Module Name: src
Committed By: riz
Date: Sat Dec 15 23:45:59 UTC 2012
Modified Files:
src/distrib/sets/lists/base [netbsd-6]: ad.mips64eb ad.mips64el
md.amd64 md.sparc64 shl.mi
src/distrib/sets/lists/comp [netbsd-6]: shl.mi
src/distrib/sets/lists/modules [netbsd-6]: md.evbppc mi
src/lib/npf [netbsd-6]: Makefile
src/sys/modules [netbsd-6]: Makefile
src/sys/net/npf [netbsd-6]: files.npf
Added Files:
src/lib/npf/ext_rndblock [netbsd-6]: Makefile npfext_rndblock.c
shlib_version
src/sys/modules/npf_ext_rndblock [netbsd-6]: Makefile
src/sys/net/npf [netbsd-6]: npf_ext_rndblock.c
Log Message:
Pull up following revision(s) (requested by rmind in ticket #745):
distrib/sets/lists/comp/shl.mi: revision 1.241
distrib/sets/lists/modules/mi: revision 1.49
distrib/sets/lists/base/md.sparc64: revision 1.171
lib/npf/ext_rndblock/npfext_rndblock.c: revision 1.1
distrib/sets/lists/base/ad.mips64eb: revision 1.106
distrib/sets/lists/modules/md.evbppc: revision 1.29
sys/net/npf/npf_ext_rndblock.c: revision 1.1
lib/npf/Makefile: revision 1.2
sys/modules/npf_ext_rndblock/Makefile: revision 1.1
lib/npf/ext_rndblock/Makefile: revision 1.1
distrib/sets/lists/base/ad.mips64el: revision 1.106
lib/npf/ext_rndblock/shlib_version: revision 1.1
distrib/sets/lists/base/md.amd64: revision 1.182
distrib/sets/lists/base/shl.mi: revision 1.643
sys/net/npf/files.npf: revision 1.9
sys/modules/Makefile: revision 1.117
Add NPF "rndblock" extension to randomly drop packets (using a random
function
with a percentage or modulo operation). This is a demo module, although it can
be used for packet loss simulation. Example of a procedure in npf.conf:
procedure "somedrop" {
# Drop 1.9% of the traffic
rndblock: percentage 1.9
}
To generate a diff of this commit:
cvs rdiff -u -r1.82.2.7 -r1.82.2.8 src/distrib/sets/lists/base/ad.mips64eb
cvs rdiff -u -r1.81.2.7 -r1.81.2.8 src/distrib/sets/lists/base/ad.mips64el
cvs rdiff -u -r1.156.2.7 -r1.156.2.8 src/distrib/sets/lists/base/md.amd64
cvs rdiff -u -r1.147.2.7 -r1.147.2.8 src/distrib/sets/lists/base/md.sparc64
cvs rdiff -u -r1.616.2.8 -r1.616.2.9 src/distrib/sets/lists/base/shl.mi
cvs rdiff -u -r1.209.2.9 -r1.209.2.10 src/distrib/sets/lists/comp/shl.mi
cvs rdiff -u -r1.18.2.1 -r1.18.2.2 src/distrib/sets/lists/modules/md.evbppc
cvs rdiff -u -r1.39.2.1 -r1.39.2.2 src/distrib/sets/lists/modules/mi
cvs rdiff -u -r1.1.4.2 -r1.1.4.3 src/lib/npf/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/lib/npf/ext_rndblock/Makefile \
src/lib/npf/ext_rndblock/npfext_rndblock.c \
src/lib/npf/ext_rndblock/shlib_version
cvs rdiff -u -r1.101.2.1 -r1.101.2.2 src/sys/modules/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/sys/modules/npf_ext_rndblock/Makefile
cvs rdiff -u -r1.6.2.2 -r1.6.2.3 src/sys/net/npf/files.npf
