solaris.c revision 14d3298ea5ac04e3c29e86a4769ff92a49e9f4af
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Copyright (C) 1993-2001, 2003 by Darren Reed.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * See the IPFILTER.LICENCE file for details on licencing.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Use is subject to license terms.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/systm.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/types.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/param.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/errno.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/uio.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/buf.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/modctl.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/open.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/kmem.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/conf.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/cmn_err.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/stat.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/cred.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/dditypes.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/poll.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/autoconf.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/byteorder.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/socket.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/dlpi.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/stropts.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/kstat.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/sockio.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/neti.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/hook.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <net/if.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#if SOLARIS2 >= 6
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <net/if_types.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <net/af.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <net/route.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/in.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/in_systm.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/if_ether.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/ip.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/ip_var.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/tcp.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/udp.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/tcpip.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <netinet/ip_icmp.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/ddi.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include <sys/sunddi.h>
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ip_compat.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ipl.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ip_fil.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ip_nat.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ip_frag.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ip_auth.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ip_state.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#include "netinet/ipf_stack.h"
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgextern int iplwrite __P((dev_t, struct uio *, cred_t *));
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_getinfo __P((dev_info_t *, ddi_info_cmd_t,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg void *, void **));
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#if SOLARIS2 < 10
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_identify __P((dev_info_t *));
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_attach __P((dev_info_t *, ddi_attach_cmd_t));
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_detach __P((dev_info_t *, ddi_detach_cmd_t));
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void *ipf_stack_create __P((const netid_t));
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void ipf_stack_destroy __P((const netid_t, void *));
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void ipf_stack_shutdown __P((const netid_t, void *));
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_property_g_update __P((dev_info_t *));
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic char *ipf_devfiles[] = { IPL_NAME, IPNAT_NAME, IPSTATE_NAME,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg IPAUTH_NAME, IPSYNC_NAME, IPSCAN_NAME,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg IPLOOKUP_NAME, NULL };
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic struct cb_ops ipf_cb_ops = {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg iplopen,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg iplclose,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* strategy */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* print */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* dump */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg iplread,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg iplwrite, /* write */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg iplioctl, /* ioctl */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* devmap */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* mmap */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* segmap */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nochpoll, /* poll */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ddi_prop_op,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg NULL,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg D_MTSAFE,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#if SOLARIS2 > 4
83c4dfe9546fd839e7a52bca7e9920da918f916ejg CB_REV,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* aread */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* awrite */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg};
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic struct dev_ops ipf_ops = {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg DEVO_REV,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg 0,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_getinfo,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#if SOLARIS2 >= 10
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nulldev,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#else
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_identify,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nulldev,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_attach,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_detach,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg nodev, /* reset */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg &ipf_cb_ops,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg (struct bus_ops *)0,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg NULL,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ddi_quiesce_not_needed, /* quiesce */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg};
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic net_instance_t *ipfncb = NULL;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic ipf_stack_t *ipf_stacks = NULL;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic kmutex_t ipf_stack_lock;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgextern struct mod_ops mod_driverops;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic struct modldrv iplmod = {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg &mod_driverops, IPL_VERSION, &ipf_ops };
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic struct modlinkage modlink1 = { MODREV_1, &iplmod, NULL };
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#if SOLARIS2 >= 6
