/*
- * Copyright (c) 2007-2019 Apple Inc. All rights reserved.
+ * Copyright (c) 2007-2020 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
#include <net/if_pfsync.h>
#endif /* NPFSYNC */
-#if INET6
#include <netinet/ip6.h>
#include <netinet6/in6_pcb.h>
#include <netinet6/ip6_var.h>
#include <netinet/icmp6.h>
#include <netinet6/nd6.h>
-#endif /* INET6 */
#if DUMMYNET
#include <netinet/ip_dummynet.h>
sa_family_t, int);
static int pf_modulate_sack(pbuf_t *, int, struct pf_pdesc *,
struct tcphdr *, struct pf_state_peer *);
-#if INET6
static void pf_change_a6(struct pf_addr *, u_int16_t *,
struct pf_addr *, u_int8_t);
void pf_change_addr(struct pf_addr *a, u_int16_t *c,
struct pf_addr *an, u_int8_t u,
sa_family_t af, sa_family_t afn);
-#endif /* INET6 */
static void pf_change_icmp(struct pf_addr *, u_int16_t *,
struct pf_addr *, struct pf_addr *, u_int16_t,
u_int16_t *, u_int16_t *, u_int16_t *,
static void pf_route(pbuf_t **, struct pf_rule *, int,
struct ifnet *, struct pf_state *,
struct pf_pdesc *);
-#if INET6
static void pf_route6(pbuf_t **, struct pf_rule *, int,
struct ifnet *, struct pf_state *,
struct pf_pdesc *);
-#endif /* INET6 */
static u_int8_t pf_get_wscale(pbuf_t *, int, u_int16_t,
sa_family_t);
static u_int16_t pf_get_mss(pbuf_t *, int, u_int16_t,
pd->ip_sum = &h->ip_sum;
break;
}
-#if INET6
case AF_INET6: {
struct ip6_hdr *h = p;
pd->src = (struct pf_addr *)(uintptr_t)&h->ip6_src;
pd->dst = (struct pf_addr *)(uintptr_t)&h->ip6_dst;
break;
}
-#endif /* INET6 */
}
}
}
u_int32_t rx_accm;
};
-#if 0
-static const char *
-pf_pptp_ctrl_type_name(u_int16_t code)
-{
- code = ntohs(code);
-
- if (code < PF_PPTP_CTRL_TYPE_START_REQ ||
- code > PF_PPTP_CTRL_TYPE_SET_LINKINFO) {
- static char reserved[] = "reserved-00";
-
- sprintf(&reserved[9], "%02x", code);
- return reserved;
- } else {
- static const char *name[] = {
- "start_req", "start_rpy", "stop_req", "stop_rpy",
- "echo_req", "echo_rpy", "call_out_req", "call_out_rpy",
- "call_in_1st", "call_in_2nd", "call_in_3rd",
- "call_clr", "call_disc", "error", "set_linkinfo"
- };
-
- return name[code - 1];
- }
-};
-#endif
-
static const size_t PF_PPTP_CTRL_MSG_MINSIZE =
sizeof(struct pf_pptp_hdr) + sizeof(struct pf_pptp_ctrl_hdr);
}
break;
#endif /* INET */
-#ifdef INET6
case AF_INET6:
if (a->addr32[3] > b->addr32[3]) {
return 1;
return -1;
}
break;
-#endif /* INET6 */
}
return 0;
}
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if ((diff = pf_addr_compare(&a->lan.addr, &b->lan.addr,
a->af_lan)) != 0) {
}
}
break;
-#endif /* INET6 */
}
if (a->app_state && b->app_state) {
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if ((diff = pf_addr_compare(&a->gwy.addr, &b->gwy.addr,
a->af_gwy)) != 0) {
}
}
break;
-#endif /* INET6 */
}
if (a->app_state && b->app_state) {
return 0;
}
-#if INET6
void
pf_addrcpy(struct pf_addr *dst, struct pf_addr *src, sa_family_t af)
