sync with -current pf; from dhartmei@
This commit is contained in:
naddy
parent
dc600cba96
commit
469a7e13ee
@ -1,15 +1,74 @@
|
|||||||
$OpenBSD: patch-src_fw-pf_c,v 1.1 2002/05/20 10:29:16 jsyn Exp $
|
$OpenBSD: patch-src_fw-pf_c,v 1.2 2003/01/02 12:28:49 naddy Exp $
|
||||||
--- src/fw-pf.c.orig Sun Jan 20 13:23:28 2002
|
--- src/fw-pf.c.orig Sun Jan 20 22:23:28 2002
|
||||||
+++ src/fw-pf.c Mon May 13 23:54:30 2002
|
+++ src/fw-pf.c Thu Jan 2 13:18:49 2003
|
||||||
@@ -25,6 +25,11 @@
|
@@ -42,11 +42,11 @@ fr_to_pr(const struct fw_rule *fr, struc
|
||||||
#include <unistd.h>
|
pr->proto = fr->fw_proto;
|
||||||
|
|
||||||
#include "dnet.h"
|
pr->af = AF_INET;
|
||||||
+
|
- pr->src.addr.v4.s_addr = fr->fw_src.addr_ip;
|
||||||
+#ifdef PF_RULE_LABEL_SIZE
|
- addr_btom(fr->fw_src.addr_bits, &pr->src.mask.v4.s_addr, IP_ADDR_LEN);
|
||||||
+/* XXX */
|
+ pr->src.addr.addr.v4.s_addr = fr->fw_src.addr_ip;
|
||||||
+#define addr addr.addr
|
+ addr_btom(fr->fw_src.addr_bits, &pr->src.addr.mask.v4.s_addr, IP_ADDR_LEN);
|
||||||
+#endif
|
|
||||||
|
- pr->dst.addr.v4.s_addr = fr->fw_dst.addr_ip;
|
||||||
|
- addr_btom(fr->fw_dst.addr_bits, &pr->dst.mask.v4.s_addr, IP_ADDR_LEN);
|
||||||
|
+ pr->dst.addr.addr.v4.s_addr = fr->fw_dst.addr_ip;
|
||||||
|
+ addr_btom(fr->fw_dst.addr_bits, &pr->dst.addr.mask.v4.s_addr, IP_ADDR_LEN);
|
||||||
|
|
||||||
|
switch (fr->fw_proto) {
|
||||||
|
case IP_PROTO_ICMP:
|
||||||
|
@@ -97,12 +97,12 @@ pr_to_fr(const struct pf_rule *pr, struc
|
||||||
|
return (-1);
|
||||||
|
|
||||||
|
fr->fw_src.addr_type = ADDR_TYPE_IP;
|
||||||
|
- addr_mtob(&pr->src.mask.v4.s_addr, IP_ADDR_LEN, &fr->fw_src.addr_bits);
|
||||||
|
- fr->fw_src.addr_ip = pr->src.addr.v4.s_addr;
|
||||||
|
+ addr_mtob(&pr->src.addr.mask.v4.s_addr, IP_ADDR_LEN, &fr->fw_src.addr_bits);
|
||||||
|
+ fr->fw_src.addr_ip = pr->src.addr.addr.v4.s_addr;
|
||||||
|
|
||||||
|
fr->fw_dst.addr_type = ADDR_TYPE_IP;
|
||||||
|
- addr_mtob(&pr->dst.mask.v4.s_addr, IP_ADDR_LEN, &fr->fw_dst.addr_bits);
|
||||||
|
- fr->fw_dst.addr_ip = pr->dst.addr.v4.s_addr;
|
||||||
|
+ addr_mtob(&pr->dst.addr.mask.v4.s_addr, IP_ADDR_LEN, &fr->fw_dst.addr_bits);
|
||||||
|
+ fr->fw_dst.addr_ip = pr->dst.addr.addr.v4.s_addr;
|
||||||
|
|
||||||
|
switch (fr->fw_proto) {
|
||||||
|
case IP_PROTO_ICMP:
|
||||||
|
@@ -147,11 +147,12 @@ fw_open(void)
|
||||||
|
int
|
||||||
|
fw_add(fw_t *fw, const struct fw_rule *rule)
|
||||||
|
{
|
||||||
|
- struct pfioc_changerule pcr;
|
||||||
|
+ struct pfioc_rule pcr;
|
||||||
|
|
||||||
|
assert(fw != NULL && rule != NULL);
|
||||||
|
|
||||||
|
- fr_to_pr(rule, &pcr.newrule);
|
||||||
|
+ memset(&pcr, 0, sizeof(pcr));
|
||||||
|
+ fr_to_pr(rule, &pcr.rule);
|
||||||
|
|
||||||
|
pcr.action = PF_CHANGE_ADD_TAIL;
|
||||||
|
|
||||||
|
@@ -161,11 +162,12 @@ fw_add(fw_t *fw, const struct fw_rule *r
|
||||||
|
int
|
||||||
|
fw_delete(fw_t *fw, const struct fw_rule *rule)
|
||||||
|
{
|
||||||
|
- struct pfioc_changerule pcr;
|
||||||
|
+ struct pfioc_rule pcr;
|
||||||
|
|
||||||
|
assert(fw != NULL && rule != NULL);
|
||||||
|
|
||||||
|
- fr_to_pr(rule, &pcr.oldrule);
|
||||||
|
+ memset(&pcr, 0, sizeof(pcr));
|
||||||
|
+ fr_to_pr(rule, &pcr.rule);
|
||||||
|
|
||||||
|
pcr.action = PF_CHANGE_REMOVE;
|
||||||
|
|
||||||
|
@@ -180,6 +182,7 @@ fw_loop(fw_t *fw, fw_handler callback, v
|
||||||
|
uint32_t n, max;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
+ memset(&pr, 0, sizeof(pr));
|
||||||
|
if (ioctl(fw->fd, DIOCGETRULES, &pr) < 0)
|
||||||
|
return (-1);
|
||||||
|
|
||||||
struct fw_handle {
|
|
||||||
int fd;
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user