| History log of /src/sys/external/bsd/ipf/netinet/fil.c |
| Revision | | Date | Author | Comments |
| 1.37 |
| 24-Jun-2023 |
msaitoh | Fix typo in comment.
|
| 1.36 |
| 03-Feb-2023 |
christos | Fix use after free on packet with broken lengths
Under the scenario with a packet with length of 67 bytes, a header length
using the default of 20 bytes and a TCP data offset (th_off) of 48 will
cause m_pullup() to fail to make sure bytes are arranged contiguously.
m_pullup() will free the mbuf chain and return a null. ipfilter stores
the resultant mbuf address (or the resulting NULL) in its fr_info_t
structure. Unfortunately the erroneous packet is not flagged for drop.
From FreeBSD via CY Schubert; originally reported by: Robert Morris
<rtm at lcs.mit.edu>
|
| 1.35 |
| 05-Dec-2021 |
msaitoh | s/recusive/recursive/ in comment.
|
| 1.34 |
| 05-Dec-2021 |
msaitoh | s/imples/implies/ in comment.
|
| 1.33 |
| 09-Apr-2020 |
christos | PR/55149: Kouichi Hashikawa: Get morefrag before we strip it out from off
|
| 1.32 |
| 05-Apr-2020 |
christos | branches: 1.32.2;
PR/55137: Kouichi Hashikawa: ipfstat -f incorrect output
Fix incorrect byte order.
|
| 1.31 |
| 30-Sep-2019 |
bouyer | Fix 2 bugs, reported by Edgar Fu� on tech-net@
- pfil_run_hooks() can be called recursively, so we have to
#define FASTROUTE_RECURSION in fil.c
- ip6_if_output()/nd6_output() will free the mbuf on error, to make sure
to set *mpp to NULL so the caller won't try to free it again.
|
| 1.30 |
| 08-Aug-2019 |
christos | PR/54443: Edgar Fu�: ip mistakenly regards UDP packet with checksum field
0xffff as bad
|
| 1.29 |
| 28-Jun-2019 |
christos | branches: 1.29.2;
Revert previous and do the off == 1 case after we've taken the mask.
|
| 1.28 |
| 26-Jun-2019 |
christos | Conform to RFC 3128 by dropping TCP fragments with offset = 1.
In addition to dropping these fragments, add a DTrace probe to allow
for more detailed monitoring and diagnosis if required.
From FreeBSD r349399, reported vy Cy Schubert
|
| 1.27 |
| 26-Jun-2019 |
christos | Remove fd_local, it is not used, from FreeBSD r349401, reported by Cy Schubert
|
| 1.26 |
| 26-Jun-2019 |
christos | Remove redundant off != 0 check, from FreeBSD r349400, reported by Cy Schubert
|
| 1.25 |
| 04-Feb-2019 |
mrg | add fallthru comments.
|
| 1.24 |
| 11-Jul-2018 |
maxv | Rename
ip_undefer_csum -> in_undefer_cksum
in_delayed_cksum -> in_undefer_cksum_tcpudp
The two previous names were inconsistent and misleading.
Put the two functions into in_offload.c. Add comments to explain what
we're doing.
The same could be done for IPv6.
|
| 1.23 |
| 03-Jun-2018 |
maxv | branches: 1.23.2;
Constify a bunch of global varialbes under ipf/ so that they land in
.rodata (3472 bytes).
Also, remove ipf_tuneables[], unused.
|
| 1.22 |
| 04-Feb-2018 |
mrg | branches: 1.22.2;
apply __attribute__((__used__)) for rcsid, etc.
|
| 1.21 |
| 05-Sep-2017 |
christos | Revert changing the byte order of fi->fi_addr. It is already correct. From
Timo Buhrmester
XXX: pullup 8.
|
| 1.20 |
| 23-Apr-2017 |
christos | branches: 1.20.4;
Disconnect maintaining fragment state from keeping session state. The user
now must specify keep frags along with keep state to have ipfilter do what
it did before, as documented in ipf.conf.5. (Cy Schubert @ FreeBSD)
|
| 1.19 |
| 05-Aug-2016 |
christos | partial sync with FreeBSD
|
| 1.18 |
| 04-Apr-2016 |
christos | branches: 1.18.2;
We don't need this in /current because packet processing does not happen in
an interrupt anymore (pointed out by ozaki@)
|
| 1.17 |
| 03-Apr-2016 |
christos | Comment out the mutex calls that protect against concurrent configuration
changes and processing. This needs to be done differently since you can't
sleep during interrupt processing.
|
| 1.16 |
| 02-Apr-2015 |
khorben | Fix for PR kern/48109 (and its duplicate kern/49807)
As provided by Takahiro HAYASHI in PR kern/48109. Additional error
registration in ipf(8) by myself. Changes tested with GENERIC and
XEN3_DOM0. Thanks!