cvs rdiff -u -r0 -r1.1.2.2 src/sys/net/npf/npf_ext_rndblock.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/sets/lists/base/ad.mips64eb
diff -u src/distrib/sets/lists/base/ad.mips64eb:1.82.2.7 src/distrib/sets/lists/base/ad.mips64eb:1.82.2.8
--- src/distrib/sets/lists/base/ad.mips64eb:1.82.2.7 Sat Dec 15 05:40:17 2012
+++ src/distrib/sets/lists/base/ad.mips64eb Sat Dec 15 23:45:56 2012
@@ -1,4 +1,4 @@
-# $NetBSD: ad.mips64eb,v 1.82.2.7 2012/12/15 05:40:17 riz Exp $
+# $NetBSD: ad.mips64eb,v 1.82.2.8 2012/12/15 23:45:56 riz Exp $
./libexec/ld.elf_so-64 base-compat-shlib compat,pic
./libexec/ld.elf_so-o32 base-sysutil-bin compat,pic
./usr/lib/64 base-compat-lib
@@ -285,6 +285,9 @@
./usr/lib/64/npf/ext_normalise.so base-npf-shlib compat,pic
./usr/lib/64/npf/ext_normalise.so.0 base-npf-shlib compat,pic
./usr/lib/64/npf/ext_normalise.so.0.0 base-npf-shlib compat,pic
+./usr/lib/64/npf/ext_rndblock.so base-npf-shlib compat,pic
+./usr/lib/64/npf/ext_rndblock.so.0 base-npf-shlib compat,pic
+./usr/lib/64/npf/ext_rndblock.so.0.0 base-npf-shlib compat,pic
./usr/lib/64/security base-compat-shlib
./usr/lib/64/security/pam_afslog.so.3 base-compat-shlib compat,pic,kerberos,pam
./usr/lib/64/security/pam_chroot.so.3 base-compat-shlib compat,pic,pam
@@ -590,6 +593,9 @@
./usr/lib/o32/npf/ext_normalise.so base-npf-shlib compat,pic
./usr/lib/o32/npf/ext_normalise.so.0 base-npf-shlib compat,pic
./usr/lib/o32/npf/ext_normalise.so.0.0 base-npf-shlib compat,pic
+./usr/lib/o32/npf/ext_rndblock.so base-npf-shlib compat,pic
+./usr/lib/o32/npf/ext_rndblock.so.0 base-npf-shlib compat,pic
+./usr/lib/o32/npf/ext_rndblock.so.0.0 base-npf-shlib compat,pic
./usr/lib/o32/security base-compat-shlib
./usr/lib/o32/security/pam_afslog.so.3 base-compat-shlib compat,pic,kerberos,pam
./usr/lib/o32/security/pam_chroot.so.3 base-compat-shlib compat,pic,pam
Index: src/distrib/sets/lists/base/ad.mips64el
diff -u src/distrib/sets/lists/base/ad.mips64el:1.81.2.7 src/distrib/sets/lists/base/ad.mips64el:1.81.2.8
--- src/distrib/sets/lists/base/ad.mips64el:1.81.2.7 Sat Dec 15 05:40:17 2012
+++ src/distrib/sets/lists/base/ad.mips64el Sat Dec 15 23:45:57 2012
@@ -1,4 +1,4 @@
-# $NetBSD: ad.mips64el,v 1.81.2.7 2012/12/15 05:40:17 riz Exp $
+# $NetBSD: ad.mips64el,v 1.81.2.8 2012/12/15 23:45:57 riz Exp $
./libexec/ld.elf_so-64 base-compat-shlib compat,pic
./libexec/ld.elf_so-o32 base-sysutil-bin compat,pic
./usr/lib/64 base-compat-lib
@@ -285,6 +285,9 @@
./usr/lib/64/npf/ext_normalise.so base-npf-shlib compat,pic
./usr/lib/64/npf/ext_normalise.so.0 base-npf-shlib compat,pic
./usr/lib/64/npf/ext_normalise.so.0.0 base-npf-shlib compat,pic
+./usr/lib/64/npf/ext_rndblock.so base-npf-shlib compat,pic
+./usr/lib/64/npf/ext_rndblock.so.0 base-npf-shlib compat,pic
+./usr/lib/64/npf/ext_rndblock.so.0.0 base-npf-shlib compat,pic
