master
1/* $NetBSD: ip_compat.h,v 1.13 2018/05/03 07:01:08 maxv Exp $ */
2
3/*
4 * Copyright (C) 2012 by Darren Reed.
5 *
6 * See the IPFILTER.LICENCE file for details on licencing.
7 *
8 * @(#)ip_compat.h 1.8 1/14/96
9 * Id: ip_compat.h,v 1.1.1.2 2012/07/22 13:45:09 darrenr Exp
10 */
11
12#ifndef _NETINET_IP_COMPAT_H_
13#define _NETINET_IP_COMPAT_H_
14
15#ifndef __STDC__
16# undef const
17# define const
18#endif
19
20#if defined(_KERNEL) || defined(KERNEL) || defined(__KERNEL__)
21# undef KERNEL
22# undef _KERNEL
23# undef __KERNEL__
24# define KERNEL
25# define _KERNEL
26# define __KERNEL__
27#endif
28
29# if (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
30# define SOLARIS 1
31# else
32# define SOLARIS 0
33# endif
34#if (defined(SOLARIS2) && (SOLARIS2 >= 8))
35# ifndef USE_INET6
36# define USE_INET6
37# endif
38#endif
39#if defined(__FreeBSD_version) && (__FreeBSD_version >= 400000) && \
40 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6)
41# define USE_INET6
42#endif
43#if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105000000) && \
44 !defined(_KERNEL) && !defined(USE_INET6) && !defined(NOINET6)
45# define USE_INET6
46#endif
47#if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106140000) && \
48 defined(_KERNEL) && \
49 (!defined(IPFILTER_LKM) || (__NetBSD_Version__ >= 399000100))
50# define IPFILTER_M_IPFILTER
51#endif
52#if !defined(USE_INET6)
53# if defined(OpenBSD) && (OpenBSD >= 200206) && \
54 !defined(_KERNEL) && !defined(USE_INET6)
55# define USE_INET6
56# endif
57# if defined(__osf__)
58# define USE_INET6 1
59# endif
60# if defined(linux) && (!defined(_KERNEL) || defined(CONFIG_IPV6))
61# define USE_INET6
62# endif
63# if defined(HPUXREV) && (HPUXREV >= 1111)
64# define USE_INET6
65# endif
66#endif
67
68#if defined(BSD) && (BSD < 199103) && defined(__osf__)
69# undef BSD
70# define BSD 199103
71#endif
72
73#if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
74# define index strchr
75# if !defined(_KERNEL)
76# define bzero(a,b) memset(a,0,b)
77# define bcmp memcmp
78# define bcopy(a,b,c) memmove(b,a,c)
79# endif
80#endif
81
82#ifndef LIFNAMSIZ
83# ifdef IF_NAMESIZE
84# define LIFNAMSIZ IF_NAMESIZE
85# else
86# ifdef IFNAMSIZ
87# define LIFNAMSIZ IFNAMSIZ
88# else
89# define LIFNAMSIZ 16
90# endif
91# endif
92#endif
93
94#if defined(__sgi) || defined(bsdi) || defined(__hpux) || defined(hpux)
95struct ether_addr {
96 u_char ether_addr_octet[6];
97};
98#endif
99
100#if defined(__sgi) && !defined(IPFILTER_LKM)
101# ifdef __STDC__
102# define IPL_EXTERN(ep) ipfilter##ep
103# else
104# define IPL_EXTERN(ep) ipfilter/**/ep
105# endif
106#else
107# ifdef __STDC__
108# define IPL_EXTERN(ep) ipl##ep
109# else
110# define IPL_EXTERN(ep) ipl/**/ep
111# endif
112#endif
113
114/*
115 * This is a workaround for <sys/uio.h> troubles on FreeBSD and OpenBSD.
116 */
117#ifndef linux
118# ifndef _KERNEL
119# define ADD_KERNEL
120# define _KERNEL
121# define KERNEL
122# endif
123# ifdef __OpenBSD__
124struct file;
125# endif
126# include <sys/uio.h>
127# ifdef ADD_KERNEL
128# undef _KERNEL
129# undef KERNEL
130# endif
131#endif
132
133# define NETBSD_GE_REV(x) (__NetBSD_Version__ >= (x))
134# define NETBSD_GT_REV(x) (__NetBSD_Version__ > (x))
135# define NETBSD_LT_REV(x) (__NetBSD_Version__ < (x))
136
137# define FREEBSD_GE_REV(x) 0
138# define FREEBSD_GT_REV(x) 0
139# define FREEBSD_LT_REV(x) 0
140
141# define BSDOS_GE_REV(x) 0
142# define BSDOS_GT_REV(x) 0
143# define BSDOS_LT_REV(x) 0
144
145# define OPENBSD_GE_REV(x) 0
146# define OPENBSD_GT_REV(x) 0
147# define OPENBSD_LT_REV(x) 0
148
149# define BSD_GE_YEAR(x) (BSD >= (x))
150# define BSD_GT_YEAR(x) (BSD > (x))
151# define BSD_LT_YEAR(x) (BSD < (x))
152
153
154/* ----------------------------------------------------------------------- */
155/* N E T B S D */
156/* ----------------------------------------------------------------------- */
157#ifdef __NetBSD__
158# define HAS_SYS_MD5_H 1
159# if (NetBSD >= 199905) && !defined(IPFILTER_LKM) && defined(_KERNEL)
160# if (__NetBSD_Version__ < 399001400)
161# include "opt_ipfilter_log.h"
162# else
163# if (__NetBSD_Version__ >= 799003000)
164# if defined(_KERNEL_OPT)
165# include "opt_ipfilter.h"
166# endif
167# else
168# include "opt_ipfilter.h"
169# endif
170# endif
171# endif
172# if defined(_KERNEL)
173# include <sys/systm.h>
174# include <sys/malloc.h>
175# if (__NetBSD_Version__ > 500000000)
176# include <sys/kauth.h>
177# endif
178# else
179# include <stddef.h>
180# include <stdbool.h>
181# endif
182# if defined(_KERNEL) && !defined(IPFILTER_LKM)
183# if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 599002300)
184# define NBPFILTER 1
185# else
186# include "bpfilter.h"
187# endif
188# if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000)
189# if (__NetBSD_Version__ >= 799003000)
190# if defined(_KERNEL_OPT)
191# include "opt_inet.h"
192# endif
193# else
194# include "opt_inet.h"
195# endif
196# endif
197# ifdef INET6
198# define USE_INET6
199# endif
200# if (__NetBSD_Version__ >= 105000000)
201# define HAVE_M_PULLDOWN 1
202# endif
203# endif
204
205#ifndef _KERNEL
206# define ipf_random arc4random
207#endif
208
209# if (__NetBSD_Version__ >= 499000000)
210# ifdef _KERNEL
211# include <sys/rwlock.h>
