PSARC 2006/082 IP Filter Code Merge on ip_fil4.1.9

4912568 ipftest ipf ipfstat ipnat ippool need a non-name resolution flag
5040248 ipfs -W fails to save kernel state tables
5081834 syntax parser reports wrong error position and line number
5094575 keyword "netmask" is un-supported in ipnat.conf (4)
6181751 ipf parser fails on wrong subnet notations
6181773 ipf parser fails on wrong port ranges
6248745 ipnat drops packets if the IP header is not 32 bit aligned
6340621 RFE: IP Filter code merge on ip_fil4.1.9
6359805 ipf command incorrectly check options in rules and core dumps
6395837 ipnat tcpudp parsing is incomplete
6426469 IPFilter rejects IPv6 neighbour discovery packets
6447872 usr/src/common/ipf/ip_compat.h should not be CDDL

--HG--
rename : usr/src/common/ipf/bpf-ipf.h => usr/src/uts/common/inet/ipf/bpf-ipf.h
rename : usr/src/common/ipf/fil.c => usr/src/uts/common/inet/ipf/fil.c
rename : usr/src/common/ipf/ip_auth.c => usr/src/uts/common/inet/ipf/ip_auth.c
rename : usr/src/common/ipf/ip_fil_solaris.c => usr/src/uts/common/inet/ipf/ip_fil_solaris.c
rename : usr/src/common/ipf/ip_frag.c => usr/src/uts/common/inet/ipf/ip_frag.c
rename : usr/src/common/ipf/ip_htable.c => usr/src/uts/common/inet/ipf/ip_htable.c
rename : usr/src/common/ipf/ip_log.c => usr/src/uts/common/inet/ipf/ip_log.c
rename : usr/src/common/ipf/ip_lookup.c => usr/src/uts/common/inet/ipf/ip_lookup.c
rename : usr/src/common/ipf/ip_nat.c => usr/src/uts/common/inet/ipf/ip_nat.c
rename : usr/src/common/ipf/ip_pool.c => usr/src/uts/common/inet/ipf/ip_pool.c
rename : usr/src/common/ipf/ip_proxy.c => usr/src/uts/common/inet/ipf/ip_proxy.c
rename : usr/src/common/ipf/ip_state.c => usr/src/uts/common/inet/ipf/ip_state.c
rename : usr/src/common/ipf/ipf.h => usr/src/uts/common/inet/ipf/ipf.h
rename : usr/src/common/ipf/ipmon.h => usr/src/uts/common/inet/ipf/ipmon.h
rename : usr/src/common/ipf/ipt.h => usr/src/uts/common/inet/ipf/ipt.h
rename : usr/src/common/ipf/Makefile => usr/src/uts/common/inet/ipf/netinet/Makefile
rename : usr/src/common/ipf/ip_auth.h => usr/src/uts/common/inet/ipf/netinet/ip_auth.h
rename : usr/src/common/ipf/ip_compat.h => usr/src/uts/common/inet/ipf/netinet/ip_compat.h
rename : usr/src/common/ipf/ip_fil.h => usr/src/uts/common/inet/ipf/netinet/ip_fil.h
rename : usr/src/common/ipf/ip_frag.h => usr/src/uts/common/inet/ipf/netinet/ip_frag.h
rename : usr/src/common/ipf/ip_ftp_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_ftp_pxy.c
rename : usr/src/common/ipf/ip_h323_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_h323_pxy.c
rename : usr/src/common/ipf/ip_htable.h => usr/src/uts/common/inet/ipf/netinet/ip_htable.h
rename : usr/src/common/ipf/ip_ipsec_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_ipsec_pxy.c
rename : usr/src/common/ipf/ip_irc_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_irc_pxy.c
rename : usr/src/common/ipf/ip_lookup.h => usr/src/uts/common/inet/ipf/netinet/ip_lookup.h
rename : usr/src/common/ipf/ip_nat.h => usr/src/uts/common/inet/ipf/netinet/ip_nat.h
rename : usr/src/common/ipf/ip_netbios_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_netbios_pxy.c
rename : usr/src/common/ipf/ip_pool.h => usr/src/uts/common/inet/ipf/netinet/ip_pool.h
rename : usr/src/common/ipf/ip_proxy.h => usr/src/uts/common/inet/ipf/netinet/ip_proxy.h
rename : usr/src/common/ipf/ip_raudio_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_raudio_pxy.c
rename : usr/src/common/ipf/ip_rcmd_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_rcmd_pxy.c
rename : usr/src/common/ipf/ip_rpcb_pxy.c => usr/src/uts/common/inet/ipf/netinet/ip_rpcb_pxy.c
rename : usr/src/common/ipf/ip_state.h => usr/src/uts/common/inet/ipf/netinet/ip_state.h
rename : usr/src/common/ipf/ipl.h => usr/src/uts/common/inet/ipf/netinet/ipl.h
rename : usr/src/common/ipf/opts.h => usr/src/uts/common/inet/ipf/opts.h
rename : usr/src/common/ipf/radix.c => usr/src/uts/common/inet/ipf/radix.c
rename : usr/src/common/ipf/radix.h => usr/src/uts/common/inet/ipf/radix.h
rename : usr/src/common/ipf/solaris.c => usr/src/uts/common/inet/ipf/solaris.c
rename : usr/src/uts/common/inet/ipf/compat.h => usr/src/uts/common/inet/pfil/compat.h
rename : usr/src/uts/common/inet/ipf/misc.c => usr/src/uts/common/inet/pfil/misc.c
rename : usr/src/uts/common/inet/ipf/ndd.c => usr/src/uts/common/inet/pfil/ndd.c
rename : usr/src/uts/common/inet/ipf/os.h => usr/src/uts/common/inet/pfil/os.h
rename : usr/src/uts/common/inet/ipf/pfil.c => usr/src/uts/common/inet/pfil/pfil.c
rename : usr/src/uts/common/inet/ipf/pfil.conf => usr/src/uts/common/inet/pfil/pfil.conf
rename : usr/src/uts/common/inet/ipf/pfil.h => usr/src/uts/common/inet/pfil/pfil.h
rename : usr/src/common/ipf/pfild.h => usr/src/uts/common/inet/pfil/pfild.h
rename : usr/src/uts/common/inet/ipf/pfildrv.c => usr/src/uts/common/inet/pfil/pfildrv.c
rename : usr/src/uts/common/inet/ipf/pfilstream.c => usr/src/uts/common/inet/pfil/pfilstream.c
rename : usr/src/uts/common/inet/ipf/pkt.c => usr/src/uts/common/inet/pfil/pkt.c
rename : usr/src/uts/common/inet/ipf/qif.c => usr/src/uts/common/inet/pfil/qif.c
rename : usr/src/uts/common/inet/ipf/qif.h => usr/src/uts/common/inet/pfil/qif.h

