Commit Graph

914 Commits

Author SHA1 Message Date
darrenr
f314fbb0f1 Expand out an unused byte to give each NAT rule a protocol version field,
allowing rules to be set to match only ipv4/ipv6. And so ipnat must be updated
to actually set this field correctly but to keep things working for old
versions of ipnat (that will set this to 0), make the ioctl handler "update"
the 0 to a 4 to keep things working when people just upgrade kernels.  This
forces NAT rule matching to be limited to ipv4 only, here forward, fixing
kern/28662
2004-12-16 17:01:02 +00:00
yamt
db6316d151 fix a merge botch. pointed by Pavel Cahyna. 2004-12-16 02:08:29 +00:00
pooka
47d5603068 don't build magic and doc in toolbuild => makes build work again 2004-12-14 16:56:56 +00:00
pooka
0127e87a6e regen with AM_MAINTAINER_MODE enabled to get rid of autoconfusion
rebuild mania
2004-12-14 16:08:01 +00:00
pooka
0e5822b090 seems like AM_MAINTAINER_MODE was disabled for this release;
re-enable it to avoid ./configure rebuild hell
2004-12-14 15:56:10 +00:00
pooka
8d312437e8 wage holy war on autoconf to attempt to make the toolbuild work
After receiving the magic 10-line incantation from Christos for
re-building the autoconf stuff, attempt to do so.  This might fix
the problem, or might not.  That is why this stuff is so fun.
2004-12-13 23:57:44 +00:00
pooka
f5200852b4 python has wriggled itself in here, yank it out to make the toolbuild work. 2004-12-13 10:43:39 +00:00
pooka
ebbb05cb75 munge conflicts 2004-12-13 10:35:03 +00:00
pooka
16e0e52b61 file 4.12
+ assorted bug fixes
+ switch to 2-clause license
2004-12-13 10:24:25 +00:00
christos
c7df97ab82 Another linted comment about empty macro decl. 2004-12-12 19:44:46 +00:00
christos
980de1e92d s/__function__/__func__/ 2004-12-12 08:29:56 +00:00
christos
80184d2e85 Add a linted comment for an unused variable 2004-12-12 08:16:41 +00:00
christos
a97ddb0609 s/__FUNCTION__/__function__/ 2004-12-12 08:06:42 +00:00
christos
a2078b09d1 - link set NetBSD changes from thorpej
- lint silencing comments
2004-12-12 06:19:35 +00:00
christos
78a16257c7 Lint silencing comments 2004-12-12 06:18:52 +00:00
christos
3c33f5d161 - unsigned char casts for ctype macros.
- lint silencing comments.
2004-12-12 06:18:17 +00:00
christos
d316c2d956 Don't look in /usr/local for pam configuration files. NetBSD does not
have them. XXX: maybe look in /usr/pkgsrc?
Unsigned char casts for ctype macros.
2004-12-12 06:17:31 +00:00
christos
e9803b264c prevent double-free by setting variable to NULL after it has been freed.
Avoids problem when shared library is not found during configuration.
2004-12-12 06:15:58 +00:00
christos
fe57a1b812 NetBSD specific link set changes. 2004-12-12 06:14:58 +00:00
christos
3c39f8e35c - add LINTED comments.
- prevent alarm of negative numbers.
- size_t lint casts
- avoid shadowing of variables.
2004-12-12 06:14:06 +00:00
christos
dead717d6a size_t cast for lint 2004-12-12 06:12:26 +00:00
christos
b73b054f62 import openpam "eelgrass" released on 20040210 2004-12-12 06:07:19 +00:00
christos
d1f40c5512 Make bpf use the cloning device 2004-12-01 23:51:36 +00:00
christos
f63af1b624 Use the cloning device if that is available 2004-12-01 23:49:27 +00:00
christos
9ab78e153b use /dev/bpf 2004-12-01 23:45:12 +00:00
christos
e9e8578a0e fix configure too. 2004-12-01 23:26:13 +00:00
christos
4d31f227c2 only mention /dev/bpf 2004-12-01 23:24:38 +00:00
christos
aad48c44a7 One bpf is enough. 2004-12-01 23:23:39 +00:00
christos
be07a6cfdb One bpf is enough 2004-12-01 23:22:42 +00:00
jmc
496146dda9 Work around the fact opaque_t gets defined by sys/properties.h and could be
pulled in via MD includes from sys/param.h.
