xref: /illumos-gate/usr/src/uts/common/inet/ipf/netinet/ip_compat.h (revision a6d4d7d5d0e34964282f736f7bade0574645f1fd)
1 /*
2  * Copyright (C) 1993-2001, 2003 by Darren Reed.
3  *
4  * See the IPFILTER.LICENCE file for details on licencing.
5  *
6  * @(#)ip_compat.h	1.8 1/14/96
7  * $Id: ip_compat.h,v 2.142.2.30 2005/08/11 15:13:49 darrenr Exp $
8  *
9  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
10  * Use is subject to license terms.
11  */
12 
13 #pragma ident	"%Z%%M%	%I%	%E% SMI"
14 
15 #ifndef	__IP_COMPAT_H__
16 #define	__IP_COMPAT_H__
17 
18 #ifndef	__P
19 # ifdef	__STDC__
20 #  define	__P(x)  x
21 # else
22 #  define	__P(x)  ()
23 # endif
24 #endif
25 #ifndef	__STDC__
26 # undef		const
27 # define	const
28 #endif
29 
30 #if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__)
31 # undef	KERNEL
32 # undef	_KERNEL
33 # undef 	__KERNEL__
34 # define	KERNEL
35 # define	_KERNEL
36 # define 	__KERNEL__
37 #endif
38 
39 #ifndef	SOLARIS
40 #define	SOLARIS	(defined(sun) && (defined(__svr4__) || defined(__SVR4)))
41 #endif
42 #if SOLARIS2 >= 8
43 # ifndef	USE_INET6
44 #  define	USE_INET6
45 # endif
46 #endif
47 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \
48     !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6)
49 # define	USE_INET6
50 #endif
51 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105000000) && \
52     !defined(_KERNEL) && !defined(USE_INET6)
53 # define	USE_INET6
54 # define	IPFILTER_M_IPFILTER
55 #endif
56 #if defined(OpenBSD) && (OpenBSD >= 200206) && \
57     !defined(_KERNEL) && !defined(USE_INET6)
58 # define	USE_INET6
59 #endif
60 #if defined(__osf__)
61 # define	USE_INET6
62 #endif
63 #if defined(linux) && (!defined(_KERNEL) || defined(CONFIG_IPV6))
64 # define	USE_INET6
65 #endif
66 #if defined(HPUXREV) && (HPUXREV >= 1111)
67 # define	USE_INET6
68 #endif
69 
70 #if defined(BSD) && (BSD < 199103) && defined(__osf__)
71 # undef BSD
72 # define BSD 199103
73 #endif
74 
75 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
76 # define index   strchr
77 # if !defined(_KERNEL)
78 #  define	bzero(a,b)	memset(a,0,b)
79 #  define	bcmp		memcmp
80 #  define	bcopy(a,b,c)	memmove(b,a,c)
81 # endif
82 #endif
83 
84 #ifndef LIFNAMSIZ
85 # ifdef IF_NAMESIZE
86 #  define	LIFNAMSIZ	IF_NAMESIZE
87 # else
88 #  ifdef	IFNAMSIZ
89 #   define	LIFNAMSIZ	IFNAMSIZ
90 #  else
91 #   define	LIFNAMSIZ	16
92 #  endif
93 # endif
94 #endif
95 
96 #if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux)
97 struct  ether_addr {
98         u_char  ether_addr_octet[6];
99 };
100 #endif
101 
102 #if defined(__sgi) && !defined(IPFILTER_LKM)
103 # ifdef __STDC__
104 #  define IPL_EXTERN(ep) ipfilter##ep
105 # else
106 #  define IPL_EXTERN(ep) ipfilter/**/ep
107 # endif
108 #else
109 # ifdef __STDC__
110 #  define IPL_EXTERN(ep) ipl##ep
111 # else
112 #  define IPL_EXTERN(ep) ipl/**/ep
113 # endif
114 #endif
115 
116 /*
117  * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD.
118  */
119 #ifndef linux
120 # ifndef _KERNEL
121 #  define ADD_KERNEL
122 #  define _KERNEL
123 #  define KERNEL
124 # endif
125 # ifdef __OpenBSD__
126 struct file;
127 # endif
128 # include <sys/uio.h>
129 # ifdef ADD_KERNEL
130 #  undef _KERNEL
131 #  undef KERNEL
132 # endif
133 #endif
134 
135 
136 /* ----------------------------------------------------------------------- */
137 /*                                  S O L A R I S                          */
138 /* ----------------------------------------------------------------------- */
139 #if SOLARIS
140 # define	MENTAT	1
141 # include	<sys/cmn_err.h>
142 # include	<sys/isa_defs.h>
143 # include	<sys/stream.h>
144 # include	<sys/ioccom.h>
145 # include	<sys/sysmacros.h>
146 # include	<sys/kmem.h>
147 # if SOLARIS2 >= 10
148 #  include	<sys/procset.h>
149 #  include	<sys/proc.h>
150 #  include	<sys/devops.h>
151 #  include	<sys/ddi_impldefs.h>
152 #  include	<sys/neti.h>
153 # endif
154 
155 /*
156  * inet/ip.h would end up including radix.h with _KERNEL, which is not
157  * what the tools intend, so include radix.h first.
158  */
159 #if SOLARIS2 > 10
160 # include <net/radix.h>
161 #endif
162 /*
163  * because Solaris 2 defines these in two places :-/
164  */
165 # ifndef	KERNEL
166 #  define	ADD_KERNEL
167 #  define	_KERNEL
168 #  undef	RES_INIT
169 # endif /* _KERNEL */
170 
171 # if SOLARIS2 >= 8
172 #  include <netinet/ip6.h>
173 #  include <netinet/icmp6.h>
174 # endif
175 
176 # include <inet/common.h>
177 /* These 5 are defined in <inet/ip.h> and <netinet/ip.h> */
178 # undef	IPOPT_EOL
179 # undef	IPOPT_NOP
180 # undef	IPOPT_LSRR
181 # undef	IPOPT_RR
182 # undef	IPOPT_SSRR
183 # ifdef i386
184 #  define _SYS_PROMIF_H
185 # endif
186 # ifdef ADD_KERNEL
187 #  undef _KERNEL
188 # endif
189 # include <inet/ip.h>
190 # undef COPYOUT
191 # include <inet/ip_ire.h>
192 # ifndef	KERNEL
193 #  undef	_KERNEL
194 # endif
195 # if SOLARIS2 >= 8
196 #  define SNPRINTF	snprintf
197 
198 #  include <inet/ip_if.h>
199 #  define	ipif_local_addr	ipif_lcl_addr
200 /* Only defined in private include file */
201 #  ifndef	V4_PART_OF_V6
202 #   define	V4_PART_OF_V6(v6)	v6.s6_addr32[3]
203 #  endif
204 struct ip6_ext {
205 	u_char	ip6e_nxt;
206 	u_char	ip6e_len;
207 };
208 # endif /* SOLARIS2 >= 8 */
209 
210 # ifdef FW_HOOKS
211 
212 #  define	SOLARIS_PFHOOKS	1
213 
214 typedef	struct	qpktinfo	{
215 	/* data that changes per-packet */
216 	void		*qpi_ill;	/* COPIED */
217 	mblk_t		*qpi_m;
218 	void		*qpi_data;	/* where layer 3 header starts */
219 	size_t		qpi_off;
220 	int		qpi_flags;	/* Uses FI_* flags */
221 } qpktinfo_t;
222 
223 extern void mb_copydata __P((mblk_t *, size_t , size_t, char *));
224 extern void mb_copyback __P((mblk_t *, size_t , size_t, char *));
225 # endif
226 
227 # if SOLARIS2 >= 6
228 #  include <sys/atomic.h>
229 typedef	uint32_t	u_32_t;
230 # else
231 typedef unsigned int	u_32_t;
232 # endif
233 # define	U_32_T	1
234 
235 # ifdef _KERNEL
236 #  define	KRWLOCK_T		krwlock_t
237 #  define	KMUTEX_T		kmutex_t
238 #  if SOLARIS2 >= 6
239 #   if SOLARIS2 == 6
240 #    define	ATOMIC_INCL(x)		atomic_add_long((uint32_t*)&(x), 1)
241 #    define	ATOMIC_DECL(x)		atomic_add_long((uint32_t*)&(x), -1)
242 #   else
243 #    define	ATOMIC_INCL(x)		atomic_add_long(&(x), 1)
244 #    define	ATOMIC_DECL(x)		atomic_add_long(&(x), -1)
245 #   endif /* SOLARIS2 == 6 */
246 #   define	ATOMIC_INC64(x)		atomic_add_64((uint64_t*)&(x), 1)
247 #   define	ATOMIC_INC32(x)		atomic_add_32((uint32_t*)&(x), 1)
248 #   define	ATOMIC_INC16(x)		atomic_add_16((uint16_t*)&(x), 1)
249 #   define	ATOMIC_DEC64(x)		atomic_add_64((uint64_t*)&(x), -1)
250 #   define	ATOMIC_DEC32(x)		atomic_add_32((uint32_t*)&(x), -1)
251 #   define	ATOMIC_DEC16(x)		atomic_add_16((uint16_t*)&(x), -1)
252 #  else
253 #   define	ATOMIC_INC(x)		{ mutex_enter(&ipf_rw); (x)++; \
254 					  mutex_exit(&ipf_rw); }
255 #   define	ATOMIC_DEC(x)		{ mutex_enter(&ipf_rw); (x)--; \
256 					  mutex_exit(&ipf_rw); }
257 #  endif /* SOLARIS2 >= 6 */
258 #  define	USE_MUTEXES
259 #  define	MUTEX_ENTER(x)		mutex_enter(&(x)->ipf_lk)
260 #  define	READ_ENTER(x)		rw_enter(&(x)->ipf_lk, RW_READER)
261 #  define	WRITE_ENTER(x)		rw_enter(&(x)->ipf_lk, RW_WRITER)
262 #  define	MUTEX_DOWNGRADE(x)	rw_downgrade(&(x)->ipf_lk)
263 #  define	RWLOCK_INIT(x, y)	rw_init(&(x)->ipf_lk, (y),  \
264 						RW_DRIVER, NULL)
265 #  define	RWLOCK_EXIT(x)		rw_exit(&(x)->ipf_lk)
266 #  define	RW_DESTROY(x)		rw_destroy(&(x)->ipf_lk)
267 #  define	MUTEX_INIT(x, y)	mutex_init(&(x)->ipf_lk, (y), \
268 						   MUTEX_DRIVER, NULL)
269 #  define	MUTEX_DESTROY(x)	mutex_destroy(&(x)->ipf_lk)
270 #  define	MUTEX_NUKE(x)		bzero((x), sizeof(*(x)))
271 #  define	MUTEX_EXIT(x)		mutex_exit(&(x)->ipf_lk)
272 #  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
273 #  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
274 #  define	BCOPYIN(a,b,c)	(void) copyin((caddr_t)(a), (caddr_t)(b), (c))
275 #  define	BCOPYOUT(a,b,c)	(void) copyout((caddr_t)(a), (caddr_t)(b), (c))
276 #  define	UIOMOVE(a,b,c,d)	uiomove((caddr_t)a,b,c,d)
277 #  define	KFREE(x)	kmem_free((char *)(x), sizeof(*(x)))
278 #  define	KFREES(x,s)	kmem_free((char *)(x), (s))
279 #  define	SPL_NET(x)	;
280 #  define	SPL_IMP(x)	;
281 #  undef	SPL_X
282 #  define	SPL_X(x)	;
283 #  ifdef sparc
284 #   define	ntohs(x)	(x)
285 #   define	ntohl(x)	(x)
286 #   define	htons(x)	(x)
287 #   define	htonl(x)	(x)
288 #  endif /* sparc */
289 #  define	KMALLOC(a,b)	(a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
290 #  define	KMALLOCS(a,b,c)	(a) = (b)kmem_alloc((c), KM_NOSLEEP)
291 #  define	GET_MINOR(x)	getminor(x)
292 /*extern	phy_if_t	get_unit __P((char *, int, ipf_stack_t *));*/
293 #  define	GETIFP(n, v, ifs)	(void *)get_unit(n, v, ifs)
294 #  define	IFNAME(x)	((ill_t *)x)->ill_name
295 #  define	COPYIFNAME(x, b, v)	(void) net_getifname(((v) == 4) ? \
296 					ifs->ifs_ipf_ipv4 : ifs->ifs_ipf_ipv6,\
297 					(phy_if_t)(x), (b), sizeof(b))
298 #  define	GETKTIME(x)	uniqtime((struct timeval *)x)
299 #  define	MSGDSIZE(x)	msgdsize(x)
300 #  define	M_LEN(x)	((x)->b_wptr - (x)->b_rptr)
301 #  define	M_DUPLICATE(x)	dupmsg((x))
302 #  define	MTOD(m,t)	((t)((m)->b_rptr))
303 #  define	MTYPE(m)	((m)->b_datap->db_type)
304 #  define	FREE_MB_T(m)	freemsg(m)
305 #  define	m_next		b_cont
306 #  define	CACHE_HASH(x)	(((phy_if_t)(x)->fin_ifp) & 7)
307 #  define	IPF_PANIC(x,y)	if (x) { printf y; cmn_err(CE_PANIC, "ipf_panic"); }
308 typedef mblk_t mb_t;
309 # endif /* _KERNEL */
310 
311 # if (SOLARIS2 >= 7)
312 #  ifdef lint
313 #   define ALIGN32(ptr)    (ptr ? 0L : 0L)
314 #   define ALIGN16(ptr)    (ptr ? 0L : 0L)
315 #  else
316 #   define ALIGN32(ptr)    (ptr)
317 #   define ALIGN16(ptr)    (ptr)
318 #  endif
319 # endif
320 
321 # if SOLARIS2 < 6
322 typedef	struct uio	uio_t;
323 # endif
324 typedef	int		ioctlcmd_t;
325 typedef	uint8_t		u_int8_t;
326 
327 # define OS_RECOGNISED 1
328 
329 #endif /* SOLARIS */
330 
331 /* ----------------------------------------------------------------------- */
332 /*                                  H P U X                                */
333 /* ----------------------------------------------------------------------- */
334 #ifdef __hpux
335 # define	MENTAT	1
336 # include	<sys/sysmacros.h>
337 # include	<sys/spinlock.h>
338 # include	<sys/lock.h>
339 # include	<sys/stream.h>
340 # ifdef USE_INET6
341 #  include	<netinet/if_ether.h>
342 #  include	<netinet/ip6.h>
343 #  include	<netinet/icmp6.h>
344 typedef	struct	ip6_hdr	ip6_t;
345 # endif
346 
347 # ifdef _KERNEL
348 #  define SNPRINTF	sprintf
349 #  if (HPUXREV >= 1111)
350 #   define	IPL_SELECT
351 #   ifdef	IPL_SELECT
352 #    include	<machine/sys/user.h>
353 #    include	<sys/kthread_iface.h>
354 #    define	READ_COLLISION	0x01
355 
356 typedef	struct	iplog_select_s {
357 	kthread_t	*read_waiter;
358 	int		state;
359 } iplog_select_t;
360 #   endif
361 #  endif
362 
363 #  define	GETKTIME(x)	uniqtime((struct timeval *)x)
364 
365 #  if HPUXREV == 1111
366 #   include	"kern_svcs.h"
367 #  else
368 #   include	<sys/kern_svcs.h>
369 #  endif
370 #  undef	ti_flags
371 #  undef	TCP_NODELAY
372 #  undef	TCP_MAXSEG
373 #  include <sys/reg.h>
374 #  include "../netinet/ip_info.h"
375 /*
376  * According to /usr/include/sys/spinlock.h on HP-UX 11.00, these functions
377  * are available.  Attempting to use them actually results in unresolved
378  * symbols when it comes time to load the module.
