Date: Sun, 9 Jul 1995 20:59:29 +1000 (EST) From: michael butler <imb@scgt.oz.au> To: current@freebsd.org Subject: ipfw panics Message-ID: <199507091059.UAA17555@asstdc.scgt.oz.au>
index | next in thread | raw e-mail
Bill Fenner (fenner@parc.xerox.com) sent me this set of patches but I
haven't heard from him since I acknowledged that they worked. Consequently,
I apologize in advance if this is "bad form", however, if anyone else is
trying to use "ipfw addf reject", they do solve a show-stopper .. relative
to this afternoon's sup ..
diff -r -c ./ip_fw.c /usr/custom/netinet/ip_fw.c
*** ./ip_fw.c Tue Jul 4 19:06:08 1995
--- /usr/custom/netinet/ip_fw.c Sun Jul 9 17:23:14 1995
***************
*** 104,110 ****
#ifdef IPFIREWALL
int
! ip_fw_chk(ip, rif, chain)
struct ip *ip;
struct ifnet *rif;
struct ip_fw *chain;
--- 104,111 ----
#ifdef IPFIREWALL
int
! ip_fw_chk(m, ip, rif, chain)
! struct mbuf *m;
struct ip *ip;
struct ifnet *rif;
struct ip_fw *chain;
***************
*** 115,121 ****
struct icmp *icmp = (struct icmp *) ((u_long *) ip + ip->ip_hl);
struct ifaddr *ia = NULL, *ia_p;
struct in_addr src, dst, ia_i;
- struct mbuf *m;
u_short src_port = 0, dst_port = 0;
u_short f_prt = 0, prt;
char notcpsyn = 1;
--- 116,121 ----
***************
*** 302,308 ****
return TRUE;
bad_packet:
- m = dtom(ip);
if (f != NULL) {
/*
* Do not ICMP reply to icmp packets....:) or to packets
--- 302,307 ----
diff -r -c ./ip_fw.h /usr/custom/netinet/ip_fw.h
*** ./ip_fw.h Tue May 30 21:00:09 1995
--- /usr/custom/netinet/ip_fw.h Sun Jul 9 17:23:26 1995
***************
*** 126,132 ****
/*
* Function pointers.
*/
! extern int (*ip_fw_chk_ptr)(struct ip *,struct ifnet *,struct ip_fw *);
extern int (*ip_fw_ctl_ptr)(int,struct mbuf *);
extern void (*ip_acct_cnt_ptr)(struct ip *,struct ifnet *,struct ip_fw *,int);
--- 126,132 ----
/*
* Function pointers.
*/
! extern int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *,struct ifnet *,struct ip_fw *);
extern int (*ip_fw_ctl_ptr)(int,struct mbuf *);
extern void (*ip_acct_cnt_ptr)(struct ip *,struct ifnet *,struct ip_fw *,int);
***************
*** 135,141 ****
/*
* Function definitions.
*/
! int ip_fw_chk(struct ip *,struct ifnet *,struct ip_fw *);
int ip_fw_ctl(int,struct mbuf *);
void ip_acct_cnt(struct ip *,struct ifnet *,struct ip_fw *,int);
--- 135,141 ----
/*
* Function definitions.
*/
! int ip_fw_chk(struct mbuf *, struct ip *,struct ifnet *,struct ip_fw *);
int ip_fw_ctl(int,struct mbuf *);
void ip_acct_cnt(struct ip *,struct ifnet *,struct ip_fw *,int);
diff -r -c ./ip_fwdef.c /usr/custom/netinet/ip_fwdef.c
*** ./ip_fwdef.c Tue Jul 4 19:06:09 1995
--- /usr/custom/netinet/ip_fwdef.c Sun Jul 9 17:23:38 1995
***************
*** 38,47 ****
struct ip_fw *ip_acct_chain;
#ifdef IPFIREWALL
! int (*ip_fw_chk_ptr)(struct ip *, struct ifnet *, struct ip_fw *) = &ip_fw_chk;
int (*ip_fw_ctl_ptr)(int, struct mbuf *) = &ip_fw_ctl;
#else
! int (*ip_fw_chk_ptr)(struct ip *, struct ifnet *, struct ip_fw *);
int (*ip_fw_ctl_ptr)(int, struct mbuf *);
#endif
--- 38,47 ----
struct ip_fw *ip_acct_chain;
#ifdef IPFIREWALL
! int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *, struct ifnet *, struct ip_fw *) = &ip_fw_chk;
int (*ip_fw_ctl_ptr)(int, struct mbuf *) = &ip_fw_ctl;
#else
! int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *, struct ifnet *, struct ip_fw *);
int (*ip_fw_ctl_ptr)(int, struct mbuf *);
#endif
diff -r -c ./ip_input.c /usr/custom/netinet/ip_input.c
*** ./ip_input.c Wed Jun 28 07:04:11 1995
--- /usr/custom/netinet/ip_input.c Sun Jul 9 17:24:00 1995
***************
*** 242,248 ****
*/
if (ip_fw_chk_ptr!=NULL)
! if (!(*ip_fw_chk_ptr)(ip,m->m_pkthdr.rcvif,ip_fw_chain) ) {
goto next;
}
--- 242,248 ----
*/
if (ip_fw_chk_ptr!=NULL)
! if (!(*ip_fw_chk_ptr)(m,ip,m->m_pkthdr.rcvif,ip_fw_chain) ) {
goto next;
}
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199507091059.UAA17555>