From d9c78348f92fafe1a8b8735fc038cb2553c0a3ae Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Sun, 23 Jun 2024 17:44:56 +0000 Subject: [PATCH 01/75] Compile-time error fix in altq use right jobs altq interface to be detached from and set your error variable --- sys/altq/altq_jobs.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/sys/altq/altq_jobs.c b/sys/altq/altq_jobs.c index a71b60b12d7bf..ae7cab7b402bc 100644 --- a/sys/altq/altq_jobs.c +++ b/sys/altq/altq_jobs.c @@ -1831,14 +1831,14 @@ int jobsclose(dev_t dev, int flag, int fmt, struct lwp *l) { + int error = 0; struct jobs_if *jif; - while ((jif = jif_list) != NULL) { /* destroy all */ if (ALTQ_IS_ENABLED(jif->jif_ifq)) altq_disable(jif->jif_ifq); - int error = altq_detach(pif->pif_ifq); + error = altq_detach(jif->jif_ifq); switch (error) { case 0: case ENXIO: /* already disabled */ @@ -1848,7 +1848,6 @@ jobsclose(dev_t dev, int flag, int fmt, } jobs_detach(jif); } - return error; } From ffcb3f98e36340d3e34eaf7147faeeb9dbfa14ef Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 13:25:05 +0000 Subject: [PATCH 02/75] Plain grammar for ALTQ configuration in /etc/npf.conf this follows a style.....: altq on $interface $your_queue_options $your_queue_managements {child queues here} then.... queue child_queue and its defintions example for cbq: altq on wm0 cbq qlimit 60 tbrsize .. bandwidth 10Mb queue {deflt, audio, video} queue deflt bandwidth 1Mb priority 1 cbq(default, red) queue audio bandwidth 2Mb priority 2 cbq(borrow, ecn) queue video bandwidth 3Mb priority 3 cbq(red) example for hfsc: altq on wm0 hfsc qlimit 60 tbrsize .. bandwidth 10Mb queue {deflt, audio, video} queue deflt bandwidth 1Mb priority 1 hfsc(default, red) queue audio bandwidth 2Mb priority 2 hfsc( ecn) queue video bandwidth 3Mb priority 3 hfsc(red) for CBQ and HFSC, CBQ borrows unlike HFSC. example for priq: altq on wm0 qlimit 60 tbrsize .. bandwidth 10Mb queue { audio, video } queue audio priority 1 priq(default) queue video priority 2 priq(ecn) NB in PRIQ: you cannot set bandwidth for child queues in PRIQ as child queues depend on priority NB in ALL: all parents must have default queueus on a rule.... can be appended on a rule as... pass in on wm0 from $mac to $bsd apply "log" queue "audio". --- usr.sbin/npf/npfctl/npf_parse.y | 410 +++++++++++++++++++++++++++++++- usr.sbin/npf/npfctl/npf_scan.l | 21 ++ usr.sbin/npf/npfctl/npfctl.h | 63 +++++ 3 files changed, 488 insertions(+), 6 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index d77f462cd8c58..dffc3f786bbad 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -38,6 +38,11 @@ #include #endif +#include +#include +#include +#include + #include "npfctl.h" #define YYSTACKSIZE 4096 @@ -48,6 +53,9 @@ const char * yyfilename; extern int yylineno, yycolumn; extern int yylex(int); +struct node_hfsc_opts hfsc_opts; +struct queue_opts queue_opts; + void yyerror(const char *fmt, ...) { @@ -168,6 +176,20 @@ yyerror(const char *fmt, ...) %token TO %token TREE %token TYPE +%token ALTQ +%token CBQ +%token PRIQ +%token HFSC +%token BANDWIDTH +%token TBRSIZE +%token LINKSHARE +%token REALTIME +%token UPPERLIMIT +%token QUEUE +%token PRIORITY +%token QLIMIT +%token RTABLE + %token ICMP %token ICMP6 @@ -181,8 +203,9 @@ yyerror(const char *fmt, ...) %token PARAM %token TABLE_ID %token VAR_ID +%token BW_SPEC -%type addr some_name table_store dynamic_ifaddrs +%type addr some_name table_store dynamic_ifaddrs bw_spec %type proc_param_val opt_apply ifname on_ifname ifref %type port opt_final number afamily opt_family %type block_or_pass rule_dir group_dir block_opts @@ -199,6 +222,15 @@ yyerror(const char *fmt, ...) %type filt_opts all_or_filt_opts %type rawproto %type group_opts +%type queue_opts queue_opt queue_opts_l +%type rule_queue +%type qassign qassign_list qassign_item +%type scheduler +%type cbqflags_list cbqflags_item +%type priqflags_list priqflags_item +%type hfscopts_list hfscopts_item hfsc_opts +%type bandwidth +%type queue_flags %union { char * str; @@ -209,6 +241,12 @@ yyerror(const char *fmt, ...) filt_opts_t filtopts; opt_proto_t optproto; rule_group_t rulegroup; + struct node_queue *queue; + struct node_queue_opt queue_options; + struct node_queue_bw queue_bwspec; + struct node_qassign qassign; + struct queue_opts queue_opts; + struct node_hfsc_opts hfsc_opts; } %% @@ -232,9 +270,346 @@ line | rproc | alg | set - | + | altq + | queuespec ; +altq : ALTQ on_ifname queue_opts QUEUE qassign { + struct npf_altq a; + + memset(&a, 0, sizeof(a)); + if ($3.scheduler.qtype == ALTQT_NONE) { + yyerror("no scheduler specified!"); + YYERROR; + } + a.scheduler = $3.scheduler.qtype; + a.qlimit = $3.qlimit; + a.tbrsize = $3.tbrsize; + if ($5 == NULL) { + yyerror("no child queues specified"); + YYERROR; + } + if (expand_altq(&a, $2, $5, $3.queue_bwspec, + &$3.scheduler)) + YYERROR; + } + ; + +queuespec : QUEUE IDENTIFIER on_ifname queue_opts qassign { + struct npf_altq a; + + memset(&a, 0, sizeof(a)); + if (strlcpy(a.qname, $2, sizeof(a.qname)) >= + sizeof(a.qname)) { + yyerror("queue name too long (max " + "%d chars)", NPF_QNAME_SIZE-1); + free($2); + YYERROR; + } + free($2); + if ($4.tbrsize) { + yyerror("cannot specify tbrsize for queue"); + YYERROR; + } + if ($4.priority > 255) { + yyerror("priority out of range: max 255"); + YYERROR; + } + a.priority = $4.priority; + a.qlimit = $4.qlimit; + a.scheduler = $4.scheduler.qtype; + if (expand_queue(&a, $3, $5, $4.queue_bwspec, + &$4.scheduler)) { + yyerror("errors in queue definition"); + YYERROR; + } + } + ; + +queue_opts : { + memset(&queue_opts, 0, sizeof queue_opts ); + queue_opts.priority = DEFAULT_PRIORITY; + queue_opts.qlimit = DEFAULT_QLIMIT; + queue_opts.scheduler.qtype = ALTQT_NONE; + queue_opts.queue_bwspec.bw_percent = 100; + } + queue_opts_l + { $$ = queue_opts; } + | /* empty */ { + memset(&queue_opts, 0, sizeof queue_opts); + queue_opts.priority = DEFAULT_PRIORITY; + queue_opts.qlimit = DEFAULT_QLIMIT; + queue_opts.scheduler.qtype = ALTQT_NONE; + queue_opts.queue_bwspec.bw_percent = 100; + $$ = queue_opts; + } + ; + +queue_opts_l : queue_opts_l queue_opt + | queue_opt + ; + +queue_opt : BANDWIDTH bandwidth { + if (queue_opts.marker & QOM_BWSPEC) { + yyerror("bandwidth cannot be respecified"); + YYERROR; + } + queue_opts.marker |= QOM_BWSPEC; + queue_opts.queue_bwspec = $2; + } + | PRIORITY number { + if (queue_opts.marker & QOM_PRIORITY) { + yyerror("priority cannot be respecified"); + YYERROR; + } + if ($2 > 255) { + yyerror("priority out of range: max 255"); + YYERROR; + } + queue_opts.marker |= QOM_PRIORITY; + queue_opts.priority = $2; + } + | QLIMIT number { + if (queue_opts.marker & QOM_QLIMIT) { + yyerror("qlimit cannot be respecified"); + YYERROR; + } + if ($2 > 65535) { + yyerror("qlimit out of range: max 65535"); + YYERROR; + } + queue_opts.marker |= QOM_QLIMIT; + queue_opts.qlimit = $2; + } + | scheduler { + if (queue_opts.marker & QOM_SCHEDULER) { + yyerror("scheduler cannot be respecified"); + YYERROR; + } + queue_opts.marker |= QOM_SCHEDULER; + queue_opts.scheduler = $1; + } + | TBRSIZE number { + if (queue_opts.marker & QOM_TBRSIZE) { + yyerror("tbrsize cannot be respecified"); + YYERROR; + } + if ($2 > 65535) { + yyerror("tbrsize too big: max 65535"); + YYERROR; + } + queue_opts.marker |= QOM_TBRSIZE; + queue_opts.tbrsize = $2; + } + ; + +bandwidth : bw_spec { + struct node_queue_bw bw; + + if (npfctl_eval_bw(&bw, $1)){ + YYERROR; + free($1); + } + $$ = bw; + } + ; + +bw_spec : BW_SPEC + {$$ = $1; } + ; + +scheduler : CBQ { + $$.qtype = ALTQT_CBQ; + $$.data.cbq_opts.flags = 0; + } + | CBQ PAR_OPEN cbqflags_list PAR_CLOSE { + $$.qtype = ALTQT_CBQ; + $$.data.cbq_opts.flags = $3; + } + | PRIQ { + $$.qtype = ALTQT_PRIQ; + $$.data.priq_opts.flags = 0; + } + | PRIQ PAR_OPEN priqflags_list PAR_CLOSE { + $$.qtype = ALTQT_PRIQ; + $$.data.priq_opts.flags = $3; + } + | HFSC { + $$.qtype = ALTQT_HFSC; + bzero(&$$.data.hfsc_opts, + sizeof(struct node_hfsc_opts)); + } + | HFSC PAR_OPEN hfsc_opts PAR_CLOSE { + $$.qtype = ALTQT_HFSC; + $$.data.hfsc_opts = $3; + } + ; + +cbqflags_list : cbqflags_item { $$ |= $1; } + | cbqflags_list COMMA cbqflags_item { $$ |= $3; } + ; + +cbqflags_item : IDENTIFIER { +#ifdef CBQCLF_BORROW + if (!strcmp($1, "borrow")) + $$ = CBQCLF_BORROW; +#endif + else if (!strcmp($1, "red")) + $$ = CBQCLF_RED; + else if (!strcmp($1, "ecn")) + $$ = CBQCLF_RED|CBQCLF_ECN; + else if (!strcmp($1, "rio")) + $$ = CBQCLF_RIO; + else { + yyerror("unknown cbq flag \"%s\"", $1); + free($1); + YYERROR; + } + free($1); + } + | DEFAULT { $$ = CBQCLF_DEFCLASS; } + ; + +priqflags_list : priqflags_item { $$ |= $1; } + | priqflags_list COMMA priqflags_item { $$ |= $3; } + ; + +priqflags_item : IDENTIFIER { + if (!strcmp($1, "red")) + $$ = PRCF_RED; + else if (!strcmp($1, "ecn")) + $$ = PRCF_RED|PRCF_ECN; + else if (!strcmp($1, "rio")) + $$ = PRCF_RIO; + else { + yyerror("unknown priq flag \"%s\"", $1); + free($1); + YYERROR; + } + free($1); + } + | DEFAULT { $$ = PRCF_DEFAULTCLASS; } + ; + +hfsc_opts : { + memset(&hfsc_opts, 0, + sizeof(struct node_hfsc_opts)); + } + hfscopts_list { + $$ = hfsc_opts; + } + ; + +hfscopts_list : hfscopts_item + | hfscopts_list COMMA hfscopts_item + ; + +hfscopts_item : LINKSHARE bandwidth { + if (hfsc_opts.linkshare.used) { + yyerror("linkshare already specified"); + YYERROR; + } + hfsc_opts.linkshare.m2 = $2; + hfsc_opts.linkshare.used = 1; + } + | LINKSHARE PAR_OPEN bandwidth COMMA number COMMA bandwidth PAR_CLOSE + { + if (hfsc_opts.linkshare.used) { + yyerror("linkshare already specified"); + YYERROR; + } + hfsc_opts.linkshare.m1 = $3; + hfsc_opts.linkshare.d = $5; + hfsc_opts.linkshare.m2 = $7; + hfsc_opts.linkshare.used = 1; + } + | REALTIME bandwidth { + if (hfsc_opts.realtime.used) { + yyerror("realtime already specified"); + YYERROR; + } + hfsc_opts.realtime.m2 = $2; + hfsc_opts.realtime.used = 1; + } + | REALTIME PAR_OPEN bandwidth COMMA number COMMA bandwidth PAR_CLOSE + { + if (hfsc_opts.realtime.used) { + yyerror("realtime already specified"); + YYERROR; + } + hfsc_opts.realtime.m1 = $3; + hfsc_opts.realtime.d = $5; + hfsc_opts.realtime.m2 = $7; + hfsc_opts.realtime.used = 1; + } + | UPPERLIMIT bandwidth { + if (hfsc_opts.upperlimit.used) { + yyerror("upperlimit already specified"); + YYERROR; + } + hfsc_opts.upperlimit.m2 = $2; + hfsc_opts.upperlimit.used = 1; + } + | UPPERLIMIT PAR_OPEN bandwidth COMMA number COMMA bandwidth PAR_CLOSE + { + if (hfsc_opts.upperlimit.used) { + yyerror("upperlimit already specified"); + YYERROR; + } + hfsc_opts.upperlimit.m1 = $3; + hfsc_opts.upperlimit.d = $5; + hfsc_opts.upperlimit.m2 = $7; + hfsc_opts.upperlimit.used = 1; + } + | IDENTIFIER { + if (!strcmp($1, "red")) + hfsc_opts.flags |= HFCF_RED; + else if (!strcmp($1, "ecn")) + hfsc_opts.flags |= HFCF_RED|HFCF_ECN; + else if (!strcmp($1, "rio")) + hfsc_opts.flags |= HFCF_RIO; + else { + yyerror("unknown hfsc flag \"%s\"", $1); + free($1); + YYERROR; + } + free($1); + } + | DEFAULT { hfsc_opts.flags |= HFCF_DEFAULTCLASS; } + ; + +qassign : /* empty */ { $$ = NULL; } + | qassign_item { $$ = $1; } + | CURLY_OPEN qassign_list CURLY_CLOSE { $$ = $2; } + ; + +qassign_list : qassign_item { $$ = $1; } + | qassign_list COMMA qassign_item { + $1->tail->next = $3; + $1->tail = $3; + $$ = $1; + } + ; + +qassign_item : IDENTIFIER { + $$ = calloc(1, sizeof(struct node_queue)); + + if ($$ == NULL) + err(1, "qassign_item: calloc"); + if (strlcpy($$->queue, $1, sizeof($$->queue)) >= + sizeof($$->queue)) { + yyerror("queue name '%s' too long (max " + "%lu chars)", $1, sizeof($$->queue) -1); + free($1); + free($$); + YYERROR; + } + free($1); + $$->next = NULL; + $$->tail = $$; + } + ; + alg : ALG STRING { @@ -544,20 +919,21 @@ rule_group /* * Rule and misc. + * Make rule with queue optional */ rule : block_or_pass opt_stateful rule_dir opt_final on_ifname - opt_family opt_proto all_or_filt_opts opt_apply + opt_family opt_proto all_or_filt_opts opt_apply rule_queue { npfctl_build_rule($1 | $2 | $3 | $4, $5, - $6, $7, &$8, NULL, $9); + $6, $7, &$8, NULL, $9, $10); } | block_or_pass opt_stateful rule_dir opt_final on_ifname - PCAP_FILTER STRING opt_apply + PCAP_FILTER STRING opt_apply rule_queue { npfctl_build_rule($1 | $2 | $3 | $4, $5, - AF_UNSPEC, NULL, NULL, $7, $8); + AF_UNSPEC, NULL, NULL, $7, $8, $9); } ; @@ -678,6 +1054,28 @@ opt_apply | { $$ = NULL; } ; +rule_queue + : /* Empty */ + { + $$.qname = NULL; + $$.pqname = NULL; + } + | QUEUE STRING + { + $$.qname = $2; + } + | QUEUE PAR_OPEN STRING PAR_CLOSE + { + $$.qname = $3; + } + | QUEUE PAR_OPEN STRING COMMA STRING PAR_CLOSE + { + $$.qname = $3; + $$.pqname = $5; + } + ; + + block_opts : RETURNRST { $$ = NPF_RULE_RETRST; } | RETURNICMP { $$ = NPF_RULE_RETICMP; } diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index 28bc5e9665742..d46fbf36e2091 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -96,6 +96,7 @@ DID [a-zA-Z_][a-zA-Z_0-9-]* SPID [a-zA-Z][a-zA-Z_0-9.]* NUMBER [0-9]+ HEXDIG [0-9a-fA-F]+ +BW_UNIT [A-Za-z%]+ %% %{ @@ -174,6 +175,19 @@ icmp-type return ICMPTYPE; code return CODE; any return ANY; +altq return ALTQ; +cbq return CBQ; +priq return PRIQ; +hfsc return HFSC; +bandwidth return BANDWIDTH; +tbrsize return TBRSIZE; +linkshare return LINKSHARE; +realtime return REALTIME; +uppertime return UPPERLIMIT; +queue return QUEUE; +priority return PRIORITY; +qlimit return QLIMIT; + "/" return SLASH; "{" return CURLY_OPEN; "}" return CURLY_CLOSE; @@ -183,6 +197,13 @@ any return ANY; "=" return EQ; "!" return EXCL_MARK; +/* bandwidth specification rule */ + +{NUMBER}[\.]*[0-9]*{BW_UNIT} { + yylval.str = estrndup(yytext, yyleng); + return BW_SPEC; +} + "0x"{HEXDIG} { char *endp, *buf = ecalloc(1, yyleng + 1); buf[yyleng] = 0; diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 4a17517488079..3bd628002bf2d 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -48,6 +48,69 @@ #define NPF_CONF_PATH "/etc/npf.conf" #define NPF_DB_PATH "/var/db/npf.db" +#ifndef DEFAULT_QLIMIT +#define DEFAULT_QLIMIT 50 +#endif +#ifndef DEFAULT_PRIORITY +#define DEFAULT_PRIORITY 1 +#endif +struct node_queue_bw { + u_int32_t bw_absolute; + u_int16_t bw_percent; +}; + +struct node_hfsc_sc { + struct node_queue_bw m1; /* slope of 1st segment; bps */ + u_int d; /* x-projection of m1; msec */ + struct node_queue_bw m2; /* slope of 2nd segment; bps */ + u_int8_t used; +}; + +struct node_hfsc_opts { + struct node_hfsc_sc realtime; + struct node_hfsc_sc linkshare; + struct node_hfsc_sc upperlimit; + int flags; +}; + +struct node_queue_opt { + int qtype; + union { + struct npf_cbq_opts cbq_opts; + struct npf_priq_opts priq_opts; + struct node_hfsc_opts hfsc_opts; + } data; +}; + +struct queue_opts { + int marker; +/* use flags for which option is set*/ +#define QOM_BWSPEC 0x01 +#define QOM_SCHEDULER 0x02 +#define QOM_PRIORITY 0x04 +#define QOM_TBRSIZE 0x08 +#define QOM_QLIMIT 0x10 + struct node_queue_bw queue_bwspec; + struct node_queue_opt scheduler; + int priority; + int tbrsize; + int qlimit; +}; + +struct node_queue { + char queue[NPF_QNAME_SIZE]; + char parent[NPF_QNAME_SIZE]; + char ifname[IFNAMSIZ]; + int scheduler; + struct node_queue *next; + struct node_queue *tail; +}; + +struct node_qassign { + char *qname; + char *pqname; +}; + typedef struct fam_addr_mask { sa_family_t fam_family; npf_addr_t fam_addr; From 2fd15e9c42a8a6d697a62cdaeff69430c0fd6d76 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 15:59:34 +0000 Subject: [PATCH 03/75] Integrate NPF into ALTQ: might be a goodbye for PF & ALTQ when altq is being attached to a network interface through a packet filter(PF), it uses pf_altq which is a structure containing all pf's elements necessary for use in adding queues, removing queues, similar structure is implemented for npf (struct npf_altq) and it's being used to substitute pf structure. this automatically kills pf in altq. this hits out backs to move npf to where we want to take it to. if we want pf still supported in altq, maybe a functions with (pf_altq) same functions with (npf_altq) going to make code messy and unattractive. but I'm ready to listen to your suggestions. --- sys/altq/altq_cbq.c | 20 ++++---- sys/altq/altq_hfsc.c | 25 +++++----- sys/altq/altq_priq.c | 25 +++++----- sys/altq/altq_subr.c | 34 +++++++------- sys/altq/altq_var.h | 52 ++++++++++----------- sys/net/npf/npf_altq.h | 102 +++++++++++++++++++++++++++++++++++++++++ 6 files changed, 180 insertions(+), 78 deletions(-) create mode 100644 sys/net/npf/npf_altq.h diff --git a/sys/altq/altq_cbq.c b/sys/altq/altq_cbq.c index d85d0c8c7d68a..2b300f1f9487c 100644 --- a/sys/altq/altq_cbq.c +++ b/sys/altq/altq_cbq.c @@ -59,9 +59,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_cbq.c,v 1.41 2024/09/26 02:39:09 ozaki-r Exp $" #include #include -#if NPF > 0 -#include -#endif +#include #include #include #ifdef ALTQ3_COMPAT @@ -242,9 +240,8 @@ get_class_stats(class_stats_t *statsp, struct rm_class *cl) #endif } -#if NPF > 0 int -cbq_pfattach(struct pf_altq *a) +cbq_npfattach(struct npf_altq *a) { struct ifnet *ifp; int s, error; @@ -259,7 +256,7 @@ cbq_pfattach(struct pf_altq *a) } int -cbq_add_altq(struct pf_altq *a) +cbq_add_altq(struct npf_altq *a) { cbq_state_t *cbqp; struct ifnet *ifp; @@ -278,14 +275,14 @@ cbq_add_altq(struct pf_altq *a) cbqp->cbq_qlen = 0; cbqp->ifnp.ifq_ = &ifp->if_snd; /* keep the ifq */ - /* keep the state in pf_altq */ + /* keep the state in npf_altq */ a->altq_disc = cbqp; return (0); } int -cbq_remove_altq(struct pf_altq *a) +cbq_remove_altq(struct npf_altq *a) { cbq_state_t *cbqp; @@ -308,7 +305,7 @@ cbq_remove_altq(struct pf_altq *a) #define NSEC_TO_PSEC(s) ((uint64_t)(s) * 1000) int -cbq_add_queue(struct pf_altq *a) +cbq_add_queue(struct npf_altq *a) { struct rm_class *borrow, *parent; cbq_state_t *cbqp; @@ -415,7 +412,7 @@ cbq_add_queue(struct pf_altq *a) } int -cbq_remove_queue(struct pf_altq *a) +cbq_remove_queue(struct npf_altq *a) { struct rm_class *cl; cbq_state_t *cbqp; @@ -451,7 +448,7 @@ cbq_remove_queue(struct pf_altq *a) } int -cbq_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) +cbq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) { cbq_state_t *cbqp; struct rm_class *cl; @@ -475,7 +472,6 @@ cbq_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } -#endif /* NPF > 0 */ /* * int diff --git a/sys/altq/altq_hfsc.c b/sys/altq/altq_hfsc.c index c1feeada4b4f5..d3c8d3d34455b 100644 --- a/sys/altq/altq_hfsc.c +++ b/sys/altq/altq_hfsc.c @@ -51,6 +51,11 @@ __KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.30 2021/09/21 14:30:15 christos Exp #include "pf.h" #endif +#ifndef NPF +#define NPF 1 +#endif + + #ifdef ALTQ_HFSC /* hfsc is enabled by ALTQ_HFSC option in opt_altq.h */ #include @@ -70,9 +75,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.30 2021/09/21 14:30:15 christos Exp #include #include -#if NPF > 0 -#include -#endif +#include #include #include #ifdef ALTQ3_COMPAT @@ -173,9 +176,8 @@ altqdev_decl(hfsc); static struct hfsc_if *hif_list = NULL; #endif /* ALTQ3_COMPAT */ -#if NPF > 0 int -hfsc_pfattach(struct pf_altq *a) +hfsc_npfattach(struct npf_altq *a) { struct ifnet *ifp; int s, error; @@ -190,7 +192,7 @@ hfsc_pfattach(struct pf_altq *a) } int -hfsc_add_altq(struct pf_altq *a) +hfsc_add_altq(struct npf_altq *a) { struct hfsc_if *hif; struct ifnet *ifp; @@ -212,14 +214,14 @@ hfsc_add_altq(struct pf_altq *a) hif->hif_ifq = &ifp->if_snd; - /* keep the state in pf_altq */ + /* keep the state in npf_altq */ a->altq_disc = hif; return (0); } int -hfsc_remove_altq(struct pf_altq *a) +hfsc_remove_altq(struct npf_altq *a) { struct hfsc_if *hif; @@ -238,7 +240,7 @@ hfsc_remove_altq(struct pf_altq *a) } int -hfsc_add_queue(struct pf_altq *a) +hfsc_add_queue(struct npf_altq *a) { struct hfsc_if *hif; struct hfsc_class *cl, *parent; @@ -281,7 +283,7 @@ hfsc_add_queue(struct pf_altq *a) } int -hfsc_remove_queue(struct pf_altq *a) +hfsc_remove_queue(struct npf_altq *a) { struct hfsc_if *hif; struct hfsc_class *cl; @@ -296,7 +298,7 @@ hfsc_remove_queue(struct pf_altq *a) } int -hfsc_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) +hfsc_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) { struct hfsc_if *hif; struct hfsc_class *cl; @@ -320,7 +322,6 @@ hfsc_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } -#endif /* NPF > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/altq/altq_priq.c b/sys/altq/altq_priq.c index b8505ba7a9158..6e647bb20585a 100644 --- a/sys/altq/altq_priq.c +++ b/sys/altq/altq_priq.c @@ -39,6 +39,11 @@ __KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.28 2021/09/21 14:30:15 christos Exp #include "pf.h" #endif +#ifndef NPF +#define NPF 1 +#endif + + #ifdef ALTQ_PRIQ /* priq is enabled by ALTQ_PRIQ option in opt_altq.h */ #include @@ -56,9 +61,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.28 2021/09/21 14:30:15 christos Exp #include #include -#if NPF > 0 -#include -#endif +#include #include #include #include @@ -105,9 +108,8 @@ altqdev_decl(priq); static struct priq_if *pif_list = NULL; #endif /* ALTQ3_COMPAT */ -#if NPF > 0 int -priq_pfattach(struct pf_altq *a) +priq_npfattach(struct npf_altq *a) { struct ifnet *ifp; int s, error; @@ -122,7 +124,7 @@ priq_pfattach(struct pf_altq *a) } int -priq_add_altq(struct pf_altq *a) +priq_add_altq(struct npf_altq *a) { struct priq_if *pif; struct ifnet *ifp; @@ -139,14 +141,14 @@ priq_add_altq(struct pf_altq *a) pif->pif_maxpri = -1; pif->pif_ifq = &ifp->if_snd; - /* keep the state in pf_altq */ + /* keep the state in npf_altq */ a->altq_disc = pif; return (0); } int -priq_remove_altq(struct pf_altq *a) +priq_remove_altq(struct npf_altq *a) { struct priq_if *pif; @@ -161,7 +163,7 @@ priq_remove_altq(struct pf_altq *a) } int -priq_add_queue(struct pf_altq *a) +priq_add_queue(struct npf_altq *a) { struct priq_if *pif; struct priq_class *cl; @@ -188,7 +190,7 @@ priq_add_queue(struct pf_altq *a) } int -priq_remove_queue(struct pf_altq *a) +priq_remove_queue(struct npf_altq *a) { struct priq_if *pif; struct priq_class *cl; @@ -203,7 +205,7 @@ priq_remove_queue(struct pf_altq *a) } int -priq_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) +priq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) { struct priq_if *pif; struct priq_class *cl; @@ -227,7 +229,6 @@ priq_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } -#endif /* NPF > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/altq/altq_subr.c b/sys/altq/altq_subr.c index 5c0c57b587f79..f54540ceb2519 100644 --- a/sys/altq/altq_subr.c +++ b/sys/altq/altq_subr.c @@ -36,6 +36,11 @@ __KERNEL_RCSID(0, "$NetBSD: altq_subr.c,v 1.33 2017/03/14 09:03:08 ozaki-r Exp $ #include "pf.h" #endif +#ifndef NPF +#define NPF 1 +#endif + + #include #include #include @@ -62,9 +67,8 @@ __KERNEL_RCSID(0, "$NetBSD: altq_subr.c,v 1.33 2017/03/14 09:03:08 ozaki-r Exp $ #include #include -#if NPF > 0 -#include -#endif +#include + #include #ifdef ALTQ3_COMPAT #include @@ -135,7 +139,7 @@ altq_attach(struct ifaltq *ifq, int type, void *discipline, #ifdef ALTQ3_COMPAT /* - * pfaltq can override the existing discipline, but altq3 cannot. + * npfaltq can override the existing discipline, but altq3 cannot. * check these if clfier is not NULL (which implies altq3). */ if (clfier != NULL) { @@ -400,13 +404,12 @@ tbr_get(struct ifaltq *ifq, struct tb_profile *profile) return (0); } -#if NPF > 0 /* * attach a discipline to the interface. if one already exists, it is * overridden. */ int -altq_pfattach(struct pf_altq *a) +altq_npfattach(struct npf_altq *a) { int error = 0; @@ -415,17 +418,17 @@ altq_pfattach(struct pf_altq *a) break; #ifdef ALTQ_CBQ case ALTQT_CBQ: - error = cbq_pfattach(a); + error = cbq_npfattach(a); break; #endif #ifdef ALTQ_PRIQ case ALTQT_PRIQ: - error = priq_pfattach(a); + error = priq_npfattach(a); break; #endif #ifdef ALTQ_HFSC case ALTQT_HFSC: - error = hfsc_pfattach(a); + error = hfsc_npfattach(a); break; #endif default: @@ -441,7 +444,7 @@ altq_pfattach(struct pf_altq *a) * discipline. */ int -altq_pfdetach(struct pf_altq *a) +altq_npfdetach(struct npf_altq *a) { struct ifnet *ifp; int s, error = 0; @@ -467,7 +470,7 @@ altq_pfdetach(struct pf_altq *a) * add a discipline or a queue */ int -altq_add(struct pf_altq *a) +altq_add(struct npf_altq *a) { int error = 0; @@ -506,7 +509,7 @@ altq_add(struct pf_altq *a) * remove a discipline or a queue */ int -altq_remove(struct pf_altq *a) +altq_remove(struct npf_altq *a) { int error = 0; @@ -540,7 +543,7 @@ altq_remove(struct pf_altq *a) * add a queue to the discipline */ int -altq_add_queue(struct pf_altq *a) +altq_add_queue(struct npf_altq *a) { int error = 0; @@ -571,7 +574,7 @@ altq_add_queue(struct pf_altq *a) * remove a queue from the discipline */ int -altq_remove_queue(struct pf_altq *a) +altq_remove_queue(struct npf_altq *a) { int error = 0; @@ -602,7 +605,7 @@ altq_remove_queue(struct pf_altq *a) * get queue statistics */ int -altq_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) +altq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) { int error = 0; @@ -628,7 +631,6 @@ altq_getqstats(struct pf_altq *a, void *ubuf, int *nbytes) return (error); } -#endif /* NPF > 0 */ /* * read and write diffserv field in IPv4 or IPv6 header diff --git a/sys/altq/altq_var.h b/sys/altq/altq_var.h index fbe35ba0fb54e..60316ddc5359a 100644 --- a/sys/altq/altq_var.h +++ b/sys/altq/altq_var.h @@ -207,7 +207,7 @@ typedef void (timeout_t)(void *); #define m_pktlen(m) ((m)->m_pkthdr.len) struct ifnet; struct mbuf; -struct pf_altq; +struct npf_altq; #ifdef ALTQ3_CLFIER_COMPAT struct flowinfo; #endif @@ -227,34 +227,34 @@ void altq_assert(const char *, int, const char *); int tbr_set(struct ifaltq *, struct tb_profile *); int tbr_get(struct ifaltq *, struct tb_profile *); -int altq_pfattach(struct pf_altq *); -int altq_pfdetach(struct pf_altq *); -int altq_add(struct pf_altq *); -int altq_remove(struct pf_altq *); -int altq_add_queue(struct pf_altq *); -int altq_remove_queue(struct pf_altq *); -int altq_getqstats(struct pf_altq *, void *, int *); +int altq_npfattach(struct npf_altq *); +int altq_npfdetach(struct npf_altq *); +int altq_add(struct npf_altq *); +int altq_remove(struct npf_altq *); +int altq_add_queue(struct npf_altq *); +int altq_remove_queue(struct npf_altq *); +int altq_getqstats(struct npf_altq *, void *, int *); -int cbq_pfattach(struct pf_altq *); -int cbq_add_altq(struct pf_altq *); -int cbq_remove_altq(struct pf_altq *); -int cbq_add_queue(struct pf_altq *); -int cbq_remove_queue(struct pf_altq *); -int cbq_getqstats(struct pf_altq *, void *, int *); +int cbq_npfattach(struct npf_altq *); +int cbq_add_altq(struct npf_altq *); +int cbq_remove_altq(struct npf_altq *); +int cbq_add_queue(struct npf_altq *); +int cbq_remove_queue(struct npf_altq *); +int cbq_getqstats(struct npf_altq *, void *, int *); -int priq_pfattach(struct pf_altq *); -int priq_add_altq(struct pf_altq *); -int priq_remove_altq(struct pf_altq *); -int priq_add_queue(struct pf_altq *); -int priq_remove_queue(struct pf_altq *); -int priq_getqstats(struct pf_altq *, void *, int *); +int priq_npfattach(struct npf_altq *); +int priq_add_altq(struct npf_altq *); +int priq_remove_altq(struct npf_altq *); +int priq_add_queue(struct npf_altq *); +int priq_remove_queue(struct npf_altq *); +int priq_getqstats(struct npf_altq *, void *, int *); -int hfsc_pfattach(struct pf_altq *); -int hfsc_add_altq(struct pf_altq *); -int hfsc_remove_altq(struct pf_altq *); -int hfsc_add_queue(struct pf_altq *); -int hfsc_remove_queue(struct pf_altq *); -int hfsc_getqstats(struct pf_altq *, void *, int *); +int hfsc_npfattach(struct npf_altq *); +int hfsc_add_altq(struct npf_altq *); +int hfsc_remove_altq(struct npf_altq *); +int hfsc_add_queue(struct npf_altq *); +int hfsc_remove_queue(struct npf_altq *); +int hfsc_getqstats(struct npf_altq *, void *, int *); #endif /* _KERNEL */ #endif /* _ALTQ_ALTQ_VAR_H_ */ diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h new file mode 100644 index 0000000000000..b3ad7592e682d --- /dev/null +++ b/sys/net/npf/npf_altq.h @@ -0,0 +1,102 @@ +/*- + * Copyright (c) 2010-2012 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This material is based upon work partially supported by The + * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +#ifndef NPF_ALTQ_H_ +#define NPF_ALTQ_H_ + +#ifndef IFNAMSIZ +#define IFNAMSIZ 16 +#endif +/* queueing flags */ +#ifndef NPF_QNAME_SIZE +#define NPF_QNAME_SIZE 64 +#endif +#ifndef TAGID_MAX +#define TAGID_MAX 50000 +#endif +#ifndef NPF_TAG_NAME_SIZE +#define NPF_TAG_NAME_SIZE 64 +#endif + +/* + * options defined on the cbq, priq and hfsc when configuring them + */ +struct npf_cbq_opts { + u_int minburst; + u_int maxburst; + u_int pktsize; + u_int maxpktsize; + u_int ns_per_byte; + u_int maxidle; + int minidle; + u_int offtime; + int flags; +}; +struct npf_priq_opts { + int flags; +}; +struct npf_hfsc_opts { + /* real-time service curve */ + u_int rtsc_m1; /* slope of the 1st segment in bps */ + u_int rtsc_d; /* the x-projection of m1 in msec */ + u_int rtsc_m2; /* slope of the 2nd segment in bps */ + /* link-sharing service curve */ + u_int lssc_m1; + u_int lssc_d; + u_int lssc_m2; + /* upper-limit service curve */ + u_int ulsc_m1; + u_int ulsc_d; + u_int ulsc_m2; + int flags; +}; +/* entries for our tail queue for our altqs */ +struct npf_altq { + char ifname[IFNAMSIZ]; + void *altq_disc; /* discipline-specific state */ + TAILQ_ENTRY(npf_altq) entries; + /* scheduler spec */ + u_int8_t scheduler; /* scheduler type */ + u_int16_t tbrsize; /* tokenbucket regulator size */ + u_int32_t ifbandwidth; /* interface bandwidth */ + /* queue spec */ + char qname[NPF_QNAME_SIZE]; /* queue name */ + char parent[NPF_QNAME_SIZE]; /* parent name */ + u_int32_t parent_qid; /* parent queue id */ + u_int32_t bandwidth; /* queue bandwidth */ + u_int8_t priority; /* priority */ + u_int16_t qlimit; /* queue size limit */ + u_int16_t flags; /* misc flags */ + union { + struct npf_cbq_opts cbq_opts; + struct npf_priq_opts priq_opts; + struct npf_hfsc_opts hfsc_opts; + } pq_u; + u_int32_t qid; /* return value */ +}; From e129664fc06ebceaf5c7063680fd9947229c6938 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 16:29:37 +0000 Subject: [PATCH 04/75] kernel component that loads altq configurations into altq framework three IOCLS: IOC_NPF_BEGIN_ALTQ: acts as a safe guard to only initialize and allocate memory when adding queue for the first time or adding after a flush. if altq is already loaded, it doesn't initlise or allocate, just clears already existing altq and ensures availablity of ifq structure to safely take on new queues. IOC_NPF_ADD_ALTQ: adds queues to the altq framework(using altq_add) which is called directly into ALTQ. queues are represented with npf_altq structure linked together in a TAILQ.