2004-11-28 11:15:26 +00:00
wiz
b81f308085 Fix typo in formatting. 2004-11-27 23:23:26 +00:00
christos
ccc24aa67e fix merge botches. 2004-11-27 01:39:50 +00:00
christos
763bdaa346 Resolve conflicts. 2004-11-27 01:24:35 +00:00
christos
f8d5cae651 from 20040916 from ftp.am-utils.org 2004-11-27 01:00:29 +00:00
peter
f7da5a456d Apply a patch from the OPENBSD_3_6 branch, ok itojun.
MFC:
Fix by dhartmei@

do not assume entries in pf_timeouts[] are ordererd like PFTM_* in pfvar.h
reported by Alexey E. Suslikov
2004-11-21 18:01:14 +00:00
darrenr
f3736130c9 Fix a regression from 3.4 behaviour where the destination of a redirect rule
could be either a hostname or an IP address (now it can only be an IP#)
2004-11-21 03:44:59 +00:00
wiz
c1c81c7612 Sort options in usage, add missing "]" (OpenBSD v1.38). 2004-11-19 20:52:10 +00:00
wiz
d0b9170efe Sort option descriptions (OpenBSD v1.42). 2004-11-19 20:51:34 +00:00
yamt
057eb0b30f don't use variable arg macro, which is not supported by gcc2. 2004-11-16 05:14:12 +00:00
yamt
23c8222edb merge after importing pf from openbsd 3.6. (userland part)
some files were imported to the different places from the previous version.
v3_5:
	etc/pf.conf
	etc/pf.os
	etc/spamd.conf
	share/man/man4/pf.4
	share/man/man4/pflog.4
	share/man/man5/pf.conf.5
	share/man/man5/pf.os.5
	share/man/man5/spamd.conf.5
v3_6:
	dist/pf/etc/pf.conf
	dist/pf/etc/pf.os
	dist/pf/etc/spamd.conf
	dist/pf/share/man/man4/pf.4
	dist/pf/share/man/man4/pflog.4
	dist/pf/share/man/man5/pf.conf.5
	dist/pf/share/man/man5/pf.os.5
	dist/pf/share/man/man5/spamd.conf.5
2004-11-14 11:26:43 +00:00
yamt
533d14a1b9 import pf from OpenBSD 3.6. (userland part) 2004-11-14 11:08:58 +00:00
he
2befd828c2 Remove declaration of unused "cksum" variable. 2004-11-13 22:28:49 +00:00
he
4a9ab9770a Apply patch from Darren for the ctype() functions/macros.
Encapsulates the ctype() functions so that the casts are centralized.
2004-11-13 19:14:48 +00:00
he
76d82c7f1f Revert previous, paving the way for Darren's cleaner patch. 2004-11-13 18:43:49 +00:00
he
a46d912ed3 More instances of casts to usngiend char for the ctype functions.
Will also be sent to maintainer for inclusion in original.
2004-11-13 15:18:41 +00:00
he
29d6827a49 Add casts to unsigned char for arguments to ctype functions.
Note to be sent to Darren Reed for possible inclusion in master sources.
2004-11-13 14:36:29 +00:00
christos
98d928d598 Apply a patch from the head of file for a printf argument mis-match. 2004-11-13 10:18:50 +00:00
yamt
ce23bf1813 reduce diffs from the original, using dummy impl. of openlog_r and syslog_r. 2004-11-11 11:27:34 +00:00
yamt
93086a3d8d revert a function rename/move.
this kind of change is not appropriate for sources under dist/.
