Lines Matching refs:scrub
2761 VERIFY(src->scrub == NULL); in pf_normalize_tcp_init()
2763 src->scrub = pool_get(&pf_state_scrub_pl, PR_NOWAIT); in pf_normalize_tcp_init()
2764 if (src->scrub == NULL) { in pf_normalize_tcp_init()
2767 bzero(src->scrub, sizeof(*src->scrub)); in pf_normalize_tcp_init()
2773 src->scrub->pfss_ttl = h->ip_ttl; in pf_normalize_tcp_init()
2779 src->scrub->pfss_ttl = h->ip6_hlim; in pf_normalize_tcp_init()
2794 if (th->th_off > (sizeof(struct tcphdr) >> 2) && src->scrub && in pf_normalize_tcp_init()
2809 src->scrub->pfss_flags |= in pf_normalize_tcp_init()
2811 src->scrub->pfss_ts_mod = in pf_normalize_tcp_init()
2819 src->scrub->pfss_tsval0 = ntohl(tsval); in pf_normalize_tcp_init()
2820 src->scrub->pfss_tsval = ntohl(tsval); in pf_normalize_tcp_init()
2821 src->scrub->pfss_tsecr = ntohl(tsecr); in pf_normalize_tcp_init()
2822 getmicrouptime(&src->scrub->pfss_last); in pf_normalize_tcp_init()
2839 if (state->src.scrub) { in pf_normalize_tcp_cleanup()
2840 pool_put(&pf_state_scrub_pl, state->src.scrub); in pf_normalize_tcp_cleanup()
2842 if (state->dst.scrub) { in pf_normalize_tcp_cleanup()
2843 pool_put(&pf_state_scrub_pl, state->dst.scrub); in pf_normalize_tcp_cleanup()
2862 VERIFY(src->scrub || dst->scrub); in pf_normalize_tcp_stateful()
2872 if (src->scrub) { in pf_normalize_tcp_stateful()
2874 if (h->ip_ttl > src->scrub->pfss_ttl) { in pf_normalize_tcp_stateful()
2875 src->scrub->pfss_ttl = h->ip_ttl; in pf_normalize_tcp_stateful()
2877 h->ip_ttl = src->scrub->pfss_ttl; in pf_normalize_tcp_stateful()
2883 if (src->scrub) { in pf_normalize_tcp_stateful()
2885 if (h->ip6_hlim > src->scrub->pfss_ttl) { in pf_normalize_tcp_stateful()
2886 src->scrub->pfss_ttl = h->ip6_hlim; in pf_normalize_tcp_stateful()
2888 h->ip6_hlim = src->scrub->pfss_ttl; in pf_normalize_tcp_stateful()
2895 ((src->scrub && (src->scrub->pfss_flags & PFSS_TIMESTAMP)) || in pf_normalize_tcp_stateful()
2896 (dst->scrub && (dst->scrub->pfss_flags & PFSS_TIMESTAMP))) && in pf_normalize_tcp_stateful()
2929 if (tsval && src->scrub && in pf_normalize_tcp_stateful()
2930 (src->scrub->pfss_flags & in pf_normalize_tcp_stateful()
2936 src->scrub->pfss_ts_mod), in pf_normalize_tcp_stateful()
2944 if (tsecr && dst->scrub && in pf_normalize_tcp_stateful()
2945 (dst->scrub->pfss_flags & in pf_normalize_tcp_stateful()
2948 - dst->scrub->pfss_ts_mod; in pf_normalize_tcp_stateful()
2989 if (src->scrub && (src->scrub->pfss_flags & PFSS_PAWS) && in pf_normalize_tcp_stateful()
2990 (uptime.tv_sec - src->scrub->pfss_last.tv_sec > TS_MAX_IDLE || in pf_normalize_tcp_stateful()
2997 src->scrub->pfss_flags = (src->scrub->pfss_flags & ~PFSS_PAWS) in pf_normalize_tcp_stateful()
3000 if (dst->scrub && (dst->scrub->pfss_flags & PFSS_PAWS) && in pf_normalize_tcp_stateful()
3001 uptime.tv_sec - dst->scrub->pfss_last.tv_sec > TS_MAX_IDLE) { in pf_normalize_tcp_stateful()
3007 dst->scrub->pfss_flags = (dst->scrub->pfss_flags & ~PFSS_PAWS) in pf_normalize_tcp_stateful()
3011 if (got_ts && src->scrub && dst->scrub && in pf_normalize_tcp_stateful()
