From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 04:00:10 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id 7533D16A4D0; Thu, 16 Sep 2004 04:00:10 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 79324 invoked by uid 1005); 31 Jan 2004 07:07:45 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 79321 invoked from network); 31 Jan 2004 07:07:45 -0000 Received: from moutng.kundenserver.de (212.227.126.189) by p50839ea4.dip.t-dialin.net with SMTP; 31 Jan 2004 07:07:45 -0000 Received: from [212.227.126.153] (helo=mxng02.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1AmpA6-0002SS-00 for max@vampire.homelinux.org; Sat, 31 Jan 2004 08:03:26 +0100 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng02.kundenserver.de with esmtp (Exim 3.35 #1) id 1AmpA5-0008HI-00 for max@love2party.net; Sat, 31 Jan 2004 08:03:26 +0100 Received: from turing (localhost [127.0.0.1])ESMTP id 527FF394DC4; Sat, 31 Jan 2004 01:57:04 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Sat, 31 Jan 2004 01:56:50 -0500 (EST) X-Original-To: pf4freebsd@freelists.org Delivered-To: pf4freebsd@freelists.org Received: from ns.kt-is.co.kr (ns.kt-is.co.kr [211.218.149.125]) ESMTP id 0BA0F394BAE for ; Sat, 31 Jan 2004 01:56:47 -0500 (EST) Received: from michelle.kt-is.co.kr (ns2.kt-is.co.kr [220.76.118.193]) (authenticated bits=128) by ns.kt-is.co.kr (8.12.10/8.12.10) with ESMTP id i0V6v2Ah003811 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Sat, 31 Jan 2004 15:57:02 +0900 (KST) Received: from michelle.kt-is.co.kr (localhost.kt-is.co.kr [127.0.0.1]) by michelle.kt-is.co.kr (8.12.10/8.12.10) with ESMTP id i0V72J45089678 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 31 Jan 2004 16:02:19 +0900 (KST) (envelope-from yongari@kt-is.co.kr) Received: (from yongari@localhost) by michelle.kt-is.co.kr (8.12.10/8.12.10/Submit) id i0V72Jmg089657 for pf4freebsd@freelists.org; Sat, 31 Jan 2004 16:02:19 +0900 (KST) (envelope-from yongari@kt-is.co.kr) From: Pyun YongHyeon To: pf4freebsd@freelists.org Message-ID: <20040131070219.GA72233@kt-is.co.kr> References: <20040130123456.GA773@fried.sakeos.net> <20040131054309.GA37208@kt-is.co.kr> Mime-Version: 1.0 Content-type: text/plain Content-Disposition: inline In-Reply-To: <20040131054309.GA37208@kt-is.co.kr> User-Agent: Mutt/1.4.1i X-Filter-Version: 1.11a (ns.kt-is.co.kr) X-archive-position: 259 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: yongari@kt-is.co.kr Precedence: normal X-list: pf4freebsd Content-Transfer-Encoding: quoted-printable X-Provags-Forward: max@love2party.net -> max@vampire.homelinux.org X-UID: 377 X-Length: 6031 X-Mailman-Approved-At: Thu, 16 Sep 2004 04:00:59 +0000 Subject: [pf4freebsd] Re: problem with 'user' X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 04:00:10 -0000 X-Original-Date: Sat, 31 Jan 2004 16:02:19 +0900 X-List-Received-Date: Thu, 16 Sep 2004 04:00:10 -0000 On Sat, Jan 31, 2004 at 02:43:09PM +0900, To pf4freebsd@freelists.org wro= te: > Thank you for your report. > Can you try this patch? (Copy attached file to > /usr/ports/security/pf/files directory and build.) > Working/failure reports are very appreciated. >=20 Sorry, file was inlined. Here is attached file. Regards, Pyun YongHyeon --=20 Pyun YongHyeon -- Attached file included as plaintext by Ecartis -- --- pf/pf.c.orig Tue Jan 6 15:05:35 2004 +++ pf/pf.c Sat Jan 31 14:33:47 2004 @@ -2153,11 +2153,11 @@ struct pf_addr *saddr, *daddr; u_int16_t sport, dport; #if defined(__FreeBSD__) - struct inpcb *inp; + struct inpcbinfo *pi; #else struct inpcbtable *tb; - struct inpcb *inp; #endif + struct inpcb *inp; =20 *uid =3D UID_MAX; *gid =3D GID_MAX; @@ -2165,14 +2165,18 @@ case IPPROTO_TCP: sport =3D pd->hdr.tcp->th_sport; dport =3D pd->hdr.tcp->th_dport; -#if !defined(__FreeBSD__) +#if defined(__FreeBSD__) + pi =3D &tcbinfo; +#else tb =3D &tcbtable; #endif break; case IPPROTO_UDP: sport =3D pd->hdr.udp->uh_sport; dport =3D pd->hdr.udp->uh_dport; -#if !defined(__FreeBSD__) +#if defined(__FreeBSD__) + pi =3D &udbinfo; +#else tb =3D &udbtable; #endif break; @@ -2195,16 +2199,16 @@ case AF_INET: #if defined(__FreeBSD__) #if (__FreeBSD_version >=3D 500043) - INP_INFO_RLOCK(&tcbinfo); + INP_INFO_RLOCK(pi); /* XXX LOR */ #endif - inp =3D in_pcblookup_hash(&tcbinfo, saddr->v4, sport, daddr->v4, + inp =3D in_pcblookup_hash(pi, saddr->v4, sport, daddr->v4, dport, 0, NULL); if (inp =3D=3D NULL) { - inp =3D in_pcblookup_hash(&tcbinfo, saddr->v4, sport, + inp =3D in_pcblookup_hash(pi, saddr->v4, sport, daddr->v4, dport, INPLOOKUP_WILDCARD, NULL); if(inp =3D=3D NULL) { #if (__FreeBSD_version >=3D 500043) - INP_INFO_RUNLOCK(&tcbinfo); + INP_INFO_RUNLOCK(pi); #endif return (0); } @@ -2223,16 +2227,16 @@ case AF_INET6: #if defined(__FreeBSD__) #if (__FreeBSD_version >=3D 500043) - INP_INFO_RLOCK(&tcbinfo); + INP_INFO_RLOCK(pi); #endif - inp =3D in6_pcblookup_hash(&tcbinfo, &saddr->v6, sport, + inp =3D in6_pcblookup_hash(pi, &saddr->v6, sport, &daddr->v6, dport, 0, NULL); if (inp =3D=3D NULL) { - inp =3D in6_pcblookup_hash(&tcbinfo, &saddr->v6, sport, + inp =3D in6_pcblookup_hash(pi, &saddr->v6, sport, &daddr->v6, dport, INPLOOKUP_WILDCARD, NULL); if (inp =3D=3D NULL) { #if (__FreeBSD_version >=3D 500043) - INP_INFO_RUNLOCK(&tcbinfo); + INP_INFO_RUNLOCK(pi); #endif return (0); } @@ -2261,7 +2265,7 @@ *gid =3D inp->inp_socket->so_cred->cr_groups[0]; #if (__FreeBSD_version >=3D 500043) INP_UNLOCK(inp); - INP_INFO_RUNLOCK(&tcbinfo); + INP_INFO_RUNLOCK(pi); #endif #else *uid =3D inp->inp_socket->so_euid;