move the packet filter hooks in to a saner location. while i'm here, rename

PACKET_FILTER to PFIL_HOOKS.
1996-09-14 14:40:20 +00:00 · 1996-09-14 14:40:20 +00:00 · a5f00f16bc
parent 4b851a2d9b
commit a5f00f16bc
8 changed files with 267 additions and 185 deletions
--- a/sys/conf/files
+++ b/sys/conf/files
@ -1,4 +1,4 @@
-#	$NetBSD: files,v 1.95 1996/09/01 23:57:15 mycroft Exp $
+#	$NetBSD: files,v 1.96 1996/09/14 14:40:29 mrg Exp $

 #	@(#)files.newconf	7.5 (Berkeley) 5/10/93

@ -234,6 +234,7 @@ file net/raw_usrreq.c
 file net/route.c
 file net/rtsock.c
 file net/slcompress.c			sl | ppp | strip
+file net/pfil.c				pfil_hooks
 file netccitt/ccitt_proto.c		ccitt
 file netccitt/hd_debug.c		hdlc
 file netccitt/hd_input.c		hdlc
--- a/sys/conf/files.oldconf
+++ b/sys/conf/files.oldconf
@ -1,4 +1,4 @@
-#	$NetBSD: files.oldconf,v 1.70 1996/09/01 23:57:19 mycroft Exp $
+#	$NetBSD: files.oldconf,v 1.71 1996/09/14 14:40:31 mrg Exp $
 #
 adosfs/adlookup.c	optional adosfs
 adosfs/adutil.c		optional adosfs
@ -148,6 +148,7 @@ net/raw_usrreq.c	standard
 net/route.c		standard
 net/rtsock.c		standard
 net/slcompress.c	optional ppp or sl or strip
+net/pfil.c		optional pfil_hooks
 netccitt/ccitt_proto.c	optional ccitt
 netccitt/hd_debug.c	optional hdlc
 netccitt/hd_input.c	optional hdlc
--- a/sys/net/pfil.c
+++ b/sys/net/pfil.c
@ -0,0 +1,173 @@
+/*	$NetBSD: pfil.c,v 1.1 1996/09/14 14:40:20 mrg Exp $	*/
+
+/*
+ * Copyright (c) 1996 Matthew R. Green
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by Matthew R. Green.
+ * 4. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/param.h>
+#include <sys/errno.h>
+#include <sys/malloc.h>
+#include <sys/socket.h>
+#include <sys/socketvar.h>
+#include <sys/systm.h>
+#include <sys/proc.h>
+#include <sys/queue.h>
+
+#include <net/if.h>
+#include <net/pfil.h>
+
+typedef LIST_HEAD(, packet_filter_hook) pfil_list_t;
+pfil_list_t pfil_in_list;
+pfil_list_t pfil_out_list;
+pfil_list_t pfil_bad_list;
+static int done_pfil_init;
+
+void pfil_init __P((void));
+void pfil_list_add(pfil_list_t *,
+    int (*) __P((void *, int, struct ifnet *, int, struct mbuf **)), int);
+void pfil_list_remove(struct packet_filter_hook *,
+    int (*) __P((void *, int, struct ifnet *, int, struct mbuf **)));
+
+void
+pfil_init()
+{
+	LIST_INIT(&pfil_in_list);
+	LIST_INIT(&pfil_out_list);
+	LIST_INIT(&pfil_bad_list);
+	done_pfil_init = 1;
+}
+
+/*
+ * pfil_add_hook() adds a function to the packet filter hook.  the
+ * flags are:
+ *	PFIL_IN		call me on incoming packets
+ *	PFIL_OUT	call me on outgoing packets
+ *	PFIL_BAD	call me when rejecting a packet (that was
+ *			not already reject by in/out filters).
+ *	PFIL_ALL	call me on all of the above
+ *	PFIL_WAITOK	OK to call malloc with M_WAITOK.
+ */
+void
+pfil_add_hook(func, flags)
+	int	(*func) __P((void *, int, struct ifnet *, int,
+			     struct mbuf **));
+	int	flags;
+{
+
+	if (done_pfil_init == 0)
+		pfil_init();
+
+	if (flags & PFIL_IN)
+		pfil_list_add(&pfil_in_list, func, flags);
+	if (flags & PFIL_OUT)
+		pfil_list_add(&pfil_out_list, func, flags);
+	if (flags & PFIL_BAD)
+		pfil_list_add(&pfil_bad_list, func, flags);
+}
+
+void
+pfil_list_add(list, func, flags)
