2 * Copyright (C) 1993-2001, 2003 by Darren Reed.
4 * See the IPFILTER.LICENCE file for details on licencing.
6 * @(#)ip_compat.h 1.8 1/14/96
7 * $Id: ip_compat.h,v 2.142.2.30 2005/08/11 15:13:49 darrenr Exp $
9 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
10 * Use is subject to license terms.
13 #ifndef __IP_COMPAT_H__
14 #define __IP_COMPAT_H__
28 #if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__)
38 #define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
45 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \
46 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6)
49 #if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105000000) && \
50 !defined(_KERNEL) && !defined(USE_INET6)
52 # define IPFILTER_M_IPFILTER
54 #if defined(OpenBSD) && (OpenBSD >= 200206) && \
55 !defined(_KERNEL) && !defined(USE_INET6)
61 #if defined(linux) && (!defined(_KERNEL) || defined(CONFIG_IPV6))
64 #if defined(HPUXREV) && (HPUXREV >= 1111)
68 #if defined(BSD) && (BSD < 199103) && defined(__osf__)
73 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
75 # if !defined(_KERNEL)
76 # define bzero(a,b) memset(a,0,b)
78 # define bcopy(a,b,c) memmove(b,a,c)
84 # define LIFNAMSIZ IF_NAMESIZE
87 # define LIFNAMSIZ IFNAMSIZ
94 #if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux)
96 u_char ether_addr_octet
[6];
100 #if defined(__sgi) && !defined(IPFILTER_LKM)
102 # define IPL_EXTERN(ep) ipfilter##ep
104 # define IPL_EXTERN(ep) ipfilter/**/ep
108 # define IPL_EXTERN(ep) ipl##ep
110 # define IPL_EXTERN(ep) ipl/**/ep
115 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD.
126 # include <sys/uio.h>
134 /* ----------------------------------------------------------------------- */
136 /* ----------------------------------------------------------------------- */
139 # include <sys/cmn_err.h>
140 # include <sys/isa_defs.h>
141 # include <sys/stream.h>
142 # include <sys/ioccom.h>
143 # include <sys/sysmacros.h>
144 # include <sys/kmem.h>
146 # include <sys/procset.h>
147 # include <sys/proc.h>
148 # include <sys/devops.h>
149 # include <sys/ddi_impldefs.h>
150 # include <sys/neti.h>
154 * inet/ip.h would end up including radix.h with _KERNEL, which is not
155 * what the tools intend, so include radix.h first.
158 # include <net/radix.h>
161 * because Solaris 2 defines these in two places :-/
167 # endif /* _KERNEL */
170 # include <netinet/ip6.h>
171 # include <netinet/icmp6.h>
174 # include <inet/common.h>
175 /* These 5 are defined in <inet/ip.h> and <netinet/ip.h> */
182 # define _SYS_PROMIF_H
187 # include <inet/ip.h>
189 # include <inet/ip_ire.h>
194 # define SNPRINTF snprintf
196 # include <inet/ip_if.h>
197 # define ipif_local_addr ipif_lcl_addr
198 /* Only defined in private include file */
199 # ifndef V4_PART_OF_V6
200 # define V4_PART_OF_V6(v6) v6.s6_addr32[3]
206 # endif /* SOLARIS2 >= 8 */
210 # define SOLARIS_PFHOOKS 1
212 typedef struct qpktinfo
{
213 /* data that changes per-packet */
214 void *qpi_ill
; /* COPIED */
216 void *qpi_data
; /* where layer 3 header starts */
218 int qpi_flags
; /* Uses FI_* flags */
221 extern void mb_copydata
__P((mblk_t
*, size_t , size_t, char *));
222 extern void mb_copyback
__P((mblk_t
*, size_t , size_t, char *));
226 # include <sys/atomic.h>
227 typedef uint32_t u_32_t
;
229 typedef unsigned int u_32_t
;
234 # define KRWLOCK_T krwlock_t
235 # define KMUTEX_T kmutex_t
237 # include <sys/sdt.h>
239 # define IPF_IS_LOOPBACK(f) ((f) & FI_NOCKSUM)
240 # endif /* SOLARIS2 >= 10 */
243 # define ATOMIC_INCL(x) atomic_inc_ulong((uint32_t *)&(x))
244 # define ATOMIC_DECL(x) atomic_dec_ulong((uint32_t *)&(x))
246 # define ATOMIC_INCL(x) atomic_inc_ulong(&(x))
247 # define ATOMIC_DECL(x) atomic_dec_ulong(&(x))
248 # endif /* SOLARIS2 == 6 */
249 # define ATOMIC_INC64(x) atomic_inc_64((uint64_t *)&(x))
250 # define ATOMIC_INC32(x) atomic_inc_32((uint32_t *)&(x))
251 # define ATOMIC_INC16(x) atomic_inc_16((uint16_t *)&(x))
252 # define ATOMIC_DEC64(x) atomic_dec_64((uint64_t *)&(x))
253 # define ATOMIC_DEC32(x) atomic_dec_32((uint32_t *)&(x))
254 # define ATOMIC_DEC16(x) atomic_dec_16((uint16_t *)&(x))
256 # define ATOMIC_INC(x) { mutex_enter(&ipf_rw); (x)++; \
257 mutex_exit(&ipf_rw); }
258 # define ATOMIC_DEC(x) { mutex_enter(&ipf_rw); (x)--; \
259 mutex_exit(&ipf_rw); }
260 # endif /* SOLARIS2 >= 6 */
262 # define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk)
263 # define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER)
264 # define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER)
265 # define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk)
266 # define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk, (y), \
268 # define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk)
269 # define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk)
270 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, (y), \
272 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
273 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
274 # define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk)
275 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
276 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
277 # define BCOPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
278 # define BCOPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
279 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
280 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
281 # define KFREES(x,s) kmem_free((char *)(x), (s))
282 # define SPL_NET(x) ;
283 # define SPL_IMP(x) ;
287 # define ntohs(x) (x)
288 # define ntohl(x) (x)
289 # define htons(x) (x)
290 # define htonl(x) (x)
292 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
293 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP)
294 # define GET_MINOR(x) getminor(x)
295 /*extern phy_if_t get_unit __P((char *, int, ipf_stack_t *));*/
296 # define GETIFP(n, v, ifs) (void *)get_unit(n, v, ifs)
297 # define IFNAME(x) ((ill_t *)x)->ill_name
298 # define COPYIFNAME(x, b, v) (void) net_getifname(((v) == 4) ? \
299 ifs->ifs_ipf_ipv4 : ifs->ifs_ipf_ipv6,\
300 (phy_if_t)(x), (b), sizeof(b))
301 # define GETKTIME(x) uniqtime((struct timeval *)x)
302 # define MSGDSIZE(x) msgdsize(x)
303 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr)
304 # define M_DUPLICATE(x) copymsg((x))
305 # define MTOD(m,t) ((t)((m)->b_rptr))
306 # define MTYPE(m) ((m)->b_datap->db_type)
307 # define FREE_MB_T(m) freemsg(m)
308 # define m_next b_cont
309 # define CACHE_HASH(x) (((phy_if_t)(x)->fin_ifp) & 7)
310 # define IPF_PANIC(x,y) if (x) { printf y; cmn_err(CE_PANIC, "ipf_panic"); }
312 # endif /* _KERNEL */
316 # define ALIGN32(ptr) (ptr ? 0L : 0L)
317 # define ALIGN16(ptr) (ptr ? 0L : 0L)
319 # define ALIGN32(ptr) (ptr)
320 # define ALIGN16(ptr) (ptr)
325 typedef struct uio uio_t
;
327 typedef int ioctlcmd_t
;
328 typedef uint8_t u_int8_t
;
330 # define OS_RECOGNISED 1
334 /* ----------------------------------------------------------------------- */
336 /* ----------------------------------------------------------------------- */
339 # include <sys/sysmacros.h>
340 # include <sys/spinlock.h>
341 # include <sys/lock.h>
342 # include <sys/stream.h>
344 # include <netinet/if_ether.h>
345 # include <netinet/ip6.h>
346 # include <netinet/icmp6.h>
347 typedef struct ip6_hdr ip6_t
;
351 # define SNPRINTF sprintf
352 # if (HPUXREV >= 1111)
355 # include <machine/sys/user.h>
356 # include <sys/kthread_iface.h>
357 # define READ_COLLISION 0x01
359 typedef struct iplog_select_s
{
360 kthread_t
*read_waiter
;
366 # define GETKTIME(x) uniqtime((struct timeval *)x)
369 # include "kern_svcs.h"
371 # include <sys/kern_svcs.h>
376 # include <sys/reg.h>
377 # include "../netinet/ip_info.h"
379 * According to /usr/include/sys/spinlock.h on HP-UX 11.00, these functions
380 * are available. Attempting to use them actually results in unresolved
381 * symbols when it comes time to load the module.
382 * This has been fixed! Yipee!
386 # define ATOMIC_INCL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
387 # define ATOMIC_DECL(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
389 # define ATOMIC_INCL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
390 # define ATOMIC_DECL(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
392 # define ATOMIC_INC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), 1)
393 # define ATOMIC_INC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), 1)
394 # define ATOMIC_INC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), 1)
395 # define ATOMIC_DEC64(x) lock_and_incr_int64(&ipf_rw.ipf_lk, &(x), -1)
396 # define ATOMIC_DEC32(x) lock_and_incr_int32(&ipf_rw.ipf_lk, &(x), -1)
397 # define ATOMIC_DEC16(x) lock_and_incr_int16(&ipf_rw.ipf_lk, &(x), -1)
399 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
400 MUTEX_EXIT(&ipf_rw); }
401 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
402 MUTEX_EXIT(&ipf_rw); }
403 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
404 MUTEX_EXIT(&ipf_rw); }
405 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
406 MUTEX_EXIT(&ipf_rw); }
407 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
408 MUTEX_EXIT(&ipf_rw); }
409 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
410 MUTEX_EXIT(&ipf_rw); }
411 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
412 MUTEX_EXIT(&ipf_rw); }
413 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
414 MUTEX_EXIT(&ipf_rw); }
416 # define ip_cksum ip_csuma
417 # define memcpy(a,b,c) bcopy((caddr_t)b, (caddr_t)a, c)
419 # define MUTEX_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, (y))
420 # define MUTEX_ENTER(x) spinlock(&(x)->ipf_lk)
421 # define MUTEX_EXIT(x) spinunlock(&(x)->ipf_lk);
422 # define MUTEX_DESTROY(x)
423 # define MUTEX_NUKE(x) bzero((char *)(x), sizeof(*(x)))
424 # define KMUTEX_T lock_t
425 # define kmutex_t lock_t /* for pfil.h */
426 # define krwlock_t lock_t /* for pfil.h */
428 * The read-write lock implementation in HP-UX 11.0 is crippled - it can
429 * only be used by threads working in a user context!
