1 /* 2 * Copyright (C) 1993-2001, 2003 by Darren Reed. 3 * 4 * See the IPFILTER.LICENCE file for details on licencing. 5 * 6 * @(#)ip_compat.h 1.8 1/14/96 7 * $Id: ip_compat.h,v 2.142.2.30 2005/08/11 15:13:49 darrenr Exp $ 8 * 9 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 10 * Use is subject to license terms. 11 */ 12 13 #ifndef __IP_COMPAT_H__ 14 #define __IP_COMPAT_H__ 15 16 #ifndef __P 17 # ifdef __STDC__ 18 # define __P(x) x 19 # else 20 # define __P(x) () 21 # endif 22 #endif 23 #ifndef __STDC__ 24 # undef const 25 # define const 26 #endif 27 28 #if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__) 29 # undef KERNEL 30 # undef _KERNEL 31 # undef __KERNEL__ 32 # define KERNEL 33 # define _KERNEL 34 # define __KERNEL__ 35 #endif 36 37 #ifndef SOLARIS 38 #define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4))) 39 #endif 40 #if SOLARIS2 >= 8 41 # ifndef USE_INET6 42 # define USE_INET6 43 # endif 44 #endif 45 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \ 46 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6) 47 # define USE_INET6 48 #endif 49 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105000000) && \ 50 !defined(_KERNEL) && !defined(USE_INET6) 51 # define USE_INET6 52 # define IPFILTER_M_IPFILTER 53 #endif 54 #if defined(OpenBSD) && (OpenBSD >= 200206) && \ 55 !defined(_KERNEL) && !defined(USE_INET6) 56 # define USE_INET6 57 #endif 58 #if defined(__osf__) 59 # define USE_INET6 60 #endif 61 #if defined(linux) && (!defined(_KERNEL) || defined(CONFIG_IPV6)) 62 # define USE_INET6 63 #endif 64 #if defined(HPUXREV) && (HPUXREV >= 1111) 65 # define USE_INET6 66 #endif 67 68 #if defined(BSD) && (BSD < 199103) && defined(__osf__) 69 # undef BSD 70 # define BSD 199103 71 #endif 72 73 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi) 74 # define index strchr 75 # if !defined(_KERNEL) 76 # define bzero(a,b) memset(a,0,b) 77 # define bcmp memcmp 78 # define bcopy(a,b,c) memmove(b,a,c) 79 # endif 80 #endif 81 82 #ifndef LIFNAMSIZ 83 # ifdef IF_NAMESIZE 84 # define LIFNAMSIZ IF_NAMESIZE 85 # else 86 # ifdef IFNAMSIZ 87 # define LIFNAMSIZ IFNAMSIZ 88 # else 89 # define LIFNAMSIZ 16 90 # endif 91 # endif 92 #endif 93 94 #if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux) 95 struct ether_addr { 96 u_char ether_addr_octet[6]; 97 }; 98 #endif 99 100 #if defined(__sgi) && !defined(IPFILTER_LKM) 101 # ifdef __STDC__ 102 # define IPL_EXTERN(ep) ipfilter##ep 103 # else 104 # define IPL_EXTERN(ep) ipfilter/**/ep 105 # endif 106 #else 107 # ifdef __STDC__ 108 # define IPL_EXTERN(ep) ipl##ep 109 # else 110 # define IPL_EXTERN(ep) ipl/**/ep 111 # endif 112 #endif 113 114 /* 115 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD. 116 */ 117 #ifndef linux 118 # ifndef _KERNEL 119 # define ADD_KERNEL 120 # define _KERNEL 121 # define KERNEL 122 # endif 123 # ifdef __OpenBSD__ 124 struct file; 125 # endif 126 # include <sys/uio.h> 127 # ifdef ADD_KERNEL 128 # undef _KERNEL 129 # undef KERNEL 130 # endif 131 #endif 132 133 134 /* ----------------------------------------------------------------------- */ 135 /* S O L A R I S */ 136 /* ----------------------------------------------------------------------- */ 137 #if SOLARIS 138 # define MENTAT 1 139 # include <sys/cmn_err.h> 140 # include <sys/isa_defs.h> 141 # include <sys/stream.h> 142 # include <sys/ioccom.h> 143 # include <sys/sysmacros.h> 144 # include <sys/kmem.h> 145 # if SOLARIS2 >= 10 146 # include <sys/procset.h> 147 # include <sys/proc.h> 148 # include <sys/devops.h> 149 # include <sys/ddi_impldefs.h> 150 # include <sys/neti.h> 151 # endif 152 153 /* 154 * inet/ip.h would end up including radix.h with _KERNEL, which is not 155 * what the tools intend, so include radix.h first. 156 */ 157 #if SOLARIS2 > 10 158 # include <net/radix.h> 159 #endif 160 /* 161 * because Solaris 2 defines these in two places :-/ 162 */ 163 # ifndef KERNEL 164 # define ADD_KERNEL 165 # define _KERNEL 166 # undef RES_INIT 167 # endif /* _KERNEL */ 168 169 # if SOLARIS2 >= 8 170 # include <netinet/ip6.h> 171 # include <netinet/icmp6.h> 172 # endif 173 174 # include <inet/common.h> 175 /* These 5 are defined in <inet/ip.h> and <netinet/ip.h> */ 176 # undef IPOPT_EOL 177 # undef IPOPT_NOP 178 # undef IPOPT_LSRR 179 # undef IPOPT_RR 180 # undef IPOPT_SSRR 181 # ifdef i386 182 # define _SYS_PROMIF_H 183 # endif 184 # ifdef ADD_KERNEL 185 # undef _KERNEL 186 # endif 187 # include <inet/ip.h> 188 # undef COPYOUT 189 # include <inet/ip_ire.h> 190 # ifndef KERNEL 191 # undef _KERNEL 192 # endif 193 # if SOLARIS2 >= 8 194 # define SNPRINTF snprintf 195 196 # include <inet/ip_if.h> 197 # define ipif_local_addr ipif_lcl_addr 198 /* Only defined in private include file */ 199 # ifndef V4_PART_OF_V6 200 # define V4_PART_OF_V6(v6) v6.s6_addr32[3] 201 # endif 202 struct ip6_ext { 203 u_char ip6e_nxt; 204 u_char ip6e_len; 205 }; 206 # endif /* SOLARIS2 >= 8 */ 207 208 # ifdef FW_HOOKS 209 210 # define SOLARIS_PFHOOKS 1 211 212 typedef struct qpktinfo { 213 /* data that changes per-packet */ 214 void *qpi_ill; /* COPIED */ 215 mblk_t *qpi_m; 216 void *qpi_data; /* where layer 3 header starts */ 217 size_t qpi_off; 218 int qpi_flags; /* Uses FI_* flags */ 219 } qpktinfo_t; 220 221 extern void mb_copydata __P((mblk_t *, size_t , size_t, char *)); 222 extern void mb_copyback __P((mblk_t *, size_t , size_t, char *)); 223 # endif 224 225 # if SOLARIS2 >= 6 226 # include <sys/atomic.h> 227 typedef uint32_t u_32_t; 228 # else 229 typedef unsigned int u_32_t; 230 # endif 231 # define U_32_T 1 232 233 # ifdef _KERNEL 234 # define KRWLOCK_T krwlock_t 235 # define KMUTEX_T kmutex_t 236 # if SOLARIS2 >= 10 237 # include <sys/sdt.h> 238 239 # define IPF_IS_LOOPBACK(f) ((f) & FI_NOCKSUM) 240 # endif /* SOLARIS2 >= 10 */ 241 # if SOLARIS2 >= 6 242 # if SOLARIS2 == 6 243 # define ATOMIC_INCL(x) atomic_inc_ulong((uint32_t *)&(x)) 244 # define ATOMIC_DECL(x) atomic_dec_ulong((uint32_t *)&(x)) 245 # else 246 # define ATOMIC_INCL(x) atomic_inc_ulong(&(x)) 247 # define ATOMIC_DECL(x) atomic_dec_ulong(&(x)) 248 # endif /* SOLARIS2 == 6 */ 249 # define ATOMIC_INC64(x) atomic_inc_64((uint64_t *)&(x)) 250 # define ATOMIC_INC32(x) atomic_inc_32((uint32_t *)&(x)) 251 # define ATOMIC_INC16(x) atomic_inc_16((uint16_t *)&(x)) 252 # define ATOMIC_DEC64(x) atomic_dec_64((uint64_t *)&(x)) 253 # define ATOMIC_DEC32(x) atomic_dec_32((uint32_t *)&(x)) 254 # define ATOMIC_DEC16(x) atomic_dec_16((uint16_t *)&(x)) 255 # else 256 # define ATOMIC_INC(x) { mutex_enter(&ipf_rw); (x)++; \ 257 mutex_exit(&ipf_rw); } 258 # define ATOMIC_DEC(x) { mutex_enter(&ipf_rw); (x)--; \ 259 mutex_exit(&ipf_rw); } 260 # endif /* SOLARIS2 >= 6 */ 261 # define USE_MUTEXES 262 # define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk) 263 # define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER) 264 # define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER) 265 # define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk) 266 # define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk, (y), \ 267 RW_DRIVER, NULL) 268 # define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk) 269 # define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk) 270 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, (y), \ 271 MUTEX_DRIVER, NULL) 272 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk) 273 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 274 # define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk) 275 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 276 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 277 # define BCOPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 278 # define BCOPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 279 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 280 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 281 # define KFREES(x,s) kmem_free((char *)(x), (s)) 282 # define SPL_NET(x) ; 283 # define SPL_IMP(x) ; 284 # undef SPL_X 285 # define SPL_X(x) ; 286 # ifdef sparc 287 # define ntohs(x) (x) 288 # define ntohl(x) (x) 289 # define htons(x) (x) 290 # define htonl(x) (x) 291 # endif /* sparc */ 292 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP) 293 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP) 294 # define GET_MINOR(x) getminor(x) 295 /*extern phy_if_t get_unit __P((char *, int, ipf_stack_t *));*/ 296 # define GETIFP(n, v, ifs) (void *)get_unit(n, v, ifs) 297 # define IFNAME(x) ((ill_t *)x)->ill_name 298 # define COPYIFNAME(x, b, v) (void) net_getifname(((v) == 4) ? \ 299 ifs->ifs_ipf_ipv4 : ifs->ifs_ipf_ipv6,\ 300 (phy_if_t)(x), (b), sizeof(b)) 301 # define GETKTIME(x) uniqtime((struct timeval *)x) 302 # define MSGDSIZE(x) msgdsize(x) 303 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr) 304 # define M_DUPLICATE(x) copymsg((x)) 305 # define MTOD(m,t) ((t)((m)->b_rptr)) 306 # define MTYPE(m) ((m)->b_datap->db_type) 307 # define FREE_MB_T(m) freemsg(m) 308 # define m_next b_cont 309 # define CACHE_HASH(x) (((phy_if_t)(x)->fin_ifp) & 7) 310 # define IPF_PANIC(x,y) if (x) { printf y; cmn_err(CE_PANIC, "ipf_panic"); } 311 typedef mblk_t mb_t; 312 # endif /* _KERNEL */ 313 314 # if (SOLARIS2 >= 7) 315 # ifdef lint 316 # define ALIGN32(ptr) (ptr ? 0L : 0L) 317 # define ALIGN16(ptr) (ptr ? 