ipfw2 - Rename FreeBSD ipfw port to ipfw3
authorMatthew Dillon <dillon@apollo.backplane.com>
Thu, 12 Mar 2015 23:10:34 +0000 (16:10 -0700)
committerMatthew Dillon <dillon@apollo.backplane.com>
Thu, 12 Mar 2015 23:10:34 +0000 (16:10 -0700)
* Rename all elements of the port to ipfw3 to reduce confusion.

54 files changed:
lib/Makefile
lib/libipfw3/Makefile [moved from lib/libipfw2/Makefile with 100% similarity]
lib/libipfw3/basic/Makefile [moved from lib/libipfw2/basic/Makefile with 88% similarity]
lib/libipfw3/basic/ipfw3_basic.c [moved from lib/libipfw2/basic/ipfw2_basic.c with 99% similarity]
lib/libipfw3/basic/ipfw3_basic.h [moved from lib/libipfw2/basic/ipfw2_basic.h with 96% similarity]
lib/libipfw3/dummynet/Makefile [moved from lib/libipfw2/dummynet/Makefile with 86% similarity]
lib/libipfw3/dummynet/ipfw3_dummynet.c [moved from lib/libipfw2/dummynet/ipfw2_dummynet.c with 96% similarity]
lib/libipfw3/dummynet/ipfw3_dummynet.h [moved from lib/libipfw2/dummynet/ipfw2_dummynet.h with 96% similarity]
lib/libipfw3/layer2/Makefile [moved from lib/libipfw2/layer2/Makefile with 87% similarity]
lib/libipfw3/layer2/ipfw3_layer2.c [moved from lib/libipfw2/layer2/ipfw2_layer2.c with 97% similarity]
lib/libipfw3/layer2/ipfw3_layer2.h [moved from lib/libipfw2/layer2/ipfw2_layer2.h with 96% similarity]
lib/libipfw3/layer4/Makefile [moved from lib/libipfw2/layer4/Makefile with 87% similarity]
lib/libipfw3/layer4/ipfw3_layer4.c [moved from lib/libipfw2/layer4/ipfw2_layer4.c with 97% similarity]
lib/libipfw3/layer4/ipfw3_layer4.h [moved from lib/libipfw2/layer4/ipfw2_layer4.h with 96% similarity]
lib/libipfw3/nat/Makefile [moved from lib/libipfw2/nat/Makefile with 89% similarity]
lib/libipfw3/nat/ipfw2_nat.c [moved from lib/libipfw2/nat/ipfw2_nat.c with 95% similarity]
lib/libipfw3/nat/ipfw2_nat.h [moved from lib/libipfw2/nat/ipfw2_nat.h with 97% similarity]
sbin/Makefile
sbin/ipfw3/Makefile [moved from sbin/ipfw2/Makefile with 74% similarity]
sbin/ipfw3/ipfw.h [moved from sbin/ipfw2/ipfw.h with 100% similarity]
sbin/ipfw3/ipfw3.8 [moved from sbin/ipfw2/ipfw2.8 with 99% similarity]
sbin/ipfw3/ipfw3.c [moved from sbin/ipfw2/ipfw2.c with 99% similarity]
sys/conf/files
sys/conf/options
sys/net/Makefile
sys/net/dummynet3/Makefile [moved from sys/net/dummynet2/Makefile with 91% similarity]
sys/net/dummynet3/ip_dummynet.h [moved from sys/net/dummynet2/ip_dummynet.h with 93% similarity]
sys/net/dummynet3/ip_dummynet3.c [moved from sys/net/dummynet2/ip_dummynet2.c with 99% similarity]
sys/net/dummynet3/ip_dummynet3.h [moved from sys/net/dummynet2/ip_dummynet2.h with 99% similarity]
sys/net/dummynet3/ip_dummynet3_glue.c [moved from sys/net/dummynet2/ip_dummynet2_glue.c with 99% similarity]
sys/net/if_ethersubr.c
sys/net/ipfw2_basic/Makefile [deleted file]
sys/net/ipfw2_layer2/Makefile [deleted file]
sys/net/ipfw2_layer4/Makefile [deleted file]
sys/net/ipfw2_nat/Makefile [deleted file]
sys/net/ipfw3/Makefile [moved from sys/net/ipfw2/Makefile with 91% similarity]
sys/net/ipfw3/ip_fw.h [moved from sys/net/ipfw2/ip_fw.h with 96% similarity]
sys/net/ipfw3/ip_fw3.c [moved from sys/net/ipfw2/ip_fw3.c with 96% similarity]
sys/net/ipfw3/ip_fw3.h [moved from sys/net/ipfw2/ip_fw3.h with 97% similarity]
sys/net/ipfw3/ip_fw3_glue.c [moved from sys/net/ipfw2/ip_fw3_glue.c with 89% similarity]
sys/net/ipfw3_basic/Makefile [new file with mode: 0644]
sys/net/ipfw3_basic/ip_fw3_basic.c [moved from sys/net/ipfw2_basic/ip_fw2_basic.c with 97% similarity]
sys/net/ipfw3_basic/ip_fw3_basic.h [moved from sys/net/ipfw2_basic/ip_fw2_basic.h with 98% similarity]
sys/net/ipfw3_layer2/Makefile [new file with mode: 0644]
sys/net/ipfw3_layer2/ip_fw3_layer2.c [moved from sys/net/ipfw2_layer2/ip_fw2_layer2.c with 88% similarity]
sys/net/ipfw3_layer2/ip_fw3_layer2.h [moved from sys/net/ipfw2_layer2/ip_fw2_layer2.h with 100% similarity]
sys/net/ipfw3_layer4/Makefile [new file with mode: 0644]
sys/net/ipfw3_layer4/ip_fw3_layer4.c [moved from sys/net/ipfw2_layer4/ip_fw2_layer4.c with 92% similarity]
sys/net/ipfw3_layer4/ip_fw3_layer4.h [moved from sys/net/ipfw2_layer4/ip_fw2_layer4.h with 100% similarity]
sys/net/ipfw3_nat/Makefile [new file with mode: 0644]
sys/net/ipfw3_nat/ip_fw3_nat.c [moved from sys/net/ipfw2_nat/ip_fw2_nat.c with 98% similarity]
sys/net/ipfw3_nat/ip_fw3_nat.h [moved from sys/net/ipfw2_nat/ip_fw2_nat.h with 98% similarity]
sys/net/libalias/alias_db.c
sys/netinet/raw_ip.c

index f193b5e..c237ee7 100644 (file)
@@ -54,7 +54,7 @@ SUBDIR=       ${SUBDIR_ORDERED} \
        libfsid \
        libftpio \
        libhammer \
-       libipfw2 \
+       libipfw3 \
        libipsec \
        libkcore \
        libkiconv \
similarity index 100%
rename from lib/libipfw2/Makefile
rename to lib/libipfw3/Makefile
similarity index 88%
rename from lib/libipfw2/basic/Makefile
rename to lib/libipfw3/basic/Makefile
index 44e2af6..32a8239 100644 (file)
@@ -1,9 +1,9 @@
 SRCDIR=        ${.CURDIR}/
 
-LIB=   ipfw2basic
-SRCS=  ipfw2_basic.c
+LIB=   ipfw3basic
+SRCS=  ipfw3_basic.c
 
-INCS=  ipfw2_basic.h
+INCS=  ipfw3_basic.h
 
 
 WARNS?=        2
similarity index 99%
rename from lib/libipfw2/basic/ipfw2_basic.c
rename to lib/libipfw3/basic/ipfw3_basic.c
index 2d51b63..c12ebc2 100644 (file)
@@ -55,9 +55,9 @@
 #include <net/route.h>
 #include <net/pfil.h>
 
-#include "../../../sys/net/ipfw2/ip_fw3.h"
-#include "../../../sbin/ipfw2/ipfw.h"
-#include "ipfw2_basic.h"
+#include "../../../sys/net/ipfw3/ip_fw3.h"
+#include "../../../sbin/ipfw3/ipfw.h"
+#include "ipfw3_basic.h"
 
 
 #define        IP_MASK_ALL     0xffffffff
similarity index 96%
rename from lib/libipfw2/basic/ipfw2_basic.h
rename to lib/libipfw3/basic/ipfw3_basic.h
index 5b17e47..eeacc07 100644 (file)
@@ -35,6 +35,6 @@
 #ifndef _IPFW_BASIC_H
 #define _IPFW_BASIC_H
 
