2 * Copyright (C) 1993-2001, 2003 by Darren Reed.
4 * See the IPFILTER.LICENCE file for details on licencing.
6 * @(#)ip_compat.h 1.8 1/14/96
7 * $Id: ip_compat.h,v 2.142.2.30 2005/08/11 15:13:49 darrenr Exp $
9 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
10 * Use is subject to license terms.
13 #ifndef __IP_COMPAT_H__
14 #define __IP_COMPAT_H__
28 #if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__)
40 #if (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
50 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \
51 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6)
54 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105000000) && \
55 !defined(_KERNEL) && !defined(USE_INET6)
57 # define IPFILTER_M_IPFILTER
59 #if defined(OpenBSD) && (OpenBSD >= 200206) && \
60 !defined(_KERNEL) && !defined(USE_INET6)
66 #if defined(linux) && (!defined(_KERNEL) || defined(CONFIG_IPV6))
69 #if defined(HPUXREV) && (HPUXREV >= 1111)
73 #if defined(BSD) && (BSD < 199103) && defined(__osf__)
78 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
80 # if !defined(_KERNEL)
81 # define bzero(a,b) memset(a,0,b)
83 # define bcopy(a,b,c) memmove(b,a,c)
89 # define LIFNAMSIZ IF_NAMESIZE
92 # define LIFNAMSIZ IFNAMSIZ
99 #if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux)
101 u_char ether_addr_octet
[6];
105 #if defined(__sgi) && !defined(IPFILTER_LKM)
107 # define IPL_EXTERN(ep) ipfilter##ep
109 # define IPL_EXTERN(ep) ipfilter/**/ep
113 # define IPL_EXTERN(ep) ipl##ep
115 # define IPL_EXTERN(ep) ipl/**/ep
120 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD.
131 # include <sys/uio.h>
139 /* ----------------------------------------------------------------------- */
141 /* ----------------------------------------------------------------------- */
144 # include <sys/cmn_err.h>
145 # include <sys/isa_defs.h>
146 # include <sys/stream.h>
147 # include <sys/ioccom.h>
148 # include <sys/sysmacros.h>
149 # include <sys/kmem.h>
151 # include <sys/procset.h>
152 # include <sys/proc.h>
153 # include <sys/devops.h>
154 # include <sys/ddi_impldefs.h>
155 # include <sys/neti.h>
159 * inet/ip.h would end up including radix.h with _KERNEL, which is not
160 * what the tools intend, so include radix.h first.
163 # include <net/radix.h>
166 * because Solaris 2 defines these in two places :-/
172 # endif /* _KERNEL */
175 # include <netinet/ip6.h>
176 # include <netinet/icmp6.h>
179 # include <inet/common.h>
180 /* These 5 are defined in <inet/ip.h> and <netinet/ip.h> */
187 # define _SYS_PROMIF_H
192 # include <inet/ip.h>
194 # include <inet/ip_ire.h>
199 # define SNPRINTF snprintf
201 # include <inet/ip_if.h>
202 # define ipif_local_addr ipif_lcl_addr
203 /* Only defined in private include file */
204 # ifndef V4_PART_OF_V6
205 # define V4_PART_OF_V6(v6) v6.s6_addr32[3]
211 # endif /* SOLARIS2 >= 8 */
215 # define SOLARIS_PFHOOKS 1
217 typedef struct qpktinfo
{
218 /* data that changes per-packet */
219 void *qpi_ill
; /* COPIED */
221 void *qpi_data
; /* where layer 3 header starts */
223 int qpi_flags
; /* Uses FI_* flags */
226 extern void mb_copydata
__P((mblk_t
*, size_t , size_t, char *));
227 extern void mb_copyback
__P((mblk_t
*, size_t , size_t, char *));
231 # include <sys/atomic.h>
232 typedef uint32_t u_32_t
;
234 typedef unsigned int u_32_t
;
239 # define KRWLOCK_T krwlock_t
240 # define KMUTEX_T kmutex_t
242 # include <sys/sdt.h>
244 # define IPF_IS_LOOPBACK(f) ((f) & FI_NOCKSUM)
245 # endif /* SOLARIS2 >= 10 */
248 # define ATOMIC_INCL(x) atomic_inc_ulong((uint32_t *)&(x))
249 # define ATOMIC_DECL(x) atomic_dec_ulong((uint32_t *)&(x))
251 # define ATOMIC_INCL(x) atomic_inc_ulong(&(x))
252 # define ATOMIC_DECL(x) atomic_dec_ulong(&(x))
253 # endif /* SOLARIS2 == 6 */
254 # define ATOMIC_INC64(x) atomic_inc_64((uint64_t *)&(x))
255 # define ATOMIC_INC32(x) atomic_inc_32((uint32_t *)&(x))
256 # define ATOMIC_INC16(x) atomic_inc_16((uint16_t *)&(x))
257 # define ATOMIC_DEC64(x) atomic_dec_64((uint64_t *)&(x))
258 # define ATOMIC_DEC32(x) atomic_dec_32((uint32_t *)&(x))
259 # define ATOMIC_DEC16(x) atomic_dec_16((uint16_t *)&(x))
261 # define ATOMIC_INC(x) { mutex_enter(&ipf_rw); (x)++; \
262 mutex_exit(&ipf_rw); }
263 # define ATOMIC_DEC(x) { mutex_enter(&ipf_rw); (x)--; \
264 mutex_exit(&ipf_rw); }
265 # endif /* SOLARIS2 >= 6 */
267 # define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk)
268 # define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER)
269 # define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER)
270 # define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk)
271 # define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk, (y), \
273 # define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk)
274 # define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk)
275 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, (y), \
277 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
278 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
279 # define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk)
280 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
281 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
282 # define BCOPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
283 # define BCOPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
284 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
285 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
286 # define KFREES(x,s) kmem_free((char *)(x), (s))
287 # define SPL_NET(x) ;
288 # define SPL_IMP(x) ;
292 # define ntohs(x) (x)
293 # define ntohl(x) (x)
294 # define htons(x) (x)
295 # define htonl(x) (x)
297 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
298 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP)
299 # define GET_MINOR(x) getminor(x)
300 /*extern phy_if_t get_unit __P((char *, int, ipf_stack_t *));*/
301 # define GETIFP(n, v, ifs) (void *)get_unit(n, v, ifs)
302 # define IFNAME(x) ((ill_t *)x)->ill_name
303 # define COPYIFNAME(x, b, v) (void) net_getifname(((v) == 4) ? \
304 ifs->ifs_ipf_ipv4 : ifs->ifs_ipf_ipv6,\
305 (phy_if_t)(x), (b), sizeof(b))
306 # define GETKTIME(x) uniqtime((struct timeval *)x)
307 # define MSGDSIZE(x) msgdsize(x)
308 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr)
309 # define M_DUPLICATE(x) copymsg((x))
310 # define MTOD(m,t) ((t)((m)->b_rptr))
311 # define MTYPE(m) ((m)->b_datap->db_type)
312 # define FREE_MB_T(m) freemsg(m)
313 # define m_next b_cont
314 # define CACHE_HASH(x) (((phy_if_t)(x)->fin_ifp) & 7)
315 # define IPF_PANIC(x,y) if (x) { printf y; cmn_err(CE_PANIC, "ipf_panic"); }
317 # endif /* _KERNEL */
321 # define ALIGN32(ptr) (ptr ? 0L : 0L)
322 # define ALIGN16(ptr) (ptr ? 0L : 0L)
324 # define ALIGN32(ptr) (ptr)
325 # define ALIGN16(ptr) (ptr)
330 typedef struct uio uio_t
;
332 typedef int ioctlcmd_t
;
333 typedef uint8_t u_int8_t
;
335 # define OS_RECOGNISED 1
339 /* ----------------------------------------------------------------------- */
341 /* ----------------------------------------------------------------------- */
344 # include <sys/sysmacros.h>
345 # include <sys/spinlock.h>
346 # include <sys/lock.h>
347 # include <sys/stream.h>
349 # include <netinet/if_ether.h>
350 # include <netinet/ip6.h>
351 # include <netinet/icmp6.h>
352 typedef struct ip6_hdr ip6_t
;
356 # define SNPRINTF sprintf
357 # if (HPUXREV >= 1111)
360 # include <machine/sys/user.h>
361 # include <sys/kthread_iface.h>
362 # define READ_COLLISION 0x01
364 typedef struct iplog_select_s
{
365 kthread_t
*read_waiter
;
371 # define GETKTIME(x) uniqtime((struct timeval *)x)
374 # include "kern_svcs.h"
376 # include <sys/kern_svcs.h>
381 # include <sys/reg.h>
382 # include "../netinet/ip_info.h"
384 * According to /usr/include/sys/spinlock.h on HP-UX 11.00, these functions
385 * are available. Attempting to use them actually results in unresolved
386 * symbols when it comes time to load the module.
387 * This has been fixed! Yipee!
391 # define ATOMIC_INCL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
392 # define ATOMIC_DECL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
394 # define ATOMIC_INCL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
395 # define ATOMIC_DECL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
397 # define ATOMIC_INC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
398 # define ATOMIC_INC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
399 # define ATOMIC_INC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), 1)
400 # define ATOMIC_DEC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
401 # define ATOMIC_DEC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
402 # define ATOMIC_DEC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), -1)
404 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
405 MUTEX_EXIT(&ipf_rw); }
406 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
407 MUTEX_EXIT(&ipf_rw); }
408 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
409 MUTEX_EXIT(&ipf_rw); }
410 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
411 MUTEX_EXIT(&ipf_rw); }
412 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
413 MUTEX_EXIT(&ipf_rw); }
414 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
415 MUTEX_EXIT(&ipf_rw); }
416 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
417 MUTEX_EXIT(&ipf_rw); }
418 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
419 MUTEX_EXIT(&ipf_rw); }
421 # define ip_cksum ip_csuma
422 # define memcpy(a,b,c) bcopy((caddr_t)b, (caddr_t)a, c)
424 # define MUTEX_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, (y))
425 # define MUTEX_ENTER(x) spinlock(&(x)->ipf_lk)
426 # define MUTEX_EXIT(x) spinunlock(&(x)->ipf_lk);
427 # define MUTEX_DESTROY(x)
428 # define MUTEX_NUKE(x) bzero((char *)(x), sizeof(*(x)))
429 # define KMUTEX_T lock_t
430 # define kmutex_t lock_t /* for pfil.h */
431 # define krwlock_t lock_t /* for pfil.h */
433 * The read-write lock implementation in HP-UX 11.0 is crippled - it can
434 * only be used by threads working in a user context!
