fxr.watson.org: FREEBSD-3-STABLE sys/netinet/ip

FreeBSD/Linux Kernel Cross Reference
sys/netinet/ip_fil.h

Version: - FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10

1 /* 2 * Copyright (C) 1993-1997 by Darren Reed. 3 * 4 * Redistribution and use in source and binary forms are permitted 5 * provided that this notice is preserved and due credit is given 6 * to the original author and the contributors. 7 * 8 * @(#)ip_fil.h 1.35 6/5/96 9 * $FreeBSD$ 10 */ 11 12 #ifndef __IP_FIL_H__ 13 #define __IP_FIL_H__ 14 15 /* 16 * Pathnames for various IP Filter control devices. Used by LKM 17 * and userland, so defined here. 18 */ 19 #define IPNAT_NAME "/dev/ipnat" 20 #define IPSTATE_NAME "/dev/ipstate" 21 #define IPAUTH_NAME "/dev/ipauth" 22 23 #ifndef SOLARIS 24 #define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4))) 25 #endif 26 27 #if defined(KERNEL) && !defined(_KERNEL) 28 #define _KERNEL 29 #endif 30 31 #ifndef __P 32 # ifdef __STDC__ 33 # define __P(x) x 34 # else 35 # define __P(x) () 36 # endif 37 #endif 38 39 #if defined(__STDC__) || defined(__GNUC__) 40 #define SIOCADAFR _IOW('r', 60, struct frentry) 41 #define SIOCRMAFR _IOW('r', 61, struct frentry) 42 #define SIOCSETFF _IOW('r', 62, u_int) 43 #define SIOCGETFF _IOR('r', 63, u_int) 44 #define SIOCGETFS _IOR('r', 64, struct friostat) 45 #define SIOCIPFFL _IOWR('r', 65, int) 46 #define SIOCIPFFB _IOR('r', 66, int) 47 #define SIOCADIFR _IOW('r', 67, struct frentry) 48 #define SIOCRMIFR _IOW('r', 68, struct frentry) 49 #define SIOCSWAPA _IOR('r', 69, u_int) 50 #define SIOCINAFR _IOW('r', 70, struct frentry) 51 #define SIOCINIFR _IOW('r', 71, struct frentry) 52 #define SIOCFRENB _IOW('r', 72, u_int) 53 #define SIOCFRSYN _IOW('r', 73, u_int) 54 #define SIOCFRZST _IOWR('r', 74, struct friostat) 55 #define SIOCZRLST _IOWR('r', 75, struct frentry) 56 #define SIOCAUTHW _IOWR('r', 76, struct fr_info) 57 #define SIOCAUTHR _IOWR('r', 77, struct fr_info) 58 #define SIOCATHST _IOWR('r', 78, struct fr_authstat) 59 #else 60 #define SIOCADAFR _IOW(r, 60, struct frentry) 61 #define SIOCRMAFR _IOW(r, 61, struct frentry) 62 #define SIOCSETFF _IOW(r, 62, u_int) 63 #define SIOCGETFF _IOR(r, 63, u_int) 64 #define SIOCGETFS _IOR(r, 64, struct friostat) 65 #define SIOCIPFFL _IOWR(r, 65, int) 66 #define SIOCIPFFB _IOR(r, 66, int) 67 #define SIOCADIFR _IOW(r, 67, struct frentry) 68 #define SIOCRMIFR _IOW(r, 68, struct frentry) 69 #define SIOCSWAPA _IOR(r, 69, u_int) 70 #define SIOCINAFR _IOW(r, 70, struct frentry) 71 #define SIOCINIFR _IOW(r, 71, struct frentry) 72 #define SIOCFRENB _IOW(r, 72, u_int) 73 #define SIOCFRSYN _IOW(r, 73, u_int) 74 #define SIOCFRZST _IOWR(r, 74, struct friostat) 75 #define SIOCZRLST _IOWR(r, 75, struct frentry) 76 #define SIOCAUTHW _IOWR(r, 76, struct fr_info) 77 #define SIOCAUTHR _IOWR(r, 77, struct fr_info) 78 #define SIOCATHST _IOWR(r, 78, struct fr_authstat) 79 #endif 80 #define SIOCADDFR SIOCADAFR 81 #define SIOCDELFR SIOCRMAFR 82 #define SIOCINSFR SIOCINAFR 83 84 typedef struct fr_ip { 85 u_int fi_v:4; /* IP version */ 86 u_int fi_fl:4; /* packet flags */ 87 u_char fi_tos; 88 u_char fi_ttl; 