-#include <../../../sys/net/ipfw2_basic/ip_fw2_basic.h>
+#include <../../../sys/net/ipfw3_basic/ip_fw3_basic.h>
 
 #endif
similarity index 86%
rename from lib/libipfw2/dummynet/Makefile
rename to lib/libipfw3/dummynet/Makefile
index bd8db43..c5ce275 100644 (file)
@@ -1,9 +1,9 @@
 SRCDIR=        ${.CURDIR}/
 
-LIB=    ipfw2dummynet
-SRCS=  ipfw2_dummynet.c
+LIB=    ipfw3dummynet
+SRCS=  ipfw3_dummynet.c
 
-INCS=  ipfw2_dummynet.h
+INCS=  ipfw3_dummynet.h
 
 
 WARNS?=        2
similarity index 96%
rename from lib/libipfw2/dummynet/ipfw2_dummynet.c
rename to lib/libipfw3/dummynet/ipfw3_dummynet.c
index 1dfb022..ecd3e2e 100644 (file)
@@ -40,9 +40,9 @@
 #include <net/pfil.h>
 #include <netinet/in.h>
 
-#include "../../../sys/net/ipfw2/ip_fw3.h"
-#include "../../../sbin/ipfw2/ipfw.h"
-#include "ipfw2_dummynet.h"
+#include "../../../sys/net/ipfw3/ip_fw3.h"
+#include "../../../sbin/ipfw3/ipfw.h"
+#include "ipfw3_dummynet.h"
 
 void
 parse_pipe(ipfw_insn **cmd, int *ac, char **av[])
similarity index 96%
rename from lib/libipfw2/dummynet/ipfw2_dummynet.h
rename to lib/libipfw3/dummynet/ipfw3_dummynet.h
index fd30c16..a1c5dcf 100644 (file)
@@ -35,6 +35,6 @@
 #ifndef _IPFW_DUMMYNET_H
 #define _IPFW_DUMMYNET_H
 
-#include "../../../../sys/net/dummynet2/ip_dummynet2.h"
+#include "../../../../sys/net/dummynet3/ip_dummynet3.h"
 
 #endif
similarity index 87%
rename from lib/libipfw2/layer2/Makefile
rename to lib/libipfw3/layer2/Makefile
index edaf8d4..2f51fbd 100644 (file)
@@ -1,9 +1,9 @@
 SRCDIR=        ${.CURDIR}/
 
-LIB=    ipfw2layer2
-SRCS=  ipfw2_layer2.c
+LIB=    ipfw3layer2
+SRCS=  ipfw3_layer2.c
 
-INCS=  ipfw2_layer2.h
+INCS=  ipfw3_layer2.h
 
 
 WARNS?=        2
similarity index 97%
rename from lib/libipfw2/layer2/ipfw2_layer2.c
rename to lib/libipfw3/layer2/ipfw3_layer2.c
index 550b9fd..29de19e 100644 (file)
@@ -44,9 +44,9 @@
 #include <net/pfil.h>
 #include <netinet/in.h>
 
-#include "../../../sys/net/ipfw2/ip_fw3.h"
-#include "../../../sbin/ipfw2/ipfw.h"
-#include "ipfw2_layer2.h"
+#include "../../../sys/net/ipfw3/ip_fw3.h"
+#include "../../../sbin/ipfw3/ipfw.h"
+#include "ipfw3_layer2.h"
 
 /*
  * Returns the number of bits set (from left) in a contiguous bitmask,
similarity index 96%
rename from lib/libipfw2/layer2/ipfw2_layer2.h
rename to lib/libipfw3/layer2/ipfw3_layer2.h
index 0751874..13bca09 100644 (file)
@@ -35,6 +35,6 @@
 #ifndef _IPFW_LAYER2_H
 #define _IPFW_LAYER2_H
 
-#include "../../../../sys/net/ipfw2_layer2/ip_fw2_layer2.h"
+#include "../../../../sys/net/ipfw3_layer2/ip_fw3_layer2.h"
 
 #endif
similarity index 87%
rename from lib/libipfw2/layer4/Makefile
rename to lib/libipfw3/layer4/Makefile
index 7493498..8e0f0b6 100644 (file)
@@ -1,9 +1,9 @@
 SRCDIR=        ${.CURDIR}/
 
-LIB=   ipfw2layer4
-SRCS=  ipfw2_layer4.c
+LIB=   ipfw3layer4
+SRCS=  ipfw3_layer4.c
 
-INCS=  ipfw2_layer4.h
+INCS=  ipfw3_layer4.h
 
 
 WARNS?=        2
similarity index 97%
rename from lib/libipfw2/layer4/ipfw2_layer4.c
rename to lib/libipfw3/layer4/ipfw3_layer4.c
index 069f53c..6434c46 100644 (file)
@@ -46,9 +46,9 @@
 #include <net/pfil.h>
 #include <netinet/in.h>
 
-#include "../../../sys/net/ipfw2/ip_fw3.h"
-#include "../../../sbin/ipfw2/ipfw.h"
-#include "ipfw2_layer4.h"
+#include "../../../sys/net/ipfw3/ip_fw3.h"
+#include "../../../sbin/ipfw3/ipfw.h"
+#include "ipfw3_layer4.h"
 
 
 void
similarity index 96%
rename from lib/libipfw2/layer4/ipfw2_layer4.h
rename to lib/libipfw3/layer4/ipfw3_layer4.h
index 02e6e2e..efe1f35 100644 (file)
@@ -35,6 +35,6 @@
 #ifndef _IPFW_LAYER2_H
 #define _IPFW_LAYER2_H
 
-#include "../../../../sys/net/ipfw2_layer4/ip_fw2_layer4.h"
+#include "../../../../sys/net/ipfw3_layer4/ip_fw3_layer4.h"
 
 #endif
similarity index 89%
rename from lib/libipfw2/nat/Makefile
rename to lib/libipfw3/nat/Makefile
index 1dc3bd4..74feaec 100644 (file)
@@ -1,9 +1,9 @@
 SRCDIR=        ${.CURDIR}/
 
-LIB=   ipfw2nat
-SRCS=  ipfw2_nat.c
+LIB=   ipfw3nat
+SRCS=  ipfw3_nat.c
 
-INCS=  ipfw2_nat.h
+INCS=  ipfw3_nat.h
 
 
 WARNS?=        2
similarity index 95%
rename from lib/libipfw2/nat/ipfw2_nat.c
rename to lib/libipfw3/nat/ipfw2_nat.c
index d957eca..41dcd29 100644 (file)
@@ -40,9 +40,9 @@
 #include <net/pfil.h>
 #include <netinet/in.h>
 
-#include "../../../sys/net/ipfw2/ip_fw3.h"
-#include "../../../sbin/ipfw2/ipfw.h"
-#include "ipfw2_nat.h"
+#include "../../../sys/net/ipfw3/ip_fw3.h"
+#include "../../../sbin/ipfw3/ipfw.h"
+#include "ipfw3_nat.h"
 
 
 void
similarity index 97%
rename from lib/libipfw2/nat/ipfw2_nat.h
rename to lib/libipfw3/nat/ipfw2_nat.h
index 20b92bb..adc4cc2 100644 (file)
@@ -35,6 +35,6 @@
 #ifndef _IPFW_NAT_H
 #define _IPFW_NAT_H
 
-#include "../../../../sys/net/ipfw2_nat/ip_fw2_nat.h"
+#include "../../../../sys/net/ipfw3_nat/ip_fw3_nat.h"
 
 #endif
index 82e67d0..be093de 100644 (file)
@@ -35,6 +35,7 @@ SUBDIR=       adjkerntz \
        init \
        ip6fw \
        ipfw \
+       ipfw3 \
        iscontrol \
        jscan \
        kldconfig \
similarity index 74%
rename from sbin/ipfw2/Makefile
rename to sbin/ipfw3/Makefile
index 376b58c..f6a3cd5 100644 (file)
@@ -1,8 +1,8 @@
 # $FreeBSD: src/sbin/ipfw/Makefile,v 1.6.6.3 2002/07/24 03:21:23 luigi Exp $
 
-PROG=  ipfw2
-MAN=   ipfw2.8
-SRCS=  ipfw2.c
+PROG=  ipfw3
+MAN=   ipfw3.8
+SRCS=  ipfw3.c
 WARNS?=        2
 
