summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sbin/ipfw/ipfw2.c2
-rw-r--r--sys/netinet/ip_fw.h11
-rw-r--r--sys/netinet/ip_fw2.c3
3 files changed, 16 insertions, 0 deletions
diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c
index 11c78bf..f5b3ae9 100644
--- a/sbin/ipfw/ipfw2.c
+++ b/sbin/ipfw/ipfw2.c
@@ -47,6 +47,8 @@
#include <unistd.h>
#include <fcntl.h>
+#define IPFW_INTERNAL /* Access to protected structures in ip_fw.h. */
+
#include <net/ethernet.h>
#include <net/if.h>
#include <net/if_dl.h>
diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h
index 16d0c5d..ae3b60f 100644
--- a/sys/netinet/ip_fw.h
+++ b/sys/netinet/ip_fw.h
@@ -310,18 +310,25 @@ typedef struct _ipfw_insn_log {
u_int32_t log_left; /* how many left to log */
} ipfw_insn_log;
+/*
+ * Data structures required by both ipfw(8) and ipfw(4) but not part of the
+ * management API are protcted by IPFW_INTERNAL.
+ */
+#ifdef IPFW_INTERNAL
/* Server pool support (LSNAT). */
struct cfg_spool {
LIST_ENTRY(cfg_spool) _next; /* chain of spool instances */
struct in_addr addr;
u_short port;
};
+#endif
/* Redirect modes id. */
#define REDIR_ADDR 0x01
#define REDIR_PORT 0x02
#define REDIR_PROTO 0x04
+#ifdef IPFW_INTERNAL
/* Nat redirect configuration. */
struct cfg_redir {
LIST_ENTRY(cfg_redir) _next; /* chain of redir instances */
@@ -341,8 +348,11 @@ struct cfg_redir {
/* chain of spool instances */
LIST_HEAD(spool_chain, cfg_spool) spool_chain;
};
+#endif
#define NAT_BUF_LEN 1024
+
+#ifdef IPFW_INTERNAL
/* Nat configuration data struct. */
struct cfg_nat {
/* chain of nat instances */
@@ -357,6 +367,7 @@ struct cfg_nat {
/* chain of redir instances */
LIST_HEAD(redir_chain, cfg_redir) redir_chain;
};
+#endif
#define SOF_NAT sizeof(struct cfg_nat)
#define SOF_REDIR sizeof(struct cfg_redir)
diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c
index 1c25978..a094a17 100644
--- a/sys/netinet/ip_fw2.c
+++ b/sys/netinet/ip_fw2.c
@@ -68,6 +68,9 @@ __FBSDID("$FreeBSD$");
#include <net/radix.h>
#include <net/route.h>
#include <net/pf_mtag.h>
+
+#define IPFW_INTERNAL /* Access to protected data structures in ip_fw.h. */
+
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/in_var.h>
OpenPOWER on IntegriCloud