[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: patches to ip-filter 3.0.4 for NetBSD-1.2-ALPHA and native SunOS-4.1
From: woods () most ! weird ! com (Greg A ! Woods)
Date: 1996-06-08 18:01:28
[Download RAW message or body]
I have successfully integrated ip-filter v3.0.4 into an early snapshot
of NetBSD-1.2-ALPHA and I've successfully compiled it on SunOS-4.1.1_U1
with the attached changes.
I started out re-writing things in the NetBSD directory, then I decided
it was too much trouble to keep it straight for each architecture, so
I've gone overboard and put the new files in NetBSD-1.2-i386. I hope to
support NetBSD-1.2-sun* soon too.
Along with all of this I managed to get ip-filter to build and work both
with and without IPFILTER_LOG.
Some of these changes were necessary both to support sun3s running
SunOS-4.1.1_U1, and to support the native Sun compiler. I don't think
I've broken the SPARC compatability with them. I've not yet actually
installed and used ip-filter on my sun3, but hopefully in the very very
near future, and should soon be able to test on one or more sun4c &
sun4m platforms running 4.1.4 too.
My CVS ChangeLog, for what it's worth, is included with a diffs file in
the enclosed shar.
I forgot about the MAKDEV diffs in this patch. Originally I had thought
about changing MAKDEV.local like this:
*** /dev/MAKEDEV.local.ORIG Mon Apr 29 13:05:16 1996
--- /dev/MAKEDEV.local Thu Apr 25 09:09:24 1996
***************
*** 42,47 ****
--- 42,51 ----
do
case $i in
+ ipl)
+ mknod /dev/ipl c 49 0
+ ;;
+
*)
echo 'MAKEDEV.local: no such device.'
;;
but the more I think about it, the more I think there needs to be a
patch included for the standard /dev/MAKEDEV, and the ipl device needs
to be put in the "all" clause to ensure it isn't forgotten.
It would also be nice to include, for each platform, a patch for the
appropriate startup script and a default filter file such as the most
obvious:
pass in all
pass out all
Eg. for NetBSD's /etc/netstart:
*** /etc/netstart.ORIG Mon Apr 29 13:00:57 1996
--- /etc/netstart Thu Jun 6 18:12:26 1996
***************
*** 117,119 ****
--- 117,122 ----
done
)
fi
+
+ ipf -v -f /etc/ip-filter
This will essentially keep the system routing packets and working as if
there was no filter in the kernel. We found it to be rather critical
when you're doing development and testing away from the console! ;-)
If you are connected to the net, this shouldn't cause any concern as
it's no worse than it was without the filter, and if you're not net
connected, then obviously you are at the console and will be cleaning up
these rather open configurations.
For NetBSD if you're really going to use the machine as a gateway you'll
also have to "sysctl -w net.inet.ip.forwarding=1" somewhere in
/etc/netstart, though it's probably not a good idea to include this in
the sample patch above. I don't know what the most correct order to do
this in relation to the ipf call is, but it seems safe to do it before-
hand since no packets pass without enabling the filter anyway.
So, here they are. I hope to get a chance to poke at the new beta soon,
and will re-merge my changes with it as necessary.
To apply these diffs you need to use 'patch -p2' if you're in the top
directory of the ip-filter source tree.
#! /bin/sh
# This is a shell archive. Remove anything before this line, then unpack
# it by saving it into a file and typing "sh file". To overwrite existing
# files, type "sh file -c". You can also feed this as standard input via
# unshar, or by typing "sh <file", e.g.. If this archive is complete, you
# will see the following message at the end:
# "End of shell archive."
# Contents: ip-filter-local-3_0_4-v0.ChangeLog
# ip-filter-local-3_0_4-v0.diffs
# Wrapped by woods@most.weird.com on Thu Jun 6 17:47:22 1996
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
if test -f 'ip-filter-local-3_0_4-v0.ChangeLog' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'ip-filter-local-3_0_4-v0.ChangeLog'\"
else
echo shar: Extracting \"'ip-filter-local-3_0_4-v0.ChangeLog'\" \(2372 characters\)
sed "s/^X//" >'ip-filter-local-3_0_4-v0.ChangeLog' <<'END_OF_FILE'
XThu Jun 6 21:13:24 1996 Greg A. Woods <woods@planix.com>
X
X * ipmon.c, ip_fil.h, ip_fil.c:
X - SunOS defines IFNAMSIZ, but for struct ifreq (user-land ioctl()
X argument), so we must avoid triggering use of if_xname with it.
X
X * SunOS4/Makefile:
X - not all suns are sparcs!
X
X * Makefile, buildsunos:
X - make make work a little better [i.e. use $(MAKE)]
X - fixes to better support SunOS4
X
XTue May 28 13:58:06 1996 Greg A. Woods <woods@planix.com>
X
X * Makefile:
X - change default CFLAGS and DEBUG (no -O or -Wall) to be suitable for
X non-gcc compilers
X
X * BSD/Makefile:
X - fix command used to build vnode_if.h
X - comment out LKM
X - change default CFLAGS (no -O or -Wall)
X - change default BINDEST to /usr/sbin
X
X * test/Makefile:
X - add a "first" target to make sure results subdir is created
X
X * SunOS4/Makefile.ipsend:
X - don't require gcc as default compiler
X
X * SunOS4/Makefile:
X - pass DEBUG in MFLAGS
X - actually set LOGFAC
X - don't require gcc as default compiler
X
X * NetBSD-1.2-i386/kinstall:
X - un-tested rewrite of ../NetBSD/kinstall
X
X * empty-directories-to-create:
X - list of directories to create if using CVS (which won't keep empty
X directories). Could also add ./.keep-me files to each one....
X
X * ip_fil.h:
X - change struct ipl_ci to deal with NetBSD-1.2's new struct ifnet
X using an #ifdef IFNAMSIZ (XXX can probably eliminate bitfields?)
