Import IP-Filter 5.1.2 into vendor branches using the existing license that

the current version of IP-Filter in FreeBSD is under as per email received
from Darren Reed on Mon, 08 Jul 2013 23:54:16 +1000.

Approved by:	glebius (Mentor), Darren Reed <darrenr@reed.wattle.id.au>
This commit is contained in:
Cy Schubert 2013-08-11 14:28:45 +00:00
parent c63520fcdd
commit 05ddbb8d93
937 changed files with 111581 additions and 49474 deletions

View File

@ -1,28 +1,43 @@
ipf
sparcv7
sparcv9
h
ipf-darren
bugs
ipftest
patches
state
cbits
CVS
old
new
netinet
import
amd64
bak
streams
bugs
cbits
cvs.diff
threads
cvs.diffs
extern
glibc
h
hp
windows
i86
import
ipf
ipf-darren
ipfstat
ipftest
ipnat
opt_inet6.h
ippool
ipmon
ip_rules.c
ipscan
ipsyncm
ipsyncs
ip_rules.h
ip_rules.c
net
netinet
new
old
opt_bpf.h
opt_inet6.h
opt_pfil.h
patches
sparcv7
sparcv9
state
streams
threads
windows
SunOS5/i386-5.10
*.o
*/*.o
*/*/*.o

41
4bsd/conf.c.diffs Normal file
View File

@ -0,0 +1,41 @@
*** conf.c.orig Wed May 10 23:38:08 1995
--- conf.c Thu May 11 00:33:19 1995
***************
*** 169,174 ****
--- 169,187 ----
#endif
cdev_decl(lkm);
+ /* open, close, read, ioctl */
+ cdev_decl(ipl);
+ #define cdev_gen_ipf(c,n) { \
+ dev_init(c,n,open), dev_init(c,n,close), dev_init(c,n,read), \
+ (dev_type_write((*))) enodev, dev_init(c,n,ioctl), \
+ (dev_type_stop((*))) nullop, 0, (dev_type_select((*))) enodev, \
+ (dev_type_mmap((*))) enodev, 0 }
+ #ifdef IPFILTER
+ #define NIPF 1
+ #else
+ #define NIPF 0
+ #endif
+
struct cdevsw cdevsw[] =
{
cdev_cn_init(1,cn), /* 0: virtual console */
***************
*** 232,238 ****
cdev_notdef(), /* 56 */
cdev_notdef(), /* 57 */
cdev_disk_init(NCD,cd), /* 58 SCSI CD-ROM */
! cdev_notdef(), /* 59 */
cdev_notdef(), /* 60 */
cdev_notdef(), /* 61 */
cdev_notdef(), /* 62 */
--- 245,251 ----
cdev_notdef(), /* 56 */
cdev_notdef(), /* 57 */
cdev_disk_init(NCD,cd), /* 58 SCSI CD-ROM */
! cdev_gen_ipf(NIPF,ipl), /* 59 */
cdev_notdef(), /* 60 */
cdev_notdef(), /* 61 */
cdev_notdef(), /* 62 */

23
4bsd/files.diffs Normal file
View File

@ -0,0 +1,23 @@
*** files.orig Sat Apr 29 19:59:31 1995
--- files Sun Apr 23 17:54:18 1995
***************
*** 180,185 ****
--- 180,197 ----
netinet/tcp_timer.c optional inet
netinet/tcp_usrreq.c optional inet
netinet/udp_usrreq.c optional inet
+ netinet/ip_fil.c optional ipfilter requires inet
+ netinet/fil.c optional ipfilter requires inet
+ netinet/ip_nat.c optional ipfilter requires inet
+ netinet/ip_auth.c optional ipfilter requires inet
+ netinet/ip_frag.c optional ipfilter requires inet
+ netinet/ip_state.c optional ipfilter requires inet
+ netinet/ip_proxy.c optional ipfilter requires inet
+ netinet/ip_log.c optional ipfilter requires inet
+ netinet/ip_scan.c optional ipfilter requires inet
+ netinet/ip_sync.c optional ipfilter requires inet
+ netinet/ip_pool.c optional ipfilter_pool requires inet
+ netinet/ip_rules.c optional ipfilter_compiled requires ipfilter
netiso/clnp_debug.c optional iso
netiso/clnp_er.c optional iso
netiso/clnp_frag.c optional iso

23
4bsd/files.newconf.diffs Normal file
View File

@ -0,0 +1,23 @@
*** files.newconf.orig Sat Apr 29 20:00:02 1995
--- files.newconf Sun Apr 23 17:53:58 1995
***************
*** 222,227 ****
--- 222,239 ----
file netinet/tcp_timer.c inet
file netinet/tcp_usrreq.c inet
file netinet/udp_usrreq.c inet
+ file netinet/ip_fil.c ipfilter
+ file netinet/fil.c ipfilter
+ file netinet/ip_nat.c ipfilter
+ file netinet/ip_frag.c ipfilter
+ file netinet/ip_state.c ipfilter
+ file netinet/ip_auth.c ipfilter
+ file netinet/ip_proxy.c ipfilter
+ file netinet/ip_log.c ipfilter
+ file netinet/ip_scan.c ipfilter
+ file netinet/ip_sync.c ipfilter
+ file netinet/ip_pool.c ipfilter_pool
+ file netinet/ip_rules.c ipfilter_compiled
file netiso/clnp_debug.c iso
file netiso/clnp_er.c iso
file netiso/clnp_frag.c iso

23
4bsd/files.oldconf.diffs Normal file
View File

@ -0,0 +1,23 @@
*** files.oldconf.orig Sat Apr 29 19:59:31 1995
--- files.oldconf Sun Apr 23 17:54:18 1995
***************
*** 180,185 ****
--- 180,197 ----
netinet/tcp_timer.c optional inet
netinet/tcp_usrreq.c optional inet
netinet/udp_usrreq.c optional inet
+ netinet/ip_fil.c optional ipfilter requires inet
+ netinet/fil.c optional ipfilter requires inet
+ netinet/ip_nat.c optional ipfilter requires inet
+ netinet/ip_frag.c optional ipfilter requires inet
+ netinet/ip_state.c optional ipfilter requires inet
+ netinet/ip_proxy.c optional ipfilter requires inet
+ netinet/ip_log.c optional ipfilter requires inet
+ netinet/ip_auth.c optional ipfilter requires inet
+ netinet/ip_scan.c optional ipfilter requires inet
+ netinet/ip_sync.c optional ipfilter requires inet
+ netinet/ip_pool.c optional ipfilter_pool requires inet
+ netinet/ip_rules.c optional ipfilter_compiled requires ipfilter
netiso/clnp_debug.c optional iso
netiso/clnp_er.c optional iso
netiso/clnp_frag.c optional iso

23
4bsd/filez.diffs Normal file
View File

@ -0,0 +1,23 @@
*** files.orig Sat Apr 29 20:00:02 1995
--- files Sun Apr 23 17:53:58 1995
***************
*** 222,227 ****
--- 222,239 ----
file netinet/tcp_timer.c inet
file netinet/tcp_usrreq.c inet
file netinet/udp_usrreq.c inet
+ file netinet/ip_fil.c ipfilter
+ file netinet/fil.c ipfilter
+ file netinet/ip_nat.c ipfilter
+ file netinet/ip_frag.c ipfilter
+ file netinet/ip_state.c ipfilter
+ file netinet/ip_proxy.c ipfilter
+ file netinet/ip_auth.c ipfilter
+ file netinet/ip_log.c ipfilter
+ file netinet/ip_scan.c ipfilter
+ file netinet/ip_sync.c ipfilter
+ file netinet/ip_pool.c ipfilter_pool
+ file netinet/ip_rules.c ipfilter_compiled
file netiso/clnp_debug.c iso
file netiso/clnp_er.c iso
file netiso/clnp_frag.c iso

38
4bsd/ip_input.c.diffs Normal file
View File

@ -0,0 +1,38 @@
*** ip_input.c.orig Sun Apr 23 17:17:05 1995
--- ip_input.c Sun Apr 23 17:30:03 1995
***************
*** 80,85 ****
--- 80,90 ----
int ipqmaxlen = IFQ_MAXLEN;
struct in_ifaddr *in_ifaddr; /* first inet address */
struct ifqueue ipintrq;
+ #if defined(IPFILTER) || defined(IPFILTER_LKM)
+ int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf *));
+ int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf *));
+ #endif
/*
* We need to save the IP options in case a protocol wants to respond
***************
*** 225,231 ****
--- 233,252 ----
m_adj(m, ip->ip_len - m->m_pkthdr.len);
}
+ #if defined(IPFILTER) || defined(IPFILTER_LKM)
/*
+ * Check if we want to allow this packet to be processed.
+ * Consider it to be bad if not.
+ */
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
+ goto next;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
+ /*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an
* error was detected (causing an icmp message

36
4bsd/ip_output.c.diffs Normal file
View File

@ -0,0 +1,36 @@
*** ip_output.c.orig Sun Apr 23 17:17:05 1995
--- ip_output.c Sun Apr 23 17:32:11 1995
***************
*** 60,65 ****
--- 60,69 ----
static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
static void ip_mloopback
__P((struct ifnet *, struct mbuf *, struct sockaddr_in *));
+ #if defined(IPFILTER_LKM) || defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf *));
+ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf *));
+ #endif
/*
* IP output. The packet in mbuf chain m contains a skeletal IP
***************
*** 277,282 ****
--- 284,303 ----
} else
m->m_flags &= ~M_BCAST;
sendit:
+ #if defined(IPFILTER) || defined(IPFILTER_LKM)
+ /*
+ * looks like most checking has been done now...do a filter check
+ */
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((error = (*fr_checkp)(ip, hlen, ifp, 1, &m1)) || !m1)
+ goto done;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* If small enough for interface, can just send directly.

55
4bsd/kinstall Executable file
View File

@ -0,0 +1,55 @@
#!/bin/csh -f
#
set dir=`pwd`
set karch=`uname -m`
set archdir="/sys/arch/$karch"
set confdir="$archdir/conf"
if ( $dir =~ *fil/4bsd ) cd ..
if ($0 =~ *kinstall) then
echo "Installing ip_fil.c and ip_fil.h"
cp ip_fil.{c,h} /sys/netinet
echo "Patching $archdir/$karch/conf.c"
cat conf.c.diffs | (cd $archdir/$karch; patch)
endif
echo "Patching ip_input.c and ip_output.c"
cat 4bsd/ip_{in,out}put.c.diffs | (cd /sys/netinet; patch)
if ( -f /sys/conf/files.newconf ) then
echo "Patching /sys/conf/files.newconf"
cat 4bsd/files.newconf.diffs | (cd /sys/conf; patch)
echo "Patching /sys/conf/files"
cat 4bsd/files.diffs | (cd /sys/conf; patch)
endif
if ( -f /sys/conf/files.oldconf ) then
echo "Patching /sys/conf/files.oldconf"
cat 4bsd/files.oldconf.diffs | (cd /sys/conf; patch)
echo "Patching /sys/conf/files"
cat 4bsd/filez.diffs | (cd /sys/conf; patch)
endif
set config=`/bin/ls -1t $confdir [0-9A-Z_]* | head -1`
echo -n "Kernel configuration to update [$config] "
set newconfig=$<
if ( "$newconfig" != "" ) then
set config="$confdir/$newconfig"
else
set newconfig=$config
endif
echo "Re-config'ing $newconfig..."
if ( -f $confdir/$newconfig ) then
mv $confdir/$newconfig $confdir/$newconfig.bak
endif
if ( -d $archdir/$newconfig ) then
mv $archdir/$newconfig $archdir/$newconfig.bak
endif
if ($0 =~ *kinstall) then
awk '{print $0;if($2=="INET"){print"options IPFILTER"}}}' \
$confdir/$newconfig.bak > $confdir/$newconfig
else
awk '{print $0;if($2=="INET"){print"options IPFILTER_LKM"}}' \
$confdir/$newconfig.bak > $confdir/$newconfig
endif
echo 'You will now need to run "config" and build a new kernel.'
exit 0

401
AIX/Makefile Normal file
View File

@ -0,0 +1,401 @@
#
# Copyright (C) 2012 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
BINDEST=/usr/sbin
SBINDEST=/sbin
MANDIR=/usr/share/man
CC=cc
CFLAGS=-g -I$(TOP)
DEBUG=-O3
#
# For AIX 5.3
#
CPU=`uname -p`
INC=-I/usr/include
DEF=-D$(CPU) -D__$(CPU)__ -DINET -DKERNEL -D_KERNEL $(INC)
LKM=ipf
DLKM=
OBJ=.
TOP=..
HERE=AIX/$(OSREV)
AIX=`uname -v`
DEST=.
MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
'CFLAGS=$(CFLAGS)' "IPFLKM=$(IPFLKM)" \
"IPFLOG=$(IPFLOG)" "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" \
"DEBUG=$(DEBUG)" "DCPU=$(CPU)" "CPUDIR=$(CPUDIR)" \
"LOOKUP=$(LOOKUP)" "XID=$(XID)" "SCAN=$(SCAN)" "ALLOPTS=$(ALLOPTS)"
LIBS=-q$(BITS) -L. -lipf
CCARGS=$(DEBUG) $(CFLAGS) -I. -DAIX=$(AIX) -q$(BITS)
EXTRA=$(ALLOPTS)
MILLI=`../bootbits.sh`
FIXMILLI=-D_H_STRING=1 -Dbzero=bzero$(MILLI) \
-Dmemcmp=memcmp$(MILLI) \
-Dmemcpy=memcpy$(MILLI) \
-Dmemccpy=memccpy$(MILLI) \
-Dmemset=memset$(MILLI) \
-Dmemmove=memmove$(MILLI) \
-Dfill=fill$(MILLI) \
-Dstrstr=strstr$(MILLI)
#
########## ########## ########## ########## ########## ########## ##########
#
CP=/bin/cp
RM=/bin/rm
CHMOD=/bin/chmod
INSTALL=$(TOP)/bsdinstall
#
MODOBJS=ip_fil.o fil.o md5.o ip_nat.o ip_frag.o ip_state.o ip_nat6.o \
ip_proxy.o ip_auth.o ip_log.o ip_pool.o ip_htable.o ip_lookup.o \
ip_sync.o ip_scan.o ip_rules.o
DFLAGS=$(DEBUG) -DAIX=$(AIX) $(IPFLKM) $(IPFLOG) $(DEF) $(CFLAGS) $(DLKM) \
$(FIXMILLI) $(IPFBPF) $(LOOKUP) $(XID) -I.
IPF=ipf.o ipfcomp.o ipf_y.o ipf_l.o
IPT=ipftest.o fil_u.o ip_frag_u.o ip_state_u.o ip_nat_u.o ip_nat6_u.o \
ip_proxy_u.o ip_auth_u.o ip_fil_u.o ip_sync_u.o ip_scan_u.o \
ip_log_u.o ip_pool_u.o ip_htable_u.o ip_lookup_u.o ip_rules_u.o \
ipf_y.o ipf_l.o ipnat_y.o ipnat_l.o ippool_y.o ippool_l.o \
md5_u.o radix_ipf_u.o
IPNAT=ipnat.o ipnat_y.o ipnat_l.o
IPMON=ipmon.o ipmon_y.o ipmon_l.o
IPPOOL=ippool_y.o ippool_l.o kmem.o ippool.o
FILS=ipfstat.o
LIBSRC=$(TOP)/lib
RANLIB=ranlib
AROPTS=-X $(BITS) crs
TOOL=$(TOP)/tools
include $(TOP)/lib/Makefile
build all: ./libipf.a ipf.exe ipfs ipfstat ipftest ipmon \
ipnat ippool ipscan ipsyncm ipsyncs cfg_ipf $(LKM)
-sh -c 'for i in ipftest ipmon ippool ipnat ipscan ipsyncm ipsyncs; do /bin/rm -f $(TOP)/$$i; ln -s `pwd`/$$i $(TOP); done'
-ln -s `pwd`/ipf.exe $(TOP)/ipf
ipfstat: $(FILS) ./libipf.a
$(CC) $(CCARGS) $(STATETOP_CFLAGS) $(STATETOP_INC) $(FILS) \
-o $@ $(LIBS) $(STATETOP_LIB)
ipf.exe: $(IPF) ./libipf.a
$(CC) $(CCARGS) $(IPF) -o $@ $(LIBS) $(LIBBPF)
ipftest: $(IPT) ./libipf.a
$(CC) $(CCARGS) $(IPT) -o $@ $(LIBS) $(LIBBPF)
ipnat: $(IPNAT) ./libipf.a
$(CC) $(CCARGS) $(IPNAT) -o $@ $(LIBS)
ipfs: ipfs.o ./libipf.a
$(CC) $(CCARGS) ipfs.o -o $@ $(LIBS)
ipsyncm: ipsyncm.o ./libipf.a
$(CC) $(CCARGS) ipsyncm.o -o $@ $(LIBS)
ipsyncs: ipsyncs.o ./libipf.a
$(CC) $(CCARGS) ipsyncs.o -o $@ $(LIBS)
ipsyncm.o: $(TOOL)/ipsyncm.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncm.c -o $@
ipsyncs.o: $(TOOL)/ipsyncs.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncs.c -o $@
tests:
(cd test; make )
ipfstat.o: $(TOOL)/ipfstat.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_frag.h \
$(TOP)/ip_compat.h $(TOP)/ip_state.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) $(STATETOP_CFLAGS) $(STATETOP_INC) \
-c $(TOOL)/ipfstat.c -o $@
ipfs.o: $(TOOL)/ipfs.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_state.h \
$(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipfs.c -o $@
fil_u.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) $(FIXRADIX) $(IPFBPF) -c $(TOP)/fil.c -o $@
ipf.o: $(TOOL)/ipf.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipf.c -o $@
ipf_y.o: ipf_y.c ipf_y.h $(TOP)/ipf.h ipf_l.h
$(CC) $(CCARGS) $(IPFBPF) -c ipf_y.c -o $@
ipf_l.o: ipf_l.c ipf_y.h $(TOP)/ipf.h ipf_l.h
$(CC) $(CCARGS) -I. -c ipf_l.c -o $@
ipf_y.h ipf_y.c: $(TOOL)/ipf_y.y $(TOP)/ip_pool.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ipf_l.c ipf_l.h: $(TOOL)/lexer.c $(TOP)/ipf.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ipfcomp.o: $(TOOL)/ipfcomp.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipfcomp.c -o $@
ipftest.o: $(TOOL)/ipftest.c $(TOP)/ip_fil.h $(TOP)/ipt.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipftest.c -o $@
ipnat.o: $(TOOL)/ipnat.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipnat.c -o $@
ipnat_y.o: ipnat_y.c ipnat_y.h $(TOP)/ip_fil.h $(TOP)/ip_compat.h \
$(TOP)/ipf.h $(TOP)/ip_nat.h ipnat_l.h
$(CC) $(CCARGS) -c ipnat_y.c -o $@
ipnat_l.o: ipnat_l.c ipnat_y.h $(TOP)/ip_fil.h $(TOP)/ip_compat.h \
$(TOP)/ipf.h $(TOP)/ip_nat.h ipnat_l.h
$(CC) $(CCARGS) -I. -c ipnat_l.c -o $@
ipnat_y.h ipnat_y.c: $(TOOL)/ipnat_y.y $(TOP)/ip_nat.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ipnat_l.c ipnat_l.h: $(TOOL)/lexer.c $(TOP)/ip_nat.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ip_rules.c: $(TOP)/rules/ip_rules $(TOP)/tools/ipfcomp.c ipf.exe
./ipf.exe -cc -nf $(TOP)/rules/ip_rules
$(TOP)/ip_rules.h: ip_rules.c
if [ ! -f $(TOP)/ip_rules.h ] ; then \
/bin/mv -f ip_rules.h $(TOP); \
else \
touch $(TOP)/ip_rules.h; \
fi
ip_nat_u.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_nat.c -o $@
ip_nat6_u.o: $(TOP)/ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_nat6.c -o $@
ip_proxy_u.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_rcmd_pxy.c $(TOP)/ip_raudio_pxy.c \
$(TOP)/ip_rpcb_pxy.c $(TOP)/ip_ipsec_pxy.c $(TOP)/ip_nat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_proxy.c -o $@
ip_frag_u.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_frag.c -o $@
ip_state_u.o: $(TOP)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_state.c -o $@
ip_auth_u.o: $(TOP)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_auth.c -o $@
ip_fil_u.o: $(TOP)/ip_fil.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) $(FIXRADIX) -c $(TOP)/ip_fil.c -o $@
ip_scan_u.o: $(TOP)/ip_scan.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_scan.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_scan.c -o $@
ip_sync_u.o: $(TOP)/ip_sync.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_sync.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_sync.c -o $@
ip_rules_u.o: ip_rules.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ip_rules.h
$(CC) $(CCARGS) $(EXTRA) -c ip_rules.c -o $@
ip_log_u.o: $(TOP)/ip_log.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_log.c -o $@
ip_pool_u.o: $(TOP)/ip_pool.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_pool.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_pool.c -o $@
ip_htable_u.o: $(TOP)/ip_htable.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_htable.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_htable.c -o $@
ip_lookup_u.o: $(TOP)/ip_lookup.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_lookup.c -o $@
bpf_filter_u.o: $(TOP)/bpf_filter.c $(TOP)/pcap-ipf.h $(TOP)/bpf-ipf.h
$(CC) $(CCARGS) -c $(TOP)/bpf_filter.c -o $@
md5_u.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) $(CCARGS) -c $(TOP)/md5.c -o $@
radix_ipf_u.o: $(TOP)/radix_ipf.c $(TOP)/radix_ipf.h
$(CC) $(CCARGS) -c $(TOP)/radix_ipf.c -o $@
cfg_ipf: cfg_ipf.o
# ld -o cfg_ipf cfg_ipf.o -L/usr/lib/ia64l32 -L/usr/ccs/lib/ia64l32 \
# -lodm -lrts -lcfg
$(CC) $(CCARGS) -o cfg_ipf cfg_ipf.o -lodm -lrts -lcfg
cfg_ipf.o: ../aix_cfg_ipf.c
$(CC) -D_ALL_SOURCE -D_KERNEL $(CCARGS) -c ../aix_cfg_ipf.c -o $@
$(LKM): $(MODOBJS) ../ipfkext.exp /lib/kernex.exp /lib/syscalls.exp
ld -G -eipfconfig -bimport:/lib/syscalls.exp -bimport:/lib/kernex.exp \
-bimport:/lib/kernex.exp -bimport:/lib/netinet.exp \
-bimport:/lib/statcmd.exp \
-lcsys -lsys -bexport:../ipfkext.exp -bmap:ipfkext.map \
$(MODOBJS) -o $(LKM)32
/bin/rm -f $(LKM)
ar -X $(BITS) cq $(LKM) $(LKM)32
fil.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h $(TOP)/ipl.h
$(CC) $(POLICY) $(DFLAGS) $(IPFBPF) -c $(TOP)/fil.c -o $@
ip_nat.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(DFLAGS) -c $(TOP)/ip_nat.c -o $@
ip_nat6.o: $(TOP)/ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(DFLAGS) -c $(TOP)/ip_nat6.c -o $@
ip_frag.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(DFLAGS) -c $(TOP)/ip_frag.c -o $@
ip_state.o: $(TOP)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_nat.h
$(CC) $(DFLAGS) -DIPSTATE_SIZE=127 -c $(TOP)/ip_state.c -o $@
ip_proxy.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_rcmd_pxy.c $(TOP)/ip_raudio_pxy.c \
$(TOP)/ip_rpcb_pxy.c $(TOP)/ip_ipsec_pxy.c $(TOP)/ip_nat.h \
$(TOP)/ip_nat.h $(TOP)/ip_fil.h
$(CC) $(DFLAGS) -c $(TOP)/ip_proxy.c -o $@
ip_auth.o: $(TOP)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(DFLAGS) -c $(TOP)/ip_auth.c -o $@
ip_fil.o: $(TOP)/ip_fil_aix.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h $(TOP)/ip_nat.h
$(CC) $(DFLAGS) $(COMPIPF) -c $(TOP)/ip_fil_aix.c -o $@
ip_log.o: $(TOP)/ip_log.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(DFLAGS) -c $(TOP)/ip_log.c -o $@
ip_scan.o: $(TOP)/ip_scan.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ip_scan.h
$(CC) $(DFLAGS) -c $(TOP)/ip_scan.c -o $@
ip_sync.o: $(TOP)/ip_sync.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ip_sync.h
$(CC) $(DFLAGS) -c $(TOP)/ip_sync.c -o $@
radix_ipf.o: $(TOP)/radix_ipf.c $(TOP)/radix_ipf.h
$(CC) $(DFLAGS) -c $(TOP)/radix_ipf.c -o $@
ip_pool.o: $(TOP)/ip_pool.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_pool.h $(TOP)/radix_ipf.h
$(CC) $(DFLAGS) $(FIXRADIX) -c $(TOP)/ip_pool.c -o $@
ip_htable.o: $(TOP)/ip_htable.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_htable.h
$(CC) $(DFLAGS) -c $(TOP)/ip_htable.c -o $@
ip_lookup.o: $(TOP)/ip_lookup.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_lookup.h
$(CC) $(DFLAGS) $(FIXRADIX) -c $(TOP)/ip_lookup.c -o $@
ip_rules.o: ip_rules.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ip_rules.h
$(CC) -I. $(DFLAGS) -c ip_rules.c -o $@
ip_rulesx.o: ip_rules.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ip_rules.h
$(CC) -I. -DIPFILTER_COMPILED $(DFLAGS) -c ip_rules.c -o $@
#aix.o: $(TOP)/aix.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h
# $(CC) $(DFLAGS) -c $(TOP)/aix.c -o $@
md5.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) $(DFLAGS) -c $(TOP)/md5.c -o $@
ipmon: $(IPMON) ./libipf.a
$(CC) $(CCARGS) $(LOGFAC) $(IPMON) -o $@ $(LIBS) -ll
ipmon.o: $(TOOL)/ipmon.c $(TOP)/ipmon.h
$(CC) $(CCARGS) $(LOGFAC) -c $(TOOL)/ipmon.c -o $@
ipmon_y.o: ipmon_y.c ipmon_y.h $(TOP)/ipmon.h ipmon_l.h
$(CC) $(CCARGS) -c ipmon_y.c -o $@
ipmon_l.o: ipmon_l.c ipmon_y.h $(TOP)/ipmon.h ipmon_l.h
$(CC) $(CCARGS) -I. -c ipmon_l.c -o $@
ipmon_y.h ipmon_y.c: $(TOOL)/ipmon_y.y $(TOP)/ipmon.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ipmon_l.c ipmon_l.h: $(TOOL)/lexer.c $(TOP)/ipmon.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ipscan: ipscan_y.o ipscan_l.o
$(CC) $(DEBUG) ipscan_y.o ipscan_l.o -o $@ -ll $(LIBS)
ipscan_y.o: ipscan_y.c ipscan_y.h $(TOP)/ip_scan.h ipscan_l.h
$(CC) $(CCARGS) -c ipscan_y.c -o $@
ipscan_l.o: ipscan_l.c ipscan_y.h $(TOP)/ip_scan.h ipscan_l.h
$(CC) $(CCARGS) -I. -c ipscan_l.c -o $@
ipscan_y.h ipscan_y.c: $(TOOL)/ipscan_y.y $(TOP)/ip_scan.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ipscan_l.c ipscan_l.h: $(TOOL)/lexer.c $(TOP)/ip_scan.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ippool: $(IPPOOL)
$(CC) $(DEBUG) -I. $(CFLAGS) $(IPPOOL) -o $@ $(LIBS) -ll
ippool.o: $(TOOL)/ippool.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(TOOL)/ippool.c -o $@
ippool_y.o: ippool_y.c ippool_y.h $(TOP)/ip_pool.h ippool_l.h
$(CC) $(CCARGS) -c ippool_y.c -o $@
ippool_l.o: ippool_l.c ippool_y.h $(TOP)/ip_pool.h ippool_l.h
$(CC) $(CCARGS) -I. -c ippool_l.c -o $@
ippool_y.h ippool_y.c: $(TOOL)/ippool_y.y $(TOP)/ip_pool.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ippool_l.c ippool_l.h: $(TOOL)/lexer.c $(TOP)/ip_pool.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
.y.c:
.l.c:
clean:
${RM} -f ../ipf.exe ../ipnat ../ipmon ../ippool ../ipftest
${RM} -f ../ipscan ../ipsyncm ../ipsyncs cfg_ipf
${RM} -f *.core *.o *.a *.o.d
${RM} -f fils ipf.exe ipfstat ipftest ipmon if_ipl ipnat
${RM} -f $(LKM) ioconf.h *.ko setdef1.c setdef0.c setdefs.h
${RM} -f ip_fil.c ipf_l.c ipf_y.c ipf_y.h ipf_l.h
${RM} -f ipscan ipscan_y.c ipscan_y.h ipscan_l.c ipscan_l.h
${RM} -f ippool ippool_y.c ippool_y.h ippool_l.c ippool_l.h
${RM} -f ipnat_y.c ipnat_y.h ipnat_l.c ipnat_l.h
${RM} -f ipmon_y.c ipmon_y.h ipmon_l.c ipmon_l.h
${RM} -f ipscan ipscan_y.c ipscan_y.h ipscan_l.c y.tab.? lex.yy.c ipfs
${RM} -f ipsyncm ipsyncs ip_rules.c ip_rules.h
${MAKE} -f Makefile.ipsend ${MFLAGS} clean
-(for i in *; do \
if [ -d $${i} -a -f $${i}/Makefile ] ; then \
cd $${i}; (make TOP=../.. clean); cd ..; \
rm $${i}/Makefile $${i}/Makefile.ipsend; \
rmdir $${i}; \
fi \
done)
install:
cp cfg_ipf /usr/lib/methods
cp $(LKM) /usr/lib/drivers/ipf
-for i in ipfs ipnat ipscan ipfstat; do \
$(INSTALL) -s -c -g system -m 755 -o root $$i $(SBINDEST); \
done
$(INSTALL) -s -c -g system -m 755 -o root ipf.exe $(SBINDEST)/ipf
-for i in ipmon ipftest ipsyncs ipsyncm; do \
$(INSTALL) -s -c -g system -m 755 -o root $$i $(BINDEST); \
done
(cd $(TOP)/man; make INSTALL=../bsdinstall MANDIR=$(MANDIR) install; cd $(TOP))
sync

78
AIX/Makefile.ipsend Normal file
View File

@ -0,0 +1,78 @@
MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
"CC=$(CC)" "CFLAGS=$(CFLAGS)" "DEBUG=$(DEBUG)" \
"IPFLKM=$(IPFLKM)" "IPFLOG=$(IPFLOG)" \
"LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" "LOOKUP=$(LOOKUP)"
FIXRADIX=-Dradix_node=ipf_radix_node -Dradix_node_head=ipf_radix_node_head
OBJS=ipsend.o ip.o ipsopt.o iplang_y.o iplang_l.o
IPFTO=ipft_ef.o ipft_hx.o ipft_pc.o ipft_sn.o ipft_td.o ipft_tx.o
ROBJS=ipresend.o ip.o resend.o
TOBJS=iptest.o iptests.o ip.o
UNIXOBJS=dlcommon.o sbpf.o arp.o sock.o
OBJ=.
LIBS=-L$(OBJ) -lipf
CC=cc
CFLAGS=-g -I$(TOP)
CCARGS=$(DEBUG) $(CFLAGS) -I.
all nit sunos4 sunos4-nit build : ipsend ipresend iptest
iplang_y.o: $(TOP)/iplang/iplang_y.y
(cd $(TOP)/iplang; $(MAKE) 'DESTDIR=../AIX/$(OSREV)' )
iplang_l.o: $(TOP)/iplang/iplang_l.l
(cd $(TOP)/iplang; $(MAKE) 'DESTDIR=../AIX/$(OSREV)' )
.c.o:
$(CC) $(CCARGS) -c $(TOP)/ipsend/$< -o $@
ipsend: $(OBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(OBJS) $(UNIXOBJS) -o $@ $(LIBS) -ll
ipresend: $(ROBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(ROBJS) $(UNIXOBJS) -o $@ $(LIBS)
iptest: $(TOBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(TOBJS) $(UNIXOBJS) -o $@ $(LIBS)
clean:
rm -rf *.o core a.out ipsend ipresend iptest iplang_y.* iplang_l.*
ipsend.o: $(TOP)/ipsend/ipsend.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/ipsend.c -o $@
ipsopt.o: $(TOP)/ipsend/ipsopt.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/ipsopt.c -o $@
ipresend.o: $(TOP)/ipsend/ipresend.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/ipresend.c -o $@
ip.o: $(TOP)/ipsend/ip.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/ip.c -o $@
resend.o: $(TOP)/ipsend/resend.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/resend.c -o $@
ipft_sn.o: $(TOP)/ipft_sn.c
$(CC) $(CCARGS) -c $(TOP)/ipft_sn.c -o $@
ipft_pc.o: $(TOP)/ipft_pc.c
$(CC) $(CCARGS) -c $(TOP)/ipft_pc.c -o $@
iptest.o: $(TOP)/ipsend/iptest.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/iptest.c -o $@
iptests.o: $(TOP)/ipsend/iptests.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/iptests.c -o $@
sbpf.o: $(TOP)/ipsend/sbpf.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/sbpf.c -o $@
snit.o: $(TOP)/ipsend/snit.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/snit.c -o $@
sock.o: $(TOP)/ipsend/sock.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/sock.c -o $@
arp.o: $(TOP)/ipsend/arp.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/arp.c -o $@
44arp.o: $(TOP)/ipsend/44arp.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/44arp.c -o $@
lsock.o: $(TOP)/ipsend/lsock.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/lsock.c -o $@
slinux.o: $(TOP)/ipsend/slinux.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/slinux.c -o $@
larp.o: $(TOP)/ipsend/larp.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/larp.c -o $@
dlcommon.o: $(TOP)/ipsend/dlcommon.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/dlcommon.c -o $@
sdlpi.o: $(TOP)/ipsend/sdlpi.c
$(CC) $(CCARGS) -c $(TOP)/ipsend/sdlpi.c -o $@

257
AIX/aix_cfg_ipf.c Normal file
View File

@ -0,0 +1,257 @@
/*
* Copyright (C) 2012 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* $Id$
*/
#include <sys/param.h>
#include <sys/types.h>
#include <sys/file.h>
#include <sys/ldr.h>
/*
* This is a workaround for <sys/uio.h> troubles on FreeBSD, HPUX, OpenBSD.
* Needed here because on some systems <sys/uio.h> gets included by things
* like <sys/socket.h>
*/
#include <sys/uio.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <net/if.h>
#define _TCP_DEBUG_H_
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/tcp.h>
#include <netinet/udp.h>
#include <arpa/inet.h>
#include <errno.h>
#include <limits.h>
#include <netdb.h>
#include <stdlib.h>
#include <stddef.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "netinet/ip_compat.h"
#include "netinet/ip_fil.h"
#ifndef __P
# ifdef __STDC__
# define __P(x) x
# else
# define __P(x) ()
# endif
#endif
#ifndef __STDC__
# undef const
# define const
#endif
/*
* AIX requires a specific configure/unconfigure program
*/
#undef ASSERT
#include <sys/device.h>
#include <sys/sysconfig.h>
void loadipf __P((int major, int minor, dev_t devno, char *));
void unloadipf __P((int major, int minor, dev_t devno));
void queryipf __P((int major, int minor, dev_t devno));
int checkarg __P((int, char *arg));
void usage __P((char *));
static char *ipf_devfiles[] = { IPL_NAME, IPNAT_NAME, IPSTATE_NAME,
IPAUTH_NAME, IPSYNC_NAME, IPSCAN_NAME,
IPLOOKUP_NAME, NULL };
int
main(int argc, char *argv[])
{
int major, minor, action;
dev_t devno;
action = checkarg(argc, argv[1]);
if (action == -1)
usage(argv[0]);
if (odm_initialize() == -1) {
fprintf(stderr, "odm_initialize() failed\n");
exit(1);
}
major = genmajor("ipf");
if (major == -1) {
fprintf(stderr, "genmajor(ipf) failed\n");
exit(1);
}
minor = 0;
devno = makedev(major, minor);
if (devno == -1) {
fprintf(stderr, "makedev(%d,%d) failed\n", major, minor);
exit(1);
}
printf("Major %d\ndevno %x\n", major, devno);
switch (action)
{
case 1 :
loadipf(major, minor, devno, argv[2]);
break;
case 2 :
unloadipf(major, minor, devno);
break;
case 3 :
queryipf(major, minor, devno);
break;
}
odm_terminate();
return 0;
}
void usage(char *prog)
{
fprintf(stderr, "Usage:\t%s -l\n\t%s -u\n\t%s -q\n",
prog, prog, prog);
exit(1);
}
int checkarg(int argc, char *arg)
{
if (argc < 2)
return -1;
if (!strcmp(arg, "-l") && (argc <= 3))
return 1;
if (!strcmp(arg, "-u") && (argc == 2))
return 2;
if (!strcmp(arg, "-q") && (argc == 2))
return 3;
return -1;
}
void
loadipf(int major, int minor, dev_t devno, char *path)
{
struct cfg_dd ipfcfg;
struct cfg_load cfg;
char *buffer[1024];
char *ipfpath;
int i;
bzero(buffer, sizeof(buffer));
if (path != NULL)
ipfpath = path;
else
ipfpath = "/usr/lib/drivers/ipf";
#if 0
bzero((char *)&cfg, sizeof(cfg));
cfg.path = ipfpath;
cfg.libpath = "/usr/lib/drivers/";
sysconfig(SYS_SINGLELOAD, &cfg, sizeof(cfg));
ipfcfg.kmid = cfg.kmid;
#else
ipfcfg.kmid = (mid_t)loadext(ipfpath, TRUE, TRUE);
#endif
if (ipfcfg.kmid == (mid_t)NULL)
{
perror("loadext");
buffer[0] = "execerror";
buffer[1] = "ipf";
loadquery(1, &buffer[2], sizeof(buffer) - sizeof(*buffer)*2);
execvp("/usr/sbin/execerror", buffer);
exit(errno);
}
ipfcfg.devno = devno;
ipfcfg.cmd = CFG_INIT;
ipfcfg.ddsptr = (caddr_t)NULL;
ipfcfg.ddslen = 0;
if (sysconfig(SYS_CFGDD, &ipfcfg, sizeof(ipfcfg)) == -1) {
perror("sysconifg(SYS_CFGDD)");
exit(errno);
}
for (i = 0; ipf_devfiles[i] != NULL; i++) {
unlink(ipf_devfiles[i]);
if (mknod(ipf_devfiles[i], 0600 | _S_IFCHR, devno) == -1) {
perror("mknod(devfile)");
exit(errno);
}
}
}
void
unloadipf(int major, int minor, dev_t devno)
{
struct cfg_dd ipfcfg;
struct cfg_load cfg;
int i;
cfg.path = "/usr/lib/drivers/ipf";
cfg.kmid = 0;
if (sysconfig(SYS_QUERYLOAD, &cfg, sizeof(cfg)) == -1) {
perror("sysconfig(SYS_QUERYLOAD)");
exit(errno);
}
ipfcfg.kmid = cfg.kmid;
ipfcfg.devno = devno;
ipfcfg.cmd = CFG_TERM;
if (sysconfig(SYS_CFGDD, &ipfcfg, sizeof(ipfcfg)) == -1) {
perror("sysconfig(SYS_CFGDD)");
exit(errno);
}
for (i = 0; ipf_devfiles[i] != NULL; i++) {
unlink(ipf_devfiles[i]);
}
if (loadext("ipf", FALSE, FALSE) == NULL) {
perror("loadext");
exit(errno);
}
}
void
queryipf(int major, int minor, dev_t devno)
{
struct cfg_dd ipfcfg;
struct cfg_load cfg;
int i;
cfg.path = "/usr/lib/drivers/ipf";
cfg.kmid = 0;
if (sysconfig(SYS_QUERYLOAD, &cfg, sizeof(cfg)) == -1) {
perror("sysconfig(SYS_QUERYLOAD)");
exit(errno);
}
printf("Kernel module ID: %d\n", cfg.kmid);
ipfcfg.kmid = cfg.kmid;
ipfcfg.devno = devno;
ipfcfg.cmd = CFG_QVPD;
if (sysconfig(SYS_CFGDD, &ipfcfg, sizeof(ipfcfg)) == -1) {
perror("sysconfig(SYS_CFGDD)");
exit(errno);
}
}