 .include <bsd.prog.mk>
similarity index 100%
rename from sbin/ipfw2/ipfw.h
rename to sbin/ipfw3/ipfw.h
similarity index 99%
rename from sbin/ipfw2/ipfw2.8
rename to sbin/ipfw3/ipfw3.8
index 17bab63..0059133 100644 (file)
@@ -77,9 +77,9 @@ traffic shaper in
 .Bd -ragged -offset XXXX
 .Em NOTE:
 ipfw is a controlling utility for ipfw/ipacct facilities for FreeBSD 2.0 which
-released in November, 1994. This manual page documentation is for the ipfw2 of
+released in November, 1994. This manual page documentation is for the ipfw3 of
 DragonflyBSD since Feb 2015. This version of
-.Nm ipfw2
+.Nm ipfw3
 is rewrited for DragonflyBSD and it is not fully compatible with ipfw in
 FreeBSD. The differences between the two are listed in Section
 .Sx IPFW2 ENHANCEMENTS ,
@@ -645,9 +645,9 @@ The rule body has the following format:
 .Pp
 The first part (protocol from src to dst) is for backward
 compatibility with
-.Nm ipfw1 .
+.Nm ipfw2 .
 In
-.Nm ipfw2
+.Nm ipfw3
 any match pattern (including MAC headers, IPv4 protocols,
 addresses and ports) can be specified in the
 .Ar options
@@ -913,7 +913,7 @@ The rule has a limited lifetime (controlled by a set of
 .Xr sysctl 8
 variables), and the lifetime is refreshed every time a matching
 packet is found.
-the state can be manually created/deleted using the ipfw2 utility.
+the state can be manually created/deleted using the ipfw3 utility.
 .It Cm layer2
 Matches only layer2 packets, i.e. those passed to
 .Nm
@@ -1587,9 +1587,9 @@ Controls whether layer-2 packets are passed to
 .Nm .
 Default is no.
 .El
-.Sh IPFW2 ENHANCEMENTS
+.Sh IPFW3 ENHANCEMENTS
 This Section lists the features that have been introduced in
-.Nm ipfw2 of DragonflyBSD
+.Nm ipfw3 of DragonflyBSD
 which were not present in
 .Nm ipfw of FreeBSD.
 We list them in order of the potential impact that they can
@@ -1646,7 +1646,7 @@ All other SYN packets will be rejected by the final
 rule.
 .Pp
 If you administer one or more subnets, you can take advantage of the
-.Nm ipfw2
+.Nm ipfw3
 syntax to specify address sets and or-blocks and write extremely
 compact rulesets which selectively enable services to blocks
 of clients, as below:
@@ -1858,7 +1858,7 @@ was introduced in
 .Fx 2.2.8 .
 Stateful extensions were introduced in
 .Fx 4.0 .
-.Nm ipfw2
+.Nm ipfw3
 was introduced in Summer 2002.
 .Sh AUTHORS
 .An Ugen J. S. Antsilevich ,
similarity index 99%
rename from sbin/ipfw2/ipfw2.c
rename to sbin/ipfw3/ipfw3.c
index 16ec5b9..6a54962 100644 (file)
 #include <net/ethernet.h>
 
 
-#include "../../sys/net/ipfw2/ip_fw3.h"
-#include "../../sys/net/dummynet2/ip_dummynet2.h"
+#include "../../sys/net/ipfw3/ip_fw3.h"
+#include "../../sys/net/dummynet3/ip_dummynet3.h"
 #include "../../sys/net/libalias/alias.h"
-#include "../../sys/net/ipfw2_basic/ip_fw2_basic.h"
-#include "../../sys/net/ipfw2_nat/ip_fw2_nat.h"
+#include "../../sys/net/ipfw3_basic/ip_fw3_basic.h"
+#include "../../sys/net/ipfw3_nat/ip_fw3_nat.h"
 #include "ipfw.h"
 
 
@@ -71,7 +71,7 @@
 #define MAX_KEYWORD_LEN        20
 #define MAX_ARGS       32
 #define WHITESP                " \t\f\v\n\r"
-#define IPFW_LIB_PATH  "/usr/lib/libipfw2%s.so"
+#define IPFW_LIB_PATH  "/usr/lib/libipfw3%s.so"
 #define        IP_MASK_ALL     0xffffffff
 #define NAT_BUF_LEN    1024
 /*
@@ -267,7 +267,7 @@ static void
 get_modules(char *modules_str, int len)
 {
        if (do_get_x(IP_FW_MODULE, modules_str, &len) < 0)
-               errx(EX_USAGE, "ipfw2 not loaded.");
+               errx(EX_USAGE, "ipfw3 not loaded.");
 }
 
 static void
index e873262..9b38556 100644 (file)
@@ -1463,8 +1463,8 @@ net/dummynet/ip_dummynet_glue.c   optional inet
 netinet/ip_flow.c              optional inet
 net/ipfw/ip_fw2.c              optional ipfirewall
 net/ipfw/ip_fw2_glue.c         optional inet
-net/ipfw2/ip_fw3.c             optional ipfirewall
-net/ipfw2/ip_fw3_glue.c                optional inet
+net/ipfw3/ip_fw3.c             optional ipfirewall3
+net/ipfw3/ip_fw3_glue.c                optional inet
 netinet/ip_icmp.c              optional inet
 netinet/ip_input.c             optional inet
 netinet/ip_demux.c             optional inet
index b27e782..49c8440 100644 (file)
@@ -277,6 +277,7 @@ IPDIVERT
 DUMMYNET               opt_ipdn.h
 DUMMYNET_DEBUG         opt_ipdn.h
 IPFIREWALL             opt_ipfw.h
+IPFIREWALL3            opt_ipfw.h
 IPFIREWALL_DEBUG       opt_ipfw.h
 IPFIREWALL_VERBOSE     opt_ipfw.h
 IPFIREWALL_VERBOSE_LIMIT       opt_ipfw.h
index f52813c..dee8162 100644 (file)
@@ -1,5 +1,6 @@
 SUBDIR=accf_data accf_http disc faith gif gre sl stf tap tun \
-       vlan zlib bridge lagg libalias dummynet ipfw ipfw2 ip6fw ip_mroute \
-       sppp ppp_layer pf
+       vlan zlib bridge lagg libalias dummynet ipfw \
+       dummynet3 ipfw3 ipfw3_basic ipfw3_nat ipfw3_layer2 ipfw3_layer4 \
+       ip6fw ip_mroute sppp ppp_layer pf
 
 .include <bsd.subdir.mk>
similarity index 91%
rename from sys/net/dummynet2/Makefile
rename to sys/net/dummynet3/Makefile
index 501c000..0451941 100644 (file)
@@ -1,8 +1,8 @@
 # $FreeBSD: src/sys/modules/dummynet/Makefile,v 1.1.2.2 2003/04/08 10:18:00 maxim Exp $
 # $DragonFly: src/sys/net/dummynet/Makefile,v 1.7 2008/09/16 12:30:57 sephe Exp $
 
-KMOD=  dummynet2
-SRCS=  ip_dummynet2.c
+KMOD=  dummynet3
+SRCS=  ip_dummynet3.c
 SRCS+= opt_ipdn.h
 
 .ifndef BUILDING_WITH_KERNEL
similarity index 93%
rename from sys/net/dummynet2/ip_dummynet.h
rename to sys/net/dummynet3/ip_dummynet.h
index b126cd7..48821a1 100644 (file)
@@ -32,9 +32,9 @@
  * SUCH DAMAGE.
  */
 
-#ifndef _IP_DUMMYNET_H_V2
-#define _IP_DUMMYNET_H_V2
+#ifndef _IP_DUMMYNET_H_V3
+#define _IP_DUMMYNET_H_V3
 
-#include <net/dummynet2/ip_dummynet2.h>
+#include <net/dummynet3/ip_dummynet3.h>
 
-#endif /* _IP_DUMMYNET_V2_H */
+#endif /* _IP_DUMMYNET_V3_H */
similarity index 99%
rename from sys/net/dummynet2/ip_dummynet2.c
rename to sys/net/dummynet3/ip_dummynet3.c
index d02e835..cbb1613 100644 (file)
@@ -65,8 +65,8 @@
 #include <netinet/in_var.h>
 #include <netinet/ip_var.h>
 