89 u_char fi_p; 90 struct in_addr fi_src; 91 struct in_addr fi_dst; 92 u_32_t fi_optmsk; /* bitmask composed from IP options */ 93 u_short fi_secmsk; /* bitmask composed from IP security options */ 94 u_short fi_auth; 95 } fr_ip_t; 96 97 #define FI_OPTIONS (FF_OPTIONS >> 24) 98 #define FI_TCPUDP (FF_TCPUDP >> 24) /* TCP/UCP implied comparison*/ 99 #define FI_FRAG (FF_FRAG >> 24) 100 #define FI_SHORT (FF_SHORT >> 24) 101 102 typedef struct fr_info { 103 struct fr_ip fin_fi; 104 u_short fin_data[2]; 105 u_short fin_out; 106 u_short fin_hlen; 107 u_char fin_tcpf; 108 u_char fin_icode; /* From here on is packet specific */ 109 u_short fin_rule; 110 u_short fin_group; 111 u_short fin_dlen; 112 u_short fin_id; 113 void *fin_ifp; 114 struct frentry *fin_fr; 115 char *fin_dp; /* start of data past IP header */ 116 void *fin_mp; 117 } fr_info_t; 118 119 /* 120 * Size for compares on fr_info structures 121 */ 122 #define FI_CSIZE (sizeof(struct fr_ip) + sizeof(u_short) * 4 + \ 123 sizeof(u_char)) 124 /* 125 * Size for copying cache fr_info structure 126 */ 127 #define FI_COPYSIZE (sizeof(fr_info_t) - sizeof(void *) * 2) 128 129 typedef struct frdest { 130 void *fd_ifp; 131 struct in_addr fd_ip; 132 char fd_ifname[IFNAMSIZ]; 133 } frdest_t; 134 135 typedef struct frentry { 136 struct frentry *fr_next; 137 u_short fr_group; /* group to which this rule belongs */ 138 u_short fr_grhead; /* group # which this rule starts */ 139 struct frentry *fr_grp; 140 int fr_ref; /* reference count - for grouping */ 141 void *fr_ifa; 142 /* 143 * These are only incremented when a packet matches this rule and 144 * it is the last match 145 */ 146 U_QUAD_T fr_hits; 147 U_QUAD_T fr_bytes; 148 /* 149 * Fields after this may not change whilst in the kernel. 150 */ 151 struct fr_ip fr_ip; 152 struct fr_ip fr_mip; /* mask structure */ 153 154 u_char fr_tcpfm; /* tcp flags mask */ 155 u_char fr_tcpf; /* tcp flags */ 156 157 u_short fr_icmpm; /* data for ICMP packets (mask) */ 158 u_short fr_icmp; 159 160 u_char fr_scmp; /* data for port comparisons */ 161 u_char fr_dcmp; 162 u_short fr_dport; 163 u_short fr_sport; 164 u_short fr_stop; /* top port for <> and >< */ 165 u_short fr_dtop; /* top port for <> and >< */ 166 u_32_t fr_flags; /* per-rule flags && options (see below) */ 167 int fr_skip; /* # of rules to skip */ 168 int (*fr_func) __P((int, ip_t *, fr_info_t *)); /* call this function */ 169 char fr_icode; /* return ICMP code */ 170 char fr_ifname[IFNAMSIZ]; 171 struct frdest fr_tif; /* "to" interface */ 172 struct frdest fr_dif; /* duplicate packet interfaces */ 173 } frentry_t; 174 175 #define fr_proto fr_ip.fi_p 176 #define fr_ttl fr_ip.fi_ttl 177 #define fr_tos fr_ip.fi_tos 178 #define fr_dst fr_ip.fi_dst 179 #define fr_src fr_ip.fi_src 180 #define fr_dmsk fr_mip.fi_dst 181 #define fr_smsk fr_mip.fi_src 182 183 #ifndef offsetof 184 #define offsetof(t,m) (int)((&((t *)0L)->m)) 185 #endif 186 #define FR_CMPSIZ (sizeof(struct frentry) - offsetof(frentry_t, fr_ip)) 187 188 /* 189 * fr_flags 190 */ 191 #define FR_BLOCK 0x00001 /* do not allow packet to pass */ 192 #define FR_PASS 0x00002 /* allow