Sync usage with man page.
[netbsd-mini2440.git] / sys / dist / ipf / netinet / ip_compat.h
bloba81c838d86189839df2f8435715661ba8c64cfc4
1 /* $NetBSD: ip_compat.h,v 1.25 2009/08/19 08:36:10 darrenr Exp $ */
3 /*
4 * Copyright (C) 1993-2001, 2003 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
8 * @(#)ip_compat.h 1.8 1/14/96
9 * Id: ip_compat.h,v 2.142.2.77 2009/08/16 07:03:04 darrenr Exp
12 #ifndef _NETINET_IP_COMPAT_H_
13 #define _NETINET_IP_COMPAT_H_
15 #ifndef __P
16 # ifdef __STDC__
17 # define __P(x) x
18 # else
19 # define __P(x) ()
20 # endif
21 #endif
22 #ifndef __STDC__
23 # undef const
24 # define const
25 #endif
27 #if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__)
28 # undef KERNEL
29 # undef _KERNEL
30 # undef __KERNEL__
31 # define KERNEL
32 # define _KERNEL
33 # define __KERNEL__
34 #endif
36 #ifndef SOLARIS
37 #define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
38 #endif
39 #if (defined(SOLARIS2) && (SOLARIS2 >= 8))
40 # ifndef USE_INET6
41 # define USE_INET6
42 # endif
43 #endif
44 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \
45 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6)
46 # define USE_INET6
47 #endif
48 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105000000) && \
49 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6)
50 # define USE_INET6
51 #endif
52 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106140000) && \
53 defined(_KERNEL) && !defined(IPFILTER_LKM)
54 # define IPFILTER_M_IPFILTER
55 #endif
56 #if defined(OpenBSD) && (OpenBSD >= 200206) && \
57 !defined(_KERNEL) && !defined(USE_INET6)
58 # define USE_INET6
59 #endif
60 #if defined(__osf__)
61 # define USE_INET6
62 #endif
63 #if defined(linux) && (!defined(_KERNEL) || defined(CONFIG_IPV6))
64 # define USE_INET6
65 #endif
66 #if defined(HPUXREV) && (HPUXREV >= 1111)
67 # define USE_INET6
68 #endif
70 #if defined(BSD) && (BSD < 199103) && defined(__osf__)
71 # undef BSD
72 # define BSD 199103
73 #endif
75 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
76 # define index strchr
77 # if !defined(_KERNEL)
78 # define bzero(a,b) memset(a,0,b)
79 # define bcmp memcmp
80 # define bcopy(a,b,c) memmove(b,a,c)
81 # endif
82 #endif
84 #ifndef LIFNAMSIZ
85 # ifdef IF_NAMESIZE
86 # define LIFNAMSIZ IF_NAMESIZE
87 # else
88 # ifdef IFNAMSIZ
89 # define LIFNAMSIZ IFNAMSIZ
90 # else
91 # define LIFNAMSIZ 16
92 # endif
93 # endif
94 #endif
96 #if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux)
97 struct ether_addr {
98 u_char ether_addr_octet[6];
100 #endif
102 #if defined(__sgi) && !defined(IPFILTER_LKM)
103 # ifdef __STDC__
104 # define IPL_EXTERN(ep) ipfilter##ep
105 # else
106 # define IPL_EXTERN(ep) ipfilter/**/ep
107 # endif
108 #else
109 # ifdef __STDC__
110 # define IPL_EXTERN(ep) ipl##ep
111 # else
112 # define IPL_EXTERN(ep) ipl/**/ep
113 # endif
114 #endif
117 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD.
119 #ifndef linux
120 # ifndef _KERNEL
121 # define ADD_KERNEL
122 # define _KERNEL
123 # define KERNEL
124 # endif
125 # ifdef __OpenBSD__
126 struct file;
127 # endif
128 # include <sys/uio.h>
129 # ifdef ADD_KERNEL
130 # undef _KERNEL
131 # undef KERNEL
132 # endif
133 #endif
136 /* ----------------------------------------------------------------------- */
137 /* S O L A R I S */
138 /* ----------------------------------------------------------------------- */
139 #if SOLARIS
140 # define MENTAT 1
141 # include <sys/cmn_err.h>
142 # include <sys/isa_defs.h>
143 # include <sys/stream.h>
144 # include <sys/ioccom.h>
145 # include <sys/sysmacros.h>
146 # include <sys/kmem.h>
147 # if SOLARIS2 >= 10
148 # include <sys/procset.h>
149 # include <sys/proc.h>
150 # include <sys/devops.h>
151 # include <sys/ddi_impldefs.h>
152 # endif
154 * because Solaris 2 defines these in two places :-/
156 # ifndef KERNEL
157 # define _KERNEL
158 # undef RES_INIT
159 # endif /* _KERNEL */
161 # if SOLARIS2 >= 8
162 # include <netinet/ip6.h>
163 # include <netinet/icmp6.h>
164 # endif
166 # include <inet/common.h>
167 /* These 5 are defined in <inet/ip.h> and <netinet/ip.h> */
168 # undef IPOPT_EOL
169 # undef IPOPT_NOP
170 # undef IPOPT_LSRR
171 # undef IPOPT_RR
172 # undef IPOPT_SSRR
173 # ifdef i386
174 # define _SYS_PROMIF_H
175 # endif
176 # ifndef _KERNEL
177 # include "radix_ipf.h"
178 # else
179 # include "radix_ipf_local.h"
180 # endif
181 # include <inet/mib2.h>
182 # include <inet/ip.h>
183 # undef COPYOUT
184 # if !defined(_SYS_NETI_H)
185 # include <inet/ip_ire.h>
186 # endif
187 # ifndef KERNEL
188 # undef _KERNEL
189 # endif
190 # if SOLARIS2 >= 8
191 # define SNPRINTF snprintf
193 # include <inet/ip_if.h>
194 # define ipif_local_addr ipif_lcl_addr
195 /* Only defined in private include file */
196 # ifndef V4_PART_OF_V6
197 # define V4_PART_OF_V6(v6) v6.s6_addr32[3]
198 # endif
199 struct ip6_ext {
200 u_char ip6e_nxt;
201 u_char ip6e_len;
203 # endif /* SOLARIS2 >= 8 */
205 # if SOLARIS2 >= 6
206 # include <sys/atomic.h>
207 typedef uint32_t u_32_t;
208 # else
209 typedef unsigned int u_32_t;
210 # endif
211 # define U_32_T 1
212 # if SOLARIS2 >= 7
213 # define U_QUAD_T uint64_t
214 # define QUAD_T int64_t
215 # endif
217 # ifdef _KERNEL
218 # define NEED_LOCAL_RAND 1
219 # define ipf_random arc4random
220 # define KRWLOCK_T krwlock_t
221 # define KMUTEX_T kmutex_t
223 # if !defined(FW_HOOKS)
224 # include "qif.h"
225 # include "pfil.h"
226 # else
227 # include <sys/neti.h>
229 extern net_handle_t ipfipv4;
230 extern net_handle_t ipfipv6;
233 typedef struct qpktinfo {
234 void *qpi_data;
235 mblk_t **qpi_mp;
236 mblk_t *qpi_m;
237 uintptr_t qpi_real;
238 int qpi_flags;
239 int qpi_num;
240 int qpi_off;
241 } qpktinfo_t;
242 # define QF_GROUP 0x01
243 # endif
245 # if SOLARIS2 >= 6
246 # if SOLARIS2 == 6
247 # define ATOMIC_INCL(x) atomic_add_long((uint32_t*)&(x), 1)
248 # define ATOMIC_DECL(x) atomic_add_long((uint32_t*)&(x), -1)
249 # else
250 # define ATOMIC_INCL(x) atomic_add_long(&(x), 1)
251 # define ATOMIC_DECL(x) atomic_add_long(&(x), -1)
252 # endif /* SOLARIS2 == 6 */
253 # define ATOMIC_INC64(x) atomic_add_64((uint64_t*)&(x), 1)
254 # define ATOMIC_INC32(x) atomic_add_32((uint32_t*)&(x), 1)
255 # define ATOMIC_INC16(x) atomic_add_16((uint16_t*)&(x), 1)
256 # define ATOMIC_DEC64(x) atomic_add_64((uint64_t*)&(x), -1)
257 # define ATOMIC_DEC32(x) atomic_add_32((uint32_t*)&(x), -1)
258 # define ATOMIC_DEC16(x) atomic_add_16((uint16_t*)&(x), -1)
259 # else
260 # define ATOMIC_INC(x) { mutex_enter(&ipf_rw); (x)++; \
261 mutex_exit(&ipf_rw); }
262 # define ATOMIC_DEC(x) { mutex_enter(&ipf_rw); (x)--; \
263 mutex_exit(&ipf_rw); }
264 # endif /* SOLARIS2 >= 6 */
265 # define USE_MUTEXES
266 # define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk)
267 # define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER)
268 # define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER)
269 # define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk)
270 # define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk, (y), \
271 RW_DRIVER, NULL)
272 # define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk)
273 # define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk)
274 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, (y), \
275 MUTEX_DRIVER, NULL)
276 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
277 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
278 # define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk)
279 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
280 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
281 # define BCOPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
282 # define BCOPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
283 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
284 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
285 # define KFREES(x,s) kmem_free((char *)(x), (s))
286 # define SPL_SCHED(x) ;
287 # define SPL_NET(x) ;
288 # define SPL_IMP(x) ;
289 # undef SPL_X
290 # define SPL_X(x) ;
291 # ifdef sparc
292 # define ntohs(x) (x)
293 # define ntohl(x) (x)
294 # define htons(x) (x)
295 # define htonl(x) (x)
296 # endif /* sparc */
297 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
298 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP)
299 # define GET_MINOR(x) getminor(x)
300 extern void *get_unit __P((char *, int));
301 # define GETIFP(n, v) get_unit(n, v)
302 # if defined(_INET_IP_STACK_H)
303 # define COPYIFNAME(v, x, b) \
304 do { \
305 if ((v) == 4) { \
306 (void) net_getifname(ipfipv4,\
307 (uintptr_t)x, b, \
308 LIFNAMSIZ); \
309 } else { \
310 (void) net_getifname(ipfipv6,\
311 (uintptr_t)x, b, \
312 LIFNAMSIZ); \
314 } while (0)
315 # else
316 # define FASTROUTE_RECURSION 1
317 # define COPYIFNAME(v, x, b) \
318 (void) strncpy(b, ((qif_t *)x)->qf_name, \
319 LIFNAMSIZ)
320 # endif
321 # define GETKTIME(x) uniqtime((struct timeval *)x)
322 # define MSGDSIZE(x) msgdsize(x)
323 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr)
324 # define M_DUPLICATE(x) dupmsg((x))
325 # define MTOD(m,t) ((t)((m)->b_rptr))
326 # define MTYPE(m) ((m)->b_datap->db_type)
327 # define FREE_MB_T(m) freemsg(m)
328 # define m_next b_cont
329 # if !defined(_INET_IP_STACK_H)
330 # define CACHE_HASH(x) (((qpktinfo_t *)(x)->fin_qpi)->qpi_num & 7)
331 # else
332 # define CACHE_HASH(x) ((uintptr_t)(x)->fin_ifp & 7)
333 # endif
334 # define IPF_PANIC(x,y) if (x) { printf y; cmn_err(CE_PANIC, "ipf_panic"); }
335 typedef mblk_t mb_t;
336 # endif /* _KERNEL */
338 # if (SOLARIS2 >= 7)
339 # ifdef lint
340 # define ALIGN32(ptr) (ptr ? 0L : 0L)
341 # define ALIGN16(ptr) (ptr ? 0L : 0L)
342 # else
343 # define ALIGN32(ptr) (ptr)
344 # define ALIGN16(ptr) (ptr)
345 # endif
346 # endif
348 # if SOLARIS2 < 6
349 typedef struct uio uio_t;
350 # endif
351 typedef int ioctlcmd_t;
352 typedef uint8_t u_int8_t;
354 # define OS_RECOGNISED 1
356 #endif /* SOLARIS */
358 /* ----------------------------------------------------------------------- */
359 /* H P U X */
360 /* ----------------------------------------------------------------------- */
361 #ifdef __hpux
362 # define MENTAT 1
363 # include <sys/sysmacros.h>
364 # include <sys/spinlock.h>
365 # include <sys/lock.h>
366 # include <sys/stream.h>
367 # ifdef USE_INET6
368 # include <netinet/if_ether.h>
369 # include <netinet/ip6.h>
370 # include <netinet/icmp6.h>
371 typedef struct ip6_hdr ip6_t;
372 # endif
374 # ifdef _KERNEL
375 # define FASTROUTE_RECURSION 1
376 # define SNPRINTF sprintf
377 # if (HPUXREV >= 1111)
378 # define IPL_SELECT
379 # ifdef IPL_SELECT
380 # include <machine/sys/user.h>
381 # include <sys/kthread_iface.h>
382 # define READ_COLLISION 0x01
384 typedef struct iplog_select_s {
385 kthread_t *read_waiter;
386 int state;
387 } iplog_select_t;
388 # endif
389 # endif
391 # define GETKTIME(x) uniqtime((struct timeval *)x)
393 # if HPUXREV == 1111
394 # include "kern_svcs.h"
395 # else
396 # include <sys/kern_svcs.h>
397 # endif
398 # undef ti_flags
399 # undef TCP_NODELAY
400 # undef TCP_MAXSEG
401 # include <sys/reg.h>
402 # include "../netinet/ip_info.h"
404 * According to /usr/include/sys/spinlock.h on HP-UX 11.00, these functions
405 * are available. Attempting to use them actually results in unresolved
406 * symbols when it comes time to load the module.
