summaryrefslogtreecommitdiffstats
path: root/contrib
diff options
context:
space:
mode:
authordarrenr <darrenr@FreeBSD.org>2005-04-25 17:40:37 +0000
committerdarrenr <darrenr@FreeBSD.org>2005-04-25 17:40:37 +0000
commit15f9876206391ec6951c43fe2ac1316f690f438c (patch)
tree9cd39c056a2aaa763d548709aa30d5bc3c051861 /contrib
parentc5b4993c85e0d43326c139c8546a7620e37a6a41 (diff)
downloadFreeBSD-src-15f9876206391ec6951c43fe2ac1316f690f438c.zip
FreeBSD-src-15f9876206391ec6951c43fe2ac1316f690f438c.tar.gz
This commit was generated by cvs2svn to compensate for changes in r145513,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'contrib')
-rw-r--r--contrib/ipfilter/todo98
-rw-r--r--contrib/ipfilter/typescript121
2 files changed, 0 insertions, 219 deletions
diff --git a/contrib/ipfilter/todo b/contrib/ipfilter/todo
deleted file mode 100644
index 5b2c059..0000000
--- a/contrib/ipfilter/todo
+++ /dev/null
@@ -1,98 +0,0 @@
-BUGS:
------
-* fix "to <ifname>" bug on FreeBSD 2.2.8
-fastroute works
-
-===============================================================================
-GENERAL:
---------
-
-* support redirection like "rdr tun0 0/32 port 80 ..."
-
-* use fr_tcpstate() with NAT code for increased NAT usage security or even
- fr_checkstate() - suspect this is not possible.
-
-* add another alias for <thishost> for interfaces <thisif>? as well as
- all IP#'s associated with the box <myaddrs>?
-
-time permitting:
-
-* load balancing across interfaces
-
-* record buffering for TCP/UDP
-
-* modular application proxying
--done
-
-* allow multiple ip addresses in a source route list for ipsend
-
-* port IP Filter to Linux
-Not in this century.
-
-* document bimap
-
-* document NAT rule order processing
-
-* add more docs
-in progress
-
-3.4:
-XDDD. I agree. Bandwidth Shapping and QoS (Quality of Service, AKA
-traffic priorization) should be *TOP* in the TO DO list.
-
-* Bandwidth limiting!!!
-maybe for solaris, otherwise "ALTQ"
-* More examples
-* More documentation
-* Load balancing features added to the NAT code, so that I can have
-something coming in for 20.20.20.20:80 and it gets shuffled around between
-internal addresses 10.10.10.1:8000 and 10.10.10.2:8000. or whatever.
-- done, stage 1 (round robin/split)
-The one thing that Cisco's PIX has on IPF that I can see is that
-rewrites the sequence numbers with semi-random ones.
-- done
-
-I would also love to see a more extensive NAT. It can choose to do
-rdr and map based on saddr, daddr, sport and dport. (Does the kernel
-module already have functionality for that and it just needs support in
-the userland ipnat?)
--sort of done
-
- * intrusion detection
- detection of port scans
- detection of multiple connection attempts
-
- * support for multiple log files
- i.e. all connections to ftp and telnet logged to
- a seperate log file
-
- * multiple levels of log severity with E-mail notification
- of intrusion alerts or other high priority errors
-
- * poison pill facility
- after detection of a port scan, start sending back
- large packets of garbage or other packets to
- otherwise confuse the intruder (ping of death?)
-
-IPv6:
------
-* NAT is yet not available, either as a null proxy or address translation
-
-BSD:
-* "to <if>" and "to <if>:<ip>" are not supported, but "fastroute" is.
-
-Solaris:
-* "to <if>:<ip>" is not supported, but "fastroute" is and "to <if>" are.
-
-Tru64:
-------
-* IPv6 checksum calculation for RST's and ICMP packets is not done (there
- are routines in the Tru64 kernel to do this but what is the interface?)
-
-does bimap allow equal sized subnets?
-
-make return-icmp 'intelligent' if no type is given about what type to use?
-
-reply-to - enforce packets to pass through interfaces in particular
-combinations - opposite to "to", set reverse path interface
-
diff --git a/contrib/ipfilter/typescript b/contrib/ipfilter/typescript
deleted file mode 100644
index 1446ac4..0000000
--- a/contrib/ipfilter/typescript
+++ /dev/null
@@ -1,121 +0,0 @@
-Script started on Mon Apr 25 17:24:29 2005
-/sbin /usr/sbin /bin /usr/bin /etc /usr/sbin
-FreeBSD FreeBSD/i386.6.0 on /dev/ttyp0
-tcsh
-.cshrc
-(.cshrc)
--done.
