now with even more straightforward if_detach_queues
? sys2
? sys/ID
Index: sbin/pfctl/parse.y
===================================================================
RCS file: /cvs/src/sbin/pfctl/parse.y,v
retrieving revision 1.603
diff -u -p -r1.603 parse.y
--- sbin/pfctl/parse.y 7 Jul 2011 00:47:19 -0000 1.603
+++ sbin/pfctl/parse.y 8 Jul 2011 02:13:13 -0000
@@ -230,6 +230,7 @@ struct filter_opts {
#define FOM_MAXMSS 0x0040
#define FOM_SETTOS 0x0100
#define FOM_SCRUB_TCP 0x0200
+#define FOM_PRIO 0x0400
struct node_uid *uid;
struct node_gid *gid;
struct node_if *rcv;
@@ -254,6 +255,7 @@ struct filter_opts {
char *match_tag;
u_int8_t match_tag_not;
u_int rtableid;
+ u_int8_t prio[2];
struct {
struct node_host *addr;
u_int16_t port;
@@ -451,7 +453,7 @@ int parseport(char *, struct range *r, i
%token BITMASK RANDOM SOURCEHASH ROUNDROBIN LEASTSTATES STATICPORT PROBABILITY
%token ALTQ CBQ PRIQ HFSC BANDWIDTH TBRSIZE LINKSHARE REALTIME UPPERLIMIT
%token QUEUE PRIORITY QLIMIT RTABLE RDOMAIN
-%token LOAD RULESET_OPTIMIZATION
+%token LOAD RULESET_OPTIMIZATION RTABLE RDOMAIN PRIO
%token STICKYADDRESS MAXSRCSTATES MAXSRCNODES SOURCETRACK GLOBAL RULE
%token MAXSRCCONN MAXSRCCONNRATE OVERLOAD FLUSH SLOPPY PFLOW
%token TAGGED TAG IFBOUND FLOATING STATEPOLICY STATEDEFAULTS ROUTE SETTOS
@@ -466,7 +468,7 @@ int parseport(char *, struct range *r, i
%type <v.i> dir af optimizer
%type <v.i> sourcetrack flush unaryop statelock
%type <v.b> action
-%type <v.b> flags flag blockspec
+%type <v.b> flags flag blockspec prio
%type <v.range> portplain portstar portrange
%type <v.hashkey> hashkey
%type <v.proto> proto proto_list proto_item
@@ -870,6 +872,11 @@ anchorrule : ANCHOR anchorname dir quick
YYERROR;
}
r.match_tag_not = $9.match_tag_not;
+ if ($9.marker & FOM_PRIO) {
+ r.prio[0] = $9.prio[0];
+ r.prio[1] = $9.prio[1];
+ } else
+ r.prio[0] = r.prio[1] = PF_PRIO_NOTSET;
decide_address_family($8.src.host, &r.af);
decide_address_family($8.dst.host, &r.af);
@@ -1665,6 +1672,11 @@ pfrule : action dir logquick interface
}
if ($8.marker & FOM_SCRUB_TCP)
r.scrub_flags |= PFSTATE_SCRUB_TCP;
+ if ($8.marker & FOM_PRIO) {
+ r.prio[0] = $8.prio[0];
+ r.prio[1] = $8.prio[1];
+ } else
+ r.prio[0] = r.prio[1] = PF_PRIO_NOTSET;
r.af = $5;
if ($8.tag)
@@ -2266,6 +2278,33 @@ filter_opt : USER uids {
}
filter_opts.rcv = $2;
}
+ | prio {
+ if (filter_opts.marker & FOM_PRIO) {
+ yyerror("prio cannot be redefined");
+ YYERROR;
+ }
+ filter_opts.marker |= FOM_PRIO;
+ filter_opts.prio[0] = $1.b1;
+ filter_opts.prio[1] = $1.b2;
+ }
+ ;
+
+prio : PRIO NUMBER {
+ if ($2 < 0 || $2 > IFQ_MAXPRIO) {
