Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
170,790 Commits 606 Branches 0 Tags 3.1 GiB
b66156c7c9
Commit Graph

255 Commits

Author SHA1 Message Date
christos
e3b50bebf6 backout previous. ISDIGIT is used all over the place without a cast. 2005-05-18 00:54:14 +00:00
christos
d0eca17dfa Cast isdigit() argument to unsigned char. 2005-05-18 00:15:52 +00:00
reed
a74aa39245 Document that ipmon reopens its log file(s) and rereads its configuration 
file when it receives a SIGHUP signal.

Okayed by martti.

This was suggested by Richard Braun on netbsd-help list.
 2005-04-20 19:53:04 +00:00
martti
58b8abcbf8 Upgraded IPFilter to 4.1.8 2005-04-03 15:05:30 +00:00
martti
c775aec128 Import IPFilter 4.1.8 2005-04-03 15:01:04 +00:00
he
e3e9ad241e Get rid of a compiler warning saying "dereferencing type-punned pointer 
will break strict-aliasing rules" by casting the argument to rn_inithead()
to (void*) instead of (void**).
 2005-03-13 10:44:40 +00:00
dsl
4bcbdc6712 Reinstate the ntohs() on port numbers returned bu getport() 2005-02-20 21:44:51 +00:00
martin
5605ab81e0 Do not use bogus (long) casts and ntohl() on port numbers. 
Only test for -1 error return from getport().
 2005-02-20 21:15:37 +00:00
martti
460bbcc960 Upgraded IPFilter to 4.1.6 2005-02-19 21:30:24 +00:00
martti
76b5d9e30f Import IPFilter 4.1.6 2005-02-19 21:26:02 +00:00
martti
fdf846c8d1 REMOVED 2005-02-08 07:20:11 +00:00
martti
a023cb1d19 Upgraded IPFilter to 4.1.5 2005-02-08 07:01:52 +00:00
martti
4d6a62d250 Import IPFilter 4.1.5 2005-02-08 06:52:59 +00:00
wiz
959a1400b9 Remove duplicate description for -d. From Chris Ross in PR 29035. 2005-01-21 15:10:16 +00:00
lukem
a546e7bfc2 Fix compilation with -UUSE_INET6 2005-01-10 02:08:51 +00:00
martti
4ce4e7d229 Fixed ifdef logic 2005-01-04 12:36:02 +00:00
martti
92ee66b8a1 Note also src/regress/sys/kern/ipf 2004-12-30 13:12:01 +00:00
darrenr
32b2d1458b undo this last change, it did match fil.c - bad me. 2004-12-30 12:07:07 +00:00
martti
34a5ffc74e Use src/sys/dist/ipf/netinet instead of src/sys/netinet 2004-12-30 10:09:32 +00:00
darrenr
760d20de7a the bitmask array in this file should be the same as the one in fil.c if 
rules with v6hdr options are going to match packets.  this sorts the array
by incrementing value of the v6 option.
 2004-12-30 08:29:09 +00:00
darrenr
f314fbb0f1 Expand out an unused byte to give each NAT rule a protocol version field, 
allowing rules to be set to match only ipv4/ipv6. And so ipnat must be updated
to actually set this field correctly but to keep things working for old
versions of ipnat (that will set this to 0), make the ioctl handler "update"
the 0 to a 4 to keep things working when people just upgrade kernels.  This
forces NAT rule matching to be limited to ipv4 only, here forward, fixing
kern/28662
 2004-12-16 17:01:02 +00:00
christos
d1f40c5512 Make bpf use the cloning device 2004-12-01 23:51:36 +00:00
christos
f63af1b624 Use the cloning device if that is available 2004-12-01 23:49:27 +00:00
darrenr
f3736130c9 Fix a regression from 3.4 behaviour where the destination of a redirect rule 
could be either a hostname or an IP address (now it can only be an IP#)
 2004-11-21 03:44:59 +00:00
he
2befd828c2 Remove declaration of unused "cksum" variable. 2004-11-13 22:28:49 +00:00
he
4a9ab9770a Apply patch from Darren for the ctype() functions/macros. 