435 * This has been fixed! Yipee! (Or at least it does in 11.00, not 11.11..)
438 # define MUTEX_DOWNGRADE(x) lock_write_to_read(x)
439 # define KRWLOCK_T struct rw_lock
440 # define READ_ENTER(x) lock_read(&(x)->ipf_lk)
441 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk)
443 # define RWLOCK_INIT(x, y) rwlock_init4(&(x)->ipf_lk, 0, RWLCK_CANSLEEP, 0, y)
445 # define RWLOCK_INIT(x, y) lock_init3(&(x)->ipf_lk, 0, 1, 0, 0, y)
447 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk)
449 # define KRWLOCK_T lock_t
450 # define KMUTEX_T lock_t
451 # define READ_ENTER(x) MUTEX_ENTER(x)
452 # define WRITE_ENTER(x) MUTEX_ENTER(x)
453 # define MUTEX_DOWNGRADE(x)
454 # define RWLOCK_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, y)
455 # define RWLOCK_EXIT(x) MUTEX_EXIT(x)
457 # define RW_DESTROY(x)
458 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
459 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
461 # define BCOPYIN(a,b,c) 0; bcopy((caddr_t)(a), (caddr_t)(b), (c))
462 # define BCOPYOUT(a,b,c) 0; bcopy((caddr_t)(a), (caddr_t)(b), (c))
464 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
465 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
467 # define SPL_NET(x) ;
468 # define SPL_IMP(x) ;
471 /*extern void *get_unit __P((char *, int, ipf_stack_t *));*/
472 # define GETIFP(n, v, ifs) get_unit(n, v, ifs)
473 # define IFNAME(x, b) ((ill_t *)x)->ill_name
474 # define COPYIFNAME(x, b, v) \
475 strncpy(b, ((ifinfo_t *)x)->ifi_name, \
477 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
478 # define SLEEP(id, n) { lock_t *_l = get_sleep_lock((caddr_t)id); \
479 sleep(id, PZERO+1); \
482 # define WAKEUP(id,x) { lock_t *_l = get_sleep_lock((caddr_t)id); \
486 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_IOSYS, M_NOWAIT)
487 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_IOSYS, M_NOWAIT)
488 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
489 # define KFREES(x,s) kmem_free((char *)(x), (s))
490 # define MSGDSIZE(x) msgdsize(x)
491 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr)
492 # define M_DUPLICATE(x) dupmsg((x))
493 # define MTOD(m,t) ((t)((m)->b_rptr))
494 # define MTYPE(m) ((m)->b_datap->db_type)
495 # define FREE_MB_T(m) freemsg(m)
496 # define m_next b_cont
497 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
500 # define CACHE_HASH(x) (((phy_if_t)(x)->fin_ifp) & 7)
507 typedef unsigned char uchar_t
;
509 # ifndef _SYS_STREAM_INCLUDED
510 typedef char * mblk_t
;
511 typedef void * queue_t
;
512 typedef u_long ulong
;
514 # include <netinet/ip_info.h>
516 # endif /* _KERNEL */
519 # define ALIGN32(ptr) (ptr ? 0L : 0L)
520 # define ALIGN16(ptr) (ptr ? 0L : 0L)
522 # define ALIGN32(ptr) (ptr)
523 # define ALIGN16(ptr) (ptr)
526 typedef struct uio uio_t
;
527 typedef int ioctlcmd_t
;
529 typedef unsigned int u_32_t
;
532 # define OS_RECOGNISED 1
536 /* ----------------------------------------------------------------------- */
538 /* ----------------------------------------------------------------------- */
542 typedef struct uio uio_t
;
544 typedef int ioctlcmd_t
;
545 typedef u_int32_t u_32_t
;
553 # include <sys/ksynch.h>
554 # define IPF_LOCK_PL plhi
555 # include <sys/sema.h>
563 # define KMUTEX_T mutex_t
565 # define KMUTEX_T kmutex_t
566 # define KRWLOCK_T kmutex_t
570 # define NEED_LOCAL_RAND 1
571 # define ipf_random arc4random
572 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); \
573 (x)++; MUTEX_EXIT(&ipf_rw); }
574 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); \
575 (x)--; MUTEX_EXIT(&ipf_rw); }
578 # include <sys/atomic_ops.h>
579 # define ATOMIC_INCL(x) atomicAddUlong(&(x), 1)
580 # define ATOMIC_INC64(x) atomicAddUint64(&(x), 1)
581 # define ATOMIC_INC32(x) atomicAddUint(&(x), 1)
582 # define ATOMIC_INC16 ATOMIC_INC
583 # define ATOMIC_DECL(x) atomicAddUlong(&(x), -1)
584 # define ATOMIC_DEC64(x) atomicAddUint64(&(x), -1)
585 # define ATOMIC_DEC32(x) atomicAddUint(&(x), -1)
586 # define ATOMIC_DEC16 ATOMIC_DEC
588 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, \
591 # define MUTEX_ENTER(x) mutex_lock(&(x)->ipf_lk, 0)
593 # define MUTEX_EXIT(x) mutex_unlock(&(x)->ipf_lk)
594 # undef MUTEX_DESTROY
595 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
596 # define MUTEX_DOWNGRADE(x) mrdemote(&(x)->ipf_lk)
597 # define KRWLOCK_T mrlock_t
598 # define RWLOCK_INIT(x, y) mrinit(&(x)->ipf_lk, y)
600 # define RW_DESTROY(x) mrfree(&(x)->ipf_lk)
601 # define READ_ENTER(x) RW_RDLOCK(&(x)->ipf_lk)
602 # define WRITE_ENTER(x) RW_WRLOCK(&(x)->ipf_lk)
603 # define RWLOCK_EXIT(x) RW_UNLOCK(&(x)->ipf_lk)
605 # define READ_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk)
606 # define WRITE_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk)
607 # define MUTEX_DOWNGRADE(x) ;
608 # define RWLOCK_EXIT(x) MUTEX_EXIT(&(x)->ipf_lk)
609 # define MUTEX_EXIT(x) UNLOCK((x)->ipf_lk.l, (x)->ipf_lk.pl);
610 # define MUTEX_INIT(x,y) (x)->ipf_lk.l = LOCK_ALLOC((uchar_t)-1, IPF_LOCK_PL, (lkinfo_t *)-1, KM_NOSLEEP)
611 # define MUTEX_DESTROY(x) LOCK_DEALLOC((x)->ipf_lk.l)
612 # define MUTEX_ENTER(x) (x)->ipf_lk.pl = LOCK((x)->ipf_lk.l, \
615 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
616 # define FREE_MB_T(m) m_freem(m)
617 # define MTOD(m,t) mtod(m,t)
618 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
619 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
620 # define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
621 # define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
622 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
623 # define SLEEP(id, n) sleep((id), PZERO+1)
624 # define WAKEUP(id,x) wakeup(id+x)
625 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
626 # define KFREES(x,s) kmem_free((char *)(x), (s))
627 # define GETIFP(n,v, ifs) ifunit(n)
628 # include <sys/kmem.h>
629 # include <sys/ddi.h>
630 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
631 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP)
632 # define GET_MINOR(x) getminor(x)
634 # define SPL_IMP(x) (x) = splimp()
635 # define SPL_NET(x) (x) = splnet()
636 # define SPL_X(x) (void) splx(x)
637 extern void m_copydata
__P((struct mbuf
*, int, int, caddr_t
));
638 extern void m_copyback
__P((struct mbuf
*, int, int, caddr_t
));
639 # define MSGDSIZE(x) mbufchainlen(x)
640 # define M_LEN(x) (x)->m_len
641 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
642 # define GETKTIME(x) microtime((struct timeval *)x)
643 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
644 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
645 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
646 typedef struct mbuf mb_t
;
650 # undef MUTEX_DESTROY
651 # endif /* _KERNEL */
653 # define OS_RECOGNISED 1
657 /* ----------------------------------------------------------------------- */
659 /* ----------------------------------------------------------------------- */
663 # include <kern/lock.h>
664 # include <sys/sysmacros.h>
667 # define NEED_LOCAL_RAND 1
668 # define ipf_random arc4random
669 # define KMUTEX_T simple_lock_data_t
670 # define KRWLOCK_T lock_data_t
671 # include <net/net_globals.h>
673 # define READ_ENTER(x) lock_read(&(x)->ipf_lk)
674 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk)
675 # define MUTEX_DOWNGRADE(x) lock_write_to_read(&(x)->ipf_lk)
676 # define RWLOCK_INIT(x, y) lock_init(&(x)->ipf_lk, TRUE)
677 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk)
678 # define RW_DESTROY(x) lock_terminate(&(x)->ipf_lk)
679 # define MUTEX_ENTER(x) simple_lock(&(x)->ipf_lk)
680 # define MUTEX_INIT(x, y) simple_lock_init(&(x)->ipf_lk)
681 # define MUTEX_DESTROY(x) simple_lock_terminate(&(x)->ipf_lk)
682 # define MUTEX_EXIT(x) simple_unlock(&(x)->ipf_lk)
683 # define MUTEX_NUKE(x) bzero(x, sizeof(*(x)))
684 # define ATOMIC_INC64(x) atomic_incq((uint64_t*)&(x))
685 # define ATOMIC_DEC64(x) atomic_decq((uint64_t*)&(x))
686 # define ATOMIC_INC32(x) atomic_incl((uint32_t*)&(x))
687 # define ATOMIC_DEC32(x) atomic_decl((uint32_t*)&(x))
688 # define ATOMIC_INC16(x) { simple_lock(&ipf_rw); (x)++; \
689 simple_unlock(&ipf_rw); }
690 # define ATOMIC_DEC16(x) { simple_lock(&ipf_rw); (x)--; \
691 simple_unlock(&ipf_rw); }
692 # define ATOMIC_INCL(x) atomic_incl((uint32_t*)&(x))
693 # define ATOMIC_DECL(x) atomic_decl((uint32_t*)&(x))
694 # define ATOMIC_INC(x) { simple_lock(&ipf_rw); (x)++; \
695 simple_unlock(&ipf_rw); }
696 # define ATOMIC_DEC(x) { simple_lock(&ipf_rw); (x)--; \
697 simple_unlock(&ipf_rw); }
698 # define SPL_NET(x) ;
699 # define SPL_IMP(x) ;
702 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a, b, d)
703 # define FREE_MB_T(m) m_freem(m)
704 # define MTOD(m,t) mtod(m,t)
705 # define GETIFP(n, v, ifs) ifunit(n)
706 # define GET_MINOR getminor
707 # define WAKEUP(id,x) wakeup(id + x)
708 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
709 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
710 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
711 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
712 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_PFILT, M_NOWAIT)
713 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_PFILT, \
714 ((c) > 4096) ? M_WAITOK : M_NOWAIT)
715 # define KFREE(x) FREE((x), M_PFILT)
716 # define KFREES(x,s) FREE((x), M_PFILT)
717 # define MSGDSIZE(x) mbufchainlen(x)
718 # define M_LEN(x) (x)->m_len
719 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
720 # define GETKTIME(x) microtime((struct timeval *)x)
721 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
722 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
723 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
724 typedef struct mbuf mb_t
;
725 # endif /* _KERNEL */
727 # if (defined(_KERNEL) || defined(_NO_BITFIELDS) || (__STDC__ == 1))
728 # define IP_V(x) ((x)->ip_vhl >> 4)
729 # define IP_HL(x) ((x)->ip_vhl & 0xf)
730 # define IP_V_A(x,y) (x)->ip_vhl |= (((y) << 4) & 0xf0)
731 # define IP_HL_A(x,y) (x)->ip_vhl |= ((y) & 0xf)
732 # define TCP_X2(x) ((x)->th_xoff & 0xf)
733 # define TCP_X2_A(x,y) (x)->th_xoff |= ((y) & 0xf)
734 # define TCP_OFF(x) ((x)->th_xoff >> 4)
735 # define TCP_OFF_A(x,y) (x)->th_xoff |= (((y) << 4) & 0xf0)
739 * These are from's Solaris' #defines for little endian.
