| blob | a4191c69e1b3830cb79f1de5af38e2d138799297 |
1 /*
2 * Copyright (C) 1993-2001, 2003 by Darren Reed.
3 *
4 * See the IPFILTER.LICENCE file for details on licencing.
5 *
6 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
7 * Use is subject to license terms.
8 */
10 #ifdef SOLARIS
11 #undef SOLARIS
12 #endif
13 #if (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
14 #define SOLARIS (1)
15 #else
16 #define SOLARIS (0)
17 #endif
19 #include <sys/param.h>
20 #if defined(__FreeBSD__) && !defined(__FreeBSD_version)
21 # if defined(IPFILTER_LKM)
22 # ifndef __FreeBSD_cc_version
23 # include <osreldate.h>
24 # else
25 # if __FreeBSD_cc_version < 430000
26 # include <osreldate.h>
27 # endif
28 # endif
29 # endif
30 #endif
31 #include <sys/errno.h>
32 #if defined(__hpux) && (HPUXREV >= 1111) && !defined(_KERNEL)
33 # include <sys/kern_svcs.h>
34 #endif
35 #include <sys/types.h>
36 #define _KERNEL
37 #define KERNEL
38 #ifdef __OpenBSD__
40 #endif
41 #include <sys/uio.h>
42 #undef _KERNEL
43 #undef KERNEL
44 #include <sys/file.h>
45 #include <sys/ioctl.h>
46 #ifdef __sgi
47 # include <sys/ptimers.h>
48 #endif
49 #include <sys/time.h>
50 #if !defined(SOLARIS)
51 # if (NetBSD > 199609) || (OpenBSD > 199603) || (__FreeBSD_version >= 300000)
52 # include <sys/dirent.h>
53 # else
54 # include <sys/dir.h>
55 # endif
56 #else
57 # include <sys/filio.h>
58 #endif
59 #ifndef linux
60 # include <sys/protosw.h>
61 #endif
62 #include <sys/socket.h>
64 #include <stdio.h>
65 #include <string.h>
66 #include <stdlib.h>
67 #include <ctype.h>
68 #include <fcntl.h>
69 #include <sys/zone.h>
70 #include <arpa/inet.h>
72 #ifdef __hpux
73 # define _NET_ROUTE_INCLUDED
74 #endif
75 #include <net/if.h>
76 #ifdef sun
77 # include <net/af.h>
78 #endif
79 #if __FreeBSD_version >= 300000
80 # include <net/if_var.h>
81 #endif
82 #ifdef __sgi
83 #include <sys/debug.h>
85 #include <sys/hashing.h>
86 # endif
87 #endif
88 #if defined(__FreeBSD__)
90 #endif
91 #include <net/route.h>
92 #include <netinet/in.h>
94 !defined(__hpux) && !defined(linux)
95 # include <netinet/in_var.h>
96 #endif
97 #include <netinet/in_systm.h>
98 #include <netinet/ip.h>
99 #if !defined(linux)
100 # include <netinet/ip_var.h>
101 #endif
102 #include <netinet/tcp.h>
103 #if defined(__osf__)
104 # include <netinet/tcp_timer.h>
105 #endif
106 #if defined(__osf__) || defined(__hpux) || defined(__sgi)
108 # define _RADIX_H_
109 #endif
110 #include <netinet/udp.h>
111 #include <netinet/tcpip.h>
112 #include <netinet/ip_icmp.h>
113 #include <unistd.h>
114 #include <syslog.h>
115 #ifdef __hpux
116 # undef _NET_ROUTE_INCLUDED
117 #endif
125 #ifdef IPFILTER_SYNC
127 #endif
128 #ifdef IPFILTER_SCAN
130 #endif
132 #ifdef IPFILTER_COMPILED
134 #endif
136 #if defined(__FreeBSD_version) && (__FreeBSD_version >= 300000)
137 # include <sys/malloc.h>
138 #endif
139 #ifdef __hpux
141 #endif
145 #if !defined(__osf__)
147 #endif
156 #if defined(__sgi) && (IRIX < 60500)
161 #else
162 # if TRU64 >= 1885
167 # else
172 # endif
173 #endif
178 {
181 }
186 {
189 }
193 caddr_t data;
195 {
196 friostat_t fio;
207 }
210 /*
211 * Filter ioctl interface.