+	pfil_list_t *list;
+	int	(*func) __P((void *, int, struct ifnet *, int,
+			     struct mbuf **));
+	int	flags;
+{
+	struct packet_filter_hook *pfh;
+
+	pfh = (struct packet_filter_hook *)malloc(sizeof(*pfh), M_IFADDR,
+	    flags & PFIL_WAITOK ? M_WAITOK : M_NOWAIT);
+	if (pfh == NULL)
+		panic("no memory for packet filter hook");
+
+	pfh->pfil_func = func;
+	LIST_INSERT_HEAD(list, pfh, pfil_link);
+}
+
+/*
+ * pfil_remove_hook removes a specific function from the packet filter
+ * hook list.
+ */
+void
+pfil_remove_hook(func, flags)
+	int	(*func) __P((void *, int, struct ifnet *, int,
+			     struct mbuf **));
+	int	flags;
+{
+
+	if (done_pfil_init == 0)
+		pfil_init();
+
+	if (flags & PFIL_IN)
+		pfil_list_remove(pfil_in_list.lh_first, func);
+	if (flags & PFIL_OUT)
+		pfil_list_remove(pfil_out_list.lh_first, func);
+	if (flags & PFIL_BAD)
+		pfil_list_remove(pfil_bad_list.lh_first, func);
+}
+
+/*
+ * pfil_list_remove is an internal function that takes a function off the
+ * specified list.
+ */
+void
+pfil_list_remove(list, func)
+	struct packet_filter_hook *list;
+	int	(*func) __P((void *, int, struct ifnet *, int,
+			     struct mbuf **));
+{
+	struct packet_filter_hook *pfh;
+
+	for (pfh = list; pfh; pfh = pfh->pfil_link.le_next)
+		if (pfh->pfil_func == func) {
+			LIST_REMOVE(pfh, pfil_link);
+			free(pfh, M_IFADDR);
+			return;
+		}
+	printf("pfil_list_remove:  no function on list\n");
+#ifdef DIAGNOSTIC
+	panic("pfil_list_remove");
+#endif
+}
+
+struct packet_filter_hook *
+pfil_hook_get(flag)
+	int flag;
+{
+	if (done_pfil_init)
+		switch (flag) {
+		case PFIL_IN:
+			return (pfil_in_list.lh_first);
+		case PFIL_OUT:
+			return (pfil_out_list.lh_first);
+		case PFIL_BAD:
+			return (pfil_bad_list.lh_first);
+		}
+	return NULL;
+}
--- a/sys/net/pfil.h
+++ b/sys/net/pfil.h
@ -0,0 +1,66 @@
+/*	$NetBSD: pfil.h,v 1.1 1996/09/14 14:40:21 mrg Exp $	*/
+
+/*
+ * Copyright (c) 1996 Matthew R. Green
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by Matthew R. Green.
+ * 4. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef _NET_PFIL_H_
+#define _NET_PFIL_H_
+
+/* note: this file needs <net/if.h> and <sys/mbuf.h> */
+
+#ifdef _KERNEL
+#include <sys/queue.h>
+
+/*
+ * The packet filter hooks are designed for anything to call them to
+ * possibly intercept the packet.
+ */
+struct packet_filter_hook {
+        LIST_ENTRY(packet_filter_hook) pfil_link;
+        int	(*pfil_func) __P((void *, int, struct ifnet *, int,
+				  struct mbuf **));
+	int	pfil_flags;
+};
+
+#define PFIL_IN		0x00000001
+#define PFIL_OUT	0x00000002
+#define PFIL_BAD	0x00000004
+#define PFIL_WAITOK	0x00000008
+#define PFIL_ALL	(PFIL_IN|PFIL_OUT|PFIL_BAD)
+
+struct packet_filter_hook *pfil_hook_get __P((int));
+void	pfil_add_hook __P((int (*func) __P((void *, int,
+	    struct ifnet *, int, struct mbuf **)), int));
+void	pfil_remove_hook __P((int (*func) __P((void *, int,
+	    struct ifnet *, int, struct mbuf **)), int));
+#endif /* _KERNEL */
+
+#endif /* _NET_PFIL_H_ */
--- a/sys/netinet/in.c
+++ b/sys/netinet/in.c
@ -1,4 +1,4 @@
-/*	$NetBSD: in.c,v 1.32 1996/09/09 14:51:09 mycroft Exp $	*/
+/*	$NetBSD: in.c,v 1.33 1996/09/14 14:40:23 mrg Exp $	*/