./usr/lib/64/security base-compat-shlib
./usr/lib/64/security/pam_afslog.so.3 base-compat-shlib compat,pic,kerberos,pam
./usr/lib/64/security/pam_chroot.so.3 base-compat-shlib compat,pic,pam
@@ -590,6 +593,9 @@
./usr/lib/o32/npf/ext_normalise.so base-npf-shlib compat,pic
./usr/lib/o32/npf/ext_normalise.so.0 base-npf-shlib compat,pic
./usr/lib/o32/npf/ext_normalise.so.0.0 base-npf-shlib compat,pic
+./usr/lib/o32/npf/ext_rndblock.so base-npf-shlib compat,pic
+./usr/lib/o32/npf/ext_rndblock.so.0 base-npf-shlib compat,pic
+./usr/lib/o32/npf/ext_rndblock.so.0.0 base-npf-shlib compat,pic
./usr/lib/o32/security base-compat-shlib
./usr/lib/o32/security/pam_afslog.so.3 base-compat-shlib compat,pic,kerberos,pam
./usr/lib/o32/security/pam_chroot.so.3 base-compat-shlib compat,pic,pam
Index: src/distrib/sets/lists/base/md.amd64
diff -u src/distrib/sets/lists/base/md.amd64:1.156.2.7 src/distrib/sets/lists/base/md.amd64:1.156.2.8
--- src/distrib/sets/lists/base/md.amd64:1.156.2.7 Sat Dec 15 05:40:17 2012
+++ src/distrib/sets/lists/base/md.amd64 Sat Dec 15 23:45:57 2012
@@ -1,4 +1,4 @@
-# $NetBSD: md.amd64,v 1.156.2.7 2012/12/15 05:40:17 riz Exp $
+# $NetBSD: md.amd64,v 1.156.2.8 2012/12/15 23:45:57 riz Exp $
./dev/lms0 base-obsolete obsolete
./dev/mms0 base-obsolete obsolete
./libexec/ld.elf_so-i386 base-sys-shlib compat,pic
@@ -288,6 +288,9 @@
./usr/lib/i386/npf/ext_normalise.so base-npf-shlib compat,pic
./usr/lib/i386/npf/ext_normalise.so.0 base-npf-shlib compat,pic
./usr/lib/i386/npf/ext_normalise.so.0.0 base-npf-shlib compat,pic
+./usr/lib/i386/npf/ext_rndblock.so base-npf-shlib compat,pic
+./usr/lib/i386/npf/ext_rndblock.so.0 base-npf-shlib compat,pic
+./usr/lib/i386/npf/ext_rndblock.so.0.0 base-npf-shlib compat,pic
./usr/lib/i386/security base-compat-shlib compat
./usr/lib/i386/security/pam_afslog.so.3 base-compat-shlib compat,pic,kerberos,pam
./usr/lib/i386/security/pam_chroot.so.3 base-compat-shlib compat,pic,pam
Index: src/distrib/sets/lists/base/md.sparc64
diff -u src/distrib/sets/lists/base/md.sparc64:1.147.2.7 src/distrib/sets/lists/base/md.sparc64:1.147.2.8
--- src/distrib/sets/lists/base/md.sparc64:1.147.2.7 Sat Dec 15 05:40:17 2012
+++ src/distrib/sets/lists/base/md.sparc64 Sat Dec 15 23:45:56 2012
@@ -1,4 +1,4 @@
-# $NetBSD: md.sparc64,v 1.147.2.7 2012/12/15 05:40:17 riz Exp $
+# $NetBSD: md.sparc64,v 1.147.2.8 2012/12/15 23:45:56 riz Exp $
./libexec/ld.elf_so-sparc base-sysutil-bin compat,pic
./sbin/edlabel base-sysutil-root obsolete
./usr/bin/fdformat base-util-bin
@@ -286,6 +286,9 @@
./usr/lib/sparc/npf/ext_normalise.so base-npf-shlib compat,pic
./usr/lib/sparc/npf/ext_normalise.so.0 base-npf-shlib compat,pic
./usr/lib/sparc/npf/ext_normalise.so.0.0 base-npf-shlib compat,pic