Encapsulates the ctype() functions so that the casts are centralized.
 2004-11-13 19:14:48 +00:00
he
76d82c7f1f Revert previous, paving the way for Darren's cleaner patch. 2004-11-13 18:43:49 +00:00
he
a46d912ed3 More instances of casts to usngiend char for the ctype functions. 
Will also be sent to maintainer for inclusion in original.
 2004-11-13 15:18:41 +00:00
he
29d6827a49 Add casts to unsigned char for arguments to ctype functions. 
Note to be sent to Darren Reed for possible inclusion in master sources.
 2004-11-13 14:36:29 +00:00
darrenr
541f8060fe In going from 3.4.x to 4.1.x, "state-age" became "age" but the input grammar 
did not allow for backwards compatibility.

PR: kern/27590
 2004-10-30 13:33:58 +00:00
darrenr
346ea4671b Fix bin/25972 and actually add a token to generate the value IPNY_TCPUDP 
as expected by the grammar.
 2004-10-03 20:37:17 +00:00
darrenr
857c5d7740 kern/27086 (should be bin/27086) - the "keep options" only allow one order, 
not both as they should for proper backwards compatibility.
 2004-10-03 20:18:49 +00:00
martti
dd39bdf1e1 Allow \ at the end of line so long lines can be splitted and made more 
readable. Without this modification old IPF 3.x and 4.1.1 rules will not
work with IPF 4.1.3. Patch from Darren Reed.
 2004-09-27 08:23:15 +00:00
martti
87c4b6357b Sync with official IPF 2004-07-23 07:18:14 +00:00
martti
a17d8fa0a5 Not needed in NetBSD 2004-07-23 05:42:27 +00:00
martti
7ff15b917f Upgraded IPFilter to 4.1.3 2004-07-23 05:39:03 +00:00
martti
9e82a8bf0d Import IPFilter 4.1.3 2004-07-23 05:33:55 +00:00
christos
fe028e1238 PR/26882: Matthew Mondor: ipfstat -t fails to restore termios tty state 
if it fails for ipf disabled. Fix from Peter Postma.
 2004-07-14 18:22:10 +00:00
christos
22b751b93d Play more games with yyvarnext to make numeric protocols work again. 
Parsing an ambiguous language with an LR(1) parser is not the best
road to sanity.
 2004-07-12 21:52:01 +00:00
christos
a998d914f3 make the code identical to 4.1.2 2004-07-12 18:09:39 +00:00
christos
065a08dedc Sprinkle yyvarnext assignment until the port and proto rules work again. 
XXX: this is not nice.
 2004-07-12 18:09:24 +00:00
christos
5e63f46756 PR/25991: Martin Husemann: ipnat.conf rules don't allow port/protocol names 
Patch applied, but new we have a never reduced rule (dport)
 2004-07-10 16:11:00 +00:00
christos
981c88b630 PR/25992: Grant Beattie: some protocol names in ipf.conf don't work 
patch applied.
 2004-07-10 15:38:28 +00:00
christos
b074ee3b58 Attempt to fix PR/25992 [protocol parsing] by bringing these files in from 
4.1.2
 2004-07-08 02:51:24 +00:00
christos
aa17268ea7 PR/25993: Grant Beattie: Ipf parser accepts invalid flags in rules 2004-06-29 22:33:25 +00:00
martti
09b9f88e19 Do no add NetBSD tags for IPv6 regression tests 2004-06-07 11:52:46 +00:00
christos
c06c3a3172 PR/24989: Arto Selonen: ipfilter 4.1.1 does not behave according to rules 
in ipf.conf
 2004-06-03 20:32:40 +00:00
christos
fa159ed2be PR/25594: Arto Huusko: LP64 sign extension bug in ipnat. 
