Sat Nov 26 23:11:19 2011 UTC ()
Add _npf_config_setsubmit() function.


(rmind)
diff -r1.3 -r1.4 src/lib/libnpf/npf.c
diff -r1.2 -r1.3 src/lib/libnpf/npf.h
cvs diff -r1.3 -r1.4 src/lib/libnpf/npf.c (expand / switch to unified diff)

--- src/lib/libnpf/npf.c 2011/11/04 01:00:28 1.3
+++ src/lib/libnpf/npf.c 2011/11/26 23:11:19 1.4
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: npf.c,v 1.3 2011/11/04 01:00:28 zoltan Exp $ */ 1/* $NetBSD: npf.c,v 1.4 2011/11/26 23:11:19 rmind Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2010-2011 The NetBSD Foundation, Inc. 4 * Copyright (c) 2010-2011 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This material is based upon work partially supported by The 7 * This material is based upon work partially supported by The
8 * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. 8 * NetBSD Foundation under a contract with Mindaugas Rasiukevicius.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions 11 * modification, are permitted provided that the following conditions
12 * are met: 12 * are met:
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
@@ -20,50 +20,52 @@ @@ -20,50 +20,52 @@
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE. 29 * POSSIBILITY OF SUCH DAMAGE.
30 */ 30 */
31 31
32#include <sys/cdefs.h> 32#include <sys/cdefs.h>
33__KERNEL_RCSID(0, "$NetBSD: npf.c,v 1.3 2011/11/04 01:00:28 zoltan Exp $"); 33__KERNEL_RCSID(0, "$NetBSD: npf.c,v 1.4 2011/11/26 23:11:19 rmind Exp $");
34 34
35#include <sys/types.h> 35#include <sys/types.h>
36#include <netinet/in_systm.h> 36#include <netinet/in_systm.h>
37#include <netinet/in.h> 37#include <netinet/in.h>
38#include <prop/proplib.h> 38#include <prop/proplib.h>
39 39
40#include <stdlib.h> 40#include <stdlib.h>
41#include <string.h> 41#include <string.h>
42#include <errno.h> 42#include <errno.h>
43#include <err.h> 43#include <err.h>
44 44
45#define _NPF_PRIVATE 45#define _NPF_PRIVATE
46#include "npf.h" 46#include "npf.h"
47 47
48struct nl_config { 48struct nl_config {
49 /* Rules, translations, tables, procedures. */ 49 /* Rules, translations, tables, procedures. */
50 prop_array_t ncf_rules_list; 50 prop_array_t ncf_rules_list;
51 prop_array_t ncf_rproc_list; 51 prop_array_t ncf_rproc_list;
52 prop_array_t ncf_table_list; 52 prop_array_t ncf_table_list;
53 prop_array_t ncf_nat_list; 53 prop_array_t ncf_nat_list;
54 /* Priority counters. */ 54 /* Priority counters. */
55 pri_t ncf_rule_pri; 55 pri_t ncf_rule_pri;
56 pri_t ncf_nat_pri; 56 pri_t ncf_nat_pri;
 57 /* Custom file to externalise property-list. */
 58 const char * ncf_plist;
57}; 59};
58 60
59struct nl_rule { 61struct nl_rule {
60 prop_dictionary_t nrl_dict; 62 prop_dictionary_t nrl_dict;
61}; 63};
62 64
63struct nl_rproc { 65struct nl_rproc {
64 prop_dictionary_t nrp_dict; 66 prop_dictionary_t nrp_dict;
65}; 67};
66 68
67struct nl_table { 69struct nl_table {
68 prop_dictionary_t ntl_dict; 70 prop_dictionary_t ntl_dict;
69}; 71};
@@ -79,66 +81,76 @@ npf_config_create(void) @@ -79,66 +81,76 @@ npf_config_create(void)
79 81
80 ncf = malloc(sizeof(nl_config_t)); 82 ncf = malloc(sizeof(nl_config_t));
81 if (ncf == NULL) { 83 if (ncf == NULL) {
82 return NULL; 84 return NULL;
