forked from freebsd/freebsd-src
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmlf_rule.c
168 lines (143 loc) · 3.17 KB
/
mlf_rule.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
/* $FreeBSD$ */
/*
* Copyright (C) 2012 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
/*
* 29/12/94 Added code from Marc Huber <[email protected]> to allow it to allocate
* its own major char number! Way cool patch!
*/
#include <sys/param.h>
#if defined(__FreeBSD__) && (__FreeBSD__ > 1)
# ifdef IPFILTER_LKM
# include <osreldate.h>
# define ACTUALLY_LKM_NOT_KERNEL
# else
# include <sys/osreldate.h>
# endif
#endif
#include <sys/systm.h>
#if defined(__FreeBSD_version) && (__FreeBSD_version >= 220000)
# include <sys/conf.h>
# include <sys/kernel.h>
# ifdef DEVFS
# include <sys/devfsext.h>
# endif /*DEVFS*/
#endif
#include <sys/conf.h>
#include <sys/file.h>
#if defined(__FreeBSD_version) && (__FreeBSD_version >= 300000)
# include <sys/lock.h>
#endif
#include <sys/stat.h>
#include <sys/proc.h>
#include <sys/kernel.h>
#include <sys/vnode.h>
#include <sys/namei.h>
#include <sys/malloc.h>
#include <sys/mount.h>
#include <sys/exec.h>
#include <sys/mbuf.h>
#if BSD >= 199506
# include <sys/sysctl.h>
#endif
#if (__FreeBSD_version >= 300000)
# include <sys/socket.h>
#endif
#if (__FreeBSD_version >= 199511)
#include <net/if.h>
#include <netinet/in_systm.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <net/route.h>
#include <netinet/ip_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#endif
#if (__FreeBSD__ > 1)
# include <sys/sysent.h>
#endif
#include <sys/lkm.h>
#include "netinet/ip_compat.h"
#include "netinet/ip_fil.h"
#include "netinet/ip_rules.h"
int xxxinit __P((struct lkm_table *, int, int));
#if !defined(__FreeBSD_version) || (__FreeBSD_version < 220000)
MOD_DEV(IPL_VERSION, LM_DT_CHAR, -1, &ipldevsw);
#endif
static int ipfrule_ioctl __P((struct lkm_table *, int));
#if defined(__FreeBSD_version) && (__FreeBSD_version < 220000)
int xxxinit(lkmtp, cmd, ver)
struct lkm_table *lkmtp;
int cmd, ver;
{
DISPATCH(lkmtp, cmd, ver, ipfrule_ioctl, ipfrule_ioctl, ipfrule_ioctl);
}
#else /* __FREEBSD_version >= 220000 */
# ifdef IPFILTER_LKM
# include <sys/exec.h>
# if (__FreeBSD_version >= 300000)
MOD_MISC(ipfrule);
# else
MOD_DECL(ipfrule);
static struct lkm_misc _module = {
LM_MISC,
LKM_VERSION,
"IP Filter rules",
0,
};
# endif
int ipfrule __P((struct lkm_table *, int, int));
int ipfrule(lkmtp, cmd, ver)
struct lkm_table *lkmtp;
int cmd, ver;
{
# if (__FreeBSD_version >= 300000)
MOD_DISPATCH(ipfrule, lkmtp, cmd, ver, ipfrule_ioctl, ipfrule_ioctl,
ipfrule_ioctl);
# else
DISPATCH(lkmtp, cmd, ver, ipfrule_ioctl, ipfrule_ioctl, ipfrule_ioctl);
# endif
}
# endif /* IPFILTER_LKM */
int ipfrule_load(lkmtp, cmd)
struct lkm_table *lkmtp;
int cmd;
{
return ipfrule_add();
}
int ipfrule_unload(lkmtp, cmd)
struct lkm_table *lkmtp;
int cmd;
{
return ipfrule_remove();
}
static int ipfrule_ioctl(lkmtp, cmd)
struct lkm_table *lkmtp;
int cmd;
{
int err = 0;
switch (cmd)
{
case LKM_E_LOAD :
if (lkmexists(lkmtp))
return EEXIST;
err = ipfrule_load(lkmtp, cmd);
if (!err)
ipf_refcnt++;
break;
case LKM_E_UNLOAD :
err = ipfrule_unload(lkmtp, cmd);
if (!err)
ipf_refcnt--;
break;
case LKM_E_STAT :
break;
default:
err = EIO;
break;
}
return err;
}
#endif /* _FreeBSD_version */