mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-11 17:04:19 +01:00
fix conflicts
This commit is contained in:
parent
83a94a22b3
commit
c0230397c7
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=63520
@ -10,14 +10,6 @@ static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-2000 Darren Reed";
|
||||
static const char rcsid[] = "@(#)$FreeBSD$";
|
||||
#endif
|
||||
|
||||
#if defined(_KERNEL) && defined(__FreeBSD_version) && \
|
||||
(__FreeBSD_version >= 400019)
|
||||
# define CSUM_DELAY_DATA
|
||||
#endif
|
||||
#if defined(_KERNEL) && defined(__FreeBSD_version) && \
|
||||
(__FreeBSD_version >= 400000) && !defined(KLD_MODULE)
|
||||
#include "opt_inet6.h"
|
||||
#endif
|
||||
#include <sys/errno.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/param.h>
|
||||
@ -29,6 +21,14 @@ static const char rcsid[] = "@(#)$FreeBSD$";
|
||||
#endif
|
||||
#if (defined(KERNEL) || defined(_KERNEL)) && defined(__FreeBSD_version) && \
|
||||
(__FreeBSD_version >= 220000)
|
||||
# if (__FreeBSD_version >= 400000)
|
||||
# ifndef KLD_MODULE
|
||||
# include "opt_inet6.h"
|
||||
# endif
|
||||
# if (__FreeBSD_version == 400019)
|
||||
# define CSUM_DELAY_DATA
|
||||
# endif
|
||||
# endif
|
||||
# include <sys/filio.h>
|
||||
# include <sys/fcntl.h>
|
||||
#else
|
||||
@ -119,10 +119,8 @@ extern kmutex_t ipf_rw;
|
||||
# if SOLARIS
|
||||
# define FR_NEWAUTH(m, fi, ip, qif) fr_newauth((mb_t *)m, fi, \
|
||||
ip, qif)
|
||||
# define SEND_RESET(ip, qif, if, fin) send_reset(fin, ip, qif)
|
||||
# else /* SOLARIS */
|
||||
# define FR_NEWAUTH(m, fi, ip, qif) fr_newauth((mb_t *)m, fi, ip)
|
||||
# define SEND_RESET(ip, qif, if, fin) send_reset(fin, ip)
|
||||
# endif /* SOLARIS || __sgi */
|
||||
#endif /* _KERNEL */
|
||||
|
||||
@ -663,8 +661,11 @@ void *m;
|
||||
* Just log this packet...
|
||||
*/
|
||||
passt = fr->fr_flags;
|
||||
if ((passt & FR_CALLNOW) && fr->fr_func)
|
||||
passt = (*fr->fr_func)(passt, ip, fin);
|
||||
#if (BSD >= 199306) && (defined(_KERNEL) || defined(KERNEL))
|
||||
if (securelevel <= 0)
|
||||
#endif
|
||||
if ((passt & FR_CALLNOW) && fr->fr_func)
|
||||
passt = (*fr->fr_func)(passt, ip, fin);
|
||||
fin->fin_fr = fr;
|
||||
#ifdef IPFILTER_LOG
|
||||
if ((passt & FR_LOGMASK) == FR_LOG) {
|
||||
@ -969,8 +970,11 @@ int out;
|
||||
pass &= ~(FR_LOGFIRST|FR_LOG);
|
||||
}
|
||||
|
||||
if (fr && fr->fr_func && !(pass & FR_CALLNOW))
|
||||
pass = (*fr->fr_func)(pass, ip, fin);
|
||||
#if (BSD >= 199306) && (defined(_KERNEL) || defined(KERNEL))
|
||||
if (securelevel <= 0)
|
||||
#endif
|
||||
if (fr && fr->fr_func && !(pass & FR_CALLNOW))
|
||||
pass = (*fr->fr_func)(pass, ip, fin);
|
||||
|
||||
/*
|
||||
* Only count/translate packets which will be passed on, out the
|
||||
@ -979,10 +983,10 @@ int out;
|
||||
if (out && (pass & FR_PASS)) {
|
||||
#ifdef USE_INET6
|
||||
if (v == 6)
|
||||
list = ipacct6[0][fr_active];
|
||||
list = ipacct6[1][fr_active];
|
||||
else
|
||||
#endif
|
||||
list = ipacct[0][fr_active];
|
||||
list = ipacct[1][fr_active];
|
||||
if ((fin->fin_fr = list) &&
|
||||
(fr_scanlist(FR_NOMATCH, ip, fin, m) & FR_ACCOUNT)) {
|
||||
ATOMIC_INCL(frstats[1].fr_acct);
|
||||
@ -1127,11 +1131,11 @@ logit:
|
||||
|
||||
if (((pass & FR_FASTROUTE) && !out) ||
|
||||