 /*
 * Copyright (c) 1982, 1986, 1991, 1993
@ -43,14 +43,12 @@
 #include <sys/socketvar.h>
 #include <sys/systm.h>
 #include <sys/proc.h>
-#include <sys/queue.h>

 #include <net/if.h>
 #include <net/route.h>

 #include <netinet/in_systm.h>
 #include <netinet/in.h>
-#include <netinet/ip.h>
 #include <netinet/in_var.h>
 #include <netinet/if_ether.h>
 #include <netinet/ip_mroute.h>
@ -65,14 +63,6 @@
 #endif
 int subnetsarelocal = SUBNETSARELOCAL;

-#ifdef PACKET_FILTER
-typedef LIST_HEAD(, packet_filter_hook) pfil_list_t;
-pfil_list_t pfil_in_list;
-pfil_list_t pfil_out_list;
-pfil_list_t pfil_bad_list;
-static int done_pfil_init;
-#endif /* PACKET_FILTER */
-
 /*
 * Return 1 if an internet address is for a ``local'' host
 * (one to which we have a connection).  If subnetsarelocal
@ -571,128 +561,3 @@ in_delmulti(inm)
 	splx(s);
 }
 #endif
-
-#ifdef PACKET_FILTER
-void pfil_init __P((void));
-void pfil_list_add(pfil_list_t *,
-    int (*) __P((void *, int, struct ifnet *, int, struct mbuf **)), int);
-void pfil_list_remove(struct packet_filter_hook *,
-    int (*) __P((void *, int, struct ifnet *, int, struct mbuf **)));
-
-void
-pfil_init()
-{
-	LIST_INIT(&pfil_in_list);
-	LIST_INIT(&pfil_out_list);
-	LIST_INIT(&pfil_bad_list);
-	done_pfil_init = 1;
-}
-
-/*
- * pfil_add_hook() adds a function to the packet filter hook.  the
- * flags are:
- *	PFIL_IN		call me on incoming packets
- *	PFIL_OUT	call me on outgoing packets
- *	PFIL_BAD	call me when rejecting a packet (that was
- *			not already reject by in/out filters).
- *	PFIL_ALL	call me on all of the above
- *	PFIL_WAITOK	OK to call malloc with M_WAITOK.
- */
-void
-pfil_add_hook(func, flags)
-	int	(*func) __P((void *, int, struct ifnet *, int,
-			     struct mbuf **));
-	int	flags;
-{
-
-	if (done_pfil_init == 0)
-		pfil_init();
-
-	if (flags & PFIL_IN)
-		pfil_list_add(&pfil_in_list, func, flags);
-	if (flags & PFIL_OUT)
-		pfil_list_add(&pfil_out_list, func, flags);
-	if (flags & PFIL_BAD)
-		pfil_list_add(&pfil_bad_list, func, flags);
-}
-
-void
-pfil_list_add(list, func, flags)
-	pfil_list_t *list;
-	int	(*func) __P((void *, int, struct ifnet *, int,
-			     struct mbuf **));
-	int	flags;
-{
-	struct packet_filter_hook *pfh;
-
-	pfh = (struct packet_filter_hook *)malloc(sizeof(*pfh), M_IFADDR,
-	    flags & PFIL_WAITOK ? M_WAITOK : M_NOWAIT);
-	if (pfh == NULL)
-		panic("no memory for packet filter hook");
-
-	pfh->pfil_func = func;
-	LIST_INSERT_HEAD(list, pfh, pfil_link);
-}
-
-/*
- * pfil_remove_hook removes a specific function from the packet filter
- * hook list.
- */
-void
-pfil_remove_hook(func, flags)
-	int	(*func) __P((void *, int, struct ifnet *, int,
-			     struct mbuf **));
-	int	flags;
-{
-
-	if (done_pfil_init == 0)
-		pfil_init();
-
-	if (flags & PFIL_IN)
-		pfil_list_remove(pfil_in_list.lh_first, func);
-	if (flags & PFIL_OUT)
-		pfil_list_remove(pfil_out_list.lh_first, func);
-	if (flags & PFIL_BAD)
-		pfil_list_remove(pfil_bad_list.lh_first, func);
-}
-
-/*
- * pfil_list_remove is an internal function that takes a function off the
- * specified list.
- */
-void
-pfil_list_remove(list, func)
-	struct packet_filter_hook *list;
-	int	(*func) __P((void *, int, struct ifnet *, int,
-			     struct mbuf **));
-{
-	struct packet_filter_hook *pfh;
-
-	for (pfh = list; pfh; pfh = pfh->pfil_link.le_next)
-		if (pfh->pfil_func == func) {
-			LIST_REMOVE(pfh, pfil_link);
-			free(pfh, M_IFADDR);
-			return;
-		}
-	printf("pfil_list_remove:  no function on list\n");
-#ifdef DIAGNOSTIC
-	panic("pfil_list_remove");
-#endif
-}
-
-struct packet_filter_hook *
-pfil_hook_get(flag)
-	int flag;
-{
-	if (done_pfil_init)
-		switch (flag) {
-		case PFIL_IN:
-			return (pfil_in_list.lh_first);
-		case PFIL_OUT:
-			return (pfil_out_list.lh_first);
-		case PFIL_BAD:
-			return (pfil_bad_list.lh_first);
-		}
-	return NULL;
-}
-#endif /* PACKET_FILTER */
--- a/sys/netinet/ip.h
+++ b/sys/netinet/ip.h
@ -1,4 +1,4 @@
-/*	$NetBSD: ip.h,v 1.12 1996/09/12 23:11:40 mrg Exp $	*/
+/*	$NetBSD: ip.h,v 1.13 1996/09/14 14:40:24 mrg Exp $	*/