407 * This has been fixed! Yipee!
409 # if 1
410 # ifdef __LP64__
411 # define ATOMIC_INCL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
412 # define ATOMIC_DECL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
413 # else
414 # define ATOMIC_INCL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
415 # define ATOMIC_DECL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
416 # endif
417 # define ATOMIC_INC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
418 # define ATOMIC_INC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
419 # define ATOMIC_INC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), 1)
420 # define ATOMIC_DEC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
421 # define ATOMIC_DEC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
422 # define ATOMIC_DEC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), -1)
423 # else /* 0 */
424 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
425 MUTEX_EXIT(&ipf_rw); }
426 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
427 MUTEX_EXIT(&ipf_rw); }
428 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
429 MUTEX_EXIT(&ipf_rw); }
430 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
431 MUTEX_EXIT(&ipf_rw); }
432 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
433 MUTEX_EXIT(&ipf_rw); }
434 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
435 MUTEX_EXIT(&ipf_rw); }
436 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
437 MUTEX_EXIT(&ipf_rw); }
438 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
439 MUTEX_EXIT(&ipf_rw); }
440 # endif
441 # define ip_cksum ip_csuma
442 # define memcpy(a,b,c) bcopy((void *)b, (void *)a, c)
443 # define USE_MUTEXES
444 # define MUTEX_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, (y))
445 # define MUTEX_ENTER(x) spinlock(&(x)->ipf_lk)
446 # define MUTEX_EXIT(x) spinunlock(&(x)->ipf_lk);
447 # define MUTEX_DESTROY(x)
448 # define MUTEX_NUKE(x) bzero((char *)(x), sizeof(*(x)))
449 # define KMUTEX_T lock_t
450 # define kmutex_t lock_t /* for pfil.h */
451 # define krwlock_t lock_t /* for pfil.h */
453 * The read-write lock implementation in HP-UX 11.0 is crippled - it can
454 * only be used by threads working in a user context!
455 * This has been fixed! Yipee! (Or at least it does in 11.00, not 11.11..)
457 # if HPUXREV < 1111
458 # define MUTEX_DOWNGRADE(x) lock_write_to_read(x)
459 # define KRWLOCK_T struct rw_lock
460 # define READ_ENTER(x) lock_read(&(x)->ipf_lk)
461 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk)
462 # if HPUXREV >= 1111
463 # define RWLOCK_INIT(x, y) rwlock_init4(&(x)->ipf_lk, 0, RWLCK_CANSLEEP, 0, y)
464 # else
465 # define RWLOCK_INIT(x, y) lock_init3(&(x)->ipf_lk, 0, 1, 0, 0, y)
466 # endif
467 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk)
468 # else
469 # define KRWLOCK_T lock_t
470 # define KMUTEX_T lock_t
471 # define READ_ENTER(x) MUTEX_ENTER(x)
472 # define WRITE_ENTER(x) MUTEX_ENTER(x)
473 # define MUTEX_DOWNGRADE(x)
474 # define RWLOCK_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, y)
475 # define RWLOCK_EXIT(x) MUTEX_EXIT(x)
476 # endif
477 # define RW_DESTROY(x)
478 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
479 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
480 # define SPL_SCHED(x) ;
481 # define SPL_NET(x) ;
482 # define SPL_IMP(x) ;
483 # undef SPL_X
484 # define SPL_X(x) ;
485 extern void *get_unit __P((char *, int));
486 # define GETIFP(n, v) get_unit(n, v)
487 # define COPYIFNAME(v, x, b) \
488 (void) strncpy(b, ((qif_t *)x)->qf_name, \
489 LIFNAMSIZ)
490 # define UIOMOVE(a,b,c,d) uiomove((void *)a,b,c,d)
491 # define SLEEP(id, n) { lock_t *_l = get_sleep_lock((void *)id); \
492 sleep(id, PZERO+1); \
493 spinunlock(_l); \
495 # define WAKEUP(id,x) { lock_t *_l = get_sleep_lock((void *)id); \
496 wakeup(id + x); \
497 spinunlock(_l); \
499 # define POLLWAKEUP(x) ;
500 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_IOSYS, M_NOWAIT)
501 # define KMALLOCS(a, b, c) (a) = (b)malloc((c), M_IOSYS, M_NOWAIT)
502 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
503 # define KFREES(x,s) kmem_free((char *)(x), (s))
504 # define MSGDSIZE(x) msgdsize(x)
505 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr)
506 # define M_DUPLICATE(x) dupmsg((x))
507 # define MTOD(m,t) ((t)((m)->b_rptr))
508 # define MTYPE(m) ((m)->b_datap->db_type)
509 # define FREE_MB_T(m) freemsg(m)
510 # define m_next b_cont
511 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
512 typedef mblk_t mb_t;
514 # define CACHE_HASH(x) (((qpktinfo_t *)(x)->fin_qpi)->qpi_num & 7)
516 # include "qif.h"
517 # include "pfil.h"
519 # else /* _KERNEL */
521 typedef unsigned char uchar_t;
523 # ifndef _SYS_STREAM_INCLUDED
524 typedef char * mblk_t;
525 typedef void *queue_t;
526 typedef u_long ulong;
527 # endif
528 # include <netinet/ip_info.h>
530 # endif /* _KERNEL */
532 # ifdef lint
533 # define ALIGN32(ptr) (ptr ? 0L : 0L)
534 # define ALIGN16(ptr) (ptr ? 0L : 0L)
535 # else
536 # define ALIGN32(ptr) (ptr)
537 # define ALIGN16(ptr) (ptr)
538 # endif
540 typedef struct uio uio_t;
541 typedef int ioctlcmd_t;
542 typedef int minor_t;
543 typedef unsigned int u_32_t;
544 # define U_32_T 1
546 # define OS_RECOGNISED 1
548 #endif /* __hpux */
550 /* ----------------------------------------------------------------------- */
551 /* I R I X */
552 /* ----------------------------------------------------------------------- */
553 #ifdef __sgi
554 # undef MENTAT
555 # if IRIX < 60500
556 typedef struct uio uio_t;
557 # endif
558 typedef int ioctlcmd_t;
559 typedef u_int32_t u_32_t;
560 # define U_32_T 1
562 # ifdef INET6
563 # define USE_INET6
564 # endif
566 # define hz HZ
567 # include <sys/ksynch.h>
568 # define IPF_LOCK_PL plhi
569 # include <sys/sema.h>
570 # undef kmutex_t
571 typedef struct {
572 lock_t *l;
573 int pl;
574 } kmutex_t;
576 # ifdef MUTEX_INIT
577 # define KMUTEX_T mutex_t
578 # else
579 # define KMUTEX_T kmutex_t
580 # define KRWLOCK_T kmutex_t
581 # endif
583 # ifdef _KERNEL
584 # define NEED_LOCAL_RAND 1
585 # define ipf_random arc4random
586 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); \
587 (x)++; MUTEX_EXIT(&ipf_rw); }
588 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); \
589 (x)--; MUTEX_EXIT(&ipf_rw); }
590 # define USE_MUTEXES
591 # ifdef MUTEX_INIT
592 # include <sys/atomic_ops.h>
593 # define ATOMIC_INCL(x) atomicAddUlong(&(x), 1)
594 # define ATOMIC_INC64(x) atomicAddUint64(&(x), 1)
595 # define ATOMIC_INC32(x) atomicAddUint(&(x), 1)
596 # define ATOMIC_INC16 ATOMIC_INC
597 # define ATOMIC_DECL(x) atomicAddUlong(&(x), -1)
598 # define ATOMIC_DEC64(x) atomicAddUint64(&(x), -1)
599 # define ATOMIC_DEC32(x) atomicAddUint(&(x), -1)
600 # define ATOMIC_DEC16 ATOMIC_DEC
601 # undef MUTEX_INIT
602 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, \
603 MUTEX_DEFAULT, y)
604 # undef MUTEX_ENTER
605 # define MUTEX_ENTER(x) mutex_lock(&(x)->ipf_lk, 0)
606 # undef MUTEX_EXIT
607 # define MUTEX_EXIT(x) mutex_unlock(&(x)->ipf_lk)
608 # undef MUTEX_DESTROY
609 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
610 # define MUTEX_DOWNGRADE(x) mrdemote(&(x)->ipf_lk)
611 # define KRWLOCK_T mrlock_t
612 # define RWLOCK_INIT(x, y) mrinit(&(x)->ipf_lk, y)
613 # undef RW_DESTROY
614 # define RW_DESTROY(x) mrfree(&(x)->ipf_lk)
615 # define READ_ENTER(x) RW_RDLOCK(&(x)->ipf_lk)
616 # define WRITE_ENTER(x) RW_WRLOCK(&(x)->ipf_lk)
617 # define RWLOCK_EXIT(x) RW_UNLOCK(&(x)->ipf_lk)
618 # else
619 # define READ_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk)
620 # define WRITE_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk)
621 # define MUTEX_DOWNGRADE(x) ;
622 # define RWLOCK_EXIT(x) MUTEX_EXIT(&(x)->ipf_lk)
623 # define MUTEX_EXIT(x) UNLOCK((x)->ipf_lk.l, (x)->ipf_lk.pl);
624 # define MUTEX_INIT(x,y) (x)->ipf_lk.l = LOCK_ALLOC((uchar_t)-1, IPF_LOCK_PL, (lkinfo_t *)-1, KM_NOSLEEP)
625 # define MUTEX_DESTROY(x) LOCK_DEALLOC((x)->ipf_lk.l)
626 # define MUTEX_ENTER(x) (x)->ipf_lk.pl = LOCK((x)->ipf_lk.l, \
627 IPF_LOCK_PL);
628 # endif
629 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
630 # define FREE_MB_T(m) m_freem(m)
631 # define MTOD(m,t) mtod(m,t)
632 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
633 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
634 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
635 # define SLEEP(id, n) sleep((id), PZERO+1)
636 # define WAKEUP(id,x) wakeup(id+x)
637 # define POLLWAKEUP(x) ;
638 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
639 # define KFREES(x,s) kmem_free((char *)(x), (s))
640 # define GETIFP(n,v) ifunit(n)
641 # include <sys/kmem.h>
642 # include <sys/ddi.h>
643 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
644 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP)
645 # define GET_MINOR(x) getminor(x)
646 # define USE_SPL 1
647 # define SPL_IMP(x) (x) = splimp()
648 # define SPL_NET(x) (x) = splnet()
649 # define SPL_SCHED(x) (x) = splsched()
650 # define SPL_X(x) (void) splx(x)
651 extern void m_copydata __P((struct mbuf *, int, int, void *));
652 extern void m_copyback __P((struct mbuf *, int, int, void *));
653 # define MSGDSIZE(x) mbufchainlen(x)
654 # define M_LEN(x) (x)->m_len
655 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
656 # define GETKTIME(x) microtime((struct timeval *)x)
657 # define IFNAME(x) ((struct ifnet *)x)->if_name
658 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
659 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
660 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
661 typedef struct mbuf mb_t;
662 # else
663 # undef RW_DESTROY
664 # undef MUTEX_INIT
665 # undef MUTEX_DESTROY
666 # endif /* _KERNEL */
668 # define OS_RECOGNISED 1
670 #endif /* __sgi */
672 /* ----------------------------------------------------------------------- */
673 /* T R U 6 4 */
674 /* ----------------------------------------------------------------------- */
675 #ifdef __osf__
676 # undef MENTAT
678 # include <kern/lock.h>
679 # include <sys/sysmacros.h>
681 # ifdef _KERNEL
682 # define NEED_LOCAL_RAND 1
683 # define ipf_random arc4random
684 # define KMUTEX_T simple_lock_data_t
685 # define KRWLOCK_T lock_data_t
686 # include <net/net_globals.h>
687 # define USE_MUTEXES
688 # define READ_ENTER(x) lock_read(&(x)->ipf_lk)
689 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk)
690 # define MUTEX_DOWNGRADE(x) lock_write_to_read(&(x)->ipf_lk)
691 # define RWLOCK_INIT(x, y) lock_init(&(x)->ipf_lk, TRUE)
692 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk)
693 # define RW_DESTROY(x) lock_terminate(&(x)->ipf_lk)
694 # define MUTEX_ENTER(x) simple_lock(&(x)->ipf_lk)
695 # define MUTEX_INIT(x, y) simple_lock_init(&(x)->ipf_lk)
696 # define MUTEX_DESTROY(x) simple_lock_terminate(&(x)->ipf_lk)
697 # define MUTEX_EXIT(x) simple_unlock(&(x)->ipf_lk)
698 # define MUTEX_NUKE(x) bzero(x, sizeof(*(x)))
699 # define ATOMIC_INC64(x) atomic_incq((uint64_t*)&(x))
700 # define ATOMIC_DEC64(x) atomic_decq((uint64_t*)&(x))
701 # define ATOMIC_INC32(x) atomic_incl((uint32_t*)&(x))
702 # define ATOMIC_DEC32(x) atomic_decl((uint32_t*)&(x))
703 # define ATOMIC_INC16(x) { simple_lock(&ipf_rw.ipf_lk); (x)++; \
704 simple_unlock(&ipf_rw.ipf_lk); }
705 # define ATOMIC_DEC16(x) { simple_lock(&ipf_rw.ipf_lk); (x)--; \
706 simple_unlock(&ipf_rw.ipf_lk); }
707 # define ATOMIC_INCL(x) atomic_incl((uint32_t*)&(x))
708 # define ATOMIC_DECL(x) atomic_decl((uint32_t*)&(x))
709 # define ATOMIC_INC(x) { simple_lock(&ipf_rw.ipf_lk); (x)++; \
710 simple_unlock(&ipf_rw.ipf_lk); }
711 # define ATOMIC_DEC(x) { simple_lock(&ipf_rw.ipf_lk); (x)--; \
712 simple_unlock(&ipf_rw.ipf_lk); }
713 # define SPL_SCHED(x) ;
714 # define SPL_NET(x) ;
715 # define SPL_IMP(x) ;
716 # undef SPL_X
717 # define SPL_X(x) ;
718 # define UIOMOVE(a,b,c,d) uiomove((void *)a, b, d)
719 # define FREE_MB_T(m) m_freem(m)
720 # define MTOD(m,t) mtod(m,t)
721 # define GETIFP(n, v) ifunit(n)
722 # define GET_MINOR getminor
723 # define WAKEUP(id,x) wakeup(id + x)
724 # define POLLWAKEUP(x) ;
725 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
726 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
727 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_PFILT, M_NOWAIT)
728 # define KMALLOCS(a, b, c) (a) = (b)malloc((c), M_PFILT, \
729 ((c) > 4096) ? M_WAITOK : M_NOWAIT)
730 # define KFREE(x) FREE((x), M_PFILT)
731 # define KFREES(x,s) FREE((x), M_PFILT)
732 # define MSGDSIZE(x) mbufchainlen(x)
733 # define M_LEN(x) (x)->m_len
734 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
735 # define GETKTIME(x) microtime((struct timeval *)x)
736 # define IFNAME(x) ((struct ifnet *)x)->if_name
737 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
738 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
739 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
740 typedef struct mbuf mb_t;
741 # endif /* _KERNEL */
743 # if (defined(_KERNEL) || defined(_NO_BITFIELDS) || (__STDC__ == 1))
744 # define IP_V(x) ((x)->ip_vhl >> 4)
745 # define IP_HL(x) ((x)->ip_vhl & 0xf)
746 # define IP_V_A(x,y) (x)->ip_vhl |= (((y) << 4) & 0xf0)
747 # define IP_HL_A(x,y) (x)->ip_vhl |= ((y) & 0xf)
748 # define TCP_X2(x) ((x)->th_xoff & 0xf)
749 # define TCP_X2_A(x,y) (x)->th_xoff |= ((y) & 0xf)
750 # define TCP_OFF(x) ((x)->th_xoff >> 4)
751 # define TCP_OFF_A(x,y) (x)->th_xoff |= (((y) << 4) & 0xf0)
752 # endif
755 * These are from's Solaris' #defines for little endian.
