f677a9f8634bcce3f75894a81465e8dd6b6bc90f
2 * Copyright 1999 Guido van Rooij. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright notice,
11 * this list of conditions and the following disclaimer in the documentation
12 * and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER ``AS IS'' AND ANY EXPRESS
15 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
17 * DISCLAIMED. IN NO EVENT SHALL THE HOLDER OR CONTRIBUTORS BE LIABLE FOR
18 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
21 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * $FreeBSD: src/sys/contrib/ipfilter/netinet/mlfk_ipl.c,v 1.9.2.2 2002/04/27 17:37:12 darrenr Exp $
27 * $DragonFly: src/sys/contrib/ipfilter/netinet/mlfk_ipl.c,v 1.8 2006/07/28 02:17:35 dillon Exp $
31 #include <sys/param.h>
32 #include <sys/systm.h>
33 #include <sys/kernel.h>
34 #include <sys/module.h>
36 #include <sys/socket.h>
37 #include <sys/sysctl.h>
39 #include <netinet/in_systm.h>
40 #include <netinet/in.h>
41 #include <netinet/ip.h>
42 #if defined(__DragonFly__) || (__FreeBSD_version >= 199511)
43 # include <net/route.h>
44 # include <netinet/ip_var.h>
45 # include <netinet/tcp.h>
46 # include <netinet/tcpip.h>
51 #include "ip_compat.h"
59 SYSCTL_DECL(_net_inet
);
60 SYSCTL_NODE(_net_inet
, OID_AUTO
, ipf
, CTLFLAG_RW
, 0, "IPF");
61 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_flags
, CTLFLAG_RW
, &fr_flags
, 0, "");
62 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_pass
, CTLFLAG_RW
, &fr_pass
, 0, "");
63 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_active
, CTLFLAG_RD
, &fr_active
, 0, "");
64 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_tcpidletimeout
, CTLFLAG_RW
,
65 &fr_tcpidletimeout
, 0, "");
66 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_tcpclosewait
, CTLFLAG_RW
,
67 &fr_tcpclosewait
, 0, "");
68 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_tcplastack
, CTLFLAG_RW
,
69 &fr_tcplastack
, 0, "");
70 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_tcptimeout
, CTLFLAG_RW
,
71 &fr_tcptimeout
, 0, "");
72 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_tcpclosed
, CTLFLAG_RW
,
73 &fr_tcpclosed
, 0, "");
74 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_tcphalfclosed
, CTLFLAG_RW
,
75 &fr_tcphalfclosed
, 0, "");
76 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_udptimeout
, CTLFLAG_RW
,
77 &fr_udptimeout
, 0, "");
78 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_udpacktimeout
, CTLFLAG_RW
,
79 &fr_udpacktimeout
, 0, "");
80 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_icmptimeout
, CTLFLAG_RW
,
81 &fr_icmptimeout
, 0, "");
82 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_icmpacktimeout
, CTLFLAG_RW
,
83 &fr_icmpacktimeout
, 0, "");
84 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_defnatage
, CTLFLAG_RW
,
85 &fr_defnatage
, 0, "");
86 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_ipfrttl
, CTLFLAG_RW
,
88 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, ipl_unreach
, CTLFLAG_RW
,
90 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_running
, CTLFLAG_RD
,
92 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_authsize
, CTLFLAG_RD
,
94 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_authused
, CTLFLAG_RD
,
96 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_defaultauthage
, CTLFLAG_RW
,
97 &fr_defaultauthage
, 0, "");
98 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_chksrc
, CTLFLAG_RW
, &fr_chksrc
, 0, "");
99 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, ippr_ftp_pasvonly
, CTLFLAG_RW
,
100 &ippr_ftp_pasvonly
, 0, "");
101 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_minttl
, CTLFLAG_RW
, &fr_minttl
, 0, "");
102 SYSCTL_INT(_net_inet_ipf
, OID_AUTO
, fr_minttllog
, CTLFLAG_RW
,
103 &fr_minttllog
, 0, "");
105 #define CDEV_MAJOR 79
106 static struct dev_ops ipl_ops
= {
107 { "ipl", CDEV_MAJOR
, 0 },
115 ipfilter_modevent(module_t mod
, int type
, void *unused
)
126 dev_ops_add(&ipl_ops
, 0, 0);
129 for(i
=strlen(IPL_NAME
); i
>0; i
--)
130 if (IPL_NAME
[i
] == '/') {
136 make_dev(&ipl_ops
, IPL_LOGIPF
, 0, 0, 0600, c
);
139 for(i
=strlen(IPL_NAT
); i
>0; i
--)
140 if (IPL_NAT
[i
] == '/') {
146 make_dev(&ipl_ops
, IPL_LOGNAT
, 0, 0, 0600, c
);
149 for(i
=strlen(IPL_STATE
); i
>0; i
--)
150 if (IPL_STATE
[i
] == '/') {
156 make_dev(&ipl_ops
, IPL_LOGSTATE
, 0, 0, 0600, c
);
159 for(i
=strlen(IPL_AUTH
); i
>0; i
--)
160 if (IPL_AUTH
[i
] == '/') {
166 make_dev(&ipl_ops
, IPL_LOGAUTH
, 0, 0, 0600, c
);
170 dev_ops_remove(&ipl_ops
, 0, 0);
180 static moduledata_t ipfiltermod
= {
185 DECLARE_MODULE(ipfilter
, ipfiltermod
, SI_SUB_PROTO_DOMAIN
, SI_ORDER_ANY
);