21
AIX/bootbits.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/sh
case `file /unix 2>/dev/null` in
*64*)
bits=64
;;
*)
bits=32
;;
esac
case $1 in
milli)
if [ $bits = 64 ] ; then
echo 64
fi
;;
*)
echo $bits
;;
esac
exit 0

6
AIX/cpurev Executable file
View File

@ -0,0 +1,6 @@
#!/bin/sh
rev=`uname -r`
build=`uname -v`
model=`uname -M`
echo $rev.$build.$model
exit 0

2
AIX/ipfkext.exp Normal file
View File

@ -0,0 +1,2 @@
#!/unix
* export values from ipfkext

View File

@ -1,22 +0,0 @@
ipf
ipfs
ipfstat
ipftest
ipmon
ipnat
ipresend
ipsend
iptest
vnode_if.h
if_ipl
i386
amiga
FreeBSD*
BSDOS*
NetBSD*
OpenBSD*
*_lex_var.h
*_y.c
*_l.c
*_y.h
ip_rules.*

View File

@ -1,9 +1,8 @@
#
# Copyright (C) 1993-1998 by Darren Reed.
# Copyright (C) 2012 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
TOP=../..
BINDEST=/usr/sbin
SBINDEST=/sbin
MANDIR=/usr/share/man
@ -17,13 +16,14 @@ CFLAGS=-g -I$(TOP)
#
DEVFS!=/usr/bin/lsvfs 2>&1 | sed -n 's/.*devfs.*/-DDEVFS/p'
CPU!=uname -m
INC=-I/usr/include -I/sys -I/sys/sys -I/sys/arch
COMPDIR!=/bin/ls -1tr /usr/src/sys/arch/${CPU}/compile | tail -1
INC=-I/usr/include -I/sys -I/sys/sys -I/sys/arch -I/usr/src/sys/arch/${CPU}/compile/${COMPDIR}
DEF=-D$(CPU) -D__$(CPU)__ -DINET -DKERNEL -D_KERNEL $(INC) $(DEVFS) -fno-builtin
IPDEF=$(DEF) -DGATEWAY -DDIRECTED_BROADCAST
VNODESHDIR=/sys/kern
MLD=$(ML)
ML=mln_ipl.c
LKM=if_ipl.o
LKM=ipflkm.o
LKMR=ipfrule.o
DLKM=
OBJ=.
@ -44,15 +44,15 @@ INSTALL=install
#
MODOBJS=ip_fil.o fil.o ml_ipl.o ip_nat.o ip_frag.o ip_state.o ip_proxy.o \
ip_auth.o ip_log.o ip_pool.o ip_htable.o ip_lookup.o ip_rules.o \
ip_scan.o ip_sync.o
ip_scan.o ip_sync.o ip_nat6.o ip_dstlist.o radix_ipf.o
# ip_trafcon.o
DFLAGS=$(IPFLKM) $(IPFLOG) $(LOOKUP) $(SYNC) $(DEF) $(DLKM) $(IPFBPF)
IPF=ipf.o ipfcomp.o ipf_y.o ipf_l.o bpf_filter_u.o
IPT=ipftest.o fil_u.o ip_frag_u.o ip_state_u.o ip_nat_u.o \
IPF=ipf.o ipfcomp.o ipf_y.o ipf_l.o
IPT=ipftest.o fil_u.o ip_frag_u.o ip_state_u.o ip_nat_u.o ip_nat6_u.o \
ip_proxy_u.o ip_auth_u.o ip_htable_u.o ip_lookup_u.o ip_pool_u.o \
ip_scan_u.o ip_sync_u.o ip_rules_u.o ip_fil_u.o ip_log_u.o \
ippool_y.o ippool_l.o ipf_y.o ipf_l.o ipnat_y.o ipnat_l.o \
md5_u.o radix_u.o bpf_filter_u.o
md5_u.o radix_ipf_u.o ip_dstlist_u.o
# ip_syn_u.o
#ip_trafcon_u.o
TOOL=$(TOP)/tools
@ -60,9 +60,9 @@ IPNAT=ipnat.o ipnat_y.o ipnat_l.o
IPMON=ipmon.o ipmon_y.o ipmon_l.o
IPPOOL=ippool_y.o ippool_l.o kmem.o ippool.o
IPTRAFCON=iptrafcon.o
PROXYLIST=$(TOP)/ip_ftp_pxy.c $(TOP)/ip_ipsec_pxy.c $(TOP)/ip_irc_pxy.c \
$(TOP)/ip_netbios_pxy.c $(TOP)/ip_raudio_pxy.c $(TOP)/ip_rcmd_pxy.c \
$(TOP)/ip_rpcb_pxy.c $(TOP)/ip_pptp_pxy.c
PROXYLIST=$(TOP)/ip_dns_pxy.c $(TOP)/ip_ftp_pxy.c $(TOP)/ip_ipsec_pxy.c \
$(TOP)/ip_irc_pxy.c $(TOP)/ip_netbios_pxy.c $(TOP)/ip_raudio_pxy.c \
$(TOP)/ip_rcmd_pxy.c $(TOP)/ip_rpcb_pxy.c $(TOP)/ip_pptp_pxy.c
FILS=ipfstat.o
LIBSRC=$(TOP)/lib
RANLIB=ranlib
@ -70,6 +70,11 @@ AROPTS=cq
HERE!=pwd
CCARGS=-I. $(DEBUG) $(CFLAGS) $(UFLAGS)
KCARGS=-I. $(DEBUG) $(CFLAGS)
.if ${MACHINE_ARCH} == amd64
KCARGS+=-mcmodel=kernel -mno-red-zone -fno-omit-frame-pointer \
-mfpmath=387 -mno-sse -mno-sse2 -mno-mmx -mno-3dnow \
-msoft-float -fno-asynchronous-unwind-tables
.endif
#
# Extra is option kernel things we always want in user space.
#
@ -77,9 +82,11 @@ EXTRA=$(ALLOPTS)
include $(TOP)/lib/Makefile
build all: machine $(OBJ)/libipf.a ipf ipfs ipfstat ipftest ipmon ipnat \
ippool ipscan ipsyncm ipsyncs $(LKM) $(LKMR)
-sh -c 'for i in ipf ipftest ipmon ippool ipnat ipscan ipsyncm ipsyncs; do /bin/rm -f $(TOP)/$$i; ln -s `pwd`/$$i $(TOP); done'
build all: machine $(OBJ)/libipf.a tools $(LKM) $(LKMR)
tools: ipf ipfs ipfstat ipftest ipmon ipnat ippool ipscan ipsyncm \
ipsyncs ipfsyncd
-sh -c 'for i in ipf ipftest ipmon ippool ipnat ipscan ipsyncm ipsyncs ipfsyncd; do /bin/rm -f $(TOP)/$$i; ln -s `pwd`/$$i $(TOP); done'
-/bin/rm -f ../tools ./tools
-ln -s ../tools .
-ln -s ../tools ..
@ -122,12 +129,18 @@ ipsyncm: ipsyncm.o $(OBJ)/libipf.a
ipsyncs: ipsyncs.o $(OBJ)/libipf.a
$(CC) $(CCARGS) ipsyncs.o -o $@ $(LIBS)
ipfsyncd: ipfsyncd.o $(OBJ)/libipf.a
$(CC) $(CCARGS) ipfsyncd.o -o $@ $(LIBS)
ipsyncm.o: $(TOOL)/ipsyncm.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncm.c -o $@
ipsyncs.o: $(TOOL)/ipsyncs.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncs.c -o $@
ipfsyncd.o: $(TOOL)/ipfsyncd.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipfsyncd.c -o $@
tests:
(cd test; make )
@ -146,7 +159,7 @@ fil_u.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h \
fil.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h $(TOP)/ipl.h \
$(TOP)/ip_rules.h
$(CC) $(KCARGS) $(POLICY) $(DFLAGS) $(IPFBPF) $(COMPIPF) \
$(CC) $(KCARGS) $(POLICY) $(DFLAGS) $(IPFBPF) $(COMPIPF) $(COMPATIPF) \
-c $(TOP)/fil.c -o $@
ipf.o: $(TOOL)/ipf.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/opts.h
@ -163,7 +176,7 @@ ipnat.o: $(TOOL)/ipnat.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_nat.h \
$(TOP)/opts.h
$(CC) $(CCARGS) -c $(TOOL)/ipnat.c -o $@
ipnat_y.o: ipnat_y.c ipnat_y.h ipnat_l.h
ipnat_y.o: ipnat_y.c ipnat_y.h ipnat_l.h $(TOP)/ip_fil.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) -c ipnat_y.c -o $@
ipnat_l.o: ipnat_l.c ipnat_y.h
@ -183,6 +196,9 @@ ipnat_l.h: $(TOOL)/lexer.h
ip_nat_u.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_nat.c -o $@
ip_nat6_u.o: $(TOP)/ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_nat6.c -o $@
ip_proxy_u.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(PROXYLIST) $(TOP)/ip_nat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_proxy.c -o $@
@ -222,8 +238,13 @@ ip_htable_u.o: $(TOP)/ip_htable.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_htable.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_htable.c -o $@
ip_dstlist_u.o: $(TOP)/ip_dstlist.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_dstlist.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_dstlist.c -o $@
ip_lookup_u.o: $(TOP)/ip_lookup.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_lookup.h $(TOP)/ip_pool.h $(TOP)/ip_htable.h
$(TOP)/ip_lookup.h $(TOP)/ip_pool.h $(TOP)/ip_htable.h \
$(TOP)/ip_dstlist.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_lookup.c -o $@
ip_trafcon_u.o: $(TOP)/ip_trafcon.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
@ -236,19 +257,28 @@ ip_log_u.o: $(TOP)/ip_log.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h
md5_u.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/md5.c -o $@
radix_u.o: $(TOP)/md5.c $(TOP)/radix_ipf.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/radix.c -o $@
radix_ipf_u.o: $(TOP)/md5.c $(TOP)/radix_ipf.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/radix_ipf.c -o $@
bpf_filter_u.o: $(TOP)/bpf_filter.c $(TOP)/pcap-ipf.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/bpf_filter.c -o $@
if_ipl.o: $(MODOBJS)
ipflkm.o: $(MODOBJS)
ld -r $(MODOBJS) -o $(LKM)
${RM} -f if_ipl
${RM} -f ipflkm
ipfrule.ko.5: ip_rulesx.o $(MLR)
.if ${MACHINE_ARCH} != amd64
ld -warn-common -r -d -o $(.TARGET:S/.ko/.kld/) ip_rulesx.o $(MLR)
ld -Bshareable -d -warn-common -o $(LKMR:S/.5$//) $(.TARGET:S/.ko/.kld/)
.else
ld -warn-common -r -d -o $(.TARGET:S/.5$//) ip_rulesx.o $(MLR)
nm -g $(.TARGET:S/.5$//) | \
awk '/^[^[:space:]]+ [^AU] (.*)$$/ { print ($$2=="C" ? "-N" : "-L") $$3 }' | \
xargs -J% objcopy % $(.TARGET:S/.5$//)
.endif
ipfrule.ko: ip_rulesx.o $(MLR)
gensetdefs ip_rulesx.o $(MLR)
$(CC) $(KCARGS) -c setdef0.c
@ -256,8 +286,15 @@ ipfrule.ko: ip_rulesx.o $(MLR)
ld -Bshareable -o $@ setdef0.o ip_rulesx.o $(MLR) setdef1.o
ipf.ko.5 ipl.ko.5: $(MODOBJS)
.if ${MACHINE_ARCH} != amd64
ld -warn-common -r -d -o $(.TARGET:S/.ko/.kld/) $(MODOBJS)
ld -Bshareable -d -warn-common -o $(LKM:S/.5$//) $(.TARGET:S/.ko/.kld/)
.else
ld -warn-common -r -d -o $(.TARGET:S/.5$//) $(MODOBJS)
nm -g $(.TARGET:S/.5$//) | \
awk '/^[^[:space:]]+ [^AU] (.*)$$/ { print ($$2=="C" ? "-N" : "-L") $$3 }' | \
xargs -J% objcopy % $(.TARGET:S/.5$//)
.endif
ipf.ko ipl.ko: $(MODOBJS)
gensetdefs $(MODOBJS)
@ -268,6 +305,9 @@ ipf.ko ipl.ko: $(MODOBJS)
ip_nat.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_nat.c -o $@
ip_nat6.o: $(TOP)/ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_nat6.c -o $@
ip_frag.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_frag.c -o $@
@ -290,6 +330,11 @@ ip_fil.c:
ip_fil.o: ip_fil.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h $(TOP)/ip_nat.h
$(CC) $(KCARGS) $(DFLAGS) $(COMPIPF) -c ip_fil.c -o $@
ip_fil_compat.o: $(TOP)/ip_fil_compat.c $(TOP)/ipl.h $(TOP)/ip_fil.h \
$(TOP)/ip_compat.h $(TOP)/ip_nat.h $(TOP)/ip_state.h
$(CC) $(KCARGS) $(DFLAGS) $(COMPIPF) $(COMPATIPF) \
-c $(TOP)/ip_fil_compat.c -o $@
ip_log.o: $(TOP)/ip_log.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_log.c -o $@
@ -307,16 +352,26 @@ ip_htable.o: $(TOP)/ip_htable.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_lookup.h $(TOP)/ip_htable.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_htable.c -o $@
ip_dstlist.o: $(TOP)/ip_dstlist.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_lookup.h $(TOP)/ip_dstlist.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_dstlist.c -o $@
ip_lookup.o: $(TOP)/ip_lookup.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_pool.h $(TOP)/ip_htable.h $(TOP)/ip_lookup.h
$(TOP)/ip_pool.h $(TOP)/ip_htable.h $(TOP)/ip_lookup.h \
$(TOP)/ip_dstlist.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_lookup.c -o $@
radix_ipf.o: $(TOP)/md5.c $(TOP)/radix_ipf.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/radix_ipf.c -o $@
ip_trafcon.o: $(TOP)/ip_trafcon.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_trafcon.h
$(CC) $(KCARGS) $(DFLAGS) -c $(TOP)/ip_trafcon.c -o $@
vnode_if.h: $(VNODESHDIR)/vnode_if.src
mkdir -p ../sys
mkdir -p ../rump/include/rump
mkdir -p ../rump/librump/rumpvfs
if [ -f $(VNODESHDIR)/vnode_if.sh ] ; then \
sh $(VNODESHDIR)/vnode_if.sh $(VNODESHDIR)/vnode_if.src; \
fi
@ -325,10 +380,11 @@ vnode_if.h: $(VNODESHDIR)/vnode_if.src
fi
if [ -f ../sys/vnode_if.h ] ; then mv ../sys/vnode_if.h .; fi
rmdir ../sys
rm -rf ../rump
ml_ipl.o: vnode_if.h $(TOP)/$(MLD) $(TOP)/ipl.h
-/bin/rm -f vnode_if.c
$(CC) -I. $(CFLAGS) $(DFLAGS) -c $(TOP)/$(ML) -o $@
$(CC) -I. $(KCARGS) $(DFLAGS) -c $(TOP)/$(ML) -o $@
ip_rules.o: ip_rules.c $(TOP)/ip_rules.h
$(CC) -I. $(CFLAGS) $(DFLAGS) $(COMPIPF) -c ip_rules.c -o $@
@ -344,7 +400,7 @@ $(TOP)/ip_rules.h: ip_rules.c
fi
ip_rulesx.o: ip_rules.c $(TOP)/ip_rules.h
$(CC) -I. $(CFLAGS) $(DFLAGS) -DIPFILTER_COMPILED -c ip_rules.c -o $@
$(CC) -I. $(KCARGS) $(DFLAGS) -DIPFILTER_COMPILED -c ip_rules.c -o $@
mlf_rule.o: $(TOP)/mlf_rule.c $(TOP)/ip_rules.h
$(CC) -I. $(CFLAGS) $(DFLAGS) -c $(TOP)/mlf_rule.c -o $@
@ -356,7 +412,7 @@ mlo_rule.o: $(TOP)/mlo_rule.c $(TOP)/ip_rules.h
$(CC) -I. $(CFLAGS) $(DFLAGS) -c $(TOP)/mlo_rule.c -o $@
mlfk_rule.o: $(TOP)/mlfk_rule.c $(TOP)/ip_rules.h
$(CC) -I. $(CFLAGS) $(DFLAGS) -c $(TOP)/mlfk_rule.c -o $@
$(CC) -I. $(KCARGS) $(DFLAGS) -c $(TOP)/mlfk_rule.c -o $@
ipf_y.o: ipf_y.c ipf_y.h $(TOP)/ipf.h ipf_l.h $(TOP)/opts.h
$(CC) $(CCARGS) $(IPFBPF) -c ipf_y.c -o $@
@ -427,10 +483,11 @@ ippool_y.o: ippool_y.c ippool_y.h $(TOP)/ip_pool.h ippool_l.h
ippool_l.o: ippool_l.c ippool_y.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -I. -c ippool_l.c -o $@
ippool_y.c: $(TOOL)/ippool_y.y $(TOP)/ip_pool.h ippool_l.h
ippool_y.c: $(TOOL)/ippool_y.y $(TOP)/ip_pool.h ippool_l.h ippool_y.h
(cd $(TOOL); make "DEST=$(HERE)" $(HERE)/$@)
ippool_y.h: ippool_y.c
ippool_y.h: $(TOOL)/ippool_y.y
(cd $(TOOL); make "DEST=$(HERE)" $(HERE)/$@)
ippool_l.c: $(TOOL)/lexer.c $(TOP)/ip_pool.h
(cd $(TOOL); make "DEST=$(HERE)" $(HERE)/$@)
@ -452,7 +509,7 @@ clean:
${RM} -f ../ipf ../ipnat ../ipmon ../ippool ../ipftest
${RM} -f ../ipscan ../ipsyncm ../ipsyncs
${RM} -f *.core *.o *.a ipt ipfstat ipf ipfstat ipftest ipmon
${RM} -f if_ipl ipnat ipfrule.ko* ipf.kld* ipfrule.kld*
${RM} -f ipflkm ipnat ipfrule.ko* ipf.kld* ipfrule.kld*
${RM} -f vnode_if.h $(LKM) ioconf.h *.ko setdef1.c setdef0.c setdefs.h
${RM} -f ip_fil.c ipf_l.c ipf_y.c ipf_y.h ipf_l.h
${RM} -f ipscan ipscan_y.c ipscan_y.h ipscan_l.c ipscan_l.h
@ -481,8 +538,8 @@ install:
/bin/cp $(TOP)/$$i /usr/include/netinet/; \
$(CHMOD) 444 /usr/include/netinet/$$i; \
done
-if [ -d /lkm -a -f if_ipl.o ] ; then \
cp if_ipl.o /lkm; \
-if [ -d /lkm -a -f ipflkm.o ] ; then \
cp ipflkm.o /lkm; \
fi
-if [ -d /modules -a -f ipf.ko ] ; then \
if [ -f /modules/ipl.ko ] ; then \
@ -494,6 +551,7 @@ install:
-if [ -d /modules -a -f ipfrule.ko ] ; then \
cp ipfrule.ko /modules; \
fi
.if ${MACHINE_ARCH} != amd64
-if [ -d /boot/kernel -a -f ipf.ko ] ; then \
if [ -f /boot/kernel/ipl.ko ] ; then \
cp ipf.ko /boot/kernel/ipl.ko; \
@ -504,8 +562,29 @@ install:
-if [ -d /boot/kernel -a -f ipfrule.ko ] ; then \
cp ipfrule.ko /boot/kernel; \
fi
-if [ -d /usr/lkm -a -f if_ipl.o ] ; then \
cp if_ipl.o /usr/lkm; \
.else
-if [ -d /boot/kernel -a -f ipf.ko ] ; then \
if [ -f /boot/kernel/ipl.ko ] ; then \
objcopy --only-keep-debug ipf.ko
/boot/kernel/ipl.ko.symbols; \
objcopy --strip-debug \
--add-gnu-debuglink=ipl.ko.symbols \
ipf.ko /boot/kernel/ipl.ko; \
else \
objcopy --only-keep-debug ipf.ko \
/boot/kernel/ipf.ko.symbols; \
objcopy --strip-debug \
--add-gnu-debuglink=ipl.ko.symbols \
ipf.ko /boot/kernel/ipf.ko; \
fi \
fi
-if [ -d /boot/kernel -a -f ipfrule.ko ] ; then \
objcopy --only-keep-debug ipfrule.ko /boot/kernel/ipfrule.ko.symbols; \
objcopy --strip-debug --add-gnu-debuglink=ipfrule.ko.symbols ipfrule.ko /boot/kernel/ipfrule.ko; \
fi
.endif
-if [ -d /usr/lkm -a -f ipflkm.o ] ; then \
cp ipflkm.o /usr/lkm; \
fi
-$(INSTALL) -cs -g wheel -m 755 -o root ipscan $(SBINDEST)
(cd $(TOP)/man; make INSTALL=$(INSTALL) MANDIR=$(MANDIR) install; cd $(TOP))
@ -533,8 +612,8 @@ install:
(cd $(TOP)/man; make INSTALL=$(INSTALL) MANDIR=$(MANDIR) install; cd $(TOP))
coverage:
ksh -c 'for i in *.da; do j=$${i%%.da}.c; gcov $$j 2>&1 | egrep -v "y.tab.c|Could|Creating|_l\.c|\.h"; done' | sort -k 1n -k 3n > report
sort -k 1n -k 3n report | perl -e 'while(<>) { next if (/^0.00/); s/\%//g; @F=split;$$lc+=$$F[2];$$t += ($$F[0]/100)*$$F[2];} printf "%d of %d = %d%%\n", $$t, $$lc,($$t/$$lc)*100;' >> report
ksh -c 'for i in *.da; do j=$${i%%.da}.c; gcov $$j 2>&1 | egrep -v "y.tab.c|Could|Creating|_l\.c|\.h"; done' | sort -n > report
sort -n report | perl -e 'while(<>) { next if (/^0.00/); s/\%//g; @F=split;$$lc+=$$F[2];$$t += $$F[0]/100*$$F[2];} printf "%d of %d = %d%%\n", $$t, $$lc,$$t/$$lc*100;' >> report
clean-coverage:
/bin/rm -f *.gcov *.da

View File

@ -1,5 +1,5 @@
#
# $Id: Makefile.ipsend,v 2.8 2002/05/22 16:15:36 darrenr Exp $
# $Id$
#
BINDEST=/usr/sbin
@ -23,7 +23,8 @@ MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
"SOLARIS2=$(SOLARIS2)" "DEBUG=$(DEBUG)" "DCPU=$(CPU)" \
"CPUDIR=$(CPUDIR)" "LOOKUP=$(LOOKUP)"
#
all build bsd-bpf : ipsend ipresend iptest
build:
all bsd-bpf : ipsend ipresend iptest
iplang_y.o: $(TOP)/iplang/iplang_y.y
(cd $(TOP)/iplang; $(MAKE) ../BSD/$(CPUDIR)/$@ $(MFLAGS) 'DESTDIR=../BSD/$(CPUDIR)' )

View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2006 by Darren Reed.
# Copyright (C) 2012 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#

View File

@ -23,6 +23,7 @@ fi
if [ -d /sys/dist/ipf ] ; then
ipfdir=/sys/dist/ipf/netinet
fi
mkdir -m 755 -p $ipfdir/../net
confdir="$archdir/conf"
if [ -f /dev/ipnat ] ; then
major=`ls -l /dev/ipnat | sed -e 's/.* \([0-9]*\),.*/\1/'`
@ -43,8 +44,9 @@ if [ ! -f ip_rules.c -o ! -f ip_rules.h ] ; then
fi
fi
echo -n "Installing "
for j in auth frag nat proxy scan state sync pool htable lookup rules; do
echo -n "Installing into $ipfdir"
for j in auth frag nat proxy scan state sync pool dstlist htable lookup rules \
dstlist; do
for i in ip_$j.[ch]; do
if [ -f "$i" ] ; then
echo -n " $i"
@ -53,6 +55,12 @@ for j in auth frag nat proxy scan state sync pool htable lookup rules; do
fi
done
done
echo -n " net/radix_ipf.h"
cp radix_ipf.h $ipfdir
chmod 644 $ipfdir/radix_ipf.h
echo -n " radix_ipf.c -> $ipfdir/radix_ipf.c"
cp radix_ipf.c $ipfdir/radix_ipf.c
chmod 644 $ipfdir/radix_ipf.c
case $os in
SunOS)
@ -88,14 +96,16 @@ if [ -f $ipfdir/ip_fil.c ] ; then
chmod 644 $ipfdir/ip_fil.c
fi
for i in ip_fil.h fil.c ip_log.c ip_compat.h ipl.h ip_*_pxy.c; do
for i in ip_nat6.c ip_fil.h fil.c ip_log.c ip_compat.h ipl.h ip_*_pxy.c \
ip_fil_compat.c ipf_rb.h; do
echo -n " $i"
cp $i $ipfdir
chmod 644 $ipfdir/$i
done
echo ""
echo -n "Installing into /usr/include/netinet"
for j in auth compat fil frag nat proxy scan state sync pool htable lookup; do
for j in auth compat fil frag nat proxy scan state sync pool htable dstlist \
lookup; do
i=ip_$j.h
if [ -f "$i" ] ; then
echo -n " $i"
@ -103,7 +113,7 @@ for j in auth compat fil frag nat proxy scan state sync pool htable lookup; do
chmod 644 /usr/include/netinet/$i
fi
done
for j in ipl.h; do
for j in ipl.h ipf_rb.h; do
if [ -f "$j" ] ; then
echo -n " $j"
cp $j /usr/include/netinet/$j
@ -157,15 +167,19 @@ if [ $os = FreeBSD -a -f /sys/conf/files ] ; then
mv files files.preipf4
cp -p files.preipf4 files
fi
for i in htable pool lookup; do
for i in dstlist htable pool lookup; do
grep ip_$i.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo "contrib/ipfilter/netinet/ip_$i.c optional ipfilter inet ipfilter_lookup" >> files
fi
done
grep ip_fil_compat.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo 'contrib/ipfilter/netinet/ip_fil_compat.c optional ipfilter inet ipfilter_compat' >> files
fi
grep ip_sync.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo 'contrib/ipfilter/netinet/ip_sync.c optional ipfilter inet ipfilter_sync' >> files
echo 'contrib/ipfilter/netinet/ip_sync.c optional ipfilter inet' >> files
fi
grep ip_scan.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
@ -177,13 +191,19 @@ if [ $os = FreeBSD -a -f /sys/conf/files ] ; then
fi
fi
if [ $os = NetBSD -a -f /sys/conf/files ] ; then
if [ -f /sys/netinet/files.ipfilter ] ; then
if ! grep -q ip_fil_compat.c /sys/netinet/files.ipfilter; then
echo 'file dist/ipf/netinet/ip_fil_compat.c ipfilter & ipfilter_compat' >> /sys/netinet/files.ipfilter
echo 'defflag opt_ipfilter.h IPFILTER_COMPAT' >> /sys/netinet/files.ipfilter
fi
fi
cd /sys/conf
if [ ! -f files.preipf4 ] ; then
mv files files.preipf4
cp -p files.preipf4 files
fi
if [ $fullrev -ge 010600 -a $fullrev -lt 020000 ] ; then
for i in htable pool lookup; do
for i in dstlist htable pool lookup; do
grep ip_$i.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo "file netinet/ip_$i.c ipfilter & ipfilter_lookup" >> files
@ -191,7 +211,7 @@ if [ $os = NetBSD -a -f /sys/conf/files ] ; then
done
grep ip_sync.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo 'file netinet/ip_sync.c ipfilter & ipfilter_sync' >> files
echo 'file netinet/ip_sync.c ipfilter' >> files
fi
grep ip_scan.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
@ -210,15 +230,18 @@ if [ $os = OpenBSD -a -f /sys/conf/files ] ; then
cp -p files.preipf4 files
fi
if [ $fullrev -ge 030400 ] ; then
for i in htable pool lookup; do
for i in dstlist htable pool lookup; do
grep ip_$i.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo "file netinet/ip_$i.c ipfilter & ipfilter_lookup" >> files
fi
done
grep ip_sync.c files >/dev/null 2>&1
grep ip_fil_compat.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo 'file netinet/ip_sync.c ipfilter & ipfilter_sync' >> files
echo 'file netinet/ip_fil_compat.c ipfilter & ipfilter_compat' >> files
fi
if [ $? -ne 0 ] ; then
echo 'file netinet/ip_sync.c ipfilter' >> files
fi
grep ip_scan.c files >/dev/null 2>&1
if [ $? -ne 0 ] ; then
@ -249,9 +272,9 @@ cat | (cd /usr/src/sys/modules/ipfilter; patch) <<__EOF__
! CFLAGS+= -DIPFILTER=1 -DIPFILTER_LKM -DIPFILTER_LOG -DPFIL_HOOKS
--- 5,15 ----
KMOD= ipl
SRCS= mlfk_ipl.c ip_nat.c ip_frag.c ip_state.c ip_proxy.c ip_auth.c \\
! ip_log.c ip_fil.c fil.c ip_lookup.c ip_pool.c ip_htable.c \\
! ip_sync.c ip_scan.c ip_rules.c
SRCS= mlfk_ipl.c ip_nat.c ip_nat6.c ip_frag.c ip_state.c ip_proxy.c ip_auth.c \\
! ip_log.c ip_fil.c fil.c ip_lookup.c ip_pool.c ip_dstlist.c ip_htable.c \\
! ip_sync.c ip_scan.c ip_rules.c ip_fil_compat.c
.if !defined(NOINET6)
CFLAGS+= -DUSE_INET6
@ -261,4 +284,29 @@ cat | (cd /usr/src/sys/modules/ipfilter; patch) <<__EOF__
! -DIPFILTER_LOOKUP -DIPFILTER_COMPILED
__EOF__
fi
CONF=/sys/netinet/files.ipfilter
if [ -f $CONF -a $os = NetBSD ] ; then
for i in ip_nat6.c ip_dstlist.c radix_ipf.c; do
echo "Checking for $i in $CONF"
grep $i $CONF >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo "Adding $i to $CONF"
sed -n -e /ip_nat.c/s/ip_nat.c/$i/p $CONF >> $CONF
fi
done
fi
CONF=/sys/conf/files
if [ -f $CONF -a $os = FreeBSD ] ; then
for i in ip_nat6.c ip_dstlist.c radix_ipf.c; do
echo "Checking for $i in $CONF"
grep $i $CONF >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo "Adding $i to $CONF"
sed -n -e /ip_nat.c/,/NORMAL/p $CONF | \
sed -e s/ip_nat.c/$i/p >> $CONF
fi
done
fi
exit 0

46
BSD/upgrade Executable file
View File

@ -0,0 +1,46 @@
#!/bin/sh
#
PATH=/sbin:/usr/sbin:/bin:/usr/bin; export PATH
argv0=`basename $0`
case `pwd` in
*BSD)
;;
*)
cd BSD
;;
esac
os=`uname -s`
rev=`uname -r`
maj=`expr $rev : '\([0-9]*\)\.'`
min=`expr $rev : '[0-9]*\.\([0-9]*\)'`
sub=`expr $rev : '[0-9]*\.[0-9]*\.\([0-9]*\)'`
plat=`uname -p`
objdir=${os}-${rev}-${plat}
# try to bomb out fast if anything fails....
set -e
for i in ipf ipfstat ipmon ipnat ippool; do
if [ ! -f /sbin/${i}.dist -a -f /sbin/${i} ] ; then
mv /sbin/${i} /sbin/${i}.dist
cp -p /sbin/${i}.dist /sbin/${i}
cp ${objdir}/${i} /sbin/
fi
if [ ! -f /usr/sbin/${i}.dist -a -f /usr/sbin/${i} ] ; then
mv /usr/sbin/${i} /usr/sbin/${i}.dist
cp -p /usr/sbin/${i}.dist /usr/sbin/${i}
cp ${objdir}/${i} /usr/sbin/
fi
done
if [ -f /boot/kernel/ipl.ko ] ; then
if [ ! -f /boot/kernel/ipl.ko.dist ] ; then
mv /boot/kernel/ipl.ko /boot/kernel/ipl.ko.dist
cp -p /boot/kernel/ipl.ko.dist /boot/kernel/ipl.ko
fi
if [ ! -f /boot/kernel/ipl.ko.symbols.dist ] ; then
mv /boot/kernel/ipl.ko.symbols /boot/kernel/ipl.ko.symbols.dist
fi
cp ${objdir}/ipf.ko /boot/kernel/ipl.ko
fi
exit 0

23
BSDOS/files.diffs Normal file
View File

@ -0,0 +1,23 @@
*** files.orig Tue Mar 19 16:18:21 1996
--- files Fri Mar 8 14:20:52 1996
***************
*** 201,206 ****
--- 201,218 ----
file netinet/tcp_timer.c inet
file netinet/tcp_usrreq.c inet
file netinet/udp_usrreq.c inet
+ file netinet/ip_fil.c ipfilter
+ file netinet/fil.c ipfilter
+ file netinet/ip_nat.c ipfilter
+ file netinet/ip_frag.c ipfilter
+ file netinet/ip_state.c ipfilter
+ file netinet/ip_auth.c ipfilter
+ file netinet/ip_proxy.c ipfilter
+ file netinet/ip_log.c ipfilter
+ file netinet/ip_scan.c ipfilter
+ file netinet/ip_sync.c ipfilter
+ file netinet/ip_pool.c ipfilter_pool
+ file netinet/ip_rules.c ipfilter_compiled
file netiso/clnp_debug.c iso
file netiso/clnp_er.c iso
file netiso/clnp_frag.c iso

28
BSDOS/ioconf.c.i386.diffs Normal file
View File

@ -0,0 +1,28 @@
*** ioconf.c.i386.orig Tue Mar 19 16:20:07 1996
--- ioconf.c.i386 Fri Mar 8 15:12:59 1996
***************
*** 21,26 ****
--- 21,29 ----
extern struct devsw cnsw, cttysw, mmsw, swapsw, logsw, devfdsw;
extern struct devsw ptssw, ptcsw;
extern struct devsw pcsw, kbdsw;
+ #if defined(IPFILTER)
+ extern struct devsw iplsw;
+ #endif
%DECLSW
***************
*** 62,67 ****
--- 65,75 ----
%DEVSW(sr), /* 34 = SCSI removeable disks (clone of sd) */
%DEVSW(rp), /* 35 = Comtrol Rocketport */
%DEVSW(cy), /* 36 = Cyclades async mux */
+ #if defined(IPFILTER)
+ &iplsw, /* 37 = IP Filter */
+ #else
+ NULL, /* 37 = IP Filter */
+ #endif
};
#define NDEVSW (sizeof(devsw) / sizeof(*devsw))
int ndevsw = NDEVSW;

37
BSDOS/ip_input.c.diffs Normal file
View File

@ -0,0 +1,37 @@
*** ip_input.c.orig Tue Mar 19 16:19:06 1996
--- ip_input.c Fri Mar 8 18:31:22 1996
***************
*** 77,82 ****
--- 77,86 ----
int ipqmaxlen = IFQ_MAXLEN;
struct in_ifaddr *in_ifaddr; /* first inet address */
struct ifqueue ipintrq;
+ #if defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
/*
* We need to save the IP options in case a protocol wants to respond
***************
*** 232,237 ****
--- 236,254 ----
m_adj(m, ip->ip_len - m->m_pkthdr.len);
}
+ #if defined(IPFILTER)
+ /*
+ * Check if we want to allow this packet to be processed.
+ * Consider it to be bad if not.
+ */
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
+ goto next;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an

35
BSDOS/ip_output.c.diffs Normal file
View File

@ -0,0 +1,35 @@
*** ip_output.c.orig Tue Mar 19 16:19:33 1996
--- ip_output.c Fri Mar 8 14:50:51 1996
***************
*** 60,65 ****
--- 60,69 ----
static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
static void ip_mloopback
__P((struct ifnet *, struct mbuf *, struct sockaddr_in *));
+ #if defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
/*
* IP output. The packet in mbuf chain m contains a skeletal IP
***************
*** 276,281 ****
--- 280,296 ----
} else
m->m_flags &= ~M_BCAST;
sendit:
+ #if defined(IPFILTER)
+ {
+ struct mbuf *m1 = m;
+ /*
+ * looks like most checking has been done now...do a filter check
+ */
+ if (fr_checkp && ((error = (*fr_checkp)(ip, hlen, ifp, 1, &m1)) || !m1))
+ goto done;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* If small enough for interface, can just send directly.

