Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import IPFilter 4.1.19

This commit is contained in:
martin 2007-04-14 20:17:19 +00:00
parent 9e62e47cbb
commit 993d757ec6
181 changed files with 3282 additions and 936 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

350
dist/ipf/BSD/ipfadm-rcd vendored Normal file
View File

@ -0,0 +1,350 @@
#!/bin/sh
#
# Copyright (C) 2006 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
prog=$0
RCD=/etc/rc.conf.d
# This script is an interface to the following rc.d scripts:
# /etc/rc.d/ipfilter
# /etc/rc.d/ipfs
# /etc/rc.d/ipnat
# /etc/rc.d/ipmon
running=`ipf -V 2>/dev/null|sed -ne 's/Running: \(.*\)/\1/p'`
usage() {
echo "$prog status"
echo "$prog ipfilter <enable|disable|reload|resync|start|status|stop>"
echo "$prog ipfs <enable|disable|status|start|stop>"
echo "$prog ipmon <enable|disable|restart|start|status|stop>"
echo "$prog ipnat <enable|disable|reload|start|status|stop>"
exit 1
}
enable() {
old=${RCD}/$1.old
new=${RCD}/$1
mkdir ${RCD}/$1.d
if [ $? -eq 0 ] ; then
if [ -f ${RCD}/$1 ] ; then
cp ${RCD}/$1 ${RCD}/$1.old
sed -e "s/^${1} *\=.*/${1}\=YES/" ${old} > ${new}
/bin/rm ${old}
else
echo "$1=YES" > ${RCD}/$1
chmod go-wx ${RCD}/$1
fi
rmdir ${RCD}/$1.d
fi
}
disable() {
old=${RCD}/$1.old
new=${RCD}/$1
mkdir ${RCD}/$1.d
if [ $? -eq 0 ] ; then
if [ -f ${RCD}/$1 ] ; then
cp ${RCD}/$1 ${RCD}/$1.old
sed -e "s/^${1} *\=.*/${1}\=NO/" ${old} > ${new}
/bin/rm ${old}
else
echo "$1=NO" > ${RCD}/$1
chmod go-wx ${RCD}/$1
fi
rmdir ${RCD}/$1.d
fi
}
status() {
active=`/etc/rc.d/$1 rcvar|sed -ne "s/^$""${1}\=\(.*\)$/\1/p"`
case $active in
NO)
return 0
;;
YES)
return 1
;;
esac
return 2
}
status_ipmon() {
echo -n "ipmon "
pid=`pgrep ipmon`
status ipmon
case $? in
0)
if [ -n "$pid" ] ; then
echo "disabled-but-running"
else
echo "disabled"
fi
;;
1)
if [ -n "$pid" ] ; then
echo "enabled"
else
echo "enabled-not-running"
fi
;;
2)
if [ -n "$pid" ] ; then
echo "unknown-state-running"
else
echo "unknown-state"
fi
;;
esac
}
status_ipfilter() {
if [ -z "$running" ] ; then
rules=
emsg="-not-in-kernel"
dmsg=
else
case $running in
yes)
emsg=
dmsg="-rules-loaded"
rules=`ipfstat -io 2>/dev/null`
if [ -z "$rules" ] ; then
rules=`ipfstat -aio 2>/dev/null`
if [ -z "$rules" ] ; then
emsg="-no-rules"
dmsg=
fi
fi
;;
no)
rules=
emsg="-not-running"
dmsg=
;;
esac
fi
echo -n "ipfilter "
status ipfilter
case $? in
0)
echo "disabled${dmsg}"
;;
1)
echo "enabled${emsg}"
;;
2)
if [ -n "$rules" ] ; then
echo "unknown${dmsg}"
else
echo "unknown-state"
fi
;;
esac
}
status_ipnat() {
if [ -z "$running" ] ; then
rules=
emsg="-not-in-kernel"
dmsg=
else
case $running in
yes)
emsg=
dmsg="-rules-loaded"
rules=`ipnat -l 2>/dev/null | egrep '^map|rdr' 2>/dev/null`
if [ -z "$rules" ] ; then
emsg="-no-rules"
dmsg=
fi
;;
no)
rules=
emsg="-not-running"
dmsg=
;;
esac
fi
echo -n "ipnat "
status ipnat
case $? in
0)
echo "disabled${dmsg}"
;;
1)
echo "enabled${dmsg}"
;;
2)
if [ -n "$rules" ] ; then
echo "unknown${dmsg}"
else
echo "unknown-state"
fi
;;
esac
}
status_ipfs() {
status ipfs
report ipfs $?
}
report() {
echo -n "$1 "
case $2 in
0)
echo "disabled"
;;
1)
echo "enabled"
;;
2)
echo "unknown-status"
;;
*)
echo "$2"
;;
esac
}
do_ipfilter() {
case $1 in
enable)
enable ipfilter
;;
disable)
disable ipfilter
;;
reload)
/etc/rc.d/ipfilter reload
;;
resync)
/etc/rc.d/ipfilter resync
;;
start)
/etc/rc.d/ipfilter start
;;
status)
status_ipfilter
;;
stop)
/etc/rc.d/ipfilter stop
;;
*)
usage
;;
esac
}
do_ipfs() {
case $1 in
enable)
enable ipfs
;;
disable)
disble ipfs
;;
start)
/etc/rc.d/ipfs start
;;
status)
status_ipfs
;;
stop)
/etc/rc.d/ipfs stop
;;
*)
usage
;;
esac
}
do_ipmon() {
case $1 in
enable)
enable ipmon
;;
disable)
disble ipmon
;;
restart)
/etc/rc.d/ipmon restart
;;
start)
/etc/rc.d/ipmon start
;;
status)
status_ipmon
;;
stop)
/etc/rc.d/ipmon stop
;;
*)
usage
;;
esac
}
do_ipnat() {
case $1 in
enable)
enable ipnat
;;
disable)
disable ipnat
;;
reload)
/etc/rc.d/ipnat reload
;;
restart)
/etc/rc.d/ipnat restart
;;
start)
/etc/rc.d/ipnat start
;;
status)
status_ipnat
;;
stop)
/etc/rc.d/ipnat stop
;;
*)
usage
;;
esac
}
do_status_all() {
status_ipfilter
status_ipfs
status_ipmon
status_ipnat
}
case $1 in
status)
do_status_all
;;
ipfilter)
do_ipfilter $2
;;
ipfs)
do_ipfs $2
;;
ipmon)
do_ipmon $2
;;
ipnat)
do_ipnat $2
;;
*)
usage
;;
esac
exit 0

3
dist/ipf/BugReport vendored
View File

@ -1,3 +1,6 @@
Please submit this information at ipfilter.sourceforge.net and via
email to darrenr@reed.wattle.id.au.
IP Filter bug report form.
--------------------------
IP Filter Version:

414
dist/ipf/ip_htable.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_htable.c,v 1.1.1.3 2006/04/04 16:08:35 martti Exp $ */
/* $NetBSD: ip_htable.c,v 1.1.1.4 2007/04/14 20:17:22 martin Exp $ */
/*
* Copyright (C) 1993-2001, 2003 by Darren Reed.
@ -53,7 +53,7 @@ struct file;
/* END OF INCLUDES */
#if !defined(lint)
static const char rcsid[] = "@(#)Id: ip_htable.c,v 2.34.2.4 2005/11/13 15:38:37 darrenr Exp";
static const char rcsid[] = "@(#)Id: ip_htable.c,v 2.34.2.9 2007/02/02 23:06:16 darrenr Exp";
#endif
#ifdef IPFILTER_LOOKUP
@ -103,30 +103,36 @@ iplookupop_t *op;
char name[FR_GROUPLEN];
int err, i, unit;
KMALLOC(iph, iphtable_t *);
if (iph == NULL) {
ipht_nomem[op->iplo_unit]++;
return ENOMEM;
}
err = COPYIN(op->iplo_struct, iph, sizeof(*iph));
if (err != 0) {
KFREE(iph);
return EFAULT;
}
unit = op->iplo_unit;
if ((op->iplo_arg & IPHASH_ANON) == 0)
iph = fr_existshtable(unit, op->iplo_name);
else
iph = NULL;
if (iph == NULL) {
KMALLOC(iph, iphtable_t *);
if (iph == NULL) {
ipht_nomem[op->iplo_unit]++;
return ENOMEM;
}
err = COPYIN(op->iplo_struct, iph, sizeof(*iph));
if (err != 0) {
KFREE(iph);
return EFAULT;
}
} else {
if ((iph->iph_flags & IPHASH_DELETE) == 0)
return EEXIST;
}
if (iph->iph_unit != unit) {
KFREE(iph);
if ((iph->iph_flags & IPHASH_DELETE) == 0) {
KFREE(iph);
}
return EINVAL;
}
if ((op->iplo_arg & IPHASH_ANON) == 0) {
if (fr_findhtable(op->iplo_unit, op->iplo_name) != NULL) {
KFREE(iph);
return EEXIST;
}
} else {
if ((op->iplo_arg & IPHASH_ANON) != 0) {
i = IPHASH_ANON;
do {
i++;
@ -147,24 +153,33 @@ iplookupop_t *op;
iph->iph_type |= IPHASH_ANON;
}
KMALLOCS(iph->iph_table, iphtent_t **,
iph->iph_size * sizeof(*iph->iph_table));
if (iph->iph_table == NULL) {
KFREE(iph);
ipht_nomem[unit]++;
return ENOMEM;
if ((iph->iph_flags & IPHASH_DELETE) == 0) {
KMALLOCS(iph->iph_table, iphtent_t **,
iph->iph_size * sizeof(*iph->iph_table));
if (iph->iph_table == NULL) {
if ((iph->iph_flags & IPHASH_DELETE) == 0) {
KFREE(iph);
}
ipht_nomem[unit]++;
return ENOMEM;
}
bzero((char *)iph->iph_table,
iph->iph_size * sizeof(*iph->iph_table));
iph->iph_masks = 0;
iph->iph_list = NULL;
iph->iph_ref = 1;
iph->iph_next = ipf_htables[unit];
iph->iph_pnext = &ipf_htables[unit];
if (ipf_htables[unit] != NULL)
ipf_htables[unit]->iph_pnext = &iph->iph_next;
ipf_htables[unit] = iph;
ipf_nhtables[unit]++;
}
bzero((char *)iph->iph_table, iph->iph_size * sizeof(*iph->iph_table));
iph->iph_masks = 0;
iph->iph_next = ipf_htables[unit];
iph->iph_pnext = &ipf_htables[unit];
if (ipf_htables[unit] != NULL)
ipf_htables[unit]->iph_pnext = &iph->iph_next;
ipf_htables[unit] = iph;
ipf_nhtables[unit]++;
iph->iph_flags &= ~IPHASH_DELETE;
return 0;
}
@ -172,22 +187,24 @@ iplookupop_t *op;
/*
*/
int fr_removehtable(op)
iplookupop_t *op;
int fr_removehtable(unit, name)
int unit;
char *name;
{
iphtable_t *iph;
iph = fr_findhtable(op->iplo_unit, op->iplo_name);
iph = fr_findhtable(unit, name);
if (iph == NULL)
return ESRCH;
if (iph->iph_unit != op->iplo_unit) {
if (iph->iph_unit != unit) {
return EINVAL;
}
if (iph->iph_ref != 0) {
return EBUSY;
(void) fr_clearhtable(iph);
iph->iph_flags |= IPHASH_DELETE;
return 0;
}
fr_delhtable(iph);
@ -196,40 +213,106 @@ iplookupop_t *op;
}
void fr_delhtable(iph)
int fr_clearhtable(iph)
iphtable_t *iph;
{
iphtent_t *ipe;
int i;
for (i = 0; i < iph->iph_size; i++)
while ((ipe = iph->iph_table[i]) != NULL)
if (fr_delhtent(iph, ipe) != 0)
return;
while ((ipe = iph->iph_list) != NULL)
if (fr_delhtent(iph, ipe) != 0)
return 1;
return 0;
}
*iph->iph_pnext = iph->iph_next;
int fr_delhtable(iph)
iphtable_t *iph;
{
if (fr_clearhtable(iph) != 0)
return 1;
if (iph->iph_pnext != NULL)
*iph->iph_pnext = iph->iph_next;
if (iph->iph_next != NULL)
iph->iph_next->iph_pnext = iph->iph_pnext;
ipf_nhtables[iph->iph_unit]--;
return fr_derefhtable(iph);
}
/*
* Delete an entry from a hash table.
*/
int fr_delhtent(iph, ipe)
iphtable_t *iph;
iphtent_t *ipe;
{
if (ipe->ipe_phnext != NULL)
*ipe->ipe_phnext = ipe->ipe_hnext;
if (ipe->ipe_hnext != NULL)
ipe->ipe_hnext->ipe_phnext = ipe->ipe_phnext;
if (ipe->ipe_pnext != NULL)
*ipe->ipe_pnext = ipe->ipe_next;
if (ipe->ipe_next != NULL)
ipe->ipe_next->ipe_pnext = ipe->ipe_pnext;
switch (iph->iph_type & ~IPHASH_ANON)
{
case IPHASH_GROUPMAP :
if (ipe->ipe_group != NULL)
fr_delgroup(ipe->ipe_group, IPL_LOGIPF, fr_active);
break;
default :
ipe->ipe_ptr = NULL;
ipe->ipe_value = 0;
break;
}
return fr_derefhtent(ipe);
}
int fr_derefhtable(iph)
iphtable_t *iph;
{
int refs;
iph->iph_ref--;
refs = iph->iph_ref;
if (iph->iph_ref == 0) {
KFREES(iph->iph_table, iph->iph_size * sizeof(*iph->iph_table));
KFREE(iph);
}
return refs;
}
void fr_derefhtable(iph)
iphtable_t *iph;
int fr_derefhtent(ipe)
iphtent_t *ipe;
{
iph->iph_ref--;
if (iph->iph_ref == 0)
fr_delhtable(iph);
ipe->ipe_ref--;
if (ipe->ipe_ref == 0) {
ipf_nhtnodes[ipe->ipe_unit]--;
KFREE(ipe);
return 0;
}
return ipe->ipe_ref;
}
iphtable_t *fr_findhtable(unit, name)
iphtable_t *fr_existshtable(unit, name)
int unit;
char *name;
{
@ -242,6 +325,20 @@ char *name;
}
iphtable_t *fr_findhtable(unit, name)
int unit;
char *name;
{
iphtable_t *iph;
iph = fr_existshtable(unit, name);
if ((iph != NULL) && (iph->iph_flags & IPHASH_DELETE) == 0)
return iph;
return NULL;
}
size_t fr_flushhtable(op)
iplookupflush_t *op;
{
@ -254,8 +351,11 @@ iplookupflush_t *op;
for (i = 0; i <= IPL_LOGMAX; i++) {
if (op->iplf_unit == i || op->iplf_unit == IPL_LOGALL) {
while ((iph = ipf_htables[i]) != NULL) {
fr_delhtable(iph);
freed++;
if (fr_delhtable(iph) == 0) {
freed++;
} else {
iph->iph_flags |= IPHASH_DELETE;
}
}
}
}
@ -287,13 +387,20 @@ iphtent_t *ipeo;
hv = IPE_HASH_FN(ipe->ipe_addr.in4_addr, ipe->ipe_mask.in4_addr,
iph->iph_size);
ipe->ipe_ref = 0;
ipe->ipe_next = iph->iph_table[hv];
ipe->ipe_pnext = iph->iph_table + hv;
ipe->ipe_ref = 1;
ipe->ipe_hnext = iph->iph_table[hv];
ipe->ipe_phnext = iph->iph_table + hv;
if (iph->iph_table[hv] != NULL)
iph->iph_table[hv]->ipe_pnext = &ipe->ipe_next;
iph->iph_table[hv]->ipe_phnext = &ipe->ipe_hnext;
iph->iph_table[hv] = ipe;
ipe->ipe_next = iph->iph_list;
ipe->ipe_pnext = &iph->iph_list;
if (ipe->ipe_next != NULL)
ipe->ipe_next->ipe_pnext = &ipe->ipe_next;
iph->iph_list = ipe;
if ((bits >= 0) && (bits != 32))
iph->iph_masks |= 1 << bits;
@ -311,44 +418,8 @@ iphtent_t *ipeo;
break;
}
ipf_nhtnodes[iph->iph_unit]++;
return 0;
}
/*
* Delete an entry from a hash table.
*/
int fr_delhtent(iph, ipe)
iphtable_t *iph;
iphtent_t *ipe;
{
if (ipe->ipe_ref != 0)
return EBUSY;
*ipe->ipe_pnext = ipe->ipe_next;
if (ipe->ipe_next != NULL)
ipe->ipe_next->ipe_pnext = ipe->ipe_pnext;
switch (iph->iph_type & ~IPHASH_ANON)
{
case IPHASH_GROUPMAP :
if (ipe->ipe_group != NULL)
fr_delgroup(ipe->ipe_group, IPL_LOGIPF, fr_active);
break;
default :
ipe->ipe_ptr = NULL;
ipe->ipe_value = 0;
break;
}
KFREE(ipe);
ipf_nhtnodes[iph->iph_unit]--;
ipe->ipe_unit = iph->iph_unit;
ipf_nhtnodes[ipe->ipe_unit]++;
return 0;
}
@ -379,22 +450,22 @@ void *tptr, *aptr;
/* ------------------------------------------------------------------------ */
/* Function: fr_iphmfindip */
/* Returns: int - 0 == +ve match, -1 == error, 1 == -ve/no match */
/* Parameters: tptr(I) - pointer to the pool to search */
/* version(I) - IP protocol version (4 or 6) */
/* aptr(I) - pointer to address information */
/* Parameters: tptr(I) - pointer to the pool to search */
/* ipversion(I) - IP protocol version (4 or 6) */
/* aptr(I) - pointer to address information */
/* */
/* Search the hash table for a given address and return a search result. */
/* ------------------------------------------------------------------------ */
int fr_iphmfindip(tptr, version, aptr)
int fr_iphmfindip(tptr, ipversion, aptr)
void *tptr, *aptr;
int version;
int ipversion;
{
struct in_addr *addr;
iphtable_t *iph;
iphtent_t *ipe;
int rval;
if (version != 4)
if (ipversion != 4)
return -1;
if (tptr == NULL || aptr == NULL)
@ -428,7 +499,7 @@ struct in_addr *addr;
maskloop:
ips = ntohl(addr->s_addr) & msk;
hv = IPE_HASH_FN(ips, msk, iph->iph_size);
for (ipe = iph->iph_table[hv]; (ipe != NULL); ipe = ipe->ipe_next) {
for (ipe = iph->iph_table[hv]; (ipe != NULL); ipe = ipe->ipe_hnext) {
if (ipe->ipe_mask.in4_addr != msk ||
ipe->ipe_addr.in4_addr != ips) {
continue;
@ -451,4 +522,133 @@ maskloop:
return ipe;
}
int fr_htable_getnext(token, ilp)
ipftoken_t *token;
ipflookupiter_t *ilp;
{
iphtent_t *node, zn, *nextnode;
iphtable_t *iph, zp, *nextiph;
int err;
err = 0;
iph = NULL;
node = NULL;
nextiph = NULL;
nextnode = NULL;
READ_ENTER(&ip_poolrw);
switch (ilp->ili_otype)
{
case IPFLOOKUPITER_LIST :
iph = token->ipt_data;
if (iph == NULL) {
nextiph = ipf_htables[(int)ilp->ili_unit];
} else {
nextiph = iph->iph_next;
}
if (nextiph != NULL) {
ATOMIC_INC(nextiph->iph_ref);
if (nextiph->iph_next == NULL)
token->ipt_alive = 0;
} else {
bzero((char *)&zp, sizeof(zp));
nextiph = &zp;
}
break;
case IPFLOOKUPITER_NODE :
node = token->ipt_data;
if (node == NULL) {
iph = fr_findhtable(ilp->ili_unit, ilp->ili_name);
if (iph == NULL)
err = ESRCH;
else {
nextnode = iph->iph_list;
}
} else {
nextnode = node->ipe_next;
}
if (nextnode != NULL) {
ATOMIC_INC(nextnode->ipe_ref);
if (nextnode->ipe_next == NULL)
token->ipt_alive = 0;
} else {
bzero((char *)&zn, sizeof(zn));
nextnode = &zn;
}
break;
default :
err = EINVAL;
break;
}
RWLOCK_EXIT(&ip_poolrw);
if (err != 0)
return err;
switch (ilp->ili_otype)
{
case IPFLOOKUPITER_LIST :
if (iph != NULL) {
WRITE_ENTER(&ip_poolrw);
fr_derefhtable(iph);
RWLOCK_EXIT(&ip_poolrw);
}
token->ipt_data = nextiph;
err = COPYOUT(nextiph, ilp->ili_data, sizeof(*nextiph));
if (err != 0)
err = EFAULT;
break;
case IPFLOOKUPITER_NODE :
if (node != NULL) {
WRITE_ENTER(&ip_poolrw);
fr_derefhtent(node);
RWLOCK_EXIT(&ip_poolrw);
}
token->ipt_data = nextnode;
err = COPYOUT(nextnode, ilp->ili_data, sizeof(*nextnode));
if (err != 0)
err = EFAULT;
break;
}
return err;
}
void fr_htable_iterderef(otype, unit, data)
u_int otype;
int unit;
void *data;
{
if (data == NULL)
return;
if (unit < 0 || unit > IPL_LOGMAX)
return;
switch (otype)
{
case IPFLOOKUPITER_LIST :
WRITE_ENTER(&ip_poolrw);
fr_derefhtable((iphtable_t *)data);
RWLOCK_EXIT(&ip_poolrw);
break;
case IPFLOOKUPITER_NODE :
WRITE_ENTER(&ip_poolrw);
fr_derefhtent((iphtent_t *)data);
RWLOCK_EXIT(&ip_poolrw);
break;
default :
break;
}
}
#endif /* IPFILTER_LOOKUP */

