Lines Matching refs:pd2
3637 struct pf_pdesc *pd2, struct pf_addr *src, struct pf_addr *dst, in pf_change_icmp_af() argument
3655 olen = pd2->off - off; in pf_change_icmp_af()
3674 ip4->ip_len = htons(sizeof(*ip4) + pd2->tot_len - olen); in pf_change_icmp_af()
3677 ip4->ip_ttl = pd2->ttl; in pf_change_icmp_af()
3678 if (pd2->proto == IPPROTO_ICMPV6) in pf_change_icmp_af()
3681 ip4->ip_p = pd2->proto; in pf_change_icmp_af()
3690 ip6->ip6_plen = htons(pd2->tot_len - olen); in pf_change_icmp_af()
3691 if (pd2->proto == IPPROTO_ICMP) in pf_change_icmp_af()
3694 ip6->ip6_nxt = pd2->proto; in pf_change_icmp_af()
3695 if (!pd2->ttl || pd2->ttl > IPV6_DEFHLIM) in pf_change_icmp_af()
3698 ip6->ip6_hlim = pd2->ttl; in pf_change_icmp_af()
3707 pd2->off += hlen - olen; in pf_change_icmp_af()
7947 struct pf_pdesc pd2; in pf_test_state_icmp() local
7948 bzero(&pd2, sizeof pd2); in pf_test_state_icmp()
7957 pd2.af = pd->af; in pf_test_state_icmp()
7958 pd2.dir = pd->dir; in pf_test_state_icmp()
7960 pd2.sidx = (pd->dir == PF_IN) ? 1 : 0; in pf_test_state_icmp()
7961 pd2.didx = (pd->dir == PF_IN) ? 0 : 1; in pf_test_state_icmp()
7962 pd2.m = pd->m; in pf_test_state_icmp()
7963 pd2.pf_mtag = pd->pf_mtag; in pf_test_state_icmp()
7964 pd2.kif = pd->kif; in pf_test_state_icmp()
7972 NULL, reason, pd2.af)) { in pf_test_state_icmp()
7988 pd2.off = ipoff2; in pf_test_state_icmp()
7989 if (pf_walk_header(&pd2, &h2, reason) != PF_PASS) in pf_test_state_icmp()
7992 pd2.tot_len = ntohs(h2.ip_len); in pf_test_state_icmp()
7993 pd2.src = (struct pf_addr *)&h2.ip_src; in pf_test_state_icmp()
7994 pd2.dst = (struct pf_addr *)&h2.ip_dst; in pf_test_state_icmp()
7995 pd2.ip_sum = &h2.ip_sum; in pf_test_state_icmp()
8003 NULL, reason, pd2.af)) { in pf_test_state_icmp()
8009 pd2.off = ipoff2; in pf_test_state_icmp()
8010 if (pf_walk_header6(&pd2, &h2_6, reason) != PF_PASS) in pf_test_state_icmp()
8013 pd2.tot_len = ntohs(h2_6.ip6_plen) + in pf_test_state_icmp()
8015 pd2.src = (struct pf_addr *)&h2_6.ip6_src; in pf_test_state_icmp()
8016 pd2.dst = (struct pf_addr *)&h2_6.ip6_dst; in pf_test_state_icmp()
8017 pd2.ip_sum = NULL; in pf_test_state_icmp()
8024 if (PF_ANEQ(pd->dst, pd2.src, pd->af)) { in pf_test_state_icmp()
8032 pf_print_host(pd2.src, 0, pd2.af); in pf_test_state_icmp()
8034 pf_print_host(pd2.dst, 0, pd2.af); in pf_test_state_icmp()
8041 switch (pd2.proto) { in pf_test_state_icmp()
8043 struct tcphdr *th = &pd2.hdr.tcp; in pf_test_state_icmp()
8055 if (!pf_pull_hdr(pd->m, pd2.off, th, 8, NULL, reason, in pf_test_state_icmp()
8056 pd2.af)) { in pf_test_state_icmp()
8062 pd2.pcksum = &pd2.hdr.tcp.th_sum; in pf_test_state_icmp()
8064 key.af = pd2.af; in pf_test_state_icmp()
8066 pf_addrcpy(&key.addr[pd2.sidx], pd2.src, key.af); in pf_test_state_icmp()