56
BSDOS/kinstall Executable file
View File

@ -0,0 +1,56 @@
#!/bin/csh -f
#
set dir=`pwd`
set karch=`uname -m`
if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch"
if ( -d /sys/$karch ) set archdir="/sys/$karch"
set confdir="$archdir/conf"
if ( $dir =~ *fil/BSDOS ) cd ..
if ($0 =~ *kinstall) then
foreach i (ip_{auth,fil,frag,nat,proxy,scan,state,sync}.[ch] \
fil.c ip_compat.h ip_log.c ip_*_pxy.c)
echo -n "$i ";
cp $i /sys/netinet
chmod 664 /sys/netinet/$i
switch ($i)
case *.h:
/bin/cp $i /usr/include/netinet/$i
chmod 644 /usr/include/netinet/$i
breaksw
endsw
end
echo ""
echo "Patching $archdir/$karch/ioconf.c.$karch"
cat ioconf.c.$karch.diffs | (cd $archdir/$karch; patch)
endif
echo "Patching ip_input.c and ip_output.c"
cat BSDOS/ip_{in,out}put.c.diffs | (cd /sys/netinet; patch)
if ( -f /sys/conf/files ) then
echo "Patching /sys/conf/files"
cat BSDOS/files.diffs | (cd /sys/conf; patch)
endif
set config=`/bin/ls -1t $confdir [0-9A-Z_]* | head -1`
echo -n "Kernel configuration to update [$config] "
set newconfig=$<
if ( "$newconfig" != "" ) then
set config="$confdir/$newconfig"
else
set newconfig=$config
endif
echo "Re-config'ing $newconfig..."
if ( -f $confdir/$newconfig ) then
mv $confdir/$newconfig $confdir/$newconfig.bak
endif
if ( -d $archdir/$newconfig ) then
mv $archdir/$newconfig $archdir/$newconfig.bak
endif
if ($0 =~ *kinstall) then
awk '{print $0;if($2=="INET"){print"options IPFILTER"}}' \
$confdir/$newconfig.bak > $confdir/$newconfig
endif
echo 'You will now need to run "config" and build a new kernel.'
exit 0

6
BSDOS3/OBJS/README Normal file
View File

@ -0,0 +1,6 @@
If you have any questions or comments relating to the .o files in this
directory, please email Alan Clegg - abc@bsdi.com.
Cheers,
Darren

342
BSDOS3/OBJS/files Normal file
View File

@ -0,0 +1,342 @@
# BSDI $Id$
#
# @(#)files.newconf 8.9 (Berkeley) 3/31/94
# generic attributes
define disk
define tape
define ifnet
define tty
# net device attributes - we have generic code for ether.
# we should have imp but right now it is a pseudo-device.
define ether
define p2p
define token
define fddi
# define imp
pseudo-device imp
# scsi driver and associated stuff
define scsi { target = -1 }
device tg at scsi { unit = -1 }
file dev/scsi/scsi_subr.c scsi
file dev/scsi/scsi_spi.c scsi
# support functions used by low level spi drivers
define spilow
file dev/scsi/scsi_spilow.c spilow
device sd at tg: disk
device sr at tg: disk
file dev/scsi/sd.c sd|sr
device st at tg: tape
file dev/scsi/st.c st
device sg at tg
file dev/scsi/sg.c sg
# media indepent interface network layer
define mii { phy = -1 }
file dev/mii/mii_subr.c mii
# legitimate pseudo-devices
pseudo-device appp: ifnet, p2p
pseudo-device pif
pseudo-device bpfilter
pseudo-device gwscreen
pseudo-device cd: disk
pseudo-device sp: disk
pseudo-device loop
pseudo-device tun
pseudo-device pty: tty
pseudo-device sl: ifnet
pseudo-device vnd: disk
pseudo-device rd: disk
file dev/disk_subr.c disk
file dev/cd.c cd&!objsrc always-source
file dev/sp.c sp
file dev/vnd.c vnd
file dev/rd.c rd
# kernel sources
file isofs/cd9660/cd9660_bmap.c cd9660
file isofs/cd9660/cd9660_lookup.c cd9660
file isofs/cd9660/cd9660_node.c cd9660
file isofs/cd9660/cd9660_rrip.c cd9660
file isofs/cd9660/cd9660_util.c cd9660
file isofs/cd9660/cd9660_vfsops.c cd9660
file isofs/cd9660/cd9660_vnops.c cd9660
file kern/init_main.c
file kern/kern_acct.c
file kern/kern_clock.c
file kern/kern_descrip.c
file kern/kern_exec.c
file kern/kern_exit.c
file kern/kern_fork.c
file kern/kern_ktrace.c ktrace | !source
file kern/kern_lock.c
file kern/kern_malloc.c
file kern/kern_physio.c
file kern/kern_proc.c
file kern/kern_prot.c
file kern/kern_resource.c
file kern/kern_sig.c
file kern/kern_subr.c
file kern/kern_synch.c
file kern/kern_sysctl.c
file kern/kern_license.c
file kern/kern_time.c
file kern/kern_xxx.c
file kern/subr_autoconf.c
file kern/subr_log.c
file kern/subr_prf.c
file kern/subr_prof.c
file kern/subr_rmap.c
file kern/subr_xxx.c
file kern/sys_generic.c
file kern/sys_process.c
file kern/sys_socket.c
file kern/sys_sem.c compat_semaphore
file kern/sysv_ipc.c
file kern/sysv_msg.c
file kern/sysv_sem.c
file kern/sysv_shm.c
file kern/tty.c
file kern/tty_compat.c
file kern/tty_conf.c !objsrc always-source
file kern/tty_pty.c pty
file kern/tty_subr.c
file kern/tty_tb.c tb needs-flag
file kern/tty_tty.c
file kern/uipc_domain.c !objsrc always-source
file kern/uipc_mbuf.c
file kern/uipc_proto.c !objsrc always-source
file kern/uipc_socket.c
file kern/uipc_socket2.c
file kern/uipc_syscalls.c
file kern/uipc_usrreq.c
file kern/vfs_bio.c
file kern/vfs_cache.c
file kern/vfs_cluster.c
file kern/vfs_conf.c !objsrc always-source
file kern/vfs_init.c
file kern/vfs_lookup.c
file kern/vfs_subr.c
file kern/vfs_syscalls.c
file kern/vfs_vnops.c
file miscfs/deadfs/dead_vnops.c
file miscfs/fdesc/fdesc_vfsops.c fdesc
file miscfs/fdesc/fdesc_vnops.c fdesc
file miscfs/fifofs/fifo_vnops.c fifo | !source
file miscfs/kernfs/kernfs_vfsops.c kernfs
file miscfs/kernfs/kernfs_vnops.c kernfs
file miscfs/nullfs/null_subr.c (nullfs | umapfs)
file miscfs/nullfs/null_vfsops.c (nullfs | umapfs)
file miscfs/nullfs/null_vnops.c (nullfs | umapfs)
file miscfs/portal/portal_vfsops.c portal
file miscfs/portal/portal_vnops.c portal
file miscfs/procfs/procfs_subr.c procfs
file miscfs/procfs/procfs_vnops.c procfs
file miscfs/procfs/procfs_vfsops.c procfs
file miscfs/procfs/procfs_note.c procfs
file miscfs/procfs/procfs_mem.c procfs
file miscfs/procfs/procfs_ctl.c procfs
file miscfs/procfs/procfs_status.c procfs
file miscfs/procfs/procfs_regs.c procfs
file miscfs/procfs/procfs_fpregs.c procfs
file miscfs/specfs/spec_vnops.c
file miscfs/umapfs/umap_subr.c umapfs
file miscfs/umapfs/umap_vfsops.c umapfs
file miscfs/umapfs/umap_vnops.c umapfs
file miscfs/union/union_subr.c union
file miscfs/union/union_vfsops.c union
file miscfs/union/union_vnops.c union
file msdosfs/msdosfs_conv.c msdosfs
file msdosfs/msdosfs_denode.c msdosfs
file msdosfs/msdosfs_fat.c msdosfs
file msdosfs/msdosfs_lookup.c msdosfs
file msdosfs/msdosfs_vfsops.c msdosfs
file msdosfs/msdosfs_vnops.c msdosfs
file net/bpf.c bpfilter needs-flag
file net/bpf_filter.c bpfilter needs-flag
file net/gw_screen.c gwscreen&!objsrc always-source
file net/if.c !objsrc always-source
file net/if_appp.c appp needs-flag
file net/if_c_hdlc.c cisco_hdlc
file net/if_ethersubr.c (ether|fddi)&!objsrc always-source
file net/if_link.c
file net/if_loop.c loop&!objsrc always-source
file net/if_tun.c tun
file net/if_media.c (ether|fddi|token)
file net/if_p2pproto.c p2p&!objsrc always-source
file net/if_p2psubr.c p2p&!objsrc always-source
file net/if_ppp.c ppp
file net/if_pppmp.c ppp&pif&!nomultilink
file net/if_pif.c pif
file net/if_sl.c sl needs-flag
file net/if_tokensubr.c token&!objsrc needs-flag always-source
file net/if_fddisubr.c fddi&!objsrc needs-flag always-source
file net/net_proto.c
file net/radix.c
file net/raw_cb.c
file net/raw_usrreq.c
file net/route.c
file net/rtsock.c
file net/slcompress.c sl|ppp
file netccitt/ccitt_proto.c ccitt
file netccitt/llc_input.c llc
file netccitt/llc_output.c llc
file netccitt/llc_subr.c llc
file netccitt/llc_timer.c llc
file netccitt/hd_debug.c hdlc
file netccitt/hd_input.c hdlc
file netccitt/hd_output.c hdlc
file netccitt/hd_subr.c hdlc
file netccitt/hd_timer.c hdlc
file netccitt/if_x25subr.c ccitt&!objsrc always-source
file netccitt/pk_acct.c ccitt
file netccitt/pk_debug.c ccitt
file netccitt/pk_input.c ccitt
file netccitt/pk_llcsubr.c llc|hdlc
file netccitt/pk_output.c ccitt
file netccitt/pk_subr.c ccitt
file netccitt/pk_timer.c ccitt
file netccitt/pk_usrreq.c ccitt
file netimp/if_imp.c imp needs-count
file netimp/if_imphost.c imp needs-count
file netimp/raw_imp.c imp
file netinet/if_ether.c (ether|token|fddi)&!objsrc needs-flag always-source
file netinet/igmp.c inet
file netinet/in.c inet
file netinet/in_pcb.c inet
file netinet/in_proto.c inet&!objsrc always-source
file netinet/ip_icmp.c inet
file netinet/ip_input.c inet
file netinet/ip_mroute.c inet&mrouting
file netinet/ip_output.c inet
file netinet/ip_screen.c gwscreen&!objsrc always-source
file netinet/raw_ip.c inet
file netinet/tcp_debug.c inet
file netinet/tcp_input.c inet
file netinet/tcp_output.c inet
file netinet/tcp_subr.c inet
file netinet/tcp_timer.c inet
file netinet/tcp_usrreq.c inet
file netinet/udp_usrreq.c inet
file netinet/ip_fil.c ipfilter
file netinet/fil.c ipfilter
file netinet/ip_nat.c ipfilter
file netinet/ip_frag.c ipfilter
file netinet/ip_state.c ipfilter
file netinet/ip_auth.c ipfilter
file netinet/ip_proxy.c ipfilter
file netinet/ip_log.c ipfilter
file netiso/clnp_debug.c iso
file netiso/clnp_er.c iso
file netiso/clnp_frag.c iso
file netiso/clnp_input.c iso
file netiso/clnp_options.c iso
file netiso/clnp_output.c iso
file netiso/clnp_raw.c iso
file netiso/clnp_subr.c iso
file netiso/clnp_timer.c iso
file netiso/cltp_usrreq.c iso
file netiso/esis.c iso
file netiso/if_eon.c eon
file netiso/idrp_usrreq.c iso
file netiso/iso.c iso
file netiso/iso_chksum.c iso
file netiso/iso_pcb.c iso
file netiso/iso_proto.c iso&!objsrc always-source
file netiso/iso_snpac.c iso
file netiso/tp_astring.c iso|tpip
file netiso/tp_cons.c iso
file netiso/tp_driver.c iso|tpip
file netiso/tp_emit.c iso|tpip
file netiso/tp_inet.c iso|tpip
file netiso/tp_input.c iso|tpip
file netiso/tp_iso.c iso
file netiso/tp_meas.c iso|tpip
file netiso/tp_output.c iso|tpip
file netiso/tp_pcb.c iso|tpip
file netiso/tp_subr.c iso|tpip
file netiso/tp_subr2.c iso|tpip
file netiso/tp_timer.c iso|tpip
file netiso/tp_trace.c iso|tpip
file netiso/tp_usrreq.c iso|tpip
file netiso/tuba_subr.c iso&tuba
file netiso/tuba_table.c iso&tuba
file netiso/tuba_usrreq.c iso&tuba
file netns/idp_usrreq.c ns&!objsrc always-source
file netns/ns.c ns
file netns/ns_error.c ns
file netns/ns_input.c ns
file netns/ns_ip.c ns
file netns/ns_output.c ns
file netns/ns_pcb.c ns
file netns/ns_proto.c ns&!objsrc always-source
file netns/spp_debug.c ns
file netns/spp_usrreq.c ns
file nfs/nfs_bio.c nfs
file nfs/nfs_node.c nfs
file nfs/nfs_nqlease.c nfs
file nfs/nfs_serv.c nfs
file nfs/nfs_socket.c nfs
file nfs/nfs_srvcache.c nfs
file nfs/nfs_subs.c nfs
file nfs/nfs_syscalls.c nfs
file nfs/nfs_vfsops.c nfs
file nfs/nfs_vnops.c nfs
file ufs/ffs/ffs_alloc.c ffs|mfs
file ufs/ffs/ffs_balloc.c ffs|mfs
file ufs/ffs/ffs_inode.c ffs|mfs
file ufs/ffs/ffs_subr.c ffs|mfs
file ufs/ffs/ffs_tables.c ffs|mfs
file ufs/ffs/ffs_vfsops.c ffs|mfs
file ufs/ffs/ffs_vnops.c ffs|mfs
file ufs/lfs/lfs_alloc.c lfs
file ufs/lfs/lfs_bio.c lfs
file ufs/lfs/lfs_balloc.c lfs
file ufs/lfs/lfs_cksum.c lfs
file ufs/lfs/lfs_debug.c lfs
file ufs/lfs/lfs_inode.c lfs
file ufs/lfs/lfs_segment.c lfs
file ufs/lfs/lfs_subr.c lfs
file ufs/lfs/lfs_syscalls.c lfs
file ufs/lfs/lfs_vfsops.c lfs
file ufs/lfs/lfs_vnops.c lfs
file ufs/mfs/mfs_vfsops.c mfs
file ufs/mfs/mfs_vnops.c mfs
file ufs/ufs/ufs_bmap.c ffs|lfs|mfs
file ufs/ufs/ufs_ihash.c ffs|lfs|mfs
file ufs/ufs/ufs_inode.c ffs|lfs|mfs
file ufs/ufs/ufs_lockf.c ffs|lfs|mfs
file ufs/ufs/ufs_lookup.c ffs|lfs|mfs
file ufs/ufs/ufs_quota.c ffs|lfs|mfs
file ufs/ufs/ufs_vfsops.c ffs|lfs|mfs
file ufs/ufs/ufs_vnops.c ffs|lfs|mfs
file vm/asyncdaemon.c
file vm/device_pager.c
file vm/swap_pager.c
file vm/vm_fault.c
file vm/vm_glue.c
file vm/vm_init.c
file vm/vm_kern.c
file vm/vm_map.c
file vm/vm_meter.c
file vm/vm_mmap.c
file vm/vm_object.c
file vm/vm_page.c
file vm/vm_pageout.c
file vm/vm_pager.c
file vm/vm_swap.c
file vm/vm_unix.c
file vm/vm_user.c
file vm/vnode_pager.c

644
BSDOS3/OBJS/ioconf.c Normal file
View File

@ -0,0 +1,644 @@
/*
* MACHINE GENERATED: DO NOT EDIT
*
* ioconf.c, from "DIALOUT"
*/
#line 1 "../../i386/conf/ioconf.c.i386"
/*-
* Copyright (c) 1994, 1995, 1996 Berkeley Software Design, Inc.
* All rights reserved.
* The Berkeley Software Design Inc. software License Agreement specifies
* the terms and conditions for redistribution.
*
* BSDI $Id$
*
* WILDBOAR $Wildboar: ioconf.c.i386,v 1.8 1996/02/13 13:01:15 shigeya Exp $
*
* Portions or all of this file are Copyright(c) 1994,1995,1996
* Yoichi Shinoda, Yoshitaka Tokugawa, WIDE Project, Wildboar Project
* and Foretune. All rights reserved.
*
* This code has been contributed to Berkeley Software Design, Inc.
* by the Wildboar Project and its contributors.
*/
/* template ioconf.c for i386 */
#include <sys/param.h>
#include <sys/conf.h>
#include <sys/device.h>
#include <i386/isa/isa.h>
#include <i386/isa/isavar.h>
#include <i386/isa/icu.h>
extern struct cfdriver tgcd;
extern struct cfdriver sdcd;
extern struct cfdriver srcd;
extern struct cfdriver stcd;
extern struct cfdriver sgcd;
extern struct cfdriver isacd;
extern struct cfdriver pcconscd;
extern struct cfdriver pcauxcd;
extern struct cfdriver comcd;
extern struct cfdriver lpcd;
extern struct cfdriver fdccd;
extern struct cfdriver fdcd;
extern struct cfdriver dptcd;
extern struct cfdriver wdccd;
extern struct cfdriver wdcd;
extern struct cfdriver wdpicd;
extern struct cfdriver mcdcd;
extern struct cfdriver wtcd;
extern struct cfdriver npxcd;
extern struct cfdriver vgacd;
extern struct cfdriver bmscd;
extern struct cfdriver lmscd;
extern struct cfdriver ahacd;
extern struct cfdriver bhacd;
extern struct cfdriver necd;
extern struct cfdriver epcd;
extern struct cfdriver sacd;
extern struct cfdriver ncrcd;
extern struct cfdriver saturncd;
extern struct cfdriver aiccd;
extern struct cfdriver tncd;
extern struct cfdriver hppcd;
extern struct cfdriver recd;
extern struct cfdriver wecd;
extern struct cfdriver tlcd;
extern struct cfdriver ebcd;
extern struct cfdriver efcd;
extern struct cfdriver elcd;
extern struct cfdriver excd;
extern struct cfdriver eahacd;
extern struct cfdriver pciccd;
extern struct cfdriver ccecd;
extern struct cfdriver mzcd;
extern struct cfdriver decd;
extern struct cfdriver expcd;
extern struct cfdriver nsphycd;
extern struct cfdriver ics90pcd;
extern struct cfdriver i555pcd;
extern struct cfdriver tn100acd;
/* locators */
static int loc[395] = {
0, 0, 0, 0, -1, -1, BUS_EISA, 0,
0, 0, 0, -1, -1, BUS_PCI, IO_KBD, 0,
0, 0, -1, -1, BUS_ISA, IO_KBD, 0, 0,
0, 0xc, -1, BUS_ISA, 0x3e0, 0, 0, 0,
0xb, -1, BUS_ISA, 0x3e2, 0, 0, 0, 0xa,
-1, BUS_ISA, 0x3e4, 0, 0, 0, 0xa, -1,
BUS_ISA, IO_COM1, 0, 0, 0, -1, -1, BUS_ISA,
IO_COM2, 0, 0, 0, -1, -1, BUS_ISA, 0,
0, 0, 0, -1, -1, BUS_PCMCIA, 0x378, 0,
0, 0, 7, -1, BUS_ISA, 0x3bc, 0, 0,
0, 7, -1, BUS_ISA, IO_FD1, 0, 0, 0,
-1, 2, BUS_ISA, 0x280, 0, 0, 0, -1,
-1, BUS_ISA, 0x2a0, 0, 0, 0, -1, -1,
BUS_ISA, 0x2e0, 0, 0, 0, -1, -1, BUS_ISA,
0x300, 0, 0, 0, -1, -1, BUS_ISA, 0x310,
0, 0, 0, -1, -1, BUS_ISA, 0x330, 0,
0, 0, -1, -1, BUS_ISA, 0x350, 0, 0,
0, -1, -1, BUS_ISA, 0x250, 0, 0, 0,
-1, -1, BUS_ISA, 0x260, 0, 0, 0, -1,
-1, BUS_ISA, 0x310, 0, 0xd0000, 0x10000, -1, -1,
BUS_ISA, 0, 0, 0, 0, -1, -1, BUS_ANY,
0x170, 0, 0, 0, -1, 5, BUS_ISA, IO_WD1,
0, 0, 0, -1, -1, BUS_ISA, IO_WD2, 0,
0, 0, -1, -1, BUS_ISA, 0x300, 0, 0,
0, -1, 1, BUS_ISA, IO_NPX, 0, 0, 0,
-1, -1, BUS_ISA, IO_VGA, 0, 0xa0000, 0x10000, -1,
-1, BUS_ISA, 0x23c, 0, 0, 0, 5, -1,
BUS_ISA, 0x334, 0, 0, 0, 9, -1, BUS_ISA,
0x340, 0, 0, 0, 9, -1, BUS_ISA, 0x334,
0, 0, 0, -1, -1, BUS_ISA, 0x340, 0,
0, 0, -1, -1, BUS_ISA, 0x320, 0, 0,
0, -1, -1, BUS_ISA, 0x360, 0, 0, 0,
-1, -1, BUS_ISA, 0x240, 0, 0, 0, -1,
-1, BUS_ISA, 0x320, 0, 0, 0, -1, 3,
BUS_ISA, 0x340, 0, 0, 0, -1, 3, BUS_ISA,
0x360, 0, 0, 0, -1, 3, BUS_ISA, 0x300,
0, 0, 0, -1, 3, BUS_ISA, 0x2c0, 0,
0xc8000, 0x800, -1, -1, BUS_ISA, 0x300, 0, 0xc8000,
0x800, -1, -1, BUS_ISA, 0x380, 0, 0, 0,
-1, -1, BUS_ISA, 0x280, 0, 0xd0000, 0x4000, -1,
-1, BUS_ISA, 0x2a0, 0, 0xd0000, 0x4000, -1, -1,
BUS_ISA, 0x2c0, 0, 0xd0000, 0x4000, -1, -1, BUS_ISA,
0x2e0, 0, 0xd0000, 0x4000, -1, -1, BUS_ISA, 0x300,
0, 0xd0000, 0x4000, -1, -1, BUS_ISA, 0x320, 0,
0xd0000, 0x4000, -1, -1, BUS_ISA, 0x340, 0, 0xd0000,
0x4000, -1, -1, BUS_ISA, 0x360, 0, 0xd0000, 0x4000,
-1, -1, BUS_ISA, 0x380, 0, 0xd0000, 0x4000, -1,
-1, BUS_ISA, 0x3a0, 0, 0xd0000, 0x4000, -1, -1,
BUS_ISA, 0x3e0, 0, 0xd0000, 0x4000, -1, -1, BUS_ISA,
-1, 1, 0,
};
/* parent vectors */
static short pv[48] = {
17, 19, 18, 25, 39, 40, 41, 42, 45, 43, 46, 44, 47, 48, 49, 50,
51, 52, 53, 118, 119, 120, -1, 21, 22, 23, 24, -1, 68, 71, 83, 88,
-1, 22, 23, -1, 0, -1, 68, -1, 14, -1, 71, -1, 20, -1, 21, -1,
};
#define NORM FSTATE_NOTFOUND
#define STAR FSTATE_STAR
struct cfdata cfdata[] = {
/* driver unit state loc flags parents ivstubs */
/* 0: isa0 at root */
{&isacd, 0, NORM, loc, 0, pv+22, 0},
/* 1: saturn0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&saturncd, 0, NORM, loc+ 7, 0, pv+36, 0},
/* 2: pccons0 at isa0 port IO_KBD nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&pcconscd, 0, NORM, loc+ 14, 0, pv+36, 0},
/* 3: pcaux0 at isa0 port IO_KBD nports 0 iomem 0 iosiz 0 irq 0xc drq -1 bustype BUS_ISA */
{&pcauxcd, 0, NORM, loc+ 21, 0, pv+36, 0},
/* 4: pcic0 at isa0 port 0x3e0 nports 0 iomem 0 iosiz 0 irq 0xb drq -1 bustype BUS_ISA */
{&pciccd, 0, NORM, loc+ 28, 0, pv+36, 0},
/* 5: pcic1 at isa0 port 0x3e2 nports 0 iomem 0 iosiz 0 irq 0xa drq -1 bustype BUS_ISA */
{&pciccd, 1, NORM, loc+ 35, 0, pv+36, 0},
/* 6: pcic1 at isa0 port 0x3e4 nports 0 iomem 0 iosiz 0 irq 0xa drq -1 bustype BUS_ISA */
{&pciccd, 1, NORM, loc+ 42, 0, pv+36, 0},
/* 7: com0 at isa0 port IO_COM1 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&comcd, 0, NORM, loc+ 49, 0, pv+36, 0},
/* 8: com1 at isa0 port IO_COM2 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&comcd, 1, NORM, loc+ 56, 0, pv+36, 0},
/* 9: com2 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&comcd, 2, NORM, loc+ 63, 0, pv+36, 0},
/* 10: com3 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&comcd, 3, NORM, loc+ 63, 0, pv+36, 0},
/* 11: lp0 at isa0 port 0x378 nports 0 iomem 0 iosiz 0 irq 7 drq -1 bustype BUS_ISA */
{&lpcd, 0, NORM, loc+ 70, 0x1, pv+36, 0},
/* 12: lp0 at isa0 port 0x3bc nports 0 iomem 0 iosiz 0 irq 7 drq -1 bustype BUS_ISA */
{&lpcd, 0, NORM, loc+ 77, 0x1, pv+36, 0},
/* 13: lp2 at isa0 port 0x3bc nports 0 iomem 0 iosiz 0 irq 7 drq -1 bustype BUS_ISA */
{&lpcd, 2, NORM, loc+ 77, 0x1, pv+36, 0},
/* 14: fdc0 at isa0 port IO_FD1 nports 0 iomem 0 iosiz 0 irq -1 drq 2 bustype BUS_ISA */
{&fdccd, 0, NORM, loc+ 84, 0, pv+36, 0},
/* 15: fd0 at fdc0 drive 0 */
{&fdcd, 0, NORM, loc+394, 0, pv+40, 0},
/* 16: fd1 at fdc0 drive 1 */
{&fdcd, 1, NORM, loc+393, 0, pv+40, 0},
/* 17: dpt0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ANY */
{&dptcd, 0, NORM, loc+161, 0, pv+36, 0},
/* 18: dpt* at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ANY */
{&dptcd, 1, STAR, loc+161, 0, pv+36, 0},
/* 19: dpt0 at isa0 port 0x170 nports 0 iomem 0 iosiz 0 irq -1 drq 5 bustype BUS_ISA */
{&dptcd, 0, NORM, loc+168, 0, pv+36, 0},
/* 20: tg* at dpt0|dpt0|dpt*|wdpi*|ncr0|ncr1|ncr2|aic0|aic0|aic1|aic1|aic2|aic2|bha0|aha0|bha1|aha1|sa0|sa0|eaha0|eaha1|eaha2 target -1 */
{&tgcd, 0, STAR, loc+392, 0, pv+ 0, 0},
/* 21: wdc0 at isa0 port IO_WD1 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wdccd, 0, NORM, loc+175, 0, pv+36, 0},
/* 22: wdc1 at isa0 port IO_WD2 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wdccd, 1, NORM, loc+182, 0, pv+36, 0},
/* 23: wdc1 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&wdccd, 1, NORM, loc+ 63, 0, pv+36, 0},
/* 24: wdc2 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&wdccd, 2, NORM, loc+ 63, 0, pv+36, 0},
/* 25: wdpi* at wdc0|wdc1|wdc1|wdc2 drive -1 */
{&wdpicd, 0, STAR, loc+392, 0, pv+23, 0},
/* 26: wd0 at wdc0 drive 0 */
{&wdcd, 0, NORM, loc+394, 0, pv+46, 0},
/* 27: wd1 at wdc0 drive 1 */
{&wdcd, 1, NORM, loc+393, 0, pv+46, 0},
/* 28: wd2 at wdc1|wdc1 drive 0 */
{&wdcd, 2, NORM, loc+394, 0, pv+33, 0},
/* 29: wd3 at wdc1|wdc1 drive 1 */
{&wdcd, 3, NORM, loc+393, 0, pv+33, 0},
/* 30: wd4 at wdc2 drive 0 */
{&wdcd, 4, NORM, loc+394, 0, pv+26, 0},
/* 31: wd5 at wdc2 drive 1 */
{&wdcd, 5, NORM, loc+393, 0, pv+26, 0},
/* 32: wt0 at isa0 port 0x300 nports 0 iomem 0 iosiz 0 irq -1 drq 1 bustype BUS_ISA */
{&wtcd, 0, NORM, loc+189, 0, pv+36, 0},
/* 33: npx0 at isa0 port IO_NPX nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&npxcd, 0, NORM, loc+196, 0, pv+36, 0},
/* 34: vga0 at isa0 port IO_VGA nports 0 iomem 0xa0000 iosiz 0x10000 irq -1 drq -1 bustype BUS_ISA */
{&vgacd, 0, NORM, loc+203, 0, pv+36, 0},
/* 35: bms0 at isa0 port 0x23c nports 0 iomem 0 iosiz 0 irq 5 drq -1 bustype BUS_ISA */
{&bmscd, 0, NORM, loc+210, 0, pv+36, 0},
/* 36: lms0 at isa0 port 0x23c nports 0 iomem 0 iosiz 0 irq 5 drq -1 bustype BUS_ISA */
{&lmscd, 0, NORM, loc+210, 0, pv+36, 0},
/* 37: mcd0 at isa0 port 0x334 nports 0 iomem 0 iosiz 0 irq 9 drq -1 bustype BUS_ISA */
{&mcdcd, 0, NORM, loc+217, 0, pv+36, 0},
/* 38: mcd0 at isa0 port 0x340 nports 0 iomem 0 iosiz 0 irq 9 drq -1 bustype BUS_ISA */
{&mcdcd, 0, NORM, loc+224, 0, pv+36, 0},
/* 39: ncr0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&ncrcd, 0, NORM, loc+ 7, 0, pv+36, 0},
/* 40: ncr1 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&ncrcd, 1, NORM, loc+ 7, 0, pv+36, 0},
/* 41: ncr2 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&ncrcd, 2, NORM, loc+ 7, 0, pv+36, 0},
/* 42: aic0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&aiccd, 0, NORM, loc+ 7, 0, pv+36, 0},
/* 43: aic1 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&aiccd, 1, NORM, loc+ 7, 0, pv+36, 0},
/* 44: aic2 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&aiccd, 2, NORM, loc+ 7, 0, pv+36, 0},
/* 45: aic0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&aiccd, 0, NORM, loc+ 0, 0, pv+36, 0},
/* 46: aic1 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&aiccd, 1, NORM, loc+ 0, 0, pv+36, 0},
/* 47: aic2 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&aiccd, 2, NORM, loc+ 0, 0, pv+36, 0},
/* 48: bha0 at isa0 port 0x330 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&bhacd, 0, NORM, loc+126, 0, pv+36, 0},
/* 49: aha0 at isa0 port 0x330 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&ahacd, 0, NORM, loc+126, 0, pv+36, 0},
/* 50: bha1 at isa0 port 0x334 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&bhacd, 1, NORM, loc+231, 0, pv+36, 0},
/* 51: aha1 at isa0 port 0x334 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&ahacd, 1, NORM, loc+231, 0, pv+36, 0},
/* 52: sa0 at isa0 port 0x340 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&sacd, 0, NORM, loc+238, 0, pv+36, 0},
/* 53: sa0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&sacd, 0, NORM, loc+ 63, 0, pv+36, 0},
/* 54: sr* at tg* unit -1 */
{&srcd, 0, STAR, loc+392, 0, pv+44, 0},
/* 55: sd* at tg* unit -1 */
{&sdcd, 0, STAR, loc+392, 0, pv+44, 0},
/* 56: st* at tg* unit -1 */
{&stcd, 0, STAR, loc+392, 0, pv+44, 0},
/* 57: sg* at tg* unit -1 */
{&sgcd, 0, STAR, loc+392, 0, pv+44, 0},
/* 58: ne0 at isa0 port 0x320 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&necd, 0, NORM, loc+245, 0, pv+36, 0},
/* 59: ne0 at isa0 port 0x340 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&necd, 0, NORM, loc+238, 0, pv+36, 0},
/* 60: ne0 at isa0 port 0x360 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&necd, 0, NORM, loc+252, 0, pv+36, 0},
/* 61: ne0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&necd, 0, NORM, loc+ 63, 0, pv+36, 0},
/* 62: ep0 at isa0 port 0x240 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&epcd, 0, NORM, loc+259, 0, pv+36, 0},
/* 63: ep0 at isa0 port 0x320 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&epcd, 0, NORM, loc+245, 0, pv+36, 0},
/* 64: tn0 at isa0 port 0x320 nports 0 iomem 0 iosiz 0 irq -1 drq 3 bustype BUS_ISA */
{&tncd, 0, NORM, loc+266, 0, pv+36, 0},
/* 65: tn0 at isa0 port 0x340 nports 0 iomem 0 iosiz 0 irq -1 drq 3 bustype BUS_ISA */
{&tncd, 0, NORM, loc+273, 0, pv+36, 0},
/* 66: tn0 at isa0 port 0x360 nports 0 iomem 0 iosiz 0 irq -1 drq 3 bustype BUS_ISA */
{&tncd, 0, NORM, loc+280, 0, pv+36, 0},
/* 67: tn0 at isa0 port 0x300 nports 0 iomem 0 iosiz 0 irq -1 drq 3 bustype BUS_ISA */
{&tncd, 0, NORM, loc+287, 0, pv+36, 0},
/* 68: de* at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ANY */
{&decd, 0, STAR, loc+161, 0, pv+36, 0},
/* 69: nsphy* at de*|exp*|eb*|tl* phy -1 */
{&nsphycd, 0, STAR, loc+392, 0, pv+28, 0},
/* 70: ics90p* at de* phy -1 */
{&ics90pcd, 0, STAR, loc+392, 0, pv+38, 0},
/* 71: exp* at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&expcd, 0, STAR, loc+ 7, 0, pv+36, 0},
/* 72: i555p* at exp* phy -1 */
{&i555pcd, 0, STAR, loc+392, 0, pv+42, 0},
/* 73: hpp0 at isa0 port 0x2c0 nports 0 iomem 0xc8000 iosiz 0x800 irq -1 drq -1 bustype BUS_ISA */
{&hppcd, 0, NORM, loc+294, 0, pv+36, 0},
/* 74: hpp0 at isa0 port 0x300 nports 0 iomem 0xc8000 iosiz 0x800 irq -1 drq -1 bustype BUS_ISA */
{&hppcd, 0, NORM, loc+301, 0, pv+36, 0},
/* 75: re0 at isa0 port 0x240 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+259, 0, pv+36, 0},
/* 76: re0 at isa0 port 0x260 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+147, 0, pv+36, 0},
/* 77: re0 at isa0 port 0x280 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+ 91, 0, pv+36, 0},
/* 78: re0 at isa0 port 0x2a0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+ 98, 0, pv+36, 0},
/* 79: re0 at isa0 port 0x300 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+112, 0, pv+36, 0},
/* 80: re0 at isa0 port 0x320 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+245, 0, pv+36, 0},
/* 81: re0 at isa0 port 0x340 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+238, 0, pv+36, 0},
/* 82: re0 at isa0 port 0x380 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&recd, 0, NORM, loc+308, 0, pv+36, 0},
/* 83: eb* at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&ebcd, 0, STAR, loc+ 7, 0, pv+36, 0},
/* 84: ef0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&efcd, 0, NORM, loc+ 7, 0, pv+36, 0},
/* 85: ef1 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&efcd, 1, NORM, loc+ 7, 0, pv+36, 0},
/* 86: ef* at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&efcd, 3, STAR, loc+ 7, 0, pv+36, 0},
/* 87: ne* at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&necd, 1, STAR, loc+ 7, 0, pv+36, 0},
/* 88: tl* at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCI */
{&tlcd, 0, STAR, loc+ 7, 0, pv+36, 0},
/* 89: tn100a* at tl* phy -1 */
{&tn100acd, 0, STAR, loc+392, 0, pv+31, 0},
/* 90: we0 at isa0 port 0x280 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+315, 0, pv+36, 0},
/* 91: we0 at isa0 port 0x2a0 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+322, 0, pv+36, 0},
/* 92: we0 at isa0 port 0x2c0 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+329, 0, pv+36, 0},
/* 93: we0 at isa0 port 0x2e0 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+336, 0, pv+36, 0},
/* 94: we0 at isa0 port 0x300 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+343, 0, pv+36, 0},
/* 95: we0 at isa0 port 0x320 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+350, 0, pv+36, 0},
/* 96: we0 at isa0 port 0x340 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+357, 0, pv+36, 0},
/* 97: we0 at isa0 port 0x360 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+364, 0, pv+36, 0},
/* 98: we0 at isa0 port 0x380 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+371, 0, pv+36, 0},
/* 99: we0 at isa0 port 0x3a0 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+378, 0, pv+36, 0},
/*100: we0 at isa0 port 0x3e0 nports 0 iomem 0xd0000 iosiz 0x4000 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+385, 0, pv+36, 0},
/*101: we0 at isa0 port 0x280 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+ 91, 0, pv+36, 0},
/*102: we0 at isa0 port 0x2a0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+ 98, 0, pv+36, 0},
/*103: we0 at isa0 port 0x2e0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+105, 0, pv+36, 0},
/*104: we0 at isa0 port 0x300 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+112, 0, pv+36, 0},
/*105: we0 at isa0 port 0x310 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+119, 0, pv+36, 0},
/*106: we0 at isa0 port 0x330 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+126, 0, pv+36, 0},
/*107: we0 at isa0 port 0x350 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&wecd, 0, NORM, loc+133, 0, pv+36, 0},
/*108: ef0 at isa0 port 0x250 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&efcd, 0, NORM, loc+140, 0, pv+36, 0},
/*109: ef1 at isa0 port 0x260 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&efcd, 1, NORM, loc+147, 0, pv+36, 0},
/*110: ef0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&efcd, 0, NORM, loc+ 0, 0, pv+36, 0},
/*111: ef1 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&efcd, 1, NORM, loc+ 0, 0, pv+36, 0},
/*112: ef2 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&efcd, 2, NORM, loc+ 0, 0, pv+36, 0},
/*113: ef0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&efcd, 0, NORM, loc+ 63, 0, pv+36, 0},
/*114: el0 at isa0 port 0x310 nports 0 iomem 0xd0000 iosiz 0x10000 irq -1 drq -1 bustype BUS_ISA */
{&elcd, 0, NORM, loc+154, 0, pv+36, 0},
/*115: ex0 at isa0 port 0x260 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_ISA */
{&excd, 0, NORM, loc+147, 0, pv+36, 0},
/*116: cce0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&ccecd, 0, NORM, loc+ 63, 0, pv+36, 0},
/*117: mz0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_PCMCIA */
{&mzcd, 0, NORM, loc+ 63, 0, pv+36, 0},
/*118: eaha0 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&eahacd, 0, NORM, loc+ 0, 0, pv+36, 0},
/*119: eaha1 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&eahacd, 1, NORM, loc+ 0, 0, pv+36, 0},
/*120: eaha2 at isa0 port 0 nports 0 iomem 0 iosiz 0 irq -1 drq -1 bustype BUS_EISA */
{&eahacd, 2, NORM, loc+ 0, 0, pv+36, 0},
{0}
};
short cfroots[] = {
0 /* isa0 */,
-1
};
/* pseudo-devices */
extern void loopattach __P((int));
extern void ptyattach __P((int));
extern void slattach __P((int));
extern void apppattach __P((int));
extern void pifattach __P((int));
extern void bpfilterattach __P((int));
extern void rdattach __P((int));
extern void tunattach __P((int));
extern void apmattach __P((int));
extern void ssattach __P((int));
extern void csattach __P((int));
extern void vndattach __P((int));
struct pdevinit pdevinit[] = {
{ loopattach, 1 },
{ ptyattach, 1 },
{ slattach, 1 },
{ apppattach, 2 },
{ pifattach, 1 },
{ bpfilterattach, 10 },
{ rdattach, 1 },
{ tunattach, 2 },
{ apmattach, 1 },
{ ssattach, 4 },
{ csattach, 1 },
{ vndattach, 2 },
{ 0, 0 }
};
#line 28 "../../i386/conf/ioconf.c.i386"
extern struct devsw cnsw, cttysw, mmsw, swapsw, logsw, devfdsw;
extern struct devsw ptssw, ptcsw;
extern struct devsw pcsw, kbdsw;
#if defined(IPFILTER)
extern struct devsw iplsw;
#endif
extern struct devsw tgsw;
extern struct devsw sdsw;
extern struct devsw srsw;
extern struct devsw stsw;
extern struct devsw sgsw;
extern struct devsw apppsw;
extern struct devsw pifsw;
extern struct devsw bpfiltersw;
extern struct devsw loopsw;
extern struct devsw tunsw;
extern struct devsw ptysw;
extern struct devsw slsw;
extern struct devsw vndsw;
extern struct devsw rdsw;
extern struct devsw isasw;
extern struct devsw pcconssw;
extern struct devsw pcauxsw;
extern struct devsw comsw;
extern struct devsw lpsw;
extern struct devsw fdcsw;
extern struct devsw fdsw;
extern struct devsw dptsw;
extern struct devsw wdcsw;
extern struct devsw wdsw;
extern struct devsw wdpisw;
extern struct devsw mcdsw;
extern struct devsw wtsw;
extern struct devsw npxsw;
extern struct devsw vgasw;
extern struct devsw bmssw;
extern struct devsw lmssw;
extern struct devsw ahasw;
extern struct devsw bhasw;
extern struct devsw nesw;
extern struct devsw epsw;
extern struct devsw sasw;
extern struct devsw ncrsw;
extern struct devsw saturnsw;
extern struct devsw aicsw;
extern struct devsw tnsw;
extern struct devsw hppsw;
extern struct devsw resw;
extern struct devsw wesw;
extern struct devsw tlsw;
extern struct devsw ebsw;
extern struct devsw efsw;
extern struct devsw elsw;
extern struct devsw exsw;
extern struct devsw eahasw;
extern struct devsw apmsw;
extern struct devsw sssw;
extern struct devsw cssw;
extern struct devsw pcicsw;
extern struct devsw ccesw;
extern struct devsw mzsw;
extern struct devsw desw;
extern struct devsw expsw;
extern struct devsw nsphysw;
extern struct devsw ics90psw;
extern struct devsw i555psw;
extern struct devsw tn100asw;
#line 37 "../../i386/conf/ioconf.c.i386"
struct devsw *devsw[] = {
&cnsw, /* 0 = virtual console */
&cttysw, /* 1 = controlling terminal */
&mmsw, /* 2 = /dev/{null,mem,kmem,...} */
&wdsw, /* 3 = st506/rll/esdi/ide disk */
&swapsw, /* 4 = /dev/drum (swap pseudo-device) */
&ptssw, /* 5 = pseudo-tty slave */
&ptcsw, /* 6 = pseudo-tty master */
&logsw, /* 7 = /dev/klog */
&comsw, /* 8 = serial communications ports */
&fdsw, /* 9 = floppy disk */
&wtsw, /* 10 = QIC-02/36 cartridge tape */
NULL, /* 11 = RISCom/N8 async mux */
&pcsw, /* 12 = vga console */
&pcauxsw, /* 13 = console/keyboard aux port */
&bpfiltersw, /* 14 = berkeley packet filter */
&devfdsw, /* 15 = file descriptor devices */
&vgasw, /* 16 = VGA display for X */
&kbdsw, /* 17 = Keyboard device (excl from cn) */
&sdsw, /* 18 = SCSI disk pseudo-device (sd) */
&stsw, /* 19 = SCSI tape pseudo-device */
&lpsw, /* 20 = printer on a parallel port */
&bmssw, /* 21 = Microsoft Bus Mouse */
NULL, /* 22 = Midi device (RETIRED) */
&mcdsw, /* 23 = Mitsumi CD-ROM */
NULL, /* 24 = Maxpeed Async Mux */
&lmssw, /* 25 = Logitec Bus Mouse */
NULL, /* 26 = DigiBoard PC/X[ei] */
NULL, /* 27 = Specialix multiplexor */
NULL, /* 28 = SoundBlaster Pro (RETIRED) */
NULL, /* 29 = Chase IOPRO control driver */
NULL, /* 30 = Chase IOPRO data driver */
NULL, /* 31 = Equinox tty */
NULL, /* 32 = Concatenated disk pseudo-device */
NULL, /* 33 = Voxware sound system */
&srsw, /* 34 = SCSI removeable disks (clone of sd) */
NULL, /* 35 = Comtrol Rocketport */
NULL, /* 36 = Cyclades async mux */
NULL, /* 37 = Disk splicing driver */
&dptsw, /* 38 = DPT config driver */
&sgsw, /* 39 = SCSI generic driver, catch all */
NULL, /* 40 = Stallion async mux */
NULL, /* 41 = Stallion intelligent async mux */
&vndsw, /* 42 = vnode disk driver */
NULL, /* 43 = Connectix QuickCam */
&rdsw, /* 44 = ram disk driver */
&tunsw, /* 45 = Tunnel Network Interface */
#if defined(IPFILTER)
&iplsw, /* 46 = IP Filter */
#else
NULL, /* 46 = (unused) */
#endif
NULL, /* 47 = (unused) */
NULL, /* 48 = (unused) */
NULL, /* 49 = (unused) */
&apmsw, /* 50 = APM Interface module */
&cssw, /* 51 = PCMCIA CS Interface module */
NULL, /* 52 = Focus Video Capture */
NULL, /* 53 = PCMCIA SRAM Drive */
};
#define NDEVSW (sizeof(devsw) / sizeof(*devsw))
int ndevsw = NDEVSW;
#ifdef COMPAT_DEV
/* cross-correlation to devsw[] above, from old bdevsw index */
/* (i.e., devsw[blktodev[i]] is the driver for old block device i) */
int blktodev[7] = {
3, /* 0 = wd = 3 */
4, /* 1 = swap = 4 */
9, /* 2 = floppy = 9 */
10, /* 3 = wt = 10 */
18, /* 4 = sd = 18 */
19, /* 5 = st = 19 */
23, /* 6 = mcd = 23 */
};
#endif
/*
* Swapdev is a fake device implemented
* in vm_swap.c used only internally to get to swstrategy.
* It cannot be provided to the users, because the
* swstrategy routine munches the b_dev and b_blkno entries
* before calling the appropriate driver. This would horribly
* confuse, e.g. the hashing routines. Instead, /dev/drum is
* provided as a character (raw) device.
*/
dev_t swapdev = makedev(4, 0);
/*
* Routine that identifies /dev/mem and /dev/kmem.
*
* A minimal stub routine can always return 0.
*/
iskmemdev(dev)
dev_t dev;
{
return (major(dev) == 2 && (minor(dev) == 0 || minor(dev) == 1));
}
iszerodev(dev)
dev_t dev;
{
return (major(dev) == 2 && minor(dev) == 12);
}
#ifdef COMPAT_DEV
#include <sys/vnode.h>
int
devcompat(dev, type)
dev_t dev;
int type;
{
int maj, min, unit = 0;
if (dev > USHRT_MAX)
return (dev);
maj = dev >> 8;
min = dev & 0xff;
if (type == VBLK && maj < sizeof(blktodev) / sizeof(blktodev[0]))
maj = blktodev[maj];
switch (maj) {
case 3: /* 0 = wd = 3 */
case 9: /* 2 = floppy = 9 */
case 18: /* 4 = sd = 18 */
case 23: /* 6 = mcd = 23 */
unit = min >> 3; /* drive */
min &= 0x7; /* partition */
break;
case 10: /* 3 = wt = 10 */
case 19: /* 5 = st = 19 */
unit = min & 3; /* unit */
min >>= 2; /* rewind, density */
break;
}
return (dv_makedev(maj, unit, min));
}
#endif