17
dist/ipf/ip_htable.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_htable.h,v 1.1.1.1 2004/03/28 08:55:38 martti Exp $ */
/* $NetBSD: ip_htable.h,v 1.1.1.2 2007/04/14 20:17:22 martin Exp $ */
#ifndef __IP_HTABLE_H__
#define __IP_HTABLE_H__
@ -7,10 +7,12 @@
typedef struct iphtent_s {
struct iphtent_s *ipe_next, **ipe_pnext;
struct iphtent_s *ipe_hnext, **ipe_phnext;
void *ipe_ptr;
i6addr_t ipe_addr;
i6addr_t ipe_mask;
int ipe_ref;
int ipe_unit;
union {
char ipeu_char[16];
u_long ipeu_long;
@ -28,6 +30,7 @@ typedef struct iphtable_s {
ipfrwlock_t iph_rwlock;
struct iphtable_s *iph_next, **iph_pnext;
struct iphtent_s **iph_table;
struct iphtent_s *iph_list;
size_t iph_size; /* size of hash table */
u_long iph_seed; /* hashing seed */
u_32_t iph_flags;
@ -41,6 +44,7 @@ typedef struct iphtable_s {
/* iph_type */
#define IPHASH_LOOKUP 0
#define IPHASH_GROUPMAP 1
#define IPHASH_DELETE 2
#define IPHASH_ANON 0x80000000
@ -55,17 +59,22 @@ typedef struct iphtstat_s {
extern iphtable_t *ipf_htables[IPL_LOGSIZE];
extern iphtable_t *fr_existshtable __P((int, char *));
extern int fr_clearhtable __P((iphtable_t *));
extern void fr_htable_unload __P((void));
extern int fr_newhtable __P((iplookupop_t *));
extern iphtable_t *fr_findhtable __P((int, char *));
extern int fr_removehtable __P((iplookupop_t *));
extern int fr_removehtable __P((int, char *));
extern size_t fr_flushhtable __P((iplookupflush_t *));
extern int fr_addhtent __P((iphtable_t *, iphtent_t *));
extern int fr_delhtent __P((iphtable_t *, iphtent_t *));
extern void fr_derefhtable __P((iphtable_t *));
extern void fr_delhtable __P((iphtable_t *));
extern int fr_derefhtable __P((iphtable_t *));
extern int fr_derefhtent __P((iphtent_t *));
extern int fr_delhtable __P((iphtable_t *));
extern void *fr_iphmfindgroup __P((void *, void *));
extern int fr_iphmfindip __P((void *, int, void *));
extern int fr_gethtablestat __P((iplookupop_t *));
extern int fr_htable_getnext __P((ipftoken_t *, ipflookupiter_t *));
extern void fr_htable_iterderef __P((u_int, int, void *));
#endif /* __IP_HTABLE_H__ */

6
dist/ipf/ip_irc_pxy.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: ip_irc_pxy.c,v 1.1.1.5 2006/04/04 16:08:36 martti Exp $ */
/* $NetBSD: ip_irc_pxy.c,v 1.1.1.6 2007/04/14 20:17:23 martin Exp $ */
/*
* Copyright (C) 2000-2003 Darren Reed
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: ip_irc_pxy.c,v 2.39.2.5 2005/12/04 23:39:27 darrenr Exp
* Id: ip_irc_pxy.c,v 2.39.2.6 2006/07/14 06:12:14 darrenr Exp
*/
#define IPF_IRC_PROXY
@ -417,7 +417,7 @@ nat_t *nat;
(void) fr_addstate(&fi, NULL, SI_W_DPORT);
if (fi.fin_state != NULL)
fr_statederef(&fi, (ipstate_t **)&fi.fin_state);
fr_statederef((ipstate_t **)&fi.fin_state);
}
ip->ip_src = swip;
}

37
dist/ipf/ip_lookup.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_lookup.h,v 1.1.1.2 2006/04/04 16:08:37 martti Exp $ */
/* $NetBSD: ip_lookup.h,v 1.1.1.3 2007/04/14 20:17:23 martin Exp $ */
#ifndef __IP_LOOKUP_H__
@ -35,6 +35,9 @@ typedef struct iplookupop {
void *iplo_struct;
} iplookupop_t;
#define LOOKUP_ANON 0x80000000
typedef struct iplookupflush {
int iplf_type; /* IPLT_* */
int iplf_unit; /* IPL_LOG* */
@ -57,9 +60,39 @@ typedef struct iplookuplink {
#define IPLT_ANON 0x80000000
typedef union {
struct iplookupiterkey {
char ilik_ival;
u_char ilik_type; /* IPLT_* */
u_char ilik_otype;
char ilik_unit; /* IPL_LOG* */
} ilik_unstr;
u_32_t ilik_key;
} iplookupiterkey_t;
typedef struct ipflookupiter {
int ili_nitems;
iplookupiterkey_t ili_lkey;
char ili_name[FR_GROUPLEN];
void *ili_data;
} ipflookupiter_t;
#define ili_key ili_lkey.ilik_key
#define ili_ival ili_lkey.ilik_unstr.ilik_ival
#define ili_unit ili_lkey.ilik_unstr.ilik_unit
#define ili_type ili_lkey.ilik_unstr.ilik_type
#define ili_otype ili_lkey.ilik_unstr.ilik_otype
#define IPFLOOKUPITER_LIST 0
#define IPFLOOKUPITER_NODE 1
extern int ip_lookup_init __P((void));
extern int ip_lookup_ioctl __P((caddr_t, ioctlcmd_t, int));
extern int ip_lookup_ioctl __P((caddr_t, ioctlcmd_t, int, int, void *));
extern void ip_lookup_unload __P((void));
extern void ip_lookup_deref __P((int, void *));
extern int ip_lookup_iterate __P((void *, int, void *));
extern void ip_lookup_iterderef __P((u_32_t, void *));
#endif /* __IP_LOOKUP_H__ */