+./usr/lib/sparc/npf/ext_rndblock.so base-npf-shlib compat,pic
+./usr/lib/sparc/npf/ext_rndblock.so.0 base-npf-shlib compat,pic
+./usr/lib/sparc/npf/ext_rndblock.so.0.0 base-npf-shlib compat,pic
./usr/lib/sparc/security base-compat-shlib compat
./usr/lib/sparc/security/pam_afslog.so.3 base-compat-shlib compat,pic,kerberos
./usr/lib/sparc/security/pam_chroot.so.3 base-compat-shlib compat,pic
Index: src/distrib/sets/lists/base/shl.mi
diff -u src/distrib/sets/lists/base/shl.mi:1.616.2.8 src/distrib/sets/lists/base/shl.mi:1.616.2.9
--- src/distrib/sets/lists/base/shl.mi:1.616.2.8 Sat Dec 15 05:40:18 2012
+++ src/distrib/sets/lists/base/shl.mi Sat Dec 15 23:45:57 2012
@@ -1,4 +1,4 @@
-# $NetBSD: shl.mi,v 1.616.2.8 2012/12/15 05:40:18 riz Exp $
+# $NetBSD: shl.mi,v 1.616.2.9 2012/12/15 23:45:57 riz Exp $
#
# Note: Don't delete entries from here - mark them as "obsolete" instead,
# unless otherwise stated below.
@@ -722,6 +722,9 @@
./usr/lib/npf/ext_normalise.so base-npf-shlib npf
./usr/lib/npf/ext_normalise.so.0 base-npf-shlib npf
./usr/lib/npf/ext_normalise.so.0.0 base-npf-shlib npf
+./usr/lib/npf/ext_rndblock.so base-npf-shlib npf
+./usr/lib/npf/ext_rndblock.so.0 base-npf-shlib npf
+./usr/lib/npf/ext_rndblock.so.0.0 base-npf-shlib npf
./usr/lib/nss_mdns.so.0 base-obsolete obsolete
./usr/lib/nss_mdnsd.so.0 base-mdns-shlib mdns
./usr/lib/nss_multicast_dns.so.0 base-mdns-shlib mdns
Index: src/distrib/sets/lists/comp/shl.mi
diff -u src/distrib/sets/lists/comp/shl.mi:1.209.2.9 src/distrib/sets/lists/comp/shl.mi:1.209.2.10
--- src/distrib/sets/lists/comp/shl.mi:1.209.2.9 Tue Nov 20 22:19:23 2012
+++ src/distrib/sets/lists/comp/shl.mi Sat Dec 15 23:45:55 2012
@@ -1,4 +1,4 @@
-# $NetBSD: shl.mi,v 1.209.2.9 2012/11/20 22:19:23 riz Exp $
+# $NetBSD: shl.mi,v 1.209.2.10 2012/12/15 23:45:55 riz Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
#
@@ -432,3 +432,4 @@
./usr/libdata/debug/usr/lib/libzpool.so.0.0.debug comp-zfs-debug zfs,dynamicroot,debug
./usr/libdata/debug/usr/lib/npf/libext_log.so.0.0.debug comp-sys-debug debug,npf
./usr/libdata/debug/usr/lib/npf/libext_normalise.so.0.0.debug comp-sys-debug debug,npf
+./usr/libdata/debug/usr/lib/npf/libext_rndblock.so.0.0.debug comp-sys-debug debug,npf
Index: src/distrib/sets/lists/modules/md.evbppc
diff -u src/distrib/sets/lists/modules/md.evbppc:1.18.2.1 src/distrib/sets/lists/modules/md.evbppc:1.18.2.2
--- src/distrib/sets/lists/modules/md.evbppc:1.18.2.1 Tue Nov 20 21:22:56 2012
+++ src/distrib/sets/lists/modules/md.evbppc Sat Dec 15 23:45:56 2012
@@ -1,4 +1,4 @@
-# $NetBSD: md.evbppc,v 1.18.2.1 2012/11/20 21:22:56 riz Exp $
+# $NetBSD: md.evbppc,v 1.18.2.2 2012/12/15 23:45:56 riz Exp $
./stand/powerpc-4xx base-kernel-modules kmod,compatmodules
./stand/powerpc-4xx/@OSRELEASE@ base-kernel-modules kmod,compatmodules
