Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
146,252 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

106 Commits

Author SHA1 Message Date
darrenr 0df9b5fe68 ipf -Z returns junk and/or can cause a panic (seen on solaris.) 2006-04-18 12:40:49 +00:00
darrenr b817a6b4f0 This change corrects what 1.6 tried to do. This feels like a coverity fix 
for a code path that should never actually happen (fr_newauth() should only
be called for auth rules - i.e. when fin_fr != NULL.  If it is possible to
call fr_newauth() with fin_fr == NULL then this change introduces a
regression compared to prior importing of 4.1.13.
 2006-04-15 13:58:43 +00:00
garbled 2355e5cd00 Fix a typo. fin->fin->fr should be fin->fin_fr 2006-04-14 04:32:26 +00:00
christos 0a1c2ab0b8 Coverity CID 2855: If fin->fin_fr is NULL, return 0, don't crash. 2006-04-13 18:59:58 +00:00
kochi 62f4a841c7 Fix return without free (resource leakage). 
Detected by Coverity (CID 2309).
 2006-04-13 08:43:17 +00:00
kochi 656c03f555 This is better fix than the previous commit for 
saner cleanup path.
 2006-04-13 07:31:29 +00:00
kochi 691e781111 Fix usage after free of NextWalkState. 
Closes Coverity CID 2672 and this is reported to intel people.
 2006-04-13 07:21:20 +00:00
cube 7db196715b Protect config(1)-generated include files inclusion with 
#ifdef _KERNEL_OPT.  ACPI-CA might be used by standalone code in the
future.  Suggested by cherry@.
 2006-04-07 13:49:20 +00:00
martti 7967220333 Removed BROKEN_TCP_WINDOW_CHECK hack. 2006-04-04 16:19:05 +00:00
martti 9ea58d54bc Upgraded IPFilter to 4.1.13 2006-04-04 16:17:18 +00:00
kochi ec7315b11c Moved from sys/dev/acpi/acpica/Subsystem. 
suggested by cube.
 2006-03-23 13:36:31 +00:00
christos 5a57baa413 don't use MALLOC with a non-constant size; use malloc instead. 2006-03-17 23:29:07 +00:00
lukem a1f606d3fd Use the SI capitalization for "Hz", "kHz", and "MHz" in comments and strings. 
Add a space between numbers and Hz unit.
 2006-03-08 23:46:22 +00:00
peter 8f83cde4e3 Fix TCP/UDP checksum handling as pointed out by Daniel Hartmeier in: 
http://mail-index.netbsd.org/tech-net/2006/01/21/0000.html.

Problem reported and patch tested by der Mouse & Nino Dehne (PR/32874).
 2006-02-19 12:15:33 +00:00
rpaulo 99513cfd59 In pf_socket_lookup() fix copy & paste problem when in6_pcblookup_bind() 
returns NULL.
 2006-02-07 22:53:03 +00:00
peter 10f6d07582 apply a fix from OpenBSD: 
> revision 1.104
> date: 2006/01/18 22:03:21;  author: dhartmei;  state: Exp;  lines: +2 -2
> fix a bug in the fragment cache (used for 'scrub fragment crop/drop-ovl',
> but not 'fragment reassemble'), which can cause some fragments to get
> inserted into the cache twice, thereby violating an invariant, and panic-
> ing the system subsequently. ok deraadt@
 2006-01-25 10:45:20 +00:00
peter 5d1968b1c0 Include netinet/in.h, for compatibility with OpenBSD (we #ifdef'ed out a 
header which includes netinet/in.h on OpenBSD).