2004-11-11 09:49:59 +00:00
christos
27fcc8bc02 2 more include files. 2004-11-07 17:25:38 +00:00
christos
b69331bf9c Update instructions and include helper scripts 2004-11-07 01:26:10 +00:00
christos
efbc48848e Resolve conflicts 2004-11-07 00:16:59 +00:00
christos
dfd98c8a16 Import bind-9.3.0 2004-11-06 23:53:21 +00:00
dsl
968ad08000 Stop argument to ctype function being char 2004-10-30 15:01:32 +00:00
darrenr
541f8060fe In going from 3.4.x to 4.1.x, "state-age" became "age" but the input grammar
did not allow for backwards compatibility.

PR: kern/27590
2004-10-30 13:33:58 +00:00
dsl
cfe7f80ff0 Add (unsigned char) cast to ctype functions 2004-10-29 20:51:11 +00:00
dsl
238960af7e Add (unsigned char) cast to ctype function 2004-10-29 19:51:36 +00:00
dsl
26207dda78 Add (unsigned char) cast to ctype functions 2004-10-29 19:46:27 +00:00
dsl
91d3fe12d9 Add (unsigned char) cast to ctype function 2004-10-29 19:15:20 +00:00
dsl
31d993f26a Use (unsigned char) not & 0xff on args to ctype functions 2004-10-28 20:52:20 +00:00
dsl
0cb35e8cae Mask 'char' arguments to ctype functions with 0xff, an (int) cast doesn't
solve the problem of charcter codes 0x80..0xff
2004-10-27 20:26:26 +00:00
perry
808ab1197e Use packet length from IP header instead of packet length from BPF
header.
Patches given to me by Ted Lemon.
This avoids using potentially garbage data returned if the ethernet
driver returns a packet that's too long.
2004-10-22 05:22:39 +00:00
christos
72f840350f PR/27210: Paul Shupak: "ntpd"'s NEMA driver has 8 units, but MAX_UNITS
is #defined as 4.
2004-10-10 22:13:04 +00:00
christos
766798b654 PR/27137: Martin J. Laubach: core dump when localhost does not support
a given address family and a peer only supports the family localhost does
not support. For example: configure a kernel without IPV6, and then
add a line in ntp.conf server <ipv6addr>. We report that the server is
unreachable and we keep going because there might be more servers around?
XXX: What if it is the last server? Should we detect this? It is not nice
to just bail on this error, because a server might lose its ipv4 address
and only advertise ipv6.
2004-10-05 03:34:38 +00:00
darrenr
346ea4671b Fix bin/25972 and actually add a token to generate the value IPNY_TCPUDP
as expected by the grammar.
2004-10-03 20:37:17 +00:00
darrenr
857c5d7740 kern/27086 (should be bin/27086) - the "keep options" only allow one order,
not both as they should for proper backwards compatibility.
2004-10-03 20:18:49 +00:00
he
d2886cb438 Fix build problem for hpcarm by casting the result of a computation
to int before printing with %d.
2004-09-28 12:27:02 +00:00
dyoung
79eff8033d Add radiotap support, which was not in release 3.8.3. 2004-09-28 00:01:02 +00:00
dyoung
88f1d7df8c Resolve conflicts in tcpdump-3.8.3 import. 2004-09-27 23:04:24 +00:00
dyoung
64657f857f sync with 3.8.3 2004-09-27 17:06:28 +00:00
martti
dd39bdf1e1 Allow \ at the end of line so long lines can be splitted and made more
readable. Without this modification old IPF 3.x and 4.1.1 rules will not
work with IPF 4.1.3. Patch from Darren Reed.
2004-09-27 08:23:15 +00:00
pooka
d22e9f2216 conflict therapy 2004-09-16 13:49:07 +00:00
pooka
1eb570c83b file 4.10
minor fixes and improvements
2004-09-16 13:43:21 +00:00
tshiozak
f7d656a488 revert the last all changes related to iconv(3). 2004-08-02 13:38:21 +00:00
tshiozak
ab8d4be7c6 make sure that the iconv(3) follows the POSIX specification;
change the 2nd argument from "const char ** restrict" to "char ** restrict".
