thishost is already defined in lib/initparse.c; no need for this one. This
fixes the ipfilter build with -fno-common.
-fno-common will become the default in GCC10/LLVM11.
MFC after: 3 days
Remove #ifdefs for ancient and irrelevant operating systems from
ipfilter.
When ipfilter was written the UNIX and UNIX-like systems in use
were diverse and plentiful. IRIX, Tru64 (OSF/1) don't exist any
more. OpenBSD removed ipfilter shortly after the first time the
ipfilter license terms changed in the early 2000's. ipfilter on AIX,
HP/UX, and Linux never really caught on. Removal of code for operating
systems that ipfilter will never run on again will simplify the code
making it easier to fix bugs, complete partially implemented features,
and extend ipfilter.
Unsupported previous version FreeBSD code and some older NetBSD code
has also been removed.
What remains is supported FreeBSD, NetBSD, and illumos. FreeBSD and
NetBSD have collaborated exchanging patches, while illumos has expressed
willingness to have their ipfilter updated to 5.1.2, provided their
zone-specific updates to their ipfilter are merged (which are of interest
to FreeBSD to allow control of ipfilters in jails from the global zone).
Reviewed by: glebius@
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D19006
TCP_PAWS_IDLE is defined in netinet/tcp_seq.h, however this header
isn't included explicitly or implicitly at this point therefore
as far ipfilter is concerned TCP_PAWS_IDLE is not defined. Remove
the #ifdef and include netinet/tcp.h unconditionally.
MFC after: 1 week
against rules. It definitely doesn't need to know about kernel internals,
such as 'struct ifaddr'. What it does with ifaddr, is that it only takes
ifa_addr member of it, and treats it as sockaddr, while it is only a pointer
to sockaddr. Fortunately, sizeof(struct ifaddr) > sizeof(struct sockaddr_in6),
so no problems arise.
Fix that declaring a private struct ifaddr in ipftest(1) and stop including
if_var.h.
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
import of new ipfilter vendor sources by flattening them.
To keep the tags consistent with dist, the tags are also flattened.
Approved by: glebius (Mentor)