Pointed out by Thomas E. Spanjaard.
No objection from yamt@.
 2006-01-17 12:24:53 +00:00
christos 97dec287fc make the kernel link without options INET. 
XXX: this is of dubious use.
 2005-12-28 09:29:48 +00:00
christos 08e11b2039 make this compile with no INET options. 2005-12-28 09:05:54 +00:00
christos 95e1ffb156 merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
christos a751ffb4fe Adjust for icmp_error signature. 2005-10-23 19:40:20 +00:00
yamt 3a2482b78f fr_check_wrapper6: handle M_CSUM_TCPv6|M_CSUM_UDPv6. 2005-08-11 13:01:38 +00:00
yamt bbfb2033ff pfil6_wrapper: handle M_CSUM_TCPv6|M_CSUM_UDPv6. 2005-08-11 13:01:24 +00:00
yamt d6d72a6dc9 wrap INET only code by #if defined(INET). (in __NetBSD__ part) 2005-08-06 11:22:39 +00:00
peter 84fa01a154 pf_test() can set *mp to NULL, check for this before de-referencing it. 
From Akihiro Sagawa in PR/30835.
 2005-07-26 13:09:23 +00:00
christos b132d4d5fd Fix typo 2005-07-10 09:22:56 +00:00
christos 4a35068121 Small correction to skd's patch from darren. 2005-07-10 05:49:38 +00:00
christos 20dd96aff1 Don't drop fragments that are smalled than the ip header size. From skd 2005-07-09 14:51:11 +00:00
peter 9710741485 Resolve conflicts (pf from OpenBSD 3.7, kernel part). 2005-07-01 12:37:34 +00:00
lukem fd8956d5fa Use an "XXXGCC -Wuninitalized" style that is consistent with that used 
elsewhere in the tree.
 2005-06-15 01:48:20 +00:00
jmc 6724401235 Cleanup XXGCC in a few places to make it easier to see. 2005-06-14 21:20:30 +00:00
jmc c3073778d2 Fix unitialized warnings that only crop up on m68k. XXGCC taggedd 2005-06-13 20:33:53 +00:00
darrenr 4e1ba8b46a bin/29508 - fix "ipf -T" - kernel wasn't setting ipft_cookie and userland 
was expecting it to be set, thus ignored it.
bin/29509 - because ipft_cookie wasn't reset to 0 before making the ioctl
call for each variable, only the first name to find was used, each successive
call just used the cookie.
CVn: ----------------------------------------------------------------------
 2005-06-11 12:31:40 +00:00
darrenr e5f523e30c Using USE_SPL should be done after the last place it is defined. 2005-06-11 12:12:59 +00:00
darrenr 486aaa2c70 kern/30082 - fr_check() is missing SPL_NET() macros for non-mutex using 
platforms, allowing it to be preempted and restarted in an inconsistent
state.
 2005-06-11 11:25:28 +00:00
yamt 656adb750b pf_reassemble: clear stale csum_flags. 2005-06-08 11:50:46 +00:00
christos f9aeac0ab7 - sprinkle const 
- avoid variable shadowing.
 2005-05-29 21:57:49 +00:00
christos 966656bbac more fallout from so_uid -> so_uidinfo. 2005-05-07 19:59:56 +00:00
martti 58b8abcbf8 Upgraded IPFilter to 4.1.8 2005-04-03 15:05:30 +00:00
martti c775aec128 Import IPFilter 4.1.8 2005-04-03 15:01:04 +00:00
christos 3136f75efa defopt IPFILTER_DEFAULT_BLOCK 2005-03-26 18:08:42 +00:00
peter 851064ccf9 Fix a GCC warning when compiling on evbppc. 
From FUKAUMI Naoki in PR #29669.
 2005-03-15 18:08:59 +00:00
hannken 4e0e09fd14 frpr_udpcommon() failed to handle fragmented packets. Packets with less than 
8 bytes of data were dropped.

- If the packet is a fragment, return. There is no UDP header in this case.
- Don't set the FI_SHORT flag. Already tested in `frpr_short()'.
- Remove unneeded test `!fin->fin_off'.

Approved by: Christos Zoulas <christos@netbsd.org>
 2005-03-07 13:59:30 +00:00
christos 2a8316cc91 Add a change lost in the transition from 4.1.3->4.1.6. Don't block packets 
for which we cannot add state. Explanation in the code. Fixes PR/29560.
 2005-03-01 13:41:43 +00:00
itojun 57eaa97695 with IPv6 intermediate host will not perform PMTUD. ip6_getpmtu() is for 
end node cases, so do not use it.
 2005-02-28 09:26:36 +00:00
martin 65c3e91025 When we call m_makewritable() the mbuf might be copied - so don't use 
stale mtod()'d pointers from before.
 2005-02-21 22:01:52 +00:00
martti 460bbcc960 Upgraded IPFilter to 4.1.6 2005-02-19 21:30:24 +00:00
martti 76b5d9e30f Import IPFilter 4.1.6 2005-02-19 21:26:02 +00:00
christos a05a0bbcb8 Deal with possibly uninitialized variable, and tidy up a bit. 2005-02-17 04:14:31 +00:00
christos 9606238d80 There were more broken things aside from the __'s missing. 2005-02-17 03:12:36 +00:00