Common subdirectories: ip_fil3.2.3/4bsd and ip_fil3.2.4/4bsd Common subdirectories: ip_fil3.2.3/BSD and ip_fil3.2.4/BSD Common subdirectories: ip_fil3.2.3/BSDOS and ip_fil3.2.4/BSDOS Common subdirectories: ip_fil3.2.3/BSDOS3 and ip_fil3.2.4/BSDOS3 diff -cr ip_fil3.2.3/COMPILE.2.5 ip_fil3.2.4/COMPILE.2.5 *** ip_fil3.2.3/COMPILE.2.5 Sun Oct 5 16:14:54 1997 --- ip_fil3.2.4/COMPILE.2.5 Sat Feb 28 13:31:00 1998 *************** *** 1,3 **** --- 1,7 ---- + If you have BOTH GNU make and the normal make shipped with your system, + DO NOT use the GNU make to build this package. If you have any errors + relating to "(" or "TOP", check that you are using /usr/ccs/bin/make as + shipped with Solaris 2. If you get the following error whilst compiling: Common subdirectories: ip_fil3.2.3/FWTK and ip_fil3.2.4/FWTK Common subdirectories: ip_fil3.2.3/FreeBSD and ip_fil3.2.4/FreeBSD Common subdirectories: ip_fil3.2.3/FreeBSD-2.2 and ip_fil3.2.4/FreeBSD-2.2 diff -cr ip_fil3.2.3/COMPILE.2.5 ip_fil3.2.4/COMPILE.2.5ip_fil3.2.3/HISTORY ip_fil3.2.4/HISTORY *** ip_fil3.2.3/HISTORY Wed Dec 10 20:56:32 1997 --- ip_fil3.2.4/HISTORY Thu Apr 9 00:31:24 1998 *************** *** 5,10 **** --- 5,29 ---- # Thanks to Craig Bishop of connect.com.au and Sun Microsystems for the # loan of a machine to work on a Solaris 2.x port of this software. # + # Thanks also to all those who have contributed patches and other code, + # and especially those who have found the time to port IP Filter to new + # platforms. + + 3.2.4 09/04/98 - Released + + add script to make devices for /dev on BSD boxes + + fixup building into the kernel for FreeBSD 2.2.5 + + add -D command line option to ipmon to make it a daemon and SIGHUP causes + it to close and reopen the logfile + + fixup make clean and make package for SunOS5 - Marc Boucher + + postinstall keeps adding "minor=ipf ipl" - George Ross + + protected by IP Filter gif - Sergey Solyanik + 3.2.3 10/11/97 - Released fix some iplang bugs diff -cr ip_fil3.2.3/HISTORY ip_fil3.2.4/HISTORYip_fil3.2.3/INST.FreeBSD-2.2 ip_fil3.2.4/INST.FreeBSD-2.2 *** ip_fil3.2.3/INST.FreeBSD-2.2 Thu May 8 21:25:31 1997 --- ip_fil3.2.4/INST.FreeBSD-2.2 Sat Feb 28 13:31:19 1998 *************** *** 44,49 **** --- 44,50 ---- mknod /dev/ipl c 79 0 mknod /dev/ipnat c 79 1 mknod /dev/ipstate c 79 2 + mknod /dev/ipauth c 79 3 5b) For versions prior to FreeBSD 2.2: create devices for IP Filter as follows (assuming it was *************** *** 51,56 **** --- 52,58 ---- mknod /dev/ipl c 20 0 mknod /dev/ipnat c 20 1 mknod /dev/ipstate c 20 2 + mknod /dev/ipauth c 20 3 6. install and reboot with the new kernel diff -cr ip_fil3.2.3/INST.FreeBSD-2.2 ip_fil3.2.4/INST.FreeBSD-2.2ip_fil3.2.3/INSTALL.FreeBSD ip_fil3.2.4/INSTALL.FreeBSD *** ip_fil3.2.3/INSTALL.FreeBSD Sat May 24 17:57:02 1997 --- ip_fil3.2.4/INSTALL.FreeBSD Sat Feb 28 13:31:19 1998 *************** *** 41,46 **** --- 41,47 ---- mknod /dev/ipl c 20 0 mknod /dev/ipnat c 20 1 mknod /dev/ipstate c 20 2 + mknod /dev/ipauth c 20 3 6. install and reboot with the new kernel diff -cr ip_fil3.2.3/INSTALL.FreeBSD ip_fil3.2.4/INSTALL.FreeBSDip_fil3.2.3/INSTALL.NetBSD ip_fil3.2.4/INSTALL.NetBSD *** ip_fil3.2.3/INSTALL.NetBSD Fri Jun 6 14:27:24 1997 --- ip_fil3.2.4/INSTALL.NetBSD Sat Feb 28 13:31:33 1998 *************** *** 41,48 **** 4. build a new kernel ! 5. create /dev/ipl with "mknod /dev/ipl c 59 0". ! (for NetBSD-1.2, use "mknod /dev/ipl c 49 0") ** NOTE: both the numbers 49 and 59 should be substituted with whatever number you inserted it into conf.c as. --- 41,54 ---- 4. build a new kernel ! 5. Create device files. For NetBSD-1.2 (or later), use 49 as the ! major number. For NetBSD-1.1 or earlier, use 59. Run these ! commands as root, substituting for the appropriate number: ! ! mknod /dev/ipl c 0 ! mknod /dev/ipnat c 1 ! mknod /dev/ipstate c 2 ! mknod /dev/ipauth c 3 ** NOTE: both the numbers 49 and 59 should be substituted with whatever number you inserted it into conf.c as. diff -cr ip_fil3.2.3/INSTALL.NetBSD ip_fil3.2.4/INSTALL.NetBSDip_fil3.2.3/INSTALL.SunOS ip_fil3.2.4/INSTALL.SunOS *** ip_fil3.2.3/INSTALL.SunOS Fri Mar 28 00:44:55 1997 --- ip_fil3.2.4/INSTALL.SunOS Sat Feb 28 13:31:57 1998 *************** *** 28,34 **** NOTE: This script sets up /dev/ipl as char. device 59,0 in /sys/sun/conf.c ! 3. Do "mknod /dev/ipl c 59 0" as root. 4. Reboot using the new kernel --- 28,38 ---- NOTE: This script sets up /dev/ipl as char. device 59,0 in /sys/sun/conf.c ! 3. Run the following commands as root: ! mknod /dev/ipl c 59 0 ! mknod /dev/ipnat c 59 1 ! mknod /dev/ipstate c 59 2 ! mknod /dev/ipauth c 59 3 4. Reboot using the new kernel diff -cr ip_fil3.2.3/INSTALL.SunOS ip_fil3.2.4/INSTALL.SunOSip_fil3.2.3/INSTALL.xBSD ip_fil3.2.4/INSTALL.xBSD *** ip_fil3.2.3/INSTALL.xBSD Sun Jan 12 19:46:03 1997 --- ip_fil3.2.4/INSTALL.xBSD Sat Feb 28 13:31:58 1998 *************** *** 31,37 **** 4. build a new kernel ! 5. create /dev/ipl with "mknod /dev/ipl c 59 0". 6. install and reboot with the new kernel --- 31,42 ---- 4. build a new kernel ! 5. create devices for IP Filter as follows (assuming it was ! installed into the device table as char dev 20): ! mknod /dev/ipl c 20 0 ! mknod /dev/ipnat c 20 1 ! mknod /dev/ipstate c 20 2 ! mknod /dev/ipauth c 20 3 6. install and reboot with the new kernel Common subdirectories: ip_fil3.2.3/IRIX and ip_fil3.2.4/IRIX Common subdirectories: ip_fil3.2.3/Linux and ip_fil3.2.4/Linux diff -cr ip_fil3.2.3/INSTALL.xBSD ip_fil3.2.4/INSTALL.xBSDip_fil3.2.3/Makefile ip_fil3.2.4/Makefile *** ip_fil3.2.3/Makefile Thu Nov 27 20:32:38 1997 --- ip_fil3.2.4/Makefile Thu Apr 9 00:09:39 1998 *************** *** 5,11 **** # provided that this notice is preserved and due credit is given # to the original author and the contributors. # ! # $Id: Makefile,v 2.0.2.26.2.5 1997/11/27 09:32:38 darrenr Exp $ # BINDEST=/usr/local/bin SBINDEST=/sbin --- 5,11 ---- # provided that this notice is preserved and due credit is given # to the original author and the contributors. # ! # $Id: Makefile,v 2.0.2.26.2.7 1998/04/08 14:09:39 darrenr Exp $ # BINDEST=/usr/local/bin SBINDEST=/sbin *************** *** 100,132 **** netbsd: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build "TOP=../.." $(MFLAGS) 'DLKM=-D_LKM' "ML=mln_ipl.c"; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend "TOP=../.." $(MFLAGS); cd ..) openbsd openbsd21: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build "TOP=../.." $(MFLAGS) 'DLKM=-D_LKM' "ML=mln_ipl.c"; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend "TOP=../.." $(MFLAGS); cd ..) freebsd freebsd20 freebsd21: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build "TOP=../.." $(MFLAGS) "ML=mlf_ipl.c"; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend "TOP=../.." $(MFLAGS); cd ..) bsd: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build "TOP=../.." $(MFLAGS); cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend "TOP=../.." $(MFLAGS); cd ..) bsdi bsdos: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build "CC=$(CC)" "TOP=../.." $(MFLAGS) LKM= ; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend "CC=$(CC)" "TOP=../.." $(MFLAGS); cd ..) irix IRIX: include make setup "TARGOS=IRIX" "CPUDIR=$(CPUDIR)" ! (cd IRIX/$(CPUDIR); smake build "TOP=../.." $(MFLAGS); cd ..) ! (cd IRIX/$(CPUDIR); make -f Makefile.ipsend "TOP=../.." $(MFLAGS); cd ..) linux: include make setup "TARGOS=Linux" "CPUDIR=$(CPUDIR)" --- 100,132 ---- netbsd: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build TOP=../.. $(MFLAGS) 'DLKM=-D_LKM' "ML=mln_ipl.c"; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend TOP=../.. $(MFLAGS); cd ..) openbsd openbsd21: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build TOP=../.. $(MFLAGS) 'DLKM=-D_LKM' "ML=mln_ipl.c"; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend TOP=../.. $(MFLAGS); cd ..) freebsd freebsd20 freebsd21: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build TOP=../.. $(MFLAGS) "ML=mlf_ipl.c"; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend TOP=../.. $(MFLAGS); cd ..) bsd: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build TOP=../.. $(MFLAGS); cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend TOP=../.. $(MFLAGS); cd ..) bsdi bsdos: include make setup "TARGOS=BSD" "CPUDIR=$(CPUDIR)" ! (cd BSD/$(CPUDIR); make build "CC=$(CC)" TOP=../.. $(MFLAGS) LKM= ; cd ..) ! (cd BSD/$(CPUDIR); make -f Makefile.ipsend "CC=$(CC)" TOP=../.. $(MFLAGS); cd ..) irix IRIX: include make setup "TARGOS=IRIX" "CPUDIR=$(CPUDIR)" ! (cd IRIX/$(CPUDIR); smake build TOP=../.. $(MFLAGS); cd ..) ! (cd IRIX/$(CPUDIR); make -f Makefile.ipsend TOP=../.. $(MFLAGS); cd ..) linux: include make setup "TARGOS=Linux" "CPUDIR=$(CPUDIR)" *************** *** 133,140 **** ./buildlinux linuxrev: ! (cd Linux/$(CPUDIR); make build "TOP=../.." $(MFLAGS) LKM= ; cd ..) ! (cd Linux/$(CPUDIR); make -f Makefile.ipsend "TOP=../.." $(MFLAGS); cd ..) setup: -if [ ! -d $(TARGOS)/$(CPUDIR) ] ; then mkdir $(TARGOS)/$(CPUDIR); fi --- 133,140 ---- ./buildlinux linuxrev: ! (cd Linux/$(CPUDIR); make build TOP=../.. $(MFLAGS) LKM= ; cd ..) ! (cd Linux/$(CPUDIR); make -f Makefile.ipsend TOP=../.. $(MFLAGS); cd ..) setup: -if [ ! -d $(TARGOS)/$(CPUDIR) ] ; then mkdir $(TARGOS)/$(CPUDIR); fi *************** *** 146,153 **** ${RM} -rf netinet ${RM} -f core *.o ipt fils ipf ipfstat ipftest ipmon if_ipl \ vnode_if.h $(LKM) ! (cd SunOS4; make clean) ! (cd SunOS5; make clean) (cd BSD; make clean) (cd Linux; make clean) if [ "`uname -s`" = "IRIX" ]; then (cd IRIX; make clean); fi --- 146,153 ---- ${RM} -rf netinet ${RM} -f core *.o ipt fils ipf ipfstat ipftest ipmon if_ipl \ vnode_if.h $(LKM) ! if [ "`uname -s`" = "SunOS" ]; then (cd SunOS4; make clean); fi ! if [ "`uname -s`" = "SunOS" ]; then (cd SunOS5; make clean); fi (cd BSD; make clean) (cd Linux; make clean) if [ "`uname -s`" = "IRIX" ]; then (cd IRIX; make clean); fi Common subdirectories: ip_fil3.2.3/NetBSD and ip_fil3.2.4/NetBSD Common subdirectories: ip_fil3.2.3/NetBSD-1.2 and ip_fil3.2.4/NetBSD-1.2 Common subdirectories: ip_fil3.2.3/OpenBSD and ip_fil3.2.4/OpenBSD Common subdirectories: ip_fil3.2.3/SunOS4 and ip_fil3.2.4/SunOS4 Common subdirectories: ip_fil3.2.3/SunOS5 and ip_fil3.2.4/SunOS5 Common subdirectories: ip_fil3.2.3/etc and ip_fil3.2.4/etc diff -cr ip_fil3.2.3/Makefile ip_fil3.2.4/Makefileip_fil3.2.3/fil.c ip_fil3.2.4/fil.c *** ip_fil3.2.3/fil.c Wed Dec 3 00:56:06 1997 --- ip_fil3.2.4/fil.c Wed Apr 8 23:43:12 1998 *************** *** 7,13 **** */ #if !defined(lint) static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-1996 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: fil.c,v 2.0.2.41.2.9 1997/12/02 13:56:06 darrenr Exp $"; #endif #include --- 7,13 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-1996 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: fil.c,v 2.0.2.41.2.11 1998/04/08 13:43:12 darrenr Exp $"; #endif #include *************** *** 194,199 **** --- 194,200 ---- { struct optlist *op; tcphdr_t *tcp; + icmphdr_t *icmp; fr_ip_t *fi = &fin->fin_fi; u_short optmsk = 0, secmsk = 0, auth = 0; int i, mv, ol, off; *************** *** 214,219 **** --- 