diff options
| -rw-r--r-- | sbin/ipfw/Makefile | 2 | ||||
| -rw-r--r-- | sbin/ipfw/altq.c | 150 | ||||
| -rw-r--r-- | sbin/ipfw/dummynet.c | 8 | ||||
| -rw-r--r-- | sbin/ipfw/ipfw2.c | 120 | ||||
| -rw-r--r-- | sbin/ipfw/ipfw2.h | 7 | ||||
| -rw-r--r-- | sbin/ipfw/nat.c | 2 |
6 files changed, 167 insertions, 122 deletions
diff --git a/sbin/ipfw/Makefile b/sbin/ipfw/Makefile index fdf3b80e91ef..3205c6626a44 100644 --- a/sbin/ipfw/Makefile +++ b/sbin/ipfw/Makefile @@ -1,7 +1,7 @@ # $FreeBSD$ PROG= ipfw -SRCS= ipfw2.c dummynet.c ipv6.c main.c nat.c +SRCS= ipfw2.c dummynet.c ipv6.c main.c nat.c altq.c WARNS?= 2 MAN= ipfw.8 diff --git a/sbin/ipfw/altq.c b/sbin/ipfw/altq.c new file mode 100644 index 000000000000..088b80eee29d --- /dev/null +++ b/sbin/ipfw/altq.c @@ -0,0 +1,150 @@ +/* + * Copyright (c) 2002-2003 Luigi Rizzo + * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp + * Copyright (c) 1994 Ugen J.S.Antsilevich + * + * Idea and grammar partially left from: + * Copyright (c) 1993 Daniel Boulet + * + * Redistribution and use in source forms, with and without modification, + * are permitted provided that this entire comment appears intact. + * + * Redistribution in binary form may occur without any restrictions. + * Obviously, it would be nice if you gave credit where credit is due + * but requiring it would be too onerous. + * + * This software is provided ``AS IS'' without any warranties of any kind. + * + * NEW command line interface for IP firewall facility + * + * $FreeBSD$ + * + * altq interface + */ + +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/sockio.h> + +#include "ipfw2.h" + +#include <err.h> +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sysexits.h> +#include <unistd.h> +#include <fcntl.h> + +#include <net/if.h> /* IFNAMSIZ */ +#include <net/pfvar.h> +#include <netinet/ip_fw.h> + +/* + * Map between current altq queue id numbers and names. + */ +static TAILQ_HEAD(, pf_altq) altq_entries = + TAILQ_HEAD_INITIALIZER(altq_entries); + +void +altq_set_enabled(int enabled) +{ + int pffd; + + pffd = open("/dev/pf", O_RDWR); + if (pffd == -1) + err(EX_UNAVAILABLE, + "altq support opening pf(4) control device"); + if (enabled) { + if (ioctl(pffd, DIOCSTARTALTQ) != 0 && errno != EEXIST) + err(EX_UNAVAILABLE, "enabling altq"); + } else { + if (ioctl(pffd, DIOCSTOPALTQ) != 0 && errno != ENOENT) + err(EX_UNAVAILABLE, "disabling altq"); + } + close(pffd); +} + +static void +altq_fetch(void) +{ + struct pfioc_altq pfioc; + struct pf_altq *altq; + int pffd; + unsigned int mnr; + static int altq_fetched = 0; + + if (altq_fetched) + return; + altq_fetched = 1; + pffd = open("/dev/pf", O_RDONLY); + if (pffd == -1) { + warn("altq support opening pf(4) control device"); + return; + } + bzero(&pfioc, sizeof(pfioc)); + if (ioctl(pffd, DIOCGETALTQS, &pfioc) != 0) { + warn("altq support getting queue list"); + close(pffd); + return; + } + mnr = pfioc.nr; + for (pfioc.nr = 0; pfioc.nr < mnr; pfioc.nr++) { + if (ioctl(pffd, DIOCGETALTQ, &pfioc) != 0) { + if (errno == EBUSY) + break; + warn("altq support getting queue list"); + close(pffd); + return; + } + if (pfioc.altq.qid == 0) + continue; + altq = safe_calloc(1, sizeof(*altq)); + *altq = pfioc.altq; + TAILQ_INSERT_TAIL(&altq_entries, altq, entries); + } + close(pffd); +} + +u_int32_t +altq_name_to_qid(const char *name) +{ + struct pf_altq *altq; + + altq_fetch(); + TAILQ_FOREACH(altq, &altq_entries, entries) + if (strcmp(name, altq->qname) == 0) + break; + if (altq == NULL) + errx(EX_DATAERR, "altq has no queue named `%s'", name); + return altq->qid; +} + +const char * +altq_qid_to_name(u_int32_t qid) +{ + struct pf_altq *altq; + + altq_fetch(); + TAILQ_FOREACH(altq, &altq_entries, entries) + if (qid == altq->qid) + break; + if (altq == NULL) + return NULL; + return altq->qname; +} + +void +print_altq_cmd(ipfw_insn_altq *altqptr) +{ + if (altqptr) { + const char *qname; + + qname = altq_qid_to_name(altqptr->qid); + if (qname == NULL) + printf(" altq ?<%u>", altqptr->qid); + else + printf(" altq %s", qname); + } +} diff --git a/sbin/ipfw/dummynet.c b/sbin/ipfw/dummynet.c index 7cf08675fb30..4efc35ca950c 100644 --- a/sbin/ipfw/dummynet.c +++ b/sbin/ipfw/dummynet.c @@ -24,7 +24,8 @@ #include <sys/types.h> #include <sys/socket.h> -#include <sys/sockio.h> +#include <sys/queue.h> +/* XXX there are several sysctl leftover here */ #include <sys/sysctl.h> #include "ipfw2.h" @@ -38,12 +39,11 @@ #include <sysexits.h> #include <net/if.h> +#include <net/if.h> #include <netinet/in.h> -#include <netinet/in_systm.h> -#include <netinet/ip.h> #include <netinet/ip_fw.h> #include <netinet/ip_dummynet.h> -#include <arpa/inet.h> +#include <arpa/inet.h> /* inet_ntoa */ static struct _s_x dummynet_params[] = { { "plr", TOK_PLR }, diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c index 056b01b9d6ca..0a2790bd5c17 100644 --- a/sbin/ipfw/ipfw2.c +++ b/sbin/ipfw/ipfw2.c @@ -37,19 +37,15 @@ #include <stdlib.h> #include <string.h> #include <sysexits.h> +#include <time.h> /* ctime */ #include <timeconv.h> /* _long_to_time */ #include <unistd.h> #include <fcntl.h> -#define IPFW_INTERNAL /* Access to protected structures in ip_fw.h. */ - #include <net/ethernet.h> -#include <net/if.h> -#include <net/if_dl.h> -#include <net/pfvar.h> -#include <net/route.h> /* def. of struct route */ +#include <net/if.h> /* only IFNAMSIZ */ #include <netinet/in.h> -#include <netinet/in_systm.h> +#include <netinet/in_systm.h> /* only n_short, n_long */ #include <netinet/ip.h> #include <netinet/ip_icmp.h> #include <netinet/ip_fw.h> @@ -586,106 +582,6 @@ strtoport(char *s, char **end, int base, int proto) } /* - * Map between current altq queue id numbers and names. - */ -static int altq_fetched = 0; -static TAILQ_HEAD(, pf_altq) altq_entries = - TAILQ_HEAD_INITIALIZER(altq_entries); - -static void -altq_set_enabled(int enabled) -{ - int pffd; - - pffd = open("/dev/pf", O_RDWR); - if (pffd == -1) - err(EX_UNAVAILABLE, - "altq support opening pf(4) control device"); - if (enabled) { - if (ioctl(pffd, DIOCSTARTALTQ) != 0 && errno != EEXIST) - err(EX_UNAVAILABLE, "enabling altq"); - } else { - if (ioctl(pffd, DIOCSTOPALTQ) != 0 && errno != ENOENT) - err(EX_UNAVAILABLE, "disabling altq"); - } - close(pffd); -} - -static void -altq_fetch(void) -{ - struct pfioc_altq pfioc; - struct pf_altq *altq; - int pffd; - unsigned int mnr; - - if (altq_fetched) - return; - altq_fetched = 1; - pffd = open("/dev/pf", O_RDONLY); - if (pffd == -1) { - warn("altq support opening pf(4) control device"); - return; - } - bzero(&pfioc, sizeof(pfioc)); - if (ioctl(pffd, DIOCGETALTQS, &pfioc) != 0) { - warn("altq support getting queue list"); - close(pffd); - return; - } - mnr = pfioc.nr; - for (pfioc.nr = 0; pfioc.nr < mnr; pfioc.nr++) { - if (ioctl(pffd, DIOCGETALTQ, &pfioc) != 0) { - if (errno == EBUSY) - break; - warn("altq support getting queue list"); - close(pffd); - return; - } - if (pfioc.altq.qid == 0) - continue; - altq = safe_calloc(1, sizeof(*altq)); - *altq = pfioc.altq; - TAILQ_INSERT_TAIL(&altq_entries, altq, entries); - } - close(pffd); -} - -static u_int32_t -altq_name_to_qid(const char *name) -{ - struct pf_altq *altq; - - altq_fetch(); - TAILQ_FOREACH(altq, &altq_entries, entries) - if (strcmp(name, altq->qname) == 0) - break; - if (altq == NULL) - errx(EX_DATAERR, "altq has no queue named `%s'", name); - return altq->qid; -} - -static const char * -altq_qid_to_name(u_int32_t qid) -{ - struct pf_altq *altq; - - altq_fetch(); - TAILQ_FOREACH(altq, &altq_entries, entries) - if (qid == altq->qid) - break; - if (altq == NULL) - return NULL; - return altq->qname; -} - -static void -fill_altq_qid(u_int32_t *qid, const char *av) -{ - *qid = altq_name_to_qid(av); -} - -/* * Fill the body of the command with the list of port ranges. */ static int @@ -1206,13 +1102,7 @@ show_ipfw(struct ip_fw *rule, int pcwidth, int bcwidth) printf(" log"); } if (altqptr) { - const char *qname; - - qname = altq_qid_to_name(altqptr->qid); - if (qname == NULL) - printf(" altq ?<%u>", altqptr->qid); - else - printf(" altq %s", qname); + print_altq_cmd(altqptr); } if (tagptr) { if (tagptr->len & F_NOT) @@ -2945,7 +2835,7 @@ chkarg: have_altq = (ipfw_insn *)a; cmd->len = F_INSN_SIZE(ipfw_insn_altq); cmd->opcode = O_ALTQ; - fill_altq_qid(&a->qid, *av); + a->qid = altq_name_to_qid(*av); ac--; av++; } break; diff --git a/sbin/ipfw/ipfw2.h b/sbin/ipfw/ipfw2.h index 94b21a15c3d2..442e7b6db4cf 100644 --- a/sbin/ipfw/ipfw2.h +++ b/sbin/ipfw/ipfw2.h @@ -219,6 +219,7 @@ int contigmask(uint8_t *p, int len); * functions involved, so we do not lose error checking. */ struct _ipfw_insn; +struct _ipfw_insn_altq; struct _ipfw_insn_u32; struct _ipfw_insn_ip6; struct _ipfw_insn_icmp6; @@ -243,6 +244,12 @@ void ipfw_flush(int force); void ipfw_zero(int ac, char *av[], int optname); void ipfw_list(int ac, char *av[], int show_counters); +/* altq.c */ +void altq_set_enabled(int enabled); +u_int32_t altq_name_to_qid(const char *name); + +void print_altq_cmd(struct _ipfw_insn_altq *altqptr); + /* dummynet.c */ void ipfw_list_pipes(void *data, uint nbytes, int ac, char *av[]); int ipfw_delete_pipe(int pipe_or_queue, int n); diff --git a/sbin/ipfw/nat.c b/sbin/ipfw/nat.c index 7c2453b66fed..da8896c157c7 100644 --- a/sbin/ipfw/nat.c +++ b/sbin/ipfw/nat.c @@ -24,7 +24,6 @@ #include <sys/types.h> #include <sys/socket.h> -#include <sys/sockio.h> #include <sys/sysctl.h> #include "ipfw2.h" @@ -43,7 +42,6 @@ #include <net/if_dl.h> #include <net/route.h> /* def. of struct route */ #include <netinet/in.h> -#include <netinet/in_systm.h> #include <netinet/ip_fw.h> #include <arpa/inet.h> #include <alias.h> |