Common subdirectories: ip_fil4.1.4/4bsd and ip_fil4.1.5/4bsd Common subdirectories: ip_fil4.1.4/BSD and ip_fil4.1.5/BSD Common subdirectories: ip_fil4.1.4/BSDOS and ip_fil4.1.5/BSDOS Common subdirectories: ip_fil4.1.4/BSDOS3 and ip_fil4.1.5/BSDOS3 Common subdirectories: ip_fil4.1.4/BSDOS4 and ip_fil4.1.5/BSDOS4 Common subdirectories: ip_fil4.1.4/FWTK and ip_fil4.1.5/FWTK Common subdirectories: ip_fil4.1.4/FreeBSD and ip_fil4.1.5/FreeBSD Common subdirectories: ip_fil4.1.4/FreeBSD-2.2 and ip_fil4.1.5/FreeBSD-2.2 Common subdirectories: ip_fil4.1.4/FreeBSD-3 and ip_fil4.1.5/FreeBSD-3 Common subdirectories: ip_fil4.1.4/FreeBSD-4.0 and ip_fil4.1.5/FreeBSD-4.0 diff -cr ip_fil4.1.4/HISTORY ip_fil4.1.5/HISTORY *** ip_fil4.1.4/HISTORY Sun Jan 9 01:41:43 2005 --- ip_fil4.1.5/HISTORY Sun Jan 9 12:54:17 2005 *************** *** 10,15 **** --- 10,27 ---- # and especially those who have found the time to port IP Filter to new # platforms. # + 4.1.5 - Released 9 January 2005 + + all rules were being converted into "dup-to" rules in the kernel + + fix two ftp proxy problems: 1st, buffer needs to be bigger for fitting in + complete RETR/CWD commands, 2nd is () use in 227 messages isn't copied + over correctly. + + response to CWDs + revert ip_off back to network byte order in the ICMP error packet that + gets generated. + 4.1.4 - Released 9 January 2005 force NAT rules to only match ipv4 NAT rules (which all are, currently, Common subdirectories: ip_fil4.1.4/HPUX and ip_fil4.1.5/HPUX Common subdirectories: ip_fil4.1.4/IRIX and ip_fil4.1.5/IRIX Common subdirectories: ip_fil4.1.4/Linux and ip_fil4.1.5/Linux Common subdirectories: ip_fil4.1.4/NetBSD and ip_fil4.1.5/NetBSD Common subdirectories: ip_fil4.1.4/NetBSD-1.2 and ip_fil4.1.5/NetBSD-1.2 Common subdirectories: ip_fil4.1.4/OSF and ip_fil4.1.5/OSF Common subdirectories: ip_fil4.1.4/OpenBSD and ip_fil4.1.5/OpenBSD Common subdirectories: ip_fil4.1.4/OpenBSD-2 and ip_fil4.1.5/OpenBSD-2 Common subdirectories: ip_fil4.1.4/OpenBSD-3 and ip_fil4.1.5/OpenBSD-3 Common subdirectories: ip_fil4.1.4/SunOS4 and ip_fil4.1.5/SunOS4 Common subdirectories: ip_fil4.1.4/SunOS5 and ip_fil4.1.5/SunOS5 Common subdirectories: ip_fil4.1.4/etc and ip_fil4.1.5/etc diff -cr ip_fil4.1.4/fil.c ip_fil4.1.5/fil.c *** ip_fil4.1.4/fil.c Sun Jan 9 01:28:12 2005 --- ip_fil4.1.5/fil.c Sun Jan 9 12:20:03 2005 *************** *** 132,138 **** #if !defined(lint) static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: fil.c,v 2.243.2.45 2005/01/08 14:28:12 darrenr Exp $"; #endif #ifndef _KERNEL --- 132,138 ---- #if !defined(lint) static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: fil.c,v 2.243.2.46 2005/01/09 01:20:03 darrenr Exp $"; #endif #ifndef _KERNEL *************** *** 2885,2891 **** * SUCH DAMAGE. * * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94 ! * $Id: fil.c,v 2.243.2.45 2005/01/08 14:28:12 darrenr Exp $ */ /* * Copy data from an mbuf chain starting "off" bytes from the beginning, --- 2885,2891 ---- * SUCH DAMAGE. * * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94 ! * $Id: fil.c,v 2.243.2.46 2005/01/09 01:20:03 darrenr Exp $ */ /* * Copy data from an mbuf chain starting "off" bytes from the beginning, *************** *** 3466,3472 **** fr_resolvedest(fdp, v); fr->fr_flags &= ~FR_DUP; ! if (fdp->fd_ifp != (void *)-1) fr->fr_flags |= FR_DUP; } --- 3466,3473 ---- fr_resolvedest(fdp, v); fr->fr_flags &= ~FR_DUP; ! if ((fdp->fd_ifp != (void *)-1) && ! (fdp->fd_ifp != NULL)) fr->fr_flags |= FR_DUP; } diff -cr ip_fil4.1.4/ip_fil_bsdos.c ip_fil4.1.5/ip_fil_bsdos.c *** ip_fil4.1.4/ip_fil_bsdos.c Thu Dec 16 05:30:31 2004 --- ip_fil4.1.5/ip_fil_bsdos.c Sun Jan 9 03:55:51 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_bsdos.c,v 