430 * This has been fixed! Yipee! (Or at least it does in 11.00, not 11.11..)
433 # define MUTEX_DOWNGRADE(x) lock_write_to_read(x)
434 # define KRWLOCK_T struct rw_lock
435 # define READ_ENTER(x) lock_read(&(x)->ipf_lk)
436 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk)
438 # define RWLOCK_INIT(x, y) rwlock_init4(&(x)->ipf_lk, 0, RWLCK_CANSLEEP, 0, y)
440 # define RWLOCK_INIT(x, y) lock_init3(&(x)->ipf_lk, 0, 1, 0, 0, y)
442 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk)
444 # define KRWLOCK_T lock_t
445 # define KMUTEX_T lock_t
446 # define READ_ENTER(x) MUTEX_ENTER(x)
447 # define WRITE_ENTER(x) MUTEX_ENTER(x)
448 # define MUTEX_DOWNGRADE(x)
449 # define RWLOCK_INIT(x, y) initlock(&(x)->ipf_lk, 0, 0, y)
450 # define RWLOCK_EXIT(x) MUTEX_EXIT(x)
452 # define RW_DESTROY(x)
453 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
454 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
456 # define BCOPYIN(a,b,c) 0; bcopy((caddr_t)(a), (caddr_t)(b), (c))
457 # define BCOPYOUT(a,b,c) 0; bcopy((caddr_t)(a), (caddr_t)(b), (c))
459 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
460 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
462 # define SPL_NET(x) ;
463 # define SPL_IMP(x) ;
466 /*extern void *get_unit __P((char *, int, ipf_stack_t *));*/
467 # define GETIFP(n, v, ifs) get_unit(n, v, ifs)
468 # define IFNAME(x, b) ((ill_t *)x)->ill_name
469 # define COPYIFNAME(x, b, v) \
470 strncpy(b, ((ifinfo_t *)x)->ifi_name, \
472 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
473 # define SLEEP(id, n) { lock_t *_l = get_sleep_lock((caddr_t)id); \
474 sleep(id, PZERO+1); \
477 # define WAKEUP(id,x) { lock_t *_l = get_sleep_lock((caddr_t)id); \
481 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_IOSYS, M_NOWAIT)
482 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_IOSYS, M_NOWAIT)
483 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
484 # define KFREES(x,s) kmem_free((char *)(x), (s))
485 # define MSGDSIZE(x) msgdsize(x)
486 # define M_LEN(x) ((x)->b_wptr - (x)->b_rptr)
487 # define M_DUPLICATE(x) dupmsg((x))
488 # define MTOD(m,t) ((t)((m)->b_rptr))
489 # define MTYPE(m) ((m)->b_datap->db_type)
490 # define FREE_MB_T(m) freemsg(m)
491 # define m_next b_cont
492 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
495 # define CACHE_HASH(x) (((phy_if_t)(x)->fin_ifp) & 7)
502 typedef unsigned char uchar_t
;
504 # ifndef _SYS_STREAM_INCLUDED
505 typedef char * mblk_t
;
506 typedef void * queue_t
;
507 typedef u_long ulong
;
509 # include <netinet/ip_info.h>
511 # endif /* _KERNEL */
514 # define ALIGN32(ptr) (ptr ? 0L : 0L)
515 # define ALIGN16(ptr) (ptr ? 0L : 0L)
517 # define ALIGN32(ptr) (ptr)
518 # define ALIGN16(ptr) (ptr)
521 typedef struct uio uio_t
;
522 typedef int ioctlcmd_t
;
524 typedef unsigned int u_32_t
;
527 # define OS_RECOGNISED 1
531 /* ----------------------------------------------------------------------- */
533 /* ----------------------------------------------------------------------- */
537 typedef struct uio uio_t
;
539 typedef int ioctlcmd_t
;
540 typedef u_int32_t u_32_t
;
548 # include <sys/ksynch.h>
549 # define IPF_LOCK_PL plhi
550 # include <sys/sema.h>
558 # define KMUTEX_T mutex_t
560 # define KMUTEX_T kmutex_t
561 # define KRWLOCK_T kmutex_t
565 # define NEED_LOCAL_RAND 1
566 # define ipf_random arc4random
567 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); \
568 (x)++; MUTEX_EXIT(&ipf_rw); }
569 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); \
570 (x)--; MUTEX_EXIT(&ipf_rw); }
573 # include <sys/atomic_ops.h>
574 # define ATOMIC_INCL(x) atomicAddUlong(&(x), 1)
575 # define ATOMIC_INC64(x) atomicAddUint64(&(x), 1)
576 # define ATOMIC_INC32(x) atomicAddUint(&(x), 1)
577 # define ATOMIC_INC16 ATOMIC_INC
578 # define ATOMIC_DECL(x) atomicAddUlong(&(x), -1)
579 # define ATOMIC_DEC64(x) atomicAddUint64(&(x), -1)
580 # define ATOMIC_DEC32(x) atomicAddUint(&(x), -1)
581 # define ATOMIC_DEC16 ATOMIC_DEC
583 # define MUTEX_INIT(x, y) mutex_init(&(x)->ipf_lk, \
586 # define MUTEX_ENTER(x) mutex_lock(&(x)->ipf_lk, 0)
588 # define MUTEX_EXIT(x) mutex_unlock(&(x)->ipf_lk)
589 # undef MUTEX_DESTROY
590 # define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
591 # define MUTEX_DOWNGRADE(x) mrdemote(&(x)->ipf_lk)
592 # define KRWLOCK_T mrlock_t
593 # define RWLOCK_INIT(x, y) mrinit(&(x)->ipf_lk, y)
595 # define RW_DESTROY(x) mrfree(&(x)->ipf_lk)
596 # define READ_ENTER(x) RW_RDLOCK(&(x)->ipf_lk)
597 # define WRITE_ENTER(x) RW_WRLOCK(&(x)->ipf_lk)
598 # define RWLOCK_EXIT(x) RW_UNLOCK(&(x)->ipf_lk)
600 # define READ_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk)
601 # define WRITE_ENTER(x) MUTEX_ENTER(&(x)->ipf_lk)
602 # define MUTEX_DOWNGRADE(x) ;
603 # define RWLOCK_EXIT(x) MUTEX_EXIT(&(x)->ipf_lk)
604 # define MUTEX_EXIT(x) UNLOCK((x)->ipf_lk.l, (x)->ipf_lk.pl);
605 # define MUTEX_INIT(x,y) (x)->ipf_lk.l = LOCK_ALLOC((uchar_t)-1, IPF_LOCK_PL, (lkinfo_t *)-1, KM_NOSLEEP)
606 # define MUTEX_DESTROY(x) LOCK_DEALLOC((x)->ipf_lk.l)
607 # define MUTEX_ENTER(x) (x)->ipf_lk.pl = LOCK((x)->ipf_lk.l, \
610 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
611 # define FREE_MB_T(m) m_freem(m)
612 # define MTOD(m,t) mtod(m,t)
613 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
614 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
615 # define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
616 # define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
617 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
618 # define SLEEP(id, n) sleep((id), PZERO+1)
619 # define WAKEUP(id,x) wakeup(id+x)
620 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
621 # define KFREES(x,s) kmem_free((char *)(x), (s))
622 # define GETIFP(n,v, ifs) ifunit(n)
623 # include <sys/kmem.h>
624 # include <sys/ddi.h>
625 # define KMALLOC(a,b) (a) = (b)kmem_alloc(sizeof(*(a)), KM_NOSLEEP)
626 # define KMALLOCS(a,b,c) (a) = (b)kmem_alloc((c), KM_NOSLEEP)
627 # define GET_MINOR(x) getminor(x)
629 # define SPL_IMP(x) (x) = splimp()
630 # define SPL_NET(x) (x) = splnet()
631 # define SPL_X(x) (void) splx(x)
632 extern void m_copydata
__P((struct mbuf
*, int, int, caddr_t
));
633 extern void m_copyback
__P((struct mbuf
*, int, int, caddr_t
));
634 # define MSGDSIZE(x) mbufchainlen(x)
635 # define M_LEN(x) (x)->m_len
636 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
637 # define GETKTIME(x) microtime((struct timeval *)x)
638 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
639 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
640 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
641 typedef struct mbuf mb_t
;
645 # undef MUTEX_DESTROY
646 # endif /* _KERNEL */
648 # define OS_RECOGNISED 1
652 /* ----------------------------------------------------------------------- */
654 /* ----------------------------------------------------------------------- */
658 # include <kern/lock.h>
659 # include <sys/sysmacros.h>
662 # define NEED_LOCAL_RAND 1
663 # define ipf_random arc4random
664 # define KMUTEX_T simple_lock_data_t
665 # define KRWLOCK_T lock_data_t
666 # include <net/net_globals.h>
668 # define READ_ENTER(x) lock_read(&(x)->ipf_lk)
669 # define WRITE_ENTER(x) lock_write(&(x)->ipf_lk)
670 # define MUTEX_DOWNGRADE(x) lock_write_to_read(&(x)->ipf_lk)
671 # define RWLOCK_INIT(x, y) lock_init(&(x)->ipf_lk, TRUE)
672 # define RWLOCK_EXIT(x) lock_done(&(x)->ipf_lk)
673 # define RW_DESTROY(x) lock_terminate(&(x)->ipf_lk)
674 # define MUTEX_ENTER(x) simple_lock(&(x)->ipf_lk)
675 # define MUTEX_INIT(x, y) simple_lock_init(&(x)->ipf_lk)
676 # define MUTEX_DESTROY(x) simple_lock_terminate(&(x)->ipf_lk)
677 # define MUTEX_EXIT(x) simple_unlock(&(x)->ipf_lk)
678 # define MUTEX_NUKE(x) bzero(x, sizeof(*(x)))
679 # define ATOMIC_INC64(x) atomic_incq((uint64_t*)&(x))
680 # define ATOMIC_DEC64(x) atomic_decq((uint64_t*)&(x))
681 # define ATOMIC_INC32(x) atomic_incl((uint32_t*)&(x))
682 # define ATOMIC_DEC32(x) atomic_decl((uint32_t*)&(x))
683 # define ATOMIC_INC16(x) { simple_lock(&ipf_rw); (x)++; \
684 simple_unlock(&ipf_rw); }
685 # define ATOMIC_DEC16(x) { simple_lock(&ipf_rw); (x)--; \
686 simple_unlock(&ipf_rw); }
687 # define ATOMIC_INCL(x) atomic_incl((uint32_t*)&(x))
688 # define ATOMIC_DECL(x) atomic_decl((uint32_t*)&(x))
689 # define ATOMIC_INC(x) { simple_lock(&ipf_rw); (x)++; \
690 simple_unlock(&ipf_rw); }
691 # define ATOMIC_DEC(x) { simple_lock(&ipf_rw); (x)--; \
692 simple_unlock(&ipf_rw); }
693 # define SPL_NET(x) ;
694 # define SPL_IMP(x) ;
697 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a, b, d)
698 # define FREE_MB_T(m) m_freem(m)
699 # define MTOD(m,t) mtod(m,t)
700 # define GETIFP(n, v, ifs) ifunit(n)
701 # define GET_MINOR getminor
702 # define WAKEUP(id,x) wakeup(id + x)
703 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
704 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
705 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
706 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
707 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_PFILT, M_NOWAIT)
708 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_PFILT, \
709 ((c) > 4096) ? M_WAITOK : M_NOWAIT)
710 # define KFREE(x) FREE((x), M_PFILT)
711 # define KFREES(x,s) FREE((x), M_PFILT)
712 # define MSGDSIZE(x) mbufchainlen(x)
713 # define M_LEN(x) (x)->m_len
714 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
715 # define GETKTIME(x) microtime((struct timeval *)x)
716 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
717 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
718 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
719 typedef struct mbuf mb_t
;
720 # endif /* _KERNEL */
722 # if (defined(_KERNEL) || defined(_NO_BITFIELDS) || (__STDC__ == 1))
723 # define IP_V(x) ((x)->ip_vhl >> 4)
724 # define IP_HL(x) ((x)->ip_vhl & 0xf)
725 # define IP_V_A(x,y) (x)->ip_vhl |= (((y) << 4) & 0xf0)
726 # define IP_HL_A(x,y) (x)->ip_vhl |= ((y) & 0xf)
727 # define TCP_X2(x) ((x)->th_xoff & 0xf)
728 # define TCP_X2_A(x,y) (x)->th_xoff |= ((y) & 0xf)
729 # define TCP_OFF(x) ((x)->th_xoff >> 4)
730 # define TCP_OFF_A(x,y) (x)->th_xoff |= (((y) << 4) & 0xf0)
734 * These are from's Solaris' #defines for little endian.