83 } 85 }
84 ncf->ncf_rules_list = prop_array_create(); 86 ncf->ncf_rules_list = prop_array_create();
85 ncf->ncf_rproc_list = prop_array_create(); 87 ncf->ncf_rproc_list = prop_array_create();
86 ncf->ncf_table_list = prop_array_create(); 88 ncf->ncf_table_list = prop_array_create();
87 ncf->ncf_nat_list = prop_array_create(); 89 ncf->ncf_nat_list = prop_array_create();
88 90
89 ncf->ncf_rule_pri = 1; 91 ncf->ncf_rule_pri = 1;
90 ncf->ncf_nat_pri = 1; 92 ncf->ncf_nat_pri = 1;
91 93
 94 ncf->ncf_plist = NULL;
 95
92 return ncf; 96 return ncf;
93} 97}
94 98
95int 99int
96npf_config_submit(nl_config_t *ncf, int fd) 100npf_config_submit(nl_config_t *ncf, int fd)
97{ 101{
98 prop_dictionary_t npf_dict; 102 prop_dictionary_t npf_dict;
 103 const char *plist = ncf->ncf_plist;
99 int error = 0; 104 int error = 0;
100 105
101 npf_dict = prop_dictionary_create(); 106 npf_dict = prop_dictionary_create();
102 if (npf_dict == NULL) { 107 if (npf_dict == NULL) {
103 return ENOMEM; 108 return ENOMEM;
104 } 109 }
105 prop_dictionary_set(npf_dict, "rules", ncf->ncf_rules_list); 110 prop_dictionary_set(npf_dict, "rules", ncf->ncf_rules_list);
106 prop_dictionary_set(npf_dict, "rprocs", ncf->ncf_rproc_list); 111 prop_dictionary_set(npf_dict, "rprocs", ncf->ncf_rproc_list);
107 prop_dictionary_set(npf_dict, "tables", ncf->ncf_table_list); 112 prop_dictionary_set(npf_dict, "tables", ncf->ncf_table_list);
108 prop_dictionary_set(npf_dict, "translation", ncf->ncf_nat_list); 113 prop_dictionary_set(npf_dict, "translation", ncf->ncf_nat_list);
109 114
110#ifndef _NPF_TESTING 115 if (plist) {
111 error = prop_dictionary_send_ioctl(npf_dict, fd, IOC_NPF_RELOAD); 116 if (!prop_dictionary_externalize_to_file(npf_dict, plist)) {
112#else 117 error = errno;
113 if (!prop_dictionary_externalize_to_file(npf_dict, "./npf.plist")) { 118 }
114 error = errno; 119 } else {
 120 error = prop_dictionary_send_ioctl(npf_dict, fd, IOC_NPF_RELOAD);
115 } 121 }
116#endif 
117 prop_object_release(npf_dict); 122 prop_object_release(npf_dict);
118 return error; 123 return error;
119} 124}
120 125
121void 126void
122npf_config_destroy(nl_config_t *ncf) 127npf_config_destroy(nl_config_t *ncf)
123{ 128{
124 129
125 prop_object_release(ncf->ncf_rules_list); 130 prop_object_release(ncf->ncf_rules_list);
126 prop_object_release(ncf->ncf_rproc_list); 131 prop_object_release(ncf->ncf_rproc_list);
127 prop_object_release(ncf->ncf_table_list); 132 prop_object_release(ncf->ncf_table_list);
128 prop_object_release(ncf->ncf_nat_list); 133 prop_object_release(ncf->ncf_nat_list);
129 free(ncf); 134 free(ncf);
130} 135}
131 136
 137void
 138_npf_config_setsubmit(nl_config_t *ncf, const char *plist_file)
 139{
 140
 141 ncf->ncf_plist = plist_file;
 142}
 143
132static bool 144static bool
133_npf_prop_array_lookup(prop_array_t array, const char *key, const char *name) 145_npf_prop_array_lookup(prop_array_t array, const char *key, const char *name)
134{ 146{
135 prop_dictionary_t dict; 147 prop_dictionary_t dict;
136 prop_object_iterator_t it; 148 prop_object_iterator_t it;
137 149
138 it = prop_array_iterator(array); 150 it = prop_array_iterator(array);