741 #define IP6F_MORE_FRAG 0x0100
742 #define IP6F_RESERVED_MASK 0x0600
743 #define IP6F_OFF_MASK 0xf8ff
750 typedef int ioctlcmd_t
;
752 * Really, any arch where sizeof(long) != sizeof(int).
754 typedef unsigned int u_32_t
;
757 # define OS_RECOGNISED 1
760 /* ----------------------------------------------------------------------- */
762 /* ----------------------------------------------------------------------- */
764 # if defined(_KERNEL) && !defined(IPFILTER_LKM)
765 # include "bpfilter.h"
766 # if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000)
767 # include "opt_inet.h"
772 # if (__NetBSD_Version__ >= 105000000)
773 # define HAVE_M_PULLDOWN 1
778 # define MSGDSIZE(x) mbufchainlen(x)
779 # define M_LEN(x) (x)->m_len
780 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
781 # define GETKTIME(x) microtime((struct timeval *)x)
782 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
783 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
784 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
785 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
786 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
787 typedef struct mbuf mb_t
;
788 # endif /* _KERNEL */
789 # if (NetBSD <= 1991011) && (NetBSD >= 199606)
790 # define IFNAME(x) ((struct ifnet *)x)->if_xname
791 # define COPYIFNAME(x, b, v) \
793 ((struct ifnet *)x)->if_xname, \
795 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7)
797 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
798 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
801 typedef struct uio uio_t
;
802 typedef u_long ioctlcmd_t
;
804 typedef u_int32_t u_32_t
;
807 # define OS_RECOGNISED 1
808 #endif /* __NetBSD__ */
811 /* ----------------------------------------------------------------------- */
813 /* ----------------------------------------------------------------------- */
815 # if defined(_KERNEL)
816 # if (__FreeBSD_version >= 500000)
817 # include "opt_bpf.h"
821 # if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000)
822 # include "opt_inet6.h"
824 # if defined(INET6) && !defined(USE_INET6)
829 # if defined(_KERNEL)
830 # if (__FreeBSD_version >= 400000)
832 * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy.
833 * There may be other, safe, kernels but this is not extensively tested yet.
835 # define HAVE_M_PULLDOWN
837 # if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000)
838 # include "opt_ipfilter.h"
840 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
841 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
842 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
843 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
845 # if (__FreeBSD_version >= 500043)
848 # endif /* _KERNEL */
850 # if (__FreeBSD_version >= 500043)
851 # include <sys/mutex.h>
854 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
855 * for what we want to use them for, despite testing showing they work -
856 * with a WITNESS kernel, it generates LOR messages.
858 # define KMUTEX_T struct mtx
860 # define KRWLOCK_T struct mtx
862 # define KRWLOCK_T struct sx
866 # if (__FreeBSD_version >= 501113)
867 # include <net/if_var.h>
868 # define IFNAME(x) ((struct ifnet *)x)->if_xname
869 # define COPYIFNAME(x, b) \
871 ((struct ifnet *)x)->if_xname, \
874 # if (__FreeBSD_version >= 500043)
875 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index) & 7)
877 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
878 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
882 # define GETKTIME(x) microtime((struct timeval *)x)
884 # if (__FreeBSD_version >= 500002)
885 # include <netinet/in_systm.h>
886 # include <netinet/ip.h>
887 # include <machine/in_cksum.h>
890 # if (__FreeBSD_version >= 500043)
892 # define MUTEX_ENTER(x) mtx_lock(&(x)->ipf_lk)
893 # define MUTEX_EXIT(x) mtx_unlock(&(x)->ipf_lk)
894 # define MUTEX_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\
896 # define MUTEX_DESTROY(x) mtx_destroy(&(x)->ipf_lk)
897 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
899 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
900 * for what we want to use them for, despite testing showing they work -
901 * with a WITNESS kernel, it generates LOR messages.
904 # define READ_ENTER(x) mtx_lock(&(x)->ipf_lk)
905 # define WRITE_ENTER(x) mtx_lock(&(x)->ipf_lk)
906 # define RWLOCK_EXIT(x) mtx_unlock(&(x)->ipf_lk)
907 # define MUTEX_DOWNGRADE(x) ;
908 # define RWLOCK_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\
910 # define RW_DESTROY(x) mtx_destroy(&(x)->ipf_lk)
912 # define READ_ENTER(x) sx_slock(&(x)->ipf_lk)
913 # define WRITE_ENTER(x) sx_xlock(&(x)->ipf_lk)
914 # define MUTEX_DOWNGRADE(x) sx_downgrade(&(x)->ipf_lk)
915 # define RWLOCK_INIT(x, y) sx_init(&(x)->ipf_lk, (y))
916 # define RW_DESTROY(x) sx_destroy(&(x)->ipf_lk)
918 # define RWLOCK_EXIT(x) sx_unlock(x)
920 # define RWLOCK_EXIT(x) do { \
921 if ((x)->ipf_lk.sx_cnt < 0) \
922 sx_xunlock(&(x)->ipf_lk); \
924 sx_sunlock(&(x)->ipf_lk); \
928 # include <machine/atomic.h>
929 # define ATOMIC_INC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)++; \
930 mtx_unlock(&ipf_rw.ipf_lk); }
931 # define ATOMIC_DEC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)--; \
932 mtx_unlock(&ipf_rw.ipf_lk); }
933 # define ATOMIC_INCL(x) atomic_inc_ulong(&(x))
934 # define ATOMIC_INC64(x) ATOMIC_INC(x)
935 # define ATOMIC_INC32(x) atomic_inc_32(&(x))
936 # define ATOMIC_INC16(x) atomic_inc_16(&(x))
937 # define ATOMIC_DECL(x) atomic_dec_ulong(&(x))
938 # define ATOMIC_DEC64(x) ATOMIC_DEC(x)
939 # define ATOMIC_DEC32(x) atomic_dec_32(&(x))
940 # define ATOMIC_DEC16(x) atomic_dec_16(&(x))
942 # define SPL_NET(x) ;
943 # define SPL_IMP(x) ;
944 extern int in_cksum
__P((struct mbuf
*, int));
945 # endif /* __FreeBSD_version >= 500043 */
946 # define MSGDSIZE(x) mbufchainlen(x)
947 # define M_LEN(x) (x)->m_len
948 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
949 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
950 typedef struct mbuf mb_t
;
951 # endif /* _KERNEL */
954 # include <machine/spl.h>
956 # if __FreeBSD__ == 3
957 # if defined(IPFILTER_LKM) && !defined(ACTUALLY_LKM_NOT_KERNEL)
958 # define ACTUALLY_LKM_NOT_KERNEL
963 # if (__FreeBSD_version >= 300000)
964 typedef u_long ioctlcmd_t
;
966 typedef int ioctlcmd_t
;
968 typedef struct uio uio_t
;
970 typedef u_int32_t u_32_t
;
973 # define OS_RECOGNISED 1
974 #endif /* __FreeBSD__ */
977 /* ----------------------------------------------------------------------- */
979 /* ----------------------------------------------------------------------- */
986 # if !defined(IPFILTER_LKM)
987 # include "bpfilter.h"
989 # if (OpenBSD >= 200311)
990 # define SNPRINTF snprintf
991 # if defined(USE_INET6)
992 # include "netinet6/in6_var.h"
993 # include "netinet6/nd6.h"
996 # if (OpenBSD >= 200012)
997 # define HAVE_M_PULLDOWN 1
999 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
1000 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
1001 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1002 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1003 # define GETKTIME(x) microtime((struct timeval *)x)
1004 # define MSGDSIZE(x) mbufchainlen(x)
1005 # define M_LEN(x) (x)->m_len
1006 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1007 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1008 typedef struct mbuf mb_t
;
1009 # endif /* _KERNEL */
1010 # if (OpenBSD >= 199603)
1011 # define IFNAME(x, b) ((struct ifnet *)x)->if_xname
1012 # define COPYIFNAME(x, b, v) \
1014 ((struct ifnet *)x)->if_xname, \
1016 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7)
1018 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1019 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1022 typedef struct uio uio_t
;
1023 typedef u_long ioctlcmd_t
;
1024 typedef int minor_t
;
1025 typedef u_int32_t u_32_t
;
1028 # define OS_RECOGNISED 1
1029 #endif /* __OpenBSD__ */
1032 /* ----------------------------------------------------------------------- */
1034 /* ----------------------------------------------------------------------- */
1035 #ifdef _BSDI_VERSION
1041 # define GETKTIME(x) microtime((struct timeval *)x)
1042 # define MSGDSIZE(x) mbufchainlen(x)
1043 # define M_LEN(x) (x)->m_len
1044 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1045 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1046 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1047 typedef struct mbuf mb_t
;
1048 # endif /* _KERNEL */
1050 # if (_BSDI_VERSION >= 199701)
1051 typedef u_long ioctlcmd_t
;
1053 typedef int ioctlcmd_t
;
1055 typedef u_int32_t u_32_t
;
1058 #endif /* _BSDI_VERSION */
1061 /* ----------------------------------------------------------------------- */
