16 files changed, 307 insertions, 42 deletions
diff --git a/sys/net/bpf.c b/sys/net/bpf.c
index 65fd1e3a1ef..034143e3081 100644
--- a/sys/net/bpf.c
+++ b/sys/net/bpf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bpf.c,v 1.16 1999/05/26 19:26:11 brad Exp $	*/
+/*	$OpenBSD: bpf.c,v 1.17 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $	*/
 
 /*
@@ -52,6 +52,7 @@
 #include <sys/ioctl.h>
 #include <sys/map.h>
 #include <sys/conf.h>
+#include <sys/vnode.h>
 
 #include <sys/file.h>
 #if defined(sparc) && BSD < 199103
@@ -1348,6 +1349,49 @@ bpfattach(driverp, ifp, dlt, hdrlen)
 #endif
 }
 
+/* Detach an interface from its attached bpf device.  */
+void
+bpfdetach(ifp)
+	struct ifnet *ifp;
+{
+	struct bpf_if *bp, *nbp, **pbp = &bpf_iflist;
+	struct bpf_d *bd;
+	int maj, mn;
+
+	for (bp = bpf_iflist; bp; bp = nbp) {
+		nbp= bp->bif_next;
+		if (bp->bif_ifp == ifp) {
+			*pbp = nbp;
+
+			/* Locate the major number. */
+			for (maj = 0; maj < nchrdev; maj++)
+				if (cdevsw[maj].d_open == bpfopen)
+					break;
+
+			for (bd = bp->bif_dlist; bd; bd = bp->bif_dlist)
+				/*
+				 * Locate the minor number and nuke the vnode
+				 * for any open instance.
+				 */
+				for (mn = 0; mn < NBPFILTER; mn++)
+					if (&bpf_dtab[mn] == bd) {
+						vdevgone(maj, mn, mn, VCHR);
+						break;
+					}
+
+#if BSD < 199103
+			if (bp == &bpf_ifs[bpfifno - 1])
+				bpfifno--;
+			else
+				printf("bpfdetach: leaked one bpf\n");
+#else
+			free(bp, M_DEVBUF);
+#endif
+		}
+		pbp = &bp->bif_next;
+	}
+}
+
 #if BSD >= 199103
 /* XXX This routine belongs in net/if.c. */
 /*
diff --git a/sys/net/bpf.h b/sys/net/bpf.h
index b02edb16790..9717881967a 100644
--- a/sys/net/bpf.h
+++ b/sys/net/bpf.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bpf.h,v 1.11 1999/07/04 18:44:28 brad Exp $	*/
+/*	$OpenBSD: bpf.h,v 1.12 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: bpf.h,v 1.15 1996/12/13 07:57:33 mikel Exp $	*/
 
 /*
@@ -262,6 +262,7 @@ int	 bpf_validate __P((struct bpf_insn *, int));
 void	 bpf_tap __P((caddr_t, u_char *, u_int));
 void	 bpf_mtap __P((caddr_t, struct mbuf *));
 void	 bpfattach __P((caddr_t *, struct ifnet *, u_int, u_int));
+void	 bpfdetach __P((struct ifnet *));
 void	 bpfilterattach __P((int));
 u_int	 bpf_filter __P((struct bpf_insn *, u_char *, u_int, u_int));
 #endif
diff --git a/sys/net/bpfdesc.h b/sys/net/bpfdesc.h
index 0494ed28cb5..577158c592f 100644
--- a/sys/net/bpfdesc.h
+++ b/sys/net/bpfdesc.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bpfdesc.h,v 1.4 1998/06/26 09:13:13 deraadt Exp $	*/
+/*	$OpenBSD: bpfdesc.h,v 1.5 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: bpfdesc.h,v 1.11 1995/09/27 18:30:42 thorpej Exp $	*/
 
 /*
@@ -105,3 +105,4 @@ struct bpf_if {
 #ifdef _KERNEL
 int	 bpf_setf __P((struct bpf_d *, struct bpf_program *));
 #endif
+
diff --git a/sys/net/if.c b/sys/net/if.c
index 727a6e6b8e2..48c6d321475 100644
--- a/sys/net/if.c
+++ b/sys/net/if.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if.c,v 1.19 1999/07/04 20:39:28 deraadt Exp $	*/
+/*	$OpenBSD: if.c,v 1.20 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $	*/
 