./stand/powerpc-4xx/@OSRELEASE@/modules base-kernel-modules kmod,compatmodules
@@ -108,6 +108,8 @@
./stand/powerpc-4xx/@OSRELEASE@/modules/npf_ext_log/npf_ext_log.kmod base-kernel-modules kmod
./stand/powerpc-4xx/@OSRELEASE@/modules/npf_ext_normalise base-kernel-modules kmod
./stand/powerpc-4xx/@OSRELEASE@/modules/npf_ext_normalise/npf_ext_normalise.kmod base-kernel-modules kmod
+./stand/powerpc-4xx/@OSRELEASE@/modules/npf_ext_rndblock base-kernel-modules kmod
+./stand/powerpc-4xx/@OSRELEASE@/modules/npf_ext_rndblock/npf_ext_rndblock.kmod base-kernel-modules kmod
./stand/powerpc-4xx/@OSRELEASE@/modules/ntfs base-kernel-modules kmod,compatmodules
./stand/powerpc-4xx/@OSRELEASE@/modules/ntfs/ntfs.kmod base-kernel-modules kmod,compatmodules
./stand/powerpc-4xx/@OSRELEASE@/modules/null base-kernel-modules kmod,compatmodules
@@ -285,6 +287,8 @@
./stand/powerpc-booke/@OSRELEASE@/modules/npf_ext_log/npf_ext_log.kmod base-kernel-modules kmod
./stand/powerpc-booke/@OSRELEASE@/modules/npf_ext_normalise base-kernel-modules kmod
./stand/powerpc-booke/@OSRELEASE@/modules/npf_ext_normalise/npf_ext_normalise.kmod base-kernel-modules kmod
+./stand/powerpc-booke/@OSRELEASE@/modules/npf_ext_rndblock base-kernel-modules kmod
+./stand/powerpc-booke/@OSRELEASE@/modules/npf_ext_rndblock/npf_ext_rndblock.kmod base-kernel-modules kmod
./stand/powerpc-booke/@OSRELEASE@/modules/ntfs base-kernel-modules kmod,compatmodules
./stand/powerpc-booke/@OSRELEASE@/modules/ntfs/ntfs.kmod base-kernel-modules kmod,compatmodules
./stand/powerpc-booke/@OSRELEASE@/modules/null base-kernel-modules kmod,compatmodules
Index: src/distrib/sets/lists/modules/mi
diff -u src/distrib/sets/lists/modules/mi:1.39.2.1 src/distrib/sets/lists/modules/mi:1.39.2.2
--- src/distrib/sets/lists/modules/mi:1.39.2.1 Sun Nov 18 22:38:25 2012
+++ src/distrib/sets/lists/modules/mi Sat Dec 15 23:45:56 2012
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.39.2.1 2012/11/18 22:38:25 riz Exp $
+# $NetBSD: mi,v 1.39.2.2 2012/12/15 23:45:56 riz Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
#
@@ -119,6 +119,8 @@
./@MODULEDIR@/npf_ext_log/npf_ext_log.kmod base-kernel-modules kmod
./@MODULEDIR@/npf_ext_normalise base-kernel-modules kmod
./@MODULEDIR@/npf_ext_normalise/npf_ext_normalise.kmod base-kernel-modules kmod
+./@MODULEDIR@/npf_ext_rndblock base-kernel-modules kmod
+./@MODULEDIR@/npf_ext_rndblock/npf_ext_rndblock.kmod base-kernel-modules kmod
./@MODULEDIR@/onewire base-kernel-modules kmod
./@MODULEDIR@/onewire/onewire.kmod base-kernel-modules kmod
./@MODULEDIR@/overlay base-kernel-modules kmod
Index: src/lib/npf/Makefile
diff -u src/lib/npf/Makefile:1.1.4.2 src/lib/npf/Makefile:1.1.4.3
--- src/lib/npf/Makefile:1.1.4.2 Sun Nov 18 22:38:32 2012
+++ src/lib/npf/Makefile Sat Dec 15 23:45:58 2012