1063 /* ----------------------------------------------------------------------- */
1064 #if defined(sun) && !defined(OS_RECOGNISED) /* SunOS4 */
1066 # include <sys/kmem_alloc.h>
1067 # define GETKTIME(x) uniqtime((struct timeval *)x)
1068 # define MSGDSIZE(x) mbufchainlen(x)
1069 # define M_LEN(x) (x)->m_len
1070 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1071 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1072 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1073 # define GETIFP(n, v, ifs) ifunit(n, IFNAMSIZ)
1074 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
1075 # define KFREES(x,s) kmem_free((char *)(x), (s))
1076 # define SLEEP(id, n) sleep((id), PZERO+1)
1077 # define WAKEUP(id,x) wakeup(id + x)
1078 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
1079 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1081 extern void m_copydata
__P((struct mbuf
*, int, int, caddr_t
));
1082 extern void m_copyback
__P((struct mbuf
*, int, int, caddr_t
));
1084 typedef struct mbuf mb_t
;
1087 typedef struct uio uio_t
;
1088 typedef int ioctlcmd_t
;
1089 typedef int minor_t
;
1090 typedef unsigned int u_32_t
;
1093 # define OS_RECOGNISED 1
1095 #endif /* SunOS 4 */
1097 /* ----------------------------------------------------------------------- */
1099 /* ----------------------------------------------------------------------- */
1100 #if defined(linux) && !defined(OS_RECOGNISED)
1101 #include <linux/config.h>
1102 #include <linux/version.h>
1104 # define HDR_T_PRIVATE 1
1115 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1116 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1117 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1118 # define COPYIN(a,b,c) copy_from_user((caddr_t)(b), (caddr_t)(a), (c))
1119 # define COPYOUT(a,b,c) copy_to_user((caddr_t)(b), (caddr_t)(a), (c))
1120 # define FREE_MB_T(m) kfree_skb(m)
1121 # define GETKTIME(x) do_gettimeofday((struct timeval *)x)
1122 # define SLEEP(x,s) 0, interruptible_sleep_on(x##_linux)
1123 # define WAKEUP(x,y) wake_up(x##_linux + y)
1124 # define UIOMOVE(a,b,c,d) uiomove(a,b,c,d)
1125 # define USE_MUTEXES
1126 # define KRWLOCK_T rwlock_t
1127 # define KMUTEX_T spinlock_t
1128 # define MUTEX_INIT(x,y) spin_lock_init(&(x)->ipf_lk)
1129 # define MUTEX_ENTER(x) spin_lock(&(x)->ipf_lk)
1130 # define MUTEX_EXIT(x) spin_unlock(&(x)->ipf_lk)
1131 # define MUTEX_DESTROY(x) do { } while (0)
1132 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1133 # define READ_ENTER(x) ipf_read_enter(x)
1134 # define WRITE_ENTER(x) ipf_write_enter(x)
1135 # define RWLOCK_INIT(x,y) rwlock_init(&(x)->ipf_lk)
1136 # define RW_DESTROY(x) do { } while (0)
1137 # define RWLOCK_EXIT(x) ipf_rw_exit(x)
1138 # define MUTEX_DOWNGRADE(x) ipf_rw_downgrade(x)
1139 # define ATOMIC_INCL(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1141 # define ATOMIC_DECL(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1143 # define ATOMIC_INC64(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1145 # define ATOMIC_INC32(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1147 # define ATOMIC_INC16(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1149 # define ATOMIC_DEC64(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1151 # define ATOMIC_DEC32(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1153 # define ATOMIC_DEC16(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1155 # define SPL_IMP(x) do { } while (0)
1156 # define SPL_NET(x) do { } while (0)
1157 # define SPL_X(x) do { } while (0)
1158 # define IFNAME(x) ((struct net_device*)x)->name
1159 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1160 ((struct net_device *)fin->fin_ifp)->ifindex) & 7)
1161 typedef struct sk_buff mb_t
;
1162 extern void m_copydata
__P((mb_t
*, int, int, caddr_t
));
1163 extern void m_copyback
__P((mb_t
*, int, int, caddr_t
));
1164 extern void m_adj
__P((mb_t
*, int));
1165 extern mb_t
*m_pullup
__P((mb_t
*, int));
1166 # define mbuf sk_buff
1168 # define mtod(m, t) ((t)(m)->data)
1170 # define m_next next
1171 # define M_DUPLICATE(m) skb_clone((m), in_interrupt() ? GFP_ATOMIC : \
1173 # define MSGDSIZE(m) (m)->len
1174 # define M_LEN(m) (m)->len
1176 # define splnet(x) ;
1177 # define printf printk
1178 # define bcopy(s,d,z) memmove(d, s, z)
1179 # define bzero(s,z) memset(s, 0, z)
1180 # define bcmp(a,b,z) memcmp(a, b, z)
1182 # define ifnet net_device
1183 # define if_xname name
1184 # define if_unit ifindex
1186 # define KMALLOC(x,t) (x) = (t)kmalloc(sizeof(*(x)), \
1187 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1188 # define KFREE(x) kfree(x)
1189 # define KMALLOCS(x,t,s) (x) = (t)kmalloc((s), \
1190 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1191 # define KFREES(x,s) kfree(x)
1193 # define GETIFP(n,v) dev_get_by_name(n)
1196 # include <net/ethernet.h>
1201 # ifndef _NET_ROUTE_H
1207 char if_xname
[IFNAMSIZ
];
1209 int (* if_output
) __P((struct ifnet
*, struct mbuf
*, struct sockaddr
*, struct rtentry
*));
1210 struct ifaddr
*if_addrlist
;
1212 # define IFNAME(x) ((struct ifnet *)x)->if_xname
1214 # endif /* _KERNEL */
1216 # define COPYIFNAME(x, b) \
1218 ((struct ifnet *)x)->if_xname, \
1221 # include <linux/fs.h>
1222 # define FWRITE FMODE_WRITE
1223 # define FREAD FMODE_READ
1225 # define __USE_MISC 1
1226 # define __FAVOR_BSD 1
1228 typedef struct uio
{
1229 struct iovec
*uio_iov
;
1238 extern int uiomove
__P((caddr_t
, size_t, int, struct uio
*));
1241 # define UIO_WRITE 2
1243 typedef u_long ioctlcmd_t
;
1244 typedef int minor_t
;
1245 typedef u_int32_t u_32_t
;
1248 # define OS_RECOGNISED 1
1253 /* ----------------------------------------------------------------------- */
1255 /* ----------------------------------------------------------------------- */
1259 # include <sys/lock.h>
1260 # include <sys/sysmacros.h>
1263 # define rw_read_locked(x) 0
1264 # include <net/net_globals.h>
1265 # include <net/net_malloc.h>
1266 # define KMUTEX_T simple_lock_t
1267 # define KRWLOCK_T complex_lock_t
1268 # define USE_MUTEXES 1
1270 # define READ_ENTER(x) lock_read((x)->ipf_lk)
1271 # define WRITE_ENTER(x) lock_write((x)->ipf_lk)
1272 # define MUTEX_DOWNGRADE(x) lock_write_to_read((x)->ipf_lk)
1273 # define RWLOCK_INIT(x, y) lock_alloc(&(x)->ipf_lk, \
1276 lock_init((x)->ipf_lk, TRUE)
1277 # define RWLOCK_EXIT(x) lock_done((x)->ipf_lk)
1278 # define RW_DESTROY(x) lock_free(&(x)->ipf_lk)
1279 # define MUTEX_ENTER(x) simple_lock((x)->ipf_lk)
1280 # define MUTEX_INIT(x, y) lock_alloc(&(x)->ipf_lk, \
1283 simple_lock_init((x)->ipf_lk)
1284 # define MUTEX_DESTROY(x) lock_free(&(x)->ipf_lk)
1285 # define MUTEX_EXIT(x) simple_unlock((x)->ipf_lk)
1286 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1287 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1288 MUTEX_EXIT(&ipf_rw); }
1289 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1290 MUTEX_EXIT(&ipf_rw); }
1291 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1292 MUTEX_EXIT(&ipf_rw); }
1293 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1294 MUTEX_EXIT(&ipf_rw); }
1295 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1296 MUTEX_EXIT(&ipf_rw); }
1297 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1298 MUTEX_EXIT(&ipf_rw); }
1299 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1300 MUTEX_EXIT(&ipf_rw); }
1301 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1302 MUTEX_EXIT(&ipf_rw); }
1303 # define SPL_NET(x) x = splnet()
1304 # define SPL_IMP(x) x = splimp()
1306 # define SPL_X(x) splx(x)
1307 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
1308 extern void* getifp
__P((char *, int));
1309 # define GETIFP(n, v) getifp(n, v)
1310 # define GET_MINOR minor
1311 # define SLEEP(id, n) sleepx((id), PZERO+1, 0)
1312 # define WAKEUP(id,x) wakeup(id)
1313 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
1314 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
1315 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1316 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1317 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_TEMP, M_NOWAIT)
1318 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_TEMP, \
1319 ((c) > 4096) ? M_WAITOK : M_NOWAIT)
1320 # define KFREE(x) FREE((x), M_TEMP)
1321 # define KFREES(x,s) FREE((x), M_TEMP)
1322 # define MSGDSIZE(x) mbufchainlen(x)
1323 # define M_LEN(x) (x)->m_len
1324 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1325 # define GETKTIME(x)
1326 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1327 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1328 # define IPF_PANIC(x,y)
1329 typedef struct mbuf mb_t
;
1330 # endif /* _KERNEL */
1333 * These are from's Solaris' #defines for little endian.