2004-08-01 16:40:58 +00:00
martti
87c4b6357b Sync with official IPF 2004-07-23 07:18:14 +00:00
martti
a17d8fa0a5 Not needed in NetBSD 2004-07-23 05:42:27 +00:00
martti
7ff15b917f Upgraded IPFilter to 4.1.3 2004-07-23 05:39:03 +00:00
martti
9e82a8bf0d Import IPFilter 4.1.3 2004-07-23 05:33:55 +00:00
christos
fe028e1238 PR/26882: Matthew Mondor: ipfstat -t fails to restore termios tty state
if it fails for ipf disabled. Fix from Peter Postma.
2004-07-14 18:22:10 +00:00
christos
22b751b93d Play more games with yyvarnext to make numeric protocols work again.
Parsing an ambiguous language with an LR(1) parser is not the best
road to sanity.
2004-07-12 21:52:01 +00:00
christos
a998d914f3 make the code identical to 4.1.2 2004-07-12 18:09:39 +00:00
christos
065a08dedc Sprinkle yyvarnext assignment until the port and proto rules work again.
XXX: this is not nice.
2004-07-12 18:09:24 +00:00
christos
5e63f46756 PR/25991: Martin Husemann: ipnat.conf rules don't allow port/protocol names
Patch applied, but new we have a never reduced rule (dport)
2004-07-10 16:11:00 +00:00
christos
981c88b630 PR/25992: Grant Beattie: some protocol names in ipf.conf don't work
patch applied.
2004-07-10 15:38:28 +00:00
enami
969da55f1c Don't call seteuid() before setuid() since it makes setuid() fails.
Actually, set[gu]id() changes effective ids also.  From Shoichi Miyake.
2004-07-09 08:27:38 +00:00
christos
b074ee3b58 Attempt to fix PR/25992 [protocol parsing] by bringing these files in from
4.1.2
2004-07-08 02:51:24 +00:00
darrenr
bbf97636b5 revert change of listen to Listen (probably a typo here) 2004-07-01 15:44:54 +00:00
darrenr
b8785aabcf Modify ftp-proxy to support both ipfilter and pf. It now requires at least
one command line option to specify which firewall it is meant to interact
with.  The implementation here puts the firewall specific code into separate
files with markers for future changes that could enable a fully transparent
mode for non-private network proxying.
2004-06-30 13:29:43 +00:00
christos
aa17268ea7 PR/25993: Grant Beattie: Ipf parser accepts invalid flags in rules 2004-06-29 22:33:25 +00:00
itojun
e090b691c1 pflog if support for tcpdump. Peter Postma 2004-06-29 04:46:35 +00:00
christos
6e1b89d727 80K of stack is not enough for a 64 bit machine, and we got crashes on
sparc64. change 20 * 4096 to 5 * 4096 * sizeof(void *). This is again
very little, but enough :-). If you see a crash again, don't blame the
nameserver code before you change this constant.
2004-06-29 04:16:37 +00:00
itojun
8f329619b8 spamlogd(8) 2004-06-25 16:34:45 +00:00
itojun
e197438eb7 $NetBSD$ 2004-06-25 16:27:02 +00:00
itojun
b4d647b66c PF from OpenBSD 3.5 2004-06-25 16:11:48 +00:00
wiz
94cdd0ee08 Add RCS Id. 2004-06-25 16:03:59 +00:00
wiz
5b3f28f7c5 Sort sections. 2004-06-25 16:02:49 +00:00
wiz
3a867d753d \*[Lt]\*[Gt] instead of "<>". 2004-06-25 16:02:23 +00:00
wiz
5e18189b4a \*[Lt]\*[Gt] instead of "<>". Use ftp.NetBSD.org as example host. 2004-06-25 16:01:22 +00:00
wiz
be3dbbb4c3 \*[Lt]\*[Gt] instead of "<>". 2004-06-25 15:59:03 +00:00
wiz
87e9965fb9 \*[Gt] instead of ">". 2004-06-25 15:57:50 +00:00
itojun
3b8461f315 let spamd use /var/chroot/spamd, not /var/empty 2004-06-25 15:54:31 +00:00
itojun
e3e62063f0 authpf from OpenBSD 3.5 PF 2004-06-25 00:06:09 +00:00
itojun
c03eb6b884 PF from OpenBSD 3.5 2004-06-24 23:25:29 +00:00
hannken
5356e2c1a9 Resolve printf arg/type conflict on sparc64.