0L : 0L) 318 # else 319 # define ALIGN32(ptr) (ptr) 320 # define ALIGN16(ptr) (ptr) 321 # endif 322 # endif 323 324 # if SOLARIS2 < 6 325 typedef struct uio uio_t; 326 # endif 327 typedef int ioctlcmd_t; 328 typedef uint8_t u_int8_t; 329 330 # define OS_RECOGNISED 1 331 332 #endif /* SOLARIS */ 333 334 /* ----------------------------------------------------------------------- */ 335 /* H P U X */ 336 /* ----------------------------------------------------------------------- */ 337 #ifdef __hpux 338 # define MENTAT 1 339 # include <sys/sysmacros.h> 340 # include <sys/spinlock.h> 341 # include <sys/lock.h> 342 # include <sys/stream.h> 343 # ifdef USE_INET6 344 # include <netinet/if_ether.h> 345 # include <netinet/ip6.h> 346 # include <netinet/icmp6.h> 347 typedef struct ip6_hdr ip6_t; 348 # endif 349 350 # ifdef _KERNEL 351 # define SNPRINTF sprintf 352 # if (HPUXREV >= 1111) 353 # define IPL_SELECT 354 # ifdef IPL_SELECT 355 # include <machine/sys/user.h> 356 # include <sys/kthread_iface.h> 357 # define READ_COLLISION 0x01 358 359 typedef struct iplog_select_s { 360 kthread_t *read_waiter; 361 int state; 362 } iplog_select_t; 363 # endif 364 # endif 365 366 # define GETKTIME(x) uniqtime((struct timeval *)x) 367 368 # if HPUXREV == 1111 369 # include "kern_svcs.h" 370 # else 371 # include <sys/kern_svcs.h> 372 # endif 373 # undef ti_flags 374 # undef TCP_NODELAY 375 # undef TCP_MAXSEG 376 # include <sys/reg.h> 377 # include "../netinet/ip_info.h" 378 /* 379 * According to /usr/include/sys/spinlock.h on HP-UX 11.00, these functions 380 * are available. Attempting to use them actually results in unresolved 381 * symbols when it comes time to load the module. 382 * This has been fixed! Yipee! 383 */ 384 # if 1 385 # ifdef __LP64__ 386 # define ATOMIC_INCL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1) 387 # define ATOMIC_DECL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1) 388 # else 389 # define ATOMIC_INCL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1) 390 # define ATOMIC_DECL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1) 391 # endif 392 # define ATOMIC_INC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1) 393 # define ATOMIC_INC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1) 394 # define ATOMIC_INC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), 1) 395 # define ATOMIC_DEC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1) 396 # define ATOMIC_DEC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1) 397 # define ATOMIC_DEC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), -1) 398 # else /* 0 */ 399 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 400 MUTEX_EXIT(&ipf_rw); } 401 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 402 MUTEX_EXIT(&ipf_rw); } 403 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 404 MUTEX_EXIT(&ipf_rw); } 405 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 406 MUTEX_EXIT(&ipf_rw); } 407 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 408 MUTEX_EXIT(&ipf_rw); } 409 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 410 MUTEX_EXIT(&ipf_rw); } 411 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 412 MUTEX_EXIT(&ipf_rw); } 413 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 414 MUTEX_EXIT(&ipf_rw); } 415 # endif 416 # define ip_cksum ip_csuma 417 # define memcpy(a,b,c) bcopy((caddr_t)b, (caddr_t)a, c) 418 # define USE_MUTEXES 419 # define MUTEX_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, (y)) 420 # define MUTEX_ENTER(x) spinlock(&(x)->ipf_lk) 421 # define MUTEX_EXIT(x) spinunlock(&(x)->ipf_lk); 422 # define MUTEX_DESTROY(x) 423 # define MUTEX_NUKE(x) bzero((char *)(x), sizeof(*(x))) 424 # define KMUTEX_T lock_t 425 # define kmutex_t lock_t /* for pfil.h */ 426 # define krwlock_t lock_t /* for pfil.h */ 427 /* 428 * The read-write lock implementation in HP-UX 11.0 is crippled - it can 429 * only be used by threads working in a user context! 430 * This has been fixed! Yipee! (Or at least it does in 11.00, not 11.11..) 431 */ 432 # if HPUXREV < 1111 433 # define MUTEX_DOWNGRADE(x) lock_write_to_read(x) 434 # define KRWLOCK_T struct rw_lock 435 # define READ_ENTER(x) lock_read(&(x)->ipf_lk) 436 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk) 437 # if HPUXREV >= 1111 438 # define RWLOCK_INIT(x, y) rwlock_init4(&(x)->ipf_lk, 0, RWLCK_CANSLEEP, 0, y) 439 # else 440 # define RWLOCK_INIT(x, y) lock_init3(&(x)->ipf_lk, 0, 1, 0, 0, y) 441 # endif 442 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk) 443 # else 444 # define KRWLOCK_T lock_t 445 # define KMUTEX_T lock_t 446 # define READ_ENTER(x) MUTEX_ENTER(x) 447 # define WRITE_ENTER(x) MUTEX_ENTER(x) 448 # define MUTEX_DOWNGRADE(x) 449 # define RWLOCK_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, y) 450 # define RWLOCK_EXIT(x) MUTEX_EXIT(x) 451 # endif 452 # define RW_DESTROY(x) 453 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 454 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 455 # if HPUXREV >= 1111 456 # define BCOPYIN(a,b,c) 0; bcopy((caddr_t)(a), (caddr_t)(b), (c)) 457 # define BCOPYOUT(a,b,c) 0; bcopy((caddr_t)(a), (caddr_t)(b), (c)) 458 # else 459 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 460 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 461 # endif 462 # define SPL_NET(x) ; 463 # define SPL_IMP(x) ; 464 # undef SPL_X 465 # define SPL_X(x) ; 466 /*extern void *get_unit __P((char *, int, ipf_stack_t *));*/ 467 # define GETIFP(n, v, ifs) get_unit(n, v, ifs) 468 # define IFNAME(x, b) ((ill_t *)x)->ill_name 469 # define COPYIFNAME(x, b, v) \ 470 strncpy(b, ((ifinfo_t *)x)->ifi_name, \ 471 LIFNAMSIZ) 472 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 473 # define SLEEP(id, n) { lock_t *_l = get_sleep_lock((caddr_t)id); \ 474 sleep(id, PZERO+1); \ 475 spinunlock(_l); \ 476 } 477 # define WAKEUP(id,x) { lock_t *_l = get_sleep_lock((caddr_t)id); \ 478 wakeup(id + x); \ 479 spinunlock(_l); \ 480 } 481 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_IOSYS, M_NOWAIT) 482 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_IOSYS, M_NOWAIT) 483 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 484 # define KFREES(x,s) kmem_free((char *)(x), (s)) 485 # define MSGDSIZE(x) msgdsize(x) 486 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr) 487 # define M_DUPLICATE(x) dupmsg((x)) 488 # define MTOD(m,t) ((t)((m)->b_rptr)) 489 # define MTYPE(m) ((m)->b_datap->db_type) 490 # define FREE_MB_T(m) freemsg(m) 491 # define m_next b_cont 492 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 493 typedef mblk_t mb_t; 494 495 # define CACHE_HASH(x) (((phy_if_t)(x)->fin_ifp) & 7) 496 497 # include "qif.h" 498 # include "pfil.h" 499 500 # else /* _KERNEL */ 501 502 typedef unsigned char uchar_t; 503 504 # ifndef _SYS_STREAM_INCLUDED 505 typedef char * mblk_t; 506 typedef void * queue_t; 507 typedef u_long ulong; 508 # endif 509 # include <netinet/ip_info.h> 510 511 # endif /* _KERNEL */ 512 513 # ifdef lint 514 # define ALIGN32(ptr) (ptr ? 0L : 0L) 515 # define ALIGN16(ptr) (ptr ? 0L : 0L) 516 # else 517 # define ALIGN32(ptr) (ptr) 518 # define ALIGN16(ptr) (ptr) 519 # endif 520 521 typedef struct uio uio_t; 522 typedef int ioctlcmd_t; 523 typedef int minor_t; 524 typedef unsigned int u_32_t; 525 # define U_32_T 1 526 527 # define OS_RECOGNISED 1 528 529 #endif /* __hpux */ 530 531 /* ----------------------------------------------------------------------- */ 532 /* I R I X */ 533 /* ----------------------------------------------------------------------- */ 534 #ifdef __sgi 535 # undef MENTAT 536 # if IRIX < 60500 537 typedef struct uio uio_t; 538 # endif 539 typedef int ioctlcmd_t; 540 typedef u_int32_t u_32_t; 541 # define U_32_T 1 542 543 # ifdef INET6 544 # define USE_INET6 545 # endif 546 547 # define hz HZ 548 # include <sys/ksynch.h> 549 # define IPF_LOCK_PL plhi 550 # include <sys/sema.h> 551 # undef kmutex_t 552 typedef struct { 553 lock_t *l; 554 int pl; 555 } kmutex_t; 556 557 # ifdef MUTEX_INIT 558 # define KMUTEX_T mutex_t 559 # else 560 # define KMUTEX_T kmutex_t 561 # define KRWLOCK_T kmutex_t 562 # endif 563 564 # ifdef _KERNEL 565 # define NEED_LOCAL_RAND 1 566 # define ipf_random arc4random 567 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); \ 568 (x)++; MUTEX_EXIT(&ipf_rw); } 569 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); \ 570 (x)--; MUTEX_EXIT(&ipf_rw); } 571 # define USE_MUTEXES 572 # ifdef MUTEX_INIT 573 # include <sys/atomic_ops.h> 574 # define ATOMIC_INCL(x) atomicAddUlong(&(x), 1) 575 # define ATOMIC_INC64(x) atomicAddUint64(&(x), 1) 576 # define ATOMIC_INC32(x) atomicAddUint(&(x), 1) 577 # define ATOMIC_INC16 ATOMIC_INC 578 # define ATOMIC_DECL(x) atomicAddUlong(&(x), -1) 579 # define ATOMIC_DEC64(x) atomicAddUint64(&(x), -1) 580 # define ATOMIC_DEC32(x) atomicAddUint(&(x), -1) 581 # define ATOMIC_DEC16 ATOMIC_DEC 582 # undef MUTEX_INIT 583 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, \ 584 MUTEX_DEFAULT, y) 585 # undef MUTEX_ENTER 586 # define MUTEX_ENTER(x) mutex_lock(&(x)->ipf_lk, 0) 587 # undef MUTEX_EXIT 588 # define MUTEX_EXIT(x) mutex_unlock(&(x)->ipf_lk) 589 # undef MUTEX_DESTROY 590 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk) 591 # define MUTEX_DOWNGRADE(x) mrdemote(&(x)->ipf_lk) 592 # define KRWLOCK_T mrlock_t 593 # define RWLOCK_INIT(x, y) mrinit(&(x)->ipf_lk, y) 594 # undef RW_DESTROY 595 # define RW_DESTROY(x) mrfree(&(x)->ipf_lk) 596 # define READ_ENTER(x) RW_RDLOCK(&(x)->ipf_lk) 597 # define WRITE_ENTER(x) RW_WRLOCK(&(x)->ipf_lk) 598 # define RWLOCK_EXIT(x) RW_UNLOCK(&(x)->ipf_lk) 599 # else 600 # define READ_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk) 601 # define WRITE_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk) 602 # define MUTEX_DOWNGRADE(x) ; 603 # define RWLOCK_EXIT(x) MUTEX_EXIT(&(x)->ipf_lk) 604 # define MUTEX_EXIT(x) UNLOCK((x)->ipf_lk.l, (x)->ipf_lk.pl); 605 # define MUTEX_INIT(x,y) (x)->ipf_lk.l = LOCK_ALLOC((uchar_t)-1, IPF_LOCK_PL, (lkinfo_t *)-1, KM_NOSLEEP) 606 # define MUTEX_DESTROY(x) LOCK_DEALLOC((x)->ipf_lk.l) 607 # define MUTEX_ENTER(x) (x)->ipf_lk.pl = LOCK((x)->ipf_lk.l, \ 608 IPF_LOCK_PL); 609 # endif 610 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 611 # define FREE_MB_T(m) m_freem(m) 612 # define MTOD(m,t) mtod(m,t) 613 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 