736 #define IP6F_MORE_FRAG 0x0100
737 #define IP6F_RESERVED_MASK 0x0600
738 #define IP6F_OFF_MASK 0xf8ff
745 typedef int ioctlcmd_t
;
747 * Really, any arch where sizeof(long) != sizeof(int).
749 typedef unsigned int u_32_t
;
752 # define OS_RECOGNISED 1
755 /* ----------------------------------------------------------------------- */
757 /* ----------------------------------------------------------------------- */
759 # if defined(_KERNEL) && !defined(IPFILTER_LKM)
760 # include "bpfilter.h"
761 # if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000)
762 # include "opt_inet.h"
767 # if (__NetBSD_Version__ >= 105000000)
768 # define HAVE_M_PULLDOWN 1
773 # define MSGDSIZE(x) mbufchainlen(x)
774 # define M_LEN(x) (x)->m_len
775 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
776 # define GETKTIME(x) microtime((struct timeval *)x)
777 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
778 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
779 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
780 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
781 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
782 typedef struct mbuf mb_t
;
783 # endif /* _KERNEL */
784 # if (NetBSD <= 1991011) && (NetBSD >= 199606)
785 # define IFNAME(x) ((struct ifnet *)x)->if_xname
786 # define COPYIFNAME(x, b, v) \
788 ((struct ifnet *)x)->if_xname, \
790 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7)
792 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
793 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
796 typedef struct uio uio_t
;
797 typedef u_long ioctlcmd_t
;
799 typedef u_int32_t u_32_t
;
802 # define OS_RECOGNISED 1
803 #endif /* __NetBSD__ */
806 /* ----------------------------------------------------------------------- */
808 /* ----------------------------------------------------------------------- */
810 # if defined(_KERNEL)
811 # if (__FreeBSD_version >= 500000)
812 # include "opt_bpf.h"
816 # if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000)
817 # include "opt_inet6.h"
819 # if defined(INET6) && !defined(USE_INET6)
824 # if defined(_KERNEL)
825 # if (__FreeBSD_version >= 400000)
827 * When #define'd, the 5.2.1 kernel panics when used with the ftp proxy.
828 * There may be other, safe, kernels but this is not extensively tested yet.
830 # define HAVE_M_PULLDOWN
832 # if !defined(IPFILTER_LKM) && (__FreeBSD_version >= 300000)
833 # include "opt_ipfilter.h"
835 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
836 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
837 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
838 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
840 # if (__FreeBSD_version >= 500043)
843 # endif /* _KERNEL */
845 # if (__FreeBSD_version >= 500043)
846 # include <sys/mutex.h>
849 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
850 * for what we want to use them for, despite testing showing they work -
851 * with a WITNESS kernel, it generates LOR messages.
853 # define KMUTEX_T struct mtx
855 # define KRWLOCK_T struct mtx
857 # define KRWLOCK_T struct sx
861 # if (__FreeBSD_version >= 501113)
862 # include <net/if_var.h>
863 # define IFNAME(x) ((struct ifnet *)x)->if_xname
864 # define COPYIFNAME(x, b) \
866 ((struct ifnet *)x)->if_xname, \
869 # if (__FreeBSD_version >= 500043)
870 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index) & 7)
872 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
873 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
877 # define GETKTIME(x) microtime((struct timeval *)x)
879 # if (__FreeBSD_version >= 500002)
880 # include <netinet/in_systm.h>
881 # include <netinet/ip.h>
882 # include <machine/in_cksum.h>
885 # if (__FreeBSD_version >= 500043)
887 # define MUTEX_ENTER(x) mtx_lock(&(x)->ipf_lk)
888 # define MUTEX_EXIT(x) mtx_unlock(&(x)->ipf_lk)
889 # define MUTEX_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\
891 # define MUTEX_DESTROY(x) mtx_destroy(&(x)->ipf_lk)
892 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
894 * Whilst the sx(9) locks on FreeBSD have the right semantics and interface
895 * for what we want to use them for, despite testing showing they work -
896 * with a WITNESS kernel, it generates LOR messages.
899 # define READ_ENTER(x) mtx_lock(&(x)->ipf_lk)
900 # define WRITE_ENTER(x) mtx_lock(&(x)->ipf_lk)
901 # define RWLOCK_EXIT(x) mtx_unlock(&(x)->ipf_lk)
902 # define MUTEX_DOWNGRADE(x) ;
903 # define RWLOCK_INIT(x,y) mtx_init(&(x)->ipf_lk, (y), NULL,\
905 # define RW_DESTROY(x) mtx_destroy(&(x)->ipf_lk)
907 # define READ_ENTER(x) sx_slock(&(x)->ipf_lk)
908 # define WRITE_ENTER(x) sx_xlock(&(x)->ipf_lk)
909 # define MUTEX_DOWNGRADE(x) sx_downgrade(&(x)->ipf_lk)
910 # define RWLOCK_INIT(x, y) sx_init(&(x)->ipf_lk, (y))
911 # define RW_DESTROY(x) sx_destroy(&(x)->ipf_lk)
913 # define RWLOCK_EXIT(x) sx_unlock(x)
915 # define RWLOCK_EXIT(x) do { \
916 if ((x)->ipf_lk.sx_cnt < 0) \
917 sx_xunlock(&(x)->ipf_lk); \
919 sx_sunlock(&(x)->ipf_lk); \
923 # include <machine/atomic.h>
924 # define ATOMIC_INC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)++; \
925 mtx_unlock(&ipf_rw.ipf_lk); }
926 # define ATOMIC_DEC(x) { mtx_lock(&ipf_rw.ipf_lk); (x)--; \
927 mtx_unlock(&ipf_rw.ipf_lk); }
928 # define ATOMIC_INCL(x) atomic_inc_ulong(&(x))
929 # define ATOMIC_INC64(x) ATOMIC_INC(x)
930 # define ATOMIC_INC32(x) atomic_inc_32(&(x))
931 # define ATOMIC_INC16(x) atomic_inc_16(&(x))
932 # define ATOMIC_DECL(x) atomic_dec_ulong(&(x))
933 # define ATOMIC_DEC64(x) ATOMIC_DEC(x)
934 # define ATOMIC_DEC32(x) atomic_dec_32(&(x))
935 # define ATOMIC_DEC16(x) atomic_dec_16(&(x))
937 # define SPL_NET(x) ;
938 # define SPL_IMP(x) ;
939 extern int in_cksum
__P((struct mbuf
*, int));
940 # endif /* __FreeBSD_version >= 500043 */
941 # define MSGDSIZE(x) mbufchainlen(x)
942 # define M_LEN(x) (x)->m_len
943 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
944 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
945 typedef struct mbuf mb_t
;
946 # endif /* _KERNEL */
949 # include <machine/spl.h>
951 # if __FreeBSD__ == 3
952 # if defined(IPFILTER_LKM) && !defined(ACTUALLY_LKM_NOT_KERNEL)
953 # define ACTUALLY_LKM_NOT_KERNEL
958 # if (__FreeBSD_version >= 300000)
959 typedef u_long ioctlcmd_t
;
961 typedef int ioctlcmd_t
;
963 typedef struct uio uio_t
;
965 typedef u_int32_t u_32_t
;
968 # define OS_RECOGNISED 1
969 #endif /* __FreeBSD__ */
972 /* ----------------------------------------------------------------------- */
974 /* ----------------------------------------------------------------------- */
981 # if !defined(IPFILTER_LKM)
982 # include "bpfilter.h"
984 # if (OpenBSD >= 200311)
985 # define SNPRINTF snprintf
986 # if defined(USE_INET6)
987 # include "netinet6/in6_var.h"
988 # include "netinet6/nd6.h"
991 # if (OpenBSD >= 200012)
992 # define HAVE_M_PULLDOWN 1
994 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
995 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
996 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
997 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
998 # define GETKTIME(x) microtime((struct timeval *)x)
999 # define MSGDSIZE(x) mbufchainlen(x)
1000 # define M_LEN(x) (x)->m_len
1001 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1002 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1003 typedef struct mbuf mb_t
;
1004 # endif /* _KERNEL */
1005 # if (OpenBSD >= 199603)
1006 # define IFNAME(x, b) ((struct ifnet *)x)->if_xname
1007 # define COPYIFNAME(x, b, v) \
1009 ((struct ifnet *)x)->if_xname, \
1011 # define CACHE_HASH(x) ((((struct ifnet *)fin->fin_ifp)->if_index)&7)
1013 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1014 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1017 typedef struct uio uio_t
;
1018 typedef u_long ioctlcmd_t
;
1019 typedef int minor_t
;
1020 typedef u_int32_t u_32_t
;
1023 # define OS_RECOGNISED 1
1024 #endif /* __OpenBSD__ */
1027 /* ----------------------------------------------------------------------- */
1029 /* ----------------------------------------------------------------------- */
1030 #ifdef _BSDI_VERSION
1036 # define GETKTIME(x) microtime((struct timeval *)x)
1037 # define MSGDSIZE(x) mbufchainlen(x)
1038 # define M_LEN(x) (x)->m_len
1039 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1040 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1041 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1042 typedef struct mbuf mb_t
;
1043 # endif /* _KERNEL */
1045 # if (_BSDI_VERSION >= 199701)
1046 typedef u_long ioctlcmd_t
;
1048 typedef int ioctlcmd_t
;
1050 typedef u_int32_t u_32_t
;
1053 #endif /* _BSDI_VERSION */
1056 /* ----------------------------------------------------------------------- */
1058 /* ----------------------------------------------------------------------- */
