Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/dist/ipf Pull up revision 1.2 (requested by martti):
details: https://anonhg.NetBSD.org/src/rev/96dc201d97db
branches: netbsd-1-5
changeset: 492674:96dc201d97db
user: he <he%NetBSD.org@localhost>
date: Sat Feb 09 16:55:12 2002 +0000
description:
Pull up revision 1.2 (requested by martti):
Updated IPFilter to 3.4.23
diffstat:
dist/ipf/IMPORTANT | 35 -----------------------------------
dist/ipf/etc/protocols | 10 ++++++++--
dist/ipf/etc/services | 1 +
dist/ipf/iplang/iplang.h | 6 ++----
dist/ipf/ipsd/ipsd.c | 8 +++-----
dist/ipf/ipsd/ipsd.h | 6 ++----
dist/ipf/ipsd/ipsdr.c | 8 +++-----
dist/ipf/ipsd/linux.h | 6 ++----
dist/ipf/ipsd/sbpf.c | 6 ++----
dist/ipf/ipsd/sdlpi.c | 6 ++----
dist/ipf/ipsd/slinux.c | 6 ++----
dist/ipf/ipsd/snit.c | 6 ++----
dist/ipf/ipsend/44arp.c | 4 ++--
dist/ipf/ipsend/arp.c | 15 +++++++--------
dist/ipf/ipsend/hpux.c | 6 ++----
dist/ipf/ipsend/ipresend.c | 15 +++++++--------
dist/ipf/ipsend/ipsend.h | 14 ++++++++------
dist/ipf/ipsend/ipsopt.c | 20 +++++---------------
dist/ipf/ipsend/iptests.c | 32 ++++++++++++++++----------------
dist/ipf/ipsend/larp.c | 8 +++-----
dist/ipf/ipsend/linux.h | 6 ++----
dist/ipf/ipsend/lsock.c | 8 +++-----
dist/ipf/ipsend/sbpf.c | 10 +++++-----
dist/ipf/ipsend/sdlpi.c | 11 +++++------
dist/ipf/ipsend/sirix.c | 6 ++----
dist/ipf/ipsend/slinux.c | 8 +++-----
dist/ipf/ipsend/snit.c | 8 +++-----
dist/ipf/ipsend/ultrix.c | 6 ++----
dist/ipf/man/ipnat.4 | 8 +++++---
dist/ipf/mkfilters | 2 +-
dist/ipf/rules/BASIC.NAT | 11 ++++++-----
dist/ipf/samples/Makefile | 18 +++++++++++++++---
dist/ipf/test/input/f13 | 4 ++++
33 files changed, 135 insertions(+), 189 deletions(-)
diffs (truncated from 862 to 300 lines):
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/IMPORTANT
--- a/dist/ipf/IMPORTANT Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/IMPORTANT Sat Feb 09 16:55:12 2002 +0000
@@ -3,41 +3,6 @@
****************************************
1)
-If you're using this software and have a rule which ends like this:
-
-flags S
-
-(for TCP), then to make it totally effective, you need to change it to appear
-as follows:
-
-flags S/SA
-
-The problem is that the old code would compare all the TCP flags against the
-rule (which just has "S") to see if that matched exactly. It is very possible
-for this to not be the case and in these cases, the rule would fail to match
-a 'valid' TCP SYN packet.
-
-Why does it need to be "S/SA" and not "S/S" ?
-
-"S/S" will match the SYN-ACK as well the SYN.
-
-By defalt, "flags S" will now be converted to "flags S/AUPRFS".
-
-If you have any queries regarding this, see the examples and ipf(4).
-If you still have a query or suggestion, please email me.
-
-
-2)
-
-If a filter rule used, in combination port comparisons and the flags
-keywords, a "short" TCP packet, if not explicitly blocked high up in
-the list of packets, would actually get matched even though it would
-otherwise not have been (due to the ports not). This behaviour has
-subsequently been fixed.
-
-
-3)
-
If you have BOTH GNU make and the normal make shipped with your system,
DO NOT use the GNU make to build this package.