X
X * ipmon.c:
X - main() should exit() not return, but this one never will either
X - add an #ifdef IFNAMSIZ to deal with NetBSD-1.2's new struct ifnet
X and the resulting change to struct ipl_ci
X
X * ip_fil.c:
X - fix some # line indentation
X - add a missing #ifdef IPFILTER_LOG or so
X - add an #ifdef IFNAMSIZ to deal with NetBSD-1.2's new struct ifnet
X and the resulting change to struct ipl_ci
X
X * ipf.c:
X - extend some error messages (use strerror(), so may need a copy of
X this for portability to some systems), include <errno.h> for errno,
X and add argv0
X - fix main() to exit() not return
X - wrap big while statement in {}'s
X
X * SunOS4/.cvsignore, BSD/.cvsignore:
X - first time in
X
X * NetBSD-1.2-i386/ip_output.c-PATCH, NetBSD-1.2-i386/ip_input.c-PATCH, \
NetBSD-1.2-i386/in_proto.c-PATCH, NetBSD-1.2-i386/files.oldconf-PATCH, \
NetBSD-1.2-i386/files-PATCH, NetBSD-1.2-i386/conf.c-PATCH: X - actually against \
1.2-ALPHA (960527) including fixes to work without IPFILTER_LOG X
X * NetBSD/kinstall:
X - re-write as /bin/sh
X
END_OF_FILE
if test 2372 -ne `wc -c <'ip-filter-local-3_0_4-v0.ChangeLog'`; then
echo shar: \"'ip-filter-local-3_0_4-v0.ChangeLog'\" unpacked with wrong size!
fi
# end of 'ip-filter-local-3_0_4-v0.ChangeLog'
fi
if test -f 'ip-filter-local-3_0_4-v0.diffs' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'ip-filter-local-3_0_4-v0.diffs'\"
else
echo shar: Extracting \"'ip-filter-local-3_0_4-v0.diffs'\" \(32261 characters\)
sed "s/^X//" >'ip-filter-local-3_0_4-v0.diffs' <<'END_OF_FILE'
XIndex: misc/ip-filter/Makefile
Xdiff -c misc/ip-filter/Makefile:1.1.1.1 misc/ip-filter/Makefile:1.3
X*** misc/ip-filter/Makefile:1.1.1.1 Wed Apr 24 09:42:30 1996
X--- misc/ip-filter/Makefile Thu Jun 6 17:06:03 1996
X***************
X*** 11,18 ****
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X CC=gcc
X! DEBUG=-g
X! CFLAGS=-I..
X #
X # To enable this to work as a Loadable Kernel Module...
X # (currently doesn't work as anything else...)
X--- 11,18 ----
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X CC=gcc
X! DEBUG=-g -O
X! CFLAGS=-Wall -I..
X #
X # To enable this to work as a Loadable Kernel Module...
X # (currently doesn't work as anything else...)
X***************
X*** 56,90 ****
X @echo ""
X
X tests:
X! (cd test; make )
X
X sunos solaris:
X! ./buildsunos
X
X sunos4 solaris1:
X! (cd SunOS4; make build $(MFLAGS); cd ..)
X! (cd SunOS4; make -f Makefile.ipsend $(MFLAGS); cd ..)
X
X sunos5 solaris2:
X! (cd SunOS5; make build $(MFLAGS) "CPU=-Dsparc"; cd ..)
X! (cd SunOS5; make -f Makefile.ipsend $(MFLAGS); cd ..)
X
X sunos5x86 solaris2x86:
X! (cd SunOS5; make build $(MFLAGS) "CPU=-Di86 -Di386"; cd ..)
X! (cd SunOS5; make -f Makefile.ipsend $(MFLAGS); cd ..)
X
X bsd netbsd freebsd bsdi bsdos:
X! (cd BSD; make build $(MFLAGS); cd ..)
X! (cd BSD; make -f Makefile.ipsend $(MFLAGS); cd ..)
X
X clean:
X ${RM} -f core *.o ipt fils ipf ipfstat ipftest ipmon if_ipl \
X vnode_if.h $(LKM)
X! (cd SunOS4; make clean)
X! (cd SunOS5; make clean)
X! (cd BSD; make clean)
X! (cd test; make clean)
X! (cd ipsend; make clean)
X
X get:
X -@for i in ipf.c ipt.h solaris.c ipf.h kmem.c ipft_ef.c linux.h \
X--- 56,90 ----
X @echo ""
X
X tests:
X! (cd test; $(MAKE) )
X
X sunos solaris:
X! ./buildsunos $(MFLAGS)
X
X sunos4 solaris1:
X! (cd SunOS4; $(MAKE) build $(MFLAGS); cd ..)
X! (cd SunOS4; $(MAKE) -f Makefile.ipsend $(MFLAGS); cd ..)
X
X sunos5 solaris2:
X! (cd SunOS5; $(MAKE) build $(MFLAGS) "CPU=-Dsparc"; cd ..)
X! (cd SunOS5; $(MAKE) -f Makefile.ipsend $(MFLAGS); cd ..)
X
X sunos5x86 solaris2x86:
X! (cd SunOS5; $(MAKE) build $(MFLAGS) "CPU=-Di86 -Di386"; cd ..)
X! (cd SunOS5; $(MAKE) -f Makefile.ipsend $(MFLAGS); cd ..)
X
X bsd netbsd freebsd bsdi bsdos:
X! (cd BSD; $(MAKE) build $(MFLAGS); cd ..)
X! (cd BSD; $(MAKE) -f Makefile.ipsend $(MFLAGS); cd ..)
X
X clean:
X ${RM} -f core *.o ipt fils ipf ipfstat ipftest ipmon if_ipl \
X vnode_if.h $(LKM)
X! (cd SunOS4; $(MAKE) clean)
X! (cd SunOS5; $(MAKE) clean)
X! (cd BSD; $(MAKE) clean)
X! (cd test; $(MAKE) clean)
X! (cd ipsend; $(MAKE) clean)
X
X get:
X -@for i in ipf.c ipt.h solaris.c ipf.h kmem.c ipft_ef.c linux.h \
X***************
X*** 100,113 ****
X done
X
X install-bsd:
X! (cd BSD; make install)
X install-SunOS4:
X! (cd SunOS4; make install)
X install-SunOS5:
X! (cd SunOS5; make install)
X install: all ip_fil.h
X -$(CP) ip_fil.h /usr/include/netinet/ip_fil.h
X -$(CHMOD) 444 /usr/include/netinet/ip_fil.h
X -$(INSTALL) -cs -g wheel -m 755 -o root ipfstat ipf $(SBINDEST)
X -$(INSTALL) -cs -g wheel -m 755 -o root ipmon ipftest $(BINDEST)
X! (cd man; make INSTALL=$(INSTALL) MANDIR=$(MANDIR) install; cd ..)
X--- 100,115 ----
X done
X
X install-bsd:
X! (cd BSD; $(MAKE) install)
X install-SunOS4:
X! (cd SunOS4; $(MAKE) install)
X install-SunOS5:
X! (cd SunOS5; $(MAKE) install)
X!
X! # XXX FIXME: bogus to depend on all!
X install: all ip_fil.h
X -$(CP) ip_fil.h /usr/include/netinet/ip_fil.h
X -$(CHMOD) 444 /usr/include/netinet/ip_fil.h
X -$(INSTALL) -cs -g wheel -m 755 -o root ipfstat ipf $(SBINDEST)
X -$(INSTALL) -cs -g wheel -m 755 -o root ipmon ipftest $(BINDEST)
X! (cd man; $(MAKE) INSTALL=$(INSTALL) MANDIR=$(MANDIR) install; cd ..)