-#include <net/dummynet2/ip_dummynet2.h>
-#include <net/ipfw2/ip_fw.h>
+#include <net/dummynet3/ip_dummynet3.h>
+#include <net/ipfw3/ip_fw.h>
 
 void check_pipe(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
                struct ip_fw **f, ipfw_insn *cmd, uint16_t ip_len);
@@ -2058,6 +2058,6 @@ static moduledata_t dummynet_mod = {
        dummynet_modevent,
        NULL
 };
-DECLARE_MODULE(dummynet2, dummynet_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
-MODULE_DEPEND(dummynet2, ipfw2_basic, 1, 1, 1);
-MODULE_VERSION(dummynet2, 1);
+DECLARE_MODULE(dummynet3, dummynet_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
+MODULE_DEPEND(dummynet3, ipfw3_basic, 1, 1, 1);
+MODULE_VERSION(dummynet3, 1);
similarity index 99%
rename from sys/net/dummynet2/ip_dummynet2.h
rename to sys/net/dummynet3/ip_dummynet3.h
index 9e03d1d..226c684 100644 (file)
@@ -28,8 +28,8 @@
  * $DragonFly: src/sys/net/dummynet/ip_dummynet.h,v 1.19 2008/09/20 04:36:51 sephe Exp $
  */
 
-#ifndef _IP_DUMMYNET2_H_V2
-#define _IP_DUMMYNET2_H_V2
+#ifndef _IP_DUMMYNET3_H_
+#define _IP_DUMMYNET3_H_
 
 #ifndef _IP_DUMMYNET_H
 
similarity index 99%
rename from sys/net/dummynet2/ip_dummynet2_glue.c
rename to sys/net/dummynet3/ip_dummynet3_glue.c
index dc75d67..bdfae5b 100644 (file)
@@ -52,8 +52,8 @@
 #include <netinet/ip.h>
 #include <netinet/ip_var.h>
 
-#include <net/ipfw2/ip_fw.h>
-#include <net/dummynet2/ip_dummynet.h>
+#include <net/ipfw3/ip_fw.h>
+#include <net/dummynet3/ip_dummynet.h>
 
 static void    ip_dn_ether_output(netmsg_t);
 static void    ip_dn_ether_demux(netmsg_t);
index bc6958c..59217a1 100644 (file)
@@ -75,7 +75,7 @@
 #include <netinet/if_ether.h>
 #include <netinet/ip_flow.h>
 #include <net/ipfw/ip_fw.h>
-#include <net/ipfw2/ip_fw.h>
+#include <net/ipfw3/ip_fw.h>
 #include <net/dummynet/ip_dummynet.h>
 #endif
 #ifdef INET6
@@ -422,7 +422,7 @@ ether_output_frame(struct ifnet *ifp, struct mbuf *m)
        if (ifq_is_enabled(&ifp->if_snd))
                altq_etherclassify(&ifp->if_snd, m, &pktattr);
        crit_enter();
-       if ((IPFW_LOADED || IPFW2_LOADED) && ether_ipfw != 0) {
+       if ((IPFW_LOADED || IPFW3_LOADED) && ether_ipfw != 0) {
                struct ether_header save_eh, *eh;
 
                eh = mtod(m, struct ether_header *);
@@ -994,7 +994,7 @@ ether_demux_oncpu(struct ifnet *ifp, struct mbuf *m)
        }
 
 post_stats:
-       if ((IPFW_LOADED || IPFW2_LOADED) && ether_ipfw != 0 && !discard) {
+       if ((IPFW_LOADED || IPFW3_LOADED) && ether_ipfw != 0 && !discard) {
                struct ether_header save_eh = *eh;
 
                /* XXX old crufty stuff, needs to be removed */
diff --git a/sys/net/ipfw2_basic/Makefile b/sys/net/ipfw2_basic/Makefile
deleted file mode 100644 (file)
index ddbc1f3..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-KMOD=  ipfw2_basic
-SRCS=  ip_fw2_basic.c
-
-.include <bsd.kmod.mk>
diff --git a/sys/net/ipfw2_layer2/Makefile b/sys/net/ipfw2_layer2/Makefile
deleted file mode 100644 (file)
index a43c3eb..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-KMOD=  ipfw2_layer2
-SRCS=  ip_fw2_layer2.c
-
-.include <bsd.kmod.mk>
diff --git a/sys/net/ipfw2_layer4/Makefile b/sys/net/ipfw2_layer4/Makefile
deleted file mode 100644 (file)
index 6bcb556..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-KMOD=  ipfw2_layer4
-SRCS=  ip_fw2_layer4.c
-
-.include <bsd.kmod.mk>
diff --git a/sys/net/ipfw2_nat/Makefile b/sys/net/ipfw2_nat/Makefile
deleted file mode 100644 (file)
index b44a587..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-KMOD=  ipfw2_nat
-SRCS=  ip_fw2_nat.c
-
-.include <bsd.kmod.mk>
similarity index 91%
rename from sys/net/ipfw2/Makefile
rename to sys/net/ipfw3/Makefile
index a19653b..509c551 100644 (file)
@@ -1,7 +1,7 @@
 # $FreeBSD: src/sys/modules/ipfw/Makefile,v 1.11.2.1 2003/02/14 14:09:21 maxim Exp $
 # $DragonFly: src/sys/net/ipfw/Makefile,v 1.6 2008/09/16 12:16:08 sephe Exp $
 
-KMOD=  ipfw2
+KMOD=  ipfw3
 SRCS=  ip_fw3.c
 SRCS+= opt_ipfw.h opt_inet.h
 
@@ -10,7 +10,7 @@ opt_inet.h:
        echo '#define INET 1' > ${.OBJDIR}/${.TARGET}
 
 opt_ipfw.h:
-       echo '#define IPFIREWALL 1' > ${.OBJDIR}/${.TARGET}
+       echo '#define IPFIREWALL3 1' > ${.OBJDIR}/${.TARGET}
        # Debug prints
        #echo '#define IPFIREWALL_DEBUG 1' >> ${.OBJDIR}/${.TARGET}
        #
similarity index 96%
rename from sys/net/ipfw2/ip_fw.h
rename to sys/net/ipfw3/ip_fw.h
index d6d5ce2..82f3736 100644 (file)
@@ -32,9 +32,9 @@
  * SUCH DAMAGE.
  */
 
-#ifndef _IP_FW_H_V2
-#define _IP_FW_H_V2
+#ifndef _IP_FW_H_V3
+#define _IP_FW_H_V3
 
-#include <net/ipfw2/ip_fw3.h>
+#include <net/ipfw3/ip_fw3.h>
 
 #endif /* _IP_FW_H */
similarity index 96%
rename from sys/net/ipfw2/ip_fw3.c
rename to sys/net/ipfw3/ip_fw3.c
index cabcf73..7a513a4 100644 (file)
@@ -36,7 +36,7 @@
 #include "opt_ipfw.h"
 #include "opt_inet.h"
 #ifndef INET
-#error IPFIREWALL requires INET.
+#error IPFIREWALL3 requires INET.
 #endif /* INET */
 
 #include <sys/param.h>
 #include <net/pfil.h>
 #include <net/netmsg2.h>
 
-#include <net/ipfw2/ip_fw.h>
-#include <net/ipfw2_basic/ip_fw2_basic.h>
-#include <net/ipfw2_nat/ip_fw2_nat.h>
-#include <net/dummynet2/ip_dummynet2.h>
+#include <net/ipfw3/ip_fw.h>
+#include <net/ipfw3_basic/ip_fw3_basic.h>
+#include <net/ipfw3_nat/ip_fw3_nat.h>
+#include <net/dummynet3/ip_dummynet3.h>
 
-MALLOC_DEFINE(M_IPFW2, "IPFW2", "ip_fw2 default module");
+MALLOC_DEFINE(M_IPFW3, "IPFW3", "ip_fw3 default module");
 
 #ifdef IPFIREWALL_DEBUG
 #define DPRINTF(fmt, ...)                      \
@@ -153,22 +153,22 @@ static int autoinc_step = IPFW_AUTOINC_STEP_DEF;
 static int     ipfw_sysctl_enable(SYSCTL_HANDLER_ARGS);
 static int     ipfw_sysctl_autoinc_step(SYSCTL_HANDLER_ARGS);
 