215,221 ---- fin->fin_hlen = hlen; fin->fin_dlen = ip->ip_len - hlen; tcp = (tcphdr_t *)((char *)ip + hlen); + icmp = (icmphdr_t *)tcp; fin->fin_dp = (void *)tcp; (*(((u_short *)fi) + 1)) = (*(((u_short *)ip) + 4)); (*(((u_32_t *)fi) + 1)) = (*(((u_32_t *)ip) + 3)); *************** *** 226,237 **** switch (ip->ip_p) { case IPPROTO_ICMP : ! if ((!IPMINLEN(ip, icmp) && !off) || (off && off < sizeof(struct icmp))) fi->fi_fl |= FI_SHORT; if (fin->fin_dlen > 1) fin->fin_data[0] = *(u_short *)tcp; break; case IPPROTO_TCP : fi->fi_fl |= FI_TCPUDP; if ((!IPMINLEN(ip, tcphdr) && !off) || --- 228,247 ---- switch (ip->ip_p) { case IPPROTO_ICMP : ! { ! int minicmpsz = sizeof(struct icmp); ! ! if (!off && ip->ip_len > ICMP_MINLEN + hlen && ! (icmp->icmp_type == ICMP_ECHOREPLY || ! icmp->icmp_type == ICMP_UNREACH)) ! minicmpsz = ICMP_MINLEN; ! if (((ip->ip_len >= hlen + minicmpsz) && !off) || (off && off < sizeof(struct icmp))) fi->fi_fl |= FI_SHORT; if (fin->fin_dlen > 1) fin->fin_data[0] = *(u_short *)tcp; break; + } case IPPROTO_TCP : fi->fi_fl |= FI_TCPUDP; if ((!IPMINLEN(ip, tcphdr) && !off) || *************** *** 418,424 **** off = ip->ip_off & 0x1fff; pass |= (fi->fi_fl << 24); ! if ((fi->fi_fl & FI_TCPUDP) && (fin->fin_dlen > 3) && !off) portcmp = 1; for (rulen = 0; fr; fr = fr->fr_next, rulen++) { --- 428,434 ---- off = ip->ip_off & 0x1fff; pass |= (fi->fi_fl << 24); ! if ((fi->fi_fl & FI_TCPUDP) && (fin->fin_dlen > 3) && !off) portcmp = 1; for (rulen = 0; fr; fr = fr->fr_next, rulen++) { *************** *** 475,498 **** * If a fragment, then only the first has what we're looking * for here... */ if (fi->fi_fl & FI_TCPUDP) { ! if (portcmp) { ! if (!fr_tcpudpchk(fr, fin)) ! continue; ! } else if (fr->fr_dcmp || fr->fr_scmp || fr->fr_tcpf || ! fr->fr_tcpfm) continue; ! } else if (fi->fi_p == IPPROTO_ICMP) { ! if (!off && (fin->fin_dlen > 1)) { ! if ((fin->fin_data[0] & fr->fr_icmpm) != ! fr->fr_icmp) { ! FR_DEBUG(("i. %#x & %#x != %#x\n", ! fin->fin_data[0], ! fr->fr_icmpm, fr->fr_icmp)); ! continue; ! } ! } else if (fr->fr_icmpm || fr->fr_icmp) continue; } FR_VERBOSE(("*")); /* --- 485,506 ---- * If a fragment, then only the first has what we're looking * for here... */ + if (!portcmp && (fr->fr_dcmp || fr->fr_scmp || fr->fr_tcpf || + fr->fr_tcpfm)) + continue; if (fi->fi_fl & FI_TCPUDP) { ! if (!fr_tcpudpchk(fr, fin)) continue; ! } else if (fr->fr_icmpm || fr->fr_icmp) { ! if ((fi->fi_p != IPPROTO_ICMP) || off || ! (fin->fin_dlen < 2)) continue; + if ((fin->fin_data[0] & fr->fr_icmpm) != fr->fr_icmp) { + FR_DEBUG(("i. %#x & %#x != %#x\n", + fin->fin_data[0], fr->fr_icmpm, + fr->fr_icmp)); + continue; + } } FR_VERBOSE(("*")); /* *************** *** 1073,1079 **** * SUCH DAMAGE. * * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94 ! * $Id: fil.c,v 2.0.2.41.2.9 1997/12/02 13:56:06 darrenr Exp $ */ /* * Copy data from an mbuf chain starting "off" bytes from the beginning, --- 1081,1087 ---- * SUCH DAMAGE. * * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94 ! * $Id: fil.c,v 2.0.2.41.2.11 1998/04/08 13:43:12 darrenr Exp $ */ /* * Copy data from an mbuf chain starting "off" bytes from the beginning, diff -cr ip_fil3.2.3/fil.c ip_fil3.2.4/fil.cip_fil3.2.3/ip_auth.c ip_fil3.2.4/ip_auth.c *** ip_fil3.2.3/ip_auth.c Wed Nov 12 21:45:51 1997 --- ip_fil3.2.4/ip_auth.c Wed Apr 8 23:43:29 1998 *************** *** 6,12 **** * to the original author and the contributors. */ #if !defined(lint) ! static const char rcsid[] = "@(#)$Id: ip_auth.c,v 2.0.2.21.2.2 1997/11/12 10:45:51 darrenr Exp $"; #endif #if !defined(_KERNEL) && !defined(KERNEL) --- 6,12 ---- * to the original author and the contributors. */ #if !defined(lint) ! static const char rcsid[] = "@(#)$Id: ip_auth.c,v 2.0.2.21.2.3 1998/04/08 13:43:29 darrenr Exp $"; #endif #if !defined(_KERNEL) && !defined(KERNEL) *************** *** 86,91 **** --- 86,94 ---- #include "netinet/ip_auth.h" #if !SOLARIS && !defined(linux) # include + # ifdef __FreeBSD__ + # include + # endif #endif diff -cr ip_fil3.2.3/ip_auth.c ip_fil3.2.4/ip_auth.cip_fil3.2.3/ip_compat.h ip_fil3.2.4/ip_compat.h *** ip_fil3.2.3/ip_compat.h Wed Dec 3 00:42:52 1997 --- ip_fil3.2.4/ip_compat.h Sat Feb 28 13:34:32 1998 *************** *** 6,12 **** * to the original author and the contributors. * * @(#)ip_compat.h 1.8 1/14/96 ! * $Id: ip_compat.h,v 2.0.2.31.2.8 1997/12/02 13:42:52 darrenr Exp $ */ #ifndef __IP_COMPAT_H__ --- 6,12 ---- * to the original author and the contributors. * * @(#)ip_compat.h 1.8 1/14/96 ! * $Id: ip_compat.h,v 2.0.2.31.2.9 1998/02/28 02:34:32 darrenr Exp $ */ #ifndef __IP_COMPAT_H__ *************** *** 123,129 **** # else typedef unsigned long u_32_t; # endif ! #endif /* __NetBSD__ || __OpenBSD__ || __FreeBSD__ */ #ifndef MAX #define MAX(a,b) (((a) > (b)) ? (a) : (b)) --- 123,129 ---- # else typedef unsigned long u_32_t; # endif ! #endif /* __NetBSD__ || __OpenBSD__ || __FreeBSD__ || __sgi */ #ifndef MAX #define MAX(a,b) (((a) > (b)) ? (a) : (b)) diff -cr ip_fil3.2.3/ip_compat.h ip_fil3.2.4/ip_compat.hip_fil3.2.3/ip_fil.c ip_fil3.2.4/ip_fil.c *** ip_fil3.2.3/ip_fil.c Mon Nov 24 21:02:02 1997 --- ip_fil3.2.4/ip_fil.c Sat Feb 28 13:34:48 1998 *************** *** 7,13 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil.c,v 2.0.2.44.2.5 1997/11/24 10:02:02 darrenr Exp $"; #endif #ifndef SOLARIS --- 7,13 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil.c,v 2.0.2.44.2.6 1998/02/28 02:34:48 darrenr Exp $"; #endif #ifndef SOLARIS *************** *** 164,170 **** }; #endif /* _BSDI_VERSION >= 199510 && _KERNEL */ ! #if defined(__NetBSD__) || defined(__OpenBSD__) # include # if defined(NETBSD_PF) # include --- 164,170 ---- }; #endif /* _BSDI_VERSION >= 199510 && _KERNEL */ ! #if defined(__NetBSD__) || defined(__OpenBSD__) || (_BSDI_VERSION >= 199701) # include # if defined(NETBSD_PF) # include diff -cr ip_fil3.2.3/ip_fil.c ip_fil3.2.4/ip_fil.cip_fil3.2.3/ip_state.c ip_fil3.2.4/ip_state.c *** ip_fil3.2.3/ip_state.c Wed Nov 19 22:44:09 1997 --- ip_fil3.2.4/ip_state.c Wed Apr 8 23:44:02 1998 *************** *** 7,13 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_state.c 1.8 6/5/96 (C) 1993-1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_state.c,v 2.0.2.24.2.4 1997/11/19 11:44:09 darrenr Exp $"; #endif #if !defined(_KERNEL) && !defined(KERNEL) && !defined(__KERNEL__) --- 7,13 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_state.c 1.8 6/5/96 (C) 1993-1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_state.c,v 2.0.2.24.2.5 1998/04/08 13:44:02 darrenr Exp $"; #endif #if !defined(_KERNEL) && !defined(KERNEL) && !defined(__KERNEL__) *************** *** 134,143 **** break; case 1 : if ((is->is_p == IPPROTO_TCP) && ! ((is->is_state[0] <= TCPS_ESTABLISHED) && ! (is->is_state[1] > TCPS_ESTABLISHED)) || ! ((is->is_state[1] <= TCPS_ESTABLISHED) && ! (is->is_state[0] > TCPS_ESTABLISHED))) delete = 1; break; } --- 134,143 ---- break; case 1 : if ((is->is_p == IPPROTO_TCP) && ! (((is->is_state[0] <= TCPS_ESTABLISHED) && ! (is->is_state[1] > TCPS_ESTABLISHED)) || ! ((is->is_state[1] <= TCPS_ESTABLISHED) && ! (is->is_state[0] > TCPS_ESTABLISHED)))) delete = 1; break; } diff -cr ip_fil3.2.3/ip_state.c ip_fil3.2.4/ip_state.cip_fil3.2.3/ipf.c ip_fil3.2.4/ipf.c *** ip_fil3.2.3/ipf.c Fri Nov 7 08:23:36 1997 --- ip_fil3.2.4/ipf.c Wed Apr 8 23:44:53 1998 *************** *** 40,46 **** #if !defined(lint) static const char sccsid[] = "@(#)ipf.c 1.23 6/5/96 (C) 1993-1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipf.c,v 2.0.2.13.2.2 1997/11/06 21:23:36 darrenr Exp $"; #endif static void frsync __P((void)); --- 40,46 ---- #if !defined(lint) static const char sccsid[] = "@(#)ipf.c 1.23 6/5/96 (C) 1993-1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipf.c,v 2.0.2.13.2.3 1998/04/08 13:44:53 darrenr Exp $"; #endif static void frsync __P((void)); *************** *** 204,215 **** exit(1); } ! while (getline(line, sizeof(line)-1, fp)) { /* ! * treat both CR and LF as EOL */ - if ((s = index(line, '\n'))) - *s = '\0'; if ((s = index(line, '\r'))) *s = '\0'; /* --- 204,213 ---- exit(1); } ! while (getline(line, sizeof(line), fp)) { /* ! * treat CR as EOL. LF is converted to NUL by getline(). */ if ((s = index(line, '\r'))) *s = '\0'; /* *************** *** 222,228 **** continue; if (opts & OPT_VERBOSE) ! (void)fprintf(stderr, "[%s]\n",line); fr = parse(line); (void)fflush(stdout); --- 220,226 ---- continue; if (opts & OPT_VERBOSE) ! (void)fprintf(stderr, "[%s]\n", line); fr = parse(line); (void)fflush(stdout); *************** *** 269,279 **** } } } (void)fclose(fp); } /* ! * Similar to fgets(3) but can handle '\\' */ static char *getline(str, size, file) register char *str; --- 267,283 ---- } } } + if (ferror(fp) || !feof(fp)) { + fprintf(stderr, "%s: %s: file error or line too long\n", + name, file); + exit(1); + } (void)fclose(fp); } /* ! * Similar to fgets(3) but can handle '\\' and NL is converted to NUL. ! * Returns NULL if error occured, EOF encounterd or input line is too long. */ static char *getline(str, size, file) register char *str; *************** *** 280,292 **** size_t size; FILE *file; { ! register char *p; ! register int len; do { ! for (p = str; ; p += strlen(p) - 1) { ! if (!fgets(p, size, file)) ! return(NULL); len = strlen(p); p[len - 1] = '\0'; if (p[len - 1] != '\\') --- 284,300 ---- size_t size; FILE *file; { ! char *p; ! int s, len; do { ! for (p = str, s = size;; p += len, s -= len) { ! /* ! * if an error occured, EOF was encounterd, or there ! * was no room to put NUL, return NULL. ! */ ! if (fgets(p, s, file) == NULL) ! return (NULL); len = strlen(p); p[len - 1] = '\0'; if (p[len - 1] != '\\') *************** *** 294,300 **** size -= len; } } while (*str == '\0' || *str == '\n'); ! return(str); } --- 302,308 ---- size -= len; } } while (*str == '\0' || *str == '\n'); ! return (str); } diff -cr ip_fil3.2.3/ipf.c ip_fil3.2.4/ipf.cip_fil3.2.3/ipft_tx.c ip_fil3.2.4/ipft_tx.c *** ip_fil3.2.3/ipft_tx.c Wed Nov 12 21:56:11 1997 --- ip_fil3.2.4/ipft_tx.c Thu Apr 9 00:31:16 1998 *************** *** 43,49 **** #if !defined(lint) static const char sccsid[] = "@(#)ipft_tx.c 1.7 6/5/96 (C) 1993 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipft_tx.c,v 2.0.2.11.2.1 1997/11/12 10:56:11 darrenr Exp $"; #endif extern int opts; --- 43,49 ---- #if !defined(lint) static const char sccsid[] = "@(#)ipft_tx.c 1.7 6/5/96 (C) 1993 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipft_tx.c,v 2.0.2.11.2.2 1998/04/08 14:31:16 darrenr Exp $"; #endif extern int opts; *************** *** 89,95 **** fprintf(stderr, "can't resolve hostname: %s\n", host); return 0; } ! return np->n_net; } return *(u_32_t *)hp->h_addr; } --- 89,95 ---- fprintf(stderr, "can't resolve hostname: %s\n", host); return 0; } ! return htonl(np->n_net); } return *(u_32_t *)hp->h_addr; } Common subdirectories: ip_fil3.2.3/iplang and ip_fil3.2.4/iplang diff -cr ip_fil3.2.3/ipft_tx.c ip_fil3.2.4/ipft_tx.cip_fil3.2.3/ipmon.c ip_fil3.2.4/ipmon.c *** ip_fil3.2.3/ipmon.c Fri Nov 28 17:14:46 1997 --- ip_fil3.2.4/ipmon.c Wed Apr 8 23:39:26 1998 *************** *** 7,13 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ipmon.c 