diff options
author | darrenr <darrenr@FreeBSD.org> | 2000-10-26 12:45:54 +0000 |
---|---|---|
committer | darrenr <darrenr@FreeBSD.org> | 2000-10-26 12:45:54 +0000 |
commit | 7595d5ffce4a14f32ac605d21cbd61fbe85057e2 (patch) | |
tree | 7098416027f8d3f0d9828794b9eb7a6e22f08d6a /contrib/ipfilter/FreeBSD-4.0 | |
parent | 54a215376523c9828e0092de33f29614fca24281 (diff) | |
download | FreeBSD-src-7595d5ffce4a14f32ac605d21cbd61fbe85057e2.zip FreeBSD-src-7595d5ffce4a14f32ac605d21cbd61fbe85057e2.tar.gz |
Import IP Filter 3.4.12
Diffstat (limited to 'contrib/ipfilter/FreeBSD-4.0')
-rwxr-xr-x | contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.0 | 61 | ||||
-rw-r--r-- | contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.1 | 63 | ||||
-rwxr-xr-x | contrib/ipfilter/FreeBSD-4.0/kinstall | 8 | ||||
-rwxr-xr-x | contrib/ipfilter/FreeBSD-4.0/unkinstall | 3 |
4 files changed, 133 insertions, 2 deletions
diff --git a/contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.0 b/contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.0 new file mode 100755 index 0000000..c232b2c --- /dev/null +++ b/contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.0 @@ -0,0 +1,61 @@ +*** ip6_input.c.orig Sun Feb 13 14:32:01 2000 +--- ip6_input.c Wed Apr 26 22:31:34 2000 +*************** +*** 121,126 **** +--- 121,127 ---- + + extern struct domain inet6domain; + extern struct ip6protosw inet6sw[]; ++ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); + + u_char ip6_protox[IPPROTO_MAX]; + static int ip6qmaxlen = IFQ_MAXLEN; +*************** +*** 302,307 **** +--- 303,317 ---- + ip6stat.ip6s_badvers++; + in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); + goto bad; ++ } ++ ++ if (fr_checkp) { ++ struct mbuf *m1 = m; ++ ++ if ((*fr_checkp)(ip6, sizeof(*ip6), m->m_pkthdr.rcvif, ++ 0, &m1) || !m1) ++ return; ++ ip6 = mtod(m = m1, struct ip6_hdr *); + } + + ip6stat.ip6s_nxthist[ip6->ip6_nxt]++; +*** ip6_output.c.orig Fri Mar 10 01:57:16 2000 +--- ip6_output.c Wed Apr 26 22:34:34 2000 +*************** +*** 108,113 **** +--- 108,115 ---- + #include <netinet6/ip6_fw.h> + #endif + ++ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); ++ + static MALLOC_DEFINE(M_IPMOPTS, "ip6_moptions", "internet multicast options"); + + struct ip6_exthdrs { +*************** +*** 754,759 **** +--- 756,770 ---- + ip6->ip6_src.s6_addr16[1] = 0; + if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) + ip6->ip6_dst.s6_addr16[1] = 0; ++ } ++ ++ if (fr_checkp) { ++ struct mbuf *m1 = m; ++ ++ if ((error = (*fr_checkp)(ip6, sizeof(*ip6), ifp, 1, &m1)) || ++ !m1) ++ goto done; ++ ip6 = mtod(m = m1, struct ip6_hdr *); + } + + #ifdef IPV6FIREWALL diff --git a/contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.1 b/contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.1 new file mode 100644 index 0000000..90dac19 --- /dev/null +++ b/contrib/ipfilter/FreeBSD-4.0/ipv6-patch-4.1 @@ -0,0 +1,63 @@ +*** ip6_input.c.orig Sat Jul 15 07:14:34 2000 +--- ip6_input.c Thu Oct 19 17:14:37 2000 +*************** +*** 120,125 **** +--- 120,127 ---- + + extern struct domain inet6domain; + extern struct ip6protosw inet6sw[]; ++ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, ++ struct