379  * This has been fixed!  Yipee!
380  */
381 #  if 1
382 #   ifdef __LP64__
383 #    define	ATOMIC_INCL(x)		lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
384 #    define	ATOMIC_DECL(x)		lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
385 #   else
386 #    define	ATOMIC_INCL(x)		lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
387 #    define	ATOMIC_DECL(x)		lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
388 #   endif
389 #   define	ATOMIC_INC64(x)		lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
390 #   define	ATOMIC_INC32(x)		lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
391 #   define	ATOMIC_INC16(x)		lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), 1)
392 #   define	ATOMIC_DEC64(x)		lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
393 #   define	ATOMIC_DEC32(x)		lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
394 #   define	ATOMIC_DEC16(x)		lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), -1)
395 #  else /* 0 */
396 #   define	ATOMIC_INC64(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
397 					  MUTEX_EXIT(&ipf_rw); }
398 #   define	ATOMIC_DEC64(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
399 					  MUTEX_EXIT(&ipf_rw); }
400 #   define	ATOMIC_INC32(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
401 					  MUTEX_EXIT(&ipf_rw); }
402 #   define	ATOMIC_DEC32(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
403 					  MUTEX_EXIT(&ipf_rw); }
404 #   define	ATOMIC_INCL(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
405 					  MUTEX_EXIT(&ipf_rw); }
406 #   define	ATOMIC_DECL(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
407 					  MUTEX_EXIT(&ipf_rw); }
408 #   define	ATOMIC_INC(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
409 					  MUTEX_EXIT(&ipf_rw); }
410 #   define	ATOMIC_DEC(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
411 					  MUTEX_EXIT(&ipf_rw); }
412 #  endif
413 #  define	ip_cksum		ip_csuma
414 #  define	memcpy(a,b,c)		bcopy((caddr_t)b, (caddr_t)a, c)
415 #  define	USE_MUTEXES
416 #  define	MUTEX_INIT(x, y)	initlock(&(x)->ipf_lk, 0, 0, (y))
417 #  define	MUTEX_ENTER(x)		spinlock(&(x)->ipf_lk)
418 #  define	MUTEX_EXIT(x)		spinunlock(&(x)->ipf_lk);
419 #  define	MUTEX_DESTROY(x)
420 #  define	MUTEX_NUKE(x)		bzero((char *)(x), sizeof(*(x)))
421 #  define	KMUTEX_T		lock_t
422 #  define	kmutex_t		lock_t		/* for pfil.h */
423 #  define	krwlock_t		lock_t		/* for pfil.h */
424 /*
425  * The read-write lock implementation in HP-UX 11.0 is crippled - it can
426  * only be used by threads working in a user context!
427  * This has been fixed!  Yipee! (Or at least it does in 11.00, not 11.11..)
428  */
429 #  if HPUXREV < 1111
430 #   define	MUTEX_DOWNGRADE(x)	lock_write_to_read(x)
431 #   define	KRWLOCK_T		struct rw_lock
432 #   define	READ_ENTER(x)		lock_read(&(x)->ipf_lk)
433 #   define	WRITE_ENTER(x)		lock_write(&(x)->ipf_lk)
434 #   if HPUXREV >= 1111
435 #    define	RWLOCK_INIT(x, y)	rwlock_init4(&(x)->ipf_lk, 0, RWLCK_CANSLEEP, 0, y)
436 #   else
437 #    define	RWLOCK_INIT(x, y)	lock_init3(&(x)->ipf_lk, 0, 1, 0, 0, y)
438 #   endif
439 #   define	RWLOCK_EXIT(x)		lock_done(&(x)->ipf_lk)
440 #  else
441 #   define	KRWLOCK_T		lock_t
442 #   define	KMUTEX_T		lock_t
443 #   define	READ_ENTER(x)		MUTEX_ENTER(x)
444 #   define	WRITE_ENTER(x)		MUTEX_ENTER(x)
445 #   define	MUTEX_DOWNGRADE(x)
446 #   define	RWLOCK_INIT(x, y)	initlock(&(x)->ipf_lk, 0, 0, y)
447 #   define	RWLOCK_EXIT(x)		MUTEX_EXIT(x)
448 #  endif
449 #  define	RW_DESTROY(x)
450 #  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
451 #  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
452 #  if HPUXREV >= 1111
453 #   define	BCOPYIN(a,b,c)	0; bcopy((caddr_t)(a), (caddr_t)(b), (c))
454 #   define	BCOPYOUT(a,b,c)	0; bcopy((caddr_t)(a), (caddr_t)(b), (c))
455 #  else
456 #   define	BCOPYIN(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
457 #   define	BCOPYOUT(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
458 #  endif
459 #  define	SPL_NET(x)	;
460 #  define	SPL_IMP(x)	;
461 #  undef	SPL_X
462 #  define	SPL_X(x)	;
463 /*extern	void	*get_unit __P((char *, int, ipf_stack_t *));*/
464 #  define	GETIFP(n, v, ifs)	get_unit(n, v, ifs)
465 #  define	IFNAME(x, b)	((ill_t *)x)->ill_name
466 #  define	COPYIFNAME(x, b, v) \
467 				strncpy(b, ((ifinfo_t *)x)->ifi_name, \
468 					LIFNAMSIZ)
469 #  define	UIOMOVE(a,b,c,d)	uiomove((caddr_t)a,b,c,d)
470 #  define	SLEEP(id, n)	{ lock_t *_l = get_sleep_lock((caddr_t)id); \
471 				  sleep(id, PZERO+1); \
472 				  spinunlock(_l); \
473 				}
474 #  define	WAKEUP(id,x)	{ lock_t *_l = get_sleep_lock((caddr_t)id); \
475 				  wakeup(id + x); \
476 				  spinunlock(_l); \
477 				}
478 #  define	KMALLOC(a, b)	MALLOC((a), b, sizeof(*(a)), M_IOSYS, M_NOWAIT)
479 #  define	KMALLOCS(a, b, c)	MALLOC((a), b, (c), M_IOSYS, M_NOWAIT)
480 #  define	KFREE(x)	kmem_free((char *)(x), sizeof(*(x)))
481 #  define	KFREES(x,s)	kmem_free((char *)(x), (s))
482 #  define	MSGDSIZE(x)	msgdsize(x)
483 #  define	M_LEN(x)	((x)->b_wptr - (x)->b_rptr)
484 #  define	M_DUPLICATE(x)	dupmsg((x))
485 #  define	MTOD(m,t)	((t)((m)->b_rptr))
486 #  define	MTYPE(m)	((m)->b_datap->db_type)
487 #  define	FREE_MB_T(m)	freemsg(m)
488 #  define	m_next		b_cont
489 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
490 typedef mblk_t mb_t;
491 
492 #  define	CACHE_HASH(x)	(((phy_if_t)(x)->fin_ifp) & 7)
493 
494 #  include "qif.h"
495 #  include "pfil.h"
496 
497 # else /* _KERNEL */
498 
499 typedef	unsigned char uchar_t;
500 
501 #  ifndef	_SYS_STREAM_INCLUDED
502 typedef char * mblk_t;
503 typedef void * queue_t;
504 typedef	u_long ulong;
505 #  endif
506 #  include <netinet/ip_info.h>
507 
508 # endif /* _KERNEL */
509 
510 # ifdef lint
511 #  define ALIGN32(ptr)    (ptr ? 0L : 0L)
512 #  define ALIGN16(ptr)    (ptr ? 0L : 0L)
513 # else
514 #  define ALIGN32(ptr)    (ptr)
515 #  define ALIGN16(ptr)    (ptr)
516 # endif
517 
518 typedef	struct uio	uio_t;
519 typedef	int		ioctlcmd_t;
520 typedef	int		minor_t;
521 typedef unsigned int	u_32_t;
522 # define	U_32_T	1
523 
524 # define OS_RECOGNISED 1
525 
526 #endif /* __hpux */
527 
528 /* ----------------------------------------------------------------------- */
529 /*                                  I R I X                                */
530 /* ----------------------------------------------------------------------- */
531 #ifdef __sgi
532 # undef		MENTAT
533 # if IRIX < 60500
534 typedef	struct uio	uio_t;
535 # endif
536 typedef	int		ioctlcmd_t;
537 typedef u_int32_t       u_32_t;
538 # define	U_32_T	1
539 
540 # ifdef INET6
541 #  define USE_INET6
542 # endif
543 
544 # define  hz HZ
545 # include <sys/ksynch.h>
546 # define	IPF_LOCK_PL	plhi
547 # include <sys/sema.h>
548 # undef kmutex_t
549 typedef struct {
550 	lock_t *l;
551 	int pl;
552 } kmutex_t;
553 
554 # ifdef MUTEX_INIT
555 #  define	KMUTEX_T		mutex_t
556 # else
557 #  define	KMUTEX_T		kmutex_t
558 #  define	KRWLOCK_T		kmutex_t
559 # endif
560 
561 # ifdef _KERNEL
562 #  define	NEED_LOCAL_RAND	1
563 #  define	ipf_random		arc4random
564 #  define	ATOMIC_INC(x)		{ MUTEX_ENTER(&ipf_rw); \
565 					  (x)++; MUTEX_EXIT(&ipf_rw); }
566 #  define	ATOMIC_DEC(x)		{ MUTEX_ENTER(&ipf_rw); \
567 					  (x)--; MUTEX_EXIT(&ipf_rw); }
568 #  define	USE_MUTEXES
569 #  ifdef MUTEX_INIT
570 #   include <sys/atomic_ops.h>
571 #   define	ATOMIC_INCL(x)		atomicAddUlong(&(x), 1)
572 #   define	ATOMIC_INC64(x)		atomicAddUint64(&(x), 1)
573 #   define	ATOMIC_INC32(x)		atomicAddUint(&(x), 1)
574 #   define	ATOMIC_INC16		ATOMIC_INC
575 #   define	ATOMIC_DECL(x)		atomicAddUlong(&(x), -1)
576 #   define	ATOMIC_DEC64(x)		atomicAddUint64(&(x), -1)
577 #   define	ATOMIC_DEC32(x)		atomicAddUint(&(x), -1)
578 #   define	ATOMIC_DEC16		ATOMIC_DEC
579 #   undef	MUTEX_INIT
580 #   define	MUTEX_INIT(x, y)	mutex_init(&(x)->ipf_lk,  \
581 						   MUTEX_DEFAULT, y)
582 #   undef	MUTEX_ENTER
583 #   define	MUTEX_ENTER(x)		mutex_lock(&(x)->ipf_lk, 0)
584 #   undef	MUTEX_EXIT
585 #   define	MUTEX_EXIT(x)		mutex_unlock(&(x)->ipf_lk)
586 #   undef	MUTEX_DESTROY
587 #   define	MUTEX_DESTROY(x)	mutex_destroy(&(x)->ipf_lk)
588 #   define	MUTEX_DOWNGRADE(x)	mrdemote(&(x)->ipf_lk)
589 #   define	KRWLOCK_T		mrlock_t
590 #   define	RWLOCK_INIT(x, y)	mrinit(&(x)->ipf_lk, y)
591 #   undef	RW_DESTROY
592 #   define	RW_DESTROY(x)		mrfree(&(x)->ipf_lk)
593 #   define	READ_ENTER(x)		RW_RDLOCK(&(x)->ipf_lk)
594 #   define	WRITE_ENTER(x)		RW_WRLOCK(&(x)->ipf_lk)
595 #   define	RWLOCK_EXIT(x)		RW_UNLOCK(&(x)->ipf_lk)
596 #  else
597 #   define	READ_ENTER(x)		MUTEX_ENTER(&(x)->ipf_lk)
598 #   define	WRITE_ENTER(x)		MUTEX_ENTER(&(x)->ipf_lk)
599 #   define	MUTEX_DOWNGRADE(x)	;
600 #   define	RWLOCK_EXIT(x)		MUTEX_EXIT(&(x)->ipf_lk)
601 #   define	MUTEX_EXIT(x)		UNLOCK((x)->ipf_lk.l, (x)->ipf_lk.pl);
602 #   define	MUTEX_INIT(x,y)		(x)->ipf_lk.l = LOCK_ALLOC((uchar_t)-1, IPF_LOCK_PL, (lkinfo_t *)-1, KM_NOSLEEP)
603 #   define	MUTEX_DESTROY(x)	LOCK_DEALLOC((x)->ipf_lk.l)
604 #   define	MUTEX_ENTER(x)		(x)->ipf_lk.pl = LOCK((x)->ipf_lk.l, \
605 							      IPF_LOCK_PL);
606 #  endif
607 #  define	MUTEX_NUKE(x)		bzero((x), sizeof(*(x)))
608 #  define	FREE_MB_T(m)	m_freem(m)
609 #  define	MTOD(m,t)	mtod(m,t)
610 #  define	COPYIN(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
611 #  define	COPYOUT(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
612 #  define	BCOPYIN(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
613 #  define	BCOPYOUT(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
614 #  define	UIOMOVE(a,b,c,d)	uiomove((caddr_t)a,b,c,d)
615 #  define	SLEEP(id, n)	sleep((id), PZERO+1)
616 #  define	WAKEUP(id,x)	wakeup(id+x)
617 #  define	KFREE(x)	kmem_free((char *)(x), sizeof(*(x)))
618 #  define	KFREES(x,s)	kmem_free((char *)(x), (s))
619 #  define	GETIFP(n,v, ifs)	ifunit(n)
620 #  include <sys/kmem.h>
621 #  include <sys/ddi.h>
622 #  define	KMALLOC(a,b)	(a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
623 #  define	KMALLOCS(a,b,c)	(a) = (b)kmem_alloc((c), KM_NOSLEEP)
624 #  define	GET_MINOR(x)	getminor(x)
625 #  define	USE_SPL		1
626 #  define	SPL_IMP(x)	(x) = splimp()