(categorized into active and inactive). IOC_NPF_GET_ALTQ: checks if altq is supported to allow the queues to be sent to the kernel. --- distrib/sets/lists/comp/mi | 1 + sys/modules/npf/Makefile | 2 +- sys/net/npf/files.npf | 3 + sys/net/npf/npf.h | 12 +++ sys/net/npf/npf_altq.c | 162 +++++++++++++++++++++++++++++++ sys/net/npf/npf_os.c | 10 ++ sys/rump/net/lib/libnpf/Makefile | 2 +- usr.sbin/npf/npfctl/Makefile | 2 +- usr.sbin/npf/npftest/Makefile | 2 +- 9 files changed, 192 insertions(+), 4 deletions(-) create mode 100644 sys/net/npf/npf_altq.c diff --git a/distrib/sets/lists/comp/mi b/distrib/sets/lists/comp/mi index 766fd0cf08d33..31d42b94bcf99 100644 --- a/distrib/sets/lists/comp/mi +++ b/distrib/sets/lists/comp/mi @@ -2762,6 +2762,7 @@ ./usr/include/net/net_stats.h comp-c-include ./usr/include/net/netisr.h comp-obsolete obsolete ./usr/include/net/npf.h comp-c-include +./usr/include/net/npf_altq.h comp-c-include ./usr/include/net/npf_ncode.h comp-obsolete obsolete ./usr/include/net/pfil.h comp-c-include ./usr/include/net/pfkeyv2.h comp-c-include diff --git a/sys/modules/npf/Makefile b/sys/modules/npf/Makefile index f2a4085cb2d22..1f8542fff044b 100644 --- a/sys/modules/npf/Makefile +++ b/sys/modules/npf/Makefile @@ -13,7 +13,7 @@ SRCS= npf.c npf_alg.c npf_conf.c npf_ctl.c npf_handler.c SRCS+= npf_bpf.c npf_if.c npf_inet.c npf_mbuf.c npf_nat.c SRCS+= npf_params.c npf_ruleset.c npf_rproc.c SRCS+= npf_conn.c npf_conndb.c npf_connkey.c npf_portmap.c -SRCS+= npf_state.c npf_state_tcp.c npf_tableset.c +SRCS+= npf_state.c npf_state_tcp.c npf_tableset.c npf_altq.c SRCS+= lpm.c npf_sendpkt.c npf_worker.c npf_os.c npf_ifaddr.c SRCS+= nvlist.c nvpair.c nv_kern_netbsd.c dnvlist.c diff --git a/sys/net/npf/files.npf b/sys/net/npf/files.npf index 80727f79f5d39..a8afc829424b0 100644 --- a/sys/net/npf/files.npf +++ b/sys/net/npf/files.npf @@ -50,3 +50,6 @@ file net/npf/npf_alg_icmp.c npf # Interfaces file net/npf/if_npflog.c npf + +# queue +file net/npf/npf_altq.c npf diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index d9d5f77ea0d51..dde524e9863ad 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -205,6 +205,8 @@ bool npf_autounload_p(void); #define NPF_SRC 0 #define NPF_DST 1 +#include "npf_altq.h" + /* Rule attributes. */ #define NPF_RULE_PASS 0x00000001 #define NPF_RULE_GROUP 0x00000002 @@ -309,6 +311,13 @@ typedef struct npf_ioctl_table { } nct_data; } npf_ioctl_table_t; +struct npfioc_altq { + u_int32_t action; + u_int32_t ticket; + u_int32_t nr; + struct npf_altq altq; +}; + /* * IOCTL operations. */ @@ -322,6 +331,9 @@ typedef struct npf_ioctl_table { #define IOC_NPF_RULE _IOWR('N', 107, nvlist_ref_t) #define IOC_NPF_CONN_LOOKUP _IOWR('N', 108, nvlist_ref_t) #define IOC_NPF_TABLE_REPLACE _IOWR('N', 109, nvlist_ref_t) +#define IOC_NPF_ADD_ALTQ _IOWR('N', 110, struct npfioc_altq) +#define IOC_NPF_GET_ALTQS _IOWR('N', 111, struct npfioc_altq) +#define IOC_NPF_BEGIN_ALTQ _IO('N', 114) /* * NPF error report. diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c new file mode 100644 index 0000000000000..44d448eb53d8d --- /dev/null +++ b/sys/net/npf/npf_altq.c @@ -0,0 +1,162 @@ +/*- + * Copyright (c) 2010-2012 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This material is based upon work partially supported by The + * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef _KERNEL_OPT +#include "opt_inet.h" +#include "opt_altq.h" +#endif +#ifdef ALTQ +#include +#endif +#include "npf_altq.h" +#include "npf.h" + +#ifdef ALTQ +/* + * starting point of altq kernel routines + */ +bool npf_altq_running = false; +u_int32_t nticket_altqs_active; +u_int32_t nticket_altqs_inactive; +struct npf_altqqueue *npf_altqs_active; +struct npf_altqqueue *npf_altqs_inactive; +struct npf_altqqueue npf_altqs[2]; + +int npf_altqs_inactive_open; +struct pool npf_altq_pl; +int npf_altq_loaded = 0; + +TAILQ_HEAD(npf_tags, npf_tagname) npf_tags = TAILQ_HEAD_INITIALIZER(npf_tags), + npf_qids = TAILQ_HEAD_INITIALIZER(npf_qids); +void tag_unref(struct npf_tags *, u_int16_t); +u_int16_t npftagname2tag(struct npf_tags *, char *); +#if (NPF_QNAME_SIZE != NPF_TAG_NAME_SIZE) +#error NPF_QNAME_SIZE must be equal to NPF_TAG_NAME_SIZE +#endif +/* npf interface to start altq */ +void +npf_altq_init(void) +{ + pool_init(&npf_altq_pl, sizeof(struct npf_altq), 0, 0, 0, "npfaltqpl", + &pool_allocator_nointr, IPL_NONE); + TAILQ_INIT(&npf_altqs[0]); + TAILQ_INIT(&npf_altqs[1]); + npf_altqs_active = &npf_altqs[0]; + npf_altqs_inactive = &npf_altqs[1]; +} + +int +npf_begin_altq(void) +{ + struct npf_altq *altq; + int error = 0; + /* Purge the old altq list */ + while ((altq = TAILQ_FIRST(npf_altqs_inactive)) != NULL) { + TAILQ_REMOVE(npf_altqs_inactive, altq, entries); + if (altq->qname[0] == 0) { + /* detach and destroy the discipline */ + error = altq_remove(altq); + } else + npf_qid_unref(altq->qid); + pool_put(&npf_altq_pl, altq); + } + if (error) + return (error); + + return (0); +} + +int +npf_get_altqs(void *data) +{ + struct npfioc_altq *paa = (struct npfioc_altq *)data; + struct npf_altq *altq; + paa->nr = 0; + TAILQ_FOREACH(altq, npf_altqs_active, entries) + paa->nr++; + paa->ticket = nticket_altqs_active; + return 0 ; +} +int +npf_add_altq(void *data) +{ + struct npfioc_altq *paa = (struct npfioc_altq *)data; + struct npf_altq *altq, *a; + int error; + + altq = pool_get(&npf_altq_pl, PR_NOWAIT); + if (altq == NULL) { + error = ENOMEM; + return error; + } + memcpy(altq, &paa->altq, sizeof(struct npf_altq)); + /* + * if this is for a queue, find the discipline and + * copy the necessary fields + */ + if (altq->qname[0] != 0) { + if ((altq->qid = npf_qname2qid(altq->qname)) == 0) { + error = EBUSY; + pool_put(&npf_altq_pl, altq); + return error; + } + TAILQ_FOREACH(a, npf_altqs_inactive, entries) { + if (strncmp(a->ifname, altq->ifname, + IFNAMSIZ) == 0 && a->qname[0] == 0) { + altq->altq_disc = a->altq_disc; + break; + } + } + } + error = altq_add(altq); + if (error) { + pool_put(&npf_altq_pl, altq); + return error; + } + TAILQ_INSERT_TAIL(npf_altqs_inactive, altq, entries); + memcpy(&paa->altq, altq, sizeof(struct npf_altq)); + + if (!npf_altq_loaded) + npf_altq_loaded = 1; + return 0; +} +#endif /*ALTQ */ \ No newline at end of file diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 022178236d50b..6d8507bb3b0a9 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -274,6 +274,16 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) return npfctl_table(npf, data); case IOC_NPF_STATS: return npf_stats_export(npf, data); + case IOC_NPF_ADD_ALTQ: + return npf_add_altq(data); + case IOC_NPF_GET_ALTQS: + return npf_get_altqs(data); + case IOC_NPF_BEGIN_ALTQ: + /* initialize all queueing components on the first attempt*/ + if (!npf_altq_loaded) { + npf_altq_init(); + } + return npf_begin_altq(); case IOC_NPF_LOAD: case IOC_NPF_SAVE: case IOC_NPF_RULE: diff --git a/sys/rump/net/lib/libnpf/Makefile b/sys/rump/net/lib/libnpf/Makefile index dfea0c1f9390b..68282e8b5eb84 100644 --- a/sys/rump/net/lib/libnpf/Makefile +++ b/sys/rump/net/lib/libnpf/Makefile @@ -17,7 +17,7 @@ SRCS= npf.c npf_alg.c npf_conf.c npf_ctl.c npf_handler.c SRCS+= npf_bpf.c npf_if.c npf_inet.c npf_mbuf.c npf_nat.c SRCS+= npf_params.c npf_ruleset.c npf_rproc.c SRCS+= npf_conn.c npf_conndb.c npf_connkey.c npf_portmap.c -SRCS+= npf_state.c npf_state_tcp.c npf_tableset.c +SRCS+= npf_state.c npf_state_tcp.c npf_tableset.c npf_altq.c SRCS+= lpm.c npf_sendpkt.c npf_worker.c npf_os.c npf_ifaddr.c SRCS+= nvlist.c nvpair.c nv_kern_netbsd.c dnvlist.c diff --git a/usr.sbin/npf/npfctl/Makefile b/usr.sbin/npf/npfctl/Makefile index e840b1241fe7c..59a8e9a736b9b 100644 --- a/usr.sbin/npf/npfctl/Makefile +++ b/usr.sbin/npf/npfctl/Makefile @@ -13,7 +13,7 @@ CPPFLAGS+= -I${.CURDIR} SRCS+= npf_scan.l npf_parse.y YHEADER= 1 -LDADD+= -lnpf -lpcap -lutil -ly +LDADD+= -lnpf -lpcap -lutil -ly -lm DPADD+= ${LIBNPF} ${LIBUTIL} ${LIBPCAP} ${LIBUTIL} ${LIBY} WARNS= 5 diff --git a/usr.sbin/npf/npftest/Makefile b/usr.sbin/npf/npftest/Makefile index 83cfc6f7d8b9c..fb003a7501725 100644 --- a/usr.sbin/npf/npftest/Makefile +++ b/usr.sbin/npf/npftest/Makefile @@ -18,7 +18,7 @@ DPADD+= ${LIBNPFTEST}/libnpftest.a LDADD+= -L${LIBNPFTEST} -lnpftest LDADD+= -lrump -lrumpvfs_nofifofs -lrumpvfs -lrumpuser -LDADD+= -lrumpnet -lrumpnet_net -lrumpdev_bpf +LDADD+= -lrumpnet -lrumpnet_net -lrumpdev_bpf -lrumpnet_altq .if ${RUMP_SANITIZE:Uno} != "no" LDADD+= -fsanitize=${RUMP_SANITIZE} From fe498ea25eb89bb9f8e21e8eeba03cbe5ef0548a Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 16:47:51 +0000 Subject: [PATCH 05/75] Userland code parses the altq configurations and sends to kernel main functions are : expand_altq and expand_queue. expand_altq acts on: altq on $interface $scheduler $queue_options $child_queues expand_queue acts on: defined child queues.. queue blabla bandwidth x priotiy y .... the rest for calcualting bandwidth, tbrsizes, qlenght etc. most were re-implemeted from PF and has been well tested. safety guards: before a succesful addition into the kernel, it's checked if only on discipline is being loaded as it doesn't allow the defintion of two or more disciplines. --- usr.sbin/npf/npfctl/npf_altq.c | 1395 ++++++++++++++++++++++++++++++++ usr.sbin/npf/npfctl/npfctl.h | 24 + 2 files changed, 1419 insertions(+) create mode 100644 usr.sbin/npf/npfctl/npf_altq.c diff --git a/usr.sbin/npf/npfctl/npf_altq.c b/usr.sbin/npf/npfctl/npf_altq.c new file mode 100644 index 0000000000000..f6ce97894025c --- /dev/null +++ b/usr.sbin/npf/npfctl/npf_altq.c @@ -0,0 +1,1395 @@ +/*- + * Copyright (c) 2011-2020 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This material is based upon work partially supported by The + * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +#include +#include +#include +#ifdef __NetBSD__ +#include +#include +#endif +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "npf.h" +#include +#include +#include +#include +#include "npfctl.h" + +LIST_HEAD(gen_sc, segment) rtsc, lssc; +static int eval_npfqueue_cbq(struct npf_altq *); +static int cbq_compute_idletime(struct npf_altq *); +static int check_commit_cbq(struct npf_altq *); +static int print_cbq_opts(const struct npf_altq *); +static int eval_npfqueue_priq(struct npf_altq *); +static int check_commit_priq(struct npf_altq *); +static int print_priq_opts(const struct npf_altq *); +static int eval_npfqueue_hfsc(struct npf_altq *); +static int check_commit_hfsc(struct npf_altq *); +static int print_hfsc_opts(const struct npf_altq *, + const struct node_queue_opt *); +static void gsc_add_sc(struct gen_sc *, struct service_curve *); +static int is_gsc_under_sc(struct gen_sc *, + struct service_curve *); +static void gsc_destroy(struct gen_sc *); +static struct segment *gsc_getentry(struct gen_sc *, double); +static int gsc_add_seg(struct gen_sc *, double, double, double, + double); +static double sc_x2y(struct service_curve *, double); +void print_hfsc_sc(const char *, u_int, u_int, u_int, + const struct node_hfsc_sc *); +int ifdisc_lookup(struct npf_altq *); + +int npfdev; +int altqsupport; + +TAILQ_HEAD(altqs, npf_altq) altqs = TAILQ_HEAD_INITIALIZER(altqs); +#define is_sc_null(sc) (((sc) == NULL) || ((sc)->m1 == 0 && (sc)->m2 == 0)) + +struct node_queue *queues = NULL; + +#define FREE_LIST(T,r) \ + do { \ + T *p, *node = r; \ + while (node != NULL) { \ + p = node; \ + node = node->next; \ + free(p); \ + } \ + } while (0) + +#define LOOP_THROUGH(T,n,r,C) \ + do { \ + T *n; \ + if (r == NULL) { \ + r = calloc(1, sizeof(T)); \ + if (r == NULL) \ + err(1, "LOOP: calloc"); \ + r->next = NULL; \ + } \ + n = r; \ + while (n != NULL) { \ + do { \ + C; \ + } while (0); \ + n = n->next; \ + } \ + } while (0) +int +npfctl_test_altqsupport(int dev) +{ + struct npfioc_altq pa; + if (ioctl(dev, IOC_NPF_GET_ALTQS, &pa)) { + if (errno == ENODEV) { + fprintf(stderr, "No ALTQ support in kernel\n" + "ALTQ related functions disabled\n"); + return (0); + } else + err(1, "IOC_GET_ALTQS"); + } + return (1); +} +/* evaluate bandwidth */ +int +npfctl_eval_bw(struct node_queue_bw * bw, char * bw_spec) +{ + double bps; + char *cp; + bw->bw_percent = 0; + bps = strtod(bw_spec, &cp); + if (cp != NULL) { + if (!strcmp(cp, "b")) + ; /* nothing */ + else if (!strcmp(cp, "Kb")) + bps *= 1000; + else if (!strcmp(cp, "Mb")) + bps *= 1000 * 1000; + else if (!strcmp(cp, "Gb")) + bps *= 1000 * 1000 * 1000; + else if (!strcmp(cp, "%")) { + if (bps < 0 || bps > 100) { + yyerror("bandwidth spec " + "out of range"); + return (-1); + } + bw->bw_percent = bps; + bps = 0; + } else { + yyerror("unknown unit %s", cp); + return (-1); + } + } + bw->bw_absolute = (u_int32_t)bps; + return 0; +} + +int +expand_altq(struct npf_altq *a, const char *ifname, + struct node_queue *nqueues, struct node_queue_bw bwspec, + struct node_queue_opt *opts) +{ + struct npf_altq pa, pb; + char qname[NPF_QNAME_SIZE]; + struct node_queue *n; + struct node_queue_bw bw; + int errs = 0; + npfdev = npfctl_open_dev(NPF_DEV_PATH); + memcpy(&pa, a, sizeof(struct npf_altq)); + if (strlcpy(pa.ifname, ifname, + sizeof(pa.ifname)) >= sizeof(pa.ifname)) + errx(1, "expand_altq: strlcpy"); + if (ifdisc_lookup(&pa)) { + yyerror("only one scheduler per interface.\n altq already defined on %s", pa.ifname); + errs++; + } else { + if (eval_npfaltq(&pa, &bwspec, opts)) + errs++; + else + if (ioctl(npfdev, IOC_NPF_BEGIN_ALTQ) == 0) { + if (npfctl_add_altq(&pa)){ + yyerror("cannot add parent queue"); + errs++; + } + } else + errx(1, "cannot begin altq: altq_begin"); + if (pa.scheduler == ALTQT_CBQ || + pa.scheduler == ALTQT_HFSC) { + /* now create a root queue */ + memset(&pb, 0, sizeof(struct npf_altq)); + if (strlcpy(qname, "root_", sizeof(qname)) >= + sizeof(qname)) + errx(1, "expand_altq: strlcpy"); + if (strlcat(qname, ifname, + sizeof(qname)) >= sizeof(qname)) + errx(1, "expand_altq: strlcat"); + if (strlcpy(pb.qname, qname, + sizeof(pb.qname)) >= sizeof(pb.qname)) + errx(1, "expand_altq: strlcpy"); + if (strlcpy(pb.ifname, ifname, + sizeof(pb.ifname)) >= sizeof(pb.ifname)) + errx(1, "expand_altq: strlcpy"); + pb.qlimit = pa.qlimit; + pb.scheduler = pa.scheduler; + bw.bw_absolute = pa.ifbandwidth; + bw.bw_percent = 0; + if (eval_npfqueue(&pb, &bw, opts)) + errs++; + else + if (npfctl_add_altq(&pb)) + errs++; + } + LOOP_THROUGH(struct node_queue, queue, nqueues, + n = calloc(1, sizeof(struct node_queue)); + if (n == NULL) + err(1, "expand_altq: calloc"); + if (pa.scheduler == ALTQT_CBQ || + pa.scheduler == ALTQT_HFSC) + if (strlcpy(n->parent, qname, + sizeof(n->parent)) >= + sizeof(n->parent)) + errx(1, "expand_altq: strlcpy"); + if (strlcpy(n->queue, queue->queue, + sizeof(n->queue)) >= sizeof(n->queue)) + errx(1, "expand_altq: strlcpy"); + if (strlcpy(n->ifname, ifname, + sizeof(n->ifname)) >= sizeof(n->ifname)) + errx(1, "expand_altq: strlcpy"); + n->scheduler = pa.scheduler; + n->next = NULL; + n->tail = n; + if (queues == NULL) + queues = n; + else { + queues->tail->next = n; + queues->tail = n; + } + ); + } + FREE_LIST(struct node_queue, nqueues); + + return (errs); +} +int +expand_queue(struct npf_altq *a, const char *ifname, + struct node_queue *nqueues, struct node_queue_bw bwspec, + struct node_queue_opt *opts) +{ + struct node_queue *n, *nq; + struct npf_altq pa; + u_int8_t found = 0; + u_int8_t errs = 0; + + if (queues == NULL) { + yyerror("queue %s has no parent", a->qname); + FREE_LIST(struct node_queue, nqueues); + return (1); + } + LOOP_THROUGH(struct node_queue, tqueue, queues, + if (!strncmp(a->qname, tqueue->queue, NPF_QNAME_SIZE) && + (ifname == 0 || + (!strncmp(ifname, tqueue->ifname, IFNAMSIZ)) || + (strncmp(ifname, tqueue->ifname, IFNAMSIZ)))){ + /* found ourself in the child queues */ + found++; + memcpy(&pa, a, sizeof(struct npf_altq)); + if (pa.scheduler != ALTQT_NONE && + pa.scheduler != tqueue->scheduler) { + yyerror("exactly one scheduler type " + "per interface allowed"); + errs++; + goto out; + } + pa.scheduler = tqueue->scheduler; + /* scheduler dependent error checking */ + switch (pa.scheduler) { + case ALTQT_PRIQ: + if (nqueues != NULL) { + yyerror("priq queues cannot " + "have child queues"); + errs++; + goto out; + } + if (bwspec.bw_absolute > 0 || + bwspec.bw_percent < 100) { + yyerror("priq doesn't take " + "bandwidth"); + errs++; + goto out; + } + break; + default: + break; + } + if (strlcpy(pa.ifname, tqueue->ifname, + sizeof(pa.ifname)) >= sizeof(pa.ifname)) + errx(1, "expand_queue: strlcpy"); + if (strlcpy(pa.parent, tqueue->parent, + sizeof(pa.parent)) >= sizeof(pa.parent)) + errx(1, "expand_queue: strlcpy"); + if (eval_npfqueue(&pa, &bwspec, opts)) + errs++; + else + if (npfctl_add_altq(&pa)) + errs++; + for (nq = nqueues; nq != NULL; nq = nq->next) { + if (!strcmp(a->qname, nq->queue)) { + yyerror("queue cannot have " + "itself as child"); + errs++; + continue; + } + n = calloc(1, + sizeof(struct node_queue)); + if (n == NULL) + err(1, "expand_queue: calloc"); + if (strlcpy(n->parent, a->qname, + sizeof(n->parent)) >= + sizeof(n->parent)) + errx(1, "expand_queue strlcpy"); + if (strlcpy(n->queue, nq->queue, + sizeof(n->queue)) >= + sizeof(n->queue)) + errx(1, "expand_queue strlcpy"); + if (strlcpy(n->ifname, tqueue->ifname, + sizeof(n->ifname)) >= + sizeof(n->ifname)) + errx(1, "expand_queue strlcpy"); + n->scheduler = tqueue->scheduler; + n->next = NULL; + n->tail = n; + if (queues == NULL) + queues = n; + else { + queues->tail->next = n; + queues->tail = n; + } + } + } + ); +out: + FREE_LIST(struct node_queue, nqueues); + if (!found) { + yyerror("queue %s has no parent", a->qname); + errs++; + } + if (errs) + return (1); + else + return (0); +} +/* + * eval_npfaltq computes the discipline parameters. + */ +int +eval_npfaltq(struct npf_altq *pa, struct node_queue_bw *bw, + struct node_queue_opt *opts) +{ + u_int rate, size, errors = 0; + if (bw->bw_absolute > 0) + pa->ifbandwidth = bw->bw_absolute; + else + if ((rate = get_ifspeed(pa->ifname)) == 0) { + fprintf(stderr, "interface %s does not know its bandwidth, " + "please specify an absolute bandwidth\n", + pa->ifname); + errors++; + } else if ((pa->ifbandwidth = npf_eval_bwspec(bw, rate)) == 0) + pa->ifbandwidth = rate; + errors += npf_eval_queue_opts(pa, opts, pa->ifbandwidth); + /* if tbrsize is not specified, use heuristics */ + if (pa->tbrsize == 0) { + rate = pa->ifbandwidth; + if (rate <= 1 * 1000 * 1000) + size = 1; + else if (rate <= 10 * 1000 * 1000) + size = 4; + else if (rate <= 200 * 1000 * 1000) + size = 8; + else + size = 24; + size = size * get_ifmtu(pa->ifname); + if (size > 0xffff) + size = 0xffff; + pa->tbrsize = size; + } + return (errors); +} +int +npf_eval_queue_opts(struct npf_altq *pa, struct node_queue_opt *opts, + u_int32_t ref_bw) +{ + int errors = 0; + switch (pa->scheduler) { + case ALTQT_CBQ: + pa->pq_u.cbq_opts = opts->data.cbq_opts; + break; + case ALTQT_PRIQ: + pa->pq_u.priq_opts = opts->data.priq_opts; + break; + case ALTQT_HFSC: + pa->pq_u.hfsc_opts.flags = opts->data.hfsc_opts.flags; + if (opts->data.hfsc_opts.linkshare.used) { + pa->pq_u.hfsc_opts.lssc_m1 = + npf_eval_bwspec(&opts->data.hfsc_opts.linkshare.m1, + ref_bw); + pa->pq_u.hfsc_opts.lssc_m2 = + npf_eval_bwspec(&opts->data.hfsc_opts.linkshare.m2, + ref_bw); + pa->pq_u.hfsc_opts.lssc_d = + opts->data.hfsc_opts.linkshare.d; + } + if (opts->data.hfsc_opts.realtime.used) { + pa->pq_u.hfsc_opts.rtsc_m1 = + npf_eval_bwspec(&opts->data.hfsc_opts.realtime.m1, + ref_bw); + pa->pq_u.hfsc_opts.rtsc_m2 = + npf_eval_bwspec(&opts->data.hfsc_opts.realtime.m2, + ref_bw); + pa->pq_u.hfsc_opts.rtsc_d = + opts->data.hfsc_opts.realtime.d; + } + if (opts->data.hfsc_opts.upperlimit.used) { + pa->pq_u.hfsc_opts.ulsc_m1 = + npf_eval_bwspec(&opts->data.hfsc_opts.upperlimit.m1, + ref_bw); + pa->pq_u.hfsc_opts.ulsc_m2 = + npf_eval_bwspec(&opts->data.hfsc_opts.upperlimit.m2, + ref_bw); + pa->pq_u.hfsc_opts.ulsc_d = + opts->data.hfsc_opts.upperlimit.d; + } + break; + default: + warnx("eval_queue_opts: unknown scheduler type %u", + opts->qtype); + errors++; + break; + } + return (errors); +} +int +npfctl_add_altq(struct npf_altq *a) +{ + struct npfioc_altq *npaltq; + if ((npaltq = malloc(sizeof(*npaltq))) == NULL) + err(1, "malloc"); + memcpy(&npaltq->altq, a, sizeof(struct npf_altq)); + if (ioctl(npfdev, IOC_NPF_ADD_ALTQ, npaltq)) { + if (errno == ENXIO) + errx(1, "qtype not configured"); + else if (errno == ENODEV) + errx(1, "%s: driver does not support " + "altq", a->ifname); + else + err(1, "NPFADDALTQ"); + } + npfaltq_store(&npaltq->altq); + free(npaltq); + return (0); +} +void +npfaltq_store(struct npf_altq *a) +{ + struct npf_altq *altq; + if ((altq = malloc(sizeof(*altq))) == NULL) + err(1, "malloc"); + memcpy(altq, a, sizeof(struct npf_altq)); + TAILQ_INSERT_TAIL(&altqs, altq, entries); + /* check altq presence in config */ +} +u_int32_t +npf_eval_bwspec(struct node_queue_bw *bw, u_int32_t ref_bw) +{ + if (bw->bw_absolute > 0) + return (bw->bw_absolute); + if (bw->bw_percent > 0) + return (ref_bw / 100 * bw->bw_percent); + return (0); +} +u_int32_t +get_ifspeed(char *ifname) +{ + int s; + struct ifdatareq ifdr; + struct if_data *ifrdat; + if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) + err(1, "getifspeed: socket"); + memset(&ifdr, 0, sizeof(ifdr)); + if (strlcpy(ifdr.ifdr_name, ifname, sizeof(ifdr.ifdr_name)) >= + sizeof(ifdr.ifdr_name)) + errx(1, "getifspeed: strlcpy"); + if (ioctl(s, SIOCGIFDATA, &ifdr) == -1) + err(1, "getifspeed: SIOCGIFDATA"); + ifrdat = &ifdr.ifdr_data; + if (close(s) == -1) + err(1, "getifspeed: close"); + return ((u_int32_t)ifrdat->ifi_baudrate); +} +u_long +get_ifmtu(char *ifname) +{ + int s; + struct ifreq ifr; + if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) + err(1, "socket"); + bzero(&ifr, sizeof(ifr)); + if (strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)) >= + sizeof(ifr.ifr_name)) + errx(1, "getifmtu: strlcpy"); + if (ioctl(s, SIOCGIFMTU, (caddr_t)&ifr) == -1) + err(1, "SIOCGIFMTU"); + if (close(s) == -1) + err(1, "close"); + if (ifr.ifr_mtu > 0) + return (ifr.ifr_mtu); + else { + warnx("could not get mtu for %s, assuming 1500", ifname); + return (1500); + } +} +/* + * eval_npfqueue computes the queue parameters. + */ +int +eval_npfqueue(struct npf_altq *pa, struct node_queue_bw *bw, + struct node_queue_opt *opts) +{ + /* should be merged with expand_queue */ + struct npf_altq *if_pa, *parent, *altq; + u_int32_t bwsum; + int error = 0; + /* find the corresponding interface and copy fields used by queues */ + if ((if_pa = npfaltq_lookup(pa->ifname)) == NULL) { + fprintf(stderr, "altq not defined on %s\n", pa->ifname); + return (1); + } + pa->scheduler = if_pa->scheduler; + pa->ifbandwidth = if_pa->ifbandwidth; + if (qname_to_npfaltq(pa->qname, pa->ifname) != NULL) { + fprintf(stderr, "queue %s already exists on interface %s\n", + pa->qname, pa->ifname); + return (1); + } + pa->qid = qname_to_qid(pa->qname); + parent = NULL; + if (pa->parent[0] != 0) { + parent = qname_to_npfaltq(pa->parent, pa->ifname); + if (parent == NULL) { + fprintf(stderr, "parent %s not found for %s\n", + pa->parent, pa->qname); + return (1); + } + pa->parent_qid = parent->qid; + } + if (pa->qlimit == 0) + pa->qlimit = DEFAULT_QLIMIT; + if (pa->scheduler == ALTQT_CBQ || pa->scheduler == ALTQT_HFSC) { + pa->bandwidth = npf_eval_bwspec(bw, + parent == NULL ? 0 : parent->bandwidth); + if (pa->bandwidth > pa->ifbandwidth) { + fprintf(stderr, "bandwidth for %s higher than " + "interface\n", pa->qname); + return (1); + } + /* check the sum of the child bandwidth is under parent's */ + if (parent != NULL) { + if (pa->bandwidth > parent->bandwidth) { + warnx("bandwidth for %s higher than parent", + pa->qname); + return (1); + } + bwsum = 0; + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(altq->ifname, pa->ifname, + IFNAMSIZ) == 0 && + altq->qname[0] != 0 && + strncmp(altq->parent, pa->parent, + NPF_QNAME_SIZE) == 0) + bwsum += altq->bandwidth; + } + bwsum += pa->bandwidth; + if (bwsum > parent->bandwidth) { + warnx("the sum of the child bandwidth higher" + " than parent \"%s\"", parent->qname); + } + } + } + if (npf_eval_queue_opts(pa, opts, parent == NULL? 0 : parent->bandwidth)) + return (1); + switch (pa->scheduler) { + case ALTQT_CBQ: + error = eval_npfqueue_cbq(pa); + break; + case ALTQT_PRIQ: + error = eval_npfqueue_priq(pa); + break; + case ALTQT_HFSC: + error = eval_npfqueue_hfsc(pa); + break; + default: + break; + } + return (error); +} +struct npf_altq * +qname_to_npfaltq(const char *qname, const char *ifname) +{ + struct npf_altq *altq; + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(ifname, altq->ifname, IFNAMSIZ) == 0 && + strncmp(qname, altq->qname, NPF_QNAME_SIZE) == 0) + return (altq); + } + return (NULL); +} +u_int32_t +qname_to_qid(const char *qname) +{ + struct npf_altq *altq; + /* + * We guarantee that same named queues on different interfaces + * have the same qid, so we do NOT need to limit matching on + * one interface! + */ + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(qname, altq->qname, NPF_QNAME_SIZE) == 0) + return (altq->qid); + } + return (0); +} + +/*define only one discipline on one interface */ +int +ifdisc_lookup(struct npf_altq * altq) +{ + struct npf_altq *a; + if ((a = TAILQ_FIRST(&altqs)) != NULL) { + if ((a = npfaltq_lookup(altq->ifname)) != NULL) { + if (a->scheduler != altq->scheduler) { + return -1; + } + } + } + return 0; +} +struct npf_altq * +npfaltq_lookup(const char *ifname) +{ + struct npf_altq *altq; + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(ifname, altq->ifname, IFNAMSIZ) == 0 && + altq->qname[0] == 0) + return (altq); + } + return (NULL); +} +/* + * CBQ support functions + */ +#define RM_FILTER_GAIN 5 /* log2 of gain, e.g., 5 => 31/32 */ +#define RM_NS_PER_SEC (1000000000) +static int +eval_npfqueue_cbq(struct npf_altq *pa) +{ + struct npf_cbq_opts *opts; + u_int ifmtu; + if (pa->priority >= CBQ_MAXPRI) { + warnx("priority out of range: max %d", CBQ_MAXPRI - 1); + return (-1); + } + ifmtu = get_ifmtu(pa->ifname); + opts = &pa->pq_u.cbq_opts; + if (opts->pktsize == 0) { /* use default */ + opts->pktsize = ifmtu; + if (opts->pktsize > MCLBYTES) /* do what TCP does */ + opts->pktsize &= ~MCLBYTES; + } else if (opts->pktsize > ifmtu) + opts->pktsize = ifmtu; + if (opts->maxpktsize == 0) /* use default */ + opts->maxpktsize = ifmtu; + else if (opts->maxpktsize > ifmtu) + opts->pktsize = ifmtu; + if (opts->pktsize > opts->maxpktsize) + opts->pktsize = opts->maxpktsize; + if (pa->parent[0] == 0) + opts->flags |= (CBQCLF_ROOTCLASS | CBQCLF_WRR); + cbq_compute_idletime(pa); + return (0); +} +/* + * compute ns_per_byte, maxidle, minidle, and offtime + */ +static int +cbq_compute_idletime(struct npf_altq *pa) +{ + struct npf_cbq_opts *opts; + double maxidle_s, maxidle, minidle; + double offtime, nsPerByte, ifnsPerByte, ptime, cptime; + double z, g, f, gton, gtom; + u_int minburst, maxburst; + opts = &pa->pq_u.cbq_opts; + ifnsPerByte = (1.0 / (double)pa->ifbandwidth) * RM_NS_PER_SEC * 8; + minburst = opts->minburst; + maxburst = opts->maxburst; + if (pa->bandwidth == 0) + f = 0.0001; /* small enough? */ + else + f = ((double) pa->bandwidth / (double) pa->ifbandwidth); + nsPerByte = ifnsPerByte / f; + ptime = (double)opts->pktsize * ifnsPerByte; + cptime = ptime * (1.0 - f) / f; + if (nsPerByte * (double)opts->maxpktsize > (double)INT_MAX) { + /* + * this causes integer overflow in kernel! + * (bandwidth < 6Kbps when max_pkt_size=1500) + */ + if (pa->bandwidth != 0) { + warnx("queue bandwidth must be larger than %s", + rate2str(ifnsPerByte * (double)opts->maxpktsize / + (double)INT_MAX * (double)pa->ifbandwidth)); + fprintf(stderr, "cbq: queue %s is too slow!\n", + pa->qname); + } + nsPerByte = (double)(INT_MAX / opts->maxpktsize); + } + if (maxburst == 0) { /* use default */ + if (cptime > 10.0 * 1000000) + maxburst = 4; + else + maxburst = 16; + } + if (minburst == 0) /* use default */ + minburst = 2; + if (minburst > maxburst) + minburst = maxburst; + z = (double)(1 << RM_FILTER_GAIN); + g = (1.0 - 1.0 / z); + gton = pow(g, (double)maxburst); + gtom = pow(g, (double)(minburst-1)); + maxidle = ((1.0 / f - 1.0) * ((1.0 - gton) / gton)); + maxidle_s = (1.0 - g); + if (maxidle > maxidle_s) + maxidle = ptime * maxidle; + else + maxidle = ptime * maxidle_s; + offtime = cptime * (1.0 + 1.0/(1.0 - g) * (1.0 - gtom) / gtom); + minidle = -((double)opts->maxpktsize * (double)nsPerByte); + /* scale parameters */ + maxidle = ((maxidle * 8.0) / nsPerByte) * + pow(2.0, (double)RM_FILTER_GAIN); + offtime = (offtime * 8.0) / nsPerByte * + pow(2.0, (double)RM_FILTER_GAIN); + minidle = ((minidle * 8.0) / nsPerByte) * + pow(2.0, (double)RM_FILTER_GAIN); + maxidle = maxidle / 1000.0; + offtime = offtime / 1000.0; + minidle = minidle / 1000.0; + opts->minburst = minburst; + opts->maxburst = maxburst; + opts->ns_per_byte = (u_int)nsPerByte; + opts->maxidle = (u_int)fabs(maxidle); + opts->minidle = (int)minidle; + opts->offtime = (u_int)fabs(offtime); + return (0); +} +/* + * PRIQ support functions + */ +static int +eval_npfqueue_priq(struct npf_altq *pa) +{ + struct npf_altq *altq; + if (pa->priority >= PRIQ_MAXPRI) { + warnx("priority out of range: max %d", PRIQ_MAXPRI - 1); + return (-1); + } + /* the priority should be unique for the interface */ + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(altq->ifname, pa->ifname, IFNAMSIZ) == 0 && + altq->qname[0] != 0 && altq->priority == pa->priority) { + warnx("%s and %s have the same priority", + altq->qname, pa->qname); + return (-1); + } + } + return (0); +} +/* + * HFSC support functions + */ +static int +eval_npfqueue_hfsc(struct npf_altq *pa) +{ + struct npf_altq *altq, *parent; + struct npf_hfsc_opts *opts; + struct service_curve sc; + opts = &pa->pq_u.hfsc_opts; + if (pa->parent[0] == 0) { + /* root queue */ + opts->lssc_m1 = pa->ifbandwidth; + opts->lssc_m2 = pa->ifbandwidth; + opts->lssc_d = 0; + return (0); + } + LIST_INIT(&rtsc); + LIST_INIT(&lssc); + /* if link_share is not specified, use bandwidth */ + if (opts->lssc_m2 == 0) + opts->lssc_m2 = pa->bandwidth; + if ((opts->rtsc_m1 > 0 && opts->rtsc_m2 == 0) || + (opts->lssc_m1 > 0 && opts->lssc_m2 == 0) || + (opts->ulsc_m1 > 0 && opts->ulsc_m2 == 0)) { + warnx("m2 is zero for %s", pa->qname); + return (-1); + } + if ((opts->rtsc_m1 < opts->rtsc_m2 && opts->rtsc_m1 != 0) || + (opts->lssc_m1 < opts->lssc_m2 && opts->lssc_m1 != 0) || + (opts->ulsc_m1 < opts->ulsc_m2 && opts->ulsc_m1 != 0)) { + warnx("m1 must be zero for convex curve: %s", pa->qname); + return (-1); + } + /* + * admission control: + * for the real-time service curve, the sum of the service curves + * should not exceed 80% of the interface bandwidth. 