+ yyerror("prio must be 0 - %u", IFQ_MAXPRIO);
+ YYERROR;
+ }
+ $$.b1 = $$.b2 = $2;
+ }
+ | PRIO '(' NUMBER comma NUMBER ')' {
+ if ($3 < 0 || $3 > IFQ_MAXPRIO ||
+ $5 < 0 || $5 > IFQ_MAXPRIO) {
+ yyerror("prio must be 0 - %u", IFQ_MAXPRIO);
+ YYERROR;
+ }
+ $$.b1 = $3;
+ $$.b2 = $5;
+ }
;
probability : STRING {
@@ -5046,6 +5085,7 @@ lookup(char *s)
{ "pass", PASS},
{ "pflow", PFLOW},
{ "port", PORT},
+ { "prio", PRIO},
{ "priority", PRIORITY},
{ "priq", PRIQ},
{ "probability", PROBABILITY},
Index: sbin/pfctl/pfctl_parser.c
===================================================================
RCS file: /cvs/src/sbin/pfctl/pfctl_parser.c,v
retrieving revision 1.277
diff -u -p -r1.277 pfctl_parser.c
--- sbin/pfctl/pfctl_parser.c 7 Jul 2011 02:00:25 -0000 1.277
+++ sbin/pfctl/pfctl_parser.c 8 Jul 2011 02:13:13 -0000
@@ -1070,6 +1070,12 @@ print_rule(struct pf_rule *r, const char
printf(" ");
print_pool(&r->route, 0, 0, r->af, PF_POOL_ROUTE, verbose);
}
+ if (r->prio[0] != PF_PRIO_NOTSET) {
+ if (r->prio[0] == r->prio[1])
+ printf(" prio %u", r->prio[0]);
+ else
+ printf(" prio(%u, %u)", r->prio[0], r->prio[1]);
+ }
}
void
Index: sys/altq/if_altq.h
===================================================================
RCS file: /cvs/src/sys/altq/if_altq.h,v
retrieving revision 1.13
diff -u -p -r1.13 if_altq.h
--- sys/altq/if_altq.h 3 Jul 2011 22:39:12 -0000 1.13
+++ sys/altq/if_altq.h 8 Jul 2011 02:13:13 -0000
@@ -31,13 +31,17 @@
struct altq_pktattr; struct tb_regulator;
+#define ALTQ_IFQ_NQUEUES 8
+
/*
* Structure defining a queue for a network interface.
*/
struct ifaltq {
/* fields compatible with struct ifqueue */
- struct mbuf *ifq_head;
- struct mbuf *ifq_tail;
+ struct {
+ struct mbuf *head;
+ struct mbuf *tail;
+ } ifq_q[ALTQ_IFQ_NQUEUES];
int ifq_len;
int ifq_maxlen;
int ifq_drops;
@@ -61,7 +65,6 @@ struct ifaltq {
/* token bucket regulator */
struct tb_regulator *altq_tbr;
};
-
#ifdef _KERNEL
Index: sys/kern/uipc_mbuf.c
===================================================================
RCS file: /cvs/src/sys/kern/uipc_mbuf.c,v
retrieving revision 1.159
diff -u -p -r1.159 uipc_mbuf.c
--- sys/kern/uipc_mbuf.c 5 Jul 2011 05:53:17 -0000 1.159
+++ sys/kern/uipc_mbuf.c 8 Jul 2011 02:13:14 -0000
@@ -1,4 +1,4 @@
-/* $OpenBSD: uipc_mbuf.c,v 1.159 2011/07/05 05:53:17 claudio Exp $ */
+/* $OpenBSD: uipc_mbuf.c,v 1.157 2011/05/04 16:05:49 blambert Exp $
*/
/* $NetBSD: uipc_mbuf.c,v 1.15.4.1 1996/06/13 17:11:44 cgd Exp $ */
/*
@@ -246,6 +246,7 @@ m_gethdr(int nowait, int type)
m->m_data = m->m_pktdat;
m->m_flags = M_PKTHDR;
bzero(&m->m_pkthdr, sizeof(m->m_pkthdr));