1335 #if !defined(IP6F_MORE_FRAG)
1336 # define IP6F_MORE_FRAG 0x0100
1338 #if !defined(IP6F_RESERVED_MASK)
1339 # define IP6F_RESERVED_MASK 0x0600
1341 #if !defined(IP6F_OFF_MASK)
1342 # define IP6F_OFF_MASK 0xf8ff
1350 typedef int ioctlcmd_t
;
1351 typedef int minor_t
;
1353 * Really, any arch where sizeof(long) != sizeof(int).
1355 typedef unsigned int u_32_t
;
1358 # define OS_RECOGNISED 1
1362 #ifndef OS_RECOGNISED
1363 #error ip_compat.h does not recognise this platform/OS.
1367 /* ----------------------------------------------------------------------- */
1369 /* ----------------------------------------------------------------------- */
1370 #ifndef OS_RECOGNISED
1374 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in
1377 #if !defined(IPFILTER_BPF) && ((NBPF > 0) || (NBPFILTER > 0) || (DEV_BPF > 0))
1378 # define IPFILTER_BPF
1382 * Userland locking primitives
1430 #define ipf_lk ipf_lkun_s.ipf_slk
1431 #define ipf_lname ipf_lkun_s.ipf_lname
1432 #define ipf_isr ipf_lkun_s.ipf_sr
1433 #define ipf_isw ipf_lkun_s.ipf_sw
1434 #define ipf_magic ipf_lkun_s.ipf_magic
1436 #if !defined(__GNUC__) || \
1437 (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000))
1442 # define INLINE __inline__
1445 #if defined(linux) && defined(_KERNEL)
1446 extern INLINE
void ipf_read_enter
__P((ipfrwlock_t
*));
1447 extern INLINE
void ipf_write_enter
__P((ipfrwlock_t
*));
1448 extern INLINE
void ipf_rw_exit
__P((ipfrwlock_t
*));
1449 extern INLINE
void ipf_rw_downgrade
__P((ipfrwlock_t
*));
1453 * In a non-kernel environment, there are a lot of macros that need to be
1454 * filled in to be null-ops or to point to some compatibility function,
1455 * somewhere in userland.
1458 typedef struct mb_s
{
1459 struct mb_s
*mb_next
;
1461 u_long mb_buf
[2048];
1464 # define m_next mb_next
1465 # define MSGDSIZE(x) (x)->mb_len /* XXX - from ipt.c */
1466 # define M_LEN(x) (x)->mb_len
1467 # define M_DUPLICATE(x) (x)
1468 # define GETKTIME(x) gettimeofday((struct timeval *)(x), NULL)
1470 # define MTOD(m, t) ((t)(m)->mb_buf)
1471 # define FREE_MB_T(x)
1472 # define SLEEP(x,y) 1;
1473 # define WAKEUP(x,y) ;
1474 # define IPF_PANIC(x,y) ;
1475 # define PANIC(x,y) ;
1476 # define SPL_NET(x) ;
1477 # define SPL_IMP(x) ;
1479 # define KMALLOC(a,b) (a) = (b)malloc(sizeof(*a))
1480 # define KMALLOCS(a,b,c) (a) = (b)malloc(c)
1481 # define KFREE(x) free(x)
1482 # define KFREES(x,s) free(x)
1483 # define GETIFP(x, v, ifs) get_unit(x,v, ifs)
1484 # define COPYIN(a,b,c) (bcopy((a), (b), (c)), 0)
1485 # define COPYOUT(a,b,c) (bcopy((a), (b), (c)), 0)
1486 # define BCOPYIN(a,b,c) (bcopy((a), (b), (c)), 0)
1487 # define BCOPYOUT(a,b,c) (bcopy((a), (b), (c)), 0)
1488 # define COPYDATA(m, o, l, b) bcopy(MTOD((mb_t *)m, char *) + (o), \
1490 # define COPYBACK(m, o, l, b) bcopy((b), \
1491 MTOD((mb_t *)m, char *) + (o), \
1493 # define UIOMOVE(a,b,c,d) ipfuiomove(a,b,c,d)
1494 extern void m_copydata
__P((mb_t
*, int, int, caddr_t
));
1495 extern int ipfuiomove
__P((caddr_t
, int, int, struct uio
*));
1497 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1498 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1501 # define MUTEX_DESTROY(x) eMmutex_destroy(&(x)->ipf_emu)
1502 # define MUTEX_ENTER(x) eMmutex_enter(&(x)->ipf_emu, \
1504 # define MUTEX_EXIT(x) eMmutex_exit(&(x)->ipf_emu)
1505 # define MUTEX_INIT(x,y) eMmutex_init(&(x)->ipf_emu, y)
1506 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
1508 # define MUTEX_DOWNGRADE(x) eMrwlock_downgrade(&(x)->ipf_emu, \
1510 # define READ_ENTER(x) eMrwlock_read_enter(&(x)->ipf_emu, \
1512 # define RWLOCK_INIT(x, y) eMrwlock_init(&(x)->ipf_emu, y)
1513 # define RWLOCK_EXIT(x) eMrwlock_exit(&(x)->ipf_emu)
1514 # define RW_DESTROY(x) eMrwlock_destroy(&(x)->ipf_emu)
1515 # define WRITE_ENTER(x) eMrwlock_write_enter(&(x)->ipf_emu, \
1519 # define USE_MUTEXES 1
1521 extern void eMmutex_destroy
__P((eMmutex_t
*));
1522 extern void eMmutex_enter
__P((eMmutex_t
*, char *, int));
1523 extern void eMmutex_exit
__P((eMmutex_t
*));
1524 extern void eMmutex_init
__P((eMmutex_t
*, char *));
1525 extern void eMrwlock_destroy
__P((eMrwlock_t
*));
1526 extern void eMrwlock_exit
__P((eMrwlock_t
*));
1527 extern void eMrwlock_init
__P((eMrwlock_t
*, char *));
1528 extern void eMrwlock_read_enter
__P((eMrwlock_t
*, char *, int));
1529 extern void eMrwlock_write_enter
__P((eMrwlock_t
*, char *, int));
1530 extern void eMrwlock_downgrade
__P((eMrwlock_t
*, char *, int));
1532 #undef NET_IS_HCK_L3_FULL
1533 #define NET_IS_HCK_L3_FULL(n, x) (0)
1534 #undef NET_IS_HCK_L3_PART
1535 #define NET_IS_HCK_L3_PART(n, x) (0)
1536 #undef NET_IS_HCK_L4_FULL
1537 #define NET_IS_HCK_L4_FULL(n, x) (0)
1538 #undef NET_IS_HCK_L4_PART
1539 #define NET_IS_HCK_L4_PART(n, x) (0)
1543 #define MAX_IPV4HDR ((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8)
1546 # define IP_OFFMASK 0x1fff
1551 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized
1556 # define U_QUAD_T u_quad_t
1557 # define QUAD_T quad_t
1558 #else /* BSD > 199306 */
1559 # define U_QUAD_T u_long
1560 # define QUAD_T long
1561 #endif /* BSD > 199306 */
1565 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
1566 defined(__osf__) || defined(linux)
1567 # include <netinet/ip6.h>
1568 # include <netinet/icmp6.h>
1569 # if !defined(linux)
1570 # if defined(_KERNEL) && !defined(__osf__)
1571 # include <netinet6/ip6_var.h>
1574 typedef struct ip6_hdr ip6_t
;
1579 # define MAX(a,b) (((a) > (b)) ? (a) : (b))
1582 #if defined(_KERNEL)
1584 # define COPYDATA mb_copydata
1585 # define COPYBACK mb_copyback
1587 # define COPYDATA m_copydata
1588 # define COPYBACK m_copyback
1590 # if (BSD >= 199306) || defined(__FreeBSD__)
1591 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \
1592 defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \
1593 defined(_BSDI_VERSION)
1596 # if !defined(__FreeBSD__) || (defined (__FreeBSD_version) && \
1597 (__FreeBSD_version >= 300000))
1598 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105180000)) || \
1599 (defined(OpenBSD) && (OpenBSD >= 200111))
1600 # include <uvm/uvm_extern.h>
1602 # include <vm/vm_extern.h>
1603 extern vm_map_t kmem_map
;
1605 # include <sys/proc.h>
1606 # else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1607 # include <vm/vm_kern.h>
1608 # endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1610 # ifdef IPFILTER_M_IPFILTER
1611 # include <sys/malloc.h>
1612 MALLOC_DECLARE(M_IPFILTER
);
1613 # define _M_IPF M_IPFILTER
1614 # else /* IPFILTER_M_IPFILTER */
1616 # define _M_IPF M_PFIL
1619 # define _M_IPF M_IPFILTER
1621 # define _M_IPF M_TEMP
1622 # endif /* M_IPFILTER */
1623 # endif /* M_PFIL */
1624 # endif /* IPFILTER_M_IPFILTER */
1625 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), _M_IPF, M_NOWAIT)
1626 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), _M_IPF, M_NOWAIT)
1627 # define KFREE(x) FREE((x), _M_IPF)
1628 # define KFREES(x,s) FREE((x), _M_IPF)
1629 # define UIOMOVE(a,b,c,d) uiomove(a,b,d)
1630 # define SLEEP(id, n) tsleep((id), PPAUSE|PCATCH, n, 0)
1631 # define WAKEUP(id,x) wakeup(id+x)
1632 # define GETIFP(n, v, ifs) ifunit(n)
1633 # endif /* (Free)BSD */
1635 # if !defined(USE_MUTEXES) && !defined(SPL_NET)
1636 # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199407)) || \
1637 (defined(OpenBSD) && (OpenBSD >= 200006))
1638 # define SPL_NET(x) x = splsoftnet()
1640 # define SPL_IMP(x) x = splimp()
1641 # define SPL_NET(x) x = splnet()
1642 # endif /* NetBSD && (NetBSD <= 1991011) && (NetBSD >= 199407) */
1643 # define SPL_X(x) (void) splx(x)
1644 # endif /* !USE_MUTEXES */
1647 # define FREE_MB_T(m) m_freem(m)
1651 # define MTOD(m,t) mtod(m,t)
1655 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1656 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1657 # define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1658 # define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1662 # define KMALLOC(a,b) (a) = (b)new_kmem_alloc(sizeof(*(a)), \
1664 # define KMALLOCS(a,b,c) (a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP)
1668 # define GET_MINOR(x) minor(x)
1670 # define PANIC(x,y) if (x) panic y
1671 #endif /* _KERNEL */
1674 # define IFNAME(x) ((struct ifnet *)x)->if_name
1677 # define NEED_FRGETIFNAME
1678 extern char *fr_getifname
__P((struct ifnet
*, char *));
1679 # define COPYIFNAME(x, b, v) \
1680 fr_getifname((struct ifnet *)x, b)
1688 * Because the ctype(3) posix definition, if used "safely" in code everywhere,
1689 * would mean all normal code that walks through strings needed casts. Yuck.