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic size_t hdrsizes[57][2] = {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { 0, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_OTHER, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_1822, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_HDH1822, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_X25DDN, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_X25, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ETHER, 14 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ISO88023, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ISO88024, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ISO88025, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ISO88026, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_STARLAN, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_P10, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_P80, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_HY, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_FDDI, 24 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_LAPB, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SDLC, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_T1, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_CEPT, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ISDNBASIC, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ISDNPRIMARY, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_PTPSERIAL, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_PPP, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_LOOP, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_EON, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_XETHER, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_NSIP, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SLIP, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ULTRA, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_DS3, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SIP, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_FRELAY, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_RS232, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_PARA, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ARCNET, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ARCNETPLUS, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ATM, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_MIOX25, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SONET, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_X25PLE, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_ISO88022LLC, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_LOCALTALK, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SMDSDXI, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_FRELAYDCE, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_V35, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_HSSI, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_HIPPI, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_MODEM, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_AAL5, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SONETPATH, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SONETVT, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_SMDSICIP, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_PROPVIRTUAL, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { IFT_PROPMUX, 0 },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg};
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif /* SOLARIS2 >= 6 */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgdev_info_t *ipf_dev_info = NULL;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic const filter_kstats_t ipf_kstat_tmp = {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "pass", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "block", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "nomatch", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "short", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "pass, logged", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "block, logged", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "nomatch, logged", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "logged", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "skip", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "return sent", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "acct", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "bad frag state alloc", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "new frag state kept", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "new frag state compl. pkt", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "bad pkt state alloc", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "new pkt kept state", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "cachehit", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "tcp cksum bad", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg {{ "pullup ok", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "pullup nok", KSTAT_DATA_ULONG }},
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "src != route", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "ttl invalid", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "bad ip pkt", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "ipv6 pkt", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "dropped:pps ceiling", KSTAT_DATA_ULONG },
83c4dfe9546fd839e7a52bca7e9920da918f916ejg { "ip upd. fail", KSTAT_DATA_ULONG }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg};
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_kstat_update(kstat_t *ksp, int rwflag);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_kstat_init(ipf_stack_t *ifs)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_kstatp[0] = net_kstat_create(ifs->ifs_netid, "ipf", 0,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg "inbound", "net", KSTAT_TYPE_NAMED,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg sizeof (filter_kstats_t) / sizeof (kstat_named_t), 0);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_kstatp[0] != NULL) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg bcopy(&ipf_kstat_tmp, ifs->ifs_kstatp[0]->ks_data,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg sizeof (filter_kstats_t));
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_kstatp[0]->ks_update = ipf_kstat_update;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_kstatp[0]->ks_private = &ifs->ifs_frstats[0];
83c4dfe9546fd839e7a52bca7e9920da918f916ejg kstat_install(ifs->ifs_kstatp[0]);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_kstatp[1] = net_kstat_create(ifs->ifs_netid, "ipf", 0,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg "outbound", "net", KSTAT_TYPE_NAMED,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg sizeof (filter_kstats_t) / sizeof (kstat_named_t), 0);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_kstatp[1] != NULL) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg bcopy(&ipf_kstat_tmp, ifs->ifs_kstatp[1]->ks_data,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg sizeof (filter_kstats_t));
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_kstatp[1]->ks_update = ipf_kstat_update;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_kstatp[1]->ks_private = &ifs->ifs_frstats[1];
83c4dfe9546fd839e7a52bca7e9920da918f916ejg kstat_install(ifs->ifs_kstatp[1]);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: ipf_kstat_init(%p) installed %p, %p",