212# define USE_MUTEXES 1
213# define KMUTEX_T kmutex_t
214# define KRWLOCK_T krwlock_t
215# define MUTEX_DESTROY(x) mutex_destroy(&(x)->ipf_lk)
216# define MUTEX_DOWNGRADE(x) rw_downgrade(&(x)->ipf_lk)
217# define MUTEX_ENTER(x) mutex_enter(&(x)->ipf_lk)
218# define MUTEX_EXIT(x) mutex_exit(&(x)->ipf_lk)
219# define MUTEX_INIT(x,y) mutex_init(&(x)->ipf_lk, MUTEX_DRIVER,\
220 IPL_SOFTNET)
221# define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
222# define READ_ENTER(x) rw_enter(&(x)->ipf_lk, RW_READER)
223# define RWLOCK_INIT(x, y) rw_init(&(x)->ipf_lk)
224# define RWLOCK_EXIT(x) rw_exit(&(x)->ipf_lk)
225# define RW_DESTROY(x) rw_destroy(&(x)->ipf_lk)
226# define WRITE_ENTER(x) rw_enter(&(x)->ipf_lk, RW_WRITER)
227# define SPL_SCHED(x) ;
228# define SPL_NET(x) ;
229# define SPL_IMP(x) ;
230# define SPL_X(x) ;
231# endif
232# endif
233
234#if (__NetBSD_Version__ >= 699000000)
235# define HAVE_RBTREE 1
236#endif
237
238# ifdef _KERNEL
239# include <sys/cprng.h>
240# if (__NetBSD_Version__ >= 399001400)
241# include <sys/selinfo.h> /* Not in NetBSD 3.1 */
242# define PROC_T struct lwp
243# define KFREE(a) free((a), _M_IPF)
244# define KFREES(a, b) free((a), _M_IPF)
245# define KMALLOC(a, b) (a) = (b)malloc(sizeof (*(a)), \
246 _M_IPF, M_NOWAIT)
247# define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT)
248# else
249# define PROC_T struct proc
250# endif
251# define MSGDSIZE(m) mbufchainlen(m)
252# define M_LEN(m) (m)->m_len
253# define M_ADJ(m,x) m_adj(m, x)
254# define M_COPY(x) m_copym((x), 0, M_COPYALL, M_DONTWAIT)
255# define GETKTIME(x) microtime((struct timeval *)x)
256# define IPF_PANIC(x,y) if (x) { printf y; panic("ipf_panic"); }
257# define COPYIN(a,b,c) copyin((void *)(a), (void *)(b), (c))
258# define COPYOUT(a,b,c) copyout((void *)(a), (void *)(b), (c))
259# define BCOPYIN(a,b,c) (bcopy((void *)(a), (void *)(b), (c)), 0)
260# define BCOPYOUT(a,b,c) (bcopy((void *)(a), (void *)(b), (c)), 0)
261# if (defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 499004900))
262# define POLLWAKEUP(x) selnotify(softc->ipf_selwait+x, 0, 0)
263# endif
264# define ASSERT(x) KASSERT(x)
265typedef struct mbuf mb_t;
266# endif /* _KERNEL */
267# if (NetBSD <= 1991011) && (NetBSD >= 199606)
268# define IFNAME(x) ((struct ifnet *)x)->if_xname
269# define COPYIFNAME(v, x, b) \
270 (void) strncpy(b, \
271 ((struct ifnet *)x)->if_xname, \
272 LIFNAMSIZ)
273# else
274# define IFNAME(x) ((struct ifnet *)x)->if_name
275# endif
276typedef struct uio uio_t;
277typedef u_long ioctlcmd_t;
278typedef int minor_t;
279typedef u_int32_t u_32_t;
280# define U_32_T 1
281
282# define OS_RECOGNISED 1
283#endif /* __NetBSD__ */
284
285/* ----------------------------------------------------------------------- */
286/* G E N E R I C */
287/* ----------------------------------------------------------------------- */
288
289/*
290 * For BSD kernels, if bpf is in the kernel, enable ipfilter to use bpf in
291 * filter rules.
292 */
293#if !defined(IPFILTER_BPF)
294# if (defined(NBPF) && (NBPF > 0)) || (defined(DEV_BPF) && (DEV_BPF > 0)) || \
295 (defined(NBPFILTER) && (NBPFILTER > 0))
296# define IPFILTER_BPF
297# endif
298#endif
299
300/*
301 * Userland locking primitives
302 */
303#if !defined(KMUTEX_FILL_SZ)
304# define KMUTEX_FILL_SZ 1
305#endif
306#if !defined(KRWLOCK_FILL_SZ)
307# define KRWLOCK_FILL_SZ 1
308#endif
309
310typedef struct {
311 char *eMm_owner;
312 char *eMm_heldin;
313 u_int eMm_magic;
314 int eMm_held;
315 int eMm_heldat;
316} eMmutex_t;
317
318typedef struct {
319 char *eMrw_owner;
320 char *eMrw_heldin;
321 u_int eMrw_magic;
322 short eMrw_read;
323 short eMrw_write;
324 int eMrw_heldat;
325} eMrwlock_t;
326
327typedef union {
328 char _fill[KMUTEX_FILL_SZ];
329#ifdef KMUTEX_T
330 struct {
331 KMUTEX_T ipf_slk;
332 const char *ipf_lname;
333 } ipf_lkun_s;
334#endif
335 eMmutex_t ipf_emu;
336} ipfmutex_t;
337
338typedef union {
339 char _fill[KRWLOCK_FILL_SZ];
340#ifdef KRWLOCK_T
341 struct {
342 KRWLOCK_T ipf_slk;
343 const char *ipf_lname;
344 int ipf_sr;
345 int ipf_sw;
346 u_int ipf_magic;
347 } ipf_lkun_s;
348#endif
349 eMrwlock_t ipf_emu;
350} ipfrwlock_t;
351
352#define ipf_lk ipf_lkun_s.ipf_slk
353#define ipf_lname ipf_lkun_s.ipf_lname
354#define ipf_isr ipf_lkun_s.ipf_sr
355#define ipf_isw ipf_lkun_s.ipf_sw
356#define ipf_magic ipf_lkun_s.ipf_magic
357
358#if !defined(__GNUC__) || \
359 (defined(__FreeBSD_version) && (__FreeBSD_version >= 503000))
360# ifndef INLINE
361# define INLINE
362# endif
363#else
364# define INLINE __inline__
365#endif
366
367#ifndef EXTERN_INLINE
368# if defined(__GNUC__) && !defined(__GNUC_STDC_INLINE__)
369# define EXTERN_INLINE inline
370# else
371# define EXTERN_INLINE extern inline
372# endif
373#endif
374
375#if defined(linux) && defined(_KERNEL)
376extern void ipf_read_enter(ipfrwlock_t *);
377extern void ipf_write_enter(ipfrwlock_t *);
378extern void ipf_rw_exit(ipfrwlock_t *);
379extern void ipf_rw_init(ipfrwlock_t *, char *);
380extern void ipf_rw_downgrade(ipfrwlock_t *);
381#endif
382
383/*
384 * In a non-kernel environment, there are a lot of macros that need to be
385 * filled in to be null-ops or to point to some compatibility function,
386 * somewhere in userland.
