Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src Pull up revision 1.1 (new, requested by martti):
details: https://anonhg.NetBSD.org/src/rev/8cbcc3e6e49f
branches: netbsd-1-5
changeset: 492675:8cbcc3e6e49f
user: he <he%NetBSD.org@localhost>
date: Sat Feb 09 16:55:20 2002 +0000
description:
Pull up revision 1.1 (new, requested by martti):
Updated IPFilter to 3.4.23
diffstat:
dist/ipf/IPFILTER.LICENCE | 28 ++++
dist/ipf/printstate.c | 141 ++++++++++++++++++++
dist/ipf/test/expected/f13 | 72 ++++++++++
dist/ipf/test/expected/ni1 | 3 +
dist/ipf/test/expected/ni2 | 10 +
dist/ipf/test/input/ipf6-1 | 26 +++
dist/ipf/test/input/ni1 | 6 +
dist/ipf/test/input/ni2 | 161 +++++++++++++++++++++++
dist/ipf/test/natipftest | 28 ++++
dist/ipf/test/regress/ipf6-1 | 3 +
dist/ipf/test/regress/ni1.ipf | 4 +
dist/ipf/test/regress/ni1.nat | 1 +
dist/ipf/test/regress/ni2.ipf | 1 +
dist/ipf/test/regress/ni2.nat | 1 +
sys/netinet/ip_ipsec_pxy.c | 294 ++++++++++++++++++++++++++++++++++++++++++
sys/netinet/ip_netbios_pxy.c | 111 +++++++++++++++
16 files changed, 890 insertions(+), 0 deletions(-)
diffs (truncated from 954 to 300 lines):
diff -r 96dc201d97db -r 8cbcc3e6e49f dist/ipf/IPFILTER.LICENCE
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/dist/ipf/IPFILTER.LICENCE Sat Feb 09 16:55:20 2002 +0000
@@ -0,0 +1,28 @@
+Copyright (C) 1993-2002 by Darren Reed.
+
+The author accepts no responsibility for the use of this software and
+provides it on an ``as is'' basis without express or implied warranty.
+
+Redistribution and use, with or without modification, in source and binary
+forms, are permitted provided that this notice is preserved in its entirety
+and due credit is given to the original author and the contributors.
+
+The licence and distribution terms for any publically available version or
+derivative of this code cannot be changed. i.e. this code cannot simply be
+copied, in part or in whole, and put under another distribution licence
+[including the GNU Public Licence.]
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+I hate legalese, don't you ?
+
diff -r 96dc201d97db -r 8cbcc3e6e49f dist/ipf/printstate.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/dist/ipf/printstate.c Sat Feb 09 16:55:20 2002 +0000
@@ -0,0 +1,141 @@
+/* $NetBSD: printstate.c,v 1.1.1.1.2.2 2002/02/09 16:55:20 he Exp $ */
+
+/*
+ * Copyright (C) 2002 by Darren Reed.
+ *
+ * See the IPFILTER.LICENCE file for details on licencing.
+ */
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netinet/in_systm.h>
+#include <net/if.h>
+#include <stdio.h>
+#include "kmem.h"
+#include "netinet/ip_compat.h"
+#include "ipf.h"
+#include "netinet/ip_fil.h"
+#include "netinet/ip_state.h"
+
+#define PRINTF (void)printf
+#define FPRINTF (void)fprintf
+
+ipstate_t *printstate(sp, opts)
+ipstate_t *sp;
+int opts;
+{
+ ipstate_t ips;
+
+ if (kmemcpy((char *)&ips, (u_long)sp, sizeof(ips)))
+ return NULL;
+
+ PRINTF("%s -> ", hostname(ips.is_v, &ips.is_src.in4));
+ PRINTF("%s ttl %ld pass %#x pr %d state %d/%d\n",
+ hostname(ips.is_v, &ips.is_dst.in4),
+ ips.is_age, ips.is_pass, ips.is_p,
+ ips.is_state[0], ips.is_state[1]);
+#ifdef USE_QUAD_T
+ PRINTF("\tpkts %qu bytes %qu", (unsigned long long) ips.is_pkts,
+ (unsigned long long) ips.is_bytes);
+#else
+ PRINTF("\tpkts %ld bytes %ld", ips.is_pkts, ips.is_bytes);
+#endif
