Lines Matching refs:ilbs
117 ilb_stack_t *ilbs;
177 ilb_kstat_g_init(netstackid_t stackid, ilb_stack_t *ilbs)
191 bcopy(&template, ilbs->ilbs_kstat, sizeof (template));
192 ksp->ks_data = ilbs->ilbs_kstat;
200 ilb_kstat_g_fini(netstackid_t stackid, ilb_stack_t *ilbs)
202 if (ilbs->ilbs_ksp != NULL) {
204 ilbs->ilbs_ksp->ks_private);
205 kstat_delete_netstack(ilbs->ilbs_ksp, stackid);
206 ilbs->ilbs_ksp = NULL;
280 ilb_rule_hash_init(ilb_stack_t *ilbs)
285 * If ilbs->ilbs_rule_hash_size is not a power of 2, bump it up to
288 if (!ISP2(ilbs->ilbs_rule_hash_size)) {
290 if (ilbs->ilbs_rule_hash_size < (1 << i))
293 ilbs->ilbs_rule_hash_size = 1 << i;
295 ilbs->ilbs_g_hash = kmem_zalloc(sizeof (ilb_hash_t) *
296 ilbs->ilbs_rule_hash_size, KM_SLEEP);
297 for (i = 0; i < ilbs->ilbs_rule_hash_size; i++) {
298 mutex_init(&ilbs->ilbs_g_hash[i].ilb_hash_lock, NULL,
305 ilb_rule_hash_fini(ilb_stack_t *ilbs)
307 if (ilbs->ilbs_g_hash == NULL)
309 kmem_free(ilbs->ilbs_g_hash, sizeof (ilb_hash_t) *
310 ilbs->ilbs_rule_hash_size);
315 ilb_rule_hash_add(ilb_stack_t *ilbs, ilb_rule_t *rule, const in6_addr_t *addr)
320 ilbs->ilbs_rule_hash_size);
322 mutex_enter(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
323 rule->ir_hash_next = ilbs->ilbs_g_hash[i].ilb_hash_rule;
324 if (ilbs->ilbs_g_hash[i].ilb_hash_rule != NULL)
325 ilbs->ilbs_g_hash[i].ilb_hash_rule->ir_hash_prev = rule;
327 ilbs->ilbs_g_hash[i].ilb_hash_rule = rule;
329 rule->ir_hash = &ilbs->ilbs_g_hash[i];
330 mutex_exit(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
365 ilb_rule_hash(ilb_stack_t *ilbs, int l3, int l4, in6_addr_t *addr,
374 i = ILB_RULE_HASH((uint8_t *)&v4_addr, ilbs->ilbs_rule_hash_size);
377 mutex_enter(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
378 for (rule = ilbs->ilbs_g_hash[i].ilb_hash_rule; rule != NULL;
438 mutex_exit(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
447 ilb_rule_g_add(ilb_stack_t *ilbs, ilb_rule_t *rule)
449 ASSERT(mutex_owned(&ilbs->ilbs_g_lock));
450 rule->ir_next = ilbs->ilbs_rule_head;
451 ilbs->ilbs_rule_head = rule;
452 ILB_KSTAT_UPDATE(ilbs, num_rules, 1);
457 ilb_rule_g_del(ilb_stack_t *ilbs, ilb_rule_t *rule)
462 ASSERT(mutex_owned(&ilbs->ilbs_g_lock));
464 for (tmp_rule = ilbs->ilbs_rule_head; tmp_rule != NULL;
470 mutex_exit(&ilbs->ilbs_g_lock);
474 ilbs->ilbs_rule_head = tmp_rule->ir_next;
477 ILB_KSTAT_UPDATE(ilbs, num_rules, -1);
517 ilb_rule_add(ilb_stack_t *ilbs, zoneid_t zoneid, const ilb_rule_cmd_t *cmd)
617 mutex_enter(&ilbs->ilbs_g_lock);
618 if (ilbs->ilbs_g_hash == NULL)
619 ilb_rule_hash_init(ilbs);
620 if (ilbs->ilbs_c2s_conn_hash == NULL) {
621 ASSERT(ilbs->ilbs_s2c_conn_hash == NULL);
622 ilb_conn_hash_init(ilbs);
623 ilb_nat_src_init(ilbs);
627 if (ilb_match_rule(ilbs, zoneid, cmd->name, cmd->ip_ver, cmd->proto,
629 mutex_exit(&ilbs->ilbs_g_lock);
635 mutex_exit(&ilbs->ilbs_g_lock);
643 stackid = (netstackid_t)(uintptr_t)ilbs->ilbs_ksp->ks_private;