757 #define IP6F_MORE_FRAG 0x0100
758 #define IP6F_RESERVED_MASK 0x0600
759 #define IP6F_OFF_MASK 0xf8ff
761 struct ip6_ext {
762 u_char ip6e_nxt;
763 u_char ip6e_len;
766 typedef int ioctlcmd_t;
768 * Really, any arch where sizeof(long) != sizeof(int).
770 typedef unsigned int u_32_t;
771 # define U_32_T 1
773 # define OS_RECOGNISED 1
774 #endif /* __osf__ */
776 /* ----------------------------------------------------------------------- */
777 /* N E T B S D */
778 /* ----------------------------------------------------------------------- */
779 #ifdef __NetBSD__
780 # if (NetBSD >= 199905) && !defined(IPFILTER_LKM) && defined(_KERNEL)
781 # if (__NetBSD_Version__ < 399001400)
782 # include "opt_ipfilter_log.h"
783 # else
784 # include "opt_ipfilter.h"
785 # endif
786 # endif
787 # if defined(_KERNEL)
788 # include <sys/systm.h>
789 # else
790 # include <stddef.h>
791 # endif
792 # if defined(_KERNEL) && !defined(IPFILTER_LKM)
793 # include "bpfilter.h"
794 # if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000)
795 # include "opt_inet.h"
796 # endif
797 # ifdef INET6
798 # define USE_INET6
799 # endif
800 # if (__NetBSD_Version__ >= 105000000)
801 # define HAVE_M_PULLDOWN 1
802 # endif
803 # endif
805 # define ipf_random arc4random
807 # if (__NetBSD_Version__ >= 499000000)
808 # ifdef _KERNEL
809 # include <sys/rwlock.h>
810 # define USE_MUTEXES 1
811 # define KMUTEX_T kmutex_t
812 # define KRWLOCK_T krwlock_t
813 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
814 # define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk)
815 # define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk)
816 # define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk)
817 # define MUTEX_INIT(x,y) mutex_init(&(x)->ipf_lk, MUTEX_DRIVER,\
818 IPL_SOFTNET)
819 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
820 # define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER)
821 # define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk)
822 # define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk)
823 # define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk)
824 # define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER)
825 # define SPL_SCHED(x) ;
826 # define SPL_NET(x) ;
827 # define SPL_IMP(x) ;
828 # define SPL_X(x) ;
829 # endif
830 # endif
832 # ifdef _KERNEL
833 # define ipf_random arc4random
834 # if (__NetBSD_Version__ >= 399001400)
835 # define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT)
836 # endif
837 # define MSGDSIZE(x) mbufchainlen(x)
838 # define M_LEN(x) (x)->m_len
839 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
840 # define GETKTIME(x) microtime((struct timeval *)x)
841 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
842 # define COPYIN(a,b,c) copyin((void *)(a), (void *)(b), (c))
843 # define COPYOUT(a,b,c) copyout((void *)(a), (void *)(b), (c))
844 # define BCOPYIN(a,b,c) (bcopy((void *)(a), (void *)(b), (c)), 0)
845 # define BCOPYOUT(a,b,c) (bcopy((void *)(a), (void *)(b), (c)), 0)
846 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 499005500))
847 # define POLLWAKEUP(x) selnotify(ipfselwait+x, 0, 0)
848 # endif
849 typedef struct mbuf mb_t;
850 # endif /* _KERNEL */
851 # if (NetBSD <= 1991011) && (NetBSD >= 199606)
852 # define IFNAME(x) ((struct ifnet *)x)->if_xname
853 # define COPYIFNAME(v, x, b) \
854 (void) strncpy(b, \
855 ((struct ifnet *)x)->if_xname, \
856 LIFNAMSIZ)
857 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7)
858 # else
859 # define IFNAME(x) ((struct ifnet *)x)->if_name
860 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
861 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
862 # endif
863 typedef struct uio uio_t;
864 typedef u_long ioctlcmd_t;
865 typedef int minor_t;
866 typedef u_int32_t u_32_t;
867 # define U_32_T 1
869 # define OS_RECOGNISED 1
870 #endif /* __NetBSD__ */
873 /* ----------------------------------------------------------------------- */
874 /* F R E E B S D */
875 /* ----------------------------------------------------------------------- */
876 #ifdef __FreeBSD__
877 # if (__FreeBSD_version < 400000)
878 # define NEED_LOCAL_RAND 1
879 # endif
880 # if defined(_KERNEL)
881 # if (__FreeBSD_version >= 500000)
882 # include "opt_bpf.h"
883 # endif
884 # if defined(__FreeBSD_version) && (__FreeBSD_version >= 500000)
885 # include "opt_inet6.h"
886 # endif
887 # if defined(INET6) && !defined(USE_INET6)
888 # define USE_INET6
889 # endif
890 # endif
892 # if defined(_KERNEL)
893 # if (__FreeBSD_version >= 400000)
894 # define ipf_random arc4random
896 * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy.
897 * There may be other, safe, kernels but this is not extensively tested yet.
899 # define HAVE_M_PULLDOWN
900 # endif
901 # if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000)
902 # include "opt_ipfilter.h"
903 # endif
904 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
905 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
907 # if (__FreeBSD_version >= 500043)
908 # define NETBSD_PF
909 # endif
910 # endif /* _KERNEL */
912 # if (__FreeBSD_version >= 500043)
913 # include <sys/mutex.h>
914 # if (__FreeBSD_version > 700014)
915 # include <sys/rwlock.h>
916 # define KRWLOCK_T struct rwlock
917 # ifdef _KERNEL
918 # define READ_ENTER(x) rw_rlock(&(x)->ipf_lk)
919 # define WRITE_ENTER(x) rw_wlock(&(x)->ipf_lk)
920 # define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk)
921 # define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk, (y))
922 # define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk)
923 # define RWLOCK_EXIT(x) do { \
924 if (rw_wowned(&(x)->ipf_lk)) \
925 rw_wunlock(&(x)->ipf_lk); \
926 else \
927 rw_runlock(&(x)->ipf_lk); \
928 } while (0)
929 # endif
930 # else
931 # include <sys/sx.h>
933 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
934 * for what we want to use them for, despite testing showing they work -
935 * with a WITNESS kernel, it generates LOR messages.