Fix PR #26030 and part of #26012
2004-06-24 11:05:10 +00:00
itojun
8bc0b4b95d escape from old-ALTQ and new-ALTQ difference 2004-06-23 04:38:43 +00:00
itojun
9ec960c351 add ftp-proxy from PF OpenBSD 3.5. adjust setlists 2004-06-22 22:19:36 +00:00
itojun
625efb1994 PF from OpenBSD 3.5 2004-06-22 22:11:14 +00:00
itojun
f7c9d7b3eb make spamd compile on netbsd 2004-06-22 16:04:40 +00:00
itojun
c2d7a8642b spamd-setup, comes with PF for openbsd 3.5 2004-06-22 15:53:17 +00:00
itojun
bf0f75e934 PF from openbsd 3.5 2004-06-22 15:46:46 +00:00
itojun
ad399b67b8 PF from openbsd 3.5
massage pfctl to compile/run on netbsd.  put reachover makefile for pfctl
into src/sbin.
reviewed by matt, perry, christos
2004-06-22 15:16:29 +00:00
itojun
9e6c9caf46 PF from openbsd 3.5 2004-06-22 15:06:49 +00:00
dbj
3ce67e6c14 deal with editing partitions past the detected media size.
When deleting the final partition, truncate it to match media size.
Also handle creating new partitions beyond the existing partitions
if it is still within the media size.
2004-06-14 07:48:55 +00:00
mellon
ed5b9801d3 Don't log overly-long (>32 byte) client hostnames. 2004-06-11 19:54:02 +00:00
martti
09b9f88e19 Do no add NetBSD tags for IPv6 regression tests 2004-06-07 11:52:46 +00:00
christos
509e2f5c56 save another 4K, by not having a large text message and a segv handler
for SMALL.
2004-06-06 06:39:27 +00:00
jdolecek
fbac8027bb fix off-by-one use of gensub() index parameter, and treat negative
number to mean 'replace first match'; the index use is now fully
aligned with GNU awk

fixes PR bin/25543 by Richard Rauch
2004-06-05 12:01:28 +00:00
christos
c06c3a3172 PR/24989: Arto Selonen: ipfilter 4.1.1 does not behave according to rules
in ipf.conf
2004-06-03 20:32:40 +00:00
christos
fa159ed2be PR/25594: Arto Huusko: LP64 sign extension bug in ipnat.
Fix: change to ioctlcmd_t as suggested by darren.
2004-05-26 20:32:48 +00:00
christos
596171adc5 PR/24961: Arto Selonen: ipfilter 4.1.1 has problems parsing ipf.conf 2004-05-22 17:59:37 +00:00
christos
02a532d111 PR/25532: Geoff C. Wing: a bad icmp-type rule in /etc/ipf.conf can cause ipf
to segv upon parsing.
2004-05-22 17:19:25 +00:00
jmmv
4c2512fd51 Fix formatting of some options and a typo. 2004-05-21 22:31:52 +00:00
ross
4f01003841 Order some include conditionals to match code conditionals.
From Ian Taylor.
Posted to tech-toolchain.
2004-05-21 21:18:57 +00:00
christos
77e4a238b7 make this compile in the absense of threads. 2004-05-21 16:03:32 +00:00
itojun
e36da74472 support kame-style fe80::1%interface. this part of the code is marked as
"up to OS designer".  from bind9-current/patches.
