diff options
Diffstat (limited to 'sys/contrib/ipfilter/netinet/ip_lookup.c')
-rw-r--r-- | sys/contrib/ipfilter/netinet/ip_lookup.c | 50 |
1 files changed, 43 insertions, 7 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_lookup.c b/sys/contrib/ipfilter/netinet/ip_lookup.c index 12b1f4a..e33a6fe 100644 --- a/sys/contrib/ipfilter/netinet/ip_lookup.c +++ b/sys/contrib/ipfilter/netinet/ip_lookup.c @@ -58,7 +58,7 @@ struct file; /* END OF INCLUDES */ #if !defined(lint) -static const char rcsid[] = "@(#)$Id: ip_lookup.c,v 2.35.2.15 2007/05/26 13:05:13 darrenr Exp $"; +static const char rcsid[] = "@(#)$Id: ip_lookup.c,v 2.35.2.19 2007/10/11 09:05:51 darrenr Exp $"; #endif #ifdef IPFILTER_LOOKUP @@ -70,6 +70,8 @@ static int iplookup_addtable __P((caddr_t)); static int iplookup_deltable __P((caddr_t)); static int iplookup_stats __P((caddr_t)); static int iplookup_flush __P((caddr_t)); +static int iplookup_iterate __P((void *, int, void *)); +static int iplookup_deltok __P((void *, int, void *)); /* ------------------------------------------------------------------------ */ @@ -181,7 +183,11 @@ void *ctx; break; case SIOCLOOKUPITER : - err = ip_lookup_iterate(data, uid, ctx); + err = iplookup_iterate(data, uid, ctx); + break; + + case SIOCIPFDELTOK : + err = iplookup_deltok(data, uid, ctx); break; default : @@ -287,8 +293,9 @@ caddr_t data; ip_pool_t *p; int err; - err = 0; - BCOPYIN(data, &op, sizeof(op)); + err = BCOPYIN(data, &op, sizeof(op)); + if (err != 0) + return EFAULT; if (op.iplo_unit < 0 || op.iplo_unit > IPL_LOGMAX) return EINVAL; @@ -558,13 +565,15 @@ void *ptr; /* ------------------------------------------------------------------------ */ -/* Function: ip_lookup_iterate */ +/* Function: iplookup_iterate */ /* Returns: int - 0 = success, else error */ /* Parameters: data(I) - pointer to data from ioctl call */ +/* uid(I) - uid of caller */ +/* ctx(I) - pointer to give the uid context */ /* */ /* Decodes ioctl request to step through either hash tables or pools. */ /* ------------------------------------------------------------------------ */ -int ip_lookup_iterate(data, uid, ctx) +static int iplookup_iterate(data, uid, ctx) void *data; int uid; void *ctx; @@ -578,7 +587,7 @@ void *ctx; if (err != 0) return err; - if (iter.ili_unit < 0 || iter.ili_unit > IPL_LOGMAX) + if (iter.ili_unit > IPL_LOGMAX) return EINVAL; if (iter.ili_ival != IPFGENITER_LOOKUP) @@ -644,6 +653,33 @@ void *data; } +/* ------------------------------------------------------------------------ */ +/* Function: iplookup_deltok */ +/* Returns: int - 0 = success, else error */ +/* Parameters: data(I) - pointer to data from ioctl call */ +/* uid(I) - uid of caller */ +/* ctx(I) - pointer to give the uid context */ +/* */ +/* Deletes the token identified by the combination of (type,uid,ctx) */ +/* "key" is a combination of the table type, iterator type and the unit for */ +/* which the token was being used. */ +/* ------------------------------------------------------------------------ */ +static int iplookup_deltok(data, uid, ctx) +void *data; +int uid; +void *ctx; +{ + int error, key; + SPL_INT(s); + + SPL_SCHED(s); + error = BCOPYIN(data, &key, sizeof(key)); + if (error == 0) + error = ipf_deltoken(key, uid, ctx); + SPL_X(s); + return error; +} + #else /* IPFILTER_LOOKUP */ |