1.21 6/5/96 (C)1993-1997 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipmon.c,v 2.0.2.29.2.4 1997/11/28 06:14:46 darrenr Exp $"; #endif #include --- 7,13 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ipmon.c 1.21 6/5/96 (C)1993-1997 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipmon.c,v 2.0.2.29.2.5 1998/04/08 13:39:26 darrenr Exp $"; #endif #include *************** *** 87,93 **** --- 87,97 ---- static char line[2048]; static int opts = 0; + static FILE *newlog = NULL; + static char *logfile = NULL; + static int donehup = 0; static void usage __P((char *)); + static void handlehup __P((void)); static void flushlogs __P((char *, FILE *)); static void print_log __P((int, FILE *, char *, int)); static void print_ipflog __P((FILE *, char *, int)); *************** *** 117,122 **** --- 121,136 ---- #endif + static void handlehup() + { + FILE *fp; + + donehup = 1; + if (logfile && (fp = fopen(logfile, "a"))) + newlog = fp; + } + + static int read_log(fd, lenp, buf, bufsize, log) int fd, bufsize, *lenp; char *buf; *************** *** 364,376 **** int logtype, blen; { iplog_t *ipl; int psize; while (blen > 0) { ipl = (iplog_t *)buf; if (ipl->ipl_magic != IPL_MAGIC) { /* invalid data or out of sync */ ! return; } psize = ipl->ipl_dsize; switch (logtype) --- 378,403 ---- int logtype, blen; { iplog_t *ipl; + char *bp = NULL, *bpo = NULL; int psize; while (blen > 0) { ipl = (iplog_t *)buf; + if ((u_long)ipl & (sizeof(long)-1)) { + if (bp) + bpo = bp; + bp = (char *)malloc(blen); + bcopy((char *)ipl, bp, blen); + if (bpo) { + free(bpo); + bpo = NULL; + } + buf = bp; + continue; + } if (ipl->ipl_magic != IPL_MAGIC) { /* invalid data or out of sync */ ! break; } psize = ipl->ipl_dsize; switch (logtype) *************** *** 389,394 **** --- 416,425 ---- blen -= psize; buf += psize; } + finishbuf: + if (bp) + free(bp); + return; } *************** *** 663,669 **** FILE *log = stdout; int fd[3], doread, n, i; int tr, nr, regular[3], c; ! int fdt[3], devices = 0; char buf[512], *iplfile[3]; extern int optind; extern char *optarg; --- 694,700 ---- FILE *log = stdout; int fd[3], doread, n, i; int tr, nr, regular[3], c; ! int fdt[3], devices = 0, make_daemon = 0; char buf[512], *iplfile[3]; extern int optind; extern char *optarg; *************** *** 674,685 **** iplfile[1] = IPNAT_NAME; iplfile[2] = IPSTATE_NAME; ! while ((c = getopt(argc, argv, "?af:FhI:nN:o:O:sS:tvxX")) != -1) switch (c) { case 'a' : opts |= OPT_ALL; break; case 'f' : case 'I' : opts |= OPT_FILTER; fdt[0] = IPL_LOGIPF; --- 705,719 ---- iplfile[1] = IPNAT_NAME; iplfile[2] = IPSTATE_NAME; ! while ((c = getopt(argc, argv, "?aDf:FhI:nN:o:O:sS:tvxX")) != -1) switch (c) { case 'a' : opts |= OPT_ALL; break; + case 'D' : + make_daemon = 1; + break; case 'f' : case 'I' : opts |= OPT_FILTER; fdt[0] = IPL_LOGIPF; *************** *** 768,774 **** } if (!(opts & OPT_SYSLOG)) { ! log = argv[optind] ? fopen(argv[optind], "a") : stdout; if (log == NULL) { (void) fprintf(stderr, "%s: fopen: %s\n", argv[optind], --- 802,809 ---- } if (!(opts & OPT_SYSLOG)) { ! logfile = argv[optind]; ! log = logfile ? fopen(logfile, "a") : stdout; if (log == NULL) { (void) fprintf(stderr, "%s: fopen: %s\n", argv[optind], *************** *** 778,783 **** --- 813,827 ---- setvbuf(log, NULL, _IONBF, 0); } + if (make_daemon && (log != stdout)) { + if (fork() > 0) + exit(0); + close(0); + close(1); + close(2); + setsid(); + } + for (doread = 1; doread; ) { nr = 0; *************** *** 800,805 **** --- 844,858 ---- nr += tr; tr = read_log(fd[i], &n, buf, sizeof(buf), log); + if (donehup) { + donehup = 0; + if (newlog) { + fclose(log); + log = newlog; + newlog = NULL; + } + } + switch (tr) { case -1 : diff -cr ip_fil3.2.3/ipmon.c ip_fil3.2.4/ipmon.cip_fil3.2.3/ipnat.c ip_fil3.2.4/ipnat.c *** ip_fil3.2.3/ipnat.c Sat Nov 8 15:55:55 1997 --- ip_fil3.2.4/ipnat.c Thu Apr 9 00:31:18 1998 *************** *** 19,24 **** --- 19,25 ---- #include #include #include + #include #include #if !defined(__SVR4) && !defined(__svr4__) #include *************** *** 52,60 **** #include "netinet/ip_nat.h" #include "kmem.h" #if !defined(lint) static const char sccsid[] ="@(#)ipnat.c 1.9 6/5/96 (C) 1993 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipnat.c,v 2.0.2.21.2.1 1997/11/08 04:55:55 darrenr Exp $"; #endif --- 53,68 ---- #include "netinet/ip_nat.h" #include "kmem.h" + #if defined(sun) && !SOLARIS2 + # define STRERROR(x) sys_errlist[x] + extern char *sys_errlist[]; + #else + # define STRERROR(x) strerror(x) + #endif + #if !defined(lint) static const char sccsid[] ="@(#)ipnat.c 1.9 6/5/96 (C) 1993 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ipnat.c,v 2.0.2.21.2.4 1998/04/08 14:31:18 darrenr Exp $"; #endif *************** *** 133,139 **** if (!(opts & OPT_NODO) && ((fd = open(IPL_NAT, O_RDWR)) == -1) && ((fd = open(IPL_NAT, O_RDONLY)) == -1)) { ! perror("open"); exit(-1); } --- 141,148 ---- if (!(opts & OPT_NODO) && ((fd = open(IPL_NAT, O_RDWR)) == -1) && ((fd = open(IPL_NAT, O_RDONLY)) == -1)) { ! (void) fprintf(stderr, "%s: open: %s\n", IPL_NAT, ! STRERROR(errno)); exit(-1); } *************** *** 227,233 **** } else { np->in_nextip.s_addr = htonl(np->in_nextip.s_addr); printf("%s %s/", np->in_ifname, inet_ntoa(np->in_in[0])); ! bits = countbits(np->in_in[1].s_addr); if (bits != -1) printf("%d ", bits); else --- 236,242 ---- } else { np->in_nextip.s_addr = htonl(np->in_nextip.s_addr); printf("%s %s/", np->in_ifname, inet_ntoa(np->in_in[0])); ! bits = countbits(ntohl(np->in_in[1].s_addr)); if (bits != -1) printf("%d ", bits); else *************** *** 455,461 **** fprintf(stderr, "can't resolve hostname: %s\n", host); return 0; } ! return np->n_net; } return *(u_32_t *)hp->h_addr; } --- 464,470 ---- fprintf(stderr, "can't resolve hostname: %s\n", host); return 0; } ! return htonl(np->n_net); } return *(u_32_t *)hp->h_addr; } *************** *** 760,766 **** if (strcmp(file, "-")) { if (!(fp = fopen(file, "r"))) { ! perror(file); exit(1); } } else --- 769,776 ---- if (strcmp(file, "-")) { if (!(fp = fopen(file, "r"))) { ! (void) fprintf(stderr, "%s: open: %s\n", file, ! STRERROR(errno)); exit(1); } } else Common subdirectories: ip_fil3.2.3/ipsd and ip_fil3.2.4/ipsd Common subdirectories: ip_fil3.2.3/ipsend and ip_fil3.2.4/ipsend Common subdirectories: ip_fil3.2.3/man and ip_fil3.2.4/man diff -cr ip_fil3.2.3/ipnat.c ip_fil3.2.4/ipnat.cip_fil3.2.3/mlf_ipl.c ip_fil3.2.4/mlf_ipl.c *** ip_fil3.2.3/mlf_ipl.c Wed Dec 10 20:10:39 1997 --- ip_fil3.2.4/mlf_ipl.c Wed Apr 8 23:45:56 1998 *************** *** 27,32 **** --- 27,35 ---- # include # ifdef DEVFS # include + # if defined(IPFILTER) && defined(_KERNEL) + # include "opt_devfs.h" + # endif # endif /*DEVFS*/ #endif #include *************** *** 375,381 **** } } ! # ifdef IPFILTER_LKM SYSINIT(ipldev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,ipl_drvinit,NULL) # endif /* IPFILTER_LKM */ #endif /* _FreeBSD_version */ --- 378,385 ---- } } ! # if defined(IPFILTER_LKM) || \ ! defined(__FreeBSD_version) && (__FreeBSD_version >= 220000) SYSINIT(ipldev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,ipl_drvinit,NULL) # endif /* IPFILTER_LKM */ #endif /* _FreeBSD_version */ diff -cr ip_fil3.2.3/mlf_ipl.c ip_fil3.2.4/mlf_ipl.cip_fil3.2.3/parse.c ip_fil3.2.4/parse.c *** ip_fil3.2.3/parse.c Thu Nov 20 23:43:49 1997 --- ip_fil3.2.4/parse.c Sat Feb 28 13:04:40 1998 *************** *** 35,41 **** #if !defined(lint) static const char sccsid[] ="@(#)parse.c 1.44 6/5/96 (C) 1993-1996 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: parse.c,v 2.0.2.18.2.1 1997/11/20 12:43:49 darrenr Exp $"; #endif extern struct ipopt_names ionames[], secclass[]; --- 35,41 ---- #if !defined(lint) static const char sccsid[] ="@(#)parse.c 1.44 6/5/96 (C) 1993-1996 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: parse.c,v 2.0.2.18.2.2 1998/02/28 02:04:40 darrenr Exp $"; #endif extern struct ipopt_names ionames[], secclass[]; *************** *** 621,627 **** fprintf(stderr, "can't resolve hostname: %s\n", host); return 0; } ! return np->n_net; } return *(u_32_t *)hp->h_addr; } --- 621,627 ---- fprintf(stderr, "can't resolve hostname: %s\n", host); return 0; } ! return htonl(np->n_net); } return *(u_32_t *)hp->h_addr; } Common subdirectories: ip_fil3.2.3/rules and ip_fil3.2.4/rules Common subdirectories: ip_fil3.2.3/samples and ip_fil3.2.4/samples diff -cr ip_fil3.2.3/parse.c ip_fil3.2.4/parse.cip_fil3.2.3/solaris.c ip_fil3.2.4/solaris.c *** ip_fil3.2.3/solaris.c Mon Nov 24 17:15:52 1997 --- ip_fil3.2.4/solaris.c Sat Feb 28 13:35:21 1998 *************** *** 6,12 **** * to the original author and the contributors. */ /* #pragma ident "@(#)solaris.c 1.12 6/5/96 (C) 1995 Darren Reed"*/ ! #pragma ident "@(#)$Id: solaris.c,v 2.0.2.22.2.2 1997/11/24 06:15:52 darrenr Exp $"; #include #include --- 6,12 ---- * to the original author and the contributors. */ /* #pragma ident "@(#)solaris.c 1.12 6/5/96 (C) 1995 Darren Reed"*/ ! #pragma ident "@(#)$Id: solaris.c,v 2.0.2.22.2.4 1998/02/28 02:35:21 darrenr Exp $"; #include #include *************** *** 190,204 **** dev_info_t *dip; ddi_attach_cmd_t cmd; { int instance; - #ifdef IPFDEBUG cmn_err(CE_NOTE, "IP Filter: ipf_attach(%x,%x)", dip, cmd); #endif switch (cmd) { case DDI_ATTACH: - instance = ddi_get_instance(dip); #ifdef IPFDEBUG cmn_err(CE_NOTE, "IP Filter: attach ipf instance %d", instance); #endif if (ddi_create_minor_node(dip, "ipf", S_IFCHR, IPL_LOGIPF, --- 190,205 ---- dev_info_t *dip; ddi_attach_cmd_t cmd; { + #ifdef IPFDEBUG int instance; cmn_err(CE_NOTE, "IP Filter: ipf_attach(%x,%x)", dip, cmd); #endif switch (cmd) { case DDI_ATTACH: #ifdef IPFDEBUG + instance = ddi_get_instance(dip); + cmn_err(CE_NOTE, "IP Filter: attach ipf instance %d", instance); #endif if (ddi_create_minor_node(dip, "ipf", S_IFCHR, IPL_LOGIPF, *************** *** 895,901 **** * Activate any rules directly associated with this interface */ mutex_enter(&ipf_mutex); ! for (f = ipfilter[0][0]; f; f = f->fr_next) { if ((f->fr_ifa == (struct ifnet *)-1)) { len = strlen(f->fr_ifname)+1; /* includes \0 */ if (len && (len == il->ill_name_length) && --- 896,902 ---- * Activate any rules directly associated with this interface */ mutex_enter(&ipf_mutex); ! for (f = ipfilter[0][fr_active]; f; f = f->fr_next) { if ((f->fr_ifa == (struct ifnet *)-1)) { len = strlen(f->fr_ifname)+1; /* includes \0 */ if (len && (len == il->ill_name_length) && *************** *** 903,909 **** f->fr_ifa = il; } } ! for (f = ipfilter[1][0]; f; f = f->fr_next) { if ((f->fr_ifa == (struct ifnet *)-1)) { len = strlen(f->fr_ifname)+1; /* includes \0 */ if (len && (len == il->ill_name_length) && --- 904,910 ---- f->fr_ifa = il; } } ! for (f = ipfilter[1][fr_active]; f; f = f->fr_next) { if ((f->fr_ifa == (struct ifnet *)-1)) { len = strlen(f->fr_ifname)+1; /* includes \0 */ if (len && (len == il->ill_name_length) && *************** *** 996,1005 **** np->in_ifp = (struct ifnet *)-1; mutex_exit(&ipf_nat); mutex_enter(&ipf_mutex); ! for (f = ipfilter[0][0]; f; f = f->fr_next) if (f->fr_ifa == (void *)qif->qf_ill) f->fr_ifa = (struct ifnet *)-1; ! for (f = ipfilter[1][0]; f; f = f->fr_next) if (f->fr_ifa == (void *)qif->qf_ill) f->fr_ifa = (struct ifnet *)-1; --- 997,1006 ---- np->in_ifp = (struct ifnet *)-1; mutex_exit(&ipf_nat); mutex_enter(&ipf_mutex); ! for (f = ipfilter[0][fr_active]; f; f = f->fr_next) if (f->fr_ifa == (void *)qif->qf_ill) f->fr_ifa = (struct ifnet *)-1; ! for (f = ipfilter[1][fr_active]; f; f = f->fr_next) if (f->fr_ifa == (void *)qif->qf_ill) f->fr_ifa = (struct ifnet *)-1; Common subdirectories: ip_fil3.2.3/test and ip_fil3.2.4/test diff -cr ip_fil3.2.3/solaris.c ip_fil3.2.4/solaris.cip_fil3.2.3/todo ip_fil3.2.4/todo *** ip_fil3.2.3/todo Thu Nov 27 20:32:27 1997 --- ip_fil3.2.4/todo Thu Apr 9 00:06:01 1998 *************** *** 34,36 **** --- 34,41 ---- * ipfsync() should change IP#'s in current mappings as well as what's in rules. + document bimap + + document NAT rule order processing + + add more docs Only in ip_fil3.2.4/BSD: make-devices diff -cr ip_fil3.2.3/BSDOS3/files.diffs ip_fil3.2.4/BSDOS3/files.diffs *** ip_fil3.2.3/BSDOS3/files.diffs Wed Nov 5 22:10:12 1997 --- ip_fil3.2.4/BSDOS3/files.diffs Wed Apr 8 23:51:11 1998 *************** *** 6,19 **** file netinet/tcp_timer.c inet file netinet/tcp_usrreq.c inet file netinet/udp_usrreq.c inet ! + file netinet/ip_fil.c ipfilter ! + file netinet/fil.c ipfilter ! + file netinet/ip_nat.c ipfilter ! + file netinet/ip_frag.c ipfilter ! + file netinet/ip_state.c ipfilter ! + file netinet/ip_auth.c ipfilter ! + file netinet/ip_proxy.c ipfilter ! + file netinet/ip_log.c ipfilter file netiso/clnp_debug.c iso file netiso/clnp_er.c iso file netiso/clnp_frag.c iso --- 6,19 ---- file netinet/tcp_timer.c inet file netinet/tcp_usrreq.c inet file netinet/udp_usrreq.c inet ! + file netinet/ip_fil.c ipfilter always-source ! + file netinet/fil.c ipfilter always-source ! + file netinet/ip_nat.c ipfilter always-source ! + file netinet/ip_frag.c ipfilter always-source ! + file netinet/ip_state.c ipfilter always-source ! + file netinet/ip_auth.c ipfilter always-source ! + file netinet/ip_proxy.c ipfilter always-source ! + file netinet/ip_log.c ipfilter always-source file netiso/clnp_debug.c iso file netiso/clnp_er.c iso file netiso/clnp_frag.c iso diff -cr ip_fil3.2.3/BSDOS3/files.diffs ip_fil3.2.4/BSDOS3/files.diffsip_fil3.2.3/BSDOS3/kinstall ip_fil3.2.4/BSDOS3/kinstall *** ip_fil3.2.3/BSDOS3/kinstall Wed Nov 12 23:03:46 1997 --- ip_fil3.2.4/BSDOS3/kinstall Thu Apr 9 00:06:19 1998 *************** *** 36,42 **** set minor=`expr $minor + 1` end ! set config=`/bin/ls -1t $confdir [0-9A-Z_]* | head -1` echo -n "Kernel configuration to update [$config] " set newconfig=$< --- 36,42 ---- set minor=`expr $minor + 1` end ! set config=`/bin/ls -1t $confdir/[0-9A-Z_]* | head -1` echo -n "Kernel configuration to update [$config] " set newconfig=$< diff -cr ip_fil3.2.3/FreeBSD-2.2/files.diffs ip_fil3.2.4/FreeBSD-2.2/files.diffs *** ip_fil3.2.3/FreeBSD-2.2/files.diffs Tue Aug 5 23:40:41 1997 --- ip_fil3.2.4/FreeBSD-2.2/files.diffs Thu Apr 9 00:19:42 1998 *************** *** 1,8 **** ! *** /sys/conf/files.orig Sat May 24 14:05:28 1997 ! --- /sys/conf/files Sat May 24 14:06:44 1997 *************** ! *** 217,222 **** ! --- 217,230 ---- netinet/tcp_timer.c optional inet netinet/tcp_usrreq.c optional inet netinet/udp_usrreq.c optional inet --- 1,8 ---- ! *** files.orig Tue Sep 9 16:58:40 1997 ! --- files Sat Apr 4 10:52:58 1998 *************** ! *** 222,227 **** ! --- 222,236 ---- netinet/tcp_timer.c optional inet netinet/tcp_usrreq.c optional inet netinet/udp_usrreq.c optional inet *************** *** 17,20 **** + netinet/ip_log.c optional ipfilter inet netipx/ipx.c optional ipx netipx/ipx_cksum.c optional ipx ! netipx/ipx_error.c optional ipx --- 17,20 ---- + netinet/ip_log.c optional ipfilter inet netipx/ipx.c optional ipx netipx/ipx_cksum.c optional ipx ! netipx/ipx_input.c optional ipx diff -cr ip_fil3.2.3/SunOS5/Makefile ip_fil3.2.4/SunOS5/Makefile *** ip_fil3.2.3/SunOS5/Makefile Wed Dec 3 21:09:21 1997 --- ip_fil3.2.4/SunOS5/Makefile Thu Apr 9 00:08:54 1998 *************** *** 229,235 **** -$(INSTALL) -g root -m 644 -o root ip_frag.h $(ROOTINC)/netinet -$(INSTALL) -g root -m 644 -o root ip_proxy.h $(ROOTINC)/netinet -$(INSTALL) -g root -m 644 -o root ip_auth.h $(ROOTINC)/netinet ! (cd $(DCPU); ln -s ../prototype ../pkginfo ../copyright ../postinstall .) (cd $(DCPU); pkgmk -o) -pkgadd -d /var/spool/pkg --- 229,235 ---- -$(INSTALL) -g root -m 644 -o root ip_frag.h $(ROOTINC)/netinet -$(INSTALL) -g root -m 644 -o root ip_proxy.h $(ROOTINC)/netinet -$(INSTALL) -g root -m 644 -o root ip_auth.h $(ROOTINC)/netinet ! (cd $(DCPU) && rm -f prototype pkginfo copyright postinstall && ln -s ../prototype ../pkginfo ../copyright ../postinstall .) (cd $(DCPU); pkgmk -o) -pkgadd -d /var/spool/pkg diff -cr ip_fil3.2.3/SunOS5/Makefile ip_fil3.2.4/SunOS5/Makefileip_fil3.2.3/SunOS5/Makefile.ipsend ip_fil3.2.4/SunOS5/Makefile.ipsend *** ip_fil3.2.3/SunOS5/Makefile.ipsend Wed Dec 3 21:09:58 1997 --- ip_fil3.2.4/SunOS5/Makefile.ipsend Wed Apr 8 23:50:25 1998 *************** *** 6,12 **** LIBS=-lsocket -lnsl CC=gcc ! CFLAGS=-g -I$(TOP) -Dsolaris all build dlpi sunos5 : ipsend ipresend iptest --- 6,12 ---- LIBS=-lsocket -lnsl CC=gcc ! CFLAGS=-g -I$$(TOP) -Dsolaris all build dlpi sunos5 : ipsend ipresend iptest diff -cr ip_fil3.2.3/SunOS5/Makefile.ipsend ip_fil3.2.4/SunOS5/Makefile.ipsendip_fil3.2.3/SunOS5/postinstall ip_fil3.2.4/SunOS5/postinstall *** ip_fil3.2.3/SunOS5/postinstall Sun Jul 20 21:52:51 1997 --- ip_fil3.2.4/SunOS5/postinstall Sun Dec 28 12:30:31 1997 *************** *** 3,9 **** if [ x"`grep minor=ipf /etc/devlink.tab`" = x ] ; then echo "type=ddi_pseudo;name=ipf;minor=ipf \M0" >>/etc/devlink.tab fi ! if [ x"`grep minor=ipl /etc/devlink.tab`" = x ] ; then echo "type=ddi_pseudo;name=ipf;minor=ipf ipl" >>/etc/devlink.tab fi if [ x"`grep minor=ipnat /etc/devlink.tab`" = x ] ; then --- 3,9 ---- if [ x"`grep minor=ipf /etc/devlink.tab`" = x ] ; then echo "type=ddi_pseudo;name=ipf;minor=ipf \M0" >>/etc/devlink.tab fi ! if [ x"`grep 'minor=ipf ipl' /etc/devlink.tab`" = x ] ; then echo "type=ddi_pseudo;name=ipf;minor=ipf ipl" >>/etc/devlink.tab fi if [ x"`grep minor=ipnat /etc/devlink.tab`" = x ] ; then diff -cr ip_fil3.2.3/iplang/iplang_l.l ip_fil3.2.4/iplang/iplang_l.l *** ip_fil3.2.3/iplang/iplang_l.l Wed Dec 10 20:54:15 1997 --- ip_fil3.2.4/iplang/iplang_l.l Sun Dec 28 12:32:13 1997 *************** *** 1,7 **** - %e 1500 - %p 4000 - %a 4000 - %o 6000 %{ /* * Copyright (C) 1997 by Darren Reed. --- 1,3 ---- *************** *** 10,16 **** * provided that this notice is preserved and due credit is given * to the original author and the contributors. * ! * $Id: iplang_l.l,v 2.0.2.15.2.2 1997/12/10 09:54:15 darrenr Exp $ */ #include #include --- 6,12 ---- * provided that this notice is preserved and due credit is given * to the original author and the contributors. * ! * $Id: iplang_l.l,v 2.0.2.15.2.5 1997/12/28 01:32:13 darrenr Exp $ */ #include #include *************** *** 46,179 **** int save_token __P((void)); void swallow __P((void)); int yylex __P((void)); - %} %% ! [ \t\r] ; \n { lineNum++; swallow(); } - interface | - iface { return next_state(IL_INTERFACE, -1); } - name | - ifname { return next_state(IL_IFNAME, IL_TOKEN); } - router { return next_state(IL_DEFROUTER, IL_TOKEN); } - mtu { return next_state(IL_MTU, IL_NUMBER); } - eaddr { return next_state(IL_EADDR, IL_TOKEN); } - v4addr { return next_state(IL_V4ADDR, IL_TOKEN); } - ipv4 { return next_state(IL_IPV4, -1); } - v { return next_state(IL_V4V, IL_TOKEN); } - proto { return next_state(IL_V4PROTO, IL_TOKEN); } - hl { return next_state(IL_V4HL, IL_TOKEN); } - id { return next_state(IL_V4ID, IL_TOKEN); } - ttl { return next_state(IL_V4TTL, IL_TOKEN); } - tos { return next_state(IL_V4TOS, IL_TOKEN); } - src { return next_state(IL_V4SRC, IL_TOKEN); } - dst { return next_state(IL_V4DST, IL_TOKEN); } - opt { return next_state(IL_OPT, -1); } - len { return next_state(IL_LEN, IL_TOKEN); } - off { return next_state(IL_OFF, IL_TOKEN); } - sum { return next_state(IL_SUM, IL_TOKEN); } - tcp { return next_state(IL_TCP, -1); } - sport { return next_state(IL_SPORT, IL_TOKEN); } - dport { return next_state(IL_DPORT, IL_TOKEN); } - seq { return next_state(IL_TCPSEQ, IL_TOKEN); } - ack { return next_state(IL_TCPACK, IL_TOKEN); } - flags { return next_state(IL_TCPFL, IL_TOKEN); } - urp { return next_state(IL_TCPURP, IL_TOKEN); } - win { return next_state(IL_TCPWIN, IL_TOKEN); } - udp { return next_state(IL_UDP, -1); } - send { return next_state(IL_SEND, -1); } - via { return next_state(IL_VIA, IL_TOKEN); } - arp { return next_state(IL_ARP, -1); } - data { return next_state(IL_DATA, -1); } - value { return next_state(IL_DVALUE, IL_TOKEN); } - file { return next_state(IL_DFILE, IL_TOKEN); } - nop { return next_state(IL_IPO_NOP, -1); } - eol { return next_state(IL_IPO_EOL, -1); } - rr { return next_state(IL_IPO_RR, -1); } - zsu { return next_state(IL_IPO_ZSU, -1); } - mtup { return next_state(IL_IPO_MTUP, -1); } - mtur { return next_state(IL_IPO_MTUR, -1); } - encode { return next_state(IL_IPO_ENCODE, -1); } - ts { return next_state(IL_IPO_TS, -1); } - tr { return next_state(IL_IPO_TR, -1); } - sec { return next_state(IL_IPO_SEC, -1); } - secclass { return next_state(IL_IPO_SECCLASS, IL_TOKEN); } - lsrr { return next_state(IL_IPO_LSRR, -1); } - esec { return next_state(IL_IPO_ESEC, -1); } - cipso { return next_state(IL_IPO_CIPSO, -1); } - satid { return next_state(IL_IPO_SATID, -1); } - ssrr { return next_state(IL_IPO_SSRR, -1); } - addext { return next_state(IL_IPO_ADDEXT, -1); } - visa { return next_state(IL_IPO_VISA, -1); } - imitd { return next_state(IL_IPO_IMITD, -1); } - eip { return next_state(IL_IPO_EIP, -1); } - finn { return next_state(IL_IPO_FINN, -1); } - mss { return next_state(IL_TCPO_MSS, IL_TOKEN); } - wscale { return next_state(IL_TCPO_MSS, IL_TOKEN); } - reserv-4 { return next_state(IL_IPS_RESERV4, -1); } - topsecret { return next_state(IL_IPS_TOPSECRET, -1); } - secret { return next_state(IL_IPS_SECRET, -1); } - reserv-3 { return next_state(IL_IPS_RESERV3, -1); } - confid { return next_state(IL_IPS_CONFID, -1); } - unclass { return next_state(IL_IPS_UNCLASS, -1); } - reserv-2 { return next_state(IL_IPS_RESERV2, -1); } - reserv-1 { return next_state(IL_IPS_RESERV1, -1); } - icmp { return next_state(IL_ICMP, -1); } - type { return next_state(IL_ICMPTYPE, -1); } - code { return next_state(IL_ICMPCODE, -1); } - echorep { return next_state(IL_ICMP_ECHOREPLY, -1); } - unreach { return next_state(IL_ICMP_UNREACH, -1); } - squench { return next_state(IL_ICMP_SOURCEQUENCH, -1); } - redir { return next_state(IL_ICMP_REDIRECT, -1); } - echo { return next_state(IL_ICMP_ECHO, -1); } - routerad { return next_state(IL_ICMP_ROUTERADVERT, -1); } - routersol { return next_state(IL_ICMP_ROUTERSOLICIT, -1); } - timex { return next_state(IL_ICMP_TIMXCEED, -1); } - paramprob { return next_state(IL_ICMP_PARAMPROB, -1); } - timest { return next_state(IL_ICMP_TSTAMP, -1); } - timestrep { return next_state(IL_ICMP_TSTAMPREPLY, -1); } - inforeq { return next_state(IL_ICMP_IREQ, -1); } - inforep { return