Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 9 Jul 1995 20:59:29 +1000 (EST)
From:      michael butler <imb@scgt.oz.au>
To:        current@freebsd.org
Subject:   ipfw panics
Message-ID:  <199507091059.UAA17555@asstdc.scgt.oz.au>

next in thread | raw e-mail | index | archive | help
Bill Fenner (fenner@parc.xerox.com) sent me this set of patches but I
haven't heard from him since I acknowledged that they worked. Consequently,
I apologize in advance if this is "bad form", however, if anyone else is
trying to use "ipfw addf reject", they do solve a show-stopper .. relative
to this afternoon's sup ..

diff -r -c ./ip_fw.c /usr/custom/netinet/ip_fw.c
*** ./ip_fw.c	Tue Jul  4 19:06:08 1995
--- /usr/custom/netinet/ip_fw.c	Sun Jul  9 17:23:14 1995
***************
*** 104,110 ****
  
  #ifdef IPFIREWALL
  int 
! ip_fw_chk(ip, rif, chain)
  	struct ip *ip;
  	struct ifnet *rif;
  	struct ip_fw *chain;
--- 104,111 ----
  
  #ifdef IPFIREWALL
  int 
! ip_fw_chk(m, ip, rif, chain)
! 	struct mbuf *m;
  	struct ip *ip;
  	struct ifnet *rif;
  	struct ip_fw *chain;
***************
*** 115,121 ****
  	struct icmp *icmp = (struct icmp *) ((u_long *) ip + ip->ip_hl);
  	struct ifaddr *ia = NULL, *ia_p;
  	struct in_addr src, dst, ia_i;
- 	struct mbuf *m;
  	u_short src_port = 0, dst_port = 0;
  	u_short f_prt = 0, prt;
  	char notcpsyn = 1;
--- 116,121 ----
***************
*** 302,308 ****
  		return TRUE;
  
  bad_packet:
- 	m = dtom(ip);
  	if (f != NULL) {
  		/*
  		 * Do not ICMP reply to icmp packets....:) or to packets
--- 302,307 ----
diff -r -c ./ip_fw.h /usr/custom/netinet/ip_fw.h
*** ./ip_fw.h	Tue May 30 21:00:09 1995
--- /usr/custom/netinet/ip_fw.h	Sun Jul  9 17:23:26 1995
***************
*** 126,132 ****
  /*
   * Function pointers.
   */
! extern int (*ip_fw_chk_ptr)(struct ip *,struct ifnet *,struct ip_fw *);
  extern int (*ip_fw_ctl_ptr)(int,struct mbuf *);
  
  extern void (*ip_acct_cnt_ptr)(struct ip *,struct ifnet *,struct ip_fw *,int);
--- 126,132 ----
  /*
   * Function pointers.
   */
! extern int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *,struct ifnet *,struct ip_fw *);
  extern int (*ip_fw_ctl_ptr)(int,struct mbuf *);
  
  extern void (*ip_acct_cnt_ptr)(struct ip *,struct ifnet *,struct ip_fw *,int);
***************
*** 135,141 ****
  /*
   * Function definitions.
   */
! int ip_fw_chk(struct ip *,struct ifnet *,struct ip_fw *);
  int ip_fw_ctl(int,struct mbuf *);
  
  void ip_acct_cnt(struct ip *,struct ifnet *,struct ip_fw *,int);
--- 135,141 ----
  /*
   * Function definitions.
   */
! int ip_fw_chk(struct mbuf *, struct ip *,struct ifnet *,struct ip_fw *);
  int ip_fw_ctl(int,struct mbuf *);
  
  void ip_acct_cnt(struct ip *,struct ifnet *,struct ip_fw *,int);
diff -r -c ./ip_fwdef.c /usr/custom/netinet/ip_fwdef.c
*** ./ip_fwdef.c	Tue Jul  4 19:06:09 1995
--- /usr/custom/netinet/ip_fwdef.c	Sun Jul  9 17:23:38 1995
***************
*** 38,47 ****
  struct  ip_fw *ip_acct_chain;
  
  #ifdef IPFIREWALL
! int (*ip_fw_chk_ptr)(struct ip *, struct ifnet *, struct ip_fw *) = &ip_fw_chk;
  int (*ip_fw_ctl_ptr)(int, struct mbuf *) = &ip_fw_ctl;
  #else
! int (*ip_fw_chk_ptr)(struct ip *, struct ifnet *, struct ip_fw *);
  int (*ip_fw_ctl_ptr)(int, struct mbuf *);
  #endif
  
--- 38,47 ----
  struct  ip_fw *ip_acct_chain;
  
  #ifdef IPFIREWALL
! int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *, struct ifnet *, struct ip_fw *) = &ip_fw_chk;
  int (*ip_fw_ctl_ptr)(int, struct mbuf *) = &ip_fw_ctl;
  #else
! int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *, struct ifnet *, struct ip_fw *);
  int (*ip_fw_ctl_ptr)(int, struct mbuf *);
  #endif
  
diff -r -c ./ip_input.c /usr/custom/netinet/ip_input.c
*** ./ip_input.c	Wed Jun 28 07:04:11 1995
--- /usr/custom/netinet/ip_input.c	Sun Jul  9 17:24:00 1995
***************
*** 242,248 ****
   	 */
  
          if (ip_fw_chk_ptr!=NULL)
!                if (!(*ip_fw_chk_ptr)(ip,m->m_pkthdr.rcvif,ip_fw_chain) ) {
                         goto next;
                 }
  
--- 242,248 ----
   	 */
  
          if (ip_fw_chk_ptr!=NULL)
!                if (!(*ip_fw_chk_ptr)(m,ip,m->m_pkthdr.rcvif,ip_fw_chain) ) {
                         goto next;
                 }
  




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199507091059.UAA17555>