23
BSDOS3/files.diffs Normal file
View File

@ -0,0 +1,23 @@
*** /sys/conf/files.orig Sat Nov 1 05:14:50 1997
--- /sys/conf/files Sat Nov 1 05:13:12 1997
***************
*** 230,235 ****
--- 230,247 ----
file netinet/tcp_timer.c inet
file netinet/tcp_usrreq.c inet
file netinet/udp_usrreq.c inet
+ file netinet/ip_fil.c ipfilter always-source
+ file netinet/fil.c ipfilter always-source
+ file netinet/ip_nat.c ipfilter always-source
+ file netinet/ip_frag.c ipfilter always-source
+ file netinet/ip_state.c ipfilter always-source
+ file netinet/ip_auth.c ipfilter always-source
+ file netinet/ip_proxy.c ipfilter always-source
+ file netinet/ip_log.c ipfilter always-source
+ file netinet/ip_scan.c ipfilter always-source
+ file netinet/ip_sync.c ipfilter always-source
+ file netinet/ip_pool.c ipfilter_pool always-source
+ file netinet/ip_rules.c ipfilter_compiled always-source
file netiso/clnp_debug.c iso
file netiso/clnp_er.c iso
file netiso/clnp_frag.c iso

16
BSDOS3/in_proto.c.diffs Normal file
View File

@ -0,0 +1,16 @@
*** sys/netinet/in_proto.c-ORIG Wed Apr 24 22:49:02 1996
--- sys/netinet/in_proto.c Wed Apr 24 22:50:30 1996
***************
*** 83,88 ****
--- 83,93 ----
#include <netinet/ip_mroute.h>
#endif /* MROUTING */
+ #ifdef IPFILTER
+ void iplinit();
+ #define ip_init iplinit
+ #endif
+
extern struct domain inetdomain;
struc protosw inetsw[] = {

View File

@ -0,0 +1,28 @@
*** ioconf.c.i386.orig Mon Nov 3 15:50:55 1997
--- ioconf.c.i386 Mon Nov 3 16:14:36 1997
***************
*** 30,35 ****
--- 30,38 ----
extern struct devsw cnsw, cttysw, mmsw, swapsw, logsw, devfdsw;
extern struct devsw ptssw, ptcsw;
extern struct devsw pcsw, kbdsw;
+ #if defined(IPFILTER)
+ extern struct devsw iplsw;
+ #endif
%DECLSW
***************
*** 80,86 ****
--- 83,93 ----
%DEVSW(qcam), /* 43 = Connectix QuickCam */
%DEVSW(rd), /* 44 = ram disk driver */
%DEVSW(tun), /* 45 = Tunnel Network Interface */
+ #if defined(IPFILTER)
+ &iplsw, /* 46 = IP Filter */
+ #else
NULL, /* 46 = (unused) */
+ #endif
NULL, /* 47 = (unused) */
NULL, /* 48 = (unused) */
NULL, /* 49 = (unused) */

37
BSDOS3/ip_input.c.diffs Normal file
View File

@ -0,0 +1,37 @@
*** ip_input.c.orig Tue Mar 19 16:19:06 1996
--- ip_input.c Fri Mar 8 18:31:22 1996
***************
*** 77,82 ****
--- 77,86 ----
int ipqmaxlen = IFQ_MAXLEN;
struct in_ifaddr *in_ifaddr; /* first inet address */
struct ifqueue ipintrq;
+ #if defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
/*
* We need to save the IP options in case a protocol wants to respond
***************
*** 232,237 ****
--- 236,254 ----
m_adj(m, ip->ip_len - m->m_pkthdr.len);
}
+ #if defined(IPFILTER)
+ /*
+ * Check if we want to allow this packet to be processed.
+ * Consider it to be bad if not.
+ */
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
+ goto next;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an

33
BSDOS3/ip_output.c.diffs Normal file
View File

@ -0,0 +1,33 @@
*** ip_output.c.orig Sat Nov 1 04:53:02 1997
--- ip_output.c Sat Nov 1 04:56:47 1997
***************
*** 60,65 ****
--- 60,69 ----
static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
static void ip_mloopback
__P((struct ifnet *, struct mbuf *, struct sockaddr_in *));
+ #if defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
/*
* IP output. The packet in mbuf chain m contains a skeletal IP
***************
*** 313,318 ****
--- 317,331 ----
} else
mtu = ifp->if_mtu;
+ #if defined(IPFILTER)
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((error = (*fr_checkp)(ip, hlen, ifp, 1, &m1)) || !m1)
+ goto done;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* If small enough for route, can just send directly.
*/

77
BSDOS3/kinstall Normal file
View File

@ -0,0 +1,77 @@
#!/bin/csh -f
#
set major=46
set minor=0
set dir=`pwd`
set karch=`uname -m`
if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch"
if ( -d /sys/$karch ) set archdir="/sys/$karch"
set confdir="$archdir/conf"
if ( $dir =~ */BSDOS3 ) cd ..
foreach i (ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] fil.c \
ip_compat.h ip_log.c ip_proxy.[ch] ip_{ftp,rcmd}_pxy.c ip_auth.[ch])
echo -n "$i ";
cp $i /sys/netinet
chmod 664 /sys/netinet/$i
end
echo ""
echo "Patching $archdir/$karch/ioconf.c.$karch"
cat ioconf.c.$karch.diffs | (cd $archdir/$karch; patch)
if ( -f /sys/netinet/ip_input.c ) then
echo "Patching ip_input.c, ip_output.c, in_proto.c"
cat BSDOS3/ip_{in,out}put.c.diffs BSDOS3/in_proto.c.diffs | \
(cd /sys/netinet; patch)
else
echo "Patching in_proto.c"
cat BSDOS3/in_proto.c.diffs | (cd /sys/netinet; patch)
echo "Installing new object files ip_input.o, ip_output.o"
foreach i (ip_input.o ip_output.o)
if ( ! -f /sys/$arch/OBJ/$i.preipf ) then
mv /sys/$arch/OBJ/$i /sys/$arch/OBJ/$i.preipf
endif
cp OBJS/$i /sys/$arch/OBJ/$i
chmod 644 /sys/$arch/OBJ/$i
switch ($i)
case *.h:
/bin/cp $i /usr/include/netinet/$i
chmod 644 /usr/include/netinet/$i
breaksw
endsw
end
endif
echo "Patching /sys/conf/files, /sys/i386/conf/ioconf.c.i386"
cat BSDOS3/files.diffs | (cd /sys/conf; patch)
cat BSDOS3/ioconf.c.i386.diffs | (cd /sys/i386/conf; patch)
echo "Creating device files..."
foreach i (/dev/ipl /dev/ipnat /dev/ipstate /dev/ipauth /dev/ipsync /dev/ipscan)
if ( -f $i ) then
/bin/rm -f $i
endif
echo "$i - character device major $major, minor $minor"
mknod $i c $major $minor
set minor=`expr $minor + 1`
end
set config=`/bin/ls -1t $confdir/[0-9A-Z_]* | head -1`
echo -n "Kernel configuration to update [$config] "
set newconfig=$<
if ( "$newconfig" != "" ) then
set config="$confdir/$newconfig"
else
set newconfig=$config
endif
echo "Re-config'ing $newconfig..."
if ( -f $confdir/$newconfig ) then
mv $confdir/$newconfig $confdir/$newconfig.bak
endif
if ( -d $archdir/$newconfig ) then
mv $archdir/$newconfig $archdir/$newconfig.bak
endif
awk '{print $0;if($2=="INET"){print"options IPFILTER"}}' \
$confdir/$newconfig.bak > $confdir/$newconfig
echo 'You will now need to run "config" and build a new kernel.'
exit 0

55
BSDOS3/unkinstall Normal file
View File

@ -0,0 +1,55 @@
#!/bin/csh -f
#
set dir=`pwd`
set karch=`uname -m`
if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch"
if ( -d /sys/$karch ) set archdir="/sys/$karch"
set confdir="$archdir/conf"
if ( $dir =~ */BSDOS3* ) cd ..
echo -n "Uninstalling "
foreach i (ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] fil.c \
ip_auth.[ch] ip_proxy.[ch] ip_ftp_pxy.c ip_compat.h ip_log.c \
mlf_ipl.c ipl.h)
echo -n "$i ";
/bin/rm -f /sys/netinet/$i
end
echo ""
if ( -f /sys/netinet/ip_input.c ) then
echo "Unpatching ip_input.c, ip_output.c and in_proto.c"
cat BSDOS3/ip_{in,out}put.c.diffs BSDOS3/in_proto.c.diffs | \
(cd /sys/netinet; patch -R)
else
echo "Unpatching in_proto.c"
cat BSDOS3/in_proto.c.diffs | (cd /sys/netinet; patch -R)
foreach i (ip_input.o ip_output.o)
/bin/mv -f $archdir/OBJ/$i.preipf $archdir/OBJ/$i.preipf
end
endif
echo "Unpatching /sys/conf/files"
cat BSDOS3/files.diffs | (cd /sys/conf; patch -R)
set config=`(cd $confdir; /bin/ls -1t [0-9A-Z_]*) | head -1`
echo -n "Kernel configuration to update [$config] "
set newconfig=$<
if ( "$newconfig" != "" ) then
set config="$confdir/$newconfig"
else
set newconfig=$config
endif
if ( -f $confdir/$newconfig ) then
mv $confdir/$newconfig $confdir/$newconfig.bak
endif
if ( -d $archdir/../compile/$newconfig ) then
set bak=".bak"
set dot=0
while ( -d $archdir/../compile/${newconfig}.${bak} )
set bak=".bak.$dot"
set dot=`expr 1 + $dot`
end
mv $archdir/../compile/$newconfig $archdir/../compile/${newconfig}.${bak}
endif
egrep -v IPFILTER $confdir/$newconfig.bak > $confdir/$newconfig
echo 'You will now need to run "config" and build a new kernel.'
exit 0

23
BSDOS4/files.diffs Normal file
View File

@ -0,0 +1,23 @@
*** /sys/conf/files.orig Fri Aug 28 11:24:52 1998
--- /sys/conf/files Fri Aug 28 11:26:31 1998
***************
*** 254,259 ****
--- 254,261 ----
file netinet/tcp_timer.c inet
file netinet/tcp_usrreq.c inet
file netinet/udp_usrreq.c inet
+ file netinet/ip_fil.c ipfilter always-source
+ file netinet/fil.c ipfilter always-source
+ file netinet/ip_nat.c ipfilter always-source
+ file netinet/ip_frag.c ipfilter always-source
+ file netinet/ip_state.c ipfilter always-source
+ file netinet/ip_auth.c ipfilter always-source
+ file netinet/ip_proxy.c ipfilter always-source
+ file netinet/ip_log.c ipfilter always-source
+ file netinet/ip_scan.c ipfilter always-source
+ file netinet/ip_sync.c ipfilter always-source
+ file netinet/ip_pool.c ipfilter_pool always-source
+ file netinet/ip_rules.c ipfilter_compiled always-source
# Additions for IPv6 and IPsec extension files.
# See the NRL Copyright notice for conditions on this modification.

16
BSDOS4/in_proto.c.diffs Normal file
View File

@ -0,0 +1,16 @@
*** /sys/netinet/in_proto.c.orig Fri Aug 28 11:28:56 1998
--- /sys/netinet/in_proto.c Fri Aug 28 11:30:16 1998
***************
*** 131,136 ****
--- 131,141 ----
#endif /* IPSEC_ESP */
#endif /* IPSEC */
+ #ifdef IPFILTER
+ void iplinit();
+ #define ip_init iplinit
+ #endif
+
extern struct domain inetdomain;
struct protosw inetsw[] = {

View File

@ -0,0 +1,28 @@
*** /sys/i386/conf/ioconf.c.i386.orig Fri Aug 28 11:31:07 1998
--- /sys/i386/conf/ioconf.c.i386 Fri Aug 28 11:32:27 1998
***************
*** 30,35 ****
--- 30,38 ----
extern struct devsw cnsw, cttysw, mmsw, swapsw, logsw, devfdsw;
extern struct devsw ptssw, ptcsw;
extern struct devsw pcsw, kbdsw;
+ #if defined(IPFILTER)
+ extern struct devsw iplsw;
+ #endif
%DECLSW
***************
*** 81,87 ****
--- 84,94 ----
%DEVSW(rd), /* 44 = ram disk driver */
%DEVSW(tun), /* 45 = Tunnel Network Interface */
%DEVSW(cr), /* 46 = SMART 2 Driver */
+ #if defined(IPFILTER)
+ &iplsw, /* 47 = IP Filter */
+ #else
NULL, /* 47 = (unused) */
+ #endif
NULL, /* 48 = (unused) */
NULL, /* 49 = (unused) */
%DEVSW(apm), /* 50 = APM Interface module */

38
BSDOS4/ip_input.c.diffs Normal file
View File

@ -0,0 +1,38 @@
*** /sys/netinet/ip_input.c.orig Fri Aug 28 11:33:27 1998
--- /sys/netinet/ip_input.c Fri Aug 28 13:49:37 1998
***************
*** 107,112 ****
--- 107,116 ----
int ipqmaxlen;
struct in_ifaddr *in_ifaddr; /* first inet address */
struct ifqueue ipintrq;
+ #if defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
/*
* We need to save the IP options in case a protocol wants to respond
***************
*** 406,411 ****
--- 410,429 ----
} else
m_adj(m, ip->ip_len - m->m_pkthdr.len);
}
+
+ #if defined(IPFILTER)
+ /*
+ * Check if we want to allow this packet to be processed.
+ * Consider it to be bad if not.
+ */
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
+ goto next;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* Process options and, if not destined for us,

35
BSDOS4/ip_output.c.diffs Normal file
View File

@ -0,0 +1,35 @@
*** /sys/netinet/ip_output.c.orig Fri Aug 28 13:49:46 1998
--- /sys/netinet/ip_output.c Fri Aug 28 13:53:05 1998
***************
*** 99,104 ****
--- 99,109 ----
static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
static void ip_mloopback
__P((struct ifnet *, struct mbuf *, struct sockaddr_in *));
+ #if defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
+
/*
* IP output. The packet in mbuf chain m contains a skeletal IP
***************
*** 447,452 ****
--- 452,467 ----
if (mtu > IP_MAXPACKET)
mtu = IP_MAXPACKET;
+
+ #if defined(IPFILTER)
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((error = (*fr_checkp)(ip, hlen, ifp, 1, &m1)) || !m1)
+ goto done;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
#ifdef IPFW
if (ipfw_output.filter &&

80
BSDOS4/kinstall Normal file
View File

@ -0,0 +1,80 @@
#!/bin/csh -f
#
set major=47
set minor=0
set dir=`pwd`
set karch=`uname -m`
if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch"
if ( -d /sys/$karch ) set archdir="/sys/$karch"
set confdir="$archdir/conf"
if ( $dir =~ */BSDOS4 ) cd ..
foreach i (ip_{auth,fil,frag,nat,proxy,scan,state,sync}.[ch] fil.c ipl.h \
ip_compat.h ip_log.c ip_*_pxy.c )
echo -n "$i ";
cp $i /sys/netinet
chmod 664 /sys/netinet/$i
switch ($i)
case *.h:
/bin/cp $i /usr/include/netinet/$i
chmod 644 /usr/include/netinet/$i
breaksw
endsw
end
echo ""
if ( -f /sys/netinet/ip_input.c ) then
echo "Patching ip_input.c, ip_output.c, in_proto.c"
cat BSDOS4/ip_{in,out}put.c.diffs BSDOS4/in_proto.c.diffs | \
(cd /sys/netinet; patch)
else
echo "Patching in_proto.c"
cat BSDOS4/in_proto.c.diffs | (cd /sys/netinet; patch)
echo "Installing new object files ip_input.o, ip_output.o"
foreach i (ip_input.o ip_output.o)
if ( ! -f $archdir/OBJ/$i.preipf ) then
mv $archdir/OBJ/$i $archdir/OBJ/$i.preipf
endif
cp -p BSDOS4/OBJS/$i $archdir/OBJ/$i
chmod 644 $archdir/OBJ/$i
end
endif
echo "Patching /sys/conf/files, $archdir/conf/ioconf.c.i386"
cat BSDOS4/files.diffs | (cd /sys/conf; patch)
cat BSDOS4/ioconf.c.i386.diffs | (cd $archdir/conf; patch)
echo "Creating device files..."
foreach i (/dev/ipl /dev/ipnat /dev/ipstate /dev/ipauth /dev/ipsync /dev/ipscan)
if ( -f $i ) then
/bin/rm -f $i
endif
echo "$i - character device major $major, minor $minor"
mknod $i c $major $minor
set minor=`expr $minor + 1`
end
set confpath=`/bin/ls -1t $confdir/[0-9A-Z_]* | head -1`
set config=`basename $confpath`
echo -n "Kernel configuration to update [$config] "
set newconfig=$<
if ( "$newconfig" != "" ) then
set config="$confdir/$newconfig"
else
set newconfig=$config
endif
echo "Re-config'ing $newconfig..."
if ( -f $confdir/$newconfig ) then
mv $confdir/$newconfig $confdir/$newconfig.bak
endif
if ( -d $archdir/$newconfig ) then
mv $archdir/$newconfig $archdir/$newconfig.bak
endif
awk '{ print $0; if($2=="INET") \
{ \
print "options \tIPFILTER\t\t# IP Filtering"; \
print "# options \tIPFILTER_LOG\t\t# IP Filter logging"; \
} \
}' $confdir/$newconfig.bak > $confdir/$newconfig
echo 'You will now need to run "config" and build a new kernel.'
exit 0

55
BSDOS4/unkinstall Normal file
View File

@ -0,0 +1,55 @@
#!/bin/csh -f
#
set dir=`pwd`
set karch=`uname -m`
if ( -d /sys/arch/$karch ) set archdir="/sys/arch/$karch"
if ( -d /sys/$karch ) set archdir="/sys/$karch"
set confdir="$archdir/conf"
if ( $dir =~ */BSDOS4* ) cd ..
echo -n "Uninstalling "
foreach i (ip_fil.[ch] ip_nat.[ch] ip_frag.[ch] ip_state.[ch] fil.c \
ip_auth.[ch] ip_proxy.[ch] ip_ftp_pxy.c ip_compat.h ip_log.c \
mlf_ipl.c ipl.h)
echo -n "$i ";
/bin/rm -f /sys/netinet/$i
end
echo ""
if ( -f /sys/netinet/ip_input.c ) then
echo "Unpatching ip_input.c, ip_output.c and in_proto.c"
cat BSDOS4/ip_{in,out}put.c.diffs BSDOS4/in_proto.c.diffs | \
(cd /sys/netinet; patch -R)
else
echo "Unpatching in_proto.c"
cat BSDOS4/in_proto.c.diffs | (cd /sys/netinet; patch -R)
foreach i (ip_input.o ip_output.o)
/bin/mv -f $archdir/OBJ/$i.preipf $archdir/OBJ/$i.preipf
end
endif
echo "Unpatching /sys/conf/files"
cat BSDOS4/files.diffs | (cd /sys/conf; patch -R)
set config=`(cd $confdir; /bin/ls -1t [0-9A-Z_]*) | head -1`
echo -n "Kernel configuration to update [$config] "
set newconfig=$<
if ( "$newconfig" != "" ) then
set config="$confdir/$newconfig"
else
set newconfig=$config
endif
if ( -f $confdir/$newconfig ) then
mv $confdir/$newconfig $confdir/$newconfig.bak
endif
if ( -d $archdir/../compile/$newconfig ) then
set bak=".bak"
set dot=0
while ( -d $archdir/../compile/${newconfig}.${bak} )
set bak=".bak.$dot"
set dot=`expr 1 + $dot`
end
mv $archdir/../compile/$newconfig $archdir/../compile/${newconfig}.${bak}
endif
egrep -v IPFILTER $confdir/$newconfig.bak > $confdir/$newconfig
echo 'You will now need to run "config" and build a new kernel.'
exit 0

View File

@ -4,7 +4,7 @@
*** 11,31 ****
--- 11,41 ----
*/
static char RcsId[] = "$Header: /devel/CVS/IP-Filter/FWTK/ftp-gw.diff,v 2.1 1999/08/04 17:30:30 darrenr Exp $";
static char RcsId[] = "$Header$";
+ /*
+ * Patches for IP Filter NAT extensions written by Darren Reed, 7/7/96

View File

@ -1,707 +0,0 @@
diff -c -r ./ftp-gw/ftp-gw.c ../../fwtk-2.1-violated/fwtk/ftp-gw/ftp-gw.c
*** ./ftp-gw/ftp-gw.c Thu Feb 5 19:05:43 1998
--- ../../fwtk-2.1-violated/fwtk/ftp-gw/ftp-gw.c Thu May 21 17:36:09 1998
***************
*** 44,49 ****
--- 44,51 ----
extern char *optarg;
+ char *getdsthost();
+
#include "firewall.h"
***************
*** 88,93 ****
--- 90,97 ----
static int cmdcnt = 0;
static int timeout = PROXY_TIMEOUT;
+ static int do_transparent = 0;
+
static int cmd_user();
static int cmd_authorize();
***************
*** 101,106 ****
--- 105,111 ----
static int cmd_passthru();
static void saveline();
static void flushsaved();
+ static int connectdest();
#define OP_CONN 001 /* only valid if connected */
#define OP_WCON 002 /* writethrough if connected */
***************
*** 173,178 ****
--- 178,184 ----
char xuf[1024];
char huf[512];
char *passuser = (char *)0; /* passed user as av */
+ char *psychic, *hotline;
#ifndef LOG_DAEMON
openlog("ftp-gw",LOG_PID);
***************
*** 317,322 ****
--- 323,332 ----
} else
timeout = PROXY_TIMEOUT;
+ psychic = getdsthost(0, NULL);
+ if (psychic)
+ do_transparent++;
+
/* display a welcome file or message */
if(passuser == (char *)0) {
if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) {
***************
*** 324,329 ****
--- 334,345 ----
syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln);
exit(1);
}
+ if (do_transparent) {
+ if (sayfile2(0, cf->argv[0], 220)) {
+ syslog(LLEV,"fwtksyserr: cannot display welcome %.512s: %m",cf->argv[0]);
+ exit(1);
+ }
+ } else
if(sayfile(0,cf->argv[0],220)) {
syslog(LLEV,"fwtksyserr: cannot display welcome %.512s: %m",cf->argv[0]);
exit(1);
***************
*** 336,341 ****
--- 352,360 ----
if(say(0,"220-Proxy first requires authentication"))
exit(1);
+ if (do_transparent)
+ sprintf(xuf, "220-%s FTP proxy (Version %s) ready.",huf, FWTK_VERSION_MINOR);
+ else
sprintf(xuf, "220 %s FTP proxy (Version %s) ready.",huf, FWTK_VERSION_MINOR);
if(say(0,xuf))
exit(1);
***************
*** 357,362 ****
--- 376,384 ----
exit(1);
}
+ if (do_transparent)
+ connectdest(psychic, 21);
+
/* main loop */
while(1) {
FD_ZERO(&rdy);
***************
*** 653,658 ****
--- 675,696 ----
return(sayn(0,noad,sizeof(noad)-1));
}
+ if (do_transparent) {
+ if((rfd == (-1)) && (x = connectdest(dest,port)))
+ return x;
+
+ sprintf(buf,"USER %s",user);
+
+ if (say(rfd, buf))
+ return(1);
+
+ x = getresp(rfd, buf, sizeof(buf), 1);
+ if (sendsaved(0, x))
+ return(1);
+
+ return(say(0, buf));
+ }
+
if(*dest == '\0')
dest = "localhost";
***************
*** 694,705 ****
char ebuf[512];
strcpy(ebuf,buf);
! sprintf(buf,"521 %s: %s",dest,ebuf);
rfd = -1;
return(say(0,buf));
}
! sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest);
! saveline(buf);
/* we are now connected and need to try the autologin thing */
x = getresp(rfd,buf,sizeof(buf),1);
--- 732,748 ----
char ebuf[512];
strcpy(ebuf,buf);
! if (do_transparent)
! sprintf(buf, "521 %s,%d: %s", dest, ntohs(port), ebuf);
! else
! sprintf(buf,"521 %s: %s",dest,ebuf);
rfd = -1;
return(say(0,buf));
}
! if (!do_transparent) {
! sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest);
! saveline(buf);
! }
/* we are now connected and need to try the autologin thing */
x = getresp(rfd,buf,sizeof(buf),1);
***************
*** 1889,1891 ****
--- 1932,2050 ----
dup(nread);
}
#endif
+
+ static int connectdest(dest, port)
+ char *dest;
+ short port;
+ {
+ char buf[1024], mbuf[512];
+ int msg_int, x;
+
+ if(*dest == '\0')
+ dest = "localhost";
+
+ if(validests != (char **)0) {
+ char **xp;
+ int x;
+
+ for(xp = validests; *xp != (char *)0; xp++) {
+ if(**xp == '!' && hostmatch(*xp + 1,dest)) {
+ return(baddest(0,dest));
+ } else {
+ if(hostmatch(*xp,dest))
+ break;
+ }
+ }
+ if(*xp == (char *)0)
+ return(baddest(0,dest));
+ }
+
+ /* Extended permissions processing goes in here for destination */
+ if(extendperm) {
+ msg_int = auth_perm(confp, authuser, "ftp-gw", dest,(char *)0);
+ if(msg_int == 1) {
+ sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest);
+ syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser);
+ say(0,mbuf);
+ return(1);
+ } else {
+ if(msg_int == -1) {
+ sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest);
+ say(0,mbuf);
+ return(1);
+ }
+ }
+ }
+
+ syslog(LLEV,"permit host=%s/%s connect to %s",rladdr,riaddr,dest);
+
+ if((rfd = conn_server(dest,port,0,buf)) < 0) {
+ char ebuf[512];
+
+ strcpy(ebuf,buf);
+ if (do_transparent)
+ sprintf(buf,"521 %s,%d: %s",dest,ntohs(port),ebuf);
+ else
+ sprintf(buf,"521 %s: %s",dest,ebuf);
+ rfd = -1;
+ return(say(0,buf));
+ }
+ if (!do_transparent) {
+ sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest);
+ saveline(buf);
+ }
+
+ /* we are now connected and need to try the autologin thing */
+ x = getresp(rfd,buf,sizeof(buf),1);
+ if(x / 100 != COMPLETE) {
+ sendsaved(0,-1);
+ return(say(0,buf));
+ }
+ saveline(buf);
+
+ sendsaved(0,-1);
+ return 0;
+ }
+
+ /* quick hack */
+ sayfile2(fd,fn,code)
+ int fd;
+ char *fn;
+ int code;
+ {
+ FILE *f;
+ char buf[BUFSIZ];
+ char yuf[BUFSIZ];
+ char *c;
+ int x;
+ int saidsomething = 0;
+
+ if((f = fopen(fn,"r")) == (FILE *)0)
+ return(1);
+ while(fgets(buf,sizeof(buf),f) != (char *)0) {
+ if((c = index(buf,'\n')) != (char *)0)
+ *c = '\0';
+ x = fgetc(f);
+ if(feof(f))
+ sprintf(yuf,"%3.3d-%s",code,buf);
+ else {
+ sprintf(yuf,"%3.3d-%s",code,buf);
+ ungetc(x,f);
+ }
+ if(say(fd,yuf)) {
+ fclose(f);
+ return(1);
+ }
+ saidsomething++;
+ }
+ fclose(f);
+ if (!saidsomething) {
+ syslog(LLEV,"fwtkcfgerr: sayfile for %d is empty",code);
+ sprintf(yuf, "%3.3d The file to display is empty",code);
+ if(say(fd,yuf)) {
+ fclose(f);
+ return(1);
+ }
+ }
+ return(0);
+ }
diff -c -r ./http-gw/http-gw.c ../../fwtk-2.1-violated/fwtk/http-gw/http-gw.c
*** ./http-gw/http-gw.c Fri Feb 6 18:32:25 1998
--- ../../fwtk-2.1-violated/fwtk/http-gw/http-gw.c Thu May 21 17:00:47 1998
***************
*** 27,32 ****
--- 27,35 ----
static char http_buffer[8192];
static char reason[8192];
static int checkBrowserType = 1;
+ static int do_transparent = 0;
+
+ char * getdsthost();
static void do_logging()
{ char *proto = "GOPHER";
***************
*** 473,478 ****
--- 476,490 ----
/*(NOT A SPECIAL FORM)*/
if((rem_type & TYPE_LOCAL)== 0){
+ char * psychic = getdsthost(sockfd, &def_port);
+ if (psychic) {
+ if (strlen(psychic) <= MAXHOSTNAMELEN) {
+ do_transparent ++;
+ strncpy(def_httpd, psychic, strlen(psychic));
+ strncpy(def_server, psychic, strlen(psychic));
+ }
+ }
+
/* See if it can be forwarded */
if( can_forward(buf)){
***************
*** 1564,1570 ****
parse_vec[0],
parse_vec[1],
ourname, ourport);
! }else{
sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u",
parse_vec[0], parse_vec[2],
parse_vec[3], chk_type_ch,
--- 1576,1589 ----
parse_vec[0],
parse_vec[1],
ourname, ourport);
! }
! else
! if (do_transparent) {
! sprintf(new_reply, "%s\t%s\t%s\t%s",
! parse_vec[0], parse_vec[1],
! parse_vec[2],parse_vec[3]);
! }
! else {
sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u",
parse_vec[0], parse_vec[2],
parse_vec[3], chk_type_ch,
diff -c -r ./lib/hnam.c ../../fwtk-2.1-violated/fwtk/lib/hnam.c
*** ./lib/hnam.c Tue Dec 10 13:08:48 1996
--- ../../fwtk-2.1-violated/fwtk/lib/hnam.c Thu May 21 17:10:00 1998
***************
*** 23,28 ****
--- 23,33 ----
#include "firewall.h"
+ #ifdef __FreeBSD__ /* or OpenBSD, NetBSD, BSDI, etc. Fix this for your system. */
+ #include <net/if.h>
+ #include "ip_nat.h"
+ #endif /* __FreeBSD__ */
+
char *
maphostname(name)
***************
*** 49,52 ****
--- 54,132 ----
}
bcopy(hp->h_addr,&sin.sin_addr,hp->h_length);
return(inet_ntoa(sin.sin_addr));
+ }
+
+ char *getdsthost(fd, ptr)
+ int fd;
+ int *ptr;
+ {
+ struct sockaddr_in sin;
+ struct hostent * hp;
+ int sl = sizeof(struct sockaddr_in), err = 0, local_h = 0, i = 0;
+ char buf[255], hostbuf[255];
+ #ifdef __FreeBSD__
+ struct sockaddr_in rsin;
+ struct natlookup natlookup;
+ #endif
+
+ #ifdef linux
+ if (!(err = getsockname(0, &sin, &sl))) {
+ if(ptr)
+ * ptr = ntohs(sin.sin_port);
+
+ sprintf(buf, "%s", inet_ntoa(sin.sin_addr));
+ gethostname(hostbuf, 254);
+ hp = gethostbyname(hostbuf);
+ while (hp->h_addr_list[i]) {
+ bzero(&sin, &sl);
+ memcpy(&sin.sin_addr, hp->h_addr_list[i++],
+ sizeof(hp->h_addr_list[i++]));
+
+ if (!strcmp(buf, inet_ntoa(sin.sin_addr)))
+ local_h++;
+ }
+
+ if(local_h)
+ return(NULL);
+ else
+ return(buf);
+ }
+ #endif
+
+ #ifdef __FreeBSD__
+ /* The basis for this block of code is Darren Reed's
+ * patches to the TIS ftwk's ftp-gw.
+ */
+ bzero((char*)&sin, sizeof(sin));
+ bzero((char*)&rsin, sizeof(rsin));
+
+ if (getsockname(fd, (struct sockaddr*)&sin, &sl) < 0)
+ return NULL;
+
+ sl = sizeof(rsin);
+
+ if(getpeername(fd, (struct sockaddr*)&rsin, &sl) < 0)
+ return NULL;
+
+ natlookup.nl_inport=sin.sin_port;
+ natlookup.nl_outport=rsin.sin_port;
+ natlookup.nl_inip=sin.sin_addr;
+ natlookup.nl_outip=rsin.sin_addr;
+
+ if ((natfd = open("/dev/ipl",O_RDONLY)) < 0)
+ return NULL;
+
+ if (ioctl(natfd, SIOCGNATL,&natlookup) == (-1))
+ return NULL;
+
+ close(natfd);
+
+ if (ptr)
+ *ptr = ntohs(natlookup.nl_inport);
+
+ sprintf(buf, "%s", inet_ntoa(natlookup.nl_inip));
+ #endif
+
+ /* No transparent proxy support */
+ return(NULL);
}
diff -c -r ./plug-gw/plug-gw.c ../../fwtk-2.1-violated/fwtk/plug-gw/plug-gw.c
*** ./plug-gw/plug-gw.c Thu Feb 5 19:07:35 1998
--- ../../fwtk-2.1-violated/fwtk/plug-gw/plug-gw.c Thu May 21 17:29:01 1998
***************
*** 43,48 ****
--- 43,50 ----
static char **validdests = (char **)0;
static int net_write();
+ static int do_transparent = 0;
+
main(ac,av)
int ac;
char *av[];
***************
*** 198,206 ****
--- 200,220 ----
char *ptr;
int state = 0;
int ssl_plug = 0;
+ char * getdsthost();
+ int pport = 0;
struct timeval timo;
+ /* Transparent plug-gw is probably a bad idea, but then, plug-gw is a bad
+ * idea ..
+ */
+ dhost = getdsthost(0, &pport);
+ if (dhost) {
+ do_transparent++;
+ portid = pport;
+ }
+
+
if(c->flags & PERM_DENY) {
if (p == -1)
syslog(LLEV,"deny host=%.512s/%.20s port=any",rhost,raddr);
***************
*** 220,226 ****
syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln);
exit (1);
}
! dhost = av[x];
continue;
}
--- 234,241 ----
syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln);
exit (1);
}
! if (!dhost)
! dhost = av[x];
continue;
}
diff -c -r ./rlogin-gw/rlogin-gw.c ../../fwtk-2.1-violated/fwtk/rlogin-gw/rlogin-gw.c
*** ./rlogin-gw/rlogin-gw.c Thu Feb 5 19:08:38 1998
--- ../../fwtk-2.1-violated/fwtk/rlogin-gw/rlogin-gw.c Thu May 21 17:20:25 1998
***************
*** 103,108 ****
--- 103,111 ----
static int trusted = 0;
static int doX = 0;
static char *prompt;
+ static int do_transparent = 0;
+
+ char * getdsthost();
main(ac,av)
int ac;
***************
*** 123,128 ****
--- 126,132 ----
static char *tokav[56];
int tokac;
struct timeval timo;
+ char * psychic;
#ifndef LOG_NDELAY
openlog("rlogin-gw",LOG_PID);
***************
*** 188,194 ****
xforwarder = cf->argv[0];
}
!
if((cf = cfg_get("directory",confp)) != (Cfg *)0) {
if(cf->argc != 1) {
--- 192,203 ----
xforwarder = cf->argv[0];
}
! psychic = getdsthost(0, NULL);
! if (psychic) {
! do_transparent++;
! strncpy(dest, psychic, 511);
! dest[511] = '\0';
! }
if((cf = cfg_get("directory",confp)) != (Cfg *)0) {
if(cf->argc != 1) {
***************
*** 266,271 ****
--- 275,281 ----
if((p = index(rusername,'@')) != (char *)0) {
char *namp;
+ dest[0] = '\0';
*p++ = '\0';
if(*p == '\0')
p = "localhost";
***************
*** 297,302 ****
--- 307,326 ----
if(dest[0] != '\0') {
/* Setup connection directly to remote machine */
+ if ((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) {
+ if (cf->argc != 1) {
+ syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln);
+ exit(1);
+ }
+
+ if (sayfile(0, cf->argv[0])) {
+ syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]);
+ exit(1);
+ }
+ }
+
+ /* Hey fwtk developer people -- this connect_dest thing is *nasty!* */
+
sprintf(buf,"connect %.1000s",dest);
tokac = enargv(buf, tokav, 56, tokbuf, sizeof(tokbuf));
if (cmd_connect(tokac, tokav, buf) != 2)
***************
*** 535,548 ****
char ebuf[512];
syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,namp);
! if(strlen(namp) > 20)
! namp[20] = '\0';
! if(rusername[0] != '\0')
! sprintf(ebuf,"Trying %s@%s...",rusername,namp);
! else
! sprintf(ebuf,"Trying %s...",namp);
! if(say(0,ebuf))
! return(1);
} else
syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,av[1]);
if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) {
--- 559,574 ----
char ebuf[512];
syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,namp);
! if (!do_transparent) {
! if(strlen(namp) > 20)
! namp[20] = '\0';
! if(rusername[0] != '\0')
! sprintf(ebuf,"Trying %s@%s...",rusername,namp);
! else
! sprintf(ebuf,"Trying %s...",namp);
! if(say(0,ebuf))
! return(1);
! }
} else
syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,av[1]);
if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) {
diff -c -r ./tn-gw/tn-gw.c ../../fwtk-2.1-violated/fwtk/tn-gw/tn-gw.c
*** ./tn-gw/tn-gw.c Thu Feb 5 19:11:36 1998
--- ../../fwtk-2.1-violated/fwtk/tn-gw/tn-gw.c Thu May 21 17:25:06 1998
***************
*** 91,96 ****
--- 91,100 ----
static int cmd_xforward();
static int cmd_timeout();
+ char * getdsthost();
+
+ static int do_transparent = 0;
+
static int tn3270 = 1; /* don't do tn3270 stuff */
static int doX;
***************
*** 144,149 ****
--- 148,155 ----
char tokbuf[BSIZ];
char *tokav[56];
int tokac;
+ int port;
+ char * psychic;
#ifndef LOG_DAEMON
openlog("tn-gw",LOG_PID);
***************
*** 325,330 ****
--- 331,362 ----
}
}
+ psychic = getdsthost(0, &port);
+ if (psychic) {
+ if ((strlen(psychic) + 10) < 510) {
+ do_transparent++;
+ if (port)
+ sprintf(dest, "%s:%d", psychic, port);
+ else
+ sprintf(dest, "%s", psychic);
+
+ if (!welcomedone)
+ if ((cf = cfg_get("welcome-msg", confp)) != (Cfg *)0) {
+ if (cf->argc != 1) {
+ syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln);
+ exit(1);
+ }
+
+ if (sayfile(0, cf->argv[0])) {
+ syslog(LLEV,"fwtksyserr: cannot display welcome %s:%m",cf->argv[0]);
+ exit(1);
+ }
+
+ welcomedone = 1;
+ }
+ }
+ }
+
while (argc > 1) {
argc--;
argv++;
***************
*** 947,955 ****
char ebuf[512];
syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,namp);
! sprintf(ebuf,"Trying %.100s port %d...",namp,port);
! if(say(0,ebuf))
! return(1);
} else
syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]);
--- 979,989 ----
char ebuf[512];
syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,namp);
! if (!do_transparent) {
! sprintf(ebuf,"Trying %.100s port %d...",namp,port);
! if(say(0,ebuf))
! return(1);
! }
} else
syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]);
***************
*** 991,998 ****
syslog(LLEV,"connected host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]);
strncpy(dest,av[1], 511);
! sprintf(buf, "Connected to %.512s.", dest);
! say(0, buf);
return(2);
}
--- 1025,1034 ----
syslog(LLEV,"connected host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]);
strncpy(dest,av[1], 511);
! if (!do_transparent) {
! sprintf(buf, "Connected to %.512s.", dest);
! say(0, buf);
! }
return(2);
}