XIndex: misc/ip-filter/buildsunos
Xdiff -c misc/ip-filter/buildsunos:1.1.1.1 misc/ip-filter/buildsunos:1.2
X*** misc/ip-filter/buildsunos:1.1.1.1 Wed Apr 24 09:42:29 1996
X--- misc/ip-filter/buildsunos Thu Jun 6 17:05:43 1996
X***************
X*** 1,7 ****
X! #!/bin/sh
X rev=`uname -r | sed -e 's/^\([^\.]*\)\..*/\1/'`
X cpu=`uname -m`
X if [ $cpu = i86pc ] ; then
X! make sunos5x86
X fi
X! make sunos$rev
X--- 1,8 ----
X! #! /bin/sh
X! :
X rev=`uname -r | sed -e 's/^\([^\.]*\)\..*/\1/'`
X cpu=`uname -m`
X if [ $cpu = i86pc ] ; then
X! make ${1+"$@"} sunos5x86
X fi
X! make ${1+"$@"} sunos$rev
XIndex: misc/ip-filter/empty-directories-to-create
Xdiff -c /dev/null misc/ip-filter/empty-directories-to-create:1.1
X*** /dev/null Thu Jun 6 17:45:17 1996
X--- misc/ip-filter/empty-directories-to-create Tue May 28 09:46:54 1996
X***************
X*** 0 ****
X--- 1,19 ----
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf/bin
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf/man
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf/man/man1
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf/man/man1m
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf/man/man4
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf/man/man5
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/opt/CYBSipf/man/man8
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/usr
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/usr/kernel
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/usr/kernel/drv
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/usr/include
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/usr/include/netinet
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/sbin
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/etc
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/etc/init.d
X+ mkdir /local/src-CVS/misc/ip-filter/SunOS5/root/etc/rcS.d
XIndex: misc/ip-filter/ip_fil.c
Xdiff -c misc/ip-filter/ip_fil.c:1.1.1.1 misc/ip-filter/ip_fil.c:1.3
X*** misc/ip-filter/ip_fil.c:1.1.1.1 Wed Apr 24 09:42:27 1996
X--- misc/ip-filter/ip_fil.c Thu Jun 6 17:13:20 1996
X***************
X*** 63,69 ****
X int send_reset();
X
X #ifdef IPFILTER_LOG
X! #define LOGSIZE 8192
X int ipllog();
X static char iplbuf[LOGSIZE];
X static caddr_t iplh = iplbuf, iplt = iplbuf;
X--- 63,69 ----
X int send_reset();
X
X #ifdef IPFILTER_LOG
X! # define LOGSIZE 8192
X int ipllog();
X static char iplbuf[LOGSIZE];
X static caddr_t iplh = iplbuf, iplt = iplbuf;
X***************
X*** 75,91 ****
X static int (*fr_savep)();
X
X #if _BSDI_VERSION >= 199510
X! #include <sys/device.h>
X! #include <sys/conf.h>
X
X int iplioctl __P((dev_t, int, caddr_t, int, struct proc *));
X int iplopen __P((dev_t, int, int, struct proc *));
X int iplclose __P((dev_t, int, int, struct proc *));
X! #ifdef IPFILTER_LOG
X int iplread __P((dev_t, struct uio *, int));
X! #else
X! #define iplread noread
X! #endif
X int iplioctl __P((dev_t, int, caddr_t, int, struct proc *));
X
X struct cfdriver iplcd = {
X--- 75,91 ----
X static int (*fr_savep)();
X
X #if _BSDI_VERSION >= 199510
X! # include <sys/device.h>
X! # include <sys/conf.h>
X
X int iplioctl __P((dev_t, int, caddr_t, int, struct proc *));
X int iplopen __P((dev_t, int, int, struct proc *));
X int iplclose __P((dev_t, int, int, struct proc *));
X! # ifdef IPFILTER_LOG
X int iplread __P((dev_t, struct uio *, int));
X! # else
X! # define iplread noread
X! # endif
X int iplioctl __P((dev_t, int, caddr_t, int, struct proc *));
X
X struct cfdriver iplcd = {
X***************
X*** 98,104 ****
X nostrat, nodump, nopsize, 0,
X nostop
X };
X! #endif
X
X #ifdef IPFILTER_LKM
X int iplidentify(s)
X--- 98,104 ----
X nostrat, nodump, nopsize, 0,
X nostop
X };
X! #endif /* _BSDI_VERSION >= 199510 */
X
X #ifdef IPFILTER_LKM
X int iplidentify(s)
X***************
X*** 244,250 ****
X--- 244,252 ----
X SPLNET(s);
X switch (cmd) {
X case FIONREAD :
X+ #ifdef IPFILTER_LOG
X *(int *)data = iplused;
X+ #endif
X break;
X #ifndef IPFILTER_LKM
X case SIOCFRENB :
X***************
X*** 554,564 ****
X--- 556,571 ----
X iplci.hlen = (u_char)hlen;
X iplci.plen = (flags & FR_LOGBODY) ? (u_char)mlen : 0 ;
X iplci.rule = fin->fin_rule;
X+ # if defined(IFNAMSIZ) && !defined(sun)
X+ strcpy(iplci.ifname, ifp->if_xname);
X+ # else
X+ /* XXX FIXME: SunOS4 uses IFNAMSIZ too, at least fo struct ifreq */
X iplci.unit = (u_char)ifp->if_unit;
X iplci.ifname[0] = ifp->if_name[0];
X iplci.ifname[1] = ifp->if_name[1];
X iplci.ifname[2] = ifp->if_name[2];
X iplci.ifname[3] = ifp->if_name[3];
X+ # endif
X
X if (iplh == iplbuf + LOGSIZE)
X iplh = iplbuf;
XIndex: misc/ip-filter/ip_fil.h
Xdiff -c misc/ip-filter/ip_fil.h:1.1.1.1 misc/ip-filter/ip_fil.h:1.3
X*** misc/ip-filter/ip_fil.h:1.1.1.1 Wed Apr 24 09:42:29 1996
X--- misc/ip-filter/ip_fil.h Thu Jun 6 17:13:23 1996
X***************
X*** 232,240 ****
X u_char hlen;
X u_char plen;
X u_short rule;
X! u_long flags:24;
X u_long unit:8;
X u_char ifname[4];
X } ipl_ci_t;
X
X
X--- 232,245 ----
X u_char hlen;
X u_char plen;
X u_short rule;
X! u_long flags:24; /* XXX FIXME do we care about the extra bytes? */
X! #if defined(IFNAMSIZ) && !defined(sun)
X! u_long filler:8; /* XXX FIXME do we care? */
X! u_char ifname[IFNAMSIZ];
X! #else
X u_long unit:8;
X u_char ifname[4];
X+ #endif
X } ipl_ci_t;
X
X
XIndex: misc/ip-filter/ipf.c
Xdiff -c misc/ip-filter/ipf.c:1.1.1.1 misc/ip-filter/ipf.c:1.2
X*** misc/ip-filter/ipf.c:1.1.1.1 Wed Apr 24 09:42:23 1996
X--- misc/ip-filter/ipf.c Tue May 28 09:38:45 1996
X***************
X*** 9,14 ****
X--- 9,15 ----
X #include <unistd.h>
X #include <string.h>
X #include <fcntl.h>
X+ #include <errno.h>
X #if !defined(__SVR4) && !defined(__GNUC__)
X #include <strings.h>
X #endif
X***************
X*** 44,52 ****
X--- 45,55 ----
X
X extern char *optarg;
X
X+ char *argv0 = "ipf";
X int opts = 0;
X
X static int fd = -1;
X+
X static void procfile(), flushfilter(), set_state();
X static void packetlogon(), swapactive();
X
X***************
X*** 56,67 ****
X {
X char c;
X
X! if ((fd = open(IPL_NAME, O_RDONLY)) == -1)
X! perror("open device");
X
X! while ((c = getopt(argc, argv, "AsInovdryf:F:l:EDZ")) != -1)
X! switch (c)
X! {
X case 'E' :
X set_state(1);
X break;
X--- 59,73 ----
X {
X char c;
X
X! argv0 = (argv0 = strrchr(argv[0], '/')) ? argv0 + 1 : argv[0];
X
X! if ((fd = open(IPL_NAME, O_RDONLY)) == -1) {
X! /* XXX not an error, to allow checking? */
X! fprintf(stderr, "%s: open(%s) failed: %s", argv0, IPL_NAME, strerror(errno));
X! }
X!
