Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys normali{s,z}e
details: https://anonhg.NetBSD.org/src/rev/4adc0a297392
branches: trunk
changeset: 785412:4adc0a297392
user: christos <christos%NetBSD.org@localhost>
date: Tue Mar 12 20:47:48 2013 +0000
description:
normali{s,z}e
diffstat:
sys/modules/Makefile | 4 +-
sys/modules/npf_ext_normalise/Makefile | 11 -
sys/modules/npf_ext_normalize/Makefile | 11 +
sys/net/npf/files.npf | 4 +-
sys/net/npf/npf_ext_normalise.c | 219 ---------------------------------
sys/net/npf/npf_ext_normalize.c | 219 +++++++++++++++++++++++++++++++++
6 files changed, 234 insertions(+), 234 deletions(-)
diffs (truncated from 512 to 300 lines):
diff -r 00f0c710c981 -r 4adc0a297392 sys/modules/Makefile
--- a/sys/modules/Makefile Tue Mar 12 20:22:00 2013 +0000
+++ b/sys/modules/Makefile Tue Mar 12 20:47:48 2013 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.118 2013/03/10 20:54:14 christos Exp $
+# $NetBSD: Makefile,v 1.119 2013/03/12 20:49:22 christos Exp $
.include <bsd.own.mk>
@@ -50,7 +50,7 @@
SUBDIR+= npf
SUBDIR+= npf_alg_icmp
SUBDIR+= npf_ext_log
-SUBDIR+= npf_ext_normalise
+SUBDIR+= npf_ext_normalize
SUBDIR+= npf_ext_rndblock
SUBDIR+= ntfs
SUBDIR+= null
diff -r 00f0c710c981 -r 4adc0a297392 sys/modules/npf_ext_normalise/Makefile
--- a/sys/modules/npf_ext_normalise/Makefile Tue Mar 12 20:22:00 2013 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,11 +0,0 @@
-# $NetBSD: Makefile,v 1.1 2012/09/16 13:47:43 rmind Exp $
-
-.include "../Makefile.inc"
-
-.PATH: ${S}/net/npf
-
-KMOD= npf_ext_normalise
-
-SRCS= npf_ext_normalise.c
-
-.include <bsd.kmodule.mk>
diff -r 00f0c710c981 -r 4adc0a297392 sys/modules/npf_ext_normalize/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sys/modules/npf_ext_normalize/Makefile Tue Mar 12 20:47:48 2013 +0000
@@ -0,0 +1,11 @@
+# $NetBSD: Makefile,v 1.1 2013/03/12 20:49:22 christos Exp $
+
+.include "../Makefile.inc"
+
+.PATH: ${S}/net/npf
+
+KMOD= npf_ext_normalize
+
+SRCS= npf_ext_normalize.c
+
+.include <bsd.kmodule.mk>
diff -r 00f0c710c981 -r 4adc0a297392 sys/net/npf/files.npf
--- a/sys/net/npf/files.npf Tue Mar 12 20:22:00 2013 +0000
+++ b/sys/net/npf/files.npf Tue Mar 12 20:47:48 2013 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: files.npf,v 1.11 2013/03/10 20:51:44 christos Exp $
+# $NetBSD: files.npf,v 1.12 2013/03/12 20:47:48 christos Exp $
#
# Public Domain.
#
@@ -31,7 +31,7 @@
# Built-in extensions.
file net/npf/npf_ext_log.c npf
-file net/npf/npf_ext_normalise.c npf
+file net/npf/npf_ext_normalize.c npf
file net/npf/npf_ext_rndblock.c npf
# ALGs
diff -r 00f0c710c981 -r 4adc0a297392 sys/net/npf/npf_ext_normalise.c
--- a/sys/net/npf/npf_ext_normalise.c Tue Mar 12 20:22:00 2013 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,219 +0,0 @@
-/* $NetBSD: npf_ext_normalise.c,v 1.4 2013/03/11 17:03:55 christos Exp $ */
-
-/*-
- * Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_ext_normalise.c,v 1.4 2013/03/11 17:03:55 christos Exp $");
-
-#include <sys/types.h>
-#include <sys/module.h>
-#include <sys/kmem.h>
-
-#include <net/if.h>
-#include <netinet/in_systm.h>
-#include <netinet/in.h>
-#include <netinet/in_var.h>
-
-#include "npf.h"
-#include "npf_impl.h"
-
-/*
- * NPF extension module definition and the identifier.
- */
-NPF_EXT_MODULE(npf_ext_normalise, "");
-
-#define NPFEXT_NORMALISE_VER 1
-
-static void * npf_ext_normalise_id;
-
-/*
- * Normalisation parameters.
- */
-typedef struct {
- u_int n_minttl;
- u_int n_maxmss;
- bool n_random_id;
- bool n_no_df;
-} npf_normalise_t;
-
-/*
- * npf_normalise_ctor: a constructor for the normalisation rule procedure
- * with the given parameters.
- */
-static int
-npf_normalise_ctor(npf_rproc_t *rp, prop_dictionary_t params)
-{
- npf_normalise_t *np;
-
- /* Create a structure for normalisation parameters. */
- np = kmem_zalloc(sizeof(npf_normalise_t), KM_SLEEP);
-
- /* IP ID randomisation and IP_DF flag cleansing. */
- prop_dictionary_get_bool(params, "random-id", &np->n_random_id);
- prop_dictionary_get_bool(params, "no-df", &np->n_no_df);
-
- /* Minimum IP TTL and maximum TCP MSS. */
- prop_dictionary_get_uint32(params, "min-ttl", &np->n_minttl);
- prop_dictionary_get_uint32(params, "max-mss", &np->n_maxmss);
-
- /* Assign the parameters for this rule procedure. */
- npf_rproc_assign(rp, np);
- return 0;
-}
-
-/*
- * npf_normalise_dtor: a destructor for a normalisation rule procedure.