+ m->m_pkthdr.pf.prio = IFQ_DEFPRIO;
}
return (m);
}
@@ -259,6 +260,7 @@ m_inithdr(struct mbuf *m)
m->m_data = m->m_pktdat;
m->m_flags = M_PKTHDR;
bzero(&m->m_pkthdr, sizeof(m->m_pkthdr));
+ m->m_pkthdr.pf.prio = IFQ_DEFPRIO;
return (m);
}
@@ -1352,6 +1354,8 @@ m_print(void *v, int (*pr)(const char *,
m->m_pkthdr.pf.hdr, m->m_pkthdr.pf.statekey);
(*pr)("m_pkthdr.pf.qid:\t%u m_pkthdr.pf.tag: %hu\n",
m->m_pkthdr.pf.qid, m->m_pkthdr.pf.tag);
+ (*pr)("m_pkthdr.pf.prio:\t%u m_pkthdr.pf.tag: %hu\n",
+ m->m_pkthdr.pf.prio, m->m_pkthdr.pf.tag);
(*pr)("m_pkthdr.pf.routed: %hhx\n", m->m_pkthdr.pf.routed);
}
if (m->m_flags & M_EXT) {
Index: sys/net/if.c
===================================================================
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.237
diff -u -p -r1.237 if.c
--- sys/net/if.c 6 Jul 2011 02:42:28 -0000 1.237
+++ sys/net/if.c 8 Jul 2011 02:13:14 -0000
@@ -652,33 +652,35 @@ do { \
void
if_detach_queues(struct ifnet *ifp, struct ifqueue *q)
{
- struct mbuf *m, *prev, *next;
+ struct mbuf *m, *prev = NULL, *next;
+ int prio;
- prev = NULL;
- for (m = q->ifq_head; m; m = next) {
- next = m->m_nextpkt;
+ for (prio = 0; prio <= IFQ_MAXPRIO; prio++) {
+ for (m = q->ifq_q[prio].head; m; m = next) {
+ next = m->m_nextpkt;
#ifdef DIAGNOSTIC
- if ((m->m_flags & M_PKTHDR) == 0) {
- prev = m;
- continue;
- }
+ if ((m->m_flags & M_PKTHDR) == 0) {
+ prev = m;
+ continue;
+ }
#endif
- if (m->m_pkthdr.rcvif != ifp) {
- prev = m;
- continue;
- }
+ if (m->m_pkthdr.rcvif != ifp) {
+ prev = m;
+ continue;
+ }
- if (prev)
- prev->m_nextpkt = m->m_nextpkt;
- else
- q->ifq_head = m->m_nextpkt;
- if (q->ifq_tail == m)
- q->ifq_tail = prev;
- q->ifq_len--;
+ if (prev)
+ prev->m_nextpkt = m->m_nextpkt;
+ else
+ q->ifq_q[prio].head = m->m_nextpkt;
+ if (q->ifq_q[prio].tail == m)
+ q->ifq_q[prio].tail = prev;
+ q->ifq_len--;
- m->m_nextpkt = NULL;
- m_freem(m);
- IF_DROP(q);
+ m->m_nextpkt = NULL;
+ m_freem(m);
+ IF_DROP(q);
+ }
}
}
Index: sys/net/if.h
===================================================================
RCS file: /cvs/src/sys/net/if.h,v
retrieving revision 1.127
diff -u -p -r1.127 if.h
--- sys/net/if.h 7 Jul 2011 20:41:36 -0000 1.127
+++ sys/net/if.h 8 Jul 2011 02:13:14 -0000
@@ -80,6 +81,7 @@ struct socket;
struct ether_header;
struct arpcom;
struct rt_addrinfo;
+struct ifnet;
/*
* Structure describing a `cloning' interface.
@@ -146,13 +148,19 @@ struct if_data {
struct mclpool ifi_mclpool[MCLPOOLS];
};
+#define IFQ_NQUEUES ALTQ_IFQ_NQUEUES
+#define IFQ_MAXPRIO IFQ_NQUEUES - 1
+#define IFQ_DEFPRIO 3
+
/*
* Structure defining a queue for a network interface.