937 # ifdef _KERNEL
938 # if (__FreeBSD_version < 700000)
939 # define KRWLOCK_T struct mtx
940 # define READ_ENTER(x) mtx_lock(&(x)->ipf_lk)
941 # define WRITE_ENTER(x) mtx_lock(&(x)->ipf_lk)
942 # define RWLOCK_EXIT(x) mtx_unlock(&(x)->ipf_lk)
943 # define MUTEX_DOWNGRADE(x) ;
944 # define RWLOCK_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\
945 MTX_DEF)
946 # define RW_DESTROY(x) mtx_destroy(&(x)->ipf_lk)
947 # else
948 # define KRWLOCK_T struct sx
949 # define READ_ENTER(x) sx_slock(&(x)->ipf_lk)
950 # define WRITE_ENTER(x) sx_xlock(&(x)->ipf_lk)
951 # define MUTEX_DOWNGRADE(x) sx_downgrade(&(x)->ipf_lk)
952 # define RWLOCK_INIT(x, y) sx_init(&(x)->ipf_lk, (y))
953 # define RW_DESTROY(x) sx_destroy(&(x)->ipf_lk)
954 # ifdef sx_unlock
955 # define RWLOCK_EXIT(x) sx_unlock(&(x)->ipf_lk)
956 # else
957 # define RWLOCK_EXIT(x) do { \
958 if ((x)->ipf_lk.sx_cnt < 0) \
959 sx_xunlock(&(x)->ipf_lk); \
960 else \
961 sx_sunlock(&(x)->ipf_lk); \
962 } while (0)
963 # endif
964 # endif
965 # endif
966 # endif
967 # define KMUTEX_T struct mtx
968 # endif
970 # if (__FreeBSD_version >= 501113)
971 # include <net/if_var.h>
972 # define IFNAME(x) ((struct ifnet *)x)->if_xname
973 # define COPYIFNAME(v, x, b) \
974 (void) strncpy(b, \
975 ((struct ifnet *)x)->if_xname, \
976 LIFNAMSIZ)
977 # endif
978 # if (__FreeBSD_version >= 500043)
979 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index) & 7)
980 # else
981 # define IFNAME(x) ((struct ifnet *)x)->if_name
982 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
983 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
984 # endif
986 # ifdef _KERNEL
987 # define GETKTIME(x) microtime((struct timeval *)x)
989 # if (__FreeBSD_version >= 500002)
990 # include <netinet/in_systm.h>
991 # include <netinet/ip.h>
992 # include <machine/in_cksum.h>
993 # endif
995 # if (__FreeBSD_version >= 500043)
996 # define USE_MUTEXES
997 # define MUTEX_ENTER(x) mtx_lock(&(x)->ipf_lk)
998 # define MUTEX_EXIT(x) mtx_unlock(&(x)->ipf_lk)
999 # define MUTEX_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\
1000 MTX_DEF)
1001 # define MUTEX_DESTROY(x) mtx_destroy(&(x)->ipf_lk)
1002 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
1003 # include <machine/atomic.h>
1004 # define ATOMIC_INC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)++; \
1005 mtx_unlock(&ipf_rw.ipf_lk); }
1006 # define ATOMIC_DEC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)--; \
1007 mtx_unlock(&ipf_rw.ipf_lk); }
1008 # define ATOMIC_INCL(x) atomic_add_long(&(x), 1)
1009 # define ATOMIC_INC64(x) ATOMIC_INC(x)
1010 # define ATOMIC_INC32(x) atomic_add_32((u_int *)&(x), 1)
1011 # define ATOMIC_INC16(x) atomic_add_16(&(x), 1)
1012 # define ATOMIC_DECL(x) atomic_add_long(&(x), -1)
1013 # define ATOMIC_DEC64(x) ATOMIC_DEC(x)
1014 # define ATOMIC_DEC32(x) atomic_add_32((u_int *)&(x), -1)
1015 # define ATOMIC_DEC16(x) atomic_add_16(&(x), -1)
1016 # define SPL_X(x) ;
1017 # define SPL_NET(x) ;
1018 # define SPL_IMP(x) ;
1019 # define SPL_SCHED(x) ;
1020 extern int in_cksum __P((struct mbuf *, int));
1021 # else
1022 # define SPL_SCHED(x) x = splhigh()
1023 # endif /* __FreeBSD_version >= 500043 */
1024 # define MSGDSIZE(x) mbufchainlen(x)
1025 # define M_LEN(x) (x)->m_len
1026 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1027 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1028 typedef struct mbuf mb_t;
1029 # endif /* _KERNEL */
1031 # if __FreeBSD__ < 3
1032 # include <machine/spl.h>
1033 # else
1034 # if __FreeBSD__ == 3
1035 # if defined(IPFILTER_LKM) && !defined(ACTUALLY_LKM_NOT_KERNEL)
1036 # define ACTUALLY_LKM_NOT_KERNEL
1037 # endif
1038 # endif
1039 # endif
1041 # if (__FreeBSD_version >= 300000)
1042 typedef u_long ioctlcmd_t;
1043 # else
1044 typedef int ioctlcmd_t;
1045 # endif
1046 typedef struct uio uio_t;
1047 typedef int minor_t;
1048 typedef u_int32_t u_32_t;
1049 # define U_32_T 1
1051 # define OS_RECOGNISED 1
1052 #endif /* __FreeBSD__ */
1055 /* ----------------------------------------------------------------------- */
1056 /* O P E N B S D */
1057 /* ----------------------------------------------------------------------- */
1058 #ifdef __OpenBSD__
1059 # ifdef INET6
1060 # define USE_INET6
1061 # endif
1063 # ifdef _KERNEL
1064 # if !defined(IPFILTER_LKM)
1065 # include "bpfilter.h"
1066 # endif
1067 # if (OpenBSD >= 200311)
1068 # define SNPRINTF snprintf
1069 # if defined(USE_INET6)
1070 # include "netinet6/in6_var.h"
1071 # include "netinet6/nd6.h"
1072 # endif
1073 # endif
1074 # if (OpenBSD >= 200012)
1075 # define HAVE_M_PULLDOWN 1
1076 # endif
1077 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
1078 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
1079 # define GETKTIME(x) microtime((struct timeval *)x)
1080 # define MSGDSIZE(x) mbufchainlen(x)
1081 # define M_LEN(x) (x)->m_len
1082 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1083 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1084 typedef struct mbuf mb_t;
1085 # endif /* _KERNEL */
1086 # if (OpenBSD >= 199603)
1087 # define IFNAME(x, b) ((struct ifnet *)x)->if_xname
1088 # define COPYIFNAME(v, x, b) \
1089 (void) strncpy(b, \
1090 ((struct ifnet *)x)->if_xname, \
1091 LIFNAMSIZ)
1092 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7)
1093 # else
1094 # define IFNAME(x, b) ((struct ifnet *)x)->if_name
1095 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1096 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1097 # endif
1099 typedef struct uio uio_t;
1100 typedef u_long ioctlcmd_t;
1101 typedef int minor_t;
1102 typedef u_int32_t u_32_t;
1103 # define U_32_T 1
1105 # define OS_RECOGNISED 1
1106 #endif /* __OpenBSD__ */
1109 /* ----------------------------------------------------------------------- */
1110 /* B S D O S */
1111 /* ----------------------------------------------------------------------- */
1112 #ifdef _BSDI_VERSION
1113 # ifdef INET6
1114 # define USE_INET6
1115 # endif
1117 # ifdef _KERNEL
1118 # define GETKTIME(x) microtime((struct timeval *)x)
1119 # define MSGDSIZE(x) mbufchainlen(x)
1120 # define M_LEN(x) (x)->m_len
1121 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1122 # define IFNAME(x, b) ((struct ifnet *)x)->if_name
1123 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1124 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1125 typedef struct mbuf mb_t;
1126 # endif /* _KERNEL */
1128 # if (_BSDI_VERSION >= 199701)
1129 typedef u_long ioctlcmd_t;
1130 # else
1131 typedef int ioctlcmd_t;
1132 # endif
1133 typedef u_int32_t u_32_t;
1134 # define U_32_T 1
1136 #endif /* _BSDI_VERSION */
1139 /* ----------------------------------------------------------------------- */
1140 /* S U N O S 4 */
1141 /* ----------------------------------------------------------------------- */
1142 #if defined(sun) && !defined(OS_RECOGNISED) /* SunOS4 */
1143 # ifdef _KERNEL
1144 # include <sys/kmem_alloc.h>
1145 # define GETKTIME(x) uniqtime((struct timeval *)x)
1146 # define MSGDSIZE(x) mbufchainlen(x)
1147 # define M_LEN(x) (x)->m_len
1148 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1149 # define IFNAME(x, b) ((struct ifnet *)x)->if_name
1150 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1151 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1152 # define GETIFP(n, v) ifunit(n, IFNAMSIZ)
1153 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
1154 # define KFREES(x,s) kmem_free((char *)(x), (s))
1155 # define SLEEP(id, n) sleep((id), PZERO+1)
1156 # define WAKEUP(id,x) wakeup(id + x)
1157 # define POLLWAKEUP(x) ;
1158 # define UIOMOVE(a,b,c,d) uiomove((void *)a,b,c,d)
1159 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1161 extern void m_copydata __P((struct mbuf *, int, int, void *));
1162 extern void m_copyback __P((struct mbuf *, int, int, void *));
1164 typedef struct mbuf mb_t;
1165 # endif
1167 typedef struct uio uio_t;
1168 typedef int ioctlcmd_t;
1169 typedef int minor_t;
1170 typedef unsigned int u_32_t;
1171 # define U_32_T 1
1173 # define OS_RECOGNISED 1
1175 #endif /* SunOS 4 */
1177 /* ----------------------------------------------------------------------- */
1178 /* L I N U X */
1179 /* ----------------------------------------------------------------------- */
1180 #if defined(linux) && !defined(OS_RECOGNISED)
1182 # include <linux/version.h>
1183 # if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,10)
1184 # include <linux/config.h>
1185 # endif
1187 # if (LINUX >= 20600) && defined(_KERNEL)
1188 # define HDR_T_PRIVATE 1
1189 # endif
1190 # undef USE_INET6
1191 # ifdef USE_INET6
1192 struct ip6_ext {
1193 u_char ip6e_nxt;
1194 u_char ip6e_len;
1196 # endif
1198 # ifdef _KERNEL
1199 # include <asm/byteorder.h>
1200 # ifdef __LITTLE_ENDIAN
1201 # define LITTLE_ENDIAN 1
1202 # define BIG_ENDIAN 0
1203 # define BYTE_ORDER LITTLE_ENDIAN
1204 # else
1205 # define LITTLE_ENDIAN 0
1206 # define BIG_ENDIAN 1
1207 # define BYTE_ORDER BIG_ENDIAN
1208 # endif
1209 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1210 # define COPYIN(a,b,c) copy_from_user((caddr_t)(b), (caddr_t)(a), (c))
1211 # define COPYOUT(a,b,c) copy_to_user((caddr_t)(b), (caddr_t)(a), (c))
1212 # define FREE_MB_T(m) kfree_skb(m)
1213 # define GETKTIME(x) do_gettimeofday((struct timeval *)x)
1214 # define POLLWAKEUP(x) ;
1215 # ifdef wait_event_interruptible
1216 # define SLEEP(x,s) wait_event_interruptible((*(x##_linux)), 0)
1217 # else
1218 # define SLEEP(x,s) 0, interruptible_sleep_on(x##_linux)
1219 # endif
1220 # define WAKEUP(x,y) wake_up(x##_linux + y)
1221 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
1222 # define USE_MUTEXES
1223 # define KRWLOCK_T rwlock_t
1224 # define KMUTEX_T spinlock_t
1225 # define MUTEX_INIT(x,y) spin_lock_init(&(x)->ipf_lk)
1226 # define MUTEX_ENTER(x) spin_lock_bh(&(x)->ipf_lk)
1227 # define MUTEX_EXIT(x) spin_unlock_bh(&(x)->ipf_lk)
1228 # define MUTEX_DESTROY(x) do { } while (0)
1229 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1230 # define READ_ENTER(x) ipf_read_enter(x)
1231 # define WRITE_ENTER(x) ipf_write_enter(x)
1232 # define RWLOCK_INIT(x,y) ipf_rw_init(x, y)
1233 # define RW_DESTROY(x) do { } while (0)
1234 # define RWLOCK_EXIT(x) ipf_rw_exit(x)
1235 # define MUTEX_DOWNGRADE(x) ipf_rw_downgrade(x)
1236 # define ATOMIC_INCL(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1237 MUTEX_EXIT(&ipf_rw)
1238 # define ATOMIC_DECL(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1239 MUTEX_EXIT(&ipf_rw)
1240 # define ATOMIC_INC64(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1241 MUTEX_EXIT(&ipf_rw)
1242 # define ATOMIC_INC32(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1243 MUTEX_EXIT(&ipf_rw)
1244 # define ATOMIC_INC16(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1245 MUTEX_EXIT(&ipf_rw)
1246 # define ATOMIC_DEC64(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1247 MUTEX_EXIT(&ipf_rw)
1248 # define ATOMIC_DEC32(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1249 MUTEX_EXIT(&ipf_rw)
1250 # define ATOMIC_DEC16(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1251 MUTEX_EXIT(&ipf_rw)
1252 # define SPL_SCHED(x) do { } while (0)
1253 # define SPL_IMP(x) do { } while (0)
1254 # define SPL_NET(x) do { } while (0)
1255 # define SPL_X(x) do { } while (0)
1256 # define IFNAME(x) ((struct net_device*)x)->name
1257 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1258 ((struct net_device *)fin->fin_ifp)->ifindex) & 7)
1259 typedef struct sk_buff mb_t;
1260 extern void m_copydata __P((mb_t *, int, int, void *));
1261 extern void m_copyback __P((mb_t *, int, int, void *));
1262 extern void m_adj __P((mb_t *, int));
1263 extern mb_t *m_pullup __P((mb_t *, int));
1264 # define mbuf sk_buff
1266 # define mtod(m, t) ((t)(m)->data)
1267 # define m_adj(m, x) skb_trim((m), (m)->len + (x))
1268 # define m_data data
1269 # define m_len len
1270 # define m_next next
1271 # define M_DUPLICATE(m) skb_clone((m), in_interrupt() ? GFP_ATOMIC : \
1272 GFP_KERNEL)