next_state(IL_ICMP_IREQREPLY, -1); } - maskreq { return next_state(IL_ICMP_MASKREQ, -1); } - maskrep { return next_state(IL_ICMP_MASKREPLY, -1); } - net-unr { return next_state(IL_ICMP_UNREACH_NET, -1); } - host-unr { return next_state(IL_ICMP_UNREACH_HOST, -1); } - proto-unr { return next_state(IL_ICMP_UNREACH_PROTOCOL, -1); } - port-unr { return next_state(IL_ICMP_UNREACH_PORT, -1); } - needfrag { return next_state(IL_ICMP_UNREACH_NEEDFRAG, -1); } - srcfail { return next_state(IL_ICMP_UNREACH_SRCFAIL, -1); } - net-unk { return next_state(IL_ICMP_UNREACH_NET_UNKNOWN, -1); } - host-unk { return next_state(IL_ICMP_UNREACH_HOST_UNKNOWN, -1); } - isolate { return next_state(IL_ICMP_UNREACH_ISOLATED, -1); } - net-prohib { return next_state(IL_ICMP_UNREACH_NET_PROHIB, -1); } - host-prohib { return next_state(IL_ICMP_UNREACH_HOST_PROHIB, -1); } - net-tos { return next_state(IL_ICMP_UNREACH_TOSNET, -1); } - host-tos { return next_state(IL_ICMP_UNREACH_TOSHOST, -1); } - filter-prohib { return next_state(IL_ICMP_UNREACH_FILTER_PROHIB, -1); } - host-preced { return next_state(IL_ICMP_UNREACH_HOST_PRECEDENCE, -1); } - cutoff-preced { return next_state(IL_ICMP_UNREACH_PRECEDENCE_CUTOFF, -1); } - net-redir { return next_state(IL_ICMP_REDIRECT_NET, -1); } - host-redir { return next_state(IL_ICMP_REDIRECT_HOST, -1); } - tos-net-redir { return next_state(IL_ICMP_REDIRECT_TOSNET, -1); } - tos-host-redir { return next_state(IL_ICMP_REDIRECT_TOSHOST, -1); } - intrans { return next_state(IL_ICMP_TIMXCEED_INTRANS, -1); } - reass { return next_state(IL_ICMP_TIMXCEED_REASS, -1); } - optabsent { return next_state(IL_ICMP_PARAMPROB_OPTABSENT, -1); } - otime { return next_state(IL_ICMP_OTIME, -1); } - rtime { return next_state(IL_ICMP_RTIME, -1); } - ttime { return next_state(IL_ICMP_TTIME, -1); } - icmpseq { return next_state(IL_ICMP_SEQ, -1); } - icmpid { return next_state(IL_ICMP_SEQ, -1); } - \377 { return 0; } /* EOF */ \{ { push_proto(); return next_item('{'); } \} { pop_proto(); return next_item('}'); } - \. { return next_item(IL_DOT); } ; { return next_item(';'); } [0-9]+ { return next_item(IL_NUMBER); } [0-9a-fA-F] { return next_item(IL_HEXDIGIT); } : { return next_item(IL_COLON); } #[^\n]* { return next_item(IL_COMMENT); } ! [^ {}\n\t;]* { return next_item(IL_TOKEN); } \"[^\"]*\" { return next_item(IL_TOKEN); } %% void yyerror(msg) --- 42,184 ---- int save_token __P((void)); void swallow __P((void)); int yylex __P((void)); + struct wordtab { + char *word; + int state; + int next; + }; + + struct wordtab words[] = { + { "interface", IL_INTERFACE, -1 }, + { "iface", IL_INTERFACE, -1 }, + { "name", IL_IFNAME, IL_TOKEN }, + { "ifname", IL_IFNAME, IL_TOKEN }, + { "router", IL_DEFROUTER, IL_TOKEN }, + { "mtu", IL_MTU, IL_NUMBER }, + { "eaddr", IL_EADDR, IL_TOKEN }, + { "v4addr", IL_V4ADDR, IL_TOKEN }, + { "ipv4", IL_IPV4, -1 }, + { "v", IL_V4V, IL_TOKEN }, + { "proto", IL_V4PROTO, IL_TOKEN }, + { "hl", IL_V4HL, IL_TOKEN }, + { "id", IL_V4ID, IL_TOKEN }, + { "ttl", IL_V4TTL, IL_TOKEN }, + { "tos", IL_V4TOS, IL_TOKEN }, + { "src", IL_V4SRC, IL_TOKEN }, + { "dst", IL_V4DST, IL_TOKEN }, + { "opt", IL_OPT, -1 }, + { "len", IL_LEN, IL_TOKEN }, + { "off", IL_OFF, IL_TOKEN }, + { "sum", IL_SUM, IL_TOKEN }, + { "tcp", IL_TCP, -1 }, + { "sport", IL_SPORT, IL_TOKEN }, + { "dport", IL_DPORT, IL_TOKEN }, + { "seq", IL_TCPSEQ, IL_TOKEN }, + { "ack", IL_TCPACK, IL_TOKEN }, + { "flags", IL_TCPFL, IL_TOKEN }, + { "urp", IL_TCPURP, IL_TOKEN }, + { "win", IL_TCPWIN, IL_TOKEN }, + { "udp", IL_UDP, -1 }, + { "send", IL_SEND, -1 }, + { "via", IL_VIA, IL_TOKEN }, + { "arp", IL_ARP, -1 }, + { "data", IL_DATA, -1 }, + { "value", IL_DVALUE, IL_TOKEN }, + { "file", IL_DFILE, IL_TOKEN }, + { "nop", IL_IPO_NOP, -1 }, + { "eol", IL_IPO_EOL, -1 }, + { "rr", IL_IPO_RR, -1 }, + { "zsu", IL_IPO_ZSU, -1 }, + { "mtup", IL_IPO_MTUP, -1 }, + { "mtur", IL_IPO_MTUR, -1 }, + { "encode", IL_IPO_ENCODE, -1 }, + { "ts", IL_IPO_TS, -1 }, + { "tr", IL_IPO_TR, -1 }, + { "sec", IL_IPO_SEC, -1 }, + { "secclass", IL_IPO_SECCLASS, IL_TOKEN }, + { "lsrr", IL_IPO_LSRR, -1 }, + { "esec", IL_IPO_ESEC, -1 }, + { "cipso", IL_IPO_CIPSO, -1 }, + { "satid", IL_IPO_SATID, -1 }, + { "ssrr", IL_IPO_SSRR, -1 }, + { "addext", IL_IPO_ADDEXT, -1 }, + { "visa", IL_IPO_VISA, -1 }, + { "imitd", IL_IPO_IMITD, -1 }, + { "eip", IL_IPO_EIP, -1 }, + { "finn", IL_IPO_FINN, -1 }, + { "mss", IL_TCPO_MSS, IL_TOKEN }, + { "wscale", IL_TCPO_WSCALE, IL_TOKEN }, + { "reserv-4", IL_IPS_RESERV4, -1 }, + { "topsecret", IL_IPS_TOPSECRET, -1 }, + { "secret", IL_IPS_SECRET, -1 }, + { "reserv-3", IL_IPS_RESERV3, -1 }, + { "confid", IL_IPS_CONFID, -1 }, + { "unclass", IL_IPS_UNCLASS, -1 }, + { "reserv-2", IL_IPS_RESERV2, -1 }, + { "reserv-1", IL_IPS_RESERV1, -1 }, + { "icmp", IL_ICMP, -1 }, + { "type", IL_ICMPTYPE, -1 }, + { "code", IL_ICMPCODE, -1 }, + { "echorep", IL_ICMP_ECHOREPLY, -1 }, + { "unreach", IL_ICMP_UNREACH, -1 }, + { "squench", IL_ICMP_SOURCEQUENCH, -1 }, + { "redir", IL_ICMP_REDIRECT, -1 }, + { "echo", IL_ICMP_ECHO, -1 }, + { "routerad", IL_ICMP_ROUTERADVERT, -1 }, + { "routersol", IL_ICMP_ROUTERSOLICIT, -1 }, + { "timex", IL_ICMP_TIMXCEED, -1 }, + { "paramprob", IL_ICMP_PARAMPROB, -1 }, + { "timest", IL_ICMP_TSTAMP, -1 }, + { "timestrep", IL_ICMP_TSTAMPREPLY, -1 }, + { "inforeq", IL_ICMP_IREQ, -1 }, + { "inforep", IL_ICMP_IREQREPLY, -1 }, + { "maskreq", IL_ICMP_MASKREQ, -1 }, + { "maskrep", IL_ICMP_MASKREPLY, -1 }, + { "net-unr", IL_ICMP_UNREACH_NET, -1 }, + { "host-unr", IL_ICMP_UNREACH_HOST, -1 }, + { "proto-unr", IL_ICMP_UNREACH_PROTOCOL, -1 }, + { "port-unr", IL_ICMP_UNREACH_PORT, -1 }, + { "needfrag", IL_ICMP_UNREACH_NEEDFRAG, -1 }, + { "srcfail", IL_ICMP_UNREACH_SRCFAIL, -1 }, + { "net-unk", IL_ICMP_UNREACH_NET_UNKNOWN, -1 }, + { "host-unk", IL_ICMP_UNREACH_HOST_UNKNOWN, -1 }, + { "isolate", IL_ICMP_UNREACH_ISOLATED, -1 }, + { "net-prohib", IL_ICMP_UNREACH_NET_PROHIB, -1 }, + { "host-prohib", IL_ICMP_UNREACH_HOST_PROHIB, -1 }, + { "net-tos", IL_ICMP_UNREACH_TOSNET, -1 }, + { "host-tos", IL_ICMP_UNREACH_TOSHOST, -1 }, + { "filter-prohib", IL_ICMP_UNREACH_FILTER_PROHIB, -1 }, + { "host-preced", IL_ICMP_UNREACH_HOST_PRECEDENCE, -1 }, + { "cutoff-preced", IL_ICMP_UNREACH_PRECEDENCE_CUTOFF, -1 }, + { "net-redir", IL_ICMP_REDIRECT_NET, -1 }, + { "host-redir", IL_ICMP_REDIRECT_HOST, -1 }, + { "tos-net-redir", IL_ICMP_REDIRECT_TOSNET, -1 }, + { "tos-host-redir", IL_ICMP_REDIRECT_TOSHOST, -1 }, + { "intrans", IL_ICMP_TIMXCEED_INTRANS, -1 }, + { "reass", IL_ICMP_TIMXCEED_REASS, -1 }, + { "optabsent", IL_ICMP_PARAMPROB_OPTABSENT, -1 }, + { "otime", IL_ICMP_OTIME, -1 }, + { "rtime", IL_ICMP_RTIME, -1 }, + { "ttime", IL_ICMP_TTIME, -1 }, + { "icmpseq", IL_ICMP_SEQ, -1 }, + { "icmpid", IL_ICMP_SEQ, -1 }, + { ".", IL_DOT, -1 }, + { NULL, 0, 0 } + }; + %} + white [ \t\r]+ %% ! {white} ; \n { lineNum++; swallow(); } \{ { push_proto(); return next_item('{'); } \} { pop_proto(); return next_item('}'); } ; { return next_item(';'); } [0-9]+ { return next_item(IL_NUMBER); } [0-9a-fA-F] { return next_item(IL_HEXDIGIT); } : { return next_item(IL_COLON); } #[^\n]* { return next_item(IL_COMMENT); } ! [^ \{\}\n\t;:{}]* { return next_item(IL_TOKEN); } \"[^\"]*\" { return next_item(IL_TOKEN); } %% void yyerror(msg) *************** *** 220,229 **** --- 225,245 ---- int next_item(nstate) int nstate; { + struct wordtab *wt; + + if (opts & OPT_DEBUG) + printf("text=[%s] id=%d next=%d\n", yytext, nstate, next); if (next == IL_TOKEN) { next = -1; return save_token(); } + token++; + + for (wt = words; wt->word; wt++) + if (!strcasecmp(wt->word, yytext)) + return next_state(wt->state, wt->next); + if (opts & OPT_DEBUG) + printf("unknown keyword=[%s]\n", yytext); next = -1; if (nstate == IL_NUMBER) yylval.num = atoi(yytext); *************** *** 235,247 **** int next_state(nstate, fornext) int nstate, fornext; { - token++; - - if (next == IL_TOKEN) { - next = -1; - return save_token(); - } - next = fornext; switch (nstate) --- 251,256 ---- diff -cr ip_fil3.2.3/iplang/iplang_l.l ip_fil3.2.4/iplang/iplang_l.lip_fil3.2.3/iplang/iplang_y.y ip_fil3.2.4/iplang/iplang_y.y *** ip_fil3.2.3/iplang/iplang_y.y Wed Dec 10 20:54:45 1997 --- ip_fil3.2.4/iplang/iplang_y.y Sun Dec 21 23:17:33 1997 *************** *** 6,12 **** * provided that this notice is preserved and due credit is given * to the original author and the contributors. * ! * $Id: iplang_y.y,v 2.0.2.18.2.5 1997/12/10 09:54:45 darrenr Exp $ */ #include --- 6,12 ---- * provided that this notice is preserved and due credit is given * to the original author and the contributors. * ! * $Id: iplang_y.y,v 2.0.2.18.2.6 1997/12/21 12:17:33 darrenr Exp $ */ #include *************** *** 345,351 **** tcpopt: IL_TCPO_NOP ';' { set_tcpopt(IL_TCPO_NOP, NULL); } | IL_TCPO_EOL ';' { set_tcpopt(IL_TCPO_EOL, NULL); } | IL_TCPO_MSS optoken { set_tcpopt(IL_TCPO_MSS,&$2);} ! | IL_TCPO_WSCALE optoken { set_tcpopt(IL_TCPO_MSS,&$2);} | IL_TCPO_TS optoken { set_tcpopt(IL_TCPO_TS, &$2);} ; --- 345,351 ---- tcpopt: IL_TCPO_NOP ';' { set_tcpopt(IL_TCPO_NOP, NULL); } | IL_TCPO_EOL ';' { set_tcpopt(IL_TCPO_EOL, NULL); } | IL_TCPO_MSS optoken { set_tcpopt(IL_TCPO_MSS,&$2);} ! | IL_TCPO_WSCALE optoken { set_tcpopt(IL_TCPO_WSCALE,&$2);} | IL_TCPO_TS optoken { set_tcpopt(IL_TCPO_TS, &$2);} ; *************** *** 779,784 **** --- 779,786 ---- *t++ = (u_char)(val & 0xff); todo = 0; } + if (todo) + continue; } if (quote) { if (isdigit(c)) { *************** *** 807,814 **** *t++ = '\t'; break; } - quote = 0; } continue; } --- 809,816 ---- *t++ = '\t'; break; } } + quote = 0; continue; } *************** *** 817,822 **** --- 819,826 ---- else *t++ = c; } + if (todo) + *t++ = (u_char)(val & 0xff); if (quote) *t++ = '\\'; len = t - (u_char *)canip->ah_data; *************** *** 910,916 **** void set_ipv4off(arg) char **arg; { ! ip->ip_off = strtol(*arg, NULL, 0); free(*arg); *arg = NULL; } --- 914,920 ---- void set_ipv4off(arg) char **arg; { ! ip->ip_off = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } *************** *** 961,967 **** void set_ipv4id(arg) char **arg; { ! ip->ip_id = strtol(*arg, NULL, 0); free(*arg); *arg = NULL; } --- 965,971 ---- void set_ipv4id(arg) char **arg; { ! ip->ip_id = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } *************** *** 999,1005 **** ip->ip_p = IPPROTO_TCP; tcp = (tcphdr_t *)new_header(IPPROTO_TCP); ! tcp->th_win = 4096; tcp->th_off = sizeof(*tcp) >> 2; } --- 1003,1009 ---- ip->ip_p = IPPROTO_TCP; tcp = (tcphdr_t *)new_header(IPPROTO_TCP); ! tcp->th_win = htons(4096); tcp->th_off = sizeof(*tcp) >> 2; } *************** *** 1047,1053 **** void set_tcpseq(arg) char **arg; { ! tcp->th_seq = strtol(*arg, NULL, 0); free(*arg); *arg = NULL; } --- 1051,1057 ---- void set_tcpseq(arg) char **arg; { ! tcp->th_seq = htonl(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } *************** *** 1056,1062 **** void set_tcpack(arg) char **arg; { ! tcp->th_ack = strtol(*arg, NULL, 0); free(*arg); *arg = NULL; } --- 1060,1066 ---- void set_tcpack(arg) char **arg; { ! tcp->th_ack = htonl(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } *************** *** 1078,1084 **** void set_tcpurp(arg) char **arg; { ! tcp->th_urp = strtol(*arg, NULL, 0); free(*arg); *arg = NULL; } --- 1082,1088 ---- void set_tcpurp(arg) char **arg; { ! tcp->th_urp = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } *************** *** 1087,1093 **** void set_tcpwin(arg) char **arg; { ! tcp->th_win = strtol(*arg, NULL, 0); free(*arg); *arg = NULL; } --- 1091,1097 ---- void set_tcpwin(arg) char **arg; { ! tcp->th_win = htons(strtol(*arg, NULL, 0)); free(*arg); *arg = NULL; } *************** *** 1298,1304 **** u_char *s = (u_char *)ipbuffer, *t = (u_char *)outline; if (opts & OPT_VERBOSE) { ! for (i = ip->ip_len, j = 0; i; i--, j++, s++) { if (j && !