summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/net/if_pfsync.c76
-rw-r--r--sys/net/if_pfsync.h4
2 files changed, 34 insertions, 46 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c
index b30861b519f..052cc39bd36 100644
--- a/sys/net/if_pfsync.c
+++ b/sys/net/if_pfsync.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_pfsync.c,v 1.157 2010/11/28 11:43:41 dlg Exp $ */
+/* $OpenBSD: if_pfsync.c,v 1.158 2010/11/29 05:31:38 dlg Exp $ */
/*
* Copyright (c) 2002 Michael Shalayeff
@@ -93,31 +93,25 @@
sizeof(struct ip) + \
sizeof(struct pfsync_header))
-struct pfsync_pkt {
- struct ip *ip;
- struct in_addr src;
- u_int8_t flags;
-};
-
int pfsync_upd_tcp(struct pf_state *, struct pfsync_state_peer *,
struct pfsync_state_peer *);
-int pfsync_in_clr(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_iack(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_upd_c(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_ureq(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_del(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_del_c(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_bus(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_tdb(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_ins(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_upd(struct pfsync_pkt *, caddr_t, int, int);
-int pfsync_in_eof(struct pfsync_pkt *, caddr_t, int, int);
+int pfsync_in_clr(caddr_t, int, int, int);
+int pfsync_in_iack(caddr_t, int, int, int);
+int pfsync_in_upd_c(caddr_t, int, int, int);
+int pfsync_in_ureq(caddr_t, int, int, int);
+int pfsync_in_del(caddr_t, int, int, int);
+int pfsync_in_del_c(caddr_t, int, int, int);
+int pfsync_in_bus(caddr_t, int, int, int);
+int pfsync_in_tdb(caddr_t, int, int, int);
+int pfsync_in_ins(caddr_t, int, int, int);
+int pfsync_in_upd(caddr_t, int, int, int);
+int pfsync_in_eof(caddr_t, int, int, int);
-int pfsync_in_error(struct pfsync_pkt *, caddr_t, int, int);
+int pfsync_in_error(caddr_t, int, int, int);
struct {
- int (*in)(struct pfsync_pkt *, caddr_t, int, int);
+ int (*in)(caddr_t, int, int, int);
size_t len;
} pfsync_acts[] = {
/* PFSYNC_ACT_CLR */
@@ -477,7 +471,7 @@ pfsync_state_export(struct pfsync_state *sp, struct pf_state *st)
}
int
-pfsync_state_import(struct pfsync_state *sp, u_int8_t flags)
+pfsync_state_import(struct pfsync_state *sp, int flags)
{
struct pf_state *st = NULL;
struct pf_state_key *skw = NULL, *sks = NULL;
@@ -641,13 +635,12 @@ void
pfsync_input(struct mbuf *m, ...)
{
struct pfsync_softc *sc = pfsyncif;
- struct pfsync_pkt pkt;
struct ip *ip = mtod(m, struct ip *);
struct mbuf *mp;
struct pfsync_header *ph;
struct pfsync_subheader subh;
- int offset, offp, len, count, mlen;
+ int offset, offp, len, count, mlen, flags = 0;
pfsyncstats.pfsyncs_ipackets++;
@@ -697,13 +690,8 @@ pfsync_input(struct mbuf *m, ...)
goto done;
}
- /* Cheaper to grab this now than having to mess with mbufs later */
- pkt.ip = ip;
- pkt.src = ip->ip_src;
- pkt.flags = 0;
-
if (!bcmp(&ph->pfcksum, &pf_status.pf_chksum, PF_MD5_DIGEST_LENGTH))
- pkt.flags |= PFSYNC_SI_CKSUM;
+ flags = PFSYNC_SI_CKSUM;
offset += sizeof(*ph);
while (offset <= len - sizeof(subh)) {
@@ -736,8 +724,8 @@ pfsync_input(struct mbuf *m, ...)