8067 pf_addrcpy(&key.addr[pd2.didx], pd2.dst, key.af); in pf_test_state_icmp()
8068 key.port[pd2.sidx] = th->th_sport; in pf_test_state_icmp()
8069 key.port[pd2.didx] = th->th_dport; in pf_test_state_icmp()
8071 action = pf_find_state(&pd2, &key, state); in pf_test_state_icmp()
8151 sidx = pd2.didx; in pf_test_state_icmp()
8152 didx = pd2.sidx; in pf_test_state_icmp()
8154 sidx = pd2.sidx; in pf_test_state_icmp()
8155 didx = pd2.didx; in pf_test_state_icmp()
8166 &pd2, &nk->addr[sidx], in pf_test_state_icmp()
8171 &nk->addr[pd2.sidx], nk->af); in pf_test_state_icmp()
8173 &nk->addr[pd2.didx], nk->af); in pf_test_state_icmp()
8188 pd->naf = pd2.naf = nk->af; in pf_test_state_icmp()
8189 pf_change_ap(&pd2, pd2.src, &th->th_sport, in pf_test_state_icmp()
8190 &nk->addr[pd2.sidx], nk->port[sidx]); in pf_test_state_icmp()
8191 pf_change_ap(&pd2, pd2.dst, &th->th_dport, in pf_test_state_icmp()
8192 &nk->addr[pd2.didx], nk->port[didx]); in pf_test_state_icmp()
8193 m_copyback(pd2.m, pd2.off, 8, (c_caddr_t)th); in pf_test_state_icmp()
8198 if (PF_ANEQ(pd2.src, in pf_test_state_icmp()
8199 &nk->addr[pd2.sidx], pd2.af) || in pf_test_state_icmp()
8200 nk->port[pd2.sidx] != th->th_sport) in pf_test_state_icmp()
8201 pf_change_icmp(pd2.src, &th->th_sport, in pf_test_state_icmp()
8202 daddr, &nk->addr[pd2.sidx], in pf_test_state_icmp()
8203 nk->port[pd2.sidx], NULL, in pf_test_state_icmp()
8204 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8205 pd->ip_sum, 0, pd2.af); in pf_test_state_icmp()
8207 if (PF_ANEQ(pd2.dst, in pf_test_state_icmp()
8208 &nk->addr[pd2.didx], pd2.af) || in pf_test_state_icmp()
8209 nk->port[pd2.didx] != th->th_dport) in pf_test_state_icmp()
8210 pf_change_icmp(pd2.dst, &th->th_dport, in pf_test_state_icmp()
8211 saddr, &nk->addr[pd2.didx], in pf_test_state_icmp()
8212 nk->port[pd2.didx], NULL, in pf_test_state_icmp()
8213 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8214 pd->ip_sum, 0, pd2.af); in pf_test_state_icmp()
8219 switch (pd2.af) { in pf_test_state_icmp()
8240 m_copyback(pd->m, pd2.off, 8, (caddr_t)th); in pf_test_state_icmp()
8247 struct udphdr *uh = &pd2.hdr.udp; in pf_test_state_icmp()
8250 if (!pf_pull_hdr(pd->m, pd2.off, uh, sizeof(*uh), in pf_test_state_icmp()
8251 NULL, reason, pd2.af)) { in pf_test_state_icmp()
8257 pd2.pcksum = &pd2.hdr.udp.uh_sum; in pf_test_state_icmp()
8259 key.af = pd2.af; in pf_test_state_icmp()
8261 pf_addrcpy(&key.addr[pd2.sidx], pd2.src, key.af); in pf_test_state_icmp()
8262 pf_addrcpy(&key.addr[pd2.didx], pd2.dst, key.af); in pf_test_state_icmp()
8263 key.port[pd2.sidx] = uh->uh_sport; in pf_test_state_icmp()
8264 key.port[pd2.didx] = uh->uh_dport; in pf_test_state_icmp()
8266 action = pf_find_state(&pd2, &key, state); in pf_test_state_icmp()
8286 sidx = pd2.didx; in pf_test_state_icmp()