1691 #define ISALNUM(x) isalnum((u_char)(x))
1692 #define ISALPHA(x) isalpha((u_char)(x))
1693 #define ISASCII(x) isascii((u_char)(x))
1694 #define ISDIGIT(x) isdigit((u_char)(x))
1695 #define ISPRINT(x) isprint((u_char)(x))
1696 #define ISSPACE(x) isspace((u_char)(x))
1697 #define ISUPPER(x) isupper((u_char)(x))
1698 #define ISXDIGIT(x) isxdigit((u_char)(x))
1699 #define ISLOWER(x) islower((u_char)(x))
1700 #define TOUPPER(x) toupper((u_char)(x))
1701 #define TOLOWER(x) tolower((u_char)(x))
1704 * If mutexes aren't being used, turn all the mutex functions into null-ops.
1706 #if !defined(USE_MUTEXES)
1711 # undef MUTEX_DESTROY
1712 # define MUTEX_ENTER(x) ;
1713 # define READ_ENTER(x) ;
1714 # define WRITE_ENTER(x) ;
1715 # define MUTEX_DOWNGRADE(x) ;
1716 # define RWLOCK_INIT(x, y) ;
1717 # define RWLOCK_EXIT(x) ;
1718 # define RW_DESTROY(x) ;
1719 # define MUTEX_EXIT(x) ;
1720 # define MUTEX_INIT(x,y) ;
1721 # define MUTEX_DESTROY(x) ;
1722 # define MUTEX_NUKE(x) ;
1723 #endif /* !USE_MUTEXES */
1725 # define ATOMIC_INC(x) (x)++
1726 # define ATOMIC_DEC(x) (x)--
1729 #if defined(USE_SPL) && defined(_KERNEL)
1730 # define SPL_INT(x) int x
1736 * If there are no atomic operations for bit sizes defined, define them to all
1737 * use a generic one that works for all sizes.
1740 # define ATOMIC_INCL ATOMIC_INC
1741 # define ATOMIC_INC64 ATOMIC_INC
1742 # define ATOMIC_INC32 ATOMIC_INC
1743 # define ATOMIC_INC16 ATOMIC_INC
1744 # define ATOMIC_DECL ATOMIC_DEC
1745 # define ATOMIC_DEC64 ATOMIC_DEC
1746 # define ATOMIC_DEC32 ATOMIC_DEC
1747 # define ATOMIC_DEC16 ATOMIC_DEC
1750 #ifndef HDR_T_PRIVATE
1751 typedef struct tcphdr tcphdr_t
;
1752 typedef struct udphdr udphdr_t
;
1754 typedef struct icmp icmphdr_t
;
1755 typedef struct ip ip_t
;
1756 typedef struct ether_header ether_header_t
;
1757 typedef struct tcpiphdr tcpiphdr_t
;
1760 # define FR_GROUPLEN 16
1767 # define offsetof(t,m) (size_t)((&((t *)0)->m))
1771 * This set of macros has been brought about because on Tru64 it is not
1772 * possible to easily assign or examine values in a structure that are
1776 # define IP_V(x) (x)->ip_v
1779 # define IP_V_A(x,y) (x)->ip_v = (y)
1782 # define IP_HL(x) (x)->ip_hl
1785 # define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf)
1788 # define TCP_X2(x) (x)->th_x2
1791 # define TCP_X2_A(x,y) (x)->th_x2 = (y)
1794 # define TCP_OFF(x) (x)->th_off
1797 # define TCP_OFF_A(x,y) (x)->th_off = (y)
1799 #define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h)))
1803 * XXX - This is one of those *awful* hacks which nobody likes
1811 #define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\
1814 #if (BSD >= 199306) && !defined(m_act)
1815 # define m_act m_nextpkt
1819 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108.
1823 * 00000001 - (Reserved 4)
1824 * 00111101 - Top Secret
1826 * 10010110 - Confidential
1827 * 01100110 - (Reserved 3)
1828 * 11001100 - (Reserved 2)
1829 * 10101011 - Unclassified
1830 * 11110001 - (Reserved 1)
1832 #define IPSO_CLASS_RES4 0x01
1833 #define IPSO_CLASS_TOPS 0x3d
1834 #define IPSO_CLASS_SECR 0x5a
1835 #define IPSO_CLASS_CONF 0x96
1836 #define IPSO_CLASS_RES3 0x66
1837 #define IPSO_CLASS_RES2 0xcc
1838 #define IPSO_CLASS_UNCL 0xab
1839 #define IPSO_CLASS_RES1 0xf1
1841 #define IPSO_AUTH_GENSER 0x80
1842 #define IPSO_AUTH_ESI 0x40
1843 #define IPSO_AUTH_SCI 0x20
1844 #define IPSO_AUTH_NSA 0x10
1845 #define IPSO_AUTH_DOE 0x08
1846 #define IPSO_AUTH_UN 0x06
1847 #define IPSO_AUTH_FTE 0x01
1850 * IP option #defines
1855 #define IPOPT_ZSU 10 /* ZSU */
1857 #define IPOPT_MTUP 11 /* MTUP */
1859 #define IPOPT_MTUR 12 /* MTUR */
1861 #define IPOPT_ENCODE 15 /* ENCODE */
1865 #define IPOPT_TR 82 /* TR */
1866 #undef IPOPT_SECURITY
1867 #define IPOPT_SECURITY 130
1869 #define IPOPT_LSRR 131
1871 #define IPOPT_E_SEC 133 /* E-SEC */
1873 #define IPOPT_CIPSO 134 /* CIPSO */
1875 #define IPOPT_SATID 136
1877 # define IPOPT_SID IPOPT_SATID
1880 #define IPOPT_SSRR 137
1882 #define IPOPT_ADDEXT 147 /* ADDEXT */
1884 #define IPOPT_VISA 142 /* VISA */
1886 #define IPOPT_IMITD 144 /* IMITD */
1888 #define IPOPT_EIP 145 /* EIP */
1889 #undef IPOPT_RTRALRT
1890 #define IPOPT_RTRALRT 148 /* RTRALRT */
1892 #define IPOPT_SDB 149
1894 #define IPOPT_NSAPA 150
1896 #define IPOPT_DPS 151
1898 #define IPOPT_UMP 152
1900 #define IPOPT_FINN 205 /* FINN */
1903 # define TCPOPT_EOL 0
1906 # define TCPOPT_NOP 1
1908 #ifndef TCPOPT_MAXSEG
1909 # define TCPOPT_MAXSEG 2
1911 #ifndef TCPOLEN_MAXSEG
1912 # define TCPOLEN_MAXSEG 4
1914 #ifndef TCPOPT_WINDOW
1915 # define TCPOPT_WINDOW 3
1917 #ifndef TCPOLEN_WINDOW
1918 # define TCPOLEN_WINDOW 3
1920 #ifndef TCPOPT_SACK_PERMITTED
1921 # define TCPOPT_SACK_PERMITTED 4
1923 #ifndef TCPOLEN_SACK_PERMITTED
1924 # define TCPOLEN_SACK_PERMITTED 2
1927 # define TCPOPT_SACK 5
1929 #ifndef TCPOPT_TIMESTAMP
1930 # define TCPOPT_TIMESTAMP 8
1934 # define ICMP_MINLEN 8
1936 #ifndef ICMP_ECHOREPLY
1937 # define ICMP_ECHOREPLY 0
1939 #ifndef ICMP_UNREACH
1940 # define ICMP_UNREACH 3
1942 #ifndef ICMP_UNREACH_NET
1943 # define ICMP_UNREACH_NET 0
1945 #ifndef ICMP_UNREACH_HOST
1946 # define ICMP_UNREACH_HOST 1
1948 #ifndef ICMP_UNREACH_PROTOCOL
1949 # define ICMP_UNREACH_PROTOCOL 2
1951 #ifndef ICMP_UNREACH_PORT
1952 # define ICMP_UNREACH_PORT 3
1954 #ifndef ICMP_UNREACH_NEEDFRAG
1955 # define ICMP_UNREACH_NEEDFRAG 4
1957 #ifndef ICMP_UNREACH_SRCFAIL
1958 # define ICMP_UNREACH_SRCFAIL 5
1960 #ifndef ICMP_UNREACH_NET_UNKNOWN
1961 # define ICMP_UNREACH_NET_UNKNOWN 6
1963 #ifndef ICMP_UNREACH_HOST_UNKNOWN
1964 # define ICMP_UNREACH_HOST_UNKNOWN 7
1966 #ifndef ICMP_UNREACH_ISOLATED
1967 # define ICMP_UNREACH_ISOLATED 8
1969 #ifndef ICMP_UNREACH_NET_PROHIB
1970 # define ICMP_UNREACH_NET_PROHIB 9
1972 #ifndef ICMP_UNREACH_HOST_PROHIB
