diff options
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/in.h | 46 | ||||
-rw-r--r-- | sys/netinet/ip_input.c | 23 |
2 files changed, 20 insertions, 49 deletions
diff --git a/sys/netinet/in.h b/sys/netinet/in.h index a52ed23c127..1dd0037d55c 100644 --- a/sys/netinet/in.h +++ b/sys/netinet/in.h @@ -1,4 +1,4 @@ -/* $OpenBSD: in.h,v 1.137 2019/11/04 23:52:28 dlg Exp $ */ +/* $OpenBSD: in.h,v 1.138 2020/08/22 17:55:30 gnezdo Exp $ */ /* $NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $ */ /* @@ -736,50 +736,6 @@ struct ip_mreq { { "arpdown", CTLTYPE_INT }, \ { "arpq", CTLTYPE_NODE }, \ } -#define IPCTL_VARS { \ - NULL, \ - &ipforwarding, \ - &ipsendredirects, \ - &ip_defttl, \ - NULL, \ - NULL, \ - &ip_directedbcast, \ - &ipport_firstauto, \ - &ipport_lastauto, \ - &ipport_hifirstauto, \ - &ipport_hilastauto, \ - &ip_maxqueue, \ - NULL /* encdebug */, \ - NULL /* ipsecstat */, \ - NULL /* ipsec_expire_acquire */, \ - NULL /* ipsec_keep_invalid */, \ - NULL /* ipsec_require_pfs */, \ - NULL /* ipsec_soft_allocations */, \ - NULL /* ipsec_exp_allocations */, \ - NULL /* ipsec_soft_bytes */, \ - NULL /* ipsec_exp_bytes */, \ - NULL /* ipsec_exp_timeout */, \ - NULL /* ipsec_soft_timeout */, \ - NULL /* ipsec_soft_first_use */, \ - NULL /* ipsec_exp_first_use */, \ - NULL, \ - NULL, \ - NULL, \ - NULL, \ - NULL, \ - NULL, \ - &ipmforwarding, \ - &ipmultipath, \ - NULL, \ - NULL, \ - NULL, \ - &la_hold_total, \ - NULL, \ - NULL, \ - &arpt_keep, \ - &arpt_down, \ - NULL, \ -} #endif /* __BSD_VISIBLE */ diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 394362dc005..130f7a48a09 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_input.c,v 1.350 2020/08/08 07:42:31 florian Exp $ */ +/* $OpenBSD: ip_input.c,v 1.351 2020/08/22 17:55:30 gnezdo Exp $ */ /* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */ /* @@ -107,7 +107,22 @@ LIST_HEAD(, ipq) ipq; int ip_maxqueue = 300; int ip_frags = 0; -int *ipctl_vars[IPCTL_MAXID] = IPCTL_VARS; +const struct sysctl_bounded_args ipctl_vars[] = { + { IPCTL_FORWARDING, &ipforwarding, 0, 1 }, + { IPCTL_SENDREDIRECTS, &ipsendredirects, 0, 1 }, + { IPCTL_DEFTTL, &ip_defttl, 0, 255 }, + { IPCTL_DIRECTEDBCAST, &ip_directedbcast, 0, 1 }, + { IPCTL_IPPORT_FIRSTAUTO, &ipport_firstauto, 0, 65535 }, + { IPCTL_IPPORT_LASTAUTO, &ipport_lastauto, 0, 65535 }, + { IPCTL_IPPORT_HIFIRSTAUTO, &ipport_hifirstauto, 0, 65535 }, + { IPCTL_IPPORT_HILASTAUTO, &ipport_hilastauto, 0, 65535 }, + { IPCTL_IPPORT_MAXQUEUE, &ip_maxqueue, 0, 10000 }, + { IPCTL_MFORWARDING, &ipmforwarding, 0, 1 }, + { IPCTL_MULTIPATH, &ipmultipath, 0, 1 }, + { IPCTL_ARPQUEUED, &la_hold_total, 0, 1000 }, + { IPCTL_ARPTIMEOUT, &arpt_keep, 0, INT_MAX }, + { IPCTL_ARPDOWN, &arpt_down, 0, INT_MAX }, +}; struct pool ipqent_pool; struct pool ipq_pool; @@ -1646,8 +1661,8 @@ ip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, #endif default: NET_LOCK(); - error = sysctl_int_arr(ipctl_vars, nitems(ipctl_vars), name, - namelen, oldp, oldlenp, newp, newlen); + error = sysctl_bounded_arr(ipctl_vars, nitems(ipctl_vars), + name, namelen, oldp, oldlenp, newp, newlen); NET_UNLOCK(); return (error); } |