1059 #if defined(sun) && !defined(OS_RECOGNISED) /* SunOS4 */
1061 # include <sys/kmem_alloc.h>
1062 # define GETKTIME(x) uniqtime((struct timeval *)x)
1063 # define MSGDSIZE(x) mbufchainlen(x)
1064 # define M_LEN(x) (x)->m_len
1065 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1066 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1067 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1068 # define GETIFP(n, v, ifs) ifunit(n, IFNAMSIZ)
1069 # define KFREE(x) kmem_free((char *)(x), sizeof(*(x)))
1070 # define KFREES(x,s) kmem_free((char *)(x), (s))
1071 # define SLEEP(id, n) sleep((id), PZERO+1)
1072 # define WAKEUP(id,x) wakeup(id + x)
1073 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
1074 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1076 extern void m_copydata
__P((struct mbuf
*, int, int, caddr_t
));
1077 extern void m_copyback
__P((struct mbuf
*, int, int, caddr_t
));
1079 typedef struct mbuf mb_t
;
1082 typedef struct uio uio_t
;
1083 typedef int ioctlcmd_t
;
1084 typedef int minor_t
;
1085 typedef unsigned int u_32_t
;
1088 # define OS_RECOGNISED 1
1090 #endif /* SunOS 4 */
1092 /* ----------------------------------------------------------------------- */
1094 /* ----------------------------------------------------------------------- */
1095 #if defined(linux) && !defined(OS_RECOGNISED)
1096 #include <linux/config.h>
1097 #include <linux/version.h>
1099 # define HDR_T_PRIVATE 1
1110 # define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
1111 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1112 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1113 # define COPYIN(a,b,c) copy_from_user((caddr_t)(b), (caddr_t)(a), (c))
1114 # define COPYOUT(a,b,c) copy_to_user((caddr_t)(b), (caddr_t)(a), (c))
1115 # define FREE_MB_T(m) kfree_skb(m)
1116 # define GETKTIME(x) do_gettimeofday((struct timeval *)x)
1117 # define SLEEP(x,s) 0, interruptible_sleep_on(x##_linux)
1118 # define WAKEUP(x,y) wake_up(x##_linux + y)
1119 # define UIOMOVE(a,b,c,d) uiomove(a,b,c,d)
1120 # define USE_MUTEXES
1121 # define KRWLOCK_T rwlock_t
1122 # define KMUTEX_T spinlock_t
1123 # define MUTEX_INIT(x,y) spin_lock_init(&(x)->ipf_lk)
1124 # define MUTEX_ENTER(x) spin_lock(&(x)->ipf_lk)
1125 # define MUTEX_EXIT(x) spin_unlock(&(x)->ipf_lk)
1126 # define MUTEX_DESTROY(x) do { } while (0)
1127 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1128 # define READ_ENTER(x) ipf_read_enter(x)
1129 # define WRITE_ENTER(x) ipf_write_enter(x)
1130 # define RWLOCK_INIT(x,y) rwlock_init(&(x)->ipf_lk)
1131 # define RW_DESTROY(x) do { } while (0)
1132 # define RWLOCK_EXIT(x) ipf_rw_exit(x)
1133 # define MUTEX_DOWNGRADE(x) ipf_rw_downgrade(x)
1134 # define ATOMIC_INCL(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1136 # define ATOMIC_DECL(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1138 # define ATOMIC_INC64(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1140 # define ATOMIC_INC32(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1142 # define ATOMIC_INC16(x) MUTEX_ENTER(&ipf_rw); (x)++; \
1144 # define ATOMIC_DEC64(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1146 # define ATOMIC_DEC32(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1148 # define ATOMIC_DEC16(x) MUTEX_ENTER(&ipf_rw); (x)--; \
1150 # define SPL_IMP(x) do { } while (0)
1151 # define SPL_NET(x) do { } while (0)
1152 # define SPL_X(x) do { } while (0)
1153 # define IFNAME(x) ((struct net_device*)x)->name
1154 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1155 ((struct net_device *)fin->fin_ifp)->ifindex) & 7)
1156 typedef struct sk_buff mb_t
;
1157 extern void m_copydata
__P((mb_t
*, int, int, caddr_t
));
1158 extern void m_copyback
__P((mb_t
*, int, int, caddr_t
));
1159 extern void m_adj
__P((mb_t
*, int));
1160 extern mb_t
*m_pullup
__P((mb_t
*, int));
1161 # define mbuf sk_buff
1163 # define mtod(m, t) ((t)(m)->data)
1165 # define m_next next
1166 # define M_DUPLICATE(m) skb_clone((m), in_interrupt() ? GFP_ATOMIC : \
1168 # define MSGDSIZE(m) (m)->len
1169 # define M_LEN(m) (m)->len
1171 # define splnet(x) ;
1172 # define printf printk
1173 # define bcopy(s,d,z) memmove(d, s, z)
1174 # define bzero(s,z) memset(s, 0, z)
1175 # define bcmp(a,b,z) memcmp(a, b, z)
1177 # define ifnet net_device
1178 # define if_xname name
1179 # define if_unit ifindex
1181 # define KMALLOC(x,t) (x) = (t)kmalloc(sizeof(*(x)), \
1182 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1183 # define KFREE(x) kfree(x)
1184 # define KMALLOCS(x,t,s) (x) = (t)kmalloc((s), \
1185 in_interrupt() ? GFP_ATOMIC : GFP_KERNEL)
1186 # define KFREES(x,s) kfree(x)
1188 # define GETIFP(n,v) dev_get_by_name(n)
1191 # include <net/ethernet.h>
1196 # ifndef _NET_ROUTE_H
1202 char if_xname
[IFNAMSIZ
];
1204 int (* if_output
) __P((struct ifnet
*, struct mbuf
*, struct sockaddr
*, struct rtentry
*));
1205 struct ifaddr
*if_addrlist
;
1207 # define IFNAME(x) ((struct ifnet *)x)->if_xname
1209 # endif /* _KERNEL */
1211 # define COPYIFNAME(x, b) \
1213 ((struct ifnet *)x)->if_xname, \
1216 # include <linux/fs.h>
1217 # define FWRITE FMODE_WRITE
1218 # define FREAD FMODE_READ
1220 # define __USE_MISC 1
1221 # define __FAVOR_BSD 1
1223 typedef struct uio
{
1224 struct iovec
*uio_iov
;
1233 extern int uiomove
__P((caddr_t
, size_t, int, struct uio
*));
1236 # define UIO_WRITE 2
1238 typedef u_long ioctlcmd_t
;
1239 typedef int minor_t
;
1240 typedef u_int32_t u_32_t
;
1243 # define OS_RECOGNISED 1
1248 /* ----------------------------------------------------------------------- */
1250 /* ----------------------------------------------------------------------- */
1254 # include <sys/lock.h>
1255 # include <sys/sysmacros.h>
1258 # define rw_read_locked(x) 0
1259 # include <net/net_globals.h>
1260 # include <net/net_malloc.h>
1261 # define KMUTEX_T simple_lock_t
1262 # define KRWLOCK_T complex_lock_t
1263 # define USE_MUTEXES 1
1265 # define READ_ENTER(x) lock_read((x)->ipf_lk)
1266 # define WRITE_ENTER(x) lock_write((x)->ipf_lk)
1267 # define MUTEX_DOWNGRADE(x) lock_write_to_read((x)->ipf_lk)
1268 # define RWLOCK_INIT(x, y) lock_alloc(&(x)->ipf_lk, \
1271 lock_init((x)->ipf_lk, TRUE)
1272 # define RWLOCK_EXIT(x) lock_done((x)->ipf_lk)
1273 # define RW_DESTROY(x) lock_free(&(x)->ipf_lk)
1274 # define MUTEX_ENTER(x) simple_lock((x)->ipf_lk)
1275 # define MUTEX_INIT(x, y) lock_alloc(&(x)->ipf_lk, \
1278 simple_lock_init((x)->ipf_lk)
1279 # define MUTEX_DESTROY(x) lock_free(&(x)->ipf_lk)
1280 # define MUTEX_EXIT(x) simple_unlock((x)->ipf_lk)
1281 # define MUTEX_NUKE(x) bzero(&(x)->ipf_lk, sizeof((x)->ipf_lk))
1282 # define ATOMIC_INC64(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1283 MUTEX_EXIT(&ipf_rw); }
1284 # define ATOMIC_DEC64(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1285 MUTEX_EXIT(&ipf_rw); }
1286 # define ATOMIC_INC32(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1287 MUTEX_EXIT(&ipf_rw); }
1288 # define ATOMIC_DEC32(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1289 MUTEX_EXIT(&ipf_rw); }
1290 # define ATOMIC_INCL(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1291 MUTEX_EXIT(&ipf_rw); }
1292 # define ATOMIC_DECL(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1293 MUTEX_EXIT(&ipf_rw); }
1294 # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); (x)++; \
1295 MUTEX_EXIT(&ipf_rw); }
1296 # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); (x)--; \
1297 MUTEX_EXIT(&ipf_rw); }
1298 # define SPL_NET(x) x = splnet()
1299 # define SPL_IMP(x) x = splimp()
1301 # define SPL_X(x) splx(x)
1302 # define UIOMOVE(a,b,c,d) uiomove((caddr_t)a,b,c,d)
1303 extern void* getifp
__P((char *, int));
1304 # define GETIFP(n, v) getifp(n, v)
1305 # define GET_MINOR minor
1306 # define SLEEP(id, n) sleepx((id), PZERO+1, 0)
1307 # define WAKEUP(id,x) wakeup(id)
1308 # define COPYIN(a,b,c) copyin((caddr_t)(a), (caddr_t)(b), (c))
1309 # define COPYOUT(a,b,c) copyout((caddr_t)(a), (caddr_t)(b), (c))
1310 # define BCOPYIN(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1311 # define BCOPYOUT(a,b,c) bcopy((caddr_t)(a), (caddr_t)(b), (c))
1312 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), M_TEMP, M_NOWAIT)
1313 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), M_TEMP, \
1314 ((c) > 4096) ? M_WAITOK : M_NOWAIT)
1315 # define KFREE(x) FREE((x), M_TEMP)
1316 # define KFREES(x,s) FREE((x), M_TEMP)
1317 # define MSGDSIZE(x) mbufchainlen(x)
1318 # define M_LEN(x) (x)->m_len
1319 # define M_DUPLICATE(x) m_copy((x), 0, M_COPYALL)
1320 # define GETKTIME(x)
1321 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1322 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1323 # define IPF_PANIC(x,y)
1324 typedef struct mbuf mb_t
;
1325 # endif /* _KERNEL */
1328 * These are from's Solaris' #defines for little endian.
