*/
/*
- * $Id: missing.h 4696 2010-01-07 12:37:09Z marta $
+ * $Id: missing.h 5817 2010-03-23 09:50:56Z svn_panicucci $
*
* Header for kernel variables and functions that are not available in
* userland.
#define DEFINE_SPINLOCK(x) spinlock_t x = SPIN_LOCK_UNLOCKED
#endif
-#endif /* __linux__ */
#define rw_assert(a, b)
#define rw_destroy(_l)
#define mtx_lock(_l) spin_lock_bh(_l)
#define mtx_unlock(_l) spin_unlock_bh(_l)
+#endif /* __linux__ */
/* end of locking support */
+/*
+ * Reference to an ipfw rule that can be carried outside critical sections.
+ * A rule is identified by rulenum:rule_id which is ordered.
+ * In version chain_id the rule can be found in slot 'slot', so
+ * we don't need a lookup if chain_id == chain->id.
+ *
+ * On exit from the firewall this structure refers to the rule after
+ * the matching one (slot points to the new rule; rulenum:rule_id-1
+ * is the matching rule), and additional info (e.g. info often contains
+ * the insn argument or tablearg in the low 16 bits, in host format).
+ * On entry, the structure is valid if slot>0, and refers to the starting
+ * rules. 'info' contains the reason for reinject, e.g. divert port,
+ * divert direction, and so on.
+ */
+struct ipfw_rule_ref {
+ uint32_t slot; /* slot for matching rule */
+ uint32_t rulenum; /* matching rule number */
+ uint32_t rule_id; /* matching rule id */
+ uint32_t chain_id; /* ruleset id */
+ uint32_t info; /* see below */
+};
+
+enum {
+ IPFW_INFO_MASK = 0x0000ffff,
+ IPFW_INFO_OUT = 0x00000000, /* outgoing, just for convenience */
+ IPFW_INFO_IN = 0x80000000, /* incoming, overloads dir */
+ IPFW_ONEPASS = 0x40000000, /* One-pass, do not reinject */
+ IPFW_IS_MASK = 0x30000000, /* which source ? */
+ IPFW_IS_DIVERT = 0x20000000,
+ IPFW_IS_DUMMYNET =0x10000000,
+ IPFW_IS_PIPE = 0x08000000, /* pipe=1, queue = 0 */
+};
+
/* in netinet/in.h */
#define in_nullhost(x) ((x).s_addr == INADDR_ANY)
/* ethernet stuff */
#define ETHERTYPE_IP 0x0800 /* IP protocol */
-#define ETHER_ADDR_LEN 6 /* length of an Ethernet address */
+//#define ETHER_ADDR_LEN 6 /* length of an Ethernet address */
struct ether_header {
u_char ether_dhost[ETHER_ADDR_LEN];
u_char ether_shost[ETHER_ADDR_LEN];
u_short ether_type;
};
-#define ETHER_ADDR_LEN 6 /* length of an Ethernet address */
#define ETHER_TYPE_LEN 2 /* length of the Ethernet type field */
#define ETHER_HDR_LEN (ETHER_ADDR_LEN*2+ETHER_TYPE_LEN)
extern int hz;
extern long tick; /* exists in 2.4 but not in 2.6 */
extern int bootverbose;
-extern time_t time_uptime;
extern struct timeval boottime;
+/* The time_uptime a FreeBSD variable increased each second */
+#ifdef __linux__
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,37) /* revise boundaries */
+#define time_uptime get_seconds()
+#else /* OpenWRT */
+#define time_uptime CURRENT_TIME
+#endif
+#else /* WIN32 */
+#define time_uptime time_uptime_w32()
+#endif
+
extern int max_linkhdr;
extern int ip_defttl;
extern u_long in_ifaddrhmask; /* mask for hash table */