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs, ifs->ifs_kstatp[0], ifs->ifs_kstatp[1]);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_kstat_fini(ipf_stack_t *ifs)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int i;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg for (i = 0; i < 2; i++) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_kstatp[i] != NULL) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg net_kstat_delete(ifs->ifs_netid, ifs->ifs_kstatp[i]);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_kstatp[i] = NULL;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_kstat_update(kstat_t *ksp, int rwflag)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg filter_kstats_t *fkp;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg filterstats_t *fsp;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ksp == NULL || ksp->ks_data == NULL)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (EIO);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (rwflag == KSTAT_WRITE)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (EACCES);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp = ksp->ks_data;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fsp = ksp->ks_private;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_pass.value.ul = fsp->fr_pass;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_block.value.ul = fsp->fr_block;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_nom.value.ul = fsp->fr_nom;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_short.value.ul = fsp->fr_short;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_ppkl.value.ul = fsp->fr_ppkl;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_bpkl.value.ul = fsp->fr_bpkl;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_npkl.value.ul = fsp->fr_npkl;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_pkl.value.ul = fsp->fr_pkl;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_skip.value.ul = fsp->fr_skip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_ret.value.ul = fsp->fr_ret;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_acct.value.ul = fsp->fr_acct;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_bnfr.value.ul = fsp->fr_bnfr;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_nfr.value.ul = fsp->fr_nfr;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_cfr.value.ul = fsp->fr_cfr;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_bads.value.ul = fsp->fr_bads;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_ads.value.ul = fsp->fr_ads;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_chit.value.ul = fsp->fr_chit;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_tcpbad.value.ul = fsp->fr_tcpbad;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_pull[0].value.ul = fsp->fr_pull[0];
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_pull[1].value.ul = fsp->fr_pull[1];
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_badsrc.value.ul = fsp->fr_badsrc;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_badttl.value.ul = fsp->fr_badttl;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_bad.value.ul = fsp->fr_bad;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_ipv6.value.ul = fsp->fr_ipv6;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_ppshit.value.ul = fsp->fr_ppshit;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg fkp->fks_ipud.value.ul = fsp->fr_ipud;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (0);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgint
83c4dfe9546fd839e7a52bca7e9920da918f916ejg_init()
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int ipfinst;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfinst = mod_install(&modlink1);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: _init() = %d", ipfinst);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_init(&ipf_stack_lock, NULL, MUTEX_DRIVER, NULL);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (ipfinst);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgint
83c4dfe9546fd839e7a52bca7e9920da918f916ejg_fini(void)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int ipfinst;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfinst = mod_remove(&modlink1);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: _fini() = %d", ipfinst);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (ipfinst);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgint
83c4dfe9546fd839e7a52bca7e9920da918f916ejg_info(modinfop)
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstruct modinfo *modinfop;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int ipfinst;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfinst = mod_info(&modlink1, modinfop);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: _info(%p) = %d", modinfop, ipfinst);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (ipfinst);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#if SOLARIS2 < 10
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_identify(dip)
83c4dfe9546fd839e7a52bca7e9920da918f916ejgdev_info_t *dip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: ipf_identify(%p)", dip);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (strcmp(ddi_get_name(dip), "ipf") == 0)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_IDENTIFIED);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_NOT_IDENTIFIED);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Initialize things for IPF for each stack instance
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void *
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_stack_create(const netid_t id)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_stack_t *ifs;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter:stack_create id=%d", id);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs = (ipf_stack_t *)kmem_alloc(sizeof (*ifs), KM_SLEEP);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg bzero(ifs, sizeof (*ifs));
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook4_physical_in = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook4_physical_out = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook4_nic_events = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook4_loopback_in = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook4_loopback_out = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook6_physical_in = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook6_physical_out = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook6_nic_events = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook6_loopback_in = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_hook6_loopback_out = B_FALSE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Initialize mutex's
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_INIT(&ifs->ifs_ipf_global, "ipf filter load/unload mutex");
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_INIT(&ifs->ifs_ipf_mutex, "ipf filter rwlock");
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_INIT(&ifs->ifs_ipf_frcache, "ipf cache rwlock");
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_netid = id;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_zone = net_getzoneidbynetid(id);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_kstat_init(ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_CONT, "IP Filter:stack_create zone=%d", ifs->ifs_zone);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Lock people out while we set things up.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg WRITE_ENTER(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipftuneable_alloc(ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_EXIT(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /* Limit to global stack */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_zone == GLOBAL_ZONEID)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_CONT, "!%s, running.\n", ipfilter_version);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_enter(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ipf_stacks != NULL)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_stacks->ifs_pnext = &ifs->ifs_next;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_next = ipf_stacks;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_pnext = &ipf_stacks;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_stacks = ifs;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_exit(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * This function should only ever be used to find the pointer to the
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * ipfilter stack structure for the zone that is currently being
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * executed... so if you're running in the context of zone 1, you
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * should not attempt to find the ipf_stack_t for zone 0 or 2 or
