CVS commit: src/sys/net/npf

Sun, 25 Aug 2019 10:38:52 -0700 

Module Name:    src
Committed By:   rmind
Date:           Sun Aug 25 17:38:25 UTC 2019

Modified Files:
        src/sys/net/npf: npf_ctl.c npf_impl.h npf_os.c

Log Message:
 ake npfctl_switch() and pfil private to OS-specific module.


To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.58 src/sys/net/npf/npf_ctl.c
cvs rdiff -u -r1.78 -r1.79 src/sys/net/npf/npf_impl.h
cvs rdiff -u -r1.16 -r1.17 src/sys/net/npf/npf_os.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/net/npf/npf_ctl.c
diff -u src/sys/net/npf/npf_ctl.c:1.57 src/sys/net/npf/npf_ctl.c:1.58
--- src/sys/net/npf/npf_ctl.c:1.57	Sun Aug 25 13:21:03 2019
+++ src/sys/net/npf/npf_ctl.c	Sun Aug 25 17:38:25 2019
@@ -36,7 +36,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_ctl.c,v 1.57 2019/08/25 13:21:03 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_ctl.c,v 1.58 2019/08/25 17:38:25 rmind Exp $");
 
 #include <sys/param.h>
 #include <sys/conf.h>
@@ -53,28 +53,6 @@ __KERNEL_RCSID(0, "$NetBSD: npf_ctl.c,v 
 	nvlist_add_string((e), "source-file", __FILE__); \
 	nvlist_add_number((e), "source-line", __LINE__);
 
-#ifdef _KERNEL
-/*
- * npfctl_switch: enable or disable packet inspection.
- */
-int
-npfctl_switch(void *data)
-{
-	const bool onoff = *(int *)data ? true : false;
-	int error;
-
-	if (onoff) {
-		/* Enable: add pfil hooks. */
-		error = npf_pfil_register(false);
-	} else {
-		/* Disable: remove pfil hooks. */
-		npf_pfil_unregister(false);
-		error = 0;
-	}
-	return error;
-}
-#endif
-
 static int
 npf_nvlist_copyin(npf_t *npf, void *data, nvlist_t **nvl)
 {
@@ -731,7 +709,7 @@ npfctl_save(npf_t *npf, u_long cmd, void
 	if (error) {
 		goto out;
 	}
-	nvlist_add_bool(npf_dict, "active", npf_pfil_registered_p());
+	nvlist_add_bool(npf_dict, "active", npf_active_p());
 	error = npf_nvlist_copyout(npf, data, npf_dict);
 	npf_dict = NULL;
 out:

Index: src/sys/net/npf/npf_impl.h
diff -u src/sys/net/npf/npf_impl.h:1.78 src/sys/net/npf/npf_impl.h:1.79
--- src/sys/net/npf/npf_impl.h:1.78	Sun Aug 25 13:21:03 2019
+++ src/sys/net/npf/npf_impl.h	Sun Aug 25 17:38:25 2019
@@ -289,6 +289,7 @@ npf_ruleset_t *	npf_config_ruleset(npf_t
 npf_ruleset_t *	npf_config_natset(npf_t *npf);
 npf_tableset_t *npf_config_tableset(npf_t *npf);
 bool		npf_default_pass(npf_t *);
+bool		npf_active_p(void);
 
 int		npf_worker_sysinit(unsigned);
 void		npf_worker_sysfini(void);
@@ -296,8 +297,6 @@ void		npf_worker_signal(npf_t *);
 void		npf_worker_register(npf_t *, npf_workfunc_t);
 void		npf_worker_unregister(npf_t *, npf_workfunc_t);
 
-int		npfctl_switch(void *);
-int		npfctl_reload(u_long, void *);
 int		npfctl_save(npf_t *, u_long, void *);
 int		npfctl_load(npf_t *, u_long, void *);
 int		npfctl_rule(npf_t *, u_long, void *);
@@ -327,11 +326,6 @@ void		npf_ifaddr_sync(npf_t *, ifnet_t *
 void		npf_ifaddr_flush(npf_t *, ifnet_t *);
 void		npf_ifaddr_syncall(npf_t *);
 
-/* Packet filter hooks. */
-int		npf_pfil_register(bool);
-void		npf_pfil_unregister(bool);
-bool		npf_pfil_registered_p(void);
-
 /* Protocol helpers. */
 int		npf_cache_all(npf_cache_t *);
 void		npf_recache(npf_cache_t *);

Index: src/sys/net/npf/npf_os.c
diff -u src/sys/net/npf/npf_os.c:1.16 src/sys/net/npf/npf_os.c:1.17
--- src/sys/net/npf/npf_os.c:1.16	Sun Aug 25 13:21:03 2019
+++ src/sys/net/npf/npf_os.c	Sun Aug 25 17:38:25 2019
@@ -33,7 +33,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_os.c,v 1.16 2019/08/25 13:21:03 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_os.c,v 1.17 2019/08/25 17:38:25 rmind Exp $");
 
 #ifdef _KERNEL_OPT
 #include "pf.h"
@@ -84,6 +84,9 @@ MODULE(MODULE_CLASS_MISC, npf, "bpf");
 MODULE(MODULE_CLASS_DRIVER, npf, "bpf");
 #endif
 
+static int	npf_pfil_register(bool);
+static void	npf_pfil_unregister(bool);
+
 static int	npf_dev_open(dev_t, int, int, lwp_t *);
 static int	npf_dev_close(dev_t, int, int, lwp_t *);
 static int	npf_dev_ioctl(dev_t, u_long, void *, int, lwp_t *);
@@ -226,6 +229,26 @@ npf_stats_export(npf_t *npf, void *data)
 	return error;
 }
 
+/*
+ * npfctl_switch: enable or disable packet inspection.
+ */
+static int
+npfctl_switch(void *data)
+{
+	const bool onoff = *(int *)data ? true : false;
+	int error;
+
+	if (onoff) {
+		/* Enable: add pfil hooks. */
+		error = npf_pfil_register(false);
+	} else {
+		/* Disable: remove pfil hooks. */
+		npf_pfil_unregister(false);
+		error = 0;
+	}
+	return error;
+}
+
 static int
 npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l)
 {
@@ -290,7 +313,7 @@ bool
 npf_autounload_p(void)
 {
 	npf_t *npf = npf_getkernctx();
-	return !npf_pfil_registered_p() && npf_default_pass(npf);
+	return !npf_active_p() && npf_default_pass(npf);
 }
 
 /*
@@ -394,7 +417,7 @@ npf_ifaddrhook(void *arg, u_long cmd, vo
 /*
  * npf_pfil_register: register pfil(9) hooks.
  */
-int
+static int
 npf_pfil_register(bool init)
 {
 	npf_t *npf = npf_getkernctx();
@@ -463,7 +486,7 @@ out:
 /*
  * npf_pfil_unregister: unregister pfil(9) hooks.
  */
-void
+static void
 npf_pfil_unregister(bool fini)
 {
 	npf_t *npf = npf_getkernctx();
@@ -490,10 +513,11 @@ npf_pfil_unregister(bool fini)
 }
 
 bool
-npf_pfil_registered_p(void)
+npf_active_p(void)
 {
 	return pfil_registered;
 }
+
 #endif
 
 #ifdef __NetBSD__

Reply via email to