minix/pkgsrc-ng
1
0
Fork 0
mirror of https://github.com/Stichting-MINIX-Research-Foundation/pkgsrc-ng.git synced 2025-08-03 09:48:00 -04:00
Code Issues Packages Projects Releases Wiki Activity
pkgsrc-ng/sysutils/pftop/patches/patch-ah
Lionel Sambuc 785076ae39 Import of pkgsrc-2013Q2
2013-09-26 17:14:40 +02:00

436 lines
11 KiB
Plaintext
Raw Blame History

$NetBSD: patch-ah,v 1.3 2011/02/09 22:51:38 rumko Exp $
$OpenBSD: patch-sf-gencode_c,v 1.1 2008/06/13 00:38:12 canacar Exp $
* DragonFly compatibility
* Patches to support PF > 4.1 taken from OpenBSD's ports.
--- sf-gencode.c.orig 2007-11-07 07:34:18 +0100
+++ sf-gencode.c 2010-09-16 01:35:22 +0200
@@ -32,8 +32,12 @@
#include <netinet/in.h>
#include <netinet/if_ether.h>
-#include <net/if_pflog.h>
+#ifdef __DragonFly__
+#include <sys/param.h>
+#include <net/pf/pfvar.h>
+#else
#include <net/pfvar.h>
+#endif /* !__DragonFly__ */
#include <netdb.h>
#include <stdlib.h>
@@ -44,7 +48,7 @@
#define INET6
-#include <pcap-int.h>
+#include "pcap-int.h"
#include <pcap-namedb.h>
#include "sf-gencode.h"
@@ -60,7 +64,11 @@
static char sf_errbuf[PFTOP_ERRBUF_SIZE];
/* VARARGS */
+#ifdef __DragonFly__
+void
+#else
__dead void
+#endif
sf_error(const char *fmt, ...)
{
va_list ap;
@@ -474,6 +482,106 @@
(bpf_int32)proto));
}
+#ifdef HAVE_PFSYNC_KEY
+static struct block *
+gen_hostop(bpf_u_int32 addr, bpf_u_int32 mask, int dir)
+{
+ struct block *b0, *b1, *b2, *bi, *bo;
+ const static int isrc_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v4);
+ const static int osrc_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v4);
+ const static int idst_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v4);
+ const static int odst_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v4);
+
+ const static int igwy1_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v4);
+ const static int ogwy1_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v4);
+ const static int igwy2_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v4);
+ const static int ogwy2_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v4);
+
+#if !defined(__DragonFly__)
+ addr = ntohl(addr);
+ mask = ntohl(mask);
+#endif
+
+ bi = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_IN);
+ bo = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_OUT);
+
+ switch (dir) {
+
+ case Q_SRC:
+ b1 = gen_mcmp(osrc_off, BPF_W, addr, mask);
+ gen_and(bo, b1);
+ b0 = gen_mcmp(isrc_off, BPF_W, addr, mask);
+ gen_and(bi, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_DST:
+ b1 = gen_mcmp(odst_off, BPF_W, addr, mask);
+ gen_and(bo, b1);
+ b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
+ gen_and(bi, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_GATEWAY:
+ /* (in && (addr == igwy1 || addr == igwy2)) ||
+ (out && (addr == ogwy1 || addr == ogwy2)) phew! */
+ b1 = gen_mcmp(igwy1_off, BPF_W, addr, mask);
+ b0 = gen_mcmp(igwy2_off, BPF_W, addr, mask);
+ gen_or(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_mcmp(ogwy1_off, BPF_W, addr, mask);
+ b0 = gen_mcmp(ogwy2_off, BPF_W, addr, mask);
+ gen_or(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_AND:
+ b1 = gen_mcmp(isrc_off, BPF_W, addr, mask);
+ b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
+ gen_and(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_mcmp(osrc_off, BPF_W, addr, mask);
+ b0 = gen_mcmp(odst_off, BPF_W, addr, mask);
+ gen_and(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_OR:
+ b1 = gen_mcmp(isrc_off, BPF_W, addr, mask);
+ b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
+ gen_or(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_mcmp(osrc_off, BPF_W, addr, mask);
+ b0 = gen_mcmp(odst_off, BPF_W, addr, mask);
+ gen_or(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_DEFAULT:
+ b1 = gen_mcmp(isrc_off, BPF_W, addr, mask);
+ b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