View File

@ -124,7 +124,7 @@ diff -cr ../TIS.orig/fwtk/Makefile.config.solaris fwtk/Makefile.config.solaris
***************
*** 11,30 ****
#
# RcsId: "$Header: /devel/CVS/IP-Filter/FWTK/fwtk_transparent.diff,v 2.2 2001/02/28 09:36:06 darrenr Exp $"
# RcsId: "$Header$"
# Your C compiler (eg, "cc" or "gcc")
@ -145,7 +145,7 @@ diff -cr ../TIS.orig/fwtk/Makefile.config.solaris fwtk/Makefile.config.solaris
-Dgethostbyaddr=res_gethostbyaddr -Dgetnetbyname=res_getnetbyname \
--- 11,34 ----
#
# RcsId: "$Header: /devel/CVS/IP-Filter/FWTK/fwtk_transparent.diff,v 2.2 2001/02/28 09:36:06 darrenr Exp $"
# RcsId: "$Header$"
+ #
+ # Path to sources of ip_filter (ip_nat.h required in lib/hnam.c)

View File

@ -1,82 +0,0 @@
*** tproxy.c.orig Fri Dec 20 10:53:24 1996
--- tproxy.c Sun Jan 3 11:33:55 1999
***************
*** 135,140 ****
--- 135,144 ----
#include <netinet/in.h>
#include <sys/signal.h>
#include <syslog.h>
+ #include <unistd.h>
+ #include <fcntl.h>
+ #include <sys/ioctl.h>
+ #include <net/if.h>
#include "tproxy.h"
#ifdef AIX
***************
*** 147,152 ****
--- 151,159 ----
#define bzero(buf,size) memset(buf, '\0', size);
#endif /* SYSV */
+ #include "ip_compat.h"
+ #include "ip_fil.h"
+ #include "ip_nat.h"
/* socket to audio server */
***************
*** 324,329 ****
--- 331,369 ----
char localbuf[2048];
void timeout();
extern int errno;
+ /*
+ * IP-Filter block
+ */
+ struct sockaddr_in laddr, faddr;
+ struct natlookup natlookup;
+ int slen, natfd;
+
+ bzero((char *)&laddr, sizeof(laddr));
+ bzero((char *)&faddr, sizeof(faddr));
+ slen = sizeof(laddr);
+ if (getsockname(0, (struct sockaddr *)&laddr, &slen) < 0)
+ return -1;
+ slen = sizeof(faddr);
+ if (getpeername(0, (struct sockaddr *)&faddr, &slen) < 0)
+ return -1;
+ natlookup.nl_inport = laddr.sin_port;
+ natlookup.nl_outport = faddr.sin_port;
+ natlookup.nl_inip = laddr.sin_addr;
+ natlookup.nl_outip = faddr.sin_addr;
+ natlookup.nl_flags = IPN_TCP;
+ if ((natfd = open(IPL_NAT, O_RDONLY)) < 0)
+ return -1;
+ if (ioctl(natfd, SIOCGNATL, &natlookup) == -1) {
+ syslog(LOG_ERR, "SIOCGNATL failed: %m\n");
+ close(natfd);
+ return -1;
+ }
+ close(natfd);
+ strcpy(hostname, inet_ntoa(natlookup.nl_realip));
+ serverport = ntohs(natlookup.nl_realport);
+ /*
+ * End of IP-Filter block
+ */
/* setup a timeout in case dialog doesn't finish */
signal(SIGALRM, timeout);
***************
*** 337,344 ****
--- 377,386 ----
* and modify the call to (and subroutine) serverconnect() as
* appropriate.
*/
+ #if 0
strcpy(hostname, "randomhostname");
serverport = 7070;
+ #endif
/* Can we connect to the server */
if ( (serverfd = serverconnect(hostname, serverport)) < 0 ) {
/* errno may still be set from previous call */

View File

@ -1,24 +0,0 @@
To build a kernel with the IP filter, follow these seven steps:
1. do "make freebsd4"
2. do "make install-bsd"
(probably has to be done as root)
3. run "FreeBSD-4.0/kinstall" as root
4. build a new kernel
5. install the new kernel
6. If not using DEVFS, create devices for IP Filter as follows:
mknod /dev/ipl c 79 0
mknod /dev/ipnat c 79 1
mknod /dev/ipstate c 79 2
mknod /dev/ipauth c 79 3
7. reboot
Darren Reed
darrenr@pobox.com

View File

@ -1,61 +0,0 @@
*** ip6_input.c.orig Sun Feb 13 14:32:01 2000
--- ip6_input.c Wed Apr 26 22:31:34 2000
***************
*** 121,126 ****
--- 121,127 ----
extern struct domain inet6domain;
extern struct ip6protosw inet6sw[];
+ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
u_char ip6_protox[IPPROTO_MAX];
static int ip6qmaxlen = IFQ_MAXLEN;
***************
*** 302,307 ****
--- 303,317 ----
ip6stat.ip6s_badvers++;
in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
goto bad;
+ }
+
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((*fr_checkp)(ip6, sizeof(*ip6), m->m_pkthdr.rcvif,
+ 0, &m1) || !m1)
+ return;
+ ip6 = mtod(m = m1, struct ip6_hdr *);
}
ip6stat.ip6s_nxthist[ip6->ip6_nxt]++;
*** ip6_output.c.orig Fri Mar 10 01:57:16 2000
--- ip6_output.c Wed Apr 26 22:34:34 2000
***************
*** 108,113 ****
--- 108,115 ----
#include <netinet6/ip6_fw.h>
#endif
+ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+
static MALLOC_DEFINE(M_IPMOPTS, "ip6_moptions", "internet multicast options");
struct ip6_exthdrs {
***************
*** 754,759 ****
--- 756,770 ----
ip6->ip6_src.s6_addr16[1] = 0;
if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst))
ip6->ip6_dst.s6_addr16[1] = 0;
+ }
+
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((error = (*fr_checkp)(ip6, sizeof(*ip6), ifp, 1, &m1)) ||
+ !m1)
+ goto done;
+ ip6 = mtod(m = m1, struct ip6_hdr *);
}
#ifdef IPV6FIREWALL

1001
HISTORY

File diff suppressed because it is too large Load Diff

45
HPUX/INSTALL.TXT Normal file
View File

@ -0,0 +1,45 @@
Installation instructions:
=========================
1. Update HP-UX Kernel
----------------------
General instructions on preparation for installing and proceeding with an
installation of IPFilter on HP-UX can be found at:
http://coombs.anu.edu.au/~avalon/ipf-mentat.html
You are required to at least install the latest jumbo patches from HP,
for HP-UX 11. A summary of those that I used can be found at:
At http://coombs.anu.edu.au/~avalon/ipf-hp11.html
I do not recommend using anything less than as many of these as will apply
to your own system.
2. Build and Install pfil
-------------------------
Next, you need to download and install "pfil". This is a STREAMS interface
for packet filtering that removes the need for packet filtering code to be
written as a STREAMS module. This can be downloaded from
http://coombs.anu.edu.au/~avalon/pfil-2.1.1.tar.gz
Unpack this and type "make" in the pfil directory. Once compelte, type
"make install" to kick off the installation.
3. Build and Install IP Filter
------------------------------
Having got this far, you now need to download the latest IP Filter package
and compile/install that. The source code for IP Filter can be obtained
from:
http://coombs.anu.edu.au/~avalon/ip-filter.html
Download the latest version that is 4.1 or greater.
This should be unpacked into the same directory as "pfil" is. The
directory layout will look like this:
/directory/ip_fil4.*
/directory/pfil
This complete, do a "make hpux" in the ip_fil4.* directory, followed
by a "make install". You will need to reboot for it to become active.

29
HPUX/IPF-ALL/checkinstall Executable file
View File

@ -0,0 +1,29 @@
#! /sbin/sh
########
# Product: IP Filter
# Fileset: IPF-ALL
# checkinstall
########
#
# (c) Copyright (C) 2012 by Darren Reed.
#
########
CONTRIBDIR=/usr/contrib/ipf
########
# Source control script environment
########
UTILS="/usr/lbin/sw/control_utils"
if [[ ! -f $UTILS ]] ; then
echo "ERROR: Cannot find $UTILS"
exit 1
fi
. $UTILS
exitval=$SUCCESS
########
# Make sure that the header files exist
########
exit $exitval

28
HPUX/IPF-ALL/checkremove Executable file
View File

@ -0,0 +1,28 @@
#! /sbin/sh
########
# Product: IP Filter
# Fileset: IPF-ALL
# checkremove
########
#
# (c) Copyright (C) 2012 by Darren Reed.
#
########
########
# Source control script environment
########
UTILS="/usr/lbin/sw/control_utils"
if [[ ! -f $UTILS ]] ; then
echo "ERROR: Cannot find $UTILS"
exit 1
fi
. $UTILS
exitval=$SUCCESS
########
#
########
exit $exitval

6
HPUX/IPF-ALL/description Executable file
View File

@ -0,0 +1,6 @@
Vendor Name IP Filter
Product Name IP Filter
Fileset Name IPF-ALL
This is the IP Filter package.

70
HPUX/IPF-ALL/postinstall Executable file
View File

@ -0,0 +1,70 @@
#!/usr/bin/sh
########
# Product: IP Fitler
# Fileset: IPF-ALL
# postinstall
########
#
# (c) Copyright (C) 2012 by Darren Reed.
#
########
PATH=/usr/bin:/usr/sbin:/bin:/sbin
export PATH
########
# Source control script environment
########
ETCDIR=/etc/opt/ipf
UTILS="/usr/lbin/sw/control_utils"
if [[ ! -f $UTILS ]] ; then
echo "ERROR: Cannot find $UTILS"
exit 1
fi
. $UTILS
exitval=$SUCCESS
########
# Restore original header files
# The script checkremove has verified that it exists.
########
# exit $GLOBAL_ERROR
for i in ipf.conf ipnat.conf; do
/bin/touch ${ETCDIR}/$i
/bin/chmod 444 ${ETCDIR}/$i
done
(kmadmin -U ipf)
(kminstall -d ipf)
cd ${SW_ROOT_DIRECTORY}var/tmp/build
kminstall -u ipf
if [[ $? -ne 0 ]] ; then
exit 1
fi
config -M ipf -u
if [[ $? -ne 0 ]] ; then
exit 1
fi
kmadmin -L ipf
kmadmin -Q ipf
if [[ $? -ne 0 ]] ; then
exit 1
fi
input=`kmadmin -Q ipf | grep 'Character Major'`
set $input
major=$3
j=0
for i in ipl ipnat ipstate ipauth ipsync ipscan; do
/bin/rm -f /dev/$i
mknod /dev/$i c $major $j
j=$((j + 1))
done
ln -s /sbin/init.d/ipfboot /sbin/rc2.d/S020ipfboot
. /usr/lbin/sw/control_utils
mod_pathfile -a MP /opt/ipf/man
mod_pathfile -a P /opt/ipf/bin
exit $exitval

31
HPUX/IPF-ALL/postremove Executable file
View File

@ -0,0 +1,31 @@
#! /sbin/sh
########
# Product: IP Filter
# Fileset: IPF-ALL
# postremove
########
#
# (c) Copyright (C) 2012 by Darren Reed.
#
########
########
# Source control script environment
########
UTILS="/usr/lbin/sw/control_utils"
if [[ ! -f $UTILS ]] ; then
echo "ERROR: Cannot find $UTILS"
exit 1
fi
. $UTILS
exitval=$SUCCESS
########
# Restore original header files
# The script checkremove has verified that it exists.
########
# exit $GLOBAL_ERROR
exit $exitval

50
HPUX/IPF-ALL/preinstall Executable file
View File

@ -0,0 +1,50 @@
#! /sbin/sh
########
# Product: IP Filter
# Fileset: IPF-ALL
# preinstall
########
#
# (c) Copyright (C) 2012 by Darren Reed.
#
########
########
# Source control script environment
########
UTILS="/usr/lbin/sw/control_utils"
if [[ ! -f $UTILS ]] ; then
echo "ERROR: Cannot find $UTILS"
exit 1
fi
. $UTILS
exitval=$SUCCESS
CONTRIBDIR=/usr/contrib/ipf
ETCDIR=/etc/opt/ipf
########
# Create directories so that installation can take place
########
if [[ ! -d ${ETCDIR} ]]; then
mkdir -m 755 -p ${ETCDIR}
fi
for i in ipf.conf ipnat.conf; do
touch ${ETCDIR}/$i
chmod 444 ${ETCDIR}/$i
done
if [[ ! -d ${CONTRIBDIR} ]]; then
mkdir -m 755 -p ${CONTRIBDIR}
fi
for i in bin man include examples; do
if [[ ! -d ${CONTRIBDIR}/$i ]]; then
mkdir -m 755 -p ${CONTRIBDIR}/$i
fi
done
exit $exitval

29
HPUX/IPF-ALL/preremove Executable file
View File

@ -0,0 +1,29 @@
#! /sbin/sh
########
# Product: IP Filter
# Fileset: IPF-ALL
# preremove
########
#
# (c) Copyright (C) 2012 by Darren Reed.
#
########
########
# Source control script environment
########
UTILS="/usr/lbin/sw/control_utils"
if [[ ! -f $UTILS ]] ; then
echo "ERROR: Cannot find $UTILS"
exit 1
fi
. $UTILS
exitval=$SUCCESS
########
# Kill off inetd first
########
kmadmin -U ipf
exit $exitval

28
HPUX/IPF-ALL/verify Executable file
View File

@ -0,0 +1,28 @@
#! /sbin/sh
########
# Product: IP Filter
# Fileset: IPF-ALL
# verify
########
#
# (c) Copyright (C) 2012 by Darren Reed.
#
########
########
# Source control script environment
########
UTILS="/usr/lbin/sw/control_utils"
if [[ ! -f $UTILS ]] ; then
echo "ERROR: Cannot find $UTILS"
exit 1
fi
. $UTILS
exitval=$SUCCESS
########
# Make sure that the header files exist
########
exit $exitval

464
HPUX/Makefile Normal file
View File

@ -0,0 +1,464 @@
#
# Copyright (C) 2012 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
SHELL=/bin/sh
DEPOT=IPF.v4.1.depot
DEPOTDIR=/var/spool/sw
DEST=/opt/ipf
SBINDEST=/sbin
MANDIR=${DEST}/man
BINDEST=${DEST}/bin
EXTRADIR=${DEST}/examples
INCDIR=${DEST}/include
ETCDIR=/etc/opt/ipf
RCDIR=/sbin/init.d
#CFLAGS=-I$(TOP)
#
OBJ=.
HERE=HPUX/$(CPUDIR)
DEST=.
TOP=..
TOOL=$(TOP)/tools
TMP=/tmp
#
HPUXREV=`uname -r | sed -e 's/^[A-Z]\.\([0-9]*\)\.\([0-9]\)/\1\2/'`
#BITS=`getconf KERNEL_BITS`
ABI=+DD${BITS}
KFLAGS=-Ae +ES1.Xindirect_calls -U__hp9000s700 \
-D__STDC_EXT__ -D_XPG4_EXTENDED -D_HPUX_SOURCE -D__hp9000s800 -D_KERNEL \
-DKERNEL +Xidu +ESlit -Wp,-H300000 +Hx0 +R500 -Wl,-a,archive +ESsfc -q +ESssf
DEBUG=-g
LIBS=-lnsl -lelf -L. -lipf
DEF=-D_KERNEL
ATON=-DNEED_INET_ATON
HPINC=-I/usr/conf/h
#SPU=-Dspustate_t=u_long
HFLAGS=$(KFLAGS) $(SPU) $(HPINC)
CC=cc $(ABI) -DHPUXREV=$(HPUXREV) -I$(TOP)/../pfil -I/usr/conf -I.
#
MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
'CFLAGS=$(CFLAGS) $(ARCHINC)' "IPFLKM=$(IPFLKM)" \
"IPFLOG=$(IPFLOG)" "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" \
"DEBUG=$(DEBUG)" "CPUDIR=$(CPUDIR)" "HPUXREV=$(HPUXREV)" \
"LOOKUP=$(LOOKUP)" "XID=$(XID)"
#
O2=+O2
#O2=-g
O3=+O3
#O3=-g
#
########## ########## ########## ########## ########## ########## ##########
#
CP=/bin/cp
RM=/bin/rm
CHMOD=/bin/chmod
INSTALL=$(TOP)/bsdinstall
#
DFLAGS=$(IPFLKM) $(IPFLOG) $(DEF) $(IPFBPF) $(LOOKUP) $(XID)
#-DIPFDEBUG
MODOBJS=ip_fil.o fil.o ip_state.o ip_frag.o \
ip_nat.o ip_proxy.o ip_auth.o ip_log.o \
ip_pool.o ip_htable.o ip_lookup.o \
ip_sync.o ip_scan.o ip_rules.o hpux.o $(BPFILTER) md5.o radix_ipf.o
# ip_trafcon.o
IPF=ipf.o ipfcomp.o ipf_y.o ipf_l.o
IPT=ipftest.o fil_u.o ip_state_u.o ip_frag_u.o \
ip_nat_u.o ip_fil_u.o ip_proxy_u.o ip_sync_u.o ip_scan_u.o \
ip_auth_u.o ip_pool_u.o ip_rules_u.o ip_log_u.o \
ip_htable_u.o ip_lookup_u.o \
ipf_y.o ipf_l.o ipnat_y.o ipnat_l.o ippool_y.o ippool_l.o \
md5_u.o radix_ipf_u.o
# ip_trafcon_u.o
IPMON=ipmon.o ipmon_y.o ipmon_l.o
IPPOOL=ippool_y.o ippool_l.o ippool.o
IPNAT=ipnat.o ipnat_y.o ipnat_l.o
IPTRAFCON=iptrafcon.o
FILS=ipfstat.o
LIBSRC=$(TOP)/lib
RANLIB=ranlib
AROPTS=cq
CCARGS=$(DEBUG) $(CFLAGS) -I$(TOP)/../pfil/HP-UX
EXTRA=$(ALLOPTS)
#
include $(TOP)/lib/Makefile
build: $(DEST)/libipf.a ipf ipfstat ipftest ipmon ipnat ippool \
ipfs ipscan ipsyncm ipsyncs mod.o
-sh -c 'for i in ipf ipftest ipmon ippool ipnat ipscan ipsyncm ipsyncs; do /bin/rm -f $(TOP)/$$i; ln -s `pwd`/$$i $(TOP); done'
.y.c:
.l.c:
pkg: ipf.pkg
ipfstat: $(FILS) $(DEST)/libipf.a
$(CC) $(CCARGS) $(FILS) -o $@ $(LIBS)
ipf: $(IPF) $(DEST)/libipf.a
$(CC) $(CCARGS) $(IPF) -o $@ $(LIBS) $(LLIB) $(LIBBPF)
ipftest: $(IPT) $(DEST)/libipf.a
$(CC) $(CCARGS) $(IPT) -o $@ $(LIBS) $(LIBBPF)
ipnat: $(IPNAT) $(DEST)/libipf.a
$(CC) $(CFLAGS) $(IPNAT) -o $@ $(LIBS) $(LLIB)
ipfs: ipfs.o $(DEST)/libipf.a
$(CC) $(CCARGS) ipfs.o -o $@ $(LIBS)
ipsyncm: ipsyncm.o $(DEST)/libipf.a
$(CC) $(CCARGS) ipsyncm.o -o $@ $(LIBS)
ipsyncs: ipsyncs.o $(DEST)/libipf.a
$(CC) $(CCARGS) ipsyncs.o -o $@ $(LIBS)
ipsyncm.o: $(TOOL)/ipsyncm.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncm.c -o $@
ipsyncs.o: $(TOOL)/ipsyncs.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncs.c -o $@
ipscan: ipscan_y.o ipscan_l.o $(DEST)/libipf.a
$(CC) $(DEBUG) ipscan_y.o ipscan_l.o -o $@ $(LLIB) $(LIBS)
ipscan_y.h ipscan_y.c: $(TOOL)/ipscan_y.y $(TOP)/ip_scan.h
(cd $(TOOL); make "DEST=../$(HERE)" ../$(HERE)/$@)
ipscan_l.c: $(TOOL)/lexer.c $(TOP)/ip_scan.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipscan_l.h: $(TOOL)/lexer.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipscan_y.o: ipscan_y.c ipscan_y.h ipscan_l.h $(TOP)/ip_scan.h
$(CC) $(CCARGS) -c ipscan_y.c -o $@
ipscan_l.o: ipscan_l.c ipscan_y.h ipscan_l.h $(TOP)/ip_scan.h
$(CC) $(CCARGS) -I. -c ipscan_l.c -o $@
tests:
(cd test; $(MAKE) )
ipfstat.o: $(TOOL)/ipfstat.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) $(HPINC) -c $(TOOL)/ipfstat.c -o $@
ipfs.o: $(TOOL)/ipfs.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_state.h \
$(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipfs.c -o $@
fil_u.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_rules.h
$(CC) $(CCARGS) $(EXTRA) $(FIXRADIX) $(IPFBPF) -c $(TOP)/fil.c -o $@
fil.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h \
$(TOP)/ipl.h $(TOP)/ip_rules.h
$(CC) -I$(TOP) $(POLICY) $(DFLAGS) $(HFLAGS) $(IPFBPF) \
$(O2) -c $(TOP)/fil.c -o $@
ipf.o: $(TOOL)/ipf.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipf.c -o $@
ipfcomp.o: $(TOOL)/ipfcomp.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipfcomp.c -o $@
ipf_y.o: ipf_y.c $(TOP)/ip_fil.h $(TOP)/ipf.h ipf_y.h ipf_l.h
$(CC) $(CCARGS) $(IPFBPF) -c ipf_y.c -o $@
ipf_l.o: ipf_l.c $(TOP)/ip_fil.h $(TOP)/ipf.h ipf_y.h
$(CC) $(CCARGS) -I. -I$(TOP)/tools -c ipf_l.c -o $@
ipf_y.h ipf_y.c: $(TOOL)/ipf_y.y $(TOP)/ipf.h $(TOP)/ip_fil.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipf_l.c: $(TOOL)/lexer.c $(TOP)/ipf.h $(TOP)/ip_fil.h $(TOOL)/lexer.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipf_l.h: $(TOOL)/lexer.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipftest.o: $(TOOL)/ipftest.c $(TOP)/ip_fil.h $(TOP)/ipt.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipftest.c -o $@
ipnat.o: $(TOOL)/ipnat.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipnat.c -o $@
ipnat_y.o: ipnat_y.c ipnat_y.h $(TOP)/ip_nat.h ipnat_l.h
$(CC) $(CCARGS) -c ipnat_y.c -o $@
ipnat_l.o: ipnat_l.c ipnat_y.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) -I. -c ipnat_l.c -o $@
ipnat_y.h ipnat_y.c: $(TOOL)/ipnat_y.y $(TOP)/ip_nat.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipnat_l.c: $(TOOL)/lexer.c $(TOP)/ip_nat.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipnat_l.h: $(TOOL)/lexer.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
mod.o: $(MODOBJS)
-if [ "$(BITS)" = "64" ] ; then \
/bin/rm -f libmilli.a; \
ln -s /usr/lib/pa20_64/milli.a libmilli.a; \
ld -r $(MODOBJS) -L. -lmilli -o $@; \
else \
/bin/rm -f libmilli.a; \
ln -s /usr/lib/milli.a libmilli.a; \
ld -r $(MODOBJS) -L. -lmilli -o $@; \
fi
ip_rules.c: $(TOP)/rules/ip_rules $(TOP)/tools/ipfcomp.c ipf
./ipf -cc -nf $(TOP)/rules/ip_rules
$(TOP)/ip_rules.h: ip_rules.c
if [ ! -f $(TOP)/ip_rules.h ] ; then \
/bin/mv -f ip_rules.h $(TOP); \
else \
touch $(TOP)/ip_rules.h; \
fi
ip_rules.o: ip_rules.c $(TOP)/ip_rules.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O3) -c ip_rules.c -o $@
ip_nat.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O3) -c $(TOP)/ip_nat.c -o $@
ip_state.o: $(TOP)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O3) -c $(TOP)/ip_state.c -o $@
ip_proxy.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_h323_pxy.c $(TOP)/ip_irc_pxy.c $(TOP)/ip_ipsec_pxy.c \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_raudio_pxy.c $(TOP)/ip_rpcb_pxy.c \
$(TOP)/ip_nat.h $(TOP)/ip_fil.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/ip_proxy.c -o $@
ip_frag.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O3) -c $(TOP)/ip_frag.c -o $@
ip_auth.o: $(TOP)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/ip_auth.c -o $@
ip_scan.o: $(TOP)/ip_scan.c $(TOP)/ip_scan.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/ip_scan.c -o $@
ip_sync.o: $(TOP)/ip_sync.c $(TOP)/ip_sync.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/ip_sync.c -o $@
ip_trafcon.o: $(TOP)/ip_trafcon.c $(TOP)/ip_trafcon.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) -c $(TOP)/ip_trafcon.c -o $@
radix_ipf.o: $(TOP)/radix_ipf.c $(TOP)/radix_ipf.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/radix_ipf.c -o $@
ip_pool.o: $(TOP)/ip_pool.c $(TOP)/ip_pool.h $(TOP)/ip_compat.h radix_ipf.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(FIXRADIX) $(O2) \
-c $(TOP)/ip_pool.c -o $@
ip_htable.o: $(TOP)/ip_htable.c $(TOP)/ip_htable.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/ip_htable.c -o $@
ip_lookup.o: $(TOP)/ip_lookup.c $(TOP)/ip_lookup.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(FIXRADIX) $(O2) \
-c $(TOP)/ip_lookup.c -o $@
ip_nat_u.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_nat.c -o $@
ip_frag_u.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_frag.c -o $@
ip_state_u.o: $(TOP)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_state.c -o $@
ip_auth_u.o: $(TOP)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_auth.c -o $@
ip_proxy_u.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_h323_pxy.c $(TOP)/ip_irc_pxy.c $(TOP)/ip_ipsec_pxy.c \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_raudio_pxy.c $(TOP)/ip_rpcb_pxy.c \
$(TOP)/ip_nat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_proxy.c -o $@
ip_log_u.o: $(TOP)/ip_log.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_nat.h $(TOP)/ip_frag.h $(TOP)/ip_state.h \
$(TOP)/ip_auth.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_log.c -o $@
ip_fil_u.o: $(TOP)/ip_fil.c $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) $(FIXRADIX) -c $(TOP)/ip_fil.c -o $@
ip_scan_u.o: $(TOP)/ip_scan.c $(TOP)/ip_scan.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_scan.c -o $@
ip_sync_u.o: $(TOP)/ip_sync.c $(TOP)/ip_sync.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_sync.c -o $@
ip_rules_u.o: ip_rules.c $(TOP)/ip_rules.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c ip_rules.c -o $@
ip_pool_u.o: $(TOP)/ip_pool.c $(TOP)/ip_pool.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_pool.c -o $@
ip_htable_u.o: $(TOP)/ip_htable.c $(TOP)/ip_htable.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_htable.c -o $@
ip_lookup_u.o: $(TOP)/ip_lookup.c $(TOP)/ip_lookup.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_lookup.c -o $@
ip_trafcon_u.o: $(TOP)/ip_trafcon.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(TOP)/ip_trafcon.h
$(CC) $(CCARGS) -c $(TOP)/ip_trafcon.c -o $@
ip_fil.o: $(TOP)/ip_fil_hpux.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) \
$(COMPIPF) -c $(TOP)/ip_fil_hpux.c -o $@
ip_log.o: $(TOP)/ip_log.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/ip_log.c -o $@
hpux.o: $(TOP)/hpux.c $(TOP)/ipl.h $(TOP)/ip_compat.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/hpux.c -o $@
bpf_filter_u.o: $(TOP)/bpf_filter.c $(TOP)/bpf-ipf.h $(TOP)/pcap-ipf.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/bpf_filter.c -o $@
bpf_filter.o: $(TOP)/bpf_filter.c
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O2) -c $(TOP)/bpf_filter.c -o $@
md5_u.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/md5.c -o $@
md5.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) -I$(TOP) $(DFLAGS) $(HFLAGS) $(O3) $(SPU) -c $(TOP)/md5.c -o $@
radix_ipf_u.o: $(TOP)/radix_ipf.c $(TOP)/radix_ipf.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/radix_ipf.c -o $@
ipmon: $(IPMON) $(DEST)/libipf.a
$(CC) $(CCARGS) $(LOGFAC) $(IPMON) -o $@ $(LIBS) $(LLIB)
$(TOP)/ipmon.c:
ipmon_y.c ipmon_y.h: $(TOOL)/ipmon_y.y $(TOP)/ipmon.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipmon_l.c: $(TOOL)/lexer.c $(TOP)/ipmon.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipmon_l.h: $(TOOL)/lexer.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ipmon.o: $(TOOL)/ipmon.c
$(CC) $(CCARGS) $(LOGFAC) -c $(TOOL)/ipmon.c -o $@
ipmon_y.o: ipmon_y.c $(TOP)/ipmon.h ipmon_l.h
$(CC) $(CCARGS) -c ipmon_y.c -o $@
ipmon_l.o: ipmon_l.c $(TOP)/ipmon.h
$(CC) $(CCARGS) -I. -c ipmon_l.c -o $@
ippool: $(IPPOOL)
$(CC) $(DEBUG) -I. $(CFLAGS) $(IPPOOL) -o $@ $(LIBS) $(LLIB)
ippool.o: $(TOOL)/ippool.c $(TOP)/ipf.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(TOOL)/ippool.c -o $@
ippool_y.o: ippool_y.c ippool_y.h $(TOP)/ip_pool.h ippool_l.h
$(CC) $(CCARGS) -c ippool_y.c -o $@
ippool_l.o: ippool_l.c ippool_y.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -I. -c ippool_l.c -o $@
ippool_y.h ippool_y.c: $(TOOL)/ippool_y.y $(TOP)/ip_pool.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ippool_l.c: $(TOOL)/lexer.c $(TOP)/ip_pool.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
ippool_l.h: $(TOOL)/lexer.h
(cd $(TOOL); $(MAKE) "DEST=../$(HERE)" ../$(HERE)/$@)
iptrafcon.o: $(TOP)/iptrafcon.c
$(CC) $(CCARGS) -c $(TOP)/iptrafcon.c -o $@
iptrafcon: $(IPTRAFCON) libipf.a
$(CC) $(CCARGS) $(IPTRAFCON) -o $@ $(LIBS)
clean:
${RM} -f ../ipf ../ipnat ../ipmon ../ippool ../ipftest
${RM} -f ../ipscan ../ipsyncm ../ipsyncs
${RM} -f core *.o *.a ipt ipfstat ipf ipfstat ipftest ipmon
${RM} -f if_ipl ipnat $(LKM) libmilli.a ipf.psf
${RM} -f ip_fil.c ipf_l.c ipf_y.c ipf_y.h ipf_l.h
${RM} -f ipscan ipscan_y.c ipscan_y.h ipscan_l.c ipscan_l.h
${RM} -f ippool ippool_y.c ippool_y.h ippool_l.c ippool_l.h
${RM} -f ipnat_y.c ipnat_y.h ipnat_l.c ipnat_l.h
${RM} -f ipmon_y.c ipmon_y.h ipmon_l.c ipmon_l.h
${RM} -f ipsyncm ipsyncs ipfs ip_rules.c ip_rules.h
${RM} -f ipnat.5 ipnat.4 ipnat.8 ipfilter.4 ipfilter.5
${MAKE} -f Makefile.ipsend clean
-(for i in *; do \
if [ -d $${i} -a -h $${i}/Makefile ] ; then \
cd $${i}; (make TOP=../.. clean); cd ..; \
rm $${i}/Makefile $${i}/Makefile.ipsend; \
rmdir $${i}; \
fi \
done)
ipf.pkg:
sed -e "s/HPREV/`uname -r`/g" ../ipf.psf.dist > ipf.psf
swpackage -x media_type=tape -s ipf.psf @ /tmp/${DEPOT}
mv /tmp/${DEPOT} ipf.pkg
install:
sed -e "s/HPREV/`uname -r`/g" ../ipf.psf.dist > ipf.psf
swpackage -s ipf.psf @ ${DEPOTDIR}/${DEPOT}
swreg -l depot ${DEPOTDIR}/${DEPOT}
@echo now do:
@echo swinstall -s ${DEPOTDIR}/${DEPOT} -x reinstall=true IPF-RUN
manualinstall:
mkdir -p -m 755 ${DEST} ${MANDIR} ${BINDEST} ${EXTRADIR} ${INCDIR}
mkdir -p -m 700 ${ETCDIR}
-$(INSTALL) -c -s ipftest $(BINDEST)/ipftest
-$(INSTALL) -c -s ipmon $(BINDEST)/ipmon
-$(INSTALL) -c -s ipsend $(BINDEST)/ipsend
-$(INSTALL) -c -s ipresend $(BINDEST)/ipresend
-$(INSTALL) -c $(TOP)/mkfilters $(BINDEST)/mkfilters
-$(INSTALL) -c -s ipfs $(SBINDEST)/ipfs
-$(INSTALL) -c -s ipnat $(SBINDEST)/ipnat
-$(INSTALL) -c -s ipf $(SBINDEST)/ipf
-$(INSTALL) -c -s ipfstat $(SBINDEST)/ipfstat
-$(INSTALL) -c ipfboot $(RCDIR)
-cp $(TOP)/man/*.[0-9] .
-$(INSTALL) ipf.8 $(MANDIR)/man8
-$(INSTALL) ipfs.8 $(MANDIR)/man8
-$(INSTALL) ipnat.8 $(MANDIR)/man8
-$(INSTALL) ipftest.1 $(MANDIR)/man1
-$(INSTALL) mkfilters.1 $(MANDIR)/man1
-$(INSTALL) ipf.4 $(MANDIR)/man4
-$(INSTALL) ipfilter.4 $(MANDIR)/man4
-$(INSTALL) ipnat.4 $(MANDIR)/man4
-$(INSTALL) ipl.4 $(MANDIR)/man4
-$(INSTALL) ipf.5 $(MANDIR)/man5
-$(INSTALL) ipnat.5 $(MANDIR)/man5
-$(INSTALL) ipfilter.5 $(MANDIR)/man5
-$(INSTALL) ipfstat.8 $(MANDIR)/man8
-$(INSTALL) ipmon.8 $(MANDIR)/man8
-$(INSTALL) ipmon.5 $(MANDIR)/man5
-$(INSTALL) ippool.8 $(MANDIR)/man8
-$(INSTALL) ippool.5 $(MANDIR)/man5
-$(INSTALL) ipscan.8 $(MANDIR)/man8
-$(INSTALL) ipscan.5 $(MANDIR)/man5
-cp $(TOP)/rules/* $(EXTRADIR)
-$(INSTALL) -m 644 -c $(TOP)/ip_fil.h $(INCDIR)
-$(INSTALL) -m 644 -c $(TOP)/ip_compat.h $(INCDIR)
-$(INSTALL) -m 644 -c $(TOP)/ip_state.h $(INCDIR)
-$(INSTALL) -m 644 -c $(TOP)/ip_nat.h $(INCDIR)
-$(INSTALL) -m 644 -c $(TOP)/ip_frag.h $(INCDIR)
-$(INSTALL) -m 644 -c $(TOP)/ip_proxy.h $(INCDIR)
-$(INSTALL) -m 644 -c $(TOP)/ip_auth.h $(INCDIR)
-touch ${ETCDIR}/ipf.conf ${ETCDIR}/ipnat.conf