2.45.2.16 2004/12/15 18:30:31 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_bsdos.c,v 2.45.2.17 2005/01/08 16:55:51 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) *************** *** 817,822 **** --- 817,823 ---- #endif { ip2->ip_len = htons(ip2->ip_len); + ip2->ip_off = htons(ip2->ip_off); ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = dst4.s_addr; ip->ip_dst.s_addr = fin->fin_saddr; diff -cr ip_fil4.1.4/ip_fil_freebsd.c ip_fil4.1.5/ip_fil_freebsd.c *** ip_fil4.1.4/ip_fil_freebsd.c Sun Jan 9 01:28:16 2005 --- ip_fil4.1.5/ip_fil_freebsd.c Sun Jan 9 03:55:51 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_freebsd.c,v 2.53.2.23 2005/01/08 14:28:16 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_freebsd.c,v 2.53.2.24 2005/01/08 16:55:51 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) *************** *** 1060,1065 **** --- 1060,1066 ---- #endif { ip2->ip_len = htons(ip2->ip_len); + ip2->ip_off = htons(ip2->ip_off); ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = dst4.s_addr; ip->ip_dst.s_addr = fin->fin_saddr; *************** *** 1256,1262 **** * Too large for interface; fragment if possible. * Must be able to put at least 8 bytes per fragment. */ ! ip_off = ip->ip_off; if (ip_off & IP_DF) { error = EMSGSIZE; goto bad; --- 1257,1263 ---- * Too large for interface; fragment if possible. * Must be able to put at least 8 bytes per fragment. */ ! ip_off = ntohs(ip->ip_off); if (ip_off & IP_DF) { error = EMSGSIZE; goto bad; diff -cr ip_fil4.1.4/ip_fil_hpux.c ip_fil4.1.5/ip_fil_hpux.c *** ip_fil4.1.4/ip_fil_hpux.c Sun Jan 9 01:28:17 2005 --- ip_fil4.1.5/ip_fil_hpux.c Sun Jan 9 03:55:52 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_hpux.c,v 2.45.2.10 2005/01/08 14:28:17 darrenr Exp $"; #endif #include --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_hpux.c,v 2.45.2.11 2005/01/08 16:55:52 darrenr Exp $"; #endif #include *************** *** 669,674 **** --- 669,675 ---- bcopy((char *)fin->fin_ip, (char *)&icmp->icmp_ip, sizeof(*fin->fin_ip)); icmp->icmp_ip.ip_len = htons(icmp->icmp_ip.ip_len); + icmp->icmp_ip.ip_off = htons(icmp->icmp_ip.ip_off); bcopy((char *)fin->fin_ip + fin->fin_hlen, (char *)&icmp->icmp_ip + sizeof(*fin->fin_ip), 8); icmp->icmp_cksum = ipf_cksum((u_short *)icmp, diff -cr ip_fil4.1.4/ip_fil_irix.c ip_fil4.1.5/ip_fil_irix.c *** ip_fil4.1.4/ip_fil_irix.c Sun Jan 9 01:28:17 2005 --- ip_fil4.1.5/ip_fil_irix.c Sun Jan 9 03:55:53 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_irix.c,v 2.42.2.14 2005/01/08 14:28:17 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_irix.c,v 2.42.2.15 2005/01/08 16:55:53 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) *************** *** 739,744 **** --- 739,745 ---- #endif { ip2->ip_len = htons(ip2->ip_len); + ip2->ip_off = htons(ip2->ip_off); ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = dst4.s_addr; ip->ip_dst.s_addr = fin->fin_saddr; diff -cr ip_fil4.1.4/ip_fil_linux.c ip_fil4.1.5/ip_fil_linux.c *** ip_fil4.1.4/ip_fil_linux.c Sun Jan 9 01:28:18 2005 --- ip_fil4.1.5/ip_fil_linux.c Sun Jan 9 03:55:53 2005 *************** *** 531,537 **** ip->ip_dst = fin->fin_src; bcopy((char *)fin->fin_ip, (char *)&icmp->icmp_ip, sizeof(*fin->fin_ip)); ! icmp->icmp_ip.ip_len = htons(fin->fin_plen); bcopy((char *)fin->fin_ip + fin->fin_hlen, (char *)&icmp->icmp_ip + sizeof(*fin->fin_ip), 8); icmp->icmp_cksum = ip_compute_csum((u_char *)icmp, --- 531,538 ---- ip->ip_dst = fin->fin_src; bcopy((char *)fin->fin_ip, (char *)&icmp->icmp_ip, sizeof(*fin->fin_ip)); ! icmp->icmp_ip.ip_len = htons(icmp->icmp_ip.ip_len); ! icmp->icmp_ip.ip_off = htons(icmp->icmp_ip.ip_off); bcopy((char *)fin->fin_ip + fin->fin_hlen, (char *)&icmp->icmp_ip + sizeof(*fin->fin_ip), 8); icmp->icmp_cksum = ip_compute_csum((u_char *)icmp, diff -cr ip_fil4.1.4/ip_fil_netbsd.c ip_fil4.1.5/ip_fil_netbsd.c *** ip_fil4.1.4/ip_fil_netbsd.c Sun Jan 9 01:28:19 2005 --- ip_fil4.1.5/ip_fil_netbsd.c Sun Jan 9 03:55:54 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_netbsd.c,v 2.55.2.23 2005/01/08 14:28:19 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_netbsd.c,v 2.55.2.24 2005/01/08 16:55:54 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) *************** *** 1051,1056 **** --- 1051,1057 ---- #endif { ip2->ip_len = htons(ip2->ip_len); + ip2->ip_off = htons(ip2->ip_off); ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = dst4.s_addr; ip->ip_dst.s_addr = fin->fin_saddr; diff -cr ip_fil4.1.4/ip_fil_openbsd.c ip_fil4.1.5/ip_fil_openbsd.c *** ip_fil4.1.4/ip_fil_openbsd.c Sun Jan 9 01:28:19 2005 --- ip_fil4.1.5/ip_fil_openbsd.c Sun Jan 9 03:55:54 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_openbsd.c,v 2.50.2.20 2005/01/08 14:28:19 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_openbsd.c,v 2.50.2.21 2005/01/08 16:55:54 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) *************** *** 775,780 **** --- 775,781 ---- #endif { ip2->ip_len = htons(ip2->ip_len); + ip2->ip_off = htons(ip2->ip_off); ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = dst4.s_addr; ip->ip_dst.s_addr = fin->fin_saddr; diff -cr ip_fil4.1.4/ip_fil_osf.c ip_fil4.1.5/ip_fil_osf.c *** ip_fil4.1.4/ip_fil_osf.c Sun Jan 9 01:28:20 2005 --- ip_fil4.1.5/ip_fil_osf.c Sun Jan 9 03:55:55 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_osf.c,v 2.44.2.17 2005/01/08 14:28:20 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_osf.c,v 2.44.2.18 2005/01/08 16:55:55 darrenr Exp $"; #endif #if defined(KERNEL) || defined(_KERNEL) *************** *** 768,773 **** --- 768,774 ---- #endif { ip2->ip_len = htons(ip2->ip_len); + ip2->ip_off = htons(ip2->ip_off); ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = dst4.s_addr; ip->ip_dst.s_addr = fin->fin_saddr; diff -cr ip_fil4.1.4/ip_fil_solaris.c ip_fil4.1.5/ip_fil_solaris.c *** ip_fil4.1.4/ip_fil_solaris.c Sun Jan 9 01:28:21 2005 --- ip_fil4.1.5/ip_fil_solaris.c Sun Jan 9 03:55:56 2005 *************** *** 5,11 **** */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_solaris.c,v 2.62.2.15 2005/01/08 14:28:21 darrenr Exp $"; #endif #include --- 5,11 ---- */ #if !defined(lint) static const char sccsid[] = "%W% %G% (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_solaris.c,v 2.62.2.16 2005/01/08 16:55:56 darrenr Exp $"; #endif #include *************** *** 831,836 **** --- 831,837 ---- bcopy((char *)fin->fin_ip + fin->fin_hlen, (char *)&icmp->icmp_ip + sizeof(*fin->fin_ip), 8); icmp->icmp_ip.ip_len = htons(icmp->icmp_ip.ip_len); + icmp->icmp_ip.ip_off = htons(icmp->icmp_ip.ip_off); icmp->icmp_cksum = ipf_cksum((u_short *)icmp, sz - sizeof(ip_t)); } diff -cr ip_fil4.1.4/ip_fil_sunos4.c ip_fil4.1.5/ip_fil_sunos4.c *** ip_fil4.1.4/ip_fil_sunos4.c Sun Jan 9 01:28:22 2005 --- ip_fil4.1.5/ip_fil_sunos4.c Sun Jan 9 03:55:56 2005 *************** *** 54,60 **** #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_sunos4.c,v 2.46.2.16 2005/01/08 14:28:22 darrenr Exp $"; #endif extern struct protosw inetsw[]; --- 54,60 ---- #if !defined(lint) static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; ! static const char rcsid[] = "@(#)$Id: ip_fil_sunos4.c,v 2.46.2.17 2005/01/08 16:55:56 darrenr Exp $"; #endif extern struct protosw inetsw[]; *************** *** 603,608 **** --- 603,609 ---- bcopy((char *)fin->fin_ip, (char *)ip2, ohlen); ip2->ip_len = htons(ip2->ip_len); + ip2->ip_off = htons(ip2->ip_off); ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = dst4.s_addr; diff -cr ip_fil4.1.4/ip_ftp_pxy.c ip_fil4.1.5/ip_ftp_pxy.c *** ip_fil4.1.4/ip_ftp_pxy.c Fri Dec 10 06:40:58 2004 --- ip_fil4.1.5/ip_ftp_pxy.c Sun Jan 9 04:24:13 2005 *************** *** 6,12 **** * Simple FTP transparent proxy for in-kernel use. For use with the NAT * code. * ! * $Id: ip_ftp_pxy.c,v 2.88.2.8 2004/12/09 19:40:58 darrenr Exp $ */ #define IPF_FTP_PROXY --- 6,12 ---- * Simple FTP transparent proxy for in-kernel use. For use with the NAT * code. * ! * $Id: ip_ftp_pxy.c,v 2.88.2.9 2005/01/08 17:24:13 darrenr Exp $ */ #define IPF_FTP_PROXY *************** *** 17,23 **** #define IPF_MAX227LEN 51 #define IPF_MIN229LEN 47 #define IPF_MAX229LEN 51 ! #define IPF_FTPBUFSZ 96 /* This *MUST* be >= 53! */ #define FTPXY_GO 0 #define FTPXY_INIT 1 --- 17,30 ---- #define IPF_MAX227LEN 51 #define IPF_MIN229LEN 47 #define IPF_MAX229LEN 51 ! /* ! * On Unix, a pathname can be upto 256 bytes long, so that must fit in half ! * of the buffer. Why half? Because we allow a message being parsed to ! * start upto half way into the buffer so less arbitrary moving around of ! * data to make messages fit is required. And so, 526 is 2*(4+1+256+2) ! * (XXXX path\r\n) ! */ ! #define IPF_FTPBUFSZ 526 /* This *MUST* be >= 53! */ #define FTPXY_GO 0 #define FTPXY_INIT 1 *************** *** 466,474 **** { u_int a1, a2, a3, a4, data_ip; char newbuf[IPF_FTPBUFSZ]; u_short a5, a6; ftpside_t *f; - char *s; if (ippr_ftp_forcepasv != 0 && ftp->ftp_side[0].ftps_cmds != FTPXY_C_PASV) { --- 473,481 ---- { u_int a1, a2, a3, a4, data_ip; char newbuf[IPF_FTPBUFSZ]; + char *s, *brackets[2]; u_short a5, a6; ftpside_t *f; if (ippr_ftp_forcepasv != 0 && ftp->ftp_side[0].ftps_cmds != FTPXY_C_PASV) { *************** *** 496,507 **** return 0; } /* * Skip the PASV reply + space */ s = f->ftps_rptr + PASV_REPLEN; ! while (*s && !ISDIGIT(*s)) s++; /* * Pick out the address components, two at a time. */ --- 503,522 ---- return 0; } + brackets[0] = ""; + brackets[1] = ""; /* * Skip the PASV reply + space */ s = f->ftps_rptr + PASV_REPLEN; ! while (*s && !ISDIGIT(*s)) { ! if (*s == '(') { ! brackets[0] = "("; ! brackets[1] = ")"; ! } s++; + } + /* * Pick out the address components, two at a time. */ *************** *** 575,585 **** a1 >>= 24; #if defined(SNPRINTF) && defined(_KERNEL) ! SNPRINTF(newbuf, sizeof(newbuf), "%s %u,%u,%u,%u,%u,%u\r\n", ! "227 Entering Passive Mode", a1, a2, a3, a4, a5, a6); #else ! (void) sprintf(newbuf, "%s %u,%u,%u,%u,%u,%u\r\n", ! "227 Entering Passive Mode", a1, a2, a3, a4, a5, a6); #endif return ippr_ftp_pasvreply(fin, ip, nat, f, (a5 << 8 | a6), newbuf, s, data_ip); --- 590,602 ---- a1 >>= 24; #if defined(SNPRINTF) && defined(_KERNEL) ! SNPRINTF(newbuf, sizeof(newbuf), "%s %s%u,%u,%u,%u,%u,%u%s\r\n", ! "227 Entering Passive Mode", brackets[0], a1, a2, a3, a4, ! a5, a6, brackets[1]); #else ! (void) sprintf(newbuf, "%s %s%u,%u,%u,%u,%u,%u%s\r\n", ! "227 Entering Passive Mode", brackets[0], a1, a2, a3, a4, ! a5, a6, brackets[1]); #endif return ippr_ftp_pasvreply(fin, ip, nat, f, (a5 << 8 | a6), newbuf, s, data_ip); diff -cr ip_fil4.1.4/ipl.h ip_fil4.1.5/ipl.h *** ip_fil4.1.4/ipl.h Sun Jan 9 01:41:42 2005 --- ip_fil4.1.5/ipl.h Sun Jan 9 04:27:10 2005 *************** *** 4,17 **** * See the IPFILTER.LICENCE file for details on licencing. * * @(#)ipl.h 1.21 6/5/96 ! * $Id: ipl.h,v 2.52.2.5 2005/01/08 14:41:42 darrenr Exp $ */ #ifndef __IPL_H__ #define __IPL_H__ ! #define IPL_VERSION "IP Filter: v4.1.4" ! #define IPFILTER_VERSION 4010400 #endif --- 4,17 ---- * See the IPFILTER.LICENCE file for details on licencing. * * @(#)ipl.h 1.21 6/5/96 ! * $Id: ipl.h,v 2.52.2.6 2005/01/08 17:27:10 darrenr Exp $ */ #ifndef __IPL_H__ #define __IPL_H__ ! #define