static int npf_init(void) { #ifdef _MODULE devmajor_t bmajor = NODEVMAJOR, cmajor = NODEVMAJOR; #endif int error = 0; npf_stats_percpu = percpu_alloc(NPF_STATS_SIZE); npf_sysctl = NULL; npf_bpf_sysinit(); npf_worker_sysinit(); npf_tableset_sysinit(); npf_session_sysinit(); npf_nat_sysinit(); npf_alg_sysinit(); npf_ext_sysinit(); /* Load empty configuration. */ npf_pfil_register(true); npf_config_init(); #ifdef _MODULE /* Attach /dev/npf device. */ error = devsw_attach("npf", NULL, &bmajor, &npf_cdevsw, &cmajor); if (error) { /* It will call devsw_detach(), which is safe. */ (void)npf_fini(); } #endif return error; }
/* * npfctl_switch: enable or disable packet inspection. */ int npfctl_switch(void *data) { const bool onoff = *(int *)data ? true : false; int error; if (onoff) { /* Enable: add pfil hooks. */ error = npf_pfil_register(false); } else { /* Disable: remove pfil hooks. */ npf_pfil_unregister(false); error = 0; } return error; }