diff options
author | peter <peter@FreeBSD.org> | 1998-06-20 18:29:38 +0000 |
---|---|---|
committer | peter <peter@FreeBSD.org> | 1998-06-20 18:29:38 +0000 |
commit | 9529c38ad8859b9f325867d97f266101f2c4dca3 (patch) | |
tree | 7c9206c000e7ad493db842a3fecdf77deacb096a /contrib/ipfilter/iplang | |
parent | 58e3555d887b6a5b1f460d8ee84ca4e97c0a8217 (diff) | |
download | FreeBSD-src-9529c38ad8859b9f325867d97f266101f2c4dca3.zip FreeBSD-src-9529c38ad8859b9f325867d97f266101f2c4dca3.tar.gz |
Import trimmed version of ipfilter 3.2.7.
Obtained from: Darren Reed via http://cheops.anu.edu.au/~avalon/
Diffstat (limited to 'contrib/ipfilter/iplang')
-rw-r--r-- | contrib/ipfilter/iplang/iplang_l.l | 269 | ||||
-rw-r--r-- | contrib/ipfilter/iplang/iplang_y.y | 53 |
2 files changed, 171 insertions, 151 deletions
diff --git a/contrib/ipfilter/iplang/iplang_l.l b/contrib/ipfilter/iplang/iplang_l.l index 458a852..89b7732 100644 --- a/contrib/ipfilter/iplang/iplang_l.l +++ b/contrib/ipfilter/iplang/iplang_l.l @@ -1,7 +1,3 @@ -%e 1500 -%p 4000 -%a 4000 -%o 6000 %{ /* * Copyright (C) 1997 by Darren Reed. @@ -10,7 +6,7 @@ * provided that this notice is preserved and due credit is given * to the original author and the contributors. * - * $Id: iplang_l.l,v 2.0.2.15.2.2 1997/12/10 09:54:15 darrenr Exp $ + * $Id: iplang_l.l,v 2.0.2.15.2.5 1997/12/28 01:32:13 darrenr Exp $ */ #include <stdio.h> #include <string.h> @@ -46,134 +42,143 @@ int next_item __P((int)); int save_token __P((void)); void swallow __P((void)); int yylex __P((void)); -%} +struct wordtab { + char *word; + int state; + int next; +}; + +struct wordtab words[] = { + { "interface", IL_INTERFACE, -1 }, + { "iface", IL_INTERFACE, -1 }, + { "name", IL_IFNAME, IL_TOKEN }, + { "ifname", IL_IFNAME, IL_TOKEN }, + { "router", IL_DEFROUTER, IL_TOKEN }, + { "mtu", IL_MTU, IL_NUMBER }, + { "eaddr", IL_EADDR, IL_TOKEN }, + { "v4addr", IL_V4ADDR, IL_TOKEN }, + { "ipv4", IL_IPV4, -1 }, + { "v", IL_V4V, IL_TOKEN }, + { "proto", IL_V4PROTO, IL_TOKEN }, + { "hl", IL_V4HL, IL_TOKEN }, + { "id", IL_V4ID, IL_TOKEN }, + { "ttl", IL_V4TTL, IL_TOKEN }, + { "tos", IL_V4TOS, IL_TOKEN }, + { "src", IL_V4SRC, IL_TOKEN }, + { "dst", IL_V4DST, IL_TOKEN }, + { "opt", IL_OPT, -1 }, + { "len", IL_LEN, IL_TOKEN }, + { "off", IL_OFF, IL_TOKEN }, + { "sum", IL_SUM, IL_TOKEN }, + { "tcp", IL_TCP, -1 }, + { "sport", IL_SPORT, IL_TOKEN }, + { "dport", IL_DPORT, IL_TOKEN }, + { "seq", IL_TCPSEQ, IL_TOKEN }, + { "ack", IL_TCPACK, IL_TOKEN }, + { "flags", IL_TCPFL, IL_TOKEN }, + { "urp", IL_TCPURP, IL_TOKEN }, + { "win", IL_TCPWIN, IL_TOKEN }, + { "udp", IL_UDP, -1 }, + { "send", IL_SEND, -1 }, + { "via", IL_VIA, IL_TOKEN }, + { "arp", IL_ARP, -1 }, + { "data", IL_DATA, -1 }, + { "value", IL_DVALUE, IL_TOKEN }, + { "file", IL_DFILE, IL_TOKEN }, + { "nop", IL_IPO_NOP, -1 }, + { "eol", IL_IPO_EOL, -1 }, + { "rr", IL_IPO_RR, -1 }, + { "zsu", IL_IPO_ZSU, -1 }, + { "mtup", IL_IPO_MTUP, -1 }, + { "mtur", IL_IPO_MTUR, -1 }, + { "encode", IL_IPO_ENCODE, -1 }, + { "ts", IL_IPO_TS, -1 }, + { "tr", IL_IPO_TR, -1 }, + { "sec", IL_IPO_SEC, -1 }, + { "secclass", IL_IPO_SECCLASS, IL_TOKEN }, + { "lsrr", IL_IPO_LSRR, -1 }, + { "esec", IL_IPO_ESEC, -1 }, + { "cipso", IL_IPO_CIPSO, -1 }, + { "satid", IL_IPO_SATID, -1 }, + { "ssrr", IL_IPO_SSRR, -1 }, + { "addext", IL_IPO_ADDEXT, -1 }, + { "visa", IL_IPO_VISA, -1 }, + { "imitd", IL_IPO_IMITD, -1 }, + { "eip", IL_IPO_EIP, -1 }, + { "finn", IL_IPO_FINN, -1 }, + { "mss", IL_TCPO_MSS, IL_TOKEN }, + { "wscale", IL_TCPO_WSCALE, IL_TOKEN }, + { "reserv-4", IL_IPS_RESERV4, -1 }, + { "topsecret", IL_IPS_TOPSECRET, -1 }, + { "secret", IL_IPS_SECRET, -1 }, + { "reserv-3", IL_IPS_RESERV3, -1 }, + { "confid", IL_IPS_CONFID, -1 }, + { "unclass", IL_IPS_UNCLASS, -1 }, + { "reserv-2", IL_IPS_RESERV2, -1 }, + { "reserv-1", IL_IPS_RESERV1, -1 }, + { "icmp", IL_ICMP, -1 }, + { "type", IL_ICMPTYPE, -1 }, + { "code", IL_ICMPCODE, -1 }, + { "echorep", IL_ICMP_ECHOREPLY, -1 }, + { "unreach", IL_ICMP_UNREACH, -1 }, + { "squench", IL_ICMP_SOURCEQUENCH, -1 }, + { "redir", IL_ICMP_REDIRECT, -1 }, + { "echo", IL_ICMP_ECHO, -1 }, + { "routerad", IL_ICMP_ROUTERADVERT, -1 }, + { "routersol", IL_ICMP_ROUTERSOLICIT, -1 }, + { "timex", IL_ICMP_TIMXCEED, -1 }, + { "paramprob", IL_ICMP_PARAMPROB, -1 }, + { "timest", IL_ICMP_TSTAMP, -1 }, + { "timestrep", IL_ICMP_TSTAMPREPLY, -1 }, + { "inforeq", IL_ICMP_IREQ, -1 }, + { "inforep", IL_ICMP_IREQREPLY, -1 }, + { "maskreq", IL_ICMP_MASKREQ, -1 }, + { "maskrep", IL_ICMP_MASKREPLY, -1 }, + { "net-unr", IL_ICMP_UNREACH_NET, -1 }, + { "host-unr", IL_ICMP_UNREACH_HOST, -1 }, + { "proto-unr", IL_ICMP_UNREACH_PROTOCOL, -1 }, + { "port-unr", IL_ICMP_UNREACH_PORT, -1 }, + { "needfrag", IL_ICMP_UNREACH_NEEDFRAG, -1 }, + { "srcfail", IL_ICMP_UNREACH_SRCFAIL, -1 }, + { "net-unk", IL_ICMP_UNREACH_NET_UNKNOWN, -1 }, + { "host-unk", IL_ICMP_UNREACH_HOST_UNKNOWN, -1 }, + { "isolate", IL_ICMP_UNREACH_ISOLATED, -1 }, + { "net-prohib", IL_ICMP_UNREACH_NET_PROHIB, -1 }, + { "host-prohib", IL_ICMP_UNREACH_HOST_PROHIB, -1 }, + { "net-tos", IL_ICMP_UNREACH_TOSNET, -1 }, + { "host-tos", IL_ICMP_UNREACH_TOSHOST, -1 }, + { "filter-prohib", IL_ICMP_UNREACH_FILTER_PROHIB, -1 }, + { "host-preced", IL_ICMP_UNREACH_HOST_PRECEDENCE, -1 }, + { "cutoff-preced", IL_ICMP_UNREACH_PRECEDENCE_CUTOFF, -1 }, + { "net-redir", IL_ICMP_REDIRECT_NET, -1 }, + { "host-redir", IL_ICMP_REDIRECT_HOST, -1 }, + { "tos-net-redir", IL_ICMP_REDIRECT_TOSNET, -1 }, + { "tos-host-redir", IL_ICMP_REDIRECT_TOSHOST, -1 }, + { "intrans", IL_ICMP_TIMXCEED_INTRANS, -1 }, + { "reass", IL_ICMP_TIMXCEED_REASS, -1 }, + { "optabsent", IL_ICMP_PARAMPROB_OPTABSENT, -1 }, + { "otime", IL_ICMP_OTIME, -1 }, + { "rtime", IL_ICMP_RTIME, -1 }, + { "ttime", IL_ICMP_TTIME, -1 }, + { "icmpseq", IL_ICMP_SEQ, -1 }, + { "icmpid", IL_ICMP_SEQ, -1 }, + { ".", IL_DOT, -1 }, + { NULL, 0, 0 } +}; +%} +white [ \t\r]+ %% -[ \t\r] ; +{white} ; \n { lineNum++; swallow(); } -interface | -iface { return next_state(IL_INTERFACE, -1); } -name | -ifname { return next_state(IL_IFNAME, IL_TOKEN); } -router { return next_state(IL_DEFROUTER, IL_TOKEN); } -mtu { return next_state(IL_MTU, IL_NUMBER); } -eaddr { return next_state(IL_EADDR, IL_TOKEN); } -v4addr { return next_state(IL_V4ADDR, IL_TOKEN); } -ipv4 { return next_state(IL_IPV4, -1); } -v { return next_state(IL_V4V, IL_TOKEN); } -proto { return next_state(IL_V4PROTO, IL_TOKEN); } -hl { return next_state(IL_V4HL, IL_TOKEN); } -id { return next_state(IL_V4ID, IL_TOKEN); } -ttl { return next_state(IL_V4TTL, IL_TOKEN); } -tos { return next_state(IL_V4TOS, IL_TOKEN); } -src { return next_state(IL_V4SRC, IL_TOKEN); } -dst { return next_state(IL_V4DST, IL_TOKEN); } -opt { return next_state(IL_OPT, -1); } -len { return next_state(IL_LEN, IL_TOKEN); } -off { return next_state(IL_OFF, IL_TOKEN); } -sum { return next_state(IL_SUM, IL_TOKEN); } -tcp { return next_state(IL_TCP, -1); } -sport { return next_state(IL_SPORT, IL_TOKEN); } -dport { return next_state(IL_DPORT, IL_TOKEN); } -seq { return next_state(IL_TCPSEQ, IL_TOKEN); } -ack { return next_state(IL_TCPACK, IL_TOKEN); } -flags { return next_state(IL_TCPFL, IL_TOKEN); } -urp { return next_state(IL_TCPURP, IL_TOKEN); } -win { return next_state(IL_TCPWIN, IL_TOKEN); } -udp { return next_state(IL_UDP, -1); } -send { return next_state(IL_SEND, -1); } -via { return next_state(IL_VIA, IL_TOKEN); } -arp { return next_state(IL_ARP, -1); } -data { return next_state(IL_DATA, -1); } -value { return next_state(IL_DVALUE, IL_TOKEN); } -file { return next_state(IL_DFILE, IL_TOKEN); } -nop { return next_state(IL_IPO_NOP, -1); } -eol { return next_state(IL_IPO_EOL, -1); } -rr { return next_state(IL_IPO_RR, -1); } -zsu { return next_state(IL_IPO_ZSU, -1); } -mtup { return next_state(IL_IPO_MTUP, -1); } -mtur { return next_state(IL_IPO_MTUR, -1); } -encode { return next_state(IL_IPO_ENCODE, -1); } -ts { return next_state(IL_IPO_TS, -1); } -tr { return next_state(IL_IPO_TR, -1); } -sec { return next_state(IL_IPO_SEC, -1); } -secclass { return next_state(IL_IPO_SECCLASS, IL_TOKEN); } -lsrr { return next_state(IL_IPO_LSRR, -1); } -esec { return next_state(IL_IPO_ESEC, -1); } -cipso { return next_state(IL_IPO_CIPSO, -1); } -satid { return next_state(IL_IPO_SATID, -1); } -ssrr { return next_state(IL_IPO_SSRR, -1); } -addext { return next_state(IL_IPO_ADDEXT, -1); } -visa { return next_state(IL_IPO_VISA, -1); } -imitd { return next_state(IL_IPO_IMITD, -1); } -eip { return next_state(IL_IPO_EIP, -1); } -finn { return next_state(IL_IPO_FINN, -1); } -mss { return next_state(IL_TCPO_MSS, IL_TOKEN); } -wscale { return next_state(IL_TCPO_MSS, IL_TOKEN); } -reserv-4 { return next_state(IL_IPS_RESERV4, -1); } -topsecret { return next_state(IL_IPS_TOPSECRET, -1); } -secret { return next_state(IL_IPS_SECRET, -1); } -reserv-3 { return next_state(IL_IPS_RESERV3, -1); } -confid { return next_state(IL_IPS_CONFID, -1); } -unclass { return next_state(IL_IPS_UNCLASS, -1); } -reserv-2 { return next_state(IL_IPS_RESERV2, -1); } -reserv-1 { return next_state(IL_IPS_RESERV1, -1); } -icmp { return