IPL_VERSION "IP Filter: v4.1.5" ! #define IPFILTER_VERSION 4010500 #endif Common subdirectories: ip_fil4.1.4/iplang and ip_fil4.1.5/iplang Common subdirectories: ip_fil4.1.4/ipsd and ip_fil4.1.5/ipsd Common subdirectories: ip_fil4.1.4/ipsend and ip_fil4.1.5/ipsend Common subdirectories: ip_fil4.1.4/l4check and ip_fil4.1.5/l4check Common subdirectories: ip_fil4.1.4/lib and ip_fil4.1.5/lib Common subdirectories: ip_fil4.1.4/man and ip_fil4.1.5/man Common subdirectories: ip_fil4.1.4/net and ip_fil4.1.5/net Common subdirectories: ip_fil4.1.4/netinet and ip_fil4.1.5/netinet Common subdirectories: ip_fil4.1.4/perl and ip_fil4.1.5/perl Common subdirectories: ip_fil4.1.4/rules and ip_fil4.1.5/rules Common subdirectories: ip_fil4.1.4/samples and ip_fil4.1.5/samples Common subdirectories: ip_fil4.1.4/test and ip_fil4.1.5/test Common subdirectories: ip_fil4.1.4/tools and ip_fil4.1.5/tools Common subdirectories: ip_fil4.1.4/BSDOS3/OBJS and ip_fil4.1.5/BSDOS3/OBJS Common subdirectories: ip_fil4.1.4/BSDOS4/OBJS and ip_fil4.1.5/BSDOS4/OBJS Common subdirectories: ip_fil4.1.4/HPUX/IPF-ALL and ip_fil4.1.5/HPUX/IPF-ALL diff -cr ip_fil4.1.4/HPUX/ipf.psf.dist ip_fil4.1.5/HPUX/ipf.psf.dist *** ip_fil4.1.4/HPUX/ipf.psf.dist Sun Jan 9 01:41:45 2005 --- ip_fil4.1.5/HPUX/ipf.psf.dist Sun Jan 9 04:27:12 2005 *************** *** 4,12 **** # # Copyright: Copyright (c) 2000 Darren Reed # ! # Description: PSF for IP FIlter 4.1.4 # ! # $Id: ipf.psf.dist,v 1.1.2.5 2005/01/08 14:41:45 darrenr Exp $ # The vendor definition here applies to all subsequently defined products. --- 4,12 ---- # # Copyright: Copyright (c) 2000 Darren Reed # ! # Description: PSF for IP FIlter 4.1.5 # ! # $Id: ipf.psf.dist,v 1.1.2.6 2005/01/08 17:27:12 darrenr Exp $ # The vendor definition here applies to all subsequently defined products. *************** *** 24,32 **** # Bundle definition(s): bundle tag IPF ! title IP Filter 4.1.4 description Firewall/NAT ! revision A.04.01.04 architecture HP-UX_HPREV_32/64 machine_type 9000/[678]??:* os_name HP-UX --- 24,32 ---- # Bundle definition(s): bundle tag IPF ! title IP Filter 4.1.5 description Firewall/NAT ! revision A.04.01.05 architecture HP-UX_HPREV_32/64 machine_type 9000/[678]??:* os_name HP-UX *************** *** 37,52 **** is_reference false vendor_tag IPFilter hp_srdo swtype=O;user=B;bundle_type=O ! contents IPF-RUN,r=A.04.01.04,a=HP-UX_HPREV_32/64,v=IPFilter end # bundle IPF # Product definition(s): product tag IPF-RUN ! title IP Filter 4.1.4 description Firewall/NAT copyright < ../../SunOS5/copyright ! revision A.04.01.04 architecture HP-UX_HPREV_32/64 machine_type 9000/[678]??:* os_name HP-UX --- 37,52 ---- is_reference false vendor_tag IPFilter hp_srdo swtype=O;user=B;bundle_type=O ! contents IPF-RUN,r=A.04.01.05,a=HP-UX_HPREV_32/64,v=IPFilter end # bundle IPF # Product definition(s): product tag IPF-RUN ! title IP Filter 4.1.5 description Firewall/NAT copyright < ../../SunOS5/copyright ! revision A.04.01.05 architecture HP-UX_HPREV_32/64 machine_type 9000/[678]??:* os_name HP-UX *************** *** 68,76 **** # InternetSrvcs.IPF-ALL fileset tag IPF-ALL ! title IP Filter 4.1.4 : IPF-ALL description < ../IPF-ALL/description ! revision A.04.01.04 architecture HP-UX_HPREV_32/64 machine_type 9000/[678]??:* os_name HP-UX --- 68,76 ---- # InternetSrvcs.IPF-ALL fileset tag IPF-ALL ! title IP Filter 4.1.5 : IPF-ALL description < ../IPF-ALL/description ! revision A.04.01.05 architecture HP-UX_HPREV_32/64 machine_type 9000/[678]??:* os_name HP-UX diff -cr ip_fil4.1.4/Linux/ipfilter.spec.dist ip_fil4.1.5/Linux/ipfilter.spec.dist *** ip_fil4.1.4/Linux/ipfilter.spec.dist Fri Oct 22 22:11:32 2004 --- ip_fil4.1.5/Linux/ipfilter.spec.dist Sun Jan 9 04:27:45 2005 *************** *** 1,6 **** Summary: IP Filter Software Name: ipfilter ! Version: 4.1.3 Release: 1 Copyright: Copyright 2004 Darren Reed Group: System Environment/Base --- 1,6 ---- Summary: IP Filter Software Name: ipfilter ! Version: 4.1.5 Release: 1 Copyright: Copyright 2004 Darren Reed Group: System Environment/Base diff -cr ip_fil4.1.4/OpenBSD-3/README.3_0 ip_fil4.1.5/OpenBSD-3/README.3_0 *** ip_fil4.1.4/OpenBSD-3/README.3_0 Sun Jan 9 01:41:43 2005 --- ip_fil4.1.5/OpenBSD-3/README.3_0 Sun Jan 9 12:51:20 2005 *************** *** 29,41 **** 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.4.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.0-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.4 BSD/kupgrade 4. Build a new OpenBSD kernel --- 29,41 ---- 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.5.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.0-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.5 BSD/kupgrade 4. Build a new OpenBSD kernel *************** *** 49,55 **** 5. Build and install IPFilter ! cd ip_fil4.1.4 make openbsd make install-bsd OpenBSD-3/makedevs-3.0 --- 49,55 ---- 5. Build and install IPFilter ! cd ip_fil4.1.5 make openbsd make install-bsd OpenBSD-3/makedevs-3.0 *************** *** 57,63 **** 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.0-rc-diffs 7. Reboot --- 57,63 ---- 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.0-rc-diffs 7. Reboot diff -cr ip_fil4.1.4/OpenBSD-3/README.3_1 ip_fil4.1.5/OpenBSD-3/README.3_1 *** ip_fil4.1.4/OpenBSD-3/README.3_1 Sun Jan 9 01:41:44 2005 --- ip_fil4.1.5/OpenBSD-3/README.3_1 Sun Jan 9 12:51:20 2005 *************** *** 29,41 **** 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.4.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.1-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.4 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto --- 29,41 ---- 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.5.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.1-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.5 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto *************** *** 52,58 **** 5. Build and install IPFilter ! cd ip_fil4.1.4 make openbsd make install-bsd OpenBSD-3/makedevs-3.1 --- 52,58 ---- 5. Build and install IPFilter ! cd ip_fil4.1.5 make openbsd make install-bsd OpenBSD-3/makedevs-3.1 *************** *** 60,66 **** 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.1-rc-diffs 7. Reboot --- 60,66 ---- 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.1-rc-diffs 7. Reboot *************** *** 79,86 **** Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.1-rc-diffs ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.1-MAKEDEV-diffs ! cd ~/ip_fil4.1.4 ./OpenBSD-3/fixdist-3.0 --- 79,86 ---- Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.1-rc-diffs ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.1-MAKEDEV-diffs ! cd ~/ip_fil4.1.5 ./OpenBSD-3/fixdist-3.0 diff -cr ip_fil4.1.4/OpenBSD-3/README.3_2 ip_fil4.1.5/OpenBSD-3/README.3_2 *** ip_fil4.1.4/OpenBSD-3/README.3_2 Sun Jan 9 01:41:44 2005 --- ip_fil4.1.5/OpenBSD-3/README.3_2 Sun Jan 9 12:51:20 2005 *************** *** 29,41 **** 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.4.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.2-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.4 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto --- 29,41 ---- 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.5.