387 */
388#ifndef _KERNEL
389typedef struct mb_s {
390 struct mb_s *mb_next;
391 char *mb_data;
392 void *mb_ifp;
393 int mb_len;
394 int mb_flags;
395 u_long mb_buf[2048];
396} mb_t;
397# undef m_next
398# define m_next mb_next
399# undef m_len
400# define m_len mb_len
401# undef m_flags
402# define m_flags mb_flags
403# undef m_data
404# define m_data mb_data
405# undef M_MCAST
406# define M_MCAST 0x01
407# undef M_BCAST
408# define M_BCAST 0x02
409# undef M_MBCAST
410# define M_MBCAST 0x04
411# define MSGDSIZE(m) msgdsize(m)
412# define M_LEN(m) (m)->mb_len
413# define M_ADJ(m,x) (m)->mb_len += x
414# define M_COPY(m) dupmbt(m)
415# define M_DUP(m) dupmbt(m)
416# define GETKTIME(x) gettimeofday((struct timeval *)(x), NULL)
417# define MTOD(m, t) ((t)(m)->mb_data)
418# define FREE_MB_T(m) freembt(m)
419# define ALLOC_MB_T(m,l) (m) = allocmbt(l)
420# define PREP_MB_T(f, m) do { \
421 (m)->mb_next = *(f)->fin_mp; \
422 *(fin)->fin_mp = (m); \
423 (f)->fin_m = (m); \
424 } while (0)
425# define SLEEP(x,y) 1;
426# define WAKEUP(x,y) ;
427# define POLLWAKEUP(y) ;
428# define IPF_PANIC(x,y) ;
429# define PANIC(x,y) ;
430# define SPL_SCHED(x) ;
431# define SPL_NET(x) ;
432# define SPL_IMP(x) ;
433# define SPL_X(x) ;
434# define KMALLOC(a,b) (a) = (b)malloc(sizeof(*a))
435# define KMALLOCS(a,b,c) (a) = (b)malloc(c)
436# define KFREE(x) free(x)
437# define KFREES(x,s) free(x)
438# define GETIFP(x, v) get_unit(x,v)
439# define GETIFMTU_4(x) 2048
440# define GETIFMTU_6(x) 2048
441# define COPYIN(a,b,c) bcopywrap((a), (b), (c))
442# define COPYOUT(a,b,c) bcopywrap((a), (b), (c))
443# define COPYDATA(m, o, l, b) bcopy(MTOD((mb_t *)m, char *) + (o), \
444 (b), (l))
445# define COPYBACK(m, o, l, b) bcopy((b), \
446 MTOD((mb_t *)m, char *) + (o), \
447 (l))
448# define UIOMOVE(a,b,c,d) ipfuiomove(a,b,c,d)
449extern void m_copydata(mb_t *, int, int, void *);
450extern int ipfuiomove(void *, int, int, struct uio *);
451extern int bcopywrap(void *, void *, size_t);
452extern mb_t *allocmbt(size_t);
453extern mb_t *dupmbt(mb_t *);
454extern void freembt(mb_t *);
455
456# define MUTEX_DESTROY(x) eMmutex_destroy(&(x)->ipf_emu, \
457 __FILE__, __LINE__)
458# define MUTEX_ENTER(x) eMmutex_enter(&(x)->ipf_emu, \
459 __FILE__, __LINE__)
460# define MUTEX_EXIT(x) eMmutex_exit(&(x)->ipf_emu, \
461 __FILE__, __LINE__)
462# define MUTEX_INIT(x,y) eMmutex_init(&(x)->ipf_emu, y, \
463 __FILE__, __LINE__)
464# define MUTEX_NUKE(x) bzero((x), sizeof(*(x)))
465
466# define MUTEX_DOWNGRADE(x) eMrwlock_downgrade(&(x)->ipf_emu, \
467 __FILE__, __LINE__)
468# define READ_ENTER(x) eMrwlock_read_enter(&(x)->ipf_emu, \
469 __FILE__, __LINE__)
470# define RWLOCK_INIT(x, y) eMrwlock_init(&(x)->ipf_emu, y)
471# define RWLOCK_EXIT(x) eMrwlock_exit(&(x)->ipf_emu)
472# define RW_DESTROY(x) eMrwlock_destroy(&(x)->ipf_emu)
473# define WRITE_ENTER(x) eMrwlock_write_enter(&(x)->ipf_emu, \
474 __FILE__, \
475 __LINE__)
476
477# define USE_MUTEXES 1
478
479extern void eMmutex_destroy(eMmutex_t *, char *, int);
480extern void eMmutex_enter(eMmutex_t *, char *, int);
481extern void eMmutex_exit(eMmutex_t *, char *, int);
482extern void eMmutex_init(eMmutex_t *, char *, char *, int);
483extern void eMrwlock_destroy(eMrwlock_t *);
484extern void eMrwlock_exit(eMrwlock_t *);
485extern void eMrwlock_init(eMrwlock_t *, char *);
486extern void eMrwlock_read_enter(eMrwlock_t *, char *, int);
487extern void eMrwlock_write_enter(eMrwlock_t *, char *, int);
488extern void eMrwlock_downgrade(eMrwlock_t *, char *, int);
489
490#endif
491
492extern mb_t *allocmbt(size_t);
493
494#define MAX_IPV4HDR ((0xf << 2) + sizeof(struct icmp) + sizeof(ip_t) + 8)
495
496#ifndef IP_OFFMASK
497# define IP_OFFMASK 0x1fff
498#endif
499
500
501/*
502 * On BSD's use quad_t as a guarantee for getting at least a 64bit sized
503 * object.
504 */
505#if !defined(__amd64__) && BSD_GT_YEAR(199306)
506# define USE_QUAD_T
507# define U_QUAD_T u_quad_t
508# define QUAD_T quad_t
509#else /* BSD > 199306 */
510# if !defined(U_QUAD_T)
511# define U_QUAD_T u_long
512# define QUAD_T long
513# endif
514#endif /* BSD > 199306 */
515
516
517#ifdef USE_INET6
518# if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
519 defined(__osf__) || defined(linux)
520# include <netinet/ip6.h>
521# include <netinet/icmp6.h>
522# if !defined(linux)
523# if defined(_KERNEL) && !defined(__osf__)
524# include <netinet6/ip6_var.h>
525# endif
526# endif
527typedef struct ip6_hdr ip6_t;
528# endif
529#endif
530
531#ifndef MAX
532# define MAX(a,b) (((a) > (b)) ? (a) : (b))
533#endif
534
535#if defined(_KERNEL)
536# if defined(MENTAT) && !defined(INSTANCES)
537# define COPYDATA mb_copydata
538# define COPYBACK mb_copyback
539# else
540# define COPYDATA m_copydata
541# define COPYBACK m_copyback
542# endif
543# if BSD_GE_YEAR(199306) || defined(__FreeBSD__)
544# if (defined(__NetBSD_Version__) && (__NetBSD_Version__ < 105180000)) || \
545 defined(__FreeBSD__) || (defined(OpenBSD) && (OpenBSD < 200206)) || \
546 defined(_BSDI_VERSION)
547# include <vm/vm.h>
548# endif
549# if !defined(__FreeBSD__) || FREEBSD_GE_REV(300000)
550# if NETBSD_GE_REV(105180000) || OPENBSD_GE_REV(200111)
551/* # include <uvm/uvm_extern.h> */
552# else
553# include <vm/vm_extern.h>
554extern vm_map_t kmem_map;
555# endif
556# include <sys/proc.h>
557# else /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
558# include <vm/vm_kern.h>
559# endif /* !__FreeBSD__ || (__FreeBSD__ && __FreeBSD_version >= 300000) */
560
561# ifdef IPFILTER_M_IPFILTER
562# include <sys/malloc.h>
563MALLOC_DECLARE(M_IPFILTER);
564# define _M_IPF M_IPFILTER
565# else /* IPFILTER_M_IPFILTER */
566# ifdef M_PFIL
567# define _M_IPF M_PFIL
568# else
569# ifdef M_IPFILTER
570# define _M_IPF M_IPFILTER
571# else
572# define _M_IPF M_TEMP
573# endif /* M_IPFILTER */
574# endif /* M_PFIL */
575# endif /* IPFILTER_M_IPFILTER */
576# if !defined(KMALLOC)
577# define KMALLOC(a, b) (a) = (b)malloc(sizeof(*(a)), _M_IPF, M_NOWAIT)
578# endif
579# if !defined(KMALLOCS)
580# define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT)
581# endif
582# if !defined(KFREE)
583# define KFREE(x) free((x), _M_IPF)
584# endif
585# if !defined(KFREES)
586# define KFREES(x,s) free((x), _M_IPF)
587# endif
588# define UIOMOVE(a,b,c,d) uiomove((void *)a,b,d)
589# define SLEEP(id, n) tsleep((id), PPAUSE|PCATCH, n, 0)
590# define WAKEUP(id,x) wakeup(id+x)