1330 #if !defined(IP6F_MORE_FRAG)
1331 # define IP6F_MORE_FRAG 0x0100
1333 #if !defined(IP6F_RESERVED_MASK)
1334 # define IP6F_RESERVED_MASK 0x0600
1336 #if !defined(IP6F_OFF_MASK)
1337 # define IP6F_OFF_MASK 0xf8ff
1345 typedef int ioctlcmd_t
;
1346 typedef int minor_t
;
1348 * Really, any arch where sizeof(long) != sizeof(int).
1350 typedef unsigned int u_32_t
;
1353 # define OS_RECOGNISED 1
1357 #ifndef OS_RECOGNISED
1358 #error ip_compat.h does not recognise this platform/OS.
1362 /* ----------------------------------------------------------------------- */
1364 /* ----------------------------------------------------------------------- */
1365 #ifndef OS_RECOGNISED
1369 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in
1372 #if !defined(IPFILTER_BPF) && ((NBPF > 0) || (NBPFILTER > 0) || (DEV_BPF > 0))
1373 # define IPFILTER_BPF
1377 * Userland locking primitives
1425 #define ipf_lk ipf_lkun_s.ipf_slk
1426 #define ipf_lname ipf_lkun_s.ipf_lname
1427 #define ipf_isr ipf_lkun_s.ipf_sr
1428 #define ipf_isw ipf_lkun_s.ipf_sw
1429 #define ipf_magic ipf_lkun_s.ipf_magic
1431 #if !defined(__GNUC__) || \
1432 (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000))
1437 # define INLINE __inline__
1440 #if defined(linux) && defined(_KERNEL)
1441 extern INLINE
void ipf_read_enter
__P((ipfrwlock_t
*));
1442 extern INLINE
void ipf_write_enter
__P((ipfrwlock_t
*));
1443 extern INLINE
void ipf_rw_exit
__P((ipfrwlock_t
*));
1444 extern INLINE
void ipf_rw_downgrade
__P((ipfrwlock_t
*));
1448 * In a non-kernel environment, there are a lot of macros that need to be
1449 * filled in to be null-ops or to point to some compatibility function,
1450 * somewhere in userland.
1453 typedef struct mb_s
{
1454 struct mb_s
*mb_next
;
1456 u_long mb_buf
[2048];
1459 # define m_next mb_next
1460 # define MSGDSIZE(x) (x)->mb_len /* XXX - from ipt.c */
1461 # define M_LEN(x) (x)->mb_len
1462 # define M_DUPLICATE(x) (x)
1463 # define GETKTIME(x) gettimeofday((struct timeval *)(x), NULL)
1465 # define MTOD(m, t) ((t)(m)->mb_buf)
1466 # define FREE_MB_T(x)
1467 # define SLEEP(x,y) 1;
1468 # define WAKEUP(x,y) ;
1469 # define IPF_PANIC(x,y) ;
1470 # define PANIC(x,y) ;
1471 # define SPL_NET(x) ;
1472 # define SPL_IMP(x) ;
1474 # define KMALLOC(a,b) (a) = (b)malloc(sizeof(*a))
1475 # define KMALLOCS(a,b,c) (a) = (b)malloc(c)
1476 # define KFREE(x) free(x)
1477 # define KFREES(x,s) free(x)
1478 # define GETIFP(x, v, ifs) get_unit(x,v, ifs)
1479 # define COPYIN(a,b,c) (bcopy((a), (b), (c)), 0)
1480 # define COPYOUT(a,b,c) (bcopy((a), (b), (c)), 0)
1481 # define BCOPYIN(a,b,c) (bcopy((a), (b), (c)), 0)
1482 # define BCOPYOUT(a,b,c) (bcopy((a), (b), (c)), 0)
1483 # define COPYDATA(m, o, l, b) bcopy(MTOD((mb_t *)m, char *) + (o), \
1485 # define COPYBACK(m, o, l, b) bcopy((b), \
1486 MTOD((mb_t *)m, char *) + (o), \
1488 # define UIOMOVE(a,b,c,d) ipfuiomove(a,b,c,d)
1489 extern void m_copydata
__P((mb_t
*, int, int, caddr_t
));
1490 extern int ipfuiomove
__P((caddr_t
, int, int, struct uio
*));
1492 # define CACHE_HASH(x) ((IFNAME(fin->fin_ifp)[0] + \
1493 ((struct ifnet *)fin->fin_ifp)->if_unit) & 7)
1496 # define MUTEX_DESTROY(x) eMmutex_destroy(&(x)->ipf_emu)
1497 # define MUTEX_ENTER(x) eMmutex_enter(&(x)->ipf_emu, \
1499 # define MUTEX_EXIT(x) eMmutex_exit(&(x)->ipf_emu)
1500 # define MUTEX_INIT(x,y) eMmutex_init(&(x)->ipf_emu, y)
1501 # define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
1503 # define MUTEX_DOWNGRADE(x) eMrwlock_downgrade(&(x)->ipf_emu, \
1505 # define READ_ENTER(x) eMrwlock_read_enter(&(x)->ipf_emu, \
1507 # define RWLOCK_INIT(x, y) eMrwlock_init(&(x)->ipf_emu, y)
1508 # define RWLOCK_EXIT(x) eMrwlock_exit(&(x)->ipf_emu)
1509 # define RW_DESTROY(x) eMrwlock_destroy(&(x)->ipf_emu)
1510 # define WRITE_ENTER(x) eMrwlock_write_enter(&(x)->ipf_emu, \
1514 # define USE_MUTEXES 1
1516 extern void eMmutex_destroy
__P((eMmutex_t
*));
1517 extern void eMmutex_enter
__P((eMmutex_t
*, char *, int));
1518 extern void eMmutex_exit
__P((eMmutex_t
*));
1519 extern void eMmutex_init
__P((eMmutex_t
*, char *));
1520 extern void eMrwlock_destroy
__P((eMrwlock_t
*));
1521 extern void eMrwlock_exit
__P((eMrwlock_t
*));
1522 extern void eMrwlock_init
__P((eMrwlock_t
*, char *));
1523 extern void eMrwlock_read_enter
__P((eMrwlock_t
*, char *, int));
1524 extern void eMrwlock_write_enter
__P((eMrwlock_t
*, char *, int));
1525 extern void eMrwlock_downgrade
__P((eMrwlock_t
*, char *, int));
1527 #undef NET_IS_HCK_L3_FULL
1528 #define NET_IS_HCK_L3_FULL(n, x) (0)
1529 #undef NET_IS_HCK_L3_PART
1530 #define NET_IS_HCK_L3_PART(n, x) (0)
1531 #undef NET_IS_HCK_L4_FULL
1532 #define NET_IS_HCK_L4_FULL(n, x) (0)
1533 #undef NET_IS_HCK_L4_PART
1534 #define NET_IS_HCK_L4_PART(n, x) (0)
1538 #define MAX_IPV4HDR ((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8)
1541 # define IP_OFFMASK 0x1fff
1546 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized
1551 # define U_QUAD_T u_quad_t
1552 # define QUAD_T quad_t
1553 #else /* BSD > 199306 */
1554 # define U_QUAD_T u_long
1555 # define QUAD_T long
1556 #endif /* BSD > 199306 */
1560 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
1561 defined(__osf__) || defined(linux)
1562 # include <netinet/ip6.h>
1563 # include <netinet/icmp6.h>
1564 # if !defined(linux)
1565 # if defined(_KERNEL) && !defined(__osf__)
1566 # include <netinet6/ip6_var.h>
1569 typedef struct ip6_hdr ip6_t
;
1574 # define MAX(a,b) (((a) > (b)) ? (a) : (b))
1577 #if defined(_KERNEL)
1579 # define COPYDATA mb_copydata
1580 # define COPYBACK mb_copyback
1582 # define COPYDATA m_copydata
1583 # define COPYBACK m_copyback
1585 # if (BSD >= 199306) || defined(__FreeBSD__)
1586 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \
1587 defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \
1588 defined(_BSDI_VERSION)
1591 # if !defined(__FreeBSD__) || (defined (__FreeBSD_version) && \
1592 (__FreeBSD_version >= 300000))
1593 # if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105180000)) || \
1594 (defined(OpenBSD) && (OpenBSD >= 200111))
1595 # include <uvm/uvm_extern.h>
1597 # include <vm/vm_extern.h>
1598 extern vm_map_t kmem_map
;
1600 # include <sys/proc.h>
1601 # else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1602 # include <vm/vm_kern.h>
1603 # endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
1605 # ifdef IPFILTER_M_IPFILTER
1606 # include <sys/malloc.h>
1607 MALLOC_DECLARE(M_IPFILTER
);
1608 # define _M_IPF M_IPFILTER