mbuf **)); + + u_char ip6_protox[IPPROTO_MAX]; + static int ip6qmaxlen = IFQ_MAXLEN; +*************** +*** 289,294 **** +--- 291,305 ---- + ip6stat.ip6s_badvers++; + in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); + goto bad; ++ } ++ ++ if (fr_checkp) { ++ struct mbuf *m1 = m; ++ ++ if ((*fr_checkp)(ip6, sizeof(*ip6), m->m_pkthdr.rcvif, ++ 0, &m1) || !m1) ++ return; ++ ip6 = mtod(m = m1, struct ip6_hdr *); + } + + ip6stat.ip6s_nxthist[ip6->ip6_nxt]++; + +*** ip6_output.c.orig Sat Jul 15 07:14:35 2000 +--- ip6_output.c Thu Oct 19 17:13:53 2000 +*************** +*** 106,111 **** +--- 106,113 ---- + #include <netinet6/ip6_fw.h> + #endif + ++ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); ++ + static MALLOC_DEFINE(M_IPMOPTS, "ip6_moptions", "internet multicast options"); + + struct ip6_exthdrs { +*************** +*** 787,792 **** +--- 789,803 ---- + ip6->ip6_src.s6_addr16[1] = 0; + if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) + ip6->ip6_dst.s6_addr16[1] = 0; ++ } ++ ++ if (fr_checkp) { ++ struct mbuf *m1 = m; ++ ++ if ((error = (*fr_checkp)(ip6, sizeof(*ip6), ifp, 1, &m1)) || ++ !m1) ++ goto done; ++ ip6 = mtod(m = m1, struct ip6_hdr *); + } + + #ifdef IPV6FIREWALL diff --git a/contrib/ipfilter/FreeBSD-4.0/kinstall b/contrib/ipfilter/FreeBSD-4.0/kinstall index cb3c3da..7e663d2 100755 --- a/contrib/ipfilter/FreeBSD-4.0/kinstall +++ b/contrib/ipfilter/FreeBSD-4.0/kinstall @@ -2,6 +2,7 @@ # set dir=`pwd` set karch=`uname -m` +set krev=`uname -r|sed -e 's/\([0-9\.]*\)-.*/\1/'` if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch" if ( -d /sys/$karch ) set archdir="/sys/$karch" set confdir="$archdir/conf" @@ -21,7 +22,7 @@ ln -s /usr/include/osreldate.h /sys/sys/osreldate.h echo "" echo "Patching ip6_input.c and ip6_output.c" -cat FreeBSD-4.0/ipv6-patch | (cd /sys/netinet6; patch) +cat FreeBSD-4.0/ipv6-patch-$krev | (cd /sys/netinet6; patch) set config=`(cd $confdir; /bin/ls -1t [0-9A-Z_]*) | head -1` echo -n "Kernel configuration to update [$config] " @@ -31,6 +32,11 @@ if ( "$newconfig" != "" ) then else set newconfig=$config endif +grep -q IPFILTER $confdir/$newconfig +if ($status == 0) then + echo "IPFilter already configured in kernel config file" + exit 0 +endif echo "Rewriting $newconfig..." if ( -f $confdir/$newconfig ) then mv $confdir/$newconfig $confdir/$newconfig.bak diff --git a/contrib/ipfilter/FreeBSD-4.0/unkinstall b/contrib/ipfilter/FreeBSD-4.0/unkinstall index d43ac4a..4e9caaa 100755 --- a/contrib/ipfilter/FreeBSD-4.0/unkinstall +++ b/contrib/ipfilter/FreeBSD-4.0/unkinstall @@ -3,6 +3,7 @@ # set dir=`pwd` set karch=`uname -m` +set krev=`uname -r|sed -e 's/\([0-9\.]*\)-.*/\1/'` if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch" if ( -d /sys/$karch ) set archdir="/sys/$karch" set confdir="$archdir/conf" @@ -21,7 +22,7 @@ echo "Removing link from /usr/include/osreldate.h to /sys/sys/osreldate.h" rm /sys/sys/osreldate.h echo "Removing patch to ip6_input.c and ip6_output.c" -cat FreeBSD-4.0/ipv6-patch | (cd /sys/netinet6; patch -R) +cat FreeBSD-4.0/ipv6-patch-$krev | (cd /sys/netinet6; patch -R) set config=`(cd $confdir; /bin/ls -1t [0-9A-Z_]*) | head -1` echo -n "Kernel configuration to update [$config] " |