1973 # define ICMP_UNREACH_HOST_PROHIB 10
1975 #ifndef ICMP_UNREACH_TOSNET
1976 # define ICMP_UNREACH_TOSNET 11
1978 #ifndef ICMP_UNREACH_TOSHOST
1979 # define ICMP_UNREACH_TOSHOST 12
1981 #ifndef ICMP_UNREACH_ADMIN_PROHIBIT
1982 # define ICMP_UNREACH_ADMIN_PROHIBIT 13
1984 #ifndef ICMP_UNREACH_FILTER
1985 # define ICMP_UNREACH_FILTER 13
1987 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
1988 # define ICMP_UNREACH_HOST_PRECEDENCE 14
1990 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
1991 # define ICMP_UNREACH_PRECEDENCE_CUTOFF 15
1993 #ifndef ICMP_SOURCEQUENCH
1994 # define ICMP_SOURCEQUENCH 4
1996 #ifndef ICMP_REDIRECT_NET
1997 # define ICMP_REDIRECT_NET 0
1999 #ifndef ICMP_REDIRECT_HOST
2000 # define ICMP_REDIRECT_HOST 1
2002 #ifndef ICMP_REDIRECT_TOSNET
2003 # define ICMP_REDIRECT_TOSNET 2
2005 #ifndef ICMP_REDIRECT_TOSHOST
2006 # define ICMP_REDIRECT_TOSHOST 3
2008 #ifndef ICMP_ALTHOSTADDR
2009 # define ICMP_ALTHOSTADDR 6
2011 #ifndef ICMP_TIMXCEED
2012 # define ICMP_TIMXCEED 11
2014 #ifndef ICMP_TIMXCEED_INTRANS
2015 # define ICMP_TIMXCEED_INTRANS 0
2017 #ifndef ICMP_TIMXCEED_REASS
2018 # define ICMP_TIMXCEED_REASS 1
2020 #ifndef ICMP_PARAMPROB
2021 # define ICMP_PARAMPROB 12
2023 #ifndef ICMP_PARAMPROB_ERRATPTR
2024 # define ICMP_PARAMPROB_ERRATPTR 0
2026 #ifndef ICMP_PARAMPROB_OPTABSENT
2027 # define ICMP_PARAMPROB_OPTABSENT 1
2029 #ifndef ICMP_PARAMPROB_LENGTH
2030 # define ICMP_PARAMPROB_LENGTH 2
2033 # define ICMP_TSTAMP 13
2035 #ifndef ICMP_TSTAMPREPLY
2036 # define ICMP_TSTAMPREPLY 14
2039 # define ICMP_IREQ 15
2041 #ifndef ICMP_IREQREPLY
2042 # define ICMP_IREQREPLY 16
2044 #ifndef ICMP_MASKREQ
2045 # define ICMP_MASKREQ 17
2047 #ifndef ICMP_MASKREPLY
2048 # define ICMP_MASKREPLY 18
2050 #ifndef ICMP_TRACEROUTE
2051 # define ICMP_TRACEROUTE 30
2053 #ifndef ICMP_DATACONVERR
2054 # define ICMP_DATACONVERR 31
2056 #ifndef ICMP_MOBILE_REDIRECT
2057 # define ICMP_MOBILE_REDIRECT 32
2059 #ifndef ICMP_IPV6_WHEREAREYOU
2060 # define ICMP_IPV6_WHEREAREYOU 33
2062 #ifndef ICMP_IPV6_IAMHERE
2063 # define ICMP_IPV6_IAMHERE 34
2065 #ifndef ICMP_MOBILE_REGREQUEST
2066 # define ICMP_MOBILE_REGREQUEST 35
2068 #ifndef ICMP_MOBILE_REGREPLY
2069 # define ICMP_MOBILE_REGREPLY 36
2072 # define ICMP_SKIP 39
2074 #ifndef ICMP_PHOTURIS
2075 # define ICMP_PHOTURIS 40
2077 #ifndef ICMP_PHOTURIS_UNKNOWN_INDEX
2078 # define ICMP_PHOTURIS_UNKNOWN_INDEX 1
2080 #ifndef ICMP_PHOTURIS_AUTH_FAILED
2081 # define ICMP_PHOTURIS_AUTH_FAILED 2
2083 #ifndef ICMP_PHOTURIS_DECRYPT_FAILED
2084 # define ICMP_PHOTURIS_DECRYPT_FAILED 3
2087 # define IPVERSION 4
2089 #ifndef IPOPT_MINOFF
2090 # define IPOPT_MINOFF 4
2092 #ifndef IPOPT_COPIED
2093 # define IPOPT_COPIED(x) ((x)&0x80)
2096 # define IPOPT_EOL 0
2099 # define IPOPT_NOP 1
2102 # define IP_MF ((u_short)0x2000)
2104 #ifndef ETHERTYPE_IP
2105 # define ETHERTYPE_IP ((u_short)0x0800)
2108 # define TH_FIN 0x01
2111 # define TH_SYN 0x02
2114 # define TH_RST 0x04
2117 # define TH_PUSH 0x08
2120 # define TH_ACK 0x10
2123 # define TH_URG 0x20
2126 #define TH_ACKMASK (TH_FIN|TH_SYN|TH_RST|TH_ACK)
2129 # define IPOPT_EOL 0
2132 # define IPOPT_NOP 1
2138 # define IPOPT_TS 68
2140 #ifndef IPOPT_SECURITY
2141 # define IPOPT_SECURITY 130
2144 # define IPOPT_LSRR 131
2147 # define IPOPT_SATID 136
2150 # define IPOPT_SSRR 137
2152 #ifndef IPOPT_SECUR_UNCLASS
2153 # define IPOPT_SECUR_UNCLASS ((u_short)0x0000)
2155 #ifndef IPOPT_SECUR_CONFID
2156 # define IPOPT_SECUR_CONFID ((u_short)0xf135)
2158 #ifndef IPOPT_SECUR_EFTO
2159 # define IPOPT_SECUR_EFTO ((u_short)0x789a)
2161 #ifndef IPOPT_SECUR_MMMM
2162 # define IPOPT_SECUR_MMMM ((u_short)0xbc4d)
2164 #ifndef IPOPT_SECUR_RESTR
2165 # define IPOPT_SECUR_RESTR ((u_short)0xaf13)
2167 #ifndef IPOPT_SECUR_SECRET
2168 # define IPOPT_SECUR_SECRET ((u_short)0xd788)
2170 #ifndef IPOPT_SECUR_TOPSECRET
2171 # define IPOPT_SECUR_TOPSECRET ((u_short)0x6bc5)
2174 # define IPOPT_OLEN 1
2176 #ifndef IPPROTO_HOPOPTS
2177 # define IPPROTO_HOPOPTS 0
2179 #ifndef IPPROTO_ENCAP
2180 # define IPPROTO_ENCAP 4
2182 #ifndef IPPROTO_IPV6
2183 # define IPPROTO_IPV6 41
2185 #ifndef IPPROTO_ROUTING
2186 # define IPPROTO_ROUTING 43
2188 #ifndef IPPROTO_FRAGMENT
2189 # define IPPROTO_FRAGMENT 44
2192 # define IPPROTO_GRE 47 /* GRE encaps RFC 1701 */
2195 # define IPPROTO_ESP 50
2198 # define IPPROTO_AH 51
2200 #ifndef IPPROTO_ICMPV6
2201 # define IPPROTO_ICMPV6 58
2203 #ifndef IPPROTO_NONE
2204 # define IPPROTO_NONE 59
2206 #ifndef IPPROTO_DSTOPTS
2207 # define IPPROTO_DSTOPTS 60
2209 #ifndef IPPROTO_FRAGMENT
2210 # define IPPROTO_FRAGMENT 44
2212 #ifndef ICMP_ROUTERADVERT
2213 # define ICMP_ROUTERADVERT 9
2215 #ifndef ICMP_ROUTERSOLICIT
2216 # define ICMP_ROUTERSOLICIT 10
2218 #ifndef ICMP6_DST_UNREACH
2219 # define ICMP6_DST_UNREACH 1
2221 #ifndef ICMP6_PACKET_TOO_BIG
2222 # define ICMP6_PACKET_TOO_BIG 2
2224 #ifndef ICMP6_TIME_EXCEEDED
2225 # define ICMP6_TIME_EXCEEDED 3
2227 #ifndef ICMP6_PARAM_PROB
2228 # define ICMP6_PARAM_PROB 4
2231 #ifndef ICMP6_ECHO_REQUEST
2232 # define ICMP6_ECHO_REQUEST 128
2234 #ifndef ICMP6_ECHO_REPLY
2235 # define ICMP6_ECHO_REPLY 129
2237 #ifndef ICMP6_MEMBERSHIP_QUERY
2238 # define ICMP6_MEMBERSHIP_QUERY 130
2240 #ifndef MLD6_LISTENER_QUERY
2241 # define MLD6_LISTENER_QUERY 130
2243 #ifndef ICMP6_MEMBERSHIP_REPORT
2244 # define ICMP6_MEMBERSHIP_REPORT 131
2246 #ifndef MLD6_LISTENER_REPORT
2247 # define MLD6_LISTENER_REPORT 131
2249 #ifndef ICMP6_MEMBERSHIP_REDUCTION
2250 # define ICMP6_MEMBERSHIP_REDUCTION 132
2252 #ifndef MLD6_LISTENER_DONE
2253 # define MLD6_LISTENER_DONE 132
2255 #ifndef ND_ROUTER_SOLICIT
2256 # define ND_ROUTER_SOLICIT 133
2258 #ifndef ND_ROUTER_ADVERT
2259 # define ND_ROUTER_ADVERT 134
2261 #ifndef ND_NEIGHBOR_SOLICIT
2262 # define ND_NEIGHBOR_SOLICIT 135
2264 #ifndef ND_NEIGHBOR_ADVERT