1609 # else /* IPFILTER_M_IPFILTER */
1611 # define _M_IPF M_PFIL
1614 # define _M_IPF M_IPFILTER
1616 # define _M_IPF M_TEMP
1617 # endif /* M_IPFILTER */
1618 # endif /* M_PFIL */
1619 # endif /* IPFILTER_M_IPFILTER */
1620 # define KMALLOC(a, b) MALLOC((a), b, sizeof(*(a)), _M_IPF, M_NOWAIT)
1621 # define KMALLOCS(a, b, c) MALLOC((a), b, (c), _M_IPF, M_NOWAIT)
1622 # define KFREE(x) FREE((x), _M_IPF)
1623 # define KFREES(x,s) FREE((x), _M_IPF)
1624 # define UIOMOVE(a,b,c,d) uiomove(a,b,d)
1625 # define SLEEP(id, n) tsleep((id), PPAUSE|PCATCH, n, 0)
1626 # define WAKEUP(id,x) wakeup(id+x)
1627 # define GETIFP(n, v, ifs) ifunit(n)
1628 # endif /* (Free)BSD */
1630 # if !defined(USE_MUTEXES) && !defined(SPL_NET)
1631 # if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199407)) || \
1632 (defined(OpenBSD) && (OpenBSD >= 200006))
1633 # define SPL_NET(x) x = splsoftnet()
1635 # define SPL_IMP(x) x = splimp()
1636 # define SPL_NET(x) x = splnet()
1637 # endif /* NetBSD && (NetBSD <= 1991011) && (NetBSD >= 199407) */
1638 # define SPL_X(x) (void) splx(x)
1639 # endif /* !USE_MUTEXES */
1642 # define FREE_MB_T(m) m_freem(m)
1646 # define MTOD(m,t) mtod(m,t)
1650 # define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1651 # define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1652 # define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1653 # define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
1657 # define KMALLOC(a,b) (a) = (b)new_kmem_alloc(sizeof(*(a)), \
1659 # define KMALLOCS(a,b,c) (a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP)
1663 # define GET_MINOR(x) minor(x)
1665 # define PANIC(x,y) if (x) panic y
1666 #endif /* _KERNEL */
1669 # define IFNAME(x) ((struct ifnet *)x)->if_name
1672 # define NEED_FRGETIFNAME
1673 extern char *fr_getifname
__P((struct ifnet
*, char *));
1674 # define COPYIFNAME(x, b, v) \
1675 fr_getifname((struct ifnet *)x, b)
1683 * Because the ctype(3) posix definition, if used "safely" in code everywhere,
1684 * would mean all normal code that walks through strings needed casts. Yuck.
1686 #define ISALNUM(x) isalnum((u_char)(x))
1687 #define ISALPHA(x) isalpha((u_char)(x))
1688 #define ISASCII(x) isascii((u_char)(x))
1689 #define ISDIGIT(x) isdigit((u_char)(x))
1690 #define ISPRINT(x) isprint((u_char)(x))
1691 #define ISSPACE(x) isspace((u_char)(x))
1692 #define ISUPPER(x) isupper((u_char)(x))
1693 #define ISXDIGIT(x) isxdigit((u_char)(x))
1694 #define ISLOWER(x) islower((u_char)(x))
1695 #define TOUPPER(x) toupper((u_char)(x))
1696 #define TOLOWER(x) tolower((u_char)(x))
1699 * If mutexes aren't being used, turn all the mutex functions into null-ops.
1701 #if !defined(USE_MUTEXES)
1706 # undef MUTEX_DESTROY
1707 # define MUTEX_ENTER(x) ;
1708 # define READ_ENTER(x) ;
1709 # define WRITE_ENTER(x) ;
1710 # define MUTEX_DOWNGRADE(x) ;
1711 # define RWLOCK_INIT(x, y) ;
1712 # define RWLOCK_EXIT(x) ;
1713 # define RW_DESTROY(x) ;
1714 # define MUTEX_EXIT(x) ;
1715 # define MUTEX_INIT(x,y) ;
1716 # define MUTEX_DESTROY(x) ;
1717 # define MUTEX_NUKE(x) ;
1718 #endif /* !USE_MUTEXES */
1720 # define ATOMIC_INC(x) (x)++
1721 # define ATOMIC_DEC(x) (x)--
1724 #if defined(USE_SPL) && defined(_KERNEL)
1725 # define SPL_INT(x) int x
1731 * If there are no atomic operations for bit sizes defined, define them to all
1732 * use a generic one that works for all sizes.
1735 # define ATOMIC_INCL ATOMIC_INC
1736 # define ATOMIC_INC64 ATOMIC_INC
1737 # define ATOMIC_INC32 ATOMIC_INC
1738 # define ATOMIC_INC16 ATOMIC_INC
1739 # define ATOMIC_DECL ATOMIC_DEC
1740 # define ATOMIC_DEC64 ATOMIC_DEC
1741 # define ATOMIC_DEC32 ATOMIC_DEC
1742 # define ATOMIC_DEC16 ATOMIC_DEC
1745 #ifndef HDR_T_PRIVATE
1746 typedef struct tcphdr tcphdr_t
;
1747 typedef struct udphdr udphdr_t
;
1749 typedef struct icmp icmphdr_t
;
1750 typedef struct ip ip_t
;
1751 typedef struct ether_header ether_header_t
;
1752 typedef struct tcpiphdr tcpiphdr_t
;
1755 # define FR_GROUPLEN 16
1762 # define offsetof(t,m) (size_t)((&((t *)0)->m))
1766 * This set of macros has been brought about because on Tru64 it is not
1767 * possible to easily assign or examine values in a structure that are
1771 # define IP_V(x) (x)->ip_v
1774 # define IP_V_A(x,y) (x)->ip_v = (y)
1777 # define IP_HL(x) (x)->ip_hl
1780 # define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf)
1783 # define TCP_X2(x) (x)->th_x2
1786 # define TCP_X2_A(x,y) (x)->th_x2 = (y)
1789 # define TCP_OFF(x) (x)->th_off
1792 # define TCP_OFF_A(x,y) (x)->th_off = (y)
1794 #define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h)))
1798 * XXX - This is one of those *awful* hacks which nobody likes
1806 #define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\
1809 #if (BSD >= 199306) && !defined(m_act)
1810 # define m_act m_nextpkt
1814 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108.
1818 * 00000001 - (Reserved 4)
1819 * 00111101 - Top Secret
1821 * 10010110 - Confidential
1822 * 01100110 - (Reserved 3)
1823 * 11001100 - (Reserved 2)
1824 * 10101011 - Unclassified
1825 * 11110001 - (Reserved 1)
1827 #define IPSO_CLASS_RES4 0x01
1828 #define IPSO_CLASS_TOPS 0x3d
1829 #define IPSO_CLASS_SECR 0x5a
1830 #define IPSO_CLASS_CONF 0x96
1831 #define IPSO_CLASS_RES3 0x66
1832 #define IPSO_CLASS_RES2 0xcc
1833 #define IPSO_CLASS_UNCL 0xab
1834 #define IPSO_CLASS_RES1 0xf1
1836 #define IPSO_AUTH_GENSER 0x80
1837 #define IPSO_AUTH_ESI 0x40
1838 #define IPSO_AUTH_SCI 0x20
1839 #define IPSO_AUTH_NSA 0x10
1840 #define IPSO_AUTH_DOE 0x08
1841 #define IPSO_AUTH_UN 0x06
1842 #define IPSO_AUTH_FTE 0x01
1845 * IP option #defines
1850 #define IPOPT_ZSU 10 /* ZSU */
1852 #define IPOPT_MTUP 11 /* MTUP */
1854 #define IPOPT_MTUR 12 /* MTUR */
1856 #define IPOPT_ENCODE 15 /* ENCODE */
1860 #define IPOPT_TR 82 /* TR */
1861 #undef IPOPT_SECURITY
1862 #define IPOPT_SECURITY 130
1864 #define IPOPT_LSRR 131
1866 #define IPOPT_E_SEC 133 /* E-SEC */
1868 #define IPOPT_CIPSO 134 /* CIPSO */
1870 #define IPOPT_SATID 136
1872 # define IPOPT_SID IPOPT_SATID
1875 #define IPOPT_SSRR 137
1877 #define IPOPT_ADDEXT 147 /* ADDEXT */
1879 #define IPOPT_VISA 142 /* VISA */
1881 #define IPOPT_IMITD 144 /* IMITD */
1883 #define IPOPT_EIP 145 /* EIP */
1884 #undef IPOPT_RTRALRT
1885 #define IPOPT_RTRALRT 148 /* RTRALRT */
1887 #define IPOPT_SDB 149
1889 #define IPOPT_NSAPA 150
1891 #define IPOPT_DPS 151
1893 #define IPOPT_UMP 152
1895 #define IPOPT_FINN 205 /* FINN */
1898 # define TCPOPT_EOL 0
1901 # define TCPOPT_NOP 1