- */
-static void
-npf_normalise_dtor(npf_rproc_t *rp, void *params)
-{
- /* Free our meta-data, associated with the procedure. */
- kmem_free(params, sizeof(npf_normalise_t));
-}
-
-/*
- * npf_normalise_ip4: routine to normalise IPv4 header (randomise ID,
- * clear "don't fragment" and/or enforce minimum TTL).
- */
-static inline void
-npf_normalise_ip4(npf_cache_t *npc, npf_normalise_t *np)
-{
- struct ip *ip = npc->npc_ip.v4;
- uint16_t cksum = ip->ip_sum;
- uint16_t ip_off = ip->ip_off;
- uint8_t ttl = ip->ip_ttl;
- u_int minttl = np->n_minttl;
-
- KASSERT(np->n_random_id || np->n_no_df || minttl);
-
- /* Randomise IPv4 ID. */
- if (np->n_random_id) {
- uint16_t oid = ip->ip_id, nid;
-
- nid = htons(ip_randomid(ip_ids, 0));
- cksum = npf_fixup16_cksum(cksum, oid, nid);
- ip->ip_id = nid;
- }
-
- /* IP_DF flag cleansing. */
- if (np->n_no_df && (ip_off & htons(IP_DF)) != 0) {
- uint16_t nip_off = ip_off & ~htons(IP_DF);
-
- cksum = npf_fixup16_cksum(cksum, ip_off, nip_off);
- ip->ip_off = nip_off;
- }
-
- /* Enforce minimum TTL. */
- if (minttl && ttl < minttl) {
- cksum = npf_fixup16_cksum(cksum, ttl, minttl);
- ip->ip_ttl = minttl;
- }
-
- /* Update IPv4 checksum. */
- ip->ip_sum = cksum;
-}
-
-/*
- * npf_normalise: the main routine to normalise IPv4 and/or TCP headers.
- */
-static void
-npf_normalise(npf_cache_t *npc, nbuf_t *nbuf, void *params, int *decision)
-{
- npf_normalise_t *np = params;
- struct tcphdr *th = npc->npc_l4.tcp;
- uint16_t cksum, mss, maxmss = np->n_maxmss;
- int wscale;
-
- /* Skip, if already blocking. */
- if (*decision == NPF_DECISION_BLOCK) {
- return;
- }
-
- /* Normalise IPv4. Nothing to do for IPv6. */
- if (npf_iscached(npc, NPC_IP4) && (np->n_random_id || np->n_minttl)) {
- npf_normalise_ip4(npc, np);
- }
-
- /*
- * TCP Maximum Segment Size (MSS) "clamping". Only if SYN packet.
- * Fetch MSS and check whether rewrite to lower is needed.
- */
- if (maxmss == 0 || !npf_iscached(npc, NPC_TCP) ||
- (th->th_flags & TH_SYN) == 0) {
- /* Not required; done. */
- return;
- }
- mss = 0;
- if (!npf_fetch_tcpopts(npc, nbuf, &mss, &wscale)) {
- return;
- }
- if (ntohs(mss) <= maxmss) {
- /* Nothing else to do. */
- return;
- }
- maxmss = htons(maxmss);
-
- /* Store new MSS, calculate TCP checksum and update it. */
- if (npf_fetch_tcpopts(npc, nbuf, &maxmss, &wscale)) {
- cksum = npf_fixup16_cksum(th->th_sum, mss, maxmss);
- th->th_sum = cksum;
- }
-}
-
-static int
-npf_ext_normalise_modcmd(modcmd_t cmd, void *arg)
-{
- static const npf_ext_ops_t npf_normalise_ops = {
- .version = NPFEXT_NORMALISE_VER,
- .ctx = NULL,
- .ctor = npf_normalise_ctor,
- .dtor = npf_normalise_dtor,
- .proc = npf_normalise
- };
-
- switch (cmd) {
- case MODULE_CMD_INIT:
- /*
- * Initialise normalisation module. Register the "normalise"
- * extension and its calls.
- */
- npf_ext_normalise_id =
- npf_ext_register("normalise", &npf_normalise_ops);
- return npf_ext_normalise_id ? 0 : EEXIST;
-
- case MODULE_CMD_FINI:
- /* Unregister the normalisation rule procedure. */
- return npf_ext_unregister(npf_ext_normalise_id);
-
- case MODULE_CMD_AUTOUNLOAD:
- return npf_autounload_p() ? 0 : EBUSY;
-
- default:
- return ENOTTY;
- }
- return 0;
-}
diff -r 00f0c710c981 -r 4adc0a297392 sys/net/npf/npf_ext_normalize.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sys/net/npf/npf_ext_normalize.c Tue Mar 12 20:47:48 2013 +0000
@@ -0,0 +1,219 @@
+/* $NetBSD: npf_ext_normalize.c,v 1.1 2013/03/12 20:47:48 christos Exp $ */
+
+/*-
+ * Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
Home |
Main Index |
Thread Index |
Old Index