diff options
| author | Max Laier <mlaier@FreeBSD.org> | 2004-08-12 13:46:21 +0000 |
|---|---|---|
| committer | Max Laier <mlaier@FreeBSD.org> | 2004-08-12 13:46:21 +0000 |
| commit | bf47a23754611d3d8f2a6896e44ed13a76a49229 (patch) | |
| tree | 29eaa0ee772d0427a8878ce371465614c276c99a | |
| parent | c06368a3a9877fe5417f6dd18ba2b54320c320df (diff) | |
| download | src-vendor/pf-sys/3.5.003.tar.gz src-vendor/pf-sys/3.5.003.zip | |
Import a couple of fixes from OpenBSD-current, which did not make -stable invendor/pf-sys/3.5.003
OpenBSD for various reasons.
Discussed with: yongari
| -rw-r--r-- | sys/contrib/pf/net/pf.c | 3 | ||||
| -rw-r--r-- | sys/contrib/pf/net/pf_if.c | 4 | ||||
| -rw-r--r-- | sys/contrib/pf/net/pf_norm.c | 14 | ||||
| -rw-r--r-- | sys/contrib/pf/net/pfvar.h | 3 |
4 files changed, 17 insertions, 7 deletions
diff --git a/sys/contrib/pf/net/pf.c b/sys/contrib/pf/net/pf.c index 8d6c01d2d942..a2db3d48ebf7 100644 --- a/sys/contrib/pf/net/pf.c +++ b/sys/contrib/pf/net/pf.c @@ -1,4 +1,5 @@ /* $OpenBSD: pf.c,v 1.433.2.2 2004/07/17 03:22:34 brad Exp $ */ +/* add $OpenBSD: pf.c,v 1.448 2004/05/11 07:34:11 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -113,8 +114,6 @@ void pf_print_host(struct pf_addr *, u_int16_t, u_int8_t); void pf_print_state(struct pf_state *); void pf_print_flags(u_int8_t); -u_int16_t pf_cksum_fixup(u_int16_t, u_int16_t, u_int16_t, - u_int8_t); void pf_change_ap(struct pf_addr *, u_int16_t *, u_int16_t *, u_int16_t *, struct pf_addr *, u_int16_t, u_int8_t, sa_family_t); diff --git a/sys/contrib/pf/net/pf_if.c b/sys/contrib/pf/net/pf_if.c index cdc6e36962fd..a3d5f4175f01 100644 --- a/sys/contrib/pf/net/pf_if.c +++ b/sys/contrib/pf/net/pf_if.c @@ -1,4 +1,5 @@ /* $OpenBSD: pf_if.c,v 1.11 2004/03/15 11:38:23 cedric Exp $ */ +/* add $OpenBSD: pf_if.c,v 1.19 2004/08/11 12:06:44 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -42,6 +43,7 @@ #include <net/if.h> #include <net/if_types.h> +#include <net/route.h> #include <netinet/in.h> #include <netinet/in_var.h> @@ -410,6 +412,8 @@ pfi_instance_add(struct ifnet *ifp, int net, int flags) af = ia->ifa_addr->sa_family; if (af != AF_INET && af != AF_INET6) continue; + if (!(ia->ifa_flags & IFA_ROUTE)) + continue; if ((flags & PFI_AFLAG_BROADCAST) && af == AF_INET6) continue; if ((flags & PFI_AFLAG_BROADCAST) && diff --git a/sys/contrib/pf/net/pf_norm.c b/sys/contrib/pf/net/pf_norm.c index ec56dce9e3f4..3e5b40281db0 100644 --- a/sys/contrib/pf/net/pf_norm.c +++ b/sys/contrib/pf/net/pf_norm.c @@ -1,4 +1,5 @@ /* $OpenBSD: pf_norm.c,v 1.80.2.1 2004/04/30 21:46:33 brad Exp $ */ +/* add $OpenBSD: pf_norm.c,v 1.87 2004/05/11 07:34:11 dhartmei Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> @@ -114,7 +115,6 @@ struct mbuf *pf_reassemble(struct mbuf **, struct pf_fragment **, struct pf_frent *, int); struct mbuf *pf_fragcache(struct mbuf **, struct ip*, struct pf_fragment **, int, int, int *); -u_int16_t pf_cksum_fixup(u_int16_t, u_int16_t, u_int16_t); int pf_normalize_tcpopt(struct pf_rule *, struct mbuf *, struct tcphdr *, int); @@ -976,8 +976,12 @@ pf_normalize_ip(struct mbuf **m0, int dir, struct pfi_kif *kif, u_short *reason) if (r->min_ttl && h->ip_ttl < r->min_ttl) h->ip_ttl = r->min_ttl; - if (r->rule_flag & PFRULE_RANDOMID) + if (r->rule_flag & PFRULE_RANDOMID) { + u_int16_t ip_id = h->ip_id; + h->ip_id = ip_randomid(); + h->ip_sum = pf_cksum_fixup(h->ip_sum, ip_id, h->ip_id, 0); + } return (PF_PASS); @@ -1273,13 +1277,13 @@ pf_normalize_tcp(int dir, struct pfi_kif *kif, struct mbuf *m, int ipoff, th->th_x2 = 0; nv = *(u_int16_t *)(&th->th_ack + 1); - th->th_sum = pf_cksum_fixup(th->th_sum, ov, nv); + th->th_sum = pf_cksum_fixup(th->th_sum, ov, nv, 0); rewrite = 1; } /* Remove urgent pointer, if TH_URG is not set */ if (!(flags & TH_URG) && th->th_urp) { - th->th_sum = pf_cksum_fixup(th->th_sum, th->th_urp, 0); + th->th_sum = pf_cksum_fixup(th->th_sum, th->th_urp, 0, 0); th->th_urp = 0; rewrite = 1; } @@ -1523,7 +1527,7 @@ pf_normalize_tcpopt(struct pf_rule *r, struct mbuf *m, struct tcphdr *th, mss = (u_int16_t *)(optp + 2); if ((ntohs(*mss)) > r->max_mss) { th->th_sum = pf_cksum_fixup(th->th_sum, - *mss, htons(r->max_mss)); + *mss, htons(r->max_mss), 0); *mss = htons(r->max_mss); rewrite = 1; } diff --git a/sys/contrib/pf/net/pfvar.h b/sys/contrib/pf/net/pfvar.h index d3dda46578e4..851d39591960 100644 --- a/sys/contrib/pf/net/pfvar.h +++ b/sys/contrib/pf/net/pfvar.h @@ -1,4 +1,5 @@ /* $OpenBSD: pfvar.h,v 1.187 2004/03/22 04:54:18 mcbride Exp $ */ +/* add $OpenBSD: pfvar.h,v 1.194 2004/05/11 07:34:11 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1328,6 +1329,8 @@ extern struct pf_ruleset *pf_find_or_create_ruleset( char[PF_RULESET_NAME_SIZE]); extern void pf_remove_if_empty_ruleset( struct pf_ruleset *); +extern u_int16_t pf_cksum_fixup(u_int16_t, u_int16_t, u_int16_t, + u_int8_t); extern struct ifnet *sync_ifp; extern struct pf_rule pf_default_rule; |