8287 didx = pd2.sidx; in pf_test_state_icmp()
8289 sidx = pd2.sidx; in pf_test_state_icmp()
8290 didx = pd2.didx; in pf_test_state_icmp()
8301 &pd2, &nk->addr[sidx], in pf_test_state_icmp()
8306 &nk->addr[pd2.sidx], nk->af); in pf_test_state_icmp()
8308 &nk->addr[pd2.didx], nk->af); in pf_test_state_icmp()
8323 pd->naf = pd2.naf = nk->af; in pf_test_state_icmp()
8324 pf_change_ap(&pd2, pd2.src, &uh->uh_sport, in pf_test_state_icmp()
8325 &nk->addr[pd2.sidx], nk->port[sidx]); in pf_test_state_icmp()
8326 pf_change_ap(&pd2, pd2.dst, &uh->uh_dport, in pf_test_state_icmp()
8327 &nk->addr[pd2.didx], nk->port[didx]); in pf_test_state_icmp()
8328 m_copyback(pd2.m, pd2.off, sizeof(*uh), in pf_test_state_icmp()
8334 if (PF_ANEQ(pd2.src, in pf_test_state_icmp()
8335 &nk->addr[pd2.sidx], pd2.af) || in pf_test_state_icmp()
8336 nk->port[pd2.sidx] != uh->uh_sport) in pf_test_state_icmp()
8337 pf_change_icmp(pd2.src, &uh->uh_sport, in pf_test_state_icmp()
8338 daddr, &nk->addr[pd2.sidx], in pf_test_state_icmp()
8339 nk->port[pd2.sidx], &uh->uh_sum, in pf_test_state_icmp()
8340 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8341 pd->ip_sum, 1, pd2.af); in pf_test_state_icmp()
8343 if (PF_ANEQ(pd2.dst, in pf_test_state_icmp()
8344 &nk->addr[pd2.didx], pd2.af) || in pf_test_state_icmp()
8345 nk->port[pd2.didx] != uh->uh_dport) in pf_test_state_icmp()
8346 pf_change_icmp(pd2.dst, &uh->uh_dport, in pf_test_state_icmp()
8347 saddr, &nk->addr[pd2.didx], in pf_test_state_icmp()
8348 nk->port[pd2.didx], &uh->uh_sum, in pf_test_state_icmp()
8349 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8350 pd->ip_sum, 1, pd2.af); in pf_test_state_icmp()
8352 switch (pd2.af) { in pf_test_state_icmp()
8370 m_copyback(pd->m, pd2.off, sizeof(*uh), (caddr_t)uh); in pf_test_state_icmp()
8377 struct sctphdr *sh = &pd2.hdr.sctp; in pf_test_state_icmp()
8382 if (! pf_pull_hdr(pd->m, pd2.off, sh, sizeof(*sh), NULL, reason, in pf_test_state_icmp()
8383 pd2.af)) { in pf_test_state_icmp()
8389 pd2.pcksum = &pd2.sctp_dummy_sum; in pf_test_state_icmp()
8391 key.af = pd2.af; in pf_test_state_icmp()
8393 pf_addrcpy(&key.addr[pd2.sidx], pd2.src, key.af); in pf_test_state_icmp()
8394 pf_addrcpy(&key.addr[pd2.didx], pd2.dst, key.af); in pf_test_state_icmp()
8395 key.port[pd2.sidx] = sh->src_port; in pf_test_state_icmp()
8396 key.port[pd2.didx] = sh->dest_port; in pf_test_state_icmp()
8398 action = pf_find_state(&pd2, &key, state); in pf_test_state_icmp()
8438 sidx = pd2.didx; in pf_test_state_icmp()
8439 didx = pd2.sidx; in pf_test_state_icmp()
8441 sidx = pd2.sidx; in pf_test_state_icmp()
8442 didx = pd2.didx; in pf_test_state_icmp()
8453 &pd2, &nk->addr[sidx], in pf_test_state_icmp()
8459 m_copyback(pd2.m, pd2.off, sizeof(*sh), (c_caddr_t)sh); in pf_test_state_icmp()