+ if (ips.is_p == IPPROTO_TCP)
+#if defined(NetBSD) && (NetBSD >= 199905) && (NetBSD < 1991011) || \
+(__FreeBSD_version >= 220000) || defined(__OpenBSD__)
+ PRINTF("\t%hu -> %hu %x:%x %hu:%hu",
+ ntohs(ips.is_sport), ntohs(ips.is_dport),
+ ips.is_send, ips.is_dend,
+ ips.is_maxswin, ips.is_maxdwin);
+#else
+ PRINTF("\t%hu -> %hu %x:%x %hu:%hu",
+ ntohs(ips.is_sport), ntohs(ips.is_dport),
+ ips.is_send, ips.is_dend,
+ ips.is_maxswin, ips.is_maxdwin);
+#endif
+ else if (ips.is_p == IPPROTO_UDP)
+ PRINTF(" %hu -> %hu", ntohs(ips.is_sport),
+ ntohs(ips.is_dport));
+ else if (ips.is_p == IPPROTO_ICMP
+#ifdef USE_INET6
+ || ips.is_p == IPPROTO_ICMPV6
+#endif
+ )
+ PRINTF(" id %hu seq %hu type %d", ntohs(ips.is_icmp.ics_id),
+ ntohs(ips.is_icmp.ics_seq), ips.is_icmp.ics_type);
+
+ PRINTF("\n\t");
+
+ /*
+ * Print out bits set in the result code for the state being
+ * kept as they would for a rule.
+ */
+ if (ips.is_pass & FR_PASS) {
+ PRINTF("pass");
+ } else if (ips.is_pass & FR_BLOCK) {
+ PRINTF("block");
+ switch (ips.is_pass & FR_RETMASK)
+ {
+ case FR_RETICMP :
+ PRINTF(" return-icmp");
+ break;
+ case FR_FAKEICMP :
+ PRINTF(" return-icmp-as-dest");
+ break;
+ case FR_RETRST :
+ PRINTF(" return-rst");
+ break;
+ default :
+ break;
+ }
+ } else if ((ips.is_pass & FR_LOGMASK) == FR_LOG) {
+ PRINTF("log");
+ if (ips.is_pass & FR_LOGBODY)
+ PRINTF(" body");
+ if (ips.is_pass & FR_LOGFIRST)
+ PRINTF(" first");
+ } else if (ips.is_pass & FR_ACCOUNT)
+ PRINTF("count");
+
+ if (ips.is_pass & FR_OUTQUE)
+ PRINTF(" out");
+ else
+ PRINTF(" in");
+
+ if ((ips.is_pass & FR_LOG) != 0) {
+ PRINTF(" log");
+ if (ips.is_pass & FR_LOGBODY)
+ PRINTF(" body");
+ if (ips.is_pass & FR_LOGFIRST)
+ PRINTF(" first");
+ if (ips.is_pass & FR_LOGORBLOCK)
+ PRINTF(" or-block");
+ }
+ if (ips.is_pass & FR_QUICK)
+ PRINTF(" quick");
+ if (ips.is_pass & FR_KEEPFRAG)
+ PRINTF(" keep frags");
+ /* a given; no? */
+ if (ips.is_pass & FR_KEEPSTATE)
+ PRINTF(" keep state");
+ PRINTF("\tIPv%d", ips.is_v);
+ PRINTF("\n");
+
+ PRINTF("\tpkt_flags & %x(%x) = %x,\t",
+ ips.is_flags & 0xf, ips.is_flags,
+ ips.is_flags >> 4);
+ PRINTF("\tpkt_options & %x = %x\n", ips.is_optmsk,
+ ips.is_opt);
+ PRINTF("\tpkt_security & %x = %x, pkt_auth & %x = %x\n",
+ ips.is_secmsk, ips.is_sec, ips.is_authmsk,
+ ips.is_auth);
+ PRINTF("\tinterfaces: in %s", getifname(ips.is_ifp[0]));
+ PRINTF(",%s", getifname(ips.is_ifp[1]));
+ PRINTF(" out %s", getifname(ips.is_ifp[2]));
+ PRINTF(",%s\n", getifname(ips.is_ifp[3]));
+
+ return ips.is_next;
+}
diff -r 96dc201d97db -r 8cbcc3e6e49f dist/ipf/test/expected/f13
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/dist/ipf/test/expected/f13 Sat Feb 09 16:55:20 2002 +0000
@@ -0,0 +1,72 @@
+pass
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+--------
+block
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+--------
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+pass
+pass
+nomatch
+pass
+--------
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+block
+block
+nomatch
+block
+--------
+pass
+nomatch
+nomatch
+pass
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+--------
+block
+nomatch
+nomatch
+block
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+nomatch
+--------
diff -r 96dc201d97db -r 8cbcc3e6e49f dist/ipf/test/expected/ni1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/dist/ipf/test/expected/ni1 Sat Feb 09 16:55:20 2002 +0000