1273 # define MSGDSIZE(m) (m)->len
1274 # define M_LEN(m) (m)->len
1276 # define splnet(x) ;
1277 # define printf printk
1278 # define bcopy(s,d,z) memmove(d, s, z)
1279 # define bzero(s,z) memset(s, 0, z)
1280 # define bcmp(a,b,z) memcmp(a, b, z)
1281 # if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
1282 # define ipf_random random32
1283 # define arc4random random32
1284 # else
1285 # include <linux/random.h>
1286 # define ipf_random get_random_int
1287 # define arc4random get_random_int
1288 # endif
1290 # define ifnet net_device
1291 # define if_xname name
1292 # define if_unit ifindex
1294 # define KMALLOC(x,t) (x) = (t)kmalloc(sizeof(*(x)), \
1295 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1296 # define KFREE(x) kfree(x)
1297 # define KMALLOCS(x,t,s) (x) = (t)kmalloc((s), \
1298 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1299 # define KFREES(x,s) kfree(x)
1301 # if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
1302 # define f_uid f_owner.uid
1303 # define GETIFP(n,v) dev_get_by_name(&init_net,n)
1304 # else
1305 # define GETIFP(n,v) dev_get_by_name(n)
1306 # endif
1307 # else
1308 # include <net/ethernet.h>
1310 struct mbuf {
1313 # ifndef _NET_ROUTE_H
1314 struct rtentry {
1316 # endif
1318 struct ifnet {
1319 char if_xname[IFNAMSIZ];
1320 int if_unit;
1321 int (* if_output) __P((struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *));
1322 struct ifaddr *if_addrlist;
1324 # define IFNAME(x) ((struct ifnet *)x)->if_xname
1326 # endif /* _KERNEL */
1328 # define COPYIFNAME(v, x, b) \
1329 (void) strncpy(b, \
1330 ((struct ifnet *)x)->if_xname, \
1331 LIFNAMSIZ)
1333 # include <linux/fs.h>
1334 # define FWRITE FMODE_WRITE
1335 # define FREAD FMODE_READ
1337 # define __USE_MISC 1
1338 # define __FAVOR_BSD 1
1340 typedef struct uio {
1341 struct iovec *uio_iov;
1342 void *uio_file;
1343 char *uio_buf;
1344 int uio_iovcnt;
1345 int uio_offset;
1346 size_t uio_resid;
1347 int uio_rw;
1348 } uio_t;
1350 extern int uiomove __P((void *, size_t, int, struct uio *));
1352 # define UIO_READ 1
1353 # define UIO_WRITE 2
1355 # if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)) && !defined(_KERNEL)
1356 typedef int fmode_t;
1357 # endif
1359 typedef u_long ioctlcmd_t;
1360 typedef int minor_t;
1361 typedef u_int32_t u_32_t;
1362 # define U_32_T 1
1364 # define OS_RECOGNISED 1
1366 #endif
1369 /* ----------------------------------------------------------------------- */
1370 /* A I X */
1371 /* ----------------------------------------------------------------------- */
1372 #if defined(_AIX51)
1373 # undef MENTAT
1375 # include <sys/lock.h>
1376 # include <sys/sysmacros.h>
1378 # ifdef _KERNEL
1379 # define rw_read_locked(x) 0
1380 # include <net/net_globals.h>
1381 # include <net/net_malloc.h>
1382 # define KMUTEX_T simple_lock_t
1383 # define KRWLOCK_T complex_lock_t
1384 # define USE_MUTEXES 1
1385 # define USE_SPL 1
1386 # define READ_ENTER(x) lock_read((x)->ipf_lk)
1387 # define WRITE_ENTER(x) lock_write((x)->ipf_lk)
1388 # define MUTEX_DOWNGRADE(x) lock_write_to_read((x)->ipf_lk)
1389 # define RWLOCK_INIT(x, y) lock_alloc(&(x)->ipf_lk, \
1390 LOCK_ALLOC_PIN, \
1391 (u_short)y, 0); \
1392 lock_init((x)->ipf_lk, TRUE)
1393 # define RWLOCK_EXIT(x) lock_done((x)->ipf_lk)
1394 # define RW_DESTROY(x) lock_free(&(x)->ipf_lk)
1395 # define MUTEX_ENTER(x) simple_lock((x)->ipf_lk)
1396 # define MUTEX_INIT(x, y) lock_alloc(&(x)->ipf_lk, \
1397 LOCK_ALLOC_PIN, \
1398 (u_short)y, 0); \
1399 simple_lock_init((x)->ipf_lk)
1400 # define MUTEX_DESTROY(x) lock_free(&(x)->ipf_lk)
1401 # define MUTEX_EXIT(x) simple_unlock((x)->ipf_lk)
1402 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1403 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1404 MUTEX_EXIT(&ipf_rw); }
1405 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1406 MUTEX_EXIT(&ipf_rw); }
1407 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1408 MUTEX_EXIT(&ipf_rw); }
1409 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1410 MUTEX_EXIT(&ipf_rw); }
1411 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1412 MUTEX_EXIT(&ipf_rw); }
1413 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1414 MUTEX_EXIT(&ipf_rw); }
1415 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1416 MUTEX_EXIT(&ipf_rw); }
1417 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1418 MUTEX_EXIT(&ipf_rw); }
1419 # define SPL_SCHED(x) x = splsched()
1420 # define SPL_NET(x) x = splnet()
1421 # define SPL_IMP(x) x = splimp()
1422 # undef SPL_X
1423 # define SPL_X(x) splx(x)
1424 # define UIOMOVE(a,b,c,d) uiomove((void *)a,b,c,d)
1425 extern void* getifp __P((char *, int));
1426 # define GETIFP(n, v) getifp(n, v)
1427 # define GET_MINOR minor
1428 # define SLEEP(id, n) sleepx((id), PZERO+1, 0)
1429 # define WAKEUP(id,x) wakeup(id)
1430 # define POLLWAKEUP(x) ;
1431 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
1432 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
1433 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_TEMP, M_NOWAIT)
1434 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_TEMP, \
1435 ((c) > 4096) ? M_WAITOK : M_NOWAIT)
1436 # define KFREE(x) FREE((x), M_TEMP)
1437 # define KFREES(x,s) FREE((x), M_TEMP)
1438 # define MSGDSIZE(x) mbufchainlen(x)
1439 # define M_LEN(x) (x)->m_len
1440 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1441 # define GETKTIME(x)
1442 # define IFNAME(x, b) ((struct ifnet *)x)->if_name
1443 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1444 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1445 # define IPF_PANIC(x,y)
1446 typedef struct mbuf mb_t;
1447 # endif /* _KERNEL */
1450 * These are from's Solaris' #defines for little endian.
1452 #if !defined(IP6F_MORE_FRAG)
1453 # define IP6F_MORE_FRAG 0x0100
1454 #endif
1455 #if !defined(IP6F_RESERVED_MASK)
1456 # define IP6F_RESERVED_MASK 0x0600
1457 #endif
1458 #if !defined(IP6F_OFF_MASK)
1459 # define IP6F_OFF_MASK 0xf8ff
1460 #endif
1462 struct ip6_ext {
1463 u_char ip6e_nxt;
1464 u_char ip6e_len;
1467 typedef int ioctlcmd_t;
1468 typedef int minor_t;
1470 * Really, any arch where sizeof(long) != sizeof(int).
1472 typedef unsigned int u_32_t;
1473 # define U_32_T 1
1475 # define OS_RECOGNISED 1
1476 #endif /* _AIX51 */
1479 #ifndef OS_RECOGNISED
1480 #error ip_compat.h does not recognise this platform/OS.
1481 #endif
1484 /* ----------------------------------------------------------------------- */
1485 /* G E N E R I C */
1486 /* ----------------------------------------------------------------------- */
1487 #ifndef OS_RECOGNISED
1488 #endif
1491 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in
1492 * filter rules.
1494 #if !defined(IPFILTER_BPF)
1495 # if (defined(NBPF) && (NBPF > 0)) || (defined(DEV_BPF) && (DEV_BPF > 0)) || \
1496 (defined(NBPFILTER) && (NBPFILTER > 0))
1497 # define IPFILTER_BPF
1498 # endif
1499 #endif
1502 * Userland locking primitives
1504 typedef struct {
1505 char *eMm_owner;
1506 char *eMm_heldin;
1507 u_int eMm_magic;
1508 int eMm_held;
1509 int eMm_heldat;
1510 #if defined(__hpux) || defined(__linux)
1511 char eMm_fill[8];
1512 #endif
1513 } eMmutex_t;
1515 typedef struct {
1516 char *eMrw_owner;
1517 char *eMrw_heldin;
1518 u_int eMrw_magic;
1519 short eMrw_read;
1520 short eMrw_write;
1521 int eMrw_heldat;
1522 #ifdef __hpux
1523 char eMm_fill[24];
1524 #endif
1525 } eMrwlock_t;
1527 typedef union {
1528 #ifdef KMUTEX_T
1529 struct {
1530 KMUTEX_T ipf_slk;
1531 const char *ipf_lname;
1532 } ipf_lkun_s;
1533 #endif
1534 eMmutex_t ipf_emu;
1535 } ipfmutex_t;
1537 typedef union {
1538 #ifdef KRWLOCK_T
1539 struct {
1540 KRWLOCK_T ipf_slk;
1541 const char *ipf_lname;
1542 int ipf_sr;
1543 int ipf_sw;
1544 u_int ipf_magic;
1545 } ipf_lkun_s;
1546 #endif
1547 eMrwlock_t ipf_emu;
1548 } ipfrwlock_t;
1550 #define ipf_lk ipf_lkun_s.ipf_slk
1551 #define ipf_lname ipf_lkun_s.ipf_lname
1552 #define ipf_isr ipf_lkun_s.ipf_sr
1553 #define ipf_isw ipf_lkun_s.ipf_sw
1554 #define ipf_magic ipf_lkun_s.ipf_magic
1556 #if !defined(__GNUC__) || \
1557 (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000))
1558 # ifndef INLINE
1559 # define INLINE
1560 # endif
1561 #else
1562 # define INLINE __inline__
1563 #endif
1565 #if defined(linux) && defined(_KERNEL)
1566 extern void ipf_read_enter __P((ipfrwlock_t *));
1567 extern void ipf_write_enter __P((ipfrwlock_t *));
1568 extern void ipf_rw_exit __P((ipfrwlock_t *));
1569 extern void ipf_rw_init __P((ipfrwlock_t *, char *));
1570 extern void ipf_rw_downgrade __P((ipfrwlock_t *));
1571 #endif
1574 * In a non-kernel environment, there are a lot of macros that need to be
1575 * filled in to be null-ops or to point to some compatibility function,
1576 * somewhere in userland.
1578 #ifndef _KERNEL
1579 typedef struct mb_s {
1580 struct mb_s *mb_next;
1581 int mb_len;
1582 u_long mb_buf[2048];
1583 } mb_t;
1584 # undef m_next
1585 # define m_next mb_next
1586 # define MSGDSIZE(x) (x)->mb_len /* XXX - from ipt.c */
1587 # define M_LEN(x) (x)->mb_len
1588 # define M_DUPLICATE(x) (x)
1589 # define GETKTIME(x) gettimeofday((struct timeval *)(x), NULL)
1590 # undef MTOD
1591 # define MTOD(m, t) ((t)(m)->mb_buf)
1592 # define FREE_MB_T(x)
1593 # define SLEEP(x,y) 1;
1594 # define WAKEUP(x,y) ;
1595 # define POLLWAKEUP(y) ;
1596 # define IPF_PANIC(x,y) ;
1597 # define PANIC(x,y) ;
1598 # define SPL_SCHED(x) ;
1599 # define SPL_NET(x) ;
1600 # define SPL_IMP(x) ;
1601 # define SPL_X(x) ;
1602 # define KMALLOC(a,b) (a) = (b)malloc(sizeof(*a))
1603 # define KMALLOCS(a,b,c) (a) = (b)malloc(c)
1604 # define KFREE(x) free(x)
1605 # define KFREES(x,s) free(x)
1606 # define GETIFP(x, v) get_unit(x,v)
1607 # define COPYIN(a,b,c) bcopywrap((a), (b), (c))
1608 # define COPYOUT(a,b,c) bcopywrap((a), (b), (c))
1609 # define COPYDATA(m, o, l, b) bcopy(MTOD((mb_t *)m, char *) + (o), \
1610 (b), (l))
1611 # define COPYBACK(m, o, l, b) bcopy((b), \
1612 MTOD((mb_t *)m, char *) + (o), \
1613 (l))
1614 # define UIOMOVE(a,b,c,d) ipfuiomove(a,b,c,d)
1615 extern void m_copydata __P((mb_t *, int, int, void *));
1616 extern int ipfuiomove __P((void *, int, int, struct uio *));
1617 extern int bcopywrap __P((void *, void *, size_t));
1618 # ifndef CACHE_HASH
1619 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1620 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1621 # endif
1623 # define MUTEX_DESTROY(x) eMmutex_destroy(&(x)->ipf_emu)
1624 # define MUTEX_ENTER(x) eMmutex_enter(&(x)->ipf_emu, \
1625 __FILE__, __LINE__)
1626 # define MUTEX_EXIT(x) eMmutex_exit(&(x)->ipf_emu)
1627 # define MUTEX_INIT(x,y) eMmutex_init(&(x)->ipf_emu, y)
1628 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
1630 # define MUTEX_DOWNGRADE(x) eMrwlock_downgrade(&(x)->ipf_emu, \
1631 __FILE__, __LINE__)
1632 # define READ_ENTER(x) eMrwlock_read_enter(&(x)->ipf_emu, \
1633 __FILE__, __LINE__)
1634 # define RWLOCK_INIT(x, y) eMrwlock_init(&(x)->ipf_emu, y)
1635 # define RWLOCK_EXIT(x) eMrwlock_exit(&(x)->ipf_emu)
1636 # define RW_DESTROY(x) eMrwlock_destroy(&(x)->ipf_emu)
1637 # define WRITE_ENTER(x) eMrwlock_write_enter(&(x)->ipf_emu, \
1638 __FILE__, \
1639 __LINE__)
1641 # define USE_MUTEXES 1
1643 extern void eMmutex_destroy __P((eMmutex_t *));
1644 extern void eMmutex_enter __P((eMmutex_t *, char *, int));
1645 extern void eMmutex_exit __P((eMmutex_t *));
1646 extern void eMmutex_init __P((eMmutex_t *, char *));
1647 extern void eMrwlock_destroy __P((eMrwlock_t *));
1648 extern void eMrwlock_exit __P((eMrwlock_t *));
1649 extern void eMrwlock_init __P((eMrwlock_t *, char *));
1650 extern void eMrwlock_read_enter __P((eMrwlock_t *, char *, int));
1651 extern void eMrwlock_write_enter __P((eMrwlock_t *, char *, int));
1652 extern void eMrwlock_downgrade __P((eMrwlock_t *, char *, int));
1654 #endif
1656 #define MAX_IPV4HDR ((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8)
1658 #ifndef IP_OFFMASK
1659 # define IP_OFFMASK 0x1fff
1660 #endif
1664 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized
1665 * object.