(fdp->fd_ifp && fdp->fd_ifp != (struct ifnet *)-1)) {
|
||||
if (ipfr_fastroute(qif, ip, m, mp, fin, fdp) == 0)
|
||||
if (ipfr_fastroute(ip, m, mp, fin, fdp) == 0)
|
||||
m = *mp = NULL;
|
||||
}
|
||||
if (mc)
|
||||
ipfr_fastroute(qif, ip, mc, mp, fin, &fr->fr_dif);
|
||||
ipfr_fastroute(ip, mc, mp, fin, &fr->fr_dif);
|
||||
}
|
||||
# endif /* !SOLARIS */
|
||||
return (pass & FR_PASS) ? 0 : error;
|
||||
@ -1363,7 +1367,7 @@ nodata:
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94
|
||||
* $Id: fil.c,v 2.35.2.8 2000/05/22 10:26:09 darrenr Exp $
|
||||
* $Id: fil.c,v 2.35.2.18 2000/07/19 13:13:40 darrenr Exp $
|
||||
*/
|
||||
/*
|
||||
* Copy data from an mbuf chain starting "off" bytes from the beginning,
|
||||
@ -1811,6 +1815,7 @@ void frsync()
|
||||
ip_natsync(ifp);
|
||||
ip_statesync(ifp);
|
||||
}
|
||||
ip_natsync((struct ifnet *)-1);
|
||||
# endif
|
||||
|
||||
WRITE_ENTER(&ipf_mutex);
|
||||
|
@ -519,8 +519,8 @@ extern int iplioctl __P((dev_t, int, int *, int, cred_t *, int *));
|
||||
extern int iplopen __P((dev_t *, int, int, cred_t *));
|
||||
extern int iplclose __P((dev_t, int, int, cred_t *));
|
||||
extern int ipfsync __P((void));
|
||||
extern int ipfr_fastroute __P((qif_t *, ip_t *, mblk_t *, mblk_t **,
|
||||
fr_info_t *, frdest_t *));
|
||||
extern int ipfr_fastroute __P((ip_t *, mblk_t *, mblk_t **,
|
||||
fr_info_t *, frdest_t *));
|
||||
extern void copyin_mblk __P((mblk_t *, size_t, size_t, char *));
|
||||
extern void copyout_mblk __P((mblk_t *, size_t, size_t, char *));
|
||||
extern int fr_qin __P((queue_t *, mblk_t *));
|
||||
|
@ -26,7 +26,11 @@
|
||||
# endif
|
||||
# endif
|
||||
# else
|
||||
# include <osreldate.h>
|
||||
# ifdef KLD_MODULE
|
||||
# include <sys/osreldate.h>
|
||||
# else
|
||||
# include <osreldate.h>
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
#ifdef IPFILTER_LOG
|
||||
|
@ -209,11 +209,11 @@ static void init_tabs()
|
||||
if (s->s_proto == NULL)
|
||||
continue;
|
||||
else if (!strcmp(s->s_proto, "tcp")) {
|
||||
port = s->s_port;
|
||||
port = ntohs(s->s_port);
|
||||
name = s->s_name;
|
||||
tab = tcp_ports;
|
||||
} else if (!strcmp(s->s_proto, "udp")) {
|
||||
port = s->s_port;
|
||||
port = ntohs(s->s_port);
|
||||
name = s->s_name;
|
||||
tab = udp_ports;
|
||||
} else
|
||||
@ -401,6 +401,10 @@ int blen;
|
||||
strcpy(t, "NAT:RDR ");
|
||||
else if (nl->nl_type == NL_EXPIRE)
|
||||
strcpy(t, "NAT:EXPIRE ");
|
||||
else if (nl->nl_type == NL_NEWBIMAP)
|
||||
strcpy(t, "NAT:BIMAP ");
|
||||
else if (nl->nl_type == NL_NEWBLOCK)
|
||||
strcpy(t, "NAT:MAPBLOCK ");
|
||||
else
|
||||
sprintf(t, "Type: %d ", nl->nl_type);
|
||||
t += strlen(t);
|
||||
|
@ -100,8 +100,10 @@ protocol number. If this option is not specified, state entries for any
|
||||
protocol are specified.
|
||||
.TP
|
||||
.B \-s
|
||||
Show packet/flow state information (statistics) and held state information (in
|
||||
the kernel) if any is present.
|
||||
Show packet/flow state information (statistics only).
|
||||
.TP
|
||||
.B \-sl
|
||||
Show held state information (in the kernel) if any is present (no statistics).
|
||||
.TP
|
||||
.BR \-S \0<addrport>
|
||||
This option is only valid in combination with \fB\-t\fP. Limit the state top
|
||||
|
Loading…
Reference in New Issue
Block a user