+ gen_or(b0, b1);
+ b0 = gen_mcmp(osrc_off, BPF_W, addr, mask);
+ gen_or(b0, b1);
+ b0 = gen_mcmp(odst_off, BPF_W, addr, mask);
+ gen_or(b0, b1);
+ break;
+
+ default:
+ sf_error("Internal error: Invalid direcion specifier: %d", dir);
+ }
+
+ b0 = gen_linktype(ETHERTYPE_IP);
+ gen_and(b0, b1);
+
+ return b1;
+}
+
+#else
static struct block *
gen_hostop(bpf_u_int32 addr, bpf_u_int32 mask, int dir)
{
@@ -482,8 +590,10 @@
const static int gwy_off = offsetof(pf_state_t, gwy.addr.v4);
const static int ext_off = offsetof(pf_state_t, ext.addr.v4);
+#if !defined(__DragonFly__)
addr = ntohl(addr);
mask = ntohl(mask);
+#endif
switch (dir) {
@@ -542,6 +652,7 @@
return b1;
}
+#endif
static struct block *
gen_hostcmp6(u_int off, u_int32_t *a, u_int32_t *m)
@@ -560,6 +671,105 @@
return b1;
}
+#ifdef HAVE_PFSYNC_KEY
+static struct block *
+gen_hostop6(struct in6_addr *addr, struct in6_addr *mask, int dir)
+
+{
+ struct block *b0, *b1, *b2, *bi, *bo;
+ u_int32_t *a, *m;
+ const static int isrc_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v6);
+ const static int osrc_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v6);
+ const static int idst_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v6);
+ const static int odst_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v6);
+
+ const static int igwy1_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v6);
+ const static int ogwy1_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v6);
+ const static int igwy2_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v6);
+ const static int ogwy2_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v6);
+
+ a = (u_int32_t *)addr;
+ m = (u_int32_t *)mask;
+
+ bi = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_IN);
+ bo = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_OUT);
+
+ switch (dir) {
+
+ case Q_SRC:
+ b1 = gen_hostcmp6(osrc_off, a, m);
+ gen_and(bo, b1);
+ b0 = gen_hostcmp6(isrc_off, a, m);
+ gen_and(bi, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_DST:
+ b1 = gen_hostcmp6(odst_off, a, m);
+ gen_and(bo, b1);
+ b0 = gen_hostcmp6(idst_off, a, m);
+ gen_and(bi, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_GATEWAY:
+ /* (in && (addr == igwy1 || addr == igwy2)) ||
+ (out && (addr == ogwy1 || addr == ogwy2)) phew! */
+ b1 = gen_hostcmp6(igwy1_off, a, m);
+ b0 = gen_hostcmp6(igwy2_off, a, m);
+ gen_or(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_hostcmp6(ogwy1_off, a, m);
+ b0 = gen_hostcmp6(ogwy2_off, a, m);
+ gen_or(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_AND:
+ b1 = gen_hostcmp6(isrc_off, a, m);
+ b0 = gen_hostcmp6(idst_off, a, m);
+ gen_and(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_hostcmp6(osrc_off, a, m);
+ b0 = gen_hostcmp6(odst_off, a, m);
+ gen_and(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_OR:
+ b1 = gen_hostcmp6(isrc_off, a, m);
+ b0 = gen_hostcmp6(idst_off, a, m);
+ gen_or(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_hostcmp6(osrc_off, a, m);
+ b0 = gen_hostcmp6(odst_off, a, m);
+ gen_or(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_DEFAULT:
+ b1 = gen_hostcmp6(isrc_off, a, m);
+ b0 = gen_hostcmp6(idst_off, a, m);
+ gen_or(b0, b1);
+ b0 = gen_hostcmp6(osrc_off, a, m);
+ gen_or(b0, b1);
+ b0 = gen_hostcmp6(odst_off, a, m);
+ gen_or(b0, b1);
+ break;
+
+ default:
+ sf_error("Internal error: Invalid direcion specifier: %d", dir);
+ }
+
+ b0 = gen_linktype(ETHERTYPE_IPV6);
+ gen_and(b0, b1);
+
+ return b1;
+}
+#else
static struct block *
gen_hostop6(struct in6_addr *addr, struct in6_addr *mask, int dir)
{
@@ -630,6 +840,7 @@
gen_and(b0, b1);
return b1;
}
+#endif
static const char *
get_modifier_by_id(int id)
@@ -733,13 +944,17 @@
b1 = gen_proto(IPPROTO_ESP);
break;
+#ifdef IPPROTO_PFSYNC
case Q_PFSYNC:
b1 = gen_proto(IPPROTO_PFSYNC);
break;