X! while ((c = getopt(argc, argv, "AsInovdryf:F:l:EDZ")) != -1) {
X! switch (c) {
X case 'E' :
X set_state(1);
X break;
X***************
X*** 110,119 ****
X zerostats();
X break;
X }
X
X if (fd != -1)
X (void) close(fd);
X! return 0;
X }
X
X static void set_state(enable)
X--- 116,128 ----
X zerostats();
X break;
X }
X+ }
X
X if (fd != -1)
X (void) close(fd);
X!
X! exit(0);
X! /* NOTREACHED */
X }
X
X static void set_state(enable)
X***************
X*** 144,151 ****
X if (!strcmp(file, "-"))
X fp = stdin;
X else if (!(fp = fopen(file, "r"))) {
X! perror("fopen");
X! exit(1);;
X }
X
X while (fgets(line, sizeof(line)-1, fp)) {
X--- 153,160 ----
X if (!strcmp(file, "-"))
X fp = stdin;
X else if (!(fp = fopen(file, "r"))) {
X! fprintf(stderr, "%s: fopen(%s) failed: %s", argv0, file, strerror(errno));
X! exit(1);
X }
X
X while (fgets(line, sizeof(line)-1, fp)) {
XIndex: misc/ip-filter/ipmon.c
Xdiff -c misc/ip-filter/ipmon.c:1.1.1.1 misc/ip-filter/ipmon.c:1.3
X*** misc/ip-filter/ipmon.c:1.1.1.1 Wed Apr 24 09:42:24 1996
X--- misc/ip-filter/ipmon.c Thu Jun 6 17:13:24 1996
X***************
X*** 150,158 ****
X tm->tm_mday, tm->tm_mon + 1, tm->tm_year + 1900);
X t += strlen(t);
X }
X! (void) sprintf(t, "%02d:%02d:%02d.%-.6ld %c%c%ld @%hd ",
X tm->tm_hour, tm->tm_min, tm->tm_sec, lp->usec,
X! lp->ifname[0], lp->ifname[1], lp->unit, lp->rule);
X pr = getprotobynumber((int)p);
X if (!pr) {
X proto = pname;
X--- 150,165 ----
X tm->tm_mday, tm->tm_mon + 1, tm->tm_year + 1900);
X t += strlen(t);
X }
X! #if defined(IFNAMSIZ) && !defined(sun)
X! (void) sprintf(t, "%02d:%02d:%02d.%-.6ld %s @%hd ",
X tm->tm_hour, tm->tm_min, tm->tm_sec, lp->usec,
X! lp->ifname, lp->rule);
X! #else
X! (void) sprintf(t, "%02d:%02d:%02d.%-.6ld %c%c%c%c%ld @%hd ",
X! tm->tm_hour, tm->tm_min, tm->tm_sec, lp->usec,
X! lp->ifname[0], lp->ifname[1], ip->ifname[2], ip->ifname[3],
X! lp->unit, lp->rule);
X! #endif
X pr = getprotobynumber((int)p);
X if (!pr) {
X proto = pname;
X***************
X*** 282,290 ****
X dumphex(log, ip, lp);
X }
X
X! int main(argc, argv)
X! int argc;
X! char *argv[];
X {
X FILE *log;
X int fd, flushed = 0, opts = 0;
X--- 289,298 ----
X dumphex(log, ip, lp);
X }
X
X! int
X! main(argc, argv)
X! int argc;
X! char *argv[];
X {
X FILE *log;
X int fd, flushed = 0, opts = 0;
X***************
X*** 336,340 ****
X (iplci.hlen + iplci.plen));
X printpacket(log, buf, &iplci, opts);
X }
X! return 0;
X }
X--- 344,350 ----
X (iplci.hlen + iplci.plen));
X printpacket(log, buf, &iplci, opts);
X }
X! /* NOTREACHED */
X! exit(0);
X! /* NOTREACHED */
X }
XIndex: misc/ip-filter/BSD/.cvsignore
Xdiff -c /dev/null misc/ip-filter/BSD/.cvsignore:1.1
X*** /dev/null Thu Jun 6 17:45:26 1996
X--- misc/ip-filter/BSD/.cvsignore Tue May 28 09:28:28 1996
X***************
X*** 0 ****
X--- 1,8 ----
X+ ipf
X+ ipfstat
X+ ipftest
X+ ipmon
X+ ipnat
X+ ipresend
X+ ipsend
X+ iptest
XIndex: misc/ip-filter/BSD/Makefile
Xdiff -c misc/ip-filter/BSD/Makefile:1.1.1.1 misc/ip-filter/BSD/Makefile:1.2
X*** misc/ip-filter/BSD/Makefile:1.1.1.1 Wed Apr 24 09:42:55 1996
X--- misc/ip-filter/BSD/Makefile Tue May 28 09:57:07 1996
X***************
X*** 7,17 ****
X #
X # where to put things.
X #
X! BINDEST=/usr/local/bin
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X CC=cc
X! CFLAGS=-g -I..
X #
X # For NetBSD/FreeBSD
X #
X--- 7,17 ----
X #
X # where to put things.
X #
X! BINDEST=/usr/sbin
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X CC=cc
X! CFLAGS=-g -O -Wall -I..