700 if (ilbs->ilbs_sticky_hash == NULL)
701 ilb_sticky_hash_init(ilbs);
735 ilb_rule_g_add(ilbs, rule);
736 ilb_rule_hash_add(ilbs, rule, &cmd->vip);
738 mutex_exit(&ilbs->ilbs_g_lock);
743 mutex_exit(&ilbs->ilbs_g_lock);
757 ilb_rule_del_common(ilb_stack_t *ilbs, ilb_rule_t *tmp_rule)
762 stackid = (netstackid_t)(uintptr_t)ilbs->ilbs_ksp->ks_private;
803 ilb_stack_t *ilbs = ((ilb_rule_tq_t *)arg)->ilbs;
809 ilb_rule_del_common(ilbs, rule);
815 ilb_rule_del(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name)
821 mutex_enter(&ilbs->ilbs_g_lock);
822 if ((tmp_rule = ilb_find_rule_locked(ilbs, zoneid, name,
824 mutex_exit(&ilbs->ilbs_g_lock);
833 ilb_rule_g_del(ilbs, tmp_rule);
834 mutex_exit(&ilbs->ilbs_g_lock);
847 arg->ilbs = ilbs;
849 (void) taskq_dispatch(ilbs->ilbs_rule_taskq, ilb_rule_del_tq, arg,
860 ilb_rule_match_vip_v6(ilb_stack_t *ilbs, in6_addr_t *vip, ilb_rule_t **ret_rule)
867 ilbs->ilbs_rule_hash_size);
868 mutex_enter(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
869 for (rule = ilbs->ilbs_g_hash[i].ilb_hash_rule; rule != NULL;
888 mutex_exit(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
893 ilb_rule_match_vip_v4(ilb_stack_t *ilbs, ipaddr_t addr, ilb_rule_t **ret_rule)
899 i = ILB_RULE_HASH((uint8_t *)&addr, ilbs->ilbs_rule_hash_size);
900 mutex_enter(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
901 for (rule = ilbs->ilbs_g_hash[i].ilb_hash_rule; rule != NULL;
920 mutex_exit(&ilbs->ilbs_g_hash[i].ilb_hash_lock);
925 ilb_find_rule_locked(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name,
930 ASSERT(mutex_owned(&ilbs->ilbs_g_lock));
932 for (tmp_rule = ilbs->ilbs_rule_head; tmp_rule != NULL;
955 ilb_find_rule(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name,
960 mutex_enter(&ilbs->ilbs_g_lock);
961 tmp_rule = ilb_find_rule_locked(ilbs, zoneid, name, err);
962 mutex_exit(&ilbs->ilbs_g_lock);
968 ilb_match_rule(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name, int l3,
973 ASSERT(mutex_owned(&ilbs->ilbs_g_lock));
975 for (tmp_rule = ilbs->ilbs_rule_head; tmp_rule != NULL;
1015 ilb_rule_enable(ilb_stack_t *ilbs, zoneid_t zoneid,
1024 if ((rule = ilb_find_rule(ilbs, zoneid, rule_name,
1040 ilb_rule_disable(ilb_stack_t *ilbs, zoneid_t zoneid,
1049 if ((rule = ilb_find_rule(ilbs, zoneid, rule_name,
1069 ilb_rule_enable_all(ilb_stack_t *ilbs, zoneid_t zoneid)
1073 mutex_enter(&ilbs->ilbs_g_lock);
1074 for (rule = ilbs->ilbs_rule_head; rule != NULL; rule = rule->ir_next) {
1082 (void) ilb_rule_enable(ilbs, zoneid, NULL, rule);
1084 mutex_exit(&ilbs->ilbs_g_lock);
1088 ilb_rule_disable_all(ilb_stack_t *ilbs, zoneid_t zoneid)
1092 mutex_enter(&ilbs->ilbs_g_lock);
1093 for (rule = ilbs->ilbs_rule_head; rule != NULL;
1097 (void) ilb_rule_disable(ilbs, zoneid, NULL, rule);
1099 mutex_exit(&ilbs->ilbs_g_lock);
1103 ilb_rule_del_all(ilb_stack_t *ilbs, zoneid_t zoneid)
1108 mutex_enter(&ilbs->ilbs_g_lock);
