1 files changed, 117 insertions, 0 deletions

diff --git a/sys/contrib/ipfilter/netinet/ip_sync.h b/sys/contrib/ipfilter/netinet/ip_sync.h
new file mode 100644
index 0000000..8104db3
--- /dev/null
+++ b/sys/contrib/ipfilter/netinet/ip_sync.h
@@ -0,0 +1,117 @@
+/*
+ * Copyright (C) 1993-2001 by Darren Reed.
+ *
+ * See the IPFILTER.LICENCE file for details on licencing.
+ *
+ * @(#)ip_fil.h	1.35 6/5/96
+ * $Id: ip_sync.h,v 2.11.2.4 2006/07/14 06:12:20 darrenr Exp $
+ */
+
+#ifndef __IP_SYNC_H__
+#define __IP_SYNC_H__
+
+typedef	struct	synchdr	{
+	u_32_t		sm_magic;	/* magic */
+	u_char		sm_v;		/* version: 4,6 */
+	u_char		sm_p;		/* protocol */
+	u_char		sm_cmd;		/* command */
+	u_char		sm_table;	/* NAT, STATE, etc */
+	u_int		sm_num;		/* table entry number */
+	int		sm_rev;		/* forward/reverse */
+	int		sm_len;		/* length of the data section */
+	struct	synclist	*sm_sl;		/* back pointer to parent */
+} synchdr_t;
+
+
+#define SYNHDRMAGIC 0x0FF51DE5
+
+/*
+ * Commands
+ * No delete required as expirey will take care of that!
+ */
+#define	SMC_CREATE	0	/* pass ipstate_t after synchdr_t */
+#define	SMC_UPDATE	1
+#define	SMC_MAXCMD	1
+
+/*
+ * Tables
+ */
+#define	SMC_NAT		0
+#define	SMC_STATE	1
+#define	SMC_MAXTBL	1
+
+
+/*
+ * Only TCP requires "more" information than just a reference to the entry
+ * for which an update is being made.
+ */
+typedef	struct	synctcp_update	{
+	u_long		stu_age;
+	tcpdata_t	stu_data[2];
+	int		stu_state[2];
+} synctcp_update_t;
+
+
+typedef	struct	synclist	{
+	struct	synclist	*sl_next;
+	struct	synclist	**sl_pnext;
+	int			sl_idx;		/* update index */
+	struct	synchdr		sl_hdr;
+	union	{
+		struct	ipstate	*slu_ips;
+		struct	nat	*slu_ipn;
+		void		*slu_ptr;
+	} sl_un;
+} synclist_t;
+
+#define	sl_ptr	sl_un.slu_ptr
+#define	sl_ips	sl_un.slu_ips
+#define	sl_ipn	sl_un.slu_ipn
+#define	sl_magic sl_hdr.sm_magic
+#define	sl_v	sl_hdr.sm_v
+#define	sl_p	sl_hdr.sm_p
+#define	sl_cmd	sl_hdr.sm_cmd
+#define	sl_rev	sl_hdr.sm_rev
+#define	sl_table	sl_hdr.sm_table
+#define	sl_num	sl_hdr.sm_num
+#define	sl_len	sl_hdr.sm_len
+
+/*
+ * NOTE: SYNCLOG_SZ is defined *low*.  It should be the next power of two
+ * up for whatever number of packets per second you expect to see.  Be
+ * warned: this index's a table of large elements (upto 272 bytes in size
+ * each), and thus a size of 8192, for example, results in a 2MB table.
+ * The lesson here is not to use small machines for running fast firewalls
+ * (100BaseT) in sync, where you might have upwards of 10k pps.
+ */
+#define	SYNCLOG_SZ	256
+
+typedef	struct	synclogent	{
+	struct	synchdr	sle_hdr;
+	union	{
+		struct	ipstate	sleu_ips;
+		struct	nat	sleu_ipn;
+	} sle_un;
+} synclogent_t;
+
+typedef	struct	syncupdent	{		/* 28 or 32 bytes */
+	struct	synchdr	sup_hdr;
+	struct	synctcp_update	sup_tcp;
+} syncupdent_t;
+
+extern	synclogent_t	synclog[SYNCLOG_SZ];
+
+
+extern	int fr_sync_ioctl __P((caddr_t, ioctlcmd_t, int, int, void *));
+extern	synclist_t *ipfsync_new __P((int, fr_info_t *, void *));
+extern	void ipfsync_del __P((synclist_t *));
+extern	void ipfsync_update __P((int, fr_info_t *, synclist_t *));
+extern	int ipfsync_init __P((void));
+extern	int ipfsync_nat __P((synchdr_t *sp, void *data));
+extern	int ipfsync_state __P((synchdr_t *sp, void *data));
+extern	int ipfsync_read __P((struct uio *uio));
+extern	int ipfsync_write __P((struct uio *uio));
+extern	int ipfsync_canread __P((void));
+extern	int ipfsync_canwrite __P((void));
+
+#endif /* IP_SYNC */