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.2-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.5 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto *************** *** 52,58 **** 5. Build and install IPFilter ! cd ip_fil4.1.4 make openbsd make install-bsd OpenBSD-3/makedevs-3.2 --- 52,58 ---- 5. Build and install IPFilter ! cd ip_fil4.1.5 make openbsd make install-bsd OpenBSD-3/makedevs-3.2 *************** *** 60,66 **** 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.2-rc-diffs 7. Reboot --- 60,66 ---- 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.2-rc-diffs 7. Reboot *************** *** 79,86 **** Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.2-rc-diffs ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.2-MAKEDEV-diffs ! cd ~/ip_fil4.1.4 ./OpenBSD-3/fixdist-3.2 --- 79,86 ---- Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.2-rc-diffs ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.2-MAKEDEV-diffs ! cd ~/ip_fil4.1.5 ./OpenBSD-3/fixdist-3.2 diff -cr ip_fil4.1.4/OpenBSD-3/README.3_3 ip_fil4.1.5/OpenBSD-3/README.3_3 *** ip_fil4.1.4/OpenBSD-3/README.3_3 Sun Jan 9 01:41:44 2005 --- ip_fil4.1.5/OpenBSD-3/README.3_3 Sun Jan 9 12:51:20 2005 *************** *** 29,41 **** 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.4.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.3-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.4 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto --- 29,41 ---- 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.5.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.3-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.5 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto *************** *** 52,58 **** 5. Build and install IPFilter ! cd ip_fil4.1.4 make openbsd make install-bsd OpenBSD-3/makedevs-3.2 --- 52,58 ---- 5. Build and install IPFilter ! cd ip_fil4.1.5 make openbsd make install-bsd OpenBSD-3/makedevs-3.2 *************** *** 60,66 **** 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.3-rc-diffs 7. Reboot --- 60,66 ---- 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.3-rc-diffs 7. Reboot *************** *** 79,86 **** Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.3-rc-diffs ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.3-MAKEDEV-diffs ! cd ~/ip_fil4.1.4 ./OpenBSD-3/fixdist-3.2 --- 79,86 ---- Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.3-rc-diffs ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.3-MAKEDEV-diffs ! cd ~/ip_fil4.1.5 ./OpenBSD-3/fixdist-3.2 diff -cr ip_fil4.1.4/OpenBSD-3/README.3_4 ip_fil4.1.5/OpenBSD-3/README.3_4 *** ip_fil4.1.4/OpenBSD-3/README.3_4 Sun Jan 9 01:41:44 2005 --- ip_fil4.1.5/OpenBSD-3/README.3_4 Sun Jan 9 12:51:21 2005 *************** *** 29,41 **** 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.4.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.4-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.4 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto --- 29,41 ---- 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.5.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.4-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.5 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto *************** *** 52,58 **** 5. Build and install IPFilter ! cd ip_fil4.1.4 make openbsd make install-bsd OpenBSD-3/makedevs-3.4 --- 52,58 ---- 5. Build and install IPFilter ! cd ip_fil4.1.5 make openbsd make install-bsd OpenBSD-3/makedevs-3.4 *************** *** 60,66 **** 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.4-rc-diffs 7. Reboot --- 60,66 ---- 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.4-rc-diffs 7. Reboot *************** *** 79,86 **** Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.4-rc-diffs ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.4-MAKEDEV-diffs ! cd ~/ip_fil4.1.4 ./OpenBSD-3/fixdist-3.4 --- 79,86 ---- Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.4-rc-diffs ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.4-MAKEDEV-diffs ! cd ~/ip_fil4.1.5 ./OpenBSD-3/fixdist-3.4 diff -cr ip_fil4.1.4/OpenBSD-3/README.3_5 ip_fil4.1.5/OpenBSD-3/README.3_5 *** ip_fil4.1.4/OpenBSD-3/README.3_5 Sun Jan 9 01:41:45 2005 --- ip_fil4.1.5/OpenBSD-3/README.3_5 Sun Jan 9 12:51:21 2005 *************** *** 29,41 **** 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.4.