 /*
@@ -36,6 +36,9 @@
  *	@(#)if.c	8.3 (Berkeley) 1/4/94
  */
 
+#include "bpfilter.h"
+#include "bridge.h"
+
 #include <sys/param.h>
 #include <sys/mbuf.h>
 #include <sys/systm.h>
@@ -50,8 +53,34 @@
 #include <net/if_dl.h>
 #include <net/if_types.h>
 #include <net/radix.h>
+#include <net/route.h>
 
-static void if_attachsetup __P((struct ifnet *));
+#ifdef INET
+#include <netinet/in.h>
+#include <netinet/in_var.h>
+#include <netinet/if_ether.h>
+#include <netinet/igmp.h>
+#ifdef MROUTING
+#include <netinet/ip_mrouting.h>
+#endif
+#endif
+
+#ifdef IPFILTER
+#include <netinet/ip_fil_compat.h>
+#include <netinet/ip_fil.h>
+#include <netinet/ip_nat.h>
+#endif
+
+#if NBPFILTER > 0
+#include <net/bpf.h>
+#endif
+
+#if NBRIDGE > 0
+#include <net/if_bridge.h>
+#endif
+
+void	if_attachsetup __P((struct ifnet *));
+int	if_detach_rtdelete __P((struct radix_node *, void *));
 
 int	ifqmaxlen = IFQ_MAXLEN;
 void	if_slowtimo __P((void *arg));
@@ -80,7 +109,7 @@ struct ifaddr **ifnet_addrs;
  * Attach an interface to the
  * list of "active" interfaces.
  */
-static void
+void
 if_attachsetup(ifp)
 	struct ifnet *ifp;
 {
@@ -157,6 +186,101 @@ if_attach(ifp)
 }
 
 /*
+ * Delete a route if it has a specific interface for output.
+ * This function complies to the rn_walktree callback API.
+ */
+int
+if_detach_rtdelete(rn, vifp)
+	struct radix_node *rn;
+	void *vifp;
+{
+	struct ifnet *ifp = vifp;
+	struct rtentry *rt = (struct rtentry *)rn;
+
+	if (rt->rt_ifp == ifp)
+		rtrequest(RTM_DELETE, rt_key(rt), rt->rt_gateway, rt_mask(rt),
+		    0, NULL);
+
+	/*
+	 * XXX There should be no need to check for rt_ifa belonging to this
+	 * interface, because then rt_ifp is set, right?
+	 */
+
+	return (0);
+}
+
+/*
+ * Detach an interface from everything in the kernel.  Also deallocate
+ * private resources.
+ * XXX So far only the INET protocol family has been looked over
+ * wrt resource usage that needs to be decoupled.
+ */
+void
+if_detach(ifp)
+	struct ifnet *ifp;
+{
+	struct ifaddr *ifa;
+	int i, s = splimp();
+	struct radix_node_head *rnh;
+
+#if NBRIDGE > 0
+	/* Remove the interface from any bridge it is part of.  */
+	if (ifp->if_bridge)
+		bridge_ifdetach(ifp);
+#endif
+
+#if NBPFILTER > 0
+	/* If there is a bpf device attached, detach from it.  */
+	if (ifp->if_bpf)
+		bpfdetach(ifp);
+#endif
+
+	/*
+	 * Find and remove all routes which is using this interface.
+	 * XXX Factor out into a route.c function?
+	 */
+	for (i = 1; i <= AF_MAX; i++) {
+		rnh = rt_tables[i];
+		if (rnh)
+			(*rnh->rnh_walktree)(rnh, if_detach_rtdelete, ifp);
+	}
+
+#ifdef INET
+	rti_delete(ifp);
+	myip_ifp = NULL;
+#ifdef MROUTING
+	vif_delete(ifp);
+#endif
+#endif
+
+#ifdef IPFILTER
+	/* XXX More ipf & ipnat cleanup needed.  */
+	nat_ifdetach(ifp);
+#endif
+
+	/*
+	 * XXX transient ifp refs?  inpcb.ip_moptions.imo_multicast_ifp?
+	 * Other network stacks than INET?
+	 */
+
+	/* Remove the interface from the list of all interfaces.  */
+	TAILQ_REMOVE(&ifnet, ifp, if_list);
+
+	/* Deallocate private resources.  */
+	for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa;
+	    ifa = TAILQ_FIRST(&ifp->if_addrlist)) {
+		TAILQ_REMOVE(&ifp->if_addrlist, ifa, ifa_list);
+#ifdef INET
+		if (ifa->ifa_addr->sa_family == AF_INET)
+			TAILQ_REMOVE(&in_ifaddr, (struct in_ifaddr *)ifa,
+			    ia_list);
+#endif
+		free(ifa, M_IFADDR);
+	}
+	splx(s);
+}
+
+/*
  * Locate an interface based on a complete address.
  */
 /*ARGSUSED*/
@@ -306,8 +430,6 @@ ifaof_ifpforaddr(addr, ifp)
 	return (ifa_maybe);
 }
 
