Commit Graph

252 Commits

Author SHA1 Message Date
martin 11a6dbe728 Convert TNF licenses to new 2 clause variant 2008-04-30 13:10:46 +00:00
lukem 49c8589969 Also escape $Header tags. 2007-12-11 03:34:59 +00:00
mrg 862626dd09 two new hacks:
- include <stdbool.h> so bool is available _KERNEL for sys/condvar.h
- include <sys/mutex.h> before defining _KERNEL so it won't try to
  include <machine/intr.h> which isn't available to userland.

fixes builds on sparc64.
2007-10-09 01:23:20 +00:00
martti abde7e33e0 Fixed IPF bug #1767831
ipflog() & ipmon ignore IPv6 extension headers
2007-09-17 18:02:21 +00:00
martti 61078fef5f Revert to previous, it was not working for me correctly... 2007-09-10 06:28:38 +00:00
martti fcbc8c046f Fixed IPF bug #1767831
ipflog() & ipmon ignore IPv6 extension headers

Patch fetched from the SourceForge bug report.
2007-09-10 06:12:02 +00:00
martin c77a3f5aad Upgraded IPFilter to v4.1.23 2007-06-16 10:52:24 +00:00
martin 03f2531d69 Import IPFilter 4.1.23 2007-06-16 10:33:08 +00:00
martti fff7fd04df s/iplattach/ipfattach/ and s/ipldetach/ipfdetach/ 2007-06-04 12:38:58 +00:00
martti 657382d62b Added missing .TP 2007-05-23 05:18:45 +00:00
martin 6718c86598 Merge IP-Filter 4.1.22 2007-05-15 22:52:20 +00:00
martin 29fd0d9db1 Import IPFilter 4.1.22 2007-05-15 22:26:02 +00:00
martti 872147fef7 Upgraded IPFilter to 4.1.20 2007-05-01 19:08:03 +00:00
martti 68eb121d73 Import IPFilter 4.1.20 2007-05-01 19:00:58 +00:00
dsl 8767590c76 On amd64 U_QUAD_T is (probably) 'unsigned long', but "%qd" expects to see
a "long long" - giving a compilation warning.
Check for the presence of PRIu64 and use that in preference.
Adjust code to avoid multiple printf() calls.
Use unsigned format specifiers in all cases.
2007-04-21 11:16:53 +00:00
dogcow 65febf04fc fix build on arches with chars that're by default unsigned.
(patch supplied by martin.)
2007-04-16 02:36:24 +00:00
martin 8ebafcc992 Update IPFilter to version 4.1.19 2007-04-14 20:34:18 +00:00
martin 993d757ec6 Import IPFilter 4.1.19 2007-04-14 20:17:19 +00:00
jnemeth 9f5aa7f07f fallout from caddr_t -> void * change 2007-03-04 20:04:14 +00:00
matt 75a9720952 #include <machine/lock.h> before _KERNEL is defined to bypass
lossage when including it when _KERNEL is defined in userland.
2007-02-20 15:40:08 +00:00
dyoung 2d212326ef Use the new ifnet->if_output signature, the one with a const
argument, when __NetBSD__Version >= 499001100.
2007-02-18 04:01:27 +00:00
dogcow 51701d90f7 constify struct sockaddr for no_output and write_output, due to if.h 1.122 2007-02-18 03:22:03 +00:00
alc 980fc49cd5 CID-3325: don't leak `fd'
Also, check for the return value of malloc(3)

ok christos@
2006-12-27 18:13:53 +00:00
alc 0fd99769e3 CID-3224: check the return value of strtok() before use
ok christos@
2006-12-25 23:55:47 +00:00
christos 1bb7c537ad Coverity CID 3013: Don't check for NULL after deref! (from Arnaud Lacombe) 2006-10-03 18:18:18 +00:00
christos e9506eb74b PR/34284: Gene ENonymous: Fix the userland copy of ip_lookup.c. Why do we
have 2 copies?
2006-09-17 14:49:46 +00:00
christos 18b025cbc8 PR/34286: Gene ENonymous: Increase YYSTACKSIZE so that we can handle huge
pools.
2006-08-26 23:20:56 +00:00
chap 5d80ae61bf Clarify that to avoid ioctl(SIOCGNATS): Input/output error, ipf must be
enabled (ipf -E) before ipnat is used; this detail is automated by the
rc scripts, but not by ipnat itself. ipf's author agrees this is a doc
bug.

