summaryrefslogtreecommitdiff
path: root/sys/netinet
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netinet')
-rw-r--r--sys/netinet/in.h46
-rw-r--r--sys/netinet/ip_input.c23
2 files changed, 20 insertions, 49 deletions
diff --git a/sys/netinet/in.h b/sys/netinet/in.h
index a52ed23c127..1dd0037d55c 100644
--- a/sys/netinet/in.h
+++ b/sys/netinet/in.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: in.h,v 1.137 2019/11/04 23:52:28 dlg Exp $ */
+/* $OpenBSD: in.h,v 1.138 2020/08/22 17:55:30 gnezdo Exp $ */
/* $NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $ */
/*
@@ -736,50 +736,6 @@ struct ip_mreq {
{ "arpdown", CTLTYPE_INT }, \
{ "arpq", CTLTYPE_NODE }, \
}
-#define IPCTL_VARS { \
- NULL, \
- &ipforwarding, \
- &ipsendredirects, \
- &ip_defttl, \
- NULL, \
- NULL, \
- &ip_directedbcast, \
- &ipport_firstauto, \
- &ipport_lastauto, \
- &ipport_hifirstauto, \
- &ipport_hilastauto, \
- &ip_maxqueue, \
- NULL /* encdebug */, \
- NULL /* ipsecstat */, \
- NULL /* ipsec_expire_acquire */, \
- NULL /* ipsec_keep_invalid */, \
- NULL /* ipsec_require_pfs */, \
- NULL /* ipsec_soft_allocations */, \
- NULL /* ipsec_exp_allocations */, \
- NULL /* ipsec_soft_bytes */, \
- NULL /* ipsec_exp_bytes */, \
- NULL /* ipsec_exp_timeout */, \
- NULL /* ipsec_soft_timeout */, \
- NULL /* ipsec_soft_first_use */, \
- NULL /* ipsec_exp_first_use */, \
- NULL, \
- NULL, \
- NULL, \
- NULL, \
- NULL, \
- NULL, \
- &ipmforwarding, \
- &ipmultipath, \
- NULL, \
- NULL, \
- NULL, \
- &la_hold_total, \
- NULL, \
- NULL, \
- &arpt_keep, \
- &arpt_down, \
- NULL, \
-}
#endif /* __BSD_VISIBLE */
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 394362dc005..130f7a48a09 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_input.c,v 1.350 2020/08/08 07:42:31 florian Exp $ */
+/* $OpenBSD: ip_input.c,v 1.351 2020/08/22 17:55:30 gnezdo Exp $ */
/* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */
/*
@@ -107,7 +107,22 @@ LIST_HEAD(, ipq) ipq;
int ip_maxqueue = 300;
int ip_frags = 0;
-int *ipctl_vars[IPCTL_MAXID] = IPCTL_VARS;
+const struct sysctl_bounded_args ipctl_vars[] = {
+ { IPCTL_FORWARDING, &ipforwarding, 0, 1 },
+ { IPCTL_SENDREDIRECTS, &ipsendredirects, 0, 1 },
+ { IPCTL_DEFTTL, &ip_defttl, 0, 255 },
+ { IPCTL_DIRECTEDBCAST, &ip_directedbcast, 0, 1 },
+ { IPCTL_IPPORT_FIRSTAUTO, &ipport_firstauto, 0, 65535 },
+ { IPCTL_IPPORT_LASTAUTO, &ipport_lastauto, 0, 65535 },
+ { IPCTL_IPPORT_HIFIRSTAUTO, &ipport_hifirstauto, 0, 65535 },
+ { IPCTL_IPPORT_HILASTAUTO, &ipport_hilastauto, 0, 65535 },
+ { IPCTL_IPPORT_MAXQUEUE, &ip_maxqueue, 0, 10000 },
+ { IPCTL_MFORWARDING, &ipmforwarding, 0, 1 },
+ { IPCTL_MULTIPATH, &ipmultipath, 0, 1 },
+ { IPCTL_ARPQUEUED, &la_hold_total, 0, 1000 },
+ { IPCTL_ARPTIMEOUT, &arpt_keep, 0, INT_MAX },
+ { IPCTL_ARPDOWN, &arpt_down, 0, INT_MAX },
+};
struct pool ipqent_pool;
struct pool ipq_pool;
@@ -1646,8 +1661,8 @@ ip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
#endif
default:
NET_LOCK();
- error = sysctl_int_arr(ipctl_vars, nitems(ipctl_vars), name,
- namelen, oldp, oldlenp, newp, newlen);
+ error = sysctl_bounded_arr(ipctl_vars, nitems(ipctl_vars),
+ name, namelen, oldp, oldlenp, newp, newlen);
NET_UNLOCK();
return (error);
}