[hipl-commit] [trunk] Rev 3578: Added hip_ prefix to a number of functions in the firewall.

  • From: Miika Komu <miika@xxxxxx>
  • To: hipl-commit@xxxxxxxxxxxxx
  • Date: Wed, 10 Feb 2010 00:03:18 +0200

Committer: Miika Komu <miika@xxxxxx>
Date: Wed Feb 10 00:03:31 2010 +0200
Revision: 3578
Revision-id: miika@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Branch nick: trunk

Log:
  Added hip_ prefix to a number of functions in the firewall.

Modified:
  M  firewall/cache.c
  M  firewall/cache.h
  M  firewall/cache_port.c
  M  firewall/cache_port.h
  M  firewall/conntrack.c
  M  firewall/datapkt.c
  M  firewall/firewall.c
  M  firewall/firewall_control.c
  M  firewall/firewalldb.c
  M  firewall/firewalldb.h
  M  firewall/lsi.c
  M  firewall/opptcp.c
  M  firewall/sysopp.c

=== modified file 'firewall/cache.c'
--- firewall/cache.c    2010-02-08 11:13:32 +0000
+++ firewall/cache.c    2010-02-09 22:03:31 +0000
@@ -80,7 +80,7 @@
  * @param state output argument in which the function writes the state of the 
corresponding HIP association
  * @return 
  */
-int firewall_cache_db_match(const struct in6_addr *hit_our,
+int hip_firewall_cache_db_match(const struct in6_addr *hit_our,
                            const struct in6_addr *hit_peer,
                            hip_lsi_t       *lsi_our,
                            hip_lsi_t       *lsi_peer,
@@ -254,7 +254,7 @@
 /**
  * Initialize cache database
  */
-void firewall_cache_init_hldb(void){
+void hip_firewall_cache_init_hldb(void){
        firewall_cache_db = hip_ht_init(hip_firewall_hash_hit_peer,
                                        hip_firewall_match_hit_peer);
 }

=== modified file 'firewall/cache.h'
--- firewall/cache.h    2010-01-19 09:28:42 +0000
+++ firewall/cache.h    2010-02-09 22:03:31 +0000
@@ -3,12 +3,12 @@
 
 #include "lib/core/icomm.h"
 
-int firewall_cache_db_match(const struct in6_addr *, const struct in6_addr *,
+int hip_firewall_cache_db_match(const struct in6_addr *, const struct in6_addr 
*,
                                hip_lsi_t       *, hip_lsi_t       *,
                                struct in6_addr *, struct in6_addr *, int *);
 
 //Initializes the firewall cache database
-void firewall_cache_init_hldb(void);
+void hip_firewall_cache_init_hldb(void);
 
 firewall_cache_hl_t *hip_cache_create_hl_entry(void);
 

=== modified file 'firewall/cache_port.c'
--- firewall/cache_port.c       2010-02-08 11:55:36 +0000
+++ firewall/cache_port.c       2010-02-09 22:03:31 +0000
@@ -34,7 +34,7 @@
  *
  * @return zero on success or non-zero on failure
  */
-static int port_cache_add_new_entry(const char *key, int value){
+static int hip_port_cache_add_new_entry(const char *key, int value){
        firewall_port_cache_hl_t *new_entry = NULL;
        int err = 0;
 
@@ -59,10 +59,10 @@
  *
  * @return the cache entry if found or NULL otherwise
  */
-firewall_port_cache_hl_t *firewall_port_cache_db_match(
-                               in_port_t port,
-                               int proto){
-       firewall_port_cache_hl_t *found_entry = NULL;
+firewall_port_cache_hl_t *hip_firewall_port_cache_db_match(
+                                                          in_port_t port,
+                                                          int proto){
+  firewall_port_cache_hl_t *found_entry = NULL;
        char key[FIREWALL_PORT_CACHE_KEY_LENGTH];
        char protocol[10], proto_for_bind[10];
        int bind = FIREWALL_PORT_CACHE_IPV4_TRAFFIC;    //3 - default to ipv4, 
non-LSI traffic
@@ -103,7 +103,7 @@
 