614 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 615 # define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 616 # define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 617 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 618 # define SLEEP(id, n) sleep((id), PZERO+1) 619 # define WAKEUP(id,x) wakeup(id+x) 620 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 621 # define KFREES(x,s) kmem_free((char *)(x), (s)) 622 # define GETIFP(n,v, ifs) ifunit(n) 623 # include <sys/kmem.h> 624 # include <sys/ddi.h> 625 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP) 626 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP) 627 # define GET_MINOR(x) getminor(x) 628 # define USE_SPL 1 629 # define SPL_IMP(x) (x) = splimp() 630 # define SPL_NET(x) (x) = splnet() 631 # define SPL_X(x) (void) splx(x) 632 extern void m_copydata __P((struct mbuf *, int, int, caddr_t)); 633 extern void m_copyback __P((struct mbuf *, int, int, caddr_t)); 634 # define MSGDSIZE(x) mbufchainlen(x) 635 # define M_LEN(x) (x)->m_len 636 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 637 # define GETKTIME(x) microtime((struct timeval *)x) 638 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 639 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 640 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 641 typedef struct mbuf mb_t; 642 # else 643 # undef RW_DESTROY 644 # undef MUTEX_INIT 645 # undef MUTEX_DESTROY 646 # endif /* _KERNEL */ 647 648 # define OS_RECOGNISED 1 649 650 #endif /* __sgi */ 651 652 /* ----------------------------------------------------------------------- */ 653 /* T R U 6 4 */ 654 /* ----------------------------------------------------------------------- */ 655 #ifdef __osf__ 656 # undef MENTAT 657 658 # include <kern/lock.h> 659 # include <sys/sysmacros.h> 660 661 # ifdef _KERNEL 662 # define NEED_LOCAL_RAND 1 663 # define ipf_random arc4random 664 # define KMUTEX_T simple_lock_data_t 665 # define KRWLOCK_T lock_data_t 666 # include <net/net_globals.h> 667 # define USE_MUTEXES 668 # define READ_ENTER(x) lock_read(&(x)->ipf_lk) 669 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk) 670 # define MUTEX_DOWNGRADE(x) lock_write_to_read(&(x)->ipf_lk) 671 # define RWLOCK_INIT(x, y) lock_init(&(x)->ipf_lk, TRUE) 672 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk) 673 # define RW_DESTROY(x) lock_terminate(&(x)->ipf_lk) 674 # define MUTEX_ENTER(x) simple_lock(&(x)->ipf_lk) 675 # define MUTEX_INIT(x, y) simple_lock_init(&(x)->ipf_lk) 676 # define MUTEX_DESTROY(x) simple_lock_terminate(&(x)->ipf_lk) 677 # define MUTEX_EXIT(x) simple_unlock(&(x)->ipf_lk) 678 # define MUTEX_NUKE(x) bzero(x, sizeof(*(x))) 679 # define ATOMIC_INC64(x) atomic_incq((uint64_t*)&(x)) 680 # define ATOMIC_DEC64(x) atomic_decq((uint64_t*)&(x)) 681 # define ATOMIC_INC32(x) atomic_incl((uint32_t*)&(x)) 682 # define ATOMIC_DEC32(x) atomic_decl((uint32_t*)&(x)) 683 # define ATOMIC_INC16(x) { simple_lock(&ipf_rw); (x)++; \ 684 simple_unlock(&ipf_rw); } 685 # define ATOMIC_DEC16(x) { simple_lock(&ipf_rw); (x)--; \ 686 simple_unlock(&ipf_rw); } 687 # define ATOMIC_INCL(x) atomic_incl((uint32_t*)&(x)) 688 # define ATOMIC_DECL(x) atomic_decl((uint32_t*)&(x)) 689 # define ATOMIC_INC(x) { simple_lock(&ipf_rw); (x)++; \ 690 simple_unlock(&ipf_rw); } 691 # define ATOMIC_DEC(x) { simple_lock(&ipf_rw); (x)--; \ 692 simple_unlock(&ipf_rw); } 693 # define SPL_NET(x) ; 694 # define SPL_IMP(x) ; 695 # undef SPL_X 696 # define SPL_X(x) ; 697 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a, b, d) 698 # define FREE_MB_T(m) m_freem(m) 699 # define MTOD(m,t) mtod(m,t) 700 # define GETIFP(n, v, ifs) ifunit(n) 701 # define GET_MINOR getminor 702 # define WAKEUP(id,x) wakeup(id + x) 703 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 704 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 705 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 706 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 707 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_PFILT, M_NOWAIT) 708 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_PFILT, \ 709 ((c) > 4096) ? M_WAITOK : M_NOWAIT) 710 # define KFREE(x) FREE((x), M_PFILT) 711 # define KFREES(x,s) FREE((x), M_PFILT) 712 # define MSGDSIZE(x) mbufchainlen(x) 713 # define M_LEN(x) (x)->m_len 714 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 715 # define GETKTIME(x) microtime((struct timeval *)x) 716 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 717 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 718 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 719 typedef struct mbuf mb_t; 720 # endif /* _KERNEL */ 721 722 # if (defined(_KERNEL) || defined(_NO_BITFIELDS) || (__STDC__ == 1)) 723 # define IP_V(x) ((x)->ip_vhl >> 4) 724 # define IP_HL(x) ((x)->ip_vhl & 0xf) 725 # define IP_V_A(x,y) (x)->ip_vhl |= (((y) << 4) & 0xf0) 726 # define IP_HL_A(x,y) (x)->ip_vhl |= ((y) & 0xf) 727 # define TCP_X2(x) ((x)->th_xoff & 0xf) 728 # define TCP_X2_A(x,y) (x)->th_xoff |= ((y) & 0xf) 729 # define TCP_OFF(x) ((x)->th_xoff >> 4) 730 # define TCP_OFF_A(x,y) (x)->th_xoff |= (((y) << 4) & 0xf0) 731 # endif 732 733 /* 734 * These are from's Solaris' #defines for little endian. 735 */ 736 #define IP6F_MORE_FRAG 0x0100 737 #define IP6F_RESERVED_MASK 0x0600 738 #define IP6F_OFF_MASK 0xf8ff 739 740 struct ip6_ext { 741 u_char ip6e_nxt; 742 u_char ip6e_len; 743 }; 744 745 typedef int ioctlcmd_t; 746 /* 747 * Really, any arch where sizeof(long) != sizeof(int). 748 */ 749 typedef unsigned int u_32_t; 750 # define U_32_T 1 751 752 # define OS_RECOGNISED 1 753 #endif /* __osf__ */ 754 755 /* ----------------------------------------------------------------------- */ 756 /* N E T B S D */ 757 /* ----------------------------------------------------------------------- */ 758 #ifdef __NetBSD__ 759 # if defined(_KERNEL) && !defined(IPFILTER_LKM) 760 # include "bpfilter.h" 761 # if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000) 762 # include "opt_inet.h" 763 # endif 764 # ifdef INET6 765 # define USE_INET6 766 # endif 767 # if (__NetBSD_Version__ >= 105000000) 768 # define HAVE_M_PULLDOWN 1 769 # endif 770 # endif 771 772 # ifdef _KERNEL 773 # define MSGDSIZE(x) mbufchainlen(x) 774 # define M_LEN(x) (x)->m_len 775 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 776 # define GETKTIME(x) microtime((struct timeval *)x) 777 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 778 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 779 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 780 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 781 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 782 typedef struct mbuf mb_t; 783 # endif /* _KERNEL */ 784 # if (NetBSD <= 1991011) && (NetBSD >= 199606) 785 # define IFNAME(x) ((struct ifnet *)x)->if_xname 786 # define COPYIFNAME(x, b, v) \ 787 (void) strncpy(b, \ 788 ((struct ifnet *)x)->if_xname, \ 789 LIFNAMSIZ) 790 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7) 791 # else 792 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 793 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 794 # endif 795 796 typedef struct uio uio_t; 797 typedef u_long ioctlcmd_t; 798 typedef int minor_t; 799 typedef u_int32_t u_32_t; 800 # define U_32_T 1 801 802 # define OS_RECOGNISED 1 803 #endif /* __NetBSD__ */ 804 805 806 /* ----------------------------------------------------------------------- */ 807 /* F R E E B S D */ 808 /* ----------------------------------------------------------------------- */ 809 #ifdef __FreeBSD__ 810 # if defined(_KERNEL) 811 # if (__FreeBSD_version >= 500000) 812 # include "opt_bpf.h" 813 # else 814 # include "bpf.h" 815 # endif 816 # if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) 817 # include "opt_inet6.h" 818 # endif 819 # if defined(INET6) && !defined(USE_INET6) 820 # define USE_INET6 821 # endif 822 # endif 823 824 # if defined(_KERNEL) 825 # if (__FreeBSD_version >= 400000) 826 /* 827 * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy. 828 * There may be other, safe, kernels but this is not extensively tested yet. 829 */ 830 # define HAVE_M_PULLDOWN 831 # endif 832 # if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000) 833 # include "opt_ipfilter.h" 834 # endif 835 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 836 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 837 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 838 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 839 840 # if (__FreeBSD_version >= 500043) 841 # define NETBSD_PF 842 # endif 843 # endif /* _KERNEL */ 844 845 # if (__FreeBSD_version >= 500043) 846 # include <sys/mutex.h> 847 # include <sys/sx.h> 848 /* 849 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface 850 * for what we want to use them for, despite testing showing they work - 851 * with a WITNESS kernel, it generates LOR messages. 852 */ 853 # define KMUTEX_T struct mtx 854 # if 1 855 # define KRWLOCK_T struct mtx 856 # else 857 # define KRWLOCK_T struct sx 858 # endif 859 # endif 860 861 # if (__FreeBSD_version >= 501113) 862 # include <net/if_var.h> 863 # define IFNAME(x) ((struct ifnet *)x)->if_xname 864 # define COPYIFNAME(x, b) \ 865 (void) strncpy(b, \ 866 ((struct ifnet *)x)->if_xname, \ 867 LIFNAMSIZ) 868 # endif 869 # if (__FreeBSD_version >= 500043) 870 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index) & 7) 871 # else 872 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 873 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 874 # endif 875 876 # ifdef _KERNEL 877 # define GETKTIME(x) microtime((struct timeval *)x) 878 879 # if (__FreeBSD_version >= 500002) 880 # include <netinet/in_systm.h> 881 # include <netinet/ip.h> 882 # include <machine/in_cksum.h> 883 # endif 884 885 # if (__FreeBSD_version >= 500043) 886 # define USE_MUTEXES 887 # define MUTEX_ENTER(x) mtx_lock(&(x)->ipf_lk) 888 # define MUTEX_EXIT(x) mtx_unlock(&(x)->ipf_lk) 889 # define MUTEX_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\ 890 MTX_DEF) 891 # define MUTEX_DESTROY(x) mtx_destroy(&(x)->ipf_lk) 892 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 893 /* 894 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface 895 * for what we want to use them for, despite testing showing they work - 896 * with a WITNESS kernel, it generates LOR messages. 