{
break;
}
}
-#endif /* INET6 */
struct pf_state *
pf_find_state_byid(struct pf_state_cmp *key)
p.pfra_ip4addr = (*state)->src_node->addr.v4addr;
break;
#endif /* INET */
-#if INET6
case AF_INET6:
p.pfra_net = 128;
p.pfra_ip6addr = (*state)->src_node->addr.v6addr;
break;
-#endif /* INET6 */
}
pfr_insert_kentry((*state)->rule.ptr->overload_tbl,
break;
}
#endif /* INET */
-#if INET6
case AF_INET6: {
u_int16_t b;
u_int8_t i, curstart = 255, curend = 0,
}
break;
}
-#endif /* INET6 */
}
}
po, pn, u);
}
break;
-#ifdef INET6
case AF_INET6:
*p = pn;
*pc = pf_cksum_fixup(pf_cksum_fixup(pf_cksum_fixup(
0, an->addr16[7], u),
po, pn, u);
break;
-#endif /* INET6 */
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
switch (afn) {
case AF_INET6:
#endif /* INET */
}
break;
-#endif /* INET6 */
}
}
ao % 65536, an % 65536, u);
}
-#if INET6
static void
pf_change_a6(struct pf_addr *a, u_int16_t *c, struct pf_addr *an, u_int8_t u)
{
}
}
-#endif /* INET6 */
-
static void
pf_change_icmp(struct pf_addr *ia, u_int16_t *ip, struct pf_addr *oa,
struct pf_addr *na, u_int16_t np, u_int16_t *pc, u_int16_t *h2c,
break;
}
#endif /* INET */
-#if INET6
case AF_INET6:
*ic = pf_cksum_fixup(pf_cksum_fixup(pf_cksum_fixup(
pf_cksum_fixup(pf_cksum_fixup(pf_cksum_fixup(
oia.addr16[6], ia->addr16[6], u),
oia.addr16[7], ia->addr16[7], u);
break;
-#endif /* INET6 */
}
/* Change outer ip address, fix outer ip or icmpv6 checksum. */
PF_ACPY(oa, na, af);
ooa.addr16[1], oa->addr16[1], 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
*ic = pf_cksum_fixup(pf_cksum_fixup(pf_cksum_fixup(
pf_cksum_fixup(pf_cksum_fixup(pf_cksum_fixup(
ooa.addr16[6], oa->addr16[6], u),
ooa.addr16[7], oa->addr16[7], u);
break;
-#endif /* INET6 */
}
}
}
copyback = off + sizeof(*th) + thoptlen;
}
- /* FALLTHROUGH */
+ OS_FALLTHROUGH;
default:
if (olen < 2) {
olen = 2;
#if INET
struct ip *h = NULL;
#endif /* INET */
-#if INET6
struct ip6_hdr *h6 = NULL;
-#endif /* INET6 */
struct tcphdr *th = NULL;
char *opt;
struct pf_mtag *pf_mtag;
len = sizeof(struct ip) + tlen;
break;
#endif /* INET */
-#if INET6
case AF_INET6:
len = sizeof(struct ip6_hdr) + tlen;
break;
-#endif /* INET6 */
default:
panic("pf_send_tcp: not AF_INET or AF_INET6!");
return;
pf_mtag->pftag_flags |= PF_TAG_HDR_INET;
break;
#endif /* INET */
-#if INET6
case AF_INET6:
pf_mtag->pftag_flags |= PF_TAG_HDR_INET6;
break;
-#endif /* INET6 */
}
#endif /* PF_ECN */
th = (struct tcphdr *)(void *)((caddr_t)h + sizeof(struct ip));
break;
#endif /* INET */
-#if INET6
case AF_INET6:
h6 = mtod(m, struct ip6_hdr *);
th = (struct tcphdr *)(void *)
((caddr_t)h6 + sizeof(struct ip6_hdr));
break;
-#endif /* INET6 */
}
/* TCP header */
break;
}
#endif /* INET */
-#if INET6
case AF_INET6: {
struct route_in6 ro6;
ROUTE_RELEASE(&ro6);
break;
}
-#endif /* INET6 */
}
}
m0->m_pkthdr.pkt_proto = IPPROTO_ICMP;
break;
#endif /* INET */
-#if INET6
case AF_INET6:
pf_mtag->pftag_flags |= PF_TAG_HDR_INET6;
m0->m_pkthdr.pkt_proto = IPPROTO_ICMPV6;
break;
-#endif /* INET6 */
}
#endif /* PF_ECN */
icmp_error(m0, type, code, 0, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
icmp6_error(m0, type, code, 0);
break;
-#endif /* INET6 */
}
}
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (((a->addr32[0] & m->addr32[0]) ==
(b->addr32[0] & m->addr32[0])) &&
match++;
}
break;
-#endif /* INET6 */
}
if (match) {
if (n) {
}
break;
#endif /* INET */
-#if INET6
case AF_INET6: {
int i;
}
break;
}
-#endif /* INET6 */
}
return 1;
}
return quick;
}
-#if INET6
void
pf_poolmask(struct pf_addr *naddr, struct pf_addr *raddr,
struct pf_addr *rmask, struct pf_addr *saddr, sa_family_t af)
break;
}
}
-#endif /* INET6 */
#define mix(a, b, c) \
do { \
hash->addr32[0] = c + key->key32[2];
break;
#endif /* INET */
-#if INET6
case AF_INET6:
a += inaddr->addr32[0];
b += inaddr->addr32[2];
mix(a, b, c);
hash->addr32[3] = c;
break;
-#endif /* INET6 */
}
}
rmask = &rpool->cur->addr.p.dyn->pfid_mask4;
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (rpool->cur->addr.p.dyn->pfid_acnt6 < 1 &&
(rpool->opts & PF_POOL_TYPEMASK) !=
raddr = &rpool->cur->addr.p.dyn->pfid_addr6;
rmask = &rpool->cur->addr.p.dyn->pfid_mask6;
break;
-#endif /* INET6 */
}
} else if (rpool->cur->addr.type == PF_ADDR_TABLE) {
if ((rpool->opts & PF_POOL_TYPEMASK) != PF_POOL_ROUNDROBIN) {
rpool->counter.addr32[0] = htonl(random());
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (rmask->addr32[3] != 0xffffffff) {
rpool->counter.addr32[3] =
RandomULong();
}
break;
-#endif /* INET6 */
}
PF_POOLMASK(naddr, raddr, rmask, &rpool->counter,
rpool->af);
saddr, AF_INET);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (r->rpool.cur->addr.p.dyn->
pfid_acnt6 < 1) {
pfid_mask6,
saddr, AF_INET6);
break;
-#endif /* INET6 */
}
} else {
PF_POOLMASK(nsaddr,
daddr, AF_INET);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (r->src.addr.p.dyn->
pfid_acnt6 < 1) {
pfid_mask6,
daddr, AF_INET6);
break;
-#endif /* INET6 */
}
} else {
PF_POOLMASK(ndaddr,
daddr, AF_INET);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (r->dst.addr.p.dyn->
pfid_acnt6 < 1) {
pfid_mask6,
daddr, AF_INET6);
break;
-#endif /* INET6 */
}
} else {
PF_POOLMASK(nsaddr,
case AF_INET:
inp = in_pcblookup_hash_exists(pi, saddr->v4addr, sport, daddr->v4addr, dport,
0, &pd->lookup.uid, &pd->lookup.gid, NULL);
-#if INET6
if (inp == 0) {
struct in6_addr s6, d6;
}
}
}
-#else
- if (inp == 0) {
- inp = in_pcblookup_hash_exists(pi, saddr->v4addr, sport,
- daddr->v4addr, dport, INPLOOKUP_WILDCARD,
- &pd->lookup.uid, &pd->lookup.gid, NULL);
- if (inp == 0) {
- return -1;
- }
- }
-#endif /* !INET6 */
break;
#endif /* INET */
-#if INET6
case AF_INET6:
inp = in6_pcblookup_hash_exists(pi, &saddr->v6addr, sport, &daddr->v6addr,
dport, 0, &pd->lookup.uid, &pd->lookup.gid, NULL);
}
}
break;