-/bin /sbin /etc /usr/bin /usr/sbin /usr/games
-.cshrc done
-TERM = vt100
-/usr/X11R6/man /usr/share/man
-(freebsd6:~) cd /usr/src/sycontrib/ipfilter
-(freebsd6:/usr/src/contrib/ipfilter) l
-./ ip_compat.h ipf.h
-../ ip_fil.c ipl.h
-.cvsignore ip_fil.h iplang/
-BNF ip_fil_freebsd.c ipmon.h
-BSD/ ip_frag.c ipsd/
-BugReport ip_frag.h ipsend/
-CVS/ ip_ftp_pxy.c ipt.h
-FAQ.FreeBSD ip_h323_pxy.c kmem.h
-FWTK/ ip_htable.c l4check/
-FreeBSD/ ip_htable.h lib/
-FreeBSD-2.2/ ip_ipsec_pxy.c man/
-FreeBSD-3/ ip_irc_pxy.c md5.c
-FreeBSD-4.0/ ip_log.c md5.h
-HISTORY ip_lookup.c mkfilters
-IMPORTANT ip_lookup.h mlf_ipl.c
-INST.FreeBSD-2.2 ip_msnrpc_pxy.c mlf_rule.c
-INSTALL.FreeBSD ip_nat.c mlfk_ipl.c
-INSTALL.xBSD ip_nat.h mlfk_rule.c
-IPF.KANJI ip_netbios_pxy.c mlh_rule.c
-IPFILTER.LICENCE ip_pool.c net/
-Makefile ip_pool.h netinet/
-NAT.FreeBSD ip_pptp_pxy.c opts.h
-QNX_OCL.txt ip_proxy.c pcap-ipf.h
-README ip_proxy.h perl/
-STYLE.TXT ip_raudio_pxy.c radix.c
-WhatsNew40.txt ip_rcmd_pxy.c radix_ipf.h
-Y2K ip_rpcb_pxy.c rules/
-bpf-ipf.h ip_rules.c samples/
-bpf_filter.c ip_rules.h snoop.h
-bsdinstall ip_scan.c test/
-buildsunos ip_scan.h todo
-etc/ ip_state.c tools/
-fil.c ip_state.h typescript
-ip_auth.c ip_sync.c
-ip_auth.h ip_sync.h
-(freebsd6:/usr/src/contrib/ipfilter) l CVS
-./ Entries Repository
-../ Entries.Log Root
-(freebsd6:/usr/src/contrib/ipfilter) \rm -rf CVS
-(freebsd6:/usr/src/contrib/ipfilter) l
-./ ip_compat.h ip_sync.h
-../ ip_fil.c ipf.h
-.cvsignore ip_fil.h ipl.h
-BNF ip_fil_freebsd.c iplang/
-BSD/ ip_frag.c ipmon.h
-BugReport ip_frag.h ipsd/
-FAQ.FreeBSD ip_ftp_pxy.c ipsend/
-FWTK/ ip_h323_pxy.c ipt.h
-FreeBSD/ ip_htable.c kmem.h
-FreeBSD-2.2/ ip_htable.h l4check/
-FreeBSD-3/ ip_ipsec_pxy.c lib/
-FreeBSD-4.0/ ip_irc_pxy.c man/
-HISTORY ip_log.c md5.c
-IMPORTANT ip_lookup.c md5.h
-INST.FreeBSD-2.2 ip_lookup.h mkfilters
-INSTALL.FreeBSD ip_msnrpc_pxy.c mlf_ipl.c
-INSTALL.xBSD ip_nat.c mlf_rule.c
-IPF.KANJI ip_nat.h mlfk_ipl.c
-IPFILTER.LICENCE ip_netbios_pxy.c mlfk_rule.c
-Makefile ip_pool.c mlh_rule.c
-NAT.FreeBSD ip_pool.h net/
-QNX_OCL.txt ip_pptp_pxy.c netinet/
-README ip_proxy.c opts.h
-STYLE.TXT ip_proxy.h pcap-ipf.h
-WhatsNew40.txt ip_raudio_pxy.c perl/
-Y2K ip_rcmd_pxy.c radix.c
-bpf-ipf.h ip_rpcb_pxy.c radix_ipf.h
-bpf_filter.c ip_rules.c rules/
-bsdinstall ip_rules.h samples/
-buildsunos ip_scan.c snoop.h
-etc/ ip_scan.h test/
-fil.c ip_state.c todo
-ip_auth.c ip_state.h tools/
-ip_auth.h ip_sync.c typescript
-(freebsd6:/usr/src/contrib/ipfilter) cd ..
-(freebsd6:/usr/src/contrib) mv ipfilter ipfilter.i
-(freebsd6:/usr/src/contrib) cd !$ipfilter.i
-(freebsd6:/usr/src/contrib/ipfilter.i) l */CVS
-/bin/ls: No match.
-(freebsd6:/usr/src/contrib/ipfilter.i) cvs m
-(freebsd6:/usr/src/contrib/ipfilter.i) cvs import
-(freebsd6:/usr/src/contrib/ipfilter.i) ~
-/home/darrenr: Permission denied.
-(freebsd6:/usr/src/contrib/ipfilter.i) ~
-(freebsd6:/usr/src/contrib/ipfilter.i) suspend
-(freebsd6:/usr/src/contrib/ipfilter.i) history
- 1 17:24 cd /usr/src/contrib/ipfilter
- 2 17:24 l
- 3 17:24 l CVS
- 4 17:24 \rm -rf CVS
- 5 17:24 l
- 6 17:24 cd ..
- 7 17:24 mv ipfilter ipfilter.i
- 8 17:24 cd ipfilter.i
- 9 17:24 l */CVS
- 10 17:25 ~
- 11 17:25 suspend
- 12 17:25 history
-(freebsd6:/usr/src/contrib/ipfilter.i)
-(freebsd6:/usr/src/contrib/ipfilter.i) kill -STOP $$
-
-^C
-c
-
-
-(freebsd6:/usr/src/contrib/ipfilter.i)
-(freebsd6:/usr/src/contrib/ipfilter.i) c
-
OpenPOWER on IntegriCloud