20% is reserved + * not to over-commit the actual interface bandwidth. + * for the linkshare service curve, the sum of the child service + * curve should not exceed the parent service curve. + * for the upper-limit service curve, the assigned bandwidth should + * be smaller than the interface bandwidth, and the upper-limit should + * be larger than the real-time service curve when both are defined. + */ + parent = qname_to_npfaltq(pa->parent, pa->ifname); + if (parent == NULL) + errx(1, "parent %s not found for %s", pa->parent, pa->qname); + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(altq->ifname, pa->ifname, IFNAMSIZ) != 0) + continue; + if (altq->qname[0] == 0) /* this is for interface */ + continue; + /* if the class has a real-time service curve, add it. */ + if (opts->rtsc_m2 != 0 && altq->pq_u.hfsc_opts.rtsc_m2 != 0) { + sc.m1 = altq->pq_u.hfsc_opts.rtsc_m1; + sc.d = altq->pq_u.hfsc_opts.rtsc_d; + sc.m2 = altq->pq_u.hfsc_opts.rtsc_m2; + gsc_add_sc(&rtsc, &sc); + } + if (strncmp(altq->parent, pa->parent, NPF_QNAME_SIZE) != 0) + continue; + /* if the class has a linkshare service curve, add it. */ + if (opts->lssc_m2 != 0 && altq->pq_u.hfsc_opts.lssc_m2 != 0) { + sc.m1 = altq->pq_u.hfsc_opts.lssc_m1; + sc.d = altq->pq_u.hfsc_opts.lssc_d; + sc.m2 = altq->pq_u.hfsc_opts.lssc_m2; + gsc_add_sc(&lssc, &sc); + } + } + /* check the real-time service curve. reserve 20% of interface bw */ + if (opts->rtsc_m2 != 0) { + /* add this queue to the sum */ + sc.m1 = opts->rtsc_m1; + sc.d = opts->rtsc_d; + sc.m2 = opts->rtsc_m2; + gsc_add_sc(&rtsc, &sc); + /* compare the sum with 80% of the interface */ + sc.m1 = 0; + sc.d = 0; + sc.m2 = pa->ifbandwidth / 100 * 80; + if (!is_gsc_under_sc(&rtsc, &sc)) { + warnx("real-time sc exceeds 80%% of the interface " + "bandwidth (%s)", rate2str((double)sc.m2)); + goto err_ret; + } + } + /* check the linkshare service curve. */ + if (opts->lssc_m2 != 0) { + /* add this queue to the child sum */ + sc.m1 = opts->lssc_m1; + sc.d = opts->lssc_d; + sc.m2 = opts->lssc_m2; + gsc_add_sc(&lssc, &sc); + /* compare the sum of the children with parent's sc */ + sc.m1 = parent->pq_u.hfsc_opts.lssc_m1; + sc.d = parent->pq_u.hfsc_opts.lssc_d; + sc.m2 = parent->pq_u.hfsc_opts.lssc_m2; + if (!is_gsc_under_sc(&lssc, &sc)) { + warnx("linkshare sc exceeds parent's sc"); + goto err_ret; + } + } + /* check the upper-limit service curve. */ + if (opts->ulsc_m2 != 0) { + if (opts->ulsc_m1 > pa->ifbandwidth || + opts->ulsc_m2 > pa->ifbandwidth) { + warnx("upper-limit larger than interface bandwidth"); + goto err_ret; + } + if (opts->rtsc_m2 != 0 && opts->rtsc_m2 > opts->ulsc_m2) { + warnx("upper-limit sc smaller than real-time sc"); + goto err_ret; + } + } + gsc_destroy(&rtsc); + gsc_destroy(&lssc); + return (0); +err_ret: + gsc_destroy(&rtsc); + gsc_destroy(&lssc); + return (-1); +} +#define R2S_BUFS 8 +#define RATESTR_MAX 16 +char * +rate2str(double rate) +{ + char *buf; + static char r2sbuf[R2S_BUFS][RATESTR_MAX]; /* ring buffer */ + static int idx = 0; + int i; + static const char unit[] = " KMG"; + buf = r2sbuf[idx++]; + if (idx == R2S_BUFS) + idx = 0; + for (i = 0; rate >= 1000 && i <= 3; i++) + rate /= 1000; + if ((int)(rate * 100) % 100) + snprintf(buf, RATESTR_MAX, "%.2f%cb", rate, unit[i]); + else + snprintf(buf, RATESTR_MAX, "%d%cb", (int)rate, unit[i]); + return (buf); +} +/* + * admission control using generalized service curve + */ +/* add a new service curve to a generalized service curve */ +static void +gsc_add_sc(struct gen_sc *gsc, struct service_curve *sc) +{ + if (is_sc_null(sc)) + return; + if (sc->d != 0) + gsc_add_seg(gsc, 0.0, 0.0, (double)sc->d, (double)sc->m1); + gsc_add_seg(gsc, (double)sc->d, 0.0, HUGE_VAL, (double)sc->m2); +} +/* + * check whether all points of a generalized service curve have + * their y-coordinates no larger than a given two-piece linear + * service curve. + */ +static int +is_gsc_under_sc(struct gen_sc *gsc, struct service_curve *sc) +{ + struct segment *s, *last, *end; + double y; + if (is_sc_null(sc)) { + if (LIST_EMPTY(gsc)) + return (1); + LIST_FOREACH(s, gsc, _next) { + if (s->m != 0) + return (0); + } + return (1); + } + /* + * gsc has a dummy entry at the end with x = HUGE_VAL. + * loop through up to this dummy entry. + */ + end = gsc_getentry(gsc, HUGE_VAL); + if (end == NULL) + return (1); + last = NULL; + for (s = LIST_FIRST(gsc); s != end; s = LIST_NEXT(s, _next)) { + if (s->y > sc_x2y(sc, s->x)) + return (0); + last = s; + } + /* last now holds the real last segment */ + if (last == NULL) + return (1); + if (last->m > sc->m2) + return (0); + if (last->x < sc->d && last->m > sc->m1) { + y = last->y + (sc->d - last->x) * last->m; + if (y > sc_x2y(sc, sc->d)) + return (0); + } + return (1); +} +static void +gsc_destroy(struct gen_sc *gsc) +{ + struct segment *s; + while ((s = LIST_FIRST(gsc)) != NULL) { + LIST_REMOVE(s, _next); + free(s); + } +} +/* + * return a segment entry starting at x. + * if gsc has no entry starting at x, a new entry is created at x. + */ +static struct segment * +gsc_getentry(struct gen_sc *gsc, double x) +{ + struct segment *new, *prev, *s; + prev = NULL; + LIST_FOREACH(s, gsc, _next) { + if (s->x == x) + return (s); /* matching entry found */ + else if (s->x < x) + prev = s; + else + break; + } + /* we have to create a new entry */ + if ((new = calloc(1, sizeof(struct segment))) == NULL) + return (NULL); + new->x = x; + if (x == HUGE_VAL || s == NULL) + new->d = 0; + else if (s->x == HUGE_VAL) + new->d = HUGE_VAL; + else + new->d = s->x - x; + if (prev == NULL) { + /* insert the new entry at the head of the list */ + new->y = 0; + new->m = 0; + LIST_INSERT_HEAD(gsc, new, _next); + } else { + /* + * the start point intersects with the segment pointed by + * prev. divide prev into 2 segments + */ + if (x == HUGE_VAL) { + prev->d = HUGE_VAL; + if (prev->m == 0) + new->y = prev->y; + else + new->y = HUGE_VAL; + } else { + prev->d = x - prev->x; + new->y = prev->d * prev->m + prev->y; + } + new->m = prev->m; + LIST_INSERT_AFTER(prev, new, _next); + } + return (new); +} +/* add a segment to a generalized service curve */ +static int +gsc_add_seg(struct gen_sc *gsc, double x, double y, double d, double m) +{ + struct segment *start, *end, *s; + double x2; + if (d == HUGE_VAL) + x2 = HUGE_VAL; + else + x2 = x + d; + start = gsc_getentry(gsc, x); + end = gsc_getentry(gsc, x2); + if (start == NULL || end == NULL) + return (-1); + for (s = start; s != end; s = LIST_NEXT(s, _next)) { + s->m += m; + s->y += y + (s->x - x) * m; + } + end = gsc_getentry(gsc, HUGE_VAL); + for (; s != end; s = LIST_NEXT(s, _next)) { + s->y += m * d; + } + return (0); +} +/* get y-projection of a service curve */ +static double +sc_x2y(struct service_curve *sc, double x) +{ + double y; + if (x <= (double)sc->d) + /* y belongs to the 1st segment */ + y = x * (double)sc->m1; + else + /* y belongs to the 2nd segment */ + y = (double)sc->d * (double)sc->m1 + + (x - (double)sc->d) * (double)sc->m2; + return (y); +} +/* + * check_commit_altq does consistency check for each interface + */ +int +check_commit_altq(void) +{ + struct npf_altq *altq; + int error = 0; + /* call the discipline check for each interface. */ + TAILQ_FOREACH(altq, &altqs, entries) { + if (altq->qname[0] == 0) { + switch (altq->scheduler) { + case ALTQT_CBQ: + error = check_commit_cbq(altq); + break; + case ALTQT_PRIQ: + error = check_commit_priq(altq); + break; + case ALTQT_HFSC: + error = check_commit_hfsc(altq); + break; + default: + break; + } + } + } + return (error); +} +static int +check_commit_cbq(struct npf_altq *pa) +{ + struct npf_altq *altq; + int root_class, default_class; + int error = 0; + /* + * check if cbq has one root queue and one default queue + * for this interface + */ + root_class = default_class = 0; + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(altq->ifname, pa->ifname, IFNAMSIZ) != 0) + continue; + if (altq->qname[0] == 0) /* this is for interface */ + continue; + if (altq->pq_u.cbq_opts.flags & CBQCLF_ROOTCLASS) + root_class++; + if (altq->pq_u.cbq_opts.flags & CBQCLF_DEFCLASS) + default_class++; + } + if (root_class != 1) { + warnx("should have one root queue on %s", pa->ifname); + error++; + } + if (default_class != 1) { + warnx("should have one default queue on %s", pa->ifname); + error++; + } + return (error); +} +static int +check_commit_priq(struct npf_altq *pa) +{ + struct npf_altq *altq; + int default_class; + int error = 0; + /* + * check if priq has one default class for this interface + */ + default_class = 0; + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(altq->ifname, pa->ifname, IFNAMSIZ) != 0) + continue; + if (altq->qname[0] == 0) /* this is for interface */ + continue; + if (altq->pq_u.priq_opts.flags & PRCF_DEFAULTCLASS) + default_class++; + } + if (default_class != 1) { + warnx("should have one default queue on %s", pa->ifname); + error++; + } + return (error); +} +static int +check_commit_hfsc(struct npf_altq *pa) +{ + struct npf_altq *altq, *def = NULL; + int default_class; + int error = 0; + /* check if hfsc has one default queue for this interface */ + default_class = 0; + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(altq->ifname, pa->ifname, IFNAMSIZ) != 0) + continue; + if (altq->qname[0] == 0) /* this is for interface */ + continue; + if (altq->parent[0] == 0) /* dummy root */ + continue; + if (altq->pq_u.hfsc_opts.flags & HFCF_DEFAULTCLASS) { + default_class++; + def = altq; + } + } + if (default_class != 1) { + warnx("should have one default queue on %s", pa->ifname); + return (1); + } + /* make sure the default queue is a leaf */ + TAILQ_FOREACH(altq, &altqs, entries) { + if (strncmp(altq->ifname, pa->ifname, IFNAMSIZ) != 0) + continue; + if (altq->qname[0] == 0) /* this is for interface */ + continue; + if (strncmp(altq->parent, def->qname, NPF_QNAME_SIZE) == 0) { + warnx("default queue is not a leaf"); + error++; + } + } + return (error); +} +void +print_altq(const struct npf_altq *a, unsigned level, struct node_queue_bw *bw, + struct node_queue_opt *qopts) +{ + if (a->qname[0] != 0) { + print_queue(a, level, bw, 1, qopts); + return; + } + printf("altq on %s ", a->ifname); + switch (a->scheduler) { + case ALTQT_CBQ: + if (!print_cbq_opts(a)) + printf("cbq "); + break; + case ALTQT_PRIQ: + if (!print_priq_opts(a)) + printf("priq "); + break; + case ALTQT_HFSC: + if (!print_hfsc_opts(a, qopts)) + printf("hfsc "); + break; + } + if (bw != NULL && bw->bw_percent > 0) { + if (bw->bw_percent < 100) + printf("bandwidth %u%% ", bw->bw_percent); + } else + printf("bandwidth %s ", rate2str((double)a->ifbandwidth)); + if (a->qlimit != DEFAULT_QLIMIT) + printf("qlimit %u ", a->qlimit); + printf("tbrsize %u ", a->tbrsize); +} +void +print_queue(const struct npf_altq *a, unsigned level, struct node_queue_bw *bw, + int print_interface, struct node_queue_opt *qopts) +{ + unsigned i; + printf("queue "); + for (i = 0; i < level; ++i) + printf(" "); + printf("%s ", a->qname); + if (print_interface) + printf("on %s ", a->ifname); + if (a->scheduler == ALTQT_CBQ || a->scheduler == ALTQT_HFSC) { + if (bw != NULL && bw->bw_percent > 0) { + if (bw->bw_percent < 100) + printf("bandwidth %u%% ", bw->bw_percent); + } else + printf("bandwidth %s ", rate2str((double)a->bandwidth)); + } + if (a->priority != DEFAULT_PRIORITY) + printf("priority %u ", a->priority); + if (a->qlimit != DEFAULT_QLIMIT) + printf("qlimit %u ", a->qlimit); + switch (a->scheduler) { + case ALTQT_CBQ: + print_cbq_opts(a); + break; + case ALTQT_PRIQ: + print_priq_opts(a); + break; + case ALTQT_HFSC: + print_hfsc_opts(a, qopts); + break; + } +} +static int +print_cbq_opts(const struct npf_altq *a) +{ + const struct npf_cbq_opts *opts; + opts = &a->pq_u.cbq_opts; + if (opts->flags) { + printf("cbq("); + if (opts->flags & CBQCLF_RED) + printf(" red"); + if (opts->flags & CBQCLF_ECN) + printf(" ecn"); + if (opts->flags & CBQCLF_RIO) + printf(" rio"); + if (opts->flags & CBQCLF_CLEARDSCP) + printf(" cleardscp"); + if (opts->flags & CBQCLF_FLOWVALVE) + printf(" flowvalve"); +#ifdef CBQCLF_BORROW + if (opts->flags & CBQCLF_BORROW) + printf(" borrow"); +#endif + if (opts->flags & CBQCLF_WRR) + printf(" wrr"); + if (opts->flags & CBQCLF_EFFICIENT) + printf(" efficient"); + if (opts->flags & CBQCLF_ROOTCLASS) + printf(" root"); + if (opts->flags & CBQCLF_DEFCLASS) + printf(" default"); + printf(" ) "); + return (1); + } else + return (0); +} +static int +print_priq_opts(const struct npf_altq *a) +{ + const struct npf_priq_opts *opts; + opts = &a->pq_u.priq_opts; + if (opts->flags) { + printf("priq("); + if (opts->flags & PRCF_RED) + printf(" red"); + if (opts->flags & PRCF_ECN) + printf(" ecn"); + if (opts->flags & PRCF_RIO) + printf(" rio"); + if (opts->flags & PRCF_CLEARDSCP) + printf(" cleardscp"); + if (opts->flags & PRCF_DEFAULTCLASS) + printf(" default"); + printf(" ) "); + return (1); + } else + return (0); +} +static int +print_hfsc_opts(const struct npf_altq *a, const struct node_queue_opt *qopts) +{ + const struct npf_hfsc_opts *opts; + const struct node_hfsc_sc *n_rtsc, *n_lssc, *n_ulsc; + opts = &a->pq_u.hfsc_opts; + if (qopts == NULL) + n_rtsc = n_lssc = n_ulsc = NULL; + else { + n_rtsc = &qopts->data.hfsc_opts.realtime; + n_lssc = &qopts->data.hfsc_opts.linkshare; + n_ulsc = &qopts->data.hfsc_opts.upperlimit; + } + if (opts->flags || opts->rtsc_m2 != 0 || opts->ulsc_m2 != 0 || + (opts->lssc_m2 != 0 && (opts->lssc_m2 != a->bandwidth || + opts->lssc_d != 0))) { + printf("hfsc("); + if (opts->flags & HFCF_RED) + printf(" red"); + if (opts->flags & HFCF_ECN) + printf(" ecn"); + if (opts->flags & HFCF_RIO) + printf(" rio"); + if (opts->flags & HFCF_CLEARDSCP) + printf(" cleardscp"); + if (opts->flags & HFCF_DEFAULTCLASS) + printf(" default"); + if (opts->rtsc_m2 != 0) + print_hfsc_sc("realtime", opts->rtsc_m1, opts->rtsc_d, + opts->rtsc_m2, n_rtsc); + if (opts->lssc_m2 != 0 && (opts->lssc_m2 != a->bandwidth || + opts->lssc_d != 0)) + print_hfsc_sc("linkshare", opts->lssc_m1, opts->lssc_d, + opts->lssc_m2, n_lssc); + if (opts->ulsc_m2 != 0) + print_hfsc_sc("upperlimit", opts->ulsc_m1, opts->ulsc_d, + opts->ulsc_m2, n_ulsc); + printf(" ) "); + return (1); + } else + return (0); +} +void +print_hfsc_sc(const char *scname, u_int m1, u_int d, u_int m2, + const struct node_hfsc_sc *sc) +{ + printf(" %s", scname); + if (d != 0) { + printf("("); + if (sc != NULL && sc->m1.bw_percent > 0) + printf("%u%%", sc->m1.bw_percent); + else + printf("%s", rate2str((double)m1)); + printf(" %u", d); + } + if (sc != NULL && sc->m2.bw_percent > 0) + printf(" %u%%", sc->m2.bw_percent); + else + printf(" %s", rate2str((double)m2)); + if (d != 0) + printf(")"); +} diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 3bd628002bf2d..1f6bffb4fba29 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -294,6 +294,30 @@ void npfctl_build_table(const char *, u_int, const char *); void npfctl_setparam(const char *, int); +/* ALTQ related */ +int npfctl_test_altqsupport(int); +extern int npfctl_open_dev(const char *); +int npfctl_eval_bw(struct node_queue_bw *, char *); +int expand_altq(struct npf_altq *, const char *, struct node_queue *, + struct node_queue_bw bwspec, struct node_queue_opt *); +int expand_queue(struct npf_altq *, const char *, struct node_queue *, + struct node_queue_bw, struct node_queue_opt *); +u_long get_ifmtu(char *); +u_int32_t get_ifspeed(char *); +u_int32_t npf_eval_bwspec(struct node_queue_bw *, u_int32_t); +void npfaltq_store(struct npf_altq *); +int npfctl_add_altq(struct npf_altq *); +int npf_eval_queue_opts(struct npf_altq *, struct node_queue_opt *, + u_int32_t); +int eval_npfaltq(struct npf_altq *, struct node_queue_bw *, + struct node_queue_opt *); +int eval_npfqueue(struct npf_altq *, struct node_queue_bw *, + struct node_queue_opt *); +struct npf_altq *qname_to_npfaltq(const char *, const char *); +u_int32_t qname_to_qid(const char *); +struct npf_altq *npfaltq_lookup(const char *ifname); +char *rate2str(double); + /* * For the systems which do not define TH_ECE and TW_CRW. */ From f76fd61a85a01467bf6c7cf19ae1f3ecea2a76b6 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 17:55:19 +0000 Subject: [PATCH 06/75] userland code to append queue to rule in the userland, it's main job is to enure the queue is defined and also the altq config conforms with the best practices. i.e: a default rule must be present and cbq and hfcs must ahve root queues afterwords, sets nvlist name of "queue" and value of "the queue name" and appends it to the rule nvlist" userland npf_altq.c has been renamed to npfctl_altq.c --- lib/libnpf/npf.c | 12 +++++++++++ lib/libnpf/npf.h | 5 +++++ usr.sbin/npf/npfctl/Makefile | 2 +- usr.sbin/npf/npfctl/npf_build.c | 14 ++++++++++++- usr.sbin/npf/npfctl/npfctl.h | 3 +++ .../npf/npfctl/{npf_altq.c => npfctl_altq.c} | 20 +++++++++++++++++++ 6 files changed, 54 insertions(+), 2 deletions(-) rename usr.sbin/npf/npfctl/{npf_altq.c => npfctl_altq.c} (99%) diff --git a/lib/libnpf/npf.c b/lib/libnpf/npf.c index 80116a34799a3..c5f76a58ec668 100644 --- a/lib/libnpf/npf.c +++ b/lib/libnpf/npf.c @@ -735,6 +735,12 @@ npf_rule_setproc(nl_rule_t *rl, const char *name) return nvlist_error(rl->rule_dict); } +npf_rule_setqueue(nl_rule_t *rl, const char *qname) +{ + nvlist_add_string(rl->rule_dict, "queue", qname); + return nvlist_error(rl->rule_dict); +} + void * npf_rule_export(nl_rule_t *rl, size_t *length) { @@ -843,6 +849,12 @@ npf_rule_getproc(nl_rule_t *rl) return dnvlist_get_string(rl->rule_dict, "rproc", NULL); } +const char * +npf_rule_getqueue(nl_rule_t *rl) +{ + return dnvlist_get_string(rl->rule_dict, "queue", NULL); +} + uint64_t npf_rule_getid(nl_rule_t *rl) { diff --git a/lib/libnpf/npf.h b/lib/libnpf/npf.h index aab769f09882a..83e9ba0650de2 100644 --- a/lib/libnpf/npf.h +++ b/lib/libnpf/npf.h @@ -155,6 +155,11 @@ void npf_table_destroy(nl_table_t *); int npf_table_replace(int, nl_table_t *, npf_error_t *); +/* queueing*/ +const char * npf_rule_getqueue(nl_rule_t *); +int npf_rule_setqueue(nl_rule_t *, const char *); + + #ifdef _NPF_PRIVATE #include diff --git a/usr.sbin/npf/npfctl/Makefile b/usr.sbin/npf/npfctl/Makefile index 59a8e9a736b9b..51380974b3cab 100644 --- a/usr.sbin/npf/npfctl/Makefile +++ b/usr.sbin/npf/npfctl/Makefile @@ -7,7 +7,7 @@ MAN= npfctl.8 npf.conf.5 BINDIR= /sbin SRCS= npfctl.c npf_cmd.c npf_var.c npf_data.c npf_build.c -SRCS+= npf_bpf_comp.c npf_show.c npf_extmod.c +SRCS+= npf_bpf_comp.c npf_show.c npf_extmod.c npfctl_altq.c CPPFLAGS+= -I${.CURDIR} SRCS+= npf_scan.l npf_parse.y diff --git a/usr.sbin/npf/npfctl/npf_build.c b/usr.sbin/npf/npfctl/npf_build.c index 2a171fed3dd75..089445e424c2e 100644 --- a/usr.sbin/npf/npfctl/npf_build.c +++ b/usr.sbin/npf/npfctl/npf_build.c @@ -702,7 +702,7 @@ npfctl_build_group_end(void) void npfctl_build_rule(uint32_t attr, const char *ifname, sa_family_t family, const npfvar_t *popts, const filt_opts_t *fopts, - const char *pcap_filter, const char *rproc) + const char *pcap_filter, const char *rproc, struct node_qassign queue) { nl_rule_t *rl; @@ -719,6 +719,18 @@ npfctl_build_rule(uint32_t attr, const char *ifname, sa_family_t family, npf_rule_setproc(rl, rproc); } + /*ensure first queue exist */ + if (queue.qname != NULL ) { + /* ensure altq config obeys best practices */ + if (check_commit_altq() != 0) + errx(EXIT_FAILURE, "error in altq config"); + /* ensure the reference is queue is defined */ + if (npf_rule_qnames_exists(queue.qname)) + if (npf_rule_setqueue(rl, queue.qname)) + errx(EXIT_FAILURE, "rule queue %s cannot be set", queue.qname); + } + + if (npf_conf) { nl_rule_t *cg = current_group[rule_nesting_level]; diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 1f6bffb4fba29..c35119f644654 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -318,6 +318,9 @@ u_int32_t qname_to_qid(const char *); struct npf_altq *npfaltq_lookup(const char *ifname); char *rate2str(double); +int npf_rule_qnames_exists(const char *); +int check_commit_altq(void); + /* * For the systems which do not define TH_ECE and TW_CRW. */ diff --git a/usr.sbin/npf/npfctl/npf_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c similarity index 99% rename from usr.sbin/npf/npfctl/npf_altq.c rename to usr.sbin/npf/npfctl/npfctl_altq.c index f6ce97894025c..d935a1e9971c4 100644 --- a/usr.sbin/npf/npfctl/npf_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -1393,3 +1393,23 @@ print_hfsc_sc(const char *scname, u_int m1, u_int d, u_int m2, if (d != 0) printf(")"); } + +/* this checks for undefined queues appended on a rule */ +int +npf_rule_qnames_exists(const char *qname) +{ + int found = 0; + struct npf_altq* a; + TAILQ_FOREACH(a, &altqs, entries) { + if (a->qname[0] != 0){ + if (strcmp(a->qname, qname) == 0){ + found = 1; + break; + } + } + } + if (!found) + yyerror("no qname named '%s' defined\n", qname); + + return found; +} From fd841988579d252a0778d8e9ae0c7ff4a206e69f Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 18:00:03 +0000 Subject: [PATCH 07/75] kernel code to append queue to a rule basically, when a queue is found, on a rule, the queueing discipline of that queue is attached to the network interface using the npf_altq interface. done in the npf_altq_commit function. this sets the enqueue, dequeue, request, disc type etc. on the network interface. and then altq is enabled on the network interface to allow for queueing. when a packet is passed by the filter, it is then tagged with an ALTQ tag with the qid of the queue being set on the rule and then enqueued in the kernel --- sys/net/npf/npf.h | 3 + sys/net/npf/npf_altq.c | 114 ++++++++++++++++++++++++++++++++++++++ sys/net/npf/npf_altq.h | 29 ++++++++++ sys/net/npf/npf_ctl.c | 35 ++++++++++++ sys/net/npf/npf_handler.c | 21 +++++++ sys/net/npf/npf_impl.h | 3 + sys/net/npf/npf_mbuf.c | 22 +++++++- sys/net/npf/npf_ruleset.c | 38 +++++++++++++ 8 files changed, 264 insertions(+), 1 deletion(-) diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index dde524e9863ad..f7220fe5ac9de 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -102,9 +102,11 @@ typedef uint8_t npf_netmask_t; #define NBUF_DATAREF_RESET 0x01 +struct qid; struct mbuf; struct nbuf; typedef struct nbuf nbuf_t; +struct npf_rule; void nbuf_init(npf_t *, nbuf_t *, struct mbuf *, const ifnet_t *); void nbuf_reset(nbuf_t *); @@ -124,6 +126,7 @@ bool nbuf_cksum_barrier(nbuf_t *, int); int nbuf_add_tag(nbuf_t *, uint32_t); int npf_mbuf_add_tag(nbuf_t *, struct mbuf *, uint32_t); int nbuf_find_tag(nbuf_t *, uint32_t *); +void mbuf_altq_tag(struct qid, struct mbuf *); /* * Packet information cache. diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 44d448eb53d8d..b302da5131e02 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -69,9 +69,11 @@ TAILQ_HEAD(npf_tags, npf_tagname) npf_tags = TAILQ_HEAD_INITIALIZER(npf_tags), npf_qids = TAILQ_HEAD_INITIALIZER(npf_qids); void tag_unref(struct npf_tags *, u_int16_t); u_int16_t npftagname2tag(struct npf_tags *, char *); + #if (NPF_QNAME_SIZE != NPF_TAG_NAME_SIZE) #error NPF_QNAME_SIZE must be equal to NPF_TAG_NAME_SIZE #endif + /* npf interface to start altq */ void npf_altq_init(void) @@ -159,4 +161,116 @@ npf_add_altq(void *data) npf_altq_loaded = 1; return 0; } + +int +npf_commit_altq(void) +{ + struct npf_altqqueue *old_altqs; + struct npf_altq *altq; + int s, err, error = 0; + if (!npf_altqs_inactive_open) + return (EBUSY); + /* swap altqs, keep the old. */ + s = splsoftnet(); + old_altqs = npf_altqs_active; + npf_altqs_active = npf_altqs_inactive; + npf_altqs_inactive = old_altqs; + nticket_altqs_active = nticket_altqs_inactive; + /* Attach new disciplines */ + TAILQ_FOREACH(altq, npf_altqs_active, entries) { + if (altq->qname[0] == 0) { + /* attach the discipline */ + error = altq_npfattach(altq); + if (error == 0 && !npf_altq_running) + error = npf_enable_altq(altq); + if (error != 0) { + splx(s); + return (error); + } + } + } + /* Purge the old altq list */ + while ((altq = TAILQ_FIRST(npf_altqs_inactive)) != NULL) { + TAILQ_REMOVE(npf_altqs_inactive, altq, entries); + if (altq->qname[0] == 0) { + /* detach and destroy the discipline */ + if (npf_altq_running) + error = npf_disable_altq(altq); + err = altq_npfdetach(altq); + if (err != 0 && error == 0) + error = err; + err = altq_remove(altq); + if (err != 0 && error == 0) + error = err; + } else + npf_qid_unref(altq->qid); + pool_put(&npf_altq_pl, altq); + } + splx(s); + npf_altqs_inactive_open = 0; + return (error); +} + +u_int32_t +npf_qname2qid(char *qname) +{ + return ((u_int32_t)npftagname2tag(&npf_qids, qname)); +} + +u_int16_t +npftagname2tag(struct npf_tags *head, char *tagname) +{ + struct npf_tagname *tag, *p = NULL; + u_int16_t new_tagid = 1; + TAILQ_FOREACH(tag, head, entries) + if (strcmp(tagname, tag->name) == 0) { + tag->ref++; + return (tag->tag); + } + /* + * to avoid fragmentation, we do a linear search from the beginning + * and take the first free slot we find. if there is none or the list + * is empty, append a new entry at the end. + */ + /* new entry */ + if (!TAILQ_EMPTY(head)) + for (p = TAILQ_FIRST(head); p != NULL && + p->tag == new_tagid; p = TAILQ_NEXT(p, entries)) + new_tagid = p->tag + 1; + if (new_tagid > TAGID_MAX) + return (0); + /* allocate and fill new struct npf_tagname */ + tag = (struct npf_tagname *)malloc(sizeof(struct npf_tagname), + M_TEMP, M_NOWAIT); + if (tag == NULL) + return (0); + memset(tag, 0, sizeof(struct npf_tagname)); + strlcpy(tag->name, tagname, sizeof(tag->name)); + tag->tag = new_tagid; + tag->ref++; + if (p != NULL) /* insert new entry before p */ + TAILQ_INSERT_BEFORE(p, tag, entries); + else /* either list empty or no free slot in between */ + TAILQ_INSERT_TAIL(head, tag, entries); + return (tag->tag); +} + +void +tag_unref(struct npf_tags *head, u_int16_t tag) +{ + struct npf_tagname *p, *next; + if (tag == 0) + return; + for (p = TAILQ_FIRST(head); p != NULL; p = next) { + next = TAILQ_NEXT(p, entries); + if (tag == p->tag) { + if (--p->ref == 0) { + TAILQ_REMOVE(head, p, entries); + free(p, M_TEMP); + } + break; + } + } +} + #endif /*ALTQ */ \ No newline at end of file diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index b3ad7592e682d..de2e731ec54d9 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -100,3 +100,32 @@ struct npf_altq { } pq_u; u_int32_t qid; /* return value */ }; + +struct qid { + u_int32_t qid; +}; + +struct npf_tag { + u_int16_t tag; /* tag id */ +}; + +struct npf_tagname { + TAILQ_ENTRY(npf_tagname) entries; + char name[NPF_TAG_NAME_SIZE]; + u_int16_t tag; + int ref; +}; + +TAILQ_HEAD(npf_altqqueue, npf_altq); + +extern int npf_altq_loaded; +extern int altqattached; +extern bool npf_altq_running; + +extern int npf_get_altqs(void *); +extern void npf_altq_init(void); +extern int npf_begin_altq(void); +extern int npf_commit_altq(void); +extern int npf_add_altq(void *); +extern u_int32_t npf_qname2qid(char *); +void npf_qid_unref(u_int32_t); diff --git a/sys/net/npf/npf_ctl.c b/sys/net/npf/npf_ctl.c index 708846826694b..bace3a2d212c1 100644 --- a/sys/net/npf/npf_ctl.c +++ b/sys/net/npf/npf_ctl.c @@ -44,6 +44,11 @@ __KERNEL_RCSID(0, "$NetBSD: npf_ctl.c,v 1.60 2020/05/30 14:16:56 rmind Exp $"); #include #endif +#ifdef _KERNEL_OPT +#include "opt_altq.h" +#endif + + #include "npf_impl.h" #include "npf_conn.h" @@ -51,6 +56,9 @@ __KERNEL_RCSID(0, "$NetBSD: npf_ctl.c,v 1.60 2020/05/30 14:16:56 rmind Exp $"); nvlist_add_string((e), "source-file", __FILE__); \ nvlist_add_number((e), "source-line", __LINE__); +/* condition to verify queue assigned for rules */ +int altqattached = 0; + static int __noinline npf_mk_params(npf_t *npf, const nvlist_t *req, nvlist_t *resp, bool set) { @@ -351,6 +359,23 @@ npf_mk_singlerule(npf_t *npf, const nvlist_t *req, nvlist_t *resp, npf_rule_setrproc(rl, rp); } +#ifdef ALTQ + if (npf_altq_loaded) { + /* assign the rule queues, if any */ + const char *qname; + printf("finding queues......\n"); + qname = dnvlist_get_string(req, "queue", NULL); + if (qname != NULL) { + if (npf_rule_setqid(rl, qname)) { + goto err; + } + printf("the queues are found...\n"); + if (!altqattached) + altqattached = 1; + } + } +#endif + /* Filter byte-code (binary data). */ code = dnvlist_get_binary(req, "code", &clen, NULL, 0); if (code) { @@ -593,6 +618,16 @@ npfctl_load(npf_t *npf, const nvlist_t *req, nvlist_t *resp) goto fail; } +#ifdef ALTQ + /*TODO: attach quues here */ + if (npf_altq_loaded && altqattached) { + error = npf_commit_altq(); + if (error) { + goto fail; + } + } +#endif /* ALTQ */ + flush = dnvlist_get_bool(req, "flush", false); nc->default_pass = flush; diff --git a/sys/net/npf/npf_handler.c b/sys/net/npf/npf_handler.c index 279614490ce2a..f4c009719fe82 100644 --- a/sys/net/npf/npf_handler.c +++ b/sys/net/npf/npf_handler.c @@ -62,6 +62,12 @@ __KERNEL_RCSID(0, "$NetBSD: npf_handler.c,v 1.50 2024/07/05 04:34:35 rin Exp $") #include #include #include +#include +#endif + + +#ifdef _KERNEL_OPT +#include "opt_altq.h" #endif #include "npf_impl.h" @@ -239,6 +245,15 @@ npfk_packet_handler(npf_t *npf, struct mbuf **mp, ifnet_t *ifp, int di) KASSERT(rp == NULL); rp = npf_rule_getrproc(rl); +#ifdef ALTQ + struct qid qid; + /* + * get the rule queues by their ids. used for tagging after pass + */ + if (rl != NULL) + qid = npf_rule_getqid(rl); +#endif /*ALTQ */ + /* Conclude with the rule and release the lock. */ error = npf_rule_conclude(rl, &mi); npf_config_read_exit(npf, slock); @@ -307,6 +322,12 @@ npfk_packet_handler(npf_t *npf, struct mbuf **mp, ifnet_t *ifp, int di) /* Pass the packet if decided and there is no error. */ if (decision == NPF_DECISION_PASS && !error) { + +#ifdef ALTQ + /* give them ALTQ tags based on the qid if a queue is appended on a rule */ + if (qid.qid) + mbuf_altq_tag(qid, *mp); +#endif /*ALTQ */ /* * XXX: Disable for now, it will be set accordingly later, * for optimisations (to reduce inspection). diff --git a/sys/net/npf/npf_impl.h b/sys/net/npf/npf_impl.h index 921b11f939a66..16660495a9a21 100644 --- a/sys/net/npf/npf_impl.h +++ b/sys/net/npf/npf_impl.h @@ -43,6 +43,7 @@ /* For INET/INET6 definitions. */ #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_altq.h" #endif #ifdef _KERNEL @@ -433,11 +434,13 @@ int npf_rule_conclude(const npf_rule_t *, npf_match_info_t *); npf_rule_t * npf_rule_alloc(npf_t *, const nvlist_t *); void npf_rule_setcode(npf_rule_t *, int, void *, size_t); void npf_rule_setrproc(npf_rule_t *, npf_rproc_t *); +int npf_rule_setqid(npf_rule_t * rl, const char *); void npf_rule_free(npf_rule_t *); uint64_t npf_rule_getid(const npf_rule_t *); npf_natpolicy_t *npf_rule_getnat(const npf_rule_t *); void npf_rule_setnat(npf_rule_t *, npf_natpolicy_t *); npf_rproc_t * npf_rule_getrproc(const npf_rule_t *); +struct qid npf_rule_getqid(const npf_rule_t *); void npf_ext_init(npf_t *); void npf_ext_fini(npf_t *); diff --git a/sys/net/npf/npf_mbuf.c b/sys/net/npf/npf_mbuf.c index 88ee87bbeabef..4bc343a040ca0 100644 --- a/sys/net/npf/npf_mbuf.c +++ b/sys/net/npf/npf_mbuf.c @@ -49,7 +49,7 @@ __KERNEL_RCSID(0, "$NetBSD: npf_mbuf.c,v 1.25 2023/02/12 13:38:37 kardel Exp $") #ifdef INET6 #include #include -#endif +#include "opt_altq.h" #endif #if defined(_NPF_STANDALONE) @@ -365,3 +365,23 @@ nbuf_find_tag(nbuf_t *nbuf, uint32_t *val) return nbuf->nb_mops->get_tag(m, val); #endif } + +#ifdef ALTQ +/* tag ALTQ packets */ +void +mbuf_altq_tag(struct qid qid, struct mbuf *mp) +{ + KASSERT(m_flags_p(mp, M_PKTHDR)); + struct m_tag *mtag; + struct altq_tag *atag; + mtag = m_tag_get(PACKET_TAG_ALTQ_QID, sizeof(*atag), M_NOWAIT); + if (mtag != NULL) { + atag = (struct altq_tag *)(mtag + 1); + atag->qid = qid.qid; + /* add hints for ecn */ + atag->af = AF_INET; + atag->hdr = mtod(mp, struct ip *); + m_tag_prepend(mp, mtag); + } +} +#endif /* ALTQ */ diff --git a/sys/net/npf/npf_ruleset.c b/sys/net/npf/npf_ruleset.c index a9fb858c54cbe..6c6eabaacdebf 100644 --- a/sys/net/npf/npf_ruleset.c +++ b/sys/net/npf/npf_ruleset.c @@ -51,6 +51,10 @@ __KERNEL_RCSID(0, "$NetBSD: npf_ruleset.c,v 1.52 2023/08/08 16:10:41 kardel Exp #include #endif +#ifdef _KERNEL_OPT +#include "opt_altq.h" +#endif + #include "npf_impl.h" struct npf_ruleset { @@ -118,6 +122,10 @@ struct npf_rule { LIST_ENTRY(npf_rule) r_aentry; nvlist_t * r_info; size_t r_info_len; + + /* queueing componets of the rule*/ + u_int32_t qid; + char qname[NPF_QNAME_SIZE]; }; #define SKIPTO_ADJ_FLAG (1U << 31) @@ -696,6 +704,10 @@ npf_rule_export(npf_t *npf, const npf_rule_t *rl) nvlist_add_string(rule, "rproc", rname); npf_rproc_release(rp); } + + if (rl->qname[0]) { + nvlist_add_string(rule, "queue", rl->qname); + } return rule; } @@ -726,6 +738,22 @@ npf_rule_setrproc(npf_rule_t *rl, npf_rproc_t *rp) rl->r_rproc = rp; } +#ifdef ALTQ +/* set your rule queues by their IDs*/ +int +npf_rule_setqid(npf_rule_t * rl, const char *qname) +{ + int error = 0; + strncpy(rl->qname, qname, sizeof(qname)); + /* set queue IDs */ + if (rl->qname[0] != 0) { + if ((rl->qid = npf_qname2qid(rl->qname)) == 0) + error = EBUSY; + } + return error; +} +#endif /*ALTQ*/ + /* * npf_rule_free: free the specified rule. */ @@ -781,6 +809,16 @@ npf_rule_getrproc(const npf_rule_t *rl) return rp; } +#ifdef ALTQ +struct qid +npf_rule_getqid(const npf_rule_t *rl) +{ + struct qid qid; + qid.qid = rl->qid; + return qid; +} +#endif /* ALTQ*/ + npf_natpolicy_t * npf_rule_getnat(const npf_rule_t *rl) { From 4a5b362506382b209ab1d99b5a2a53521c2646b0 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 18:19:57 +0000 Subject: [PATCH 08/75] flushing config with altq this is the flush implementation which involes; npfctl flush: which flush both altq and filtering if altq isn't loaded, flushes only filtering or npfctl flush -q: to flush only altq NB: if (npf_altq_loaded) { pool_destroy(&npf_altq_pl); npf_altq_loaded = 0; } serves as safe guard to avoid calling pool_destroy twice or more if a user runs: npfctl flush npfctl flush. in a first flush, npf_altq_loaded is set to 0 so a second nffctl flush skips the block --- sys/net/npf/npf.h | 1 + sys/net/npf/npf_altq.c | 14 ++++++++++++++ sys/net/npf/npf_altq.h | 1 + sys/net/npf/npf_os.c | 2 ++ usr.sbin/npf/npfctl/npfctl.c | 26 +++++++++++++++++++++++++- usr.sbin/npf/npfctl/npfctl.h | 2 ++ usr.sbin/npf/npfctl/npfctl_altq.c | 10 ++++++++++ 7 files changed, 55 insertions(+), 1 deletion(-) diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index f7220fe5ac9de..4cd82307ab140 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -337,6 +337,7 @@ struct npfioc_altq { #define IOC_NPF_ADD_ALTQ _IOWR('N', 110, struct npfioc_altq) #define IOC_NPF_GET_ALTQS _IOWR('N', 111, struct npfioc_altq) #define IOC_NPF_BEGIN_ALTQ _IO('N', 114) +#define IOC_NPF_DESTROY_ALTQ _IO('N', 115) /* * NPF error report. diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index b302da5131e02..2bb7d438ac517 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -273,4 +273,18 @@ tag_unref(struct npf_tags *head, u_int16_t tag) } } +/* disable, destroy and stop altq routine when packet filtering disabled */ +int +npf_altq_destroy(void) +{ + //u_int32_t ticket; + if (npf_begin_altq() == 0) + npf_commit_altq(); + if (npf_altq_loaded) { + pool_destroy(&npf_altq_pl); + npf_altq_loaded = 0; + } + return 0; +} + #endif /*ALTQ */ \ No newline at end of file diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index de2e731ec54d9..3d0417aef5ded 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -129,3 +129,4 @@ extern int npf_commit_altq(void); extern int npf_add_altq(void *); extern u_int32_t npf_qname2qid(char *); void npf_qid_unref(u_int32_t); +extern int npf_altq_destroy(void); diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 6d8507bb3b0a9..5fb2a9dbc21d3 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -284,6 +284,8 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) npf_altq_init(); } return npf_begin_altq(); + case IOC_NPF_DESTROY_ALTQ: + return npf_altq_destroy(); case IOC_NPF_LOAD: case IOC_NPF_SAVE: case IOC_NPF_RULE: diff --git a/usr.sbin/npf/npfctl/npfctl.c b/usr.sbin/npf/npfctl/npfctl.c index c0537c9ad04cc..3f12183972b17 100644 --- a/usr.sbin/npf/npfctl/npfctl.c +++ b/usr.sbin/npf/npfctl/npfctl.c @@ -369,6 +369,30 @@ npfctl_open_dev(const char *path) return fd; } +int +npfctl_config_flush(int fd, int argc, char* argv[]) +{ + int ch; + int error = 0; + argc--; + argv++; + while((ch = getopt(argc, argv, "q")) != -1) { + switch(ch) { + case 'q': + return npf_altq_destroy(fd); + default: + errx(EXIT_FAILURE, + "Usage: %s flush -q }\n", + getprogname()); + } + } + /* a single flush destroys queueing then filtering altogether*/ + error = npf_altq_destroy(fd); + if (!error) + error = npf_config_flush(fd); + return error; +} + static void npfctl_debug(int argc, char **argv) { @@ -482,7 +506,7 @@ npfctl(int action, int argc, char **argv) fun = "npfctl_config_show"; break; case NPFCTL_FLUSH: - ret = npf_config_flush(fd); + ret = npfctl_config_flush(fd, argc, argv); fun = "npf_config_flush"; break; case NPFCTL_TABLE: diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index c35119f644654..3e04343ad9703 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -272,6 +272,7 @@ nl_config_t * npfctl_config_ref(void); int npfctl_config_show(int); void npfctl_config_save(nl_config_t *, const char *); int npfctl_ruleset_show(int, const char *); +int npfctl_config_flush(int, int, char **); nl_rule_t * npfctl_rule_ref(void); nl_table_t * npfctl_table_ref(void); @@ -320,6 +321,7 @@ char *rate2str(double); int npf_rule_qnames_exists(const char *); int check_commit_altq(void); +int npf_altq_destroy(int); /* * For the systems which do not define TH_ECE and TW_CRW. diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index d935a1e9971c4..e615004f50ead 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -1413,3 +1413,13 @@ npf_rule_qnames_exists(const char *qname) return found; } + +int +npf_altq_destroy(int fd) +{ + altqsupport = npfctl_test_altqsupport(fd); + if (!(altqsupport & (ioctl(fd, IOC_NPF_DESTROY_ALTQ) != -1))) + if (errno != ENOENT) + err(1, "IOC_NPF_DESTROY_ALTQ"); + return 0; +} From 5cc78464abf5c1b28f7d0e426649868180a9bbbb Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 22:33:40 +0000 Subject: [PATCH 09/75] starting ALTQ in npf there's no special command required to start ALTQ. when you npfctl start it checks if any altq configuration is added in the config and then starts altq when npf is starting if no queue config is present, it ignores altq start --- sys/net/npf/npf_altq.c | 40 ++++++++++++++++++++++++++++++++++++++++ sys/net/npf/npf_altq.h | 1 + sys/net/npf/npf_os.c | 5 +++++ 3 files changed, 46 insertions(+) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 2bb7d438ac517..9baf12af261f9 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -287,4 +287,44 @@ npf_altq_destroy(void) return 0; } +int +npf_altq_start(void) +{ + int error; + struct npf_altq *altq; + /* enable all altq interfaces on active list */ + TAILQ_FOREACH(altq, npf_altqs_active, entries) { + if (altq->qname[0] == 0) { + error = npf_enable_altq(altq); + if (error != 0) + break; + } + } + + return error; +} + +int +npf_enable_altq(struct npf_altq *altq) +{ + struct ifnet *ifp; + struct tb_profile tb; + int s, error = 0; + if ((ifp = ifunit(altq->ifname)) == NULL) + return (EINVAL); + if (ifp->if_snd.altq_type != ALTQT_NONE) + error = altq_enable(&ifp->if_snd); + /* set tokenbucket regulator */ + if (error == 0 && ifp != NULL && ALTQ_IS_ENABLED(&ifp->if_snd)) { + tb.rate = altq->ifbandwidth; + tb.depth = altq->tbrsize; + s = splnet(); + error = tbr_set(&ifp->if_snd, &tb); + splx(s); + } + if (error == 0) + npf_altq_running = true; + return (error); +} + #endif /*ALTQ */ \ No newline at end of file diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index 3d0417aef5ded..4e9bf0425ca77 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -130,3 +130,4 @@ extern int npf_add_altq(void *); extern u_int32_t npf_qname2qid(char *); void npf_qid_unref(u_int32_t); extern int npf_altq_destroy(void); +int npf_altq_start(void); diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 5fb2a9dbc21d3..bc32fd3f7f83c 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -243,6 +243,11 @@ npfctl_switch(void *data) if (onoff) { /* Enable: add pfil hooks. */ error = npf_pfil_register(false); + +#ifdef ALTQ + if (!npf_altq_running && npf_altq_loaded) + error = npf_altq_start(); +#endif /* ALTQ */ } else { /* Disable: remove pfil hooks. */ npf_pfil_unregister(false); From 6cbbed79789d6f8b4edec18bc42dab17b0435b5e Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 13 Dec 2024 22:42:52 +0000 Subject: [PATCH 10/75] stop queueing stopping queueing also requires no special commands. when a user npfctl stop: it checks if queuing is active, if it is, it stops it. if altq isn't running, it ignores it and detach the filtering hooks --- sys/net/npf/npf_altq.c | 44 ++++++++++++++++++++++++++++++++++++++++++ sys/net/npf/npf_altq.h | 3 +++ sys/net/npf/npf_os.c | 5 +++++ 3 files changed, 52 insertions(+) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 9baf12af261f9..eab4ac90ee6e9 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -327,4 +327,48 @@ npf_enable_altq(struct npf_altq *altq) return (error); } +int +npf_stop_altq(void) +{ + struct npf_altq *altq; + int error; + /* disable all altq interfaces on active list */ + TAILQ_FOREACH(altq, npf_altqs_active, entries) { + if (altq->qname[0] == 0) { + error = npf_disable_altq(altq); + if (error != 0) + break; + } + } + //DPFPRINTF(PF_DEBUG_MISC, ("altq: stopped\n")); + return error; +} + +int +npf_disable_altq(struct npf_altq *altq) +{ + struct ifnet *ifp; + struct tb_profile tb; + int s, error; + if ((ifp = ifunit(altq->ifname)) == NULL) + return (EINVAL); + /* + * when the discipline is no longer referenced, it was overridden + * by a new one. if so, just return. + */ + if (altq->altq_disc != ifp->if_snd.altq_disc) + return (0); + error = altq_disable(&ifp->if_snd); + if (error == 0) { + /* clear tokenbucket regulator */ + tb.rate = 0; + s = splnet(); + error = tbr_set(&ifp->if_snd, &tb); + splx(s); + } + if (error == 0) + npf_altq_running = 0; + return (error); +} + #endif /*ALTQ */ \ No newline at end of file diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index 4e9bf0425ca77..f78eb891793c5 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -131,3 +131,6 @@ extern u_int32_t npf_qname2qid(char *); void npf_qid_unref(u_int32_t); extern int npf_altq_destroy(void); int npf_altq_start(void); +int npf_disable_altq(struct npf_altq *); +int npf_stop_altq(void); +int npf_enable_altq(struct npf_altq ); diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index bc32fd3f7f83c..9d5601a569643 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -249,6 +249,11 @@ npfctl_switch(void *data) error = npf_altq_start(); #endif /* ALTQ */ } else { +#ifdef ALTQ + if (npf_altq_running) + error = npf_stop_altq(); +#endif /* ALTQ */ + /* Disable: remove pfil hooks. */ npf_pfil_unregister(false); error = 0; From 2f2f04673c7ff9703ee64a1417328f57f8745b34 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Sat, 14 Dec 2024 14:23:33 +0000 Subject: [PATCH 11/75] print statistics on queueing and filtering "npfctl stats" have been modified into npfctl stats -f | -q nfctl stats -q prints queueing statistics and npfctl stats -f prints filtering statistics. with npfctl stats -q, it calls into the kernel npf_altq_get_qstats which then calls altq_getstats on the particular queue. then drops, xmit counts, queued counts etc are printed out. --- sys/net/npf/npf.h | 13 +- sys/net/npf/npf_altq.c | 28 +++ sys/net/npf/npf_altq.h | 1 + sys/net/npf/npf_os.c | 2 + usr.sbin/npf/npfctl/Makefile | 1 + usr.sbin/npf/npfctl/npfctl.c | 29 ++- usr.sbin/npf/npfctl/npfctl_qstats.c | 364 ++++++++++++++++++++++++++++ 7 files changed, 434 insertions(+), 4 deletions(-) create mode 100644 usr.sbin/npf/npfctl/npfctl_qstats.c diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index 4cd82307ab140..639bf47e17fd7 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -321,6 +321,14 @@ struct npfioc_altq { struct npf_altq altq; }; +struct npfioc_qstats { + u_int32_t ticket; + u_int32_t nr; + void *buf; + int nbytes; + u_int8_t scheduler; +}; + /* * IOCTL operations. */ @@ -336,8 +344,9 @@ struct npfioc_altq { #define IOC_NPF_TABLE_REPLACE _IOWR('N', 109, nvlist_ref_t) #define IOC_NPF_ADD_ALTQ _IOWR('N', 110, struct npfioc_altq) #define IOC_NPF_GET_ALTQS _IOWR('N', 111, struct npfioc_altq) -#define IOC_NPF_BEGIN_ALTQ _IO('N', 114) -#define IOC_NPF_DESTROY_ALTQ _IO('N', 115) +#define IOC_NPF_BEGIN_ALTQ _IO('N', 112) +#define IOC_NPF_DESTROY_ALTQ _IO('N', 113) +#define IOC_NPF_GET_QSTATS _IOWR('N', 114, struct npfioc_qstats) /* * NPF error report. diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index eab4ac90ee6e9..cec7a99855546 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -371,4 +371,32 @@ npf_disable_altq(struct npf_altq *altq) return (error); } +int +npf_get_qstats(void *data) +{ + int error; + struct npfioc_qstats *pq = (struct npfioc_qstats *)data; + struct npf_altq *altq; + u_int32_t nr; + int nbytes; + + nbytes = pq->nbytes; + nr = 0; + altq = TAILQ_FIRST(npf_altqs_active); + while ((altq != NULL) && (nr < pq->nr)) { + altq = TAILQ_NEXT(altq, entries); + nr++; + } + if (altq == NULL) { + error = EBUSY; + return error; + } + error = altq_getqstats(altq, pq->buf, &nbytes); + if (error == 0) { + pq->scheduler = altq->scheduler; + pq->nbytes = nbytes; + } + return error; +} + #endif /*ALTQ */ \ No newline at end of file diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index f78eb891793c5..d13a3beecc355 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -134,3 +134,4 @@ int npf_altq_start(void); int npf_disable_altq(struct npf_altq *); int npf_stop_altq(void); int npf_enable_altq(struct npf_altq ); +extern int npf_get_qstats(void *); diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 9d5601a569643..fffcf8eb27f16 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -296,6 +296,8 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) return npf_begin_altq(); case IOC_NPF_DESTROY_ALTQ: return npf_altq_destroy(); + case IOC_NPF_GET_QSTATS: + return npf_get_qstats(data); case IOC_NPF_LOAD: case IOC_NPF_SAVE: case IOC_NPF_RULE: diff --git a/usr.sbin/npf/npfctl/Makefile b/usr.sbin/npf/npfctl/Makefile index 51380974b3cab..c6159b5b6d3f5 100644 --- a/usr.sbin/npf/npfctl/Makefile +++ b/usr.sbin/npf/npfctl/Makefile @@ -8,6 +8,7 @@ BINDIR= /sbin SRCS= npfctl.c npf_cmd.c npf_var.c npf_data.c npf_build.c SRCS+= npf_bpf_comp.c npf_show.c npf_extmod.c npfctl_altq.c +SRCS+= npfctl_qstats.c CPPFLAGS+= -I${.CURDIR} SRCS+= npf_scan.l npf_parse.y diff --git a/usr.sbin/npf/npfctl/npfctl.c b/usr.sbin/npf/npfctl/npfctl.c index 3f12183972b17..73602bf254676 100644 --- a/usr.sbin/npf/npfctl/npfctl.c +++ b/usr.sbin/npf/npfctl/npfctl.c @@ -131,7 +131,7 @@ usage(void) } static int -npfctl_print_stats(int fd) +npfctl_print_filter_stats(int fd) { static const struct stats_s { /* Note: -1 indicates a new section. */ @@ -393,6 +393,31 @@ npfctl_config_flush(int fd, int argc, char* argv[]) return error; } +static int +npfctl_print_stats(int fd, int argc, char* argv[]) +{ + int ch; + int error = 0; + argc--; + argv++; + while((ch = getopt(argc, argv, "fq")) != -1) { + switch(ch) + { + case 'f': + error = npfctl_print_filter_stats(fd); + break; + case 'q': + error = npfctl_show_altq(fd); + break; + default: + errx(EXIT_FAILURE, + "Usage: %s stats { -f | -q }\n", + getprogname()); + } + } + return error; +} + static void npfctl_debug(int argc, char **argv) { @@ -544,7 +569,7 @@ npfctl(int action, int argc, char **argv) fun = "npfctl_config_save"; break; case NPFCTL_STATS: - ret = npfctl_print_stats(fd); + ret = npfctl_print_stats(fd, argc, argv); fun = "npfctl_print_stats"; break; case NPFCTL_CONN_LIST: diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c new file mode 100644 index 0000000000000..9b27bc26fa7a1 --- /dev/null +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -0,0 +1,364 @@ +/* + * Copyright (c) Henning Brauer + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "npfctl.h" + +union class_stats { + class_stats_t cbq_stats; + struct priq_classstats priq_stats; + struct hfsc_classstats hfsc_stats; +}; +#define AVGN_MAX 8 +#define STAT_INTERVAL 5 +struct queue_stats { + union class_stats data; + int avgn; + double avg_bytes; + double avg_packets; + u_int64_t prev_bytes; + u_int64_t prev_packets; +}; +struct npf_altq_node { + struct npf_altq altq; + struct npf_altq_node *next; + struct npf_altq_node *children; + struct queue_stats qstats; +}; +int npfctl_update_qstats(int, struct npf_altq_node **); +void npfctl_insert_altq_node(struct npf_altq_node **, + const struct npf_altq, const struct queue_stats); +struct npf_altq_node *npfctl_find_altq_node(struct npf_altq_node *, + const char *, const char *); +void npfctl_print_altq_node(int, const struct npf_altq_node *, unsigned); +void print_cbqstats(struct queue_stats); +void print_priqstats(struct queue_stats); +void print_hfscstats(struct queue_stats); +void npfctl_free_altq_node(struct npf_altq_node *); +void npfctl_print_altq_nodestat(const struct npf_altq_node *); +void update_avg(struct npf_altq_node *); + +int +npfctl_show_altq(int fd) +{ + struct npf_altq_node *root = NULL, *node; + int nodes; + + if ((nodes = npfctl_update_qstats(fd, &root)) < 0) + return (-1); + if (nodes == 0) + printf("No queue in use\n"); + for (node = root; node != NULL; node = node->next) { + if (node->altq.ifname == NULL) + continue; + + npfctl_print_altq_node(fd, node, 0); + } + /* be verbose */ + while ( nodes > 0) { + printf("\n"); + fflush(stdout); + sleep(STAT_INTERVAL); + if ((nodes = npfctl_update_qstats(fd, &root)) == -1) + return (-1); + for (node = root; node != NULL; node = node->next) { + if (node->altq.ifname == NULL) + continue; + npfctl_print_altq_node(fd, node, 0); + } + } + npfctl_free_altq_node(root); + return (0); +} + +int +npfctl_update_qstats(int fd, struct npf_altq_node **root) +{ + struct npf_altq_node *node; + struct npfioc_altq pa; + struct npfioc_qstats pq; + u_int32_t mnr, nr; + struct queue_stats qstats; + static u_int32_t last_ticket; + memset(&pa, 0, sizeof(pa)); + memset(&pq, 0, sizeof(pq)); + memset(&qstats, 0, sizeof(qstats)); + if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { + warn("IOC_NPF_GET_ALTQS"); + return (-1); + } + /* if a new set is found, start over */ + if (pa.ticket != last_ticket && *root != NULL) { + npfctl_free_altq_node(*root); + *root = NULL; + } + last_ticket = pa.ticket; + mnr = pa.nr; + for (nr = 0; nr < mnr; ++nr) { + pa.nr = nr; + if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { + warn("IOC_NPF_GET_ALTQ"); + return (-1); + } + if (pa.altq.qid > 0) { + pq.nr = nr; + pq.ticket = pa.ticket; + pq.buf = &qstats.data; + pq.nbytes = sizeof(qstats.data); + if (ioctl(fd, IOC_NPF_GET_QSTATS, &pq)) { + warn("IOC_NPF_GET_QSTATS"); + return (-1); + } + if ((node = npfctl_find_altq_node(*root, pa.altq.qname, + pa.altq.ifname)) != NULL) { + memcpy(&node->qstats.data, &qstats.data, + sizeof(qstats.data)); + update_avg(node); + } else { + npfctl_insert_altq_node(root, pa.altq, qstats); + } + } + } + return (mnr); +} + +void +npfctl_insert_altq_node(struct npf_altq_node **root, + const struct npf_altq altq, const struct queue_stats qstats) +{ + struct npf_altq_node *node; + node = calloc(1, sizeof(struct npf_altq_node)); + if (node == NULL) + err(1, "npfctl_insert_altq_node: calloc"); + memcpy(&node->altq, &altq, sizeof(struct npf_altq)); + memcpy(&node->qstats, &qstats, sizeof(qstats)); + node->next = node->children = NULL; + if (*root == NULL) + *root = node; + else if (!altq.parent[0]) { + struct npf_altq_node *prev = *root; + while (prev->next != NULL) + prev = prev->next; + prev->next = node; + } else { + struct npf_altq_node *parent; + parent = npfctl_find_altq_node(*root, altq.parent, altq.ifname); + if (parent == NULL) + errx(1, "parent %s not found", altq.parent); + if (parent->children == NULL) + parent->children = node; + else { + struct npf_altq_node *prev = parent->children; + while (prev->next != NULL) + prev = prev->next; + prev->next = node; + } + } + update_avg(node); +} + +struct npf_altq_node * +npfctl_find_altq_node(struct npf_altq_node *root, const char *qname, + const char *ifname) +{ + struct npf_altq_node *node, *child; + for (node = root; node != NULL; node = node->next) { + if (!strcmp(node->altq.qname, qname) + && !(strcmp(node->altq.ifname, ifname))) + return (node); + if (node->children != NULL) { + child = npfctl_find_altq_node(node->children, qname, + ifname); + if (child != NULL) + return (child); + } + } + return (NULL); +} + +void +npfctl_print_altq_node(int fd, const struct npf_altq_node *node, unsigned level) +{ + const struct npf_altq_node *child; + if (node == NULL) + return; + print_altq(&node->altq, level, NULL, NULL); + if (node->children != NULL) { + printf("{"); + for (child = node->children; child != NULL; + child = child->next) { + printf("%s", child->altq.qname); + if (child->next != NULL) + printf(", "); + } + printf("}"); + } + printf("\n"); + /* be verbose */ + npfctl_print_altq_nodestat(node); +// if (opts & PF_OPT_DEBUG) +// printf(" [ qid=%u ifname=%s ifbandwidth=%s ]\n", +// node->altq.qid, node->altq.ifname, +// rate2str((double)(node->altq.ifbandwidth))); + for (child = node->children; child != NULL; + child = child->next) + npfctl_print_altq_node(fd, child, level + 1); +} +void +npfctl_print_altq_nodestat( const struct npf_altq_node *a) +{ + if (a->altq.qid == 0) + return; + switch (a->altq.scheduler) { + case ALTQT_CBQ: + print_cbqstats(a->qstats); + break; + case ALTQT_PRIQ: + print_priqstats(a->qstats); + break; + case ALTQT_HFSC: + print_hfscstats(a->qstats); + break; + } +} + +void +print_cbqstats(struct queue_stats cur) +{ + printf(" [ pkts: %10llu bytes: %10llu " + "dropped pkts: %6llu bytes: %6llu ]\n", + (unsigned long long)cur.data.cbq_stats.xmit_cnt.packets, + (unsigned long long)cur.data.cbq_stats.xmit_cnt.bytes, + (unsigned long long)cur.data.cbq_stats.drop_cnt.packets, + (unsigned long long)cur.data.cbq_stats.drop_cnt.bytes); + printf(" [ qlength: %3d/%3d borrows: %6u suspends: %6u ]\n", + cur.data.cbq_stats.qcnt, cur.data.cbq_stats.qmax, + cur.data.cbq_stats.borrows, cur.data.cbq_stats.delays); + if (cur.avgn < 2) + return; + printf(" [ measured: %7.1f packets/s, %s/s ]\n", + cur.avg_packets / STAT_INTERVAL, + rate2str((8 * cur.avg_bytes) / STAT_INTERVAL)); +} + +void +print_priqstats(struct queue_stats cur) +{ + printf(" [ pkts: %10llu bytes: %10llu " + "dropped pkts: %6llu bytes: %6llu ]\n", + (unsigned long long)cur.data.priq_stats.xmitcnt.packets, + (unsigned long long)cur.data.priq_stats.xmitcnt.bytes, + (unsigned long long)cur.data.priq_stats.dropcnt.packets, + (unsigned long long)cur.data.priq_stats.dropcnt.bytes); + printf(" [ qlength: %3d/%3d ]\n", + cur.data.priq_stats.qlength, cur.data.priq_stats.qlimit); + if (cur.avgn < 2) + return; + printf(" [ measured: %7.1f packets/s, %s/s ]\n", + cur.avg_packets / STAT_INTERVAL, + rate2str((8 * cur.avg_bytes) / STAT_INTERVAL)); +} + +void +print_hfscstats(struct queue_stats cur) +{ + printf(" [ pkts: %10llu bytes: %10llu " + "dropped pkts: %6llu bytes: %6llu ]\n", + (unsigned long long)cur.data.hfsc_stats.xmit_cnt.packets, + (unsigned long long)cur.data.hfsc_stats.xmit_cnt.bytes, + (unsigned long long)cur.data.hfsc_stats.drop_cnt.packets, + (unsigned long long)cur.data.hfsc_stats.drop_cnt.bytes); + printf(" [ qlength: %3d/%3d ]\n", + cur.data.hfsc_stats.qlength, cur.data.hfsc_stats.qlimit); + if (cur.avgn < 2) + return; + printf(" [ measured: %7.1f packets/s, %s/s ]\n", + cur.avg_packets / STAT_INTERVAL, + rate2str((8 * cur.avg_bytes) / STAT_INTERVAL)); +} + +void +npfctl_free_altq_node(struct npf_altq_node *node) +{ + while (node != NULL) { + struct npf_altq_node *prev; + if (node->children != NULL) + npfctl_free_altq_node(node->children); + prev = node; + node = node->next; + free(prev); + } +} + +void +update_avg(struct npf_altq_node *a) +{ + struct queue_stats *qs; + u_int64_t b, p; + int n; + if (a->altq.qid == 0) + return; + qs = &a->qstats; + n = qs->avgn; + switch (a->altq.scheduler) { + case ALTQT_CBQ: + b = qs->data.cbq_stats.xmit_cnt.bytes; + p = qs->data.cbq_stats.xmit_cnt.packets; + break; + case ALTQT_PRIQ: + b = qs->data.priq_stats.xmitcnt.bytes; + p = qs->data.priq_stats.xmitcnt.packets; + break; + case ALTQT_HFSC: + b = qs->data.hfsc_stats.xmit_cnt.bytes; + p = qs->data.hfsc_stats.xmit_cnt.packets; + break; + default: + b = 0; + p = 0; + break; + } + if (n == 0) { + qs->prev_bytes = b; + qs->prev_packets = p; + qs->avgn++; + return; + } + if (b >= qs->prev_bytes) + qs->avg_bytes = ((qs->avg_bytes * (n - 1)) + + (b - qs->prev_bytes)) / n; + if (p >= qs->prev_packets) + qs->avg_packets = ((qs->avg_packets * (n - 1)) + + (p - qs->prev_packets)) / n; + qs->prev_bytes = b; + qs->prev_packets = p; + if (n < AVGN_MAX) + qs->avgn++; +} From 959971257a2f9c7a4a582c1411e683b318123c54 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Sat, 14 Dec 2024 17:23:58 +0000 Subject: [PATCH 12/75] show altq using npfctl show -q showing reloaded queues is triggered passing a -q flag on npfctl show. npfctl show displays loaded filtering rules and also displays the state of altq in npf(either enabled or disabled). --- sys/net/npf/npf.h | 1 + sys/net/npf/npf_os.c | 3 ++ usr.sbin/npf/npfctl/npf_show.c | 60 ++++++++++++++++++++++++++++--- usr.sbin/npf/npfctl/npfctl.c | 4 +-- usr.sbin/npf/npfctl/npfctl.h | 11 ++++++ usr.sbin/npf/npfctl/npfctl_altq.c | 6 ++++ 6 files changed, 79 insertions(+), 6 deletions(-) diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index 639bf47e17fd7..6d27e5e1ca6d9 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -347,6 +347,7 @@ struct npfioc_qstats { #define IOC_NPF_BEGIN_ALTQ _IO('N', 112) #define IOC_NPF_DESTROY_ALTQ _IO('N', 113) #define IOC_NPF_GET_QSTATS _IOWR('N', 114, struct npfioc_qstats) +#define IOC_NPF_ALTQ_STATE _IOR('N', 115, int) /* * NPF error report. diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index fffcf8eb27f16..871d628009088 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -298,6 +298,9 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) return npf_altq_destroy(); case IOC_NPF_GET_QSTATS: return npf_get_qstats(data); + case IOC_NPF_ALTQ_STATE: + *(int *)data = npf_altq_running; + return 0; case IOC_NPF_LOAD: case IOC_NPF_SAVE: case IOC_NPF_RULE: diff --git a/usr.sbin/npf/npfctl/npf_show.c b/usr.sbin/npf/npfctl/npf_show.c index 5480088de0df5..042f0f309be4c 100644 --- a/usr.sbin/npf/npfctl/npf_show.c +++ b/usr.sbin/npf/npfctl/npf_show.c @@ -46,6 +46,7 @@ __RCSID("$NetBSD: npf_show.c,v 1.33 2023/08/01 20:09:12 andvar Exp $"); #include #include #include +#include #include #include #include @@ -509,11 +510,36 @@ npfctl_print_filter(npf_conf_info_t *ctx, nl_rule_t *rl) return seenf; } +int +npfctl_print_altq(int fd) +{ + //struct npf_altq_node *root = NULL, *node; + struct npfioc_altq pa; + u_int32_t mnr, nr; + + memset(&pa, 0, sizeof(pa)); + if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { + warn("IOC_NPF_GET_ALTQS"); + return -1; + } + mnr = pa.nr; + for (nr = 0; nr < mnr; nr++) { + pa.nr = nr; + if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { + warn("IOC_NPF_GET_ALTQ"); + return -1; + } + print_altq(&pa.altq, 0, NULL, NULL); + printf("\n"); + } + return 0; +} + static void npfctl_print_rule(npf_conf_info_t *ctx, nl_rule_t *rl, unsigned level) { const uint32_t attr = npf_rule_getattr(rl); - const char *rproc, *ifname, *name; + const char *rproc, *ifname, *name, *qname; bool dyn_ruleset; /* Rule attributes/flags. */ @@ -551,6 +577,11 @@ npfctl_print_rule(npf_conf_info_t *ctx, nl_rule_t *rl, unsigned level) if ((rproc = npf_rule_getproc(rl)) != NULL) { ctx->fpos += fprintf(ctx->fp, "apply \"%s\" ", rproc); } + + if ((qname = npf_rule_getqueue(rl)) != NULL) { + ctx->fpos += fprintf(ctx->fp, "queue \"%s\" ", qname); + } + out: npfctl_print_id(ctx, rl); ctx->fpos += fprintf(ctx->fp, "\n"); @@ -685,23 +716,44 @@ npfctl_print_params(npf_conf_info_t *ctx, nl_config_t *ncf) } int -npfctl_config_show(int fd) +npfctl_config_show(int fd, int argc, char* argv[]) +{ + int ch; + argc--; + argv++; + while((ch = getopt(argc, argv, "q")) != -1) { + switch (ch) { + case 'q': + return npfctl_print_altq(fd); + default: + errx(EXIT_FAILURE, + "usage: %s show { -q }\n", getprogname()); + } + } + return npfctl_config_print(fd); +} + +int +npfctl_config_print(int fd) { npf_conf_info_t *ctx = npfctl_show_init(); nl_config_t *ncf; bool loaded; + bool altq_running; if (fd) { ncf = npf_config_retrieve(fd); if (ncf == NULL) { return errno; } + + ioctl(fd, IOC_NPF_ALTQ_STATE, &altq_running); loaded = npf_config_loaded_p(ncf); ctx->validating = false; ctx->fpos += fprintf(ctx->fp, - "# filtering:\t%s\n# config:\t%s\n", + "# filtering:\t%s\n# config:\t%s\n# altq:\t%s\n", npf_config_active_p(ncf) ? "active" : "inactive", - loaded ? "loaded" : "empty"); + loaded ? "loaded" : "empty", altq_running ? "enabled" : "disabled"); print_linesep(ctx); } else { ncf = npfctl_config_ref(); diff --git a/usr.sbin/npf/npfctl/npfctl.c b/usr.sbin/npf/npfctl/npfctl.c index 73602bf254676..6bb10b9dda1ad 100644 --- a/usr.sbin/npf/npfctl/npfctl.c +++ b/usr.sbin/npf/npfctl/npfctl.c @@ -527,7 +527,7 @@ npfctl(int action, int argc, char **argv) fun = "npfctl_config_send"; break; case NPFCTL_SHOWCONF: - ret = npfctl_config_show(fd); + ret = npfctl_config_show(fd, argc, argv); fun = "npfctl_config_show"; break; case NPFCTL_FLUSH: @@ -579,7 +579,7 @@ npfctl(int action, int argc, char **argv) case NPFCTL_VALIDATE: npfctl_config_init(false); npfctl_parse_file(argc > 2 ? argv[2] : NPF_CONF_PATH); - ret = npfctl_config_show(0); + ret = npfctl_config_show(0, argc, argv); fun = "npfctl_config_show"; break; case NPFCTL_DEBUG: diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 3e04343ad9703..e0f389b49014c 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -269,6 +269,8 @@ void npfctl_config_init(bool); void npfctl_config_build(void); int npfctl_config_send(int); nl_config_t * npfctl_config_ref(void); +int npfctl_config_print(int); +npfctl_config_show(int, int, char **); int npfctl_config_show(int); void npfctl_config_save(nl_config_t *, const char *); int npfctl_ruleset_show(int, const char *); @@ -319,9 +321,18 @@ u_int32_t qname_to_qid(const char *); struct npf_altq *npfaltq_lookup(const char *ifname); char *rate2str(double); +int npfctl_print_altq(int); +int npf_rule_qnames_exists(const char *); +void print_altq(const struct npf_altq *, unsigned, struct node_queue_bw *, + struct node_queue_opt *); +void print_queue(const struct npf_altq *, unsigned, struct node_queue_bw *, + int , struct node_queue_opt *); +int check_commit_altq(void); + int npf_rule_qnames_exists(const char *); int check_commit_altq(void); int npf_altq_destroy(int); +int npfctl_print_altq(int); /* * For the systems which do not define TH_ECE and TW_CRW. diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index e615004f50ead..60af1470a2323 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -1209,6 +1209,7 @@ check_commit_hfsc(struct npf_altq *pa) } return (error); } + void print_altq(const struct npf_altq *a, unsigned level, struct node_queue_bw *bw, struct node_queue_opt *qopts) @@ -1241,6 +1242,7 @@ print_altq(const struct npf_altq *a, unsigned level, struct node_queue_bw *bw, printf("qlimit %u ", a->qlimit); printf("tbrsize %u ", a->tbrsize); } + void print_queue(const struct npf_altq *a, unsigned level, struct node_queue_bw *bw, int print_interface, struct node_queue_opt *qopts) @@ -1275,6 +1277,7 @@ print_queue(const struct npf_altq *a, unsigned level, struct node_queue_bw *bw, break; } } + static int print_cbq_opts(const struct npf_altq *a) { @@ -1309,6 +1312,7 @@ print_cbq_opts(const struct npf_altq *a) } else return (0); } + static int print_priq_opts(const struct npf_altq *a) { @@ -1331,6 +1335,7 @@ print_priq_opts(const struct npf_altq *a) } else return (0); } + static int print_hfsc_opts(const struct npf_altq *a, const struct node_queue_opt *qopts) { @@ -1373,6 +1378,7 @@ print_hfsc_opts(const struct npf_altq *a, const struct node_queue_opt *qopts) } else return (0); } + void print_hfsc_sc(const char *scname, u_int m1, u_int d, u_int m2, const struct node_hfsc_sc *sc) From d9ba839e544dfe4c0c1f4562c85629cecc5830d2 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 27 Dec 2024 11:56:04 +0000 Subject: [PATCH 13/75] fix err, return parens, sizeof args, and copyright issues --- sys/net/npf/npf_altq.c | 