1 files changed, 24 insertions, 15 deletions

diff --git a/usr/src/cmd/ipf/lib/common/load_hash.c b/usr/src/cmd/ipf/lib/common/load_hash.c
index a86052478e..e43ddf54a3 100644
--- a/usr/src/cmd/ipf/lib/common/load_hash.c
+++ b/usr/src/cmd/ipf/lib/common/load_hash.c
@@ -3,9 +3,9 @@
  *
  * See the IPFILTER.LICENCE file for details on licencing.
  *
- * $Id: load_hash.c,v 1.10 2003/04/26 04:55:11 darrenr Exp $
+ * $Id: load_hash.c,v 1.11.2.2 2005/02/01 02:44:05 darrenr Exp $
  *
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -14,13 +14,8 @@
 #include <fcntl.h>
 #include <sys/ioctl.h>
 #include "ipf.h"
-#if SOLARIS2 >= 10
-#include "ip_lookup.h"
-#include "ip_htable.h"
-#else
 #include "netinet/ip_lookup.h"
 #include "netinet/ip_htable.h"
-#endif
 
 static int hashfd = -1;
 
@@ -40,8 +35,6 @@ ioctlfunc_t iocfunc;
 		hashfd = open(IPLOOKUP_NAME, O_RDWR);
 	if ((hashfd == -1) && ((opts & OPT_DONOTHING) == 0))
 		return -1;
-	if (list == NULL)
-		return 0;
 
 	for (n = 0, a = list; a != NULL; a = a->ipe_next)
 		n++;
@@ -58,20 +51,29 @@ ioctlfunc_t iocfunc;
 	iph.iph_type = iphp->iph_type;
 	strncpy(iph.iph_name, iphp->iph_name, sizeof(iph.iph_name));
 	iph.iph_flags = iphp->iph_flags;
+	if (n <= 0)
+		n = 1;
 	if (iphp->iph_size == 0)
 		size = n * 2 - 1;
 	else
 		size = iphp->iph_size;
+	if ((list == NULL) && (size == 1)) {
+		fprintf(stderr,
+			"WARNING: empty hash table %s, recommend setting %s\n",
+			iphp->iph_name, "size to match expected use");
+	}
 	iph.iph_size = size;
 	iph.iph_seed = iphp->iph_seed;
 	iph.iph_table = NULL;
 	iph.iph_ref = 0;
 
-	if ((*iocfunc)(hashfd, SIOCLOOKUPADDTABLE, &op))
-		if ((opts & OPT_DONOTHING) == 0) {
-			perror("load_hash:SIOCLOOKUPADDTABLE");
-			return -1;
-		}
+	if ((opts & OPT_REMOVE) == 0) {
+		if ((*iocfunc)(hashfd, SIOCLOOKUPADDTABLE, &op))
+			if ((opts & OPT_DONOTHING) == 0) {
+				perror("load_hash:SIOCLOOKUPADDTABLE");
+				return -1;
+			}
+	}
 
 	strncpy(op.iplo_name, iph.iph_name, sizeof(op.iplo_name));
 	strncpy(iphp->iph_name, iph.iph_name, sizeof(op.iplo_name));
@@ -89,7 +91,7 @@ ioctlfunc_t iocfunc;
 			return -1;
 		}
 		iph.iph_table[0] = list;
-		printhash(&iph, bcopywrap, opts);
+		printhash(&iph, bcopywrap, iph.iph_name, opts);
 		free(iph.iph_table);
 
 		for (a = list; a != NULL; a = a->ipe_next) {
@@ -106,5 +108,12 @@ ioctlfunc_t iocfunc;
 	for (a = list; a != NULL; a = a->ipe_next)
 		load_hashnode(iphp->iph_unit, iph.iph_name, a, iocfunc);
 
+	if ((opts & OPT_REMOVE) != 0) {
+		if ((*iocfunc)(hashfd, SIOCLOOKUPDELTABLE, &op))
+			if ((opts & OPT_DONOTHING) == 0) {
+				perror("load_hash:SIOCLOOKUPDELTABLE");
+				return -1;
+			}
+	}
 	return 0;
 }