X #
X # For NetBSD/FreeBSD
X #
X***************
X*** 23,29 ****
X MLD=$(ML) vnode_if.h
X ML=mln_ipl.c
X IPFILC=ip_fil.c
X! LKM=if_ipl.o
X IPL=-DIPL_NAME=\"/dev/ipl\"
X #
X ########## ########## ########## ########## ########## ########## ##########
X--- 23,29 ----
X MLD=$(ML) vnode_if.h
X ML=mln_ipl.c
X IPFILC=ip_fil.c
X! #LKM=if_ipl.o
X IPL=-DIPL_NAME=\"/dev/ipl\"
X #
X ########## ########## ########## ########## ########## ########## ##########
X***************
X*** 128,134 ****
X $(CC) $(DEBUG) $(CFLAGS) $(DFLAGS) -c ../$(IPFILC) -o $@
X
X vnode_if.h: $(VNODESHDIR)/vnode_if.sh $(VNODESHDIR)/vnode_if.src
X! sh $(VNODESHDIR)/vnode_if.sh $(VNODESHDIR)/vnode_if.src
X
X ml_ipl.o: ../$(MLD) ../ipl.h
X -/bin/rm -f vnode_if.c
X--- 128,134 ----
X $(CC) $(DEBUG) $(CFLAGS) $(DFLAGS) -c ../$(IPFILC) -o $@
X
X vnode_if.h: $(VNODESHDIR)/vnode_if.sh $(VNODESHDIR)/vnode_if.src
X! cd $(VNODESHDIR) && sh ./vnode_if.sh $(VNODESHDIR)/vnode_if.src
X
X ml_ipl.o: ../$(MLD) ../ipl.h
X -/bin/rm -f vnode_if.c
XIndex: misc/ip-filter/NetBSD/kinstall
Xdiff -c misc/ip-filter/NetBSD/kinstall:1.1.1.1 misc/ip-filter/NetBSD/kinstall:1.2
X*** misc/ip-filter/NetBSD/kinstall:1.1.1.1 Wed Apr 24 09:42:39 1996
X--- misc/ip-filter/NetBSD/kinstall Mon May 27 23:01:24 1996
X***************
X*** 1,61 ****
X! #!/bin/csh -f
X #
X! set dir=`pwd`
X! set karch=`uname -m`
X! set archdir="/sys/arch/$karch"
X! set confdir="$archdir/conf"
X
X! if ( $dir =~ */NetBSD ) cd ..
X! if ($0 =~ *kinstall) then
X echo -n "Installing "
X! foreach i (ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] \
X! fil.c ip_compat.h)
X echo -n "$i "
X cp $i /sys/netinet/
X chmod 644 /sys/netinet/$i
X! end
X! echo "Patching $archdir/$karch/conf.c"
X! cat conf.c.diffs | (cd $archdir/$karch; patch)
X! endif
X! echo "Patching ip_input.c, ip_output.c and in_proto.c"
X! cat NetBSD/ip_{in,out}put.c.diffs NetBSD/in_proto.c.diffs | \
X! (cd /sys/netinet; patch)
X
X! if ( -f /sys/conf/files.newconf ) then
X! echo "Patching /sys/conf/files.newconf"
X cat NetBSD/files.newconf.diffs | (cd /sys/conf; patch)
X! echo "Patching /sys/conf/files"
X cat NetBSD/files.diffs | (cd /sys/conf; patch)
X! endif
X! if ( -f /sys/conf/files.oldconf ) then
X! echo "Patching /sys/conf/files.oldconf"
X cat NetBSD/files.oldconf.diffs | (cd /sys/conf; patch)
X! echo "Patching /sys/conf/files"
X cat NetBSD/filez.diffs | (cd /sys/conf; patch)
X endif
X
X! set config=`/bin/ls -1t $confdir [0-9A-Z_]* | head -1`
X
X! echo -n "Kernel configuration to update [$config] "
X! set newconfig=$<
X! if ( "$newconfig" != "" ) then
X! set config="$confdir/$newconfig"
X else
X! set newconfig=$config
X! endif
X! echo "Re-config'ing $newconfig..."
X! if ( -f $confdir/$newconfig ) then
X! mv $confdir/$newconfig $confdir/$newconfig.bak
X! endif
X! if ( -d $archdir/$newconfig ) then
X! mv $archdir/$newconfig $archdir/$newconfig.bak
X! endif
X! if ($0 =~ *kinstall) then
X! awk '{print $0;if($2=="INET"){print"options IPFILTER"}}}' \
X! $confdir/$newconfig.bak > $confdir/$newconfig
X else
X! awk '{print $0;if($2=="INET"){print"options IPFILTER_LKM"}}' \
X! $confdir/$newconfig.bak > $confdir/$newconfig
X! endif
X! echo 'You will now need to run "config" and build a new kernel.'
X exit 0
X--- 1,82 ----
X! #! /bin/sh
X #
X! # kinstall/minstall - install patches to kernel sources
X! #
X! # WARNING: This script should be run exactly once on a virgin system
X! #
X! PATH=/sbin:/usr/sbin:/bin:/usr/bin; export PATH
X
X! # try to bomb out fast if anything fails....
X! set -e
X!
X! argv0=`basename $0`
X! dir=`pwd`
X! karch=`uname -m`
X! archdir="/sys/arch/$karch"
X! confdir="$archdir/conf"
X!
X! case "$dir" in
X! */NetBSD )
X! cd ..
X! ;;
X! esac
X!
X! if [ "$argv0" = "kinstall" ]; then
X echo -n "Installing "
X! for i in ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] fil.c ip_compat.h ; \
do X echo -n "$i "
X cp $i /sys/netinet/
X chmod 644 /sys/netinet/$i
X! done
X! echo "Patching $archdir/$karch/$karch/conf.c"
X! cat conf.c.diffs | (cd $archdir/$karch/$karch; patch)
X! fi
X
X! echo "Patching ip_input.c, ip_output.c and in_proto.c ..."
X! cat NetBSD/i*.c.diffs | (cd /sys/netinet; patch)
X!
X! if [ -f /sys/conf/files.newconf ]; then
X! echo "Patching /sys/conf/files.newconf ..."
X cat NetBSD/files.newconf.diffs | (cd /sys/conf; patch)
X! echo "Patching /sys/conf/files ..."
X cat NetBSD/files.diffs | (cd /sys/conf; patch)
X! fi
X! if [ -f /sys/conf/files.oldconf ]; then
X! echo "Patching /sys/conf/files.oldconf ..."
X cat NetBSD/files.oldconf.diffs | (cd /sys/conf; patch)
X! echo "Patching /sys/conf/files ..."
X cat NetBSD/filez.diffs | (cd /sys/conf; patch)
X endif
X
X! echo -n "Kernel configuration to update [GENERIC] "
X! read newconfig junk
X
X! if [ -n "$newconfig" ] ; then
X! config="$confdir/$newconfig"
X else
X! newconfig="$confdir/GENERIC"
X! fi
X!