369
dist/ipf/ip_pool.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_pool.c,v 1.1.1.5 2006/04/04 16:08:41 martti Exp $ */
/* $NetBSD: ip_pool.c,v 1.1.1.6 2007/04/14 20:17:23 martin Exp $ */
/*
* Copyright (C) 1993-2001, 2003 by Darren Reed.
@ -57,9 +57,6 @@ struct file;
#if defined(_KERNEL) && (defined(__osf__) || defined(AIX) || \
defined(__hpux) || defined(__sgi))
# ifdef __osf__
# include <net/radix.h>
# endif
# include "radix_ipf_local.h"
# define _RADIX_H_
#endif
@ -80,7 +77,7 @@ static int rn_freenode __P((struct radix_node *, void *));
#if !defined(lint)
static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed";
static const char rcsid[] = "@(#)Id: ip_pool.c,v 2.55.2.15 2005/11/13 15:38:37 darrenr Exp";
static const char rcsid[] = "@(#)Id: ip_pool.c,v 2.55.2.19 2007/02/17 12:41:42 darrenr Exp";
#endif
#ifdef IPFILTER_LOOKUP
@ -92,6 +89,9 @@ static const char rcsid[] = "@(#)Id: ip_pool.c,v 2.55.2.15 2005/11/13 15:38:37 d
# define RADIX_NODE_HEAD_UNLOCK(x) ;
# endif
static void ip_pool_clearnodes __P((ip_pool_t *));
static void *ip_pool_exists __P((int, char *));
ip_pool_stat_t ipoolstat;
ipfrwlock_t ip_poolrw;
@ -139,7 +139,7 @@ main(argc, argv)
strcpy(op.iplo_name, "0");
if (ip_pool_create(&op) == 0)
ipo = ip_pool_find(0, "0");
ipo = ip_pool_exists(0, "0");
a.adf_addr.in4.s_addr = 0x0a010203;
b.adf_addr.in4.s_addr = 0xffffffff;
@ -264,18 +264,14 @@ int ip_pool_init()
void ip_pool_fini()
{
ip_pool_t *p, *q;
iplookupop_t op;
int i;
ASSERT(rw_read_locked(&ipf_global.ipf_lk) == 0);
for (i = 0; i <= IPL_LOGMAX; i++) {
for (q = ip_pool_list[i]; (p = q) != NULL; ) {
op.iplo_unit = i;
(void)strncpy(op.iplo_name, p->ipo_name,
sizeof(op.iplo_name));
q = p->ipo_next;
(void) ip_pool_destroy(&op);
(void) ip_pool_destroy(i, p->ipo_name);
}
}
@ -309,8 +305,8 @@ iplookupop_t *op;
stats.ipls_list[i] = ip_pool_list[i];
} else if (unit >= 0 && unit < IPL_LOGSIZE) {
if (op->iplo_name[0] != '\0')
stats.ipls_list[unit] = ip_pool_find(unit,
op->iplo_name);
stats.ipls_list[unit] = ip_pool_exists(unit,
op->iplo_name);
else
stats.ipls_list[unit] = ip_pool_list[unit];
} else
@ -321,16 +317,15 @@ iplookupop_t *op;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_find */
/* Function: ip_pool_exists */
/* Returns: int - 0 = success, else error */
/* Parameters: ipo(I) - pointer to the pool getting the new node. */
/* */
/* Find a matching pool inside the collection of pools for a particular */
/* device, indicated by the unit number. */
/* ------------------------------------------------------------------------ */
void *ip_pool_find(unit, name)
static void *ip_pool_exists(unit, name)
int unit;
char *name;
{
@ -343,6 +338,29 @@ char *name;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_find */
/* Returns: int - 0 = success, else error */
/* Parameters: ipo(I) - pointer to the pool getting the new node. */
/* */
/* Find a matching pool inside the collection of pools for a particular */
/* device, indicated by the unit number. If it is marked for deletion then */
/* pretend it does not exist. */
/* ------------------------------------------------------------------------ */
void *ip_pool_find(unit, name)
int unit;
char *name;
{
ip_pool_t *p;
p = ip_pool_exists(unit, name);
if ((p != NULL) && (p->ipo_flags & IPOOL_DELETE))
return NULL;
return p;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_findeq */
/* Returns: int - 0 = success, else error */
@ -477,6 +495,7 @@ int info;
return ENOMEM;
}
x->ipn_ref = 1;
x->ipn_next = ipo->ipo_list;
x->ipn_pnext = &ipo->ipo_list;
if (ipo->ipo_list != NULL)
@ -500,6 +519,10 @@ int info;
/* when being inserted - assume this has already been done. If the pool is */
/* marked as being anonymous, give it a new, unique, identifier. Call any */
/* other functions required to initialise the structure. */
/* */
/* If the structure is flagged for deletion then reset the flag and return, */
/* as this likely means we've tried to free a pool that is in use (flush) */
/* and now want to repopulate it with "new" data. */
/* ------------------------------------------------------------------------ */
int ip_pool_create(op)
iplookupop_t *op;
@ -510,23 +533,37 @@ iplookupop_t *op;
ASSERT(rw_read_locked(&ip_poolrw.ipf_lk) == 0);
KMALLOC(h, ip_pool_t *);
if (h == NULL)
return ENOMEM;
bzero(h, sizeof(*h));
if (rn_inithead((void **)&h->ipo_head,
offsetof(addrfamily_t, adf_addr) << 3) == 0) {
KFREE(h);
return ENOMEM;
}
unit = op->iplo_unit;
if ((op->iplo_arg & IPOOL_ANON) != 0) {
if ((op->iplo_arg & LOOKUP_ANON) == 0)
h = ip_pool_exists(unit, op->iplo_name);
else
h = NULL;
if (h != NULL) {
if ((h->ipo_flags & IPOOL_DELETE) != 0) {
h->ipo_flags &= ~IPOOL_DELETE;
return 0;
}
return EEXIST;
} else {
KMALLOC(h, ip_pool_t *);
if (h == NULL)
return ENOMEM;
bzero(h, sizeof(*h));
if (rn_inithead((void **)&h->ipo_head,
offsetof(addrfamily_t, adf_addr) << 3) == 0) {
KFREE(h);
return ENOMEM;
}
}
if ((op->iplo_arg & LOOKUP_ANON) != 0) {
ip_pool_t *p;
poolnum = IPOOL_ANON;
h->ipo_flags |= IPOOL_ANON;
poolnum = LOOKUP_ANON;
#if defined(SNPRINTF) && defined(_KERNEL)
SNPRINTF(name, sizeof(name), "%x", poolnum);
@ -551,19 +588,21 @@ iplookupop_t *op;
(void)strncpy(h->ipo_name, name, sizeof(h->ipo_name));
(void)strncpy(op->iplo_name, name, sizeof(op->iplo_name));
} else {
(void) strncpy(h->ipo_name, op->iplo_name, sizeof(h->ipo_name));
(void)strncpy(h->ipo_name, op->iplo_name, sizeof(h->ipo_name));
}
h->ipo_ref = 1;
h->ipo_list = NULL;
h->ipo_unit = unit;
h->ipo_next = ip_pool_list[unit];
if (ip_pool_list[unit] != NULL)
ip_pool_list[unit]->ipo_pnext = &h->ipo_next;
h->ipo_pnext = &ip_pool_list[unit];
ip_pool_list[unit] = h;
if ((h->ipo_flags & IPOOL_DELETE) == 0) {
h->ipo_ref = 1;
h->ipo_list = NULL;
h->ipo_unit = unit;
h->ipo_next = ip_pool_list[unit];
if (ip_pool_list[unit] != NULL)
ip_pool_list[unit]->ipo_pnext = &h->ipo_next;
h->ipo_pnext = &ip_pool_list[unit];
ip_pool_list[unit] = h;
ipoolstat.ipls_pools++;
ipoolstat.ipls_pools++;
}
return 0;
}
@ -576,36 +615,26 @@ iplookupop_t *op;
/* ipe(I) - address being deleted as a node */
/* Locks: WRITE(ip_poolrw) */
/* */
/* Add another node to the pool given by ipo. The three parameters passed */
/* in (addr, mask, info) shold all be stored in the node. */
/* Remove a node from the pool given by ipo. */
/* ------------------------------------------------------------------------ */
int ip_pool_remove(ipo, ipe)
ip_pool_t *ipo;
ip_pool_node_t *ipe;
{
ip_pool_node_t **ipp, *n;
ASSERT(rw_read_locked(&ip_poolrw.ipf_lk) == 0);
for (ipp = &ipo->ipo_list; (n = *ipp) != NULL; ipp = &n->ipn_next) {
if (ipe == n) {
*n->ipn_pnext = n->ipn_next;
if (n->ipn_next)
n->ipn_next->ipn_pnext = n->ipn_pnext;
break;
}
}
if (n == NULL)
return ENOENT;
if (ipe->ipn_pnext != NULL)
*ipe->ipn_pnext = ipe->ipn_next;
if (ipe->ipn_next != NULL)
ipe->ipn_next->ipn_pnext = ipe->ipn_pnext;
RADIX_NODE_HEAD_LOCK(ipo->ipo_head);
ipo->ipo_head->rnh_deladdr(&n->ipn_addr, &n->ipn_mask,
ipo->ipo_head->rnh_deladdr(&ipe->ipn_addr, &ipe->ipn_mask,
ipo->ipo_head);
RADIX_NODE_HEAD_UNLOCK(ipo->ipo_head);
KFREE(n);
ipoolstat.ipls_nodes--;
ip_pool_node_deref(ipe);
return 0;
}
@ -618,23 +647,28 @@ ip_pool_node_t *ipe;
/* Locks: WRITE(ip_poolrw) or WRITE(ipf_global) */
/* */
/* Search for a pool using paramters passed in and if it's not otherwise */
/* busy, free it. */
/* busy, free it. If it is busy, clear all of its nodes, mark it for being */
/* deleted and return an error saying it is busy. */
/* */
/* NOTE: Because this function is called out of ipldetach() where ip_poolrw */
/* NOTE: Because this function is called out of ipfdetach() where ip_poolrw */
/* may not be initialised, we can't use an ASSERT to enforce the locking */
/* assertion that one of the two (ip_poolrw,ipf_global) is held. */
/* ------------------------------------------------------------------------ */
int ip_pool_destroy(op)
iplookupop_t *op;
int ip_pool_destroy(unit, name)
int unit;
char *name;
{
ip_pool_t *ipo;
ipo = ip_pool_find(op->iplo_unit, op->iplo_name);
ipo = ip_pool_exists(unit, name);
if (ipo == NULL)
return ESRCH;
if (ipo->ipo_ref != 1)
return EBUSY;
if (ipo->ipo_ref != 1) {
ip_pool_clearnodes(ipo);
ipo->ipo_flags |= IPOOL_DELETE;
return 0;
}
ip_pool_free(ipo);
return 0;
@ -650,7 +684,7 @@ iplookupop_t *op;
/* Free all pools associated with the device that matches the unit number */
/* passed in with operation. */
/* */
/* NOTE: Because this function is called out of ipldetach() where ip_poolrw */
/* NOTE: Because this function is called out of ipfdetach() where ip_poolrw */
/* may not be initialised, we can't use an ASSERT to enforce the locking */
/* assertion that one of the two (ip_poolrw,ipf_global) is held. */
/* ------------------------------------------------------------------------ */
@ -671,7 +705,7 @@ iplookupflush_t *fp;
(void)strncpy(op.iplo_name, p->ipo_name,
sizeof(op.iplo_name));
q = p->ipo_next;
err = ip_pool_destroy(&op);
err = ip_pool_destroy(op.iplo_unit, op.iplo_name);
if (err == 0)
num++;
else
@ -692,12 +726,36 @@ iplookupflush_t *fp;
/* all of the address information stored in it, including any tree data */
/* structures also allocated. */
/* */
/* NOTE: Because this function is called out of ipldetach() where ip_poolrw */
/* NOTE: Because this function is called out of ipfdetach() where ip_poolrw */
/* may not be initialised, we can't use an ASSERT to enforce the locking */
/* assertion that one of the two (ip_poolrw,ipf_global) is held. */
/* ------------------------------------------------------------------------ */
void ip_pool_free(ipo)
ip_pool_t *ipo;
{
ip_pool_clearnodes(ipo);
if (ipo->ipo_next != NULL)
ipo->ipo_next->ipo_pnext = ipo->ipo_pnext;
*ipo->ipo_pnext = ipo->ipo_next;
rn_freehead(ipo->ipo_head);
KFREE(ipo);
ipoolstat.ipls_pools--;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_clearnodes */
/* Returns: void */
/* Parameters: ipo(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) or WRITE(ipf_global) */
/* */
/* Deletes all nodes stored in a pool structure. */
/* ------------------------------------------------------------------------ */
static void ip_pool_clearnodes(ipo)
ip_pool_t *ipo;
{
ip_pool_node_t *n;
@ -717,13 +775,6 @@ ip_pool_t *ipo;
RADIX_NODE_HEAD_UNLOCK(ipo->ipo_head);
ipo->ipo_list = NULL;
if (ipo->ipo_next != NULL)
ipo->ipo_next->ipo_pnext = ipo->ipo_pnext;
*ipo->ipo_pnext = ipo->ipo_next;
rn_freehead(ipo->ipo_head);
KFREE(ipo);
ipoolstat.ipls_pools--;
}
@ -743,8 +794,179 @@ ip_pool_t *ipo;
ASSERT(rw_read_locked(&ip_poolrw.ipf_lk) == 0);
ipo->ipo_ref--;
if (ipo->ipo_ref == 0)
ip_pool_free(ipo);
else if ((ipo->ipo_ref == 1) && (ipo->ipo_flags & IPOOL_DELETE))
ip_pool_destroy(ipo->ipo_unit, ipo->ipo_name);
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_node_deref */
/* Returns: void */
/* Parameters: ipn(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) */
/* */
/* Drop a reference to the pool node passed in and if we're the last, free */
/* it all up and adjust the stats accordingly. */
/* ------------------------------------------------------------------------ */
void ip_pool_node_deref(ipn)
ip_pool_node_t *ipn;
{
ipn->ipn_ref--;
if (ipn->ipn_ref == 0) {
KFREE(ipn);
ipoolstat.ipls_nodes--;
}
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_getnext */
/* Returns: void */
/* Parameters: token(I) - pointer to pool structure */
/* Parameters: ilp(IO) - pointer to pool iterating structure */
/* */
/* ------------------------------------------------------------------------ */
int ip_pool_getnext(token, ilp)
ipftoken_t *token;
ipflookupiter_t *ilp;
{
ip_pool_node_t *node, zn, *nextnode;
ip_pool_t *ipo, zp, *nextipo;
int err;
err = 0;
node = NULL;
nextnode = NULL;
ipo = NULL;
nextipo = NULL;
READ_ENTER(&ip_poolrw);
switch (ilp->ili_otype)
{
case IPFLOOKUPITER_LIST :
ipo = token->ipt_data;
if (ipo == NULL) {
nextipo = ip_pool_list[(int)ilp->ili_unit];
} else {
nextipo = ipo->ipo_next;
}
if (nextipo != NULL) {
ATOMIC_INC(nextipo->ipo_ref);
if (nextipo->ipo_next == NULL)
token->ipt_alive = 0;
} else {
bzero((char *)&zp, sizeof(zp));
nextipo = &zp;
}
break;
case IPFLOOKUPITER_NODE :
node = token->ipt_data;
if (node == NULL) {
ipo = ip_pool_exists(ilp->ili_unit, ilp->ili_name);
if (ipo == NULL)
err = ESRCH;
else {
nextnode = ipo->ipo_list;
ipo = NULL;
}
} else {
nextnode = node->ipn_next;
}
if (nextnode != NULL) {
ATOMIC_INC(nextnode->ipn_ref);
if (nextnode->ipn_next == NULL)
token->ipt_alive = 0;
} else {
bzero((char *)&zn, sizeof(zn));
nextnode = &zn;
}
break;
default :
err = EINVAL;
break;
}
RWLOCK_EXIT(&ip_poolrw);
if (err != 0)
return err;
switch (ilp->ili_otype)
{
case IPFLOOKUPITER_LIST :
if (ipo != NULL) {
WRITE_ENTER(&ip_poolrw);
ip_pool_deref(ipo);
RWLOCK_EXIT(&ip_poolrw);
}
token->ipt_data = nextipo;
err = COPYOUT(nextipo, ilp->ili_data, sizeof(*nextipo));
if (err != 0)
err = EFAULT;
break;
case IPFLOOKUPITER_NODE :
if (node != NULL) {
WRITE_ENTER(&ip_poolrw);
ip_pool_node_deref(node);
RWLOCK_EXIT(&ip_poolrw);
}
token->ipt_data = nextnode;
err = COPYOUT(nextnode, ilp->ili_data, sizeof(*nextnode));
if (err != 0)
err = EFAULT;
break;
}
return err;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_iterderef */
/* Returns: void */
/* Parameters: ipn(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) */
/* */
/* ------------------------------------------------------------------------ */
void ip_pool_iterderef(otype, unit, data)
u_int otype;
int unit;
void *data;
{
if (data == NULL)
return;
if (unit < 0 || unit > IPL_LOGMAX)
return;
switch (otype)
{
case IPFLOOKUPITER_LIST :
WRITE_ENTER(&ip_poolrw);
ip_pool_deref((ip_pool_t *)data);
RWLOCK_EXIT(&ip_poolrw);
break;
case IPFLOOKUPITER_NODE :
WRITE_ENTER(&ip_poolrw);
ip_pool_node_deref((ip_pool_node_t *)data);
RWLOCK_EXIT(&ip_poolrw);
break;
default :
break;
}
}
@ -782,5 +1004,4 @@ rn_freehead(rnh)
Free(rnh);
}
# endif
#endif /* IPFILTER_LOOKUP */

17
dist/ipf/ip_pool.h vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: ip_pool.h,v 1.1.1.2 2006/04/04 16:08:41 martti Exp $ */
/* $NetBSD: ip_pool.h,v 1.1.1.3 2007/04/14 20:17:23 martin Exp $ */
/*
* Copyright (C) 1993-2001, 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: ip_pool.h,v 2.26.2.3 2005/06/12 07:18:27 darrenr Exp
* Id: ip_pool.h,v 2.26.2.5 2007/01/14 14:06:12 darrenr Exp
*/
#ifndef __IP_POOL_H__
@ -37,8 +37,9 @@ typedef struct ip_pool_node {
addrfamily_t ipn_addr;
addrfamily_t ipn_mask;
int ipn_info;
char ipn_name[FR_GROUPLEN];
u_long ipn_hits;
int ipn_ref;
char ipn_name[FR_GROUPLEN];
u_long ipn_hits;
struct ip_pool_node *ipn_next, **ipn_pnext;
} ip_pool_node_t;
@ -55,7 +56,8 @@ typedef struct ip_pool_s {
char ipo_name[FR_GROUPLEN];
} ip_pool_t;
#define IPOOL_ANON 0x80000000
#define IPOOL_DELETE 0x01
#define IPOOL_ANON 0x02
typedef struct ip_pool_stat {
@ -75,13 +77,16 @@ extern void ip_pool_fini __P((void));
extern int ip_pool_create __P((iplookupop_t *));
extern int ip_pool_insert __P((ip_pool_t *, i6addr_t *, i6addr_t *, int));
extern int ip_pool_remove __P((ip_pool_t *, ip_pool_node_t *));
extern int ip_pool_destroy __P((iplookupop_t *));
extern int ip_pool_destroy __P((int, char *));
extern void ip_pool_free __P((ip_pool_t *));
extern void ip_pool_deref __P((ip_pool_t *));
extern void ip_pool_node_deref __P((ip_pool_node_t *));
extern void *ip_pool_find __P((int, char *));
extern ip_pool_node_t *ip_pool_findeq __P((ip_pool_t *,
addrfamily_t *, addrfamily_t *));
extern int ip_pool_flush __P((iplookupflush_t *));
extern int ip_pool_statistics __P((iplookupop_t *));
extern int ip_pool_getnext __P((ipftoken_t *, ipflookupiter_t *));
extern void ip_pool_iterderef __P((u_int, int, void *));
#endif /* __IP_POOL_H__ */

9
dist/ipf/ip_pptp_pxy.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_pptp_pxy.c,v 1.1.1.5 2006/04/04 16:08:41 martti Exp $ */
/* $NetBSD: ip_pptp_pxy.c,v 1.1.1.6 2007/04/14 20:17:22 martin Exp $ */
/*
* Copyright (C) 2002-2003 by Darren Reed
@ -6,7 +6,7 @@
* Simple PPTP transparent proxy for in-kernel use. For use with the NAT
* code.
*
* Id: ip_pptp_pxy.c,v 2.10.2.13 2006/03/17 10:40:05 darrenr Exp
* Id: ip_pptp_pxy.c,v 2.10.2.15 2006/10/31 12:11:23 darrenr Exp
*
*/
#define IPF_PPTP_PROXY
@ -80,6 +80,9 @@ void ippr_pptp_fini()
/*
* Setup for a new PPTP proxy.
*
* NOTE: The printf's are broken up with %s in them to prevent them being
* optimised into puts statements on FreeBSD (this doesn't exist in the kernel)
*/
int ippr_pptp_new(fin, aps, nat)
fr_info_t *fin;
@ -222,7 +225,7 @@ pptp_pxy_t *pptp;
pptp->pptp_state = fr_addstate(&fi, &pptp->pptp_state,
0);
if (fi.fin_state != NULL)
fr_statederef(&fi, (ipstate_t **)&fi.fin_state);
fr_statederef((ipstate_t **)&fi.fin_state);
}
ip->ip_p = p;
return;

13
dist/ipf/ip_rpcb_pxy.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_rpcb_pxy.c,v 1.1.1.4 2005/02/19 21:26:08 martti Exp $ */
/* $NetBSD: ip_rpcb_pxy.c,v 1.1.1.5 2007/04/14 20:17:24 martin Exp $ */
/*
* Copyright (C) 2002-2003 by Ryan Beasley <ryanb@goddamnbastard.org>
@ -39,7 +39,7 @@
* o The enclosed hack of STREAMS support is pretty sick and most likely
* broken.
*
* Id: ip_rpcb_pxy.c,v 2.25.2.3 2005/02/04 10:22:56 darrenr Exp
* Id: ip_rpcb_pxy.c,v 2.25.2.6 2007/01/17 11:34:54 darrenr Exp
*/
#define IPF_RPCB_PROXY
@ -309,6 +309,8 @@ ippr_rpcb_out(fin, aps, nat)
COPYDATA(m, off, dlen, (caddr_t)&rm->rm_msgbuf);
rm->rm_buflen = dlen;
rx = NULL; /* XXX gcc */
/* Send off to decode reply. */
rv = ippr_rpcb_decoderep(fin, nat, rs, rm, &rx);
@ -1158,6 +1160,8 @@ ippr_rpcb_getnat(fin, nat, proto, port)
/* Generate dummy fr_info */
bcopy((char *)fin, (char *)&fi, sizeof(fi));
fi.fin_state = NULL;
fi.fin_nat = NULL;
fi.fin_out = 0;
fi.fin_src = fin->fin_dst;
fi.fin_dst = nat->nat_outip;
@ -1193,8 +1197,9 @@ ippr_rpcb_getnat(fin, nat, proto, port)
* no use for this lock, so simply unlock it if necessary.
*/
is = fr_stlookup(&fi, &tcp, NULL);
if (is != NULL)
if (is != NULL) {
RWLOCK_EXIT(&ipf_state);
}
RWLOCK_EXIT(&ipf_nat);
@ -1273,7 +1278,7 @@ ippr_rpcb_getnat(fin, nat, proto, port)
return(-1);
}
if (fi.fin_state != NULL)
fr_statederef(&fi, (ipstate_t **)&fi.fin_state);
fr_statederef((ipstate_t **)&fi.fin_state);
}
return(0);

