solaris.c revision 381a2a9a387f449fab7d0c7e97c4184c26963abf
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Copyright (C) 1993-2001, 2003 by Darren Reed.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * See the IPFILTER.LICENCE file for details on licencing.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Use is subject to license terms.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz/* #pragma ident "@(#)solaris.c 1.12 6/5/96 (C) 1995 Darren Reed"*/
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz#pragma ident "@(#)$Id: solaris.c,v 2.73.2.6 2005/07/13 21:40:47 darrenr Exp $"
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz#pragma ident "%Z%%M% %I% %E% SMI"
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz void *, void **));
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yzstatic int ipf_attach __P((dev_info_t *, ddi_attach_cmd_t));
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yzstatic int ipf_detach __P((dev_info_t *, ddi_detach_cmd_t));
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yzstatic char *ipf_devfiles[] = { IPL_NAME, IPNAT_NAME, IPSTATE_NAME,
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz (struct bus_ops *)0
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yzstatic struct modlinkage modlink1 = { MODREV_1, &iplmod, NULL };
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz#endif /* SOLARIS2 >= 6 */
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yzstatic void
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz for (i = 0; i < 2; i++) {
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz cmn_err(CE_NOTE, "IP Filter: ipf_kstat_init() installed 0x%x, 0x%x",
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yzstatic void
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz for (i = 0; i < 2; i++) {
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz return (0);
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz cmn_err(CE_NOTE, "IP Filter: _info(%x) = %x", modinfop, ipfinst);
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz cmn_err(CE_NOTE, "IP Filter: ipf_attach(%x,%x)", dip, cmd);
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz /* Only one instance of ipf (instance 0) can be attached. */
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz cmn_err(CE_NOTE, "IP Filter: attach ipf instance %d", instance);
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Initialize mutex's
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz RWLOCK_INIT(&ipf_global, "ipf filter load/unload mutex");
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Lock people out while we set things up.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz /* NOTREACHED */
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Use our own detach routine to toss
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * away any stuff we allocated above.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz cmn_err(CE_NOTE, "IP Filter: ipf_detach(%x,%x)", dip, cmd);
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz switch (cmd) {
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Make sure we're the only one's modifying things. With
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * this lock others should just fall out of the loop.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz if (fr_running <= 0) {
381a2a9a387f449fab7d0c7e97c4184c26963abfdr * Make sure there is no active filter rule.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Undo what we did in ipf_attach, freeing resources
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * and removing things we installed. The system
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * framework guarantees we are not active with this devinfo
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * node in any other entry points at this time.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz if (i > 0) {
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz/*ARGSUSED*/
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz cmn_err(CE_NOTE, "IP Filter: ipf_getinfo(%x,%x,%x)", dip, infocmd, arg);
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz *result = (void *)0;
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * Fetch configuration file values that have been entered into the ipf.conf
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz * driver file.
ab25eeb551a4be927a4b6ae2cf8aff7ed17decb4yz for (ipft = ipf_tuneables; (name = ipft->ipft_name) != NULL; ipft++) {