591# if !defined(POLLWAKEUP)
592# define POLLWAKEUP(x) selwakeup(softc->ipf_selwait+x)
593# endif
594# define GETIFP(n, v) ifunit(n)
595# define GETIFMTU_4(x) ((struct ifnet *)x)->if_mtu
596# define GETIFMTU_6(x) ((struct ifnet *)x)->if_mtu
597# endif /* (Free)BSD */
598
599# if !defined(USE_MUTEXES) && !defined(SPL_NET)
600# if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199407)) || \
601 OPENBSD_GE_REV(200006)
602# define SPL_NET(x) x = splsoftnet()
603# else
604# define SPL_IMP(x) x = splimp()
605# define SPL_NET(x) x = splnet()
606# endif /* NetBSD && (NetBSD <= 1991011) && (NetBSD >= 199407) */
607# if !defined(SPL_SCHED)
608# define SPL_SCHED(x) x = splsched()
609# endif
610# define SPL_X(x) (void) splx(x)
611# endif /* !USE_MUTEXES */
612
613# ifndef FREE_MB_T
614# define FREE_MB_T(m) m_freem(m)
615# endif
616# ifndef ALLOC_MB_T
617# ifdef MGETHDR
618# define ALLOC_MB_T(m,l) do { \
619 MGETHDR((m), M_DONTWAIT, MT_HEADER); \
620 if ((m) != NULL) { \
621 (m)->m_len = (l); \
622 (m)->m_pkthdr.len = (l); \
623 } \
624 } while (0)
625# else
626# define ALLOC_MB_T(m,l) do { \
627 MGET((m), M_DONTWAIT, MT_HEADER); \
628 if ((m) != NULL) { \
629 (m)->m_len = (l); \
630 (m)->m_pkthdr.len = (l); \
631 } \
632 } while (0)
633# endif
634# endif
635# ifndef PREP_MB_T
636# define PREP_MB_T(f, m) do { \
637 mb_t *_o = *(f)->fin_mp; \
638 (m)->m_next = _o; \
639 *(fin)->fin_mp = (m); \
640 if (_o->m_flags & M_PKTHDR) { \
641 (m)->m_pkthdr.len += \
642 _o->m_pkthdr.len; \
643 m_copy_rcvif((m), _o); \
644 } \
645 } while (0)
646# endif
647# ifndef M_DUP
648# ifdef M_COPYALL
649# define M_DUP(m) m_dup(m, 0, M_COPYALL, 0)
650# else
651# define M_DUP(m) m_dup(m)
652# endif
653# endif
654
655# ifndef MTOD
656# define MTOD(m,t) mtod(m,t)
657# endif
658
659# ifndef COPYIN
660# define COPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
661# define COPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
662# endif
663
664# ifndef KMALLOC
665# define KMALLOC(a,b) (a) = (b)new_kmem_alloc(sizeof(*(a)), \
666 KMEM_NOSLEEP)
667# define KMALLOCS(a,b,c) (a) = (b)new_kmem_alloc((c), KMEM_NOSLEEP)
668# endif
669
670# ifndef GET_MINOR
671# define GET_MINOR(x) minor(x)
672# endif
673# define PANIC(x,y) if (x) panic y
674#endif /* _KERNEL */
675
676#if !defined(IFNAME) && !defined(_KERNEL)
677# define IFNAME(x) get_ifname((struct ifnet *)x)
678#endif
679#ifndef COPYIFNAME
680# define NEED_FRGETIFNAME
681extern char *ipf_getifname(struct ifnet *, char *);
682# define COPYIFNAME(v, x, b) \
683 ipf_getifname((struct ifnet *)x, b)
684#endif
685
686#ifndef ASSERT
687# ifdef _KERNEL
688# define ASSERT(x)
689# else
690# define ASSERT(x) do { if (!(x)) abort(); } while (0)
691# endif
692#endif
693
694#ifndef BCOPYIN
695# define BCOPYIN(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
696# define BCOPYOUT(a,b,c) (bcopy((caddr_t)(a), (caddr_t)(b), (c)), 0)
697#endif
698
699/*
700 * Because the ctype(3) posix definition, if used "safely" in code everywhere,
701 * would mean all normal code that walks through strings needed casts. Yuck.
702 */
703#define ISALNUM(x) isalnum((u_char)(x))
704#define ISALPHA(x) isalpha((u_char)(x))
705#define ISDIGIT(x) isdigit((u_char)(x))
706#define ISSPACE(x) isspace((u_char)(x))
707#define ISUPPER(x) isupper((u_char)(x))
708#define ISXDIGIT(x) isxdigit((u_char)(x))
709#define ISLOWER(x) islower((u_char)(x))
710#define TOUPPER(x) toupper((u_char)(x))
711#define TOLOWER(x) tolower((u_char)(x))
712
713/*
714 * If mutexes aren't being used, turn all the mutex functions into null-ops.
715 */
716#if !defined(USE_MUTEXES)
717# define USE_SPL 1
718# undef RW_DESTROY
719# undef MUTEX_INIT
720# undef MUTEX_NUKE
721# undef MUTEX_DESTROY
722# define MUTEX_ENTER(x) ;
723# define READ_ENTER(x) ;
724# define WRITE_ENTER(x) ;
725# define MUTEX_DOWNGRADE(x) ;
726# define RWLOCK_INIT(x, y) ;
727# define RWLOCK_EXIT(x) ;
728# define RW_DESTROY(x) ;
729# define MUTEX_EXIT(x) ;
730# define MUTEX_INIT(x,y) ;
731# define MUTEX_DESTROY(x) ;
732# define MUTEX_NUKE(x) ;
733#endif /* !USE_MUTEXES */
734#ifndef ATOMIC_INC
735# define ATOMIC_INC(x) (x)++
736# define ATOMIC_DEC(x) (x)--
737#endif
738
739#if defined(USE_SPL) && defined(_KERNEL)
740# define SPL_INT(x) int x
741#else
742# define SPL_INT(x)
743#endif
744
745/*
746 * If there are no atomic operations for bit sizes defined, define them to all
747 * use a generic one that works for all sizes.
748 */
749#ifndef ATOMIC_INCL
750# define ATOMIC_INCL ATOMIC_INC
751# define ATOMIC_INC64 ATOMIC_INC
752# define ATOMIC_INC32 ATOMIC_INC
753# define ATOMIC_DECL ATOMIC_DEC
754# define ATOMIC_DEC64 ATOMIC_DEC
755# define ATOMIC_DEC32 ATOMIC_DEC
756#endif
757
758#ifndef HDR_T_PRIVATE
759typedef struct tcphdr tcphdr_t;
760typedef struct udphdr udphdr_t;
761#endif
762typedef struct icmp icmphdr_t;
763typedef struct ip ip_t;
764typedef struct ether_header ether_header_t;
765
766#ifndef FR_GROUPLEN
767# define FR_GROUPLEN 16
768#endif
769
770#ifndef offsetof
771# define offsetof(t,m) (size_t)((&((t *)0L)->m))
772#endif
773#ifndef stsizeof
774# define stsizeof(t,m) sizeof(((t *)0L)->m)
775#endif
776
777/*
778 * This set of macros has been brought about because on Tru64 it is not
779 * possible to easily assign or examine values in a structure that are
780 * bit fields.
781 */
782#ifndef IP_V
783# define IP_V(x) (x)->ip_v
784#endif
785#ifndef IP_V_A
786# define IP_V_A(x,y) (x)->ip_v = (y)
787#endif
788#ifndef IP_HL
789# define IP_HL(x) (x)->ip_hl
790#endif
791#ifndef IP_HL_A
792# define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf)
793#endif
794#ifndef TCP_X2
795# define TCP_X2(x) (x)->th_x2
796#endif
797#ifndef TCP_X2_A
798# define TCP_X2_A(x,y) (x)->th_x2 = (y)
799#endif
800#ifndef TCP_OFF
801# define TCP_OFF(x) (x)->th_off
802#endif
803#ifndef TCP_OFF_A
804# define TCP_OFF_A(x,y) (x)->th_off = (y)
805#endif
806#define IPMINLEN(i, h) ((i)->ip_len >= (IP_HL(i) * 4 + sizeof(struct h)))
807
808
809/*
810 * XXX - This is one of those *awful* hacks which nobody likes
811 */
812#ifdef ultrix
813#define A_A
814#else
815#define A_A &
816#endif
817
818#define TCPF_ALL (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|\
819 TH_ECN|TH_CWR)
820
821#if BSD_GE_YEAR(199306) && !defined(m_act)
822# define m_act m_nextpkt
823#endif
824
825/*
826 * Security Options for Intenet Protocol (IPSO) as defined in RFC 1108.