-#include <net/route.h>
-
 /*
  * Default action when installing a route with a Link Level gateway.
  * Lookup an appropriate real ifa to point to.
diff --git a/sys/net/if.h b/sys/net/if.h
index 1cf3802ac3f..2fed82f3649 100644
--- a/sys/net/if.h
+++ b/sys/net/if.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if.h,v 1.12 1999/06/23 21:55:28 cmetz Exp $	*/
+/*	$OpenBSD: if.h,v 1.13 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: if.h,v 1.23 1996/05/07 02:40:27 thorpej Exp $	*/
 
 /*
@@ -355,6 +355,7 @@ struct	if_nameindex *if_nameindex __P((void));
 struct ifnet_head ifnet;
 
 void	ether_ifattach __P((struct ifnet *));
+void	ether_ifdetach __P((struct ifnet *));
 int	ether_ioctl __P((struct ifnet *, struct arpcom *, u_long, caddr_t));
 void	ether_input __P((struct ifnet *, struct ether_header *, struct mbuf *));
 int	ether_output __P((struct ifnet *,
@@ -364,6 +365,7 @@ char	*ether_sprintf __P((u_char *));
 void	if_attach __P((struct ifnet *));
 void	if_attachtail __P((struct ifnet *));
 void	if_attachhead __P((struct ifnet *));
+void	if_detach __P((struct ifnet *));
 void	if_down __P((struct ifnet *));
 void	if_qflush __P((struct ifqueue *));
 void	if_slowtimo __P((void *));
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
index 5e854683c5c..1a870eddb45 100644
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_bridge.c,v 1.12 1999/07/24 19:11:13 jason Exp $	*/
+/*	$OpenBSD: if_bridge.c,v 1.13 1999/08/08 00:43:00 niklas Exp $	*/
 
 /*
  * Copyright (c) 1999 Jason L. Wright (jason@thought.net)
@@ -442,6 +442,24 @@ bridge_ioctl(ifp, cmd, data)
 	return (error);
 }
 
+/* Detach an interface from a bridge.  */
+void
+bridge_ifdetach(ifp)
+	struct ifnet *ifp;
+{
+	struct bridge_softc *bsc = (struct bridge_softc *)ifp->if_bridge;
+	struct bridge_iflist *bif;
+
+	for (bif = LIST_FIRST(&bsc->sc_iflist); bif;
+	    bif = LIST_NEXT(bif, next))
+		if (bif->ifp == ifp) {
+			LIST_REMOVE(bif, next);
+			bridge_rtdelete(bsc, ifp);
+			free(bif, M_DEVBUF);
+			break;
+		}
+}
+
 int
 bridge_bifconf(sc, bifc)
 	struct bridge_softc *sc;
diff --git a/sys/net/if_bridge.h b/sys/net/if_bridge.h
index ca4e89e34dc..227aca32b4f 100644
--- a/sys/net/if_bridge.h
+++ b/sys/net/if_bridge.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_bridge.h,v 1.6 1999/03/19 22:47:33 jason Exp $	*/
+/*	$OpenBSD: if_bridge.h,v 1.7 1999/08/08 00:43:00 niklas Exp $	*/
 
 /*
  * Copyright (c) 1999 Jason L. Wright (jason@thought.net)
@@ -101,8 +101,9 @@ struct ifbcachetoreq {
 