-#endif /* INET6 */
default:
return -1;
wscale = TCP_MAX_WINSHIFT;
}
wscale |= PF_WSCALE_FLAG;
- /* FALLTHROUGH */
+ OS_FALLTHROUGH;
default:
optlen = opt[1];
if (optlen < 2) {
#if BYTE_ORDER != BIG_ENDIAN
NTOHS(mss);
#endif
- /* FALLTHROUGH */
+ OS_FALLTHROUGH;
default:
optlen = opt[1];
if (optlen < 2) {
struct sockaddr_in *dst;
struct route ro;
#endif /* INET */
-#if INET6
struct sockaddr_in6 *dst6;
struct route_in6 ro6;
-#endif /* INET6 */
struct rtentry *rt = NULL;
int hlen;
u_int16_t mss = tcp_mssdflt;
rt = ro.ro_rt;
break;
#endif /* INET */
-#if INET6
case AF_INET6:
hlen = sizeof(struct ip6_hdr);
bzero(&ro6, sizeof(ro6));
rtalloc((struct route *)&ro);
rt = ro6.ro_rt;
break;
-#endif /* INET6 */
default:
panic("pf_calc_mss: not AF_INET or AF_INET6!");
return 0;
}
break;
#endif /* INET */
-#if INET6
case IPPROTO_ICMPV6:
if (pd->af != AF_INET6) {
break;
state_icmp++;
}
break;
-#endif /* INET6 */
case IPPROTO_GRE:
if (pd->proto_variant == PF_GRE_PPTP_VARIANT) {
sxport.call_id = dxport.call_id =
++rewrite;
break;
#endif /* INET */
-#if INET6
case IPPROTO_ICMPV6:
if (pd->af != AF_INET6) {
break;
}
rewrite++;
break;
-#endif /* INET */
case IPPROTO_GRE:
if ((direction == PF_IN) &&
(pd->proto_variant == PF_GRE_PPTP_VARIANT)) {
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (PF_ANEQ(saddr, &pd->naddr, pd->af)) {
PF_ACPY(saddr, &pd->naddr, AF_INET6);
PF_ACPY(daddr, &pd->ndaddr, AF_INET6);
}
break;
-#endif /* INET6 */
}
++rewrite;
break;
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (PF_ANEQ(saddr, &pd->naddr, pd->af)) {
PF_ACPY(saddr, &pd->naddr, AF_INET6);
PF_ACPY(daddr, &pd->ndaddr, AF_INET6);
}
break;
-#endif /* INET6 */
}
break;
default:
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (PF_ANEQ(saddr, &pd->naddr, pd->af)) {
PF_ACPY(saddr, &pd->naddr, af);
PF_ACPY(daddr, &pd->ndaddr, af);
}
break;
-#endif /* INET */
}
break;
}
rewrite++;
break;
case IPPROTO_ICMP:
-#if INET6
case IPPROTO_ICMPV6:
-#endif
/* nothing! */
break;
case IPPROTO_GRE:
pd->baddr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(saddr, &pd->baddr,
AF_INET6);
break;
-#endif /* INET6 */
}
break;
case IPPROTO_ESP:
pd->baddr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(saddr, &pd->baddr,
AF_INET6);
break;
-#endif /* INET6 */
}
break;
default:
rewrite++;
break;
case IPPROTO_ICMP:
-#if INET6
case IPPROTO_ICMPV6:
-#endif
/* nothing! */
break;
case IPPROTO_GRE:
pd->bdaddr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(daddr, &pd->bdaddr,
AF_INET6);
break;
-#endif /* INET6 */
}
break;
case IPPROTO_ESP:
pd->bdaddr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(daddr, &pd->bdaddr,
AF_INET6);
break;
-#endif /* INET6 */
}
break;
default:
pd->ip_sum,
pd->bdaddr.v4addr.s_addr, 0);
break;
-#if INET6
case AF_INET6:
PF_ACPY(daddr, &pd->bdaddr, af);
break;
-#endif /* INET6 */
}
}
}
u_int32_t ack = ntohl(th->th_seq) + pd->p_len;
