bring changes in IPFilter to 3.4.31 on to the head

author: darrenr <darrenr@FreeBSD.org> 2003-02-15 06:32:48 +0000
committer: darrenr <darrenr@FreeBSD.org> 2003-02-15 06:32:48 +0000
commit: e818bd682cecec1d1c1a1b76c1d99e0bcf21a936 (patch)
tree: 0bdf8f5571272830fd0af76cc92628e15ba72f4c /contrib/ipfilter
parent: cd8fb83e1fd0e99706f1352a9c2c9aa96fa39617 (diff)
download: FreeBSD-src-e818bd682cecec1d1c1a1b76c1d99e0bcf21a936.zip
FreeBSD-src-e818bd682cecec1d1c1a1b76c1d99e0bcf21a936.tar.gz
10 files changed, 60 insertions, 16 deletions
diff --git a/contrib/ipfilter/iplang/iplang_y.y b/contrib/ipfilter/iplang/iplang_y.y
index affdf92..5b7608b 100644
--- a/contrib/ipfilter/iplang/iplang_y.y
+++ b/contrib/ipfilter/iplang/iplang_y.y
@@ -10,7 +10,7 @@
  * $FreeBSD$
  */
 
-#ifdef __sgi
+#if defined(__sgi) && (IRIX > 602)
 # include <sys/ptimers.h>
 #endif
 #include <stdio.h>
@@ -53,7 +53,7 @@
 #include "iplang.h"
 
 #if !defined(__NetBSD__) && (!defined(__FreeBSD_version) && \
-    __FreeBSD_version < 400020)
+    __FreeBSD_version < 400020 ) && SOLARIS2 < 10 
 extern	struct ether_addr *ether_aton __P((char *));
 #endif
 
diff --git a/contrib/ipfilter/ipmon.c b/contrib/ipfilter/ipmon.c
index 1b1cd71..c8b032e 100644
--- a/contrib/ipfilter/ipmon.c
+++ b/contrib/ipfilter/ipmon.c
@@ -8,7 +8,7 @@
 #define SOLARIS (defined(__SVR4) || defined(__svr4__)) && defined(sun)
 #endif
 
-#ifdef __sgi
+#if defined(__sgi) && (IRIX > 602)
 # include <sys/ptimers.h>
 #endif
 #include <sys/types.h>
diff --git a/contrib/ipfilter/ipsend/ipsend.c b/contrib/ipfilter/ipsend/ipsend.c
index 3d3b5bc..8c9be57 100644
--- a/contrib/ipfilter/ipsend/ipsend.c
+++ b/contrib/ipfilter/ipsend/ipsend.c
@@ -9,7 +9,7 @@
  *
  * See the IPFILTER.LICENCE file for details on licencing.
  */
-#ifdef __sgi
+#if defined(__sgi) && (IRIX > 602)
 # include <sys/ptimers.h>
 #endif
 #include <stdio.h>
diff --git a/contrib/ipfilter/ipsend/iptests.c b/contrib/ipfilter/ipsend/iptests.c
index 12cdf83..4805caf 100644
--- a/contrib/ipfilter/ipsend/iptests.c
+++ b/contrib/ipfilter/ipsend/iptests.c
@@ -3,7 +3,7 @@
  *
  * See the IPFILTER.LICENCE file for details on licencing.
  */
-#ifdef __sgi
+#if defined(__sgi) && (IRIX > 602)
 # include <sys/ptimers.h>
 #endif
 #include <stdio.h>
@@ -75,20 +75,28 @@
 #if defined(__SVR4) || defined(__svr4__) || defined(__sgi)
 # include <sys/sysmacros.h>
 #endif
+#if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 106000000)
+# define USE_NANOSLEEP
+#endif
 #include "ipsend.h"
 
 #if 0
 #if !defined(lint)
 static const char sccsid[] = "%W% %G% (C)1995 Darren Reed";
-static const char rcsid[] = "@(#)$Id: iptests.c,v 2.1.4.5 2002/02/22 15:32:58 darrenr Exp $";
+static const char rcsid[] = "@(#)$Id: iptests.c,v 2.1.4.8 2002/12/06 11:40:35 darrenr Exp $";
 #endif
 #endif
 
