Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
153,100 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

228 Commits

Author SHA1 Message Date
christos 1bb7c537ad Coverity CID 3013: Don't check for NULL after deref! (from Arnaud Lacombe) 2006-10-03 18:18:18 +00:00
christos e9506eb74b PR/34284: Gene ENonymous: Fix the userland copy of ip_lookup.c. Why do we 
have 2 copies?
 2006-09-17 14:49:46 +00:00
christos 18b025cbc8 PR/34286: Gene ENonymous: Increase YYSTACKSIZE so that we can handle huge 
pools.
 2006-08-26 23:20:56 +00:00
chap 5d80ae61bf Clarify that to avoid ioctl(SIOCGNATS): Input/output error, ipf must be 
enabled (ipf -E) before ipnat is used; this detail is automated by the
rc scripts, but not by ipnat itself. ipf's author agrees this is a doc
bug.

Closes PR kern/33409.
 2006-05-29 16:09:46 +00:00
christos be1c3e616c XXX: GCC uninitialized. 2006-05-14 02:37:46 +00:00
mrg 084c052803 quell GCC 4.1 uninitialised variable warnings. 
XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..
 2006-05-10 21:53:14 +00:00
mrg 0c37c63edc change (mostly) int to socklen_t. GCC 4 doesn't like that int and 
socklen_t are different signness.
 2006-05-09 20:18:05 +00:00
christos 70a262c03c Coverity CID 785: Prevent NULL pointer dereference if an appropriate group 
is not found.
 2006-04-28 19:49:13 +00:00
pavel 1cca0f0250 correct a typo: configruation -> configuration 2006-04-20 08:37:33 +00:00
darrenr 0df9b5fe68 ipf -Z returns junk and/or can cause a panic (seen on solaris.) 2006-04-18 12:40:49 +00:00
hubertf f5ffa47293 Add missing .TP 
Patch sent to tech-net@ by Patrick Welche <prlw1@newn.cam.ac.uk>
 2006-04-05 18:07:30 +00:00
martti 10531caa29 Removed file. 2006-04-04 16:18:56 +00:00
martti 9ea58d54bc Upgraded IPFilter to 4.1.13 2006-04-04 16:17:18 +00:00
martti 983a2072ce Import IPFilter 4.1.13 2006-04-04 16:08:18 +00:00
elad 6dceae8a70 Ditch the ugly hardcoded value and do proper bounds checking. 
Addresses CID 1417, found by Coverity.

Hi Darren! is this code maintained?
 2006-03-18 04:12:52 +00:00
he 56dbe819ca If compiling for NetBSD/vax, define boolean_t here before including 
<sys/file.h> with _KERNEL defined.  Also add a 3-line XXX comment
explaining some of why this is done.
Should fix the build problem documented in PR#32907.
Will be documented in doc/HACKS shortly.
Fix discussed with thorpej.
 2006-03-07 18:18:06 +00:00
wiz b82f53ae21 Fix typo in comment. 2006-02-25 01:58:39 +00:00
martti 10f294ab64 Make the list of files more readable (so it's easier to add and remove files). 2005-12-27 15:23:28 +00:00
martti ac29c41761 Removed ip_rules.c and ip_rules.h 2005-12-27 15:19:38 +00:00
rpaulo dd25e265f4 PR 32241: Igor Sobrado: ipnat(5) FILES section is missing. 2005-12-04 23:37:27 +00:00
martti 4a909698d6 Avoid crash with invalid input. 2005-09-27 12:22:27 +00:00
darrenr 4e1ba8b46a bin/29508 - fix "ipf -T" - kernel wasn't setting ipft_cookie and userland 
was expecting it to be set, thus ignored it.
bin/29509 - because ipft_cookie wasn't reset to 0 before making the ioctl
call for each variable, only the first name to find was used, each successive
call just used the cookie.
CVn: ----------------------------------------------------------------------
 2005-06-11 12:31:40 +00:00
lukem 311c22130d appease gcc -Wuninitialized 2005-06-02 09:47:37 +00:00
christos e3b50bebf6 backout previous. ISDIGIT is used all over the place without a cast. 2005-05-18 00:54:14 +00:00
christos d0eca17dfa Cast isdigit() argument to unsigned char. 2005-05-18 00:15:52 +00:00
reed a74aa39245 Document that ipmon reopens its log file(s) and rereads its configuration 
file when it receives a SIGHUP signal.