8461 &nk->addr[pd2.sidx], nk->af); in pf_test_state_icmp()
8463 &nk->addr[pd2.didx], nk->af); in pf_test_state_icmp()
8483 if (PF_ANEQ(pd2.src, in pf_test_state_icmp()
8484 &nk->addr[pd2.sidx], pd2.af) || in pf_test_state_icmp()
8485 nk->port[pd2.sidx] != sh->src_port) in pf_test_state_icmp()
8486 pf_change_icmp(pd2.src, &sh->src_port, in pf_test_state_icmp()
8487 daddr, &nk->addr[pd2.sidx], in pf_test_state_icmp()
8488 nk->port[pd2.sidx], NULL, in pf_test_state_icmp()
8489 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8490 pd->ip_sum, 0, pd2.af); in pf_test_state_icmp()
8492 if (PF_ANEQ(pd2.dst, in pf_test_state_icmp()
8493 &nk->addr[pd2.didx], pd2.af) || in pf_test_state_icmp()
8494 nk->port[pd2.didx] != sh->dest_port) in pf_test_state_icmp()
8495 pf_change_icmp(pd2.dst, &sh->dest_port, in pf_test_state_icmp()
8496 saddr, &nk->addr[pd2.didx], in pf_test_state_icmp()
8497 nk->port[pd2.didx], NULL, in pf_test_state_icmp()
8498 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8499 pd->ip_sum, 0, pd2.af); in pf_test_state_icmp()
8504 switch (pd2.af) { in pf_test_state_icmp()
8523 m_copyback(pd->m, pd2.off, sizeof(*sh), (caddr_t)sh); in pf_test_state_icmp()
8530 struct icmp *iih = &pd2.hdr.icmp; in pf_test_state_icmp()
8532 if (pd2.af != AF_INET) { in pf_test_state_icmp()
8537 if (!pf_pull_hdr(pd->m, pd2.off, iih, ICMP_MINLEN, in pf_test_state_icmp()
8538 NULL, reason, pd2.af)) { in pf_test_state_icmp()
8544 pd2.pcksum = &pd2.hdr.icmp.icmp_cksum; in pf_test_state_icmp()
8547 pf_icmp_mapping(&pd2, iih->icmp_type, in pf_test_state_icmp()
8550 ret = pf_icmp_state_lookup(&key, &pd2, state, in pf_test_state_icmp()
8573 sidx = pd2.didx; in pf_test_state_icmp()
8574 didx = pd2.sidx; in pf_test_state_icmp()
8577 sidx = pd2.sidx; in pf_test_state_icmp()
8578 didx = pd2.didx; in pf_test_state_icmp()
8591 &pd2, &nk->addr[sidx], in pf_test_state_icmp()
8601 m_copyback(pd2.m, pd2.off, ICMP_MINLEN, in pf_test_state_icmp()
8604 &nk->addr[pd2.sidx], nk->af); in pf_test_state_icmp()
8606 &nk->addr[pd2.didx], nk->af); in pf_test_state_icmp()
8620 if (PF_ANEQ(pd2.src, in pf_test_state_icmp()
8621 &nk->addr[pd2.sidx], pd2.af) || in pf_test_state_icmp()
8624 pf_change_icmp(pd2.src, in pf_test_state_icmp()
8627 daddr, &nk->addr[pd2.sidx], in pf_test_state_icmp()
8630 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8633 if (PF_ANEQ(pd2.dst, in pf_test_state_icmp()
8634 &nk->addr[pd2.didx], pd2.af)) in pf_test_state_icmp()
8635 pf_change_icmp(pd2.dst, NULL, NULL, in pf_test_state_icmp()
8636 &nk->addr[pd2.didx], 0, NULL, in pf_test_state_icmp()
8637 pd2.ip_sum, icmpsum, pd->ip_sum, 0, in pf_test_state_icmp()
8642 m_copyback(pd->m, pd2.off, ICMP_MINLEN, (caddr_t)iih); in pf_test_state_icmp()
