/*
* Copyright (C) 1993-2001, 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#if !defined(lint)
#endif
#ifndef SOLARIS
#endif
#if defined(__FreeBSD__) && !defined(__FreeBSD_version)
# if defined(IPFILTER_LKM)
# ifndef __FreeBSD_cc_version
# include <osreldate.h>
# else
# if __FreeBSD_cc_version < 430000
# include <osreldate.h>
# endif
# endif
# endif
#endif
# include <sys/kern_svcs.h>
#endif
#define _KERNEL
#define KERNEL
#ifdef __OpenBSD__
struct file;
#endif
#ifdef __sgi
#endif
#if !SOLARIS
# else
# endif
#else
#endif
#ifndef linux
#endif
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <ctype.h>
#include <fcntl.h>
#ifdef __hpux
# define _NET_ROUTE_INCLUDED
#endif
#ifdef sun
#endif
#if __FreeBSD_version >= 300000
#endif
#ifdef __sgi
# ifdef IFF_DRVRLOCK /* IRIX6 */
# endif
#endif
#if defined(__FreeBSD__)
# include "radix_ipf.h"
#endif
#endif
#include <netinet/in_systm.h>
#if !defined(linux)
#endif
#if defined(__osf__)
# include <netinet/tcp_timer.h>
#endif
# include "radix_ipf_local.h"
# define _RADIX_H_
#endif
#include <unistd.h>
#include <syslog.h>
#ifdef __hpux
#endif
#include "netinet/ip_compat.h"
#include "netinet/ip_state.h"
#include "netinet/ip_proxy.h"
#ifdef IPFILTER_SYNC
#endif
#ifdef IPFILTER_SCAN
#endif
#ifdef IPFILTER_COMPILED
# include "netinet/ip_rules.h"
#endif
#include "netinet/ipf_stack.h"
#endif
#ifdef __hpux
struct rtentry;
#endif
#include "md5.h"
#if !defined(__osf__)
#endif
#include "ipt.h"
static int nifs = 0;
struct sockaddr *));
struct sockaddr *));
#else
# if TRU64 >= 1885
# else
# endif
#endif
{
return 0;
}
{
return 0;
}
{
int error;
if (error)
return EFAULT;
return 0;
}
/*
* Filter ioctl interface.
*/
int dev;
int mode;
{
extern ipf_stack_t *get_ifs();
SPL_NET(s);
if (unit == IPL_LOGNAT) {
if (ifs->ifs_fr_running > 0)
else
SPL_X(s);
return error;
}
if (unit == IPL_LOGSTATE) {
if (ifs->ifs_fr_running > 0)
else
SPL_X(s);
return error;
}
if (unit == IPL_LOGAUTH) {
if (ifs->ifs_fr_running > 0) {
} else {
}
} else {
}
} else
SPL_X(s);
return error;
}
if (unit == IPL_LOGSYNC) {
#ifdef IPFILTER_SYNC
if (ifs->ifs_fr_running > 0)
else
#endif
SPL_X(s);
return error;
}
if (unit == IPL_LOGSCAN) {
#ifdef IPFILTER_SCAN
if (ifs->ifs_fr_running > 0)
else
#endif
SPL_X(s);
return error;
}
if (unit == IPL_LOGLOOKUP) {
if (ifs->ifs_fr_running > 0)
else
SPL_X(s);
return error;
}
switch (cmd)
{
case FIONREAD :
#ifdef IPFILTER_LOG
#endif
break;
case SIOCFRENB :
else {
if (error)
break;
if (tmp)
else
}
break;
case SIOCIPFSET :
break;
}
case SIOCIPFGETNEXT :
case SIOCIPFGET :
break;
case SIOCSETFF :
else
sizeof(ifs->ifs_fr_flags));
break;
case SIOCGETFF :
sizeof(ifs->ifs_fr_flags));
break;
case SIOCFUNCL :
break;
case SIOCINAFR :
case SIOCRMAFR :
case SIOCADAFR :
case SIOCZRLST :
else
break;
case SIOCINIFR :
case SIOCRMIFR :
case SIOCADIFR :
else
break;
case SIOCSWAPA :
else {
}
break;
case SIOCGETFS :
break;
case SIOCFRZST :
else
break;
case SIOCIPFFL :
else {
if (!error) {
}
}
break;
#ifdef USE_INET6
case SIOCIPFL6 :
else {
if (!error) {
}
}
break;
#endif
case SIOCSTLCK :
if (error == 0) {
} else
break;
#ifdef IPFILTER_LOG
case SIOCIPFFB :
else
break;
#endif /* IPFILTER_LOG */
case SIOCGFRST :
break;
case SIOCFRSYN :
else {
}
break;
default :
break;
}
SPL_X(s);
return error;
}
void *ifp;
{
register frentry_t *f;
f = f->fr_next)
f->fr_ifa = (void *)-1;
f = f->fr_next)
f->fr_ifa = (void *)-1;
f = f->fr_next)
f->fr_ifa = (void *)-1;
f = f->fr_next)
f->fr_ifa = (void *)-1;
#ifdef USE_INET6
