9371e91bff
reorder code to avoid uninitalized variable.
2009-05-08 12:06:11 +00:00
3fde99f00c
- prevent buffer overflow from Maksymilian Arciemowicz (worst case was 1041
...
characters and we allocated only 1024.
While here:
- use snprintf to prevent this from happening in the future.
- don't close fd twice on error.
- pass unsigned char to ctype.h functions.
2009-05-07 21:07:34 +00:00
ce059cd609
Fix bad TCP checksum in packets with IP option header.
2009-03-17 10:10:20 +00:00
29e4b0fb40
eliminate hacky memory allocation that loses on 64 bit archs with alignment
...
issues.
2009-03-06 21:36:25 +00:00
ec24b06a1f
fix suseconds_t format
2008-12-29 04:08:56 +00:00
2ea5185606
IPF 4.1.31 is out
2008-10-20 12:09:15 +00:00
b2f85650f0
Not needed in NetBSD
2008-08-12 10:28:51 +00:00
9f0bfbf3da
2020447 IPFilter's NAT can undo name server random port selection
2008-07-24 09:37:57 +00:00
2f5a5e95ad
Pullup IPFilter 4.1.29 from the vendor branch to HEAD.
...
See src/dist/ipf/HISTORY for a list of bug fixes since 4.1.23 (although
a few are already in NetBSD)
2008-05-20 07:08:06 +00:00
675eb13106
Import IPFilter 4.1.29 to the vendor branch
2008-05-20 06:43:46 +00:00
3a717a15fc
Added instructions how I've updated IPF. This should make it easier for anyone
...
to upgrade our in-tree IPF to the latest version...
2008-05-18 18:19:05 +00:00
11a6dbe728
Convert TNF licenses to new 2 clause variant
2008-04-30 13:10:46 +00:00
49c8589969
Also escape $Header tags.
2007-12-11 03:34:59 +00:00
862626dd09
two new hacks:
...
- include <stdbool.h> so bool is available _KERNEL for sys/condvar.h
- include <sys/mutex.h> before defining _KERNEL so it won't try to
include <machine/intr.h> which isn't available to userland.
fixes builds on sparc64.
2007-10-09 01:23:20 +00:00
abde7e33e0
Fixed IPF bug #1767831
...
ipflog() & ipmon ignore IPv6 extension headers
2007-09-17 18:02:21 +00:00
61078fef5f
Revert to previous, it was not working for me correctly...
2007-09-10 06:28:38 +00:00
fcbc8c046f
Fixed IPF bug #1767831
...
ipflog() & ipmon ignore IPv6 extension headers
Patch fetched from the SourceForge bug report.
2007-09-10 06:12:02 +00:00
c77a3f5aad
Upgraded IPFilter to v4.1.23
2007-06-16 10:52:24 +00:00
03f2531d69
Import IPFilter 4.1.23
2007-06-16 10:33:08 +00:00
fff7fd04df
s/iplattach/ipfattach/ and s/ipldetach/ipfdetach/
2007-06-04 12:38:58 +00:00
657382d62b
Added missing .TP
2007-05-23 05:18:45 +00:00
6718c86598
Merge IP-Filter 4.1.22
2007-05-15 22:52:20 +00:00
29fd0d9db1
Import IPFilter 4.1.22
2007-05-15 22:26:02 +00:00
872147fef7
Upgraded IPFilter to 4.1.20
2007-05-01 19:08:03 +00:00
68eb121d73
Import IPFilter 4.1.20
2007-05-01 19:00:58 +00:00
8767590c76
On amd64 U_QUAD_T is (probably) 'unsigned long', but "%qd" expects to see
...
a "long long" - giving a compilation warning.
Check for the presence of PRIu64 and use that in preference.
Adjust code to avoid multiple printf() calls.
Use unsigned format specifiers in all cases.
2007-04-21 11:16:53 +00:00
65febf04fc
fix build on arches with chars that're by default unsigned.
...
(patch supplied by martin.)
2007-04-16 02:36:24 +00:00
8ebafcc992
Update IPFilter to version 4.1.19
2007-04-14 20:34:18 +00:00
993d757ec6
Import IPFilter 4.1.19
2007-04-14 20:17:19 +00:00
9f5aa7f07f
fallout from caddr_t -> void * change
2007-03-04 20:04:14 +00:00
75a9720952
#include <machine/lock.h> before _KERNEL is defined to bypass
...
lossage when including it when _KERNEL is defined in userland.
2007-02-20 15:40:08 +00:00
2d212326ef
Use the new ifnet->if_output signature, the one with a const
...
argument, when __NetBSD__Version >= 499001100.
2007-02-18 04:01:27 +00:00
51701d90f7
constify struct sockaddr for no_output and write_output, due to if.h 1.122
2007-02-18 03:22:03 +00:00
980fc49cd5
CID-3325: don't leak `fd'
...
Also, check for the return value of malloc(3)
ok christos@
2006-12-27 18:13:53 +00:00
0fd99769e3
CID-3224: check the return value of strtok() before use
...
ok christos@
2006-12-25 23:55:47 +00:00
1bb7c537ad
Coverity CID 3013: Don't check for NULL after deref! (from Arnaud Lacombe)
2006-10-03 18:18:18 +00:00
e9506eb74b
PR/34284: Gene ENonymous: Fix the userland copy of ip_lookup.c. Why do we
...
have 2 copies?
2006-09-17 14:49:46 +00:00
18b025cbc8
PR/34286: Gene ENonymous: Increase YYSTACKSIZE so that we can handle huge
...
pools.
2006-08-26 23:20:56 +00:00
5d80ae61bf
Clarify that to avoid ioctl(SIOCGNATS): Input/output error, ipf must be
...
enabled (ipf -E) before ipnat is used; this detail is automated by the
rc scripts, but not by ipnat itself. ipf's author agrees this is a doc
bug.
Closes PR kern/33409.
2006-05-29 16:09:46 +00:00
be1c3e616c
XXX: GCC uninitialized.
2006-05-14 02:37:46 +00:00
084c052803
quell GCC 4.1 uninitialised variable warnings.
...
XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..
2006-05-10 21:53:14 +00:00
0c37c63edc
change (mostly) int to socklen_t. GCC 4 doesn't like that int and
...
socklen_t are different signness.
2006-05-09 20:18:05 +00:00
70a262c03c
Coverity CID 785: Prevent NULL pointer dereference if an appropriate group
...
is not found.
2006-04-28 19:49:13 +00:00
1cca0f0250
correct a typo: configruation -> configuration
2006-04-20 08:37:33 +00:00
0df9b5fe68
ipf -Z returns junk and/or can cause a panic (seen on solaris.)
2006-04-18 12:40:49 +00:00
f5ffa47293
Add missing .TP
...
Patch sent to tech-net@ by Patrick Welche <prlw1@newn.cam.ac.uk>
2006-04-05 18:07:30 +00:00
10531caa29
Removed file.
2006-04-04 16:18:56 +00:00
9ea58d54bc
Upgraded IPFilter to 4.1.13
2006-04-04 16:17:18 +00:00
983a2072ce
Import IPFilter 4.1.13
2006-04-04 16:08:18 +00:00
6dceae8a70
Ditch the ugly hardcoded value and do proper bounds checking.
...
Addresses CID 1417, found by Coverity.
Hi Darren! is this code maintained?
2006-03-18 04:12:52 +00:00
christos