8650 struct icmp6_hdr *iih = &pd2.hdr.icmp6; in pf_test_state_icmp()
8652 if (pd2.af != AF_INET6) { in pf_test_state_icmp()
8657 if (!pf_pull_hdr(pd->m, pd2.off, iih, in pf_test_state_icmp()
8658 sizeof(struct icmp6_hdr), NULL, reason, pd2.af)) { in pf_test_state_icmp()
8664 pd2.pcksum = &pd2.hdr.icmp6.icmp6_cksum; in pf_test_state_icmp()
8666 pf_icmp_mapping(&pd2, iih->icmp6_type, in pf_test_state_icmp()
8669 ret = pf_icmp_state_lookup(&key, &pd2, state, in pf_test_state_icmp()
8672 if (ret == PF_DROP && pd2.af == AF_INET6 && in pf_test_state_icmp()
8675 ret = pf_icmp_state_lookup(&key, &pd2, in pf_test_state_icmp()
8700 sidx = pd2.didx; in pf_test_state_icmp()
8701 didx = pd2.sidx; in pf_test_state_icmp()
8704 sidx = pd2.sidx; in pf_test_state_icmp()
8705 didx = pd2.didx; in pf_test_state_icmp()
8718 &pd2, &nk->addr[sidx], in pf_test_state_icmp()
8729 m_copyback(pd2.m, pd2.off, in pf_test_state_icmp()
8732 &nk->addr[pd2.sidx], nk->af); in pf_test_state_icmp()
8734 &nk->addr[pd2.didx], nk->af); in pf_test_state_icmp()
8740 if (PF_ANEQ(pd2.src, in pf_test_state_icmp()
8741 &nk->addr[pd2.sidx], pd2.af) || in pf_test_state_icmp()
8743 nk->port[pd2.sidx] != iih->icmp6_id)) in pf_test_state_icmp()
8744 pf_change_icmp(pd2.src, in pf_test_state_icmp()
8747 daddr, &nk->addr[pd2.sidx], in pf_test_state_icmp()
8750 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8753 if (PF_ANEQ(pd2.dst, in pf_test_state_icmp()
8754 &nk->addr[pd2.didx], pd2.af)) in pf_test_state_icmp()
8755 pf_change_icmp(pd2.dst, NULL, NULL, in pf_test_state_icmp()
8756 &nk->addr[pd2.didx], 0, NULL, in pf_test_state_icmp()
8757 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8763 m_copyback(pd->m, pd2.off, sizeof(struct icmp6_hdr), in pf_test_state_icmp()
8773 key.af = pd2.af; in pf_test_state_icmp()
8774 key.proto = pd2.proto; in pf_test_state_icmp()
8775 pf_addrcpy(&key.addr[pd2.sidx], pd2.src, key.af); in pf_test_state_icmp()
8776 pf_addrcpy(&key.addr[pd2.didx], pd2.dst, key.af); in pf_test_state_icmp()
8779 action = pf_find_state(&pd2, &key, state); in pf_test_state_icmp()
8789 if (PF_ANEQ(pd2.src, in pf_test_state_icmp()
8790 &nk->addr[pd2.sidx], pd2.af)) in pf_test_state_icmp()
8791 pf_change_icmp(pd2.src, NULL, daddr, in pf_test_state_icmp()
8792 &nk->addr[pd2.sidx], 0, NULL, in pf_test_state_icmp()
8793 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8794 pd->ip_sum, 0, pd2.af); in pf_test_state_icmp()
8796 if (PF_ANEQ(pd2.dst, in pf_test_state_icmp()
8797 &nk->addr[pd2.didx], pd2.af)) in pf_test_state_icmp()
8798 pf_change_icmp(pd2.dst, NULL, saddr, in pf_test_state_icmp()
8799 &nk->addr[pd2.didx], 0, NULL, in pf_test_state_icmp()
8800 pd2.ip_sum, icmpsum, in pf_test_state_icmp()
8801 pd->ip_sum, 0, pd2.af); in pf_test_state_icmp()
8803 switch (pd2.af) { in pf_test_state_icmp()