Closes PR kern/33409.
2006-05-29 16:09:46 +00:00
christos be1c3e616c XXX: GCC uninitialized. 2006-05-14 02:37:46 +00:00
mrg 084c052803 quell GCC 4.1 uninitialised variable warnings.
XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..
2006-05-10 21:53:14 +00:00
mrg 0c37c63edc change (mostly) int to socklen_t. GCC 4 doesn't like that int and
socklen_t are different signness.
2006-05-09 20:18:05 +00:00
christos 70a262c03c Coverity CID 785: Prevent NULL pointer dereference if an appropriate group
is not found.
2006-04-28 19:49:13 +00:00
pavel 1cca0f0250 correct a typo: configruation -> configuration 2006-04-20 08:37:33 +00:00
darrenr 0df9b5fe68 ipf -Z returns junk and/or can cause a panic (seen on solaris.) 2006-04-18 12:40:49 +00:00
hubertf f5ffa47293 Add missing .TP
Patch sent to tech-net@ by Patrick Welche <prlw1@newn.cam.ac.uk>
2006-04-05 18:07:30 +00:00
martti 10531caa29 Removed file. 2006-04-04 16:18:56 +00:00
martti 9ea58d54bc Upgraded IPFilter to 4.1.13 2006-04-04 16:17:18 +00:00
martti 983a2072ce Import IPFilter 4.1.13 2006-04-04 16:08:18 +00:00
elad 6dceae8a70 Ditch the ugly hardcoded value and do proper bounds checking.
Addresses CID 1417, found by Coverity.

Hi Darren! is this code maintained?
2006-03-18 04:12:52 +00:00
he 56dbe819ca If compiling for NetBSD/vax, define boolean_t here before including
<sys/file.h> with _KERNEL defined.  Also add a 3-line XXX comment
explaining some of why this is done.
Should fix the build problem documented in PR#32907.
Will be documented in doc/HACKS shortly.
Fix discussed with thorpej.
2006-03-07 18:18:06 +00:00
wiz b82f53ae21 Fix typo in comment. 2006-02-25 01:58:39 +00:00
martti 10f294ab64 Make the list of files more readable (so it's easier to add and remove files). 2005-12-27 15:23:28 +00:00
martti ac29c41761 Removed ip_rules.c and ip_rules.h 2005-12-27 15:19:38 +00:00
rpaulo dd25e265f4 PR 32241: Igor Sobrado: ipnat(5) FILES section is missing. 2005-12-04 23:37:27 +00:00
martti 4a909698d6 Avoid crash with invalid input. 2005-09-27 12:22:27 +00:00
darrenr 4e1ba8b46a bin/29508 - fix "ipf -T" - kernel wasn't setting ipft_cookie and userland
was expecting it to be set, thus ignored it.
bin/29509 - because ipft_cookie wasn't reset to 0 before making the ioctl
call for each variable, only the first name to find was used, each successive
call just used the cookie.
CVn: ----------------------------------------------------------------------
2005-06-11 12:31:40 +00:00
lukem 311c22130d appease gcc -Wuninitialized 2005-06-02 09:47:37 +00:00
christos e3b50bebf6 backout previous. ISDIGIT is used all over the place without a cast. 2005-05-18 00:54:14 +00:00
christos d0eca17dfa Cast isdigit() argument to unsigned char. 2005-05-18 00:15:52 +00:00
reed a74aa39245 Document that ipmon reopens its log file(s) and rereads its configuration
file when it receives a SIGHUP signal.

Okayed by martti.

This was suggested by Richard Braun on netbsd-help list.
2005-04-20 19:53:04 +00:00