head	1.4;
access;
symbols
	RELEASE_5_2_1:1.3
	RELEASE_5_2_0:1.3
	RELEASE_4_9_0:1.1;
locks; strict;
comment	@# @;


1.4
date	2004.01.13.20.41.19;	author pav;	state dead;
branches;
next	1.3;

1.3
date	2003.11.25.14.08.02;	author bms;	state Exp;
branches;
next	1.2;

1.2
date	2003.09.28.13.27.06;	author edwin;	state dead;
branches;
next	1.1;

1.1
date	2003.06.26.16.20.13;	author foxfair;	state Exp;
branches;
next	;


desc
@@


1.4
log
@- Update to 2.02
  * Fix severe byte order related problem with "route-to" rules
    (much help from Joris Vandalon with testing here)
  * Make tcpdump's -w flag work for if_pfsync
  * Fix byte order and drop lock for icmp_error() calls.
    (note that it is necessary to allow icmp_error messages - from
    "block-policy return" - as FreeBSD does not know about pf's
    special tags, yet).

- update ALTQ-message to point to the new 5.2R-patchset from rofug.ro
  as well

PR:		ports/61318
Submitted by:	Max Laier <max@@love2party.net> (maintainer)
@
text
@--- freebsd_libpcap/savefile.c.orig	Fri Nov 21 14:35:34 2003
+++ freebsd_libpcap/savefile.c	Fri Nov 21 14:35:46 2003
@@@@ -178,6 +178,9 @@@@
 #define LINKTYPE_HDLC		112		/* NetBSD HDLC framing */
 #define LINKTYPE_IPFILTER	116		/* IP Filter capture files */
 #define LINKTYPE_PFLOG		117		/* OpenBSD DLT_PFLOG */
+#if defined(DLT_PFSYNC)
+#define LINKTYPE_PFSYNC		DLT_PFSYNC
+#endif
 
 static struct linktype_map {
 	int	dlt;
@@@@ -271,6 +274,10 @@@@
 	 *	defining DLT_* values that collide with those
 	 *	LINKTYPE_* values, either).
 	 */
+	{ DLT_PFLOG,		LINKTYPE_PFLOG },
+#if defined(DLT_PFSYNC)
+	{ DLT_PFSYNC,		LINKTYPE_PFSYNC },
+#endif
 	{ -1,			-1 }
 };
 
@


1.3
log
@Supersedes ports/59442 and previous hasty-fix, and fixes the following:
 - Build with __FreeBSD_version > 501114 (see bms commit)
 - Build with new route.h (no RTF_PRCLONING)
 - Don't use hardware assistance on framentation when DF is set.
 - Allow pftcpdump -w to be used with pfsync.

Found-by:	bento / Pyun YongHyeon
Submitted by:	Max Laier
PR:		ports/59548
@
text
@@


1.2
log
@Update port: security/pf - OpenBSD 3.4 pf

	Port update after API change in PFIL_HOOKS in -current and
	OpenBSD 3.4 Release.

