From dcdb23291fec1365e927195511d5dfb273901a5d Mon Sep 17 00:00:00 2001 From: bz Date: Fri, 17 Feb 2012 02:39:58 +0000 Subject: Merge multi-FIB IPv6 support from projects/multi-fibv6/head/: Extend the so far IPv4-only support for multiple routing tables (FIBs) introduced in r178888 to IPv6 providing feature parity. This includes an extended rtalloc(9) KPI for IPv6, the necessary adjustments to the network stack, and user land support as in netstat. Sponsored by: Cisco Systems, Inc. Reviewed by: melifaro (basically) MFC after: 10 days --- contrib/netcat/netcat.c | 13 +++++++++---- contrib/pf/pfctl/parse.y | 32 ++++++++++++++++++++++++++++---- 2 files changed, 37 insertions(+), 8 deletions(-) (limited to 'contrib') diff --git a/contrib/netcat/netcat.c b/contrib/netcat/netcat.c index 9b9017d..bee0fa6 100644 --- a/contrib/netcat/netcat.c +++ b/contrib/netcat/netcat.c @@ -605,8 +605,10 @@ remote_connect(const char *host, const char *port, struct addrinfo hints) #endif if (rtableid) { - if (setfib(rtableid) == -1) - err(1, "setfib"); + if (setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid, + sizeof(rtableid)) == -1) + err(1, "setsockopt(.., SO_SETFIB, %u, ..)", + rtableid); } /* Bind to a local port or source address if specified. */ @@ -678,8 +680,11 @@ local_listen(char *host, char *port, struct addrinfo hints) continue; if (rtableid) { - if (setfib(rtableid) == -1) - err(1, "setfib"); + ret = setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid, + sizeof(rtableid)); + if (ret == -1) + err(1, "setsockopt(.., SO_SETFIB, %u, ..)", + rtableid); } ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); diff --git a/contrib/pf/pfctl/parse.y b/contrib/pf/pfctl/parse.y index 440692e..f798cac 100644 --- a/contrib/pf/pfctl/parse.y +++ b/contrib/pf/pfctl/parse.y @@ -33,6 +33,9 @@ __FBSDID("$FreeBSD$"); #include #include #include +#ifdef __FreeBSD__ +#include +#endif #include #include #include @@ -335,6 +338,7 @@ int expand_skip_interface(struct node_if *); int check_rulestate(int); int getservice(char *); int rule_label(struct pf_rule *, char *); +int rt_tableid_max(void); void mv_rules(struct pf_ruleset *, struct pf_ruleset *); void decide_address_family(struct node_host *, sa_family_t *); @@ -1174,7 +1178,7 @@ scrub_opt : NODF { scrub_opts.randomid = 1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -1322,7 +1326,7 @@ antispoof_opt : label { antispoof_opts.label = $1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -2361,7 +2365,7 @@ filter_opt : USER uids { filter_opts.prob = 1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -4190,7 +4194,7 @@ tagged : /* empty */ { $$.neg = 0; $$.name = NULL; } rtable : /* empty */ { $$ = -1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -6051,3 +6055,23 @@ pfctl_load_anchors(int dev, struct pfctl *pf, struct pfr_buffer *trans) return (0); } + +int +rt_tableid_max(void) +{ +#ifdef __FreeBSD__ + int fibs; + size_t l = sizeof(fibs); + + if (sysctlbyname("net.fibs", &fibs, &l, NULL, 0) == -1) + fibs = 16; /* XXX RT_MAXFIBS, at least limit it some. */ + /* + * As the OpenBSD code only compares > and not >= we need to adjust + * here given we only accept values of 0..n and want to avoid #ifdefs + * in the grammer. + */ + return (fibs - 1); +#else + return (RT_TABLEID_MAX); +#endif +} -- cgit v1.1