Fix: change to ioctlcmd_t as suggested by darren.
 2004-05-26 20:32:48 +00:00
christos
596171adc5 PR/24961: Arto Selonen: ipfilter 4.1.1 has problems parsing ipf.conf 2004-05-22 17:59:37 +00:00
christos
02a532d111 PR/25532: Geoff C. Wing: a bad icmp-type rule in /etc/ipf.conf can cause ipf 
to segv upon parsing.
 2004-05-22 17:19:25 +00:00
jmmv
4c2512fd51 Fix formatting of some options and a typo. 2004-05-21 22:31:52 +00:00
christos
4c00db0b81 PR/24969: Arto Selonen: ipfs does not work at all with 4.1.1. Applied portion 
of the patch that did not conflict with the previous commit. Darren should
take a look at it, and keep what it apropriate.
 2004-05-10 00:50:07 +00:00
christos
191890ee3f PR/21334: Mike M. Volokhov: NAT halts on ipfs(8) restore in case of ftp 
proxy used. Apply userland patch from this PR, since the kernel patch does
not match at all anymore, and seems to have been applied differently.
 2004-05-10 00:36:19 +00:00
christos
a218a37d8f PR/25122: Peter Postma: ipfstat state top broken with IPv6 addresses 
patch applied.
 2004-05-09 04:12:03 +00:00
christos
e786da0edd PR/25365: HIROSE yuuji: ipf 4.1.1 fails to parse ipv6 address in fastroute 
destination. Patch from darren applied.
 2004-05-09 03:53:23 +00:00
jwise
7a452cae15 Commit fix, from Darren Reed (darrenr@netbsd.org), for a functional regression 
in the new ipf -- return_icmp_as_dest with an argument was no longer accepted
by the parser.
 2004-04-09 20:39:22 +00:00
christos
dfa47cfea0 PR/25097: Kouichirou Hiratsuka: incorrect conditional -- misplaced ] 2004-04-07 20:27:54 +00:00
christos
33e4f3be32 Check refresh() error code and bail out if we lost the terminal. 
From Julian Coleman
 2004-04-07 17:28:54 +00:00
martin
d1af91eb0c ioctl(2) "request" arguments should be ioctlcmd_t, not u_int. 2004-04-01 09:26:12 +00:00
christos
91305f93d4 don't create unnecessary ifdefs that are due to character signness in 
different platforms.
 2004-03-29 03:15:47 +00:00
he
edd34d027d For portable printing of a size_t, use the 'z' format modifier. 
Fixes compile problem on alpha.
 2004-03-28 14:34:45 +00:00
he
521d2418ef For portable printing of u_quad_t, use PRId64 instead of %lld if PRId64 
is available.  Fixes compile problem on alpha.
 2004-03-28 14:33:35 +00:00
he
8cbdcc6bc6 Since the return value from openkmem() is not used as a token for 
subsequent operations, just as a success/failure indicator, return
(kvm_f != NULL) instead of the non-portable cast (int)kvm_f.
 2004-03-28 14:15:38 +00:00
wiz
afa0e7c2a8 Reapply fixes that got lost during 4.1.1 import. 2004-03-28 12:56:41 +00:00
martti
9fc8265a5a This is needed with /sys/netinet/ip_h323_pxy.c 2004-03-28 10:06:42 +00:00
martti
0df809a138 FILE REMOVED 2004-03-28 09:04:40 +00:00
martti
ad2b97f78f Added the original version 2004-03-28 09:03:12 +00:00
martti
621e9bac7f Sync with official IPFilter 2004-03-28 09:01:26 +00:00
martti
24d567d60d Upgraded IPFilter to 4.1.1 2004-03-28 09:00:53 +00:00
martti
ad9b29ed97 Import IPFilter 4.1.1 2004-03-28 08:55:20 +00:00
martti
a6eef7f88b Install ip_fil_netbsd.c instead of ip_fil.c into /sys/netinet 2004-03-28 08:45:02 +00:00
martti
7103cae5ac Do not install ip_fil_netbsd.c as dist/ipf/ip_fil.c 2004-03-23 21:07:47 +00:00
martti
695f848b03 Added ip_pptp_pxy.c 2004-03-23 12:23:54 +00:00
martti
bbf6758e00 Added IPFilter 4.1 support 2004-03-18 16:51:39 +00:00
kleink
44b11fda7a Stare-o; back out previous. 2004-01-28 20:15:52 +00:00
kleink
1622fd1b1d Rearrange the description of the @rule:group field to match the latter's 
format.