* XXX keep in sync with struct ifaltq.
*/
struct ifqueue {
- struct mbuf *ifq_head;
- struct mbuf *ifq_tail;
+ struct {
+ struct mbuf *head;
+ struct mbuf *tail;
+ } ifq_q[IFQ_NQUEUES];
int ifq_len;
int ifq_maxlen;
int ifq_drops;
@@ -367,31 +375,45 @@ struct ifnet { /* and the
entries */
#define IF_DROP(ifq) ((ifq)->ifq_drops++)
#define IF_ENQUEUE(ifq, m)
\
do { \
- (m)->m_nextpkt = 0; \
- if ((ifq)->ifq_tail == 0) \
- (ifq)->ifq_head = m; \
+ (m)->m_nextpkt = NULL; \
+ if ((ifq)->ifq_q[(m)->m_pkthdr.pf.prio].tail == NULL) \
+ (ifq)->ifq_q[(m)->m_pkthdr.pf.prio].head = m; \
else \
- (ifq)->ifq_tail->m_nextpkt = m; \
- (ifq)->ifq_tail = m; \
+ (ifq)->ifq_q[(m)->m_pkthdr.pf.prio].tail->m_nextpkt = m; \
+ (ifq)->ifq_q[(m)->m_pkthdr.pf.prio].tail = m; \
(ifq)->ifq_len++; \
} while (/* CONSTCOND */0)
#define IF_PREPEND(ifq, m)
\
do { \
- (m)->m_nextpkt = (ifq)->ifq_head; \
- if ((ifq)->ifq_tail == 0) \
- (ifq)->ifq_tail = (m); \
- (ifq)->ifq_head = (m); \
+ (m)->m_nextpkt = (ifq)->ifq_q[(m)->m_pkthdr.pf.prio].head; \
+ if ((ifq)->ifq_q[(m)->m_pkthdr.pf.prio].tail == NULL) \
+ (ifq)->ifq_q[(m)->m_pkthdr.pf.prio].tail = (m); \
+ (ifq)->ifq_q[(m)->m_pkthdr.pf.prio].head = (m); \
(ifq)->ifq_len++; \
} while (/* CONSTCOND */0)
+
+#define IF_POLL(ifq, m)
\
+do { \
+ int if_dequeue_prio = IFQ_MAXPRIO; \
+ do { \
+ (m) = (ifq)->ifq_q[if_dequeue_prio].head; \
+ } while (!(m) && --if_dequeue_prio >= 0); \
+} while (/* CONSTCOND */0)
+
#define IF_DEQUEUE(ifq, m)
\
do { \
- (m) = (ifq)->ifq_head; \
- if (m) { \
- if (((ifq)->ifq_head = (m)->m_nextpkt) == 0) \
- (ifq)->ifq_tail = 0; \
- (m)->m_nextpkt = 0; \
- (ifq)->ifq_len--; \
- } \
+ int if_dequeue_prio = IFQ_MAXPRIO; \
+ do { \
+ (m) = (ifq)->ifq_q[if_dequeue_prio].head; \
+ if (m) { \
+printf("%u", if_dequeue_prio);\
+ if (((ifq)->ifq_q[if_dequeue_prio].head = \
+ (m)->m_nextpkt) == NULL) \
+ (ifq)->ifq_q[if_dequeue_prio].tail = NULL; \
+ (m)->m_nextpkt = NULL; \
+ (ifq)->ifq_len--; \
+ } \
+ } while (!(m) && --if_dequeue_prio >= 0); \
} while (/* CONSTCOND */0)
#define IF_INPUT_ENQUEUE(ifq, m)
\
@@ -405,7 +427,6 @@ do {
\
IF_ENQUEUE(ifq, m); \
} while (/* CONSTCOND */0)
-#define IF_POLL(ifq, m) ((m) = (ifq)->ifq_head)
#define IF_PURGE(ifq)
\
do { \
struct mbuf *__m0; \
@@ -687,9 +708,10 @@ do { \
#define IFQ_ENQUEUE(ifq, m, pattr, err)
\
do { \
- if (ALTQ_IS_ENABLED((ifq))) \
+ if (ALTQ_IS_ENABLED((ifq))) { \
+ m->m_pkthdr.pf.prio = IFQ_MAXPRIO; \
ALTQ_ENQUEUE((ifq), (m), (pattr), (err)); \