        if(!found_entry){
                bind = hip_get_proto_info(ntohs(port), proto_for_bind);
-               port_cache_add_new_entry(key, bind);
+               hip_port_cache_add_new_entry(key, bind);
                found_entry = (firewall_port_cache_hl_t *)hip_ht_find(
                                                firewall_port_cache_db,
                                                (void *)key);
@@ -151,7 +151,7 @@
  * Initialize port cache database
  * 
  */
-void firewall_port_cache_init_hldb(void){
+void hip_firewall_port_cache_init_hldb(void){
        firewall_port_cache_db = hip_ht_init(hip_firewall_port_hash_key,
                                        hip_firewall_match_port_cache_key);
 }
@@ -160,7 +160,7 @@
  * Initialize port cache database
  * 
  */
-void firewall_port_cache_uninit_hldb(void){
+void hip_firewall_port_cache_uninit_hldb(void){
        int i;
        firewall_port_cache_hl_t *this = NULL;
        hip_list_t *item, *tmp;

=== modified file 'firewall/cache_port.h'
--- firewall/cache_port.h       2010-02-08 11:52:49 +0000
+++ firewall/cache_port.h       2010-02-09 22:03:31 +0000
@@ -3,10 +3,10 @@
 
 #include "lib/core/icomm.h"
 
-void firewall_port_cache_init_hldb(void);
-firewall_port_cache_hl_t *firewall_port_cache_db_match(in_port_t port, 
+void hip_firewall_port_cache_init_hldb(void);
+firewall_port_cache_hl_t *hip_firewall_port_cache_db_match(in_port_t port, 
                                                        int proto);
-void firewall_port_cache_uninit_hldb(void);
+void hip_firewall_port_cache_uninit_hldb(void);
 
 #endif /* HIP_CACHE_H */
 

=== modified file 'firewall/conntrack.c'
--- firewall/conntrack.c        2010-02-09 09:34:07 +0000
+++ firewall/conntrack.c        2010-02-09 22:03:31 +0000
@@ -2122,8 +2122,8 @@
 
        HIP_DEBUG("Relaying packet\n");
        
-       firewall_send_outgoing_pkt(&ctx->dst, tuple->dst_ip,
-                                  (u8 *)iph + iph->ihl * 4, len, 
iph->protocol);
+       hip_firewall_send_outgoing_pkt(&ctx->dst, tuple->dst_ip,
+                                      (u8 *)iph + iph->ihl * 4, len, 
iph->protocol);
 out_err:
        return err;
 }

=== modified file 'firewall/datapkt.c'
--- firewall/datapkt.c  2010-02-09 09:34:07 +0000
+++ firewall/datapkt.c  2010-02-09 22:03:31 +0000
@@ -329,7 +329,7 @@
 
        /* Hip Daemon doesn't send the i1 packet, if data packet mode is on.
           This gets preferred addresses in DB and returns */
-       if(firewall_cache_db_match(&ctx->src, &ctx->dst, NULL, NULL,
+       if(hip_firewall_cache_db_match(&ctx->src, &ctx->dst, NULL, NULL,
                                   &preferred_local_addr, &preferred_peer_addr, 
NULL)) {
                HIP_DEBUG("HIP_DATAPACKET MODE is Already Set so using DATA 
PACKET MODE for new connections\n");
        }

=== modified file 'firewall/firewall.c'
--- firewall/firewall.c 2010-02-09 21:20:18 +0000
+++ firewall/firewall.c 2010-02-09 22:03:31 +0000
@@ -801,11 +801,11 @@
 #endif
 
        // Initializing local database for mapping LSI-HIT in the firewall
-       firewall_init_hldb();
+       hip_firewall_init_hldb();
        // Initializing local cache database
-       firewall_cache_init_hldb();
+       hip_firewall_cache_init_hldb();
        // Initializing local port cache database
-       firewall_port_cache_init_hldb();
+       hip_firewall_port_cache_init_hldb();
 
  out_err:
        return err;
@@ -929,7 +929,7 @@
                HIP_DEBUG("Failed to notify hipd of firewall shutdown.\n");
        free(msg);
 
-       firewall_port_cache_uninit_hldb();
+       hip_firewall_port_cache_uninit_hldb();
        hip_fw_uninit_system_based_opp_mode();
        hip_fw_flush_iptables();
        /* rules have to be removed first, otherwise HIP packets won't pass 
through