2265 # define ND_NEIGHBOR_ADVERT 136
2268 # define ND_REDIRECT 137
2270 #ifndef ICMP6_ROUTER_RENUMBERING
2271 # define ICMP6_ROUTER_RENUMBERING 138
2273 #ifndef ICMP6_WRUREQUEST
2274 # define ICMP6_WRUREQUEST 139
2276 #ifndef ICMP6_WRUREPLY
2277 # define ICMP6_WRUREPLY 140
2279 #ifndef ICMP6_FQDN_QUERY
2280 # define ICMP6_FQDN_QUERY 139
2282 #ifndef ICMP6_FQDN_REPLY
2283 # define ICMP6_FQDN_REPLY 140
2285 #ifndef ICMP6_NI_QUERY
2286 # define ICMP6_NI_QUERY 139
2288 #ifndef ICMP6_NI_REPLY
2289 # define ICMP6_NI_REPLY 140
2291 #ifndef MLD6_MTRACE_RESP
2292 # define MLD6_MTRACE_RESP 200
2295 # define MLD6_MTRACE 201
2297 #ifndef ICMP6_HADISCOV_REQUEST
2298 # define ICMP6_HADISCOV_REQUEST 202
2300 #ifndef ICMP6_HADISCOV_REPLY
2301 # define ICMP6_HADISCOV_REPLY 203
2303 #ifndef ICMP6_MOBILEPREFIX_SOLICIT
2304 # define ICMP6_MOBILEPREFIX_SOLICIT 204
2306 #ifndef ICMP6_MOBILEPREFIX_ADVERT
2307 # define ICMP6_MOBILEPREFIX_ADVERT 205
2309 #ifndef ICMP6_MAXTYPE
2310 # define ICMP6_MAXTYPE 205
2313 #ifndef ICMP6_DST_UNREACH_NOROUTE
2314 # define ICMP6_DST_UNREACH_NOROUTE 0
2316 #ifndef ICMP6_DST_UNREACH_ADMIN
2317 # define ICMP6_DST_UNREACH_ADMIN 1
2319 #ifndef ICMP6_DST_UNREACH_NOTNEIGHBOR
2320 # define ICMP6_DST_UNREACH_NOTNEIGHBOR 2
2322 #ifndef ICMP6_DST_UNREACH_BEYONDSCOPE
2323 # define ICMP6_DST_UNREACH_BEYONDSCOPE 2
2325 #ifndef ICMP6_DST_UNREACH_ADDR
2326 # define ICMP6_DST_UNREACH_ADDR 3
2328 #ifndef ICMP6_DST_UNREACH_NOPORT
2329 # define ICMP6_DST_UNREACH_NOPORT 4
2331 #ifndef ICMP6_TIME_EXCEED_TRANSIT
2332 # define ICMP6_TIME_EXCEED_TRANSIT 0
2334 #ifndef ICMP6_TIME_EXCEED_REASSEMBLY
2335 # define ICMP6_TIME_EXCEED_REASSEMBLY 1
2338 #ifndef ICMP6_NI_SUCCESS
2339 # define ICMP6_NI_SUCCESS 0
2341 #ifndef ICMP6_NI_REFUSED
2342 # define ICMP6_NI_REFUSED 1
2344 #ifndef ICMP6_NI_UNKNOWN
2345 # define ICMP6_NI_UNKNOWN 2
2348 #ifndef ICMP6_ROUTER_RENUMBERING_COMMAND
2349 # define ICMP6_ROUTER_RENUMBERING_COMMAND 0
2351 #ifndef ICMP6_ROUTER_RENUMBERING_RESULT
2352 # define ICMP6_ROUTER_RENUMBERING_RESULT 1
2354 #ifndef ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET
2355 # define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255
2358 #ifndef ICMP6_PARAMPROB_HEADER
2359 # define ICMP6_PARAMPROB_HEADER 0
2361 #ifndef ICMP6_PARAMPROB_NEXTHEADER
2362 # define ICMP6_PARAMPROB_NEXTHEADER 1
2364 #ifndef ICMP6_PARAMPROB_OPTION
2365 # define ICMP6_PARAMPROB_OPTION 2
2368 #ifndef ICMP6_NI_SUBJ_IPV6
2369 # define ICMP6_NI_SUBJ_IPV6 0
2371 #ifndef ICMP6_NI_SUBJ_FQDN
2372 # define ICMP6_NI_SUBJ_FQDN 1
2374 #ifndef ICMP6_NI_SUBJ_IPV4
2375 # define ICMP6_NI_SUBJ_IPV4 2
2378 #if !defined(IPV6_FLOWINFO_MASK)
2379 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
2380 # define IPV6_FLOWINFO_MASK 0x0fffffff /* flow info (28 bits) */
2382 # if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
2383 # define IPV6_FLOWINFO_MASK 0xffffff0f /* flow info (28 bits) */
2384 # endif /* LITTLE_ENDIAN */
2387 #if !defined(IPV6_FLOWLABEL_MASK)
2388 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
2389 # define IPV6_FLOWLABEL_MASK 0x000fffff /* flow label (20 bits) */
2391 # if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
2392 # define IPV6_FLOWLABEL_MASK 0xffff0f00 /* flow label (20 bits) */
2393 # endif /* LITTLE_ENDIAN */
2398 * ECN is a new addition to TCP - RFC 2481
2401 # define TH_ECN 0x40
2404 # define TH_CWR 0x80
2406 #define TH_ECNALL (TH_ECN|TH_CWR)
2411 #define IPF_TCPS_LISTEN 0 /* listening for connection */
2412 #define IPF_TCPS_SYN_SENT 1 /* active, have sent syn */
2413 #define IPF_TCPS_SYN_RECEIVED 2 /* have send and received syn */
2414 #define IPF_TCPS_HALF_ESTAB 3 /* for connections not fully "up" */
2415 /* states < IPF_TCPS_ESTABLISHED are those where connections not established */
2416 #define IPF_TCPS_ESTABLISHED 4 /* established */
2417 #define IPF_TCPS_CLOSE_WAIT 5 /* rcvd fin, waiting for close */
2418 /* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */
2419 #define IPF_TCPS_FIN_WAIT_1 6 /* have closed, sent fin */
2420 #define IPF_TCPS_CLOSING 7 /* closed xchd FIN; await FIN ACK */
2421 #define IPF_TCPS_LAST_ACK 8 /* had fin and close; await FIN ACK */
2422 /* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */
2423 #define IPF_TCPS_FIN_WAIT_2 9 /* have closed, fin is acked */
2424 #define IPF_TCPS_TIME_WAIT 10 /* in 2*msl quiet wait after close */
2425 #define IPF_TCPS_CLOSED 11 /* closed */
2426 #define IPF_TCP_NSTATES 12
2430 #undef ICMP_MAX_UNREACH
2431 #define ICMP_MAX_UNREACH 14
2433 #define ICMP_MAXTYPE 18
2440 # define LOG_FTP (11<<3)
2442 #ifndef LOG_AUTHPRIV
2443 # define LOG_AUTHPRIV (10<<3)
2446 # define LOG_AUDIT (13<<3)
2449 # define LOG_NTP (12<<3)
2451 #ifndef LOG_SECURITY
2452 # define LOG_SECURITY (13<<3)
2455 # define LOG_LFMT (14<<3)
2458 # define LOG_CONSOLE (14<<3)
2462 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data,
2463 * another IP header and then 64 bits of data, totalling 56. Of course,
2464 * the last 64 bits is dependent on that being available.
2466 #define ICMPERR_ICMPHLEN 8
2467 #define ICMPERR_IPICMPHLEN (20 + 8)
2468 #define ICMPERR_MINPKTLEN (20 + 8 + 20)
2469 #define ICMPERR_MAXPKTLEN (20 + 8 + 20 + 8)
2470 #define ICMP6ERR_MINPKTLEN (40 + 8)
2471 #define ICMP6ERR_IPICMPHLEN (40 + 8 + 40)
2474 # define MIN(a,b) (((a)<(b))?(a):(b))
2478 # define DPRINT(x) printf x
2484 # undef IPFILTER_BPF
2487 #ifndef DTRACE_PROBE
2488 # define DTRACE_PROBE(_x_)
2489 # define DTRACE_PROBE1(_x_, _t1_, _a1_)
2490 # define DTRACE_PROBE2(_x_, _t1_, _a1_, _t2_, _a2_)
2491 # define DTRACE_PROBE3(_x_, _t1_, _a1_, _t2_, _a2_, _t3_, _a3_)
2492 # define DTRACE_PROBE4(_x_, _t1_, _a1_, _t2_, _a2_, _t3_, _a3_, _t4_, _a4_)
2495 #ifndef IPF_IS_LOOPBACK
2496 # define IPF_IS_LOOPBACK(x) 0
2499 #endif /* __IP_COMPAT_H__ */