32 ++--- sys/net/npf/npf_altq.h | 26 ++-- usr.sbin/npf/npfctl/npf_show.c | 2 +- usr.sbin/npf/npfctl/npfctl.h | 14 +-- usr.sbin/npf/npfctl/npfctl_altq.c | 184 ++++++++++++++-------------- usr.sbin/npf/npfctl/npfctl_qstats.c | 74 ++++++----- 6 files changed, 173 insertions(+), 159 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index cec7a99855546..223301f3348df 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -102,9 +102,9 @@ npf_begin_altq(void) pool_put(&npf_altq_pl, altq); } if (error) - return (error); + return error; - return (0); + return 0; } int @@ -130,7 +130,7 @@ npf_add_altq(void *data) error = ENOMEM; return error; } - memcpy(altq, &paa->altq, sizeof(struct npf_altq)); + memcpy(altq, &paa->altq, sizeof(paa->altq)); /* * if this is for a queue, find the discipline and * copy the necessary fields @@ -155,7 +155,7 @@ npf_add_altq(void *data) return error; } TAILQ_INSERT_TAIL(npf_altqs_inactive, altq, entries); - memcpy(&paa->altq, altq, sizeof(struct npf_altq)); + memcpy(&paa->altq, altq, sizeof(*altq)); if (!npf_altq_loaded) npf_altq_loaded = 1; @@ -169,7 +169,7 @@ npf_commit_altq(void) struct npf_altq *altq; int s, err, error = 0; if (!npf_altqs_inactive_open) - return (EBUSY); + return EBUSY; /* swap altqs, keep the old. */ s = splsoftnet(); old_altqs = npf_altqs_active; @@ -185,7 +185,7 @@ npf_commit_altq(void) error = npf_enable_altq(altq); if (error != 0) { splx(s); - return (error); + return error; } } } @@ -208,7 +208,7 @@ npf_commit_altq(void) } splx(s); npf_altqs_inactive_open = 0; - return (error); + return error; } u_int32_t @@ -238,13 +238,13 @@ npftagname2tag(struct npf_tags *head, char *tagname) p->tag == new_tagid; p = TAILQ_NEXT(p, entries)) new_tagid = p->tag + 1; if (new_tagid > TAGID_MAX) - return (0); + return 0; /* allocate and fill new struct npf_tagname */ - tag = (struct npf_tagname *)malloc(sizeof(struct npf_tagname), + tag = (struct npf_tagname *)malloc(sizeof(*tag), M_TEMP, M_NOWAIT); if (tag == NULL) - return (0); - memset(tag, 0, sizeof(struct npf_tagname)); + return 0; + memset(tag, 0, sizeof(*tag)); strlcpy(tag->name, tagname, sizeof(tag->name)); tag->tag = new_tagid; tag->ref++; @@ -311,7 +311,7 @@ npf_enable_altq(struct npf_altq *altq) struct tb_profile tb; int s, error = 0; if ((ifp = ifunit(altq->ifname)) == NULL) - return (EINVAL); + return EINVAL; if (ifp->if_snd.altq_type != ALTQT_NONE) error = altq_enable(&ifp->if_snd); /* set tokenbucket regulator */ @@ -324,7 +324,7 @@ npf_enable_altq(struct npf_altq *altq) } if (error == 0) npf_altq_running = true; - return (error); + return error; } int @@ -351,13 +351,13 @@ npf_disable_altq(struct npf_altq *altq) struct tb_profile tb; int s, error; if ((ifp = ifunit(altq->ifname)) == NULL) - return (EINVAL); + return EINVAL; /* * when the discipline is no longer referenced, it was overridden * by a new one. if so, just return. */ if (altq->altq_disc != ifp->if_snd.altq_disc) - return (0); + return 0; error = altq_disable(&ifp->if_snd); if (error == 0) { /* clear tokenbucket regulator */ @@ -368,7 +368,7 @@ npf_disable_altq(struct npf_altq *altq) } if (error == 0) npf_altq_running = 0; - return (error); + return error; } int diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index d13a3beecc355..657806e6be368 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -82,17 +82,17 @@ struct npf_altq { void *altq_disc; /* discipline-specific state */ TAILQ_ENTRY(npf_altq) entries; /* scheduler spec */ - u_int8_t scheduler; /* scheduler type */ - u_int16_t tbrsize; /* tokenbucket regulator size */ - u_int32_t ifbandwidth; /* interface bandwidth */ + uint8_t scheduler; /* scheduler type */ + uint16_t tbrsize; /* tokenbucket regulator size */ + uint32_t ifbandwidth; /* interface bandwidth */ /* queue spec */ char qname[NPF_QNAME_SIZE]; /* queue name */ char parent[NPF_QNAME_SIZE]; /* parent name */ - u_int32_t parent_qid; /* parent queue id */ - u_int32_t bandwidth; /* queue bandwidth */ - u_int8_t priority; /* priority */ - u_int16_t qlimit; /* queue size limit */ - u_int16_t flags; /* misc flags */ + uint32_t parent_qid; /* parent queue id */ + uint32_t bandwidth; /* queue bandwidth */ + uint8_t priority; /* priority */ + uint16_t qlimit; /* queue size limit */ + uint16_t flags; /* misc flags */ union { struct npf_cbq_opts cbq_opts; struct npf_priq_opts priq_opts; @@ -102,17 +102,17 @@ struct npf_altq { }; struct qid { - u_int32_t qid; + uint32_t qid; }; struct npf_tag { - u_int16_t tag; /* tag id */ + uint16_t tag; /* tag id */ }; struct npf_tagname { TAILQ_ENTRY(npf_tagname) entries; char name[NPF_TAG_NAME_SIZE]; - u_int16_t tag; + uint16_t tag; int ref; }; @@ -127,8 +127,8 @@ extern void npf_altq_init(void); extern int npf_begin_altq(void); extern int npf_commit_altq(void); extern int npf_add_altq(void *); -extern u_int32_t npf_qname2qid(char *); -void npf_qid_unref(u_int32_t); +extern uint32_t npf_qname2qid(char *); +void npf_qid_unref(uint32_t); extern int npf_altq_destroy(void); int npf_altq_start(void); int npf_disable_altq(struct npf_altq *); diff --git a/usr.sbin/npf/npfctl/npf_show.c b/usr.sbin/npf/npfctl/npf_show.c index 042f0f309be4c..182cc8b513813 100644 --- a/usr.sbin/npf/npfctl/npf_show.c +++ b/usr.sbin/npf/npfctl/npf_show.c @@ -515,7 +515,7 @@ npfctl_print_altq(int fd) { //struct npf_altq_node *root = NULL, *node; struct npfioc_altq pa; - u_int32_t mnr, nr; + uint32_t mnr, nr; memset(&pa, 0, sizeof(pa)); if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index e0f389b49014c..f85239db4a9c8 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -55,15 +55,15 @@ #define DEFAULT_PRIORITY 1 #endif struct node_queue_bw { - u_int32_t bw_absolute; - u_int16_t bw_percent; + uint32_t bw_absolute; + uint16_t bw_percent; }; struct node_hfsc_sc { struct node_queue_bw m1; /* slope of 1st segment; bps */ u_int d; /* x-projection of m1; msec */ struct node_queue_bw m2; /* slope of 2nd segment; bps */ - u_int8_t used; + uint8_t used; }; struct node_hfsc_opts { @@ -306,18 +306,18 @@ int expand_altq(struct npf_altq *, const char *, struct node_queue *, int expand_queue(struct npf_altq *, const char *, struct node_queue *, struct node_queue_bw, struct node_queue_opt *); u_long get_ifmtu(char *); -u_int32_t get_ifspeed(char *); -u_int32_t npf_eval_bwspec(struct node_queue_bw *, u_int32_t); +uint32_t get_ifspeed(char *); +uint32_t npf_eval_bwspec(struct node_queue_bw *, uint32_t); void npfaltq_store(struct npf_altq *); int npfctl_add_altq(struct npf_altq *); int npf_eval_queue_opts(struct npf_altq *, struct node_queue_opt *, - u_int32_t); + uint32_t); int eval_npfaltq(struct npf_altq *, struct node_queue_bw *, struct node_queue_opt *); int eval_npfqueue(struct npf_altq *, struct node_queue_bw *, struct node_queue_opt *); struct npf_altq *qname_to_npfaltq(const char *, const char *); -u_int32_t qname_to_qid(const char *); +uint32_t qname_to_qid(const char *); struct npf_altq *npfaltq_lookup(const char *ifname); char *rate2str(double); diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 60af1470a2323..d2b9ad84d12ea 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -99,7 +99,7 @@ struct node_queue *queues = NULL; if (r == NULL) { \ r = calloc(1, sizeof(T)); \ if (r == NULL) \ - err(1, "LOOP: calloc"); \ + err(EXIT_FAILURE, "LOOP: calloc"); \ r->next = NULL; \ } \ n = r; \ @@ -118,11 +118,11 @@ npfctl_test_altqsupport(int dev) if (errno == ENODEV) { fprintf(stderr, "No ALTQ support in kernel\n" "ALTQ related functions disabled\n"); - return (0); + return 0; } else - err(1, "IOC_GET_ALTQS"); + err(EXIT_FAILURE, "IOC_GET_ALTQS"); } - return (1); + return 1; } /* evaluate bandwidth */ int @@ -145,16 +145,16 @@ npfctl_eval_bw(struct node_queue_bw * bw, char * bw_spec) if (bps < 0 || bps > 100) { yyerror("bandwidth spec " "out of range"); - return (-1); + return -1; } bw->bw_percent = bps; bps = 0; } else { yyerror("unknown unit %s", cp); - return (-1); + return -1; } } - bw->bw_absolute = (u_int32_t)bps; + bw->bw_absolute = (uint32_t)bps; return 0; } @@ -169,7 +169,7 @@ expand_altq(struct npf_altq *a, const char *ifname, struct node_queue_bw bw; int errs = 0; npfdev = npfctl_open_dev(NPF_DEV_PATH); - memcpy(&pa, a, sizeof(struct npf_altq)); + memcpy(&pa, a, sizeof(*a)); if (strlcpy(pa.ifname, ifname, sizeof(pa.ifname)) >= sizeof(pa.ifname)) errx(1, "expand_altq: strlcpy"); @@ -190,7 +190,7 @@ expand_altq(struct npf_altq *a, const char *ifname, if (pa.scheduler == ALTQT_CBQ || pa.scheduler == ALTQT_HFSC) { /* now create a root queue */ - memset(&pb, 0, sizeof(struct npf_altq)); + memset(&pb, 0, sizeof(pb)); if (strlcpy(qname, "root_", sizeof(qname)) >= sizeof(qname)) errx(1, "expand_altq: strlcpy"); @@ -216,7 +216,7 @@ expand_altq(struct npf_altq *a, const char *ifname, LOOP_THROUGH(struct node_queue, queue, nqueues, n = calloc(1, sizeof(struct node_queue)); if (n == NULL) - err(1, "expand_altq: calloc"); + err(EXIT_FAILURE, "expand_altq: calloc"); if (pa.scheduler == ALTQT_CBQ || pa.scheduler == ALTQT_HFSC) if (strlcpy(n->parent, qname, @@ -242,7 +242,7 @@ expand_altq(struct npf_altq *a, const char *ifname, } FREE_LIST(struct node_queue, nqueues); - return (errs); + return errs; } int expand_queue(struct npf_altq *a, const char *ifname, @@ -251,13 +251,13 @@ expand_queue(struct npf_altq *a, const char *ifname, { struct node_queue *n, *nq; struct npf_altq pa; - u_int8_t found = 0; - u_int8_t errs = 0; + uint8_t found = 0; + uint8_t errs = 0; if (queues == NULL) { yyerror("queue %s has no parent", a->qname); FREE_LIST(struct node_queue, nqueues); - return (1); + return 1; } LOOP_THROUGH(struct node_queue, tqueue, queues, if (!strncmp(a->qname, tqueue->queue, NPF_QNAME_SIZE) && @@ -266,7 +266,7 @@ expand_queue(struct npf_altq *a, const char *ifname, (strncmp(ifname, tqueue->ifname, IFNAMSIZ)))){ /* found ourself in the child queues */ found++; - memcpy(&pa, a, sizeof(struct npf_altq)); + memcpy(&pa, a, sizeof(*a)); if (pa.scheduler != ALTQT_NONE && pa.scheduler != tqueue->scheduler) { yyerror("exactly one scheduler type " @@ -316,7 +316,7 @@ expand_queue(struct npf_altq *a, const char *ifname, n = calloc(1, sizeof(struct node_queue)); if (n == NULL) - err(1, "expand_queue: calloc"); + err(EXIT_FAILURE, "expand_queue: calloc"); if (strlcpy(n->parent, a->qname, sizeof(n->parent)) >= sizeof(n->parent)) @@ -348,9 +348,9 @@ expand_queue(struct npf_altq *a, const char *ifname, errs++; } if (errs) - return (1); + return 1; else - return (0); + return 0; } /* * eval_npfaltq computes the discipline parameters. @@ -387,11 +387,11 @@ eval_npfaltq(struct npf_altq *pa, struct node_queue_bw *bw, size = 0xffff; pa->tbrsize = size; } - return (errors); + return errors; } int npf_eval_queue_opts(struct npf_altq *pa, struct node_queue_opt *opts, - u_int32_t ref_bw) + uint32_t ref_bw) { int errors = 0; switch (pa->scheduler) { @@ -440,14 +440,14 @@ npf_eval_queue_opts(struct npf_altq *pa, struct node_queue_opt *opts, errors++; break; } - return (errors); + return errors; } int npfctl_add_altq(struct npf_altq *a) { struct npfioc_altq *npaltq; if ((npaltq = malloc(sizeof(*npaltq))) == NULL) - err(1, "malloc"); + err(EXIT_FAILURE, "malloc"); memcpy(&npaltq->altq, a, sizeof(struct npf_altq)); if (ioctl(npfdev, IOC_NPF_ADD_ALTQ, npaltq)) { if (errno == ENXIO) @@ -456,49 +456,49 @@ npfctl_add_altq(struct npf_altq *a) errx(1, "%s: driver does not support " "altq", a->ifname); else - err(1, "NPFADDALTQ"); + err(EXIT_FAILURE, "NPFADDALTQ"); } npfaltq_store(&npaltq->altq); free(npaltq); - return (0); + return 0; } void npfaltq_store(struct npf_altq *a) { struct npf_altq *altq; if ((altq = malloc(sizeof(*altq))) == NULL) - err(1, "malloc"); - memcpy(altq, a, sizeof(struct npf_altq)); + err(EXIT_FAILURE, "malloc"); + memcpy(altq, a, sizeof(*a)); TAILQ_INSERT_TAIL(&altqs, altq, entries); /* check altq presence in config */ } -u_int32_t -npf_eval_bwspec(struct node_queue_bw *bw, u_int32_t ref_bw) +uint32_t +npf_eval_bwspec(struct node_queue_bw *bw, uint32_t ref_bw) { if (bw->bw_absolute > 0) return (bw->bw_absolute); if (bw->bw_percent > 0) return (ref_bw / 100 * bw->bw_percent); - return (0); + return 0; } -u_int32_t +uint32_t get_ifspeed(char *ifname) { int s; struct ifdatareq ifdr; struct if_data *ifrdat; if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) - err(1, "getifspeed: socket"); + err(EXIT_FAILURE, "getifspeed: socket"); memset(&ifdr, 0, sizeof(ifdr)); if (strlcpy(ifdr.ifdr_name, ifname, sizeof(ifdr.ifdr_name)) >= sizeof(ifdr.ifdr_name)) errx(1, "getifspeed: strlcpy"); if (ioctl(s, SIOCGIFDATA, &ifdr) == -1) - err(1, "getifspeed: SIOCGIFDATA"); + err(EXIT_FAILURE, "getifspeed: SIOCGIFDATA"); ifrdat = &ifdr.ifdr_data; if (close(s) == -1) - err(1, "getifspeed: close"); - return ((u_int32_t)ifrdat->ifi_baudrate); + err(EXIT_FAILURE, "getifspeed: close"); + return ((uint32_t)ifrdat->ifi_baudrate); } u_long get_ifmtu(char *ifname) @@ -506,20 +506,20 @@ get_ifmtu(char *ifname) int s; struct ifreq ifr; if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) - err(1, "socket"); + err(EXIT_FAILURE, "socket"); bzero(&ifr, sizeof(ifr)); if (strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)) >= sizeof(ifr.ifr_name)) errx(1, "getifmtu: strlcpy"); if (ioctl(s, SIOCGIFMTU, (caddr_t)&ifr) == -1) - err(1, "SIOCGIFMTU"); + err(EXIT_FAILURE, "SIOCGIFMTU"); if (close(s) == -1) - err(1, "close"); + err(EXIT_FAILURE, "close"); if (ifr.ifr_mtu > 0) return (ifr.ifr_mtu); else { warnx("could not get mtu for %s, assuming 1500", ifname); - return (1500); + return 1500; } } /* @@ -531,19 +531,19 @@ eval_npfqueue(struct npf_altq *pa, struct node_queue_bw *bw, { /* should be merged with expand_queue */ struct npf_altq *if_pa, *parent, *altq; - u_int32_t bwsum; + uint32_t bwsum; int error = 0; /* find the corresponding interface and copy fields used by queues */ if ((if_pa = npfaltq_lookup(pa->ifname)) == NULL) { fprintf(stderr, "altq not defined on %s\n", pa->ifname); - return (1); + return 1; } pa->scheduler = if_pa->scheduler; pa->ifbandwidth = if_pa->ifbandwidth; if (qname_to_npfaltq(pa->qname, pa->ifname) != NULL) { fprintf(stderr, "queue %s already exists on interface %s\n", pa->qname, pa->ifname); - return (1); + return 1; } pa->qid = qname_to_qid(pa->qname); parent = NULL; @@ -552,7 +552,7 @@ eval_npfqueue(struct npf_altq *pa, struct node_queue_bw *bw, if (parent == NULL) { fprintf(stderr, "parent %s not found for %s\n", pa->parent, pa->qname); - return (1); + return 1; } pa->parent_qid = parent->qid; } @@ -564,14 +564,14 @@ eval_npfqueue(struct npf_altq *pa, struct node_queue_bw *bw, if (pa->bandwidth > pa->ifbandwidth) { fprintf(stderr, "bandwidth for %s higher than " "interface\n", pa->qname); - return (1); + return 1; } /* check the sum of the child bandwidth is under parent's */ if (parent != NULL) { if (pa->bandwidth > parent->bandwidth) { warnx("bandwidth for %s higher than parent", pa->qname); - return (1); + return 1; } bwsum = 0; TAILQ_FOREACH(altq, &altqs, entries) { @@ -590,7 +590,7 @@ eval_npfqueue(struct npf_altq *pa, struct node_queue_bw *bw, } } if (npf_eval_queue_opts(pa, opts, parent == NULL? 0 : parent->bandwidth)) - return (1); + return 1; switch (pa->scheduler) { case ALTQT_CBQ: error = eval_npfqueue_cbq(pa); @@ -604,7 +604,7 @@ eval_npfqueue(struct npf_altq *pa, struct node_queue_bw *bw, default: break; } - return (error); + return error; } struct npf_altq * qname_to_npfaltq(const char *qname, const char *ifname) @@ -613,11 +613,11 @@ qname_to_npfaltq(const char *qname, const char *ifname) TAILQ_FOREACH(altq, &altqs, entries) { if (strncmp(ifname, altq->ifname, IFNAMSIZ) == 0 && strncmp(qname, altq->qname, NPF_QNAME_SIZE) == 0) - return (altq); + return altq; } - return (NULL); + return NULL; } -u_int32_t +uint32_t qname_to_qid(const char *qname) { struct npf_altq *altq; @@ -630,7 +630,7 @@ qname_to_qid(const char *qname) if (strncmp(qname, altq->qname, NPF_QNAME_SIZE) == 0) return (altq->qid); } - return (0); + return 0; } /*define only one discipline on one interface */ @@ -654,9 +654,9 @@ npfaltq_lookup(const char *ifname) TAILQ_FOREACH(altq, &altqs, entries) { if (strncmp(ifname, altq->ifname, IFNAMSIZ) == 0 && altq->qname[0] == 0) - return (altq); + return altq; } - return (NULL); + return NULL; } /* * CBQ support functions @@ -670,7 +670,7 @@ eval_npfqueue_cbq(struct npf_altq *pa) u_int ifmtu; if (pa->priority >= CBQ_MAXPRI) { warnx("priority out of range: max %d", CBQ_MAXPRI - 1); - return (-1); + return -1; } ifmtu = get_ifmtu(pa->ifname); opts = &pa->pq_u.cbq_opts; @@ -689,7 +689,7 @@ eval_npfqueue_cbq(struct npf_altq *pa) if (pa->parent[0] == 0) opts->flags |= (CBQCLF_ROOTCLASS | CBQCLF_WRR); cbq_compute_idletime(pa); - return (0); + return 0; } /* * compute ns_per_byte, maxidle, minidle, and offtime @@ -765,7 +765,7 @@ cbq_compute_idletime(struct npf_altq *pa) opts->maxidle = (u_int)fabs(maxidle); opts->minidle = (int)minidle; opts->offtime = (u_int)fabs(offtime); - return (0); + return 0; } /* * PRIQ support functions @@ -776,7 +776,7 @@ eval_npfqueue_priq(struct npf_altq *pa) struct npf_altq *altq; if (pa->priority >= PRIQ_MAXPRI) { warnx("priority out of range: max %d", PRIQ_MAXPRI - 1); - return (-1); + return -1; } /* the priority should be unique for the interface */ TAILQ_FOREACH(altq, &altqs, entries) { @@ -784,10 +784,10 @@ eval_npfqueue_priq(struct npf_altq *pa) altq->qname[0] != 0 && altq->priority == pa->priority) { warnx("%s and %s have the same priority", altq->qname, pa->qname); - return (-1); + return -1; } } - return (0); + return 0; } /* * HFSC support functions @@ -804,7 +804,7 @@ eval_npfqueue_hfsc(struct npf_altq *pa) opts->lssc_m1 = pa->ifbandwidth; opts->lssc_m2 = pa->ifbandwidth; opts->lssc_d = 0; - return (0); + return 0; } LIST_INIT(&rtsc); LIST_INIT(&lssc); @@ -815,13 +815,13 @@ eval_npfqueue_hfsc(struct npf_altq *pa) (opts->lssc_m1 > 0 && opts->lssc_m2 == 0) || (opts->ulsc_m1 > 0 && opts->ulsc_m2 == 0)) { warnx("m2 is zero for %s", pa->qname); - return (-1); + return -1; } if ((opts->rtsc_m1 < opts->rtsc_m2 && opts->rtsc_m1 != 0) || (opts->lssc_m1 < opts->lssc_m2 && opts->lssc_m1 != 0) || (opts->ulsc_m1 < opts->ulsc_m2 && opts->ulsc_m1 != 0)) { warnx("m1 must be zero for convex curve: %s", pa->qname); - return (-1); + return -1; } /* * admission control: @@ -906,11 +906,11 @@ eval_npfqueue_hfsc(struct npf_altq *pa) } gsc_destroy(&rtsc); gsc_destroy(&lssc); - return (0); + return 0; err_ret: gsc_destroy(&rtsc); gsc_destroy(&lssc); - return (-1); + return -1; } #define R2S_BUFS 8 #define RATESTR_MAX 16 @@ -931,7 +931,7 @@ rate2str(double rate) snprintf(buf, RATESTR_MAX, "%.2f%cb", rate, unit[i]); else snprintf(buf, RATESTR_MAX, "%d%cb", (int)rate, unit[i]); - return (buf); + return buf; } /* * admission control using generalized service curve @@ -958,12 +958,12 @@ is_gsc_under_sc(struct gen_sc *gsc, struct service_curve *sc) double y; if (is_sc_null(sc)) { if (LIST_EMPTY(gsc)) - return (1); + return 1; LIST_FOREACH(s, gsc, _next) { if (s->m != 0) - return (0); + return 0; } - return (1); + return 1; } /* * gsc has a dummy entry at the end with x = HUGE_VAL. @@ -971,24 +971,24 @@ is_gsc_under_sc(struct gen_sc *gsc, struct service_curve *sc) */ end = gsc_getentry(gsc, HUGE_VAL); if (end == NULL) - return (1); + return 1; last = NULL; for (s = LIST_FIRST(gsc); s != end; s = LIST_NEXT(s, _next)) { if (s->y > sc_x2y(sc, s->x)) - return (0); + return 0; last = s; } /* last now holds the real last segment */ if (last == NULL) - return (1); + return 1; if (last->m > sc->m2) - return (0); + return 0; if (last->x < sc->d && last->m > sc->m1) { y = last->y + (sc->d - last->x) * last->m; if (y > sc_x2y(sc, sc->d)) - return (0); + return 0; } - return (1); + return 1; } static void gsc_destroy(struct gen_sc *gsc) @@ -1010,15 +1010,15 @@ gsc_getentry(struct gen_sc *gsc, double x) prev = NULL; LIST_FOREACH(s, gsc, _next) { if (s->x == x) - return (s); /* matching entry found */ + return s; /* matching entry found */ else if (s->x < x) prev = s; else break; } /* we have to create a new entry */ - if ((new = calloc(1, sizeof(struct segment))) == NULL) - return (NULL); + if ((new = calloc(1, sizeof(*new))) == NULL) + return NULL; new->x = x; if (x == HUGE_VAL || s == NULL) new->d = 0; @@ -1049,7 +1049,7 @@ gsc_getentry(struct gen_sc *gsc, double x) new->m = prev->m; LIST_INSERT_AFTER(prev, new, _next); } - return (new); + return new; } /* add a segment to a generalized service curve */ static int @@ -1064,7 +1064,7 @@ gsc_add_seg(struct gen_sc *gsc, double x, double y, double d, double m) start = gsc_getentry(gsc, x); end = gsc_getentry(gsc, x2); if (start == NULL || end == NULL) - return (-1); + return -1; for (s = start; s != end; s = LIST_NEXT(s, _next)) { s->m += m; s->y += y + (s->x - x) * m; @@ -1073,7 +1073,7 @@ gsc_add_seg(struct gen_sc *gsc, double x, double y, double d, double m) for (; s != end; s = LIST_NEXT(s, _next)) { s->y += m * d; } - return (0); + return 0; } /* get y-projection of a service curve */ static double @@ -1087,7 +1087,7 @@ sc_x2y(struct service_curve *sc, double x) /* y belongs to the 2nd segment */ y = (double)sc->d * (double)sc->m1 + (x - (double)sc->d) * (double)sc->m2; - return (y); + return y; } /* * check_commit_altq does consistency check for each interface @@ -1115,7 +1115,7 @@ check_commit_altq(void) } } } - return (error); + return error; } static int check_commit_cbq(struct npf_altq *pa) @@ -1146,7 +1146,7 @@ check_commit_cbq(struct npf_altq *pa) warnx("should have one default queue on %s", pa->ifname); error++; } - return (error); + return error; } static int check_commit_priq(struct npf_altq *pa) @@ -1170,7 +1170,7 @@ check_commit_priq(struct npf_altq *pa) warnx("should have one default queue on %s", pa->ifname); error++; } - return (error); + return error; } static int check_commit_hfsc(struct npf_altq *pa) @@ -1194,7 +1194,7 @@ check_commit_hfsc(struct npf_altq *pa) } if (default_class != 1) { warnx("should have one default queue on %s", pa->ifname); - return (1); + return 1; } /* make sure the default queue is a leaf */ TAILQ_FOREACH(altq, &altqs, entries) { @@ -1207,7 +1207,7 @@ check_commit_hfsc(struct npf_altq *pa) error++; } } - return (error); + return error; } void @@ -1308,9 +1308,9 @@ print_cbq_opts(const struct npf_altq *a) if (opts->flags & CBQCLF_DEFCLASS) printf(" default"); printf(" ) "); - return (1); + return 1; } else - return (0); + return 0; } static int @@ -1331,9 +1331,9 @@ print_priq_opts(const struct npf_altq *a) if (opts->flags & PRCF_DEFAULTCLASS) printf(" default"); printf(" ) "); - return (1); + return 1; } else - return (0); + return 0; } static int @@ -1374,9 +1374,9 @@ print_hfsc_opts(const struct npf_altq *a, const struct node_queue_opt *qopts) print_hfsc_sc("upperlimit", opts->ulsc_m1, opts->ulsc_d, opts->ulsc_m2, n_ulsc); printf(" ) "); - return (1); + return 1; } else - return (0); + return 0; } void @@ -1426,6 +1426,6 @@ npf_altq_destroy(int fd) altqsupport = npfctl_test_altqsupport(fd); if (!(altqsupport & (ioctl(fd, IOC_NPF_DESTROY_ALTQ) != -1))) if (errno != ENOENT) - err(1, "IOC_NPF_DESTROY_ALTQ"); + err(EXIT_FAILURE, "IOC_NPF_DESTROY_ALTQ"); return 0; } diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index 9b27bc26fa7a1..1c228514174de 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -1,18 +1,32 @@ -/* - * Copyright (c) Henning Brauer +/*- + * Copyright (c) 2011-2020 The NetBSD Foundation, Inc. + * All rights reserved. * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. + * This material is based upon work partially supported by The + * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ + #include #include #include @@ -43,8 +57,8 @@ struct queue_stats { int avgn; double avg_bytes; double avg_packets; - u_int64_t prev_bytes; - u_int64_t prev_packets; + uint64_t prev_bytes; + uint64_t prev_packets; }; struct npf_altq_node { struct npf_altq altq; @@ -72,7 +86,7 @@ npfctl_show_altq(int fd) int nodes; if ((nodes = npfctl_update_qstats(fd, &root)) < 0) - return (-1); + return -1; if (nodes == 0) printf("No queue in use\n"); for (node = root; node != NULL; node = node->next) { @@ -87,7 +101,7 @@ npfctl_show_altq(int fd) fflush(stdout); sleep(STAT_INTERVAL); if ((nodes = npfctl_update_qstats(fd, &root)) == -1) - return (-1); + return -1; for (node = root; node != NULL; node = node->next) { if (node->altq.ifname == NULL) continue; @@ -95,7 +109,7 @@ npfctl_show_altq(int fd) } } npfctl_free_altq_node(root); - return (0); + return 0; } int @@ -104,15 +118,15 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) struct npf_altq_node *node; struct npfioc_altq pa; struct npfioc_qstats pq; - u_int32_t mnr, nr; + uint32_t mnr, nr; struct queue_stats qstats; - static u_int32_t last_ticket; + static uint32_t last_ticket; memset(&pa, 0, sizeof(pa)); memset(&pq, 0, sizeof(pq)); memset(&qstats, 0, sizeof(qstats)); if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { warn("IOC_NPF_GET_ALTQS"); - return (-1); + return -1; } /* if a new set is found, start over */ if (pa.ticket != last_ticket && *root != NULL) { @@ -125,7 +139,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) pa.nr = nr; if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { warn("IOC_NPF_GET_ALTQ"); - return (-1); + return -1; } if (pa.altq.qid > 0) { pq.nr = nr; @@ -134,7 +148,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) pq.nbytes = sizeof(qstats.data); if (ioctl(fd, IOC_NPF_GET_QSTATS, &pq)) { warn("IOC_NPF_GET_QSTATS"); - return (-1); + return -1; } if ((node = npfctl_find_altq_node(*root, pa.altq.qname, pa.altq.ifname)) != NULL) { @@ -146,7 +160,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) } } } - return (mnr); + return mnr; } void @@ -154,10 +168,10 @@ npfctl_insert_altq_node(struct npf_altq_node **root, const struct npf_altq altq, const struct queue_stats qstats) { struct npf_altq_node *node; - node = calloc(1, sizeof(struct npf_altq_node)); + node = calloc(1, sizeof(*node)); if (node == NULL) - err(1, "npfctl_insert_altq_node: calloc"); - memcpy(&node->altq, &altq, sizeof(struct npf_altq)); + err(EXIT_FAILURE, "npfctl_insert_altq_node: calloc"); + memcpy(&node->altq, &altq, sizeof(altq)); memcpy(&node->qstats, &qstats, sizeof(qstats)); node->next = node->children = NULL; if (*root == NULL) @@ -192,15 +206,15 @@ npfctl_find_altq_node(struct npf_altq_node *root, const char *qname, for (node = root; node != NULL; node = node->next) { if (!strcmp(node->altq.qname, qname) && !(strcmp(node->altq.ifname, ifname))) - return (node); + return node; if (node->children != NULL) { child = npfctl_find_altq_node(node->children, qname, ifname); if (child != NULL) - return (child); + return child; } } - return (NULL); + return NULL; } void @@ -321,7 +335,7 @@ void update_avg(struct npf_altq_node *a) { struct queue_stats *qs; - u_int64_t b, p; + uint64_t b, p; int n; if (a->altq.qid == 0) return; From 7f07037822704da9778bb0667b2aab61b8021560 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 27 Dec 2024 13:05:52 +0000 Subject: [PATCH 14/75] proper spacing between functions --- sys/net/npf/npf_altq.c | 5 +++-- usr.sbin/npf/npfctl/npfctl_altq.