=== modified file 'firewall/firewall_control.c'
--- firewall/firewall_control.c 2010-02-09 21:20:18 +0000
+++ firewall/firewall_control.c 2010-02-09 22:03:31 +0000
@@ -53,12 +53,12 @@
        switch(msg_type)
        {
                case SO_HIP_FW_BEX_DONE:
-                       err = firewall_set_bex_state(src_hit,
-                                                    dst_hit,
-                                                    (dst_hit ? 1 : -1));
+                       err = hip_firewall_set_bex_state(src_hit,
+                                                        dst_hit,
+                                                        (dst_hit ? 1 : -1));
                        break;
                 case SO_HIP_FW_UPDATE_DB:
-                       err = firewall_set_bex_state(src_hit, dst_hit, 0);
+                       err = hip_firewall_set_bex_state(src_hit, dst_hit, 0);
                        break;
                 default:
                        break;

=== modified file 'firewall/firewalldb.c'
--- firewall/firewalldb.c       2010-01-19 09:28:42 +0000
+++ firewall/firewalldb.c       2010-02-09 22:03:31 +0000
@@ -1,7 +1,18 @@
+/**
+ * @file firewall/firewalldb.c
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * @todo THIS DATABASE IS REDUDANT WITH CACHE.C AND CONTAINS ONLY A SUBSET OF 
IT. REWRITE AND TEST!!!
+ *
+ * @brief Write a short summary
+ *
+ * @author <Put all existing author information here>
+ * @author another Author another@xxxxxxxxxx
+ **/
 #include <netinet/ip_icmp.h>
 #include "firewalldb.h"
 #include "cache.h"
-//#include "firewall/cache_port.h"
 #include "firewall_defines.h"
 #include "lib/core/icomm.h"
 #include "lib/core/kerncompat.h"
@@ -9,7 +20,6 @@
 #include "lib/core/hashtable.h"
 #include "lib/core/misc.h"
 
-
 #define DISABLE_hip_firewall_hldb_dump
 #define DISABLE_firewall_init_raw_sock_esp_v6
 
@@ -31,6 +41,9 @@
 
 
 #ifndef DISABLE_hip_firewall_hldb_dump
+/**
+ * display the contents of the database
+ */
 static void hip_firewall_hldb_dump(void){
        int i;
        firewall_hl_t *this;
@@ -51,13 +64,12 @@
 #endif
 
 /**
- * firewall_ip_db_match:
  * Search in the database the given peer ip
  *
  * @param ip_peer: entrance that we are searching in the db
  * @return NULL if not found and otherwise the firewall_hl_t structure
  */
-firewall_hl_t *firewall_ip_db_match(const struct in6_addr *ip_peer){
+firewall_hl_t *hip_firewall_ip_db_match(const struct in6_addr *ip_peer){
 #ifndef DISABLE_hip_firewall_hldb_dump
     hip_firewall_hldb_dump();
 #endif
@@ -66,7 +78,11 @@
   
 }
 
-
+/**
+ * allocate memory for a new database entry
+ *
+ * @return the allocated database entry (caller responsible of freeing)
+ **/
 static firewall_hl_t *hip_create_hl_entry(void){
        firewall_hl_t *entry = NULL;
        int err = 0;
@@ -81,11 +97,11 @@
 /**
  * Adds a default entry in the firewall db.
  * 
- * @param *ip  the only supplied field, the ip of the peer
+ * @param ip   the only supplied field, the ip of the peer
  * 
  * @return     error if any
  */
-int firewall_add_default_entry(const struct in6_addr *ip){
+int hip_firewall_add_default_entry(const struct in6_addr *ip){
        struct in6_addr all_zero_default_v6;
        struct in_addr  all_zero_default_v4, in4;
        firewall_hl_t *new_entry  = NULL;
@@ -96,7 +112,7 @@
 
        HIP_ASSERT(ip != NULL);
 
-       entry_peer = firewall_ip_db_match(ip);
+       entry_peer = hip_firewall_ip_db_match(ip);
 
        if(!entry_peer){
                HIP_DEBUG_IN6ADDR("ip ", ip);
@@ -142,11 +158,11 @@
  * 
  * @return     error if any
  */
-int firewall_update_entry(const struct in6_addr *hit_our,
-                         const struct in6_addr *hit_peer,
-                         const hip_lsi_t       *lsi,
-                         const struct in6_addr *ip,
-                         int              state){
+int hip_firewall_update_entry(const struct in6_addr *hit_our,
+                             const struct in6_addr *hit_peer,
+                             const hip_lsi_t       *lsi,
+                             const struct in6_addr *ip,
+                             int              state) {
        int err = 0;
        firewall_hl_t *entry_update = NULL;
 