f = f->fr_next)
f->fr_ifa = (void *)-1;
f = f->fr_next)
f->fr_ifa = (void *)-1;
f = f->fr_next)
f->fr_ifa = (void *)-1;
f = f->fr_next)
f->fr_ifa = (void *)-1;
#endif
}
int v;
{
}
}
#else
# if TRU64 >= 1885
char *cp;
# else
# endif
#endif
struct mbuf *m;
struct sockaddr *s;
{
return 0;
}
#else
# if TRU64 >= 1885
char *cp;
# else
# endif
#endif
struct mbuf *m;
struct sockaddr *s;
{
int fd;
#else
#endif
if (fd == -1) {
perror("open");
return -1;
}
return 0;
}
char *addr;
{
#ifdef __sgi
#else
#endif
#else
# ifdef __sgi
# else
# endif
#endif
return;
#else
# ifdef __sgi
# else
# endif
#endif
#ifdef __sgi
#else
#endif
abort();
}
}
/*ARGSUSED*/
char *name;
int v;
{
char *addr;
name = "anon0";
*addr++ = '\0';
return ifp;
}
}
#else
name = "anon0";
*addr++ = '\0';
return ifp;
}
}
#endif
if (!ifneta) {
if (!ifneta)
return NULL;
if (!ifneta[0]) {
return NULL;
}
nifs = 1;
} else {
old_ifneta = ifneta;
nifs++;
if (!ifneta) {
nifs = 0;
return NULL;
}
nifs--;
return NULL;
}
}
#else
;
if (*s && ISDIGIT(*s)) {
/*
* XXX do it more elegantly: free up mem,
* return NULL
*/
perror("malloc");
exit(1);
}
} else {
}
#endif
}
return ifp;
}
{
#else
#endif
return ifname;
}
void init_ifp()
{
int fd;
if (fd == -1)
perror("open");
else
}
#else
if (fd == -1)
perror("open");
else
}
#endif
}
{
if (!ifp)
return 0; /* no routing table out here */
# if TRU64 >= 1885
# else
# endif
#endif
return 0;
}
{
verbose("- TCP RST sent\n");
return 0;
}
int type;
int dst;
{
verbose("- ICMP unreachable sent\n");
return 0;
}
void *nic;
char *data;
{
return;
}
void m_freem(m)
mb_t *m;
{
return;
}
mb_t *m;
{
}
{
char *start;
ioc = 0;
ioc++;
continue;
}
if (left > 0)
ioc++;
}
if (left > 0)
return EFAULT;
}
return 0;
}
{
static int iss_seq_off = 0;
/*
* Compute the base value of the ISS. It is a hash
* of (saddr, sport, daddr, dport, secret).
*/
/* MD5Update(&ctx, ipf_iss_secret, sizeof(ipf_iss_secret)); */
/*
* Now increment our "timer", and add it in to
* the computed value.
*
* XXX Use `addin'?
* XXX TCP_ISSINCR too large to use?
*/
iss_seq_off += 0x00010000;
newiss += iss_seq_off;
return newiss;
}
/* ------------------------------------------------------------------------ */
/* Function: fr_nextipid */
/* Returns: int - 0 == success, -1 == error (packet should be droppped) */
/* Parameters: fin(I) - pointer to packet information */
/* */
/* Returns the next IPv4 ID to use for this packet. */
/* ------------------------------------------------------------------------ */
{
return id;
}
{
}
#ifdef USE_INET6
{
}
#endif
/*
* See above for description, except that all addressing is in user space.
*/
{
return 0;
}
/*
* See above for description, except that all addressing is in user space.
*/
{
return 0;
}
/*
* return the first IP Address associated with an interface
*/
int v, atype;
void *ifptr;
{
#ifdef __sgi
#else
#endif
#else
# ifdef __sgi
# else
# endif
#endif
#ifdef __sgi
#else
#endif
}
return 0;
}
/*
* This function is not meant to be random, rather just produce a
* sequence of numbers that isn't linear to show "randomness".
*/
{
static int calls = 0;
int number;
calls++;
/*
* These are deliberately chosen to ensure that there is some
* attempt to test whether the output covers the range in test n18.
*/
switch (calls)
{
case 1 :
number = 0;
break;
case 2 :
number = 4;
break;
case 3 :
number = 3999;
break;
case 4 :
number = 4000;
break;
case 5 :
number = 48999;
break;
case 6 :
number = 49000;
break;
default :
last++;
break;
}
return number;
}