int dummy; /* windows compiler does not like empty definition */
};
+#ifndef _WIN32
struct route {
struct rtentry *ro_rt;
struct sockaddr ro_dst;
};
+#endif
struct ifaltq {
void *ifq_head;
struct sysctl_oid;
struct sysctl_req;
-/*
- * sysctl are mapped into /sys/module/ipfw_mod parameters
- */
-#define CTLFLAG_RD 1
-#define CTLFLAG_RDTUN 1
-#define CTLFLAG_RW 2
-#define CTLFLAG_SECURE3 0 // unsupported
-#define CTLFLAG_VNET 0 /* unsupported */
-
#ifdef _WIN32
#define module_param_named(_name, _var, _ty, _perm)
-#else
+#else /* !_WIN32 */
/* Linux 2.4 is mostly for openwrt */
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
#define module_param_named(_name, _var, _ty, _perm) \
//module_param(_name, _ty, 0644)
#endif
-#endif /* __linux__ */
+
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,25)
typedef unsigned long uintptr_t;
+
+#ifdef __i386__
+static inline unsigned long __fls(unsigned long word)
+{
+ asm("bsr %1,%0"
+ : "=r" (word)
+ : "rm" (word));
+ return word;
+}
#endif
+#endif /* LINUX < 2.6.25 */
+
+#endif /* !_WIN32 so maybe __linux__ */
+
+#if defined (__linux__) && !defined (EMULATE_SYSCTL)
#define SYSCTL_DECL(_1)
#define SYSCTL_OID(_1, _2, _3, _4, _5, _6, _7, _8)
#define SYSCTL_NODE(_1, _2, _3, _4, _5, _6)
#define SYSCTL_UINT(_base, _oid, _name, _mode, _var, _val, _desc) \
_SYSCTL_BASE(_name, _var, uint, _mode)
+#define TUNABLE_INT(_name, _ptr)
+
+#define SYSCTL_VNET_PROC SYSCTL_PROC
+#define SYSCTL_VNET_INT SYSCTL_INT
+
+#endif
+
#define SYSCTL_HANDLER_ARGS \
struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req *req
int sysctl_handle_int(SYSCTL_HANDLER_ARGS);
int sysctl_handle_long(SYSCTL_HANDLER_ARGS);
-#define TUNABLE_INT(_name, _ptr)
void ether_demux(struct ifnet *ifp, struct mbuf *m);
/* vnet wrappers, in vnet.h and ip_var.h */
//int ipfw_init(void);
//void ipfw_destroy(void);
+
+#define MTAG_IPFW 1148380143 /* IPFW-tagged cookie */
+#define MTAG_IPFW_RULE 1262273568 /* rule reference */
+
struct ip_fw_args;
extern int (*ip_dn_io_ptr)(struct mbuf **m, int dir, struct ip_fw_args *fwa);
#define VNET_PTR(n) (&(n))
#define VNET(n) (n)
-int
-ipfw_check_hook(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
- struct inpcb *inp);
+int ipfw_check_hook(void *arg, struct mbuf **m0, struct ifnet *ifp,
+ int dir, struct inpcb *inp);
+
+/* hooks for divert */
+extern void (*ip_divert_ptr)(struct mbuf *m, int incoming);
extern int (*ip_dn_ctl_ptr)(struct sockopt *);
typedef int ip_fw_ctl_t(struct sockopt *);
extern ip_fw_ctl_t *ip_fw_ctl_ptr;
+/* netgraph prototypes */
+typedef int ng_ipfw_input_t(struct mbuf **, int, struct ip_fw_args *, int);
+extern ng_ipfw_input_t *ng_ipfw_input_p;
+
/* For kernel ipfw_ether and ipfw_bridge. */
struct ip_fw_args;
typedef int ip_fw_chk_t(struct ip_fw_args *args);
#define V_tcbinfo VNET(tcbinfo)
#define V_udbinfo VNET(udbinfo)
-#define SYSCTL_VNET_PROC SYSCTL_PROC
-#define SYSCTL_VNET_INT SYSCTL_INT
-
#endif /* !_MISSING_H_ */