diff options
| author | Roland McGrath <roland@gnu.org> | 2000-02-04 06:32:39 +0000 |
|---|---|---|
| committer | Roland McGrath <roland@gnu.org> | 2000-02-04 06:32:39 +0000 |
| commit | db9a26cbd125ec106e040ea6084911f9bc0c0198 (patch) | |
| tree | 8394aedf0addf9de2afd46d00c192d20d9eb9092 /pfinet/linux/ip_fw.h | |
| parent | 8880a73970b23f10c720011cb910c0e0e1e02975 (diff) | |
| download | hurd-db9a26cbd125ec106e040ea6084911f9bc0c0198.tar.gz hurd-db9a26cbd125ec106e040ea6084911f9bc0c0198.tar.bz2 hurd-db9a26cbd125ec106e040ea6084911f9bc0c0198.zip | |
2000-02-03 Roland McGrath <roland@baalperazim.frob.com>
Complete overhaul of pfinet based on the IPv4 networking code from the
Linux 2.2.12 kernel sources. This page describes a single unified set
of interdependent changes, but there are so many changes that I have
broken up the log entry into paragraphs based on rough topical
divisions of the work involved.
Subset of verbatim Linux 2.2.12 sources imported on a vendor branch.
* linux-src: New directory, see README for details.
* README: New file, describes linux-src layout and procedures for
tracking Linux source updates.
Light modifications to linux-src files to avoid really bending over
backwards with the glue macros. All modifications to files in
linux-src are conditionalized by #ifdef _HURD_.
* linux-src/include/linux/net.h [_HURD_] (struct socket): New members
refcnt and identity; elide members fasync_list, file.
* linux-src/include/linux/rtnetlink.h [! CONFIG_RTNETLINK]
(rtnl_shlock, rtnl_shunlock) [! _HURD_]: Conditionalize contents on
this, making these no-ops #ifdef _HURD_.
* linux-src/net/core/dev.c [_HURD_] (dev_ioctl): Don't define the
function, instead #define it to 0.
* linux-src/net/ipv4/af_inet.c [_HURD_] (inet_ioctl): Likewise.
* linux-src/net/ipv4/arp.c [_HURD_] (arp_ioctl): Likewise.
* linux-src/net/ipv4/udp.c [_HURD_] (udp_ioctl): Likewise.
* linux-src/net/ipv4/tcp.c [_HURD_] (tcp_ioctl): Likewise.
[_HURD_] (tcp_tiocinq): New function, TIOCINQ code from tcp_ioctl.
* linux-src/net/ipv4/devinet.c [_HURD_] (devinet_ioctl): Don't define
the function, instead #define it to 0.
[_HURD_] (configure_device): New function, cobbled from SIOCSIFADDR
and SIOCSIFNETMASK code from devinet_ioctl.
* glue-include/asm, glue-include/linux: New directories.
These contain glue kludge headers that replace all of the
Linux <asm/*.h> headers except checksum.h, and several of
the Linux <linux/*.h> headers (the remainder come from
linux-src/include/linux and are mostly unmodified).
* glue-include/asm/atomic.h: New file, glue replacement header.
* glue-include/asm/bitops.h: New file, glue replacement header.
* glue-include/asm/byteorder.h: New file, glue replacement header.
* glue-include/asm/checksum.h: New file, glue replacement header.
* glue-include/asm/errno.h: New file, glue replacement header.
* glue-include/asm/hardirq.h: New file, glue replacement header.
* glue-include/asm/init.h: New file, glue replacement header.
* glue-include/asm/segment.h: New file, glue replacement header.
* glue-include/asm/spinlock.h: New file, glue replacement header.
* glue-include/asm/system.h: New file, glue replacement header.
* glue-include/asm/types.h: New file, glue replacement header.
* glue-include/asm/uaccess.h: New file, glue replacement header.
* glue-include/linux/autoconf.h: New file, glue replacement header.
* glue-include/linux/binfmts.h: New file, glue replacement header.
* glue-include/linux/config.h: New file, glue replacement header.
