diff options
-rw-r--r-- | sys/net/pf.c | 25 | ||||
-rw-r--r-- | sys/net/pf_norm.c | 6 | ||||
-rw-r--r-- | sys/net/pf_table.c | 26 |
3 files changed, 29 insertions, 28 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index c1aec3ffd8f..97be41f3ace 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.294 2003/01/02 01:56:56 dhartmei Exp $ */ +/* $OpenBSD: pf.c,v 1.295 2003/01/03 19:31:43 deraadt Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1801,7 +1801,7 @@ pf_test_tcp(struct pf_rule **rm, int direction, struct ifnet *ifp, bport = nport = th->th_sport; /* check outgoing packet for BINAT/NAT */ if ((nat = pf_get_translation(PF_OUT, ifp, IPPROTO_TCP, - saddr, th->th_sport, daddr, th->th_dport, + saddr, th->th_sport, daddr, th->th_dport, &naddr, &nport, af)) != NULL) { PF_ACPY(&baddr, saddr, af); pf_change_ap(saddr, &th->th_sport, pd->ip_sum, @@ -1812,7 +1812,7 @@ pf_test_tcp(struct pf_rule **rm, int direction, struct ifnet *ifp, bport = nport = th->th_dport; /* check incoming packet for BINAT/RDR */ if ((rdr = pf_get_translation(PF_IN, ifp, IPPROTO_TCP, - saddr, th->th_sport, daddr, th->th_dport, + saddr, th->th_sport, daddr, th->th_dport, &naddr, &nport, af)) != NULL) { PF_ACPY(&baddr, daddr, af); pf_change_ap(daddr, &th->th_dport, pd->ip_sum, @@ -2054,7 +2054,7 @@ pf_test_udp(struct pf_rule **rm, int direction, struct ifnet *ifp, bport = nport = uh->uh_sport; /* check outgoing packet for BINAT/NAT */ if ((nat = pf_get_translation(PF_OUT, ifp, IPPROTO_UDP, - saddr, uh->uh_sport, daddr, uh->uh_dport, + saddr, uh->uh_sport, daddr, uh->uh_dport, &naddr, &nport, af)) != NULL) { PF_ACPY(&baddr, saddr, af); pf_change_ap(saddr, &uh->uh_sport, pd->ip_sum, @@ -2065,7 +2065,7 @@ pf_test_udp(struct pf_rule **rm, int direction, struct ifnet *ifp, bport = nport = uh->uh_dport; /* check incoming packet for BINAT/RDR */ if ((rdr = pf_get_translation(PF_IN, ifp, IPPROTO_UDP, - saddr, uh->uh_sport, daddr, uh->uh_dport, + saddr, uh->uh_sport, daddr, uh->uh_dport, &naddr, &nport, af)) != NULL) { PF_ACPY(&baddr, daddr, af); pf_change_ap(daddr, &uh->uh_dport, pd->ip_sum, @@ -2312,7 +2312,7 @@ pf_test_icmp(struct pf_rule **rm, int direction, struct ifnet *ifp, if (direction == PF_OUT) { /* check outgoing packet for BINAT/NAT */ if ((nat = pf_get_translation(PF_OUT, ifp, pd->proto, - saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { + saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { PF_ACPY(&baddr, saddr, af); switch (af) { #ifdef INET @@ -2333,7 +2333,7 @@ pf_test_icmp(struct pf_rule **rm, int direction, struct ifnet *ifp, } else { /* check incoming packet for BINAT/RDR */ if ((rdr = pf_get_translation(PF_IN, ifp, pd->proto, - saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { + saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { PF_ACPY(&baddr, daddr, af); switch (af) { #ifdef INET @@ -2520,7 +2520,7 @@ pf_test_other(struct pf_rule **rm, int direction, struct ifnet *ifp, if (direction == PF_OUT) { /* check outgoing packet for BINAT/NAT */ if ((nat = pf_get_translation(PF_OUT, ifp, pd->proto, - saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { + saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { PF_ACPY(&baddr, saddr, af); switch (af) { #ifdef INET @@ -2539,7 +2539,7 @@ pf_test_other(struct pf_rule **rm, int direction, struct ifnet *ifp, } else { /* check incoming packet for BINAT/RDR */ if ((rdr = pf_get_translation(PF_IN, ifp, pd->proto, - saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { + saddr, 