Okayed by martti.

This was suggested by Richard Braun on netbsd-help list.
 2005-04-20 19:53:04 +00:00
martti 58b8abcbf8 Upgraded IPFilter to 4.1.8 2005-04-03 15:05:30 +00:00
martti c775aec128 Import IPFilter 4.1.8 2005-04-03 15:01:04 +00:00
he e3e9ad241e Get rid of a compiler warning saying "dereferencing type-punned pointer 
will break strict-aliasing rules" by casting the argument to rn_inithead()
to (void*) instead of (void**).
 2005-03-13 10:44:40 +00:00
dsl 4bcbdc6712 Reinstate the ntohs() on port numbers returned bu getport() 2005-02-20 21:44:51 +00:00
martin 5605ab81e0 Do not use bogus (long) casts and ntohl() on port numbers. 
Only test for -1 error return from getport().
 2005-02-20 21:15:37 +00:00
martti 460bbcc960 Upgraded IPFilter to 4.1.6 2005-02-19 21:30:24 +00:00
martti 76b5d9e30f Import IPFilter 4.1.6 2005-02-19 21:26:02 +00:00
martti fdf846c8d1 REMOVED 2005-02-08 07:20:11 +00:00
martti a023cb1d19 Upgraded IPFilter to 4.1.5 2005-02-08 07:01:52 +00:00
martti 4d6a62d250 Import IPFilter 4.1.5 2005-02-08 06:52:59 +00:00
wiz 959a1400b9 Remove duplicate description for -d. From Chris Ross in PR 29035. 2005-01-21 15:10:16 +00:00
lukem a546e7bfc2 Fix compilation with -UUSE_INET6 2005-01-10 02:08:51 +00:00
martti 4ce4e7d229 Fixed ifdef logic 2005-01-04 12:36:02 +00:00
martti 92ee66b8a1 Note also src/regress/sys/kern/ipf 2004-12-30 13:12:01 +00:00
darrenr 32b2d1458b undo this last change, it did match fil.c - bad me. 2004-12-30 12:07:07 +00:00
martti 34a5ffc74e Use src/sys/dist/ipf/netinet instead of src/sys/netinet 2004-12-30 10:09:32 +00:00
darrenr 760d20de7a the bitmask array in this file should be the same as the one in fil.c if 
rules with v6hdr options are going to match packets.  this sorts the array
by incrementing value of the v6 option.
 2004-12-30 08:29:09 +00:00
darrenr f314fbb0f1 Expand out an unused byte to give each NAT rule a protocol version field, 
allowing rules to be set to match only ipv4/ipv6. And so ipnat must be updated
to actually set this field correctly but to keep things working for old
versions of ipnat (that will set this to 0), make the ioctl handler "update"
the 0 to a 4 to keep things working when people just upgrade kernels.  This
forces NAT rule matching to be limited to ipv4 only, here forward, fixing
kern/28662
 2004-12-16 17:01:02 +00:00
christos d1f40c5512 Make bpf use the cloning device 2004-12-01 23:51:36 +00:00
christos f63af1b624 Use the cloning device if that is available 2004-12-01 23:49:27 +00:00
darrenr f3736130c9 Fix a regression from 3.4 behaviour where the destination of a redirect rule 
could be either a hostname or an IP address (now it can only be an IP#)
 2004-11-21 03:44:59 +00:00
he 2befd828c2 Remove declaration of unused "cksum" variable. 2004-11-13 22:28:49 +00:00
he 4a9ab9770a Apply patch from Darren for the ctype() functions/macros. 
Encapsulates the ctype() functions so that the casts are centralized.
 2004-11-13 19:14:48 +00:00
he 76d82c7f1f Revert previous, paving the way for Darren's cleaner patch. 2004-11-13 18:43:49 +00:00