627 #  define	SPL_NET(x)	(x) = splnet()
628 #  define	SPL_X(x)	(void) splx(x)
629 extern	void	m_copydata __P((struct mbuf *, int, int, caddr_t));
630 extern	void	m_copyback __P((struct mbuf *, int, int, caddr_t));
631 #  define	MSGDSIZE(x)	mbufchainlen(x)
632 #  define	M_LEN(x)	(x)->m_len
633 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
634 #  define	GETKTIME(x)	microtime((struct timeval *)x)
635 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
636 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
637 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
638 typedef struct mbuf mb_t;
639 # else
640 #  undef RW_DESTROY
641 #  undef MUTEX_INIT
642 #  undef MUTEX_DESTROY
643 # endif /* _KERNEL */
644 
645 # define OS_RECOGNISED 1
646 
647 #endif /* __sgi */
648 
649 /* ----------------------------------------------------------------------- */
650 /*                                  T R U 6 4                              */
651 /* ----------------------------------------------------------------------- */
652 #ifdef __osf__
653 # undef		MENTAT
654 
655 # include <kern/lock.h>
656 # include <sys/sysmacros.h>
657 
658 # ifdef _KERNEL
659 #  define	NEED_LOCAL_RAND		1
660 #  define	ipf_random		arc4random
661 #  define	KMUTEX_T		simple_lock_data_t
662 #  define	KRWLOCK_T		lock_data_t
663 #  include <net/net_globals.h>
664 #  define	USE_MUTEXES
665 #  define	READ_ENTER(x)		lock_read(&(x)->ipf_lk)
666 #  define	WRITE_ENTER(x)		lock_write(&(x)->ipf_lk)
667 #  define	MUTEX_DOWNGRADE(x)	lock_write_to_read(&(x)->ipf_lk)
668 #  define	RWLOCK_INIT(x, y)	lock_init(&(x)->ipf_lk, TRUE)
669 #  define	RWLOCK_EXIT(x)		lock_done(&(x)->ipf_lk)
670 #  define	RW_DESTROY(x)		lock_terminate(&(x)->ipf_lk)
671 #  define	MUTEX_ENTER(x)		simple_lock(&(x)->ipf_lk)
672 #  define	MUTEX_INIT(x, y)	simple_lock_init(&(x)->ipf_lk)
673 #  define	MUTEX_DESTROY(x)	simple_lock_terminate(&(x)->ipf_lk)
674 #  define	MUTEX_EXIT(x)		simple_unlock(&(x)->ipf_lk)
675 #  define	MUTEX_NUKE(x)		bzero(x, sizeof(*(x)))
676 #  define	ATOMIC_INC64(x)		atomic_incq((uint64_t*)&(x))
677 #  define	ATOMIC_DEC64(x)		atomic_decq((uint64_t*)&(x))
678 #  define	ATOMIC_INC32(x)		atomic_incl((uint32_t*)&(x))
679 #  define	ATOMIC_DEC32(x)		atomic_decl((uint32_t*)&(x))
680 #  define	ATOMIC_INC16(x)		{ simple_lock(&ipf_rw); (x)++; \
681 					  simple_unlock(&ipf_rw); }
682 #  define	ATOMIC_DEC16(x)		{ simple_lock(&ipf_rw); (x)--; \
683 					  simple_unlock(&ipf_rw); }
684 #  define	ATOMIC_INCL(x)		atomic_incl((uint32_t*)&(x))
685 #  define	ATOMIC_DECL(x)		atomic_decl((uint32_t*)&(x))
686 #  define	ATOMIC_INC(x)		{ simple_lock(&ipf_rw); (x)++; \
687 					  simple_unlock(&ipf_rw); }
688 #  define	ATOMIC_DEC(x)		{ simple_lock(&ipf_rw); (x)--; \
689 					  simple_unlock(&ipf_rw); }
690 #  define	SPL_NET(x)		;
691 #  define	SPL_IMP(x)		;
692 #  undef	SPL_X
693 #  define	SPL_X(x)		;
694 #  define	UIOMOVE(a,b,c,d)	uiomove((caddr_t)a, b, d)
695 #  define	FREE_MB_T(m)		m_freem(m)
696 #  define	MTOD(m,t)		mtod(m,t)
697 #  define	GETIFP(n, v, ifs)	ifunit(n)
698 #  define	GET_MINOR		getminor
699 #  define	WAKEUP(id,x)		wakeup(id + x)
700 #  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
701 #  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
702 #  define	BCOPYIN(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
703 #  define	BCOPYOUT(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
704 #  define	KMALLOC(a, b)	MALLOC((a), b, sizeof(*(a)), M_PFILT, M_NOWAIT)
705 #  define	KMALLOCS(a, b, c)	MALLOC((a), b, (c), M_PFILT, \
706 					    ((c) > 4096) ? M_WAITOK : M_NOWAIT)
707 #  define	KFREE(x)	FREE((x), M_PFILT)
708 #  define	KFREES(x,s)	FREE((x), M_PFILT)
709 #  define	MSGDSIZE(x)	mbufchainlen(x)
710 #  define	M_LEN(x)	(x)->m_len
711 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
712 #  define	GETKTIME(x)	microtime((struct timeval *)x)
713 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
714 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
715 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
716 typedef struct mbuf mb_t;
717 # endif /* _KERNEL */
718 
719 # if (defined(_KERNEL) || defined(_NO_BITFIELDS) || (__STDC__ == 1))
720 #  define	IP_V(x)		((x)->ip_vhl >> 4)
721 #  define	IP_HL(x)	((x)->ip_vhl & 0xf)
722 #  define	IP_V_A(x,y)	(x)->ip_vhl |= (((y) << 4) & 0xf0)
723 #  define	IP_HL_A(x,y)	(x)->ip_vhl |= ((y) & 0xf)
724 #  define	TCP_X2(x)	((x)->th_xoff & 0xf)
725 #  define	TCP_X2_A(x,y)	(x)->th_xoff |= ((y) & 0xf)
726 #  define	TCP_OFF(x)	((x)->th_xoff >> 4)
727 #  define	TCP_OFF_A(x,y)	(x)->th_xoff |= (((y) << 4) & 0xf0)
728 # endif
729 
730 /*
731  * These are from's Solaris' #defines for little endian.
732  */
733 #define	IP6F_MORE_FRAG		0x0100
734 #define	IP6F_RESERVED_MASK	0x0600
735 #define	IP6F_OFF_MASK		0xf8ff
736 
737 struct ip6_ext {
738 	u_char	ip6e_nxt;
739 	u_char	ip6e_len;
740 };
741 
742 typedef	int		ioctlcmd_t;
743 /*
744  * Really, any arch where sizeof(long) != sizeof(int).
745  */
746 typedef unsigned int    u_32_t;
747 # define	U_32_T	1
748 
749 # define OS_RECOGNISED 1
750 #endif /* __osf__ */
751 
752 /* ----------------------------------------------------------------------- */
753 /*                                  N E T B S D                            */
754 /* ----------------------------------------------------------------------- */
755 #ifdef __NetBSD__
756 # if defined(_KERNEL) && !defined(IPFILTER_LKM)
757 #  include "bpfilter.h"
758 #  if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000)
759 #   include "opt_inet.h"
760 #  endif
761 #  ifdef INET6
762 #   define USE_INET6
763 #  endif
764 #  if (__NetBSD_Version__ >= 105000000)
765 #   define HAVE_M_PULLDOWN 1
766 #  endif
767 # endif
768 
769 # ifdef _KERNEL
770 #  define	MSGDSIZE(x)	mbufchainlen(x)
771 #  define	M_LEN(x)	(x)->m_len
772 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
773 #  define	GETKTIME(x)	microtime((struct timeval *)x)
774 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
775 #  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
776 #  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
777 #  define	BCOPYIN(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
778 #  define	BCOPYOUT(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
779 typedef struct mbuf mb_t;
780 # endif /* _KERNEL */
781 # if (NetBSD <= 1991011) && (NetBSD >= 199606)
782 #  define	IFNAME(x)	((struct ifnet *)x)->if_xname
783 #  define	COPYIFNAME(x, b, v) \
784 				(void) strncpy(b, \
785 					       ((struct ifnet *)x)->if_xname, \
786 					       LIFNAMSIZ)
787 #  define	CACHE_HASH(x)	((((struct ifnet *)fin->fin_ifp)->if_index)&7)
788 # else
789 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
790 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
791 # endif
792 
793 typedef	struct uio	uio_t;
794 typedef	u_long		ioctlcmd_t;
795 typedef	int		minor_t;
796 typedef	u_int32_t	u_32_t;
797 # define	U_32_T	1
798 
799 # define OS_RECOGNISED 1
800 #endif /* __NetBSD__ */
801 
802 
803 /* ----------------------------------------------------------------------- */
804 /*                                F R E E B S D                            */
805 /* ----------------------------------------------------------------------- */
806 #ifdef __FreeBSD__
807 # if defined(_KERNEL)
808 #  if (__FreeBSD_version >= 500000)
809 #   include "opt_bpf.h"
810 #  else
811 #   include "bpf.h"
812 #  endif
813 #  if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000)
814 #   include "opt_inet6.h"
815 #  endif
816 #  if defined(INET6) && !defined(USE_INET6)
817 #   define USE_INET6
818 #  endif
819 # endif
820 
821 # if defined(_KERNEL)
822 #  if (__FreeBSD_version >= 400000)
823 /*
824  * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy.
825  * There may be other, safe, kernels but this is not extensively tested yet.
826  */
827 #   define HAVE_M_PULLDOWN
828 #  endif
829 #  if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000)
830 #   include "opt_ipfilter.h"
831 #  endif
832 #  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
833 #  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
834 #  define	BCOPYIN(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
835 #  define	BCOPYOUT(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
836 
837 #  if (__FreeBSD_version >= 500043)
838 #   define NETBSD_PF
839 #  endif
840 # endif /* _KERNEL */
841 
842 # if (__FreeBSD_version >= 500043)
843 #  include <sys/mutex.h>
844 #  include <sys/sx.h>
845 /*
846  * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
847  * for what we want to use them for, despite testing showing they work -
848  * with a WITNESS kernel, it generates LOR messages.
849  */
850 #  define	KMUTEX_T		struct mtx
851 #  if 1
852 #   define	KRWLOCK_T		struct mtx
853 #  else
854 #   define	KRWLOCK_T		struct sx
855 #  endif
856 # endif
857 
858 # if (__FreeBSD_version >= 501113)
859 #  include <net/if_var.h>
860 #  define	IFNAME(x)	((struct ifnet *)x)->if_xname
861 #  define	COPYIFNAME(x, b) \
862 				(void) strncpy(b, \
863 					       ((struct ifnet *)x)->if_xname, \
864 					       LIFNAMSIZ)
865 # endif
866 # if (__FreeBSD_version >= 500043)
867 #  define	CACHE_HASH(x)	((((struct ifnet *)fin->fin_ifp)->if_index) & 7)
868 # else
869 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
870 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
871 # endif
872 
873 # ifdef _KERNEL
874 #  define	GETKTIME(x)	microtime((struct timeval *)x)
875 
876 #  if (__FreeBSD_version >= 500002)
877 #   include <netinet/in_systm.h>
878 #   include <netinet/ip.h>
879 #   include <machine/in_cksum.h>
880 #  endif
881 
882 #  if (__FreeBSD_version >= 500043)
883 #   define	USE_MUTEXES
884 #   define	MUTEX_ENTER(x)		mtx_lock(&(x)->ipf_lk)
885 #   define	MUTEX_EXIT(x)		mtx_unlock(&(x)->ipf_lk)
886 #   define	MUTEX_INIT(x,y)		mtx_init(&(x)->ipf_lk, (y), NULL,\
887 						 MTX_DEF)
888 #   define	MUTEX_DESTROY(x)	mtx_destroy(&(x)->ipf_lk)
889 #   define	MUTEX_NUKE(x)		bzero((x), sizeof(*(x)))
890 /*
891  * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
892  * for what we want to use them for, despite testing showing they work -
893  * with a WITNESS kernel, it generates LOR messages.