* glue-include/linux/errno.h: New file, glue replacement header.
* glue-include/linux/fcntl.h: New file, glue replacement header.
* glue-include/linux/fs.h: New file, glue replacement header.
* glue-include/linux/in.h: New file, glue replacement header.
* glue-include/linux/in6.h: New file, glue replacement header.
* glue-include/linux/interrupt.h: New file, glue replacement header.
* glue-include/linux/ioctl.h: New file, glue replacement header.
* glue-include/linux/ipv6.h: New file, glue replacement header.
* glue-include/linux/kernel.h: New file, glue replacement header.
* glue-include/linux/limits.h: New file, glue replacement header.
* glue-include/linux/major.h: New file, glue replacement header.
* glue-include/linux/malloc.h: New file, glue replacement header.
* glue-include/linux/mm.h: New file, glue replacement header.
* glue-include/linux/param.h: New file, glue replacement header.
* glue-include/linux/personality.h: New file, glue replacement header.
* glue-include/linux/poll.h: New file, glue replacement header.
* glue-include/linux/proc_fs.h: New file, glue replacement header.
* glue-include/linux/sched.h: New file, glue replacement header.
* glue-include/linux/slab.h: New file, glue replacement header.
* glue-include/linux/socket.h: New file, glue replacement header.
* glue-include/linux/sockios.h: New file, glue replacement header.
* glue-include/linux/stat.h: New file, glue replacement header.
* glue-include/linux/string.h: New file, glue replacement header.
* glue-include/linux/termios.h: New file, glue replacement header.
* glue-include/linux/time.h: New file, glue replacement header.
* glue-include/linux/timer.h: New file, glue replacement header.
* glue-include/linux/timex.h: New file, glue replacement header.
* glue-include/linux/types.h: New file, glue replacement header.
* glue-include/linux/un.h: New file, glue replacement header.
* glue-include/linux/version.h: New file, glue replacement header.
* glue-include/linux/wait.h: New file, glue replacement header.
* kmem_cache.c: New file. Glue code replaces Linux kmem_cache_t et al.
* stubs.c: New file. No-op functions and stub variables for a few
things the Linux networking code needs to link.
* Makefile (core-srcs, arch-lib-srcs, ethernet-srcs, ipv4-srcs): New
variables, listing sources used from linux-src subdirectories.
(LINUXSRCS): Define using those.
(SRCS): Remove devices.c; add kmem_cache.c, stubs.c.
(UNUSEDSRC): Variable removed.
(vpath %.c): Remove vpath for $(srcdir)/linux-inet directory.
Add vpaths for $(srcdir)/linux-src subdirectories.
(CPPFLAGS): Add -D_HURD_SYSTYPE defining it to $(asm_syntax) as a
double-quoted string. Add -I's for glue-include and linux-src/include.
* pfinet.h: Include <sys/socket.h>, and not <linux/netdevice.h>.
(master_device): Remove decl.
(global_lock, packet_queue_lock): Remove common defns.
(global_lock, net_bh_lock): Declare them as externs.
(struct sockaddr): Remove len member, make address member just a
struct sockaddr rather than a 0-length array.
(setup_loopback_device, become_task_protid, become_task): Remove decls.
(ethernet_initialize): Declare it.
(input_work_thread): Remove decl.
(net_bh_thread): Declare it.
(tcp_readable): Remove decl.
(tcp_tiocinq): Declare it.
* config.h: Rewritten based on Linux 2.2.12 set of CONFIG_* options.
(CONFIG_NET, CONFIG_INET, CONFIG_SKB_LARGE): These are the only
Linux config options we set.
(CONFIG_IP_NOSIOCRT): New macro (not a proper config option, but
used conveniently in the code).
* ethernet.c (ethernet_set_multi): Take only one parameter.
Remove assert, since we always get passed IGMP_ALL_HOSTS.
(ethernet_thread): Make static.
(ethernet_demuxer): Use __mutex_lock in place of mutex_lock, so as to
get cthreads instead of linux/spinlock.h glue macros. Lock
net_bh_lock instead of global_lock. Set SKB->protocol with
eth_type_trans before calling netif_rx.