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * anything else but 1. In that way, the returned pointer is safe
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * as it will only be nuked when the instance is destroyed as part
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * of the final shutdown of a zone.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_stack_t *
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_find_stack(const zoneid_t zone)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_stack_t *ifs;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_enter(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg for (ifs = ipf_stacks; ifs != NULL; ifs = ifs->ifs_next) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_zone == zone)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg break;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_exit(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_detach_check_zone(ipf_stack_t *ifs)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Make sure we're the only one's modifying things. With
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * this lock others should just fall out of the loop.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg READ_ENTER(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_fr_running == 1) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_EXIT(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (-1);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Make sure there is no active filter rule.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_ipfilter[0][ifs->ifs_fr_active] ||
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_ipfilter[1][ifs->ifs_fr_active] ||
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_ipfilter6[0][ifs->ifs_fr_active] ||
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_ipfilter6[1][ifs->ifs_fr_active]) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_EXIT(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (-1);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_EXIT(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (0);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_detach_check_all()
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_stack_t *ifs;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_enter(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg for (ifs = ipf_stacks; ifs != NULL; ifs = ifs->ifs_next)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ipf_detach_check_zone(ifs) != 0)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg break;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_exit(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return ((ifs == NULL) ? 0 : -1);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Destroy things for ipf for one stack.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/* ARGSUSED */
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_stack_shutdown(const netid_t id, void *arg)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_stack_t *ifs = (ipf_stack_t *)arg;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_kstat_fini(ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Destroy things for ipf for one stack.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/* ARGSUSED */
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic void
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_stack_destroy(const netid_t id, void *arg)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_stack_t *ifs = (ipf_stack_t *)arg;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg timeout_id_t tid;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg (void) printf("ipf_stack_destroy(%p)\n", (void *)ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Make sure we're the only one's modifying things. With
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * this lock others should just fall out of the loop.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg WRITE_ENTER(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_fr_running == -2) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_EXIT(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_fr_running = -2;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg tid = ifs->ifs_fr_timer_id;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_fr_timer_id = NULL;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_EXIT(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_enter(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ifs->ifs_next != NULL)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ifs->ifs_next->ifs_pnext = ifs->ifs_pnext;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *ifs->ifs_pnext = ifs->ifs_next;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg mutex_exit(&ipf_stack_lock);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (tid != NULL)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg (void) untimeout(tid);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg WRITE_ENTER(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ipldetach(ifs) != 0) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg printf("ipf_stack_destroy: ipldetach failed\n");
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipftuneable_free(ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RWLOCK_EXIT(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RW_DESTROY(&ifs->ifs_ipf_mutex);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RW_DESTROY(&ifs->ifs_ipf_frcache);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg RW_DESTROY(&ifs->ifs_ipf_global);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg KFREE(ifs);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_attach(dip, cmd)
83c4dfe9546fd839e7a52bca7e9920da918f916ejgdev_info_t *dip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgddi_attach_cmd_t cmd;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg char *s;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int i;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int instance;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: ipf_attach(%p,%x)", dip, cmd);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg switch (cmd)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg case DDI_ATTACH:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg instance = ddi_get_instance(dip);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /* Only one instance of ipf (instance 0) can be attached. */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (instance > 0)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_FAILURE);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_CONT, "IP Filter: attach ipf instance %d", instance);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg (void) ipf_property_g_update(dip);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg for (i = 0; ((s = ipf_devfiles[i]) != NULL); i++) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg s = strrchr(s, '/');
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (s == NULL)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg continue;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg s++;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ddi_create_minor_node(dip, s, S_IFCHR, i,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg DDI_PSEUDO, 0) ==
83c4dfe9546fd839e7a52bca7e9920da918f916ejg DDI_FAILURE) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ddi_remove_minor_node(dip, NULL);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg goto attach_failed;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipf_dev_info = dip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfncb = net_instance_alloc(NETINFO_VERSION);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfncb->nin_name = "ipf";