PR:		 ports/57305
Submitted by:	Max Laier <max@@love2party.net>
@
text
@d1 9
a9 47
--- pfctl/pfctl.c	Sat Jun 21 17:29:45 2003
+++ pfctl/pfctl.c	Sat Jun 21 18:31:19 2003
@@@@ -46,6 +46,7 @@@@
 #include <err.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <inttypes.h>
 #include <limits.h>
 #include <netdb.h>
 #include <stdio.h>
@@@@ -565,8 +566,8 @@@@
 		    rule->qname, rule->qid, rule->pqname, rule->pqid);
 	}
 	if (opts & PF_OPT_VERBOSE)
-		printf("[ Evaluations: %-8llu  Packets: %-8llu  "
-			    "Bytes: %-10llu  States: %-6u]\n\n",
+		printf("[ Evaluations: %-8"PRIu64"  Packets: %-8"PRIu64"  "
+			    "Bytes: %-10"PRIu64"  States: %-6u]\n\n",
 			    rule->evaluations, rule->packets,
 			    rule->bytes, rule->states);
 }
@@@@ -630,7 +631,7 @@@@
 		case 1:
 			if (pr.rule.label[0]) {
 				printf("%s ", pr.rule.label);
-				printf("%llu %llu %llu\n",
+				printf("%"PRIu64" %"PRIu64" %"PRIu64"\n",
 				    pr.rule.evaluations, pr.rule.packets,
 				    pr.rule.bytes);
 			}
@@@@ -662,7 +663,7 @@@@
 		case 1:
 			if (pr.rule.label[0]) {
 				printf("%s ", pr.rule.label);
-				printf("%llu %llu %llu\n",
+				printf("%"PRIu64" %"PRIu64" %"PRIu64"\n",
 				    pr.rule.evaluations, pr.rule.packets,
 				    pr.rule.bytes);
 			}
--- pfctl/pfctl_parser.c	Sat Jun 21 17:29:45 2003
+++ pfctl/pfctl_parser.c	Sat Jun 21 18:32:00 2003
@@@@ -49,6 +49,7 @@@@
 #include <stdarg.h>
 #include <errno.h>
 #include <err.h>
+#include <inttypes.h>
 #include <ifaddrs.h>
d11 12
a22 51
 #if defined(__FreeBSD__)
@@@@ -503,29 +504,29 @@@@
 	if (s->ifname[0] != 0) {
 		printf("Interface Stats for %-16s %5s %16s\n",
 		    s->ifname, "IPv4", "IPv6");
-		printf("  %-25s %14llu %16llu\n", "Bytes In",
+		printf("  %-25s %14"PRIu64" %16"PRIu64"\n", "Bytes In",
 		    s->bcounters[0][0], s->bcounters[1][0]);
-		printf("  %-25s %14llu %16llu\n", "Bytes Out",
+		printf("  %-25s %14"PRIu64" %16"PRIu64"\n", "Bytes Out",
 		    s->bcounters[0][1], s->bcounters[1][1]);
 		printf("  Packets In\n");
-		printf("    %-23s %14llu %16llu\n", "Passed",
+		printf("    %-23s %14"PRIu64" %16"PRIu64"\n", "Passed",
 		    s->pcounters[0][0][PF_PASS],
 		    s->pcounters[1][0][PF_PASS]);
-		printf("    %-23s %14llu %16llu\n", "Blocked",
+		printf("    %-23s %14"PRIu64" %16"PRIu64"\n", "Blocked",
 		    s->pcounters[0][0][PF_DROP],
 		    s->pcounters[1][0][PF_DROP]);
 		printf("  Packets Out\n");
-		printf("    %-23s %14llu %16llu\n", "Passed",
+		printf("    %-23s %14"PRIu64" %16"PRIu64"\n", "Passed",
 		    s->pcounters[0][1][PF_PASS],
 		    s->pcounters[1][1][PF_PASS]);
-		printf("    %-23s %14llu %16llu\n\n", "Blocked",
+		printf("    %-23s %14"PRIu64" %16"PRIu64"\n\n", "Blocked",
 		    s->pcounters[0][1][PF_DROP],
 		    s->pcounters[1][1][PF_DROP]);
 	}
 	printf("%-27s %14s %16s\n", "State Table", "Total", "Rate");
 	printf("  %-25s %14u %14s\n", "current entries", s->states, "");
 	for (i = 0; i < FCNT_MAX; i++) {
-		printf("  %-25s %14lld ", pf_fcounters[i],
+		printf("  %-25s %14"PRId64" ", pf_fcounters[i],
 			    s->fcounters[i]);
 		if (runtime > 0)
 			printf("%14.1f/s\n",
@@@@ -535,7 +536,7 @@@@
 	}
 	printf("Counters\n");
 	for (i = 0; i < PFRES_MAX; i++) {
-		printf("  %-25s %14lld ", pf_reasons[i],
+		printf("  %-25s %14"PRId64" ", pf_reasons[i],
 		    s->counters[i]);
 		if (runtime > 0)
 			printf("%14.1f/s\n",
--- pfctl/pfctl_qstats.c	Sat Jun 21 17:29:45 2003
+++ pfctl/pfctl_qstats.c	Sat Jun 21 18:32:19 2003
@@@@ -40,6 +40,7 @@@@
 #include <arpa/inet.h>
a23 61
 #include <err.h>
+#include <inttypes.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@@@ -280,8 +281,8 @@@@
 {
 	double	interval;
 
