diff options
| author | Bjoern A. Zeeb <bz@FreeBSD.org> | 2010-03-07 15:37:58 +0000 |
|---|---|---|
| committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2010-03-07 15:37:58 +0000 |
| commit | e253cdd07c2b4384c05431c4767f0e2c3a9a6a79 (patch) | |
| tree | 726585957fe76b49db7a3b6d6ea68ef15cac8f3c /sys | |
| parent | 0019284ae82e5950e0c142c9411265ef61d31b21 (diff) | |
| download | src-e253cdd07c2b4384c05431c4767f0e2c3a9a6a79.tar.gz src-e253cdd07c2b4384c05431c4767f0e2c3a9a6a79.zip | |
Not only flush the ipfw tables when unloading ipfw or tearing
down a virtual netowrk stack, but also free the Radix Node Head.
Sponsored by: ISPsystem
Reviewed by: julian
MFC after: 5 days
Notes
Notes:
svn path=/head/; revision=204837
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/radix.c | 2 | ||||
| -rw-r--r-- | sys/net/radix.h | 2 | ||||
| -rw-r--r-- | sys/netinet/ipfw/ip_fw2.c | 2 | ||||
| -rw-r--r-- | sys/netinet/ipfw/ip_fw_private.h | 1 | ||||
| -rw-r--r-- | sys/netinet/ipfw/ip_fw_table.c | 15 |
5 files changed, 17 insertions, 5 deletions
diff --git a/sys/net/radix.c b/sys/net/radix.c index 24650e778aab..9f2383d7c7cf 100644 --- a/sys/net/radix.c +++ b/sys/net/radix.c @@ -1161,7 +1161,6 @@ rn_inithead(head, off) return (1); } -#ifdef VIMAGE int rn_detachhead(void **head) { @@ -1177,7 +1176,6 @@ rn_detachhead(void **head) *head = NULL; return (1); } -#endif void rn_init(int maxk) diff --git a/sys/net/radix.h b/sys/net/radix.h index e8bbe257864a..29659b546519 100644 --- a/sys/net/radix.h +++ b/sys/net/radix.h @@ -162,9 +162,7 @@ struct radix_node_head { void rn_init(int); int rn_inithead(void **, int); -#ifdef VIMAGE int rn_detachhead(void **); -#endif int rn_refines(void *, void *); struct radix_node *rn_addmask(void *, int, int), diff --git a/sys/netinet/ipfw/ip_fw2.c b/sys/netinet/ipfw/ip_fw2.c index e7ad1074c75f..373f22a8ce50 100644 --- a/sys/netinet/ipfw/ip_fw2.c +++ b/sys/netinet/ipfw/ip_fw2.c @@ -2392,7 +2392,7 @@ vnet_ipfw_uninit(const void *unused) IPFW_WLOCK(chain); ipfw_dyn_uninit(0); /* run the callout_drain */ - ipfw_flush_tables(chain); + ipfw_destroy_tables(chain); reap = NULL; for (i = 0; i < chain->n_rules; i++) { rule = chain->map[i]; diff --git a/sys/netinet/ipfw/ip_fw_private.h b/sys/netinet/ipfw/ip_fw_private.h index 094c22f953e7..633f98f76725 100644 --- a/sys/netinet/ipfw/ip_fw_private.h +++ b/sys/netinet/ipfw/ip_fw_private.h @@ -272,6 +272,7 @@ struct radix_node; int ipfw_lookup_table(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr, uint32_t *val); int ipfw_init_tables(struct ip_fw_chain *ch); +void ipfw_destroy_tables(struct ip_fw_chain *ch); int ipfw_flush_table(struct ip_fw_chain *ch, uint16_t tbl); void ipfw_flush_tables(struct ip_fw_chain *ch); int ipfw_add_table_entry(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr, diff --git a/sys/netinet/ipfw/ip_fw_table.c b/sys/netinet/ipfw/ip_fw_table.c index 5854e97afde9..5c2369d3186b 100644 --- a/sys/netinet/ipfw/ip_fw_table.c +++ b/sys/netinet/ipfw/ip_fw_table.c @@ -203,6 +203,21 @@ ipfw_init_tables(struct ip_fw_chain *ch) return (0); } +void +ipfw_destroy_tables(struct ip_fw_chain *ch) +{ + int tbl; + struct radix_node_head *rnh; + + IPFW_WLOCK_ASSERT(ch); + + ipfw_flush_tables(ch); + for (tbl = 0; tbl < IPFW_TABLES_MAX; tbl++) { + rnh = ch->tables[tbl]; + rn_detachhead((void **)&rnh); + } +} + int ipfw_lookup_table(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr, uint32_t *val) |