827 *
828 * Basic Option
829 *
830 * 00000001 - (Reserved 4)
831 * 00111101 - Top Secret
832 * 01011010 - Secret
833 * 10010110 - Confidential
834 * 01100110 - (Reserved 3)
835 * 11001100 - (Reserved 2)
836 * 10101011 - Unclassified
837 * 11110001 - (Reserved 1)
838 */
839#define IPSO_CLASS_RES4 0x01
840#define IPSO_CLASS_TOPS 0x3d
841#define IPSO_CLASS_SECR 0x5a
842#define IPSO_CLASS_CONF 0x96
843#define IPSO_CLASS_RES3 0x66
844#define IPSO_CLASS_RES2 0xcc
845#define IPSO_CLASS_UNCL 0xab
846#define IPSO_CLASS_RES1 0xf1
847
848#define IPSO_AUTH_GENSER 0x80
849#define IPSO_AUTH_ESI 0x40
850#define IPSO_AUTH_SCI 0x20
851#define IPSO_AUTH_NSA 0x10
852#define IPSO_AUTH_DOE 0x08
853#define IPSO_AUTH_UN 0x06
854#define IPSO_AUTH_FTE 0x01
855
856/*
857 * IP option #defines
858 */
859#undef IPOPT_RR
860#define IPOPT_RR 7
861#undef IPOPT_ZSU
862#define IPOPT_ZSU 10 /* ZSU */
863#undef IPOPT_MTUP
864#define IPOPT_MTUP 11 /* MTUP */
865#undef IPOPT_MTUR
866#define IPOPT_MTUR 12 /* MTUR */
867#undef IPOPT_ENCODE
868#define IPOPT_ENCODE 15 /* ENCODE */
869#undef IPOPT_TS
870#define IPOPT_TS 68
871#undef IPOPT_TR
872#define IPOPT_TR 82 /* TR */
873#undef IPOPT_SECURITY
874#define IPOPT_SECURITY 130
875#undef IPOPT_LSRR
876#define IPOPT_LSRR 131
877#undef IPOPT_E_SEC
878#define IPOPT_E_SEC 133 /* E-SEC */
879#undef IPOPT_CIPSO
880#define IPOPT_CIPSO 134 /* CIPSO */
881#undef IPOPT_SATID
882#define IPOPT_SATID 136
883#ifndef IPOPT_SID
884# define IPOPT_SID IPOPT_SATID
885#endif
886#undef IPOPT_SSRR
887#define IPOPT_SSRR 137
888#undef IPOPT_ADDEXT
889#define IPOPT_ADDEXT 147 /* ADDEXT */
890#undef IPOPT_VISA
891#define IPOPT_VISA 142 /* VISA */
892#undef IPOPT_IMITD
893#define IPOPT_IMITD 144 /* IMITD */
894#undef IPOPT_EIP
895#define IPOPT_EIP 145 /* EIP */
896#undef IPOPT_RTRALRT
897#define IPOPT_RTRALRT 148 /* RTRALRT */
898#undef IPOPT_SDB
899#define IPOPT_SDB 149
900#undef IPOPT_NSAPA
901#define IPOPT_NSAPA 150
902#undef IPOPT_DPS
903#define IPOPT_DPS 151
904#undef IPOPT_UMP
905#define IPOPT_UMP 152
906#undef IPOPT_FINN
907#define IPOPT_FINN 205 /* FINN */
908#undef IPOPT_AH
909#define IPOPT_AH 256+IPPROTO_AH
910
911#ifndef TCPOPT_EOL
912# define TCPOPT_EOL 0
913#endif
914#ifndef TCPOPT_NOP
915# define TCPOPT_NOP 1
916#endif
917#ifndef TCPOPT_MAXSEG
918# define TCPOPT_MAXSEG 2
919#endif
920#ifndef TCPOLEN_MAXSEG
921# define TCPOLEN_MAXSEG 4
922#endif
923#ifndef TCPOPT_WINDOW
924# define TCPOPT_WINDOW 3
925#endif
926#ifndef TCPOLEN_WINDOW
927# define TCPOLEN_WINDOW 3
928#endif
929#ifndef TCPOPT_SACK_PERMITTED
930# define TCPOPT_SACK_PERMITTED 4
931#endif
932#ifndef TCPOLEN_SACK_PERMITTED
933# define TCPOLEN_SACK_PERMITTED 2
934#endif
935#ifndef TCPOPT_SACK
936# define TCPOPT_SACK 5
937#endif
938#ifndef TCPOPT_TIMESTAMP
939# define TCPOPT_TIMESTAMP 8
940#endif
941
942#ifndef ICMP_MINLEN
943# define ICMP_MINLEN 8
944#endif
945#ifndef ICMP_ECHOREPLY
946# define ICMP_ECHOREPLY 0
947#endif
948#ifndef ICMP_UNREACH
949# define ICMP_UNREACH 3
950#endif
951#ifndef ICMP_UNREACH_NET
952# define ICMP_UNREACH_NET 0
953#endif
954#ifndef ICMP_UNREACH_HOST
955# define ICMP_UNREACH_HOST 1
956#endif
957#ifndef ICMP_UNREACH_PROTOCOL
958# define ICMP_UNREACH_PROTOCOL 2
959#endif
960#ifndef ICMP_UNREACH_PORT
961# define ICMP_UNREACH_PORT 3
962#endif
963#ifndef ICMP_UNREACH_NEEDFRAG
964# define ICMP_UNREACH_NEEDFRAG 4
965#endif
966#ifndef ICMP_UNREACH_SRCFAIL
967# define ICMP_UNREACH_SRCFAIL 5
968#endif
969#ifndef ICMP_UNREACH_NET_UNKNOWN
970# define ICMP_UNREACH_NET_UNKNOWN 6
971#endif
972#ifndef ICMP_UNREACH_HOST_UNKNOWN
973# define ICMP_UNREACH_HOST_UNKNOWN 7
974#endif
975#ifndef ICMP_UNREACH_ISOLATED
976# define ICMP_UNREACH_ISOLATED 8
977#endif
978#ifndef ICMP_UNREACH_NET_PROHIB
979# define ICMP_UNREACH_NET_PROHIB 9
980#endif
981#ifndef ICMP_UNREACH_HOST_PROHIB
982# define ICMP_UNREACH_HOST_PROHIB 10
983#endif
984#ifndef ICMP_UNREACH_TOSNET
985# define ICMP_UNREACH_TOSNET 11
986#endif
987#ifndef ICMP_UNREACH_TOSHOST
988# define ICMP_UNREACH_TOSHOST 12
989#endif
990#ifndef ICMP_UNREACH_ADMIN_PROHIBIT
991# define ICMP_UNREACH_ADMIN_PROHIBIT 13
992#endif
993#ifndef ICMP_UNREACH_FILTER
994# define ICMP_UNREACH_FILTER 13
995#endif
996#ifndef ICMP_UNREACH_HOST_PRECEDENCE
997# define ICMP_UNREACH_HOST_PRECEDENCE 14
998#endif
999#ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
1000# define ICMP_UNREACH_PRECEDENCE_CUTOFF 15
1001#endif
1002#ifndef ICMP_SOURCEQUENCH
1003# define ICMP_SOURCEQUENCH 4
1004#endif
1005#ifndef ICMP_REDIRECT_NET
1006# define ICMP_REDIRECT_NET 0
1007#endif
1008#ifndef ICMP_REDIRECT_HOST
1009# define ICMP_REDIRECT_HOST 1
1010#endif
1011#ifndef ICMP_REDIRECT_TOSNET
1012# define ICMP_REDIRECT_TOSNET 2
1013#endif
1014#ifndef ICMP_REDIRECT_TOSHOST
1015# define ICMP_REDIRECT_TOSHOST 3