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 223301f3348df..197700470b74e 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -26,6 +26,7 @@ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ + #include #include #include @@ -118,6 +119,7 @@ npf_get_altqs(void *data) paa->ticket = nticket_altqs_active; return 0 ; } + int npf_add_altq(void *data) { @@ -398,5 +400,4 @@ npf_get_qstats(void *data) } return error; } - -#endif /*ALTQ */ \ No newline at end of file +#endif /*ALTQ */ diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index d2b9ad84d12ea..38b95a2942526 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -110,6 +110,7 @@ struct node_queue *queues = NULL; n = n->next; \ } \ } while (0) + int npfctl_test_altqsupport(int dev) { @@ -244,6 +245,7 @@ expand_altq(struct npf_altq *a, const char *ifname, return errs; } + int expand_queue(struct npf_altq *a, const char *ifname, struct node_queue *nqueues, struct node_queue_bw bwspec, @@ -352,6 +354,7 @@ expand_queue(struct npf_altq *a, const char *ifname, else return 0; } + /* * eval_npfaltq computes the discipline parameters. */ @@ -389,6 +392,7 @@ eval_npfaltq(struct npf_altq *pa, struct node_queue_bw *bw, } return errors; } + int npf_eval_queue_opts(struct npf_altq *pa, struct node_queue_opt *opts, uint32_t ref_bw) @@ -442,6 +446,7 @@ npf_eval_queue_opts(struct npf_altq *pa, struct node_queue_opt *opts, } return errors; } + int npfctl_add_altq(struct npf_altq *a) { @@ -462,6 +467,7 @@ npfctl_add_altq(struct npf_altq *a) free(npaltq); return 0; } + void npfaltq_store(struct npf_altq *a) { @@ -472,6 +478,7 @@ npfaltq_store(struct npf_altq *a) TAILQ_INSERT_TAIL(&altqs, altq, entries); /* check altq presence in config */ } + uint32_t npf_eval_bwspec(struct node_queue_bw *bw, uint32_t ref_bw) { @@ -481,6 +488,7 @@ npf_eval_bwspec(struct node_queue_bw *bw, uint32_t ref_bw) return (ref_bw / 100 * bw->bw_percent); return 0; } + uint32_t get_ifspeed(char *ifname) { @@ -500,6 +508,7 @@ get_ifspeed(char *ifname) err(EXIT_FAILURE, "getifspeed: close"); return ((uint32_t)ifrdat->ifi_baudrate); } + u_long get_ifmtu(char *ifname) { @@ -522,6 +531,7 @@ get_ifmtu(char *ifname) return 1500; } } + /* * eval_npfqueue computes the queue parameters. */ @@ -606,6 +616,7 @@ eval_npfqueue(struct npf_altq *pa, struct node_queue_bw *bw, } return error; } + struct npf_altq * qname_to_npfaltq(const char *qname, const char *ifname) { @@ -617,6 +628,7 @@ qname_to_npfaltq(const char *qname, const char *ifname) } return NULL; } + uint32_t qname_to_qid(const char *qname) { @@ -647,6 +659,7 @@ ifdisc_lookup(struct npf_altq * altq) } return 0; } + struct npf_altq * npfaltq_lookup(const char *ifname) { @@ -658,6 +671,7 @@ npfaltq_lookup(const char *ifname) } return NULL; } + /* * CBQ support functions */ @@ -691,6 +705,7 @@ eval_npfqueue_cbq(struct npf_altq *pa) cbq_compute_idletime(pa); return 0; } + /* * compute ns_per_byte, maxidle, minidle, and offtime */ @@ -767,6 +782,7 @@ cbq_compute_idletime(struct npf_altq *pa) opts->offtime = (u_int)fabs(offtime); return 0; } + /* * PRIQ support functions */ @@ -789,6 +805,7 @@ eval_npfqueue_priq(struct npf_altq *pa) } return 0; } + /* * HFSC support functions */ @@ -912,6 +929,7 @@ eval_npfqueue_hfsc(struct npf_altq *pa) gsc_destroy(&lssc); return -1; } + #define R2S_BUFS 8 #define RATESTR_MAX 16 char * @@ -933,6 +951,7 @@ rate2str(double rate) snprintf(buf, RATESTR_MAX, "%d%cb", (int)rate, unit[i]); return buf; } + /* * admission control using generalized service curve */ @@ -946,6 +965,7 @@ gsc_add_sc(struct gen_sc *gsc, struct service_curve *sc) gsc_add_seg(gsc, 0.0, 0.0, (double)sc->d, (double)sc->m1); gsc_add_seg(gsc, (double)sc->d, 0.0, HUGE_VAL, (double)sc->m2); } + /* * check whether all points of a generalized service curve have * their y-coordinates no larger than a given two-piece linear @@ -990,6 +1010,7 @@ is_gsc_under_sc(struct gen_sc *gsc, struct service_curve *sc) } return 1; } + static void gsc_destroy(struct gen_sc *gsc) { @@ -999,6 +1020,7 @@ gsc_destroy(struct gen_sc *gsc) free(s); } } + /* * return a segment entry starting at x. * if gsc has no entry starting at x, a new entry is created at x. @@ -1051,6 +1073,7 @@ gsc_getentry(struct gen_sc *gsc, double x) } return new; } + /* add a segment to a generalized service curve */ static int gsc_add_seg(struct gen_sc *gsc, double x, double y, double d, double m) @@ -1075,6 +1098,7 @@ gsc_add_seg(struct gen_sc *gsc, double x, double y, double d, double m) } return 0; } + /* get y-projection of a service curve */ static double sc_x2y(struct service_curve *sc, double x) @@ -1089,6 +1113,7 @@ sc_x2y(struct service_curve *sc, double x) + (x - (double)sc->d) * (double)sc->m2; return y; } + /* * check_commit_altq does consistency check for each interface */ @@ -1117,6 +1142,7 @@ check_commit_altq(void) } return error; } + static int check_commit_cbq(struct npf_altq *pa) { @@ -1148,6 +1174,7 @@ check_commit_cbq(struct npf_altq *pa) } return error; } + static int check_commit_priq(struct npf_altq *pa) { @@ -1172,6 +1199,7 @@ check_commit_priq(struct npf_altq *pa) } return error; } + static int check_commit_hfsc(struct npf_altq *pa) { From cbfff41865e4bc6ea66282723bd2e8e13de94da1 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 27 Dec 2024 18:13:51 +0000 Subject: [PATCH 15/75] fix whitespaces --- sys/altq/altq_jobs.c | 38 ++++++++++++++++----------------- sys/net/npf/npf_altq.h | 3 +++ usr.sbin/npf/npfctl/npf_parse.y | 1 - usr.sbin/npf/npfctl/npf_scan.l | 9 ++++---- 4 files changed, 26 insertions(+), 25 deletions(-) diff --git a/sys/altq/altq_jobs.c b/sys/altq/altq_jobs.c index ae7cab7b402bc..cc51fd7078cf9 100644 --- a/sys/altq/altq_jobs.c +++ b/sys/altq/altq_jobs.c @@ -37,22 +37,22 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF * THE POSSIBILITY OF SUCH DAMAGE. */ -/* - * JoBS - altq prototype implementation - * +/* + * JoBS - altq prototype implementation + * * Author: Nicolas Christin * - * JoBS algorithms originally devised and proposed by + * JoBS algorithms originally devised and proposed by * Nicolas Christin and Jorg Liebeherr. - * Grateful acknowledgments to Tarek Abdelzaher for his help and + * Grateful acknowledgments to Tarek Abdelzaher for his help and * comments, and to Kenjiro Cho for some helpful advice. * Contributed by the Multimedia Networks Group at the University - * of Virginia. + * of Virginia. * - * Papers and additional info can be found at + * Papers and additional info can be found at * http://qosbox.cs.virginia.edu - * - */ + * + */ /* * JoBS queue @@ -315,25 +315,25 @@ jobs_class_create(struct jobs_if *jif, int pri, int64_t adc, int64_t rdc, if (adc == -1) { cl->concerned_adc = 0; adc = ALTQ_INFINITY; - } else + } else cl->concerned_adc = 1; if (alc == -1) { cl->concerned_alc = 0; alc = ALTQ_INFINITY; - } else + } else cl->concerned_alc = 1; if (rdc == -1) { rdc = 0; cl->concerned_rdc = 0; - } else + } else cl->concerned_rdc = 1; if (rlc == -1) { rlc = 0; cl->concerned_rlc = 0; - } else + } else cl->concerned_rlc = 1; if (arc == -1) { @@ -522,7 +522,7 @@ jobs_enqueue(struct ifaltq *ifq, struct mbuf *m) PKTCNTR_RESET(&scan->cl_rout); PKTCNTR_RESET(&scan->cl_rout_th); PKTCNTR_RESET(&scan->cl_arrival); - PKTCNTR_RESET(&scan->cl_dropcnt); + PKTCNTR_RESET(&scan->cl_dropcnt); scan->cl_lastdel = 0; scan->current_loss = 0; scan->service_rate = 0; @@ -556,7 +556,7 @@ jobs_enqueue(struct ifaltq *ifq, struct mbuf *m) PKTCNTR_RESET(&scan->cl_rout); PKTCNTR_RESET(&scan->cl_rout_th); PKTCNTR_RESET(&scan->cl_arrival); - PKTCNTR_RESET(&scan->cl_dropcnt); + PKTCNTR_RESET(&scan->cl_dropcnt); scan->current_loss = 0; scan->service_rate = 0; scan->idletime = now; @@ -978,7 +978,7 @@ tslist_enqueue(struct jobs_class *cl, u_int64_t arv) TSENTRY *pushed; pushed = malloc(sizeof(TSENTRY), M_DEVBUF, M_WAITOK); if (pushed == NULL) - return (0); + return (0); pushed->timestamp = arv; TAILQ_INSERT_TAIL(cl->arv_tm, pushed, ts_list); @@ -1161,7 +1161,7 @@ adjust_rates_rdc(struct jobs_if *jif) prop_control = (upper_bound*upper_bound*min_share) /(max_prod*(max_avg_pkt_size << 2)); - + prop_control = bps_to_internal(ticks_to_secs(prop_control)); /* in BT-1 */ credit = 0; @@ -1237,7 +1237,7 @@ adjust_rates_rdc(struct jobs_if *jif) cl = jif->jif_classes[i]; class_exists = (cl != NULL); is_backlogged = (class_exists && !qempty(cl->cl_q)); - + if (is_backlogged && cl->concerned_rdc) { available = result[i] + cl->service_rate-cl->min_rate_adc; @@ -1621,7 +1621,7 @@ min_rates_adc(struct jobs_if *jif) cl = jif->jif_classes[i]; class_exists = (cl != NULL); is_backlogged = (class_exists && !qempty(cl->cl_q)); - if (is_backlogged && cl->concerned_adc) { + if (is_backlogged && cl->concerned_adc) { remaining_time = cl->cl_adc - proj_delay(jif, i); if (remaining_time > 0 ) { /* min rate needed for ADC */ diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index 657806e6be368..0e1e9006325ee 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -58,9 +58,11 @@ struct npf_cbq_opts { u_int offtime; int flags; }; + struct npf_priq_opts { int flags; }; + struct npf_hfsc_opts { /* real-time service curve */ u_int rtsc_m1; /* slope of the 1st segment in bps */ @@ -76,6 +78,7 @@ struct npf_hfsc_opts { u_int ulsc_m2; int flags; }; + /* entries for our tail queue for our altqs */ struct npf_altq { char ifname[IFNAMSIZ]; diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index dffc3f786bbad..6723468eeee43 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -1075,7 +1075,6 @@ rule_queue } ; - block_opts : RETURNRST { $$ = NPF_RULE_RETRST; } | RETURNICMP { $$ = NPF_RULE_RETICMP; } diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index d46fbf36e2091..027c80d22385c 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -129,7 +129,7 @@ algo return ALGO; netmap return NETMAP; ipset return IPSET; "ip-hash" return IPHASH; -"round-robin" return ROUNDROBIN; +"round-robin" return ROUNDROBIN; npt66 return NPT66; "-" return MINUS; procedure return PROCEDURE; @@ -148,7 +148,7 @@ block return BLOCK; pass return PASS; pcap-filter return PCAP_FILTER; stateful return STATEFUL; -stateful-all return STATEFUL_ALL; +stateful-all return STATEFUL_ALL; apply return APPLY; final return FINAL; quick return FINAL; @@ -173,10 +173,9 @@ port return PORT; flags return FLAGS; icmp-type return ICMPTYPE; code return CODE; -any return ANY; - +any return ANY; altq return ALTQ; -cbq return CBQ; +cbq return CBQ; priq return PRIQ; hfsc return HFSC; bandwidth return BANDWIDTH; From e7216e72a74a3f0dffb21a651967b645193e718b Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 27 Dec 2024 18:39:03 +0000 Subject: [PATCH 16/75] fix copyright --- sys/net/npf/npf_altq.h | 2 +- sys/net/npf/npf_ctl.c | 2 +- sys/net/npf/npf_handler.c | 2 +- sys/net/npf/npf_impl.h | 2 +- sys/net/npf/npf_mbuf.c | 2 +- sys/net/npf/npf_os.c | 2 +- sys/net/npf/npf_ruleset.c | 2 +- sys/net/npf/npf_sendpkt.c | 2 +- usr.sbin/npf/npfctl/npf_build.c | 2 +- usr.sbin/npf/npfctl/npf_parse.y | 2 +- usr.sbin/npf/npfctl/npf_scan.l | 2 +- usr.sbin/npf/npfctl/npf_show.c | 2 +- usr.sbin/npf/npfctl/npfctl.c | 2 +- usr.sbin/npf/npfctl/npfctl.h | 2 +- usr.sbin/npf/npfctl/npfctl_altq.c | 2 +- usr.sbin/npf/npfctl/npfctl_qstats.c | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index 0e1e9006325ee..cfd8ed9945338 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2010-2012 The NetBSD Foundation, Inc. + * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_ctl.c b/sys/net/npf/npf_ctl.c index bace3a2d212c1..31a3a242746b5 100644 --- a/sys/net/npf/npf_ctl.c +++ b/sys/net/npf/npf_ctl.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2009-2020 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2020,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_handler.c b/sys/net/npf/npf_handler.c index f4c009719fe82..97abbc7656d9c 100644 --- a/sys/net/npf/npf_handler.c +++ b/sys/net/npf/npf_handler.c @@ -1,6 +1,6 @@ /*- * Copyright (c) 2020 Mindaugas Rasiukevicius - * Copyright (c) 2009-2013 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2013,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_impl.h b/sys/net/npf/npf_impl.h index 16660495a9a21..6a5eceb6a8dfe 100644 --- a/sys/net/npf/npf_impl.h +++ b/sys/net/npf/npf_impl.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2009-2019 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2019,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_mbuf.c b/sys/net/npf/npf_mbuf.c index 4bc343a040ca0..bb38e1e3be535 100644 --- a/sys/net/npf/npf_mbuf.c +++ b/sys/net/npf/npf_mbuf.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2009-2020 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2020,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 871d628009088..5eb9f9a61ef5b 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2009-2016 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2016,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_ruleset.c b/sys/net/npf/npf_ruleset.c index 6c6eabaacdebf..5deef1be58d99 100644 --- a/sys/net/npf/npf_ruleset.c +++ b/sys/net/npf/npf_ruleset.c @@ -1,6 +1,6 @@ /*- * Copyright (c) 2020 Mindaugas Rasiukevicius - * Copyright (c) 2009-2015 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2015,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_sendpkt.c b/sys/net/npf/npf_sendpkt.c index 5af007ed8c857..f7daa43a6ceff 100644 --- a/sys/net/npf/npf_sendpkt.c +++ b/sys/net/npf/npf_sendpkt.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2010-2011 The NetBSD Foundation, Inc. + * Copyright (c) 2010-2011,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/usr.sbin/npf/npfctl/npf_build.c b/usr.sbin/npf/npfctl/npf_build.c index 089445e424c2e..9578a4eac1dee 100644 --- a/usr.sbin/npf/npfctl/npf_build.c +++ b/usr.sbin/npf/npfctl/npf_build.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2011-2020 The NetBSD Foundation, Inc. + * Copyright (c) 2011-2020,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 6723468eeee43..252623db74e98 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2011-2020 The NetBSD Foundation, Inc. + * Copyright (c) 2011-2020,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index 027c80d22385c..83d10c8e035de 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2011-2012 The NetBSD Foundation, Inc. + * Copyright (c) 2011-2012,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation diff --git a/usr.sbin/npf/npfctl/npf_show.c b/usr.sbin/npf/npfctl/npf_show.c index 182cc8b513813..5962091e72d9e 100644 --- a/usr.sbin/npf/npfctl/npf_show.c +++ b/usr.sbin/npf/npfctl/npf_show.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2013-2020 The NetBSD Foundation, Inc. + * Copyright (c) 2013-2020,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation diff --git a/usr.sbin/npf/npfctl/npfctl.c b/usr.sbin/npf/npfctl/npfctl.c index 6bb10b9dda1ad..f1dad275b81e4 100644 --- a/usr.sbin/npf/npfctl/npfctl.c +++ b/usr.sbin/npf/npfctl/npfctl.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2009-2014 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2014,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index f85239db4a9c8..7e8c8e1f7ef5c 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2009-2017 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2017,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 38b95a2942526..2753bdecd2e7a 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2011-2020 The NetBSD Foundation, Inc. + * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index 1c228514174de..4e9dec0269b2b 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2011-2020 The NetBSD Foundation, Inc. + * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The From 86cd13739f0587a35dc17ca1b1c3cb4ef1bc8d81 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Sat, 28 Dec 2024 21:33:31 +0000 Subject: [PATCH 17/75] Revert "Compile-time error fix in altq" and return 0 This reverts commit d9c78348f92fafe1a8b8735fc038cb2553c0a3ae. --- sys/altq/altq_jobs.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/sys/altq/altq_jobs.c b/sys/altq/altq_jobs.c index cc51fd7078cf9..0f2b30daacded 100644 --- a/sys/altq/altq_jobs.c +++ b/sys/altq/altq_jobs.c @@ -1831,14 +1831,14 @@ int jobsclose(dev_t dev, int flag, int fmt, struct lwp *l) { - int error = 0; struct jobs_if *jif; + while ((jif = jif_list) != NULL) { /* destroy all */ if (ALTQ_IS_ENABLED(jif->jif_ifq)) altq_disable(jif->jif_ifq); - error = altq_detach(jif->jif_ifq); + int error = altq_detach(pif->pif_ifq); switch (error) { case 0: case ENXIO: /* already disabled */ @@ -1848,7 +1848,8 @@ jobsclose(dev_t dev, int flag, int fmt, } jobs_detach(jif); } - return error; + + return 0; } int From ebae4b689e4f7f798a47ae70d2b4850334880ab6 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 12:06:56 +0000 Subject: [PATCH 18/75] fix whitespaces --- distrib/sets/lists/comp/mi | 2 +- sys/net/npf/npf.h | 2 +- sys/net/npf/npf_altq.c | 14 +++---- usr.sbin/npf/npfctl/npf_parse.y | 72 ++++++++++++++++----------------- usr.sbin/npf/npfctl/npfctl.h | 2 +- 5 files changed, 46 insertions(+), 46 deletions(-) diff --git a/distrib/sets/lists/comp/mi b/distrib/sets/lists/comp/mi index 31d42b94bcf99..3bd96ba87bf6f 100644 --- a/distrib/sets/lists/comp/mi +++ b/distrib/sets/lists/comp/mi @@ -2762,7 +2762,7 @@ ./usr/include/net/net_stats.h comp-c-include ./usr/include/net/netisr.h comp-obsolete obsolete ./usr/include/net/npf.h comp-c-include -./usr/include/net/npf_altq.h comp-c-include +./usr/include/net/npf_altq.h comp-c-include ./usr/include/net/npf_ncode.h comp-obsolete obsolete ./usr/include/net/pfil.h comp-c-include ./usr/include/net/pfkeyv2.h comp-c-include diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index 6d27e5e1ca6d9..48195c17ffb4c 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2009-2014 The NetBSD Foundation, Inc. + * Copyright (c) 2009-2014,2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 197700470b74e..3219c5d9d8a53 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2010-2012 The NetBSD Foundation, Inc. + * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * * This material is based upon work partially supported by The @@ -111,12 +111,12 @@ npf_begin_altq(void) int npf_get_altqs(void *data) { - struct npfioc_altq *paa = (struct npfioc_altq *)data; - struct npf_altq *altq; - paa->nr = 0; - TAILQ_FOREACH(altq, npf_altqs_active, entries) - paa->nr++; - paa->ticket = nticket_altqs_active; + struct npfioc_altq *paa = (struct npfioc_altq *)data; + struct npf_altq *altq; + paa->nr = 0; + TAILQ_FOREACH(altq, npf_altqs_active, entries) + paa->nr++; + paa->ticket = nticket_altqs_active; return 0 ; } diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 252623db74e98..3f2a8cf50b5e1 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -203,7 +203,7 @@ yyerror(const char *fmt, ...) %token PARAM %token TABLE_ID %token VAR_ID -%token BW_SPEC +%token BW_SPEC %type addr some_name table_store dynamic_ifaddrs bw_spec %type proc_param_val opt_apply ifname on_ifname ifref @@ -222,15 +222,15 @@ yyerror(const char *fmt, ...) %type filt_opts all_or_filt_opts %type rawproto %type group_opts -%type queue_opts queue_opt queue_opts_l +%type queue_opts queue_opt queue_opts_l %type rule_queue %type qassign qassign_list qassign_item %type scheduler %type cbqflags_list cbqflags_item %type priqflags_list priqflags_item -%type hfscopts_list hfscopts_item hfsc_opts +%type hfscopts_list hfscopts_item hfsc_opts %type bandwidth -%type queue_flags +%type queue_flags %union { char * str; @@ -277,11 +277,11 @@ line altq : ALTQ on_ifname queue_opts QUEUE qassign { struct npf_altq a; - memset(&a, 0, sizeof(a)); if ($3.scheduler.qtype == ALTQT_NONE) { yyerror("no scheduler specified!"); YYERROR; } + memset(&a, 0, sizeof(a)); a.scheduler = $3.scheduler.qtype; a.qlimit = $3.qlimit; a.tbrsize = $3.tbrsize; @@ -295,7 +295,7 @@ altq : ALTQ on_ifname queue_opts QUEUE qassign { } ; -queuespec : QUEUE IDENTIFIER on_ifname queue_opts qassign { +queuespec : QUEUE IDENTIFIER on_ifname queue_opts qassign { struct npf_altq a; memset(&a, 0, sizeof(a)); @@ -327,7 +327,7 @@ queuespec : QUEUE IDENTIFIER on_ifname queue_opts qassign { ; queue_opts : { - memset(&queue_opts, 0, sizeof queue_opts ); + memset(&queue_opts, 0, sizeof(queue_opts)); queue_opts.priority = DEFAULT_PRIORITY; queue_opts.qlimit = DEFAULT_QLIMIT; queue_opts.scheduler.qtype = ALTQT_NONE; @@ -336,7 +336,7 @@ queue_opts : { queue_opts_l { $$ = queue_opts; } | /* empty */ { - memset(&queue_opts, 0, sizeof queue_opts); + memset(&queue_opts, 0, sizeof(queue_opts)); queue_opts.priority = DEFAULT_PRIORITY; queue_opts.qlimit = DEFAULT_QLIMIT; queue_opts.scheduler.qtype = ALTQT_NONE; @@ -349,7 +349,7 @@ queue_opts_l : queue_opts_l queue_opt | queue_opt ; -queue_opt : BANDWIDTH bandwidth { +queue_opt : BANDWIDTH bandwidth { if (queue_opts.marker & QOM_BWSPEC) { yyerror("bandwidth cannot be respecified"); YYERROR; @@ -357,7 +357,7 @@ queue_opt : BANDWIDTH bandwidth { queue_opts.marker |= QOM_BWSPEC; queue_opts.queue_bwspec = $2; } - | PRIORITY number { + | PRIORITY number { if (queue_opts.marker & QOM_PRIORITY) { yyerror("priority cannot be respecified"); YYERROR; @@ -369,7 +369,7 @@ queue_opt : BANDWIDTH bandwidth { queue_opts.marker |= QOM_PRIORITY; queue_opts.priority = $2; } - | QLIMIT number { + | QLIMIT number { if (queue_opts.marker & QOM_QLIMIT) { yyerror("qlimit cannot be respecified"); YYERROR; @@ -381,7 +381,7 @@ queue_opt : BANDWIDTH bandwidth { queue_opts.marker |= QOM_QLIMIT; queue_opts.qlimit = $2; } - | scheduler { + | scheduler { if (queue_opts.marker & QOM_SCHEDULER) { yyerror("scheduler cannot be respecified"); YYERROR; @@ -389,7 +389,7 @@ queue_opt : BANDWIDTH bandwidth { queue_opts.marker |= QOM_SCHEDULER; queue_opts.scheduler = $1; } - | TBRSIZE number { + | TBRSIZE number { if (queue_opts.marker & QOM_TBRSIZE) { yyerror("tbrsize cannot be respecified"); YYERROR; @@ -406,7 +406,7 @@ queue_opt : BANDWIDTH bandwidth { bandwidth : bw_spec { struct node_queue_bw bw; - if (npfctl_eval_bw(&bw, $1)){ + if (npfctl_eval_bw(&bw, $1)) { YYERROR; free($1); } @@ -418,38 +418,38 @@ bw_spec : BW_SPEC {$$ = $1; } ; -scheduler : CBQ { +scheduler : CBQ { $$.qtype = ALTQT_CBQ; $$.data.cbq_opts.flags = 0; } - | CBQ PAR_OPEN cbqflags_list PAR_CLOSE { + | CBQ PAR_OPEN cbqflags_list PAR_CLOSE { $$.qtype = ALTQT_CBQ; $$.data.cbq_opts.flags = $3; } - | PRIQ { + | PRIQ { $$.qtype = ALTQT_PRIQ; $$.data.priq_opts.flags = 0; } - | PRIQ PAR_OPEN priqflags_list PAR_CLOSE { + | PRIQ PAR_OPEN priqflags_list PAR_CLOSE { $$.qtype = ALTQT_PRIQ; $$.data.priq_opts.flags = $3; } - | HFSC { + | HFSC { $$.qtype = ALTQT_HFSC; bzero(&$$.data.hfsc_opts, sizeof(struct node_hfsc_opts)); } - | HFSC PAR_OPEN hfsc_opts PAR_CLOSE { + | HFSC PAR_OPEN hfsc_opts PAR_CLOSE { $$.qtype = ALTQT_HFSC; $$.data.hfsc_opts = $3; } ; -cbqflags_list : cbqflags_item { $$ |= $1; } +cbqflags_list : cbqflags_item { $$ |= $1; } | cbqflags_list COMMA cbqflags_item { $$ |= $3; } ; -cbqflags_item : IDENTIFIER { +cbqflags_item : IDENTIFIER { #ifdef CBQCLF_BORROW if (!strcmp($1, "borrow")) $$ = CBQCLF_BORROW; @@ -470,11 +470,11 @@ cbqflags_item : IDENTIFIER { | DEFAULT { $$ = CBQCLF_DEFCLASS; } ; -priqflags_list : priqflags_item { $$ |= $1; } +priqflags_list : priqflags_item { $$ |= $1; } | priqflags_list COMMA priqflags_item { $$ |= $3; } ; -priqflags_item : IDENTIFIER { +priqflags_item : IDENTIFIER { if (!strcmp($1, "red")) $$ = PRCF_RED; else if (!strcmp($1, "ecn")) @@ -493,10 +493,10 @@ priqflags_item : IDENTIFIER { hfsc_opts : { memset(&hfsc_opts, 0, - sizeof(struct node_hfsc_opts)); + sizeof(*$$)); } - hfscopts_list { - $$ = hfsc_opts; + hfsc_opts_list { + $$ = hfsc_opts; } ; @@ -504,7 +504,7 @@ hfscopts_list : hfscopts_item | hfscopts_list COMMA hfscopts_item ; -hfscopts_item : LINKSHARE bandwidth { +hfscopts_item : LINKSHARE bandwidth { if (hfsc_opts.linkshare.used) { yyerror("linkshare already specified"); YYERROR; @@ -523,7 +523,7 @@ hfscopts_item : LINKSHARE bandwidth { hfsc_opts.linkshare.m2 = $7; hfsc_opts.linkshare.used = 1; } - | REALTIME bandwidth { + | REALTIME bandwidth { if (hfsc_opts.realtime.used) { yyerror("realtime already specified"); YYERROR; @@ -542,7 +542,7 @@ hfscopts_item : LINKSHARE bandwidth { hfsc_opts.realtime.m2 = $7; hfsc_opts.realtime.used = 1; } - | UPPERLIMIT bandwidth { + | UPPERLIMIT bandwidth { if (hfsc_opts.upperlimit.used) { yyerror("upperlimit already specified"); YYERROR; @@ -561,7 +561,7 @@ hfscopts_item : LINKSHARE bandwidth { hfsc_opts.upperlimit.m2 = $7; hfsc_opts.upperlimit.used = 1; } - | IDENTIFIER { + | IDENTIFIER { if (!strcmp($1, "red")) hfsc_opts.flags |= HFCF_RED; else if (!strcmp($1, "ecn")) @@ -578,21 +578,21 @@ hfscopts_item : LINKSHARE bandwidth { | DEFAULT { hfsc_opts.flags |= HFCF_DEFAULTCLASS; } ; -qassign : /* empty */ { $$ = NULL; } +qassign : /* empty */ { $$ = NULL; } | qassign_item { $$ = $1; } | CURLY_OPEN qassign_list CURLY_CLOSE { $$ = $2; } ; -qassign_list : qassign_item { $$ = $1; } - | qassign_list COMMA qassign_item { +qassign_list : qassign_item { $$ = $1; } + | qassign_list COMMA qassign_item { $1->tail->next = $3; $1->tail = $3; $$ = $1; } ; -qassign_item : IDENTIFIER { - $$ = calloc(1, sizeof(struct node_queue)); +qassign_item : IDENTIFIER { + $$ = calloc(1, sizeof(*$$)); if ($$ == NULL) err(1, "qassign_item: calloc"); diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 7e8c8e1f7ef5c..0489bfdfea76f 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -76,7 +76,7 @@ struct node_hfsc_opts { struct node_queue_opt { int qtype; union { - struct npf_cbq_opts cbq_opts; + struct npf_cbq_opts cbq_opts; struct npf_priq_opts priq_opts; struct node_hfsc_opts hfsc_opts; } data; From 7051f34adc309379a0b9779fe06eefa9a35688a2 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 12:32:38 +0000 Subject: [PATCH 19/75] use right copyright details --- sys/net/npf/npf_altq.c | 7 ++++--- sys/net/npf/npf_altq.h | 5 +++-- usr.sbin/npf/npfctl/npf_parse.y | 3 ++- usr.sbin/npf/npfctl/npf_scan.l | 2 +- usr.sbin/npf/npfctl/npfctl_altq.c | 4 ++-- usr.sbin/npf/npfctl/npfctl_qstats.c | 4 ++-- 6 files changed, 14 insertions(+), 11 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 3219c5d9d8a53..ff722ad76e8a1 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -1,9 +1,10 @@ -/*- +/* NetBSD */ +/* * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * - * This material is based upon work partially supported by The - * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. + * This code is derived from software contributed to The NetBSD Foundation + * by Emmanuel Nyarko * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index cfd8ed9945338..852e0a0f52601 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -1,9 +1,10 @@ +/* NetBSD */ /*- * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * - * This material is based upon work partially supported by The - * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. + * This code is derived from software contributed to The NetBSD Foundation + * by Emmanuel Nyarko * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 3f2a8cf50b5e1..015e999d2328b 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -3,7 +3,8 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Martin Husemann, Christos Zoulas and Mindaugas Rasiukevicius. + * by Martin Husemann, Christos Zoulas, Mindaugas Rasiukevicius and + * Emmanuel Nyarko * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index 83d10c8e035de..1e4481a877b0f 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -3,7 +3,7 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Martin Husemann. + * by Martin Husemann and Emmanuel Nyarko * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 2753bdecd2e7a..1c5c18800d7d6 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -2,8 +2,8 @@ * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * - * This material is based upon work partially supported by The - * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. + * This code is derived from software contributed to The NetBSD Foundation + * by Emmanuel Nyarko * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index 4e9dec0269b2b..4f804f8d5ea20 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -2,8 +2,8 @@ * Copyright (c) 2024 The NetBSD Foundation, Inc. * All rights reserved. * - * This material is based upon work partially supported by The - * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. + * This code is derived from software contributed to The NetBSD Foundation + * by Emmanuel Nyarko * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions From a899c775a7c4168dad0005605aa91a4a08464dfc Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 12:41:32 +0000 Subject: [PATCH 20/75] fix whitespace in scanner --- usr.sbin/npf/npfctl/npf_scan.l | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index 1e4481a877b0f..a1cd1b33520ae 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -129,7 +129,7 @@ algo return ALGO; netmap return NETMAP; ipset return IPSET; "ip-hash" return IPHASH; -"round-robin" return ROUNDROBIN; +"round-robin" return ROUNDROBIN; npt66 return NPT66; "-" return MINUS; procedure return PROCEDURE; @@ -148,7 +148,7 @@ block return BLOCK; pass return PASS; pcap-filter return PCAP_FILTER; stateful return STATEFUL; -stateful-all return STATEFUL_ALL; +stateful-all return STATEFUL_ALL; apply return APPLY; final return FINAL; quick return FINAL; @@ -156,7 +156,7 @@ on return ON; off return OFF; inet6 return INET6; inet4 return INET4; -ifaddrs return IFADDRS; +ifaddrs return IFADDRS; proto return PROTO; family return FAMILY; tcp return TCP; @@ -166,14 +166,14 @@ ipv6-icmp { yylval.num = IPPROTO_ICMPV6; return ICMP6; } return-rst return RETURNRST; return-icmp return RETURNICMP; return return RETURN; -ruleset return RULESET; +ruleset return RULESET; from return FROM; to return TO; port return PORT; flags return FLAGS; icmp-type return ICMPTYPE; code return CODE; -any return ANY; +any return ANY; altq return ALTQ; cbq return CBQ; priq return PRIQ; From e80bde534dacd7fb71c3daa324bd8fc39222e9df Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 12:53:01 +0000 Subject: [PATCH 21/75] fix whitespace in scanner --- usr.sbin/npf/npfctl/npf_scan.l | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index a1cd1b33520ae..b5fb97d69f364 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -1,4 +1,4 @@ -/*- +*- * Copyright (c) 2011-2012,2024 The NetBSD Foundation, Inc. * All rights reserved. * @@ -156,7 +156,7 @@ on return ON; off return OFF; inet6 return INET6; inet4 return INET4; -ifaddrs return IFADDRS; +ifaddrs return IFADDRS; proto return PROTO; family return FAMILY; tcp return TCP; @@ -166,7 +166,7 @@ ipv6-icmp { yylval.num = IPPROTO_ICMPV6; return ICMP6; } return-rst return RETURNRST; return-icmp return RETURNICMP; return return RETURN; -ruleset return RULESET; +ruleset return RULESET; from return FROM; to return TO; port return PORT; From 60ebc66b8eb2dd6c5c932580b2a7a6a67541235e Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 14:11:31 +0000 Subject: [PATCH 22/75] align bw spec whitespace --- usr.sbin/npf/npfctl/npf_parse.y | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 015e999d2328b..6dd8b2c6b4369 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -415,8 +415,7 @@ bandwidth : bw_spec { } ; -bw_spec : BW_SPEC - {$$ = $1; } +bw_spec : BW_SPEC {$$ = $1; } ; scheduler : CBQ { From 403fe9afe47ada1311b25d74c0536b457dfbdb5d Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 14:44:19 +0000 Subject: [PATCH 23/75] use sized types for queue opts --- sys/net/npf/npf_altq.h | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index 852e0a0f52601..208e624b15a4c 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -49,14 +49,14 @@ * options defined on the cbq, priq and hfsc when configuring them */ struct npf_cbq_opts { - u_int minburst; - u_int maxburst; - u_int pktsize; - u_int maxpktsize; - u_int ns_per_byte; - u_int maxidle; - int minidle; - u_int offtime; + uint32_t minburst; + uint32_t maxburst; + uint32_t pktsize; + uint32_t maxpktsize; + uint32_t ns_per_byte; + uint32_t maxidle; + int minidle; + uint32_t offtime; int flags; }; @@ -66,17 +66,17 @@ struct npf_priq_opts { struct npf_hfsc_opts { /* real-time service curve */ - u_int rtsc_m1; /* slope of the 1st segment in bps */ - u_int rtsc_d; /* the x-projection of m1 in msec */ - u_int rtsc_m2; /* slope of the 2nd segment in bps */ + uint32_t rtsc_m1; /* slope of the 1st segment in bps */ + uint32_t rtsc_d; /* the x-projection of m1 in msec */ + uint32_t rtsc_m2; /* slope of the 2nd segment in bps */ /* link-sharing service curve */ - u_int lssc_m1; - u_int lssc_d; - u_int lssc_m2; + uint32_t lssc_m1; + uint32_t lssc_d; + uint32_t lssc_m2; /* upper-limit service curve */ - u_int ulsc_m1; - u_int ulsc_d; - u_int ulsc_m2; + uint32_t ulsc_m1; + uint32_t ulsc_d; + uint32_t ulsc_m2; int flags; }; From 8f3538190ec441b13f363d00ed1f161e67f15e9d Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 14:56:59 +0000 Subject: [PATCH 24/75] put everything in ALTQ defined block --- sys/net/npf/npf_altq.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index ff722ad76e8a1..9889cc4a1db81 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -28,6 +28,11 @@ * POSSIBILITY OF SUCH DAMAGE. */ +#ifdef _KERNEL_OPT +#include "opt_inet.h" +#include "opt_altq.h" +#endif +#ifdef ALTQ #include #include #include @@ -42,17 +47,10 @@ #include #include #include -#ifdef _KERNEL_OPT -#include "opt_inet.h" -#include "opt_altq.h" -#endif -#ifdef ALTQ #include -#endif #include "npf_altq.h" #include "npf.h" -#ifdef ALTQ /* * starting point of altq kernel routines */ From 40efed2ec1a996ccad7d3c27d667ff54e736c191 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 15:07:36 +0000 Subject: [PATCH 25/75] fix whitespace in npftest Makefile --- usr.sbin/npf/npftest/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/npf/npftest/Makefile b/usr.sbin/npf/npftest/Makefile index fb003a7501725..978c5e78aeaac 100644 --- a/usr.sbin/npf/npftest/Makefile +++ b/usr.sbin/npf/npftest/Makefile @@ -18,7 +18,7 @@ DPADD+= ${LIBNPFTEST}/libnpftest.a LDADD+= -L${LIBNPFTEST} -lnpftest LDADD+= -lrump -lrumpvfs_nofifofs -lrumpvfs -lrumpuser -LDADD+= -lrumpnet -lrumpnet_net -lrumpdev_bpf -lrumpnet_altq +LDADD+= -lrumpnet -lrumpnet_net -lrumpdev_bpf -lrumpnet_altq .if ${RUMP_SANITIZE:Uno} != "no" LDADD+= -fsanitize=${RUMP_SANITIZE} From 7733e6959e79f2ad8668ba78af7085b92411fb45 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 15:24:50 +0000 Subject: [PATCH 26/75] proper spacing in rule queue --- usr.sbin/npf/npfctl/npf_parse.y | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 6dd8b2c6b4369..7c6a1a900c2c0 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -1062,16 +1062,16 @@ rule_queue } | QUEUE STRING { - $$.qname = $2; + $$.qname = $2; } | QUEUE PAR_OPEN STRING PAR_CLOSE { - $$.qname = $3; + $$.qname = $3; } | QUEUE PAR_OPEN STRING COMMA STRING PAR_CLOSE { - $$.qname = $3; - $$.pqname = $5; + $$.qname = $3; + $$.pqname = $5; } ; From 0273dcc29343e57697d394b8e3d71558160ca21c Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 15:27:07 +0000 Subject: [PATCH 27/75] full stop in copyright detail --- sys/net/npf/npf_altq.c | 2 +- sys/net/npf/npf_altq.h | 2 +- usr.sbin/npf/npfctl/npf_parse.y | 2 +- usr.sbin/npf/npfctl/npf_scan.l | 2 +- usr.sbin/npf/npfctl/npfctl_altq.c | 2 +- usr.sbin/npf/npfctl/npfctl_qstats.c | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 9889cc4a1db81..87e8414eb6878 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -4,7 +4,7 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Emmanuel Nyarko + * by Emmanuel Nyarko. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index 208e624b15a4c..69c3d5fa93a39 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -4,7 +4,7 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Emmanuel Nyarko + * by Emmanuel Nyarko. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 7c6a1a900c2c0..52654589b08b2 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -4,7 +4,7 @@ * * This code is derived from software contributed to The NetBSD Foundation * by Martin Husemann, Christos Zoulas, Mindaugas Rasiukevicius and - * Emmanuel Nyarko + * Emmanuel Nyarko. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index b5fb97d69f364..db63e61e5f6c7 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -3,7 +3,7 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Martin Husemann and Emmanuel Nyarko + * by Martin Husemann and Emmanuel Nyarko. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 1c5c18800d7d6..4dbcc2b3eccbb 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -3,7 +3,7 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Emmanuel Nyarko + * by Emmanuel Nyarko. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index 4f804f8d5ea20..b4eb32196a460 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -3,7 +3,7 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Emmanuel Nyarko + * by Emmanuel Nyarko. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions From f8014a9f6322e9142c81e198002f18105720d010 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 15:40:17 +0000 Subject: [PATCH 28/75] clear verbosity --- sys/net/npf/npf_ctl.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sys/net/npf/npf_ctl.c b/sys/net/npf/npf_ctl.c index 31a3a242746b5..b3387d4832aab 100644 --- a/sys/net/npf/npf_ctl.c +++ b/sys/net/npf/npf_ctl.c @@ -363,13 +363,12 @@ npf_mk_singlerule(npf_t *npf, const nvlist_t *req, nvlist_t *resp, if (npf_altq_loaded) { /* assign the rule queues, if any */ const char *qname; - printf("finding queues......\n"); + qname = dnvlist_get_string(req, "queue", NULL); if (qname != NULL) { if (npf_rule_setqid(rl, qname)) { goto err; } - printf("the queues are found...\n"); if (!altqattached) altqattached = 1; } From 7bd6cea151b4615e709680f4b28b0c4a0fc31e0c Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 15:40:58 +0000 Subject: [PATCH 29/75] fix whitespace: put comments beside --- sys/net/npf/npf_os.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 5eb9f9a61ef5b..723bfa3769492 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -289,8 +289,7 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) case IOC_NPF_GET_ALTQS: return npf_get_altqs(data); case IOC_NPF_BEGIN_ALTQ: - /* initialize all queueing components on the first attempt*/ - if (!npf_altq_loaded) { + if (!npf_altq_loaded) { /* initialize all queueing components on the first attempt*/ npf_altq_init(); } return npf_begin_altq(); From 70646c23d5e903222a8c1fc061bebe243899923f Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 15:43:50 +0000 Subject: [PATCH 30/75] rightly align fields --- sys/net/npf/npf.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index 48195c17ffb4c..650ea8035bb38 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -315,18 +315,18 @@ typedef struct npf_ioctl_table { } npf_ioctl_table_t; struct npfioc_altq { - u_int32_t action; - u_int32_t ticket; - u_int32_t nr; + uint32_t action; + uint32_t ticket; + uint32_t nr; struct npf_altq altq; }; struct npfioc_qstats { - u_int32_t ticket; - u_int32_t nr; + uint32_t ticket; + uint32_t nr; void *buf; - int nbytes; - u_int8_t scheduler; + int nbytes; + uint8_t scheduler; }; /* From c1d4d2912f37ad9ee0349822d58a3fec05f17bfb Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 17:11:31 +0000 Subject: [PATCH 31/75] use right comment indennt --- sys/net/npf/npf_os.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 723bfa3769492..bdd2eafd312d7 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -289,7 +289,8 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) case IOC_NPF_GET_ALTQS: return npf_get_altqs(data); case IOC_NPF_BEGIN_ALTQ: - if (!npf_altq_loaded) { /* initialize all queueing components on the first attempt*/ + /* initialize all queueing components on the first attempt */ + if (!npf_altq_loaded) { npf_altq_init(); } return npf_begin_altq(); From 52e2d09715bd6f907afb6979bc4bfa662ff2301a Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Mon, 30 Dec 2024 17:48:38 +0000 Subject: [PATCH 32/75] no cast in malloc, use sizeof(dest), and uintX_t --- sys/net/npf/npf_altq.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 87e8414eb6878..37a9a795f72e2 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -55,8 +55,8 @@ * starting point of altq kernel routines */ bool npf_altq_running = false; -u_int32_t nticket_altqs_active; -u_int32_t nticket_altqs_inactive; +uint32_t nticket_altqs_active; +uint32_t nticket_altqs_inactive; struct npf_altqqueue *npf_altqs_active; struct npf_altqqueue *npf_altqs_inactive; struct npf_altqqueue npf_altqs[2]; @@ -96,13 +96,12 @@ npf_begin_altq(void) TAILQ_REMOVE(npf_altqs_inactive, altq, entries); if (altq->qname[0] == 0) { /* detach and destroy the discipline */ - error = altq_remove(altq); + if ((error = altq_remove(altq)) != 0) + return error; } else npf_qid_unref(altq->qid); pool_put(&npf_altq_pl, altq); } - if (error) - return error; return 0; } @@ -131,7 +130,7 @@ npf_add_altq(void *data) error = ENOMEM; return error; } - memcpy(altq, &paa->altq, sizeof(paa->altq)); + memcpy(altq, &paa->altq, sizeof(*altq)); /* * if this is for a queue, find the discipline and * copy the necessary fields @@ -156,7 +155,7 @@ npf_add_altq(void *data) return error; } TAILQ_INSERT_TAIL(npf_altqs_inactive, altq, entries); - memcpy(&paa->altq, altq, sizeof(*altq)); + memcpy(&paa->altq, altq, sizeof(paa->altq)); if (!npf_altq_loaded) npf_altq_loaded = 1; @@ -241,7 +240,7 @@ npftagname2tag(struct npf_tags *head, char *tagname) if (new_tagid > TAGID_MAX) return 0; /* allocate and fill new struct npf_tagname */ - tag = (struct npf_tagname *)malloc(sizeof(*tag), + tag = malloc(sizeof(*tag), M_TEMP, M_NOWAIT); if (tag == NULL) return 0; From 7018fa1b4bc693b4c246d28e6a24f1fcd1e39b91 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 06:28:57 +0000 Subject: [PATCH 33/75] single responsibility principle: expand_altq extract root queue creation and appending queue routine from expand_altq function to obtain a shorter funciton --- usr.sbin/npf/npfctl/npfctl_altq.c | 148 ++++++++++++++++++------------ 1 file changed, 87 insertions(+), 61 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 4dbcc2b3eccbb..6eb3ed6d3cc4d 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -52,6 +52,8 @@ #include "npfctl.h" LIST_HEAD(gen_sc, segment) rtsc, lssc; +static int npf_add_root_queue(struct npf_altq, char *, + char *, struct node_queue_opt *); static int eval_npfqueue_cbq(struct npf_altq *); static int cbq_compute_idletime(struct npf_altq *); static int check_commit_cbq(struct npf_altq *); @@ -63,6 +65,8 @@ static int eval_npfqueue_hfsc(struct npf_altq *); static int check_commit_hfsc(struct npf_altq *); static int print_hfsc_opts(const struct npf_altq *, const struct node_queue_opt *); +static void npfctl_append_queue(struct npf_altq pa, char *, + char *); static void gsc_add_sc(struct gen_sc *, struct service_curve *); static int is_gsc_under_sc(struct gen_sc *, struct service_curve *); @@ -97,7 +101,7 @@ struct node_queue *queues = NULL; do { \ T *n; \ if (r == NULL) { \ - r = calloc(1, sizeof(T)); \ + r = calloc(1, sizeof(*r)); \ if (r == NULL) \ err(EXIT_FAILURE, "LOOP: calloc"); \ r->next = NULL; \ @@ -115,9 +119,9 @@ int npfctl_test_altqsupport(int dev) { struct npfioc_altq pa; - if (ioctl(dev, IOC_NPF_GET_ALTQS, &pa)) { + if (ioctl(dev, IOC_NPF_GET_ALTQS, &pa) == -1) { if (errno == ENODEV) { - fprintf(stderr, "No ALTQ support in kernel\n" + warnx("No ALTQ support in kernel\n" "ALTQ related functions disabled\n"); return 0; } else @@ -127,7 +131,7 @@ npfctl_test_altqsupport(int dev) } /* evaluate bandwidth */ int -npfctl_eval_bw(struct node_queue_bw * bw, char * bw_spec) +npfctl_eval_bw(struct node_queue_bw *bw, char *bw_spec) { double bps; char *cp; @@ -159,18 +163,83 @@ npfctl_eval_bw(struct node_queue_bw * bw, char * bw_spec) return 0; } +/* create root queue for cbq or hfsc */ +static int +npf_add_root_queue(struct npf_altq pa, char * ifname, + char qname[], struct node_queue_opt *opts) +{ + struct node_queue_bw bw; + struct npf_altq pb; + int errs = 0; + + /* now create a root queue */ + memset(&pb, 0, sizeof(pb)); + if (strlcpy(qname, "root_", sizeof(qname)) >= + sizeof(qname)) + errx(EXIT_FAILURE, "add_root: strlcpy"); + if (strlcat(qname, ifname, + sizeof(qname)) >= sizeof(qname)) + errx(EXIT_FAILURE, "add_root: strlcat"); + if (strlcpy(pb.qname, qname, + sizeof(pb.qname)) >= sizeof(pb.qname)) + errx(EXIT_FAILURE, "add_root: strlcpy"); + if (strlcpy(pb.ifname, ifname, + sizeof(pb.ifname)) >= sizeof(pb.ifname)) + errx(EXIT_FAILURE, "add_root: strlcpy"); + pb.qlimit = pa.qlimit; + pb.scheduler = pa.scheduler; + bw.bw_absolute = pa.ifbandwidth; + bw.bw_percent = 0; + if (eval_npfqueue(&pb, &bw, opts)) + errs++; + else + if (npfctl_add_altq(&pb)) + errs++; + return errs; +} + +static void +npfctl_append_queue(struct npf_altq pa, char *ifname, + char qname[], struct node_queue *queue) +{ + struct node_queue *n; + n = calloc(1, sizeof(*n)); + if (n == NULL) + err(EXIT_FAILURE, "append_queue: calloc"); + if (pa.scheduler == ALTQT_CBQ || + pa.scheduler == ALTQT_HFSC) + if (strlcpy(n->parent, qname, + sizeof(n->parent)) >= + sizeof(n->parent)) + errx(EXIT_FAILURE, "append_queue: strlcpy"); + if (strlcpy(n->queue, queue->queue, + sizeof(n->queue)) >= sizeof(n->queue)) + errx(EXIT_FAILURE, "append_queue: strlcpy"); + if (strlcpy(n->ifname, ifname, + sizeof(n->ifname)) >= sizeof(n->ifname)) + errx(EXIT_FAILURE, "append_queue: strlcpy"); + n->scheduler = pa.scheduler; + n->next = NULL; + n->tail = n; + if (queues == NULL) + queues = n; + else { + queues->tail->next = n; + queues->tail = n; + } +} + int expand_altq(struct npf_altq *a, const char *ifname, struct node_queue *nqueues, struct node_queue_bw bwspec, struct node_queue_opt *opts) { - struct npf_altq pa, pb; + struct npf_altq pa; char qname[NPF_QNAME_SIZE]; - struct node_queue *n; - struct node_queue_bw bw; int errs = 0; npfdev = npfctl_open_dev(NPF_DEV_PATH); - memcpy(&pa, a, sizeof(*a)); + + memcpy(&pa, a, sizeof(pa)); if (strlcpy(pa.ifname, ifname, sizeof(pa.ifname)) >= sizeof(pa.ifname)) errx(1, "expand_altq: strlcpy"); @@ -187,59 +256,16 @@ expand_altq(struct npf_altq *a, const char *ifname, errs++; } } else - errx(1, "cannot begin altq: altq_begin"); + errx(EXIT_FAILURE, "cannot begin altq: altq_begin"); + if (pa.scheduler == ALTQT_CBQ || pa.scheduler == ALTQT_HFSC) { /* now create a root queue */ - memset(&pb, 0, sizeof(pb)); - if (strlcpy(qname, "root_", sizeof(qname)) >= - sizeof(qname)) - errx(1, "expand_altq: strlcpy"); - if (strlcat(qname, ifname, - sizeof(qname)) >= sizeof(qname)) - errx(1, "expand_altq: strlcat"); - if (strlcpy(pb.qname, qname, - sizeof(pb.qname)) >= sizeof(pb.qname)) - errx(1, "expand_altq: strlcpy"); - if (strlcpy(pb.ifname, ifname, - sizeof(pb.ifname)) >= sizeof(pb.ifname)) - errx(1, "expand_altq: strlcpy"); - pb.qlimit = pa.qlimit; - pb.scheduler = pa.scheduler; - bw.bw_absolute = pa.ifbandwidth; - bw.bw_percent = 0; - if (eval_npfqueue(&pb, &bw, opts)) - errs++; - else - if (npfctl_add_altq(&pb)) - errs++; - } - LOOP_THROUGH(struct node_queue, queue, nqueues, - n = calloc(1, sizeof(struct node_queue)); - if (n == NULL) - err(EXIT_FAILURE, "expand_altq: calloc"); - if (pa.scheduler == ALTQT_CBQ || - pa.scheduler == ALTQT_HFSC) - if (strlcpy(n->parent, qname, - sizeof(n->parent)) >= - sizeof(n->parent)) - errx(1, "expand_altq: strlcpy"); - if (strlcpy(n->queue, queue->queue, - sizeof(n->queue)) >= sizeof(n->queue)) - errx(1, "expand_altq: strlcpy"); - if (strlcpy(n->ifname, ifname, - sizeof(n->ifname)) >= sizeof(n->ifname)) - errx(1, "expand_altq: strlcpy"); - n->scheduler = pa.scheduler; - n->next = NULL; - n->tail = n; - if (queues == NULL) - queues = n; - else { - queues->tail->next = n; - queues->tail = n; + if (npf_add_root_queue(pa, ifname, qname, opts)) + errx(EXIT_FAILURE, "cannot add root queue"); } - ); + LOOP_THROUGH(struct node_queue, queue, nqueues, + npfctl_append_queue(pa, ifname, qname, queue)); } FREE_LIST(struct node_queue, nqueues); @@ -268,7 +294,7 @@ expand_queue(struct npf_altq *a, const char *ifname, (strncmp(ifname, tqueue->ifname, IFNAMSIZ)))){ /* found ourself in the child queues */ found++; - memcpy(&pa, a, sizeof(*a)); + memcpy(&pa, a, sizeof(pa)); if (pa.scheduler != ALTQT_NONE && pa.scheduler != tqueue->scheduler) { yyerror("exactly one scheduler type " @@ -316,7 +342,7 @@ expand_queue(struct npf_altq *a, const char *ifname, continue; } n = calloc(1, - sizeof(struct node_queue)); + sizeof(*n)); if (n == NULL) err(EXIT_FAILURE, "expand_queue: calloc"); if (strlcpy(n->parent, a->qname, @@ -453,7 +479,7 @@ npfctl_add_altq(struct npf_altq *a) struct npfioc_altq *npaltq; if ((npaltq = malloc(sizeof(*npaltq))) == NULL) err(EXIT_FAILURE, "malloc"); - memcpy(&npaltq->altq, a, sizeof(struct npf_altq)); + memcpy(&npaltq->altq, a, sizeof(npaltq->altq)); if (ioctl(npfdev, IOC_NPF_ADD_ALTQ, npaltq)) { if (errno == ENXIO) errx(1, "qtype not configured"); @@ -474,7 +500,7 @@ npfaltq_store(struct npf_altq *a) struct npf_altq *altq; if ((altq = malloc(sizeof(*altq))) == NULL) err(EXIT_FAILURE, "malloc"); - memcpy(altq, a, sizeof(*a)); + memcpy(altq, a, sizeof(*altq)); TAILQ_INSERT_TAIL(&altqs, altq, entries); /* check altq presence in config */ } From 1c55bfdff626902e57d9882abc16594971e62dd8 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 13:48:46 +0000 Subject: [PATCH 34/75] quest for shorter functions: extract queue appending from expand queue --- usr.sbin/npf/npfctl/npfctl_altq.c | 74 +++++++++++++++++++------------ 1 file changed, 46 insertions(+), 28 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 6eb3ed6d3cc4d..8d0702e613f65 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -65,8 +65,10 @@ static int eval_npfqueue_hfsc(struct npf_altq *); static int check_commit_hfsc(struct npf_altq *); static int print_hfsc_opts(const struct npf_altq *, const struct node_queue_opt *); -static void npfctl_append_queue(struct npf_altq pa, char *, +static void altq_append_queues(struct npf_altq pa, char *, char *); +static void queue_append_queues(struct npf_altq *, struct node_queue *, + struct node_queue *); static void gsc_add_sc(struct gen_sc *, struct service_curve *); static int is_gsc_under_sc(struct gen_sc *, struct service_curve *); @@ -198,8 +200,12 @@ npf_add_root_queue(struct npf_altq pa, char * ifname, return errs; } +/* + * child queues set on altq decl will be appended to global queue here: + * altq on .... queue {a,b ,c } + */ static void -npfctl_append_queue(struct npf_altq pa, char *ifname, +altq_append_queues(struct npf_altq pa, char *ifname, char qname[], struct node_queue *queue) { struct node_queue *n; @@ -229,6 +235,42 @@ npfctl_append_queue(struct npf_altq pa, char *ifname, } } +/* + * child queues set on new defining child queues appended on a global queue: + * queue .... queue {a, b, b} + */ +static void +queue_append_queues(struct npf_altq *a, struct node_queue *tqueue, + struct node_queue *nq) +{ + struct node_queue *n; + n = calloc(1, + sizeof(*n)); + if (n == NULL) + err(EXIT_FAILURE, "expand_queue: calloc"); + if (strlcpy(n->parent, a->qname, + sizeof(n->parent)) >= + sizeof(n->parent)) + errx(EXIT_FAILURE, "expand_queue strlcpy"); + if (strlcpy(n->queue, nq->queue, + sizeof(n->queue)) >= + sizeof(n->queue)) + errx(EXIT_FAILURE, "expand_queue strlcpy"); + if (strlcpy(n->ifname, tqueue->ifname, + sizeof(n->ifname)) >= + sizeof(n->ifname)) + errx(EXIT_FAILURE, "expand_queue strlcpy"); + n->scheduler = tqueue->scheduler; + n->next = NULL; + n->tail = n; + if (queues == NULL) + queues = n; + else { + queues->tail->next = n; + queues->tail = n; + } +} + int expand_altq(struct npf_altq *a, const char *ifname, struct node_queue *nqueues, struct node_queue_bw bwspec, @@ -265,7 +307,7 @@ expand_altq(struct npf_altq *a, const char *ifname, errx(EXIT_FAILURE, "cannot add root queue"); } LOOP_THROUGH(struct node_queue, queue, nqueues, - npfctl_append_queue(pa, ifname, qname, queue)); + altq_append_queues(pa, ifname, qname, queue)); } FREE_LIST(struct node_queue, nqueues); @@ -341,31 +383,7 @@ expand_queue(struct npf_altq *a, const char *ifname, errs++; continue; } - n = calloc(1, - sizeof(*n)); - if (n == NULL) - err(EXIT_FAILURE, "expand_queue: calloc"); - if (strlcpy(n->parent, a->qname, - sizeof(n->parent)) >= - sizeof(n->parent)) - errx(1, "expand_queue strlcpy"); - if (strlcpy(n->queue, nq->queue, - sizeof(n->queue)) >= - sizeof(n->queue)) - errx(1, "expand_queue strlcpy"); - if (strlcpy(n->ifname, tqueue->ifname, - sizeof(n->ifname)) >= - sizeof(n->ifname)) - errx(1, "expand_queue strlcpy"); - n->scheduler = tqueue->scheduler; - n->next = NULL; - n->tail = n; - if (queues == NULL) - queues = n; - else { - queues->tail->next = n; - queues->tail = n; - } + queue_append_queues(a, tqueue, nq); } } ); From ea45bd187a50f922a014de1c147e10a5d41365dd Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 15:20:38 +0000 Subject: [PATCH 35/75] misc: fix missing return type on setqueue --- lib/libnpf/npf.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/libnpf/npf.c b/lib/libnpf/npf.c index c5f76a58ec668..90d85cda07655 100644 --- a/lib/libnpf/npf.c +++ b/lib/libnpf/npf.c @@ -735,6 +735,7 @@ npf_rule_setproc(nl_rule_t *rl, const char *name) return nvlist_error(rl->rule_dict); } +int npf_rule_setqueue(nl_rule_t *rl, const char *qname) { nvlist_add_string(rl->rule_dict, "queue", qname); From 8ea898a625c7160cb5a1e85c7d8581be62326490 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 16:09:10 +0000 Subject: [PATCH 36/75] add npf stuff to expected symbols --- lib/libnpf/npf.expsym | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/libnpf/npf.expsym b/lib/libnpf/npf.expsym index 2fd9d4feff750..2ea582e935cf1 100644 --- a/lib/libnpf/npf.expsym +++ b/lib/libnpf/npf.expsym @@ -68,6 +68,7 @@ npf_rule_getinfo npf_rule_getinterface npf_rule_getname npf_rule_getproc +npf_rule_getqueue npf_rule_insert npf_rule_iterate npf_rule_setcode @@ -75,6 +76,7 @@ npf_rule_setinfo npf_rule_setkey npf_rule_setprio npf_rule_setproc +npf_rule_setqueue npf_ruleset_add npf_ruleset_flush npf_ruleset_remkey From 77dffed4e3f1dc41a45a21b6abde295656d94f23 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 18:34:24 +0000 Subject: [PATCH 37/75] single responsibility principle: extract scheduler check from expand queue --- usr.sbin/npf/npfctl/npfctl_altq.c | 63 ++++++++++++++++++------------- 1 file changed, 36 insertions(+), 27 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 8d0702e613f65..c86b44cf54485 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -69,6 +69,8 @@ static void altq_append_queues(struct npf_altq pa, char *, char *); static void queue_append_queues(struct npf_altq *, struct node_queue *, struct node_queue *); +static int scheduler_check(struct npf_altq *, struct node_queue *, + struct node_queue *, struct node_queue_bw); static void gsc_add_sc(struct gen_sc *, struct service_curve *); static int is_gsc_under_sc(struct gen_sc *, struct service_curve *); @@ -271,6 +273,38 @@ queue_append_queues(struct npf_altq *a, struct node_queue *tqueue, } } +static int +scheduler_check(struct npf_altq *pa, struct node_queue *tqueue, + struct node_queue *nqueues, struct node_queue_bw bwspec) +{ + if (pa->scheduler != ALTQT_NONE && + pa->scheduler != tqueue->scheduler) { + yyerror("exactly one scheduler type " + "per interface allowed"); + return -1; + } + pa->scheduler = tqueue->scheduler; + /* scheduler dependent error checking */ + switch (pa->scheduler) { + case ALTQT_PRIQ: + if (nqueues != NULL) { + yyerror("priq queues cannot " + "have child queues"); + return -1; + } + if (bwspec.bw_absolute > 0 || + bwspec.bw_percent < 100) { + yyerror("priq doesn't take " + "bandwidth"); + return -1; + } + break; + default: + break; + } + return 0; +} + int expand_altq(struct npf_altq *a, const char *ifname, struct node_queue *nqueues, struct node_queue_bw bwspec, @@ -337,34 +371,9 @@ expand_queue(struct npf_altq *a, const char *ifname, /* found ourself in the child queues */ found++; memcpy(&pa, a, sizeof(pa)); - if (pa.scheduler != ALTQT_NONE && - pa.scheduler != tqueue->scheduler) { - yyerror("exactly one scheduler type " - "per interface allowed"); - errs++; + if (scheduler_check(&pa, tqueue, nqueues, bwspec) == -1) goto out; - } - pa.scheduler = tqueue->scheduler; - /* scheduler dependent error checking */ - switch (pa.scheduler) { - case ALTQT_PRIQ: - if (nqueues != NULL) { - yyerror("priq queues cannot " - "have child queues"); - errs++; - goto out; - } - if (bwspec.bw_absolute > 0 || - bwspec.bw_percent < 100) { - yyerror("priq doesn't take " - "bandwidth"); - errs++; - goto out; - } - break; - default: - break; - } + if (strlcpy(pa.ifname, tqueue->ifname, sizeof(pa.ifname)) >= sizeof(pa.ifname)) errx(1, "expand_queue: strlcpy"); From 48a3a2603853f0851c7f35db798d1954f9eb2b55 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 19:03:07 +0000 Subject: [PATCH 38/75] fix sizeof and err in npfctl_qstats --- usr.sbin/npf/npfctl/npfctl_qstats.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index b4eb32196a460..234056b66aedc 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -153,7 +153,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) if ((node = npfctl_find_altq_node(*root, pa.altq.qname, pa.altq.ifname)) != NULL) { memcpy(&node->qstats.data, &qstats.data, - sizeof(qstats.data)); + sizeof(node->qstats.data)); update_avg(node); } else { npfctl_insert_altq_node(root, pa.altq, qstats); @@ -171,8 +171,8 @@ npfctl_insert_altq_node(struct npf_altq_node **root, node = calloc(1, sizeof(*node)); if (node == NULL) err(EXIT_FAILURE, "npfctl_insert_altq_node: calloc"); - memcpy(&node->altq, &altq, sizeof(altq)); - memcpy(&node->qstats, &qstats, sizeof(qstats)); + memcpy(&node->altq, &altq, sizeof(node->altq)); + memcpy(&node->qstats, &qstats, sizeof(node->qstats)); node->next = node->children = NULL; if (*root == NULL) *root = node; @@ -185,7 +185,7 @@ npfctl_insert_altq_node(struct npf_altq_node **root, struct npf_altq_node *parent; parent = npfctl_find_altq_node(*root, altq.parent, altq.ifname); if (parent == NULL) - errx(1, "parent %s not found", altq.parent); + errx(EXIT_FAILURE, "parent %s not found", altq.parent); if (parent->children == NULL) parent->children = node; else { From 1f609c739ae4a86b287c5ac37ef0710edd0d39de Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 19:10:25 +0000 Subject: [PATCH 39/75] terminating #ifndef in npf_altq.h --- sys/net/npf/npf_altq.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index 69c3d5fa93a39..c7eeb96347fb5 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -139,3 +139,5 @@ int npf_disable_altq(struct npf_altq *); int npf_stop_altq(void); int npf_enable_altq(struct npf_altq ); extern int npf_get_qstats(void *); + +#endif /* NPF_ALTQ_H_ */ \ No newline at end of file From 552e5f3cf3b89cb595b94887e12198ca1abc4128 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 19:48:20 +0000 Subject: [PATCH 40/75] rename opts to use right objs --- sys/altq/altq_cbq.c | 2 +- sys/altq/altq_hfsc.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/altq/altq_cbq.c b/sys/altq/altq_cbq.c index 2b300f1f9487c..3446cfbf65035 100644 --- a/sys/altq/altq_cbq.c +++ b/sys/altq/altq_cbq.c @@ -310,7 +310,7 @@ cbq_add_queue(struct npf_altq *a) struct rm_class *borrow, *parent; cbq_state_t *cbqp; struct rm_class *cl; - struct cbq_opts *opts; + struct npf_cbq_opts *opts; int i, error; if ((cbqp = a->altq_disc) == NULL) diff --git a/sys/altq/altq_hfsc.c b/sys/altq/altq_hfsc.c index d3c8d3d34455b..0df80d326cd2d 100644 --- a/sys/altq/altq_hfsc.c +++ b/sys/altq/altq_hfsc.c @@ -244,7 +244,7 @@ hfsc_add_queue(struct npf_altq *a) { struct hfsc_if *hif; struct hfsc_class *cl, *parent; - struct hfsc_opts *opts; + struct npf_hfsc_opts *opts; struct service_curve rtsc, lssc, ulsc; if ((hif = a->altq_disc) == NULL) From 85c7657b8308239c911aac7dff116d0615ed7750 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 20:00:28 +0000 Subject: [PATCH 41/75] define opt in kernel option --- sys/net/npf/npf_mbuf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sys/net/npf/npf_mbuf.c b/sys/net/npf/npf_mbuf.c index bb38e1e3be535..7370c15c1e422 100644 --- a/sys/net/npf/npf_mbuf.c +++ b/sys/net/npf/npf_mbuf.c @@ -49,6 +49,9 @@ __KERNEL_RCSID(0, "$NetBSD: npf_mbuf.c,v 1.25 2023/02/12 13:38:37 kardel Exp $") #ifdef INET6 #include #include +#endif + +#ifdef _KERNEL_OPT #include "opt_altq.h" #endif From eba2b11a425242fe549ef40d48286dae0fa61303 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 20:07:38 +0000 Subject: [PATCH 42/75] terminate kernelndef --- sys/net/npf/npf_mbuf.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/net/npf/npf_mbuf.c b/sys/net/npf/npf_mbuf.c index 7370c15c1e422..15e4cbfe1e172 100644 --- a/sys/net/npf/npf_mbuf.c +++ b/sys/net/npf/npf_mbuf.c @@ -50,6 +50,7 @@ __KERNEL_RCSID(0, "$NetBSD: npf_mbuf.c,v 1.25 2023/02/12 13:38:37 kardel Exp $") #include #include #endif +#endif #ifdef _KERNEL_OPT #include "opt_altq.h" From 61e41c9d17a3030c6ef79cd27ba114ee066d5419 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Tue, 31 Dec 2024 20:18:16 +0000 Subject: [PATCH 43/75] minor fix in npfaltq func prototype --- sys/net/npf/npf_altq.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index c7eeb96347fb5..cf3d7cd86deb4 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -137,7 +137,7 @@ extern int npf_altq_destroy(void); int npf_altq_start(void); int npf_disable_altq(struct npf_altq *); int npf_stop_altq(void); -int npf_enable_altq(struct npf_altq ); +int npf_enable_altq(struct npf_altq *); extern int npf_get_qstats(void *); #endif /* NPF_ALTQ_H_ */ \ No newline at end of file From 0c6caeddcd26458a11332877fc12a44eddb6c10d Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 01:39:05 +0000 Subject: [PATCH 44/75] provide def for npf_qid_unref --- sys/net/npf/npf_altq.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 37a9a795f72e2..148c849993562 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -68,7 +68,7 @@ int npf_altq_loaded = 0; TAILQ_HEAD(npf_tags, npf_tagname) npf_tags = TAILQ_HEAD_INITIALIZER(npf_tags), npf_qids = TAILQ_HEAD_INITIALIZER(npf_qids); void tag_unref(struct npf_tags *, u_int16_t); -u_int16_t npftagname2tag(struct npf_tags *, char *); +uint16_t npftagname2tag(struct npf_tags *, char *); #if (NPF_QNAME_SIZE != NPF_TAG_NAME_SIZE) #error NPF_QNAME_SIZE must be equal to NPF_TAG_NAME_SIZE @@ -273,6 +273,12 @@ tag_unref(struct npf_tags *head, u_int16_t tag) } } +void +npf_qid_unref(u_int32_t qid) +{ + tag_unref(&npf_qids, (u_int16_t)qid); +} + /* disable, destroy and stop altq routine when packet filtering disabled */ int npf_altq_destroy(void) From 4c26bec98a54458df85066f9222b7e506d6f0104 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 07:49:08 +0000 Subject: [PATCH 45/75] fix bad * --- usr.sbin/npf/npfctl/npf_scan.l | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index db63e61e5f6c7..1967338bbea59 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -1,4 +1,4 @@ -*- +/*- * Copyright (c) 2011-2012,2024 The NetBSD Foundation, Inc. * All rights reserved. * From 1442253c7390db389a8e1416b2a1cf9b48696212 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 08:01:08 +0000 Subject: [PATCH 46/75] comment space --- usr.sbin/npf/npfctl/npf_scan.l | 1 - 1 file changed, 1 deletion(-) diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index 1967338bbea59..a6cc3b4077565 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -197,7 +197,6 @@ qlimit return QLIMIT; "!" return EXCL_MARK; /* bandwidth specification rule */ - {NUMBER}[\.]*[0-9]*{BW_UNIT} { yylval.str = estrndup(yytext, yyleng); return BW_SPEC; From 70df3d04f2474294916ec8d321a64e541a2ac2eb Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 08:21:10 +0000 Subject: [PATCH 47/75] remove comment --- usr.sbin/npf/npfctl/npf_scan.l | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/npf/npfctl/npf_scan.l b/usr.sbin/npf/npfctl/npf_scan.l index a6cc3b4077565..36a88c6a14dc0 100644 --- a/usr.sbin/npf/npfctl/npf_scan.l +++ b/usr.sbin/npf/npfctl/npf_scan.l @@ -174,6 +174,7 @@ flags return FLAGS; icmp-type return ICMPTYPE; code return CODE; any return ANY; + altq return ALTQ; cbq return CBQ; priq return PRIQ; @@ -196,7 +197,6 @@ qlimit return QLIMIT; "=" return EQ; "!" return EXCL_MARK; -/* bandwidth specification rule */ {NUMBER}[\.]*[0-9]*{BW_UNIT} { yylval.str = estrndup(yytext, yyleng); return BW_SPEC; From a2b396196d301aa8d72d99ee7858a59801d71bd0 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 09:05:15 +0000 Subject: [PATCH 48/75] use right open_dev sig --- usr.sbin/npf/npfctl/npfctl.c | 2 +- usr.sbin/npf/npfctl/npfctl.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl.c b/usr.sbin/npf/npfctl/npfctl.c index f1dad275b81e4..81b4823936981 100644 --- a/usr.sbin/npf/npfctl/npfctl.c +++ b/usr.sbin/npf/npfctl/npfctl.c @@ -339,7 +339,7 @@ npfctl_load(int fd) return errno; } -static int +int npfctl_open_dev(const char *path) { struct stat st; diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 0489bfdfea76f..123c89e87e9f5 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -270,8 +270,7 @@ void npfctl_config_build(void); int npfctl_config_send(int); nl_config_t * npfctl_config_ref(void); int npfctl_config_print(int); -npfctl_config_show(int, int, char **); -int npfctl_config_show(int); +int npfctl_config_show(int, int, char **); void npfctl_config_save(nl_config_t *, const char *); int npfctl_ruleset_show(int, const char *); int npfctl_config_flush(int, int, char **); @@ -333,6 +332,7 @@ int npf_rule_qnames_exists(const char *); int check_commit_altq(void); int npf_altq_destroy(int); int npfctl_print_altq(int); +int npfctl_show_altq(int); /* * For the systems which do not define TH_ECE and TW_CRW. From bcb24ec9b1d0f443f5616c8e2f82687b812b0143 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 09:12:51 +0000 Subject: [PATCH 49/75] match build rule sig --- usr.sbin/npf/npfctl/npfctl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 123c89e87e9f5..0a43d8b7cb52e 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -287,7 +287,7 @@ void npfctl_build_group(const char *, int, const char *, bool); void npfctl_build_group_end(void); void npfctl_build_rule(uint32_t, const char *, sa_family_t, const npfvar_t *, const filt_opts_t *, - const char *, const char *); + const char *, const char *, struct node_qassign); void npfctl_build_natseg(int, int, unsigned, const char *, const addr_port_t *, const addr_port_t *, const npfvar_t *, const filt_opts_t *, unsigned); From 3b9f162ea1cae6b108b2a5e55faf35966308f177 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 09:27:36 +0000 Subject: [PATCH 50/75] fis minors spell and copyright --- usr.sbin/npf/npfctl/npf_show.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_show.c b/usr.sbin/npf/npfctl/npf_show.c index 5962091e72d9e..5baf59b1fc868 100644 --- a/usr.sbin/npf/npfctl/npf_show.c +++ b/usr.sbin/npf/npfctl/npf_show.c @@ -3,7 +3,7 @@ * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Mindaugas Rasiukevicius. + * by Mindaugas Rasiukevicius and Emmanuel Nyarko * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -525,7 +525,7 @@ npfctl_print_altq(int fd) mnr = pa.nr; for (nr = 0; nr < mnr; nr++) { pa.nr = nr; - if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { + if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { warn("IOC_NPF_GET_ALTQ"); return -1; } From 0cb00a66358d4b0fc1dd9044f5ce6c4e78afd296 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 09:54:04 +0000 Subject: [PATCH 51/75] define struct segment --- usr.sbin/npf/npfctl/npfctl.