diff -cr ip_fil3.3.13/HISTORY ip_fil3.3.14/HISTORY *** ip_fil3.3.13/HISTORY Wed Apr 26 02:21:51 2000 --- ip_fil3.3.14/HISTORY Wed May 10 08:41:02 2000 *************** *** 20,25 **** --- 20,33 ---- # and especially those who have found the time to port IP Filter to new # platforms. # + 3.3.14 10/05/2000 - Released + + Fix bug in dealing with "hlen == 1 and opt > 1" - Itojun + + ignore previous NAT mappings for 0/0 and 0/32 rules + + struct friostat got too big for SunOS4 + 3.3.13 26/04/2000 - Released Fix parsing of "range" with "portmap" diff -cr ip_fil3.3.13/SunOS5/pkginfo ip_fil3.3.14/SunOS5/pkginfo *** ip_fil3.3.13/SunOS5/pkginfo Sat Apr 15 14:43:18 2000 --- ip_fil3.3.14/SunOS5/pkginfo Wed May 10 08:40:25 2000 *************** *** 5,11 **** PKG=ipf NAME=IP Filter ARCH=sparc,i386 ! VERSION=3.3.13 CATEGORY=system DESC=This package contains tools for building a firewall VENDOR=Darren Reed --- 5,11 ---- PKG=ipf NAME=IP Filter ARCH=sparc,i386 ! VERSION=3.3.14 CATEGORY=system DESC=This package contains tools for building a firewall VENDOR=Darren Reed diff -cr ip_fil3.3.13/fil.c ip_fil3.3.14/fil.c *** ip_fil3.3.13/fil.c Wed Apr 26 02:21:09 2000 --- ip_fil3.3.14/fil.c Wed May 10 08:40:01 2000 *************** *** 7,13 **** */ #if !defined(lint) static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-1996 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: fil.c,v 2.3.2.18 2000/04/25 16:21:09 darrenr Exp $"; #endif #include --- 7,13 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-1996 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: fil.c,v 2.3.2.19 2000/05/09 22:40:01 darrenr Exp $"; #endif #include *************** *** 282,294 **** } ! for (s = (u_char *)(ip + 1), hlen -= (int)sizeof(*ip); hlen; ) { opt = *s; if (opt == '\0') break; ! ol = (opt == IPOPT_NOP) ? 1 : (int)*(s+1); ! if (opt > 1 && (ol < 2 || ol > hlen)) ! break; for (i = 9, mv = 4; mv >= 0; ) { op = ipopts + i; if (opt == (u_char)op->ol_val) { --- 282,300 ---- } ! for (s = (u_char *)(ip + 1), hlen -= (int)sizeof(*ip); hlen > 0; ) { opt = *s; if (opt == '\0') break; ! else if (opt == IPOPT_NOP) ! ol = 1; ! else { ! if (hlen < 2) ! break; ! ol = (int)*(s + 1); ! if (ol < 2 || ol > hlen) ! break; ! } for (i = 9, mv = 4; mv >= 0; ) { op = ipopts + i; if (opt == (u_char)op->ol_val) { *************** *** 1189,1195 **** * SUCH DAMAGE. * * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94 ! * $Id: fil.c,v 2.3.2.18 2000/04/25 16:21:09 darrenr Exp $ */ /* * Copy data from an mbuf chain starting "off" bytes from the beginning, --- 1195,1201 ---- * SUCH DAMAGE. * * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94 ! * $Id: fil.c,v 2.3.2.19 2000/05/09 22:40:01 darrenr Exp $ */ /* * Copy data from an mbuf chain starting "off" bytes from the beginning, diff -cr ip_fil3.3.13/ip_fil.h ip_fil3.3.14/ip_fil.h *** ip_fil3.3.13/ip_fil.h Wed Mar 8 22:43:30 2000 --- ip_fil3.3.14/ip_fil.h Sun May 7 11:49:04 2000 *************** *** 6,12 **** * to the original author and the contributors. * * @(#)ip_fil.h 1.35 6/5/96 ! * $Id: ip_fil.h,v 2.3.2.9 2000/03/08 11:43:30 darrenr Exp $ */ #ifndef __IP_FIL_H__ --- 6,12 ---- * to the original author and the contributors. * * @(#)ip_fil.h 1.35 6/5/96 ! * $Id: ip_fil.h,v 2.3.2.10 2000/05/07 01:49:04 darrenr Exp $ */ #ifndef __IP_FIL_H__ *************** *** 314,320 **** char f_running; /* 1 if running, else 0 */ char f_logging; /* 1 if enabled, else 0 */ #if !SOLARIS && defined(sun) ! char f_version[25]; /* version string */ #else char f_version[32]; /* version string */ #endif --- 314,320 ---- char f_running; /* 1 if running, else 0 */ char f_logging; /* 1 if enabled, else 0 */ #if !SOLARIS && defined(sun) ! char f_version[17]; /* version string */ #else char f_version[32]; /* version string */ #endif diff -cr ip_fil3.3.13/ip_nat.c ip_fil3.3.14/ip_nat.c *** ip_fil3.3.13/ip_nat.c Wed Apr 26 02:21:13 2000 --- ip_fil3.3.14/ip_nat.c Sun May 7 11:54:54 2000 *************** *** 9,15 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_nat.c 1.11 6/5/96 (C) 1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_nat.c,v 2.2.2.15 2000/04/25 16:21:13 darrenr Exp $"; #endif #if defined(__FreeBSD__) && defined(KERNEL) && !defined(_KERNEL) --- 9,15 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_nat.c 1.11 6/5/96 (C) 1995 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_nat.c,v 2.2.2.16 2000/05/07 01:54:54 darrenr Exp $"; #endif #if defined(__FreeBSD__) && defined(KERNEL) && !defined(_KERNEL) *************** *** 781,787 **** port += MAPBLK_MINPORT; port = htons(port); } ! } else if (!in.s_addr && (np->in_outmsk == 0xffffffff)) { /* * 0/32 - use the interface's IP address. --- 781,787 ---- port += MAPBLK_MINPORT; port = htons(port); } ! } else if (!np->in_nip && (np->in_outmsk == 0xffffffff)) { /* * 0/32 - use the interface's IP address. *************** *** 792,798 **** return NULL; } in.s_addr = ntohl(in.s_addr); ! } else if (!in.s_addr && !np->in_outmsk) { /* * 0/0 - use the original source address/port. */ --- 792,798 ---- return NULL; } in.s_addr = ntohl(in.s_addr); ! } else if (!np->in_nip && !np->in_outmsk) { /* * 0/0 - use the original source address/port. */ diff -cr ip_fil3.3.13/ipl.h ip_fil3.3.14/ipl.h *** ip_fil3.3.13/ipl.h Sat Apr 15 14:43:17 2000 --- ip_fil3.3.14/ipl.h Wed May 10 08:40:25 2000 *************** *** 11,16 **** #ifndef __IPL_H__ #define __IPL_H__ ! #define IPL_VERSION "IP Filter: v3.3.13" #endif --- 11,16 ---- #ifndef __IPL_H__ #define __IPL_H__ ! #define IPL_VERSION "IP Filter: v3.3.14" #endif