@@ -160,7 +176,7 @@
        if (ip)
                HIP_DEBUG_IN6ADDR("ip", ip);
 
-       HIP_IFEL(!(entry_update = firewall_ip_db_match(ip)), -1,
+       HIP_IFEL(!(entry_update = hip_firewall_ip_db_match(ip)), -1,
                 "Did not find entry\n");
 
        //update the fields if new value value is not NULL
@@ -178,7 +194,6 @@
 
 
 /**
- * hip_firewall_hash_ip_peer:
  * Generates the hash information that is used to index the table
  *
  * @param ptr: pointer to the lsi used to make the hash
@@ -195,7 +210,6 @@
 
 
 /**
- * hip_firewall_match_ip_peer:
  * Compares two IPs
  *
  * @param ptr1: pointer to ip
@@ -207,7 +221,7 @@
        return (hip_firewall_hash_ip_peer(ptr1) != 
hip_firewall_hash_ip_peer(ptr2));
 }
 
-static int firewall_init_raw_sock_icmp_outbound(int *firewall_raw_sock_v6){
+static int hip_firewall_init_raw_sock_icmp_outbound(int *firewall_raw_sock_v6){
     int on = 1, off = 0, err = 0;
 
     *firewall_raw_sock_v6 = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMP);
@@ -226,7 +240,7 @@
 }
 
 /*Init functions raw_sockets ipv4*/
-static int firewall_init_raw_sock_tcp_v4(int *firewall_raw_sock_v4){
+static int hip_firewall_init_raw_sock_tcp_v4(int *firewall_raw_sock_v4){
        int on = 1, err = 0;
        int off = 0;
 
@@ -248,7 +262,7 @@
 }
 
 
-static int firewall_init_raw_sock_udp_v4(int *firewall_raw_sock_v4){
+static int hip_firewall_init_raw_sock_udp_v4(int *firewall_raw_sock_v4){
        int on = 1, err = 0;
        int off = 0;
 
@@ -269,7 +283,7 @@
        return err;
 }
 
-static int firewall_init_raw_sock_icmp_v4(int *firewall_raw_sock_v4){
+static int hip_firewall_init_raw_sock_icmp_v4(int *firewall_raw_sock_v4){
        int on = 1, err = 0;
        int off = 0;
 
@@ -292,7 +306,7 @@
 
 
 /*Init functions for raw sockets ipv6*/
-static int firewall_init_raw_sock_tcp_v6(int *firewall_raw_sock_v6){
+static int hip_firewall_init_raw_sock_tcp_v6(int *firewall_raw_sock_v6){
        int on = 1, off = 0, err = 0;
 
        *firewall_raw_sock_v6 = socket(AF_INET6, SOCK_RAW, IPPROTO_TCP);
@@ -311,7 +325,7 @@
 }
 
 
-static int firewall_init_raw_sock_udp_v6(int *firewall_raw_sock_v6){
+static int hip_firewall_init_raw_sock_udp_v6(int *firewall_raw_sock_v6){
        int on = 1, off = 0, err = 0;
 
        *firewall_raw_sock_v6 = socket(AF_INET6, SOCK_RAW, IPPROTO_UDP);
@@ -330,7 +344,7 @@
 }
 
 
-static int firewall_init_raw_sock_icmp_v6(int *firewall_raw_sock_v6){
+static int hip_firewall_init_raw_sock_icmp_v6(int *firewall_raw_sock_v6){
        int on = 1, off = 0, err = 0;
 
        *firewall_raw_sock_v6 = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6);
@@ -348,7 +362,7 @@
        return err;
 }
 
-static int firewall_init_raw_sock_esp_v4(int *sock)
+static int hip_firewall_init_raw_sock_esp_v4(int *sock)
 {
        int on = 1, off = 0, err = 0;
        *sock = socket(AF_INET, SOCK_RAW, IPPROTO_ESP);
@@ -365,7 +379,7 @@
 }
 