next_state(IL_ICMP, -1); } -type { return next_state(IL_ICMPTYPE, -1); } -code { return next_state(IL_ICMPCODE, -1); } -echorep { return next_state(IL_ICMP_ECHOREPLY, -1); } -unreach { return next_state(IL_ICMP_UNREACH, -1); } -squench { return next_state(IL_ICMP_SOURCEQUENCH, -1); } -redir { return next_state(IL_ICMP_REDIRECT, -1); } -echo { return next_state(IL_ICMP_ECHO, -1); } -routerad { return next_state(IL_ICMP_ROUTERADVERT, -1); } -routersol { return next_state(IL_ICMP_ROUTERSOLICIT, -1); } -timex { return next_state(IL_ICMP_TIMXCEED, -1); } -paramprob { return next_state(IL_ICMP_PARAMPROB, -1); } -timest { return next_state(IL_ICMP_TSTAMP, -1); } -timestrep { return next_state(IL_ICMP_TSTAMPREPLY, -1); } -inforeq { return next_state(IL_ICMP_IREQ, -1); } -inforep { return next_state(IL_ICMP_IREQREPLY, -1); } -maskreq { return next_state(IL_ICMP_MASKREQ, -1); } -maskrep { return next_state(IL_ICMP_MASKREPLY, -1); } -net-unr { return next_state(IL_ICMP_UNREACH_NET, -1); } -host-unr { return next_state(IL_ICMP_UNREACH_HOST, -1); } -proto-unr { return next_state(IL_ICMP_UNREACH_PROTOCOL, -1); } -port-unr { return next_state(IL_ICMP_UNREACH_PORT, -1); } -needfrag { return next_state(IL_ICMP_UNREACH_NEEDFRAG, -1); } -srcfail { return next_state(IL_ICMP_UNREACH_SRCFAIL, -1); } -net-unk { return next_state(IL_ICMP_UNREACH_NET_UNKNOWN, -1); } -host-unk { return next_state(IL_ICMP_UNREACH_HOST_UNKNOWN, -1); } -isolate { return next_state(IL_ICMP_UNREACH_ISOLATED, -1); } -net-prohib { return next_state(IL_ICMP_UNREACH_NET_PROHIB, -1); } -host-prohib { return next_state(IL_ICMP_UNREACH_HOST_PROHIB, -1); } -net-tos { return next_state(IL_ICMP_UNREACH_TOSNET, -1); } -host-tos { return next_state(IL_ICMP_UNREACH_TOSHOST, -1); } -filter-prohib { return next_state(IL_ICMP_UNREACH_FILTER_PROHIB, -1); } -host-preced { return next_state(IL_ICMP_UNREACH_HOST_PRECEDENCE, -1); } -cutoff-preced { return next_state(IL_ICMP_UNREACH_PRECEDENCE_CUTOFF, -1); } -net-redir { return next_state(IL_ICMP_REDIRECT_NET, -1); } -host-redir { return next_state(IL_ICMP_REDIRECT_HOST, -1); } -tos-net-redir { return next_state(IL_ICMP_REDIRECT_TOSNET, -1); } -tos-host-redir { return next_state(IL_ICMP_REDIRECT_TOSHOST, -1); } -intrans { return next_state(IL_ICMP_TIMXCEED_INTRANS, -1); } -reass { return next_state(IL_ICMP_TIMXCEED_REASS, -1); } -optabsent { return next_state(IL_ICMP_PARAMPROB_OPTABSENT, -1); } -otime { return next_state(IL_ICMP_OTIME, -1); } -rtime { return next_state(IL_ICMP_RTIME, -1); } -ttime { return next_state(IL_ICMP_TTIME, -1); } -icmpseq { return next_state(IL_ICMP_SEQ, -1); } -icmpid { return next_state(IL_ICMP_SEQ, -1); } -\377 { return 0; } /* EOF */ \{ { push_proto(); return next_item('{'); } \} { pop_proto(); return next_item('}'); } -\. { return next_item(IL_DOT); } ; { return next_item(';'); } [0-9]+ { return next_item(IL_NUMBER); } [0-9a-fA-F] { return next_item(IL_HEXDIGIT); } : { return next_item(IL_COLON); } #[^\n]* { return next_item(IL_COMMENT); } -[^ {}\n\t;]* { return next_item(IL_TOKEN); } +[^ \{\}\n\t;:{}]* { return next_item(IL_TOKEN); } \"[^\"]*\" { return next_item(IL_TOKEN); } %% void yyerror(msg) @@ -220,10 +225,21 @@ int save_token() int next_item(nstate) int nstate; { + struct wordtab *wt; + + if (opts & OPT_DEBUG) + printf("text=[%s] id=%d next=%d\n", yytext, nstate, next); if (next == IL_TOKEN) { next = -1; return save_token(); } + token++; + + for (wt = words; wt->word; wt++) + if (!strcasecmp(wt->word, yytext)) + return next_state(wt->state, wt->next); + if (opts & OPT_DEBUG) + printf("unknown keyword=[%s]\n", yytext); next = -1; if (nstate == IL_NUMBER) yylval.num = atoi(yytext); @@ -235,13 +251,6 @@ int nstate; int next_state(nstate, fornext) int nstate, fornext; { - token++; - - if (next == IL_TOKEN) { - next = -1; - return save_token(); - } - next = fornext; switch (nstate) diff --git a/contrib/ipfilter/iplang/iplang_y.y b/contrib/ipfilter/iplang/iplang_y.y index 0906680..e01bb37 100644 --- a/contrib/ipfilter/iplang/iplang_y.y +++ b/contrib/ipfilter/iplang/iplang_y.y @@ -6,7 +6,7 @@ * provided that this notice is preserved and due credit is given * to the original author and the contributors. * - * $Id: iplang_y.y,v 2.0.2.18.2.5 1997/12/10 09:54:45 darrenr Exp $ + * $Id: iplang_y.y,v 2.0.2.18.2.7 1998/05/23 14:29:53 darrenr Exp $ */ #include <stdio.h> @@ -48,7 +48,9 @@ #include "ipf.h" #include "iplang.h" +#ifndef __NetBSD__ extern struct ether_addr *ether_aton __P((char *)); +#endif extern int opts; extern struct ipopt_names ionames[]; @@ -345,7 +347,7 @@ tcpopts: tcpopt: IL_TCPO_NOP ';' { set_tcpopt(IL_TCPO_NOP, NULL); } | IL_TCPO_EOL ';' { set_tcpopt(IL_TCPO_EOL, NULL); } | IL_TCPO_MSS optoken { set_tcpopt(IL_TCPO_MSS,&$2);} - | IL_TCPO_WSCALE optoken { set_tcpopt(IL_TCPO_MSS,&$2);} + | IL_TCPO_WSCALE optoken { set_tcpopt(IL_TCPO_WSCALE,&$2);} | IL_TCPO_TS optoken { set_tcpopt(IL_TCPO_TS, &$2);} ; @@ -779,6 +781,8 @@ char **arg; *t++ = (u_char)(val & 0xff); todo = 0; } + if (todo) + continue; } if (quote) { if (isdigit(c)) { @@ -807,8 +811,8 @@ char **arg; *t++ = '\t'; break; } - quote = 0; } + quote = 0; continue; } @@ -817,6 +821,8 @@ char **arg; else *t++ = c; } + if (todo) + *t++ = (u_char)(val & 0xff); if (quote) *t++ = '\\'; len = t - (u_char *)canip->ah_data; @@ -910,7 +916,7 @@ char **arg; void set_ipv4off(arg) char **arg; { - ip->ip_off = strtol(*arg, NULL, 0); + ip->ip_off = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } @@ -961,7 +967,7 @@ char **arg; void set_ipv4id(arg) char **arg; { - ip->ip_id = strtol(*arg, NULL, 0); + ip->ip_id = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } @@ -999,7 +1005,7 @@ void new_tcpheader() ip->ip_p = IPPROTO_TCP; tcp = (tcphdr_t *)new_header(IPPROTO_TCP); - tcp->th_win = 4096; + tcp->th_win = htons(4096); tcp->th_off = sizeof(*tcp) >> 2; } @@ -1047,7 +1053,7 @@ char **arg; void set_tcpseq(arg) char **arg; { - tcp->th_seq = strtol(*arg, NULL, 0); + tcp->th_seq = htonl(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } @@ -1056,7 +1062,7 @@ char **arg; void set_tcpack(arg) char **arg; { - tcp->th_ack = strtol(*arg, NULL, 0); + tcp->th_ack = htonl(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } @@ -1078,7 +1084,7 @@ char **arg; void set_tcpurp(arg) char **arg; { - tcp->th_urp = strtol(*arg, NULL, 0); + tcp->th_urp = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } @@ -1087,7 +1093,7 @@ char **arg; void set_tcpwin(arg) char **arg; { - tcp->th_win = strtol(*arg, NULL, 0); + tcp->th_win = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } @@ -1298,7 +1304,8 @@ void packet_done() u_char *s = (u_char *)ipbuffer, *t = (u_char *)outline; if (opts & OPT_VERBOSE) { - for (i = ip->ip_len, j = 0; i; i--, j++, s++) { + ip->ip_len = htons(ip->ip_len); + for (i = ntohs(ip->ip_len), j = 0; i; i--, j++, s++) { if (j && !(j & 0xf)) { *t++ = '\n'; *t = '\0'; @@ -1338,6 +1345,7 @@ void packet_done() } fputs(outline, stdout); fflush(stdout); + ip->ip_len = ntohs(ip->ip_len); } prep_packet(); @@ -1542,35 +1550,35 @@ char **type; void set_icmpid(arg) int arg; { - icmp->icmp_id = arg; + icmp->icmp_id = htons(arg); } void set_icmpseq(arg) int arg; { - icmp->icmp_seq = arg; + icmp->icmp_seq = htons(arg); } void set_icmpotime(arg) int arg; { - icmp->icmp_otime = arg; + icmp->icmp_otime = htonl(arg); } void set_icmprtime(arg) int arg; { - icmp->icmp_rtime = arg; + icmp->icmp_rtime = htonl(arg); } void set_icmpttime(arg) int arg; { - icmp->icmp_ttime = arg; + icmp->icmp_ttime = htonl(arg); } @@ -1578,7 +1586,7 @@ void set_icmpmtu(arg) int arg; { #if BSD >= 199306 - icmp->icmp_nextmtu = arg; + icmp->icmp_nextmtu = htons(arg); #endif } @@ -1730,7 +1738,9 @@ void end_ipv4() aniphdr_t *aip; ip->ip_sum = 0; + ip->ip_len = htons(ip->ip_len); ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); + ip->ip_len = ntohs(ip->ip_len); free_anipheader(); for (aip = aniphead, ip = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_IP) @@ -1761,9 +1771,10 @@ void end_udp() iptmp.ip_p = ip->ip_p; iptmp.ip_src = ip->ip_src; iptmp.ip_dst = ip->ip_dst; - iptmp.ip_len = ip->ip_len - (ip->ip_hl << 2); + iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2)); sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); - udp->uh_sum = c_chksum((u_short *)udp, (u_int)iptmp.ip_len, sum); + udp->uh_ulen = htons(udp->uh_ulen); + udp->uh_sum = c_chksum((u_short *)udp, (u_int)ntohs(iptmp.ip_len), sum); free_anipheader(); for (aip = aniphead, udp = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_UDP) @@ -1781,10 +1792,10 @@ void end_tcp() iptmp.ip_p = ip->ip_p; iptmp.ip_src = ip->ip_src; iptmp.ip_dst = ip->ip_dst; - iptmp.ip_len = ip->ip_len - (ip->ip_hl << 2); + iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2)); sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); tcp->th_sum = 0; - tcp->th_sum = c_chksum((u_short *)tcp, (u_int)iptmp.ip_len, sum); + tcp->th_sum = c_chksum((u_short *)tcp, (u_int)ntohs(iptmp.ip_len), sum); free_anipheader(); for (aip = aniphead, tcp = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_TCP) |