 
 #ifdef _KERNEL
-struct mbuf *	bridge_input	__P((struct ifnet *, struct ether_header *,
+void	bridge_ifdetach __P((struct ifnet *));
+struct mbuf *bridge_input __P((struct ifnet *, struct ether_header *,
     struct mbuf *));
-int		bridge_output	__P((struct ifnet *, struct mbuf *,
-    struct sockaddr *, struct rtentry *rt));
+int	bridge_output __P((struct ifnet *, struct mbuf *, struct sockaddr *,
+    struct rtentry *rt));
 #endif /* _KERNEL */
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index e7b8b53e452..78ecef3d472 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_ethersubr.c,v 1.28 1999/02/26 17:01:32 jason Exp $	*/
+/*	$OpenBSD: if_ethersubr.c,v 1.29 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: if_ethersubr.c,v 1.19 1996/05/07 02:40:30 thorpej Exp $	*/
 
 /*
@@ -808,6 +808,20 @@ ether_ifattach(ifp)
 	LIST_INIT(&((struct arpcom *)ifp)->ac_multiaddrs);
 }
 
+void
+ether_ifdetach(ifp)
+	struct ifnet *ifp;
+{
+	struct arpcom *ac = (struct arpcom *)ifp;
+	struct ether_multi *enm;
+
+	for (enm = LIST_FIRST(&ac->ac_multiaddrs); enm;
+	    enm = LIST_FIRST(&ac->ac_multiaddrs)) {
+		LIST_REMOVE(enm, enm_list);
+		free(enm, M_IFMADDR);
+	}
+}
+
 u_char	ether_ipmulticast_min[6] = { 0x01, 0x00, 0x5e, 0x00, 0x00, 0x00 };
 u_char	ether_ipmulticast_max[6] = { 0x01, 0x00, 0x5e, 0x7f, 0xff, 0xff };
 
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c
index 5e5bc3a8cfa..3cf783738a4 100644
--- a/sys/netinet/if_ether.c
+++ b/sys/netinet/if_ether.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_ether.c,v 1.16 1999/08/02 22:51:15 deraadt Exp $	*/
+/*	$OpenBSD: if_ether.c,v 1.17 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $	*/
 
 /*
@@ -98,10 +98,10 @@ int	useloopback = 1;	/* use loopback interface for local traffic */
 int	arpinit_done = 0;
 
 /* revarp state */
-static struct	in_addr myip, srv_ip;
-static int	myip_initialized = 0;
-static int	revarp_in_progress = 0;
-static struct	ifnet *myip_ifp = NULL;
+static struct in_addr myip, srv_ip;
+static int myip_initialized = 0;
+static int revarp_in_progress = 0;
+struct ifnet *myip_ifp = NULL;
 
 static void arptimer __P((void *));
 static void arprequest __P((struct arpcom *, u_int32_t *, u_int32_t *,
diff --git a/sys/netinet/if_ether.h b/sys/netinet/if_ether.h
index 7521e3df53f..25045da1c93 100644
--- a/sys/netinet/if_ether.h
+++ b/sys/netinet/if_ether.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_ether.h,v 1.8 1999/08/02 22:51:16 deraadt Exp $	*/
+/*	$OpenBSD: if_ether.h,v 1.9 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: if_ether.h,v 1.22 1996/05/11 13:00:00 mycroft Exp $	*/
 
 /*
@@ -237,6 +237,8 @@ struct ether_multistep {
 
 #ifdef _KERNEL
 
+extern struct ifnet *myip_ifp;
+
 void arp_rtrequest __P((int, struct rtentry *, struct sockaddr *));
 int arpresolve __P((struct arpcom *, struct rtentry *, struct mbuf *,
 		    struct sockaddr *, u_char *));
diff --git a/sys/netinet/igmp.c b/sys/netinet/igmp.c
index 2325d1a2fee..61c70584d87 100644
--- a/sys/netinet/igmp.c
+++ b/sys/netinet/igmp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: igmp.c,v 1.4 1998/05/18 21:10:24 provos Exp $	*/
+/*	$OpenBSD: igmp.c,v 1.5 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: igmp.c,v 1.15 1996/02/13 23:41:25 christos Exp $	*/
 