-SYSCTL_NODE(_net_inet_ip, OID_AUTO, fw2, CTLFLAG_RW, 0, "Firewall");
-SYSCTL_PROC(_net_inet_ip_fw2, OID_AUTO, enable, CTLTYPE_INT | CTLFLAG_RW,
-       &fw2_enable, 0, ipfw_sysctl_enable, "I", "Enable ipfw");
-SYSCTL_PROC(_net_inet_ip_fw2, OID_AUTO, autoinc_step, CTLTYPE_INT | CTLFLAG_RW,
+SYSCTL_NODE(_net_inet_ip, OID_AUTO, fw3, CTLFLAG_RW, 0, "Firewall");
+SYSCTL_PROC(_net_inet_ip_fw3, OID_AUTO, enable, CTLTYPE_INT | CTLFLAG_RW,
+       &fw3_enable, 0, ipfw_sysctl_enable, "I", "Enable ipfw");
+SYSCTL_PROC(_net_inet_ip_fw3, OID_AUTO, autoinc_step, CTLTYPE_INT | CTLFLAG_RW,
        &autoinc_step, 0, ipfw_sysctl_autoinc_step, "I",
        "Rule number autincrement step");
-SYSCTL_INT(_net_inet_ip_fw2, OID_AUTO,one_pass,CTLFLAG_RW,
-       &fw2_one_pass, 0,
+SYSCTL_INT(_net_inet_ip_fw3, OID_AUTO,one_pass,CTLFLAG_RW,
+       &fw3_one_pass, 0,
        "Only do a single pass through ipfw when using dummynet(4)");
-SYSCTL_INT(_net_inet_ip_fw2, OID_AUTO, debug, CTLFLAG_RW,
+SYSCTL_INT(_net_inet_ip_fw3, OID_AUTO, debug, CTLFLAG_RW,
        &fw_debug, 0, "Enable printing of debug ip_fw statements");
-SYSCTL_INT(_net_inet_ip_fw2, OID_AUTO, verbose, CTLFLAG_RW,
+SYSCTL_INT(_net_inet_ip_fw3, OID_AUTO, verbose, CTLFLAG_RW,
        &fw_verbose, 0, "Log matches to ipfw rules");
-SYSCTL_INT(_net_inet_ip_fw2, OID_AUTO, verbose_limit, CTLFLAG_RW,
+SYSCTL_INT(_net_inet_ip_fw3, OID_AUTO, verbose_limit, CTLFLAG_RW,
        &verbose_limit, 0, "Set upper limit of matches of ipfw rules logged");
-SYSCTL_INT(_net_inet_ip_fw2, OID_AUTO, static_count, CTLFLAG_RD,
+SYSCTL_INT(_net_inet_ip_fw3, OID_AUTO, static_count, CTLFLAG_RD,
        &static_count, 0, "Number of static rules");
 
 filter_func filter_funcs[MAX_MODULE][MAX_OPCODE_PER_MODULE];
@@ -201,7 +201,7 @@ register_ipfw_module(int module_id,char *module_name)
                }
                tmp++;
        }
-       kprintf("ipfw2 module %s loaded ", module_name);
+       kprintf("ipfw3 module %s loaded ", module_name);
 }
 
 int
@@ -237,7 +237,7 @@ decide:
                for (i = 0; i < MAX_MODULE; i++) {
                        if (tmp->type == 1 && tmp->id == module_id) {
                                tmp->type = 0;
-                               kprintf("ipfw2 module %s unloaded ", tmp->name);
+                               kprintf("ipfw3 module %s unloaded ", tmp->name);
                                break;
                        }
                        tmp++;
@@ -291,7 +291,7 @@ init_module(void)
 static __inline int
 ipfw_free_rule(struct ip_fw *rule)
 {
-       kfree(rule, M_IPFW2);
+       kfree(rule, M_IPFW3);
        rule = NULL;
        return 1;
 }
@@ -443,11 +443,11 @@ after_ip_checks:
                 * Packet has already been tagged. Look for the next rule
                 * to restart processing.
                 *
-                * If fw2_one_pass != 0 then just accept it.
+                * If fw3_one_pass != 0 then just accept it.
                 * XXX should not happen here, but optimized out in
                 * the caller.
                 */
-               if (fw2_one_pass)
+               if (fw3_one_pass)
                        return IP_FW_PASS;
 
                /* This rule is being/has been flushed */
@@ -642,7 +642,7 @@ ipfw_add_rule_dispatch(netmsg_t nmsg)
 
        ioc_rule = fwmsg->ioc_rule;
         // create rule by ioc_rule
-       rule = kmalloc(RULESIZE(ioc_rule), M_IPFW2, M_WAITOK | M_ZERO);
+       rule = kmalloc(RULESIZE(ioc_rule), M_IPFW3, M_WAITOK | M_ZERO);
        rule->act_ofs = ioc_rule->act_ofs;
        rule->cmd_len = ioc_rule->cmd_len;
        rule->rulenum = ioc_rule->rulenum;
@@ -758,7 +758,7 @@ ipfw_delete_rule(struct ipfw_context *ctx,
        if (mycpuid == IPFW_CFGCPUID)
                ipfw_dec_static_count(rule);
 
-       kfree(rule, M_IPFW2);
+       kfree(rule, M_IPFW3);
        rule = NULL;
        return NULL;
 }
@@ -782,7 +782,7 @@ ipfw_flush_rule_dispatch(netmsg_t nmsg)
                if (mycpuid == IPFW_CFGCPUID)
                        ipfw_dec_static_count(the_rule);
 
-               kfree(the_rule, M_IPFW2);
+               kfree(the_rule, M_IPFW3);
        }
 
        ifnet_forwardmsg(lmsg, mycpuid + 1);
@@ -1839,11 +1839,11 @@ ipfw_sysctl_enable_dispatch(netmsg_t nmsg)
        struct lwkt_msg *lmsg = &nmsg->lmsg;
        int enable = lmsg->u.ms_result;
 
-       if (fw2_enable == enable)
+       if (fw3_enable == enable)
                goto reply;
 
-       fw2_enable = enable;
-       if (fw2_enable)
+       fw3_enable = enable;
+       if (fw3_enable)
                ipfw_hook();
        else
                ipfw_dehook();
@@ -1859,7 +1859,7 @@ ipfw_sysctl_enable(SYSCTL_HANDLER_ARGS)
        struct lwkt_msg *lmsg;
        int enable, error;
 
-       enable = fw2_enable;
+       enable = fw3_enable;
        error = sysctl_handle_int(oidp, &enable, 0, req);
        if (error || req->newptr == NULL)
                return error;
@@ -1889,13 +1889,13 @@ ipfw_ctx_init_dispatch(netmsg_t nmsg)
 
        if (mycpuid == 0 ) {
                ipfw_nat_ctx = kmalloc(sizeof(struct ipfw_nat_context),
-                               M_IPFW2, M_WAITOK | M_ZERO);
+                               M_IPFW3, M_WAITOK | M_ZERO);
        }
 
-       ctx = kmalloc(sizeof(struct ipfw_context), M_IPFW2, M_WAITOK | M_ZERO);
+       ctx = kmalloc(sizeof(struct ipfw_context), M_IPFW3, M_WAITOK | M_ZERO);
        ipfw_ctx[mycpuid] = ctx;
 
-       def_rule = kmalloc(sizeof(struct ip_fw), M_IPFW2, M_WAITOK | M_ZERO);
+       def_rule = kmalloc(sizeof(struct ip_fw), M_IPFW3, M_WAITOK | M_ZERO);
        def_rule->act_ofs = 0;
        def_rule->rulenum = IPFW_DEFAULT_RULE;
        def_rule->cmd_len = 2;
@@ -1935,7 +1935,7 @@ ipfw_init_dispatch(netmsg_t nmsg)
 {
        struct netmsg_ipfw fwmsg;
        int error = 0;
-       if (IPFW2_LOADED) {
+       if (IPFW3_LOADED) {
                kprintf("IP firewall already loaded\n");
                error = EEXIST;
                goto reply;
@@ -1950,7 +1950,7 @@ ipfw_init_dispatch(netmsg_t nmsg)
        ip_fw_ctl_x_ptr = ipfw_ctl_x;
        ip_fw_dn_io_ptr = ipfw_dummynet_io;
 
-       kprintf("ipfw2 initialized, default to %s, logging ",
+       kprintf("ipfw3 initialized, default to %s, logging ",
                (int)(ipfw_ctx[mycpuid]->ipfw_default_rule->cmd[0].opcode) ==
                O_BASIC_ACCEPT ? "accept" : "deny");
 