13
dist/ipf/ip_scan.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_scan.c,v 1.1.1.4 2006/04/04 16:08:43 martti Exp $ */
/* $NetBSD: ip_scan.c,v 1.1.1.5 2007/04/14 20:17:24 martin Exp $ */
/*
* Copyright (C) 1995-2001 by Darren Reed.
@ -60,7 +60,7 @@ struct file;
#if !defined(lint)
static const char sccsid[] = "@(#)ip_state.c 1.8 6/5/96 (C) 1993-2000 Darren Reed";
static const char rcsid[] = "@(#)Id: ip_scan.c,v 2.40.2.6 2006/03/26 23:06:49 darrenr Exp";
static const char rcsid[] = "@(#)Id: ip_scan.c,v 2.40.2.8 2007/01/16 02:25:20 darrenr Exp";
#endif
#ifdef IPFILTER_SCAN /* endif at bottom of file */
@ -117,8 +117,10 @@ caddr_t data;
return ENOMEM;
err = copyinptr(data, isc, sizeof(*isc));
if (err)
if (err) {
KFREE(isc);
return err;
}
WRITE_ENTER(&ipsc_rwlock);
@ -570,10 +572,11 @@ ipstate_t *is;
}
int fr_scan_ioctl(data, cmd, mode)
int fr_scan_ioctl(data, cmd, mode, uid, ctx)
caddr_t data;
ioctlcmd_t cmd;
int mode;
int mode, uid;
void *ctx;
{
ipscanstat_t ipscs;
int err = 0;

6
dist/ipf/ip_scan.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_scan.h,v 1.1.1.2 2006/04/04 16:08:43 martti Exp $ */
/* $NetBSD: ip_scan.h,v 1.1.1.3 2007/04/14 20:17:24 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
@ -6,7 +6,7 @@
* See the IPFILTER.LICENCE file for details on licencing.
*
* @(#)ip_fil.h 1.35 6/5/96
* Id: ip_scan.h,v 2.9.2.1 2005/06/12 07:18:29 darrenr Exp
* Id: ip_scan.h,v 2.9.2.2 2006/07/14 06:12:19 darrenr Exp
*/
#ifndef __IP_SCAN_H__
@ -96,7 +96,7 @@ typedef struct ipscanstat {
} ipscanstat_t;
extern int fr_scan_ioctl __P((caddr_t, ioctlcmd_t, int));
extern int fr_scan_ioctl __P((caddr_t, ioctlcmd_t, int, int, void *));
extern int ipsc_init __P((void));
extern int ipsc_attachis __P((struct ipstate *));
extern int ipsc_attachfr __P((struct frentry *));

9
dist/ipf/ip_sync.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_sync.c,v 1.1.1.4 2006/04/04 16:08:46 martti Exp $ */
/* $NetBSD: ip_sync.c,v 1.1.1.5 2007/04/14 20:17:24 martin Exp $ */
/*
* Copyright (C) 1995-1998 by Darren Reed.
@ -98,7 +98,7 @@ struct file;
/* END OF INCLUDES */
#if !defined(lint)
static const char rcsid[] = "@(#)Id: ip_sync.c,v 2.40.2.7 2006/03/19 14:59:39 darrenr Exp";
static const char rcsid[] = "@(#)Id: ip_sync.c,v 2.40.2.8 2006/07/14 06:12:20 darrenr Exp";
#endif
#define SYNC_STATETABSZ 256
@ -997,10 +997,11 @@ synclist_t *sl;
/* This function currently does not handle any ioctls and so just returns */
/* EINVAL on all occasions. */
/* ------------------------------------------------------------------------ */
int fr_sync_ioctl(data, cmd, mode)
int fr_sync_ioctl(data, cmd, mode, uid, ctx)
caddr_t data;
ioctlcmd_t cmd;
int mode;
int mode, uid;
void *ctx;
{
return EINVAL;
}

26
dist/ipf/ip_sync.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ip_sync.h,v 1.1.1.3 2006/04/04 16:08:46 martti Exp $ */
/* $NetBSD: ip_sync.h,v 1.1.1.4 2007/04/14 20:17:24 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
@ -6,7 +6,7 @@
* See the IPFILTER.LICENCE file for details on licencing.
*
* @(#)ip_fil.h 1.35 6/5/96
* Id: ip_sync.h,v 2.11.2.3 2006/03/19 14:59:39 darrenr Exp
* Id: ip_sync.h,v 2.11.2.4 2006/07/14 06:12:20 darrenr Exp
*/
#ifndef __IP_SYNC_H__
@ -104,16 +104,16 @@ typedef struct syncupdent { /* 28 or 32 bytes */
extern synclogent_t synclog[SYNCLOG_SZ];
extern int fr_sync_ioctl __P((caddr_t, ioctlcmd_t, int));
extern synclist_t *ipfsync_new __P((int, fr_info_t *, void *));
extern void ipfsync_del __P((synclist_t *));
extern void ipfsync_update __P((int, fr_info_t *, synclist_t *));
extern int ipfsync_init __P((void));
extern int ipfsync_nat __P((synchdr_t *sp, void *data));
extern int ipfsync_state __P((synchdr_t *sp, void *data));
extern int ipfsync_read __P((struct uio *uio));
extern int ipfsync_write __P((struct uio *uio));
extern int ipfsync_canread __P((void));
extern int ipfsync_canwrite __P((void));
extern int fr_sync_ioctl __P((caddr_t, ioctlcmd_t, int, int, void *));
extern synclist_t *ipfsync_new __P((int, fr_info_t *, void *));
extern void ipfsync_del __P((synclist_t *));
extern void ipfsync_update __P((int, fr_info_t *, synclist_t *));
extern int ipfsync_init __P((void));
extern int ipfsync_nat __P((synchdr_t *sp, void *data));
extern int ipfsync_state __P((synchdr_t *sp, void *data));
extern int ipfsync_read __P((struct uio *uio));
extern int ipfsync_write __P((struct uio *uio));
extern int ipfsync_canread __P((void));
extern int ipfsync_canwrite __P((void));
#endif /* IP_SYNC */

65
dist/ipf/lib/Makefile vendored
View File

@ -1,7 +1,16 @@
#
# Copyright (C) 1993-2001 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
# Id: Makefile,v 1.41.2.12 2006/08/25 22:43:21 darrenr Exp
#
INCDEP=$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ipf.h
LIBOBJS=$(DEST)/addicmp.o \
$(DEST)/addipopt.o \
$(DEST)/alist_free.o \
$(DEST)/alist_new.o \
$(DEST)/bcopywrap.o \
$(DEST)/binprint.o \
$(DEST)/buildopts.o \
@ -9,23 +18,17 @@ LIBOBJS=$(DEST)/addicmp.o \
$(DEST)/count6bits.o \
$(DEST)/count4bits.o \
$(DEST)/debug.o \
$(DEST)/extras.o \
$(DEST)/facpri.o \
$(DEST)/flags.o \
$(DEST)/fill6bits.o \
$(DEST)/genmask.o \
$(DEST)/gethost.o \
$(DEST)/getifname.o \
$(DEST)/getline.o \
$(DEST)/getnattype.o \
$(DEST)/getport.o \
$(DEST)/getportproto.o \
$(DEST)/getproto.o \
$(DEST)/getsumd.o \
$(DEST)/hexdump.o \
$(DEST)/hostmask.o \
$(DEST)/hostname.o \
$(DEST)/hostnum.o \
$(DEST)/icmpcode.o \
$(DEST)/inet_addr.o \
$(DEST)/initparse.o \
@ -41,11 +44,13 @@ LIBOBJS=$(DEST)/addicmp.o \
$(DEST)/kmem.o \
$(DEST)/kmemcpywrap.o \
$(DEST)/kvatoname.o \
$(DEST)/load_file.o \
$(DEST)/load_hash.o \
$(DEST)/load_hashnode.o \
$(DEST)/load_http.o \
$(DEST)/load_pool.o \
$(DEST)/load_poolnode.o \
$(DEST)/loglevel.o \
$(DEST)/load_url.o \
$(DEST)/mutex_emul.o \
$(DEST)/nametokva.o \
$(DEST)/nat_setgroupmap.o \
@ -55,17 +60,19 @@ LIBOBJS=$(DEST)/addicmp.o \
$(DEST)/optprintv6.o \
$(DEST)/optvalue.o \
$(DEST)/portname.o \
$(DEST)/portnum.o \
$(DEST)/ports.o \
$(DEST)/print_toif.o \
$(DEST)/printactivenat.o \
$(DEST)/printaps.o \
$(DEST)/printbuf.o \
$(DEST)/printhash.o \
$(DEST)/printhashdata.o \
$(DEST)/printhashnode.o \
$(DEST)/printhash_live.o \
$(DEST)/printip.o \
$(DEST)/printpool.o \
$(DEST)/printpooldata.o \
$(DEST)/printpoolnode.o \
$(DEST)/printpool_live.o \
$(DEST)/printproto.o \
$(DEST)/printfr.o \
$(DEST)/printfraginfo.o \
@ -81,8 +88,6 @@ LIBOBJS=$(DEST)/addicmp.o \
$(DEST)/printsbuf.o \
$(DEST)/printstate.o \
$(DEST)/printtunable.o \
$(DEST)/ratoi.o \
$(DEST)/ratoui.o \
$(DEST)/remove_hash.o \
$(DEST)/remove_hashnode.o \
$(DEST)/remove_pool.o \
@ -91,7 +96,6 @@ LIBOBJS=$(DEST)/addicmp.o \
$(DEST)/rwlock_emul.o \
$(DEST)/tcpflags.o \
$(DEST)/tcp_flags.o \
$(DEST)/to_interface.o \
$(DEST)/var.o \
$(DEST)/verbose.o \
$(DEST)/v6ionames.o \
@ -106,6 +110,10 @@ $(DEST)/addicmp.o: $(LIBSRC)/addicmp.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/addicmp.c -o $@
$(DEST)/addipopt.o: $(LIBSRC)/addipopt.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/addipopt.c -o $@
$(DEST)/alist_free.o: $(LIBSRC)/alist_free.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/alist_free.c -o $@
$(DEST)/alist_new.o: $(LIBSRC)/alist_new.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/alist_new.c -o $@
$(DEST)/bcopywrap.o: $(LIBSRC)/bcopywrap.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/bcopywrap.c -o $@
$(DEST)/binprint.o: $(LIBSRC)/binprint.c $(INCDEP)
@ -120,16 +128,12 @@ $(DEST)/count4bits.o: $(LIBSRC)/count4bits.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/count4bits.c -o $@
$(DEST)/debug.o: $(LIBSRC)/debug.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/debug.c -o $@
$(DEST)/extras.o: $(LIBSRC)/extras.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/extras.c -o $@
$(DEST)/facpri.o: $(LIBSRC)/facpri.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/facpri.c -o $@
$(DEST)/fill6bits.o: $(LIBSRC)/fill6bits.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/fill6bits.c -o $@
$(DEST)/flags.o: $(LIBSRC)/flags.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/flags.c -o $@
$(DEST)/genmask.o: $(LIBSRC)/genmask.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/genmask.c -o $@
$(DEST)/getline.o: $(LIBSRC)/getline.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/getline.c -o $@
$(DEST)/gethost.o: $(LIBSRC)/gethost.c $(INCDEP)
@ -146,14 +150,8 @@ $(DEST)/getproto.o: $(LIBSRC)/getproto.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/getproto.c -o $@
$(DEST)/getsumd.o: $(LIBSRC)/getsumd.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/getsumd.c -o $@
$(DEST)/hexdump.o: $(LIBSRC)/hexdump.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/hexdump.c -o $@
$(DEST)/hostmask.o: $(LIBSRC)/hostmask.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/hostmask.c -o $@
$(DEST)/hostname.o: $(LIBSRC)/hostname.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/hostname.c -o $@
$(DEST)/hostnum.o: $(LIBSRC)/hostnum.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/hostnum.c -o $@
$(DEST)/icmpcode.o: $(LIBSRC)/icmpcode.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/icmpcode.c -o $@
$(DEST)/ipoptsec.o: $(LIBSRC)/ipoptsec.c $(INCDEP)
@ -184,14 +182,20 @@ $(DEST)/kmemcpywrap.o: $(LIBSRC)/kmemcpywrap.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/kmemcpywrap.c -o $@
$(DEST)/kvatoname.o: $(LIBSRC)/kvatoname.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/kvatoname.c -o $@
$(DEST)/load_file.o: $(LIBSRC)/load_file.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/load_file.c -o $@
$(DEST)/load_hash.o: $(LIBSRC)/load_hash.c $(INCDEP) $(TOP)/ip_htable.h
$(CC) $(CCARGS) -c $(LIBSRC)/load_hash.c -o $@
$(DEST)/load_hashnode.o: $(LIBSRC)/load_hashnode.c $(INCDEP) $(TOP)/ip_htable.h
$(CC) $(CCARGS) -c $(LIBSRC)/load_hashnode.c -o $@
$(DEST)/load_http.o: $(LIBSRC)/load_http.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/load_http.c -o $@
$(DEST)/load_pool.o: $(LIBSRC)/load_pool.c $(INCDEP) $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(LIBSRC)/load_pool.c -o $@
$(DEST)/load_poolnode.o: $(LIBSRC)/load_poolnode.c $(INCDEP) $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(LIBSRC)/load_poolnode.c -o $@
$(DEST)/load_url.o: $(LIBSRC)/load_url.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/load_url.c -o $@
$(DEST)/make_range.o: $(LIBSRC)/make_range.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/make_range.c -o $@
$(DEST)/mutex_emul.o: $(LIBSRC)/mutex_emul.c $(INCDEP)
@ -203,8 +207,6 @@ $(DEST)/nat_setgroupmap.o: $(LIBSRC)/nat_setgroupmap.c $(TOP)/ip_compat.h \
$(CC) $(CCARGS) -c $(LIBSRC)/nat_setgroupmap.c -o $@
$(DEST)/ntomask.o: $(LIBSRC)/ntomask.c $(TOP)/ip_compat.h
$(CC) $(CCARGS) -c $(LIBSRC)/ntomask.c -o $@
$(DEST)/loglevel.o: $(LIBSRC)/loglevel.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/loglevel.c -o $@
$(DEST)/optname.o: $(LIBSRC)/optname.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/optname.c -o $@
$(DEST)/optprint.o: $(LIBSRC)/optprint.c $(INCDEP)
@ -233,16 +235,25 @@ $(DEST)/printfraginfo.o: $(LIBSRC)/printfraginfo.c $(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(LIBSRC)/printfraginfo.c -o $@
$(DEST)/printhash.o: $(LIBSRC)/printhash.c $(TOP)/ip_fil.h $(TOP)/ip_htable.h
$(CC) $(CCARGS) -c $(LIBSRC)/printhash.c -o $@
$(DEST)/printhashdata.o: $(LIBSRC)/printhash.c $(TOP)/ip_fil.h $(TOP)/ip_htable.h
$(CC) $(CCARGS) -c $(LIBSRC)/printhashdata.c -o $@
$(DEST)/printhashnode.o: $(LIBSRC)/printhashnode.c $(TOP)/ip_fil.h \
$(TOP)/ip_htable.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) -c $(LIBSRC)/printhashnode.c -o $@
$(DEST)/printhash_live.o: $(LIBSRC)/printhash_live.c $(TOP)/ip_fil.h $(TOP)/ip_htable.h
$(CC) $(CCARGS) -c $(LIBSRC)/printhash_live.c -o $@
$(DEST)/printip.o: $(LIBSRC)/printip.c $(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(LIBSRC)/printip.c -o $@
$(DEST)/printpool.o: $(LIBSRC)/printpool.c $(TOP)/ip_fil.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(LIBSRC)/printpool.c -o $@
$(DEST)/printpooldata.o: $(LIBSRC)/printpooldata.c $(TOP)/ip_fil.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(LIBSRC)/printpooldata.c -o $@
$(DEST)/printpoolnode.o: $(LIBSRC)/printpoolnode.c $(TOP)/ip_fil.h \
$(TOP)/ip_pool.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) -c $(LIBSRC)/printpoolnode.c -o $@
$(DEST)/printpool_live.o: $(LIBSRC)/printpool_live.c $(TOP)/ip_fil.h \
$(TOP)/ip_pool.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) -c $(LIBSRC)/printpool_live.c -o $@
$(DEST)/printproto.o: $(LIBSRC)/printproto.c $(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(LIBSRC)/printproto.c -o $@
$(DEST)/printhostmap.o: $(LIBSRC)/printhostmap.c $(TOP)/ip_fil.h
@ -269,10 +280,6 @@ $(DEST)/printstate.o: $(LIBSRC)/printstate.c $(INCDEP) $(TOP)/ip_state.h
$(CC) $(CCARGS) -c $(LIBSRC)/printstate.c -o $@
$(DEST)/printtunable.o: $(LIBSRC)/printtunable.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/printtunable.c -o $@
$(DEST)/ratoi.o: $(LIBSRC)/ratoi.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/ratoi.c -o $@
$(DEST)/ratoui.o: $(LIBSRC)/ratoui.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/ratoui.c -o $@
$(DEST)/remove_hash.o: $(LIBSRC)/remove_hash.c $(INCDEP) \
$(TOP)/ip_htable.h
$(CC) $(CCARGS) -c $(LIBSRC)/remove_hash.c -o $@
@ -289,8 +296,6 @@ $(DEST)/resetlexer.o: $(LIBSRC)/resetlexer.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/resetlexer.c -o $@
$(DEST)/rwlock_emul.o: $(LIBSRC)/rwlock_emul.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/rwlock_emul.c -o $@
$(DEST)/to_interface.o: $(LIBSRC)/to_interface.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/to_interface.c -o $@
$(DEST)/tcpflags.o: $(LIBSRC)/tcpflags.c $(INCDEP)
$(CC) $(CCARGS) -c $(LIBSRC)/tcpflags.c -o $@
$(DEST)/tcp_flags.o: $(LIBSRC)/tcp_flags.c $(INCDEP)

