summaryrefslogtreecommitdiff
path: root/sys/net
diff options
context:
space:
mode:
authorCedric Berger <cedric@cvs.openbsd.org>2003-07-19 13:08:59 +0000
committerCedric Berger <cedric@cvs.openbsd.org>2003-07-19 13:08:59 +0000
commitaffd738f0531e9799db4ec0d6dec94381e6c19b3 (patch)
tree2bd0b193976df3d86fdb205ea4ba95fe2bc49745 /sys/net
parentcc66adb3b35ed88b028cac1c966ecbaafb704f56 (diff)
Simplify struct pf_pooladdr to include struct pf_addr_wrap directly
instead of indirectly trough struct pf_rule_addr. Ryan McBride says: If I'm not mistaken, the code _used_ to use the ports in pf_rule_addr as well. The code was changed to fix some of the bugs with port ranges, but it was too late in the release cycle to make kernel API changes, so the structure was left as is. Needless to say: KERNEL/USERLAND SYNC REQUIRED. ok henning@ mcbride@
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/pf.c41
-rw-r--r--sys/net/pf_ioctl.c26
-rw-r--r--sys/net/pfvar.h4
3 files changed, 36 insertions, 35 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 7793fd43852..38c392c5e02 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.377 2003/07/12 09:36:23 dhartmei Exp $ */
+/* $OpenBSD: pf.c,v 1.378 2003/07/19 13:08:58 cedric Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1558,14 +1558,14 @@ pf_map_addr(u_int8_t af, struct pf_pool *rpool, struct pf_addr *saddr,
struct pf_addr *naddr, struct pf_addr *init_addr)
{
unsigned char hash[16];
- struct pf_addr *raddr = &rpool->cur->addr.addr.v.a.addr;
- struct pf_addr *rmask = &rpool->cur->addr.addr.v.a.mask;
+ struct pf_addr *raddr = &rpool->cur->addr.v.a.addr;
+ struct pf_addr *rmask = &rpool->cur->addr.v.a.mask;
- if (rpool->cur->addr.addr.type == PF_ADDR_NOROUTE ||
- rpool->cur->addr.addr.type == PF_ADDR_TABLE)
+ if (rpool->cur->addr.type == PF_ADDR_NOROUTE ||
+ rpool->cur->addr.type == PF_ADDR_TABLE)
return (1);
- if (rpool->cur->addr.addr.type == PF_ADDR_DYNIFTL &&
- rpool->cur->addr.addr.p.dyn->undefined)
+ if (rpool->cur->addr.type == PF_ADDR_DYNIFTL &&
+ rpool->cur->addr.p.dyn->undefined)
return (1);
switch (rpool->opts & PF_POOL_TYPEMASK) {
@@ -1615,17 +1615,17 @@ pf_map_addr(u_int8_t af, struct pf_pool *rpool, struct pf_addr *saddr,
PF_POOLMASK(naddr, raddr, rmask, (struct pf_addr *)&hash, af);
break;
case PF_POOL_ROUNDROBIN:
- if (pf_match_addr(0, &rpool->cur->addr.addr.v.a.addr,
- &rpool->cur->addr.addr.v.a.mask, &rpool->counter, af)) {
+ if (pf_match_addr(0, &rpool->cur->addr.v.a.addr,
+ &rpool->cur->addr.v.a.mask, &rpool->counter, af)) {
PF_ACPY(naddr, &rpool->counter, af);
PF_AINC(&rpool->counter, af);
} else {
if ((rpool->cur =
TAILQ_NEXT(rpool->cur, entries)) == NULL)
rpool->cur = TAILQ_FIRST(&rpool->list);
- PF_ACPY(naddr, &rpool->cur->addr.addr.v.a.addr, af);
+ PF_ACPY(naddr, &rpool->cur->addr.v.a.addr, af);
PF_ACPY(&rpool->counter,
- &rpool->cur->addr.addr.v.a.addr, af);
+ &rpool->cur->addr.v.a.addr, af);
PF_AINC(&rpool->counter, af);
}
break;
@@ -1738,11 +1738,12 @@ pf_match_translation(int direction, struct ifnet *ifp, u_int8_t proto,
r = TAILQ_FIRST(pf_main_ruleset.rules[rs_num].active.ptr);
while (r && rm == NULL) {
struct pf_rule_addr *src = NULL, *dst = NULL;
+ struct pf_addr_wrap *xdst = NULL;
if (r->action == PF_BINAT && direction == PF_IN) {
src = &r->dst;
if (r->rpool.cur != NULL)
- dst = &r->rpool.cur->addr;
+ xdst = &r->rpool.cur->addr;
} else {
src = &r->src;
dst = &r->dst;
@@ -1767,13 +1768,13 @@ pf_match_translation(int direction, struct ifnet *ifp, u_int8_t proto,
PF_SKIP_DST_PORT].ptr;
else if (dst != NULL &&
PF_MISMATCHAW(&dst->addr, daddr, af, dst->not))
- r = dst == &r->dst ? r->skip[PF_SKIP_DST_ADDR].ptr :
- TAILQ_NEXT(r, entries);
+ r = r->skip[PF_SKIP_DST_ADDR].ptr;
+ else if (xdst != NULL && PF_MISMATCHAW(xdst, daddr, af, 0))
+ r = TAILQ_NEXT(r, entries);
else if (dst != NULL && dst->port_op &&
!pf_match_port(dst->port_op, dst->port[0],
dst->port[1], dport))