212 */
215 ioctlcmd_t cmd;
216 caddr_t data;
218 {
220 friostat_t fio;
234 else
238 }
242 else
246 }
256 }
260 }
265 }
267 #ifdef IPFILTER_SYNC
270 else
271 #endif
275 }
277 #ifdef IPFILTER_SCAN
280 else
281 #endif
285 }
290 else
294 }
297 {
299 #ifdef IPFILTER_LOG
302 #endif
313 else
315 }
321 }
322 /* FALLTHROUGH */
330 else
347 else
356 else
366 }
375 else
386 }
387 }
389 #ifdef USE_INET6
398 }
399 }
401 #endif
412 #ifdef IPFILTER_LOG
416 else
428 }
433 }
436 }
442 {
462 #ifdef USE_INET6
479 #endif
483 }
490 {
497 }
498 }
501 #if defined(__sgi) && (IRIX < 60500)
503 #else
504 # if TRU64 >= 1885
507 # else
509 # endif
511 #endif
515 {
517 }
520 #if defined(__sgi) && (IRIX < 60500)
522 #else
523 # if TRU64 >= 1885
526 # else
528 # endif
530 #endif
534 {
543 #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \
544 (defined(OpenBSD) && (OpenBSD >= 199603)) || defined(linux) || \
545 (defined(__FreeBSD__) && (__FreeBSD_version >= 501113))
547 #else
549 #endif
554 }
558 }
564 {
565 #ifdef __sgi
567 #else
569 #endif
571 #if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__)
573 #else
574 # ifdef __sgi
576 # else
578 # endif
579 #endif
583 #if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__)
585 #else
586 # ifdef __sgi
588 # else
590 # endif
591 #endif
596 #ifdef __sgi
598 #else
600 #endif
604 }
605 }
607 /*ARGSUSED*/
612 {
615 #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \
616 (defined(OpenBSD) && (OpenBSD >= 199603)) || defined(linux) || \
617 (defined(__FreeBSD__) && (__FreeBSD_version >= 501113))
631 }
632 }
633 #else
649 }
650 }
651 #endif
662 }
666 nifs++;
673 }
677 nifs--;
679 }
680 }
683 #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \
684 (defined(OpenBSD) && (OpenBSD >= 199603)) || defined(linux) || \
685 (defined(__FreeBSD__) && (__FreeBSD_version >= 501113))
687 #else
689 ;
694 /*
695 * XXX do it more elegantly: free up mem,
696 * return NULL
697 */
700 }
706 }
707 #endif
712 }
715 }
720 {
723 #if defined(__OpenBSD__) || defined(__NetBSD__) || defined(linux) || \
724 (defined(__FreeBSD__) && (__FreeBSD_version >= 501113))
726 #else
728 #endif
730 }
735 {
740 #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \
741 (defined(OpenBSD) && (OpenBSD >= 199603)) || defined(linux) || \
742 (defined(__FreeBSD__) && (__FreeBSD_version >= 501113))
749 else
751 }
752 #else
760 else
762 }
763 #endif
764 }
771 {
781 #if defined(__sgi) && (IRIX < 60500)
783 # if TRU64 >= 1885
785 # else
787 # endif
788 #endif
790 }
795 {
798 }
805 {
808 }
816 {
818 }
823 {
825 }
831 caddr_t cp;
832 {
834 }
838 caddr_t buf;
841 {
860 ioc++;
862 }
868 ioc++;
869 }
872 }
874 }
879 {
882 u_32_t newiss;
883 MD5_CTX ctx;
885 /*
886 * Compute the base value of the ISS. It is a hash
887 * of (saddr, sport, daddr, dport, secret).
888 */
897 /* MD5Update(&ctx, ipf_iss_secret, sizeof(ipf_iss_secret)); */
903 /*
904 * Now increment our "timer", and add it in to
905 * the computed value.
906 *
907 * XXX Use `addin'?
908 * XXX TCP_ISSINCR too large to use?
909 */
913 }
916 /* ------------------------------------------------------------------------ */
917 /* Function: fr_nextipid */
918 /* Returns: int - 0 == success, -1 == error (packet should be droppped) */
919 /* Parameters: fin(I) - pointer to packet information */
920 /* */
921 /* Returns the next IPv4 ID to use for this packet. */
922 /* ------------------------------------------------------------------------ */
925 {
927 u_short id;
935 }
940 {
943 }
946 #ifdef USE_INET6
949 {
952 }
953 #endif
956 /*
957 * See above for description, except that all addressing is in user space.
958 */
962 {
963 caddr_t ca;
968 }
971 /*
972 * See above for description, except that all addressing is in user space.
973 */
977 {
978 caddr_t ca;
983 }
986 /*
987 * return the first IP Address associated with an interface
988 */
994 {
996 #ifdef __sgi
998 #else
1000 #endif
1002 #if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__)
1004 #else
1005 # ifdef __sgi
1007 # else
1009 # endif
1010 #endif
1016 #ifdef __sgi
1018 #else
1020 #endif
1023 }
1025 }
1028 /*
1029 * This function is not meant to be random, rather just produce a
1030 * sequence of numbers that isn't linear to show "randomness".
1031 */
1033 {
1038 calls++;
1040 /*
1041 * These are deliberately chosen to ensure that there is some
1042 * attempt to test whether the output covers the range in test n18.
1043 */
1045 {
1067 last++;
1070 }
1072 }