packet to pass */ 193 #define FR_OUTQUE 0x00004 /* outgoing packets */ 194 #define FR_INQUE 0x00008 /* ingoing packets */ 195 #define FR_LOG 0x00010 /* Log */ 196 #define FR_LOGB 0x00011 /* Log-fail */ 197 #define FR_LOGP 0x00012 /* Log-pass */ 198 #define FR_LOGBODY 0x00020 /* Log the body */ 199 #define FR_LOGFIRST 0x00040 /* Log the first byte if state held */ 200 #define FR_RETRST 0x00080 /* Return TCP RST packet - reset connection */ 201 #define FR_RETICMP 0x00100 /* Return ICMP unreachable packet */ 202 #define FR_NOMATCH 0x00200 /* no match occured */ 203 #define FR_ACCOUNT 0x00400 /* count packet bytes */ 204 #define FR_KEEPFRAG 0x00800 /* keep fragment information */ 205 #define FR_KEEPSTATE 0x01000 /* keep `connection' state information */ 206 #define FR_INACTIVE 0x02000 207 #define FR_QUICK 0x04000 /* match & stop processing list */ 208 #define FR_FASTROUTE 0x08000 /* bypass normal routing */ 209 #define FR_CALLNOW 0x10000 /* call another function (fr_func) if matches */ 210 #define FR_DUP 0x20000 /* duplicate packet */ 211 #define FR_LOGORBLOCK 0x40000 /* block the packet if it can't be logged */ 212 #define FR_NOTSRCIP 0x80000 /* not the src IP# */ 213 #define FR_NOTDSTIP 0x100000 /* not the dst IP# */ 214 #define FR_AUTH 0x200000 /* use authentication */ 215 #define FR_PREAUTH 0x400000 /* require preauthentication */ 216 217 #define FR_LOGMASK (FR_LOG|FR_LOGP|FR_LOGB) 218 219 /* 220 * These correspond to #define's for FI_* and are stored in fr_flags 221 */ 222 #define FF_OPTIONS 0x01000000 223 #define FF_TCPUDP 0x02000000 224 #define FF_FRAG 0x04000000 225 #define FF_SHORT 0x08000000 226 /* 227 * recognized flags for SIOCGETFF and SIOCSETFF, and get put in fr_flags 228 */ 229 #define FF_LOGPASS 0x10000000 230 #define FF_LOGBLOCK 0x20000000 231 #define FF_LOGNOMATCH 0x40000000 232 #define FF_LOGGING (FF_LOGPASS|FF_LOGBLOCK|FF_LOGNOMATCH) 233 #define FF_BLOCKNONIP 0x80000000 /* Solaris2 Only */ 234 235 #define FR_NONE 0 236 #define FR_EQUAL 1 237 #define FR_NEQUAL 2 238 #define FR_LESST 3 239 #define FR_GREATERT 4 240 #define FR_LESSTE 5 241 #define FR_GREATERTE 6 242 #define FR_OUTRANGE 7 243 #define FR_INRANGE 8 244 245 typedef struct filterstats { 246 u_long fr_pass; /* packets allowed */ 247 u_long fr_block; /* packets denied */ 248 u_long fr_nom; /* packets which don't match any rule */ 249 u_long fr_ppkl; /* packets allowed and logged */ 250 u_long fr_bpkl; /* packets denied and logged */ 251 u_long fr_npkl; /* packets unmatched and logged */ 252 u_long fr_pkl; /* packets logged */ 253 u_long fr_skip; /* packets to be logged but buffer full */ 254 u_long fr_ret; /* packets for which a return is sent */ 255 u_long fr_acct; /* packets for which counting was performed */ 256 u_long fr_bnfr; /* bad attempts to allocate fragment state */ 257 u_long fr_nfr; /* new fragment state kept */ 258 u_long fr_cfr; /* add new fragment state but complete pkt */ 259 u_long fr_bads; /* bad attempts to allocate packet state */ 260 u_long fr_ads; /* new packet state kept */ 261 u_long fr_chit; /* cached hit */ 262 u_long fr_tcpbad; /* TCP checksum check failures */ 263 