2004-05-19 19:19:58 +00:00
christos
178bd22d01 unsigned int initialized to ULONG_MAX? jeez. 2004-05-18 03:08:24 +00:00
christos
b6ea89f1ee width arg in printf string must be int. 2004-05-18 03:08:00 +00:00
christos
4563e44b43 Include <sys/param.h> needed by <sys/sysctl.h> 2004-05-18 00:15:29 +00:00
christos
53a0028e47 Resolve conflicts 2004-05-18 00:03:56 +00:00
christos
1885fbb90d Import bind 9.3.0beta3 2004-05-17 23:43:04 +00:00
christos
4c00db0b81 PR/24969: Arto Selonen: ipfs does not work at all with 4.1.1. Applied portion
of the patch that did not conflict with the previous commit. Darren should
take a look at it, and keep what it apropriate.
2004-05-10 00:50:07 +00:00
christos
191890ee3f PR/21334: Mike M. Volokhov: NAT halts on ipfs(8) restore in case of ftp
proxy used. Apply userland patch from this PR, since the kernel patch does
not match at all anymore, and seems to have been applied differently.
2004-05-10 00:36:19 +00:00
christos
a218a37d8f PR/25122: Peter Postma: ipfstat state top broken with IPv6 addresses
patch applied.
2004-05-09 04:12:03 +00:00
christos
e786da0edd PR/25365: HIROSE yuuji: ipf 4.1.1 fails to parse ipv6 address in fastroute
destination. Patch from darren applied.
2004-05-09 03:53:23 +00:00
itojun
937e8b0fbe add O_TRUNC to open(2). revision 1.11 used fopen(foo, "w") which implies
truncation of opened file.  it should suppress bogus "corrupted lease file"
warning and broken dhclient.leases staying around.
2004-05-06 09:07:54 +00:00
simonb
ff04be0dcd Remove unused (and completely bogus) SYSTEM_NAME define from
include/cdk_config.h
2004-04-26 05:15:17 +00:00
simonb
f8d7121559 Remove ./configure droppings. 2004-04-26 05:09:22 +00:00
christos
6bd1d6d4db Replace the statfs() family of system calls with statvfs().
Retain binary compatibility.
2004-04-21 01:05:31 +00:00
pooka
d6085ff385 Remove wchar build kludges for FreeBSD<5 and NetBSD<1.6. The wchar
stuff is properly handled by configure now.
2004-04-19 13:55:53 +00:00
itojun
d74ab735f1 tcpdump can bomb w/ too big isakmp header fields.
http://www.vuxml.org/freebsd/40fcf20f-8891-11d8-90d1-0020ed76ef5a.html
2004-04-12 03:53:20 +00:00
darrenr
221fa57241 With recent changes to BPF, pushing the default buffer size to 1MB, running
a bunch of small daemons that seem small packet flows can easily chew up
significant kernel memory (each BPF device opened takes 2*buffersize of
wired memory.)  In each of these applications, add code to set the buffer
size to 32k before setting the interface.
2004-04-10 17:53:05 +00:00
grant
144cb3e439 recognize data files created by Perl Storable module, from the output
of Storable::show_file_magic().
2004-04-10 08:58:02 +00:00
jwise
7a452cae15 Commit fix, from Darren Reed (darrenr@netbsd.org), for a functional regression
in the new ipf -- return_icmp_as_dest with an argument was no longer accepted
by the parser.
2004-04-09 20:39:22 +00:00
pooka
b6a1a17518 Apply patch from Christos to fix build on FreeBSD 4 2004-04-08 12:33:20 +00:00
pooka
34a84c1d28 update for 4.09 2004-04-08 12:30:24 +00:00
pooka
0fa4e65c16 the conflict peril was no more 2004-04-08 12:29:45 +00:00
pooka
5b7d7b4cbc file 4.09:
* (almost) fix toolbuild on platforms with a lacking wchar
* more magic
2004-04-08 12:21:54 +00:00
christos
dfa47cfea0 PR/25097: Kouichirou Hiratsuka: incorrect conditional -- misplaced ] 2004-04-07 20:27:54 +00:00
christos
33e4f3be32 Check refresh() error code and bail out if we lost the terminal.
From Julian Coleman
2004-04-07 17:28:54 +00:00