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/etc/protocols
--- a/dist/ipf/etc/protocols Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/etc/protocols Sat Feb 09 16:55:12 2002 +0000
@@ -47,11 +47,15 @@
gre 47 GRE # General Routing Encapsulation
mhrp 48 MHRP # Mobile Host Routing Protocol
bna 49 BNA # BNA
-sipp-esp 50 SIPP-ESP # SIPP Encap Security Payload
-sipp-ah 51 SIPP-AH # SIPP Authentication Header
+esp 50 esp # Encap Security Payload
+ah 51 AH # Authentication Header
i-nlsp 52 I-NLSP # Integrated Net Layer Security TUBA
swipe 53 SWIPE # IP with Encryption
nhrp 54 NHRP # NBMA Next Hop Resolution Protocol
+mobile 55 MOBILE # IP Mobility (IP tunneling)
+ipv6-icmp 58 icmpv6 IPv6-ICMP ICMPv6 # ICMP version 6
+ipv6-nonxt 59 IPv6-Nonxt # No Next Header for IPv6
+ipv6-opts 60 IPv6-Opts # Destination Options for IPv6
any 61 any # host internal protocol
cftp 62 CFTP # CFTP
any 63 any # local network
@@ -92,4 +96,6 @@
encap 98 ENCAP # Encapsulation Header
any 99 any # private encryption scheme
gmtp 100 GMTP # GMTP
+pim 103 PIM # Protocol Independant Multicast
+ipcomp 108 IPCOMP # IP Payload Compression Protocol
reserved 255 Reserved #
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/etc/services
--- a/dist/ipf/etc/services Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/etc/services Sat Feb 09 16:55:12 2002 +0000
@@ -2360,6 +2360,7 @@
dpserveadmin 7021/tcp # DP Serve Admin
dpserveadmin 7021/udp # DP Serve Admin
arcp 7070/tcp # ARCP
+raudio 7070/tcp # Real Audio
arcp 7070/udp # ARCP
clutild 7174/tcp # Clutild
clutild 7174/udp # Clutild
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/iplang/iplang.h
--- a/dist/ipf/iplang/iplang.h Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/iplang/iplang.h Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: iplang.h,v 1.1.1.1 1999/12/11 22:24:06 veego Exp $ */
+/* $NetBSD: iplang.h,v 1.1.1.1.8.1 2002/02/09 16:55:13 he Exp $ */
/*
* Copyright (C) 1997-1998 by Darren Reed.
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*/
typedef struct iface {
int if_MTU;
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/ipsd.c
--- a/dist/ipf/ipsd/ipsd.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/ipsd.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: ipsd.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: ipsd.c,v 1.1.1.1.8.1 2002/02/09 16:55:13 he Exp $ */
/*
* (C)opyright 1995-1998 Darren Reed.
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
* The author of this software makes no garuntee about the
* performance of this package or its suitability to fulfill any purpose.
@@ -39,7 +37,7 @@
#ifndef lint
static const char sccsid[] = "@(#)ipsd.c 1.3 12/3/95 (C)1995 Darren Reed";
-static const char rcsid[] = "@(#)Id: ipsd.c,v 2.1 1999/08/04 17:30:56 darrenr Exp";
+static const char rcsid[] = "@(#)Id: ipsd.c,v 2.1.4.1 2001/06/26 10:43:21 darrenr Exp";
#endif
extern char *optarg;
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/ipsd.h
--- a/dist/ipf/ipsd/ipsd.h Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/ipsd.h Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: ipsd.h,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: ipsd.h,v 1.1.1.1.8.1 2002/02/09 16:55:13 he Exp $ */
/*
* (C)opyright 1995-1998 Darren Reed.
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
* The author of this software makes no garuntee about the
* performance of this package or its suitability to fulfill any purpose.
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/ipsdr.c
--- a/dist/ipf/ipsd/ipsdr.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/ipsdr.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: ipsdr.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: ipsdr.c,v 1.1.1.1.8.1 2002/02/09 16:55:13 he Exp $ */
/*
* (C)opyright 1995-1998 Darren Reed.
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
* The author of this software makes no garuntee about the
* performance of this package or its suitability to fulfill any purpose.