 #ifndef DISABLE_firewall_init_raw_sock_esp_v6
-static int firewall_init_raw_sock_esp_v6(int *sock)
+static int hip_firewall_init_raw_sock_esp_v6(int *sock)
 {
        int on = 1, off = 0, err = 0;
        *sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ESP);
@@ -382,38 +396,38 @@
 }
 #endif
 
-static void firewall_init_raw_sockets(void){
+static void hip_firewall_init_raw_sockets(void){
   //HIP_IFEL(initialise_firewall_socket(),-1,"Firewall socket creation 
failed\n");
-       firewall_init_raw_sock_tcp_v4(&firewall_raw_sock_tcp_v4);
-       firewall_init_raw_sock_udp_v4(&firewall_raw_sock_udp_v4);
-       firewall_init_raw_sock_icmp_v4(&firewall_raw_sock_icmp_v4);
-       firewall_init_raw_sock_icmp_outbound(&firewall_raw_sock_icmp_outbound);
-       firewall_init_raw_sock_tcp_v6(&firewall_raw_sock_tcp_v6);
-       firewall_init_raw_sock_udp_v6(&firewall_raw_sock_udp_v6);
-       firewall_init_raw_sock_icmp_v6(&firewall_raw_sock_icmp_v6);
-       firewall_init_raw_sock_esp_v4(&firewall_raw_sock_esp_v4);
+       hip_firewall_init_raw_sock_tcp_v4(&firewall_raw_sock_tcp_v4);
+       hip_firewall_init_raw_sock_udp_v4(&firewall_raw_sock_udp_v4);
+       hip_firewall_init_raw_sock_icmp_v4(&firewall_raw_sock_icmp_v4);
+       
hip_firewall_init_raw_sock_icmp_outbound(&firewall_raw_sock_icmp_outbound);
+       hip_firewall_init_raw_sock_tcp_v6(&firewall_raw_sock_tcp_v6);
+       hip_firewall_init_raw_sock_udp_v6(&firewall_raw_sock_udp_v6);
+       hip_firewall_init_raw_sock_icmp_v6(&firewall_raw_sock_icmp_v6);
+       hip_firewall_init_raw_sock_esp_v4(&firewall_raw_sock_esp_v4);
 #ifndef DISABLE_firewall_init_raw_sock_esp_v6
-       firewall_init_raw_sock_esp_v6(&firewall_raw_sock_esp_v6);
+       hip_firewall_init_raw_sock_esp_v6(&firewall_raw_sock_esp_v6);
 #endif
 }
 
-void firewall_init_hldb(void){
+void hip_firewall_init_hldb(void){
        firewall_hit_lsi_ip_db = hip_ht_init(hip_firewall_hash_ip_peer,
                                             hip_firewall_match_ip_peer);
-       firewall_init_raw_sockets();
+       hip_firewall_init_raw_sockets();
 }
 
-int firewall_set_bex_state(struct in6_addr *hit_s,
+int hip_firewall_set_bex_state(struct in6_addr *hit_s,
                            struct in6_addr *hit_r,
                            int state){
        struct in6_addr ip_src, ip_dst;
        hip_lsi_t lsi_our, lsi_peer;
        int err = 0;
 
-       HIP_IFEL(firewall_cache_db_match(hit_r, hit_s, &lsi_our, &lsi_peer,
-                                  &ip_src, &ip_dst, NULL),
+       HIP_IFEL(hip_firewall_cache_db_match(hit_r, hit_s, &lsi_our, &lsi_peer,
+                                            &ip_src, &ip_dst, NULL),
                 -1, "Failed to query LSIs\n");
-       HIP_IFEL(firewall_update_entry(NULL, NULL, NULL, &ip_dst, state), -1,
+       HIP_IFEL(hip_firewall_update_entry(NULL, NULL, NULL, &ip_dst, state), 
-1,
                 "Failed to update firewall entry\n");
 
  out_err:
@@ -440,7 +454,7 @@
        HIP_DEBUG("End hldbdb delete\n");
 }
 
-int firewall_send_incoming_pkt(const struct in6_addr *src_hit,
+int hip_firewall_send_incoming_pkt(const struct in6_addr *src_hit,
                               const struct in6_addr *dst_hit,
                               u8 *msg, u16 len,
                               int proto,
@@ -596,7 +610,7 @@
 }
 