0, daddr, 0, &naddr, NULL, af)) != NULL) { switch (af) { #ifdef INET case AF_INET: @@ -2861,9 +2861,10 @@ pf_test_state_tcp(struct pf_state **state, int direction, struct ifnet *ifp, (th->th_flags & (TH_ACK|TH_RST)) == (TH_ACK|TH_RST)) || /* broken tcp stacks do not set ack */ (dst->state < TCPS_SYN_SENT)) { - /* Many stacks (ours included) will set the ACK number in an - * FIN|ACK if the SYN times out -- no sequence to ACK. - */ + /* + * Many stacks (ours included) will set the ACK number in an + * FIN|ACK if the SYN times out -- no sequence to ACK. + */ ack = dst->seqlo; } diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c index 5558543adf6..dcd04a26062 100644 --- a/sys/net/pf_norm.c +++ b/sys/net/pf_norm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_norm.c,v 1.46 2003/01/01 16:07:45 henning Exp $ */ +/* $OpenBSD: pf_norm.c,v 1.47 2003/01/03 19:31:43 deraadt Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> @@ -826,7 +826,7 @@ pf_normalize_ip(struct mbuf **m0, int dir, struct ifnet *ifp, u_short *reason) if (r == NULL) return (PF_PASS); else - r->packets++; + r->packets++; /* Check for illegal packets */ if (hlen < (int)sizeof(struct ip)) @@ -1041,7 +1041,7 @@ pf_normalize_tcp(int dir, struct ifnet *ifp, struct mbuf *m, int ipoff, if (rm == NULL) return (PF_PASS); else - r->packets++; + r->packets++; flags = th->th_flags; if (flags & TH_SYN) { diff --git a/sys/net/pf_table.c b/sys/net/pf_table.c index 05fcdf487fa..106eb7a8885 100644 --- a/sys/net/pf_table.c +++ b/sys/net/pf_table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_table.c,v 1.10 2003/01/03 10:39:09 cedric Exp $ */ +/* $OpenBSD: pf_table.c,v 1.11 2003/01/03 19:31:43 deraadt Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -244,7 +244,7 @@ pfr_del_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size, { struct pfr_ktable *kt; struct pfr_kentryworkq workq; - struct pfr_walktree w; + struct pfr_walktree w; struct pfr_kentry *p; struct pfr_addr ad; int i, rv, s, xdel = 0; @@ -275,7 +275,7 @@ pfr_del_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size, PFR_FB_DELETED); if (copyout(&ad, addr+i, sizeof(ad))) senderr(EFAULT); - } + } if (p != NULL) { if (p->pfrke_mark) continue; @@ -563,7 +563,7 @@ pfr_clr_astats(struct pfr_table *tbl, struct pfr_addr *addr, int size, PFR_FB_CLEARED : PFR_FB_NONE; if (copyout(&ad, addr+i, sizeof(ad))) senderr(EFAULT); - } + } if (p != NULL) { SLIST_INSERT_HEAD(&workq, p, pfrke_workq); xzero++; @@ -747,13 +747,13 @@ pfr_reset_feedback(struct pfr_addr *addr, int size) struct pfr_addr ad; int i; - for (i = 0; i < size; i++) { - if (copyin(addr+i, &ad, sizeof(ad))) - break; - ad.pfra_fback = PFR_FB_NONE; - if (copyout(&ad, addr+i, sizeof(ad))) + for (i = 0; i < size; i++) { + if (copyin(addr+i, &ad, sizeof(ad))) break; - } + ad.pfra_fback = PFR_FB_NONE; + if (copyout(&ad, addr+i, sizeof(ad))) + break; + } } void @@ -1120,7 +1120,7 @@ pfr_clr_tstats(struct pfr_table *tbl, int size, int *nzero, int flags) } if (nzero != NULL) *nzero = xzero; - return (0); + return (0); } int @@ -1261,9 +1261,9 @@ pfr_create_ktable(struct pfr_table *tbl, long tzero) SHA1Final(kt->pfrkt_hash.pfrh_sha1, &sha1); if (!rn_inithead((void **)&kt->pfrkt_ip4, - 8 * offsetof(struct sockaddr_in, sin_addr)) || + offsetof(struct sockaddr_in, sin_addr) * 8) || !rn_inithead((void **)&kt->pfrkt_ip6, - 8 * offsetof(struct sockaddr_in6, sin6_addr))) { + offsetof(struct sockaddr_in6, sin6_addr) * 8)) { pfr_destroy_ktable(kt); return (NULL); } |