894  */
895 #   if 1
896 #    define	READ_ENTER(x)		mtx_lock(&(x)->ipf_lk)
897 #    define	WRITE_ENTER(x)		mtx_lock(&(x)->ipf_lk)
898 #    define	RWLOCK_EXIT(x)		mtx_unlock(&(x)->ipf_lk)
899 #    define	MUTEX_DOWNGRADE(x)	;
900 #    define	RWLOCK_INIT(x,y)	mtx_init(&(x)->ipf_lk, (y), NULL,\
901 						 MTX_DEF)
902 #    define	RW_DESTROY(x)		mtx_destroy(&(x)->ipf_lk)
903 #   else
904 #    define	READ_ENTER(x)		sx_slock(&(x)->ipf_lk)
905 #    define	WRITE_ENTER(x)		sx_xlock(&(x)->ipf_lk)
906 #    define	MUTEX_DOWNGRADE(x)	sx_downgrade(&(x)->ipf_lk)
907 #    define	RWLOCK_INIT(x, y)	sx_init(&(x)->ipf_lk, (y))
908 #    define	RW_DESTROY(x)		sx_destroy(&(x)->ipf_lk)
909 #    ifdef sx_unlock
910 #     define	RWLOCK_EXIT(x)		sx_unlock(x)
911 #    else
912 #     define	RWLOCK_EXIT(x)		do { \
913 					    if ((x)->ipf_lk.sx_cnt < 0) \
914 						sx_xunlock(&(x)->ipf_lk); \
915 					    else \
916 						sx_sunlock(&(x)->ipf_lk); \
917 					} while (0)
918 #    endif
919 #   endif
920 #   include <machine/atomic.h>
921 #   define	ATOMIC_INC(x)		{ mtx_lock(&ipf_rw.ipf_lk); (x)++; \
922 					  mtx_unlock(&ipf_rw.ipf_lk); }
923 #   define	ATOMIC_DEC(x)		{ mtx_lock(&ipf_rw.ipf_lk); (x)--; \
924 					  mtx_unlock(&ipf_rw.ipf_lk); }
925 #   define	ATOMIC_INCL(x)		atomic_add_long(&(x), 1)
926 #   define	ATOMIC_INC64(x)		ATOMIC_INC(x)
927 #   define	ATOMIC_INC32(x)		atomic_add_32(&(x), 1)
928 #   define	ATOMIC_INC16(x)		atomic_add_16(&(x), 1)
929 #   define	ATOMIC_DECL(x)		atomic_add_long(&(x), -1)
930 #   define	ATOMIC_DEC64(x)		ATOMIC_DEC(x)
931 #   define	ATOMIC_DEC32(x)		atomic_add_32(&(x), -1)
932 #   define	ATOMIC_DEC16(x)		atomic_add_16(&(x), -1)
933 #   define	SPL_X(x)	;
934 #   define	SPL_NET(x)	;
935 #   define	SPL_IMP(x)	;
936 extern	int	in_cksum __P((struct mbuf *, int));
937 #  endif /* __FreeBSD_version >= 500043 */
938 #  define	MSGDSIZE(x)	mbufchainlen(x)
939 #  define	M_LEN(x)	(x)->m_len
940 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
941 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
942 typedef struct mbuf mb_t;
943 # endif /* _KERNEL */
944 
945 # if __FreeBSD__ < 3
946 #  include <machine/spl.h>
947 # else
948 #  if __FreeBSD__ == 3
949 #   if defined(IPFILTER_LKM) && !defined(ACTUALLY_LKM_NOT_KERNEL)
950 #    define	ACTUALLY_LKM_NOT_KERNEL
951 #   endif
952 #  endif
953 # endif
954 
955 # if (__FreeBSD_version >= 300000)
956 typedef	u_long		ioctlcmd_t;
957 # else
958 typedef	int		ioctlcmd_t;
959 # endif
960 typedef	struct uio	uio_t;
961 typedef	int		minor_t;
962 typedef	u_int32_t	u_32_t;
963 # define	U_32_T	1
964 
965 # define OS_RECOGNISED 1
966 #endif /* __FreeBSD__ */
967 
968 
969 /* ----------------------------------------------------------------------- */
970 /*                                O P E N B S D                            */
971 /* ----------------------------------------------------------------------- */
972 #ifdef __OpenBSD__
973 # ifdef INET6
974 #  define USE_INET6
975 # endif
976 
977 # ifdef _KERNEL
978 #  if !defined(IPFILTER_LKM)
979 #   include "bpfilter.h"
980 #  endif
981 #  if (OpenBSD >= 200311)
982 #   define SNPRINTF	snprintf
983 #   if defined(USE_INET6)
984 #    include "netinet6/in6_var.h"
985 #    include "netinet6/nd6.h"
986 #   endif
987 #  endif
988 #  if (OpenBSD >= 200012)
989 #   define HAVE_M_PULLDOWN 1
990 #  endif
991 #  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
992 #  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
993 #  define	BCOPYIN(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
994 #  define	BCOPYOUT(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
995 #  define	GETKTIME(x)	microtime((struct timeval *)x)
996 #  define	MSGDSIZE(x)	mbufchainlen(x)
997 #  define	M_LEN(x)	(x)->m_len
998 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
999 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
1000 typedef struct mbuf mb_t;
1001 # endif /* _KERNEL */
1002 # if (OpenBSD >= 199603)
1003 #  define	IFNAME(x, b)	((struct ifnet *)x)->if_xname
1004 #  define	COPYIFNAME(x, b, v) \
1005 				(void) strncpy(b, \
1006 					       ((struct ifnet *)x)->if_xname, \
1007 					       LIFNAMSIZ)
1008 #  define	CACHE_HASH(x)	((((struct ifnet *)fin->fin_ifp)->if_index)&7)
1009 # else
1010 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
1011 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1012 # endif
1013 
1014 typedef	struct uio	uio_t;
1015 typedef	u_long		ioctlcmd_t;
1016 typedef	int		minor_t;
1017 typedef	u_int32_t	u_32_t;
1018 # define	U_32_T	1
1019 
1020 # define OS_RECOGNISED 1
1021 #endif /* __OpenBSD__ */
1022 
1023 
1024 /* ----------------------------------------------------------------------- */
1025 /*                                B S D O S                                */
1026 /* ----------------------------------------------------------------------- */
1027 #ifdef _BSDI_VERSION
1028 # ifdef INET6
1029 #  define USE_INET6
1030 # endif
1031 
1032 # ifdef _KERNEL
1033 #  define	GETKTIME(x)	microtime((struct timeval *)x)
1034 #  define	MSGDSIZE(x)	mbufchainlen(x)
1035 #  define	M_LEN(x)	(x)->m_len
1036 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
1037 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
1038 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1039 typedef struct mbuf mb_t;
1040 # endif /* _KERNEL */
1041 
1042 # if (_BSDI_VERSION >= 199701)
1043 typedef	u_long		ioctlcmd_t;
1044 # else
1045 typedef	int		ioctlcmd_t;
1046 # endif
1047 typedef	u_int32_t	u_32_t;
1048 # define	U_32_T	1
1049 
1050 #endif /* _BSDI_VERSION */
1051 
1052 
1053 /* ----------------------------------------------------------------------- */
1054 /*                                  S U N O S 4                            */
1055 /* ----------------------------------------------------------------------- */
1056 #if defined(sun) && !defined(OS_RECOGNISED) /* SunOS4 */
1057 # ifdef _KERNEL
1058 #  include	<sys/kmem_alloc.h>
1059 #  define	GETKTIME(x)	uniqtime((struct timeval *)x)
1060 #  define	MSGDSIZE(x)	mbufchainlen(x)
1061 #  define	M_LEN(x)	(x)->m_len
1062 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
1063 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
1064 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1065 #  define	GETIFP(n, v, ifs)	ifunit(n, IFNAMSIZ)
1066 #  define	KFREE(x)	kmem_free((char *)(x), sizeof(*(x)))
1067 #  define	KFREES(x,s)	kmem_free((char *)(x), (s))
1068 #  define	SLEEP(id, n)	sleep((id), PZERO+1)
1069 #  define	WAKEUP(id,x)	wakeup(id + x)
1070 #  define	UIOMOVE(a,b,c,d)	uiomove((caddr_t)a,b,c,d)
1071 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
1072 
1073 extern	void	m_copydata __P((struct mbuf *, int, int, caddr_t));
1074 extern	void	m_copyback __P((struct mbuf *, int, int, caddr_t));
1075 
1076 typedef struct mbuf mb_t;
1077 # endif
1078 
1079 typedef	struct uio	uio_t;
1080 typedef	int		ioctlcmd_t;
1081 typedef	int		minor_t;
1082 typedef	unsigned int	u_32_t;
1083 # define	U_32_T	1
1084 
1085 # define OS_RECOGNISED 1
1086 
1087 #endif /* SunOS 4 */
1088 
1089 /* ----------------------------------------------------------------------- */
1090 /*                            L I N U X                                    */
1091 /* ----------------------------------------------------------------------- */
1092 #if defined(linux) && !defined(OS_RECOGNISED)
1093 #include <linux/config.h>
1094 #include <linux/version.h>
1095 # if LINUX >= 20600
1096 #  define	 HDR_T_PRIVATE	1
1097 # endif
1098 # undef USE_INET6
1099 # ifdef USE_INET6
1100 struct ip6_ext {
1101 	u_char	ip6e_nxt;
1102 	u_char	ip6e_len;
1103 };
1104 # endif
1105 
1106 # ifdef _KERNEL
1107 #  define	IPF_PANIC(x,y)	if (x) { printf y; panic("ipf_panic"); }
1108 #  define	BCOPYIN(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
1109 #  define	BCOPYOUT(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
1110 #  define	COPYIN(a,b,c)	copy_from_user((caddr_t)(b), (caddr_t)(a), (c))
1111 #  define	COPYOUT(a,b,c)	copy_to_user((caddr_t)(b), (caddr_t)(a), (c))
1112 #  define	FREE_MB_T(m)	kfree_skb(m)
1113 #  define	GETKTIME(x)	do_gettimeofday((struct timeval *)x)
1114 #  define	SLEEP(x,s)	0, interruptible_sleep_on(x##_linux)
1115 #  define	WAKEUP(x,y)	wake_up(x##_linux + y)
1116 #  define	UIOMOVE(a,b,c,d)	uiomove(a,b,c,d)
1117 #  define	USE_MUTEXES
1118 #  define	KRWLOCK_T		rwlock_t
1119 #  define	KMUTEX_T		spinlock_t
1120 #  define	MUTEX_INIT(x,y)		spin_lock_init(&(x)->ipf_lk)
1121 #  define	MUTEX_ENTER(x)		spin_lock(&(x)->ipf_lk)
1122 #  define	MUTEX_EXIT(x)		spin_unlock(&(x)->ipf_lk)
1123 #  define	MUTEX_DESTROY(x)	do { } while (0)
1124 #  define	MUTEX_NUKE(x)		bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1125 #  define	READ_ENTER(x)		ipf_read_enter(x)
1126 #  define	WRITE_ENTER(x)		ipf_write_enter(x)
1127 #  define	RWLOCK_INIT(x,y)	rwlock_init(&(x)->ipf_lk)
1128 #  define	RW_DESTROY(x)		do { } while (0)
1129 #  define	RWLOCK_EXIT(x)		ipf_rw_exit(x)
1130 #  define	MUTEX_DOWNGRADE(x)	ipf_rw_downgrade(x)
1131 #  define	ATOMIC_INCL(x)		MUTEX_ENTER(&ipf_rw); (x)++; \
1132 					MUTEX_EXIT(&ipf_rw)
1133 #  define	ATOMIC_DECL(x)		MUTEX_ENTER(&ipf_rw); (x)--; \
1134 					MUTEX_EXIT(&ipf_rw)
1135 #  define	ATOMIC_INC64(x)		MUTEX_ENTER(&ipf_rw); (x)++; \
1136 					MUTEX_EXIT(&ipf_rw)
1137 #  define	ATOMIC_INC32(x)		MUTEX_ENTER(&ipf_rw); (x)++; \
1138 					MUTEX_EXIT(&ipf_rw)
1139 #  define	ATOMIC_INC16(x)		MUTEX_ENTER(&ipf_rw); (x)++; \
1140 					MUTEX_EXIT(&ipf_rw)
1141 #  define	ATOMIC_DEC64(x)		MUTEX_ENTER(&ipf_rw); (x)--; \
1142 					MUTEX_EXIT(&ipf_rw)
1143 #  define	ATOMIC_DEC32(x)		MUTEX_ENTER(&ipf_rw); (x)--; \
1144 					MUTEX_EXIT(&ipf_rw)
1145 #  define	ATOMIC_DEC16(x)		MUTEX_ENTER(&ipf_rw); (x)--; \
1146 					MUTEX_EXIT(&ipf_rw)
1147 #  define	SPL_IMP(x)		do { } while (0)
1148 #  define	SPL_NET(x)		do { } while (0)
1149 #  define	SPL_X(x)		do { } while (0)
1150 #  define	IFNAME(x)		((struct net_device*)x)->name
1151 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
1152 			  ((struct net_device *)fin->fin_ifp)->ifindex) & 7)
1153 typedef	struct	sk_buff	mb_t;
1154 extern	void	m_copydata __P((mb_t *, int, int, caddr_t));
1155 extern	void	m_copyback __P((mb_t *, int, int, caddr_t));
1156 extern	void	m_adj __P((mb_t *, int));
1157 extern	mb_t	*m_pullup __P((mb_t *, int));
1158 #  define	mbuf	sk_buff
1159 
1160 #  define	mtod(m, t)	((t)(m)->data)
1161 #  define	m_len		len
1162 #  define	m_next		next
1163 #  define	M_DUPLICATE(m)	skb_clone((m), in_interrupt() ? GFP_ATOMIC : \
1164 								GFP_KERNEL)
1165 #  define	MSGDSIZE(m)	(m)->len
1166 #  define	M_LEN(m)	(m)->len
1167 
1168 #  define	splnet(x)	;
1169 #  define	printf		printk
1170 #  define	bcopy(s,d,z)	memmove(d, s, z)
1171 #  define	bzero(s,z)	memset(s, 0, z)
1172 #  define	bcmp(a,b,z)	memcmp(a, b, z)
1173 
1174 #  define	ifnet		net_device
1175 #  define	if_xname	name
1176 #  define	if_unit		ifindex
1177 
1178 #  define	KMALLOC(x,t)	(x) = (t)kmalloc(sizeof(*(x)), \
1179 				    in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1180 #  define	KFREE(x)	kfree(x)
1181 #  define	KMALLOCS(x,t,s)	(x) = (t)kmalloc((s), \
1182 				    in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1183 #  define	KFREES(x,s)	kfree(x)
1184 
1185 #  define GETIFP(n,v)	dev_get_by_name(n)
1186 
1187 # else
1188 #  include <net/ethernet.h>
1189 
1190 struct mbuf {
1191 };
1192 
1193 #  ifndef _NET_ROUTE_H
1194 struct rtentry {
1195 };
1196 #  endif
1197 
1198 struct ifnet {
1199 	char	if_xname[IFNAMSIZ];
1200 	int	if_unit;
1201 	int	(* if_output) __P((struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *));
1202 	struct	ifaddr	*if_addrlist;
1203 };