 2004-01-28 20:13:35 +00:00
martti
c2634d5895 Fix IPv6 accounting (PR#18839 by FUKAUMI Naoki). 2003-08-15 08:10:09 +00:00
agc
865595bdf3 Move UCB-licensed code from 4-clause to 3-clause licence. 
Patches provided by Joel Baker in PR 22253, verified by myself.
 2003-08-07 09:20:39 +00:00
lukem
aab62ed1ca Don't attempt to unput(EOF). 
According to lex(1) (the manual page for flex, which is what we use for lex):
	Finally, note that you cannot put back EOF to attempt to mark the
	input stream with an end-of-file.

Fixes PR bin/8707, which had been reclassified as a toolchain bug.
 2003-07-20 03:14:40 +00:00
wiz
978d7b8991 Fix some typos, reported by Juha Hyttinen in PR 22035. 2003-07-02 13:26:26 +00:00
martti
e6bc82abd9 Everything is now in src/ 2003-06-27 05:45:11 +00:00
itojun
4e7f8e8660 backout previous. 2003-05-17 13:58:07 +00:00
itojun
aa5672d8c5 sscanf overrun 2003-05-17 01:02:01 +00:00
wiz
c42e1fac66 Management, not managment. Mostly from jmc@openbsd. 2003-04-26 22:07:12 +00:00
wiz
5e6d862997 Separate "command" from "line". 2003-03-30 17:09:37 +00:00
wiz
83de4abed2 Use "its" instead of "it's" where appropriate. 
From Soren Jacobsen in PR 20730.
 2003-03-15 23:48:27 +00:00
wiz
c9ac698957 IPv4, not IPV4. 2003-03-15 19:26:42 +00:00
wiz
688d6608cc Fix some typos reported by Igor Sobrado in PR 19653. 2003-01-04 01:18:01 +00:00
wiz
fe6e776886 Misc typo fixes from Adrian Mrva. 2002-12-21 13:28:25 +00:00
wiz
3c9f6b6387 hexadecimal, not hexidecimal. From Adrian Mrva. 2002-12-21 13:15:11 +00:00
wiz
7ae57bfafd arbitrary with all three rs, from Adrian Mrva. 2002-12-21 13:14:38 +00:00
thorpej
b7c1b899f2 Avoid strict alias warning. 2002-12-06 04:43:53 +00:00
wiz
0b48b4c927 Fix typos. Found by Adrian Mrva. 2002-10-29 16:22:33 +00:00
wiz
77e9b5999f Fix typo. Found by Adrian Mrva. 2002-10-29 16:21:18 +00:00
martti
9e0869ba07 * <sys/poll.h> -> <poll.h> 
* define "struct pollfd set[]" for USE_POLL
 2002-09-29 08:19:16 +00:00
martti
9b50522649 <sys/poll.h> -> <poll.h> 2002-09-29 08:14:32 +00:00
martti
bd0971158d This file is now in regress/sys/kern/ipf/ 2002-09-27 09:13:23 +00:00
martti
b6a507dfee Fix syntax rule (PR#16499). 2002-09-25 12:49:40 +00:00
martti
15e6ca78da Fix ipmon problems on 64-bit platforms (PR#17403 and PR#17404). 2002-09-25 06:43:17 +00:00
mycroft
ace9bd9c2e select() -> poll(), nanosleep() 2002-09-20 15:00:06 +00:00