u_long fr_pull[2]; /* good and bad pullup attempts */ 264 #if SOLARIS 265 u_long fr_bad; /* bad IP packets to the filter */ 266 u_long fr_notip; /* packets passed through no on ip queue */ 267 u_long fr_drop; /* packets dropped - no info for them! */ 268 #endif 269 } filterstats_t; 270 271 /* 272 * For SIOCGETFS 273 */ 274 typedef struct friostat { 275 struct filterstats f_st[2]; 276 struct frentry *f_fin[2]; 277 struct frentry *f_fout[2]; 278 struct frentry *f_acctin[2]; 279 struct frentry *f_acctout[2]; 280 struct frentry *f_auth; 281 u_long f_froute[2]; 282 int f_active; 283 } friostat_t; 284 285 typedef struct optlist { 286 u_short ol_val; 287 int ol_bit; 288 } optlist_t; 289 290 291 /* 292 * Group list structure. 293 */ 294 typedef struct frgroup { 295 u_short fg_num; 296 struct frgroup *fg_next; 297 struct frentry *fg_head; 298 struct frentry **fg_start; 299 } frgroup_t; 300 301 302 /* 303 * Log structure. Each packet header logged is prepended by one of these. 304 * Following this in the log records read from the device will be an ipflog 305 * structure which is then followed by any packet data. 306 */ 307 typedef struct iplog { 308 u_long ipl_magic; 309 u_long ipl_sec; 310 u_long ipl_usec; 311 u_int ipl_len; 312 u_int ipl_count; 313 size_t ipl_dsize; 314 struct iplog *ipl_next; 315 } iplog_t; 316 317 #define IPL_MAGIC 0x49504c4d /* 'IPLM' */ 318 319 typedef struct ipflog { 320 #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199603)) || \ 321 (defined(OpenBSD) && (OpenBSD >= 199603)) 322 u_char fl_ifname[IFNAMSIZ]; 323 #else 324 u_int fl_unit; 325 u_char fl_ifname[4]; 326 #endif 327 u_char fl_plen; /* extra data after hlen */ 328 u_char fl_hlen; /* length of IP headers saved */ 329 u_short fl_rule; /* assume never more than 64k rules, total */ 330 u_short fl_group; 331 u_32_t fl_flags; 332 } ipflog_t; 333 334 335 #ifndef ICMP_UNREACH_FILTER 336 #define ICMP_UNREACH_FILTER 13 337 #endif 338 339 #ifndef IPF_LOGGING 340 #define IPF_LOGGING 0 341 #endif 342 #ifndef IPF_DEFAULT_PASS 343 #define IPF_DEFAULT_PASS FR_PASS 344 #endif 345 346 #define IPMINLEN(i, h) ((i)->ip_len >= ((i)->ip_hl * 4 + sizeof(struct h))) 347 #define IPLLOGSIZE 8192 348 349 /* 350 * Device filenames for reading log information. Use ipf on Solaris2 because 351 * ipl is already a name used by something else. 352 */ 353 #ifndef IPL_NAME 354 # if SOLARIS 355 # define IPL_NAME "/dev/ipf" 356 # else 357 # define IPL_NAME "/dev/ipl" 358 # endif 359 #endif 360 #define IPL_NAT IPNAT_NAME 361 #define IPL_STATE IPSTATE_NAME 362 #define IPL_AUTH IPAUTH_NAME 363 364 #define IPL_LOGIPF 0 /* Minor device #'s for accessing logs */ 365 #define IPL_LOGNAT 1 366 #define IPL_LOGSTATE 2 367 #define IPL_LOGAUTH 3 368 #define IPL_LOGMAX 3 369 370 #if !defined(CDEV_MAJOR) && defined (__FreeBSD_version) && \ 371 (__FreeBSD_version >= 220000) 372 # define CDEV_MAJOR 79 373 #endif 374 375 #ifndef _KERNEL 376 struct ifnet; 377 extern int fr_check __P((ip_t *, int, void *, int, mb_t **)); 378 extern int (*fr_checkp) __P((ip_t *, int, void *, int, mb_t **)); 379 extern int send_reset __P((ip_t *, struct ifnet *)); 