Module Name: src
Committed By: rmind
Date: Fri Jul 25 23:21:46 UTC 2014
Modified Files:
src/sys/net/npf: npf_conn.c npf_conn.h
Log Message:
npf_conn_conkey: adjust to return the key length and add a comment
describing the key layout.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/sys/net/npf/npf_conn.c
cvs rdiff -u -r1.4 -r1.5 src/sys/net/npf/npf_conn.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/npf/npf_conn.c
diff -u src/sys/net/npf/npf_conn.c:1.7 src/sys/net/npf/npf_conn.c:1.8
--- src/sys/net/npf/npf_conn.c:1.7 Fri Jul 25 23:07:21 2014
+++ src/sys/net/npf/npf_conn.c Fri Jul 25 23:21:46 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: npf_conn.c,v 1.7 2014/07/25 23:07:21 rmind Exp $ */
+/* $NetBSD: npf_conn.c,v 1.8 2014/07/25 23:21:46 rmind Exp $ */
/*-
* Copyright (c) 2014 Mindaugas Rasiukevicius <rmind at netbsd org>
@@ -99,7 +99,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_conn.c,v 1.7 2014/07/25 23:07:21 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_conn.c,v 1.8 2014/07/25 23:21:46 rmind Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -242,8 +242,10 @@ npf_conn_trackable_p(const npf_cache_t *
/*
* npf_conn_conkey: construct a key for the connection lookup.
+ *
+ * => Returns the key length in bytes or zero on failure.
*/
-bool
+unsigned
npf_conn_conkey(const npf_cache_t *npc, npf_connkey_t *key, const bool forw)
{
const u_int alen = npc->npc_alen;
@@ -272,7 +274,7 @@ npf_conn_conkey(const npf_cache_t *npc,
id[NPF_DST] = ic->icmp_id;
break;
}
- return false;
+ return 0;
case IPPROTO_ICMPV6:
if (npf_iscached(npc, NPC_ICMP_ID)) {
const struct icmp6_hdr *ic6 = npc->npc_l4.icmp6;
@@ -280,21 +282,30 @@ npf_conn_conkey(const npf_cache_t *npc,
id[NPF_DST] = ic6->icmp6_id;
break;
}
- return false;
+ return 0;
default:
/* Unsupported protocol. */
- return false;
+ return 0;
}
- /*
- * Finally, construct a key formed out of 32-bit integers.
- */
if (__predict_true(forw)) {
isrc = NPF_SRC, idst = NPF_DST;
} else {
isrc = NPF_DST, idst = NPF_SRC;
}
+ /*
+ * Construct a key formed out of 32-bit integers. The key layout:
+ *
+ * Field: | proto | alen | src-id | dst-id | src-addr | dst-addr |
+ * +-------+-------+--------+--------+----------+----------+
+ * Bits: | 8 | 8 | 16 | 16 | 32-128 | 32-128 |
+ *
+ * The source and destination are inverted if they key is for the
+ * backwards stream (forw == false). The address length depends
+ * on the 'alen' field; it is a length in bytes, either 4 or 16.
+ */
+
key->ck_key[0] = ((uint32_t)npc->npc_proto << 16) | (alen & 0xffff);
key->ck_key[1] = ((uint32_t)id[isrc] << 16) | id[idst];
@@ -308,8 +319,7 @@ npf_conn_conkey(const npf_cache_t *npc,
memcpy(&key->ck_key[2 + nwords], npc->npc_ips[idst], alen);
keylen = (2 + (nwords * 2)) * sizeof(uint32_t);
}
- (void)keylen;
- return true;
+ return keylen;
}
static __inline void
Index: src/sys/net/npf/npf_conn.h
diff -u src/sys/net/npf/npf_conn.h:1.4 src/sys/net/npf/npf_conn.h:1.5
--- src/sys/net/npf/npf_conn.h:1.4 Fri Jul 25 23:07:21 2014
+++ src/sys/net/npf/npf_conn.h Fri Jul 25 23:21:46 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: npf_conn.h,v 1.4 2014/07/25 23:07:21 rmind Exp $ */
+/* $NetBSD: npf_conn.h,v 1.5 2014/07/25 23:21:46 rmind Exp $ */
/*-
* Copyright (c) 2009-2014 The NetBSD Foundation, Inc.
@@ -103,7 +103,7 @@ void npf_conn_sysfini(void);
void npf_conn_tracking(bool);
void npf_conn_load(npf_conndb_t *, bool);
-bool npf_conn_conkey(const npf_cache_t *, npf_connkey_t *, bool);
+unsigned npf_conn_conkey(const npf_cache_t *, npf_connkey_t *, bool);
npf_conn_t * npf_conn_lookup(const npf_cache_t *, const int, bool *);
npf_conn_t * npf_conn_inspect(npf_cache_t *, const int, int *);
npf_conn_t * npf_conn_establish(npf_cache_t *, int, bool);