(j & 0xf)) { *t++ = '\n'; *t = '\0'; --- 1302,1309 ---- u_char *s = (u_char *)ipbuffer, *t = (u_char *)outline; if (opts & OPT_VERBOSE) { ! ip->ip_len = htons(ip->ip_len); ! for (i = ntohs(ip->ip_len), j = 0; i; i--, j++, s++) { if (j && !(j & 0xf)) { *t++ = '\n'; *t = '\0'; *************** *** 1338,1343 **** --- 1343,1349 ---- } fputs(outline, stdout); fflush(stdout); + ip->ip_len = ntohs(ip->ip_len); } prep_packet(); *************** *** 1542,1548 **** void set_icmpid(arg) int arg; { ! icmp->icmp_id = arg; } --- 1548,1554 ---- void set_icmpid(arg) int arg; { ! icmp->icmp_id = htons(arg); } *************** *** 1549,1555 **** void set_icmpseq(arg) int arg; { ! icmp->icmp_seq = arg; } --- 1555,1561 ---- void set_icmpseq(arg) int arg; { ! icmp->icmp_seq = htons(arg); } *************** *** 1556,1562 **** void set_icmpotime(arg) int arg; { ! icmp->icmp_otime = arg; } --- 1562,1568 ---- void set_icmpotime(arg) int arg; { ! icmp->icmp_otime = htonl(arg); } *************** *** 1563,1569 **** void set_icmprtime(arg) int arg; { ! icmp->icmp_rtime = arg; } --- 1569,1575 ---- void set_icmprtime(arg) int arg; { ! icmp->icmp_rtime = htonl(arg); } *************** *** 1570,1576 **** void set_icmpttime(arg) int arg; { ! icmp->icmp_ttime = arg; } --- 1576,1582 ---- void set_icmpttime(arg) int arg; { ! icmp->icmp_ttime = htonl(arg); } *************** *** 1578,1584 **** int arg; { #if BSD >= 199306 ! icmp->icmp_nextmtu = arg; #endif } --- 1584,1590 ---- int arg; { #if BSD >= 199306 ! icmp->icmp_nextmtu = htons(arg); #endif } *************** *** 1730,1736 **** --- 1736,1744 ---- aniphdr_t *aip; ip->ip_sum = 0; + ip->ip_len = htons(ip->ip_len); ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); + ip->ip_len = ntohs(ip->ip_len); free_anipheader(); for (aip = aniphead, ip = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_IP) *************** *** 1761,1769 **** iptmp.ip_p = ip->ip_p; iptmp.ip_src = ip->ip_src; iptmp.ip_dst = ip->ip_dst; ! iptmp.ip_len = ip->ip_len - (ip->ip_hl << 2); sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); ! udp->uh_sum = c_chksum((u_short *)udp, (u_int)iptmp.ip_len, sum); free_anipheader(); for (aip = aniphead, udp = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_UDP) --- 1769,1778 ---- iptmp.ip_p = ip->ip_p; iptmp.ip_src = ip->ip_src; iptmp.ip_dst = ip->ip_dst; ! iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2)); sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); ! udp->uh_ulen = htons(udp->uh_ulen); ! udp->uh_sum = c_chksum((u_short *)udp, (u_int)ntohs(iptmp.ip_len), sum); free_anipheader(); for (aip = aniphead, udp = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_UDP) *************** *** 1781,1790 **** iptmp.ip_p = ip->ip_p; iptmp.ip_src = ip->ip_src; iptmp.ip_dst = ip->ip_dst; ! iptmp.ip_len = ip->ip_len - (ip->ip_hl << 2); sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); tcp->th_sum = 0; ! tcp->th_sum = c_chksum((u_short *)tcp, (u_int)iptmp.ip_len, sum); free_anipheader(); for (aip = aniphead, tcp = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_TCP) --- 1790,1799 ---- iptmp.ip_p = ip->ip_p; iptmp.ip_src = ip->ip_src; iptmp.ip_dst = ip->ip_dst; ! iptmp.ip_len = htons(ip->ip_len - (ip->ip_hl << 2)); sum = p_chksum((u_short *)&iptmp, (u_int)sizeof(iptmp)); tcp->th_sum = 0; ! tcp->th_sum = c_chksum((u_short *)tcp, (u_int)ntohs(iptmp.ip_len), sum); free_anipheader(); for (aip = aniphead, tcp = NULL; aip; aip = aip->ah_next) if (aip->ah_p == IPPROTO_TCP) diff -cr ip_fil3.2.3/ipsend/ip.c ip_fil3.2.4/ipsend/ip.c *** ip_fil3.2.3/ipsend/ip.c Fri Nov 28 14:36:47 1997 --- ip_fil3.2.4/ipsend/ip.c Sun Dec 21 23:17:37 1997 *************** *** 7,13 **** */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C)1995"; ! static const char rcsid[] = "@(#)$Id: ip.c,v 2.0.2.11.2.2 1997/11/28 03:36:47 darrenr Exp $"; #endif #include #include --- 7,13 ---- */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C)1995"; ! static const char rcsid[] = "@(#)$Id: ip.c,v 2.0.2.11.2.3 1997/12/21 12:17:37 darrenr Exp $"; #endif #include #include *************** *** 117,123 **** last_gw.s_addr = gwip.s_addr; iplen = ip->ip_len; ip->ip_len = htons(iplen); - ip->ip_off = htons(ip->ip_off); if (!(frag & 2)) { if (!ip->ip_v) ip->ip_v = IPVERSION; --- 117,122 ---- *************** *** 260,266 **** i = sizeof(struct tcpiphdr) / sizeof(long); ! if ((ti->ti_flags == TH_SYN) && !ip->ip_off && (lbuf[i] != htonl(0x020405b4))) { lbuf[i] = htonl(0x020405b4); bcopy((char *)ip + hlen + thlen, (char *)ip + hlen + thlen + 4, --- 259,265 ---- i = sizeof(struct tcpiphdr) / sizeof(long); ! if ((ti->ti_flags == TH_SYN) && !ntohs(ip->ip_off) && (lbuf[i] != htonl(0x020405b4))) { lbuf[i] = htonl(0x020405b4); bcopy((char *)ip + hlen + thlen, (char *)ip + hlen + thlen + 4, diff -cr ip_fil3.2.3/ipsend/ip.c ip_fil3.2.4/ipsend/ip.cip_fil3.2.3/ipsend/iptests.c ip_fil3.2.4/ipsend/iptests.c *** ip_fil3.2.3/ipsend/iptests.c Fri Nov 28 14:37:10 1997 --- ip_fil3.2.4/ipsend/iptests.c Sun Dec 21 23:17:38 1997 *************** *** 7,13 **** */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C)1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: iptests.c,v 2.0.2.13.2.1 1997/11/28 03:37:10 darrenr Exp $"; #endif #include #include --- 7,13 ---- */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C)1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: iptests.c,v 2.0.2.13.2.2 1997/12/21 12:17:38 darrenr Exp $"; #endif #include #include *************** *** 98,114 **** ip->ip_p = IPPROTO_UDP; ip->ip_sum = 0; u = (udphdr_t *)(ip + 1); ! u->uh_sport = 1; ! u->uh_dport = 9; u->uh_sum = 0; ! u->uh_ulen = sizeof(*u) + 4; ! ip->ip_len = sizeof(*ip) + u->uh_ulen; len = ip->ip_len; nfd = initdevice(dev, u->uh_sport, 1); - u->uh_sport = htons(u->uh_sport); - u->uh_dport = htons(u->uh_dport); - u->uh_ulen = htons(u->uh_ulen); if (!ptest || (ptest == 1)) { /* * Part1: hl < len --- 98,111 ---- ip->ip_p = IPPROTO_UDP; ip->ip_sum = 0; u = (udphdr_t *)(ip + 1); ! u->uh_sport = htons(1); ! u->uh_dport = htons(9); u->uh_sum = 0; ! u->uh_ulen = htons(sizeof(*u) + 4); ! ip->ip_len = sizeof(*ip) + ntohs(u->uh_ulen); len = ip->ip_len; nfd = initdevice(dev, u->uh_sport, 1); if (!ptest || (ptest == 1)) { /* * Part1: hl < len *************** *** 115,121 **** */ ip->ip_id = 0; printf("1.1. sending packets with ip_hl < ip_len\n"); ! for (i = 0; i < ((sizeof(*ip) + u->uh_ulen) >> 2); i++) { ip->ip_hl = i >> 2; (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d\r", i); --- 112,118 ---- */ ip->ip_id = 0; printf("1.1. sending packets with ip_hl < ip_len\n"); ! for (i = 0; i < ((sizeof(*ip) + ntohs(u->uh_ulen)) >> 2); i++) { ip->ip_hl = i >> 2; (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d\r", i); *************** *** 131,137 **** */ ip->ip_id = 0; printf("1.2. sending packets with ip_hl > ip_len\n"); ! for (; i < ((sizeof(*ip) * 2 + u->uh_ulen) >> 2); i++) { ip->ip_hl = i >> 2; (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d\r", i); --- 128,134 ---- */ ip->ip_id = 0; printf("1.2. sending packets with ip_hl > ip_len\n"); ! for (; i < ((sizeof(*ip) * 2 + ntohs(u->uh_ulen)) >> 2); i++) { ip->ip_hl = i >> 2; (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d\r", i); *************** *** 181,190 **** ip->ip_id = 0; ip->ip_v = IPVERSION; i = ip->ip_len + 1; - ip->ip_len = htons(ip->ip_len); - ip->ip_off = htons(ip->ip_off); printf("1.5.0 ip_len < packet size (size++, long packets)\n"); ! for (; i < (ntohs(ip->ip_len) * 2); i++) { ip->ip_id = htons(id++); ip->ip_sum = 0; ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); --- 178,185 ---- ip->ip_id = 0; ip->ip_v = IPVERSION; i = ip->ip_len + 1; printf("1.5.0 ip_len < packet size (size++, long packets)\n"); ! for (; i < (ip->ip_len * 2); i++) { ip->ip_id = htons(id++); ip->ip_sum = 0; ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); *************** *** 197,203 **** printf("1.5.1 ip_len < packet size (ip_len-, short packets)\n"); for (i = len; i > 0; i--) { ip->ip_id = htons(id++); ! ip->ip_len = htons(i); ip->ip_sum = 0; ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); (void) send_ether(nfd, (char *)ip, len, gwip); --- 192,198 ---- printf("1.5.1 ip_len < packet size (ip_len-, short packets)\n"); for (i = len; i > 0; i--) { ip->ip_id = htons(id++); ! ip->ip_len = i; ip->ip_sum = 0; ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); (void) send_ether(nfd, (char *)ip, len, gwip); *************** *** 216,222 **** printf("1.6.0 ip_len > packet size (increase ip_len)\n"); for (i = len + 1; i < (len * 2); i++) { ip->ip_id = htons(id++); ! ip->ip_len = htons(i); ip->ip_sum = 0; ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); (void) send_ether(nfd, (char *)ip, len, gwip); --- 211,217 ---- printf("1.6.0 ip_len > packet size (increase ip_len)\n"); for (i = len + 1; i < (len * 2); i++) { ip->ip_id = htons(id++); ! ip->ip_len = i; ip->ip_sum = 0; ip->ip_sum = chksum((u_short *)ip, ip->ip_hl << 2); (void) send_ether(nfd, (char *)ip, len, gwip); *************** *** 225,231 **** PAUSE(); } putchar('\n'); ! ip->ip_len = htons(len); printf("1.6.1 ip_len > packet size (size--, short packets)\n"); for (i = len; i > 0; i--) { ip->ip_id = htons(id++); --- 220,226 ---- PAUSE(); } putchar('\n'); ! ip->ip_len = len; printf("1.6.1 ip_len > packet size (size--, short packets)\n"); for (i = len; i > 0; i--) { ip->ip_id = htons(id++); *************** *** 288,294 **** * about that here. */ ip->ip_p = IPPROTO_ICMP; ! ip->ip_off = IP_MF; u->uh_dport = htons(9); ip->ip_id = htons(id++); printf("1.8.1 63k packet + 1k fragment at offset 0x1ffe\n"); --- 283,289 ---- * about that here. */ ip->ip_p = IPPROTO_ICMP; ! ip->ip_off = htons(IP_MF); u->uh_dport = htons(9); ip->ip_id = htons(id++); printf("1.8.1 63k packet + 1k fragment at offset 0x1ffe\n"); *************** *** 299,305 **** ip->ip_len = MIN(768 + 20, mtu - 68); i = 512; for (; i < (63 * 1024 + 768); i += 768) { ! ip->ip_off = IP_MF | (i >> 3); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); fflush(stdout); --- 294,300 ---- ip->ip_len = MIN(768 + 20, mtu - 68); i = 512; for (; i < (63 * 1024 + 768); i += 768) { ! ip->ip_off = htons(IP_MF | (i >> 3)); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); fflush(stdout); *************** *** 306,312 **** PAUSE(); } ip->ip_len = 896 + 20; ! ip->ip_off = (i >> 3); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); putchar('\n'); --- 301,307 ---- PAUSE(); } ip->ip_len = 896 + 20; ! ip->ip_off = htons(i >> 3); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); putchar('\n'); *************** *** 319,325 **** * about that here. (Lossage here) */ ip->ip_p = IPPROTO_ICMP; ! ip->ip_off = IP_MF; u->uh_dport = htons(9); ip->ip_id = htons(id++); printf("1.8.2 63k packet + 1k fragment at offset 0x1ffe\n"); --- 314,320 ---- * about that here. (Lossage here) */ ip->ip_p = IPPROTO_ICMP; ! ip->ip_off = htons(IP_MF); u->uh_dport = htons(9); ip->ip_id = htons(id++); printf("1.8.2 63k packet + 1k fragment at offset 0x1ffe\n"); *************** *** 333,339 **** ip->ip_len = MIN(768 + 20, mtu - 68); i = 512; for (; i < (63 * 1024 + 768); i += 768) { ! ip->ip_off = IP_MF | (i >> 3); if ((rand() & 0x1f) != 0) { (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); --- 328,334 ---- ip->ip_len = MIN(768 + 20, mtu - 68); i = 512; for (; i < (63 * 1024 + 768); i += 768) { ! ip->ip_off = htons(IP_MF | (i >> 3)); if ((rand() & 0x1f) != 0) { (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); *************** *** 343,349 **** PAUSE(); } ip->ip_len = 896 + 20; ! ip->ip_off = (i >> 3); if ((rand() & 0x1f) != 0) { (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); --- 338,344 ---- PAUSE(); } ip->ip_len = 896 + 20; ! ip->ip_off = htons(i >> 3); if ((rand() & 0x1f) != 0) { (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); *************** *** 359,365 **** * about that here. */ ip->ip_p = IPPROTO_ICMP; ! ip->ip_off = IP_MF; u->uh_dport = htons(9); ip->ip_id = htons(id++); printf("1.8.3 33k packet\n"); --- 354,360 ---- * about that here. */ ip->ip_p = IPPROTO_ICMP; ! ip->ip_off = htons(IP_MF); u->uh_dport = htons(9); ip->ip_id = htons(id++); printf("1.8.3 33k packet\n"); *************** *** 370,376 **** ip->ip_len = MIN(768 + 20, mtu - 68); i = 512; for (; i < (32 * 1024 + 768); i += 768) { ! ip->ip_off = IP_MF | (i >> 3); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); fflush(stdout); --- 365,371 ---- ip->ip_len = MIN(768 + 20, mtu - 68); i = 512; for (; i < (32 * 1024 + 768); i += 768) { ! ip->ip_off = htons(IP_MF | (i >> 3)); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); fflush(stdout); *************** *** 377,383 **** PAUSE(); } ip->ip_len = 896 + 20; ! ip->ip_off = (i >> 3); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); putchar('\n'); --- 372,378 ---- PAUSE(); } ip->ip_len = 896 + 20; ! ip->ip_off = htons(i >> 3); (void) send_ip(nfd, mtu, ip, gwip, 1); printf("%d\r", i); putchar('\n'); *************** *** 391,397 **** * Part9: off & 0x8000 == 0x8000 */ ip->ip_id = 0; ! ip->ip_off = 0x8000; printf("1.9. ip_off & 0x8000 == 0x8000\n"); (void) send_ip(nfd, mtu, ip, gwip, 1); fflush(stdout); --- 386,392 ---- * Part9: off & 0x8000 == 0x8000 */ ip->ip_id = 0; ! ip->ip_off = htons(0x8000); printf("1.9. ip_off & 0x8000 == 0x8000\n"); (void) send_ip(nfd, mtu, ip, gwip, 1); fflush(stdout); *************** *** 440,446 **** u_char *s; s = (u_char *)(ip + 1); ! nfd = initdevice(dev, 1, 1); ip->ip_hl = 6; ip->ip_len = ip->ip_hl << 2; --- 435,441 ---- u_char *s; s = (u_char *)(ip + 1); ! nfd = initdevice(dev, htons(1), 1); ip->ip_hl = 6; ip->ip_len = ip->ip_hl << 2; *************** *** 539,545 **** ip->ip_sum = 0; ip->ip_len = sizeof(*ip) + sizeof(*icp); icp = (struct icmp *)((char *)ip + (ip->ip_hl << 2)); ! nfd = initdevice(dev, 1, 1); if (!ptest || (ptest == 1)) { /* --- 534,540 ---- ip->ip_sum = 0; ip->ip_len = sizeof(*ip) + sizeof(*icp); icp = (struct icmp *)((char *)ip + (ip->ip_hl << 2)); ! nfd = initdevice(dev, htons(1), 1); if (!ptest || (ptest == 1)) { /* *************** *** 731,739 **** ip->ip_p = IPPROTO_UDP; ip->ip_sum = 0; u = (udphdr_t *)((char *)ip + (ip->ip_hl << 2)); ! u->uh_sport = 1; ! u->uh_dport = 1; ! u->uh_ulen = sizeof(*u) + 4; nfd = initdevice(dev, u->uh_sport, 1); if (!ptest || (ptest == 1)) { --- 726,734 ---- ip->ip_p = IPPROTO_UDP; ip->ip_sum = 0; u = (udphdr_t *)((char *)ip + (ip->ip_hl << 2)); ! u->uh_sport = htons(1); ! u->uh_dport = htons(1); ! u->uh_ulen = htons(sizeof(*u) + 4); nfd = initdevice(dev, u->uh_sport, 1); if (!ptest || (ptest == 1)) { *************** *** 740,750 **** /* * Test 1. ulen > packet */ ! u->uh_ulen = sizeof(*u) + 4; ! ip->ip_len = (ip->ip_hl << 2) + u->uh_ulen; printf("4.1 UDP uh_ulen > packet size - short packets\n"); ! for (i = u->uh_ulen * 2; i > sizeof(*u) + 4; i--) { ! u->uh_ulen = i; (void) send_udp(nfd, 1500, ip, gwip); printf("%d\r", i); fflush(stdout); --- 735,745 ---- /* * Test 1. ulen > packet */ ! u->uh_ulen = htons(sizeof(*u) + 4); ! ip->ip_len = (ip->ip_hl << 2) + ntohs(u->uh_ulen); printf("4.1 UDP uh_ulen > packet size - short packets\n"); ! for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) { ! u->uh_ulen = htons(i); (void) send_udp(nfd, 1500, ip, gwip); printf("%d\r", i); fflush(stdout); *************** *** 757,766 **** /* * Test 2. ulen < packet */ ! u->uh_ulen = sizeof(*u) + 4; ! ip->ip_len = (ip->ip_hl << 2) + u->uh_ulen; printf("4.2 UDP uh_ulen < packet size - short packets\n"); ! for (i = u->uh_ulen * 2; i > sizeof(*u) + 4; i--) { ip->ip_len = i; (void) send_udp(nfd, 1500, ip, gwip); printf("%d\r", i); --- 752,761 ---- /* * Test 2. ulen < packet */ ! u->uh_ulen = htons(sizeof(*u) + 4); ! ip->ip_len = (ip->ip_hl << 2) + ntohs(u->uh_ulen); printf("4.2 UDP uh_ulen < packet size - short packets\n"); ! for (i = ntohs(u->uh_ulen) * 2; i > sizeof(*u) + 4; i--) { ip->ip_len = i; (void) send_udp(nfd, 1500, ip, gwip); printf("%d\r", i); *************** *** 776,782 **** * sport = 32768, sport = 65535 */ u->uh_ulen = sizeof(*u) + 4; ! ip->ip_len = (ip->ip_hl << 2) + u->uh_ulen; printf("4.3.1 UDP sport = 0\n"); u->uh_sport = 0; (void) send_udp(nfd, 1500, ip, gwip); --- 771,777 ---- * sport = 32768, sport = 65535 */ u->uh_ulen = sizeof(*u) + 4; ! ip->ip_len = (ip->ip_hl << 2) + ntohs(u->uh_ulen); printf("4.3.1 UDP sport = 0\n"); u->uh_sport = 0; (void) send_udp(nfd, 1500, ip, gwip); *************** *** 784,802 **** fflush(stdout); PAUSE(); printf("4.3.2 UDP sport = 1\n"); ! u->uh_sport = 1; (void) send_udp(nfd, 1500, ip, gwip); printf("1\n"); fflush(stdout); PAUSE(); printf("4.3.3 UDP sport = 32767\n"); ! u->uh_sport = 32767; (void) send_udp(nfd, 1500, ip, gwip); printf("32767\n"); fflush(stdout); PAUSE(); printf("4.3.4 UDP sport = 32768\n"); ! u->uh_sport = 32768; (void) send_udp(nfd, 1500, ip, gwip); printf("32768\n"); putchar('\n'); --- 779,797 ---- fflush(stdout); PAUSE(); printf("4.3.2 UDP sport = 1\n"); ! u->uh_sport = htons(1); (void) send_udp(nfd, 1500, ip, gwip); printf("1\n"); fflush(stdout); PAUSE(); printf("4.3.3 UDP sport = 32767\n"); ! u->uh_sport = htons(32767); (void) send_udp(nfd, 1500, ip, gwip); printf("32767\n"); fflush(stdout); PAUSE(); printf("4.3.4 UDP sport = 32768\n"); ! u->uh_sport = htons(32768); (void) send_udp(nfd, 1500, ip, gwip); printf("32768\n"); putchar('\n'); *************** *** 803,809 **** fflush(stdout); PAUSE(); printf("4.3.5 UDP sport = 65535\n"); ! u->uh_sport = 65535; (void) send_udp(nfd, 1500, ip, gwip); printf("65535\n"); fflush(stdout); --- 798,804 ---- fflush(stdout); PAUSE(); printf("4.3.5 UDP sport = 65535\n"); ! u->uh_sport = htons(65535); (void) send_udp(nfd, 1500, ip, gwip); printf("65535\n"); fflush(stdout); *************** *** 815,823 **** * Test 4: dport = 0, dport = 1, dport = 32767 * dport = 32768, dport = 65535 */ ! u->uh_ulen = sizeof(*u) + 4; ! u->uh_sport = 1; ! ip->ip_len = (ip->ip_hl << 2) + u->uh_ulen; printf("4.4.1 UDP dport = 0\n"); u->uh_dport = 0; (void) send_udp(nfd, 1500, ip, gwip); --- 810,818 ---- * Test 4: dport = 0, dport = 1, dport = 32767 * dport = 32768, dport = 65535 */ ! u->uh_ulen = ntohs(sizeof(*u) + 4); ! u->uh_sport = htons(1); ! ip->ip_len = (ip->ip_hl << 2) + ntohs(u->uh_ulen); printf("4.4.1 UDP dport = 0\n"); u->uh_dport = 0; (void) send_udp(nfd, 1500, ip, gwip); *************** *** 825,849 **** fflush(stdout); PAUSE(); printf("4.4.2 UDP dport = 1\n"); ! u->uh_dport = 1; (void) send_udp(nfd, 1500, ip, gwip); printf("1\n"); fflush(stdout); PAUSE(); printf("4.4.3 UDP dport = 32767\n"); ! u->uh_dport = 32767; (void) send_udp(nfd, 1500, ip, gwip); printf("32767\n"); fflush(stdout); PAUSE(); printf("4.4.4 UDP dport = 32768\n"); ! u->uh_dport = 32768; (void) send_udp(nfd, 1500, ip, gwip); printf("32768\n"); fflush(stdout); PAUSE(); printf("4.4.5 UDP dport = 65535\n"); ! u->uh_dport = 65535; (void) send_udp(nfd, 1500, ip, gwip); printf("65535\n"); fflush(stdout); --- 820,844 ---- fflush(stdout); PAUSE(); printf("4.4.2 UDP dport = 1\n"); ! u->uh_dport = htons(1); (void) send_udp(nfd, 1500, ip, gwip); printf("1\n"); fflush(stdout); PAUSE(); printf("4.4.3 UDP dport = 32767\n"); ! u->uh_dport = htons(32767); (void) send_udp(nfd, 1500, ip, gwip); printf("32767\n"); fflush(stdout); PAUSE(); printf("4.4.4 UDP dport = 32768\n"); ! u->uh_dport = htons(32768); (void) send_udp(nfd, 1500, ip, gwip); printf("32768\n"); fflush(stdout); PAUSE(); printf("4.4.5 UDP dport = 65535\n"); ! u->uh_dport = htons(65535); (void) send_udp(nfd, 1500, ip, gwip); printf("65535\n"); fflush(stdout); *************** *** 856,862 **** * sizeof(ip_t) */ printf("4.5 UDP 20 <= MTU <= 32\n"); ! for (i = sizeof(*ip); i <= u->uh_ulen; i++) { (void) send_udp(nfd, i, ip, gwip); printf("%d\r", i); fflush(stdout); --- 851,857 ---- * sizeof(ip_t) */ printf("4.5 UDP 20 <= MTU <= 32\n"); ! for (i = sizeof(*ip); i <= ntohs(u->uh_ulen); i++) { (void) send_udp(nfd, i, ip, gwip); printf("%d\r", i); fflush(stdout); *************** *** 885,896 **** t->th_x2 = 0; #endif t->th_off = 0; ! t->th_sport = 1; ! t->th_dport = 1; ! t->th_win = 4096; t->th_urp = 0; t->th_sum = 0; ! t->th_seq = 1; t->th_ack = 0; ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t); nfd = initdevice(dev, t->th_sport, 1); --- 880,891 ---- t->th_x2 = 0; #endif t->th_off = 0; ! t->th_sport = htons(1); ! t->th_dport = htons(1); ! t->th_win = htons(4096); t->th_urp = 0; t->th_sum = 0; ! t->th_seq = htonl(1); t->th_ack = 0; ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t); nfd = initdevice(dev, t->th_sport, 1); *************** *** 919,955 **** * seq = 0xa000000, seq = 0xffffffff */ printf("5.2.1 TCP seq = 0\n"); ! t->th_seq = 0; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.2 TCP seq = 1\n"); ! t->th_seq = 1; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.3 TCP seq = 0x7fffffff\n"); ! t->th_seq = 0x7fffffff; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.4 TCP seq = 0x80000000\n"); ! t->th_seq = 0x80000000; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.5 TCP seq = 0xc0000000\n"); ! t->th_seq = 0xc0000000; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.6 TCP seq = 0xffffffff\n"); ! t->th_seq = 0xffffffff; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); --- 914,950 ---- * seq = 0xa000000, seq = 0xffffffff */ printf("5.2.1 TCP seq = 0\n"); ! t->th_seq = htonl(0); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.2 TCP seq = 1\n"); ! t->th_seq = htonl(1); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.3 TCP seq = 0x7fffffff\n"); ! t->th_seq = htonl(0x7fffffff); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.4 TCP seq = 0x80000000\n"); ! t->th_seq = htonl(0x80000000); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.5 