897 */ 898 # if 1 899 # define READ_ENTER(x) mtx_lock(&(x)->ipf_lk) 900 # define WRITE_ENTER(x) mtx_lock(&(x)->ipf_lk) 901 # define RWLOCK_EXIT(x) mtx_unlock(&(x)->ipf_lk) 902 # define MUTEX_DOWNGRADE(x) ; 903 # define RWLOCK_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\ 904 MTX_DEF) 905 # define RW_DESTROY(x) mtx_destroy(&(x)->ipf_lk) 906 # else 907 # define READ_ENTER(x) sx_slock(&(x)->ipf_lk) 908 # define WRITE_ENTER(x) sx_xlock(&(x)->ipf_lk) 909 # define MUTEX_DOWNGRADE(x) sx_downgrade(&(x)->ipf_lk) 910 # define RWLOCK_INIT(x, y) sx_init(&(x)->ipf_lk, (y)) 911 # define RW_DESTROY(x) sx_destroy(&(x)->ipf_lk) 912 # ifdef sx_unlock 913 # define RWLOCK_EXIT(x) sx_unlock(x) 914 # else 915 # define RWLOCK_EXIT(x) do { \ 916 if ((x)->ipf_lk.sx_cnt < 0) \ 917 sx_xunlock(&(x)->ipf_lk); \ 918 else \ 919 sx_sunlock(&(x)->ipf_lk); \ 920 } while (0) 921 # endif 922 # endif 923 # include <machine/atomic.h> 924 # define ATOMIC_INC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)++; \ 925 mtx_unlock(&ipf_rw.ipf_lk); } 926 # define ATOMIC_DEC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)--; \ 927 mtx_unlock(&ipf_rw.ipf_lk); } 928 # define ATOMIC_INCL(x) atomic_inc_ulong(&(x)) 929 # define ATOMIC_INC64(x) ATOMIC_INC(x) 930 # define ATOMIC_INC32(x) atomic_inc_32(&(x)) 931 # define ATOMIC_INC16(x) atomic_inc_16(&(x)) 932 # define ATOMIC_DECL(x) atomic_dec_ulong(&(x)) 933 # define ATOMIC_DEC64(x) ATOMIC_DEC(x) 934 # define ATOMIC_DEC32(x) atomic_dec_32(&(x)) 935 # define ATOMIC_DEC16(x) atomic_dec_16(&(x)) 936 # define SPL_X(x) ; 937 # define SPL_NET(x) ; 938 # define SPL_IMP(x) ; 939 extern int in_cksum __P((struct mbuf *, int)); 940 # endif /* __FreeBSD_version >= 500043 */ 941 # define MSGDSIZE(x) mbufchainlen(x) 942 # define M_LEN(x) (x)->m_len 943 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 944 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 945 typedef struct mbuf mb_t; 946 # endif /* _KERNEL */ 947 948 # if __FreeBSD__ < 3 949 # include <machine/spl.h> 950 # else 951 # if __FreeBSD__ == 3 952 # if defined(IPFILTER_LKM) && !defined(ACTUALLY_LKM_NOT_KERNEL) 953 # define ACTUALLY_LKM_NOT_KERNEL 954 # endif 955 # endif 956 # endif 957 958 # if (__FreeBSD_version >= 300000) 959 typedef u_long ioctlcmd_t; 960 # else 961 typedef int ioctlcmd_t; 962 # endif 963 typedef struct uio uio_t; 964 typedef int minor_t; 965 typedef u_int32_t u_32_t; 966 # define U_32_T 1 967 968 # define OS_RECOGNISED 1 969 #endif /* __FreeBSD__ */ 970 971 972 /* ----------------------------------------------------------------------- */ 973 /* O P E N B S D */ 974 /* ----------------------------------------------------------------------- */ 975 #ifdef __OpenBSD__ 976 # ifdef INET6 977 # define USE_INET6 978 # endif 979 980 # ifdef _KERNEL 981 # if !defined(IPFILTER_LKM) 982 # include "bpfilter.h" 983 # endif 984 # if (OpenBSD >= 200311) 985 # define SNPRINTF snprintf 986 # if defined(USE_INET6) 987 # include "netinet6/in6_var.h" 988 # include "netinet6/nd6.h" 989 # endif 990 # endif 991 # if (OpenBSD >= 200012) 992 # define HAVE_M_PULLDOWN 1 993 # endif 994 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 995 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 996 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 997 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 998 # define GETKTIME(x) microtime((struct timeval *)x) 999 # define MSGDSIZE(x) mbufchainlen(x) 1000 # define M_LEN(x) (x)->m_len 1001 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1002 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 1003 typedef struct mbuf mb_t; 1004 # endif /* _KERNEL */ 1005 # if (OpenBSD >= 199603) 1006 # define IFNAME(x, b) ((struct ifnet *)x)->if_xname 1007 # define COPYIFNAME(x, b, v) \ 1008 (void) strncpy(b, \ 1009 ((struct ifnet *)x)->if_xname, \ 1010 LIFNAMSIZ) 1011 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7) 1012 # else 1013 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1014 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1015 # endif 1016 1017 typedef struct uio uio_t; 1018 typedef u_long ioctlcmd_t; 1019 typedef int minor_t; 1020 typedef u_int32_t u_32_t; 1021 # define U_32_T 1 1022 1023 # define OS_RECOGNISED 1 1024 #endif /* __OpenBSD__ */ 1025 1026 1027 /* ----------------------------------------------------------------------- */ 1028 /* B S D O S */ 1029 /* ----------------------------------------------------------------------- */ 1030 #ifdef _BSDI_VERSION 1031 # ifdef INET6 1032 # define USE_INET6 1033 # endif 1034 1035 # ifdef _KERNEL 1036 # define GETKTIME(x) microtime((struct timeval *)x) 1037 # define MSGDSIZE(x) mbufchainlen(x) 1038 # define M_LEN(x) (x)->m_len 1039 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1040 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1041 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1042 typedef struct mbuf mb_t; 1043 # endif /* _KERNEL */ 1044 1045 # if (_BSDI_VERSION >= 199701) 1046 typedef u_long ioctlcmd_t; 1047 # else 1048 typedef int ioctlcmd_t; 1049 # endif 1050 typedef u_int32_t u_32_t; 1051 # define U_32_T 1 1052 1053 #endif /* _BSDI_VERSION */ 1054 1055 1056 /* ----------------------------------------------------------------------- */ 1057 /* S U N O S 4 */ 1058 /* ----------------------------------------------------------------------- */ 1059 #if defined(sun) && !defined(OS_RECOGNISED) /* SunOS4 */ 1060 # ifdef _KERNEL 1061 # include <sys/kmem_alloc.h> 1062 # define GETKTIME(x) uniqtime((struct timeval *)x) 1063 # define MSGDSIZE(x) mbufchainlen(x) 1064 # define M_LEN(x) (x)->m_len 1065 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1066 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1067 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1068 # define GETIFP(n, v, ifs) ifunit(n, IFNAMSIZ) 1069 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x))) 1070 # define KFREES(x,s) kmem_free((char *)(x), (s)) 1071 # define SLEEP(id, n) sleep((id), PZERO+1) 1072 # define WAKEUP(id,x) wakeup(id + x) 1073 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 1074 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 1075 1076 extern void m_copydata __P((struct mbuf *, int, int, caddr_t)); 1077 extern void m_copyback __P((struct mbuf *, int, int, caddr_t)); 1078 1079 typedef struct mbuf mb_t; 1080 # endif 1081 1082 typedef struct uio uio_t; 1083 typedef int ioctlcmd_t; 1084 typedef int minor_t; 1085 typedef unsigned int u_32_t; 1086 # define U_32_T 1 1087 1088 # define OS_RECOGNISED 1 1089 1090 #endif /* SunOS 4 */ 1091 1092 /* ----------------------------------------------------------------------- */ 1093 /* L I N U X */ 1094 /* ----------------------------------------------------------------------- */ 1095 #if defined(linux) && !defined(OS_RECOGNISED) 1096 #include <linux/config.h> 1097 #include <linux/version.h> 1098 # if LINUX >= 20600 1099 # define HDR_T_PRIVATE 1 1100 # endif 1101 # undef USE_INET6 1102 # ifdef USE_INET6 1103 struct ip6_ext { 1104 u_char ip6e_nxt; 1105 u_char ip6e_len; 1106 }; 1107 # endif 1108 1109 # ifdef _KERNEL 1110 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); } 1111 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 1112 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 1113 # define COPYIN(a,b,c) copy_from_user((caddr_t)(b), (caddr_t)(a), (c)) 1114 # define COPYOUT(a,b,c) copy_to_user((caddr_t)(b), (caddr_t)(a), (c)) 1115 # define FREE_MB_T(m) kfree_skb(m) 1116 # define GETKTIME(x) do_gettimeofday((struct timeval *)x) 1117 # define SLEEP(x,s) 0, interruptible_sleep_on(x##_linux) 1118 # define WAKEUP(x,y) wake_up(x##_linux + y) 1119 # define UIOMOVE(a,b,c,d) uiomove(a,b,c,d) 1120 # define USE_MUTEXES 1121 # define KRWLOCK_T rwlock_t 1122 # define KMUTEX_T spinlock_t 1123 # define MUTEX_INIT(x,y) spin_lock_init(&(x)->ipf_lk) 1124 # define MUTEX_ENTER(x) spin_lock(&(x)->ipf_lk) 1125 # define MUTEX_EXIT(x) spin_unlock(&(x)->ipf_lk) 1126 # define MUTEX_DESTROY(x) do { } while (0) 1127 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk)) 1128 # define READ_ENTER(x) ipf_read_enter(x) 1129 # define WRITE_ENTER(x) ipf_write_enter(x) 1130 # define RWLOCK_INIT(x,y) rwlock_init(&(x)->ipf_lk) 1131 # define RW_DESTROY(x) do { } while (0) 1132 # define RWLOCK_EXIT(x) ipf_rw_exit(x) 1133 # define MUTEX_DOWNGRADE(x) ipf_rw_downgrade(x) 1134 # define ATOMIC_INCL(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1135 MUTEX_EXIT(&ipf_rw) 1136 # define ATOMIC_DECL(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1137 MUTEX_EXIT(&ipf_rw) 1138 # define ATOMIC_INC64(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1139 MUTEX_EXIT(&ipf_rw) 1140 # define ATOMIC_INC32(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1141 MUTEX_EXIT(&ipf_rw) 1142 # define ATOMIC_INC16(x) MUTEX_ENTER(&ipf_rw); (x)++; \ 1143 MUTEX_EXIT(&ipf_rw) 1144 # define ATOMIC_DEC64(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1145 MUTEX_EXIT(&ipf_rw) 1146 # define ATOMIC_DEC32(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1147 MUTEX_EXIT(&ipf_rw) 1148 # define ATOMIC_DEC16(x) MUTEX_ENTER(&ipf_rw); (x)--; \ 1149 MUTEX_EXIT(&ipf_rw) 1150 # define SPL_IMP(x) do { } while (0) 1151 # define SPL_NET(x) do { } while (0) 1152 # define SPL_X(x) do { } while (0) 1153 # define IFNAME(x) ((struct net_device*)x)->name 1154 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1155 ((struct net_device *)fin->fin_ifp)->ifindex) & 7) 1156 typedef struct sk_buff mb_t; 1157 extern void m_copydata __P((mb_t *, int, int, caddr_t)); 1158 extern void m_copyback __P((mb_t *, int, int, caddr_t)); 1159 extern void m_adj __P((mb_t *, int)); 1160 extern mb_t *m_pullup __P((mb_t *, int)); 1161 # define mbuf sk_buff 1162 1163 # define mtod(m, t) ((t)(m)->data) 1164 # define m_len len 1165 # define m_next next 1166 # define M_DUPLICATE(m) skb_clone((m), in_interrupt() ? GFP_ATOMIC : \ 1167 GFP_KERNEL) 1168 # define MSGDSIZE(m) (m)->len 1169 # define M_LEN(m) (m)->len 1170 1171 # define splnet(x) ; 1172 # define printf printk 1173 # define bcopy(s,d,z) memmove(d, s, z) 1174 # define bzero(s,z) memset(s, 0, z) 1175 # define bcmp(a,b,z) memcmp(a, b, z) 1176 1177 # define ifnet net_device 1178 # define if_xname name 1179 # define if_unit ifindex 1180 1181 # define KMALLOC(x,t) (x) = (t)kmalloc(sizeof(*(x)), \ 1182 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL) 1183 # define KFREE(x) kfree(x) 1184 # define KMALLOCS(x,t,s) (x) = (t)kmalloc((s), \ 1185 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL) 1186 # define KFREES(x,s) kfree(x) 1187 1188 # define GETIFP(n,v) dev_get_by_name(n) 1189 1190 # else 1191 # include <net/ethernet.h> 1192 1193 struct mbuf { 1194 }; 1195 1196 # ifndef _NET_ROUTE_H 1197 struct rtentry { 1198 }; 1199 # endif 1200 1201 struct ifnet { 1202 char if_xname[IFNAMSIZ]; 1203 int if_unit; 1204 int (* if_output) __P((struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *)); 1205 struct ifaddr *if_addrlist; 1206 }; 1207 # define IFNAME(x) ((struct ifnet *)x)->if_xname 1208 1209 # endif /* _KERNEL */ 1210 1211 # define COPYIFNAME(x, b) \ 1212 (void) strncpy(b, \ 1213 ((struct ifnet *)x)->if_xname, \ 1214 LIFNAMSIZ) 1215 1216 # include <linux/fs.h> 1217 # define FWRITE FMODE_WRITE 1218 # define FREAD FMODE_READ 1219 1220 # define __USE_MISC 1 1221 # define __FAVOR_BSD 1 1222 1223 typedef struct uio { 1224 struct iovec *uio_iov; 1225 void *uio_file; 1226 char *uio_buf; 1227 int uio_iovcnt; 1228 int uio_offset; 1229 size_t uio_resid; 1230 int uio_rw; 1231 } uio_t; 1232 1233 extern int uiomove __P((caddr_t, size_t, int, struct uio *)); 1234 1235 # define UIO_READ 1 1236 # define UIO_WRITE 2 1237 1238 typedef u_long ioctlcmd_t; 1239 typedef int minor_t; 1240 typedef u_int32_t u_32_t; 1241 # define U_32_T 1 1242 1243 # define OS_RECOGNISED 1 1244 1245 #endif 1246 1247 1248 /* ----------------------------------------------------------------------- */ 1249 /* A I X */ 1250 /* ----------------------------------------------------------------------- */ 1251 #if defined(_AIX51) 1252 # undef MENTAT 1253 1254 # include <sys/lock.h> 1255 # include <sys/sysmacros.h> 1256 1257 # ifdef _KERNEL 1258 # define rw_read_locked(x) 0 1259 # include <net/net_globals.h> 1260 # include <net/net_malloc.h> 1261 # define KMUTEX_T simple_lock_t 1262 # define KRWLOCK_T complex_lock_t 1263 # define USE_MUTEXES 1 1264 # define USE_SPL 1 1265 # define READ_ENTER(x) lock_read((x)->ipf_lk) 1266 # define WRITE_ENTER(x) lock_write((x)->ipf_lk) 1267 # define MUTEX_DOWNGRADE(x) lock_write_to_read((x)->ipf_lk) 1268 # define RWLOCK_INIT(x, y) lock_alloc(&(x)->ipf_lk, \ 1269 LOCK_ALLOC_PIN, \ 1270 (u_short)y, 0); \ 1271 lock_init((x)->ipf_lk, TRUE) 1272 # define RWLOCK_EXIT(x) lock_done((x)->ipf_lk) 1273 # define RW_DESTROY(x) lock_free(&(x)->ipf_lk) 1274 # define MUTEX_ENTER(x) simple_lock((x)->ipf_lk) 1275 # define MUTEX_INIT(x, y) lock_alloc(&(x)->ipf_lk, \ 1276 LOCK_ALLOC_PIN, \ 1277 (u_short)y, 0); \ 1278 simple_lock_init((x)->ipf_lk) 1279 # define MUTEX_DESTROY(x) lock_free(&(x)->ipf_lk) 1280 # define MUTEX_EXIT(x) simple_unlock((x)->ipf_lk) 1281 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk)) 1282 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1283 MUTEX_EXIT(&ipf_rw); } 1284 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1285 MUTEX_EXIT(&ipf_rw); } 1286 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1287 MUTEX_EXIT(&ipf_rw); } 1288 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1289 MUTEX_EXIT(&ipf_rw); } 1290 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1291 MUTEX_EXIT(&ipf_rw); } 1292 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1293 MUTEX_EXIT(&ipf_rw); } 1294 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \ 1295 MUTEX_EXIT(&ipf_rw); } 1296 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \ 1297 MUTEX_EXIT(&ipf_rw); } 1298 # define SPL_NET(x) x = splnet() 1299 # define SPL_IMP(x) x = splimp() 1300 # undef SPL_X 1301 # define SPL_X(x) splx(x) 1302 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d) 1303 extern void* getifp __P((char *, int)); 1304 # define GETIFP(n, v) getifp(n, v) 1305 # define GET_MINOR minor 1306 # define SLEEP(id, n) sleepx((id), PZERO+1, 0) 1307 # define WAKEUP(id,x) wakeup(id) 1308 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c)) 1309 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c)) 1310 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 1311 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c)) 1312 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_TEMP, M_NOWAIT) 1313 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_TEMP, \ 1314 ((c) > 4096) ? M_WAITOK : M_NOWAIT) 1315 # define KFREE(x) FREE((x), M_TEMP) 1316 # define KFREES(x,s) FREE((x), M_TEMP) 1317 # define MSGDSIZE(x) mbufchainlen(x) 1318 # define M_LEN(x) (x)->m_len 1319 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL) 1320 # define GETKTIME(x) 1321 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1322 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1323 # define IPF_PANIC(x,y) 1324 typedef struct mbuf mb_t; 1325 # endif /* _KERNEL */ 1326 1327 /* 1328 * These are from's Solaris' #defines for little endian. 1329 */ 1330 #if !defined(IP6F_MORE_FRAG) 1331 # define IP6F_MORE_FRAG 0x0100 1332 #endif 1333 #if !defined(IP6F_RESERVED_MASK) 1334 # define IP6F_RESERVED_MASK 0x0600 1335 #endif 1336 #if !defined(IP6F_OFF_MASK) 1337 # define IP6F_OFF_MASK 0xf8ff 1338 #endif 1339 1340 struct ip6_ext { 1341 u_char ip6e_nxt; 1342 u_char ip6e_len; 1343 }; 1344 1345 typedef int ioctlcmd_t; 1346 typedef int minor_t; 1347 /* 1348 * Really, any arch where sizeof(long) != sizeof(int). 1349 */ 1350 typedef unsigned int u_32_t; 1351 # define U_32_T 1 1352 1353 # define OS_RECOGNISED 1 1354 #endif /* _AIX51 */ 1355 1356 1357 #ifndef OS_RECOGNISED 1358 #error ip_compat.h does not recognise this platform/OS. 1359 #endif 1360 1361 1362 /* ----------------------------------------------------------------------- */ 1363 /* G E N E R I C */ 1364 /* ----------------------------------------------------------------------- */ 1365 #ifndef OS_RECOGNISED 1366 #endif 1367 1368 /* 1369 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in 1370 * filter rules. 1371 */ 1372 #if !defined(IPFILTER_BPF) && ((NBPF > 0) || (NBPFILTER > 0) || (DEV_BPF > 0)) 1373 # define IPFILTER_BPF 1374 #endif 1375 1376 /* 1377 * Userland locking primitives 1378 */ 1379 typedef struct { 1380 char *eMm_owner; 1381 char *eMm_heldin; 1382 u_int eMm_magic; 1383 int eMm_held; 1384 int eMm_heldat; 1385 #ifdef __hpux 1386 char eMm_fill[8]; 1387 #endif 1388 } eMmutex_t; 1389 1390 typedef struct { 1391 char *eMrw_owner; 1392 char *eMrw_heldin; 1393 u_int eMrw_magic; 1394 short eMrw_read; 1395 short eMrw_write; 1396 int eMrw_heldat; 1397 #ifdef __hpux 1398 char eMm_fill[24]; 1399 #endif 1400 } eMrwlock_t; 1401 1402 typedef union { 1403 #ifdef KMUTEX_T 1404 struct { 1405 KMUTEX_T ipf_slk; 1406 char *ipf_lname; 1407 } ipf_lkun_s; 1408 #endif 1409 eMmutex_t ipf_emu; 1410 } ipfmutex_t; 1411 1412 typedef union { 1413 #ifdef KRWLOCK_T 1414 struct { 1415 KRWLOCK_T ipf_slk; 1416 char *ipf_lname; 1417 int ipf_sr; 1418 int ipf_sw; 1419 u_int ipf_magic; 1420 } ipf_lkun_s; 1421 #endif 1422 eMrwlock_t ipf_emu; 1423 } ipfrwlock_t; 1424 1425 #define ipf_lk ipf_lkun_s.ipf_slk 1426 #define ipf_lname ipf_lkun_s.ipf_lname 1427 #define ipf_isr ipf_lkun_s.ipf_sr 1428 #define ipf_isw ipf_lkun_s.ipf_sw 1429 #define ipf_magic ipf_lkun_s.ipf_magic 1430 1431 #if !defined(__GNUC__) || \ 1432 (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000)) 1433 # ifndef INLINE 1434 # define INLINE 1435 # endif 1436 #else 1437 # define INLINE __inline__ 1438 #endif 1439 1440 #if defined(linux) && defined(_KERNEL) 1441 extern INLINE void ipf_read_enter __P((ipfrwlock_t *)); 1442 extern INLINE void ipf_write_enter __P((ipfrwlock_t *)); 1443 extern INLINE void ipf_rw_exit __P((ipfrwlock_t *)); 1444 extern INLINE void ipf_rw_downgrade __P((ipfrwlock_t *)); 1445 #endif 1446 1447 /* 1448 * In a non-kernel environment, there are a lot of macros that need to be 1449 * filled in to be null-ops or to point to some compatibility function, 1450 * somewhere in userland. 