1204 # define	IFNAME(x)	((struct ifnet *)x)->if_xname
1205 
1206 # endif	/* _KERNEL */
1207 
1208 # define	COPYIFNAME(x, b) \
1209 				(void) strncpy(b, \
1210 					       ((struct ifnet *)x)->if_xname, \
1211 					       LIFNAMSIZ)
1212 
1213 # include <linux/fs.h>
1214 # define	FWRITE	FMODE_WRITE
1215 # define	FREAD	FMODE_READ
1216 
1217 # define	__USE_MISC	1
1218 # define	__FAVOR_BSD	1
1219 
1220 typedef	struct uio {
1221 	struct iovec	*uio_iov;
1222 	void	*uio_file;
1223 	char	*uio_buf;
1224 	int	uio_iovcnt;
1225 	int	uio_offset;
1226 	size_t	uio_resid;
1227 	int	uio_rw;
1228 } uio_t;
1229 
1230 extern	int	uiomove __P((caddr_t, size_t, int, struct uio *));
1231 
1232 # define	UIO_READ	1
1233 # define	UIO_WRITE	2
1234 
1235 typedef	u_long		ioctlcmd_t;
1236 typedef	int		minor_t;
1237 typedef u_int32_t 	u_32_t;
1238 # define	U_32_T	1
1239 
1240 # define OS_RECOGNISED 1
1241 
1242 #endif
1243 
1244 
1245 /* ----------------------------------------------------------------------- */
1246 /*                                    A I X                                */
1247 /* ----------------------------------------------------------------------- */
1248 #if defined(_AIX51)
1249 # undef		MENTAT
1250 
1251 # include <sys/lock.h>
1252 # include <sys/sysmacros.h>
1253 
1254 # ifdef _KERNEL
1255 #  define rw_read_locked(x)		0
1256 #  include <net/net_globals.h>
1257 #  include <net/net_malloc.h>
1258 #  define	KMUTEX_T		simple_lock_t
1259 #  define	KRWLOCK_T		complex_lock_t
1260 #  define	USE_MUTEXES		1
1261 #  define	USE_SPL			1
1262 #  define	READ_ENTER(x)		lock_read((x)->ipf_lk)
1263 #  define	WRITE_ENTER(x)		lock_write((x)->ipf_lk)
1264 #  define	MUTEX_DOWNGRADE(x)	lock_write_to_read((x)->ipf_lk)
1265 #  define	RWLOCK_INIT(x, y)	lock_alloc(&(x)->ipf_lk, \
1266 						   LOCK_ALLOC_PIN, \
1267 						   (u_short)y, 0); \
1268 					lock_init((x)->ipf_lk, TRUE)
1269 #  define	RWLOCK_EXIT(x)		lock_done((x)->ipf_lk)
1270 #  define	RW_DESTROY(x)		lock_free(&(x)->ipf_lk)
1271 #  define	MUTEX_ENTER(x)		simple_lock((x)->ipf_lk)
1272 #  define	MUTEX_INIT(x, y)	lock_alloc(&(x)->ipf_lk, \
1273 						   LOCK_ALLOC_PIN, \
1274 						   (u_short)y, 0); \
1275 					simple_lock_init((x)->ipf_lk)
1276 #  define	MUTEX_DESTROY(x)	lock_free(&(x)->ipf_lk)
1277 #  define	MUTEX_EXIT(x)		simple_unlock((x)->ipf_lk)
1278 #  define	MUTEX_NUKE(x)		bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1279 #   define	ATOMIC_INC64(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
1280 					  MUTEX_EXIT(&ipf_rw); }
1281 #   define	ATOMIC_DEC64(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
1282 					  MUTEX_EXIT(&ipf_rw); }
1283 #   define	ATOMIC_INC32(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
1284 					  MUTEX_EXIT(&ipf_rw); }
1285 #   define	ATOMIC_DEC32(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
1286 					  MUTEX_EXIT(&ipf_rw); }
1287 #   define	ATOMIC_INCL(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
1288 					  MUTEX_EXIT(&ipf_rw); }
1289 #   define	ATOMIC_DECL(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
1290 					  MUTEX_EXIT(&ipf_rw); }
1291 #   define	ATOMIC_INC(x)		{ MUTEX_ENTER(&ipf_rw); (x)++; \
1292 					  MUTEX_EXIT(&ipf_rw); }
1293 #   define	ATOMIC_DEC(x)		{ MUTEX_ENTER(&ipf_rw); (x)--; \
1294 					  MUTEX_EXIT(&ipf_rw); }
1295 #  define	SPL_NET(x)		x = splnet()
1296 #  define	SPL_IMP(x)		x = splimp()
1297 #  undef	SPL_X
1298 #  define	SPL_X(x)		splx(x)
1299 #  define	UIOMOVE(a,b,c,d)	uiomove((caddr_t)a,b,c,d)
1300 extern void* getifp __P((char *, int));
1301 #  define	GETIFP(n, v)		getifp(n, v)
1302 #  define	GET_MINOR		minor
1303 #  define	SLEEP(id, n)	sleepx((id), PZERO+1, 0)
1304 #  define	WAKEUP(id,x)	wakeup(id)
1305 #  define	COPYIN(a,b,c)	copyin((caddr_t)(a), (caddr_t)(b), (c))
1306 #  define	COPYOUT(a,b,c)	copyout((caddr_t)(a), (caddr_t)(b), (c))
1307 #  define	BCOPYIN(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
1308 #  define	BCOPYOUT(a,b,c)	bcopy((caddr_t)(a), (caddr_t)(b), (c))
1309 #  define	KMALLOC(a, b)	MALLOC((a), b, sizeof(*(a)), M_TEMP, M_NOWAIT)
1310 #  define	KMALLOCS(a, b, c)	MALLOC((a), b, (c), M_TEMP, \
1311 					    ((c) > 4096) ? M_WAITOK : M_NOWAIT)
1312 #  define	KFREE(x)	FREE((x), M_TEMP)
1313 #  define	KFREES(x,s)	FREE((x), M_TEMP)
1314 #  define	MSGDSIZE(x)	mbufchainlen(x)
1315 #  define	M_LEN(x)	(x)->m_len
1316 #  define	M_DUPLICATE(x)	m_copy((x), 0, M_COPYALL)
1317 #  define	GETKTIME(x)
1318 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
1319 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1320 #  define	IPF_PANIC(x,y)
1321 typedef struct mbuf mb_t;
1322 # endif /* _KERNEL */
1323 
1324 /*
1325  * These are from's Solaris' #defines for little endian.
1326  */
1327 #if !defined(IP6F_MORE_FRAG)
1328 # define	IP6F_MORE_FRAG		0x0100
1329 #endif
1330 #if !defined(IP6F_RESERVED_MASK)
1331 # define	IP6F_RESERVED_MASK	0x0600
1332 #endif
1333 #if !defined(IP6F_OFF_MASK)
1334 # define	IP6F_OFF_MASK		0xf8ff
1335 #endif
1336 
1337 struct ip6_ext {
1338 	u_char	ip6e_nxt;
1339 	u_char	ip6e_len;
1340 };
1341 
1342 typedef	int		ioctlcmd_t;
1343 typedef	int		minor_t;
1344 /*
1345  * Really, any arch where sizeof(long) != sizeof(int).
1346  */
1347 typedef unsigned int    u_32_t;
1348 # define	U_32_T	1
1349 
1350 # define OS_RECOGNISED 1
1351 #endif	/* _AIX51 */
1352 
1353 
1354 #ifndef	OS_RECOGNISED
1355 #error	ip_compat.h does not recognise this platform/OS.
1356 #endif
1357 
1358 
1359 /* ----------------------------------------------------------------------- */
1360 /*                           G E N E R I C                                 */
1361 /* ----------------------------------------------------------------------- */
1362 #ifndef OS_RECOGNISED
1363 #endif
1364 
1365 /*
1366  * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in
1367  * filter rules.
1368  */
1369 #if !defined(IPFILTER_BPF) && ((NBPF > 0) || (NBPFILTER > 0) || (DEV_BPF > 0))
1370 # define IPFILTER_BPF
1371 #endif
1372 
1373 /*
1374  * Userland locking primitives
1375  */
1376 typedef	struct	{
1377 	char	*eMm_owner;
1378 	char	*eMm_heldin;
1379 	u_int	eMm_magic;
1380 	int	eMm_held;
1381 	int	eMm_heldat;
1382 #ifdef __hpux
1383 	char	eMm_fill[8];
1384 #endif
1385 } eMmutex_t;
1386 
1387 typedef	struct	{
1388 	char	*eMrw_owner;
1389 	char	*eMrw_heldin;
1390 	u_int	eMrw_magic;
1391 	short	eMrw_read;
1392 	short	eMrw_write;
1393 	int	eMrw_heldat;
1394 #ifdef __hpux
1395 	char	eMm_fill[24];
1396 #endif
1397 } eMrwlock_t;
1398 
1399 typedef union {
1400 #ifdef KMUTEX_T
1401 	struct	{
1402 		KMUTEX_T	ipf_slk;
1403 		char		*ipf_lname;
1404 	} ipf_lkun_s;
1405 #endif
1406 	eMmutex_t	ipf_emu;
1407 } ipfmutex_t;
1408 
1409 typedef union {
1410 #ifdef KRWLOCK_T
1411 	struct	{
1412 		KRWLOCK_T	ipf_slk;
1413 		char		*ipf_lname;
1414 		int		ipf_sr;
1415 		int		ipf_sw;
1416 		u_int		ipf_magic;
1417 	} ipf_lkun_s;
1418 #endif
1419 	eMrwlock_t	ipf_emu;
1420 } ipfrwlock_t;
1421 
1422 #define	ipf_lk		ipf_lkun_s.ipf_slk
1423 #define	ipf_lname	ipf_lkun_s.ipf_lname
1424 #define	ipf_isr		ipf_lkun_s.ipf_sr
1425 #define	ipf_isw		ipf_lkun_s.ipf_sw
1426 #define	ipf_magic	ipf_lkun_s.ipf_magic
1427 
1428 #if !defined(__GNUC__) || \
1429     (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000))
1430 # ifndef	INLINE
1431 #  define	INLINE
1432 # endif
1433 #else
1434 # define	INLINE	__inline__
1435 #endif
1436 
1437 #if defined(linux) && defined(_KERNEL)
1438 extern	INLINE	void	ipf_read_enter __P((ipfrwlock_t *));
1439 extern	INLINE	void	ipf_write_enter __P((ipfrwlock_t *));
1440 extern	INLINE	void	ipf_rw_exit __P((ipfrwlock_t *));
1441 extern	INLINE	void	ipf_rw_downgrade __P((ipfrwlock_t *));
1442 #endif
1443 
1444 /*
1445  * In a non-kernel environment, there are a lot of macros that need to be
1446  * filled in to be null-ops or to point to some compatibility function,
1447  * somewhere in userland.
1448  */
1449 #ifndef _KERNEL
1450 typedef	struct	mb_s	{
1451 	struct	mb_s	*mb_next;
1452 	int		mb_len;
1453 	u_long		mb_buf[2048];
1454 } mb_t;
1455 # undef		m_next
1456 # define	m_next		mb_next
1457 # define	MSGDSIZE(x)	(x)->mb_len	/* XXX - from ipt.c */
1458 # define	M_LEN(x)	(x)->mb_len
1459 # define	M_DUPLICATE(x)	(x)
1460 # define	GETKTIME(x)	gettimeofday((struct timeval *)(x), NULL)
1461 # undef		MTOD
1462 # define	MTOD(m, t)	((t)(m)->mb_buf)
1463 # define	FREE_MB_T(x)
1464 # define	SLEEP(x,y)	1;
1465 # define	WAKEUP(x,y)	;
1466 # define	IPF_PANIC(x,y)	;
1467 # define	PANIC(x,y)	;
1468 # define	SPL_NET(x)	;
1469 # define	SPL_IMP(x)	;
1470 # define	SPL_X(x)	;
1471 # define	KMALLOC(a,b)	(a) = (b)malloc(sizeof(*a))
1472 # define	KMALLOCS(a,b,c)	(a) = (b)malloc(c)
1473 # define	KFREE(x)	free(x)
1474 # define	KFREES(x,s)	free(x)
1475 # define	GETIFP(x, v, ifs)	get_unit(x,v, ifs)
1476 # define	COPYIN(a,b,c)	(bcopy((a), (b), (c)), 0)
1477 # define	COPYOUT(a,b,c)	(bcopy((a), (b), (c)), 0)
1478 # define	BCOPYIN(a,b,c)	(bcopy((a), (b), (c)), 0)
1479 # define	BCOPYOUT(a,b,c)	(bcopy((a), (b), (c)), 0)
1480 # define	COPYDATA(m, o, l, b)	bcopy(MTOD((mb_t *)m, char *) + (o), \
1481 					      (b), (l))
1482 # define	COPYBACK(m, o, l, b)	bcopy((b), \
1483 					      MTOD((mb_t *)m, char *) + (o), \
1484 					      (l))
1485 # define	UIOMOVE(a,b,c,d)	ipfuiomove(a,b,c,d)
1486 extern	void	m_copydata __P((mb_t *, int, int, caddr_t));
1487 extern	int	ipfuiomove __P((caddr_t, int, int, struct uio *));
1488 # ifndef CACHE_HASH
1489 #  define	CACHE_HASH(x)	((IFNAME(fin->fin_ifp)[0] + \
1490 				  ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1491 # endif
1492 
1493 # define	MUTEX_DESTROY(x)	eMmutex_destroy(&(x)->ipf_emu)
1494 # define	MUTEX_ENTER(x)		eMmutex_enter(&(x)->ipf_emu, \
1495 						      __FILE__, __LINE__)
1496 # define	MUTEX_EXIT(x)		eMmutex_exit(&(x)->ipf_emu)
1497 # define	MUTEX_INIT(x,y)		eMmutex_init(&(x)->ipf_emu, y)
1498 # define	MUTEX_NUKE(x)		bzero((x), sizeof(*(x)))
1499 
1500 # define	MUTEX_DOWNGRADE(x)	eMrwlock_downgrade(&(x)->ipf_emu, \
1501 							   __FILE__, __LINE__)
1502 # define	READ_ENTER(x)		eMrwlock_read_enter(&(x)->ipf_emu, \
1503 							    __FILE__, __LINE__)
1504 # define	RWLOCK_INIT(x, y)	eMrwlock_init(&(x)->ipf_emu, y)
1505 # define	RWLOCK_EXIT(x)		eMrwlock_exit(&(x)->ipf_emu)
1506 # define	RW_DESTROY(x)		eMrwlock_destroy(&(x)->ipf_emu)
1507 # define	WRITE_ENTER(x)		eMrwlock_write_enter(&(x)->ipf_emu, \
1508 							     __FILE__, \
1509 							     __LINE__)
1510 
1511 # define	USE_MUTEXES		1
1512 
1513 extern void eMmutex_destroy __P((eMmutex_t *));
1514 extern void eMmutex_enter __P((eMmutex_t *, char *, int));
1515 extern void eMmutex_exit __P((eMmutex_t *));
1516 extern void eMmutex_init __P((eMmutex_t *, char *));
1517 extern void eMrwlock_destroy __P((eMrwlock_t *));
1518 extern void eMrwlock_exit __P((eMrwlock_t *));
1519 extern void eMrwlock_init __P((eMrwlock_t *, char *));
1520 extern void eMrwlock_read_enter __P((eMrwlock_t *, char *, int));
1521 extern void eMrwlock_write_enter __P((eMrwlock_t *, char *, int));
1522 extern void eMrwlock_downgrade __P((eMrwlock_t *, char *, int));
1523 
1524 #undef NET_IS_HCK_L3_FULL
1525 #define	NET_IS_HCK_L3_FULL(n, x) (0)
1526 #undef NET_IS_HCK_L3_PART
1527 #define	NET_IS_HCK_L3_PART(n, x) (0)
1528 #undef NET_IS_HCK_L4_FULL
1529 #define	NET_IS_HCK_L4_FULL(n, x) (0)
1530 #undef NET_IS_HCK_L4_PART
1531 #define	NET_IS_HCK_L4_PART(n, x) (0)
1532 
1533 #endif
1534 
1535 #define	MAX_IPV4HDR	((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8)
1536 
1537 #ifndef	IP_OFFMASK
1538 # define	IP_OFFMASK	0x1fff
1539 #endif
1540 
1541 
1542 /*
1543  * On BSD's use quad_t as a guarantee for getting at least a 64bit sized
1544  * object.
1545  */
1546 #if	BSD > 199306
1547 # define	USE_QUAD_T
1548 # define	U_QUAD_T	u_quad_t
1549 # define	QUAD_T		quad_t
1550 #else /* BSD > 199306 */
1551 # define	U_QUAD_T	u_long
1552 # define	QUAD_T		long
1553 #endif /* BSD > 199306 */
1554 
1555 
1556 #ifdef	USE_INET6
1557 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
1558      defined(__osf__) || defined(linux)
1559 #  include <netinet/ip6.h>
1560 #  include <netinet/icmp6.h>
1561 #  if !defined(linux)
1562 #   if defined(_KERNEL) && !defined(__osf__)
1563 #    include <netinet6/ip6_var.h>
1564 #   endif
1565 #  endif
1566 typedef	struct ip6_hdr	ip6_t;
1567 # endif
1568 #endif
1569 
1570 #ifndef	MAX
1571 # define	MAX(a,b)	(((a) > (b)) ? (a) : (b))
1572 #endif
1573 
1574 #if defined(_KERNEL)
1575 # ifdef MENTAT
1576 #  define	COPYDATA	mb_copydata
1577 #  define	COPYBACK	mb_copyback
1578 # else
1579 #  define	COPYDATA	m_copydata
1580 #  define	COPYBACK	m_copyback
1581 # endif
1582 # if (BSD >= 199306) || defined(__FreeBSD__)
1583 #  if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \
1584        defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \
1585        defined(_BSDI_VERSION)
1586 #   include <vm/vm.h>
1587 #  endif
1588 #  if !defined(__FreeBSD__) || (defined (__FreeBSD_version) && \
1589       (__FreeBSD_version >= 300000))
1590 #   if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105180000)) || \
1591        (defined(OpenBSD) && (OpenBSD >= 200111))
1592 #    include <uvm/uvm_extern.h>
1593 #   else
1594 #    include <vm/vm_extern.h>
1595 extern  vm_map_t        kmem_map;
1596 #   endif
1597 #   include <sys/proc.h>
1598 #  else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1599 #   include <vm/vm_kern.h>
1600 #  endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1601 
1602 #  ifdef IPFILTER_M_IPFILTER
1603 #    include <sys/malloc.h>
1604 MALLOC_DECLARE(M_IPFILTER);
1605 #    define	_M_IPF		M_IPFILTER
1606 #  else /* IPFILTER_M_IPFILTER */
1607 #   ifdef M_PFIL
1608 #    define	_M_IPF		M_PFIL
1609 #   else
1610 #    ifdef M_IPFILTER
1611 #     define	_M_IPF		M_IPFILTER
1612 #    else
1613 #     define	_M_IPF		M_TEMP
1614 #    endif /* M_IPFILTER */
1615 #   endif /* M_PFIL */
1616 #  endif /* IPFILTER_M_IPFILTER */
1617 #  define	KMALLOC(a, b)	MALLOC((a), b, sizeof(*(a)), _M_IPF, M_NOWAIT)
1618 #  define	KMALLOCS(a, b, c)	MALLOC((a), b, (c), _M_IPF, M_NOWAIT)
1619 #  define	KFREE(x)	FREE((x), _M_IPF)
1620 #  define	KFREES(x,s)	FREE((x), _M_IPF)
1621 #  define	UIOMOVE(a,b,c,d)	uiomove(a,b,d)
1622 #  define	SLEEP(id, n)	tsleep((id), PPAUSE|PCATCH, n, 0)
1623 #  define	WAKEUP(id,x)	wakeup(id+x)
1624 #  define	GETIFP(n, v, ifs)	ifunit(n)
1625 # endif /* (Free)BSD */
1626 
1627 # if !defined(USE_MUTEXES) && !defined(SPL_NET)
1628 #  if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199407)) || \
1629       (defined(OpenBSD) && (OpenBSD >= 200006))
1630 #   define	SPL_NET(x)	x = splsoftnet()
1631 #  else
1632 #   define	SPL_IMP(x)	x = splimp()
1633 #   define	SPL_NET(x)	x = splnet()
1634 #  endif /* NetBSD && (NetBSD <= 1991011) && (NetBSD >= 199407) */
1635 #  define	SPL_X(x)	(void) splx(x)
1636 # endif /* !USE_MUTEXES */
1637 
1638 # ifndef FREE_MB_T
1639 #  define	FREE_MB_T(m)	m_freem(m)
1640 # endif
1641 
1642 # ifndef MTOD
1643 #  define	MTOD(m,t)	mtod(m,t)
1644 # endif
1645 
1646 # ifndef COPYIN
1647 #  define	COPYIN(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1648 #  define	COPYOUT(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1649 #  define	BCOPYIN(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1650 #  define	BCOPYOUT(a,b,c)	(bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1651 # endif
1652 
1653 # ifndef KMALLOC
1654 #  define	KMALLOC(a,b)	(a) = (b)new_kmem_alloc(sizeof(*(a)), \
1655 							KMEM_NOSLEEP)
1656 #  define	KMALLOCS(a,b,c)	(a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP)
1657 # endif
1658 
1659 # ifndef	GET_MINOR
1660 #  define	GET_MINOR(x)	minor(x)
1661 # endif
1662 # define	PANIC(x,y)	if (x) panic y
1663 #endif /* _KERNEL */
1664 
1665 #ifndef	IFNAME
1666 # define	IFNAME(x)	((struct ifnet *)x)->if_name
1667 #endif
1668 #ifndef	COPYIFNAME
1669 # define	NEED_FRGETIFNAME
1670 extern	char	*fr_getifname __P((struct ifnet *, char *));
1671 # define	COPYIFNAME(x, b, v) \
1672 				fr_getifname((struct ifnet *)x, b)
1673 #endif
1674 
1675 #ifndef ASSERT
1676 # define	ASSERT(x)
1677 #endif
1678 
1679 /*
1680  * Because the ctype(3) posix definition, if used "safely" in code everywhere,
1681  * would mean all normal code that walks through strings needed casts.  Yuck.
1682  */
1683 #define	ISALNUM(x)	isalnum((u_char)(x))
1684 #define	ISALPHA(x)	isalpha((u_char)(x))
1685 #define	ISASCII(x)	isascii((u_char)(x))
1686 #define	ISDIGIT(x)	isdigit((u_char)(x))
1687 #define	ISPRINT(x)	isprint((u_char)(x))
1688 #define	ISSPACE(x)	isspace((u_char)(x))
1689 #define	ISUPPER(x)	isupper((u_char)(x))
1690 #define	ISXDIGIT(x)	isxdigit((u_char)(x))
1691 #define	ISLOWER(x)	islower((u_char)(x))
1692 #define	TOUPPER(x)	toupper((u_char)(x))
1693 #define	TOLOWER(x)	tolower((u_char)(x))
1694 
1695 /*
1696  * If mutexes aren't being used, turn all the mutex functions into null-ops.
1697  */
1698 #if !defined(USE_MUTEXES)
1699 # define	USE_SPL			1
1700 # undef		RW_DESTROY
1701 # undef		MUTEX_INIT
1702 # undef		MUTEX_NUKE
1703 # undef		MUTEX_DESTROY
1704 # define	MUTEX_ENTER(x)		;
1705 # define	READ_ENTER(x)		;
1706 # define	WRITE_ENTER(x)		;
1707 # define	MUTEX_DOWNGRADE(x)	;
1708 # define	RWLOCK_INIT(x, y)	;
1709 # define	RWLOCK_EXIT(x)		;
1710 # define	RW_DESTROY(x)		;
1711 # define	MUTEX_EXIT(x)		;
1712 # define	MUTEX_INIT(x,y)		;
1713 # define	MUTEX_DESTROY(x)	;
1714 # define	MUTEX_NUKE(x)		;
1715 #endif /* !USE_MUTEXES */
1716 #ifndef	ATOMIC_INC
1717 # define	ATOMIC_INC(x)		(x)++
1718 # define	ATOMIC_DEC(x)		(x)--
1719 #endif
1720 
1721 #if defined(USE_SPL) && defined(_KERNEL)
1722 # define	SPL_INT(x)	int x
1723 #else
1724 # define	SPL_INT(x)
1725 #endif
1726 
1727 /*
1728  * If there are no atomic operations for bit sizes defined, define them to all
1729  * use a generic one that works for all sizes.
1730  */
1731 #ifndef	ATOMIC_INCL
1732 # define	ATOMIC_INCL		ATOMIC_INC
1733 # define	ATOMIC_INC64		ATOMIC_INC
1734 # define	ATOMIC_INC32		ATOMIC_INC
1735 # define	ATOMIC_INC16		ATOMIC_INC
1736 # define	ATOMIC_DECL		ATOMIC_DEC
1737 # define	ATOMIC_DEC64		ATOMIC_DEC
1738 # define	ATOMIC_DEC32		ATOMIC_DEC
1739 # define	ATOMIC_DEC16		ATOMIC_DEC
1740 #endif
1741 
1742 #ifndef HDR_T_PRIVATE
1743 typedef	struct	tcphdr	tcphdr_t;
1744 typedef	struct	udphdr	udphdr_t;
1745 #endif
1746 typedef	struct	icmp	icmphdr_t;
1747 typedef	struct	ip	ip_t;
1748 typedef	struct	ether_header	ether_header_t;
1749 typedef	struct	tcpiphdr	tcpiphdr_t;
1750 
1751 #ifndef	FR_GROUPLEN
1752 # define	FR_GROUPLEN	16
1753 #endif
1754 
1755 #ifdef offsetof
1756 # undef	offsetof
1757 #endif
1758 #ifndef offsetof
1759 # define offsetof(t,m) (int)((&((t *)0L)->m))
1760 #endif
1761 
1762 /*
1763  * This set of macros has been brought about because on Tru64 it is not
1764  * possible to easily assign or examine values in a structure that are
1765  * bit fields.
1766  */
1767 #ifndef IP_V
1768 # define	IP_V(x)		(x)->ip_v
1769 #endif
1770 #ifndef	IP_V_A
1771 # define	IP_V_A(x,y)	(x)->ip_v = (y)
1772 #endif
1773 #ifndef	IP_HL
1774 # define	IP_HL(x)	(x)->ip_hl
1775 #endif
1776 #ifndef	IP_HL_A
1777 # define	IP_HL_A(x,y)	(x)->ip_hl = (y)
1778 #endif
1779 #ifndef	TCP_X2
1780 # define	TCP_X2(x)	(x)->th_x2
1781 #endif
1782 #ifndef	TCP_X2_A
1783 # define	TCP_X2_A(x,y)	(x)->th_x2 = (y)
1784 #endif
1785 #ifndef	TCP_OFF
1786 # define	TCP_OFF(x)	(x)->th_off
1787 #endif
1788 #ifndef	TCP_OFF_A
1789 # define	TCP_OFF_A(x,y)	(x)->th_off = (y)
1790 #endif
1791 #define	IPMINLEN(i, h)	((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h)))
1792 
1793 
1794 /*
1795  * XXX - This is one of those *awful* hacks which nobody likes
1796  */
1797 #ifdef	ultrix
1798 #define	A_A
1799 #else
1800 #define	A_A	&
1801 #endif
1802 
1803 #define	TCPF_ALL	(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\
1804 			 TH_ECN|TH_CWR)
1805 
1806 #if (BSD >= 199306) && !defined(m_act)
1807 # define	m_act	m_nextpkt
1808 #endif
1809 
1810 /*
1811  * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108.
1812  *
1813  * Basic Option
1814  *
1815  * 00000001   -   (Reserved 4)
1816  * 00111101   -   Top Secret
1817  * 01011010   -   Secret
1818  * 10010110   -   Confidential
1819  * 01100110   -   (Reserved 3)
1820  * 11001100   -   (Reserved 2)
1821  * 10101011   -   Unclassified
1822  * 11110001   -   (Reserved 1)
1823  */
1824 #define	IPSO_CLASS_RES4		0x01
1825 #define	IPSO_CLASS_TOPS		0x3d
1826 #define	IPSO_CLASS_SECR		0x5a
1827 #define	IPSO_CLASS_CONF		0x96
1828 #define	IPSO_CLASS_RES3		0x66
1829 #define	IPSO_CLASS_RES2		0xcc
1830 #define	IPSO_CLASS_UNCL		0xab
1831 #define	IPSO_CLASS_RES1		0xf1
1832 
1833 #define	IPSO_AUTH_GENSER	0x80
1834 #define	IPSO_AUTH_ESI		0x40
1835 #define	IPSO_AUTH_SCI		0x20
1836 #define	IPSO_AUTH_NSA		0x10
1837 #define	IPSO_AUTH_DOE		0x08
1838 #define	IPSO_AUTH_UN		0x06
1839 #define	IPSO_AUTH_FTE		0x01
1840 
1841 /*
1842  * IP option #defines
1843  */
1844 #undef	IPOPT_RR
1845 #define	IPOPT_RR	7
1846 #undef	IPOPT_ZSU
1847 #define	IPOPT_ZSU	10	/* ZSU */
1848 #undef	IPOPT_MTUP
1849 #define	IPOPT_MTUP	11	/* MTUP */
1850 #undef	IPOPT_MTUR
1851 #define	IPOPT_MTUR	12	/* MTUR */
1852 #undef	IPOPT_ENCODE
1853 #define	IPOPT_ENCODE	15	/* ENCODE */
1854 #undef	IPOPT_TS
1855 #define	IPOPT_TS	68
1856 #undef	IPOPT_TR
1857 #define	IPOPT_TR	82	/* TR */
1858 #undef	IPOPT_SECURITY
1859 #define	IPOPT_SECURITY	130
1860 #undef	IPOPT_LSRR
1861 #define	IPOPT_LSRR	131
1862 #undef	IPOPT_E_SEC
1863 #define	IPOPT_E_SEC	133	/* E-SEC */
1864 #undef	IPOPT_CIPSO
1865 #define	IPOPT_CIPSO	134	/* CIPSO */
1866 #undef	IPOPT_SATID
1867 #define	IPOPT_SATID	136
1868 #ifndef	IPOPT_SID
1869 # define	IPOPT_SID	IPOPT_SATID
1870 #endif
1871 #undef	IPOPT_SSRR
1872 #define	IPOPT_SSRR	137
1873 #undef	IPOPT_ADDEXT
1874 #define	IPOPT_ADDEXT	147	/* ADDEXT */
1875 #undef	IPOPT_VISA
1876 #define	IPOPT_VISA	142	/* VISA */
1877 #undef	IPOPT_IMITD
1878 #define	IPOPT_IMITD	144	/* IMITD */
1879 #undef	IPOPT_EIP
1880 #define	IPOPT_EIP	145	/* EIP */
1881 #undef	IPOPT_RTRALRT
1882 #define	IPOPT_RTRALRT	148	/* RTRALRT */
1883 #undef	IPOPT_SDB
1884 #define	IPOPT_SDB	149
1885 #undef	IPOPT_NSAPA
1886 #define	IPOPT_NSAPA	150
1887 #undef	IPOPT_DPS
1888 #define	IPOPT_DPS	151
1889 #undef	IPOPT_UMP
1890 #define	IPOPT_UMP	152
1891 #undef	IPOPT_FINN
1892 #define	IPOPT_FINN	205	/* FINN */
1893 
1894 #ifndef TCPOPT_EOL
1895 # define TCPOPT_EOL		0
1896 #endif
1897 #ifndef TCPOPT_NOP
1898 # define TCPOPT_NOP		1
1899 #endif
1900 #ifndef TCPOPT_MAXSEG
1901 # define TCPOPT_MAXSEG		2
1902 #endif
1903 #ifndef TCPOLEN_MAXSEG
1904 # define TCPOLEN_MAXSEG		4
1905 #endif
1906 #ifndef TCPOPT_WINDOW
1907 # define TCPOPT_WINDOW		3
1908 #endif
1909 #ifndef TCPOLEN_WINDOW
1910 # define TCPOLEN_WINDOW		3
1911 #endif
1912 #ifndef TCPOPT_SACK_PERMITTED
1913 # define TCPOPT_SACK_PERMITTED	4
1914 #endif
1915 #ifndef TCPOLEN_SACK_PERMITTED
1916 # define TCPOLEN_SACK_PERMITTED	2
1917 #endif
1918 #ifndef TCPOPT_SACK
1919 # define TCPOPT_SACK		5
1920 #endif
1921 #ifndef TCPOPT_TIMESTAMP
1922 # define TCPOPT_TIMESTAMP	8
1923 #endif
1924 
1925 #ifndef	ICMP_MINLEN
1926 # define	ICMP_MINLEN	8
1927 #endif
1928 #ifndef	ICMP_ECHOREPLY
1929 # define	ICMP_ECHOREPLY	0
1930 #endif
1931 #ifndef	ICMP_UNREACH
1932 # define	ICMP_UNREACH	3
1933 #endif
1934 #ifndef	ICMP_UNREACH_NET
1935 # define	ICMP_UNREACH_NET	0
1936 #endif
1937 #ifndef	ICMP_UNREACH_HOST
1938 # define	ICMP_UNREACH_HOST	1
1939 #endif
1940 #ifndef	ICMP_UNREACH_PROTOCOL
1941 # define	ICMP_UNREACH_PROTOCOL	2
1942 #endif
1943 #ifndef	ICMP_UNREACH_PORT
1944 # define	ICMP_UNREACH_PORT	3
1945 #endif
1946 #ifndef	ICMP_UNREACH_NEEDFRAG
1947 # define	ICMP_UNREACH_NEEDFRAG	4
1948 #endif
1949 #ifndef	ICMP_UNREACH_SRCFAIL
1950 # define	ICMP_UNREACH_SRCFAIL	5
1951 #endif
1952 #ifndef	ICMP_UNREACH_NET_UNKNOWN
1953 # define	ICMP_UNREACH_NET_UNKNOWN	6
1954 #endif
1955 #ifndef	ICMP_UNREACH_HOST_UNKNOWN
1956 # define	ICMP_UNREACH_HOST_UNKNOWN	7
1957 #endif
1958 #ifndef	ICMP_UNREACH_ISOLATED
1959 # define	ICMP_UNREACH_ISOLATED	8
1960 #endif
1961 #ifndef	ICMP_UNREACH_NET_PROHIB
1962 # define	ICMP_UNREACH_NET_PROHIB	9
1963 #endif
1964 #ifndef	ICMP_UNREACH_HOST_PROHIB
1965 # define	ICMP_UNREACH_HOST_PROHIB	10
1966 #endif
1967 #ifndef	ICMP_UNREACH_TOSNET
1968 # define	ICMP_UNREACH_TOSNET	11
1969 #endif
1970 #ifndef	ICMP_UNREACH_TOSHOST
1971 # define	ICMP_UNREACH_TOSHOST	12
1972 #endif
1973 #ifndef	ICMP_UNREACH_ADMIN_PROHIBIT
1974 # define	ICMP_UNREACH_ADMIN_PROHIBIT	13
1975 #endif
1976 #ifndef	ICMP_UNREACH_FILTER
1977 # define	ICMP_UNREACH_FILTER	13
1978 #endif
1979 #ifndef	ICMP_UNREACH_HOST_PRECEDENCE
1980 # define	ICMP_UNREACH_HOST_PRECEDENCE	14
1981 #endif
1982 #ifndef	ICMP_UNREACH_PRECEDENCE_CUTOFF
1983 # define	ICMP_UNREACH_PRECEDENCE_CUTOFF	15
1984 #endif
1985 #ifndef	ICMP_SOURCEQUENCH
1986 # define	ICMP_SOURCEQUENCH	4
1987 #endif
1988 #ifndef	ICMP_REDIRECT_NET
1989 # define	ICMP_REDIRECT_NET	0
1990 #endif
1991 #ifndef	ICMP_REDIRECT_HOST
1992 # define	ICMP_REDIRECT_HOST	1
1993 #endif
1994 #ifndef	ICMP_REDIRECT_TOSNET
1995 # define	ICMP_REDIRECT_TOSNET	2
1996 #endif
1997 #ifndef	ICMP_REDIRECT_TOSHOST
1998 # define	ICMP_REDIRECT_TOSHOST	3
1999 #endif
2000 #ifndef	ICMP_ALTHOSTADDR
2001 # define	ICMP_ALTHOSTADDR	6
2002 #endif
2003 #ifndef	ICMP_TIMXCEED
2004 # define	ICMP_TIMXCEED	11
2005 #endif
2006 #ifndef	ICMP_TIMXCEED_INTRANS
2007 # define	ICMP_TIMXCEED_INTRANS	0
2008 #endif
2009 #ifndef	ICMP_TIMXCEED_REASS
2010 # define		ICMP_TIMXCEED_REASS	1
2011 #endif
2012 #ifndef	ICMP_PARAMPROB
2013 # define	ICMP_PARAMPROB	12
2014 #endif
2015 #ifndef	ICMP_PARAMPROB_ERRATPTR
2016 # define	ICMP_PARAMPROB_ERRATPTR	0
2017 #endif
2018 #ifndef	ICMP_PARAMPROB_OPTABSENT
2019 # define	ICMP_PARAMPROB_OPTABSENT	1
2020 #endif
2021 #ifndef	ICMP_PARAMPROB_LENGTH
2022 # define	ICMP_PARAMPROB_LENGTH	2
2023 #endif
2024 #ifndef ICMP_TSTAMP
2025 # define	ICMP_TSTAMP	13
2026 #endif
2027 #ifndef ICMP_TSTAMPREPLY
2028 # define	ICMP_TSTAMPREPLY	14
2029 #endif
2030 #ifndef ICMP_IREQ
2031 # define	ICMP_IREQ	15
2032 #endif
2033 #ifndef ICMP_IREQREPLY
2034 # define	ICMP_IREQREPLY	16
2035 #endif
2036 #ifndef	ICMP_MASKREQ
2037 # define	ICMP_MASKREQ	17
2038 #endif
2039 #ifndef ICMP_MASKREPLY
2040 # define	ICMP_MASKREPLY	18
2041 #endif
2042 #ifndef	ICMP_TRACEROUTE
2043 # define	ICMP_TRACEROUTE	30
2044 #endif
2045 #ifndef	ICMP_DATACONVERR
2046 # define	ICMP_DATACONVERR	31
2047 #endif
2048 #ifndef	ICMP_MOBILE_REDIRECT
2049 # define	ICMP_MOBILE_REDIRECT	32
2050 #endif
2051 #ifndef	ICMP_IPV6_WHEREAREYOU
2052 # define	ICMP_IPV6_WHEREAREYOU	33
2053 #endif
2054 #ifndef	ICMP_IPV6_IAMHERE
2055 # define	ICMP_IPV6_IAMHERE	34
2056 #endif
2057 #ifndef	ICMP_MOBILE_REGREQUEST
2058 # define	ICMP_MOBILE_REGREQUEST	35
2059 #endif
2060 #ifndef	ICMP_MOBILE_REGREPLY
2061 # define	ICMP_MOBILE_REGREPLY	36
2062 #endif
2063 #ifndef	ICMP_SKIP
2064 # define	ICMP_SKIP	39
2065 #endif
2066 #ifndef	ICMP_PHOTURIS
2067 # define	ICMP_PHOTURIS	40
2068 #endif
2069 #ifndef	ICMP_PHOTURIS_UNKNOWN_INDEX
2070 # define	ICMP_PHOTURIS_UNKNOWN_INDEX	1
2071 #endif
2072 #ifndef	ICMP_PHOTURIS_AUTH_FAILED
2073 # define	ICMP_PHOTURIS_AUTH_FAILED	2
2074 #endif
2075 #ifndef	ICMP_PHOTURIS_DECRYPT_FAILED
2076 # define	ICMP_PHOTURIS_DECRYPT_FAILED	3
2077 #endif
2078 #ifndef	IPVERSION
2079 # define	IPVERSION	4
2080 #endif
2081 #ifndef	IPOPT_MINOFF
2082 # define	IPOPT_MINOFF	4
2083 #endif
2084 #ifndef	IPOPT_COPIED
2085 # define	IPOPT_COPIED(x)	((x)&0x80)
2086 #endif
2087 #ifndef	IPOPT_EOL
2088 # define	IPOPT_EOL	0
2089 #endif
2090 #ifndef	IPOPT_NOP
2091 # define	IPOPT_NOP	1
2092 #endif
2093 #ifndef	IP_MF
2094 # define	IP_MF	((u_short)0x2000)
2095 #endif
2096 #ifndef	ETHERTYPE_IP
2097 # define	ETHERTYPE_IP	((u_short)0x0800)
2098 #endif
2099 #ifndef	TH_FIN
2100 # define	TH_FIN	0x01
2101 #endif
2102 #ifndef	TH_SYN
2103 # define	TH_SYN	0x02
2104 #endif
2105 #ifndef	TH_RST
2106 # define	TH_RST	0x04
2107 #endif
2108 #ifndef	TH_PUSH
2109 # define	TH_PUSH	0x08
2110 #endif
2111 #ifndef	TH_ACK
2112 # define	TH_ACK	0x10
2113 #endif
2114 #ifndef	TH_URG
2115 # define	TH_URG	0x20
2116 #endif
2117 #undef	TH_ACKMASK
2118 #define	TH_ACKMASK	(TH_FIN|TH_SYN|TH_RST|TH_ACK)
2119 
2120 #ifndef	IPOPT_EOL
2121 # define	IPOPT_EOL	0
2122 #endif
2123 #ifndef	IPOPT_NOP
2124 # define	IPOPT_NOP	1
2125 #endif
2126 #ifndef	IPOPT_RR
2127 # define	IPOPT_RR	7
2128 #endif
2129 #ifndef	IPOPT_TS
2130 # define	IPOPT_TS	68
2131 #endif
2132 #ifndef	IPOPT_SECURITY
2133 # define	IPOPT_SECURITY	130
2134 #endif
2135 #ifndef	IPOPT_LSRR
2136 # define	IPOPT_LSRR	131
2137 #endif
2138 #ifndef	IPOPT_SATID
2139 # define	IPOPT_SATID	136
2140 #endif
2141 #ifndef	IPOPT_SSRR
2142 # define	IPOPT_SSRR	137
2143 #endif
2144 #ifndef	IPOPT_SECUR_UNCLASS
2145 # define	IPOPT_SECUR_UNCLASS	((u_short)0x0000)
2146 #endif
2147 #ifndef	IPOPT_SECUR_CONFID
2148 # define	IPOPT_SECUR_CONFID	((u_short)0xf135)