XXX pull-up netbsd-7
|
| 1.15 |
| 16-Jun-2014 |
christos | branches: 1.15.2; 1.15.4;
Darren Reed: #550 filter rule list corrupted with inserted rules
|
| 1.14 |
| 20-Mar-2014 |
christos | branches: 1.14.2;
kill sprintf
|
| 1.13 |
| 27-Nov-2013 |
christos | CID 976267: NULL deref check
|
| 1.12 |
| 18-Sep-2013 |
rmind | Add bpf_filter_ext() to use with BPF COP, restore bpf_filter() as it was
originally to preserve compatibility. Similarly, add bpf_validate_ext()
which takes bpf_ctx_t.
|
| 1.11 |
| 12-Sep-2013 |
martin | Remove unused variable
|
| 1.10 |
| 30-Aug-2013 |
rmind | bpf_filter: add a custom argument which can be passed to coprocessor routine.
|
| 1.9 |
| 29-Aug-2013 |
rmind | Implement BPF_COP/BPF_COPX instructions in the misc category (BPF_MISC)
which add a capability to call external functions in a predetermined way.
It can be thought as a BPF "coprocessor" -- a generic mechanism to offload
more complex packet inspection operations. There is no default coprocessor
and this functionality is not targeted to the /dev/bpf. This is primarily
targeted to the kernel subsystems, therefore there is no way to set a custom
coprocessor at the userlevel.
Discussed on: tech-net@
OK: core@
|
| 1.8 |
| 09-Jan-2013 |
christos | branches: 1.8.2;
Back out my last change, which was a partial fix for hash code computation problems.
Apply Darren's more complete reworking of hash code computation.
Ensure that the struct containing the red-black tree head is properly initialized.
From Geoff Adams
|
| 1.7 |
| 20-Dec-2012 |
christos | - Replace the seemingly broken built-in ipf rbtree implementation with ours.
- Fix typos in comments
- Fix 2 mutex errors
From Geoff Adams
|
| 1.6 |
| 09-Oct-2012 |
christos | remove wrong ntohl (from Aran Clauson)
|
| 1.5 |
| 22-Jul-2012 |
darrenr | branches: 1.5.2;
ansify new function definition
|
| 1.4 |
| 22-Jul-2012 |
darrenr | ansify new functio definitions
|
| 1.3 |
| 22-Jul-2012 |
darrenr | Merge IPFilter 5.1.2 into HEAD
|
| 1.2 |
| 23-Mar-2012 |
christos | branches: 1.2.2; 1.2.4;
apply our changes.
- prototypes
- ip_h323_pxy.c is missing from the distribution
- original tar distribution is missing <$>Id values in most files
|
| 1.1 |
| 23-Mar-2012 |
christos | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 |
| 22-Jul-2012 |
darrenr | Import IPFilter 5.1.2
|
| 1.1.1.1 |
| 23-Mar-2012 |
christos | import kernel portion of ipfilter 5.1.1
|
| 1.2.4.5 |
| 22-May-2014 |
yamt | sync with head.
for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
|
| 1.2.4.4 |
| 23-Jan-2013 |
yamt | sync with head
|
| 1.2.4.3 |
| 30-Oct-2012 |
yamt | sync with head
|
| 1.2.4.2 |
| 17-Apr-2012 |
yamt | sync with head
|
| 1.2.4.1 |
| 23-Mar-2012 |
yamt | file fil.c was added on branch yamt-pagecache on 2012-04-17 00:08:15 +0000
|
| 1.2.2.2 |
| 17-Apr-2012 |
joerg | Re-add new ipf on the jmcneill-usbmp branch.