 /*
@@ -98,6 +98,22 @@ rti_find(ifp)
 }
 
 void
+rti_delete(ifp)
+	struct ifnet *ifp;
+{
+	struct router_info *rti, **prti = &rti_head;
+
+	for (rti = rti_head; rti != 0; rti = rti->rti_next) {
+		if (rti->rti_ifp == ifp) {
+			*prti = rti->rti_next;
+			free(rti, M_MRTABLE);
+			break;
+		}
+		prti = &rti->rti_next;
+	}
+}
+
+void
 #if __STDC__
 igmp_input(struct mbuf *m, ...)
 #else
diff --git a/sys/netinet/igmp.h b/sys/netinet/igmp.h
index d04dfcf8188..ccdb5ff6bf1 100644
--- a/sys/netinet/igmp.h
+++ b/sys/netinet/igmp.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: igmp.h,v 1.2 1997/02/24 14:06:34 niklas Exp $	*/
+/*	$OpenBSD: igmp.h,v 1.3 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: igmp.h,v 1.6 1995/05/31 06:08:21 mycroft Exp $	*/
 
 /*
@@ -91,3 +91,7 @@ struct igmp {
  * Revert to v2 if we haven't heard from the router in this amount of time.
  */
 #define	IGMP_AGE_THRESHOLD	540
+
+#ifdef _KERNEL
+void	rti_delete __P((struct ifnet *));
+#endif
diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c
index b59d162d43c..4b92255467a 100644
--- a/sys/netinet/ip_mroute.c
+++ b/sys/netinet/ip_mroute.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_mroute.c,v 1.16 1999/04/28 09:28:16 art Exp $	*/
+/*	$OpenBSD: ip_mroute.c,v 1.17 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: ip_mroute.c,v 1.27 1996/05/07 02:40:50 thorpej Exp $	*/
 
 /*
@@ -689,6 +689,24 @@ del_vif(m)
 	return (0);
 }
 
+void
+vif_delete(ifp)
+	struct ifnet *ifp;
+{
+	int i;
+
+	for (i = 0; i < numvifs; i++) {
+		vifp = &viftable[i];
+		if (vifp->v_ifp == ifp)
+			bzero((caddr_t)vifp, sizeof *vifp);
+	}
+
+	for (i = numvifs; i > 0; i--)
+		if (viftable[i - 1].v_lcl_addr.s_addr != 0)
+			break;
+	numvifs = i;
+}
+
 static void
 update_mfc(mfccp, rt)
 	struct mfcctl *mfccp;
diff --git a/sys/netinet/ip_mroute.h b/sys/netinet/ip_mroute.h
index 4c1b21b0ffc..975e834e858 100644
--- a/sys/netinet/ip_mroute.h
+++ b/sys/netinet/ip_mroute.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_mroute.h,v 1.3 1999/04/20 20:06:12 niklas Exp $	*/
+/*	$OpenBSD: ip_mroute.h,v 1.4 1999/08/08 00:43:00 niklas Exp $	*/
 /*	$NetBSD: ip_mroute.h,v 1.10 1996/02/13 23:42:55 christos Exp $	*/
 
 /*
@@ -210,21 +210,22 @@ struct pkt_queue {
 	struct	  ip *pkt_ip;		/* pointer to ip header */
 };
   
-int ip_mrouter_set __P((int, struct socket *, struct mbuf **));
-int ip_mrouter_get __P((int, struct socket *, struct mbuf **));
-int mrt_ioctl __P((u_long, caddr_t));
-int ip_mrouter_done __P((void));
-void reset_vif __P((struct vif *));
+int	ip_mrouter_set __P((int, struct socket *, struct mbuf **));
+int	ip_mrouter_get __P((int, struct socket *, struct mbuf **));
+int	mrt_ioctl __P((u_long, caddr_t));
+int	ip_mrouter_done __P((void));
+void	reset_vif __P((struct vif *));
+void	vif_delete __P((struct ifnet *));
 #ifdef RSVP_ISI
-int ip_mforward __P((struct mbuf *, struct ifnet *, struct ip_moptions *));
-int legal_vif_num __P((int));
-int ip_rsvp_vif_init __P((struct socket *, struct mbuf *));
-int ip_rsvp_vif_done __P((struct socket *, struct mbuf *));
-void ip_rsvp_force_done __P((struct socket *));
-void rsvp_input __P((struct mbuf *, struct ifnet *));
+int	ip_mforward __P((struct mbuf *, struct ifnet *, struct ip_moptions *));
+int	legal_vif_num __P((int));
+int	ip_rsvp_vif_init __P((struct socket *, struct mbuf *));
+int	ip_rsvp_vif_done __P((struct socket *, struct mbuf *));
+void	ip_rsvp_force_done __P((struct socket *));
+void	rsvp_input __P((struct mbuf *, struct ifnet *));
 #else
-int ip_mforward __P((struct mbuf *, struct ifnet *));
+int	ip_mforward __P((struct mbuf *, struct ifnet *));
 #endif
-void ipip_input __P((struct mbuf *, ...));
+void	ipip_input __P((struct mbuf *, ...));
 