(ethernet_initialize): New function, one-time initialization broken
out of ethernet_open.
(ethernet_open): Ports setup moved to ethernet_initialize.
Don't use `errno' to avoid glue conflicts.
Use get_privileged_ports here to get the master device port, and
deallocate it after calling device_open.
(ethernet_xmit): Use assert_perror. Only one arg to dev_kfree_skb now.
(setup_ethernet_device): Change initializations for structure changes.
Call dev_init_buffers and register_netdevice on the device.
* timer-emul.c (all functions): Use __mutex_lock instead of mutex_lock.
Adjust for renaming of `prevp' member to `prev' in struct timer_list.
(mod_timer): New function.
* socket.c (proto_ops): Variable removed.
(net_families): New variable replaces it.
(sock_register): Rewritten for new calling convention, set
net_families rather than proto_ops.
(make_sock_user, clean_socketport, sock_alloc, sock_release):
Functions moved here from misc.c.
* sched.c (packet_queue_lock): Variable removed.
(net_bh_lock, net_bh_wakeup): New variables.
(current): Variable removed (now a macro in the glue headers).
(interruptible_sleep_on, wake_up_interruptible): Functions removed.
They are replaced by inlines in the glue headers.
(become_task, become_task_protid): Functions removed; they are
replaced by macros in glue-include/linux/sched.h.
(net_bh_worker): New function.
* loopback.c: Completely rewritten, mostly copied from linux-2.2.12's
drivers/net/loopback.c source file.
* io-ops.c (all functions): Use __mutex_lock in place of mutex_lock.
(S_io_write): Call ops->sendmsg instead of ops->write,
which no longer exists. If O_NONBLOCK is set, set MSG_DONTWAIT in
msg_flags.
(S_io_read): Call ops->recvmsg instead of ops->read,
which no longer exists If O_NONBLOCK is set, pass MSG_DONTWAIT.
(S_io_readable): Use USER->sock->data in place of USER->sock->sk.
For SOCK_STREAM and SOCK_SEQPACKET types, call tcp_tiocinq.
(S_io_set_all_openmodes, S_io_get_openmodes, S_io_set_some_openmodes,
S_io_clear_some_openmodes): Member USER->sock->userflags is now
renamed USER->sock->flags.
(S_io_select): Completely rewritten using ops->poll.
(select_wait): Function removed.
(S_io_stat): Set st_mode to reflect S_IFSOCK.
* socket-ops.c (all functions): Use __mutex_lock instead of mutex_lock.
(S_socket_create): Don't set SOCK->ops or call SOCK->ops->create.
Instead, call net_families[PF_INET]->create.
(S_socket_listen): Remove extra checks; just call ops->listen.
(S_socket_accept): Remove extra checks before ops->accept call.
Avoid use of goto.
(S_socket_connect): Remove extra checks; just call ops->connect.
(S_socket_bind): Adjust for struct sock_addr changes.
(S_socket_create_address): Likewise.
(S_socket_whatis_address): Likewise.
(S_socket_connect2): Don't diddle data structures after
ops->socketpair call.
(S_socket_getopt): Use sock_getsockopt if LEVEL is SOL_SOCKET.
Accept any data size, not just sizeof (int).
(S_socket_setopt): Use sock_setsockopt if LEVEL is SOL_SOCKET.
(S_socket_send): Always use ops->sendmsg instead of ops->send or
ops->sendto, which no longer exist. If O_NONBLOCK is set, set
MSG_DONTWAIT in msg_flags.
(S_socket_recv): Always use ops->recvmsg instead of ops->recv, which
no longer exists. If O_NONBLOCK is set, set MSG_DONTWAIT in flags.
Check for error from S_socket_create_address.
* main.c (find_device): Don't try to set ether_dev.pa_mask (it's gone).
(main): Don't call init_devices. Call ethernet_initialize.
Start net_bh_worker instead of input_work_thread. Don't call
setup_loopback_device. Instead, take global_lock, do prepare_current,
and then call sk_init, skb_init, inet_proto_init, and net_dev_init.
Keep global_lock held while calling argp_parse.
Call arrange_shutdown_notification only after all that.
Fix error call for "contacting parent" to pass ERR instead of errno.
* options.c (ADDR): #undef before defining macro.
(parse_opt): #if 0 out EDESTADDRREQ check (I don't understand it).
To apply settings, call configure_devices.
(ADD_ADDR_OPT): #if 0 --address and --netmask options. Needs fixed.
* misc.c (make_sock_user, clean_socketport, sock_alloc, sock_release):
Functions moved to socket.c.
(sock_release_peer): Function removed.
(make_sockaddr_port): Use struct sockaddr_storage to size buffer.
Fix size calculation for new struct sock_addr layout.
Initialize sa_family and sa_len of new struct sock_addr.
Remove the old Linux (2.0.??) network stack and the glue code for it.
* linux-inet, asm, linux: Directories and all files removed.
Some of the new files in glue-include came from the old glue headers
in the asm and linux directories, but most were substantially modified.
* devices.c: File removed. The equivalent glue is now elsewhere.
Diffstat (limited to 'pfinet/linux/ip_fw.h')
| -rw-r--r-- | pfinet/linux/ip_fw.h | 147 |
1 files changed, 0 insertions, 147 deletions
diff --git a/pfinet/linux/ip_fw.h b/pfinet/linux/ip_fw.h deleted file mode 100644 index f80cccbf..00000000 --- a/pfinet/linux/ip_fw.h +++ /dev/null @@ -1,147 +0,0 @@ -/* - * IP firewalling code. This is taken from 4.4BSD. Please note the - * copyright message below. As per the GPL it must be maintained - * and the licenses thus do not conflict. While this port is subject - * to the GPL I also place my modifications under the original - * license in recognition of the original copyright. - * - * Ported from BSD to Linux, - * Alan Cox 22/Nov/1994. - * Merged and included the FreeBSD-Current changes at Ugen's request - * (but hey it's a lot cleaner now). Ugen would prefer in some ways - * we waited for his final product but since Linux 1.2.0 is about to - * appear it's not practical - Read: It works, it's not clean but please - * don't consider it to be his standard of finished work. - * Alan. - * - * All the real work was done by ..... - */ - -/* - * Copyright (c) 1993 Daniel Boulet - * Copyright (c) 1994 Ugen J.S.Antsilevich - * - * Redistribution and use in source forms, with and without modification, - * are permitted provided that this entire comment appears intact. - * - * Redistribution in binary form may occur without any restrictions. - * Obviously, it would be nice if you gave credit where credit is due - * but requiring it would be too onerous. - * - * This software is provided ``AS IS'' without any warranties of any kind. - */ - -/* - * Format of an IP firewall descriptor - * - * src, dst, src_mask, dst_mask are always stored in network byte order. - * flags and num_*_ports are stored in host byte order (of course). - * Port numbers are stored in HOST byte order. - */ - -#ifndef _IP_FW_H -#define _IP_FW_H - -struct ip_fw -{ - struct ip_fw *fw_next; /* Next firewall on chain */ - struct in_addr fw_src, fw_dst; /* Source and destination IP addr */ - struct in_addr fw_smsk, fw_dmsk; /* Mask for src and dest IP addr */ - struct in_addr fw_via; /* IP address of interface "via" */ - unsigned short fw_flg; /* Flags word */ - unsigned short fw_nsp, fw_ndp; /* N'of src ports and # of dst ports */ - /* in ports array (dst ports follow */ - /* src ports; max of 10 ports in all; */ - /* count of 0 means match all ports) */ -#define IP_FW_MAX_PORTS 10 /* A reasonable maximum */ - unsigned short fw_pts[IP_FW_MAX_PORTS]; /* Array of port numbers to match */ - unsigned long fw_pcnt,fw_bcnt; /* Packet and byte counters */ -}; - -/* - * Values for "flags" field . - */ - -#define IP_FW_F_ALL 0x000 /* This is a universal packet firewall*/ -#define IP_FW_F_TCP 0x001 /* This is a TCP packet firewall */ -#define IP_FW_F_UDP 0x002 /* This is a UDP packet firewall */ -#define IP_FW_F_ICMP 0x003 /* This is a ICMP packet firewall */ -#define IP_FW_F_KIND 0x003 /* Mask to isolate firewall kind */ -#define IP_FW_F_ACCEPT 0x004 /* This is an accept firewall (as * - * opposed to a deny firewall)* - * */ -#define IP_FW_F_SRNG 0x008 /* The first two src ports are a min * - * and max range (stored in host byte * - * order). * - * */ -#define IP_FW_F_DRNG 0x010 /* The first two dst ports are a min * - * and max range (stored in host byte * - * order). * - * (ports[0] <= port <= ports[1]) * - * */ -#define IP_FW_F_PRN 0x020 /* In verbose mode print this firewall*/ -#define IP_FW_F_BIDIR 0x040 /* For bidirectional firewalls */ -#define IP_FW_F_TCPSYN 0x080 /* For tcp packets-check SYN only */ -#define IP_FW_F_ICMPRPL 0x100 /* Send back icmp unreachable packet */ -#define IP_FW_F_MASK 0x1FF /* All possible flag bits mask */ - -/* - * New IP firewall options for [gs]etsockopt at the RAW IP level. - * Unlike BSD Linux inherits IP options so you don't have to use - * a raw socket for this. Instead we check rights in the calls. - */ - -#define IP_FW_BASE_CTL 64 - -#define IP_FW_ADD_BLK (IP_FW_BASE_CTL) -#define IP_FW_ADD_FWD (IP_FW_BASE_CTL+1) -#define IP_FW_CHK_BLK (IP_FW_BASE_CTL+2) -#define IP_FW_CHK_FWD (IP_FW_BASE_CTL+3) -#define IP_FW_DEL_BLK (IP_FW_BASE_CTL+4) -#define IP_FW_DEL_FWD (IP_FW_BASE_CTL+5) -#define IP_FW_FLUSH_BLK (IP_FW_BASE_CTL+6) -#define IP_FW_FLUSH_FWD (IP_FW_BASE_CTL+7) -#define IP_FW_ZERO_BLK (IP_FW_BASE_CTL+8) -#define IP_FW_ZERO_FWD (IP_FW_BASE_CTL+9) -#define IP_FW_POLICY_BLK (IP_FW_BASE_CTL+10) -#define IP_FW_POLICY_FWD (IP_FW_BASE_CTL+11) - -#define IP_ACCT_ADD (IP_FW_BASE_CTL+16) -#define IP_ACCT_DEL (IP_FW_BASE_CTL+17) -#define IP_ACCT_FLUSH (IP_FW_BASE_CTL+18) -#define IP_ACCT_ZERO (IP_FW_BASE_CTL+19) - -struct ip_fwpkt -{ - struct iphdr fwp_iph; /* IP header */ - union { - struct tcphdr fwp_tcph; /* TCP header or */ - struct udphdr fwp_udph; /* UDP header */ - } fwp_protoh; - struct in_addr fwp_via; /* interface address */ -}; - -/* - * Main firewall chains definitions and global var's definitions. - */ - -#ifdef __KERNEL__ - -#include <linux/config.h> - -#ifdef CONFIG_IP_FIREWALL -extern struct ip_fw *ip_fw_blk_chain; -extern struct ip_fw *ip_fw_fwd_chain; -extern int ip_fw_blk_policy; -extern int ip_fw_fwd_policy; -extern int ip_fw_ctl(int, void *, int); -#endif -#ifdef CONFIG_IP_ACCT -extern struct ip_fw *ip_acct_chain; -extern void ip_acct_cnt(struct iphdr *, struct device *, struct ip_fw *); -extern int ip_acct_ctl(int, void *, int); -#endif -extern int ip_fw_chk(struct iphdr *, struct device *rif,struct ip_fw *, int, int); -#endif /* KERNEL */ - -#endif /* _IP_FW_H */ |