 
-int firewall_send_outgoing_pkt(const struct in6_addr *src_hit,
+int hip_firewall_send_outgoing_pkt(const struct in6_addr *src_hit,
                                const struct in6_addr *dst_hit,
                                u8 *msg, u16 len,
                                int proto){

=== modified file 'firewall/firewalldb.h'
--- firewall/firewalldb.h       2010-01-19 09:28:42 +0000
+++ firewall/firewalldb.h       2010-02-09 22:03:31 +0000
@@ -5,23 +5,23 @@
 #include "lib/core/icomm.h"
 #include "lib/core/kerncompat.h"
 
-void firewall_init_hldb(void);
-firewall_hl_t *firewall_ip_db_match(const struct in6_addr *ip_peer);
-int firewall_set_bex_state(struct in6_addr *hit_s, 
+void hip_firewall_init_hldb(void);
+firewall_hl_t *hip_firewall_ip_db_match(const struct in6_addr *ip_peer);
+int hip_firewall_set_bex_state(struct in6_addr *hit_s, 
                            struct in6_addr *hit_r, 
                            int state);
 void hip_firewall_delete_hldb(void);
-int firewall_add_default_entry(const struct in6_addr *ip);
-int firewall_update_entry(const struct in6_addr *hit_our, 
+int hip_firewall_add_default_entry(const struct in6_addr *ip);
+int hip_firewall_update_entry(const struct in6_addr *hit_our, 
                           const struct in6_addr *hit_peer, 
                           const hip_lsi_t *lsi, 
                           const struct in6_addr *ip, 
                           int state);
-int firewall_send_outgoing_pkt(const struct in6_addr *src_hit,
+int hip_firewall_send_outgoing_pkt(const struct in6_addr *src_hit,
                                const struct in6_addr *dst_hit,
                                u8 *msg, u16 len,
                                int proto);
-int firewall_send_incoming_pkt(const struct in6_addr *src_hit, 
+int hip_firewall_send_incoming_pkt(const struct in6_addr *src_hit, 
                                const struct in6_addr *dst_hit, 
                                u8 *msg, u16 len, int proto, int ttl);
 

=== modified file 'firewall/lsi.c'
--- firewall/lsi.c      2010-01-19 09:28:42 +0000
+++ firewall/lsi.c      2010-02-09 22:03:31 +0000
@@ -80,8 +80,8 @@
        }
 
        /* port caching */
-       port_cache_entry = firewall_port_cache_db_match(portDest,
-                                                       ip6_hdr->ip6_nxt);
+       port_cache_entry = hip_firewall_port_cache_db_match(portDest,
+                                                           ip6_hdr->ip6_nxt);
 
        if( port_cache_entry &&
            (port_cache_entry->traffic_type ==
@@ -102,7 +102,7 @@
                HIP_ASSERT(1);
        }
 
-       HIP_IFEL(firewall_cache_db_match(ip_dst, ip_src,
+       HIP_IFEL(hip_firewall_cache_db_match(ip_dst, ip_src,
                                &lsi_our, &lsi_peer,
                                &dst_addr, &src_addr,
                                NULL),
@@ -174,12 +174,12 @@
 
        /* get the corresponding ip address for this lsi,
           as well as the current ha state */
-       if(firewall_cache_db_match(NULL, NULL, lsi_src, lsi_dst,
+       if(hip_firewall_cache_db_match(NULL, NULL, lsi_src, lsi_dst,
                                   &src_ip, &dst_ip, &state_ha)){
                HIP_DEBUG("No HA found yet\n");
        }
 
-       entry_peer = (firewall_hl_t *) firewall_ip_db_match(&dst_ip);   
+       entry_peer = (firewall_hl_t *) hip_firewall_ip_db_match(&dst_ip);       
        if (entry_peer) {
                HIP_DEBUG("IP db match\n");
                /* if the firewall entry is still undefined
@@ -196,11 +196,11 @@
                                new_fw_entry_state = FIREWALL_STATE_BEX_DEFAULT;
 
                        /* update fw entry state accordingly */
-                       firewall_update_entry(NULL, NULL, NULL, &dst_ip,
+                       hip_firewall_update_entry(NULL, NULL, NULL, &dst_ip,
                                              FIREWALL_STATE_BEX_ESTABLISHED);
 