1109 while ((rule = ilbs->ilbs_rule_head) != NULL) {
1113 ilb_rule_g_del(ilbs, rule);
1114 mutex_exit(&ilbs->ilbs_g_lock);
1117 arg->ilbs = ilbs;
1119 (void) taskq_dispatch(ilbs->ilbs_rule_taskq, ilb_rule_del_tq,
1122 mutex_enter(&ilbs->ilbs_g_lock);
1124 mutex_exit(&ilbs->ilbs_g_lock);
1132 ilb_has_rules(ilb_stack_t *ilbs)
1134 return (ilbs->ilbs_rule_head != NULL);
1139 ilb_server_toggle(ilb_stack_t *ilbs, zoneid_t zoneid, const char *rule_name,
1149 if ((rule = ilb_find_rule(ilbs, zoneid, rule_name,
1193 ilb_server_enable(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name,
1196 return (ilb_server_toggle(ilbs, zoneid, name, rule, addr, B_TRUE));
1200 ilb_server_disable(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name,
1203 return (ilb_server_toggle(ilbs, zoneid, name, rule, addr, B_FALSE));
1211 ilb_server_add(ilb_stack_t *ilbs, ilb_rule_t *rule, ilb_server_info_t *info)
1311 stackid = (netstackid_t)(uintptr_t)ilbs->ilbs_ksp->ks_private;
1345 if ((ret = ilb_create_nat_src(ilbs, &server->iser_nat_src,
1415 ilb_server_del(ilb_stack_t *ilbs, zoneid_t zoneid, const char *rule_name,
1425 if ((rule = ilb_find_rule(ilbs, zoneid, rule_name,
1509 (void) taskq_dispatch(ilbs->ilbs_rule_taskq, ilb_server_del_tq,
1544 ilb_icmp_v4(ilb_stack_t *ilbs, ill_t *ill, mblk_t *mp, ipha_t *ipha,
1551 if (!ilb_rule_match_vip_v4(ilbs, ipha->ipha_dst, &rule))
1570 ilbs->ilbs_netstack->netstack_ip->ips_ip_def_ttl;
1584 if (ilb_check_icmp_conn(ilbs, mp, IPPROTO_IP, ipha, icmph,
1605 ilb_icmp_v6(ilb_stack_t *ilbs, ill_t *ill, mblk_t *mp, ip6_t *ip6h,
1610 if (!ilb_rule_match_vip_v6(ilbs, &ip6h->ip6_dst, &rule))
1633 ilbs->ilbs_netstack->netstack_ip->ips_ipv6_def_hops;
1642 if (ilb_check_icmp_conn(ilbs, mp, IPPROTO_IPV6, ip6h, icmp6,
1665 ilb_check(ilb_stack_t *ilbs, ill_t *ill, mblk_t *mp, in6_addr_t *src,
1707 if (ilb_check_conn(ilbs, l3, iph, l4, tph, src, dst, sport, dport,
1720 rule = ilb_rule_hash(ilbs, l3, l4, dst, dport, ill->ill_zoneid,
1755 if ((server = ilb_sticky_find_add(ilbs, rule, &addr, server,
1818 if (ilb_conn_add(ilbs, rule, server, src, sport, dst,
1842 if (ilb_conn_add(ilbs, rule, server, src, sport, dst,
1882 ilb_check_v4(ilb_stack_t *ilbs, ill_t *ill, mblk_t *mp, ipha_t *ipha, int l4,
1891 return (ilb_icmp_v4(ilbs, ill, mp, ipha, (icmph_t *)tph,
1897 ret = ilb_check(ilbs, ill, mp, &v6_src, &v6_dst, IPPROTO_IP, l4, ipha,
1905 ilb_check_v6(ilb_stack_t *ilbs, ill_t *ill, mblk_t *mp, ip6_t *ip6h, int l4,
1913 return (ilb_icmp_v6(ilbs, ill, mp, ip6h, (icmp6_t *)tph,
1918 return (ilb_check(ilbs, ill, mp, &ip6h->ip6_src, &ip6h->ip6_dst,
1923 ilb_get_num_rules(ilb_stack_t *ilbs, zoneid_t zoneid, uint32_t *num_rules)
1927 mutex_enter(&ilbs->ilbs_g_lock);
1929 for (tmp_rule = ilbs->ilbs_rule_head; tmp_rule != NULL;
1934 mutex_exit(&ilbs->ilbs_g_lock);
1938 ilb_get_num_servers(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name,
1944 if ((rule = ilb_find_rule(ilbs, zoneid, name, &err)) == NULL)