65
HPUX/Makefile.ipsend Normal file
View File

@ -0,0 +1,65 @@
OBJS=ipsend.o ip.o ipsopt.o iplang_y.o iplang_l.o ethers.o
IPFTO=ipft_ef.o ipft_hx.o ipft_pc.o ipft_sn.o ipft_td.o ipft_tx.o ethers.o
ROBJS=ipresend.o ip.o resend.o ethers.o
TOBJS=iptest.o iptests.o ip.o ethers.o
UNIXOBJS=dlcommon.o sdlpi.o arp.o ethers.o
HPUX=hpux.o sock.o arp.o ethers.o
ABI=+DD${BITS} -I$(TOP)/../pfil -I/usr/conf -I.
CC=cc $(ABI) -DHPUXREV=$(HPUXREV)
OBJ=.
LIBS=-lnsl -L$(OBJ) -lipf
CFLAGS=-g -I$$(TOP) -Dhpux
all build dlpi hpux : ipsend ipresend iptest
.c.o:
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $< -o $@
ethers.o: ../ethers.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c ../ethers.c -o $@
iplang_y.o: $(TOP)/iplang/iplang_y.y
(cd $(TOP)/iplang; $(MAKE) "DESTDIR=../HPUX/$(CPUDIR)" 'CFLAGS=$(CFLAGS) $(ABI)')
iplang_l.o: $(TOP)/iplang/iplang_l.l
(cd $(TOP)/iplang; $(MAKE) "DESTDIR=../HPUX/$(CPUDIR)" 'CFLAGS=$(CFLAGS) $(ABI)')
ipsend: $(OBJS) $(UNIXOBJS)
$(CC) $(ABI) $(DEBUG) $(OBJS) $(UNIXOBJS) -o $@ $(LIBS) -ll
ipresend: $(ROBJS) $(UNIXOBJS)
$(CC) $(ABI) $(DEBUG) $(ROBJS) $(UNIXOBJS) -o $@ $(LIBS)
iptest: $(TOBJS) $(UNIXOBJS)
$(CC) $(ABI) $(DEBUG) $(TOBJS) $(UNIXOBJS) -o $@ $(LIBS)
clean:
rm -rf *.o core a.out ipsend ipresend iptest iplang_l.* iplang_y.*
ipsend.o: $(TOP)/ipsend/ipsend.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) $(SPU) -c $(TOP)/ipsend/ipsend.c -o $@
ipsopt.o: $(TOP)/ipsend/ipsopt.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/ipsopt.c -o $@
ipresend.o: $(TOP)/ipsend/ipresend.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/ipresend.c -o $@
ip.o: $(TOP)/ipsend/ip.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/ip.c -o $@
resend.o: $(TOP)/ipsend/resend.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/resend.c -o $@
ipft_sn.o: $(TOP)/ipft_sn.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipft_sn.c -o $@
ipft_pc.o: $(TOP)/ipft_pc.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipft_pc.c -o $@
iptest.o: $(TOP)/ipsend/iptest.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/iptest.c -o $@
iptests.o: $(TOP)/ipsend/iptests.c
$(CC) $(ABI) $(HPREV) $(DEBUG) $(CFLAGS) -Dhpux -c $(TOP)/ipsend/iptests.c -o $@
sock.o: $(TOP)/ipsend/sock.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/sock.c -o $@
arp.o: $(TOP)/ipsend/arp.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/arp.c -o $@
dlcommon.o: $(TOP)/ipsend/dlcommon.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/dlcommon.c -o $@
sdlpi.o: $(TOP)/ipsend/sdlpi.c
$(CC) $(ABI) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/sdlpi.c -o $@

6
HPUX/cpurev Executable file
View File

@ -0,0 +1,6 @@
#!/bin/sh
bits=`getconf KERNEL_BITS`
rev=`uname -r`
model=`uname -m|sed -e 's!/!.!'`
echo $rev.$model.$bits
exit 0

124
HPUX/ethers.c Normal file
View File

@ -0,0 +1,124 @@
/* $NetBSD: ethers.c,v 1.17 2000/01/22 22:19:14 mycroft Exp $ */
/*
* ethers(3N) a la Sun.
*
* Written by Roland McGrath <roland@frob.com> 10/14/93.
* Public domain.
*/
#if defined(__hpux) && (HPUXREV >= 1111) && !defined(_KERNEL)
# include <sys/kern_svcs.h>
#endif
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <net/if_arp.h>
#include <stdio.h>
#include <errno.h>
#include "ip_compat.h"
struct ether_addr *
ether_aton(s)
const char *s;
{
static struct ether_addr n;
u_int i[6];
if (sscanf(s, " %x:%x:%x:%x:%x:%x ", &i[0], &i[1],
&i[2], &i[3], &i[4], &i[5]) == 6) {
n.ether_addr_octet[0] = (u_char)i[0];
n.ether_addr_octet[1] = (u_char)i[1];
n.ether_addr_octet[2] = (u_char)i[2];
n.ether_addr_octet[3] = (u_char)i[3];
n.ether_addr_octet[4] = (u_char)i[4];
n.ether_addr_octet[5] = (u_char)i[5];
return &n;
}
return NULL;
}
int
ether_hostton(hostname, e)
const char *hostname;
struct ether_addr *e;
{
FILE *f;
char *p;
size_t len;
char try[MAXHOSTNAMELEN + 1];
char line[512];
#ifdef YP
int hostlen = strlen(hostname);
#endif
f = fopen("/etc/ethers", "r");
if (f==NULL)
return -1;
while ((p = fgets(line, sizeof(line), f)) != NULL) {
if (p[len - 1] != '\n')
continue; /* skip lines w/o \n */
p[--len] = '\0';
#ifdef YP
/* A + in the file means try YP now. */
if (len == 1 && *p == '+') {
char *ypbuf, *ypdom;
int ypbuflen;
if (yp_get_default_domain(&ypdom))
continue;
if (yp_match(ypdom, "ethers.byname", hostname, hostlen,
&ypbuf, &ypbuflen))
continue;
if (ether_line(ypbuf, e, try) == 0) {
free(ypbuf);
(void)fclose(f);
return 0;
}
free(ypbuf);
continue;
}
#endif
if (ether_line(p, e, try) == 0 && strcmp(hostname, try) == 0) {
(void)fclose(f);
return 0;
}
}
(void)fclose(f);
errno = ENOENT;
return -1;
}
int
ether_line(l, e, hostname)
const char *l;
struct ether_addr *e;
char *hostname;
{
u_int i[6];
static char buf[sizeof " %x:%x:%x:%x:%x:%x %s\\n" + 21];
/* XXX: 21 == strlen (ASCII representation of 2^64) */
if (! buf[0])
snprintf(buf, sizeof buf, " %%x:%%x:%%x:%%x:%%x:%%x %%%ds\\n",
MAXHOSTNAMELEN);
if (sscanf(l, buf,
&i[0], &i[1], &i[2], &i[3], &i[4], &i[5], hostname) == 7) {
e->ether_addr_octet[0] = (u_char)i[0];
e->ether_addr_octet[1] = (u_char)i[1];
e->ether_addr_octet[2] = (u_char)i[2];
e->ether_addr_octet[3] = (u_char)i[3];
e->ether_addr_octet[4] = (u_char)i[4];
e->ether_addr_octet[5] = (u_char)i[5];
return 0;
}
errno = EINVAL;
return -1;
}

27
HPUX/installmod Executable file
View File

@ -0,0 +1,27 @@
#!/bin/ksh
(kmadmin -U ipf)
(kminstall -d ipf)
kminstall -u ipf
if [[ $? -ne 0 ]] ; then
exit 1
fi
config -M ipf -u
if [[ $? -ne 0 ]] ; then
exit 1
fi
kmadmin -L ipf
kmadmin -Q ipf
if [[ $? -ne 0 ]] ; then
exit 1
fi
input=`kmadmin -Q ipf | grep 'Character Major'`
set $input
major=$3
/bin/rm -f /dev/ipl /dev/ipnat /dev/ipstate /dev/ipauth
mknod /dev/ipl c $major 0
mknod /dev/ipnat c $major 1
mknod /dev/ipstate c $major 2
mknod /dev/ipauth c $major 3
mknod /dev/ipsync c $major 4
mknod /dev/ipscan c $major 5
exit 0

161
HPUX/ipf.psf.dist Normal file
View File

@ -0,0 +1,161 @@
# File: psf
#
# Purpose: IP Filter Product Specification File (PSF) for swpackage
#
# Copyright (C) 2012 by Darren Reed.
#
# Description: PSF for IP FIlter 5.1.0
#
# $Id$
# The vendor definition here applies to all subsequently defined products.
vendor
tag IPFilter
title IPFilter Products
description Firewall/NAT Products
end
category
tag HPUXAdditions
title IP Filter
end
# Bundle definition(s):
bundle
tag IPF
title IP Filter 5.1.0
description Firewall/NAT
revision A.05.01.00
architecture HP-UX_HPREV_32/64
machine_type 9000/[678]??:*
os_name HP-UX
os_release HPREV
os_version *
category_tag HPUXAdditions
is_protected false
is_reference false
vendor_tag IPFilter
hp_srdo swtype=O;user=B;bundle_type=O
contents IPF-RUN,r=A.05.01.00,a=HP-UX_HPREV_32/64,v=IPFilter
end # bundle IPF
# Product definition(s):
product
tag IPF-RUN
title IP Filter 5.1.0
description Firewall/NAT
copyright < ../../SunOS5/copyright
revision A.05.01.00
architecture HP-UX_HPREV_32/64
machine_type 9000/[678]??:*
os_name HP-UX
os_release HPREV
os_version *
directory /
is_locatable false
vendor_tag IPFilter
# configure doc/configure
# unconfigure doc/unconfigure
########################################################################
# #
# The following filesets already exist on the system. #
# #
########################################################################
# InternetSrvcs.IPF-ALL
fileset
tag IPF-ALL
title IP Filter 5.1.0 : IPF-ALL
description < ../IPF-ALL/description
revision A.05.01.00
architecture HP-UX_HPREV_32/64
machine_type 9000/[678]??:*
os_name HP-UX
os_release HPREV
os_version *
is_kernel false
is_reboot false
# prerequisites PHKL_18543.NET-KRN,a=HP-UX_HPREV_32/64,v=HP
checkinstall ../IPF-ALL/checkinstall
preinstall ../IPF-ALL/preinstall
postinstall ../IPF-ALL/postinstall
verify ../IPF-ALL/verify
checkremove ../IPF-ALL/checkremove
preremove ../IPF-ALL/preremove
postremove ../IPF-ALL/postremove
directory . = /
file_permissions -m 555 -o bin -g bin
file mod.o var/tmp/build/mod.o
file ../master var/tmp/build/master
file ../system var/tmp/build/system
file ../space.h var/tmp/build/space.h
file ../ipfboot sbin/init.d/ipfboot
file ../ipfconf etc/rc.config.d/ipfconf
file ipf sbin/ipf
file ipfs sbin/ipfs
file ipnat sbin/ipnat
file ipfstat sbin/ipfstat
file ipmon opt/ipf/bin/ipmon
file ipsend opt/ipf/bin/ipsend
file ipftest opt/ipf/bin/ipftest
file ipresend opt/ipf/bin/ipresend
# file ipscan opt/ipf/bin/ipscan
# file ipsyncs opt/ipf/bin/ipsyncs
# file ipsyncm opt/ipf/bin/ipsyncm
file ../../mkfilters opt/ipf/bin/mkfilters
file_permissions -m 444 -o bin -g bin
file ../../ip_fil.h opt/ipf/include/ip_fil.h
file ../../ip_nat.h opt/ipf/include/ip_nat.h
file ../../ip_state.h opt/ipf/include/ip_state.h
file ../../ip_compat.h opt/ipf/include/ip_compat.h
file ../../ip_proxy.h opt/ipf/include/ip_proxy.h
file ../../ip_frag.h opt/ipf/include/ip_frag.h
file ../../ip_auth.h opt/ipf/include/ip_auth.h
file ../../man/ipf.8 opt/ipf/man/man8/ipf.8
file ../../man/ipnat.8 opt/ipf/man/man1/ipnat.8
file ../../man/ipmon.8 opt/ipf/man/man8/ipmon.8
file ../../man/ipfstat.8 opt/ipf/man/man8/ipfstat.8
file ../../man/ipftest.1 opt/ipf/man/man1/ipftest.1
file ../../man/ipfs.8 opt/ipf/man/man8/ipfs.8
file ../../man/mkfilters.1 opt/ipf/man/man1/mkfilters.1
file ../../man/ipf.4 opt/ipf/man/man4/ipf.4
file ../../man/ipfilter.4 opt/ipf/man/man4/ipfilter.4
file ../../man/ipl.4 opt/ipf/man/man4/ipl.4
file ../../man/ipnat.4 opt/ipf/man/man4/ipnat.4
file ../../man/ipf.5 opt/ipf/man/man5/ipf.5
file ../../man/ipfilter.5 opt/ipf/man/man4/ipfilter.5
file ../../man/ipnat.5 opt/ipf/man/man5/ipnat.5
file ../../rules/example.1 opt/ipf/examples/example.1
file ../../rules/example.2 opt/ipf/examples/example.2
file ../../rules/example.3 opt/ipf/examples/example.3
file ../../rules/example.4 opt/ipf/examples/example.4
file ../../rules/example.5 opt/ipf/examples/example.5
file ../../rules/example.6 opt/ipf/examples/example.6
file ../../rules/example.7 opt/ipf/examples/example.7
file ../../rules/example.8 opt/ipf/examples/example.8
file ../../rules/example.9 opt/ipf/examples/example.9
file ../../rules/example.10 opt/ipf/examples/example.10
file ../../rules/example.11 opt/ipf/examples/example.11
file ../../rules/example.12 opt/ipf/examples/example.12
file ../../rules/example.13 opt/ipf/examples/example.13
file ../../rules/example.sr opt/ipf/examples/example.sr
file ../../rules/nat.eg opt/ipf/examples/nat.eg
file ../../rules/server opt/ipf/examples/server
file ../../rules/tcpstate opt/ipf/examples/tcpstate
file ../../rules/BASIC.NAT opt/ipf/examples/BASIC.NAT
file ../../rules/BASIC_1.FW opt/ipf/examples/BASIC_1.FW
file ../../rules/BASIC_2.FW opt/ipf/examples/BASIC_2.FW
file ../../rules/firewall opt/ipf/examples/firewall
file ../../rules/ftp-proxy opt/ipf/examples/ftp-proxy
file ../../rules/ftppxy opt/ipf/examples/ftppxy
file ../../rules/nat-setup opt/ipf/examples/nat-setup
end # fileset IPF-ALL
end # product IPF-RUN

115
HPUX/ipfboot Normal file
View File

@ -0,0 +1,115 @@
#!/sbin/sh
#
PATH=/sbin:/usr/bin:/usr/sbin:/opt/ipf/bin
#
pid=`ps -e | grep ipmon | awk ' { print $1 } ' -`
. /etc/rc.config
block_default_workaround() {
ipf -F a
echo "constructing minimal name resolution rules..."
NAMESERVERS=`cat /etc/resolv.conf | awk '/nameserver/ {printf "%s ", $2}'`
for NS in $NAMESERVERS
do
IF_TO_NS=`/usr/sbin/route -n get $NS | awk '/interface/ {print $NF}'`
IP_TO_NS=any
echo "pass out quick proto udp from $IP_TO_NS to $NS port = 53 keep state" | \
ipf -f -
done
}
set_device_files() {
input=`kmadmin -Q ipf | grep 'Character Major'`
set $input
major=$3
/bin/rm -f /dev/ipl /dev/ipnat /dev/ipstate /dev/ipauth
/bin/rm -f /dev/ipsync /dev/ipscan /dev/iplookup
mknod /dev/ipl c $major 0
mknod /dev/ipnat c $major 1
mknod /dev/ipstate c $major 2
mknod /dev/ipauth c $major 3
mknod /dev/ipsync c $major 4
mknod /dev/ipscan c $major 5
mknod /dev/iplookup c $major 6
}
case "$1" in
start_msg)
echo "Starting IP Filter"
;;
stop_msg)
echo "Stopping IP Filter"
;;
start)
if [ ${IPF_START} -eq 1 ] ; then
if [ x$pid != x ] ; then
kill -TERM $pid
fi
kmadmin -L ipf
set_device_files
ipf -E
if [ -r ${IPF_CONF} ]; then
BLOCK_DEFAULT=`/sbin/ipf -V | grep Default | \
awk '{print $2}'`
if [ x$BLOCK_DEFAULT = "xblock" ] ; then
block_default_workaround
fi
ipf -IFa -f ${IPF_CONF}
if [ $? != 0 ]; then
echo "$0: load of ${IPF_CONF} into alternate set failed"
else
ipf -s
fi
fi
if [ -r ${IPNAT_CONF} ]; then
ipnat -CF -f ${IPNAT_CONF}
if [ $? != 0 ]; then
echo "$0: load of ${IPNAT_CONF} failed"
fi
fi
if [ ${IPMON_START} -eq 1 ] ; then
ipmon ${IPMON_FLAGS}
fi
else
exit 2
fi
;;
stop)
if [ x$pid != x ] ; then
kill -TERM $pid
fi
ipf -D
kmadmin -U ipf
;;
reload)
if [ -r ${IPF_CONF} ]; then
ipf -I -Fa -f ${IPF_CONF}
if [ $? != 0 ]; then
echo "$0: reload of ${IPF_CONF} into alternate set failed"
else
ipf -s
fi
fi
if [ -r ${IPNAT_CONF} ]; then
ipnat -CF -f ${IPNAT_CONF}
if [ $? != 0 ]; then
echo "$0: reload of ${IPNAT_CONF} failed"
fi
fi
;;
setdevs)
set_device_files
;;
*)
echo "Usage: $0 (start|stop|reload)" >&2
exit 1
;;
esac
exit 0

26
HPUX/ipfconf Normal file
View File

@ -0,0 +1,26 @@
#
# Directory where IP Filter configuration files are kept
#
IPF_CONFDIR=/etc/opt/ipf
#
# Packet filtering configuration file
#
IPF_CONF=${IPF_CONFDIR}/ipf.conf
#
# Network address translation configuration file
#
IPNAT_CONF=${IPF_CONFDIR}/ipnat.conf
#
# Load the ipfilter module ?
# 1 = Start, 0 = Do not start
#
IPF_START=1
#
# Start ipmon ?
# 1 = Start, 0 = Do not start
#
IPMON_START=1
#
# Options to start ipmon with
#
IPMON_FLAGS=-sD

10
HPUX/makeargs Executable file
View File

@ -0,0 +1,10 @@
#!/bin/ksh
dir=${0%makeargs}
hprev=`uname -r | sed -e 's/^[A-Z]\.\([0-9]*\)\.\([0-9]\)/\1\2/'`
if [ $hprev -lt 1111 ] ; then
lib=' LLIB=-ll'
dcpu=' SPU="-Dspustate_t=u_long"'
fi
cpu=`$dir/cpurev`
echo 'CPUDIR='$cpu' HPUXREV='$hprev''$lib$dcpu
exit 0

33
HPUX/master Normal file
View File

@ -0,0 +1,33 @@
*
* master file for "ipf" module
*
$VERSION
* Should start from 1, currently only 1 is correct value
1
$$$
$DRIVER_INSTALL
*
* Driver Block major Char major required for minimal system
*
ipf -1 -1
$$$
$LOADABLE
$$$
$INTERFACE
base
$$$
$DRIVER_DEPENDENCY
ipf pfil
$$$
$TYPE
ipf wsio_class pseudo cpmi -1 -1
$$$
$TUNABLE
$$$

3
HPUX/space.h Normal file
View File

@ -0,0 +1,3 @@
/*
* Tunable parameters for "ipf" module
*/

8
HPUX/system Normal file
View File

@ -0,0 +1,8 @@
*
* system file for "ipf" module
*
$VERSION 1
$CONFIGURE Y
$LOADABLE Y
$TUNABLE
$$$

View File

@ -1,8 +1,11 @@
This file is for use with FreeBSD 4.x and 5.x only.
Thi file is for use with FreeBSD 4.x and 5.x only.
To build a kernel for use with the loadable kernel module, follow these
steps:
0. Run "config GENERIC" or similar in /sys/i386/conf or the
appropriate directory for your kernel.
1. For FreeBSD version:
4.* do make freebsd4
5.* do make freebsd5
@ -16,10 +19,12 @@ steps:
5. install and reboot with the new kernel
6. use modload(8) to load the packet filter with:
6. use modload(8)/kldload(8) to load the packet filter with:
modload if_ipl.o
kldload ipf.ko
7. do "modstat" to confirm that it has been loaded successfully.
7. do "modstat" or "kldstat" to confirm that it has been loaded
successfully.
There is no need to use mknod to create the device in /dev;
- upon loading the module, it will create itself with the correct values,

View File

@ -1,7 +1,7 @@
IP Filter has been mostly tested under IRIX 6.2. It should work under IRIX 6.3
as well. Under IRIX 5.3, it has been successfully compiled and linked in the
kernel, but not tested. Compilation under IRIX >= 6.4 is not yet supported.
IP Filter has been mostly tested under IRIX 6.2 and 6.5.
Under IRIX 5.3, it has been successfully compiled and linked in the kernel,
but not tested.
To build a kernel with the IP filter and install it on your system,
follow these steps:
@ -17,13 +17,6 @@ follow these steps:
CC=gcc
to
CC=cc
b) enable full optimization
This means changing the lines reading:
DEBUG=-g
CFLAGS=-I$$(TOP)
to
DEBUG=
CFLAGS=-O2 -I$$(TOP)
1. do "make irix" (Warning: GNU make is not supported, so if it has
been installed on your system, verify your path and/or do "which make"
@ -80,11 +73,10 @@ ADDITIONAL NOTES:
the same major device number.
- We have not tested IP Filter on a multiprocessor machine yet.
However, feel free to try it and send your experiences/patches
back to marc@CAM.ORG. SGI prescribes that kernel code be built on such
systems with -D_MP_NETLOCKS -DMP. Therefore, these flags should
probably be uncommented on the DFLAGS line of IRIX/Makefile if your
machine has more than one processor.
SGI prescribes that kernel code be built on such systems with
-D_MP_NETLOCKS -DMP. Therefore, these flags should probably be
uncommented on the DFLAGS line of IRIX/Makefile if your machine
has more than one processor.
- It is also possible to build IP Filter as a dynamically loadable
kernel module (by retaining the IPFLKM=-DIPFILTER_LKM definition in the
@ -95,7 +87,6 @@ ADDITIONAL NOTES:
with IP22 CPU boards and can sometime cause panics during loading due
to a potential race condition.
CREDITS:
IP Filter was ported to IRIX by Marc Boucher <marc@CAM.ORG>

View File

@ -1,50 +1,43 @@
IP-Filter on Linux 2.0.31
-------------------------
NOTE: I have *ONLY* compiled and created patches for using IP Filter on
Linux 2.0.31. Any other kernel revision may need seprate patches.
Also, I've only tested on a x86 CPU so I can't make any guarantees
about it working on Sparc/Mac/Amiga.
The Linux 2.4 and 2.6 series of kernels are supported by this software.
First, you should do a sanity check of your system to make sure it will
compile IP Filter. You will need a "libfl" and a "libelf". If you don't
have these, install them before proceeding.
Building has been tested on RedHat 9 and SUSE 9.x, although your results
may vary.
The installation and compiliation process assumes that Linux 2.0.31
will be in the /usr/src/linux directory and that all the symbolic links
in /usr/include match. /usr/src/linux may be a symbolic link too, but
it must point to a 2.0.31 kernel source tree.
In general, you will need to have your kernel source in /usr/src/linux
to build IPFilter but different Linux projects may differ. See below.
The first step is to make the IP Filter binaries. Do this with a
"make linux" from the ip_fil3.2.x directory. If this completes with
no errors, install IP Filter with a "make install-linux".
Projects
========
Now that the user part of it is complete, it is time to work on the kernel.
To start this off, run "Linux/minstall". This will configure the devices
you will need for the IP Filter. Then run "Linux/kinstall". This will
patch your kernel source code and configuration files so you can enabled IP
Filter. You must now go to /usr/src/linux and configure your kernel using one
of the available interfaces to enable IP Filter. IP Filter will be presented
as a three way choice "y/m/n" - select "m" to enable it. Save your kernel
configuration file, rebuild, install and reboot with the new kernel.
Fedora
------
For Fedora, point your web browser at this URL and follow the instructions:
http://fedoraproject.org/wiki/Building_a_custom_kernel
When you've rebooted with the new kernel, you should be able to load
IP Filter with the command "insmod if_ipl". All going will, you will
see a message like this on your console:
For me, following the instructions put all of the kernel source code (for
Fedora 11) in $HOME/rpmbuild. As an example of the directory I used, see
BUILDROOT in Makefile.
IP Filter: initialized. Default = pass all, Logging = enabled
indicating that IP Filter has successfully been loaded into the kernel
and is awaiting.
Building IPFilter
=================
The steps required are as follows:
1. Create the binaries
make linux
2. Create the RPM file
make install-linux
3. In an ideal world, this step wouldn't be required. At this point you
need to locate the actual RPM file as the rpmbuild failed in the previous
step. Now run:
rpm -i /path/to/ipfilter.rpm
At this point IPFilter should be installed and ready to use.
Darren
Features Not Available on Linux, yet:
- compiled into the kernel
"<action> in on <if> to <if> ..."
"<action> in on <if> dup-to <if> ..."
"<action> in on <if> fastroute ..."
"block return-rst ..."
"map ... proxy ..." (Linux's masquerading is better at present)

View File

@ -2,6 +2,11 @@
For those running Solaris 2.5 or later, please read COMPILE.2.5 before
building IP Filter.
Download, build and install the pfil package.
A pointer to this can be found at:
http://coombs.anu.edu.au/~avalon/ipf-mentat.html
Type "make solaris" to build all the required binaries. DO NOT USE THE
GNU make!!!
@ -12,15 +17,15 @@ directory to SunOS5 and enter the following command:
make package
This will build the package into SunOS5/<arch>/root, copy that to
/var/spool/pkg as a package and then start the installation using
pkgadd.
This will build the package into SunOS5/<arch>/root, create a package
file called "ipf.pkg" in the SunOS5 directory and then start the
installation using pkgadd.
As part of the postinstall script, it will install loadable kernel module
as part of Solaris 2 (using add_drv) making it available for immeadiate use.
IP Filter will be installed into /opt/CYBSipf (programs, manual pages and
examples) and create a directory /etc/opt/CYBSipf with a null body file
IP Filter will be installed into /opt/ipf (programs, manual pages and
examples) and create a directory /etc/opt/ipf with a null body file
called "ipf.conf" using touch. The rc scripts have been written to look
for the configuration file here, using the installed binaries in /sbin.

18
INSTALL.Tru64 Normal file
View File

@ -0,0 +1,18 @@
Versions of Tru64 (aka OSF1) earlier than 5.1 aren't supported since
the relevant interfaces don't exist. Tru64 5.1 and 5.1a have been
tested.
1. do a "make tru64" (or "make osf") in this directory
2. run "make install-osf", in the same directory, to install
To enable IPFilter, you then need to do:
sysconfig -c ipfilter
Tru64 checkpoints:
- enable ipforwarding and ipgateway with "iprsetup -s"
Darren Reed
darrenr@pobox.com

81
IRIX/Makefile Normal file
View File

@ -0,0 +1,81 @@
#!smake
#
# Copyright (C) 2012 by Darren Reed.
# Copyright (C) 1997 by Marc Boucher.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
# For IRIX
#
# Automatically determine compiler switches and defines for kernel compilation
# based on our current CPU:
#
DCPU=`uname -m`
# workaround minor Makefile.kernio IP22 bug
#if defined(DCPU) && ( $(DCPU) == "IP22" )
CMODELWRKAROUND="COMPILATION_MODEL=32"
#else
CMODELWRKAROUND=
#endif
KFLAGS != smake -d v -n \
-f $(ROOT)/var/sysgen/Makefile.kernio \
CPUBOARD=$(DCPU) $(CMODELWRKAROUND) 2>/dev/null \
| sed -n -e '/^Global:CFLAGS =/h' -e '$$g' -e '$$s/Global:CFLAGS =//' \
-e '$$s/ -G *8 / /' -e '$$p' -e 's/-fullwarn//'
WOFF=-woff 1172,1174,1196,1233,1412,1413,1498,1506,1692
#
SGIREV=-DIRIX=$(SGI)
BINDEST=/usr/sbin
SBINDEST=/sbin
MANDIR=/usr/share/man/local
INCDEST=/usr/include/netinet
LKMDEST=/var/sysgen/boot
HERE=IRIX/$(CPUDIR)
CPUDIR=`uname -s|sed -e 's@/@@g'`-`uname -R`-`uname -m`
RANLIB=echo
AROPTS=crs
OBJ=.
DEST=.
TOP=..
TOOL=$(TOP)/tools
LIBS=-L. -lipf
#CC=cc -Wall -Wuninitialized -Wstrict-prototypes -Werror -O
CC=cc -common
CFLAGS=-g -I$(TOP) -I.
#
ML=mli_ipl.c
MLD=$(ML)
#if defined(IPFLKM) && !empty(IPFLKM)
MLFLAGS= -G 0
LKM=ipflkm.o
#else
MLFLAGS= -G 8
LKM=ipfilter.o
#endif
MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
'CFLAGS=$(CFLAGS) $(SOLARIS2)' "IPFLKM=$(IPFLKM)" \
"IPFLOG=$(IPFLOG)" "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" \
"SOLARIS2=$(SOLARIS2)" "DEBUG=$(DEBUG)" "DCPU=$(CPU)" \
"CPUDIR=$(CPUDIR)" "LOOKUP=$(LOOKUP)" "XID=$(XID)"
CCARGS=$(DEBUG) $(CFLAGS) -D_KMEMUSER -DIPFILTER_LOG
#
########## ########## ########## ########## ########## ########## ##########
#
CP=/bin/cp
RM=/bin/rm
CHMOD=/bin/chmod
INSTALL=/sbin/install
LIBSRC=$(TOP)/lib
#
DFLAGS=$(WOFF) $(IPFLKM) $(IPFLOG) $(KFLAGS) $(MLFLAGS) -jalr $(SGIREV) \
$(LOOKUP) $(XID) #-D_MP_NETLOCKS -DMP
include $(TOP)/lib/Makefile
include Makefile.common
#if !defined(IPFLKM) || empty(IPFLKM)
-${RM} -f $(LKMDEST)/ipflkm.o
/etc/autoconfig
#endif