|
| 1.2.2.1 |
| 23-Mar-2012 |
joerg | file fil.c was added on branch jmcneill-usbmp on 2012-04-17 19:25:17 +0000
|
| 1.5.2.4 |
| 03-Dec-2017 |
jdolecek | update from HEAD
|
| 1.5.2.3 |
| 20-Aug-2014 |
tls | Rebase to HEAD as of a few days ago.
|
| 1.5.2.2 |
| 25-Feb-2013 |
tls | resync with head
|
| 1.5.2.1 |
| 20-Nov-2012 |
tls | Resync to 2012-11-19 00:00:00 UTC
|
| 1.8.2.1 |
| 18-May-2014 |
rmind | sync with head
|
| 1.14.2.1 |
| 10-Aug-2014 |
tls | Rebase.
|
| 1.15.4.3 |
| 28-Aug-2017 |
skrll | Sync with HEAD
|
| 1.15.4.2 |
| 05-Oct-2016 |
skrll | Sync with HEAD
|
| 1.15.4.1 |
| 06-Apr-2015 |
skrll | Sync with HEAD
|
| 1.15.2.4 |
| 09-Aug-2019 |
martin | Pull up following revision(s) (requested by christos in ticket #1701):
sys/external/bsd/ipf/netinet/fil.c: revision 1.30
PR/54443: Edgar Fu�: ipf mistakenly regards UDP packet with checksum field
0xffff as bad
|
| 1.15.2.3 |
| 29-Jun-2017 |
sborrill | Pull up the following revisions(s) (requested by christos in ticket #1412):
sys/external/bsd/ipf/netinet/fil.c: revision 1.20
sys/external/bsd/ipf/netinet/ip_state.c: revision 1.7
sys/external/bsd/ipf/netinet/ip_frag.c: revision 1.5
Disconnect maintaining fragment state from keeping session state. The user
now must specify keep frags along with keep state to have ipfilter do what
it did before, as documented in ipf.conf.5.
Free the right fragment. This will cause use after free issues and eventually
panic.
|
| 1.15.2.2 |
| 29-Apr-2016 |
snj | branches: 1.15.2.2.4;
Pull up following revision(s) (requested by christos in ticket #1152):
sys/external/bsd/ipf/netinet/fil.c: revision 1.17
Comment out the mutex calls that protect against concurrent configuration
changes and processing. This needs to be done differently since you can't
sleep during interrupt processing.
|
| 1.15.2.1 |
| 10-Apr-2015 |
snj | branches: 1.15.2.1.2;
Pull up following revision(s) (requested by khorben in ticket #671):
external/bsd/ipf/dist/lib/interror.c: revision 1.4
sys/external/bsd/ipf/netinet/fil.c: revision 1.16
Fix for PR kern/48109 (and its duplicate kern/49807)
As provided by Takahiro HAYASHI in PR kern/48109. Additional error
registration in ipf(8) by myself. Changes tested with GENERIC and
XEN3_DOM0. Thanks!
|
| 1.15.2.2.4.1 |
| 12-Jul-2017 |
sborrill | Pull up the following revisions(s) (requested by christos in ticket #1412):
sys/external/bsd/ipf/netinet/fil.c: revision 1.20
sys/external/bsd/ipf/netinet/ip_state.c: revision 1.7
sys/external/bsd/ipf/netinet/ip_frag.c: revision 1.5
Disconnect maintaining fragment state from keeping session state. The user
now must specify keep frags along with keep state to have ipfilter do what
it did before, as documented in ipf.conf.5.
Free the right fragment. This will cause use after free issues and eventually
panic.
|
| 1.15.2.1.2.1 |
| 25-Aug-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1412):
sys/external/bsd/ipf/netinet/fil.c: revision 1.20
sys/external/bsd/ipf/netinet/ip_frag.c: revision 1.5
sys/external/bsd/ipf/netinet/ip_state.c: revision 1.7
Disconnect maintaining fragment state from keeping session state. The user
now must specify keep frags along with keep state to have ipfilter do what
it did before, as documented in ipf.conf.5. (Cy Schubert @ FreeBSD)
--
Free the right fragment (Cy Schubert @ FreeBSD). This will cause use after free
issues and eventually panic.