+#endif /* IPPROTO_PFSYNC */
+#ifdef IPPROTO_CARP
case Q_CARP:
b1 = gen_proto(IPPROTO_CARP);
break;
+#endif /* IPPROTO_CARP */
default:
sf_error("Unknown protocol abbreviation");
@@ -748,6 +963,106 @@
return b1;
}
+#ifdef HAVE_PFSYNC_KEY
+struct block *
+gen_portop(int port, int proto, int dir)
+{
+ struct block *b0, *b1, *b2, *bi, *bo;
+ const static int isrc_off = offsetof(pf_state_t, key[PF_SK_STACK].port[0]);
+ const static int osrc_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[1]);
+ const static int idst_off = offsetof(pf_state_t, key[PF_SK_STACK].port[1]);
+ const static int odst_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[0]);
+
+ const static int igwy1_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[0]);
+ const static int ogwy1_off = offsetof(pf_state_t, key[PF_SK_STACK].port[1]);
+ const static int igwy2_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[1]);
+ const static int ogwy2_off = offsetof(pf_state_t, key[PF_SK_STACK].port[0]);
+
+#if !defined(__DragonFly__)
+ port = ntohs(port);
+#endif
+
+ bi = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_IN);
+ bo = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_OUT);
+
+ switch (dir) {
+
+ case Q_SRC:
+ b1 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
+ gen_and(bo, b1);
+ b0 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
+ gen_and(bi, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_DST:
+ b1 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
+ gen_and(bo, b1);
+ b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
+ gen_and(bi, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_GATEWAY:
+ /* (in && (addr == igwy1 || addr == igwy2)) ||
+ (out && (addr == ogwy1 || addr == ogwy2)) phew! */
+ b1 = gen_cmp(igwy1_off, BPF_H, (bpf_int32)port);
+ b0 = gen_cmp(igwy2_off, BPF_H, (bpf_int32)port);
+ gen_or(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_cmp(ogwy1_off, BPF_H, (bpf_int32)port);
+ b0 = gen_cmp(ogwy2_off, BPF_H, (bpf_int32)port);
+ gen_or(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_AND:
+ b1 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
+ b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
+ gen_and(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
+ b0 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
+ gen_and(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_OR:
+ b1 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
+ b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
+ gen_or(b0, b1);
+ gen_and(bi, b1);
+ b2 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
+ b0 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
+ gen_or(b2, b0);
+ gen_and(bo, b0);
+ gen_or(b0, b1);
+ break;
+
+ case Q_DEFAULT:
+ b1 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
+ b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
+ gen_or(b0, b1);
+ b0 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
+ gen_or(b0, b1);
+ b0 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
+ gen_or(b0, b1);
+ break;
+
+ default:
+ sf_error("Internal error: Invalid direcion specifier: %d", dir);
+ }
+
+
+
+ b0 = gen_proto(proto);
+ gen_and(b0, b1);
+
+ return b1;
+}
+#else
struct block *
gen_portop(int port, int proto, int dir)
{
@@ -756,7 +1071,9 @@
const static int gwy_off = offsetof(pf_state_t, gwy.port);
const static int ext_off = offsetof(pf_state_t, ext.port);
+#if !defined(__DragonFly__)
port = ntohs(port);
+#endif
switch (dir) {
@@ -815,6 +1132,7 @@
return b1;
}
+#endif
static struct block *
gen_port(int port, int ip_proto, int dir)
@@ -1560,7 +1878,7 @@
/* NOTREACHED */
}
- b0 = gen_bcmp(off, strlen(ifname), ifname);
+ b0 = gen_bcmp(off, strlen(ifname), (const u_char *)ifname);
return (b0);
#else
sf_error("ifname not supported in this OpenBSD release");
Reference in New Issue View Git Blame Copy Permalink