return;
}
- if (pfsync_acts[subh.action].in(&pkt, mp->m_data + offp,
- mlen, count) != 0)
+ if (pfsync_acts[subh.action].in(mp->m_data + offp,
+ mlen, count, flags) != 0)
goto done;
offset += mlen * count;
@@ -748,7 +736,7 @@ done:
}
int
-pfsync_in_clr(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_clr(caddr_t buf, int len, int count, int flags)
{
struct pfsync_clr *clr;
int i;
@@ -795,7 +783,7 @@ pfsync_in_clr(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_ins(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_ins(caddr_t buf, int len, int count, int flags)
{
struct pfsync_state *sp;
int i;
@@ -815,7 +803,7 @@ pfsync_in_ins(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
continue;
}
- if (pfsync_state_import(sp, pkt->flags) == ENOMEM) {
+ if (pfsync_state_import(sp, flags) == ENOMEM) {
/* drop out, but process the rest of the actions */
break;
}
@@ -825,7 +813,7 @@ pfsync_in_ins(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_iack(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_iack(caddr_t buf, int len, int count, int flags)
{
struct pfsync_ins_ack *ia;
struct pf_state_cmp id_key;
@@ -882,7 +870,7 @@ pfsync_upd_tcp(struct pf_state *st, struct pfsync_state_peer *src,
}
int
-pfsync_in_upd(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_upd(caddr_t buf, int len, int count, int flags)
{
struct pfsync_state *sp;
struct pf_state_cmp id_key;
@@ -979,7 +967,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_upd_c(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_upd_c(caddr_t buf, int len, int count, int flags)
{
struct pfsync_upd_c *up;
struct pf_state_cmp id_key;
@@ -1053,7 +1041,7 @@ pfsync_in_upd_c(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_ureq(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_ureq(caddr_t buf, int len, int count, int flags)
{
struct pfsync_upd_req *ur;
int i;
@@ -1086,7 +1074,7 @@ pfsync_in_ureq(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_del(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_del(caddr_t buf, int len, int count, int flags)
{
struct pfsync_state *sp;
struct pf_state_cmp id_key;
@@ -1112,7 +1100,7 @@ pfsync_in_del(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_del_c(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_del_c(caddr_t buf, int len, int count, int flags)
{
struct pfsync_del_c *sp;
struct pf_state_cmp id_key;
@@ -1139,7 +1127,7 @@ pfsync_in_del_c(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_bus(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_bus(caddr_t buf, int len, int count, int flags)
{
struct pfsync_softc *sc = pfsyncif;
struct pfsync_bus *bus;
@@ -1184,7 +1172,7 @@ pfsync_in_bus(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_tdb(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_tdb(caddr_t buf, int len, int count, int flags)
{
#if defined(IPSEC)
struct pfsync_tdb *tp;
@@ -1242,7 +1230,7 @@ pfsync_update_net_tdb(struct pfsync_tdb *pt)
int
-pfsync_in_eof(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_eof(caddr_t buf, int len, int count, int flags)
{
if (len > 0 || count > 0)
pfsyncstats.pfsyncs_badact++;
@@ -1252,7 +1240,7 @@ pfsync_in_eof(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
}
int
-pfsync_in_error(struct pfsync_pkt *pkt, caddr_t buf, int len, int count)
+pfsync_in_error(caddr_t buf, int len, int count, int flags)
{
pfsyncstats.pfsyncs_badact++;
return (-1);
diff --git a/sys/net/if_pfsync.h b/sys/net/if_pfsync.h
index ba83a6607ff..c22e14a8819 100644
--- a/sys/net/if_pfsync.h
+++ b/sys/net/if_pfsync.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_pfsync.h,v 1.43 2010/07/09 16:58:06 reyk Exp $ */
+/* $OpenBSD: if_pfsync.h,v 1.44 2010/11/29 05:31:38 dlg Exp $ */
/*
* Copyright (c) 2001 Michael Shalayeff
@@ -292,7 +292,7 @@ int pfsync_sysctl(int *, u_int, void *, size_t *,
#define PFSYNC_SI_IOCTL 0x01
#define PFSYNC_SI_CKSUM 0x02
#define PFSYNC_SI_ACK 0x04
-int pfsync_state_import(struct pfsync_state *, u_int8_t);
+int pfsync_state_import(struct pfsync_state *, int);
void pfsync_state_export(struct pfsync_state *,
struct pf_state *);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 11:43:59 +0000