@@ -40,7 +38,7 @@
#ifndef lint
static const char sccsid[] = "@(#)ipsdr.c 1.3 12/3/95 (C)1995 Darren Reed";
-static const char rcsid[] = "@(#)Id: ipsdr.c,v 2.1 1999/08/04 17:30:57 darrenr Exp";
+static const char rcsid[] = "@(#)Id: ipsdr.c,v 2.1.4.1 2001/06/26 10:43:21 darrenr Exp";
#endif
extern char *optarg;
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/linux.h
--- a/dist/ipf/ipsd/linux.h Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/linux.h Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: linux.h,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: linux.h,v 1.1.1.1.8.1 2002/02/09 16:55:13 he Exp $ */
/*
* Copyright (C) 1997-1998 by Darren Reed.
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
* @(#)linux.h 1.1 8/19/95
*/
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/sbpf.c
--- a/dist/ipf/ipsd/sbpf.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/sbpf.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: sbpf.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: sbpf.c,v 1.1.1.1.8.1 2002/02/09 16:55:13 he Exp $ */
/*
* (C)opyright 1995-1998 Darren Reed. (from tcplog)
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
*/
#include <stdio.h>
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/sdlpi.c
--- a/dist/ipf/ipsd/sdlpi.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/sdlpi.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: sdlpi.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: sdlpi.c,v 1.1.1.1.8.1 2002/02/09 16:55:14 he Exp $ */
/*
* (C)opyright 1992-1998 Darren Reed. (from tcplog)
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
*/
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/slinux.c
--- a/dist/ipf/ipsd/slinux.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/slinux.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: slinux.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: slinux.c,v 1.1.1.1.8.1 2002/02/09 16:55:14 he Exp $ */
/*
* (C)opyright 1992-1998 Darren Reed. (from tcplog)
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
* The author of this software makes no garuntee about the
* performance of this package or its suitability to fulfill any purpose.
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsd/snit.c
--- a/dist/ipf/ipsd/snit.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsd/snit.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,11 +1,9 @@
-/* $NetBSD: snit.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: snit.c,v 1.1.1.1.8.1 2002/02/09 16:55:14 he Exp $ */
/*
* (C)opyright 1992-1998 Darren Reed. (from tcplog)
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*
* The author of this software makes no garuntee about the
* performance of this package or its suitability to fulfill any purpose.
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsend/44arp.c
--- a/dist/ipf/ipsend/44arp.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsend/44arp.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: 44arp.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: 44arp.c,v 1.1.1.1.8.1 2002/02/09 16:55:14 he Exp $ */
/*
* Based upon 4.4BSD's /usr/sbin/arp
@@ -69,7 +69,7 @@
struct sockaddr_dl *sdl;
#ifdef IPSEND
- if (arp_getipv4(ip, ether) == 0)
+ if (arp_getipv4(addr, ether) == 0)
return 0;
#endif
diff -r 8d222fef4e6b -r 96dc201d97db dist/ipf/ipsend/arp.c
--- a/dist/ipf/ipsend/arp.c Sat Feb 09 16:55:08 2002 +0000
+++ b/dist/ipf/ipsend/arp.c Sat Feb 09 16:55:12 2002 +0000
@@ -1,16 +1,10 @@
-/* $NetBSD: arp.c,v 1.1.1.1 1999/12/11 22:24:07 veego Exp $ */
+/* $NetBSD: arp.c,v 1.1.1.1.8.1 2002/02/09 16:55:14 he Exp $ */
/*
* arp.c (C) 1995-1998 Darren Reed
*
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and due credit is given
- * to the original author and the contributors.
+ * See the IPFILTER.LICENCE file for details on licencing.
*/
-#if !defined(lint)
-static const char sccsid[] = "@(#)arp.c 1.4 1/11/96 (C)1995 Darren Reed";
-static const char rcsid[] = "@(#)Id: arp.c,v 2.1 1999/08/04 17:31:03 darrenr Exp";
-#endif
#include <stdio.h>
#include <errno.h>
#include <sys/types.h>
@@ -32,6 +26,11 @@
#include "ipsend.h"
#include "iplang/iplang.h"
+#if !defined(lint)
Home |
Main Index |
Thread Index |
Old Index