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfncb->nin_create = ipf_stack_create;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfncb->nin_destroy = ipf_stack_destroy;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipfncb->nin_shutdown = ipf_stack_shutdown;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg i = net_instance_register(ipfncb);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_CONT, "IP Filter:stack_create callback_reg=%d", i);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_SUCCESS);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /* NOTREACHED */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg default:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg break;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgattach_failed:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ddi_prop_remove_all(dip);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_FAILURE);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_detach(dip, cmd)
83c4dfe9546fd839e7a52bca7e9920da918f916ejgdev_info_t *dip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgddi_detach_cmd_t cmd;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int i;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: ipf_detach(%p,%x)", dip, cmd);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg switch (cmd) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg case DDI_DETACH:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ipf_detach_check_all() != 0)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_FAILURE);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Undo what we did in ipf_attach, freeing resources
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * and removing things we installed. The system
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * framework guarantees we are not active with this devinfo
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * node in any other entry points at this time.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ddi_prop_remove_all(dip);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg i = ddi_get_instance(dip);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ddi_remove_minor_node(dip, NULL);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (i > 0) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_CONT, "IP Filter: still attached (%d)\n", i);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_FAILURE);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg (void) net_instance_unregister(ipfncb);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg net_instance_free(ipfncb);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_SUCCESS);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg /* NOTREACHED */
83c4dfe9546fd839e7a52bca7e9920da918f916ejg default:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg break;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: failed to detach\n");
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_FAILURE);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/*ARGSUSED*/
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_getinfo(dip, infocmd, arg, result)
83c4dfe9546fd839e7a52bca7e9920da918f916ejgdev_info_t *dip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgddi_info_cmd_t infocmd;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgvoid *arg, **result;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int error;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg error = DDI_FAILURE;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_NOTE, "IP Filter: ipf_getinfo(%p,%x,%p)", dip, infocmd, arg);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg switch (infocmd) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg case DDI_INFO_DEVT2DEVINFO:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *result = ipf_dev_info;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg error = DDI_SUCCESS;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg break;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg case DDI_INFO_DEVT2INSTANCE:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *result = (void *)0;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg error = DDI_SUCCESS;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg break;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg default:
83c4dfe9546fd839e7a52bca7e9920da918f916ejg break;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (error);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg/*
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * Fetch configuration file values that have been entered into the ipf.conf
83c4dfe9546fd839e7a52bca7e9920da918f916ejg * driver file.
83c4dfe9546fd839e7a52bca7e9920da918f916ejg */
83c4dfe9546fd839e7a52bca7e9920da918f916ejgstatic int ipf_property_g_update(dip)
83c4dfe9546fd839e7a52bca7e9920da918f916ejgdev_info_t *dip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef DDI_NO_AUTODETACH
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ddi_prop_update_int(DDI_DEV_T_NONE, dip,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg DDI_NO_AUTODETACH, 1) != DDI_PROP_SUCCESS) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_WARN, "!updating DDI_NO_AUTODETACH failed");
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_FAILURE);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#else
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ddi_prop_update_int(DDI_DEV_T_NONE, dip,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg "ddi-no-autodetach", 1) != DDI_PROP_SUCCESS) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_WARN, "!updating ddi-no-autodetach failed");
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_FAILURE);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (DDI_SUCCESS);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejgint
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_property_update(dip, ifs)
83c4dfe9546fd839e7a52bca7e9920da918f916ejgdev_info_t *dip;
83c4dfe9546fd839e7a52bca7e9920da918f916ejgipf_stack_t *ifs;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg{
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ipftuneable_t *ipft;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg char *name;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg uint_t one;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int *i32p;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg int err, rv = 0;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg for (ipft = ifs->ifs_ipf_tuneables;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg (name = ipft->ipft_name) != NULL; ipft++) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg one = 1;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg i32p = NULL;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg err = ddi_prop_lookup_int_array(DDI_DEV_T_ANY, dip,
83c4dfe9546fd839e7a52bca7e9920da918f916ejg 0, name, &i32p, &one);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (err == DDI_PROP_NOT_FOUND)
83c4dfe9546fd839e7a52bca7e9920da918f916ejg continue;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#ifdef IPFDEBUG
83c4dfe9546fd839e7a52bca7e9920da918f916ejg cmn_err(CE_CONT, "IP Filter: lookup_int(%s) = %d\n",
83c4dfe9546fd839e7a52bca7e9920da918f916ejg name, err);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg#endif
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (err != DDI_PROP_SUCCESS) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg rv = err;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg continue;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (*i32p >= ipft->ipft_min &&
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *i32p <= ipft->ipft_max) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg if (ipft->ipft_sz == sizeof (uint32_t)) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *ipft->ipft_pint = *i32p;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg } else if (ipft->ipft_sz == sizeof (uint64_t)) {
83c4dfe9546fd839e7a52bca7e9920da918f916ejg *ipft->ipft_plong = *i32p;
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg ddi_prop_free(i32p);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg }
83c4dfe9546fd839e7a52bca7e9920da918f916ejg
83c4dfe9546fd839e7a52bca7e9920da918f916ejg return (rv);
83c4dfe9546fd839e7a52bca7e9920da918f916ejg}
83c4dfe9546fd839e7a52bca7e9920da918f916ejg