int len = 0;
struct ip *h4;
-#if INET6
struct ip6_hdr *h6;
-#endif /* INET6 */
switch (pd->af) {
case AF_INET:
h4 = pbuf->pb_data;
len = ntohs(h4->ip_len) - off;
break;
-#if INET6
case AF_INET6:
h6 = pbuf->pb_data;
len = ntohs(h6->ip6_plen) -
(off - sizeof(*h6));
break;
-#endif /* INET6 */
}
if (pf_check_proto_cksum(pbuf, off, len, IPPROTO_TCP,
psk.ext_gwy.xport.spi = pd->hdr.esp->spi;
break;
case IPPROTO_ICMP:
-#if INET6
case IPPROTO_ICMPV6:
-#endif
/*
* NAT64 requires protocol translation between ICMPv4
* and ICMPv6. TCP and UDP do not require protocol
}
switch (pd->proto) {
case IPPROTO_ICMP:
-#if INET6
case IPPROTO_ICMPV6:
-#endif
/*
* NAT64 requires protocol translation between ICMPv4
* and ICMPv6. TCP and UDP do not require protocol
s->timeout = PFTM_UDP_FIRST_PACKET;
break;
case IPPROTO_ICMP:
-#if INET6
case IPPROTO_ICMPV6:
-#endif
s->timeout = PFTM_ICMP_FIRST_PACKET;
break;
case IPPROTO_GRE:
icmpcode = pd->hdr.icmp->icmp_code;
break;
#endif /* INET */
-#if INET6
case IPPROTO_ICMPV6:
if (af != AF_INET6) {
break;
icmptype = pd->hdr.icmp6->icmp6_type;
icmpcode = pd->hdr.icmp6->icmp6_code;
break;
-#endif /* INET6 */
case IPPROTO_GRE:
if (pd->proto_variant == PF_GRE_PPTP_VARIANT) {
hdrlen = sizeof(*pd->hdr.grev1);
dnflow.fwa_cookie, (af == AF_INET) ?
((direction == PF_IN) ? DN_TO_IP_IN : DN_TO_IP_OUT) :
((direction == PF_IN) ? DN_TO_IP6_IN : DN_TO_IP6_OUT),
- &dnflow, DN_CLIENT_PF);
+ &dnflow);
}
/*
}
break;
#endif /* INET */
-#if INET6
case IPPROTO_ICMPV6:
icmptype = pd->hdr.icmp6->icmp6_type;
icmpid = pd->hdr.icmp6->icmp6_id;
state_icmp++;
}
break;
-#endif /* INET6 */
}
if (!state_icmp) {
pd->hdr.icmp);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
pf_change_a6(saddr,
&pd->hdr.icmp6->icmp6_cksum,
sizeof(struct icmp6_hdr),
pd->hdr.icmp6);
break;
-#endif /* INET6 */
}
} else {
switch (pd->af) {
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (pd->naf != AF_INET6) {
if (pf_translate_icmp_af(
pbuf, off);
}
break;
-#endif /* INET6 */
}
}
}
#if INET
struct ip h2;
#endif /* INET */
-#if INET6
struct ip6_hdr h2_6;
int terminal = 0;
-#endif /* INET6 */
int ipoff2 = 0;
int off2 = 0;
pd2.ip_sum = &h2.ip_sum;
break;
#endif /* INET */
-#if INET6
case AF_INET6:
ipoff2 = off + sizeof(struct icmp6_hdr);
/* TODO */
pd2.off = ipoff2;
break;
-#endif /* INET6 */
}
switch (pd2.proto) {
&h2);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
pbuf_copy_back(pbuf, off,
sizeof(struct icmp6_hdr),
pbuf_copy_back(pbuf, ipoff2,
sizeof(h2_6), &h2_6);
break;
-#endif /* INET6 */
}
pbuf_copy_back(pbuf, off2, 8, &th);
}
sizeof(h2), &h2);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
pbuf_copy_back(pbuf, off,
sizeof(struct icmp6_hdr),
pbuf_copy_back(pbuf, ipoff2,
sizeof(h2_6), &h2_6);
break;
-#endif /* INET6 */
}
pbuf_copy_back(pbuf, off2, sizeof(uh), &uh);
}
return PF_PASS;
}
#endif /* INET */
-#if INET6
case IPPROTO_ICMPV6: {