-	printf("[ pkts: %10llu  bytes: %10llu  "
-	    "dropped pkts: %6llu bytes: %6llu ]\n",
+	printf("[ pkts: %10"PRIu64"  bytes: %10"PRIu64"  "
+	    "dropped pkts: %6"PRIu64" bytes: %6"PRIu64" ]\n",
 	    cur.data.cbq_stats.xmit_cnt.packets,
 	    cur.data.cbq_stats.xmit_cnt.bytes,
 	    cur.data.cbq_stats.drop_cnt.packets,
@@@@ -306,8 +307,8 @@@@
 {
 	double	interval;
 
-	printf("[ pkts: %10llu  bytes: %10llu  "
-	    "dropped pkts: %6llu bytes: %6llu ]\n",
+	printf("[ pkts: %10"PRIu64"  bytes: %10"PRIu64"  "
+	    "dropped pkts: %6"PRIu64" bytes: %6"PRIu64" ]\n",
 	    cur.data.priq_stats.xmitcnt.packets,
 	    cur.data.priq_stats.xmitcnt.bytes,
 	    cur.data.priq_stats.dropcnt.packets,
--- pfctl/pfctl_table.c	Sat Jun 21 17:29:45 2003
+++ pfctl/pfctl_table.c	Sat Jun 21 18:32:36 2003
@@@@ -42,6 +42,7 @@@@
 #include <ctype.h>
 #include <err.h>
 #include <errno.h>
+#include <inttypes.h>
 #include <netdb.h>
 #include <stdarg.h>
 #include <stdio.h>
@@@@ -363,11 +364,11 @@@@
 	printf("\tAddresses:   %d\n", ts->pfrts_cnt);
 	printf("\tReferences:  %d\n", ts->pfrts_refcnt);
 	printf("\tCleared:     %s", ctime(&time));
-	printf("\tEvaluations: [ NoMatch: %-18llu Match: %-18llu ]\n",
+	printf("\tEvaluations: [ NoMatch: %-18"PRIu64" Match: %-18"PRIu64" ]\n",
 	    ts->pfrts_nomatch, ts->pfrts_match);
 	for (dir = 0; dir < PFR_DIR_MAX; dir++)
 		for (op = 0; op < PFR_OP_TABLE_MAX; op++)
-			printf("\t%-12s [ Packets: %-18llu Bytes: %-18llu ]\n",
+			printf("\t%-12s [ Packets: %-18"PRIu64" Bytes: %-18"PRIu64" ]\n",
 			    stats_text[dir][op],
 			    ts->pfrts_packets[dir][op],
 			    ts->pfrts_bytes[dir][op]);
@@@@ -541,7 +542,7 @@@@
 	printf("\tCleared:     %s", ctime(&time));
 	for (dir = 0; dir < PFR_DIR_MAX; dir++)
 		for (op = 0; op < PFR_OP_ADDR_MAX; op++)
-			printf("\t%-12s [ Packets: %-18llu Bytes: %-18llu ]\n",
+			printf("\t%-12s [ Packets: %-18"PRIu64" Bytes: %-18"PRIu64" ]\n",
 			    stats_text[dir][op],
 			    as->pfras_packets[dir][op],
 			    as->pfras_bytes[dir][op]);

@


1.1
log
@Approved by:	maintainer
Reformat pkg-install & pkg-message, and add 64-bit platform fix.
Note: pf now register its user as proxy:proxy which uid/gid is 62:62.
@
text
@@