                        /* reobtain the entry in case it has been updated */
-                       entry_peer = firewall_ip_db_match(&dst_ip);
+                       entry_peer = hip_firewall_ip_db_match(&dst_ip);
                }
 
                /* decide whether to reinject the packet */
@@ -212,7 +212,7 @@
        } else {
                HIP_DEBUG("no ip db match\n");
                /* add default entry in the firewall db */
-               HIP_IFEL(firewall_add_default_entry(&dst_ip), -1,
+               HIP_IFEL(hip_firewall_add_default_entry(&dst_ip), -1,
                         "Adding of fw entry failed\n");
 
                /* Check if bex is already established: server case.
@@ -231,14 +231,14 @@
                                                 &dst_lsi, NULL, NULL),
                                        -1, "Base Exchange Trigger failed\n");
                        /* update fw db entry */
-                       HIP_IFEL(firewall_update_entry(&src_hit, &dst_hit,
+                       HIP_IFEL(hip_firewall_update_entry(&src_hit, &dst_hit,
                                                       lsi_dst, &dst_ip,
                                                       
FIREWALL_STATE_BEX_DEFAULT), -1,
                                 "Failed to update fw entry\n");
                }
                if(state_ha == HIP_STATE_ESTABLISHED){
                        /* update fw db entry */
-                       HIP_IFEL(firewall_update_entry(&src_hit, &dst_hit,
+                       HIP_IFEL(hip_firewall_update_entry(&src_hit, &dst_hit,
                                                       lsi_dst, &dst_ip,
                                                       
FIREWALL_STATE_BEX_ESTABLISHED),
                                 -1, "Failed to update fw entry\n");
@@ -375,24 +375,24 @@
                     message with equals @src and @dst*/
                  if (icmp->type == ICMP_ECHO) {
                        icmp->type = ICMP_ECHOREPLY;
-                       err = firewall_send_outgoing_pkt(dst_hit, src_hit,
+                       err = hip_firewall_send_outgoing_pkt(dst_hit, src_hit,
                                                         msg, packet_length,
                                                         protocol);
                  } else {
-                       err = firewall_send_incoming_pkt(src_hit, dst_hit,
+                       err = hip_firewall_send_incoming_pkt(src_hit, dst_hit,
                                                         msg, packet_length,
                                                         protocol, ttl);
                  }
        } else {
                  if (incoming) {
                            HIP_DEBUG("Firewall send to the kernel an incoming 
packet\n");
-                           err = firewall_send_incoming_pkt(src_hit,
+                           err = hip_firewall_send_incoming_pkt(src_hit,
                                                             dst_hit, msg,
                                                             packet_length,
                                                             protocol, ttl);
                  } else {
                            HIP_DEBUG("Firewall send to the kernel an outgoing 
packet\n");
-                           err = firewall_send_outgoing_pkt(src_hit,
+                           err = hip_firewall_send_outgoing_pkt(src_hit,
                                                             dst_hit, msg,
                                                             packet_length,
                                                             protocol);

=== modified file 'firewall/opptcp.c'
--- firewall/opptcp.c   2010-01-19 09:28:42 +0000
+++ firewall/opptcp.c   2010-02-09 22:03:31 +0000
@@ -116,11 +116,11 @@
                
                /* We need to create state in the firewall db
                 * if there is no entry for the peer yet. */
-               entry_peer = (firewall_hl_t *)firewall_ip_db_match(&peer_ip);
+               entry_peer = (firewall_hl_t 
*)hip_firewall_ip_db_match(&peer_ip);
                //if there is no entry in fw, add a default one
                if(!entry_peer){
-                       firewall_add_default_entry(&peer_ip);
-                       entry_peer = (firewall_hl_t 
*)firewall_ip_db_match(&peer_ip);
+                       hip_firewall_add_default_entry(&peer_ip);
+                       entry_peer = (firewall_hl_t 
*)hip_firewall_ip_db_match(&peer_ip);
                }
 
 
@@ -135,8 +135,8 @@
                                             &dst_hit, &src_lsi, &dst_lsi);
 
                        if(state_ha != HIP_STATE_ESTABLISHED)
-                               firewall_update_entry(NULL, NULL, NULL, 
&peer_ip,
-                                              
FIREWALL_STATE_BEX_NOT_SUPPORTED);
+                               hip_firewall_update_entry(NULL, NULL, NULL, 
&peer_ip,
+                                                         
FIREWALL_STATE_BEX_NOT_SUPPORTED);
 