- else { \
+ } else { \
if (IF_QFULL((ifq))) { \
m_freem((m)); \
(err) = ENOBUFS; \
Index: sys/net/pf.c
===================================================================
RCS file: /cvs/src/sys/net/pf.c,v
retrieving revision 1.762
diff -u -p -r1.762 pf.c
--- sys/net/pf.c 7 Jul 2011 20:46:36 -0000 1.762
+++ sys/net/pf.c 8 Jul 2011 02:13:14 -0000
@@ -1973,6 +1973,8 @@ pf_send_tcp(const struct pf_rule *r, sa_
m->m_pkthdr.pf.flags |= PF_TAG_GENERATED;
m->m_pkthdr.pf.tag = rtag;
m->m_pkthdr.rdomain = rdom;
+ if (r && r->prio[0] != PF_PRIO_NOTSET)
+ m->m_pkthdr.pf.prio = r->prio[0];
#ifdef ALTQ
if (r != NULL && r->qid) {
@@ -2095,6 +2097,8 @@ pf_send_icmp(struct mbuf *m, u_int8_t ty
m0->m_pkthdr.pf.flags |= PF_TAG_GENERATED;
m0->m_pkthdr.rdomain = rdomain;
+ if (r && r->prio[0] != PF_PRIO_NOTSET)
+ m0->m_pkthdr.pf.prio = r->prio[0];
#ifdef ALTQ
if (r->qid) {
@@ -2717,6 +2721,10 @@ pf_rule_to_actions(struct pf_rule *r, st
a->max_mss = r->max_mss;
a->flags |= (r->scrub_flags & (PFSTATE_NODF|PFSTATE_RANDOMID|
PFSTATE_SETTOS|PFSTATE_SCRUB_TCP));
+ if (r->prio[0] != PF_PRIO_NOTSET)
+ a->prio[0] = r->prio[0];
+ if (r->prio[1] != PF_PRIO_NOTSET)
+ a->prio[1] = r->prio[1];
}
#define PF_TEST_ATTRIB(t, a) \
@@ -2759,6 +2767,7 @@ pf_test_rule(struct pf_rule **rm, struct
PF_ACPY(&pd->ndaddr, pd->dst, pd->af);
bzero(&act, sizeof(act));
+ act.prio[0] = act.prio[1] = PF_PRIO_NOTSET;
bzero(sns, sizeof(sns));
act.rtableid = pd->rdomain;
SLIST_INIT(&rules);
@@ -3158,6 +3167,8 @@ pf_create_state(struct pf_rule *r, struc
s->max_mss = act->max_mss;
s->state_flags |= act->flags;
s->sync_state = PFSYNC_S_NONE;
+ s->prio[0] = act->prio[0];
+ s->prio[1] = act->prio[1];
switch (pd->proto) {
case IPPROTO_TCP:
s->src.seqlo = ntohl(th->th_seq);
@@ -6051,17 +6062,27 @@ done:
pf_scrub(m, s->state_flags, pd.af, s->min_ttl,
s->set_tos);
pf_tag_packet(m, s->tag, s->rtableid[pd.didx]);
- if (pqid || (pd.tos & IPTOS_LOWDELAY))
+ if (pqid || (pd.tos & IPTOS_LOWDELAY)) {
qid = s->pqid;
- else
+ if (s->prio[1] != PF_PRIO_NOTSET)
+ m->m_pkthdr.pf.prio = s->prio[1];
+ } else {
qid = s->qid;
+ if (s->prio[0] != PF_PRIO_NOTSET)
+ m->m_pkthdr.pf.prio = s->prio[0];
+ }
} else {
pf_scrub(m, r->scrub_flags, pd.af, r->min_ttl,
r->set_tos);
- if (pqid || (pd.tos & IPTOS_LOWDELAY))
+ if (pqid || (pd.tos & IPTOS_LOWDELAY)) {
qid = r->pqid;
- else
+ if (r->prio[1] != PF_PRIO_NOTSET)
+ m->m_pkthdr.pf.prio = r->prio[1];
+ } else {
qid = r->qid;
+ if (r->prio[0] != PF_PRIO_NOTSET)