139 while ((dict = prop_object_iterator_next(it)) != NULL) { 151 while ((dict = prop_object_iterator_next(it)) != NULL) {
140 const char *lname; 152 const char *lname;
141 prop_dictionary_get_cstring_nocopy(dict, key, &lname); 153 prop_dictionary_get_cstring_nocopy(dict, key, &lname);
142 if (strcmp(name, lname) == 0) 154 if (strcmp(name, lname) == 0)
143 break; 155 break;
144 } 156 }
cvs diff -r1.2 -r1.3 src/lib/libnpf/npf.h (expand / switch to unified diff)

--- src/lib/libnpf/npf.h 2011/11/04 01:00:28 1.2
+++ src/lib/libnpf/npf.h 2011/11/26 23:11:19 1.3
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: npf.h,v 1.2 2011/11/04 01:00:28 zoltan Exp $ */ 1/* $NetBSD: npf.h,v 1.3 2011/11/26 23:11:19 rmind Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2011 The NetBSD Foundation, Inc. 4 * Copyright (c) 2011 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This material is based upon work partially supported by The 7 * This material is based upon work partially supported by The
8 * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. 8 * NetBSD Foundation under a contract with Mindaugas Rasiukevicius.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions 11 * modification, are permitted provided that the following conditions
12 * are met: 12 * are met:
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
@@ -53,26 +53,29 @@ typedef struct nl_table nl_table_t; @@ -53,26 +53,29 @@ typedef struct nl_table nl_table_t;
53 53
54typedef struct nl_rule nl_nat_t; 54typedef struct nl_rule nl_nat_t;
55 55
56#define NPF_CODE_NCODE 1 56#define NPF_CODE_NCODE 1
57#define NPF_CODE_BPF 2 57#define NPF_CODE_BPF 2
58 58
59#define NPF_PRI_NEXT (-1) 59#define NPF_PRI_NEXT (-1)
60 60
61#define NPF_MAX_TABLE_ID (16) 61#define NPF_MAX_TABLE_ID (16)
62 62
63nl_config_t * npf_config_create(void); 63nl_config_t * npf_config_create(void);
64int npf_config_submit(nl_config_t *, int); 64int npf_config_submit(nl_config_t *, int);
65void npf_config_destroy(nl_config_t *); 65void npf_config_destroy(nl_config_t *);
 66#ifdef _NPF_PRIVATE
 67void _npf_config_setsubmit(nl_config_t *, const char *);
 68#endif
66 69
67nl_rule_t * npf_rule_create(const char *, uint32_t, u_int); 70nl_rule_t * npf_rule_create(const char *, uint32_t, u_int);
68int npf_rule_setcode(nl_rule_t *, int, const void *, size_t); 71int npf_rule_setcode(nl_rule_t *, int, const void *, size_t);
69int npf_rule_setproc(nl_config_t *, nl_rule_t *, const char *); 72int npf_rule_setproc(nl_config_t *, nl_rule_t *, const char *);
70bool npf_rule_exists_p(nl_config_t *, const char *); 73bool npf_rule_exists_p(nl_config_t *, const char *);
71int npf_rule_insert(nl_config_t *, nl_rule_t *, nl_rule_t *, pri_t); 74int npf_rule_insert(nl_config_t *, nl_rule_t *, nl_rule_t *, pri_t);
72void npf_rule_destroy(nl_rule_t *); 75void npf_rule_destroy(nl_rule_t *);
73 76
74nl_rproc_t * npf_rproc_create(const char *); 77nl_rproc_t * npf_rproc_create(const char *);
75bool npf_rproc_exists_p(nl_config_t *, const char *); 78bool npf_rproc_exists_p(nl_config_t *, const char *);
76int npf_rproc_insert(nl_config_t *, nl_rproc_t *); 79int npf_rproc_insert(nl_config_t *, nl_rproc_t *);
77 80
78#ifdef _NPF_PRIVATE 81#ifdef _NPF_PRIVATE