1016#endif
1017#ifndef ICMP_ALTHOSTADDR
1018# define ICMP_ALTHOSTADDR 6
1019#endif
1020#ifndef ICMP_TIMXCEED
1021# define ICMP_TIMXCEED 11
1022#endif
1023#ifndef ICMP_TIMXCEED_INTRANS
1024# define ICMP_TIMXCEED_INTRANS 0
1025#endif
1026#ifndef ICMP_TIMXCEED_REASS
1027# define ICMP_TIMXCEED_REASS 1
1028#endif
1029#ifndef ICMP_PARAMPROB
1030# define ICMP_PARAMPROB 12
1031#endif
1032#ifndef ICMP_PARAMPROB_ERRATPTR
1033# define ICMP_PARAMPROB_ERRATPTR 0
1034#endif
1035#ifndef ICMP_PARAMPROB_OPTABSENT
1036# define ICMP_PARAMPROB_OPTABSENT 1
1037#endif
1038#ifndef ICMP_PARAMPROB_LENGTH
1039# define ICMP_PARAMPROB_LENGTH 2
1040#endif
1041#ifndef ICMP_TSTAMP
1042# define ICMP_TSTAMP 13
1043#endif
1044#ifndef ICMP_TSTAMPREPLY
1045# define ICMP_TSTAMPREPLY 14
1046#endif
1047#ifndef ICMP_IREQ
1048# define ICMP_IREQ 15
1049#endif
1050#ifndef ICMP_IREQREPLY
1051# define ICMP_IREQREPLY 16
1052#endif
1053#ifndef ICMP_MASKREQ
1054# define ICMP_MASKREQ 17
1055#endif
1056#ifndef ICMP_MASKREPLY
1057# define ICMP_MASKREPLY 18
1058#endif
1059#ifndef ICMP_TRACEROUTE
1060# define ICMP_TRACEROUTE 30
1061#endif
1062#ifndef ICMP_DATACONVERR
1063# define ICMP_DATACONVERR 31
1064#endif
1065#ifndef ICMP_MOBILE_REDIRECT
1066# define ICMP_MOBILE_REDIRECT 32
1067#endif
1068#ifndef ICMP_IPV6_WHEREAREYOU
1069# define ICMP_IPV6_WHEREAREYOU 33
1070#endif
1071#ifndef ICMP_IPV6_IAMHERE
1072# define ICMP_IPV6_IAMHERE 34
1073#endif
1074#ifndef ICMP_MOBILE_REGREQUEST
1075# define ICMP_MOBILE_REGREQUEST 35
1076#endif
1077#ifndef ICMP_MOBILE_REGREPLY
1078# define ICMP_MOBILE_REGREPLY 36
1079#endif
1080#ifndef ICMP_SKIP
1081# define ICMP_SKIP 39
1082#endif
1083#ifndef ICMP_PHOTURIS
1084# define ICMP_PHOTURIS 40
1085#endif
1086#ifndef ICMP_PHOTURIS_UNKNOWN_INDEX
1087# define ICMP_PHOTURIS_UNKNOWN_INDEX 1
1088#endif
1089#ifndef ICMP_PHOTURIS_AUTH_FAILED
1090# define ICMP_PHOTURIS_AUTH_FAILED 2
1091#endif
1092#ifndef ICMP_PHOTURIS_DECRYPT_FAILED
1093# define ICMP_PHOTURIS_DECRYPT_FAILED 3
1094#endif
1095#ifndef IPVERSION
1096# define IPVERSION 4
1097#endif
1098#ifndef IPOPT_MINOFF
1099# define IPOPT_MINOFF 4
1100#endif
1101#ifndef IPOPT_COPIED
1102# define IPOPT_COPIED(x) ((x)&0x80)
1103#endif
1104#ifndef IPOPT_EOL
1105# define IPOPT_EOL 0
1106#endif
1107#ifndef IPOPT_NOP
1108# define IPOPT_NOP 1
1109#endif
1110#ifndef IP_MF
1111# define IP_MF ((u_short)0x2000)
1112#endif
1113#ifndef ETHERTYPE_IP
1114# define ETHERTYPE_IP ((u_short)0x0800)
1115#endif
1116#ifndef TH_FIN
1117# define TH_FIN 0x01
1118#endif
1119#ifndef TH_SYN
1120# define TH_SYN 0x02
1121#endif
1122#ifndef TH_RST
1123# define TH_RST 0x04
1124#endif
1125#ifndef TH_PUSH
1126# define TH_PUSH 0x08
1127#endif
1128#ifndef TH_ACK
1129# define TH_ACK 0x10
1130#endif
1131#ifndef TH_URG
1132# define TH_URG 0x20
1133#endif
1134#undef TH_ACKMASK
1135#define TH_ACKMASK (TH_FIN|TH_SYN|TH_RST|TH_ACK)
1136
1137#ifndef IPOPT_EOL
1138# define IPOPT_EOL 0
1139#endif
1140#ifndef IPOPT_NOP
1141# define IPOPT_NOP 1
1142#endif
1143#ifndef IPOPT_RR
1144# define IPOPT_RR 7
1145#endif
1146#ifndef IPOPT_TS
1147# define IPOPT_TS 68
1148#endif
1149#ifndef IPOPT_SECURITY
1150# define IPOPT_SECURITY 130
1151#endif
1152#ifndef IPOPT_LSRR
1153# define IPOPT_LSRR 131
1154#endif
1155#ifndef IPOPT_SATID
1156# define IPOPT_SATID 136
1157#endif
1158#ifndef IPOPT_SSRR
1159# define IPOPT_SSRR 137
1160#endif
1161#ifndef IPOPT_SECUR_UNCLASS
1162# define IPOPT_SECUR_UNCLASS ((u_short)0x0000)
1163#endif
1164#ifndef IPOPT_SECUR_CONFID
1165# define IPOPT_SECUR_CONFID ((u_short)0xf135)
1166#endif
1167#ifndef IPOPT_SECUR_EFTO
1168# define IPOPT_SECUR_EFTO ((u_short)0x789a)
1169#endif
1170#ifndef IPOPT_SECUR_MMMM
1171# define IPOPT_SECUR_MMMM ((u_short)0xbc4d)
1172#endif
1173#ifndef IPOPT_SECUR_RESTR
1174# define IPOPT_SECUR_RESTR ((u_short)0xaf13)
1175#endif
1176#ifndef IPOPT_SECUR_SECRET
1177# define IPOPT_SECUR_SECRET ((u_short)0xd788)
1178#endif
1179#ifndef IPOPT_SECUR_TOPSECRET
1180# define IPOPT_SECUR_TOPSECRET ((u_short)0x6bc5)
1181#endif
1182#ifndef IPOPT_OLEN
1183# define IPOPT_OLEN 1
1184#endif
1185#ifndef IPPROTO_HOPOPTS
1186# define IPPROTO_HOPOPTS 0
1187#endif
1188#ifndef IPPROTO_IPIP
1189# define IPPROTO_IPIP 4
1190#endif
1191#ifndef IPPROTO_ENCAP
1192# define IPPROTO_ENCAP 98
1193#endif
1194#ifndef IPPROTO_IPV6
1195# define IPPROTO_IPV6 41
1196#endif
1197#ifndef IPPROTO_ROUTING
1198# define IPPROTO_ROUTING 43
1199#endif
1200#ifndef IPPROTO_FRAGMENT
1201# define IPPROTO_FRAGMENT 44
1202#endif
1203#ifndef IPPROTO_GRE
1204# define IPPROTO_GRE 47 /* GRE encaps RFC 1701 */
1205#endif
1206#ifndef IPPROTO_ESP
1207# define IPPROTO_ESP 50
1208#endif
1209#ifndef IPPROTO_AH
1210# define IPPROTO_AH 51
1211#endif
1212#ifndef IPPROTO_ICMPV6
1213# define IPPROTO_ICMPV6 58
1214#endif
1215#ifndef IPPROTO_NONE
1216# define IPPROTO_NONE 59
1217#endif
1218#ifndef IPPROTO_DSTOPTS
1219# define IPPROTO_DSTOPTS 60
1220#endif
1221#ifndef IPPROTO_MOBILITY
1222# define IPPROTO_MOBILITY 135
1223#endif
1224
1225#ifndef ICMP_ROUTERADVERT
1226# define ICMP_ROUTERADVERT 9
1227#endif
1228#ifndef ICMP_ROUTERSOLICIT
1229# define ICMP_ROUTERSOLICIT 10
1230#endif
1231#ifndef ICMP6_DST_UNREACH
1232# define ICMP6_DST_UNREACH 1
1233#endif
1234#ifndef ICMP6_PACKET_TOO_BIG
1235# define ICMP6_PACKET_TOO_BIG 2
1236#endif
1237#ifndef ICMP6_TIME_EXCEEDED
1238# define ICMP6_TIME_EXCEEDED 3
1239#endif
1240#ifndef ICMP6_PARAM_PROB
1241# define ICMP6_PARAM_PROB 4
1242#endif
1243
1244#ifndef ICMP6_ECHO_REQUEST
1245# define ICMP6_ECHO_REQUEST 128
1246#endif
1247#ifndef ICMP6_ECHO_REPLY
1248# define ICMP6_ECHO_REPLY 129
1249#endif
1250#ifndef ICMP6_MEMBERSHIP_QUERY
1251# define ICMP6_MEMBERSHIP_QUERY 130
1252#endif
1253#ifndef MLD6_LISTENER_QUERY
1254# define MLD6_LISTENER_QUERY 130
1255#endif
1256#ifndef ICMP6_MEMBERSHIP_REPORT
1257# define ICMP6_MEMBERSHIP_REPORT 131
1258#endif
1259#ifndef MLD6_LISTENER_REPORT
1260# define MLD6_LISTENER_REPORT 131
1261#endif
1262#ifndef ICMP6_MEMBERSHIP_REDUCTION
1263# define ICMP6_MEMBERSHIP_REDUCTION 132
1264#endif
1265#ifndef MLD6_LISTENER_DONE
1266# define MLD6_LISTENER_DONE 132
1267#endif
1268#ifndef ND_ROUTER_SOLICIT
1269# define ND_ROUTER_SOLICIT 133
1270#endif
1271#ifndef ND_ROUTER_ADVERT
1272# define ND_ROUTER_ADVERT 134
1273#endif
1274#ifndef ND_NEIGHBOR_SOLICIT
1275# define ND_NEIGHBOR_SOLICIT 135
1276#endif
1277#ifndef ND_NEIGHBOR_ADVERT
1278# define ND_NEIGHBOR_ADVERT 136
1279#endif
1280#ifndef ND_REDIRECT
1281# define ND_REDIRECT 137
1282#endif
1283#ifndef ICMP6_ROUTER_RENUMBERING
1284# define ICMP6_ROUTER_RENUMBERING 138
1285#endif
1286#ifndef ICMP6_WRUREQUEST
1287# define ICMP6_WRUREQUEST 139
1288#endif
1289#ifndef ICMP6_WRUREPLY
1290# define ICMP6_WRUREPLY 140
1291#endif
1292#ifndef ICMP6_FQDN_QUERY
1293# define ICMP6_FQDN_QUERY 139
1294#endif
1295#ifndef ICMP6_FQDN_REPLY
1296# define ICMP6_FQDN_REPLY 140
1297#endif
1298#ifndef ICMP6_NI_QUERY
1299# define ICMP6_NI_QUERY 139
1300#endif
1301#ifndef ICMP6_NI_REPLY
1302# define ICMP6_NI_REPLY 140
1303#endif
1304#ifndef MLD6_MTRACE_RESP
1305# define MLD6_MTRACE_RESP 200
1306#endif
1307#ifndef MLD6_MTRACE
1308# define MLD6_MTRACE 201
1309#endif
1310#ifndef ICMP6_HADISCOV_REQUEST
1311# define ICMP6_HADISCOV_REQUEST 202
1312#endif
1313#ifndef ICMP6_HADISCOV_REPLY
1314# define ICMP6_HADISCOV_REPLY 203
1315#endif
1316#ifndef ICMP6_MOBILEPREFIX_SOLICIT
1317# define ICMP6_MOBILEPREFIX_SOLICIT 204
1318#endif
1319#ifndef ICMP6_MOBILEPREFIX_ADVERT
1320# define ICMP6_MOBILEPREFIX_ADVERT 205
1321#endif
1322#ifndef ICMP6_MAXTYPE
1323# define ICMP6_MAXTYPE 205
1324#endif
1325
1326#ifndef ICMP6_DST_UNREACH_NOROUTE
1327# define ICMP6_DST_UNREACH_NOROUTE 0
1328#endif
1329#ifndef ICMP6_DST_UNREACH_ADMIN
1330# define ICMP6_DST_UNREACH_ADMIN 1
1331#endif
1332#ifndef ICMP6_DST_UNREACH_NOTNEIGHBOR
1333# define ICMP6_DST_UNREACH_NOTNEIGHBOR 2
1334#endif
1335#ifndef ICMP6_DST_UNREACH_BEYONDSCOPE
1336# define ICMP6_DST_UNREACH_BEYONDSCOPE 2
1337#endif
1338#ifndef ICMP6_DST_UNREACH_ADDR
1339# define ICMP6_DST_UNREACH_ADDR 3
1340#endif
1341#ifndef ICMP6_DST_UNREACH_NOPORT
1342# define ICMP6_DST_UNREACH_NOPORT 4
1343#endif
1344#ifndef ICMP6_TIME_EXCEED_TRANSIT
1345# define ICMP6_TIME_EXCEED_TRANSIT 0
1346#endif
1347#ifndef ICMP6_TIME_EXCEED_REASSEMBLY
1348# define ICMP6_TIME_EXCEED_REASSEMBLY 1
1349#endif
1350
1351#ifndef ICMP6_NI_SUCCESS
1352# define ICMP6_NI_SUCCESS 0
1353#endif
1354#ifndef ICMP6_NI_REFUSED
1355# define ICMP6_NI_REFUSED 1
1356#endif
1357#ifndef ICMP6_NI_UNKNOWN
1358# define ICMP6_NI_UNKNOWN 2
1359#endif
1360
1361#ifndef ICMP6_ROUTER_RENUMBERING_COMMAND
1362# define ICMP6_ROUTER_RENUMBERING_COMMAND 0
1363#endif
1364#ifndef ICMP6_ROUTER_RENUMBERING_RESULT
1365# define ICMP6_ROUTER_RENUMBERING_RESULT 1
1366#endif
1367#ifndef ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET
1368# define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255
1369#endif
1370
1371#ifndef ICMP6_PARAMPROB_HEADER
1372# define ICMP6_PARAMPROB_HEADER 0
1373#endif
1374#ifndef ICMP6_PARAMPROB_NEXTHEADER
1375# define ICMP6_PARAMPROB_NEXTHEADER 1
1376#endif
1377#ifndef ICMP6_PARAMPROB_OPTION
1378# define ICMP6_PARAMPROB_OPTION 2
1379#endif
1380
1381#ifndef ICMP6_NI_SUBJ_IPV6
1382# define ICMP6_NI_SUBJ_IPV6 0
1383#endif
1384#ifndef ICMP6_NI_SUBJ_FQDN
1385# define ICMP6_NI_SUBJ_FQDN 1
1386#endif
1387#ifndef ICMP6_NI_SUBJ_IPV4
1388# define ICMP6_NI_SUBJ_IPV4 2
1389#endif
1390
1391#ifndef MLD_MTRACE_RESP
1392# define MLD_MTRACE_RESP 200
1393#endif
1394#ifndef MLD_MTRACE
1395# define MLD_MTRACE 201