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.5-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.4 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto --- 29,41 ---- 2. Unpack IPFilter and apply the patches to the kernel source cd ~ ! gunzip -c ip_fil4.1.5.tar.gz | tar xpf - cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.5-sys-diffs 3. Add IPFilter to the source code tree: ! cd ~/ip_fil4.1.5 BSD/kupgrade If you want to build a new release with IPFilter, stop here and goto *************** *** 52,58 **** 5. Build and install IPFilter ! cd ip_fil4.1.4 make openbsd make install-bsd OpenBSD-3/makedevs-3.5 --- 52,58 ---- 5. Build and install IPFilter ! cd ip_fil4.1.5 make openbsd make install-bsd OpenBSD-3/makedevs-3.5 *************** *** 60,66 **** 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.5-rc-diffs 7. Reboot --- 60,66 ---- 6. Patch rc scripts in /etc cd /etc ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.5-rc-diffs 7. Reboot *************** *** 79,86 **** Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.5-rc-diffs ! patch < ~/ip_fil4.1.4/OpenBSD-3/3.5-MAKEDEV-diffs ! cd ~/ip_fil4.1.4 ./OpenBSD-3/fixdist-3.5 --- 79,86 ---- Building a Release ================== cd /usr/src ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.5-rc-diffs ! patch < ~/ip_fil4.1.5/OpenBSD-3/3.5-MAKEDEV-diffs ! cd ~/ip_fil4.1.5 ./OpenBSD-3/fixdist-3.5 diff -cr ip_fil4.1.4/SunOS5/pkginfo ip_fil4.1.5/SunOS5/pkginfo *** ip_fil4.1.4/SunOS5/pkginfo Sun Jan 9 01:41:45 2005 --- ip_fil4.1.5/SunOS5/pkginfo Sun Jan 9 04:27:12 2005 *************** *** 5,11 **** PKG=ipf NAME=IP Filter ARCH=ARCH_updated_by_sed_when_package_is_built ! VERSION=4.1.4 CATEGORY=system DESC=This package contains tools for building a firewall VENDOR=Darren Reed --- 5,11 ---- PKG=ipf NAME=IP Filter ARCH=ARCH_updated_by_sed_when_package_is_built ! VERSION=4.1.5 CATEGORY=system DESC=This package contains tools for building a firewall VENDOR=Darren Reed Common subdirectories: ip_fil4.1.4/ipsd/Celler and ip_fil4.1.5/ipsd/Celler Common subdirectories: ip_fil4.1.4/ipsend/.OLD and ip_fil4.1.5/ipsend/.OLD diff -cr ip_fil4.1.4/lib/printfr.c ip_fil4.1.5/lib/printfr.c *** ip_fil4.1.4/lib/printfr.c Mon Nov 1 05:44:42 2004 --- ip_fil4.1.5/lib/printfr.c Sun Jan 9 12:53:11 2005 *************** *** 3,9 **** * * See the IPFILTER.LICENCE file for details on licencing. * ! * $Id: printfr.c,v 1.43.2.7 2004/10/31 18:44:42 darrenr Exp $ */ #include "ipf.h" --- 3,9 ---- * * See the IPFILTER.LICENCE file for details on licencing. * ! * $Id: printfr.c,v 1.43.2.8 2005/01/09 01:53:11 darrenr Exp $ */ #include "ipf.h" *************** *** 167,173 **** printifname(",", fp->fr_ifnames[1], fp->fr_ifas[1]); putchar(' '); ! if (*fp->fr_dif.fd_ifname) print_toif("dup-to", &fp->fr_dif); if (*fp->fr_tif.fd_ifname) print_toif("to", &fp->fr_tif); --- 167,173 ---- printifname(",", fp->fr_ifnames[1], fp->fr_ifas[1]); putchar(' '); ! if (*fp->fr_dif.fd_ifname || (fp->fr_flags & FR_DUP)) print_toif("dup-to", &fp->fr_dif); if (*fp->fr_tif.fd_ifname) print_toif("to", &fp->fr_tif); Common subdirectories: ip_fil4.1.4/test/expected and ip_fil4.1.5/test/expected Common subdirectories: ip_fil4.1.4/test/input and ip_fil4.1.5/test/input Common subdirectories: ip_fil4.1.4/test/regress and ip_fil4.1.5/test/regress