                        //allow packet
                        return 1;
@@ -152,16 +152,16 @@
 
 
                        /* updating the fw db if necessary*/
-                       entry_peer = (firewall_hl_t 
*)firewall_ip_db_match(&peer_ip);
+                       entry_peer = (firewall_hl_t *) 
hip_firewall_ip_db_match(&peer_ip);
                        //if there is no entry in fw, add a default one
                        if(!entry_peer){
-                               firewall_add_default_entry(&peer_ip);
-                               entry_peer = (firewall_hl_t 
*)firewall_ip_db_match(&peer_ip);
+                               hip_firewall_add_default_entry(&peer_ip);
+                               entry_peer = (firewall_hl_t 
*)hip_firewall_ip_db_match(&peer_ip);
                        }
                        if(entry_peer->bex_state != 
FIREWALL_STATE_BEX_ESTABLISHED){
                                //update the firewall db entry
                                HIP_DEBUG("updating fw entry state to 
NOT_SUPPORTED\n");
-                               firewall_update_entry(NULL, NULL, NULL, 
&peer_ip,
+                               hip_firewall_update_entry(NULL, NULL, NULL, 
&peer_ip,
                                              FIREWALL_STATE_BEX_NOT_SUPPORTED);
                        }
 

=== modified file 'firewall/sysopp.c'
--- firewall/sysopp.c   2010-02-08 19:17:05 +0000
+++ firewall/sysopp.c   2010-02-09 22:03:31 +0000
@@ -109,7 +109,7 @@
        HIP_DEBUG("\n");
 
        //get firewall db entry
-       entry_peer = firewall_ip_db_match(&ctx->dst);
+       entry_peer = hip_firewall_ip_db_match(&ctx->dst);
        if (entry_peer) {
                //if the firewall entry is still undefined
                //check whether the base exchange has been established
@@ -135,11 +135,11 @@
 
                        HIP_DEBUG("New state %d\n", new_fw_entry_state);
                        //update fw entry state accordingly
-                       firewall_update_entry(&src_hit, &dst_hit, &dst_lsi,
-                                             &ctx->dst, new_fw_entry_state);
+                       hip_firewall_update_entry(&src_hit, &dst_hit, &dst_lsi,
+                                                 &ctx->dst, 
new_fw_entry_state);
 
                        //reobtain the entry in case it has been updated
-                       entry_peer = firewall_ip_db_match(&ctx->dst);
+                       entry_peer = hip_firewall_ip_db_match(&ctx->dst);
                }
 
                //decide what to do with the packet
@@ -162,7 +162,7 @@
                }
        } else {
                /* add default entry in the firewall db */
-               firewall_add_default_entry(&ctx->dst);
+               hip_firewall_add_default_entry(&ctx->dst);
 
                /* get current connection state from hipd */
                state_ha = hip_get_bex_state_from_IPs(&ctx->src, &ctx->dst,
@@ -184,9 +184,9 @@
                } else if (state_ha == HIP_STATE_ESTABLISHED) {
                        if (hit_is_local_hit(&src_hit)) {
                                HIP_DEBUG("is local hit\n");
-                               firewall_update_entry(&src_hit, &dst_hit,
-                                                     &dst_lsi, &ctx->dst,
-                                                     
FIREWALL_STATE_BEX_ESTABLISHED);
+                               hip_firewall_update_entry(&src_hit, &dst_hit,
+                                                         &dst_lsi, &ctx->dst,
+                                                         
FIREWALL_STATE_BEX_ESTABLISHED);
                                reinject_packet(&src_hit, &dst_hit,
                                                ctx->ipq_packet, 4, 0);
                                verdict = 0;
@@ -219,8 +219,8 @@
                state = FIREWALL_STATE_BEX_ESTABLISHED;
        else
                state = FIREWALL_STATE_BEX_NOT_SUPPORTED;
-       firewall_update_entry(local_hit, peer_hit, local_addr,
-                             peer_addr, state);
+       hip_firewall_update_entry(local_hit, peer_hit, local_addr,
+                                 peer_addr, state);
 
        return err;
 }

Other related posts:

  • » [hipl-commit] [trunk] Rev 3578: Added hip_ prefix to a number of functions in the firewall. - Miika Komu