From 83807ec50da2dec25df74073d007a33ae79d8bfd Mon Sep 17 00:00:00 2001 From: mlaier Date: Tue, 3 Jul 2007 12:46:08 +0000 Subject: Link pf 4.1 to the build: - move ftp-proxy from libexec to usr.sbin - add tftp-proxy - new altq mtag link Approved by: re (kensmith) --- libexec/Makefile | 4 +- libexec/ftp-proxy/Makefile | 12 ----- libexec/tftp-proxy/Makefile | 9 ++++ sbin/pfctl/Makefile | 2 + sys/conf/files | 16 +++--- sys/contrib/altq/altq/altq_cbq.c | 6 +-- sys/contrib/altq/altq/altq_hfsc.c | 6 +-- sys/contrib/altq/altq/altq_priq.c | 6 +-- sys/contrib/altq/altq/altq_red.c | 10 ++-- sys/contrib/pf/net/pf_mtag.h | 82 +++++++++++++++++++++++++++++++ sys/modules/ipfw/Makefile | 1 + sys/modules/pf/Makefile | 6 +++ sys/net/if_ethersubr.c | 4 +- sys/netinet/ip_fw2.c | 14 +++--- sys/netinet6/in6.h | 5 ++ sys/sys/mbuf.h | 6 +-- usr.sbin/Makefile | 5 ++ usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c | 51 ++++++++++--------- usr.sbin/ftp-proxy/Makefile | 5 ++ usr.sbin/ftp-proxy/Makefile.inc | 5 ++ usr.sbin/ftp-proxy/ftp-proxy/Makefile | 18 +++++++ usr.sbin/ftp-proxy/libevent/Makefile | 25 ++++++++++ 22 files changed, 222 insertions(+), 76 deletions(-) delete mode 100644 libexec/ftp-proxy/Makefile create mode 100644 libexec/tftp-proxy/Makefile create mode 100644 sys/contrib/pf/net/pf_mtag.h create mode 100644 usr.sbin/ftp-proxy/Makefile create mode 100644 usr.sbin/ftp-proxy/Makefile.inc create mode 100644 usr.sbin/ftp-proxy/ftp-proxy/Makefile create mode 100644 usr.sbin/ftp-proxy/libevent/Makefile diff --git a/libexec/Makefile b/libexec/Makefile index 6d25b58..6a32d10 100644 --- a/libexec/Makefile +++ b/libexec/Makefile @@ -8,7 +8,6 @@ SUBDIR= atrun \ comsat \ fingerd \ ftpd \ - ${_ftp-proxy} \ getty \ lukemftpd \ ${_mail.local} \ @@ -32,6 +31,7 @@ SUBDIR= atrun \ tcpd \ telnetd \ tftpd \ + ${_tftp-proxy} \ ${_ypxfr} .if ${MK_NIS} != "no" @@ -40,7 +40,7 @@ _ypxfr= ypxfr .endif .if ${MK_PF} != "no" -_ftp-proxy= ftp-proxy +_tftp-proxy= tftp-proxy .endif .if !defined(NO_PIC) diff --git a/libexec/ftp-proxy/Makefile b/libexec/ftp-proxy/Makefile deleted file mode 100644 index e229001..0000000 --- a/libexec/ftp-proxy/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -# $FreeBSD$ - -.PATH: ${.CURDIR}/../../contrib/pf/ftp-proxy - -PROG= ftp-proxy -MAN= ftp-proxy.8 - -SRCS= ftp-proxy.c getline.c util.c - -WARNS?= 2 - -.include diff --git a/libexec/tftp-proxy/Makefile b/libexec/tftp-proxy/Makefile new file mode 100644 index 0000000..45d8068 --- /dev/null +++ b/libexec/tftp-proxy/Makefile @@ -0,0 +1,9 @@ +# $FreeBSD$ + +.PATH: ${.CURDIR}/../../contrib/pf/tftp-proxy + +PROG= tftp-proxy +SRCS= tftp-proxy.c filter.c +MAN= tftp-proxy.8 + +.include diff --git a/sbin/pfctl/Makefile b/sbin/pfctl/Makefile index 2c972eb..ee57051 100644 --- a/sbin/pfctl/Makefile +++ b/sbin/pfctl/Makefile @@ -1,6 +1,7 @@ # $FreeBSD$ .PATH: ${.CURDIR}/../../contrib/pf/pfctl +.PATH: ${.CURDIR}/../../sys/contrib/pf/net .PATH: ${.CURDIR}/../../contrib/pf/man PROG= pfctl @@ -9,6 +10,7 @@ MAN= pfctl.8 pf.4 pflog.4 pfsync.4 pf.conf.5 pf.os.5 SRCS = pfctl.c parse.y pfctl_parser.c pf_print_state.c pfctl_altq.c SRCS+= pfctl_osfp.c pfctl_radix.c pfctl_table.c pfctl_qstats.c SRCS+= pfctl_optimize.c +SRCS+= pf_ruleset.c CFLAGS+= -Wall -Wmissing-prototypes -Wno-uninitialized CFLAGS+= -Wstrict-prototypes -I${.CURDIR}/../../contrib/pf/pfctl diff --git a/sys/conf/files b/sys/conf/files index 9826f2c..d8a4f42 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -327,16 +327,18 @@ contrib/pf/net/pf.c optional pf \ compile-with "${NORMAL_C} -I$S/contrib/pf" contrib/pf/net/pf_if.c optional pf \ compile-with "${NORMAL_C} -I$S/contrib/pf" -contrib/pf/net/pf_subr.c optional pf \ - compile-with "${NORMAL_C} -I$S/contrib/pf" contrib/pf/net/pf_ioctl.c optional pf \ compile-with "${NORMAL_C} -I$S/contrib/pf" contrib/pf/net/pf_norm.c optional pf \ compile-with "${NORMAL_C} -I$S/contrib/pf" -contrib/pf/net/pf_table.c optional pf \ - compile-with "${NORMAL_C} -I$S/contrib/pf" contrib/pf/net/pf_osfp.c optional pf \ compile-with "${NORMAL_C} -I$S/contrib/pf" +contrib/pf/net/pf_ruleset.c optional pf \ + compile-with "${NORMAL_C} -I$S/contrib/pf" +contrib/pf/net/pf_subr.c optional pf \ + compile-with "${NORMAL_C} -I$S/contrib/pf" +contrib/pf/net/pf_table.c optional pf \ + compile-with "${NORMAL_C} -I$S/contrib/pf" contrib/pf/netinet/in4_cksum.c optional pf inet crypto/blowfish/bf_ecb.c optional ipsec crypto/blowfish/bf_skey.c optional crypto | ipsec @@ -1584,7 +1586,8 @@ net/if_disc.c optional disc net/if_edsc.c optional edsc net/if_ef.c optional ef net/if_enc.c optional enc -net/if_ethersubr.c optional ether +net/if_ethersubr.c optional ether \ + compile-with "${NORMAL_C} -I$S/contrib/pf" net/if_faith.c optional faith net/if_fddisubr.c optional fddi net/if_fwsubr.c optional fwip @@ -1825,7 +1828,8 @@ netinet/ip_dummynet.c optional dummynet netinet/ip_ecn.c optional inet | inet6 netinet/ip_encap.c optional inet | inet6 netinet/ip_fastfwd.c optional inet -netinet/ip_fw2.c optional ipfirewall +netinet/ip_fw2.c optional ipfirewall \ + compile-with "${NORMAL_C} -I$S/contrib/pf" netinet/ip_fw_pfil.c optional ipfirewall netinet/ip_icmp.c optional inet netinet/ip_input.c optional inet diff --git a/sys/contrib/altq/altq/altq_cbq.c b/sys/contrib/altq/altq/altq_cbq.c index aafa5c8..7cdfb40 100644 --- a/sys/contrib/altq/altq/altq_cbq.c +++ b/sys/contrib/altq/altq/altq_cbq.c @@ -500,7 +500,7 @@ cbq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) { cbq_state_t *cbqp = (cbq_state_t *)ifq->altq_disc; struct rm_class *cl; - struct m_tag *t; + struct pf_mtag *t; int len; IFQ_LOCK_ASSERT(ifq); @@ -520,8 +520,8 @@ cbq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) return (ENOBUFS); } cl = NULL; - if ((t = m_tag_find(m, PACKET_TAG_PF_QID, NULL)) != NULL) - cl = clh_to_clp(cbqp, ((struct altq_tag *)(t+1))->qid); + if ((t = pf_find_mtag(m)) != NULL) + cl = clh_to_clp(cbqp, t->qid); #ifdef ALTQ3_COMPAT else if ((ifq->altq_flags & ALTQF_CLASSIFY) && pktattr != NULL) cl = pktattr->pattr_class; diff --git a/sys/contrib/altq/altq/altq_hfsc.c b/sys/contrib/altq/altq/altq_hfsc.c index 8fea4dd..bf7a4f0 100644 --- a/sys/contrib/altq/altq/altq_hfsc.c +++ b/sys/contrib/altq/altq/altq_hfsc.c @@ -693,7 +693,7 @@ hfsc_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) { struct hfsc_if *hif = (struct hfsc_if *)ifq->altq_disc; struct hfsc_class *cl; - struct m_tag *t; + struct pf_mtag *t; int len; IFQ_LOCK_ASSERT(ifq); @@ -713,8 +713,8 @@ hfsc_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) return (ENOBUFS); } cl = NULL; - if ((t = m_tag_find(m, PACKET_TAG_PF_QID, NULL)) != NULL) - cl = clh_to_clp(hif, ((struct altq_tag *)(t+1))->qid); + if ((t = pf_find_mtag(m)) != NULL) + cl = clh_to_clp(hif, t->qid); #ifdef ALTQ3_COMPAT else if ((ifq->altq_flags & ALTQF_CLASSIFY) && pktattr != NULL) cl = pktattr->pattr_class; diff --git a/sys/contrib/altq/altq/altq_priq.c b/sys/contrib/altq/altq/altq_priq.c index 28b0ddb..ec789c5a 100644 --- a/sys/contrib/altq/altq/altq_priq.c +++ b/sys/contrib/altq/altq/altq_priq.c @@ -461,7 +461,7 @@ priq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) { struct priq_if *pif = (struct priq_if *)ifq->altq_disc; struct priq_class *cl; - struct m_tag *t; + struct pf_mtag *t; int len; IFQ_LOCK_ASSERT(ifq); @@ -481,8 +481,8 @@ priq_enqueue(struct ifaltq *ifq, struct mbuf *m, struct altq_pktattr *pktattr) return (ENOBUFS); } cl = NULL; - if ((t = m_tag_find(m, PACKET_TAG_PF_QID, NULL)) != NULL) - cl = clh_to_clp(pif, ((struct altq_tag *)(t+1))->qid); + if ((t = pf_find_mtag(m)) != NULL) + cl = clh_to_clp(pif, t->qid); #ifdef ALTQ3_COMPAT else if ((ifq->altq_flags & ALTQF_CLASSIFY) && pktattr != NULL) cl = pktattr->pattr_class; diff --git a/sys/contrib/altq/altq/altq_red.c b/sys/contrib/altq/altq/altq_red.c index 6010033..f6b7e31 100644 --- a/sys/contrib/altq/altq/altq_red.c +++ b/sys/contrib/altq/altq/altq_red.c @@ -514,16 +514,12 @@ int mark_ecn(struct mbuf *m, struct altq_pktattr *pktattr, int flags) { struct mbuf *m0; - struct m_tag *t; - struct altq_tag *at; + struct pf_mtag *at; void *hdr; int af; - t = m_tag_find(m, PACKET_TAG_PF_QID, NULL); - if (t != NULL) { - at = (struct altq_tag *)(t + 1); - if (at == NULL) - return (0); + at = pf_find_mtag(m); + if (at != NULL) { af = at->af; hdr = at->hdr; #ifdef ALTQ3_COMPAT diff --git a/sys/contrib/pf/net/pf_mtag.h b/sys/contrib/pf/net/pf_mtag.h new file mode 100644 index 0000000..a0ebf7e --- /dev/null +++ b/sys/contrib/pf/net/pf_mtag.h @@ -0,0 +1,82 @@ +/* $FreeBSD$ */ +/* + * Copyright (c) 2001 Daniel Hartmeier + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef _NET_PF_MTAG_H_ +#define _NET_PF_MTAG_H_ + +#ifdef _KERNEL + +#define PF_TAG_GENERATED 0x01 +#define PF_TAG_FRAGCACHE 0x02 +#define PF_TAG_TRANSLATE_LOCALHOST 0x04 + +struct pf_mtag { + void *hdr; /* saved hdr pos in mbuf, for ECN */ + u_int rtableid; /* alternate routing table id */ + u_int32_t qid; /* queue id */ + u_int16_t tag; /* tag id */ + u_int8_t flags; + u_int8_t routed; + sa_family_t af; /* for ECN */ +}; + +static __inline struct pf_mtag *pf_find_mtag(struct mbuf *); +static __inline struct pf_mtag *pf_get_mtag(struct mbuf *); + +static __inline struct pf_mtag * +pf_find_mtag(struct mbuf *m) +{ + struct m_tag *mtag; + + if ((mtag = m_tag_find(m, PACKET_TAG_PF, NULL)) == NULL) + return (NULL); + + return ((struct pf_mtag *)(mtag + 1)); +} + +static __inline struct pf_mtag * +pf_get_mtag(struct mbuf *m) +{ + struct m_tag *mtag; + + if ((mtag = m_tag_find(m, PACKET_TAG_PF, NULL)) == NULL) { + mtag = m_tag_get(PACKET_TAG_PF, sizeof(struct pf_mtag), + M_NOWAIT); + if (mtag == NULL) + return (NULL); + bzero(mtag + 1, sizeof(struct pf_mtag)); + m_tag_prepend(m, mtag); + } + + return ((struct pf_mtag *)(mtag + 1)); +} +#endif /* _KERNEL */ +#endif /* _NET_PF_MTAG_H_ */ diff --git a/sys/modules/ipfw/Makefile b/sys/modules/ipfw/Makefile index 92bad75..e208e1d 100644 --- a/sys/modules/ipfw/Makefile +++ b/sys/modules/ipfw/Makefile @@ -9,6 +9,7 @@ SRCS= ip_fw2.c ip_fw_pfil.c SRCS+= opt_inet6.h opt_ipsec.h opt_mac.h CFLAGS+= -DIPFIREWALL +CFLAGS+= -I${.CURDIR}/../../contrib/pf # #If you want it verbose #CFLAGS+= -DIPFIREWALL_VERBOSE diff --git a/sys/modules/pf/Makefile b/sys/modules/pf/Makefile index 4c29a0b..ce67414 100644 --- a/sys/modules/pf/Makefile +++ b/sys/modules/pf/Makefile @@ -7,6 +7,7 @@ KMOD= pf SRCS = pf.c pf_if.c pf_subr.c pf_osfp.c pf_ioctl.c pf_norm.c pf_table.c \ + pf_ruleset.c \ in4_cksum.c \ opt_pf.h opt_inet.h opt_inet6.h opt_bpf.h opt_mac.h @@ -23,6 +24,11 @@ opt_inet6.h: opt_bpf.h: echo "#define DEV_BPF 1" > opt_bpf.h + +# pflog can be loaded as a module, have the additional checks turned on +opt_pf.h: + echo "#define DEV_PF 1" > opt_pf.h + echo "#define DEF_PFLOG 1" >> opt_pf.h .endif .include diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index 29014fa..7c8eb25 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -60,6 +60,7 @@ #include #include #include +#include #if defined(INET) || defined(INET6) #include @@ -151,6 +152,7 @@ ether_output(struct ifnet *ifp, struct mbuf *m, int error, hdrcmplt = 0; u_char esrc[ETHER_ADDR_LEN], edst[ETHER_ADDR_LEN]; struct ether_header *eh; + struct pf_mtag *t; int loop_copy = 1; int hlen; /* link layer header length */ @@ -301,7 +303,7 @@ ether_output(struct ifnet *ifp, struct mbuf *m, * reasons and compatibility with the original behavior. */ if ((ifp->if_flags & IFF_SIMPLEX) && loop_copy && - m_tag_find(m, PACKET_TAG_PF_ROUTED, NULL) == NULL) { + ((t = pf_find_mtag(m)) == NULL || !t->routed)) { int csum_flags = 0; if (m->m_pkthdr.csum_flags & CSUM_IP) diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c index 72c11ac..e53e2e8 100644 --- a/sys/netinet/ip_fw2.c +++ b/sys/netinet/ip_fw2.c @@ -66,6 +66,7 @@ #include #include #include +#include #include #include #include @@ -3058,24 +3059,21 @@ check_body: break; case O_ALTQ: { - struct altq_tag *at; + struct pf_mtag *at; ipfw_insn_altq *altq = (ipfw_insn_altq *)cmd; match = 1; - mtag = m_tag_find(m, PACKET_TAG_PF_QID, NULL); - if (mtag != NULL) + at = pf_find_mtag(m); + if (at != NULL && at->qid != 0) break; - mtag = m_tag_get(PACKET_TAG_PF_QID, - sizeof(struct altq_tag), - M_NOWAIT); - if (mtag == NULL) { + at = pf_get_mtag(m); + if (at == NULL) { /* * Let the packet fall back to the * default ALTQ. */ break; } - at = (struct altq_tag *)(mtag+1); at->qid = altq->qid; if (is_ipv4) at->af = AF_INET; diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h index 12c9fb4..715b6f4 100644 --- a/sys/netinet6/in6.h +++ b/sys/netinet6/in6.h @@ -350,6 +350,11 @@ extern const struct in6_addr in6addr_linklocal_allrouters; #define IN6_IS_SCOPE_LINKLOCAL(a) \ ((IN6_IS_ADDR_LINKLOCAL(a)) || \ (IN6_IS_ADDR_MC_LINKLOCAL(a))) +#define IN6_IS_SCOPE_EMBED(a) \ + ((IN6_IS_ADDR_LINKLOCAL(a)) || \ + (IN6_IS_ADDR_MC_LINKLOCAL(a)) || \ + (IN6_IS_ADDR_MC_INTFACELOCAL(a))) + #define IFA6_IS_DEPRECATED(a) \ ((a)->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME && \ diff --git a/sys/sys/mbuf.h b/sys/sys/mbuf.h index 10e7915..bff95b5 100644 --- a/sys/sys/mbuf.h +++ b/sys/sys/mbuf.h @@ -833,12 +833,8 @@ struct mbuf *m_unshare(struct mbuf *, int how); #define PACKET_TAG_DIVERT 17 /* divert info */ #define PACKET_TAG_IPFORWARD 18 /* ipforward info */ #define PACKET_TAG_MACLABEL (19 | MTAG_PERSISTENT) /* MAC label */ -#define PACKET_TAG_PF_ROUTED 21 /* PF routed, avoid loops */ -#define PACKET_TAG_PF_FRAGCACHE 22 /* PF fragment cached */ -#define PACKET_TAG_PF_QID 23 /* PF ALTQ queue id */ -#define PACKET_TAG_PF_TAG 24 /* PF tagged */ +#define PACKET_TAG_PF 21 /* PF + ALTQ information */ #define PACKET_TAG_RTSOCKFAM 25 /* rtsock sa family */ -#define PACKET_TAG_PF_TRANSLATE_LOCALHOST 26 /* PF translate localhost */ #define PACKET_TAG_IPOPTIONS 27 /* Saved IP options */ #define PACKET_TAG_CARP 28 /* CARP info */ diff --git a/usr.sbin/Makefile b/usr.sbin/Makefile index 6beb157..aabfac2 100644 --- a/usr.sbin/Makefile +++ b/usr.sbin/Makefile @@ -56,6 +56,7 @@ SUBDIR= ac \ fdwrite \ flowctl \ freebsd-update \ + ${_ftp-proxy} \ fwcontrol \ getfmac \ getpmac \ @@ -228,6 +229,10 @@ _bluetooth= bluetooth _keyserv= keyserv .endif +.if ${MK_PF} != "no" +_ftp-proxy= ftp-proxy +.endif + .if ${MK_INET6} != "no" _faithd= faithd _ip6addrctl= ip6addrctl diff --git a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c index 226394f..e12e283 100644 --- a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c +++ b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c @@ -60,7 +60,7 @@ enum { PASS, BLOCK }; #define PFI_IFTYPE_DETACHED 2 struct pfi_entry { - struct pfi_if pfi; + struct pfi_kif pfi; u_int index; TAILQ_ENTRY(pfi_entry) link; }; @@ -544,83 +544,83 @@ pf_iftable(struct snmp_context __unused *ctx, struct snmp_value *val, switch (which) { case LEAF_pfInterfacesIfDescr: - return (string_get(val, e->pfi.pfif_name, -1)); + return (string_get(val, e->pfi.pfik_name, -1)); case LEAF_pfInterfacesIfType: val->v.integer = PFI_IFTYPE_INSTANCE; break; case LEAF_pfInterfacesIfTZero: val->v.uint32 = - (time(NULL) - e->pfi.pfif_tzero) * 100; + (time(NULL) - e->pfi.pfik_tzero) * 100; break; case LEAF_pfInterfacesIfRefsState: - val->v.uint32 = e->pfi.pfif_states; + val->v.uint32 = e->pfi.pfik_states; break; case LEAF_pfInterfacesIfRefsRule: - val->v.uint32 = e->pfi.pfif_rules; + val->v.uint32 = e->pfi.pfik_rules; break; case LEAF_pfInterfacesIf4BytesInPass: val->v.counter64 = - e->pfi.pfif_bytes[IPV4][IN][PASS]; + e->pfi.pfik_bytes[IPV4][IN][PASS]; break; case LEAF_pfInterfacesIf4BytesInBlock: val->v.counter64 = - e->pfi.pfif_bytes[IPV4][IN][BLOCK]; + e->pfi.pfik_bytes[IPV4][IN][BLOCK]; break; case LEAF_pfInterfacesIf4BytesOutPass: val->v.counter64 = - e->pfi.pfif_bytes[IPV4][OUT][PASS]; + e->pfi.pfik_bytes[IPV4][OUT][PASS]; break; case LEAF_pfInterfacesIf4BytesOutBlock: val->v.counter64 = - e->pfi.pfif_bytes[IPV4][OUT][BLOCK]; + e->pfi.pfik_bytes[IPV4][OUT][BLOCK]; break; case LEAF_pfInterfacesIf4PktsInPass: val->v.counter64 = - e->pfi.pfif_packets[IPV4][IN][PASS]; + e->pfi.pfik_packets[IPV4][IN][PASS]; break; case LEAF_pfInterfacesIf4PktsInBlock: val->v.counter64 = - e->pfi.pfif_packets[IPV4][IN][BLOCK]; + e->pfi.pfik_packets[IPV4][IN][BLOCK]; break; case LEAF_pfInterfacesIf4PktsOutPass: val->v.counter64 = - e->pfi.pfif_packets[IPV4][OUT][PASS]; + e->pfi.pfik_packets[IPV4][OUT][PASS]; break; case LEAF_pfInterfacesIf4PktsOutBlock: val->v.counter64 = - e->pfi.pfif_packets[IPV4][OUT][BLOCK]; + e->pfi.pfik_packets[IPV4][OUT][BLOCK]; break; case LEAF_pfInterfacesIf6BytesInPass: val->v.counter64 = - e->pfi.pfif_bytes[IPV6][IN][PASS]; + e->pfi.pfik_bytes[IPV6][IN][PASS]; break; case LEAF_pfInterfacesIf6BytesInBlock: val->v.counter64 = - e->pfi.pfif_bytes[IPV6][IN][BLOCK]; + e->pfi.pfik_bytes[IPV6][IN][BLOCK]; break; case LEAF_pfInterfacesIf6BytesOutPass: val->v.counter64 = - e->pfi.pfif_bytes[IPV6][OUT][PASS]; + e->pfi.pfik_bytes[IPV6][OUT][PASS]; break; case LEAF_pfInterfacesIf6BytesOutBlock: val->v.counter64 = - e->pfi.pfif_bytes[IPV6][OUT][BLOCK]; + e->pfi.pfik_bytes[IPV6][OUT][BLOCK]; break; case LEAF_pfInterfacesIf6PktsInPass: val->v.counter64 = - e->pfi.pfif_packets[IPV6][IN][PASS]; + e->pfi.pfik_packets[IPV6][IN][PASS]; break; case LEAF_pfInterfacesIf6PktsInBlock: val->v.counter64 = - e->pfi.pfif_packets[IPV6][IN][BLOCK]; + e->pfi.pfik_packets[IPV6][IN][BLOCK]; break; case LEAF_pfInterfacesIf6PktsOutPass: val->v.counter64 = - e->pfi.pfif_packets[IPV6][OUT][PASS]; + e->pfi.pfik_packets[IPV6][OUT][PASS]; break; case LEAF_pfInterfacesIf6PktsOutBlock: val->v.counter64 = - e->pfi.pfif_packets[IPV6][OUT][BLOCK]; + e->pfi.pfik_packets[IPV6][OUT][BLOCK]; break; default: @@ -911,7 +911,7 @@ static int pfi_refresh(void) { struct pfioc_iface io; - struct pfi_if *p = NULL; + struct pfi_kif *p = NULL; struct pfi_entry *e; int i, numifs = 1; @@ -925,11 +925,10 @@ pfi_refresh(void) } bzero(&io, sizeof(io)); - io.pfiio_flags = PFI_FLAG_INSTANCE; - io.pfiio_esize = sizeof(struct pfi_if); + io.pfiio_esize = sizeof(struct pfi_kif); for (;;) { - p = reallocf(p, numifs * sizeof(struct pfi_if)); + p = reallocf(p, numifs * sizeof(struct pfi_kif)); if (p == NULL) { syslog(LOG_ERR, "pfi_refresh(): reallocf() numifs=%d: %s", numifs, strerror(errno)); @@ -955,7 +954,7 @@ pfi_refresh(void) if (e == NULL) goto err1; e->index = i + 1; - memcpy(&e->pfi, p+i, sizeof(struct pfi_if)); + memcpy(&e->pfi, p+i, sizeof(struct pfi_kif)); TAILQ_INSERT_TAIL(&pfi_table, e, link); } diff --git a/usr.sbin/ftp-proxy/Makefile b/usr.sbin/ftp-proxy/Makefile new file mode 100644 index 0000000..67660c8 --- /dev/null +++ b/usr.sbin/ftp-proxy/Makefile @@ -0,0 +1,5 @@ +# $FreeBSD$ + +SUBDIR= libevent ftp-proxy + +.include diff --git a/usr.sbin/ftp-proxy/Makefile.inc b/usr.sbin/ftp-proxy/Makefile.inc new file mode 100644 index 0000000..5abb7c0 --- /dev/null +++ b/usr.sbin/ftp-proxy/Makefile.inc @@ -0,0 +1,5 @@ +# $FreeBSD$ + +LIBEVENT= ${.OBJDIR}/../libevent/libevent.a + +.include "../Makefile.inc" \ No newline at end of file diff --git a/usr.sbin/ftp-proxy/ftp-proxy/Makefile b/usr.sbin/ftp-proxy/ftp-proxy/Makefile new file mode 100644 index 0000000..773c25d --- /dev/null +++ b/usr.sbin/ftp-proxy/ftp-proxy/Makefile @@ -0,0 +1,18 @@ +# $FreeBSD$ + +.PATH: ${.CURDIR}/../../../contrib/pf/ftp-proxy + +PROG= ftp-proxy +MAN= ftp-proxy.8 + +SRCS= ftp-proxy.c filter.c + +CFLAGS+= -I${.CURDIR}/../../../contrib/pf/libevent +CFLAGS+= -I${.CURDIR}/../../../sys/contrib/pf + +DPADD= ${LIBEVENT} +LDADD= ${LIBEVENT} + +WARNS?= 2 + +.include diff --git a/usr.sbin/ftp-proxy/libevent/Makefile b/usr.sbin/ftp-proxy/libevent/Makefile new file mode 100644 index 0000000..acc546f --- /dev/null +++ b/usr.sbin/ftp-proxy/libevent/Makefile @@ -0,0 +1,25 @@ +# $FreeBSD$ + +.PATH: ${.CURDIR}/../../../contrib/pf/libevent + + +LIB= event +INTERNALLIB=yes +SRCS= buffer.c evbuffer.c event.c kqueue.c log.c poll.c select.c signal.c +HDRS= event.h + +CFLAGS+= -I${.CURDIR} \ + -DHAVE_CLOCK_GETTIME \ + -DHAVE_FCNTL_H \ + -DHAVE_POLL \ + -DHAVE_SELECT \ + -DHAVE_SETFD \ + -DHAVE_STDARG_H \ + -DHAVE_SYS_IOCTL_H \ + -DHAVE_SYS_TIME_H \ + -DHAVE_UNISTD_H \ + -DHAVE_VASPRINTF \ + -DHAVE_WORKING_KQUEUE \ + -DVERSION='"1.3b"' + +.include -- cgit v1.1