380 extern int icmp_error __P((ip_t *, struct ifnet *)); 381 extern int ipf_log __P((void)); 382 extern void ipfr_fastroute __P((ip_t *, fr_info_t *, frdest_t *)); 383 extern struct ifnet *get_unit __P((char *)); 384 # define FR_SCANLIST(p, ip, fi, m) fr_scanlist(p, ip, fi, m) 385 # if defined(__NetBSD__) || defined(__OpenBSD__) || \ 386 (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300003) 387 extern int iplioctl __P((dev_t, u_long, caddr_t, int)); 388 # else 389 extern int iplioctl __P((dev_t, int, caddr_t, int)); 390 # endif 391 extern int iplopen __P((dev_t, int)); 392 extern int iplclose __P((dev_t, int)); 393 #else /* #ifndef _KERNEL */ 394 # if defined(__NetBSD__) && defined(PFIL_HOOKS) 395 extern int ipfilterattach __P((int)); 396 # endif 397 extern int iplattach __P((void)); 398 extern int ipl_enable __P((void)); 399 extern int ipl_disable __P((void)); 400 extern void ipflog_init __P((void)); 401 extern int ipflog_clear __P((int)); 402 extern int ipflog_read __P((int, struct uio *)); 403 extern int ipflog __P((u_int, ip_t *, fr_info_t *, mb_t *)); 404 extern int ipllog __P((int, u_long, void **, size_t *, int *, int)); 405 # if SOLARIS 406 extern int fr_check __P((ip_t *, int, void *, int, qif_t *, mb_t **)); 407 extern int (*fr_checkp) __P((ip_t *, int, void *, 408 int, qif_t *, mb_t **)); 409 extern int icmp_error __P((ip_t *, int, int, qif_t *, 410 struct in_addr)); 411 extern int iplioctl __P((dev_t, int, int, int, cred_t *, int *)); 412 extern int iplopen __P((dev_t *, int, int, cred_t *)); 413 extern int iplclose __P((dev_t, int, int, cred_t *)); 414 extern int ipfsync __P((void)); 415 extern int send_reset __P((ip_t *, qif_t *)); 416 extern int ipfr_fastroute __P((qif_t *, ip_t *, mblk_t *, mblk_t **, 417 fr_info_t *, frdest_t *)); 418 extern void copyin_mblk __P((mblk_t *, int, int, char *)); 419 extern void copyout_mblk __P((mblk_t *, int, int, char *)); 420 extern int fr_qin __P((queue_t *, mblk_t *)); 421 extern int fr_qout __P((queue_t *, mblk_t *)); 422 # ifdef IPFILTER_LOG 423 extern int iplread __P((dev_t, struct uio *, cred_t *)); 424 # endif 425 # else /* SOLARIS */ 426 extern int fr_check __P((ip_t *, int, void *, int, mb_t **)); 427 extern int (*fr_checkp) __P((ip_t *, int, void *, int, mb_t **)); 428 # ifdef linux 429 extern int send_reset __P((tcpiphdr_t *, struct ifnet *)); 430 # else 431 extern int send_reset __P((tcpiphdr_t *)); 432 # endif 433 extern void ipfr_fastroute __P((mb_t *, fr_info_t *, frdest_t *)); 434 extern size_t mbufchainlen __P((mb_t *)); 435 # ifdef __sgi 436 # include <sys/cred.h> 437 extern int iplioctl __P((dev_t, int, caddr_t, int, cred_t *, int *)); 438 extern int iplopen __P((dev_t *, int, int, cred_t *)); 439 extern int iplclose __P((dev_t, int, int, cred_t *)); 440 extern int iplread __P((dev_t, struct uio *, cred_t *)); 441 extern int ipfsync __P((void)); 442 extern int ipfilter_sgi_attach __P((void)); 443 extern void ipfilter_sgi_detach __P((void)); 444 extern void ipfilter_sgi_intfsync __P((void)); 445 # else 446 # ifdef IPFILTER_LKM 447 extern int iplidentify __P((char *)); 448 # endif 449 # if (_BSDI_VERSION >= 199510) || (__FreeBSD_version >= 220000) || \ 450 (NetBSD >= 199511) 451 # if defined(__NetBSD__) || (_BSDI_VERSION >= 199701) || \ 452 (__FreeBSD_version >= 300003) 453 extern int iplioctl __P((dev_t, u_long, caddr_t, int, struct proc *)); 454 # else 455 extern int iplioctl __P((dev_t, int, caddr_t, int, struct proc *)); 456 # endif 457 extern int iplopen __P((dev_t, int, int, struct proc *)); 458 extern int iplclose __P((dev_t, int, int, struct proc *)); 459 # else 460 # if defined(__OpenBSD__) 461 extern int iplioctl __P((dev_t, u_long, caddr_t, int)); 462 # else /* __OpenBSD__ */ 463 # ifndef linux 464 extern int iplioctl __P((dev_t, int, caddr_t, int)); 465 # else 466 extern int iplioctl(struct inode *, struct file *, u_int, u_long); 467 # endif 468 # endif /* __OpenBSD__ */ 469 # ifndef linux 470 extern int iplopen __P((dev_t, int)); 471 extern int iplclose __P((dev_t, int)); 472 # else 473 extern int iplopen __P((struct inode *, struct file *)); 474 extern void iplclose __P((struct inode *, struct file *)); 475 # endif /* !linux */ 476 # endif /* (_BSDI_VERSION >= 199510) */ 477 # if BSD >= 199306 478 extern int iplread __P((dev_t, struct uio *, int)); 479 # else 480 # ifndef linux 481 extern int iplread __P((dev_t, struct uio *)); 482 # else 483 extern int iplread(struct inode *, struct file *, char *, int); 484 # endif /* !linux */ 485 # endif /* BSD >= 199306 */ 486 # endif /* __ sgi */ 487 # endif /* SOLARIS */ 488 #endif /* #ifndef _KERNEL */ 489 490 /* 491 * Post NetBSD 1.2 has the PFIL interface for packet filters. This turns 492 * on those hooks. We don't need any special mods in non-IP Filter code 493 * with this! 494 */ 495 #if (defined(NetBSD) && (NetBSD > 199609) && (NetBSD <= 1991011)) || \ 496 (defined(NetBSD1_2) && NetBSD1_2 > 1) 497 # define NETBSD_PF 498 #endif 499 500 extern int ipldetach __P((void)); 501 extern u_short fr_tcpsum __P((mb_t *, ip_t *, tcphdr_t *, int)); 502 #define FR_SCANLIST(p, ip, fi, m) fr_scanlist(p, ip, fi, m) 503 extern int fr_scanlist __P((int, ip_t *, fr_info_t *, void *)); 504 extern u_short ipf_cksum __P((u_short *, int)); 505 extern int fr_copytolog __P((int, char *, int)); 506 extern void frflush __P((int, int *)); 507 extern frgroup_t *fr_addgroup __P((u_short, frentry_t *, int, int)); 508 extern frgroup_t *fr_findgroup __P((u_short, u_32_t, int, int, frgroup_t ***)); 509 extern void fr_delgroup __P((u_short, u_32_t, int, int)); 510 extern int ipl_unreach; 511 extern int ipl_inited; 512 extern u_long ipl_frouteok[2]; 513 extern int fr_pass; 514 extern int fr_flags; 515 extern int fr_active; 516 extern fr_info_t frcache[2]; 517 #ifdef IPFILTER_LOG 518 extern iplog_t **iplh[IPL_LOGMAX+1], *iplt[IPL_LOGMAX+1]; 519 extern int iplused[IPL_LOGMAX + 1]; 520 #endif 521 extern struct frentry *ipfilter[2][2], *ipacct[2][2]; 522 extern struct frgroup *ipfgroups[3][2]; 523 extern struct filterstats frstats[]; 524 525 #endif /* __IP_FIL_H__ */

Cache object: c02e187c672c9f7f35affa53c6bfe32f

FreeBSD/Linux Kernel Cross Reference sys/netinet/ip_fil.h

FreeBSD/Linux Kernel Cross Reference
sys/netinet/ip_fil.h