1952 ilb_get_servers(ilb_stack_t *ilbs, zoneid_t zoneid, const char *name,
1960 if ((rule = ilb_find_rule(ilbs, zoneid, name, &err)) == NULL)
1980 ilb_get_rulenames(ilb_stack_t *ilbs, zoneid_t zoneid, uint32_t *num_names,
1989 mutex_enter(&ilbs->ilbs_g_lock);
1990 for (cnt = 0, tmp_rule = ilbs->ilbs_rule_head; tmp_rule != NULL;
2000 mutex_exit(&ilbs->ilbs_g_lock);
2005 ilb_rule_list(ilb_stack_t *ilbs, zoneid_t zoneid, ilb_rule_cmd_t *cmd)
2010 if ((rule = ilb_find_rule(ilbs, zoneid, cmd->name, &err)) == NULL) {
2050 ilb_stack_t *ilbs;
2053 ilbs = kmem_alloc(sizeof (ilb_stack_t), KM_SLEEP);
2054 ilbs->ilbs_netstack = ns;
2056 ilbs->ilbs_rule_head = NULL;
2057 ilbs->ilbs_g_hash = NULL;
2058 mutex_init(&ilbs->ilbs_g_lock, NULL, MUTEX_DEFAULT, NULL);
2060 ilbs->ilbs_kstat = kmem_alloc(sizeof (ilb_g_kstat_t), KM_SLEEP);
2061 if ((ilbs->ilbs_ksp = ilb_kstat_g_init(stackid, ilbs)) == NULL) {
2062 kmem_free(ilbs, sizeof (ilb_stack_t));
2070 ilbs->ilbs_conn_taskq = NULL;
2071 ilbs->ilbs_rule_hash_size = ilb_rule_hash_size;
2072 ilbs->ilbs_conn_hash_size = ilb_conn_hash_size;
2073 ilbs->ilbs_c2s_conn_hash = NULL;
2074 ilbs->ilbs_s2c_conn_hash = NULL;
2075 ilbs->ilbs_conn_timer_list = NULL;
2077 ilbs->ilbs_sticky_hash = NULL;
2078 ilbs->ilbs_sticky_hash_size = ilb_sticky_hash_size;
2079 ilbs->ilbs_sticky_timer_list = NULL;
2080 ilbs->ilbs_sticky_taskq = NULL;
2083 ilbs->ilbs_nat_src = NULL;
2084 ilbs->ilbs_nat_src_hash_size = ilb_nat_src_hash_size;
2085 mutex_init(&ilbs->ilbs_nat_src_lock, NULL, MUTEX_DEFAULT, NULL);
2086 ilbs->ilbs_nat_src_tid = 0;
2089 mutex_init(&ilbs->ilbs_conn_list_lock, NULL, MUTEX_DEFAULT, NULL);
2090 cv_init(&ilbs->ilbs_conn_list_cv, NULL, CV_DEFAULT, NULL);
2091 ilbs->ilbs_conn_list_busy = B_FALSE;
2092 ilbs->ilbs_conn_list_cur = 0;
2093 ilbs->ilbs_conn_list_connp = NULL;
2096 mutex_init(&ilbs->ilbs_sticky_list_lock, NULL, MUTEX_DEFAULT, NULL);
2097 cv_init(&ilbs->ilbs_sticky_list_cv, NULL, CV_DEFAULT, NULL);
2098 ilbs->ilbs_sticky_list_busy = B_FALSE;
2099 ilbs->ilbs_sticky_list_cur = 0;
2100 ilbs->ilbs_sticky_list_curp = NULL;
2104 ilbs->ilbs_rule_taskq = taskq_create(tq_name, ILB_RULE_TASKQ_NUM_THR,
2107 return (ilbs);
2114 ilb_stack_t *ilbs = (ilb_stack_t *)arg;
2117 ilb_sticky_hash_fini(ilbs);
2118 ilb_conn_hash_fini(ilbs);
2119 mutex_enter(&ilbs->ilbs_g_lock);
2120 while ((tmp_rule = ilbs->ilbs_rule_head) != NULL) {
2122 ilb_rule_g_del(ilbs, tmp_rule);
2123 mutex_exit(&ilbs->ilbs_g_lock);
2124 ilb_rule_del_common(ilbs, tmp_rule);
2125 mutex_enter(&ilbs->ilbs_g_lock);
2127 mutex_exit(&ilbs->ilbs_g_lock);
2128 if (ilbs->ilbs_nat_src != NULL)
2129 ilb_nat_src_fini(ilbs);
2135 ilb_stack_t *ilbs = (ilb_stack_t *)arg;
2137 ilb_rule_hash_fini(ilbs);
2138 taskq_destroy(ilbs->ilbs_rule_taskq);
2139 ilb_kstat_g_fini(stackid, ilbs);
2140 kmem_free(ilbs->ilbs_kstat, sizeof (ilb_g_kstat_t));
2141 kmem_free(ilbs, sizeof (ilb_stack_t));