X! if grep IPFILTER $confdir/$newconfig > /dev/null 2>&1 ; then
X! echo "$newconfig already contains proper options statement..."
X! echo 'You will now need to build a new kernel.'
X else
X! echo "Re-config'ing $newconfig, old config and compile renamed with .bak ..."
X! if [ -f $confdir/$newconfig ]; then
X! mv $confdir/$newconfig $confdir/$newconfig.bak
X! fi
X! if [ -d $archdir/compile/$newconfig ]; then
X! mv $archdir/compile/$newconfig $archdir/compile/$newconfig.bak
X! fi
X! if [ "$argv0" = "kinstall" ]; then
X! awk '{print $0} $2=="INET"{print "options IPFILTER"}' \
X! $confdir/$newconfig.bak > $confdir/$newconfig
X! else
X! awk '{print $0} $2=="INET"{print "options IPFILTER_LKM"}' \
X! $confdir/$newconfig.bak > $confdir/$newconfig
X! fi
X!
X! echo 'You will now need to run "config" and build a new kernel.'
X! fi
X!
X exit 0
XIndex: misc/ip-filter/NetBSD-1.2-i386/conf.c-PATCH
Xdiff -c /dev/null misc/ip-filter/NetBSD-1.2-i386/conf.c-PATCH:1.1
X*** /dev/null Thu Jun 6 17:45:31 1996
X--- misc/ip-filter/NetBSD-1.2-i386/conf.c-PATCH Mon May 27 23:02:29 1996
X***************
X*** 0 ****
X--- 1,52 ----
X+ *** sys/arch/i386/i386/conf.c-ORIG Mon May 27 11:14:49 1996
X+ --- sys/arch/i386/i386/conf.c Mon May 27 16:29:25 1996
X+ ***************
X+ *** 179,184 ****
X+ --- 179,210 ----
X+ #include "joy.h"
X+ cdev_decl(joy);
X+
X+ + cdev_decl(ipl);
X+ +
X+ + #ifdef IPFILTER_LOG
X+ + /* open, close, read, ioctl */
X+ + # define cdev_ipf_init(c,n) { \
X+ + dev_init(c,n,open), dev_init(c,n,close), dev_init(c,n,read), \
X+ + (dev_type_write((*))) enodev, dev_init(c,n,ioctl), \
X+ + (dev_type_stop((*))) nullop, 0, (dev_type_select((*))) enodev, \
X+ + (dev_type_mmap((*))) enodev, 0 }
X+ + #else /* IPFILTER_LOG */
X+ + /* XXX same as cdev_ch_init */
X+ + /* open, close, ioctl */
X+ + # define cdev_ipf_init(c,n) { \
X+ + dev_init(c,n,open), dev_init(c,n,close), (dev_type_read((*))) enodev, \
X+ + (dev_type_write((*))) enodev, dev_init(c,n,ioctl), \
X+ + (dev_type_stop((*))) nullop, 0, (dev_type_select((*))) enodev, \
X+ + (dev_type_mmap((*))) enodev, 0 }
X+ + #endif /* IPFILTER_LOG */
X+ +
X+ + /* make up for missing "ipl.h" */
X+ + #ifdef IPFILTER
X+ + # define NIPF 1
X+ + #else
X+ + # define NIPF 0
X+ + #endif
X+ +
X+ struct cdevsw cdevsw[] =
X+ {
X+ cdev_cn_init(1,cn), /* 0: virtual console */
X+ ***************
X+ *** 229,234 ****
X+ --- 255,266 ----
X+ #else
X+ cdev_notdef(), /* 43 */
X+ #endif
X+ + cdev_notdef(), /* 44 */
X+ + cdev_notdef(), /* 45 */
X+ + cdev_notdef(), /* 46 */
X+ + cdev_notdef(), /* 47 */
X+ + cdev_notdef(), /* 48 */
X+ + cdev_ipf_init(NIPF,ipl), /* 49 */
X+ };
X+ int nchrdev = sizeof(cdevsw) / sizeof(cdevsw[0]);
X+
XIndex: misc/ip-filter/NetBSD-1.2-i386/files-PATCH
Xdiff -c /dev/null misc/ip-filter/NetBSD-1.2-i386/files-PATCH:1.1
X*** /dev/null Thu Jun 6 17:45:32 1996
X--- misc/ip-filter/NetBSD-1.2-i386/files-PATCH Mon May 27 23:02:31 1996
X***************
X*** 0 ****
X--- 1,16 ----
X+ *** sys/conf/files-ORIG Mon May 20 08:03:42 1996
X+ --- sys/conf/files Mon May 27 13:44:27 1996
X+ ***************
X+ *** 257,262 ****
X+ --- 257,267 ----
X+ file netinet/tcp_timer.c inet
X+ file netinet/tcp_usrreq.c inet
X+ file netinet/udp_usrreq.c inet
X+ + file netinet/ip_fil.c ipfilter
X+ + file netinet/fil.c ipfilter
X+ + file netinet/ip_nat.c ipfilter
X+ + file netinet/ip_frag.c ipfilter
X+ + file netinet/ip_state.c ipfilter
X+ file netiso/clnp_debug.c iso
X+ file netiso/clnp_er.c iso
X+ file netiso/clnp_frag.c iso
XIndex: misc/ip-filter/NetBSD-1.2-i386/files.oldconf-PATCH
Xdiff -c /dev/null misc/ip-filter/NetBSD-1.2-i386/files.oldconf-PATCH:1.1
X*** /dev/null Thu Jun 6 17:45:33 1996
X--- misc/ip-filter/NetBSD-1.2-i386/files.oldconf-PATCH Mon May 27 23:02:32 1996
X***************
X*** 0 ****
X--- 1,16 ----
X+ *** sys/conf/files.oldconf-ORIG Sun May 26 07:40:50 1996
X+ --- sys/conf/files.oldconf Mon May 27 15:23:35 1996
X+ ***************
X+ *** 184,189 ****
X+ --- 184,194 ----
X+ netinet/tcp_timer.c optional inet
X+ netinet/tcp_usrreq.c optional inet
X+ netinet/udp_usrreq.c optional inet
X+ + netinet/ip_fil.c optional ipfilter
X+ + netinet/fil.c optional ipfilter
X+ + netinet/ip_nat.c optional ipfilter
X+ + netinet/ip_frag.c optional ipfilter
X+ + netinet/ip_state.c optional ipfilter
X+ netiso/clnp_debug.c optional iso
X+ netiso/clnp_er.c optional iso
X+ netiso/clnp_frag.c optional iso
XIndex: misc/ip-filter/NetBSD-1.2-i386/in_proto.c-PATCH
Xdiff -c /dev/null misc/ip-filter/NetBSD-1.2-i386/in_proto.c-PATCH:1.1
X*** /dev/null Thu Jun 6 17:45:34 1996
X--- misc/ip-filter/NetBSD-1.2-i386/in_proto.c-PATCH Mon May 27 23:02:34 1996
X***************
X*** 0 ****
X--- 1,16 ----
X+ *** sys/netinet/in_proto.c-ORIG Wed Apr 24 22:49:02 1996
X+ --- sys/netinet/in_proto.c Wed Apr 24 22:50:30 1996
X+ ***************
X+ *** 83,88 ****
X+ --- 83,93 ----