 /*
 * Copyright (c) 1982, 1986, 1993
@ -160,38 +160,6 @@ struct	ip_timestamp {
 #define	IPOPT_SECUR_SECRET	0xd788
 #define	IPOPT_SECUR_TOPSECRET	0x6bc5

-#ifdef _KERNEL
-
-/* XXX this belongs elsewhere. */
-/* we need this for the packet filter structure */
-#include <sys/queue.h>
-struct ifnet;
-struct mbuf;
-
-/*
- * The packet filter hooks are designed for anything to call them to
- * possibly intercept the packet.
- */
-struct packet_filter_hook {
-        LIST_ENTRY(packet_filter_hook) pfil_link;
-        int	(*pfil_func) __P((void *, int, struct ifnet *, int,
-				  struct mbuf **));
-	int	pfil_flags;
-};
-
-#define PFIL_IN		0x00000001
-#define PFIL_OUT	0x00000002
-#define PFIL_BAD	0x00000004
-#define PFIL_WAITOK	0x00000008
-#define PFIL_ALL	(PFIL_IN|PFIL_OUT|PFIL_BAD)
-
-struct packet_filter_hook *pfil_hook_get __P((int));
-void	pfil_add_hook __P((int (*func) __P((void *, int,
-	    struct ifnet *, int, struct mbuf **)), int));
-void	pfil_remove_hook __P((int (*func) __P((void *, int,
-	    struct ifnet *, int, struct mbuf **)), int));
-#endif /* _KERNEL */
-
 /*
 * Internet implementation parameters.
 */
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.35 1996/09/09 14:51:16 mycroft Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.36 1996/09/14 14:40:26 mrg Exp $	*/

 /*
 * Copyright (c) 1982, 1986, 1988, 1993
@ -61,6 +61,10 @@
 #include <netinet/ip_var.h>
 #include <netinet/ip_icmp.h>