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.1.4.2 2012/11/18 22:38:32 riz Exp $
+# $NetBSD: Makefile,v 1.1.4.3 2012/12/15 23:45:58 riz Exp $
.include <bsd.own.mk>
.if ${MKPIC} != "no"
-SUBDIR= ext_log ext_normalise
+SUBDIR= ext_log ext_normalise ext_rndblock
.endif
Index: src/sys/modules/Makefile
diff -u src/sys/modules/Makefile:1.101.2.1 src/sys/modules/Makefile:1.101.2.2
--- src/sys/modules/Makefile:1.101.2.1 Sun Nov 18 22:38:37 2012
+++ src/sys/modules/Makefile Sat Dec 15 23:45:59 2012
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.101.2.1 2012/11/18 22:38:37 riz Exp $
+# $NetBSD: Makefile,v 1.101.2.2 2012/12/15 23:45:59 riz Exp $
.include <bsd.own.mk>
@@ -50,6 +50,7 @@ SUBDIR+= npf_alg_icmp
SUBDIR+= ntfs
SUBDIR+= npf_ext_log
SUBDIR+= npf_ext_normalise
+SUBDIR+= npf_ext_rndblock
SUBDIR+= null
SUBDIR+= onewire
SUBDIR+= overlay
Index: src/sys/net/npf/files.npf
diff -u src/sys/net/npf/files.npf:1.6.2.2 src/sys/net/npf/files.npf:1.6.2.3
--- src/sys/net/npf/files.npf:1.6.2.2 Sun Nov 18 22:38:27 2012
+++ src/sys/net/npf/files.npf Sat Dec 15 23:45:58 2012
@@ -1,4 +1,4 @@
-# $NetBSD: files.npf,v 1.6.2.2 2012/11/18 22:38:27 riz Exp $
+# $NetBSD: files.npf,v 1.6.2.3 2012/12/15 23:45:58 riz Exp $
#
# Public Domain.
#
@@ -31,6 +31,7 @@ file net/npf/npf_sendpkt.c npf
# Built-in extensions.
file net/npf/npf_ext_log.c npf
file net/npf/npf_ext_normalise.c npf
+file net/npf/npf_ext_rndblock.c npf
# ALGs
file net/npf/npf_alg_icmp.c npf
Added files:
Index: src/lib/npf/ext_rndblock/Makefile
diff -u /dev/null src/lib/npf/ext_rndblock/Makefile:1.1.2.2
--- /dev/null Sat Dec 15 23:45:59 2012
+++ src/lib/npf/ext_rndblock/Makefile Sat Dec 15 23:45:58 2012
@@ -0,0 +1,21 @@
+# $NetBSD: Makefile,v 1.1.2.2 2012/12/15 23:45:58 riz Exp $
+
+.include <bsd.own.mk>
+
+LIBISMODULE= yes
+.if defined(MLIBDIR)
+LIBDIR= /usr/lib/${MLIBDIR}/npf
+SHLIBDIR= /usr/lib/${MLIBDIR}/npf
+SHLIBINSTALLDIR=/usr/lib/${MLIBDIR}/npf
+.else
+LIBDIR= /usr/lib/npf
+SHLIBDIR= /usr/lib/npf
+SHLIBINSTALLDIR=/usr/lib/npf
+.endif
+
+LIB= ext_rndblock
+
+SRCS= npfext_rndblock.c
+WARNS= 5
+
+.include <bsd.lib.mk>
Index: src/lib/npf/ext_rndblock/npfext_rndblock.c
diff -u /dev/null src/lib/npf/ext_rndblock/npfext_rndblock.c:1.1.2.2
--- /dev/null Sat Dec 15 23:45:59 2012
+++ src/lib/npf/ext_rndblock/npfext_rndblock.c Sat Dec 15 23:45:58 2012
@@ -0,0 +1,97 @@
+/* $NetBSD: npfext_rndblock.c,v 1.1.2.2 2012/12/15 23:45:58 riz Exp $ */
+
+/*-
+ * Copyright (c) 2012 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: npfext_rndblock.c,v 1.1.2.2 2012/12/15 23:45:58 riz Exp $");
+
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include <errno.h>
+
+#include <npf.h>
+
+int npfext_rndblock_init(void);
+nl_ext_t * npfext_rndblock_construct(const char *);