struct icmp6_hdr iih;
return PF_PASS;
}
-#endif /* INET6 */
default: {
key.proto = pd2.proto;
if (direction == PF_IN) {
* </XXXSCW>
*/
#endif /* INET */
-#if INET6
case AF_INET6:
if (pf_lazy_makewritable(pd, pbuf,
ipoff2 + sizeof(h2_6)) == NULL) {
pbuf_copy_back(pbuf, ipoff2,
sizeof(h2_6), &h2_6);
break;
-#endif /* INET6 */
}
}
(*state)->state_key->gwy.addr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(pd->src, &(*state)->state_key->gwy.addr,
pd->af);
break;
-#endif /* INET6 */
}
} else {
grev1->call_id = (*state)->state_key->lan.xport.call_id;
(*state)->state_key->lan.addr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(pd->dst, &(*state)->state_key->lan.addr,
pd->af);
break;
-#endif /* INET6 */
}
}
(*state)->state_key->gwy.addr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(pd->src, &(*state)->state_key->gwy.addr,
pd->af);
break;
-#endif /* INET6 */
}
} else {
switch (pd->af) {
(*state)->state_key->lan.addr.v4addr.s_addr, 0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(pd->dst, &(*state)->state_key->lan.addr,
pd->af);
break;
-#endif /* INET6 */
}
}
}
0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(pd->src,
&(*state)->state_key->gwy.addr, pd->af);
break;
-#endif /* INET6 */
}
} else {
switch (pd->af) {
0);
break;
#endif /* INET */
-#if INET6
case AF_INET6:
PF_ACPY(pd->dst,
&(*state)->state_key->lan.addr, pd->af);
break;
-#endif /* INET6 */
}
}
}
break;
}
#endif /* INET */
-#if INET6
case AF_INET6: {
struct ip6_hdr *h = pbuf->pb_data;
}
break;
}
-#endif /* INET6 */
}
pbuf_copy_data(pbuf, off, len, p);
return p;
#pragma unused(kif)
struct sockaddr_in *dst;
int ret = 1;
-#if INET6
struct sockaddr_in6 *dst6;
struct route_in6 ro;
-#else
- struct route ro;
-#endif
bzero(&ro, sizeof(ro));
switch (af) {
dst->sin_len = sizeof(*dst);
dst->sin_addr = addr->v4addr;
break;
-#if INET6
case AF_INET6:
dst6 = (struct sockaddr_in6 *)&ro.ro_dst;
dst6->sin6_family = AF_INET6;
dst6->sin6_len = sizeof(*dst6);
dst6->sin6_addr = addr->v6addr;
break;
-#endif /* INET6 */
default:
return 0;
}
{
#pragma unused(aw)
struct sockaddr_in *dst;
-#if INET6
struct sockaddr_in6 *dst6;
struct route_in6 ro;
-#else
- struct route ro;
-#endif
int ret = 0;
bzero(&ro, sizeof(ro));
dst->sin_len = sizeof(*dst);
dst->sin_addr = addr->v4addr;
break;
-#if INET6
case AF_INET6:
dst6 = (struct sockaddr_in6 *)&ro.ro_dst;
dst6->sin6_family = AF_INET6;
dst6->sin6_len = sizeof(*dst6);
dst6->sin6_addr = addr->v6addr;
break;
-#endif /* INET6 */
default:
return 0;
}
}
#endif /* INET */
-#if INET6
static void
pf_route6(pbuf_t **pbufp, struct pf_rule *r, int dir, struct ifnet *oifp,
struct pf_state *s, struct pf_pdesc *pd)
}
goto done;
}
-#endif /* INET6 */
/*
}
break;
case IPPROTO_ICMP:
-#if INET6
case IPPROTO_ICMPV6:
-#endif /* INET6 */
break;
default:
return 1;
#if INET
case AF_INET:
if (p == IPPROTO_ICMP) {
-#if 0
- if (m->m_len < off) {
- return 1;
