diff options
author | darrenr <darrenr@FreeBSD.org> | 2000-05-24 02:14:22 +0000 |
---|---|---|
committer | darrenr <darrenr@FreeBSD.org> | 2000-05-24 02:14:22 +0000 |
commit | dda6755c7b3b3b5d3e9111b7d0c39a7d8b5f3e12 (patch) | |
tree | 8658a81b1c1fcbbbec3b1df568cc198dd98d44ee /contrib/ipfilter/FreeBSD-4.0 | |
parent | 1fa4f6782a7e92a232e56892d8bce7920d49292e (diff) | |
download | FreeBSD-src-dda6755c7b3b3b5d3e9111b7d0c39a7d8b5f3e12.zip FreeBSD-src-dda6755c7b3b3b5d3e9111b7d0c39a7d8b5f3e12.tar.gz |
Import IP Filter 3.4.4 into FreeBSD-current
Diffstat (limited to 'contrib/ipfilter/FreeBSD-4.0')
-rwxr-xr-x | contrib/ipfilter/FreeBSD-4.0/ipv6-patch | 61 | ||||
-rwxr-xr-x | contrib/ipfilter/FreeBSD-4.0/kinstall | 50 | ||||
-rwxr-xr-x | contrib/ipfilter/FreeBSD-4.0/unkinstall | 48 |
3 files changed, 159 insertions, 0 deletions
diff --git a/contrib/ipfilter/FreeBSD-4.0/ipv6-patch b/contrib/ipfilter/FreeBSD-4.0/ipv6-patch new file mode 100755 index 0000000..c232b2c --- /dev/null +++ b/contrib/ipfilter/FreeBSD-4.0/ipv6-patch @@ -0,0 +1,61 @@ +*** ip6_input.c.orig Sun Feb 13 14:32:01 2000 +--- ip6_input.c Wed Apr 26 22:31:34 2000 +*************** +*** 121,126 **** +--- 121,127 ---- + + extern struct domain inet6domain; + extern struct ip6protosw inet6sw[]; ++ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); + + u_char ip6_protox[IPPROTO_MAX]; + static int ip6qmaxlen = IFQ_MAXLEN; +*************** +*** 302,307 **** +--- 303,317 ---- + ip6stat.ip6s_badvers++; + in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); + goto bad; ++ } ++ ++ if (fr_checkp) { ++ struct mbuf *m1 = m; ++ ++ if ((*fr_checkp)(ip6, sizeof(*ip6), m->m_pkthdr.rcvif, ++ 0, &m1) || !m1) ++ return; ++ ip6 = mtod(m = m1, struct ip6_hdr *); + } + + ip6stat.ip6s_nxthist[ip6->ip6_nxt]++; +*** ip6_output.c.orig Fri Mar 10 01:57:16 2000 +--- ip6_output.c Wed Apr 26 22:34:34 2000 +*************** +*** 108,113 **** +--- 108,115 ---- + #include <netinet6/ip6_fw.h> + #endif + ++ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); ++ + static MALLOC_DEFINE(M_IPMOPTS, "ip6_moptions", "internet multicast options"); + + struct ip6_exthdrs { +*************** +*** 754,759 **** +--- 756,770 ---- + ip6->ip6_src.s6_addr16[1] = 0; + if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) + ip6->ip6_dst.s6_addr16[1] = 0; ++ } ++ ++ if (fr_checkp) { ++ struct mbuf *m1 = m; ++ ++ if ((error = (*fr_checkp)(ip6, sizeof(*ip6), ifp, 1, &m1)) || ++ !m1) ++ goto done; ++ ip6 = mtod(m = m1, struct ip6_hdr *); + } + + #ifdef IPV6FIREWALL diff --git a/contrib/ipfilter/FreeBSD-4.0/kinstall b/contrib/ipfilter/FreeBSD-4.0/kinstall new file mode 100755 index 0000000..cb3c3da --- /dev/null +++ b/contrib/ipfilter/FreeBSD-4.0/kinstall @@ -0,0 +1,50 @@ +#!/bin/csh -f +# +set dir=`pwd` +set karch=`uname -m` +if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch" +if ( -d /sys/$karch ) set archdir="/sys/$karch" +set confdir="$archdir/conf" + +if ( $dir =~ */FreeBSD* ) cd .. +echo -n "Installing " +foreach i (ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] fil.c \ + ip_proxy.