|
Lines 2876-2888
table_manage_sets(struct ip_fw_chain *ch, uint16_t
Link Here
|
| 2876 |
switch (cmd) { |
2876 |
switch (cmd) { |
| 2877 |
case SWAP_ALL: |
2877 |
case SWAP_ALL: |
| 2878 |
case TEST_ALL: |
2878 |
case TEST_ALL: |
|
|
2879 |
case MOVE_ALL: |
| 2879 |
/* |
2880 |
/* |
| 2880 |
* Return success for TEST_ALL, since nothing prevents |
2881 |
* Alway return success, the real action and decision |
| 2881 |
* move rules from one set to another. All tables are |
2882 |
* should make table_manage_sets_all(). |
| 2882 |
* accessible from all sets when per-set tables sysctl |
|
|
| 2883 |
* is disabled. |
| 2884 |
*/ |
2883 |
*/ |
| 2885 |
case MOVE_ALL: |
2884 |
return (0); |
| 2886 |
case TEST_ONE: |
2885 |
case TEST_ONE: |
| 2887 |
case MOVE_ONE: |
2886 |
case MOVE_ONE: |
| 2888 |
/* |
2887 |
/* |
|
Lines 2907-2912
table_manage_sets(struct ip_fw_chain *ch, uint16_t
Link Here
|
| 2907 |
set, new_set, cmd)); |
2906 |
set, new_set, cmd)); |
| 2908 |
} |
2907 |
} |
| 2909 |
|
2908 |
|
|
|
2909 |
/* |
| 2910 |
* We register several opcode rewrites for lookup tables. |
| 2911 |
* All tables opcodes has the same ETLV type, but different subtype. |
| 2912 |
* To avoid invoking sets handler several times for XXX_ALL commands, |
| 2913 |
* we use separate manage_sets handler. O_RECV has the lowest value, |
| 2914 |
* so it should be called first. |
| 2915 |
*/ |
| 2916 |
static int |
| 2917 |
table_manage_sets_all(struct ip_fw_chain *ch, uint16_t set, uint8_t new_set, |
| 2918 |
enum ipfw_sets_cmd cmd) |
| 2919 |
{ |
| 2920 |
|
| 2921 |
switch (cmd) { |
| 2922 |
case SWAP_ALL: |
| 2923 |
case TEST_ALL: |
| 2924 |
/* |
| 2925 |
* Return success for TEST_ALL, since nothing prevents |
| 2926 |
* move rules from one set to another. All tables are |
| 2927 |
* accessible from all sets when per-set tables sysctl |
| 2928 |
* is disabled. |
| 2929 |
*/ |
| 2930 |
case MOVE_ALL: |
| 2931 |
if (V_fw_tables_sets == 0) |
| 2932 |
return (0); |
| 2933 |
break; |
| 2934 |
default: |
| 2935 |
return (table_manage_sets(ch, set, new_set, cmd)); |
| 2936 |
} |
| 2937 |
/* Use generic sets handler when per-set sysctl is enabled. */ |
| 2938 |
return (ipfw_obj_manage_sets(CHAIN_TO_NI(ch), IPFW_TLV_TBL_NAME, |
| 2939 |
set, new_set, cmd)); |
| 2940 |
} |
| 2941 |
|
| 2910 |
static struct opcode_obj_rewrite opcodes[] = { |
2942 |
static struct opcode_obj_rewrite opcodes[] = { |
| 2911 |
{ |
2943 |
{ |
| 2912 |
.opcode = O_IP_SRC_LOOKUP, |
2944 |
.opcode = O_IP_SRC_LOOKUP, |
|
Lines 2956-2962
static struct opcode_obj_rewrite opcodes[] = {
Link Here
|
| 2956 |
.find_byname = table_findbyname, |
2988 |
.find_byname = table_findbyname, |
| 2957 |
.find_bykidx = table_findbykidx, |
2989 |
.find_bykidx = table_findbykidx, |
| 2958 |
.create_object = create_table_compat, |
2990 |
.create_object = create_table_compat, |
| 2959 |
.manage_sets = table_manage_sets, |
2991 |
.manage_sets = table_manage_sets_all, |
| 2960 |
}, |
2992 |
}, |
| 2961 |
{ |
2993 |
{ |
| 2962 |
.opcode = O_VIA, |
2994 |
.opcode = O_VIA, |