1451 */ 1452 #ifndef _KERNEL 1453 typedef struct mb_s { 1454 struct mb_s *mb_next; 1455 int mb_len; 1456 u_long mb_buf[2048]; 1457 } mb_t; 1458 # undef m_next 1459 # define m_next mb_next 1460 # define MSGDSIZE(x) (x)->mb_len /* XXX - from ipt.c */ 1461 # define M_LEN(x) (x)->mb_len 1462 # define M_DUPLICATE(x) (x) 1463 # define GETKTIME(x) gettimeofday((struct timeval *)(x), NULL) 1464 # undef MTOD 1465 # define MTOD(m, t) ((t)(m)->mb_buf) 1466 # define FREE_MB_T(x) 1467 # define SLEEP(x,y) 1; 1468 # define WAKEUP(x,y) ; 1469 # define IPF_PANIC(x,y) ; 1470 # define PANIC(x,y) ; 1471 # define SPL_NET(x) ; 1472 # define SPL_IMP(x) ; 1473 # define SPL_X(x) ; 1474 # define KMALLOC(a,b) (a) = (b)malloc(sizeof(*a)) 1475 # define KMALLOCS(a,b,c) (a) = (b)malloc(c) 1476 # define KFREE(x) free(x) 1477 # define KFREES(x,s) free(x) 1478 # define GETIFP(x, v, ifs) get_unit(x,v, ifs) 1479 # define COPYIN(a,b,c) (bcopy((a), (b), (c)), 0) 1480 # define COPYOUT(a,b,c) (bcopy((a), (b), (c)), 0) 1481 # define BCOPYIN(a,b,c) (bcopy((a), (b), (c)), 0) 1482 # define BCOPYOUT(a,b,c) (bcopy((a), (b), (c)), 0) 1483 # define COPYDATA(m, o, l, b) bcopy(MTOD((mb_t *)m, char *) + (o), \ 1484 (b), (l)) 1485 # define COPYBACK(m, o, l, b) bcopy((b), \ 1486 MTOD((mb_t *)m, char *) + (o), \ 1487 (l)) 1488 # define UIOMOVE(a,b,c,d) ipfuiomove(a,b,c,d) 1489 extern void m_copydata __P((mb_t *, int, int, caddr_t)); 1490 extern int ipfuiomove __P((caddr_t, int, int, struct uio *)); 1491 # ifndef CACHE_HASH 1492 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \ 1493 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7) 1494 # endif 1495 1496 # define MUTEX_DESTROY(x) eMmutex_destroy(&(x)->ipf_emu) 1497 # define MUTEX_ENTER(x) eMmutex_enter(&(x)->ipf_emu, \ 1498 __FILE__, __LINE__) 1499 # define MUTEX_EXIT(x) eMmutex_exit(&(x)->ipf_emu) 1500 # define MUTEX_INIT(x,y) eMmutex_init(&(x)->ipf_emu, y) 1501 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x))) 1502 1503 # define MUTEX_DOWNGRADE(x) eMrwlock_downgrade(&(x)->ipf_emu, \ 1504 __FILE__, __LINE__) 1505 # define READ_ENTER(x) eMrwlock_read_enter(&(x)->ipf_emu, \ 1506 __FILE__, __LINE__) 1507 # define RWLOCK_INIT(x, y) eMrwlock_init(&(x)->ipf_emu, y) 1508 # define RWLOCK_EXIT(x) eMrwlock_exit(&(x)->ipf_emu) 1509 # define RW_DESTROY(x) eMrwlock_destroy(&(x)->ipf_emu) 1510 # define WRITE_ENTER(x) eMrwlock_write_enter(&(x)->ipf_emu, \ 1511 __FILE__, \ 1512 __LINE__) 1513 1514 # define USE_MUTEXES 1 1515 1516 extern void eMmutex_destroy __P((eMmutex_t *)); 1517 extern void eMmutex_enter __P((eMmutex_t *, char *, int)); 1518 extern void eMmutex_exit __P((eMmutex_t *)); 1519 extern void eMmutex_init __P((eMmutex_t *, char *)); 1520 extern void eMrwlock_destroy __P((eMrwlock_t *)); 1521 extern void eMrwlock_exit __P((eMrwlock_t *)); 1522 extern void eMrwlock_init __P((eMrwlock_t *, char *)); 1523 extern void eMrwlock_read_enter __P((eMrwlock_t *, char *, int)); 1524 extern void eMrwlock_write_enter __P((eMrwlock_t *, char *, int)); 1525 extern void eMrwlock_downgrade __P((eMrwlock_t *, char *, int)); 1526 1527 #undef NET_IS_HCK_L3_FULL 1528 #define NET_IS_HCK_L3_FULL(n, x) (0) 1529 #undef NET_IS_HCK_L3_PART 1530 #define NET_IS_HCK_L3_PART(n, x) (0) 1531 #undef NET_IS_HCK_L4_FULL 1532 #define NET_IS_HCK_L4_FULL(n, x) (0) 1533 #undef NET_IS_HCK_L4_PART 1534 #define NET_IS_HCK_L4_PART(n, x) (0) 1535 1536 #endif 1537 1538 #define MAX_IPV4HDR ((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8) 1539 1540 #ifndef IP_OFFMASK 1541 # define IP_OFFMASK 0x1fff 1542 #endif 1543 1544 1545 /* 1546 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized 1547 * object. 1548 */ 1549 #if BSD > 199306 1550 # define USE_QUAD_T 1551 # define U_QUAD_T u_quad_t 1552 # define QUAD_T quad_t 1553 #else /* BSD > 199306 */ 1554 # define U_QUAD_T u_long 1555 # define QUAD_T long 1556 #endif /* BSD > 199306 */ 1557 1558 1559 #ifdef USE_INET6 1560 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \ 1561 defined(__osf__) || defined(linux) 1562 # include <netinet/ip6.h> 1563 # include <netinet/icmp6.h> 1564 # if !defined(linux) 1565 # if defined(_KERNEL) && !defined(__osf__) 1566 # include <netinet6/ip6_var.h> 1567 # endif 1568 # endif 1569 typedef struct ip6_hdr ip6_t; 1570 # endif 1571 #endif 1572 1573 #ifndef MAX 1574 # define MAX(a,b) (((a) > (b)) ? (a) : (b)) 1575 #endif 1576 1577 #if defined(_KERNEL) 1578 # ifdef MENTAT 1579 # define COPYDATA mb_copydata 1580 # define COPYBACK mb_copyback 1581 # else 1582 # define COPYDATA m_copydata 1583 # define COPYBACK m_copyback 1584 # endif 1585 # if (BSD >= 199306) || defined(__FreeBSD__) 1586 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \ 1587 defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \ 1588 defined(_BSDI_VERSION) 1589 # include <vm/vm.h> 1590 # endif 1591 # if !defined(__FreeBSD__) || (defined (__FreeBSD_version) && \ 1592 (__FreeBSD_version >= 300000)) 1593 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105180000)) || \ 1594 (defined(OpenBSD) && (OpenBSD >= 200111)) 1595 # include <uvm/uvm_extern.h> 1596 # else 1597 # include <vm/vm_extern.h> 1598 extern vm_map_t kmem_map; 1599 # endif 1600 # include <sys/proc.h> 1601 # else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */ 1602 # include <vm/vm_kern.h> 1603 # endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */ 1604 1605 # ifdef IPFILTER_M_IPFILTER 1606 # include <sys/malloc.h> 1607 MALLOC_DECLARE(M_IPFILTER); 1608 # define _M_IPF M_IPFILTER 1609 # else /* IPFILTER_M_IPFILTER */ 1610 # ifdef M_PFIL 1611 # define _M_IPF M_PFIL 1612 # else 1613 # ifdef M_IPFILTER 1614 # define _M_IPF M_IPFILTER 1615 # else 1616 # define _M_IPF M_TEMP 1617 # endif /* M_IPFILTER */ 1618 # endif /* M_PFIL */ 1619 # endif /* IPFILTER_M_IPFILTER */ 1620 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), _M_IPF, M_NOWAIT) 1621 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), _M_IPF, M_NOWAIT) 1622 # define KFREE(x) FREE((x), _M_IPF) 1623 # define KFREES(x,s) FREE((x), _M_IPF) 1624 # define UIOMOVE(a,b,c,d) uiomove(a,b,d) 1625 # define SLEEP(id, n) tsleep((id), PPAUSE|PCATCH, n, 0) 1626 # define WAKEUP(id,x) wakeup(id+x) 1627 # define GETIFP(n, v, ifs) ifunit(n) 1628 # endif /* (Free)BSD */ 1629 1630 # if !defined(USE_MUTEXES) && !defined(SPL_NET) 1631 # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199407)) || \ 1632 (defined(OpenBSD) && (OpenBSD >= 200006)) 1633 # define SPL_NET(x) x = splsoftnet() 1634 # else 1635 # define SPL_IMP(x) x = splimp() 1636 # define SPL_NET(x) x = splnet() 1637 # endif /* NetBSD && (NetBSD <= 1991011) && (NetBSD >= 199407) */ 1638 # define SPL_X(x) (void) splx(x) 1639 # endif /* !USE_MUTEXES */ 1640 1641 # ifndef FREE_MB_T 1642 # define FREE_MB_T(m) m_freem(m) 1643 # endif 1644 1645 # ifndef MTOD 1646 # define MTOD(m,t) mtod(m,t) 1647 # endif 1648 1649 # ifndef COPYIN 1650 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1651 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1652 # define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1653 # define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0) 1654 # endif 1655 1656 # ifndef KMALLOC 1657 # define KMALLOC(a,b) (a) = (b)new_kmem_alloc(sizeof(*(a)), \ 1658 KMEM_NOSLEEP) 1659 # define KMALLOCS(a,b,c) (a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP) 1660 # endif 1661 1662 # ifndef GET_MINOR 1663 # define GET_MINOR(x) minor(x) 1664 # endif 1665 # define PANIC(x,y) if (x) panic y 1666 #endif /* _KERNEL */ 1667 1668 #ifndef IFNAME 1669 # define IFNAME(x) ((struct ifnet *)x)->if_name 1670 #endif 1671 #ifndef COPYIFNAME 1672 # define NEED_FRGETIFNAME 1673 extern char *fr_getifname __P((struct ifnet *, char *)); 1674 # define COPYIFNAME(x, b, v) \ 1675 fr_getifname((struct ifnet *)x, b) 1676 #endif 1677 1678 #ifndef ASSERT 1679 # define ASSERT(x) 1680 #endif 1681 1682 /* 1683 * Because the ctype(3) posix definition, if used "safely" in code everywhere, 1684 * would mean all normal code that walks through strings needed casts. Yuck. 1685 */ 1686 #define ISALNUM(x) isalnum((u_char)(x)) 1687 #define ISALPHA(x) isalpha((u_char)(x)) 1688 #define ISASCII(x) isascii((u_char)(x)) 1689 #define ISDIGIT(x) isdigit((u_char)(x)) 1690 #define ISPRINT(x) isprint((u_char)(x)) 1691 #define ISSPACE(x) isspace((u_char)(x)) 1692 #define ISUPPER(x) isupper((u_char)(x)) 1693 #define ISXDIGIT(x) isxdigit((u_char)(x)) 1694 #define ISLOWER(x) islower((u_char)(x)) 1695 #define TOUPPER(x) toupper((u_char)(x)) 1696 #define TOLOWER(x) tolower((u_char)(x)) 1697 1698 /* 1699 * If mutexes aren't being used, turn all the mutex functions into null-ops. 1700 */ 1701 #if !defined(USE_MUTEXES) 1702 # define USE_SPL 1 1703 # undef RW_DESTROY 1704 # undef MUTEX_INIT 1705 # undef MUTEX_NUKE 1706 # undef MUTEX_DESTROY 1707 # define MUTEX_ENTER(x) ; 1708 # define READ_ENTER(x) ; 1709 # define WRITE_ENTER(x) ; 1710 # define MUTEX_DOWNGRADE(x) ; 1711 # define RWLOCK_INIT(x, y) ; 1712 # define RWLOCK_EXIT(x) ; 1713 # define RW_DESTROY(x) ; 1714 # define MUTEX_EXIT(x) ; 1715 # define MUTEX_INIT(x,y) ; 1716 # define MUTEX_DESTROY(x) ; 1717 # define MUTEX_NUKE(x) ; 1718 #endif /* !USE_MUTEXES */ 1719 #ifndef ATOMIC_INC 1720 # define ATOMIC_INC(x) (x)++ 1721 # define ATOMIC_DEC(x) (x)-- 1722 #endif 1723 1724 #if defined(USE_SPL) && defined(_KERNEL) 1725 # define SPL_INT(x) int x 1726 #else 1727 # define SPL_INT(x) 1728 #endif 1729 1730 /* 1731 * If there are no atomic operations for bit sizes defined, define them to all 1732 * use a generic one that works for all sizes. 1733 */ 1734 #ifndef ATOMIC_INCL 1735 # define ATOMIC_INCL ATOMIC_INC 1736 # define ATOMIC_INC64 ATOMIC_INC 1737 # define ATOMIC_INC32 ATOMIC_INC 1738 # define ATOMIC_INC16 ATOMIC_INC 1739 # define ATOMIC_DECL ATOMIC_DEC 1740 # define ATOMIC_DEC64 ATOMIC_DEC 1741 # define ATOMIC_DEC32 ATOMIC_DEC 1742 # define ATOMIC_DEC16 ATOMIC_DEC 1743 #endif 1744 1745 #ifndef HDR_T_PRIVATE 1746 typedef struct tcphdr tcphdr_t; 1747 typedef struct udphdr udphdr_t; 1748 #endif 1749 typedef struct icmp icmphdr_t; 1750 typedef struct ip ip_t; 1751 typedef struct ether_header ether_header_t; 1752 typedef struct tcpiphdr tcpiphdr_t; 1753 1754 #ifndef FR_GROUPLEN 1755 # define FR_GROUPLEN 16 1756 #endif 1757 1758 #ifdef offsetof 1759 # undef offsetof 1760 #endif 1761 #ifndef offsetof 1762 # define offsetof(t,m) (size_t)((&((t *)0)->m)) 1763 #endif 1764 1765 /* 1766 * This set of macros has been brought about because on Tru64 it is not 1767 * possible to easily assign or examine values in a structure that are 1768 * bit fields. 