3012 (src->scrub->pfss_flags & PFSS_PAWS) && in pf_normalize_tcp_stateful()
3013 (dst->scrub->pfss_flags & PFSS_PAWS)) { in pf_normalize_tcp_stateful()
3094 timersub(&uptime, &src->scrub->pfss_last, &delta_ts); in pf_normalize_tcp_stateful()
3101 (SEQ_LT(tsval, dst->scrub->pfss_tsecr) || in pf_normalize_tcp_stateful()
3102 SEQ_GT(tsval, src->scrub->pfss_tsval + tsval_from_last) || in pf_normalize_tcp_stateful()
3103 (tsecr && (SEQ_GT(tsecr, dst->scrub->pfss_tsval) || in pf_normalize_tcp_stateful()
3104 SEQ_LT(tsecr, dst->scrub->pfss_tsval0))))) { in pf_normalize_tcp_stateful()
3114 SEQ_LT(tsval, dst->scrub->pfss_tsecr) ? '0' : ' ', in pf_normalize_tcp_stateful()
3115 SEQ_GT(tsval, src->scrub->pfss_tsval + in pf_normalize_tcp_stateful()
3117 SEQ_GT(tsecr, dst->scrub->pfss_tsval) ? '2' : ' ', in pf_normalize_tcp_stateful()
3118 SEQ_LT(tsecr, dst->scrub->pfss_tsval0)? '3' : ' ')); in pf_normalize_tcp_stateful()
3124 src->scrub->pfss_tsval, src->scrub->pfss_tsecr)); in pf_normalize_tcp_stateful()
3126 dst->scrub->pfss_tsval, dst->scrub->pfss_tsecr, in pf_normalize_tcp_stateful()
3127 dst->scrub->pfss_tsval0)); in pf_normalize_tcp_stateful()
3141 src->scrub && dst->scrub && in pf_normalize_tcp_stateful()
3142 (src->scrub->pfss_flags & PFSS_PAWS) && in pf_normalize_tcp_stateful()
3143 (dst->scrub->pfss_flags & PFSS_PAWS)) { in pf_normalize_tcp_stateful()
3171 if (pd->p_len > 0 && (src->scrub->pfss_flags & PFSS_DATA_TS)) { in pf_normalize_tcp_stateful()
3197 if (pd->p_len > 0 && src->scrub && (src->scrub->pfss_flags & in pf_normalize_tcp_stateful()
3200 src->scrub->pfss_flags |= PFSS_DATA_TS; in pf_normalize_tcp_stateful()
3202 src->scrub->pfss_flags |= PFSS_DATA_NOTS; in pf_normalize_tcp_stateful()
3203 if (pf_status.debug >= PF_DEBUG_MISC && dst->scrub && in pf_normalize_tcp_stateful()
3204 (dst->scrub->pfss_flags & PFSS_TIMESTAMP)) { in pf_normalize_tcp_stateful()
3220 if (got_ts && src->scrub && PFSS_TIMESTAMP == (src->scrub->pfss_flags & in pf_normalize_tcp_stateful()
3222 getmicrouptime(&src->scrub->pfss_last); in pf_normalize_tcp_stateful()
3223 if (SEQ_GEQ(tsval, src->scrub->pfss_tsval) || in pf_normalize_tcp_stateful()
3224 (src->scrub->pfss_flags & PFSS_PAWS) == 0) { in pf_normalize_tcp_stateful()
3225 src->scrub->pfss_tsval = tsval; in pf_normalize_tcp_stateful()
3229 if (SEQ_GEQ(tsecr, src->scrub->pfss_tsecr) || in pf_normalize_tcp_stateful()
3230 (src->scrub->pfss_flags & PFSS_PAWS) == 0) { in pf_normalize_tcp_stateful()
3231 src->scrub->pfss_tsecr = tsecr; in pf_normalize_tcp_stateful()
3234 if ((src->scrub->pfss_flags & PFSS_PAWS) == 0 && in pf_normalize_tcp_stateful()
3235 (SEQ_LT(tsval, src->scrub->pfss_tsval0) || in pf_normalize_tcp_stateful()
3236 src->scrub->pfss_tsval0 == 0)) { in pf_normalize_tcp_stateful()
3238 src->scrub->pfss_tsval0 = tsval; in pf_normalize_tcp_stateful()
3242 if ((src->scrub->pfss_flags & PFSS_PAWS) == 0) { in pf_normalize_tcp_stateful()
3243 src->scrub->pfss_flags |= PFSS_PAWS; in pf_normalize_tcp_stateful()