[ch] ip_{ftp,rcmd,raudio}_pxy.c mlf_ipl.c ipl.h \ + ip_compat.h ip_auth.[ch] ip_log.c) + echo -n "$i "; + cp $i /sys/netinet + chmod 644 /sys/netinet/$i +end +echo "" +echo "Linking /usr/include/osreldate.h to /sys/sys/osreldate.h" +ln -s /usr/include/osreldate.h /sys/sys/osreldate.h + +echo "" +echo "Patching ip6_input.c and ip6_output.c" +cat FreeBSD-4.0/ipv6-patch | (cd /sys/netinet6; patch) + +set config=`(cd $confdir; /bin/ls -1t [0-9A-Z_]*) | head -1` +echo -n "Kernel configuration to update [$config] " +set newconfig=$< +if ( "$newconfig" != "" ) then + set config="$confdir/$newconfig" +else + set newconfig=$config +endif +echo "Rewriting $newconfig..." +if ( -f $confdir/$newconfig ) then + mv $confdir/$newconfig $confdir/$newconfig.bak +endif +if ( -d $archdir/../compile/$newconfig ) then + set bak=".bak" + set dot=0 + while ( -d $archdir/../compile/${newconfig}.${bak} ) + set bak=".bak.$dot" + set dot=`expr 1 + $dot` + end + mv $archdir/../compile/$newconfig $archdir/../compile/${newconfig}.${bak} +endif +awk '{print $0;if($2=="INET"){print"options IPFILTER\noptions IPFILTER_LOG"}}'\ + $confdir/$newconfig.bak > $confdir/$newconfig +echo "You will now need to run config on $newconfig and build a new kernel." +exit 0 diff --git a/contrib/ipfilter/FreeBSD-4.0/unkinstall b/contrib/ipfilter/FreeBSD-4.0/unkinstall new file mode 100755 index 0000000..d43ac4a --- /dev/null +++ b/contrib/ipfilter/FreeBSD-4.0/unkinstall @@ -0,0 +1,48 @@ +#!/bin/csh -f +# +# +set dir=`pwd` +set karch=`uname -m` +if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch" +if ( -d /sys/$karch ) set archdir="/sys/$karch" +set confdir="$archdir/conf" + +if ( $dir =~ */FreeBSD* ) cd .. +echo -n "Uninstalling " +foreach i (ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] fil.c \ + ip_auth.[ch] ip_proxy.[ch] ip_{ftp,rcmd,raudio}_pxy.c ip_compat.h \ + ip_log.c mlf_ipl.c ipl.h) + echo -n "$i "; + /bin/rm -f /sys/netinet/$i +end +echo "" + +echo "Removing link from /usr/include/osreldate.h to /sys/sys/osreldate.h" +rm /sys/sys/osreldate.h + +echo "Removing patch to ip6_input.c and ip6_output.c" +cat FreeBSD-4.0/ipv6-patch | (cd /sys/netinet6; patch -R) + +set config=`(cd $confdir; /bin/ls -1t [0-9A-Z_]*) | head -1` +echo -n "Kernel configuration to update [$config] " +set newconfig=$< +if ( "$newconfig" != "" ) then + set config="$confdir/$newconfig" +else + set newconfig=$config +endif +if ( -f $confdir/$newconfig ) then + mv $confdir/$newconfig $confdir/$newconfig.bak +endif +if ( -d $archdir/../compile/$newconfig ) then + set bak=".bak" + set dot=0 + while ( -d $archdir/../compile/${newconfig}.${bak} ) + set bak=".bak.$dot" + set dot=`expr 1 + $dot` + end + mv $archdir/../compile/$newconfig $archdir/../compile/${newconfig}.${bak} +endif +egrep -v IPFILTER $confdir/$newconfig.bak > $confdir/$newconfig +echo 'You will now need to run "config" and build a new kernel.' +exit 0 |