+int npfext_rndblock_param(nl_ext_t *, const char *, const char *);
+
+int
+npfext_rndblock_init(void)
+{
+ /* Nothing to initialise. */
+ return 0;
+}
+
+nl_ext_t *
+npfext_rndblock_construct(const char *name)
+{
+ assert(strcmp(name, "rndblock") == 0);
+ return npf_ext_construct(name);
+}
+
+int
+npfext_rndblock_param(nl_ext_t *ext, const char *param, const char *val)
+{
+ enum ptype { PARAM_U32 };
+ static const struct param {
+ const char * name;
+ enum ptype type;
+ signed long min;
+ signed long max;
+ } params[] = {
+ { "mod", PARAM_U32, 1, LONG_MAX },
+ { "percentage", PARAM_U32, 1, 9999 },
+ };
+
+ if (val == NULL) {
+ return EINVAL;
+ }
+ for (unsigned i = 0; i < __arraycount(params); i++) {
+ const char *name = params[i].name;
+ long ival;
+
+ if (strcmp(name, param) != 0) {
+ continue;
+ }
+
+ /*
+ * Note: multiply by 100 and convert floating point to
+ * an integer, as 100% is based on 10000 in the kernel.
+ */
+ ival = (i == 1) ? atof(val) * 100 : atol(val);
+ if (ival < params[i].min || ival > params[i].max) {
+ return EINVAL;
+ }
+ assert(params[i].type == PARAM_U32);
+ npf_ext_param_u32(ext, name, ival);
+ return 0;
+ }
+
+ /* Invalid parameter, if not found. */
+ return EINVAL;
+}
Index: src/lib/npf/ext_rndblock/shlib_version
diff -u /dev/null src/lib/npf/ext_rndblock/shlib_version:1.1.2.2
--- /dev/null Sat Dec 15 23:45:59 2012
+++ src/lib/npf/ext_rndblock/shlib_version Sat Dec 15 23:45:58 2012
@@ -0,0 +1,4 @@
+# $NetBSD: shlib_version,v 1.1.2.2 2012/12/15 23:45:58 riz Exp $
+
+major=0
+minor=0
Index: src/sys/modules/npf_ext_rndblock/Makefile
diff -u /dev/null src/sys/modules/npf_ext_rndblock/Makefile:1.1.2.2
--- /dev/null Sat Dec 15 23:45:59 2012
+++ src/sys/modules/npf_ext_rndblock/Makefile Sat Dec 15 23:45:59 2012
@@ -0,0 +1,11 @@
+# $NetBSD: Makefile,v 1.1.2.2 2012/12/15 23:45:59 riz Exp $
+
+.include "../Makefile.inc"
+
+.PATH: ${S}/net/npf
+
+KMOD= npf_ext_rndblock
+
+SRCS= npf_ext_rndblock.c
+
+.include <bsd.kmodule.mk>
Index: src/sys/net/npf/npf_ext_rndblock.c
diff -u /dev/null src/sys/net/npf/npf_ext_rndblock.c:1.1.2.2
--- /dev/null Sat Dec 15 23:45:59 2012
+++ src/sys/net/npf/npf_ext_rndblock.c Sat Dec 15 23:45:58 2012
@@ -0,0 +1,174 @@
+/* $NetBSD: npf_ext_rndblock.c,v 1.1.2.2 2012/12/15 23:45:58 riz Exp $ */
+
+/*-
+ * Copyright (c) 2012 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * NPF random blocking extension - kernel module.
+ * This is also a demo extension.
+ */
+
+#include <sys/cdefs.h>
+__KERNEL_RCSID(0, "$NetBSD: npf_ext_rndblock.c,v 1.1.2.2 2012/12/15 23:45:58 riz Exp $");
+
+#include <sys/types.h>
+#include <sys/cprng.h>
+#include <sys/atomic.h>
+#include <sys/module.h>
+#include <sys/kmem.h>
+
+#include "npf.h"
+
+/*
+ * NPF extension module definition and the identifier.