+ m->m_pkthdr.pf.prio = r->prio[0];
+ }
}
}
Index: sys/net/pf_ioctl.c
===================================================================
RCS file: /cvs/src/sys/net/pf_ioctl.c,v
retrieving revision 1.240
diff -u -p -r1.240 pf_ioctl.c
--- sys/net/pf_ioctl.c 2 Jun 2011 22:03:30 -0000 1.240
+++ sys/net/pf_ioctl.c 8 Jul 2011 02:13:14 -0000
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_ioctl.c,v 1.240 2011/06/02 22:03:30 sthen Exp $ */
+/* $OpenBSD: pf_ioctl.c,v 1.239 2011/04/19 21:58:03 chl Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1067,6 +1067,10 @@ pfioctl(dev_t dev, u_long cmd, caddr_t a
error = EINVAL;
if (rule->rt && !rule->direction)
error = EINVAL;
+ if ((rule->prio[0] != PF_PRIO_NOTSET && rule->prio[0] >
+ IFQ_MAXPRIO) || (rule->prio[1] != PF_PRIO_NOTSET &&
+ rule->prio[1] > IFQ_MAXPRIO))
+ error = EINVAL;
if (error) {
pf_rm_rule(NULL, rule);
@@ -2595,6 +2599,8 @@ pf_rule_copyin(struct pf_rule *from, str
to->divert.port = from->divert.port;
to->divert_packet.addr = from->divert_packet.addr;
to->divert_packet.port = from->divert_packet.port;
+ to->prio[0] = from->prio[0];
+ to->prio[1] = from->prio[1];
return (0);
}
Index: sys/net/pfvar.h
===================================================================
RCS file: /cvs/src/sys/net/pfvar.h,v
retrieving revision 1.339
diff -u -p -r1.339 pfvar.h
--- sys/net/pfvar.h 7 Jul 2011 20:46:37 -0000 1.339
+++ sys/net/pfvar.h 8 Jul 2011 02:13:14 -0000
@@ -525,11 +525,12 @@ struct pf_rule_actions {
u_int16_t qid;
u_int16_t pqid;
u_int16_t max_mss;
+ u_int16_t flags;
u_int8_t log;
u_int8_t set_tos;
u_int8_t min_ttl;
- u_int8_t pad[1];
- u_int16_t flags;
+ u_int8_t prio[2];
+ u_int8_t pad[3];
};
union pf_rule_ptr {
@@ -645,7 +646,9 @@ struct pf_rule {
#define PF_FLUSH 0x01
#define PF_FLUSH_GLOBAL 0x02
u_int8_t flush;
- u_int8_t pad2[3];
+#define PF_PRIO_NOTSET 0xff
+ u_int8_t prio[2];
+ u_int8_t pad;
struct {
struct pf_addr addr;
@@ -840,6 +843,8 @@ struct pf_state {
u_int8_t min_ttl;
u_int8_t set_tos;
u_int16_t max_mss;
+ u_int8_t prio[2];
+ u_int8_t pad2[2];
};
/*
Index: sys/sys/mbuf.h
===================================================================
RCS file: /cvs/src/sys/sys/mbuf.h,v
retrieving revision 1.154
diff -u -p -r1.154 mbuf.h
--- sys/sys/mbuf.h 17 Jun 2011 23:45:19 -0000 1.154
+++ sys/sys/mbuf.h 8 Jul 2011 02:13:14 -0000
@@ -82,6 +82,8 @@ struct pkthdr_pf {
u_int16_t tag; /* tag id */
u_int8_t flags;
u_int8_t routed;
+ u_int8_t prio;
+ u_int8_t pad[3];
};
/* pkthdr_pf.flags */