 __FBSDID("$FreeBSD$");
 
 
-#define	PAUSE()	tv.tv_sec = 0; tv.tv_usec = 10000; \
-		  (void) select(0, NULL, NULL, NULL, &tv)
+#ifdef	USE_NANOSLEEP
+# define	PAUSE()	ts.tv_sec = 0; ts.tv_nsec = 10000000; \
+		  (void) nanosleep(&ts, NULL)
+#else
+# define	PAUSE()	tv.tv_sec = 0; tv.tv_usec = 10000; \
+				  (void) select(0, NULL, NULL, NULL, &tv)
+#endif
 
 
 void	ip_test1(dev, mtu, ip, gwip, ptest)
@@ -98,7 +106,11 @@ ip_t	*ip;
 struct	in_addr	gwip;
 int	ptest;
 {
+#ifdef	USE_NANOSLEEP
+	struct	timespec ts;
+#else
 	struct	timeval	tv;
+#endif
 	udphdr_t *u;
 	int	nfd, i = 0, len, id = getpid();
 
@@ -442,7 +454,11 @@ ip_t	*ip;
 struct	in_addr	gwip;
 int	ptest;
 {
+#ifdef	USE_NANOSLEEP
+	struct	timespec ts;
+#else
 	struct	timeval	tv;
+#endif
 	int	nfd;
 	u_char	*s;
 
@@ -533,7 +549,11 @@ int	ptest;
 {
 	static	int	ict1[10] = { 8, 9, 10, 13, 14, 15, 16, 17, 18, 0 };
 	static	int	ict2[8] = { 3, 9, 10, 13, 14, 17, 18, 0 };
+#ifdef	USE_NANOSLEEP
+	struct	timespec ts;
+#else
 	struct	timeval	tv;
+#endif
 	struct	icmp	*icp;
 	int	nfd, i;
 
@@ -725,7 +745,11 @@ ip_t	*ip;
 struct	in_addr	gwip;
 int	ptest;
 {
+#ifdef	USE_NANOSLEEP
+	struct	timespec ts;
+#else
 	struct	timeval	tv;
+#endif
 	udphdr_t	*u;
 	int	nfd, i;
 
@@ -883,7 +907,11 @@ ip_t	*ip;
 struct	in_addr	gwip;
 int	ptest;
 {
+#ifdef	USE_NANOSLEEP
+	struct	timespec ts;
+#else
 	struct	timeval	tv;
+#endif
 	tcphdr_t *t;
 	int	nfd, i;
 
@@ -1226,7 +1254,11 @@ ip_t	*ip;
 struct	in_addr	gwip;
 int	ptest;
 {
+#ifdef	USE_NANOSLEEP
+	struct	timespec ts;
+#else
 	struct	timeval	tv;
+#endif
 	udphdr_t *u;
 	int	nfd, i, j, k;
 
@@ -1301,8 +1333,12 @@ ip_t	*ip;
 struct	in_addr	gwip;
 int	ptest;
 {
-	ip_t	*pip;
+#ifdef	USE_NANOSLEEP
+	struct	timespec ts;
+#else
 	struct	timeval	tv;
+#endif
+	ip_t	*pip;
 	int	nfd, i, j;
 	u_char	*s;
 
diff --git a/contrib/ipfilter/ipsend/sock.c b/contrib/ipfilter/ipsend/sock.c
index 519cedf..988da4c 100644
--- a/contrib/ipfilter/ipsend/sock.c
+++ b/contrib/ipfilter/ipsend/sock.c
@@ -4,7 +4,7 @@
  *
  * See the IPFILTER.LICENCE file for details on licencing.
  */
-#ifdef __sgi
+#if defined(__sgi) && (IRIX > 602)
 # include <sys/ptimers.h>
 #endif
 #include <stdio.h>
@@ -66,7 +66,7 @@
 
 #if !defined(lint)
 static const char sccsid[] = "@(#)sock.c	1.2 1/11/96 (C)1995 Darren Reed";
-static const char rcsid[] = "@(#)$Id: sock.c,v 2.1.4.5 2002/02/22 15:32:58 darrenr Exp $";
+static const char rcsid[] = "@(#)$Id: sock.c,v 2.1.4.6 2002/12/06 11:40:36 darrenr Exp $";
 #endif
 
 
diff --git a/contrib/ipfilter/man/ipf.5 b/contrib/ipfilter/man/ipf.5
index 12e188e..ecd6caf 100644
--- a/contrib/ipfilter/man/ipf.5
+++ b/contrib/ipfilter/man/ipf.5
@@ -62,7 +62,7 @@ host-num = digit [ digit [ digit ] ] .
 port-num = service-name | decnumber .
 