+ */
+NPF_EXT_MODULE(npf_ext_rndblock, "");
+
+#define NPFEXT_RNDBLOCK_VER 1
+
+static void * npf_ext_rndblock_id;
+
+#define PERCENTAGE_BASE 10000
+
+/*
+ * Meta-data structure, containing parameters.
+ */
+typedef struct {
+ unsigned int mod;
+ unsigned long counter;
+ unsigned int percentage;
+} npf_ext_rndblock_t;
+
+/*
+ * npf_ext_rndblock_ctor: a constructor to parse and store any parameters
+ * associated with a rule procedure, which is being newly created.
+ */
+static int
+npf_ext_rndblock_ctor(npf_rproc_t *rp, prop_dictionary_t params)
+{
+ npf_ext_rndblock_t *meta;
+
+ /*
+ * Allocate and a associate a structure for the parameter
+ * and our meta-data.
+ */
+ meta = kmem_zalloc(sizeof(npf_ext_rndblock_t), KM_SLEEP);
+ prop_dictionary_get_uint32(params, "mod", &meta->mod);
+ prop_dictionary_get_uint32(params, "percentage", &meta->percentage);
+ npf_rproc_assign(rp, meta);
+
+ return 0;
+}
+
+/*
+ * npf_ext_rndblock_dtor: a destructor for our rule procedure.
+ */
+static void
+npf_ext_rndblock_dtor(npf_rproc_t *rp, void *meta)
+{
+ /* Free our meta-data, associated with the procedure. */
+ kmem_free(meta, sizeof(npf_ext_rndblock_t));
+}
+
+/*
+ * npf_ext_rndblock: main routine implementing the extension functionality.
+ */
+static void
+npf_ext_rndblock(npf_cache_t *npc, nbuf_t *nbuf, void *meta, int *decision)
+{
+ npf_ext_rndblock_t *rndblock = meta;
+ unsigned long c;
+
+ /* Skip, if already blocking. */
+ if (*decision == NPF_DECISION_BLOCK) {
+ return;
+ }
+
+ /*
+ * Sample demo:
+ *
+ * Drop the packets according to the given module or percentage.
+ *
+ * Rule procedures may be executed concurrently in an SMP system.
+ * Use atomic operation to increment the counter.
+ */
+ c = atomic_inc_ulong_nv(&rndblock->counter);
+
+ if (rndblock->mod) {
+ if ((c % rndblock->mod) == 0) {
+ *decision = NPF_DECISION_BLOCK;
+ }
+ }
+
+ if (rndblock->percentage) {
+ uint32_t w = cprng_fast32() % PERCENTAGE_BASE;
+ if (w <= rndblock->percentage) {
+ *decision = NPF_DECISION_BLOCK;
+ }
+ }
+}
+
+/*
+ * Module interface.
+ */
+static int
+npf_ext_rndblock_modcmd(modcmd_t cmd, void *arg)
+{
+ static const npf_ext_ops_t npf_rndblock_ops = {
+ .version = NPFEXT_RNDBLOCK_VER,
+ .ctx = NULL,
+ .ctor = npf_ext_rndblock_ctor,
+ .dtor = npf_ext_rndblock_dtor,
+ .proc = npf_ext_rndblock
+ };
+
+ switch (cmd) {
+ case MODULE_CMD_INIT:
+ /*
+ * Initialise the NPF extension module. Register the
+ * "rndblock" extensions calls (constructor, destructor,
+ * the processing * routine, etc).
+ */
+ npf_ext_rndblock_id = npf_ext_register("rndblock",
+ &npf_rndblock_ops);
+ return npf_ext_rndblock_id ? 0 : EEXIST;
+
+ case MODULE_CMD_FINI:
+ /*
+ * Unregister our rndblock extension. NPF may return an
+ * if there are references and it cannot drain them.
+ */
+ return npf_ext_unregister(npf_ext_rndblock_id);
+
+ case MODULE_CMD_AUTOUNLOAD:
+ /* Allow auto-unload only if NPF permits it. */
+ return npf_autounload_p() ? 0 : EBUSY;
+
+ default:
+ return ENOTTY;
+ }
+ return 0;
+}