6
dist/ipf/lib/addipopt.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: addipopt.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: addipopt.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: addipopt.c,v 1.7 2002/01/28 06:50:45 darrenr Exp
* Id: addipopt.c,v 1.7.4.1 2006/06/16 17:20:56 darrenr Exp
*/
#include "ipf.h"

22
dist/ipf/lib/alist_free.c vendored Normal file
View File

@ -0,0 +1,22 @@
/* $NetBSD: alist_free.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2006 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: alist_free.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp
*/
#include "ipf.h"
void
alist_free(hosts)
alist_t *hosts;
{
alist_t *a, *next;
for (a = hosts; a != NULL; a = next) {
next = a->al_next;
free(a);
}
}

66
dist/ipf/lib/alist_new.c vendored Normal file
View File

@ -0,0 +1,66 @@
/* $NetBSD: alist_new.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2006 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: alist_new.c,v 1.1.2.2 2006/08/25 22:43:21 darrenr Exp
*/
#include "ipf.h"
alist_t *
alist_new(int v, char *host)
{
int a, b, c, d, bits;
char *slash;
alist_t *al;
u_int mask;
al = calloc(1, sizeof(*al));
if (al == NULL) {
fprintf(stderr, "alist_new out of memory\n");
return NULL;
}
bits = -1;
slash = strchr(host, '/');
if (slash != NULL) {
*slash = '\0';
bits = atoi(slash + 1);
}
a = b = c = d = -1;
sscanf(host, "%d.%d.%d.%d", &a, &b, &c, &d);
if (bits > 0 && bits < 33) {
mask = 0xffffffff << (32 - bits);
} else if (b == -1) {
mask = 0xff000000;
b = c = d = 0;
} else if (c == -1) {
mask = 0xffff0000;
c = d = 0;
} else if (d == -1) {
mask = 0xffffff00;
d = 0;
} else {
mask = 0xffffffff;
}
if (*host == '!') {
al->al_not = 1;
host++;
}
if (gethost(host, &al->al_addr) == -1) {
*slash = '/';
fprintf(stderr, "Cannot parse hostname\n");
free(al);
return NULL;
}
al->al_mask = htonl(mask);
*slash = '/';
return al;
}

10
dist/ipf/lib/bcopywrap.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: bcopywrap.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: bcopywrap.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: bcopywrap.c,v 1.1.4.1 2006/06/16 17:20:56 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/binprint.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: binprint.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: binprint.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: binprint.c,v 1.8 2002/05/14 15:18:56 darrenr Exp
* Id: binprint.c,v 1.8.4.1 2006/06/16 17:20:56 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/buildopts.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: buildopts.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: buildopts.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: buildopts.c,v 1.6 2002/01/28 06:50:45 darrenr Exp
* Id: buildopts.c,v 1.6.4.1 2006/06/16 17:20:56 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/checkrev.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: checkrev.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: checkrev.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: checkrev.c,v 1.12.2.1 2004/03/09 14:44:39 darrenr Exp
* Id: checkrev.c,v 1.12.2.2 2006/06/16 17:20:56 darrenr Exp
*/
#include <sys/ioctl.h>

6
dist/ipf/lib/count4bits.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: count4bits.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: count4bits.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: count4bits.c,v 1.1 2002/06/15 04:46:39 darrenr Exp
* Id: count4bits.c,v 1.1.4.1 2006/06/16 17:20:57 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/count6bits.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: count6bits.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: count6bits.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2001 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: count6bits.c,v 1.4 2001/06/09 17:09:23 darrenr Exp
* Id: count6bits.c,v 1.4.4.1 2006/06/16 17:20:57 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/debug.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: debug.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: debug.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2001 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: debug.c,v 1.6 2001/06/09 17:09:24 darrenr Exp
* Id: debug.c,v 1.6.4.1 2006/06/16 17:20:57 darrenr Exp
*/
#if defined(__STDC__)

6
dist/ipf/lib/facpri.h vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: facpri.h,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: facpri.h,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1999-2001 by Darren Reed.
* Copyright (C) 2000-2001 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: facpri.h,v 1.3 2001/06/09 17:19:50 darrenr Exp
* Id: facpri.h,v 1.3.4.1 2006/06/16 17:20:58 darrenr Exp
*/
#ifndef __FACPRI_H__

6
dist/ipf/lib/fill6bits.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: fill6bits.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: fill6bits.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: fill6bits.c,v 1.5 2002/03/27 15:09:57 darrenr Exp
* Id: fill6bits.c,v 1.5.4.1 2006/06/16 17:20:58 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/flags.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: flags.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: flags.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2001-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: flags.c,v 1.4 2002/11/02 07:16:36 darrenr Exp
* Id: flags.c,v 1.4.4.1 2006/06/16 17:20:58 darrenr Exp
*/
#include "ipf.h"

10
dist/ipf/lib/gethost.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: gethost.c,v 1.1.1.2 2005/02/08 06:53:15 martti Exp $ */
/* $NetBSD: gethost.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: gethost.c,v 1.3.2.2 2006/06/16 17:20:59 darrenr Exp
*/
#include "ipf.h"

18
dist/ipf/lib/getifname.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: getifname.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: getifname.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: getifname.c,v 1.5.2.3 2006/07/14 06:12:24 darrenr Exp
*/
#include "ipf.h"
@ -8,6 +16,7 @@
* Given a pointer to an interface in the kernel, return a pointer to a
* string which is the interface name.
*/
#if 0
char *getifname(ptr)
struct ifnet *ptr;
{
@ -74,3 +83,10 @@ struct ifnet *ptr;
# endif
#endif
}
#else
char *getifname(ptr)
struct ifnet *ptr;
{
return "X";
}
#endif

31
dist/ipf/lib/getnattype.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: getnattype.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: getnattype.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
@ -11,26 +11,34 @@
#include "kmem.h"
#if !defined(lint)
static const char rcsid[] = "@(#)Id: getnattype.c,v 1.3 2004/01/17 17:26:07 darrenr Exp";
static const char rcsid[] = "@(#)Id: getnattype.c,v 1.3.2.2 2006/07/14 06:12:24 darrenr Exp";
#endif
/*
* Get a nat filter type given its kernel address.
*/
char *getnattype(ipnat)
ipnat_t *ipnat;
char *getnattype(nat, alive)
nat_t *nat;
int alive;
{
static char unknownbuf[20];
ipnat_t ipnatbuff;
ipnat_t *ipn, ipnat;
char *which;
int type;
if (!ipnat)
if (!nat)
return "???";
if (kmemcpy((char *)&ipnatbuff, (long)ipnat, sizeof(ipnatbuff)))
return "!!!";
if (alive) {
type = nat->nat_redir;
} else {
ipn = nat->nat_ptr;
if (kmemcpy((char *)&ipnat, (long)ipn, sizeof(ipnat)))
return "!!!";
type = ipnat.in_redir;
}
switch (ipnatbuff.in_redir)
switch (type)
{
case NAT_MAP :
which = "MAP";
@ -45,8 +53,7 @@ ipnat_t *ipnat;
which = "BIMAP";
break;
default :
sprintf(unknownbuf, "unknown(%04x)",
ipnatbuff.in_redir & 0xffffffff);
sprintf(unknownbuf, "unknown(%04x)", type & 0xffffffff);
which = unknownbuf;
break;
}

10
dist/ipf/lib/getsumd.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: getsumd.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: getsumd.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: getsumd.c,v 1.2.4.1 2006/06/16 17:21:01 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/initparse.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: initparse.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: initparse.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: initparse.c,v 1.6 2002/01/28 06:50:46 darrenr Exp
* Id: initparse.c,v 1.6.4.1 2006/06/16 17:21:02 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/ionames.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: ionames.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: ionames.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: ionames.c,v 1.7 2002/01/28 06:50:46 darrenr Exp
* Id: ionames.c,v 1.7.4.1 2006/06/16 17:21:02 darrenr Exp
*/
#include "ipf.h"

8
dist/ipf/lib/ipft_pc.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: ipft_pc.c,v 1.1.1.2 2006/04/04 16:09:32 martti Exp $ */
/* $NetBSD: ipft_pc.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: ipft_pc.c,v 1.10.2.1 2005/12/04 09:55:10 darrenr Exp
* Id: ipft_pc.c,v 1.10.2.2 2006/06/16 17:21:03 darrenr Exp
*/
#include "ipf.h"
#include "pcap-ipf.h"
@ -13,7 +13,7 @@
#include "ipt.h"
#if !defined(lint)
static const char rcsid[] = "@(#)Id: ipft_pc.c,v 1.10.2.1 2005/12/04 09:55:10 darrenr Exp";
static const char rcsid[] = "@(#)Id: ipft_pc.c,v 1.10.2.2 2006/06/16 17:21:03 darrenr Exp";
#endif
struct llc {

8
dist/ipf/lib/ipft_sn.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: ipft_sn.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: ipft_sn.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: ipft_sn.c,v 1.7 2003/02/16 02:32:36 darrenr Exp
* Id: ipft_sn.c,v 1.7.4.1 2006/06/16 17:21:03 darrenr Exp
*/
/*
@ -16,7 +16,7 @@
#include "ipt.h"
#if !defined(lint)
static const char rcsid[] = "@(#)Id: ipft_sn.c,v 1.7 2003/02/16 02:32:36 darrenr Exp";
static const char rcsid[] = "@(#)Id: ipft_sn.c,v 1.7.4.1 2006/06/16 17:21:03 darrenr Exp";
#endif
struct llc {

6
dist/ipf/lib/ipoptsec.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: ipoptsec.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: ipoptsec.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2001-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: ipoptsec.c,v 1.2 2002/01/28 06:50:46 darrenr Exp
* Id: ipoptsec.c,v 1.2.4.1 2006/06/16 17:21:04 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/kmem.h vendored
View File

@ -1,10 +1,10 @@
/* $NetBSD: kmem.h,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: kmem.h,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
* Id: kmem.h,v 1.2 2002/08/21 22:57:36 darrenr Exp
* Id: kmem.h,v 1.2.4.1 2006/06/16 17:21:04 darrenr Exp
*/
#ifndef __KMEM_H__

10
dist/ipf/lib/kmemcpywrap.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: kmemcpywrap.c,v 1.1.1.1 2004/03/28 08:56:18 martti Exp $ */
/* $NetBSD: kmemcpywrap.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: kmemcpywrap.c,v 1.1.4.1 2006/06/16 17:21:05 darrenr Exp
*/
#include "ipf.h"
#include "kmem.h"

10
dist/ipf/lib/kvatoname.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: kvatoname.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: kvatoname.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: kvatoname.c,v 1.1.4.1 2006/06/16 17:21:05 darrenr Exp
*/
#include "ipf.h"

90
dist/ipf/lib/load_file.c vendored Normal file
View File

@ -0,0 +1,90 @@
/* $NetBSD: load_file.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2006 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: load_file.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp
*/
#include "ipf.h"
alist_t *
load_file(char *filename)
{
alist_t *a, *rtop, *rbot;
char *s, line[1024], *t;
int linenum, not;
FILE *fp;
fp = fopen(filename + 7, "r");
if (fp == NULL) {
fprintf(stderr, "load_file cannot open '%s'\n", filename);
return NULL;
}
a = NULL;
rtop = NULL;
rbot = NULL;
linenum = 0;
while (fgets(line, sizeof(line) - 1, fp)) {
line[sizeof(line) - 1] = '\0';
linenum++;
/*
* Hunt for CR/LF. If no LF, stop processing.
*/
s = strchr(line, '\n');
if (s == NULL) {
fprintf(stderr, "%d:%s: line too long\n", linenum, filename);
fclose(fp);
alist_free(rtop);
return NULL;
}
*s = '\0';
s = strchr(line, '\r');
if (s != NULL)
*s = '\0';
for (t = line; isspace(*t); t++)
;
if (*t == '!') {
not = 1;
t++;
} else
not = 0;
/*
* Remove comment markers
*/
for (s = t; *s; s++) {
if (*s == '#')
*s = '\0';
}
if (!*t)
continue;
/*
* Trim off tailing white spaces
*/
s = strlen(t) + t - 1;
while (isspace(*s))
*s-- = '\0';
if (isdigit(*t)) {
a = alist_new(4, t);
a->al_not = not;
if (rbot != NULL)
rbot->al_next = a;
else
rtop = a;
rbot = a;
} else {
fprintf(stderr, "%s: unrecognised content line %d\n",
filename, linenum);
}
}
fclose(fp);
return rtop;
}

10
dist/ipf/lib/load_hash.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: load_hash.c,v 1.1.1.3 2006/04/04 16:09:32 martti Exp $ */
/* $NetBSD: load_hash.c,v 1.1.1.4 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: load_hash.c,v 1.11.2.3 2005/11/13 15:41:12 darrenr Exp
* Id: load_hash.c,v 1.11.2.5 2006/07/14 06:12:25 darrenr Exp
*/
#include <fcntl.h>
@ -62,6 +62,7 @@ ioctlfunc_t iocfunc;
iph.iph_size = size;
iph.iph_seed = iphp->iph_seed;
iph.iph_table = NULL;
iph.iph_list = NULL;
iph.iph_ref = 0;
if ((opts & OPT_REMOVE) == 0) {
@ -85,9 +86,10 @@ ioctlfunc_t iocfunc;
perror("calloc(size, sizeof(*iph.iph_table))");
return -1;
}
iph.iph_table[0] = list;
iph.iph_list = list;
printhash(&iph, bcopywrap, iph.iph_name, opts);
free(iph.iph_table);
iph.iph_list = NULL;
for (a = list; a != NULL; a = a->ipe_next) {
a->ipe_addr.in4_addr = htonl(a->ipe_addr.in4_addr);

6
dist/ipf/lib/load_hashnode.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: load_hashnode.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: load_hashnode.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2003-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: load_hashnode.c,v 1.2.4.1 2004/03/06 14:33:28 darrenr Exp
* Id: load_hashnode.c,v 1.2.4.2 2006/06/16 17:21:05 darrenr Exp
*/
#include <fcntl.h>

184
dist/ipf/lib/load_http.c vendored Normal file
View File

@ -0,0 +1,184 @@
/* $NetBSD: load_http.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2006 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: load_http.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp
*/
#include "ipf.h"
/*
* Format expected is one addres per line, at the start of each line.
*/
alist_t *
load_http(char *url)
{
int fd, len, left, port, endhdr, removed;
char *s, *t, *u, buffer[1024], *myurl;
alist_t *a, *rtop, *rbot;
struct sockaddr_in sin;
struct hostent *host;
/*
* More than this would just be absurd.
*/
if (strlen(url) > 512) {
fprintf(stderr, "load_http has a URL > 512 bytes?!\n");
return NULL;
}
fd = -1;
rtop = NULL;
rbot = NULL;
sprintf(buffer, "GET %s HTTP/1.0\r\n", url);
myurl = strdup(url);
if (myurl == NULL)
goto done;
s = myurl + 7; /* http:// */
t = strchr(s, '/');
if (t == NULL) {
fprintf(stderr, "load_http has a malformed URL '%s'\n", url);
free(myurl);
return NULL;
}
*t++ = '\0';
u = strchr(s, '@');
if (u != NULL)
s = u + 1; /* AUTH */
sprintf(buffer + strlen(buffer), "Host: %s\r\n\r\n", s);
u = strchr(s, ':');
if (u != NULL) {
*u++ = '\0';
port = atoi(u);
if (port < 0 || port > 65535)
goto done;
} else {
port = 80;
}
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
if (isdigit(*s)) {
if (inet_aton(s, &sin.sin_addr) == -1) {
goto done;
}
} else {
host = gethostbyname(s);
if (host == NULL)
goto done;
memcpy(&sin.sin_addr, host->h_addr_list[0],
sizeof(sin.sin_addr));
}
fd = socket(AF_INET, SOCK_STREAM, 0);
if (fd == -1)
goto done;
if (connect(fd, (struct sockaddr *)&sin, sizeof(sin)) == -1) {
close(fd);
goto done;
}
len = strlen(buffer);
if (write(fd, buffer, len) != len) {
close(fd);
goto done;
}
s = buffer;
endhdr = 0;
left = sizeof(buffer) - 1;
while ((len = read(fd, s, left)) > 0) {
s[len] = '\0';
left -= len;
s += len;
if (endhdr >= 0) {
if (endhdr == 0) {
t = strchr(buffer, ' ');
if (t == NULL)
continue;
t++;
if (*t != '2')
break;
}
u = buffer;
while ((t = strchr(u, '\r')) != NULL) {
if (t == u) {
if (*(t + 1) == '\n') {
u = t + 2;
endhdr = -1;
break;
} else
t++;
} else if (*(t + 1) == '\n') {
endhdr++;
u = t + 2;
} else
u = t + 1;
}
if (endhdr >= 0)
continue;
removed = (u - buffer) + 1;
memmove(buffer, u, (sizeof(buffer) - left) - removed);
s -= removed;
left += removed;
}
do {
t = strchr(buffer, '\n');
if (t == NULL)
break;
*t++ = '\0';
for (u = buffer; isdigit(*u) || (*u == '.'); u++)
;
if (*u == '/') {
char *slash;
slash = u;
u++;
while (isdigit(*u))
u++;
if (!isspace(*u) && *u)
u = slash;
}
*u = '\0';
a = alist_new(4, buffer);
if (a != NULL) {
if (rbot != NULL)
rbot->al_next = a;
else
rtop = a;
rbot = a;
}
removed = t - buffer;
memmove(buffer, t, sizeof(buffer) - left - removed);
s -= removed;
left += removed;
} while (1);
}
done:
if (myurl != NULL)
free(myurl);
if (fd != -1)
close(fd);
return rtop;
}