1769 */ 1770 #ifndef IP_V 1771 # define IP_V(x) (x)->ip_v 1772 #endif 1773 #ifndef IP_V_A 1774 # define IP_V_A(x,y) (x)->ip_v = (y) 1775 #endif 1776 #ifndef IP_HL 1777 # define IP_HL(x) (x)->ip_hl 1778 #endif 1779 #ifndef IP_HL_A 1780 # define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf) 1781 #endif 1782 #ifndef TCP_X2 1783 # define TCP_X2(x) (x)->th_x2 1784 #endif 1785 #ifndef TCP_X2_A 1786 # define TCP_X2_A(x,y) (x)->th_x2 = (y) 1787 #endif 1788 #ifndef TCP_OFF 1789 # define TCP_OFF(x) (x)->th_off 1790 #endif 1791 #ifndef TCP_OFF_A 1792 # define TCP_OFF_A(x,y) (x)->th_off = (y) 1793 #endif 1794 #define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h))) 1795 1796 1797 /* 1798 * XXX - This is one of those *awful* hacks which nobody likes 1799 */ 1800 #ifdef ultrix 1801 #define A_A 1802 #else 1803 #define A_A & 1804 #endif 1805 1806 #define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\ 1807 TH_ECN|TH_CWR) 1808 1809 #if (BSD >= 199306) && !defined(m_act) 1810 # define m_act m_nextpkt 1811 #endif 1812 1813 /* 1814 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108. 1815 * 1816 * Basic Option 1817 * 1818 * 00000001 - (Reserved 4) 1819 * 00111101 - Top Secret 1820 * 01011010 - Secret 1821 * 10010110 - Confidential 1822 * 01100110 - (Reserved 3) 1823 * 11001100 - (Reserved 2) 1824 * 10101011 - Unclassified 1825 * 11110001 - (Reserved 1) 1826 */ 1827 #define IPSO_CLASS_RES4 0x01 1828 #define IPSO_CLASS_TOPS 0x3d 1829 #define IPSO_CLASS_SECR 0x5a 1830 #define IPSO_CLASS_CONF 0x96 1831 #define IPSO_CLASS_RES3 0x66 1832 #define IPSO_CLASS_RES2 0xcc 1833 #define IPSO_CLASS_UNCL 0xab 1834 #define IPSO_CLASS_RES1 0xf1 1835 1836 #define IPSO_AUTH_GENSER 0x80 1837 #define IPSO_AUTH_ESI 0x40 1838 #define IPSO_AUTH_SCI 0x20 1839 #define IPSO_AUTH_NSA 0x10 1840 #define IPSO_AUTH_DOE 0x08 1841 #define IPSO_AUTH_UN 0x06 1842 #define IPSO_AUTH_FTE 0x01 1843 1844 /* 1845 * IP option #defines 1846 */ 1847 #undef IPOPT_RR 1848 #define IPOPT_RR 7 1849 #undef IPOPT_ZSU 1850 #define IPOPT_ZSU 10 /* ZSU */ 1851 #undef IPOPT_MTUP 1852 #define IPOPT_MTUP 11 /* MTUP */ 1853 #undef IPOPT_MTUR 1854 #define IPOPT_MTUR 12 /* MTUR */ 1855 #undef IPOPT_ENCODE 1856 #define IPOPT_ENCODE 15 /* ENCODE */ 1857 #undef IPOPT_TS 1858 #define IPOPT_TS 68 1859 #undef IPOPT_TR 1860 #define IPOPT_TR 82 /* TR */ 1861 #undef IPOPT_SECURITY 1862 #define IPOPT_SECURITY 130 1863 #undef IPOPT_LSRR 1864 #define IPOPT_LSRR 131 1865 #undef IPOPT_E_SEC 1866 #define IPOPT_E_SEC 133 /* E-SEC */ 1867 #undef IPOPT_CIPSO 1868 #define IPOPT_CIPSO 134 /* CIPSO */ 1869 #undef IPOPT_SATID 1870 #define IPOPT_SATID 136 1871 #ifndef IPOPT_SID 1872 # define IPOPT_SID IPOPT_SATID 1873 #endif 1874 #undef IPOPT_SSRR 1875 #define IPOPT_SSRR 137 1876 #undef IPOPT_ADDEXT 1877 #define IPOPT_ADDEXT 147 /* ADDEXT */ 1878 #undef IPOPT_VISA 1879 #define IPOPT_VISA 142 /* VISA */ 1880 #undef IPOPT_IMITD 1881 #define IPOPT_IMITD 144 /* IMITD */ 1882 #undef IPOPT_EIP 1883 #define IPOPT_EIP 145 /* EIP */ 1884 #undef IPOPT_RTRALRT 1885 #define IPOPT_RTRALRT 148 /* RTRALRT */ 1886 #undef IPOPT_SDB 1887 #define IPOPT_SDB 149 1888 #undef IPOPT_NSAPA 1889 #define IPOPT_NSAPA 150 1890 #undef IPOPT_DPS 1891 #define IPOPT_DPS 151 1892 #undef IPOPT_UMP 1893 #define IPOPT_UMP 152 1894 #undef IPOPT_FINN 1895 #define IPOPT_FINN 205 /* FINN */ 1896 1897 #ifndef TCPOPT_EOL 1898 # define TCPOPT_EOL 0 1899 #endif 1900 #ifndef TCPOPT_NOP 1901 # define TCPOPT_NOP 1 1902 #endif 1903 #ifndef TCPOPT_MAXSEG 1904 # define TCPOPT_MAXSEG 2 1905 #endif 1906 #ifndef TCPOLEN_MAXSEG 1907 # define TCPOLEN_MAXSEG 4 1908 #endif 1909 #ifndef TCPOPT_WINDOW 1910 # define TCPOPT_WINDOW 3 1911 #endif 1912 #ifndef TCPOLEN_WINDOW 1913 # define TCPOLEN_WINDOW 3 1914 #endif 1915 #ifndef TCPOPT_SACK_PERMITTED 1916 # define TCPOPT_SACK_PERMITTED 4 1917 #endif 1918 #ifndef TCPOLEN_SACK_PERMITTED 1919 # define TCPOLEN_SACK_PERMITTED 2 1920 #endif 1921 #ifndef TCPOPT_SACK 1922 # define TCPOPT_SACK 5 1923 #endif 1924 #ifndef TCPOPT_TIMESTAMP 1925 # define TCPOPT_TIMESTAMP 8 1926 #endif 1927 1928 #ifndef ICMP_MINLEN 1929 # define ICMP_MINLEN 8 1930 #endif 1931 #ifndef ICMP_ECHOREPLY 1932 # define ICMP_ECHOREPLY 0 1933 #endif 1934 #ifndef ICMP_UNREACH 1935 # define ICMP_UNREACH 3 1936 #endif 1937 #ifndef ICMP_UNREACH_NET 1938 # define ICMP_UNREACH_NET 0 1939 #endif 1940 #ifndef ICMP_UNREACH_HOST 1941 # define ICMP_UNREACH_HOST 1 1942 #endif 1943 #ifndef ICMP_UNREACH_PROTOCOL 1944 # define ICMP_UNREACH_PROTOCOL 2 1945 #endif 1946 #ifndef ICMP_UNREACH_PORT 1947 # define ICMP_UNREACH_PORT 3 1948 #endif 1949 #ifndef ICMP_UNREACH_NEEDFRAG 1950 # define ICMP_UNREACH_NEEDFRAG 4 1951 #endif 1952 #ifndef ICMP_UNREACH_SRCFAIL 1953 # define ICMP_UNREACH_SRCFAIL 5 1954 #endif 1955 #ifndef ICMP_UNREACH_NET_UNKNOWN 1956 # define ICMP_UNREACH_NET_UNKNOWN 6 1957 #endif 1958 #ifndef ICMP_UNREACH_HOST_UNKNOWN 1959 # define ICMP_UNREACH_HOST_UNKNOWN 7 1960 #endif 1961 #ifndef ICMP_UNREACH_ISOLATED 1962 # define ICMP_UNREACH_ISOLATED 8 1963 #endif 1964 #ifndef ICMP_UNREACH_NET_PROHIB 1965 # define ICMP_UNREACH_NET_PROHIB 9 1966 #endif 1967 #ifndef ICMP_UNREACH_HOST_PROHIB 1968 # define ICMP_UNREACH_HOST_PROHIB 10 1969 #endif 1970 #ifndef ICMP_UNREACH_TOSNET 1971 # define ICMP_UNREACH_TOSNET 11 1972 #endif 1973 #ifndef ICMP_UNREACH_TOSHOST 1974 # define ICMP_UNREACH_TOSHOST 12 1975 #endif 1976 #ifndef ICMP_UNREACH_ADMIN_PROHIBIT 1977 # define ICMP_UNREACH_ADMIN_PROHIBIT 13 1978 #endif 1979 #ifndef ICMP_UNREACH_FILTER 1980 # define ICMP_UNREACH_FILTER 13 1981 #endif 1982 #ifndef ICMP_UNREACH_HOST_PRECEDENCE 1983 # define ICMP_UNREACH_HOST_PRECEDENCE 14 1984 #endif 1985 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF 1986 # define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 1987 #endif 1988 #ifndef ICMP_SOURCEQUENCH 1989 # define ICMP_SOURCEQUENCH 4 1990 #endif 1991 #ifndef ICMP_REDIRECT_NET 1992 # define ICMP_REDIRECT_NET 0 1993 #endif 1994 #ifndef ICMP_REDIRECT_HOST 1995 # define ICMP_REDIRECT_HOST 1 1996 #endif 1997 #ifndef ICMP_REDIRECT_TOSNET 1998 # define ICMP_REDIRECT_TOSNET 2 1999 #endif 2000 #ifndef ICMP_REDIRECT_TOSHOST 2001 # define ICMP_REDIRECT_TOSHOST 3 2002 #endif 2003 #ifndef ICMP_ALTHOSTADDR 2004 # define ICMP_ALTHOSTADDR 6 2005 #endif 2006 #ifndef ICMP_TIMXCEED 2007 # define ICMP_TIMXCEED 11 2008 #endif 2009 #ifndef ICMP_TIMXCEED_INTRANS 2010 # define ICMP_TIMXCEED_INTRANS 0 2011 #endif 2012 #ifndef ICMP_TIMXCEED_REASS 2013 # define ICMP_TIMXCEED_REASS 1 2014 #endif 2015 #ifndef ICMP_PARAMPROB 2016 # define ICMP_PARAMPROB 12 2017 #endif 2018 #ifndef ICMP_PARAMPROB_ERRATPTR 2019 # define ICMP_PARAMPROB_ERRATPTR 0 2020 #endif 2021 #ifndef ICMP_PARAMPROB_OPTABSENT 2022 # define ICMP_PARAMPROB_OPTABSENT 1 2023 #endif 2024 #ifndef ICMP_PARAMPROB_LENGTH 2025 # define ICMP_PARAMPROB_LENGTH 2 2026 #endif 2027 #ifndef ICMP_TSTAMP 2028 # define ICMP_TSTAMP 13 2029 #endif 2030 #ifndef ICMP_TSTAMPREPLY 2031 # define ICMP_TSTAMPREPLY 14 2032 #endif 2033 #ifndef ICMP_IREQ 2034 # define ICMP_IREQ 15 2035 #endif 2036 #ifndef ICMP_IREQREPLY 2037 # define ICMP_IREQREPLY 16 2038 #endif 2039 #ifndef ICMP_MASKREQ 2040 # define ICMP_MASKREQ 17 2041 #endif 2042 #ifndef ICMP_MASKREPLY 2043 # define ICMP_MASKREPLY 18 2044 #endif 2045 #ifndef ICMP_TRACEROUTE 2046 # define ICMP_TRACEROUTE 30 2047 #endif 2048 #ifndef ICMP_DATACONVERR 2049 # define ICMP_DATACONVERR 31 2050 #endif 2051 #ifndef ICMP_MOBILE_REDIRECT 2052 # define ICMP_MOBILE_REDIRECT 32 2053 #endif 2054 #ifndef ICMP_IPV6_WHEREAREYOU 2055 # define ICMP_IPV6_WHEREAREYOU 33 2056 #endif 2057 #ifndef ICMP_IPV6_IAMHERE 2058 # define ICMP_IPV6_IAMHERE 34 2059 #endif 2060 #ifndef ICMP_MOBILE_REGREQUEST 2061 # define ICMP_MOBILE_REGREQUEST 35 2062 #endif 2063 #ifndef ICMP_MOBILE_REGREPLY 2064 # define ICMP_MOBILE_REGREPLY 36 2065 #endif 2066 #ifndef ICMP_SKIP 2067 # define ICMP_SKIP 39 2068 #endif 2069 #ifndef ICMP_PHOTURIS 2070 # define ICMP_PHOTURIS 40 2071 #endif 2072 #ifndef ICMP_PHOTURIS_UNKNOWN_INDEX 2073 # define ICMP_PHOTURIS_UNKNOWN_INDEX 1 2074 #endif 2075 #ifndef ICMP_PHOTURIS_AUTH_FAILED 2076 # define ICMP_PHOTURIS_AUTH_FAILED 2 2077 #endif 2078 #ifndef ICMP_PHOTURIS_DECRYPT_FAILED 2079 # define ICMP_PHOTURIS_DECRYPT_FAILED 3 2080 #endif 2081 #ifndef IPVERSION 2082 # define IPVERSION 4 2083 #endif 2084 #ifndef IPOPT_MINOFF 2085 # define IPOPT_MINOFF 4 2086 #endif 2087 #ifndef IPOPT_COPIED 2088 # define IPOPT_COPIED(x) ((x)&0x80) 2089 #endif 2090 #ifndef IPOPT_EOL 2091 # define IPOPT_EOL 0 2092 #endif 2093 #ifndef IPOPT_NOP 2094 # define IPOPT_NOP 1 2095 #endif 2096 #ifndef IP_MF 2097 # define IP_MF ((u_short)0x2000) 2098 #endif 2099 #ifndef ETHERTYPE_IP 2100 # define ETHERTYPE_IP ((u_short)0x0800) 2101 #endif 2102 #ifndef TH_FIN 2103 # define TH_FIN 0x01 2104 #endif 2105 #ifndef TH_SYN 2106 # define TH_SYN 0x02 2107 #endif 2108 #ifndef TH_RST 2109 # define TH_RST 0x04 2110 #endif 2111 #ifndef TH_PUSH 2112 # define TH_PUSH 0x08 2113 #endif 2114 #ifndef TH_ACK 2115 # define TH_ACK 0x10 2116 #endif 2117 #ifndef TH_URG 2118 # define TH_URG 0x20 2119 #endif 2120 #undef TH_ACKMASK 2121 #define TH_ACKMASK (TH_FIN|TH_SYN|TH_RST|TH_ACK) 2122 2123 #ifndef IPOPT_EOL 2124 # define IPOPT_EOL 0 2125 #endif 2126 #ifndef IPOPT_NOP 2127 # define IPOPT_NOP 1 2128 #endif 2129 #ifndef IPOPT_RR 2130 # define IPOPT_RR 7 2131 #endif 2132 #ifndef IPOPT_TS 2133 # define IPOPT_TS 68 2134 #endif 2135 #ifndef IPOPT_SECURITY 2136 # define IPOPT_SECURITY 130 2137 #endif 2138 #ifndef IPOPT_LSRR 2139 # define IPOPT_LSRR 131 2140 #endif 2141 #ifndef IPOPT_SATID 2142 # define IPOPT_SATID 136 2143 #endif 2144 #ifndef IPOPT_SSRR 2145 # define IPOPT_SSRR 137 2146 #endif 2147 #ifndef IPOPT_SECUR_UNCLASS 2148 # define IPOPT_SECUR_UNCLASS ((u_short)0x0000) 2149 #endif 2150 #ifndef IPOPT_SECUR_CONFID 2151 # define IPOPT_SECUR_CONFID ((u_short)0xf135) 2152 #endif 2153 #ifndef IPOPT_SECUR_EFTO 2154 # define IPOPT_SECUR_EFTO ((u_short)0x789a) 2155 #endif 2156 #ifndef IPOPT_SECUR_MMMM 2157 # define IPOPT_SECUR_MMMM ((u_short)0xbc4d) 2158 #endif 2159 #ifndef IPOPT_SECUR_RESTR 2160 # define IPOPT_SECUR_RESTR ((u_short)0xaf13) 2161 #endif 2162 #ifndef IPOPT_SECUR_SECRET 2163 # define IPOPT_SECUR_SECRET ((u_short)0xd788) 2164 #endif 2165 #ifndef IPOPT_SECUR_TOPSECRET 2166 # define IPOPT_SECUR_TOPSECRET ((u_short)0x6bc5) 2167 #endif 2168 #ifndef IPOPT_OLEN 2169 # define IPOPT_OLEN 1 2170 #endif 2171 #ifndef IPPROTO_HOPOPTS 2172 # define IPPROTO_HOPOPTS 0 2173 #endif 2174 #ifndef IPPROTO_ENCAP 2175 # define IPPROTO_ENCAP 4 2176 #endif 2177 #ifndef IPPROTO_IPV6 2178 # define IPPROTO_IPV6 41 2179 #endif 2180 #ifndef IPPROTO_ROUTING 2181 # define IPPROTO_ROUTING 43 2182 #endif 2183 #ifndef IPPROTO_FRAGMENT 2184 # define IPPROTO_FRAGMENT 44 2185 #endif 2186 #ifndef IPPROTO_GRE 2187 # define IPPROTO_GRE 47 /* GRE encaps RFC 1701 */ 2188 #endif 2189 #ifndef IPPROTO_ESP 2190 # define IPPROTO_ESP 50 2191 #endif 2192 #ifndef IPPROTO_AH 2193 # define IPPROTO_AH 51 2194 #endif 2195 #ifndef IPPROTO_ICMPV6 2196 # define IPPROTO_ICMPV6 58 2197 #endif 2198 #ifndef IPPROTO_NONE 2199 # define IPPROTO_NONE 59 2200 #endif 2201 #ifndef IPPROTO_DSTOPTS 2202 # define IPPROTO_DSTOPTS 60 2203 #endif 2204 #ifndef IPPROTO_FRAGMENT 2205 # define IPPROTO_FRAGMENT 44 2206 #endif 2207 #ifndef ICMP_ROUTERADVERT 2208 # define ICMP_ROUTERADVERT 9 2209 #endif 2210 #ifndef ICMP_ROUTERSOLICIT 2211 # define ICMP_ROUTERSOLICIT 10 2212 #endif 2213 #ifndef ICMP6_DST_UNREACH 2214 # define ICMP6_DST_UNREACH 1 2215 #endif 2216 #ifndef ICMP6_PACKET_TOO_BIG 2217 # define ICMP6_PACKET_TOO_BIG 2 2218 #endif 2219 #ifndef ICMP6_TIME_EXCEEDED 2220 # define ICMP6_TIME_EXCEEDED 3 2221 #endif 2222 #ifndef ICMP6_PARAM_PROB 2223 # define ICMP6_PARAM_PROB 4 2224 #endif 2225 2226 #ifndef ICMP6_ECHO_REQUEST 2227 # define ICMP6_ECHO_REQUEST 128 2228 #endif 2229 #ifndef ICMP6_ECHO_REPLY 2230 # define ICMP6_ECHO_REPLY 129 2231 #endif 2232 #ifndef ICMP6_MEMBERSHIP_QUERY 2233 # define ICMP6_MEMBERSHIP_QUERY 130 2234 #endif 2235 #ifndef MLD6_LISTENER_QUERY 2236 # define MLD6_LISTENER_QUERY 130 2237 #endif 2238 #ifndef ICMP6_MEMBERSHIP_REPORT 2239 # define ICMP6_MEMBERSHIP_REPORT 131 2240 #endif 2241 #ifndef MLD6_LISTENER_REPORT 2242 # define MLD6_LISTENER_REPORT 131 2243 #endif 2244 #ifndef ICMP6_MEMBERSHIP_REDUCTION 2245 # define ICMP6_MEMBERSHIP_REDUCTION 132 2246 #endif 2247 #ifndef MLD6_LISTENER_DONE 2248 # define MLD6_LISTENER_DONE 132 2249 #endif 2250 #ifndef ND_ROUTER_SOLICIT 2251 # define ND_ROUTER_SOLICIT 133 2252 #endif 2253 #ifndef ND_ROUTER_ADVERT 2254 # define ND_ROUTER_ADVERT 134 2255 #endif 2256 #ifndef ND_NEIGHBOR_SOLICIT 2257 # define ND_NEIGHBOR_SOLICIT 135 2258 #endif 2259 #ifndef ND_NEIGHBOR_ADVERT 2260 # define ND_NEIGHBOR_ADVERT 136 2261 #endif 2262 #ifndef ND_REDIRECT 2263 # define ND_REDIRECT 137 2264 #endif 2265 #ifndef ICMP6_ROUTER_RENUMBERING 2266 # define ICMP6_ROUTER_RENUMBERING 138 2267 #endif 2268 #ifndef ICMP6_WRUREQUEST 2269 # define ICMP6_WRUREQUEST 139 2270 #endif 2271 #ifndef ICMP6_WRUREPLY 2272 # define ICMP6_WRUREPLY 140 2273 #endif 2274 #ifndef ICMP6_FQDN_QUERY 2275 # define ICMP6_FQDN_QUERY 139 2276 #endif 2277 #ifndef ICMP6_FQDN_REPLY 2278 # define ICMP6_FQDN_REPLY 140 2279 #endif 2280 #ifndef ICMP6_NI_QUERY 2281 # define ICMP6_NI_QUERY 139 2282 #endif 2283 #ifndef ICMP6_NI_REPLY 2284 # define ICMP6_NI_REPLY 140 2285 #endif 2286 #ifndef MLD6_MTRACE_RESP 2287 # define MLD6_MTRACE_RESP 200 2288 #endif 2289 #ifndef MLD6_MTRACE 2290 # define MLD6_MTRACE 201 2291 #endif 2292 #ifndef ICMP6_HADISCOV_REQUEST 2293 # define ICMP6_HADISCOV_REQUEST 202 2294 #endif 2295 #ifndef ICMP6_HADISCOV_REPLY 2296 # define ICMP6_HADISCOV_REPLY 203 2297 #endif 2298 #ifndef ICMP6_MOBILEPREFIX_SOLICIT 2299 # define ICMP6_MOBILEPREFIX_SOLICIT 204 2300 #endif 2301 #ifndef ICMP6_MOBILEPREFIX_ADVERT 2302 # define ICMP6_MOBILEPREFIX_ADVERT 205 2303 #endif 2304 #ifndef ICMP6_MAXTYPE 2305 # define ICMP6_MAXTYPE 205 2306 #endif 2307 2308 #ifndef ICMP6_DST_UNREACH_NOROUTE 2309 # define ICMP6_DST_UNREACH_NOROUTE 0 2310 #endif 2311 #ifndef ICMP6_DST_UNREACH_ADMIN 2312 # define ICMP6_DST_UNREACH_ADMIN 1 2313 #endif 2314 #ifndef ICMP6_DST_UNREACH_NOTNEIGHBOR 2315 # define ICMP6_DST_UNREACH_NOTNEIGHBOR 2 2316 #endif 2317 #ifndef ICMP6_DST_UNREACH_BEYONDSCOPE 2318 # define ICMP6_DST_UNREACH_BEYONDSCOPE 2 2319 #endif 2320 #ifndef ICMP6_DST_UNREACH_ADDR 2321 # define ICMP6_DST_UNREACH_ADDR 3 2322 #endif 2323 #ifndef ICMP6_DST_UNREACH_NOPORT 2324 # define ICMP6_DST_UNREACH_NOPORT 4 2325 #endif 2326 #ifndef ICMP6_TIME_EXCEED_TRANSIT 2327 # define ICMP6_TIME_EXCEED_TRANSIT 0 2328 #endif 2329 #ifndef ICMP6_TIME_EXCEED_REASSEMBLY 2330 # define ICMP6_TIME_EXCEED_REASSEMBLY 1 2331 #endif 2332 2333 #ifndef ICMP6_NI_SUCCESS 2334 # define ICMP6_NI_SUCCESS 0 2335 #endif 2336 #ifndef ICMP6_NI_REFUSED 2337 # define ICMP6_NI_REFUSED 1 2338 #endif 2339 #ifndef ICMP6_NI_UNKNOWN 2340 # define ICMP6_NI_UNKNOWN 2 2341 #endif 2342 2343 #ifndef ICMP6_ROUTER_RENUMBERING_COMMAND 2344 # define ICMP6_ROUTER_RENUMBERING_COMMAND 0 2345 #endif 2346 #ifndef ICMP6_ROUTER_RENUMBERING_RESULT 2347 # define ICMP6_ROUTER_RENUMBERING_RESULT 1 2348 #endif 2349 #ifndef ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 2350 # define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255 2351 #endif 2352 2353 #ifndef ICMP6_PARAMPROB_HEADER 2354 # define ICMP6_PARAMPROB_HEADER 0 2355 #endif 2356 #ifndef ICMP6_PARAMPROB_NEXTHEADER 2357 # define ICMP6_PARAMPROB_NEXTHEADER 1 2358 #endif 2359 #ifndef ICMP6_PARAMPROB_OPTION 2360 # define ICMP6_PARAMPROB_OPTION 2 2361 #endif 2362 2363 #ifndef ICMP6_NI_SUBJ_IPV6 2364 # define ICMP6_NI_SUBJ_IPV6 0 2365 #endif 2366 #ifndef ICMP6_NI_SUBJ_FQDN 2367 # define ICMP6_NI_SUBJ_FQDN 1 2368 #endif 2369 #ifndef ICMP6_NI_SUBJ_IPV4 2370 # define ICMP6_NI_SUBJ_IPV4 2 2371 #endif 2372 2373 #if !defined(IPV6_FLOWINFO_MASK) 2374 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN) 2375 # define IPV6_FLOWINFO_MASK 0x0fffffff /* flow info (28 bits) */ 2376 # else 2377 # if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN) 2378 # define IPV6_FLOWINFO_MASK 0xffffff0f /* flow info (28 bits) */ 2379 # endif /* LITTLE_ENDIAN */ 2380 # endif 2381 #endif 2382 #if !defined(IPV6_FLOWLABEL_MASK) 2383 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN) 2384 # define IPV6_FLOWLABEL_MASK 0x000fffff /* flow label (20 bits) */ 2385 # else 2386 # if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN) 2387 # define IPV6_FLOWLABEL_MASK 0xffff0f00 /* flow label (20 bits) */ 2388 # endif /* LITTLE_ENDIAN */ 2389 # endif 2390 #endif 2391 2392 /* 2393 * ECN is a new addition to TCP - RFC 2481 2394 */ 2395 #ifndef TH_ECN 2396 # define TH_ECN 0x40 2397 #endif 2398 #ifndef TH_CWR 2399 # define TH_CWR 0x80 2400 #endif 2401 #define TH_ECNALL (TH_ECN|TH_CWR) 2402 2403 /* 2404 * TCP States 2405 */ 2406 #define IPF_TCPS_LISTEN 0 /* listening for connection */ 2407 #define IPF_TCPS_SYN_SENT 1 /* active, have sent syn */ 2408 #define IPF_TCPS_SYN_RECEIVED 2 /* have send and received syn */ 2409 #define IPF_TCPS_HALF_ESTAB 3 /* for connections not fully "up" */ 2410 /* states < IPF_TCPS_ESTABLISHED are those where connections not established */ 2411 #define IPF_TCPS_ESTABLISHED 4 /* established */ 2412 #define IPF_TCPS_CLOSE_WAIT 5 /* rcvd fin, waiting for close */ 2413 /* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */ 2414 #define IPF_TCPS_FIN_WAIT_1 6 /* have closed, sent fin */ 2415 #define IPF_TCPS_CLOSING 7 /* closed xchd FIN; await FIN ACK */ 2416 #define IPF_TCPS_LAST_ACK 8 /* had fin and close; await FIN ACK */ 2417 /* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */ 2418 #define IPF_TCPS_FIN_WAIT_2 9 /* have closed, fin is acked */ 2419 #define IPF_TCPS_TIME_WAIT 10 /* in 2*msl quiet wait after close */ 2420 #define IPF_TCPS_CLOSED 11 /* closed */ 2421 #define IPF_TCP_NSTATES 12 2422 2423 #define TCP_MSL 120 2424 2425 #undef ICMP_MAX_UNREACH 2426 #define ICMP_MAX_UNREACH 14 2427 #undef ICMP_MAXTYPE 2428 #define ICMP_MAXTYPE 18 2429 2430 #ifndef IFNAMSIZ 2431 #define IFNAMSIZ 16 2432 #endif 2433 2434 #ifndef LOG_FTP 2435 # define LOG_FTP (11<<3) 2436 #endif 2437 #ifndef LOG_AUTHPRIV 2438 # define LOG_AUTHPRIV (10<<3) 2439 #endif 2440 #ifndef LOG_AUDIT 2441 # define LOG_AUDIT (13<<3) 2442 #endif 2443 #ifndef LOG_NTP 2444 # define LOG_NTP (12<<3) 2445 #endif 2446 #ifndef LOG_SECURITY 2447 # define LOG_SECURITY (13<<3) 2448 #endif 2449 #ifndef LOG_LFMT 2450 # define LOG_LFMT (14<<3) 2451 #endif 2452 #ifndef LOG_CONSOLE 2453 # define LOG_CONSOLE (14<<3) 2454 #endif 2455 2456 /* 2457 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data, 2458 * another IP header and then 64 bits of data, totalling 56. Of course, 2459 * the last 64 bits is dependent on that being available. 2460 */ 2461 #define ICMPERR_ICMPHLEN 8 2462 #define ICMPERR_IPICMPHLEN (20 + 8) 2463 #define ICMPERR_MINPKTLEN (20 + 8 + 20) 2464 #define ICMPERR_MAXPKTLEN (20 + 8 + 20 + 8) 2465 #define ICMP6ERR_MINPKTLEN (40 + 8) 2466 #define ICMP6ERR_IPICMPHLEN (40 + 8 + 40) 2467 2468 #ifndef MIN 2469 # define MIN(a,b) (((a)<(b))?(a):(b)) 2470 #endif 2471 2472 #ifdef IPF_DEBUG 2473 # define DPRINT(x) printf x 2474 #else 2475 # define DPRINT(x) 2476 #endif 2477 2478 #ifdef RESCUE 2479 # undef IPFILTER_BPF 2480 #endif 2481 2482 #ifndef DTRACE_PROBE 2483 # define DTRACE_PROBE(_x_) 2484 # define DTRACE_PROBE1(_x_, _t1_, _a1_) 2485 # define DTRACE_PROBE2(_x_, _t1_, _a1_, _t2_, _a2_) 2486 # define DTRACE_PROBE3(_x_, _t1_, _a1_, _t2_, _a2_, _t3_, _a3_) 2487 # define DTRACE_PROBE4(_x_, _t1_, _a1_, _t2_, _a2_, _t3_, _a3_, _t4_, _a4_) 2488 #endif 2489 2490 #ifndef IPF_IS_LOOPBACK 2491 # define IPF_IS_LOOPBACK(x) 0 2492 #endif 2493 2494 #endif /* __IP_COMPAT_H__ */ 2495