softc->ipf_auth_soft == NULL) {
9313 ipf_destroy_all(softc);
9317 softc->ipf_proxy_soft = ipf_proxy_soft_create(softc);
9318 if (softc->ipf_proxy_soft == NULL) {
9319 ipf_destroy_all(softc);
9323 return softc;
9330 /* Parameters: softc(I) - pointer to soft context main structure */
9339 ipf_destroy_all(ipf_main_softc_t *softc)
9342 if (softc->ipf_state_soft != NULL) {
9343 ipf_state_soft_destroy(softc, softc->ipf_state_soft);
9344 softc->ipf_state_soft = NULL;
9347 if (softc->ipf_nat_soft != NULL) {
9348 ipf_nat_soft_destroy(softc, softc->ipf_nat_soft);
9349 softc->ipf_nat_soft = NULL;
9352 if (softc->ipf_frag_soft != NULL) {
9353 ipf_frag_soft_destroy(softc, softc->ipf_frag_soft);
9354 softc->ipf_frag_soft = NULL;
9357 if (softc->ipf_auth_soft != NULL) {
9358 ipf_auth_soft_destroy(softc, softc->ipf_auth_soft);
9359 softc->ipf_auth_soft = NULL;
9362 if (softc->ipf_proxy_soft != NULL) {
9363 ipf_proxy_soft_destroy(softc, softc->ipf_proxy_soft);
9364 softc->ipf_proxy_soft = NULL;
9367 if (softc->ipf_sync_soft != NULL) {
9368 ipf_sync_soft_destroy(softc, softc->ipf_sync_soft);
9369 softc->ipf_sync_soft = NULL;
9372 if (softc->ipf_lookup_soft != NULL) {
9373 ipf_lookup_soft_destroy(softc, softc->ipf_lookup_soft);
9374 softc->ipf_lookup_soft = NULL;
9378 if (softc->ipf_log_soft != NULL) {
9379 ipf_log_soft_destroy(softc, softc->ipf_log_soft);
9380 softc->ipf_log_soft = NULL;
9384 ipf_main_soft_destroy(softc);
9391 /* Parameters: softc(I) - pointer to soft context main structure */
9397 ipf_init_all(ipf_main_softc_t *softc)
9400 if (ipf_main_soft_init(softc) == -1)
9404 if (ipf_log_soft_init(softc, softc->ipf_log_soft) == -1)
9408 if (ipf_lookup_soft_init(softc, softc->ipf_lookup_soft) == -1)
9411 if (ipf_sync_soft_init(softc, softc->ipf_sync_soft) == -1)
9414 if (ipf_state_soft_init(softc, softc->ipf_state_soft) == -1)
9417 if (ipf_nat_soft_init(softc, softc->ipf_nat_soft) == -1)
9420 if (ipf_frag_soft_init(softc, softc->ipf_frag_soft) == -1)
9423 if (ipf_auth_soft_init(softc, softc->ipf_auth_soft) == -1)
9426 if (ipf_proxy_soft_init(softc, softc->ipf_proxy_soft) == -1)
9436 /* Parameters: softc(I) - pointer to soft context main structure */
9442 ipf_fini_all(ipf_main_softc_t *softc)
9445 ipf_token_flush(softc);
9447 if (ipf_proxy_soft_fini(softc, softc->ipf_proxy_soft) == -1)
9450 if (ipf_auth_soft_fini(softc, softc->ipf_auth_soft) == -1)
9453 if (ipf_frag_soft_fini(softc, softc->ipf_frag_soft) == -1)
9456 if (ipf_nat_soft_fini(softc, softc->ipf_nat_soft) == -1)
9459 if (ipf_state_soft_fini(softc, softc->ipf_state_soft) == -1)
9462 if (ipf_sync_soft_fini(softc, softc->ipf_sync_soft) == -1)
9465 if (ipf_lookup_soft_fini(softc, softc->ipf_lookup_soft) == -1)
9469 if (ipf_log_soft_fini(softc, softc->ipf_log_soft) == -1)
9473 if (ipf_main_soft_fini(softc) == -1)
9483 /* Parameters: softc(I) - pointer to soft context main structure */
9491 ipf_rule_expire(ipf_main_softc_t *softc)
9495 if ((softc->ipf_rule_explist[0] == NULL) &&
9496 (softc->ipf_rule_explist[1] == NULL))
9499 WRITE_ENTER(&softc->ipf_mutex);
9501 while ((fr = softc->ipf_rule_explist[0]) != NULL) {
9506 if (fr->fr_die > softc->ipf_ticks)
9508 ipf_rule_delete(softc, fr, IPL_LOGIPF, 0);
9511 while ((fr = softc->ipf_rule_explist[1]) != NULL) {
9516 if (fr->fr_die > softc->ipf_ticks)
9518 ipf_rule_delete(softc, fr, IPL_LOGIPF, 1);
9521 RWLOCK_EXIT(&softc->ipf_mutex);
9648 /* Parameters: softc(I) - pointer to soft context main structure */
9662 ipf_ht_node_add(ipf_main_softc_t *softc, host_track_t *htp, int family,
9798 ipf_slowtimer(ipf_main_softc_t *softc)
9801 ipf_token_expire(softc);
9802 ipf_frag_expire(softc);
9803 ipf_state_expire(softc);
9804 ipf_nat_expire(softc);
9805 ipf_auth_expire(softc);
9806 ipf_lookup_expire(softc);
9807 ipf_rule_expire(softc);
9808 ipf_sync_expire(softc);
9809 softc->ipf_ticks++;
Indexes created Thu Oct 02 14:10:14 GMT 2025