1396#endif
1397#ifndef MLD6_MTRACE_RESP
1398# define MLD6_MTRACE_RESP MLD_MTRACE_RESP
1399#endif
1400#ifndef MLD6_MTRACE
1401# define MLD6_MTRACE MLD_MTRACE
1402#endif
1403
1404#if !defined(IPV6_FLOWINFO_MASK)
1405# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
1406# define IPV6_FLOWINFO_MASK 0x0fffffff /* flow info (28 bits) */
1407# else
1408# if(BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
1409# define IPV6_FLOWINFO_MASK 0xffffff0f /* flow info (28 bits) */
1410# endif /* LITTLE_ENDIAN */
1411# endif
1412#endif
1413#if !defined(IPV6_FLOWLABEL_MASK)
1414# if (BYTE_ORDER == BIG_ENDIAN) || defined(_BIG_ENDIAN)
1415# define IPV6_FLOWLABEL_MASK 0x000fffff /* flow label (20 bits) */
1416# else
1417# if (BYTE_ORDER == LITTLE_ENDIAN) || !defined(_BIG_ENDIAN)
1418# define IPV6_FLOWLABEL_MASK 0xffff0f00 /* flow label (20 bits) */
1419# endif /* LITTLE_ENDIAN */
1420# endif
1421#endif
1422
1423/*
1424 * ECN is a new addition to TCP - RFC 2481
1425 */
1426#ifndef TH_ECN
1427# define TH_ECN 0x40
1428#endif
1429#ifndef TH_CWR
1430# define TH_CWR 0x80
1431#endif
1432#define TH_ECNALL (TH_ECN|TH_CWR)
1433
1434/*
1435 * TCP States
1436 */
1437#define IPF_TCPS_LISTEN 0 /* listening for connection */
1438#define IPF_TCPS_SYN_SENT 1 /* active, have sent syn */
1439#define IPF_TCPS_SYN_RECEIVED 2 /* have send and received syn */
1440#define IPF_TCPS_HALF_ESTAB 3 /* for connections not fully "up" */
1441/* states < IPF_TCPS_ESTABLISHED are those where connections not established */
1442#define IPF_TCPS_ESTABLISHED 4 /* established */
1443#define IPF_TCPS_CLOSE_WAIT 5 /* rcvd fin, waiting for close */
1444/* states > IPF_TCPS_CLOSE_WAIT are those where user has closed */
1445#define IPF_TCPS_FIN_WAIT_1 6 /* have closed, sent fin */
1446#define IPF_TCPS_CLOSING 7 /* closed xchd FIN; await FIN ACK */
1447#define IPF_TCPS_LAST_ACK 8 /* had fin and close; await FIN ACK */
1448/* states > IPF_TCPS_CLOSE_WAIT && < IPF_TCPS_FIN_WAIT_2 await ACK of FIN */
1449#define IPF_TCPS_FIN_WAIT_2 9 /* have closed, fin is acked */
1450#define IPF_TCPS_TIME_WAIT 10 /* in 2*msl quiet wait after close */
1451#define IPF_TCPS_CLOSED 11 /* closed */
1452#define IPF_TCP_NSTATES 12
1453
1454#define TCP_MSL 120
1455
1456#undef ICMP_MAX_UNREACH
1457#define ICMP_MAX_UNREACH 14
1458#undef ICMP_MAXTYPE
1459#define ICMP_MAXTYPE 18
1460
1461#ifndef IFNAMSIZ
1462#define IFNAMSIZ 16
1463#endif
1464
1465#ifndef LOG_FTP
1466# define LOG_FTP (11<<3)
1467#endif
1468#ifndef LOG_AUTHPRIV
1469# define LOG_AUTHPRIV (10<<3)
1470#endif
1471#ifndef LOG_AUDIT
1472# define LOG_AUDIT (13<<3)
1473#endif
1474#ifndef LOG_NTP
1475# define LOG_NTP (12<<3)
1476#endif
1477#ifndef LOG_SECURITY
1478# define LOG_SECURITY (13<<3)
1479#endif
1480#ifndef LOG_LFMT
1481# define LOG_LFMT (14<<3)
1482#endif
1483#ifndef LOG_CONSOLE
1484# define LOG_CONSOLE (14<<3)
1485#endif
1486
1487/*
1488 * ICMP error replies have an IP header (20 bytes), 8 bytes of ICMP data,
1489 * another IP header and then 64 bits of data, totalling 56. Of course,
1490 * the last 64 bits is dependent on that being available.
1491 */
1492#define ICMPERR_ICMPHLEN 8
1493#define ICMPERR_IPICMPHLEN (20 + 8)
1494#define ICMPERR_MINPKTLEN (20 + 8 + 20)
1495#define ICMPERR_MAXPKTLEN (20 + 8 + 20 + 8)
1496#define ICMP6ERR_MINPKTLEN (40 + 8)
1497#define ICMP6ERR_IPICMPHLEN (40 + 8 + 40)
1498
1499#ifndef MIN
1500# define MIN(a,b) (((a)<(b))?(a):(b))
1501#endif
1502
1503#ifdef RESCUE
1504# undef IPFILTER_BPF
1505#endif
1506
1507#ifdef IPF_DEBUG
1508# define DPRINT(x) printf x
1509#else
1510# define DPRINT(x)
1511#endif
1512
1513#ifndef AF_INET6
1514# define AF_INET6 26
1515#endif
1516
1517#ifdef DTRACE_PROBE
1518# ifdef _KERNEL
1519# define DT(_n) DTRACE_PROBE(_n)
1520# define DT1(_n,_a,_b) DTRACE_PROBE1(_n,_a,_b)
1521# define DT2(_n,_a,_b,_c,_d) DTRACE_PROBE2(_n,_a,_b,_c,_d)
1522# define DT3(_n,_a,_b,_c,_d,_e,_f) \
1523 DTRACE_PROBE3(_n,_a,_b,_c,_d,_e,_f)
1524# define DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h) \
1525 DTRACE_PROBE4(_n,_a,_b,_c,_d,_e,_f,_g,_h)
1526# else
1527# define DT(_n)
1528# define DT1(_n,_a,_b)
1529# define DT2(_n,_a,_b,_c,_d)
1530# define DT3(_n,_a,_b,_c,_d,_e,_f)
1531# define DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h)
1532# endif
1533#else
1534# define DT(_n)
1535# define DT1(_n,_a,_b)
1536# define DT2(_n,_a,_b,_c,_d)
1537# define DT3(_n,_a,_b,_c,_d,_e,_f)
1538# define DT4(_n,_a,_b,_c,_d,_e,_f,_g,_h)
1539#endif
1540
1541struct ip6_routing {
1542 u_char ip6r_nxt; /* next header */
1543 u_char ip6r_len; /* length in units of 8 octets */
1544 u_char ip6r_type; /* always zero */
1545 u_char ip6r_segleft; /* segments left */
1546 u_32_t ip6r_reserved; /* reserved field */
1547};
1548
1549#endif /* __IP_COMPAT_H__ */