X+ #include <netinet/ip_mroute.h>
X+ #endif /* MROUTING */
X+
X+ + #ifdef IPFILTER
X+ + void iplinit();
X+ + #define ip_init iplinit
X+ + #endif
X+ +
X+ extern struct domain inetdomain;
X+
X+ struct protosw inetsw[] = {
XIndex: misc/ip-filter/NetBSD-1.2-i386/ip_input.c-PATCH
Xdiff -c /dev/null misc/ip-filter/NetBSD-1.2-i386/ip_input.c-PATCH:1.1
X*** /dev/null Thu Jun 6 17:45:34 1996
X--- misc/ip-filter/NetBSD-1.2-i386/ip_input.c-PATCH Mon May 27 23:02:35 1996
X***************
X*** 0 ****
X--- 1,37 ----
X+ *** sys/netinet/ip_input.c-ORIG Sun Mar 17 07:29:08 1996
X+ --- sys/netinet/ip_input.c Wed Apr 24 22:45:05 1996
X+ ***************
X+ *** 100,105 ****
X+ --- 100,109 ----
X+ int ipqmaxlen = IFQ_MAXLEN;
X+ struct in_ifaddrhead in_ifaddr;
X+ struct ifqueue ipintrq;
X+ + #if defined(IPFILTER_LKM) || defined(IPFILTER)
X+ + int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf *));
X+ + int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)) = \
NULL; X+ + #endif
X+
X+ /*
X+ * We need to save the IP options in case a protocol wants to respond
X+ ***************
X+ *** 237,242 ****
X+ --- 241,259 ----
X+ m_adj(m, ip->ip_len - m->m_pkthdr.len);
X+ }
X+
X+ + #if defined(IPFILTER) || defined(IPFILTER_LKM)
X+ + /*
X+ + * Check if we want to allow this packet to be processed.
X+ + * Consider it to be bad if not.
X+ + */
X+ + {
X+ + struct mbuf *m0 = m;
X+ + if (fr_checkp && (*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m0))
X+ + goto next;
X+ + else
X+ + ip = mtod(m = m0, struct ip *);
X+ + }
X+ + #endif
X+ /*
X+ * Process options and, if not destined for us,
X+ * ship it on. ip_dooptions returns 1 when an
XIndex: misc/ip-filter/NetBSD-1.2-i386/ip_output.c-PATCH
Xdiff -c /dev/null misc/ip-filter/NetBSD-1.2-i386/ip_output.c-PATCH:1.1
X*** /dev/null Thu Jun 6 17:45:35 1996
X--- misc/ip-filter/NetBSD-1.2-i386/ip_output.c-PATCH Mon May 27 23:02:36 1996
X***************
X*** 0 ****
X--- 1,38 ----
X+ *** sys/netinet/ip_output.c-ORIG Tue Feb 27 07:27:02 1996
X+ --- sys/netinet/ip_output.c Wed Apr 24 22:45:05 1996
X+ ***************
X+ *** 63,68 ****
X+ --- 63,72 ----
X+ static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
X+ static void ip_mloopback
X+ __P((struct ifnet *, struct mbuf *, struct sockaddr_in *));
X+ + #if defined(IPFILTER_LKM) || defined(IPFILTER)
X+ + extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf *));
X+ + extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf \
**)); X+ + #endif
X+
X+ /*
X+ * IP output. The packet in mbuf chain m contains a skeletal IP
X+ ***************
X+ *** 293,298 ****
X+ --- 297,316 ----
X+ } else
X+ m->m_flags &= ~M_BCAST;
X+
X+ + #if defined(IPFILTER) || defined(IPFILTER_LKM)
X+ + {
X+ + struct mbuf *m0 = m;
X+ + /*
X+ + * looks like most checking has been done now...do a filter check
X+ + */
X+ + if (fr_checkp && (*fr_checkp)(ip, hlen, ifp, 1, &m0))
X+ + {
X+ + error = EHOSTUNREACH;
X+ + goto done;
X+ + } else
X+ + ip = mtod(m = m0, struct ip *);
X+ + }
X+ + #endif
X+ sendit:
X+ /*
X+ * If small enough for interface, can just send directly.
XIndex: misc/ip-filter/NetBSD-1.2-i386/kinstall
Xdiff -c /dev/null misc/ip-filter/NetBSD-1.2-i386/kinstall:1.1
X*** /dev/null Thu Jun 6 17:45:36 1996
X--- misc/ip-filter/NetBSD-1.2-i386/kinstall Tue May 28 09:47:18 1996
X***************
X*** 0 ****
X--- 1,76 ----
X+ #! /bin/sh
X+ #
X+ # kinstall - install ip-filter & patches to kernel sources
X+ #
X+ # WARNING: This script should be run exactly once on a virgin system
X+ #
X+ PATH=/sbin:/usr/sbin:/bin:/usr/bin; export PATH
X+
X+ # try to bomb out fast if anything fails....
X+ set -e
X+
X+ argv0=`basename $0`
X+ dir=`pwd`
X+ karch=`uname -m`
X+ src="" # assume /sys is a symlink to the right place
X+ archdir="$src/sys/arch/$karch"
X+ confdir="$archdir/conf"
X+
X+ case "$karch" in
X+ i386)
X+ echo "Patching $archdir/$karch/$karch/conf.c"
X+ cat conf.c-PATCH | (cd $archdir/$karch/$karch; patch)
X+ ;;
X+ *)
X+ echo "$argv0: not i386 target architecture: $karch" 1>&2
X+ exit 2
X+ ;;
X+ esac
X+
X+ echo -n "Installing "
X+ for i in ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] fil.c ip_compat.h ; do
X+ echo -n "$i "
X+ cp $i $src/sys/netinet/
X+ chmod 644 $src/sys/netinet/$i
X+ done
X+
X+ echo "Patching ip_input.c, ip_output.c and in_proto.c ..."
X+ cat i*.c-PATCH | (cd $src/sys/netinet; patch)
X+
X+ echo "Patching $src/sys/conf/files.oldconf ..."
X+ cat files.oldconf-PATCH | (cd $src/sys/conf; patch)
X+ echo "Patching $src/sys/conf/files ..."
X+ cat file-PATCH | (cd $src/sys/conf; patch)
X+
X+ echo -n "Kernel configuration to update [GENERIC] "
X+ read newconfig junk
X+
X+ if [ -n "$newconfig" ] ; then
X+ config="$confdir/$newconfig"
X+ else
X+ newconfig="$confdir/GENERIC"
X+ fi
X+
X+ if grep IPFILTER $confdir/$newconfig > /dev/null 2>&1 ; then
X+ echo "$newconfig already contains proper options statement..."
