1 /*
2 * Copyright (C) 1993-2001, 2003 by Darren Reed.
3 *
4 * See the IPFILTER.LICENCE file for details on licencing.
5 *
6 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
7 * Use is subject to license terms.
8 *
9 * Copyright 2018 Joyent, Inc. All rights reserved.
10 */
11
12 #ifndef __IPF_STACK_H__
13 #define __IPF_STACK_H__
14
15 /* FIXME: appears needed for ip_proxy.h - tcpseq */
16 #include <net/route.h>
17 #include <netinet/in.h>
18 #include <netinet/in_systm.h>
19 #include <netinet/ip.h>
20 #include <netinet/ip_var.h>
21 #include <netinet/tcp.h>
22 #include <netinet/udp.h>
23 #include <netinet/ip_icmp.h>
24 #include <netinet/tcpip.h>
25
26 #include "ip_compat.h"
27 #include "ip_fil.h"
28 #include "ip_nat.h"
29 #include "ip_frag.h"
30 #include "ip_state.h"
31 #include "ip_proxy.h"
32 #include "ip_auth.h"
33 #include "ip_lookup.h"
34 #include "ip_pool.h"
35 #include "ip_htable.h"
36 #include <net/radix.h>
37 #include <sys/neti.h>
38 #include <sys/hook.h>
39
40 /*
41 * IPF stack instances
42 */
43 struct ipf_stack {
44 struct ipf_stack *ifs_next;
45 struct ipf_stack **ifs_pnext;
46 struct ipf_stack *ifs_gz_cont_ifs;
47 netid_t ifs_netid;
48 zoneid_t ifs_zone;
49 boolean_t ifs_gz_controlled;
50
51 /* ipf module */
52 fr_info_t ifs_frcache[2][8];
53
54 filterstats_t ifs_frstats[2];
55 frentry_t *ifs_ipfilter[2][2];
56 frentry_t *ifs_ipfilter6[2][2];
57 frentry_t *ifs_ipacct6[2][2];
58 frentry_t *ifs_ipacct[2][2];
59 #if 0 /* not used */
60 frentry_t *ifs_ipnatrules[2][2];
61 #endif
62 frgroup_t *ifs_ipfgroups[IPL_LOGSIZE][2];
63 int ifs_fr_refcnt;
64 /*
65 * For fr_running:
66 * 0 == loading, 1 = running, -1 = disabled, -2 = unloading
67 */
68 int ifs_fr_running;
299 int ifs_fr_enable_active;
300 ipftq_t ifs_ips_tqtqb[IPF_TCP_NSTATES];
301 ipftq_t ifs_ips_udptq;
302 ipftq_t ifs_ips_udpacktq;
303 ipftq_t ifs_ips_iptq;
304 ipftq_t ifs_ips_icmptq;
305 ipftq_t ifs_ips_icmpacktq;
306 ipftq_t ifs_ips_deletetq;
307 ipftq_t *ifs_ips_utqe;
308 int ifs_ipstate_logging;
309 ipstate_t *ifs_ips_list;
310 ulong_t ifs_fr_iptimeout;
311
312 /* radix.c */
313 int ifs_max_keylen;
314 struct radix_mask *ifs_rn_mkfreelist;
315 struct radix_node_head *ifs_mask_rnhead;
316 char *ifs_addmask_key;
317 char *ifs_rn_zeros;
318 char *ifs_rn_ones;
319 #ifdef KERNEL
320 /* kstats for inbound and outbound */
321 kstat_t *ifs_kstatp[2];
322 #endif
323 };
324
325 #endif /* __IPF_STACK_H__ */
|
1 /*
2 * Copyright (C) 1993-2001, 2003 by Darren Reed.
3 *
4 * See the IPFILTER.LICENCE file for details on licencing.
5 *
6 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
7 * Use is subject to license terms.
8 *
9 * Copyright 2019, Joyent, Inc.
10 */
11
12 #ifndef __IPF_STACK_H__
13 #define __IPF_STACK_H__
14
15 /* FIXME: appears needed for ip_proxy.h - tcpseq */
16 #include <net/route.h>
17 #include <netinet/in.h>
18 #include <netinet/in_systm.h>
19 #include <netinet/ip.h>
20 #include <netinet/ip_var.h>
21 #include <netinet/tcp.h>
22 #include <netinet/udp.h>
23 #include <netinet/ip_icmp.h>
24 #include <netinet/tcpip.h>
25
26 #include "ip_compat.h"
27 #include "ip_fil.h"
28 #include "ip_nat.h"
29 #include "ip_frag.h"
30 #include "ip_state.h"
31 #include "ip_proxy.h"
32 #include "ip_auth.h"
33 #include "ip_lookup.h"
34 #include "ip_pool.h"
35 #include "ip_htable.h"
36 #include <net/radix.h>
37 #include <sys/neti.h>
38 #include <sys/hook.h>
39
40 /*
41 * IPF stack instances
42 */
43 struct ipf_stack {
44 struct ipf_stack *ifs_next;
45 struct ipf_stack **ifs_pnext;
46 struct ipf_stack *ifs_gz_cont_ifs;
47 netid_t ifs_netid;
48 zoneid_t ifs_zone;
49 zoneid_t ifs_zone_did;
50 boolean_t ifs_gz_controlled;
51
52 /* ipf module */
53 fr_info_t ifs_frcache[2][8];
54
55 filterstats_t ifs_frstats[2];
56 frentry_t *ifs_ipfilter[2][2];
57 frentry_t *ifs_ipfilter6[2][2];
58 frentry_t *ifs_ipacct6[2][2];
59 frentry_t *ifs_ipacct[2][2];
60 #if 0 /* not used */
61 frentry_t *ifs_ipnatrules[2][2];
62 #endif
63 frgroup_t *ifs_ipfgroups[IPL_LOGSIZE][2];
64 int ifs_fr_refcnt;
65 /*
66 * For fr_running:
67 * 0 == loading, 1 = running, -1 = disabled, -2 = unloading
68 */
69 int ifs_fr_running;
300 int ifs_fr_enable_active;
301 ipftq_t ifs_ips_tqtqb[IPF_TCP_NSTATES];
302 ipftq_t ifs_ips_udptq;
303 ipftq_t ifs_ips_udpacktq;
304 ipftq_t ifs_ips_iptq;
305 ipftq_t ifs_ips_icmptq;
306 ipftq_t ifs_ips_icmpacktq;
307 ipftq_t ifs_ips_deletetq;
308 ipftq_t *ifs_ips_utqe;
309 int ifs_ipstate_logging;
310 ipstate_t *ifs_ips_list;
311 ulong_t ifs_fr_iptimeout;
312
313 /* radix.c */
314 int ifs_max_keylen;
315 struct radix_mask *ifs_rn_mkfreelist;
316 struct radix_node_head *ifs_mask_rnhead;
317 char *ifs_addmask_key;
318 char *ifs_rn_zeros;
319 char *ifs_rn_ones;
320
321 #ifdef KERNEL
322 /* kstats for inbound and outbound */
323 kstat_t *ifs_kstatp[2];
324 #endif
325 };
326
327 #endif /* __IPF_STACK_H__ */
|