|
| 1.18.2.2 |
| 26-Apr-2017 |
pgoyette | Sync with HEAD
|
| 1.18.2.1 |
| 06-Aug-2016 |
pgoyette | Sync with HEAD
|
| 1.20.4.4 |
| 04-Oct-2019 |
martin | Pull up following revision(s) (requested by bouyer in ticket #1399):
sys/external/bsd/ipf/netinet/fil.c: revision 1.31
sys/external/bsd/ipf/netinet/ip_fil_netbsd.c: revision 1.32
sys/external/bsd/ipf/netinet/ip_fil_netbsd.c: revision 1.33
Fix 2 bugs, reported by Edgar Fuss on tech-net@
- pfil_run_hooks() can be called recursively, so we have to
#define FASTROUTE_RECURSION in fil.c
- ip6_if_output()/nd6_output() will free the mbuf on error, to make sure
to set *mpp to NULL so the caller won't try to free it again.
fix double space in comment
|
| 1.20.4.3 |
| 09-Aug-2019 |
martin | Pull up following revision(s) (requested by christos in ticket #1331):
sys/external/bsd/ipf/netinet/fil.c: revision 1.30
PR/54443: Edgar Fu�: ipf mistakenly regards UDP packet with checksum field
0xffff as bad
|
| 1.20.4.2 |
| 26-Dec-2018 |
martin | Pull up the following, requested by sevan in ticket #1144:
sys/external/bsd/ipf/netinet/fil.c 1.22
accidently commited to HEAD by mrg with a very misleading log message and
a bunch of unrelated changes - but really:
fix missing braces around a block (detected by newer gcc's indentation
checks).
|
| 1.20.4.1 |
| 23-Sep-2017 |
snj | Pull up following revision(s) (requested by christos in ticket #283):
sys/external/bsd/ipf/netinet/fil.c: revision 1.21
Revert changing the byte order of fi->fi_addr. It is already correct. From
Timo Buhrmester
|
| 1.22.2.2 |
| 28-Jul-2018 |
pgoyette | Sync with HEAD
|
| 1.22.2.1 |
| 25-Jun-2018 |
pgoyette | Sync with HEAD
|
| 1.23.2.3 |
| 13-Apr-2020 |
martin | Mostly merge changes from HEAD upto 20200411
|
| 1.23.2.2 |
| 08-Apr-2020 |
martin | Merge changes from current as of 20200406
|
| 1.23.2.1 |
| 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.29.2.3 |
| 12-Apr-2020 |
martin | Pull up following revision(s) (requested by christos in ticket #827):
sys/external/bsd/ipf/netinet/fil.c: revision 1.32
sys/external/bsd/ipf/netinet/fil.c: revision 1.33
sys/external/bsd/ipf/netinet/ip_frag.c: revision 1.8
PR/55137: Kouichi Hashikawa: ipfstat -f incorrect output
Fix incorrect byte order.
PR/55137: Kouichi Hashikawa: ipfstat -f incorrect output
- make sure frag is initialized to 0
- initialize ipfr_p field
PR/55149: Kouichi Hashikawa: Get morefrag before we strip it out from off
|
| 1.29.2.2 |
| 03-Oct-2019 |
martin | Pull up following revision(s) (requested by bouyer in ticket #274):
sys/external/bsd/ipf/netinet/fil.c: revision 1.31
sys/external/bsd/ipf/netinet/ip_fil_netbsd.c: revision 1.32
sys/external/bsd/ipf/netinet/ip_fil_netbsd.c: revision 1.33
Fix 2 bugs, reported by Edgar Fuss on tech-net@
- pfil_run_hooks() can be called recursively, so we have to
#define FASTROUTE_RECURSION in fil.c
- ip6_if_output()/nd6_output() will free the mbuf on error, to make sure
to set *mpp to NULL so the caller won't try to free it again.
fix double space in comment
|
| 1.29.2.1 |
| 09-Aug-2019 |
martin | Pull up following revision(s) (requested by christos in ticket #40):
sys/external/bsd/ipf/netinet/fil.c: revision 1.30
PR/54443: Edgar Fu�: ipf mistakenly regards UDP packet with checksum field
0xffff as bad
|
| 1.32.2.1 |
| 20-Apr-2020 |
bouyer | Sync with HEAD
|