X+ echo 'You will now need to build a new kernel.'
X+ else
X+ echo "Re-config'ing $newconfig, old config and compile renamed with .bak ..."
X+ if [ -f $confdir/$newconfig ]; then
X+ mv $confdir/$newconfig $confdir/$newconfig.bak
X+ fi
X+ if [ -d $archdir/compile/$newconfig ]; then
X+ mv $archdir/compile/$newconfig $archdir/compile/$newconfig.bak
X+ fi
X+ if [ "$argv0" = "kinstall" ]; then
X+ awk '{print $0} $2=="INET"{print "options IPFILTER"}' \
X+ $confdir/$newconfig.bak > $confdir/$newconfig
X+ else
X+ awk '{print $0} $2=="INET"{print "options IPFILTER_LKM"}' \
X+ $confdir/$newconfig.bak > $confdir/$newconfig
X+ fi
X+
X+ echo 'You will now need to run "config" and build a new kernel.'
X+ fi
X+
X+ exit 0
XIndex: misc/ip-filter/SunOS4/.cvsignore
Xdiff -c /dev/null misc/ip-filter/SunOS4/.cvsignore:1.1
X*** /dev/null Thu Jun 6 17:45:37 1996
X--- misc/ip-filter/SunOS4/.cvsignore Tue May 28 09:28:39 1996
X***************
X*** 0 ****
X--- 1,5 ----
X+ ipf
X+ ipfstat
X+ ipftest
X+ ipmon
X+ ipnat
XIndex: misc/ip-filter/SunOS4/Makefile
Xdiff -c misc/ip-filter/SunOS4/Makefile:1.1.1.1 misc/ip-filter/SunOS4/Makefile:1.3
X*** misc/ip-filter/SunOS4/Makefile:1.1.1.1 Wed Apr 24 09:42:58 1996
X--- misc/ip-filter/SunOS4/Makefile Thu Jun 6 17:06:35 1996
X***************
X*** 9,25 ****
X BINDEST=/usr/local/bin
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X! CC=gcc
X! CFLAGS=-g -I..
X #
X MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
X! "CC=$(CC)" "CFLAGS=$(CFLAGS)" "IPFLKM=$(IPFLKM)" "IPFLOG=$(IPFLOG)" \
X "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)"
X #
X # For SunOS 4.1.x
X #
X ARCH:sh=uname -m
X! DEF=-D$(ARCH) -D__$(ARCH)__ -DINET -DKERNEL -D_KERNEL -Dsparc -Dsun
X IPDEF=$(DEF) -DGATEWAY -DDIRECTED_BROADCAST
X ML=mls_ipl.c
X IPFILC=ip_fil.c
X--- 9,26 ----
X BINDEST=/usr/local/bin
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X! CC=/usr/5bin/cc
X! CFLAGS=-I..
X #
X MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
X! "CC=$(CC)" "CFLAGS=$(CFLAGS)" "DEBUG=$(DEBUG)" \
X! "IPFLKM=$(IPFLKM)" "IPFLOG=$(IPFLOG)" \
X "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)"
X #
X # For SunOS 4.1.x
X #
X ARCH:sh=uname -m
X! DEF=-D$(ARCH) -D__$(ARCH)__ -DINET -DKERNEL -D_KERNEL -Dsun
X IPDEF=$(DEF) -DGATEWAY -DDIRECTED_BROADCAST
X ML=mls_ipl.c
X IPFILC=ip_fil.c
X***************
X*** 28,33 ****
X--- 29,35 ----
X # For the LKM:
X LKM=if_ipl.o
X IPL=-DIPL_NAME=\"/dev/ipl\"
X+ LOGFAC=-DLOGFAC=LOG_LOCAL0
X #
X ########## ########## ########## ########## ########## ########## ##########
X #
X***************
X*** 44,50 ****
X FILS=fils.o parse.o kmem.o opt.o inet_addr.o
X
X all:
X! (cd ..; make sunos4; )
X
X sunos4 solaris1 build: ipf ipfstat ipftest ipmon ipnat if_ipl.o
X
X--- 46,52 ----
X FILS=fils.o parse.o kmem.o opt.o inet_addr.o
X
X all:
X! (cd ..; $(MAKE) $(MFLAGS) sunos4; )
X
X sunos4 solaris1 build: ipf ipfstat ipftest ipmon ipnat if_ipl.o
X
XIndex: misc/ip-filter/SunOS4/Makefile.ipsend
Xdiff -c misc/ip-filter/SunOS4/Makefile.ipsend:1.1.1.1 \
misc/ip-filter/SunOS4/Makefile.ipsend:1.2 X*** \
misc/ip-filter/SunOS4/Makefile.ipsend:1.1.1.1 Wed Apr 24 09:42:59 1996 X--- \
misc/ip-filter/SunOS4/Makefile.ipsend Tue May 28 09:49:20 1996 X***************
X*** 4,10 ****
X BPF=sbpf.o
X UNIXOBJS=snit.o sock.o arp.o
X
X! CC=gcc
X CFLAGS=-g -I..
X
X .c.o:
X--- 4,10 ----
X BPF=sbpf.o
X UNIXOBJS=snit.o sock.o arp.o
X
X! CC=/usr/5bin/cc
X CFLAGS=-g -I..
X
X .c.o:
XIndex: misc/ip-filter/test/Makefile
Xdiff -c misc/ip-filter/test/Makefile:1.1.1.1 misc/ip-filter/test/Makefile:1.2
X*** misc/ip-filter/test/Makefile:1.1.1.1 Wed Apr 24 09:42:40 1996
X--- misc/ip-filter/test/Makefile Tue May 28 09:54:25 1996
X***************
X*** 10,16 ****
X BINDEST=/usr/local/bin
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X! tests: 0 1 2 3 4 5 6 7 8 9 10 11 12
X
X 0:
X @(cd ..; make ipftest; )
X--- 10,20 ----
X BINDEST=/usr/local/bin
X SBINDEST=/sbin
X MANDIR=/usr/share/man
X!
X! tests: first 0 1 2 3 4 5 6 7 8 9 10 11 12
X!
X! first:
X! -mkdir results
X
X 0:
X @(cd ..; make ipftest; )
END_OF_FILE
if test 32261 -ne `wc -c <'ip-filter-local-3_0_4-v0.diffs'`; then
echo shar: \"'ip-filter-local-3_0_4-v0.diffs'\" unpacked with wrong size!
fi
# end of 'ip-filter-local-3_0_4-v0.diffs'
fi
echo shar: End of shell archive.
exit 0
--
Greg A. Woods
+1 416 443-1734 VE3TCP robohack!woods
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic