diff options
author | bz <bz@FreeBSD.org> | 2008-08-17 23:27:27 +0000 |
---|---|---|
committer | bz <bz@FreeBSD.org> | 2008-08-17 23:27:27 +0000 |
commit | 1021d43b569bfc8d2c5544bde2f540fa432b011f (patch) | |
tree | 1496da534aec03cf2f9d2d0735d80e4c1e3b5715 /sys/netinet/ip_fw_nat.c | |
parent | 7fc341305a3e341fca7f202fc1219358f8d9dbbd (diff) | |
download | FreeBSD-src-1021d43b569bfc8d2c5544bde2f540fa432b011f.zip FreeBSD-src-1021d43b569bfc8d2c5544bde2f540fa432b011f.tar.gz |
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
Diffstat (limited to 'sys/netinet/ip_fw_nat.c')
-rw-r--r-- | sys/netinet/ip_fw_nat.c | 71 |
1 files changed, 36 insertions, 35 deletions
diff --git a/sys/netinet/ip_fw_nat.c b/sys/netinet/ip_fw_nat.c index 3a4f4a1..688a181 100644 --- a/sys/netinet/ip_fw_nat.c +++ b/sys/netinet/ip_fw_nat.c @@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$"); #include <sys/sysctl.h> #include <sys/syslog.h> #include <sys/ucred.h> +#include <sys/vimage.h> #include <netinet/libalias/alias.h> #include <netinet/libalias/alias_local.h> @@ -84,9 +85,9 @@ ifaddr_change(void *arg __unused, struct ifnet *ifp) struct cfg_nat *ptr; struct ifaddr *ifa; - IPFW_WLOCK(&layer3_chain); + IPFW_WLOCK(&V_layer3_chain); /* Check every nat entry... */ - LIST_FOREACH(ptr, &layer3_chain.nat, _next) { + LIST_FOREACH(ptr, &V_layer3_chain.nat, _next) { /* ...using nic 'ifp->if_xname' as dynamic alias address. */ if (strncmp(ptr->if_name, ifp->if_xname, IF_NAMESIZE) == 0) { mtx_lock(&ifp->if_addr_mtx); @@ -102,7 +103,7 @@ ifaddr_change(void *arg __unused, struct ifnet *ifp) mtx_unlock(&ifp->if_addr_mtx); } } - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&V_layer3_chain); } static void @@ -110,8 +111,8 @@ flush_nat_ptrs(const int i) { struct ip_fw *rule; - IPFW_WLOCK_ASSERT(&layer3_chain); - for (rule = layer3_chain.rules; rule; rule = rule->next) { + IPFW_WLOCK_ASSERT(&V_layer3_chain); + for (rule = V_layer3_chain.rules; rule; rule = rule->next) { ipfw_insn_nat *cmd = (ipfw_insn_nat *)ACTION_PTR(rule); if (cmd->o.opcode != O_NAT) continue; @@ -121,12 +122,12 @@ flush_nat_ptrs(const int i) } #define HOOK_NAT(b, p) do { \ - IPFW_WLOCK_ASSERT(&layer3_chain); \ + IPFW_WLOCK_ASSERT(&V_layer3_chain); \ LIST_INSERT_HEAD(b, p, _next); \ } while (0) #define UNHOOK_NAT(p) do { \ - IPFW_WLOCK_ASSERT(&layer3_chain); \ + IPFW_WLOCK_ASSERT(&V_layer3_chain); \ LIST_REMOVE(p, _next); \ } while (0) @@ -414,20 +415,20 @@ ipfw_nat_cfg(struct sockopt *sopt) /* * Find/create nat rule. */ - IPFW_WLOCK(&layer3_chain); - LOOKUP_NAT(layer3_chain, ser_n->id, ptr); + IPFW_WLOCK(&V_layer3_chain); + LOOKUP_NAT(V_layer3_chain, ser_n->id, ptr); if (ptr == NULL) { /* New rule: allocate and init new instance. */ ptr = malloc(sizeof(struct cfg_nat), M_IPFW, M_NOWAIT | M_ZERO); if (ptr == NULL) { - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&V_layer3_chain); free(buf, M_IPFW); return (ENOSPC); } ptr->lib = LibAliasInit(NULL); if (ptr->lib == NULL) { - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&V_layer3_chain); free(ptr, M_IPFW); free(buf, M_IPFW); return (EINVAL); @@ -438,7 +439,7 @@ ipfw_nat_cfg(struct sockopt *sopt) UNHOOK_NAT(ptr); flush_nat_ptrs(ser_n->id); } - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&V_layer3_chain); /* * Basic nat configuration. @@ -464,9 +465,9 @@ ipfw_nat_cfg(struct sockopt *sopt) /* Add new entries. */ add_redir_spool_cfg(&buf[(sizeof(struct cfg_nat))], ptr); free(buf, M_IPFW); - IPFW_WLOCK(&layer3_chain); - HOOK_NAT(&layer3_chain.nat, ptr); - IPFW_WUNLOCK(&layer3_chain); + IPFW_WLOCK(&V_layer3_chain); + HOOK_NAT(&V_layer3_chain.nat, ptr); + IPFW_WUNLOCK(&V_layer3_chain); return (0); } @@ -477,15 +478,15 @@ ipfw_nat_del(struct sockopt *sopt) int i; sooptcopyin(sopt, &i, sizeof i, sizeof i); - IPFW_WLOCK(&layer3_chain); - LOOKUP_NAT(layer3_chain, i, ptr); + IPFW_WLOCK(&V_layer3_chain); + LOOKUP_NAT(V_layer3_chain, i, ptr); if (ptr == NULL) { - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&V_layer3_chain); return (EINVAL); } UNHOOK_NAT(ptr); flush_nat_ptrs(i); - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&V_layer3_chain); del_redir_spool_cfg(ptr, &ptr->redir_chain); LibAliasUninit(ptr->lib); free(ptr, M_IPFW); @@ -505,9 +506,9 @@ ipfw_nat_get_cfg(struct sockopt *sopt) off = sizeof(nat_cnt); data = malloc(NAT_BUF_LEN, M_IPFW, M_WAITOK | M_ZERO); - IPFW_RLOCK(&layer3_chain); + IPFW_RLOCK(&V_layer3_chain); /* Serialize all the data. */ - LIST_FOREACH(n, &layer3_chain.nat, _next) { + LIST_FOREACH(n, &V_layer3_chain.nat, _next) { nat_cnt++; if (off + SOF_NAT < NAT_BUF_LEN) { bcopy(n, &data[off], SOF_NAT); @@ -534,12 +535,12 @@ ipfw_nat_get_cfg(struct sockopt *sopt) goto nospace; } bcopy(&nat_cnt, data, sizeof(nat_cnt)); - IPFW_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&V_layer3_chain); sooptcopyout(sopt, data, NAT_BUF_LEN); free(data, M_IPFW); return (0); nospace: - IPFW_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&V_layer3_chain); printf("serialized data buffer not big enough:" "please increase NAT_BUF_LEN\n"); free(data, M_IPFW); @@ -557,16 +558,16 @@ ipfw_nat_get_log(struct sockopt *sopt) sof = LIBALIAS_BUF_SIZE; cnt = 0; - IPFW_RLOCK(&layer3_chain); + IPFW_RLOCK(&V_layer3_chain); size = i = 0; - LIST_FOREACH(ptr, &layer3_chain.nat, _next) { + LIST_FOREACH(ptr, &V_layer3_chain.nat, _next) { if (ptr->lib->logDesc == NULL) continue; cnt++; size = cnt * (sof + sizeof(int)); data = realloc(data, size, M_IPFW, M_NOWAIT | M_ZERO); if (data == NULL) { - IPFW_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&V_layer3_chain); return (ENOSPC); } bcopy(&ptr->id, &data[i], sizeof(int)); @@ -574,7 +575,7 @@ ipfw_nat_get_log(struct sockopt *sopt) bcopy(ptr->lib->logDesc, &data[i], sof); i += sof; } - IPFW_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&V_layer3_chain); sooptcopyout(sopt, data, size); free(data, M_IPFW); return(0); @@ -584,15 +585,15 @@ static void ipfw_nat_init(void) { - IPFW_WLOCK(&layer3_chain); + IPFW_WLOCK(&V_layer3_chain); /* init ipfw hooks */ ipfw_nat_ptr = ipfw_nat; ipfw_nat_cfg_ptr = ipfw_nat_cfg; ipfw_nat_del_ptr = ipfw_nat_del; ipfw_nat_get_cfg_ptr = ipfw_nat_get_cfg; ipfw_nat_get_log_ptr = ipfw_nat_get_log; - IPFW_WUNLOCK(&layer3_chain); - ifaddr_event_tag = EVENTHANDLER_REGISTER(ifaddr_event, ifaddr_change, + IPFW_WUNLOCK(&V_layer3_chain); + V_ifaddr_event_tag = EVENTHANDLER_REGISTER(ifaddr_event, ifaddr_change, NULL, EVENTHANDLER_PRI_ANY); } @@ -602,23 +603,23 @@ ipfw_nat_destroy(void) struct ip_fw *rule; struct cfg_nat *ptr, *ptr_temp; - IPFW_WLOCK(&layer3_chain); - LIST_FOREACH_SAFE(ptr, &layer3_chain.nat, _next, ptr_temp) { + IPFW_WLOCK(&V_layer3_chain); + LIST_FOREACH_SAFE(ptr, &V_layer3_chain.nat, _next, ptr_temp) { LIST_REMOVE(ptr, _next); del_redir_spool_cfg(ptr, &ptr->redir_chain); LibAliasUninit(ptr->lib); free(ptr, M_IPFW); } - EVENTHANDLER_DEREGISTER(ifaddr_event, ifaddr_event_tag); + EVENTHANDLER_DEREGISTER(ifaddr_event, V_ifaddr_event_tag); /* flush all nat ptrs */ - for (rule = layer3_chain.rules; rule; rule = rule->next) { + for (rule = V_layer3_chain.rules; rule; rule = rule->next) { ipfw_insn_nat *cmd = (ipfw_insn_nat *)ACTION_PTR(rule); if (cmd->o.opcode == O_NAT) cmd->nat = NULL; } /* deregister ipfw_nat */ ipfw_nat_ptr = NULL; - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&V_layer3_chain); } static int |