2149 #endif
2150 #ifndef	IPOPT_SECUR_EFTO
2151 # define	IPOPT_SECUR_EFTO	((u_short)0x789a)
2152 #endif
2153 #ifndef	IPOPT_SECUR_MMMM
2154 # define	IPOPT_SECUR_MMMM	((u_short)0xbc4d)
2155 #endif
2156 #ifndef	IPOPT_SECUR_RESTR
2157 # define	IPOPT_SECUR_RESTR	((u_short)0xaf13)
2158 #endif
2159 #ifndef	IPOPT_SECUR_SECRET
2160 # define	IPOPT_SECUR_SECRET	((u_short)0xd788)
2161 #endif
2162 #ifndef IPOPT_SECUR_TOPSECRET
2163 # define	IPOPT_SECUR_TOPSECRET	((u_short)0x6bc5)
2164 #endif
2165 #ifndef IPOPT_OLEN
2166 # define	IPOPT_OLEN	1
2167 #endif
2168 #ifndef	IPPROTO_HOPOPTS
2169 # define	IPPROTO_HOPOPTS	0
2170 #endif
2171 #ifndef	IPPROTO_ENCAP
2172 # define	IPPROTO_ENCAP	4
2173 #endif
2174 #ifndef	IPPROTO_IPV6
2175 # define	IPPROTO_IPV6	41
2176 #endif
2177 #ifndef	IPPROTO_ROUTING
2178 # define	IPPROTO_ROUTING	43
2179 #endif
2180 #ifndef	IPPROTO_FRAGMENT
2181 # define	IPPROTO_FRAGMENT	44
2182 #endif
2183 #ifndef	IPPROTO_GRE
2184 # define	IPPROTO_GRE	47	/* GRE encaps RFC 1701 */
2185 #endif
2186 #ifndef	IPPROTO_ESP
2187 # define	IPPROTO_ESP	50
2188 #endif
2189 #ifndef	IPPROTO_AH
2190 # define	IPPROTO_AH	51
2191 #endif
2192 #ifndef	IPPROTO_ICMPV6
2193 # define	IPPROTO_ICMPV6	58
2194 #endif
2195 #ifndef	IPPROTO_NONE
2196 # define	IPPROTO_NONE	59
2197 #endif
2198 #ifndef	IPPROTO_DSTOPTS
2199 # define	IPPROTO_DSTOPTS	60
2200 #endif
2201 #ifndef	IPPROTO_FRAGMENT
2202 # define	IPPROTO_FRAGMENT	44
2203 #endif
2204 #ifndef	ICMP_ROUTERADVERT
2205 # define	ICMP_ROUTERADVERT	9
2206 #endif
2207 #ifndef	ICMP_ROUTERSOLICIT
2208 # define	ICMP_ROUTERSOLICIT	10
2209 #endif
2210 #ifndef	ICMP6_DST_UNREACH
2211 # define	ICMP6_DST_UNREACH	1
2212 #endif
2213 #ifndef	ICMP6_PACKET_TOO_BIG
2214 # define	ICMP6_PACKET_TOO_BIG	2
2215 #endif
2216 #ifndef	ICMP6_TIME_EXCEEDED
2217 # define	ICMP6_TIME_EXCEEDED	3
2218 #endif
2219 #ifndef	ICMP6_PARAM_PROB
2220 # define	ICMP6_PARAM_PROB	4
2221 #endif
2222 
2223 #ifndef	ICMP6_ECHO_REQUEST
2224 # define	ICMP6_ECHO_REQUEST	128
2225 #endif
2226 #ifndef	ICMP6_ECHO_REPLY
2227 # define	ICMP6_ECHO_REPLY	129
2228 #endif
2229 #ifndef	ICMP6_MEMBERSHIP_QUERY
2230 # define	ICMP6_MEMBERSHIP_QUERY	130
2231 #endif
2232 #ifndef	MLD6_LISTENER_QUERY
2233 # define	MLD6_LISTENER_QUERY	130
2234 #endif
2235 #ifndef	ICMP6_MEMBERSHIP_REPORT
2236 # define	ICMP6_MEMBERSHIP_REPORT	131
2237 #endif
2238 #ifndef	MLD6_LISTENER_REPORT
2239 # define	MLD6_LISTENER_REPORT	131
2240 #endif
2241 #ifndef	ICMP6_MEMBERSHIP_REDUCTION
2242 # define	ICMP6_MEMBERSHIP_REDUCTION	132
2243 #endif
2244 #ifndef	MLD6_LISTENER_DONE
2245 # define	MLD6_LISTENER_DONE	132
2246 #endif
2247 #ifndef	ND_ROUTER_SOLICIT
2248 # define	ND_ROUTER_SOLICIT	133
2249 #endif
2250 #ifndef	ND_ROUTER_ADVERT
2251 # define	ND_ROUTER_ADVERT	134
2252 #endif
2253 #ifndef	ND_NEIGHBOR_SOLICIT
2254 # define	ND_NEIGHBOR_SOLICIT	135
2255 #endif
2256 #ifndef	ND_NEIGHBOR_ADVERT
2257 # define	ND_NEIGHBOR_ADVERT	136
2258 #endif
2259 #ifndef	ND_REDIRECT
2260 # define	ND_REDIRECT	137
2261 #endif
2262 #ifndef	ICMP6_ROUTER_RENUMBERING
2263 # define	ICMP6_ROUTER_RENUMBERING	138
2264 #endif
2265 #ifndef	ICMP6_WRUREQUEST
2266 # define	ICMP6_WRUREQUEST	139
2267 #endif
2268 #ifndef	ICMP6_WRUREPLY
2269 # define	ICMP6_WRUREPLY		140
2270 #endif
2271 #ifndef	ICMP6_FQDN_QUERY
2272 # define	ICMP6_FQDN_QUERY	139
2273 #endif
2274 #ifndef	ICMP6_FQDN_REPLY
2275 # define	ICMP6_FQDN_REPLY	140
2276 #endif
2277 #ifndef	ICMP6_NI_QUERY
2278 # define	ICMP6_NI_QUERY		139
2279 #endif
2280 #ifndef	ICMP6_NI_REPLY
2281 # define	ICMP6_NI_REPLY		140
2282 #endif
2283 #ifndef	MLD6_MTRACE_RESP
2284 # define	MLD6_MTRACE_RESP	200
2285 #endif
2286 #ifndef	MLD6_MTRACE
2287 # define	MLD6_MTRACE		201
2288 #endif
2289 #ifndef	ICMP6_HADISCOV_REQUEST
2290 # define	ICMP6_HADISCOV_REQUEST	202
2291 #endif
2292 #ifndef	ICMP6_HADISCOV_REPLY
2293 # define	ICMP6_HADISCOV_REPLY	203
2294 #endif
2295 #ifndef	ICMP6_MOBILEPREFIX_SOLICIT
2296 # define	ICMP6_MOBILEPREFIX_SOLICIT	204
2297 #endif
2298 #ifndef	ICMP6_MOBILEPREFIX_ADVERT
2299 # define	ICMP6_MOBILEPREFIX_ADVERT	205
2300 #endif
2301 #ifndef	ICMP6_MAXTYPE
2302 # define	ICMP6_MAXTYPE		205
2303 #endif
2304 
2305 #ifndef	ICMP6_DST_UNREACH_NOROUTE
2306 # define	ICMP6_DST_UNREACH_NOROUTE	0
2307 #endif
2308 #ifndef	ICMP6_DST_UNREACH_ADMIN
2309 # define	ICMP6_DST_UNREACH_ADMIN		1
2310 #endif
2311 #ifndef	ICMP6_DST_UNREACH_NOTNEIGHBOR
2312 # define	ICMP6_DST_UNREACH_NOTNEIGHBOR	2
2313 #endif
2314 #ifndef	ICMP6_DST_UNREACH_BEYONDSCOPE
2315 # define	ICMP6_DST_UNREACH_BEYONDSCOPE	2
2316 #endif
2317 #ifndef	ICMP6_DST_UNREACH_ADDR
2318 # define	ICMP6_DST_UNREACH_ADDR		3
2319 #endif
2320 #ifndef	ICMP6_DST_UNREACH_NOPORT
2321 # define	ICMP6_DST_UNREACH_NOPORT	4
2322 #endif
2323 #ifndef	ICMP6_TIME_EXCEED_TRANSIT
2324 # define	ICMP6_TIME_EXCEED_TRANSIT	0
2325 #endif
2326 #ifndef	ICMP6_TIME_EXCEED_REASSEMBLY
2327 # define	ICMP6_TIME_EXCEED_REASSEMBLY	1
2328 #endif
2329 
2330 #ifndef	ICMP6_NI_SUCCESS
2331 # define	ICMP6_NI_SUCCESS	0
2332 #endif
2333 #ifndef	ICMP6_NI_REFUSED
2334 # define	ICMP6_NI_REFUSED	1
2335 #endif
2336 #ifndef	ICMP6_NI_UNKNOWN
2337 # define	ICMP6_NI_UNKNOWN	2
2338 #endif
2339 
2340 #ifndef	ICMP6_ROUTER_RENUMBERING_COMMAND
2341 # define	ICMP6_ROUTER_RENUMBERING_COMMAND	0
2342 #endif
2343 #ifndef	ICMP6_ROUTER_RENUMBERING_RESULT
2344 # define	ICMP6_ROUTER_RENUMBERING_RESULT	1
2345 #endif
2346 #ifndef	ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET
2347 # define	ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET	255
2348 #endif
2349 
2350 #ifndef	ICMP6_PARAMPROB_HEADER
2351 # define	ICMP6_PARAMPROB_HEADER	0
2352 #endif
2353 #ifndef	ICMP6_PARAMPROB_NEXTHEADER
2354 # define	ICMP6_PARAMPROB_NEXTHEADER	1
2355 #endif
2356 #ifndef	ICMP6_PARAMPROB_OPTION
2357 # define	ICMP6_PARAMPROB_OPTION	2
2358 #endif
2359 
2360 #ifndef	ICMP6_NI_SUBJ_IPV6
2361 # define	ICMP6_NI_SUBJ_IPV6	0
2362 #endif
2363 #ifndef	ICMP6_NI_SUBJ_FQDN
2364 # define	ICMP6_NI_SUBJ_FQDN	1
2365 #endif
2366 #ifndef	ICMP6_NI_SUBJ_IPV4
2367 # define	ICMP6_NI_SUBJ_IPV4	2
2368 #endif
2369 
2370 /*
2371  * ECN is a new addition to TCP - RFC 2481
2372  */
2373 #ifndef TH_ECN
2374 # define	TH_ECN	0x40
2375 #endif
2376 #ifndef TH_CWR
2377 # define	TH_CWR	0x80
2378 #endif
2379 #define	TH_ECNALL	(TH_ECN|TH_CWR)
2380 
2381 /*
2382  * TCP States
2383  */
2384 #define IPF_TCPS_CLOSED		0	/* closed */
2385 #define IPF_TCPS_LISTEN		1	/* listening for connection */
2386 #define IPF_TCPS_SYN_SENT	2	/* active, have sent syn */
2387 #define IPF_TCPS_SYN_RECEIVED	3	/* have send and received syn */
2388 #define IPF_TCPS_HALF_ESTAB	4	/* for connections not fully "up" */
2389 /* states < IPF_TCPS_ESTABLISHED are those where connections not established */
2390 #define IPF_TCPS_ESTABLISHED	5	/* established */
2391 #define IPF_TCPS_CLOSE_WAIT	6	/* rcvd fin, waiting for close */
2392 /* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */
2393 #define IPF_TCPS_FIN_WAIT_1	7	/* have closed, sent fin */
2394 #define IPF_TCPS_CLOSING	8	/* closed xchd FIN; await FIN ACK */
2395 #define IPF_TCPS_LAST_ACK	9	/* had fin and close; await FIN ACK */
2396 /* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */
2397 #define IPF_TCPS_FIN_WAIT_2	10	/* have closed, fin is acked */
2398 #define IPF_TCPS_TIME_WAIT	11	/* in 2*msl quiet wait after close */
2399 #define IPF_TCP_NSTATES		12
2400 
2401 #define	TCP_MSL			120
2402 
2403 #undef	ICMP_MAX_UNREACH
2404 #define	ICMP_MAX_UNREACH	14
2405 #undef	ICMP_MAXTYPE
2406 #define	ICMP_MAXTYPE		18
2407 
2408 #ifndef	IFNAMSIZ
2409 #define	IFNAMSIZ		16
2410 #endif
2411 
2412 #ifndef	LOG_FTP
2413 # define	LOG_FTP		(11<<3)
2414 #endif
2415 #ifndef	LOG_AUTHPRIV
2416 # define	LOG_AUTHPRIV	(10<<3)
2417 #endif
2418 #ifndef	LOG_AUDIT
2419 # define	LOG_AUDIT	(13<<3)
2420 #endif
2421 #ifndef	LOG_NTP
2422 # define	LOG_NTP		(12<<3)
2423 #endif
2424 #ifndef	LOG_SECURITY
2425 # define	LOG_SECURITY	(13<<3)
2426 #endif
2427 #ifndef	LOG_LFMT
2428 # define	LOG_LFMT	(14<<3)
2429 #endif
2430 #ifndef	LOG_CONSOLE
2431 # define	LOG_CONSOLE	(14<<3)
2432 #endif
2433 
2434 /*
2435  * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data,
2436  * another IP header and then 64 bits of data, totalling 56.  Of course,
2437  * the last 64 bits is dependent on that being available.
2438  */
2439 #define	ICMPERR_ICMPHLEN	8
2440 #define	ICMPERR_IPICMPHLEN	(20 + 8)
2441 #define	ICMPERR_MINPKTLEN	(20 + 8 + 20)
2442 #define	ICMPERR_MAXPKTLEN	(20 + 8 + 20 + 8)
2443 #define ICMP6ERR_MINPKTLEN	(40 + 8)
2444 #define ICMP6ERR_IPICMPHLEN	(40 + 8 + 40)
2445 
2446 #ifndef MIN
2447 # define	MIN(a,b)	(((a)<(b))?(a):(b))
2448 #endif
2449 
2450 #ifdef IPF_DEBUG
2451 # define	DPRINT(x)	printf x
2452 #else
2453 # define	DPRINT(x)
2454 #endif
2455 
2456 #ifdef RESCUE
2457 # undef IPFILTER_BPF
2458 #endif
2459 
2460 #endif	/* __IP_COMPAT_H__ */
2461