- r = dst == &r->dst ? r->skip[PF_SKIP_DST_PORT].ptr :
- TAILQ_NEXT(r, entries);
+ r = r->skip[PF_SKIP_DST_PORT].ptr;
else if (r->anchorname[0] && r->anchor == NULL)
r = TAILQ_NEXT(r, entries);
else if (r->anchor == NULL)
@@ -1834,14 +1835,14 @@ pf_get_translation(int direction, struct ifnet *ifp, u_int8_t proto,
case PF_BINAT:
switch (direction) {
case PF_OUT:
- if (r->rpool.cur->addr.addr.type ==
+ if (r->rpool.cur->addr.type ==
PF_ADDR_DYNIFTL &&
- r->rpool.cur->addr.addr.p.dyn->undefined)
+ r->rpool.cur->addr.p.dyn->undefined)
return (NULL);
else
PF_POOLMASK(naddr,
- &r->rpool.cur->addr.addr.v.a.addr,
- &r->rpool.cur->addr.addr.v.a.mask,
+ &r->rpool.cur->addr.v.a.addr,
+ &r->rpool.cur->addr.v.a.mask,
saddr, af);
break;
case PF_IN:
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index bc07c0ae7b0..2b38f3152b2 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_ioctl.c,v 1.75 2003/06/30 19:09:25 henning Exp $ */
+/* $OpenBSD: pf_ioctl.c,v 1.76 2003/07/19 13:08:58 cedric Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -382,7 +382,7 @@ pf_empty_pool(struct pf_palist *poola)
struct pf_pooladdr *empty_pool_pa;
while ((empty_pool_pa = TAILQ_FIRST(poola)) != NULL) {
- pf_dynaddr_remove(&empty_pool_pa->addr.addr);
+ pf_dynaddr_remove(&empty_pool_pa->addr);
TAILQ_REMOVE(poola, empty_pool_pa, entries);
pool_put(&pf_pooladdr_pl, empty_pool_pa);
}
@@ -1646,8 +1646,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
break;
}
#endif /* INET6 */
- if (pp->addr.addr.addr.type != PF_ADDR_ADDRMASK &&
- pp->addr.addr.addr.type != PF_ADDR_DYNIFTL) {
+ if (pp->addr.addr.type != PF_ADDR_ADDRMASK &&
+ pp->addr.addr.type != PF_ADDR_DYNIFTL) {
error = EINVAL;
break;
}
@@ -1665,8 +1665,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
break;
}
}
- if (pf_dynaddr_setup(&pa->addr.addr, pp->af)) {
- pf_dynaddr_remove(&pa->addr.addr);
+ if (pf_dynaddr_setup(&pa->addr, pp->af)) {
+ pf_dynaddr_remove(&pa->addr);
pool_put(&pf_pooladdr_pl, pa);
error = EINVAL;
break;
@@ -1716,7 +1716,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
break;
}
bcopy(pa, &pp->addr, sizeof(struct pf_pooladdr));
- pf_dynaddr_copyout(&pp->addr.addr.addr);
+ pf_dynaddr_copyout(&pp->addr.addr);
splx(s);
break;
}
@@ -1730,8 +1730,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
error = EINVAL;
break;
}
- if (pca->addr.addr.addr.type != PF_ADDR_ADDRMASK &&
- pca->addr.addr.addr.type != PF_ADDR_DYNIFTL) {
+ if (pca->addr.addr.type != PF_ADDR_ADDRMASK &&
+ pca->addr.addr.type != PF_ADDR_DYNIFTL) {
error = EINVAL;
break;
}
@@ -1772,8 +1772,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
}
} else
newpa->ifp = NULL;
- if (pf_dynaddr_setup(&newpa->addr.addr, pca->af)) {
- pf_dynaddr_remove(&newpa->addr.addr);
+ if (pf_dynaddr_setup(&newpa->addr, pca->af)) {
+ pf_dynaddr_remove(&newpa->addr);
pool_put(&pf_pooladdr_pl, newpa);
error = EINVAL;
break;
@@ -1803,7 +1803,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
if (pca->action == PF_CHANGE_REMOVE) {
TAILQ_REMOVE(&pool->list, oldpa, entries);
- pf_dynaddr_remove(&oldpa->addr.addr);
+ pf_dynaddr_remove(&oldpa->addr);
pool_put(&pf_pooladdr_pl, oldpa);
} else {
if (oldpa == NULL)
@@ -1817,7 +1817,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
}
pool->cur = TAILQ_FIRST(&pool->list);
- PF_ACPY(&pool->counter, &pool->cur->addr.addr.v.a.addr,
+ PF_ACPY(&pool->counter, &pool->cur->addr.v.a.addr,
pca->af);
splx(s);
break;
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index 98344f6a339..4c247953a71 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfvar.h,v 1.162 2003/07/04 10:39:31 henning Exp $ */
+/* $OpenBSD: pfvar.h,v 1.163 2003/07/19 13:08:58 cedric Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -292,7 +292,7 @@ struct pf_rule_addr {
};
struct pf_pooladdr {
- struct pf_rule_addr addr;
+ struct pf_addr_wrap addr;
TAILQ_ENTRY(pf_pooladdr) entries;
char ifname[IFNAMSIZ];
struct ifnet *ifp;