1667 #if !defined(__amd64__) && defined(BSD) && (BSD > 199306)
1668 # define USE_QUAD_T
1669 # define U_QUAD_T u_quad_t
1670 # define QUAD_T quad_t
1671 #else /* BSD > 199306 */
1672 # if !defined(U_QUAD_T)
1673 # define U_QUAD_T u_long
1674 # define QUAD_T long
1675 # endif
1676 #endif /* BSD > 199306 */
1679 #ifdef USE_INET6
1680 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
1681 defined(__osf__) || defined(linux)
1682 # include <netinet/ip6.h>
1683 # include <netinet/icmp6.h>
1684 # if !defined(linux)
1685 # if defined(_KERNEL) && !defined(__osf__)
1686 # include <netinet6/ip6_var.h>
1687 # endif
1688 # endif
1689 typedef struct ip6_hdr ip6_t;
1690 # endif
1691 #endif
1693 #ifndef MAX
1694 # define MAX(a,b) (((a) > (b)) ? (a) : (b))
1695 #endif
1697 #if defined(_KERNEL)
1698 # ifdef BSD
1699 # include <sys/selinfo.h>
1700 extern struct selinfo ipfselwait[];
1701 # endif
1702 # ifdef MENTAT
1703 # define COPYDATA mb_copydata
1704 # define COPYBACK mb_copyback
1705 # else
1706 # define COPYDATA m_copydata
1707 # define COPYBACK m_copyback
1708 # endif
1709 # if (defined(BSD) && (BSD >= 199306)) || defined(__FreeBSD__)
1710 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \
1711 defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \
1712 defined(_BSDI_VERSION)
1713 # include <vm/vm.h>
1714 # endif
1715 # if !defined(__FreeBSD__) || (defined (__FreeBSD_version) && \
1716 (__FreeBSD_version >= 300000))
1717 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105180000)) || \
1718 (defined(OpenBSD) && (OpenBSD >= 200111))
1719 /* # include <uvm/uvm_extern.h> */
1720 # else
1721 # include <vm/vm_extern.h>
1722 extern vm_map_t kmem_map;
1723 # endif
1724 # include <sys/proc.h>
1725 # else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1726 # include <vm/vm_kern.h>
1727 # endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1729 # ifdef IPFILTER_M_IPFILTER
1730 # include <sys/malloc.h>
1731 MALLOC_DECLARE(M_IPFILTER);
1732 # define _M_IPF M_IPFILTER
1733 # else /* IPFILTER_M_IPFILTER */
1734 # ifdef M_PFIL
1735 # define _M_IPF M_PFIL
1736 # else
1737 # ifdef M_IPFILTER
1738 # define _M_IPF M_IPFILTER
1739 # else
1740 # define _M_IPF M_TEMP
1741 # endif /* M_IPFILTER */
1742 # endif /* M_PFIL */
1743 # endif /* IPFILTER_M_IPFILTER */
1744 # define KMALLOC(a, b) (a) = (b)malloc(sizeof(*(a)), _M_IPF, M_NOWAIT)
1745 # define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT)
1746 # define KFREE(x) free((x), _M_IPF)
1747 # define KFREES(x,s) free((x), _M_IPF)
1748 # define UIOMOVE(a,b,c,d) uiomove((void *)a,b,d)
1749 # define SLEEP(id, n) tsleep((id), PPAUSE|PCATCH, n, 0)
1750 # define WAKEUP(id,x) wakeup(id+x)
1751 # if !defined(POLLWAKEUP)
1752 # define POLLWAKEUP(x) selwakeup(ipfselwait+x)
1753 # endif
1754 # define GETIFP(n, v) ifunit(n)
1755 # endif /* (Free)BSD */
1757 # if !defined(USE_MUTEXES) && !defined(SPL_NET)
1758 # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199407)) || \
1759 (defined(OpenBSD) && (OpenBSD >= 200006))
1760 # define SPL_NET(x) x = splsoftnet()
1761 # else
1762 # define SPL_IMP(x) x = splimp()
1763 # define SPL_NET(x) x = splnet()
1764 # endif /* NetBSD && (NetBSD <= 1991011) && (NetBSD >= 199407) */
1765 # if !defined(SPL_SCHED)
1766 # define SPL_SCHED(x) x = splsched()
1767 # endif
1768 # define SPL_X(x) (void) splx(x)
1769 # endif /* !USE_MUTEXES */
1771 # ifndef FREE_MB_T
1772 # define FREE_MB_T(m) m_freem(m)
1773 # endif
1775 # ifndef MTOD
1776 # define MTOD(m,t) mtod(m,t)
1777 # endif
1779 # ifndef COPYIN
1780 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1781 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1782 # endif
1784 # ifndef KMALLOC
1785 # define KMALLOC(a,b) (a) = (b)new_kmem_alloc(sizeof(*(a)), \
1786 KMEM_NOSLEEP)
1787 # define KMALLOCS(a,b,c) (a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP)
1788 # endif
1790 # ifndef GET_MINOR
1791 # define GET_MINOR(x) minor(x)
1792 # endif
1793 # define PANIC(x,y) if (x) panic y
1794 #endif /* _KERNEL */
1796 #if !defined(IFNAME) && !defined(_KERNEL)
1797 # define IFNAME(x) ((struct ifnet *)x)->if_name
1798 #endif
1799 #ifndef COPYIFNAME
1800 # define NEED_FRGETIFNAME
1801 extern char *fr_getifname __P((struct ifnet *, char *));
1802 # define COPYIFNAME(v, x, b) \
1803 fr_getifname((struct ifnet *)x, b)
1804 #endif
1806 #ifndef ASSERT
1807 # ifdef _KERNEL
1808 # define ASSERT(x)
1809 # else
1810 # define ASSERT(x) do { if (!(x)) abort(); } while (0)
1811 # endif
1812 #endif
1814 #ifndef BCOPYIN
1815 # define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1816 # define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1817 #endif
1820 * Because the ctype(3) posix definition, if used "safely" in code everywhere,
1821 * would mean all normal code that walks through strings needed casts. Yuck.
1823 #define ISALNUM(x) isalnum((u_char)(x))
1824 #define ISALPHA(x) isalpha((u_char)(x))
1825 #define ISASCII(x) isascii((u_char)(x))
1826 #define ISDIGIT(x) isdigit((u_char)(x))
1827 #define ISPRINT(x) isprint((u_char)(x))
1828 #define ISSPACE(x) isspace((u_char)(x))
1829 #define ISUPPER(x) isupper((u_char)(x))
1830 #define ISXDIGIT(x) isxdigit((u_char)(x))
1831 #define ISLOWER(x) islower((u_char)(x))
1832 #define TOUPPER(x) toupper((u_char)(x))
1833 #define TOLOWER(x) tolower((u_char)(x))
1836 * If mutexes aren't being used, turn all the mutex functions into null-ops.
1838 #if !defined(USE_MUTEXES)
1839 # define USE_SPL 1
1840 # undef RW_DESTROY
1841 # undef MUTEX_INIT
1842 # undef MUTEX_NUKE
1843 # undef MUTEX_DESTROY
1844 # define MUTEX_ENTER(x) ;
1845 # define READ_ENTER(x) ;
1846 # define WRITE_ENTER(x) ;
1847 # define MUTEX_DOWNGRADE(x) ;
1848 # define RWLOCK_INIT(x, y) ;
1849 # define RWLOCK_EXIT(x) ;
1850 # define RW_DESTROY(x) ;
1851 # define MUTEX_EXIT(x) ;
1852 # define MUTEX_INIT(x,y) ;
1853 # define MUTEX_DESTROY(x) ;
1854 # define MUTEX_NUKE(x) ;
1855 #endif /* !USE_MUTEXES */
1856 #ifndef ATOMIC_INC
1857 # define ATOMIC_INC(x) (x)++
1858 # define ATOMIC_DEC(x) (x)--
1859 #endif
1861 #if defined(USE_SPL) && defined(_KERNEL)
1862 # define SPL_INT(x) int x
1863 #else
1864 # define SPL_INT(x)
1865 #endif
1868 * If there are no atomic operations for bit sizes defined, define them to all
1869 * use a generic one that works for all sizes.
1871 #ifndef ATOMIC_INCL
1872 # define ATOMIC_INCL ATOMIC_INC
1873 # define ATOMIC_INC64 ATOMIC_INC
1874 # define ATOMIC_INC32 ATOMIC_INC
1875 # define ATOMIC_INC16 ATOMIC_INC
1876 # define ATOMIC_DECL ATOMIC_DEC
1877 # define ATOMIC_DEC64 ATOMIC_DEC
1878 # define ATOMIC_DEC32 ATOMIC_DEC
1879 # define ATOMIC_DEC16 ATOMIC_DEC
1880 #endif
1882 #ifndef HDR_T_PRIVATE
1883 typedef struct tcphdr tcphdr_t;
1884 typedef struct udphdr udphdr_t;
1885 #endif
1886 typedef struct icmp icmphdr_t;
1887 typedef struct ip ip_t;
1888 typedef struct ether_header ether_header_t;
1889 typedef struct tcpiphdr tcpiphdr_t;
1891 #ifndef FR_GROUPLEN
1892 # define FR_GROUPLEN 16
1893 #endif
1896 * This set of macros has been brought about because on Tru64 it is not
1897 * possible to easily assign or examine values in a structure that are
1898 * bit fields.
1900 #ifndef IP_V
1901 # define IP_V(x) (x)->ip_v
1902 #endif
1903 #ifndef IP_V_A
1904 # define IP_V_A(x,y) (x)->ip_v = (y)
1905 #endif
1906 #ifndef IP_HL
1907 # define IP_HL(x) (x)->ip_hl
1908 #endif
1909 #ifndef IP_HL_A
1910 # define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf)
1911 #endif
1912 #ifndef TCP_X2
1913 # define TCP_X2(x) (x)->th_x2
1914 #endif
1915 #ifndef TCP_X2_A
1916 # define TCP_X2_A(x,y) (x)->th_x2 = (y)
1917 #endif
1918 #ifndef TCP_OFF
1919 # define TCP_OFF(x) (x)->th_off
1920 #endif
1921 #ifndef TCP_OFF_A
1922 # define TCP_OFF_A(x,y) (x)->th_off = (y)
1923 #endif
1924 #define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h)))
1928 * XXX - This is one of those *awful* hacks which nobody likes
1930 #ifdef ultrix
1931 #define A_A
1932 #else
1933 #define A_A &
1934 #endif
1936 #define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\
1937 TH_ECN|TH_CWR)
1939 #if (defined(BSD) && (BSD >= 199306)) && !defined(m_act)
1940 # define m_act m_nextpkt
1941 #endif
1944 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108.