@@ -1969,15 +1969,15 @@ ipfw_init_dispatch(netmsg_t nmsg)
                                verbose_limit);
        }
        kprintf("\n");
-       ip_fw2_loaded = 1;
-       if (fw2_enable)
+       ip_fw3_loaded = 1;
+       if (fw3_enable)
                ipfw_hook();
 reply:
        lwkt_replymsg(&nmsg->lmsg, error);
 }
 
 static int
-ipfw2_init(void)
+ipfw3_init(void)
 {
        struct netmsg_base smsg;
        init_module();
@@ -1993,7 +1993,7 @@ ipfw_fini_dispatch(netmsg_t nmsg)
 {
        int error = 0, cpu;
 
-       ip_fw2_loaded = 0;
+       ip_fw3_loaded = 0;
 
        ipfw_dehook();
        netmsg_service_sync();
@@ -2004,11 +2004,11 @@ ipfw_fini_dispatch(netmsg_t nmsg)
        /* Free pre-cpu context */
        for (cpu = 0; cpu < ncpus; ++cpu) {
                if (ipfw_ctx[cpu] != NULL) {
-                       kfree(ipfw_ctx[cpu], M_IPFW2);
+                       kfree(ipfw_ctx[cpu], M_IPFW3);
                        ipfw_ctx[cpu] = NULL;
                }
        }
-       kfree(ipfw_nat_ctx,M_IPFW2);
+       kfree(ipfw_nat_ctx,M_IPFW3);
        ipfw_nat_ctx = NULL;
        kprintf("IP firewall unloaded\n");
 
@@ -2016,7 +2016,7 @@ ipfw_fini_dispatch(netmsg_t nmsg)
 }
 
 static int
-ipfw2_fini(void)
+ipfw3_fini(void)
 {
        struct netmsg_base smsg;
        netmsg_init(&smsg, NULL, &curthread->td_msgport,
@@ -2027,13 +2027,13 @@ ipfw2_fini(void)
 #endif /* KLD_MODULE */
 
 static int
-ipfw2_modevent(module_t mod, int type, void *unused)
+ipfw3_modevent(module_t mod, int type, void *unused)
 {
        int err = 0;
 
        switch (type) {
                case MOD_LOAD:
-                       err = ipfw2_init();
+                       err = ipfw3_init();
                        break;
 
                case MOD_UNLOAD:
@@ -2042,7 +2042,7 @@ ipfw2_modevent(module_t mod, int type, void *unused)
                        kprintf("ipfw statically compiled, cannot unload\n");
                        err = EBUSY;
 #else
-                       err = ipfw2_fini();
+                       err = ipfw3_fini();
 #endif
                        break;
                default:
@@ -2051,10 +2051,10 @@ ipfw2_modevent(module_t mod, int type, void *unused)
        return err;
 }
 
-static moduledata_t ipfw2mod = {
-       "ipfw2",
-       ipfw2_modevent,
+static moduledata_t ipfw3mod = {
+       "ipfw3",
+       ipfw3_modevent,
        0
 };
-DECLARE_MODULE(ipfw2, ipfw2mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
-MODULE_VERSION(ipfw2, 1);
+DECLARE_MODULE(ipfw3, ipfw3mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
+MODULE_VERSION(ipfw3, 1);
similarity index 97%
rename from sys/net/ipfw2/ip_fw3.h
rename to sys/net/ipfw3/ip_fw3.h
index d197d4b..1173df3 100644 (file)
  *
  */
 
-#ifndef _IP_FW2_H_V2
-#define _IP_FW2_H_V2
+#ifndef _IP_FW3_H_
+#define _IP_FW3_H_
 
 #ifdef _KERNEL
 #include <net/netisr2.h>
 
-int     ip_fw2_sockopt(struct sockopt *);
-extern int ip_fw2_loaded;
+int     ip_fw3_sockopt(struct sockopt *);
+extern int ip_fw3_loaded;
 
 #endif
 
-#define        IPFW2_LOADED    (ip_fw2_loaded)
+#define        IPFW3_LOADED    (ip_fw3_loaded)
 
+/*
+ * _IPFW2_H is from ipfw/ip_fw2.h, both cannot be included past this
+ * point but we need both the IPFW2_LOADED and IPFW3_LOADED macros
+ */
 #ifndef _IPFW2_H
+#define _IPFW2_H
 
 #define                RESERVED_SIZE           12
 #define                SIZE_OF_IPFWINSN        8
@@ -331,8 +336,8 @@ extern ip_fw_chk_t  *ip_fw_chk_ptr;
 extern ip_fw_ctl_t     *ip_fw_ctl_x_ptr;
 extern ip_fw_dn_io_t   *ip_fw_dn_io_ptr;
 
-extern int fw2_one_pass;
-extern int fw2_enable;
+extern int fw3_one_pass;
+extern int fw3_enable;
 
 
 #define IPFW_CFGCPUID  0
@@ -500,7 +505,7 @@ typedef struct _ip_fw_x_header {
 typedef void ipfw_basic_delete_state_t(struct ip_fw *);
 typedef void ipfw_basic_append_state_t(struct ipfw_ioc_state *);
 
-/* IP_FW2 opcodes */
+/* IP_FW3 opcodes */
 
 #define IP_FW_ADD              50   /* add a firewall rule to chain */
 #define IP_FW_DEL              51   /* delete a firewall rule from chain */
@@ -527,4 +532,4 @@ typedef void ipfw_basic_append_state_t(struct ipfw_ioc_state *);
 #define IP_FW_STATE_FLUSH      58   /* flush all states */
 #endif
 
-#endif /* _IPFW2_H */
+#endif /* _IPFW3_H_ */
similarity index 89%
rename from sys/net/ipfw2/ip_fw3_glue.c
rename to sys/net/ipfw3/ip_fw3_glue.c
index 73e9c49..73f6de0 100644 (file)
 
 #include <netinet/in.h>
 
-#include <net/ipfw2/ip_fw.h>
+#include <net/ipfw3/ip_fw.h>
 
-int ip_fw2_loaded;
-int fw2_enable = 1;
-int fw2_one_pass = 1;
+int ip_fw3_loaded;
+int fw3_enable = 1;
+int fw3_one_pass = 1;
 
-static void    ip_fw2_sockopt_dispatch(netmsg_t msg);
+static void    ip_fw3_sockopt_dispatch(netmsg_t msg);
 
 int
-ip_fw2_sockopt(struct sockopt *sopt)
+ip_fw3_sockopt(struct sockopt *sopt)
 {
        struct netmsg_base smsg;
 
        netmsg_init(&smsg, NULL, &curthread->td_msgport,
-                   0, ip_fw2_sockopt_dispatch);
+                   0, ip_fw3_sockopt_dispatch);
        smsg.lmsg.u.ms_resultp = sopt;
        return lwkt_domsg(IPFW_CFGPORT, &smsg.lmsg, 0);
 }
 
 static void
-ip_fw2_sockopt_dispatch(netmsg_t msg)
+ip_fw3_sockopt_dispatch(netmsg_t msg)
 {
        struct sockopt *sopt = msg->lmsg.u.ms_resultp;
        int error;
 
        KKASSERT(mycpuid == 0);
 
-       if (IPFW2_LOADED)
+       if (IPFW3_LOADED)
                error = ip_fw_ctl_x_ptr(sopt);
        else
                error = ENOPROTOOPT;
diff --git a/sys/net/ipfw3_basic/Makefile b/sys/net/ipfw3_basic/Makefile
new file mode 100644 (file)
index 0000000..f027fb5
--- /dev/null
@@ -0,0 +1,4 @@
+KMOD=  ipfw3_basic
+SRCS=  ip_fw3_basic.c
+
+.include <bsd.kmod.mk>
similarity index 97%
rename from sys/net/ipfw2_basic/ip_fw2_basic.c
rename to sys/net/ipfw3_basic/ip_fw3_basic.c
index b84faf9..05a2b61 100644 (file)
@@ -65,9 +65,9 @@
 #include <netinet/ip_divert.h>
 #include <netinet/if_ether.h>
 
-#include <net/ipfw2/ip_fw.h>
+#include <net/ipfw3/ip_fw.h>
 
-#include "ip_fw2_basic.h"
+#include "ip_fw3_basic.h"
 
 #define TIME_LEQ(a, b) ((int)((a) - (b)) <= 0)
 