+#ifdef PFIL_HOOKS
+#include <net/pfil.h>
+#endif /* PFIL_HOOKS */
+
 #ifndef	IPFORWARDING
 #ifdef GATEWAY
 #define	IPFORWARDING	1	/* forward IP packets not for us */
@ -160,10 +164,10 @@ ipintr()
 	register struct in_ifaddr *ia;
 	struct ipqent *ipqe;
 	int hlen = 0, mff, len, s;
-#ifdef PACKET_FILTER
+#ifdef PFIL_HOOKS
 	struct packet_filter_hook *pfh;
 	struct mbuf *m0;
-#endif /* PACKET_FILTER */
+#endif /* PFIL_HOOKS */

 next:
 	/*
@ -239,7 +243,7 @@ next:
 			m_adj(m, len - m->m_pkthdr.len);
 	}

-#ifdef PACKET_FILTER
+#ifdef PFIL_HOOKS
 	/*
 	 * Run through list of hooks for input packets.
 	 */
@ -250,7 +254,7 @@ next:
 				goto bad;
 			ip = mtod(m = m0, struct ip *);
 		}
-#endif /* PACKET_FILTER */
+#endif /* PFIL_HOOKS */

 	/*
 	 * Process options and, if not destined for us,
@ -433,14 +437,14 @@ found:
 	(*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen);
 	goto next;
 bad:
-#ifdef PACKET_FILTER
+#ifdef PFIL_HOOKS
 	m0 = m;
 	for (pfh = pfil_hook_get(PFIL_BAD); pfh; pfh = pfh->pfil_link.le_next)
 		if (pfh->pfil_func) {
 			(void)pfh->pfil_func(ip, hlen, m->m_pkthdr.rcvif, 2, &m0);
 			ip = mtod(m = m0, struct ip *);
 		}
-#endif /* PACKET_FILTER */
+#endif /* PFIL_HOOKS */
 	m_freem(m);
 	goto next;
 }
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@ -1,4 +1,4 @@
-/*	$NetBSD: ip_output.c,v 1.31 1996/09/09 14:51:19 mycroft Exp $	*/
+/*	$NetBSD: ip_output.c,v 1.32 1996/09/14 14:40:27 mrg Exp $	*/

 /*
 * Copyright (c) 1982, 1986, 1988, 1990, 1993
@ -54,6 +54,10 @@
 #include <netinet/in_var.h>
 #include <netinet/ip_var.h>

+#ifdef PFIL_HOOKS
+#include <net/pfil.h>
+#endif /* PFIL_HOOKS */
+
 #ifdef vax
 #include <machine/mtpr.h>
 #endif
@ -92,10 +96,10 @@ ip_output(m0, va_alist)
 	int flags;
 	struct ip_moptions *imo;
 	va_list ap;
-#ifdef PACKET_FILTER
+#ifdef PFIL_HOOKS
 	struct packet_filter_hook *pfh;
 	struct mbuf *m1;
-#endif /* PACKET_FILTER */
+#endif /* PFIL_HOOKS */

 	va_start(ap, m0);
 	opt = va_arg(ap, struct mbuf *);
@ -295,7 +299,7 @@ ip_output(m0, va_alist)
 	} else
 		m->m_flags &= ~M_BCAST;

-#ifdef PACKET_FILTER
+#ifdef PFIL_HOOKS
 	/*
 	 * Run through list of hooks for output packets.
 	 */
@ -308,7 +312,7 @@ ip_output(m0, va_alist)
 			}
 			ip = mtod(m = m1, struct ip *);
 		}
-#endif /* PACKET_FILTER */
+#endif /* PFIL_HOOKS */
 sendit:
 	/*
 	 * If small enough for interface, can just send directly.
@ -416,14 +420,14 @@ done:
 	}
 	return (error);
 bad:
-#ifdef PACKET_FILTER
+#ifdef PFIL_HOOKS
 	m1 = m;
 	for (pfh = pfil_hook_get(PFIL_BAD); pfh; pfh = pfh->pfil_link.le_next)
 		if (pfh->pfil_func) {
 			(void)pfh->pfil_func(ip, hlen, m->m_pkthdr.rcvif, 2, &m1);
 			ip = mtod(m = m1, struct ip *);
 		}
-#endif /* PACKET_FILTER */
+#endif /* PFIL_HOOKS */
 	m_freem(m0);
 	goto done;
 }