- }
- m->m_data += off;
- m->m_len -= off;
- sum = in_cksum(m, len);
- m->m_data -= off;
- m->m_len += off;
-#else
if (pbuf->pb_contig_len < (unsigned)off) {
return 1;
}
sum = pbuf_inet_cksum(pbuf, 0, off, len);
-#endif
} else {
if (pbuf->pb_contig_len < (int)sizeof(struct ip)) {
return 1;
}
break;
#endif /* INET */
-#if INET6
case AF_INET6:
if (pbuf->pb_contig_len < (int)sizeof(struct ip6_hdr)) {
return 1;
}
sum = pbuf_inet6_cksum(pbuf, p, off, len);
break;
-#endif /* INET6 */
default:
return 1;
}
case IPPROTO_ICMP:
icmpstat.icps_checksum++;
break;
-#if INET6
case IPPROTO_ICMPV6:
icmp6stat.icp6s_checksum++;
break;
-#endif /* INET6 */
}
return 1;
}
}
/* not GREv1/PPTP, so treat as ordinary GRE... */
+ OS_FALLTHROUGH;
}
default:
}
#endif /* INET */
-#if INET6
#define PF_APPLE_UPDATE_PDESC_IPv6() \
do { \
if (pbuf && pd.mp && pbuf != pd.mp) { \
#endif /* DUMMYNET */
h = pbuf->pb_data;
-#if 1
/*
* we do not support jumbogram yet. if we keep going, zero ip6_plen
* will do something bad, so drop the packet for now.
REASON_SET(&reason, PFRES_NORM); /*XXX*/
goto done;
}
-#endif
pd.src = (struct pf_addr *)(uintptr_t)&h->ip6_src;
pd.dst = (struct pf_addr *)(uintptr_t)&h->ip6_dst;
PF_ACPY(&pd.baddr, pd.src, AF_INET6);
}
case IPPROTO_ROUTING:
++rh_cnt;
- /* FALL THROUGH */
+ OS_FALLTHROUGH;
case IPPROTO_AH:
case IPPROTO_HOPOPTS:
}
/* not GREv1/PPTP, so treat as ordinary GRE... */
+ OS_FALLTHROUGH; /* XXX is this correct? */
}
default:
}
}
-#if 0
- if (action == PF_SYNPROXY_DROP) {
- m_freem(*m0);
- *m0 = NULL;
- action = PF_PASS;
- } else if (r->rt) {
- /* pf_route6 can free the mbuf causing *m0 to become NULL */
- pf_route6(m0, r, dir, kif->pfik_ifp, s, &pd);
- }
-#else
VERIFY(pbuf == NULL || pd.mp == NULL || pd.mp == pbuf);
if (*pbufp) {
/* pf_route6 can free the mbuf causing *pbufp to become NULL */
pf_route6(pbufp, r, dir, kif->pfik_ifp, s, &pd);
}
-#endif /* 0 */
/* if reassembled packet passed, create new fragments */
struct pf_fragment_tag *ftag = NULL;
}
return action;
}
-#endif /* INET6 */
static int
pf_check_congestion(struct ifqueue *ifq)
{
#pragma unused(align, ioff, flags, palloc)
bzero(pp, sizeof(*pp));
- pp->pool_zone = zinit(size, 1024 * size, PAGE_SIZE, wchan);
- if (pp->pool_zone != NULL) {
- zone_change(pp->pool_zone, Z_EXPAND, TRUE);
- zone_change(pp->pool_zone, Z_CALLERACCT, FALSE);
- pp->pool_hiwat = pp->pool_limit = (unsigned int)-1;
- pp->pool_name = wchan;
- }
+ pp->pool_zone = zone_create(wchan, size, ZC_DESTRUCTIBLE);
+ pp->pool_hiwat = pp->pool_limit = (unsigned int)-1;
+ pp->pool_name = wchan;
}
/* Zones cannot be currently destroyed */
return NULL;
}
- buf = zalloc_canblock(pp->pool_zone, (flags & (PR_NOWAIT | PR_WAITOK)));
+ buf = zalloc_flags(pp->pool_zone,
+ (flags & PR_WAITOK) ? Z_WAITOK : Z_NOWAIT);
if (buf != NULL) {
pp->pool_count++;
VERIFY(pp->pool_count != 0);
projects / apple / xnu.git / blobdiff