380
IRIX/Makefile.common Normal file
View File

@ -0,0 +1,380 @@
MODOBJS=ip_fil.o fil.o ml_ipl.o ip_nat.o ip_frag.o ip_state.o ip_proxy.o \
ip_auth.o ip_log.o ip_scan.o ip_sync.o md5.o radix.o ip_nat6.o \
ip_lookup.o ip_htable.o ip_pool.o
IPF=ipf.o ipfcomp.o ipf_y.o ipf_l.o
IPFTEST=ipftest.o fil_u.o ip_frag_u.o ip_state_u.o ip_nat_u.o ip_proxy_u.o \
ip_auth_u.o ip_fil_u.o ip_log_u.o ip_scan_u.o ip_sync_u.o \
ip_lookup_u.o ip_htable_u.o ip_pool_u.o ip_rules_u.o ip_nat6_u.o \
ipf_y.o ipf_l.o ipnat_y.o ipnat_l.o ippool_y.o ippool_l.o \
bpf_filter_u.o md5_u.o radix_u.o
IPNAT=ipnat.o ipnat_y.o ipnat_l.o
IPMON=ipmon.o ipmon_y.o ipmon_l.o
IPPOOL=ippool_y.o ippool_l.o ippool.o
IPFSTAT=ipfstat.o
EXTRA=-DIPFILTER_LOG -DIPFILTER_LOOKUP
#FIXRADIX=-Dradix_node=ipf_radix_node -Dradix_node_head=ipf_radix_node_head \
# -Drn_inithead=ipf_rn_inithead -Drn_walktree=ipf_rn_walktree
FIXRADIX=-D__NET_RADIX_H_
build all: radix_ipf_local.h $(DEST)/libipf.a ipf ipfs ipfstat ipftest ipmon ipnat \
ippool ipscan ipsyncm ipsyncs $(LKM)
-sh -c 'for i in ipf ipftest ipmon ippool ipnat ipscan ipsyncm ipsyncs; do /bin/rm -f $(TOP)/$$i; ln -s `pwd`/$$i $(TOP); done'
ipfstat: $(IPFSTAT) $(DEST)/libipf.a
$(CC) $(CCARGS) $(STATETOP_CFLAGS) $(STATETOP_INC) \
$(IPFSTAT) -o $@ $(LIBS) $(STATETOP_LIB) -lelf
ipf: $(IPF) $(DEST)/libipf.a
$(CC) $(CCARGS) $(IPF) -o $@ $(LIBS) $(LIBBPF)
ipftest: $(IPFTEST) $(DEST)/libipf.a
$(CC) $(CCARGS) $(IPFTEST) -o $@ $(LIBS) $(LIBBPF)
ipnat: $(IPNAT) $(DEST)/libipf.a
$(CC) $(CCARGS) $(IPNAT) -o $@ $(LIBS) -lelf
ipnat.o: $(TOOL)/ipnat.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipnat.c -o $@
ipnat_y.o: ipnat_y.c ipnat_y.h $(TOP)/ip_nat.h ipnat_l.h
$(CC) $(CCARGS) -c ipnat_y.c -o $@
ipnat_y.c ipnat_y.h: $(TOOL)/ipnat_y.y $(TOP)/ip_nat.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipnat_l.o: ipnat_l.c ipnat_l.h $(TOP)/ip_nat.h ipnat_y.h
$(CC) $(CCARGS) -c ipnat_l.c -o $@
ipnat_l.c: $(TOOL)/lexer.c ipnat_y.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipnat_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
tests:
(cd test; make )
ipfstat.o: $(TOOL)/ipfstat.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_frag.h \
$(TOP)/ip_compat.h $(TOP)/ip_state.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) $(STATETOP_CFLAGS) $(STATETOP_INC) \
-c $(TOOL)/ipfstat.c -o $@
fil_u.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h \
$(TOP)/ipl.h radix_ipf_local.h
$(CC) $(CCARGS) $(EXTRA) $(IPFBPF) -I. -c $(TOP)/fil.c -o $@
fil.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h \
$(TOP)/ipl.h
$(CC) $(CCARGS) $(POLICY) $(DFLAGS) $(IPFBPF) -c $(TOP)/fil.c -o $@
ipf.o: $(TOOL)/ipf.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipf.c -o $@
ipfcomp.o: $(TOOL)/ipfcomp.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipfcomp.c -o $@
ipftest.o: $(TOOL)/ipftest.c $(TOP)/ip_fil.h $(TOP)/ipt.h $(TOP)/ipf.h
$(CC) $(SGIREV) $(CCARGS) -c $(TOOL)/ipftest.c -o $@
ip_nat_u.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_nat.c -o $@
ip_nat6_u.o: $(TOP)/ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_nat6.c -o $@
ip_proxy_u.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_rcmd_pxy.c $(TOP)/ip_raudio_pxy.c \
$(TOP)/ip_rpcb_pxy.c $(TOP)/ip_ipsec_pxy.c $(TOP)/ip_nat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_proxy.c -o $@
ip_frag_u.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_frag.c -o $@
ip_state_u.o: $(TOP)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_state.c -o $@
ip_auth_u.o: $(TOP)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_auth.c -o $@
ip_rules_u.o: ip_rules.c $(TOP)/ip_rules.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c ip_rules.c -o $@
ip_pool_u.o: $(TOP)/ip_pool.c $(TOP)/ip_pool.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_pool.c -o $@
ip_scan_u.o: $(TOP)/ip_scan.c $(TOP)/ip_scan.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_scan.c -o $@
ip_sync_u.o: $(TOP)/ip_sync.c $(TOP)/ip_sync.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_sync.c -o $@
ip_lookup_u.o: $(TOP)/ip_lookup.c $(TOP)/ip_lookup.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_lookup.c -o $@
ip_htable_u.o: $(TOP)/ip_htable.c $(TOP)/ip_htable.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_htable.c -o $@
ip_fil_u.o: $(TOP)/ip_fil.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h radix_ipf_local.h
$(CC) $(CCARGS) $(EXTRA) -I. -c $(TOP)/ip_fil.c -o $@
bpf_filter_u.o: $(TOP)/bpf_filter.c
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/bpf_filter.c -o $@
md5_u.o: $(TOP)/md5.c
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/md5.c -o $@
radix_u.o: $(TOP)/radix.c $(TOP)/radix_ipf.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/radix.c -o $@
ipfs: ipfs.o
$(CC) $(CCARGS) ipfs.o -o $@
ipfs.o: $(TOOL)/ipfs.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_state.h \
$(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipfs.c -o $@
ipsyncm: ipsyncm.o $(DEST)/libipf.a
$(CC) $(CCARGS) ipsyncm.o -o $@ $(LIBS)
ipsyncs: ipsyncs.o $(DEST)/libipf.a
$(CC) $(CCARGS) ipsyncs.o -o $@ $(LIBS)
ipsyncm.o: $(TOOL)/ipsyncm.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncm.c -o $@
ipsyncs.o: $(TOOL)/ipsyncs.c $(TOP)/ip_sync.h
$(CC) $(CCARGS) -c $(TOOL)/ipsyncs.c -o $@
ip_log_u.o: $(TOP)/ip_log.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_log.c -o $@
ip_rules.c: $(TOP)/rules/ip_rules $(TOP)/tools/ipfcomp.c ipf
./ipf -cc -nf $(TOP)/rules/ip_rules
$(TOP)/ip_rules.h: ip_rules.c
if [ ! -f $(TOP)/ip_rules.h ] ; then \
/bin/mv -f ip_rules.h $(TOP); \
else \
touch $(TOP)/ip_rules.h; \
fi
$(LKM): $(MODOBJS)
ld $(MLFLAGS) -r -d $(MODOBJS) -o $(LKM)
ip_nat.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_nat.c -o $@
ip_nat6.o: $(TOP)/ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_nat6.c -o $@
ip_frag.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_frag.c -o $@
ip_state.o: $(TOP)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_state.c -o $@
ip_proxy.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_rcmd_pxy.c $(TOP)/ip_raudio_pxy.c \
$(TOP)/ip_rpcb_pxy.c $(TOP)/ip_ipsec_pxy.c $(TOP)/ip_nat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_proxy.c -o $@
ip_auth.o: $(TOP)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_auth.c -o $@
ip_pool.o: $(TOP)/ip_pool.c $(TOP)/ip_pool.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h radix_ipf_local.h
$(CC) $(CCARGS) $(DFLAGS) $(FIXRADIX) -I. -c $(TOP)/ip_pool.c -o $@
ip_scan.o: $(TOP)/ip_scan.c $(TOP)/ip_scan.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_scan.c -o $@
ip_sync.o: $(TOP)/ip_sync.c $(TOP)/ip_sync.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_sync.c -o $@
radix.o: $(TOP)/radix.c $(TOP)/radix_ipf.h
$(CC) $(CCARGS) $(DFLAGS) $(FIXRADIX) -c $(TOP)/radix.c -o $@
ip_lookup.o: $(TOP)/ip_lookup.c $(TOP)/ip_lookup.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h radix_ipf_local.h
$(CC) $(CCARGS) $(DFLAGS) $(FIXRADIX) -I. -c $(TOP)/ip_lookup.c -o $@
ip_htable.o: $(TOP)/ip_htable.c $(TOP)/ip_htable.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_lookup.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_htable.c -o $@
ip_fil.o: $(TOP)/ip_fil_irix.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h \
$(TOP)/ip_nat.h
$(CC) $(CCARGS) $(DFLAGS) $(COMPIPF) -c $(TOP)/ip_fil_irix.c -o $@
ip_log.o: $(TOP)/ip_log.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/ip_log.c -o $@
md5.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) $(CCARGS) $(DFLAGS) -c $(TOP)/md5.c -o $@
ml_ipl.o: $(TOP)/$(MLD) $(TOP)/ipl.h
$(CC) -I. $(CFLAGS) $(DFLAGS) -c $(TOP)/$(ML) -o $@
ipf_y.o: ipf_y.c $(TOP)/ip_fil.h $(TOP)/ipf.h ipf_y.h ipf_l.h
$(CC) $(CCARGS) $(IPFBPF) -c ipf_y.c -o $@
ipf_l.o: ipf_l.c $(TOP)/ip_fil.h $(TOP)/ipf.h ipf_y.h ipf_l.h
$(CC) $(CCARGS) -c ipf_l.c -o $@
ipf_y.c ipf_y.h: $(TOOL)/ipf_y.y $(TOP)/ipf.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipf_l.c: $(TOOL)/lexer.c $(TOP)/ipf.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipf_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipmon: $(IPMON) $(DEST)/libipf.a
$(CC) $(CCARGS) $(LOGFAC) $(IPMON) -o $@ $(LIBS)
ipmon.o: $(TOOL)/ipmon.c $(TOP)/ipmon.h
$(CC) $(CCARGS) $(LOGFAC) -c $(TOOL)/ipmon.c -o $@
ipmon_y.o: ipmon_y.c ipmon_y.h $(TOP)/ipmon.h ipmon_l.h
$(CC) $(CCARGS) -c ipmon_y.c -o $@
ipmon_y.c ipmon_y.h: $(TOOL)/ipmon_y.y $(TOP)/ipmon.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipmon_l.o: ipmon_l.c ipmon_y.h $(TOP)/ipmon.h ipmon_l.h
$(CC) $(CCARGS) -c ipmon_l.c -o $@
ipmon_l.c: $(TOOL)/lexer.c $(TOP)/ipmon.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipmon_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipscan: ipscan_y.o ipscan_l.o $(DEST)/libipf.a
$(CC) $(DEBUG) ipscan_y.o ipscan_l.o -o $@ $(LIBS)
ipscan_y.o: ipscan_y.c ipscan_y.h $(TOP)/ip_scan.h ipscan_l.h
$(CC) $(CCARGS) -c ipscan_y.c -o $@
ipscan_l.o: ipscan_l.c ipscan_y.h $(TOP)/ip_scan.h ipscan_l.h
$(CC) $(CCARGS) -I. -c ipscan_l.c -o $@
ipscan_y.h ipscan_y.c: $(TOOL)/ipscan_y.y $(TOP)/ip_scan.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipscan_l.c: $(TOOL)/lexer.c $(TOP)/ip_scan.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ipscan_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ippool: $(IPPOOL)
$(CC) $(CCARGS) -I. $(IPPOOL) -o $@ $(LIBS)
ippool.o: $(TOOL)/ippool.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(TOOL)/ippool.c -o $@
ippool_y.o: ippool_y.c ippool_y.h $(TOP)/ip_pool.h ippool_l.h
$(CC) $(CCARGS) -c ippool_y.c -o $@
ippool_l.o: ippool_l.c ippool_y.h $(TOP)/ip_pool.h ippool_l.h
$(CC) $(CCARGS) -I. -c ippool_l.c -o $@
ippool_y.h ippool_y.c: $(TOOL)/ippool_y.y $(TOP)/ip_pool.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ippool_l.c: $(TOOL)/lexer.c $(TOP)/ip_pool.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
ippool_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make DEST=../$(HERE) ../$(HERE)/$@)
radix_ipf_local.h: $(TOP)/radix_ipf.h
radix_ipf_local.h radix_ipf.h: $(TOP)/radix_ipf.h Makefile
cat $(TOP)/radix_ipf.h > $@
# sed -e 's/radix_node/ipf_radix_node/g' \
# -e 's/radix_mask/ipf_radix_mask/g' \
# $(TOP)/radix_ipf.h > $@
.y.c:
.l.c:
clean:
${RM} -f ../ipf ../ipmon ../ipnat ../ippool ../ipftest
${RM} -f ../ipscan ../ipsyncm ../ipsyncs
${RM} -f core *.o *.a ipt ipfstat ipf ipfstat ipftest ipmon
${RM} -f if_ipl ipnat $(LKM)
${RM} -f ip_fil.c ipf_l.c ipf_y.c ipf_y.h ipf_l.h
${RM} -f ipscan ipscan_y.c ipscan_y.h ipscan_l.c ipscan_l.h
${RM} -f ippool ippool_y.c ippool_y.h ippool_l.c ippool_l.h
${RM} -f ipnat_y.c ipnat_y.h ipnat_l.c ipnat_l.h
${RM} -f ipmon_y.c ipmon_y.h ipmon_l.c ipmon_l.h
${RM} -f ipsyncm ipsyncs ipfs ip_rules.c ip_rules.h
${MAKE} -f Makefile.ipsend ${MFLAGS} TOP=$(TOP) clean
-(for i in *; do \
if [ -d $${i} -a -f $${i}/Makefile ] ; then \
cd $${i}; ($(MAKE) clean TOP=../..); cd ..; \
${RM} $${i}/Makefile $${i}/Makefile.ipsend; \
${RM} $${i}/Makefile.common; \
rmdir $${i}; \
fi \
done)
install:
-$(INSTALL) -F $(SBINDEST) -m 755 -src $(CPUDIR)/ipf -O ipf
-$(INSTALL) -F $(SBINDEST) -m 755 -src $(CPUDIR)/ipfstat -O ipfstat
-$(INSTALL) -F $(SBINDEST) -m 755 -src $(CPUDIR)/ipnat -O ipnat
-$(INSTALL) -F $(SBINDEST) -m 755 -src $(CPUDIR)/ipmon -O ipmon
-$(INSTALL) -F $(BINDEST) -m 755 -src $(CPUDIR)/ipftest -O ipftest
-$(INSTALL) -F $(BINDEST) -m 755 -src $(CPUDIR)/ipsend -O ipsend
# -$(INSTALL) -F $(BINDEST) -m 755 -src $(CPUDIR)/ipsyncs -O ipsyncs
# -$(INSTALL) -F $(BINDEST) -m 755 -src $(CPUDIR)/ipsyncm -O ipsyncm
-$(INSTALL) -F $(BINDEST) -m 755 -src $(CPUDIR)/ipresend -O ipresend
-if [ -r $(LKMDEST)/$(LKM) -a ! -r $(LKMDEST)/$(LKM).DIST ]; then \
cp -p $(LKMDEST)/$(LKM) $(LKMDEST)/$(LKM).DIST; \
fi
-$(INSTALL) -F /var/sysgen/master.d -m 644 ipl
-$(INSTALL) -F $(LKMDEST) -m 444 -src $(CPUDIR)/$(LKM) -O $(LKM)
-$(INSTALL) -F $(INCDEST) -m 444 -src $(TOP)/ip_fil.h -O ip_fil.h
-$(INSTALL) -F $(INCDEST) -m 444 -src $(TOP)/ip_nat.h -O ip_nat.h
-$(INSTALL) -F $(MANDIR)/man1 -m 444 -src $(TOP)/ipsend/ipsend.1 -O ipsend.1
-$(INSTALL) -F $(MANDIR)/man1 -m 444 -src $(TOP)/ipsend/ipresend.1 -O ipresend.1
-$(INSTALL) -F $(MANDIR)/man1 -m 444 -src $(TOP)/ipsend/iptest.1 -O iptest.1
-$(INSTALL) -F $(MANDIR)/man5 -m 444 -src $(TOP)/ipsend/ipsend.5 -O ipsend.5
-$(INSTALL) -F $(MANDIR)/man8 -m 444 -src $(TOP)/man/ipnat.8 -O ipnat.8
-$(INSTALL) -F $(MANDIR)/man1 -m 444 -src $(TOP)/man/ipftest.1 -O ipftest.1
-$(INSTALL) -F $(MANDIR)/man4 -m 444 -src $(TOP)/man/ipf.4 -O ipf.4
-$(INSTALL) -F $(MANDIR)/man4 -m 444 -src $(TOP)/man/ipfilter.4 -O ipfilter.4
-$(INSTALL) -F $(MANDIR)/man4 -m 444 -src $(TOP)/man/ipl.4 -O ipl.4
-$(INSTALL) -F $(MANDIR)/man4 -m 444 -src $(TOP)/man/ipnat.4 -O ipnat.4
-$(INSTALL) -F $(MANDIR)/man5 -m 444 -src $(TOP)/man/ipf.5 -O ipf.5
-$(INSTALL) -F $(MANDIR)/man5 -m 444 -src $(TOP)/man/ipnat.5 -O ipnat.5
-$(INSTALL) -F $(MANDIR)/man5 -m 444 -src $(TOP)/man/ipfilter.5 -O ipfilter.5
-$(INSTALL) -F $(MANDIR)/man8 -m 444 -src $(TOP)/man/ipf.8 -O ipf.8
-$(INSTALL) -F $(MANDIR)/man8 -m 444 -src $(TOP)/man/ipfs.8 -O ipfs.8
-$(INSTALL) -F $(MANDIR)/man8 -m 444 -src $(TOP)/man/ipfstat.8 -O ipfstat.8
-$(INSTALL) -F $(MANDIR)/man8 -m 444 -src $(TOP)/man/ipmon.8 -O ipmon.8
-$(INSTALL) -F /etc/init.d -m 755 -src ipfboot -O ipf
#if !defined(IPFLKM) || empty(IPFLKM)
-${RM} -f $(LKMDEST)/ipflkm.o
/etc/autoconfig
#endif

68
IRIX/Makefile.ipsend Normal file
View File

@ -0,0 +1,68 @@
IOBJS=ipsend.o ip.o ipsopt.o iplang_y.o iplang_l.o
ROBJS=ipresend.o ip.o resend.o
TOBJS=iptest.o iptests.o ip.o
UNIXOBJS=sirix.o arp.o
OBJ=.
LIBSRC=../../lib
DEST=.
TOP=../..
LIBS=-L$(OBJ) -lipf
CC=cc
CFLAGS=-g -I$(TOP)
include $(TOP)/lib/Makefile
all build irix : libipf.a ipsend ipresend iptest
.c.o:
$(CC) $(DEBUG) $(CFLAGS) -c $< -o $@
iplang_y.o: $(TOP)/iplang/iplang_y.y
(cd $(TOP)/iplang; $(MAKE) 'CFLAGS=$(CFLAGS)' 'DESTDIR=../IRIX/$(CPUDIR)' )
iplang_l.o: $(TOP)/iplang/iplang_l.l
(cd $(TOP)/iplang; $(MAKE) 'DESTDIR=../IRIX/$(CPUDIR)' )
ipsend: $(IOBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(IOBJS) $(UNIXOBJS) -o $@ $(LIBS) -ll
ipresend: $(ROBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(ROBJS) $(UNIXOBJS) -o $@ $(LIBS)
iptest: $(TOBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(TOBJS) $(UNIXOBJS) -o $@ $(LIBS)
clean:
rm -rf *.o core a.out ipsend ipresend iptest
rm -rf iplany_y.c iplang_l.c iplang_y.h iplang_y.c
ipsend.o: $(TOP)/ipsend/ipsend.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/ipsend.c -o $@
ipsopt.o: $(TOP)/ipsend/ipsopt.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/ipsopt.c -o $@
ipresend.o: $(TOP)/ipsend/ipresend.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/ipresend.c -o $@
ip.o: $(TOP)/ipsend/ip.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/ip.c -o $@
resend.o: $(TOP)/ipsend/resend.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/resend.c -o $@
iptest.o: $(TOP)/ipsend/iptest.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/iptest.c -o $@
iptests.o: $(TOP)/ipsend/iptests.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/iptests.c -o $@
sock.o: $(TOP)/ipsend/sock.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/sock.c -o $@
arp.o: $(TOP)/ipsend/arp.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/arp.c -o $@
sirix.o: $(TOP)/ipsend/sirix.c
$(CC) $(DEBUG) $(CFLAGS) -c $(TOP)/ipsend/sirix.c -o $@

66
IRIX/Makefile.std Normal file
View File

@ -0,0 +1,66 @@
#!smake
#
# Copyright (C) 2012 by Darren Reed.
# Copyright (C) 1997 by Marc Boucher.
#
# Redistribution and use in source and binary forms are permitted
# provided that this notice is preserved and due credit is given
# to the original authors and the contributors.
#
# For IRIX
#
# Automatically determine compiler switches and defines for kernel compilation
# based on our current CPU:
#
DCPU=`uname -m`
KFLAGS=`$(TOP)/IRIX/getkflags`
#
BINDEST=/usr/sbin
SBINDEST=/sbin
MANDIR=/usr/share/man/local
INCDEST=/usr/include/netinet
LKMDEST=/var/sysgen/boot
HERE=IRIX/$(CPUDIR)
CPUDIR=`uname -s|sed -e 's@/@@g'`-`uname -r`-`uname -m`
RANLIB=echo
AROPTS=crs
OBJ=.
DEST=.
TOP=..
TOOL=$(TOP)/tools
LIBS=-L. -lipf
#CC=cc -Wall -Wuninitialized -Wstrict-prototypes -Werror -O
CFLAGS=-g -I$(TOP)
#
ML=mli_ipl.c
MLD=$(ML)
#if defined(IPFLKM) && !empty(IPFLKM)
MLFLAGS= -G 0
LKM=ipflkm.o
#else
MLFLAGS= -G 8
LKM=ipfilter.o
#endif
MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
'CFLAGS=$(CFLAGS) $(SOLARIS2)' "IPFLKM=$(IPFLKM)" \
"IPFLOG=$(IPFLOG)" "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" \
"SOLARIS2=$(SOLARIS2)" "DEBUG=$(DEBUG)" "DCPU=$(CPU)" \
"CPUDIR=$(CPUDIR)" "LOOKUP=$(LOOKUP)"
#
CCARGS=-D_STANDALONE $(DEBUG) $(CFLAGS) -D_KMEMUSER -DIPFILTER_LOG
#
########## ########## ########## ########## ########## ########## ##########
#
CP=/bin/cp
RM=/bin/rm
CHMOD=/bin/chmod
INSTALL=/sbin/install
LIBSRC=$(TOP)/lib
#
DFLAGS=$(IPFLKM) $(IPFLOG) $(KFLAGS) $(MLFLAGS) -jalr #-D_MP_NETLOCKS -DMP \
$(LOOKUP)
include $(TOP)/lib/Makefile
include Makefile.common

10
IRIX/cpurev Executable file
View File

@ -0,0 +1,10 @@
#!/bin/sh
rev=`uname -R 2>/dev/null`
if [ $? -eq 0 ] ; then
rev=`echo $rev | awk ' { print $NF; } ' -`
else
rev=`uname -r`
fi
model=`uname -m|sed -e 's!/!.!'`
echo $rev.$model
exit 0

0
test/expected/expected.sed → IRIX/getkflags Normal file → Executable file
View File

13
IRIX/getrev Executable file
View File

@ -0,0 +1,13 @@
#!/bin/sh
uname -R 2>/dev/null >/dev/null
if [ $? -eq 0 ] ; then
osrev=`uname -R| awk ' { print $NF; } ' -`
sub=`expr $osrev : '[0-9]*\.[0-9]*\.\([0-9]*\).*'`
else
osrev=`uname -r`
sub=0
fi
major=`expr $osrev : '\([0-9]\)\..*'`
minor=`expr $osrev : '[0-9]*\.\([0-9]*\).*'`
printf '%d%02d%02d' $major $minor $sub
exit 0

85
IRIX/ipfboot Normal file
View File

@ -0,0 +1,85 @@
#!/bin/sh
#
# Major device number definition from /dev/MAKEDEV:
C_IPL=79 # IP packet filtering device
#
PATH=/sbin:/usr/etc:/usr/sbin:${PATH}
if [ -r /var/sysgen/boot/ipflkm.o ]; then
ipflkm=true
else
ipflkm=false
fi
id=`ml list | grep ipl | awk ' { print $2; } ' -`
pid=`ps -e | grep ipmon | awk ' { print $1 } ' -`
IPFILCONF=/etc/ipf.conf
IPNATCONF=/etc/ipnat.conf
case "$1" in
start)
if [ x$pid != x ] ; then
kill -TERM $pid
fi
if [ x$id != x ] ; then
/sbin/ml unld $id
fi
if ${ipflkm}; then
/sbin/ml ld -v -c /var/sysgen/boot/ipflkm.o -p ipl -s $C_IPL
fi
(cd /dev && rm -f ipf ipl ipnat ipstate ipauth)
(cd /dev && rm -f ipsync ipscan iplookup)
mknod /dev/ipf c $C_IPL 0
mknod /dev/ipl c $C_IPL 0
mknod /dev/ipnat c $C_IPL 1
mknod /dev/ipstate c $C_IPL 2
mknod /dev/ipauth c $C_IPL 3
mknod /dev/ipsync c $C_IPL 4
mknod /dev/ipscan c $C_IPL 5
mknod /dev/iplookup c $C_IPL 7
(cd /dev && chmod 600 ipf ipl ipnat ipstate ipauth)
(cd /dev && chmod 600 ipsync ipscan iplookup)
ipf -E
[ -r ${IPFILCONF} ] && ipf -Fa -f ${IPFILCONF}
[ -r ${IPNATCONF} ] && ipnat -CF -f ${IPNATCONF}
ipmon -sn </dev/null >/dev/null 2>&1 &
;;
stop)
if [ "x$pid" != "x" ] ; then
kill -TERM $pid
fi
if ${ipflkm}; then
if [ x$id != x ] ; then
/sbin/ml unld $id && \
(cd /dev && rm -f ipf ipl ipnat ipstate ipauth)
(cd /dev && rm -f ipsync ipscan iplookup)
fi
else
ipf -D
fi
;;
reload)
if [ -r ${IPFILCONF} ]; then
ipf -I -Fa -f ${IPFILCONF}
if [ $? != 0 ]; then
echo "$0: reload of ${IPFILCONF} into alternate set failed"
else
ipf -s
fi
fi
if [ -r ${IPNATCONF} ]; then
ipnat -CF -f ${IPNATCONF}
if [ $? != 0 ]; then
echo "$0: reload of ${IPNATCONF} failed"
fi
fi
;;
*)
echo "Usage: $0 (start|stop|reload)" >&2
exit 1
;;
esac
exit 0

3
IRIX/ipl Normal file
View File

@ -0,0 +1,3 @@
*FLAG PREFIX SOFT #DEV DEPENDENCIES
codns ipl 79 -
$$$

540
Linux/Makefile Normal file
View File

@ -0,0 +1,540 @@
#
# Copyright (C) 2012 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
#gcc -D__KERNEL__ -I/usr/src/linux/include -Wall -Wstrict-prototypes -O2
#-fomit-frame-pointer -fno-strength-reduce -pipe -m486 -malign-loops=2
#-malign-jumps=2 -malign-functions=2 -DCPU=586 -c -o ip_input.o ip_input.c
SPECFILE=ipfilter.spec
ROOTDIR=/usr/src/redhat/BUILD/ipfilter/
BINDEST=/usr/bin
SBINDEST=/sbin
MANDIR=/usr/share/man
#CC=cc -Wall -Wuninitialized -Wstrict-prototypes -Werror -O
CFLAGS=-g -I$(TOP)
#
# For Linux
#
CPUTYPE:=`uname -m | sed -e s/i.86/i386/ -e s/sun4u/sparc64/ -e s/arm.*/arm/ -e s/sa110/arm/`
ARCH:=$(shell uname -i)
OBJ=.
TOP=..
TOOL=$(TOP)/tools
CPU:=$(shell uname -i)
KREV:=$(shell uname -r)
MODEXT:=$(shell modprobe -l | head -n 1 | sed -e 's/.*\.\([^\.]*\)$$/\1/')
MODDIR=/lib/modules/$(KREV)
IPV4DIR=$(MODDIR)/kernel/net/ipv4/
CPUDIR=$(shell uname -s|sed -e 's@/@@g')-$(KREV)-$(ARCH)
HERE=Linux
#LEXLIB=-ll
DEST=$(OBJ)
DEBUG=-g
LINUXKERNEL=/usr/src/linux
LIBS=-L$(OBJ) -lipf $(LIBBPF)
INC=-nostdinc -I$(TOP) -I$(LINUXKERNEL)/include/
DEF=-D$(CPU) -D__$(CPU)__ -DINET -D__KERNEL__ -DCONFIG_NETFILTER -DMODULE
KCFLAGS=-Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -Wno-trigraphs \
-fno-strict-aliasing -fno-common -DLINUX=$(LINUX) -I/usr/src/linux/asm/${mcore}
IPDEF=$(DEF) -DGATEWAY -DDIRECTED_BROADCAST
IPFILC=ip_lfil.c
XCFLAGS=-DLINUX=$(LINUX) -I.. -I`pwd`/.. -I`pwd`/../.. $(LOOKUP) $(XID) $(IPFLOG) -O2
EXTRA_CFLAGS += $(XCFLAGS)
#
MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
'CFLAGS=$(CFLAGS)' "IPFLKM=$(IPFLKM)" \
"IPFLOG=$(IPFLOG)" "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" \
"DEBUG=$(DEBUG)" "DCPU=$(CPU)" "CPUDIR=$(CPUDIR)"
#
########## ########## ########## ########## ########## ########## ##########
#
CP=/bin/cp
RM=/bin/rm
CHMOD=/bin/chmod
INSTALL=install
INSTALL=$(TOP)/bsdinstall
LIBSRC=$(TOP)/lib
RANLIB=ranlib
AROPTS=crs
#
MODOBJS=$(OBJ)/linux.o $(OBJ)/ip_fil.o $(OBJ)/fil.o $(OBJ)/ip_nat.o \
$(OBJ)/ip_frag.o $(OBJ)/ip_scan.o $(OBJ)/ip_sync.o $(OBJ)/ip_nat6.o \
$(OBJ)/ip_state.o $(OBJ)/ip_proxy.o $(OBJ)/ip_auth.o \
$(OBJ)/ip_lookup.o $(OBJ)/ip_pool.o $(OBJ)/ip_htable.o \
$(OBJ)/ip_dstlist.o $(OBJ)/ip_log.o $(OBJ)/radix_ipf.o $(OBJ)/md5.o
KCCARGS=$(KCFLAGS) -D_BSD_SOURCE=1 $(IPFLKM) $(DEF) $(DLKM) -march=$(ARCH) \
$(INC) -iwithprefix include -I. $(LOOKUP) $(XID) $(IPFLOG)
IPF=$(OBJ)/ipf.o $(OBJ)/ipfcomp.o $(OBJ)/ipf_y.o $(OBJ)/ipf_l.o
IPT=$(OBJ)/ipftest.o $(OBJ)/ip_fil_u.o $(OBJ)/ip_state_u.o \
$(OBJ)/ip_frag_u.o $(OBJ)/ip_nat_u.o $(OBJ)/fil_u.o $(OBJ)/ip_nat6_u.o \
$(OBJ)/ip_pool_u.o $(OBJ)/ip_htable_u.o $(OBJ)/ip_lookup_u.o \
$(OBJ)/ip_proxy_u.o $(OBJ)/ip_auth_u.o $(OBJ)/ip_log_u.o \
$(OBJ)/ippool_y.o $(OBJ)/ippool_l.o $(OBJ)/ipnat_y.o $(OBJ)/ipnat_l.o \
$(OBJ)/ipf_y.o $(OBJ)/ipf_l.o $(OBJ)/radix_ipf_u.o $(OBJ)/md5_u.o \
$(OBJ)/ip_dstlist_u.o $(OBJ)/ip_scan_u.o $(OBJ)/ip_sync_u.o
# $(OBJ)/ip_trafcon_u.o
IPNAT=$(OBJ)/ipnat.o $(OBJ)/ipnat_y.o $(OBJ)/ipnat_l.o
IPMON=$(OBJ)/ipmon.o $(OBJ)/ipmon_y.o $(OBJ)/ipmon_l.o
IPPOOL=$(OBJ)/ippool_y.o $(OBJ)/ippool_l.o $(OBJ)/kmem.o $(OBJ)/ippool.o
IPTRAFCON=$(OBJ)/iptrafcon.o
FILS=$(OBJ)/ipfstat.o
#
CCARGS=-I. -I$(CPUDIR) $(DEBUG) $(CFLAGS) $(LOOKUP) $(XID) $(IPFLOG) -DLINUX=$(LINUX)
EXTRA=-DIPFILTER_LOG -DIPFILTER_LOOKUP
include $(TOP)/lib/Makefile
$(OBJ):
@if [ ! -d $(OBJ) ] ; then \
mkdir $(OBJ) ; \
if [ $(LINUX) -ge 20600 ] ; then \
ln -s ../Makefile.kbuild $(OBJ)/Makefile ; \
fi ; \
ln -s ../Makefile.ipsend $(OBJ) ; \
fi
build all: $(OBJ) $(OBJ)/ipf $(OBJ)/ipfs $(OBJ)/ipfstat $(OBJ)/ipftest \
$(OBJ)/ipmon $(OBJ)/ipnat $(OBJ)/ippool
-sh -c 'for i in ipf ipftest ipmon ippool ipnat ipscan ipsyncm ipsyncs; do /bin/rm -f $(TOP)/$$i; ln -s `pwd`/$(OBJ)/$$i $(TOP); done'
ipflkm:
if [ $(LINUX) -lt 20499 ] ; then \
make $(OBJ)/ipfilter.o; \
else \
(cd $(OBJ); pwd; unset MAKEFLAGS; make -C "$(MODDIR)/build" SUBDIRS="`pwd`" TOP="../.." CPUDIR="$(CPUDIR)" EXTRA_CFLAGS="$(EXTRA_CFLAGS)" OBJ= modules); \
fi
$(OBJ)/ipfstat: $(FILS) $(OBJ)/libipf.a $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(TOP)/ip_frag.h $(TOP)/ip_compat.h $(TOP)/ip_state.h \
$(TOP)/ip_nat.h
-if [ ! -f /usr/lib/libelf.so ] ; then \
(cd /usr/lib; a=`echo libelf.so.*|head -n 1`; \
if [ "$$a" != "" ] ; then ln -s $$a libelf.so; fi) \
fi
$(CC) $(CCARGS) $(FILS) -o $@ -lelf $(LIBS) $(STATETOP_LIB)
$(OBJ)/ipf: $(IPF) $(OBJ)/libipf.a
$(CC) $(CCARGS) $(IPF) -o $@ $(LIBS) $(LEXLIB) $(LIBBPF)
$(OBJ)/ipftest: $(IPT) $(OBJ)/libipf.a
$(CC) $(CCARGS) $(IPT) -o $@ $(LIBS) $(LEXLIB) $(LIBBPF)
/bin/rm -f $(TOP)/ipftest
ln -s `pwd`/ipftest $(TOP)
$(OBJ)/ipnat: $(IPNAT) $(OBJ)/libipf.a
-if [ ! -f /usr/lib/libelf.so ] ; then \
(cd /usr/lib; a=`echo libelf.so.*|head -n 1`; \
if [ "$$a" != "" ] ; then ln -s $$a libelf.so; fi) \
fi
$(CC) $(CCARGS) $(IPNAT) -o $@ $(LIBS) -lelf $(LEXLIB)
$(OBJ)/ipfs: $(OBJ)/ipfs.o $(OBJ)/libipf.a
$(CC) $(CCARGS) $(OBJ)/ipfs.o -o $@ $(LIBS)
$(OBJ)/ipsyncm: ipsyncm.o $(OBJ)/libipf.a
$(CC) $(CCARGS) ipsyncm.o -o $@
$(OBJ)/ipsyncs: ipsyncs.o $(OBJ)/ibipf.a
$(CC) $(CCARGS) ipsyncs.o -o $@
tests:
(cd test; make )
$(OBJ)/ipfstat.o: $(TOOL)/ipfstat.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) $(STATETOP_CFLAGS) -c $(TOOL)/ipfstat.c -o $@
$(OBJ)/ipfs.o: $(TOOL)/ipfs.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_state.h \
$(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipfs.c -o $@
$(OBJ)/fil_u.o: $(TOP)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) $(IPFBPF) -c $(TOP)/fil.c -o $@
$(OBJ)/fil.o: fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h ipf-linux.h
$(CC) $(KCCARGS) $(POLICY) $(IPFBPF) -c fil.c -o $@
fil.c: $(TOP)/fil.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ipf.o: $(TOOL)/ipf.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipf.c -o $@
$(OBJ)/ipfcomp.o: $(TOOL)/ipfcomp.c $(TOP)/ip_fil.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipfcomp.c -o $@
$(OBJ)/ipf_y.o: $(OBJ)/ipf_y.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(OBJ)/ipf_y.h $(OBJ)/ipf_l.h
$(CC) $(CCARGS) $(IPFBPF) -c $(OBJ)/ipf_y.c -o $@
$(OBJ)/ipf_l.o: $(OBJ)/ipf_l.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(OBJ)/ipf_y.h \
$(OBJ)/ipf_l.h
$(CC) $(CCARGS) -I. -I$(TOP)/tools -c $(OBJ)/ipf_l.c -o $@
$(OBJ)/ipf_y.h $(OBJ)/ipf_y.c: $(TOOL)/ipf_y.y $(TOP)/ipf.h $(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
mv $(OBJ)/ipf_y.c $(OBJ)/ipf_y.c.NP
sed -e 's/int ipf_yygrowstack();/int ipf_yygrowstack(void);/' \
$(OBJ)/ipf_y.c.NP > $(OBJ)/ipf_y.c
$(OBJ)/ipf_l.c: $(TOOL)/lexer.c $(TOP)/ipf.h $(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
$(OBJ)/ipf_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
$(OBJ)/ippool_y.o: $(OBJ)/ippool_y.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(OBJ)/ippool_y.h $(OBJ)/ippool_l.h
$(CC) $(CCARGS) -c $(OBJ)/ippool_y.c -o $@
$(OBJ)/ippool_l.o: $(OBJ)/ippool_l.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(OBJ)/ippool_y.h $(OBJ)/ippool_l.h
$(CC) $(CCARGS) -I. -I$(TOP)/tools -c $(OBJ)/ippool_l.c -o $@
$(OBJ)/ippool_y.h $(OBJ)/ippool_y.c: $(TOOL)/ippool_y.y $(TOP)/ipf.h \
$(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
mv $(OBJ)/ippool_y.c $(OBJ)/ippool_y.c.NP
sed -e 's/int ippool_yygrowstack();/int ippool_yygrowstack(void);/' \
$(OBJ)/ippool_y.c.NP > $(OBJ)/ippool_y.c
$(OBJ)/ippool_l.c: $(TOOL)/lexer.c $(TOP)/ipf.h $(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
$(OBJ)/ippool_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
$(OBJ)/ippool.o: $(TOOL)/ippool.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_pool.h
$(CC) $(CCARGS) -c $(TOOL)/ippool.c -o $@
$(OBJ)/ippool: $(IPPOOL) $(OBJ)/libipf.a
$(CC) $(CCARGS) $(IPPOOL) -o $@ $(LIBS) -lelf $(LEXLIB)
$(OBJ)/ipnat_y.o: $(OBJ)/ipnat_y.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(OBJ)/ipnat_y.h $(OBJ)/ipnat_l.h
$(CC) $(CCARGS) -c $(OBJ)/ipnat_y.c -o $@
$(OBJ)/ipnat_l.o: $(OBJ)/ipnat_l.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(OBJ)/ipnat_y.h $(OBJ)/ipnat_l.h
$(CC) $(CCARGS) -I. -I$(TOP)/tools -c $(OBJ)/ipnat_l.c -o $@
$(OBJ)/ipnat_y.h $(OBJ)/ipnat_y.c: $(TOOL)/ipnat_y.y $(TOP)/ipf.h \
$(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
mv $(OBJ)/ipnat_y.c $(OBJ)/ipnat_y.c.NP
sed -e 's/int ipnat_yygrowstack();/int ipnat_yygrowstack(void);/' \
$(OBJ)/ipnat_y.c.NP > $(OBJ)/ipnat_y.c
$(OBJ)/ipnat_l.c: $(TOOL)/lexer.c $(TOP)/ipf.h $(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
$(OBJ)/ipnat_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
$(OBJ)/ipftest.o: $(TOOL)/ipftest.c $(TOP)/ip_fil.h $(TOP)/ipt.h $(TOP)/ipf.h
$(CC) $(CCARGS) -c $(TOOL)/ipftest.c -o $@
$(OBJ)/ipnat.o: $(TOOL)/ipnat.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOOL)/ipnat.c -o $@
$(OBJ)/md5_u.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/md5.c -o $@
$(OBJ)/radix_ipf_u.o: $(TOP)/radix_ipf.c $(TOP)/radix_ipf.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/radix_ipf.c -o $@
$(OBJ)/ip_nat_u.o: $(TOP)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_nat.c -o $@
$(OBJ)/ip_nat6_u.o: $(TOP)/ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_nat6.c -o $@
$(OBJ)/ip_proxy_u.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_proxy.c -o $@
$(OBJ)/ip_frag_u.o: $(TOP)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_frag.c -o $@
$(OBJ)/ip_scan_u.o: $(TOP)/ip_scan.c $(TOP)/ip_scan.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_scan.c -o $@
$(OBJ)/ip_sync_u.o: $(TOP)/ip_sync.c $(TOP)/ip_sync.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_sync.c -o $@
$(OBJ)/ip_state_u.o: $(TOP)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_nat.h
$(CC) $(CCARGS) -c $(TOP)/ip_state.c -o $@
$(OBJ)/ip_auth_u.o: $(TOP)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_auth.c -o $@
$(OBJ)/ip_pool_u.o: $(TOP)/ip_pool.c $(TOP)/ip_pool.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_pool.c -o $@
$(OBJ)/ip_htable_u.o: $(TOP)/ip_htable.c $(TOP)/ip_htable.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_htable.c -o $@
$(OBJ)/ip_dstlist_u.o: $(TOP)/ip_dstlist.c $(TOP)/ip_dstlist.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_dstlist.c -o $@
$(OBJ)/ip_lookup_u.o: $(TOP)/ip_lookup.c $(TOP)/ip_lookup.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h
$(CC) $(CCARGS) -c $(TOP)/ip_lookup.c -o $@
$(OBJ)/ip_fil_u.o: $(TOP)/ip_fil.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) -c $(TOP)/ip_fil.c -o $@
$(OBJ)/ip_log_u.o: $(TOP)/ip_log.c $(TOP)/ip_fil.h $(TOP)/ip_compat.h
$(CC) $(CCARGS) -c $(TOP)/ip_log.c -o $@
$(OBJ)/ipfilter.o: $(MODOBJS)
ld -r $(MODOBJS) -o $(OBJ)/ipfilter.o
${RM} -f $(OBJ)/ipfilter
$(OBJ)/ip_nat.o: ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_nat.c -o $@
$(OBJ)/ip_nat6.o: ip_nat6.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_nat6.c -o $@
ip_nat.c: $(TOP)/ip_nat.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_frag.o: ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_frag.c -o $@
ip_frag.c: $(TOP)/ip_frag.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_state.o: ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_nat.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_state.c -o $@
ip_state.c: $(TOP)/ip_state.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_proxy.o: ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_proxy.c -o $@
ip_proxy.c: $(TOP)/ip_proxy.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_auth.o: ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_auth.c -o $@
ip_auth.c: $(TOP)/ip_auth.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_lookup.o: ip_lookup.c $(TOP)/ip_lookup.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_lookup.c -o $@
ip_lookup.c: $(TOP)/ip_lookup.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_htable.o: ip_htable.c $(TOP)/ip_htable.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_htable.c -o $@
ip_htable.c: $(TOP)/ip_htable.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_dstlist.o: ip_dstlist.c $(TOP)/ip_dstlist.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_dstlist.c -o $@
ip_dstlist.c: $(TOP)/ip_dstlist.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_pool.o: ip_pool.c $(TOP)/ip_pool.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_pool.c -o $@
ip_pool.c: $(TOP)/ip_pool.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_scan.o: ip_scan.c $(TOP)/ip_scan.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_scan.c -o $@
ip_scan.c: $(TOP)/ip_scan.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_sync.o: ip_sync.c $(TOP)/ip_sync.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_sync.c -o $@
ip_sync.c: $(TOP)/ip_sync.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/ip_log.o: ip_log.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h ipf-linux.h
$(CC) $(KCCARGS) -c ip_log.c -o $@
ip_log.c: $(TOP)/ip_log.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
$(OBJ)/radix_ipf.o: radix_ipf.c $(TOP)/radix_ipf.h ipf-linux.h
$(CC) $(KCCARGS) -c radix_ipf.c -o $@
$(OBJ)/md5.o: $(TOP)/md5.c $(TOP)/md5.h
$(CC) $(KCCARGS) -c $(TOP)/md5.c -o $@
radix_ipf.c: $(TOP)/radix_ipf.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_rules.c: $(TOP)/rules/ip_rules $(TOP)/tools/ipfcomp.o $(OBJ)/ipf
$(OBJ)/ipf -cc -nf $(TOP)/rules/ip_rules
$(TOP)/ip_rules.h: ip_rules.c
if [ ! -f $(TOP)/ip_rules.h ] ; then \
/bin/mv -f ip_rules.h $(TOP); \
else \
touch $(TOP)/ip_rules.h; \
fi
$(OBJ)/linux.o: $(TOP)/linux.c $(TOP)/radix_ipf.h ipf-linux.h
$(CC) $(KCCARGS) -DMODVERSIONS -D__GENKSYMS__ -DEXPORT_SYMTAB -c $(TOP)/linux.c -o $@
$(OBJ)/ip_fil.o: $(TOP)/ip_fil_linux.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
ipf-linux.h
$(CC) $(KCCARGS) -c $(TOP)/ip_fil_linux.c -o $@
$(OBJ)/ipmon: $(IPMON) $(OBJ)/libipf.a
$(CC) $(CCARGS) $(IPMON) -o $@ $(LIBS) $(LEXLIB) -ldl
$(OBJ)/ipmon.o: $(TOOL)/ipmon.c $(TOP)/ipmon.h
$(CC) $(CCARGS) $(LOGFAC) -c $(TOOL)/ipmon.c -o $@
$(OBJ)/ipmon_y.o: $(OBJ)/ipmon_y.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(OBJ)/ipmon_y.h $(OBJ)/ipmon_l.h
$(CC) $(CCARGS) -c $(OBJ)/ipmon_y.c -o $@
$(OBJ)/ipmon_l.o: $(OBJ)/ipmon_l.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(OBJ)/ipmon_y.h $(OBJ)/ipmon_l.h
$(CC) $(CCARGS) -I. -I$(TOP)/tools -c $(OBJ)/ipmon_l.c -o $@
$(OBJ)/ipmon_y.h $(OBJ)/ipmon_y.c: $(TOOL)/ipmon_y.y $(TOP)/ipf.h \
$(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
mv $(OBJ)/ipmon_y.c $(OBJ)/ipmon_y.c.NP
sed -e 's/int ipmon_yygrowstack();/int ipmon_yygrowstack(void);/' \
$(OBJ)/ipmon_y.c.NP > $(OBJ)/ipmon_y.c
$(OBJ)/ipmon_l.c: $(TOOL)/lexer.c $(TOP)/ipf.h $(TOP)/ip_fil.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
$(OBJ)/ipmon_l.h: $(TOOL)/lexer.h
(cd $(TOOL); make "DEST=../$(HERE)/$(OBJ)" ../$(HERE)/$@)
clean:
${RM} -f $(TOP)/ipf $(TOP)/ipnat $(TOP)/ipmon $(TOP)/ippool
${RM} -f $(TOP)/ipftest $(TOP)/ipscan $(TOP)/ipsyncm $(TOP)/ipsyncs
${RM} -f *.core *.o ipt fils ipf ipfstat ipftest ipmon ippool ipnat \
ipfilter.o
${RM} -f fil.c ip_auth.c ip_frag.c ip_htable.c ip_lookup.c ip_log.c
${RM} -f ip_lookup.c ip_nat.c ip_pool.c ip_proxy.c ip_scan.c
${RM} -f ip_state.c ip_sync.c radix_ipf.c ip_rules.c ip_rules.h
${MAKE} -f Makefile.ipsend ${MFLAGS} clean
-(for i in Linux*; do \
if [ -d $${i} ] ; then \
/bin/rm -rf $${i}; \
fi \
done)
install: $(CPUDIR)/$(SPECFILE) $(CPUDIR)/ipfilter
mkdir -p $(ROOTDIR) $(ROOTDIR)/usr/include/netinet
mkdir -p $(ROOTDIR)$(SBINDEST) $(ROOTDIR)$(BINDEST)
mkdir -p $(ROOTDIR)$(IPV4DIR)
mkdir -p $(ROOTDIR)/etc/init.d
mkdir -p $(ROOTDIR)/etc/sysconfig
mkdir -p $(ROOTDIR)$(MANDIR)/man1
mkdir -p $(ROOTDIR)$(MANDIR)/man4
mkdir -p $(ROOTDIR)$(MANDIR)/man5
mkdir -p $(ROOTDIR)$(MANDIR)/man8
mkdir -p $(ROOTDIR)/usr/share/ipfilter/examples
touch $(ROOTDIR)/etc/sysconfig/ipfilter
for i in fil nat compat state sync scan frag auth lookup pool htable proxy; do \
$(CP) $(TOP)/ip_$$i.h $(ROOTDIR)/usr/include/netinet/ip_$$i.h; \
$(CHMOD) 444 $(ROOTDIR)/usr/include/netinet/ip_$$i.h; \
done
$(CP) $(TOP)/ipl.h $(ROOTDIR)/usr/include/netinet/ipl.h
-if [ -d $(IPV4DIR) ] ; then \
if [ -f $(CPUDIR)/ipfilter.$(MODEXT) ] ; then \
cp $(CPUDIR)/ipfilter.$(MODEXT) $(ROOTDIR)$(IPV4DIR)/ipfilter.$(MODEXT); \
else \
cp $(CPUDIR)/ipfilter.o $(ROOTDIR)$(IPV4DIR)/ipfilter.$(MODEXT); \
fi \
fi
(for i in ipfstat ipf ipnat ippool ipfs; do \
(cd $(CPUDIR); ../$(INSTALL) -c -s -g wheel -m 755 -o root $$i $(ROOTDIR)$(SBINDEST)); \
done;)
(for i in ipmon ipftest; do \
(cd $(CPUDIR); ../$(INSTALL) -c -s -g wheel -m 755 -o root $$i $(ROOTDIR)$(BINDEST)); \
done;)
(cd $(CPUDIR); ../$(INSTALL) -c -g wheel -m 755 -o root ipfilter $(ROOTDIR)/etc/init.d)
(cd $(TOP)/man; make INSTALL=../bsdinstall MANDIR=$(ROOTDIR)$(MANDIR) install; cd $(TOP))
for i in BASIC_1.FW BASIC_2.FW BASIC.NAT example.1 example.2 \
example.3 example.4 example.5 example.6 example.7 \
example.8 example.9 example.10 example.11 example.12 \
example.13 example.sr firewall ftp-proxy ftppxy ipmon.conf \
ip_rules nat.eg nat-setup pool.conf server tcpstate; do \
$(CP) $(TOP)/rules/$$i $(ROOTDIR)/usr/share/ipfilter/examples; \
$(CHMOD) 444 $(ROOTDIR)/usr/share/ipfilter/examples/$$i; \
chown root:root $(ROOTDIR)/usr/share/ipfilter/examples/$$i; \
done
rpmbuild -bb $(CPUDIR)/$(SPECFILE)
rpm -i ipfilter
$(CPUDIR)/$(SPECFILE): $(SPECFILE).dist
sed -e "s/KERNELBUILD/$(KREV)/" \
-e "s/MODEXT/$(MODEXT)/" \
-e "s/TURNONIPFILTER/`./howchkconfig`/" \
$< > $@
$(CPUDIR)/ipfilter:
./mkinit `pwd`/$(CPUDIR)