TCP seq = 0xc0000000\n"); ! t->th_seq = htonl(0xc0000000); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.2.6 TCP seq = 0xffffffff\n"); ! t->th_seq = htonl(0xffffffff); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); *************** *** 968,998 **** PAUSE(); printf("5.3.2 TCP ack = 1\n"); ! t->th_ack = 1; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.3 TCP ack = 0x7fffffff\n"); ! t->th_ack = 0x7fffffff; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.4 TCP ack = 0x80000000\n"); ! t->th_ack = 0x80000000; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.5 TCP ack = 0xc0000000\n"); ! t->th_ack = 0xc0000000; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.6 TCP ack = 0xffffffff\n"); ! t->th_ack = 0xffffffff; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); --- 963,993 ---- PAUSE(); printf("5.3.2 TCP ack = 1\n"); ! t->th_ack = htonl(1); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.3 TCP ack = 0x7fffffff\n"); ! t->th_ack = htonl(0x7fffffff); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.4 TCP ack = 0x80000000\n"); ! t->th_ack = htonl(0x80000000); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.5 TCP ack = 0xc0000000\n"); ! t->th_ack = htonl(0xc0000000); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.3.6 TCP ack = 0xffffffff\n"); ! t->th_ack = htonl(0xffffffff); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); *************** *** 1004,1022 **** * Test 4: win = 0, win = 32768, win = 65535 */ printf("5.4.1 TCP win = 0\n"); ! t->th_seq = 0; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.4.2 TCP win = 32768\n"); ! t->th_seq = 0x7fff; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.4.3 TCP win = 65535\n"); ! t->th_win = 0xffff; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); --- 999,1017 ---- * Test 4: win = 0, win = 32768, win = 65535 */ printf("5.4.1 TCP win = 0\n"); ! t->th_seq = htonl(0); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.4.2 TCP win = 32768\n"); ! t->th_seq = htonl(0x7fff); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.4.3 TCP win = 65535\n"); ! t->th_win = htons(0xffff); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); *************** *** 1061,1067 **** } KMCPY(&tcb, tcbp, sizeof(tcb)); ti.ti_win = tcb.rcv_adv; ! ti.ti_seq = tcb.snd_nxt - 1; ti.ti_ack = tcb.rcv_nxt; if (!ptest || (ptest == 5)) { --- 1056,1062 ---- } KMCPY(&tcb, tcbp, sizeof(tcb)); ti.ti_win = tcb.rcv_adv; ! ti.ti_seq = htonl(tcb.snd_nxt - 1); ti.ti_ack = tcb.rcv_nxt; if (!ptest || (ptest == 5)) { *************** *** 1075,1081 **** (void) send_tcp(nfd, mtu, ip, gwip); PAUSE(); ! t->th_seq = tcb.snd_nxt; ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t) + 1; t->th_urp = htons(0x7fff); (void) send_tcp(nfd, mtu, ip, gwip); --- 1070,1076 ---- (void) send_tcp(nfd, mtu, ip, gwip); PAUSE(); ! t->th_seq = htonl(tcb.snd_nxt); ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t) + 1; t->th_urp = htons(0x7fff); (void) send_tcp(nfd, mtu, ip, gwip); *************** *** 1086,1092 **** t->th_urp = htons(0xffff); (void) send_tcp(nfd, mtu, ip, gwip); PAUSE(); ! t->th_urp = htons(0); t->th_flags &= ~TH_URG; ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t); } --- 1081,1087 ---- t->th_urp = htons(0xffff); (void) send_tcp(nfd, mtu, ip, gwip); PAUSE(); ! t->th_urp = 0; t->th_flags &= ~TH_URG; ip->ip_len = sizeof(ip_t) + sizeof(tcphdr_t); } *************** *** 1112,1119 **** } skip_five_and_six: #endif ! t->th_seq = 1; ! t->th_ack = 1; t->th_off = 0; if (!ptest || (ptest == 7)) { --- 1107,1114 ---- } skip_five_and_six: #endif ! t->th_seq = htonl(1); ! t->th_ack = htonl(1); t->th_off = 0; if (!ptest || (ptest == 7)) { *************** *** 1129,1153 **** PAUSE(); printf("5.7.2 TCP sport = 1\n"); ! t->th_sport = 1; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.7.3 TCP sport = 32767\n"); ! t->th_sport = 32767; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.7.4 TCP sport = 32768\n"); ! t->th_sport = 32768; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.7.5 TCP sport = 65535\n"); ! t->th_sport = 65535; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); --- 1124,1148 ---- PAUSE(); printf("5.7.2 TCP sport = 1\n"); ! t->th_sport = htons(1); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.7.3 TCP sport = 32767\n"); ! t->th_sport = htons(32767); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.7.4 TCP sport = 32768\n"); ! t->th_sport = htons(32768); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.7.5 TCP sport = 65535\n"); ! t->th_sport = htons(65535); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); *************** *** 1154,1160 **** } if (!ptest || (ptest == 8)) { ! t->th_sport = 1; t->th_flags = TH_SYN; /* * Test 8: dport = 0, dport = 1, dport = 32767 --- 1149,1155 ---- } if (!ptest || (ptest == 8)) { ! t->th_sport = htons(1); t->th_flags = TH_SYN; /* * Test 8: dport = 0, dport = 1, dport = 32767 *************** *** 1167,1191 **** PAUSE(); printf("5.8.2 TCP dport = 1\n"); ! t->th_dport = 1; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.8.3 TCP dport = 32767\n"); ! t->th_dport = 32767; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.8.4 TCP dport = 32768\n"); ! t->th_dport = 32768; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.8.5 TCP dport = 65535\n"); ! t->th_dport = 65535; (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); --- 1162,1186 ---- PAUSE(); printf("5.8.2 TCP dport = 1\n"); ! t->th_dport = htons(1); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.8.3 TCP dport = 32767\n"); ! t->th_dport = htons(32767); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.8.4 TCP dport = 32768\n"); ! t->th_dport = htons(32768); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); printf("5.8.5 TCP dport = 65535\n"); ! t->th_dport = htons(65535); (void) send_tcp(nfd, mtu, ip, gwip); fflush(stdout); PAUSE(); *************** *** 1229,1242 **** ip->ip_p = IPPROTO_UDP; ip->ip_sum = 0; u = (udphdr_t *)(ip + 1); ! u->uh_sport = 1; ! u->uh_dport = 9; u->uh_sum = 0; nfd = initdevice(dev, u->uh_sport, 1); ! u->uh_sport = htons(u->uh_sport); ! u->uh_dport = htons(u->uh_dport); ! u->uh_ulen = 7168; printf("6. Exhaustive mbuf test.\n"); printf(" Send 7k packet in 768 & 128 byte fragments, 128 times.\n"); --- 1224,1235 ---- ip->ip_p = IPPROTO_UDP; ip->ip_sum = 0; u = (udphdr_t *)(ip + 1); ! u->uh_sport = htons(1); ! u->uh_dport = htons(9); u->uh_sum = 0; nfd = initdevice(dev, u->uh_sport, 1); ! u->uh_ulen = htons(7168); printf("6. Exhaustive mbuf test.\n"); printf(" Send 7k packet in 768 & 128 byte fragments, 128 times.\n"); *************** *** 1247,1253 **** */ ip->ip_len = sizeof(*ip) + 768 + sizeof(*u); ip->ip_hl = sizeof(*ip) >> 2; ! ip->ip_off = IP_MF; (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, 0); fflush(stdout); --- 1240,1246 ---- */ ip->ip_len = sizeof(*ip) + 768 + sizeof(*u); ip->ip_hl = sizeof(*ip) >> 2; ! ip->ip_off = htons(IP_MF); (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, 0); fflush(stdout); *************** *** 1256,1262 **** * And again using 128 byte chunks. */ ip->ip_len = sizeof(*ip) + 128 + sizeof(*u); ! ip->ip_off = IP_MF; (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, 0); fflush(stdout); --- 1249,1255 ---- * And again using 128 byte chunks. */ ip->ip_len = sizeof(*ip) + 128 + sizeof(*u); ! ip->ip_off = htons(IP_MF); (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, 0); fflush(stdout); *************** *** 1264,1270 **** for (j = 768; j < 3584; j += 768) { ip->ip_len = sizeof(*ip) + 768; ! ip->ip_off = IP_MF|(j>>3); (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, j); fflush(stdout); --- 1257,1263 ---- for (j = 768; j < 3584; j += 768) { ip->ip_len = sizeof(*ip) + 768; ! ip->ip_off = htons(IP_MF|(j>>3)); (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, j); fflush(stdout); *************** *** 1272,1278 **** ip->ip_len = sizeof(*ip) + 128; for (k = j - 768; k < j; k += 128) { ! ip->ip_off = IP_MF|(k>>3); (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, k); fflush(stdout); --- 1265,1271 ---- ip->ip_len = sizeof(*ip) + 128; for (k = j - 768; k < j; k += 128) { ! ip->ip_off = htons(IP_MF|(k>>3)); (void) send_ip(nfd, 1500, ip, gwip, 1); printf("%d %d\r", i, k); fflush(stdout); *************** *** 1326,1332 **** for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++) *s = (rand() >> 13) & 0xff; pip->ip_v = IPVERSION; ! pip->ip_off &= 0xc000; bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst, sizeof(struct in_addr)); pip->ip_sum = 0; --- 1319,1325 ---- for (s = (u_char *)pip, j = 0; j < sizeof(tbuf); j++, s++) *s = (rand() >> 13) & 0xff; pip->ip_v = IPVERSION; ! pip->ip_off &= htons(0xc000); bcopy((char *)&ip->ip_dst, (char *)&pip->ip_dst, sizeof(struct in_addr)); pip->ip_sum = 0; Only in ip_fil3.2.4/samples: ipfilter-pb.gif Common subdirectories: ip_fil3.2.3/test/expected and ip_fil3.2.4/test/expected Common subdirectories: ip_fil3.2.3/test/input and ip_fil3.2.4/test/input Common subdirectories: ip_fil3.2.3/test/regress and ip_fil3.2.4/test/regress diff -cr ip_fil3.2.3/test/regress/10 ip_fil3.2.4/test/regress/10 *** ip_fil3.2.3/test/regress/10 Sun Jan 12 19:48:57 1997 --- ip_fil3.2.4/test/regress/10 Sun Dec 28 12:30:01 1997 *************** *** 1,18 **** ! block in from any to any and not ipopts ! pass in from any to any and not opt sec-class topsecret ! block in from any to any and not opt ssrr,sec-class topsecret ! pass in from any to any and not opt ssrr,sec-class topsecret ! block in from any to any and not opt ts,sec-class topsecret ! pass in from any to any and not opt ts,sec-class topsecret ! block in from any to any and not opt sec-class secret ! pass in from any to any and not opt sec-class secret ! block in from any to any and not opt lsrr,ssrr ! pass in from any to any and not opt lsrr,ssrr ! pass in from any to any and not ipopts ! block in from any to any and not opt lsrr ! pass in from any to any and not opt lsrr ! block in from any to any and not opt ssrr,ts ! pass in from any to any and not opt ssrr,ts ! block in from any to any and not opt rr ! pass in from any to any and not opt rr ! block in from any to any and not opt sec-class topsecret --- 1,18 ---- ! block in from any to any with not ipopts ! pass in from any to any with not opt sec-class topsecret ! block in from any to any with not opt ssrr,sec-class topsecret ! pass in from any to any with not opt ssrr,sec-class topsecret ! block in from any to any with not opt ts,sec-class topsecret ! pass in from any to any with not opt ts,sec-class topsecret ! block in from any to any with not opt sec-class secret ! pass in from any to any with not opt sec-class secret ! block in from any to any with not opt lsrr,ssrr ! pass in from any to any with not opt lsrr,ssrr ! pass in from any to any with not ipopts ! block in from any to any with not opt lsrr ! pass in from any to any with not opt lsrr ! block in from any to any with not opt ssrr,ts ! pass in from any to any with not opt ssrr,ts ! block in from any to any with not opt rr ! pass in from any to any with not opt rr ! block in from any to any with not opt sec-class topsecret