6
dist/ipf/lib/load_pool.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: load_pool.c,v 1.1.1.3 2006/04/04 16:09:34 martti Exp $ */
/* $NetBSD: load_pool.c,v 1.1.1.4 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: load_pool.c,v 1.14.2.3 2005/11/13 15:41:13 darrenr Exp
* Id: load_pool.c,v 1.14.2.4 2006/06/16 17:21:06 darrenr Exp
*/
#include <fcntl.h>

8
dist/ipf/lib/load_poolnode.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: load_poolnode.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: load_poolnode.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2003-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: load_poolnode.c,v 1.3.2.1 2004/03/06 14:33:29 darrenr Exp
* Id: load_poolnode.c,v 1.3.2.3 2006/06/16 17:21:06 darrenr Exp
*/
#include <fcntl.h>
@ -54,7 +54,7 @@ ioctlfunc_t iocfunc;
if (err != 0) {
if ((opts & OPT_DONOTHING) == 0) {
perror("load_pool:SIOCLOOKUP*NODE");
perror("load_poolnode:SIOCLOOKUP*NODE");
return -1;
}
}

33
dist/ipf/lib/load_url.c vendored Normal file
View File

@ -0,0 +1,33 @@
/* $NetBSD: load_url.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2006 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: load_url.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp
*/
#include "ipf.h"
alist_t *
load_url(char *url)
{
alist_t *hosts = NULL;
if (strncmp(url, "file://", 7) == 0) {
/*
* file:///etc/passwd
* ^------------s
*/
hosts = load_file(url);
} else if (*url == '/' || *url == '.') {
hosts = load_file(url);
} else if (strncmp(url, "http://", 7) == 0) {
hosts = load_http(url);
}
return hosts;
}

10
dist/ipf/lib/mutex_emul.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: mutex_emul.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: mutex_emul.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: mutex_emul.c,v 1.2.4.1 2006/06/16 17:21:06 darrenr Exp
*/
#include "ipf.h"

10
dist/ipf/lib/nametokva.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: nametokva.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: nametokva.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: nametokva.c,v 1.1.4.1 2006/06/16 17:21:07 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/nat_setgroupmap.c vendored
View File

@ -1,12 +1,12 @@
/* $NetBSD: nat_setgroupmap.c,v 1.1.1.1 2004/03/28 08:56:17 martti Exp $ */
/* $NetBSD: nat_setgroupmap.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
#if !defined(lint)
static const char rcsid[] = "@(#)Id: nat_setgroupmap.c,v 1.1 2003/04/13 06:40:14 darrenr Exp";
static const char rcsid[] = "@(#)Id: nat_setgroupmap.c,v 1.1.4.1 2006/06/16 17:21:07 darrenr Exp";
#endif
#include "ipf.h"

10
dist/ipf/lib/ntomask.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: ntomask.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: ntomask.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: ntomask.c,v 1.6.2.1 2006/06/16 17:21:07 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/optname.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: optname.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: optname.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2001 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: optname.c,v 1.3 2001/06/09 17:09:24 darrenr Exp
* Id: optname.c,v 1.3.4.1 2006/06/16 17:21:07 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/optprint.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: optprint.c,v 1.1.1.2 2006/04/04 16:09:34 martti Exp $ */
/* $NetBSD: optprint.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: optprint.c,v 1.6.4.1 2005/12/18 14:51:28 darrenr Exp
* Id: optprint.c,v 1.6.4.2 2006/06/16 17:21:08 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/optprintv6.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: optprintv6.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: optprintv6.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: optprintv6.c,v 1.2 2003/04/30 00:39:39 darrenr Exp
* Id: optprintv6.c,v 1.2.4.1 2006/06/16 17:21:08 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/optvalue.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: optvalue.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: optvalue.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2001-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: optvalue.c,v 1.2 2002/01/28 06:50:47 darrenr Exp
* Id: optvalue.c,v 1.2.4.1 2006/06/16 17:21:08 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/portname.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: portname.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: portname.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: portname.c,v 1.7 2003/08/14 14:27:43 darrenr Exp
* Id: portname.c,v 1.7.2.1 2006/06/16 17:21:09 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/print_toif.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: print_toif.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: print_toif.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: print_toif.c,v 1.8 2002/01/28 06:50:47 darrenr Exp
* Id: print_toif.c,v 1.8.4.1 2006/06/16 17:21:09 darrenr Exp
*/
#include "ipf.h"

18
dist/ipf/lib/printactivenat.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printactivenat.c,v 1.1.1.2 2004/07/23 05:34:36 martti Exp $ */
/* $NetBSD: printactivenat.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
@ -12,16 +12,17 @@
#if !defined(lint)
static const char rcsid[] = "@(#)Id: printactivenat.c,v 1.3.2.4 2004/05/11 16:07:32 darrenr Exp";
static const char rcsid[] = "@(#)Id: printactivenat.c,v 1.3.2.7 2006/12/12 16:13:00 darrenr Exp";
#endif
void printactivenat(nat, opts)
void printactivenat(nat, opts, alive, now)
nat_t *nat;
int opts;
int opts, alive;
u_long now;
{
printf("%s", getnattype(nat->nat_ptr));
printf("%s", getnattype(nat, alive));
if (nat->nat_flags & SI_CLONE)
printf(" CLONE");
@ -42,8 +43,9 @@ int opts;
printf("]");
if (opts & OPT_VERBOSE) {
printf("\n\tage %lu use %hu sumd %s/",
nat->nat_age, nat->nat_use, getsumd(nat->nat_sumd[0]));
printf("\n\tttl %lu use %hu sumd %s/",
nat->nat_age - now, nat->nat_use,
getsumd(nat->nat_sumd[0]));
printf("%s pr %u bkt %d/%d flags %x\n",
getsumd(nat->nat_sumd[1]), nat->nat_p,
nat->nat_hv[0], nat->nat_hv[1], nat->nat_flags);

6
dist/ipf/lib/printaps.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printaps.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printaps.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
@ -13,7 +13,7 @@
#if !defined(lint)
static const char rcsid[] = "@(#)Id: printaps.c,v 1.4 2004/01/08 13:34:32 darrenr Exp";
static const char rcsid[] = "@(#)Id: printaps.c,v 1.4.2.1 2006/06/16 17:21:10 darrenr Exp";
#endif

6
dist/ipf/lib/printfr.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printfr.c,v 1.1.1.5 2006/04/04 16:09:37 martti Exp $ */
/* $NetBSD: printfr.c,v 1.1.1.6 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2006 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printfr.c,v 1.43.2.16 2006/03/29 11:19:59 darrenr Exp
* Id: printfr.c,v 1.43.2.17 2006/06/16 17:21:10 darrenr Exp
*/
#include "ipf.h"

15
dist/ipf/lib/printfraginfo.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printfraginfo.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printfraginfo.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2004 by Darren Reed.
* Copyright (C) 2004-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printfraginfo.c,v 1.1.2.2 2004/03/23 15:15:45 darrenr Exp
* Id: printfraginfo.c,v 1.1.2.5 2006/12/25 15:10:37 darrenr Exp
*/
#include "ipf.h"
#include "kmem.h"
@ -19,11 +19,12 @@ struct ipfr *ifr;
fr.fr_flags = 0xffffffff;
printf("%s%s -> ", prefix, hostname(4, &ifr->ipfr_src));
/*
if (kmemcpy((char *)&fr, (u_long)ifr->ipfr_rule,
sizeof(fr)) == -1)
return;
printf("%s id %d ttl %d pr %d seen0 %d ifp %p tos %#02x = %#x\n",
hostname(4, &ifr->ipfr_dst), ifr->ipfr_id, ifr->ipfr_seen0,
ifr->ipfr_ttl, ifr->ipfr_p, ifr->ipfr_ifp, ifr->ipfr_tos,
fr.fr_flags);
*/
printf("%s id %d ttl %ld pr %d seen0 %d ref %d tos %#02x\n",
hostname(4, &ifr->ipfr_dst), ifr->ipfr_id, ifr->ipfr_ttl,
ifr->ipfr_p, ifr->ipfr_seen0, ifr->ipfr_ref, ifr->ipfr_tos);
}

104
dist/ipf/lib/printhash.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printhash.c,v 1.1.1.2 2005/02/19 21:26:48 martti Exp $ */
/* $NetBSD: printhash.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
@ -20,7 +20,7 @@ int opts;
{
iphtent_t *ipep, **table;
iphtable_t iph;
int i, printed;
int printed;
size_t sz;
if ((*copyfunc)((char *)hp, (char *)&iph, sizeof(iph)))
@ -29,94 +29,10 @@ int opts;
if ((name != NULL) && strncmp(name, iph.iph_name, FR_GROUPLEN))
return iph.iph_next;
if ((opts & OPT_DEBUG) == 0) {
if ((iph.iph_type & IPHASH_ANON) == IPHASH_ANON)
PRINTF("# 'anonymous' table\n");
switch (iph.iph_type & ~IPHASH_ANON)
{
case IPHASH_LOOKUP :
PRINTF("table");
break;
case IPHASH_GROUPMAP :
PRINTF("group-map");
if (iph.iph_flags & FR_INQUE)
PRINTF(" in");
else if (iph.iph_flags & FR_OUTQUE)
PRINTF(" out");
else
PRINTF(" ???");
break;
default :
PRINTF("%#x", iph.iph_type);
break;
}
PRINTF(" role = ");
} else {
PRINTF("Hash Table Number: %s", iph.iph_name);
if ((iph.iph_type & IPHASH_ANON) == IPHASH_ANON)
PRINTF("(anon)");
putchar(' ');
PRINTF("Role: ");
}
printhashdata(hp, opts);
switch (iph.iph_unit)
{
case IPL_LOGNAT :
PRINTF("nat");
break;
case IPL_LOGIPF :
PRINTF("ipf");
break;
case IPL_LOGAUTH :
PRINTF("auth");
break;
case IPL_LOGCOUNT :
PRINTF("count");
break;
default :
PRINTF("#%d", iph.iph_unit);
break;
}
if ((opts & OPT_DEBUG) == 0) {
if ((iph.iph_type & ~IPHASH_ANON) == IPHASH_LOOKUP)
PRINTF(" type = hash");
PRINTF(" number = %s size = %lu",
iph.iph_name, (u_long)iph.iph_size);
if (iph.iph_seed != 0)
PRINTF(" seed = %lu", iph.iph_seed);
putchar('\n');
} else {
PRINTF(" Type: ");
switch (iph.iph_type & ~IPHASH_ANON)
{
case IPHASH_LOOKUP :
PRINTF("lookup");
break;
case IPHASH_GROUPMAP :
PRINTF("groupmap Group. %s", iph.iph_name);
break;
default :
break;
}
putchar('\n');
PRINTF("\t\tSize: %lu\tSeed: %lu",
(u_long)iph.iph_size, iph.iph_seed);
PRINTF("\tRef. Count: %d\tMasks: %#x\n", iph.iph_ref,
iph.iph_masks);
}
if ((opts & OPT_DEBUG) != 0) {
struct in_addr m;
for (i = 0; i < 32; i++) {
if ((1 << i) & iph.iph_masks) {
ntomask(4, i, &m.s_addr);
PRINTF("\t\tMask: %s\n", inet_ntoa(m));
}
}
}
if ((hp->iph_flags & IPHASH_DELETE) != 0)
PRINTF("# ");
if ((opts & OPT_DEBUG) == 0)
PRINTF("\t{");
@ -126,11 +42,9 @@ int opts;
if ((*copyfunc)((char *)iph.iph_table, (char *)table, sz))
return NULL;
for (i = 0, printed = 0; i < iph.iph_size; i++) {
for (ipep = table[i]; ipep != NULL; ) {
ipep = printhashnode(&iph, ipep, copyfunc, opts);
printed++;
}
for (printed = 0, ipep = iph.iph_list; ipep != NULL; ) {
ipep = printhashnode(&iph, ipep, copyfunc, opts);
printed++;
}
if (printed == 0)
putchar(';');

79
dist/ipf/lib/printhash_live.c vendored Normal file
View File

@ -0,0 +1,79 @@
/* $NetBSD: printhash_live.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
#include <sys/ioctl.h>
#include "ipf.h"
#include "ipl.h"
#define PRINTF (void)printf
#define FPRINTF (void)fprintf
iphtable_t *printhash_live(hp, fd, name, opts)
iphtable_t *hp;
int fd;
char *name;
int opts;
{
iphtent_t entry, *top, *node;
ipflookupiter_t iter;
int printed, last;
ipfobj_t obj;
if ((name != NULL) && strncmp(name, hp->iph_name, FR_GROUPLEN))
return hp->iph_next;
printhashdata(hp, opts);
if ((hp->iph_flags & IPHASH_DELETE) != 0)
PRINTF("# ");
if ((opts & OPT_DEBUG) == 0)
PRINTF("\t{");
obj.ipfo_rev = IPFILTER_VERSION;
obj.ipfo_type = IPFOBJ_LOOKUPITER;
obj.ipfo_ptr = &iter;
obj.ipfo_size = sizeof(iter);
iter.ili_data = &entry;
iter.ili_type = IPLT_HASH;
iter.ili_otype = IPFLOOKUPITER_NODE;
iter.ili_ival = IPFGENITER_LOOKUP;
iter.ili_unit = hp->iph_unit;
strncpy(iter.ili_name, hp->iph_name, FR_GROUPLEN);
last = 0;
top = NULL;
printed = 0;
while (!last && (ioctl(fd, SIOCLOOKUPITER, &obj) == 0)) {
if (entry.ipe_next == NULL)
last = 1;
entry.ipe_next = top;
top = malloc(sizeof(*top));
if (top == NULL)
break;
bcopy(&entry, top, sizeof(entry));
}
while (top != NULL) {
node = top;
(void) printhashnode(hp, node, bcopywrap, opts);
top = node->ipe_next;
free(node);
printed++;
}
if (printed == 0)
putchar(';');
if ((opts & OPT_DEBUG) == 0)
PRINTF(" };\n");
return hp->iph_next;
}

114
dist/ipf/lib/printhashdata.c vendored Normal file
View File

@ -0,0 +1,114 @@
/* $NetBSD: printhashdata.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
#include "ipf.h"
#define PRINTF (void)printf
#define FPRINTF (void)fprintf
void printhashdata(hp, opts)
iphtable_t *hp;
int opts;
{
if ((opts & OPT_DEBUG) == 0) {
if ((hp->iph_type & IPHASH_ANON) == IPHASH_ANON)
PRINTF("# 'anonymous' table\n");
if ((hp->iph_flags & IPHASH_DELETE) == IPHASH_DELETE)
PRINTF("# ");
switch (hp->iph_type & ~IPHASH_ANON)
{
case IPHASH_LOOKUP :
PRINTF("table");
break;
case IPHASH_GROUPMAP :
PRINTF("group-map");
if (hp->iph_flags & FR_INQUE)
PRINTF(" in");
else if (hp->iph_flags & FR_OUTQUE)
PRINTF(" out");
else
PRINTF(" ???");
break;
default :
PRINTF("%#x", hp->iph_type);
break;
}
PRINTF(" role = ");
} else {
PRINTF("Hash Table %s: %s",
isdigit(*hp->iph_name) ? "Number" : "Name",
hp->iph_name);
if ((hp->iph_type & IPHASH_ANON) == IPHASH_ANON)
PRINTF("(anon)");
putchar(' ');
PRINTF("Role: ");
}
switch (hp->iph_unit)
{
case IPL_LOGNAT :
PRINTF("nat");
break;
case IPL_LOGIPF :
PRINTF("ipf");
break;
case IPL_LOGAUTH :
PRINTF("auth");
break;
case IPL_LOGCOUNT :
PRINTF("count");
break;
default :
PRINTF("#%d", hp->iph_unit);
break;
}
if ((opts & OPT_DEBUG) == 0) {
if ((hp->iph_type & ~IPHASH_ANON) == IPHASH_LOOKUP)
PRINTF(" type = hash");
PRINTF(" %s = %s size = %lu",
isdigit(*hp->iph_name) ? "number" : "name",
hp->iph_name, (u_long)hp->iph_size);
if (hp->iph_seed != 0)
PRINTF(" seed = %lu", hp->iph_seed);
putchar('\n');
} else {
PRINTF(" Type: ");
switch (hp->iph_type & ~IPHASH_ANON)
{
case IPHASH_LOOKUP :
PRINTF("lookup");
break;
case IPHASH_GROUPMAP :
PRINTF("groupmap Group. %s", hp->iph_name);
break;
default :
break;
}
putchar('\n');
PRINTF("\t\tSize: %lu\tSeed: %lu",
(u_long)hp->iph_size, hp->iph_seed);
PRINTF("\tRef. Count: %d\tMasks: %#x\n", hp->iph_ref,
hp->iph_masks);
}
if ((opts & OPT_DEBUG) != 0) {
struct in_addr m;
int i;
for (i = 0; i < 32; i++) {
if ((1 << i) & hp->iph_masks) {
ntomask(4, i, &m.s_addr);
PRINTF("\t\tMask: %s\n", inet_ntoa(m));
}
}
}
}

