diff options
Diffstat (limited to 'sys')
-rw-r--r-- | sys/net/if_pfsync.c | 66 | ||||
-rw-r--r-- | sys/net/if_pfsync.h | 12 | ||||
-rw-r--r-- | sys/net/pf.c | 40 | ||||
-rw-r--r-- | sys/net/pf_ioctl.c | 4 |
4 files changed, 61 insertions, 61 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index cd413730112..5227d7bbdf2 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.8 2003/12/15 07:11:30 mcbride Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.9 2003/12/15 07:28:25 mcbride Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -280,16 +280,16 @@ pfsync_input(struct mbuf *m, ...) return; } - s = splsoftnet(); - cp = (void *)((char *)mp->m_data + iplen + PFSYNC_HDRLEN); + s = splsoftnet(); + cp = (void *)((char *)mp->m_data + iplen + PFSYNC_HDRLEN); creatorid = cp->creatorid; - RB_FOREACH(st, pf_state_tree_ext_gwy, &tree_ext_gwy) { + RB_FOREACH(st, pf_state_tree_ext_gwy, &tree_ext_gwy) { if (st->creatorid == creatorid) - st->timeout = PFTM_PURGE; + st->timeout = PFTM_PURGE; } - pf_purge_expired_states(); - splx(s); + pf_purge_expired_states(); + splx(s); break; } case PFSYNC_ACT_INS: @@ -299,13 +299,13 @@ pfsync_input(struct mbuf *m, ...) return; } - s = splsoftnet(); + s = splsoftnet(); for (i = 0, sp = (void *)((char *)mp->m_data + iplen + PFSYNC_HDRLEN); i < count; i++, sp++) { if ((error = pfsync_insert_net_state(sp))) { if (error == ENOMEM) { splx(s); - goto done; + goto done; } continue; } @@ -323,8 +323,8 @@ pfsync_input(struct mbuf *m, ...) pfsyncstats.pfsyncs_badlen++; return; } - - s = splsoftnet(); + + s = splsoftnet(); for (i = 0, sp = (void *)((char *)mp->m_data + iplen + PFSYNC_HDRLEN); i < count; i++, sp++) { key.id = sp->id; @@ -353,8 +353,8 @@ pfsync_input(struct mbuf *m, ...) pfsyncstats.pfsyncs_badlen++; return; } - - s = splsoftnet(); + + s = splsoftnet(); for (i = 0, sp = (void *)((char *)mp->m_data + iplen + PFSYNC_HDRLEN); i < count; i++, sp++) { key.id = sp->id; @@ -366,7 +366,7 @@ pfsync_input(struct mbuf *m, ...) continue; } /* - * XXX + * XXX * pf_purge_expired_states() is expensive, * we really want to purge the state directly. */ @@ -382,8 +382,8 @@ pfsync_input(struct mbuf *m, ...) pfsyncstats.pfsyncs_badlen++; return; } - - s = splsoftnet(); + + s = splsoftnet(); for (i = 0, up = (void *)((char *)mp->m_data + iplen + PFSYNC_HDRLEN); i < count; i++, up++) { key.id = up->id; @@ -412,8 +412,8 @@ pfsync_input(struct mbuf *m, ...) pfsyncstats.pfsyncs_badlen++; return; } - - s = splsoftnet(); + + s = splsoftnet(); for (i = 0, dp = (void *)((char *)mp->m_data + iplen + PFSYNC_HDRLEN); i < count; i++, dp++) { key.id = dp->id; @@ -425,7 +425,7 @@ pfsync_input(struct mbuf *m, ...) continue; } /* - * XXX + * XXX * pf_purge_expired_states() is expensive, * we really want to purge the state directly. */ @@ -440,7 +440,7 @@ pfsync_input(struct mbuf *m, ...) /* not implemented */ break; } - + done: if (m) m_freem(m); @@ -482,18 +482,18 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) if (ifr->ifr_mtu > MCLBYTES) ifr->ifr_mtu = MCLBYTES; s = splnet(); - if (ifr->ifr_mtu < ifp->if_mtu) + if (ifr->ifr_mtu < ifp->if_mtu) pfsync_sendout(sc); pfsync_setmtu(sc, ifr->ifr_mtu); splx(s); break; case SIOCGETPFSYNC: bzero(&pfsyncr, sizeof(pfsyncr)); - if (sc->sc_sync_ifp) + if (sc->sc_sync_ifp) strlcpy(pfsyncr.pfsyncr_syncif, sc->sc_sync_ifp->if_xname, IFNAMSIZ); pfsyncr.pfsyncr_maxupdates = sc->sc_maxupdates; - if ((error = copyout(&pfsyncr, ifr->ifr_data, sizeof(pfsyncr)))) + if ((error = copyout(&pfsyncr, ifr->ifr_data, sizeof(pfsyncr)))) return (error); break; case SIOCSETPFSYNC: @@ -505,7 +505,7 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) if (pfsyncr.pfsyncr_maxupdates > 255) return (EINVAL); sc->sc_maxupdates = pfsyncr.pfsyncr_maxupdates; - + if (pfsyncr.pfsyncr_syncif[0] == 0) { sc->sc_sync_ifp = NULL; break; @@ -517,14 +517,14 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) s = splnet(); if (sifp->if_mtu < sc->sc_if.if_mtu || - (sc->sc_sync_ifp != NULL && + (sc->sc_sync_ifp != NULL && sifp->if_mtu < sc->sc_sync_ifp->if_mtu) || sifp->if_mtu < MCLBYTES - sizeof(struct ip)) pfsync_sendout(sc); sc->sc_sync_ifp = sifp; - + pfsync_setmtu(sc, sc->sc_if.if_mtu); - + if (imo->imo_num_memberships > 0) { in_delmulti(imo->imo_membership[--imo->imo_num_memberships]); imo->imo_multicast_ifp = NULL; @@ -545,7 +545,7 @@ pfsyncioctl(struct ifnet *ifp, u_long cmd, caddr_t data) imo->imo_multicast_loop = 0; } splx(s); - + break; default: @@ -563,7 +563,7 @@ pfsync_setmtu(struct pfsync_softc *sc, int mtu_req) if (sc->sc_sync_ifp && sc->sc_sync_ifp->if_mtu < mtu_req) mtu = sc->sc_sync_ifp->if_mtu; else - mtu = mtu_req; + mtu = mtu_req; sc->sc_maxcount = (mtu - sizeof(struct pfsync_header)) / sizeof(struct pfsync_state); @@ -614,7 +614,7 @@ pfsync_get_mbuf(struct pfsync_softc *sc, u_int8_t action, void **sp) return (NULL); } m->m_data += (MCLBYTES - len) &~ (sizeof(long) - 1); - } else + } else MH_ALIGN(m, len); m->m_pkthdr.rcvif = NULL; @@ -691,7 +691,7 @@ pfsync_pack_state(u_int8_t action, struct pf_state *st) if (sp == NULL) { /* not a "duplicate" update */ sp = sc->sc_sp.s++; - sc->sc_mbuf->m_pkthdr.len = + sc->sc_mbuf->m_pkthdr.len = sc->sc_mbuf->m_len += sizeof(struct pfsync_state); h->count++; bzero(sp, sizeof(*sp)); @@ -750,7 +750,7 @@ pfsync_pack_state(u_int8_t action, struct pf_state *st) break; } } - + if (newaction) { if (sc->sc_mbuf_net == NULL) { if ((sc->sc_mbuf_net = pfsync_get_mbuf(sc, newaction, @@ -760,7 +760,7 @@ pfsync_pack_state(u_int8_t action, struct pf_state *st) } } h_net = mtod(sc->sc_mbuf_net, struct pfsync_header *); - + switch (newaction) { case PFSYNC_ACT_UPD_C: if (i < h->count) { diff --git a/sys/net/if_pfsync.h b/sys/net/if_pfsync.h index 6d6ad601dd0..8ab7442e2d6 100644 --- a/sys/net/if_pfsync.h +++ b/sys/net/if_pfsync.h @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.h,v 1.4 2003/12/15 07:11:30 mcbride Exp $ */ +/* $OpenBSD: if_pfsync.h,v 1.5 2003/12/15 07:28:25 mcbride Exp $ */ /* * Copyright (c) 2001 Michael Shalayeff @@ -110,8 +110,8 @@ struct pfsync_state_clr { #ifdef _KERNEL -union sc_sp { - struct pfsync_state *s; +union sc_sp { + struct pfsync_state *s; struct pfsync_state_upd *u; struct pfsync_state_del *d; struct pfsync_state_clr *c; @@ -126,7 +126,7 @@ struct pfsync_softc { struct mbuf *sc_mbuf; /* current cummulative mbuf */ struct mbuf *sc_mbuf_net; /* current cummulative mbuf */ union sc_sp sc_sp; - union sc_sp sc_sp_net; + union sc_sp sc_sp_net; int sc_maxcount; /* number of states in mtu */ int sc_maxupdates; /* number of updates/state */ }; @@ -141,7 +141,7 @@ struct pfsync_header { #define PFSYNC_ACT_CLR 0 /* clear all states */ #define PFSYNC_ACT_INS 1 /* insert state */ #define PFSYNC_ACT_UPD 2 /* update state */ -#define PFSYNC_ACT_DEL 3 /* delete state */ +#define PFSYNC_ACT_DEL 3 /* delete state */ #define PFSYNC_ACT_UPD_C 4 /* "compressed" state update */ #define PFSYNC_ACT_DEL_C 5 /* "compressed" state delete */ #define PFSYNC_ACT_INS_F 6 /* insert fragment */ @@ -155,7 +155,7 @@ struct pfsync_header { "CLR ST", "INS ST", "UPD ST", "DEL ST", \ "UPD ST COMP", "DEL ST COMP", "INS FR", "DEL FR" -#define PFSYNC_DFLTTL 255 +#define PFSYNC_DFLTTL 255 struct pfsyncstats { u_long pfsyncs_ipackets; /* total input packets, IPv4 */ diff --git a/sys/net/pf.c b/sys/net/pf.c index 14bdf9624d3..348a9ab3fe7 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.409 2003/12/15 07:11:30 mcbride Exp $ */ +/* $OpenBSD: pf.c,v 1.410 2003/12/15 07:28:25 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -516,7 +516,7 @@ pf_insert_src_node(struct pf_src_node **sn, struct pf_rule *rule, } if (*sn == NULL) { if (!rule->max_src_nodes || - rule->src_nodes < rule->max_src_nodes) + rule->src_nodes < rule->max_src_nodes) (*sn) = pool_get(&pf_src_tree_pl, PR_NOWAIT); if ((*sn) == NULL) return (-1); @@ -702,14 +702,14 @@ pf_src_tree_remove_state(struct pf_state *s) { u_int32_t timeout; - if (s->src_node != NULL) { + if (s->src_node != NULL) { if (--s->src_node->states <= 0) { timeout = s->rule.ptr->timeout[PFTM_SRC_NODE]; - if (!timeout) - timeout = pf_default_rule.timeout[PFTM_SRC_NODE]; + if (!timeout) + timeout = pf_default_rule.timeout[PFTM_SRC_NODE]; s->src_node->expire = time.tv_sec + timeout; } - } + } if (s->nat_src_node != s->src_node && s->nat_src_node != NULL) { if (--s->nat_src_node->states <= 0) { timeout = s->rule.ptr->timeout[PFTM_SRC_NODE]; @@ -2496,12 +2496,12 @@ pf_test_tcp(struct pf_rule **rm, struct pf_state **sm, int direction, goto cleanup; /* src node for flter rule */ if ((r->rule_flag & PFRULE_SRCTRACK || - r->rpool.opts & PF_POOL_STICKYADDR) && - pf_insert_src_node(&sn, r, saddr, af) != 0) + r->rpool.opts & PF_POOL_STICKYADDR) && + pf_insert_src_node(&sn, r, saddr, af) != 0) goto cleanup; /* src node for translation rule */ if (nr != NULL && (nr->rpool.opts & PF_POOL_STICKYADDR) && - ((direction == PF_OUT && + ((direction == PF_OUT && pf_insert_src_node(&nsn, nr, &pd->baddr, af) != 0) || (pf_insert_src_node(&nsn, nr, saddr, af) != 0))) goto cleanup; @@ -2829,12 +2829,12 @@ pf_test_udp(struct pf_rule **rm, struct pf_state **sm, int direction, goto cleanup; /* src node for flter rule */ if ((r->rule_flag & PFRULE_SRCTRACK || - r->rpool.opts & PF_POOL_STICKYADDR) && - pf_insert_src_node(&sn, r, saddr, af) != 0) + r->rpool.opts & PF_POOL_STICKYADDR) && + pf_insert_src_node(&sn, r, saddr, af) != 0) goto cleanup; /* src node for translation rule */ if (nr != NULL && (nr->rpool.opts & PF_POOL_STICKYADDR) && - ((direction == PF_OUT && + ((direction == PF_OUT && pf_insert_src_node(&nsn, nr, &pd->baddr, af) != 0) || (pf_insert_src_node(&nsn, nr, saddr, af) != 0))) goto cleanup; @@ -2982,7 +2982,7 @@ pf_test_icmp(struct pf_rule **rm, struct pf_state **sm, int direction, if (direction == PF_OUT) { /* check outgoing packet for BINAT/NAT */ - if ((nr = pf_get_translation(pd, m, off, PF_OUT, ifp, &nsn, + if ((nr = pf_get_translation(pd, m, off, PF_OUT, ifp, &nsn, saddr, 0, daddr, 0, &pd->naddr, NULL)) != NULL) { PF_ACPY(&pd->baddr, saddr, af); switch (af) { @@ -3110,12 +3110,12 @@ pf_test_icmp(struct pf_rule **rm, struct pf_state **sm, int direction, goto cleanup; /* src node for flter rule */ if ((r->rule_flag & PFRULE_SRCTRACK || - r->rpool.opts & PF_POOL_STICKYADDR) && - pf_insert_src_node(&sn, r, saddr, af) != 0) + r->rpool.opts & PF_POOL_STICKYADDR) && + pf_insert_src_node(&sn, r, saddr, af) != 0) goto cleanup; /* src node for translation rule */ if (nr != NULL && (nr->rpool.opts & PF_POOL_STICKYADDR) && - ((direction == PF_OUT && + ((direction == PF_OUT && pf_insert_src_node(&nsn, nr, &pd->baddr, af) != 0) || (pf_insert_src_node(&nsn, nr, saddr, af) != 0))) goto cleanup; @@ -3372,12 +3372,12 @@ pf_test_other(struct pf_rule **rm, struct pf_state **sm, int direction, goto cleanup; /* src node for flter rule */ if ((r->rule_flag & PFRULE_SRCTRACK || - r->rpool.opts & PF_POOL_STICKYADDR) && - pf_insert_src_node(&sn, r, saddr, af) != 0) + r->rpool.opts & PF_POOL_STICKYADDR) && + pf_insert_src_node(&sn, r, saddr, af) != 0) goto cleanup; /* src node for translation rule */ if (nr != NULL && (nr->rpool.opts & PF_POOL_STICKYADDR) && - ((direction == PF_OUT && + ((direction == PF_OUT && pf_insert_src_node(&nsn, nr, &pd->baddr, af) != 0) || (pf_insert_src_node(&nsn, nr, saddr, af) != 0))) goto cleanup; @@ -5673,7 +5673,7 @@ done: if (s->src_node != NULL) { s->src_node->packets++; s->src_node->bytes += pd.tot_len; - } + } if (s->nat_src_node != NULL) { s->nat_src_node->packets++; s->nat_src_node->bytes += pd.tot_len; diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 2d0493f9538..1a745da2b01 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.90 2003/12/15 07:11:30 mcbride Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.91 2003/12/15 07:28:25 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1514,7 +1514,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) } old_limit = pf_pool_limits[pl->index].limit; pf_pool_limits[pl->index].limit = pl->limit; - if (pl->index == PF_LIMIT_SRC_NODES) + if (pl->index == PF_LIMIT_SRC_NODES) pf_default_rule.max_src_nodes = pl->limit; pl->limit = old_limit; break; |