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 0a43d8b7cb52e..349383e26d258 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -111,6 +111,14 @@ struct node_qassign { char *pqname; }; +/* + * generalized service curve used for admission control + */ +struct segment { + LIST_ENTRY(segment) _next; + double x, y, d, m; +}; + typedef struct fam_addr_mask { sa_family_t fam_family; npf_addr_t fam_addr; From 6a56bd4c7927a7fcdd64b8f5bacc81a0810c5990 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 11:17:02 +0000 Subject: [PATCH 52/75] single responsibility: fix byte chackes --- usr.sbin/npf/npfctl/npfctl_altq.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index c86b44cf54485..541662224c649 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -66,7 +66,7 @@ static int check_commit_hfsc(struct npf_altq *); static int print_hfsc_opts(const struct npf_altq *, const struct node_queue_opt *); static void altq_append_queues(struct npf_altq pa, char *, - char *); + char *, struct node_queue *); static void queue_append_queues(struct npf_altq *, struct node_queue *, struct node_queue *); static int scheduler_check(struct npf_altq *, struct node_queue *, @@ -169,20 +169,23 @@ npfctl_eval_bw(struct node_queue_bw *bw, char *bw_spec) /* create root queue for cbq or hfsc */ static int -npf_add_root_queue(struct npf_altq pa, char * ifname, +npf_add_root_queue(struct npf_altq pa, const char * ifname, char qname[], struct node_queue_opt *opts) { struct node_queue_bw bw; struct npf_altq pb; int errs = 0; - /* now create a root queue */ + /* + * we cannot use sizeof(qname) directly here as it will give sizeof(char*) + * so the copyably bytes is manually hack the using sizeof(char) * qname max size + */ memset(&pb, 0, sizeof(pb)); - if (strlcpy(qname, "root_", sizeof(qname)) >= - sizeof(qname)) + if (strlcpy(qname, "root_", (sizeof(char) * NPF_QNAME_SIZE)) >= + (sizeof(char) * NPF_QNAME_SIZE)) errx(EXIT_FAILURE, "add_root: strlcpy"); - if (strlcat(qname, ifname, - sizeof(qname)) >= sizeof(qname)) + if (strlcat(qname, ifname, (sizeof(char) * NPF_QNAME_SIZE)) >= + (sizeof(char) * NPF_QNAME_SIZE)) errx(EXIT_FAILURE, "add_root: strlcat"); if (strlcpy(pb.qname, qname, sizeof(pb.qname)) >= sizeof(pb.qname)) @@ -207,7 +210,7 @@ npf_add_root_queue(struct npf_altq pa, char * ifname, * altq on .... queue {a,b ,c } */ static void -altq_append_queues(struct npf_altq pa, char *ifname, +altq_append_queues(struct npf_altq pa, const char *ifname, char qname[], struct node_queue *queue) { struct node_queue *n; @@ -353,7 +356,7 @@ expand_queue(struct npf_altq *a, const char *ifname, struct node_queue *nqueues, struct node_queue_bw bwspec, struct node_queue_opt *opts) { - struct node_queue *n, *nq; + struct node_queue *nq; struct npf_altq pa; uint8_t found = 0; uint8_t errs = 0; From a63522e527d61a25ec1fc768bb3394b96b46cdbd Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 11:56:21 +0000 Subject: [PATCH 53/75] single responsibility: prototype check --- usr.sbin/npf/npfctl/npfctl_altq.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index 541662224c649..ac99ffd72b1ac 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -52,7 +52,7 @@ #include "npfctl.h" LIST_HEAD(gen_sc, segment) rtsc, lssc; -static int npf_add_root_queue(struct npf_altq, char *, +static int npf_add_root_queue(struct npf_altq, const char *, char *, struct node_queue_opt *); static int eval_npfqueue_cbq(struct npf_altq *); static int cbq_compute_idletime(struct npf_altq *); @@ -65,7 +65,7 @@ static int eval_npfqueue_hfsc(struct npf_altq *); static int check_commit_hfsc(struct npf_altq *); static int print_hfsc_opts(const struct npf_altq *, const struct node_queue_opt *); -static void altq_append_queues(struct npf_altq pa, char *, +static void altq_append_queues(struct npf_altq pa, const char *, char *, struct node_queue *); static void queue_append_queues(struct npf_altq *, struct node_queue *, struct node_queue *); From f11f6d1c684f2726edf06530bf953bb859436d4b Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 12:37:27 +0000 Subject: [PATCH 54/75] add getaltq stuff --- sys/net/npf/npf.h | 1 + sys/net/npf/npf_altq.c | 24 ++++++++++++++++++++++++ sys/net/npf/npf_altq.h | 1 + sys/net/npf/npf_os.c | 3 +++ usr.sbin/npf/npfctl/npfctl_qstats.c | 4 ++-- 5 files changed, 31 insertions(+), 2 deletions(-) diff --git a/sys/net/npf/npf.h b/sys/net/npf/npf.h index 650ea8035bb38..9bb9282a531b9 100644 --- a/sys/net/npf/npf.h +++ b/sys/net/npf/npf.h @@ -348,6 +348,7 @@ struct npfioc_qstats { #define IOC_NPF_DESTROY_ALTQ _IO('N', 113) #define IOC_NPF_GET_QSTATS _IOWR('N', 114, struct npfioc_qstats) #define IOC_NPF_ALTQ_STATE _IOR('N', 115, int) +#define IOC_NPF_GET_ALTQ _IOWR('N', 116, struct npfioc_altq) /* * NPF error report. diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 148c849993562..a02a792d1f53d 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -404,4 +404,28 @@ npf_get_qstats(void *data) } return error; } + +int +npf_get_altq(void *data) +{ + int error = 0; + struct npfioc_altq *paa = (struct npfioc_altq *)data; + struct npf_altq *altq; + u_int32_t nr; + + nr = 0; + altq = TAILQ_FIRST(npf_altqs_active); + while ((altq != NULL) && (nr < paa->nr)) { + altq = TAILQ_NEXT(altq, entries); + nr++; + } + if (altq == NULL) { + error = EBUSY; + return error; + } + + memcpy(&paa->altq, altq, sizeof(struct npf_altq)); + return error; +} + #endif /*ALTQ */ diff --git a/sys/net/npf/npf_altq.h b/sys/net/npf/npf_altq.h index cf3d7cd86deb4..a4081a6898c4e 100644 --- a/sys/net/npf/npf_altq.h +++ b/sys/net/npf/npf_altq.h @@ -127,6 +127,7 @@ extern int altqattached; extern bool npf_altq_running; extern int npf_get_altqs(void *); +extern int npf_get_altq(void *); extern void npf_altq_init(void); extern int npf_begin_altq(void); extern int npf_commit_altq(void); diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index bdd2eafd312d7..871925be58276 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -301,6 +301,9 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) case IOC_NPF_ALTQ_STATE: *(int *)data = npf_altq_running; return 0; + case IOC_NPF_GET_ALTQ: + return npf_get_altq(data); + case IOC_NPF_LOAD: case IOC_NPF_SAVE: case IOC_NPF_RULE: diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index 234056b66aedc..41838ad0d42f1 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -124,7 +124,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) memset(&pa, 0, sizeof(pa)); memset(&pq, 0, sizeof(pq)); memset(&qstats, 0, sizeof(qstats)); - if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { + if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { warn("IOC_NPF_GET_ALTQS"); return -1; } @@ -137,7 +137,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) mnr = pa.nr; for (nr = 0; nr < mnr; ++nr) { pa.nr = nr; - if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { + if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { warn("IOC_NPF_GET_ALTQ"); return -1; } From 66504999bcca99af9fc8d1eed884c37bdaec23b7 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 12:38:29 +0000 Subject: [PATCH 55/75] add getaltq stuff --- usr.sbin/npf/npfctl/npfctl_qstats.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index 41838ad0d42f1..234056b66aedc 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -124,7 +124,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) memset(&pa, 0, sizeof(pa)); memset(&pq, 0, sizeof(pq)); memset(&qstats, 0, sizeof(qstats)); - if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { + if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { warn("IOC_NPF_GET_ALTQS"); return -1; } @@ -137,7 +137,7 @@ npfctl_update_qstats(int fd, struct npf_altq_node **root) mnr = pa.nr; for (nr = 0; nr < mnr; ++nr) { pa.nr = nr; - if (ioctl(fd, IOC_NPF_GET_ALTQS, &pa)) { + if (ioctl(fd, IOC_NPF_GET_ALTQ, &pa)) { warn("IOC_NPF_GET_ALTQ"); return -1; } From 2f6d8196af7dc37ee03bf7efeb17c2b162d5a9cd Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 15:27:02 +0000 Subject: [PATCH 56/75] properly check emptiness of ifname --- usr.sbin/npf/npfctl/npfctl_qstats.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl_qstats.c b/usr.sbin/npf/npfctl/npfctl_qstats.c index 234056b66aedc..19352441a0a26 100644 --- a/usr.sbin/npf/npfctl/npfctl_qstats.c +++ b/usr.sbin/npf/npfctl/npfctl_qstats.c @@ -90,7 +90,7 @@ npfctl_show_altq(int fd) if (nodes == 0) printf("No queue in use\n"); for (node = root; node != NULL; node = node->next) { - if (node->altq.ifname == NULL) + if (node->altq.ifname[0] == '0') continue; npfctl_print_altq_node(fd, node, 0); @@ -103,7 +103,7 @@ npfctl_show_altq(int fd) if ((nodes = npfctl_update_qstats(fd, &root)) == -1) return -1; for (node = root; node != NULL; node = node->next) { - if (node->altq.ifname == NULL) + if (node->altq.ifname[0] == '0') continue; npfctl_print_altq_node(fd, node, 0); } From 7454e26e134187506e3989bc85ef6f1136bef63f Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 15:41:46 +0000 Subject: [PATCH 57/75] avoid use of sizeof(*26675) in parser --- usr.sbin/npf/npfctl/npf_parse.y | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 52654589b08b2..521905fdbf1d4 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -493,7 +493,7 @@ priqflags_item : IDENTIFIER { hfsc_opts : { memset(&hfsc_opts, 0, - sizeof(*$$)); + sizeof(struct node_hfsc_opts)); } hfsc_opts_list { $$ = hfsc_opts; @@ -592,7 +592,7 @@ qassign_list : qassign_item { $$ = $1; } ; qassign_item : IDENTIFIER { - $$ = calloc(1, sizeof(*$$)); + $$ = calloc(1, sizeof(struct node_queue)); if ($$ == NULL) err(1, "qassign_item: calloc"); From 6309ba030fc2041405f738d3aadada7dd0351cb1 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Wed, 1 Jan 2025 23:14:10 +0000 Subject: [PATCH 58/75] add npf_altq to incs --- sys/net/npf/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/npf/Makefile b/sys/net/npf/Makefile index 898c7f90575cf..d3ce52463323d 100644 --- a/sys/net/npf/Makefile +++ b/sys/net/npf/Makefile @@ -4,6 +4,6 @@ # INCSDIR= /usr/include/net -INCS= npf.h +INCS= npf.h npf_altq.h .include From 8e8ff8bfb181dab2083aef902cff6c2b1d4bae8d Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Thu, 2 Jan 2025 14:32:45 +0000 Subject: [PATCH 59/75] Integrate: npf pseudo-device in altq --- sys/altq/altq_cbq.c | 8 +++++++- sys/altq/altq_hfsc.c | 11 +++++------ sys/altq/altq_priq.c | 11 +++++------ sys/modules/npf/npf.h | 1 + 4 files changed, 18 insertions(+), 13 deletions(-) create mode 100644 sys/modules/npf/npf.h diff --git a/sys/altq/altq_cbq.c b/sys/altq/altq_cbq.c index 3446cfbf65035..2874181e297ae 100644 --- a/sys/altq/altq_cbq.c +++ b/sys/altq/altq_cbq.c @@ -37,7 +37,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_cbq.c,v 1.41 2024/09/26 02:39:09 ozaki-r Exp $" #ifdef _KERNEL_OPT #include "opt_altq.h" #include "opt_inet.h" -#include "pf.h" +#include "npf.h" #endif #ifdef ALTQ_CBQ /* cbq is enabled by ALTQ_CBQ option in opt_altq.h */ @@ -59,7 +59,10 @@ __KERNEL_RCSID(0, "$NetBSD: altq_cbq.c,v 1.41 2024/09/26 02:39:09 ozaki-r Exp $" #include #include +#if NPF > 0 #include +#endif + #include #include #ifdef ALTQ3_COMPAT @@ -240,6 +243,7 @@ get_class_stats(class_stats_t *statsp, struct rm_class *cl) #endif } +#if NPF > 0 int cbq_npfattach(struct npf_altq *a) { @@ -473,6 +477,8 @@ cbq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) return (0); } +#endif /* NPF > 0 */ + /* * int * cbq_enqueue(struct ifaltq *ifq, struct mbuf *m) diff --git a/sys/altq/altq_hfsc.c b/sys/altq/altq_hfsc.c index 0df80d326cd2d..1a2deda9457fa 100644 --- a/sys/altq/altq_hfsc.c +++ b/sys/altq/altq_hfsc.c @@ -48,14 +48,9 @@ __KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.30 2021/09/21 14:30:15 christos Exp #ifdef _KERNEL_OPT #include "opt_altq.h" #include "opt_inet.h" -#include "pf.h" +#include "npf.h" #endif -#ifndef NPF -#define NPF 1 -#endif - - #ifdef ALTQ_HFSC /* hfsc is enabled by ALTQ_HFSC option in opt_altq.h */ #include @@ -75,7 +70,9 @@ __KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.30 2021/09/21 14:30:15 christos Exp #include #include +#if NPF > 0 #include +#endif #include #include #ifdef ALTQ3_COMPAT @@ -176,6 +173,7 @@ altqdev_decl(hfsc); static struct hfsc_if *hif_list = NULL; #endif /* ALTQ3_COMPAT */ +#if NPF > 0 int hfsc_npfattach(struct npf_altq *a) { @@ -322,6 +320,7 @@ hfsc_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } +#endif /* NPF > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/altq/altq_priq.c b/sys/altq/altq_priq.c index 6e647bb20585a..99c7b8c1b044c 100644 --- a/sys/altq/altq_priq.c +++ b/sys/altq/altq_priq.c @@ -36,14 +36,9 @@ __KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.28 2021/09/21 14:30:15 christos Exp #ifdef _KERNEL_OPT #include "opt_altq.h" #include "opt_inet.h" -#include "pf.h" +#include "npf.h" #endif -#ifndef NPF -#define NPF 1 -#endif - - #ifdef ALTQ_PRIQ /* priq is enabled by ALTQ_PRIQ option in opt_altq.h */ #include @@ -61,7 +56,9 @@ __KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.28 2021/09/21 14:30:15 christos Exp #include #include +#if NPF > 0 #include +#endif #include #include #include @@ -108,6 +105,7 @@ altqdev_decl(priq); static struct priq_if *pif_list = NULL; #endif /* ALTQ3_COMPAT */ +#if NPF > 0 int priq_npfattach(struct npf_altq *a) { @@ -229,6 +227,7 @@ priq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } +#endif /* NPF > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/modules/npf/npf.h b/sys/modules/npf/npf.h new file mode 100644 index 0000000000000..19526f2255dfa --- /dev/null +++ b/sys/modules/npf/npf.h @@ -0,0 +1 @@ +#define NPF 1 \ No newline at end of file From 784ed8328e20dd640fb0e5ecbd4156717f5f10ec Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Thu, 2 Jan 2025 14:42:11 +0000 Subject: [PATCH 60/75] verbose check --- sys/altq/altq_subr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/altq/altq_subr.c b/sys/altq/altq_subr.c index f54540ceb2519..660dc6c26bf64 100644 --- a/sys/altq/altq_subr.c +++ b/sys/altq/altq_subr.c @@ -551,6 +551,7 @@ altq_add_queue(struct npf_altq *a) #ifdef ALTQ_CBQ case ALTQT_CBQ: error = cbq_add_queue(a); + printf("queue added\n"); break; #endif #ifdef ALTQ_PRIQ From 1e53a767fa9aad812c01ca3b4000a828b9b16ae2 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Thu, 2 Jan 2025 16:18:27 +0000 Subject: [PATCH 61/75] add npf to kernel files --- sys/net/npf/files.npf | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/net/npf/files.npf b/sys/net/npf/files.npf index a8afc829424b0..7e5aab13e1f88 100644 --- a/sys/net/npf/files.npf +++ b/sys/net/npf/files.npf @@ -8,6 +8,7 @@ # defpseudo npf: ifnet, libnv +defflag npf.h NPF # Core file net/npf/npf.c npf From f2358c3c4de39c04053506094ec2f237b278a676 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Thu, 2 Jan 2025 16:29:14 +0000 Subject: [PATCH 62/75] use right interface --- sys/altq/altq_jobs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/altq/altq_jobs.c b/sys/altq/altq_jobs.c index 0f2b30daacded..3f320a8add68a 100644 --- a/sys/altq/altq_jobs.c +++ b/sys/altq/altq_jobs.c @@ -1838,7 +1838,7 @@ jobsclose(dev_t dev, int flag, int fmt, if (ALTQ_IS_ENABLED(jif->jif_ifq)) altq_disable(jif->jif_ifq); - int error = altq_detach(pif->pif_ifq); + int error = altq_detach(jif->jif_ifq); switch (error) { case 0: case ENXIO: /* already disabled */ From 540e2915359f9ebf39cc30d1cc8b56ae8ea2cd42 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Thu, 2 Jan 2025 17:20:23 +0000 Subject: [PATCH 63/75] use NPF_ALTQ flag into altq --- sys/altq/altq_cbq.c | 6 +++--- sys/altq/altq_hfsc.c | 6 +++--- sys/altq/altq_priq.c | 6 +++--- sys/altq/altq_subr.c | 12 +++++------- sys/net/npf/files.npf | 2 +- 5 files changed, 15 insertions(+), 17 deletions(-) diff --git a/sys/altq/altq_cbq.c b/sys/altq/altq_cbq.c index 2874181e297ae..ae181f26ca9e1 100644 --- a/sys/altq/altq_cbq.c +++ b/sys/altq/altq_cbq.c @@ -59,7 +59,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_cbq.c,v 1.41 2024/09/26 02:39:09 ozaki-r Exp $" #include #include -#if NPF > 0 +#if NPF_ALTQ > 0 #include #endif @@ -243,7 +243,7 @@ get_class_stats(class_stats_t *statsp, struct rm_class *cl) #endif } -#if NPF > 0 +#if NPF_ALTQ > 0 int cbq_npfattach(struct npf_altq *a) { @@ -477,7 +477,7 @@ cbq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) return (0); } -#endif /* NPF > 0 */ +#endif /* NPF_ALTQ > 0 */ /* * int diff --git a/sys/altq/altq_hfsc.c b/sys/altq/altq_hfsc.c index 1a2deda9457fa..8d623698e7550 100644 --- a/sys/altq/altq_hfsc.c +++ b/sys/altq/altq_hfsc.c @@ -70,7 +70,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.30 2021/09/21 14:30:15 christos Exp #include #include -#if NPF > 0 +#if NPF_ALTQ > 0 #include #endif #include @@ -173,7 +173,7 @@ altqdev_decl(hfsc); static struct hfsc_if *hif_list = NULL; #endif /* ALTQ3_COMPAT */ -#if NPF > 0 +#if NPF_ALTQ > 0 int hfsc_npfattach(struct npf_altq *a) { @@ -320,7 +320,7 @@ hfsc_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } -#endif /* NPF > 0 */ +#endif /* NPF_ALTQ > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/altq/altq_priq.c b/sys/altq/altq_priq.c index 99c7b8c1b044c..d8f111a26c619 100644 --- a/sys/altq/altq_priq.c +++ b/sys/altq/altq_priq.c @@ -56,7 +56,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.28 2021/09/21 14:30:15 christos Exp #include #include -#if NPF > 0 +#if NPF_ALTQ > 0 #include #endif #include @@ -105,7 +105,7 @@ altqdev_decl(priq); static struct priq_if *pif_list = NULL; #endif /* ALTQ3_COMPAT */ -#if NPF > 0 +#if NPF_ALTQ > 0 int priq_npfattach(struct npf_altq *a) { @@ -227,7 +227,7 @@ priq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } -#endif /* NPF > 0 */ +#endif /* NPF_ALTQ > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/altq/altq_subr.c b/sys/altq/altq_subr.c index 660dc6c26bf64..b67e4ac080291 100644 --- a/sys/altq/altq_subr.c +++ b/sys/altq/altq_subr.c @@ -33,14 +33,9 @@ __KERNEL_RCSID(0, "$NetBSD: altq_subr.c,v 1.33 2017/03/14 09:03:08 ozaki-r Exp $ #ifdef _KERNEL_OPT #include "opt_altq.h" #include "opt_inet.h" -#include "pf.h" +#include "npf.h" #endif -#ifndef NPF -#define NPF 1 -#endif - - #include #include #include @@ -67,8 +62,9 @@ __KERNEL_RCSID(0, "$NetBSD: altq_subr.c,v 1.33 2017/03/14 09:03:08 ozaki-r Exp $ #include #include +#if NPF_ALTQ > 0 #include - +#endif #include #ifdef ALTQ3_COMPAT #include @@ -404,6 +400,7 @@ tbr_get(struct ifaltq *ifq, struct tb_profile *profile) return (0); } +#if NPF_ALTQ > 0 /* * attach a discipline to the interface. if one already exists, it is * overridden. @@ -632,6 +629,7 @@ altq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) return (error); } +#endif /* NPF_ALTQ > 0 */ /* * read and write diffserv field in IPv4 or IPv6 header diff --git a/sys/net/npf/files.npf b/sys/net/npf/files.npf index 7e5aab13e1f88..13d8b1880ebdd 100644 --- a/sys/net/npf/files.npf +++ b/sys/net/npf/files.npf @@ -8,7 +8,7 @@ # defpseudo npf: ifnet, libnv -defflag npf.h NPF +defflag npf.h NPF_ALTQ # Core file net/npf/npf.c npf From 2b0378452651334e3a4ce88294f6de3cce33ba7e Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 09:38:27 +0000 Subject: [PATCH 64/75] check error --- sys/net/npf/npf_altq.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index a02a792d1f53d..cfcc0cadfff58 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -86,6 +86,8 @@ npf_altq_init(void) npf_altqs_inactive = &npf_altqs[1]; } +HDHHJJJJD + int npf_begin_altq(void) { From addd0224686ffd8355e2a3e9fb969c977a339504 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 10:11:56 +0000 Subject: [PATCH 65/75] ifdef altq in ioctls --- sys/net/npf/npf_os.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/net/npf/npf_os.c b/sys/net/npf/npf_os.c index 871925be58276..6ad28b6269ebc 100644 --- a/sys/net/npf/npf_os.c +++ b/sys/net/npf/npf_os.c @@ -284,6 +284,7 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) return npfctl_table(npf, data); case IOC_NPF_STATS: return npf_stats_export(npf, data); +#ifdef ALTQ case IOC_NPF_ADD_ALTQ: return npf_add_altq(data); case IOC_NPF_GET_ALTQS: @@ -303,7 +304,7 @@ npf_dev_ioctl(dev_t dev, u_long cmd, void *data, int flag, lwp_t *l) return 0; case IOC_NPF_GET_ALTQ: return npf_get_altq(data); - +#endif /* ALTQ */ case IOC_NPF_LOAD: case IOC_NPF_SAVE: case IOC_NPF_RULE: From ca838f960543e6ee9658ed7f466b28c0ba3d42fc Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 10:18:02 +0000 Subject: [PATCH 66/75] check compile --- sys/net/npf/npf_altq.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index cfcc0cadfff58..b0d08bb4bdec5 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -28,6 +28,8 @@ * POSSIBILITY OF SUCH DAMAGE. */ +hfhddkdkdk + #ifdef _KERNEL_OPT #include "opt_inet.h" #include "opt_altq.h" From 7b235a194a92fb0112922cb638064a9c775abff4 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 10:24:30 +0000 Subject: [PATCH 67/75] compiling --- sys/net/npf/npf_altq.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index b0d08bb4bdec5..1f7a2fa080775 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -28,11 +28,9 @@ * POSSIBILITY OF SUCH DAMAGE. */ -hfhddkdkdk - #ifdef _KERNEL_OPT -#include "opt_inet.h" #include "opt_altq.h" +#include "opt_inet.h" #endif #ifdef ALTQ #include @@ -88,8 +86,6 @@ npf_altq_init(void) npf_altqs_inactive = &npf_altqs[1]; } -HDHHJJJJD - int npf_begin_altq(void) { From cbd8d5dc1319d20da8c65c10279634c0f8e30c8a Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 10:38:29 +0000 Subject: [PATCH 68/75] compiling --- sys/net/npf/npf_altq.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 1f7a2fa080775..08c844043b21b 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -32,7 +32,7 @@ #include "opt_altq.h" #include "opt_inet.h" #endif -#ifdef ALTQ + #include #include #include @@ -51,6 +51,8 @@ #include "npf_altq.h" #include "npf.h" +#ifdef ALTQ + /* * starting point of altq kernel routines */ From c8b2087cbe07ee61f435da2e70b542652edd0615 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 11:10:59 +0000 Subject: [PATCH 69/75] check error --- sys/altq/altq_subr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/altq/altq_subr.c b/sys/altq/altq_subr.c index b67e4ac080291..90fa212cf5741 100644 --- a/sys/altq/altq_subr.c +++ b/sys/altq/altq_subr.c @@ -401,6 +401,7 @@ tbr_get(struct ifaltq *ifq, struct tb_profile *profile) } #if NPF_ALTQ > 0 +jfjfkfdkk /* * attach a discipline to the interface. if one already exists, it is * overridden. From ef6c4db64c17a41fed65d760b916a886e23fd594 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 11:53:52 +0000 Subject: [PATCH 70/75] needs-flags in npf kernel --- sys/altq/altq_cbq.c | 6 +++--- sys/altq/altq_hfsc.c | 6 +++--- sys/altq/altq_priq.c | 6 +++--- sys/altq/altq_subr.c | 6 +++--- sys/modules/npf/npf.h | 2 +- sys/net/npf/files.npf | 3 +-- 6 files changed, 14 insertions(+), 15 deletions(-) diff --git a/sys/altq/altq_cbq.c b/sys/altq/altq_cbq.c index ae181f26ca9e1..ceeca4b86aa5d 100644 --- a/sys/altq/altq_cbq.c +++ b/sys/altq/altq_cbq.c @@ -59,7 +59,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_cbq.c,v 1.41 2024/09/26 02:39:09 ozaki-r Exp $" #include #include -#if NPF_ALTQ > 0 +#if NNPF > 0 #include #endif @@ -243,7 +243,7 @@ get_class_stats(class_stats_t *statsp, struct rm_class *cl) #endif } -#if NPF_ALTQ > 0 +#if NNPF > 0 int cbq_npfattach(struct npf_altq *a) { @@ -477,7 +477,7 @@ cbq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) return (0); } -#endif /* NPF_ALTQ > 0 */ +#endif /* NNPF > 0 */ /* * int diff --git a/sys/altq/altq_hfsc.c b/sys/altq/altq_hfsc.c index 8d623698e7550..ee3468c559b7f 100644 --- a/sys/altq/altq_hfsc.c +++ b/sys/altq/altq_hfsc.c @@ -70,7 +70,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.30 2021/09/21 14:30:15 christos Exp #include #include -#if NPF_ALTQ > 0 +#if NNPF > 0 #include #endif #include @@ -173,7 +173,7 @@ altqdev_decl(hfsc); static struct hfsc_if *hif_list = NULL; #endif /* ALTQ3_COMPAT */ -#if NPF_ALTQ > 0 +#if NNPF > 0 int hfsc_npfattach(struct npf_altq *a) { @@ -320,7 +320,7 @@ hfsc_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } -#endif /* NPF_ALTQ > 0 */ +#endif /* NNPF > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/altq/altq_priq.c b/sys/altq/altq_priq.c index d8f111a26c619..b3da6c3be7291 100644 --- a/sys/altq/altq_priq.c +++ b/sys/altq/altq_priq.c @@ -56,7 +56,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.28 2021/09/21 14:30:15 christos Exp #include #include -#if NPF_ALTQ > 0 +#if NNPF > 0 #include #endif #include @@ -105,7 +105,7 @@ altqdev_decl(priq); static struct priq_if *pif_list = NULL; #endif /* ALTQ3_COMPAT */ -#if NPF_ALTQ > 0 +#if NNPF > 0 int priq_npfattach(struct npf_altq *a) { @@ -227,7 +227,7 @@ priq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) *nbytes = sizeof(stats); return (0); } -#endif /* NPF_ALTQ > 0 */ +#endif /* NNPF > 0 */ /* * bring the interface back to the initial state by discarding diff --git a/sys/altq/altq_subr.c b/sys/altq/altq_subr.c index 90fa212cf5741..339f79efa1df7 100644 --- a/sys/altq/altq_subr.c +++ b/sys/altq/altq_subr.c @@ -62,7 +62,7 @@ __KERNEL_RCSID(0, "$NetBSD: altq_subr.c,v 1.33 2017/03/14 09:03:08 ozaki-r Exp $ #include #include -#if NPF_ALTQ > 0 +#if NNPF > 0 #include #endif #include @@ -400,7 +400,7 @@ tbr_get(struct ifaltq *ifq, struct tb_profile *profile) return (0); } -#if NPF_ALTQ > 0 +#if NNPF > 0 jfjfkfdkk /* * attach a discipline to the interface. if one already exists, it is @@ -630,7 +630,7 @@ altq_getqstats(struct npf_altq *a, void *ubuf, int *nbytes) return (error); } -#endif /* NPF_ALTQ > 0 */ +#endif /* NNPF > 0 */ /* * read and write diffserv field in IPv4 or IPv6 header diff --git a/sys/modules/npf/npf.h b/sys/modules/npf/npf.h index 19526f2255dfa..4417d9644850e 100644 --- a/sys/modules/npf/npf.h +++ b/sys/modules/npf/npf.h @@ -1 +1 @@ -#define NPF 1 \ No newline at end of file +#define NNPF 1 \ No newline at end of file diff --git a/sys/net/npf/files.npf b/sys/net/npf/files.npf index 13d8b1880ebdd..fe13118450a26 100644 --- a/sys/net/npf/files.npf +++ b/sys/net/npf/files.npf @@ -8,10 +8,9 @@ # defpseudo npf: ifnet, libnv -defflag npf.h NPF_ALTQ # Core -file net/npf/npf.c npf +file net/npf/npf.c npf needs-flag file net/npf/npf_conf.c npf file net/npf/npf_ctl.c npf file net/npf/npf_handler.c npf From 80684963057fd65ca8c65315b70bc07d7f5da1a5 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 12:02:41 +0000 Subject: [PATCH 71/75] needs-flags in npf kernel --- sys/altq/altq_subr.c | 1 - 1 file changed, 1 deletion(-) diff --git a/sys/altq/altq_subr.c b/sys/altq/altq_subr.c index 339f79efa1df7..94549ba90d1e7 100644 --- a/sys/altq/altq_subr.c +++ b/sys/altq/altq_subr.c @@ -401,7 +401,6 @@ tbr_get(struct ifaltq *ifq, struct tb_profile *profile) } #if NNPF > 0 -jfjfkfdkk /* * attach a discipline to the interface. if one already exists, it is * overridden. From 67675b2916e808206a61eb00b230bbd16dff38db Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 12:35:40 +0000 Subject: [PATCH 72/75] add empty line to config --- usr.sbin/npf/npfctl/npf_parse.y | 1 + 1 file changed, 1 insertion(+) diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 521905fdbf1d4..ea084825ab208 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -273,6 +273,7 @@ line | set | altq | queuespec + | ; altq : ALTQ on_ifname queue_opts QUEUE qassign { From 189265e61c757a09296d7a3833f044b3baf3b636 Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 13:10:06 +0000 Subject: [PATCH 73/75] use right sig --- usr.sbin/npf/npfctl/npfctl.c | 4 ++-- usr.sbin/npf/npfctl/npfctl.h | 2 +- usr.sbin/npf/npfctl/npfctl_altq.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/usr.sbin/npf/npfctl/npfctl.c b/usr.sbin/npf/npfctl/npfctl.c index 81b4823936981..053a024f47107 100644 --- a/usr.sbin/npf/npfctl/npfctl.c +++ b/usr.sbin/npf/npfctl/npfctl.c @@ -379,7 +379,7 @@ npfctl_config_flush(int fd, int argc, char* argv[]) while((ch = getopt(argc, argv, "q")) != -1) { switch(ch) { case 'q': - return npf_altq_destroy(fd); + return npfctl_altq_destroy(fd); default: errx(EXIT_FAILURE, "Usage: %s flush -q }\n", @@ -387,7 +387,7 @@ npfctl_config_flush(int fd, int argc, char* argv[]) } } /* a single flush destroys queueing then filtering altogether*/ - error = npf_altq_destroy(fd); + error = npfctl_altq_destroy(fd); if (!error) error = npf_config_flush(fd); return error; diff --git a/usr.sbin/npf/npfctl/npfctl.h b/usr.sbin/npf/npfctl/npfctl.h index 349383e26d258..90c54c56377ac 100644 --- a/usr.sbin/npf/npfctl/npfctl.h +++ b/usr.sbin/npf/npfctl/npfctl.h @@ -338,7 +338,7 @@ int check_commit_altq(void); int npf_rule_qnames_exists(const char *); int check_commit_altq(void); -int npf_altq_destroy(int); +int npfctl_altq_destroy(int); int npfctl_print_altq(int); int npfctl_show_altq(int); diff --git a/usr.sbin/npf/npfctl/npfctl_altq.c b/usr.sbin/npf/npfctl/npfctl_altq.c index ac99ffd72b1ac..5fbf7ca3def99 100644 --- a/usr.sbin/npf/npfctl/npfctl_altq.c +++ b/usr.sbin/npf/npfctl/npfctl_altq.c @@ -1505,7 +1505,7 @@ npf_rule_qnames_exists(const char *qname) } int -npf_altq_destroy(int fd) +npfctl_altq_destroy(int fd) { altqsupport = npfctl_test_altqsupport(fd); if (!(altqsupport & (ioctl(fd, IOC_NPF_DESTROY_ALTQ) != -1))) From 8dfa805da994001decdd71d6978ae24e089879fe Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 14:06:06 +0000 Subject: [PATCH 74/75] verbose --- sys/net/npf/npf_ctl.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/net/npf/npf_ctl.c b/sys/net/npf/npf_ctl.c index b3387d4832aab..91eabcc1ac383 100644 --- a/sys/net/npf/npf_ctl.c +++ b/sys/net/npf/npf_ctl.c @@ -360,7 +360,9 @@ npf_mk_singlerule(npf_t *npf, const nvlist_t *req, nvlist_t *resp, } #ifdef ALTQ + printf("making queue rule\n"); if (npf_altq_loaded) { + printf("check if queue is appended on a rule\n"); /* assign the rule queues, if any */ const char *qname; @@ -369,10 +371,12 @@ npf_mk_singlerule(npf_t *npf, const nvlist_t *req, nvlist_t *resp, if (npf_rule_setqid(rl, qname)) { goto err; } + printf("rule-id set\n"); if (!altqattached) altqattached = 1; } } + printf("finished making queue rule\n"); #endif /* Filter byte-code (binary data). */ @@ -618,13 +622,17 @@ npfctl_load(npf_t *npf, const nvlist_t *req, nvlist_t *resp) } #ifdef ALTQ + printf("attaching altq...\n"); /*TODO: attach quues here */ if (npf_altq_loaded && altqattached) { + printf("attaching..\n"); error = npf_commit_altq(); + printf("finished \n"); if (error) { goto fail; } } + printf("finished attaching altq\n"); #endif /* ALTQ */ flush = dnvlist_get_bool(req, "flush", false); From 5bceee629f9091a768894ebc95a20c379780160a Mon Sep 17 00:00:00 2001 From: Emmankoko Date: Fri, 3 Jan 2025 14:27:46 +0000 Subject: [PATCH 75/75] verbose --- sys/net/npf/npf_altq.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/sys/net/npf/npf_altq.c b/sys/net/npf/npf_altq.c index 08c844043b21b..745b76f7bc8aa 100644 --- a/sys/net/npf/npf_altq.c +++ b/sys/net/npf/npf_altq.c @@ -63,7 +63,6 @@ struct npf_altqqueue *npf_altqs_active; struct npf_altqqueue *npf_altqs_inactive; struct npf_altqqueue npf_altqs[2]; -int npf_altqs_inactive_open; struct pool npf_altq_pl; int npf_altq_loaded = 0; @@ -170,8 +169,7 @@ npf_commit_altq(void) struct npf_altqqueue *old_altqs; struct npf_altq *altq; int s, err, error = 0; - if (!npf_altqs_inactive_open) - return EBUSY; + /* swap altqs, keep the old. */ s = splsoftnet(); old_altqs = npf_altqs_active; @@ -209,7 +207,6 @@ npf_commit_altq(void) pool_put(&npf_altq_pl, altq); } splx(s); - npf_altqs_inactive_open = 0; return error; }