5
dist/ipf/lib/printhashnode.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printhashnode.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printhashnode.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
@ -47,6 +47,7 @@ int opts;
}
putchar(';');
}
ipep = ipe.ipe_next;
return ipep;
}

14
dist/ipf/lib/printhostmap.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: printhostmap.c,v 1.1.1.2 2006/04/04 16:09:37 martti Exp $ */
/* $NetBSD: printhostmap.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printhostmap.c,v 1.3.2.3 2006/09/30 21:42:07 darrenr Exp
*/
#include "ipf.h"
@ -6,11 +14,9 @@ void printhostmap(hmp, hv)
hostmap_t *hmp;
u_int hv;
{
struct in_addr in;
printf("%s,", inet_ntoa(hmp->hm_srcip));
printf("%s -> ", inet_ntoa(hmp->hm_dstip));
in.s_addr = htonl(hmp->hm_mapip.s_addr);
printf("%s ", inet_ntoa(in));
printf("%s ", inet_ntoa(hmp->hm_mapip));
printf("(use = %d hv = %u)\n", hmp->hm_ref, hv);
}

6
dist/ipf/lib/printhostmask.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printhostmask.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printhostmask.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printhostmask.c,v 1.8 2002/04/11 15:01:19 darrenr Exp
* Id: printhostmask.c,v 1.8.4.1 2006/06/16 17:21:12 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/printifname.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printifname.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printifname.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printifname.c,v 1.2 2002/01/28 06:50:47 darrenr Exp
* Id: printifname.c,v 1.2.4.1 2006/06/16 17:21:12 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/printip.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printip.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printip.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printip.c,v 1.3 2002/07/13 12:10:27 darrenr Exp
* Id: printip.c,v 1.3.4.1 2006/06/16 17:21:12 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/printlog.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printlog.c,v 1.1.1.2 2006/04/04 16:09:37 martti Exp $ */
/* $NetBSD: printlog.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printlog.c,v 1.6.4.2 2005/12/18 14:49:06 darrenr Exp
* Id: printlog.c,v 1.6.4.3 2006/06/16 17:21:12 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/printmask.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printmask.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printmask.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printmask.c,v 1.5 2002/06/15 04:48:33 darrenr Exp
* Id: printmask.c,v 1.5.4.1 2006/06/16 17:21:13 darrenr Exp
*/
#include "ipf.h"

16
dist/ipf/lib/printnat.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printnat.c,v 1.1.1.5 2006/04/04 16:09:37 martti Exp $ */
/* $NetBSD: printnat.c,v 1.1.1.6 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
@ -13,7 +13,7 @@
#if !defined(lint)
static const char rcsid[] = "@(#)Id: printnat.c,v 1.22.2.11 2005/11/14 17:45:06 darrenr Exp";
static const char rcsid[] = "@(#)Id: printnat.c,v 1.22.2.13 2006/12/09 10:37:47 darrenr Exp";
#endif
/*
@ -48,10 +48,16 @@ int opts;
break;
}
printf(" %s", np->in_ifnames[0]);
if (!strcmp(np->in_ifnames[0], "-"))
printf(" \"%s\"", np->in_ifnames[0]);
else
printf(" %s", np->in_ifnames[0]);
if ((np->in_ifnames[1][0] != '\0') &&
(strncmp(np->in_ifnames[0], np->in_ifnames[1], LIFNAMSIZ) != 0)) {
printf(",%s", np->in_ifnames[1]);
if (!strcmp(np->in_ifnames[1], "-"))
printf(",\"%s\"", np->in_ifnames[1]);
else
printf(",%s", np->in_ifnames[1]);
}
putchar(' ');

7
dist/ipf/lib/printpacket.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printpacket.c,v 1.1.1.3 2006/04/04 16:09:37 martti Exp $ */
/* $NetBSD: printpacket.c,v 1.1.1.4 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printpacket.c,v 1.12.4.2 2005/12/04 09:33:06 darrenr Exp
* Id: printpacket.c,v 1.12.4.4 2006/09/30 21:44:43 darrenr Exp
*/
#include "ipf.h"
@ -43,6 +43,7 @@ struct ip *ip;
putchar(' ');
}
putchar('\n');
putchar('\n');
return;
}

10
dist/ipf/lib/printpacket6.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: printpacket6.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printpacket6.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printpacket6.c,v 1.3.4.1 2006/06/16 17:21:13 darrenr Exp
*/
#include "ipf.h"

58
dist/ipf/lib/printpool.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printpool.c,v 1.1.1.2 2005/02/19 21:26:49 martti Exp $ */
/* $NetBSD: printpool.c,v 1.1.1.3 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
@ -26,58 +26,12 @@ int opts;
if ((name != NULL) && strncmp(name, ipp.ipo_name, FR_GROUPLEN))
return ipp.ipo_next;
if ((opts & OPT_DEBUG) == 0) {
if ((ipp.ipo_flags & IPOOL_ANON) != 0)
PRINTF("# 'anonymous' tree %s\n", ipp.ipo_name);
PRINTF("table role = ");
} else {
PRINTF("Name: %s", ipp.ipo_name);
if ((ipp.ipo_flags & IPOOL_ANON) == IPOOL_ANON)
PRINTF("(anon)");
putchar(' ');
PRINTF("Role: ");
}
printpooldata(&ipp, opts);
switch (ipp.ipo_unit)
{
case IPL_LOGIPF :
printf("ipf");
break;
case IPL_LOGNAT :
printf("nat");
break;
case IPL_LOGSTATE :
printf("state");
break;
case IPL_LOGAUTH :
printf("auth");
break;
case IPL_LOGSYNC :
printf("sync");
break;
case IPL_LOGSCAN :
printf("scan");
break;
case IPL_LOGLOOKUP :
printf("lookup");
break;
case IPL_LOGCOUNT :
printf("count");
break;
default :
printf("unknown(%d)", ipp.ipo_unit);
}
if ((opts & OPT_DEBUG) == 0) {
PRINTF(" type = tree number = %s\n", ipp.ipo_name);
if ((ipp.ipo_flags & IPOOL_DELETE) != 0)
PRINTF("# ");
if ((opts & OPT_DEBUG) == 0)
PRINTF("\t{");
} else {
putchar(' ');
PRINTF("\tReferences: %d\tHits: %lu\n", ipp.ipo_ref,
ipp.ipo_hits);
PRINTF("\tNodes Starting at %p\n", ipp.ipo_list);
}
ipnpn = ipp.ipo_list;
ipp.ipo_list = NULL;

80
dist/ipf/lib/printpool_live.c vendored Normal file
View File

@ -0,0 +1,80 @@
/* $NetBSD: printpool_live.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
#include <sys/ioctl.h>
#include "ipf.h"
#include "ipl.h"
#define PRINTF (void)printf
#define FPRINTF (void)fprintf
ip_pool_t *printpool_live(pool, fd, name, opts)
ip_pool_t *pool;
int fd;
char *name;
int opts;
{
ip_pool_node_t entry, *top, *node;
ipflookupiter_t iter;
int printed, last;
ipfobj_t obj;
if ((name != NULL) && strncmp(name, pool->ipo_name, FR_GROUPLEN))
return pool->ipo_next;
printpooldata(pool, opts);
if ((pool->ipo_flags & IPOOL_DELETE) != 0)
PRINTF("# ");
if ((opts & OPT_DEBUG) == 0)
PRINTF("\t{");
obj.ipfo_rev = IPFILTER_VERSION;
obj.ipfo_type = IPFOBJ_LOOKUPITER;
obj.ipfo_ptr = &iter;
obj.ipfo_size = sizeof(iter);
iter.ili_data = &entry;
iter.ili_type = IPLT_POOL;
iter.ili_otype = IPFLOOKUPITER_NODE;
iter.ili_ival = IPFGENITER_LOOKUP;
iter.ili_unit = pool->ipo_unit;
strncpy(iter.ili_name, pool->ipo_name, FR_GROUPLEN);
last = 0;
top = NULL;
printed = 0;
while (!last && (ioctl(fd, SIOCLOOKUPITER, &obj) == 0)) {
if (entry.ipn_next == NULL)
last = 1;
entry.ipn_next = top;
top = malloc(sizeof(*top));
if (top == NULL)
break;
bcopy(&entry, top, sizeof(entry));
}
while (top != NULL) {
node = top;
(void) printpoolnode(node, opts);
if ((opts & OPT_DEBUG) == 0)
putchar(';');
top = node->ipn_next;
free(node);
printed++;
}
if (printed == 0)
putchar(';');
if ((opts & OPT_DEBUG) == 0)
PRINTF(" };\n");
return pool->ipo_next;
}

80
dist/ipf/lib/printpooldata.c vendored Normal file
View File

@ -0,0 +1,80 @@
/* $NetBSD: printpooldata.c,v 1.1.1.1 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
#include "ipf.h"
#define PRINTF (void)printf
#define FPRINTF (void)fprintf
void printpooldata(pool, opts)
ip_pool_t *pool;
int opts;
{
if ((opts & OPT_DEBUG) == 0) {
if ((pool->ipo_flags & IPOOL_ANON) != 0)
PRINTF("# 'anonymous' tree %s\n", pool->ipo_name);
if ((pool->ipo_flags & IPOOL_DELETE) != 0)
PRINTF("# ");
PRINTF("table role = ");
} else {
if ((pool->ipo_flags & IPOOL_DELETE) != 0)
PRINTF("# ");
PRINTF("%s: %s",
isdigit(*pool->ipo_name) ? "Number" : "Name",
pool->ipo_name);
if ((pool->ipo_flags & IPOOL_ANON) == IPOOL_ANON)
PRINTF("(anon)");
putchar(' ');
PRINTF("Role: ");
}
switch (pool->ipo_unit)
{
case IPL_LOGIPF :
printf("ipf");
break;
case IPL_LOGNAT :
printf("nat");
break;
case IPL_LOGSTATE :
printf("state");
break;
case IPL_LOGAUTH :
printf("auth");
break;
case IPL_LOGSYNC :
printf("sync");
break;
case IPL_LOGSCAN :
printf("scan");
break;
case IPL_LOGLOOKUP :
printf("lookup");
break;
case IPL_LOGCOUNT :
printf("count");
break;
default :
printf("unknown(%d)", pool->ipo_unit);
}
if ((opts & OPT_DEBUG) == 0) {
PRINTF(" type = tree %s = %s\n",
isdigit(*pool->ipo_name) ? "number" : "name",
pool->ipo_name);
} else {
putchar(' ');
PRINTF("\tReferences: %d\tHits: %lu\n", pool->ipo_ref,
pool->ipo_hits);
if ((pool->ipo_flags & IPOOL_DELETE) != 0)
PRINTF("# ");
PRINTF("\tNodes Starting at %p\n", pool->ipo_list);
}
}

10
dist/ipf/lib/printpoolnode.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printpoolnode.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printpoolnode.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
@ -23,11 +23,11 @@ int opts;
printip((u_32_t *)&np->ipn_addr.adf_addr.in4);
printmask((u_32_t *)&np->ipn_mask.adf_addr);
} else {
PRINTF("\t\t%s%s", np->ipn_info ? "! " : "",
PRINTF("\tAddress: %s%s", np->ipn_info ? "! " : "",
inet_ntoa(np->ipn_addr.adf_addr.in4));
printmask((u_32_t *)&np->ipn_mask.adf_addr);
PRINTF("\n\t\tHits %lu\tName %s\n",
np->ipn_hits, np->ipn_name);
PRINTF("\t\tHits %lu\tName %s\tRef %d\n",
np->ipn_hits, np->ipn_name, np->ipn_ref);
}
return np->ipn_next;
}

6
dist/ipf/lib/printportcmp.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: printportcmp.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printportcmp.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printportcmp.c,v 1.7 2003/02/16 02:31:05 darrenr Exp
* Id: printportcmp.c,v 1.7.4.1 2006/06/16 17:21:14 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/printproto.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printproto.c,v 1.1.1.1 2006/04/04 16:09:37 martti Exp $ */
/* $NetBSD: printproto.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2005 by Darren Reed.
* Copyright (C) 2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
@ -10,7 +10,7 @@
#if !defined(lint)
static const char rcsid[] = "@(#)Id: printproto.c,v 1.1.2.1 2005/06/12 07:21:53 darrenr Exp";
static const char rcsid[] = "@(#)Id: printproto.c,v 1.1.2.2 2006/06/16 17:21:14 darrenr Exp";
#endif