@@ -158,15 +158,15 @@ adjust_hash_size_dispatch(netmsg_t nmsg)
                        while (state != NULL) {
                                the_state = state;
                                state = state->next;
-                               kfree(the_state, M_IPFW2_BASIC);
+                               kfree(the_state, M_IPFW3_BASIC);
                                the_state = NULL;
                        }
                }
        }
-       kfree(ctx->state_ctx,M_IPFW2_BASIC);
+       kfree(ctx->state_ctx,M_IPFW3_BASIC);
        ctx->state_ctx = kmalloc(state_hash_size *
                                sizeof(struct ipfw_state_context),
-                               M_IPFW2_BASIC, M_WAITOK | M_ZERO);
+                               M_IPFW3_BASIC, M_WAITOK | M_ZERO);
        ctx->state_hash_size = state_hash_size;
        ifnet_forwardmsg(&nmsg->lmsg, mycpuid + 1);
 }
@@ -330,7 +330,7 @@ install_state(struct ip_fw *rule, ipfw_insn *cmd, struct ip_fw_args *args)
        struct ipfw_state_context *state_ctx;
        state_ctx = &ctx->state_ctx[hash_packet(&args->f_id)];
        state = kmalloc(sizeof(struct ip_fw_state),
-                       M_IPFW2_BASIC, M_NOWAIT | M_ZERO);
+                       M_IPFW3_BASIC, M_NOWAIT | M_ZERO);
        if (state == NULL) {
                return NULL;
        }
@@ -637,7 +637,7 @@ ipfw_basic_add_state(struct ipfw_ioc_state *ioc_state)
        struct ipfw_state_context *state_ctx;
        state_ctx = &ctx->state_ctx[hash_packet(&(ioc_state->flow_id))];
        state = kmalloc(sizeof(struct ip_fw_state),
-                       M_IPFW2_BASIC, M_WAITOK | M_ZERO);
+                       M_IPFW3_BASIC, M_WAITOK | M_ZERO);
        struct ip_fw *rule = ctx->ipfw_rule_chain;
        while (rule != NULL) {
                if (rule->rulenum == ioc_state->rulenum) {
@@ -698,7 +698,7 @@ ipfw_basic_flush_state(struct ip_fw *rule)
 
                                        the_state = state;
                                        state = state->next;
-                                       kfree(the_state, M_IPFW2_BASIC);
+                                       kfree(the_state, M_IPFW3_BASIC);
                                        state_ctx->count--;
                                        if (state == NULL)
                                                state_ctx->last = prev_state;
@@ -739,7 +739,7 @@ ipfw_cleanup_expired_state(netmsg_t nmsg)
                                                state_ctx->last = NULL;
 
 
-                                       kfree(the_state, M_IPFW2_BASIC);
+                                       kfree(the_state, M_IPFW3_BASIC);
                                        state_ctx->count--;
                                } else {
                                        prev_state = state;
@@ -794,7 +794,7 @@ static void
 ipfw_basic_init_dispatch(netmsg_t nmsg)
 {
        IPFW_ASSERT_CFGPORT(&curthread->td_msgport);
-       KKASSERT(IPFW_LOADED);
+       KKASSERT(IPFW3_LOADED);
 
        int error = 0;
        callout_init_mp(&ipfw_tick_callout);
@@ -859,7 +859,7 @@ ipfw_basic_init(void)
                if (ctx != NULL) {
                        ctx->state_ctx = kmalloc(state_hash_size *
                                        sizeof(struct ipfw_state_context),
-                                       M_IPFW2_BASIC, M_WAITOK | M_ZERO);
+                                       M_IPFW3_BASIC, M_WAITOK | M_ZERO);
                        ctx->state_hash_size = state_hash_size;
                }
        }
@@ -875,7 +875,7 @@ static void
 ipfw_basic_stop_dispatch(netmsg_t nmsg)
 {
        IPFW_ASSERT_CFGPORT(&curthread->td_msgport);
-       KKASSERT(IPFW_LOADED);
+       KKASSERT(IPFW3_LOADED);
        int error = 0;
        callout_stop(&ipfw_tick_callout);
        netmsg_service_sync();
@@ -912,12 +912,12 @@ ipfw_basic_stop(void)
                                                        state_ctx->last = NULL;
 
                                                        kfree(the_state,
-                                                               M_IPFW2_BASIC);
+                                                               M_IPFW3_BASIC);
                                                }
                                        }
                                }
                                ctx->state_hash_size = 0;
-                               kfree(ctx->state_ctx, M_IPFW2_BASIC);
+                               kfree(ctx->state_ctx, M_IPFW3_BASIC);
                                ctx->state_ctx = NULL;
                        }
                }
@@ -931,7 +931,7 @@ ipfw_basic_stop(void)
 
 
 static int
-ipfw2_basic_modevent(module_t mod, int type, void *data)
+ipfw3_basic_modevent(module_t mod, int type, void *data)
 {
        int err;
        switch (type) {
@@ -947,11 +947,11 @@ ipfw2_basic_modevent(module_t mod, int type, void *data)
        return err;
 }
 
-static moduledata_t ipfw2_basic_mod = {
-       "ipfw2_basic",
-       ipfw2_basic_modevent,
+static moduledata_t ipfw3_basic_mod = {
+       "ipfw3_basic",
+       ipfw3_basic_modevent,
        NULL
 };
-DECLARE_MODULE(ipfw2_basic, ipfw2_basic_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
-MODULE_DEPEND(ipfw2_basic, ipfw2, 1, 1, 1);
-MODULE_VERSION(ipfw2_basic, 1);
+DECLARE_MODULE(ipfw3_basic, ipfw3_basic_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
+MODULE_DEPEND(ipfw3_basic, ipfw3, 1, 1, 1);
+MODULE_VERSION(ipfw3_basic, 1);
similarity index 98%
rename from sys/net/ipfw2_basic/ip_fw2_basic.h
rename to sys/net/ipfw3_basic/ip_fw3_basic.h
index a994eae..2e9d897 100644 (file)
@@ -38,7 +38,7 @@
 #define MODULE_BASIC_NAME "basic"
 
 #ifdef _KERNEL
-MALLOC_DEFINE(M_IPFW2_BASIC,"IPFW2_BASIC", "ip_fw2 basic module");
+MALLOC_DEFINE(M_IPFW3_BASIC,"IPFW3_BASIC", "ip_fw3 basic module");
 #endif
 
 enum ipfw_basic_opcodes {
diff --git a/sys/net/ipfw3_layer2/Makefile b/sys/net/ipfw3_layer2/Makefile
new file mode 100644 (file)
index 0000000..fa51d0c
--- /dev/null
@@ -0,0 +1,4 @@
+KMOD=  ipfw3_layer2
+SRCS=  ip_fw3_layer2.c
+
+.include <bsd.kmod.mk>
similarity index 88%
rename from sys/net/ipfw2_layer2/ip_fw2_layer2.c
rename to sys/net/ipfw3_layer2/ip_fw3_layer2.c
index b2a64f9..7cdf042 100644 (file)
@@ -49,9 +49,9 @@
 #include <netinet/in_var.h>
 #include <netinet/ip_var.h>
 
-#include <net/ipfw2/ip_fw.h>
+#include <net/ipfw3/ip_fw.h>
 
-#include "ip_fw2_layer2.h"
+#include "ip_fw3_layer2.h"
 
 
 void check_layer2(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
@@ -86,7 +86,7 @@ check_mac(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
 }
 
 static int
-ipfw2_layer2_init(void)
+ipfw3_layer2_init(void)
 {
        register_ipfw_module(MODULE_LAYER2_ID, MODULE_LAYER2_NAME);
        register_ipfw_filter_funcs(MODULE_LAYER2_ID,
@@ -97,30 +97,30 @@ ipfw2_layer2_init(void)
 }
 
 static int
-ipfw2_layer2_stop(void)
+ipfw3_layer2_stop(void)
 {
        return unregister_ipfw_module(MODULE_LAYER2_ID);
 }
 
 static int
-ipfw2_layer2_modevent(module_t mod, int type, void *data)
+ipfw3_layer2_modevent(module_t mod, int type, void *data)
 {
        switch (type) {
                case MOD_LOAD:
-                       return ipfw2_layer2_init();
+                       return ipfw3_layer2_init();
                case MOD_UNLOAD:
-                       return ipfw2_layer2_stop();
+                       return ipfw3_layer2_stop();
                default:
                        break;
        }
        return 0;
 }
 