 #endif /* _KERNEL */
diff --git a/sys/netinet/ip_nat.c b/sys/netinet/ip_nat.c
index 219d56b6bec..b6eaf071b04 100644
--- a/sys/netinet/ip_nat.c
+++ b/sys/netinet/ip_nat.c
@@ -1,4 +1,4 @@
-/*       $OpenBSD: ip_nat.c,v 1.21 1999/06/07 22:00:34 deraadt Exp $       */
+/*       $OpenBSD: ip_nat.c,v 1.22 1999/08/08 00:43:00 niklas Exp $       */
 /*
  * Copyright (C) 1995-1998 by Darren Reed.
  *
@@ -10,7 +10,7 @@
  */
 #if !defined(lint)
 static const char sccsid[] = "@(#)ip_nat.c	1.11 6/5/96 (C) 1995 Darren Reed";
-static const char rcsid[] = "@(#)$Id: ip_nat.c,v 1.21 1999/06/07 22:00:34 deraadt Exp $";
+static const char rcsid[] = "@(#)$Id: ip_nat.c,v 1.22 1999/08/08 00:43:00 niklas Exp $";
 #endif
 
 #if defined(__FreeBSD__) && defined(KERNEL) && !defined(_KERNEL)
@@ -413,6 +413,26 @@ struct nat *natd;
 	KFREE(natd);
 }
 
+void
+nat_ifdetach(ifp)
+	struct ifnet *ifp;
+{
+	ipnat_t *n, **np;
+
+	for (np = &nat_list; (n = *np) != NULL; np = &n->in_next) {
+		*np = n->in_next;
+		if (!n->in_use) {
+			if (n->in_apr)
+				ap_free(n->in_apr);
+			KFREE(n);
+			nat_stats.ns_rules--;
+		} else {
+			n->in_flags |= IPN_DELETE;
+			n->in_next = NULL;
+		}
+		n = NULL;
+	}
+}
 
 /*
  * nat_flushtable - clear the NAT table of all mapping entries.
diff --git a/sys/netinet/ip_nat.h b/sys/netinet/ip_nat.h
index 435758221b8..7aae04b8194 100644
--- a/sys/netinet/ip_nat.h
+++ b/sys/netinet/ip_nat.h
@@ -1,4 +1,4 @@
-/*       $OpenBSD: ip_nat.h,v 1.11 1999/02/05 05:58:53 deraadt Exp $       */
+/*       $OpenBSD: ip_nat.h,v 1.12 1999/08/08 00:43:00 niklas Exp $       */
 /*
  * Copyright (C) 1995-1998 by Darren Reed.
  *
@@ -7,7 +7,7 @@
  * to the original author and the contributors.
  *
  * @(#)ip_nat.h	1.5 2/4/96
- * $Id: ip_nat.h,v 1.11 1999/02/05 05:58:53 deraadt Exp $
+ * $Id: ip_nat.h,v 1.12 1999/08/08 00:43:00 niklas Exp $
  */
 
 #ifndef	__IP_NAT_H__
@@ -162,6 +162,7 @@ extern	int	nat_ioctl __P((caddr_t, u_long, int));
 #else
 extern	int	nat_ioctl __P((caddr_t, int, int));
 #endif
+extern	void	nat_ifdetach __P((struct ifnet *));
 extern	nat_t	*nat_new __P((ipnat_t *, ip_t *, fr_info_t *, u_short, int));
 extern	nat_t	*nat_outlookup __P((void *, int, struct in_addr, u_short,
 				 struct in_addr, u_short));