154
dist/ipf/lib/printstate.c vendored
View File

@ -1,7 +1,7 @@
/* $NetBSD: printstate.c,v 1.1.1.5 2006/04/04 16:09:37 martti Exp $ */
/* $NetBSD: printstate.c,v 1.1.1.6 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2002-2005 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
@ -17,64 +17,62 @@ ipstate_t *sp;
int opts;
u_long now;
{
ipstate_t ips;
synclist_t ipsync;
if (kmemcpy((char *)&ips, (u_long)sp, sizeof(ips)))
return NULL;
PRINTF("%s -> ", hostname(ips.is_v, &ips.is_src.in4));
if (sp->is_phnext == NULL)
PRINTF("ORPHAN ");
PRINTF("%s -> ", hostname(sp->is_v, &sp->is_src.in4));
PRINTF("%s pass %#x pr %d state %d/%d bkt %d\n",
hostname(ips.is_v, &ips.is_dst.in4), ips.is_pass, ips.is_p,
ips.is_state[0], ips.is_state[1], ips.is_hv);
PRINTF("\ttag %u ttl %lu", ips.is_tag, ips.is_die - now);
hostname(sp->is_v, &sp->is_dst.in4), sp->is_pass, sp->is_p,
sp->is_state[0], sp->is_state[1], sp->is_hv);
PRINTF("\ttag %u ttl %lu", sp->is_tag, sp->is_die - now);
if (ips.is_p == IPPROTO_TCP) {
if (sp->is_p == IPPROTO_TCP) {
PRINTF("\n\t%hu -> %hu %x:%x %hu<<%d:%hu<<%d\n",
ntohs(ips.is_sport), ntohs(ips.is_dport),
ips.is_send, ips.is_dend,
ips.is_maxswin, ips.is_swinscale,
ips.is_maxdwin, ips.is_dwinscale);
ntohs(sp->is_sport), ntohs(sp->is_dport),
sp->is_send, sp->is_dend,
sp->is_maxswin, sp->is_swinscale,
sp->is_maxdwin, sp->is_dwinscale);
PRINTF("\tcmsk %04x smsk %04x isc %p s0 %08x/%08x\n",
ips.is_smsk[0], ips.is_smsk[1], ips.is_isc,
ips.is_s0[0], ips.is_s0[1]);
sp->is_smsk[0], sp->is_smsk[1], sp->is_isc,
sp->is_s0[0], sp->is_s0[1]);
PRINTF("\tFWD:ISN inc %x sumd %x\n",
ips.is_isninc[0], ips.is_sumd[0]);
sp->is_isninc[0], sp->is_sumd[0]);
PRINTF("\tREV:ISN inc %x sumd %x\n",
ips.is_isninc[1], ips.is_sumd[1]);
sp->is_isninc[1], sp->is_sumd[1]);
#ifdef IPFILTER_SCAN
PRINTF("\tsbuf[0] [");
printsbuf(ips.is_sbuf[0]);
printsbuf(sp->is_sbuf[0]);
PRINTF("] sbuf[1] [");
printsbuf(ips.is_sbuf[1]);
printsbuf(sp->is_sbuf[1]);
PRINTF("]\n");
#endif
} else if (ips.is_p == IPPROTO_UDP) {
PRINTF(" %hu -> %hu\n", ntohs(ips.is_sport),
ntohs(ips.is_dport));
} else if (ips.is_p == IPPROTO_GRE) {
PRINTF(" call %hx/%hx\n", ntohs(ips.is_gre.gs_call[0]),
ntohs(ips.is_gre.gs_call[1]));
} else if (ips.is_p == IPPROTO_ICMP
} else if (sp->is_p == IPPROTO_UDP) {
PRINTF(" %hu -> %hu\n", ntohs(sp->is_sport),
ntohs(sp->is_dport));
} else if (sp->is_p == IPPROTO_GRE) {
PRINTF(" call %hx/%hx\n", ntohs(sp->is_gre.gs_call[0]),
ntohs(sp->is_gre.gs_call[1]));
} else if (sp->is_p == IPPROTO_ICMP
#ifdef USE_INET6
|| ips.is_p == IPPROTO_ICMPV6
|| sp->is_p == IPPROTO_ICMPV6
#endif
)
PRINTF(" id %hu seq %hu type %d\n", ips.is_icmp.ici_id,
ips.is_icmp.ici_seq, ips.is_icmp.ici_type);
PRINTF(" id %hu seq %hu type %d\n", sp->is_icmp.ici_id,
sp->is_icmp.ici_seq, sp->is_icmp.ici_type);
#ifdef USE_QUAD_T
PRINTF("\tforward: pkts in %qd bytes in %qd pkts out %qd bytes out %qd\n\tbackward: pkts in %qd bytes in %qd pkts out %qd bytes out %qd\n",
ips.is_pkts[0], ips.is_bytes[0],
ips.is_pkts[1], ips.is_bytes[1],
ips.is_pkts[2], ips.is_bytes[2],
ips.is_pkts[3], ips.is_bytes[3]);
sp->is_pkts[0], sp->is_bytes[0],
sp->is_pkts[1], sp->is_bytes[1],
sp->is_pkts[2], sp->is_bytes[2],
sp->is_pkts[3], sp->is_bytes[3]);
#else
PRINTF("\tforward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n\tbackward: pkts in %ld bytes in %ld pkts out %ld bytes out %ld\n",
ips.is_pkts[0], ips.is_bytes[0],
ips.is_pkts[1], ips.is_bytes[1],
ips.is_pkts[2], ips.is_bytes[2],
ips.is_pkts[3], ips.is_bytes[3]);
sp->is_pkts[0], sp->is_bytes[0],
sp->is_pkts[1], sp->is_bytes[1],
sp->is_pkts[2], sp->is_bytes[2],
sp->is_pkts[3], sp->is_bytes[3]);
#endif
PRINTF("\t");
@ -83,11 +81,11 @@ u_long now;
* Print out bits set in the result code for the state being
* kept as they would for a rule.
*/
if (FR_ISPASS(ips.is_pass)) {
if (FR_ISPASS(sp->is_pass)) {
PRINTF("pass");
} else if (FR_ISBLOCK(ips.is_pass)) {
} else if (FR_ISBLOCK(sp->is_pass)) {
PRINTF("block");
switch (ips.is_pass & FR_RETMASK)
switch (sp->is_pass & FR_RETMASK)
{
case FR_RETICMP :
PRINTF(" return-icmp");
@ -101,77 +99,77 @@ u_long now;
default :
break;
}
} else if ((ips.is_pass & FR_LOGMASK) == FR_LOG) {
} else if ((sp->is_pass & FR_LOGMASK) == FR_LOG) {
PRINTF("log");
if (ips.is_pass & FR_LOGBODY)
if (sp->is_pass & FR_LOGBODY)
PRINTF(" body");
if (ips.is_pass & FR_LOGFIRST)
if (sp->is_pass & FR_LOGFIRST)
PRINTF(" first");
} else if (FR_ISACCOUNT(ips.is_pass)) {
} else if (FR_ISACCOUNT(sp->is_pass)) {
PRINTF("count");
} else if (FR_ISPREAUTH(ips.is_pass)) {
} else if (FR_ISPREAUTH(sp->is_pass)) {
PRINTF("preauth");
} else if (FR_ISAUTH(ips.is_pass))
} else if (FR_ISAUTH(sp->is_pass))
PRINTF("auth");
if (ips.is_pass & FR_OUTQUE)
if (sp->is_pass & FR_OUTQUE)
PRINTF(" out");
else
PRINTF(" in");
if ((ips.is_pass & FR_LOG) != 0) {
if ((sp->is_pass & FR_LOG) != 0) {
PRINTF(" log");
if (ips.is_pass & FR_LOGBODY)
if (sp->is_pass & FR_LOGBODY)
PRINTF(" body");
if (ips.is_pass & FR_LOGFIRST)
if (sp->is_pass & FR_LOGFIRST)
PRINTF(" first");
if (ips.is_pass & FR_LOGORBLOCK)
if (sp->is_pass & FR_LOGORBLOCK)
PRINTF(" or-block");
}
if (ips.is_pass & FR_QUICK)
if (sp->is_pass & FR_QUICK)
PRINTF(" quick");
if (ips.is_pass & FR_KEEPFRAG)
if (sp->is_pass & FR_KEEPFRAG)
PRINTF(" keep frags");
/* a given; no? */
if (ips.is_pass & FR_KEEPSTATE) {
if (sp->is_pass & FR_KEEPSTATE) {
PRINTF(" keep state");
if (ips.is_pass & FR_STATESYNC)
if (sp->is_pass & FR_STATESYNC)
PRINTF(" ( sync )");
}
PRINTF("\tIPv%d", ips.is_v);
PRINTF("\tIPv%d", sp->is_v);
PRINTF("\n");
PRINTF("\tpkt_flags & %x(%x) = %x,\t",
ips.is_flags & 0xf, ips.is_flags,
ips.is_flags >> 4);
PRINTF("\tpkt_options & %x = %x, %x = %x \n", ips.is_optmsk[0],
ips.is_opt[0], ips.is_optmsk[1], ips.is_opt[1]);
sp->is_flags & 0xf, sp->is_flags,
sp->is_flags >> 4);
PRINTF("\tpkt_options & %x = %x, %x = %x \n", sp->is_optmsk[0],
sp->is_opt[0], sp->is_optmsk[1], sp->is_opt[1]);
PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n",
ips.is_secmsk, ips.is_sec, ips.is_authmsk,
ips.is_auth);
PRINTF("\tis_flx %#x %#x %#x %#x\n", ips.is_flx[0][0], ips.is_flx[0][1],
ips.is_flx[1][0], ips.is_flx[1][1]);
PRINTF("\tinterfaces: in %s[%s", getifname(ips.is_ifp[0]),
ips.is_ifname[0]);
sp->is_secmsk, sp->is_sec, sp->is_authmsk,
sp->is_auth);
PRINTF("\tis_flx %#x %#x %#x %#x\n", sp->is_flx[0][0], sp->is_flx[0][1],
sp->is_flx[1][0], sp->is_flx[1][1]);
PRINTF("\tinterfaces: in %s[%s", getifname(sp->is_ifp[0]),
sp->is_ifname[0]);
if (opts & OPT_DEBUG)
PRINTF("/%p", ips.is_ifp[0]);
PRINTF("/%p", sp->is_ifp[0]);
putchar(']');
PRINTF(",%s[%s", getifname(ips.is_ifp[1]), ips.is_ifname[1]);
PRINTF(",%s[%s", getifname(sp->is_ifp[1]), sp->is_ifname[1]);
if (opts & OPT_DEBUG)
PRINTF("/%p", ips.is_ifp[1]);
PRINTF("/%p", sp->is_ifp[1]);
putchar(']');
PRINTF(" out %s[%s", getifname(ips.is_ifp[2]), ips.is_ifname[2]);
PRINTF(" out %s[%s", getifname(sp->is_ifp[2]), sp->is_ifname[2]);
if (opts & OPT_DEBUG)
PRINTF("/%p", ips.is_ifp[2]);
PRINTF("/%p", sp->is_ifp[2]);
putchar(']');
PRINTF(",%s[%s", getifname(ips.is_ifp[3]), ips.is_ifname[3]);
PRINTF(",%s[%s", getifname(sp->is_ifp[3]), sp->is_ifname[3]);
if (opts & OPT_DEBUG)
PRINTF("/%p", ips.is_ifp[3]);
PRINTF("/%p", sp->is_ifp[3]);
PRINTF("]\n");
if (ips.is_sync != NULL) {
if (sp->is_sync != NULL) {
if (kmemcpy((char *)&ipsync, (u_long)ips.is_sync, sizeof(ipsync))) {
if (kmemcpy((char *)&ipsync, (u_long)sp->is_sync, sizeof(ipsync))) {
PRINTF("\tSync status: status could not be retrieved\n");
return NULL;
@ -185,5 +183,5 @@ u_long now;
PRINTF("\tSync status: not synchronized\n");
}
return ips.is_next;
return sp->is_next;
}

10
dist/ipf/lib/printtunable.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: printtunable.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: printtunable.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: printtunable.c,v 1.1.4.1 2006/06/16 17:21:15 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/remove_hash.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: remove_hash.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: remove_hash.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: remove_hash.c,v 1.1 2003/04/13 06:40:14 darrenr Exp
* Id: remove_hash.c,v 1.1.4.1 2006/06/16 17:21:16 darrenr Exp
*/
#include <fcntl.h>

6
dist/ipf/lib/remove_hashnode.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: remove_hashnode.c,v 1.1.1.1 2004/03/28 08:56:19 martti Exp $ */
/* $NetBSD: remove_hashnode.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: remove_hashnode.c,v 1.1 2003/04/13 06:40:14 darrenr Exp
* Id: remove_hashnode.c,v 1.1.4.1 2006/06/16 17:21:16 darrenr Exp
*/
#include <fcntl.h>

6
dist/ipf/lib/remove_pool.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: remove_pool.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: remove_pool.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: remove_pool.c,v 1.1 2003/04/13 06:40:14 darrenr Exp
* Id: remove_pool.c,v 1.1.4.1 2006/06/16 17:21:16 darrenr Exp
*/
#include <fcntl.h>

6
dist/ipf/lib/remove_poolnode.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: remove_poolnode.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: remove_poolnode.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: remove_poolnode.c,v 1.3 2003/11/22 10:14:36 darrenr Exp
* Id: remove_poolnode.c,v 1.3.2.1 2006/06/16 17:21:16 darrenr Exp
*/
#include <fcntl.h>

10
dist/ipf/lib/resetlexer.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: resetlexer.c,v 1.1.1.1 2004/03/28 08:56:21 martti Exp $ */
/* $NetBSD: resetlexer.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: resetlexer.c,v 1.1.4.1 2006/06/16 17:21:16 darrenr Exp
*/
#include "ipf.h"

10
dist/ipf/lib/rwlock_emul.c vendored
View File

@ -1,4 +1,12 @@
/* $NetBSD: rwlock_emul.c,v 1.1.1.1 2004/03/28 08:56:21 martti Exp $ */
/* $NetBSD: rwlock_emul.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: rwlock_emul.c,v 1.1.4.1 2006/06/16 17:21:17 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/tcp_flags.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: tcp_flags.c,v 1.1.1.1 2004/03/28 08:56:21 martti Exp $ */
/* $NetBSD: tcp_flags.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2004 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: tcp_flags.c,v 1.8 2004/02/07 18:15:54 darrenr Exp
* Id: tcp_flags.c,v 1.8.2.1 2006/06/16 17:21:17 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/tcpflags.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: tcpflags.c,v 1.1.1.1 2004/03/28 08:56:21 martti Exp $ */
/* $NetBSD: tcpflags.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2001-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: tcpflags.c,v 1.3 2002/11/02 07:18:01 darrenr Exp
* Id: tcpflags.c,v 1.3.4.1 2006/06/16 17:21:17 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/tcpoptnames.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: tcpoptnames.c,v 1.1.1.1 2004/03/28 08:56:21 martti Exp $ */
/* $NetBSD: tcpoptnames.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2002 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: tcpoptnames.c,v 1.5 2002/01/28 06:50:48 darrenr Exp
* Id: tcpoptnames.c,v 1.5.4.1 2006/06/16 17:21:17 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/v6optvalue.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: v6optvalue.c,v 1.1.1.1 2004/03/28 08:56:21 martti Exp $ */
/* $NetBSD: v6optvalue.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: v6optvalue.c,v 1.1 2003/04/26 04:55:58 darrenr Exp
* Id: v6optvalue.c,v 1.1.4.1 2006/06/16 17:21:18 darrenr Exp
*/
#include "ipf.h"

6
dist/ipf/lib/verbose.c vendored
View File

@ -1,11 +1,11 @@
/* $NetBSD: verbose.c,v 1.1.1.1 2004/03/28 08:56:20 martti Exp $ */
/* $NetBSD: verbose.c,v 1.1.1.2 2007/04/14 20:17:31 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
* Copyright (C) 2000-2001 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Id: verbose.c,v 1.6 2001/06/09 17:09:25 darrenr Exp
* Id: verbose.c,v 1.6.4.1 2006/06/16 17:21:18 darrenr Exp
*/
#if defined(__STDC__)

8
dist/ipf/mlfk_ipl.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: mlfk_ipl.c,v 1.1.1.8 2006/04/04 16:08:47 martti Exp $ */
/* $NetBSD: mlfk_ipl.c,v 1.1.1.9 2007/04/14 20:17:24 martin Exp $ */
/*
* Copyright (C) 2000 by Darren Reed.
@ -32,8 +32,6 @@
#include <netinet/ip_frag.h>
#include <netinet/ip_sync.h>
extern struct selinfo ipfselwait[IPL_LOGSIZE];
#if __FreeBSD_version >= 502116
static struct cdev *ipf_devs[IPL_LOGSIZE];
#else
@ -175,7 +173,7 @@ ipf_modload()
char *defpass, *c, *str;
int i, j, error;
error = iplattach();
error = ipfattach();
if (error)
return error;
@ -227,7 +225,7 @@ ipf_modunload()
return EBUSY;
if (fr_running >= 0) {
error = ipldetach();
error = ipfdetach();
if (error != 0)
return error;
} else

6
dist/ipf/mlo_ipl.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: mlo_ipl.c,v 1.1.1.2 2005/02/08 06:53:03 martti Exp $ */
/* $NetBSD: mlo_ipl.c,v 1.1.1.3 2007/04/14 20:17:25 martin Exp $ */
/*
* Copyright (C) 1993-2001 by Darren Reed.
@ -178,7 +178,7 @@ static int ipl_unload()
if (fr_refcnt)
error = EBUSY;
else if (fr_running >= 0)
error = ipldetach();
error = ipfdetach();
if (error == 0) {
fr_running = -2;
@ -203,7 +203,7 @@ static int ipl_load()
*/
(void)ipl_remove();
error = iplattach();
error = ipfattach();
for (i = 0; (error == 0) && (name = ipf_devfiles[i]); i++) {
NDINIT(&nd, CREATE, LOCKPARENT, UIO_SYSSPACE, name, curproc);

4
dist/ipf/radix_ipf.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: radix_ipf.h,v 1.1.1.2 2006/04/04 16:08:49 martti Exp $ */
/* $NetBSD: radix_ipf.h,v 1.1.1.3 2007/04/14 20:17:25 martin Exp $ */
/*
* Copyright (c) 1988, 1989, 1993
@ -42,7 +42,7 @@
# endif
#endif
#if defined(__sgi)
#if defined(__sgi) || defined(__osf__)
# define radix_mask ipf_radix_mask
# define radix_node ipf_radix_node
# define radix_node_head ipf_radix_node_head

2
dist/ipf/test/expected/ip2 vendored Normal file
View File

@ -0,0 +1,2 @@
table role = ipf type = tree name = letters
{ 2.2.2.0/24; ! 2.2.0.0/16; 1.1.1.1/32; };

3
dist/ipf/test/expected/n10 vendored
View File

@ -1,6 +1,9 @@
4500 002c 10c9 4000 ff06 5c9d cbcb cbcb 96cb e002 8032 0015 bd6b c9c8 0000 0000 6002 2238 655d 0000 0204 0064
-------------------------------
4500 002c 10c9 4000 ff06 5c9d cbcb cbcb 96cb e002 8032 0015 bd6b c9c8 0000 0000 6002 2238 61d9 0000 0204 03e8
-------------------------------
4500 002c 10c9 4000 ff06 5c9d cbcb cbcb 96cb e002 8032 0015 bd6b c9c8 0000 0000 6002 2238 600d 0000 0204 05b4
-------------------------------

3
dist/ipf/test/expected/n12 vendored
View File

@ -1,4 +1,7 @@
4510 0040 2020 4000 4006 9478 c0a8 01bc c0a8 0303 2710 0017 4e33 298e 0000 0000 b002 4000 6ff8 0000 0204 05b4 0101 0402 0103 0300 0101 080a 0c72 549e 0000 0000
4500 003c 00b0 4000 fe06 7964 c0a8 0303 c0a8 7e53 0017 12c2 f674 e02c 4e33 298f a012 2798 7ace 0000 0101 080a 2c05 b797 0c72 549e 0103 0300 0204 05b4
4510 0034 493b 4000 4006 6b69 c0a8 01bc c0a8 0303 2710 0017 4e33 298f f674 e02d 8010 4000 f673 0000 0101 080a 0c72 549e 2c05 b797
-------------------------------

4
dist/ipf/test/expected/n8 vendored
View File

@ -1,5 +1,9 @@
4500 0054 8bc1 0000 ff01 13d5 0a0a 0a01 0404 0404 0800 efdf 6220 0000 3f6f 6e80 000b 0d02 0809 0a0b 0c0d 0e0f 1011 1213 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435 3637
4500 0054 3fd5 4000 ff01 2fc8 0404 0404 0202 0202 0000 f7df 6220 0000 3f6f 6e80 000b 0d02 0809 0a0b 0c0d 0e0f 1011 1213 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435 3637
4500 0054 8bc1 0000 ff01 13d5 0a0a 0a01 0404 0404 0800 efde 6220 0001 3f6f 6e80 000b 0d02 0809 0a0b 0c0d 0e0f 1011 1213 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435 3637
4500 0054 3fd5 4000 ff01 2fc8 0404 0404 0202 0202 0000 f7de 6220 0001 3f6f 6e80 000b 0d02 0809 0a0b 0c0d 0e0f 1011 1213 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 3435 3637
-------------------------------

Some files were not shown because too many files have changed in this diff Show More