diff options
| author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2001-12-10 18:28:34 +0000 |
|---|---|---|
| committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2001-12-10 18:28:34 +0000 |
| commit | 7e68857f6629ec2d0e0798d59dbd55c645d0f403 (patch) | |
| tree | ca0c050576e1f4184567da97004a9bbc6e4e803d /sys/net | |
| parent | 005c0718b94541ab1d91021fff3f978a2d773fb0 (diff) | |
Add an ioctl to add state entries (DIOCADDSTATE) for proxies.
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/pf.c | 61 | ||||
| -rw-r--r-- | sys/net/pfvar.h | 3 |
2 files changed, 42 insertions, 22 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index 1b811219848..b8d9950202b 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.177 2001/12/10 18:08:11 dhartmei Exp $ */ +/* $OpenBSD: pf.c,v 1.178 2001/12/10 18:28:32 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1023,26 +1023,24 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) /* XXX keep in sync with switch() below */ if (securelevel > 1) switch (cmd) { - case DIOCSTART: - case DIOCSTOP: - case DIOCBEGINRULES: - case DIOCADDRULE: - case DIOCCOMMITRULES: - case DIOCBEGINNATS: - case DIOCADDNAT: - case DIOCCOMMITNATS: - case DIOCBEGINBINATS: - case DIOCADDBINAT: - case DIOCCOMMITBINATS: - case DIOCBEGINRDRS: - case DIOCADDRDR: - case DIOCCOMMITRDRS: - case DIOCCLRSTATES: - case DIOCCHANGERULE: - case DIOCCHANGENAT: - case DIOCCHANGEBINAT: - case DIOCCHANGERDR: - case DIOCSETTIMEOUT: + case DIOCGETRULES: + case DIOCGETRULE: + case DIOCGETNATS: + case DIOCGETNAT: + case DIOCGETBINATS: + case DIOCGETBINAT: + case DIOCGETRDRS: + case DIOCGETRDR: + case DIOCGETSTATE: + case DIOCSETSTATUSIF: + case DIOCGETSTATUS: + case DIOCCLRSTATUS: + case DIOCNATLOOK: + case DIOCSETDEBUG: + case DIOCGETSTATES: + case DIOCGETTIMEOUT: + break; + default: return EPERM; } @@ -1914,6 +1912,27 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) break; } + case DIOCADDSTATE: { + struct pfioc_state *ps = (struct pfioc_state *)addr; + struct pf_state *state; + + state = pool_get(&pf_state_pl, PR_NOWAIT); + if (state == NULL) { + error = ENOMEM; + break; + } + s = splsoftnet(); + microtime(&pftv); + bcopy(&ps->state, state, sizeof(struct pf_state)); + state->rule = NULL; + state->creation = pftv.tv_sec; + state->expire += pftv.tv_sec; + state->packets = 0; + state->bytes = 0; + pf_insert_state(state); + splx(s); + } + case DIOCGETSTATE: { struct pfioc_state *ps = (struct pfioc_state *)addr; struct pf_tree_node *n; diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 6d58c30dde1..5236f0322a1 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.57 2001/12/10 18:08:11 dhartmei Exp $ */ +/* $OpenBSD: pfvar.h,v 1.58 2001/12/10 18:28:32 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -555,6 +555,7 @@ struct pfioc_tm { #define DIOCGETBINATS _IOWR('D', 34, struct pfioc_binat) #define DIOCGETBINAT _IOWR('D', 35, struct pfioc_binat) #define DIOCCHANGEBINAT _IOWR('D', 36, struct pfioc_changebinat) +#define DIOCADDSTATE _IOWR('D', 37, struct pfioc_state) #ifdef _KERNEL |