 withopt = [ "not" | "no" ] opttype [ withopt ] .
-opttype = "ipopts" | "short" | "frag" | "opt" ipopts  .
+opttype = "ipopts" | "short" | "frag" | "opt" optname .
 optname	= ipopts [ "," optname ] .
 ipopts  = optlist | "sec-class" [ secname ] .
 secname	= seclvl [ "," secname ] .
diff --git a/contrib/ipfilter/man/ipf.8 b/contrib/ipfilter/man/ipf.8
index 423ae35..a1f5b06 100644
--- a/contrib/ipfilter/man/ipf.8
+++ b/contrib/ipfilter/man/ipf.8
@@ -56,7 +56,7 @@ the order on the command line being that used to execute options.
 .TP
 .BR \-F \0<s|S>
 To flush entries from the state table, the \fB-F\fP option is used in
-conjuction with either "s" (removes state information about any non-fully
+conjunction with either "s" (removes state information about any non-fully
 established connections) or "S" (deletes the entire state table).  Only
 one of the two options may be given.  A fully established connection
 will show up in \fBipfstat -s\fP output as 4/4, with deviations either
diff --git a/contrib/ipfilter/man/ipfstat.8 b/contrib/ipfilter/man/ipfstat.8
index f36e31b..f4e5d5b 100644
--- a/contrib/ipfilter/man/ipfstat.8
+++ b/contrib/ipfilter/man/ipfstat.8
@@ -123,7 +123,7 @@ be used while ipfstat is in top mode.
 .BR \-T \0<refreshtime>
 This option is only valid in combination with \fB\-t\fP. Specifies how often
 the state top display should be updated. The refresh time is the number of
-seconds between an update. Any postive integer can be used. The default (and
+seconds between an update. Any positive integer can be used. The default (and
 minimal update time) is 1.
 .TP
 .B \-v
@@ -163,7 +163,7 @@ the number of bytes. States are sorted in descending order, but you can use
 the \fBr\fP key to sort them in ascending order.
 .SH STATE TOP LIMITATIONS
 It is currently not possible to interactively change the source, destination
-and protocol filters or the refreh frequency. This must be done from the
+and protocol filters or the refresh frequency. This must be done from the
 command line.
 .PP
 The screen must have at least 80 columns. This is however not checked.
diff --git a/contrib/ipfilter/man/ipftest.1 b/contrib/ipfilter/man/ipftest.1
index 9d2965b..936445c 100644
--- a/contrib/ipfilter/man/ipftest.1
+++ b/contrib/ipfilter/man/ipftest.1
@@ -15,6 +15,9 @@ interface
 [
 .B \-i
 <filename>
+] [
+.B \-s
+<ipaddress>
 ]
 .SH DESCRIPTION
 .PP
@@ -129,6 +132,11 @@ Specify the filename from which to take input.  Default is stdin.
 .TP
 .BR \-r \0<filename>
 Specify the filename from which to read filter rules.
+.TP
+.BR \-s \0<ipaddress>
+Where the input format is incapable of telling \fBipftest\fP whther a packet is
+going in or out, setting this option to an IP address results in the direction
+being set to out if the source matches or in if the destination matches. 
 .SH SEE ALSO
 ipf(5), ipf(8), snoop(1m), tcpdump(8), etherfind(8c)
 .SH BUGS
diff --git a/contrib/ipfilter/man/ipmon.8 b/contrib/ipfilter/man/ipmon.8
index 043c131..3fa6caf 100644
--- a/contrib/ipfilter/man/ipmon.8
+++ b/contrib/ipfilter/man/ipmon.8
@@ -55,7 +55,7 @@ setting, not a particular rule.
 .LP
 6. The addresses.
 This is actually three fields: the source address and port
-(separted by a comma), the \fB->\fP symbol, and the destination address
+(separated by a comma), the \fB->\fP symbol, and the destination address
 and port. E.g.: \fB209.53.17.22,80 -> 198.73.220.17,1722\fP.
 .LP
 7. \fBPR\fP followed by the protocol name or number, e.g., \fBPR tcp\fP.
author	darrenr <darrenr@FreeBSD.org>	2003-02-15 06:32:48 +0000
committer	darrenr <darrenr@FreeBSD.org>	2003-02-15 06:32:48 +0000
commit	e818bd682cecec1d1c1a1b76c1d99e0bcf21a936 (patch)
tree	0bdf8f5571272830fd0af76cc92628e15ba72f4c /contrib/ipfilter
parent	cd8fb83e1fd0e99706f1352a9c2c9aa96fa39617 (diff)
download	FreeBSD-src-e818bd682cecec1d1c1a1b76c1d99e0bcf21a936.zip FreeBSD-src-e818bd682cecec1d1c1a1b76c1d99e0bcf21a936.tar.gz