-static moduledata_t ipfw2_layer2_mod = {
-       "ipfw2_layer2",
-       ipfw2_layer2_modevent,
+static moduledata_t ipfw3_layer2_mod = {
+       "ipfw3_layer2",
+       ipfw3_layer2_modevent,
        NULL
 };
-DECLARE_MODULE(ipfw2_layer2, ipfw2_layer2_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
-MODULE_DEPEND(ipfw2_layer2, ipfw2_basic, 1, 1, 1);
-MODULE_VERSION(ipfw2_layer2, 1);
+DECLARE_MODULE(ipfw3_layer2, ipfw3_layer2_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
+MODULE_DEPEND(ipfw3_layer2, ipfw3_basic, 1, 1, 1);
+MODULE_VERSION(ipfw3_layer2, 1);
diff --git a/sys/net/ipfw3_layer4/Makefile b/sys/net/ipfw3_layer4/Makefile
new file mode 100644 (file)
index 0000000..6ff56b4
--- /dev/null
@@ -0,0 +1,4 @@
+KMOD=  ipfw3_layer4
+SRCS=  ip_fw3_layer4.c
+
+.include <bsd.kmod.mk>
similarity index 92%
rename from sys/net/ipfw2_layer4/ip_fw2_layer4.c
rename to sys/net/ipfw3_layer4/ip_fw3_layer4.c
index aa4766d..ea6c714 100644 (file)
@@ -63,9 +63,9 @@
 #include <net/netisr2.h>
 #include <net/route.h>
 
-#include <net/ipfw2/ip_fw.h>
+#include <net/ipfw3/ip_fw.h>
 
-#include "ip_fw2_layer4.h"
+#include "ip_fw3_layer4.h"
 
 void
 check_tcpflag(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
@@ -156,7 +156,7 @@ check_gid(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
 }
 
 static int
-ipfw2_layer4_init(void)
+ipfw3_layer4_init(void)
 {
        register_ipfw_module(MODULE_LAYER4_ID, MODULE_LAYER4_NAME);
        register_ipfw_filter_funcs(MODULE_LAYER4_ID, O_LAYER4_TCPFLAG,
@@ -169,30 +169,30 @@ ipfw2_layer4_init(void)
 }
 
 static int
-ipfw2_layer4_stop(void)
+ipfw3_layer4_stop(void)
 {
        return unregister_ipfw_module(MODULE_LAYER4_ID);
 }
 
 static int
-ipfw2_layer4_modevent(module_t mod, int type, void *data)
+ipfw3_layer4_modevent(module_t mod, int type, void *data)
 {
        switch (type) {
        case MOD_LOAD:
-               return ipfw2_layer4_init();
+               return ipfw3_layer4_init();
        case MOD_UNLOAD:
-               return ipfw2_layer4_stop();
+               return ipfw3_layer4_stop();
        default:
                break;
        }
        return 0;
 }
 
-static moduledata_t ipfw2_layer4_mod = {
-       "ipfw2_layer4",
-       ipfw2_layer4_modevent,
+static moduledata_t ipfw3_layer4_mod = {
+       "ipfw3_layer4",
+       ipfw3_layer4_modevent,
        NULL
 };
-DECLARE_MODULE(ipfw2_layer4, ipfw2_layer4_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
-MODULE_DEPEND(ipfw2_layer4, ipfw2_basic, 1, 1, 1);
-MODULE_VERSION(ipfw2_layer4, 1);
+DECLARE_MODULE(ipfw3_layer4, ipfw3_layer4_mod, SI_SUB_PROTO_END, SI_ORDER_ANY);
+MODULE_DEPEND(ipfw3_layer4, ipfw3_basic, 1, 1, 1);
+MODULE_VERSION(ipfw3_layer4, 1);
diff --git a/sys/net/ipfw3_nat/Makefile b/sys/net/ipfw3_nat/Makefile
new file mode 100644 (file)
index 0000000..0540aed
--- /dev/null
@@ -0,0 +1,4 @@
+KMOD=  ipfw3_nat
+SRCS=  ip_fw3_nat.c
+
+.include <bsd.kmod.mk>
similarity index 98%
rename from sys/net/ipfw2_nat/ip_fw2_nat.c
rename to sys/net/ipfw3_nat/ip_fw3_nat.c
index a2356fa..5f87316 100644 (file)
@@ -73,9 +73,9 @@
 #include <net/libalias/alias.h>
 #include <net/libalias/alias_local.h>
 
-#include <net/ipfw2/ip_fw.h>
+#include <net/ipfw3/ip_fw.h>
 
-#include "ip_fw2_nat.h"
+#include "ip_fw3_nat.h"
 
 
 static struct lock nat_lock;
@@ -535,7 +535,7 @@ ipfw_nat_flush(struct sockopt *sopt)
 static
 int ipfw_nat_init(void)
 {
-       lockinit(&nat_lock, "ipfw2 nat lock", 0, 0);
+       lockinit(&nat_lock, "ipfw3 nat lock", 0, 0);
        register_ipfw_module(MODULE_NAT_ID, MODULE_NAT_NAME);
        register_ipfw_filter_funcs(MODULE_NAT_ID, O_NAT_NAT,
                        (filter_func)check_nat);
@@ -582,13 +582,13 @@ static int ipfw_nat_modevent(module_t mod, int type, void *data)
 }
 
 static moduledata_t ipfw_nat_mod = {
-       "ipfw2_nat",
+       "ipfw3_nat",
        ipfw_nat_modevent,
        NULL
 };
 
-DECLARE_MODULE(ipfw2_nat, ipfw_nat_mod,
+DECLARE_MODULE(ipfw3_nat, ipfw_nat_mod,
                SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY);
-MODULE_DEPEND(ipfw2_nat, libalias, 1, 1, 1);
-MODULE_DEPEND(ipfw2_nat, ipfw2_basic, 1, 1, 1);
-MODULE_VERSION(ipfw2_nat, 1);
+MODULE_DEPEND(ipfw3_nat, libalias, 1, 1, 1);
+MODULE_DEPEND(ipfw3_nat, ipfw3_basic, 1, 1, 1);
+MODULE_VERSION(ipfw3_nat, 1);
similarity index 98%
rename from sys/net/ipfw2_nat/ip_fw2_nat.h
rename to sys/net/ipfw3_nat/ip_fw3_nat.h
index 27c5ea0..fcf4a5d 100644 (file)
@@ -39,7 +39,7 @@
 #define MODULE_NAT_NAME                "nat"
 
 #ifdef _KERNEL
-MALLOC_DEFINE(M_IPFW_NAT, "IPFW2/NAT", "IPFW2/NAT 's");
+MALLOC_DEFINE(M_IPFW_NAT, "IPFW3/NAT", "IPFW3/NAT 's");
 #endif
 
 enum ipfw_nat_opcodes {
index ad020f8..d93e206 100644 (file)
@@ -2821,7 +2821,7 @@ ClearFWHole(struct alias_link *lnk)
                if (fwhole < 0)
                        return;
 
-               memset(&rule, 0, sizeof rule);  /* useless for ipfw2 */
+               memset(&rule, 0, sizeof rule);  /* useless for ipfw3 */
                while (!setsockopt(la->fireWallFD, IPPROTO_IP, IP_FW_DEL,
                        &fwhole, sizeof fwhole));
                fw_clrfield(la, la->fireWallField, fwhole);
index bf0dbe7..d8a7fea 100644 (file)
@@ -69,9 +69,9 @@
 
 #include <net/ip_mroute/ip_mroute.h>
 #include <net/ipfw/ip_fw.h>
-#include <net/ipfw2/ip_fw.h>
+#include <net/ipfw3/ip_fw.h>
 #include <net/dummynet/ip_dummynet.h>
-#include <net/dummynet2/ip_dummynet2.h>
+#include <net/dummynet3/ip_dummynet3.h>
 
 #ifdef FAST_IPSEC
 #include <netproto/ipsec/ipsec.h>
@@ -380,8 +380,8 @@ rip_ctloutput(netmsg_t msg)
                        soopt_from_kbuf(sopt, &optval, sizeof optval);
                        break;
                case IP_FW_X:
-                       if (IPFW2_LOADED)
-                               error = ip_fw2_sockopt(sopt);
+                       if (IPFW3_LOADED)
+                               error = ip_fw3_sockopt(sopt);
                        else
                                error = ENOPROTOOPT;
                        break;
@@ -433,7 +433,7 @@ rip_ctloutput(netmsg_t msg)
                                inp->inp_flags &= ~INP_HDRINCL;
                        break;
                case IP_FW_X:
-                       if (IPFW2_LOADED)
+                       if (IPFW3_LOADED)
                                error = ip_fw_ctl_x_ptr(sopt);
                        else
                                 error = ENOPROTOOPT;