@@ -0,0 +1,3 @@
+4500 0028 4706 4000 0111 ced8 0606 0606 0404 0404 afc9 829e 0014 0b2d 0402 0000 3be5 468d 000a cfc3
+4500 0038 809a 0000 ff01 8f31 0303 0303 0202 0202 0b00 a537 0000 0000 4500 0028 4703 4000 0111 ef89 0202 0202 0404 0404 afc9 829e 0014 1d4f
+-------------------------------
diff -r 96dc201d97db -r 8cbcc3e6e49f dist/ipf/test/expected/ni2
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/dist/ipf/test/expected/ni2 Sat Feb 09 16:55:20 2002 +0000
@@ -0,0 +1,10 @@
+4510 002c bd0d 4000 3e06 ea1d 0101 0101 c0a8 0133 9c40 0077 a664 2485 0000 0000 6002 4000 cea4 0000 0204 05b4
+4500 002c ce83 4000 7e06 98b7 c0a8 0133 0a01 0201 0077 05f6 fbdf 1a21 a664 2486 6012 2238 62a5 0000 0204 05b4
+4510 0028 bd0e 4000 3e06 ea20 0101 0101 c0a8 0133 9c40 0077 a664 2486 fbdf 1a22 5010 4470 cbdf 0000
+4500 005b cf83 4000 7e06 9788 c0a8 0133 0a01 0201 0077 05f6 fbdf 1a22 a664 2486 5018 2238 b5d9 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0a
+4510 0028 bd18 4000 3e06 ea16 0101 0101 c0a8 0133 9c40 0077 a664 2486 fbdf 1a55 5010 4470 cbac 0000
+4510 002e bd1e 4000 3e06 ea0a 0101 0101 c0a8 0133 9c40 0077 a664 2486 fbdf 1a55 5018 4470 deb6 0000 0000 0000 0d0a
+4500 0048 e383 4000 7e06 839b c0a8 0133 0a01 0201 0077 05f6 fbdf 1a55 a664 248c 5018 2232 fe54 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
+4500 05dc e483 4000 7e06 7d07 c0a8 0133 0a01 0201 0077 05f6 fbdf 1a75 a664 248c 5010 2232 9f6c 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222
3333 0000 0000 0000 0000 0000 0000 1111 2222 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000
0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333
0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000
0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111
2222 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000
0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222
3333 0000 0000 0000 0000 0000 0000 1111 2222 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 1111 2222 3331 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000
0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333
0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000
0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 1111 2222 3333 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
+4500 0038 d71d 4000 4001 f0be 0101 0101 c0a8 0133 0304 348b 0000 05a0 4500 05dc e483 4000 7e06 8707 c0a8 0133 0101 0101 0077 9c40 fbdf 1a75
+-------------------------------
diff -r 96dc201d97db -r 8cbcc3e6e49f dist/ipf/test/input/ipf6-1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/dist/ipf/test/input/ipf6-1 Sat Feb 09 16:55:20 2002 +0000
@@ -0,0 +1,26 @@
+[out,de0]
+6000 0000 0020 3aff ef00 0000 0000 0000
+0000 0000 0001 0013 ff02 0000 0000 0000
+0000 0001 ff01 000b 8700 ea32 0000 0000
+ef00 0000 0000 0000 0000 0000 0001 000b
+0101 0048 5487 5c6f
+
+[in,de0]
+6000 0000 0020 3aff ef00 0000 0000 0000
+0000 0000 0001 000b ef00 0000 0000 0000
+0000 0000 0001 0013 8800 5322 6000 0000
+ef00 0000 0000 0000 0000 0000 0001 000b
+0201 0800 2071 cce1
+
+[out,de0]
+6000 0000 0010 3a40 ef00 0000 0000 0000
+0000 0000 0001 0013 ef00 0000 0000 0000
+0000 0000 0001 000b 8000 3210 06ff 0002
+9ec3 3c3c 8a82 0300
+
+[in,de0]
+6000 0000 0010 3aff ef00 0000 0000 0000
Home |
Main Index |
Thread Index |
Old Index