1946 * Basic Option
1948 * 00000001 - (Reserved 4)
1949 * 00111101 - Top Secret
1950 * 01011010 - Secret
1951 * 10010110 - Confidential
1952 * 01100110 - (Reserved 3)
1953 * 11001100 - (Reserved 2)
1954 * 10101011 - Unclassified
1955 * 11110001 - (Reserved 1)
1957 #define IPSO_CLASS_RES4 0x01
1958 #define IPSO_CLASS_TOPS 0x3d
1959 #define IPSO_CLASS_SECR 0x5a
1960 #define IPSO_CLASS_CONF 0x96
1961 #define IPSO_CLASS_RES3 0x66
1962 #define IPSO_CLASS_RES2 0xcc
1963 #define IPSO_CLASS_UNCL 0xab
1964 #define IPSO_CLASS_RES1 0xf1
1966 #define IPSO_AUTH_GENSER 0x80
1967 #define IPSO_AUTH_ESI 0x40
1968 #define IPSO_AUTH_SCI 0x20
1969 #define IPSO_AUTH_NSA 0x10
1970 #define IPSO_AUTH_DOE 0x08
1971 #define IPSO_AUTH_UN 0x06
1972 #define IPSO_AUTH_FTE 0x01
1975 * IP option #defines
1977 #undef IPOPT_RR
1978 #define IPOPT_RR 7
1979 #undef IPOPT_ZSU
1980 #define IPOPT_ZSU 10 /* ZSU */
1981 #undef IPOPT_MTUP
1982 #define IPOPT_MTUP 11 /* MTUP */
1983 #undef IPOPT_MTUR
1984 #define IPOPT_MTUR 12 /* MTUR */
1985 #undef IPOPT_ENCODE
1986 #define IPOPT_ENCODE 15 /* ENCODE */
1987 #undef IPOPT_TS
1988 #define IPOPT_TS 68
1989 #undef IPOPT_TR
1990 #define IPOPT_TR 82 /* TR */
1991 #undef IPOPT_SECURITY
1992 #define IPOPT_SECURITY 130
1993 #undef IPOPT_LSRR
1994 #define IPOPT_LSRR 131
1995 #undef IPOPT_E_SEC
1996 #define IPOPT_E_SEC 133 /* E-SEC */
1997 #undef IPOPT_CIPSO
1998 #define IPOPT_CIPSO 134 /* CIPSO */
1999 #undef IPOPT_SATID
2000 #define IPOPT_SATID 136
2001 #ifndef IPOPT_SID
2002 # define IPOPT_SID IPOPT_SATID
2003 #endif
2004 #undef IPOPT_SSRR
2005 #define IPOPT_SSRR 137
2006 #undef IPOPT_ADDEXT
2007 #define IPOPT_ADDEXT 147 /* ADDEXT */
2008 #undef IPOPT_VISA
2009 #define IPOPT_VISA 142 /* VISA */
2010 #undef IPOPT_IMITD
2011 #define IPOPT_IMITD 144 /* IMITD */
2012 #undef IPOPT_EIP
2013 #define IPOPT_EIP 145 /* EIP */
2014 #undef IPOPT_RTRALRT
2015 #define IPOPT_RTRALRT 148 /* RTRALRT */
2016 #undef IPOPT_SDB
2017 #define IPOPT_SDB 149
2018 #undef IPOPT_NSAPA
2019 #define IPOPT_NSAPA 150
2020 #undef IPOPT_DPS
2021 #define IPOPT_DPS 151
2022 #undef IPOPT_UMP
2023 #define IPOPT_UMP 152
2024 #undef IPOPT_FINN
2025 #define IPOPT_FINN 205 /* FINN */
2027 #ifndef TCPOPT_EOL
2028 # define TCPOPT_EOL 0
2029 #endif
2030 #ifndef TCPOPT_NOP
2031 # define TCPOPT_NOP 1
2032 #endif
2033 #ifndef TCPOPT_MAXSEG
2034 # define TCPOPT_MAXSEG 2
2035 #endif
2036 #ifndef TCPOLEN_MAXSEG
2037 # define TCPOLEN_MAXSEG 4
2038 #endif
2039 #ifndef TCPOPT_WINDOW
2040 # define TCPOPT_WINDOW 3
2041 #endif
2042 #ifndef TCPOLEN_WINDOW
2043 # define TCPOLEN_WINDOW 3
2044 #endif
2045 #ifndef TCPOPT_SACK_PERMITTED
2046 # define TCPOPT_SACK_PERMITTED 4
2047 #endif
2048 #ifndef TCPOLEN_SACK_PERMITTED
2049 # define TCPOLEN_SACK_PERMITTED 2
2050 #endif
2051 #ifndef TCPOPT_SACK
2052 # define TCPOPT_SACK 5
2053 #endif
2054 #ifndef TCPOPT_TIMESTAMP
2055 # define TCPOPT_TIMESTAMP 8
2056 #endif
2058 #ifndef ICMP_MINLEN
2059 # define ICMP_MINLEN 8
2060 #endif
2061 #ifndef ICMP_ECHOREPLY
2062 # define ICMP_ECHOREPLY 0
2063 #endif
2064 #ifndef ICMP_UNREACH
2065 # define ICMP_UNREACH 3
2066 #endif
2067 #ifndef ICMP_UNREACH_NET
2068 # define ICMP_UNREACH_NET 0
2069 #endif
2070 #ifndef ICMP_UNREACH_HOST
2071 # define ICMP_UNREACH_HOST 1
2072 #endif
2073 #ifndef ICMP_UNREACH_PROTOCOL
2074 # define ICMP_UNREACH_PROTOCOL 2
2075 #endif
2076 #ifndef ICMP_UNREACH_PORT
2077 # define ICMP_UNREACH_PORT 3
2078 #endif
2079 #ifndef ICMP_UNREACH_NEEDFRAG
2080 # define ICMP_UNREACH_NEEDFRAG 4
2081 #endif
2082 #ifndef ICMP_UNREACH_SRCFAIL
2083 # define ICMP_UNREACH_SRCFAIL 5
2084 #endif
2085 #ifndef ICMP_UNREACH_NET_UNKNOWN
2086 # define ICMP_UNREACH_NET_UNKNOWN 6
2087 #endif
2088 #ifndef ICMP_UNREACH_HOST_UNKNOWN
2089 # define ICMP_UNREACH_HOST_UNKNOWN 7
2090 #endif
2091 #ifndef ICMP_UNREACH_ISOLATED
2092 # define ICMP_UNREACH_ISOLATED 8
2093 #endif
2094 #ifndef ICMP_UNREACH_NET_PROHIB
2095 # define ICMP_UNREACH_NET_PROHIB 9
2096 #endif
2097 #ifndef ICMP_UNREACH_HOST_PROHIB
2098 # define ICMP_UNREACH_HOST_PROHIB 10
2099 #endif
2100 #ifndef ICMP_UNREACH_TOSNET
2101 # define ICMP_UNREACH_TOSNET 11
2102 #endif
2103 #ifndef ICMP_UNREACH_TOSHOST
2104 # define ICMP_UNREACH_TOSHOST 12
2105 #endif
2106 #ifndef ICMP_UNREACH_ADMIN_PROHIBIT
2107 # define ICMP_UNREACH_ADMIN_PROHIBIT 13
2108 #endif
2109 #ifndef ICMP_UNREACH_FILTER
2110 # define ICMP_UNREACH_FILTER 13
2111 #endif
2112 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
2113 # define ICMP_UNREACH_HOST_PRECEDENCE 14
2114 #endif
2115 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
2116 # define ICMP_UNREACH_PRECEDENCE_CUTOFF 15
2117 #endif
2118 #ifndef ICMP_SOURCEQUENCH
2119 # define ICMP_SOURCEQUENCH 4
2120 #endif
2121 #ifndef ICMP_REDIRECT_NET
2122 # define ICMP_REDIRECT_NET 0
2123 #endif
2124 #ifndef ICMP_REDIRECT_HOST
2125 # define ICMP_REDIRECT_HOST 1
2126 #endif
2127 #ifndef ICMP_REDIRECT_TOSNET
2128 # define ICMP_REDIRECT_TOSNET 2
2129 #endif
2130 #ifndef ICMP_REDIRECT_TOSHOST
2131 # define ICMP_REDIRECT_TOSHOST 3
2132 #endif
2133 #ifndef ICMP_ALTHOSTADDR
2134 # define ICMP_ALTHOSTADDR 6
2135 #endif
2136 #ifndef ICMP_TIMXCEED
2137 # define ICMP_TIMXCEED 11
2138 #endif
2139 #ifndef ICMP_TIMXCEED_INTRANS
2140 # define ICMP_TIMXCEED_INTRANS 0
2141 #endif
2142 #ifndef ICMP_TIMXCEED_REASS
2143 # define ICMP_TIMXCEED_REASS 1
2144 #endif
2145 #ifndef ICMP_PARAMPROB
2146 # define ICMP_PARAMPROB 12
2147 #endif
2148 #ifndef ICMP_PARAMPROB_ERRATPTR
2149 # define ICMP_PARAMPROB_ERRATPTR 0
2150 #endif
2151 #ifndef ICMP_PARAMPROB_OPTABSENT
2152 # define ICMP_PARAMPROB_OPTABSENT 1
2153 #endif
2154 #ifndef ICMP_PARAMPROB_LENGTH
2155 # define ICMP_PARAMPROB_LENGTH 2
2156 #endif
2157 #ifndef ICMP_TSTAMP
2158 # define ICMP_TSTAMP 13
2159 #endif
2160 #ifndef ICMP_TSTAMPREPLY
2161 # define ICMP_TSTAMPREPLY 14
2162 #endif
2163 #ifndef ICMP_IREQ
2164 # define ICMP_IREQ 15
2165 #endif
2166 #ifndef ICMP_IREQREPLY
2167 # define ICMP_IREQREPLY 16
2168 #endif
2169 #ifndef ICMP_MASKREQ
2170 # define ICMP_MASKREQ 17
2171 #endif
2172 #ifndef ICMP_MASKREPLY
2173 # define ICMP_MASKREPLY 18
2174 #endif
2175 #ifndef ICMP_TRACEROUTE
2176 # define ICMP_TRACEROUTE 30
2177 #endif
2178 #ifndef ICMP_DATACONVERR
2179 # define ICMP_DATACONVERR 31
2180 #endif
2181 #ifndef ICMP_MOBILE_REDIRECT
2182 # define ICMP_MOBILE_REDIRECT 32
2183 #endif
2184 #ifndef ICMP_IPV6_WHEREAREYOU
2185 # define ICMP_IPV6_WHEREAREYOU 33
2186 #endif
2187 #ifndef ICMP_IPV6_IAMHERE
2188 # define ICMP_IPV6_IAMHERE 34
2189 #endif
2190 #ifndef ICMP_MOBILE_REGREQUEST
2191 # define ICMP_MOBILE_REGREQUEST 35
2192 #endif
2193 #ifndef ICMP_MOBILE_REGREPLY
2194 # define ICMP_MOBILE_REGREPLY 36
2195 #endif
2196 #ifndef ICMP_SKIP
2197 # define ICMP_SKIP 39
2198 #endif
2199 #ifndef ICMP_PHOTURIS
2200 # define ICMP_PHOTURIS 40
2201 #endif
2202 #ifndef ICMP_PHOTURIS_UNKNOWN_INDEX
2203 # define ICMP_PHOTURIS_UNKNOWN_INDEX 1
2204 #endif
2205 #ifndef ICMP_PHOTURIS_AUTH_FAILED
2206 # define ICMP_PHOTURIS_AUTH_FAILED 2
2207 #endif
2208 #ifndef ICMP_PHOTURIS_DECRYPT_FAILED
2209 # define ICMP_PHOTURIS_DECRYPT_FAILED 3
2210 #endif
2211 #ifndef IPVERSION
2212 # define IPVERSION 4
2213 #endif
2214 #ifndef IPOPT_MINOFF
2215 # define IPOPT_MINOFF 4
2216 #endif
2217 #ifndef IPOPT_COPIED
2218 # define IPOPT_COPIED(x) ((x)&0x80)
2219 #endif
2220 #ifndef IPOPT_EOL
2221 # define IPOPT_EOL 0
2222 #endif
2223 #ifndef IPOPT_NOP
2224 # define IPOPT_NOP 1
2225 #endif
2226 #ifndef IP_MF
2227 # define IP_MF ((u_short)0x2000)
2228 #endif
2229 #ifndef ETHERTYPE_IP
2230 # define ETHERTYPE_IP ((u_short)0x0800)
2231 #endif
2232 #ifndef TH_FIN
2233 # define TH_FIN 0x01
2234 #endif
2235 #ifndef TH_SYN
2236 # define TH_SYN 0x02
2237 #endif
2238 #ifndef TH_RST
2239 # define TH_RST 0x04
2240 #endif
2241 #ifndef TH_PUSH
2242 # define TH_PUSH 0x08
2243 #endif
2244 #ifndef TH_ACK
2245 # define TH_ACK 0x10
2246 #endif
2247 #ifndef TH_URG
2248 # define TH_URG 0x20
2249 #endif
2250 #undef TH_ACKMASK
2251 #define TH_ACKMASK (TH_FIN|TH_SYN|TH_RST|TH_ACK)
2253 #ifndef IPOPT_EOL
2254 # define IPOPT_EOL 0
2255 #endif
2256 #ifndef IPOPT_NOP
2257 # define IPOPT_NOP 1
2258 #endif
2259 #ifndef IPOPT_RR
2260 # define IPOPT_RR 7
2261 #endif
2262 #ifndef IPOPT_TS
2263 # define IPOPT_TS 68
2264 #endif
2265 #ifndef IPOPT_SECURITY
2266 # define IPOPT_SECURITY 130
2267 #endif
2268 #ifndef IPOPT_LSRR
2269 # define IPOPT_LSRR 131
2270 #endif
2271 #ifndef IPOPT_SATID
2272 # define IPOPT_SATID 136
2273 #endif
2274 #ifndef IPOPT_SSRR
2275 # define IPOPT_SSRR 137
2276 #endif
2277 #ifndef IPOPT_SECUR_UNCLASS
2278 # define IPOPT_SECUR_UNCLASS ((u_short)0x0000)
2279 #endif
2280 #ifndef IPOPT_SECUR_CONFID
2281 # define IPOPT_SECUR_CONFID ((u_short)0xf135)
2282 #endif
2283 #ifndef IPOPT_SECUR_EFTO
2284 # define IPOPT_SECUR_EFTO ((u_short)0x789a)
2285 #endif
2286 #ifndef IPOPT_SECUR_MMMM
2287 # define IPOPT_SECUR_MMMM ((u_short)0xbc4d)
2288 #endif
2289 #ifndef IPOPT_SECUR_RESTR
2290 # define IPOPT_SECUR_RESTR ((u_short)0xaf13)
2291 #endif
2292 #ifndef IPOPT_SECUR_SECRET