79
Linux/Makefile.ipsend Normal file
View File

@ -0,0 +1,79 @@
OBJS=ipsend.o ip.o ipsopt.o iplang_y.o iplang_l.o
IPFTO=ipft_ef.o ipft_hx.o ipft_pc.o ipft_sn.o ipft_td.o ipft_tx.o
ROBJS=ipresend.o ip.o resend.o $(IPFTO) opt.o
TOBJS=iptest.o iptests.o ip.o
UNIXOBJS=lsock.o slinux.o larp.o
INC=-I/usr/include -I/usr/src/linux/include
CC=cc
#-Wuninitialized -Wstrict-prototypes -O
CFLAGS=-g -I$(TOP)
#
MFLAGS="BINDEST=$(BINDEST)" "SBINDEST=$(SBINDEST)" "MANDIR=$(MANDIR)" \
'CFLAGS=$(CFLAGS) $(SOLARIS2)' "IPFLKM=$(IPFLKM)" \
"IPFLOG=$(IPFLOG)" "LOGFAC=$(LOGFAC)" "POLICY=$(POLICY)" \
"SOLARIS2=$(SOLARIS2)" "DEBUG=$(DEBUG)" "DCPU=$(CPU)" \
"CPUDIR=$(CPUDIR)"
#
all build bsd-bpf : ipsend ipresend iptest
iplang_y.o: $(TOP)/iplang/iplang_y.y
(cd $(TOP)/iplang; $(MAKE) ../Linux/$(CPUDIR)/iplang_y.o $(MFLAGS) "LINUX=$(INC) $(LINUXK)" 'DESTDIR=../Linux/$(CPUDIR)' )
iplang_l.o: $(TOP)/iplang/iplang_l.l
(cd $(TOP)/iplang; $(MAKE) ../Linux/$(CPUDIR)/iplang_l.o $(MFLAGS) "LINUX=$(INC) $(LINUXK)" 'DESTDIR=../Linux/$(CPUDIR)' )
.c.o:
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $< -o $@
ipsend: $(OBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(OBJS) $(UNIXOBJS) -o $@ $(LIBS) -lfl -lelf
ipresend: $(ROBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(ROBJS) $(UNIXOBJS) -o $@ $(LIBS) -lfl -lelf
iptest: $(TOBJS) $(UNIXOBJS)
$(CC) $(DEBUG) $(TOBJS) $(UNIXOBJS) -o $@ $(LIBS) -lfl -lelf
clean:
rm -rf $(TOBJS) $(OBJS) $(ROBJS) $(UNIXOBJS) core a.out ipsend ipresend iptest
ipsend.o: $(TOP)/ipsend/ipsend.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/ipsend.c -o $@
ipsopt.o: $(TOP)/ipsend/ipsopt.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/ipsopt.c -o $@
ipresend.o: $(TOP)/ipsend/ipresend.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/ipresend.c -o $@
ip.o: $(TOP)/ipsend/ip.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/ip.c -o $@
resend.o: $(TOP)/ipsend/resend.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/resend.c -o $@
ipft_sn.o: $(TOP)/ipft_sn.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipft_sn.c -o $@
ipft_pc.o: $(TOP)/ipft_pc.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipft_pc.c -o $@
iptest.o: $(TOP)/ipsend/iptest.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/iptest.c -o $@
iptests.o: $(TOP)/ipsend/iptests.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/iptests.c -o $@
lsock.o: $(TOP)/ipsend/lsock.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/lsock.c -o $@
slinux.o: $(TOP)/ipsend/slinux.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/slinux.c -o $@
larp.o: $(TOP)/ipsend/larp.c
$(CC) $(DEBUG) $(CFLAGS) $(INC) $(LINUXK) -c $(TOP)/ipsend/larp.c -o $@
install:
-$(INSTALL) -cs -g wheel -m 755 -o root ipsend ipresend iptest $(BINDEST)

198
Linux/Makefile.kbuild Normal file
View File

@ -0,0 +1,198 @@
#
# Copyright (C) 2012 by Darren Reed.
#
# See the IPFILTER.LICENCE file for details on licencing.
#
CONFIG_IPFILTER=m
#
# For Linux
#
CPUTYPE:=$(shell uname -m | sed -e 's/i.86/i386/' -e 's/sun4u/sparc64/' -e 's/arm.*/arm/' -e 's/sa110/arm/')
ARCH:=$(shell uname -m | sed -e 's/i.86/i386/')
OBJ=.
TOP=../..
CPU:=$(shell uname -i)
KREV:=$(shell uname -r)
MODDIR=/lib/modules/$(KREV)
IPV4DIR=$(MODDIR)/kernel/net/ipv4/
CPUDIR=
DEBUG=-g
#
########## ########## ########## ########## ########## ########## ##########
#
#
MODOBJS=$(OBJ)/linuxm.o $(OBJ)/ip_film.o $(OBJ)/fil.o $(OBJ)/ip_nat.o \
$(OBJ)/ip_frag.o $(OBJ)/ip_scan.o $(OBJ)/ip_sync.o \
$(OBJ)/ip_state.o $(OBJ)/ip_proxy.o $(OBJ)/ip_auth.o \
$(OBJ)/ip_lookup.o $(OBJ)/ip_pool.o $(OBJ)/ip_htable.o \
$(OBJ)/ip_dstlist.o $(OBJ)/ip_log.o $(OBJ)/radix.o $(OBJ)/md5.o
obj-$(CONFIG_IPFILTER) += ipfilter.o
ipfilter-objs =$(MODOBJS)
all: ipflkm
ipflkm:
if [ $(LINUX) -lt 20499 ] ; then \
make $(OBJ)/ipfilter.o ; \
else \
make $(OBJ)/ipflkm.o ; \
fi
$(OBJ)/ipfilter.o: $(MODOBJS)
ld -r $(MODOBJS) -o $(OBJ)/ipfilter.o
${RM} -f $(OBJ)/ipfilter
fil.c $(obj)//fil.c: $(TOP)/fil.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_nat.c $(obj)//ip_nat.c: $(TOP)/ip_nat.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_frag.c $(obj)//ip_frag.c: $(TOP)/ip_frag.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_state.c $(obj)//ip_state.c: $(TOP)/ip_state.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_proxy.c $(obj)//ip_proxy.c: $(TOP)/ip_proxy.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_auth.c $(obj)//ip_auth.c: $(TOP)/ip_auth.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_lookup.c $(obj)//ip_lookup.c: $(TOP)/ip_lookup.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_htable.c $(obj)//ip_htable.c: $(TOP)/ip_htable.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_dstlist.c $(obj)//ip_dstlist.c: $(TOP)/ip_dstlist.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_pool.c $(obj)//ip_pool.c: $(TOP)/ip_pool.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_scan.c $(obj)//ip_scan.c: $(TOP)/ip_scan.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_sync.c $(obj)//ip_sync.c: $(TOP)/ip_sync.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_log.c $(obj)//ip_log.c: $(TOP)/ip_log.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
radix.c $(obj)//radix.c: $(TOP)/radix.c Makefile
sed -e '/^#/,$$d' $< > $@
echo '#include "ipf-linux.h"' >> $@
sed -ne '/END OF INCLUDES/,$$p' $< >> $@
ip_rules.c: $(TOP)/rules/ip_rules $(TOP)/tools/ipfcomp.o $(OBJ)/ipf
$(OBJ)/ipf -cc -nf $(TOP)/rules/ip_rules
md5.c $(obj)//md5.c: $(TOP)/md5.c Makefile
/bin/rm -f md5.c
cp $< $(obj)//md5.c
$(TOP)/ip_rules.h: ip_rules.c
if [ ! -f $(TOP)/ip_rules.h ] ; then \
/bin/mv -f ip_rules.h $(TOP); \
else \
touch $(TOP)/ip_rules.h; \
fi
$(OBJ)/ip_log.o: ip_log.c $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(obj)/../ipf-linux.h
$(obj)//linuxm.o: $(obj)/linuxm.c
$(obj)//fil.o: $(obj)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h $(TOP)/ip_compat.h \
$(obj)/../ipf-linux.h
$(obj)//ip_auth.o: $(obj)/ip_auth.c $(TOP)/ip_auth.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_film.o: $(obj)/ip_film.c
$(obj)//ip_frag.o: $(obj)/ip_frag.c $(TOP)/ip_frag.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_htable.o: $(obj)/ip_htable.c $(TOP)/ip_htable.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_dstlist.o: $(obj)/ip_dstlist.c $(TOP)/ip_dstlist.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_lookup.o: $(obj)/ip_lookup.c $(TOP)/ip_lookup.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_nat.o: $(obj)/ip_nat.c $(TOP)/ip_nat.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_pool.o: $(obj)/ip_pool.c $(TOP)/ip_pool.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_proxy.o: $(obj)/ip_proxy.c $(TOP)/ip_proxy.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_scan.o: $(obj)/ip_scan.c $(TOP)/ip_scan.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//ip_state.o: $(obj)/ip_state.c $(TOP)/ip_state.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(TOP)/ip_nat.h $(obj)/../ipf-linux.h
$(obj)//ip_sync.o: $(obj)/ip_sync.c $(TOP)/ip_sync.h $(TOP)/ip_compat.h \
$(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)//radix.o: $(obj)/radix.c $(TOP)/radix_ipf.h $(obj)/../ipf-linux.h
$(obj)//md5.o: md5.c $(TOP)/md5.h
$(obj)/$(CPUDIR)/linux.o: $(obj)/$(CPUDIR)/linux.c
$(obj)/$(CPUDIR)/fil.o: $(obj)/$(CPUDIR)/fil.c $(TOP)/ip_fil.h $(TOP)/ipf.h \
$(TOP)/ip_compat.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_auth.o: $(obj)/$(CPUDIR)/ip_auth.c $(TOP)/ip_auth.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_film.o: $(obj)/$(CPUDIR)/ip_film.c
$(obj)/$(CPUDIR)/ip_frag.o: $(obj)/$(CPUDIR)/ip_frag.c $(TOP)/ip_frag.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_htable.o: $(obj)/$(CPUDIR)/ip_htable.c $(TOP)/ip_htable.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_dstlist.o: $(obj)/$(CPUDIR)/ip_dstlist.c \
$(TOP)/ip_dstlist.h $(TOP)/ip_compat.h $(TOP)/ip_fil.h \
$(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_lookup.o: $(obj)/$(CPUDIR)/ip_lookup.c $(TOP)/ip_lookup.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_nat.o: $(obj)/$(CPUDIR)/ip_nat.c $(TOP)/ip_nat.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_pool.o: $(obj)/$(CPUDIR)/ip_pool.c $(TOP)/ip_pool.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_proxy.o: $(obj)/$(CPUDIR)/ip_proxy.c $(TOP)/ip_proxy.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_scan.o: $(obj)/$(CPUDIR)/ip_scan.c $(TOP)/ip_scan.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_state.o: $(obj)/$(CPUDIR)/ip_state.c $(TOP)/ip_state.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ip_nat.h \
$(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/ip_sync.o: $(obj)/$(CPUDIR)/ip_sync.c $(TOP)/ip_sync.h \
$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(obj)/../ipf-linux.h
$(obj)/$(CPUDIR)/radix.o: $(obj)/$(CPUDIR)/radix.c $(TOP)/radix_ipf.h \
ipf-linux.h
$(obj)/$(CPUDIR)/md5.o: md5.c $(TOP)/md5.h
$(obj)/$(CPUDIR)/linuxm.c $(obj)//linuxm.c: $(TOP)/linux.c
@if [ ! -h $@ ] ; then ln -s $< $@; fi
$(obj)/$(CPUDIR)/ip_film.c $(obj)//ip_film.c: $(TOP)/ip_fil_linux.c
@if [ ! -h $@ ] ; then ln -s $< $@; fi

5
Linux/Tips_SuSE91.txt Normal file
View File

@ -0,0 +1,5 @@
cd /usr/src/linux
make mrproper
cp /boot/config-* .config
make oldconfig
make prepare-all

8
Linux/howchkconfig Executable file
View File

@ -0,0 +1,8 @@
#!/bin/sh
level=`/sbin/chkconfig --help 2>& 1 | grep level`
if [ "$level" = "" ] ; then
echo '-s ipfilter 2345'
else
echo '--level 2345 ipfilter on'
fi
exit 0

8
Linux/initscript Normal file
View File

@ -0,0 +1,8 @@
#!/bin/sh
if [ -f /etc/SuSE-release ] ; then
echo ipfilter-suse
fi
if [ -f /etc/redhat-release ] ; then
echo ipfilter-redhat
fi
exit 0

187
Linux/ipf-linux.h Normal file
View File

@ -0,0 +1,187 @@
#ifndef __IPF_LINUX_H__
#define __IPF_LINUX_H__
#include <linux/version.h>
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,18)
# include <linux/autoconf.h>
# include <linux/poll.h>
#else
# include <linux/config.h>
#endif
#ifndef CONFIG_NETFILTER
# define CONFIG_NETFILTER
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
# define __irq_h 1 /* stop it being included! */
# include <linux/mtd/compatmac.h>
#else
# include <linux/compatmac.h>
# include <linux/version.h>
#endif
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/types.h>
#include <linux/time.h>
#include <linux/string.h>
#include <linux/slab.h>
#include <linux/socket.h>
#include <linux/netdevice.h>
#include <linux/inetdevice.h>
#include <linux/skbuff.h>
#include <linux/in.h>
#include <linux/ip.h>
#include <net/ip.h> /* IP_DF */
#include <linux/icmp.h>
#include <linux/rtnetlink.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter_ipv6.h>
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
# include <asm/ioctls.h>
#else
# define ipftcphdr tcphdr
# define ipfudphdr udphdr
#endif
struct ipftcphdr {
__u16 th_sport;
__u16 th_dport;
__u32 th_seq;
__u32 th_ack;
# if defined(__i386__) || defined(__MIPSEL__) || defined(__alpha__) ||\
defined(__vax__) || defined(__x86_64__)
__u8 th_res:4;
__u8 th_off:4;
#else
__u8 th_off:4;
__u8 th_res:4;
#endif
__u8 th_flags;
__u16 th_win;
__u16 th_sum;
__u16 th_urp;
};
typedef __u32 tcp_seq;
struct ipfudphdr {
__u16 uh_sport;
__u16 uh_dport;
__u16 uh_ulen;
__u16 uh_sum;
};
struct ip {
# if defined(__i386__) || defined(__MIPSEL__) || defined(__alpha__) ||\
defined(__vax__)
__u8 ip_hl:4;
__u8 ip_v:4;
# else
__u8 ip_v:4;
__u8 ip_hl:4;
# endif
__u8 ip_tos;
__u16 ip_len;
__u16 ip_id;
__u16 ip_off;
__u8 ip_ttl;
__u8 ip_p;
__u16 ip_sum;
struct in_addr ip_src;
struct in_addr ip_dst;
};
/*
* Structure of an icmp header.
*/
struct icmp {
__u8 icmp_type; /* type of message, see below */
__u8 icmp_code; /* type sub code */
__u16 icmp_cksum; /* ones complement cksum of struct */
union {
__u8 ih_pptr; /* ICMP_PARAMPROB */
struct in_addr ih_gwaddr; /* ICMP_REDIRECT */
struct ih_idseq {
__u16 icd_id;
__u16 icd_seq;
} ih_idseq;
__u32 ih_void;
struct ih_pmtu {
__u16 ipm_void;
__u16 ipm_nextmtu;
} ih_pmtu;
} icmp_hun;
# define icmp_pptr icmp_hun.ih_pptr
# define icmp_gwaddr icmp_hun.ih_gwaddr
# define icmp_id icmp_hun.ih_idseq.icd_id
# define icmp_seq icmp_hun.ih_idseq.icd_seq
# define icmp_void icmp_hun.ih_void
# define icmp_nextmtu icmp_hun.ih_pmtu.ipm_nextmtu
union {
struct id_ts {
__u32 its_otime;
__u32 its_rtime;
__u32 its_ttime;
} id_ts;
struct id_ip {
struct ip idi_ip;
/* options and then 64 bits of data */
} id_ip;
u_long id_mask;
char id_data[1];
} icmp_dun;
# define icmp_otime icmp_dun.id_ts.its_otime
# define icmp_rtime icmp_dun.id_ts.its_rtime
# define icmp_ttime icmp_dun.id_ts.its_ttime
# define icmp_ip icmp_dun.id_ip.idi_ip
# define icmp_mask icmp_dun.id_mask
# define icmp_data icmp_dun.id_data
};
# ifndef LINUX_IPOVLY
# define LINUX_IPOVLY
struct ipovly {
caddr_t ih_next, ih_prev; /* for protocol sequence q's */
u_char ih_x1; /* (unused) */
u_char ih_pr; /* protocol */
short ih_len; /* protocol length */
struct in_addr ih_src; /* source internet address */
struct in_addr ih_dst; /* destination internet address */
};
# endif
struct ether_header {
__u8 ether_dhost[6];
__u8 ether_shost[6];
__u16 ether_type;
};
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
typedef struct ipftcphdr tcphdr_t;
typedef struct ipfudphdr udphdr_t;
#endif
#include "ip_compat.h"
#include "ip_fil.h"
#include "ip_auth.h"
#include "ip_state.h"
#include "ip_nat.h"
#include "ip_proxy.h"
#include "ip_sync.h"
#include "ip_frag.h"
#include "ip_lookup.h"
#include "ip_dstlist.h"
#include "ip_pool.h"
#include "ip_htable.h"
#ifdef IPFILTER_SYNC
# include "netinet/ip_sync.h"
#endif
#ifdef IPFILTER_SCAN
# include "netinet/ip_scan.h"
#endif
#ifdef IPFILTER_COMPILED
# include "netinet/ip_rules.h"
#endif
#include "ipl.h"
#endif /* __IPF_LINUX_H__ */

0
test/input/input.sed → Linux/ipfilter Normal file → Executable file
View File

108
Linux/ipfilter-redhat Executable file
View File

@ -0,0 +1,108 @@
#!/bin/sh
#
# chkconfig: 2345 26 74
# description: ipfilter
# processname: ipfilter
# config: /etc/sysconfig/ipfilter
CONFIG=/etc/sysconfig/ipfilter
LOGPRI=user.info
IPFCONF=/etc/ipf.conf
IPNATCONF=/etc/ipnat.conf
IPPOOLCONF=/etc/ippool.conf
# Source function library.
. /etc/init.d/functions
if [ ! -f /etc/ipf.conf -a ! -f /etc/ipnat.conf ] ; then
exit 0
fi
RETVAL=0
logit() {
if [ $1 -ne 0 ] ; then
logger -t $2 -p $LOGPRI "$3"
fi
}
start() {
modprobe ipfilter
echo -n $"Starting IPFilter: "
minor=0
ipfdev=`awk ' /ipf/ { print $1; } ' /proc/devices`
for i in ipl ipnat ipstate ipauth ipsync ipscan iplookup; do
/bin/rm -f /dev/$i
mknod /dev/$i c $ipfdev $minor
minor=`expr $minor + 1`
done
msg=`/sbin/ipf -E 2>&1`
RETVAL=$?
logit $RETVAL ipf "$msg"
if [ $RETVAL -eq 0 -a -f $IPFCONF ] ; then
msg=`/sbin/ipf -f $IPFCONF 2>&1`
RETVAL=$?
logit $RETVAL ipf "$msg"
fi
if [ $RETVAL -eq 0 -a -f $IPNATCONF ] ; then
msg=`/sbin/ipnat -f $IPNATCONF 2>&1`
RETVAL=$?
logit $RETVAL ipnat "$msg"
fi
if [ $RETVAL -eq 0 -a -f $IPPOOLCONF ] ; then
msg=`/sbin/ippool -f $IPPOOLCONF 2>&1`
RETVAL=$?
logit $RETVAL ippool "$msg"
fi
if [ $RETVAL -eq 0 ] ; then
/usr/bin/ipmon -Das
RETVAL=$?
fi
if [ $RETVAL -eq 0 ] ; then
echo_success
else
echo_failure
fi
echo
return $RETVAL
}
stop() {
echo -n $"Shutting down IPFilter: "
killproc ipmon
RETVAL=$?
[ $RETVAL -eq 0 ] && /sbin/ipf -D && /sbin/modprobe -r ipfilter 2>&1 >/dev/null
echo
return $RETVAL
}
dostatus() {
status ipmon
RETVAL=$?
}
restart() {
stop
start
RETVAL=$?
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
dostatus
;;
restart|reload)
restart
;;
*)
echo "Usage: ipfilter {start|stop|status|restart|reload}"
RETVAL=1
esac
exit $?

106
Linux/ipfilter-suse Executable file
View File

@ -0,0 +1,106 @@
#!/bin/sh
#
# chkconfig: 2345 26 74
# description: ipfilter
# processname: ipfilter
# config: /etc/sysconfig/ipfilter
CONFIG=/etc/sysconfig/ipfilter
LOGPRI=user.info
IPFCONF=/etc/ipf.conf
IPNATCONF=/etc/ipnat.conf
IPPOOLCONF=/etc/ippool.conf
# Source function library.
. /etc/rc.status
if [ ! -f /etc/ipf.conf -a ! -f /etc/ipnat.conf ] ; then
exit 0
fi
rc_reset
rc=0
logit() {
if [ $1 -ne 0 ] ; then
logger -t $2 -p $LOGPRI "$3"
fi
}
start() {
modprobe ipfilter
rc=$?
if [ ${rc} -ne 0 ] ; then
rc_status -v
exit $rc
fi
echo -n $"Starting IPFilter: "
minor=0
ipfdev=`awk ' /ipf/ { print $1; } ' /proc/devices`
for i in ipl ipnat ipstate ipauth ipsync ipscan iplookup; do
/bin/rm -f /dev/$i
mknod /dev/$i c $ipfdev $minor
minor=`expr $minor + 1`
done
/sbin/ipf -E
if [ -f $IPFCONF ] ; then
msg=`/sbin/ipf -f $IPFCONF 2>&1`
rc=$?
logit $rc ipf "$msg"
fi
if [ $rc -eq 0 -a -f $IPNATCONF ] ; then
msg=`/sbin/ipnat -f $IPNATCONF 2>&1`
rc=$?
logit $rc ipnat "$msg"
fi
if [ $rc -eq 0 -a -f $IPPOOLCONF ] ; then
msg=`/sbin/ippool -f $IPPOOLCONF 2>&1`
rc=$?
logit $rc ippool "$msg"
fi
if [ $rc -eq 0 ] ; then
/usr/bin/ipmon -Das
rc=$?
fi
rc_status -v
return $rc
}
stop() {
echo -n $"Shutting down IPFilter: "
killproc ipmon
rc=$?
[ $rc -eq 0 ] && /sbin/modprobe -r ipfilter 2>&1 >/dev/null
rc_status -v
}
dostatus() {
# status ipmon
rc=$?
}
restart() {
stop
start
rc=$?
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
dostatus
;;
restart|reload)
restart
;;
*)
echo "Usage: ipfilter {start|stop|status|restart|reload}"
rc=1
esac
rc_status -v
exit $?

98
Linux/ipfilter.spec.dist Normal file
View File

@ -0,0 +1,98 @@
Summary: IP Filter Software
Name: ipfilter
Version: 5.1.2
Release: 1
License: GPLv2
Group: System Environment/Base
BuildRoot: /usr/src/redhat/BUILD/ipfilter
%description
Packet Filtering and NAT for firewall applications
%files
%defattr(-,root,root)
/lib/modules/KERNELBUILD/kernel/net/ipv4/ipfilter.MODEXT
/etc/init.d/ipfilter
/etc/sysconfig/ipfilter
/sbin/ipf
/sbin/ipfs
/sbin/ipnat
/sbin/ippool
/sbin/ipfstat
/usr/bin/ipmon
/usr/bin/ipftest
/usr/share/man/man1/ipftest.1
/usr/share/man/man4/ipfilter.4
/usr/share/man/man4/ipf.4
/usr/share/man/man4/ipl.4
/usr/share/man/man4/ipnat.4
/usr/share/man/man5/ipf.5
/usr/share/man/man5/ipnat.5
/usr/share/man/man5/ipfilter.5
/usr/share/man/man5/ipmon.5
/usr/share/man/man5/ippool.5
/usr/share/man/man5/ipscan.5
/usr/share/man/man8/ipscan.8
/usr/share/man/man8/ipf.8
/usr/share/man/man8/ipfs.8
/usr/share/man/man8/ipmon.8
/usr/share/man/man8/ipnat.8
/usr/share/man/man8/ippool.8
/usr/share/man/man8/ipfstat.8
/usr/include/netinet/ip_fil.h
/usr/include/netinet/ip_nat.h
/usr/include/netinet/ip_frag.h
/usr/include/netinet/ip_auth.h
/usr/include/netinet/ip_pool.h
/usr/include/netinet/ip_proxy.h
/usr/include/netinet/ip_state.h
/usr/include/netinet/ip_compat.h
/usr/include/netinet/ip_htable.h
/usr/include/netinet/ip_lookup.h
/usr/include/netinet/ip_scan.h
/usr/include/netinet/ip_sync.h
/usr/include/netinet/ipl.h
/usr/share/ipfilter/examples/ip_rules
/usr/share/ipfilter/examples/ipmon.conf
/usr/share/ipfilter/examples/pool.conf
/usr/share/ipfilter/examples/example.1
/usr/share/ipfilter/examples/example.2
/usr/share/ipfilter/examples/example.3
/usr/share/ipfilter/examples/example.4
/usr/share/ipfilter/examples/example.5
/usr/share/ipfilter/examples/example.6
/usr/share/ipfilter/examples/example.7
/usr/share/ipfilter/examples/example.8
/usr/share/ipfilter/examples/example.9
/usr/share/ipfilter/examples/example.10
/usr/share/ipfilter/examples/example.11
/usr/share/ipfilter/examples/example.12
/usr/share/ipfilter/examples/example.13
/usr/share/ipfilter/examples/example.sr
/usr/share/ipfilter/examples/nat.eg
/usr/share/ipfilter/examples/server
/usr/share/ipfilter/examples/tcpstate
/usr/share/ipfilter/examples/BASIC.NAT
/usr/share/ipfilter/examples/BASIC_1.FW
/usr/share/ipfilter/examples/BASIC_2.FW
/usr/share/ipfilter/examples/firewall
/usr/share/ipfilter/examples/ftp-proxy
/usr/share/ipfilter/examples/ftppxy
/usr/share/ipfilter/examples/nat-setup
%pre
if [ -f /etc/init.d/ipfilter ] ; then
/sbin/chkconfig --del ipfilter
fi
%post
/sbin/chkconfig --add ipfilter
/sbin/chkconfig TURNONIPFILTER
/sbin/depmod -A
%preun
/etc/init.d/ipfilter stop
/sbin/chkconfig --del ipfilter
%changelog

3
Linux/linuxversion Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh
uname -r | perl -e '$_=<>;@F=split(/\./);printf "%02d%02d\n",$F[0],$F[1];';
exit 0

18
Linux/minstall Executable file
View File

@ -0,0 +1,18 @@
#!/bin/sh
dir=`pwd`
karch=`uname -m`
if [ `basename $dir` = Linux ] ; then cd ..; fi
echo "Creating device files..."
minor=0
major=`awk ' /ipf/ { print $1; } ' /proc/devices`
for i in ipl ipnat ipstate ipauth ipsync ipscan iplookup; do
echo ".../dev/$i"
mknod /dev/$i c $major $minor
minor=`expr $minor + 1`
done
exit 0

Some files were not shown because too many files have changed in this diff Show More