1903 #ifndef TCPOPT_MAXSEG
1904 # define TCPOPT_MAXSEG 2
1906 #ifndef TCPOLEN_MAXSEG
1907 # define TCPOLEN_MAXSEG 4
1909 #ifndef TCPOPT_WINDOW
1910 # define TCPOPT_WINDOW 3
1912 #ifndef TCPOLEN_WINDOW
1913 # define TCPOLEN_WINDOW 3
1915 #ifndef TCPOPT_SACK_PERMITTED
1916 # define TCPOPT_SACK_PERMITTED 4
1918 #ifndef TCPOLEN_SACK_PERMITTED
1919 # define TCPOLEN_SACK_PERMITTED 2
1922 # define TCPOPT_SACK 5
1924 #ifndef TCPOPT_TIMESTAMP
1925 # define TCPOPT_TIMESTAMP 8
1929 # define ICMP_MINLEN 8
1931 #ifndef ICMP_ECHOREPLY
1932 # define ICMP_ECHOREPLY 0
1934 #ifndef ICMP_UNREACH
1935 # define ICMP_UNREACH 3
1937 #ifndef ICMP_UNREACH_NET
1938 # define ICMP_UNREACH_NET 0
1940 #ifndef ICMP_UNREACH_HOST
1941 # define ICMP_UNREACH_HOST 1
1943 #ifndef ICMP_UNREACH_PROTOCOL
1944 # define ICMP_UNREACH_PROTOCOL 2
1946 #ifndef ICMP_UNREACH_PORT
1947 # define ICMP_UNREACH_PORT 3
1949 #ifndef ICMP_UNREACH_NEEDFRAG
1950 # define ICMP_UNREACH_NEEDFRAG 4
1952 #ifndef ICMP_UNREACH_SRCFAIL
1953 # define ICMP_UNREACH_SRCFAIL 5
1955 #ifndef ICMP_UNREACH_NET_UNKNOWN
1956 # define ICMP_UNREACH_NET_UNKNOWN 6
1958 #ifndef ICMP_UNREACH_HOST_UNKNOWN
1959 # define ICMP_UNREACH_HOST_UNKNOWN 7
1961 #ifndef ICMP_UNREACH_ISOLATED
1962 # define ICMP_UNREACH_ISOLATED 8
1964 #ifndef ICMP_UNREACH_NET_PROHIB
1965 # define ICMP_UNREACH_NET_PROHIB 9
1967 #ifndef ICMP_UNREACH_HOST_PROHIB
1968 # define ICMP_UNREACH_HOST_PROHIB 10
1970 #ifndef ICMP_UNREACH_TOSNET
1971 # define ICMP_UNREACH_TOSNET 11
1973 #ifndef ICMP_UNREACH_TOSHOST
1974 # define ICMP_UNREACH_TOSHOST 12
1976 #ifndef ICMP_UNREACH_ADMIN_PROHIBIT
1977 # define ICMP_UNREACH_ADMIN_PROHIBIT 13
1979 #ifndef ICMP_UNREACH_FILTER
1980 # define ICMP_UNREACH_FILTER 13
1982 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
1983 # define ICMP_UNREACH_HOST_PRECEDENCE 14
1985 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
1986 # define ICMP_UNREACH_PRECEDENCE_CUTOFF 15
1988 #ifndef ICMP_SOURCEQUENCH
1989 # define ICMP_SOURCEQUENCH 4
1991 #ifndef ICMP_REDIRECT_NET
1992 # define ICMP_REDIRECT_NET 0
1994 #ifndef ICMP_REDIRECT_HOST
1995 # define ICMP_REDIRECT_HOST 1
1997 #ifndef ICMP_REDIRECT_TOSNET
1998 # define ICMP_REDIRECT_TOSNET 2
2000 #ifndef ICMP_REDIRECT_TOSHOST
2001 # define ICMP_REDIRECT_TOSHOST 3
2003 #ifndef ICMP_ALTHOSTADDR
2004 # define ICMP_ALTHOSTADDR 6
2006 #ifndef ICMP_TIMXCEED
2007 # define ICMP_TIMXCEED 11
2009 #ifndef ICMP_TIMXCEED_INTRANS
2010 # define ICMP_TIMXCEED_INTRANS 0
2012 #ifndef ICMP_TIMXCEED_REASS
2013 # define ICMP_TIMXCEED_REASS 1
2015 #ifndef ICMP_PARAMPROB
2016 # define ICMP_PARAMPROB 12
2018 #ifndef ICMP_PARAMPROB_ERRATPTR
2019 # define ICMP_PARAMPROB_ERRATPTR 0
2021 #ifndef ICMP_PARAMPROB_OPTABSENT
2022 # define ICMP_PARAMPROB_OPTABSENT 1
2024 #ifndef ICMP_PARAMPROB_LENGTH
2025 # define ICMP_PARAMPROB_LENGTH 2
2028 # define ICMP_TSTAMP 13
2030 #ifndef ICMP_TSTAMPREPLY
2031 # define ICMP_TSTAMPREPLY 14
2034 # define ICMP_IREQ 15
2036 #ifndef ICMP_IREQREPLY
2037 # define ICMP_IREQREPLY 16
2039 #ifndef ICMP_MASKREQ
2040 # define ICMP_MASKREQ 17
2042 #ifndef ICMP_MASKREPLY
2043 # define ICMP_MASKREPLY 18
2045 #ifndef ICMP_TRACEROUTE
2046 # define ICMP_TRACEROUTE 30
2048 #ifndef ICMP_DATACONVERR
2049 # define ICMP_DATACONVERR 31
2051 #ifndef ICMP_MOBILE_REDIRECT
2052 # define ICMP_MOBILE_REDIRECT 32
2054 #ifndef ICMP_IPV6_WHEREAREYOU
2055 # define ICMP_IPV6_WHEREAREYOU 33
2057 #ifndef ICMP_IPV6_IAMHERE
2058 # define ICMP_IPV6_IAMHERE 34
2060 #ifndef ICMP_MOBILE_REGREQUEST
2061 # define ICMP_MOBILE_REGREQUEST 35
2063 #ifndef ICMP_MOBILE_REGREPLY
2064 # define ICMP_MOBILE_REGREPLY 36
2067 # define ICMP_SKIP 39
2069 #ifndef ICMP_PHOTURIS
2070 # define ICMP_PHOTURIS 40
2072 #ifndef ICMP_PHOTURIS_UNKNOWN_INDEX
2073 # define ICMP_PHOTURIS_UNKNOWN_INDEX 1
2075 #ifndef ICMP_PHOTURIS_AUTH_FAILED
2076 # define ICMP_PHOTURIS_AUTH_FAILED 2
2078 #ifndef ICMP_PHOTURIS_DECRYPT_FAILED
2079 # define ICMP_PHOTURIS_DECRYPT_FAILED 3
2082 # define IPVERSION 4
2084 #ifndef IPOPT_MINOFF
2085 # define IPOPT_MINOFF 4
2087 #ifndef IPOPT_COPIED
2088 # define IPOPT_COPIED(x) ((x)&0x80)
2091 # define IPOPT_EOL 0
2094 # define IPOPT_NOP 1
2097 # define IP_MF ((u_short)0x2000)
2099 #ifndef ETHERTYPE_IP
2100 # define ETHERTYPE_IP ((u_short)0x0800)
2103 # define TH_FIN 0x01
2106 # define TH_SYN 0x02
2109 # define TH_RST 0x04
2112 # define TH_PUSH 0x08
2115 # define TH_ACK 0x10
2118 # define TH_URG 0x20
2121 #define TH_ACKMASK (TH_FIN|TH_SYN|TH_RST|TH_ACK)
2124 # define IPOPT_EOL 0
2127 # define IPOPT_NOP 1
2133 # define IPOPT_TS 68
2135 #ifndef IPOPT_SECURITY
2136 # define IPOPT_SECURITY 130
2139 # define IPOPT_LSRR 131
2142 # define IPOPT_SATID 136
2145 # define IPOPT_SSRR 137
2147 #ifndef IPOPT_SECUR_UNCLASS
2148 # define IPOPT_SECUR_UNCLASS ((u_short)0x0000)
2150 #ifndef IPOPT_SECUR_CONFID
2151 # define IPOPT_SECUR_CONFID ((u_short)0xf135)
2153 #ifndef IPOPT_SECUR_EFTO
2154 # define IPOPT_SECUR_EFTO ((u_short)0x789a)
2156 #ifndef IPOPT_SECUR_MMMM
2157 # define IPOPT_SECUR_MMMM ((u_short)0xbc4d)
2159 #ifndef IPOPT_SECUR_RESTR
2160 # define IPOPT_SECUR_RESTR ((u_short)0xaf13)
2162 #ifndef IPOPT_SECUR_SECRET
2163 # define IPOPT_SECUR_SECRET ((u_short)0xd788)
2165 #ifndef IPOPT_SECUR_TOPSECRET
2166 # define IPOPT_SECUR_TOPSECRET ((u_short)0x6bc5)
2169 # define IPOPT_OLEN 1
2171 #ifndef IPPROTO_HOPOPTS
2172 # define IPPROTO_HOPOPTS 0
2174 #ifndef IPPROTO_ENCAP
2175 # define IPPROTO_ENCAP 4
2177 #ifndef IPPROTO_IPV6
2178 # define IPPROTO_IPV6 41
2180 #ifndef IPPROTO_ROUTING
2181 # define IPPROTO_ROUTING 43
2183 #ifndef IPPROTO_FRAGMENT
2184 # define IPPROTO_FRAGMENT 44
2187 # define IPPROTO_GRE 47 /* GRE encaps RFC 1701 */
2190 # define IPPROTO_ESP 50
2193 # define IPPROTO_AH 51
2195 #ifndef IPPROTO_ICMPV6
2196 # define IPPROTO_ICMPV6 58
2198 #ifndef IPPROTO_NONE
2199 # define IPPROTO_NONE 59
2201 #ifndef IPPROTO_DSTOPTS
2202 # define IPPROTO_DSTOPTS 60
2204 #ifndef IPPROTO_FRAGMENT
2205 # define IPPROTO_FRAGMENT 44
2207 #ifndef ICMP_ROUTERADVERT
2208 # define ICMP_ROUTERADVERT 9
2210 #ifndef ICMP_ROUTERSOLICIT
2211 # define ICMP_ROUTERSOLICIT 10
2213 #ifndef ICMP6_DST_UNREACH
2214 # define ICMP6_DST_UNREACH 1
2216 #ifndef ICMP6_PACKET_TOO_BIG
2217 # define ICMP6_PACKET_TOO_BIG 2
2219 #ifndef ICMP6_TIME_EXCEEDED
2220 # define ICMP6_TIME_EXCEEDED 3
2222 #ifndef ICMP6_PARAM_PROB
2223 # define ICMP6_PARAM_PROB 4
2226 #ifndef ICMP6_ECHO_REQUEST
2227 # define ICMP6_ECHO_REQUEST 128
2229 #ifndef ICMP6_ECHO_REPLY
2230 # define ICMP6_ECHO_REPLY 129
