4 * Copyright (C) 2012 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
9 * 29/12/94 Added code from Marc Huber <huber@fzi.de> to allow it to allocate
10 * its own major char number! Way cool patch!
12 #include <sys/types.h>
16 #include <sys/socket.h>
18 #include <sys/syslog.h>
21 #include <sys/param.h>
22 #include <sys/errno.h>
24 #include <sys/vnode.h>
25 #include <sundev/mbvar.h>
26 #include <sun/autoconf.h>
27 #include <sun/vddrv.h>
28 #if defined(sun4c) || defined(sun4m)
29 # include <sun/openprom.h>
31 #include <netinet/in.h>
32 #include <netinet/in_systm.h>
33 #include <netinet/ip.h>
34 #include <netinet/ip_var.h>
35 #include <netinet/tcp.h>
36 #include <netinet/tcpip.h>
39 #include "ip_compat.h"
44 static const char sccsid[] = "@(#)mls_ipl.c 2.6 10/15/95 (C) 1993-2000 Darren Reed";
45 static const char rcsid[] = "@(#)$Id$";
48 extern int ipfdetach __P((void));
50 #define ipfread nulldev
52 extern int nulldev __P((void));
55 extern int nodev __P((void));
57 static int unload __P((void));
58 static int ipf_attach __P((void));
59 int xxxinit __P((u_int, struct vddrv *, caddr_t, struct vdstat *));
60 static char *ipf_devfiles[] = { IPL_NAME, IPNAT_NAME, IPSTATE_NAME,
61 IPAUTH_NAME, IPSYNC_NAME, IPSCAN_NAME,
62 IPLOOKUP_NAME, NULL };
63 static int ipfopen __P((dev_t, int));
64 static int ipfclose __P((dev_t, int));
65 static int ipfread __P((dev_t, struct uio *));
66 static int ipfwrite __P((dev_t, struct uio *));
69 struct cdevsw ipfdevsw =
71 ipfopen, ipfclose, ipfread, nulldev,
72 ipfioctl, nulldev, nulldev, nulldev,
77 struct dev_ops ipf_ops =
115 VDMAGIC_PSEUDO, /* magic */
118 &ipf_ops, /* dev_ops */
120 NULL, /* struct mb_ctlr *mb_ctlr */
121 NULL, /* struct mb_driver *mb_driver */
122 NULL, /* struct mb_device *mb_device */
127 &ipfdevsw, /* cdevsw */
133 extern int vd_unuseddev __P((void));
134 extern struct cdevsw cdevsw[];
137 xxxinit(fc, vdp, data, vds)
143 struct vdioctl_load *vdi = (struct vdioctl_load *)data;
150 if (vdi && vdi->vdi_userconf)
151 for (vdc = vdi->vdi_userconf; vdc->vdc_type; vdc++)
152 if (vdc->vdc_type == VDCCHARMAJOR) {
153 ipf_major = vdc->vdc_data;
158 while (ipf_major < nchrdev &&
159 cdevsw[ipf_major].d_open != vd_unuseddev)
161 if (ipf_major == nchrdev)
164 vdp->vdd_vdtab = (struct vdlinkage *)&vd;
165 vd.Drv_charmajor = ipf_major;
186 else if (ipf_running >= 0)
192 for (i = 0; (name = ipf_devfiles[i]); i++)
193 (void) vn_remove(name, UIO_SYSSPACE, FILE);
194 printf("%s unloaded\n", ipfilter_version);
204 int error = 0, fmode = S_IFCHR|0600, i;
211 for (i = 0; (name = ipf_devfiles[i]); i++) {
212 (void) vn_remove(name, UIO_SYSSPACE, FILE);
214 vattr.va_type = MFTOVT(fmode);
215 vattr.va_mode = (fmode & 07777);
216 vattr.va_rdev = (ipf_major << 8) | i;
218 error = vn_create(name, UIO_SYSSPACE, &vattr, EXCL, 0, &vp);
220 printf("IP Filter: vn_create(%s) = %d\n", name, error);
230 if (FR_ISPASS(ipf_pass))
232 else if (FR_ISBLOCK(ipf_pass))
235 defpass = "no-match -> block";
237 printf("%s initialized. Default = %s all, Logging = %s%s\n",
238 ipfilter_version, defpass,
244 #ifdef IPFILTER_COMPILED
257 * routines below for saving IP headers to buffer
264 u_int unit = GET_MINOR(dev);
267 if (IPL_LOGMAX < unit) {
297 u_int unit = GET_MINOR(dev);
299 if (IPL_LOGMAX < unit)
309 * both of these must operate with at least splnet() lest they be
310 * called during packet processing and cause an inconsistancy to appear in
316 register struct uio *uio;
319 if (ipf_running < 1) {
320 ipfmain.ipf_interror = 130006;
325 return ipflog_read(GET_MINOR(dev), uio);
327 ipfmain.ipf_interror = 130007;
339 register struct uio *uio;
342 if (ipf_running < 1) {
343 ipfmain.ipf_interror = 130008;
347 if (getminor(dev) == IPL_LOGSYNC)
348 return ipfsync_write(uio);
349 ipfmain.ipf_interror = 130009;