2293 # define IPOPT_SECUR_SECRET ((u_short)0xd788)
2294 #endif
2295 #ifndef IPOPT_SECUR_TOPSECRET
2296 # define IPOPT_SECUR_TOPSECRET ((u_short)0x6bc5)
2297 #endif
2298 #ifndef IPOPT_OLEN
2299 # define IPOPT_OLEN 1
2300 #endif
2301 #ifndef IPPROTO_HOPOPTS
2302 # define IPPROTO_HOPOPTS 0
2303 #endif
2304 #ifndef IPPROTO_ENCAP
2305 # define IPPROTO_ENCAP 4
2306 #endif
2307 #ifndef IPPROTO_IPV6
2308 # define IPPROTO_IPV6 41
2309 #endif
2310 #ifndef IPPROTO_ROUTING
2311 # define IPPROTO_ROUTING 43
2312 #endif
2313 #ifndef IPPROTO_FRAGMENT
2314 # define IPPROTO_FRAGMENT 44
2315 #endif
2316 #ifndef IPPROTO_GRE
2317 # define IPPROTO_GRE 47 /* GRE encaps RFC 1701 */
2318 #endif
2319 #ifndef IPPROTO_ESP
2320 # define IPPROTO_ESP 50
2321 #endif
2322 #ifndef IPPROTO_AH
2323 # define IPPROTO_AH 51
2324 #endif
2325 #ifndef IPPROTO_ICMPV6
2326 # define IPPROTO_ICMPV6 58
2327 #endif
2328 #ifndef IPPROTO_NONE
2329 # define IPPROTO_NONE 59
2330 #endif
2331 #ifndef IPPROTO_DSTOPTS
2332 # define IPPROTO_DSTOPTS 60
2333 #endif
2334 #ifndef IPPROTO_MOBILITY
2335 # define IPPROTO_MOBILITY 135
2336 #endif
2338 #ifndef ICMP_ROUTERADVERT
2339 # define ICMP_ROUTERADVERT 9
2340 #endif
2341 #ifndef ICMP_ROUTERSOLICIT
2342 # define ICMP_ROUTERSOLICIT 10
2343 #endif
2344 #ifndef ICMP6_DST_UNREACH
2345 # define ICMP6_DST_UNREACH 1
2346 #endif
2347 #ifndef ICMP6_PACKET_TOO_BIG
2348 # define ICMP6_PACKET_TOO_BIG 2
2349 #endif
2350 #ifndef ICMP6_TIME_EXCEEDED
2351 # define ICMP6_TIME_EXCEEDED 3
2352 #endif
2353 #ifndef ICMP6_PARAM_PROB
2354 # define ICMP6_PARAM_PROB 4
2355 #endif
2357 #ifndef ICMP6_ECHO_REQUEST
2358 # define ICMP6_ECHO_REQUEST 128
2359 #endif
2360 #ifndef ICMP6_ECHO_REPLY
2361 # define ICMP6_ECHO_REPLY 129
2362 #endif
2363 #ifndef ICMP6_MEMBERSHIP_QUERY
2364 # define ICMP6_MEMBERSHIP_QUERY 130
2365 #endif
2366 #ifndef MLD6_LISTENER_QUERY
2367 # define MLD6_LISTENER_QUERY 130
2368 #endif
2369 #ifndef ICMP6_MEMBERSHIP_REPORT
2370 # define ICMP6_MEMBERSHIP_REPORT 131
2371 #endif
2372 #ifndef MLD6_LISTENER_REPORT
2373 # define MLD6_LISTENER_REPORT 131
2374 #endif
2375 #ifndef ICMP6_MEMBERSHIP_REDUCTION
2376 # define ICMP6_MEMBERSHIP_REDUCTION 132
2377 #endif
2378 #ifndef MLD6_LISTENER_DONE
2379 # define MLD6_LISTENER_DONE 132
2380 #endif
2381 #ifndef ND_ROUTER_SOLICIT
2382 # define ND_ROUTER_SOLICIT 133
2383 #endif
2384 #ifndef ND_ROUTER_ADVERT
2385 # define ND_ROUTER_ADVERT 134
2386 #endif
2387 #ifndef ND_NEIGHBOR_SOLICIT
2388 # define ND_NEIGHBOR_SOLICIT 135
2389 #endif
2390 #ifndef ND_NEIGHBOR_ADVERT
2391 # define ND_NEIGHBOR_ADVERT 136
2392 #endif
2393 #ifndef ND_REDIRECT
2394 # define ND_REDIRECT 137
2395 #endif
2396 #ifndef ICMP6_ROUTER_RENUMBERING
2397 # define ICMP6_ROUTER_RENUMBERING 138
2398 #endif
2399 #ifndef ICMP6_WRUREQUEST
2400 # define ICMP6_WRUREQUEST 139
2401 #endif
2402 #ifndef ICMP6_WRUREPLY
2403 # define ICMP6_WRUREPLY 140
2404 #endif
2405 #ifndef ICMP6_FQDN_QUERY
2406 # define ICMP6_FQDN_QUERY 139
2407 #endif
2408 #ifndef ICMP6_FQDN_REPLY
2409 # define ICMP6_FQDN_REPLY 140
2410 #endif
2411 #ifndef ICMP6_NI_QUERY
2412 # define ICMP6_NI_QUERY 139
2413 #endif
2414 #ifndef ICMP6_NI_REPLY
2415 # define ICMP6_NI_REPLY 140
2416 #endif
2417 #ifndef MLD6_MTRACE_RESP
2418 # define MLD6_MTRACE_RESP 200
2419 #endif
2420 #ifndef MLD6_MTRACE
2421 # define MLD6_MTRACE 201
2422 #endif
2423 #ifndef ICMP6_HADISCOV_REQUEST
2424 # define ICMP6_HADISCOV_REQUEST 202
2425 #endif
2426 #ifndef ICMP6_HADISCOV_REPLY
2427 # define ICMP6_HADISCOV_REPLY 203
2428 #endif
2429 #ifndef ICMP6_MOBILEPREFIX_SOLICIT
2430 # define ICMP6_MOBILEPREFIX_SOLICIT 204
2431 #endif
2432 #ifndef ICMP6_MOBILEPREFIX_ADVERT
2433 # define ICMP6_MOBILEPREFIX_ADVERT 205
2434 #endif
2435 #ifndef ICMP6_MAXTYPE
2436 # define ICMP6_MAXTYPE 205
2437 #endif
2439 #ifndef ICMP6_DST_UNREACH_NOROUTE
2440 # define ICMP6_DST_UNREACH_NOROUTE 0
2441 #endif
2442 #ifndef ICMP6_DST_UNREACH_ADMIN
2443 # define ICMP6_DST_UNREACH_ADMIN 1
2444 #endif
2445 #ifndef ICMP6_DST_UNREACH_NOTNEIGHBOR
2446 # define ICMP6_DST_UNREACH_NOTNEIGHBOR 2
2447 #endif
2448 #ifndef ICMP6_DST_UNREACH_BEYONDSCOPE
2449 # define ICMP6_DST_UNREACH_BEYONDSCOPE 2
2450 #endif
2451 #ifndef ICMP6_DST_UNREACH_ADDR
2452 # define ICMP6_DST_UNREACH_ADDR 3
2453 #endif
2454 #ifndef ICMP6_DST_UNREACH_NOPORT
2455 # define ICMP6_DST_UNREACH_NOPORT 4
2456 #endif
2457 #ifndef ICMP6_TIME_EXCEED_TRANSIT
2458 # define ICMP6_TIME_EXCEED_TRANSIT 0
2459 #endif
2460 #ifndef ICMP6_TIME_EXCEED_REASSEMBLY
2461 # define ICMP6_TIME_EXCEED_REASSEMBLY 1
2462 #endif
2464 #ifndef ICMP6_NI_SUCCESS
2465 # define ICMP6_NI_SUCCESS 0
2466 #endif
2467 #ifndef ICMP6_NI_REFUSED
2468 # define ICMP6_NI_REFUSED 1
2469 #endif
2470 #ifndef ICMP6_NI_UNKNOWN
2471 # define ICMP6_NI_UNKNOWN 2
2472 #endif
2474 #ifndef ICMP6_ROUTER_RENUMBERING_COMMAND
2475 # define ICMP6_ROUTER_RENUMBERING_COMMAND 0
2476 #endif
2477 #ifndef ICMP6_ROUTER_RENUMBERING_RESULT
2478 # define ICMP6_ROUTER_RENUMBERING_RESULT 1
2479 #endif
2480 #ifndef ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET
2481 # define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255
2482 #endif
2484 #ifndef ICMP6_PARAMPROB_HEADER
2485 # define ICMP6_PARAMPROB_HEADER 0
2486 #endif
2487 #ifndef ICMP6_PARAMPROB_NEXTHEADER
2488 # define ICMP6_PARAMPROB_NEXTHEADER 1
2489 #endif
2490 #ifndef ICMP6_PARAMPROB_OPTION
2491 # define ICMP6_PARAMPROB_OPTION 2
2492 #endif
2494 #ifndef ICMP6_NI_SUBJ_IPV6
2495 # define ICMP6_NI_SUBJ_IPV6 0
2496 #endif
2497 #ifndef ICMP6_NI_SUBJ_FQDN
2498 # define ICMP6_NI_SUBJ_FQDN 1
2499 #endif
2500 #ifndef ICMP6_NI_SUBJ_IPV4
2501 # define ICMP6_NI_SUBJ_IPV4 2
2502 #endif
2504 #if !defined(IPV6_FLOWINFO_MASK)
2505 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
2506 # define IPV6_FLOWINFO_MASK 0x0fffffff /* flow info (28 bits) */
2507 # else
2508 # if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
2509 # define IPV6_FLOWINFO_MASK 0xffffff0f /* flow info (28 bits) */
2510 # endif /* LITTLE_ENDIAN */
2511 # endif
2512 #endif
2513 #if !defined(IPV6_FLOWLABEL_MASK)
2514 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
2515 # define IPV6_FLOWLABEL_MASK 0x000fffff /* flow label (20 bits) */
2516 # else
2517 # if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
2518 # define IPV6_FLOWLABEL_MASK 0xffff0f00 /* flow label (20 bits) */
2519 # endif /* LITTLE_ENDIAN */
2520 # endif
2521 #endif
2524 * ECN is a new addition to TCP - RFC 2481
2526 #ifndef TH_ECN
2527 # define TH_ECN 0x40
2528 #endif
2529 #ifndef TH_CWR
2530 # define TH_CWR 0x80
2531 #endif
2532 #define TH_ECNALL (TH_ECN|TH_CWR)
2535 * TCP States
2537 #define IPF_TCPS_LISTEN 0 /* listening for connection */
2538 #define IPF_TCPS_SYN_SENT 1 /* active, have sent syn */
2539 #define IPF_TCPS_SYN_RECEIVED 2 /* have send and received syn */
2540 #define IPF_TCPS_HALF_ESTAB 3 /* for connections not fully "up" */
2541 /* states < IPF_TCPS_ESTABLISHED are those where connections not established */
2542 #define IPF_TCPS_ESTABLISHED 4 /* established */
2543 #define IPF_TCPS_CLOSE_WAIT 5 /* rcvd fin, waiting for close */
2544 /* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */
2545 #define IPF_TCPS_FIN_WAIT_1 6 /* have closed, sent fin */
2546 #define IPF_TCPS_CLOSING 7 /* closed xchd FIN; await FIN ACK */
2547 #define IPF_TCPS_LAST_ACK 8 /* had fin and close; await FIN ACK */
2548 /* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */
2549 #define IPF_TCPS_FIN_WAIT_2 9 /* have closed, fin is acked */
2550 #define IPF_TCPS_TIME_WAIT 10 /* in 2*msl quiet wait after close */
2551 #define IPF_TCPS_CLOSED 11 /* closed */
2552 #define IPF_TCP_NSTATES 12
2554 #define TCP_MSL 120
2556 #undef ICMP_MAX_UNREACH
2557 #define ICMP_MAX_UNREACH 14
2558 #undef ICMP_MAXTYPE
2559 #define ICMP_MAXTYPE 18
2561 #ifndef IFNAMSIZ
2562 #define IFNAMSIZ 16
2563 #endif
2565 #ifndef LOG_FTP
2566 # define LOG_FTP (11<<3)
2567 #endif
2568 #ifndef LOG_AUTHPRIV
2569 # define LOG_AUTHPRIV (10<<3)
2570 #endif
2571 #ifndef LOG_AUDIT
2572 # define LOG_AUDIT (13<<3)
2573 #endif
2574 #ifndef LOG_NTP
2575 # define LOG_NTP (12<<3)
2576 #endif
2577 #ifndef LOG_SECURITY
2578 # define LOG_SECURITY (13<<3)
2579 #endif
2580 #ifndef LOG_LFMT
2581 # define LOG_LFMT (14<<3)
2582 #endif
2583 #ifndef LOG_CONSOLE
2584 # define LOG_CONSOLE (14<<3)
2585 #endif
2588 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data,
2589 * another IP header and then 64 bits of data, totalling 56. Of course,
2590 * the last 64 bits is dependent on that being available.
2592 #define ICMPERR_ICMPHLEN 8
2593 #define ICMPERR_IPICMPHLEN (20 + 8)
2594 #define ICMPERR_MINPKTLEN (20 + 8 + 20)
2595 #define ICMPERR_MAXPKTLEN (20 + 8 + 20 + 8)
2596 #define ICMP6ERR_MINPKTLEN (40 + 8)
2597 #define ICMP6ERR_IPICMPHLEN (40 + 8 + 40)
2599 #ifndef MIN
2600 # define MIN(a,b) (((a)<(b))?(a):(b))
2601 #endif
2603 #ifdef IPF_DEBUG
2604 # define DPRINT(x) printf x
2605 #else
2606 # define DPRINT(x)
2607 #endif
2609 #ifdef RESCUE
2610 # undef IPFILTER_BPF
2611 #endif
2613 #endif /* __IP_COMPAT_H__ */