2232 #ifndef ICMP6_MEMBERSHIP_QUERY
2233 # define ICMP6_MEMBERSHIP_QUERY 130
2235 #ifndef MLD6_LISTENER_QUERY
2236 # define MLD6_LISTENER_QUERY 130
2238 #ifndef ICMP6_MEMBERSHIP_REPORT
2239 # define ICMP6_MEMBERSHIP_REPORT 131
2241 #ifndef MLD6_LISTENER_REPORT
2242 # define MLD6_LISTENER_REPORT 131
2244 #ifndef ICMP6_MEMBERSHIP_REDUCTION
2245 # define ICMP6_MEMBERSHIP_REDUCTION 132
2247 #ifndef MLD6_LISTENER_DONE
2248 # define MLD6_LISTENER_DONE 132
2250 #ifndef ND_ROUTER_SOLICIT
2251 # define ND_ROUTER_SOLICIT 133
2253 #ifndef ND_ROUTER_ADVERT
2254 # define ND_ROUTER_ADVERT 134
2256 #ifndef ND_NEIGHBOR_SOLICIT
2257 # define ND_NEIGHBOR_SOLICIT 135
2259 #ifndef ND_NEIGHBOR_ADVERT
2260 # define ND_NEIGHBOR_ADVERT 136
2263 # define ND_REDIRECT 137
2265 #ifndef ICMP6_ROUTER_RENUMBERING
2266 # define ICMP6_ROUTER_RENUMBERING 138
2268 #ifndef ICMP6_WRUREQUEST
2269 # define ICMP6_WRUREQUEST 139
2271 #ifndef ICMP6_WRUREPLY
2272 # define ICMP6_WRUREPLY 140
2274 #ifndef ICMP6_FQDN_QUERY
2275 # define ICMP6_FQDN_QUERY 139
2277 #ifndef ICMP6_FQDN_REPLY
2278 # define ICMP6_FQDN_REPLY 140
2280 #ifndef ICMP6_NI_QUERY
2281 # define ICMP6_NI_QUERY 139
2283 #ifndef ICMP6_NI_REPLY
2284 # define ICMP6_NI_REPLY 140
2286 #ifndef MLD6_MTRACE_RESP
2287 # define MLD6_MTRACE_RESP 200
2290 # define MLD6_MTRACE 201
2292 #ifndef ICMP6_HADISCOV_REQUEST
2293 # define ICMP6_HADISCOV_REQUEST 202
2295 #ifndef ICMP6_HADISCOV_REPLY
2296 # define ICMP6_HADISCOV_REPLY 203
2298 #ifndef ICMP6_MOBILEPREFIX_SOLICIT
2299 # define ICMP6_MOBILEPREFIX_SOLICIT 204
2301 #ifndef ICMP6_MOBILEPREFIX_ADVERT
2302 # define ICMP6_MOBILEPREFIX_ADVERT 205
2304 #ifndef ICMP6_MAXTYPE
2305 # define ICMP6_MAXTYPE 205
2308 #ifndef ICMP6_DST_UNREACH_NOROUTE
2309 # define ICMP6_DST_UNREACH_NOROUTE 0
2311 #ifndef ICMP6_DST_UNREACH_ADMIN
2312 # define ICMP6_DST_UNREACH_ADMIN 1
2314 #ifndef ICMP6_DST_UNREACH_NOTNEIGHBOR
2315 # define ICMP6_DST_UNREACH_NOTNEIGHBOR 2
2317 #ifndef ICMP6_DST_UNREACH_BEYONDSCOPE
2318 # define ICMP6_DST_UNREACH_BEYONDSCOPE 2
2320 #ifndef ICMP6_DST_UNREACH_ADDR
2321 # define ICMP6_DST_UNREACH_ADDR 3
2323 #ifndef ICMP6_DST_UNREACH_NOPORT
2324 # define ICMP6_DST_UNREACH_NOPORT 4
2326 #ifndef ICMP6_TIME_EXCEED_TRANSIT
2327 # define ICMP6_TIME_EXCEED_TRANSIT 0
2329 #ifndef ICMP6_TIME_EXCEED_REASSEMBLY
2330 # define ICMP6_TIME_EXCEED_REASSEMBLY 1
2333 #ifndef ICMP6_NI_SUCCESS
2334 # define ICMP6_NI_SUCCESS 0
2336 #ifndef ICMP6_NI_REFUSED
2337 # define ICMP6_NI_REFUSED 1
2339 #ifndef ICMP6_NI_UNKNOWN
2340 # define ICMP6_NI_UNKNOWN 2
2343 #ifndef ICMP6_ROUTER_RENUMBERING_COMMAND
2344 # define ICMP6_ROUTER_RENUMBERING_COMMAND 0
2346 #ifndef ICMP6_ROUTER_RENUMBERING_RESULT
2347 # define ICMP6_ROUTER_RENUMBERING_RESULT 1
2349 #ifndef ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET
2350 # define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255
2353 #ifndef ICMP6_PARAMPROB_HEADER
2354 # define ICMP6_PARAMPROB_HEADER 0
2356 #ifndef ICMP6_PARAMPROB_NEXTHEADER
2357 # define ICMP6_PARAMPROB_NEXTHEADER 1
2359 #ifndef ICMP6_PARAMPROB_OPTION
2360 # define ICMP6_PARAMPROB_OPTION 2
2363 #ifndef ICMP6_NI_SUBJ_IPV6
2364 # define ICMP6_NI_SUBJ_IPV6 0
2366 #ifndef ICMP6_NI_SUBJ_FQDN
2367 # define ICMP6_NI_SUBJ_FQDN 1
2369 #ifndef ICMP6_NI_SUBJ_IPV4
2370 # define ICMP6_NI_SUBJ_IPV4 2
2373 #if !defined(IPV6_FLOWINFO_MASK)
2374 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
2375 # define IPV6_FLOWINFO_MASK 0x0fffffff /* flow info (28 bits) */
2377 # if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
2378 # define IPV6_FLOWINFO_MASK 0xffffff0f /* flow info (28 bits) */
2379 # endif /* LITTLE_ENDIAN */
2382 #if !defined(IPV6_FLOWLABEL_MASK)
2383 # if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
2384 # define IPV6_FLOWLABEL_MASK 0x000fffff /* flow label (20 bits) */
2386 # if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
2387 # define IPV6_FLOWLABEL_MASK 0xffff0f00 /* flow label (20 bits) */
2388 # endif /* LITTLE_ENDIAN */
2393 * ECN is a new addition to TCP - RFC 2481
2396 # define TH_ECN 0x40
2399 # define TH_CWR 0x80
2401 #define TH_ECNALL (TH_ECN|TH_CWR)
2406 #define IPF_TCPS_LISTEN 0 /* listening for connection */
2407 #define IPF_TCPS_SYN_SENT 1 /* active, have sent syn */
2408 #define IPF_TCPS_SYN_RECEIVED 2 /* have send and received syn */
2409 #define IPF_TCPS_HALF_ESTAB 3 /* for connections not fully "up" */
2410 /* states < IPF_TCPS_ESTABLISHED are those where connections not established */
2411 #define IPF_TCPS_ESTABLISHED 4 /* established */
2412 #define IPF_TCPS_CLOSE_WAIT 5 /* rcvd fin, waiting for close */
2413 /* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */
2414 #define IPF_TCPS_FIN_WAIT_1 6 /* have closed, sent fin */
2415 #define IPF_TCPS_CLOSING 7 /* closed xchd FIN; await FIN ACK */
2416 #define IPF_TCPS_LAST_ACK 8 /* had fin and close; await FIN ACK */
2417 /* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */
2418 #define IPF_TCPS_FIN_WAIT_2 9 /* have closed, fin is acked */
2419 #define IPF_TCPS_TIME_WAIT 10 /* in 2*msl quiet wait after close */
2420 #define IPF_TCPS_CLOSED 11 /* closed */
2421 #define IPF_TCP_NSTATES 12
2425 #undef ICMP_MAX_UNREACH
2426 #define ICMP_MAX_UNREACH 14
2428 #define ICMP_MAXTYPE 18
2435 # define LOG_FTP (11<<3)
2437 #ifndef LOG_AUTHPRIV
2438 # define LOG_AUTHPRIV (10<<3)
2441 # define LOG_AUDIT (13<<3)
2444 # define LOG_NTP (12<<3)
2446 #ifndef LOG_SECURITY
2447 # define LOG_SECURITY (13<<3)
2450 # define LOG_LFMT (14<<3)
2453 # define LOG_CONSOLE (14<<3)
2457 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data,
2458 * another IP header and then 64 bits of data, totalling 56. Of course,
2459 * the last 64 bits is dependent on that being available.
2461 #define ICMPERR_ICMPHLEN 8
2462 #define ICMPERR_IPICMPHLEN (20 + 8)
2463 #define ICMPERR_MINPKTLEN (20 + 8 + 20)
2464 #define ICMPERR_MAXPKTLEN (20 + 8 + 20 + 8)
2465 #define ICMP6ERR_MINPKTLEN (40 + 8)
2466 #define ICMP6ERR_IPICMPHLEN (40 + 8 + 40)
2469 # define MIN(a,b) (((a)<(b))?(a):(b))
2473 # define DPRINT(x) printf x
2479 # undef IPFILTER_BPF
2482 #ifndef DTRACE_PROBE
2483 # define DTRACE_PROBE(_x_)
2484 # define DTRACE_PROBE1(_x_, _t1_, _a1_)
2485 # define DTRACE_PROBE2(_x_, _t1_, _a1_, _t2_, _a2_)
2486 # define DTRACE_PROBE3(_x_, _t1_, _a1_, _t2_, _a2_, _t3_, _a3_)
2487 # define DTRACE_PROBE4(_x_, _t1_, _a1_, _t2_, _a2_, _t3_, _a3_, _t4_, _a4_)
2490 #ifndef IPF_IS_LOOPBACK
2491 # define IPF_IS_LOOPBACK(x) 0
2494 #endif /* __IP_COMPAT_H__ */